Security patch release notes (RHEL 7.9)
Review the release notes for security patches for IAS.
Security patches are tied to the version of Red Hat Linux that is installed on IAS. The patches for a specific Red Hat release are cumulative. For example, if your system is on 7.9, you only need to install the latest patch that applies to 7.9, there is no need to install all of them one by one.
Verify that which patch can be installed on your system. Do not apply the patch if the Red Hat Linux version on your system does not match.
For installation, see Applying security patches.
For STIG compliance, see STIG compliance.
For performing a vulnerability scan, see Performing a vulnerability scan.
For security patches related to RHEL 8, see Security patch release notes (RHEL 8.8).
7.9.24.08.SP26
The security patch is released in September 2024.
Restriction: If you are using version 1.0.26.x or earlier, you must upgrade to 1.0.27.2
or later IAS versions to apply 7.9.24.08.SP26.
Restriction: After applying SP26, you can only upgrade to 1.0.28.2 or later.
The list of Red Hat CVEs, that are patched in this release:
CVE-2023-4408 Important/Sec. (RHSA-2024:3741) bind-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-50387 Important/Sec. (RHSA-2024:3741) bind-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-50868 Important/Sec. (RHSA-2024:3741) bind-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-4408 Important/Sec. (RHSA-2024:3741) bind-export-libs-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-50387 Important/Sec. (RHSA-2024:3741) bind-export-libs-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-50868 Important/Sec. (RHSA-2024:3741) bind-export-libs-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-4408 Important/Sec. (RHSA-2024:3741) bind-libs-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-50387 Important/Sec. (RHSA-2024:3741) bind-libs-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-50868 Important/Sec. (RHSA-2024:3741) bind-libs-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-4408 Important/Sec. (RHSA-2024:3741) bind-libs-lite-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-50387 Important/Sec. (RHSA-2024:3741) bind-libs-lite-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-50868 Important/Sec. (RHSA-2024:3741) bind-libs-lite-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-4408 Important/Sec. (RHSA-2024:3741) bind-license-32:9.11.4-26.P2.el7_9.16.noarch
CVE-2023-50387 Important/Sec. (RHSA-2024:3741) bind-license-32:9.11.4-26.P2.el7_9.16.noarch
CVE-2023-50868 Important/Sec. (RHSA-2024:3741) bind-license-32:9.11.4-26.P2.el7_9.16.noarch
CVE-2023-4408 Important/Sec. (RHSA-2024:3741) bind-utils-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-50387 Important/Sec. (RHSA-2024:3741) bind-utils-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-50868 Important/Sec. (RHSA-2024:3741) bind-utils-32:9.11.4-26.P2.el7_9.16.ppc64le
CVE-2023-4408 Important/Sec. (RHSA-2024:3741) dhclient-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-50387 Important/Sec. (RHSA-2024:3741) dhclient-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-50868 Important/Sec. (RHSA-2024:3741) dhclient-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-4408 Important/Sec. (RHSA-2024:3741) dhcp-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-50387 Important/Sec. (RHSA-2024:3741) dhcp-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-50868 Important/Sec. (RHSA-2024:3741) dhcp-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-4408 Important/Sec. (RHSA-2024:3741) dhcp-common-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-50387 Important/Sec. (RHSA-2024:3741) dhcp-common-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-50868 Important/Sec. (RHSA-2024:3741) dhcp-common-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-4408 Important/Sec. (RHSA-2024:3741) dhcp-libs-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-50387 Important/Sec. (RHSA-2024:3741) dhcp-libs-12:4.2.5-83.el7_9.2.ppc64le
CVE-2023-50868 Important/Sec. (RHSA-2024:3741) dhcp-libs-12:4.2.5-83.el7_9.2.ppc64le
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl100-firmware-39.31.5.1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl100-firmware-39.31.5.1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl100-firmware-39.31.5.1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl100-firmware-39.31.5.1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl100-firmware-39.31.5.1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl1000-firmware-1:39.31.5.1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl1000-firmware-1:39.31.5.1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl1000-firmware-1:39.31.5.1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl1000-firmware-1:39.31.5.1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl1000-firmware-1:39.31.5.1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl105-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl105-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl105-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl105-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl105-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl135-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl135-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl135-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl135-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl135-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl2000-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl2000-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl2000-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl2000-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl2000-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl2030-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl2030-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl2030-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl2030-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl2030-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl3160-firmware-25.30.13.0-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl3160-firmware-25.30.13.0-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl3160-firmware-25.30.13.0-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl3160-firmware-25.30.13.0-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl3160-firmware-25.30.13.0-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl3945-firmware-15.32.2.9-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl3945-firmware-15.32.2.9-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl3945-firmware-15.32.2.9-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl3945-firmware-15.32.2.9-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl3945-firmware-15.32.2.9-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl4965-firmware-228.61.2.24-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl4965-firmware-228.61.2.24-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl4965-firmware-228.61.2.24-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl4965-firmware-228.61.2.24-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl4965-firmware-228.61.2.24-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl5000-firmware-8.83.5.1_1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl5000-firmware-8.83.5.1_1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl5000-firmware-8.83.5.1_1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl5000-firmware-8.83.5.1_1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl5000-firmware-8.83.5.1_1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl5150-firmware-8.24.2.2-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl5150-firmware-8.24.2.2-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl5150-firmware-8.24.2.2-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl5150-firmware-8.24.2.2-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl5150-firmware-8.24.2.2-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl6000-firmware-9.221.4.1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl6000-firmware-9.221.4.1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl6000-firmware-9.221.4.1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl6000-firmware-9.221.4.1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl6000-firmware-9.221.4.1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl6000g2a-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl6000g2a-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl6000g2a-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl6000g2a-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl6000g2a-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl6000g2b-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl6000g2b-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl6000g2b-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl6000g2b-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl6000g2b-firmware-18.168.6.1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl6050-firmware-41.28.5.1-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl6050-firmware-41.28.5.1-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl6050-firmware-41.28.5.1-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl6050-firmware-41.28.5.1-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl6050-firmware-41.28.5.1-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) iwl7260-firmware-25.30.13.0-83.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) iwl7260-firmware-25.30.13.0-83.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) iwl7260-firmware-25.30.13.0-83.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) iwl7260-firmware-25.30.13.0-83.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) iwl7260-firmware-25.30.13.0-83.el7_9.noarch
CVE-2022-27635 Important/Sec. (RHSA-2024:3939) linux-firmware-20200421-83.git78c0348.el7_9.noarch
CVE-2022-36351 Important/Sec. (RHSA-2024:3939) linux-firmware-20200421-83.git78c0348.el7_9.noarch
CVE-2022-38076 Important/Sec. (RHSA-2024:3939) linux-firmware-20200421-83.git78c0348.el7_9.noarch
CVE-2022-40964 Important/Sec. (RHSA-2024:3939) linux-firmware-20200421-83.git78c0348.el7_9.noarch
CVE-2022-46329 Important/Sec. (RHSA-2024:3939) linux-firmware-20200421-83.git78c0348.el7_9.noarch
CVE-2024-32487 Important/Sec. (RHSA-2024:3669) less-458-10.el7_9.ppc64le
CVE-2023-4727 Important/Sec. (RHSA-2024:4222) pki-base-10.5.18-32.el7_9.noarch
CVE-2023-4727 Important/Sec. (RHSA-2024:4222) pki-base-java-10.5.18-32.el7_9.noarch
CVE-2023-4727 Important/Sec. (RHSA-2024:4222) pki-tools-10.5.18-32.el7_9.ppc64le7.9.24.06.SP25
Security patch is released in July 2024.
Restriction: If you are using version 1.0.26.x or earlier, you must upgrade to 1.0.27.2
or later IAS versions to apply 7.9.24.06.SP25.
Restriction: After applying SP25, you can only upgrade to 1.0.28.2 or later.
The list of Red Hat CVEs, that are patched in this release:
CVE-2022-2601 (RHSA-2024:2002) Moderate/Sec. grub2-1:2.02-0.87.el7_9.14.ppc64le
CVE-2022-2601 (RHSA-2024:2002) Moderate/Sec. grub2-common-1:2.02-0.87.el7_9.14.noarch
CVE-2022-2601 (RHSA-2024:2002) Moderate/Sec. grub2-ppc64le-1:2.02-0.87.el7_9.14.ppc64le
CVE-2022-2601 (RHSA-2024:2002) Moderate/Sec. grub2-ppc64le-modules-1:2.02-0.87.el7_9.14.noarch
CVE-2022-2601 (RHSA-2024:2002) Moderate/Sec. grub2-tools-1:2.02-0.87.el7_9.14.ppc64le
CVE-2022-2601 (RHSA-2024:2002) Moderate/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.14.ppc64le
CVE-2022-2601 (RHSA-2024:2002) Moderate/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.14.ppc64le
CVE-2024-21011 (RHSA-2024:1817) Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.412.b08-1.el7_9.ppc64le
CVE-2024-21068 (RHSA-2024:1817) Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.412.b08-1.el7_9.ppc64le
CVE-2024-21085 (RHSA-2024:1817) Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.412.b08-1.el7_9.ppc64le
CVE-2024-21094 (RHSA-2024:1817) Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.412.b08-1.el7_9.ppc64le
CVE-2024-21011 (RHSA-2024:1817) Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.412.b08-1.el7_9.ppc64le
CVE-2024-21068 (RHSA-2024:1817) Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.412.b08-1.el7_9.ppc64le
CVE-2024-21085 (RHSA-2024:1817) Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.412.b08-1.el7_9.ppc64le
CVE-2024-21094 (RHSA-2024:1817) Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.412.b08-1.el7_9.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-abi-whitelists-3.10.0-1160.118.1.el7.noarch
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-abi-whitelists-3.10.0-1160.118.1.el7.noarch
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-abi-whitelists-3.10.0-1160.118.1.el7.noarch
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-abi-whitelists-3.10.0-1160.118.1.el7.noarch
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-abi-whitelists-3.10.0-1160.118.1.el7.noarch
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-bootwrapper-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-bootwrapper-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec.kernel-bootwrapper-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec.kernel-bootwrapper-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-bootwrapper-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-debug-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-debug-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-debug-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-debug-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-debug-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-debug-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-debug-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-debug-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-debug-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-debug-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-headers-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-headers-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-headers-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-headers-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-headers-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-tools-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-tools-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-tools-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-tools-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-tools-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-tools-libs-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-tools-libs-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-tools-libs-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-tools-libs-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-tools-libs-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. kernel-tools-libs-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. kernel-tools-libs-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. kernel-tools-libs-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. kernel-tools-libs-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. kernel-tools-libs-devel-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. perf-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. perf-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. perf-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. perf-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. perf-3.10.0-1160.118.1.el7.ppc64le
CVE-2020-36558 (RHSA-2024:2004) Important/Sec. python-perf-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-2002 (RHSA-2024:2004) Important/Sec. python-perf-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4622 (RHSA-2024:2004) Important/Sec. python-perf-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-4623 (RHSA-2024:2004) Important/Sec. python-perf-3.10.0-1160.118.1.el7.ppc64le
CVE-2023-25775 (RHSA-2024:2004) Important/Sec. python-perf-3.10.0-1160.118.1.el7.ppc64le
CVE-2024-2961 (RHSA-2024:3588) Important/Sec. glibc-2.17-326.el7_9.3.ppc64le
CVE-2024-33599 (RHSA-2024:3588) Important/Sec. glibc-2.17-326.el7_9.3.ppc64le
CVE-2024-33600 (RHSA-2024:3588) Important/Sec. glibc-2.17-326.el7_9.3.ppc64le
CVE-2024-33601 (RHSA-2024:3588) Important/Sec. glibc-2.17-326.el7_9.3.ppc64le
CVE-2024-33602 (RHSA-2024:3588) Important/Sec. glibc-2.17-326.el7_9.3.ppc64le
CVE-2024-2961 (RHSA-2024:3588) Important/Sec. glibc-common-2.17-326.el7_9.3.ppc64le
CVE-2024-33599 (RHSA-2024:3588) Important/Sec. glibc-common-2.17-326.el7_9.3.ppc64le
CVE-2024-33600 (RHSA-2024:3588) Important/Sec. glibc-common-2.17-326.el7_9.3.ppc64le
CVE-2024-33601 (RHSA-2024:3588) Important/Sec. glibc-common-2.17-326.el7_9.3.ppc64le
CVE-2024-33602 (RHSA-2024:3588) Important/Sec. glibc-common-2.17-326.el7_9.3.ppc64le
CVE-2024-2961 (RHSA-2024:3588) Important/Sec. glibc-devel-2.17-326.el7_9.3.ppc64le
CVE-2024-33599 (RHSA-2024:3588) Important/Sec. glibc-devel-2.17-326.el7_9.3.ppc64le
CVE-2024-33600 (RHSA-2024:3588) Important/Sec. glibc-devel-2.17-326.el7_9.3.ppc64le
CVE-2024-33601 (RHSA-2024:3588) Important/Sec. glibc-devel-2.17-326.el7_9.3.ppc64le
CVE-2024-33602 (RHSA-2024:3588) Important/Sec. glibc-devel-2.17-326.el7_9.3.ppc64le
CVE-2024-2961 (RHSA-2024:3588) Important/Sec. glibc-headers-2.17-326.el7_9.3.ppc64le
CVE-2024-33599 (RHSA-2024:3588) Important/Sec. glibc-headers-2.17-326.el7_9.3.ppc64le
CVE-2024-33600 (RHSA-2024:3588) Important/Sec. glibc-headers-2.17-326.el7_9.3.ppc64le
CVE-2024-33601 (RHSA-2024:3588) Important/Sec. glibc-headers-2.17-326.el7_9.3.ppc64le
CVE-2024-33602 (RHSA-2024:3588) Important/Sec. glibc-headers-2.17-326.el7_9.3.ppc64le
CVE-2024-2961 (RHSA-2024:3588) Important/Sec. nscd-2.17-326.el7_9.3.ppc64le
CVE-2024-33599 (RHSA-2024:3588) Important/Sec. nscd-2.17-326.el7_9.3.ppc64le
CVE-2024-33600 (RHSA-2024:3588) Important/Sec. nscd-2.17-326.el7_9.3.ppc64le
CVE-2024-33601 (RHSA-2024:3588) Important/Sec. nscd-2.17-326.el7_9.3.ppc64le
CVE-2024-33602 (RHSA-2024:3588) Important/Sec. nscd-2.17-326.el7_9.3.ppc64le7.9.24.03.SP24
Security patch is released in April 2024.
Restriction: If you are using version 1.0.26.x or earlier, you must upgrade to 1.0.27.x
or 1.0.28.x first to apply 7.9.24.03.SP24.
Restriction: After applying SP24, you can only upgrade to 1.0.28.2 or later.
Note: The following known issue might be observed:
- When upgrading from IAS version 1.0.27.x to SP24, the upgrade might fail during
the precheck with the following
error:
'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'Workaround:
Before you start the upgrade, perform the following steps:
- Create a directory for the upgrade bundle. Move the bundle inside the newly created directory.
Create another directory that is named EXTRACT. Then, run the following command to extract the
bundle:
tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - On node 0101, run the following
command:
sed -i -e '69,71 s/^/# /' /opt/ibm/appliance/apupgrade/modules/ibm/ca/apupgrade_prereqs/iias_apupgrade_prereqs.py - Run the following command to upgrade the apupgrade. Replace the directory name in the
command
<your-upgrade-dir>with the directory name that you used in your system:apupgrade --upgrade-apupgrade --upgrade-directory /localrepo --use-version <your-upgrade-dir> - Do the precheck again and continue with the upgrade.
- Create a directory for the upgrade bundle. Move the bundle inside the newly created directory.
Create another directory that is named EXTRACT. Then, run the following command to extract the
bundle:
The list of Red Hat CVEs, that are patched in this release:
CVE-2024-20918 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20919 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20921 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20926 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20945 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20952 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20918 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20919 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20921 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20926 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20945 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2024-20952 (RHSA-2024:0223) Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.402.b06-1.el7_9.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-abi-whitelists-3.10.0-1160.108.1.el7.noarch
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-bootwrapper-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-debug-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-debug-debuginfo-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-debug-devel-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-debuginfo-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-debuginfo-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-devel-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-headers-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-tools-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-tools-debuginfo-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-tools-libs-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. kernel-tools-libs-devel-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. perf-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-42753 (RHSA-2024:0346) Important/Sec. python-perf-3.10.0-1160.108.1.el7.ppc64le
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl100-firmware-39.31.5.1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl1000-firmware-1:39.31.5.1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl105-firmware-18.168.6.1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl135-firmware-18.168.6.1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl2000-firmware-18.168.6.1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl2030-firmware-18.168.6.1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl3160-firmware-25.30.13.0-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl3945-firmware-15.32.2.9-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl4965-firmware-228.61.2.24-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl5000-firmware-8.83.5.1_1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl5150-firmware-8.24.2.2-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl6000-firmware-9.221.4.1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl6000g2a-firmware-18.168.6.1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl6000g2b-firmware-18.168.6.1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl6050-firmware-41.28.5.1-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. iwl7260-firmware-25.30.13.0-82.el7_9.noarch
CVE-2023-20592 (RHSA-2024:0753) Moderate/Sec. linux-firmware-20200421-82.git78c0348.el7_9.noarch
CVE-2023-30861 (RHSA-2023:3525) Important/Sec. python-flask-0.10.1-7.el7_9.noarch.rpmImportant: The Integrated Analytics System 1.0.28.x allows
installation of security patches from SP20 and higher only. The Integrated Analytics System 1.0.28.x does not support installation of patches
SP19 and below since the platform software is upgraded from Python 2 to Python 3.
Important: The Integrated Analytics System does not support
AFMDR in this security patch. If you are using AFM/DR, contact IBM support before applying the
patch.
The 7.9.24.03.SP24 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.27.x or IAS 1.0.28.x.
7.9.23.12.SP23
Security patch is released in March 2024.
This patch consists of CVEs released in November and December.
Restriction: After applying SP23, you can upgrade to only 1.0.28.2 or above.
Note: The following known issue might be observed:
- When upgrading from IAS version 1.0.28.0 to SP23 after applying SP20, you might
not be able to see the total estimated upgrade time in the precheck log.
Workaround:
Before you start the upgrade, perform the following steps:
- Create a directory for the upgrade bundle. Move the bundle inside the newly created directory.
Create another directory that is named EXTRACT. Then, run the following command to extract the
bundle:
tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - On node 0101, run the following commands. Replace the directory name in the command
<your-upgrade-dir>with the directory name that you used in your system:sed -i -e '152s,exit 1,#exit 1,g' /localrepo/<your-upgrade-dir>/EXTRACT/bundle/app_img/python3_dependencies/install-py3.shsed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade - After upgrading to the apupgrade component, the upgrade might fail with the following
error:
Verifying bundle integrity and authenticity Bundle integrity and authenticity verification failed. Aborting preliminary checks - Run the following command again and restart the
upgrade:
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
- Create a directory for the upgrade bundle. Move the bundle inside the newly created directory.
Create another directory that is named EXTRACT. Then, run the following command to extract the
bundle:
Note: The following known issue might be observed:
- EMC installation with
appkgcommand after SP23 upgrade on IAS versions 1.0.25.0 or 1.0.26.x might fail with the following error:/home/apuser/install/emc_networker.yaml --path /home/apuser/install File "/opt/ibm/appliance/appkg_install/appkg_install", line 189 print "+---------------------+-------------------------------------------------------+" ^ SyntaxError: Missing parentheses in call to 'print'. Did you mean print("+---------------------+-------------------------------------------------------+")?Workaround:
Contact IBM support.
The list of Red Hat CVEs, that are patched in this release:
CVE-2023-3341 Important/Sec. bind-32:9.11.4-26.P2.el7_9.15.ppc64le
CVE-2023-3341 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.15.ppc64le
CVE-2023-3341 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.15.ppc64le
CVE-2023-3341 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.15.ppc64le
CVE-2023-3341 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.15.noarch
CVE-2023-3341 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.15.ppc64le
CVE-2023-22067 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.392.b08-2.el7_9.ppc64le
CVE-2023-22081 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.392.b08-2.el7_9.ppc64le
CVE-2023-22067 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.392.b08-2.el7_9.ppc64le
CVE-2023-22081 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.392.b08-2.el7_9.ppc64le
CVE-2022-43552 Low/Sec. curl-7.29.0-59.el7_9.2.ppc64le
CVE-2023-20569 Moderate/Sec. iwl100-firmware-39.31.5.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl100-firmware-39.31.5.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl1000-firmware-1:39.31.5.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl1000-firmware-1:39.31.5.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl105-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl105-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl135-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl135-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl2000-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl2000-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl2030-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl2030-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl3160-firmware-25.30.13.0-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl3160-firmware-25.30.13.0-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl3945-firmware-15.32.2.9-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl3945-firmware-15.32.2.9-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl4965-firmware-228.61.2.24-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl4965-firmware-228.61.2.24-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl5000-firmware-8.83.5.1_1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl5000-firmware-8.83.5.1_1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl5150-firmware-8.24.2.2-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl5150-firmware-8.24.2.2-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl6000-firmware-9.221.4.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl6000-firmware-9.221.4.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl6000g2a-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl6000g2a-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl6000g2b-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl6000g2b-firmware-18.168.6.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl6050-firmware-41.28.5.1-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl6050-firmware-41.28.5.1-81.el7_9.noarch
CVE-2023-20569 Moderate/Sec. iwl7260-firmware-25.30.13.0-81.el7_9.noarch
CVE-2023-20593 Moderate/Sec. iwl7260-firmware-25.30.13.0-81.el7_9.noarch
CVE-2022-40982 Important/Sec. kernel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-abi-whitelists-3.10.0-1160.105.1.el7.noarch
CVE-2023-3611 Important/Sec. kernel-abi-whitelists-3.10.0-1160.105.1.el7.noarch
CVE-2023-3776 Important/Sec. kernel-abi-whitelists-3.10.0-1160.105.1.el7.noarch
CVE-2023-4128 Important/Sec. kernel-abi-whitelists-3.10.0-1160.105.1.el7.noarch
CVE-2023-4206 Important/Sec. kernel-abi-whitelists-3.10.0-1160.105.1.el7.noarch
CVE-2023-4207 Important/Sec. kernel-abi-whitelists-3.10.0-1160.105.1.el7.noarch
CVE-2023-4208 Important/Sec. kernel-abi-whitelists-3.10.0-1160.105.1.el7.noarch
CVE-2022-40982 Important/Sec. kernel-bootwrapper-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-bootwrapper-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-bootwrapper-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-bootwrapper-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-bootwrapper-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-bootwrapper-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-bootwrapper-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-debug-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-debug-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-debug-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-debug-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-debug-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-debug-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-debug-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-debug-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-debug-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-debug-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-debug-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-debug-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-debug-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-debug-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-headers-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-tools-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-tools-libs-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-40982 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.105.1.el7.ppc64le
CVE-2022-43552 Low/Sec. libcurl-7.29.0-59.el7_9.2.ppc64le
CVE-2020-22218 Moderate/Sec. libssh2-1.8.0-4.el7_9.1.ppc64le
CVE-2023-20569 Moderate/Sec. linux-firmware-20200421-81.git78c0348.el7_9.noarch
CVE-2023-20593 Moderate/Sec. linux-firmware-20200421-81.git78c0348.el7_9.noarch
CVE-2022-40982 Important/Sec. perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-40217 Important/Sec. python-2.7.5-94.el7_9.ppc64le
CVE-2023-40217 Important/Sec. python-devel-2.7.5-94.el7_9.ppc64le
CVE-2023-40217 Important/Sec. python-libs-2.7.5-94.el7_9.ppc64le
CVE-2022-40982 Important/Sec. python-perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3611 Important/Sec. python-perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-3776 Important/Sec. python-perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4128 Important/Sec. python-perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4206 Important/Sec. python-perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4207 Important/Sec. python-perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-4208 Important/Sec. python-perf-3.10.0-1160.105.1.el7.ppc64le
CVE-2023-40217 Important/Sec. python3-3.6.8-21.el7_9.ppc64le
CVE-2023-40217 Important/Sec. python3-libs-3.6.8-21.el7_9.ppc64le
CVE-2023-38403 Important/Sec. iperf3-3.1.7-3.el7_9.ppc64le.rpm
CVE-2023-38403 Important/Sec. iperf3-debuginfo-3.1.7-3.el7_9.ppc64le.rpm
CVE-2023-38403 Important/Sec. iperf3-devel-3.1.7-3.el7_9.ppc64le.rpm
Important: The Integrated Analytics System 1.0.28.x allows
installation of security patches from SP20 and higher only. The Integrated Analytics System 1.0.28.x does not support installation of patches
SP19 and below since the platform software is upgraded from Python 2 to Python 3.
