Product Documentation
Abstract
IBM HTTP Server provides periodic fixes for release 8.0. The following is a complete listing of fixes for Version 8.0 with the most recent fix at the top.
Content
 | Back to all versions |
| Fix release date: 30 April 2018 Last modified: 30 April 2018 Status: Recommended  Download Fix Pack 15 | |
| APAR | Description |
| PI87445 | CVE-2017-9798 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg22009782 |
| PI87663 | CVE-2017-12618 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg22009782 |
| PI90598 | CVE-2017-12613 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg22013598 |
| PI84868 | Disable the 3DES cipher by default in IBM HTTP Server. |
| PI85478 | Disable symmetric offload by default when IHS is configured to use a crypto card. |
| PI85561 | SSL Fallback Protection related errors with SSLProxyEngine ON |
| PI85702 | SAFRunAs %%CERTIF%% asks for basic auth credentials (z/OS only) |
| PI85804 | Improve password failure error messages in authnz_saf (z/OS only) |
| PI88232 | Allow the server to handle requests with obsolete folds containing only spaces and/or tabs after PI73984. |
| PI88356 | Default ciphers with SSLFIPSEnable are System SSL defaults instead of IHS defaults. (z/OS only) |
| PI88553 | Print an error message that includes the errno and errno2 values if fail to find a specified saf-group. |
| PI90141 | IBM HTTP Server may hang at startup on z/Linux running on z14 hardware - upgrade GSKit to 8.0.50.84 |
| PI90834 | abendoc4 in apr_pstrcat using saf-change-pw handler (z/OS only) |
| PI91075 | Add environment variable to record "SSLVersion" failure |
| PI91351 | Add toleration for TLS certificate extension InhibitAnyPolicy marked as non-critical |
| PI91975 | The 'Header unset Content-Type' directive does not unset the Content-Type response header. |
| PI92017 | Include CGI program name when writing stderr to the error log when using mod_cgi |
| PI92053 | Let child processes avoid graceful shutdown if ECONNREFUSED, ECONNABORTED, ECONNRESET occur during client accept() |
| PI92092 | FSUM6245 seen when upgrading IHS to a new fix pack and using an intermediate symbolic link |
Note: IBM HTTP Server 8.0.0.15 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.34.
| Fix release date: 30 October 2017 Last modified: 30 October 2017 Status: Superseded  Download Fix Pack 14 | |
| APAR | Description |
| PI73984 | CVE-2016-8743 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?&uid=swg21996847 |
| PI82260 | CVE-2017-3167 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?&uid=swg22005280 |
| PI82263 | CVE-2017-7668 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?&uid=swg22005280 |
| PI82481 | CVE-2017-7679 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg22005280 |
| PI69182 | IBM HTTP Server SSL cipher defaults may be displayed incorrectly on z/OS |
| PI72027 | IHS rewrite rule on IPV6 does not redirect correctly. |
| PI72350 | Fix potential crash in mod_mem_cache in IHS 8.5 and earlier. |
| PI72989 | Hangs related to mod_backtrace and mod_whatkilledus during a crash. |
| PI73027 | Crash with combination of mod_net_trace loaded and 'EnableSendfile ON' in httpd.conf. |
| PI73043 | Upgrade bundled GSKit security library |
| PI73661 | Session ID Daemon (sidd) memory leak |
| PI73819 | Allow an extended syntax for the SSLCipherSpec directive on z/OS (z/OS only) |
| PI74200 | Connection resets under heavy load when connecting to IHS on z/OS. (z/OS only) |
| PI75341 | /server-status doesn't display client IP until first request is read |
| PI76757 | Allow SSL handshake transcripts to be enabled or disabled |
| PI76874 | Further enhancements to PI50937 high cpu avoidance |
| PI78442 | Some sequences of server-side includes mixing '#include virtual=' and '#include file=' result in a HTTP 400 error. |
| PI78767 | HttpProtocolOptions does not get merged from global to virtualhost scope in 8.5 and earlier. |
| PI80356 | Upgrade bundled GSKit security library |
| PI80447 | Disable MMAP for static files by default on z/OS (z/OS only) |
| PI81360 | Allow SSL_/TLS_ prefixes to be used interchangeably for cipher long names |
| PI81589 | Use ECDHE_RSA ciphers by default under TLS1.2 in IBM HTTP Server 8.0 and 8.5 |
| PI81602 | Issues with updating SAF password when using Firefox or Chrome (z/OS only) |
| PI83257 | Reduce memory usage from long mod_rewrite configurations. |
| PI83350 | Add jobname and job id to SMF 103 records for IBM HTTP Server (z/OS only) |
Note: IBM HTTP Server 8.0.0.14 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.34.
| Fix release date: 20 February 2017 Last modified: 20 February 2017 Status: Superseded  Download Fix Pack 13 | |
| APAR | Description |
| PI54962 | CVE-2016-0201 for IBM HTTP Server (GSKit upgrade) http://www-01.ibm.com/support/docview.wss?uid=swg21974507 |
| PI63098 | CVE-2016-0718 for IBM HTTP Server (Distributed only) http://www-01.ibm.com/support/docview.wss?&uid=swg21988026 |
| PI65855 | CVE-2016-5387 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg21988019 |
| PI66849 | CVE-2012-0876, CVE-2012-1148, CVE-2016-4472 expat vulnerability fixes for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg21988026 |
| PI49718 | Improve error_log reporting for 'SSLProxyEngine' handshake errors |
| PI49791 | Add the IfFile directive to allow processing directives based on file existance. |
| PI50376 | DGW compatibility for DOCUMENT_* CGI variables. (z/OS only) |
| PI50397 | No error log entries for 'SAFRunAs %%CERTIF_REQ%%' failures. (z/OS only) |
| PI50514 | SSL session ID cache daemon (SIDD) creates unnecessary entries |
| PI50937 | Alleviate looping between SSL and GSKit (IBM Global Security Kit) |
| PI51185 | Enhancements allowing use of SAFRunAsEarly for certificate switching |
| PI52299 | TLS_FALLBACK_SCSV support for IBM HTTP Server |
| PI54415 | Requests with CONTENT-LENGTH: 0 and any LimitRequestBody may result in a 413 error |
| PI54757 | Delay allocating an IHS thread until data is available on a new inbound TCP connection. |
| PI54808 | RewriteRule sees un-decoded characters in URL when mod_authnz_saf loaded (z/OS only) |
| PI56034 | No equivalent functionality for DGW ALWAYSWELCOME directive in IHS on z/OS. |
| PI57543 | Allow one address space per rotatelogs process to be conserved. (z/OS only) |
| PI57657 | INSTCONFPARTIALSUCCESS when the IBM HTTP Server installer cannot determine a local hostname. |
| PI58218 | IBM HTTP Server 'mod_cache' fixes. |
| PI59374 | Certificate expiration reporting for IBM HTTP Server. |
| PI59561 | Add pre/post password hooks to mod_authnz_saf. (z/OS only) |
| PI60207 | Upgrade bundled GSKit security library to 8.0.50.61 (Distributed only) |
| PI60784 | IBM HTTP Server directives SSLCipherBan and SSLCipherRequire may crash when GSKit tracing is enabled. (Distributed only) |
| PI62663 | Some Server Side Includes (SSI) may not be translated as expected (z/OS only) |
| PI63482 | Add a private header with password change information for 401 response. |
| PI63682 | IHS mod_status displays many 'NULL' strings in request column. |
| PI64346 | SetEnvIf may be skipped with SAF auth enabled (z/OS only) |
| PI66183 | When MFA is configured, SAFRunAs fails with a permission error (z/OS only) |
| PI66695 | mod_reqtimeout can cause 'java.io.IOException: Async IO operation failed' |
| PI66787 | Session cache daemon (sidd) memory leak |
| PI66931 | Upgrade bundled GSKit security library to resolve TLS > 1.2 negotiation intolerance. |
| PI67595 | AuthSAFExpiration and AuthSAFReenter do not work when using a 401 errordocument (z/OS only) |
| PI70024 | Lower message severity to Info for cache return error when connection is aborted for the IBM HTTP Server error logging |
| PI70496 | Startup failures when 'SSLEnable' is specified globally instead of within a VirtualHost. |
| PI70829 | Provide additional message information for IBM HTTP Server TLS handshakes |
Note: IBM HTTP Server 8.0.0.13 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.31.
