A fix is available
APAR status
Closed as program error.
Error description
Incorrect non-compliant findings for RACF-SL-000030 when multiple CKFREEZE files are allocated.
Local fix
Allocate a CKFREEZE from a single system only.
Problem summary
**************************************************************** * USERS AFFECTED: Users of zSecure Admin/Audit exploiting * * multi-level indirect references (lookups) * * in SELECT CARLa statements, users of the * * zSecure Audit compliance testing framework * * exploiting the RACF-SL-000030 compliance * * control while processing multi-system data. * **************************************************************** * PROBLEM DESCRIPTION: zSecure Admin/Audit might generate * * incorrect results in cases where * * multi-level indirect references * * (lookups) are used in * * SELECT/EXCLUDE CARLa statements and * * data from multiple systems are used * * for processing. * **************************************************************** * RECOMMENDATION: Apply the PTF provided. * **************************************************************** When multi-level indirect reference (lookup) is used in the SELECT or EXCLUDE CARLa statements and data from multiple systems is being processed, the results generated by zSecure Admin/Audit might be incorrect, that is the lookup evaluation might report data from the wrong system. This also applies to the controls of the zSecure Audit compliance testing framework which use multi-level lookups (in particular the RACF-SL-000030 (Syslogd protected config) compliance control.
Problem conclusion
zSecure Admin/Audit has been modified, so that the multi-level indirect references (lookups) specified in SELECT/EXCLUDE CARLa statements result in correct reports in cases where the data from multiple systems are being processed.
Temporary fix
Comments
APAR Information
APAR number
OA66816
Reported component name
ZSEC BASE,ADMIN
Reported component ID
5655T0100
Reported release
310
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2024-07-30
Closed date
2024-08-05
Last modified date
2024-09-03
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UJ95728
Modules/Macros
CKABITS GKRBITS
Fix information
Fixed component name
ZSEC BASE,ADMIN
Fixed component ID
5655T0100
Applicable component levels
R310 PSY UJ95728
UP24/08/06 P F408
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"310","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Document Information
Modified date:
03 September 2024