HMC

I received this security bulletin:  https://www.ibm.com/support/pages/node/7028209?myns=swgother&mynp=OCSSOQ2E&mync=E&cm_sp=swgother-_-OCSSOQ2E-_-E

I am running the following on my HMC:
Version: 10
Release: 2
Service Pack: 1031
Build Level: 2304040146
virtual X86

The letter mentions affected versions were V10.1.1010.0  and V10.2.1030.0, but the fixes listed were for: V10.2.1040.0 and V10.1.1020.0.  To me, this is very confusing.

I ran my configuration through FLRT at https://esupport.ibm.com/customercare/flrt/power and it replied:
Input: HMC V10 R2 M1031
Available Fixes: vMF70889

------------------------------
Robert Berendt IBMChampion
------------------------------

Hi Robert

It is really straight forward, you are running HMC V10R2 with service pack M1031.

M1040 is just another service pack for your V10R2 HMC. If you look at fixcentral there is even a M1041 service pack available.

But remember to always read the readme for the service pack/fix, before installing it.

One significant security enhancement/change in M1040 is that unsecure telnet port 2300 is disabled on the HMC.  All IBM i remote console sessions now require a TLS connection!

------------------------------
Janus Hertz
Consulting IT Specialist - IBM Power / IBM i - Virtualization, Security, HA/DR.
IBM Northern Europe

Original Message:
Sent: Tue August 22, 2023 03:33 PM
From: Robert Berendt
Subject: HMC security bulletin 2023-08-22 and my version of HMC

I received this security bulletin:  https://www.ibm.com/support/pages/node/7028209?myns=swgother&mynp=OCSSOQ2E&mync=E&cm_sp=swgother-_-OCSSOQ2E-_-E

I am running the following on my HMC:
Version: 10
Release: 2
Service Pack: 1031
Build Level: 2304040146
virtual X86

The letter mentions affected versions were V10.1.1010.0  and V10.2.1030.0, but the fixes listed were for: V10.2.1040.0 and V10.1.1020.0.  To me, this is very confusing.

I ran my configuration through FLRT at https://esupport.ibm.com/customercare/flrt/power and it replied:
Input: HMC V10 R2 M1031
Available Fixes: vMF70889

------------------------------
Robert Berendt IBMChampion
------------------------------

So, does MF71190 upgrade one to V10.2.1040.0, or is it applied to V10.2.1040.0?  If MF71190 is applied to V10.2.1040.0, then what does one apply to V10.2.1031 to address these CVE's?

Hi Robert

It is really straight forward, you are running HMC V10R2 with service pack M1031.

M1040 is just another service pack for your V10R2 HMC. If you look at fixcentral there is even a M1041 service pack available.

But remember to always read the readme for the service pack/fix, before installing it.

One significant security enhancement/change in M1040 is that unsecure telnet port 2300 is disabled on the HMC.  All IBM i remote console sessions now require a TLS connection!

------------------------------
Janus Hertz
Consulting IT Specialist - IBM Power / IBM i - Virtualization, Security, HA/DR.
IBM Northern Europe

Original Message:
Sent: Tue August 22, 2023 03:33 PM
From: Robert Berendt
Subject: HMC security bulletin 2023-08-22 and my version of HMC

I received this security bulletin:  https://www.ibm.com/support/pages/node/7028209?myns=swgother&mynp=OCSSOQ2E&mync=E&cm_sp=swgother-_-OCSSOQ2E-_-E

I am running the following on my HMC:
Version: 10
Release: 2
Service Pack: 1031
Build Level: 2304040146
virtual X86

The letter mentions affected versions were V10.1.1010.0  and V10.2.1030.0, but the fixes listed were for: V10.2.1040.0 and V10.1.1020.0.  To me, this is very confusing.

I ran my configuration through FLRT at https://esupport.ibm.com/customercare/flrt/power and it replied:
Input: HMC V10 R2 M1031
Available Fixes: vMF70889

------------------------------
Robert Berendt IBMChampion
------------------------------