Hardware Management Console Readme

For use with Version 8 Release 8.5.0 Service Pack 3

Updated: 25 January 2018
(C) Copyright International Business Machines Corp., 2017 All rights
reserved.


      Contents

<#ibm-content> The information in this Readme contains the fix list and
other package information about the Hardware Management Console.

  * PTF MH01721 <#MH01721>
  * Package information <#package>
  * List of fixes <#fixes>
  * Installation <#install>


    PTF MH01721

This package includes fixes for HMC Version 8 Release 8.5.0 Service Pack
3. You can reference this package by APAR MB04105 and PTF MH01721. This
image must be installed on top of HMC Version 8 Release 8.5.0 Service
Pack 3 (PTF MH01689)  with or without additional fixes.


/Package information/ Package name 	Size 	Checksum (sha1sum) 	APAR# 	PTF#
MH01721.iso 	1383655424  	67a60d249a6c3245e20de62209dfec325e92d99a
	MB04105 	MH01721
Splash Panel information (or lshmc -V output)

"version= Version: 8
?Release: 8.5.0
?Service Pack: 3
HMC Build level 20171213.1
MH01721: Fix for HMC V8R8.5.0 SP3 (12-13-2017)
MH01730: Fix for HMC V8R8.5.0 (11-07-2017)
","base_version=V8R8.5.0
"



    List of fixes

*Security Fixes*

  * Fixed?HTTPD vulnerabilities CVE-2017-9798, CVE-2017-12171,
    CVE-2017-9788, CVE-2017-7679, CVE-2017-3169 and CVE-2017-3167
  * Fixed NSS vulnerabilities CVE-2017-7805
  * Fixed Open SSH vulnerabilities CVE-2016-6210, CVE-2016-6515,
    CVE-2016-10009 and CVE-2016-10011
  * Fixed OGNL Expression Injection vulnerability.
  * Fixed cross frame scripting vulnerability.


*General fixes
*

  * ** Allow the HMC local console session to start after the
    certificate has expired.
  * Fixed an issue where update customer information for call home
    results in a scheduled operation producing SRC E3D46FFF due to
    errors when attempting to fetch call home related CEC credentials.
  * Prevent the call home of SRC?E212E306.
  * Fixed high CPU usage by IBM.LparCmdRM process resulting in call home
    SRC E212E151.
  * Fixed an HMC performance issue with the PCM dashboard where if the
    user closes the window without using the "close button" (i.e. by
    closing or terminating the browser window instead) leads to symptoms
    such as: multiple reports of E332FFFF, hang of CLI commands, slow
    HMC response and eventual hang requiring a reboot.

*
*

Installation
Installation instructions for HMC Version 8 upgrades and corrective
service can be found at these locations:

Upgrading or restoring HMC Version 8
<http://www-01.ibm.com/support/docview.wss?uid=nas8N1020109>

Installation methods for HMC Version 8 fixes
<http://www-01.ibm.com/support/docview.wss?uid=nas8N1020134>

Instructions and images for upgrading via a remote network install can
be found here:

HMC V8 network installation images and installation instructions
<http://www-01.ibm.com/support/docview.wss?uid=nas8N1020108>