Release Notes
Abstract
This technical note provides guidance for installing IBM Security Guardium Data Protection patch 11.0p6506, including any new features or enhancements, resolved or known issues, or notices associated with the patch.
Content
Patch information
- Patch file name: SqlGuard-11.0p6506.tgz.enc.sig
- MD5 checksum: b6e911c6db97b1a792806c35b4cd1334
Finding the patch
Make the following selections to locate this patch for downlaod on the IBM Fix Central website:
Make the following selections to locate this patch for downlaod on the IBM Fix Central website:
- Product selector: IBM Security Guardium
- Installed version: 11.0
- Platform: All
- Click "Continue," select "Browse for fixes," and click "Continue" again.
- Select "Appliance patch (GPU and ad hoc)" and enter the patch information in the "Filter fix details" field to locate the patch
For information about Guardium patch types and naming conventions, see the Understanding Guardium patch types and patch names support document.
Prerequisites
- Guardium 11.0p540
Installation
Notes:
- This patch is a designated security patch.
- This patch restarts the Guardium system.
- Do not reboot the appliance while the patch install is in progress. Contact Guardium support if there is an issue with patch installation.
Overview:
- Download the patch and extract the compressed package outside the Guardium system.
- Pick a "quiet" or low-traffic time to install the patch on the Guardium system.
- Apply the latest health check patch.
- Install patches in a top-down manner on all Guardium systems: start with the central manager, then aggregators, then the collectors.
For information about installing Guardium Data protection patches, see How to install patches in the Guardium documentation.
Security fixes
This patch contains the following security fixes:
| Issue key | Summary | CVEs |
|---|---|---|
| GRD-76178 | PSIRT: PVR0469527 - http2-hpack-9.4.44.v20210927.jar and jetty-http-9.4.10.v20180503.jar (Publicly disclosed vulnerability found by Mend) - Kafka | CVE-2023-36478 |
| GRD-76560 | PSIRT: PVR0424448 - RHEL7 OS component upgrades needed - March Sec Patch | CVE-2020-22218 |
| GRD-79284 | PSIRT: PVR0466432 - [All] kernel - CVE-2023-42753 (Publicly disclosed vulnerability) | CVE-2023-42753 |
| GRD-79822 | PSIRT: PVR0489259 - IBM SDK, Java Technology Edition Quarterly CPU - Jan 2024 - Includes Oracle January 2024 CPU plus CVE-2023-33850 | CVE-2023-33850 |
| GRD-81641 | Multiple CVEs affect squid component for RHEL7 | CVE-2023-46724 CVE-2023-46728 CVE-2023-5824 |
| GRD-80592 | Guardium v11.5 Tomcat Related CVE-2023-46589 | CVE-2023-46589 |
Known limitations
This patch contains the following known limitations:
| Issue key | Summary |
|---|---|
| GRD-81181 |
Guardium UI stops working after installing patch 11.0p540 on an AWS instance.
Workaround: restart the network using the "restart network" CLI command.
|
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m3p000000PCTuAAO","label":"Platform\/Installation\/Deployment"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
22 May 2024
UID
ibm17150507