Product Readmes
Abstract
IBM WebSphere Application Server provides periodic fixes for the base and Network Deployment editions of release V8.5. The following is a complete listing of fixes for V8.5 with the most recent fix at the top.
Content
See Recommended updates for WebSphere Application Server for iFix eligibility.
Release Date
|
Total number of APARs
|
Total number of Security APARs
|
Total number of Ideas
|
||
---|---|---|---|---|---|
29 July 2024
|
57
|
8
|
1
|
||
19 February 2024
|
75
|
||||
31 July 2023
|
108
|
5
|
1
|
||
13 February 2023
|
89
|
6
|
2
|
||
25 July 2022
|
95
|
4
|
|||
21 February 2022
|
114
|
5
|
|||
26 July 2021
|
137
|
13
|
|||
15 February 2021
|
93
|
5
|
|||
28 September 2020
|
139
|
13
|
|||
9 March 2020
|
137
|
8
|
|||
3 September 2019
|
153
|
6
|
|||
4 March 2019
|
131
|
16
|
|||
20 August 2018
|
187
|
11
|
|||
5 February 2018
|
212
|
5
|
|||
21 July 2017
|
240
|
10
|
|||
23 December 2016
|
177
|
6
|
|||
15 August 2016
|
208
|
7
|
|||
18 March 2016
|
150
|
2
|
|||
11 December 2015
|
111
|
2
|
|||
11 September 2015
|
|||||
26 June 2015
|
|||||
13 March 2015
|
|||||
8 December 2014
|
|||||
18 August 2014
|
|||||
28 April 2014
|
|||||
11 November 2013
|
|||||
14 June 2013
|
|||||
15 April 2013
|
|||||
29 October 2012
|
Fix Pack 8.5.5.26
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 29 July 2024
Last modified: 29 July 2024 Status: Recommended Download Fix Pack 8.5.5.26 Enhancements:
Fixes:
|
Fix Pack 8.5.5.25
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 19 February 2024
Last modified: 19 February 2024 Status: Superseded Download Fix Pack 8.5.5.25
|
Fix Pack 8.5.5.24
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 31 July 2023
Last modified: 31 July 2023 Status: Superseded Download Fix Pack 8.5.5.24 Enhancements:
Fixes:
|
Fix Pack 8.5.5.23
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Fix release date: 13 February 2023
Last modified: 13 February 2023 Status: Superseded Download Fix Pack 8.5.5.23 Enhancements:
Fixes:
|
Fix Pack 8.5.5.22
|
|
---|---|
Fix release date: 25 July 2022 Last modified: 25 July 2022 Status: Superseded Download Fix Pack 8.5.5.22 |
Component | Security APAR | APAR | Description |
---|---|---|---|
Administrative Console (all non-scripting) | PH38069 | JDWP configuration does not allow an IP address, only a port number | |
PH42423 | A ChainEndpointFilter is set for ORB transport chains page | ||
✓
|
PH43148 | IBM WebSphere Application Server is vulnerable to remote code execution due to Dojo (CVE-2021-23450 CVSS 9.8) | |
PH43252 | Mapping policy sets can take a long time | ||
PH45303 | Changes in admin console cookies to meet RFC 6265 compliance | ||
PH45449 | PatternSyntaxException occurs when editing the host name include list for tcp inbound channels | ||
✓
|
PH46332 | IBM WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477 CVSS 6.1) | |
✓
|
PH46342 | IBM WebSphere Application Server is vulnerable to an information disclosure (CVE-2022-22473 CVSS 3.7) | |
Default Messaging Component | PH45134 | CWSIJ0047E thrown after connection to messaging engine is replaced | |
Dynamic Cache | PH43733 | Distributedmap.remove() results in npe when replication configuration is incorrect | |
Enterprise Edition (EE) | PH46247 | When a standard WebSphere Application Server jar file is added to the classpath, the deserialization fails with an exception | |
Federated Repositories | PH42406 | Support account lockout policy for the file repository | |
PH42735 | Hang occurs when AttributeRangeStep value is set larger than recommended | ||
PH42990 | Improve logging of JNDI_call search trace to include the referral setting | ||
PH44204 | Nested group members are not correctly found after setting ApplyEntityTypeSearchFilterForGrouMmembership custom property | ||
PH46082 | Add warning message when failed login delay is disabled | ||
General | PH30118 | OIDC TAI: Discovery endpoint may be invoked multiple times | |
PH36899 | Improvements to WSGRID takeover | ||
PH37642 | GetJobDetails api output missing fields | ||
PH39030 | WebSphere batch job dispatch can timeout under load | ||
PH39881 | File repository user able to login after failed user account creation on managed node | ||
PH40124 | The lDAPLoginGroupFilter setting is not honored when a group searches for a group | ||
PH41012 | WCT should be updated to clarify the default of "generate ca certificate" creates a self-signed certificate chain | ||
PH42973 | Update messages in federated repositories | ||
PH43324 | ClassNotFoundException when running the managesdk.bat command on the Windows operating system | ||
PH43334 | Incorrect struts action parameter processing for uddi.ear | ||
PH43383 | WebSphere Application Server start failed by deadlock between the server.startup thread | ||
PH43825 | Support urlencoded string in the SSL certificate | ||
PH43960 | Java.lang.classformaterror: jvmcfre106 duplicate method; class=a/b/c/_ejsremote0slasbcbean_cab9549d_tie, offset=51525 reports | ||
✓
|
PH44339 | IBM WebSphere Application Server is vulnerable to Spoofing (CVE-2022-22365 CVSS 5.6) | |
PH44467 | OIDC TAI: filter requests based on the iss claim in the JWT | ||
PH44692 | OIDC: add methods to the OIDCClientHelper api to verify JWTS | ||
PH45044 | OIDC RP add ability to turn off revoke endpoint | ||
PH45453 | PCT response file has invalid paths | ||
PH45586 | Update the WebSphere migration toolkit for application binaries to the 22.0.0.1 version | ||
PH45704 | 0C4 abend in IIOP connection closing code | ||
PH46163 | Enhance parser of was-usage-metering.properties | ||
PH46423 | File repository account lockout not ignored on versions 8.0 and lower | ||
PH46743 | Update the WebSphere migration toolkit for application binaries to the 22.0.0.3 version | ||
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server | |
Install | PH32486 | Applications button of Suse GUI is not displayed after install | |
PH44554 | AppClient fix pack update fails with: CRIMA1077E error: file /opt/IBM/WebSphere/appclient/bin/sdk/_setupDefaultSDK.sh not found | ||
Intelligent Management Component | PH40496 | Deadlock in APC APCXDCpuUtilizationBasedPredictor during startup | |
PH44199 | ODCTreeImpl E ODCF0002E: Exception: the string ""--"" is not permitted within comments | ||
PH44203 | Middleware servers display issue when filter function is used in conjunction with non-default value for maximum rows preference | ||
PH45943 | Changing node maintenance mode state fails and hung thread warnings (WSVR0605W) are observed in systemout.log | ||
PH46914 | Routing rules fail with underscore names | ||
Java 2 Connectivity (J2C) | PH36595 | Connection wait timeout is accounted twice | |
PH39586 | Adapter code reports java.sql.SQLException: unsupported feature for the optional method when the JDBC driver does not implement the methods | ||
PH44437 | Work manager code requires synchronization of unprotected boolean value | ||
PH44499 | Oracle UCP connection pool cleanup during connection testing | ||
PH44801 | NullPointerException is thrown during start after upgrading to 8.5.5.21 | ||
Java Message Service (JMS) | PH37169 | NullPointerException when WMQ_JMS_CLIENT_DETAILS tag is missing in OSGI bundle | |
PH41928 | 503 received when server is stopping, not able to retry request | ||
PH45838 | Issue in control region with handling connection with async read outstanding | ||
Java SDK | PH43113 | Java.lang.ClassNotFoundException for SecureSerializedViewCollection during session persistence | |
Messaging Providers | PH41825 | Message remains locked | |
Migration | PH24791 | Document allowSameRelease option for WASPostUpgrade | |
PD tools (for example: Log Analyzer) | PH44209 | Additional diagnostic data needed for tWAS | |
PH41439 | FFDC generating javax.xml.parsers.FactoryConfigurationError: provider | ||
PH42911 | Issue in the PMI prometheusresource class | ||
PH43845 | Collector tool does not correctly output information in the os/system file on Windows platforms | ||
PH44134 | Collector tool does not include the profile file listing and permissions, if it exists outside of installation root directory | ||
PH45926 | WebSphere control region abend: NoClassDefFoundError (c9c21235) | ||
Plug-in | PH43382 | Plugin propagation occurs even though it s set to manual | |
PH44327 | Plugin can see an increase in file descriptors when the plugin reloads the xml file | ||
PH45148 | Adding custom properties to plugin-config.xsd file | ||
Portlet Container Environment | PH44227 | Illegalstateexception occurs during portlet event processing within portlet container's cacheHelper class | |
Runtime and Classloader | PH39981 | JVM mbean dumpthreads() can create heap or system core dumps | |
PH42899 | Block classes with known vulnerabilities from being loaded by the application and library class loaders | ||
PH45954 | Remove WMIC from clearClassCache.bat | ||
Security | PH37362 | At admin console, JAAS - System Logins > Web Inbound, "Set Order" button can cause security.xml corruption | |
PH39883 | The user "unauthenticated" (in lower case) asserted by Trust Association Interceptor (TAI) is no longer authenticated | ||
PH40544 | LTPA token expiration message (SECJ0371W) was intermittently thrown with the old expiraton time in year 1970 | ||
PH41020 | CSR fails validation due to extra lines RFC822 name = user@domain | ||
PH42057 | Error when disabling custom password encryption | ||
PH42162 | Chained certificate creation fails with "signer SKI format must match signed AKI format" error | ||
PH42887 | Kerberos error message after upgrading to 8.5.5.20 and 9.0.5.8 | ||
PH43573 | WebSphere Application Server 8.5.5.20 may use a default cipher list during handshaking | ||
PH43950 | Setting sslEnabled on customRegistry results in ClassCastException | ||
PH44197 | Make IBMjceplus provider available in the java provider list | ||
PH44602 | NullPointerException in WebSphere socket factory in 8.5.5.21 and 9.0.5.11 | ||
PH45080 | Issue an error when certificate request file path contains spaces | ||
PH45124 | Add the WebSphere disabled algorithms to the configuration during profile creation | ||
PH45406 | The addnode operation fails during creation of a chained certificate due to java.lang.NumberFormatException | ||
PH45670 | NullPointerException in socket factory in 8.5.5.21 and 9.0.5.11 | ||
PH45688 | Changing the WebSphere default protocol to TLS v1.3,TLS v1.2 | ||
PH45689 | LoginModules can no longer be created unless the loginModule class is in the classpath | ||
PH46142 | QoP settings page doesn t work for daemon SSL config | ||
PH46566 | TLS v1.3 failback for thin client | ||
PH46993 | Add constrained delegation support to spnego function | ||
System Management/Repository | PH43697 | Non-planned task clean up causes a FFDC | |
PH44845 | The message of IBMJGSSProvider is shown when startserver or stopserver command is executed | ||
Transaction Service | PH44495 | Thread hang in transactionImpl.ResumeAssociation due to race condition when a transaction is used across multiple threads | |
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PH44071 | Incorrect error handling in UDDI GUI application | |
Web Services Security | PH43722 | SAML sso may emit CWWSS5601E NullPointerException error when decrypting encrypted assertions |
Fix Pack 8.5.5.21
|
|
---|---|
Fix release date: 21 February 2022 Last modified: 21 February 2022 Status: Superseded Download Fix Pack 8.5.5.21 |
Component | Security APAR | APAR | Description |
---|---|---|---|
Administrative Console (all non-scripting) | PH36476 | Console security tightening | |
PH38485 | Unable to configure logging parameters on the admin console | ||
PH39747 | Domino webserver definitions cannot be changed in the console | ||
PH39939 | Default trust store name in the SSL configuration panel is incorrect | ||
PH39949 | Confusing wording in adminconsole around application startup | ||
Administrative Scripting Tools (for example: wsadmin or ANT) | PH36027 | Improve message when renameNode is run against an unmanaged node | |
Default Messaging Component | PH31734 | Admin console reports incorrect messaging queue information | |
EJB Container | PH28694 | EJB method names that differ only in capitalization may result in org.omg.corba.bad_operation | |
PH36416 | EJB Singleton Bean possible deadlock during lifecycle methods | ||
Federated Repositories | PH30775 | NullPointerException is thrown when creating a property extension (lookaside) repository | |
✓
|
PH38929 | WebSphere Application Server is vulnerable to Information Disclosure (CVE-2021-29842 CVSS 3.7) | |
General | IJ02960 | Poison messages are discarded by MQ classes for JMS after failing to send to the backout queue | |
IT22127 | Java client hang when queue manager is quiescing as new connection attempts are made. | ||
IT24521 | Activation Specifications that consume request messages without an MQRFH2 results in reply messages omitting an MQRFH2 | ||
IT24751 | JMS messages delivered to a configured backout queue instead of an MDB can have a missing group id value | ||
IT24782 | WebSphere MQ classes for JMS generate FFDC containing probe ID JO136001 when the queue manager they are using stops | ||
IT26482 | MQ classes for JMS incorrectly require "get" authority on the target cluster queue for an alias queue | ||
IT31238 | MQ classes for Java application cannot get NameValueData from RFH2 when using CCSID 1200 with little endian encoding | ||
IT32725 | Add ability to use newer CipherSuites with the MQ-RA 7.1 for use within the WAS 8.5 environment | ||
IT36699 | Extend the fix IT32725 to include the use of CCDTs | ||
IT38158 | Connection handle leak when a MQ-JMS application security exit reports an error | ||
IV93924 | Clarify error reported on JMSObjectMessage.toString() when object not in allowlist | ||
IV99246 | A MQ Java send exit is only invoked for the last TSH packet sent over TCP/IP when sending a message larger than 32KB | ||
PH35789 | Same fix as PI78935 but for transaction commit processing | ||
PH35225 | Improve handling of cancel notifications in compute grid | ||
PH35226 | Making log part rotation configurable based on file size or number of lines in compute grid | ||
PH36354 | Deadlock in logging code | ||
PH37038 | Charset="utf8" fails with UnsupportedEncodingException in Wink JAXWS | ||
PH37590 | Invalid bundle-version in derby | ||
PH38967 | BufferOverflowException causes activation specs to stop | ||
PH39085 | Processing Base64 encoded data using JAXB can cause a loop | ||
PH39123 | HTTP sessions should not be using DRS thread pool | ||
PH39373 | WebSphere Windows service fails when the hostname contains the word "test" | ||
PH39398 | SESN8558E message giving wrong error details | ||
PH40345 | Update the websphere migration toolkit for application binaries to the 21.0.0.3 version | ||
PH41336 | WSGrid job submission may fail after APAR PH35447 | ||
PH41889 | Current javamail com.ibm.ws.prereq.javamail.jar does not work with TLS1.2 | ||
PH42093 | Update the WebSphere migration toolkit for application binaries to the 21.0.0.4 version | ||
✓
|
PH42762 |
|
|
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server | |
Intelligent Management Component | PH37071 | Certificate monitor fails on secondary dmgr in HADmgr configuration | |
PH37335 | Multiple IM enabled web server definitions with the same shortname may overwrite active routing rules definitions | ||
PH37897 | Application Edition Management feature fails to clean up admin sessions | ||
PH37919 | Launch command for assisted life-cycle middleware servers runs with umask 042 rather than 022 and is not configurable | ||
PH39180 | Exception: java.lang.NullPointerException at com.ibm.ws.odc.nd.ODCTreeImpl.commitTransaction(ODCTreeImpl.java:1047) | ||
PH40934 | Provide option for Application Edition Manager deploy to not start another server if only 1 is running | ||
PH42111 | ODR Lib Excess debug memory consumption | ||
Java 2 Connectivity (J2C) | PH31827 | A reduction of connection leak logic information was introduced to help decrease the size of the stack information logged | |
PH34972 | Invalid properties in the ra.xml causes websphere v8.5.5.x resource adapter update to fail | ||
PH35564 | Add support for encoding the passwords inside of the customer datasource property "ConnectionProperties" | ||
PH38667 | Allow container managed behavior for direct lookups | ||
PH39960 | J2CA0081E caught exception:java.lang.nullpointerexception occurs when stopping the server | ||
PH40106 | WMQ activation specification uses incorrect classpath for xa recovery when resource adapter native library path specified | ||
PH41279 | CMPConnectorFactory is removed unexpectedly when deleting JDBC provider from a server template | ||
Java Message Service (JMS) | PH27943 | Add extra information to CWSIS1577E and CWSIS1578E error messages | |
PH41078 | Issue in control region with handling connection with async write outstanding | ||
PH42628 | Update the IBM WebSphere MQ JCA resource adapter to version 7.1.0.9-k710-09-it38826 | ||
JSP | PH35599 | Out of memory in jspbatchcompiler.sh | |
PH39923 | NullPointerException in jspbatchcompiler.sh | ||
Messaging Providers | PH41504 | AppServers go into retry cycle with error message "exception caught increasing range of unique key generator!" | |
Migration | PH36102 | MIGR0285E: an unexpected internal error occurred with exception java.io.eofexception: unexpected end of zlib input stream error | |
PH36493 | WASPostUpgrade fails with NullPointerException processing domain-security.xml configuration file | ||
PH36935 | WASPreUpgrade - the "plugins" directory was not in the list of was_install_root protected directories | ||
PH37617 | Nullpointerexception occurs when processing a virtualhosts.xml that contains a mimeType entry with no type specified | ||
PH39025 | Remote migration jar WASPreUpgrade on RHEL8 prints (Ootpa): integer expression expected | ||
PH39100 | WASPostUpgrade from 7.0 to 9.0 fails with ArrayIndexOutOfBoundsException | ||
PD tools (for example: Log Analyzer) | PH38053 | Add new server scrape duration metric for prometheus metrics endpoint | |
PH39243 | Add ISO-8601 date option for systemout/err.log files | ||
Plug-in | PH37891 | Plugin error message repeatedly logged - "error: ws_transport: address_as_string: unknown family 4098" | |
PH38203 | Unix pluginCfgMerge lacks was.install.root which causes WVER0001E | ||
PH38773 | Add propagateKeyring option to httpPluginManagement.py | ||
PH40758 | Crash shortly after startup with intelligent management enabled | ||
PH41412 | 99SPluginsBootStrapIIS8.ant may fail if path contains a space | ||
PMI/Performance Tools | PH40246 | More prometheus endpoint enhancements | |
Programming Model Extensions (PME) |
✓
|
PH41676 | WebSphere Application Server is vulnerable to a Denial of Service (CVE-2021-38951 CVSS 7.5) |
Runtime and Classloader | PH37476 | In AIX and Linux, lastmodified() timestamp is not detailed to millisecond | |
PH37493 | osgi.configuration.area.readonly=true not taking affect for servant region | ||
PH39733 | Provide a switch to disable javacores for unexpected shutdowns | ||
PH40676 | Allow Websphere Application Server to return jar urls rather than wsjar | ||
PH42759 | Block class loads for vulnerable classes | ||
PH42899 | Block classes with known vulnerabilities from being loaded by the application and library class loaders | ||
Security | PH34539 | Running addnode could cause the ssl configuration to change and reset the soap connection | |
✓
|
PH34690 | Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2021-29736 CVSS 5.0) | |
PH36184 | LDAP certificate filter does not recognize a plus sign + delimiter | ||
PH36593 | Provide an option to turn off hostname information for audit function | ||
PH36842 | Support for a customized list of SSL protocols | ||
PH36934 | CWSCF0002I: Flooding the logs | ||
PH37067 | CWPKI0045E correction | ||
PH37447 | Profile creation fails when the domain name starts with a digit | ||
PH37462 | javax.net.ssl.keystore, javax.net.ssl.truststore properties are not honored | ||
PH37483 | With application security enabled, 500 is returned when http request has more reference to the parents/upper directory | ||
PH37872 | LTPA token getting refreshed using the custom cacheKey instead having to relogin | ||
PH38493 | Remove unnecessary manual garbage collecting in security code | ||
PH38655 | EJB Thin client jars not recognising TLSV1.3 protocol | ||
PH39176 | com.ibm.websphere.tls.disabledAlgorithms property is not honored in a certain Java thin client scenario | ||
PH39568 | StopServer and serverStatus fails to work after upgrading to 9.0.5.8 and 8.5.5.20 | ||
PH39917 | Unable to retrieve group in a custom standalone user registry implementation | ||
PH40186 | Replace certificate function did not replace certificate alias name | ||
PH40437 | ClassCastException in webcollaborator in 9.0.5.8 | ||
PH40829 | Websphere Application Server tries to invoke TLS1.3 and fails even though it is not the default protocol | ||
PH41313 | Provide an option to include application name in the terse audit function | ||
System Management/Repository | PH30748 | Error creating client_auth_token during shutdown | |
PH38349 | ADMU3029I: conflict detected on port 9999 for endpoint JSR160RMI_connector_address of the server server1 | ||
PI92142 | ADMU3011E unable to start a web server using startserver command | ||
Transaction Service | PH27371 | Adding support for Kerberos keytab and ccache during XA recovery | |
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PH35078 | Soap response message is not valid, but Websphere parsing should not fail it with NullPointerException | |
PH38944 | "Error case - primContains() found null zipfile " error may be seen in dmgr log when installing an application | ||
✓
|
PH42728 | Vulnerability in Apache Log4j affects WebSphere Application Server (CVE-2021-44228 CVSS 10) | |
Web Services Security | PH35481 | OIDC APIs may not find idToken token on runAs subject | |
PH39666 | OIDC RP initial login may fail when OIDC stateID name contains special characters | ||
PH39847 | OIDC RP: entry is never removed from cache when initial login is via introspection | ||
PH40532 | OIDC TAI might not remove OAuth access token cache entries | ||
PH40533 | OIDC TAI might encounter a thread hang when sessions are removed from the local cache | ||
WebSphere Common Configuration Model (WCCM) | PH38310 | Xml parser does not recognize the setting which disables processing of docType | |
Workload Management (WLM) | PH29620 | Cluster ripple stops processing cluster members when a members nodeagent is down |
Fix Pack 8.5.5.20
|
||
---|---|---|
Fix release date: 26 July 2021 Last modified: 26 July 2021 Status: Superseded Download Fix Pack 8.5.5.20 |
Component | Security APAR | APAR | Description |
---|---|---|---|
Administrative Console (all non-scripting) | PH29429 | Admin console not working correctly in some cases with fine grained security | |
PH31184 | Fixes/enhancements for PH31613 | ||
PH32886 | Incorrect variable definition leads to failure in transformer script | ||
PH33656 | Wsadmin Jython command does not change status of scheduler JNDI name | ||
PH33754 | The ok button of login configuration page for Java Authentication and Authorization (JAAS) not working consistently | ||
PH33795 | Default scope should not affect virtualhosts.xml. there is only one scope for virutalhosts | ||
PH34318 | Extra character at the top of managing repository page | ||
PH35829 | Not able to move a target of a SIP application router to another SIP application router through the administrative console | ||
Default Messaging Component | PH29166 | Message engine deadlock problem | |
PH31182 | Loop when trying to delete the first message in the queue | ||
Dynamic Cache | PH31693 | Programmatically created object cache instances cannot be configured for replication | |
PH35811 | com.ibm.ws.cache.cacheConfig.BatchUpdateMilliseconds does not affect the batch update daemon on recv side | ||
EJB Container | PH33683 | EJB timer service does not adjust based on daylight savings time adjustment | |
✓
|
PH33994 | Server-side Request Forgery (SSRF) in WebSphere Application Server (CVE-2021-20480 CVSS 4.3) | |
EJBDeploy (WSAD) | PH36122 | Remove unnecessary was.product file from EJBDeploy tool | |
Enterprise Edition (EE) | PH36441 | Fix deserialization issue for lists when jaxb.fp.fallback.for.typed.arrays is enabled | |
Federated Repositories | PH33842 | CWWIM5107E error message seen reporting a failure against a webserver node | |
General | PH21496 | CWSAH0009E: An internal error occurred | |
PH31150 | NullPointerException during getSession when request contains a session ID with invalid length | ||
PH31454 | Remove jackson-databind from SCA | ||
PH31840 | Moveable DMGR fails to create VIPARANGE DVIPA on second LPAR | ||
PH32163 | Deadlock condition in memory session and logging console handler | ||
PH32352 | Print trace points if cookies or url rewriting is enabled | ||
PH32501 | Print trace points if session shared between webmodules | ||
PH32561 | Print a message saying that the custom property is needed if the length of the JSESSIONID cookie is greater than 23 chars | ||
PH32868 | Exported ear file does not include latest application files | ||
PH33299 | WebSphere Application Server windows service continues to run when WebSphere ends unexpectedly | ||
PH33368 | CWSIK0901E: An internal messaging error | ||
PH33596 | The WebSphere windows service should not use startserver.log for its logfile | ||
✓
|
PH33648 | Directory Traversal vulnerability in WebSphere Application Server (CVE-2021-20354 CVSS 5.9) | |
✓
|
PH34067 | XML External Entity (XXE) Injection vulnerability in WebSphere Application Server (CVE-2021-20453 CVSS 8.2) | |
✓
|
PH34122 | Vulnerability in Dojo affects WebSphere Application Server (CVE-2020-5258 CVSS Score 7.5) | |
