Hardware Management Console Readme For use with Version 8 Release 8.1.0 Service Pack 3 Updated: 11 May 2016 Contents The information in this Readme contains fix list and other package information about the Hardware Management Console. * PTF MH01623 <#MH01623> * Package information <#package> * List of fixes <#fixes> * Installation <#install> * Additional information <#additional> PTF MH01623 This package includes fixes for HMC Version 8 Release 8.1.0 Service Pack 3. You can reference this package by APAR# MB04008 and PTF MH01623. This image must be installed on top of HMC Version 8 Release 8.1.0 Service Pack 3 (PTF MH01545) with or without additional fixes. *Note*: This PTF supersedes PTF MH01598, MH01606, and MH01611. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MH01623.iso 987430912 557991055de2a5c64b0c05ae533da566559b10e5 MB04008 MH01623 Splash Panel information (or lshmc -V output) "version= Version: 8 Release: 8.1.0 Service Pack: 3 HMC Build level 20160415.2 MH01623: security updates (04-15-2016) ","base_version=V8R8.1.0 " List of fixes *Security Fixes* * Fixed the following OpenSSL security vulnerabilities: CVE-2015-3197, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797 * Fixed Tomcat vulnerabilities: CVE 2015-5174,CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763 * Fixed Vulnerabilities in bind: CVE-2016-1285 and CVE-2016-1286 * Fixed security vulnerability with Strongswan: CVE-2015-8023 * Fixed the following Httpd security vulnerabilities; CVE-2013-5704 CVE-2015-3183 * Fixed libssh2 security vulnerability: CVE-2016-0787 * Fixed NTP security vulnerabilities: CVE-2015-5300, CVE-2015-7704, CVE-2015-8138 * Fixed a security issue with HMC restricted shell ****Repair and Verify Fix * *** * Fixed a Repair & Verify issue on systems utilizing the 24 inch frame with a power subsystem where users can experience a failure of concurrent service maintenance activities on power components within the CEC enclosure, the Power Subsystem enclosure, and any installed I/O devices within the frame. Servers impacted include the POWER 575, 590, 595, 795: Models 9125-F2A,F2B,F2C; 9118-575; 9119-590,595,FHA,FHB; 9406-595. Errors include: "/An internal error occurred when the management console // //attempted to validate the service network. Some or all of the // //required network resources may not be available. Contact your // //next level of support for problem determination/." and "/Redundancy status could not be determined for the FRU in // //location: // //U5791.001.XXXXXXX-Ex" (example) // // // //The FRU cannot be exchanged concurrently. The IO Drawer must be// //powered off and partitions may need to be shut down to continue// //the repair. /" * General Fixes* * Fixed a rare deadlock issue that required a HMC reboot to recover. Symptoms include unable to login GUI remotely; CLI commands fail with "/command server failed/" errors; partition mobility failing with /HSCLA200 An unknown error occurred during the partition migration/. * Fixed an issue where attempting to remove NTP entries using chhmc command fails with "/Server not found in configuration file/" when there is a space at the end of the entry in the underlying xntp configuration file. * Fixed issue where lshmc -r command returned incorrect results when displaying the altdiskboot setting. * Fixed an error obtaining credentials that resulted in call home SRC E3D4310A. *Previously released fixes also included in this PTF: * * MH01611* 03/15/16 * Fixed a Java security issue: CVE-2016-0448 * Fixed a security vulnerability in glibc: CVE-2015-7547 * Fixed a security issue with HMC restricted shell. * Fixed an issue where /var/log/slpd.log is not under log rotation control which can lead to serviceable event E212E134 and the /var filesystem becoming full. * MH01606* 02/17/16 * Fixed multiple OpenSSH vulnerabilities involving the ssh client "Roaming" feature: CVE-2016-0777 and CVE-2016-0778 * MH01598* 1/25/16 * Fixed multiple OpenSSL Vulnerabilities: CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, and CVE-2015-1794 * Fixed multiple Java Vulnerabilities: CVE-2015-4843, CVE-2015-4868, CVE-2015-4806, CVE-2015-4872, CVE-2015-4911, CVE-2015-4893, CVE-2015-4842, and CVE-2015-4803 Back to top <#ibm-content> Installation Installation instructions for HMC Version 8 upgrades and corrective service can be found at these locations: Upgrading or restoring HMC Version 8 Installation methods for HMC Version 8 fixes Instructions and images for upgrading via a remote network install can be found here: HMC V8 network installation images and installation instructions Additional information Notes: 1. The Install Corrective Service task now allows you to install corrective service updates from the ISO image files of these updates. You can download these ISO image files for the HMC, and then use the ISO image file to install the corrective service update. You no longer need to burn CD-R or DVD-R media to use the ISO image file to install corrective service. 2. This image requires DVD -R media. 3. To install updates over the network, select the *.iso file on the "Select Service Package" panel of the Install Corrective Service task. The HMC application extracts the files needed to install the corrective service. If you are using USB flash media, copy the *.iso file to the flash media, and then select the file when prompted. 4. The *updhmc* command line command has also been modified to use the *.iso file. To use the command, follow the syntax in this example: updhmc -t s -h -f -u -i In all cases, the HMC application extracts the files needed to install the corrective service. Back to top <#ibm-content>