SUSE-SU-2025:01615-1 Security update for grub2

This update for grub2 rebuilds the existing package with the new 4k RSA secure boot key for IBM Power and Z. Note: the signing key of x86 / x8664 and aarch64 architectures are unchanged. Also the following issue were fixed: - CVE-2025-4382: TPM auto-decryption data exposure bsc1242971 - Fix...

Security Bulletin: IBM Sterling Control Center is vulnerable to IBM Java Buffer overflow in GC

Summary IBM Java: Buffer overflow in GC when using the -Xgc:concurrentScavenge option on IBM Z is affecting Sterling Control Center v6.2.1 and v6.3.1. Vulnerability Details CVEID:CVE-2024-3933 DESCRIPTION: Eclipse Openj9 could allow a local authenticated attacker to bypass security restrictions,...

CVE-2024-3933 Eclipse Open J9 With -Xgc:concurrentScavenge on IBM Z, could write/read outside of a buffer

In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage 1, could allow access to a buffer with an incorrect...

CVE-2024-3933 Eclipse Open J9 With -Xgc:concurrentScavenge on IBM Z, could write/read outside of a buffer

In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage 1, could allow access to a buffer with an incorrect...

Security Bulletin: There is a vulnerability in IBM Semeru Runtime that is shipped with CICS Transaction Gateway for Multiplatforms (CVE-2023-21968).

Summary There is a vulnerability in IBM Semeru Runtime that is shipped with CICS Transaction Gateway for Multiplatforms CVE-2023-21968. An update to CICS Transaction Gateway for Multiplatforms has been released to address this vulnerability. Vulnerability Details CVEID:CVE-2023-21968 DESCRIPTION:...

Security Bulletin: Application error in IBM Security Guardium Key Lifecycle Manager on containerized platform(CVE-2021-38980)

Summary Application error in IBM Security Guardium Key Lifecycle Manager on containerized platformCVE-2021-38980 Vulnerability Details CVEID: CVE-2021-38980 DESCRIPTION: IBM Tivoli Key Lifecycle Manager could allow a remote attacker to obtain sensitive information when a detailed technical error...

Security Bulletin: Vulnerability in IBM Java SDK affects IBM Z Development and Test Environment - Jan 2021

Summary There is a vulnerability in IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM Z Development and Test Environment. The issue was disclosed as part of the IBM Java SDK updates in October 2020 CVE-2020-14577 Vulnerability Details CVEID: CVE-2020-14577 DESCRIPTION: An unspecifi...

zlib bug fix and enhancement update

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fixes and Enhancements: AlmaLinux8.2 - zlib on s390x may produce incomplete raw but not gzip/zlib streams BZ1860952 AlmaLinux8.2 - raw zlib test failed with DFLTCCLEVELMASK s...

ALBA-2020:3657 zlib bug fix and enhancement update

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Bug Fixes and Enhancements: AlmaLinux8.2 - zlib on s390x may produce incomplete raw but not gzip/zlib streams BZ1860952 AlmaLinux8.2 - raw zlib test failed with DFLTCCLEVELMASK s...

Security Bulletin: Vulnerabilities in IBM Java SDK (January 2019) affecting IBM Application Delivery Intelligence for IBM Z V5.1.0, V5.0.5 and V5.0.4

Summary Multiple vulnerabilities are identified in IBM® SDK Java™ Technology Edition Version 1.7 and Version 1.8 that are used by IBM Application Delivery Intelligence for IBM Z V5.1.0, V5.0.5, and V5.0.4 respectively. These issues were disclosed as part of the IBM Java SDK updates in January 201...

SUSE SLES11 Security Update : kernel (SUSE-SU-2018:0131-1) (Meltdown) (Spectre)

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. -...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0114-1) (Meltdown) (Spectre)

The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes...

SUSE-SU-2018:0114-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0069-1) (Meltdown) (Spectre)

The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. This update is only provided as a fix update for IBM Z platform. - CVE-2017-5753 / 'Spectre Attack': IBM Z fixes were included but not enabled in the previous update. This update enables those fixes. -...