IBM Support

Fix packs for DataPower Gateway version 2018.4

Download


Abstract

Lists of fixes in fix packs for IBM DataPower Gateway version 2018.4.

Download Description

Fix packs and firmware images are located in Fix Central.

  • In IBM Knowledge Center you can find information about new and changed features, limitations, and restrictions.
  • For new features, see What's new.
  • For changes, see What's changed.
  • For limitations and restrictions, see the Release notes.
  • To download fix packs, go to the Fix Central website.


Important:



2018.4.1.7

Release date: 13 August 2019
Last modified: 26 August 2019
Status: Available

APAR
Description
IT23601 B2B HIGH-AVAILABILITY MIGHT FAIL TO WORK CORRECTLY IF USING A HOST-ALIAS FOR REPLICATION LISTENER ADDRESS
IT23808 FORMAT:EMAIL IN JSV, REFERENCED BY ANOTHER JSV BEING COMPILED RESULTS IN CATASTROPHIC COMPILE ERROR
IT23870 DATAPOWER ON DEMAND ROUTER (DP-ODR) MIGHT CAUSE RELOAD
IT28401 DATAPOWER INCORRECTLY ESCAPES SEQUENCE OF 2 REVERSE SOLIDUS CHARACTERS USING DP:ENCODE(_, JSON-ESCAPE )
IT28435 DATAPOWER FTP POLLER HANDLER UNABLE TO PROCESS FILE THAT HAS SPECIAL CHARACTERS IN THE FILENAME
IT28534 ETHERNET COUNTERS MIGHT WRAP AT 4294967296 AND DISPLAY INCORRECT VALUES
IT28633 DATAPOWER MIGHT RELOAD DURING A SECURE BACKUP.
IT28734 RELOAD WHEN USING DP:GET-METADATA EXTENSION FUNCTION WHEN PROBE IS ENABLED
IT28859 DATAPOWER MQ URL-OPEN CONNECTIONS MIGHT RESULT IN FREQUENT RELOADS
IT28867 PARSE ACTION WITH A NULL OUTPUT CONTEXT MIGHT RELOAD THE DEVICE
IT28891 ODR COMPONENT MIGHT CAUSE A RESTART ON DATAPOWER APPLIANCES WITH OLDER ODR LIBRARY VERSIONS
IT28895 HTTP FRONT SIDE HANDLER MIGHT NOT BE READY FOR SUBSEQUENT TRANSACTION AND DATAPOWER MIGHT RELOAD
IT28936 DATAPOWER MIGHT RELOAD WHEN INQUIRING THE QUEUE INFORMATION WITH DYNAMIC MQ URL WITHOUT DEFINING THE HOST IP
IT29001 TYPE 8441 HSM3 DOES NOT ALLOW EXPONENT 3 KEYS
IT29022 SLM PEERING MIGHT NOT WORK CORRECTLY DUE TO TRANSACTION ID BEING INCORRECTLY MAPPED
IT29026 DATAPOWER MIGHT RESTART WHEN LOGGING SSL ERROR MESSAGES UNDER HIGH LOAD
IT29105 THE SENDER MAC ADDRESS FIELD IN THE GRAT ARP CAN TO GO TO ALL 0S AFTER SOME PERIOD OF TIME
IT29177 SFTP/SSH CONNECTION MIGHT WATCHDOG AND GENERATE A BACKTRACE IN TEMPORARY
IT29199 SNMP MIGHT STOP RESPONDING AND AN UNEXPECTED RELOAD MIGHT BE SEEN
