278 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Domino 9.0.1 FP6
Sun, May 22nd 2016 284
Domino Federarted Web Login / SAML with F5 and ADFS 3.0
Mon, Apr 25th 2016 12
Server Controller Issue when applying 9.0.1 FP5 IF2
Thu, Mar 31st 2016 15
Security Issue - IBM Domino AES GCM weak nonce generation vulnerability
Tue, Mar 29th 2016 9
Critical: glibc security and bug fix update
Wed, Feb 17th 2016 12
Domino Server Controller does not connect after upgrade to Java6SR16FP20
Tue, Feb 16th 2016 18
Domino Start Script New Version 3.1.0
Thu, Feb 11th 2016 8
Top 10
Domino 9.0.1 FP6
Sun, May 22nd 2016 284
Traveler 9.0.1 IF7
Fri, Nov 7th 2014 18
IBM Notes V9.0.1 Mac 64 Bit English (CN6VDEN )
Tue, Sep 29th 2015 18
Domino Server Controller does not connect after upgrade to Java6SR16FP20
Tue, Feb 16th 2016 18
Some Additonal TLS 1.0 Information
Thu, Nov 6th 2014 17
Domino 9.0.1 FP5 IF1 with Security Fixes
Sat, Jan 30th 2016 17
Server Controller Issue when applying 9.0.1 FP5 IF2
Thu, Mar 31st 2016 15
Notes/Domino 9.0.1 FP3 - Java Console/Controller Incompatibility
Wed, Feb 18th 2015 13
Force Traveler to use IPv4 instead of IPv6
Mon, Jul 28th 2014 12
TLS 1.2 Connection Issues with mail.protection.outlook.COM
Thu, Jan 7th 2016 12




Recent Blog Posts
284
Domino 9.0.1 FP6
Sun, May 22nd 2016 4:55p   Daniel Nashed
Domino 9.0.1 FP6 has been released a while ago. I have installed it and I got positive feedback from customers already. FP6 contains all the fixes from previous IFs and also the updated JVM Java60SR16FP20 which addresses a couple of security fixes. Also the server controller interoperability issue is fixed. But for a client based connection you also need to update your admin client! All the TLS fixes are also included and there is an additional fix for an issue in a TLS handshake. SPR#
12
Domino Federarted Web Login / SAML with F5 and ADFS 3.0
Mon, Apr 25th 2016 12:14p   Daniel Nashed
In the last couple of weeks I spent a lot of time with customer Web Federated Login workshops and implementations. Not sure what happened but suddenly everyone is interested in SAML. It looks like more and more customers are looking into that because they have already implemented SSO for other applications like O365. In one case a customer had an existing F5 configuration. In one other case we had a customer with Windows 2012 R2 and ADFS 3.0. Both configurations are not officially support
15
Server Controller Issue when applying 9.0.1 FP5 IF2
Thu, Mar 31st 2016 9:27a   Daniel Nashed
After applying 9.0.1 FP5 IF2 you cannot connect to the server controller -- again! That's another issue that cannot be fixed allowing MD5 in the java security files. What you need is an updated version of the JVM patch. The new patch has a release data of 25.3.2016 an can be downloaded from Fixcentral. Here is the relevant information from the updated technote referenced in the SPR. SPR RSSNA6UU79 is fixed in version 9.0.1FP5 Interim Fix 2 (IF2) via a server code fix and an updated JV
9
Security Issue - IBM Domino AES GCM weak nonce generation vulnerability
Tue, Mar 29th 2016 6:02a   Daniel Nashed
There is a new vulnerability affecting AES GCM ciphers which have been introduced in 9.01. FP3 (enabled by default). For very large data sets, IBM Domino Web servers using TLS and AES GCM generate a weak nonce which could be potentially used for a man-in-the-middle-attack. All Domino 9 versions supporting those ciphers are affected and there is new IF (9.0.1 FP5 IF2) which addresses this issue. The IBM Domino AES GCM weak nonce generation vulnerability is tracked as SPR #KLYHA6ZP4F. If
12
Critical: glibc security and bug fix update
Wed, Feb 17th 2016 8:02a   Daniel Nashed
There is a critical issue with the glibc lib that Linux and other systems are using. The best short description I found is the following: "A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called
18
Domino Server Controller does not connect after upgrade to Java6SR16FP20
Tue, Feb 16th 2016 1:33p   Daniel Nashed
The IBM Java Team disabled MD5 in there latest patch to tighten security. But the Server Console currently can only use MD5 right now. So by this intentionally change by the IBM Java Team the Domino Console cannot connect any more. For now to have the Server Controller local and remotely working again you have to re-enable MD5. This is a similar issue than what we had when the IBM Java team disabled SSLV3 some time ago. There are two lines that you have to chance in the ..jvm/lib/securit
8
Domino Start Script New Version 3.1.0
Thu, Feb 11th 2016 10:26a   Daniel Nashed
As already mentioned at IBM ConnectED last week, I am working on a new version of my start script. Most of the new functionality has been build in because I found it useful for the customer environments I am working in. On top of the new functionality I added a new script "rc_all" that can start, stop, cleanup, diag ... all partitions a the same time. The new rc_all script is a separate script that will search for your Domino partition rc-scripts and is mainly interesting when you run L
17
Domino 9.0.1 FP5 IF1 with Security Fixes
Sat, Jan 30th 2016 9:47a   Daniel Nashed
There is a new IF1 for Domino 9.0.1 that includes two fixes we have waited for in the TLS area specially when communicating with STARTTLS and web-services as posted before on my blog. SPR #KLYHA57S37 - Disable TLS Session Resumption on outbound connections by default This fix addresses and issue for outgoing STARTLS sessions on SMTP. See some more details in my other blog post --> http://blog.nashcom.de/nashcomblog.nsf/dx/tls-1.2-connection-issues-with-protection.
11
Linuxfest VII Gets a Slot at IBM Connect 2016
Sat, Jan 30th 2016 8:17a   Daniel Nashed
If you are attending IBM ConnectED in Orlando and you are interested in Linux you should attend the Linuxfest Session. Thanks to Bill Malchisky we made it again into the agenda! I am looking forward to this session and will bring the brand new Start Script Version 3.1.0 with many enhancements. Here is a copy of Bills' original post. Looking forward to this session. -- Daniel Linuxfest VII Gets a Slot at IBM Connect 2016 Bill Malchisky January 28 2016 02:00:00 AM Linuxfest VII -
3
Traveler 9.0.1.9 shipped
Sat, Jan 16th 2016 8:23a   Daniel Nashed
Traveler 9.0.1.9 is the first update shipped this year. It comes with a number of fixes. See details here --> http://www.ibm.com/support/docview.wss?uid=swg21700212#9019 And it solves an important issue for Traveler HA Servers. There is a technote describing the issue in detail and you should have a look into the new command introduced in this version as soon you have updated your servers. The following TN #1974741 "Two scenarios where multiple accounts for users could be created on




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition