Fix Readme
Abstract
IBM MQ provides periodic maintenance for release 9.2. The following is a complete listing of available fixes grouped by maintenance delivery.
Content
This document describes both types of maintenance delivery - fix packs and cumulative security updates. For more information on the types of maintenance, refer to the IBM MQ release types section of the product documentation.
Lifecycle dates:
- GA for IBM MQ 9.2 was 23rd July 2020.
- Start of Extended Support for IBM MQ 9.2 is 30th September 2025.
- Extended support for IBM MQ 9.2 is available until 30th September 2029. Critical defect support as described by the extended support terms and conditions is available until 30th September 2028.
| Release Type | Release Date | Total fixes | Security fixes | HIPER fixes | |
| IBM MQ 9.2.0.38 | Cumulative security update | 23 October 2025 | 4 | 3 | 0 |
| IBM MQ 9.2.0.37 | Cumulative security update | 04 September 2025 | 4 | 1 | 0 |
| IBM MQ 9.2.0.36 | Cumulative security update | 27 June 2025 | 5 | 2 | 0 |
| IBM MQ 9.2.0.35 | Fix pack | 01 May 2025 | 20 | 0 | 0 |
| IBM MQ 9.2.0.31 | Cumulative security update | 27 February 2025 | 7 | 5 | 1 |
| IBM MQ 9.2.0.30 | Fix pack | 17 December 2024 | 46 | 4 | 4 |
| IBM MQ 9.2.0.28 | Cumulative security update | 29 October 2024 | 3 | 2 | 0 |
| IBM MQ 9.2.0.27 | Cumulative security update | 05 September 2024 | 4 | 2 | 0 |
| IBM MQ 9.2.0.26 | Cumulative security update | 26 June 2024 | 9 | 5 | 0 |
| IBM MQ 9.2.0.25 | Fix pack | 26 April 2024 | 42 | 5 | 3 |
| IBM MQ 9.2.0.22 | Cumulative security update | 29 February 2024 | 6 | 4 | 0 |
| IBM MQ 9.2.0.21 | Cumulative security update | 14 December 2023 | 7 | 2 | 0 |
| IBM MQ 9.2.0.20 | Fix pack | 30 October 2023 | 30 | 2 | 3 |
| IBM MQ 9.2.0.16 | Cumulative security update | 31 August 2023 | 4 | 3 | 0 |
| IBM MQ 9.2.0.15 | Fix pack | 28 June 2023 | 27 | 4 | 1 |
| IBM MQ 9.2.0.11 | Cumulative security update | 27 April 2023 | 10 | 5 | 0 |
| IBM MQ 9.2.0.10 | Fix pack | 28 February 2023 | 38 | 2 | 3 |
| IBM MQ 9.2.0.8 | Cumulative security update | 26 January 2023 | 5 | 2 | 0 |
| IBM MQ 9.2.0.7 | Fix pack | 01 December 2022 | 97 | 16 | 4 |
| IBM MQ 9.2.0.6 | Fix pack | 29 June 2022 | 73 | 13 | 9 |
| IBM MQ 9.2.0.5 | Fix pack | 22 February 2022 | 117 | 10 | 14 |
| IBM MQ 9.2.0.4 | Fix pack | 11 November 2021 | 92 | 11 | 16 |
| IBM MQ 9.2.0.3 | Fix pack | 22 July 2021 | 69 | 8 | 6 |
| IBM MQ 9.2.0.2 | Fix pack | 31 March 2021 | 131 | 10 | 17 |
| IBM MQ 9.2.0.1 | Fix pack | 01 October 2020 | 37 | 9 | 3 |
| IBM MQ 9.2.0.0* | Initial release (both Continuous Delivery and LTS) | 23 July 2020 | 59 | 6 | 3 |
* To view the fixes for the IBM MQ 9.2.0.0 initial release, see Fix list for IBM MQ Version 9.2.x Continuous Delivery.
To download IBM MQ Fix and Refresh Packs follow this link. http://www.ibm.com/support/docview.wss?uid=swg27006037
Vulnerability risk information for IBM MQ can be found at Security Bulletin for IBM WebSphere MQ
Example table
| Is Security | Is HIPER | APAR / known issue | Description |
| ✓ | AB12345 | CVE-XXXX-XXXXX (security/integrity exposure) [CVSS base score 5.3] | |
| ✓ | DT987654 | Description of HIPER |
Note: The CVSS scoring information, listed in the fix list tables, is accurate at the time of release. Please review links contained in the referenced bulletins for additional information on scoring, including any retrospective changes to scores assigned by third parties.
IBM MQ cumulative security update 9.2.0.38 IBM i, Windows, UNIX®
(Last modified: November 2025)
| Is Security | Is HIPER | known issue | Description |
| ✓ | DT448473 | IBM MQ CVE-2025-30754 and CVE-2025-30754 [CVSS base score 4.8] | |
| ✓ | DT448803 | IBM MQ CVE-2025-36047 and IBM MQ CVE-2025-48976 [CVSS base score 7.5] | |
| ✓ | DT451207 | IBM MQ CVE-2020-36732 [CVSS base score 5.3] | |
| DT452874 | Third party component updates for cumulative security update 9.2.0.38 |
IBM MQ cumulative security update 9.2.0.37 IBM i, Windows, UNIX®
(Last modified: November 2025)
| Is Security | Is HIPER | known issue | Description |
| ✓ | DT444585 | IBM MQ CVE-2025-36100 [CVSS base score 5.1] | |
| DT439746 | IBM MQ Queue Manager generates AMQ9716E after upgrading | ||
| DT440402 | IBM MQ Bridge to Salesforce fails to connect due to deprecated Salesforce API version. | ||
| DT449116 | Third party component updates for cumulative security update 9.2.0.37 |
IBM MQ cumulative security update 9.2.0.36 for Windows, UNIX®, IBM i
(Last modified: August 2025)
| Is Security | Is HIPER | known issue | Description |
| ✓ | DT438705 | IBM MQ CVE-2025-21587, CVE-2025-4447 [CVSS base score 7.4] | |
| ✓ | DT439059 | IBM MQ CVE-2025-30472 [highest CVSS 9.8] | |
| DT434353 | Changes to the IBM MQ classes for Java and classes for JMS to support Java 17 and later. | ||
| DT434354 | Update the IBM MQ Bridge to Salesforce to use Eclipse Jetty 12 | ||
| DT442002 | Third party component updates for cumulative security update 9.2.0.36 |
IBM MQ 9.2.0.35 fix pack for Windows, UNIX®, IBM i
(Last modified: May 2025)
| Is Security | Is HIPER | known issue | Description |
| DT209203 | Unmanaged .NET client application with AMS installed reports MQRC 2035(MQRC_NOT_AUTHORIZED) when using a z/OS queue manager | ||
| DT245884 | IT44897: AMQ9703W: Message sequence number mismatch detected for channel,while starting a channel | ||
| DT381669 | IT46109: Memory leak in locally bound MQ application in XA environment when MQ AMS is installed | ||
| DT389918 | IT46375: FREQUENT MQ FDC EXCEPTIONS GENERATED ON THE QUEUE MANAGER SYSTEM DUE TO PERMISSION ISSUES | ||
| DT391393 | IT46346: Singular messages may be committed during a transaction despite contrary configuration when using WAS Listener Ports | ||
| DT395866 | IT46835: MQ Java client properties "com.ibm.mq.cfg.TCP.ClntRcvBuffSize" and "com.ibm.mq.cfg.TCP.ClntSndBuffSize" cannot be set to 0 | ||
| DT418856 | IT46996: 'crtmqm' command fails with AMQ6708E when using a GPFS file system | ||
| DT419537 | IT47424: AMQ9456 error messages appear in queue manager error logs | ||
| DT428277 | IT47446: Memory leak in IBM MQ client when MQCONNX in client program that uses TLS fails with rc=2381 or rc=2393 | ||
| DT428295 | IT47744: Cluster queues disappeared after long period of disuse and a change/move of Full Repository queue managers | ||
| DT428558 | IT36211: Sender channel fails to start because it cannot connect to a host by name but 'nslookup' resolves its IP address | ||
| DT428694 | IT41624: Error log message AMQ9575 reports incorrect channel name | ||
| DT429741 | IT42617: Incorrect timezone number in the header block output from dspmqtrc, if the offset from UTC is a negative number | ||
| DT429780 | IT43186: MQ trace identifies the incorrect position of character causing conversion issue | ||
| DT429819 | IT45895: Message Ids may be duplicated for pub/sub messages by the IBM MQqueue manager on Windows | ||
| DT429837 | IT47719: Third party component updates for Fix Pack 9.2.0.35 | ||
| DT429841 | IT47623: Use the default DNSResolutionOrder when a user-configured value is partially invalid | ||
| DT429849 | IT47225: AIX IBM MQ fix pack bundle on Fix Central does not include the install '.toc' file | ||
| DT429852 | IT47564: Performance Monitoring Enhancements | ||
| DT433212 | A remote queue manager's new CLUSRCVR channel cannot be inserted into the cluster after RESET CLUSTER was run to correct an earlier mistake |
IBM 9.2.0.31 cumulative security update for Windows, UNIX®, IBM i
(Last modified: March 2025)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT43835 | IBM MQ CVE-2025-23225 [CVSS base score 6.5] | |
| ✓ | ✓ | IT47091 | IBM MQ CVE-2024-54175 [CVSS base score 5.5] |
| ✓ | IT47371 | IBM MQ CVE-2024-54173 [CVSS base score 4.7] | |
| ✓ | IT47597 | IBM MQ CVE-2025-0975 [CVSS base score 8.8] | |
| ✓ | IT47396 | IBM MQ CVE-2024-21235, CVE-2024-21217, CVE-2024-21210, CVE-2024-21208, CVE-2024-10917 [CVSS base score 5.3] | |
| IT47130 | Third party component updates for cumulative security update 9.2.0.31 | ||
| IT47288 | Problems with Linux RPM upgrade process and the IBM MQ embedded JRE and Liberty components |
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT46250 | IBM MQ CVE-2024-51470 [CVSS base score 6.5] | |
| ✓ | IT47188 | IBM MQ CVE-2024-52896 [CVSS base score 6.2] | |
| ✓ | IT47189 | IBM MQ CVE-2024-52897 [CVSS base score 6.2] | |
| ✓ | IT47223 | IBM MQ CVE-2024-51471 [CVSS base score 5.3] | |
| ✓ | IT43721 | Queue manager with global in-doubt transaction fails to start after associating with a different installation. | |
| ✓ | IT45107 | Queue manager fails to recover damaged object if queue file location is in old format | |
| ✓ | IT45686 | Queue manager fails to start if damaged object is not recoverable. | |
| ✓ | IT46247 | SIGSEGV in rrmUpdateSuspendList and queue manager then fails after suspending in many clusters | |
| IT37573 | Install/upgrade failure: amqiclen: Failed to obtain global lock(1): rc=545261555 | ||
| IT38202 | Multi-instance qmgr writes FDC with Probe Id ZX028020 or ZX028090 during startup and fails over to standby instance | ||
| IT39543 | IBM MQ Bridge to Salesforce fails with AMQSF040E if the HTTP response is larger than 1 MiB. | ||
| IT40943 | Establishing a new channel instance between multi-instance queue managers might intermittently enter a retry loop | ||
| IT42661 | When a RQSTR channel is started twice, a second RQSTR instance is incorrectly started with status "INITIALIZING" | ||
| IT43000 | IBM MQ managed .Net fails with MQRC_RFH_FORMAT_ERROR (2421) if the <usr> section of RFH2 header contains "$" | ||
| IT43115 | Queue Manager PutCount statistics incorrect for temporary dynamic queue | ||
| IT43502 | Managed .NET client using distributed transaction reports MQRC_HCONN_ERROR (2018) while using MQCNO_HANDLE_SHARE_NONE | ||
| IT43696 | Hang when MQ on AIX tries to write out the call stack after a heap-corruption SIGSEGV | ||
| IT43812 | Probe ID CO609020 with component cciHeartbeatMonitorThread, data: 0X00000038 on SVRCONN channel | ||
| IT44384 | Channel loops if a message on the transmit queue exceeds the MAXMSGL attribute of the Queue manager | ||
| IT44510 | No warning is provided when duplicate cluster receiver channels are created with a mismatched queue manager name | ||
| IT44710 | IBM MQ FDC with probe ID XC006001 is generated by the 'amqrmppa' process during 'endmqm' call | ||
| IT44895 | Third party component updates in fix pack 9.2.0.30 | ||
| IT45058 | MQ-JMS v9.2 applications consume more queue manager channel instances over time | ||
| IT45074 | An MFT agent can receive BFGSS0024E due to receiving a 2127 when performing a PDS Member transfer | ||
| IT45203 | Duplicate entries are observed in application activity traces during MQDISC | ||
| IT45432 | AMQ9620E: Internal Error on Call to SSL Function On Channel with RC=551 from gsk_secure_soc_write | ||
| IT45438 | An MQ JMS Client using TLSv1.3 GCM Cipher receives an RC=2009 and the Queue Manager generates an FDC with ProbeID CO373099. | ||
| IT45574 | An MFT managed transfer on z/OS can result in high CPU usage for the agent process. | ||
| IT45625 | JMQI does not replace unmappable characters in the message body when indicated to do so. | ||
| IT45649 | IBM MQ SVRCONN channels are in stopped state after restart of queue manager. | ||
| IT45688 | FDC record with error code AMQ6125E reported during execution of endmqm command | ||
| IT45943 | IBM MQ TLS Client support for Extended Master Secret (EMS) | ||
| IT46231 | MQ channel process ends unexpectedly due to memory exception(SIGSEGV) after failure in opening channel sync file. | ||
| IT46239 | FDC record is generated when the authority for a principal is removed, if it is the last principal for the object. | ||
| IT46459 | RDQM support for disabling ICMP protocol usage | ||
| IT46573 | SYSTEM.NULLREFERENCEEXCEPTION from XMS .NET when the queue manager is unreachable | ||
| IT46577 | IBM MQ "dspmqver -p 64" or "dspmqver -a" write messages in the error logs when displaying the 32-bit GSKit version | ||
| IT46625 | FDC is generated with Probe Id xy132005 and Component xstCreateExtent with error xecS_E_TOO_BIG | ||
| IT46711 | Install/uninstall/upgrade failure: amqiclen: Failed to obtain lock for QMgr 'MYQM': rc=1077960969 | ||
| IT46801 | IBM MQ 9.4.0.0 upgraded to 9.4.0.5 removes the RDQM installation setup. | ||
| IT46821 | Potential memory overwrite in amqrrmfa process | ||
| IT46837 | IBM MQ on Linux for s390x install unnecessary 31-bit GSKit files | ||
| IT46863 | When upgrading IBM MQ on Ubuntu Linux from 9.2 to 9.3 or 9.4, an error message is output | ||
| IT46908 | Error messages output when uninstalling an MQ 9.4 installation on Linux after upgrading from MQ 9.2/9.3 | ||
| IT47103 | IBM MQ web console signin fails for users with large "user id number" | ||
| IT47245 | Kernel modules to enable support for RDQM on RHEL 9 kernel 5.14.0_503.11.1-1 |
IBM MQ 9.2.0.28 cumulative security update for Windows, UNIX®, IBM i
(Last modified: October 2024)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT46890 | IBM MQ CVE-2023-50314 [CVSS base score 5.3] | |
| ✓ | IT46892 | IBM MQ CVE-2024-21147, CVE-2024-21140, CVE-2024-21144, CVE-2024-21138 [CVSS base score 7.4] | |
| IT46886 | Third party component updates for cumulative security update 9.2.0.28 |
IBM MQ 9.2.0.27 cumulative security update for Windows, UNIX®, IBM i
(Last modified: September 2024)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT46080 | IBM MQ CVE-2024-2511 [CVSS base score 3.7] | |
| ✓ | IT46501 | IBM MQ CVE-2024-40681 [CVSS base score 7.5] | |
| IT46434 | Third party component updates for cumulative security update 9.2.0.27 | ||
| IT46492 | Altering an object to set cluster namelist with non existent namelist fails with AMQ8103E after applying APAR IT45710 |
IBM MQ 9.2.0.26 cumulative security update for Windows, UNIX®, IBM i
(Last modified: March 2025)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT45510 | IBM MQ CVE-2024-31919 [CVSS base score 5.9] | |
| ✓ | IT45710 | IBM MQ CVE-2024-35116 [CVSS base score 5.9] | |
| ✓ | IT45816 | IBM MQ CVE-2024-22201 [CVSS base score 7.5] | |
| ✓ | IT46058 | IBM MQ CVE-2024-27268, CVE-2023-51775, CVE-2024-22353, CVE-2024-22329, CVE-2024-22354, CVE-2024-22329, CVE-2024-22354, CVE-2024-25026 [CVSS base score 7.5] | |
| ✓ | IT46155 | IBM MQ CVE-2024-21085 [CVSS base score 5.9] | |
| IT38931 | Client REST API does not allow newline (CRLF) characters to be delivered to the destination. | ||
| IT45156 | HTTP POST requests submitted to the MQ REST API (mqweb) without Content-Type header "charset=UTF-8" are processed incorrectly | ||
| IT45920 | Third party component updates for cumulative security update 9.2.0.26 | ||
| IT46256 | Update to modver script for RDQM on RHEL 8.10 |
IBM MQ 9.2.0.25 fix pack for Windows, UNIX®, IBM i
(Last modified: April 2024)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | ✓ | IT45110 | IBM MQ CVE-2024-25048 [CVSS base score 7.5] |
| ✓ | IT45253 | IBM MQ CVE-2023-26159 [CVSS base score 7.1] | |
| ✓ | IT45331 | IBM MQ CVE-2024-25015 [CVSS base score 7.5] | |
| ✓ | IT45762 | IBM MQ CVE-2024-20952 and CVE-2023-33850 [CVSS base score 7.5] | |
| ✓ | SE81096 | IBM MQ CVE-2024-0727 and CVE-2023-6237 [CVSS base score 3.1] | |
| ✓ | IT45131 | Probe Id XC130004 SIGSEGV in rrmRecoClqMgrDelRemote function in amqrrmfa causes queue manager to fail | |
| ✓ | IT45890 | IBMJCEPlusFIPS RSA FIPS 140-2 cipher suites have been removed inthe latest Java runtime shipped with IBM MQ | |
| IT37819 | MQ Java and .NET clients may receive duplicate messages after rolling back a transaction | ||
| IT38022 | Log more possible error conditions from amqiclen during installer/uninstaller processing | ||
| IT38647 | SIGSEGV in MQ application within function xcsReadEnvironment under libmqe.so | ||
| IT41300 | strmqm with incorrect file permissions and ownership hangs during queue manager startup | ||
| IT42506 | MQ classes for Jakarta application throws an AssertionError using the Connection/Session toString() | ||
| IT42821 | XMS .NET Core applications return an invalid message payload if the message was sent by a Mainframe application | ||
| IT43178 | The channel pooling process might terminate due to a SIGSEGV in xcsWaitPid. | ||
| IT43974 | MQ IPT reports MQCPE020 and MQCPE048 messages when extending thevalue 'MAXCONNECTIONTHREADS' . | ||
| IT44134 | IBM MQ XMS client registers extraneous files with the .NET global assembly cache | ||
| IT44454 | MQ classes for JMS API threads may deadlock when the queue manager is configured to use SSLRKEYC | ||
| IT44576 | MQ MFT message BFGTR0058I specifies a filename instead of a reason code. | ||
| IT44577 | High memory usage in amqrmppa process | ||
| IT44601 | Cannot delete a queue manager using the IBM MQ Web Console | ||
| IT44606 | Memory leak in IBM MQ amqrmppa process when using MQIBindType=FASTPATH | ||
| IT44717 | Allow suppression of protocol error caused by v5 Java/JMS clients | ||
| IT44767 | Retrying or running CLUSSDR channels not restarted immediately on queue manager restart | ||
| IT44798 | A ICH408I error can occur after upgrading the WebSphere Liberty Profile used by the IBM MQ Console to 22.0.0.12 on z/OS | ||
| IT44910 | MQ trace on server incorrectly captures user message data duringclient MQGET when using the "-d 0" flag on strmqtrc | ||
| IT45046 | Thirdparty component updates for fix pack 9.2.0.25 | ||
| IT45060 | Managed File Transfer (MFT) agents report a BFGIO0076E errorwhen transferring data sets on extended attribute volumes | ||
| IT45113 | SIGSEGV in reconnectable MQ client application | ||
| IT45141 | Upgrade MQ Samples to use .NET6 in IBM MQ 9.2 LTS | ||
| IT45179 | This is an administrative APAR is to include Advanced VUE functionality in MQ Advanced. | ||
| IT45181 | XMS .NET APPLICATIONS CONNECTING TO A QUEUE SHARING GROUP THROW MQRC 6109 WHILE CLOSING THE CONSUMER | ||
| IT45247 | Additional information added into ZF225050 First failure data (FDC) file | ||
| IT45788 | Upgrade the JRE level for IBM MQ V9.x to Java 8.0.8.20 for AIX, Linux, and Windows | ||
| PH55191 | THE WMQ.JMSRA.IVT.EAR PROVIDED BY IBM MQ FOR Z/OS RETURNS UNREADABLE CHARACTERS | ||
| SE80208 | MQ FDC XC006001 XCSFREEMEMFN ON FIRST STRMQM AT V9.3 | ||
| SE80551 | IBM MQ MANAGER MAY CRASH SHORTLY AFTER STARTUP | ||
| SE80818 | 5725A49 "C CLIENT" INSTALL LOG ROLLOVER PROCESSING INCORRECT | ||
| SE80838 | GRTMQMAUT OBJ(*ALL) OBJTYPE(*Q) giving only *ADMDSP and other authorities are only partially processed | ||
| SE80841 | 5725A49 MQ "C CLIENT" ERROR LOGGING PER-USER ROLLOVER FAILURE | ||
| SE80842 | 5725A49 ERROR LOG SIZE CONTROL | ||
| SE80990 | Keystores created using the default runmqckm settings are not compatible with IBM i | ||
| SE81342 | MESSAGE AMQ9917 NOT DEFINED IN MQ 9.3.0.15+ ON IBM I |
IBM MQ 9.2.0.22 cumulative security update for Windows, UNIX®, IBM i
(Last modified: March 2024)
| Security APAR | HIPER APAR | APAR | Description |
| IT45016 | Third party component updates for cumulative security update 9.2.0.22 | ||
| ✓ | IT45026 | IBM MQ CVE-2024-25016 [CVSS base score 7.5] | |
| ✓ | IT45240 | IBM MQ CVE-2023-4218 [CVSS Base score 5] | |
| ✓ | IT45274 | IBM MQ CVE-2023-39976 [CVSS Base score 9.8] | |
| IT45343 | Kernel modules to enable support for RDQM on RHEL 9 kernel 5.14.0-362.18.1 | ||
| ✓ | IT45350 | IBM MQ CVE-2023-44487 [CVSS Base score 7.5] |
IBM MQ 9.2.0.21 cumulative security update for Windows, UNIX®, IBM i
(Last modified: December 2023)
| Security APAR | HIPER APAR | APAR | Description |
| IT44412 | Enhancements to the modver utility | ||
| IT44784 | Third party component updates for cumulative security update 9.2.0.21 | ||
| IT44786 | Removal of the IBM MQ Bridge to blockchain component | ||
| ✓ | IT44821 | IBM MQ CVE-2023-5072 [CVSS Base score 7.5] | |
| IT44926 | Kernel modules to enable support for RDQM on RHEL 9.3 kernel 5.14.0-362.8.1 and RHEL 8.9 kernel 4.18.0-513.5.1 | ||
| ✓ | IT44961 | IBM MQ CVE-2023-22081, CVE-2023-5676 [CVSS Base score 5.3] | |
| SE80793 | Update OpenSSL from 1.1.1 to 3.0 |
IBM MQ 9.2.0.20 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: October 2023)
| Security APAR | HIPER APAR | APAR | Description |
| IT34804 | Subscription messages are delivered out of sequence when using clustered pub/sub with multiple receiver channels | ||
| IT40382 | High CPU usage for IBM MQ amqzlaa0 process | ||
| IT40977 | IBM MQ create subscription fails with 'AMQ8135E: Not authorized' | ||
| IT41323 | Partial repository queue manager prematurely reports AMQ9456 warning or erroneous MQRC_UNKNOWN_OBJECT (2085) | ||
| ✓ | ✓ | IT41871 | IBM MQ CVE-2023-45177 and IBM MQ Appliance CVE-2023-45177 [CVSS base score 5.3] |
| IT41913 | Excessive FDC records with probe identifier XC805110 XRUQUERYCPU_QM XECL_W_PERFORMANCE_BOTTLENECK | ||
| IT41985 | The character set used in the error logs for an RDQM Queue Manager changes depending on how the queue manager is started | ||
| IT42246 | IBM MQ RDQM queue manager might fail to switch to its configuredpreferred node. | ||
| IT42462 | CRDATE and CRTIME fields of the SYSTEM.DEFAULT.SUB object are set to blank vales | ||
| IT42550 | The SYSTEM.DEFAULT.SUB object disappeared and an FDC with probe identifier KN483002 was generated. | ||
| IT42769 | MQIPT does not start as a Windows service at version 9.2 | ||
| IT42851 | Memory leak in the IBM MQ amqzlaa0 process | ||
| IT43016 | MQ Classes for Java throws a MQRC 2019 exception'MQRC_HOBJ_ERROR' when attempting to close a queue | ||
| IT43044 | MQ Appliance userrestore command fails with AMQ6650E when restoring a backup file that contains a group with many users | ||
| IT43084 | A 2085 or 3015 error is received when the IBM MQ Console or other application uses the Inquire Queue administrative command | ||
| IT43343 | A network disconnect of HA links left a single RDQM node in running state | ||
| IT43646 | Clustering recovery and diagnostic improvements | ||
| IT43663 | A duplicate message might be intermittently generated by the queue manager on Windows | ||
| IT43740 | MQ Bridge to SalesForce reports NullPointerExceptions when reconnecting to Salesforce | ||
| IT43741 | Running IBM MQ commands during installation of MQ may result in failures opening CCSID file table | ||
| IT43783 | MQ processes and commands might fail if the qm.ini file containsunexpected character and MQ trace is enabled | ||
| IT43790 | MQ 9.2 always outputs INDOUBT(YES) in Saved channel status, evenwhen the channel is not indoubt | ||
| IT43854 | A MQ classes for JMS application reaches a deadlock condition when comparing MQDestination objects | ||
| IT44089 | DISPLAY CHSTATUS(*) SAVED returned "AMQ8135E: Not authorized" for auto-defined CLUSSDR channel status records | ||
| IT44206 | Third party component updates in fix pack 9.2.0.20 | ||
| ✓ | IT44522 | Kernel modules to enable support for RDQM on RHEL 9.2 kernel 5.14.0-284.30.1 | |
| ✓ | ✓ | IT44585 | IBM MQ CVE-2023-38039 [CVSS base score 7.5] |
| SE79607 | IBM MQ MFT upgrade via SLIP install error | ||
| SE79868 | 5725A49 MQ client connection fails with 2071 AMQ9211 on 65th connection within same job | ||
| SE79913 | MQ client application failure 3452 |
IBM MQ 9.2.0.16 cumulative security update for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: August 2023)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT43897 | IBM MQ Appliance CVE-2023-2650 [CVSS base scores 7.5] | |
| ✓ | IT44043 | IBM MQ CVE-2023-21930, CVE-2023-21967, CVE-2023-21939, CVE-2023-21938 and MQ Appliance CVE-2023-21930, CVE-2023-21967 [CVSS base score 7.4] | |
| IT44058 | Thirdparty component updates for cumulative security update 9.2.0.16 | ||
| ✓ | SE80122 | IBM MQ CVE-2023-2650 for OpenSSL (IBM i ) [CVSS base score 7.5] |
IBM MQ 9.2.0.15 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: July 2024)
| Security APAR | HIPER APAR | APAR | Description |
| IT37352 | MQ cluster queue manager fails to start when configured to use acluster workload exit | ||
| IT37481 | Poor performance observed with MQIPT under load when running with Trace=1 or higher in the mqipt.conf file | ||
| IT37483 | High CPU usage reported for an agent process amqzlaa0 when ending the MQ queue manager | ||
| IT39743 | IBM MQ process amqpcsea ended unexpectedly with insufficient diagnostics | ||
