IBM i PTF Guide, Volume 25, Number 19
May 8, 2023 Doug Bidwell
There are new cumulative updates this week, and a couple of security vulnerabilities that you need to be aware of, which we cover along with the normal PTF updates and defective PTF rundown that we do every week. Let’s start, as we often do, with the vulnerabilities.
First, we have Security Bulletin: IBM WebSphere Application Server Liberty for IBM i. which is vulnerable to a server-side request forgery, a denial of service, an attacker obtaining sensitive information, and gaining elevated privileges due to multiple vulnerabilities. You can find out more about at this link. The issues can be fixed by applying a PTF to IBM i that will upgrade Liberty runtime to version 23.0.0.3. IBM i releases 7.5, 7.4, 7.3, and 7.2 will be fixed. The IBM i PTF numbers containing the fix for the CVEs are as follows:
IBM i Release 5770-SS1 Option 3 PTF 7.5 SI83113 7.4 SI83114 7.3 SI83115 7.2 SI83116
Second, we have Security Bulletin: IBM i is vulnerable to an authenticated administrator gaining elevated privileges due to improper SQL processing (CVE-2023-23470), which you can see all about here. The issue can be fixed by applying a PTF to IBM i. IBM i releases 7.5, 7.4, 7.3, and 7.2 will be fixed. The IBM i PTF numbers for IBM i base operating system contains the fix for the vulnerability are:
IBM i Release 5770-SS1 PTF Number 7.5 SI82753 7.4 SI82754 7.3 SI82755 7.2 SI82756
Also, be mindful of SF99719 720 Group Hiper – level 227, 4/18/23, which you can see at https://www.ibm.com/support/pages/sf99719-720-group-hiper-level-227.
Here is the rundown of PTF Groups by IBM i release level since we last published:
PTF Groups 7.5:
- Latest Cumulative PTF Package 23110
- HIPERs
- Security
- Technology Refresh
- IBM MQ for IBM i – v9.2.0/v9.3.0
- High Availability for IBM i
PTF Groups 7.4:
- Latest Cumulative PTF Package 23117
- Security
- Technology Refresh
- MQ for IBM i – v9.0.0/v9.1.0/v9.2.0/v9.3.0
PTF Groups 7.3:
- Latest Cumulative PTF Package 23103
- HIPERs
Tip O’ The Week: The “Help” About, Check for Updates only checks the first three digits. If you are on ACS 1.1.9.1, checking for updates will not tell you about 1.1.9.2 . . . .
New (or Updated) links added to the ‘Links’ tab in the guide this week:
- WAS How To Migrate the IBM WebSphere Application Server (WAS) v8.0 and Later Products Between IBM i Partitions, 646205
New (or Updated) links added to the ‘QMGtools’ tab in the guide this week:
- Nein
New (or Updated) links added to the ‘ACS_NAV’ tab in the guide this week:
- Nuthin’
New (or Updated) links added to the ‘Prtr Links’ tab in the guide this week:
- Nothing here, either
New (or Updated) links Redbooks added this week:
- Nothing here as well
The Guide at a glance: There are new defectives this week (05/29/23). Here is the defective PTF rundown, which is the last defective for each release:
Defect Defective APAR Fixing Date PTF PTF -------- -------- ------- ------- 7.5 02/24/23 MF70751 MA50112 MF70868 (When available) 7.4 02/24/23 MF70747 MA50112 MF70861 (When available) 7.3 02/22/23 MF70677 MA50059 MF70736 (When available) MF70600 MF70440
Be sure to access the link in the Guide for further details.
