IBM Support

Fix packs for DataPower Gateway version 2018.4

Download


Abstract

Lists of fixes in fix packs for IBM DataPower Gateway version 2018.4.

Download Description

Fix packs and firmware images are located in Fix Central.

  • In IBM Knowledge Center you can find information about new and changed features, limitations, and restrictions.
  • For new features, see What's new.
  • For changes, see What's changed.
  • For limitations and restrictions, see the Release notes.
  • To download fix packs, go to the Fix Central website.


Important:



2018.4.1.9

Release date: 13 December 2019
Last modified: 13 December 2019
Status: Available

APAR
Description
IT29556 IMPORTING A DOMAIN WITH A STANDBY-CONTROL OBJECT THAT HAS A NULL VIP CAN CAUSE A RELOAD
IT30133 NTP SERVICE CHANGING AUTOMATICALLY AND ASKING TO SAVE CHANGES.
IT30269 DOMAIN RESTART IS DELAYED, LOGS SHOW CANNOT BE DELETED. IN USE BY: PASSWORD-ALIAS
IT30483 THE ESCAPING FOR A PLUS SIGN IN AN LDAP RDN IS REMOVED DURING PROCESSING.
IT30517 DATAPOWER ON ICP IS RELOADED IF AN API CALL INCLUDES A VALIDATION PROCESS WITH COMPLEX SCHEMA.
IT30525 DATAPOWER MIGHT RELOAD UNEXPECTEDLY DUE TO PROBE USAGE ON A SERVICE CONTAINING ASYNCHRONOUS ACTION
IT30565 AFTER UPGRADE TO 2018.4.1.7 THE DATAPOWER "DELETE ALL RECORDS FROM ALL DOMAINS" GUI ACTION NO LONG WORKS.
IT30604 THE 'DELETE API-RATELIMIT' COMMAND DOES NOT WORK AS DOCUMENTED.
IT30607 EXAMPLE FROM THE MAP POLICY PROPERTY'S INLINE SCHEMA FAILS MAP POLICY TO COMPLETE SUCCESSFULLY
IT30611 ASSEMBLY RATE LIMIT KEY GENERATED IN PLAN-DEFAULT CANNOT BE DELETED
IT30716 ASYNC RATELIMIT DELETE COMMANDS FOR QUOTA-ENFORCEMENT NOT WORKING CORRECTLY.
IT30815 OAUTH EMPTY USER ID CAN RESULT IN RELOAD OF FIRMWARE
IT30836 MEMORY GROWTH MAY OCCUR ON DATAPOWER WHEN USING DISTRIBUTED CACHING FOR OAUTH APIS.
IT30858 TTL VALUE IN FS MODULE IS HANDLED DIFFERENTLY FROM THE SETTING.
IT30869 DATAPOWER MAY RETURN INVALID JSON IN RESPONSE DUE TO ADDING A COMMA.
IT30947 POTENTIAL EXPOSURE OF SENSITIVE DATA (CVE-2018-14348)
IT30948 2 SSL ISSUES (CVE-2018-0734, CVE-2019-1559)
IT30949 POTENTIAL EXPOSURE OF SENSITIVE DATA (CVE-2018-0495, CVE-2018-12404)
IT30950 SECURITY VULNERABILITIES IN OPENSSL (CVE-2019-1547, CVE-2019-1563)
IT31037 MEMORY GROWTH MAY OCCUR ON DATAPOWER WHEN USING SPECIFIC FUNCTIONS THAT RELATE TO JSONX CONVERSIONS.
IT31066 TLS CLIENT PROFILES DEFINED IN API ASSEMBLY SOMETIMES ARE MISSING IDENTIFICATION AND VALIDATION CREDENTIALS
IT31093 CANNOT BE DELETED ERRORS FOR GATEWAY-PEERING / GATEWAY-PEERING-MANAGER / APIC-GW-SERVICE OBJECTS
IT31124 APIPROBE-SETTINGS IS DOWN ENABLED THE OBJECT HAS NOT PROCESSED ANY CONFIGURATION
IT31447 API CONNECT TEST TOOL MIGHT FAIL TO TEST API IF MULTIPLE APIS HAVE THE SAME PATH

Back to top


2018.4.1.8

Release date: 29 October 2019
Last modified: 4 December 2019
Status: Available

The original 2018.4.1.8 fix pack published on 29 October 2019 is replaced to include the fixes for IT30849 and IT30923.

APAR
Description
IT19884 CPA IMPORT CREATES DEPRECATED SSL PROXY PROFILES
IT27493 IPMI SERIAL-OVER-LAN SESSION MIGHT BE LEFT OPEN IF NOT CLOSED CORRECTLY
IT28436 DATAPOWER JMS CONNECTION IGNORES WEBSPHERE APPLICATION SERVER RETRY SETTINGS
IT29519 SSH SERVICE ON DATAPOWER USE PUBLIC KEY WITH LENGTH 1024 BITS.
IT29791 TLS SERVER PROFILE INCOMPLETELY POPULATED FROM API CONNECT IF IT CONTAINS INTERMEDIATE CA CERTIFICATES
IT29881 MEMORY GROWTH MIGHT OCCUR IN PEER MEMBERS WHEN API RATE LIMITING IS ENABLED.
IT29882 JWT/JWS ISSUE - API GATEWAY NOT COMPLIANT WITH RFC 7797
IT29947 AFTER RESTORING API CONNECT, THE GATEWAY LOSES CONNECTION
IT30022 SECURITY ACCESS MANAGER MIGHT HANG OR RELOAD ON STARTUP
IT30046 INVOKE ASSEMBLY ACTION MIGHT INCORRECTLY ENCODE THE TARGET URL
IT30100 SOURCE-IMS-CALLOUT OBJECT CAN CAUSE DATAPOWER TO RELOAD DURING CONFIGURATION, STARTUP OR QUIESCE AND RESTART DOMAIN
IT30116 JWS EXP HEADER MIGHT YIELD A PARSE ERROR IF IT IS NUMERIC TYPE
IT30150 THE TEST HARDWARE COMMAND INDICATES PACKET DROPS AS AN INTERFACE ERROR
IT30171 INCONSISTENT API DOWNSTREAM ROUTING BEHAVIOR CAUSED BY PARTIAL MATCH IN PATH TEMPLATE
IT30191 DATAPOWER MIGHT RELOAD DUE TO ODR FAILING TO REBUILD THE ROUTING TABLE WHEN BACKEND CLUSTER IS OFFLINE
IT30192 DATAPOWER MIGHT EXPERIENCE CPU SPIKE AFTER DOMAIN IS QUIESCED
IT30201 DATAPOWER MIGHT RELOAD WHEN THE SQL AND PASSWORD MAP ALIAS INTERACT AT STARTUP
IT30223 API GATEWAY MIGHT PROCESS CONFIGURATION UPDATES SLOWLY AND TIMEOUT
IT30246 DATAPOWER AS SFTP POLLER OR SFTP CLIENT MIGHT LOSE CONNECTION INTERMITTENTLY
IT30263 POTENTIAL KERBEROS DOS
IT30264 POTENTIAL DOS INVOLVING TCP SACK MECHANISM
IT30265 JRE SECURITY UPDATE
IT30266 ADDRESS POTENTIAL HTTP/2 DENIAL OF SERVICE
IT30271 API CONNECT GATEWAY SERVICE MIGHT GO DOWN IF CONFIGURED WITH V5 COMPATIBILITY AND RBM
IT30284 DOCUMENT CACHE RETAINS INVALID STATE OF URL DOCUMENT WHEN HEAD RESPONSE ON EXPIRED DOCUMENT HAS CONTENT-LENGTH OF 0.
IT30295 POST REQUEST SENT TO GUI URI DP/INDEX.HTML SHOULD NOT RETURN A HTTP 200 RESPONSE CODE
IT30303 GET REQUEST SENT TO AN INVALID GUI URL INCORRECTLY RETURNS A HTTP 200 RESPONSE CODE
IT30438 TYPE 8441: MISSING SEVERAL SENSORS FROM THE ERROR REPORT
IT30439 IPMI SEL UNAVAILABLE IN DIAGNOSTICS MODE
IT30492 DATAPOWER MAY FAIL TO START IN KUBERNETES OR DOCKER ENVIRONMENT DUE TO INCORRECT CPU CORE CALCULATION
IT30493 LATENCY AND EXTLATENCY LOG MESSAGES MIGHT CONTAIN INCORRECT INFORMATION WHEN REQUEST IS HTTP GET
IT30513 DATAPOWER FOR DOCKER, DATAPOWER FOR LINUX: DISABLING MEMORY THROTTLE DUE TO INCORRECT MEMORY MANAGEMENT
IT30567 SUBSCRIBER GATEWAY PEERING INSTANCE INCORRECTLY MANAGES TCP CONNECTIONS
IT30615 WHEN SERVER CREDENTIAL VALIDATION ENABLED IN API CONNECT, DATAPOWER DISABLED DESPITE PROVIDED TRUSTSTORE
IT30849 INTERMITTENT API INVOCATION FAILURES ON THE GATEWAYS
IT30923 INVOKE ASSEMBLY ACTION MIGHT INCORRECTLY TRUNCATE THE PATH OF THE TARGET URL

Back to top


2018.4.1.7

Release date: 13 August 2019
Last modified: 26 August 2019
Status: Available

APAR
Description
IT23601 B2B HIGH-AVAILABILITY MIGHT FAIL TO WORK CORRECTLY IF USING A HOST-ALIAS FOR REPLICATION LISTENER ADDRESS
IT23808 FORMAT:EMAIL IN JSV, REFERENCED BY ANOTHER JSV BEING COMPILED RESULTS IN CATASTROPHIC COMPILE ERROR
IT23870 DATAPOWER ON DEMAND ROUTER (DP-ODR) MIGHT CAUSE RELOAD
IT28401 DATAPOWER INCORRECTLY ESCAPES SEQUENCE OF 2 REVERSE SOLIDUS CHARACTERS USING DP:ENCODE(_, JSON-ESCAPE )
IT28435 DATAPOWER FTP POLLER HANDLER UNABLE TO PROCESS FILE THAT HAS SPECIAL CHARACTERS IN THE FILENAME
IT28534 ETHERNET COUNTERS MIGHT WRAP AT 4294967296 AND DISPLAY INCORRECT VALUES
IT28633 DATAPOWER MIGHT RELOAD DURING A SECURE BACKUP.
IT28734 RELOAD WHEN USING DP:GET-METADATA EXTENSION FUNCTION WHEN PROBE IS ENABLED
IT28859 DATAPOWER MQ URL-OPEN CONNECTIONS MIGHT RESULT IN FREQUENT RELOADS
IT28867 PARSE ACTION WITH A NULL OUTPUT CONTEXT MIGHT RELOAD THE DEVICE
IT28891 ODR COMPONENT MIGHT CAUSE A RESTART ON DATAPOWER APPLIANCES WITH OLDER ODR LIBRARY VERSIONS
IT28895 HTTP FRONT SIDE HANDLER MIGHT NOT BE READY FOR SUBSEQUENT TRANSACTION AND DATAPOWER MIGHT RELOAD
IT28936 DATAPOWER MIGHT RELOAD WHEN INQUIRING THE QUEUE INFORMATION WITH DYNAMIC MQ URL WITHOUT DEFINING THE HOST IP
IT29001 TYPE 8441 HSM3 DOES NOT ALLOW EXPONENT 3 KEYS
IT29022 SLM PEERING MIGHT NOT WORK CORRECTLY DUE TO TRANSACTION ID BEING INCORRECTLY MAPPED
IT29026 DATAPOWER MIGHT RESTART WHEN LOGGING SSL ERROR MESSAGES UNDER HIGH LOAD
IT29105 THE SENDER MAC ADDRESS FIELD IN THE GRAT ARP CAN TO GO TO ALL 0S AFTER SOME PERIOD OF TIME
IT29177 SFTP/SSH CONNECTION MIGHT WATCHDOG AND GENERATE A BACKTRACE IN TEMPORARY
IT29199 SNMP MIGHT STOP RESPONDING AND AN UNEXPECTED RELOAD MIGHT BE SEEN
IT29214 CONNECTION FAILURES WITH CERTAIN FEATURES SUCH AS TIBCO-EMS AND JMS MIGHT RESULT IN EMPTY STATUS PROVIDERS OR RELOAD
IT29236 DATAPOWER MIGHT ERRONEOUSLY CANCEL TRANSACTION IF TRANSACTION TIMEOUT IS SET IN CONJUNCTION WITH PERSISTENT CONNECTIONS
IT29269 DATAPOWER MIGHT RELOAD IF THE HTTP FRONT SIDE CONNECTION TERMINATED BEFORE THE ASYNC ACTION IN B2B GATEWAY COMPLETED
IT29271 SAVING THE CONFIGURATION IN WEB GUI NOT POSSIBLE ON CRL RETRIEVAL INCERTAIN SCENARIOS
IT29326 VERIFY ACTION FAILS WITH CERTIFICATE NOT FOUND IF ISSUER CONTAINS SPECIAL CHARACTERS
IT29353 API CONNECT GATEWAY SERVICE, API-PROBE, API-SECURITY-TOKEN-MANAGER NEED DEFAULT CONFIGURATION TO ALLOW DISABLED AND DOWN STATE
IT29364 SPECIAL CHARACTERS IN DATAPOWER NAME MIGHT CAUSE DOWNLOAD FAILURE OF AN ILMT FORCE SCAN PACKAGE.
IT29420 THE CONSECUTIVE SLASHES IN THE QUERY STRING OF AN API REQUEST WILL BE STRIPPED UNEXPECTEDLY
IT29446 MEMORY USE MIGHT GROW AND NEVER RELEASE, IF GATEWAY PEERING IS ENABLED
IT29457 DATAPOWER GATEWAY MIGHT HAVE PROBLEMS TRYING TO SYNC CATALOGS FROM THE API MANAGER
IT29488 API CONNECT GATEWAY SERVICE MAY NOT BE ABLE TO SYNC FOR LARGE CATALOGS
IT29502 PLS-00306: WRONG NUMBER OR TYPES OF ARGUMENTS IN CALL TO (STARED_PROCEDURE_NAME)
IT29523 ERROR MESSAGE IS INCORRECT WHEN SETTING NEW PASSWORD TO CURRENT PASSWORD WITH PASSWORD CONTROL-REUSE SETTING
IT29533 GZIP RESPONSE PAYLOADS CANNOT BE PASSED THROUGH TO THE CLIENT
IT29544 ARCFOUR (RC4) AND 3DES CIPHERS ARE NO LONGER IN DEFAULT LIST
IT29549 DATAPOWER WEBGUI DOES NOT DISPLAY A VALIDATION CREDENTIAL ON THE SSL CLIENT PROFILE WHEN HOST NAME VALIDATION FAIL ON ERROR
IT29603 DATAPOWER MIGHT LOG OAUTH TOKENS AT INFORMATION LEVEL
IT29677 CSRF SUPPORT MIGHT YIELD 500 ERRORS IN WEBGUI
IT29691 GATEWAY RETURNS ERROR WHEN CALL API WITH PATCH OPERATION
IT29703 ADDRESS COMMAND INJECTION VULNERABILITY (CVE-2019-4294)
IT29747 ASSEMBLY INVOKE ACTION MIGHT RETURN 500 ERROR
IT29895 CATALOG METADATA COMMUNICATION BY API MANAGER TO API CONNECT GATEWAY SERVICE MIGHT BE PROCESSED SLOWLY
IT29897 IF API CONNECT GATEWAY SERVICE RECEIVES CONFIGURATION DATA FROM API MANAGER IN WRONG ORDER, PROCESSING MIGHT BE SLOWER
IT29943 API GATEWAY SERVICE EXPECTS X509 CERTIFICATE WITHOUT LINE BREAKS
IT30030 ERROR 404 WHEN USING SWAGGER DATE FORMAT FOR PATH PARAMETER

Back to top


2018.4.1.6

Release date: 12 June 2019
Last modified: 12 June 2019
Status: Available

APAR
Description
IT25188 DATAPOWER MIGHT WRITE TO THE INPUT CONTEXT TO OUTPUT CONTEXT WHEN NULL IS USED FOR A FILTER OR XFORM ACTION
IT27954 DATAPOWER MIGHT NOT CORRECTLY PROCESS WEBSOCKET UPGRADE WHEN RESPONSE TYPE IS JSON
IT28391 DOMAIN RELOAD MIGHT TAKE EXTRAORDINARILY LONG TIME IF A VERY HIGH NUMBER OF SIMILAR OBJECTS ARE DEPLOYED ACROSS MANY DOMAINS
IT28423 GENERATING ERROR REPORT WHEN GATEWAYSCRIPT (JAVASCRIPT HEAP) IS OUT OF MEMORY RESULTS IN AN UNEXPECTED RELOAD
IT28609 A SINGLE GWS ACTION RUNNING MULTIPLE ASYNCHRONOUS URLOPEN.OPEN CALLS MAY HANG IF ERRORS OCCUR ON THE OPEN CALL.
IT28667 DATAPOWER MIGHT RELOAD IF CERTIFICATE OBJECTS ARE UPDATED WHILE BEING USED FOR ACTIVE TRANSACTIONS
IT28669 WTX TRANSACTIONS MIGHT FAIL WITH INTERNAL ERROR
IT28795 FTP SERVER HANDLER MIGHT SUFFER CLOSE-WAIT CONNECTIONS AND CONTRIBUTE TO CPU HIGH
IT28798 MS SQL STORED PROCEDURES FAIL POST UPGRADE
IT28850 DATAPOWER MIGHT EXPERIENCE A RELOAD WHILE ATTEMPTING TO LOG SSL ERROR INFORMATION
IT28885 DATAPOWER MIGHT RELOAD UNEXPECTEDLY IF OAUTH SCOPE IS RETURNED EMPTY FOR INTROSPECTION
IT28902 ENABLE USE OF GARBAGE COLLECTION ON DOCKER
IT28908 UPDATE SECURE GATEWAY CLIENT ON DATAPOWER TO SGC 1.8.2FP1
IT28956 BASE64 CREDENTIALS MIGHT BE ECHOED BACK FOR SOME XML-MGMT RESPONSES
IT28992 LARGE MIME ATTACHMENTS MAY BE MISSING END BOUNDARY WHEN USING DYNAMIC ROUTING
IT28999 MIME CONTENT-ENCODING HEADER RFC CHECK MIGHT IGNORE SOME INVALID VALUES
IT29004 ADMIN USER IS ENABLED BY DEFAULT FOR IPMI ACCESS
IT29058 WHEN THE DATA SOURCE OBJECT STATUS IS NOT STABLE, DATAPOWER MIGHT INCORRECTLY REPORT ODBC LICENSE ERROR
IT29074 DATAPOWER MIGHT RELOAD UNEXPECTEDLY IF IN-FLIGHT TRAFFIC MEETS AN IN-PROGRESS API GATEWAY CONFIGURATION CHANGE
IT29143 CALLS TO AN API OPERATION MIGHT ROUTE TO THE WRONG API WHEN THE OPERATION AND URL PATH ARE NOT UNIQUE
IT29289 API CONNECT GATEWAY SERVICE FAILS TO START WHEN GATEWAY PEERING USES A P12 CERTIFICATE WITH PASSWORD
IT29314 SOME SPECIAL CHARACTERS IN PASSWORD CAUSE HTTP AUTHENTICATION TO FAIL

Back to top


2018.4.1.5

Release date: 29 April 2019
Last modified: 29 April 2019
Status: Available

APAR
Description
IT28426 SLM RATE LIMIT POLICY IS NOT WORKING FOR DAILY INTERVALS
IT28720 A JWS '?HTTP://OPENBANKING.ORG.UK/IAT' HEADER MIGHT YIELD A PARSEERROR FOR INVALID TYPE WHEN SETTING IT IN A PROTECTED HEADER
IT28772 DATAPOWER IS AFFECTED BY CWE-1021
IT28825 DATAPOWER MAY RELOAD WHEN AN API IS CALLED JUST AFTER THE APIS HAVE BEEN PUBLISHED FROM API CONNECT.
IT28828 POTENTIAL ORACLE ATTACK IN DATAPOWER SSL.
IT28833 REQUEST HEADER WITH MORE THAN 200 CHARACTERS CAUSES RESTART OF PODS
IT28834 POTENTIAL SPOOFING ATTACK VULNERABILITY IN DATAPOWER SCP.
IT28893 JRE SECURITY UPDATE

Back to top


2018.4.1.4

Release date: 1 April 2019
Last modified: 1 April 2019
Status: Available

APAR
Description
IT26450 CONFIGURATION MIGHT BE DUPLICATED ON DOMAIN RESTART RESULTING IN INSTABILITY WHEN MANAGING CONFIGURATION
IT26756 UNABLE TO EXECUTE CONFIG://DPPATTERNS.CFG STARTUP ERROR AFTER UPGRADE FROM PRE-7.5 VERSION TO 760
IT27065 DATAPOWER MIGHT UNEXPECTEDLY RELOAD USING THE WEB SERVICE MANAGEMENT AGENT
IT27073 DATAPOWER CLI TEST TCP-CONNECTION TIMEOUT PARAMETER IS NOT HONORED
IT27113 DATAPOWER MIGHT RELOAD UNEXPECTEDLY IF TRACEROUTE OR PING CANNOT FIND A VALID ROUTE
IT27167 MQ FILE MISSING NOTIFICATION UPON WEBGUI LOGOUT
IT27282 DATAPOWER MAY RESTART UPON ENABLING RAID OBJECT
IT27286 MISMATCH OF BACKUP MODE BETWEEN WEBGUI AND CLI
IT27355 USING LOADBALANCER GROUP PARTIAL HEALTHCHECK DATAPOWER MIGHT RELOAD UNEXPECTEDLY
IT27495 DATAPOWER MIGHT RELOAD WHEN CHECKPOINTS ARE TAKEN
IT27651 DATAPOWER MIGHT FACE UNEXPECTED RELOAD IN RARE CIRCUMSTANCES THAT INVOLVE MQ CONNECTIVITY ON FRONT AND BACKSIDE.
IT27726 MQ CONNECTION STATUS SHOWS HIGH NUMBER OF ACTIVE CONNECTIONS
IT27799 SFTP SERVER HANDLER DOES NOT CONVERT FILE SIZES OVER 2GB CORRECTLY
IT27873 DATAPOWER MIGHT RELOAD IF SFTP URL-OPENER FACES CONNECTIVITY ISSUE WITH SFTP BACKEND
IT27949 PUBKEY-AUTH POLICY MIGHT NOT INCLUDE THE USER WHEN CONNECTING TO SFTP BACKENDS
IT28088 REQUESTS MIGHT HANG IF HTTP RESPONSE HAS COMPRESSION ENABLED BUT NO DATA IN THE BODY
IT28138 API GATEWAY SERVICE DOES NOT PROPERLY BIND TO SINGLE IP
IT28338 WHEN AN API IS CALLED OR PUBLISHED, THE DATAPOWER WEBGUI SAYS THAT CONFIG HAS CHANGED
IT28375 SOAP API REQUEST WITHOUT CONTENT-TYPE HEADER TO A DATAPOWER API GATEWAY WITH A SOAP API MIGHT CAUSE GATEWAY TO RELOAD
IT28381 DATAPOWER MAY FAIL TO CONVERT KDB TO SSL PROXY PROFILE WITH MQ 9.0.0.1 KDB
IT28389 POSSIBLE INCORRECT VALUE OF QUOTA ENFORCEMENT RATELIMIT USING CONCURRENT METHOD
IT28413 WHILE CALLING API FROM ASSEMBLY, IT SHOWS CORS ERROR AND 400 BAD REQUEST
IT28450 THE FAILOVER MAY NOT HAPPEN TO QUOTA ENFORCEMENT SERVER WHEN A NETWORK GOES DOWN.
IT28455 UPGRADING DATAPOWER ON LINUX TO FIRMWARE VERSION 2018 REQUIRES ACCEPTANCE OF LICENSE IN WEBGUI
IT28494 JSON SCHEMA COMPILATION FAILS WHEN ENUM PROPERTY ARE LARGER THAN 999999
IT28542 UPDATE SECURE GATEWAY CLIENT ON DATAPOWER TO SGC 1.8.2
IT28551 B2B GATEWAY RELOAD OCCURS WITH LOTS OF OBJECTS OR CLIENT PROFILES
IT28561 UNABLE TO APPLY WS-PROXY CHANGES USING WEBGUI

2018.4.1.3

Release date: 4 March 2019
Last modified: 4 March 2019
Status: Available

APAR
Description
IT25713 WEBGUI MAY RETURN 500 INTERNAL ERROR WHEN INTERACTING.
IT27324 DATAPOWER MAY RANDOMLY RESTART WHILE PARSING A MULTISTEP REQUEST
IT27378 DATAPOWER MAY RELOAD WHEN USING GATEWAYSCRIPT WITH LARGE ARRAY LENGTH IN SOME SPECIFIC CASES.
IT27872 WRONG HANDLING OF SOAPACTION HEADER IN EXPOSED SOAP SERVICES CAUSES HTTP 404
IT28017 A JWS B64 HEADER MIGHT YIELD A PARSE ERROR FOR INVALID TYPE WHEN SETTING IT IN A PROTECTED HEADER
IT28081 API GATEWAY OAUTH SECURITY OBJECTS CAN BE CONFIGURED WITH NO SCOPES.
IT28095 DATAPOWER MIGHT UNEXPECTED RESTART WHEN USING APIM GATEWAYSCRIPT MODULE
IT28099 JWT GENERATE ASSEMBLY ACTION MAY RETURN A GENERIC 500 ERROR
IT28168 DATAPOWER MIGHT CRASH WITH MISMATCH OF GATEWAY PEERING CONFIGURATION AMONG PEERS IN A PEER GROUP
IT28240 SLM POLICY DOES NOT WORK WHEN CALLED FROM ANOTHER RULE IN MULTISTEP

Back to top


2018.4.1.2

Release date: 1 February 2019
Last modified 1 February 2019
Status: Available

APAR
Description
IT26947 ARBITRARY MESSAGE INJECTION VULNERABILITY IN DATAPOWER GUI (CVE-2018-1666)
IT27132 JAVA SECURITY UPDATE (CVE-2018-3180)
IT27142 FIX TWO OPENSSL ISSUES (CVE-2018-0734, CVE-2018-5407)
IT27162 NODE.JS SECURITY UPDATE (CVE-2018-12123)
IT27275 SENSITIVE INFORMATION DISCLOSURE (BASE64 BASIC AUTH CREDENTIALS REFLECTED BACK IN RESPONSE HEADER)
IT27470 DATAPOWER MAY REBOOT UNEXPECTEDLY WHEN THE APPLICATION OPTIMIZATION OPTION IS ENABLED, AND THE NETWORK IS UNSTABLE.
IT27698 IPMI NULL USER-LEVEL LOGIN PERMITTED
IT27721 DATAPOWER MAY NOT CORRECTLY HANDLE CORS PREFLIGHT REQUEST
IT27725 API PATH AND OPERATION REQUESTS WOULD BE ALLOWED EVEN IF REQUIRED PARAMETERS ARE MISSING.
IT27741 DATAPOWER GATEWAY DOES NOT RETRY UNSUCCESSFUL 911 CALL AFTER REGISTRATION FAILS
IT27815 EVEN IF TLS 1.0 AND 1.1 IS DISABLED FOR API CONNECT GATEWAY SERVICE, IT IS STILL ALLOWED.
IT27889 TENANT INSTALLATION FAILS WITH LICENSE ACCEPTANCE ERROR IF RBM SETTINGS ON FOR CLI.
IT28046 DATAPOWER MIGHT RESTART WHEN MULTIPLE CONFIGURATION CHANGES OCCUR IN PARALLEL.
IT28282 API AUTHENTICATION FAILS WITH LDAP USING TLS.

Back to top


2018.4.1.1

Release date: 14 December 2018
Last modified : 14 December 2018
Status: Available

APAR
Description
IT25836 AAA NETEGRITY POLICY MAY ADD WHITESPACE TO SET-COOKIE HEADER VALUE ERRONEOUSLY
IT26010 DATAPOWER STARTUP CONFIG ERRORS
IT26214 B2B TRANSACTIONS WITH SOME CPA ENTRIES TEMPORARY NOT OPERATIONAL COULD CAUSE A RELOAD
IT26241 HEADER COALESCE SHOULD USE , DELIMITER BY DEFAULT.
IT26554 ARP RESPONSES MAY BE RANDOMLY DELAYED IF MORE THAN ONE VIP IN SAME SUBNET
IT26851 HTTP STRICT TRANSPORT SECURITY HEADERS ARE ALWAYS INJECTED IN WEBGUI FLOWS
IT26948 CROSS SITE REQUEST FORGERY (CSRF) VULNERABILITY IN DATAPOWER GUI (CVE-2018-1661)
IT27020 DATAPOWER DOES NOT PROCESS HTTP HEADER VALUE CORRECTLY FOR THE SUPPLEMENT LATIN-1 CHARACTERS
IT27107 ALWAYS REMOVE AUTHORIZATION HEADER FROM RESPONSE FOR OAUTH
IT27258 IMPROVE BUFFER TO REDUCE PROCESSING LATENCY
IT27844 POOR INPUT VALIDATION ON /AUTHORIZE CALL OF OAUTH API

Back to top


2018.4.1.0

Release date: 15 November 2018
Last modified: 15 November 2018
Status: Available

APAR
Description
IT23272 XSLT COMPILER MIGHT DEAL INCORRECTLY WITH <XSL:APPLY-TEMPLATES/> WITHOUT A SELECT ATTRIBUTE
IT24777 CORRECTED REST MANAGEMENT INTERFACE TO PROPERLY USE PORT 5554
IT24885 UNEXPECTED RESTART MIGHT OCCUR ON STARTUP IF INCOMPLETE OBJECTS ARE PERSISTED TO AUTOCONFIG.CFG
IT25219 ERRORS MIGHT OCCUR AFTER ADDING/REMOVING SUBSCRIPTIONS TO APIS
IT25233 SOME STATUS PROVIDERS MIGHT COMPUTE INCORRECT AVERAGES
IT25471 DEVICE MIGHT RESTART UNEXPECTEDLY DUE TO MQ ROLLBACK WHEN UNITS OF WORK IS GREATER THAN 0.
IT25545 UNEXPECTED RESTART MIGHT OCCUR WHEN USING SMTP URL-OPEN.
IT25653 TRANSACTION MIGHT FAIL WHEN JMS AND TIBCO PROTOCOLS ARE USED WITH B2B GATEWAY
IT25752 GUI DOES NOT RERENDER IF SWITCHING WEB SERVICE PROXY PROXY SETTINGS TAB BACKEND TYPE RADIO BUTTON
IT25763 DATAPOWER MIGHT RESTART UNEXPECTEDLY WITH THE USE OF GATEWAYSCRIPT CLEARTIMEOUT METHOD
IT25934 INTERMITTENTLY DP:URL-OPEN MIGHT TRUNCATE DATA IN A NON-2XX HTTP RESPONSE
IT26044 TYPE 8441 BIOS DATE IS RESET TO 1998-1-1
IT26067 DATAPOWER MIGHT RESTART IN RARE CIRCUMSTANCES OF HTTP(S) URL-OPEN FACING A BACKEND CONNECTIVITY ISSUE
IT26071 DATAPOWER MIGHT RESTART IN RARE SITUATIONS OF AUTOMATICALLY RESENDING B2B TRANSACTIONS AFTER UPGRADE
IT26122 INLINE CLI COMMAND TO CREATE HEALTH CHECK DOES NOT RECOGNIZE SSL CLIENT PARAMETERS
IT26209 MQ FRONT SIDE WITH HTTP(S) BACKEND MIGHT UNEXPECTEDLY WATCHDOG AND RESTART DATAPOWER
IT26225 CANNOT MODIFY THE LANGUAGE WHEN USING DATAPOWER ON DOCKER.
IT26263 POTENTIAL DENIAL OF SERVICE IN NODE.JS
IT23272 XSLT COMPILER MIGHT DEAL INCORRECTLY WITH <XSL:APPLY-TEMPLATES/> WITHOUT A SELECT ATTRIBUTE
IT26335 DATAPOWER VULNERABILITY: INSUFFICIENT INPUT VALIDATION (CVE-2018-1667)
IT26353 LOW TEMPORARY AND ENCRYPTED SPACE.
IT26363 SECURITY APAR CVE-2018-1662 - USER ACCESS LEVEL USER ALLOWS ACCESS ESCALATION IN WEB GUI
IT26364 SECURITY APAR CVE-2018-1663 - DATAPOWER ADMIN UI AND XML MANAGEMENT INTERFACES MISSING HSTS HEADER
IT26419 DATAPOWER MIGHT UNEXPECTEDLY RELOAD IF DEBUG LEVEL SSL LOGGING IS ENABLED
IT26529 DATAPOWER MIGHT LOG A COMPILATION WARNING FROM VERIFY.XSL EVEN IF THE SERVICE IS WORKING WITHOUT ISSUE.
IT26668 UNKNOWN LOG MESSAGES (SYSTEM-WSGW-MANAGEMENT-POLICY)
IT26802 SECURITY VULNERABILITIES IN DATAPOWER WEBGUI.

Back to top


7.7.1.3

Release date: 28 August 2018
Last modified: 28 August 2018
Status: Available

APAR
Description
IT25575 WRONG RESOURCE OWNER IS SELECTED WHEN GENERATING A JSON WEB TOKEN FROM AAA MAP CREDENTIAL FILE
IT25805 DATAPOWER SNMP ALERT DPSTATUSENVIRONMENTALSENSORSPOWERSUPPLY UPDATED TO DETECT AC POWER LOST FOR BOTH PSUS
IT25911 SECURITY VULNERABILITY IN OPENSSL
IT25931 SPACE NAME AND SPACE ID NOT PASSED IN ACTIVITY LOG
IT25958 JAVA SECURITY UPDATE
IT25959 SECURITY ISSUES IN OPENSSL
IT25995 SLOW MEMORY GROWTH SEEN WHEN USING AAA OR WTX PROCESSING
IT25961 TIMING ATTACK ON RSA DECRYPTION IN OPENSSL
IT26012 UNEXPECTED BEHAVIOR WITH UNSUPPORTED SECURITY ACCESS MANAGER (ISAM) VERSIONS
IT26030 SENSITIVE INFORMATION DISCLOSURE IN DATAPOWER MANAGEMENT AUTHENTICATION INFORMATION IN RESPONSE HEADERS.
IT26084 XML EXTERNAL ENTITY INJECTION (XXE) VULNERABILITY IN DATAPOWER GUI (CVE-2018-1669)

Back to top


7.7.1.2

Release date: 27 July 2018
Last modified: 27 July 2018
Status: Available

APAR
Description
IT24329 QUIESCE CAN PREVENT OBJECTS FROM BEING DELETED
IT24375 DATAPOWER SCHEMA COMPILER MIGHT INCORRECTLY GENERATE COMPILE ERROR RELATED TO XS:RESTRICTION
IT25130 DATAPOWER DNS ROUND ROBIN ALGORITHM DOES NOT HONOR TCP BASED DNSRESPONSE
IT25176 B2B TRANSACTION VIEWER PROVIDES EMPTY DOCUMENTS
IT24791 A SERVER DIFFERENT FROM THE SERVER THAT EXECUTED QUOTA-ENFORCEMENT-SWITCH-MASTER COMMAND BECOMES THE MASTER
IT25289 DATAPOWER RESTARTS MIGHT OCCUR WHEN CALLING AN API WITH INCORRECT SOAPACTION HEADER
IT25539 DATAPOWER MIGHT RESTART WHILE VALIDATING CREDENTIALS DURING AN SSL HANDSHAKE
IT25597 ERROR MAY OCCUR AFTER ADDING/REMOVING SUBSCRIPTION TO APIS
IT25962 SECURITY VULNERABILITIES IN OPENSSL
IT25602 ADDING AND/OR REMOVING SUBSCRIPTIONS MAY LEAD TO ERRORS WHEN PUBLISHING A PRODUCT
IT25603 TRIGGERING 911 - CLEANING UP INACTIVE JOBS CAN THROW EXCEPTION
IT25605 CONFIGURING REGISTRATION VALIDATION FAILS IF THERE IS NO CATALOGS SENT IN PAYLOAD

Back to top


7.7.1.1

Release date: 29 June 2018
Last modified: 29 June 2018
Status: Available

APAR
Description
IT21452 DATAPOWER CANNOT PARSE UTF8 BOM PREFIXED XML IF BOM IS SPLIT ON DIFFERENT TCP PACKETS
IT21491 GATEWAYSCRIPT FILE WITH TRANSFORM.XSLT() MISSES XSLT CLEANUP THAT MIGHT LEAK MEMORY
IT21452 DATAPOWER CANNOT PARSE UTF8 BOM PREFIXED XML IF BOM IS SPLIT ON DIFFERENT TCP PACKETS
IT24052 UNEXPECTED RESTART OF ISAM REVERSE PROXY
IT24359 RBM LDAP SETTINGS REQUIRE HOST AND PORT VALUES IN GUI, AFTER LOAD BALANCER GROUP IS SET
IT24651 DATAPOWER LOAD BALANCER GROUP UNABLE TO HANDLE MULTIPLE SETCOOKIE
IT24731 SECURE RESTORE MIGHT FAIL FOR LARGE FILE SIZES
IT24896 SOME OBJECTS MIGHT BE ENABLED BUT DOWN EVEN THOUGH THE FEATURE IS NOT ACTIVATED
IT24906 DOMAIN CLEANUP MIGHT NOT COMPLETE SUCCESSFULLY LEAVING OLD OBJECTS THAT MIGHT LEAD TO INSTABILITY
IT24941 A LOG TARGET STATUS MEMORY VALUE IS NOT CORRECT, ALWAYS BEING TOO LOW
IT24998 AAA DYNAMIC CONFIGURATION CANNOT HANDLE MULTIPLE LTPA ATTRIBUTES
IT25078 CONSOLE MODULE IN GATEWAYSCRIPT ACTION RESTART ISSUE WHEN PASSING SOME ESCAPED CHARACTER
IT25120 DATAPOWER NETWORK INTERFACES NOT LABELED PROPERLY.
IT25198 JSON STRINGS MIGHT FAIL TO PARSE IN AAA POLICY WHEN IT CONTAINS RESERVED XML CHARACTERS
IT25303 AAA CUSTOM PASSWORD RETRIEVAL FOR DERIVED-KEY IDENTITY EXTRACTION MIGHT FAIL
IT25410 URLOPEN.OPEN() API IN GATEWAYSCRIPT ACTION SUPPORTS GET/DELETE/HEAD WITH DATA
IT25469 DATAPOWER GUI AND SOME NETWORK INTERFACES MIGHT FAIL TO START WHEN THE ENCRYPTED SPACE IS LOW
IT25604 CRASHED GATEWAY DIRECTOR MAY LEAVE REGISTRATION LOCK PREVENTING ANY NEW REGISTRATION
IT25670 [PSIRT] CRYPTOGRAPHIC LIBRARY UPDATE

Back to top


7.7.1.0

Release date: 8 June 2018
Last modified: 8 June 2018
Status: Available

APAR
Description
IT24970 ERROR MESSAGE: REQUIRED PROPERTY GATEWAY-PEERING IS MISSING WHEN NOT CONFIGURING API CONNECT

Back to top


7.7.0.2

Release date: 20 April 2018
Last modified: 20 April 2018
Status: Available

APAR
Description
IT24787 ADDRESS PROBLEMS WITH API CONNECT INTEGRATION

Back to top


7.7.0.1

Release date: 5 April 2018
Last modified: 5 April 2018
Status: Available

APAR
Description
IT24621 ADDRESS PROBLEMS WITH API CONNECT INTEGRATION

Back to top


7.7.0.0

Release date: 30 March 2018
Last modified: 30 March 2018
Status: Available

APAR
Description
IT19401 DATAPOWER MAY INACCURATELY LOG BACKEND RESPONSE AS CONNECTION FAILURE
IT20862 LATENCY AND EXTLATENCY LOG MESSAGES MAY CONTAIN INCORRECT INFORMATION WHEN REQUEST IS HTTP GET
IT22019 CHANGE TO LOG MESSAGES RELATED TO MIME
IT24076 URL-OPEN MAY PROCESS BACKEND ERRORS DIFFERENTLY WHEN FOLLOWING A REDIRECT
IT24130 NON-MAIN TASK MAY EXHIBIT UNEXPECTED BEHAVIOR IF IT IS STOPPED AND THEN LATER STARTED
IT24881 POTENTIAL VULNERABILITY IN THE SSL COMPONENT OF IBM DATAPOWER GATEWAYS
IT25182 QUOTA ENFORCEMENT SERVER USES DES-CBC3-SHA CIPHER FOR INTERNAL COMMUNICATION

Back to top


Change history
Last modified: 13 December 2019

  • 13 December 2019: Added fix list for 2018.4.1.9 fix pack.
  • 18 November 2019: Added IT30849 and IT20923 to the fix list for the refreshed 2018.4.1.8 fix pack.
  • 29 October 2019: Updated fix list for the original 2018.4.1.8 fix pack.
  • 26 August 2019: Updated fix list for 2018.4.1.7 fix pack.
  • 13 August 2019: Added fix list for 2018.4.1.7 fix pack.
  • 12 June 2019: Added fix list for 2018.4.1.6 fix pack.
  • 29 April 2019: Added fix list for 2018.4.1.5 fix pack.
  • 1 April 2019: Added fix list for 2018.4.1.4 fix pack.
  • 4 March 2019: Added fix list for 2018.4.1.3 fix pack.
  • 1 February 2019: Added fix list for 2018.4.1.2 fix pack.
  • 14 December 2018: Added fix list for 2018.4.1.1 fix pack.
  • 15 November 2018: Added fix list for 2018.4.1.0 long-term support release.
  • 28 August 2018: Added fix list for 7.7.1.3 CD update package that replaces 7.7.1.2.
  • 27 July 2018: Added fix list for 7.7.1.2 CD update package that replaces 7.7.1.1.
  • 29 June 2018: Added fix list for 7.7.1.1 CD update package that replaces 7.7.1.0.
  • 8 June 2018: Added fix list for 7.7.1.0 CD update package that replaces 7.7.0.x.
  • 20 April 2018: Added fix list for 7.7.0.2 fix pack.
  • 5 April 2018: Added fix list for 7.7.0.1 fix pack.
  • 30 March 2018: Created fix list for 7.7.0.0 CD update package.

Off
[{"Business Unit":{"code":"BU004","label":"Hybrid Cloud"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateways"},"Component":"General","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"2018.4","Edition":"Edition Independent"}]

Problems (APARS) fixed
IT19401; IT20862; IT22019; IT24076; IT24130; IT24881; IT24621; IT24787; IT24970; IT21452; IT21491; IT21452; IT24052; IT24359; IT24651; IT24731; IT24896; IT24906; IT24941; IT24998; IT25078; IT25120; IT25198; IT25303; IT25410; IT25469; IT24329; IT24375; IT25130; IT25176; IT25289; IT25539; IT24791; IT25670; IT25575; IT25805; IT25911; IT25931; IT25958; IT25959; IT25961; IT25995; IT26012; IT25597; IT25602; IT25603; IT25604; IT25605; IT25962; IT26030; IT26044; IT26084; IT23272; IT24777; IT24885; IT25219; IT25233; IT25471; IT25545; IT25653; IT25752; IT25763; IT25934; IT26044; IT26067; IT26071; IT26122; IT26209; IT26225; IT26263; IT26331; IT26335; IT26363; IT26364; IT26419; IT26529; IT26668; IT26802; IT25836; IT26010; IT26214; IT26241; IT26554; IT26851: IT26947; IT26948; IT27020; IT27107; IT27258; IT26353; IT27844; IT26947; IT27132; IT27142; IT27162; IT27275; IT27698; IT27721; IT27725; IT27741; IT27815; IT28046; IT25713; IT27324; IT27378; IT27872; IT28017; IT28081; IT28095; IT28099; IT28168; IT28240; IT28282; IT26450; IT26756; IT27065; IT27073; IT27113; IT27167; IT27282; IT27286; IT27355; IT27495; IT27651; IT27726; IT27799; IT27873; IT27949; IT28088; IT28138; IT28338; IT28375; IT28381; IT28389; IT28413; IT28450; IT28455; IT28494; IT28542; IT28551; IT28561; IT28426; IT28720; IT28772; IT28825; IT28828; IT28833; IT28834; IT28893; IT25188; IT27954; IT28391; IT28423; IT28667; IT28609; IT28669; IT28795; IT28798; IT28850; IT28885; IT28995; IT28902; IT28908; IT28956; IT28992; IT28999; IT29004; IT29058; IT29074; IT29143; IT29289; IT29314; IT30030; IT19884; IT27493; IT28436; IT29519; IT29791; IT29881; IT29882; IT29947; IT30022; IT30046; IT30100; IT30116; IT30150; IT30171; IT30191; IT30192; IT30201; IT30223; IT30246; IT30263; IT30264; IT30265; IT30266; IT30271; IT30284; IT30295; IT30303; IT30438; IT30439; IT30492; IT30493; IT30513; IT30567; IT30615; IT30849; IT30923; IT29556; IT30133; IT30269; IT30483; IT30517; IT30525; IT30565; IT30604; IT30607; IT30611; IT30716; IT30815; IT30836; IT30858; IT30869; IT30947; IT30948; IT30949; IT30950; IT31037; IT31066; IT31093; IT31124; IT31447;

Document Information

Modified date:
13 January 2020

UID

swg24044502