HPE Community
BladeSystem - General
1753755 Members
4716 Online
108799 Solutions
New Discussion

Who Me Too'd this topic

chuckk281
Trusted Contributor

‎02-11-2015 01:00 PM

‎02-11-2015 01:00 PM

Integrated Lights Out (ILO) v 2.27 - Fixes and Enhancements info

Patrick looking for help on iLO info:

 

***********

 

Anyone have the details on ILO 2.27? The website doesn’t give much about fixes and enhancements for this version.

 

***********

 

Input from Grant:

 

************

 

Hi Patrick,

 

If you download & unzip the firmware package, you will find a readme.txt file which hast the following:

 

 

BUILD DATE: January 8, 2015

EFFECTIVE DATE:  January 30, 2015

DESCRIPTION:   Firmware for the Hewlett-Packard Integrated Lights-Out 2 Management Controller

 

UPDATES:

- None

 

FIXES:

- Addressed possible security vulnerabilities mentioned in the HP Software Security Response Team reports SSRT101745 and SSRT101886.

- Disabled SSL version 3. iLO 2 2.27 and later supports only TLS 1.0.

- Addressed CVE-2014-0224 false positive.

- The current user cannot be deleted by using the RIBCL command DELETE_CURRENT_USER.

 

ENHANCEMENTS:

- Added a CLI command to enable or disable the SSLv3 cryptographic protocol. The command is "set /map1/config1 oemhp_ssl_v3_enable=yes" to enable SSLv3 or "set /map1/config1 oemhp_ssl_v3_enable=no" to disable SSLv3. iLO will reset if the command state transitions from yes to no or from no to yes.

- Hard drive status reporting on the System Health Summary web page now displays smart errors.

- Added additional permission attributes to the JAR Manifest file for the Java Remote Console and Virtual Media applets.

- Added a watchdog timer for firmware lockups. iLO 2 will reboot if the firmware does not respond for 60 minutes.

- Added support for retrieving a certificate from a trusted HP SIM 7.0 and later server.

 

KNOWN ISSUES:

- None

 

*************

 

Comments?

 

1 person had this problem.
0 Kudos
Reply
Who Me Too'd this topic
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.