IBM has released the following fix Version 2.2.5.0 for IBM PureApplication Service/Systems, which includes IBM OS Images for Red Hat Linux Systems, as well as AIX-based and Windows-based deployments, in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754. Additionally IBM PureApplication Service/Systems has addressed with the same the applicable CVE-2017-4941.
CVEID: CVE-2017-5753 CVEID:CVE-2017-5754 CVEID: CVE-2017-5715
CVEID: CVE-2017-4941
IBM PureApplication System V2.2.0.0
IBM PureApplication System V2.2.1.0
IBM PureApplication System V2.2.2.0
IBM PureApplication System V2.2.2.1
IBM PureApplication System V2.2.2.2
IBM PureApplication System V2.2.3.0
IBM PureApplication System V2.2.3.1
IBM PureApplication System V2.2.3.2
IBM PureApplication System V2.2.4.0
The solution is to upgrade the IBM PureApplication System to the following fix level:
IBM PureApplication V2.2.0.0, V2.2.1.0, V2.2.2.0, V2.2.2.1, V2.2.2.2, V2.2.3.0, V2.2.3.1, V2.2.3.2, V2.2.4.0
PureApplication Software:
Linux:
http://www.ibm.com/support/fixcentral/swg/quickorder?parent=PureSystems&product=ibm/WebSphere/PureApplication+System&release=2.2.5.0&platform=All&function=fixId&fixids=pureappsw_content_2250&includeRequisites=1&includeSupersedes=0&downloadMethod=ddp&source=fc
For latest security updates we recommend to upgrade to latest fixed release:
Information on upgrading can be found here: <http://www-01.ibm.com/support/docview.wss?uid=swg27039159>
None