IBM WebSphere Application Server Liberty for IBM i Archives

IBM i PTF Guide, Volume 24, Number 38

September 19, 2022 Doug Bidwell

It is a quiet week for PTFs, with two security vulnerabilities for the IBM i platform and not much else.

We will start with Security Bulletin: Samba for IBM i is vulnerable to attacker obtaining sensitive information due to a memory leak with SMB1 requests (CVE-2022-32742), which you can find out more about at this link. Here are the fixes:
```
IBM i Release	5770-SS1	PTF Number	
                7.4		SI80816	
                7.3		SI80815
```
And then there is Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to identity spoofing with authenticated user and ability to bypass security restrictions due …
Read more
IBM i PTF Guide, Volume 24, Number 25

June 22, 2022 Doug Bidwell

It is beginning to feel a bit a bit like Groundhog Day at the IBM i PTF Guide. Yet more security vulnerabilities are surfacing in the IBM i platform. While the number of new security bulletins for IBM i is nowhere near what we see with Windows Server and Linux platforms, it has become a constant game of Whack-a-mole. So get out your rubber mallet and get the Aspercreme ready to fight tendonitis. . . .

First, we have Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to identity spoofing and port status query (CVE-2022-22475 …
Read more
IBM i PTF Guide, Volume 24, Number 16

April 20, 2022 Doug Bidwell

It is a new week, and there are two new security vulnerabilities in the IBM i platform. First, there is Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to spoofing and clickjacking attacks due to swagger-ui (CVE-2018-25031, CVE-2021-46708), which you can read more about here. The IBM i PTF numbers containing the fix for the CVEs:

IBM i Release      5770-SS1 PTF Number      PTF Download Link

7.4                          SI78971                                https://www.ibm.com/support/pages/ptf/SI78971

7.3                          SI78972                                https://www.ibm.com/support/pages/ptf/SI78972

7.2                          SI78973                                https://www.ibm.com/support/pages/ptf/SI78973

Then there is Security Bulletin: OpenSSL for IBM i is vulnerable to a denial of service due to a flaw in …
Read more

Content archive

Recent Posts

Subscribe

Pages

Search

IBM i PTF Guide, Volume 24, Number 38

IBM i PTF Guide, Volume 24, Number 25

IBM i PTF Guide, Volume 24, Number 16

Content archive

Recent Posts

Subscribe

Pages

Search