Important: The Integrated Analytics System does not support
AFMDR in this security patch. If you are using AFM/DR, contact IBM support before applying the
patch.
The 7.9.23.12.SP23 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x, IAS 1.0.28.x.
7.9.23.09.SP22
Security patch released in September, 2023.
The list of Red Hat CVEs that are patched in this release:
CVE-2023-32360 Important/Sec. cups-1:1.6.3-52.el7_9.ppc64le
CVE-2023-32360 Important/Sec. cups-client-1:1.6.3-52.el7_9.ppc64le
CVE-2023-32360 Important/Sec. cups-filesystem-1:1.6.3-52.el7_9.noarch
CVE-2023-32360 Important/Sec. cups-libs-1:1.6.3-52.el7_9.ppc64le
CVE-2023-20593 Important/Sec. kernel-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-abi-whitelists-3.10.0-1160.99.1.el7.noarch
CVE-2023-35788 Important/Sec. kernel-abi-whitelists-3.10.0-1160.99.1.el7.noarch
CVE-2023-20593 Important/Sec. kernel-bootwrapper-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-bootwrapper-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-debug-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-debug-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-debug-devel-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-debug-devel-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-devel-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-devel-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-headers-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-headers-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-tools-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-tools-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-tools-libs-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-tools-libs-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. perf-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. perf-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-20593 Important/Sec. python-perf-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-35788 Important/Sec. python-perf-3.10.0-1160.99.1.el7.ppc64le
CVE-2023-3899 Moderate/Sec. python-syspurpose-1.24.52-2.el7_9.ppc64le
CVE-2023-3899 Moderate/Sec. subscription-manager-1.24.52-2.el7_9.ppc64le
CVE-2023-3899 Moderate/Sec. subscription-manager-rhsm-1.24.52-2.el7_9.ppc64le
CVE-2023-3899 Moderate/Sec. subscription-manager-rhsm-certificates-1.24.52-2.el7_9.ppc64le
Important: The Integrated Analytics System 1.0.28.x allows
installation of security patches from SP20 and higher only. The Integrated Analytics System 1.0.28.x does not support installation of patches
SP19 and below since the platform software is upgraded from Python 2 to Python 3.
Important: The Integrated Analytics System does not support
AFMDR in this security patch. If you are using AFM/DR, contact IBM support before applying the
patch.
The 7.9.23.09.SP22 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x, IAS 1.0.28.x.
Note: The following known issues might be observed:
- When upgrading 1.0.25.0 to SP22 to 1.0.26.4, the upgrade will fail with the following
error:
Upgrade Detail: Bundle level prepare Caller Info:The call was made from 'IIASBundleUpgradePreparer.reinstall_gpfs_kernel_modules' on line 528 with file located at '/localrepo/1.0.26.4_release/EXTRACT/upgrade/modules/ibm/ca/preparer/bundleupgradepreparer.py' Message: Problem encountered reinstalling GPFS kernel modules Problem encountered rebuilding kernel modulesWorkaround:
Before you start the upgrade, perform the following steps:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Run the following two commands from node0101. Replace directory name in the commands with the
actual upgrade directory name that you used on your system.
-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
- When upgrading 1.0.25.0 or 1.0.26.x to SP22 to 1.0.27.x to 1.0.28.x, the upgrade might
fail with the following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
7.9.23.08.SP21
Security patch released in August 2023
Important: The Integrated Analytics System 1.0.28.x allows
installation of security patches from SP20 and higher only. The Integrated Analytics System 1.0.28.x does not support installation of patches
SP19 and below since the platform software is upgraded from Python 2 to Python 3.
Important: The Integrated Analytics System does not support
AFMDR in this security patch. If you are using AFM/DR, contact IBM support before applying the
patch.
The 7.9.23.08.SP21 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x, IAS 1.0.28.x.
Note: The following known issues might be observed:
- When upgrading 1.0.25.0 to SP21 to 1.0.26.4, the upgrade will fail with the following
error:
Upgrade Detail: Bundle level prepare Caller Info:The call was made from 'IIASBundleUpgradePreparer.reinstall_gpfs_kernel_modules' on line 528 with file located at '/localrepo/1.0.26.4_release/EXTRACT/upgrade/modules/ibm/ca/preparer/bundleupgradepreparer.py' Message: Problem encountered reinstalling GPFS kernel modules Problem encountered rebuilding kernel modulesWorkaround:
Before you start the upgrade, perform the following steps:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Run the following two commands from node0101. Replace directory name in the commands with the
actual upgrade directory name that you used on your system.
-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
- When upgrading 1.0.25.0 or 1.0.26.x to SP21 to 1.0.27.x to 1.0.28.x, the upgrade might
fail with the following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2023-2828 Important/Sec. bind-32:9.11.4-26.P2.el7_9.14.ppc64le
CVE-2023-2828 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.14.ppc64le
CVE-2023-2828 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.14.ppc64le
CVE-2023-2828 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.14.ppc64le
CVE-2023-2828 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.14.noarch
CVE-2023-2828 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.14.ppc64le
CVE-2023-22045 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.382.b05-1.el7_9.ppc64le
CVE-2023-22049 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.382.b05-1.el7_9.ppc64le
CVE-2023-22045 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.382.b05-1.el7_9.ppc64le
CVE-2023-22049 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.382.b05-1.el7_9.ppc64le
CVE-2022-3564 Important/Sec. kernel-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-abi-whitelists-3.10.0-1160.95.1.el7.noarch
CVE-2022-3564 Important/Sec. kernel-bootwrapper-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-debug-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-debug-devel-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-debuginfo-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-debuginfo-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-devel-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-headers-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-tools-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-tools-libs-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.95.1.el7.ppc64le
CVE-2023-38408 Important/Sec. openssh-7.4p1-23.el7_9.ppc64le
CVE-2023-38408 Important/Sec. openssh-clients-7.4p1-23.el7_9.ppc64le
CVE-2023-38408 Important/Sec. openssh-server-7.4p1-23.el7_9.ppc64le
CVE-2022-3564 Important/Sec. perf-3.10.0-1160.95.1.el7.ppc64le
CVE-2022-3564 Important/Sec. python-perf-3.10.0-1160.95.1.el7.ppc64le
CVE-2020-26116 Moderate/Sec. rh-python36-python-3.6.12-1.el7.ppc64le.rpm
CVE-2020-26116 Moderate/Sec. rh-python36-python-devel-3.6.12-1.el7.ppc64le.rpm
CVE-2020-26116 Moderate/Sec. rh-python36-python-libs-3.6.12-1.el7.ppc64le.rpm
CVE-2020-26116 Moderate/Sec. rh-python36-python-pip-9.0.1-5.el7.noarch.rpm
CVE-2020-26116 Moderate/Sec. rh-python36-python-virtualenv-15.1.0-3.el7.noarch.rpm
7.9.23.07.SP20
Security patch released in August, 2023.
Note: This security patch release note includes a
combined list of CVEs from May, June and July, 2023.
Important: The Integrated Analytics System 1.0.28.x allows
installation of security patches from SP20 and higher only. The Integrated Analytics System 1.0.28.x does not support installation of patches
SP19 and below since the platform software is upgraded from Python 2 to Python 3.
Important: The Integrated Analytics System does not support
AFMDR in this security patch. If you are using AFM/DR, contact IBM support before applying the
patch.
The 7.9.23.07.SP20 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x, IAS 1.0.28.x.
Note: The following known issues might be observed:
- When upgrading 1.0.25.0 to SP20 to 1.0.26.4, the upgrade will fail with the following
error:
Upgrade Detail: Bundle level prepare Caller Info:The call was made from 'IIASBundleUpgradePreparer.reinstall_gpfs_kernel_modules' on line 528 with file located at '/localrepo/1.0.26.4_release/EXTRACT/upgrade/modules/ibm/ca/preparer/bundleupgradepreparer.py' Message: Problem encountered reinstalling GPFS kernel modules Problem encountered rebuilding kernel modulesWorkaround:
Before you start the upgrade, perform the following steps:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
that is named EXTRACT. Then extract the bundle by running the
command:
tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Run the following two commands from node0101. Replace directory name in the commands with the
actual upgrade directory name that you used on your system.
-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
that is named EXTRACT. Then extract the bundle by running the
command:
- When upgrading 1.0.25.0 or 1.0.26.x to SP20 to 1.0.27.x to 1.0.28.x, the upgrade might
fail with the following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupSo that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2023-21930 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21937 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21938 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21939 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21954 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21967 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21968 Important/Sec. java-1.8.0-openjdk-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21930 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21937 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21938 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21939 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21954 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21967 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2023-21968 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.372.b07-1.el7_9.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-abi-whitelists-3.10.0-1160.90.1.el7.noarch
CVE-2022-43750 Moderate/Sec. kernel-bootwrapper-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-debug-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-debug-devel-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-devel-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-headers-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-tools-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-tools-libs-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. kernel-tools-libs-devel-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. perf-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-43750 Moderate/Sec. python-perf-3.10.0-1160.90.1.el7.ppc64le
CVE-2022-25147 Important/Sec. apr-util-1.5.2-6.el7_9.1.ppc64le
CVE-2023-25652 Important/Sec. git-1.8.3.1-25.el7_9.ppc64le
CVE-2023-29007 Important/Sec. git-1.8.3.1-25.el7_9.ppc64le
CVE-2023-25652 Important/Sec. perl-Git-1.8.3.1-25.el7_9.noarch
CVE-2023-29007 Important/Sec. perl-Git-1.8.3.1-25.el7_9.noarch
CVE-2023-32067 Important/Sec. c-ares-1.10.0-3.el7_9.1.ppc64le
CVE-2022-48339 Moderate/Sec. emacs-filesystem-1:24.3-23.el7_9.1.noarch
CVE-2023-24329 Important/Sec. python-2.7.5-93.el7_9.ppc64le
CVE-2023-24329 Important/Sec. python-devel-2.7.5-93.el7_9.ppc64le
CVE-2023-24329 Important/Sec. python-libs-2.7.5-93.el7_9.ppc64le
CVE-2023-24329 Important/Sec. python3-3.6.8-19.el7_9.ppc64le
CVE-2023-24329 Important/Sec. python3-libs-3.6.8-19.el7_9.ppc64le
7.9.23.04.SP19
Security patch released in April 2023.
Important: The Integrated Analytics System does not support
AFMDR in this security patch. If you are using AFM/DR, contact IBM support before applying the
patch.
Note: IAS 1.0.28.0 does not support installation of SP19 and lower patches because 1.0.28.x works
only on Python 3 platform.
The 7.9.23.04.SP19 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP19 is already installed on it.
