Date: June 7, 2007
(C) Copyright International Business Machines
Corp., 2006 All rights reserved.
Install Corrective Service cannot be used to update to
HMC V6.1.0. One of the following upgrade
methods must be used. Note that Version
4 HMCs can only use the Local media - DVD-RAM upgrade data method.
•
Remote upgrade
Minimum HMC level
required: V5R2.1
Requirements: Remote ssh access to HMC; FTP server with HMC
upgrade files.
This method allows a user
to upgrade a HMC from a remote location.
See remote upgrade installation instructions at the HMC technical
support Web site.
•
Local media -
Hard drive Upgrade Data
Minimum HMC level required: V5.2.0
Requirements: DVD Recovery media
This method saves the
current configuration to the local hard rive, then performs the upgrade from
local DVD media. See upgrading HMC V6R1.0
from DVD recovery media instructions at the HMC technical support Web site.
•
Local media -
DVD-RAM Upgrade Data
Minimum HMC level
required: V4.1.1
Requirements: Blank DVD-RAM; DVD Recovery media
This method saves the
current configuration to the local hard drive, then performs the upgrade from
local DVD media. See the upgrade
instructions at the HMC technical support Web site.
NOTE: This is the only
method that can be used to upgrade directly from HMC Version 4 to HMC Version
6.
•
Network Upgrade
Minimum HMC level
required: V5.2.0
Requirements: A system on the network configured as an HMC
network upgrade server
This method allows the HMC
to boot and upgrade from another server on the network. See Upgrade
to HMC V6 R1.0 over the network at the HMC technical support Web site.
·
To
launch the browser, right mouse click on the desktop to bring up the menu.
Select "Net" and then "Browser".
·
To
start a restricted shell terminal, right mouse click on the desktop to bring up
the menu. Select "Terminals" and then "rshterm".
·
The HMC currently only stores 4 service processor dumps and
4 platform system dumps per managed system.
·
Changes to a partition profile do not apply to the partition immediately. The changes will only
take effect on the partition when activation is done through the profile.
·
Use the Server and Partition plug-in in order to view
keylock positions and SRC values when performing Operator Panel Service
Functions through Service Focal Point
·
To view system event logs you must login as a user with the
‘hmcpe’ role; then,
from Service Applications, select Service Focal Point -> Service Utilities
-> Actions -> View Problem Logs.
·
HMC Version 4
Release 2 or higher is required to manage pSeries Power5 servers.
·
HMC has enabled
UTF-8 locale support. This additional support is currently only available
through the command line. To enable the new locales, execute the following
command: chhmc -c <locale> -s modify -l
<locale name>.
· To perform a network booting of the HMC, it is recommended that the PXE server be
upgraded to PXE Linux version 3.11 or higher
·
HMC
has enabled additional keyboard support. There are multiple pages for the
keyboard configuration: during the keyboard configuration, enter 98 to go the next page and 97 to go to the previous page.
·
If
the HMC is used in a Cluster 1600 environment, refer to “IBM@server 1600
Facts and Features”:
http://www-1.ibm.com/servers/eserver/clusters/hardware/1600_facts.pdf
for
scaling limitations.
·
The
following page will display the recommended HMC and Server code levels for the
currently supported Power5 releases. Power5 Code Matrix:
http://www14.software.ibm.com/webapp/set2/sas/f/power5cm/home.html
This PTF can be use to update your HMC from V6R1 to V6R1.3 using the Install Corrective Service.
Updating to HMC V6 R1.2 can be done with an Upgrade (using Recovery Media) or the Network. If the HMC is currently at HMC V6 R1.0 or HMC V6 R1.1, PTF MH00915 can be ordered to update to HMC V6 R1.2 using the Install Corrective Service.
Updating to HMC V6 R1.0 requires an Upgrade using Recovery Media or the Network. There are no updates to be used with the Install Corrective Service. Upgrade from HMC Version 4 to HMC Version 6 can only be done by first saving the upgrade data to DVD-RAM media, re-installing the HMC with HMC V6 R1.0 without selecting the Upgrade option, and then using the new rstupgdata command to copy upgrade data onto the HMC. The data copied will be automatically restored on the next reboot.
Server and Partition Management:
· Enhanced locking to help dual HMC lock contention
issues.
· Fix for Lpar creation profile summary showing
incorrect virtual IO adapter numbers.
· Fix for lshwinfo command to show single records of environmental
information for a managed system in a frame.
· Appropriate error message returned when chsyscfg is used to change the name of
a profile to a name that already exists.
· Appropriate error message is returned if duplicate
VLAN ID is detected during activation of a partition.
System Plans:
·
Provides support for
deploying plans created by the System Planning Tool.
·
Provides support
for deployment of system plan as created by the mksysplan command.
·
Provides support
for creating a system plan from the WebSM interface.
·
Provides fix for mksysplan to allow it to
produce a system plan from a managed system that has a space in its name.
·
Enhanced
the clean up script to delete heapdumps that fill up the / filesystem.
·
Enhanced
lshmcusr command to show the
attribute pwage (password age)
·
Hot
plug of USB Floppy drive will require floppy media in the drive in order for
the device to be detected.
·
Support
for the Daylight Savings Time changes in
year 2007.
·
An
option has been added to the chsacfg command to allow SNMP trap
notification configuration.
·
Options
have been added to the lssacfg command to display SNMP trap notification
settings and to display all defined SNMP traps.
·
A new
command, rmprofdata, has been added to remove a profile data backup file
from the HMC.
·
The following commands
have been added for HMC upgrade purposes:
·
saveupgdata – allows Upgrade Data to be saved to disk or disk and DVD-RAM.
·
getupgfiles – allows upgrade files consisting of HMC code, to be copied
from a server onto the HMC disk partition. This command should ONLY be used
prior to performing an upgrade to version higher than HMC version 5. This
command obtains all the necessary files required to perform an upgrade, and
puts them in a special disk partition on the HMC. These files are currently
published on the HMC support web site and also reside on the DVD. This command
was introduced in HMC V5R2.1 to allow remote upgrade of HMC to higher version.
·
rstupgdata –
allows previously
saved upgrade data to be restored from DVD-RAM, following a new installation on
the HMC. Upgrade data must have been previously copied onto DVD-RAM by running
the Save Upgrade Data task or saveupgdata command, prior to performing
an installation. You must reboot the HMC after running the rstupgdata
command to allow Upgrade Data to be restored automatically.
· An option has been added to the command chhmc
(-c altdiskboot -s enable --mode upgrade). The new options will enable the
alternate disk boot/upgrade option. Run the chhmc command with these
options, after running the getupgfiles command, will prepare the HMC to
use the new code copied over by getupgfiles command, on the next boot.
· Options have been added to the updlic
command to reject installed LIC updates and to check system readiness for LIC
operations.
· An option has been added to the bkconsdata command to
allow a remote directory to be specified.
Also, an option has been added to remove the backup task lock to allow
the backup task to be re-executed immediately.
· An option has been added to the bkprofdata command to
allow an existing backup file to be overwritten.
· To fix a security exposure, the bkprofdata
command has been changed to only allow the profile data backup file to be
written to the following locations:
1.
Removable media
2.
Your home directory
3.
The /tmp directory
4.
The default profile
data backup directory
In addition, to provide for future compatibility you can no longer
specify the default profile data backup directory when you issue the bkprofdata
command. To write the backup file to the default profile data backup
directory, you need to specify only the filename, and not the directory. If you
are currently using
bkprofdata -m <managed
system> -f /var/hsc/profiles/<serial number>/backup010106
you need to now use
bkprofdata -m <managed system> -f
backup010106
· The lssysconn command has been enhanced to display the
physical location code for the service processor.
· License Internal Code update performance and usability have
been enhanced by adding:
1.
Performance
restructure
2.
Improved Progress
Panel Information
3.
Customer Controlled
Power Interlock Feature
· Enhanced LIC update so that specified code repositories will
be used. The process previously would use the hard drive if any files were
found there regardless of user selection.
· Added support for firmware update from a DVD-RAM
· Added support for “View I/O Levels” for targeted
I/O devices.
· Enhanced messages for successful code updates with deferred
fixes present in the fixpack.
· Added support to the HMC to gather and display the levels of
code for both FSPs (Models 570, 590 and 595) and both BPCs (Models 590 and
595).
