Db2

Hello, everyone.

The Knowledge Center displays Mod Pack 4 and Fix Pack 5, but not in fix central.

https://www.ibm.com/support/knowledgecenter/en/SSEPGG_11.1.0/com.ibm.db2.luw.wn.doc/doc/c0061179.html

Isn't the fix pack uploaded to fix central yet?

------------------------------
SangGyu Jeong
Software Engineer
Infrasoft
Seoul Korea, Republic of
------------------------------

#Db2

probably not - latest available is 4
support center has release dates

------------------------------
Thanks for all answers
Best Regards,
Guy Przytula
------------------------------

Original Message:
Sent: Wed November 27, 2019 07:57 PM
From: SangGyu Jeong
Subject: Where can I get Db2 fix pack version 11.1.4.5?

Hello, everyone.

The Knowledge Center displays Mod Pack 4 and Fix Pack 5, but not in fix central.

https://www.ibm.com/support/knowledgecenter/en/SSEPGG_11.1.0/com.ibm.db2.luw.wn.doc/doc/c0061179.html

Isn't the fix pack uploaded to fix central yet?

------------------------------
SangGyu Jeong
Software Engineer
Infrasoft
Seoul Korea, Republic of
------------------------------

#Db2

It's been available for a couple of days now.  What you noticed was probably just a small timing window where the various sites were being updated, worldwide.

https://www.ibm.com/support/pages/download-db2-fix-packs-version-db2-linux-unix-and-windows

------------------------------
Kelly Rodger
Senior Development Manager
IBM Canada
Markham ON
------------------------------

Original Message:
Sent: Wed November 27, 2019 07:57 PM
From: SangGyu Jeong
Subject: Where can I get Db2 fix pack version 11.1.4.5?

Hello, everyone.

The Knowledge Center displays Mod Pack 4 and Fix Pack 5, but not in fix central.

https://www.ibm.com/support/knowledgecenter/en/SSEPGG_11.1.0/com.ibm.db2.luw.wn.doc/doc/c0061179.html

Isn't the fix pack uploaded to fix central yet?

------------------------------
SangGyu Jeong
Software Engineer
Infrasoft
Seoul Korea, Republic of
------------------------------

#Db2

Hello,
Db2 11.1.4.5 should be available for download now. At lest, I can see it on fix central.

Best regards, Hans-Juergen

------------------------------
Hans-Juergen Zeltwanger
------------------------------

Original Message:
Sent: Wed November 27, 2019 07:57 PM
From: SangGyu Jeong
Subject: Where can I get Db2 fix pack version 11.1.4.5?

Hello, everyone.

The Knowledge Center displays Mod Pack 4 and Fix Pack 5, but not in fix central.

https://www.ibm.com/support/knowledgecenter/en/SSEPGG_11.1.0/com.ibm.db2.luw.wn.doc/doc/c0061179.html

Isn't the fix pack uploaded to fix central yet?

------------------------------
SangGyu Jeong
Software Engineer
Infrasoft
Seoul Korea, Republic of
------------------------------

#Db2

​Sadly, officially there still is no "11.1.4.5 or V11.1.4.4 iFix002" , the latest is Db2 "V11.1.4.4 iFix001"

A real shame actually, because even the latest Db2 V11.1.4.4 iFix001 does NOT include these important Security APAR's !!!

• IT29115: SECURITY: DB2 AFFECTED BY BUFFER OVERFLOW VULNERABILITIES (CVE-2019-4322)
• IT29350: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4386)
• IT28440: SECURITY: DB2 IS VULNERABLE TO A BUFFER OVERFLOW (CVE-2019-4154)
• IT28267: SECURITY: DB2 DOES NOT EXPLICITLY FORBID A WEAKER THAN EXPECTED 3DES CIPHER WHEN CONFIGURED TO USE SSL (CVE-2019-4102)
• IT28255: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4101)
• IT27203: SECURITY: PRIVILEGE ESCALATION DURING ROUTINE EXECUTION IN FENCED MODE (CVE-2019-4057)
• IT27328: SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2019-4014)

These APAR's (officially still have Status = OPEN)  , and  are only 'fixed' with a "Special Build"  ("on top of the latest official V11.1.4.4 iFix001").
But who really dares using Special Builds in a production environment (especially in a HADR/TSA environment) .....  ?
Is everything fully tested  .... ?
My experience is,  SB's don't always have the same QA control as regular official downloadable FixPack's / Mod's / iFix's. Anything can break / will break / unexpected things can happen ...

