Hardware Management Console Readme

For use with Version 8 Release 8.4.0 Service Pack 3

Updated: 25 December 2017
(C) Copyright International Business Machines Corp., 2017 All rights
reserved.


      Contents

<#ibm-content> The information in this Readme contains the fix list and
other package information about the Hardware Management Console.

  * PTF MH01720 <#MH01720>
  * Package information <#package>
  * List of fixes <#fixes>
  * Installation <#install>


    PTF MH01720

This package includes fixes for HMC Version 8 Release 8.4.0 Service Pack
3. You can reference this package by APAR MB04104 and PTF MH01720. This
image must be installed on top of HMC Version 8 Release 8.4.0 Service
Pack 3 (PTF MH01652)  with or without additional fixes.


/Package information/ Package name 	Size 	Checksum (sha1sum) 	APAR# 	PTF#
MH01720.iso 	1360545792 	9a4d50109468ba11e10c5ef8367fc2ac3b39471f
	MB04104 	MH01720
Splash Panel information (or lshmc -V output)
 
"version= Version: 8
?Release: 8.4.0
?Service Pack: 3
HMC Build level 20171213.1
MH01720: Fix for HMC V8R8.4.0 SP3 (12-13-2017)
MH01729: Fix for HMC V8R8.4.0 (11-07-2017)
","base_version=V8R8.4.0
"



    List of fixes

*Security Fixes*

  *     Fixed HTTPD vulnerabilities CVE-2017-9798, CVE-2017-12171,
    CVE-2017-9788, CVE-2017-7679, CVE-2017-3169 and CVE-2017-3167
  *     Fixed NSS vulnerabilities CVE-2017-7805
  *     Fixed Open SSH vulnerabilities CVE-2016-6210, CVE-2016-6515,
    CVE-2016-10009 and CVE-2016-10011
  *     Fixed OGNL Expression Injection vulnerability.
  *     Fixed cross frame scripting vulnerability

*General fixes*

  *     Allow the HMC local console session to start after the
    certificate has expired.
  *     Fixed an issue where update customer information for call home
    results in a scheduled operation producing SRC E3D46FFF due to
    errors when attempting to fetch call home related CEC credentials.
  *     Prevent the call home of SRC?E212E306.


Installation
Installation instructions for HMC Version 8 upgrades and corrective
service can be found at these locations:

Upgrading or restoring HMC Version 8
<http://www-01.ibm.com/support/docview.wss?uid=nas8N1020109>

Installation methods for HMC Version 8 fixes
<http://www-01.ibm.com/support/docview.wss?uid=nas8N1020134>

Instructions and images for upgrading via a remote network install can
be found here:

HMC V8 network installation images and installation instructions
<http://www-01.ibm.com/support/docview.wss?uid=nas8N1020108>