×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
<The issue can be fixed by obtaining and applying the Service Pack SI57907>
SI57907 was out almost a year ago, 11/12/15.
Latest SP is SI60523 - 06/20/16
I'm wondering if they actually meant SI60523.
Paul
-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Nathan Andelin
Sent: Wednesday, October 26, 2016 12:32 PM
To: Midrange Systems Technical Discussion
Subject: Re: Fw: Security Bulletin: IBM i Access for Windows affected by vulnerabilities CVE-2015-2023 and CVE-2015-7422. (2016.10.26)
I don't suppose there's some easy way to tell if someone is connecting
to your IBM i by one client or the other? And, if so, the patch level
of the client?
I've never read anything indicating that possibility with 5250 interfaces.
Browsers on the other hand forward that kind of information to the HTTP server in each request.
It doesn't appear to matter in this case. The problem text suggested that the vulnerability pertained to the Windows client, which also suggests that the new ACS client (JVM based) would not be affected. Think of a JVM being a platform of its own - separate from the OS which hosts it.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit:
http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at
http://archive.midrange.com/midrange-l.
Please contact support@xxxxxxxxxxxx for any subscription related questions.
As an Amazon Associate we earn from qualifying purchases.