IT06917: FIX SECURITY VULNERABILITY CVE-2015-0235 FOR TPC 5.X

Direct links to fixes

APAR status

Closed as program error.

Error description

Security update for vulnerability CVE-2015-0235

Affected versions:
Tivoli Storage Productivity Center 5.2.0 through 5.2.4.1
Tivoli Storage Productivity Center 5.1.0 through 5.1.1.5
Tivoli Storage Productivity Center 4.2.0 through 4.2.2.190
Tivoli Storage Productivity Center 4.1.x

Only affects the TPC server on Linux with connections to XIV
storage systems.

Local fix

Temporarily remove any connections to XIV storage systems.

Problem summary

****************************************************************
* USERS AFFECTED:                                              *
* See security bulletin for TPC 5.x users affected.            *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* See security bulletin for details.                           *
****************************************************************
* RECOMMENDATION:                                              *
* Review security bulletin for remediation information and     *
* follow appropriate steps.                                    *
****************************************************************

Problem conclusion

This vulnerability has a fix available.  See security bulletin
for details.
http://www-01.ibm.com/support/docview.wss?uid=swg21696362

The fix for this APAR is targeted for the following maintenance
package:

| refresh pack | 5.2-TIV-TPC-RP0005 - target March 2015
| fix pack | 5.1.1-TIV-TPC-FP0006 - target February 2015
| fix pack | 4.2.2-TIV-TPC-FP0008 - target February 2015

Additionally, interim fix packages are available.
| interim fix | 5.2.4-TIV-TPC-Linux-IT06917 - February 2015
| interim fix | 5.1.1.5-TIV-TPC-Linux-IT06917
| interim fix | 4.2.2.184-TIV-TPC-IT06919

http://www.ibm.com/support/docview.wss?&uid=swg21320822

The target dates for future refresh packs do not represent a
formal commitment by IBM. The dates are subject to change
without notice.

Temporary fix

Comments

APAR Information

APAR number
IT06917
Reported component name
TPC
Reported component ID
5608TPC00
Reported release
524
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2015-02-04
Closed date
2015-02-11
Last modified date
2015-02-11

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

IT06919

Modules/Macros

```
DISK
```

Fix information

Fixed component name
TPC
Fixed component ID
5608TPC00

Applicable component levels

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSWFB4","label":"IBM Spectrum Control Standard Edition"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"524","Line of Business":{"code":"LOB26","label":"Storage"}}]

Document Information

Modified date:
05 October 2023

Tips

IT06917: FIX SECURITY VULNERABILITY CVE-2015-0235 FOR TPC 5.X

Direct links to fixes

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Fix information

Fixed component name

Fixed component ID

Applicable component levels

Document Information

Share your feedback

Need support?