· Added support to Code Update to use a local disk as a
repository for firmware upgrades (new GA levels)
· Added support to the GUI to warn that a firmware down level
(down-grade) will be disruptive. A message was also added to inform the user
that if the destination level of firmware level matches the level on the
P-side, the same function can be performed concurrently via the remove and
activate function.
· Added support to Scheduled
Operations to perform back up of critical console data to a remote server.
· Added the option to Install
and Activate latest Concurrent LIC level as a Scheduled Operation.
· Corrected a problem where a
Scheduled Operation was attempting to perform an unsupported operation during
its error handling routine. A repeating
scheduled operation that encountered this error would not run again until the
next HMC reboot.
· Enhanced the fault isolation priority algorithm for MUX card
analysis.
· Corrected a problem where a service lock was not freed after
a failed FSP repair.
· Enhanced GUI content and panel ordering usability.
· Corrected a problem that caused power errors to be logged
after replacing a power supply.
· Corrected the Repair and Verify GUI to include instructions
for setting the Enclosure Serial Number when performing an I/O backplane
replacement in an P575 system.
· Corrected a problem where the control panel was not
selectable from the list of removable FRU types (Model 570).
· For InfiniBand HCA replacement procedures, information was
added to the RV panels to direct the user to IB HCA replacement procedures
documented in the “Clustering systems using InfiniBand Hardware”
manual.
· Added support to Repair and Verify for the repair of FSP
devices on model 570.
· Added a feature to allow
customers to backup HMC critical console data to specify a remote directory for
disaster recovery. This will also allow them to maintain multiple versions.
· Enhanced Restore from FTP
site to account for differences in Operating Systems.
· Corrected a problem during
the restore of Critical Console data saved before the HMC V5R2.0.
· Added code to limit the
range of IP addresses that may be assigned in the 192.168.x.x class B DHCP
Server Range IP range.
· Added Internet SSL
connectivity options to the Guided Setup Wizard.
· Enhanced Serviceable Events
to include the partition id for Operating Systems failures.
· Enhanced handling for
Surveillance errors and problem closures.
· Corrected a problem in a
dual HMC System Configuration where errors were being called home twice.
· Enhanced dump handling to
allow dump data to be retrieved from systems that are no longer managed by the
HMC.
· Enhancement to prevent HMC
interactive performance degradation after Linux or AIX images are cloned.
· Corrected an issue where a
Linux or AIX partition should not be shut down using the OS option after an
LPAR had its hostname and node id changed.
· Enhanced the View RIO
Topology tool to include the Leading and Trailing Port status.
· Enhanced the panel for
‘Administrator Service Processor Failover’ to eliminate the chance
that a user may inadvertently initiate FSP Failover to occur.
· Changed code to display the
time in the HMC’s timezone when using the remote WebSM client.
Known Issues:
·
Dynamic partition
configuration for memory move can take a while. During that time, no other
operation can be performed on the partition.
·
After configuring
your network setting, make sure to reboot your HMC. Otherwise, dynamic logical
partitioning for AIX/Linux partitions may not work.
·
Users cannot
change virtual Opticonnect and HSL Opticonnect settings through the GUI without
activating the changes through a partition profile. Users can change the
settings dynamically through the command line interface.
Usage:
chhwres -m <managed system name> -r virtualio –-rsubtype virtualopti -p
<partition name> -o s –a “virtual_opti_pool_id=[0|1]”
Usage:
chhwres –m <managed system name> -r virtualio -–rsubtype hsl –p
<partition name> -o s –a “hsl_pool_id=[0|1]”
·
Error messages
for some Dynamic Logical Partitioning tasks give ‘AIX’ as the
partition type even though it’s actually a Linux partition.
·
Only a single USB
floppy drive can be attached to save CoD data and Security keys.
·
Unable to perform
Dynamic Logical Partitioning virtual I/O remove operations if the partition
does not have a current profile.
·
Unable to tab to
the ‘Help’, ‘Back’, “Next’, and
‘Cancel’ buttons in the setup wizard. User needs to use the mouse
to click on the buttons.
·
When customizing
task role for a user to open and use the 5250 console, you will need to include
the following tasks to that role :
"Console
Tasks=>Partition=>Open Terminal Window"
"Command
Line Tasks=>Logical Partition=>5250 Console Connect"
"Command
Line Tasks=>Logical Partition=>5250 Console Write"
·
The HMC will
display the wrong device information since the feature code 2849 is used for
two different adapters :
OS/40 p Linux p
AIX
PCI 100/10Mbps
Ethernet IOA 2849 n/a n/a
PCI 2D
Graphics Accelerator n/a 2849 2849
Only a visual
inspection of the slot on the machine will be able to determine if the adapter
is a Ethernet card or a Graphics card. Once the partition is activated with the
adapter in the profile, the description should display proper adapter
information.
·
If the HMC remote client loses its
connection while it is downloading firmware, the download fails. Retry the
operation “Change internal Code” might fail again with the message
“Object is busy, and the task cannot handle busy objects”. Reboot
the HMC and retry the “Change internal Code” operation.
·
Updating
Licensed Internal Code on multiple Managed Systems in a p575 within the same
power frame can be updated simultaneously by using the following procedure:
1. Select one Managed System in each frame from the "Target
Option Selection" panel. This will
update Licensed Internal Code on the Power Subsystem and the selected Managed
System.
2. Select the remaining Managed Systems in
all frames from the "Target Option Selection" panel. This will update Licensed Internal Code on
the remaining Managed Systems. The Power
Subsystem was already updated in Step 1 and will not be updated again.
Note that after
Licensed Internal Code has been updated in Step 1, the image is saved on the
HMC. The "disk" repository can
then be used for subsequent updates in Step 2.
·
Recovery procedure when error message
“ACT01724 The operation failed due to an internal code failure”.
Verify that the state of the managed systems and frames are connected using the
command line “lssysconn –r all”, and then retry the
operation.
·
When LIC Code Update is in progress, the Frame state changes from
standby/standby to standby/unavailable. This change may happen if a power dump
is in progress, and the code update operation will fail. Wait for the Frame
state to change back to standby/standby, and then retry the operation.
·
The following message will be displayed when a concurrent Licensed
Internal Code update is initiated from the HMC:
Notice: “Do not
perform any configuration or management operations on the managed system while
Licensed Internal Code is being updated”.
Note: Performing
a concurrent Licensed Internal Code update will require the Service Processor
to be reset as part of the process. This reset will cause any operations that
are in progress to be disrupted. Therefore, it is highly recommend that you do
not perform any tasks on the managed-system that is being updated until the
firmware update is complete. However, if an operation does occur, the code
update might still complete correctly and the operation might also complete
correctly. If there is a failure, please allow the concurrent firmware update
to complete before retrying a new operation. If the concurrent firmware update
fails, please remove the corrupted image and retry the concurrent Licensed
Internal Code update again.
·
Recovery procedure when error message
“HSCF0052W Frame tttt-mmm*sssssss is locked by another process.” Is
shown when performing Licensed Internal Code Update Operation on the p5 595, i5
595, p5 590 and p5 575
managed systems, verify that no other frame operations that uses the lock
listed below:
·
Repair
and Verify Operation
·
Initialize
Frame Operation
·
Set
Frame Number Operation
·
Licensed
Internal Code Update
· Mnemonics are not supported in double byte
and ru locales.
· The HMC uses several external components.
These components are not developed by the HMC team and are translated as part
of a separate translation plan and schedule. The mix of English and translated
text is an unavoidable situation and has the potential to occur anytime the HMC
is updated or pulls in a new version of an external application that is updated
in between its normally scheduled translation cycles.
· Due
to the limitation of groff, some characters in the output of "man"
command might be corrupted in traditional Chinese, simplified Chinese and
Korean when the window is too narrow. Widen the window and retry the command
again.
· If
the browser on the HMC is used to view Japanese PDF files, Japanese text will
not be displayed correctly in the bookmark page.
· Korean
input is supported. Press Shift-Space to switch between English and Korean
input mode.
· Traditional and Simplified Chinese input
is supported in zh_TW and zh_CN locales. Press CTRL-Space to switch between English and
Chinese input mode. Press CTRL-Shift to
select an input method. Press space bar to see more Chinese characters.
· Japanese input is supported. Press
Shift-Space to switch between English and Japanese input mode.
· User ID, User information, HMC User
password, Partition name, managed system name, profile name and system profile name are in English only.
