Fix Readme
Abstract
IBM MQ provides periodic maintenance releases (Fix Packs), and Cumulative Security Updates, for Version 9.3.0 Long Term Support (LTS). The following is a complete listing of available fixes grouped by maintenance delivery.
Content
This document describes fixes included in LTS maintenance releases and in LTS Cumulative Security Updates. For more information on the types of maintenance, see IBM MQ release types section of the product documentation.
Lifecycle dates:
- GA for IBM MQ 9.3 was 23rd June 2022.
| Release Type | Release Date | Total fixes | Security fixes | HIPER fixes | |
| IBM MQ 9.3.0.30 | Fix Pack | 27 June 2025 | 73 | 4 | 1 |
| IBM MQ 9.3.0.28 | Cumulative security update | 01 May 2025 | 3 | 1 | 0 |
| IBM MQ 9.3.0.27 | Cumulative security update | 27 February 2025 | 9 | 6 | 1 |
| IBM MQ 9.3.0.26 | Cumulative security update | 17 December 2024 | 8 | 5 | 0 |
| IBM MQ 9.3.0.25 | Fix Pack | 29 October 2024 | 51 | 4 | 6 |
| IBM MQ 9.3.0.21 | Cumulative security update | 05 September 2024 | 5 | 3 | 0 |
| IBM MQ 9.3.0.20 | Fix Pack | 26 June 2024 | 78 | 11 | 2 |
| IBM MQ 9.3.0.17 | Cumulative security update | 25 April 2024 | 13 | 7 | 3 |
| IBM MQ 9.3.0.16 | Cumulative security update | 29 February 2024 | 7 | 3 | 0 |
| IBM MQ 9.3.0.15 | Fix Pack | 14 December 2023 | 38 | 4 | 0 |
| IBM MQ 9.3.0.11 | Cumulative security update | 30 October 2023 | 2 | 1 | 0 |
| IBM MQ 9.3.0.10 | Fix pack | 30 August 2023 | 52 | 4 | 2 |
| IBM MQ 9.3.0.6 | Cumulative security update | 28 June 2023 | 7 | 4 | 0 |
| IBM MQ 9.3.0.5 | Fix pack | 27 April 2023 | 50 | 8 | 2 |
| IBM MQ 9.3.0.4 | Cumulative security update | 28 February 2023 | 3 | 1 | 1 |
| IBM MQ 9.3.0.3 | Cumulative security update | 26 January 2023 | 3 | 1 | 1 |
| IBM MQ 9.3.0.2 | Fix pack | 21 December 2022 | 70 | 12 | 2 |
| IBM MQ 9.3.0.1 | Fix pack | 22 September 2022 | 35 | 6 | 1 |
| IBM MQ 9.3.0.0* | Initial release (both Continuous Delivery and LTS) | 23 Jun 2022** | 54 | 43 | 7 |
* To view the fixes for the IBM MQ 9.3.0.0 initial release, see Fix list for IBM MQ Version 9.3.x Continuous Delivery.
** The listed release date applies to IBM MQ 9.3.0.0 on distributed platforms. For IBM MQ Appliance 9.3.0.0, the release date was 02 Aug 2022.
To download IBM MQ Fix and Refresh Packs follow this link: IBM MQ Recommended Fixes and Planned Maintenance release dates.
Vulnerability risk information for IBM MQ can be found at Security Bulletin for IBM WebSphere MQ
Example table
| Is Security | Is HIPER | APAR / known issue |
Description
|
| ✓ | AB12345 |
CVE-XXXX-XXXXX (security/integrity exposure) [CVSS base score 5.3]
|
|
| ✓ | DT123456 |
Description of HIPER
|
Note: The CVSS scoring information, listed in the fix list tables, is accurate at the time of release. Review links contained in the referenced bulletins for additional information on scoring, including any retrospective changes to scores assigned by third parties.
IBM MQ fix pack 9.3.0.30 for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: June 2025)
| Is Security | Is HIPER | known issue | Description |
| ✓ | DT426598 | IBM MQ CVE-2025-33181 [CVSS base score 5.9] | |
| ✓ | DT438705 | IBM MQ CVE-2025-21587, CVE-2025-4447 and IBM MQ Appliance CVE-2025-21597, CVE-2025-4447 [CVSS base score 7.4] | |
| ✓ | DT438713 | IBM MQ CVE-2025-21587, CVE-2025-30698, CVE-2025-2900 [CVSS base score 7.5] | |
| ✓ | DT439059 | IBM MQ CVE-2025-30472 [highest CVSS 9.8] | |
| DT428284 | IT47199: THIRD PARTY COMPONENT UPDATES FOR FIX PACK 9.3.0.30 | ||
| DT131457 | IT40943: Establishing a new channel instance between multi-instance queuemanagers might intermittently enter a retry loop | ||
| DT209203 | Unmanaged .NET client application with AMS installed reports MQRC 2035(MQRC_NOT_AUTHORIZED) when using a z/OS queue manager | ||
| DT245884 | IT44897: AMQ9703W: Message sequence number mismatch detected for channel,while starting a channel. | ||
| DT381669 | IT46109: Memory leak in locally bound MQ application in XA environment when MQ AMS is installed | ||
| DT389918 | IT46375: FREQUENT MQ FDC EXCEPTIONS GENERATED ON THE QUEUE MANAGER SYSTEM DUE TO PERMISSION ISSUES. | ||
| DT391393 | IT46346: Singular messages may be committed during a transaction despite contrary configuration when using WAS Listener Ports | ||
| DT391669 | IT46520: If a JSON CCDT specifies more than one channel with certificatePeerName, MQCONNX fails with Reason Code 2393 | ||
| DT394246 | IT45974: IBM MQ Native HA queue managers delay in failover | ||
| DT395866 | IT46835: MQ Java client properties "com.ibm.mq.cfg.TCP.ClntRcvBuffSize" and "com.ibm.mq.cfg.TCP.ClntSndBuffSize" cannot be set to 0. | ||
| DT396487 | IT46765: MQ MFT protocol bridge agent (PBA) fails to start and reports error BFGBR0181E | ||
| DT397156 | IT46808: ObjectName used for Report Message authority checks differs depending on the attributes of clustered QMALIAS used | ||
| DT398733 | IT46726: Destination queue manager fails to generate COA report message and trace shows lrcE_CLUSTER_RESOLUTION_ERROR | ||
| DT399726 | Channel errors (e.g. AMQ9259E) are not reported if the channel is stopped by the user while it is ending due to the error. | ||
| DT418467 | IT47179: Sterling File Gateway (SFG) embedded MFT agent generates FDC containing NullPointerException when doing managed transfers | ||
| DT418578 | IT47362: fteRAS terminates unexpectedly and reports a BFGCL0607E error while running the FTEConfigLogsCollector. | ||
| DT418814 | IT47375: When ending queue manager amqcrsta might encounter memory exception with error AMQ6109S and FDC XC027005. | ||
| DT418856 | IT46996: 'crtmqm' command fails with AMQ6708E when using a GPFS file system | ||
| DT419415 | IT47317: The "fteShowAgentDetails" command generates a "java.lang.IndexOutOfBoundsException" with >1 HA standby agent. | ||
| DT419537 | IT47424: AMQ9456 error messages appear in queue manager error logs | ||
| DT420438 | IT47253: Defunct (also known as zombie) amqoampx process after user logs in to IBM MQ web console or uses REST API | ||
| DT421362 | IT47442: Performance impact observed as queue manager cleans the contentsof reusable log files when not needed | ||
| DT422661 | The ValidateAuth=No attribute is ignored when SuppressMessage attribute under QMerrorLog stanza is present in qm.ini file | ||
| DT425506 | IT47773: MQ Console only reports the user primary group on Linux when verifying group membership for access/authorisation | ||
| DT428197 | IT44935: Correlation ID property from AMQP clients not propagated to MQMDCorrelation ID. | ||
| DT428209 | IT45257: MQ error AMQ8454E was thrown when failing to create cluster receiver channel for uniform cluster using ini and mqsc files. | ||
| DT428249 | IT46538: IBM MQ Managed .NET client connect fails with rc=2059 when CCDT contains multiple channels with multiple CONNAMEs. | ||
| DT428250 | IT43493: FDC is generated with Probe Id XY017001 from component xufOpenIniRead when running dspmq as root | ||
| DT428268 | Channels not starting after scratchpad damage | ||
| DT428269 | IT47142: IBM MQ classes for JMS does not suitably disconnect when balanced in a uniform cluster. | ||
| DT428271 | IT46576: setting ReconDelay as IBM MQ documented causes an exception in MQ managed .Net client. | ||
| DT428277 | IT47446: Memory leak in IBM MQ client when MQCONNX in client program thatuses TLS fails with rc=2381 or rc=2393 | ||
| DT428278 | IT47167: Managed File Transfer (MFT) agent stops unexpectedly due to a NullPointerException when doing a message-to-file transfer | ||
| DT428286 | IT47297: Queue manager generates FDC containing probe ID CO386010 when Java app connects on a channel configured with ZLIBFAST | ||
| DT428287 | IT46969: IBM MQ Console fails to process damaged queue objects. | ||
| DT428288 | IT47674: dspmqfls command fails with error AMQ7028E | ||
| DT428291 | IT46975: Improve performance of character conversion within IBM MQ on Linux when using UTF-8 | ||
| DT428295 | IT47744: Cluster queues disappeared after long period of disuse and a change/move of Full Repository queue managers | ||
| DT428296 | IT47103: IBM MQ web console signin fails for users with large "user id number" | ||
| DT428298 | IT47548: IBM MQ Documentation does not clearly specify that OCSPAuthentication=REQUIRED only applies if an OCSP Responder is defined. | ||
| DT428299 | IT47823: AMQZMUC0 LOCKS OBJECT CATALOGUE FILE | ||
| DT428303 | IT47426: IBM MQ Multicast: FDC with Probe XC006001 generated after server-bound publisher app publishes to a topic | ||
| DT428308 | IT47175: Add a toString() method to the TransferExitResult class to output the attributes of the current object | ||
| DT428309 | IT47250: MFT commands using SSL display misleading BFGPR0134E message if a property in a config file is set to an empty value | ||
| DT428316 | IT45923: MQTT PCF command MQCMD_INQUIRE_CHANNEL_STATUS does not correctlyindicate end of responses. | ||
| DT428322 | IT46628: 'dspmqinst' reports Entitlement as "IBM MQ Advanced" even after uninstalling all repackaged Advanced MQ RPM packages | ||
| DT428326 | IT46503: MQIPT creates invalid HTTP Cookie header fields | ||
| ✓ | DT428332 | IT46864: Performance issue in MQ channels configured with TLS 1.3 | |
| DT428334 | IT46603: dmpmqcfg reports incorrect information when an invalid argument is specified | ||
| DT428337 | IT47532: Invalid values for LogPrimaryFiles or LogSecondaryFiles might cause queue manager log full condition | ||
| DT428338 | IT46991: Calling "toString()" on migration mode JMS connection and session objects returns null. | ||
| DT428558 | IT36211: Sender channel fails to start because it cannot connect to a host by name but 'nslookup' resolves its IP address | ||
| DT428694 | IT41624: Error log message AMQ9575 reports incorrect channel name | ||
| DT428812 | IT46837: IBM MQ on Linux for s390x install unnecessary 31-bit GSKit files | ||
| DT428865 | IT47703: IBM MQ Classes for Java/JMS method "MQConstants.lookup" is not thread safe. | ||
| DT429530 | IT37573: Install/upgrade failure: amqiclen: Failed to obtain global lock(1): rc=545261555 | ||
| DT429736 | IT43341: Creating an RDQM HA group fails if the 'hacluster' user or 'haclient' group do not exist on the host system | ||
| DT429741 | IT42617: Incorrect timezone number in the header block output from dspmqtrc, if the offset from UTC is a negative number | ||
| DT429780 | IT43186: MQ trace identifies the incorrect position of character causing conversion issue. | ||
| DT429793 | IT45688: FDC record with error code AMQ6125E reported during execution ofendmqm command | ||
| DT429819 | IT45895: Message Ids may be duplicated for pub/sub messages by the IBM MQqueue manager on Windows | ||
| DT429828 | IT46573: SYSTEM.NULLREFERENCEEXCEPTION from XMS .NET when the queue manager is unreachable | ||
| DT429841 | IT47623: Use the default DNSResolutionOrder when a user-configured value is partially invalid | ||
| DT429849 | IT47225: AIX IBM MQ fix pack bundle on Fix Central does not include the install '.toc' file | ||
| DT429852 | IT47564: Performance Monitoring Enhancements | ||
| DT429858 | IT45203: Duplicate entries are observed in application activity traces during MQDISC | ||
| DT433503 | IBM MQ mqperfck tool incorrectly reports error AMQ3072E for a local cluster queue | ||
| DT434354 | Update the IBM MQ Bridge to Salesforce to use Eclipse Jetty 12 | ||
| DT434389 | Multiple IBM_MQ_GSKit-8.0.xx.mqtag files present after fix pack installation |
IBM MQ cumulative security update 9.3.0.28 for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: May 2025)
| Is Security | Is HIPER | known issue | Description |
| ✓ | DT433544 | IBM MQ Appliance CVE-2022-49043 [CVSS base score 8.1] | |
| DT433212 | A remote queue manager's new CLUSRCVR channel cannot be inserted into the cluster after RESET CLUSTER was run to correct an earlier mistake | ||
| DT428305 | Third party component updates for cumulative security update 9.3.0.28 |
IBM MQ cumulative security update 9.3.0.27 for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: March 2025)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT43835 | IBM MQ CVE-2025-23225 and IBM MQ Appliance CVE-2025-23225 [CVSS base score 6.5] | |
| ✓ | ✓ | IT47091 | IBM MQ CVE-2024-54175 and IBM MQ Appliance CVE-2024-54175 [CVSS base score 5.5] |
| ✓ | IT47371 | IBM MQ CVE-2024-54173 and IBM MQ Appliance CVE-2024-54173 [CVSS base score 4.7] | |
| ✓ | IT47396 | IBM MQ CVE-2024-21235, CVE-2024-21217, CVE-2024-21210, CVE-2024-21208, CVE-2024-10917 [CVSS base score 5.3] and IBM MQ Appliance CVE-2024-21217, CVE-2024-21208, CVE-2024-10917 [CVSS base score 3.7] | |
| ✓ | IT47597 | IBM MQ CVE-2025-0975 and IBM MQ Appliance CVE-2025-0975 [CVSS base score 8.8] | |
| ✓ | IT47606 | IBM MQ Appliance CVE-2024-53088, CVE-2024-53122 [CVSS base score 5.5] | |
| IT46930 | Memory leak in the IBM MQ amqrmppa process | ||
| IT47288 | Problems with Linux RPM upgrade process and the IBM MQ embedded JRE and Liberty components | ||
| IT47450 | Third party component updates for cumulative security update 9.3.0.27 |
IBM MQ Cumulative Security Update 9.3.0.26 for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: December 2024)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT47065 | IBM MQ Appliance CVE-2024-36020 [CVSS base score 7.1] | |
| ✓ | IT47188 | IBM MQ CVE-2024-52896 and IBM MQ Appliance CVE-2024-52896 [CVSS base score 6.2] | |
| ✓ | IT47189 | IBM MQ CVE-2024-52897 and IBM MQ Appliance CVE-2024-52897 [CVSS base score 6.2] | |
| ✓ | IT47223 | IBM MQ CVE-2024-51471 and IBM MQ Appliance CVE-2024-51471 [CVSS base score 5.3] | |
| ✓ | IT47254 | IBM MQ CVE-2024-52898 [CVSS base score 6.2] | |
| IT41622 | 9.3 appliance firmware exhibits larger performance overheads than 9.2 for qmgrs with encrypted file system | ||
| IT47131 | Thirdparty component updates for cumulative security update 9.3.0.26 | ||
| IT47245 | Kernel modules to enable support for RDQM on RHEL 9 kernel 5.14.0_503.11.1-1 |
IBM MQ Fix Pack 9.3.0.25 for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: October 2024)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT46250 | IBM MQ CVE-2024-51470 and IBM MQ Appliance CVE-2024-51470 [CVSS base score 6.5] | |
| ✓ | IT46890 | IBM MQ CVE-2023-50314 [CVSS base score 5.3] | |
| ✓ | IT46892 | IBM MQ CVE-2024-21147, CVE-2024-21140, CVE-2024-21144, CVE-2024-21138 [CVSS base score 7.4] | |
| ✓ | ✓ | IT47031 | IBM MQ Appliance CVE-2023-52881 [CVSS base score 5.9] |
| IT38202 | Multi-instance qmgr writes FDC with Probe Id ZX028020 or ZX028090 during startup and fails over to standby instance | ||
| IT43115 | Queue Manager PutCount statistics incorrect for temporary dynamic queue | ||
