FIRMWARE CHANGE HISTORY ----------------------- IBM RackSwitch G8332 Version 7.7.25.0 (Released January 2017) ** Changes since the 7.7.24.0 release ** Enhancements: None Changes: None Fixes: - Switch sends SNMP traps with inccorrect Trap OID prefix .1.3.6.1.4.1.20301.2.7.12 instead of the correct OID prefix .1.3.6.1.4.1.20301.2.7.16. (63912) - Password for tacacs users could not be changed from the switch using the "primary-password" command when the "tacacs-server password-change" feature is enabled. (63530) - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2016-2183(SWEET32) and CVE-2016-6329. The ciphers DES, 3DES and Blowfish are no longer supported. (66395) ================================================================================ IBM RackSwitch G8332 Version 7.7.24.0 (Released September 2016) ** Changes since the 7.7.23.0 release ** Enhancements: None Changes: None Fixes: - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2016-2108.(ALIRT LEN-7502). (55174) - Fixed security vulnerabilities as reported in CVE Advisories CVE-2016-3705, CVE-2016-3627, CVE-2015-8806, CVE-2016-4447, CVE-2016-4449, CVE-2016-4448 (libxml2). (57176, 55781, 58942, 58943) ================================================================================ IBM RackSwitch G8332 Version 7.7.23.0 (Released June 2016) ** Changes since the 7.7.22.0 release ** Enhancements: None Changes: None Fixes: - Fixed security vulnerabilities as reported in CVE Advisories CVE-2015-8710 (libxml2). (49214) ================================================================================ IBM RackSwitch G8332 Version 7.7.22.0 (Released February 2016) ** Changes since the 7.7.21.0 release ** Enhancements: None Changes: - The output of “show tech-support” now includes the isCLI commands as headers before their respective output. (38125) Fixes: - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-7575 (SLOTH). (47856) - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-3194, CVE-2015-3195. (46801) ================================================================================ IBM RackSwitch G8332 Version 7.7.21.0 (Released October 2015) ** Changes since the 7.7.20.0 release ** Enhancements: None Changes: None Fixes: - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-1788 (BN_GF2m_mod_inv), CVE-2015-1789 (X509_cmp_time) and CVE-2015-1792 (do_free_upto). (39415) ================================================================================ IBM RackSwitch G8332 Version 7.7.20.0 (Released July 2015) ** Changes since the 7.7.19.0 release ** Enhancements: None Changes: None Fixes: - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-0286 (ASN1_TYPE_cmp). ================================================================================ IBM RackSwitch G8332 Version 7.7.19.0 (Released April 2015) ** Changes since the 7.7.18.0 release ** Enhancements: None Changes: None Fixes: - Fixed security vulnerabilities as reported in CVE Advisories CVE-2014-0191 (libXML2), CVE-2014-3660 ((libXML2), CVE-2103-2566 (RC4) - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2014-3572, CVE-2015-0204, CVE-2014-8275,CVE-2014-3570, CVE-2015-2808 (BarMitzvah) ================================================================================ IBM RackSwitch G8332 Version 7.7.18.0 (Released October 2014) ** Changes since the 7.7.17.0 release ** Enhancements: None Changes: - A security vulnerability existed in the OpenSSL Protocol that is used in IBM System Networking Ethernet Switches. (CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3510) Fixes: None ================================================================================ IBM RackSwitch G8332 Version 7.7.17.0 (Released July 2014) ** Changes since the 7.7.16.0 release ** Enhancements: None Changes: - Internal debug usernames have been removed from the firmware to prevent potential backdoor access. (XB282666) Fixes: None ================================================================================ IBM RackSwitch G8332 Version 7.7.16.0 (Released June 2014) ** Changes since the 7.7.15.0 release ** Enhancements: none Changes: - A security vulnerability existed in the OpenSSL Protocol that is used in IBM System Networking Ethernet Switches. (CVE-2014-0224) Fixes: none ==================================================================================================== IBM RackSwitch G8332 Version 7.7.15.0 (Released May 2014) Second release of G8332 New and Updated Features: ------------------------- - NIST 131A: compliant with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131A. - Open Flow 1.3.1 The following key feature where added: • Static LAG • MAC address/IP address masking • Flexible Table Miss and Fail Secure • 40Gb support • Static CLI for Flow Programming • OpenFlow 1.0 backward - Distributed Overlay Virtual Ethernet (DOVE) provides network virtualization by implementing an overlay network for virtual machines on top of an underlying IPv4 network. - FCoE BB5 FCF Support: Full Fabric FCoE Switch - NAT: Network Address Translation Fixes: ------ - MLD groups are not deleted properly when shut/no shut command is performed on a port from a static trunk; in this case some traffic is still flooded. (XB263055) - Part of the IPMC traffic for IGMP groups learned on a port-channel is still forwarded after flapping the port-channel. (XB266229) - Switch crashes when enabling "debug spanning-tree bpdu" from cli. (XB266534) - Switch crashes in VLAG setup with IGMP traffic. (XB263030) - The switch is continuously crashing after using "mda shutdown" and "no mda shutdown" commands several times. (XB262540) - MDA board insertions and removals are now logged by the SysLog server. (XB266532) - Openflow 1.0: Switch is crashing when pushing untagged FDB based flow. (XB271510) Enhancements: ------------- NONE Changes: -------- NONE ================================ IBM RackSwitch G8332 Version 7.7.13.0 (Released March 2014) - Initial release ================================