Product Readmes
Abstract
Fixes for WebSphere Application Server Liberty are delivered in fix packs periodically. This is a complete listing of all the fixes for Liberty with the latest fixes at the top.
New fix pack numbering is introduced. Fix pack 16.0.0.2 for WebSphere Application Server Liberty is the first of a series of common Liberty levels that apply to both Version 8.5 and Version 9.0 of WebSphere Application Server on all supported platforms.
Content
Release Date
|
Total number of APARs
|
Total number of Security APARs
|
Total number of Open Liberty Release Fixes
|
||
---|---|---|---|---|---|
![]() |
7 June 2022
|
3
|
2
|
13
|
|
![]() |
10 May 2022
|
4
|
0
|
14
|
|
![]() |
12 April 2022
|
5
|
0
|
13
|
|
![]() |
15 March 2022
|
4
|
2
|
20
|
|
![]() |
15 February 2022
|
7
|
2
|
16
|
|
![]() |
18 January 2022
|
6
|
2
|
18
|
|
![]() |
3 December 2021
|
1
|
0
|
12
|
|
![]() |
21.0.0.11 |
5 November 2021
|
2
|
0
|
17
|
![]() |
8 October 2021
|
5
|
2
|
14
|
|
![]() |
10 September 2021
|
3
|
0
|
11
|
|
![]() |
13 August 2021
|
1
|
0
|
7
|
|
![]() |
15 July 2021
|
4
|
1
|
14
|
|
![]() |
18 June 2021
|
2
|
0
|
11
|
|
![]() |
21 May 2021
|
4
|
0
|
19
|
|
![]() |
23 April 2021
|
3
|
2
|
12
|
|
![]() |
26 March 2021
|
2
|
0
|
18
|
|
![]() |
26 February 2021
|
3
|
0
|
12
|
|
![]() |
29 January 2021
|
2
|
0
|
24
|
|
![]() |
27 November 2020
|
6
|
0
|
16
|
|
![]() |
30 October 2020
|
2
|
1
|
12
|
|
![]() |
2 October 2020
|
6
|
1
|
11
|
|
![]() |
4 September 2020
|
4
|
0
|
10
|
|
![]() |
7 August 2020
|
2
|
0
|
10
|
|
![]() |
9 July 2020
|
2
|
0
|
14
|
|
![]() |
12 June 2020
|
4
|
0
|
15
|
|
![]() |
15 May 2020
|
3
|
2
|
14
|
|
![]() |
17 April 2020
|
6
|
1
|
19
|
|
![]() |
20 March 2020
|
6
|
1
|
18
|
|
![]() |
21 February 2020
|
11
|
2
|
29
|
|
![]() |
24 January 2020
|
2
|
1
|
23
|
|
![]() |
19.0.0.12 | 13 December 2019 | 1 | 1 | 13 |
![]() |
19.0.0.11 | 15 November 2019 | 8 | 2 | 19 |
![]() |
19.0.0.10 | 18 October 2019 | 8 | 2 | 18 |
![]() |
19.0.0.9 | 20 September 2019 | 6 | 1 | 9 |
![]() |
19.0.0.8 | 23 August 2019 | 6 | 0 | 19 |
![]() |
19.0.0.7 | 25 July 2019 | 4 | 1 | 14 |
![]() |
19.0.0.6 | 28 June 2019 | 5 | 0 | 8 |
![]() |
19.0.0.5 | 31 May 2019 | 3 | 0 | 8 |
![]() |
3 May 2019
|
4
|
1
|
15
|
|
![]() |
5 April 2019
|
10
|
1
|
25
|
|
![]() |
8 March 2019
|
9
|
0
|
18
|
|
![]() |
8 February 2019 | 11 | 1 | 24 | |
![]() |
14 December 2018
|
29
|
3
|
50
|
|
![]() |
21 September 2018
|
31
|
5
|
38
|
|
![]() |
29 June 2018
|
45
|
1
|
29
|
|
![]() |
16 March 2018
|
32
|
3
|
84
|
|
![]() |
21 December 2017
|
54
|
2
|
||
![]() |
17 October 2017
|
109
|
3
|
||
![]() |
13 June 2017
|
115
|
1
|
||
![]() |
14 March 2017
|
90
|
0
|
||
![]() |
13 December 2016
|
103
|
1
|
||
![]() |
16 September 2016
|
107
|
7
|
||
![]() |
24 June 2016
|
121
|
5
|
||
![]() |
18 March 2016
|
141
|
2
|
||
![]() |
11 December 2015
|
78
|
2
|
||
![]() |
11 September 2015
|
||||
![]() |
26 June 2015
|
||||
![]() |
13 March 2015
|
||||
![]() |
8 December 2014
|
||||
![]() |
18 August 2014
|
||||
![]() |
28 April 2014
|
||||
![]() |
11 November 2013
|
||||
![]() |
14 June 2013
|
Fix pack 22.0.0.6
|
||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 7 June 2022
Last modified: 7 June 2022 Status: Recommended ![]()
Open Liberty Release fixes
|
Fix pack 22.0.0.5
|
||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 10 May 2022
Last modified: 10 May 2022 Status: Recommended ![]()
Open Liberty Release fixes
|
Fix pack 22.0.0.4
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 12 April 2022
Last modified: 12 April 2022 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 22.0.0.3
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 15 March 2022
Last modified: 15 March 2022 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 22.0.0.2
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 15 February 2022
Last modified: 15 February 2022 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 22.0.0.1
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 18 January 2022
Last modified: 18 January 2022 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.12
|
||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 3 December 2021
Last modified: 3 December 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.11
|
||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 5 November 2021
Last modified: 5 November 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.10
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 8 October 2021
Last modified: 8 October 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.9
|
||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 10 September 2021
Last modified: 10 September 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.8
|
||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 13 August 2021
Last modified: 13 August 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.7
|
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 15 July 2021
Last modified: 15 July 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.6
|
||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 18 June 2021
Last modified: 18 June 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.5
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 21 May 2021 Last modified: 21 May 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.4
|
||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 23 April 2021 Last modified: 23 April 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.3
|
|||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 26 March 2021 Last modified: 26 March 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.2
|
||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 26 February 2021 Last modified: 26 February 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 21.0.0.1
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 29 January 2021 Last modified: 29 January 2021 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.12
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 27 November 2020 Last modified: 27 November 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.11
|
||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 30 October 2020 Last modified: 30 October 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.10
|
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 2 October 2020 Last modified: 2 October 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.9
|
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 4 September 2020 Last modified: 4 September 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.8
|
||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 7 August 2020 Last modified: 7 August 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.7
|
||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 9 July 2020 Last modified: 9 July 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.6
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 12 June 2020 Last modified: 12 June 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.5
|
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 15 May 2020 Last modified: 15 May 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.4
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 17 April 2020 Last modified: 17 April 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.3
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 20 March 2020 Last modified: 20 March 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.2
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 21 February 2020 Last modified: 21 February 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 20.0.0.1
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 24 January 2020 Last modified: 24 January 2020 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.12
|
||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 13 December 2019 Last modified: 13 December 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.11
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 15 November 2019
Last modified: 15 November 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.10
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 18 October 2019 Last modified: 18 October 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.9
|
||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 20 September 2019 Last modified: 20 September 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.8
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 23 August 2019 Last modified: 23 August 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.7
|
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 25 July 2019 Last modified: 25 July 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.6
|
||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 28 June 2019 Last modified: 28 June 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.5
|
||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 31 May 2019 Last modified: 31 May 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.4
|
|||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 3 May 2019 Last modified: 3 May 2019 Status: superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.3
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 5 April 2019 Last modified: 5 April 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.2
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 8 March 2019 Last modified: 8 March 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 19.0.0.1
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 8 February 2019 Last modified: 8 February 2019 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 18.0.0.4
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 14 December 2018 Last modified: 14 December 2018 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 18.0.0.3
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 21 September 2018 Last modified: 21 September 2018 Status: Superseded ![]()
Open Liberty Release fixes
|
Fix pack 18.0.0.2
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 29 June 2018 Last modified: 29 June 2018 Status: Superseded ![]()
|
Fix pack 18.0.0.1
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 16 March 2018 Last modified: 16 March 2018 Status: Superseded ![]()
|
Fix pack 17.0.0.4
|
|
Fix release date: 21 December 2017 Last modified: 21 December 2017 Status: Superseded ![]() |
|
Component
|
Security APAR
|
APAR
|
Description
|
EJB Container |
✓
|
PI89936 | Vulnerability in Apache Commons affects EJB Embeddable Container and JPA Client (CVE-2015-7450) |
General | PI80333 | Support CPU constraints in ProductInsights | |
PI82233 | Non-daemon threads are created with remote EJB using the IIOP transport | ||
PI82510 | Liberty appserver automatically decompresses the bodies of incoming http-soap messages | ||
PI82557 | TCP Channel access lists not documented | ||
PI84016 | OpenJPA orm.xml default schema used over 'openjpa.jdbc.Schema' property | ||
PI84349 | Liberty Oauth 2.0 may encounter a SQL syntax error for the option "LIMIT" during cleanup | ||
PI84428 | ArrayIndexOutOfBoundsException from OpenJPA for query on EmbeddedId | ||
PI85402 | EclipseLink does not recognize Java 9 platform | ||
PI86208 | Cannot decode IOR due to ClassCastException | ||
PI86321 | Liberty OpenID Connect Relying Party does not handle large id_tokens in implicit logins | ||
PI86840 | Eclipselink generates sequence IDs incorrectly for @EmbeddedId classes that are shared across multiple entities | ||
PI86914 | Correct mapper is not chosen due to the order and when mapper classes are represented by proxy object due to injection | ||
PI87557 | Null pointer exception when TAI returns NULL TAIResult | ||
PI87565 | OutOfMemory issues from webcontainer component WebComponentMetaDataImpl | ||
PI88051 | Application reload when a JSP file under WEB-INF is updated | ||
PI88485 | The groupProperties membershipAttribute does not work when filters exist | ||
PI88618 | CWPMI0010W was found in the messages.log | ||
PI88620 | Performance degredation when federating SAF registry | ||
PI89003 | Help tet for the BatchManager listJobs command is unclear | ||
PI89041 | FFDC java.lang.IllegalStateException: Module has been uninstalled. occurs when dynamically configuring Liberty | ||
PI89278 | Incorrect value of FreeConnectionCount | ||
PI89446 | Product Insights throws NullPointerException | ||
PI89584 | Certain early startup and product script messages are not properly translated into non-English languages | ||
PI89672 | OutOfMemoryError in ArrayList containing objects of type com.ibm.ws.logging.internal.impl.IntrospectionLevelMember | ||
PI90013 | 30 second delays for remote EJB when running as a collective member | ||
PI90154 | BluemixUtility fails to create/delete instances of Watson Discovery service | ||
PI90282 | CWWKB015E IWMEJOIN return code 2,135 during servlet read listener | ||
PI90699 | ProductInsights errors after resuming from 'sleep' state | ||
Java Persistence API (JPA) | PI80863 | Issue with the way OpenJPA caches and reuses query parameters for BETWEEN expressions when OpenJPA's QueryCache property enabled | |
PI81260 | OpenJPA does not pass-through SSL connection properties that set using openjpa.ConnectionProperties when creating Db2 connection | ||
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI88288 | jsf-2.0 MyFaces error handling cannot be enabled in production project stage | |
PI88850 | High CPU issues from org/apache/myfaces/ | ||
PI89168 | Protected-view not working in Liberty 16.0.0.4 | ||
PI89363 | ProtectedViewException for a protectedview access while checking the OriginJeader for appContextpath | ||
PI90507 | Instances of action listener in a FaceLet are not being removed until app shutdown | ||
PI90509 | Fix for MYFACES-3752 | ||
Liberty Application Services | PI69483 | Removing IBM-App-ForceRestart header causes applications not restarted | |
Liberty Kernel | PI90930 | Open Liberty Rollup for 17.0.0.4 | |
Liberty z/OS | PI86596 | Removal of possibly misleading FFDC z/OS liberty Async Servlet support | |
PI90060 | Messages occurring very early at startup are not printed to the MVS console when requested in the zosLogging configuration | ||
PI90429 | When starting a Liberty server as a started task on z/OS from the server script there is no option to specify a job name | ||
Performance Monitoring Tools | PI81367 | java.lang.ClassNotFoundException dumped in the FFCD log file when PMI monitor feature is enabled | |
PI87599 | ConnectionPoolStats MBean was not available if enabled the trace with com.ibm.websphere.monitor.*=all | ||
Security | PI88769 | Liberty 17.0.0.2 is throwing ClassCastException when calling ibm_security_logout with Extreme Scale feature enabled | |
Session Initiation Protocol (SIP) Container | PI78794 | The SIP Container fails to parse a message when the size exceeds 2048 bytes and double CRLF is sent before the message | |
PI79119 | With number.of.parse.errors.allowed set to -1 WebSphere drops well formed requests | ||
Systems Management Functions | PI81552 | Application state becomes stale at the Liberty collective controller | |
PI83274 | Incorrect collective member status shown in Admin Center | ||
PI88296 | Password protected ssh keys cannot be used for remote host authentication | ||
Web Services Security | PI84359 | OIDC WASReqURLOidcp cookie constantly grow when LTPA token expired | |
✓
|
PI89103 | OpenSAML used by WebSphere Liberty contains XML external entity (XXE) vulnerability (CVE-2013-6440) | |
PI89575 | LTPA cookie is not created in certain single sign-on scenarios | ||
WebSphere Compute Grid | PI88583 | In WebSphere Liberty 17.0.0.x Java batch executor fails with CWWKS0800E error |
Fix pack 17.0.0.3
|
|
Fix release date: 17 October 2017 Last modified: 17 October 2017 Status: Superseded ![]() |
|
Component
|
Security APAR
|
APAR
|
Description
|
Dynamic Cache | PI78148 | SRVE0014E from servlet caching | |
PI78552 | DYNA1064E is logged on some dynacache APIs when the underlying cacheprovider does not support disk caching | ||
EJB Container | PI87472 | EJB remote injection fails with NPE if ORB not yet available | |
Federated Repositories | PI05723 | Handle long data type from VMM for extended properties | |
PI79440 | NullPointerException in URBridgeXPathHelper.getExpression() | ||
PI79452 | NPE in LdapConfigManager.getSupportedProperties() | ||
PI81497 | When one base DN is the subset of another in a federated repository, LDAP failures occur | ||
PM95697 | LDAP contexts getting leaked after first connection exception | ||
General | PI77400 | BBOA1INV Fails with RC = 8 RSN = 44, FFDC invalid group name returned | |
PI80363 | Allow configurable maxFieldLength in the logstashCollector | ||
PI80397 | Remote EJB call with the same object in multiple arguments fails | ||
PI80932 | WSCredTokenCallbackImpl class is not visible to applications | ||
PI81056 | Liberty server needs to retry starting the TCP channel after error CWWKO0224E due to hostname resolution error | ||
PI81124 | Closing websocket session throws NullPointerException | ||
PI82101 | Task retry not immediate after XAResource rollback | ||
PI82109 | Provide support for CICS 5.4 in WebSphere Optimized local Adapters | ||
PI82218 | JAX-RSResponses contain unnecessary Cxf-Content-Language header | ||
PI82296 | AsyncContext.comple() fails when called from a readListener | ||
PI82327 | java.lang.RuntimePermission error when destroying an upgradeHandler | ||
PI82364 | For JAX-RS 2.0, a request may fail with a 404 because a resource class was incorrectly indicated as not found | ||
PI82556 | AppSecurity-2.0 does not include trustAssociation in Liberty | ||
PI82672 | productInsights does not register embedded WebSphere | ||
PI82684 | During server shutdown, if ProductInsights is trying to complete its first registration it may not cancel all of its tasks | ||
PI82994 | filenotificationmbean may not notify the listener | ||
PI83111 | Monitor function of AdminCenter does not display the correct value of "used connections" | ||
PI83159 | JAX-RS resource methods report as not found when using scientific notation as path parameters | ||
PI83439 | ClassCastException thrown when using remote EJBs in servlet with parent-last classloading | ||
PI83516 | Using reference-listener along with service factory causes TransactionManager errors | ||
PI83682 | ProductInsights not reporting used JVM memory correctly | ||
PI83713 | Path template variables in JAXRS 2.0 do not support scientific notation | ||
PI83901 | The context ClassLoader is not getting set properly when loading CDI extensions at app startup | ||
PI84036 | JAX-RS Client must access endpoints via authenticating proxy | ||
PI84083 | Usage data is not queued if connection to Bluemix Product Insights host fails | ||
PI84327 | WebSphere Application Server Product Insights does not send in group name translations | ||
PI84487 | Certificate login does not work with custom user registry on Liberty | ||
PI84842 | The application's classloader is leaked when restarting the app | ||
PI85373 | Open Liberty Rollup for 17.0.0.3 | ||
PI85490 | Deadlock caused by WsLogManager and SIB trace code | ||
PI85492 | Commit of HTTP response in render_response(6) | ||
PI85683 | Register Windows service and start/stop service for Liberty fails if it is installed in directories names with a space | ||
PI85783 | Accumulation of org.apache.cxf.transport.http.osgi.HTTPTransportActivator objects | ||
PI85910 | OIDC does not recognize x5c tag in JWK | ||
PI86198 | Inconsistent aliasing between --jobParameterFile and --jobPropertiesFile in the batchManager and batchManagerZos CLI | ||
PI86443 | Use of the JAX-RS multipart media type results in a java.lang.ClassNotFoundException: javax.ws.rs.core.MediaType | ||
PI87119 | NullPointerException caused by external port component configuration | ||
PI87467 | CDI injection into JAX-RS classes is broken when using multiple apps and one app is not CDI-enabled | ||
PI87504 | JAXRS server response does not contain a servlet exception when an unmapped checkedException occurs | ||
Install V8 and above | PI88170 | Block installUtility/featureManager install userFeature '--to=core' | |
Java 2 Connectivity (J2C) | PI82859 | Incorrect value of connectionPoolstats | |
PI86100 | Intermittent sharing scope for data sources being created at the same time on two different threads | ||
PI87470 | Unable to install resource adapter using loose configuration file | ||
Java Message Service (JMS) | PI81329 | NCSA access logs %B option output displays "-" instead of the size of the response in bytes | |
PI81864 | ConcurrentLinkedList tailsequencenumberlock garbage collected | ||
Java Persistence API (JPA) | PI77555 | Eclipselink scrollable cursor results in a ClassCastException | |
PI80863 | OpenJPA caches and reuses the query parameters for BETWEEN expressions when OpenJPA's query cache is enabled | ||
PI81260 | OpenJPA does not honor SSL connection properties for DB2 | ||
Java SDK | PI85250 | Hung thread issue in myfaces _getMetadataTarget | |
PI86494 | Messages returned from JSF APIS are in the incorrect order | ||
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI82893 | JAVAX.FACES.INTERPRET_EMPTY_STRING_SUBMITTED_VALUES_AS_NULL value affects display behaviour for required fields | |
✓
|
PI87299 | Information disclosure in Apache MyFaces affects WebSphere Application Server (CVE-2011-4343) | |
✓
|
PI87300 | Information Disclosure in WebSphere Application Server in JSF (CVE-2017-1583) | |
JavaServer Pages (JSP) | PI82529 | HTTP transport encoding CP943C is used for JSTL params | |
PI83486 | StackOverflowError generated due to the JSP TabLibraryCache recurses into loadWebInfMap with the value "/WEB-INF" | ||
Liberty Application Services | PI87139 | Configuration updates blocked by application restart | |
PI87468 | Schema lists invalid attributes for resource adapters and EJB applications | ||
Liberty Debug and Tracing | PI83872 | NullPointerException in MultipleCriteriaFilter when retrieving logs from Liberty binary log | |
Liberty Kernel | PI87138 | Synchronization in ConcurrentServiceReferenceElement creates a performance bottleneck | |
PI87471 | Potential NullPointerException ServerXMLConfiguration.parseDirectoryFiles | ||
PI87480 | AccessControlExceptions in Liberty kernel code | ||
Liberty System Management | PI85828 | Correcting algorithm for collective deployment using a local file | |
Liberty z/OS | PI78510 | .pid directory created with wrong permission settings | |
PI78787 | WOLA ACEE copied from CICS invalid for TSS | ||
PI79017 | z/OS connect cannot read request that came in with transfer-encoding=chunked | ||
PI79034 | For products that embed Liberty, some bootstrap.properties do not take effect at server startup | ||
PI82088 | Prevent Error loop when TDQ is unavailable for write | ||
PI83503 | WebSphere Liberty servers with zOS connect failing to start with abend 0c4 in wolanativeutils.ntv_activatewolaregistration | ||
PI85520 | Message CWWKO0229I is not issued when asynchronous I/O is configured | ||
Messaging Providers | PI83027 | Default threadpoolstats data cannot be retrieved due to InstanceNotFoundException | |
Performance Monitoring Tools | PI80861 | The Japanese translated message for TRAS0115W is incorrect | |
Security | PI73345 | Distributed identity mapping not working in Liberty z/OS | |
PI84335 | PasswordUtil API classes are not packaged in a separate PasswordUtil.jar file | ||
PI84597 | Liberty z/OS trace includes unnecessary information | ||
Servlet Engine/Web Container | PI81052 | JSF portlets may not be able to obtain a session ID | |
✓
|
PI88642 | Information disclosure in WebSphere Application Server (CVE-2017-1681) | |
Virtual Member Manager (VMM) | PI79223 | In Liberty VMM user registry cannot get groups for user from LDAP | |
PI81923 | LDAPRegistry contextPool defaults do not match documentation | ||
PI81954 | LDAPRegistry attributesCache and searchResultsCache default timeout set too low | ||
PI85208 | LDAP registry cache is not used in some cases to retrieve cached attributes | ||
PI85213 | Federated repository may not use UniqueGroupIdMapping outputProperty when calling userRegistry.getUniqueGroupID | ||
PI85214 | Federated repository passes internal properties to customRepository implementations | ||
PI86719 | The LDAPRegistry contextPool timeout setting does not timeout after the configured time | ||
PI87461 | Federated Repositories is returning principal name instead of unique name for getUserSecurityName | ||
PI87466 | ArrayIndexOutOfBoundsException is thrown when groupMemberIdMap inside ldapRegistry is empty | ||
Web Container | PI83141 | WebContainer performance issue when under high load | |
Web Services (JAX-WS, JAX-RS) | PI64462 | NullPointerException in org.apache.cxf.jaxrs.impl.tl.ThreadLocalProviders.getContextResolver() | |
PI86914 | Correct Mapper is not chosen due to the order and when mapper classes are represented by proxy object due to injection | ||
Web Services Security | PI62735 | The groupId(s) get lost in id_token and introspection | |
PI68809 | WebSphere Application Server XML crypto libraries cause classloader conflict with Java XML crypto in certain scenarios | ||
PI78760 | OIDC IDToken updates to the "sub" field do not take effect | ||
PI80166 | OIDC provider does not recognize custom realmname from token | ||
PI80689 | Database persistence for tokens might not function correctly when the backing database does not support CLOB data types | ||
PI80741 | OpenID Connect (OIDC) cookie not fully removed | ||
PI80963 | Refresh tokens are issued unconditionally even for clients that do not require them | ||
PI94351 | Secure flag is not set on the Liberty WASOidcCode cookie | ||
WebSphere Compute Grid | PI72923 | CDI injection of Java batch jobcontext fails with npe in the absence of an active job on the current thread | |
PI81200 | StepListner.afterStep cannot catch an exception thrown by ItemProcessor.processItem | ||
PI84639 | batchManagerZos not available after minified server is extracted | ||
PI86175 | Prevent job start and restart of the same job from occurring simultaneously | ||
PI86193 | Support message delay/priority for Liberty Java Batch |
Fix pack 17.0.0.2
|
|
Fix release date: 13 June 2017 Last modified: 13 June 2017 Status: Superseded ![]() |
|
Component
|
Security APAR
|
APAR
|
Description
|
Channel Framework | PI85709 | Add watchdog timer to write waits on closing | |
Contexts and Dependency Injection (CDI) | PI72811 | Allow excluded alternatives | |
PI77286 | Vetoed EJBs throw NullPointerException | ||
PI77514 | CDI observer for @initialized(applicationscoped.class) is not called inside jar | ||
PI79787 | Prevent WebSphere internal packages from being exposed to applications | ||
PI80901 | Version numbers in symbolic names are too fine grained and can cause failover to fail between different versions of Liberty. | ||
PI82020 | WeldTerminalListener is not registered | ||
Database Access, Connection Management, Merant/DataDirect drivers | PI80335 | DSRA8020E Error is thrown when using IBM i Toolbox JDBC driver with WebSphere Liberty | |
EJB Container | PI77856 | EJB 3.x Stub class throws RemoteException for communication failure | |
PI79261 | Deadlock with persistent EJB timers for Singleton beans | ||
General | PI71956 | CWWKE0108I is written to stdout | |
PI74918 | The umask values is not shown in the server logs | ||
PI75258 | The CICS Link server abends when unable to write to a TS Queue | ||
PI75280 | Attributes missing from the element httpOptions and throws warning message | ||
PI75512 | Cleanup up websocket connection when outbound connection attempt fails at the app server | ||
PI75590 | Corrections are needed to the documentation in the Knowledge Center | ||
PI77605 | JAXRS Client APIs do not use configured SSL settings | ||
PI77615 | JAXRS application start fails with ClassNotFoundException when JSPs are specified in web.xml | ||
PI77976 | ConstraintViolationException when using @Valid annotation | ||
PI78177 | When a websocket connection is closed while reading data an object leak might occur | ||
PI78260 | Liberty jaxb-2.2 feature does not expose some xlxp2 packages | ||
PI78738 | Loop while closing an SSL connection | ||
PI79260 | ProductInsights reports incorrect product version and host name | ||
PI79275 | JAX-RS 2.0 Client calls fail when ssl-1.0 feature is enabled without any SSL configuration. | ||
PI79391 | ContainerRequestContext.hasEntity() returns true for a GET request. | ||
PI79987 | Endpoint MBean information does not update when server.xml <httpEndpoint> is modified | ||
PI80082 | JAX-RS 2.0 OPTIONS methods are not invoked when used in sub-resource locator classes | ||
PI80256 | AccessControlException thrown when finding resources if Java 2 security is enabled | ||
PI80285 | For JAX-RS 2.0, a request may fail with a 404 because a resource class was incorrectly indicated as not found | ||
PI80314 | Support for product insights in embedded server | ||
PI80315 | The productInsights-1.0 does not support BASE ILAN edition | ||
PI80514 | A jndiEntry config element with a value of "0" is parsed as a java.lang.String but should be a java.lang.Integer | ||
PI80631 | Access Log file and ELK time stamps are not the same | ||
PI80632 | Messages with digits in prefix of message ID have a blank messageId field in logstashCollector | ||
PI80719 | Websocket race condition on writing data while closing can hang a thread | ||
PI81082 | java.lang.ClassFormatError: JVMCFRE074 no Code attribute specified; is thrown | ||
PI81086 | NullPointerException thrown when using a JAX-RS provider class without a public constructor | ||
PI81396 | Unable to register a liberty server with product insights though an authentication required proxy | ||
Intelligent Management Component | PI80237 | Null return codes for health actions cause NullPointerException | |
Java 2 Connectivity (J2C) | PI78463 | After configuring a connection factory for CICS RAR, the server issues J2CA8501E | |
PI80357 | JMS connection factories defined through annotations can fail to allocate connections | ||
PI81549 | When using SQLJ context caching, auto commit and/or transaction isolation level become inconsistent | ||
PI81717 | The WaitTime provided by the ConnectionPoolStats MBean is in nanoseconds when it should be (and is documented) in milliseconds | ||
PI81840 | Bean Validation 1.1 @DecimalMin and @DecimalMax constraints inclusive property not working | ||
Java Persistence API (JPA) | PI76834 | Unable to use DB2 XML data type with EclipseLink JPA; Null pointer produced | |
PI76902 | NoSuchMethodException when a program is using CONCAT function | ||
PI78643 | Eclipselink JPA/Auditing capablity in EE Environment fails with JNDI name parameter type | ||
PI79397 | org.omg.CORBA.BAD_OPERATION when running a select SQL statement | ||
PI81076 | ServerSession numberOfNonPooledConnectionsUsed can become invalid when Exception is thrown connecting | ||
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI79562 | Leading '/' in JSF context param-value throws StringIndexOutOfBoundsException | |
PI80535 | ClassNotFoundException due to classes not being exported to the thread context | ||
JavaServer Pages (JSP) | PI79800 | The JSP Engine is not processing EL expressions correctly when they are in large blocks of character data | |
PI80319 | Failure to parse tag library when the taglib is defined in the application | ||
Liberty Application Services | PI66702 | Multi-address corbaname URLs do not fail over to the second address when the first address server is down | |
PI81297 | Application fails to initialize at startup with error CWWKZ0021E | ||
Liberty Debug and Tracing | PI80225 | JUL Traces do not show up in logstash collector / bluemix log collector when binary logging is enabled | |
PI80844 | Failure if running binaryLog view serverName from wlp/usr/servers directory | ||
Liberty Kernel | PI78072 | A server start may receive a java.util.MissingResourceException if started with a disabled command port | |
PI78444 | The server schema incorrectly includes some internal configuration attributes | ||
PI79123 | ConfigUtility command line tool loosing equals sign on parameters ending with equals sign | ||
PI79878 | Server create command (using Java 8) overwrites server.env file | ||
PI80744 | SPI class, PathUtils is not normalizing leading double slashes | ||
Liberty Log Analytics and Monitoring | PI80363 | Allow configurable maxFieldLength in the logstashCollector | |
Liberty z/OS | PI77988 | Update needed in module BBGZAFSM | |
PI78510 | .pid directory created with wrong permission settings | ||
PI78787 | WOLA ACEE copied from CICS invalid for TSS | ||
PI78970 | When the z/OS connect EE server is stopped and restarted, CICS issues an abend at the time of the WOLA rebind | ||
PI80072 | Message CWWKB0392W is issued when the OTMA client name is specified in the zosLocalAdapters connection factory properties | ||
PI80252 | The size of the Java heap grows over time when using the MSGLOG DD | ||
PI80650 | Memory leak in SP132 KEY8 causes OUTOFMEMORY in Liberty | ||
PI80988 | WebSphere OLA(WOLA) service request issues return code=8, reason code=96 when called from an IMS CCTL region | ||
PI82088 | Prevent error loop when TDQ is unavailable for write | ||
Performance Monitoring Tools | PI79203 | The monitor-1.0 feature may not be able to monitor user runtime components | |
PI80861 | The Japanese translated message for TRAS0115W is incorrect | ||
Security | PI72472 | WSCredTokenCallbackImpl returns null even when token exists | |
PI75111 | Admin center does not work with AccessControlException after enabling Java2 security | ||
PI77129 | MYFACES-3415 - [UI:REPEAT] Field value disappears if validation error exists on current site | ||
✓
|
PI77770 | Potential cross-site request forgery with WebSphere Application Server enabled with OAuth (CVE-2017-1194) | |
PI78245 | An authData element without an ID causes a NullPointerException in the logs | ||
PI78445 | CWWKS9580E message might be logged after modifying the CSIv2 configuration | ||
PI78730 | Intermittent CWWKS9520E message issued when CSIv2 is enabled | ||
PI79444 | AccessControlException when using the servlet log method | ||
PI95544 | NPE thrown in method authorizeEJB() | ||
Sessions and Session Management | PI73188 | Session activeCount shows a negative value | |
PI81007 | Incorrect messages were thrown at System output console when using JMX connector | ||
Systems Management Functions | PI66988 | Running collective command in z/OS results in FSUM7332 syntax error | |
PI78497 | When trace is enabled extra information is being included in the controller's trace file | ||
PI80320 | apiDiscovery urls may not update properly on Liberty Admin Center | ||
Virtual Member Manager (VMM) | PI78192 | UserRegistry methods that throw RuntimeExceptions can cause federated repository failures | |
PI79888 | An sslRef on an LDAPRegistry without matching ssl config causes security init failure | ||
PI80547 | Federated Repository's participatingBaseEntry element does not allow name attribute to be empty string | ||
PI81519 | In WebSphere Liberty, the context pool timeout value is not honored on the LDAP Registry | ||
PI81555 | The ldapRegistry feature does not properly process LDAP entities with RDN values that contain characters that need escaping | ||
PM76997 | VMM certificate authentication fails when DN contains non-default X509Certificate attributes | ||
Web Container | PI75166 | TAI cannot obtain the SSL endpoint information using direct connection | |
PI76699 | Provide an option to override the default values for the ESI properties in the plugin-cfg.xml | ||
PI76891 | Exception from com.ibm.ws.webcontainer.osgi.mbeans.PluginGenerator during server stop | ||
PI77629 | NullPointerException if login is required to access a servlet which uses a ReadListener. | ||
PI78193 | Returned default html error page has extra closing tags | ||
PI78633 | Access control exception due to read permission of a property from Cookie class | ||
PI79334 | Unexpected error when an application is initializing during server stop | ||
PI80313 | Enable Post Data to be read multiple times. | ||
PI80668 | ServletException when creating a servlet, filter or listener from a ServletContextListener with Java2Security enabled | ||
PI81688 | Plugin config file generation fails after a configuration update is made to a Liberty server when it is running | ||
Web Services (JAX-WS, JAX-RS) | PI77438 | JAXB context creation is very slow in Liberty during Web service load test | |
Web Services Security | PI76629 | Add authentication option to JWK endpoint invocation | |
PI78760 | OIDC IDToken updates to the "sub" field do not take effect | ||
PI80166 | OIDC provider does not recognize custom realmname from token | ||
PI80689 | Database persistence for tokens might not function correctly when the backing database does not support CLOB data types | ||
PI80741 | OpenID Connect (OIDC) cookie not fully removed | ||
PI81403 | An error may occur if the string representation of a subject includes an ID token that contains a claim with a non-string list | ||
WebSphere Compute Grid | PI78436 | Using batch injection in joblistener results in NullPointerException | |
PI79686 | Slow response when using batchpersistence in Liberty | ||
PI80634 | When trying to stop an already completed job the error message does not return with the correct jobInstanceId | ||
PI80635 | CDI implementation does not support batch artifact loading via batch.xml |
Fix pack 17.0.0.1
|
|
Fix release date: 14 March 2017 Last modified: 14 March 2017 Status: Superseded ![]() |
|
Component
|
Security APAR
|
APAR
|
Description
|
Contexts and Dependency Injection (CDI) | PI35470 | Message bean instances injected with the CDI @New annotations are not @PostConstruct'ed | |
PI55406 | IllegalAccessException is emitted from InvocationContextImpl | ||
PI62583 | IllegalArgumentException in CreationalContextImpl only when trace is enabled | ||
PI73139 | CDI would not inject classes from a war file into an ear lib in single classloader mode | ||
PI75915 | CDI failover does not work if bundles have different OSGI qualifiers | ||
Database Access, Connection Management, Merant/DataDirect drivers | PI73351 | DSRA0080E refers to original exception message {0} instead of actual message | |
PI76168 | After global transaction ends, the reported auto commit value can be inconsistent with the Oracle JDBC driver | ||
General | PI68233 | SSLSessionTimeout is not recognized as a valid attribute for sslOptions element | |
PI71616 | configUtility find or install throws a NoClassDefFoundError when using local repository | ||
PI73277 | EclipseLink 2.6.3 does not support JPA-convertor for primitive data types | ||
PI74721 | Errant timeout can occur with async sends in WebSockets | ||
PI75015 | Memory leak in JAX-RS client. | ||
PI75022 | Failure to parse a java.util.Date object when creating a new javax.ws.rs.ServiceUnavailableException. | ||
PI76688 | Private lifecycle methods in JAX-RS resources are not invoked | ||
Java 2 Connectivity (J2C) | PI60146 | Connection sharing cannot be controlled in Liberty when using direct lookup | |
PI71092 | java.lang.UnsupportedOperationException when accessing a tested data source | ||
PI73350 | Connection manager settings not honored | ||
PI74533 | Setting an agedTimeout value of 0 on a connection manager results in J2CA8011E | ||
PI75426 | Connection manager configuration intermittently ignored for application defined data source | ||
Java Persistence API (JPA) | PI74104 | EclipseLink might add unused table in generated query | |
PI74284 | The JPA Container calls EntityManager.clear() instead of EntityManager.close() on cleanup | ||
JavaServer Pages (JSP) | PI72709 | Asynchronous dispatch to a JSP file under the WEB-INF directory fails. | |
PI73022 | JSP comments containing "%>" might throw a StringIndexOutOfBoundsException. | ||
Liberty Application Services | PI74321 | After upgrade to 16.0.0.4. NamingException and ClassCastException occur on JNDI lookup on IBM i | |
PI75284 | Intermittent NullPointerException from ApplicationStateMachineImpl when trace enabled or logging information in response to a failure | ||
PI75389 | OSGi Applications can take significantly longer to startup after upgrading Liberty | ||
PI76368 | A class that is both Remote and Serializable is mis-categorized during marshalling | ||
Liberty Debug and Tracing | PI62350 | Some server startup and early messages are not collected by logstachCollector-1.0 feature. | |
PI74051 | Transaction trace lacks PropertyPermission to read system property "com.ibm.tx.tracer" | ||
PI74318 | Incorrect message IDs appearing on dashboard when using the Bluemix log collector | ||
PI76200 | Stack trace is not included in the message field of liberty_message type | ||
PI76620 | Filter tags in logstashCollector & bluemixLogCollector to avoid tags with special characters displaying oddly on dashboard | ||
PI76621 | New message IDs need to be assigned to a few existing TRAS messages. | ||
Liberty Kernel | PI72686 | Removing and adding a feature can result in a warning message about duplicate metatype definitions | |
PI73807 | Some Liberty message IDs conflict with traditional WebSphere Application Server | ||
PI74527 | Error CWWKZ0404E can occur when starting an application on Liberty | ||
PI74586 | Liberty server does not start if jvm.options file contains spaces, after upgrade to 16.0.0.4 | ||
PI74792 | java.lang.NullPointerException when starting an .ear application with autoExpand="true" in server.xml | ||
PI76013 | Resolution error for optional server config include should not create an exception | ||
PI76432 | Exception could be thrown and logged during a server shutdown if listeners timeout during quiesce | ||
PI76607 | Features that cannot be loaded because of Java version dependencies may still be reported as being loaded | ||
PI76755 | Liberty metatype registry problem - metatype extension duration changed from LONG to STRING in 16.0.0.4 | ||
Liberty z/OS | PI50828 | WLM support is ignored when running z/OS Connect in async mode | |
PI66375 | SPI for MVS MODIFY command support is documented to be externally available, but in fact is not available | ||
PI72065 | Loop in Liberty z/OS server when AsyncIO is enabled | ||
PI72566 | ABEND0C4 at BBGZSCFM+377E occurs during client bind | ||
PI72776 | When WLP_ZOS_PROCEDURE is set the foreground JVM uses the full set of JVM options | ||
PI73559 | WOLA service BBOA1URG fails with RC=12 RSN=240. | ||
PI73752 | Suppress FFDC for com.ibm.io.async.AsyncSocketChannel 453 | ||
PI74564 | WebSocket-1.1 feature does not work in Liberty imbedded in CICS TS 5.3 | ||
PI74875 | Liberty Server hang in termination after a hard failure on z/OS | ||
PI74878 | WOLA feature not started for 16.0.0.4 server using a version 4 Angel | ||
PI76238 | Message CWWKB0392W contains no message text in messages.log. | ||
Performance Monitoring Tools | PI75368 | Slow memory leak might lead to OutOfMemory in Liberty | |
PI76212 | Monitor capability breaks when different thread pool name is speicified other than "Dafault Executor". | ||
Security | PI72135 | An AccessControlException is issued when restoring the security context using the ContextService APIs | |
PI72653 | Web filters need to receive the AuthModule wrapped request or response when using JASPIC | ||
PI73266 | AccessControlException issued even when permission was granted in the permissions.xml file | ||
PI76359 | Process default SSL Setting not getting reset on a file update | ||
PI76408 | The method signature for java.security.SecureRandom.nextBytes() is no longer synchronized. | ||
Session Initiation Protocol (SIP) Container | PI76614 | SIP Router is initialized more than once. | |
PI76615 | Order of OSGI bundle could cause a class not found exception. | ||
Systems Management Functions | PI74526 | A collective name sporadically changes between its given name and the default name | |
PI75433 | Liberty collective member status becomes stale at the controller. | ||
Web Container | PI71999 | XML transformer factory changed during server start | |
PI72223 | The pluginUtility displays an untranslated message when using the merge action to merge plugin-cfg.xml files in a directory. | ||
PI72514 | Application start fails to add context root in Virtual Host map | ||
PI72710 | Response committed on return from Forward even when async is started. | ||
PI74499 | Server quiesce not cleaned properly when write during close of upgraded connection goes asynchronous. | ||
PI75475 | The WebContainer 'enableMultiReadOfPostData' config property was visible but not implemented. | ||
PI75528 | The maxRequestSize optional attribute for MultipartConfig is ignored. | ||
PI76195 | When the plugin configuration is generated it may not have one of the ports | ||
PI76271 | CORS does not handle requests with PATCH methods correctly | ||
PI76351 | ServletRequest.getRequestURI() returns inconsistent results after AsyncContext.start(). | ||
PI76364 | isFinished() could incorrectly return false in some scenarios | ||
Web Services (JAX-WS, JAX-RS) | PI70234 | Custom HTTP header blocks SOAPAction header | |
PI76616 | HTTP servlet requests could be matched to incorrect cross-origin resource sharing (CORS) configuration | ||
Web Services Security | PI72558 | OIDC client cookie is not removed after it is used | |
WebSphere Compute Grid | PI73040 | Batch job log REST URLs are incorrect for a failed job execution | |
PI73249 | The ddlGen script may produce an empty file when run against a server with the Java Batch feature configured | ||
PI74813 | When using the batchManagerZos 'status' and 'listJobs' commands, the usage of --instanceId and --jobInstanceId are not universal. | ||
PI74924 | Job with Java batch COMPLETED status moves to STOPPING status after shutdown in executor. | ||
PI76622 | Provide V2 and V3 versions of existing Batch REST APIs | ||
PI76632 | Job executions REST API syntax is misleading | ||
PI76701 | Java Batch purge command fails after a job execution did not initialize correctly | ||
PI76702 | Java Batch jobs store JES job name and JES job ID with trailing spaces | ||
WMQ messaging providers | PI61885 | postCallWithException throws java.lang.IllegalStateException | |
PI71691 | BundleException happens when adding a feature to a running server causing a bundle to be reinstalled | ||
PI72136 | Server startup fails with CWRLS0009E error due to failure in the transaction manager's recovery log service | ||
z/OS | PI61450 | Apache Wink does not remove quotes from the boundary value Content-type: multipart/mixed; boundary="simple boundary" |
Fix release date: 13 December 2016 Last modified: 13 December 2016 Status: Superseded ![]() |
|
Component
|
Security APAR
|
APAR
|
Description
|
Contexts and Dependency Injection (CDI) | PI69193 | ContextNotActiveException in SessionScoped bean preDestroy() | |
PI70614 | Clean up all resources on an application startup failure on cdi-1.0 feature | ||
PI71104 | @Inject Principal does not work in mutli-threaded environment. | ||
PI71667 | Application fails with WELD-001408: Unsatisfied dependencies for type Validator with qualifiers @Default | ||
PI71734 | Failover does not work with CDI 1.2 | ||
Database Access, Connection Management, Merant/DataDirect drivers | PI68418 | Purge policy ValidateAllConnections does not properly validate connections | |
PI71587 | Data source is not autodetecting MariaDB. | ||
DynaCache | PI68741 | HTTP status code 200 is returned to a client when the servlet or JSP throws an exception | |
PI71752 | Plugging in an external cache provider does not work with the distributedMap-1.0 feature. | ||
EJB Container | PI66621 | ReferenceContextImpl caching empty list of targets for JSP classes | |
PI67942 | javax.servlet.HttpServletRequest.getRequestURI() might return a decoded value after dispatching | ||
PI69642 | NullPointerException deleting stateful EJB | ||
General | PI42673 | Extra information in logs with Datasource custom properties | |
PI67034 | Access was denied for property org.apache.jasper.constants.jsp_servlet_base. | ||
PI67099 | Provide option to add STS response header for HTTPs request | ||
PI68432 | When user applications are using Websocket Decoders a slow memory leak can occur. | ||
PI69737 | Errors are not logged when tasks submitted to managed executors fail | ||
PI70332 | System property to enable SSL Channel timeoutValueInSSLClosingHandshake property | ||
PI71359 | FFDC is produced for a NullPointerException in com.ibm.ws.tcpchannel.internal.SocketRWChannelSelector.updateSelector | ||
Install V8 and above | PI68915 | Default server.xml is incorrect | |
PI69133 | Disk space validator returns NullPointerException. | ||
Java 2 Connectivity (J2C) | PI68163 | MQJCA1011: Failed to allocate a JMS connection | |
PI68257 | Connection manager might remain active after transaction manager has been disabled. | ||
PI69122 | J2C pretest being used despite FailingConnectionOnly option | ||
PI69887 | FFDC logged for resource adapter config property with getter that is named with "is" rather than "get" | ||
PI69957 | Destination ID erroneously used for JCA 1.7 destinationLookup instead of JNDI name. | ||
PI70224 | The value of ConnectionHandleCount on the ConnectionPool MBean is not accurate when in use connections are destroyed | ||
PI71193 | Illegal State Exception when transaction timeout occurs and abort is used | ||
Java Persistence API (JPA) | PI65593 | The database schema name cannot be configured with openjpa.jdbc.SchemaFactory | |
PI66770 | JPA returns incorrect results when using a native query and @SqlResultSetMapping | ||
PI67234 | ServerPlatformException Server platform class is not valid: null occurs with JPA 2.1 | ||
PI67790 | java.lang.ClassCastException using JPA | ||
PI68028 | EclipseLink throws ValidationException when using nested embeddables with the same attribute name | ||
PI68805 | Potential leak of org.apache.bval.cdi.BValExtension$Releasable objects when using JAX-RS, CDI 1.2, and Bean Validation 1.1. | ||
PI70680 | Deployment of persistence unit fails with DescriptorException | ||
PI70841 | OpenJPA's ConfigurationImpl.loadGlobals() has java.util.ConcurrentModificationException | ||
PI75607 | javax.persistence.PessimisticLockException when javax.persistence.lock.timeout set to 0 | ||
PI75608 | Add EclipseLink support for Java 2 Security | ||
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI67525 | inputFile tag is not working properly on Liberty | |
PI70441 | FlowBuilderFactoryBean Concurrency Issue | ||
JavaServer Pages (JSP) | PI67257 | An escaped EL expression is being run if an escaped dollar sign precedes the former expression | |
PI69028 | Null CodeSource location for classes loaded by JSPExtensionClassLoader | ||
PI69942 | JSP property useJDKCompiler does not work in Liberty | ||
PI71436 | A debugger does not stop at a breakpoint in a JavaSever Page (JSP). | ||
Liberty Application Services | PI70600 | Auto extracted web app files have incorrect timestamp. | |
PI70848 | When application autoExpand is enabled changes to an ear file are not detected by the Liberty server | ||
PI70870 | ConcurrentModificationException in AppClassLoader when using the global library | ||
PI71116 | When certain features are enabled the application property autoStart has no effect | ||
Liberty Kernel | PI68170 | Users of Liberty's OSGI EventAdmin service cannot change the topics of interest for a registered EventHandler | |
PI70104 | Starting a Web Application Bundle (WAB) can result in a deadlock sometimes when the WAB is installed and started dynamically | ||
PI70637 | RuntimeException: Invalid call to WsByteBuffer occurs during shutdown | ||
PI71457 | NullPointerException after a failure to bind an IIOP transport port | ||
PI71607 | Schema for resource adapters contains an unused attribute. | ||
Liberty System Management | PI69561 | REST API Discovery missing APIs in web applications with multiple JAX-RS application classes | |
Liberty z/OS | PI67718 | z/OS Connect is unresponsive to the STOP command from the z/OS Console | |
PI69625 | Liberty server at 16.0.0.3 may fail to start when using AsyncIO | ||
PI69886 | When using the zosLocalAdapters-1.0 feature to talk to CICS, the CICS container LinkTaskRspContID already exists. | ||
PI70090 | WebSphere Liberty "server" and native launcher handle a # in the middle of a JVM property inconsistently | ||
PI70896 | Liberty Server hang in termination after a hard failure on z/OS | ||
PI71417 | Startup time for Liberty for z/OS is unnecessarily slow. | ||
Messaging Providers | PI62816 | Allow more than one address to be specified in the remoteServerAddress field | |
PI70961 | Corrections to messages in JMS Messaging | ||
Performance Monitoring Tools | PI70900 | Events get lost when the logstashCollector config gets updated | |
Security | PI62070 | Full chain created in PKCS12 but not for JKS key store | |
✓
|
PI62375 | Potential code execution vulnerablity in WebSphere Application Server (CVE-2016-5983) | |
PI69141 | Make sure HTTPS URL connection default is set at the same time SSLContext is set. | ||
PI69161 | Constrained delegation works only when Liberty trace is enabled | ||
PI69277 | Java 2 Security permissions are not granted to a shared library when using the file element instead of a fileset | ||
PI69629 | CWWKX8136W: Cannot validate the server identity | ||
PI69840 | A NoClassDefFoundError or NoSuchMethodError may be thrown when accessing Swagger annotations. | ||
PI69870 | IllegalAccessException on EL expression that processes isLast() of object referencing varStatus in JSTL for-each tag | ||
PI71525 | NullPointerException when registering a Custom User Registry that returns a null realm name | ||
PI71585 | NullPointerException when null password is passed into WSCallBackHandlerFactory | ||
PI71751 | Provide better message when bad SSL configuration is used by CSIv2. | ||
PI71789 | .InvalidNameException: Validation of the Collective DN failed. 0th element type was not dc | ||
Systems Management Functions | PI69286 | Non-ASCII names used in remote operations from a collective controller may become corrupted. | |
PI69741 | Remove extra information from trace file | ||
PI71792 | New files added to a controller's configDropins/defaults directory are not replicated to other controllers in the collective. | ||
Virtual Member Manager (VMM) | PI71825 | CWWKS3006E error message seen during server shutdown. | |
Web Container | PI64898 | AsyncListener onError not being called correctly | |
PI65762 | DestroyJavaVM() method call hangs and JVM fails to shut down when asynch servlet work has been performed | ||
PI67393 | Polish the ReadListener | ||
PI68061 | Option to display customized text for some server errors | ||
PI69220 | A plugin-cfg.xml is generated with missing applications and future auto-generation fails. | ||
PI69803 | A java.lang.NoClassDefFoundError error can occur when using the pluginUtility merge action. | ||
PI70063 | A decrease in throughput can occur when many concurrent requests for JSP pages that make use of tag libraries. | ||
PI70184 | WebSocket not working if application flushes without obtaining any outputStream or writer | ||
PI70873 | java.lang.NullPointerException might occur during a request's cleanup. | ||
PI71851 | Missing apostrophes in French and Italian pluginUtility text | ||
Web Services (JAX-WS, JAX-RS) | PI70196 | PI70196: ibm rest servlet cannot be mapped to two different urls: | |
PI70313 | Swagger API Explorer ignores protocol schemes for operations | ||
PI71238 | IllegalArgumentException when getHours() is called | ||
PI71887 | JAX-RS Client fails when running in OSGi bundles | ||
Web Services Security | PI68101 | JSON bits are missing from a URL when SAML authentication redirects a request | |
PI68809 | WSAS XML crypto libraries cause classloader conflict with Java XML crypto in certain scenarios | ||
PI69415 | Support configurable context root for OIDC client redirect url | ||
WebSphere Compute Grid | PI70886 | Java Batch REST: STOP request may not return JobNotRunningException even when the job batch status returns as COMPLETED. | |
PI70887 | An exception in the batch executor may cause a message to roll-back onto queue (and get re-delivered) instead of consumed. | ||
PI71718 | Attempting to purge multiple job instances fails when their executions are not on the same endpoint | ||
PI71719 | Batch REST request for job instance job log links fails with remote executions | ||
WMQ messaging providers | PI68664 | Record-level sharing (rls) is miscalculating the amount of data to be written to partner logs | |
PI69183 | APAR PI18414 may result in the recovery log service using incorrect sequence numbers. | ||
PI69314 | ELException, Can not find @Transactional annotation | ||
PI69328 | CWWKZ0403E error message occurs due to error Unable to acquire the global write lock in time. |
Fix release date: 16 September 2016 Last modified: 16 September 2016 Status: Superseded ![]() |
|
Component
|
Security APAR |
APAR
|
Description
|
Contexts and Dependency Injection (CDI) | PI38270 | NullPointerException in InvocationContextImpl.configureTarget when destroying an already destroyed bean | |
PI42311 | EJB interceptors not called intermittently | ||
PI48614 | NullPointerExceptions from CDI code | ||
PI51620 | NullPointerException when doing injection with com.ibm.ws.cdi.immediate.ejb.start set to true | ||
PI58669 | CDI javax.decorator.decorator annotation not working as expected | ||
PI61397 | Ensure application scoped context is initalized properly and active during bean preDestroy | ||
PI64374 | Race condition with session scoped contexts | ||
PI64812 | Application ClassLoader leaked during application restart from CDI's RuntimeFactory | ||
PI65337 | Use of CDI interceptors in stateless EJBs causes exceptions to be wrapped in WeldException | ||
PI66866 | Memory leak occurs when an application is restarted | ||
PI67388 | Move up Weld level to 2.3.4.Final from 2.2.16.Final. | ||
Database Access, Connection Management, Merant/DataDirect drivers | PI66423 | OraclePreparedStatement.getReturnResultSet and OracleCallableStatement.getCursor fail after unwrapping statement | |
EJB Container | PI60567 | New system property to configure the EJB pool wait timeout | |
PI62639 | NullPointerException in CDIEJBManagedObjectFactoryImpl.getEjbDescriptor when creating EJB instance to pre-load the bean pool | ||
PI63571 | AccessControlException: "accessDeclaredMembers" from com.ibm.wsspi.injectionengine.MethodMap.getMethods. | ||
PI63709 | Application exception thrown from EJB constructor lost when @AroundConstruct interceptors present | ||
PI63821 | Resource reference names starting with java:comp/env are ignored in ibm-ejb-jar-bnd.xml | ||
PI65205 | FFDC for TransactionRolledbackException when using UserTransaction in stateful bean ejbRemove method | ||
PI66565 | com.ibm.wsspi.resource.ResourceInfo not provided to ResourceFactory for <resource-env-ref> XML elements | ||
PI67070 | Customer can get EJBExceptions related to non-persistent EJB Timers during server shutdown | ||
General | PI60893 | Deadlock caused by SIP Subscribe | |
✓
|
PI61548 | Potential Denial of Service in WebSphere Application Server if using SIP services (CVE-2016-2960) | |
PI63871 | NullPointerException in MemoryPersistenceManager | ||
PI64472 | Automatically determine whether a submit or restart should be issued from the batchManager and batchManagerZos utilities. | ||
PI65456 | Issuing "job.ended" CWWKY0010I message instead of "job.failed" CWWKY0011W message, upon job failure. | ||
Install V8 and above | PI65506 | Display proper asset list when embedded asset repo is missing during IM modify_add flow | |
Intelligent Management Component | PI59258 | Dynamic Routing fails to recognize the application until Collective Controllers are restarted | |
PI63212 | Reload of web server with Intelligent Management causes CWWKV0008W messages on a Liberty collective controller | ||
PI66993 | Health condition is not set to the Liberty server in the Docker container. | ||
PI67392 | DynamicRouting does not have route information for Liberty Docker on initial deployment | ||
Java 2 Connectivity (J2C) | PI63520 | Parked connection created by PoolManager results in setting a pre-existing client ID to a MQ connection | |
PI66424 | J2CA7002E is logged when server is stopped while in the process of installing a resource adapter. | ||
PI67186 | The value of FreeConnectionCount on the ConnectionPool MBean is not accurate when in use connections are destroyed | ||
Java Persistence API (JPA) | PI58114 | ClassCastException when an equals comparison query is run on an entity with a composite @EmbeddedId | |
PI64129 | CDI applications that inject Validator or ValidatorFactory beans cannot be failed over in a cluster | ||
PI67305 | EclipseLink assigns the same object instance to multiple embedded fields | ||
JavaServer Faces (JSF) SunRI implementation | PI64899 | When using the jsf-2.2 and beanValidation-1.1 features an OSGI warning message can be seen. | |
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI63135 | Custom type conversion is sometimes bypassed in EL 3.0 | |
PI63633 | Thread-safety issue in the underlying (Apache) JSF 2.0 code causes WebContainer threads to hang | ||
PI64195 | @PreDestroy methods are not invoked on session invalidation for JavaServer Faces (JSF) javax.faces.bean.ViewScoped beans. | ||
PI64714 | JSF message severities always set to ERROR after ValidatorException | ||
PI64718 | Validators are not called when using selectManyCheckbox | ||
JavaServer Pages (JSP) | PI64004 | The scratchdir JSP attribute is not documented on Liberty | |
PI65333 | A JSP error "unresolved compilation problem" is thrown during runtime | ||
Liberty Application Services | PI62861 | Server stop runs before the ServletContextListener implementation completes | |
PI63542 | ArrayIndexOutOfBoundsException may occur when doing a JNDI-lookup to a remote EJB that is located in another cell | ||
PI64494 | Timing window in generation of Type Code objects from class TypeDescriptors, causes performance problems during JNDI lookup | ||
PI64806 | java.lang.StackOverflowError on WAR | ||
PI65244 | EJB connection helpers are both null | ||
PI65637 | Starting an OSGi Application intermittently causes an endless loop. | ||
PI66570 | IllegalStateException thrown on server shutdown | ||
PI67028 | AccessControlExceptionthrown from AppClassLoader.getResources() call | ||
PI67672 | Extended use of remote EJB may cause error mentioning Phaser parties. | ||
PI67674 | Restarting ORB may cause socket bind exception | ||
PI67719 | AccessControlException from JTMThreadFactory, JNDI lookup, and JmsManagedConnectionFactoryImpl | ||
PI67739 | Configuring a non-default ORB may interfere with application client. | ||
Liberty Archive Install | PI66992 | z/OS IM offering failed to modify asset due to error 'Failed to load bundle com.ibm.was.determine.job.type' | |
Liberty Kernel | PI62609 | When coreThreads and maxThreads are the same value, CWWKE1200W messages, which indicate a hung thread, may appear erroneously | |
PI63436 | Embeddable Liberty command wlp/bin/server fails to run on old bourn shell used by Solaris 5.10 | ||
PI64318 | Product validation error when running installUtility install | ||
PI67017 | Apache Commons Compress was incorrectly added to Liberty's JVM classpath | ||
PI67231 | Inconsistent installUtility/feature error messages when installing features or depending features not found on repository | ||
PI67665 | Path normalization of configuration variables can cause unwanted modifications | ||
Liberty z/OS | PI61412 | HTTP access logs are not tagged on z/OS. | |
PI61645 | CWWKF0015I and CWWKF0014W messages are misleading | ||
PI63930 | WEBSOCKET-1.1 feature does not work in Liberty Imbedded in CICS TS 5.3 | ||
PI64823 | zosRequestLogging-1.0 feature does record the SAF mapped user ID in SMF 120 subtype 11 records. | ||
PI65658 | Liberty z/OS unauthenticated ID experiences ICH408I calling HttpServletRequest.login with syncToOSThread enabled | ||
PI65709 | Storage leak in subpool 249 key 2 when using the zosLocalAdapters-1.0 feature. | ||
PI66150 | Liberty server processes the start of WOLA workload to slowly | ||
Security | PI60769 | IIOP sslRef mismatch not clear in error message | |
PI61592 | Security context not propagated into JCA resource adapter | ||
PI62626 | jacc-1.5 feature does not package a separate API jar file even though it exposes the API. | ||
PI62722 | Attempting to start or stop a member from the Liberty Admin Center running in a collector on z/OS results in CWWKS2910E | ||
✓
|
PI63929 | Potential open redirect security vulnerability in WebSphere Application Server Liberty CVE-2016-3040 | |
PI63949 | When auth-method tag is not used in Liberty a NullPointerException is thrown | ||
PI64065 | CWWKS9112W: Invalid run-as configuration for security-role name ApplicationRoleName in the application ApplicationName | ||
✓
|
PI64790 | Cross-site scripting vulnerability in OpenID Connect client CVE-2016-3042 | |
PI65716 | configUtility and collective command line utilities do not support the custom password encryption | ||
PI66628 | The message when the custom password encryption is not available is not acculate. | ||
PI67237 | AccessControlException issued when an API tries to obtain an internal OSGi service via the kernel service SPIs. | ||
PI67467 | An intermittent MalformedURLException is issued during the server shutdown when Java 6 is used and there are permissions defined | ||
Sessions and Session Management |
✓
|
PI60026 | Bypass security restrictions in WebSphere Application Server (CVE-2016-0385) |
Systems Management Functions | PI62640 | Collective utility help text for --keystorePassword is incorrect. | |
PI66520 | A collective controller shared configuration file is removed after it is renamed. | ||
PI66522 | A deploy rule without a defined restart command produces an exception during a deploy operation. | ||
PI66523 | The --createConfigFile option of the collective utility allows the config file to be in the configDropins/defaults directory | ||
PI66524 | The collective utility writes an unnecessary request to edit server.xml. | ||
PI67220 | Liberty member in a Docker container ignores metadata defined in the admin-metadata.xml file included in the container. | ||
PI67221 | Docker registry commands in the Docker deploy rule mistakenly prepend the repository with the user name. | ||
Virtual Member Manager (VMM) | PI62392 | Login failure if userFilter contains userAccountControl attribute | |
PI63471 | getUserDisplayName returning null when basicRegistry is configured | ||
Web Container |
✓
|
PI54459 | Information Disclosure in WebSphere Application Server Liberty CVE-2016-0378 |
PI58875 | Application is started even though there has been a listener exception during application start up | ||
PI61651 | An uncaught exception in javax.servlet.AsyncListener.onComplete() might cause threads to hang | ||
PI63193 | SRVE8094W might happen even if invokeFlushAfterServiceForStaticFile=false | ||
✓
|
PI65853 | WebSphere Application Server Web Container affected by Apache Struts vulnerability (CVE-2016-3092) | |
✓
|
PI67093 | Information disclosure in IBM WebSphere Application Server CVE-2016-5986 | |
PI67470 | ConcurrentModificationException thrown on getServletWrapper when serveServletsByClassname is enabled | ||
PI67832 | FFDC created when a feature is removed from server.xml. | ||
Web Services (JAX-WS, JAX-RS) | PI64462 | NullPointerException in org.apache.cxf.jaxrs.impl.tl.ThreadLocal Providers.getContextResolver() | |
PI67586 | ConcurrentModificationException in org.apache.cxf.jaxrs.JAXRSServiceFactoryBean | ||
Web Services Security | PI66148 | OIDC Client Service is not thread safe | |
PI66354 | OAuth provider does not encode non-ASCII characters properly | ||
WMQ messaging providers | PI45254 | Collect more serviceability data for transaction log service | |
PI65127 | Deadlock issue in tranlog database | ||
PI65412 | Transaction service may fail to log data correctly when its logs are stored in a database and connection failure occurs |
Fix release date: 24 June 2016 Last modified: 24 June 2016 Status: Superseded ![]() |
|
Component
|
Security APAR |
APAR
|
Description
|
Contexts and Dependency Injection (CDI) | PI58316 | Changes to JSP in EAR or WAR not picked up if CDI-1.2 feature enabled | |
PI61971 | CDI forces a creation of an extra session, which causes memory usage issues. | ||
DynaCache | PI59818 | Servlet and Object Cache services are initialized multiple times during Liberty startup causing delays and exceptions | |
EJB Container | PI58029 | Classloader leak associated with PCRegistry | |
PI59443 | A method named ejbCreate on a managed bean may be treated as a post construct interceptor method | ||
General | PI52696 | WebSphere Application Server proxy - Too many open files | |
PI53321 | Using WOLA with CICS version 5.3 causes BBOX abend | ||
PI54666 | NullPointerException when using IPv4/IPv6 loopback addresses | ||
PI55413 | CICS BBO (WebSphere) link server abends with WRITEQ TSQ BBO* error eibresp: 16 eibresp2: 0 | ||
PI57228 | The HTTP Channel consumes additional memory, in specific circumstances, when processing inbound data. | ||
PI58457 | Quotes are automatically added to the cookie Path attribute on version 1 cookies | ||
PI58692 | NullPointerException when using batchManager to purge and no arguments specified | ||
PI58800 | High CPU utilization can occur for WebSocket sessions that expire using a non-default MaxIdleTimeout value | ||
✓
|
PI58918 | Response Splitting Vulnerability using a specific API CVE-2016-0359 | |
PI59273 | A job instance with zero executions cannot be stopped or restarted. | ||
PI61321 | Serviceability changes for batch feature | ||
PI61621 | The persistent user data and metric values are invalid when a job fails in the middle of a chunk step | ||
PI62053 | HTTP Channel Access Log does not properly record how much is written to the file | ||
PI64247 | For Double Byte languages an FFDC IllegalArgumentException can occur for a WebSocket connection that closes due to an error | ||
Intelligent Management Component | PI61807 | Web Server SSL certificate created by the Liberty dynamicRouting feature needs updating | |
Java Persistence API (JPA) | PI47094 | ClassCastException using a shared JPA module on JPA 2.1 | |
PI55889 | JPA Merge fails intermittently with FOREIGN KEY constraint error | ||
PI58092 | Delay in application startup on Liberty | ||
PI58523 | When using jpa-2.1 with Bean Validation, XML constraints are not recognized | ||
PI59004 | Criteria Modelgen API is not included for the EclipseLink provider | ||
PI59757 | JPA PersistenceUnitUtil.getIdentifier() fails for nested EmbeddedId | ||
PI59782 | Eclipselink on Liberty is missing javax.json imports | ||
PI59999 | OpenJPA custom plugins can cause Classloader leaks | ||
PI62022 | Bean validation interceptor is invoked twice | ||
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI57255 | MyFaces CDI support is disabled if non-CDI application is loaded first | |
PI59422 | Flow beans are destroyed before the flow is finalized | ||
JavaServer Pages (JSP) |
✓
|
PI56811 | XXE and RCE via XSL extension in JSTL XML parse and transform tags |
PI59436 | NullPointerException when using EL expressions returning null | ||
PI60837 | A StackOverflowError can occur when com.ibm.ws.el.reuseEvaluationContext is set to true | ||
PI61400 | There are unused message properties files packaged in the Expression Language (EL) 3.0 bundle. | ||
Liberty Administrative Center | PI58080 | Admin Center toolbox cannot save bookmarks with Explore search results which search on tags | |
✓
|
PI62052 | Potential security vulnerability in Admin Center for Liberty CVE-2016-0389 | |
Liberty Application Services | PI53419 | Liberty server z/OS: Deadlock adding WABs to web container | |
PI58841 | An OSGi web app using JSP and JSTL by default currently needs to explicitly import the JSTL spec packages. | ||
PI59010 | CWWKC2259E: "Unexpected child element defaultDatasource" in WebSphere Liberty for EJB 2.1 | ||
PI60496 | EBA fails to resolve when blueprint-1.0 is active | ||
PI60749 | Common shared library classes return null when calling getProtectionDomain().getCodeSource().getLocation() | ||
PI61468 | Application classloaders are leaked by transaction monitoring threads. | ||
PI61906 | Classloading trace does not contain details of classpath being traversed. | ||
PI62078 | ClassLoader leak in CDI's RuntimeFactory | ||
PI62240 | ClastCastException doing a JNDI lookup | ||
PI62385 | Classloading perfomance of the Liberty ORB has been slightly improved. | ||
Liberty Archive Install | PI60256 | Failed to testConnection against wlp-feature-8559.zip | |
PI62355 | License jar upgrade returns a confusing message when it fails due to invalid edition. | ||
Liberty Debug and Tracing | PI57488 | Null characters added to logs when truncated by user | |
PI58309 | NullPointerException seen with logstashCollector-1.0 feature when access log source is enabled | ||
PI58310 | logstashCollector-1.0 feature reports a NullPointerException during server shutdown operation | ||
PI58311 | TRAS0120W message reports incorrect lost events | ||
PI58386 | Duplicate FFDC records are sent for the same failure by logstashCollector-1.0 feature. | ||
PI60821 | NullPointerException when eventLogging feature is removed | ||
PI61051 | Removal of ISADC script | ||
PI61371 | High Performance Extensible Logging (HPEL) binarylog view does not sort by time stamp | ||
PI62013 | Warning message should be issued when wrong source is specified. | ||
PI62015 | Unexpected null pointer exception appearing in FFDC logs with logstash collector whenever updating the source | ||
Liberty Kernel | PI48971 | ActiveMQ properties not being honored in JMSActivationSpec in Liberty | |
PI59235 | Problems with serialization code | ||
PI59906 | Server command help is missing the --os option description | ||
PI60941 | When installUtility install serverName is run, the server logs and workarea were not created under WLP_OUTPUT_DIR | ||
PI61175 | During startup the application manager can cause an FFDC with a ConcurentModificationException causing no applications to start. | ||
PI61177 | Spurious error may be logged when bundle starts and immediately stops. | ||
PI61178 | Dynamically configuring one or more features from zero features delays starting applications by 30 seconds | ||
PI61319 | The help for the productInfo command line tool reports an error rather than provide the help text. | ||
PI61320 | Missing attribute message is confusing | ||
PI61324 | Server package zips when unpacked lack file permissions for scripts in bin folder. | ||
PI61451 | installUtility command may fail with a SocketException: "Too many open files" | ||
Liberty System Management | PI57567 | Merged plugin-cfg.xml generated by ClusterManager mbean generateClusterPluginConfig operation contains dup elements | |
PI58426 | Collective create always treats --keystorePassword as a required argument | ||
PI61176 | Using the IBM JMX REST client from Liberty requires setting too many properties | ||
PI61895 | Swagger document and UI in apiDiscovery-1.0 did not show non-ASCII characters properly. | ||
Liberty z/OS | PI50018 | linkTaskChanID property does not work when used with z/OS Connect service provider | |
PI52665 | z/OS WOLA CICS BBOC control transaction cannot support long command strings from the console | ||
PI54756 | z/OS Connect JSON Parse Error message missing JSON payload. | ||
PI56919 | IllegalArgumentException: com.ibm.ws.security.saf.SAFException: CWWKS2910E: SAF service IRRSIA00_CREATE did not succeed | ||
PI57546 | UserRegistry.getUsersForGroup() is not implemented in Liberty server | ||
PI58016 | Asian characters in UTF-8 encoded payloads are converted to escaped unicode characters | ||
PI58155 | Liberty server takes ABENDEC6 RC0000FD1D due to CPU time limit exceeded | ||
PI58468 | WOLA fails to reconnet to CICS TS after previous executions have succeeded | ||
PI59320 | ABEND 0C4 RSN=00000004 or a CICS ASRA ABEND when you have more than 128 WOLA connections in an address space | ||
PI61322 | CICS programs called over WOLA are being passed an incorrect channel or container name. | ||
PI61323 | An ABENDDC2/ABENDSDC2 occurs in program BBOATRUE when CICS is configured to use an embedded Liberty server. | ||
Performance Monitoring Tools | PI60781 | NullPointerException being thrown from requestTiming feature if any exception occured | |
Security | PI55373 | Collective framework needs to support certificates signed by third party signers | |
PI59813 | Improve the exception generated when client does not trust the server. | ||
PI61090 | NullPointerException from FeatureWebSecurityCollaboratorImpl | ||
PI61204 | NullpointerException when using ibm_securitylogout in Liberty | ||
PI61253 | OAuth or OpenID Connect response does not contain state parameter | ||
PI61622 | The French help text of the PasswordUtility command line utility contains typographical errors. | ||
Systems Management Functions | PI58664 | Liberty collective member status is incorrect | |
PI62453 | When making a JMX Connection to a collective member, the JVM default for HTTPs connections is updated | ||
Virtual Member Manager (VMM) | PI54746 | Federated repository does not allow a user login with Turkish characters | |
PI56819 | User login failure when uniqueUserIdMapping inputProperty set to non default values | ||
Web Container | PI51122 | Webcontainer intermittently generates a 500 error with StringIndexOutOfBoundsException | |
PI56833 | WebContainer is setting the Content-Language | ||
PI57951 | Line feed code disappears when data is uploaded with enctype="multipart/form-data" in an HTML form | ||
PI58920 | Dispatcher type obtained from HttpServletRequest is not updated on post processes | ||
PI59415 | Development version of servlet SPI bundle does not match with runtime webcontainer bundle. | ||
PI60797 | Enable POST only for a form login | ||
PI61594 | AsyncContext.dispatch() might dispatch to an incorrect URI if using different versions of ServletRequest.startAsync() | ||
PI61628 | A 404 error might be generated when using redirectToWelcomeFile | ||
Web Services (JAX-WS, JAX-RS) | PI53319 | ClassNotFoundException on WebSecurityHelper | |
PI56315 | JAX-RS MessageBodyWriter is not run | ||
PI56374 | ClassCastException: java.util.TreeMap incompatible with javax.ws.rs.core.MultivaluedMap | ||
PI58097 | HTTP Response header with invalid Date string is added to the response on a WebServices request | ||
PI58779 | JAX-RS 2.0 @Context injection from client side provider reports NullPointerException | ||
PI58799 | IllegalArgumentException inJAX-RS InjectionUtils.java code | ||
PI59519 | Update product.json model to match recent changes in API Connect | ||
PI59633 | When using JPA to persist an object, the JAX-RS engine does not correctly catch any exceptions that are thrown | ||
PI59640 | Security definition is missing from the filtered Swagger document returned by API Discovery Framework | ||
PI59643 | Using @Context to get the HttpServletRequest and changeSessionId() always returns null | ||
✓
|
PI61936 | Information disclosure in JAX-RS API | |
PI62155 | Suppress SOAP FAULT error message | ||
✓
|
PI62450 | Swagger processor may allow weaker than expected security | |
Web Services Security | PI59665 | OIDC Relying party auth flow fails with 401 error when security trace is enabled | |
PI59677 | OIDC relying party authentication failure due to CWWKS1704E error | ||
PI62735 | The groupId(s) get lost in id_token and introspection | ||
WMQ messaging providers | PI59123 | WS-AtomicTransaction participant recovery after a server crash may never complete | |
PI60966 | Problem distributing transaction between WSAS traditional and Liberty using WS-AtomicTransaction. |
Fix release date: 18 March 2016 Last modified: 18 March 2016 Status: Superseded ![]() |
|
Component
|
Security APAR
|
APAR
|
Description
|
Contexts and Dependency Injection (CDI) | PI50291 | Beans searched for through instance interface are not found | |
PI51134 | NullPointerException if all interceptors are on methods overriden, defined at class level or defined in a different method | ||
PI51508 | Reduce contention in AbstractOwbBean.equals use | ||
PI52391 | BeanManger.equals cannot distingiush between two BeanManagers for the same module after a restart | ||
PI52756 | CDI is activated and generates error with no existence of beans.xml | ||
PI52765 | Provide a fix for Weld bug in CDI 1.2 | ||
PI57976 | Objects of class NullInjectionPointImpl are visible in applicaiton code | ||
PI58021 | ClassNotFoundException if application contains a jar which contains other archives | ||
Database Access, Connection Management, Merant/DataDirect drivers | PI57239 | Error when multiple threads attempt to authenticate to Mongo at the same time | |
EJB Container | PI49639 | CWWKC2259E: "Unexpected child element" in Liberty profile for EJB 2.1 | |
PI50806 | NullPointerException in AbstractEJBRuntime.bindAllRemoteInterfacesToContextRoot when using ejbRemote-3.2 feature | ||
PI53807 | Improve message text when EJB SessionContext fails to serialize | ||
PI55049 | Non-persistent EJB Timer created while application is stopping may not be removed | ||
General | PI48725 | Initial TLSv1.0 application data packet read into the wrong buffer by the SSL channel | |
PI49508 | At startup end users requests routed with HTTP 404 response | ||
PI49566 | WebSockets might not close the connection if sessionIdleTimeout is set | ||
PI51523 | HTTP Channel getCookieValue throws ArrayIndexOutOfBoundsException when cookie is only one-digit double quote " | ||
PI51552 | Unwanted CWWKC1556W warning when application starting or server shutting down | ||
PI51740 | The HTTP Channel could cause the Operating System to send an RST packet when the connection is closed | ||
PI52417 | Host name resolution with collectives on z/OS may not resolve properly | ||
PI52845 | SSL handshake fails due to a java.lang.IllegalArgumentException. | ||
PI54212 | Update one class in Apache Commons | ||
PI55344 | The job logs are producing a date such as 2016-12-28 as opposed to 2015-12-28 during the last week of the year | ||
PI55874 | Jobs containing split-flow may continue executing the (split-flow) even after the job is stopped. | ||
PI56019 | The com.ibm.websphere.appserver.api.mediaServerControl.1.0_1.0.11.jar file in the dev/api/ibm directory is empty. | ||
PI56057 | The MediaServerControl Javadoc provided contains accessibility issues. | ||
PI56076 | Batch job logs do not contain the exception stack trace on step or job failures. | ||
PI57100 | Remote partition wrongly ends in COMPLETED state when job is stopped, wrongly bypassing partition execution on restart. | ||
PI57542 | IOExceptions is not thrown on inbound connections | ||
PI58014 | Message's address is null in SipUdpConnLink | ||
PI58049 | The exitStatus after the restart of an executor is not properly being rolled back to the correct value. | ||
Install V8 and above | PI51130 | Updating Liberty using group-mode Installation Manager does not set group-write bits | |
PI55969 | An update to the licenses in IBM WebSphere Application Server Liberty V8.5.5.9 is required. | ||
Intelligent Management Component | PI53304 | Auto scaling does not fully scale in to the minimum number of servers or scale out to the maximum number of servers | |
PI57006 | A scaling controller might not register a scaling member correctly when the member starts. | ||
PI57007 | ConcurrentModificationException in com.ibm.ws.scaling.controller.topology.RepositoryMonitor$UpdateHandler | ||
PI57982 | In a Liberty collective, not all instances of an application are used when routing with Intelligent Management for Web Servers. | ||
Java 2 Connectivity (J2C) | PI53120 | Datasource connection pool minimumPoolSize to be 0 by default for newly created datasources | |
PI54230 | ClassNotFoundException when using generic RA in Liberty | ||
Java Persistence API (JPA) | PI46699 | A null value is returned when trying to use OpenJPA's DelegatingConnection's unwrap() | |
PI47094 | ClassCastException using a shared JPA module on JPA 2.1 | ||
PI47144 | Merging an unmanaged entity multiple (3) times leads to an exception. | ||
PI50341 | Using java.sql.Timestamp data type for entity version value requests current timestamp from wrong SYSIBM table on DB2 | ||
PI50694 | ClassCastException is thrown in JPA when QueryCache is enabled | ||
PI51878 | ddlGen script is shipped in ASCII instead of EBCDIC in Liberty 8.5.5.7 | ||
PI52209 | EntityNotFoundException in OpenJPA | ||
PI53589 | OpenJPA fastpath broken on Java 8 | ||
PI56340 | OutOfMemoryError from org.apache.bval.cdi.BValExtension$Releasable objects not being released. | ||
PI56499 | AbstractMethodError occurs when using JPA with beanvalidation-1.1 feature | ||
PI58001 | NullPointerException from org.eclipse.persistence.queries.ReadObjectQuery under heavy loads | ||
PI58005 | With a Liberty image consisting of only EE7 features, importing javax.persistence 2.1 with WDT requires an internal attribute. | ||
JavaServer Faces (JSF) SunRI implementation | PI46218 | DeploymentException occurs if different web modules in an enterprise application have CDI beans with the same name | |
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI45044 | JSF problem in a Portlet environment: Form inputs inside a data table lose their values if validation fails | |
PI47885 | h:selectManyCheckbox and h:selectOneRadio components do not support f:ajax tags. | ||
PI49486 | MyFaces leaking file descriptors when reading stylesheet files | ||
PI50108 | JSF component binding with ViewScope beans does not work and causes an exception | ||
PI51038 | Fix EL 3.0 ImportHandler support in JSF 2.2 | ||
PI53555 | JSF ViewScope implicit objects are not resolved in JSP pages | ||
PI54702 | Null renderer-type tag causes custom TagLib xml parse error | ||
JavaServer Pages (JSP) | PI52851 | Changing JavaServer Pages (JSP) features between requests can result in a java.lang.NullPointerException. | |
Liberty Application Services | PI51184 | CWWKG0031E is received after commenting out a JNDI element and then adding it back at runtime | |
PI51375 | Application Manager change to make time waiting for apps at startup configurable | ||
PI52936 | Application classes provides incorrect values when calling getProtectionDomain().getCodeSource().getLocation() | ||
PI54707 | Intermittent ConcurrentModificationException thrown on startup when two Liberty apps use a privateLibraryRef. | ||
PI55383 | Client container application fails to run | ||
PI55891 | SPI classes under com.ibm.ws.container.service reference some non-SPI classes | ||
PI56452 | NullPointerException in WABInstaller.java results in "Unable to install bundle" message | ||
PI56644 | SPI classes under com.ibm.ws.javaee.dd reference some non-SPI types | ||
PI56831 | Classloader.getResource("") does not return url to WEB-INF/classes | ||
Liberty Debug and Tracing | PI51841 | Request timing can accidently remove an executing request from the active request list | |
PI52003 | New "JSON" format added to binarylog command | ||
PI54917 | ConcurrentModificationException in collector manager | ||
PI55910 | Logging in InvocationContextImpl outputs array IDs instead of array contents | ||
Liberty Kernel | PI51988 | Invoking productInfo with valid command but bad option does not give errors | |
PI52309 | WebSphere Liberty default executor auto-tuning is disabled when an embedder overrides the default ThreadFactory. | ||
PI53867 | ScheduledExecutorService can temporarily leak classloaders for canceled tasks. | ||
PI54458 | Wrong charset returned in page-not-found error when incorrect context root is requested. | ||
PI55031 | Fix defect in Equinox framework to incorporate in Liberty | ||
PI55670 | Liberty File URLs contain incorrect number of '/' characters | ||
PI56645 | Configuration conflict warning message needs improvement | ||
PI56678 | FileNotFoundException when application start-up fails. | ||
PI57314 | JSP classloading ignores the application parent-last classloader setting | ||
PI57974 | OSGi applications may be able to get access to OSGi services provided by Liberty feature bundles which are not considered API. | ||
PI57975 | Deadlock may occur when creating a Java util logging Logger | ||
PI57980 | Improper error when running Liberty scripts with unsupported Java version. | ||
PI57981 | Changing SSLDefault may still require unnecessary configuration of defaultKeystore | ||
PI58006 | Feature updates are less likely to result in unnecessary component activation and deactivation | ||
PI58035 | When installing features using the installUtility jaccWeb-1.5 and ejbComponentMetadataDecorator-1.0 are not installed | ||
Liberty System Management | PI53219 | Wrong locale in the content when calling REST API to generate schema | |
Liberty z/OS | PI50915 | More details is provided for some failures in WOLA connections via Liberty | |
PI51171 | Allow WOLA client to re-connect after a Liberty server failure or recycle | ||
PI51329 | Default JAVA not read from java.env when server is started with a PROC. | ||
PI53339 | Liberty on z/OS fails to route messages to MSGLOG DD card | ||
PI53469 | z/OS Connect does not preserve JSON payload element ordering as shown in copybook files. | ||
PI53842 | Basic authentication not working z/OS Connect dynamic services | ||
PI54855 | Liberty on z/OS does not pick up the IFAUSAGE properties file in the product extension directory | ||
PI54886 | When starting a Liberty server that has zoslocaladapters configured the sever abends with a System 106. | ||
PI55029 | Liberty started task does not expand @WLP_INSTALL_DIR@ when used in the path specified by WLP_DEFAULT_JAVA_HOME in java.env. | ||
PI56289 | Calls to WOLA services BBOA1* may hang when Liberty server is cancelled or ABENDs | ||
PI56385 | Message CWWKB0101I does not provide enough information to diagnose problems connecting to an Angel process. | ||
PI56987 | WLP_SKIP_UMASK=true is not working when Liberty server is started from a started task on z/OS | ||
Messaging Providers | PI47483 | [WARNING ] CWWKG0032W: Unexpected value specified for property | |
Performance Monitoring Tools | PI55077 | Monitor group filter does not work with the component which are not using the code intstrumentation. | |
Security | PI50399 | NullPointerException thrown at com.ibm.ws.transport.iiop.security in Liberty profile | |
PI51188 | Login fails with mixed-case password phrase on z/OS. | ||
PI52181 | Liberty incorrectly displays warning message aboutWSGUEST user missing the RESTRICTED attribute | ||
PI52566 | Incorrectly returning CWWKS4306E when application URI is unprotected and Liberty receives an expired LtpaToken | ||
PI57413 | CWWKE0702E: Could not resolve module: com.ibm.ws.management.security is logged when zosSecurity-1.0 is enabled. | ||
PI57668 | Collective member certificate login fails with LDAP or Federated user registry | ||
Sessions and Session Management | PI53220 | Session attribute not stored with Oracle as database session persistence and MultiRowSchema=true | |
Systems Management Functions | PI58002 | Collective replica restart may fail | |
Virtual Member Manager (VMM) | PI48674 | LDAP binary attribut handling in VMM | |
Web Container | PI42598 | Filter with only WebFilter annotation does not get invoked | |
PI43752 | AsyncContext.dispatch() dispatches to an incorrect URI | ||
PI52414 | While using an upgrade request the quiesce operation did not complete | ||
PI52415 | isFinished on a stream can return true before the stream is fully read | ||
PI53854 | Unable to retrieve the REMOTE_USER from the WSRU header without using any security in Liberty | ||
PI54235 | A redirect using an URI relative to the current request URL redirects to the wrong URL | ||
PI54414 | Managed thread factory not available in ServletContextListener.contextInitialized | ||
PI54701 | The Servlet SPI was refactored to provide a complete set of SPI classes. | ||
PI57884 | Blocking write is not allowed once WriteListener is enabled. | ||
PI58013 | If an error occurs during a request with a ReadListener and is upgraded, a quiesce operation may not complete properly | ||
Web Services (JAX-WS, JAX-RS) | PI48389 | @PreDestory method invoked twice when @RequestScoped annotated on resource class and no @Context field in the class | |
PI50692 | Data conversion issue for Multi-part MIME on mainframe (z/OS) | ||
PI51798 | Liberty JAX-RS implementation may throw NullPointerException | ||
PI52014 | User customized provider life cycle annotation @PostConstruct @PreDestroy not work or throw NullPoint Exception when stop server | ||
PI54152 | Liberty profile JAX-RS 2.0 Client Side Built-in Providers Installation Performance Issue | ||
PI55038 | Injection on implementation of ParamConverterProvider in JAX-RS 2.0 fails with NullPointerException | ||
PI55547 | Customized EJB ExceptionMapper cannot be mapped to user defined Exception in more than two JAX-RS 2.0 Applications | ||
PI56455 | ClassNotFoundException loading the jaxws-2.2 and appSecurity-2.0 features | ||
Web Services Security |
✓
|
PI49272 | Cross site scripting vulnerability in Oauth Service Provider CVE-2015-7417 |
PI57265 | Add OpenID Connect relying party (RP) config option to specify whether to do client side redirect | ||
✓
|
PI58003 | Cross-site scripting vulnerablility in OIDC client web application | |
WMQ messaging providers | PI43413 | Deadlock in controller due to timing window in the recovery log service; servant times out | |
PI53471 | Extended Unit of Work API may not throw errors back to the application when they occur during transaction end processing. | ||
PI53472 | Thread safety defect in Unit of Work manager initialisation | ||
PI53661 | When inside an @Transactional declarative transaction, an error is thrown upon entering an @TransactionScoped context. | ||
PI54151 | Unable to find the @Transactional annotation | ||
PI56465 | @TransactionScoped bean instances do not have their @PreDestroy-annotated destructors called. | ||
PI56466 | Access to UserTransaction methods is not correctly disabled within nested @Transactional annotations | ||
PI56467 | @Transactional rollBackOn/do not RollbackOn scans the exception class hierarchy in the wrong direction | ||
PI56529 | @Transactional annotation processing code emits FFDC when encountering RuntimeExceptions in the dontRollBackOn list |
Fix release date: 11 December 2015 Last modified: 11 December 2015 Status: Superseded ![]() |
|
Component
|
Security APAR
|
APAR
|
Description
|
Contexts and Dependency Injection (CDI) | PI47250 | Liberty Profile with CDI 1.2 and CDI enabled application has slow startup | |
PI49410 | Publish the Weld 3rd party version on the repackaged Bundle-Description | ||
PI49978 | If CDI 1.2 is enabled then a BeanManager could be returned when resolving any JNDI value. | ||
PI50790 | Turn off beans.xml validation by default. | ||
PI50802 | ProcessInjectionTarget and ProcessInjectionPoint events are not fired when processing non-CDI Interceptors. | ||
PI52419 | Export weld packages so that DeltaSpike Scheduler can be supported | ||
EJB Container | PI47475 | A NameNotFoundException occurs for injection of resource into ManagedBean in EJB module | |
PI48390 | IllegalStateException thrown during server stop when j2eeManagement feature is installed | ||
General | PI42523 | Root not injected on URL containing query but omitted path | |
✓
|
PI45266 | HTTP response splitting vulnerability CVE-2015-2017 | |
PI47651 | An OutOfMemory error can occur from a leak in WebSockets when websocket session timeout is set | ||
PI47954 | Future.get can hang during ManagedTaskListener.taskStarting for repeating task | ||
PI48097 | Cleanup of resources can be missed after Thread.run for threads created by a ManagedThreadFactory. | ||
PI48327 | WLP does not handle requests successfully during shutdown | ||
PI48759 | The TCP Channel's Host Name Include and Exclude lists are case sensitive | ||
PI50766 | ExecutionException raised instead of AbortedException for aborted task | ||
PI51046 | BATCHMANAGER SCRIPT WebSphere Application Server SHIPPED IN ASCII ENCODING ON z/OS INSTEAD OF EBCDIC ON LIBERTY 8.5.5.7 | ||
PI51656 | COMM_FAILURE exception raised during IIOP invocation due to IIOP connection being closed while in use | ||
PI52303 | Duplicate IIOP request IDs lead to incorrectly parsed response (from incorrectly handled reply message). | ||
Install V8 and above | PI51982 | LIBERTY 8557 CANNOT ROLLBACK TO LIBERTY 8553 AND BELOW | |
Intelligent Management Component | PI49835 | java.lang.IllegalStateException: The ScalingMemberReplacementService service is not available | |
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI47095 | A java.lang.ClassNotFoundException can occur during deserialization of the HTTP session | |
PI47578 | An UnsupportedOperationException is thrown with an eager ManagedBean containing a ManagedProperty in JSF 2.2 | ||
PI47600 | The "class" attribute cannot be set in a custom tag in JSF 2.2 | ||
JavaServer Pages (JSP) | PI43036 | JspTranslationException when using a JSP tag containing another tag with deferred-attributes | |
PI44611 | JSP engine throwing an IllegalStateException when PageContext.findAttribute(string attributename) is called | ||
PI46827 | Memory leak in javax.el.BeanELResolver caused by application restarts | ||
Intelligent Management Component | PI52161 | Liberty collective server status is not in sync with DataPower status query | |
Liberty Application Services | PI50370 | Unnecessary IllegalStateException FFDC created during some server stops | |
Liberty Archive Install | PI50812 | Some download error messages are shared with install error messages, but the content of the message only mentions install. | |
Liberty Debug and Tracing | PI49056 | NullPointerException when updating traceSpecification programmatically. | |
PI50369 | NullPointer in MethodInfoImpl tracing | ||
PI51010 | Liberty core dumps when -Xhealthcenter:level=inprocess jvm option is used with health center agent version 3.0.5 or above | ||
Liberty Kernel | PI46358 | Problem with notify call for updateTrigger="mbean" | |
PI46856 | Unused server.env file generated when creating client processes using Java 8 | ||
PI47941 | Liberty featureManager command may hang until killed | ||
PI48377 | Unable to use wlp-featureRepo-8.5.5.7.zip as a directory based repository in WDT | ||
PI49759 | When setting the trace file name to 'stdout', the distinction between error and general output messages is lost. | ||
PI49927 | UPDATE TO COMMAND PRODUCTINFO VIEWLICENSEINFO | ||
PI50096 | When Java security is enabled application class loaders may get access to internal packages contained in liberty profile | ||
PI50775 | There needs to be a space character preceding the ellipses mark used in some install command line messages. | ||
PI51403 | SSL support does not start properly | ||
PI52579 | Errors after adding or configuring additional content to server when the server installation path contains unsafe characters | ||
Liberty z/OS | PI46937 | Security identity not propagated from batchManagerZos to batch exectuor in multi-server environment causes JobSecurityException | |
PI47050 | Unintall zosBundle addon fails if use Java7 to run Liberty installUtility | ||
PI47248 | PERMISSION ERRORS ACCESSING RESOURCES IN THE SERVER'S WORKAREA DIRECTORY USING APPLICATION SYNCTOOSTHREAD WITH JSP INCLUDE TAG | ||
PI47476 | CWWKT0022E IN LIBERTY SERVER WHEN USING DVIPA HOSTNAME DEFINED BY VIPARANGE | ||
PI47730 | SERVICEABILITY ENHANCEMENTS TO ENABLE TRACING IN THE TOOLING THAT z/OS CONNECT USES | ||