PTF Archives - Page 10 of 44

IBM i PTF Guide, Volume 25, Number 38

September 20, 2023 Doug Bidwell

This episode of the IBM i PTF Guide is being put together in honor of that venerable rodeo clown and comedic actor, Louis Burton Lindley, Jr., better known to all of us as Slim Pickens. Because after a bunch of security vulnerabilities were covered in the prior issue that came out on Monday, we are now all caught up after the holiday and there is not a huge amount going on.

But there is always something you need to watch out for. So read on.

Here is the rundown of PTF Groups by IBM i release level since we last …
Read more
IBM i PTF Guide, Volume 25, Number 37

September 18, 2023 Doug Bidwell

There are a few things you can count on in life. Death. Taxes. Coffee. Beer. The love of a good woman. And a seemingly endless barrage of security vulnerabilities for every computing platform on Earth. There are a bunch of the latter that are new to the IBM i platform this week.

First, we have Security Bulletin: OpenSSL and OpenSSH for IBM i are vulnerable to arbitrary code execution, denial of service, and security restrictions bypass due to multiple vulnerabilities, which you can find out more about at this link. The IBM i PTF number for 5733-SC1 contains the …
Read more
IBM i PTF Guide, Volume 25, Number 36

September 13, 2023 Doug Bidwell

This issue of the IBM i PTF Guide was put together the Sunday before the Labor Day holiday in America, and as you might imagine, there is not a lot going on. But there are a few things.

First, the DIG or NSLOOKUP tool, which is used to validate DNS entries and which has been around for a while, doesn’t work anymore without PTFs. You can find out more at this link, and the PTFs you need to apply to make it work are as follows:
```
• V7R5M0: SI84411
• V7R4M0: SI84419
• V7R3M0: SI84438
```
And of course, there …
Read more
IBM i PTF Guide, Volume 25, Number 35

September 11, 2023 Doug Bidwell

We have been on hiatus for a few weeks, and there is a lot of stuff to catch up on. There are a slew of security vulnerabilities and a whole bunch of PTFs for the current releases of IBM i that you need to deal with. Let’s start with the security issues.

First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to denial of service, availability, integrity, and confidentiality impacts due to multiple vulnerabilities, which you can find out more about at this link. Here are the PTFs for this vulnerability: …
Read more
A Hacker’s Dozen: 11 New Security Vulns Reported in IBM i

August 23, 2023 Alex Woodie

IBM on August 18 reported 11 new security vulnerabilities in IBM i’s Java stack, including two critical Java flaws that should be patched immediately. The new batch of vulns continues what has been an active summer for security flaws on the platform.

IBM revealed the existence of the 11 Java security flaws in IBM i version 7.2 through 7.5 and the availability of emergency program temporary fixes (PTFs) on the security bulletin section of its IBM Product Security Central webpage.

The security bulletin shows 11 flaws, CVE-2022-21426 through CVE-2023-21968, impacting various components of the Java stack, including the Java Software …
Read more
IBM i PTF Guide, Volume 25, Number 34

August 21, 2023 Doug Bidwell

It is still summer, and the big news again this week in PTF Land is a security vulnerability. This time the hole is in the WebSphere Liberty middleware from Big Blue. See Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service (CVE-2023-38737), which you can find out more about at this link. IBM WebSphere Application Server Liberty versions 22.0.0.13 through 23.0.0.7 are affected.

Here is the rundown of PTF Groups by IBM i release level since we last published:

PTF Groups 7.5:
- HIPERs (High Impact/Pervasive)
- Security
- Java
- IBM HTTP Server for i
- SAP support
…
Read more
IBM i PTF Guide, Volume 25, Number 33

August 14, 2023 Doug Bidwell

You can tell that it is still summer, and one of the last weeks before the holiday season is over, by the dearth of patches to the IBM i platforms. That said, we do have two new security vulnerabilities this week as well as some patches for the High Availability group within IBM i 7.5.

First, we have Security Bulletin: Vulnerability in IBM Java SDK affects IBM WebSphere Application Server due to CVE-2022-40609, which you can find out more about here. The affected releases are WebSphere Application Server 8.5 and 9.0.

Second, we have Security Bulletin: IBM Facsimile Support …
Read more
IBM i PTF Guide, Volume 25, Number 32

August 7, 2023 Doug Bidwell

Here is what is new: A new “version” of Access Client Solutions (ACS) is available for download, catch the link in the Guide. (Your “Check for Update” won’t catch it, and you won’t see the version until you get all the way into the ACS Main window, and do the Help/About.) This is an updated version, no change to the ODBC driver. This version of ACS uses the IBM GSKit version 8.0.55.31 with the latest security updates.

This is important: Prior versions of ACS have security defects. Specifically, Security Bulletin: IBM i Access Client Solutions – Windows Application Package is …
Read more
IBM i PTF Guide, Volume 25, Number 31

July 31, 2023 Doug Bidwell

Here’s something to look out for: D-mode IPL from tape fails with system reference code B6005121 on IBM i, which you can read more about at this link. Here’s the deal. When the PTF for MA50161 is PERM applied and the PTF for MA50018 is not PERM applied, and a SAVSYS is taken, a D-mode IPL from that tape will fail with the B6005121, which is an operating system task during the IBM i boot process.

Also, this week we wanted to remind you that software-related issues cannot be automatically uploaded to IBM technical support using the WRKPRB feature …
Read more
IBM i PTF Guide, Volume 25, Number 30

July 24, 2023 Doug Bidwell

The security vulnerabilities in the IBM i software stack are coming in waves. This week, there are three more to report, two of which we detail separately in this issue.

First, we have Security Bulletin: IBM Facsimile Support for i is vulnerable to local privilege escalation (CVE-2023-30988), which you can find out more about here. The issue can be fixed by applying a PTF to IBM i. IBM i releases 7.5, 7.4, 7.3, and 7.2 installed with 5798-FAX version V5R8M0 will be fixed. IBM i Release, 5798-FAX,V5R8M0 PTF Number SI83583 for 7.5, 7.4, 7.3, 7.2 – read the cover …
Read more

Previous Articles Next Articles

Content archive

Recent Posts

Subscribe

Pages

Search