276 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Domino Federarted Web Login / SAML with F5 and ADFS 3.0
Mon, Apr 25th 2016 125
Server Controller Issue when applying 9.0.1 FP5 IF2
Thu, Mar 31st 2016 22
Security Issue - IBM Domino AES GCM weak nonce generation vulnerability
Tue, Mar 29th 2016 17
Critical: glibc security and bug fix update
Wed, Feb 17th 2016 14
Domino Server Controller does not connect after upgrade to Java6SR16FP20
Tue, Feb 16th 2016 17
Domino Start Script New Version 3.1.0
Thu, Feb 11th 2016 13
Domino 9.0.1 FP5 IF1 with Security Fixes
Sat, Jan 30th 2016 13
Top 10
Domino Federarted Web Login / SAML with F5 and ADFS 3.0
Mon, Apr 25th 2016 125
Server Controller Issue when applying 9.0.1 FP5 IF2
Thu, Mar 31st 2016 22
Domino Server Controller does not connect after upgrade to Java6SR16FP20
Tue, Feb 16th 2016 17
Security Issue - IBM Domino AES GCM weak nonce generation vulnerability
Tue, Mar 29th 2016 17
TLS 1.2 Connection Issues with mail.protection.outlook.COM
Thu, Jan 7th 2016 16
IBM Notes V9.0.1 Mac 64 Bit English (CN6VDEN )
Tue, Sep 29th 2015 15
IBM Traveler 9.0.1.7 shipped with iOS 9 support
Mon, Sep 7th 2015 14
Symantec Backup Exec End of Life
Sat, Dec 5th 2015 14
Linuxfest VII Gets a Slot at IBM Connect 2016
Sat, Jan 30th 2016 14
Critical: glibc security and bug fix update
Wed, Feb 17th 2016 14




Recent Blog Posts
125
Domino Federarted Web Login / SAML with F5 and ADFS 3.0
Mon, Apr 25th 2016 12:14p   Daniel Nashed
In the last couple of weeks I spent a lot of time with customer Web Federated Login workshops and implementations. Not sure what happened but suddenly everyone is interested in SAML. It looks like more and more customers are looking into that because they have already implemented SSO for other applications like O365. In one case a customer had an existing F5 configuration. In one other case we had a customer with Windows 2012 R2 and ADFS 3.0. Both configurations are not officially support
22
Server Controller Issue when applying 9.0.1 FP5 IF2
Thu, Mar 31st 2016 9:27a   Daniel Nashed
After applying 9.0.1 FP5 IF2 you cannot connect to the server controller -- again! That's another issue that cannot be fixed allowing MD5 in the java security files. What you need is an updated version of the JVM patch. The new patch has a release data of 25.3.2016 an can be downloaded from Fixcentral. Here is the relevant information from the updated technote referenced in the SPR. SPR RSSNA6UU79 is fixed in version 9.0.1FP5 Interim Fix 2 (IF2) via a server code fix and an updated JV
17
Security Issue - IBM Domino AES GCM weak nonce generation vulnerability
Tue, Mar 29th 2016 6:02a   Daniel Nashed
There is a new vulnerability affecting AES GCM ciphers which have been introduced in 9.01. FP3 (enabled by default). For very large data sets, IBM Domino Web servers using TLS and AES GCM generate a weak nonce which could be potentially used for a man-in-the-middle-attack. All Domino 9 versions supporting those ciphers are affected and there is new IF (9.0.1 FP5 IF2) which addresses this issue. The IBM Domino AES GCM weak nonce generation vulnerability is tracked as SPR #KLYHA6ZP4F. If
14
Critical: glibc security and bug fix update
Wed, Feb 17th 2016 8:02a   Daniel Nashed
There is a critical issue with the glibc lib that Linux and other systems are using. The best short description I found is the following: "A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called
17
Domino Server Controller does not connect after upgrade to Java6SR16FP20
Tue, Feb 16th 2016 1:33p   Daniel Nashed
The IBM Java Team disabled MD5 in there latest patch to tighten security. But the Server Console currently can only use MD5 right now. So by this intentionally change by the IBM Java Team the Domino Console cannot connect any more. For now to have the Server Controller local and remotely working again you have to re-enable MD5. This is a similar issue than what we had when the IBM Java team disabled SSLV3 some time ago. There are two lines that you have to chance in the ..jvm/lib/securit
13
Domino Start Script New Version 3.1.0
Thu, Feb 11th 2016 10:26a   Daniel Nashed
As already mentioned at IBM ConnectED last week, I am working on a new version of my start script. Most of the new functionality has been build in because I found it useful for the customer environments I am working in. On top of the new functionality I added a new script "rc_all" that can start, stop, cleanup, diag ... all partitions a the same time. The new rc_all script is a separate script that will search for your Domino partition rc-scripts and is mainly interesting when you run L
13
Domino 9.0.1 FP5 IF1 with Security Fixes
Sat, Jan 30th 2016 9:47a   Daniel Nashed
There is a new IF1 for Domino 9.0.1 that includes two fixes we have waited for in the TLS area specially when communicating with STARTTLS and web-services as posted before on my blog. SPR #KLYHA57S37 - Disable TLS Session Resumption on outbound connections by default This fix addresses and issue for outgoing STARTLS sessions on SMTP. See some more details in my other blog post --> http://blog.nashcom.de/nashcomblog.nsf/dx/tls-1.2-connection-issues-with-protection.
14
Linuxfest VII Gets a Slot at IBM Connect 2016
Sat, Jan 30th 2016 8:17a   Daniel Nashed
If you are attending IBM ConnectED in Orlando and you are interested in Linux you should attend the Linuxfest Session. Thanks to Bill Malchisky we made it again into the agenda! I am looking forward to this session and will bring the brand new Start Script Version 3.1.0 with many enhancements. Here is a copy of Bills' original post. Looking forward to this session. -- Daniel Linuxfest VII Gets a Slot at IBM Connect 2016 Bill Malchisky January 28 2016 02:00:00 AM Linuxfest VII -
8
Traveler 9.0.1.9 shipped
Sat, Jan 16th 2016 8:23a   Daniel Nashed
Traveler 9.0.1.9 is the first update shipped this year. It comes with a number of fixes. See details here --> http://www.ibm.com/support/docview.wss?uid=swg21700212#9019 And it solves an important issue for Traveler HA Servers. There is a technote describing the issue in detail and you should have a look into the new command introduced in this version as soon you have updated your servers. The following TN #1974741 "Two scenarios where multiple accounts for users could be created on
16
TLS 1.2 Connection Issues with mail.protection.outlook.COM
Thu, Jan 7th 2016 6:57a   Daniel Nashed
Two of my customers had issues connecting to the Microsoft hosted environment over TLS 1.2 once we got the session resumption working (see previous blog posts). My environment had the same configuration and could connect just fine. It looks like the servers are behaving different with different certificates. That's the only difference we saw in configuration. After a couple of tests and working with IBM support we got a hotfix that we successfully tested yesterday. I know of 3 custom




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition