Under Construction
Does an installed Ifix have the ability to be removed automatically?
If an update is pending, it may no longer be known whether an installed ifix is automatically removable during an update (which contains the official fix). We have already shown how this can be checked using the ifix file. This can be displayed just as easily for an installed ifix. Using “emgr -l” (list) and the option “-v 3“, the references to APARs are displayed:
# emgr -l -L 81112ma -v 3
…
APAR information:
=================
No APAR numbers listed.
…
#
As shown several times before, the OpenSSH ifix does not contain any references to APARs and must therefore be removed manually before updating OpenSSH.
For the second ifix (IJ50424s7a) the information related to APARs looks like this:
# emgr -l -L IJ50424s7a -v 3
…
APAR information:
=================
APAR number: IJ50424
APAR abstract: sendmail security vulnerability CVE-2023-51765
…
#
The ifix will be uninstalled automatically, if the update contains the APAR IJ50424.
For the third ifix (IJ52366s7a) you get the following output:
# emgr -l -L IJ52366s7a -v 3
…
APAR information:
=================
APAR number: IJ52366
APAR abstract: a potential security issue exists
…
#
This means that this ifix will also be uninstalled automatically, if the update contains the correct APAR.