Download
Abstract
This is an update for IBM Rational Application Developer for WebSphere Software to address the OpenSSL vulnerability in the IBM SDK for Node.js used by the Cordova tools.
Download Description
Sections | Description |
---|---|
The How critical is this fix section provides information related to the impact of this release to allow you to assess how your environment may be affected. |
|
The Prerequisites section provides important information to review prior to the installation of this release. |
|
The Installation instructions section provides the installation instructions necessary to apply this release into your environment. |
|
The Download package section provides the direct link to obtain the download package for installation in your environment. |
Prerequisites
One of the following IBM Rational Application Developer for WebSphere Software versions must be installed: |
The update will need 30MB of free disk space to install the interim fix. To download and extract the compressed installation files, an additional 200MB of disk space is required. |
Installation Instructions
Important: By default, you do not need to download the compressed files that contain the update; the update is downloaded and installed by IBM Installation Manager directly from the IBM update repository. Instructions to download and install the update from the compressed files
|
Download Package
For IBM Rational Application Developer for WebSphere Software Version 9.1
For IBM Rational Application Developer for WebSphere Software Version 9.1.0.1
|
How critical is this fix?
Impact | Description |
---|---|
Critical |
The IBM SDK for Node.js used by the Cordova tools is affected by multiple OpenSSL vulnerabilities. This download provides an update for IBM Rational Application Developer for WebSphere Software to address the vulnerability outlined in the following security bulletin: Security Bulletin: Rational Application Developer is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470The fix upgrades IBM SDK for Node.js from 1.1.0.2 to 1.1.0.4. For more information on the list of OpenSSL vulnerabilities in the IBM SDK for Node.js 1.1.0.2, review http://www.openssl.org/news/secadv_20140605.txt. |
Click the link in the Download Options column:
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
04 February 2020
UID
swg24037783