| IT43696 | Hang when MQ on AIX tries to write out the call stack after a heap-corruption SIGSEGV | ||
| ✓ | IT43721 | Queue manager with global in-doubt transaction fails to start after associating with a different installation. | |
| IT43812 | Probe ID CO609020 with component cciHeartbeatMonitorThread, data: 0X00000038 on SVRCONN channel | ||
| IT44083 | Diagnostic improvements in FDC XC805110 with error code xecL_W_PERFORMANCE_BOTTLENECK | ||
| IT44224 | .NET client application raised 'SYSTEM.NULLREFERENCEEXCEPTION' instead of 'MQRC_CONNECTION_BROKEN' after reconnect timeout | ||
| IT44457 | The com.ibm.mq.MQXR.Workers property is not honored by the AMQP listener | ||
| IT44710 | IBM MQ FDC with probe ID XC006001 is generated by the 'amqrmppa'process during 'endmqm' call | ||
| IT45000 | Button of IBM MQ Explorer is grayed out and cannot be started | ||
| ✓ | IT45107 | Queue manager fails to recover damaged object if queue file location is in old format | |
| IT45158 | Memory leak is observed when a client application loads and unloads MQ internal libraries. | ||
| IT45222 | Reply to property in outbound AMQP message not set correctly | ||
| IT45366 | AMQP service intermittently hangs preventing message delivery ornew client connections. | ||
| IT45432 | AMQ9620E: Internal Error on Call to SSL Function On Channel withRC=551 from gsk_secure_soc_write | ||
| IT45483 | STOP CHANNEL command did not stop a channel that was in a never-ending loop due to a bug in third-party security exit | ||
| IT45631 | Replace MQ Telemetry FDCs for InvalidTopicFilterExceptions, IOExceptions and TransactionFullExceptions with log messages | ||
| IT45649 | IBM MQ SVRCONN channels are in stopped state after restart of queue manager. | ||
| ✓ | IT45686 | Queue manager fails to start if damaged object is not recoverable. | |
| IT45763 | Performance degradation after upgrading to IBM MQ 9.3 | ||
| IT45943 | IBM MQ TLS Client support for Extended Master Secret (EMS) | ||
| IT45988 | MFT Agent abends with NullPointerException when processing Partitioned Data Sets on z/OS. | ||
| IT46018 | MQHeaderList.write() does not correctly format header(s) whencalled with a specific CCSID and a "raw" OutputStream. | ||
| IT46066 | Changes to MQ Managed File Transfer (MFT) to support Java 21 andlater. | ||
| IT46191 | Messages delivered to AMQP clients may have incorrect message IDs | ||
| IT46237 | MFT agents create FDC during startup if the agent property "monitorMaxResourcesInPoll" is set to zero | ||
| ✓ | IT46247 | SIGSEGV in rrmUpdateSuspendList and queue manager then fails after suspending in many clusters | |
| ✓ | IT46316 | SIGSEGV in ziiSPIAdoptUser running inside AMQP listener | |
| IT46319 | RUNMQRAS collection of *.FDC files unreadable for IBM i | ||
| IT46327 | SIGSEGV in dspmqtrc | ||
| IT46343 | MFT agent unable to recover after successive MQRC 2538 leaving the agent unresponsive. | ||
| IT46399 | IBM MQ Classes for Java/JMS connecting in BINDINGS mode may generate a "Structure size check" FDC. | ||
| IT46432 | Thirdparty component updates for fix pack 9.3.0.25 | ||
| IT46439 | xa_open() fails with error code -5 (XAER_INVAL) when MQ classes for JMS application connects to a QSG | ||
| IT46459 | RDQM support for disabling ICMP protocol usage | ||
| IT46473 | IBM MQ Appliance Web UI incorrectly displays 'admin' as the logged in user. | ||
| IT46529 | IBM MQ resource adapter for Jakarta Messaging IVT wmq.jakarta.jmsra.ivt.ear fails and generates an FDC | ||
| IT46548 | IBM MQ Managed File Transfer (MFT) agent generates Javacores andheap dumps due to OutOfMemoryErrors when trace is enabled | ||
| IT46577 | IBM MQ "dspmqver -p 64" or "dspmqver -a" write messages in the error logs when displaying the 32-bit GSKit version | ||
| IT46625 | FDC is generated with Probe Id xy132005 and Component xstCreateExtent with error xecS_E_TOO_BIG | ||
| IT46648 | 5725A49 MQ "C CLIENT" MEMORY GROWTH | ||
| IT46659 | The wmq.jakarta.jmsra.ivt.ear provided by IBM MQ for z/OS returns unreadable characters. | ||
| IT46703 | MQ WEB CONSOLE FAILS TO ADD MQ MANAGER WITH A DOT "." CHARACTER IN ITS NAME. | ||
| IT46711 | Install/uninstall/upgrade failure: amqiclen: Failed to obtain lock for QMgr 'MYQM': rc=1077960969 | ||
| IT46801 | IBM MQ 9.4.0.0 upgraded to 9.4.0.5 removes the RDQM installationsetup. | ||
| IT46821 | Potential memory overwrite in amqrrmfa process | ||
| IT46908 | Error messages output when uninstalling an MQ 9.4 installation on Linux after upgrading from MQ 9.2/9.3 |
IBM MQ Cumulative Security Update 9.3.0.21 for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: September 2024)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT46080 | IBM MQ CVE-2024-2511 [CVSS base score 3.7] | |
| ✓ | IT46501 | IBM MQ CVE-2024-40681 and IBM MQ Appliance CVE-2024-40681 [CVSS base score 7.5] | |
| ✓ | IT46613 | IBM MQ Appliance CVE-2023-5981 & CVE-2024-0533 [CVSS base score 5.9] | |
| IT46433 | Thirdparty component updates for cumulative security update 9.3.0.21 | ||
| IT46492 | Altering an object to set cluster namelist with non existent namelist fails with AMQ8103E after applying APAR IT45710 |
IBM MQ 9.3.0.20 fix pack for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: March 2025)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT45510 | IBM MQ CVE-2024-31919 [CVSS base score 5.9] | |
| ✓ | IT45607 | IBM MQ CVE-2024-31912 [CVSS base score 7.5] | |
| ✓ | IT45710 | IBM MQ CVE-2024-35116 and IBM MQ Appliance CVE-2024-35116 [CVSS base score 5.9] | |
| ✓ | IT45986 | IBM MQ CVE-2024-35156 [CVSS base score 6.5] | |
| ✓ | IT46058 | IBM MQ CVE-2024-27268, CVE-2023-51775, CVE-2024-22353, CVE-2024-22329, CVE-2024-22354, CVE-2024-25026 and IBM MQ Appliance CVE-2024-22329, CVE-2024-22354 [CVSS base score 7.5] | |
| ✓ | IT46074 | IBM MQ Appliance CVE-2024-2511 [CVSS base score 3.7] | |
| ✓ | IT46075 | IBM MQ Appliance CVE-2024-29041 [CVSS base score 6.1] | |
| ✓ | IT46155 | IBM MQ CVE-2024-21085 [CVSS base score 5.9] | |
| ✓ | IT46205 | IBM MQ Appliance CVE-2021-33631, CVE-2020-12762 and IBM MQ Appliance CVE-2023-2162, CVE-2024-28834, CVE-2023-1073, CVE-2023-1079, CVE-2023-1206, CVE-2023-4132, CVE-2023-5388, CVE-2023-45871, CVE-2023-6135 [CVSS base score 7.8] | |
| ✓ | IT46217 | IBM MQ CVE-2024-35155 [CVSS base score 6.5] | |
| ✓ | IT46266 | IBM MQ Appliance CVE-2023-48795 [CVSS base score 5.9] | |
| IT38022 | Log more possible error conditions from amqiclen during installer/uninstaller processing | ||
| IT39543 | IBM MQ Bridge to Salesforce fails with AMQSF040E if the HTTP response is larger than 1 MiB. | ||
| IT41710 | CWSMQ0006E error and System.ArgumentNullException reported when attempting to connect to a version 9.2 or lower queue manager | ||
| IT42506 | MQ classes for Jakarta application throws an AssertionError using the Connection/Session toString() | ||
| IT42661 | When a RQSTR channel is started twice, a second RQSTR instance is incorrectly started with status "INITIALIZING" | ||
| IT42975 | Possibility of memory exception in IBM MQ diagnostic routine | ||
| IT43000 | IBM MQ managed .Net fails with MQRC_RFH_FORMAT_ERROR (2421) if the <usr> section of RFH2 header contains "$" | ||
| IT43178 | The channel pooling process might terminate due to a SIGSEGV in xcsWaitPid. | ||
| IT43502 | Managed .NET client using distributed transaction reports MQRC_HCONN_ERROR (2018) while using MQCNO_HANDLE_SHARE_NONE | ||
| IT43580 | 'mqconfig' utility reports incorrect required version of AIX forMQ 9.3 | ||
| IT43756 | In MQ managed XMS .Net 9.3: After the client reconnects asynchronous consumers are not automatically restarted | ||
| IT43791 | MQ application attempts to unload GSKit libraries when it had not loaded them | ||
| IT44106 | High CPU usage in MQ appliance when or after using dspmqerr command | ||
| IT44108 | IBM MQ MFT agent ends unexpectedly with a NullPointerException | ||
| IT44298 | Running the MQSC command 'DISPLAY AUTHINFO' might incorrectly show the 'LDAPPWD' parameter as EMPTY | ||
| IT44384 | Channel loops if a message on the transmit queue exceeds the MAXMSGL attribute of the Queue manager | ||
| IT44403 | MQ 9.3.x .Net core application encounters error MQRC 2219 when using security exits | ||
| IT44422 | When MFT Agent is started with -F option can see blank lines written to console/job control log. | ||
| IT44454 | MQ classes for JMS API threads may deadlock when the queue manager is configured to use SSLRKEYC | ||
| IT44458 | amqmfsck or crtmqm might fail unexpectedly on NFS file system on AIX | ||
| IT44510 | No warning is provided when duplicate cluster receiver channels are created with a mismatched queue manager name | ||
| IT44532 | The runmqicred command reports "error while loading shared libraries: libmqml_r.so" | ||
| IT44577 | High memory usage in amqrmppa process | ||
| IT44601 | Cannot delete a queue manager using the IBM MQ Web Console | ||
| IT44621 | IBM MQ Appliance: setamschl command might inject invalid characters into a configuration file when the "-d" flag is used. | ||
| IT44706 | IndexOutOfBoundsException can occur while logging a message to the transfer log, when source disposition of delete fails | ||
| IT44731 | MQ appliance queue manager does not end as expected when stoppedby suspending the appliance and subsequently fails to start | ||
| IT44741 | Unable to start or delete channel after scratchpad damage | ||
| IT44798 | A ICH408I error can occur after upgrading the WebSphere Liberty Profile used by the IBM MQ Console to 22.0.0.12 on z/OS | ||
| IT44910 | MQ trace on server incorrectly captures user message data duringclient MQGET when using the "-d 0" flag on strmqtrc | ||
| IT44949 | MQ .Net core application with security exit reports error 2273 (connection broken) if exit buffer size not divisible by 4 | ||
| IT44950 | MFT agent running as a Windows service fails to start with the error "%1 is not a valid Win32 application" | ||
| IT45020 | Using the IBM MQ Jakarta Resource Adapter IVT fails due to a missing WMQ_JAKARTA_IVT.war file | ||
| IT45035 | MQ 9.2.4 or later client pub/sub app cannot consume messages after reconnecting following a connection break | ||
| IT45060 | Managed File Transfer (MFT) agents report a BFGIO0076E errorwhen transferring data sets on extended attribute volumes | ||
| IT45074 | An MFT agent can receive BFGSS0024E due to receiving a 2127 when performing a PDS Member transfer | ||
| IT45102 | Having a platform value which is NOT OS400/UNIX/WINDOWS in the ProtocolBridgeProperties.xml is ignored silently | ||
| IT45106 | Add additional diagnostics to AT077013 atxAssociationRemove FDCs | ||
| IT45113 | SIGSEGV in reconnectable MQ client application | ||
| IT45128 | Increased memory usage after upgrading to MQ 9.3 | ||
| ✓ | IT45131 | Probe Id XC130004 SIGSEGV in rrmRecoClqMgrDelRemote function in amqrrmfa causes queue manager to fail | |
| IT45156 | HTTP POST requests submitted to the MQ REST API (mqweb) without Content-Type header "charset=UTF-8" are processed incorrectly | ||
| IT45179 | This is an administrative APAR to include Advanced VUE functionality in MQ Advanced. | ||
| IT45181 | XMS .NET applications connecting to a queue sharing group throw MQRC 6109 while closing the consumer | ||
| IT45206 | Intermittent timing issue where an MFT resource monitor may sendan unexpected 0 byte file. | ||
| IT45225 | Thirdparty component updates for fix pack 9.3.0.20 | ||
| IT45226 | MQ Appliance : HA control of a HA queue manager is in disabled state when it should be in enabled state | ||
| IT45247 | Additional information added into ZF225050 First failure data (FDC) file | ||
| IT45386 | MQ Appliance appliance sethagrp force migration(-f) not working if only secondary or replication interfaces unavailable | ||
| IT45390 | MQ Appliance runmqras "-section format" fails with "dspmqtrc: command not found" | ||
| IT45438 | An MQ JMS Client using TLSv1.3 GCM Cipher receives an RC=2009 and the Queue Manager generates an FDC with ProbeID CO373099. | ||
| IT45453 | FDC with probe XC130003 and application received RC 2009 (connection broken) on channel with RCVEXIT and SHARECNV(1) | ||
| IT45567 | MQ Appliance: crtdrprimary/crtdrsecondary command allows duplicate RecoveryName and RecoveryIP in command line | ||
| IT45625 | JMQI does not replace unmappable characters in the message body when indicated to do so. | ||
| IT45740 | Using the com.ibm.mq.headers.MQMD.copyFrom() method and MQ classes for Java can result in a NullPointerException | ||
| ✓ | IT45748 | Unable to start or delete channel after migrating queue manager to MQ 9.3 | |
| IT45784 | JMQI does not successfully recreate a temporary dynamic queue after being balanced in a Uniform Cluster. | ||
| IT45968 | Connection from a backlevel client sending an MQCSP structure isrejected when PasswordProtection=warn | ||
| IT45980 | Unable to access Crypto Configuration sections in the MQ Appliance webUI. | ||
| IT46256 | Update to modver script for RDQM on RHEL 8.10 | ||
| IT46337 | Upgrade the JRE level for IBM MQ V9.3 to JAVA 8.0.8.25 for AIX, Linux, and Windows | ||
| SE80818 | 5725A49 "C CLIENT" INSTALL LOG ROLLOVER PROCESSING INCORRECT | ||
| SE80838 | GRTMQMAUT OBJ(*ALL) OBJTYPE(*Q) giving only *ADMDSP and other authorities are only partially processed | ||
| SE80841 | 5725A49 MQ "C CLIENT" ERROR LOGGING PER-USER ROLLOVER FAILURE | ||
| SE80842 | 5725A49 ERROR LOG SIZE CONTROL | ||
| SE80990 | Keystores created using the default runmqckm settings are not compatible with IBM i | ||
| SE81123 | MQ V9.3 CHGMQM SSLKEYRPWD() LOCK DOES NOT RELEASE STASH.STH. 5724H72 |
IBM MQ 9.3.0.17 cumulative security update for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: 25 April 2024)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | ✓ | IT45110 | IBM MQ CVE-2024-25048 and IBM MQ CVE-2024-25048 [CVSS base score 7.5] |
| ✓ | IT45253 | IBM MQ CVE-2023-26159 and IBM MQ Appliance CVE-2023-26159 [CVSS base score 7.1] | |
| ✓ | IT45331 | IBM MQ CVE-2024-25015 [CVSS base score 7.5] | |
| ✓ | IT45642 | IBM MQ Appliance CVE-2023-28466 [CVSS base score 6.2] | |
| ✓ | IT45643 | IBM MQ Appliance CVE-2024-0727 [CVSS base score 3.1] | |
| ✓ | IT45762 | IBM MQ CVE-2024-20952 and CVE-2023-33850 [CVSS base score 7.5] | |
| ✓ | SE81096 | IBM MQ CVE-2024-0727 and CVE-2023-6237 [CVSS base score 3.1] | |
| IT43974 | MQ IPT reports MQCPE020 and MQCPE048 messages when extending thevalue 'MAXCONNECTIONTHREADS' . | ||
| ✓ | IT45131 | Probe Id XC130004 SIGSEGV in rrmRecoClqMgrDelRemote function in amqrrmfa causes queue manager to fail | |
| IT45617 | Thirdparty component updates for cumulative security update 9.3.0.17 | ||
| IT45788 | Upgrade the JRE level for IBM MQ V9.x to Java 8.0.8.20 for AIX, Linux, and Windows | ||
