• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • IBM i PTF Guide, Volume 26, Number 32

    August 19, 2024 Doug Bidwell

    You knew that this was not going to last forever. We had a few weeks where there were not any security vulnerabilities in the IBM i stack, and now you have three you need to attend to this week. There are some patches for WebSphere middleware as well.

    Let’s start with the security issues.

    First, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to July 2024 CPU, which you can read all about here. The affected products include:

    Affected Product(s)					Version(s)
    IBM WebSphere Application Server			
    …

    Read more
  • IBM i PTF Guide, Volume 26, Number 17

    May 6, 2024 Doug Bidwell

    Some of the links in the IBM i PTF Guide appear to be broken, but don’t worry about them. IBM is in the process of changing the format of the Cover page for IBM i patches and a few of the links are stuck in the middle. We will attempt to get them back in synch by the next issue. This is the effect of the latest in IBM’s efforts to make the web information for IBM less verbose and more accessible. Any comments on such, please share!

    And now, some security vulnerabilities for IBM. Four, to be precise.

    First, …

    Read more
  • IBM i PTF Guide, Volume 26, Number 16

    April 22, 2024 Doug Bidwell

    It is an interesting time out there in PTF Land, so brace yourself. There are four security bulletins and two security warnings about potential denial of service vulnerabilities. Let’s do the security bulletins first and then the denial of service issues.

    First, we have Security Bulletin: IBM i Access Client Solutions is vulnerable to an infinite loop or out of memory error due to vulnerabilities in Apache Commons Compress, which you can find out more about at this link. The affected product(s) include IBM i Access Family versions 1.1.2 – 1.1.4, and versions 1.1.4.3 – 1.1.9.4. The issue can …

    Read more
  • IBM i PTF Guide, Volume 26, Number 13

    April 8, 2024 Doug Bidwell

    Three is the magic number, as we all know. This week, there is another trio of vulnerabilities in parts of the IBM i software stack. And all three currently supported IBM i releases all have a slew of group patches as well. Let’s start with the vulnerabilities because these are always important to know about and deal with.

    First, we have Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting (CVE-2024-27270), which you can find out more about at this link. The affected products include IBM WebSphere Application Server Liberty, versions 23.0.0.3 through 24.0.0.3 – who …

    Read more
  • IBM i PTF Guide, Volume 25, Number 34

    August 21, 2023 Doug Bidwell

    It is still summer, and the big news again this week in PTF Land is a security vulnerability. This time the hole is in the WebSphere Liberty middleware from Big Blue. See Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service (CVE-2023-38737), which you can find out more about at this link. IBM WebSphere Application Server Liberty versions 22.0.0.13 through 23.0.0.7 are affected.

    Here is the rundown of PTF Groups by IBM i release level since we last published:

    PTF Groups 7.5:

    • HIPERs (High Impact/Pervasive)
    • Security
    • Java
    • IBM HTTP Server for i
    • SAP support
    …

    Read more
  • IBM i PTF Guide, Volume 25, Number 24

    June 12, 2023 Doug Bidwell

    It is one of those quiet weeks in PTF Land, which probably means next week or the week after won’t be if history is any guide. This week, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2023 CPU. More information is available here. Below are the affected products and versions.

    Affected Product(s)				Version(s)
    IBM WebSphere Application Server		9.0
    IBM WebSphere Application Server		8.5
    IBM WebSphere Application Server Liberty	Continuous delivery
    

    Here is the rundown of PTF Groups by IBM i release level since we …

    Read more
  • IBM i PTF Guide, Volume 25, Number 23

    June 7, 2023 Doug Bidwell

    It’s a little more quiet in this issue of the IBM i PTF Guide than it was last time, which is a good thing and which ran on Monday. We will start off with two more security vulnerabilities, one with Rational Developer for i and the other for the WebSphere Application Server Liberty edition.

    First, we have Security Bulletin: IBM Rational Developer for i is vulnerable to attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928), which you can find out more about here. Here are the affected releases:

    Affected Product(s)				Version(s)
    IBM 
    …

    Read more
  • IBM i PTF Guide, Volume 25, Number 7

    February 13, 2023 Doug Bidwell

    This week brought more security vulnerabilities in the airspace above us, and also around the world with weird sightings in the United States, Canada, China, and Russia. Now we have security vulnerabilities in open source code that is part of the IBM i stack.

    First, we have a Security Bulletin. IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to bypassing security restrictions, denial of service attacks, and data integrity impacts due to multiple vulnerabilities, which you can find out more about at this link. There are fixes as shown below by IBM i release and …

    Read more
  • IBM i PTF Guide, Volume 24, Number 49

    December 7, 2022 Doug Bidwell

    It is another one of those weeks when there are a slew of security vulnerabilities to attend to. Four that we know of, to be precise.

    First, there is Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to Google protobuf-java (CVE-2022-3171, CVE-2022-3509), which you can read more about at this link. This vulnerability affects IBM WebSphere Application Server Liberty versions 21.0.0.2 through 22.0.0.12.

    Second, there is Security Bulletin: ISC BIND on IBM i is vulnerable to denial of service due to memory leaks and a flaw in resolver code (CVE-2022-2795, CVE-2022-38177, CVE-2022-38178), …

    Read more
  • IBM i PTF Guide, Volume 24, Number 47

    November 28, 2022 Doug Bidwell

    It is a busy, busy week for the IBM i PTF Guide, folks. So get some coffee. There are a bunch of security vulnerabilities that you need to take a look at, and there are also some recommended fixes that are not included in either the PTF groups or the cumulative PTF updates.

    First, there is Security Bulletin: IBM Transform Services for IBM i is vulnerable to denial of service, buffer overflow, and allowing attacker to obtain sensitive information due to multiple vulnerabilities, which you can read more about at this link. The fixes for this vulnerability can …

    Read more

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • FAX/400 And CICS For i Are Dead. What Will IBM Kill Next?
  • Fresche Overhauls X-Analysis With Web UI, AI Smarts
  • Is It Time To Add The Rust Programming Language To IBM i?
  • Is IBM Going To Raise Prices On Power10 Expert Care?
  • IBM i PTF Guide, Volume 27, Number 20
  • POWERUp 2025 –Your Source For IBM i 7.6 Information
  • Maxava Consulting Services Does More Than HA/DR Project Management – A Lot More
  • Guru: Creating An SQL Stored Procedure That Returns A Result Set
  • As I See It: At Any Cost
  • IBM i PTF Guide, Volume 27, Number 19

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2025 IT Jungle