Hardware Management Console Readme

For use with HMC Version 7 Release 7.7.0 Service Pack 2

 

Contents

The information in this Readme contains fix list and other package information about the Hardware Management Console.

PTF MH01425

This package includes a fix for HMC Version 7 Release 7.7.0 Service Pack 2.  You can reference this package by APAR# MB03799.  This image can be installed on top of HMC HMC V7 Release 7.7.0 Service Pack 2 with/without additional PTFs installed. This PTF is not cumulative and it does not supersede any previous PTFs.

NOTE: After applying the fix, additional instructions are needed for CVE-2014-0160.  See Security Bulletin: Power Hardware Management Console is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076) at http://www-01.ibm.com/support/docview.wss?uid=nas8N1020021
Package information
Package name Size Checksum (sha1sum) APAR# PTF#
MH01425.iso 1912832 2cc5381cd4d224f76522de702f1401d338da0acf
 MB03799 MH01425
Splash Panel information (or lshmc -V output)

"version= Version: 7
 Release: 7.7.0
 Service Pack: 2
HMC Build level 20130503.1
MH01425: Fix for openssl CVE-2014-0160 CVE-2014-0076 (04-11-2014)
","base_version=V7R7.7.0
"

List of fixes

This package includes the following fix:


Back to top

Installation

Notes:

  1. This PTF should be applied after MH01391.   Applying MH01391 after MH01425 will remove the splash screen information for MH01425, however the fix is still on the HMC.  To re-instate the MH01425 information on to the splash screen and lshmc -V output, re-install PTF MH01425. 
  2. If you install HMC V7 R7.7.0 Service Pack 3 (MH01397) anytime after this, then make sure to then apply MH01422.
  3. After installing the fix, additional instructions are needed for CVE-2014-0160.  See Security Bulletin: Power Hardware Management Console is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076) at http://www-01.ibm.com/support/docview.wss?uid=nas8N1020021


Installation instructions for HMC Version 7 upgrades, updates and corrective service can be found at these locations:

Installation methods for HMC Version 7 updates and fixes

Upgrading or restoring HMC Version 7

Instructions and images for upgrading via a remote network install can be found here (for all HMC releases):

HMC network installation images



Additional information

Notes:

  1. This PTF resolves the vulnerability by back porting the fix onto the HMCs current version of openssl.  The release level on the package has been updated to reflect the fix.
  2. The Install Corrective Service task now allows you to install corrective service updates from the ISO image files of these updates. You can download these ISO image files for the HMC, and then use the ISO image file to install the corrective service update. You no longer need to burn CD-R or DVD-R media to use the ISO image file to install corrective service.
  3. This image requires DVD –R media.
  4. To install updates over the network, select the *.iso file on the "Select Service Package" panel of the Install Corrective Service task. The HMC application extracts the files needed to install the corrective service. If you are using USB flash media, copy the *.iso file to the flash media, and then select the file when prompted.
  5. The updhmc command line command has also been modified to use the *.iso file. To use the command, follow the syntax in this example:
    updhmc -t s -h <myservername> -f </home/updates/corrrective_service.iso> -u <HMC_username> -i


Back to top