| ✓ | IT45890 | IBMJCEPlusFIPS RSA FIPS 140-2 cipher suites have been removed inthe latest Java runtime shipped with IBM MQ | |
| SE81342 | MESSAGE AMQ9917 NOT DEFINED IN MQ 9.3.0.15+ ON IBM I |
IBM MQ 9.3.0.16 cumulative security update for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: 5 March 2024)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT44954 | IBM MQ CVE-2023-47745 [CVSS Base score 6.2] | |
| IT45017 | Thirdparty component updates for cumulative security update 9.3.0.16 | ||
| ✓ | IT45026 | IBM MQ CVE-2024-25016 and IBM MQ Appliance CVE-2024-25016 [CVSS base score 7.5] | |
| IT45097 | MQ appliance M2002 displays Link Aggregation interface names as "illegal" after upgrading from MQ 9.2 to MQ 9.3. | ||
| IT45202 | Failure in a network interface card might cause adjacent NIC to go down incorrectly. | ||
| ✓ | IT45274 | IBM MQ CVE-2023-39976 [CVSS Base score 9.8] | |
| IT45343 | Kernel modules to enable support for RDQM on RHEL 9 kernel 5.14.0-362.18.1 |
IBM MQ 9.3.0.15 fixpack for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: 14 December 2023)
| Security APAR | HIPER APAR | APAR | Description |
| IT38647 | SIGSEGV in MQ application within function xcsReadEnvironment under libmqe.so | ||
| IT41300 | strmqm with incorrect file permissions and ownership hangs during queue manager startup | ||
| IT42593 | IBM MQ appliance commands do not notify the user about the restart of the queue manager. | ||
| IT42974 | An MQ Managed File Transfer (MFT) agent reports a NullPointerException in its event log (output0.log) | ||
| IT43410 | IBM MQ managed .Net client connecting to queue manager fails intermittently with MQ ERROR 2195 and 2009. | ||
| IT43505 | The amqsmon sample program provide with MQ does not recognize the -qm flag. | ||
| IT43663 | A duplicate message might be intermittently generated by the queue manager on Windows | ||
| IT44089 | DISPLAY CHSTATUS(*) SAVED returned "AMQ8135E: Not authorized" for auto-defined CLUSSDR channel status records | ||
| IT44104 | IBM MQ 9.3 queue manager might crash when using QALIAS of cluster queue as STREAMQ | ||
| IT44105 | MQ Jakarta Resource Adapter references incorrect classes leadingto NoClassDefFoundError | ||
| IT44134 | IBM MQ XMS client registers extraneous files with the .NET global assembly cache | ||
| IT44173 | MQSUB fails to automatically reconnect with 2548: MQRC_RECONNECT_FAILED | ||
| IT44235 | The runmqsc program fails with SIGSEGV when unexpected data is encountered in a PCF reply message | ||
| IT44251 | Queue manager trace temporarily disables itself when trace is started with the '-m' switch | ||
| IT44261 | Restrict number of lines output from dspmqtrc saying unrecognised hookID | ||
| IT44270 | IBM MQ MFT database logger fails to connect to DB2 with SQL30082N (reason 3) if it can't access the credentials file | ||
| IT44409 | Message rejected by Qpid Proton client not handled by MQ 9.3 LTSAMQP Service | ||
| IT44410 | Queue manager fails to restart when inconsistent line endings are in an MQSC automatic configuration script | ||
| IT44412 | Enhancements to the modver utility | ||
| IT44419 | MQ Appliance might reload due to memory throttling. | ||
| IT44421 | MQ Appliance 9.3: The web console access profile builder is missing MQ related resource types. | ||
| IT44499 | MQ JAVA/JMS trace fails due to java.lang.NumberFormatException | ||
| IT44513 | dmpmqcfg on Windows might output a truncated username suffixed with an invalid character | ||
| IT44554 | Thirdparty component updates for fix pack 9.3.0.15 | ||
| IT44567 | MFT agents generate FFDCs containing a NullPointerException, and monitors stop triggering, after upgrading to 9.3.0.10 | ||
| IT44575 | MCAUSER of a requester channel shows misleading user ID in channel status when RQSTR-SVR channels are started. | ||
| ✓ | IT44589 | IBM MQ Appliance CVE-2023-4807 [CVSS Base score 6.2] | |
| IT44606 | Memory leak in IBM MQ amqrmppa process when using MQIBindType=FASTPATH | ||
| IT44717 | Allow suppression of protocol error caused by v5 Java/JMS clients | ||
| IT44786 | Removal of the IBM MQ Bridge to blockchain component | ||
| ✓ | IT44821 | IBM MQ Appliance CVE-2023-5072 and IBM MQ CVE-2023-5072 [CVSS Base score 7.5] | |
| IT44858 | MQ Appliance 9.3 LTS RBM "read" access profile for the mgmt RESTAPI is insufficient to grant read access | ||
| ✓ | IT44885 | IBM MQ Appliance CVE-2023-46177 [CVSS Base score 6.5] | |
| IT44926 | Kernel modules to enable support for RDQM on RHEL 9.3 kernel 5.14.0-362.8.1 and RHEL 8.9 kernel 4.18.0-513.5.1 | ||
| ✓ | IT44961 | IBM MQ Appliance CVE-2023-22081, CVE-2023-567 IBM MQ CVE-2023-22081, CVE-2023-5676 [CVSS Base score 5.3] | |
| SE79607 | IBM MQ MFT upgrade via SLIP install error | ||
| SE80208 | MQ FDC XC006001 XCSFREEMEMFN ON FIRST STRMQM AT V9.3 | ||
| SE80551 | IBM MQ MANAGER MAY CRASH SHORTLY AFTER STARTUP |
IBM MQ 9.3.0.11 cumulative security update for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: 30 October 2023)
| Security APAR | HIPER APAR | APAR | Description |
| IT44059 | Thirdparty component updates for cumulative security update 9.3.0.11 | ||
| ✓ | IT44585 | IBM MQ CVE-2023-38039 [CVSS Base score 7.5] |
IBM MQ 9.3.0.10 fixpack for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: 31 August 2023)
| Security APAR | HIPER APAR | APAR | Description |
| IT34804 | Subscription messages are delivered out of sequence when using clustered pub/sub with multiple receiver channels | ||
| IT40382 | High CPU usage for IBM MQ amqzlaa0 process | ||
| IT40928 |
Unable to put a message to a queue when using a CCSID 943 JVM using the MQ classes for Java
|
||
| IT40977 | IBM MQ create subscription fails with 'AMQ8135E: Not authorized' | ||
| IT41181 | IBM MQ web console does not display new INITKEY and KEYRPWD attributes | ||
| IT41304 | MFT system property "com.ibm.wmqfte.cred.keyfile" is misspelt as "com.ibm.wqmfte.cred.keyfile" | ||
| IT41323 | Partial repository queue manager prematurely reports AMQ9456 warning or erroneous MQRC_UNKNOWN_OBJECT (2085) | ||
| IT41430 | MQ appliance status command might incorrectly show reduced disk allocation | ||
| ✓ | ✓ | IT41871 | IBM MQ CVE-2023-45177 & IBM MQ Appliance CVE-2023-45177 [CVSS Base score 5.3] |
| IT41913 | Excessive FDC records with probe identifier XC805110 XRUQUERYCPU_QM XECL_W_PERFORMANCE_BOTTLENECK | ||
| IT41985 | The character set used in the error logs for an RDQM Queue Manager changes depending on how the queue manager is started | ||
| IT42128 | AMS protected messages lose message properties when involved with SYSTEM.PROTECTION.ERROR.QUEUE | ||
| IT42341 | Attempting to restore a queue manager from a backup created with an older version of IBM MQ fails with error AMQ6546E. | ||
| IT42462 | CRDATE and CRTIME fields of the SYSTEM.DEFAULT.SUB object are set to blank vales | ||
| IT42550 | The SYSTEM.DEFAULT.SUB object disappeared and an FDC with probe identifier KN483002 was generated. | ||
| IT42821 | XMS .NET Core applications return an invalid message payload if the message was sent by a Mainframe application | ||
| IT42851 | Memory leak in the IBM MQ amqzlaa0 process | ||
| IT43013 | Using the WebConsole to Remotely browse messages on a queue on a z/OS queue manager show nothing. | ||
