On 8/1, IBM announced a couple of security vulnerabilities found in BFI that are corrected in version 9.2.16, and the IBM Knowledge Center has release notes for version 9.2.16 in it. No mention yet in the Wiki, however.
8/6 Update: the links in the email notifications from 8/1 to the Security Bulletin details on are now broken.
Hi,
Hi assume you are referencing to IBM notifications as related to IBM License Metric Tool that just delivered the IBM License Metric Tool 9.2.16 with the related updates to the following security vulnerabilities:
Rails is upgraded to version 5.1.7 to maintain security.
WebSphere Liberty Profile is upgraded to version 19.00.4 to maintain security
Update of the Xerces library to version 3.2.1 on AIX to keep the scanner secure and reliable
The IBM License Metric Tool wiki pages have been updated too, here after the related link as reported in the IBM Support Notification e-mail https://ibm.biz/lmt_update_9216
You can e-mail me (antonio_gallotti@it.ibm.com) the IBM Notification with broken security links as you refers so that I can further check.
HCL team will be responsible for commenting on BigFix Inventory equivalent deliverable that will incorporate above security updates.
Antonio Gallotti (IBM)
Senior Offering Manager IBM License Metric Tool
HCL does not yet announced date for 9.2.16 release of the BigFix Inventory.
HCL Team is working towards providing Software Catalog update in first place and then complete product release.
Indeed IBM by mistake has published information about BigFix Inventory 9.2.16 via Security Bulletin as well as IBM Knowledge Center.
Please discard any information from IBM about versions of BigFix Inventory newer than 9.2.15.2. It was the last release provided by IBM. All further BigFix Inventory releases will be announced by HCL via HCL channels.
IBM published updated security bulletins with information that specific security vulnerabilities are addressed in BFI version 9.2.15.2 that is currently available (version 9.2.16 was listed there by mistake).