Note: The following known issues might be observed:
- When upgrading 1.0.25.0 to SP19 to 1.0.26.4, the upgrade will fail with the following
error:
Upgrade Detail: Bundle level prepare Caller Info:The call was made from 'IIASBundleUpgradePreparer.reinstall_gpfs_kernel_modules' on line 528 with file located at '/localrepo/1.0.26.4_release/EXTRACT/upgrade/modules/ibm/ca/preparer/bundleupgradepreparer.py' Message: Problem encountered reinstalling GPFS kernel modules Problem encountered rebuilding kernel modulesWorkaround:
Before you start the upgrade, perform the following steps:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Run the following two commands from node0101. Replace directory name in the commands with the
actual upgrade directory name that you used on your system.
-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
- When upgrading 1.0.25.0 or 1.0.26.x to SP19 to 1.0.27.x, the upgrade might fail with the
following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2023-25690 Important/Sec. httpd-2.4.6-98.el7_9.7.ppc64le
CVE-2023-25690 Important/Sec. httpd-tools-2.4.6-98.el7_9.7.ppc64le
CVE-2022-4378 Important/Sec. kernel-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-abi-whitelists-3.10.0-1160.88.1.el7.noarch
CVE-2022-42703 Important/Sec. kernel-abi-whitelists-3.10.0-1160.88.1.el7.noarch
CVE-2022-4378 Important/Sec. kernel-bootwrapper-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-bootwrapper-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-debug-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-debug-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-debug-devel-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-debug-devel-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-devel-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-devel-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-headers-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-headers-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-tools-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-tools-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-tools-libs-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-tools-libs-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-38023 Important/Sec. libsmbclient-4.10.16-24.el7_9.ppc64le
CVE-2022-38023 Important/Sec. libwbclient-4.10.16-24.el7_9.ppc64le
CVE-2023-25690 Important/Sec. mod_ssl-1:2.4.6-98.el7_9.7.ppc64le
CVE-2023-0767 Important/Sec. nss-3.79.0-5.el7_9.ppc64le
CVE-2023-0767 Important/Sec. nss-sysinit-3.79.0-5.el7_9.ppc64le
CVE-2023-0767 Important/Sec. nss-tools-3.79.0-5.el7_9.ppc64le
CVE-2023-0286 Important/Sec. openssl-1:1.0.2k-26.el7_9.ppc64le
CVE-2023-0286 Important/Sec. openssl-devel-1:1.0.2k-26.el7_9.ppc64le
CVE-2023-0286 Important/Sec. openssl-libs-1:1.0.2k-26.el7_9.ppc64le
CVE-2022-4378 Important/Sec. perf-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. perf-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-4378 Important/Sec. python-perf-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-42703 Important/Sec. python-perf-3.10.0-1160.88.1.el7.ppc64le
CVE-2022-38023 Important/Sec. samba-client-libs-4.10.16-24.el7_9.ppc64le
CVE-2022-38023 Important/Sec. samba-common-4.10.16-24.el7_9.noarch
CVE-2022-38023 Important/Sec. samba-common-libs-4.10.16-24.el7_9.ppc64le
CVE-2022-38023 Important/Sec. samba-libs-4.10.16-24.el7_9.ppc64le
CVE-2022-37434 Moderate/Sec. zlib-1.2.7-21.el7_9.ppc64le
CVE-2022-37434 Moderate/Sec. zlib-devel-1.2.7-21.el7_9.ppc64le
7.9.23.03.SP18
Security patch released in March, 2023.
Important: The Integrated Analytics System does not support
AFMDR in this security patch. If you are using AFM/DR, contact IBM support before applying the
patch.
The 7.9.23.03.SP18 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP18 is already installed on it.
Note: The following known issues might be observed:
- When upgrading 1.0.25.0 to SP18 to 1.0.26.4, the upgrade will fail with the following
error:
Upgrade Detail: Bundle level prepare Caller Info:The call was made from 'IIASBundleUpgradePreparer.reinstall_gpfs_kernel_modules' on line 528 with file located at '/localrepo/1.0.26.4_release/EXTRACT/upgrade/modules/ibm/ca/preparer/bundleupgradepreparer.py' Message: Problem encountered reinstalling GPFS kernel modules Problem encountered rebuilding kernel modulesWorkaround:
Before you start the upgrade, perform the following steps:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Run the following two commands from node0101. Replace directory name in the commands with the
actual upgrade directory name that you used on your system.
-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
- When upgrading 1.0.25.0 or 1.0.26.x to SP18 to 1.0.27.x, the upgrade might fail with the
following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2022-23521 Important/Sec. git-1.8.3.1-24.el7_9.ppc64le
CVE-2022-41903 Important/Sec. git-1.8.3.1-24.el7_9.ppc64le
CVE-2022-23521 Important/Sec. perl-Git-1.8.3.1-24.el7_9.noarch
CVE-2022-41903 Important/Sec. perl-Git-1.8.3.1-24.el7_9.noarch
7.9.23.02.SP17
Security patch released in February, 2023.
Important: The Integrated Analytics System does not support
AFMDR in this security patch. If you are using AFM/DR, contact IBM support before applying the
patch.
The 7.9.23.02.SP17 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP17 is already installed on it.
Note: The following known issues might be observed:
- When upgrading 1.0.25.0 to SP17 to 1.0.26.4, the upgrade will fail with the following
error:
Upgrade Detail: Bundle level prepare Caller Info:The call was made from 'IIASBundleUpgradePreparer.reinstall_gpfs_kernel_modules' on line 528 with file located at '/localrepo/1.0.26.4_release/EXTRACT/upgrade/modules/ibm/ca/preparer/bundleupgradepreparer.py' Message: Problem encountered reinstalling GPFS kernel modules Problem encountered rebuilding kernel modulesWorkaround:
Before you start the upgrade, perform the following steps:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Run the following two commands from node0101. Replace directory name in the commands with the
actual upgrade directory name that you used on your system.
-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
- When upgrading 1.0.25.0 or 1.0.26.x to SP17 to 1.0.27.x, the upgrade might fail with the
following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2021-25220 Moderate/Sec. bind-32:9.11.4-26.P2.el7_9.13.ppc64le
CVE-2022-2795 Moderate/Sec. bind-32:9.11.4-26.P2.el7_9.13.ppc64le
CVE-2021-25220 Moderate/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.13.ppc64le
CVE-2022-2795 Moderate/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.13.ppc64le
CVE-2021-25220 Moderate/Sec. bind-libs-32:9.11.4-26.P2.el7_9.13.ppc64le
CVE-2022-2795 Moderate/Sec. bind-libs-32:9.11.4-26.P2.el7_9.13.ppc64le
CVE-2021-25220 Moderate/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.13.ppc64le
CVE-2022-2795 Moderate/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.13.ppc64le
CVE-2021-25220 Moderate/Sec. bind-license-32:9.11.4-26.P2.el7_9.13.noarch
CVE-2022-2795 Moderate/Sec. bind-license-32:9.11.4-26.P2.el7_9.13.noarch
CVE-2021-25220 Moderate/Sec. bind-utils-32:9.11.4-26.P2.el7_9.13.ppc64le
CVE-2022-2795 Moderate/Sec. bind-utils-32:9.11.4-26.P2.el7_9.13.ppc64le
CVE-2023-21830 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.362.b08-1.el7_9.ppc64le
CVE-2023-21843 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.362.b08-1.el7_9.ppc64le
CVE-2023-21830 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.362.b08-1.el7_9.ppc64le
CVE-2023-21843 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.362.b08-1.el7_9.ppc64le
CVE-2021-26401 Important/Sec. kernel-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-abi-whitelists-3.10.0-1160.83.1.el7.noarch
CVE-2022-2964 Important/Sec. kernel-abi-whitelists-3.10.0-1160.83.1.el7.noarch
CVE-2021-26401 Important/Sec. kernel-bootwrapper-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-bootwrapper-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-debug-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-debug-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-debug-devel-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-debug-devel-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-devel-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-devel-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-headers-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-headers-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-tools-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-tools-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-tools-libs-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-tools-libs-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-4254 Important/Sec. libipa_hbac-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. libsss_autofs-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. libsss_certmap-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. libsss_idmap-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. libsss_nss_idmap-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. libsss_simpleifp-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. libsss_sudo-1.16.5-10.el7_9.15.ppc64le
CVE-2021-26401 Important/Sec. perf-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. perf-3.10.0-1160.83.1.el7.ppc64le
CVE-2021-26401 Important/Sec. python-perf-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-2964 Important/Sec. python-perf-3.10.0-1160.83.1.el7.ppc64le
CVE-2022-4254 Important/Sec. python-sss-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. python-sssdconfig-1.16.5-10.el7_9.15.noarch
CVE-2022-4254 Important/Sec. sssd-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-ad-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-client-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-common-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-common-pac-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-dbus-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-ipa-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-krb5-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-krb5-common-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-ldap-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-proxy-1.16.5-10.el7_9.15.ppc64le
CVE-2022-4254 Important/Sec. sssd-tools-1.16.5-10.el7_9.15.ppc64le
CVE-2023-22809 Important/Sec. sudo-1.8.23-10.el7_9.3.ppc64le
CVE-2022-42920 Important/Sec. bcel-5.2-19.el7_9.noarch
CVE-2022-28733 Important/Sec. grub2-1:2.02-0.87.el7_9.11.ppc64le
CVE-2022-28733 Important/Sec. grub2-common-1:2.02-0.87.el7_9.11.noarch
CVE-2022-28733 Important/Sec. grub2-ppc64le-1:2.02-0.87.el7_9.11.ppc64le
CVE-2022-28733 Important/Sec. grub2-ppc64le-modules-1:2.02-0.87.el7_9.11.noarch
CVE-2022-28733 Important/Sec. grub2-tools-1:2.02-0.87.el7_9.11.ppc64le
CVE-2022-28733 Important/Sec. grub2-tools-extra-1:2.02-0.87.el7_9.11.ppc64le
CVE-2022-28733 Important/Sec. grub2-tools-minimal-1:2.02-0.87.el7_9.11.ppc64le
CVE-2022-2414 Important/Sec. pki-base-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-base-java-10.5.18-24.el7_9.noarch
CVE-2022-2414 Important/Sec. pki-tools-10.5.18-24.el7_9.ppc64le
7.9.22.12.SP15
Security patch released in December, 2022.
Important: The Integrated Analytics System does not support
AFMDR in this security patch. If you are using AFM/DR, contact IBM support before applying the
patch.
The 7.9.22.12.SP15 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP15 is already installed on it.
Note: The following known issues might be observed:
- When upgrading 1.0.25.0 to SP15 to 1.0.26.x, the upgrade will fail with the following
error:
Upgrade Detail: Bundle level prepare Caller Info:The call was made from 'IIASBundleUpgradePreparer.reinstall_gpfs_kernel_modules' on line 528 with file located at '/localrepo/1.0.26.4_release/EXTRACT/upgrade/modules/ibm/ca/preparer/bundleupgradepreparer.py' Message: Problem encountered reinstalling GPFS kernel modules Problem encountered rebuilding kernel modulesWorkaround:
Before you start the upgrade, perform the following steps:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Run the following two commands from node0101. Replace directory name in the commands with the
actual upgrade directory name that you used on your system.
