• IBM i PTF Guide, Volume 28, Number 9

  March 2, 2026 Doug Bidwell

  Welcome to March. You have five security vulnerabilities to take care of. The good news is that there is not a lot of other PTF stuff you have to worry about if you are on IBM i 7.3 through IBM i 7.6. There are Group HIPER and Group Security updates for IBM i 7.2, which is still under extended support.

  Let’s go through the security vulnerabilities to start, as we usually do.

  First, we have Security Bulletin: IBM Rational Developer for i is affected by a memory exhaustion loop (CVE-2024-4068), which you can read about here. (And for …

  Read more

• IBM i PTF Guide, Volume 28, Numbers 1 Through 3

  January 19, 2026 Doug Bidwell

  We are determined to get you all caught up on the happenings with PTF patches and such that have happened so far in the new year after getting you caught up with what happened at the end of 2025 in last week’s issue.

  So, without further ado, here are the first three editions of the IBM i PTF Guide for 2026, which will end our “Ketchup” Weeks until the next holiday rolls along. (Technically, it is Martin Luther King day in America as we go to press, which is a holiday for many but not for all.)

  We will start …

  Read more

• IBM i PTF Guide, Volume 27, Number 7

  February 17, 2025 Doug Bidwell

  How secure you feeling today? Well, IBM i is generally pretty rock solid, but you have to stay on top of the security vulnerabilities. And there are two of them that are new this week.

  First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a partial denial of service and a JNI function returning incorrect value length due to multiple vulnerabilities. You can find out more about this issue at this link, and here are the patches for it:

  IBM i Release                         PTF Group

  7.5                                             SF99955 Level 13

  7.4                                             SF99665 …

  Read more

• IBM i PTF Guide, Volume 26, Number 41

  October 21, 2024 Doug Bidwell

  Don’t get hyper about HIPERs, but there are some issues you need to deal with if you have moved to IBM i 7.5. High Impact / Highly Pervasive (HIPER) Issue Potential undetected data loss can occur on LPARs using NPIV with certain Fibre Channel adapters. Potential undetected data loss can occur on LPARs using NPIV over Fibre Channel adapters with the following Feature Codes:  EN1E/EN1F, EN1G/EN1H, EN1J/EN1K, EN2L/EN2M, and EN2N/EN2P.

  You can read about this HIPER PTF at this link.

  Now, there are also two security vulnerabilities on this week’s To Do list.

  First, we have Security Bulletin: IBM …

  Read more

• IBM i PTF Guide, Volume 26, Number 32

  August 19, 2024 Doug Bidwell

  You knew that this was not going to last forever. We had a few weeks where there were not any security vulnerabilities in the IBM i stack, and now you have three you need to attend to this week. There are some patches for WebSphere middleware as well.

  Let’s start with the security issues.

  First, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to July 2024 CPU, which you can read all about here. The affected products include:

  Affected Product(s)					Version(s)
  IBM WebSphere Application Server			

  …

  Read more

• IBM i PTF Guide, Volume 26, Number 27

  July 15, 2024 Doug Bidwell

  Get your PTF patching fingers all cracked and stretched because you will be doing some typing this week. There are a three security issues you need to cope with and a slew of patches that run the gamut of subsystems on the platform. As usual, let’s start with the security vulnerabilities.

  First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to a denial of service and bypassing security restrictions due to multiple vulnerabilities, which you can find out more about here. The patches for this issue, by IBM i release level, …

  Read more

• IBM i PTF Guide, Volume 26, Number 13

  April 8, 2024 Doug Bidwell

  Three is the magic number, as we all know. This week, there is another trio of vulnerabilities in parts of the IBM i software stack. And all three currently supported IBM i releases all have a slew of group patches as well. Let’s start with the vulnerabilities because these are always important to know about and deal with.

  First, we have Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting (CVE-2024-27270), which you can find out more about at this link. The affected products include IBM WebSphere Application Server Liberty, versions 23.0.0.3 through 24.0.0.3 – who …

  Read more

• IBM i PTF Guide, Volume 26, Number 8

  February 26, 2024 Doug Bidwell

  It is a rare week when there is not some sort of security bulletin that affects all of the major operating systems, and this week is not one of those rare weeks. There are three security vulnerabilities affecting the current IBM i releases as well as a group of security patches for the vintage IBM i 7.2 release. Let’s get started with the security vulnerabilities, as is our common practice.

  First, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to January 2024 CPU, which you can …

  Read more

• IBM i PTF Guide, Volume 26, Number 7

  February 19, 2024 Doug Bidwell

  Aside from two new security vulnerabilities, it has been a pretty quiet week in IBM i PTF Land. There are some updates for the current releases of IBM i – that would be IBM i 7.4 and IBM i 7.5 that are both on standard support and IBM i 7.3 that is on extended support – and of course there are some new defective PTFs that Big Blue needs to make you aware of, as often happens because all modern platforms are complex and all of them sometimes have patches that have unintended consequences.

  Let’s start with the security issues, …

  Read more

• IBM i PTF Guide, Volume 26, Number 6

  February 12, 2024 Doug Bidwell

  This week we have three new security vulnerabilities, but first we want to remind you that you need to prepare firewalls and proxies for the upcoming infrastructure changes for IBM Call Home, Electronic Fix Distribution. This is considered HIPER by IBM (High Impact/Pervasive), which you can read about here. Public Internet IP addresses are changing for the IBM servers that support Call Home and electronic download of fixes for customer systems’ software, hardware, and operating system. This change pertains to all operating systems and applications connecting to IBM for electronic Call Home and fix download. If you have a …

  Read more

Previous Articles