PH34424 | Update Apache httpClient to 4.5.13 for usage metering | ||
✓
|
PH34501 | Multiple Vulnerabilities in Apache HttpComponents and HttpCommons affect WebSphere Application Server | |
✓
|
PH34906 | XML External Entity Injection (XXE) in WebSphere Application Server Java Batch (CVE-2021-20492 CVSS 6.5) | |
✓
|
PH34944 | Multiple Vulnerabilities in Apache HttpComponents and HttpCommons affect WebSphere Application Server | |
PH35134 | Prevent calls to remote EJB during read/write external | ||
PH35447 | Property to enable preference to use local connection between compute grid scheduler and endpoint servers | ||
PH35767 | Update the migration toolkit in WAS to the latest version | ||
PH35877 | Session activeCount shows a negative value | ||
PH36236 | Compile error returns com.ibm.ws.exception.WsNestedException is unknown | ||
✓
|
PH36253 | Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2021-29754 CVSS 4.2) | |
PH37034 | Update the version of log4j contained in the installable UDDI.ear application | ||
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server | |
IBM i | PH35467 | QSVTP24 service program not updated by fix pack if ownership incorrect | |
Install | PH33568 | WebSphere Application Server 9.0.5.6 does not support the 64-bit version of Installation Manager 1.9.1.4 for HPUX | |
PH34646 | 64-bit Installation Manager on z/OS generates warning messages | ||
PH36085 | Repeating update and rollback between 8.5.0.0 and 8.5.5.19 fails | ||
Intelligent Management Component | PH31531 | ArrayIndexOutOfBoundsException in ODR vector operation | |
PH32919 | ODC does not carry url-patterns associated with filter-mapping definitions held in module level web-inf/web.xml files resulting in 404 responses | ||
PH33164 | SWF type files in XD code after end of life for flash player | ||
PH34475 | Intelligent Management enabled web servers and On Demand Routers (ODR) return 404 error codes for requests that could be served by the mapped applications default servlet | ||
PH34977 | Intelligent Management enabled plugin attempts too many retries when application with session affinity returns 503 | ||
PH35058 | Unable to configure Java SDKs from console for ODR servers | ||
✓
|
PH35098 | Directory Traversal vulnerability in WebSphere Application Server ND (CVE-2021-20517 CVSS 6.4) | |
PH35997 | After upgrade to 9.0.5.7 static content which was previously being served by IHS was returning 404 error codes | ||
PH36124 | WASX7017E: Exception received while running file "dumpimpstate.py" | ||
PH36840 | Dmgr fails to start, with msg DCUT0003E: 32 bit native library | ||
PH37099 | Prevent high CPU resulting from concurrent server-status access | ||
Java 2 Connectivity (J2C) | PH31288 | J2CA0045E Tolerating the connection error occurred event during the matchManagedConnention | |
PH32187 | Receiving J2CA0646E error when updating MQ resource adapter | ||
PH33941 | Deadlock issue when close JMS connection | ||
PH34294 | Datasource url property syntax validation does not allow new format in admin console | ||
PH35899 | java.security.unrecoverableKeyException after upgrading to WebSphere v8.5.5.19 | ||
PH36295 | Attempt to fix J2Cmodule PMI object memory leak | ||
Java Management Extensions (JMX) or JMX Client API | PH36026 | Improve log message when the node agent restarts an unresponsive application server | |
Java Message Service (JMS) | PH31692 | Not all message listeners started in the control region after startup | |
PH34639 | destDescription message header with no value set after editing MQ topic configuration | ||
PH35855 | WebSphere control region failed with ABEND 0C4 in com/ibm/ws390/xmem/proxy/XMemProxyCRCppUtilities.queueInboundRequest | ||
Java SDK |
✓
|
PH34711 | Vulnerability in Apache MyFaces affects WebSphere Application Server (CVE-2021-26296 CVSS 8.8) |
PH36923 | java.lang.nullPointerException caused by PH34711 | ||
Migration | PH33872 | WasPostMigration fails with java.lang.noSuchMethodException | |
PH38010 | Update the migration toolkit for application binaries to the latest version - 21.0.0.2 | ||
Object Request Broker (ORB) | PH35522 | WebSphere Application Server servant or adjunct region may not come down quickly after a 5C6 ABEND | |
PD tools (for example: Log Analyzer) | PH38048 | Prometheus endpoint enhancements for performance monitoring infrastructure metrics on WebSphere Application Server traditional | |
Plug-in | PH32435 | Encoded charcters (%2f etc) in uri | |
PH32528 | Plugin does not allow personal certificates using weak signature algorithms such as SHA1withRSA | ||
PH32738 | Applying Plugin fix pack 9.0.5.4 creates an unexpected empty file "c:\program" | ||
PH33264 | When using Intelligent Manager and WebSphere Plugin, the web server may crash when processing a non-websphere request | ||
PH34305 | Adding deprecated messaging to plugin topology centric generation | ||
PH34566 | Limit number of retries for 503 responses | ||
PH36211 | Crash with Plugin 8.5.5.19 on Linux PPC64LE | ||
PH36487 | WAS Webserver plug-in possible crash in detailedLog function | ||
PH36942 | Ant script fails in post install processing | ||
PMI/Performance Tools | PH24409 | Prometheus endpoint for PMI metrics on WebSphere Application Server traditional | |
Scheduler | PH31154 | Xor encoding keyStorePasswords and trustStorePasswords used in datasource custom properties lead to SSLhandshake errors | |
Security | PH28393 | Login audit for SPNEGO and Kerberos login | |
PH29840 | Create the ability to select additional protocol | ||
PH30522 | Fix code to not allow a keySetGroup referenced by the default LTPA auth mechanism to be deleted | ||
PH30570 | Provide an option to use only custom cookie name in traditional WebSphere | ||
PH31086 | WIM exception in wsadmin using RMI with / character in username | ||
PH33038 | Intermittent error parsing an unchanged wsjaas.conf | ||
PH34028 | Server does not start after enabling AES encryption | ||
PH34651 | The RSAPSS algorithm needs to be disabled when IBMJCEFIPS provider is being used | ||
PH34899 | java.lang.nullPointerException in security interceptor during WAS server startup | ||
PH34963 | The underscores (_) in ND name cause profile creation error | ||
PH35227 | The certificate monitor did not renew the default certificate on WAS v8.5.5.17 using JDK1.7 | ||
PH35299 | A custom cache key is not returned correctly when the subject has more than one hashtable in the credential | ||
PH35329 | If an extremely large number is input for LTPA timeout, it may exceed the maximum long value, resulting in an invalid token | ||
PH35421 | ADMIN_REPOSITORY_SAVE audit events are not generated in an AdminAgent environment | ||
PH35998 | When certificates contian multiple DNS or IP values not all values are displayed when viewing the certifiate information | ||
PH36007 | The genAndReplaceCertificate task is not working when not connected to the server | ||
PH36017 | Error message CWPKI0662E is vauge and does not provide user with much information to help them | ||
PH36615 | QShell command line remains hidden after prompting for password with administrative security enabled for a WebSphere Application Server profile | ||
PH36649 | AdminTask.ValidateAdminName results in NullPointerException when ran as operator role | ||
PH36732 | Add ability to delete corrupted keystore | ||
PH36733 | A certificate signing request (CSR) is created with an extra information in the subject alternate name(SAN) field | ||
PH36858 | Add warning during server start when TLSv1 or TLSv1.1 is configured | ||
PH36864 | Message CWPKI0429I has an incorrect parameter that needs to be fixed | ||
PH36985 | SSL failed handshake with a BAD CERT error | ||
Service Data Objects (SDO) | PH35619 | Use of "OneDB" causes many "not a recognized database type" message error messages | |
Servlet Engine/Web Container | PH29912 | Change default value for WebContainer suppressHtmlRecursiveErrorOutput | |
PH33180 | Enable TrustedHeaderOrigin to be configured with hostnames and IP segments | ||
PH35019 | There are scenarios where the HTTP dispatcher will set a 404 status and send a response without ever engaging the web container | ||
PH35470 | PMI stats for the servlet are not collected for application until application is restarted | ||
PI80786 | HTTP 500 is returned from a request with too many parent directories (forward slashes) in the url | ||
System Management/Repository | PH29354 | Add JVM option to narrow down trace spec for command line tools | |
PH32869 | Temporary EAR file not deleted after partial application update | ||
PH35272 | "ADMG0811I: Changing value for this property password" message displayed when the value has not changed | ||
Transaction Service | PH35202 | Server using ENABLE_DBTXLOG_PEERLOCKING=TRUE fails to start if the transaction log tables are empty | |
PH36461 | org.xml.sax.SAXParseException: the namespace prefix "wsa" was not declared | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) |
✓
|
PH33037 | Directory Traversal vulnerability in WebSphere Application Server (CVE-2020-5016 CVSS 5.3) |
✓
|
PH34048 | XXE Injection Vulnerability in WebSphere Application Server (CVE-2021-20454 CVSS 8.2) | |
PH35981 | OverlappingFileLockException on z/OS after applying PH26972 ifix | ||
PH37152 | IWAE0017E unable to replace original archive - during role mapping | ||
Web Services Security | PH23614 | OIDC add programmatic support for some OAuth functions | |
PH30368 | OIDC RP may not delete session cookie when SameSite cookie policy=lax | ||
PH30911 | OIDC RP: Allow a resource parameter to be sent to the token and authorize endpoints | ||
PH31682 | OIDC RP may not load config from a non-default security domain | ||
PH32257 | NotSerializableException with OIDC | ||
PH32421 | Saml assertions are not created with AudienceRestriction | ||
PH33170 | OIDC JWT authentication using custom cache key can be slow | ||
PH34227 | OIDC RP: Support the basic_start_authorization scope | ||
PH34840 | OIDC RP: Make the state parameter alphanumeric | ||
PH35185 | OIDC RP may fail with CWTAI2007E saying a nonce claim is required when the nonce is present | ||
WebSphere Common Configuration Model (WCCM) | PH32277 | Application deployment is slow when application has many EJB jars | |
✓
|
PH33228 | XML External Entity (XXE) Injection vulnerability in WebSphere Application Server (CVE-2021-20353 CVSS 8.2) | |
PH34197 | ICU4J IllegalArgumentException on Dec 31 of a leap year |
Fix Pack 8.5.5.19
|
||
---|---|---|
Fix release date: 15 February 2021 Last modified: 15 February 2021 Status: Superseded Download Fix Pack 8.5.5.19 |
Component | Security APAR | APAR | Description |
---|---|---|---|
Administrative Console (all non-scripting) | PH26166 | Performance problems in certain collection pages of the WebSphere Application Server admin console | |
PH28097 | J_security_check allows GET requests | ||
PH28098 | Users without appropriate roles can access links that eventually throw errors | ||
PH28336 | Webserver virtual host creation failure | ||
✓
|
PH29871 | WebSphere Application Server Admin Console is vulnerable to a directory traversal vulnerability (CVE-2020-4782 CVSS 6.5) | |
PH30566 | After updating to 8.5.5.18 and 9.0.5.5 accessing the admin console fails with 500 error | ||
PH31120 | WebSphere z/OS 8.5.5.* details of com.ibm.ws.management.util.zos.transformationError not in joblog | ||
PH31219 | Property to allow the monitoring role to do testConnections in the integrated solutions console | ||
PH31320 | Tivoli Performance Viewer (TPV) servlet summary report page not rendering images correctly | ||
PH31564 | Setting string value on J2EEResourceProperty to emptry string removes attribute | ||
PI79928 | WIM LDAP panel navigation causes java.lang.NoSuchMethodException: unknown property alias error | ||
EJB Container | PH27912 | CNTR5104E or CNTR5102E occurs at EJB start after upgrading WebSphere to v8.5.5.16, v9.0.5.0, v9.0.5.1, or v9.0.5.2 | |
Federated Repositories | PH23888 | LDAPHelper.getrdn failover does not properly account for escaped commas | |
PH28634 | Remove extra logging from UI script | ||
General | PH31135 | Abend 0C4 in BBODASLU entry point BBODAL03 when daemon is stopped | |
PH26451 | ODRLib should consider all vcs when searching for the server app a request has affinity with in multi-cell topologies | ||
PH26641 | IndexOutOfBoundsException when performing some of APIs on SDO list | ||
PH27557 | Apache derby component currency update | ||
PH27825 | Deadlock in HPEL code when running SIP tracing | ||
PH27883 | CWXRS0003W message in adjunct region with dynacache enabled | ||
PH28733 | Server not shutting down when started in recovery mode when using HPEL | ||
PH28795 | Update the migration toolkit in WAS to latest version and remove setting sourceJava and sourceAppServer manually | ||
PH30529 | WAS service entered the running state. msg is sometimes recorded twice | ||
PH30827 | Session active for over 1 hour is not invalidated | ||
PH31008 | Cryptic exception when session max count exceeded | ||
PH31267 | For WSGrid STEP_COMPLETE_EXECUTION_FAILED should be rc -14 but throws -16 | ||
PH31965 | WAS service generation fails on SLES 15 and above | ||
PH32188 | Update the migration toolkit in WebSphere to version 20.0.0.4 | ||
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server | |
Install | PH18404 | Disable optional IBM java 8 offerings for websphere application server | |
PH30851 | Updating fix pack 8.5.5.15 with the interim fix PH25216 fails | ||
Intelligent Management Component | PH26451 | ODRLIB should consider all VCs when searching for the sapp | |
PH31889 | NullPointerException during batch rollout | ||
Java 2 Connectivity (J2C) | PH28590 | FFDC data output may display database configuration information | |
Java Management Extensions (JMX) or JMX Client API | PH24396 | Add ability to generate multiple javacores before node agent restarts unresponsive application servers | |
Java Message Service (JMS) | PH26694 | A Message Driven Bean bound to MQ via a listener port stops consuming messages after an MQRC_CONNECTION_BROKEN error | |
PH26914 | A rare timing condition may lead to the file store stopping | ||
PH28619 | Queue message priority setting via commitPriority in descriptor is not working | ||
PH29128 | Mis-identification of IBM MQ JMS provider | ||
JNDI/Naming |
✓
|
PH27583 | WebSphere Application Server is vulnerable to an information disclosure vulnerability (CVE-2020-4629 CVSS 2.9) |
JSP | PH11216 | Redirect context root for missing slash fails in WAS V9.0 and Liberty when using HTTPS connection | |
Object Request Broker (ORB) | PH27364 | WebSphere z/OS 8.5.5.17 Abend 0C4 (gpf) in com/ibm/ws/asynchbeans/services/wlm/enclavemanager.deregisterWorkUnit | |
PD tools (for example: Log Analyzer) | PH29537 | [RFE 276826] Increase max number of historical files from 200 to any positive number in tWAS | |
PH30146 | Remove -serverName from -help listing in collector | ||
PH30984 | Increase collector tool max heap memory size | ||
Plug-in | PH27966 | Plugin does not set special header $wsxx for websocket request | |
PH29434 | Avoid hang in ODRHttpResponseContextClean() when using im "MaxRequestsPerDaemon" option | ||
PH29829 | Customer should not have their plugin-key.kdb/sth files within /etc | ||
PH29951 | Plugin cannot manually propagate without overrideAutoProp | ||
PH30071 | Conflict between mod_deflate and the WAS plugin | ||
PH31857 | IBM WebSphere Application Server web server plugin sets the incorrect default for ignoreAffinityRequest settings | ||
PH32280 | IHS server/plugin loop at startup with zero byte plugin-cfg.xml file | ||
PMI/Performance Tools | PH29087 | TPV in admin console shows incorrect activeCount value afterServant region is restarted | |
Runtime and Classloader | PH32612 | Unexpected server shutdown produces no additional debug data | |
Security | PH25204 | After server is restarted, SpnegoTokenHelper APIs may fail due to the lack of Kerberos credential | |
PH26308 | LDAPTestQuery tool is not honoring dynamically updated SSL settings set at test query tool | ||
PH28196 | Sensitive information may be stored in a system dump | ||
PH29343 | Allow receiveCertificate to handle pkcs7 files | ||
PH29377 | Unable to read multiple certs from a cert file | ||
PH29549 | Displaying email entry in san for information user did not provide | ||
PH30511 | Failed to create dynamic cluster and seeing lots of WKSP0501I: xx workspaces exist in the wstemp directory | ||
PH30569 | Provide an option to only show the info user need in wsadmin getSSLConfig command | ||
PH31613 | LDAP/VMM support Kerberos authentication | ||
PH32041 | Plug point for custom password encryption is not working on 8.5.5.18 | ||
PH32284 | MalformedURLException connecting to Standalone LDAP Server with SSL (LDAPS) | ||
Services Component Architecture | PH30846 | Remove open SCA from WebSphere 8.5.5 | |
System Management/Repository | PH24460 | Add configurable write timeout to IPCConnectorInboundLink | |
PH26777 | Enable post sync deploy processing on the DMGR with system prop | ||
PH30918 | Incorrect java library path set when a server SDK is different from the node/profile SDK | ||
PH31439 | Non planned task management tasks never get deleted | ||
Transaction Service | PH10643 | Cascading server restart due to transaction auto peer recovery locking issue | |
PH22988 | Poor performance when transaction and compensation recovery logs are stored in a relational database | ||
PH23968 | java.util.concurrentModificationException when stopping server | ||
PH29639 | Control process is terminated with error C9C21862 following a RRS RC 761 | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PH26629 | Error may occur when calling ServiceDelegate.releaseService() SPI in client application | |
PH26778 | Axis2 jaxbUtils class consuming large amount of memory | ||
PH26972 | zWAS JAXBContext cache corruption possible in multi-servant environments | ||
✓
|
PH27157 | WebSphere Application Server is vulnerable to an information disclosure vulnerability (CVE-2020-4576 CVSS 5.3) | |
✓
|
PH27509 | WebSphere Application Server is vulnerable to an information disclosure vulnerability (CVE-2020-4643 CVSS 7.5) | |
PH28223 | StringIndexOutOfBounds exeception occurs during policyset attachment | ||
PH28645 | AbstractMethodError in wsdlReaderImpl.getDocument | ||
PH29156 | JAX-WS client may not send request to provider: expose SerializeSecurityContext at JVM level | ||
PH29763 | Need an option to enable WSDL4J verbose messages | ||
Web Services Security | PH26925 | OIDC RP generates javascript with extra end-script to send to OP | |
PH27514 | OIDC TAI add basic auth support for the JWK endpoint | ||
PH27827 | OIDC RP support unique clientid and clientsecret for introspection endpoint | ||
PH27971 | OIDC RP: expose end_session_endpoint with an api | ||
PH28253 | OIDC RP should intercept callback from OP without special filter config | ||
PH28386 | OIDC RP: give the option to validate a JWT access token | ||
PH28534 | OIDC TAI: Do not load config entry if no filter defined | ||
PH29099 | OIDC RP: ClassNotFoundException for JsonUtil$DupeKeyDisallowingLinkedHashMap | ||
✓
|
PH31727 | XXE vulnerability in WebSphere Application Server (CVE-2020-4949 CVSS 8.2) | |
WebSphere Common Configuration Model (WCCM) | PH31370 | Update ICU4J time zone information | |
Workload Management (WLM) | PH27505 | WLM can get in a loop when receiving compressed data running on z15 hardware |
Fix Pack 8.5.5.18
|
||
---|---|---|
Fix release date: 28 September 2020 Last modified: 28 September 2020 Status: Superseded Download Fix Pack 8.5.5.18 |
Component | Security APAR | APAR | Description |
---|---|---|---|
Administrative Console (all non-scripting) | PH20162 | The configure scanner page is not enabled for monitor with admin access to an application | |
PH20878 | Add content-security_policy to the response header on the dmgr | ||
PH21166 | Connection pool timeout hover help is confusing | ||
PH21177 | Update copyright for admin console | ||
PH23369 | The color settings of console identity is backed to default | ||
PH23600 | Hover help for ORB tracing is not helpful | ||
✓
|
PH23638 | WebSphere Application Server is vulnerable to server-side request forgery (CVE-2020-4365 CVSS 5.3) | |
PH23783 | Support url to go directly to three specific pages in the admin console | ||
✓
|
PH26220 | WebSphere Application Server is vulnerable to cross-site scripting (CVE-2020-4578 CVSS 5.4) | |
PH26874 | ADMA8019E warning even if "validate input" parameter set to off during the deployment | ||
Contexts and Dependency Injection (CDI) | PH19003 | NullPointerException while stopping an application in org.apache.webbeans.* | |
PH22277 | NPE when deleting conversationcontext | ||
EJB Container | PH26295 | Injection processing in adjunct region for z/OS for war modules causes CWNEN0044E error | |
EJBDeploy (WSAD) | PH24687 | Show a deprecated message when running EJBdeploy | |
Federated Repositories | PH19260 | WIMConfigurationException is thrown when updating caches on admin console | |
PH23240 | Adding a node from 9.0.5.1+ deployment manager fails for 8.5.5.17+ node with CWWIM5106E | ||
General | PI67099 | Provide option to add STS response header for HTTPS request | |
PH17297 | Corrections are needed to the documentation in the knowledge center for IBM WebSphere Application Server version 8.5 | ||
PH18158 | SESN8558E: An attempt was made to write more than 2M to the large column | ||
PH19392 | When checkpointing is turned on it increases the node synchronization times | ||
PH19805 | Display run_jobs_under_user_credential at startup | ||
PH19880 | Update was migration tools to work with binary scanner updates | ||
PH20275 | The session manager behavior after fix of PI78540 is not updated into the knowledge center | ||
PH20390 | Add MaxHeap MaxInt error message | ||
PH20735 | Dmgr CR issued ABEND0C4-11 dump after stop command | ||
PH21046 | First element in list gets duplicated when parent is copy of another parent with a child list that replaced with copy of itself | ||
PH21413 | Validate zeroEarCopy apps when running the binary scanner | ||
PH22517 | WS-security may decode Kerberos token and retrieve the realm name for the principal name | ||
PH23125 | Need informative message when session table does not exist on database | ||
PH25463 | With HPEL enabled and "enable log record buffering" set to true, the Textlog is not updated instantly | ||
PH25972 | Updating the WebSphere Application migration toolkit (binary scanner) in WAS to the latest version | ||
✓
|
PH26083 | WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4534 CVSS 7.8) | |
✓
|
PH26761 | Vulnerability in Apache Batik affects WebSphere Application Server (CVE-2019-17566 CVSS 7.5) | |
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server | |
Install | PH20560 | Update IHS 8.5.5.16 fails with error getting file for installation on Solaris | |
PH26325 | Fail to check VisualStudio 2013 redistributable package during IHS fix pack install | ||
Intelligent Management Component | PH20397 | zOS atomic rollout fails when updating edition due to incorrect web server state | |
PH22238 | HeapDetect: Error notifying monitor: 52 message is logged on standard error log | ||
PH23775 | Ensure 32 bit libraries are laid down on 64-bit systems. | ||
PH24552 | PI89036 causes native_stdout to fill up with repeating debug | ||
✓
|
PH25216 | Remote code execution vulnerability in WebSphere Application Server ND (CVE-2020-4448 CVSS 9.8) | |
PH25657 | ODR needs to handle encoded uri request patterns | ||
PH25931 | Min/max instance script update does not update min/max nodes | ||
✓
|
PH26354 | WebSphere Application Server ND is vulnerable to cross-site scripting (CVE-2020-4575 CVSS 4.7) | |
PH26364 | Improper handling of INADDR_ANY by the Intelligent Management communication layer (P2P/SON) results in NPE | ||
PH27037 | New property appEdition.rollout.softReset.waitToQuiesceApplication to set quiesce interval | ||
PH27806 | Deadlock between com/ibm/ws/odc/nd/ODCTreeImpl and org/eclipse/osgi/framework/internal/core/BundleRepository blocks start-up | ||
Java 2 Connectivity (J2C) | PH17466 | J2CA0051E due to NullPointerException during server shutdown while stopping a resource adapter | |
PH18970 | Connection pool hands out aborted connection | ||
PH20373 | java.lang.IndexOutOfBoundsException thrown from com.ibm.ejs.container.BeanO.reAssociateHandleList | ||
PH21284 | Incorrect waitingThreadCount due to mishandling of interrupted threads | ||
PH21407 | OutOfMemory message is occuring when J2CModule reference is not freed up (J2CModule = null) | ||
PH23168 | NullPointerException with showPoolContents | ||
Java Management Extensions (JMX) or JMX Client API | PH08470 | Since moving to WebSphere 9.0.0.8, jsf-nls.jar is not being found | |
Java Message Service (JMS) |
✓
|
PH19528 | WebSphere Application Server is vulnerable to a denial of service (CVE-2019-4720 CVSS 7.5) |
PH19730 | Launchclient jobs failed with error message WSCL0912E "Component failed to initialize" | ||
PH20912 | Unable to set samesite cookie option with response.addHeader | ||
PH22157 | Add support for the SameSite cookie attribute | ||
Java SDK | PH22773 | ConcurrentModificationException during JSF initialization | |
JavaServer Pages (JSP) | PH24643 | Unresolved bundle warning message when using SunRI 1.2 | |
Migration | PH23359 | Message MIGR0590I is incorrectly formatted | |
PH24741 | Migration to WebSphere Application Server V9 may fail to carry forward some SSL endpoint configurations | ||
PH25522 | java.lang.NullPointerException while running migration BBOWMPOS job | ||
PH26288 | WasPostUpgrade extracts a file before its parent directory with regard to shared libraries | ||
PD tools (for example: Log Analyzer) | PH15449 | No stack trace printed when NullPointerException printed | |
PH20856 | OSGI logs are not captured by collector tool | ||
PH21934 | Profile root is not captured by collector tool for Windows 2016 | ||
Plug-in | PH21258 | z/OS plugin bld version does not show fix pack level | |
PH21768 | Plugin fix pack does not update IIS_webserver copy of binary | ||
PH22593 | Plugin-gen does not refer session management configuration of app-level which overrided when set web-level setting exist | ||
PH26192 | Web server crashes when WebSphere plugin dynamically reloaded | ||
PH26422 | Flexibility needed in setting $wssn used in place of host: header | ||
PH26475 | Switch IIS_webserver plugin binaries to symLinks | ||
PH26856 | ServerIOTimeoutRetry defaults to 0 (none) if property does not exist in plugin configuration | ||
PH27968 | Allow non-RFC5280 certificates by default | ||
PH28096 | Http_plugin.log entries for SSL read/write errors are treated like a timeout | ||
Runtime and Classloader | PH20328 | WSadmin renameNode() and adminConfig.save() commands deleting WSBundleMetaData/jsf-myfaces.xml | |
PH24756 | WebSphere Application Server JVM start failed on parsing meta-inf/ejb-jar_merged.xml | ||
Scheduler |
✓
|
PH27414 | WebSphere Application Server could allow a remote attacker to execute arbitrary code (CVE-2020-4589 CVSS 8.1) |
Security | PH12072 | SMF records not recorded with security auditing using the SMF emitter with SECURITY_FORM_LOGIN and SECURITY_FORM_LOGOUT | |
PH14756 | NullPointerException in CertificateMapper.getDnSubField WebSphere setup with global security LDAP with security domain | ||
PH18052 | Add an option to use hostname in ORB IOR | ||
PH19164 | If custom encryption module throws PasswordEncryptException or PasswordEncryptException, it can corrupt passwords in security.xml | ||
PH20571 | When the audit policy is loaded, a commandValidationException occurs (SEC6051E) | ||
PH21586 | ADMG0012E Unable to add the custom properties in CA client configurations | ||
PH21890 | External authentication retrieved user via TAI intercept as unauthenticated failed with null for getUserPrincipal | ||
PH22557 | Creating a custom CA client by implementing WSPKIClient interface provided by websphere failed class loader | ||
PH22986 | The renewed certificate is not honored when certificate expiration monitor renewed a certificate | ||
PH23211 | Password on commandline is not masked correctly | ||
PH25309 | Preventing users from making a deletion of a certificate if the alias is being used in dynamic SSL config or SSL config | ||
PH25806 | Add password encryption support for passwordUtil into WebSphere Application Server 8.5.5 | ||
PH25855 | LtpaToken2 value is same after relogin | ||
PH26401 | Add certificate extension support | ||
PH27328 | The modifyAuditPolicy command throws a NullPointerException | ||
PH28615 | The password encryption feature errors opening a default custom encryption implementation | ||
Servlet Engine/Web Container |
✓
|
PH20847 | Information Disclosure in WebSphere Application Server (CVE-2020-4329 CVSS 4.3) |
PH24879 | OutOfMemory event on web service BAIS.create() | ||
PI83141 | WebContainer performance issue when under high load | ||
Session Initiation Protocol (SIP) Container | PH21349 | SIP notify arriving before 202 for refer causes a memory leak | |
PH21614 | SIP requests with appropriate CSeq numbers receive message 500 incorrect CSeq | ||
PH22590 | B2buaHelper.getPendingMessages might return an empty list when an initial INVITE request is forked | ||
PH25483 | SIP re-invite might be sent to wrong interface | ||
System Management/Repository |
✓
|
PH21511 | Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2020-4276 CVSS 7.5) |
PH21848 | Display the absolute path value of the temporary location if the copy of asset fails | ||
✓
|
PH23853 | Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2020-4362 CVSS 7.5) | |
✓
|
PH26952 | WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4464 CVSS 8.8) | |
Transaction Service | PH08281 | Information services director fails when invoking a web service - deployment.xml composition unit is not found | |
PH23464 | Add JVM property to disable one phase commit optimization | ||
✓
|
PH25074 | WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4450 CVSS 9.8) and Information Exposure (CVE-2020-4449 CVSS 7.5) | |
PH25955 | REMOVE_PARTNER_LOG_ENTRY does not work for XAResource.recover() failure | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PH22498 | JAX-PRC web service client creation fails if an HTTP redirect switches protocol when accessing the WSDL url | |
PH22765 | WSWS7054E error during WSDL generation due to ClassNotFoundException on javax.validation.ConstraintViolation | ||
PH26204 | Org.apache.axiom.om.omException: a data handler was not found | ||
Web Services Security | PH16455 | JAX-WS engine did not redirect response with 301 status code | |
PH19333 | OIDC RP: Unable to override the realm name in an ID token | ||
PH19907 | OIDC RP: Login fails when createSession=true and HTTP sessions exhausted | ||
PH20118 | OIDC RP: Should not require scope claim on response from OP | ||
PH21008 | OIDC RP: The TAI is completely disabled if any provider config fails to initialize | ||
PH21178 | OIDC RP: Access-token refresh may be attempted when it should not | ||
PH21611 | OIDC RP may attempt to refresh access tokens that are not expired | ||
PH21827 | OIDC TAI: NotSerializableException for JWTclaims error may occur | ||
PH22038 | OIDC RP: Session cookie name should to be related to provider_<id>.identifier but related to provider_<id>.clientid | ||
PH22195 | OIDC RP: Enable use OpenID provider's well known configuration url | ||
PH22621 | OIDC RP: Add programmatic support for grant_type = client_credentials | ||
PH23572 | OIDC RP code flow cannot be used if JavaScript is not enabled | ||
PH23697 | OIDC RP support RS512 support to OIDC TAI signature algorithm | ||
PH24501 | Saml web SSO TAI may fail signature verification when a keyInfo contains both keyName and x509data | ||
PH24737 | OIDC RP: Make the introspection response available via api | ||
PH25547 | OIDC incorrect behavior if opaque token is in Authorization header and useJwtFromRequest=ifPresent | ||
PH25697 | OIDC RP sessionCacheTimeoutMinutes=0 is not overriding idToken exp claim | ||
PH25774 | OIDC RP: Session cookie value is too short | ||
PH26523 | OIDC RP allow call to userinfo endpoint to be disabled | ||
PH26842 | Saml Web SSO ClassNotFoundException for trustAssociationUtil in 9.0.5.4 | ||
PH27173 | OIDC RP login may fail when nonce is enabled | ||
PH27213 | OIDC TAI: Give option to not write LTPA cookie in RP path | ||
PI96403 | OIDC RP does not support implicit login flow for initial requests | ||
WebSphere Common Configuration Model (WCCM) | PH20188 | Incorrect time policy for turkey in com.ibm.icu.jar | |
PH25334 | Application update failure slow due to excessive retries | ||
z/OS | PH22659 | zWAS crash in bbog_failuremonitor::dispatchrecovery(mvs::stoken) following normal shutdown | |
PH24730 | Repetative characters at the end of message BBOA7101E |
Fix Pack 8.5.5.17
|
||
---|---|---|
Fix release date: 9 March 2020 Last modified: 9 March 2020 Status: Superseded Download Fix Pack 8.5.5.17 |
Component | Security APAR | APAR | Description |
---|---|---|---|
Administrative Console (all non-scripting) |
✓
|
PH11319 | XSS issues with the WebSphere Admin console (CVE-2019-4270) |
✓
|
PH12325 | WebSphere Application Server Admin Console could allow a file traversal vulnerability (CVE-2019-4268) | |
PH14295 | Classloader conflict causing problems accessing the admin console in WebSphere Application Server | ||
PH14552 | java.lang.arrayIndexOutOfBoundsException: array index out of range: 1 exception on was 8.5.5.14 after BPM 18.0.0.1 upgrade | ||
PH15351 | Admin console updates to removeNodelLstener and addNodeListener servlets | ||
PH15415 | Improve status text for scan error for the application migration scanner functionality | ||
PH15700 | Target java options on 'Configure scanner…' pate are out of order | ||
PH17272 | An error is shown in the administrative console, when viewing the systemout.log.owner or thesystemerr.log.owner files | ||
PH17962 | Request to allow web server log path to be outside of WAS and not require the .log filename extension | ||
PH18268 | When a scheduler that an EJB timer service uses no longer exists, the console does not display an error | ||
PH18533 | After the update to WAS 8.5.5.16 there is a problem in the admin console with my tasks in the navigator on the left side | ||
✓
|
PH18947 | Information disclosure in WebSphere Application Server Admin Console (CVE-2019-4670) | |
PH19920 | When invalid characters are introduced in the admin console url error page java.lang.nullPointerException is received | ||
PI94624 | Remove struts-legacy.jar from isclite.ear | ||
Contexts and Dependency Injection (CDI) | PH05014 | Null CDI bean results in a NullPointerException thrown in Apache WebBeans code | |
PH15728 | CDI not protecting the thread context classloader and loading a wrong version of XML parser | ||
Default Messaging Component | PH16502 | WebSphere Application Server messaging engine stops due to DSRA9110E when short duration lock feature is enabled | |
EJB Container | PH18256 | CNTR5104E received when deploying EJB application | |
PH18828 | Corba.Marshal: incompatibility between stub and tie on WebSphere batch application | ||
EJBDeploy (WSAD) | PH21271 | Failed to run EJPDeploy when installing application by admin console | |
Federated Repositories | PH12039 | The WIM GET API does not consider the allowOperationIfReposDown setting on the realm | |
PH12167 | Authentication fails with a cause by of illegal capacity | ||
PH14099 | Federated repository is not returning all requested attributes when searching | ||
PH15390 | NullPointerException ocurrs when security trace is enabled | ||
PH15543 | CWWIM4564I saying it connected to the failover LDAP, when reconnecting with the primary LDAP | ||
PH16420 | Non-participating repositories are accessed from WIM get api | ||
PH17028 | AdminAgent console can display incorrect security configuration | ||
PH17839 | When adding an LDAP attribute that requires a boolean value, an InvalidAttributeSyntax error occurs | ||
PH18467 | Enhanced file-based and database repository password hashing algorithms | ||
PH18761 | NullPointerException is thrown when running deregisterNode.sh wsadmin | ||
PH19289 | NullPointerException occurs when security trace is enabled | ||
General | PH10371 | lrcmd.sh script ignores values specified in soap.client.props | |
PH11280 | PI58498 is not fixed on 8.5.5.13 under certain circumstances | ||
PH12982 | "write Interval" of HTTPSession store configuration is not honored | ||
PH13564 | WOLA is not freeing IMS TPIPE after an error | ||
PH13660 | Reduce HPEL buffer flush interval and timer implementation | ||
PH13786 | ABENDCC3 RSN040E0001 in local communication close processing | ||
PH13807 | NullPointerException in the SIBus component may occur when Cross Component Trace is enabled | ||
PH14351 | Update the binary scanner in tWAS to 19.0.0.3.1 | ||
PH14473 | Add translations for the access denied message | ||
PH14613 | PH14613: Intelligent Management enabled Plugin crashes in multicell environment | ||
PH14926 | Deserializing a session loads classes form different class loaders | ||
PH15134 | CSA shortage with WebSphere Appserver z/OS fix pack 9.0.0.9 BBOO0335E BPX1LDX load of BBODPCRT failed RC=84, reason=BDF0624 | ||
PH15820 | OAuth provider may create a principal with realm name prepended to user name | ||
PH16837 | Unresolvable variable warning message CWLRB6203W: issued when no action is required | ||
PH17314 | Too many open files in WebSphere V8.5.5 SIBus messaging engine | ||
✓
|
PH17557 | Upgrade apache commons beanUtils in admin console (CVE-2019-10086) | |
PH17942 | Some session attributes are not stored with session database of Oracle | ||
PH18042 | EmbeddableUOW cause RollbackException of global transactions | ||
PH18894 | Change the default value of ModifyActiveCountOnInvalidatedSession | ||
PH19061 | Multiple plugin-cfg.xml files & folders under profile_home/config/cells/ causing Liberty report hung on console | ||
PH20314 | LogViewer not able to write logViewer.pos file | ||
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server | |
IBM i | PH18059 | QueryWASInstalls command not listing 9.0 ND installs | |
Install | PH16993 | Cannot install WebSphere Application Server 9.0 on SUSE Linux Enterprise 15 | |
PH17876 | CRIMA1137W: packages do not support the 64-bit version of installation manager | ||
PH18202 | User's files and logs are deleted when applying ULB fix pack through installation manager | ||
PH18236 | Incorrect Java 7 EOS warning message on WAS 8.5.5.13 (Java 6) | ||
PH18278 | Warning message is issued when install IHS and Plugin 9.0.5.2 and 8.5.5.17 on Windows without MSVC 2013 runtime installed | ||
PH20560 | Update ihs 8.5.5.16 fails with error getting file for installation on Solaris | ||
Intelligent Management Component | PH11456 | Custom transport chains added to dynamic cluster server templates are not properly propagated to dynamic cluster members | |
PH14613 | Intelligent Management enabled Plugin crashes in multicell environment | ||
PH14796 | /MiddlewareAgentRPCService/noadmin/../<file_path> allows for arbitrary file access of files in the WAS/profiles/dmgr directory | ||
PH15889 | dumpIMPState.py enumerate function not available in Jython v2.1 | ||
PH16498 | Implement the ability to disable the ODC REST Service | ||
PI89036 | JVM CRASH ON WINDOWS IN PROCESSCPU64.DLL WHILE INVOKING PMI TO COLLECT CPU STATS | ||
Java 2 Connectivity (J2C) | PH10198 | 2CA0695E: Unable to find primary pool manager during failover processing for a resource with a JNDI name of ibm/cm | |
PH13915 | High cpu when synchronizing resources.xml | ||
PH20223 | RRA=all trace results in SECJ0314W violation of Java 2 security permission error | ||
Java Management Extensions (JMX) or JMX Client API | PH16983 | Use TriggerDump with request=exclusive instead of SystemDump | |
Java Message Service (JMS) | PH01737 | Changing default to NIO on HP platform | |
PH14915 | At shutdown, when the filestore is nearly full, threads persisting messages will hang | ||
PH15289 | Updating the address include list for server transports causes an exception | ||
PH17473 | Case sensitivity issues when headers are not being cached | ||
Java Persistence API (JPA) | PH18777 | ConcurrentModificationException after PH07008 | |
Java SDK | PH16818 | File descriptor leak in defaultFaceletFactory | |
JavaServer Pages (JSP) | PH12946 | StringIndexOutOfBoundsException when using JSF 2.2 in Liberty | |
PH12972 | Thread safety issue on the WeakHashMap with JSF SunRI causes the WebContainer threads to hang | ||
PH14966 | JSF portlet bridge should not be bundled by WebSphere | ||
JSP |
✓
|
PH13983 | Information disclosure in WebSphere Application Server (CVE-2019-4441) |
✓
|
PH20785 | WebSphere Application Server is vulnerable to command execution (CVE-2020-4163) | |
Migration | PH13284 | After the migration to v8.5, plugin-cfg.xml contains all cluster information even which is not supposed to be included | |
PH14635 | WASPreUpgrade in remote migration jar does not work on zLinux | ||
PH15019 | Spaces in application name cause migration failure as WASMigrationAppInstaller gets parsing error | ||
PH15110 | Migration tool should notify the user in the case that the old value is not migrated | ||
PH15373 | Coregroup template not found | ||
PH15764 | WASPostUpgrade fails when the profile was created with sym links | ||
PH18142 | Running BBOWMPRO during a migration to a newer release of WAS z/OS gets configuration mismatch error | ||
PH19983 | WASPreUpgrade migration script fails to run on AIX | ||
PH20869 | Migration fails with java.lang.noSuchMethodException:com.ibm.websphere.models.config.applicationserver.sipontainer.impl.SIPContainerImpl | ||
Object Request Broker (ORB) | PH13233 | Remove unformatted cout trace entries | |
PD tools (for example: Log Analyzer) | PH14607 | FileNotFoundException appear when running tWAS LogViewer | |
PH14673 | WAS diag plan trace dump file directory correction | ||
PH15079 | Modify traceInit outputs BBOO0427E at 8.5.5.15 | ||
PH17273 | Collector tool does not collect properties files for IBM i platform | ||
PH17283 | Diagnostic plans utility is incompatible with the java_dump_opts | ||
Plug-in | PH13091 | WebSphere plug-in has uneven distribution when multiple servers have a weight of 0 | |
PH14563 | Plugin merge creates extra URI group when erroneous ports are within the VirtualHostGroup | ||
PH17449 | WAS HTTP plugin fails to generate $WSRA $WSRH headers | ||
PH19420 | Plugin propagation for managed definition on remote node fails to copy plugin-key.kdb to webServer location on the remote node | ||
PH19922 | Unnecessary polling can take place causing high cpu | ||
PH20154 | Plugin websocket upgrade request response code not verified | ||
PH20311 | Plug-in does not read entire response from the socket when ESI is enabled and response shows data is not modified | ||
PH20448 | IHS crash on restart when plugin log rotation is enabled | ||
Profile | PH11873 | Create profile failed with java.net.uriSyntaxException: illegal character in path | |
PH18889 | Update WAS 8.5.5 IES for x86-32 platform | ||
Runtime and Classloader | PH10673 | Property com.ibm.ws.runtime.dumpShutdown=true causes two heapdumps and two java cores during shutdown | |
PH11036 | Corrupted KOR/CN/JPN locale messages during startserver if WS_CMT_PI_STARTSERVER_CA_MESSAGES=true | ||
Security | PH09722 | Reload the SSL runtime when certificate monitor executes | |
PH10457 | ReplaceCertificate is not horned to replace a personal certificate with another personal certificate | ||
✓
|
PH11248 | Information Disclosure in WebSphere Application Server (CVE-2019-4477) | |
PH13835 | Outbound EJB-WOLA connection fails NO_PERMISSION due to TransportLayer settings being picked up from incoming RMI call | ||
PH15965 | Intermittent SECJ0129E after upgrade to 9.0.0.10 or 8.5.5.14 | ||
PH16017 | FFDC data output may display JAAS configuration information | ||
PH16741 | Client certificate authentication not finding previously logged in subject | ||
PH17654 | WSVR0661W starts to happen after the application of 8.5.5.16 | ||
PH18217 | Need to stop auditing subsystem from doing DNS lookup | ||
PH20055 | Provide an option to add KRBAuthnToken to Subject | ||
Servlet Engine/Web Container | PH15852 | Missing translation key: Exception occurred while running servlet ContainerInitializers on startup | |
PH16279 | Memory leak in WebFragMergerImpl due to multiple start/stop of application without restarting the application server | ||
Session Initiation Protocol (SIP) Container | PH15985 | A via header field in ACK requests might contain incorrect address in a dual stack environment | |
PH17737 | WebSphere does not reject SIP invite with invalid CSEQ header | ||
System Management Configuration | PH15796 | Monitored directory deployment hangs when application is deployed on more than one target | |
System Management/Repository |
✓
|
PH14004 | Path traversal vulnerability in WebSphere Application Server (CVE-2019-4442) |
PH18800 | ADMA7021I message in a deployment manager systemout.log file causes confusion | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PH09116 | NullPointerException generated due to a partial update of the EJB application | |
PH16949 | WAS 8.5.5.15 / 9.0.5.0 - issues with annotation scanning filters (include-scanning-packages etc.) | ||
Web Services Security | PH14676 | OIDC RP: Omit client_secret oAuth 2.0 parameter if the client_secret is an empty string | |
PH15248 | OIDCClientHelper methods may return null unexpectedly | ||
PH15626 | OIDC RP: Enable configuration of a login error url | ||
PH17304 | OIDC RP cannot send a content-security-policy header to the openIDconnect provider | ||
PH18150 | The OIDC RP does not check the id-token for an ACR value if the configured auth endpoint url includes "acr_values" | ||
PH19189 | OIDC RP cannot send a nonce parameter to an OP | ||
WebSphere Common Configuration Model (WCCM) | PH08678 | In WebSphere V8.5.5 AdminTask.extractConfigProperties incorrectly sets the CCSID value to 0 as the default | |
PH17696 | Encrypted passwords deleted if custom encryption JAS is removed | ||
PH19871 | BO attributes are not working correctly after upgrading to WebSphere 8.5.5.16 | ||
PI77392 | Incorrect generation of ibm-metadata.xml when deploying with pre-generated merged descriptors | ||
z/OS | PH19192 | Waittime is not passed to BBOCLSCC under certain circmstances |
Fix Pack 8.5.5.16
|
||
---|---|---|
Fix release date: 3 September 2019 Last modified: 3 September 2019 Status: Superseded Download Fix Pack 8.5.5.16 |
Component | Security APAR | APAR | Description |
---|---|---|---|
Administrative Console (all non-scripting) | PH05129 | Prompt user for confirmation of stop cluster | |
PH06242 | Change background color for admin console (REF 120205) | ||
✓
|
PH07676 | Potential denial of service in WebSphere Application Server Admin Console (CVE-2019-4080) | |
PH07698 | Incorrect application status for web server in target specific application status display | ||
PH07915 | Update admin console JSP to remedy false error | ||
PH08979 | Data power panels may show html in messages when creating objects | ||
PH09151 | Add Liberty migration effort details to application collection page in admin console | ||
PH09977 | Some administrative console urls are using: target="_blank" | ||
PH10072 | WebSphere Application Server admin console to add secure attribute to some cookies | ||
PH10464 | Urls based on the admin console return error 500 | ||
PH10816 | Serviceability issues for Liberty advisor feature | ||
PH10824 | UI bug fixes and changes for Liberty advisor feature | ||
PH10831 | Add color to navigation border to make color change more visible | ||
PH11318 | Do not display log_root directories for application installation | ||
PH12508 | After upgrade to fix pack 9.0.0.11 get msg: SRVE0190E: File not found: /libertyadvisorsummary | ||
PH13030 | Rename Liberty application migration analysis functionality | ||
PH13295 | Scopes in resource panels are unsorted which makes it hard to find a specific scope | ||
PH13303 | Access denied in logs when calling LibertyAdvisorSummaryServlet even when user has required roles | ||
Contexts and Dependency Injection (CDI) | PH05014 | Null CDI bean results in a NullPointerException thrown in Apache WebBeans code | |
PH09834 | java.lang.VerifyError on openwebbeans with Java, 8 update 11 and 7 update 65 | ||
EJB Container | PH01591 | Nonpersistent EJB timer dying if timeout throws exception on last retry | |
PH08828 | OutOfMemory in injectionEngine cache | ||
PH12563 | Support JIT deploy of EJB 1.x and 2.x modules | ||
Federated Repositories | PH01831 | WIMUserRegistry.authenticateWithPassword() discards the causal exception when throwing a new exception | |
PH05207 | NullPointerException occurs when nameInRepository is not set in wimconfig.xml | ||
PH08837 | LDAP search fails with NumberFormatException | ||
PH10154 | Group members are not listed (in manage users/groups) when domainnameforauomaticdiscoveryofldapservers is configured | ||
PH11325 | In rare cases, the federated repository attributes cache will store an attribute beyond the specified cache timeout | ||
PH11792 | Changing wstemp directory to a different directory with the following property websphere.workspace.root is not being honored | ||
PH12039 | The WIM get API does not consider the allowOperationIfReposDown setting on the realm | ||
PI97871 | Cannot change administrative user in federated repositories | ||
General | PH01829 | The lrcmd command fails with SocketTimeoutException | |
PH03840 | Attempting to create a new ILContainer after SqlException causes com.ibm.websphere.batch.ilc.ILContainerException | ||
PH04833 | Java batch scheduler in WebSphere v8.5.5 running OutOfMemory | ||
PH05754 | Cannot set a timeout for URLReturnCodeMetric which can cause blocking of other metrics | ||
PH06301 | CWLRB6179E: Failed to invoke EndpointCRMBean | ||
PH07247 | Unnecessary HttpHostConnectException FFDC logged for usage metering | ||
PH07725 | Cross-site Scripting (Stored) on URL 9043/ibm/console/ChartDetail.do: datasets parameter | ||
PH08375 | WASServiceHelper.bat builds command contains "stopargs" twice | ||
PH08503 | Configured cluster level resources are dropped when a dynamic cluster scales to zero members and back up again | ||
PH08548 | The number of concurrent sub jobs running under a top-level batch job may exceed the configured maximum | ||
PH08898 | WebSphere v8.5.5 Job Scheduler throws NullPointerException | ||
PH08993 | CWLRB6203W is issued for properties which do not need a value | ||
PH09335 | managesdk.sh does not set user.install.root | ||
PH09407 | CommonExtensionsHelper class prints out a lot of information messages | ||
PH09657 | Usage metering discards metrics on HTTP 500 response from metering service | ||
PH09810 | Health Controller stops working when executing Health Policy actions - Moved asyncRestart functionality into separate thread | ||
PH09872 | CWMMS0469E: Error getting application placement controller (APC) MBean | ||
PH10119 | Add support for CICS 5.5 to optimized local adapters | ||
PH10333 | During extension of clusters jobs abended with RC=12 and existing endpoints are not found | ||
PH10511 | OSGI throws an unexpected NullPointerException | ||
PH10843 | Javamail password hardcoded to null in the trace | ||
PH11142 | Running the wctcmd.bat from outside of the <wct_root> directory causes | ||
PH11182 | NPE in JSF after WebSphere Fix pack 8.0.0.15 + apar PH04915 | ||
PH11334 | Need to check users tWAS version and source Java version | ||
PH11542 | DefaultApplication changed in 9.0.0.11 | ||
✓
|
PH11655 | Remote code execution in WebSphere Application Server ND (CVE-2019-4279) | |
PH11807 | "Routing policy HTTP rules" console page broken and validation for duplicate ODR rules not throwing proper error | ||
PH11818 | Unnecessary annotation scan happens if a class implements java.util.eventListener | ||
PH12312 | Admin agent environments not able to create migration reports through the console or wsadmin | ||
PH12467 | WSSessionInvalidatorThread should have thread number | ||
PH12533 | Admin console allows Client-side HTTP Parameter Pollution and xss | ||
PH12560 | Support customization of usage metering metrics | ||
PH12630 | JSessionID value may contain 2 consecutive dashes | ||
PH12773 | Add/remove neighbor loop with messages ODCF8041I, ODCF8040I, CWWOBB1009W | ||
PH13339 | Implement fine grain permissions for migration commands | ||
PH13693 | Change to allow the facesContext object to remain open after lifecycle method execution | ||
PH13798 | Error resulting from PH09335 when user_install_root is unset | ||
PH14088 | Disabling isolation of third-party JAX-RS providers causes FileNotFoundException | ||
PH14124 | The binary scanner needs to be updated in tWAS to version 19.0.0.3 | ||
PI92265 | Setting one JVM of multiple dynamic clusters into maintenance mode fails for all dyanmic clusters expect one | ||
High Availability (HA) | PH08584 | Moving dynamic cluster to new core group fails to update dynamic clusters server template | |
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server | |
IBM i | PH12823 | _setupDefaultSDK script fails to update WAS product and profiles to use JDK 8 when JDK 7/7.1 is configured | |
Install | PH07691 | IHS 8.5.5.14 replaces 64-bit Solaris binaries with 32-bit | |
PH08340 | Install application client 8.5.5.14 on Win 32bit | ||
PH08611 | Add pre-requisite checker for Microsoft Visual Studio 2013 runtime | ||
PH08924 | NPE in Installation Manager while installing Java 8 | ||
PH10416 | Unable to apply Application Client, IHS, Plug-ins fix pack 8.5.5.15 on Sun Solaris operating system | ||
PH11170 | Incorrect output of VersionInfo -fixpacks | ||
PH11382 | 32-bit version of IBM WebSphere SDK Java 7.0 is replaced by 64-bit version after updating Application Client 8.5.5.15 | ||
PH12075 | Cannot install Java 8 (optional) offering on AppClient 85514+ on Solaris Sparc64 | ||
PH12320 | NullPointerException is thrown while using the modify option in silent mode on installation manager for IBM i | ||
PH12698 | WebSphere Application Server 8.5.5.15 cannot be installed on Solaris 10 update 9 and up | ||
PH13270 | IBM SDK Java Technology Edition Versions 7 and 7.1 will be end of service | ||
Java 2 Connectivity (J2C) | PH04931 | FFDC for java.lang.IllegalStateException logged intermittently while many transactions start in parallel are not a problem | |
PH10198 | 2CA0695E: Unable to find primary pool manager during failover processing for a resource with a JNDI name of ibm/cm | ||
PI81554 | J2CA0045E connectionWaitTimeoutException timeout is not calculated as expected in version 9.0.0.3 | ||
Java Message Service (JMS) |
✓
|
PH06340 | Potential denial of service vulnerability in WebSphere Application Server (CVE-2019-4046) |
✓
|
PH07036 | Potential vulnerability in WebSphere Application Server WebContainer | |
PH09048 | During Tibco EMS server failover, transaction rollback issues may occur that lead to stuck messages on the Tibco queue | ||
PH09750 | Hanging threads in com.ibm.ejs.jms.JMSQueueConnectionHandle.createQueueSession | ||
PH11186 | HTTP inbound channel custom properties trustedHeaderOrigin and trustedSensitiveHeaderOrigin do not work properly on z/OS | ||
Java Persistence API (JPA) | PH07008 | Have OpenJPA update the descriminator class cache as classes become loaded and registered in the metadatarepository | |
PH13889 | OpenJPA enhanced classes version change causes warning | ||
JSP | PH08381 | JSP compilation error when using line comment within JSP expression | |
Migration | PH07936 | Migrating to WAS v9.0 but application did not get deployed | |
PH08002 | Not all profiles migrate when migrating to WAS v8.5.5 WASPreUpgrade fails when no default is used | ||
PH09937 | After migration automatically create element automatically that not exist before migration | ||
Object Request Broker (ORB) | PH08205 | SMF 120 subtype 9 records should report the value of cvtzcbp | |
PH09011 | UnsupportedClassVersionError JVMCFRE003 when starting the NDDMZ on z/OS | ||
Other | PH13095 | If the admin agent console times out, you must provide the username/password twice | |
PD tools (for example: Log Analyzer) | PH05042 | WebSphere Application Server traditonal HPEL logging json format | |
PH12910 | java.lang.stringIndexOutOfBoundsException & SRVE0232E while accessing admin console | ||
Plug-in | PH06308 | WebSphere WebServer plugin crashes when handling WebSocket request in ESI cache | |
PH07999 | WebSphere 9.0 plugin using SSL fails to read entire message above 8k in size | ||
PH08290 | Plugin needs to provide some GSKit scripts | ||
PH08740 | Apache v2.4 web werver plug-in crashed caused by a conflict withmod_was_ap22_http and mod_hpfilter2.4 | ||
PH08998 | WebSphere plug-in process is not properly cleaned up when using Apache piped logger rotatelogs | ||
PH09034 | Set default connectionTTL to 28 if not present in configuration for the WebSphere webserver plugin | ||
PH09316 | New plugin configuration copies the etc/plugin-key.rdb file unnecessarily | ||
PH09639 | HTML dashboards fail in Web Query with HTTP 500 when running in IE or Firefox | ||
PH10258 | ORDPortPathPrefix cannot be added from the WebSphere admin console | ||
PH10504 | Servlet request remote address value is incorrect with WAS 8.5.5.15 Plugins fix pack level | ||
PH11287 | Web Server plug-in crashed in memcpy call ws_reallySendRequest function | ||
Programming Model Extensions (PME) | PH06673 | WorkItem.getResult may return null and this cause NPE in customer's asyncbean application | |
Runtime and Classloader | PH05460 | Emit diagnostics for OSGI unsatisfied bundle constraints diagnostics when starting a server | |
PI91529 | NullPointerException is thrown when processing application deployment.xml file | ||
PI97290 | NullPointerExceptions while enabling the classloader traces | ||
Security |
✓
|
PH05769 | Weaker than expected security with WebSphere Application Server with SP800-131 transition mode (CVE-2018-1996) |
PH06236 | When selecting a certificate alias with mixed case an SECJ7428E error is recieved | ||
PH06574 | When creating a new WebServer definitions in the integrated solutions console, plug-in key (CMS keystore) do not generate | ||
PH07760 | Correction for PH02461 | ||
PH08265 | Cannot remove audit notification: SECJ7387E: audit notification in use | ||
PH09574 | PI97974 was about LDAP search filter issue, which did not handle parenthesis correctly | ||
Servlet Engine/Web Container | PI99214 | Error message "SRVE0190E: File not found: {0}" is missing file name | |
Session Initiation Protocol (SIP) Container | PH07841 | SIP parse errors seem to put the parsing thread into a tight loop indefinitely | |
System Management/Repository | PH06545 | AdminApp.edit command may not update servers correctly when using the MapModulesToServers option | |
PH07140 | Editing an application with EJB content in a WAR module may experience slow performance | ||
PH07946 | Running managesdk on a node works but it modifies a JVM on another node | ||
PH10218 | Logging for JVM is not showing up in the console | ||
PH10565 | Stopping an application server with wrong user or/and password failed with error from stack trace | ||
PH10810 | Improve ADMA0245W message to include permission problem | ||
PH11113 | Cannot map a J2EE role named role to users and groups | ||
PH12932 | Missing Javadoc in ManagedObjectMetaDataHelper APIs | ||
Transaction Service | PH05716 | Transactions repeatedly fail to commit with OBJECT_NOT_EXIST minor code 0. Transaction outcome is mixed | |
PI95615 | Server startup fails with "base product version for node "mynode" is not available" | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PH10556 | The <dmgr_profile>/temp/wscache/installextract folder is not being cleaned up after the deployment or after dmgr restart | |
PH11905 | Increased deployment manager startup caused by inefficient data structure | ||
Web Services Security | PH04344 | Invalidate SAML token when user logs out from WebSphere application | |
✓
|
PH07297 | Denial of Service vulnerability in Guava (CVE-2018-10237) | |
PH08391 | Set WebSphere Application Server SAML cookie to httpOnly | ||
PH08804 | OIDC RP default identifiers are not available when customs are configured | ||
PH10503 | OIDC relyingParty TAI sessionCacheTimeoutMinutes is in seconds | ||
PH10892 | OIDC RP has no api for obtaining tokens or manually triggering access token refresh | ||
PH11107 | OIDC RP always includes port number on redirect_uri parameter | ||
PH11684 | OIDC: Failed to validate id token, exception thrown during verify [unsupportedoperationexception: ] | ||
PH12520 | ODIC: Enable JWT SSO in WebSphere Applicaiton Server | ||
PH13175 | Tokens are not revoked when sessions are evicted from the cache | ||
PH13533 | Web service request containing ws-at context fails if provider web service is configured to support ws-rm | ||
WebSphere Common Configuration Model (WCCM) | PH06565 | <multi-config> child elements are added to web.xml/web-merged.xml | |
PH08461 | During dmgr startup the /tmp folder is filling up and preventing the dmgr from starting | ||
PH09294 | Slow application startup for applications with many files | ||
PH12669 | NullPointerException occurs in EMF do to concurrent initialization |
Fix Pack 8.5.5.15
|
||
---|---|---|
Fix release date: 4 March 2019 Last modified: 4 March 2019 Status: Superseded Download Fix Pack 8.5.5.15 |
Component | Security APAR | APAR | Description |
---|---|---|---|
Administrative Console (all non-scripting) |
✓
|
PH01617 | Potential file traversal in WebSphere Application Server (CVE-2018-1770) |
✓
|
PH01621 | Potential cross-site scripting in WebSphere Application Server Admin console (CVE-2018-1777) | |
PH02638 | Getting blank screen in dmgr console when trying to update server template in dynamic cluster | ||
PH05812 | The restart does not always work because of a change to the JVM so this provides a system property to stop/wait/restart instead | ||
PH06889 | Problems changing web_install_root and config path | ||
PI98354 | No test connection button for operator role in datasourcename page in admin console | ||
Contexts and Dependency Injection (CDI) | PH04844 | The javassist used by the application is collided with javassist version used by CDI | |
EJB Container | PI95982 | The timer.getInfo() not properly returning new instance | |
PI96086 | Nested EJB Async method calls not honoring nested get(timeout, unit) timeouts | ||
Embedded/Express | PH01284 | Clean server OSGI cache on restart after hard shutdown | |
Enterprise Edition (EE) | PH04187 | Issue with the Windows 125x support in xlxp during conversion of bytes to utf-8 | |
Federated Repositories |
✓
|
PH02811 | Privilege escalation vulnerability in WebSphere Application Server (CVE-2018-1901) |
PH02868 | Automatic discovery of LDAP servers fails with EntryNotFoundException | ||
General | PH04234 | /ibm/console/ChartCollection.do javascript injection XSS vulnerability | |
PH00071 | WebSphere z/OS 8.5.5.12 ABEND 0C4 in ORB_Request::setsystemexception in control region | ||
PH00353 | JAX-WS web service requests may fail when using an unmanaged client and Java 8 if ws-policy is used | ||
PH00438 | Provide switch to disable isolation of third-party JAX-RS providers | ||
PH01316 | FileNotFoundException (404) when entering ISC help pages running Java 8 | ||
PH01735 | Inputting an invalid webserver conf file path on the console produces a blank page | ||
✓
|
PH01753 | Cross-site scripting vulnerability in OAuth ear in WebSphere Application Server (CVE-2018-1794) | |
PH01810 | Provide connectivity with IBM cloud private metering | ||
PH02014 | Infinite loop scanning multi-release jars for annotations | ||
PH02024 | CDI beanManager.getBeans() should not filter out non-alternatives | ||
✓
|
PH02031 | Potential directory traversal vulnerability in WebSphere Application Server (CVE-2018-1797) | |
✓
|
PH02049 | Cross-site scripting vulnerability in CacheMonitor for WebSphere Application Server (CVE-2018-1767) | |
✓
|
PH02063 | Potential security bypass in WebSphere Application Server with Expression Language EL (CVE-2014-7810) | |
PH02310 | The wctcmd command does not create a webServer definition | ||
PH02349 | J2CA1004E seen in adjunct region | ||
PH02429 | Add IIS 10 to WebSphere fix pack to allow the installation of this product | ||
PH02700 | Do not persist or transfer inactive conversation contexts | ||
PH02919 | Migration policy set issue | ||
PH03324 | Clone server doesn't appear in the Administrative console | ||
✓
|
PH03492 | Potential Cross-site scripting in SIBMsgMigrationUtility (CVE-2018-1798) | |
PH03604 | Update Apache Batik SVG toolkit library to 1.10 | ||
PH03710 | Annotation scanning include-filters not working | ||
PH04583 | RuntimeException in vapBinaryStreamToSerializableObjectConverter | ||
PH04653 | Updated CPU limit (--cpus) not recognized by usage metering feature | ||
PH05071 | JVM hang when calling garbageCollectorMXBean.getLastGcInfo for usageMetering-1.0 | ||
PH05126 | Provide support for com.ibm.websphere.jaxrs.server.DisableIBMEJBJAXRSinEJBJarSupport | ||
PH05544 | Custom property `HttpSessionCloneId` set at the sessionManager scope is not honored by ODC resulting in broken affinity | ||
PH05700 | The was-usage-metering.properties does not work in cluster name directory | ||
PH06668 | ARFM5024E: ARFM suffered unexpected exception while handling ODC event: com.ibm.wsspi.odc.ODCException: A svcgoal has no relationship with the following: cell (EXCM_HAS_NO_RELATIONSHIP1) | ||
PH07141 | Increase grammar's unresolved component cache size | ||
PH07228 | Final usage metrics not submitted on server shutdown | ||
PH07725 | Cross-site Scripting (Stored) on URL 9043/ibm/console/ChartDetail.do: datasets parameter | ||
PI89701 | ODC error logic that runs on the dmgr is erroneously removing OSGI app data from the ODC data structures resulting in 404 | ||
PI92331 | Large object com/ibm/xml/xml4j/internal/s1/util/symboltable$entry arrays | ||
PI95333 | There is no way to detect if a compute grid batch job is producing grossly excessive output in its job log | ||
PI95906 | It takes very long time to update eba | ||
PI99123 | Add a new message to show total workspaces and ids to help reduce OutOfMemory problems | ||
PI99361 | upon deployment, the <context-root uri..> entry in the ibm-web-ext.xml is changing position within the file. | ||
PI99507 | Native outofmemory errors due thread leak in OTIS connection handling | ||
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server | |
Install | PH02129 | Fixpack rollback fails with NullPointerException on Solaris | |
PH02912 | The setupProfileSDK script usage is not translated | ||
PH03402 | Installation manager reports im_root/eclipse/IBMIM is launched even though im_root/eclipse/tools/imcl is called | ||
PH03775 | WAS 8.5.5.14 fix pack installation working on Solaris 10 | ||
PH04095 | Extra directories and broken links after WAS 8.5.5 FP 14 installation | ||
PH04524 | WebSphere Application Server fix pack fails to install due to invalid Java 6 checking | ||
PH04606 | Installation of WebSphere plugin 8.5.5.14 to WebSphere plugin 8.5.5.11 and higher with fix PI96287 fails | ||
PH04771 | Rollback to 8.5.5.14 fails after update 8.5.5.13+Java6 to 8.5.5.14 and then to 8.5.5.15 | ||
PH04781 | WAS 8.5.5.14 includes embedded java 6 binaries | ||
PH04782 | Update PLG to 8.5.5.14 failed | ||
PH04784 | Installing fix pack 8.5.5.14 with 32 bit Java 1.7.0 does not work correctly | ||
PH06871 | Rollback fails from WAS 8.5.5.14 to WAS 8.5.5.8 | ||
Intelligent Management Component | PH01352 | High CPU after TCPIP is forcefully stopped | |
PH01832 | High CPU driven by VisualizationEngine.CacheWorkItemsTP thread | ||
PH04119 | `Runtime Operations > Applications` panel does not properly report applications that deployed to a started target but not running | ||
PH04886 | Deadlock in DMGR when federating primary portal node | ||
PI65154 | HeapDetect: error notifying monitor: 52 message appears during server shutdown | ||
PI88622 | On demand configuration (ODC) thread causes hang in deployment manager (dmgr) | ||
PI98187 | APC HAManagedItem hangs when it is in the process of becoming dormant and receives notification that it should be active | ||
Java 2 Connectivity (J2C) | PH00304 | WAS Liberty not respecting max connection pool setting | |
PI97241 | Server hang on server shutdown due to deadlock | ||
Java Message Service (JMS) | PH01447 | Improvement to SSL closing handshake | |
PH02713 | Contention for the intrinsic lock in the JMSConnectionHandle.createSession method | ||
PI95709 | PreferredServerlist are not saved as the sequence as defined by client | ||
Java Persistence API (JPA) | PH01768 | Deadlock potential exists with orm xml processing for OpenJPA | |
PI97686 | OpenJPA query cache miss results in classCastException | ||
Java SDK | PH03268 | NullPointerException at JSF initialization | |
PH06389 | JSF can leak JarFiles causing problems with application removal | ||
JavaServer Pages (JSP) |
✓
|
PI99524 | Remote code execution vulnerability in the JSF used by WebSphere Application Server |
Messaging Providers | PH05525 | WLM is failing the SIB destination lookup even though me is running with out any issues | |
PH05890 | Unexpected response from WebSphere Application Server to datapower client request | ||
Migration | PH01218 | WASPreUpgrade.bat fails when path to java contains a space | |
✓
|
PH01746 | Potential privilege escalation vulnerability in WebSphere Application Server after migration (CVE-2018-1840) | |
PH01984 | An ArePrimaryKeysEqual Exception is thrown when the DeploymentDescriptor for an Application contains an IconType entry | ||
PH05565 | Security domain definitions were not migrated correctly | ||
PH06386 | migration.sh is not supported on Solaris and should not be packaged | ||
PH06941 | SyntaxError: string constant too large in wasPostUpgrade app deployment | ||
PI98798 | MIGR0573W seen running wasPreUpgrade on node profiles | ||
Object Request Broker (ORB) | PH03646 | Daemon ABEND0C4S in BBOOIND and possible termination | |
PI94719 | WebSphere abend=00dc3000 rsncode=0a150001 moving node to new fix pack level | ||
PD tools (for example: Log Analyzer) | PH04941 | Trace triggered by trace for use under L2 direction | |
PH06642 | Back port diagnostic plan to 8.5.5.15 | ||
Plug-in | PH04047 | WAS plug-in v9 for HIS v9 and Apache 2.4. forward useragent_ip to support use of mod_remoteip in ihs v9 and Apache 2.4 | |
PMI/Performance Tools | PH01816 | NullPointerException in RepositoryCache.getRCSDataSourceResources | |
PH05033 | JVM runtime - processCPUUsage counter shows zero value | ||
PH05230 | Count not present in the PerfServlet xml output, under count TimeStatistic not present in the PerfServlet xml | ||
Programming Model Extensions (PME) | PH03333 | Deadlock situation in DefaultWorkManager:AlarmManager | |
Runtime and Classloader | PH02197 | Server assocated shared libraries not being picked up by WebSphere Application Server | |
PI83239 | After upgrade to WebSphere 8.5, some applications using JAXB classes have noClassDefFoundError messages | ||
PI88219 | WSVR0320W warning messages due to the deprecated module deployment classloading mode | ||
PI91331 | Isolated shared library's parent is missing in the search path | ||
PI99339 | NoSuchMethodException generated for the missing method in the urlStreamHandlerAdapter | ||
Security | PH01676 | CreateKrbConfigFile command leaves pipe character in Kerberos config file for encrypt types | |
PH02461 | Modifying OIDC RP custom properites in a security domain via the admin console resulted in duplicates | ||
PH02480 | CMSKeystore is removed when webserver deletion is on hold without admin config save | ||
PH04174 | Remove or update PI97281 | ||
PI97974 | Invalid user id that contains a parenthesis should be escaped for standalone LDAP configuration | ||
PI98604 | CWPKI0666e: certificate "certificatealias " is not a personal certificate | ||
✓ | PI98768 | Weaker than expected security using WebSphere Application Server(CVE-2018-1719) | |
✓ | PI99402 | Spoofing vulnerability in WebSphere Application Server Form login (CVE-2018-1695) | |
Session Initiation Protocol (SIP) Container | PH01070 | In a multi-homed environment a Via header field might not be set to the preferred outbound address | |
System Management/Repository | PH00755 | Fixing ConcurrentModificationException reported during multi sync operation | |
PH01546 | JVM custom property to disable node synchronization | ||
PH02503 | Server creation fails with NullPointerException due to leftover application folders | ||
✓ | PH03986 | Code execution vulnerability in WebSphere Application Server (CVE-2018-1567) | |
PH03989 | Issues with autodeploy feature on WAS 8.5.5 after applying fix pack 13 | ||
✓ | PH04060 | Code execution vulnerability in WebSphere Application Server (CVE-2018-1904) | |
PH04723 | An application contains was.policy file to apply additional permissions might not be detected and allowed to installed | ||
PI91977 | WebSphere Application Server config files length zero bytes | ||
✓ | PI95973 | Code execution vulnerability in WebSphere Application Server (CVE-2018-1567) | |
Transaction Service | PH02450 | WS-AT keeps consuming webcontainer threads | |
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI88318 | Incorrect version number was displayed when running endptEnabler.sh or endptEnabler.bat | |
Web Services Security | PH00569 | Openid connect relying party handling of id_token expiry is not configurable | |
✓ | PH01752 | Cross-site scripting vulnerability in SAML ear in WebSphere Application Server (CVE-2018-1793) | |
PH02192 | OIDC RP extra <br/> tag added in saved post body | ||
PH03525 | OIDC TAI may not intercept requests to http:// endpoints | ||
WebSphere Common Configuration Model (WCCM) | PH00201 | jsp_2_2.xsd is not packaged in the com.ibm.ws.wccm.jar | |
PH01005 | NullPointerException when application provides a xalan jar | ||
PI98177 | Package objects not available from archive class loaders |
Fix Pack 8.5.5.14
|
||
---|---|---|
Fix release date: 20 August 2018 Last modified: 20 August 2018 Status: Superseded Download Fix Pack 8.5.5.14 |
Component | Security APAR | APAR | Description |
---|---|---|---|
Administrative Console (all non-scripting) | PI84457 | Incorrect handling of invalid parameters in the admin console | |
PI87791 | WebSphere Admin Console error message invalid format | ||
PI89327 | MIGR0506E migrate a profile that is registered to an admin agent | ||
✓
|
PI89498 | Privilege escalation in WebSphere Application Server Admin Console (CVE-2017-1731) | |
✓
|
PI90042 | Information disclosure in WebSphere Application Server Admin Console (CVE-2017-1741) | |
PI90487 | Start/Stop from the admin console failes after a change to the processDef startCommandArgs or stopCommandArgs | ||
PI91052 | Set X-Content-Type-Options "nosniff" on Administrative Console | ||
PI91328 | Update struts.jar for latest fixes | ||
PI91760 | Classes are missing in the Administrative Console after EAR deployment | ||
PI92079 | Duplicate ports are assigned when the node uses different host alias in same host machine where the DMGR is running | ||
PI92185 | Accessing the Admin Console on MS IE or Edge browser causes some issues when mapping roles | ||
PI92241 | Admonconsole command assistance gave wrong output for EJBTimer | ||
PI92513 | MANIFEST.MF file in isclite does not get updated correctly with fix pack upgrade. | ||
PI92600 | SIB admin panels render incorrectly | ||
PI94097 | "Rollout Update" option not shown during app update for users with both deployer and operator role | ||
PI94144 | ORB ConnectionCacheMimimum cannot be set to 1 in the Admin-Console (10 is the current limit) | ||
✓
|
PI95655 | Potential vulnerability in WebSphere Application Server (CVE-2015-0899) | |
PI98780 | Web server definition show incorrect status | ||
✓
|
PI98928 | Potential vulnerability in WebSphere Application Server (CVE-2015-0899) | |
PI99077 | Options menu to set log trace pops up but doesn't set trace | ||
Contexts and Dependency Injection (CDI) | PI90637 | Avoid concurrent modification of maps creating issues with timeouts | |
Default Messaging Component | PI85830 | JMS transit through the SIB corrupts double byte charactes | |
PI86995 | Errors captured in SIB logs within output of ObjectMessage.toString() | ||
PI87338 | Expired messages will not be handled correctly when messaging engine will be restarted | ||
Double Byte Charatcer Set (DBCS) | PI94519 | UserInternationalization javadoc contains broken links | |
Dynamic Cache | PI96665 | Servlet caching doesn't support HTTP 1.1 transfer-encoding: chunked requests | |
EJB Container | PI92119 | EJB embeddable container fails to start application with @schedule | |
PI92731 | "CORBA.MARSHAL: incompatibility between stub and tie" on WebSphere Acheduler Application | ||
PI93822 | EJB Auto-Link fails for java:global with beanName provided | ||
PI93950 | NullPointerException from EJSContainer postInvoke() method | ||
PI93952 | CWNEN0030E when multiple deployed editions of an application contain the same environment entries | ||
PI94171 | IllegalStateException: the JTA transaction is not started or invalid | ||
EJBDeploy (WSAD) | PI73197 | Enable Java 8 support for EJBDeploy on WebSphere Application Server | |