-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named EXTRACT. Then untar the bundle by running the
command:
- When upgrading 1.0.26.x to SP15 to 1.0.27.x, the upgrade might fail with the following
error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2022-41853 Important/Sec. hsqldb-1:1.8.1.3-15.el7_9.noarch
CVE-2022-42898 Important/Sec. krb5-devel-1.15.1-55.el7_9.ppc64le
CVE-2022-42898 Important/Sec. krb5-libs-1.15.1-55.el7_9.ppc64le
CVE-2022-42898 Important/Sec. krb5-workstation-1.15.1-55.el7_9.ppc64le
CVE-2022-42898 Important/Sec. libkadm5-1.15.1-55.el7_9.ppc64le
CVE-2022-41974 Important/Sec. device-mapper-multipath-0.4.9-136.el7_9.ppc64le
CVE-2022-41974 Important/Sec. device-mapper-multipath-libs-0.4.9-136.el7_9.ppc64le
CVE-2022-21619 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.ppc64le
CVE-2022-21624 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.ppc64le
CVE-2022-21626 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.ppc64le
CVE-2022-21628 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.352.b08-2.el7_9.ppc64le
CVE-2022-21619 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.ppc64le
CVE-2022-21624 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.ppc64le
CVE-2022-21626 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.ppc64le
CVE-2022-21628 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.352.b08-2.el7_9.ppc64le
CVE-2022-2588 Important/Sec. kernel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch
CVE-2022-23816 Important/Sec. kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch
CVE-2022-23825 Important/Sec. kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch
CVE-2022-26373 Important/Sec. kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch
CVE-2022-29900 Important/Sec. kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch
CVE-2022-29901 Important/Sec. kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch
CVE-2022-2588 Important/Sec. kernel-bootwrapper-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-bootwrapper-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-bootwrapper-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-bootwrapper-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-bootwrapper-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-bootwrapper-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-debug-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-debug-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-debug-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-debug-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-debug-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-debug-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-debug-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-debug-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-debug-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-debug-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-debug-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-debug-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-headers-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-tools-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-tools-libs-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2588 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-41974 Important/Sec. kpartx-0.4.9-136.el7_9.ppc64le
CVE-2022-2588 Important/Sec. perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-2393 Moderate/Sec. pki-base-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-base-java-10.5.18-23.el7_9.noarch
CVE-2022-2393 Moderate/Sec. pki-tools-10.5.18-23.el7_9.ppc64le
CVE-2022-2588 Important/Sec. python-perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23816 Important/Sec. python-perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-23825 Important/Sec. python-perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-26373 Important/Sec. python-perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29900 Important/Sec. python-perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2022-29901 Important/Sec. python-perf-3.10.0-1160.80.1.el7.ppc64le
CVE-2021-29740 gpfs.adv-5.1.2-7.ppc64le
7.9.22.10.SP14
Security patch released in October 26, 2022.
The 7.9.22.10.SP14 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP14 is already installed on it.
Note: The following known issues might be observed:
- When upgrading from 1.0.27.X to SP14, the upgrade might fail due to error
'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'. To workaround the issue, upgrade theapupgradebundle first:- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
EXTRACT. Then untar the bundle by running the command:tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Find the RPM, by running the following command and replacing
<version_dir>with the name of the directory you created.find /localrepo/<version_dir> -name "apupgrade*.rpm" - Run the following command and replace
<full_rpm_path>with the output from the previous command:- on 1.0.27.0:
rpm -Uvh <full_rpm_path> - on 1.0.27.1:
rpm -Uvh <full_rpm_path> --force
- on 1.0.27.0:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
- When upgrading from SP14 to 1.0.27.X, the upgrade might fail due to error
SupportToolsUpgrader.install : supporttools:SupportToolsUpgrader.install:Fatal Problem: Could not upgrade rpms on all nodes.. To workaround the issue:- Manually install the
rpm:
rpm -Uvh --replacepkgs --replacefiles /tmp/APUPGRADE/supporttools.20220311041711/*.rpm --force - Restart the upgrade.
- Manually install the
rpm:
- When upgrading 1.0.26.x to SP14 to 1.0.27.x, the upgrade might fail with the following
error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2022-38177 Important/Sec. bind-32:9.11.4-26.P2.el7_9.10.ppc64le
CVE-2022-38178 Important/Sec. bind-32:9.11.4-26.P2.el7_9.10.ppc64le
CVE-2022-38177 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.10.ppc64le
CVE-2022-38178 Important/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.10.ppc64le
CVE-2022-38177 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.10.ppc64le
CVE-2022-38178 Important/Sec. bind-libs-32:9.11.4-26.P2.el7_9.10.ppc64le
CVE-2022-38177 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.10.ppc64le
CVE-2022-38178 Important/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.10.ppc64le
CVE-2022-38177 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.10.noarch
CVE-2022-38178 Important/Sec. bind-license-32:9.11.4-26.P2.el7_9.10.noarch
CVE-2022-38177 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.10.ppc64le
CVE-2022-38178 Important/Sec. bind-utils-32:9.11.4-26.P2.el7_9.10.ppc64le
CVE-2022-40674 Important/Sec. expat-2.1.0-15.el7_9.ppc64le
7.9.22.09.SP13
Security patch released in September 2022.
The 7.9.22.09.SP13 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP13 is already installed on it.
Note: The following known issues might be observed:
- When upgrading from 1.0.27.X to SP13, the upgrade might fail due to error
'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'. To workaround the issue, upgrade theapupgradebundle first:- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
EXTRACT. Then untar the bundle by running the command:tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Find the RPM, by running the following command and replacing
<version_dir>with the name of the directory you created.find /localrepo/<version_dir> -name "apupgrade*.rpm" - Run the following command and replace
<full_rpm_path>with the output from the previous command:- on 1.0.27.0:
rpm -Uvh <full_rpm_path> - on 1.0.27.1:
rpm -Uvh <full_rpm_path> --force
- on 1.0.27.0:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
- When upgrading from SP13 to 1.0.27.X, the upgrade might fail due to error
SupportToolsUpgrader.install : supporttools:SupportToolsUpgrader.install:Fatal Problem: Could not upgrade rpms on all nodes.. To workaround the issue:- Manually install the
rpm:
rpm -Uvh --replacepkgs --replacefiles /tmp/APUPGRADE/supporttools.20220311041711/*.rpm --force - Restart the upgrade.
- Manually install the
rpm:
- When upgrading 1.0.26.x to SP13 to 1.0.27.x, the upgrade might fail with the following
error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2022-21123 Moderate/Sec. kernel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch
CVE-2022-21125 Moderate/Sec. kernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch
CVE-2022-21166 Moderate/Sec. kernel-abi-whitelists-3.10.0-1160.76.1.el7.noarch
CVE-2022-21123 Moderate/Sec. kernel-bootwrapper-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-bootwrapper-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-bootwrapper-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-debug-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-debug-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-debug-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-debug-devel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-debug-devel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-debug-devel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-devel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-devel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-devel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-headers-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-headers-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-headers-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-tools-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-tools-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-tools-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-tools-libs-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-tools-libs-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-tools-libs-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. kernel-tools-libs-devel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. kernel-tools-libs-devel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. kernel-tools-libs-devel-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-2526 Important/Sec. libgudev1-219-78.el7_9.7.ppc64le
CVE-2022-21123 Moderate/Sec. perf-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. perf-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. perf-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21123 Moderate/Sec. python-perf-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21125 Moderate/Sec. python-perf-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-21166 Moderate/Sec. python-perf-3.10.0-1160.76.1.el7.ppc64le
CVE-2022-29154 Important/Sec. rsync-3.1.2-11.el7_9.ppc64le
CVE-2022-2526 Important/Sec. systemd-219-78.el7_9.7.ppc64le
CVE-2022-2526 Important/Sec. systemd-libs-219-78.el7_9.7.ppc64le
CVE-2022-2526 Important/Sec. systemd-sysv-219-78.el7_9.7.ppc64le
7.9.22.08.SP12
Security patch released in August 2022.
The 7.9.22.08.SP12 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP12 is already installed on it.
Note: The following known issues might be observed:
- When upgrading from 1.0.27.X to SP12, the upgrade might fail due to error
'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'. To workaround the issue, upgrade theapupgradebundle first:- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
EXTRACT. Then untar the bundle by running the command:tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Find the RPM, by running the following command and replacing
<version_dir>with the name of the directory you created.find /localrepo/<version_dir> -name "apupgrade*.rpm" - Run the following command and replace
<full_rpm_path>with the output from the previous command:- on 1.0.27.0:
rpm -Uvh <full_rpm_path> - on 1.0.27.1:
rpm -Uvh <full_rpm_path> --force
- on 1.0.27.0:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
- When upgrading from SP12 to 1.0.27.X, the upgrade might fail due to error
SupportToolsUpgrader.install : supporttools:SupportToolsUpgrader.install:Fatal Problem: Could not upgrade rpms on all nodes.. To workaround the issue:- Manually install the
rpm:
rpm -Uvh --replacepkgs --replacefiles /tmp/APUPGRADE/supporttools.20220311041711/*.rpm --force - Restart the upgrade.
- Manually install the
rpm:
- When upgrading 1.0.26.x to SP12 to 1.0.27.x, the upgrade might fail with the following
error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2022-21540 Important/Sec. java-1.8.0-openjdk-1:1.8.0.342.b07-1.el7_9.ppc64le
CVE-2022-21541 Important/Sec. java-1.8.0-openjdk-1:1.8.0.342.b07-1.el7_9.ppc64le
CVE-2022-34169 Important/Sec. java-1.8.0-openjdk-1:1.8.0.342.b07-1.el7_9.ppc64le
CVE-2022-21540 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.342.b07-1.el7_9.ppc64le
CVE-2022-21541 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.342.b07-1.el7_9.ppc64le
CVE-2022-34169 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.342.b07-1.el7_9.ppc64le
7.9.22.07.SP11
Security patch released in July 2022.
The 7.9.22.07.SP11 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP11 is already installed on it.
Note: The following known issues might be observed:
- When upgrading from 1.0.27.X to SP11, the upgrade might
fail due to error
'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'. To workaround the issue, upgrade theapupgradebundle first:- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
EXTRACT. Then untar the bundle by running the command:tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Find the RPM, by running the following command and replacing
<version_dir>with the name of the directory you created.find /localrepo/<version_dir> -name "apupgrade*.rpm" - Run the following command and replace
<full_rpm_path>with the output from the previous command:- on 1.0.27.0:
rpm -Uvh <full_rpm_path> - on 1.0.27.1:
rpm -Uvh <full_rpm_path> --force
- on 1.0.27.0:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
- When upgrading from SP11 to 1.0.27.X, the upgrade might
fail due to error
SupportToolsUpgrader.install : supporttools:SupportToolsUpgrader.install:Fatal Problem: Could not upgrade rpms on all nodes.. To workaround the issue:- Manually install the
rpm:
rpm -Uvh --replacepkgs --replacefiles /tmp/APUPGRADE/supporttools.20220311041711/*.rpm --force - Restart the upgrade.
- Manually install the
rpm:
- When upgrading 1.0.26.x to SP11 to 1.0.27.x,
the upgrade might fail with the following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2022-1729 Important/Sec. kernel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-abi-whitelists-3.10.0-1160.71.1.el7.noarch
CVE-2022-1966 Important/Sec. kernel-abi-whitelists-3.10.0-1160.71.1.el7.noarch
CVE-2022-32250 Important/Sec. kernel-abi-whitelists-3.10.0-1160.71.1.el7.noarch
CVE-2022-1729 Important/Sec. kernel-bootwrapper-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-bootwrapper-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-bootwrapper-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-debug-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-debug-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-debug-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-debug-devel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-debug-devel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-debug-devel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-devel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-devel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-devel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-headers-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-headers-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-headers-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-tools-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-tools-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-tools-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-tools-libs-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-tools-libs-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-tools-libs-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1729 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.71.1.el7.ppc64le
CVE-2018-10916 Moderate/Sec. lftp-debuginfo-4.4.8-12.el7.ppc64le
CVE-2022-1729 Important/Sec. perf-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. perf-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. perf-3.10.0-1160.71.1.el7.ppc64le
CVE-2020-26116 Moderate/Sec. python-2.7.5-92.el7_9.ppc64le
CVE-2020-26137 Moderate/Sec. python-2.7.5-92.el7_9.ppc64le
CVE-2021-3177 Moderate/Sec. python-2.7.5-92.el7_9.ppc64le
CVE-2020-26116 Moderate/Sec. python-devel-2.7.5-92.el7_9.ppc64le
CVE-2020-26137 Moderate/Sec. python-devel-2.7.5-92.el7_9.ppc64le
CVE-2021-3177 Moderate/Sec. python-devel-2.7.5-92.el7_9.ppc64le
CVE-2020-26116 Moderate/Sec. python-libs-2.7.5-92.el7_9.ppc64le
CVE-2020-26137 Moderate/Sec. python-libs-2.7.5-92.el7_9.ppc64le
CVE-2021-3177 Moderate/Sec. python-libs-2.7.5-92.el7_9.ppc64le
CVE-2022-1729 Important/Sec. python-perf-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1966 Important/Sec. python-perf-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-32250 Important/Sec. python-perf-3.10.0-1160.71.1.el7.ppc64le
CVE-2022-1271 Important/Sec. xz-5.2.2-2.el7_9.ppc64le
CVE-2022-1271 Important/Sec. xz-devel-5.2.2-2.el7_9.ppc64le
CVE-2022-1271 Important/Sec. xz-libs-5.2.2-2.el7_9.ppc64le
7.9.22.06.SP10
Security patch released in June 2022.
The 7.9.22.06.SP10 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP10 is already installed on it.
Note: The following known issues might be observed:
- When upgrading from 1.0.27.X to SP10, the upgrade might
fail due to error
'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'. To workaround the issue, upgrade theapupgradebundle first:- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
EXTRACT. Then untar the bundle by running the command:tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Find the RPM, by running the following command and replacing
<version_dir>with the name of the directory you created.find /localrepo/<version_dir> -name "apupgrade*.rpm" - Run the following command and replace
<full_rpm_path>with the output from the previous command:- on 1.0.27.0:
rpm -Uvh <full_rpm_path> - on 1.0.27.1:
rpm -Uvh <full_rpm_path> --force
- on 1.0.27.0:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
- When upgrading from SP10 to 1.0.27.X, the upgrade might
fail due to error
SupportToolsUpgrader.install : supporttools:SupportToolsUpgrader.install:Fatal Problem: Could not upgrade rpms on all nodes.. To workaround the issue:- Manually install the
rpm:
rpm -Uvh --replacepkgs --replacefiles /tmp/APUPGRADE/supporttools.20220311041711/*.rpm --force - Restart the upgrade.
- Manually install the
rpm:
- When upgrading 1.0.26.x to SP10 to 1.0.27.x,
the upgrade might fail with the following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2022-1271 Important/Sec. gzip-1.5-11.el7_9.ppc64le
CVE-2022-0492 Important/Sec. kernel-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-abi-whitelists-3.10.0-1160.66.1.el7.noarch
CVE-2022-0492 Important/Sec. kernel-bootwrapper-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-debug-3.10.0-1160.66.1.el7.ppc64le
CVE-2020-15436 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-35513 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-15436 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-35513 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2019-19532 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-0427 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-7053 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-14351 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25211 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25645 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25656 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25705 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-28374 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-29661 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-20265 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2019-19532 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-0427 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-7053 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-14351 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25211 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25645 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25656 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25705 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-28374 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-29661 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-20265 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-27363 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27364 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27365 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27363 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27364 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27365 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2020-8648 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12362 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12363 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12364 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-27170 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2021-3347 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-8648 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12362 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12363 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12364 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-27170 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2021-3347 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-27777 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-22555 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29154 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29650 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-32399 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2020-27777 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-22555 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29154 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29650 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-32399 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-3715 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.42.2.el7.ppc64le
CVE-2021-3715 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.42.2.el7.ppc64le
CVE-2021-3653 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3656 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-22543 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-37576 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3653 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3656 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-22543 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-37576 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-debug-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-debug-debuginfo-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-debug-devel-3.10.0-1160.66.1.el7.ppc64le
CVE-2020-15436 Moderate/Sec. kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-35513 Moderate/Sec. kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-15436 Moderate/Sec. kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-35513 Moderate/Sec. kernel-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2019-19532 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-0427 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-7053 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-14351 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25211 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25645 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25656 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25705 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-28374 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-29661 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-20265 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2019-19532 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-0427 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-7053 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-14351 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25211 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25645 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25656 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25705 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-28374 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-29661 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-20265 Important/Sec. kernel-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-27363 Important/Sec. kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27364 Important/Sec. kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27365 Important/Sec. kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27363 Important/Sec. kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27364 Important/Sec. kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27365 Important/Sec. kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2020-8648 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12362 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12363 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12364 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-27170 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2021-3347 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-8648 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12362 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12363 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12364 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-27170 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2021-3347 Important/Sec. kernel-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-27777 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-22555 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29154 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29650 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-32399 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2020-27777 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-22555 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29154 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29650 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-32399 Important/Sec. kernel-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-3715 Moderate/Sec. kernel-debuginfo-3.10.0-1160.42.2.el7.ppc64le
CVE-2021-3715 Moderate/Sec. kernel-debuginfo-3.10.0-1160.42.2.el7.ppc64le
CVE-2021-3653 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3656 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-22543 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-37576 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3653 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3656 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-22543 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-37576 Important/Sec. kernel-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-debuginfo-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-debuginfo-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-debuginfo-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-debuginfo-3.10.0-1160.66.1.el7.ppc64le
CVE-2020-15436 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-35513 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-15436 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-35513 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.15.2.el7.ppc64le
CVE-2019-19532 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-0427 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-7053 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-14351 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25211 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25645 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25656 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25705 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-28374 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-29661 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-20265 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2019-19532 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-0427 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-7053 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-14351 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25211 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25645 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25656 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25705 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-28374 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-29661 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-20265 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-27363 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27364 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27365 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27363 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27364 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27365 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.24.1.el7.ppc64le
CVE-2020-8648 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12362 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12363 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12364 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-27170 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2021-3347 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-8648 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12362 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12363 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12364 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-27170 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2021-3347 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.31.1.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-27777 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-22555 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29154 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29650 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-32399 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.41.1.el7.ppc64le
CVE-2020-27777 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-22555 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29154 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29650 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-32399 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-3715 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.42.2.el7.ppc64le
CVE-2021-3715 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.42.2.el7.ppc64le
CVE-2021-3653 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3656 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-22543 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-37576 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3653 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3656 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-22543 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-37576 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.45.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.62.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-debuginfo-common-ppc64le-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-devel-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-headers-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-tools-3.10.0-1160.66.1.el7.ppc64le
CVE-2020-15436 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-35513 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-15436 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2020-35513 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.15.2.el7.ppc64le
CVE-2019-19532 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-0427 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-7053 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-14351 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25211 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25645 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25656 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25705 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-28374 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-29661 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-20265 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2019-19532 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-0427 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-7053 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-14351 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25211 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25645 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25656 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-25705 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-28374 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2020-29661 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-20265 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.21.1.el7.ppc64le
CVE-2021-27363 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27364 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27365 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27363 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27364 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2021-27365 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64le
CVE-2020-8648 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12362 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12363 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12364 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-27170 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2021-3347 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-8648 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12362 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12363 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-12364 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2020-27170 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2021-3347 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.31.1.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-27777 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-22555 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29154 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29650 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-32399 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2020-27777 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-22555 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29154 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-29650 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-32399 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.41.1.el7.ppc64le
CVE-2021-3715 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.42.2.el7.ppc64le
CVE-2021-3715 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.42.2.el7.ppc64le
CVE-2021-3653 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3656 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-22543 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-37576 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3653 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-3656 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-22543 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2021-37576 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.45.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-tools-debuginfo-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.62.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-tools-debuginfo-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-tools-libs-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. perf-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-0492 Important/Sec. python-perf-3.10.0-1160.66.1.el7.ppc64le
CVE-2022-24903 Important/Sec. rsyslog-8.24.0-57.el7_9.3.ppc64le
CVE-2018-25032 Important/Sec. zlib-1.2.7-20.el7_9.ppc64le
CVE-2018-25032 Important/Sec. zlib-devel-1.2.7-20.el7_9.ppc64le
7.9.22.05.SP9
Security patch released in May 2022.
The 7.9.22.05.SP9 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP9 is already installed on it.
Note: The following known issues might be observed:
- When upgrading from 1.0.27.X to SP9, the upgrade might fail
due to error
'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'. To workaround the issue, upgrade theapupgradebundle first:- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
EXTRACT. Then untar the bundle by running the command:tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Find the RPM, by running the following command and replacing
<version_dir>with the name of the directory you created.find /localrepo/<version_dir> -name "apupgrade*.rpm" - Run the following command and replace
<full_rpm_path>with the output from the previous command:- on 1.0.27.0:
rpm -Uvh <full_rpm_path> - on 1.0.27.1:
rpm -Uvh <full_rpm_path> --force
- on 1.0.27.0:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
- When upgrading from SP9 to 1.0.27.X, the upgrade might fail
due to error
SupportToolsUpgrader.install : supporttools:SupportToolsUpgrader.install:Fatal Problem: Could not upgrade rpms on all nodes.. To workaround the issue:- Manually install the
rpm:
rpm -Uvh --replacepkgs --replacefiles /tmp/APUPGRADE/supporttools.20220311041711/*.rpm --force - Restart the upgrade.
- Manually install the
rpm:
- When upgrading 1.0.26.x to SP9 to 1.0.27.x,
the upgrade might fail with the following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2022-21426 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.ppc64le
CVE-2022-21434 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.ppc64le
CVE-2022-21443 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.ppc64le
CVE-2022-21476 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.ppc64le
CVE-2022-21496 Important/Sec. java-1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9.ppc64le
CVE-2022-21426 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.ppc64le
CVE-2022-21434 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.ppc64le
CVE-2022-21443 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.ppc64le
CVE-2022-21476 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.ppc64le
CVE-2022-21496 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.332.b09-1.el7_9.ppc64le
7.9.22.03.SP8
Security patch released in April 2022.
The 7.9.22.03.SP8 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP8 is already installed on it.
Note: The following known issues might be observed:
- When upgrading from 1.0.27.X to SP8, the upgrade might fail
due to error
'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'. To workaround the issue, upgrade theapupgradebundle first:- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
EXTRACT. Then untar the bundle by running the command:tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Find the RPM, by running the following command and replacing
<version_dir>with the name of the directory you created.find /localrepo/<version_dir> -name "apupgrade*.rpm" - Run the following command and replace
<full_rpm_path>with the output from the previous command:- on 1.0.27.0:
rpm -Uvh <full_rpm_path> - on 1.0.27.1:
rpm -Uvh <full_rpm_path> --force
- on 1.0.27.0:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
- When upgrading from SP8 to 1.0.27.X, the upgrade might fail
due to error
SupportToolsUpgrader.install : supporttools:SupportToolsUpgrader.install:Fatal Problem: Could not upgrade rpms on all nodes.. To workaround the issue:- Manually install the
rpm:
rpm -Uvh --replacepkgs --replacefiles /tmp/APUPGRADE/supporttools.20220311041711/*.rpm --force - Restart the upgrade.
- Manually install the
rpm:
- When upgrading 1.0.26.x to SP8 to 1.0.27.x,
the upgrade might fail with the following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from node0101. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from node0101. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2021-4028 Important/Sec. kernel-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-abi-whitelists-3.10.0-1160.62.1.el7.noarch
CVE-2021-4083 Important/Sec. kernel-abi-whitelists-3.10.0-1160.62.1.el7.noarch
CVE-2021-4028 Important/Sec. kernel-bootwrapper-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-bootwrapper-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-debug-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-debug-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-debug-devel-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-debug-devel-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-devel-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-devel-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-headers-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-headers-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-tools-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-tools-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-tools-libs-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-tools-libs-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. perf-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. perf-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4028 Important/Sec. python-perf-3.10.0-1160.62.1.el7.ppc64le
CVE-2021-4083 Important/Sec. python-perf-3.10.0-1160.62.1.el7.ppc64le7.9.22.01.SP7
Security patch released in April 2022.
The 7.9.22.01.SP7 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x, IAS 1.0.26.x, IAS 1.0.27.x. Your system must be on 1.0.26.3 or newer to upgrade to 1.0.27.x if SP7 is already installed on it.
Note: The following known issues might be observed:
- When upgrading from 1.0.27.X to SP7, the upgrade might fail
due to error
'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'. To workaround the issue, upgrade theapupgradebundle first:- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
EXTRACT. Then untar the bundle by running the command:tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Find the RPM, by running the following command and replacing
<version_dir>with the name of the directory you created.find /localrepo/<version_dir> -name "apupgrade*.rpm" - Run the following command and replace
<full_rpm_path>with the output from the previous command:- on 1.0.27.0:
rpm -Uvh <full_rpm_path> - on 1.0.27.1:
rpm -Uvh <full_rpm_path> --force
- on 1.0.27.0:
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
- When upgrading from SP7 to 1.0.27.X, the upgrade might fail
due to error
SupportToolsUpgrader.install : supporttools:SupportToolsUpgrader.install:Fatal Problem: Could not upgrade rpms on all nodes.. To workaround the issue:- Manually install the
rpm:
rpm -Uvh --replacepkgs --replacefiles /tmp/APUPGRADE/supporttools.20220311041711/*.rpm --force - Restart the upgrade.
- Manually install the
rpm:
- When upgrading 1.0.26.x to SP7 to 1.0.27.x,
the upgrade might fail with the following error:
1. NodeosUpgrader.install Upgrade Detail: Component install for nodeos Caller Info:The call was made from 'NodeOSIIASInstaller.install' on line 123 with file located at '/localrepo/<your-upgrade-dir>/EXTRACT/upgrade/bundle_upgraders/../nodeos/node_os_iias_installer.py' Message: nodeos:NodeosUpgrader.install:Fatal Problem: Failed to install any new Node OS rpms...Workaround:
- Run the following two commands from e1n1. Replace
<your-upgrade-dir>directory name in the commands with the actual upgrade directory name that you used on your system.-
sed -i -e "0,/self._get_yum_repos_options() + ' ' + self.install_y/s/self._get_yum_repos_options() + ' ' + self.install_y/self._get_yum_repos_options() + ' ' + '--exclude=\"kernel*\"' + ' ' + self.install_y/" /localrepo/<your-upgrade-dir>/EXTRACT/system/upgrade/nodeos/node_os_installer.py -
sed -i -e 's,self.verify_bundle,#self.verify_bundle,g' /opt/ibm/appliance/apupgrade/bin/apupgrade
-
- If the following error is encountered:
1. PlatformservicesUpgrader.install Upgrade Detail: Component install for platformservices Caller Info:The call was made from 'PlatformservicesInstaller.install' on line 51 with file located at '/localrepo/1.0.27.0_release/EXTRACT/upgrade/bundle_upgraders/../platformservices/platformservices_installer.py' Message: platformservices:PlatformservicesUpgrader.install:Failed while trying to copy old package pysnmp-4.3.3-1.el7rhgs.noarch.rpm from /install/rhel7.4/ppc64le/netezza/packages/packages/ /install/rhel7.4/ppc64le/netezza/packages/ /install/apupgrade_os_image/netezza/packages/ to non-master nodeson all nodes, move
/install/rhel7.4/ppc64le/netezza/packages/packages/to/tmp/packages_backupso that there is only
/install/rhel7.4/ppc64le/netezza/packages/. - Rerun the same
apupgradecommand that failed.
- Run the following two commands from e1n1. Replace
The list of Red Hat CVEs that are patched in this release:
CVE-2020-25704 Moderate/Sec. kernel-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-abi-whitelists-3.10.0-1160.53.1.el7.noarch
CVE-2020-36322 Moderate/Sec. kernel-abi-whitelists-3.10.0-1160.53.1.el7.noarch
CVE-2021-42739 Moderate/Sec. kernel-abi-whitelists-3.10.0-1160.53.1.el7.noarch
CVE-2020-25704 Moderate/Sec. kernel-bootwrapper-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-bootwrapper-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-bootwrapper-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-debug-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-debug-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-debug-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-debug-devel-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-debug-devel-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-debug-devel-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-devel-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-devel-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-devel-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-headers-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-headers-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-headers-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-tools-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-tools-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-tools-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-tools-libs-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-tools-libs-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-tools-libs-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. kernel-tools-libs-devel-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. kernel-tools-libs-devel-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. kernel-tools-libs-devel-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-3712 Moderate/Sec. openssl-1:1.0.2k-23.el7_9.ppc64le
CVE-2021-3712 Moderate/Sec. openssl-devel-1:1.0.2k-23.el7_9.ppc64le
CVE-2021-3712 Moderate/Sec. openssl-libs-1:1.0.2k-23.el7_9.ppc64le
CVE-2020-25704 Moderate/Sec. perf-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. perf-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. perf-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-25704 Moderate/Sec. python-perf-3.10.0-1160.53.1.el7.ppc64le
CVE-2020-36322 Moderate/Sec. python-perf-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-42739 Moderate/Sec. python-perf-3.10.0-1160.53.1.el7.ppc64le
CVE-2021-26691 Important/Sec. httpd-2.4.6-97.el7_9.4.ppc64le
CVE-2021-34798 Important/Sec. httpd-2.4.6-97.el7_9.4.ppc64le
CVE-2021-39275 Important/Sec. httpd-2.4.6-97.el7_9.4.ppc64le
CVE-2021-44790 Important/Sec. httpd-2.4.6-97.el7_9.4.ppc64le
CVE-2021-26691 Important/Sec. httpd-tools-2.4.6-97.el7_9.4.ppc64le
CVE-2021-34798 Important/Sec. httpd-tools-2.4.6-97.el7_9.4.ppc64le
CVE-2021-39275 Important/Sec. httpd-tools-2.4.6-97.el7_9.4.ppc64le
CVE-2021-44790 Important/Sec. httpd-tools-2.4.6-97.el7_9.4.ppc64le
CVE-2021-26691 Important/Sec. mod_ssl-1:2.4.6-97.el7_9.4.ppc64le
CVE-2021-34798 Important/Sec. mod_ssl-1:2.4.6-97.el7_9.4.ppc64le
CVE-2021-39275 Important/Sec. mod_ssl-1:2.4.6-97.el7_9.4.ppc64le
CVE-2021-44790 Important/Sec. mod_ssl-1:2.4.6-97.el7_9.4.ppc64le
CVE-2021-45417 Important/Sec. aide-0.15.1-13.el7_9.1.ppc64le
CVE-2022-24407 Important/Sec. cyrus-sasl-2.1.26-24.el7_9.ppc64le
CVE-2022-24407 Important/Sec. cyrus-sasl-gssapi-2.1.26-24.el7_9.ppc64le
CVE-2022-24407 Important/Sec. cyrus-sasl-lib-2.1.26-24.el7_9.ppc64le
CVE-2022-21248 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21282 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21283 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21293 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21294 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21296 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21299 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21305 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21340 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21341 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21360 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21365 Moderate/Sec. java-1.8.0-openjdk-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21248 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21282 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21283 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21293 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21294 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21296 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21299 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21305 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21340 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21341 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21360 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2022-21365 Moderate/Sec. java-1.8.0-openjdk-headless-1:1.8.0.322.b06-1.el7_9.ppc64le
CVE-2020-0465 Important/Sec. kernel-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch
CVE-2020-0466 Important/Sec. kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch
CVE-2021-0920 Important/Sec. kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch
CVE-2021-3564 Important/Sec. kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch
CVE-2021-3573 Important/Sec. kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch
CVE-2021-3752 Important/Sec. kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch
CVE-2021-4155 Important/Sec. kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch
CVE-2022-0330 Important/Sec. kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch
CVE-2022-22942 Important/Sec. kernel-abi-whitelists-3.10.0-1160.59.1.el7.noarch
CVE-2020-0465 Important/Sec. kernel-bootwrapper-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-bootwrapper-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-bootwrapper-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-bootwrapper-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-bootwrapper-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-bootwrapper-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-bootwrapper-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-bootwrapper-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-bootwrapper-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-debug-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-debug-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-debug-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-debug-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-debug-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-debug-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-debug-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-debug-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-debug-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-debug-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-debug-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-debug-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-debug-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-debug-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-debug-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-debug-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-debug-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-debug-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-headers-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-tools-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-tools-libs-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. kernel-tools-libs-devel-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-23302 Important/Sec. log4j-1.2.17-18.el7_4.noarch
CVE-2022-23305 Important/Sec. log4j-1.2.17-18.el7_4.noarch
CVE-2022-23307 Important/Sec. log4j-1.2.17-18.el7_4.noarch
CVE-2020-25709 Moderate/Sec. openldap-2.4.44-25.el7_9.ppc64le
CVE-2020-25710 Moderate/Sec. openldap-2.4.44-25.el7_9.ppc64le
CVE-2020-25709 Moderate/Sec. openldap-clients-2.4.44-25.el7_9.ppc64le
CVE-2020-25710 Moderate/Sec. openldap-clients-2.4.44-25.el7_9.ppc64le
CVE-2020-25709 Moderate/Sec. openldap-servers-2.4.44-25.el7_9.ppc64le
CVE-2020-25710 Moderate/Sec. openldap-servers-2.4.44-25.el7_9.ppc64le
CVE-2020-0465 Important/Sec. perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0465 Important/Sec. python-perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2020-0466 Important/Sec. python-perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-0920 Important/Sec. python-perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3564 Important/Sec. python-perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3573 Important/Sec. python-perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-3752 Important/Sec. python-perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-4155 Important/Sec. python-perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-0330 Important/Sec. python-perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2022-22942 Important/Sec. python-perf-3.10.0-1160.59.1.el7.ppc64le
CVE-2021-44142 Critical/Sec. libsmbclient-4.10.16-18.el7_9.ppc64le
CVE-2021-44142 Critical/Sec. libwbclient-4.10.16-18.el7_9.ppc64le
CVE-2021-4034 Important/Sec. polkit-0.112-26.el7_9.1.ppc64le
CVE-2021-44142 Critical/Sec. samba-client-libs-4.10.16-18.el7_9.ppc64le
CVE-2021-44142 Critical/Sec. samba-common-4.10.16-18.el7_9.noarch
CVE-2021-44142 Critical/Sec. samba-common-libs-4.10.16-18.el7_9.ppc64le
CVE-2021-44142 Critical/Sec. samba-libs-4.10.16-18.el7_9.ppc64le 7.9.21.12.SP6
Security patch released in February 2022.
The 7.9.21.12.SP6 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.x and
IAS 1.0.26.x.
