Hardware Management Console Readme For use with Version 8 Release 8.7.0 Service Pack 1 Updated: 01 May 2018 (C) Copyright International Business Machines Corp., 2018 All rights reserved. Contents <#ibm-content> The information in this Readme contains the fix list and other package information about the Hardware Management Console. * PTF MH01752 <#MH01752> * PTF MH01753 <#MH01753> * List of fixes <#fixes> * Installation <#install> PTF MH01752 This package includes fixes for HMC Version 8 Release 8.7.0 SP1. You can reference this package by APAR MB04133 and PTF MH01752. This image must be installed on top of HMC Version 8 Release 8.7.0 SP 1 (PTF MH01725) with or without any additional PTFs. Note: This PTF supersedes MH01748. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MH01752_x86.iso 2622994432 a437fa82bc18c824dee04728e7843f949dd423a3 MB04133 MH01752 Splash Panel information (or lshmc -V output) version= Version: 8 Release: 8.7.0 Service Pack: 1 HMC Build level 1803220522 MH01725 - HMC 870 Service Pack 1 Release [x86_64] MH01752 - Required fix for HMC V8R8.7.0 SP1 [x86_64] ","base_version=V8R8.7.0 " PTF MH01753 This package includes fixes for HMC Version 8 Release 8.7.0 SP1. You can reference this package by APAR MB04134 and PTF MH01753. This image must be installed on top of HMC Version 8 Release 8.7.0 SP1 (PTF MH01726). Note: This PTF supersedes MH01749. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MH01753_ppc.iso 2538203136 9f6e91885d08a0d8f175e161a46c28232dc16b8b MB04134 MH01753 Splash Panel information (or lshmc -V output) "version= Version: 8 Release: 8.7.0 Service Pack: 1 HMC Build level 1803220522 MH01726 - HMC 870 Service Pack 1 Release [ppc64le] MH01753 - Required fix for HMC V8R8.7.0 SP1 [ppc64le] ","base_version=V8R8.7.0 " List of fixes *Security Fixes * * Addressed an issue where Webserver version is disclosed in response message. * Added X-XSS-Protection to response header of all the URI on exposed ports to prevent cross-site scripting attacks. * Addressed Common Vulnerabilities and Exposures issue numbers CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754. Note: For vHMC, mitigation may require additional hypervisor and firmware updates; customers should consult their hypervisor and x86 system vendors for information. * Fixed a security issue in hmc logging. * General fixes* * Fixed an issue where the "All VirtualIOServer" view fails to display when logged in as HMC user with a custom resource role and using a language other than English. The HMC reports: /Error status : 403// //Error message : REST000F Forbidden: The User does not have the authority to access the object VirtualIOServer./ * Fixed an issue where changing only the IEEE property of a virtual ethernet adapter incorrectly updates the allowed MAC property to allow all. * Fixed an issue where a "/java out of date"/ warning message was displayed when a user launches the virtual terminal on the local hmc. * Fixed a problem where leaving a stale server connection in "no connection" state for an extended period of time with no default route defined on the HMC causes the hdwr_svr process to fail and restart. Symptoms may include "/HSCF0071E Communication error to Primary Flexible Service Processor on " /and inability to log into the local UI after the process faults and restarts. * Fixed an issue where /var/hsc/log exceeds 80% disk space and calls home service event E212E13D. This occurs when inbound snmp is enabled (default is disabled) and snmp_subagent.log fills /var/hsc/log. * Fixed an issue where user is unable to edit or delete a vNIC device that has no active backing devices. * Fixed an issue where UI may show an incorrect state for a vNIC backing device. * Fixed a rare issue where active vNIC backing devices for a partition were deleted during an unrelated task such as activate profile for another partition. This can result in active partitions losing their network connection. * Fixed a rare timing issue during a server IPL of a server with Power Enterprise Pool resources assigned where the HMC may restore double the original amount of pool resources. * Fixed a problem that can result in E332FFFF serviceable events, HMC performance issues and eventual HMC when the Performance Collection Metrics (PCM) panel is closed using the browser close button instead of panel close button. * Fixed issue where create new partition, modify profile will fail because of incorrect ownership of directories. Symptoms include error messages REST0126 and HSCL0036. * Fixed a problem that can result in E35A0016 / E35A0017 serviceable events. * Fixed a problem where the *chcodpool –o sync* operation completes with no errors but does not reset the Power Enterprise Pool state. * Fixed a problem that can cause lock contention errors and slow performance when Simplified Remote Restart (SRR) is enabled on multiple partitions and the VIOS partitions are shutdown or their RMC connections are inactive. Symptoms may include the server going to recovery state before automatically going back to operating state and performance call home SRCs E35A0014 and E35A000D being reported. *Previously released fixes also included in this PTF: * * MH01748/MH01749* 01/29/18 * HIPER: Fixed an issue that causes errors attempting to create/delete partitions or modify profiles. Errors include REST0126 and HSCL0036. This problem impacts all users that applied Service Pack 1 to Version 8 Release 870 base. * Fixed an issue preventing keyboard layout changes to take effect. Installation Installation instructions for HMC Version 8 upgrades and corrective service can be found at these locations: Upgrading or restoring HMC Version 8 Installation methods for HMC Version 8 fixes Instructions and images for upgrading via a remote network install can be found here: HMC V8 network installation images and installation instructions