Hardware Management Console Readme For use with Version 8 Release 8.6.0 Service Pack 3 Date: 27 August 2018 (C) Copyright International Business Machines Corp., 2018 All rights reserved. Contents <#ibm-content> The information in this Readme contains the fix list and other package information about the Hardware Management Console. * PTF MH01784 <#MH01784> * Package information <#package> * General fix <#fixes> * Installation <#install> PTF MH01784 This package includes a fix for HMC V8 R8.6.0 Service Pack 3. You can also reference this package by PTF MH01784 and APAR MB04172. This image can be installed on top of HMC Version 8 Release 8.6.0 Service Pack 3 with or without additional fixes. *NOTE*: This PTF supersedes MH01764, MH01772, and MH01773. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MH01784.iso 1592975360 160f7265da533b6b0e48429207eda660eb4f42df MB04172 MH01784 Splash Panel information (or lshmc -V output) "version= Version: 8 Release: 8.6.0 Service Pack: 3 HMC Build level 20180802.1 MH01784: Fix for HMC V8R8.6.0 SP3 (08-02-2018) ","base_version=V8R8.6.0 " *Enhancements and new function* * Added CLI support to enable/disable/query inbound remote support connections for IBM support. * Enhanced sendfile command support for SFTP. With this enhancement the sendfile command can now send data direct via SFTP to the IBM blue diamond and ecurep secure data repositories. *General fixes* * Fixed an issue where opening multiple vterm applets intermittently fails after the first open. * Fixed a rare deadlock issue that can cause HMC UI sessions to stop responding. * Fixed an issue that can cause /var to fill up and report service event E212E134 when snmp is enabled. * Fixed a "Local file inclusion" issue where some HMC help pages can be displayed without the user being authenticated. * Fixed a problem with enhanced UI where changes to power management settings cannot be saved. * Fixed an issue where non-hscroot users may experience significantly worse performance then hscroot user for the same tasks. * Fixed an issue where using the server/vios/partition "click-card" (i icon) to turn off an attention indicator can cause unintended modifications to other properties. The unintended modifications may include deletion of in use virtual adapters resulting in an impact to running partitions/VIOS. *Security fixes* * Apache Header fix for Qualys QID 11827 * Addressed Kerberos vulnerabilities: CVEID: CVE-2017-11368 CVEID: CVE-2017-7562 * Added Security fix for openssh CVE-2017-15906 * Addressed Kernel vulnerabilities: CVE-2018-1000004, CVE-2018-6927, CVE-2017-1000410, CVE-2017-1000407, CVE-2017-18017, CVE-2017-15126, CVE-2017-15116, and CVE-2016-8633 * Addressed NTP vulnerabilities: CVE-2017-6464 and CVE-2017-6463 * Addressed OpenSSL vulnerabilities: CVE-2017-3737 and CVE-2017-3736 * Addressed glibc vulnerabilities:CVE-2017-15670, CVE-2017-12132, CVE-2015-5180, CVE-2014-9402 *Previously released fixes also included in this PTF: * * MH01773* 06/27/18 * Fixed issue where the HMC UI Change Date and Time panel always shows the timezone as set to UTC instead of the actual timezone. This can also cause the HMC's timezone setting to be reset to UTC after changing the date and/or time using the HMC GUI Change Date and Time function if the user does not explicitly set the timezone during the date/time change. * Corrected a problem where some serviceability tasks logged an incorrect user * Fixed the data replication issue for the LDAP configuration. * Fixed and issue where USB flash drives whose VPD does not contain a serial number cannot be mounted. lsmediadev shows "mountpoint=, " * Fixed an issue where HMC called home SRC E212E13D was reported due to excessive logging created by users generating queries to the HMC. * Fixed an issue where log file cleanup did not occur after an E332FFFF event which can cause the filesystem to fill up and call home E212E136. * Fixed an issue to prevent the call home of SRC E35A0017. * Fixed an issue that caused mkauthkeys to fail with the -u flag. * Fixed an issue to prevent the cause and call home of SRC E3325009. * Fixed an issue where R&V of one side of an I/O drawer would power off the entire enclosure. * Fixed issue where certificate was not getting created when user tries to create Self signed Certificate or updates the host name. * MH01772* 06/13/18 * Fixed an issue where the HMC became unresponsive after several hours and required a HMC reboot to return to normal operation. This issue occurs when non-hscroot users run many command line queries and operations typically using scripts. This issue was introduced in HMC V8 R8.6.0 Service Pack 3. * MH01764* 06/11/18 * Fixed an issue with restoring backup of HMC critical console data. This issue halts the process of restore with following error message at HMC local console: "/A critical error occurred during the recovery of archive data.// //The system may be unstable. It is recommended the HMC be re-installed and manually reconfigured.// //Failing Component:// //TASK_RESTORECCD// //Contact your service representative to determine the severity// //of this condition if you choose to proceed. Press to// //continue the boot sequence or press 'R', then to// //re-install the HMC./" This fix must be installed prior to restoring backup of HMC critical console data on HMC Version 8 Release 8.6.0 with Service Pack 3(PTF MH01711) or any previous Service Pack/PTF. Installation Installation instructions for HMC Version 8 upgrades and corrective service can be found at these locations: Upgrading or restoring HMC Version 8 Installation methods for HMC Version 8 fixes Instructions and images for upgrading via a remote network install can be found here: HMC V8 network installation images and installation instructions