• IBM i PTF Guide, Volume 20, Number 18

  May 9, 2018 Doug Bidwell

  We’ve got some new HIPER’s and Security group PTFs to share with you this week, plus we’ve added a few new links for your review. If you haven’t looked at the links tab in the guide before, make sure you take a peek. There is some good stuff out there.

  First up, there are several Temporary disk Space Recommended PTFs for V7R3 and V7R2, and of course we would advise it is always a good thing to put those on.

  V7R3	MF64447	SQE temporary storage allocation
  	MF64487	Database runtime temporary segment growth
  	SI67332	QDBRRCDL & QDBRJBRL API storage leak
  	SI67421

  …

  Read more

• IBM i PTF Guide, Volume 20, Number 17

  May 2, 2018 Doug Bidwell

  This week’s PTF Guide brings us a Security Bulletin from IBM. There are multiple vulnerabilities in OpenSSL (5733-SC1) that affect the IBM i. Check this link for details on the recommended PTFs. A list of all PTFs available for OpenSSL can be found here.

  In other news, there is one situation where CPYFRMIMPF fails to convert a .csv file to a database file. You can see the details and the fix here.

  Use our archive of the IBM i PTF Guide below to help you work through the PTFs in chronological order:

  April 28, 2018: Volume 20, Number …

  Read more

• Multiple Security Vulnerabilities Reported In IBM i

  April 30, 2018 Alex Woodie

  IBM this month revealed an array of security vulnerabilities across IBM i middleware components, including OpenSSL, DHCP, and Java products. Most of the flaws were given a “high severity” rating, and all of them have been patched.

  This week’s security fun starts with DHCP (Dynamic Host Configuration Protocol), which is used to automate the management and distribution of IP addresses within a network. According to the April 26 IBM security bulletin, IBM i 7.1, 7.2, and 7.3 are vulnerable to a pair of security vulnerabilities in the underlying DHCP protocol.

  The first DHCP flaw, which is identified as CVE-2018-5732 …

  Read more

• IBM i PTF Guide, Volume 20, Number 16

  April 30, 2018 Doug Bidwell

  Yes, we normally put the IBM i PTF Guide in the Wednesday edition of The Four Hundred, but there was some changes in the publication schedule and so we are running the latest edition here on Monday. We will have the follow-on Volume 20, Number 17 in the Wednesday edition this week as normal.

  First of all, I made a typo a few weeks back (the current cume on V7R3 is 8025, not 8205), and a few of you caught it. Thank you for the catch, and for letting me know!

  Ok, so let’s get started with the meat …

  Read more

• IBM i PTF Guide, Volume 20, Number 15

  April 18, 2018 Doug Bidwell

  Hello fellow residents of IBM i Land. (You know that know man is an iLand, right? Anyway . . . .) In this week’s edition of the IBM i PTF Guide, the Java group was updated on all releases. Now that HTTP Admin is converting to JDK 8, if you are running Java applications – and who isn’t running Java applications these days at least some of the time – this is worth checking out.

  See the following in the IBM i PTF Guide:

  • V7R3 SF99725
  • V7R2 SF99716
  • V7R1 SF99572

  Another warning: IBM i Access for Web, product …

  Read more

• IBM i PTF Guide, Volume 20, Number 14

  April 11, 2018 Doug Bidwell

  There are a bunch of nips and tucks for the IBM i operating system in this week’s edition of the IBM i PTF Guide, but nothing that will keep you awake at night as sometimes happen on all platforms in the enterprise.

  If you are running encryption on your backups, you may want to take a look at this link. The issue is that tape processing fails if the QTADECRYPT data area is found in QUSRSYS and if the keystore file listed in the QTADECRYPT data area is missing from the system. All current releases – IBM i …

  Read more

• IBM i PTF Guide, Volume 20, Number 13

  April 4, 2018 Doug Bidwell

  There is not much to write about this week, with lots of people on various holidays and breaks around the world. There is a new MQ Series group (SF99859), plus new HIPER, Security, BRMS, and Hardware groups this week. After the last couple months of announcements and the Spectre/Meltdown speculative execution security vulnerabilities, IBM is catching up on fixes. Good stuff!

  As for the Spectre/Meltdown update, there is nothing new to report, I just didn’t want to write it out too quick – things like this come back to haunt you if you are not careful. . . .

  I …

  Read more

• IBM Patches Another BIND Flaw In IBM i

  March 28, 2018 Alex Woodie

  A serious flaw has been discovered in the BIND networking service that could be used to launch a denial of service attack against impacted servers, including IBM i. IBM patched the flaw in every version of the OS from IBM i 6.1 to 7.3 with a program temporary fix (PTF) made available earlier this month. IBM also patched a serious flaw in WebSphere that could let information leak out.

  According to the IBM security bulletin issued March 12, the ISC BIND flaw known as CVE-2017-3145 has the potential to allow a remote attacker to crash a vulnerable server by sending …

  Read more

• IBM i PTF Guide, Volume 20, Number 12

  March 28, 2018 Doug Bidwell

  After the last couple months of announcements and Spectre/Meltdown (SM) mayhem, IBM is catching up on fixes. This week we have new HIPERs, Security, BRMS, and Hardware groups this week.

  Speaking of Spectre and Meltdown, there is no new news or updates, but IBM has finally merged the SM PTFs into the normal “Group” methodology we work with every week. So, to get current on SM for your appropriate release apply the below levels (or higher):

  	7.1 Groups	7.2 Groups	7.3 Groups
  Tech Refresh	N/A	SF99717-008	SF99727-004
  Security	SF99708-079	SF99718-059	SF99728-024
  HIPER	SF99709-217	SF99719-116	SF99729-053

  March 24, 2018: Volume …

  Read more

• IBM i PTF Guide, Volume 20, Number 11

  March 21, 2018 Doug Bidwell

  New cumes!! V7R3 and V7R2 both have new cumulative PTF groups this week. This effectively correlates the roll-up of the Spectre and Meltdown patches into a traditional apply methodology. Check our PTF Guide for the latest activity on both Spectre and Meltdown and your applicable release. In a nutshell, loading the latest cume and groups gets you protected at the LIC and OS levels. For firmware, you still need to determine and address separately.

  Also, read the cover letter for the cume carefully — if you are running PowerHa or Content Manager, there are “things” you need to be aware …

  Read more

Previous Articles Next Articles