| Fix release date: 01 February 2016 Last modified: 01 February 2016 Status: Superseded  Download Fix Pack 12 | |
| APAR | Description |
| PI42928 | CVE-2015-3183 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg21963361 |
| PI44793 | CVE-2015-4947 for IBM HTTP Server Administration Server http://www-01.ibm.com/support/docview.wss?uid=swg21965419 |
| PI44809 | CVE-2015-1788 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg21963362 |
| PI45596 | CVE-2015-1283 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg21964428 |
| PI52395 | CVE-2015-7420 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg21974507 |
| PI40885 | The 'SAFRunAs' directive implicitly requires access to the "OMVSAPPL" class in some RACF configurations (z/OS only) |
| PI40952 | Preserve quoting in SSLServerCert directive |
| PI45005 | Use of SAFRunAs %%CLIENT%% can result in ICH408I messages to be issued against the HTTP Server userid (z/OS only) |
| PI45740 | Encoding error on RewriteRule |
| PI46559 | The setupadm script on Linux fails to use an existing group without the -create parameter |
| PI46616 | Allow RewriteRule to use colon (':') in header names and values |
| PI46868 | REXX CGI'S may display as text in the browser (z/OS only) |
| PI47198 | IHS caching partial response for chunked responses |
| PI47605 | Support -t -DDUMP_SSL_CONFIG and -t -DDUMP_SSL_CIPHERS on Microsoft Windows |
| PI47642 | Honor a global LogLevel specified after a virtual host definition that does not explicitly set LogLevel |
| PI47445 | IHS V7.0 and V8.0 fail to start when using CharsetOptions NoImplicitAdd. (z/OS only) |
| PI48695 | DGW compatibility for CGI query strings and syntax in server-side includes. (z/OS only) |
| PI49165 | Add new request time logging formats |
| PI49473 | IBM HTTP Server mod_filter is unable to process pages with error response codes returned from WebSphere Plugin |
Note: IBM HTTP Server 8.0.0.12 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.31.
| Fix release date: 17 August 2015 Last modified: 17 August 2015 Status: Superseded  Download Fix Pack 11 | |
| APAR | Description |
| PI31516 | CVE-2014-8730: Enable strict CBC padding checks on TLS connections http://www-01.ibm.com/support/docview.wss?uid=swg21692502 |
| PI34229 | Disable RC4-based TLS ciphers by default in IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg21701072 |
| PI36417 | CVE-2015-0138 for IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg21698959 |
| PI39833 | CVE-2015-1829 for IBM HTTP Server on Windows http://www-01.ibm.com/support/docview.wss?uid=swg21959081 |
| PI28735 | ErrorDocument redirection for status code 414 (Request URI too long) does not work |
| PI30093 | Allow SSLProtocolDisable, SSLProtocolEnable, and SSLAttributeSet in the IBM HTTP Server configuration global |
| PI30323 | Add support for dual-mode ECDSA/RSA SSL virtual hosts |
| PI31566 | Allow IBM HTTP Server RLimit* directives to reduce hard limits |
| PI32841 | Some cipher names and keysizes are not logged when using %(SSL_CIPHER)e in LogFormat for access log |
| PI35219 | SSLOCSPEnable directive always enables OCSP (Online Certificate Status Protocol) even if value is 'OFF' |
| PI34017 | HTTP error 413 on static files results in a duplicate error message |
| PI35073 | IBM HTTP Server always supplies its own HTTP 'DATE' header to responses generated by the WebSphere webserver plug-in |
| PI35219 | ABEND0C1 when running install_ihs on z/OS |
| PI38322 | Allow mod_cache to ignore an 'Authorization' HTTP request header |
| PI38562 | CGI resources are briefly unavailable just after a restart |
| PI38828 | Enable unified config dump |
| PI38835 | IBM HTTP Server cannot log time-to-first-byte (TTFB) |
| PI39439 | DGW-style SSL environment variables are not set |
Note: IBM HTTP Server 8.0.0.11 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.29.
