Hi, Sorry, please ignore my earlier comment. Just realising that PTFs for those components also will be covered under the SECINT portal's publications.
– Vignesh Mainframe Infrastructure -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Sankaranarayanan, Vignesh Sent: 03 January 2018 19:12 To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: Security PTFS You can also consider 'open' components such as Java, IBM HTTP Server for Apache, and OpenSSL etc. (part of Ported Tools). – Vignesh Mainframe Infrastructure -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Jousma, David Sent: 03 January 2018 18:22 To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: Security PTFS Yes, and works relatively well. The problem is our audit/risk people here want to try to tie commonly known vulnerabilities in the wild identified on windows/unix platforms to specific actions/fixes in the mainframe space. I have not figured out a way to do that. So, while we are in a maintenance cycle, I regularly download/receive the z/OS Security/Integrity ASSIGNS, and then apply those PTF's flagged with SOURCEID SECINT. I show them proof that we've done this, and so far they have been good with that. _________________________________________________________________ Dave Jousma Manager Mainframe Engineering, Assistant Vice President david.jou...@53.com 1830 East Paris, Grand Rapids, MI 49546 MD RSCB2H p 616.653.8429 f 616.653.2717 -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Mark Jacobs - Listserv Sent: Wednesday, January 03, 2018 7:29 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: Security PTFS **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** The Security and Integrity Portal on ResourceLink should have what you're looking for. > גדי בן אבי <mailto:gad...@malam.com> > January 3, 2018 at 7:18 AM > Hi, > > Does IBM publish a list of PTF’s that are related to security, > especially preventing unauthorized access from outside the mainframe. > > Gadi > לתשומת ליבך, בהתאם לנהלי חברת מלם מערכות בע"מ ו/או כל חברת בת ו/או > חברה קשורה שלה (להלן : "החברה") וזכויות החתימה בהן, כל הצעה, התחייבות > או מצג מטעם החברה, מחייבים מסמך נפרד וחתום על ידי מורשי החתימה של > החברה, הנושא את לוגו החברה או שמה המודפס ובצירוף חותמת החברה. בהעדר > מסמך כאמור (לרבות מסמך סרוק) המצורף להודעת דואר אלקטרוני זאת, אין > לראות באמור בהודעה אלא משום טיוטה לדיון, ואין להסתמך עליה לביצוע פעולה > עסקית או משפטית כלשהי. Please note that in accordance with Malam > and/or its subsidiaries (hereinafter : "Malam") regulations and > signatory rights, no offer, agreement, concession or representation is > binding on the Malam, unless accompanied by a duly signed separate > document (or a scanned version thereof), affixed with the Malam seal. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > Please be alert for any emails that may ask you for login information > or directs you to login via a link. If you believe this message is a > phish or aren't sure whether this message is trustworthy, please send > the original message as an attachment to 'phish...@timeinc.com'. > -- Mark Jacobs Time Customer Service Global Technology Services The standard you walk past is the standard you accept. Lt. Gen. David Morrison ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN **CAUTION EXTERNAL EMAIL** **DO NOT open attachments or click on links from unknown senders or unexpected emails** This e-mail transmission contains information that is confidential and may be privileged. It is intended only for the addressee(s) named above. If you receive this e-mail in error, please do not read, copy or disseminate it in any manner. If you are not the intended recipient, any disclosure, copying, distribution or use of the contents of this information is prohibited. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please erase it from your computer system. Your assistance in correcting this error is appreciated. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN MARKSANDSPENCER.COM ________________________________ Unless otherwise stated above: Marks and Spencer plc Registered Office: Waterside House 35 North Wharf Road London W2 1NW Registered No. 214436 in England and Wales. Telephone (020) 7935 4422 Facsimile (020) 7487 2670 www.marksandspencer.com Please note that electronic mail may be monitored. This e-mail is confidential. If you received it by mistake, please let us know and then delete it from your system; you should not copy, disclose, or distribute its contents to anyone nor act in reliance on this e-mail, as this is prohibited and may be unlawful. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
