IBMB59C9278126C73C8ABFC0DE7D5944B8ABA7103F949E47908293598F0C618CA02Security Bulletin: Infosphere BigInsights is affected by multiple IBM DB2 advisories (CVE-2014-8910, CVE-2015-1883, CVE-2015-1922, CVE-2015-1935)
Problem
Need to understand whether DB2 advisory impacts BigInsights 4.1 installations
Diagnosing The Problem
Use db2level to identify the version in place
The following is what is included with BigInsights 4.1.0.1
DB21085I This instance or install (instance name, where applicable: “bigsql”)
uses “64” bits and DB2 code release “SQL10063” with level identifier “0704010E”.
Informational tokens are “DB2 v10.6.0.3”, “s150918”, “IP23850”, and Fix Pack “3”.
Product is installed at “/usr/ibmpacks/bigsql/4.1/db2”.
Resolving The Problem
The security vulnerability fixes described in the document are all fixed in the DB2 version delivered with BigInsights 4.1.0.1 and above
[{“Product”:{“code”:“SSCRJT”,“label”:“IBM Db2 Big SQL”},“Business Unit”:{“code”:“BU059”,“label”:“IBM Software w/o TPS”},“Component”:“–”,“Platform”:[{“code”:“PF016”,“label”:“Linux”}],“Version”:“4.1.0”,“Edition”:“”,“Line of Business”:{“code”:“LOB10”,“label”:“Data and AI”}}]
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm db2 big sql | eq | 4.1.0 |
Related