| Fix release date: 16 February 2015 Last modified: 16 February 2015 Status: Superseded  Download Fix Pack 10 | |
| APAR | Description |
| PI19700 | CVE-2014-0076: Local side-channel attack on ECDSA (GSKit upgrade) http://www-01.ibm.com/support/docview.wss?&uid=swg21695392 |
| PI22070 | Multiple Apache web server vulnerabilities: CVE-2014-0118 (mod_deflate), CVE-2014-0226 (mod_status), CVE-2014-0231 (mod_cgid), CVE-2013-5704 (core) http://www-01.ibm.com/support/docview.wss?&uid=swg21695392 |
| PI27904 | CVE-2014-3566: IBM HTTP Server should disable weak SSL protocols and ciphers by default http://www-01.ibm.com/support/docview.wss?&uid=swg21695392 |
| PI17434 | SSLCACHE may fail due to SSLCACHEPORTFILENAME value being in use (z/OS only) |
| PI19581 | IBM HTTP Server modules specified without a path don't load |
| PI23005 | Allow logging of time taken during SSL handshake |
| PI24257 | 'Header edit* ...' directive not accepted by IBM HTTP Server |
| PI25783 | Fatal getpwuid() error at IBM HTTP Server startup (z/OS only) |
| PI26507 | mod_proxy on z/OS doesn't try IPV4 addresses on systems where IPV6 connections fail (z/OS only) |
| PI26894 | Increase security libraries to resolve high CPU loop on 64bit Microsoft Windows (GSKit upgrade to 8.0.50.34) |
Note: IBM HTTP Server 8.0.0.10 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.29.
| Fix release date: 23 June 2014 Last modified: 23 June 2014 Status: Superseded  Download Fix Pack 9 | |
| APAR | Description |
| PI05309 | CVE-2013-6329: SSL session resumption vulnerability. (GSKit upgrade). http://www-01.ibm.com/support/docview.wss?&uid=swg21676092 |
| PI09345 | CVE-2013-6438: Potential Denial of Sevice in mod_dav for IBM HTTP Server. http://www-01.ibm.com/support/docview.wss?&uid=swg21676092 |
| PI09443 | CVE-2013-6747: GSKit Certificate Chain Vulnerability. (GSKit upgrade). http://www-01.ibm.com/support/docview.wss?&uid=swg21676092 |
| PI13028 | CVE-2014-0098: mod_log_config - Potential denial of service vulnerability http://www-01.ibm.com/support/docview.wss?&uid=swg21676092 |
| PI17025 | CVE-2014-0963: IBM HTTP Server high CPU utilization with SSL http://www-01.ibm.com/support/docview.wss?&uid=swg21676092 |
| PM97650 | IBM HTTP Server does not send SIGTERM to fastCGI application |
| PI04922 | IBM HTTP Server scaling/processing threads limited on 64-bit Microsoft Windows (httpd-la) |
| PI06366 | IBM HTTP Server thread creation failures when scaling up from default configuration on RHEL6 |
| PI08502 | Potential heap corruption under load for IBM HTTP Server with SSL enabled. (GSKit upgrade). |
| PI08715 | Potential mod_proxy crashes under load |
| PI13422 | Memory leak in GSKit 8.0.50 (GSKit upgrade) |
| PI15344 | IBM HTTP Server caching issues |
| PI16599 | Authentication failure gives LDAP error for non-LDAP configurations |
Note: IBM HTTP Server 8.0.0.9 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.27.
| Fix release date: 13 January 2014 Last modified: 13 January 2014 Status: Superseded  Download Fix Pack 8 | |
| APAR | Description |
| PM94008 | Timed-out ldap bind and search failures on reused connections are not retried |
| PM94143 | Use of SAFRunAs results in ICH408I messages to be issued against the HTTP Server userid (z/OS only) |
| PM94602 | ProxyRemote fails to work with SSL requests |
| PM96039 | The AcceptEx disablement notice should not appear in Windows Event Viewer |
Note: IBM HTTP Server 8.0.0.8 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.26.
