Hardware Management Console Readme For use with HMC Version 10 Release 2 M1023 Date: 11 October 2024 (C) Copyright International Business Machines Corp., 2024 All rights reserved. Contents <#ibm-content> The information in this Readme contains the fix list and other package information about the Hardware Management Console. * PTF MF71705 <#MF71705> * PTF MF71706 <#MF71706> * Package information <#package> * Fixes Included <#fixes> * Installation <#install> Terminology *x86* - This term is used to reference the Intel hypervisors (KVM, VMWare, Xen) on which Virtual HMC can be installed. *Note*: HMC V10R1 release for x86 is not supported on bare metal (7042 hardware appliances). *ppc64 or ppc64le* - describes the Linux code that is compiled to run on Power-based servers or LPARS (Logical Partitions) PTF MF71705 HMC V10 R1 M1023.3 - for vHMC for x86_64 hypervisors (5765-VHX) This package represents an interim fix for the HMC V10 R1 M1023 for vHMC on x86_64 hypervisors. You can also reference this package by APAR MB04470 and PTF MF71705. This image can be installed on top of HMC V10 R1 M1023. Note: This PTF supersedes MF71681 and MF71691. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MF71705_x86.iso 4585228288 fb3f5d7b9c66b81e0b28d956e1e39b8242e339b8 MB04470 MF71705 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 1 Service Pack: 1023 HMC Build level 2404290525 MF69186 - Restore fix for HMC V10R1 M1010+ MF71508 - HMC V10R1 M1023 MF71705 - iFix for HMC V10R1 M1023 ","base_version=V10R1 " PTF MF71706 HMC V10 R1 M1023.3 - for 7063 Hardware or vHMC for PowerVM (5765-HMB) This package represents an interim fix for the HMC V10 R1 M1023 on 7063 machine type or vHMC for PowerVM. You can reference this package by APAR MB04471 and PTF MF71706. This image can be installed on top of HMC V10 R1 M1023. Note: This PTF supersedes MF71682 and MF71692. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MF71706_ppc.iso 4575148032 4117f7deb98a3ae468a0963b341006cd3d291b44 MB04471 MF71706 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 1 Service Pack: 1023 HMC Build level 2404290525 MF69187 - Restore fix for HMC V10R1 M1010+ MF71509 - HMC V10R1 M1023 MF71706 - iFix for HMC V10R1 M1023 ","base_version=V10R1 " *Security fix* * Fixed Apache HTTP Server vulnerabilities: CVE-2023-38709, CVE-2023-45802, and CVE-2024-27316 Best Practices * Use Kerberos realm name that follow the standard naming structure. For example, DNS domain name in uppercase. * User sessions - The following best practices helps avoid performance degradations gradually over a period of time due to increased login sessions as well as security vulnerabilities such as unauthorized access to the active HMC sessions. o It is a best practice to logoff from HMC UI and then close the browser tab instead of directly closing the tab o Set Idle session timeout for all the users and not leave the timeout as '0' which leaves it as no timeout. **Previously released fixes also included in this PTF: * * *MF71691/MF71692* 05/09/24 * Fixed an Information and Stack Trace disclosure for GET requests with malformed parameters to an API endpoint. *MF71681/**MF71682* 04/12/24 * Fixed the Call home management Outbound connectivity test to show the IP addresses using DNS resolution of esupport.ibm.com. * Fixed an issue causing the sed command to fail when a command argument contains a dash. * Fixed SSH vulnerability: CVE-2023-48795 * Fixed nghttp2 vulnerability: CVE-2023-44487 * Fixed libssh vulnerabilities: CVE-2023-1667 and CVE-2023-2283 * Fixed libxml2 vulnerabilities: CVE-2023-28484 and CVE-2023-29469 * Fixed Java vulnerabilities: CVE-2023-33850, CVE-2024-20918, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, and CVE-2024-20952 * Fixed Apache Tomcat vulnerabilities: CVE-2024-23672 and CVE-2024-24549 Installation Installation instructions for HMC Version 10 upgrades and corrective service can be found at these locations: Upgrading or restoring HMC Version 10 Updating, upgrading, and migrating your HMC machine code Update(s) for HMC V10R1M1010