IBM i PTF Guide, Volume 25, Number 37

IBM i PTF Guide, Volume 25, Number 37

September 18, 2023 Doug Bidwell

There are a few things you can count on in life. Death. Taxes. Coffee. Beer. The love of a good woman. And a seemingly endless barrage of security vulnerabilities for every computing platform on Earth. There are a bunch of the latter that are new to the IBM i platform this week.

First, we have Security Bulletin: OpenSSL and OpenSSH for IBM i are vulnerable to arbitrary code execution, denial of service, and security restrictions bypass due to multiple vulnerabilities, which you can find out more about at this link. The IBM i PTF number for 5733-SC1 contains the fixes for the vulnerabilities:
```
IBM i Release 	PTF Number
7.5	SI84261
7.4, 7.3, 7.2	SI84245
```
Second, we have Security Bulletin: IBM i Modernization Engine for Lifecycle Integration (Merlin) is vulnerable to multiple vulnerabilities, with more information about it here. IBM i Modernization Engine for Lifecycle Integration, Version(s) 1.0 – 1.4.3, follow instructions to download and install v1.4.4

Third, we have Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to HTTP request splitting attacks due to an error using mod_proxy (CVE-2023-25690). More information here, and the issue can be fixed by applying a PTF to IBM i:
```
IBM i Release	PTF Number
7.5	SI84198
7.4	SI84195
7.3	SI84194
7.2	SI84193
```
Fourth, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to arbitrary code execution due to an unsafe deserialization flaw (CVE-2022-40609), with details about it at this link. The IBM i Group PTF numbers contain the fixes for the vulnerabilities:
```
IBM i Release	Group PTF Number and Level
7.5	SF99955 Level 6
7.4	SF99665 Level 19
7.3	SF99725 Level 29
```
Furthermore, there are some security and HIPER updates for IBM i 7.2. Information about the SF99719 720 Group HIPER – level 233 at this link, and information about SF99718 720 Group Security – level 122 at this link.

Here is the rundown of PTF Groups by IBM i release level since we last published:

PTF Groups 7.5:
- HIPERs (High Impact/Pervasive)
- Security
- IBM MQ for IBM i – v9.2.0/v9.3.0
PTF Groups 7.4:
- HIPERs (High Impact/Pervasive)
- Security
- MQ for IBM i – v9.0.0/v9.1.0/v9.2.0/v9.3.0
PTF Groups 7.3:
- HIPERs (High Impact/Pervasive)
- Security
- MQ for IBM i – v7.1.0/v8.0.0/V9.0.0/V9.1/V9.2
Tip O’ The Week: RSTLIB SAVLIB(*NONSYS) DEV(TAP01) OUTPUT(*PRINT) DFRID(*DFT)

Read this link for more info.

New (or Updated) links added to the ‘Links’ tab in the guide this week:
- Merlin: IBM i Modernization Engine for Lifecycle Integration (Merlin) Overview, 6574839
- FAX400: Upgrading and Installing Facsimile Support, 644725
- FAX400 : Frequently Asked Questions on Upgrading and Installing Facsimile Support, 644201
- SST: Default SST profiles with default passwords are Expired after PTF upgrade, 1127871
- QNTC: IBM i NetClient file system (QNTC), N/A
New (or Updated) links added to the ‘QMGtools’ tab in the guide this week:
- Nothing here
New (or Updated) links added to the ‘ACS_NAV’ tab in the guide this week:
- Nothing here, too
New (or Updated) links added to the ‘Prtr Links’ tab in the guide this week:
- Nothing here as well
New (or Updated) links Redbooks added this week:
The Guide at a glance: There are new defectives this week (09/09/23). Here is the defective PTF rundown, which is the last defective for each release:
```
	Defect		Defective	APAR	Fixing
	Date		PTF			PTF
	--------	--------	-------	------------------------	
7.5	08/25/23	SI84098		SE80391	SI84411 (When available)
7.4	08/25/23	SI84153		SE80391	SI84419 (When available)
7.3	08/25/23	SI84157		SE80391	SI84438 (When available)
```
Be sure to access the link in the Guide for further details.

Below is the usual archive of the IBM i PTF Guide to help you work through the PTFs in chronological order:

