Doug Bidwell
-
IBM i PTF Guide, Volume 25, Number 28
July 12, 2023 Doug Bidwell
It is still pretty quiet out there in when it comes to PTFs for the IBM i platform, excepting two important security vulnerabilities, one of which we reported on in Monday’s issue of The Four Hundred.
To reiterate, first we have Security Bulletin: IBM i is vulnerable to an attacker executing CL commands due to an exploitation of DDM architecture (CVE-2023-30990), which you can find out more about here. The IBM i PTF numbers for IBM i 5770-SS1 Base Operating System contain the fix for the vulnerability, as follows:
IBM i Release PTF Number 7.5 SI83472 7.4 SI83473
… Read more -
IBM i PTF Guide, Volume 25, Number 27
July 10, 2023 Doug Bidwell
It has been a quiet week with the Independence Day holiday, excepting the security vulnerability we report on elsewhere in this issue of The Four Hundred.
We did want to point out that IBM’s TechXchange 2023 conference is coming up, and you should think about attending. This is a must-attend event for technologists using IBM products and solutions. It offers over a thousand technical breakout sessions, hands-on experiences, product demonstrations, instructor-led labs, and certifications tailored to your interests and learning style. The agenda is jam-packed, which you can see here.
Here is the rundown of PTF Groups by …
Read more -
IBM i PTF Guide, Volume 25, Number 26
June 26, 2023 Doug Bidwell
In this week’s edition of the IBM i PTF Guide, I have added a Ref tab, which contains general, pertinent information not found elsewhere in the Guide. I also wanted to point out that with a PTF for Advanced Job Scheduler server side, which is SI83469 and which is included in HTTP group PTF update June 2023, AJS will support processing of Set ASP Group when enabled. Finally, IASP support built in!
Here is the rundown of PTF Groups by IBM i release level since we last published:
PTF Groups 7.5:
- Backup Recovery Solutions
- IBM HTTP Server for
-
IBM i PTF Guide, Volume 25, Number 25
June 19, 2023 Doug Bidwell
Happy 35th birthday to the AS/400! We hope that you take a moment and commemorate this wonderful platform that has given us so much over the years, and that we all have given so much to.
It is one of those mercifully quiet weeks, so enjoy.
The news this week is that Navigator will now use Java 17 if available (on 7.4 and 7.5). Install Java 11 or Java 17 and latest Java group PTF to run Navigator with these versions of Java. Details on Java at: https://www.ibm.com/support/pages/node/6437873
Here is the rundown of PTF Groups by IBM i release …
Read more -
IBM i PTF Guide, Volume 25, Number 24
June 12, 2023 Doug Bidwell
It is one of those quiet weeks in PTF Land, which probably means next week or the week after won’t be if history is any guide. This week, we have Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM WebSphere Application Server Liberty due to April 2023 CPU. More information is available here. Below are the affected products and versions.
Affected Product(s) Version(s) IBM WebSphere Application Server 9.0 IBM WebSphere Application Server 8.5 IBM WebSphere Application Server Liberty Continuous delivery
Here is the rundown of PTF Groups by IBM i release level since we …
Read more -
IBM i PTF Guide, Volume 25, Number 23
June 7, 2023 Doug Bidwell
It’s a little more quiet in this issue of the IBM i PTF Guide than it was last time, which is a good thing and which ran on Monday. We will start off with two more security vulnerabilities, one with Rational Developer for i and the other for the WebSphere Application Server Liberty edition.
First, we have Security Bulletin: IBM Rational Developer for i is vulnerable to attacker obtaining sensitive information due to Java string processing in IBM Toolbox for Java (CVE-2022-43928), which you can find out more about here. Here are the affected releases:
Affected Product(s) Version(s) IBM
… Read more -
IBM i PTF Guide, Volume 25, Number 22
June 5, 2023 Doug Bidwell
Welcome back after the Memorial Day holiday, and our thanks to all who have served and who currently serve.
There is a slew of security issues that you need to deal with on the IBM i platform. So let’s get to it.
First, we have Security Bulletin: IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to exposing sensitive information due to flaws and configurations (CVE-2023-30441), which you can find out more about here. The vulnerability can be fixed by applying the latest Java Group PTF. Releases 7.5, 7.4, 7.3, and 7.2 of IBM i will …
Read more -
IBM i PTF Guide, Volume 25, Number 21
May 22, 2023 Doug Bidwell
As we report elsewhere in this week’s edition of The Four Hundred, there is a critical security vulnerability in the PowerVM hypervisor when it is running on Power9 and Power10 systems.
This HIPER/Pervasive patch is described as fixing this: An internally discovered vulnerability in PowerVM on Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server.
The Common Vulnerability and Exposure …
Read more -
IBM i PTF Guide, Volume 25, Number 20
May 17, 2023 Doug Bidwell
Sorry it took us a few extra days to get this edition of the IBM i PTF Guide out the door. This week, you have three security vulnerabilities and one end of the road for updates to WebSphere Application Server V8.5. Let’s deal with the WebSphere situation first.
IBM WebSphere Application Server V8.5 Group PTFs for IBM i operating system will no longer be released. You can read more about it here. Here are the final IBM i Group PTF levels containing the 8.5.5.23 fix pack level:
- IBM i 7.4: SF99661 level 10
- IBM i 7.3: SF99581 level 16
-
IBM i PTF Guide, Volume 25, Number 19
May 8, 2023 Doug Bidwell
There are new cumulative updates this week, and a couple of security vulnerabilities that you need to be aware of, which we cover along with the normal PTF updates and defective PTF rundown that we do every week. Let’s start, as we often do, with the vulnerabilities.
First, we have Security Bulletin: IBM WebSphere Application Server Liberty for IBM i. which is vulnerable to a server-side request forgery, a denial of service, an attacker obtaining sensitive information, and gaining elevated privileges due to multiple vulnerabilities. You can find out more about at this link. The issues can be fixed …
Read more