Decoding Db2 Security Bulletins
Mitchell Waite, IBM
Learn the process for how Db2 addresses security vulnerabilities, to read and understand a security bulletin, and to be in a better position to respond when fixpacks and special builds are released. Security vulnerabilities are a current fact of life with software. Db2 participates in an IBM process known as the Product Security Incident Response Team (PSIRT), which is responsible for fixing and disclosing security vulnerabilities. Communication of these issues to customers is done through security bulletins, which are often obscure and confusing. This presentation will lift some of the fog surrounding the process and make the security bulletins easier to understand. The topic of timelines for fixes will also be discussed.