PTF Archives - Page 11 of 45

IBM i PTF Guide, Volume 25, Number 35

September 11, 2023 Doug Bidwell

We have been on hiatus for a few weeks, and there is a lot of stuff to catch up on. There are a slew of security vulnerabilities and a whole bunch of PTFs for the current releases of IBM i that you need to deal with. Let’s start with the security issues.

First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to denial of service, availability, integrity, and confidentiality impacts due to multiple vulnerabilities, which you can find out more about at this link. Here are the PTFs for this vulnerability: …
Read more
A Hacker’s Dozen: 11 New Security Vulns Reported in IBM i

August 23, 2023 Alex Woodie

IBM on August 18 reported 11 new security vulnerabilities in IBM i’s Java stack, including two critical Java flaws that should be patched immediately. The new batch of vulns continues what has been an active summer for security flaws on the platform.

IBM revealed the existence of the 11 Java security flaws in IBM i version 7.2 through 7.5 and the availability of emergency program temporary fixes (PTFs) on the security bulletin section of its IBM Product Security Central webpage.

The security bulletin shows 11 flaws, CVE-2022-21426 through CVE-2023-21968, impacting various components of the Java stack, including the Java Software …
Read more
IBM i PTF Guide, Volume 25, Number 34

August 21, 2023 Doug Bidwell

It is still summer, and the big news again this week in PTF Land is a security vulnerability. This time the hole is in the WebSphere Liberty middleware from Big Blue. See Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to a denial of service (CVE-2023-38737), which you can find out more about at this link. IBM WebSphere Application Server Liberty versions 22.0.0.13 through 23.0.0.7 are affected.

Here is the rundown of PTF Groups by IBM i release level since we last published:

PTF Groups 7.5:
- HIPERs (High Impact/Pervasive)
- Security
- Java
- IBM HTTP Server for i
- SAP support
…
Read more
IBM i PTF Guide, Volume 25, Number 33

August 14, 2023 Doug Bidwell

You can tell that it is still summer, and one of the last weeks before the holiday season is over, by the dearth of patches to the IBM i platforms. That said, we do have two new security vulnerabilities this week as well as some patches for the High Availability group within IBM i 7.5.

First, we have Security Bulletin: Vulnerability in IBM Java SDK affects IBM WebSphere Application Server due to CVE-2022-40609, which you can find out more about here. The affected releases are WebSphere Application Server 8.5 and 9.0.

Second, we have Security Bulletin: IBM Facsimile Support …
Read more
IBM i PTF Guide, Volume 25, Number 32

August 7, 2023 Doug Bidwell

Here is what is new: A new “version” of Access Client Solutions (ACS) is available for download, catch the link in the Guide. (Your “Check for Update” won’t catch it, and you won’t see the version until you get all the way into the ACS Main window, and do the Help/About.) This is an updated version, no change to the ODBC driver. This version of ACS uses the IBM GSKit version 8.0.55.31 with the latest security updates.

This is important: Prior versions of ACS have security defects. Specifically, Security Bulletin: IBM i Access Client Solutions – Windows Application Package is …
Read more
IBM i PTF Guide, Volume 25, Number 31

July 31, 2023 Doug Bidwell

Here’s something to look out for: D-mode IPL from tape fails with system reference code B6005121 on IBM i, which you can read more about at this link. Here’s the deal. When the PTF for MA50161 is PERM applied and the PTF for MA50018 is not PERM applied, and a SAVSYS is taken, a D-mode IPL from that tape will fail with the B6005121, which is an operating system task during the IBM i boot process.

Also, this week we wanted to remind you that software-related issues cannot be automatically uploaded to IBM technical support using the WRKPRB feature …
Read more
IBM i PTF Guide, Volume 25, Number 30

July 24, 2023 Doug Bidwell

The security vulnerabilities in the IBM i software stack are coming in waves. This week, there are three more to report, two of which we detail separately in this issue.

First, we have Security Bulletin: IBM Facsimile Support for i is vulnerable to local privilege escalation (CVE-2023-30988), which you can find out more about here. The issue can be fixed by applying a PTF to IBM i. IBM i releases 7.5, 7.4, 7.3, and 7.2 installed with 5798-FAX version V5R8M0 will be fixed. IBM i Release, 5798-FAX,V5R8M0 PTF Number SI83583 for 7.5, 7.4, 7.3, 7.2 – read the cover …
Read more
IBM i PTF Guide, Volume 25, Number 29

July 17, 2023 Doug Bidwell

This is important, so we are going to remind you about a security vulnerability for the IBM i platform. Check out Security Bulletin: IBM i is vulnerable to an attacker executing CL commands due to an exploitation of DDM architecture (CVE-2023-30990), which you can find out more about at this link and which we reported on in detail in last week’s issue of The Four Hundred.

The issue can be fixed by applying a PTF to IBM i. IBM i releases 7.5, 7.4, 7.3, and 7.2 will be fixed. The IBM i PTF numbers for IBM i 5770-SS1 Base …
Read more
IBM i PTF Guide, Volume 25, Number 28

July 12, 2023 Doug Bidwell

It is still pretty quiet out there in when it comes to PTFs for the IBM i platform, excepting two important security vulnerabilities, one of which we reported on in Monday’s issue of The Four Hundred.

To reiterate, first we have Security Bulletin: IBM i is vulnerable to an attacker executing CL commands due to an exploitation of DDM architecture (CVE-2023-30990), which you can find out more about here. The IBM i PTF numbers for IBM i 5770-SS1 Base Operating System contain the fix for the vulnerability, as follows:
```
IBM i Release	PTF Number
7.5	SI83472	
7.4	SI83473	
```
…
Read more
Thoroughly Modern: Remote Managed Services Fill In For Retiring And Overburdened IT Staff

July 10, 2023 Raymond Hammell

If you manage an IT department, you’ve likely received that dreaded 2am phone call, or you’ve had to hire someone to replace a retiring IBM i systems administrator. And, if you’re like most IBM i professionals, you probably wish you had more time to focus on strategic activities (or take a vacation!) instead of worrying about day-to-day systems maintenance.

Managing IBM i environments requires a specific set of skills that can be hard to come by, leaving IT departments struggling to keep up with growing infrastructure, data volumes and business demands. Tedious maintenance and repetitive tasks add to the burden …
Read more

Previous Articles Next Articles

Content archive

Recent Posts

Subscribe

Pages

Search