In IBM's defense they have started to open up on security patches. Used
to be they simply said "Integrity problem" or some such thing. Now they
will often mention the exact CVE(s) that the fix is intended to repair.
Used to be security by obscurity. Now if you're in the "If it ain't broke
don't fix it" camp they just publish it out to the world "IBM i at such
and such a level without fix such and such is prone to CVE such and such".
Search for CVE-2014-3566 at
This is a big change.
Then again, back in the day the paranoid could search all PTF cover
letters for "integrity problem". And some on this list who will deny
until their last breath that IBM i has any security breaches would sputter
that an integrity problem could be something like no CRC on writing data
or some such thing. Although, in one person's defense, they did start to
admit that there may be such fixes, but it's not nearly as bad as