XLinkedIn
1 973-826-7406|info@AvadaSoftware.com

IBM App Connect Enterprise Certified Container Updates: Fixes and Security Enhancements

By |Published On: October 8th, 2024|2 min read|
ACE Certified Containers
Table of Contents

IBM App Connect Enterprise Certified Container Updates: Fixes and Security Enhancements

IBM has released several key updates for App Connect Enterprise (ACE) Certified Containers, targeting vulnerabilities and improving security. These updates are crucial for businesses using ACE containers in mission-critical environments. Below, we summarize the major updates, their implications, and how to apply them.

1. Certified Container Version Updates: Continuous Delivery and Long-Term Support

IBM has outlined the latest certified container versions for ACE, including both Continuous Delivery (CD) and Long-Term Support (LTS) models. These updates ensure businesses stay current with new features, functionalities, and critical fixes. Notably, starting in June 2024, the CD version begins at 12.1.0, while the LTS versions are updated through 5.0.0 and 12.0.0.

To maintain these fixes across all models, users must upgrade to the latest “operand” versions. All ACE containers should be deployed on supported Red Hat OpenShift Container Platform or Kubernetes versions.

For detailed versioning information, refer to IBM’s official container release page.

2. Security Bulletin: Universal Base Image (UBI) Vulnerabilities Fixed

IBM has addressed several critical security vulnerabilities within ACE Certified Container, which stemmed from issues in the Red Hat Universal Base Image (UBI). These vulnerabilities, ranging from stack-based buffer overflows to denial of service attacks, have been patched in versions 5.0.21 (LTS), 12.0.4 (LTS), and 12.4.0. Some of the key vulnerabilities include:

  • CVE-2024-40897: Stack-based buffer overflow in GStreamer ORC.
  • CVE-2024-37371: Denial of service in MIT Kerberos 5.
  • CVE-2024-38428: Security bypass in GNU Wget.

To mitigate these issues, IBM strongly recommends upgrading ACE Certified Containers to the following versions:

  • 5.0 LTS: Upgrade to version 5.0.21 or higher.
  • 12.0 LTS: Upgrade to version 12.0.4 or higher.
  • CD stream: Upgrade to version 12.4.0 or higher.

For detailed remediation steps and documentation, visit the official Security Bulletin page.

3. Vulnerability in Apache Commons IO for IntegrationServer and IntegrationRuntime

A vulnerability (CVE-2024-47554) in the Apache Commons IO library, used by ACE’s IntegrationServer and IntegrationRuntime, could lead to a denial-of-service attack. The flaw allows attackers to send specially crafted input that exhausts system resources, potentially crashing services.

IBM recommends upgrading to the following versions to address this vulnerability:

  • 5.0 LTS: Upgrade to version 5.0.20 or higher.
  • 12.0 LTS: Upgrade to version 12.0.1 or higher.
  • CD stream: Upgrade to version 12.2.0 or higher.

More information can be found in IBM’s Security Bulletin for Apache Commons IO.

Conclusion

These updates are critical for maintaining the security and performance of IBM App Connect Enterprise in containerized environments. Make sure to review the documentation, upgrade your systems, and stay informed on future patches. For ongoing notifications about security bulletins, subscribe to IBM’s My Notifications service.

Infrared360

To further optimize the security and performance of your IBM App Connect Enterprise (ACE) environment, consider integrating Infrared360 from Avada Software. This robust tool provides advanced management and monitoring capabilities for your ACE infrastructure to ensure secure and optimized operations whether in a traditional deployment or deployed in containers. Learn more about how Infrared360 can enhance your App Connect Enterprise environment here.

Related Posts

IBM App Connect Enterprise Vulnerability Fix Available for Download
IBM App Connect Enterprise Vulnerability Fix Available for Download
Gallery

IBM App Connect Enterprise Vulnerability Fix Available for Download

October 3rd, 2024
Greg Hanson to present at TechXchange Las Vegas
Greg Hanson to present at TechXchange Las Vegas
Gallery

Greg Hanson to present at TechXchange Las Vegas

September 20th, 2024
Discover What’s New in IBM DataPower 10.6.0.0
Discover What’s New in IBM DataPower 10.6.0.0
Gallery

Discover What’s New in IBM DataPower 10.6.0.0

June 18th, 2024
Take the IBM DevOps Software Delivery Survey 2022
Take the IBM DevOps Software Delivery Survey 2022
Gallery

Take the IBM DevOps Software Delivery Survey 2022

November 23rd, 2022|0 Comments
IBM Support Moves Online Forums to IBM Community
IBM Support Moves Online Forums to IBM Community
Gallery

IBM Support Moves Online Forums to IBM Community

October 9th, 2022|0 Comments
IBM WebSphere Application Server Vulnerability Addressed
IBM WebSphere Application Server Vulnerability Addressed
Gallery

IBM WebSphere Application Server Vulnerability Addressed

July 27th, 2022|0 Comments
IBM CEO Arvind Krishna Touches on How IBM MQ Contributes to the Overall Earnings Plans for IBM
IBM CEO Arvind Krishna Touches on How IBM MQ Contributes to the Overall Earnings Plans for IBM
Gallery

IBM CEO Arvind Krishna Touches on How IBM MQ Contributes to the Overall Earnings Plans for IBM

June 8th, 2022|0 Comments
Viewing, Supporting, and Securing an IBM MQ Environment On Z/OS
Viewing, Supporting, and Securing an IBM MQ Environment On Z/OS
Gallery

Viewing, Supporting, and Securing an IBM MQ Environment On Z/OS

May 26th, 2022|0 Comments
Important News for IBM License Metric Tool and Big Fix
Important News for IBM License Metric Tool and Big Fix
Gallery

Important News for IBM License Metric Tool and Big Fix

April 21st, 2022|0 Comments
Secure Remote Access to Transactional Middleware Environments in The New Work-From-Home Paradigm
Secure Remote Access to Transactional Middleware Environments in The New Work-From-Home Paradigm
Gallery

Secure Remote Access to Transactional Middleware Environments in The New Work-From-Home Paradigm

April 2nd, 2022|0 Comments

More Infrared360® Resources

Articles & Papers

Overcome the Challenges of Moving Core Banking and Transaction Processing to the Cloud

Secure the Edge with IBM® DataPower® Gateway Appliance

5 Challenges & Solutions When Modernizing Your Middleware Infrastructure

Proactive vs. Forensic – Middleware – Health Monitoring

Seven Middleware Challenges You Must Overcome Before Your Cloud Migration

Monitoring Widely Distributed Environments Without Losing Focus

eBook: Inside IBM MQ Deployment Choices

Contain Costs and Mitigate Risks of Transactions on the Middleware Superhighway

Case Studies

Parker Hannifin Improves Efficiencies Across Business Units with Infrared360® and Trusted Spaces™

Alight Implements Secure, Holistic Self-Service Messaging

Sompo International Builds Business Platform Optimization with SOAP and REST Monitoring

The power of a healthy network: Visiting Nurse Service of New York harnesses IBM, partner technology to streamline patient care.

Video

The Business Case for Modernizing Your MQ Estate Today

Improving Productivity Through Smart, Safe Self-Service

Managing Middleware in Hybrid Cloud

Integrating Data in the Cloud with IBM App Connect

Transforming Your IBM MQ Estate Using Containers

Integration Modernization Lessons Learned

IBM MQ: Enterprise-wide Integration for Modern Distributed Environments

Understanding External Influences on Your Integration Strategy and Direction

Analyst Reports

Peer Reviews for Infrared360®

Avada Software Named a Most Promising IBM Solution Provider for 2023

Avada Software named one of Most Promising IBM Solutions Providers for 2022

A Systems Integrator and Services Provider Cuts Costs, Creates New Revenue Streams While Improving Service Delivery

