Message Image

Log in

Skip to main content (Press Enter).

Skip auxiliary navigation (Press Enter).

IBM Power Connect, learn, share, and engage with IBM Power. Join / Log in

Skip main navigation (Press Enter).

AIX

View Only

Expand all | Collapse all

Obtaining security APARs, given the runaround and what a hassle

Russell AdamsMon April 17, 2023 12:19 PM

I can't recall the last time I was so thoroughly disappointed with IBM. I'm opening a support ticket ...

Roy ST. JOHNMon April 17, 2023 05:13 PM

Hi Russell, Thank you for the feedback, and I'm sorry for the difficulties faced. The AIX security ...

Russell AdamsTue April 18, 2023 04:53 AM

On Mon, Apr 17, 2023 at 09:13:28PM +0000, Roy ST. JOHN via IBM Community wrote: > Thank you for ...

Russell AdamsTue April 18, 2023 08:17 AM

Roy, I don't see /etc/security/certificates/AIX_PSIRT_pubkey.txt root@nim2:/etc/security/certificates=> ...

Roy ST. JOHNTue April 18, 2023 02:56 PM

Hi Russell, Thank you again for the continued feedback. Your points are much appreciated, and as ...

Russell AdamsTue April 18, 2023 03:54 PM

On Tue, Apr 18, 2023 at 06:55:39PM +0000, Roy ST. JOHN via IBM Community wrote: > Thank you again ...

Russell AdamsFri April 21, 2023 10:24 AM

On Tue, Apr 18, 2023 at 07:54:24PM +0000, Russell Adams via IBM Community wrote: > On Tue, Apr ...

Russell AdamsTue April 18, 2023 04:55 AM

On Mon, Apr 17, 2023 at 09:13:28PM +0000, Roy ST. JOHN via IBM Community wrote: > Thank you for ...

Esa KärkkäinenThu June 08, 2023 04:04 AM

No you are not. What I'm doing is mirroring "https://aix.software.ibm.com/aix/efixes/" to a NIM ...

minesh patelTue April 18, 2023 09:19 AM

Life is very simple. I go to this url Index of /aix/efixes/security Ibm remove preview ...

Russell AdamsTue April 18, 2023 09:50 AM

Where is that URL published? You still have to confirm the signatures on any advisory and tarball, ...

minesh patelTue April 18, 2023 10:01 AM

https://www.ibm.com/support/pages/security-bulletin-aix-vulnerable-arbitrary-code-execution-due-libxml2-cve-2022-40303-and-cve-2022-40304 ...

Russell AdamsTue April 18, 2023 10:24 AM

On Tue, Apr 18, 2023 at 02:01:24PM +0000, minesh patel via IBM Community wrote: > https://www.ibm.com/support/pages/security-bulletin-aix-vulnerable-arbitrary-code-execution-due-libxml2-cve-2022-40303-and-cve-2022-40304 ...

Russell AdamsMon June 05, 2023 02:42 PM

IBM has opened an "ideas" for security updates. I would encourage everyone to help upvote improvements ...

Douglas ProbstTue June 06, 2023 08:32 AM

I agree with you 100% This hack IBM uses really sucks and it is no wonder AIX is dying.. But to ...

Russell AdamsTue June 06, 2023 08:36 AM

On that topic, I wonder if SUMA validates downloads. ------------------------------------------------------------------ ...

1. Obtaining security APARs, given the runaround and what a hassle

1 Like
Russell Adams
Posted Mon April 17, 2023 12:19 PM

Reply
I can't recall the last time I was so thoroughly disappointed with IBM. I'm opening a support ticket and copying it here because whoever composes this nonsense should be thoroughly embarrassed. I can only hope someone in IBM Security reads what they are publishing.

Trying to download APAR for IJ36681 (nimsh vulnerability). I'm incredibly disappointed in IBM's security release procedure, and opening a support ticket af