| IT43016 | MQ Classes for Java throws a MQRC 2019 exception 'MQRC_HOBJ_ERROR' when attempting to close a queue | ||
| IT43044 | MQ Appliance userrestore command fails with AMQ6650E when restoring a backup file that contains a group with many users | ||
| IT43084 | A 2085 or 3015 error is received when the IBM MQ Console or other application uses the Inquire Queue administrative command | ||
| IT43183 | IBM MQ resource adapter leaks LocalServer objects if an MDB's ejbCreate() method throws an exception | ||
| IT43316 | MQOPEN incorrectly returns 2189 MQRC_CLUSTER_RESOLUTION_ERROR for a queue that is not known in the cluster | ||
| IT43336 | MQ classes for Java API throws MQRC 2111 'MQRC_SOURCE_CCSID_ERROR' when getting a message. | ||
| IT43342 | SIGFPE divide by zero in xruQueryDiskUsageVolumeGroup when RDQM volume group has zero size | ||
| IT43349 | Delay in IBM MQ 9.2/9.3 multi-instance queue manager failover/switchover | ||
| IT43514 | Third party component updates in fix pack 9.3.0.10 | ||
| IT43646 | Clustering recovery and diagnostic improvements | ||
| IT43650 | Channel fails with AMQ9620 gsk_secure_soc_init error 12 when FIPS is enabled and TLS_CHACHA20_POLY1305_SHA256 is used | ||
| ✓ | IT43654 | Qmgr might generate FDC RN189010 with rrcE_FILE_CORRUPT after applying IT42194, channel might go unresponsive with high CPU usage. | |
| IT43679 | IBM MQ REST API removes the Carriage Return (CR) character from messages. | ||
| IT43691 | MFT PBA ABENDs with IndexOutOfBoundException if SFTP server returns a filesize of -1 | ||
| IT43724 | Kernel modules to enable support for RDQM on RHEL 9.2 kernel level 5.14.0-284.11.1 | ||
| IT43740 | MQ Bridge to SalesForce reports NullPointerExceptions when reconnecting to Salesforce | ||
| IT43770 | Kernel modules to enable support for RDQM on RHEL 8.8 kernel level 4.18.0-477.10.1 | ||
| IT43783 | MQ processes and commands might fail if the qm.ini file contains unexpected character and MQ trace is enabled | ||
| IT43790 | MQ 9.2 always outputs INDOUBT(YES) in Saved channel status, even when the channel is not indoubt | ||
| IT43806 | MFT resource monitor fails to re-trigger on an item that has been successfully processed and is then manually put back | ||
| IT43854 | A MQ classes for JMS application reaches a deadlock condition when comparing MQDestination objects | ||
| IT43872 | MQ appliance generates errors related to non MQ objects(b2bp and apigw) when querying SNMP MIB | ||
| ✓ | IT43897 | IBM MQ Appliance CVE-2023-2650 (Appliance OpenSSL) [CVSS base score 7.5] | |
| ✓ | IT44043 | IBM MQ CVE-2023-21930, CVE-2023-21967, CVE-2023-21939, CVE-2023-21938 and MQ Appliance CVE-2023-21930, CVE-2023-21967 [CVSS base score 7.4] | |
| IT44111 | In the MQ web console in Spanish, rename the button for 'CLEAR QUEUE' to be 'VACIAR COLA' | ||
| IT44184 | Uninstalling mqm.web.rte fileset on AIX may report non-zero exit status error even though directory has been removed | ||
| IT44203 | The DRDB and Pacemaker Linux RPM packages in the MQ installation media have inconsistent file mode permissions | ||
| IT44268 | Following an HA reconnection, the queue manager no longer runs on the preferred node | ||
| IT44335 | Migration of IBM MQ Appliance HA queue manager from MQ 9.2 to 9.3 fails if the queue manager has been manually stopped | ||
| SE79493 | MQ logger event enabled on IBM i generates redundant logger message information | ||
| SE79541 | IBM MQ manager may crash if journal locked when AMQZMUC0 attempts CHGJRN *GEN | ||
| SE79868 | 5725A49 MQ client connection fails with 2071 AMQ9211 on 65th connection within same job | ||
| SE79913 | MQ client application failure 3452 | ||
| ✓ | SE80122 | IBM MQ CVE-2023-2650 for OpenSSL (IBM i ) [CVSS base score 7.5] |
IBM MQ 9.3.0.6 cumulative security update for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: June 2024)
| Security APAR | HIPER APAR | APAR | Description |
| IT40694 | The runmqakm command does not report an error when the target file is not writable | ||
| IT41592 | IBM MQ might become unresponsive due to delays in its cyptographic provider | ||
| ✓ | IT42945 | IBM MQ CVE-2023-28513 and IBM MQ Appliance CVE-2023-28513 [CVSS base score 5.9] | |
| IT43039 | Thirdparty component updates for cumulative security update 9.3.0.6 | ||
| ✓ | IT43704 | IBM MQ Appliance CVE-2022-48303 [CVSS base score 7.8] | |
| ✓ | IT43717 | IBM MQ CVE-2023-24998 and IBM MQ Appliance CVE-2023-24998 [CVSS base score 7.5] | |
| ✓ | IT43802 | IBM MQ CVE-2023-32342 and IBM MQ Appliance CVE-2023-32342 [CVSS base score 7.5] |
IBM MQ 9.3.0.5 fix pack for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: October 2024)
| Security APAR | HIPER APAR | APAR | Description |
| IT35334 | MQRC 2019 'MQRC_HOBJ_ERROR' when opening a queue using the MQ classes for Java | ||
| IT35455 | Provide feedback in the MQ error log when LDAP connection is slow | ||
| IT36231 | IBM MQ XMS exception listener is only triggered on Connection broken exceptions | ||
| IT36555 | AMQ9635 error message displays arbitrary characters at the end of the CipherSpec in the MQ queue manager error logs | ||
| IT36965 | System.NullReferenceException occurs when .Net client tries to browse multiple messages. | ||
| IT37481 | Poor performance observed with MQIPT under load when running with Trace=1 or higher in the mqipt.conf file | ||
| IT37483 | High CPU usage reported for an agent process amqzlaa0 when ending the MQ queue manager | ||
| IT37500 | FDCs with ProbeID 'CO609020' generated by queue manager for a SVRCONN channel with SHARECNV(1) | ||
| IT37842 | IBM MQ AMQP channel does not start automatically with AMQP service after upgrade | ||
| IT38618 | After applying a fix pack to a Developer Edition installation onWindows, dspmqver incorrectly reports production license | ||
| IT38726 | IBM MQ process amqzmuc0 may consume 100% CPU | ||
| IT39358 | SSL protocol exception reported by IBM MQ Java/JMS clients during TLS handshake when qmgr keystore has many certificates | ||
| IT39743 | IBM MQ process amqpcsea ended unexpectedly with insufficient diagnostics | ||
| IT39803 | XMS sample programs SimpleConsumer and SimpleProducer do not honor the SSL key repository parameter | ||
| IT40332 | amqrmppa generates FDC XC006001 from xcsFreeMemFn with error xecS_I_PRIVATE_MEMORY_ERROR and Comment "invalid head tag" | ||
| IT40337 | IBM MQ full repository queue manager reported errors AMQ9435E and 2085 (MQRC_UNKNOWN_OBJECT_NAME) | ||
| IT41426 | The runmqsc DISPLAY QMGR help text is misaligned | ||
| IT41625 | RDQM configured for both HA and DR unable to run on any node after frequent connection interruptions | ||
| IT41652 | RDQM: Unexpected failover caused by excessive sensitivity to network delays | ||
| IT41964 | IBM MQ generates corrupted file paths for .TRS files when a longMQ data path has been set | ||
| IT42294 | Broken JMS connections remain in JEE connection pools if an enterprise application registers its own ExceptionListener | ||
| ✓ | IT42322 | Native HA queue manager generates FDC with probe ID HL199020 hrcE_UNEXPECTED_ERROR | |
| IT42339 | Bad data arrived at MQ's socket in an MQ client application, butthe required FDC was not written | ||
| IT42355 | MQ classes for JMS applications become blocked while creating a JMS Session when using automatic client reconnection | ||
| IT42384 | MQ-JMS application hangs when consuming a message from a v6.0 queue manager | ||
| IT42425 | MQ Telemetry fails to start and reports an AMQXR0008E containing reason code 2059 (MQRC_Q_MGR_NOT_AVAILABLE) | ||
| IT42435 | ZLIBFAST channel compression results in failures with a JMS MessageConsumer | ||
| IT42634 | XMS .NET USES UNSAFE METHOD WHILE CREATING A THREAD IN THE SIBUSCOMPONENT. | ||
| ✓ | ✓ | IT42674 | IBM MQ CVE-2022-43919 and IBM MQ Appliance CVE-2022-43919 [CVSS base score 5.3] |
| IT42690 | MQ queue manager might report AMQ6762E(log extent corrupt) during startup | ||
| IT42798 | First failure data (FDC) records with probe OP233170 from trcFCloseFn written when MQ trace filesystem is full | ||
| IT42810 | Many ZM013000 ztmTidyUpXASessions trcE_UNEXPECTED_RM_ERROR FDCs from MQ code in application | ||
| ✓ | IT42812 | IBM MQ CVE-2023-22874 [CVSS base score 5.5] | |
| IT42942 | An additional RDQM kernel module is required for RHEL 8.7 kernel4.18.0-425.10.1 | ||
| IT43175 | Third party component updates in fix pack 9.3.0.5 | ||
| ✓ | IT43177 | IBM MQ Appliance CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2022-4450 [CVSS base scores 7.5 - 8.2] | |
| ✓ | IT43273 | IBM MQ CVE-2023-27535, CVE-2023-23916 [CVSS base scores 7.5 - 9.1] | |
| ✓ | IT43335 | IBM MQ CVE-2023-28950 [CVSS base score 5.1] | |
| ✓ | IT43377 | IBM MQ Appliance CVE-2021-46848, CVE-2022-43680, CVE-2022-40303, CVE-2022-40304 [CVSS base scores 7.5 - 9.1] | |
| ✓ | IT43381 | IBM MQ CVE-2023-26285 and IBM MQ Appliance CVE-2023-26285 [CVSS base score 5.9] | |
| IT43387 | IBM MQ Appliance incorrectly displays NFS static mount configuration page | ||
| IT43454 | Kernel modules to enable support for RDQM on RHEL 9.1 kernel level 5.14.0-162.22.2 | ||
| IT43741 | Running IBM MQ commands during installation of MQ may result in failures opening CCSID file table | ||
| PH51546 | Managed File Transfer (MFT) agent ABENDs with a B37-04 condition while transferring to a sequential data set. | ||
| SE78759 | STRMQM failure AMQ7061I with ProbeID ZX000126 | ||
| SE78955 | ENDMQM processing error MCH3601 | ||
| SE79052 | MQGET in syncpoint return code variance | ||
| SE79341 | ENDCMTCTL CPF8355 AFTER MQ IN IBM I TRANSACTION | ||
| ✓ | SE79414 | IBM MQ CVE-2022-4450, CVE-2023-0216, CVE-2023-0401, CVE-2022-4203, CVE-2023-0217, CVE-2022-4304 [CVSS base score 7.5] | |
| SE79734 | ENDMQM looping in QUIESCING state when utility manager threadended unexpectedly |
IBM MQ 9.3.0.4 cumulative security update for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: 26 February 2023)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT42194 | IBM MQ CVE-2022-40237 [CVSS base score 6.5] | |
| IT42761 | Thirdparty component updates for cumulative security update 9.3.0.4 | ||
| ✓ | IT43061 | Executing runmqras against an RDQM queue manager as root may cause a kernel crash |
IBM MQ 9.3.0.3 cumulative security update for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: 26 January 2023)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT42724 | IBM MQ CVE-2021-37533 [CVSS base score 6.5] | |
| IT42725 | Update Apache Commons Net level to 3.9.0 for IBM MQ | ||
| ✓ | IT42853 | IBM MQ Appliance M2002 migration from 9.2 to 9.3 fails if a floating IP address is assigned to a subset of configured High Availability queue managers |
IBM MQ 9.3.0.2 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: November 2023)
| Security APAR | HIPER APAR | APAR | Description |
| IT34707 | IBM MQ classes for Java generated MQSTR format messages with message properties are always encoded in CCSID 1208 | ||
| IT35513 | The IBM MQ managed .Net client does not use the certificateLabel attribute specified in a CCDT | ||
| IT35772 | The message BFGUB0068E does not reflect the error of MFT data directory doesn't have write permission | ||
| IT36749 | In IBM MQ 9.2 .Net client throws System.ArgumentException Exception when using MQGET with waitInterval | ||
| IT39332 | IBM MQ appliance sethaint command does not notify the user about queue manager restart when floating IP is added | ||
| IT39409 | IBM MQ shows incorrect status when channel status is displayed with CONNAME('IP(PORT)') | ||
| IT39850 | IBM MQ managed .NET client using uppercase certificatelabel via hashtable or MQEnvironment property fails. | ||
| IT40296 | The DISPLAY CHSTATUS command incorrectly provides output for inactive channels | ||
| IT40554 | Memory leak in IBM MQ amqzlaa0 process after MQRC_SYNCPOINT_LIMIT_REACHED is encountered | ||
| IT40838 | IBM MQ client unable to connect to an IBM MQ version 8.0 or later queue manager when using SSPI security exit | ||
| IT40956 | DISPLAY CHSTATUS for a SDR channel contained LONGRTS(0) SHORTRTS(0) but the channel had not retried many times | ||
| IT41012 | IBM MQ agent process (amqzlaa0) terminates unexpectedly in queue full scenario | ||
| IT41035 | Application terminates with FDC XC130003 due to memory exception(SIGSEGV) in TraceEntry in mqccred exit | ||
| IT41242 | MFT Audit Information can incorrectly report DESTINATION_FILE_SIZE as -1 for a recovered transfer request | ||
| IT41272 | Redistributable Java client incorrectly contains JMSAdmin tool | ||
| IT41354 | IBM MQ 9.2 client might report a memory segmentation fault when JSON format CCDT file used along with TLS | ||
| IT41391 | The endmqm command help/usage text does not list the "-t" and "-tp" options. | ||
| IT41422 | IBM MQ for Linux writes FDC from 32-bit application reporting XC035011 and errno 22 from pthread_create | ||
| IT41424 | Update the JRE to level 8.0.7.15 on AIX, Linux, Solaris, Windows, and 8.0.7.10 on HP-UX for IBM MQ | ||
| IT41479 | Update level of GSKit supplied with IBM MQ 9.3 to GSKit 8.0.55.29 | ||
| IT41482 | IBM MQ Console is missing certain attributes in the queue storage panel. | ||
| IT41530 | The dmpmqmsg utility is not able to browse an AMS-protected queue containing a message larger than 6700 bytes | ||
| IT41695 | IBM MQ Console reports MQWB2013E error containing reason code 2085 when trying to administer queues in a QSG | ||
| IT41697 | IBM MQ 9.3 XMS .Net client hangs on dispose of ISession | ||
| IT41777 | IBM MQ-RA activation specification running in non-ASF mode in WebSphere Application Server pauses prematurely | ||
| IT41811 | IBM MQ .NET applications hang during reconnection when connected to a uniform cluster. | ||
| IT41904 | FDC record with Probe ID CO373099 does not include the peer connection name in the header | ||
| IT41919 | Channels fail to start with MQRC_SSL_INITIALIZATION_ERROR (2393)when using TLS1.3 with SSLFIPS(YES) | ||
| IT42017 | Managed File Transfer (MFT) agent shuts down due to reason code 2017 when using the multiple channel functionality | ||
| ✓ | IT42021 | IBM MQ CVE-2022-34165 & IBM MQ Appliance CVE-2022-34165 [CVSS base score 5.4] | |
| IT42024 | Update the WebSphere Liberty Profile to 22.0.0.9 plus interim Fixes PH46816 and PH48810 | ||
| ✓ | ✓ | IT42098 | IBM MQ Appliance CVE-2022-1012, CVE-2021-45485, CVE-2021-45486 [CVSS base score 6.2 & 8.2] |
| ✓ | IT42100 | IBM MQ CVE-2021-2163 and IBM MQ CVE-2023-30441 and IBM MQ Appliance CVE-2023-30441 [CVSS base score 7.5] | |
| IT42142 | Error message AMQ9575 is incorrect for non-English languages | ||
| IT42173 | MQCONNX fails with MQRC_SSL_INITIALIZATION_ERROR (2393) if multiple hostnames and SSLPeerName are specified | ||
| ✓ | IT42204 | IBM MQ CVE-2022-42436 [CVSS base score 4] | |
