SmartCloud Provisioning 2.3.0.1 interim Fix 3 (iFix 2.3.0.1-CSI-ISCP-IF0003) is available for download from Fixcentral.

The following version of IBM SmartCloud Provisioning must be installed:
SmartCloud Provisioning 2.3.0 Fix Pack 1 or SmartCloud Provisioning Enterprise 2.3.0 Fix Pack 1 with any of the officially released 2.3.0.1 iFixes OR LA fixes.

It supercedes the previous SmartCloud Provisioning 2.3.0.1 iFixes 2.3.0.1-CSI-ISCP-IF0001 and 2.3.0.1-CSI-ISCP-IF0002. It also supersedes 2.3.0.1-CSI-ISCP LA fixes LA0001 to LA0006.

The following issues and security vulnerabilities are addressed by this iFix:

  APAR ZZ00236 - Image not being discovered by VIL (2.3.0.1-CSI-ISCP-IF0002)
  APAR ZZ00240 - authentication error CTJCO0004E occurs in the self-service UI when users do not work in their default domain
  APAR ZZ00201 - BPM Proxy does not handle multipart/form-data content type
  APAR ZZ00234 - Event-based orchestration goes into endless loop if vSys instance has no associated pattern
  APAR IT00875 - iwd fails to allocate a disk
  APAR IT01808/SE59154 - SCO attempts to delete the hypervisor if it is not available over the network
  APAR SE59130 - SCO change flavor updates are not reflected in the SCO UI
  APAR IT01591 - Deployed Virtual Instances in VMware Region show as deleted
  APAR ZZ00223 - Improve error message to advise to check for encrypted disks
  APAR SE58917 - Special characters in Resource Pool Names cause VMware region install to fail
  PMR 72121,999,000 - Virtual System Instances unable to be managed
  APAR ZZ00246 - Bigger JSON Content in GenericRest call (100kb) does not work
  DEFECT 137472 - Support for vCenter 5.5 in Vil
  APAR ZZ00233 - VIL checkout to vCenter fails
  APAR IT01260 - "Forgot your password" does not work in SCO 2.3
  APAR IT00519 - Increasing workload deployer default log level causes system failure
  APAR IT02053 - SCO 2.3 Toolbar not showing for some VMs
  APAR ZZ00204 - Indexing of image and check-out operations failed for domain user with dots
  APAR ZZ00256 - SAAM can't get the running status of openstack services when SCO server OS locale is non-English
  APAR SE58688 - KVM compute nodes are going offline and can't deply any new patterns and VMs
  APAR ZZ00169 - ICCT extension of AIX NIM image didn't run properly
  APAR ZZ00242 - Config_network.sh does not work in a "real" environment
  APAR SE59389 - SCE fails to deploy to vCenter 5.1 U2 or vCenter 5.5.
  DEFECT 146765 - Bulk provisioning of vsys with NovaNotification enabled sometimes failed with 'No region information for vm <uuid>'
  DEFECT 141765 - PDCollect does not collect fileserver logs and error.log

  CVE-2014-0076 - OpenSSL could allow a local attacker to obtain sensitive information
  CVE-2014-0160 - OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality
  CVE-2014-0411 - Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 (2.3.0.1-CSI-ISCP-IF0002)
  CVE-2013-5802 - Unspecified vulnerability in Oracle Java SE related to the JAXP component (2.3.0.1-CSI-ISCP-IF0002)
  CVE-2013-5772 - Unspecified vulnerability in Oracle Java SE related to the jhat component (2.3.0.1-CSI-ISCP-IF0002)
  CVE-2014-0473 - Django cross-site request forgery
  CVE-2014-0474 - Django data injection
  CVE-2014-0472 - Django django.core.urlresolvers.reverse() code execution
  CVE-2014-0224 - OpenSSL is vulnerable to a man-in-the-middle attack
  CVE-2014-0221 - OpenSSL is vulnerable to a denial of service
  CVE-2014-0195 - OpenSSL is vulnerable to a buffer overflow
  CVE-2014-0198 - OpenSSL is vulnerable to a denial of service
  CVE-2010-5298 - OpenSSL is vulnerable to a denial of service
  CVE-2014-3470 - OpenSSL is vulnerable to a denial of service

Marcações:  smartcloud provisioning 2.3.0.1