| Fix release date: 19 August 2013 Last modified: 19 August 2013 Status: Superseded  Download Fix Pack 7 | |
| APAR | Description |
| PM85211 | CVE-2013-0169: TLS Vulnerability http://www-01.ibm.com/support/docview.wss?uid=swg21644047 |
| PM87808 | CVE-2013-1862: mod_rewrite vulnerability http://www-01.ibm.com/support/docview.wss?uid=swg21644047 |
| PM89996 | CVE-2013-1896: mod_dav vulnerability http://www-01.ibm.com/support/docview.wss?uid=swg21644047 |
| PM84215 | mod_mpmstats may report incorrect values during startup or shutdown |
| PM87247 | Additional certificate attributes are needed as fields accessible to the SSLClientAuthRequire directive |
| PM89422 | IHS WebDAV requests slow on Windows |
Note: IBM HTTP Server 8.0.0.7 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.25.
| Fix release date: 29 April 2013 Last modified: 29 April 2013 Status: Superseded  Download Fix Pack 6 | |
| APAR | Description |
| PM76110 | CVE-2012-4557: mod_proxy_ajp incorrectly marks backend WAS CE server down |
| PM80058 | CVE-2012-3499/CVE-2012-4558: Potential exposure in several IBM HTTP Server optional modules https://exchange.xforce.ibmcloud.com/vulnerabilities/82359 https://exchange.xforce.ibmcloud.com/vulnerabilities/82360 |
| PM69188 | Installation of IBM HTTP Server completes with a warning. Failure occurs because the system's hostname is not set. |
| PM70994 | SSLFakeBasicAuth depends on LoadModule order |
| PM71102 | <Location> settings don't affect some mod_negotiation generated content |
| PM73304 | Add mod_ssl's SSLProxyCheckPeerCN to IBM HTTP Server |
| PM75876 | The 'Header' directive can't set a header only if the header is absent, even when using 'EDIT' mode or relying on other modules. |
| PM77980 | IBM HTTP Server should not add the Server: header by default |
| PM78087 | IBM HTTP Server high memory use when many hundreds of RewriteCond %{REQUEST_URI} |
| PM78144 | IBM HTTP Server large logformats cannot be correctly logged by piped loggers |
| PM78434 | Provide end-to-end timeouts for SSL handshakes |
| PM79015 | mod_disk_cache on Windows gives error: '(OS 5) Access is denied: disk_cache: Rename tempfile to datafile failed' |
| PM80235 | NIST SP800-131a support for IBM HTTP Server |
Note: IBM HTTP Server 8.0.0.6 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.24.
| Fix release date: 12 November 2012 Last modified: 12 November 2012 Status: Superseded  Download Fix Pack 5 | |
| APAR | Description |
| PM66470 | CVE-2012-2687: mod_negotiation - potential information disclosure on compromised site |
| PM72915 | TLS compression should be disabled by default in IBM HTTP Server http://www-01.ibm.com/support/docview.wss?uid=swg21611881 |
| PM63634 | admin.password file was reset after installing fix pack |
| PM68007 | Non-root IBM HTTP Server install fails if primary group has no name |
| PM70591 | IHS on Microsoft Windows startup failure with SSLv3Timeout or SSLv2Timeout in vhost: 'master_main: create child process failed.' |
| PM71612 | Additional non-serviceable files added for IBM HTTP Server. |
Note: IBM HTTP Server 8.0.0.5 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.23.
