IBM Support

Fix list for IBM MQ Version 9.3 LTS

Fix Readme


Abstract

IBM MQ provides periodic maintenance for release 9.3. The following is a complete listing of available fixes grouped by maintenance delivery.

Content

This document describes both types of maintenance delivery - fix packs and cumulative security updates. For more information on the types of maintenance, refer to the IBM MQ release types section of the product documentation.
Release Type Release Date Total APARs Security APARs HIPER APARs
IBM MQ 9.3.0.3 Cumulative security update 26 January 2023 4 1 1
IBM MQ 9.3.0.2 Fix pack 21 December 2022 71 12 2
IBM MQ 9.3.0.1 Fix pack 22 September 2022 34 6 1

To download IBM MQ Fix and Refresh Packs follow this link. http://www.ibm.com/support/docview.wss?uid=swg27006037

Vulnerability risk information for IBM MQ can be found at Security Bulletin for IBM WebSphere MQ

Glossary of Terms

Example table

Security APAR HIPER APAR APAR
Description
AB12345
Example of Security APAR: CVE-XXXX-XXXXX (security/integrity exposure) [CVSS base score 5.3]
ZY98765
Example of a HIPER APAR
Note: The CVSS scoring information, listed in the fix list tables, is accurate at the time of release. Please review links contained in the referenced bulletins for additional information on scoring, including any retrospective changes to scores assigned by third parties.

IBM MQ 9.3.0.3 cumulative security update for Windows, UNIX, IBM i, IBM MQ Appliance

(Last modified: 26 January 2023)

Security APAR HIPER APAR APAR Description
IT42724 Description is not available (security/integrity exposure)[CVSS base score 6.5]
IT42725 Update Apache Commons Net level to 3.9.0 for IBM MQ
IT42853 IBM MQ Appliance M2002 migration from 9.2 to 9.3 fails if a floating IP address is assigned to a subset of configured High Availability queue managers
IT42761 Third party component updates for cumulative security update 9.3.0.3

IBM MQ 9.3.0.2 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance

(Last modified: 21 December 2022)

Security APAR HIPER APAR APAR Description
IT34707 IBM MQ classes for Java generated MQSTR format messages with message properties are always encoded in CCSID 1208
IT35513 The IBM MQ managed .Net client does not use the certificateLabel attribute specified in a CCDT
IT35772 The Message BFGUB0068E does not reflect the error of MFT data directory doesn't have write permission
IT36749 In IBM MQ 9.2 .Net client throws System.ArgumentException Exception when using MQGET with waitInterval
IT39332 IBM MQ appliance sethaint command does not notify the user about queue manager restart when floating IP is added
IT39358 SSL protocol exception reported by IBM MQ Java/JMS clients during TLS handshake when qmgr keystore has many certificates
IT39409 IBM MQ shows incorrect status when channel status is displayed with CONNAME('IP(PORT)')
IT39850 IBM MQ managed .NET client using uppercase certificatelabel via hashtable or MQEnvironment property fails.
IT40296 The DISPLAY CHSTATUS command incorrectly provides output for inactive channels
IT40554 Memory leak in IBM MQ amqzlaa0 process after MQRC_SYNCPOINT_LIMIT_REACHED is encountered
IT40838 IBM MQ client unable to connect to an IBM MQ version 8.0 or later queue manager when using SSPI security exit
IT40956 DISPLAY CHSTATUS for a SDR channel contained LONGRTS(0) SHORTRTS(0) but the channel had not retried many times
IT41012 IBM MQ agent process (amqzlaa0) terminates unexpectedly in queue full scenario
IT41035 Application terminates with FDC XC130003 due to memory exception(SIGSEGV) in TraceEntry in mqccred exit
IT41242 MFT Audit Information can incorrectly report DESTINATION_FILE_SIZE as -1 for a recovered transfer request
IT41272 Redistributable Java client incorrectly contains JMSAdmin tool
IT41354 IBM MQ 9.2 client might report a memory segmentation fault when JSON format CCDT file used along with TLS
IT41391 The endmqm command help/usage text does not list the "-t" and "-tp" options.
IT41422 IBM MQ for Linux writes FDC from 32-bit application reporting XC035011 and errno 22 from pthread_create
IT41424 Update the JRE to level 8.0.7.15 on AIX, Linux, Solaris, Windows, and 8.0.7.10 on HP-UX for IBM MQ
IT41479 Update level of GSKit supplied with IBM MQ 9.3 to GSKit 8.0.55.29
IT41482 IBM MQ Console is missing certain attributes in the queue storage panel.
IT41530 The dmpmqmsg utility is not able to browse an AMS-protected queue containing a message larger than 6700 bytes
IT41695 IBM MQ Console reports MQWB2013E error containing reason code 2085 when trying to administer queues in a QSG
IT41697 IBM MQ 9.3 XMS .Net client hangs on dispose of ISession
IT41777 IBM MQ-RA activation specification running in non-ASF mode in WebSphere Application Server pauses prematurely
IT41811 IBM MQ .NET applications hang during reconnection when connected to a uniform cluster.
IT41904 FDC record with Probe ID CO373099 does not include the peer connection name in the header
IT41919 Channels fail to start with MQRC_SSL_INITIALIZATION_ERROR (2393)when using TLS1.3 with SSLFIPS(YES)
IT42017 Managed File Transfer (MFT) agent shuts down due to reason code 2017 when using the multiple channel functionality
IT42021 Description is not available (security/integrity exposure)[CVSS base score 5.4]
IT42024 Update the WebSphere Liberty Profile to 22.0.0.9 plus Interim Fixes PH46816 and PH48810
IT42098 Description is not available (security/integrity exposure)[CVSS base score 6.2 & 8.2]
IT42100 Description is not available (security/integrity exposure)[CVSS base score 5.3]
IT42142 Error message AMQ9575 is incorrect for non-English languages
IT42173 MQCONNX fails with MQRC_SSL_INITIALIZATION_ERROR (2393) if multiple hostnames and SSLPeerName are specified
IT42204 Description is not available (security/integrity exposure)[CVSS base score 4]
IT42209 Description is not available (security/integrity exposure)[CVSS base score 7.5]
IT42253 Deadlock occurs if trace is enabled on a managed file transfer (MFT) 9.3.0.1 agent that has resource monitors defined
IT42280 Description is not available (security/integrity exposure)[CVSS base score 7.5]
IT42291 Update the Hyperledger Fabric Gateway, Jetty and CometD for IBM MQ 9.3 LTS for the IBM MQ Bridge to Blockchain/Salesforce
IT42321 MQ command ffstsummary.exe fails to read FDC files more than 2 GB in size
IT42324 Update Bouncy Castle shipped by IBM MQ 9.3 LTS to version 1.72
IT42325 Upgrade ICU4J for IBM MQ MFT to 72.1
IT42326 Update JSON shipped by IBM MQ 9.3 LTS to version 20220924
IT42327 Upgrade the Apache qpid-proton-j level for IBM MQ to qpid-proton-j 0.34.0
IT42328 Update IBM Sterling c:d Application Interface for Java (CDJAI) to 1.1.0.1
IT42330 Update FasterXML (jackson library) to the latest version .
IT42342 Description is not available (security/integrity exposure)[CVSS base score 5.3]
IT42343 Description is not available (security/integrity exposure)[CVSS base score 5.7]
IT42344 Description is not available (security/integrity exposure)[CVSS base score 6.2]
IT42349 Update level of zlib supplied with IBM MQ 9.3 LTS to 1.2.13
IT42351 Update level of libedit supplied with IBM MQ 9.3 LTS to 0:69:0 (20221009-3.1)
IT42386 Update DRBD and Pacemaker packages supplied with IBM MQ 9.3 LTS
IT42418 Update the WebSphere Liberty Profile to 22.0.0.12
IT42420 IBM MQ Appliance RAID battery high temperature warning can be given incorrectly at 40 degrees C
IT42444 Updates to internal firmware components on the IBM MQ Appliance
IT42445 Kernel modules to enable support for RDQM on RHEL 8.7 (Kernel level 4.18.0-425)
IT42456 Update the IBM JRE to level 8.0.7.20 (AIX, Linux, Solaris, and Windows) for IBM MQ
IT42457 Description is not available (security/integrity exposure)[CVSS base score 5.3]
IT42527 Update level of libcurl supplied with IBM MQ 9.3 LTS to 7.86.0
IT42613 Description is not available (security/integrity exposure)[CVSS base score 6.5]
SE78032 AMS reports error message incorrectly when journaling on PEM files.
SE78411 Several IBM MQ on IBM i CL commands run with in a panel then F5 refresh causes SEGV
SE78457 ENDMQM looping in QUIESCING state when utility manager thread ended unexpectly
SE78501 AMQRMPPA AMQZLAA0 jobs running is wrong subsystem(QMQM) after configuration of custom subsystem
SE78600 IBM MQ authority record not shown.
SE78659 Command WRKMQMQSTS with *CONNAME filter may hang or crash IBM MQ queue manager.
SE78732 IBM MQ 9.2: Queue manager fails to start across user profiles with different CCSID.
SE78810 Update level of OpenSSL shipped with IBM MQ 9.3 LTS on IBM i to OpenSSL 3.0.7
SE78814 Description is not available (security/integrity exposure)[CVSS base score 7.5]

