Hardware Management Console Readme

For use with Version 8 Release 8.2.0 Service Pack 2

 

Contents

The information in this Readme contains fix list and other package information about the Hardware Management Console.

PTF MH01612

This package includes a fix for HMC Version 8 Release 8.2.0 Service Pack 2.  You can reference this package by APAR# MB03998 and PTF MH01612. This image must be installed on top of HMC Version 8 Release 8.2.0 SP2 (PTF MH01488) with or without additional fixes .

Note: This PTF supersedes MH01573, MH01581, MH01590, MH01599, and MH01607.


Package information
Package name Size Checksum (sha1sum) APAR# PTF#
MH01612.iso 1370744832 940daea242d5e820053e15a1901657a00be006f7
 MB03998 MH01612
Splash Panel information (or lshmc -V output)

"version= Version: 8
 Release: 8.2.0
 Service Pack: 2
HMC Build level 20160304.1  
MH01612: Fix for HMC V8R8.2.0 SP2 (03-05-2016)  
 ","base_version=V8R8.2.0
"

Known Issues:

Special Install Instructions: Installing this PTF using the Enhanced+ interface may hang.  Prior to installing this PTF using the web browser graphical interface perform the following:
  1. Log in again selecting the Log In option of "Classic".
  2. If already logged in to the HMC using Enhanced+ GUI, log off the HMC.
  3. Install using the normal installation instructions.
Alternatively, install this PTF using CLI.

List of fixes

Security Fixes


General fixes

Previously released fixes also included in this PTF:
MH01607
02/17/16

  • Fixed multiple OpenSSH vulnerabilities involving the ssh client "Roaming" feature: CVE-2016-0777 and CVE-2016-0778




MH01599
01/25/16
  • Fixed multiple OpenSSL Vulnerabilities: CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, and CVE-2015-1794
  • Fixed multiple Java Vulnerabilities:  CVE-2015-4843, CVE-2015-4868, CVE-2015-4806, CVE-2015-4872, CVE-2015-4911, CVE-2015-4893, CVE-2015-4842, and CVE-2015-4803
  • Fixed a security issue with HMC restricted shell
  • Fixed an issue where the HMC web server may intermittently deadlock.  Symptoms include one or more of the following: unable to connect using a browser; browser error "Service Temporarily Unavailable"'; multiple serviceable events for E35A0016 and/or E35A0017; unable to restart  due to / file system full from repeated diagnostic dumps.

MH01590
12/22/15
  
  • Fixed Pluggable Authentication Module (PAM) vulnerability: CVE-2015-3238
  • Fixed multiple vulnerabilites in Websphere Liberty Profile (WLP): CVE-2015-2017, CVE-2015-1927, and CVE-2015-4938





















MH01581
11/24/15
 Security Fixes
  • Fixed multiple security vulnerabilites in curl: CVE-2014-3613, CVE-2014-3707, CVE-2014-8150, CVE-2015-3143, CVE-2015-3148, and CVE-2015-3153
  • Fixed openssh vulnerability: CVE-2015-5600
  • Fixed multiple NTP vulnerabilities: CVE-2015-1798, CVE-2015-1799, and CVE-2015-3405
General fixes
  • Enhanced the error handling and reporting if a deadlock should occur.
  • Fixed a problem where an unsuccessful call home of a serviceable event incorrectly prevents the customer notification from being sent.
  • Fixed an issue where creating a sysplan fails may fail with error "System plan formatting is not valid for the following reasons: Inventory Gathering" when virtual fibre channel adapters are configured.
  • Fixed Repair and Verify procedure for serviceable event BA15D001 when the slot contains a 4 port Ethernet adapter. 
  • Fixed an issue where the HMC Format media task may not detect a working USB flash drive as a possible target for the format operation.
  • Updated safety instructions for non-concurrent system planar and other exchanges that require part of the system to be disassembled, for POWER 8 servers.
  • Enhanced diagnostics for HMC Performance and Capacity Monitor related issues.
  • Fixed an issue where  rrstartlpar command could only be executed by a user with hmcsuperadmin user role.  Users with hmcoperator and hscpe roles can now execute the command; consistent with the roles required for other migration operations.
  • Fixed an issue where displaying server utilization snapshot data incorrectly included hourly data.
  • Fixed an issue where the user specified utilization data sample rate is ignored and a sample rate of 30 seconds was used instead.
  • Fixed an issue with a Power Supply Exchange procedure that may incorrectly cause serviceable event B1602A33 to be reported during the repair.
  • HMC will now display incomplete (and not save area version mismatch) if a HMC with this PTF is connected to a server that was previously managed by a HMC at a later version such as V8 R8.4.0.
  • Fixed an issue of where enabling "remote operation" in the GUI does not persist the  firewall change to open ports 443, 12443, and 9960 (remote web access).   The firewall will be disabled the next time a user changes another setting via "Change Network Settings" panel.
  • Updated the error message returned by lslic command when  the server is not in a connected state.  Old message: “An unknown error occurred while trying to perform this command.  Retry the command.  If the error persists, contact your software support representative.”  New message: “HSCF0004E An error occurred trying to survey the target <managed system> FSP-P.
    Please verify the connection to the managed system.”.
  • Enhanced HMC diagnostics for serviceable events E2FF1801.
  • Fixed a problem that can result in multiple reports of serviceable events E35A0016 AND E35A0017
  • Fixed a rare, intermittent problem that can cause RMC to hang; requiring an HMC reboot to recover.
  • Fixed an issue where after an upgrade to HMC V8 R8.2.0 Service Pack 2 (MH01488), ldap users are no longer able to login to the HMC, and lshmcldap -r user throws an exception:
    The command lshmcldap failed.
    Details:

    Create LDAP Context
    <-> initLdapContext getting exception!
    ERROR: Can't initialize LdapContext!
    javax.naming.CommunicationException:
    exception is java.net.SocketException:
    java.security.NoSuchAlgorithmException: SSLContext Default
    implementation not found: ]
    com.sun.jndi.ldap.Connection.<init>(Connection.java:213)
    com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:128)

  • Fixed an issue where the dhcpd lease files may grow indefinitely leading to /var disk full errors.






MH01573
10/19/15
 Security Fixes
  • Miscellaneous security updates including:
    • Timezone 2015f update
    • httpd/mod_ssl updates
    • krb5 updates: CVE-2014-5352, CVE-2014-9421, and CVE-2014-9422
    • ntp updates: CVE-2014-9297 and CVE-2014-9298
    • strongswan updates: CVE-2015-4171
    • autofs update: CVE-2014-8169
    • gnutls updates:  CVE-2014-8155, CVE-2015-0282, and CVE-2015-0294 
  • Security fix for glibc libraries (CVE-2013-7424)
  • Security fix for libuser library (CVE-2015-3245, CVE-2015-3246)
  • Security fix for net-snmp (CVE-2014-3565)
General fixes
  • Fixed an issue where deploy system plan may fail with unknown error.
  • Fixed an issue where a serviceable event customer notification is not sent when the callhome fails. 
  • Fixed issue with problem callhome with some blades and Flex ITEs.
  • Fix to include the Alternate phone (Phone2) field in the problem (PMH) contact information.
  • Fixed an issue where the keyboard setting may be reset to default values after reboot.
  • Fixed a problem where HMC may stop responding on port 12443 impacting applications such as PowerVC.
  • Fixed an issue with data replication to prevent an error during configuration resulting in message "The Hardware Management Console at the specified address could not be reached or is not at the appropriate level of code to be used as a data source"
  • Added additional pedbg collections for field issues


Back to top

Installation


Special Install Instructions: Installing this PTF using the Enhanced+ interface may hang.  Prior to installing this PTF using the web browser graphical interface perform the following:
  1. If already logged in to the HMC using Enhanced+ GUI, log off the HMC.
  2. Log in again selecting the Log In option of "Classic".
  3. Install using the normal installation instructions.
Alternatively, install this PTF using CLI.

Installation instructions for HMC Version 8 upgrades and corrective service can be found at these locations:

Upgrading or restoring HMC Version 8

Installation methods for HMC Version 8 fixes

Instructions and images for upgrading via a remote network install can be found here:

HMC V8 network installation images and installation instructions

Additional information

Notes:

  1. The Install Corrective Service task now allows you to install corrective service updates from the ISO image files of these updates. You can download these ISO image files for the HMC, and then use the ISO image file to install the corrective service update. You no longer need to burn CD-R or DVD-R media to use the ISO image file to install corrective service.
  2. This image requires DVD -R media.
  3. To install updates over the network, select the *.iso file on the "Select Service Package" panel of the Install Corrective Service task. The HMC application extracts the files needed to install the corrective service. If you are using USB flash media, copy the *.iso file to the flash media, and then select the file when prompted.
  4. The updhmc command line command has also been modified to use the *.iso file. To use the command, follow the syntax in this example:
    updhmc -t s -h <myservername> -f </home/updates/corrrective_service.iso> -u <HMC_username> -i

In all cases, the HMC application extracts the files needed to install the corrective service.

Back to top