Been wondering how to know if your WMQ is up to date for security patches? Wonder no more! Just go visit the Security Bulletin for WebSphere MQ page. The Recommended Fixes page lists all of the Fix Packs and from there you can scan the included APARs for things that look like they might be security related. But that’s kind of a hit-or-miss proposition. That’s why I’m really excited that the new site lists all the security-related fixes in one place and ties these back to both the CVE web site and the Fix Pack that addresses the issue.
In some cases an item will be listed before a fix is available. You can always open a PMR and ask for an Interim Fix (a.k.a. an “iFix”) by referencing the specific APAR if the vulnerability is that urgent. In most cases though, just apply the Fix Pack when it is released.
The site lists only those fixes that apply to WMQ base. Currently there is no similar listing for WMQ AMS or WMQ FTE but it’s something I’ve requested. If you find the site useful, please let IBM know about it through the Feedback form at the bottom of the page or your account team