· IBM275 doesn't work well when connecting
from IBM Personal Communications or iSeries Access to an HMC. Use another
Brazil codepage. The codepage "IBM930 Japan Katakana" doesn't work
well either. Use "IBM930 Japan Katakana Extended" instead.
· An ibm5250 session opened on the HMC
locally will be in the same locale as the one that is set for the HMC. To open
a session in a different locale, change the HMC locale first, logout, login and
then invoke ibm5250. The other option is to connect to the HMC using a remote
emulator, e.g. IBM Personal Communications or iSeries Access, in the desired
locale.
|
Languages |
Supported or |
Locales |
|
English |
Supported: |
en_US, en_GB, en_GB@euro, en_AU, en_BE, en_BE@preeuro, en_CA, en_HK, en_Ne, en_IE, en_IE@preeuro, en_NZ, en_PH, en_PK, en_ZA, en_SG |
|
German |
Supported: |
de_DE, de_DE@preeuro, de_CH, de_AT, de_AT@preeuro, de_LU, de_LU@euro |
|
French |
Supported: |
fr_FR, fr_FR@preeuro, fr_CH, fr_CA, fr_BE, fr_BE@euro, fr_LU, fr_LU@euro |
|
Italian |
Supported: |
it_IT, it_IT@preeuro, it_CH |
|
Spanish |
Supported: |
es_ES, es_ES@preeuro, es_AR, es_BO, es_CL, es_CO, es_CR, es_DO, es_EC,es_SV, es_GT, es_HN, es_MX, es_NI, es_PA, es_PY,es_PE, es_PR, es_US, es_UY,es_VE |
|
Brazilian Portuguese |
Supported: |
pt_BR |
|
Japanese |
Supported: |
ja_JP |
|
Simplified Chinese |
Supported: |
zh_CN, zh_SG |
|
Traditional Chinese |
Supported: |
zh_TW, zh_HK |
|
Korean |
Supported: |
ko_KR |
|
Hungarian |
Supported: |
hu_HU |
|
Dutch |
Supported: |
nl_NL, nl_NL@preeuro, nl_BE, nl_BE@preeuro |
|
Russian |
Supported: |
ru_RU |
|
Czech |
Supported: |
cs_CZ |
|
Slovakian |
Supported: |
sk_SK |
·
Scheduled
Operations requires that the targeted object (CEC, HMC, Image) has been
initialized with user defined names.
|
CVE-2007-1536 CVE-2007-1003 CVE-2007-1667 CVE-2007-1352 CVE-2007-1351: CVE-2006-4250: |
integer underflow within ELF header parsing in
"file" Multiple vulnerabilities in XFree86 man heap overflow |
|
CAN-2003-0989 |
tcpdump remote DOS |
|
CAN-2003-0190 |
OpenSSH: info leak issue |
|
CAN-2004-0078 |
mutt remote buffer
overflow |
|
CAN-2004-0110 |
libxml2 URI Parsing
Remote Buffer Overflow |
|
CAN-2004-0109 |
Kernel ISO9660/JFS local
privilege escalation, info leak |
|
CAN-2004-0183 |
tcpdump ISAKMP remote DOS |
|
CAN-2004-0427 |
Kernel privilege
escalation, local DoS |
|
CAN-2004-0554 |
Kernel "__clear_fpu()" Macro local DoS |
|
CAN-2004-0523 |
kerberos aname_to_localname
remote root compromise |
|
CAN-2004-0460 |
dhcp-server: remote system compromise |
|
CVE-2002-1363 |
libpng remote DoS |
|
CAN-2004-0590 |
Certificate chain
authentication in Openswan pluto |
|
CAN-2004-0649 |
L2tpd: remote execution of
arbitrary files w/ privs of l2tpd user |
|
VU#388984 |
libpng: multiple vulnerabilities |
|
CAN-2004-0415 |
Kernel: local privilege escalation, race condition in file offset
pointer handling |
|
VU#550464 |
krb5: remote
unauthenticated DoS |
|
CAN-2004-0817 |
imlib: local execution via heap overflow |
|
CAN-2004-0687 |
xf86: multiple buffer
overflows with malformed xpm images |
|
CAN-2004-0966 |
gettext: Insecure temporary file handling |
|
CAN-2004-0804 |
tiff: Buffer overflows in
image decoding |
|
CAN-2004-0884 |
Cyrus-sasl2: (ver2.1.7)Insecure
handling of environment variable |
|
CAN-2004-0971 |
krb5: krb5-workstation:
Possible symlink attack, priv
escalation via temproary file mishandling |
|
CAN-2004-0989 |
libxml:
remote code execution, buffer overflow |
|
CAN-2004-0975 |
Openssl: possible symlink attack
via temp file mishandling |
