• IBM i PTF Guide, Volume 25, Number 45

  November 6, 2023 Doug Bidwell

  What is new this week, you ask? Well, in IBM i PTF Land, there is a PTF patch for IBM i 7.2 – yeah, you heard that right – that was released on Halloween day and that addresses a security vulnerability that was made public on October 6 (CVE-2023-40377) relating to IBM Backup, Recovery & Media Services for i. Because of this flaw, the IBM i stack is vulnerable to a local privilege escalation, which is not a good thing.

  The security vulnerability patch is being made available even though IBM i 7.2 was taken off regular Software Maintenance on …

  Read more

• Spooky New Security Vulns Lurking on IBM i

  November 1, 2023 Alex Woodie

  Halloween has come and gone, but the scares will stick around for a while for IBM i administrators, who have been given more than a dozen fixes by IBM to address some pretty serious security vulnerabilities recently revealed in the heart of the operating system, including in spooky old friends Java and OpenSSL.

  On October 27, IBM issued a security bulletin for two CVEs, including CVE-2023-40685 and CVE-2023-40686, which describe two separate but related security flaws in the Management Central component of IBM i Navigator in IBM i versions 7.2 through 7.5.

  The first privilege escalation vulnerability, CVE-2023-40685, could …

  Read more

• IBM i PTF Guide, Volume 25, Number 44

  October 30, 2023 Doug Bidwell

  Last week was busy, and this week is quiet when it comes to PTFs. With the release of Technology Refreshes coming out starting to roll out next week, this stands to reason.

  Now, a note about the ESS Outage. Due to extensive infrastructure upgrades, the ESS website and all of its components, including Base Composer and Cloud Management Console functions, will be fully unavailable from November 3, 2023, at 11 a.m. UTC until November 6, 2023, at 3 a.m. UTC.

  Now, there is also a security vulnerability, which you can read about in Security Bulletin: IBM i is vulnerable to …

  Read more

• IBM i PTF Guide, Volume 25, Number 43

  October 23, 2023 Doug Bidwell

  Busy, busy, busy. That is what the good people at IBM Rochester have been in the past week, with a slew of PTFs for the currently supported releases – that is IBM i 7.5 and IBM i 7.4 that are on standard support and IBM i 7.3 that just went into extended support at the end of September, a trio of security vulnerabilities in the IBM i stack, and two group PTFs for the IBM i 7.2 release that is supposed to be kaput.

  Let’s start with the security vulnerabilities.

  First, we have Security Bulletin: IBM i is vulnerable to …

  Read more

• IBM i PTF Guide, Volume 25, Number 42

  October 16, 2023 Doug Bidwell

  Welcome back to work this week. IBM i 7.2 has two new PTF groups even though it has been in extended support from Big Blue since April 30, 2021. The IBM i 7.2 release is still on extended support until April 30, 2024, which is why the security and HIPER group PTFs have been updated for this release. Specifically, that is:

  • SF99718 720 Group Security – level 124, which you can find out more about here.
  • SF99719 720 Group HIPER – level 235, which you can find out more about there.

  As we reported last week in The …

  Read more

• IBM i PTF Guide, Volume 25, Number 41

  October 9, 2023 Doug Bidwell

  Here is something interesting. There is a new cume for IBM i 7.3, just after it goes out of standard support and is now on extended support. For years, we have been after IBM to put a cume out when it stops supporting a release, kind of a summation at end of life. This is the first time Big Blue has managed to do that.

  It is likely a coincidence, but it should have always been policy. It is difficult to round up docs and PTFs for an end of life product two years after the fact. Having a stake …

  Read more

• IBM i PTF Guide, Volume 25, Number 40

  October 2, 2023 Doug Bidwell

  In case you have been sleeping under a rock, or under an apple tree, or under a bridge, the IBM i 7.3 operating system release reached its end of standard support this Saturday on September 30. So now if you plan to keep IBM i 7.3 in production, you have to pay for an extended support Software Maintenance contract with Big Blue. You also have to do the math on whether it is worth it to hang back or to move to IBM i 7.5, which has been generally available since May 2022.

  Here is the rundown of PTF Groups …

  Read more

• IBM i PTF Guide, Volume 25, Number 39

  September 25, 2023 Doug Bidwell

  This is not new news, but recurring news. IBM has once again pushed the implementation date of an IP change for tech support out a couple of times, and, here it is again. IBM’s notice:

  “Due to technical issues, the September 19/20 change has been postponed. Additional guidance will be provided by October 6, 2023. For those that have adjusted their firewall configuration, please do not remove the new entries until we provide further guidance. Preparing customer firewalls and proxies for the upcoming infrastructure changes – Call Home, Electronic Fix Distribution.”

  You can find out more about this issue, which …

  Read more

• IBM i PTF Guide, Volume 25, Number 38

  September 20, 2023 Doug Bidwell

  This episode of the IBM i PTF Guide is being put together in honor of that venerable rodeo clown and comedic actor, Louis Burton Lindley, Jr., better known to all of us as Slim Pickens. Because after a bunch of security vulnerabilities were covered in the prior issue that came out on Monday, we are now all caught up after the holiday and there is not a huge amount going on.

  But there is always something you need to watch out for. So read on.

  Here is the rundown of PTF Groups by IBM i release level since we last …

  Read more

• IBM i PTF Guide, Volume 25, Number 37

  September 18, 2023 Doug Bidwell

  There are a few things you can count on in life. Death. Taxes. Coffee. Beer. The love of a good woman. And a seemingly endless barrage of security vulnerabilities for every computing platform on Earth. There are a bunch of the latter that are new to the IBM i platform this week.

  First, we have Security Bulletin: OpenSSL and OpenSSH for IBM i are vulnerable to arbitrary code execution, denial of service, and security restrictions bypass due to multiple vulnerabilities, which you can find out more about at this link. The IBM i PTF number for 5733-SC1 contains the …

  Read more

Previous Articles Next Articles