Hardware Management Console Readme For use with Version 8 Release 8.4.0 Service Pack 1 Contents The information in this Readme contains fix list and other package information about the Hardware Management Console. * PTF MH01626 <#MH01626> * Package information <#package> * List of fixes <#fixes> * Installation <#install> * Additional information <#additional> PTF MH01626 This package includes fixes for HMC Version 8 Release 8.4.0 Service Pack 1. You can reference this package by APAR MB04012 and PTF MH01626. This image must be installed on top of HMC Version 8 Release 8.4.0 Service Pack 1 (PTF MH01576) with or without additional fixes. /Package information/ Package name Size Checksum (sha1sum) APAR# PTF# MH01626.iso 915972096 5ebd9cd0c2e22caed624bfee9cdd97dda3827665 MB04012 MH01626 Splash Panel information (or lshmc -V output) "version= Version: 8 Release: 8.4.0 Service Pack: 1 HMC Build level 20160416.1 MH01626: Fix for HMC V8R8.4.0 SP1 (04-16-2016) ","base_version=V8R8.4.0 " Known Issues:* * The Console Window > Open Terminal Window may fail with "/javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name/" in Java console output. The circumvention is to use ssh vtemu/mkvterm. A fix is planned for a future PTF. List of fixes *Security Fixes* * Fixed the following OpenSSL security vulnerabilities: CVE-2015-3197, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797 * Fixed Tomcat vulnerabilities: CVE 2015-5174,CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763 * Fixed vulnerabilities in bind: CVE-2016-1285 and CVE-2016-1286 * Fixed security vulnerability with Strongswan; CVE-2015-8023 * Fixed the following Httpd security vulnerabilities; CVE-2013-5704 CVE-2015-3183 * Fixed libssh2 security vulnerability: CVE-2016-0787 * Fixed NTP security vulnerabilities: CVE-2015-5300, CVE-2015-7704, CVE-2015-8138 * Fixed a problem where port 12443 may allow ciphers outside the list of current ciphers as defined by lshmcencr/chhmcencr. * Fixed a security issue with HMC restricted shell. *General **Fixes* * Fixed a performance issue where the Format media panel can take 30 seconds or more to list USB devices. * Fixed a rare issue where Serviceable Events E35A0017 and E35A0016 may be reported due to a deadlock related to HMC data replication services. * Fixed an issue where call home was attempting to establish a connection to the old (pre HMC V8R8.3.0) callhome servers even when not using legacy callhome. If the legacy callhome addresses were blocked by a firewall, call home may fail. * Fixed a problem where scheduled HMC backups configured for FTP failed with rc=23 if the remote FTP server did not also support SFTP. Installation *NOTE:* The enhanced GUI is not supported for install. Installation instructions for HMC Version 8 upgrades and corrective service can be found at these locations: Upgrading or restoring HMC Version 8 Installation methods for HMC Version 8 fixes Instructions and images for upgrading via a remote network install can be found here: HMC V8 network installation images and installation instructions Additional information Notes: 1. The Install Corrective Service task now allows you to install corrective service updates from the ISO image files of these updates. You can download these ISO image files for the HMC, and then use the ISO image file to install the corrective service update. You no longer need to burn CD-R or DVD-R media to use the ISO image file to install corrective service. 2. This image requires DVD -R media. 3. To install updates over the network, select the *.iso file on the "Select Service Package" panel of the Install Corrective Service task. The HMC application extracts the files needed to install the corrective service. If you are using USB flash media, copy the *.iso file to the flash media, and then select the file when prompted. 4. The *updhmc* command line command has also been modified to use the *.iso file. To use the command, follow the syntax in this example: updhmc -t s -h -f -u -i In all cases, the HMC application extracts the files needed to install the corrective service. Back to top <#ibm-content>