September 9, 2023: Volume 25, Number 37

September 2, 2023: Volume 25, Number 36

August 26, 2023: Volume 25, Number 35

August 19, 2023: Volume 25, Number 34

August 12, 2023: Volume 25, Number 33

August 5, 2023: Volume 25, Number 32

July 29, 2023: Volume 25, Number 31

July 22, 2023: Volume 25, Number 30

July 15, 2023: Volume 25, Number 29

July 8, 2023: Volume 25, Number 28

July 1, 2023: Volume 25, Number 27

June 24, 2023: Volume 25, Number 26

June 17, 2023: Volume 25, Number 25

June 10, 2023: Volume 25, Number 24

June 3, 2023: Volume 25, Number 23

May 27, 2023: Volume 25, Number 22

May 20, 2023: Volume 25, Number 21

May 13, 2023: Volume 25, Number 20

May 6, 2023: Volume 25, Number 19

April 29, 2023: Volume 25, Number 18

April 22, 2023: Volume 25, Number 17

April 15, 2023: Volume 25, Number 16

April 8, 2023: Volume 25, Number 15

April 1, 2023: Volume 25, Number 14

March 25, 2023: Volume 25, Number 13

March 18, 2023: Volume 25, Number 12

March 11, 2023: Volume 25, Number 11

March 4, 2023: Volume 25, Number 10

February 25, 2023: Volume 25, Number 9

February 18, 2023: Volume 25, Number 8

February 13, 2023: Volume 25, Number 7

February 4, 2023: Volume 25, Number 6

January 28, 2023: Volume 25, Number 5

January 21, 2023: Volume 25, Number 4

January 14, 2023: Volume 25, Number 3

January 7, 2023: Volume 25, Number 2

January 1, 2023: Volume 25, Number 1

December 10, 2022: Volume 24, Number 50

December 3, 2022: Volume 24, Number 49

November 26, 2022: Volume 24, Number 48

November 19, 2022: Volume 24, Number 47

November 12, 2022: Volume 24, Number 46

November 5, 2022: Volume 24, Number 45

October 29, 2022: Volume 24, Number 44

October 22, 2022: Volume 24, Number 43

October 15, 2022: Volume 24, Number 42

October 8, 2022: Volume 24, Number 41

October 1, 2022: Volume 24, Number 40

September 24, 2022: Volume 24, Number 39

September 17, 2022: Volume 24, Number 38

September 10, 2022: Volume 24, Number 37

September 3, 2022: Volume 24, Number 36

August 27, 2022: Volume 24, Number 35

August 20, 2022: Volume 24, Number 34

August 13, 2022: Volume 24, Number 33

August 6, 2022: Volume 24, Number 32

July 30, 2022: Volume 24, Number 31

July 23, 2022: Volume 24, Number 30

July 16, 2022: Volume 24, Number 29

July 9, 2022: Volume 24, Number 28

June 25, 2022: Volume 24, Number 26

June 18, 2022: Volume 24, Number 25

June 11, 2022: Volume 24, Number 24

June 4, 2022: Volume 24, Number 23

May 28, 2022: Volume 24, Number 22

May 25, 2022: Volume 24, Number 21

May 14, 2022: Volume 24, Number 20

May 7, 2022: Volume 24, Number 19

April 30, 2022: Volume 24, Number 18

April 23, 2022: Volume 24, Number 17

April 16, 2022: Volume 24, Number 16

April 2, 2022: Volume 24, Number 14

March 26, 2022: Volume 24, Number 13

March 19, 2022: Volume 24, Number 12

March 12, 2022: Volume 24, Number 11

March 5, 2022: Volume 24, Number 10

February 26, 2022: Volume 24, Number 9

February 19, 2022: Volume 24, Number 8

February 12, 2022: Volume 24, Number 7

February 5, 2022: Volume 24, Number 6

January 29, 2022: Volume 24, Number 5

January 22, 2022: Volume 24, Number 4

January 15, 2022: Volume 24, Number 3

January 8, 2022: Volume 24, Number 2

January 1, 2022: Volume 24, Number 1

December 6, 2021: Volume 23, Number 48

November 20, 2021: Volume 23, Number 47

November 13, 2021: Volume 23, Number 46

November 6, 2021: Volume 23, Number 45

October 30, 2021: Volume 23, Number 44

October 23, 2021: Volume 23, Number 43

October 16, 2021: Volume 23, Number 42

October 9, 2021: Volume 23, Number 41

October 2, 2021: Volume 23, Number 40

September 25, 2021: Volume 23, Number 39

September 18, 2021: Volume 23, Number 38

September 11, 2021: Volume 23, Number 37

September 4, 2021: Volume 23, Number 36
Share this:
Reddit
Facebook
LinkedIn
Twitter
Email
Tags: Tags: Fax400, IBM i, IBM i PTF Guide, IBM Java Runtime for IBM i, IBM Java SDK, Merlin, OpenSSH, OpenSSL, PTF
Sponsored by
Fresche Solutions
From Guesswork to Enterprise AI: Navigate Your AI Journey with Precision!

Webinar – Tuesday, November 19, 2pm ET

Ready to move beyond AI hype? Discover how AI-Celerate transforms AI from a concept into a concrete business case.

Join this webinar to learn:
- Where to invest
- How to measure impact
- How to prioritize AI initiatives
Register Now!
Share this:
Reddit
Facebook
LinkedIn
Twitter
Email
IBM and Fujifilm Unveil 150 TB Tape Drive Rocket Buys Data Integration Provider B.O.S.

Leave a Reply Cancel reply

This Issue Sponsored By

Table of Contents

Content archive

Recent Posts

Subscribe

Pages

Search

IBM i PTF Guide, Volume 25, Number 37

Share this:

Share this:

Leave a Reply Cancel reply

This Issue Sponsored By

Table of Contents

Content archive

Recent Posts

Subscribe

Pages

Search