MH01635
6/23/16
|
- Added functionality to the chhmc command to allow
an admin to set a grub password at bootup.
- Removed support for all the Ciphers which are less
than or equal to 1024 bits for port 443.
- Fixed openSSL vulnerabilities:
CVE-2016-2105, CVE-2016-2106, CVE-2016-2107,
CVE-2016-2108, and CVE-2016-2109
- Fixed Java vulnerability: CVE-2016-3426
- Fixed Power Hardware Management Console:
CVE-2016-0230
- Fix gnutls security vulnerabilities: CVE-2015-2806
and CVE-2015-8313
- Fixed an issue with the "mu" key not working when
using an IBM spacesaver keyboard with the Japanese
keyboard layout.
- Fixed an issue with pedbg failing to collect all
the necessary data when the zip file exceeded 2GB.
- Fixed an issue where the event log showed HSCL05E9
when activating new partitions.
- Fixed a backup issue where PCM data was included
even though the user did not select to include PCM
data.
|
MH01628
05/16/16
|
- Disabled DHE ciphers with private key less than or
equal to 1024 bits.
- Enhanced logging for serviceable event E212E122
logged against /dev.
|
MH01622
04/22/16
|
- Fixed the following openssl security
vulnerabilities: CVE-2015-3197, CVE-2016-0702,
CVE-2016-0705, CVE-2016-0797
- Fixed Tomcat vulnerabilities: CVE
2015-5174,CVE-2015-5345, CVE-2015-5346,
CVE-2015-5351, CVE-2016-0706, CVE-2016-0714,
CVE-2016-0763
- Fixed Vulnerabilities in bind: CVE-2016-1285 and
CVE-2016-1286
- Fixed security vulnerability with Strongswan:
CVE-2015-8023
- Fixed a security issue with HMC restricted shell.
- Fixed a Repair & Verify issue on systems
utilizing the 24 inch frame with a power
subsystem where users can experience a failure of
concurrent service maintenance activities on
power components within the CEC enclosure, the Power
Subsystem enclosure, and any installed I/O devices
within the frame. Servers impacted include
the POWER 575, 590, 595, 795: Models
9125-F2A,F2B,F2C; 9118-575; 9119-590,595,FHA,FHB;
9406-595.
Errors include:
"An internal error occurred when the management
console
attempted to validate the service network.
Some or all of the
required network resources may not be
available. Contact your
next level of support for problem
determination."
and
"Redundancy status could not be determined for
the FRU in
location:
U5791.001.XXXXXXX-Ex"
(example)
The FRU cannot be exchanged concurrently. The
IO Drawer must be
powered off and partitions may need to be
shut down to continue
the repair. "
- Fixed an issue where serviceable event E212E115
may be reported against rmcd during performance
information transmission.
- Fixed a rare deadlock issue that required a HMC
reboot to recover. Symptoms include unable to
login GUI remotely; CLI commands fail with "command
server failed" errors; partition
mobility failing with HSCLA200 An unknown error
occurred during the partition migration.
|
MH01610
03/15/16
|
- Fixed a Java security issue: CVE-2016-0448
- Fixed security vulnerabilities in glibc:
CVE-2015-7547, CVE-2014-9761, CVE-2015-8776,
CVE-2015-8777, and CVE-2015-8778
- Enabled all TLS protocols on vterm(9960),
FCS(9920) and remote web access(12443) ports.
- Fixed an issue during Remote Restart to prevent
the lpars going into open firmware state on the
target managed system because storage
mappings/adapters were missing. The HMC will now
report a valid error when an exception is hit and
will display the correct Remote Restart status.
|
MH01605
02/17/16
|
- Fixed multiple OpenSSH vulnerabilities involving
the ssh client "Roaming" feature: CVE-2016-0777 and
CVE-2016-0778
- Fixed multiple Vulnerabilities in NTP :
CVE-2015-7691, CVE-2015-7692, CVE-2015-7701,
CVE-2015-7702, CVE-2015-7703, CVE-2015-7704,
CVE-2015-7705, CVE-2015-7848, CVE-2015-7849,
CVE-2015-7850, CVE-2015-7851, CVE-2015-7852,
CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, and
CVE-2015-7871
- Fixed an issue where the managed servers go to an
Incomplete state when the RMC interface has a blank
(null) ipv4 or ipv6 value.
- Fixed an issue where /var may fill up with core
dumps when Pegasus server is enabled and in use by a
remote client.
|
MH01597
1/25/16
|
- Fixed multiple OpenSSL Vulnerabilities:
CVE-2015-3193, CVE-2015-3194, CVE-2015-3195,
CVE-2015-3196, and CVE-2015-1794
- Fixed multiple Java Vulnerabilities:
CVE-2015-4843, CVE-2015-4868, CVE-2015-4806,
CVE-2015-4872, CVE-2015-4911, CVE-2015-4893,
CVE-2015-4842, and CVE-2015-4803
- Fixed an issue where the HMC web server may
intermittently deadlock. Symptoms include one
or more of the following: unable to connect using a
browser; browser error "Service Temporarily
Unavailable"'; multiple serviceable events for
E35A0016 and/or E35A0017; unable to restart
due to / file system full from repeated diagnostic
dumps.
|