| IT40337 | IBM MQ full repository queue manager reported errors AMQ9435E and 2085 (MQRC_UNKNOWN_OBJECT_NAME) | ||
| IT40694 | The runmqakm command does not report an error when the target file is not writable | ||
| IT40807 | FDC with probe identifier KN467022 generated on queue manager startup | ||
| IT40928 | Unable to put a message to a queue when using a CCSID 943 JVM using the MQ classes for Java | ||
| IT41304 | MFT system property "com.ibm.wmqfte.cred.keyfile" is misspelt as "com.ibm.wqmfte.cred.keyfile" | ||
| IT41430 | MQ appliance status command might incorrectly show reduced disk allocation | ||
| IT41592 | IBM MQ might become unresponsive due to delays in its cyptographic provider | ||
| IT42128 | AMS protected messages lose message properties when involved with SYSTEM.PROTECTION.ERROR.QUEUE | ||
| ✓ | IT42945 | IBM MQ CVE-2023-28513 and IBM MQ Appliance CVE-2023-28513 [CVSS base score 5.9] | |
| IT43183 | IBM MQ resource adapter leaks LocalServer objects if an MDB's ejbCreate() method throws an exception | ||
| IT43320 | Third party component updates in fix pack 9.2.0.15 | ||
| IT43342 | SIGFPE divide by zero in xruQueryDiskUsageVolumeGroup when RDQM volume group has zero size | ||
| IT43349 | Delay in IBM MQ 9.2/9.3 multi-instance queue manager failover/switchover | ||
| IT43454 | Kernel modules to enable support for RDQM on RHEL 9.1 kernel level 5.14.0-162.22.2 | ||
| IT43650 | Channel fails with AMQ9620 gsk_secure_soc_init error 12 when FIPS is enabled and TLS_CHACHA20_POLY1305_SHA256 is used | ||
| ✓ | IT43654 | Queue manager might generate FDC RN189010 with error code rrcE_FILE_CORRUPT after applying fix of APAR IT42194. | |
| ✓ | IT43717 | IBM MQ CVE-2023-24998 and IBM MQ Appliance CVE-2023-24998 [CVSS base score 7.5] | |
| IT43724 | Kernel modules to enable support for RDQM on RHEL 9.2 kernel level 5.14.0-284.11.1 | ||
| ✓ | IT43737 | IBM MQ CVE-2023-26048 and CVE-2023-26049 (security/integrity exposure) [CVSS base score 5.3] | |
| IT43770 | Kernel modules to enable support for RDQM on RHEL 8.8 kernel level 4.18.0-477.10.1 | ||
| ✓ | IT43802 | IBM MQ CVE-2023-32342 and IBM MQ Appliance CVE-2023-32342 [CVSS base score 7.5] | |
| SE79493 | MQ LOGGER EVENT ENABLED ON IBM I GENERATES REDUNDANT LOGGER MESSAGE INFORMATION | ||
| SE79541 | IBM MQ Manager may crash if journal locked when AMQZMUC0 attempts CHGJRN *GEN |
IBM MQ 9.2.0.11 cumulative security update for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: April 2023)
| Security APAR | HIPER APAR | APAR | Description |
| IT37500 | FDCs with ProbeID 'CO609020' generated by queue manager for a SVRCONN channel with SHARECNV(1) | ||
| IT43172 | Third party component updates for cumulative security update 9.2.0.11 | ||
| ✓ | IT43177 | IBM MQ Appliance CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2022-4450 [CVSS base scores 7.5 - 8.2] | |
| IT43256 | Running a Java application with AMS can result in a NullPointerException if keystore.conf content incomplete | ||
| ✓ | IT43273 | IBM MQ CVE-2023-27535, CVE-2023-23916 [CVSS base scores 7.5 - 9.1] | |
| ✓ | IT43335 | IBM MQ CVE-2023-28950 [CVSS base score 5.1] | |
| IT43337 | An IBM MQ 9.2 amqrmppa process might consume more memory after applying IT40332 | ||
| ✓ | IT43381 | IBM MQ CVE-2023-26285 and IBM MQ Appliance CVE-2023-26285 [CVSS base score 5.9] | |
| IT43517 | Unable to switch back to RDQM node after applying FixPack 9.2.0.10 | ||
| ✓ | SE79414 | IBM MQ CVE-2022-4450, CVE-2023-0216, CVE-2023-0401, CVE-2022-4203, CVE-2023-0217, CVE-2022-4304 [CVSS base score 7.5] |
IBM MQ 9.2.0.10 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: January 2024)
| Security APAR | HIPER APAR | APAR | Description |
| IT35334 | MQRC 2019 'MQRC_HOBJ_ERROR' when opening a queue using the MQ classes for Java | ||
| IT35455 | Provide feedback in the MQ error log when LDAP connection is slow | ||
| IT36555 | AMQ9635 error message displays arbitrary characters at the end of the CipherSpec in the MQ queue manager error logs | ||
| IT37842 | IBM MQ AMQP channel does not start automatically with AMQP service after upgrade | ||
| IT38618 | After applying a fix pack to a Developer Edition installation onWindows, dspmqver incorrectly reports production license | ||
| IT38726 | IBM MQ process amqzmuc0 may consume 100% CPU | ||
| IT39831 | On IBM MQ Appliance running 'strmqm -ns' followed by an abrupt end of qmgr leaves resources in unmanaged state. | ||
| IT40332 | amqrmppa generates FDC XC006001 from xcsFreeMemFn with error xecS_I_PRIVATE_MEMORY_ERROR and Comment "invalid head tag" | ||
| IT41272 | Redistributable Java client incorrectly contains JMSAdmin tool | ||
| IT41625 | RDQM configured for both HA and DR unable to run on any node after frequent connection interruptions | ||
| IT41652 | RDQM: Unexpected failover caused by excessive sensitivity to network delays | ||
| IT41695 | MQ Console reports MQWB2013E error containing reason code 2085 when trying to administer queues in a QSG | ||
| IT41919 | Channels fail to start with MQRC_SSL_INITIALIZATION_ERROR (2393)when using TLS1.3 with SSLFIPS(YES) | ||
| IT41964 | IBM MQ generates corrupted file paths for .TRS files when a longMQ data path has been set | ||
| IT42173 | MQCONNX fails with MQRC_SSL_INITIALIZATION_ERROR (2393) if multiple hostnames and SSLPeerName are specified | ||
| ✓ | ✓ | IT42194 | IBM MQ CVE-2022-40237 [CVSS base score 6.5] |
| IT42321 | MQ command ffstsummary.exe fails to read FDC files more than 2 GB in size | ||
| IT42339 | Bad data arrived at MQ's socket in an MQ client application, butthe required FDC was not written | ||
| IT42355 | MQ classes for JMS applications become blocked while creating a JMS Session when using automatic client reconnection | ||
| IT42368 | KN941001 FDC records every 5 seconds after suspending a queue manager from a uniform cluster | ||
| IT42384 | MQ-JMS application hangs when consuming a message from a v6.0 queue manager | ||
| IT42634 | XMS .NET USES UNSAFE METHOD WHILE CREATING A THREAD IN THE SIBUSCOMPONENT. | ||
| ✓ | ✓ | IT42674 | IBM MQ CVE-2022-43919 and IBM MQ Appliance CVE-2022-43919 [CVSS base score 5.3] |
| IT42796 | Update the JSON java library to level 20220924 for IBM MQ | ||
| IT42797 | Update the version of Fabric Gateway and Jetty supplied with IBMMQ 9.2 for the IBM Bridge to Salesforce/blockchain | ||
| IT42798 | First failure data (FDC) records with probe OP233170 from trcFCloseFn written when MQ trace filesystem is full | ||
| IT42810 | Many ZM013000 ztmTidyUpXASessions trcE_UNEXPECTED_RM_ERROR FDCs from MQ code in application | ||
| IT42870 | Update DRBD and Pacemaker packages supplied with IBM MQ 9.2 LTS | ||
| IT42942 | An additional RDQM kernel module is required for RHEL 8.7 kernel 4.18.0-425.10.1 | ||
| IT43045 | Thirdparty component updates for fix pack 9.2.0.10 | ||
| ✓ | IT43061 | Executing runmqras against an RDQM queue manager as root may cause a kernel crash | |
| IT43069 | MQ appliance Web GUI fails with "Error during the processing of the action" when operating management functions | ||
| IT43237 | endmqm executed with options -w, -s and -r fails with exit code 39 after applying APAR IT41391 | ||
| PH51546 | Managed File Transfer (MFT) agent ABENDs with a B37-04 condition while transferring to a sequential data set. | ||
| SE78231 | Possible memory overwrite in job AMQZMUC0 | ||
| SE78600 | MQ authority record not shown. | ||
| SE78732 | MQ V9.2:Queue Manager fails to start across user profiles with different CCSID. | ||
| SE79052 | MQGET in syncpoint return code variance |
IBM MQ 9.2.0.8 cumulative security update for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: January 2023)
| Security APAR | HIPER APAR | APAR | Description |
| IT42418 | Update the IBM WebSphere Liberty Profile to 22.0.0.12 | ||
| ✓ | IT42613 | IBM MQ: CVE-2022-43902; IBM MQ Appliance: CVE-2022-43902 [CVSS base score 6.5] | |
| ✓ | IT42724 | IBM MQ CVE-2021-37533 [CVSS base score 6.5] | |
| IT42725 | Update Apache Commons Net level to 3.9.0 for IBM MQ | ||
| IT42760 | Third party component updates for cumulative security update 9.2.0.8 |
IBM MQ 9.2.0.7 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: November 2023)
| Security APAR | HIPER APAR | APAR | Description |
| IT34707 | IBM MQ classes for Java generated MQSTR format messages with message properties are always encoded in CCSID 1208. | ||
| IT35346 | Web console/REST process can consume CPU if mqRestMessagingFullPoolBehavior set block. | ||
| IT35513 | The IBM MQ managed .Net client does not use the certificateLabel attribute specified in a CCDT. | ||
| IT35772 | The message BFGUB0068E does not reflect the error that MFT data directory doesn't have write permission. | ||
| IT35951 | IBM MQ Appliance console might not display correct values for queue manager HA status. | ||
| IT36231 | IBM MQ XMS exception listener is only triggered on Connection broken exceptions. | ||
| IT36667 | Tighten the CSP ruleset to disable unsafe-inline for the web console. | ||
| IT36668 | MQ web console Security: X-Content-Type-Options Header Missing. | ||
| IT36669 | Set the Liberty web security property sameSiteCookie to "strict" on the mqweb server. | ||
| IT36749 | In IBM MQ 9.2 .Net client throws System.ArgumentException exception when using MQGET with waitInterval. | ||
| IT36965 | System.NullReferenceException occurs when .Net client tries to browse multiple messages. | ||
| IT37148 | FDCs with probe identifiers RM632001/RM632002 are generated while running an IBM MQ C client application. | ||
| IT37633 | RDQM does not fail over as expected when the Primary node is rebooted or when the node loses connection to its peers. | ||
| IT38770 | fteListMonitors can display monitor details twice if the monitor configuration is being updated when it is run. | ||
| IT39231 | IBM MQ 9.2 LTS fix pack rpm installer does not correctly prohibit application to a 9.2.x CD installation. | ||
| IT39270 | When installing the IBM MQ Client on Windows the system wide error logs files are created with insufficient permissions. | ||
| IT39332 | MQ appliance sethaint command does not notify the user about queue manager restart when floating IP is added. | ||
| IT39358 | SSL protocol exception reported by IBM MQ Java/JMS clients during TLS handshake when qmgr keystore has many certificates. | ||
| IT39648 | Update DRBD and Pacemaker packages supplied with IBM MQ 9.2 LTS. | ||
| IT39802 | IBM MQ Java/JMS application appears to hang when connecting to a non-responsive queue manager. | ||
| IT39850 | IBM MQ managed .NET client using uppercase certificatelabel via hashtable or MQEnvironment property fails. | ||
| IT39919 | IBM MQ resource adapter logs large MQJCA4023 messages if an activation specification fails to connect to a queue manager. | ||
| ✓ | IT40017 | IBM MQ channels might go unresponsive with high CPU usage in channel process if channel synchronization record is corrupted. | |
| IT40168 | fteDeleteAgent with the -f option does not remove resource monitor publications from coordination queue manager. | ||
| IT40296 | The DISPLAY CHSTATUS command incorrectly provides output for inactive channels. | ||
| IT40502 | Security exit user data (SCYDATA) is not passed to a security exit when using the IBM MQ classes for Java and a CCDT. | ||
| IT40532 | Managed File Transfer destination agent stops and generates an ABEND file containing a java.nio.file.InvalidPathException. | ||
| IT40554 | Memory leak in IBM MQ amqzlaa0 process after MQRC_SYNCPOINT_LIMIT_REACHED is encountered. | ||
| IT40577 | AMQP clients intermittently stop receiving messages from the IBM MQ AMQP service after upgrading to MQ 9.2.0.4. | ||
| IT40648 | FDCs generated in user application with ProbeId ZT424000 from component zutLookupRelease. | ||
| IT40763 | Improving validation/error reporting when restoring a qmgr backup created on a newer version of the IBM MQ Appliance. | ||
| IT40791 | IBM MQ Classes for JMS - Messages are not going to the backout queue after the backout threshold is hit. | ||
| IT40814 | IBM MQ runmqlsr process ends with Access Violation or SIGSEGV inxlsWaitEvent. | ||
| IT40838 | IBM MQ client unable to connect to an IBM MQ 8.0 or later queue manager when using SSPI security exit. | ||
| IT40853 | RDQM promote and demote cluster resource timeout values are too low. | ||
| IT40956 | DISPLAY CHSTATUS for a SDR channel contained LONGRTS(0) SHORTRTS(0) but the channel had not retried many times. | ||
| IT40968 | Error: "AMQ8147E IBM MQ object SYSTEM.DEF.AMQP not found" is reported when using MQSC to recreate SYSTEM.DEF.AMQP. | ||
| IT41012 | IBM MQ agent process (amqzlaa0) terminates unexpectedly in queuefull scenario. | ||
| IT41018 | IBM MQ Appliance queue manager writes might be slower than normal during resync. | ||
| IT41035 | Application terminates with FDC XC130003 due to memory exception(SIGSEGV) in TraceEntry in mqccred exit. | ||
| IT41036 | crtmqm or dltmqm running as root fails with AMQ7077E for non RDQM queue manager if RDQM is installed. | ||
| IT41047 | Reconnectable client MQGET returned MQRC_CONNECTION_BROKEN without retrying the connection. | ||
| IT41229 | IBM MQ Java components incorrectly group Simplified Chinese CCSIDs936 and 1386 together as equivalent encodings. | ||
| IT41242 | MFT Audit Information can incorrectly report DESTINATION_FILE_SIZE as -1 for a recovered transfer request. | ||
| IT41354 | IBM MQ 9.2 client might report a memory segmentation fault when JSON format CCDT file used along with TLS. | ||
| IT41391 | The endmqm command help/usage text does not list the "-t" and "-tp" options. | ||
| IT41407 | Update level of libcurl supplied with IBM MQ 9.2 and 9.3 LTS to libcurl 7.84.0. | ||
| IT41422 | IBM MQ for Linux writes FDC from 32-bit application reporting XC035011 and errno 22 from pthread_create. | ||
| IT41424 | Update the JRE to level 8.0.7.15 on AIX, Linux, Solaris, Windows, and 8.0.7.10 on HP-UX for IBM MQ. | ||
| IT41438 | Update the JSON Java library to level 20220320 for IBM MQ. | ||
| IT41461 | IBM MQ Appliance WebConsole Disaster Recovery or High Availability view refreshes indefinitely. | ||
| ✓ | IT41495 | IBM MQ CVE-2022-32206 (security/integrity exposure) [CVSS base score 4.3] | |
| IT41530 | The dmpmqmsg utility is not able to browse an AMS-protected queue containing a message larger than 6700 bytes. | ||
| IT41539 | Support for forward migration to IBM MQ Appliance 9.3 firmware on M2002 hardware. | ||
| ✓ | IT41579 | IBM MQ CVE-2022-22476 and IBM MQ Appliance CVE-2022-22476 (security/integrity exposure) [CVSS base score 5] | |
| ✓ | IT41581 | IBM MQ appliance queue manager might fail to start after migration from IBM MQ 9.1 to IBM MQ 9.2.0.6. | |
| IT41589 | Update the IBM MQ embedded IBM Websphere Liberty Server to 22.0.0.6 plus APAR PH48187. | ||
| IT41603 | Deadlock occurs if a Managed File Transfer (MFT) agent that has resource monitors defined is started with trace enabled. | ||
| ✓ | IT41610 | IBM MQ Appliance CVE-2020-35513 [CVSS base score 5.5] | |
| ✓ | IT41682 | IBM MQ Appliance CVE-2022-32750 [CVSS base score 5.4], IBM MQ Appliance CVE-2022-31774 [CVSS base score 5.4] & IBM MQ Appliance CVE-2022-31775 [CVSS base score 5.5] | |
| ✓ | IT41700 | IBM MQ IPT CVE-2022-35718 (security/integrity exposure) [CVSS base score 5.1] | |
| IT41748 | XMS .NET applications failed to rebalance when the CCDT was specified using MQCHLLIB | ||
| IT41777 | IBM MQ-RA activation specification running in non-ASF mode in IBM WebSphere Application Server pauses prematurely. | ||
| ✓ | IT41798 | IBM MQ Appliance might reload when querying queue manager or HA status or system resources status. | |
| IT41811 | IBM MQ .NET applications hang during reconnection when connected to a uniform cluster. | ||
| IT41904 | FDC record with Probe ID CO373099 does not include the peer connection name in the header. | ||
| ✓ | IT41915 | IBM MQ Appliance CVE-2022-31773 (security/integrity exposure) [CVSS base score 8.8] | |
| IT41916 | Update node-fetch on IBM MQ 9.2 to 3.2.10. | ||
| ✓ | IT41997 | IBM MQ Appliance CVE-2022-40230 (security/integrity exposure) [CVSS base score 5] | |
| ✓ | IT42021 | IBM MQ CVE-2022-34165 & IBM MQ Appliance CVE-2022-34165 (security/integrity exposure)[CVSS base score 5.4] | |
| IT42024 | Update the IBM WebSphere Liberty Profile to 22.0.0.9 plus Interim Fixes PH46816 and PH48810. | ||
| IT42031 | Update level of libcurl supplied with IBM MQ 9.2 LTS to libcurl 7.85.0. | ||
| IT42058 | Upgrade Eclipse Jetty to version 9.4.48. | ||
| ✓ | IT42100 | IBM MQ CVE-2021-2163 and IBM MQ CVE-2023-30441 and IBM MQ Appliance CVE-2023-30441 [CVSS base score 7.5] | |
| IT42142 | Error message AMQ9575 is incorrect for non-English languages. | ||
| IT42152 | Update the Bouncy Castle shipped by IBM MQ 9.2 to version 1.72. | ||
| IT42153 | Upgrade ICU4J for IBM MQ MFT to 71.1. | ||
| IT42154 | Update the Fabric Gateway and Jetty libraries for the IBM MQ 9.2 LTS Bridge to Blockchain and Salesforce. | ||
| IT42158 | Update IBM Sterling Connect:Direct Application Interface for Java (CDJAI) to 1.1.0.1. | ||
| IT42159 | Upgrade the Apache Qpid Proton-j level for IBM MQ to Qpid Proton-j 0.34.0. | ||
| ✓ | IT42204 | IBM MQ CVE-2022-42436 (security/integrity exposure)[CVSS base score 4] | |
| IT42208 | Update level of GSKit supplied with IBM MQ 9.2 LTS to GSKit 8.0.55.29. | ||
| ✓ | IT42209 | IBM MQ CVE-2022-24839 (security/integrity exposure)[CVSS base score 7.5] | |
| ✓ | IT42224 | IBM MQ Appliance queue manager resync might be unexpectedly slow for some of the QMgrs between active and standby/DR nodes. | |
| ✓ | IT42280 | IBM MQ CVE-2022-25857 (security/integrity exposure)[CVSS base score 7.5] | |
| ✓ | IT42342 | IBM MQ CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752 (security/integrity exposure)[CVSS base score 5.3] | |
| ✓ | IT42343 | IBM MQ CVE-2022-3510, CVE-2022-3509 and IBM MQ CVE-2022-1471, CVE-2022-41854 and IBM MQ CVE-2022-3171 [CVSS base score 8.3] | |
| IT42420 | IBM MQ Appliance RAID battery high temperature warning can be given incorrectly at 40 degrees C. | ||
| IT42445 | Kernel modules to enable support for RDQM on RHEL 8.7 (Kernel level 4.18.0-425). | ||
| ✓ | IT42447 | IBM MQ Appliance CVE-2020-25705 (security/integrity exposure) [CVSS base score 7.4] | |
| IT42456 | Update the IBM JRE to level 8.0.7.20 (AIX, Linux, Solaris, and Windows) for IBM MQ. | ||
| ✓ | IT42457 | IBM MQ: CVE-2022-21626, CVE-2022-21624; IBM MQ Appliance: CVE-2022-21626 [CVSS base score 5.3] | |
| SE78032 | AMS reports error message incorrectly when journaling on PEM files. | ||
| SE78353 | Update OpenSSL to 1.1.1q. | ||
| SE78457 | ENDMQM looping in QUIESCING state when utility manager thread ended unexpectedly. | ||
| SE78501 | AMQRMPPA AMQZLAA0 jobs running is wrong subsystem(QMQM) after configuration of custom subsystem | ||
| SE78659 | Command WRKMQMQSTS with *CONNAME filter may hang or crash queue manager. |
IBM MQ 9.2.0.6 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: June 2022)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT33206 | IBM MQ CVE-2022-31772 [CVSS base score 5.3] | |
| IT33972 | IBM MQ client connection fails with data conversion error AMQ9541E | ||
| IT34490 | Unnecessary debug output written to the IBM MQ Appliance webui messages.log file when trace is not enabled | ||
| IT35254 | Managed file transfer agent generates an FDC and terminates when multiple messages are processed having the same message id. | ||
| IT35434 | AMQ6174 message is generated for MQSTR_r during an async consumewith convert | ||
| ✓ | IT36119 | A persistent message was not delivered asynchronously to an application on queue manager shutdown | |
| IT36647 | Enable allow lists for the IBM MQ JMS deserialization code | ||
| IT36755 | Intermittent problem where a duplicate message id is generated by the queue manager. | ||
| IT37969 | The "ValidateAuth= No" qm.ini tuning parameter is not honored when AMQERR01.LOG is rolled over | ||
| IT38478 | In MQ 9105, the output message of dmpmqaut with -p and -e optionwas misleading when authority is defined at the group level. | ||
| IT38577 | MQ Telemetry channel status shows incorrect values for the indoubtout and pending attributes. | ||
| IT38664 | In IBM MQ RDQM, if a resource fails to start during boot then attempts to start the remaining DRBD resources are skipped | ||
| IT38696 | The Time Format in the Error Logs for an RDQM queue manager changes depending on how the queue manager is started . | ||
| IT38761 | On the IBM MQ New Web Console, not all IBM documentation links are working. | ||
| IT38929 | On AIX, when an IBM MQ queue manager starts then the AMQP process fails to start and produces a Java Core and FDC | ||
| IT38970 | A non-mqm group user is not able to create new non-TLS channels despite having create authority for channel objects | ||
| IT39409 | IBM MQ shows incorrect status when channel status is displayed with CONNAME('IP(PORT)') | ||
| IT39506 | FDC with probe ID XC006001 with xcsFreeMemFn and XECS_I_PRIVATE_MEMORY_ERROR | ||
| IT39511 | An amqrmppa process terminates unexpectedly with XC027005 FDC, clients receive MQRC_CONNECTION_BROKEN(2009) | ||
| ✓ | IT39514 | Application crashes due to sigsegv when connecting to default queue manager | |
| IT39579 | FDCs XC721050 and ZS142010 generated from the amqiclen process when uninstalling IBM MQ | ||
| ✓ | IT39620 | Queue manager fails to start with FDC XY465009 from component xcsCreateSimplePipe | |
| ✓ | IT39632 | Queue manager fails to start due to amqzmuc0 crash while generating FDC KN467078 in ReconcileDurableSubscribers | |
| IT39640 | Agents running queue resource monitors hang after being disconnected from their agent queue manager | ||
| IT39666 | Triggered channel does not start | ||
| IT39735 | The symbolic link for rdqmalert is not created when fix pack is applied | ||
| IT39744 | SYSTEM.CLUSTER.TRANSMIT.QUEUE had USAGE(NORMAL) and, months later, queue manager failed | ||
| IT39745 | IBM MQ Java client using SSLPEER receiving a certificate with SERIALNUMBER in the DN reports MQRC_SSL_PEER_NAME_ERROR (2399) | ||
| IT39751 | Partial repository queue managers erroneously report AMQ9456 for remote queue managers | ||
| ✓ | IT39773 | IBM MQ Appliance might reload when querying status of queue manager or system resources | |
| IT39859 | Clustered QALIAS/QREMOTE incorrectly republished as changed following queue manager restart | ||
| IT39876 | IBM MQ client connection on Linux causes internal error (Probe ID ZD061030) | ||
| IT39927 | "Monitor Started" events are missing from the IBM MQ Managed File Transfer resource monitor event log (resmonevent0.log) | ||
| IT39940 | IBM MQ Explorer adds an additional "/" to topic string when creatingSubscription with empty topic string | ||
| IT39972 | IBM MQ Classes for Java/JMS for Java with trace enabled can result in unexpected increased indentation for methods | ||
| ✓ | IT40001 | Insufficient checking of queue manager name collision when defining an HA QM on the IBM MQ Appliance | |
| IT40062 | dmpmqcfg reports an incorrect number of returned objects when used with a z/OS queue manager | ||
| ✓ | IT40099 | IBM MQ CVE-2022-22325 and IBM MQ Appliance CVE-2022-22325 [CVSS base score 5.1] | |
| IT40109 | The rdqmstatus command fails with 'status not available' | ||
| ✓ | IT40182 | IBM MQ Appliance CVE-2022-22355 and CVE-2022-22356 [CVSS base score 5.3] | |
| ✓ | IT40192 | IBM MQ Appliance CVE-2021-35550 , IBM MQ Appliance CVE-2021-35603 and IBM MQ CVE-2022-21305, CVE-2022-21291, CVE-2021-35550, CVE-2021-35603 [CVSS base score 5.9] | |
| ✓ | IT40254 | Slowdown in distributed queueing and high CPU usage on the receiver queue manager after applying fix for the APAR IT35383 | |
| ✓ | IT40352 | IBM MQ Appliance CVE-2021-38910 [CVSS base score 3.7] | |
| ✓ | IT40353 | IBM MQ Appliance CVE-2022-0778 [CVSS base score 7.5] | |
| IT40418 | Agent incorrectly deletes all of the messages from a source queue at the end of a message-to-file transfer. | ||
| IT40446 | Update level of zlib supplied with IBM MQ 9.2 LTS to 1.2.12 | ||
| IT40455 | Update the JRE to level 8.0.7.5 on Linux AIX and Windows for IBM MQ | ||
| ✓ | IT40467 | FDC with Probe Id RM033006 and message sequence number error AMQ9526E are generated when pipelining is enabled | |
| ✓ | IT40513 | IBM MQ CVE-2018-25032 and IBM MQ Appliance CVE-2018-25032 (security/integrity exposure) [CVSS base score 7.5] | |
