An update on IBM Connections and the POODLE vulnerability

*** UPDATE: 10:53GMT, 3 November 2014 *** As reader Oliver Regelmann has commented below, these fixes are sadly not for the POODLE issue at all, but to fix an altogether different vulnerability in Connections, caused by a issue in Apache Commons FileUpload. My fellow contributor, Sjaak Ursinus, created a detailed post a couple of weeks back detailing […]

Apache Struts security issues ‐ time to patch your IBM Connections install

I’ve just come across an IBM technote from May 2014 that has been updated over the last few days, listing details of a number of vulnerabilities in Apache Struts: [titled_box title=”Vulnerability Details”]Several security vulnerabilities have been reported against Apache Struts through April 2014. IBM Connections uses Struts. A version of the package that is vulnerable to […]

Watch out for quotes!

Just a reminder to be watchful of non-standard characters in IBM Connections user names, and also to thoroughly review your IBM Connections TDI logs on a regular basis.  This is a current APAR (IBM ID required): [titled_box title = “IBM APAR LO81076”]LO81076: USERS WHO ARE REGISTED WITH QUOTATION MARKS IN THEIR NAMES CANNOT USE CONNECTIONS PROPERLY […]

Installing IBM Connections 4.5 or CCM? You need these fixes

Important details for fixes for the newly released IBM Connections 4.5: iFix LO74499 is required for all IBM Connections 4.5 environments. Please download the iFix from Fix Central, then apply to the IBM Connections 4.5 server using the update installer. Use this link to download iFix LO74499 from Fix Central For details on how to […]

Update strategy for IBM Connections 3.0.1.1

This document describes the recommended strategy and steps for applying maintenance updates to IBM Connections 3.0.1.1. More > Says it all.  If you manage an IBM Connections environment, make sure you understand the new regime for fixes and updates… [And by the way, this is such an improvement on how it worked in the 2.5 and […]