IBM MQ 9.3.0.1 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance

(Last modified: 22 September 2022)

Security APAR HIPER APAR APAR Description
IT33206 IBM MQ CVE-2022-31772 [CVSS base score 5.3]
IT37148 FDCs with probe identifiers RM632001/RM632002 are generated while running an IBM MQ C client application
IT38770 fteListMonitors can display monitor details twice if the monitor configuration is being updated when it is run
IT39231 IBM MQ 9.2 LTS fix pack rpm installer does not correctly prohibit application to a 9.2.x CD installation
IT39802 IBM MQ Java/JMS application appears to hang when connecting to a non-responsive queue manager
IT39919 IBM MQ resource adapter logs large MQJCA4023 messages if an activation specification fails to connect to a queue manager
IT39972 IBM MQ Classes for Java/IBM MQ JMS for Java with trace enabled can result in unexpected increased indentation for methods
IT40168 fteDeleteAgent with the -f option does not remove resource monitor publications from coordination queue manager
IT40502 Security exit user data (SCYDATA) is not passed to a security exit when using the IBM MQ classes for Java and a CCDT
IT40532 Managed File Transfer destination agent stops and generates an ABEND file containing a java.nio.file.InvalidPathException
IT40577 AMQP clients intermittently stop receiving messages from the IBM MQ AMQP service after upgrading to IBM MQ 9.2.0.4
IT40648 FDCs generated in user application with ProbeId ZT424000 from component zutLookupRelease
IT40776 NullPointerException observed when a security exit is being called concurrently on multiple threads.
IT40791 IBM MQ Classes for JMS - Messages are not going to the backout queue after the backout threshold is hit.
IT41229 IBM MQ Java components incorrectly group Simplified Chinese CCSIDs936 and 1386 together as equivalent encodings
IT41233 IBM MQ 9.3 installer incorrectly states that Windows 2016 is a valid target operating system
IT41407 Update level of libcurl supplied with IBM MQ 9.2 and 9.3 LTS to libcurl 7.84.0
IT41408 Invalid queue manager name and PUTAPPLNAME in channel statisticsmessages
IT41412 IBM MQ: JAVA.LANG.STACKOVERFLOWERROR caused by recursive function calls inside SessionWrapper.
IT41423 Update Fabric Gateway, Jetty and CometD supplied with IBM MQ 9.3 LTS for the IBM MQ Bridge to Blockchain and Salesforce
IT41425 Update the IBM MQ embedded WebSphere Liberty Profile to 22.0.0.6
IT41438 Update the JSON Java library to level 20220320 for IBM MQ
IT41495 Description is not yet available (security/integrity exposure) [CVSS base score 4.3]
IT41568 IBM MQ CVE-2022-24329 [CVSS base score 5.3]
IT41579 Description is not yet available (security/integrity exposure) [CVSS base score 5]
IT41589 Update the IBM MQ embedded Websphere Liberty Server to 22.0.0.6 plus APAR PH48187
IT41599 Update DRBD packages supplied with IBM MQ 9.3 LTS
IT41602 Update level of JSON-C supplied with IBM MQ 9.3 LTS to 0.16-20220414
IT41603 Deadlock occurs if a Managed File Transfer (MFT) agent that has resource monitors defined is started with trace enabled
IT41647 IBM MQ generates FDC with probe identifier RM040001 and error code zrcI_NOT_FOUND from rriFreeSess function
IT41682 IBM MQ Appliance CVE-2022-32750 [CVSS base score 5.4], IBM MQ Appliance CVE-2022-31774 [CVSS base score 5.4] & IBM MQ Appliance CVE-2022-31775 [CVSS base score 5.5]
IT41997 Description is not yet available (security/integrity exposure) [CVSS base score 5]
SE78246 Update OpenSSL to  3.0.
SE78285 AMQRSSLC creates stash file with incorrect name if .kdb extension specified.

[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"ARM Category":[{"code":"a8m0z00000008MGAAY","label":"Install"}],"Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"9.3.0"}]

Document Information

Modified date:
26 January 2023

UID

ibm16695813