News
Abstract
The IBM® Support Assistant Team Server 5.0.2.4 (Update) is now available for installation. This update contains fixes and notices to address security vulnerabilities.
Content
Below is a list of highlights and installation directions for IBM Support Assistant Team Server 5.0.2.4 (Update). If you have questions or problems, please post them to the IBM Support Assistant forum.
| System Requirements |
Back
| Update List |
ISA Team Server uses the IBM WebSphere Liberty Profile and ISA 5.0.2.4 is updated to WebSphere Liberty 17.0.0.1 for currency.
Note: The "Memory Analyzer [Web]" tool does not run successfully under WebSphere Liberty 17.0.0.1. The tool does start but hangs and does not complete. "Memory Analyzer [Report]" and "Memory Analyzer [Desktop]" are not affected and can be used as an alternative to the Web edition of the tool. If you are unable to use the Report or Desktop editions of the Memory Analyzer tool, then do not upgrade to ISA 5.0.2.4.
There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 1.8.0 used by ISA 5.0.2.4. These issues were disclosed as part of the IBM Java SDK updates in Jan 2017.
Vulnerability (CVE-2016-5547) An unspecified vulnerability related to the Libraries component could allow a remote attacker to cause a denial of service resulting in a low availability impact using unknown attack vectors.
Vulnerability (CVE-2016-2183) OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the DES/3DES cipher, used as a part of the SSL/TLS protocol. By capturing large amounts of encrypted traffic between the SSL/TLS server and the client, a remote attacker able to conduct a man-in-the-middle attack could exploit this vulnerability to recover the plaintext data and obtain sensitive information. This vulnerability is known as the SWEET32 Birthday attack.
Back
| Applying this update |
*Important update: Please verify that you are using IBM Installation Manager 1.8 or higher before attempting to apply updates to IBM Support Assistant Team Server or its associated problem determination tools.
- Start IBM Installation Manager.
- Select Update from the IBM Installation Manager panel.
- Select the IBM Support Assistant package group, then click Next.
- Select the package and version you would like to update, then click Next.
- Read and accept the license terms then click Next.
- Confirm the problem determination tool or update you want to apply, then click Next.
- Review the update summary and click Update.
- After the update completes, click Finish and close IBM Installation Manager.
Note that only IBM Installation Manager installations of IBM Support Assistant Team Server will be able to apply fix packs and updates or install and update problem determination tools. For the stand-alone IBM Support Assistant Team Server repository and compressed all-in-one file installations, see the IBM Support Assistant Team Server page to download replacement file containing IBM Support Assistant Team Server 5.0.2.4 updates.
Back
[{"Product":{"code":"SSLLVC","label":"IBM Support Assistant"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Team Server","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"5.0.2.4;5.0.2.3;5.0.2.2;5.0.2.1;5.0.2.0;5.0.1.1;5.0.1.0;5.0","Edition":"TeamServer","Line of Business":{"code":"","label":""}}]
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg22002431