Application Update: IBM BigFix Compliance 1.7.55 now available!

Release Announcements Compliance (Release Announcements)
1

IBM BigFix is pleased to announce the release of IBM BigFix Compliance version 1.7.55 (Patch 1), formerly called IBM Endpoint Manager for Security and Compliance Analytics (SCA). This patch release covers an APAR fix and addresses security vulnerability to CVE-2015-2017.

Highlights:

  • Fixed APAR IV75080 - Application files are viewable in the browser via “WEB-INF./”
  • Addressed susceptibility to the following security vulnerability: CVE-2015-2017 - HTTP response splitting attack in WebSphere Application Server

Published site version:
SCM Reporting site, version 97.

Actions to take:
If you are using IBM BigFix Compliance 1.7.38 or earlier:

  1. Gather the SCM Reporting site, version 97.
  2. In the Security Configuration domain in the console, open the Configuration Management navigation tree.
  3. Under the IBM BigFix Compliance Install/Upgrade menu tree item, select the IBM BigFix Compliance 1.7 Upgrade Fixlet, which automatically installs and upgrades to the new patch. Follow the Fixlet instructions and take the associated action to upgrade your IBM BigFix Compliance deployment.
  4. Update the data schema. To do this, log in to the IBM BigFix Compliance web interface from the host server and proceed with configuration. Upgrading the data schema is expected and it will take sometime to complete.
    Note: BigFix Compliance version 1.5.78 is the minimum version required to upgrade to BigFix Compliance 1.7.

If you have not yet installed IBM BigFix Compliance or SCA, refer to these steps for first time installations.

  1. In the License Dashboard in the IBM BigFix console, enable the SCM Reporting site.
  2. In the Security Configuration domain in the console, open the Configuration Management navigation tree.
  3. Select the Fixlet named IBM BigFix Compliance 1.7 First-time Install Fixlet under the IBM BigFix Compliance Install/Upgrade menu tree node.
  4. Follow the Fixlet instructions and take the associated action to install your BigFix Compliance deployment.

Other links:
To view the the Release Notes, see https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/SCA%20Release%20Notes.

BigFix Compliance Team
IBM BigFix

1 Like