IBM i PTF Guide Archives - Page 9 of 25

IBM i PTF Guide, Volume 25, Number 31

July 31, 2023 Doug Bidwell

Here’s something to look out for: D-mode IPL from tape fails with system reference code B6005121 on IBM i, which you can read more about at this link. Here’s the deal. When the PTF for MA50161 is PERM applied and the PTF for MA50018 is not PERM applied, and a SAVSYS is taken, a D-mode IPL from that tape will fail with the B6005121, which is an operating system task during the IBM i boot process.

Also, this week we wanted to remind you that software-related issues cannot be automatically uploaded to IBM technical support using the WRKPRB feature …
Read more
IBM i PTF Guide, Volume 25, Number 30

July 24, 2023 Doug Bidwell

The security vulnerabilities in the IBM i software stack are coming in waves. This week, there are three more to report, two of which we detail separately in this issue.

First, we have Security Bulletin: IBM Facsimile Support for i is vulnerable to local privilege escalation (CVE-2023-30988), which you can find out more about here. The issue can be fixed by applying a PTF to IBM i. IBM i releases 7.5, 7.4, 7.3, and 7.2 installed with 5798-FAX version V5R8M0 will be fixed. IBM i Release, 5798-FAX,V5R8M0 PTF Number SI83583 for 7.5, 7.4, 7.3, 7.2 – read the cover …
Read more
IBM i PTF Guide, Volume 25, Number 28

July 12, 2023 Doug Bidwell

It is still pretty quiet out there in when it comes to PTFs for the IBM i platform, excepting two important security vulnerabilities, one of which we reported on in Monday’s issue of The Four Hundred.

To reiterate, first we have Security Bulletin: IBM i is vulnerable to an attacker executing CL commands due to an exploitation of DDM architecture (CVE-2023-30990), which you can find out more about here. The IBM i PTF numbers for IBM i 5770-SS1 Base Operating System contain the fix for the vulnerability, as follows:
```
IBM i Release	PTF Number
7.5	SI83472	
7.4	SI83473	
```
…
Read more
IBM i PTF Guide, Volume 25, Number 26

June 26, 2023 Doug Bidwell

In this week’s edition of the IBM i PTF Guide, I have added a Ref tab, which contains general, pertinent information not found elsewhere in the Guide. I also wanted to point out that with a PTF for Advanced Job Scheduler server side, which is SI83469 and which is included in HTTP group PTF update June 2023, AJS will support processing of Set ASP Group when enabled. Finally, IASP support built in!

Here is the rundown of PTF Groups by IBM i release level since we last published:

PTF Groups 7.5:
- Backup Recovery Solutions
- IBM HTTP Server for
…
Read more
IBM i PTF Guide, Volume 25, Number 25

June 19, 2023 Doug Bidwell

Happy 35^th birthday to the AS/400! We hope that you take a moment and commemorate this wonderful platform that has given us so much over the years, and that we all have given so much to.

It is one of those mercifully quiet weeks, so enjoy.

The news this week is that Navigator will now use Java 17 if available (on 7.4 and 7.5). Install Java 11 or Java 17 and latest Java group PTF to run Navigator with these versions of Java. Details on Java at: https://www.ibm.com/support/pages/node/6437873

Here is the rundown of PTF Groups by IBM i release …
Read more
IBM i PTF Guide, Volume 25, Number 24

June 12, 2023 Doug Bidwell

It is one of those quiet weeks in PTF Land, which probably means next week or the week after won’t be if history is any guide. This week, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2023 CPU. More information is available here. Below are the affected products and versions.
```
Affected Product(s)				Version(s)
IBM WebSphere Application Server		9.0
IBM WebSphere Application Server		8.5
IBM WebSphere Application Server Liberty	Continuous delivery
```
Here is the rundown of PTF Groups by IBM i release level since we …
Read more
IBM i PTF Guide, Volume 25, Number 23

June 7, 2023 Doug Bidwell

It’s a little more quiet in this issue of the IBM i PTF Guide than it was last time, which is a good thing and which ran on Monday. We will start off with two more security vulnerabilities, one with Rational Developer for i and the other for the WebSphere Application Server Liberty edition.

First, we have Security Bulletin: IBM Rational Developer for i is vulnerable to attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928), which you can find out more about here. Here are the affected releases:
```
Affected Product(s)				Version(s)
IBM 
```
…
Read more
IBM i PTF Guide, Volume 25, Number 22

June 5, 2023 Doug Bidwell

Welcome back after the Memorial Day holiday, and our thanks to all who have served and who currently serve.

There is a slew of security issues that you need to deal with on the IBM i platform. So let’s get to it.

First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to exposing sensitive information due to flaws and configurations (CVE-2023-30441), which you can find out more about here. The vulnerability can be fixed by applying the latest Java Group PTF. Releases 7.5, 7.4, 7.3, and 7.2 of IBM i will …
Read more
Update On Critical Security Vulnerability In PowerVM

May 24, 2023 Timothy Prickett Morgan

Earlier this week, we told you about a very serious security vulnerability in the PowerVM hypervisor when running on Power9 and Power10 systems. IBM found the vulnerability itself and immediately set about to patch the vulnerability, which it revealed on May 17 along with patches to firmware in systems that are managed by the Hardware Management Console, or HMC.

What was not necessarily apparent was that there are plenty of Power Systems customers who do not have HMCs managing their systems and the logical partitions upon them, and this is particularly true of the IBM i installed base, which …
Read more
IBM i PTF Guide, Volume 25, Number 21

May 22, 2023 Doug Bidwell

As we report elsewhere in this week’s edition of The Four Hundred, there is a critical security vulnerability in the PowerVM hypervisor when it is running on Power9 and Power10 systems.

This HIPER/Pervasive patch is described as fixing this: An internally discovered vulnerability in PowerVM on Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server.

The Common Vulnerability and Exposure …
Read more

Previous Articles Next Articles

Content archive

Recent Posts

Subscribe

Pages

Search