Risk Security versus Operational Stability , tough choice ....    :-(

regards,
Erwin Hattingh

------------------------------
Erwin Hattingh
Systems Engineer / Db2 DBA
Triodos Bank
------------------------------

Original Message:
Sent: Wed November 27, 2019 07:57 PM
From: SangGyu Jeong
Subject: Where can I get Db2 fix pack version 11.1.4.5?

Hello, everyone.

The Knowledge Center displays Mod Pack 4 and Fix Pack 5, but not in fix central.

https://www.ibm.com/support/knowledgecenter/en/SSEPGG_11.1.0/com.ibm.db2.luw.wn.doc/doc/c0061179.html

Isn't the fix pack uploaded to fix central yet?

------------------------------
SangGyu Jeong
Software Engineer
Infrasoft
Seoul Korea, Republic of
------------------------------

#Db2

Where are you looking Erwin?  11.1.4.5 has been released and does appear on the Fix Central link I posted earlier in this topic.

------------------------------
Kelly Rodger
Senior Development Manager
IBM Canada
Markham ON
------------------------------

Original Message:
Sent: Thu November 28, 2019 07:40 AM
From: Erwin Hattingh
Subject: Where can I get Db2 fix pack version 11.1.4.5?

​Sadly, officially there still is no "11.1.4.5 or V11.1.4.4 iFix002" , the latest is Db2 "V11.1.4.4 iFix001"

A real shame actually, because even the latest Db2 V11.1.4.4 iFix001 does NOT include these important Security APAR's !!!

• IT29115: SECURITY: DB2 AFFECTED BY BUFFER OVERFLOW VULNERABILITIES (CVE-2019-4322)
• IT29350: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4386)
• IT28440: SECURITY: DB2 IS VULNERABLE TO A BUFFER OVERFLOW (CVE-2019-4154)
• IT28267: SECURITY: DB2 DOES NOT EXPLICITLY FORBID A WEAKER THAN EXPECTED 3DES CIPHER WHEN CONFIGURED TO USE SSL (CVE-2019-4102)
• IT28255: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4101)
• IT27203: SECURITY: PRIVILEGE ESCALATION DURING ROUTINE EXECUTION IN FENCED MODE (CVE-2019-4057)
• IT27328: SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2019-4014)

These APAR's (officially still have Status = OPEN)  , and  are only 'fixed' with a "Special Build"  ("on top of the latest official V11.1.4.4 iFix001").
But who really dares using Special Builds in a production environment (especially in a HADR/TSA environment) .....  ?
Is everything fully tested  .... ?
My experience is,  SB's don't always have the same QA control as regular official downloadable FixPack's / Mod's / iFix's. Anything can break / will break / unexpected things can happen ...

Risk Security versus Operational Stability , tough choice ....    :-(

regards,
Erwin Hattingh

------------------------------
Erwin Hattingh
Systems Engineer / Db2 DBA
Triodos Bank

Original Message:
Sent: Wed November 27, 2019 07:57 PM
From: SangGyu Jeong
Subject: Where can I get Db2 fix pack version 11.1.4.5?

Hello, everyone.

The Knowledge Center displays Mod Pack 4 and Fix Pack 5, but not in fix central.

https://www.ibm.com/support/knowledgecenter/en/SSEPGG_11.1.0/com.ibm.db2.luw.wn.doc/doc/c0061179.html

Isn't the fix pack uploaded to fix central yet?

------------------------------
SangGyu Jeong
Software Engineer
Infrasoft
Seoul Korea, Republic of
------------------------------

#Db2

Your wish was granted! :-)
Just a few hours after you complained, the fix pack was visible on "Db2 Fixes by Versions" https://www.ibm.com/support/pages/download-db2-fix-packs-version-db2-linux-unix-and-windows and FixCentral: https://www.ibm.com/support/pages/db2-version-111-mod-4-fix-pack-5-linux-unix-and-windows

------------------------------
Roland Schock
Distinguished Engineer
ARS Computer und Consulting GmbH
Muenchen
------------------------------

Original Message:
Sent: Thu November 28, 2019 07:40 AM
From: Erwin Hattingh
Subject: Where can I get Db2 fix pack version 11.1.4.5?

​Sadly, officially there still is no "11.1.4.5 or V11.1.4.4 iFix002" , the latest is Db2 "V11.1.4.4 iFix001"

A real shame actually, because even the latest Db2 V11.1.4.4 iFix001 does NOT include these important Security APAR's !!!

