The RDi change log does not list a version update for iACS in RDi 9.6.0.11: https://www.ibm.com/support/pages/node/603339
But the security bulliten does not mention the impact from having it bundled with RDi, or a need for a future RDi patch to fix the bundled RDi: https://www.ibm.com/support/pages/no...ers-_-NULL-_-E
Or the need to install PTFs to update the iACS version bundled on the IBMi on the IFS (Unless the PTFs to fix the vulnerability in Integrated Web Services Server (IWS) V2.6 include a bundled iACS update)
Announcement
Collapse
No announcement yet.
iACS Log4J vulnerability - RDi version?
Collapse
X
-
iACS Log4J vulnerability - RDi version?
So I just noticed that iACS versions up to v1.1.8.6 are (technically) vulnerable to Log4J, 1.1.8.8 is the latest
And I know that iACS is included in RDi. We just updated RDi to 9.6.0.10 (just before 9.6.0.11 landed), and I checked and it incuides iACS 1.1.8.3.
Soes anyone who has the latest version of RDi know what version of iACS it includes?Tags: None
Leave a comment: