AIX

I patched AIX to address some CVEs.  Now I can't get our Storage Protect 8.1.19 running due to ciphers/TLS.

The other team has found that 8.1.23 has found that it updates Storage Protect ciphers/TLS.

Apparently I'm not the first...

Our Manages Services provider is one of those that likes to stay on a version until it's about to become out of support.  That tends to conflict with the flurry of CVEs coming out...

Hi!

Can you share some details, what you upgraded?  We are using Storage Protect as well, but haven't run into any trouble, yet.  But our backup team was planing some upgrades in the coming weeks.  So some more details might be interesting for them.

Best regards,

  Alexander

I patched AIX to address some CVEs.  Now I can't get our Storage Protect 8.1.19 running due to ciphers/TLS.

The other team has found that 8.1.23 has found that it updates Storage Protect ciphers/TLS.

Apparently I'm not the first...

Our Manages Services provider is one of those that likes to stay on a version until it's about to become out of support.  That tends to conflict with the flurry of CVEs coming out...

I put on these patches:

Vulnerability in libxml2 could allow a remote attacker to cause a denial of service (CVE-2024-25062)
https://aix.software.ibm.com/aix/efixes/security/libxml2_advisory6.asc

Vulnerability in sendmail could allow a remote attacker to spoof an email (CVE-2023-51765).
https://aix.software.ibm.com/aix/efixes/security/sendmail_advisory4.asc

AIX is vulnerable to privilege escalation (CVE-2024-27273)
https://aix.software.ibm.com/aix/efixes/security/kernel_advisory7.asc

AIX is vulnerable to a denial of service (CVE-2024-2511, CVE-2024-0727) due to OpenSSL
https://www.ibm.com/support/pages/node/7160457

After these I had SSL issues.  No, I do not have details.

Since my original post Storage Protect was upgraded to 8.1.23 and it still doesn't seem to be working.  Our BP is working with IBM on this.

Hi!

Can you share some details, what you upgraded?  We are using Storage Protect as well, but haven't run into any trouble, yet.  But our backup team was planing some upgrades in the coming weeks.  So some more details might be interesting for them.

Best regards,

  Alexander

I patched AIX to address some CVEs.  Now I can't get our Storage Protect 8.1.19 running due to ciphers/TLS.

The other team has found that 8.1.23 has found that it updates Storage Protect ciphers/TLS.

Apparently I'm not the first...

Our Manages Services provider is one of those that likes to stay on a version until it's about to become out of support.  That tends to conflict with the flurry of CVEs coming out...