IBM Support

JR54682: MULTIPLE VULNERABILITIES IN IBM JAVA SDK AFFECT IBM PROCESS DESIGNER

A fix is available

Version 8.5 Refresh Pack 7 for the IBM Business Process Manager products

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • There are multiple vulnerabilities in IBM (R) SDK Java (TM)
Technology Edition, which IBM WebSphere Application Server uses
under IBM Business Process Manager (BPM) and IBM WebSphere
Lombardi Edition.  These issues were disclosed as part of the
Multiple vulnerabilities in current releases of the IBMᄅ SDK,
Java? Technology Edition in July and November 2015. For more
information, see "Security Bulletin: Multiple vulnerabilities in
IBM SDK Java (TM) Technology Edition affect IBM Business Process
Manager and WebSphere Lombardi Edition October 2015 CPU"
(http://www.ibm.com/support/docview.wss?uid=swg21972165).

PRODUCTS AFFECTED
IBM BPM Advanced
IBM BPM Standard
IBM BPM Express
WebSphere Lombardi Editon

Local fix

  • 



Problem summary


    

  • No additional information is available.

    



Problem conclusion


    

  • A fix is available for the latest fix pack of all supported
releases of IBM BPM and WebSphere Lombardi Edition.

On Fix Central (http://www.ibm.com/support/fixcentral), search
for JR54682:

    1. Select IBM Business Process Manager with your edition or
IBM WebSphere Lombardi Edition from the product selector, the
installed version to the fix pack level, and your platform, and
then click Continue.
    2. Select APAR or SPR, enter JR54682, and click Continue.

When you download fix packages, ensure that you also download
the readme file for each fix. Review each readme file for
additional installation instructions and information about the
fix.

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    JR54682
    • 

  • Reported component name
    BPM ADVANCED
    • 

  • Reported component ID
    5725C9400
    • 

  • Reported release
    751
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2015-11-10
    • 

  • Closed date
    2015-12-11
    • 

  • Last modified date
    2015-12-11
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    BPM ADVANCED
    • 

  • Fixed component ID
    5725C9400
    • 



Applicable component levels


    

  • R751  PSY
       UP
    • 

  • R801  PSY
       UP
    • 

  • R850  PSY
       UP
    • 

  • R855  PSY
       UP
    • 

  • R856  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSFTN5","label":"IBM Business Process Manager Advanced"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.5.1","Line of Business":{"code":"LOB45","label":"Automation"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            14 October 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback