The IBM Endpoint Manager team is releasing 9.1 Patch 5 and 9.2 Patch 1 of the IBM Endpoint Manager platform. These new versions address security updates, including the POODLE vulnerability, and fixes from older versions of OpenSSL. The new patches use OpenSSL 1.0.1.j.
IBM recommends upgrading whenever possible to take advantage of optimizations and bug fixes. Because these vulnerabilities are not of a critical nature, the upgrade should not be done in haste, but as part of a planned upgrade process.
Upgrade fixlets are available starting from BES Support version 1199.
Here are some details of the patches:
9.1 Patch 5 (9.1.1229.0)
Changelist
- Fixes for POODLE, OpenSSL, and XSS security issues
- Fixes for general platform issues
Get more information by reading the full technical changelist or the detailed description of the security vulnerabilities.
Components Affected
All components (Server components, Console, Relays, Agents) are included in this update.
9.2 Patch 1 (9.2.1.48)
Changelist
- Fixes for POODLE, OpenSSL, and XSS security issues
- Fixes for general platform issues
- FillDB performance tuning though configuration settings
Get more information by reading the full technical changelist or the detailed description of the security vulnerabilities.
Components Affected
All components (Server components, Console, Relays, Agents) are included in this update.
This announcement was also made available via Endpoint Management blog via developerWorks.