Hardware Management Console Readme For use with HMC Version 10 Release 2 M1042 Date: 30 August 2024 (C) Copyright International Business Machines Corp., 2024 All rights reserved. Contents <#ibm-content> The information in this Readme contains the fix list and other package information about the Hardware Management Console. * PTF MF71701 <#MF71701> * PTF MF71702 <#MF71702> * Package information <#package> * Fixes included <#fixes> * Known Issues <#known> * Installation <#install> Terminology *x86* - This term is used to reference the Intel hypervisors (KVM, VMWare, Xen) on which Virtual HMC can be installed. *Note*: HMC V10R2 release for x86 is not supported on bare metal (7042 hardware appliances). *ppc64 or ppc64le* - describes the Linux code that is compiled to run on Power-based servers or LPARS (Logical Partitions) PTF MF71701 HMC V10 R2 M1042.3 - for vHMC for x86_64 hypervisors (5765-VHX) This package represents an interim fix for HMC V10 R2 M1042 for vHMC on x86_64 hypervisors. You can also reference this package by APAR MB04466 and PTF MF71701. This PTF can be installed on HMC V10 R2 M1042. Note: This PTF supersedes MF71683 and MF71693. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MF71701_x86.iso 3791237120 7d419e0850294aada020f71239e77638629cccb4 MB04466 MF71701 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 2 Service Pack: 1042 HMC Build level 2408060052 MF71610 - HMC V10R2 M1042 MF71701 - iFix for HMC V10R2 M1042 ","base_version=V10R2 " PTF MF71702 HMC V10 R2 M1042.3 - for 7063 Hardware or vHMC for PowerVM (5765-HMB) This package represents an interim fix for HMC V10 R2 M1042 on 7063 machine type or vHMC for PowerVM. You can reference this package by APAR MB04459 and PTF MF71702. This PTF can be installed on HMC V10 R2 M1042. Note: This PTF supersedes MF71684 and MF71694. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MF71702_ppc.iso 3781455872 cd6e5f4ef1b025e1d5cac12a3eb5537b99dbf1bb MB04467 MF71702 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 2 Service Pack: 1042 HMC Build level 2408060052 MF71611 - HMC V10R2 M1042 MF71702 - iFix for HMC V10R2 M1042 ","base_version=V10R2 " *Security fixes* * Fixed Apache Tomcat vulnerability: CVE-2024-34750 * Fixed shim vulnerabilities: CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, and CVE-2023-40551 * Fixed expat vulnerability: CVE-2023-52425 * Fixed rpm vulnerabilities: CVE-2021-35937, CVE-2021-35938, and CVE-2021-35939 * Fixed libxml2 vulnerability: CVE-2023-39615 * Fixed nss vulnerabilities: CVE-2023-5388 and CVE-2023-6135 * Fixed openssl vulnerabilities: CVE-2023-3446, CVE -2023-3817, and CVE-2023-5678 * Fixed bind vulnerability: CVE-2022-3094 * Fixed shadow-utils vulnerability: CVE-2023-4641 * Fixed tpm2-tss vulnerability: CVE-2023-22745 *Known Issues* * If log in to the HMC GUI is failing with this error for LDAP or auto-managed users: Error: "/Logon Error: Invalid credential or Timeout. Please try again after some time, if it repeats, please follow troubleshooting steps from IBM support/." Use the following troubleshooting steps: o Check whether the user is LDAP or auto-managed authentication type. o If so, run the following command to change the LDAP configuration: chhmcldap -o s --timelimit 30 --bindtimelimit 20 o If log in to the GUI still fails, run the following command: chhmcldap -o s --timelimit 30 --bindtimelimit 10 **Previously released fixes also included in this PTF: * * *MF71693/**MF71694* 06/28/24 * Fixed an issue that can cause the 7063-CR1 HMC to intermittently hang. For more information, please review this document: https://www.ibm.com/support/pages/node/7157787 * Fixed an issue that can cause SRC E212E161 to be called home due to too many open files caused by running the lslic command many times in a short period of time. * Fixed an issue causing the GUI partition Virtual networks page to fail to launch with the error "/Error launching task an internal error occurred. Please contact your service administrator. [Cannot invoke "java.util.List.iterator()" because "networkBridges" is null]/". * Fixed a rare issue that can cause an I/O firmware update to be skipped for some I/O adapters when more than one I/O adapter in an Enterprise BMC-based managed system is selected for update on the GUI. * Fixed the Call home management outbound connectivity test to show the IP addresses obtained from using DNS resolution of esupport.ibm.com. * Fixed an issue that can cause SRC E212E136 to be called home due to a failure to delete a temporary file which leads to a full / filesystem on the HMC. This issue can occur when the HMC is managing Enterprise BMC-based managed systems. * Fixed less vulnerability: CVE-2022-48624 * Fixed Apache httpd vulnerability: CVE-2024-27316 *MF71683/MF71684* 04/04/24 * Fix an issue that caused the Partition Virtual networks -> Adapter(s) -> Create Trunk Adapter panel to fail to load for an IBM i partition when no virtual networks exist. * Fixed nghttp2 vulnerability: CVE-2023-44487 * Fixed Apache Tomcat vulnerabilities: CVE-2024-23672 and CVE-2024-24549 * Fixed libssh vulnerabilities: CVE-2023-1667 and CVE-2023-2283 * Fixed libxml2 vulnerabilities: CVE-2023-28484 and CVE-2023-29469 * Fixed Java vulnerabilities: CVE-2024-20918, CVE-2024-20921, CVE-2024-20945, and CVE-2024-20952 * Fixed SSH vulnerability: CVE-2023-48795 Installation Installation instructions for HMC Version 10 upgrades and corrective service can be found at these locations: Upgrading or restoring HMC Version 10 Updating, upgrading, and migrating your HMC machine code Update(s)for HMC V10R2M1042