I think that if there is a problem with a ptf then a holddata item be present. List some sort of error, like an abend or even just 'incorrect results in obscure cases'.
On Wed, Jan 18, 2023 at 2:11 PM Gibney, Dave <[email protected]> wrote: > > Is it possible for a PTF to have no hold except the SECINT? That is to ask, > is it likely that a PTF introducing a security issue could be applied because > there is no HOLD(ERROR) or even a HOLD(ACTION) which could inform that there > is a SECINT for the PFT? > > > -----Original Message----- > > From: IBM Mainframe Discussion List <[email protected]> On > > Behalf Of Kurt J. Quackenbush > > Sent: Wednesday, January 18, 2023 11:34 AM > > To: [email protected] > > Subject: Re: How to determine if Enhanced HOLDDATA received? > > > > [EXTERNAL EMAIL] > > > > HOLDDATA with CLASS(SECINT) is only available on the IBM Z Security Portal. > > > > Who can and cannot obtain access to the IBM Z Security Portal is > > documented in this FAQ: > > https://urldefense.com/v3/__https://ibm.biz/security-portal- > > faq__;!!JmPEgBY0HMszNaDT!udnBZoAidHBU- > > nmJaQ0x_rAqjr3sKY3itcxgjYC4xq2ba2WcWInaZ1FXSydmPoc_MhkB6e- > > IHCxU$ . > > > > In short, from the FAQ, "the Security Portal is for IBM clients that have a > > licensed IBM Z or LinuxONE mainframe. It is not intended for users of > > emulators, such as zPDT, zRD&T, etc. using the z/OS ADCD or z/VM ADCD." > > So, a vendor that also has a license can obtain access. No license? No > > access. > > And I am only a messenger on this topic. > > > > Kurt Quackenbush > > IBM | z/OS SMP/E and z/OSMF Software Management > > | [email protected] > > > > Chuck Norris never uses CHECK when he applies PTFs. > > > > >> Do you have access to security portal? the information I am looking > > >> for are only available there. I was told by IBM that as a vendor, I > > >> can't get access to it. See below for details about the cvss info: > > >> The HOLDDATA available from the IBM Z and LinuxONE Security Portal > > >> adds a new HOLD CLASS, SECINT, and the HOLD SYMPTOMS contains the > > CVSS > > >> Base and Temporal scores. > > > > > I am surprised to hear IBM would take a position like that. It seems > > > almost > > inconceivable that large vendors like BMC and Broadcom are locked out of > > the Secure Portal. > > > > > My experience has been that an individual working for an IBM Z customer, > > with a manager or CISO that will vouch for them, can get access. > > > > > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to [email protected] with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
