IBM Support

MH01418 - Fix Pack 01AL740_152_042

PTF Cover Letter


PTF ( Program Temporary Fixes ) Cover letter


Order this fix

Abstract

Fix Pack 01AL740_152_042


Pre/Co-Requisite PTF / Fix List

REQ  LICENSED      PTF/FIX  LEVEL

TYPE PROGRAM  REL  NUMBER   MIN/MAX  OPTION
---- -------- ---  -------  -------  ------
NONE



NOTICE:
-------
Application of this PTF may disable or render ineffective programs that
use system memory addresses not generated by the IBM translator,
including programs that circumvent control technology designed to limit
interactive capacity to purchased levels.  This PTF may be a prerequisite
for future PTFs.  By applying this PTF you authorize and agree to the
foregoing.

This PTF is subject to the terms of the 'IBM License Agreement for Machine
Code', the terms of which were provided in a printed document that was
delivered with the machine.

SUBJECT TO ANY WARRANTIES WHICH CAN NOT BE EXCLUDED OR EXCEPT AS EXPLICITLY
AGREED TO IN THE APPLICABLE LICENSE AGREEMENT OR AN APPLICABLE SUPPORT
AGREEMENT, IBM MAKES NO WARRANTIES OR CONDITIONS EITHER EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OR CONDITIONS OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON INFRINGEMENT,
REGARDING THE PTF.





APAR Error Description / Circumvention

-----------------------------------------------
Fix Pack 01AL740_152_042

CORRECTION FOR APAR MB03792 :
-----------------------------
Fix Pack 01AL740_152_042

A security problem was fixed in the OpenSSL (Secure Socket
Layer) protocol
that allowed clients and servers, via a specially crafted
handshake packet,
to use weak keying material for communication.  A
man-in-the-middle attacker
could use this flaw to decrypt and modify traffic between the
management
console and the service processor.  The Common Vulnerabilities
and Exposures
issue number for this problem is CVE-2014-0224.

A security problem was fixed in OpenSSL for a buffer overflow in
the Datagram
Transport Layer Security (DTLS) when handling invalid DTLS
packet fragments.
This could be used to execute arbitrary code on the service
processor.  The
Common Vulnerabilities and Exposures issue number for this
problem is CVE-2014-0195.

Multiple security problems were fixed in the way that OpenSSL
handled read and
write buffers when the SSL_MODE_RELEASE_BUFFERS mode was
enabled to prevent
denial of service.  These could cause the service processor to
reset or
unexpectedly drop connections to the management console when
processing
certain SSL commands.  The Common Vulnerabilities and Exposures
issue numbers
for these problems are CVE-2010-5298 and CVE-2014-0198.

A security problem was fixed in OpenSSL to prevent a denial of
service when
handling certain Datagram Transport Layer Security (DTLS)
ServerHello requests.
A specially crafted DTLS handshake packet could cause the
service processor to
reset.  The Common Vulnerabilities and Exposures issue number
for this problem
is CVE-2014-0221.

A security problem was fixed in OpenSSL to prevent a denial of
service by using
an exploit of a null pointer de-reference during anonymous
Elliptic Curve
Diffie Hellman (ECDH) key exchange.  A specially crafted
handshake packet
could cause the service processor to reset.  The Common
Vulnerabilities and
Exposures issue number for this problem is CVE-2014-3470.

CIRCUMVENTION FOR APAR MB03792 :
--------------------------------
None.


Activation Instructions


None.




Special Instructions


None.


Default Instructions

THIS PTF CAN BE APPLIED IMMEDIATE OR DELAYED.



Supersedes

PTF/FIX NO(S).  APAR TITLE LINE
--------------  ------------------------------------------------------------
   MH01394      Fix Pack 01AL740_126_042
   MH01394      P7Field: Hitachi - Unable to access ASMI through system port
   MH01394      P7FIELD_FHB:  Original +PEL not reposted with gard event; SR
   MH01376      Fix Pack 01AL740_121_042
   MH01376      INITPROC: P7FIELD Update p7 core initfile for CORE(46) maski
   MH01376      P7Field - SCM not garded when L2 cacher error logged.
   MH01376      P7Field Performace dump collection help is very limited.
   MH01376      Unsuccessful Discovery Changes ITE from Non-managed to Manag
   MH01364      Fix Pack 01AL740_112_042
   MH01341      Fix Pack 01AL740_110_042
   MH01341      FIELD:B181EF88 ASM core dumps during changing of password us
   MH01339      Fix Pack 01AL740_100_042
   MH01339      Changes to hide uncalibrated P7IOC Thermal Sensors
   MH01331      new initfile p7.nest.initfile
   MH01331      Fix Pack 01AL740_098_042
   MH01315      Fix Pack 01AL740_095_042
   MH01315      P7FIELD_HE: Bad diagnostic callout on UIRA and impact on con
   MH01315      P7FIELD_FHB:  ISBANK encountered GX Bus UE and system encoun
   MH01315      HOT:SBT760:P7HE:Earthhmc:Earth:GFW code accept failed with "
   MH01315      During IPLing RDT fails, if the faulty lane number 0, 1 or 2
   MH01315      MFG: B123E504 Memory error
   MH01315      PFD-AUTO:  ASM cgi hang causes HTTP status code 408
   MH01309      Fix Pack 01AL740_088_042
   MH01305      Fix Pack 01AL740_077_042
   MH01293      Fix Pack 01AL740_075_042
   MH01293      p7 Field Huntington Banks - IFU CoreFir(4) Threshold Exceede
   MH01271      Fix Pack 01AL740_043_042

Summary Information

System..............................i
Models..............................
Release.............................V1R3M0
Licensed Program...............5733907
APAR Fixed..........................View details for APAR MB03792
Superseded by:......................View fix details for PTF MH01770
Recompile...........................N
Library.............................QPZ907_130
MRI Feature ........................NONE
Cum Level...........................


System i Support

IBM disclaims all warranties, whether express or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. By furnishing this document, IBM grants no licenses to any related patents or copyrights. Copyright © 1996,1997,1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018 IBM Corporation. Any trademarks and product or brand names referenced in this document are the property of their respective owners. Consult the Terms of use link for trademark information.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG15V","label":"PTF Cover Letters - OS\/400 General"},"Component":"","ARM Category":[],"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"V1R3M0","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
25 June 2014