Thursday, June 1, 2017

IBM Security Bulletin: Vulnerabilities in libxml2 and zlib affect IBM RackSwitch Products

IBM RackSwitch Products listed below have addressed the following vulnerabilities in libxml2 and zlib. Vulnerability Details:

CVE(s): CVE-2016-4658, CVE-2016-9318, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843

Affected product(s) and affected version(s):

Product Affected Version
IBM RackSwitch G8052 7.9
IBM RackSwitch G8052 7.11
IBM RackSwitch G8124/G8124E 7.9
IBM RackSwitch G8124/G8124E 7.11
IBM RackSwitch G8264 7.9
IBM RackSwitch G8264 7.11
IBM RackSwitch G8264CS 7.8
Bundle of G8264CS Image, G8264CS SI Fabric Image and SI4093 SI Fabric Image 7.8
IBM RackSwitch G8264T 7.9
IBM RackSwitch G8316 7.9
IBM RackSwitch G8332 7.7

Remediation/Fixes:

Firmware fix versions are available on Fix Central:
http://ift.tt/1qeg5iT.

You should verify applying the fix does not cause any compatibility issues.

Product Fix Version
IBM RackSwitch G8052 (G8052_Image_7.9.20.0) 7.9.20.0
IBM RackSwitch G8052 (G8052_Image_7.11.10.0) 7.11.10.0
IBM RackSwitch G8124/G8124E (G8124_G8124E_Image_7.9.20.0) 7.9.20.0
IBM RackSwitch G8124/G8124E (G8124_G8124E_Image_7.11.10.0) 7.11.10.0
IBM RackSwitch G8264 (G8264_Image_7.9.20.0) 7.9.20.0
IBM RackSwitch G8264 (G8264_Image_7.11.10.0) 7.11.10.0
IBM RackSwitch G8264CS (G8264CS_Image_7.8.17.0) 7.8.17.0
Bundle of G8264CS Image, G8264CS SI Fabric Image and SI4093 SI Fabric Image (G8264CS_SI_Fabric_Image_7.8.17.0) 7.8.17.0
IBM RackSwitch G8264T (G8264T_Image_7.9.20.0) 7.9.20.0
IBM RackSwitch G8316 (G8316_Image_7.9.20.0) 7.9.20.0
IBM RackSwitch G8332 (G8332_Image_7.7.26.0) 7.7.26.0

Workaround(s) & Mitigation(s):

None

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2qFlPel
X-Force Database: http://ift.tt/2qnEQND
X-Force Database: http://ift.tt/2rlLd8L
X-Force Database: http://ift.tt/2lLwOQm
X-Force Database: http://ift.tt/2mlzP6B
X-Force Database: http://ift.tt/2lLuetu
X-Force Database: http://ift.tt/2mlCjlv

The post IBM Security Bulletin: Vulnerabilities in libxml2 and zlib affect IBM RackSwitch Products appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2rolUjI
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)