Note:
- If you are applying this patch on the 7.9.21.08.SP3 patch, you need to upgrade the
apupgradebundle first:- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
EXTRACT. Then untar the bundle by running the command:tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Find the RPM, by running the following command and replacing
<version_dir>with the name of the directory you created.find /localrepo/<version_dir> -name "apupgrade*.rpm" - Run the following command and replace
<full_rpm_path>with the output from the previous command:rpm -Uvh <full_rpm_path>
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
- The patch is not applicable to 1.0.27.0 as it's already part of the upgrade bundle in this
release. If you try to apply it on 1.0.27.0, it fails with the following error:
AttributeError: 'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'
The list of Red Hat CVEs that are patched in this release:
CVE-2020-36385 Important/Sec. kernel-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-abi-whitelists-3.10.0-1160.49.1.el7.noarch
CVE-2020-36385 Important/Sec. kernel-bootwrapper-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-debug-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-devel-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-headers-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-tools-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. kernel-tools-libs-3.10.0-1160.49.1.el7.ppc64le
CVE-2021-37750 Moderate/Sec. krb5-devel-1.15.1-51.el7_9.ppc64le
CVE-2021-37750 Moderate/Sec. krb5-libs-1.15.1-51.el7_9.ppc64le
CVE-2021-37750 Moderate/Sec. krb5-workstation-1.15.1-51.el7_9.ppc64le
CVE-2021-37750 Moderate/Sec. libkadm5-1.15.1-51.el7_9.ppc64le
CVE-2021-43527 Critical/Sec. nss-3.67.0-4.el7_9.ppc64le
CVE-2021-43527 Critical/Sec. nss-sysinit-3.67.0-4.el7_9.ppc64le
CVE-2021-43527 Critical/Sec. nss-tools-3.67.0-4.el7_9.ppc64le
CVE-2021-41617 Moderate/Sec. openssh-7.4p1-22.el7_9.ppc64le
CVE-2021-41617 Moderate/Sec. openssh-clients-7.4p1-22.el7_9.ppc64le
CVE-2021-41617 Moderate/Sec. openssh-server-7.4p1-22.el7_9.ppc64le
CVE-2020-36385 Important/Sec. perf-3.10.0-1160.49.1.el7.ppc64le
CVE-2020-36385 Important/Sec. python-perf-3.10.0-1160.49.1.el7.ppc64le
CVE-2021-20271 Moderate/Sec. rpm-4.11.3-48.el7_9.ppc64le
CVE-2021-20271 Moderate/Sec. rpm-build-4.11.3-48.el7_9.ppc64le
CVE-2021-20271 Moderate/Sec. rpm-build-libs-4.11.3-48.el7_9.ppc64le
CVE-2021-20271 Moderate/Sec. rpm-devel-4.11.3-48.el7_9.ppc64le
CVE-2021-20271 Moderate/Sec. rpm-libs-4.11.3-48.el7_9.ppc64le
CVE-2021-20271 Moderate/Sec. rpm-python-4.11.3-48.el7_9.ppc64le
CVE-2021-20277 Important/Sec. libldb-1.5.4-2.el7_9.ppc64le
CVE-2016-2124 Important/Sec. libsmbclient-4.10.16-17.el7_9.ppc64le
CVE-2020-25717 Important/Sec. libsmbclient-4.10.16-17.el7_9.ppc64le
CVE-2016-2124 Important/Sec. libwbclient-4.10.16-17.el7_9.ppc64le
CVE-2020-25717 Important/Sec. libwbclient-4.10.16-17.el7_9.ppc64le
CVE-2021-4104 Moderate/Sec. log4j-1.2.17-17.el7_4.noarch
CVE-2021-20305 Important/Sec. nettle-2.7.1-9.el7_9.ppc64le
CVE-2020-25692 Moderate/Sec. openldap-2.4.44-23.el7_9.ppc64le
CVE-2020-25692 Moderate/Sec. openldap-clients-2.4.44-23.el7_9.ppc64le
CVE-2020-25692 Moderate/Sec. openldap-servers-2.4.44-23.el7_9.ppc64le
CVE-2021-20277 Important/Sec. pyldb-1.5.4-2.el7_9.ppc64le
CVE-2016-2124 Important/Sec. samba-client-libs-4.10.16-17.el7_9.ppc64le
CVE-2020-25717 Important/Sec. samba-client-libs-4.10.16-17.el7_9.ppc64le
CVE-2016-2124 Important/Sec. samba-common-4.10.16-17.el7_9.noarch
CVE-2020-25717 Important/Sec. samba-common-4.10.16-17.el7_9.noarch
CVE-2016-2124 Important/Sec. samba-common-libs-4.10.16-17.el7_9.ppc64le
CVE-2020-25717 Important/Sec. samba-common-libs-4.10.16-17.el7_9.ppc64le
CVE-2016-2124 Important/Sec. samba-libs-4.10.16-17.el7_9.ppc64le
CVE-2020-25717 Important/Sec. samba-libs-4.10.16-17.el7_9.ppc64le
CVE-2021-26937 Important/Sec. screen-4.1.0-0.27.20120314git3c2946.el7_9.ppc64le
CVE-2021-27803 Important/Sec. wpa_supplicant-1:2.6-12.el7_9.2.ppc64le
CVE-2021-44142 Critical/Sec. libsmbclient-4.10.16-18.el7_9.ppc64le
CVE-2021-44142 Critical/Sec. libwbclient-4.10.16-18.el7_9.ppc64le
CVE-2021-4034 Important/Sec. polkit-0.112-26.el7_9.1.ppc64le
CVE-2021-44142 Critical/Sec. samba-client-libs-4.10.16-18.el7_9.ppc64le
CVE-2021-44142 Critical/Sec. samba-common-4.10.16-18.el7_9.noarch
CVE-2021-44142 Critical/Sec. samba-common-libs-4.10.16-18.el7_9.ppc64le
CVE-2021-44142 Critical/Sec. samba-libs-4.10.16-18.el7_9.ppc64le 7.9.21.10.SP4
Security patch released in November 2021.
The 7.9.21.10.SP4 patch is based on RHEL 7.9. You can install the patch only on IAS 1.0.25.0 and
later.
Note: The following known issues might be observed:
- When upgrading 7.9.21.08.SP3 to 7.9.21.10.SP4, the upgrade will fail with the following
error:
[apuser@node0101 localrepo]$ apupgrade --upgrade-directory /localrepo --upgrade --use-version 7.9.21.10.SP4-20211027.143437-3-release --update-switches --ignore-battery-reconditioning Logging to: /var/log/appliance/apupgrade/20211028/apupgrade20211028041008.log Unhandled error when attempting upgrade. Stack trace of failed command logged to /var/log/appliance/apupgrade/20211028/apupgrade20211028041008.log.tracelog Failed to retrieve and compare installed SP version <type 'exceptions.Exception'>Workaround:
Before you start the upgrade, perform the following step:
- Run the following command to ensure that
import reis added to theapupgrade_prereqs.pyfile.sed -i '/^import sys/aimport re' /opt/ibm/appliance/apupgrade/modules/ibm/ca/apupgrade_prereqs/apupgrade_prereqs.pyimport os import sys import re
- Run the following command to ensure that
The list of Red Hat CVEs that are patched in this release:
CVE-2020-35518 Moderate/Sec. 389-ds-base-1.3.10.2-12.el7_9.x86_64
CVE-2020-35518 Moderate/Sec. 389-ds-base-libs-1.3.10.2-12.el7_9.x86_64
CVE-2021-25214 Moderate/Sec. bind-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-export-libs-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-libs-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-libs-lite-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-license-32:9.11.4-26.P2.el7_9.7.noarch
CVE-2021-25214 Moderate/Sec. bind-pkcs11-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-pkcs11-libs-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-pkcs11-utils-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-25214 Moderate/Sec. bind-utils-32:9.11.4-26.P2.el7_9.7.x86_64
CVE-2021-3622 Low/Sec. hivex-1.3.10-6.12.el7_9.x86_64
CVE-2020-27777 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-devel-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-devel-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-headers-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-headers-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-tools-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-tools-3.10.0-1160.42.2.el7.x86_64
CVE-2020-27777 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. kernel-tools-libs-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. kernel-tools-libs-3.10.0-1160.42.2.el7.x86_64
CVE-2021-31535 Important/Sec. libX11-1.6.7-4.el7_9.x86_64
CVE-2021-31535 Important/Sec. libX11-common-1.6.7-4.el7_9.noarch
CVE-2021-3621 Important/Sec. libipa_hbac-1.16.5-10.el7_9.10.x86_64
CVE-2021-3246 Important/Sec. libsndfile-1.0.25-12.el7_9.1.x86_64
CVE-2021-3621 Important/Sec. libsss_autofs-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_certmap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_idmap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_simpleifp-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. libsss_sudo-1.16.5-10.el7_9.10.x86_64
CVE-2020-27777 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. perf-3.10.0-1160.42.2.el7.x86_64
CVE-2021-3622 Low/Sec. perl-hivex-1.3.10-6.12.el7_9.x86_64
CVE-2021-3621 Important/Sec. python-libipa_hbac-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. python-libsss_nss_idmap-1.16.5-10.el7_9.10.x86_64
CVE-2020-27777 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-22555 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29154 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-29650 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-32399 Important/Sec. python-perf-3.10.0-1160.41.1.el7.x86_64
CVE-2021-3715 Moderate/Sec. python-perf-3.10.0-1160.42.2.el7.x86_64
CVE-2021-3621 Important/Sec. python-sss-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. python-sss-murmur-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. python-sssdconfig-1.16.5-10.el7_9.10.noarch
CVE-2021-3621 Important/Sec. sssd-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-ad-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-client-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-common-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-common-pac-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-dbus-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-ipa-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-krb5-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-krb5-common-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-ldap-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-proxy-1.16.5-10.el7_9.10.x86_64
CVE-2021-3621 Important/Sec. sssd-tools-1.16.5-10.el7_9.10.x86_647.9.21.08.SP3
Security patch released in September 2021.
The 7.9.21.08.SP3 patch is based on RHEL 7.9. You can install the patch on IAS 1.0.25.0 and 1.0.26.0
Note:
- If you are applying this patch on 1.0.26.x, you need to upgrade the
apupgradebundle first:- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
EXTRACT. Then untar the bundle by running the command:tar -xvf <bundle_name> -C EXTRACT|-- Version |-- EXTRACT |-- bundle - Find the RPM, by running the following command and replacing
<version_dir>with the name of the directory you created.find /localrepo/<version_dir> -name "apupgrade*.rpm" - Run the following command and replace
<full_rpm_path>with the output from the previous command:rpm -Uvh <full_rpm_path>
- Create a directory for the upgrade bundle, move the bundle inside and create another directory
named
- The patch is not applicable to 1.0.27.0 as it's already part of the upgrade bundle in this
release. If you try to apply it on 1.0.27.0, it fails with the following error:
AttributeError: 'IIASApupgradePrereqs' object has no attribute 'ensure_base_os_matches_sp_base'
The list of Red Hat CVEs that are patched in this release:
CVE-2021-2341 Important/Sec. java-1.8.0-openjdk-1:1.8.0.302.b08-0.el7_9.ppc64le
CVE-2021-2369 Important/Sec. java-1.8.0-openjdk-1:1.8.0.302.b08-0.el7_9.ppc64le
CVE-2021-2388 Important/Sec. java-1.8.0-openjdk-1:1.8.0.302.b08-0.el7_9.ppc64le
CVE-2021-2341 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.302.b08-0.el7_9.ppc64le
CVE-2021-2369 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.302.b08-0.el7_9.ppc64le
CVE-2021-2388 Important/Sec. java-1.8.0-openjdk-headless-1:1.8.0.302.b08-0.el7_9.ppc64le
CVE-2019-20934 Important/Sec. kernel-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch
CVE-2020-11668 Important/Sec. kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch
CVE-2021-33033 Important/Sec. kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch
CVE-2021-33034 Important/Sec. kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch
CVE-2021-33909 Important/Sec. kernel-abi-whitelists-3.10.0-1160.36.2.el7.noarch
CVE-2019-20934 Important/Sec. kernel-bootwrapper-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-bootwrapper-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-bootwrapper-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-bootwrapper-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-bootwrapper-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-debug-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-debug-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-debug-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-debug-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-debug-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-devel-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-headers-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-tools-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. kernel-tools-libs-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. perf-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. perf-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. perf-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. perf-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. perf-3.10.0-1160.36.2.el7.ppc64le
CVE-2019-20934 Important/Sec. python-perf-3.10.0-1160.36.2.el7.ppc64le
CVE-2020-11668 Important/Sec. python-perf-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33033 Important/Sec. python-perf-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33034 Important/Sec. python-perf-3.10.0-1160.36.2.el7.ppc64le
CVE-2021-33909 Important/Sec. python-perf-3.10.0-1160.36.2.el7.ppc64le