IBM i PTF Guide, Volume 27, Number 16
April 23, 2025 Doug Bidwell
This week, we bring you two security vulnerabilities and an import HIPER for firmware updates for Power Systems iron. Let’s start with the firmware.
There is new microcode for Firmware 950 .. 950.D1, which you can find out more about at this link here, and new microcode for Firmware 950 .. 950.E0, which you can read all about at that link there. These are HIPERs and affect the following hardware:
- Power System S914 Server (9009-41A)
- Power System S922 Server (9009-22A)
- Power System S924 Server (9009-42A)
Now for the vulnerabilities. First, we have Security Bulletin: IBM i 7.6 is vulnerable to a privilege escalation due to incorrect profile swapping in an OS command [CVE-2025-2947], which you can read about at this link.
IBM i Release 5770-SS1 PTF Number 7.6 SJ04908
Second, we have Security Bulletin: IBM i is vulnerable to a host header injection attack due to improper neutralization of HTTP header content by IBM Navigator for i [CVE-2025-2950], which you can read about here. The patches for the currently supported IBM i releases are as follows:
IBM i Release 5770-SS1 Option 3 PTF Numbers 7.6 SJ04647 7.5 SJ03406 7.4 SJ03404 7.3 SJ03402
Here is the rundown of PTF Groups by IBM i release level since we last published:
PTF Groups 7.6:
- All PTF Groups except Cumulative PTF Package & MQ
- Latest Cumulative PTF Package
- HIPERs – High Impact Pervasive
- Group Security
- Java
- IBM HTTP Server for i
- IBM Db2 Mirror for i
- Db2 for IBM i
- High Availability for IBM i
- QMGTOOLS
- IBM i Access Client Solutions V1.1.9.8
PTF Groups 7.5:
- Latest Cumulative PTF Package
- IBM DB2 Mirror for i
- DB2 for IBM i
- What’s New!
- QMGTOOLS
- IBM i Access Client Solutions V1.1.9.8
PTF Groups 7.4:
- IBM DB2 Mirror for i
- DB2 for IBM i
- QMGTOOLS
- IBM i Access Client Solutions V1.1.9.8
PTF Groups 7.3:
- MQ for IBM i – v7.1.0/v8.0.0/V9.0.0/V9.1/V9.265
- QMGTOOLS
- IBM i Access Client Solutions V1.1.9.8
Tip O’ The Week: Just a note from the HIPER Group PTF cover letter\, and we quote: When installing the HIPER Group, it is considered “best practice” to also verify that the “MustGather Data Capture tool” (library QMGTOOLS) is at the most recent build level.
New (or Updated) links added to the ‘Links’ tab in The Guide this week:
- Content Manager: Available PTFs for Content Manager OnDemand for i V7.5, 6555380
- UAK: IBM Power System Update Access Key Policy (UAK), 7131459
- Content Manager: Is it possible that applying HIPER PTFs will trigger a server version upgrade in Content Manager OnDemand for i?, 532453
- TCP/IP: Restricting IP interfaces used by servers, 1283620
New (or Updated) links added to the ‘QMGtools’ tab in The Guide this week:
- None
New (or Updated) links added to the ‘ACS_NAV’ tab in The Guide this week:
- Cloud: IBM Navigator for i – in Cloud environment, 7186025
- Heritage: IBM Navigator for i PTFs – Heritage version, 1164076
- TLS: TLS Override, 7230537
- MFA: Using IBM Navigator for i to Manage MFA, 7180390
- Admin2: Remove heritage IBM Navigator for i from ADMIN2, 6570961
New (or Updated) links added to the ‘Prtr Links’ tab in The Guide this week:
- None
New (or Updated) links Redbooks added this week:
- None
New (or Updated) “Stuff” added to REF tab in The Guide this week:
- None
The Guide at a glance:
There were new defectives the week of 04/19/25. Defective PTF rundown – the latest defective for each release. Click on the Defective PTF link for your release in the Guide:
Defect Defective APAR Fixing Date PTF PTF -------- -------- --------- ----------------------- 7.6 7.5 02/14/25 SJ03360 DT422644 SJ03833 (When available)(read the recommendations) SJ03138 Read the cover letter-prerequisites! SJ02952 SJ02797 SJ02479 SJ02450 SJ01867 SJ01802 7.4 01/27/25 SJ03166 DT422373 SJ03785 (When available)(read the recommendations) Read the cover letter-prerequisites! 7.3 01/27/25 SJ03169 DT422375 SJ03786 (When available)(read the recommendations)
Be sure to access the link in The Guide for further details.
Below is the usual archive of the IBM i PTF Guide to help you work through the PTFs in chronological order:
April 21, 2025: Volume 27, Number 16
April 12, 2025: Volume 27, Number 15
April 5, 2025: Volume 27, Number 14
March 29, 2025: Volume 27, Number 13
March 22, 2025: Volume 27, Number 12
March 15, 2025: Volume 27, Number 11
March 8, 2025: Volume 27, Number 10
March 1, 2025: Volume 27, Number 09
February 22, 2025: Volume 27, Number 08
February 15, 2025: Volume 27, Number 07
February 8, 2025: Volume 27, Number 06
February 1, 2025: Volume 27, Number 05
January 25, 2025: Volume 27, Number 04
January 18, 2025: Volume 27, Number 03
January 11, 2025: Volume 27, Number 02
January 04, 2025: Volume 27, Number 01
December 21, 2024: Volume 26, Number 50
December 14, 2024: Volume 26, Number 49
December 7, 2024: Volume 26, Number 48
November 30, 2024: Volume 26, Number 47
November 23, 2024: Volume 26, Number 46
November 16, 2024: Volume 26, Number 45
November 9, 2024: Volume 26, Number 44
November 2, 2024: Volume 26, Number 43
October 26, 2024: Volume 26, Number 42
October 19, 2024: Volume 26, Number 41
October 12, 2024: Volume 26, Number 40
October 9, 2024: Volume 26, Number 39
September 28, 2024: Volume 26, Number 38
September 21, 2024: Volume 26, Number 37
September 14, 2024: Volume 26, Number 36
September 7, 2024: Volume 26, Number 35
August 31, 2024: Volume 26, Number 34
August 24, 2024: Volume 26, Number 33
August 17, 2024: Volume 26, Number 32
August 11, 2024: Volume 26, Number 31
August 3, 2024: Volume 26, Number 30
July 27, 2024: Volume 26, Number 29
July 20, 2024: Volume 26, Number 28
July 13, 2024: Volume 26, Number 27
July 6, 2024: Volume 26, Number 26
June 22, 2024: Volume 26, Number 24
June 15, 2024: Volume 26, Number 23
June 8, 2024: Volume 26, Number 22
June 1, 2024: Volume 26, Number 21
May 25, 2024: Volume 26, Number 20
May 18, 2024: Volume 26, Number 19
May 11, 2024: Volume 26, Number 18
May 4, 2024: Volume 26, Number 17
April 20, 2024: Volume 26, Number 16
April 13, 2024: Volume 26, Number 15
April 6, 2024: Volume 26, Number 14
March 30, 2024: Volume 26, Number 13
March 24, 2024: Volume 26, Number 12
March 16, 2024: Volume 26, Number 11
March 9, 2024: Volume 26, Number 10
March 2, 2024: Volume 26, Number 9
February 24, 2024: Volume 26, Number 8
February 17, 2024: Volume 26, Number 7
February 10, 2024: Volume 26, Number 6
February 3, 2024: Volume 26, Number 5
January 27, 2024: Volume 26, Number 4
January 20, 2024: Volume 26, Number 3
January 13, 2024: Volume 26, Number 2
January 6, 2024: Volume 26, Number 1
December 30, 2023: Volume 25, Number 53
December 30, 2023: Volume 25, Number 53
December 23, 2023: Volume 25, Number 52
December 16, 2023: Volume 25, Number 51
December 9, 2023: Volume 25, Number 50
December 2, 2023: Volume 25, Number 49
November 25, 2023: Volume 25, Number 48
November 18, 2023: Volume 25, Number 47
November 11, 2023: Volume 25, Number 46
November 4, 2023: Volume 25, Number 45
October 28, 2023: Volume 25, Number 44
October 21, 2023: Volume 25, Number 43
October 14, 2023: Volume 25, Number 42
October 7, 2023: Volume 25, Number 41
September 30, 2023: Volume 25, Number 40
September 23, 2023: Volume 25, Number 39
September 16, 2023: Volume 25, Number 38
September 9, 2023: Volume 25, Number 37
September 2, 2023: Volume 25, Number 36
August 26, 2023: Volume 25, Number 35
August 19, 2023: Volume 25, Number 34
August 12, 2023: Volume 25, Number 33
August 5, 2023: Volume 25, Number 32
July 29, 2023: Volume 25, Number 31
July 22, 2023: Volume 25, Number 30
July 15, 2023: Volume 25, Number 29
July 8, 2023: Volume 25, Number 28
July 1, 2023: Volume 25, Number 27
June 24, 2023: Volume 25, Number 26
June 17, 2023: Volume 25, Number 25
June 10, 2023: Volume 25, Number 24
June 3, 2023: Volume 25, Number 23
May 27, 2023: Volume 25, Number 22
May 20, 2023: Volume 25, Number 21
May 13, 2023: Volume 25, Number 20
May 6, 2023: Volume 25, Number 19
April 29, 2023: Volume 25, Number 18
April 22, 2023: Volume 25, Number 17
April 15, 2023: Volume 25, Number 16
