FIRMWARE CHANGE HISTORY ----------------------- IBM RackSwitch G8332 Version 7.7.26.0 (Released May 2017) ** Changes since the 7.7.25.0 release ** Enhancements: None Changes: - The support for TLS versions 1.1 and 1.0 has been deprecated. TLS version 1.2 is now supported by default. (PSIRT ALIRT 10820) (72679) Fixes: - Switch returns g8332-mgmt (.1.3.6.1.4.1.20301.1.7.12) as sysObjectID instead of g8332 (.1.3.6.1.4.1.20301.1.7.16) renderring it unable to be managed by LXCA. (63912, 89813) - Fixed zlib vulnerabilities as reported in the CVE Advisories CVE-2016-9840, CVE-2016-9841, CVE-2016-9842 and CVE-2016-9843. (86800) - Fixed libXML2 vulnerabilities as reported in the CVE Advisories CVE-2016-4658 and CVE-2016-9318. (86808) ================================================================================ IBM RackSwitch G8332 Version 7.7.25.0 (Released January 2017) ** Changes since the 7.7.24.0 release ** Enhancements: None Changes: None Fixes: - Switch sends SNMP traps with inccorrect Trap OID prefix .1.3.6.1.4.1.20301.2.7.12 instead of the correct OID prefix .1.3.6.1.4.1.20301.2.7.16. (63912) - Password for tacacs users could not be changed from the switch using the "primary-password" command when the "tacacs-server password-change" feature is enabled. (63530) - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2016-2183(SWEET32) and CVE-2016-6329. The ciphers DES,3DES and Blowfish are no longer supported. (66395) ================================================================================ IBM RackSwitch G8332 Version 7.7.24.0 (Released September 2016) ** Changes since the 7.7.23.0 release ** Enhancements: None Changes: None Fixes: - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2016-2108.(ALIRT LEN-7502). (55174) - Fixed security vulnerabilities as reported in CVE Advisories CVE-2016-3705, CVE-2016-3627, CVE-2015-8806, CVE-2016-4447, CVE-2016-4449, CVE-2016-4448 (libxml2). (57176, 55781, 58942, 58943) ================================================================================ IBM RackSwitch G8332 Version 7.7.23.0 (Released June 2016) ** Changes since the 7.7.22.0 release ** Enhancements: None Changes: None Fixes: - Fixed security vulnerabilities as reported in CVE Advisories CVE-2015-8710 (libxml2). (49214) ================================================================================ IBM RackSwitch G8332 Version 7.7.22.0 (Released February 2016) ** Changes since the 7.7.21.0 release ** Enhancements: None Changes: - The output of “show tech-support” now includes the isCLI commands as headers before their respective output. (38125) Fixes: - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-7575 (SLOTH). (47856) - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-3194, CVE-2015-3195. (46801) ================================================================================ IBM RackSwitch G8332 Version 7.7.21.0 (Released October 2015) ** Changes since the 7.7.20.0 release ** Enhancements: None Changes: None Fixes: - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-1788 (BN_GF2m_mod_inv), CVE-2015-1789 (X509_cmp_time) and CVE-2015-1792 (do_free_upto). (39415) ================================================================================ IBM RackSwitch G8332 Version 7.7.20.0 (Released July 2015) ** Changes since the 7.7.19.0 release ** Enhancements: None Changes: None Fixes: - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-0286 (ASN1_TYPE_cmp). ================================================================================ IBM RackSwitch G8332 Version 7.7.19.0 (Released April 2015) ** Changes since the 7.7.18.0 release ** Enhancements: None Changes: None Fixes: - Fixed security vulnerabilities as reported in CVE Advisories CVE-2014-0191 (libXML2), CVE-2014-3660 (libXML2), CVE-2103-2566 (RC4) - Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2014-3572, CVE-2015-0204, CVE-2014-8275, CVE-2014-3570, CVE-2015-2808 (BarMitzvah) ================================================================================ IBM RackSwitch G8332 Version 7.7.18.0 (Released October 2014) ** Changes since the 7.7.17.0 release ** Enhancements: None Changes: - A security vulnerability existed in the OpenSSL Protocol that is used in IBM System Networking Ethernet Switches. (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510) Fixes: None ================================================================================ IBM RackSwitch G8332 Version 7.7.17.0 (Released July 2014) ** Changes since the 7.7.16.0 release ** Enhancements: None Changes: - Internal debug usernames have been removed from the firmware to prevent potential backdoor access. (XB282666) Fixes: None ================================================================================ IBM RackSwitch G8332 Version 7.7.16.0 (Released June 2014) ** Changes since the 7.7.15.0 release ** Enhancements: none Changes: - A security vulnerability existed in the OpenSSL Protocol that is used in IBM System Networking Ethernet Switches. (CVE-2014-0224) Fixes: none ==================================================================================================== IBM RackSwitch G8332 Version 7.7.15.0 (Released May 2014) Second release of G8332 New and Updated Features: ------------------------- - NIST 131A: compliant with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-131A. - Open Flow 1.3.1 The following key feature where added: • Static LAG • MAC address/IP address masking • Flexible Table Miss and Fail Secure • 40Gb support • Static CLI for Flow Programming • OpenFlow 1.0 backward - Distributed Overlay Virtual Ethernet (DOVE) provides network virtualization by implementing an overlay network for virtual machines on top of an underlying IPv4 network. - FCoE BB5 FCF Support: Full Fabric FCoE Switch - NAT: Network Address Translation Fixes: ------ - MLD groups are not deleted properly when shut/no shut command is performed on a port from a static trunk; in this case some traffic is still flooded. (XB263055) - Part of the IPMC traffic for IGMP groups learned on a port-channel is still forwarded after flapping the port-channel. (XB266229) - Switch crashes when enabling "debug spanning-tree bpdu" from cli. (XB266534) - Switch crashes in VLAG setup with IGMP traffic. (XB263030) - The switch is continuously crashing after using "mda shutdown" and "no mda shutdown" commands several times. (XB262540) - MDA board insertions and removals are now logged by the SysLog server. (XB266532) - Openflow 1.0: Switch is crashing when pushing untagged FDB based flow. (XB271510) Enhancements: ------------- NONE Changes: -------- NONE ================================ IBM RackSwitch G8332 Version 7.7.13.0 (Released March 2014) - Initial release ================================