IBM Support

OA67145: NEED BACKPORT OF OA66411 FOR 2.5.0 - CKFREEZE IS MISSING THE INDIVIDUAL JES2 STC PROCLIB MEMBERS IF THE SSI PATH IS BEING USED.

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • CKFREEZE is missing the individual JES2 STC proclib members if
    the SSI path is being used to obtain the PAD.
    
    This can also result in non-compliant findings for compliance
    controls which use the R_STC newlist, for example ZCLSR030 and
    ZCLSR032, if the procedures are STC proclib members rather than
    MSTR STClib members.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED: Users of zSecure Collect collecting system   *
    *                 data related to JES2 sensitive data sets for *
    *                 zSecure Audit compliance controls ZCLSR030   *
    *                 and ZCLSR032.                                *
    ****************************************************************
    * PROBLEM DESCRIPTION: zSecure Collect might skip individual   *
    *                      JES2 started task members within        *
    *                      procedure library concatenation         *
    *                      (PROCLIB). As a result, zSecure Audit   *
    *                      might report no tested goals as         *
    *                      evaluated by the ZCLSR030 and ZCLSR032  *
    *                      compliance controls.                    *
    ****************************************************************
    * RECOMMENDATION: Apply the PTF provided.                      *
    ****************************************************************
    When zSecure Collect collects JES2 started task information from
    JES2 procedure library concatenation (PROCLIB), it might skip
    individual members within that concatenation, so that collected
    system configuration data (CKFREEZE) might be missing related
    information about these members. As result, zSecure Audit will
    report no goals tested by the following compliance controls:
    
     o ZCLSR030: IBM CL/SuperSession started tasks names must be
                 properly defined to the system ACP.
     o ZCLSR032: IBM CL/SuperSession started tasks must be properly
                 defined to the STARTED resource class.
    
    Other compliance controls and audit reports might be affected as
    well.
    

Problem conclusion

  • zSecure Collect has been modified, so that it properly collects
    JES2 started task information from JES2 procedure library
    concatenation (PROCLIB) and zSecure Audit will evaluate ZCLSR030
    and ZCLSR032 compliance controls correctly.
    

Temporary fix

Comments

APAR Information

  • APAR number

    OA67145

  • Reported component name

    ZSEC BASE,ADMIN

  • Reported component ID

    5655T0100

  • Reported release

    250

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2024-10-24

  • Closed date

    2024-11-01

  • Last modified date

    2024-12-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UJ96254

Modules/Macros

  • CKAOUSDD CKASDDR  CKASEND  CKFJES2  CKFJES3  CKRCFS   CKRCFV
    GKRCFS   GKRCFV   GKROUSDD GKRSDDR  GKRSEND
    

Fix information

  • Fixed component name

    ZSEC BASE,ADMIN

  • Fixed component ID

    5655T0100

Applicable component levels

  • R250 PSY UJ96254

       UP24/11/02 P F411

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"250","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
03 December 2024