When IBM blasts out an announcement that they have a fix for some CVE's dated 2014 and 2018, some with a score of 9.8, should one think "A - wow, it took them years to fix such high scoring CVEs" or should one think "B - I betting they just updated the document number to suggest you upgrade to a version currently under support instead of the old recommendation to upgrade to something older"?
https://www.ibm.com/support/pages/node/7157366
Would something like 8.6.0.4 fix the CVEs listed? There is a LOT of CVE's mentioned there...
------------------------------
Robert Berendt IBMChampion
------------------------------