Hardware Management Console Readme

For use with HMC Version 9 Release 2 M953

Date: 26 May 2023
(C) Copyright International Business Machines Corp., 2023 All rights reserved.

Contents

The information in this Readme contains the fix list and other package information about the Hardware Management Console.

Terminology

x86 -  This term is used to reference the legacy HMC that runs on x86/Intel/AMD  hardware for both the 7042 Machine Type appliances and the Virtual HMC that can run on the Intel hypervisors (KVM, VMWare, Xen).

ppc64 or ppc64le - describes the Linux code that is compiled to run on Power-based servers or LPARS (Logical Partitions)

PTF MH01958 - HMC V9 R2 953.5 for 7042-CR9 Hardware or vHMC for x86_64 hypervisors (5765-HMW)

This package represents an interim fix for the HMC V9 R2 M953 release for 7042-CR9 hardware or vHMC for x86_64 hypervisors. You can also reference this package by PTF MH01958 and APAR MB04409. This PTF can be installed on HMC Version 9 Release 2 M953.

Note: This PTF supersedes MH01937, MH01943, MH01948, and MH01953.


Package information
Package name Size Checksum (sha1sum) APAR# PTF#
MH01958_x86.iso 3794298880 2fb2a4bd6dc1562a026a87c9e3eb19edcb454836
 MB04409 MH01958
Splash Panel information (or lshmc -V output)

"version= Version: 9
 Release: 2
 Service Pack: 953
HMC Build level 2305230214
MH01933 - HMC V9R2 M953
MH01958 - iFix for HMC V9R2 M953
","base_version=V9R2
"


PTF MH01959 - HMC V9 R2 953.5 for 7063 Machine Types or vHMC for PowerVM (5765-HMB)

This package represents an interim fix for the HMC V9 R2 M953 release on the 7063-machine type or vHMC for PowerVM. You can also reference this package by PTF MH01959 and APAR MB04410. This PTF can be installed on HMC Version 9 Release 2 M953.

Note: This PTF supersedes MH01938, MH01944, MH01949, and MH01954.


Package information
Package name Size Checksum (sha1sum) APAR# PTF#
MH01959_ppc.iso 3786713088 0e954676d2e9f08ed7bafe90767a0940472df1a1
 MB04410
 MH01959
Splash Panel information (or lshmc -V output)

"version= Version: 9
 Release: 2
Service Pack: 953
HMC Build level 2305230214
MH01934 - HMC V9R2 M953
MH01959 - iFix for HMC V9R2 M953
","base_version=V9R2
"


Security fix



Known issues and limitations


Previously released fixes also included in this PTF:
MH01953/MH01954
4/21/23

  • Fixed another issue causing Firefox on the local HMC console to make background connection calls to Amazon and Google Cloud.
  • Fixed another issue causing the generation and call home of SRCs E2FF4600, E2FF1409 and E2FF4406.
  • Added support for PowerSC 2.1.0.4.
  • Fixed another issue that can still cause the save upgrade data process to continue to fail due to lack of space when run after the previous attempt also failed due to lack of space when the space requirements were reduced.
  • Fixed an issue that causes in-band BMC communication on a Power HMC to fail after restoring HMC upgrade data that was migrated with network configuration data from a CR9 HMC.
  • Increased timeout when trying to arbitrate primary monitoring HMC for managed server in dual-HMC environment to avoid repeated call home SRC E3325009.
  • Fixed an issue that caused some scheduled operations, and some transmit service information operations to run much more frequently than scheduled.  This issue occurs if the HMC time zone is changed after the scheduled operation or transmit service information operation is initially scheduled.
  • Fixed an issue causing the following harmless message to be logged in /var/log/messages: "rsyslogd[678959]: command 'SystemLogSocketName' is currently not permitted".
  • Fixed an issue that caused SRC E212E136 to be generated and called home when collecting hardware VPD inventory from a system with a large inventory.
  • Fixed an issue that causes PCM aggregated metrics to no longer be generated after the HMC time is moved forward or when Daylight Saving Time starts.
  • Fixed Java vulnerability: CVE-2022-21426.
  • Fixed CVE vulnerabilities: CVE-2022-4304, CVE-2022-4450, CVE-2023-0215 and CVE-2023-0286.
  • Fixed libXpm vulnerabilities: CVE-2022-4883, CVE-2022-44617 and CVE-2022-46285.
  • Fixed expat vulnerability: CVE-2022-43680.
  • Fixed D-Bus vulnerabilities: CVE-2022-42010, CVE-2022-42011 and CVE-2022-42012.
  • Fixed Libtasn1 vulnerability: CVE-2021-46848.
  • Fixed Apache Tomcat vulnerability: CVE-2023-24998.
  • Fixed a security issue on the HMC.
MH01948/MH01949
2/03/23

  • Fixed an HMC performance issue causing general slowness across HMCs that have Performance and Capacity Monitoring (PCM) enabled.
  • Fixed an issue that causes HMC GUI to stop responding and generate SRC E35A0053.
  • Fixed an issue to prevent reporting SRC E3325009 arbitration error.
  • Fixed a timing issue that caused the HMC to lose its network settings when it was restarted.
  • Fixed an issue that caused SRCs E35A0083 and E332FFFF to be reported and PCM aggregated metrics to no longer be generated after DST ended.
  • Fix for SRC E23D0503 being called home after a reboot due to a core dump
  • Fixed an issue that causes 0x0314 error with the message
    "Return code type: Failure (hard stop or user intervention required).
    Message:
    The partition does not support a required management console capability level.
    Corrective action:
    Update the partition to the latest PTF level."
    This happens when RV CM operation is performed on a machine with a MEX attached and the MEX resources are in use by IBMi partitions the first time after the system has been powered up, they will be blocked from proceeding.
  • Fixed an issue that causes SRC E3326701
  • Fixed an issue that caused HMC GUI to display empty managed systems list with the following error: "The HMC information could not be displayed because of an error while retrieving the information."
  • Update serviceable event processing to allow for events to be processed that have invalid date strings.
  • Fix to prevent hdwr_svr from crashing and recovering automatically, resulting in call home SRC E23D040A.
  • Addressed Java vulnerabilities CVE-2022-3676 , CVE-2022-21628, CVE-2022-21626, CVE-2022-21624 and CVE-2022-21619.
  • Addressed vulnerability: CVE-2022-43926.
  • Fixed an issue with running the sed command.
MH01943/MH01944
11/17/22

  • Fixed an issue that prevented call home from working successfully. Symptoms included test call home displaying attempts at trying additional IP addresses.
  • Fixed a call home connection issue when a proxy is configured causing intermittent connection drop.
  • Fixed an an issue that prevented connection surveillance call home reporting for eBMC systems for SRCs such as B3030001, etc...
  • Fixed a rare timing issue where the updlic command would stop producing output and would display the following message, even though the updlic task is still running: Unknown output type:  from message  (0x7f).
  • Fixed the ping command failing to execute after restore CCD resulting in error message: "operation not permitted".
  • Fixed an issue of reporting call home SRC E35F0013 during installation of HMC Service Pack 953.
  • Fixed an issue that prevented login for any Kerberos user .
  • Fixed an issue with LDAP automanage setting not updating correctly after reconfiguration of LDAP.
  • Addressed Kernel vulnerabilities: CVE-2022-1012 and CVE-2021-45485
  • Addressed bind vulnerability: CVE-2021-25219
  • Addressed httpd vulnerabilities: CVE-2021-33193, CVE-2021-44224 and CVE-2020-13950
  • Fixed a security issue with the HMC.
MH01937/MH01983
9/27/22

  • Fixed an issue that causes "Add Virtual Network" operation to fail while modifying load balance field.
  • Fixed an issue that causes an error code 500, while opening full Tasklog and shows nothing in the tasklog widget.
  • Increased timeout of firmware update from 2 to 4 hours to handle timeout issues that caused code update to fail.
  • Fixed an issue during serviceable event data sync between HMCs where an initial failure syncing data would prevent further data in that attempt to sync.
  • Fixed an issue causing Call Home to fail from some countries when specified as part of the Customer Information panel.
  • Fixed an issue preventing local console events from being serviced by a 7063-CR2.
  • Obscured the password logged by the chsacfg -t ftp -o test command and the Transmit Service Information -> Configure FTP Connections -> Enable FTP -> Perform Test action on the GUI.
  • Addressed Java SDK security vulnerabilities: CVE-2022-21496, CVE-2022-21434 and CVE-2021-41041



Installation

Installation instructions for HMC Version 9 upgrades and corrective service can be found at these locations:

Upgrading or restoring HMC Version 9

Updating,upgrading, and migrating your HMC machine code

Instructions and images for upgrading via a remote network install can be found here:

HMC V9 network installation images and installation instructions