Release Notes
Abstract
This technical note provides guidance for installing IBM Guardium Data Protection ad hoc patch 12.0p26, including any new features or enhancements, resolved or known issues, or notices associated with the patch.
Content
Patch information
- Patch file name: SqlGuard-12.0p26.tgz.enc.sig
- MD5 checksum: 72e66185fa54317c78bc8a0c0679dc90
Finding the patch
Make the following selections to locate this patch for download on the IBM Fix Central website:
Make the following selections to locate this patch for download on the IBM Fix Central website:
- Product selector: IBM Security Guardium
- Installed version: 12.0
- Platform: All
- Click "Continue," select "Browse for fixes," and click "Continue" again.
- Select "Appliance patch (GPU and ad hoc)" and enter the patch information in the "Filter fix details" field to locate the patch.
For information about Guardium patch types and naming conventions, see the Understanding Guardium patch types and patch names support document.
Prerequisites
Guardium Data Protection patch 12.0p25 (see release notes)
Installation
Notes:
- This patch restarts the Guardium system.
- Do not reboot the appliance while the patch install is in progress. Contact IBM Support if there is an issue with patch installation.
- When changing the password of CLI and guardcli users in the Guardium command line interface, a password strength warning appears even when strong passwords are not enabled. To remove the strong password checks, execute the CLI command store user strong_password disable.
Overview:
- Download the patch and extract the compressed package outside the Guardium system.
- Review the latest version of the patch release notes just before you install the patch.
- Pick a "quiet" or low-traffic time to install the patch on the Guardium system.
- Apply the latest health check patch.
- Install patches in a top-down manner on all Guardium systems: start with the central manager, then aggregators, then the collectors.
- Apply the latest quarterly DPS patch and rapid response DPS patch even if these patches were applied before the upgrade.
For information, see How to install patches in the Guardium documentation.
Security fixes
This patch resolves the following issues:
| Parent issue key |
Issue key
|
Summary | CVE |
|---|---|---|---|
| GRD-86728 |
GRD-86730
|
expat-2.5.0-1.el9_2.1.x86_64.rpm - RHEL9 CVE for version 12.0 | CVE-2023-52425 |
| GRD-86731 |
GRD-86732
|
kernel-5.14.0-284.86.1.el9_2.x86_64 - RHEL 9 CVEs for version 12.0 |
CVE-2021-47400, CVE-2021-47459, CVE-2021-47548, CVE-2021-47596, CVE-2022-48627, CVE-2022-48743, CVE-2023-6240, CVE-2023-52458, CVE-2023-52626, CVE-2023-52638, CVE-2023-52667, CVE-2023-52809, CVE-2024-25742, CVE-2024-25743, CVE-2024-26582, CVE-2024-26735, CVE-2024-26737, CVE-2024-26773, CVE-2024-26993, CVE-2024-26642, CVE-2024-26643, CVE-2024-26673, CVE-2024-26735, CVE-2024-26783, CVE-2024-26801, CVE-2024-26804, CVE-2024-26852, CVE-2024-26858, CVE-2024-26880, CVE-2024-26974, CVE-2024-26982, CVE-2024-26993, CVE-2024-27030, CVE-2024-27046, CVE-2024-27393, CVE-2024-27397, CVE-2024-27435, CVE-2024-35857, CVE-2024-35870, CVE-2024-35885, CVE-2024-35907, CVE-2024-35958, CVE-2024-35960, CVE-2024-36270, CVE-2024-36886, CVE-2024-36904, CVE-2024-36924, CVE-2024-36952, CVE-2024-36957, CVE-2024-38543, CVE-2024-38580, CVE-2024-38586, CVE-2024-38593, CVE-2024-38663
|
| GRD-86736 |
GRD-86738
|
git - RHEL 9 CVEs for version 12.0 |
CVE-2024-32002, CVE-2024-32004, CVE-2024-32020, CVE-2024-32021, CVE-2024-32465
|
| GRD-86741 |
GRD-86743
|
less rpm - RHEL 9 CVEs for version 12.x | CVE-2024-32487, CVE-2022-48624 |
| GRD-86744 |
GRD-87360
|
glibc - RHEL 9 CVEs for version 12.0 |
CVE-2024-2961, CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602
|
| GRD-86745 |
GRD-87358
|
ubound, bind - RHEL 9 CVEs for version 12.0 |
CVE-2023-4408, CVE-2023-5517, CVE-2023-5679, CVE-2023-6516, CVE-2023-50387, CVE-2023-50868
|
| GRD-86746 |
GRD-87356
|
pcp - RHEL 9 CVEs for version 12.0 |
CVE-2023-6917, CVE-2024-3019
|
| GRD-86747 |
GRD-87354
|
shim rpm - RHEL 9 CVEs for version 12.0 |
CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, CVE-2023-40551
|
| GRD-86748 |
GRD-87352
|
Openssh rpm - RHEL 9 CVEs for version 12.0 | CVE-2024-6409, CVE-2023-48795, CVE-2023-51385 |
| GRD-86749 |
GRD-87350
|
nghttp2 rpm - RHEL 9 CVEs for version 12.0 | CVE-2024-28182 |
| GRD-86750 |
GRD-87348
|
gnutls rpm - RHEL 9 CVEs for version 12.0 | CVE-2024-28834, CVE-2024-28835, CVE-2024-0567, CVE-2023-5981, CVE-2024-0553 |
| GRD-86751 |
GRD-87346
|
perl rpm - RHEL 9 CVEs for version 12.0 | CVE-2023-47038 |
| GRD-86752 |
GRD-87344
|
sssd/libipa rpm - RHEL 9 CVEs for version 12.0 | CVE-2023-3758 |
| GRD-86753 |
GRD-87342
|
traceroute rpm - RHEL 9 CVEs for version 12.0 | CVE-2023-46316 |
| GRD-86754 |
GRD-87340
|
httpd rpm - RHEL 9 CVEs for versions 12.0 and 12.1 |
CVE-2024-38473, CVE-2024-38474, CVE-2024-38475, CVE-2024-38477, CVE-2024-39573, CVE-2024-38476
|
| GRD-86755 |
GRD-87338
|
pam rpm - RHEL 9 CVEs for version 12.0 | CVE-2024-22365 |
| GRD-86756 |
GRD-87336
|
xorg-x11-server rpm - RHEL 9 CVEs for version 12.0 |
CVE-2023-5367, CVE-2023-5380, CVE-2023-6377, CVE-2023-6478, CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
|
| GRD-86757 |
GRD-87334
|
grub2 rpm - RHEL 9 CVEs for version 12.0 |
CVE-2023-4692, CVE-2023-4693, CVE-2024-1048, CVE-2023-4001
|
| GRD-86758 |
GRD-87332
|
squashhfs-tools rpm - RHEL 9 CVEs for version 12.0 |
CVE-2021-40153, CVE-2021-41072
|
| GRD-86759 |
GRD-87330
|
harfbuzz rpm - RHEL 9 CVEs for version 12.0 | CVE-2023-25193 |
| GRD-86760 |
GRD-87328
|
libjpeg-turbo rpm - RHEL 9 CVEs for version 12.0 | CVE-2021-29390 |
| GRD-86762 |
GRD-87326
|
libtiff rpm - RHEL 9 CVEs for version 12.0 |
CVE-2022-40090, CVE-2023-3618, CVE-2023-6228, CVE-2023-40745, CVE-2023-41175
|
| GRD-86763 |
GRD-87324
|
libx11 rpm - RHEL 9 CVEs for version 12.0 |
CVE-2023-43785, CVE-2023-43786, CVE-2023-43787
|
| GRD-86764 |
GRD-87322
|
libxpm rpm - RHEL 9 CVEs for version 12.0 |
CVE-2023-43788, CVE-2023-43789
|
| GRD-86765 |
GRD-87321
|
python-cryptography rpm - RHEL 9 CVEs for version 12.0 |
CVE-2023-23931
|
| GRD-86766 |
GRD-87319
|
binutils rpm - RHEL 9 CVEs for version 12.0 |
CVE-2022-4285
|
| GRD-86767 |
GRD-87316
|
Openssl rpm - RHEL 9 CVEs for version 12.0 |
CVE-2024-0727
|
| GRD-86768 |
GRD-87312
|
libndp rpm - RHEL 9 CVEs for versions 12.0 and 12.1 |
CVE-2024-5564
|
| GRD-86769 |
GRD-87315
|
avahi rpm - RHEL 9 CVEs for version 12.0 | CVE-2023-38469 |
| GRD-87695 |
GRD-88085
|
PSIRT: PVR0536527, PVR0537179, PVR0536799, PVR0537215, PVR0536689, PVR0536455, PVR0537298, PVR0537807, PVR0539664, PVR0536885, PVR0537466, PVR0537207, PVR0536763, PVR0537197, PVR0537412, PVR0538001, PVR0537063, PVR0536971, PVR0539479, PVR0537306, PVR0537620, PVR0537797, PVR0537815, PVR0536591, PVR0537093, PVR0537582, PVR0536717
|
CVE-2023-52626, CVE-2023-52638, CVE-2023-52811, CVE-2023-52864, CVE-2024-26673, CVE-2024-26698, CVE-2024-26704, CVE-2024-26737, CVE-2024-26773, CVE-2024-26783, CVE-2024-26810, CVE-2024-26828, CVE-2024-26852, CVE-2024-26853, CVE-2024-26855, CVE-2024-26929, CVE-2024-26930, CVE-2024-27065, CVE-2024-27434, CVE-2024-33621, CVE-2024-35823, CVE-2024-35896, CVE-2024-35897, CVE-2024-35899, CVE-2024-35937, CVE-2024-41090, CVE-2024-41091
|
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m3p000000PCTuAAO","label":"Platform\/Installation\/Deployment"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"12.0.0"}]
Was this topic helpful?
Document Information
Modified date:
16 December 2024
UID
ibm17174399