• IT29115: SECURITY: DB2 AFFECTED BY BUFFER OVERFLOW VULNERABILITIES (CVE-2019-4322)
• IT29350: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4386)
• IT28440: SECURITY: DB2 IS VULNERABLE TO A BUFFER OVERFLOW (CVE-2019-4154)
• IT28267: SECURITY: DB2 DOES NOT EXPLICITLY FORBID A WEAKER THAN EXPECTED 3DES CIPHER WHEN CONFIGURED TO USE SSL (CVE-2019-4102)
• IT28255: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4101)
• IT27203: SECURITY: PRIVILEGE ESCALATION DURING ROUTINE EXECUTION IN FENCED MODE (CVE-2019-4057)
• IT27328: SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2019-4014)

These APAR's (officially still have Status = OPEN)  , and  are only 'fixed' with a "Special Build"  ("on top of the latest official V11.1.4.4 iFix001").
But who really dares using Special Builds in a production environment (especially in a HADR/TSA environment) .....  ?
Is everything fully tested  .... ?
My experience is,  SB's don't always have the same QA control as regular official downloadable FixPack's / Mod's / iFix's. Anything can break / will break / unexpected things can happen ...

Risk Security versus Operational Stability , tough choice ....    :-(

regards,
Erwin Hattingh

------------------------------
Erwin Hattingh
Systems Engineer / Db2 DBA
Triodos Bank

Original Message:
Sent: Wed November 27, 2019 07:57 PM
From: SangGyu Jeong
Subject: Where can I get Db2 fix pack version 11.1.4.5?

Hello, everyone.

The Knowledge Center displays Mod Pack 4 and Fix Pack 5, but not in fix central.

https://www.ibm.com/support/knowledgecenter/en/SSEPGG_11.1.0/com.ibm.db2.luw.wn.doc/doc/c0061179.html

Isn't the fix pack uploaded to fix central yet?

------------------------------
SangGyu Jeong
Software Engineer
Infrasoft
Seoul Korea, Republic of
------------------------------

#Db2

​Haha...  Coincidence or not ...    Seems my complaints  (initially on twitter, just before this post here started ),   did the trick :-)

------------------------------
Erwin Hattingh
Systems Engineer / Db2 DBA
Triodos Bank
------------------------------

Original Message:
Sent: Tue December 03, 2019 02:39 AM
From: Roland Schock
Subject: Where can I get Db2 fix pack version 11.1.4.5?

Your wish was granted! :-)
Just a few hours after you complained, the fix pack was visible on "Db2 Fixes by Versions" https://www.ibm.com/support/pages/download-db2-fix-packs-version-db2-linux-unix-and-windows and FixCentral: https://www.ibm.com/support/pages/db2-version-111-mod-4-fix-pack-5-linux-unix-and-windows

------------------------------
Roland Schock
Distinguished Engineer
ARS Computer und Consulting GmbH
Muenchen

Original Message:
Sent: Thu November 28, 2019 07:40 AM
From: Erwin Hattingh
Subject: Where can I get Db2 fix pack version 11.1.4.5?

​Sadly, officially there still is no "11.1.4.5 or V11.1.4.4 iFix002" , the latest is Db2 "V11.1.4.4 iFix001"

A real shame actually, because even the latest Db2 V11.1.4.4 iFix001 does NOT include these important Security APAR's !!!

• IT29115: SECURITY: DB2 AFFECTED BY BUFFER OVERFLOW VULNERABILITIES (CVE-2019-4322)
• IT29350: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4386)
• IT28440: SECURITY: DB2 IS VULNERABLE TO A BUFFER OVERFLOW (CVE-2019-4154)
• IT28267: SECURITY: DB2 DOES NOT EXPLICITLY FORBID A WEAKER THAN EXPECTED 3DES CIPHER WHEN CONFIGURED TO USE SSL (CVE-2019-4102)
• IT28255: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4101)
• IT27203: SECURITY: PRIVILEGE ESCALATION DURING ROUTINE EXECUTION IN FENCED MODE (CVE-2019-4057)
• IT27328: SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2019-4014)

These APAR's (officially still have Status = OPEN)  , and  are only 'fixed' with a "Special Build"  ("on top of the latest official V11.1.4.4 iFix001").
But who really dares using Special Builds in a production environment (especially in a HADR/TSA environment) .....  ?
Is everything fully tested  .... ?
My experience is,  SB's don't always have the same QA control as regular official downloadable FixPack's / Mod's / iFix's. Anything can break / will break / unexpected things can happen ...

Risk Security versus Operational Stability , tough choice ....    :-(

regards,
Erwin Hattingh

------------------------------
Erwin Hattingh
Systems Engineer / Db2 DBA
Triodos Bank

Original Message:
Sent: Wed November 27, 2019 07:57 PM
From: SangGyu Jeong
Subject: Where can I get Db2 fix pack version 11.1.4.5?

