Direct links to fixes
4.6.0.5-SterlingConnectDirectforMicrosoftWindows-x86-fp0005-if007
4.6.0.5-SterlingConnectDirectforMicrosoftWindows-x86-fp0005-if010
4.6.0.5-SterlingConnectDirectforMicrosoftWindows-x86-fp0005-if015
4.6.0.5-SterlingConnectDirectforMicrosoftWindows-x86-fp0005-if017
4.6.0.5-SterlingConnectDirectforMicrosoftWindows-x86-fp0005-if022
4.6.0.5-SterlingConnectDirectforMicrosoftWindows-x86-fp0005-if028
4.6.0.6-SterlingConnectDirectforMicrosoftWindows-x86-fp0006-if008
4.6.0.6-SterlingConnectDirectforMicrosoftWindows-x86-fp0006-if009
4.6.0.6-SterlingConnectDirectforMicrosoftWindows-x86-fp0006
4.6.0.6-SterlingConnectDirectforMicrosoftWindows-x86-fp0006-if013
4.6.0.6-SterlingConnectDirectforMicrosoftWindows-x86-fp0006-if015
4.6.0.6-SterlingConnectDirectforMicrosoftWindows-x86-fp0006-if018
Sterling Connect:Direct for Microsoft Windows 4.6.0 Fix Packs
APAR status
Closed as program error.
Error description
Sterling Connect:Direct for Microsoft Windows uses OpenSSL. A vulnerability was reported in OpenSSL which makes OpenSSL vulnerable to an OpenSSL DTLS SRTP denial of service attack (CVE-2014-3513). IBM Sterling Connect:Direct for Microsoft Windows is therefore also vulnerable.
Local fix
STRRTC - 446721 VF / VF Circumvention: None
Problem summary
Users Affected: Sterling Connect:Direct for Windows 4.5.00 Sterling Connect:Direct for Windows 4.5.01 Sterling Connect:Direct for Windows 4.6.0 Problem Description: A vulnerability was reported in OpenSSL which makes OpenSSL vulnerable to an OpenSSL DTLS SRTP denial of service attack (CVE-2014-3513). IBM Sterling Connect:Direct for Microsoft Windows is therefore also vulnerable. Platforms Affected: Windows
Problem conclusion
Resolution Summary: Updated OpenSSL to version 1.0.1j. Delivered In: Sterling Connect:Direct for Windows 4.5.00 Patch 054 Sterling Connect:Direct for Windows 4.5.01 Patch 020 Sterling Connect:Direct for Windows 4.6.0.5
Temporary fix
Comments
APAR Information
APAR number
IT05239
Reported component name
STR CD FOR WIND
Reported component ID
5725C9908
Reported release
460
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2014-10-29
Closed date
2014-11-12
Last modified date
2014-11-12
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
STR CD FOR WIND
Fixed component ID
5725C9908
Applicable component levels
Document Information
Modified date:
25 August 2023