PTF MF71406 and MF71407 Readme

Hardware Management Console Readme

For use with HMC Version 10 Release 2 M1022

Date: 01 December 2023
(C) Copyright International Business Machines Corp., 2023 All rights reserved.

The information in this Readme contains the fix list and other package information about the Hardware Management Console.

PTF MF71406
PTF MF71407
Package information
Fixes Included
Installation

Terminology

x86 - This term is used to reference the Intel hypervisors (KVM, VMWare, Xen) on which Virtual HMC can be installed. Note: HMC V10R1 release for x86 is not supported on bare metal (7042 hardware appliances).

ppc64 or ppc64le - describes the Linux code that is compiled to run on Power-based servers or LPARS (Logical Partitions)

PTF MF71406 HMC V10 R1 M1022.3 – for vHMC for x86_64 hypervisors (5765-VHX)

This package represents an interim fix for the HMC V10 R1 M1022 for vHMC on x86_64 hypervisors. You can also reference this package by APAR MB04427 and PTF MF71406. This PTF can be installed on HMC V10 R2 M1022.

Note: This PTF supersedes MF71188 and MF71296.

*Package information*
Package name	Size	Checksum (sha1sum)	APAR#	PTF#
MF71406_x86.iso	4587309056	20f865606f59a85a600107fd320d3ff844a77bcc	MB04427	MF71406
Splash Panel information (or lshmc -V output)
"version= Version: 10 Release: 1 Service Pack: 1022 HMC Build level 2310270636 MF70891 - HMC V10R1 M1022 MF71406 - iFix for HMC V10R1 M1022 ","base_version=V10R1 "

PTF MF71407 HMC V10 R1 M1022.3 - for 7063 Hardware or vHMC for PowerVM (5765-HMB)

This package represents an interim fix for the HMC V10 R1 M1022 on 7063 machine type or vHMC for PowerVM. You can reference this package by APAR MB04428 and PTF MF71407. This PTF can be installed on HMC V10 R2 M1022.

Note: This PTF supersedes MF71189 and MF71297.

*Package information*
Package name	Size	Checksum (sha1sum)	APAR#	PTF#
MF71407_ppc.iso	4576559104	dc53d76a031607587a2e81e30da6d3adb3de4db3	MB04428	MF71407
Splash Panel information (or lshmc -V output)
"version= Version: 10 Release: 1 Service Pack: 1022 HMC Build level 2310270636 MF70892 - HMC V10R1 M1022 MF71407 - iFix for HMC V10R1 M1022 ","base_version=V10R1 "

Security fixes

Fixed Net-SNMP vulnerabilities: CVE-2022-44792 and CVE-2022-44793.
Fixed bind vulnerability: CVE-2022-2795.
Fixed httpd vulnerability: CVE-2023-25690.
Fixed Java vulnerability: CVE-2023-22049.

Previously released fixes also included in this PTF:

MF71296/MF71297
09/29/23

Added additional reporting for SRC E212E161 when too many open files are detected on the HMC.
Fixed an issue causing the asmmenu command to always fail to launch the ASM menu window. The following Firefox error pops up instead: "Firefox is already running but is not responding. To use Firefox, you must first close the existing Firefox process, restart your device, or use a different profile."
Added a workaround to prevent the Firefox browser on the local HMC console from attempting to connect to Google addresses such as "201.181.244.35.bc.googleusercontent.com". The workaround is to disable DNS in Firefox. To disable DNS in Firefox and relaunch the Firefox browser on the local console, log in as user hscpe with role hmcpe and run "runsig -s 711". To reenable DNS in Firefox and relaunch the Firefox browser on the local console, log in as user hscpe with role hmcpe and run "runsig -s 712".
Fixed vulnerability: CVE-2023-38280. Removed support for all sed command options in the restricted shell.

MF71188/MF71189
08/11/23

Fixed a timing issue that can cause an Enterprise BMC-based system to be in the No Connection state and the VMI connection to show as unavailable even though the VMI is actually connected to the HMC. This can occur when multiple Enterprise BMC-based systems are concurrently being connected to the HMC after an HMC restart.
Fixed an issue that caused the HMC to fail to fully power on and stop at the emergency shell when it was restarted following an HMC update that was performed after critical HMC data was restored.
Added a workaround for the issue where a keyboard configured with a non-US layout always changes to a US layout after it is disconnected and reconnected to the HMC. The workaround to reset the keyboard layout to its original non-US configuration is to log in as user hscpe with role hmcpe and execute "runsig -s 710". Restarting the HMC also resets the keyboard layout to its original non-US configuration.
Fixed Apache Tomcat vulnerability: CVE-2023-28709.
Fixed Java vulnerabilities: CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968 and CVE-2023-21937.

Installation

Installation instructions for HMC Version 10 upgrades and corrective service can be found at these locations:

Upgrading or restoring HMC Version 10

Updating, upgrading, and migrating your HMC machine code