|
SUSE-SA:2004:041 |
xf86: SuSE security updates for libxpm |
|
CAN-2004-0782 |
imlib: xpm security updates in
imlib |
|
CAN-2004-1010 |
zip: buffer overflow in
info-zip when using recursive folder compression |
|
CAN-2004-1308 |
tiff: multiple buffer
overflows |
|
CAN-2004-0986 |
iptables: variable init failure can cause failure to load
firewall rules |
|
CAN-2004-0883 |
Kernel update for multiple
local and remote DoS vulnerabilities |
|
CAN-2004-0079 CAN-2004-0112 |
OpenSSL remote DOS |
|
CAN-2005-0155 |
Perl: Security update to
address two priv escalation and a buffer overflow
condition |
|
CAN-2005-0449 |
Updates for multiple
issues on 2.4-2.6.11 kernels |
|
CAN-2005-1993 |
sudo: vulnerabilities allow execution of arbitrary
commands |
|
CAN-2005-1267 |
tcpdump: fix for several DOS vulnerabilities |
|
CAN-2005-1151
|
tiff: buffer overflow
allows execution of arbitrary code |
|
CAN-2005-0109 |
OpenSSL update |
|
CAN-2005-2969 |
OpenSSL fix for potential SSL 2.0 Rollback vulnerability |
|
CVE-2001-0572 |
SSHv1 Protocol Available |
|
CVE-2004-0175 |
OpenSSH SCP Client File Corruption Vulnerability |
|
CVE-2006-0225 |
OpenSSH scp remote attack
vulnerability |
|
CVE-2006-0058 |
Sendmail remote code execution |
|
CVE-2006-1721 |
Cyrus-sasl
remote denial of service |
|
CVE-2006-2024 CVE-2006-2025 CVE-2006-2026 |
Libtiff: various denial of service attacks |
|
CVE-2005-3352 CVE-2005-3357 |
Apache2 cross site
scripting in mod_imap and mod_ssl |
|
CVE-2006-0455 |
Gpg remote execution by signature checking |
|
CVE-2005-3353 CVE-2005-3389 CVE-2005-3390 CVE-2005-3391 CVE-2005-3392 CVE-2005-3883 |
Multiple vulnerabilities
in php4 |
|
CVE-2005-2970 |
Apache2 worker memory leak |
|
CVE-2005-2974 CVE-2005-3350 |
Libungif denial of service attack/buffer overflow |
|
CVE-2005-2959 |
Sudo environment cleaning privilege escalation
vulnerability |
|
CAN-2005-2491 |
PCRE: Integer overflow
vulnerability |
|
CVE-2005-3119 CVE-2005-3179 CVE-2005-3180 CVE-2005-3181 |
Kernel potential denial of
service and information disclosure |
|
CAN-2005-2797 CAN-2005-2798 |
OpenSSH: fixes to prevent escalation of privileges and
bypass certain security restrictions |
|
CVE-2005-2876 |
Util-linux umount “-r”
Re-Mounting security issue |
|
CAN-2005-2495 |
Xf86: Fix remote command
execution |
|
CAN-2005-2491 CAN-2005-2700 CAN-2005-2728 |
Apache2: Security fixes |
|
CAN-2005-1761 CAN-2005-1768 CAN-2005-2500 |
Kernel: Various Security
Fixes |
|
CAN-2005-2452 |
Tiff: Vulnerability allows
DOS attack due to divide by zero error |
|
CAN-2005-2177 |
Net-snmp
remote attack vulnerability |
|
CAN-2005-0448 |
Perl vulnerabilities |
|
CAN-2005-0758 CAN-2005-0988 CAN-2005-1228 CAN-2005-1260 CAN-2005-0953 |
Bzip2 vulnerability |
|
CAN-2004-1189 |
Krb5 multiple security
issues |
|
CAN-2005-1849 CAN-2005-2096 |
Zlib buffer overflow |
|
CAN-2005-2088 CAN-2005-1268 |
Apache2: fix for multiple
vulnerabilities |
|
CAN-2004-1453 CAN-2004-0968 CAN-2004-1382 |
Glibc: Infoleak and symlink attack vulnerabilities |
|
CAN-2005-1111 CAN-2005-1229 |
Cpio directory traversal and privilege escalation |
|
CAN-2005-0605 |
Xf86: libXPM
integer overflow |
|
CAN-2004-0970 |
Gzip: temporary file mishandling |
|
CAN-2005-0160 CAN-2005-0161 CAN-2005-0961 |
telnet: ENV buffer
overflow |
|
CAN-2005-1704 |
Binutils vulnerabilities |
|
CAN-2005-1993 |
Sudo: race condition |
|
CAN-2005-0373 |
Cyrus-sasl,
cyrus-sasl2 remote code execution |
The following customer courses will be available from Resource Link for the Product Announce on May 4, 2004.