IT29214 CONNECTION FAILURES WITH CERTAIN FEATURES SUCH AS TIBCO-EMS AND JMS MIGHT RESULT IN EMPTY STATUS PROVIDERS OR RELOAD
IT29236 DATAPOWER MIGHT ERRONEOUSLY CANCEL TRANSACTION IF TRANSACTION TIMEOUT IS SET IN CONJUNCTION WITH PERSISTENT CONNECTIONS
IT29269 DATAPOWER MIGHT RELOAD IF THE HTTP FRONT SIDE CONNECTION TERMINATED BEFORE THE ASYNC ACTION IN B2B GATEWAY COMPLETED
IT29271 SAVING THE CONFIGURATION IN WEB GUI NOT POSSIBLE ON CRL RETRIEVAL INCERTAIN SCENARIOS
IT29326 VERIFY ACTION FAILS WITH CERTIFICATE NOT FOUND IF ISSUER CONTAINS SPECIAL CHARACTERS
IT29353 API CONNECT GATEWAY SERVICE, API-PROBE, API-SECURITY-TOKEN-MANAGER NEED DEFAULT CONFIGURATION TO ALLOW DISABLED AND DOWN STATE
IT29364 SPECIAL CHARACTERS IN DATAPOWER NAME MIGHT CAUSE DOWNLOAD FAILURE OF AN ILMT FORCE SCAN PACKAGE.
IT29420 THE CONSECUTIVE SLASHES IN THE QUERY STRING OF AN API REQUEST WILL BE STRIPPED UNEXPECTEDLY
IT29446 MEMORY USE MIGHT GROW AND NEVER RELEASE, IF GATEWAY PEERING IS ENABLED
IT29457 DATAPOWER GATEWAY MIGHT HAVE PROBLEMS TRYING TO SYNC CATALOGS FROM THE API MANAGER
IT29488 API CONNECT GATEWAY SERVICE MAY NOT BE ABLE TO SYNC FOR LARGE CATALOGS
IT29502 PLS-00306: WRONG NUMBER OR TYPES OF ARGUMENTS IN CALL TO (STARED_PROCEDURE_NAME)
IT29523 ERROR MESSAGE IS INCORRECT WHEN SETTING NEW PASSWORD TO CURRENT PASSWORD WITH PASSWORD CONTROL-REUSE SETTING
IT29533 GZIP RESPONSE PAYLOADS CANNOT BE PASSED THROUGH TO THE CLIENT
IT29544 ARCFOUR (RC4) AND 3DES CIPHERS ARE NO LONGER IN DEFAULT LIST
IT29549 DATAPOWER WEBGUI DOES NOT DISPLAY A VALIDATION CREDENTIAL ON THE SSL CLIENT PROFILE WHEN HOST NAME VALIDATION FAIL ON ERROR
IT29603 DATAPOWER MIGHT LOG OAUTH TOKENS AT INFORMATION LEVEL
IT29677 CSRF SUPPORT MIGHT YIELD 500 ERRORS IN WEBGUI
IT29691 GATEWAY RETURNS ERROR WHEN CALL API WITH PATCH OPERATION
IT29703 ADDRESS COMMAND INJECTION VULNERABILITY (CVE-2019-4294)
IT29747 ASSEMBLY INVOKE ACTION MIGHT RETURN 500 ERROR
IT29895 CATALOG METADATA COMMUNICATION BY API MANAGER TO API CONNECT GATEWAY SERVICE MIGHT BE PROCESSED SLOWLY
IT29897 IF API CONNECT GATEWAY SERVICE RECEIVES CONFIGURATION DATA FROM API MANAGER IN WRONG ORDER, PROCESSING MIGHT BE SLOWER
IT29943 API GATEWAY SERVICE EXPECTS X509 CERTIFICATE WITHOUT LINE BREAKS
IT30030 ERROR 404 WHEN USING SWAGGER DATE FORMAT FOR PATH PARAMETER

