IBM Support

OA53309: ZSECURE AUDIT MIGHT OVERWRITE THE EXISTING CONFIGURATION MEMBERSIN THE CKACUST LIBRARIES DURING COMPLIANCE RULE CONFIGURATION.

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • zSecure Audit might overwrite the existing configuration members
    in the CKACUST libraries during compliance rule configuration.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED: Users of zSecure Audit saving subsets of     *
    *                 compliancy evaluation rules.                 *
    ****************************************************************
    * PROBLEM DESCRIPTION: zSecure Audit saves evaluation rule     *
    *                      subsets in the CKACUST libraries,       *
    *                      possibly over writing whitelist members *
    *                      or local customization members.         *
    ****************************************************************
    * RECOMMENDATION: Apply the PTF provided.                      *
    ****************************************************************
    zSecure Audit allows saving subsets of standard evaluation rules
    in AU.R with any valid data set member name in a user or site
    CKACUST library.  There is no checking if the name given to the
    subset does not already exists as a local customization or
    white list member, allowing for inadvertently overwriting them.
    

Problem conclusion

  • zSecure Audit has been modified so that subsets of standard
    evaluation rules are now stored into a single table in the
    CKACUST libraries, instead of as separate data set members.
    Upon the first update, save, or delete of a saved subset in a
    CKACUST library, zSecure Audit will now convert all previously
    existing saved subsets in that CKACUST library into a single
    ISPF table that also resides in that CKACUST library.
    

Temporary fix

Comments

APAR Information

  • APAR number

    OA53309

  • Reported component name

    ZSEC BASE,ADMIN

  • Reported component ID

    5655T0100

  • Reported release

    220

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2017-07-10

  • Closed date

    2017-08-15

  • Last modified date

    2017-09-02

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UA93202 UA93203

Modules/Macros

  •    CKAERULE CKRP3AR4 CKRP3AR5 CKRP3AR7 CKRP3AR8
    CKRP3AR9
    

Fix information

  • Fixed component name

    ZSEC BASE,ADMIN

  • Fixed component ID

    5655T0100

Applicable component levels

  • R220 PSY UA93202

       UP17/08/17 P F708

  • R221 PSY UA93203

       UP17/08/17 P F708

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU048","label":"IBM Software"}, "Product":{"code":"SSCE68R","label":"zSecure Admin"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"220","Edition":""}]

Document Information

Modified date:
02 September 2017