News
Abstract
The IBM® Support Assistant Team Server 5.0.2.7 (Update) is now available for installation. This update contains fixes and notices to address security vulnerabilities
Content
Below is a list of highlights and installation directions for IBM Support Assistant Team Server 5.0.2.7 (Update). If you have questions or problems, please post them to the IBM Support Assistant forum.
| System Requirements |
With the introduction of 5.0.1.1 and above updates for IBM Support Assistant Team Server, you must be at a minimum of IBM Installation Manager 1.8 or higher in order to apply these updates to the IBM Support Assistant Team Server.
Back
| Update List |
IBM Support Assistant Team Server 5.0.2.7 provides updates and fixes multiple vulnerabilities
This release of ISA removes built-in support for the legacy Win32/i386 platform. To use ISA on Windows, you will need a 64-bit version of Windows,
whether installed via IBM Installation Manager or the all-in-one platform zips. If you currently have the Win32 version of ISA installed via Installation Manager, you will not be able to upgrade to this release. Instead, you will need a new install on 64-bit Windows. If you require ISA to run under a 32-bit JRE, you can use the ISA EAR & install it under WebSphere Application Server V8.5.0
(or higher) using a 32-bit Java 7 (or higher) JRE. Details on using the EAR deployment model can be found in the Installing section below.
There are vulnerabilities fixed in IBM® Runtime Environment Java™ Version 1.8.0 used by ISA 5.0.2.7. These issues were disclosed as part of
the IBM Java SDK updates in April 2018.
Vulnerability (CVE-2018-2790) An unspecified vulnerability in Oracle Java SE related to the Java SE, Java SE Embedded Security component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
ISA Team Server uses the IBM WebSphere Liberty Profile and ISA 5.0.2.7 is updated to WebSphere Liberty 18.0.0.2 for currency and to fix vulnerabilities.
Vulnerability (CVE-2017-1788) IBM WebSphere Application Server installations using Form Login could allow a remote attacker to conducts spoofing attacks.
Back
| Applying this update |
Updating IBM Support Assistant Team Server with Installation Manager:
*Important update: Please verify that you are using IBM Installation Manager 1.8 or higher before attempting to apply updates to IBM Support Assistant Team Server or its associated problem determination tools.
- Start IBM Installation Manager.
- Select Update from the IBM Installation Manager panel.
- Select the IBM Support Assistant package group, then click Next.
- Select the package and version you would like to update, then click Next.
- Read and accept the license terms then click Next.
- Confirm the problem determination tool or update you want to apply, then click Next.
- Review the update summary and click Update.
- After the update completes, click Finish and close IBM Installation Manager.
Note that only IBM Installation Manager installations of IBM Support Assistant Team Server will be able to apply fix packs and updates or install and update problem determination tools. For the stand-alone IBM Support Assistant Team Server repository and compressed all-in-one file installations, see the IBM Support Assistant Team Server page to download replacement file containing IBM Support Assistant Team Server 5.0.2.7 updates.
Back
Was this topic helpful?
Document Information
Modified date:
18 September 2018
UID
ibm10731081