FIRMWARE CHANGE HISTORY ----------------------- IBM RackSwitch G8332 Version 7.7.21.0 (Released October 2015) ** Changes since the 7.7.20.0 release ** Enhancements: None Changes: None Fixes: - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-1788 (BN_GF2m_mod_inv), CVE-2015-1789 (X509_cmp_time) and CVE-2015-1792 (do_free_upto). (39415) ================================================================================ IBM RackSwitch G8332 Version 7.7.20.0 (Released July 2015) ** Changes since the 7.7.19.0 release ** Enhancements: None Changes: None Fixes: - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-0286 (ASN1_TYPE_cmp). ================================================================================ IBM RackSwitch G8332 Version 7.7.19.0 (Released April 2015) ** Changes since the 7.7.18.0 release ** Enhancements: None Changes: None Fixes: - Fixed security vulnerabilities as reported in CVE Advisories CVE-2014-0191 (libXML2), CVE-2014-3660 ((libXML2), CVE-2103-2566 (RC4) - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2014-3572, CVE-2015-0204, CVE-2014-8275,CVE-2014-3570, CVE-2015-2808 (BarMitzvah) ================================================================================ IBM RackSwitch G8332 Version 7.7.18.0 (Released October 2014) ** Changes since the 7.7.17.0 release ** Enhancements: None Changes: - A security vulnerability existed in the OpenSSL Protocol that is used in IBM System Networking Ethernet Switches. (CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3510) Fixes: None ================================================================================ IBM RackSwitch G8332 Version 7.7.17.0 (Released July 2014) ** Changes since the 7.7.16.0 release ** Enhancements: None Changes: - Internal debug usernames have been removed from the firmware to prevent potential backdoor access. (XB282666) Fixes: None ================================================================================ IBM RackSwitch G8332 Version 7.7.16.0 (Released June 2014) ** Changes since the 7.7.15.0 release ** Enhancements: none Changes: - A security vulnerability existed in the OpenSSL Protocol that is used in IBM System Networking Ethernet Switches. (CVE-2014-0224) Fixes: none ==================================================================================================== IBM RackSwitch G8332 Version 7.7.15.0 (Released May 2014) Second release of G8332 New and Updated Features: ------------------------- - NIST 131A: compliant with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131A. - Open Flow 1.3.1 The following key feature where added: • Static LAG • MAC address/IP address masking • Flexible Table Miss and Fail Secure • 40Gb support • Static CLI for Flow Programming • OpenFlow 1.0 backward - Distributed Overlay Virtual Ethernet (DOVE) provides network virtualization by implementing an overlay network for virtual machines on top of an underlying IPv4 network. - FCoE BB5 FCF Support: Full Fabric FCoE Switch - NAT: Network Address Translation Fixes: ------ - MLD groups are not deleted properly when shut/no shut command is performed on a port from a static trunk; in this case some traffic is still flooded. (XB263055) - Part of the IPMC traffic for IGMP groups learned on a port-channel is still forwarded after flapping the port-channel. (XB266229) - Switch crashes when enabling "debug spanning-tree bpdu" from cli. (XB266534) - Switch crashes in VLAG setup with IGMP traffic. (XB263030) - The switch is continuously crashing after using "mda shutdown" and "no mda shutdown" commands several times. (XB262540) - MDA board insertions and removals are now logged by the SysLog server. (XB266532) - Openflow 1.0: Switch is crashing when pushing untagged FDB based flow. (XB271510) Enhancements: ------------- NONE Changes: -------- NONE ================================ IBM RackSwitch G8332 Version 7.7.13.0 (Released March 2014) - Initial release ================================