Back to top


2018.4.1.6

Release date: 12 June 2019
Last modified: 12 June 2019
Status: Available

APAR
Description
IT25188 DATAPOWER MIGHT WRITE TO THE INPUT CONTEXT TO OUTPUT CONTEXT WHEN NULL IS USED FOR A FILTER OR XFORM ACTION
IT27954 DATAPOWER MIGHT NOT CORRECTLY PROCESS WEBSOCKET UPGRADE WHEN RESPONSE TYPE IS JSON
IT28391 DOMAIN RELOAD MIGHT TAKE EXTRAORDINARILY LONG TIME IF A VERY HIGH NUMBER OF SIMILAR OBJECTS ARE DEPLOYED ACROSS MANY DOMAINS
IT28423 GENERATING ERROR REPORT WHEN GATEWAYSCRIPT (JAVASCRIPT HEAP) IS OUT OF MEMORY RESULTS IN AN UNEXPECTED RELOAD
IT28609 A SINGLE GWS ACTION RUNNING MULTIPLE ASYNCHRONOUS URLOPEN.OPEN CALLS MAY HANG IF ERRORS OCCUR ON THE OPEN CALL.
IT28667 DATAPOWER MIGHT RELOAD IF CERTIFICATE OBJECTS ARE UPDATED WHILE BEING USED FOR ACTIVE TRANSACTIONS
IT28669 WTX TRANSACTIONS MIGHT FAIL WITH INTERNAL ERROR
IT28795 FTP SERVER HANDLER MIGHT SUFFER CLOSE-WAIT CONNECTIONS AND CONTRIBUTE TO CPU HIGH
IT28798 MS SQL STORED PROCEDURES FAIL POST UPGRADE
IT28850 DATAPOWER MIGHT EXPERIENCE A RELOAD WHILE ATTEMPTING TO LOG SSL ERROR INFORMATION
IT28885 DATAPOWER MIGHT RELOAD UNEXPECTEDLY IF OAUTH SCOPE IS RETURNED EMPTY FOR INTROSPECTION
IT28902 ENABLE USE OF GARBAGE COLLECTION ON DOCKER
IT28908 UPDATE SECURE GATEWAY CLIENT ON DATAPOWER TO SGC 1.8.2FP1
IT28956 BASE64 CREDENTIALS MIGHT BE ECHOED BACK FOR SOME XML-MGMT RESPONSES
IT28992 LARGE MIME ATTACHMENTS MAY BE MISSING END BOUNDARY WHEN USING DYNAMIC ROUTING
IT28999 MIME CONTENT-ENCODING HEADER RFC CHECK MIGHT IGNORE SOME INVALID VALUES
IT29004 ADMIN USER IS ENABLED BY DEFAULT FOR IPMI ACCESS
IT29058 WHEN THE DATA SOURCE OBJECT STATUS IS NOT STABLE, DATAPOWER MIGHT INCORRECTLY REPORT ODBC LICENSE ERROR
IT29074 DATAPOWER MIGHT RELOAD UNEXPECTEDLY IF IN-FLIGHT TRAFFIC MEETS AN IN-PROGRESS API GATEWAY CONFIGURATION CHANGE
IT29143 CALLS TO AN API OPERATION MIGHT ROUTE TO THE WRONG API WHEN THE OPERATION AND URL PATH ARE NOT UNIQUE
IT29289 API CONNECT GATEWAY SERVICE FAILS TO START WHEN GATEWAY PEERING USES A P12 CERTIFICATE WITH PASSWORD
IT29314 SOME SPECIAL CHARACTERS IN PASSWORD CAUSE HTTP AUTHENTICATION TO FAIL

