• IBM i PTF Guide, Volume 27, Number 7

  February 17, 2025 Doug Bidwell

  How secure you feeling today? Well, IBM i is generally pretty rock solid, but you have to stay on top of the security vulnerabilities. And there are two of them that are new this week.

  First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a partial denial of service and a JNI function returning incorrect value length due to multiple vulnerabilities. You can find out more about this issue at this link, and here are the patches for it:

  IBM i Release                         PTF Group

  7.5                                             SF99955 Level 13

  7.4                                             SF99665 …

  Read more

• IBM i PTF Guide, Volume 26, Number 41

  October 21, 2024 Doug Bidwell

  Don’t get hyper about HIPERs, but there are some issues you need to deal with if you have moved to IBM i 7.5. High Impact / Highly Pervasive (HIPER) Issue Potential undetected data loss can occur on LPARs using NPIV with certain Fibre Channel adapters. Potential undetected data loss can occur on LPARs using NPIV over Fibre Channel adapters with the following Feature Codes:  EN1E/EN1F, EN1G/EN1H, EN1J/EN1K, EN2L/EN2M, and EN2N/EN2P.

  You can read about this HIPER PTF at this link.

  Now, there are also two security vulnerabilities on this week’s To Do list.

  First, we have Security Bulletin: IBM …

  Read more

• IBM i PTF Guide, Volume 26, Number 32

  August 19, 2024 Doug Bidwell

  You knew that this was not going to last forever. We had a few weeks where there were not any security vulnerabilities in the IBM i stack, and now you have three you need to attend to this week. There are some patches for WebSphere middleware as well.

  Let’s start with the security issues.

  First, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to July 2024 CPU, which you can read all about here. The affected products include:

  Affected Product(s)					Version(s)
  IBM WebSphere Application Server			

  …

  Read more

• IBM i PTF Guide, Volume 26, Number 27

  July 15, 2024 Doug Bidwell

  Get your PTF patching fingers all cracked and stretched because you will be doing some typing this week. There are a three security issues you need to cope with and a slew of patches that run the gamut of subsystems on the platform. As usual, let’s start with the security vulnerabilities.

  First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a denial of service and bypassing security restrictions due to multiple vulnerabilities, which you can find out more about here. The patches for this issue, by IBM i release level, …

  Read more

• IBM i PTF Guide, Volume 26, Number 13

  April 8, 2024 Doug Bidwell

  Three is the magic number, as we all know. This week, there is another trio of vulnerabilities in parts of the IBM i software stack. And all three currently supported IBM i releases all have a slew of group patches as well. Let’s start with the vulnerabilities because these are always important to know about and deal with.

  First, we have Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting (CVE-2024-27270), which you can find out more about at this link. The affected products include IBM WebSphere Application Server Liberty, versions 23.0.0.3 through 24.0.0.3 – who …

  Read more

• IBM i PTF Guide, Volume 26, Number 8

  February 26, 2024 Doug Bidwell

  It is a rare week when there is not some sort of security bulletin that affects all of the major operating systems, and this week is not one of those rare weeks. There are three security vulnerabilities affecting the current IBM i releases as well as a group of security patches for the vintage IBM i 7.2 release. Let’s get started with the security vulnerabilities, as is our common practice.

  First, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to January 2024 CPU, which you can …

  Read more

• IBM i PTF Guide, Volume 26, Number 7

  February 19, 2024 Doug Bidwell

  Aside from two new security vulnerabilities, it has been a pretty quiet week in IBM i PTF Land. There are some updates for the current releases of IBM i – that would be IBM i 7.4 and IBM i 7.5 that are both on standard support and IBM i 7.3 that is on extended support – and of course there are some new defective PTFs that Big Blue needs to make you aware of, as often happens because all modern platforms are complex and all of them sometimes have patches that have unintended consequences.

  Let’s start with the security issues, …

  Read more

• IBM i PTF Guide, Volume 26, Number 6

  February 12, 2024 Doug Bidwell

  This week we have three new security vulnerabilities, but first we want to remind you that you need to prepare firewalls and proxies for the upcoming infrastructure changes for IBM Call Home, Electronic Fix Distribution. This is considered HIPER by IBM (High Impact/Pervasive), which you can read about here. Public Internet IP addresses are changing for the IBM servers that support Call Home and electronic download of fixes for customer systems’ software, hardware, and operating system. This change pertains to all operating systems and applications connecting to IBM for electronic Call Home and fix download. If you have a …

  Read more

• IBM i PTF Guide, Volume 25, Number 49

  December 6, 2023 Doug Bidwell

  Welcome back to having to worry about security vulnerabilities and PTF patches. This week, there are two security vulnerabilities, a set of patches for IBM i 7.2, and HIPERS for IBM i 7.4 and IBM i 7.5 – among other things. Let’s do the vulnerabilities to start.

  First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a remote attacker causing integrity impacts due to the libraries component (CVE-2023-22049), which you can find out more about here. The IBM i PTF Group numbers contain the fix for the vulnerability. Future PTF …

  Read more

• IBM i PTF Guide, Volume 25, Number 47

  November 27, 2023 Doug Bidwell

  Happy Belated Thanksgiving, welcome back to work, and pass the turkey and cranberry sauce leftovers if you don’t mind.

  Speaking of leftovers, there are some new patches for IBM i 7.2, which were updated on November 14. You can check out SF99719 720 Group HIPER – level 237 at this link and SF99718 720 Group Security – level 126 at that link.

  There is also a security vulnerability you need to be aware of, specifically Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to the October 2023 …

  Read more

Previous Articles