PI97841 | Add missing database options to EJBDeploy on Admin Console | ||
Enterprise Edition (EE) | PI95175 | java.lang.ArrayIndexOutOfBoundsException may be thrown when parsing XML files larger than 64k bytes | |
Federated Repositories | PI88438 | When defining a root base DN for a federated repository, display and login problems occur | |
PI88864 | Duplicate users returned if LDAP connectivity errors occur during paged searches | ||
PI90846 | Exception occurs when a mapping exists for PersonAccount or Group, but not both | ||
PI91971 | Poor performance using file-based registry under load | ||
PI92274 | Server fails to start when Domino Ldap server is not reachable | ||
PI93225 | Users logging in with parentheses in their names cause "unbalanced parethesis error" | ||
PI93552 | java.lang.runtimeexception: an invalid XML character (Unicode: 0x0) was found in the element content:group | ||
General | PI56169 | Wrong ID logged whne stopping an app server through the admin console | |
PI79520 | Compute Grid proxy job abends with CC 4084 | ||
PI85595 | Performance issue with SIB link connection when transferring large messages from one cell to another cell | ||
PI88319 | Expired SIB messages might not be deleted after a messaging engine failure | ||
PI89274 | IndexOutOfBoundsException when setting a list on DataObject | ||
PI89997 | ConcurrentModification error might happen when tracing AMM code | ||
PI90792 | PluginMerge script has issue when merge the ODR generated plugin with cell generated plugin | ||
PI91256 | ODCF8101E java.lang.nullPonterException thrown | ||
PI92056 | postInstaller messages are not printing out special characters | ||
PI92182 | Server stop processing gets hung up in SIB component | ||
PI93374 | Session affinity can be broken and result in errorneous 503S | ||
PI93477 | CWSIP0001E: an internal messaging error occurred in com.ibm.ws.sib.processor.impl.anycastinputhandler.co | ||
PI94670 | _setupsdk1.8_64_bundled.sh has 31 bit java_home | ||
PI95381 | OAuth 2.0 configured in a security domain may fail to initialize | ||
PI95676 | "in-use" count can be wrong after APAR PI77049 - causing abend=00dc3000 rsncode=0a150001 | ||
PI95821 | Stabilize Product Insights Enablement | ||
PI96041 | Incorrect headers in outbound request with JAX-RS 1.1 | ||
PI96427 | When mail trace is enabled passwords are changed to be ******* | ||
PI96436 | Wink code logging every error 404 | ||
PI96471 | "submit jobs" option not available in WebSphere v8.5.5 JMC | ||
PI96616 | Enable OSGI option cleanUponSave | ||
✓
|
PI96685 | Vulnerability in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783) | |
PI96748 | Enhance workspace code to help reduce OOM problem | ||
PI96826 | IllegalArgumentException in classReader during the annotation scan | ||
PI97045 | Invalid Content-Type header logs ArrayIndexOutOfBoundsException. | ||
✓
|
PI97162 | Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI | |
PI97986 | StringIndexOutOfBoundsException occurs when reading custom routing policies for OSGi applications | ||
✓
|
PI98928 | LongRunningScheduler.ear affected by CVE-2015-0899 | |
PI99029 | Warn the user that Java SE 7 and 7.1 are going out of service in September 2019 | ||
PI99410 | NPE happened in the SNMP Agent systemout.log | ||
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server | |
IBM i | PI89504 | Application server fails to start when generic JVM argument value contain blank(s) | |
PI95735 | stopServer/stopNode/stopManager scripts hang when LOGOUTPUT is set to *pnd in QWASJOBD | ||
PI95742 | Fix pack 8.5.5.13 will fail to install if /QOpenSys/qQIBM/ProdData/JavaVM/jdk80 exists and is empty | ||
Java 2 Connectivity (J2C) | PI90290 | NullPointerException when using JDBC custom property JDBCTimingThreshold in WebSphere v8.5.5.x | |
PI90388 | The resource adapter sending a CONNECTION_ERROR_OCCURRED on a connection while it is in free pool results negative conn. count | ||
PI90945 | Autocommit is not being reset back to default when using non-transactional datasource | ||
PI92626 | Block the calling of several new methods on OracleConnection in the OJDBC8 12.2 driver that are unsafe | ||
PI93901 | NullPointerException in Admin Console when trying to display connection factory status for CICSECI resource adapter. | ||
PI96072 | NullPointerException in com.ibm.ejs.j2c.j2cutili | ||
PI97001 | Incorrect db2_classes16.jar file path in the default description for the DB2 UDB for iSeries (native) JDBC provider in WAS | ||
PI97372 | Intermittent J2CA0046E/NullPointerException when obtaining a connection from datasource | ||
✓
|
PI98140 | Information disclosure in WebSphere Application Server (CVE-2018-1621) | |
Java Management Extensions (JMX) or JMX Client API |
✓
|
PI90009 | Information disclosure in WebSphere Application Server (CVE-2017-1743) |
Java Message Service (JMS) | PI87580 | NullPointerExceptions from webcontainer code | |
PI88594 | Request to context root without trailing slash gets redirected, but the query string was not added to the redirect URL. | ||
PI88676 | Setting system date 100 years into the future generates an ArrayIndexOutOfBoundsException | ||
PI89346 | 8.5.5.10 Control Region com.ibm.ws.xct.impl.xctstack OOM | ||
PI96735 | Access Log "maxFiles" attribute not working as intended with value of 0 | ||
Java Persistence API (JPA) | PI92398 | Under certain conditions OpenJPA can insert an embeddable into the datacache map | |
PI95766 | DB representation of boolean values with POSTgres is incorrect | ||
PI95871 | Wrong context classloader in org.apache.openjpa.enhance.pc | ||
Java SDK | PI88850 | High CPU issues from org/apache/myfaces/ | |
PI90509 | Fix for myFaces-3752 | ||
PI94947 | Update of composite component within an ui:repeat doesn't work | ||
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI87954 | Hung thread issue in MyFaces getPropertyDescriptor | |
JNDI/Naming | PI94660 | Got a warning "NMSV0822W" message during a server startup | |
PI95598 | Naming implementation in a IBM Thin Client for EJBs takes additional time while trying to look up EJBs in a wlp server | ||
JSP | PI82426 | Incorrect output for JSP in an expression tag when using certain string concatenations. | |
PI87886 | generated_web.xml is empty when installing an application using an exported EAR and when pre-compiling JSPs on the install | ||
PI89577 | Lambda expressions might fail to compile when using Java SDK 8 to compile JavaServer Pages (JSP) | ||
Messaging Providers | PI93516 | JMS destination marked toBeDeleted cannot be destroyed and recreated | |
PI93628 | Diagnostics for "CWSOM0005W: the ObjectManager found that the logfile was too full..." | ||
Migration | PI92469 | Configurations of new target profile template remain untouched during migration although they do not exist in old profile | |
PI92480 | Migration process omitted LDAP failover configuration | ||
PI92605 | WebSphere SSL protocol should be auto updated to ssl_tlsv2 | ||
PI92942 | Migration changes the order of the login modules in the security.xml file | ||
PI93298 | Port conflict after migrating from v7 to v855x on the same server into the same directory | ||
PI93466 | Remote WASPreUpgrade fails on Solaris with "test: argument expected" error | ||
PI93622 | Migrating from WebSphere v7 to v8.5.5+ with a server-level security.xml causes post-upgrade NullPointerException | ||
PI95217 | WASPostUpgrade failed with MIGR0464E due to NullPointerException | ||
PI97582 | WASPostUpgrade failing with NullPointerException coming from the ServerIndexConfig | ||
Other | PI97486 | Left panel of Admin Console does not disappear after auto log-off due to session timeout | |
PD tools (for example: Log Analyzer) | PI92935 | WAS 8.5 stopServer script intermittently results in hang, fails to stop server | |
Plug-in | PI89525 | Invalid plug-in path for property "PluginInstallRoot" is created for WebSphere on iSeries | |
PI91280 | Secure transports may use the wrong timeout value if URL timeouts are configured using SetEnvIf | ||
PI91879 | ConnectionTTL="0" in transport statements in the plugin-cfg.xml | ||
PI92967 | IBM WebSphere web server plugin for iPlanet/SunOne sending wrong response code | ||
PI93554 | Plugin propagate does not work from commandline using genplugincfg.sh | ||
PI94724 | Admin console command helper generating an incorrect script command for adding StashfileLocation plug-in property | ||
PI96048 | Plugin generation should have a way to add removeSpecialHeaders to the configuration section | ||
PI96130 | HTTP2302: Function as_handler aborted the request without setting the status code | ||
PI96649 | Plug-in fails to write data with RC=10035 in windows | ||
PMI/Performance Tools | PI90503 | Cannot start logging in TPV | |
PI97663 | NPE in perfModules.getConfigFromXMLFile | ||
Programming Model Extensions (PME) | PI96604 | StreamCorruptedException in workarea on WAS v8.5 with JDK 8.0.5.5 (SR5/FP5) | |
Runtime and Classloader | PI72506 | Support openConnection(URL, Proxy) using MultplexingURLStreamHandler in OSGI | |
PI84518 | Administrative console libraries are not designed to be run with a "parent_last" application class loader | ||
PI92979 | High CPU due to the classloader stack | ||
Security | PI86770 | Remove unsupported security events from audit log. | |
PI87414 | After deleting the existing default certificates, the newly created default certificates are using SHA1 | ||
PI88044 | Calling purgeUserFromAuthCache or a user that is in a group permitted to a role does not take affect. | ||
PI88161 | The ibm_security_logout page does not render correctly when the X-Content-Type-Options heade rvalue uses nosniff | ||
PI90068 | WebSphere Application Server v8.5.5.2 crashing after several minutes of running after InfoSphere DataStage 11.5.0.2 restart | ||
PI92316 | Inconsistent behavior with replacing SSL certificates | ||
PI94021 | Not able to renew a self-signed wildcard certificate. | ||
PI94230 | Certificate Monitor does not refresh RSA keys after renewal | ||
PI94239 | Certificate Monitor leaves temporary workspace | ||
PI94291 | Certificate Notification not working with SMPT Mail Server | ||
PI95120 | AuthCache not updated with renewed subject | ||
PI95256 | Enabling security audit breaks WebSeal Trust Association | ||
PI96566 | ArrayIndexOutOfBoundsException: array index out of range: 14 | ||
PI97281 | Add jceks.key.serialFilter Java security property so that JCEKS keystores will work properly | ||
PI98386 | Allow the elliptical curve ciphers to show up in the high/strong ciphers list by default. | ||
Security (zSeries®) | PI96383 | High CPU and increased AUX storage in WebSphere Daemon if connection is closed during SSL handshake | |
Servlet Engine/Web Container | PI91920 | Improve the SRVE0080E error message | |
Session Initiation Protocol (SIP) Container | PI89322 | Headers in the sipproxy.log are different than in trace.log | |
PI93796 | SIP container uses a wrong interface for a loopback request | ||
System Management/Repository | PI69603 | Extra data in FFDC file generated by JSR160RMIConnectorClient.reconnect exception | |
PI89938 | Property file based configuration serviceability improvement | ||
PI94228 | Scheduler Services startup issues due to the resource binding issues with JNDI | ||
PI94531 | Update the default values of JVM options -xscmaxaot and -xscmx to decrease application server starup time. | ||
PI94757 | Issue with application edition management and ADMA0159W messages | ||
Transaction Service | PI53320 | WS-RM internal error caused sequence containing application messages to be deleted | |
PI53384 | WS-RM sequence reallocation processing may delete application messages from the persistent store | ||
PI88168 | WebSphere AppServer startup fails with WTRN0045W errors | ||
PI89405 | App Server Controller terminates with C9C21A44 followed by C9C21A30 | ||
PI92239 | Client cannot unmount tranlog directory after calling disableMember on HAManager MBean when using memory-mapped files | ||
PI93971 | CR terminates after WTRN0108I: contextDisassociation. Unexpected state: 3 and failedXAResources = true | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI78733 | Two service clients displayed on administrative console for an application | |
PI80913 | WASAxis2ConfigurationBuilder loads the jax-ws-catalog.xml file using a call to 'getResource' instead of 'getResources' | ||
PI83389 | JAXBException error occurred when a JAXB class was not included in JAXBContext | ||
PI86063 | SAMLResponse XMLOutputFactory does not recognize the property "reuse-instance" | ||
PI88248 | ConcurrentModificationException error may occur when running JAX-RPC application | ||
PI89987 | Starting application fails with CWMDF0002E ArrayIndexOutOfBoundsException | ||
PI91683 | Require the ability to mask or remove the "AXIS2NS1" from the fault | ||
PI92940 | Avoid sudden high CPU usage and threads hung on busy servers. | ||
PI94754 | ADMR0024E: user <null> does not have the required role to access 1 document(s). | ||
✓
|
PI98251 | Vulnerability in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783) | |
Web Services Security |
✓
|
PI78804 | Information disclosure in WebSphere Application Server using SAML (CVE-2018-1614) |
PI88253 | OIDC RP secure flag not set on the OIDCREQURL cookie | ||
PI88896 | OIDC RP refreshed access_token is not put into subject | ||
PI90373 | OIDC RP authorizationEndpointUrls does not handle query parameters correctly | ||
PI92210 | OIDC RP configuration of location of sign verify certificate is not customizable | ||
PI92332 | OIDC RP does not support OP userInfo endpoint | ||
PI94538 | OpenID Connect relying party does not invoke the revocation endpoint on the OP on logout | ||
PI95884 | JAX-WS WS-Security cannot use SHA384 or SHA512 digest algorithms | ||
PI96508 | OIDC RP may not connect to token endpoint due to SSL handshake_failure | ||
WebSphere Common Configuration Model (WCCM) | PI89038 | Annotation not processed in the ra.xml file during deployment of CTG cicseci.rar with websphere configured with Java 8 | |
PI89708 | The log4j-api-2.9.1.jar contains classes under the META-INF directory cause an exception during startup | ||
PI90832 | WEB-INF/lib classloader order specification | ||
PI92105 | Allow empty main-class attribute in MANIFEST.MF for application client module | ||
PI93744 | The log4j-api-2.9.1.jar contains classes under the META-INF directory cause an exception during startup | ||
PI97612 | Unset deployment descriptor attributes become set during deployment with web.xml using Servlet 2.5 schema | ||
z/OS | PI97012 | CICS throws resp=8 resp2=34 going inbound via WOLA when servant is not started |
Fix Pack 8.5.5.13
|
|
---|---|
Fix release date: 5 February 2018 Last modified: 5 February 2018 Status: Superseded Download Fix Pack 8.5.5.13 |
Component
|
Security APAR
|
APAR
|
Description
|
---|---|---|---|
Administrative Console (all non-scripting) | PI78907 | Null pointer exception in the console when adding a new host with bad parameters | |
PI80683 | Admin console resource environment custom property name in all capital letters may not be handled properly | ||
PI82237 | Increase the Java shared class cache size for WebSphere Application Server for z/OS servant address spaces | ||
PI82507 | WebSphere administrative console display consent banner before granting access | ||
PI83039 | Iscdeploys leaves temporary files | ||
PI83138 | Clicking the LDAP test query link causes NoSuchElementException which also leads to an NPE | ||
PI83563 | Update the Batik library in isclite.ear to 1.9 | ||
PI84716 | com.ibm.WebSphere.security.spnego.useRACMAPMappingToSAF property value not displayed correctly in admin console | ||
PI87525 | EJB remote home binding setting is not displayed correctly on admin console | ||
PI87667 | Java 2 security is enabled briefly during WebSphere Appplication Server for z/OS server startup even when it is configured off | ||
PI88509 | ISC console's app deployment panel pause long time after finish button clicked, if clicked twice, deploys twice on large ear | ||
Contexts and Dependency Injection (CDI) | PI81536 | NPE in InterceptorData.createNewInstance | |
PI82284 | ConcurrentModificationException on sync session | ||
PI82777 | Modify OpenWebBeansConfiguration class to avoid thread locks | ||
PI83251 | NullPointerException during load test at org.apache.webbeans.context.SessionContext.isAnyRequestActive | ||
Default Messaging Component | PI81815 | In WebSphere v8.5.5, messaging engine takes unusually long time to start after failover and throws CWSID0032W warning messages | |
PI86830 | CWSIS1530E: the data type, 2, was found instead of the expected type, 3, for column | ||
Dynamic Cache | PI81162 | DynaCache does not replicate alias entries | |
PI84946 | TimeToLive is not updated when cache entry is updated | ||
PI85747 | Create a EntryInfo.SHARED_DEFAULT setting for the DynaCache sharing policy | ||
EJB Container | PI77856 | EJB 3.x Stub class throws RemoteException for communication failure | |
Enterprise Edition (EE) | PI80477 | JAXB fails to unmarshal arrays with custom type inside @XMLElement annotation | |
Federated Repositories | PI81497 | When one base DN is the subset of another in a federated repository, LDAP failures occur | |
PI81722 | Federated repositories throws AccessControlException when Java SecurityManager is enabled and an SSL connection is attempted | ||
PI82111 | Federated repositories fails to change password when IRE is Java 8 | ||
PI82306 | Federated repositories uses wrong security domain | ||
PI82997 | Extra information may be in trace when configuring a RACF LDAP repository | ||
PI83149 | File registry XML file not synchronized to nodes | ||
PI85881 | Custom property handling for federated stand-alone LDAP registries needs updating | ||
General | PI82298 | WAS controller region abends with AB/S0DC3 PRCS/03080002 after Modify RESUMELISTENERS | |
PI33088 | Synchronization begin method does not get invoked on the restart of a top level job | ||
PI65154 | HeapDetect: error notifying monitor: 52 message appears during server shutdown | ||
PI66886 | Updates and fixes for endpoint job purge | ||
PI73588 | Deadlock occurs in SIP Proxy under heavy TCP load | ||
PI75567 | SchedulerException when deleting compute grid jobs from a clustered scheduler environment | ||
PI77076 | When enable "start components as needed", can t submit job from other cluster member not host the scheduler | ||
PI77232 | Compute grid property overrides passed for a sub-job restart fail to be applied | ||
PI78935 | Transactions become corrupted after CWSIC8007E, CWSIC2029 and CWSIK0016E error-messages in the JFapChannel | ||
PI80020 | NullPointerException occurs while starting DMGR in policyset | ||
PI80078 | When profileRegistry.xml file moved to non-default location, batch migration script fails during config backup processing | ||
PI80333 | Support CPU constraints in ProductInsights | ||
PI80971 | Allow modification of message driven bean bindings in OSGI applications to bind to listener ports | ||
PI81191 | Plugin with intelligent management enabled breaks affinity | ||
PI81356 | Incorrect jobstats caused application to hang | ||
PI81396 | Unable to register a Liberty server with product insights though an authentication required proxy | ||
PI81527 | In WebSphere v8.5.5, after a lost database connection, WSGrid hangs and jobs remain in submitted state | ||
PI81591 | WASService does not recognize running process | ||
PI81699 | Update the manifest file for com.ibm.jaxws.tools.jar to import javax.enterprise.inject | ||
PI81891 | DMZ SIP proxy parsing via header incorrectly | ||
PI82240 | Changes to XD_AGENTport may not updtae in the plugin-cfg.xml with intelligent management enabled | ||
PI82522 | NPE at com.ibm.son.mesh.CfwTCPImpl.ready(CfwTCPImpl.java:887) logged in ODCF8601E message after shutdown invocation | ||
PI82527 | ODR session affinity breaks when request contains multiple session cookies of the same name | ||
PI82529 | HTTP transport encoding CP943C will be used for JSTL params | ||
PI82632 | When a rollout fails, it takes a long time for the rollout process to finish | ||
PI82642 | Job log sections on the endpoint to fail on write when full | ||
PI82819 | Issue with allocating job numbers | ||
PI83053 | List elements go missing when moving the list from one dataobject into another | ||
PI83231 | Add support for CICS 5.4 in WebSphere optimized local adapters for Liberty and t-WAS | ||
PI83279 | GPF in com/ibm/ws390/tx/NativeTransactionContext.resume_tti | ||
PI83363 | Intelligent Management for Web Servers: When a Liberty server is stopped and restarted, the server might not be used for routing | ||
PI83682 | ProductInsights not reporting used JVM memory correctly | ||
PI83743 | The message CWLRB1800I: Job [xxx] Step [nnn] is skipped. is not printing in WebSphere 8.5.5.7 with compute grid | ||
PI84083 | Usage data is not queued if connection to Bluemix Product Insights host fails | ||
PI84327 | WAS Product Insights does not send in group name translations | ||
PI84742 | Disabling an application's 'Target Specific Application Status' while the application is running results in 404/503 | ||
PI84836 | ACK request sent on 2XX retransmission might be mapped to the wrong application session | ||
PI85138 | CDI classloader leak when restarting application. CDI to create timer without classloader | ||
PI85268 | Hover help for plugin's RetryInterval is wrong in the WAS console | ||
PI85386 | Display problem of adminconsole at "InternalClassAccessMode" | ||
PI85490 | Deadlock caused by WsLogManager and SIB trace code | ||
PI85519 | During start up of the JVMS, receiving CWPTF0002W messages in the systemOut.log | ||
PI85587 | Java.lang.NullPointerException when starting an EBA containing an EJB | ||
PI85865 | NullPointerException in LRUHashMap | ||
PI86097 | Intermittent issues with APC promptly responding to lazy start DC | ||
PI86758 | Negative active session count is being reported | ||
PI87029 | ODR port update is not reflected in high availability plugin-cfg.xml | ||
PI87050 | Load module BBODPCRT can be deleted while still in use | ||
PI87069 | When running with Java8, EBCDIC strings data conversion shows wrong behavior | ||
PI87522 | getRequestUri() in a JAX-RS resource throws IllegalArgumentException when URI contains UTF8 characters | ||
PI87542 | During nodeagent startup NullPointerException in WORKPROFILERHAMANAGEDITEM, issue can be ignored | ||
PI87613 | Product Insights should be disabled when no config is present | ||
PI87723 | NullPointerException occurs during application start | ||
PI88185 | WXIM0127E invalid value specified for routingLocations | ||
PI88776 | Health policy log message for garbage collection percentage threshold exceeded is missing message Id | ||
PI88907 | Additional ODC application data sanity checks | ||
PI88965 | Bundle could not be resolved because of missing constraint JavaSE-1.8 | ||
PI89254 | ActivityPublisher can move between DMGR and Node Agent, if ActivityPublisher is deactivated, NullPointerException occurs | ||
PI89817 | Delay when setting node into maintenance mode | ||
PI90786 | Web service injection processor not being registered | ||
✓
|
PI90804 | Security vulnerability in Apache Commons used by WebSphere Application Server (CVE-2016-1000031) | |
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server | |
IBM i | PI82400 | Enhance queryWASInstalls to no longer use Java 6 | |
Install | PI86428 | Handle Java 6 EOS on IBM i | |
PI89244 | Java 8 is not installed on Linux Ubuntu 16.04 | ||
PI91734 | Cannot install WAS 8.5.5.12 with embedded JAVA 8 on Windows 7 Professional SP1 | ||
Java 2 Connectivity (J2C) | PI80822 | NullPointerException thrown when requesting connections to a RAR from several threads | |
PI81163 | Container-managed authentication alias not applied for JMS connection factories if mapping-configuration alias is not set | ||
PI82761 | Runtime performance advisor has hung thread w/ J2SDiagnosticAlertHelperImpl.java on line 419 | ||
PI83198 | Muti-threaded deployment exposes race condition in connection factory initialization code | ||
PI87631 | High number of rollback/aborts occurring during connection validation for JDBC connection pools | ||
PI88017 | JMS connections from WebSphere Application Server (WAS) are not destroyed after upgrading WAS to fix pack v8.5.5.12 | ||
PI88123 | JPA failure when defining data source custom property JDBCTimingThreshold | ||
Java Management Extensions (JMX) or JMX Client API | PI75519 | Node federation fails because it can t find the IPv6 address | |
Java Message Service (JMS) | PI80377 | New activiation spec properties - control build up/flow of MDB requests | |
PI80680 | WebSphere z/OS 8.5.5.10 control region abend 0c4 in XMemProxyCppUtilities::flushResponse(acrwObj*) | ||
PI81124 | Closing websocket session will throw NullPointerException | ||
PI81329 | NCSA access logs %b option output displays "-" instead of the size of the response in bytes | ||
PI81342 | Web service call is failing after applying latest fix packs + IFPI70810 | ||
PI81569 | Introduce switch for getQueryString() to return original query string in forwarded servlet | ||
PI81572 | Parsing errors when the connection is reused and there is unread data on the wire after the response is read | ||
PI81864 | ConcurrentLinkedList tailSequenceNumberLock garbage collected | ||
PI83369 | Modifying advanced properties of activation spec resets arbitrary properties | ||
Java Persistence API (JPA) | PI80863 | Issue with the way OpenJPA caches and reuses query parameters for between expressions when OpenJPA's QueryCache property enbled | |
PI81260 | OpenJPA does not passthrough SSL connection properties that set using openjpa.ConnectionProperties when creating Db2 connection | ||
PI81931 | org.apache.openjpa.lib.util.ParseException | ||
