Release Notes
Abstract
This technical note provides guidance for installing IBM Security Guardium Data Protection patch 12.0p6004, including any new features or enhancements, resolved or known issues, or notices associated with the patch.
Content
Patch information
- Patch file name: SqlGuard-12.0p6004.tgz.enc.sig
- MD5 checksum: 4df19981a79d8469d30435ed34ced965
Finding the patch
Make the following selections to locate this patch for downlaod on the IBM Fix Central website:
Make the following selections to locate this patch for downlaod on the IBM Fix Central website:
- Product selector: IBM Security Guardium
- Installed version: 12.0
- Platform: All
- Click "Continue," select "Browse for fixes," and click "Continue" again.
- Select "Appliance patch (GPU and ad hoc)" and enter the patch information in the "Filter fix details" field to locate the patch
For information about Guardium patch types and naming conventions, see the Understanding Guardium patch types and patch names support document.
Prerequisites
- Guardium 12.0p5
Installation
Notes:
- This patch is a designated security patch.
- This patch restarts the Guardium system.
- Do not reboot the appliance while the patch install is in progress. Contact Guardium support if there is an issue with patch installation.
Overiew:
- Download the patch and extract the compressed package outside the Guardium system.
- Pick a "quiet" or low-traffic time to install the patch on the Guardium system.
- Apply the latest health check patch.
- Install patches in a top-down manner on all Guardium systems: start with the central manager, then aggregators, then the collectors.
For information about installing Guardium Data protection patches, see How to install patches in the Guardium documentation.
Attention
Guardium patch 12.0p6004 resolves an issues with patch 12.0p6003 that caused instabilities on the Lenovo SR630 V2 (M7) physical appliance. For more information, see: https://www.ibm.com/support/pages/node/7144140
Security fixes
This patch contains the following security fixes:
| Issue key | Summary | CVEs |
|---|---|---|
| GRD-80720 | M7 appliances reboot constantly following p6003 | --- |
| GRD-79177 | Unable to Import Bundle STAP via grdapi | --- |
| GRD-78092 | PSIRT: PVR0479010 - Apache Struts 2 CVE-2023-50164 vulnerability | CVE-2023-50164 |
| GRD-77192 | PSIRT: PVR0465537, PVR0463682, PVR0463718, PVR0463706, PVR0456262, PVR0456735, PVR0459571 - [All] kernel - (Publicly disclosed vulnerability) | CVE-2023-4208, CVE-2023-4155, CVE-2023-4207, CVE-2023-4206, CVE-2023-3776, CVE-2023-3611, CVE-2023-4128 |
| GRD-76322 | PSIRT: PVR0471536 - xmlsec-2.2.3.jar (Publicly disclosed vulnerability found by Mend) | CVE-2023-44483 |
| GRD-76175 | PSIRT: PVR0469610 - json-20230227.jar (Publicly disclosed vulnerability found by Mend) | CVE-2023-5072 |
| GRD-75491 | PSIRT: PVR0466861 - snappy-java-1.1.10.1.jar (Publicly disclosed vulnerability found by Mend) - Kafka | CVE-2023-43642 |
| GRD-75160 | PVR0465606 - [All] GNU glibc - CVE-2023-4527 (Publicly disclosed vulnerability) | CVE-2023-4527, CVE-2023-4813, CVE-2023-4911 |
| GRD-75157 | PVR0465537 - [All] kernel - CVE-2023-4155 (Publicly disclosed vulnerability) | CVE-2023-4155 |
| GRD-75150 | PSIRT: PVR0465629 - [All] GNU glibc - CVE-2023-4806 (Publicly disclosed vulnerability) | CVE-2023-4806 |
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m3p000000PCTuAAO","label":"Platform\/Installation\/Deployment"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
12 April 2024
UID
ibm17148027