Release Notes
Abstract
This technical note provides guidance for installing IBM Security Guardium Data Protection patch 12.0p6005, including any new features or enhancements, resolved or known issues, or notices associated with the patch.
Content
Patch information
- Patch file name: SqlGuard-12.0p6005.tgz.enc.sig
- MD5 checksum: ee24bdd1d1a28c0fd0ddbb8a8f647f4b
Finding the patch
Make the following selections to locate this patch for downlaod on the IBM Fix Central website:
Make the following selections to locate this patch for downlaod on the IBM Fix Central website:
- Product selector: IBM Security Guardium
- Installed version: 12.0
- Platform: All
- Click "Continue," select "Browse for fixes," and click "Continue" again.
- Select "Appliance patch (GPU and ad hoc)" and enter the patch information in the "Filter fix details" field to locate the patch
For information about Guardium patch types and naming conventions, see the Understanding Guardium patch types and patch names support document.
Prerequisites
- Guardium 12.0p10
Installation
Notes:
- This patch is a designated security patch.
- This patch restarts the Guardium system.
- Do not reboot the appliance while the patch install is in progress. Contact Guardium support if there is an issue with patch installation.
Overiew:
- Download the patch and extract the compressed package outside the Guardium system.
- Pick a "quiet" or low-traffic time to install the patch on the Guardium system.
- Apply the latest health check patch.
- Install patches in a top-down manner on all Guardium systems: start with the central manager, then aggregators, then the collectors.
For information about installing Guardium Data protection patches, see How to install patches in the Guardium documentation.
Security fixes
This patch contains the following security fixes:
| Issue key | Summary | CVEs |
|---|---|---|
| GRD-76398 | Upgrade of BigFix client needed for appliances | CVE-2022-22576, CVE-2022-27544, CVE-2022-27545, CVE-2022-27775, CVE-2022-27776 |
| GRD-76922 | PSIRT: PVR0474267 - SE - Pen Testing On-prem - October, 2023 - Tomcat user can destroy the systems | --- |
| GRD-78332 | Multiple Stored Cross-Site Scripting bugs | --- |
| GRD-78874 | PSIRT: PVR0482970, PVR0470863, PVR0470250 - Multiple RPM updates needed for vulnerable components - 11.x and 12.0 | CVE-2023-6377 CVE-2023-5367 CVE-2023-6478 CVE-2022-3550 CVE-2022-4283 CVE-2022-46340 CVE-2022-46341 CVE-2022-46342 CVE-2022-46343 CVE-2022-46344 CVE-2023-0494 CVE-2023-1393 CVE-2023-46847 CVE-2020-22218 CVE-2023-34058 CVE-2023-34059 CVE-2023-3611 CVE-2023-3776 CVE-2023-4206 CVE-2023-4207 CVE-2023-4208 |
| GRD-79853 | xorg-x11-server needs upgrade | CVE-2023-6816 CVE-2024-0409 |
Resolved Issues
This patch resolves the following issues:
| Issue key | Summary | APAR |
|---|---|---|
| GRD-80720 | M7 appliances reboot constantly following p6003 | DT365699 |
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"ARM Category":[{"code":"a8m3p000000PCTuAAO","label":"Platform\/Installation\/Deployment"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
03 May 2024
UID
ibm17150072