A security bulletin indicates that you need to install an interim fix to patch the T6 JRE (Java Runtime Environment). How do you download this interim fix?
IBM Security Bulletins list Common Vulnerabilities and Exposures (CVE) that need to be fixed in the JRE used by the T6 agent to run scripts.
These bulletins refer to a specific interim fix that you need to install, such as 7.4.0.0-TIV-CAMRT-IF0016.
You download these interim fixes from IBM Fix Central:
<http://www.ibm.com/support/fixcentral/>
When you try to identify the interim fixes for a particular version, such as V7.4, Fix Central is not able to find the fixes.
Use the following procedure to search for these interim fixes:
2) Select Browse for fixes.
3) Wait for Fix Central to prepare a list.
Searching for Security Bulletins
You should be receiving security bulletins if you have registered for notifications on the IBM Support Portal. Security bulletins have titles like the following:
Security Bulletin: IBM Tivoli Composite Application Manager for Transactions affected by multiple vulnerabilities in IBM JRE (Multiple CVEs)
To search for RRT security updates, google a search topic like:
IBM RRT security updates for JRE(S)
You can also browse the IBM Support Portal (https://www.ibm.com/support/entry/portal). Here, you can search for updates and products, review your support programs, and submit service requests.
If you have not already registered for notifications, click the Support notifications link and follow the instructions.
National Vulnerability Database (NVD)
Which CVEs are included in a JRE version
[{“Product”:{“code”:“SS5MD2”,“label”:“Tivoli Composite Application Manager for Transactions”},“Business Unit”:{“code”:“BU053”,“label”:“Cloud & Data Platform”},“Component”:“ITCAM TRANSACT RRT 5724S79RR v710”,“Platform”:[{“code”:“PF002”,“label”:“AIX”},{“code”:“PF016”,“label”:“Linux”},{“code”:“PF033”,“label”:“Windows”}],“Version”:“7.4”,“Edition”:“”,“Line of Business”:{“code”:“LOB45”,“label”:“Automation”}}]
28256.442.000
ITCAMfT