For those who are unaware this morning IBM released a bunch of fix pack / interim fixes for the three main current versions, 9.5.2, 10.1 and 10.2. For the most part they relate to security. I'll put a separate post for each version to allow any discussions to be held under the relevant version post.
For 9.5.2 the release is Cognos TM1 9.5.2 Fix Pack 3 Interim Fix 5. (I'm assuming that everyone who is on 9.5.2 already has FP3; if you don't, you should since it cuts down (but doesn't entirely remove) the accursed "clipboard is in use" errors in active forms as well as addressing a whole bunch of PMRs, way too many to list in this post.)
IF 5 (the main page for which will be found here), is a server only release which addresses three security vulnerabilities:
CVE-2014-0224, which is described as "OpenSSL is vulnerable to a man-in-the-middle attack, caused by the use of weak keying material in SSL/TLS clients and servers. A remote attacker could exploit this vulnerability using a specially-crafted handshake to conduct man-in-the-middle attacks to decrypt and modify traffic";
CVE-2014-0411, which is described as "Timing differences based on validity of TLS messages can be exploited to decrypt the entire session. The exploit is not trivial, requiring a man-in-the-middle position and a long time to complete"; and
CVE-2014-0863, described as "A security vulnerability has been discovered in IBM Cognos TM1 resulting in unencrypted passwords found in memory on client". (How a "server only" fix rectifies that isn't clear.)
Fix Pack Releases: 9.5.2
-
Alan Kirk
- Site Admin
- Posts: 6606
- Joined: Sun May 11, 2008 2:30 am
- OLAP Product: TM1
- Version: PA2.0.9.18 Classic NO PAW!
- Excel Version: 2013 and Office 365
- Location: Sydney, Australia
- Contact:
Fix Pack Releases: 9.5.2
"To them, equipment failure is terrifying. To me, it’s 'Tuesday.' "
-----------
Before posting, please check the documentation, the FAQ, the Search function and FOR THE LOVE OF GLUB the Request Guidelines.
-----------
Before posting, please check the documentation, the FAQ, the Search function and FOR THE LOVE OF GLUB the Request Guidelines.
-
Alan Kirk
- Site Admin
- Posts: 6606
- Joined: Sun May 11, 2008 2:30 am
- OLAP Product: TM1
- Version: PA2.0.9.18 Classic NO PAW!
- Excel Version: 2013 and Office 365
- Location: Sydney, Australia
- Contact:
Re: Fix Pack Releases: 9.5.2
For those who are unaware IBM will be calling "time" on support for the 9.5 series at the end of September 2015. The announcement can be found here.
"To them, equipment failure is terrifying. To me, it’s 'Tuesday.' "
-----------
Before posting, please check the documentation, the FAQ, the Search function and FOR THE LOVE OF GLUB the Request Guidelines.
-----------
Before posting, please check the documentation, the FAQ, the Search function and FOR THE LOVE OF GLUB the Request Guidelines.
-
Alan Kirk
- Site Admin
- Posts: 6606
- Joined: Sun May 11, 2008 2:30 am
- OLAP Product: TM1
- Version: PA2.0.9.18 Classic NO PAW!
- Excel Version: 2013 and Office 365
- Location: Sydney, Australia
- Contact:
Re: Fix Pack Releases: 9.5.2
For anyone who missed it there was a Flash alert about security vulnerabilities yesterday.
For 9.5 the recommendation is to update to Cognos TM1 9.5.2 Fix Pack 3 Interim Fix 8.
Short of anything catastrophic happening between now and the end of September when it goes off support, that will probably be the last of the 9.5 releases.
For 9.5 the recommendation is to update to Cognos TM1 9.5.2 Fix Pack 3 Interim Fix 8.
Short of anything catastrophic happening between now and the end of September when it goes off support, that will probably be the last of the 9.5 releases.
"To them, equipment failure is terrifying. To me, it’s 'Tuesday.' "
-----------
Before posting, please check the documentation, the FAQ, the Search function and FOR THE LOVE OF GLUB the Request Guidelines.
-----------
Before posting, please check the documentation, the FAQ, the Search function and FOR THE LOVE OF GLUB the Request Guidelines.