| Fix release date: 06 August 2012 Last modified: 06 August 2012 Status: Superseded  Download Fix Pack 4 | |
| APAR | Description |
| PM58899 | CVE-2012-0883: IBM HTTP Server incorrectly sets paths for startup https://exchange.xforce.ibmcloud.com/vulnerabilities/74901 |
| PM66218 | Upgrade bundled GSKit security library http://www-01.ibm.com/support/docview.wss?&uid=swg21606096 |
| PM56585 | mod_authnz_ldap can generate many unnecessary ldap queries while processing 'Require group' |
| PM57197 | Enhancements to IBM HTTP Server serviceability capabilities for hung threads and slow modules. |
| PM58545 | mod_perl build cannot find "OPT_INCNOEXEC" |
| PM62011 | mod_log_config: The wrong cookie can be logged |
Note: IBM HTTP Server 8.0.0.4 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.22.
| Fix release date: 16 April 2012 Last modified: 16 April 2012 Status: Superseded  Download Fix Pack 3 | |
| APAR | Description |
| PM52351 | CVE-2012-0717: SSLClientAuth Required_reset is not enforced for SSLv2 connections. |
| PM55760 | CVE-2012-0031: Possible parent process crash when untrusted code is run in child. |
| PM56128 | CVE-2012-0053: Possible httpOnly cookie disclosure on compromised site. https://exchange.xforce.ibmcloud.com/vulnerabilities/72758 |
| PM53340 | Incorrect request body handling with Expect: 100-continue. |
| PM54289 | install_ihs script results in errors in the postinstall process. (z/OS only) |
| PM54387 | ABEND EC6 after IHS shutdown when using piped loggers. (z/OS only) |
Note: IBM HTTP Server 8.0.0.3 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.22.
| Fix release date: 16 January 2012 Last modified: 16 January 2012 Status: Superseded  Download Fix Pack 2 | |
| APAR | Description |
| PM47852 | CVE-2011-3348: mod_proxy_ajp: Respond with HTTP_NOT_IMPLEMENTED when the method is not recognized. |
| PM48384 | CVE-2011-3368, CVE-2011-3639, CVE-2011-4317: Potential pattern expansion problem when mod_proxy and mod_rewrite are used together. |
| PM50426 | CVE-2011-3607: Potential buffer overflow and high memory usage in IBM HTTP Server (ap_pregsub) |
| PM43037 | ProxyPass broken due to ebcdic to ascii translation issue with interim response headers |
| PM43354 | No error message for rotatelogs syntax errors |
| PM44635 | IHS returns 500 instead of 401 for a revoked SAF userid |
| PM44816 | Provide end-to-end timeouts for slow requests |
| PM45618 | IHS threads can hang in ldap_bind() without any timeout |
| PM47429 | IHS mod_ldap fails at runtime with 'SSL support failed initialization' |
| PM49573 | IHS startup failure on Windows: 'master_main: create child process failed.' |
Note: IBM HTTP Server 8.0.0.2 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.21.
| Fix release date: 26 September 2011 Last modified: 26 September 2011 Status: Superseded  Download Fix Pack 1 | |
| APAR | Description |
| PM38826 | CVE-2011-0419: apr_fnmatch() routine can result in high CPU with use of mod_autoindex https://exchange.xforce.ibmcloud.com/vulnerabilities/67414 |
| PM46234 | CVE-2011-3192: Potential Denial of Service with malicious range requests https://exchange.xforce.ibmcloud.com/vulnerabilities/69396 |
| PM27886 | Provide secure SSL renegotiation |
| PM37261 | Use of RLimitMEM and RLimitCPU with mod_cgid on IHS 7.0 fails with an Out of Memory error on Unix |
| PM37405 | mod_authnz_saf on z/OS does not allow user to control behavior when user password is expired |
| PM38313 | Piped loggers that continuously restart cause pipe and file descriptor leaks |
Note: IBM HTTP Server 8.0.0.1 contains all applicable security fixes in Apache HTTP Server versions up through 2.2.20.
[{"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"--","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"8.0.0.9;8.0.0.8;8.0.0.7;8.0.0.6;8.0.0.5;8.0.0.4;8.0.0.3;8.0.0.2;8.0.0.15;8.0.0.14;8.0.0.13;8.0.0.12;8.0.0.11;8.0.0.10;8.0.0.1;8.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Was this topic helpful?
Document Information
Modified date:
07 September 2022
UID
swg27021867