Hardware Management Console Readme For use with HMC Version 10 Release 3 M1060 Date: 06 September 2024 (C) Copyright International Business Machines Corp., 2024 All rights reserved. Contents <#ibm-content> The information in this Readme contains the fix list and other package information about the Hardware Management Console. * PTF MF71703 <#MF71703> * PTF MF71704 <#MF71704> * Package information <#package> * Fixes included <#fixes> * Installation <#install> Terminology *x86* - This term is used to reference the Intel hypervisors (KVM, VMWare, Xen) on which Virtual HMC can be installed. *Note*: HMC V10R3 release for x86 is not supported on bare metal (7042 hardware appliances). *ppc64 or ppc64le* - describes the Linux code that is compiled to run on Power-based servers or LPARS (Logical Partitions) PTF MF71703 HMC V10 R3 M1060.3 - for vHMC for x86_64 hypervisors (5765-VHX) This package represents an interim fix for HMC V10 R3 M1060 for vHMC on x86_64 hypervisors. You can also reference this package by APAR MB04468 and PTF MF71703. This PTF can be installed on HMC V10 R3 M1060. Note: This PTF supersedes MF71697 and MF71699. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MF71703_x86.iso 2658105344 83b51ad51df356fecfbc93fecc29b6e44ab1e9d4 MB04468 MF71703 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 3 Service Pack: 1060 HMC Build level 2408210051 MF71689 - HMC V10R3 M1060 MF71703 - iFix for HMC V10R3 M1060 ","base_version=V10R3 " PTF MF71704 HMC V10 R3 M1060.3 - for 7063 Hardware or vHMC for PowerVM (5765-HMB) This package represents an interim fix for HMC V10 R3 M1060 on 7063 machine type or vHMC for PowerVM. You can reference this package by APAR MB04469 and PTF MF71704. This PTF can be installed on HMC V10 R3 M1060. Note: This PTF supersedes MF71698 and MF71700. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MF71704_ppc.iso 2658838528 2f3d6e0da3584c7ce9cb1b313c5194cc9d68a70d MB04469 MF71704 Splash Panel information (or lshmc -V output) "version= Version: 10 Release: 3 Service Pack: 1060 HMC Build level 2408210051 MF71690 - HMC V10R3 M1060 MF71704 - iFix for HMC V10R3 M1060 ","base_version=V10R3 "" General fixes * Fixed some GUI tasks, such as Save HMC upgrade data, to return an error instead of silently fail when a '&' character is specified in one of the input fields, such as a password field. * Fixed an issue that can cause a user with a custom task role which includes the Shut down HMC task to be unable to see that task in the HMC actions menu in the new GUI dashboard. * Fixed an issue that causes the Allow Migration with Inactive Source Storage VIOS system setting to always be enabled for Enterprise BMC-based managed systems after every HMC restart. * Fixed an issue that caused some vNIC settings, including port VLAN ID and allowed VLAN IDs and MAC addresses, of vNIC adapters in a profile to always be lost after editing the profile or copying the profile using the new profile GUI. * Corrected the validation of the huge page memory values on the new profile GUI. * Fixed an issue that can cause the HMC GUI dashboard to hang when loading when the language is set to German. * Fixed the manual Refresh button on the GUI Environmental dashboard and Performance dashboard. * Fixed an issue that caused the Energy mode field on the GUI Environmental dashboard to show a "-" for the Balanced Performance and Power Saver energy modes. * Fixed an issue that can cause SRC E212E161 to be called home due to too many open files caused by running the lslic command many times in a short period of time. * Fixed an issue where a physical I/O adapter is always added to a partition profile as desired even when required is selected on the new profile GUI. This issue occurs only when the language is anything other than English. * Fixed an issue that causes the system time shown on the HMC for an Enterprise BMC-based managed system to be shown in the HMC's local time. * Fixed an issue that causes partition validation and migration to fail with the error "/REST019C Value is not valid for option ' TargetRemoteHMCIPAddress ' /" when a hostname is specified on the new Migrate partitions GUI for the remote HMC instead of an IP address. * Corrected the new GUI Update system firmware task to no longer display a checkbox to acknowledge that system disruption will occur when the firmware selected will be a concurrent update. * Corrected the image displayed in system plans for the PCIe Gen3 I/O expansion drawer. * Fixed an issue that can cause the screen to flash and the Tags column in the GUI Systems, Partitions, and Virtual I/O Servers tables to toggle between showing tag names and the number of tags when the tables are initially displayed. * Introduced a 60 minute timeout for authenticating the install packages during update HMC on the 7063-CR1 HMC when virtual media is used. * Fixed an issue that can intermittently cause the Add system GUI page to go blank after clicking Connect and not complete the add system request. * Fixed an issue that can cause the power off of an Enterprise BMC-based managed system to fail from the GUI with the error "/Target reached unsuccessful terminal state STATE_NO_CONNECTION/", even though the power off was successful. Security fixes * Fixed Apache Tomcat vulnerability: CVE-2024-34750 * Fixed shim vulnerabilities: CVE-2023-40546, CVE-2023-40547, CVE-2023-40548, CVE-2023-40549, CVE-2023-40550, and CVE-2023-40551 * Fixed expat vulnerability: CVE-2023-52425 * Fixed rpm vulnerabilities: CVE-2021-35937, CVE-2021-35938, and CVE-2021-35939 * Fixed libxml2 vulnerability: CVE-2023-39615 * Fixed nss vulnerabilities: CVE-2023-5388, and CVE-2023-6135 * Fixed openssl vulnerabilities: CVE-2023-3446, CVE-2023-3817, and CVE-2023-5678 * Fixed bind vulnerability: CVE-2022-3094 * Fixed shadow-utils vulnerability: CVE-2023-4641 * Fixed tpm2-tss vulnerability: CVE-2023-22745 Known Issues * When system profiles exist, the new System profiles GUI will display a blank page. * The wrong hosting partition may be shown in the new Partition Profiles > Virtual NIC > Edit VNIC > Backing devices table. * The GUI may launch a blank page when launching any of the Firmware actions from the System actions menu available on the systems GUI for a system. To work around this issue, launch the firmware action from the systems table instead. * The GUI window may intermittently go blank, especially when performing a system firmware update operation. A browser refresh will fix the issue. * The physical attention LED state shown on the GUI may not reflect the actual state for Enterprise BMC-based managed systems. The *lsled *command does show the actual state. A system rebuild will correct the GUI issue. * Setting the Microsoft Edge browser to a language not supported by the HMC will cause Learn More links on the GUI to fail to launch help pages with the message "/The requested help document was not found./" * The recover profile data task fails to restore partition Platform KeyStore (PKS) data. If you have partition data stored in the PKS, it is recommended that you regularly backup profile data for your managed system in case there is a failure in restoring the PKS data in the future after a managed system has gone into Recovery state. * Dates, times, and numbers on the GUI Performance dashboard are shown in the format based on the HMC language instead of the browser language. * Occasionally a Kerberos user login may fail even when the credentials are valid. As a workaround, try logging in again with the same credentials after a short delay of 15 to 30 seconds. * * **Previously released fixes also included in this PTF: * * *MF71699/MF71700* 08/28/24 * Fixed an issue causing repair and verify (R&V) operations on FSP-based managed systems to fail with the error "/An invalid parameter value was entered. The parameter -l is empty or not valid. Please check your entry and retry the command./" *MF71697/**MF71698* 07/19/24 * Enables multipath capability for NVMe expansion drawers. When the server firmware level is FW1060.10, an additional 24 redundant partner slots are available for each NVMe expansion drawer. The HMC must be used to assign both partner slots to the same partition. * Enables Linux partitions running KVM on top of PowerVM to virtualize assigned resources and create hosted guests. KVM on PowerVM enables the KVM industry standard interfaces and cloud characteristics on enterprise Power servers. * Fixed an issue that can cause a system that is powered on to Standby state to go into Recovery state when the system is connected to the HMC for the first time. * Fixed an issue that can cause the 7063-CR1 HMC to intermittently hang. For more information, please review this document: https://www.ibm.com/support/pages/node/7157787 * Fixed Apache httpd vulnerability: CVE-2024-27316 Fixed less vulnerability: CVE-2022-48624 * The following commands have been enhanced to support multipath capability for NVMe expansion drawers: *chhwres *and *lshwres*. * The following commands have been enhanced to support KVM on PowerVM: *chsyscfg*, *lssyscfg*, and *mksyscfg*. Installation Installation instructions for HMC Version 10 upgrades and corrective service can be found at these locations: Upgrading or restoring HMC Version 10 Release 3 Updating, upgrading, and migrating your HMC machine code Update(s)for HMC V10R3M1060