Below is the usual archive of the IBM i PTF Guide to help you work through the PTFs in chronological order:
May 6, 2023: Volume 25, Number 19
April 29, 2023: Volume 25, Number 18
April 22, 2023: Volume 25, Number 17
April 15, 2023: Volume 25, Number 16
April 8, 2023: Volume 25, Number 15
April 1, 2023: Volume 25, Number 14
March 25, 2023: Volume 25, Number 13
March 18, 2023: Volume 25, Number 12
March 11, 2023: Volume 25, Number 11
March 4, 2023: Volume 25, Number 10
February 25, 2023: Volume 25, Number 9
February 18, 2023: Volume 25, Number 8
February 13, 2023: Volume 25, Number 7
February 4, 2023: Volume 25, Number 6
January 28, 2023: Volume 25, Number 5
January 21, 2023: Volume 25, Number 4
January 14, 2023: Volume 25, Number 3
January 7, 2023: Volume 25, Number 2
January 1, 2023: Volume 25, Number 1
December 10, 2022: Volume 24, Number 50
December 3, 2022: Volume 24, Number 49
November 26, 2022: Volume 24, Number 48
November 19, 2022: Volume 24, Number 47
November 12, 2022: Volume 24, Number 46
November 5, 2022: Volume 24, Number 45
October 29, 2022: Volume 24, Number 44
October 22, 2022: Volume 24, Number 43
October 15, 2022: Volume 24, Number 42
October 8, 2022: Volume 24, Number 41
October 1, 2022: Volume 24, Number 40
September 24, 2022: Volume 24, Number 39
September 17, 2022: Volume 24, Number 38
September 10, 2022: Volume 24, Number 37
September 3, 2022: Volume 24, Number 36
August 27, 2022: Volume 24, Number 35
August 20, 2022: Volume 24, Number 34
August 13, 2022: Volume 24, Number 33
August 6, 2022: Volume 24, Number 32
July 30, 2022: Volume 24, Number 31
July 23, 2022: Volume 24, Number 30
July 16, 2022: Volume 24, Number 29
July 9, 2022: Volume 24, Number 28
June 25, 2022: Volume 24, Number 26
June 18, 2022: Volume 24, Number 25
June 11, 2022: Volume 24, Number 24
June 4, 2022: Volume 24, Number 23
May 28, 2022: Volume 24, Number 22
May 25, 2022: Volume 24, Number 21
May 14, 2022: Volume 24, Number 20
May 7, 2022: Volume 24, Number 19
April 30, 2022: Volume 24, Number 18
April 23, 2022: Volume 24, Number 17
April 16, 2022: Volume 24, Number 16
April 2, 2022: Volume 24, Number 14
March 26, 2022: Volume 24, Number 13
March 19, 2022: Volume 24, Number 12
March 12, 2022: Volume 24, Number 11
March 5, 2022: Volume 24, Number 10
February 26, 2022: Volume 24, Number 9
February 19, 2022: Volume 24, Number 8
February 12, 2022: Volume 24, Number 7
February 5, 2022: Volume 24, Number 6
January 29, 2022: Volume 24, Number 5
January 22, 2022: Volume 24, Number 4
January 15, 2022: Volume 24, Number 3
January 8, 2022: Volume 24, Number 2
January 1, 2022: Volume 24, Number 1
December 6, 2021: Volume 23, Number 48
November 20, 2021: Volume 23, Number 47
November 13, 2021: Volume 23, Number 46
November 6, 2021: Volume 23, Number 45
October 30, 2021: Volume 23, Number 44
October 23, 2021: Volume 23, Number 43
October 16, 2021: Volume 23, Number 42
October 9, 2021: Volume 23, Number 41
October 2, 2021: Volume 23, Number 40
September 25, 2021: Volume 23, Number 39
September 18, 2021: Volume 23, Number 38
September 11, 2021: Volume 23, Number 37
September 4, 2021: Volume 23, Number 36
August 28, 2021: Volume 23, Number 35
August 21, 2021: Volume 23, Number 34
August 14, 2021: Volume 23, Number 33
August 7, 2021: Volume 23, Number 32
July 31, 2021: Volume 23, Number 31
July 24, 2021: Volume 23, Number 30
July 17, 2021: Volume 23, Number 29
July 10, 2021: Volume 23, Number 28
July 3, 2021: Volume 23, Number 27
June 26, 2021: Volume 23, Number 26
June 19, 2021: Volume 23, Number 25
June 12, 2021: Volume 23, Number 24
June 5, 2021: Volume 23, Number 23
June 5, 2021: Volume 23, Number 22
May 22, 2021: Volume 23, Number 21
May 15, 2021: Volume 23, Number 20
Hi Doug,
Just downloaded the IBM i 7.4 Cumulative PTF Package 23117, along with TR8 and a bunch of other updated PTF Groups. I was surprised that the CUME did not include an updated DB2 PTF Group SF99704. Instead it still has SF99704 level 24 released on 10 January 2023.
No date specified in the readme of an updated SF99704.
Any word on the street when a new DB2 PTF Group will be released?
Thanks,
Jozsef
Have a low priority case open with IBM, will let you know what the say – I was surprised as well that there was no group for DB2 on 7.4, everything at Common says should have been coming with the Cume.
Douglas Bidwell
Next Db2 group is scheduled for Friday (May 19):
https://www.ibm.com/support/pages/db2-ibm-i-2023-ptf-group-schedule