VULHUB ™

IBM has announced the release of PQ86671 and PQ85834 cumulative fixes to address various issues in IBM HTTP Server. PQ86671 has been released to address an unspecified denial-of-service issue in SSL. Reportedly, this issue concerns certain malformed SSL records that may lead to a denial of service. Although unconfirmed, this fix may address the issue described in BID 8746 (OpenSSL SSLv2 Client_Master_Key Remote Denial Of Service Vulnerability) or BID 8732 (OpenSSL ASN.1 Parsing Vulnerabilities). PQ86671 has been released for these IBM HTTP Server versions: 1.3.12 1.3.12.1 1.3.12.2 1.3.12.3 1.3.12.4 1.3.12.5 1.3.12.6 1.3.12.7 1.3.19 1.3.19.1 1.3.19.2 1.3.19.3 1.3.19.4 1.3.19.5 1.3.26 1.3.26.1 1.3.26.2 1.3.28. PQ85834 has been released to address multiple issues affecting IBM HTTP Server as well. Although the issues addressed by this fix may be new, older issues have been fixed as well. PQ85834 has been released for IBM HTTP Server 2.0.42.2 and 2.0.47.

IBM has announced the release of PQ86671 and PQ85834 cumulative fixes to address various issues in IBM HTTP Server. PQ86671 has been released to address an unspecified denial-of-service issue in SSL. Reportedly, this issue concerns certain malformed SSL records that may lead to a denial of service. Although unconfirmed, this fix may address the issue described in BID 8746 (OpenSSL SSLv2 Client_Master_Key Remote Denial Of Service Vulnerability) or BID 8732 (OpenSSL ASN.1 Parsing Vulnerabilities). PQ86671 has been released for these IBM HTTP Server versions: 1.3.12 1.3.12.1 1.3.12.2 1.3.12.3 1.3.12.4 1.3.12.5 1.3.12.6 1.3.12.7 1.3.19 1.3.19.1 1.3.19.2 1.3.19.3 1.3.19.4 1.3.19.5 1.3.26 1.3.26.1 1.3.26.2 1.3.28. PQ85834 has been released to address multiple issues affecting IBM HTTP Server as well. Although the issues addressed by this fix may be new, older issues have been fixed as well. PQ85834 has been released for IBM HTTP Server 2.0.42.2 and 2.0.47.