| ✓ | IT42209 | IBM MQ CVE-2022-24839 [CVSS base score 7.5] | |
| IT42253 | Deadlock occurs if trace is enabled on a managed file transfer (MFT) 9.3.0.1 agent that has resource monitors defined | ||
| ✓ | IT42280 | IBM MQ CVE-2022-25857 [CVSS base score 7.5] | |
| IT42291 | Update the Hyperledger Fabric Gateway, Jetty and CometD for IBM MQ 9.3 LTS for the IBM MQ Bridge to Blockchain/Salesforce | ||
| IT42321 | MQ command ffstsummary.exe fails to read FDC files more than 2 GB in size | ||
| IT42324 | Update Bouncy Castle shipped by IBM MQ 9.3 LTS to version 1.72 | ||
| IT42325 | Upgrade ICU4J for IBM MQ MFT to 72.1 | ||
| IT42326 | Update JSON shipped by IBM MQ 9.3 LTS to version 20220924 | ||
| IT42327 | Upgrade the Apache qpid-proton-j level for IBM MQ to qpid-proton-j 0.34.0 | ||
| IT42328 | Update IBM Sterling c:d Application Interface for Java (CDJAI) to 1.1.0.1 | ||
| IT42330 | Update FasterXML (jackson library) to the latest version . | ||
| ✓ | IT42342 | IBM MQ CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752 [CVSS base score 5.3] | |
| ✓ | IT42343 | IBM MQ CVE-2022-3510, CVE-2022-3509 and IBM MQ CVE-2022-1471, CVE-2022-41854 and IBM MQ CVE-2022-3171 [CVSS base score 8.3] | |
| ✓ | IT42344 | IBM MQ CVE-2022-42004, CVE-2022-42003 [CVSS base score 6.2] | |
| IT42349 | Update level of zlib supplied with IBM MQ 9.3 LTS to 1.2.13 | ||
| IT42351 | Update level of libedit supplied with IBM MQ 9.3 LTS to 0:69:0 (20221009-3.1) | ||
| IT42386 | Update DRBD and Pacemaker packages supplied with IBM MQ 9.3 LTS | ||
| IT42418 | Update the WebSphere Liberty Profile to 22.0.0.12 | ||
| IT42420 | IBM MQ Appliance RAID battery high temperature warning can be given incorrectly at 40 degrees C | ||
| IT42444 | Updates to internal firmware components on the IBM MQ Appliance | ||
| IT42445 | Kernel modules to enable support for RDQM on RHEL 8.7 (Kernel level 4.18.0-425) | ||
| IT42456 | Update the IBM JRE to level 8.0.7.20 (AIX, Linux, Solaris, and Windows) for IBM MQ | ||
| ✓ | IT42457 | IBM MQ: CVE-2022-21626, CVE-2022-21624; IBM MQ Appliance: CVE-2022-21626 [CVSS base score 5.3] | |
| IT42527 | Update level of libcurl supplied with IBM MQ 9.3 LTS to 7.86.0 | ||
| ✓ | ✓ | IT42613 | IBM MQ: CVE-2022-43902; IBM MQ Appliance: CVE-2022-43902 [CVSS base score 6.5] |
| SE78032 | AMS reports error message incorrectly when journaling on PEM files. | ||
| SE78411 | Several IBM MQ on IBM i CL commands run with in a panel then F5 refresh causes SEGV | ||
| SE78457 | ENDMQM looping in QUIESCING state when utility manager thread ended unexpectly | ||
| SE78501 | AMQRMPPA AMQZLAA0 jobs running is wrong subsystem(QMQM) after configuration of custom subsystem | ||
| SE78600 | IBM MQ authority record not shown. | ||
| SE78659 | Command WRKMQMQSTS with *CONNAME filter may hang or crash IBM MQ queue manager. | ||
| SE78732 | IBM MQ 9.2: Queue manager fails to start across user profiles with different CCSID. | ||
| SE78810 | Update level of OpenSSL shipped with IBM MQ 9.3 LTS on IBM i to OpenSSL 3.0.7 | ||
| ✓ | SE78814 | IBM MQ CVE-2022-3602, CVE-2022-3786 [CVSS base score 7.5] |
(Last modified: 22 September 2022)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT33206 | IBM MQ CVE-2022-31772 [CVSS base score 5.3] | |
| IT37148 | FDCs with probe identifiers RM632001/RM632002 are generated while running an IBM MQ C client application | ||
| IT38770 | fteListMonitors can display monitor details twice if the monitor configuration is being updated when it is run | ||
| IT39231 | IBM MQ 9.2 LTS fix pack rpm installer does not correctly prohibit application to a 9.2.x CD installation | ||
| IT39802 | IBM MQ Java/JMS application appears to hang when connecting to a non-responsive queue manager | ||
| IT39919 | IBM MQ resource adapter logs large MQJCA4023 messages if an activation specification fails to connect to a queue manager | ||
| IT39972 | IBM MQ Classes for Java/IBM MQ JMS for Java with trace enabled can result in unexpected increased indentation for methods | ||
| IT40168 | fteDeleteAgent with the -f option does not remove resource monitor publications from coordination queue manager | ||
| IT40502 | Security exit user data (SCYDATA) is not passed to a security exit when using the IBM MQ classes for Java and a CCDT | ||
| IT40532 | Managed File Transfer destination agent stops and generates an ABEND file containing a java.nio.file.InvalidPathException | ||
| IT40577 | AMQP clients intermittently stop receiving messages from the IBM MQ AMQP service after upgrading to IBM MQ 9.2.0.4 | ||
| IT40648 | FDCs generated in user application with ProbeId ZT424000 from component zutLookupRelease | ||
| IT40776 | NullPointerException observed when a security exit is being called concurrently on multiple threads. | ||
| IT40791 | IBM MQ Classes for JMS - Messages are not going to the backout queue after the backout threshold is hit. | ||
| IT41229 | IBM MQ Java components incorrectly group Simplified Chinese CCSIDs936 and 1386 together as equivalent encodings | ||
| IT41233 | IBM MQ 9.3 installer incorrectly states that Windows 2016 is a valid target operating system | ||
| IT41407 | Update level of libcurl supplied with IBM MQ 9.2 and 9.3 LTS to libcurl 7.84.0 | ||
| IT41408 | Invalid queue manager name and PUTAPPLNAME in channel statisticsmessages | ||
| IT41412 | IBM MQ: JAVA.LANG.STACKOVERFLOWERROR caused by recursive function calls inside SessionWrapper. | ||
| IT41423 | Update Fabric Gateway, Jetty and CometD supplied with IBM MQ 9.3 LTS for the IBM MQ Bridge to Blockchain and Salesforce | ||
| IT41425 | Update the IBM MQ embedded WebSphere Liberty Profile to 22.0.0.6 | ||
| IT41438 | Update the JSON Java library to level 20220320 for IBM MQ | ||
| ✓ | ✓ | IT41495 | IBM MQ CVE-2022-32206 (security/integrity exposure) [CVSS base score 4.3] |
| ✓ | IT41568 | IBM MQ CVE-2022-24329 (security/integrity exposure) [CVSS base score 5.3] | |
| ✓ | IT41579 | IBM MQ CVE-2022-22476 and IBM MQ Appliance CVE-2022-22476 (security/integrity exposure) [CVSS base score 5] | |
| IT41589 | Update the IBM MQ embedded Websphere Liberty Server to 22.0.0.6 plus APAR PH48187 | ||
| IT41599 | Update DRBD packages supplied with IBM MQ 9.3 LTS | ||
| IT41602 | Update level of JSON-C supplied with IBM MQ 9.3 LTS to 0.16-20220414 | ||
| IT41603 | Deadlock occurs if a Managed File Transfer (MFT) agent that has resource monitors defined is started with trace enabled | ||
| IT41647 | IBM MQ generates FDC with probe identifier RM040001 and error code zrcI_NOT_FOUND from rriFreeSess function | ||
| ✓ | IT41682 | IBM MQ Appliance CVE-2022-32750 [CVSS base score 5.4], IBM MQ Appliance CVE-2022-31774 [CVSS base score 5.4] & IBM MQ Appliance CVE-2022-31775 [CVSS base score 5.5] | |
| IT41962 | IBM MQ Appliance Web UI displays 'admin' as the logged in user | ||
| ✓ | IT41997 | IBM MQ Appliance CVE-2022-40230 (security/integrity exposure) [CVSS base score 5] | |
| SE78246 | Update OpenSSL to 3.0. | ||
| SE78285 | AMQRSSLC creates stash file with incorrect name if .kdb extension specified. |
[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"ARM Category":[{"code":"a8m0z00000008MGAAY","label":"Install"}],"Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"9.3.0"}]
Was this topic helpful?
Document Information
Modified date:
28 June 2025
UID
ibm16695813