FIRMWARE CHANGE HISTORY
-----------------------
IBM RackSwitch G8332 Version 7.7.29.0 (Released October 2018)
** Changes since the 7.7.28.0 release **

Enhancements:
none

Changes:
none

Fixes:

- A crash could occur when the switch were scanned by the Rapid 7 security tool 
  or nessus scan for vulnerabilities or when the CLI commands "no ssh enable" 
  or "no access netconf ssh enable" were executed after the scan. 
  (133904/138760)

- Fixed vulnerabilities in the TLS protocol as reported in the CVE Advisories 
  CVE-2014-8730. 
  (80866)

- Switch no longer supports the Diffie-Hellman key exchange algorithm in strict
  security mode.
  (143643)

- Enhance BBI session default user password reset framework.
  (135949/135951)

================================================================================
IBM RackSwitch G8332 Version 7.7.28.0 (Released June 2018)
** Changes since the 7.7.27.0 release **

Enhancements:
none

Changes:
none

Fixes:

- Fixed Libxml2 vulnerabilities as reported in the Advisories CVE-2016-5131, CVE-2017-15412, 
  CVE-2017-16932, CVE-2017-5130.
  (124059)

================================================================================
IBM RackSwitch G8332 Version 7.7.27.0 (Released November 2017)
** Changes since the 7.7.26.0 release **

Enhancements:
none

Changes:
none

Fixes:

- Address issue in login credential mechanism. 
  (107614)

- Fixed TCP vulnerabilities as reported in the CVE Advisory CVE-2017-6214.
  (113078)  

- Address non-configured community strings.
  (115054)

================================================================================
IBM RackSwitch G8332 Version 7.7.26.0 (Released May 2017)
** Changes since the 7.7.25.0 release **

Enhancements:
None

Changes:

- The support for TLS versions 1.1 and 1.0 has been deprecated. TLS version 1.2 is
  now supported by default. (PSIRT ALIRT 10820)
  (72679) 

Fixes:

- Switch returns g8332-mgmt (.1.3.6.1.4.1.20301.1.7.12) as sysObjectID instead 
  of g8332 (.1.3.6.1.4.1.20301.1.7.16) renderring it unable to be managed by LXCA.
  (63912, 89813)

- Fixed zlib vulnerabilities as reported in the CVE Advisories CVE-2016-9840,
  CVE-2016-9841, CVE-2016-9842 and CVE-2016-9843.
  (86800) 

- Fixed libXML2 vulnerabilities as reported in the CVE Advisories CVE-2016-4658
  and CVE-2016-9318. 
  (86808)

- A switch upon receiving a rogue OSPF LSA containing its own router ID 
  with a maximum sequence number (0x7fffffff), would incorrectly respond 
  with a fight-back LSA of its own database, as opposed to the rogue's LSA database.
  (92346)

================================================================================
IBM RackSwitch G8332 Version 7.7.25.0 (Released January 2017)
** Changes since the 7.7.24.0 release **

Enhancements:
None

Changes:
None

Fixes:

- Switch sends SNMP traps with inccorrect Trap OID prefix .1.3.6.1.4.1.20301.2.7.12 instead of 
  the correct OID prefix .1.3.6.1.4.1.20301.2.7.16.
  (63912) 

- Password for tacacs users could not be changed from the switch using the 
  "primary-password" command when the "tacacs-server password-change" feature is enabled.
  (63530)

- Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2016-2183(SWEET32)
  and CVE-2016-6329. The ciphers DES,3DES and Blowfish are no longer supported.
  (66395)

================================================================================
IBM RackSwitch G8332 Version 7.7.24.0 (Released September 2016)
** Changes since the 7.7.23.0 release **

Enhancements:
None

Changes:
None

Fixes:

- Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2016-2108.(ALIRT LEN-7502).
  (55174)

- Fixed security vulnerabilities as reported in CVE Advisories CVE-2016-3705,
  CVE-2016-3627, CVE-2015-8806, CVE-2016-4447, CVE-2016-4449, CVE-2016-4448 (libxml2).
  (57176, 55781, 58942, 58943)

================================================================================
IBM RackSwitch G8332 Version 7.7.23.0 (Released June 2016)
** Changes since the 7.7.22.0 release **

Enhancements:
None

Changes:
None

Fixes:

- Fixed security vulnerabilities as reported in CVE Advisories  CVE-2015-8710 (libxml2).
  (49214) 


================================================================================
IBM RackSwitch G8332 Version 7.7.22.0 (Released February 2016)
** Changes since the 7.7.21.0 release **

Enhancements:
None

Changes:

- The output of “show tech-support” now includes the isCLI commands as headers 
  before their respective output.
  (38125)

Fixes:

- Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-7575 (SLOTH).
  (47856)

- Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-3194, CVE-2015-3195.
  (46801)

================================================================================
IBM RackSwitch G8332 Version 7.7.21.0 (Released October 2015)
** Changes since the 7.7.20.0 release **

Enhancements:
None

Changes:
None

Fixes:

- Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-1788 (BN_GF2m_mod_inv),
  CVE-2015-1789 (X509_cmp_time) and CVE-2015-1792 (do_free_upto).
  (39415)

================================================================================
IBM RackSwitch G8332 Version 7.7.20.0 (Released July 2015)
** Changes since the 7.7.19.0 release **

Enhancements:
None

Changes:
None

Fixes:

- Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2015-0286 (ASN1_TYPE_cmp).

================================================================================
IBM RackSwitch G8332 Version 7.7.19.0 (Released April 2015)
** Changes since the 7.7.18.0 release **

Enhancements:
None

Changes:
None

Fixes:

- Fixed security vulnerabilities as reported in CVE Advisories 
   CVE-2014-0191 (libXML2), CVE-2014-3660 (libXML2), CVE-2103-2566 (RC4)

- Fixed OpenSSL vulnerabilities as reported in CVE Advisories CVE-2014-3572, 
  CVE-2015-0204, CVE-2014-8275, CVE-2014-3570, CVE-2015-2808 (BarMitzvah)

================================================================================
IBM RackSwitch G8332 Version 7.7.18.0 (Released October 2014)
** Changes since the 7.7.17.0 release **

Enhancements:
None

Changes:

- A security vulnerability existed in the OpenSSL Protocol that is used in 
  IBM System Networking Ethernet Switches.
  (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3510)

Fixes:
None

================================================================================

IBM RackSwitch G8332 Version 7.7.17.0 (Released July 2014)
** Changes since the 7.7.16.0 release **

Enhancements:
None

Changes:

- Internal debug usernames have been removed from the firmware to prevent 
  potential backdoor access.
  (XB282666)

Fixes:
None

================================================================================
IBM RackSwitch G8332 Version 7.7.16.0 (Released June 2014)
** Changes since the 7.7.15.0 release **

Enhancements:
none

Changes:

- A security vulnerability existed in the OpenSSL Protocol that is used in 
  IBM System Networking Ethernet Switches.
  (CVE-2014-0224)

Fixes:
none


====================================================================================================
IBM RackSwitch G8332 Version 7.7.15.0 (Released May 2014)

Second release of G8332

New and Updated Features:
-------------------------
- NIST 131A: compliant with National Institute of Standards and Technology (NIST)
  Special Publication (SP) 800-131A.

- Open Flow 1.3.1 The following key feature where added:
       • Static LAG
       • MAC address/IP address masking
       • Flexible Table Miss and Fail Secure
       • 40Gb support
       • Static CLI for Flow Programming
       • OpenFlow 1.0 backward

- Distributed Overlay Virtual Ethernet (DOVE) provides network virtualization by
implementing an overlay network for virtual machines on top of an underlying
IPv4 network.

- FCoE BB5 FCF Support: Full Fabric FCoE Switch

- NAT: Network Address Translation


Fixes:
------
- MLD groups are not deleted properly when shut/no shut command is performed on
  a port from a static trunk; in this case some traffic is still flooded. (XB263055)

- Part of the IPMC traffic for IGMP groups learned on a port-channel is still 
  forwarded after flapping the port-channel. (XB266229)

- Switch crashes when enabling "debug spanning-tree bpdu" from cli. (XB266534)

- Switch crashes in VLAG setup with IGMP traffic. (XB263030)

- The switch is continuously crashing after using "mda shutdown" and "no mda shutdown"
  commands several times. (XB262540)

- MDA board insertions and removals are now logged by the SysLog server. (XB266532)

- Openflow 1.0: Switch is crashing when pushing untagged FDB based flow. (XB271510)



Enhancements:
-------------
NONE

Changes:
--------
NONE




================================

IBM RackSwitch G8332 Version 7.7.13.0 (Released March 2014)

- Initial release

================================