Back to top


2018.4.1.5

Release date: 29 April 2019
Last modified: 29 April 2019
Status: Available

APAR
Description
IT28426 SLM RATE LIMIT POLICY IS NOT WORKING FOR DAILY INTERVALS
IT28720 A JWS ?HTTP://OPENBANKING.ORG.UK/IAT HEADER MIGHT YIELD A PARSEERROR FOR INVALID TYPE WHEN SETTING IT IN A PROTECTED HEADER
IT28772 DATAPOWER IS AFFECTED BY CWE-1021
IT28825 DATAPOWER MAY RELOAD WHEN AN API IS CALLED JUST AFTER THE APIS HAVE BEEN PUBLISHED FROM API CONNECT.
IT28828 POTENTIAL ORACLE ATTACK IN DATAPOWER SSL.
IT28833 REQUEST HEADER WITH MORE THAN 200 CHARACTERS CAUSES RESTART OF PODS
IT28834 POTENTIAL SPOOFING ATTACK VULNERABILITY IN DATAPOWER SCP.
IT28893 JRE SECURITY UPDATE

Back to top


2018.4.1.4

Release date: 1 April 2019
Last modified: 1 April 2019
Status: Available

APAR
Description
IT26450 CONFIGURATION MIGHT BE DUPLICATED ON DOMAIN RESTART RESULTING IN INSTABILITY WHEN MANAGING CONFIGURATION
IT26756 UNABLE TO EXECUTE CONFIG://DPPATTERNS.CFG STARTUP ERROR AFTER UPGRADE FROM PRE-7.5 VERSION TO 760
IT27065 DATAPOWER MIGHT UNEXPECTEDLY RELOAD USING THE WEB SERVICE MANAGEMENT AGENT
IT27073 DATAPOWER CLI TEST TCP-CONNECTION TIMEOUT PARAMETER IS NOT HONORED
IT27113 DATAPOWER MIGHT RELOAD UNEXPECTEDLY IF TRACEROUTE OR PING CANNOT FIND A VALID ROUTE
IT27167 MQ FILE MISSING NOTIFICATION UPON WEBGUI LOGOUT
IT27282 DATAPOWER MAY RESTART UPON ENABLING RAID OBJECT
IT27286 MISMATCH OF BACKUP MODE BETWEEN WEBGUI AND CLI
IT27355 USING LOADBALANCER GROUP PARTIAL HEALTHCHECK DATAPOWER MIGHT RELOAD UNEXPECTEDLY
IT27495 DATAPOWER MIGHT RELOAD WHEN CHECKPOINTS ARE TAKEN
IT27651 DATAPOWER MIGHT FACE UNEXPECTED RELOAD IN RARE CIRCUMSTANCES THAT INVOLVE MQ CONNECTIVITY ON FRONT AND BACKSIDE.
IT27726 MQ CONNECTION STATUS SHOWS HIGH NUMBER OF ACTIVE CONNECTIONS
IT27799 SFTP SERVER HANDLER DOES NOT CONVERT FILE SIZES OVER 2GB CORRECTLY
IT27873 DATAPOWER MIGHT RELOAD IF SFTP URL-OPENER FACES CONNECTIVITY ISSUE WITH SFTP BACKEND
IT27949 PUBKEY-AUTH POLICY MIGHT NOT INCLUDE THE USER WHEN CONNECTING TO SFTP BACKENDS
IT28088 REQUESTS MIGHT HANG IF HTTP RESPONSE HAS COMPRESSION ENABLED BUT NO DATA IN THE BODY
IT28138 API GATEWAY SERVICE DOES NOT PROPERLY BIND TO SINGLE IP
IT28338 WHEN AN API IS CALLED OR PUBLISHED, THE DATAPOWER WEBGUI SAYS THAT CONFIG HAS CHANGED
IT28375 SOAP API REQUEST WITHOUT CONTENT-TYPE HEADER TO A DATAPOWER API GATEWAY WITH A SOAP API MIGHT CAUSE GATEWAY TO RELOAD
IT28381 DATAPOWER MAY FAIL TO CONVERT KDB TO SSL PROXY PROFILE WITH MQ 9.0.0.1 KDB
IT28389 POSSIBLE INCORRECT VALUE OF QUOTA ENFORCEMENT RATELIMIT USING CONCURRENT METHOD
IT28413 WHILE CALLING API FROM ASSEMBLY, IT SHOWS CORS ERROR AND 400 BAD REQUEST
IT28450 THE FAILOVER MAY NOT HAPPEN TO QUOTA ENFORCEMENT SERVER WHEN A NETWORK GOES DOWN.
IT28455 UPGRADING DATAPOWER ON LINUX TO FIRMWARE VERSION 2018 REQUIRES ACCEPTANCE OF LICENSE IN WEBGUI
IT28494 JSON SCHEMA COMPILATION FAILS WHEN ENUM PROPERTY ARE LARGER THAN 999999
IT28542 UPDATE SECURE GATEWAY CLIENT ON DATAPOWER TO SGC 1.8.2
IT28551 B2B GATEWAY RELOAD OCCURS WITH LOTS OF OBJECTS OR CLIENT PROFILES
IT28561 UNABLE TO APPLY WS-PROXY CHANGES USING WEBGUI

2018.4.1.3

Release date: 4 March 2019
Last modified: 4 March 2019
Status: Available

APAR
Description
IT25713 WEBGUI MAY RETURN 500 INTERNAL ERROR WHEN INTERACTING.
IT27324 DATAPOWER MAY RANDOMLY RESTART WHILE PARSING A MULTISTEP REQUEST
IT27378 DATAPOWER MAY RELOAD WHEN USING GATEWAYSCRIPT WITH LARGE ARRAY LENGTH IN SOME SPECIFIC CASES.
IT27872 WRONG HANDLING OF SOAPACTION HEADER IN EXPOSED SOAP SERVICES CAUSES HTTP 404
IT28017 A JWS B64 HEADER MIGHT YIELD A PARSE ERROR FOR INVALID TYPE WHEN SETTING IT IN A PROTECTED HEADER
IT28081 API GATEWAY OAUTH SECURITY OBJECTS CAN BE CONFIGURED WITH NO SCOPES.
IT28095 DATAPOWER MIGHT UNEXPECTED RESTART WHEN USING APIM GATEWAYSCRIPT MODULE
IT28099 JWT GENERATE ASSEMBLY ACTION MAY RETURN A GENERIC 500 ERROR
IT28168 DATAPOWER MIGHT CRASH WITH MISMATCH OF GATEWAY PEERING CONFIGURATION AMONG PEERS IN A PEER GROUP
IT28240 SLM POLICY DOES NOT WORK WHEN CALLED FROM ANOTHER RULE IN MULTISTEP

