Download
Abstract
This document lists the fixes contained in IBM PureApplication System 2.0.0.1 Interim Fix 3.
Download Description
To download the interim fix, go to the PureApplication System product page on Fix Central:
Intel: pure-appsys-intel_2.0.0.1_cf3
Power: pure-appsys-power_2.0.0.1_cf3
Version 2.0.0.1 Interim Fix 3 includes fixes for this security vulnerability:
- CVE-2015-2808: The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker could exploit this vulnerability to remotely expose account credentials without requiring an active man-in-the-middle session. Successful exploitation could allow an attacker to retrieve credit card data or other sensitive information. This vulnerability is commonly referred to as "Bar Mitzvah Attack".
For more information, see Security Bulletin: Vulnerability in RC4 stream cipher affects IBM PureApplication System (CVE-2015-2808).
The following table contains the Authorized Program Analysis Reports (APARs) included in this release.
If an integrated pattern or component is not listed, there were no fixes for that pattern or component in this version.
System APARs
APAR | Abstract |
Upgrading the new architecture sample virtual system pattern after an upgrade fails. |
Off
[{"Product":{"code":"SSM8NY","label":"PureApplication System"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"--","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF002","label":"AIX"}],"Version":"2.0.0.1","Edition":"","Line of Business":{"code":"","label":""}}]
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg24041164