BigFix Server on Linux (v9.5.14+ and v10.0.0+) supports IBM DB2 up to 11.5 GA version. It has not yet been certified on IBM DB2 11.5.4 (DB2 Version 11.5 Mod 4 Fix Pack 0) version.
A problem has been reported that prevents BigFix from functioning when running on IBM DB2 11.5.4 version.
While BigFix team works to guarantee compatibility with the newest IBM DB2 version, all BigFix users are strongly advised not to upgrade their IBM DB2 to version 11.5.4, for the time being.
Additional information on this matter will be communicated as soon as it is available.
3 Likes
We have been informed that 11.5 Mod 5 has been released. What is your recommendation, can we upgrade to newest release or should we go with the GA version.
Thanks in advance.
1 Like
Opened a case on this and recommendation is still 11.5 GA.
1 Like
I would like to add that our InfoSec team is still dinging us for this near 6mo old vulnerability Plugin
BigFix Server on Linux now supports IBM DB2 11.5.4, starting from versions 9.5.17 and 10.0.2.
DB2 11.5.5 certification will happen at a later stage.
Thanks
1 Like
Any ETA on DB2 11.5.5 certification?
Tenable product continues to flag BigFix Server on Linux as being vulnerable (seems like a continuous lag with BigFix and DB2, tbh…)
https://nvd.nist.gov/vuln/detail/CVE-2020-4701
https://www.ibm.com/support/pages/node/6370025
Thanks.
Thanks for the quick update…
From the referenced KB article:
“For BigFix server running on Linux, DB2 Standard Edition 11.5.4 and DB2 Standard Edition 11.5.5 are supported starting from Red Hat Enterprise Linux (RHEL) 8.1.”
Since we are RHEL 7.9, in order to get to the patched level of DB2, DB2 11.5.5, we’d need to migrate the OS from RHEL 7.9 to RHEL 8.1 or greater, correct?
Thanks.
In order to be compliant for support purposes, that is correct.
Thanks for the update and confirmation.
The support has been extended to Red Hat Enterprise Linux 7 starting from RHEL 7.6, so you do not need to migrate your RHEL 7.9.
2 Likes