Download
Abstract
This document describes how to download the IBM® Tivoli® Storage Manager for Virtual Environments: Data Protection for VMware Version 6.4.3.x Interim Fixes
Download Description
Tip: The product now known as IBM Spectrum Protect™ was named IBM Tivoli® Storage Manager in releases earlier than Version 7.1.3. To learn more about the rebranding transition, see technote 1963634.
Download packages for IBM Tivoli Storage Manager Data Protection for VMware versions 6.4.x have been removed from the web as they contain unremediated security vulnerabilities. The latest version of the 6.4 Data Protection for VMware contains fixes for the most recent known security and product issues and can be found below
Note: About vulnerabilities that have been identified in Data Protection for VMware:
- Data Protection for VMware 6.4.3.1 delivery includes the fixes for the following security vulnerabilities. Here the security bulletins:
- "Cross-site Scripting vulnerability affects IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and IBM Tivoli Storage FlashCopy Manager for VMware" http://www.ibm.com/support/docview.wss?uid=swg21967532
- "Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware and IBM Tivoli Storage FlashCopy Manager for VMware" http://www.ibm.com/support/docview.wss?uid=swg21973085
- "Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and Tivoli Storage FlashCopy Manager for VMware affected by unauthorized access vulnerability" http://www.ibm.com/support/docview.wss?uid=swg21973086
- "Vulnerability in Apache Commons affects IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and IBM Tivoli Storage FlashCopy Manager for VMware" http://www.ibm.com/support/docview.wss?uid=swg21972373
- Data Protection for VMware 6.4.3.2 delivery includes the fixes for the following security vulnerabilities. Here the security bulletins:
- Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and IBM Tivoli Storage FlashCopy Manager for VMware. These issues were disclosed as part of the IBM Java SDK updates for October 2015. http://www.ibm.com/support/docview.wss?uid=swg21979496
- Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and IBM Tivoli Storage FlashCopy Manager for VMware. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as "SLOTH" (CVE-2015-7575) http://www.ibm.com/support/docview.wss?uid=swg21978694
- Data Protection for VMware 6.4.3.3 delivery includes the fix for the following security vulnerability:
- Vulnerability in InstallShield affects IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (CVE-2016-2542) http://www.ibm.com/support/docview.wss?uid=swg21983815
- Data Protection for VMware 6.4.3.4 delivery includes the fix for the following security vulnerability:
- IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware GUI User May Gain Administrator Authority http://www.ibm.com/support/docview.wss?uid=swg21988781
- Data Protection for VMware 6.4.3.5 delivery includes the fixes for the following security vulnerabilities. Here the security bulletins:
- Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware on Windows (CVE-2016-3485) http://www.ibm.com/support/docview.wss?uid=swg21995792
- Security Bulletin: Vulnerabilities in IBM WebSphere Application Server affect Tivoli Storage Manager (IBM Spectrum Protect) for Virtual Environments: Data Protection for VMware (CVE-2016-5986, CVE-2016-3092) http://www.ibm.com/support/docview.wss?uid=swg21995793
- Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect Tivoli Storage Manager (IBM Spectrum Protect) for Virtual Environments: Data Protection for VMware (CVE-2016-5597) http://www.ibm.com/support/docview.wss?uid=swg21999054
- Data Protection for VMware 6.4.3.6 delivery includes the fix for the following security vulnerability:
- Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Storage Manager (IBM Spectrum Protect) for Virtual Environments: Data Protection for VMware and FlashCopy Manager (IBM Spectrum Protect Snapshot) for VMware http://www.ibm.com/support/docview.wss?uid=swg22000212
Note: About vulnerabilities that have been identified in Tivoli Storage Manager Client/API:
The Tivoli Storage Manager Client/API are used as components of Data Protection for VMware. The Tivoli Storage Manager Backup-Archive Client also known as Data Mover is a separate prerequisite and is not included in the Data Protection for VMware installation package. The Tivoli Storage Manager Client API is also a prerequisite of Data Protection for VMware and is installed as a part of the default Data Protection for VMware installation process. Be aware that all Data Protection for VMware functional components must be at the same Fix Pack level. Within a given Fix Pack level, the interim fix level can differ.
See in the "Flashes, alerts and bulletins for Tivoli Storage Manager for Virtual Environments Support Portal" for vulnerabilities that have been identified in Tivoli Storage Manager affecting beside other Tivoli Storage Manager products also Data Protection for VMware.
Instructions to replace Tivoli Storage Manager Client/API on system where Data Protection for VMware is installed within a Fix Pack level:
- If the Tivoli Storage Manager Client (data mover) is installed on this system, its possible to upgrade the Data Mover by installing the new Tivoli Storage Manager Client package. This will update the Tivoli Storage Manager API as well.
- If the Tivoli Storage Manager Client (data mover) is not installed on this system (for example if only GUI is installed):
- On a Linux system its possible to upgrade the Tivoli Storage Manager API by installing the new API package
- On a Windows system its necessary to install the Tivoli Storage Manager Client package which installs automatically the new API package
Interim fix packages contain no license enablement file. You must already have the 6.4.1.0 base package to obtain the license enablement file required to use the product. For information about how to download and install the Version 6.4.1 package using the Passport Advantage Online Web site, please refer to the download document: http://www.ibm.com/support/docview.wss?uid=swg24035577
Prerequisites
For system requirement information, see the Tivoli Storage Manager for Virtual Environments All Requirements Document at: http://www.ibm.com/support/docview.wss?uid=swg21505139
Installation Instructions
See the download information document for version 6.4.x at
http://www.ibm.com/support/docview.wss?uid=swg24035577
In the Download Information document, search for installation instructions.
Download Package
The link below is to the top level directory that contains this interim fix. The subdirectory structure separates the interim fix images by operating system platform.
Change History
The Update History document contains a list of all APAR fixed in all 6.4.x levels of Tivoli Storage Manager for Virtual Environments.
http://www.ibm.com/support/docview.wss?uid=swg21609771
Note: Maintenance is cumulative. APARs fixed in the 6.4.3.0 releases and previous interim fixes are also fixed in the latest 6.4.3 interim fix.
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg24041370