IBM i PTF Guide, Volume 24, Number 16

April 20, 2022 Doug Bidwell

It is a new week, and there are two new security vulnerabilities in the IBM i platform. First, there is Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to spoofing and clickjacking attacks due to swagger-ui (CVE-2018-25031, CVE-2021-46708), which you can read more about here. The IBM i PTF numbers containing the fix for the CVEs:

IBM i Release      5770-SS1 PTF Number      PTF Download Link

7.4                          SI78971                                https://www.ibm.com/support/pages/ptf/SI78971

7.3                          SI78972                                https://www.ibm.com/support/pages/ptf/SI78972

7.2                          SI78973                                https://www.ibm.com/support/pages/ptf/SI78973

Then there is Security Bulletin: OpenSSL for IBM i is vulnerable to a denial of service due to a flaw in …