IBM Support

JR55110: MULTIPLE VULNERABILITIES IN IBM SDK FOR JAVA SHIPPED WITH IBM PROCESS DESIGNER AND WEBSPHERE LOMBARDI EDITION

Direct links to fixes

8.5.6.2-WS-BPMPCPD-IFJR55110
8.5.5.0-WS-BPMPCPD-IFJR55110
8.5.0.2-WS-BPMPCPD-IFJR55110
8.0.1.3-WS-BPMPC-IFJR55110
7.5.1.2-WS-BPMPC-IFJR55110
WLE-7.2.0.5-HotFix-JR55110
Version 8.5 Refresh Pack 7 for the IBM Business Process Manager products

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • There are multiple vulnerabilities in IBM SDK Java Technology
Edition, which IBM WebSphere Application Server uses in IBM
Business Process Manager (BPM) and IBM WebSphere Lombardi
Edition. These issues were disclosed as part of the "Multiple
vulnerabilities in current releases of the IBM SDK, Java
Technology Edition" in January 2016. For more information, see
"Security Bulletin: Security vulnerabilities have been
identified in IBM WebSphere Application Server shipped with IBM
Business Process Manager and WebSphere Lombardi Edition
(CVE-2016-0483, CVE-2016-0475, CVE-2016-0466, CVE-2015-7575,
CVE-2016-0448)"
(http://www.ibm.com/support/docview.wss?uid=swg21977021).

PRODUCTS AFFECTED
IBM BPM Advanced
IBM BPM Standard
IBM BPM Express
WebSphere Lombardi Editon

Local fix

  • 



Problem summary


    

  • No additional information is available.

    



Problem conclusion


    

  • A fix is available for the latest fix pack of all supported
releases of IBM BPM and WebSphere Lombardi Edition.

On Fix Central (http://www.ibm.com/support/fixcentral), search
for JR55110:

    1. Select IBM Business Process Manager with your edition or
IBM WebSphere Lombardi Edition from the product selector, the
installed version to the fix pack level, and your platform, and
then click Continue.
    2. Select APAR or SPR, enter JR55110, and click Continue.

When you download fix packages, ensure that you also download
the readme file for each fix. Review each readme file for
additional installation instructions and information about the
fix.

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    JR55110
    • 

  • Reported component name
    BPM ADVANCED
    • 

  • Reported component ID
    5725C9400
    • 

  • Reported release
    751
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2016-01-27
    • 

  • Closed date
    2016-02-23
    • 

  • Last modified date
    2016-02-23
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    BPM ADVANCED
    • 

  • Fixed component ID
    5725C9400
    • 



Applicable component levels


    

  • R751  PSY
       UP
    • 

  • R801  PSY
       UP
    • 

  • R850  PSY
       UP
    • 

  • R855  PSY
       UP
    • 

  • R856  PSY
       UP
    • 

  • R857  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSFTN5","label":"IBM Business Process Manager Advanced"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.5.1","Line of Business":{"code":"LOB45","label":"Automation"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            16 October 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback