IBM Java SDK Archives - Page 2 of 3

IBM i PTF Guide, Volume 25, Number 37

September 18, 2023 Doug Bidwell

There are a few things you can count on in life. Death. Taxes. Coffee. Beer. The love of a good woman. And a seemingly endless barrage of security vulnerabilities for every computing platform on Earth. There are a bunch of the latter that are new to the IBM i platform this week.

First, we have Security Bulletin: OpenSSL and OpenSSH for IBM i are vulnerable to arbitrary code execution, denial of service, and security restrictions bypass due to multiple vulnerabilities, which you can find out more about at this link. The IBM i PTF number for 5733-SC1 contains the …
Read more
IBM i PTF Guide, Volume 25, Number 35

September 11, 2023 Doug Bidwell

We have been on hiatus for a few weeks, and there is a lot of stuff to catch up on. There are a slew of security vulnerabilities and a whole bunch of PTFs for the current releases of IBM i that you need to deal with. Let’s start with the security issues.

First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to denial of service, availability, integrity, and confidentiality impacts due to multiple vulnerabilities, which you can find out more about at this link. Here are the PTFs for this vulnerability: …
Read more
IBM i PTF Guide, Volume 25, Number 33

August 14, 2023 Doug Bidwell

You can tell that it is still summer, and one of the last weeks before the holiday season is over, by the dearth of patches to the IBM i platforms. That said, we do have two new security vulnerabilities this week as well as some patches for the High Availability group within IBM i 7.5.

First, we have Security Bulletin: Vulnerability in IBM Java SDK affects IBM WebSphere Application Server due to CVE-2022-40609, which you can find out more about here. The affected releases are WebSphere Application Server 8.5 and 9.0.

Second, we have Security Bulletin: IBM Facsimile Support …
Read more
IBM i PTF Guide, Volume 25, Number 24

June 12, 2023 Doug Bidwell

It is one of those quiet weeks in PTF Land, which probably means next week or the week after won’t be if history is any guide. This week, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2023 CPU. More information is available here. Below are the affected products and versions.
```
Affected Product(s)				Version(s)
IBM WebSphere Application Server		9.0
IBM WebSphere Application Server		8.5
IBM WebSphere Application Server Liberty	Continuous delivery
```
Here is the rundown of PTF Groups by IBM i release level since we …
Read more
IBM i PTF Guide, Volume 25, Number 22

June 5, 2023 Doug Bidwell

Welcome back after the Memorial Day holiday, and our thanks to all who have served and who currently serve.

There is a slew of security issues that you need to deal with on the IBM i platform. So let’s get to it.

First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to exposing sensitive information due to flaws and configurations (CVE-2023-30441), which you can find out more about here. The vulnerability can be fixed by applying the latest Java Group PTF. Releases 7.5, 7.4, 7.3, and 7.2 of IBM i will …
Read more
IBM i PTF Guide, Volume 25, Number 7

February 13, 2023 Doug Bidwell

This week brought more security vulnerabilities in the airspace above us, and also around the world with weird sightings in the United States, Canada, China, and Russia. Now we have security vulnerabilities in open source code that is part of the IBM i stack.

First, we have a Security Bulletin. IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to bypassing security restrictions, denial of service attacks, and data integrity impacts due to multiple vulnerabilities, which you can find out more about at this link. There are fixes as shown below by IBM i release and …
Read more
IBM i PTF Guide, Volume 24, Number 47

November 28, 2022 Doug Bidwell

It is a busy, busy week for the IBM i PTF Guide, folks. So get some coffee. There are a bunch of security vulnerabilities that you need to take a look at, and there are also some recommended fixes that are not included in either the PTF groups or the cumulative PTF updates.

First, there is Security Bulletin: IBM Transform Services for IBM i is vulnerable to denial of service, buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities, which you can read more about at this link. The fixes for this vulnerability can …
Read more
OpenSSL Flaw No ‘Heartbleed,’ But Other New Vulns Detected

November 2, 2022 Alex Woodie

The cybersecurity world has been sitting on pins and needles for the past 48 hours, ever since news of a potentially devastating new flaw in OpenSSL started to leak out early Monday morning. That flaw turned out to be not as bad as initially feared, but that shouldn’t stop IBM i shops from patching other recent flaws, including some pretty serious ones in WebSphere Liberty, Java, the CCA, and Zlib.

News started to emerge earlier this week of a critical OpenSSL flaw that required the utmost attention. The flaw could be a concern for just about everybody, including IBM, …
Read more
IBM i PTF Guide, Volume 24, Number 36

September 12, 2022 Doug Bidwell

Let’s get right into it. There are PDF transform issues with IBM i 7.5. This issue was encountered by our friends in San Diego: Thank you, Nancy, for sharing! They were receiving “Transformation task cancelled due to a print fidelity error” when converting from SCS to PDF. IBM issued the following PTFs to fix the issue:
```
PTF ID                                  
SI79773	 5770SS1  
SI79689  5770TS1
SI79684  5770TS1
```
Now, let’s turn to Security Bulletin: Vulnerability in IBM Java SDK affects IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to July 2022 CPU plus deferred CVE-2021-2163. You can see more at this …
Read more
IBM i PTF Guide, Volume 24, Number 33

August 15, 2022 Doug Bidwell

First up, IBM has tweaked its temporary additional use policy for Power Systems software for migrations to Power E1080, Power E1050, and Power S1024 servers. You can read about it here.

Here is the significance of this. When you do an upgrade, you get 70 days from install to use the systems software for free. That can be extended once for 40 days, and then that can be extended again, once, for 3 days. After that, you have to beg for more if you need more time to do the upgrade. IBM doesn’t care about partitions, it’s the host …
Read more

Previous Articles Next Articles

Content archive

Recent Posts

Subscribe

Pages

Search