The IBM SECINT portal is what I searched.
Sent with Proton Mail secure email. On Friday, January 5th, 2024 at 10:47 AM, Allan Staller <00000387911dea17-dmarc-requ...@listserv.ua.edu> wrote: > Classification: Confidential > > IBM has a subscription only list for SECINT PTFs. This information is not > openly published. > > -----Original Message----- > From: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU On Behalf Of > rpinion865 > > Sent: Friday, January 5, 2024 9:39 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: OpenSSH CVE-2023-48795 vulnerability > > [CAUTION: This Email is from outside the Organization. Unless you trust the > sender, Don't click links or open attachments as it may be a Phishing email, > which can steal your Information and compromise your Computer.] > > I have already searched there and did not find anything related to this > particular vulnerability. I did find one PTF from 2023 which is for ssh. That > PTF is applied on our sandbox LPAR, scheduled to be rolled out into > production shortly. Also, the IBM documentation for z/OS 2.4 SSH states that > it is based on Open SSH 6.4p1. Which I think is quite old. > > > > > Sent with Proton Mail secure email. > > > On Friday, January 5th, 2024 at 10:33 AM, Kirk Wolf k...@coztoolkit.com wrote: > > > > > This would be found in the IBM Security Portal. > > Here is information on registering to obtain access: > > https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww. > > ibm.com%2Fcommunity%2Fz%2Fwp-content%2Fuploads%2Fsites%2F14%2F2022%2F0 > > 6%2FzSystem-Integrity.pdf&data=05%7C02%7Callan.staller%40HCL.COM%7Cf73 > > 64caa6e214dbc63fb08dc0e04899c%7C189de737c93a4f5a8b686f4ca9941912%7C0%7 > > C0%7C638400660032783209%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLC > > JQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=CfT > > tRH5qZibRTMsmRhCA%2FY5FttlA7FUiOgt8Ksa87qo%3D&reserved=0 > > > > Kirk Wolf > > Dovetailed Technologies > > http:// > > https://apc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fdovet > > ail.comcoztoolkit.com%2F&data=05%7C02%7Callan.staller%40HCL.COM%7Cf736 > > 4caa6e214dbc63fb08dc0e04899c%7C189de737c93a4f5a8b686f4ca9941912%7C0%7C > > 0%7C638400660032939455%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJ > > QIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=mxy1 > > qvKZXQ9DnC0QnfWuQ6CVgRv8slRgsMZM2dEFjIY%3D&reserved=0 > > > > On Fri, Jan 5, 2024, at 6:50 AM, rpinion865 wrote: > > > > > Does anyone know if the z/OS implementation of ssh is vulnerable to > > > CVE-2023048795? I tried searching for z/OS and OpenSSH (CVE-2023-48795). > > > But, I did not get any hits specific to z/OS. Thanks in advance. > > > > > > Cross posting to IBMTCP-L and IBM Main > > > > > > Sent with Proton Mail secure email. > > > > > > -------------------------------------------------------------------- > > > -- For IBM-MAIN subscribe / signoff / archive access instructions, > > > send email to lists...@listserv.ua.edu with the message: INFO > > > IBM-MAIN > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, send > > email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > lists...@listserv.ua.edu with the message: INFO IBM-MAIN > ::DISCLAIMER:: > ________________________________ > The contents of this e-mail and any attachment(s) are confidential and > intended for the named recipient(s) only. E-mail transmission is not > guaranteed to be secure or error-free as information could be intercepted, > corrupted, lost, destroyed, arrive late or incomplete, or may contain viruses > in transmission. The e mail and its contents (with or without referred > errors) shall therefore not attach any liability on the originator or HCL or > its affiliates. Views or opinions, if any, presented in this email are solely > those of the author and may not necessarily reflect the views or opinions of > HCL or its affiliates. Any form of reproduction, dissemination, copying, > disclosure, modification, distribution and / or publication of this message > without the prior written consent of authorized representative of HCL is > strictly prohibited. If you have received this email in error please delete > it and notify the sender immediately. Before opening any email and/or > attachments, please check them for viruses and other defects. > ________________________________ > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
