APAR status
Closed as program error.
Error description
In security.properties we include an example: ----------------- # A flag for modifying default Blind SQL Pattern check for resources named in a way that can be suspected as Blind SQL Injection attack. # Below is the value of flag with the default value specified. In case users face problem where they are not able to delete a resource # they can modify the below regular expression to include the special character or pattern which is preventing the resource deletion # blindSQLPattern=?[a-zA-Z0-9\\s\\.\\:\\-_]{1,100}$ # For Example if customer wants to delete a resource which has character & in their name they can use the below value # blindSQLPattern=?[a-zA-Z0-9\\s\\.\\:\\-_&]{1,100}$ ----------------- The first character after the = should be a carrot (Hex 5E) In the properties file it is a Hex 88. In many character sets a hex 88 looks like a hex 5E. The properties should look like: ------------------ # A flag for modifying default Blind SQL Pattern check for resources named in a way that can be suspected as Blind SQL Injection attack. # Below is the value of flag with the default value specified. In case users face problem where they are not able to delete a resource # they can modify the below regular expression to include the special character or pattern which is preventing the resource deletion # blindSQLPattern=^[a-zA-Z0-9\\s\\.\\:\\-_]{1,100}$ # For Example if customer wants to delete a resource which has character & in their name they can use the below value # blindSQLPattern=^[a-zA-Z0-9\\s\\.\\:\\-_&]{1,100}$ ------------------
Local fix
STRRTC - 477633 JPM/JPM
Problem summary
Users Affected: All Problem Description: There is an incorrect character in an example in the blindSQLPattern property in security.properties. Platforms Affected: All
Problem conclusion
Resolution Summary: A code fix has been provided. Delivered in: 5020601
Temporary fix
Comments
APAR Information
APAR number
IT11340
Reported component name
STR B2B INTEGRA
Reported component ID
5725D0600
Reported release
525
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2015-09-21
Closed date
2015-09-21
Last modified date
2015-12-09
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
STR B2B INTEGRA
Fixed component ID
5725D0600
Applicable component levels
R525 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.2.5","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]
Document Information
Modified date:
09 December 2015