Fix Readme
Abstract
IBM MQ provides periodic maintenance for release 9.3. The following is a complete listing of available fixes grouped by maintenance delivery.
Content
This document describes both types of maintenance delivery - fix packs and cumulative security updates. For more information on the types of maintenance, refer to the IBM MQ release types section of the product documentation.
| Release Type | Release Date | Total APARs | Security APARs | HIPER APARs | |
| IBM MQ 9.3.0.3 | Cumulative security update | 26 January 2023 | 4 | 1 | 1 |
| IBM MQ 9.3.0.2 | Fix pack | 21 December 2022 | 71 | 12 | 2 |
| IBM MQ 9.3.0.1 | Fix pack | 22 September 2022 | 34 | 6 | 1 |
To download IBM MQ Fix and Refresh Packs follow this link. http://www.ibm.com/support/docview.wss?uid=swg27006037
Vulnerability risk information for IBM MQ can be found at Security Bulletin for IBM WebSphere MQ
Example table
| Security APAR | HIPER APAR | APAR |
Description
|
| ✓ | AB12345 |
Example of Security APAR: CVE-XXXX-XXXXX (security/integrity exposure) [CVSS base score 5.3]
|
|
| ✓ | ZY98765 |
Example of a HIPER APAR
|
Note: The CVSS scoring information, listed in the fix list tables, is accurate at the time of release. Please review links contained in the referenced bulletins for additional information on scoring, including any retrospective changes to scores assigned by third parties.
IBM MQ 9.3.0.3 cumulative security update for Windows, UNIX, IBM i, IBM MQ Appliance
(Last modified: 26 January 2023)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT42724 | Description is not available (security/integrity exposure)[CVSS base score 6.5] | |
| IT42725 | Update Apache Commons Net level to 3.9.0 for IBM MQ | ||
| ✓ | IT42853 | IBM MQ Appliance M2002 migration from 9.2 to 9.3 fails if a floating IP address is assigned to a subset of configured High Availability queue managers | |
| IT42761 | Third party component updates for cumulative security update 9.3.0.3 |
IBM MQ 9.3.0.2 fix pack for Windows, UNIX®, IBM i, IBM MQ Appliance
(Last modified: 21 December 2022)
| Security APAR | HIPER APAR | APAR | Description |
| IT34707 | IBM MQ classes for Java generated MQSTR format messages with message properties are always encoded in CCSID 1208 | ||
| IT35513 | The IBM MQ managed .Net client does not use the certificateLabel attribute specified in a CCDT | ||
| IT35772 | The Message BFGUB0068E does not reflect the error of MFT data directory doesn't have write permission | ||
| IT36749 | In IBM MQ 9.2 .Net client throws System.ArgumentException Exception when using MQGET with waitInterval | ||
| IT39332 | IBM MQ appliance sethaint command does not notify the user about queue manager restart when floating IP is added | ||
| IT39358 | SSL protocol exception reported by IBM MQ Java/JMS clients during TLS handshake when qmgr keystore has many certificates | ||
| IT39409 | IBM MQ shows incorrect status when channel status is displayed with CONNAME('IP(PORT)') | ||
| IT39850 | IBM MQ managed .NET client using uppercase certificatelabel via hashtable or MQEnvironment property fails. | ||
| IT40296 | The DISPLAY CHSTATUS command incorrectly provides output for inactive channels | ||
| IT40554 | Memory leak in IBM MQ amqzlaa0 process after MQRC_SYNCPOINT_LIMIT_REACHED is encountered | ||
| IT40838 | IBM MQ client unable to connect to an IBM MQ version 8.0 or later queue manager when using SSPI security exit | ||
| IT40956 | DISPLAY CHSTATUS for a SDR channel contained LONGRTS(0) SHORTRTS(0) but the channel had not retried many times | ||
| IT41012 | IBM MQ agent process (amqzlaa0) terminates unexpectedly in queue full scenario | ||
| IT41035 | Application terminates with FDC XC130003 due to memory exception(SIGSEGV) in TraceEntry in mqccred exit | ||
| IT41242 | MFT Audit Information can incorrectly report DESTINATION_FILE_SIZE as -1 for a recovered transfer request | ||
| IT41272 | Redistributable Java client incorrectly contains JMSAdmin tool | ||
| IT41354 | IBM MQ 9.2 client might report a memory segmentation fault when JSON format CCDT file used along with TLS | ||
| IT41391 | The endmqm command help/usage text does not list the "-t" and "-tp" options. | ||
| IT41422 | IBM MQ for Linux writes FDC from 32-bit application reporting XC035011 and errno 22 from pthread_create | ||
| IT41424 | Update the JRE to level 8.0.7.15 on AIX, Linux, Solaris, Windows, and 8.0.7.10 on HP-UX for IBM MQ | ||
| IT41479 | Update level of GSKit supplied with IBM MQ 9.3 to GSKit 8.0.55.29 | ||
| IT41482 | IBM MQ Console is missing certain attributes in the queue storage panel. | ||
| IT41530 | The dmpmqmsg utility is not able to browse an AMS-protected queue containing a message larger than 6700 bytes | ||
| IT41695 | IBM MQ Console reports MQWB2013E error containing reason code 2085 when trying to administer queues in a QSG | ||
| IT41697 | IBM MQ 9.3 XMS .Net client hangs on dispose of ISession | ||
| IT41777 | IBM MQ-RA activation specification running in non-ASF mode in WebSphere Application Server pauses prematurely | ||
| IT41811 | IBM MQ .NET applications hang during reconnection when connected to a uniform cluster. | ||
| IT41904 | FDC record with Probe ID CO373099 does not include the peer connection name in the header | ||
| IT41919 | Channels fail to start with MQRC_SSL_INITIALIZATION_ERROR (2393)when using TLS1.3 with SSLFIPS(YES) | ||
| IT42017 | Managed File Transfer (MFT) agent shuts down due to reason code 2017 when using the multiple channel functionality | ||
| ✓ | IT42021 | Description is not available (security/integrity exposure)[CVSS base score 5.4] | |
| IT42024 | Update the WebSphere Liberty Profile to 22.0.0.9 plus Interim Fixes PH46816 and PH48810 | ||
| ✓ | ✓ | IT42098 | Description is not available (security/integrity exposure)[CVSS base score 6.2 & 8.2] |
| ✓ | IT42100 | Description is not available (security/integrity exposure)[CVSS base score 5.3] | |
| IT42142 | Error message AMQ9575 is incorrect for non-English languages | ||
| IT42173 | MQCONNX fails with MQRC_SSL_INITIALIZATION_ERROR (2393) if multiple hostnames and SSLPeerName are specified | ||
| ✓ | IT42204 | Description is not available (security/integrity exposure)[CVSS base score 4] | |
| ✓ | IT42209 | Description is not available (security/integrity exposure)[CVSS base score 7.5] | |
| IT42253 | Deadlock occurs if trace is enabled on a managed file transfer (MFT) 9.3.0.1 agent that has resource monitors defined | ||
| ✓ | IT42280 | Description is not available (security/integrity exposure)[CVSS base score 7.5] | |
| IT42291 | Update the Hyperledger Fabric Gateway, Jetty and CometD for IBM MQ 9.3 LTS for the IBM MQ Bridge to Blockchain/Salesforce | ||
| IT42321 | MQ command ffstsummary.exe fails to read FDC files more than 2 GB in size | ||
| IT42324 | Update Bouncy Castle shipped by IBM MQ 9.3 LTS to version 1.72 | ||
| IT42325 | Upgrade ICU4J for IBM MQ MFT to 72.1 | ||
| IT42326 | Update JSON shipped by IBM MQ 9.3 LTS to version 20220924 | ||
| IT42327 | Upgrade the Apache qpid-proton-j level for IBM MQ to qpid-proton-j 0.34.0 | ||
| IT42328 | Update IBM Sterling c:d Application Interface for Java (CDJAI) to 1.1.0.1 | ||
| IT42330 | Update FasterXML (jackson library) to the latest version . | ||
| ✓ | IT42342 | Description is not available (security/integrity exposure)[CVSS base score 5.3] | |
| ✓ | IT42343 | Description is not available (security/integrity exposure)[CVSS base score 5.7] | |
| ✓ | IT42344 | Description is not available (security/integrity exposure)[CVSS base score 6.2] | |
| IT42349 | Update level of zlib supplied with IBM MQ 9.3 LTS to 1.2.13 | ||
| IT42351 | Update level of libedit supplied with IBM MQ 9.3 LTS to 0:69:0 (20221009-3.1) | ||
| IT42386 | Update DRBD and Pacemaker packages supplied with IBM MQ 9.3 LTS | ||
| IT42418 | Update the WebSphere Liberty Profile to 22.0.0.12 | ||
| IT42420 | IBM MQ Appliance RAID battery high temperature warning can be given incorrectly at 40 degrees C | ||
| IT42444 | Updates to internal firmware components on the IBM MQ Appliance | ||
| IT42445 | Kernel modules to enable support for RDQM on RHEL 8.7 (Kernel level 4.18.0-425) | ||
| IT42456 | Update the IBM JRE to level 8.0.7.20 (AIX, Linux, Solaris, and Windows) for IBM MQ | ||
| ✓ | IT42457 | Description is not available (security/integrity exposure)[CVSS base score 5.3] | |
| IT42527 | Update level of libcurl supplied with IBM MQ 9.3 LTS to 7.86.0 | ||
| ✓ | ✓ | IT42613 | Description is not available (security/integrity exposure)[CVSS base score 6.5] |
| SE78032 | AMS reports error message incorrectly when journaling on PEM files. | ||
| SE78411 | Several IBM MQ on IBM i CL commands run with in a panel then F5 refresh causes SEGV | ||
| SE78457 | ENDMQM looping in QUIESCING state when utility manager thread ended unexpectly | ||
| SE78501 | AMQRMPPA AMQZLAA0 jobs running is wrong subsystem(QMQM) after configuration of custom subsystem | ||
| SE78600 | IBM MQ authority record not shown. | ||
| SE78659 | Command WRKMQMQSTS with *CONNAME filter may hang or crash IBM MQ queue manager. | ||
| SE78732 | IBM MQ 9.2: Queue manager fails to start across user profiles with different CCSID. | ||
| SE78810 | Update level of OpenSSL shipped with IBM MQ 9.3 LTS on IBM i to OpenSSL 3.0.7 | ||
| ✓ | SE78814 | Description is not available (security/integrity exposure)[CVSS base score 7.5] |
(Last modified: 22 September 2022)
| Security APAR | HIPER APAR | APAR | Description |
| ✓ | IT33206 | IBM MQ CVE-2022-31772 [CVSS base score 5.3] | |
| IT37148 | FDCs with probe identifiers RM632001/RM632002 are generated while running an IBM MQ C client application | ||
| IT38770 | fteListMonitors can display monitor details twice if the monitor configuration is being updated when it is run | ||
| IT39231 | IBM MQ 9.2 LTS fix pack rpm installer does not correctly prohibit application to a 9.2.x CD installation | ||
| IT39802 | IBM MQ Java/JMS application appears to hang when connecting to a non-responsive queue manager | ||
| IT39919 | IBM MQ resource adapter logs large MQJCA4023 messages if an activation specification fails to connect to a queue manager | ||
| IT39972 | IBM MQ Classes for Java/IBM MQ JMS for Java with trace enabled can result in unexpected increased indentation for methods | ||
| IT40168 | fteDeleteAgent with the -f option does not remove resource monitor publications from coordination queue manager | ||
| IT40502 | Security exit user data (SCYDATA) is not passed to a security exit when using the IBM MQ classes for Java and a CCDT | ||
| IT40532 | Managed File Transfer destination agent stops and generates an ABEND file containing a java.nio.file.InvalidPathException | ||
| IT40577 | AMQP clients intermittently stop receiving messages from the IBM MQ AMQP service after upgrading to IBM MQ 9.2.0.4 | ||
| IT40648 | FDCs generated in user application with ProbeId ZT424000 from component zutLookupRelease | ||
| IT40776 | NullPointerException observed when a security exit is being called concurrently on multiple threads. | ||
| IT40791 | IBM MQ Classes for JMS - Messages are not going to the backout queue after the backout threshold is hit. | ||
| IT41229 | IBM MQ Java components incorrectly group Simplified Chinese CCSIDs936 and 1386 together as equivalent encodings | ||
| IT41233 | IBM MQ 9.3 installer incorrectly states that Windows 2016 is a valid target operating system | ||
| IT41407 | Update level of libcurl supplied with IBM MQ 9.2 and 9.3 LTS to libcurl 7.84.0 | ||
| IT41408 | Invalid queue manager name and PUTAPPLNAME in channel statisticsmessages | ||
| IT41412 | IBM MQ: JAVA.LANG.STACKOVERFLOWERROR caused by recursive function calls inside SessionWrapper. | ||
| IT41423 | Update Fabric Gateway, Jetty and CometD supplied with IBM MQ 9.3 LTS for the IBM MQ Bridge to Blockchain and Salesforce | ||
| IT41425 | Update the IBM MQ embedded WebSphere Liberty Profile to 22.0.0.6 | ||
| IT41438 | Update the JSON Java library to level 20220320 for IBM MQ | ||
| ✓ | ✓ | IT41495 | Description is not yet available (security/integrity exposure) [CVSS base score 4.3] |
| ✓ | IT41568 | IBM MQ CVE-2022-24329 [CVSS base score 5.3] | |
| ✓ | IT41579 | Description is not yet available (security/integrity exposure) [CVSS base score 5] | |
| IT41589 | Update the IBM MQ embedded Websphere Liberty Server to 22.0.0.6 plus APAR PH48187 | ||
| IT41599 | Update DRBD packages supplied with IBM MQ 9.3 LTS | ||
| IT41602 | Update level of JSON-C supplied with IBM MQ 9.3 LTS to 0.16-20220414 | ||
| IT41603 | Deadlock occurs if a Managed File Transfer (MFT) agent that has resource monitors defined is started with trace enabled | ||
| IT41647 | IBM MQ generates FDC with probe identifier RM040001 and error code zrcI_NOT_FOUND from rriFreeSess function | ||
| ✓ | IT41682 | IBM MQ Appliance CVE-2022-32750 [CVSS base score 5.4], IBM MQ Appliance CVE-2022-31774 [CVSS base score 5.4] & IBM MQ Appliance CVE-2022-31775 [CVSS base score 5.5] | |
| ✓ | IT41997 | Description is not yet available (security/integrity exposure) [CVSS base score 5] | |
| SE78246 | Update OpenSSL to 3.0. | ||
| SE78285 | AMQRSSLC creates stash file with incorrect name if .kdb extension specified. |
[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"ARM Category":[{"code":"a8m0z00000008MGAAY","label":"Install"}],"Platform":[{"code":"PF002","label":"AIX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"9.3.0"}]
Was this topic helpful?
Document Information
Modified date:
26 January 2023
UID
ibm16695813