·
How to Use the eServer i5 and p5 Hardware
Management Console
This course explains how to install and configure the Hardware Management
Console (HMC) for the Model 520/570. It also covers the HMC's basic operations
by exploring the general user interface. Partitioning is discussed in detail,
with explanations showing both command line and GUI support.
·
eServer i5 and p5 - Physical Planning for
Installation
This course discusses considerations for the physical planning for
installation of eServer Models 520 and 570. It then provides the user with
links to obtaining the step-by-step installation procedures.
·
Resource Link Highlights
This course provides an overall look at the major Resource Link (RL) areas
and how to use them; Planning, Education, Library, Forums, Fixes, Problem
Solving, Services, Customer Initiated Upgrade, and Tools. It also provides
step-by-step procedures in using the Subscription function.
·
Performing Licensed Internal Code Maintenance
This course discusses about maintaining the software that enables
hardware such as the service processor on your eServer POWER5 system.
Access to these courses requires
an IBM Registration ID and Resource Link Access.
To obtain an IBM Registration ID
1. Go to http://www.ibm.com/servers/resourcelink
2. Select “Register” under New users
3. On the My IBM Registration, fill in an e-mail address for
IBM ID and password, and the Security question and answer and the Country of
residence and then click Continue and fill in the rest of the User information
and click Submit.
Resource Link Access for New Users
1. Go to http://www.ibm.com/servers/resourcelink
2. Select “Sign in” enter the IBM ID and password
you used to register above
3. Select
“Customer”
4. click “Submit”
Once submitted it will take an hour before the access takes effect
To view a course
1. Sign in to Resource Link
2. Select Education in the navigation bar on the left
3. From the Education page, select “eServer i5 and p5 courses”
4. Select “How to Use the eServer i5 and p5 Hardware Management Console”
5. Select “Performing Licensed Internal Code Maintenance”
6. Double-click the link to open the course.
Notes:
1.
The courses are browser based. For optimal
viewing, we recommend Microsoft Internet Explorer 6.0 or higher with your
display set at 1024 x 768. To set your display, go to My Computer -> Display -> Settings
2. Course pages can be book marked for easy retrieval.
3. Course simulations open in a separate window. Use the X in the upper right corner of the window to close the simulation.
4.
If there are QuickTime videos in the course, you
need to have the QuickTime viewer installed. A link to the free viewer is on
each Resource Link course page and on the related page within each course.
· Help Search is not supported. However,
Find is supported for Help.
· Printing directly on the HMC is not
supported.
· The numerical keypad on some keyboards
doesn't work. Use the normal numerical keys instead.
· When your power5 system is shipped to you it is in a
non-HMC managed mode by default. Once you attach and set up an HMC to manage
your power5 system, the default non-HMC managed mode is exited. The procedure
to return to the default non-HMC managed mode is documented on the InfoCenter
website under “Resetting the server to a non partitioned
configuration”. The following link will redirect you to the document.
http://publib.boulder.ibm.com/infocenter/eserver/v1r2s/en_US/info/iphbl/iphblresetserver.htm