Back to top


2018.4.1.2

Release date: 1 February 2019
Last modified 1 February 2019
Status: Available

APAR
Description
IT26947 ARBITRARY MESSAGE INJECTION VULNERABILITY IN DATAPOWER GUI (CVE-2018-1666)
IT27132 JAVA SECURITY UPDATE (CVE-2018-3180)
IT27142 FIX TWO OPENSSL ISSUES (CVE-2018-0734, CVE-2018-5407)
IT27162 NODE.JS SECURITY UPDATE (CVE-2018-12123)
IT27275 SENSITIVE INFORMATION DISCLOSURE (BASE64 BASIC AUTH CREDENTIALS REFLECTED BACK IN RESPONSE HEADER)
IT27470 DATAPOWER MAY REBOOT UNEXPECTEDLY WHEN THE APPLICATION OPTIMIZATION OPTION IS ENABLED, AND THE NETWORK IS UNSTABLE.
IT27698 IPMI NULL USER-LEVEL LOGIN PERMITTED
IT27721 DATAPOWER MAY NOT CORRECTLY HANDLE CORS PREFLIGHT REQUEST
IT27725 API PATH AND OPERATION REQUESTS WOULD BE ALLOWED EVEN IF REQUIRED PARAMETERS ARE MISSING.
IT27741 DATAPOWER GATEWAY DOES NOT RETRY UNSUCCESSFUL 911 CALL AFTER REGISTRATION FAILS
IT27815 EVEN IF TLS 1.0 AND 1.1 IS DISABLED FOR API CONNECT GATEWAY SERVICE, IT IS STILL ALLOWED.
IT27889 TENANT INSTALLATION FAILS WITH LICENSE ACCEPTANCE ERROR IF RBM SETTINGS ON FOR CLI.
IT28046 DATAPOWER MIGHT RESTART WHEN MULTIPLE CONFIGURATION CHANGES OCCUR IN PARALLEL.
IT28282 API AUTHENTICATION FAILS WITH LDAP USING TLS.

Back to top


2018.4.1.1

Release date: 14 December 2018
Last modified : 14 December 2018
Status: Available

APAR
Description
IT25836 AAA NETEGRITY POLICY MAY ADD WHITESPACE TO SET-COOKIE HEADER VALUE ERRONEOUSLY
IT26010 DATAPOWER STARTUP CONFIG ERRORS
IT26214 B2B TRANSACTIONS WITH SOME CPA ENTRIES TEMPORARY NOT OPERATIONAL COULD CAUSE A RELOAD
IT26241 HEADER COALESCE SHOULD USE , DELIMITER BY DEFAULT.
IT26554 ARP RESPONSES MAY BE RANDOMLY DELAYED IF MORE THAN ONE VIP IN SAME SUBNET
IT26851 HTTP STRICT TRANSPORT SECURITY HEADERS ARE ALWAYS INJECTED IN WEBGUI FLOWS
IT26948 CROSS SITE REQUEST FORGERY (CSRF) VULNERABILITY IN DATAPOWER GUI (CVE-2018-1661)
IT27020 DATAPOWER DOES NOT PROCESS HTTP HEADER VALUE CORRECTLY FOR THE SUPPLEMENT LATIN-1 CHARACTERS
IT27107 ALWAYS REMOVE AUTHORIZATION HEADER FROM RESPONSE FOR OAUTH
IT27258 IMPROVE BUFFER TO REDUCE PROCESSING LATENCY
IT27844 POOR INPUT VALIDATION ON /AUTHORIZE CALL OF OAUTH API

Back to top


2018.4.1.0

Release date: 15 November 2018
Last modified : 15 November 2018
Status: Available