Hello, everyone.

The Knowledge Center displays Mod Pack 4 and Fix Pack 5, but not in fix central.

https://www.ibm.com/support/knowledgecenter/en/SSEPGG_11.1.0/com.ibm.db2.luw.wn.doc/doc/c0061179.html

Isn't the fix pack uploaded to fix central yet?

------------------------------
SangGyu Jeong
Software Engineer
Infrasoft
Seoul Korea, Republic of
------------------------------

#Db2

Well, yes, I have recently learned, that Oracle has a "Patch Day", where all people expect their patches and can bank on that to invite their externs to install the fixes. ;-)

Db2 doesn't have this. I'm still unsure, if the more flexible way "about once a quarter" is better.
But it really has a great advantage, that customers can be assured, that there is a fixed date, when they will get all the fixes available until then. I don't know, if they do intermediate iFixes then inbetween too.

------------------------------
Roland Schock
Distinguished Engineer
ARS Computer und Consulting GmbH
Muenchen
------------------------------

Original Message:
Sent: Tue December 03, 2019 02:55 AM
From: Erwin Hattingh
Subject: Where can I get Db2 fix pack version 11.1.4.5?

​Haha...  Coincidence or not ...    Seems my complaints  (initially on twitter, just before this post here started ),   did the trick :-)

------------------------------
Erwin Hattingh
Systems Engineer / Db2 DBA
Triodos Bank

Original Message:
Sent: Tue December 03, 2019 02:39 AM
From: Roland Schock
Subject: Where can I get Db2 fix pack version 11.1.4.5?

Your wish was granted! :-)
Just a few hours after you complained, the fix pack was visible on "Db2 Fixes by Versions" https://www.ibm.com/support/pages/download-db2-fix-packs-version-db2-linux-unix-and-windows and FixCentral: https://www.ibm.com/support/pages/db2-version-111-mod-4-fix-pack-5-linux-unix-and-windows

------------------------------
Roland Schock
Distinguished Engineer
ARS Computer und Consulting GmbH
Muenchen

Original Message:
Sent: Thu November 28, 2019 07:40 AM
From: Erwin Hattingh
Subject: Where can I get Db2 fix pack version 11.1.4.5?

​Sadly, officially there still is no "11.1.4.5 or V11.1.4.4 iFix002" , the latest is Db2 "V11.1.4.4 iFix001"

A real shame actually, because even the latest Db2 V11.1.4.4 iFix001 does NOT include these important Security APAR's !!!

• IT29115: SECURITY: DB2 AFFECTED BY BUFFER OVERFLOW VULNERABILITIES (CVE-2019-4322)
• IT29350: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4386)
• IT28440: SECURITY: DB2 IS VULNERABLE TO A BUFFER OVERFLOW (CVE-2019-4154)
• IT28267: SECURITY: DB2 DOES NOT EXPLICITLY FORBID A WEAKER THAN EXPECTED 3DES CIPHER WHEN CONFIGURED TO USE SSL (CVE-2019-4102)
• IT28255: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4101)
• IT27203: SECURITY: PRIVILEGE ESCALATION DURING ROUTINE EXECUTION IN FENCED MODE (CVE-2019-4057)
• IT27328: SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2019-4014)

These APAR's (officially still have Status = OPEN)  , and  are only 'fixed' with a "Special Build"  ("on top of the latest official V11.1.4.4 iFix001").
But who really dares using Special Builds in a production environment (especially in a HADR/TSA environment) .....  ?
Is everything fully tested  .... ?
My experience is,  SB's don't always have the same QA control as regular official downloadable FixPack's / Mod's / iFix's. Anything can break / will break / unexpected things can happen ...

Risk Security versus Operational Stability , tough choice ....    :-(

regards,
Erwin Hattingh

------------------------------
Erwin Hattingh
Systems Engineer / Db2 DBA
Triodos Bank

Original Message:
Sent: Wed November 27, 2019 07:57 PM
From: SangGyu Jeong
Subject: Where can I get Db2 fix pack version 11.1.4.5?

Hello, everyone.

The Knowledge Center displays Mod Pack 4 and Fix Pack 5, but not in fix central.

https://www.ibm.com/support/knowledgecenter/en/SSEPGG_11.1.0/com.ibm.db2.luw.wn.doc/doc/c0061179.html

Isn't the fix pack uploaded to fix central yet?

------------------------------
SangGyu Jeong
Software Engineer
Infrasoft
Seoul Korea, Republic of
------------------------------

#Db2