OmniFind Text Search Server for DB2 for i Archives - IT Jungle

Multiple Security Vulnerabilities Patched on IBM i

June 22, 2022 Alex Woodie

In recent weeks, IBM has disclosed a handful of vulnerabilities in its IBM i operating system and related IBM i products, including Db2 Mirror, WebSphere, Navigator for i, the Java development and runtime tools, and OmniFind Text Search Server. IBM has shipped PTFs for the security problems, which range in severity from medium to high.

IBM warned of security holes in the HTTP Server (the one powered by Apache) in a June 13 security bulletin. The flaws, identified as CVE-2022-22720 and CVE-2022-22721, carry the risk of a HTTP request smuggling that could poison the Web cache, bypass firewalls, and …
Read more
IBM i PTF Guide, Volume 24, Number 11

March 16, 2022 Doug Bidwell

This Log4j security vulnerability just keeps being more and more pesky. If you haven’t seen it yet, there is an update to a Security Bulletin called Due to use of Apache Log4j, OmniFind Text Search Server for DB2 for i is vulnerable to arbitrary code execution (CVE-2021-4104), which you can read all about at this link.

The patches for each release are described in full here:

OmniFind V1R5M0:
- SI78753
- SI78754
- SI78755
OmniFind V1R4M0
- SI78756
- SI78757
- SI78758
OmniFind V1R3M0
- SI78751
- SI78759
- SI78760
- SI78761
To help you with the Log4j security vulnerability, we have created a supplemental spreadsheet as a companion …
Read more