APAR
Description
IT23272 XSLT COMPILER MIGHT DEAL INCORRECTLY WITH <XSL:APPLY-TEMPLATES/> WITHOUT A SELECT ATTRIBUTE
IT24777 CORRECTED REST MANAGEMENT INTERFACE TO PROPERLY USE PORT 5554
IT24885 UNEXPECTED RESTART MIGHT OCCUR ON STARTUP IF INCOMPLETE OBJECTS ARE PERSISTED TO AUTOCONFIG.CFG
IT25219 ERRORS MIGHT OCCUR AFTER ADDING/REMOVING SUBSCRIPTIONS TO APIS
IT25233 SOME STATUS PROVIDERS MIGHT COMPUTE INCORRECT AVERAGES
IT25471 DEVICE MIGHT RESTART UNEXPECTEDLY DUE TO MQ ROLLBACK WHEN UNITS OF WORK IS GREATER THAN 0.
IT25545 UNEXPECTED RESTART MIGHT OCCUR WHEN USING SMTP URL-OPEN.
IT25653 TRANSACTION MIGHT FAIL WHEN JMS AND TIBCO PROTOCOLS ARE USED WITH B2B GATEWAY
IT25752 GUI DOES NOT RERENDER IF SWITCHING WEB SERVICE PROXY PROXY SETTINGS TAB BACKEND TYPE RADIO BUTTON
IT25763 DATAPOWER MIGHT RESTART UNEXPECTEDLY WITH THE USE OF GATEWAYSCRIPT CLEARTIMEOUT METHOD
IT25934 INTERMITTENTLY DP:URL-OPEN MIGHT TRUNCATE DATA IN A NON-2XX HTTP RESPONSE
IT26044 TYPE 8441 BIOS DATE IS RESET TO 1998-1-1
IT26067 DATAPOWER MIGHT RESTART IN RARE CIRCUMSTANCES OF HTTP(S) URL-OPEN FACING A BACKEND CONNECTIVITY ISSUE
IT26071 DATAPOWER MIGHT RESTART IN RARE SITUATIONS OF AUTOMATICALLY RESENDING B2B TRANSACTIONS AFTER UPGRADE
IT26122 INLINE CLI COMMAND TO CREATE HEALTH CHECK DOES NOT RECOGNIZE SSL CLIENT PARAMETERS
IT26209 MQ FRONT SIDE WITH HTTP(S) BACKEND MIGHT UNEXPECTEDLY WATCHDOG AND RESTART DATAPOWER
IT26225 CANNOT MODIFY THE LANGUAGE WHEN USING DATAPOWER ON DOCKER.
IT26263 POTENTIAL DENIAL OF SERVICE IN NODE.JS
IT23272 XSLT COMPILER MIGHT DEAL INCORRECTLY WITH <XSL:APPLY-TEMPLATES/> WITHOUT A SELECT ATTRIBUTE
IT26335 DATAPOWER VULNERABILITY: INSUFFICIENT INPUT VALIDATION (CVE-2018-1667)
IT26353 LOW TEMPORARY AND ENCRYPTED SPACE.
IT26363 SECURITY APAR CVE-2018-1662 - USER ACCESS LEVEL USER ALLOWS ACCESS ESCALATION IN WEB GUI
IT26364 SECURITY APAR CVE-2018-1663 - DATAPOWER ADMIN UI AND XML MANAGEMENT INTERFACES MISSING HSTS HEADER
IT26419 DATAPOWER MIGHT UNEXPECTEDLY RELOAD IF DEBUG LEVEL SSL LOGGING IS ENABLED
IT26529 DATAPOWER MIGHT LOG A COMPILATION WARNING FROM VERIFY.XSL EVEN IF THE SERVICE IS WORKING WITHOUT ISSUE.
IT26668 UNKNOWN LOG MESSAGES (SYSTEM-WSGW-MANAGEMENT-POLICY)
IT26802 SECURITY VULNERABILITIES IN DATAPOWER WEBGUI.

Back to top


7.7.1.3

Release date: 28 August 2018
Last modified : 28 August 2018
Status: Available

APAR
Description
IT25575 WRONG RESOURCE OWNER IS SELECTED WHEN GENERATING A JSON WEB TOKEN FROM AAA MAP CREDENTIAL FILE
IT25805 DATAPOWER SNMP ALERT DPSTATUSENVIRONMENTALSENSORSPOWERSUPPLY UPDATED TO DETECT AC POWER LOST FOR BOTH PSUS
IT25911 SECURITY VULNERABILITY IN OPENSSL
IT25931 SPACE NAME AND SPACE ID NOT PASSED IN ACTIVITY LOG
IT25958 JAVA SECURITY UPDATE
IT25959 SECURITY ISSUES IN OPENSSL
IT25995 SLOW MEMORY GROWTH SEEN WHEN USING AAA OR WTX PROCESSING
IT25961 TIMING ATTACK ON RSA DECRYPTION IN OPENSSL
IT26012 UNEXPECTED BEHAVIOR WITH UNSUPPORTED SECURITY ACCESS MANAGER (ISAM) VERSIONS
IT26030 SENSITIVE INFORMATION DISCLOSURE IN DATAPOWER MANAGEMENT AUTHENTICATION INFORMATION IN RESPONSE HEADERS.
IT26084 XML EXTERNAL ENTITY INJECTION (XXE) VULNERABILITY IN DATAPOWER GUI (CVE-2018-1669)

Back to top


7.7.1.2

Release date: 27 July 2018
Last modified : 27 July 2018
Status: Available

APAR
Description
IT24329 QUIESCE CAN PREVENT OBJECTS FROM BEING DELETED
IT24375 DATAPOWER SCHEMA COMPILER MIGHT INCORRECTLY GENERATE COMPILE ERROR RELATED TO XS:RESTRICTION
IT25130 DATAPOWER DNS ROUND ROBIN ALGORITHM DOES NOT HONOR TCP BASED DNSRESPONSE
IT25176 B2B TRANSACTION VIEWER PROVIDES EMPTY DOCUMENTS
IT24791 A SERVER DIFFERENT FROM THE SERVER THAT EXECUTED QUOTA-ENFORCEMENT-SWITCH-MASTER COMMAND BECOMES THE MASTER
IT25289 DATAPOWER RESTARTS MIGHT OCCUR WHEN CALLING AN API WITH INCORRECT SOAPACTION HEADER
IT25539 DATAPOWER MIGHT RESTART WHILE VALIDATING CREDENTIALS DURING AN SSL HANDSHAKE
IT25597 ERROR MAY OCCUR AFTER ADDING/REMOVING SUBSCRIPTION TO APIS
IT25962 SECURITY VULNERABILITIES IN OPENSSL
IT25602 ADDING AND/OR REMOVING SUBSCRIPTIONS MAY LEAD TO ERRORS WHEN PUBLISHING A PRODUCT
IT25603 TRIGGERING 911 - CLEANING UP INACTIVE JOBS CAN THROW EXCEPTION
IT25605 CONFIGURING REGISTRATION VALIDATION FAILS IF THERE IS NO CATALOGS SENT IN PAYLOAD

Back to top


7.7.1.1

Release date: 29 June 2018
Last modified : 29 June 2018
Status: Available

APAR
Description
IT21452 DATAPOWER CANNOT PARSE UTF8 BOM PREFIXED XML IF BOM IS SPLIT ON DIFFERENT TCP PACKETS
IT21491 GATEWAYSCRIPT FILE WITH TRANSFORM.XSLT() MISSES XSLT CLEANUP THAT MIGHT LEAK MEMORY
IT21452 DATAPOWER CANNOT PARSE UTF8 BOM PREFIXED XML IF BOM IS SPLIT ON DIFFERENT TCP PACKETS
IT24052 UNEXPECTED RESTART OF ISAM REVERSE PROXY
IT24359 RBM LDAP SETTINGS REQUIRE HOST AND PORT VALUES IN GUI, AFTER LOAD BALANCER GROUP IS SET
IT24651 DATAPOWER LOAD BALANCER GROUP UNABLE TO HANDLE MULTIPLE SETCOOKIE
IT24731 SECURE RESTORE MIGHT FAIL FOR LARGE FILE SIZES
IT24896 SOME OBJECTS MIGHT BE ENABLED BUT DOWN EVEN THOUGH THE FEATURE IS NOT ACTIVATED
IT24906 DOMAIN CLEANUP MIGHT NOT COMPLETE SUCCESSFULLY LEAVING OLD OBJECTS THAT MIGHT LEAD TO INSTABILITY
IT24941 A LOG TARGET STATUS MEMORY VALUE IS NOT CORRECT, ALWAYS BEING TOO LOW
IT24998 AAA DYNAMIC CONFIGURATION CANNOT HANDLE MULTIPLE LTPA ATTRIBUTES
IT25078 CONSOLE MODULE IN GATEWAYSCRIPT ACTION RESTART ISSUE WHEN PASSING SOME ESCAPED CHARACTER
IT25120 DATAPOWER NETWORK INTERFACES NOT LABELED PROPERLY.
IT25198 JSON STRINGS MIGHT FAIL TO PARSE IN AAA POLICY WHEN IT CONTAINS RESERVED XML CHARACTERS
IT25303 AAA CUSTOM PASSWORD RETRIEVAL FOR DERIVED-KEY IDENTITY EXTRACTION MIGHT FAIL
IT25410 URLOPEN.OPEN() API IN GATEWAYSCRIPT ACTION SUPPORTS GET/DELETE/HEAD WITH DATA
IT25469 DATAPOWER GUI AND SOME NETWORK INTERFACES MIGHT FAIL TO START WHEN THE ENCRYPTED SPACE IS LOW
IT25604 CRASHED GATEWAY DIRECTOR MAY LEAVE REGISTRATION LOCK PREVENTING ANY NEW REGISTRATION
IT25670 [PSIRT] CRYPTOGRAPHIC LIBRARY UPDATE

Back to top


7.7.1.0

Release date:8 June 2018
Last modified : 8 June 2018
Status: Available

APAR
Description
IT24970 ERROR MESSAGE: REQUIRED PROPERTY GATEWAY-PEERING IS MISSING WHEN NOT CONFIGURING API CONNECT

Back to top


7.7.0.2

Release date: 20 April 2018
Last modified : 20 April 2018
Status: Available

APAR
Description
IT24787 ADDRESS PROBLEMS WITH API CONNECT INTEGRATION

Back to top


7.7.0.1

Release date: 5 April 2018
Last modified : 5 April 2018
Status: Available

APAR
Description
IT24621 ADDRESS PROBLEMS WITH API CONNECT INTEGRATION

Back to top


7.7.0.0

Release date:30 March 2018
Last modified : 30 March 2018
Status: Available

APAR
Description
IT19401 DATAPOWER MAY INACCURATELY LOG BACKEND RESPONSE AS CONNECTION FAILURE
IT20862 LATENCY AND EXTLATENCY LOG MESSAGES MAY CONTAIN INCORRECT INFORMATION WHEN REQUEST IS HTTP GET
IT22019 CHANGE TO LOG MESSAGES RELATED TO MIME
IT24076 URL-OPEN MAY PROCESS BACKEND ERRORS DIFFERENTLY WHEN FOLLOWING A REDIRECT
IT24130 NON-MAIN TASK MAY EXHIBIT UNEXPECTED BEHAVIOR IF IT IS STOPPED AND THEN LATER STARTED
IT24881 POTENTIAL VULNERABILITY IN THE SSL COMPONENT OF IBM DATAPOWER GATEWAYS
IT25182 QUOTA ENFORCEMENT SERVER USES DES-CBC3-SHA CIPHER FOR INTERNAL COMMUNICATION

Back to top


Change history
Last modified: 26 August 2019

  • 26 August 2019: Updated fix list for 2018.4.1.7 fix pack.
  • 13 August 2019: Added fix list for 2018.4.1.7 fix pack.
  • 12 June 2019: Added fix list for 2018.4.1.6 fix pack.
  • 29 April 2019: Added fix list for 2018.4.1.5 fix pack.
  • 1 April 2019: Added fix list for 2018.4.1.4 fix pack.
  • 4 March 2019: Added fix list for 2018.4.1.3 fix pack.
  • 1 February 2019: Added fix list for 2018.4.1.2 fix pack.
  • 14 December 2018: Added fix list for 2018.4.1.1 fix pack.
  • 15 November 2018: Added fix list for 2018.4.1.0 long-term support release.
  • 28 August 2018: Added fix list for 7.7.1.3 CD update package that replaces 7.7.1.2.
  • 27 July 2018: Added fix list for 7.7.1.2 CD update package that replaces 7.7.1.1.
  • 29 June 2018: Added fix list for 7.7.1.1 CD update package that replaces 7.7.1.0.
  • 8 June 2018: Added fix list for 7.7.1.0 CD update package that replaces 7.7.0.x.
  • 20 April 2018: Added fix list for 7.7.0.2 fix pack.
  • 5 April 2018: Added fix list for 7.7.0.1 fix pack.
  • 30 March 2018: Created fix list for 7.7.0.0 CD update package.

Off
[{"Business Unit":{"code":"BU004","label":"Hybrid Cloud"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateways"},"Component":"General","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"2018.4","Edition":"Edition Independent"}]

Problems (APARS) fixed
IT19401; IT20862; IT22019; IT24076; IT24130; IT24881; IT24621; IT24787; IT24970; IT21452; IT21491; IT21452; IT24052; IT24359; IT24651; IT24731; IT24896; IT24906; IT24941; IT24998; IT25078; IT25120; IT25198; IT25303; IT25410; IT25469; IT24329; IT24375; IT25130; IT25176; IT25289; IT25539; IT24791; IT25670; IT25575; IT25805; IT25911; IT25931; IT25958; IT25959; IT25961; IT25995; IT26012; IT25597; IT25602; IT25603; IT25604; IT25605; IT25962; IT26030; IT26044; IT26084; IT23272; IT24777; IT24885; IT25219; IT25233; IT25471; IT25545; IT25653; IT25752; IT25763; IT25934; IT26044; IT26067; IT26071; IT26122; IT26209; IT26225; IT26263; IT26331; IT26335; IT26363; IT26364; IT26419; IT26529; IT26668; IT26802; IT25836; IT26010; IT26214; IT26241; IT26554; IT26851: IT26947; IT26948; IT27020; IT27107; IT27258; IT26353; IT27844; IT26947; IT27132; IT27142; IT27162; IT27275; IT27698; IT27721; IT27725; IT27741; IT27815; IT28046; IT25713; IT27324; IT27378; IT27872; IT28017; IT28081; IT28095; IT28099; IT28168; IT28240; IT28282; IT26450; IT26756; IT27065; IT27073; IT27113; IT27167; IT27282; IT27286; IT27355; IT27495; IT27651; IT27726; IT27799; IT27873; IT27949; IT28088; IT28138; IT28338; IT28375; IT28381; IT28389; IT28413; IT28450; IT28455; IT28494; IT28542; IT28551; IT28561; IT28426; IT28720; IT28772; IT28825; IT28828; IT28833; IT28834; IT28893; IT25188; IT27954; IT28391; IT28423; IT28667; IT28609; IT28669; IT28795; IT28798; IT28850; IT28885; IT28995; IT28902; IT28908; IT28956; IT28992; IT28999; IT29004; IT29058; IT29074; IT29143; IT29289; IT29314; IT30030;

Document Information

Modified date:
27 August 2019

UID

swg24044502