Infrared360 named one of CIOReview’s 20 Most Promising APM Solution Providers

Analyst Report: Managing an IBM MQ Environment at USBank

CIO Feedback/Data Sheet

About the Author: Scott Treggiari

AVADA SOFTWARE AT A GLANCE

Avada Software’s flagship product, Infrared360®, is an IT management portal providing total administration, monitoring, testing, auditing, analytics dashboards, and self-service for cloud, on-prem, or hybrid environments. Get secure, collaborative management of elements across your IT stack like Kafka®, IBM® MQ, IBM® ACE/IIB, ActiveMQ®, WebSphere®, JBoss®, and Tomcat® Application Servers, URLs, SOAP & REST-based web services, IBM® DataPower® and MQ Appliance.

Latest Insight

The Middleware Blog

October 8th, 2024|

IBM App Connect Enterprise Certified Container Updates: Fixes and Security Enhancements

IBM has released several key updates for App Connect Enterprise (ACE) Certified Containers, targeting vulnerabilities and improving security. These updates are crucial for businesses using ACE containers in mission-critical environments. Below, we summarize the major updates, their implications, and how to apply them.

1. Certified Container Version Updates: Continuous Delivery and Long-Term Support

IBM has outlined the latest certified container versions for […]

Read More

October 4th, 2024|

IBM MQ Enhancement: Addresses Duplicate Cluster Receiver Channel Creation with Advanced Error Detection IBM MQ has recently introduced a critical enhancement that resolves an issue faced by users when unintentionally creating duplicate channels within a cluster. This enhancement ensures that specific channel naming errors are detected more efficiently, helping maintain the integrity of the IBM MQ environment. The Issue: Duplicate Cluster Receiver Channels Cluster receiver channels are […]

Read More

October 3rd, 2024|

Fix download available for CVE-2023-0833

IBM has identified a vulnerability (CVE-2023-0833) in IBM App Connect Enterprise (ACE) toolkit that could allow a local authenticated attacker to access sensitive information. Red Hat AMQ-Streams could allow a local authenticated attacker to send a specially crafted request and exploit this vulnerability to access information outside of their regular permissions. This issue stems from […]

Read More

September 30th, 2024|

Proactive Middleware Health Monitoring: The Key to Maintaining a Resilient IT Environment In today’s rapidly evolving IT landscape, ensuring the health and performance of your middleware is not just a best practice – it’s a necessity. Middleware serves as the glue that connects various applications, systems, and services, playing a crucial role in the overall stability and functionality of an enterprise’s technology ecosystem. However, with the increasing complexity of modern […]

Read More

September 24th, 2024|

Designing a Resilient Middleware Architecture: Best Practices for Modern Enterprises In today’s digital landscape, enterprises rely heavily on middleware to connect disparate systems, applications, and services. Middleware serves as the backbone of complex IT environments, enabling seamless communication and integration. However, as businesses scale and evolve, their middleware must also adapt to ensure uninterrupted service and operational stability. A resilient middleware architecture is essential to withstand failures, handle high volumes […]

Read More

September 20th, 2024|

Greg Hanson, of The Options Clearing Corporation to present at TechXchange Las Vegas.

Greg Hanson, of The Options Clearing Corporation will be presenting “Praise and Pitfalls in a Hybrid MQ World: Addition of Cloud Infrastructure with RDQM” at the TechXchange conference in Las Vegas.

This session will guide you through critical considerations for deploying MQ in hybrid environments, covering:

  • Design considerations for hybrid deployments.
  • The pros and cons of different MQ solutions, […]
Read More

We are proud supporters of:

Avada Software. All Rights Reserved |This website may contain logos and trademarks of third parties. These are the property of their respective owners and are used on this site for informational purposes only. Avada Software does not claim any ownership or association with these trademarks or, except where explicitly stated, their respective organizations. | Privacy Policy
Go to Top