IBM Support

MH01429 - Fix Pack 01AL770_090_032

PTF Cover Letter


PTF ( Program Temporary Fixes ) Cover letter


Order this fix

Abstract

Fix Pack 01AL770_090_032


Pre/Co-Requisite PTF / Fix List

REQ  LICENSED      PTF/FIX  LEVEL

TYPE PROGRAM  REL  NUMBER   MIN/MAX  OPTION
---- -------- ---  -------  -------  ------
NONE



NOTICE:
-------
Application of this PTF may disable or render ineffective programs that
use system memory addresses not generated by the IBM translator,
including programs that circumvent control technology designed to limit
interactive capacity to purchased levels.  This PTF may be a prerequisite
for future PTFs.  By applying this PTF you authorize and agree to the
foregoing.

This PTF is subject to the terms of the 'IBM License Agreement for Machine
Code', the terms of which were provided in a printed document that was
delivered with the machine.

SUBJECT TO ANY WARRANTIES WHICH CAN NOT BE EXCLUDED OR EXCEPT AS EXPLICITLY
AGREED TO IN THE APPLICABLE LICENSE AGREEMENT OR AN APPLICABLE SUPPORT
AGREEMENT, IBM MAKES NO WARRANTIES OR CONDITIONS EITHER EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OR CONDITIONS OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON INFRINGEMENT,
REGARDING THE PTF.


APAR Error Description / Circumvention

-------------------------------------------------
Fix Pack 01AL770_090_032

CORRECTION FOR APAR 'MB03803' :
-------------------------------
Fix Pack 01AL770_090_032

A security problem was fixed in the OpenSSL (Secure Socket
Layer) protocol
that allowed clients and servers, via a specially crafted
handshake packet,
to use weak keying material for communication.  A
man-in-the-middle attacker
could use this flaw to decrypt and modify traffic between the
management
console and the service processor.  The Common Vulnerabilities
and Exposures
issue number for this problem is CVE-2014-0224.

A security problem was fixed in OpenSSL for a buffer overflow in
the Datagram
Transport Layer Security (DTLS) when handling invalid DTLS
packet fragments.
This could be used to execute arbitrary code on the service
processor.
The Common Vulnerabilities and Exposures issue number for this
problem
is CVE-2014-0195.

Multiple security problems were fixed in the way that OpenSSL
handled read
and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was
enabled to prevent
denial of service.  These could cause the service processor to
reset or
unexpectedly drop connections to the management console when
processing
certain SSL commands.  The Common Vulnerabilities and Exposures
issue numbers
for these problems are CVE-2010-5298 and CVE-2014-0198.

A security problem was fixed in OpenSSL to prevent a denial of
service when
handling certain Datagram Transport Layer Security (DTLS)
ServerHello requests.
A specially crafted DTLS handshake packet could cause the
service processor
to reset.  The Common Vulnerabilities and Exposures issue number
for this
problem is CVE-2014-0221.

A security problem was fixed in OpenSSL to prevent a denial of
service by
using an exploit of a null pointer de-reference during anonymous
Elliptic
Curve Diffie Hellman (ECDH) key exchange.  A specially crafted
handshake
packet could cause the service processor to reset.  The Common
Vulnerabilities and Exposures issue number for this problem is
CVE-2014-3470.

CIRCUMVENTION FOR APAR 'MB03803' :
----------------------------------
None.


Activation Instructions


None.




Special Instructions


********************************************************************
THE FOLLOWING ARE SUPERSEDED SPECIAL INSTRUCTIONS. IF THE SUPERSEDED
PTF HAS ALREADY BEEN APPLIED AND ITS SPECIAL INSTRUCTION FOLLOWED,
IT IS NOT NECESSARY TO FOLLOW THAT SPECIAL INSTRUCTION AGAIN.
********************************************************************

SPECIAL INSTRUCTIONS FOR SUPERSEDED PTF MH01351:
================================================

For Operating System-managed systems running AL770, the following IBM i
prerequisite PTFs must be installed prior to installing AL770 server
firmware:

V6R1M1:
SLIC PTFs MF56659 and MF56863 must be at least temporary applied.

V7R1M0
SLIC PTFs MF56644 and MF56857 must be at least temporary applied.


Default Instructions

THIS PTF CAN BE APPLIED IMMEDIATE OR DELAYED.



Supersedes

PTF/FIX NO(S).  APAR TITLE LINE
--------------  ------------------------------------------------------------
   MH01426      Fix Pack 01AL770_076_032
   MH01398      Fix Pack 01AL770_063_032
   MH01380      Fix Pack 01AL770_062_032
   MH01380      P7Field - SCM not garded when L2 cacher error logged.
   MH01380      STC780:Titan:Carme(JMET):B181C141  noticed in ASMI while doi
   MH01380      INITPROC: P7FIELD pdate p7p.fir.core.initfile for CORE(46) m
   MH01374      Fix Pack 01AL770_055_032
   MH01370      Fix Pack 01AL770_052_032
   MH01359      CoD Activation support in Thorad System
   MH01359      MPV:ITC780:Saturn IOC+: Unexpected SRC B181B8A2 from hfus an
   MH01359      Fix Pack 01AL770_048_032
   MH01351      Fix Pack 01AL770_038_032
   MH01351      Jupiter IOC+ power management .def file updates to add stora
   MH01348      Fix Pack 01AL770_032_032

Summary Information

System..............................i
Models..............................
Release.............................V1R4M0
Licensed Program...............5733907
APAR Fixed..........................View details for APAR MB03803
Superseded by:......................View fix details for PTF MH01768
Recompile...........................N
Library.............................QPZ907_140
MRI Feature ........................NONE
Cum Level...........................


System i Support

IBM disclaims all warranties, whether express or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. By furnishing this document, IBM grants no licenses to any related patents or copyrights. Copyright © 1996,1997,1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018 IBM Corporation. Any trademarks and product or brand names referenced in this document are the property of their respective owners. Consult the Terms of use link for trademark information.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG15V","label":"PTF Cover Letters - OS\/400 General"},"Component":"","ARM Category":[],"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"V1R4M0","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
27 June 2014