| IT40551 | IBM MQ Appliance firmware installation fails with decryption error | ||
| IT40598 | Update the version of Fabric Gateway, Jetty, and SLF4J supplied with IBM MQ 9.2 LTS for the IBM MQ bridge to Salesforce. | ||
| IT40599 | Update Bouncy Castle shipped by IBM MQ 9.2 LTS to version 1.71 | ||
| IT40600 | Update the IBM MQ embedded IBM WebSphere Liberty Profile to 22.0.0.6 | ||
| IT40601 | Update the IBM JRE level to 8.0.7.10 (AIX, Linux, Windows) for IBM MQ 9.2 LTS | ||
| IT40628 | HA secondary unable to connect to DR secondary when HA primary powered off | ||
| IT40698 | Update level of libcurl supplied with IBM MQ 9.2 LTS to libcurl 7.83.0 | ||
| IT40713 | Update level of LDAP client supplied with IBM MQ 9.2 LTS to 6.4.0.25 | ||
| IT40776 | NullPointerException observed when a security exit is being called concurrently on multiple threads. | ||
| ✓ | ✓ | IT40779 | IBM MQ Appliance CVE-2017-18595, CVE-2018-19985, CVE-2018-20169, CVE-2019-19527 [CVSS base score 6.2] |
| IT40826 | Update DRBD and Pacemaker packages supplied with IBM MQ 9.2 LTS | ||
| ✓ | IT40933 | IBM MQ CVE-2022-27780, CVE-2022-30115 (security/integrity exposure) [CVSS base score 7.5] | |
| IT40940 | Provide RDQM kernel module to support RHEL 8.6 (4.18.0-372) | ||
| ✓ | IT40979 | IBM MQ CVE-2022-22475 and IBM MQ Appliance CVE-2022-22475 [CVSS base score 7.1] | |
| IT40982 | Update level of json-c supplied with IBM MQ 9.2 LTS to json-c 0.16-20220414 | ||
| ✓ | IT41133 | IBM MQ CVE-2022-21496, CVE-2022-21434, CVE-2022-21443, CVE-2021-35561 (security/integrity exposure) [CVSS base score 5.3] | |
| ✓ | IT41273 | IBM MQ Appliance CVE-2022-0155, CVE-2022-0536 [CVSS base score 8] | |
| IT41308 | Update the axios, color-string, dompurify and follow-redirects libraries | ||
| ✓ | IT41568 | IBM MQ CVE-2022-24329 [CVSS base score 5.3] | |
| SE77537 | Update Openssl to 1.1.1n | ||
| SE77699 | Add early check to AMS certificate and add more public key data to FFSTs | ||
| SE77700 | SETMQMSPL throws AMQ8916 message with DN with mixed case attributes on IBM i | ||
| SE77770 | AMS DN validation fails if a camel cased DN attribute appears before CN | ||
| SE77839 | Update OpenSSL to 1.1.1o |
IBM MQ 9.2.0.5 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: February 2022)
| Security APAR | HIPER APAR | APAR | Description |
| IJ20591 | Managed .NET SSL application making MQGET calls unexpectedly receives MQRC_CONNECTION_BROKEN when running in .NET Core | ||
| IT32558 | DEFCLXQ(CHANNEL) is not honored if the CLUSSDR has multiple hostnames in the CONNAME attribute | ||
| IT32667 | Sender channel does not stop as expected | ||
| IT33130 | IBM MQ explorer remote connection fails with SSL and FIPS enabled | ||
| IT33500 | MQ-JMS Connection's ExceptionListener is not called when a JMS Session's TCP/IP socket is disconnected | ||
| IT33764 | IVT run on Wildfly-20 ignored DestinationLookup and ConnectionFactoryLookup activation properties | ||
| IT34173 | Defining a topic with PROXYSUB(FORCE) results in an incomplete set of proxy subscriptions. | ||
| ✓ | IT34213 | sethagrp -u command incorrectly reports 'High Availability configuration already migrated' when command fails. | |
| IT34368 | Defining IBM MQ RDQM HA cluster by using 'rdqmadm -c" might fail with AMQ6118 error | ||
| IT34422 | Managed File Transfer schema Monitor.xsd incorrectly states that directory monitors can monitor more than 1 directory | ||
| ✓ | IT34796 | MQRC_TRUNCATED_MSG_ACCEPTED (2079) received unexpectedly by client | |
| ✓ | IT35080 | When MQPUT is ready to give a message to a waiting MQGET, there is a timing window where a message can be malformed. | |
| IT35089 | XMS .NET client applications fail to connect to queue manager when using tls and JNDI connectionFactory | ||
| ✓ | IT35252 | Duplicate entry in DRBD resource file causes HA replication to be stopped in IBM MQ Appliance. | |
| IT35274 | IBM MQ incorrectly generates AMQ8077W warning, reporting missing 'ALTUSR' access to qmgr when activity trace level set to HIGH | ||
| IT35323 | Queue manager does not release secondary log extents after log full condition (AMQ7463) | ||
| IT35365 | The browse cursor advances when an AMS-enabled application receives MQRC_TRUNCATED_MSG_FAILED | ||
| IT35366 | Memory leak when using publish/subscribe with large RFH2 headers | ||
| IT35383 | IBM MQ cluster receiver channel not responding due to loop caused by MQRC_OBJECT_CHANGED error | ||
| IT35579 | Enable alias and TLS 1.3 CipherSpecs in the IBM MQ Console | ||
| IT35687 | In IBM MQ if qmstatus.ini permissions are changed while the queue manager is running, endmqm does not return an error. | ||
| IT35736 | FDCs ZF089191 on queue manager startup or ZF177092 on dmpmqaut | ||
| IT35974 | Managed transfers get stuck if a recoverable error occurs at the same time as a full frame of data is transferred | ||
| IT36083 | Log migration fails with AMQ7716I: migmqlog command has finished unsuccessfully. | ||
| ✓ | IT36102 | IBM MQ Appliance might reload when performing SSL connection | |
| IT36438 | IBM MQ AMQ8079 warning message "ACTION" section is incomplete | ||
| IT36684 | Expired global units of work are now logged through AMQ7497W in the queue manager error logs | ||
| IT36740 | AMQ9620E: Internal error on call to SSL function on channel withrc=5 from gsk_secure_soc_write | ||
| ✓ | IT36744 | Unable to move IBM MQ Appliance HA queue manager back to its original node after failover | |
| ✓ | IT36745 | IBM MQ Appliance HA queue manager does not return to its preferred node after unexpected failover | |
| IT36746 | IBM MQ MFT: Files are left on source, when resource monitor is configured to send batches of 100 files. | ||
| IT36805 | IBM MQ trace not generated after failure in opening trace files | ||
| IT36824 | The AMQ7472W message is unclear about automatic recovery of a damaged object | ||
| IT36950 | IBM MQ installation might cause failure in non-IBM MQ programs that use libcurl or libedit libraries | ||
| IT36990 | Queue manager not releasing media recovery log extents | ||
| IT37001 | runmqdnm monitor reports "Unexpected error 2147746132" after migrating from earlier versions of IBM MQ to version 9.2 | ||
| IT37008 | Message data conversion from CCSID 1390/1399 TO 943 fails with error AMQ6047: Conversion not supported | ||
| IT37172 | Incorrect qmgr status is reported on secondary appliance after HA resource cleanup with service console | ||
| IT37199 | Failure data capture (FDC) record header contains the first line from mqpatch.dat but it should be the last line | ||
| IT37204 | XMS .NET applications fail to load common services if the application name contains amqmxmsstd | ||
| IT37220 | dltdrprimary command might fail to remove DR definition from the HA secondary appliance | ||
| IT37310 | crtmqm -sx fails with AMQ3812E error if /var/mqm/vols directory does not exist | ||
| IT37324 | Applying fix pack from start menu fails with error "Windows cannot access the specified device, path, or file [...]" | ||
| ✓ | IT37355 | IBM MQ Appliance might reload when querying system load | |
| IT37409 | RDQM HA queue manager cannot be created with "rdqm" as the queue manager name | ||
| IT37469 | Invalid config-property-type returned by IBM MQ RA results in 'Invalid archive: wmq.jmsra' warnings in WildFly/JBoss. | ||
| IT37502 | WebSphere Application Server transaction recovery fails when activation specs are configured to use BINDINGS_THEN_CLIENT | ||
| IT37503 | The amqsmon sample utility reports error when using -l option | ||
| IT37606 | "Connection refused" and "connection is closed by foreign host" exceptions handled incorrectly by protocol bridge agents | ||
| IT37625 | Client MQGET can return before the whole message has been received from the server | ||
| IT37651 | The default value for the APPLTAG with IBM MQ classes for Java/JMS can result in the value "jar" | ||
| ✓ | IT37723 | Mishandling of return codes from OS calls might result in Q file corruption after file descriptor limit is hit | |
| IT37733 | MFT agent monitorGroupRetryLimit is not working as expected because monitor execution count is not getting updated | ||
| IT37747 | SIGSEGV: address not mapped when MQDISC is issued after automatic client reconnection | ||
| ✓ | IT37800 | IBM MQ error reporting logic might enter an infinite loop and generate many FDC records with probe identifier CO051011 | |
| IT37869 | FDC containing a NullPointerException occurs if a managed transfer enters recovery during negotiation and times out | ||
| IT37878 | WebSphere Application Server activation specifications do not pause when an MDB calls setRollbackOnly() | ||
| IT37881 | SYSTEM.MQTT.TRANSMIT.QUEUE fills up with messages for MQTT clients that are no longer connected | ||
| IT37958 | Wrong error reported if managed transfer fails during initialization due to "SocketException: Connection reset" | ||
| IT37973 | IBM MQ internal program amqoampx hangs which prevents IBM MQ REST web server from restarting | ||
| IT37974 | IBM MQ REST web server ends after receiving SIGSEGV after running internal program amqoampx | ||
| IT38118 | JMSException containing reason code 2009, rather than 2556, is thrown when automatic client reconnection times out | ||
| IT38158 | Connection handle leak when an IBM MQ-JMS application security exit reports an error | ||
| IT38165 | IBM MQ Explorer shows removed channel property "Register with WLM"(DNSWLM) for a z/OS Queue Manager | ||
| IT38291 | AMQ9504 error message does not contain the channel name | ||
| ✓ | IT38347 | Queue Managers will not run on the preferred node after IBM MQ Appliance reloads. | |
| ✓ | IT38375 | Shared memory segments grow without limit in some IBM MQ usage scenarios | |
| IT38376 | Client application reports MQRC 2009 when using HTTP proxy between 2 IBM MQ IPT servers | ||
| IT38380 | Unable to use nested XA transactions with Mule and the Bitronix transaction manager. | ||
| IT38381 | After migrating to IBM MQ 9.2, a multi-instance queue manager fails over sooner in response to delays in log write operations | ||
| IT38420 | Possible memory leak in amqrmppa or amqzlaa0 process when using secure connection to LDAP repository | ||
| IT38423 | IBM MQ JMS clients fail to reconnect when using automatic client reconnection after a network break. | ||
| IT38491 | dmpmqcfg objects missing when used with a z/OS queue manager | ||
| IT38527 | MQTT component MQXR service produces an unnecessary Java dump as part of the FFST generation. | ||
| IT38542 | Transfer request that hit a problem might see increase in Memory or OutOfMemory Exception | ||
| IT38733 | A "STOP CHANNEL" request might fail when the channel is configured with multiple addresses. | ||
| IT38740 | In IBM MQ Appliance 9.2, the copy command could cause the permissions on the backup directory to be altered. | ||
| IT38745 | Highly available Managed File Transfer agent uses 100% CPU while trying to reconnect to its agent queue manager. | ||
| IT38752 | Update IBM Sterling Connect:Direct Application Interface for Java (CDJAI) to 1.1.0.0 iFix27. | ||
| IT38764 | RDQM configured for both HA and DR is unable to run on any node after frequent connection interruptions | ||
| IT38772 | Managed File Transfer protocol bridge agent abends due to a NullPointerException during a transfer to an SFTP server. | ||
| ✓ | IT38799 | Queue manager ends unexpectedly with FDC Probe Id HL214091 and error code hrcE_MQLP_NOSPACE | |
| IT39013 | Using the IBM MQ REST API to query subscriptions might not provide a complete list | ||
| IT39029 | MQCONN fails in application that uses isolated bindings. FDC probe ZC037020, component zcsAllocateAgent is written | ||
| IT39063 | Update DRBD packages supplied with IBM MQ 9.2 to DRBD version 9.0.31 | ||
| ✓ | IT39183 | IBM MQ CVE-2022-22489 (security/integrity exposure) [CVSS base score 8.2] | |
| ✓ | IT39209 | IBM MQ Appliance CVE-2021-35578 and IBM MQ CVE-2021-35578, CVE-2021-35588, CVE-2021-41035 (security/integrity exposure) [CVSS base score 5.3] | |
| IT39219 | fteShowAgentDetails can output incorrect or inconsistent information | ||
| IT39225 | The IBM MQ Appliance usermodify command does not report an error message for a nonexistent user and generates FDCs | ||
| ✓ | IT39277 | IBM MQ Appliance might reload unexpectedly due to crash in apiprobe | |
| IT39356 | Many AT041015 atxStart arcE_XAER_PROTO FDCs but the error is in the external TM software | ||
| ✓ | IT39386 | IBM MQ CVE-2021-44228 (security/integrity exposure) [CVSS base score 10] | |
| ✓ | IT39444 | IBM MQ CVE-2021-45046 (security/integrity exposure) [CVSS base score 3.7] | |
| ✓ | IT39467 | IBM MQ CVE-2021-45105 (security/integrity exposure) [CVSS base score 7.5] | |
| IT39497 | Update the JRE to level 8.0.7.0 on AIX, Linux, and Windows for IBM MQ | ||
| IT39536 | Upgrade Apache Ant for IBM MQ 9.2 to the latest level (1.10.12) | ||
| IT39537 | Update Bouncy Castle shipped by IBM MQ 9.2 LTS to version 1.70 | ||
| IT39538 | Update the version of Jetty supplied with IBM MQ 9.2 LTS for the IBM MQ Bridge to Salesforce | ||
| IT39539 | Update the IBM MQ embedded WebSphere Liberty Profile to 21.0.0.12 + PH42489 | ||
| IT39540 | Upgrade the Apache Qpid Proton-j level for IBM MQ to Qpid Proton-j 0.33.10 | ||
| ✓ | IT39558 | IBM MQ CVE-2022-22316 and IBM MQ Appliance CVE-2022-22316 [CVSS base score 5.3] | |
| IT39565 | Update level of libcurl supplied with IBM MQ 9.2 LTS to Libcurl 7.81.0 | ||
| IT39567 | Fix pack 9.2.0.4 cannot be installed with rpm/yum if the product license has not yet been accepted | ||
| IT39571 | Update level of libedit supplied with IBM MQ 9.2 LTS to libedit 20210910-3.1 | ||
| IT39597 | Update DRBD and Pacemaker packages supplied with IBM MQ 9.2 | ||
| ✓ | IT39625 | IBM MQ Appliance CVE-2022-22326 [CVSS base score 4 ] | |
| IT39635 | Update level of GSKit supplied with IBM MQ 9.2 LTS to GSKit 8.0.55.26 | ||
| IT39713 | IBM MQ Managed File Transfer database logger puts "Progress" messages containing BFGSS0090E errors to its reject queue | ||
| ✓ | IT39770 | IBM MQ CVE-2021-39031 [CVSS base score 7.5] | |
| IT39787 | Insufficient diagnostics to investigate error in the mqiptAdmin utility | ||
| ✓ | IT39829 | IBM MQ Appliance CVE-2022-22321 [CVSS base score 5.1] | |
| IT39878 | AMQ7077E error is reported when removing RDQM feature from a 9.2 fixpack level. | ||
| ✓ | IT40901 | IBM MQ CVE-2021-28169, CVE-2021-34428, CVE-2021-28163, CVE-2021-28164, CVE-2021-34429, CVE-2021-28165 [CVSS base score 7.5] | |
| SE76272 | IBM i: add HA replica and non-production ILMT tags. | ||
| SE76423 | Channel sequence number lost after manager restart at IBM MQ 9.2. | ||
| SE76719 | IBM MQ in transaction might throw an error with AMQ7435: The IBM MQ commit control exit program failed. | ||
| SE76953 | Update openSSL level to 1.1.1m |
IBM MQ 9.2.0.4 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: November 2021)
| Security APAR | HIPER APAR | APAR | Description |
| IT32681 | IBM MQ clustering allows an out-of-order internal cluster subscription to incorrectly replace a newer one | ||
| ✓ | IT33299 | When applying a fix pack, the "web\installations" folder will be deleted if the "Installation Path" and "Data Path" are the same. | |
| IT33683 | Windows silent installation .ini files incorrectly list some components as requiring IBM MQ Advanced entitlement | ||
| IT33849 | MQSC DISPLAY command shows "Not authorized" multiple times | ||
| IT33937 | FDC records with probe identifier XC035007 and XC364030 are generated during shutdown of IBM MQ C/ C++ application | ||
| IT34363 | Improve diagnostics in zxcHealthThread for unexpected queue manager shutdown | ||
| IT34525 | The amqsrua utility might fail with reason code 2033 (MQRC_NO_MSG_AVAILABLE) | ||
| ✓ | IT34722 | IBM MQ 9.2 managed XMS .Net message listener stops receiving messages after first message is consumed. | |
| IT34994 | Issuing MQCMD_CHANGE_TOPIC by using the IBM MQ Administration Interface fails with MQRC_PARAMETER_MISSING | ||
| IT35023 | After applying a fix pack to a Developer Edition installation on Linux, dspmqver incorrectly reports production license | ||
| IT35278 | IBM MQ 9.2 Appliance Migration Pending state is not removed when HA queue manager is removed from DR. | ||
| ✓ | IT35378 | Queue manager fails to started with FDC AQ234004 from aqlGetLogHdrOrigin | |
| IT35443 | Queue manager hangs and becomes unresponsive. An FDC record is generated which reports xecS_E_NO_MEM | ||
| IT35658 | IBM MQ AMQP service can result in an FDC being created with Probe identifier XR079007 or XR071017 due to MQRC_CALL_IN_PROGRESS error. | ||
| IT35827 | amqcgskv32 triggered by runmqras creates zero-byte FDCs continuously | ||
| ✓ | IT35889 | The rdqmdr command might revert queue manager to an earlier date | |
| IT35941 | Running fteCreateTransfer for a message-to-file transfer, where the source queue is empty, results in a failed transfer | ||
| IT36047 | The destination queue of the durable subscription might change when an MQTT application restarts | ||
| ✓ | IT36110 | Many PCF status messages flow through the channels of a Uniform Cluster even though no reconnectable applications are present | |
| ✓ | IT36179 | IBM MQ CVE-2021-38875 and IBM MQ Appliance CVE-2021-38875 [CVSS base score 6.5] | |
| IT36233 | IBM MQ MFT: Agent property monitorGroupRetryLimit=-1 not behaving as expected | ||
| IT36442 | After reporting a AMQXR1016W warning, the IBM MQ Telemetry service generates FDCs containing IBM MQ reason code 2219 | ||
| ✓ | IT36495 | Queue manager might enter partitioned state after appliance reloads | |
| IT36500 | Transfer item fails with a BFGIO0006E error if the source agent abends and restarts partway through a transfer | ||
| IT36574 | IBM MQ 9.2 installer incorrectly states that Windows 2012 is a valid target operating system | ||
| IT36588 | IBM MQ reports "AMQ9671: The PKCS #11 token password specified is invalid" when the password is correct | ||
| IT36589 | AMQ9288 message contains incorrect numeric insert and FDC with probe identifier CO286005 is generated | ||
| IT36594 | Appliance QMgrs configured for HADR fail to be migrated from 9.1to 9.2 if the HA interfaces were down during the upgrade | ||
| IT36630 | RDQM might show status as 'Ended Unexpectedly' instead of 'Running Elsewhere' on the Secondary node | ||
| IT36636 | IBM MQ AMQP or IBM MQ Telemetry channel fails to start if the queue manager attribute SSLCRLNL contains an OSCP AUTHINFO object | ||
| IT36678 | The fteCreateEnvironment command is missing from the IBM MQ Advanced Image | ||
| IT36701 | MQ-JMS applications connected to EBCDIC character set queue managers fail to move messages to BOQ or DLQ | ||
| IT36702 | Source disposition for transfer items is incorrectly processed if a managed transfer fails due to a transfer recovery timeout | ||
| ✓ | IT36756 | Memory leak in amqrmppa process | |
| IT36885 | Enhancements to runmqras utility | ||
| IT36898 | IBM MQ Appliance reloads due to watchdog restart. | ||
| ✓ | IT36899 | IBM MQ Appliance might reload when reading and saving a configuration at the same time | |
| IT36960 | Transfer items transferred successfully before a transfer recovery timeout occurs might not be deleted. | ||
| IT37072 | Insufficient diagnostics for failures from DeleteFile() Windows API call | ||
| IT37089 | Channel socket error detection logic can generate invalid internal protocol flow | ||
| IT37134 | Potential for SIGSEGV from a null pointer in xcsRequestMutexSemFn | ||
| IT37151 | Provide additional queue manager configuration attributes to control the connection and operation timeout for LDAP calls | ||
| IT37223 | IBM MQ Managed .NET Client fails unable to connect to queue manager by using Red Hat OpenShift routes | ||
| IT37224 | java.lang.NullPointerException thrown when multiple threads connecting to the QMGR concurrently | ||
| IT37283 | IBM MQ channels running with TLS 1.3 cipher specs intermittently fails with FDC CO373099 from cciTcpSslResetCallback | ||
| IT37357 | IBM MQ on AIX writes KRCE_UNEXPECTED_ERROR AND LRCE_SECURITY_ERROR FDCS when the username is longer than the system's allowed MA | ||
| ✓ | IT37410 | IBM MQ Appliance "sethagrp -e" command becomes unresponsive when queue manager file system is in use | |
| IT37427 | crtdrprimary for a HA queue manager fails with AMQ3930E due to DR replication interfaces mismatch on the HA appliances | ||
| IT37566 | "Could not find key 'RecoveryTimedOut' in ResourceBundle" error reported when running fteShowAgentDetails -v | ||
| IT37576 | IBM MQ runmqlsr process might enter an infinite loop and consume a high amount of CPU | ||
| IT37595 | Incorrect error reporting if TLS record transfer limit encountered for GCM cipher specs | ||
| IT37621 | Update level of LDAP client supplied with IBM MQ 9.2 LTS to 6.4.0.24 | ||
| IT37672 | Runmqras fails to determine queue manager log path on IBM I. | ||
| IT37726 | IBM MQ AMQP channel stops due to an OutOfMemoryError, and an FDC containing probe identifier XR10072014 is generated | ||
| IT37742 | The runamscred utility incorrectly generates FDC files if run with no parameters | ||
| IT37745 | AMQ9797E message might contain incorrect validation error code if local certificate validation fails | ||
| IT37968 | IBM MQ 9.2.4 client connecting to a queue manager through IBM MQ IPT fails with AMQ9296E: Password protection negotiation failed. | ||
| IT38008 | No mechanism to set MQIPT_JVM_OPTIONS for IBM MQ Internet PassThru when run as a service | ||
| IT38204 | IBM MQ client applications stop consuming messages from a queue protected with AMS MCA interception. | ||
| IT38264 | Update Angular.JS to 1.8.2 on IBM MQ 9.2 LTS | ||
| IT38265 | Upgrade Apache Ant for IBM MQ 9.2 to the latest level (1.10.11) | ||
| IT38266 | Update Apache Commons IO and Net for IBM MQ 9.2 LTS | ||
| IT38267 | Update the Hyperledger Fabric Gateway supplied with IBM MQ 9.2 LTS | ||
| IT38268 | Update Bouncy Castle to level 1.69 for IBM MQ 9.2 LTS | ||
| IT38269 | Update the SLF4J library supplied with IBM MQ 9.2 LTS | ||
| IT38270 | Update the IBM JRE level to 8.0.6.36 (AIX, Linux, Windows) for IBM MQ 9.2 LTS | ||
| IT38271 | Update the IBM MQ embedded WebSphere Liberty Profile to 21.0.0.9plus PH38929 and PH39418 | ||
| IT38298 | Update level of libcurl supplied with IBM MQ 9.2 LTS to libcurl 7.79.1 | ||
| IT38299 | Update level of libedit supplied with IBM MQ 9.2 to libedit 0:67:0 (20210714-3.1) | ||
| IT38348 | Update DRBD and Pacemaker packages supplied with IBM MQ 9.2 | ||
| ✓ | ✓ | IT38349 | IBM MQ Appliance CVE-2021-38958 [CVSS base score 5.1] |
| ✓ | IT38362 | IBM MQ Appliance CVE-2021-3712 [CVSS base score 6.5] | |
| ✓ | IT38413 | IBM MQ CVE-2021-22946, CVE-2021-22947 [CVSS base score 7.5] | |
| ✓ | IT38477 | IBM MQ Appliance firmware upgrade fails with error "Destination write failed" | |
| ✓ | IT38503 | IBM MQ CVE-2021-29842 [CVSS base score 3.7], CVE-2021-35517 [CVSS base score 5.5] & CVE-2021-36090 [CVSS base score 7.5] | |
| ✓ | IT38523 | IBM MQ CVE-2021-2388, CVE-2021-2432 [CVSS base score 7.5] | |
| IT38571 | Update level of GSKit supplied with IBM MQ 9.2 to GSKit 8.0.55.25 | ||
| ✓ | IT38604 | IBM MQ CVE-2021-28169, CVE-2021-34428, CVE-2021-34429 [CVSS base score 5.3] | |
| ✓ | IT38616 | IBM MQ Appliance HA queue manager reports partitioned state after appliance reload. | |
| IT38693 | On IBM MQ Explorer, the IBM MQ Knowledge Center link does not work. | ||
| ✓ | IT38766 | IBM MQ Appliance queue manager failover fails if the queue manager file system is in use | |
| ✓ | IT38788 | IBM MQ Appliance CVE-2021-38967 [CVSS base score 8.2] | |
| IT38793 | IBM MQ v9.2 fix packs do not update the Bridge to Salesforce prereq .jar files | ||
| ✓ | ✓ | IT38930 | IBM MQ Appliance CVE-2021-38986 [CVSS base score 5.6] |
| ✓ | ✓ | IT38978 | IBM MQ Appliance CVE-2021-38999 [CVSS base score 5.1] |
| ✓ | ✓ | IT38979 | IBM MQ Appliance CVE-2021-39000 [CVSS base score 5.9] |
| PH37175 | IBM MQ REST API reports MQWB0002E error message when requesting to list the queue manager status | ||
| SE75821 | IBM MQ Manager might crash with CPF9803 "Cannot allocate object" when the journal/journalmsgq locked by non-mq process | ||
| SE75874 | RUNMQRAS might not collect definitions when mqs.ini CCSID is not 37 from IBM MQ 9.1. | ||
| SE75994 | Running strmqweb command has authority problem when submitting by different user profiles. | ||
| SE76150 | Update OpenSSL to 1.1.1l | ||
| SE76177 | End SYSTEM.DEF.CLUSSDR report AMQ8227, "STOPPED" status can't preserve |
IBM MQ 9.2.0.3 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: July 2021)
| Security APAR | HIPER APAR | APAR | Description |
| IT31885 | Output from the amqrfdm utility shows invalid value on the "Exp" or "Upd" attributes for a cluster object | ||
| IT32295 | IBM MQ Classes for Java application hangs when using the BINDINGS transport and getting messages with the MQGMO_CONVERT option | ||
| IT32415 | Specifying the invalid -zipfile argument to runmqras on the IBM MQ Appliance causes the current mqcli instance to exit | ||
| IT32871 | A queue manager terminates due to a SIGSEGV within the executioncontroller process amqzxma0 | ||
| IT32993 | Authentication operations fail if more than one IP address is present in the conname of an LDAP AUTHINFO definition | ||
| IT33117 | IBM MQ RDQM might not switch to or start on its configured preferred node. | ||
| IT33572 | amqspdbg with -i, -q, -p, or -a options fails with an error and generates an FDC | ||
| IT33961 | TX series application fails with SIGSEGV in check_target when used with IBM MQ | ||
| IT34095 | The NETTIME parameter for the DISPLAY CHSTATUS command has unexpectedly high values | ||
| IT34118 | Miscalculation of expiry time for SYSTEM.CLUSTER.HISTORY.QUEUE messages. | ||
| IT34230 | Memory overwrite error using amqssslc sample | ||
| IT34391 | RDQM resource probe fails during "stop" action, which then prevents auto-restart of the queue manager | ||
| IT34419 | IBM MQ Appliance queue manager failover is unsuccessful if the queue manager file system is in use by another process | ||
| IT34493 | IBM MQ Appliance: After disabling eth20 interface addition of a stand-alone queue manager to HA at DR site fails with AMQ6546E | ||
| IT34850 | Redistributable MFT command 'fteCreateEnvironment' repeatedly prepends to the PATH environment variable | ||
| ✓ | IT35027 | IBM MQ Appliance might unexpectedly reload while accessing an SSL session | |
| IT35190 | Enhancements to runmqras utility | ||
| IT35262 | Call to xa_open fails with XAER_INVAL '-5 in XA configuration with TXSeries | ||
| IT35279 | IBM MQ Appliance: HA queue managers configured for DR are not migrated from IBM MQ 9.1 to 9.2 | ||
| IT35389 | Exception reason code 2063 thrown when AMS Java clients access CA certificate chains within cryptographic hardware | ||
| IT35459 | The dmpmqcfg -c command fails with MQRC_ENVIRONMENT_ERROR when SHARECNV(0) set on SVRCONN | ||
| IT35461 | AMQ6150 error message states a timeout period of zero minutes. | ||
| ✓ | IT35489 | IBM MQ CVE-2021-29843 [CVSS base score 5.3] | |
| IT35582 | IBM MQ MFT Message-To-File Transfer request that uses a protocol bridge agent (PBA) as the source agent fails silently. | ||
| IT35599 | Standby instance of a Managed File Transfer highly available agent shuts down after being disconnected from its queue manager | ||
| IT35701 | Messages left on source queue at the end of a successful message-to-file transfer. | ||
| ✓ | IT35704 | CVE-2020-4938 for IBM MQ Appliance | |
| ✓ | IT35810 | IBM MQ Appliance might reload when a file is downloaded by using WebUI or REST API | |
| IT35854 | FDC generated when runamscred is run with no parameters | ||
| IT35878 | Multiple instances of a highly available MFT agent start as the active instance following a queue manager restart | ||
| IT36036 | Using IBM MQ REST API Gateway to administer remote queue manager can result in MQWB0000E Error. | ||
| IT36122 | runmqsc -f on the IBM MQ Appliance fails with "failed to open file [file name]" when the file was altered by copy command | ||
| IT36134 | Vi editor key bindings unavailable within the runmqsc console | ||
| IT36250 | The ctrhagrp command fails to re-create the HA group on a replaced appliance. | ||
| ✓ | IT36262 | IBM MQ Appliance HA synchronization might be slow after restart of one of the appliances | |
| IT36306 | XMS Client application fails to start after migration to V9.1.3. | ||
| IT36308 | Exception containing reason code 2009 is thrown even though an application is still connected to a queue manager | ||
| IT36351 | The IBM MQ Advanced software license tag file contains corrupted content and is not reported correctly by IBM License Metric Tool (ILMT) | ||
| IT36372 | Permission denied errors reported on the console by runmqras command on the IBM MQ Appliance | ||
| IT36377 | The crtdrsecondary command fails with "Invalid command string entered" in the IBM MQ Appliance web console when configuring DR | ||
| IT36491 | RDQM creation might fail due to port conflict | ||
| IT36621 | Changes to IBM MQ Appliance link aggregation LLDP configuration property | ||
| IT36700 | SIGSEGV within TXSeries cicsas process when trying to get or convert a message | ||
| IT36707 | Potential SIGSEGV in xcsFFSTS code | ||
| IT36729 | FDC from xcsFreeMemFn in amqrmppa process reporting xecS_I_PRIVATE_MEMORY_ERROR FROM during thread cleanup | ||
| IT36752 | IBM MQ generates unnecessary Informational FDC reporting AT040010 atxClose arcE_XAER_PROTO | ||
| IT36788 | BYTESSENT and BYTESRCVD channel status values do not wrap as expected | ||
| IT36855 | High memory utilization can occur in IBM MQ channel processes if certificate renegotiation occurs many times | ||
| IT36957 | Upgrade the JRE level for IBM MQ V9.2 to Java 8.0.6.31 for AIX, Linux, and Windows | ||
| IT36959 | Update level of GSKit supplied with IBM MQ 9.2 to GSKit 8.0.55.24 | ||
| IT36999 | Update the IBM MQ embedded WebSphere Liberty Profile to 21.0.0.6 | ||
| IT37013 | Update level of libcurl supplied with IBM MQ 9.2 LTS TO 7.77.0 | ||
| IT37016 | Update DRBD and Pacemaker packages supplied with IBM MQ 9.2 | ||
| IT37074 | Update level of libedit supplied with IBM MQ 9.2 to 0:66 | ||
| IT37086 | Update level of LDAP client supplied with IBM MQ 9.2 LTS to 6.4.0.23 | ||
| ✓ | IT37117 | CVE-2021-3449 for IBM MQ Appliance | |
| ✓ | IT37166 | Description is not available (security/integrity exposure) | |
| ✓ | IT37174 | IBM MQ Appliance CVE-2020-5008 (security/integrity exposure) | |
| ✓ | IT37251 | IBM MQ Appliance might reload while processing RBM requests | |
| ✓ | IT37277 | 172544, CVE-2020-7676, CVE-2019-14863, 172550, 172543, CVE-2019-10768 for IBM MQ Appliance | |
| ✓ | IT37279 | CVE-2020-25648 and CVE-2020-25692 for IBM MQ Appliance | |
| ✓ | IT37359 | IBM MQ channel process amqrmppa hangs after memory exception | |
| IT37376 | Unable to install IBM MQ 9.2.0.2 rpm components for Linux when there are multiple installations | ||
| ✓ | IT37432 | IBM MQ Appliance configured in HA/DR might reboot during migration | |
| IT37561 | Update the Hyperledger Fabric Gateway, Jetty, and SLF4J supplied with IBM MQ 9.2 LTS | ||
| ✓ | IT37719 | IBM MQ CVE-2021-28165 [CVSS base score 7.5] | |
| SE75505 | IBM i COBOL APPs linked to AMQ0STUB and ILE C & RPG APPs linked to LIBMQM failed to co-exist in commit control | ||
| SE75506 | Update openssl to 1.1.1k | ||
| SE75562 | BLOCKADDR.INI should be created with CCSID 37 even in multi languages environment on IBM i |
IBM MQ 9.2.0.2 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: March 2021)
| Security APAR | HIPER APAR | APAR | Description |
| IJ23167 | An internal error CWSMQ0286E is thrown when XMS .NET client tries to retrieve a message containing mqex folder in header. | ||
| IJ25042 | If backout queue is full, XMS .NET doesn't send the messages with RFH header to dead-letter queue. | ||
| IT29565 | IBM MQ client app that uses MQCONNX to make an SSL connection fails with FDC from xehExceptionHandler with rriCopyMQSCO on the stack | ||
| IT29638 | The DISPLAY CHSTATUS command output for an AMQP client instance always shows AMQPKA(0) instead of the actual value | ||
| IT29944 | USEDLQ cluster channel attribute is not replicated across cluster members | ||
| IT29963 | The JMSAdmin tool is partially shipped by the redistributable Java client "{version}-IBM-MQC-Redist-Java.zip" | ||
| IT30545 | MQ .NET managed client application returns 2059 when setting certlabel in hashtable properties | ||
| IT30601 | Performance implications of IT28621 changes | ||
| IT31415 | FDC record with probe identifier 'OP008000' is generated when runmqdlq is processing messages on the dead letter queue. | ||
| IT31883 | IBM MQ controller process (amqzxma0) stopped due to SIGSEGV after failing to allocate a shared memory set. | ||
| IT31898 | IBM MQ Appliance: 'makehaprimary' command incorrectly reports AMQ6682 error | ||
| IT31901 | Memory leak in the AMS (Advanced Message Security) component of IBM MQ | ||
| IT31909 | MQTT Channel ends unexpectedly due to NullPointerException | ||
| IT32081 | Error log incorrectly reports remote certificate validation failed when local certificate is invalid | ||
| IT32137 | A valid windows user ID with a space character in 12th position fails to connect to queue manager | ||
| IT32212 | Topic handles are not closed when a Classes for Java MQQueueManager disconnects | ||
| IT32292 | AMQ5542 message misleadingly mentions CHCKCLNT(REQDADM) when using LDAP for users or groups | ||
| IT32294 | FDC with probe identifier ZD048010 from zruMetaNotify at queue manager restart | ||
| IT32547 | Improve tracing in amqscnxc | ||
| IT32554 | Channel exits written in Java are unable to access the local address used by the channel | ||
| IT32583 | A managed .NET client application initializes slowly in multi-user or heavily loaded environments | ||
| IT32606 | MQ .Net core application takes several seconds to reestablish a connection with a queue manager after a failover | ||
| IT32772 | IBM MQ Appliance setdrlink and sethalink commands do not verify if the replicationIP is assigned to a valid local interface. | ||
| ✓ | IT32949 | Queue manager terminates due to a SIGSEGV issued for amqrrmfa process with Probe Id XC130004 | |
| IT32987 | NullPointerException occurs when activation specification or WASlistener port is configured to use message retention | ||
| IT33189 | IBM MQ MFT fteCreateTransfer from a queue results in a zero byte file if the source queue is empty. | ||
| IT33209 | dltdrprimary command does not completely remove DR definition from HA secondary appliance. | ||
| IT33213 | IBM MQ Appliance link aggregation interface goes down when LLDP is enabled on network switch | ||
| ✓ | IT33261 | The amqrmppa process terminates with memory exception in rppAdjustPool or rppLockPool | |
| IT33385 | Inadequate error message is reported when dltdrprimary command fails due to HA queue manager started with strmqm -ns option. | ||
| IT33387 | IBM MQ Explorer MFT capture log shows an incorrect destination path | ||
| IT33398 | FDC with Probe KN432051 from kpiAppSignalTask reporting missing signalapp.xx files. | ||
| IT33439 | Memory leak in IBM MQ when using AMS | ||
| IT33552 | Using IBM MQ Explorer against IBM MQ v9.0 z/OS to create a channel does not enable the selection of certain SSL ciphers. | ||
| IT33571 | Channel Status bytesent and bytesrcvd attributes show incorrect value | ||
| IT33590 | Resource adapter deployed into embedded WebSphere Liberty that is started by Liberty SPIs cannot make secure connections to IBM MQ. | ||
| ✓ | IT33612 | IBM MQ Appliance HA initialization error during reboot | |
| ✓ | IT33668 | MQCTL does not function as expected when issued using MQOP_SUSPEND option | |
| IT33852 | IBM MQ classes for JMS generate NullPointerExceptions when an application is accessing a queue or a topic | ||
| IT33893 | The output of 'dmpmqaut -p [Prinicpal] -e' is misleading when the IBM MQ authority is defined at the group level | ||
| IT33894 | SourceTransferStartExits can be invoked twice for the same managed transfer. | ||
| ✓ | IT33901 | Performance degradation when using extended message selection | |
| IT33970 | The dspmqtrc duplicate line suppression functionality prints incorrect lines | ||
| IT34002 | IBM MQ adding or removing features from a Windows installation can damage the Web Console installation. | ||
| IT34004 | xcsFreeMemFn xecS_I_PRIVATE_MEMORY_ERROR from amqrmppa during thread cleanup. | ||
| IT34015 | The setmqenv command is missing from the redistributable client package on Linux x86-64 | ||
| IT34091 | FDCs with ProbeIDs ZC004062 and ZC004040 from zcpCreateMessage | ||
| IT34119 | 'installp' reports a path not found error when installing the 'mqm.web.rte' fileset to a non-default location on AIX | ||
| IT34133 | MFT error message 'BFGIO0121E' incorrectly specifies a fully qualified file name instead of checksum values. | ||
| IT34168 | Managed transfers are incorrectly marked as "Successful" rather than "Partially Successful" | ||
| IT34217 | IBM MQ Explorer fails to connect to a remote Managed File Transfer (MFT) configuration | ||
| IT34229 | The 'crtmqfp' utility does not permit the default installation location to be specified when repackaging RPM files | ||
| IT34233 | FDC generated when the MQExplorer is started with the runwithtrace command. | ||
| IT34265 | Delays when using the administrative REST API gateway to process requests for different queue managers simultaneously | ||
| IT34332 | Channel names are blank in MQSC and IBM MQ Explorer after direct migration from IBM MQ 8.0.0.1, 8.0.0.2, or 8.0.0.3 to 9.1.5 or later | ||
| IT34336 | MQGET fails with 2004 MQRC_BUFFER_ERROR | ||
| IT34350 | MFT File-To-Message transfer with delimiter greater than defaultlength generates two 0 byte messages | ||
| IT34358 | Displaying channel status for IBM MQ Telemetry channels that use filter on CONNAME attribute might fail with NullPointerException | ||
| IT34367 | MQSeriesRDQM RPM package does not enforce prerequisite on Pacemaker RPM package | ||
| IT34389 | Duplicate stanzas in an IBM MQ client or queue manager configuration file are not processed | ||
| IT34411 | Update DRBD kernel modules supplied with IBM MQ 9.1 and 9.2 to DRBD version 9.0.25 | ||
| IT34436 | Zero byte content IBM MQ messages are generated during MFT File to Message transfers when using a prefix delimiter | ||
| IT34463 | Administrative REST API parameter ibm-mq-rest-gateway-qmgr cannot be used with the REST API discovery feature, and CORS. | ||
| ✓ | IT34473 | CVE-2020-4590 for IBM MQ | |
| ✓ | ✓ | IT34485 | CVE-2020-4931 for IBM MQ Appliance & CVE-2020-4931 for IBM MQ |
| IT34486 | MFT error message 'BFGSS0024E' does not provide details on which object it received the MQI error message. | ||
| IT34488 | IBM MQ listener runqmqlsr not accepting new connections and also consuming high CPU | ||
| IT34567 | Enable Alias and TLS 1.3 cipher specs in the IBM MQ Explorer on IBM i and z/OS platforms. | ||
| ✓ | IT34570 | CVE-2019-19956, CVE-2019-20388, CVE-2020-7595, CVE-2019-17498, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-17006, CVE-2019-17023, CVE-2020-12403 for IBM MQ Appliance | |
| IT34573 | The FTETopicSubscriptionCollector section of fteRAS takes a longtime to complete. | ||
| IT34591 | Destination agent generates an ABEND file when processing a managed transfer that has timed out | ||
| IT34623 | Managed File Transfer agent abends after migrating from version 8.0.0.3 or earlier. | ||
| IT34684 | JMSCC0108 reported by the MQ-RA reference the wrong version of IBM Documentation. | ||
| IT34686 | A failure to downgrade the appliance firmware to an earlier level reports AMQ6546E instead of a meaningful error | ||
| IT34691 | IBM MQ Appliance power outage might result in the IBM MQ Web Console reporting 'Error 500: Internal error' | ||
| IT34757 | IBM MQ Appliance status command might not correctly report failure states if there is an HA failure on both HA appliances | ||
| IT34780 | MFT Redistribution 'fteCreateEnvironment' command does not validate the installation name argument | ||
| ✓ | IT34822 | A non-persistent message might be discarded if a waiting async MQGET times out while an MQPUT is delivering to it | |
| IT34895 | After failure in MQ Appliance makedrsecondary command the HA/DR Queue manager failed to start on second node | ||
| IT34899 | IBM MQ Appliance "service show component-firmware" command does not report network module firmware version information | ||
| ✓ | IT34927 | CVE-2020-27216 for IBM MQ | |
| IT34967 | IBM MQ classes for JMS BROKERPUBQMGR property validation failure with asterisk characters | ||
| IT35074 | Potential memory leak during of cached resources in multithreaded asynchronous consume client application | ||
| IT35078 | Improve error message when a certificate does not meet key length requirements | ||
| IT35081 | TCP listener port value is not validated against the documented maximum value of 65535 | ||
| ✓ | IT35199 | Intermittent IBM MQ Appliance reload when SNMP is enabled | |
| IT35214 | Setmqenv doesn't work in the default or dash shell | ||
| IT35222 | IBM MQ MFT: NullPointerException thrown by CommandHandler thread with FFDC probe identifier FFDC_001 | ||
| ✓ | IT35258 | Channels remain in initializing state for longer time when starting, and messages build up on SYSTEM.CHANNEL.INITQ | |
| IT35319 | The OCSPTimeout and SSLHTTPConnectTimeout parameters are not read correctly from the configuration file | ||
| IT35322 | Queue resource monitor submits two message-to-file transfers for the same message or message group on consecutive polls. | ||
| IT35342 | Upgrade ICU4J for IBM MQ MFT to 68.2 | ||
| IT35362 | Application terminates with SIGSEGV when trace is enabled for AMS operations | ||
| IT35398 | SourceTransferStartExits are run twice for the same managed transfer following a network issue during negotiation | ||
| ✓ | IT35440 | CVE-2020-8284 | |
| ✓ | IT35457 | CVE-2019-20386, CVE-2020-1971, CVE-2018-20843, CVE-2019-15903, CVE-2019-11068, CVE-2019-18197, CVE-2020-8622, CVE-2020-8623, CVE-2020-8624 for IBM MQ Appliance | |
| IT35488 | Partial repository queue manager does not report "update not received" error for queue manager | ||
| IT35512 | Setting OCSPAuthentication=REQUIRED generates AMQ7076 warning incorrectly | ||
| ✓ | IT35522 | CVE-2020-25654 | |
| IT35532 | Upgrade Apache Ant for IBM MQ MFT 9.2 to the latest level (1.10.9) | ||
| IT35533 | Upgrade Apache Commons libraries for IBM MQ v9.2 to the latest levels | ||
| IT35534 | Update Bouncy Castle shipped by IBM MQ v9.2 to version 1.68 | ||
| IT35536 | Update Jetty shipped by IBM MQ v9.2 for Linux (x86-64) to 9.3.29.v20201019 | ||
| IT35540 | Upgrade the JRE level for IBM MQ V9.2 to Java 8.0.6.25 for AIX, Linux, and Windows | ||
| IT35541 | Update the IBM MQ embedded WebSphere Liberty Profile to 20.0.0.12 | ||
| ✓ | IT35557 | NPMCLASS(HIGH) not retaining non-persistent messages during QM graceful failover in RDQM HA environment. | |
| IT35593 | Update level of GSKit supplied with IBM MQ 9.2 LTS to 8.0.55.21 | ||
| IT35594 | Update level of LDAP client supplied with IBM MQ 9.2 LTS to 6.4.0.22 | ||
| IT35595 | Update level of libcurl supplied with IBM MQ 9.2 LTS to 7.74.0 | ||
| IT35683 | Update the Fabric Gateway version supplied with IBM MQ to v2.2.1 | ||
| IT35808 | Update DRBD and Pacemaker packages supplied with IBM MQ 9.2 | ||
| IT35809 | IBM MQ MFT resource monitor runs on multiple threads at the same time after its config | ||
| IT35834 | TLS/SSL channel on distributed platform intermittently stops when partner channel is running on HPE Non Stop | ||
| ✓ | IT35881 | IBM MQ Appliance might reload while closing an LDAP connection | |
| ✓ | IT35901 | ||
| IT36099 | JRE cipher suites that use algorithms based on DES_CBC are disabled | ||
| ✓ | IT36118 | RDQM queue manager failed to start due to all nodes in secondary state | |
| ✓ | IT36310 | IBM MQ Appliance might reload due to error SSL function/TLS | |
| ✓ | ✓ | IT36319 | IBM MQ CVE-2020-27225 (security/integrity exposure) |
| ✓ | ✓ | IT36321 | CVE-2020-4831 for IBM MQ Appliance |
| IT36347 | IBM MQ Appliance might fail to collect sysrecord or other logs in error report | ||
| ✓ | IT37970 | RDQM queue managers might fail to start after network outage between nodes | |
| SE71857 | Using MQRC to convert an IBM MQ error log file to JSON format results in corrupted Japanese characters on IBM i | ||
| SE74387 | IBM MQ iSeries 5724H72 option 3 installer needs to be refined. | ||
| SE74522 | Update OpenSSL to 1.1.1h | ||
| SE74554 | IBM MQ on IBM i AMS policy with certificates with mixed case components in DN | ||
| SE74591 | IBM MQ C/RPG/COBOL Client install with TLS and ONE-WAY authentication failed with private keystore | ||
| SE74794 | IBM MQ operations inside IBM i transaction | ||
| SE74947 | Update OpenSSL to 1.1.1i | ||
| SE75052 | AutoConfig can't write output to autocfgmqsc.LOG | ||
| SE75343 | Update OpenSSL to 1.1.1j |
IBM MQ 9.2.0.1 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: 01 October 2020)
| Security APAR | HIPER APAR | APAR | Description |
| IT23170 | Published messages are sent to the DLQ if API subscription destination resolves to non-local cluster queue. | ||
| IT31225 | IBM MQ Managed File Transfers from an SFTP server occasionally hang | ||
| IT31917 | IBM MQ Explorer shows protocol value of [Unknown] in channel status of MQTT clients | ||
| IT32110 | IBM MQ 9.1.4 queue manager might take longer to end, and this causes a hang when an RDQM is failed over. | ||
| ✓ | IT32208 | CVE-2020-4870 for IBM MQ and CVE-2020-4870 for IBM MQ Appliance | |
| IT32481 | IBM MQ reports FDC RM008005/rrxStopChannel after channel reconnects and adopts previous instance | ||
| IT32775 | Invalid Managed File Transfer scheduled transfers cannot be deleted | ||
| IT32925 | Update JMQI trace to remove unnecessary values from the options field | ||
| IT32935 | Managed File Transfer agent restart changes the time zone of scheduled transfer time. | ||
| IT33028 | An IBM MQ client receives return code 2119 "MQRC_NOT_CONVERTED" from MQGET when an RFH buffer exceeds the SSL transmission size limit | ||
| ✓ | IT33097 | CVE-2020-4528 | |
| IT33175 | Managed File Transfer protocol bridge agent generates an FDC when fteShowAgentDetails is run with the -d option | ||
| IT33490 | Triggered channels slow to start and messages build up on SYSTEM.CHANNEL.INITQ | ||
| IT33630 | Upgrade the JRE level for IBM MQ to Java 8.0.6.15 for AIX Linux Solaris and Windows | ||
| IT33633 | Upgrade Apache Commons IO for IBM MQ 9.2 to the latest level | ||
| IT33638 | Update the embedded WebSphere Liberty Profile on IBM MQ 9.2 from v20.0.0.3 to v20.0.0.6 | ||
| IT33639 | Update Bouncy Castle shipped by IBM MQ v9.2 | ||
| IT33642 | Upgrade CometD and Jetty shipped with IBM MQ V9.2 for Linux (X86-64) | ||
| IT33649 | IBM MQ Appliance HA heartbeat connection (AMQ3904E) messages are intermittently not reported in the MQSystem log. | ||
| IT33672 | Warning message generated by the IBM MQ Explorer cluster plug-in test "Duplicate cluster members" is grammatically incorrect | ||
| IT33681 | Update level of GSKit supplied with IBM MQ 9.2 LTS to 8.0.55.17 | ||
| ✓ | IT33772 | CVE-2020-4682 | |
| IT33794 | NullPointerException when using a JSON format CCDT that contains security exit information with no user data | ||
| ✓ | IT33880 | CVE-2020-12762 | |
| ✓ | ✓ | IT33881 | CVE-2018-16878, CVE-2018-16877, CVE-2019-3885 for IBM MQ and for IBM MQ Appliance |
| IT33914 | Update angular.js to 1.8.0 | ||
| ✓ | IT33933 | CVE-2019-17638 | |
| IT33936 | Provide mechanism to trace the New Web Console JavaScript that runs inside a browser | ||
| IT33962 | IBM MQ Explorer 9.2 Welcome pages reference earlier versions of IBM Documentation. | ||
| IT34071 | Update level of JSON-C supplied with IBM MQ 9.1 and 9.2 to 0.15-20200726 | ||
| IT34105 | IBM MQ Explorer License on Windows it redirected to IBM MQ 9.0 content | ||
| IT34120 | Running IBM MQ Explorer with trace enabled does not generate all of the expected trace files. | ||
| IT34127 | Additional diagnostics to investigate a SIGSEGV error reported by an amqrmppa process | ||
| ✓ | ✓ | IT34178 | CVE-2020-4869 |
| ✓ | ✓ | IT34270 | CVE-2020-4766 |
| ✓ | IT34277 | CVE-2020-7676 | |
| PH26607 | IBM MQ MFT 'fteListAgents' command throws a java.lang.NullPointerException |
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"ARM Category":[{"code":"a8m0z0000001eskAAA","label":"APARs \u0026 PTFs"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"9.2.0","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]
Was this topic helpful?
Document Information
Modified date:
06 November 2025
UID
ibm16339187