IBM SDK for Node.js 18.104.22.168 for use by the Cordova tools
This is an update for IBM Rational Application Developer for WebSphere Software to address the OpenSSL vulnerability in the IBM SDK for Node.js used by the Cordova tools.
The How critical is this fix section provides information related to the impact of this release to allow you to assess how your environment may be affected.
The Prerequisites section provides important information to review prior to the installation of this release.
The Installation instructions section provides the installation instructions necessary to apply this release into your environment.
The Download package section provides the direct link to obtain the download package for installation in your environment.
One of the following IBM Rational Application Developer for WebSphere Software versions must be installed:
The update will need 30MB of free disk space to install the interim fix.
To download and extract the compressed installation files, an additional 200MB of disk space is required.
Important: By default, you do not need to download the compressed files that contain the update; the update is downloaded and installed by IBM Installation Manager directly from the IBM update repository.
Instructions to download and install the update from the compressed files
For IBM Rational Application Developer for WebSphere Software Version 9.1
For IBM Rational Application Developer for WebSphere Software Version 22.214.171.124
How critical is this fix?
The IBM SDK for Node.js used by the Cordova tools is affected by multiple OpenSSL vulnerabilities. This download provides an update for IBM Rational Application Developer for WebSphere Software to address the vulnerability outlined in the following security bulletin:Security Bulletin: Rational Application Developer is affected by the following OpenSSL vulnerabilities: CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, CVE-2014-3470
The fix upgrades IBM SDK for Node.js from 126.96.36.199 to 188.8.131.52.
For more information on the list of OpenSSL vulnerabilities in the IBM SDK for Node.js 184.108.40.206, review http://www.openssl.org/news/secadv_20140605.txt.
Click the link in the Download Options column:
|Download||RELEASE DATE||LANGUAGE||SIZE(Bytes)||Download Options
What is Fix Central(FC)?
|Update for 9.1||19 Jun 2014||English||1||FC|
|Update for 220.127.116.11||19 Jun 2014||English||1||FC|
IBM Rational Software Support Communities
Helpful Hints For Obtaining Technical Assistance:
Before you contact IBM Rational Software Support, gather the background information that you need to describe the problem. When you describe a problem to an IBM software support specialist, be as specific as possible and include all relevant background information so that the specialist can help you solve the problem efficiently. To save time, know the answers to these questions:
If you have helpful information to diagnose or identify the problem on your system, you can provide this data by following the instructions to exchange information with IBM Technical Support.
Problems (APARS) fixed
More support for:
Rational Application Developer for WebSphere Software
Software version: 9.1, 18.104.22.168
Operating system(s): Linux, OS X, Windows
Reference #: 4037783
Modified date: 2014-06-26