PI84016 | JPA application behavior changes after migration to WAS 9.0.0.4 | ||
PI84428 | ArrayIndexOutOfBoundsException from OpenJPA for @EmbeddedId | ||
Java SDK | PI80895 | MYFACES-3415 - [UI:REPEAT] field value disappears if validation error exists on current site | |
PI85250 | Hung thread issue in Myfaces _getMetadataTarget | ||
PI86494 | Messages returned from JSF APIs are in the incorrect order | ||
✓
|
PI87299 | Information disclosure in Apache MyFaces affects WebSphere Application Server (CVE-2011-4343) | |
✓
|
PI87300 | Information disclosure in WebSphere Application Server in JSF (CVE-2017-1583) | |
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI82893 | Javax.faces.INTERPRET_EMPTY_STRING_SUBMITTED_VALUES_AS_NULL value affects display behaviour for required fields | |
JavaServer Pages (JSP) | PI85892 | ClassCastExceptions while doing a naming lookup for BeanManager | |
JSP | PI82193 | ClassCastException with TransformerFactoryImpl when running JSPBatchCompiler | |
Messaging Providers | PI76990 | Mediation points stuck in waiting for status | |
Migration | PI76634 | Migration disabled source node prior to successful sync | |
PI81328 | Running WASPostUpgrade fails with AllAuthenticatedUsersInTrustedRealmsExt | ||
PI83890 | Migration is not handling SPNEGO security settings correctly | ||
PI85014 | Remote WASPreUpgrade fails with Embedded Derby exception | ||
PI89175 | WASPreUpgrade.sh with "-machinechange true" fails with error MIGR0104E | ||
PI89790 | The zmmManagedNodeInstructions.html file is generated with an incomplete body element in the ZMMT tool | ||
Object Request Broker (ORB) | PI85206 | ABEND0C4 PIC-11 in module BBOCLSCC, a WOLA module running in a CICS region address space when stopping zWAS server timing window | |
PD tools (for example: Log Analyzer) | PI80995 | Asynchronous log records does not show up in systemout.log | |
PI82686 | The -summary option information is missing in the -help option in the collector tool | ||
PI82911 | Ulimit value to be printed to logs | ||
PI85570 | collector.sh script may not be updated with new maintenence under certain condition | ||
PI85899 | Collector tool failed to gather all docs | ||
PI87581 | Trace output in runtime tab will show memory buffer as trace output instead of none | ||
PI88370 | Memory buffer trace output performance is slow when basic trace format is used | ||
Plug-in | PI81951 | Client failure may occur when the web server plug-in connection is reused and previous connection timed out waiting for response | |
PI81973 | iPlanet Web Server cannot load the WebSphere plugin on Solaris x86 | ||
PI82314 | Application response without a reason phrase causes plug-in to return 500 error | ||
PI84620 | WebSphere plugin needs better message for a wrong CertLabel | ||
PI86280 | Several misleading debug level messages in the WAS webserver plugin | ||
PI86414 | 400 is thrown when ESI is enabled but the response from the app server does not indicate ESI caching and client disconnects | ||
PI89253 | Unable to use ECDHE cipher on outbound handshake from HTTP server plugin | ||
PMI/Performance Tools | PI77706 | TPV statistic counter is aggregated incorrectly | |
PI82624 | PerfServlet application returns empty version information | ||
Profile | PI85714 | PCT command line - WCTCMD - with response file fails to configure IHS admin | |
Proxy Server |
✓
|
PI82630 | Potential information disclosure with WebSphere Application Server proxy server or On-Demand-Router (ODR) (CVE-2017-1381) |
Runtime (zSeries®) | PI81698 | ABEND00C and ABEND0C4 in was after stop was issued | |
Runtime and Classloader | PI52066 | clearClassCache.sh on z/OS completes with RC 1 even though the script worked | |
PI75794 | JDNI namespace scoping issue occurring during runtime | ||
PI80620 | Message WSVR0655I is seen continuously in the systemout.log | ||
PI82621 | Handle NPE and emit servicable failure message when parsing server endpoint metadata | ||
PI86187 | Bootstrap code to check the WebSphere product version XML files for updates to determine OSGI cache state | ||
PI88036 | Export com.ibm.WebSphere.product.metadata.im packages within | ||
Security | PI78326 | WebSphere sub-domain servers with SPNEGO Web authentication getting error SECJ6236E | |
PI80170 | The managementScopes element fails to be deleted from security.xml when removing a server via WAS admin console | ||
PI80721 | WebSphere default chained certificate doesn t have DNS names under subject alternative name field | ||
PI80962 | Creation of remote keystore fails when existing keystore is specified | ||
PI81050 | Client certificate authentication failure does not fall back to basic authentication | ||
PI81168 | NullPointerException when attempting to create a keystore remotely in wsadmin | ||
PI82135 | Converting certificates in cms keystore may not delete an old signer certificate | ||
PI82342 | Each ORB/EJB request is making 3 LDAP search requests | ||
PI82509 | The value of property mapping.targetRealmName is not passed to Db2/RACF via the data source | ||
PI82746 | NPE at org.apa | ||
PI83677 | Monitor role not showing fips information | ||
PI85356 | Unable to delete keystores - corrupted deleted.p12 | ||
PI85394 | When using webapp security a session may be created even if one should not be created for the request | ||
PI86143 | Dynamic outbound SSL configuration incorrectly matching outbound request | ||
Servlet Engine/Web Container | PI82547 | NPE during servlet initialization process | |
✓
|
PI88642 | Information disclosure in WebSphere Application Server (CVE-2017-1681) | |
PI89628 | A directory might not be found when using JDK8 SR4 PK10 | ||
Session Initiation Protocol (SIP) Container | PI78794 | The SIP Container fails to parse a message when the size exceeds 2048 bytes and double CRLF is sent prior to the message | |
PI83395 | In a multi-homed environment, multiple 200 responses are not proxied back to the originating endpoint | ||
PI86498 | Record-route header field might contain incorrect port | ||
PI86934 | WebSphere SIP container delays 10 seconds when DNS is unreachable | ||
PI87745 | In a multi-homed environment WebSphere puts wrong address family in a SIP response contact header field | ||
PI88312 | NullPointerException might be thrown when a failover occurs in WebSphere SIP container | ||
System Management/Repository | PI75986 | Incorrect java library path set when a server SDK is different from the node/profile SDK | |
PI77669 | Sequencing of PAUSELISTENERS/RESUMELISTENERS | ||
PI78268 | Allow option -Declipse.security to only be specified when Java 2 security is actually enabled | ||
PI80126 | Application server fails to start, and throws a NullPointerException | ||
PI81263 | IWAE0006e archive is not a valid EJB jar file because the deployment descriptor cannot be found | ||
PI88658 | When using a property file for autodeploy with the parameter userdefaultbindings the ear is saved with different permission | ||
PI89521 | AdminTask.extractConfigProperties is too slow | ||
PI89756 | Reimplements the fixes for PI75986 and PI78268 | ||
PI90276 | Set default value of JVM option -Xscmaxaot to 8m to decrease application server startup time | ||
Transaction Service | PI59372 | Deadlock may occur in CScope RecoveryManager | |
PI67513 | ClassCastException thrown during ActiveMQ resource recovery | ||
PI73138 | Transaction recovery may fail when a resource adapter is embedded in an installed application | ||
PI74163 | WebSphere Application Server for z/OS started in recovery-only mode fails to complete when the compensation service is enabled | ||
PI81452 | Improve serviceability for activity service | ||
PI82951 | WTRN0100E: server stopping but no reserved connection when closing SQL recoverylog occurs when stopping the server | ||
PI89985 | Update WMQ RA to version 7.1.0.9 | ||
Web Services Security | PI61915 | More diagnostics required when the SAML Web SSO redirect URL is null | |
PI75355 | ADMA0078W the file cannot be deleted when deploying new version of our applications, can t delete old version of application | ||
PI80543 | OIDC TAI cannot dynamically build callback URL | ||
PI80549 | OpenID Connect (OIDC) Relying Party (RP) does not support post introspection endpoints | ||
PI82308 | OpenID Connect (OIDC) relying party (RP) loses URL fragments during the login process | ||
PI84244 | OIDC RP does not restore single-quote characters in post data | ||
PI86752 | OIDC RP is requiring optional iat claim in introspected access token | ||
PI87354 | OpenID Connect (OIDC) Relying Party (RP) does not logout user if OIDC session cookie is not present | ||
WebSphere Common Configuration Model (WCCM) | PI78526 | EJBDeploy tool fails when setting metadata-complete during deployment | |
PI82255 | Call in violation of protocol message during annotation scanning | ||
PI82698 | Remove "failed to open resource" warnings | ||
PI88862 | Failure to delete temporary file during application deployment | ||
PI88964 | CWWAM2601E errors during the startup of WebSphere Application Server v9.0 | ||
PI89038 | Annotation not processed in the ra.xml file during deployment of CTG cicseci.rar with WebSphere configured with Java 8 | ||
PI89196 | Bug 304213-CacheManifest.getManifest returns NULL | ||
PI89385 | Incorrect MSK time in com.ibm.icu.jar |
Fix Pack 8.5.5.12
|
|
---|---|
Fix release date: 21 July 2017 Last modified: 21 July 2017 Status: Superseded Download Fix Pack 8.5.5.12 |
Component
|
Security APAR
|
APAR
|
Description
|
---|---|---|---|
Administrative Console (all non-scripting) | PI56575 | No command assistance link after updating the session pool properties of a connection factory via admin console | |
PI60748 | Incorrect warning in admin console with changing from 64-bit mode to 31 bit mode | ||
PI67851 | Console show items at the following authorization group level does not show drop down | ||
✓
|
PI70627 | Potential cross-site scripting in WebSphere Application Server Admin Console (CVE-2016-8934) | |
PI71198 | Console getting blank page when clicking on rollout update | ||
PI71926 | Bind DN not saved correctly when editing security configuration | ||
PI72154 | Bind password is "pre-populated" incorrectly in VMM panel and authentication error comes up | ||
✓
|
PI73367 | Potential Cross-Site Scripting in Admin Console (CVE-2017-1121) | |
PI73570 | Different behavior observed when updating PMI statistic thru admin console and using wsadmin script | ||
PI74709 | Selecting to update multiple roles in an application causes the original users to be updated incorrectly | ||
✓
|
PI76088 | Potential security vulnerability in WebSphere Application Server Administrative Console (CVE-2017-1137) | |
PI77447 | Inconsistent port assignment when creating multi_node cluster with wsadmin scripting | ||
PI77682 | Server.xml may have unexpected tags when server is created based on a custom template | ||
PI78745 | Update the custom property values for Virtual Member Manager for a custom property table | ||
PI79650 | System property to disable admin console loginForm when certLogin is required | ||
✓
|
PI80889 | Potential weaker than expected security with Admin Console (CVE-2017-1501) | |
✓
|
PI82078 | Cross-site scripting issue in WebSphere Admin Console (CVE-2017-1380) | |
PI83464 | Failure when attempting to create profile for cell BBOWWPFC | ||
Administrative Scripting Tools (for example: wsadmin or ANT) | PI70895 | IllegalArgumentException may occur when running AdminJDBC.createDataSourceAtScope with @ and commas in the URL | |
PI74657 | AdminServerManagement.stopAllServers() throws error when the servers are already stopped | ||
Contexts and Dependency Injection (CDI) | PI31136 | Methods of conversation should throw ContextNotActiveException when scope not active | |
PI66630 | UnsatisfiedResolutionException thrown in non-CDI environment | ||
PI70218 | Stale ApplicationContext in webContextsService | ||
PI70323 | Principal injection does not inject unauthenticated subject when there is not an authenticated subject in the context | ||
PI72275 | Injection does not work during concurrent initialization | ||
PI74201 | Collections.synchronizedMap does not perform as well as it could under high load | ||
PI74454 | Infinite loop restoring session context from failover | ||
PI76412 | NullPointerException generated on sessionDestroy | ||
PI76509 | Hang on org/apache/webbeans/context/sessioncontext.addchildrequest | ||
DB Connections/ Connection Pooling | PI80294 | During application server startup, the EJB timer service fails to start | |
Default Messaging Component | PI75834 | MDB application startup failed due to CWSIP0211E | |
Dynamic Cache | PI73233 | Servlet caching cannot parse WebSphere Development Tools generated cachespec.xml based on cachespec.xsd schema | |
PI73339 | Unable to define an alternate cache provider to replace the default dynacache cache provider | ||
PI78148 | SRVE0014E rom dynacache component after upgrading | ||
PI78552 | DYNA1064E while calling "getIdsSizeDisk()" by commerce when XS is used as cache provider | ||
PI81077 | NullPointerException at ESISupport.parentResponseIsJSFFacesServlet in an async servlet with servlet caching enabled | ||
EJB Container | PI66621 | ReferenceContextImpl caching empty list of targets for JSP classes | |
PI69192 | Remove unneeded information from FFDC log file | ||
PI79302 | Javax.ejb.Timer cancellation does not work as expected if uniqueTimerManagerForNP=true | ||
Enterprise Edition (EE) | PI70714 | Potential NullPointerException during JAXB unmarshalling | |
Federated Repositories | PI65681 | SECJ0363E errors with IllegalArgument exceptions from SDOUtil.createDataObject | |
PI67955 | LDAP connection timeout leads to NullPointerException | ||
PI69071 | Wsadmin changeMyPassword command on file repository user command fails with caller is not in the required role | ||
PI72152 | GetIdMgrLdapServer should obfuscate bind password in logs | ||
PI75159 | A base entry of "root" defined on a MicroSoft Active Directory LDAP server is not supported | ||
PI75642 | It is slow to open "Manage Groups" page in WebSphere administrative console | ||
PI75684 | User and group DNs contain extra escaped spaces for RDNs with multiple trailing spaces | ||
PI76481 | LocalServiceProvider initialization fails with NullPointerException | ||
PI79440 | NullPointerException in URBridgeXPathHelper.getExpression() | ||
PI79452 | NullPointerException in LdapConfigManager.getSupportedProperties() | ||
PI79781 | Federated repositories fails to search repository when overlapping base DN's exist | ||
General | PI61450 | Apache Wink code does not remove quotes from the boundary value. CONTENT-TYPE: MULTIPART/MIXED; BOUNDARY="SIMPLE BOUNDARY" | |
PI63058 | Add timeout to OAuth cache | ||
PI65490 | Incorrect status of the job when end point server is restarted | ||
PI65688 | MergeException at application start up | ||
PI66789 | WSGrid jobs not getting ended status returned when using SIBus | ||
PI68308 | High CPU in RMFGAT address space with most time spent in WLM module IWMI2PVT | ||
PI68375 | Local EJB references created from annotations incorrectly resolved as remote references | ||
PI69922 | Javadoc AppConstants.APPDEPL_* fields are incorrect | ||
PI70001 | Controller abends with 0c4-3b in CF_TCP_Connection::init_As_Client | ||
PI71380 | Allow SAML web inbound to retrieve saml assertion from an http request parameter | ||
PI72848 | Provide mechanism to retrieve WS-RM messages via SIB message store dump | ||
PI72917 | SQL timeout while updating CHECKPOINTREPOSITORY table | ||
PI73393 | Ampersand character is not escaped by XCI serializer | ||
PI73403 | ManageSDK help for -enableProfileAll task is missing -user and -password | ||
PI73632 | Java batch job scheduler is unable to refactor the job log file | ||
PI73829 | Multiple occurances of the same stack trace are filling up the logs | ||
PI74264 | ArrayIndexOutOfBoundsException generated by session management when application is managing HTTPsession through a framework | ||
PI74491 | z/OS: WOLA CICS messages: message and documentation updates messages prefixed with BBOA | ||
PI75485 | Issue message explaining from where session timeout is picked up | ||
PI75573 | Destroy session and conversation contexts before application context | ||
PI75583 | Link session to current request on session spawn | ||
PI75593 | Support third-party JAX-RS providers when jaxrs-1.1 feature is configured | ||
PI76992 | Provide connectivity with IBM Cloud Product Insights | ||
✓
|
PI77770 | Potential cross-site request forgery with WebSphere Application Server enabled with OAuth (CVE-2017-1194) | |
PI78316 | Xml parser validating normalizedString and token data types incorrectly | ||
PI78540 | WsSessionMgrComponentImpl throws NullPointerExceptions | ||
PI78849 | ManageSDK gives error deployment manager not running when running on node with security enabled | ||
PI79939 | Missing Java runtime version information in the header of the high performance extensible logs (HPEL) binary logs | ||
PI79990 | The copyzos.sh script produces a "EDC5003I Truncation of a record occurred during an I/O operation" error | ||
PI80467 | Update how cells are obtained from the ORB cell pool | ||
PI81025 | ManageSDK command will log wsadmin interaction | ||
PI82110 | Provide JDBC hang detection and timings feature to V9 and V855 | ||
PI82689 | NPE is thrown from InterceptOrHandler.resolveDecoratorDelegateHandler | ||
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server. | |
Install | PI75153 | Process detection is running when IM is invoked with -record and -skipinstall arguments | |
PI77184 | WebSphere AppClient silent installation failing when using Installation Manager imcl command | ||
PI77292 | WAS_Classpath in profile level gets overwritten by the WAS_HOME/bin/setupcmdline script | ||
PI77304 | VersionInfo shows Java 6 after install of IBM HTTP Server 8.5.5.11 with Java 8.0 | ||
PI78138 | Java version not updated after install of interim fix on App Client V8.5.5.11 | ||
PI78601 | The -installfixes option does not correctly handle superceding ifixes | ||
PI79037 | javax.xml.parsers.DocumentBuilderFactory cannot be instantiated | ||
PI79103 | VersionInfo does not show default Java 6 or Java 8 | ||
PI79731 | Javax.xml.steam.XMLInputFactory could not be instantiated | ||
PI82108 | Issue a message about JDK 6 EOS for IBM i | ||
Intelligent Management Component | PI71329 | DeadLock detected in NodeAgent process during shutdown of node | |
PI72200 | On-Demand-Configuration (ODC) support for the Intelligent Management (IM) enabled web server routing rules feature | ||
PI72201 | Configuration objects and AdminTasks in support of the Intelligent Management (IM) enabled web server routing rules feature | ||
PI73529 | High CPU in ODR code caching | ||
PI73782 | Customization of log Filenames and paths affected by WAS variable SERVER_LOG_ROOT | ||
PI74450 | Deadlock detected in nodeagent process during shutdown of node while users are unsubscribing from topics | ||
PI74867 | Health policies that have a "restart server" action occasionally do not restart due to port conflict | ||
PI75474 | Some request receive 404 or 503 when introducing a new ODR routing or GSC rule | ||
PI76533 | Modules in $WAS_INSTALL/lib are missing the program control bit | ||
PI76865 | Converted static cluster continues to show TYPE=static | ||
PI76949 | The 'IN' operator of Intelligent Management: HTTP operands does not work | ||
PI77226 | Additional retry logic needed for PI74867 | ||
PI77254 | DMGR or Node Agent times out during shutdown issuing AdminException ADMU3060E | ||
PI77303 | APC is taking a long time to issue a runtime task to start an application server | ||
PI77452 | AdminTask.setMaintenanceMode sets the wrong server when the node name is wrong | ||
PI78238 | Due to a timing issue, sometimes APC will lose server information and not make placements as a result | ||
PI78774 | On Demand Router routes request to web module mapped with less specific virtual host match | ||
PI79951 | IHS plugin with IM enabled does not set IM.ENABLED=TRUE cell custom property which is necessary for complete routing data | ||
PI79967 | ODR custom log does not observe DST | ||
PI80230 | Setting WebSphere configuration problems validation policy to high causes custoom action policy creation issue in admin console | ||
PI80862 | Dynamic cluster template does not persist change to modify log rotation from file size to a 24 hour period | ||
PI80972 | PAUSELISTENERS command issued using the process name instead of server shortname in edition control center | ||
PI81916 | Changes in custom health actions are not picked up when nodes automatically synch | ||
Java 2 Connectivity (J2C) | PI66697 | J2CA0041E exceptions may occur when ComponentMetaData instance is null in method GetObjectInstance | |
PI69995 | Incorrect exception message CWTE_NORMAL_J2CA1009 displayed instead of translated error message | ||
PI71092 | java.lang.UnsupportedOperationException when accessing tested data source | ||
PI72640 | java.lang.IllegalStateException is seen during database operations | ||
PI77612 | J2CA0045E ConnectionTimeout happens too often after upgrading to 8.5.5.11 | ||
Java Message Service (JMS) | PI59008 | The error CHFW0031E invalid call to WSByteBuffer method generated when stopping the server | |
PI67946 | Using pause_listeners_include_cra causes all activation specs to be resumed regardless of prior state | ||
PI69684 | Message processed by not_supported MDB listening in SR using bindings mode remains on destination | ||
PI70081 | When using AIO, performance issues can occur if a high number of open connections are opened on a pollset | ||
PI70810 | SNI hostname not being picked up correctly | ||
PI76539 | AdminTask.republishEDMessages fails due to insufficient or empty credentials | ||
PI77306 | Deadlock may occur when stopping listener port | ||
PI78738 | Loop while closing an SSL connection | ||
PI78975 | Increase the configurable limit of the maximum header field size | ||
PI80222 | Change default of EnabledBuildBackupList to be true | ||
Java Persistence API (JPA) | PI66193 | Memory leak in JPA persistence provider | |
JSP | PI69870 | IllegalAccessException on EL expression that processes isLast() of object referencing varStatus in JSTL for-each tag | |
PI73022 | JSP comments containing "%>" might throw a StringIndexOutOfBoundsException | ||
PI79800 | The JSP engine is not processing EL expressions correctly when they are in large blocks of character data | ||
Messaging Providers | PI71240 | SIB message deadlock after servant is restarted due to ABENDEC3 | |
Migration | PI75028 | WIM user registry not working after migration | |
PI75257 | LoginModules ordering issue on migration | ||
PI79041 | -requireEmbeddedDBMigration setting is not available on z based migrations | ||
PI80073 | WebSphere migrations to V855 give old sdk warnings | ||
Object Request Broker (ORB) | PI73950 | Issuing the PAUSELISTENERS command is causing some HTTP requests to fail | |
PI76979 | Timing window where timers are not calculated correctly | ||
PI77049 | Server is able to restart after ABENDDC3 RC 0A150001 when it should not | ||
PI79561 | Add a timer to abend servant at shutdown if there are stalled threads | ||
PD tools (for example: Log Analyzer) | PI66291 | IllegalArgumentException when enabling HPEL with text logging disabled | |
PI69131 | VMDUMP039I Processing dump event "GPF", please wait. During WebSphere servant region abnormal termination | ||
PI69845 | Deadlock when the Java logging framework logs a warning in com.ibm.ws.logging.WsLogConfigurator | ||
✓
|
PI70169 | Potential cross-site scripting in WebSphere Application Server Admin Console (CVE-2016-8934) | |
PI71530 | WsLogManager deadlock | ||
PI72211 | HPEL logging fails to export the trace from the log viewer if there are spaces or a space in the directory path | ||
PI73425 | Non-admin users cannot export HPEL logs when log format is set to basic/advanced | ||
PI73818 | Include interim fix install history for collector tool | ||
PI76878 | z/OS: LE ESTAE extension BBORLEXT update to suppress dumps for PGM checks of type PIC 7 / 0c7 with DXC code of x'00' / 0x00 | ||
PI78318 | HPEL message content filter is not working on multiline messages | ||
Plug-in | PI72525 | Plugin generation creates erroneous directories when implementing log rotation | |
PI73674 | com.ibm.websphere.PLG.zos.v85 fails to install | ||
PI74689 | Sun ONE Web Server uses ConnectTimeout for handshake and 100-continue | ||
PI74882 | Plugin should always present the ConnectionTTL property | ||
PI75603 | Plug-in LIBODR does not utilize all of the xml's SSL configuration | ||
PI76515 | Fix for GenPluginCfg to account for admin console's command assistance | ||
PI76835 | Connections between web server and client may remain open when using intelligent management | ||
PI77124 | Plugin does not persist custom ServerIOTimeout value to existing stream | ||
PI77181 | Plugin config lock is not released when dynamic cfg update is attempted which disables intelligent management | ||
PI77606 | Domino plugin fails on IBM i for V8.5.5 and higher | ||
PI79439 | IHS 9.0 / Apache 2.4 with intelligent management enabled does not work after a graceful restart | ||
PI79492 | Plugin is crashing because it cannot open the log file defined in its configuration | ||
PMI/Performance Tools | PI70346 | NullPointerException seen in nodeagent SystemErr.log during TPV performance monitoring startup | |
Portlet Container Environment | PI74986 | NullPointerException in portlet container method StringUtils .convertMapToString if tracing is enabled | |
Profile | PI67988 | PrintDebugInfo: /websphere/base/appserver/bin/zCreateProfile.sh 205 FSUM7351 not found | |
PI71878 | Manageprofiles command unable to select SSL protocol to use TLSV 1.2 or SSL_TLSV2 | ||
Programming Model Extensions (PME) | PI66837 | Indirect JNDI lookup failed with a NullPointerException in async bean code WSVR0600W | |
PI68743 | NullPointerException may occur in async bean code | ||
Runtime (zSeries®) | PI65226 | z/OS: hang in XMEM proxy code reading parameter from HTTP request body following multiple COMM failures | |
Runtime and Classloader | PI61238 | Failure to load class in project deployed from workspace | |
PI63856 | Thread pool reuses threads instead of dispatching to new threads | ||
PI65836 | Javacores continuously created on a hung thread | ||
PI68791 | NoClassDefFoundError when using shared library and BLA | ||
PI78941 | An application server may use an unexpected Java SDK after updating to SDK 8.0 | ||
Scheduler | PI74952 | Classloader leak caused by EJB timer thread | |
Security | PI66478 | Security code incorrectly calls JAXBPermission class | |
PI69664 | Data in dynacache may be overwritten when LTPA tokens of multiple requests expire at the same time | ||
PI69884 | CMS option is not shown in IKeyman pulldown list | ||
PI71849 | The Anonymousxxxxx directory of wstemp is stored by binaryAuditLogReader command is never deleted | ||
PI72003 | Unable to delete remotekeystore from administrative console due to CWPKI0039E | ||
PI73842 | Intermittently Java 2 security runtime thrown the warning message SECJ0314W during application startup | ||
PI73938 | Dynamic outbound endpoint SSL configuration does not pick up correct hostname and SSLConfig | ||
PI75196 | WebSphere JVM aborts when you try to stop the server with a non-existent user in local os registry in Linux Red Hat V7 | ||
PI76562 | The expirationMonitorNotificationPeriod is set to zero by default | ||
PI77129 | Request method might be changed from get to post while processing an invalid WASPostParam cookie | ||
PI79988 | Migration failure when SSL protocol is TLSV1.2 | ||
Session Initiation Protocol (SIP) Container | PI76983 | Wrong network interface being used for SIP signalling | |
PI79119 | With number.of.parse.errors.allowed set to -1, WebSphere drops well formed requests | ||
System Management/Repository | PI69590 | MetaDataCompleteForModules section is missing from the output of AdminTask.extractConfigProperties | |
PI71223 | When the clusters are started some applications show as stopped but they are running | ||
✓
|
PI73519 | Potential Denial of Service with SOAP connectors (CVE-2016-8919) | |
PI75160 | AdminTask.extractConfigProperties is failed with WASResourceException: java.util.NoSuchElementException | ||
PI77078 | CustomService configuration object created using property file based command cannot be viewed from console | ||
PI77601 | Wsadmin ExtractConfigProperties command triggers InvalidAttributeName error | ||
✓
|
PI79343 | WebSphere Application Server may have insecure file permissions (CVE-2017-1382) | |
PM69415 | Update needed to FFDC log when server stopped for a second time | ||
Transaction Service | PI53380 | WS-ReliableMessaging sequence may be misidentified as not existing | |
PI66462 | Transaction log column is too short and reports a SqlDataException | ||
PI69918 | Synchronization issue in the EBAClassLoader causes OSGI application startup to fail due to java.lang.LinkageError | ||
PI72028 | ActivityPendingExceptions are thrown in the event of a JAX-WS request timeout that propagates a WS-Business activity | ||
PI72179 | Transaction logging to RDBMS refinement for JDBC4.1 compliance | ||
PI72191 | Control region abend after BBOT0004E: RRS service ATRAFGT failed with return code 730 | ||
PI73221 | java.lang.stackOverflowError may occur in JAX-WS web service client when processing provider side WS-Policy | ||
PI73262 | ScheduledExecutorService implementation does not use correct time interval if not specified in TimeUnit.MILLISECONDS | ||
PI74356 | java.lang.illegalArgumentException: logger passed as argument to SetAttributes must be a named logger | ||
PI74862 | Update IBM WebSphere MQ JCA resource adapter to version 7.1.0.7 + APARs IT14385 and IT15559 | ||
PI75181 | Stackoverflow is caused by repeated calls to: ibm.wsdl.definitionImpl.getAllServices | ||
PI75985 | ClassCastException processing JAX-RPC request containing whitespace in WS-Coordination context | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI34058 | Web Service Client policy sets might not function correctly if Application Editions are in use | |
PI65042 | Part of content in an element is lost after invoking a web service | ||
PI70321 | Spurious WSSC1013E error logged by JAX-RPC web service | ||
PI72518 | Web services call failed with 500 (Internal Server Error) response and Content-Length 0 | ||
PI73343 | Web project with @WebServiceRef does not generate ibm-webservicesclient-bnd during deployment | ||
PI74335 | WSWS3396E handler error: protected state violation | ||
PI76816 | Message WASX7008E incorrectly reported a flawed integer port | ||
PI79863 | Different prefixes are used for the same namespace url | ||
PI80922 | Issues with responseWrapper after PI60666 |
Web Services Security | PI69720 | CWWSS7542E error in web services security SAML can be misleading | |
PI70402 | SAML Web SSO OutOfMemory in KeyStoreManager | ||
PI73318 | Unique Cookie Names in WebSphere Application Server Traditional OIDC RP can accumulate on the browser | ||
✓
|
PI74857 | Privilege escalation in full profile OIDC RP (CVE-2017-1151) | |
PI75095 | OIDC ClassCastException java.util.ArrayList | ||
PI76017 | JAX-WS WS-Security Error CWWSS5634E with relative URI | ||
PI78336 | WebSphere Application Server OpenID connect Relying Party jndiCacheName Property does not work | ||
PI80317 | OpenID Connect (OIDC) Relying Party(RP) may store incorrect data in DynaCache | ||
WebSphere Common Configuration Model (WCCM) | PI64475 | Incomplete metadata obtained for JavaEE modules when multiple resources are used | |
PI65464 | High CPU utilitization may occur when copying business objects | ||
PI70110 | EJB jar metadata TransactionAttribute may be incorrect | ||
PI71928 | EJB injection failing for some EJBs inside JSF backing beans | ||
PI72163 | Deployment manager crashes with OOM when application is deployed | ||
PI76106 | @Resource annotation loses shareable and AuthenticationType attributes | ||
PI76439 | Application client module created when empty "main-class:" found in manifest.mf of jar | ||
PI78493 | Servlet container initialization can fail on server created from template | ||
PI81911 | NullPointerException might occur if WTP trace turned on | ||
z/OS | PI69959 | BBO# should allow for a transid to be included on CICS link command | |
PI78153 | OTMA client timeout cannot be configured for WOLA |
Fix Pack 8.5.5.11
|
|
---|---|
Fix release date: 23 December 2016 Last modified: 23 December 2016 Status: Superseded Download Fix Pack 8.5.5.11 |
Component
|
Security APAR
|
APAR
|
Description
|
---|---|---|---|
Administrative Console (all non-scripting) | PI60292 | The admin script offered after creating a MailSession via the administrative console is incomplete | |
PI65059 | Administrative console servlet exception in user and groups administrative group roles | ||
✓
|
WebSphere Application Server is affected by Apache Struts vulnerability (cve-2016-3092) | ||
PI65602 | SRVE0278E - Missing ibm-web-ext.xmi in iehs.war | ||
PI65924 | Pipe "|" symbol cannot be used for external provider URL when configuring a 3rd party JMS provider. | ||
PI66439 | Session management bread crumb incorrect | ||
Contexts and Dependency Injection (CDI) | PI42311 | EJB interceptors not called intermittently | |
PI51620 | NullPointerException when doing injection with com.ibm.ws.cdi.immediate.ejb.start set to true | ||
PI55406 | IllegalAccessException occurs when multiple users access. | ||
PI58561 | WebBeans referencing classloader causing memory leak. | ||
PI58669 | CDI javax.decorator.decorator annotation not working as expected | ||
PI59487 | OutOfMemory error due to view scoped beans not being garbage collected | ||
PI60228 | CDI injection not working after application restart | ||
PI61034 | Classloader leak in ScannerServiceImpl | ||
PI61397 | Ensure application scoped context is initalized properly and active during bean preDestroy | ||
PI62583 | IllegalArgumentException in CreationalContextImpl only when trace is enabled | ||
PI63475 | NullPointerException in CDI | ||
PI64231 | Classloader leak in JcdiComponentImpl. | ||
PI64266 | Memory leak detector producing false positive reports | ||
PI64374 | Race condition with session scoped contexts | ||
PI68889 | Startup bean initialization failure is ignored when CDI is active | ||
PI69193 | ContextNotActiveException in SessionScoped bean preDestroy() | ||
Default Messaging Component | PI31587 | Service integration bus messaging engine fails to start if DB2 version is higher than 10.1 | |
PI64827 | JMSDestination header field is missing for the MQ inbound messages which don't have destination header information | ||
Dynamic Cache | PI62769 | Disk off-load is turned off if app invokes the clearMemory API | |
PI68741 | HTTP status code 200 is returned to a client when the servlet or JSP throws an exception | ||
EJB Container | PI60567 | New system property to configure the EJB pool wait timeout | |
PI62639 | NullPointerException in CDIEJBManagedObjectFactoryImpl.getEjbDescriptor when creating EJB instance to pre-load the bean pool | ||
EJBDeploy (WSAD) | PI71611 | EJBDeploy operation fails with java.lang.NoClassdefFoundError exception | |
Enterprise Edition (EE) | PI67707 | Inherited methods are ignored in the XLXP2 unmarshaller when scanning JAXB class for before/after events | |
General | PI54362 | Session manager error messages SESN0202E and SESN0201E need more details | |
PI56589 | User or group mapping to a security role fails for EBA application if it belongs to a user registry configured in security domain | ||
PI58666 | JobScheduler in WebSphere Batch fails to start with CWLRB6261E | ||
PI60843 | Message "CWSIS1577E: The persistent dispatcher cannot accept work" needs improvement | ||
PI60850 | CWSIS1578E message content should be more meaningful regarding why spill dispatcher cannot accept work | ||
PI62655 | SQLFeatureNotSupportedException may occur when Oracle native SQL statements are used | ||
PI62976 | Controller region abends with 0C4-11. | ||
PI63329 | The EJBDeploy component adds functionality to work with an alternate JDK for Portal users. | ||
PI63536 | AdminAgent login: com.ibm.wsspi.IPluginRegistryFactory getPluginRegistry error getting registry | ||
PI64084 | Microsoft Windows start menu items are confusing when multiple profiles created | ||
PI64288 | ClassNotFoundException occurred when executing LaunchClient script with web service application. | ||
PI64662 | When application server and nodeagent restart, bundle cache is re-expanded | ||
PI65021 | Rollback Batik library to 1.6.1 because it breaks Intelligent Management charting | ||
PI65190 | Modifying a copied tree causes corruption in the original tree | ||
PI65760 | Map users or groups not showing available users on the first time the page loads. | ||
✓
|
PI65815 | Apache Commons FileUpload Vulnerability (CVE-2016-3092) | |
✓
|
PI65853 | WebSphere Application Server Web Container affected by Apache Struts vulnerability (CVE-2016-3092) | |
PI65857 | Modify the default for the maximum number of headers | ||
PI66463 | Error on OTMA_open call, RC = 8, RSN codes = 100 : 8 : 24 : 2 after upgrade from 8.5.5.7 to #9 | ||
PI67166 | EJBDeploy component fix for Portal customers | ||
PI67571 | HMGR0130I message needs more information about JVM termination | ||
PI67633 | Multiple server applications are added to the virtual cluster list | ||
PI67671 | Application Placement Controller (APC) hangs and JVMs are not starting after minimum cluster violation | ||
PI68110 | Incorrect logging by ModuleLocatorClassAdapter | ||
PI68142 | HPEL reader throws NullPointerException error while given invalid java log level | ||
PI68357 | Add messages for hot deployment events. | ||
PI68755 | Remote migration jar needs message about incompatible JDK | ||
PI68911 | NullPointerException in com.ibm.ejs.ras.Tr.formatObj using trace in thin client | ||
PI68930 | JavaMail garbled if charset is ISO-2022-JP and the body ends with DBCS | ||
PI69052 | logViewer -includeExtensions component command gets "Pattern cannot be null" | ||
PI69325 | OAuth emits NullPointerException when no state parameter in request | ||
PI69332 | The "serialize session access" option may not work correctly | ||
PI70026 | Can not configure Compute Grid job scheduler using default Derby datasource | ||
PI70358 | Every SystemErr log record line is ending with a "null", with High Performance Extensible Logging (HPEL) enabled. | ||
PI70371 | Ampersand character within an entity reference is no longer escaped by XCI component | ||
PI70841 | OpenJPAs ConfigurationImpl.loadGlobals() has java.util.ConcurrentModificationException | ||
PI71044 | java.lang.IllegalArgumentException: Illegal decimalType. From commonData.GetExternalBytecounts | ||
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server. | |
IBM i | PI63504 | Remove message CPF9E17 when running WebSphere Application Server on IBM i. | |
Install | PI64328 | Files in the <was_install>/properties folder are being overwritten when fix packs are installed | |
PI69529 | Turn off APAR regression warning when updating optional Java offering, using IBM Installation Manager. | ||
PI72143 | Display Java 6 end of service warning during fix pack update | ||
Intelligent Management Component | PI57206 | ODRLIB returned partial routing data from the ODC rest service, resulting in 404s | |
PI63373 | Unable to add a remote cell for Intelligent Management for web servers | ||
PI65363 | HeapDetect code is failing to determine the maximum heap size | ||
PI66664 | Application edition validation with inconsistent policies breaks affinity on the default edition | ||
PI66698 | Hang with high CPU occurs during rollout in certain situations | ||
PI68011 | Slow Deployment Manager start-up due to annotation scanning when several EJB modules have been deployed to the cell | ||
PI68090 | If SERVER_LOG_ROOT variable is not set, a CWPTF0002W warning message is reported in the SystemOut.log | ||
PI68582 | Health controller cycle length is not being honored | ||
PI69939 | Dynamic Routing stops working when the collective controller becomes stopped or unavailable | ||
Java 2 Connectivity (J2C) | PI61635 | Activation Specification Config ID's are getting mapped to the same ID while making any changes to the existing application | |
PI65595 | InstanceNotFoundException occurs when stopping an application hosting message endpoints | ||
PI67203 | java.lang.NoClassDefFoundError: com.ibm.ws.jdbc.jcc.DB2Statement | ||
PI69122 | J2C pretest being used despite FailingConnectionOnly option | ||
Java Message Service (JMS) | PI58640 | Exception WSCL0912E : Component could not be initialized running launchClient on Microsoft Windows. | |
PI61894 | An MDB app fails to start on activation error, but the activation spec starts and tries to consume messages | ||
PI63193 | SRVE8094W happens even if invokeFlushAfterServiceForStaticFile=false | ||
PI66925 | Update CWMSR0063E message to clearly state it is only applicable to WMQ | ||
PI70191 | Update IBM WebSphere MQ JCA resource adapter to version 7.1.0.7 + APAR IT15559 | ||
PI70332 | System property to enable SSL Channel timeoutValueInSSLClosingHandshake property | ||
Java Persistence API (JPA) | PI58114 | ClassCastException when an equals comparison query is run on an entity with a composite @EmbeddedId | |
PI65593 | The database schema name cannot be configured with openjpa.jdbc.SchemaFactory | ||
PI66770 | JPA returns incorrect results when using a native query and @SqlResultSetMapping | ||
PI67790 | java.lang.ClassCastException using JPA | ||
JavaServer MyFaces (JSF) Apache MyFaces implementation | PI63633 | Thread-safety issue in the underlying (Apache) JSF 2.0 code causes webcontainer threads to hang | |
JSP | PI63554 | HTTP error code: 500 after requesting a JSP page that statically imports more than one file from the same web fragment. | |
PI65333 | A JSP error "Unresolved compilation problem" is thrown during runtime | ||
PI66266 | JSP engine cannot compile with Java V8 | ||
PI66271 | When using c:import to import a file that does not exist, an error 500 is received | ||
PI67257 | An escaped EL expression is being evaluated if an escaped dollar sign precedes the former expression | ||
Messaging Providers | PI60131 | Unavoidable clash detected in bus link | |
Migration | PI68035 | Remote migration changing hostname variables of IPC connector and NODE_IPV6 endpoints | |
Object Request Broker (ORB) | PI63926 | Crash in SMF code BBOODSAB.PLX on first server startup after an IPL. | |
PD tools (for example: Log Analyzer) | PI63045 | Unable to change log level | |
PI63178 | Hung threads or infinite loop on startup in WeakHashMap.getEntry | ||
PI66579 | Deadlock due to frequent log rotation | ||
Plug-in | PI63576 | Crash on Microsoft Internet Information Services web server plugin module | |
PI65153 | HTTP IM Plugin doesn't have visibility to RemoveSpecialHeaders property | ||
PI65396 | IHS crash in free call when using Intelligent Management | ||
PI66812 | Plugin for IIS does not initialize correctly | ||
PI67230 | z/OS set_attributes doesn't set a & p attributes for mod_was_ap24_http.so . | ||
PMI/Performance Tools | PI60858 | NullPointerExceptions on NodeAgent when starting TPVLogging via wsadim for 2 different servers at the same time | |
PI61355 | NullPointerException on nodeAgent when starting TPV Logging for any server in deployment manager. | ||
PI67607 | Tivoli Performance Viewer does not sum the ConcurrentHungThreadCount | ||
PI70075 | The PMI counters URIRequestCount, URIConcurrentRequests, URIServiceTime were disabled after starting server. | ||
Profile | PI66897 | Customization temporary directory cannot be shared | |
PI69447 | Profile creation accepts -enableAdminSecurity True (should be true) which leads to subsequent config action(s) failing | ||
Programming Model Extensions (PME) | PI65037 | java.lang.IllegalArgumentException: threadpool name already defined | |
Proxy Server | PI60985 | Add a custom property that will always clear the cache regardless of its state | |
Runtime (zSeries®) | PI63822 | ABEND SEC3,RSN=0406002C does not terminate a WebSphere node agent | |
PI65437 | Servant region abends with ABEND430/ABENDS430 and reason 02390815 during process signal handling | ||
Runtime and Classloader | PI54461 | Application server process uses wrong hostname to communicate status to node agent | |
PI55574 | Handlers start in incorrect order when provisioning is enabled | ||
PI58591 | Deadlock on startup between two server.startup threads | ||
PI62090 | Classloader leak problems | ||
PI63963 | Rollout of an application edition may fail with error WPVR0011E due to condition WPVR0041W | ||
Security | PI58172 | SSLException error occurred when having a "#" in the keystore or truststore filepath. | |
PI61077 | Limitation of wsadmin API AdminTask AdminTask.exportSAMLSpMetadata | ||
PI62070 | Full chain created in PKCS12 but not for JKS key store | ||
✓
|
PI62375 | Potential code execution vulnerablity in WebSphere Application Server (CVE-2016-5983) | |
PI62619 | SAML Web SSO AdminTask command importSAMLIdpMetadata fails | ||
PI63726 | Custom Kerberos login module for identity mapping | ||
PI63989 | Security auditing enabled log in calls via wsadmin are not being logged when using SECURITY_AUTHN | ||
PI65120 | NullPointerException from AdminTask.getInheritedSSLConfig command | ||
PI66137 | NullPointerException found in logs when creating the security server. | ||
PI68115 | Remove 3DES ciphers from default cipher list | ||
PI69042 | Security crypto jar failed with "not signed by a trusted signer" error after upgrade | ||
PI69518 | Group search fails with a ClassCastException after upgrade to 8.5.5.10 | ||
PI69815 | NullPointerException when printing error in WSX509TrustManager | ||
PI70737 | Unnecessary setCookie header might be set after applying interim fixes for pi62375. | ||
Servlet Engine/Web Container | PI58875 | Application is started even though there has been a listener exception during application start up | |
PI61651 | An uncaught exception in javax.servlet.AsyncListener.onComplete() might cause threads to hang | ||
PI62068 | Remove Struts from WebSphere Application Serve | ||
✓
|
PI67093 | Information disclosure in IBM WebSphere Application Server CVE-2016-5986 | |
PI67942 | javax.servlet.HttpServletRequest.getRequestURI() might return a decoded value after dispatching | ||
PI68061 | Option to display customized text for some server errors | ||
PI70493 | Unhelpful message: uncaught.init.exception.thrown.by.servlet, logged when exception thrown during servlet initialization | ||
Session Initiation Protocol (SIP) Container | PI62617 | The SIP container does not support etOutboundInterface() for Proxy and ProxyBranch interfaces | |
System Management Configuration | PI64222 | Too many open files exception on property file causing uninstallation of apps deployed by monitored directory | |
System Management/Repository | PI63461 | AuditServiceProvider and AuditEventFactory settings are overwritten by PFBCT | |
PI64069 | Application upload fails with java.net.SocketException: Invalid argument | ||
PI64685 | providerType is null or missing in configuration when JDBCProvider is created using properties file. | ||
PI67746 | AdminApp.isAppReady() cannot retrieve the correct application distribution status in an AdminAgent environment | ||
Transaction Service | PI45254 | Collect more serviceability data for transaction log service | |
PI62603 | BBOT0004E: RRS SERVICE ATRBACK FAILED WITH RETURN CODE=731 occurs with request in a local transaction | ||
PI65127 | Deadlock issue when transaction service logs stored in a database and transactional high availability is configured | ||
PI68664 | Record-level sharing (RLS) is miscalculating the amount of data to be written to partner logs | ||
PI69183 | APAR PI18414 may result in the recovery log service using incorrect sequence numbers. | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI54081 | AdminApp.isAppReady and AdminApp.getDeployStatus show incorrect result after app expansion failure | |
PI56058 | JAX-WS throws XMLStreamException upon an SML-SOAP message write attempt | ||
PI58461 | WSWS1002E when no matched value returned from servletImplName object from the servletClassMapping hashmap | ||
PI60284 | Accept header for SOAPOverHttps is not compatible with all webservice implementations | ||
PI60666 | @XmlJavaTypeAdapter annotation failed to work | ||
PI60791 | AxisDescription objects might consume excessive memory | ||
PI63025 | Repeatedly attempting to start an application that will not start might cause a memory leak | ||
PI64053 | WSWS7054E is thrown when deploying a JAX-WS web service application | ||
PI65925 | A JAX-WS web service client does not honor an HTTP 307 redirect received from a web service provider. | ||
✓
|
PI66557 | Information disclosure with malformed SOAP requests | |
PI67688 | RuntimeException: Internal error | ||
Web Services Security | PI57565 | WS-Security does not emit TokenType on reference to SAML token | |
PI63906 | WebTrustAssociationFailedException thrown by the OpenID Connect Relying Party during authorization | ||
PI64924 | OpenID Connect RP cannot locate key in JWK set | ||
PI65466 | OpenID Connect ear and py files and the OpenID py file are missing from IBM Embedded WebSphere Application Server | ||
PI65751 | The interceptedPathFilter OIDC custom property should not be required | ||
PI66128 | SAML Web SSO may reject requests when proxy is in use | ||
WebSphere Common Configuration Model (WCCM) | PI60902 | Annotation processing fails with runtime exception | |
PI63177 | Slow application update for web modules which have many web-inf/lib jars |
Fix Pack 8.5.5.10
|
|
---|---|
Fix release date: 15 August 2016 Last modified: 15 August 2016 Status: Superseded Download Fix Pack 8.5.5.10 |
Component
|
Security APAR
|
APAR
|
Description
|
---|---|---|---|
Administrative Console (all non-scripting) | PI52255 | Change the administrative console error message displays | |
PI53221 | Any update to a WMQ Connection Factory via the Admin Console will delete its default component-managed authentication alias | ||
PI54150 | Add functionality to allow users to perform ldapSearch function from the administrative console | ||
PI54179 | Failure to assign a unique port value to a newly created cluster member | ||
PI56391 | The please wait icon does not display on the admin screen when an application is uploading | ||
✓
|
PI56917 | Information Disclosure in WebSphere Application Server Admin Console (CVE-2016-0377) | |
PI57111 | When the application path is incorrect, it leads to incorrect application status on the Administrative Console | ||
PI58615 | Web services client security bindings configuration not saving changes | ||
PI58743 | Administrative console login page picture overlapping on username and password fields | ||
PI59552 | Application update corrupted deployment.xml with incorrect appcfg: ApplicationConfig reference | ||
PI60805 | Update the flags on the CSRF token cookie | ||
PI60959 | Change in DN name of the certificate if it has special characters in the name | ||
PI60992 | Unable to change maximum headers value in templates from admininstrative console | ||
PI61246 | Unable to edit resource adapter custom properties | ||
PI62111 | Console displays blank page when "view or download the current web server plug-in configuration file" clicked using Chrome | ||
PI62458 | Console is slow when using fine grained authorization. | ||
✓
|
PI64303 | Vulnerabilities in Apache Struts affects WebSphere Application Server (CVE-2016-1181, CVE-2016-1182) | |
Administrative Scripting Tools (for example: wsadmin or ANT) | PI56887 | Wsadmin loades all jars under the path if the path name contains "admin" or "runtime" | |
Classloader | PI52661 | Stopping an application while using a single shared class loader causes an ArrayIndexOutOfBoundsException | |
Default Messaging Component | PI53301 | Delay observed when consuming messages from a V8.5.5 SIB destination | |
PI56146 | when the message load is heavy, some of the messages move to the exception destination with CWSIK0035E error | ||
PI57059 | NullPointerException when XCT tracing is enabled and sending a javax.jms.MapMessage with its value set as null | ||
EJB Container | PI50798 | Custom property to avoid checking timer service database if server contains only non-persistent timer applications | |
PI60135 | Custom property to avoid checking timer service database if server contains only non-persistent timer applications | ||
Enterprise Edition (EE) | PI57463 | OutOfMemory generated with 64k "com.ibm.xml.xlxp2.scan.util.DataBuffer" objects | |
Federated Repositories | PI53848 | User login failed with automatic discovery of LDAP servers at runtime in VMM | |
PI54592 | getIdMgrLDAPServer CLI shows bind password in encrypted format | ||
General | PI36921 | A timing issue causes APC to see incorrect value of proactiveIdleStop property, resulting in violation of minimum instances | |
PI40062 | Application does not start during server start but then starts from console | ||
PI46156 | ICH408I as the servant userid attempts to create and delete the oauth20 directory | ||
PI46318 | WOLA serviceability enhancements | ||
PI46546 | Additional debug statements needs to be included for SAML. | ||
PI46801 | Ampersand '&' within an entity is escaped unnecessarily in XML | ||
PI47003 | Modification/deletion of a job class causes all job classes to be cleared from memory if SCH/endpoint are on the same server | ||
PI47334 | CDI interceptor not triggered for MDB (onMessage) | ||
PI48360 | More diagnostics required when relaystate is invalid in SAMLResponse | ||
PI48614 | NullPointerExceptions from CDI code | ||
PI48714 | Compute Grid/Batch workload balancing not working as expected | ||
PI49306 | zWAS: Batch job using WOLA service hung after server recycle | ||
PI49810 | Application fails to start after rolling update due to hung MessageReferenceHandler thread | ||
PI50137 | The WebSphere session management database uses the LONG VARCHAR attribute which is not supported in DB2 | ||
PI50714 | Program error in the annotation merge code | ||
PI50904 | Invalid URL request values need more specific details in the exception produced | ||
PI51435 | Port conflicts are possible when two cells are installed on the same host | ||
PI52244 | SAML response information might display in browser. | ||
PI52428 | UnsupportedOperationException thrown when trying to inject an InjectionPoint | ||
PI52434 | In a clustered was environment with M2M session replication, non-serialized session access can cause NullPointerException | ||
PI52604 | OpenID Connect SSO with active directory fails with 403 Forbidden | ||
PI52613 | SAML SP-initiated Web SSO requires DynaCache or frontend affinity | ||
PI52898 | The commonj.work.workmanager class will not complile with JDK 1.7 | ||
PI53222 | Admin client gets security exception when running file transfer commands in HA Dmgr setup when security enabled | ||
PI53321 | Using WOLA with CICS version 5.3 causes BBOX abend | ||
PI53538 | WOLA IMS multi-segment message support is not working when trying to increase segment or message size | ||
PI54086 | Request fails if insufficient memory to cache | ||
PI54362 | Session manager error messages SESN0202E and SESN0201E need more details | ||
PI54621 | If the JMS resource adapter is used for JBoss for subscribtion to a topic in WSAS, the messages are not consumed in JBoss | ||
PI54811 | When querying a UDDI Registry that contains a large data set an E_resultSetTooLarge error may occur | ||
PI54872 | Compute Grid purge utility CleanUpCIEar.ear is failing with ClassNotFoundException | ||
PI54881 | Threads being allocated to access an MDB that has already reached max sessions | ||
PI54961 | Extra information in trace file | ||
PI55413 | CICS BBO (WebSphere) link server abends with WRITEQ TSQ BBO* error eibresp: 16 eibresp2: 0 | ||
PI55545 | Attempting to replace an existing list of a DataObject results in NullPointerException within the XCI component | ||
PI55697 | OpenID Connect Relying Party: No entry in cache for stateid | ||
PI55889 | JPA merge fails with foreign key constraint error | ||
PI56000 | Exception logged with EJBQuery 2.0 | ||
PI56020 | IBM HTTP Server server-status with ?auto query string gives incorrect format of output | ||
PI56187 | False error seen in plugin log when using rotatelogs functionality | ||
PI56253 | Plug-in not handling ServerIOTimeout correcty to mark down a server when ESI caching is enabled | ||
PI56331 | May not be able to access web page protected with OpenID Connect after initial logon | ||
PI56584 | Unable to select SSL Protocol TLSv 1.0, TLS 1.1, or TLS 1.2 for the web server plugin | ||
✓
|
PI56811 | Potential security vulnerability in IBM WebSphere Application Server (CVE-2015-0254) | |
PI56924 | Non-posix launchWsadminListener.sh causing problems on Ubuntu | ||
PI56928 | The manageprofiles -profilePath related error messages need additional information to help debug profile path errors | ||
PI57180 | Update plugin-config.xsd with latest V8.5.5 properties | ||
PI57186 | With elasticity enabled APC does not add additional node(s) when memory overload protection (MOP) is triggered | ||
PI57228 | The HTTP Channel will consume additional memory, in specific circumstances, when processing inbound data | ||
PI57239 | Error when multiple threads attempt to authenticate to Mongo at the same time | ||
PI57402 | The & part of a character entity is escaped twice | ||
PI57465 | OIDC: remove session cookie after logout | ||
PI57905 | Using the JSP Batch Compiler to compile JSP files that contain warnings causes incorrect behavior of -compileAfterFailure | ||
PI58029 | Classloader leak associated with PCRegistry | ||
PI58166 | Small timing window causes a deadlock when the APC.predictor custom property is changed | ||
PI58223 | dspwasinst hang on a long running application server job | ||
PI58226 | GB18030 IHS deploy failure | ||
PI58275 | ERROR: Error accessing safkeyring:///KEYRING A component of path does not name an existing file or path is an empty string | ||
PI58337 | Batch job fails with could not open file, not found or could not be formatted | ||
PI58376 | Cannot run workclassoperations.py script | ||
PI58509 | DuplicateKeyException after migrating from WebSphere Compute Grid V8.0 to WebSphere Application Sever V8.5 | ||
PI58594 | ODR returns 503s after application edition rollout when node based ARFM is selected | ||
PI58853 | Big Installation Manager history.xml file causes out of memory | ||
PI58862 | ODRSESSION cookie should match JESSIONID cookie | ||
PI59131 | NoSuchMethodException is thrown when attempting to generate Java class from WSDL file | ||
PI59309 | UpdateSymlinks.sh script may not report an error if a directory exists when it tries to create a symbolic link | ||
PI59568 | Plugin sockets not closed when using web sockets | ||
PI59831 | Support for using local x509 public certificate for signature verification on OIDC | ||
PI59912 | Add ability to move messages from exception destination to the original destination via wsadmin | ||
PI59923 | WebSphere Load Balancer site selector and content based routing problems | ||
PI59999 | JPA custom plugins can cause classloader leaks. | ||
PI60049 | Error WSVR0100W is not providing enough information about why the server fails to start | ||
PI60058 | Trim white space from ssl.client.props propertie values to prevent errors | ||
PI60064 | Support customized error page in SAML TAI | ||
PI60302 | Startup scripts need to be included in collector output | ||
PI60355 | OAuth2 provider expired tokens are never removed when database is incompatible with its SQL queries | ||
PI60398 | Message CWPKI0045E is not displaying properly | ||
PI60462 | XQuery function fn:current-dateTime returns a value with less accuracy than required by the standard | ||
PI60545 | Gather and report minimal data for a web UI login and logout with audit | ||
PI61331 | Add host header to LB HTTP Advisor | ||
PI61488 | An application restart could cause an application classloader leak when using Bean Validation | ||
PI61636 | IllegalArgumentException when creating an ODR object | ||
PI61934 | runConfigActions fails but returns exit code 0 | ||
PI61998 | The JSSE is not getting initialized to enable FIPs when using Java 8 | ||
PI62148 | Expose APIs to retrieve tokens from runAs subject | ||
PI62166 | Portal requires adding VMM realms dynamically in cWAS | ||
PI62425 | setupSdk.sh has #!/usr/bin/qsh on Linux | ||
PI63141 | A null pointer exception is encountered when attempting to service a request through the Java ODR causing the request to fail | ||
PI63329 | EJBDeploy support to specify a different JDK than the one being used by Application Server | ||
PI63560 | JVM crash on Microsoft Windows while invoking ProcessCPU | ||
PI63586 | The application placement controller cannot start or stop the server instances in the point cell in the multiple cell topology. | ||
PI64238 | Centralized Installation Manager failed to install IBM Installatiaon Manager on Linux PPC64LE | ||
PI64573 | A 403 Error may occur when using the OIDC RP | ||
PI64645 | setupDefaultSDK fails after upgrade to IBM i R730 | ||
PI64981 | Add a property for JAXB-937 fixes | ||
PI65649 | RenameCell doesn't update some Extreme Scale Domains and health policy targets | ||
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server. | |
Install | PI61710 | Enable V8.5.5 offerings to support 64-bit Installation Manager on zLinux | |
Java 2 Connectivity (J2C) | PI54850 | Unable to remove the default search query for connections validation properties on the console | |
PI56277 | Some "advanced connection pool properties" are not honored at runtime | ||
PI61989 | Optimize connection pool behavior when the free pool distribution table size is set to one | ||
Java Message Service (JMS) | PI51122 | Webcontainer intermittently generates a 500 error with StringIndexOutOfBoundsException | |
PI52696 | WebSphere Application Server proxy - Too many open files | ||
PI54578 | NCSA logging in deployment manager is not working. | ||
PI57327 | Missing session attributes with Oracle 12 as database session persistence when multi-row configuration is enabled | ||
PI57869 | When using binding mode and MQ goes down, listener keeps trying to reconnect regardless of retry count settings | ||
PI58883 | "%{r}w" in accessLogFormat is printing string "%{r}w" instead of the time value | ||
✓
|
PI58918 | Response Splitting Vulnerability using a specific API CVE-2016-0359 | |
PI59158 | NullPointerException in InboundProtocolLink.close causes control region abend with REASON=C9C21236 | ||
PI59509 | SSLC0008E SSLHandshake exception after turning off TLSv1 protocol | ||
PI59687 | Some JMSExceptions related to Queue Manager connection errors are misidentified and connection cleanup does not occur | ||
Java SDK | PI60837 | A StackOverflowError can occur when evaluating EL expressions | |
JNDI/Naming | PI60053 | Not able to disable name server cache for Corba object URLs | |
JSP | PI52135 | File descriptor leak when using Wsadmin to deploy and precompile applications with JAR files at EAR level | |
PI61073 | Deploying an application "Precompile JavaServer Pages files" box checked might fail with a java.lang.NullPointerException | ||
Migration | PI55136 | WASPreUpgrade java.io.IOException when variable has ":" and -machineChange is set to true | |
PI56559 | Change in the order of login modules in security.xml after running the migration scripts | ||
PI58430 | After migration the NodeAgent server throws an exception because it is missing the XDAGENT_PORT endpoint | ||
Object Request Broker (ORB) | PI51932 | SMF type 120 subtype 9 records may report the completion minor code (SMF1209CJ) in in little-endian format | |
PI59076 | S0C4-38 abend from out of a JVM method | ||
PD tools (for example: Log Analyzer) | PI55683 | collector.sh failing on z/OS | |
PI57134 | Files in the <was_install>/properties folder are being overwritten when fix packs are installed | ||
PI57860 | After upgrading java version, header information out of order in SystemOut.log | ||
PI61029 | NullPointerException in MultipleCriteriaFilter when retrieving logs with HPEL | ||
PI61135 | StackOverflow caused by SLF4J infinite lookup. | ||
Plug-in | PI55092 | Plugin generation for a mixed environment can't generate the necessary property | |
PI63490 | Plugin's build version information reported in the log has 8.5.0 when it should be 8.5.5. | ||
PMI/Performance Tools | PI62283 | NullPointerException in PMI class ModuleItem | |
Runtime | PI40095 | Emit messages recommending web container threadpool adjustment | |
PI48280 | IWAE0006E during application server startup | ||
Security | PI50599 | SSL CSR being sent to SSL clients after restarting WebSphere | |
PI52179 | Add SAML web inbound TAI support | ||
PI52860 | In console "Administrative User Groups" panel, group search does not show any hits but there are valid groups | ||
PI53397 | Outbound SSL with two-way SSL handshake fails because WebsShere does not send client certificate to SSL server | ||
PI53493 | Local OS registry cannot get members in group which contains a lot of members | ||
PI54477 | Add ability to disable logging of SECJ0371W Expired LTPA token messages | ||
PI54809 | The "com.ibm.websphere.security.spnego.useRACMAPMappingToSAF" property is not displayed correctly in the console | ||
PI54960 | Provide property to set java security algorithm related properties | ||
PI55025 | com.ibm.websphere.security.auth.WSLoginFailedException: The user is from a foreign realm and this foreign realm is not trusted | ||
PI55440 | Extra information is in the FFDC log files | ||
PI56086 | HMGR0149E exception: The received token starts with null | ||
✓
|
PI56190 | Potential security vulnerability in WebSphere Application Server if FIPS140-2 is enabled (CVE-2016-0306) | |
PI56877 | NumberFormatException in CSIv2ConfigImpl getInteger() getting properties from com.ibm.CORBA.loginSource sas.client.props | ||
PI57641 | Memory leak was detected when stopping an application | ||
PI58717 | Unexpected GPF exception BOSSNAP | ||
PI61650 | IllegalArgumentException is logged while processing RSAToken | ||
PI61695 | NullPointerException for wasadmin AdminTask.mapUsersToNamingRole | ||
Servlet Engine/Web Container | PI56833 | WebContainer is setting the Content-Language | |
PI57516 | A NullPointerException may occur during application deployment | ||
PI57951 | Line feed code disappears when data is uploaded with enctype="multipart/form-data" in an HTML form | ||
PI58920 | Dispatcher type obtained from HttpServletRequest is not updated on post processes | ||
PI60797 | Change transport methods for form login | ||
PI61594 | AsyncContext.dispatch() might dispatch to an incorrect URI if using different versions of ServletRequest.startAsync() | ||
PI61628 | A 404 error might be generated when using redirectToWelcomeFile | ||
Session Initiation Protocol (SIP) Container | PI51393 | Issues with mixed IPv4/IPv6 SIP support | |
PI54003 | Leak caused by new ProxyBranch created from response | ||
PI54646 | Unable to obtain SipURIs of available outbound interface | ||
PI54666 | NullPointerException when using IPv4/IPv6 loopback addresses | ||
PI56387 | SIP container incorrectly combines multiple SIP Supported headers | ||
PI60893 | Deadlock caused by SIP Subscribe | ||
✓
|
PI61548 | Potential Denial of Service in WebSphere Application Server if using SIP services (CVE-2016-2960) | |
Sessions and Session Management | PI53170 | Classloader leak causes OutOfMemoryError when applications repeatedly restarted with restarting Application Server | |
✓
|
PI60026 | Bypass security restrictions in WebSphere Application Server (CVE-2016-0385) | |
System Management/Repository | PI56357 | Error message ADMR0104E updated to include full path name | |
PI56966 | There is no message logged by the NodeAgent when a server is terminated | ||
Transaction Service | PI53996 | Memory leak can occur in a static HashMap in class com.ibm.ws.cscope.CScopeSubordImpl | |
PI54552 | WOLA BBOA1INV abend RC8 reason 44 | ||
PI61057 | WTRN0112E errors when running standalone application using the Embeddable EJB container | ||
PI61081 | J2CA0030E occurs due to DSRA9350E: Operation Connection.commit is not allowed during a global transaction | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI50801 | With multiple overriddenEndpointURI values specified, only the last value is used | |
PI54325 | Memory leak with sourceParent.replaceChild | ||
PI55656 | java.lang.IllegalArgumentException JsonMappingException when using Apache Wink | ||
PI56581 | Signature in propagated SAML token may not be valid due to added namespace declarations | ||
PI60370 | During an installation of webservice application, ADMA0078W might happen. | ||
PI63175 | Upgrade to V8.5.5.9 generates a WSDL ClassCastException | ||
Web Services Security | PI56377 | Signature in propagated SAML token may not be valid due to added namespace declarations | |
PI56669 | TheJAX-RPC UsernameToken consumer cannot be forced to login | ||
PI58160 | Add new client and provider general bindings with SHA256 | ||
PI58900 | CWSML7011E exception occurs when a SAML Assertion contains a SAML 2: Advice element | ||
PI59201 | NullPointerException when decrypting a SOAP message in JAX-WS | ||
PI60820 | CWWSS5634E when using relative URI | ||
WebSphere Common Configuration Model (WCCM) | PI59279 | Infinite loop during application startup while accessing program model extension metadata |
Fix Pack 8.5.5.9
|
|
---|---|
Fix release date: 18 March 2016 Last modified: 18 March 2016 Status: Superseded Download Fix Pack 8.5.5.9 |
Component
|
Security APAR
|
APAR
|
Description
|
---|---|---|---|
Administrative Console (all non-scripting) | PI48976 | No console identity is displayed on the administrative console login screen | |
PI49497 | CreateWebserver issued thru admin console is not mapping all existing deployed applciations. | ||
PI50191 | Generic jvm arguments with spaces are not handled properly by WebSphere Application Server | ||
PI51214 | Swedish characters are not displayed correctly in the administrative console. | ||
PI51487 | Administrator group role displays auditor role twice. | ||
Administrative Scripting Tools (for example: wsadmin or ANT) | PI46759 | java.util.regex.PatternSyntaxException in AdminApp.edit when string includes question mark (?) | |
PI49833 | Leading space when adding custom properties to resource environment providers via wsadmin - adminConfig.create | ||
Default Messaging Component | PI45426 | Unable to stop or reset MQLink sender channel in mixed topology with V8.5 deployment manager and V7.0 nodes | |
Dynamic Cache | PI49336 | OutOfMemory issues in DRS due to large DRSQueueMessage collection caused by looping. | |
EJB Container | PI52932 | JPA2 error com.ibm.wsspi.injectionengine.InjectionException after migration from V7 | |
PI53807 | Improve message text when EJB SessionContext fails to serialize | ||
Enterprise Edition (EE) | PI50020 | JAXB unmdarshalling does not work correctly, and returns null for a simple xml string. | |
PI50673 | JAXB unmarshalling not tolerating whitespace around token enumerations | ||
Federated Repositories | PI47826 | VMM does not clear the cache if clearEntity mode is used. | |
PI48613 | Group search filter not applied while dynamic groups search | ||
General | PI16200 | Message driven bean failed to get scheduler MBean during init(). | |
PI24684 | Hanging proxy jobs after IPL | ||
PI31579 | IllegalStateException when accessing BeanManager in JSF SystemEventListener for PreDestroyApplicationEvent | ||
PI35887 | CDI method getName() can result in null | ||
PI38270 | NullPointerException in InvocationContextImpl.configureTarget when destroying an already destroyed bean | ||
PI40003 | Security roles mapped to special subject "All authenticated in trusted realms" for OSGi applications are ignored at runtime. | ||
PI40520 | OSGi commands listOSGiExtensions and listAvailableOSGiExtensions cause files to accumulate in the wstemp directory | ||
PI40596 | MalformedParameterizedTypeException thrown during deployment of webbeans does not give enough information to debug | ||
PI41965 | SAML TAI restores post parameters from original request prematurely | ||
PI42582 | Cannot specify SpecialSubject AllAuthenticatedInTrustedRealms from wsadmin script when mapping roles to users | ||
PI43084 | Reduce the amount of data which is output when printing out data buffers from within WMQ-RA traces | ||
PI44309 | Thread hang due to the "Allow serial access" enabled in session manager | ||
PI44496 | Users see many threads generically named thread-xx, like "thread-23" | ||
PI45044 | JSF problem in a Portlet environment: Form inputs inside a data table lose their values if validation fails | ||
PI45352 | OSGi related admin tasks may not close asset files in workspace in wstemp preventing deletion | ||
PI45449 | Exception message is not included in the SOAP fault when the application explicitly throws a RuntimeException. | ||
PI45557 | Remote EJB call to clustered WebSphere z/OS server fails due to missing security context | ||
PI45811 | @AroundInvoke interceptors must declare throws exception | ||
PI46640 | Incorrect URL appears in Plugin Configuration Toolbox command | ||
PI46699 | A null value is returned when trying to use OpenJPAs DelegatingConnection's unwrap() | ||
PI46964 | WOLA gets error on otma_open call, rc = 8, rsn codes = 0 : 0 : 0 : 2 | ||
PI47070 | OSGi commands leave open files | ||
PI47144 | Merging an unmanaged entity multiple (3) times leads to an exception. | ||
PI47454 | NullPointerException is logged on console when DEBUG_PHASE_LISTENER set to true and validation fails | ||
PI48806 | Compute Grid endpoint logging | ||
PI49066 | Use of OpenID TAI may cause ClassCastException error in cluster environment | ||
PI49174 | Namespace missing in the nodes with default namespace when moved | ||
✓
|
PI49272 | Cross site scripting vulnerability in OAuth Service Provider CVE-2015-7417 | |
PI49705 | NullPointerExceptions in binding listener code, causes the invalidation to fail. | ||
PI50016 | WebSphere grid endpoint not able to run OSGi batch application | ||
PI50100 | Compute grid scheduler unable to dispatch to an OSGi batch job. | ||
PI50291 | Beans searched for through instance interface are not found | ||
PI50513 | In a clustered environment the job tables "XJCLREPOSITORY" and "GLOBALJOBIDASSIGNMENT" will not be purged correctly | ||
PI50691 | java.lang.IllegalArgumentException on Solaris JDK 7 only | ||
PI50694 | ClassCastException is thrown in JPA when QueryCache is enabled. | ||
PI50728 | Submitting jobs thru EJB/webservices interface part.1.log is missing latest entries and displaying old jobs entries | ||
PI50765 | NullPointerException in OpenID when key not in cache | ||
PI51134 | NullPointerException if all interceptors are on methods overriden, defined at class level or defined in a different method | ||
PI51301 | OAuth may not honor Security Domain credentials | ||
PI51327 | Need warnining message when uninstalling running enterprise apps | ||
PI51447 | Increase memory space to pass routing information between plugin and the ODR module | ||
PI51508 | Reduce contention in AbstractOwbBean.equals use | ||
PI51777 | zWAS WOLA abendc78 rc5c in CICS TRUE BBOATRUE on path after OLA unregister API | ||
PI51950 | Increase in 50 cluster creation in large topology | ||
PI52121 | In case of a parse error in any of the SIP messages, the TCP connection to the container is dropped. | ||
PI52169 | Nodes do not preserve declaration related information when copied | ||
PI52209 | EntityNotFoundException in OpenJPA | ||
PI52756 | CDI is activated and generates error with no existence of beans.xml | ||
PI52832 | Scheduled jobs in WebSphere batch are not run on z/OS | ||
PI52887 | OSGi application startup problem - SECJ0326E: No received or invocation credential exist on the thread. | ||
PI53085 | A message flow control mechanism in ME-to-ME communications in pub/sub environments to prevent message pile ups in the target ME | ||
PI53220 | Session attribute not stored with Oracle as DB session persistence and MultiRowSchema=true | ||
PI53403 | IBM WebSphere Software Development Kit (SDK) Java Technology Edition version 7.1 fails to uninstall on AIX 64-bit operating systems | ||
PI53425 | DUMP TITLE=COMPON=WEBSPHERE Z/OS, COMPID=5655I3500, ISSUER=BBORADMP, ABEND IN PC ROUTINE BBOCLSPC | ||
PI53589 | Add Java 8 as optional JDK for V8.5.5.9 and up | ||
PI53931 | HPEL trace and default trace not showing the same information | ||
PI54212 | Update one class in Apache Commons | ||
PI54236 | When stopping an application the administrative console shows extraneous error about a web server. | ||
PI55299 | EJBConfigurationException: Bean class com.ibm.ws.batch.JobSchedulerMDB could not be found or loaded | ||
PI55465 | Messaging Engine fails to start when the schema name contains special characters | ||
PI55692 | Jobnumber SQL issue after migrating from Compute Grid V8 to WebSphere Application Server V8.5.5 | ||
PI55853 | java.lang.OutOfMemoryError in the control region output after a failed WOLA reqeust. | ||
PI55910 | Logging in InvocationContextImpl outputs array ids instead of array contents | ||
PI57520 | WAS855 issue with wsgridConfig.py -remove after a migration | ||
High Availability (HA) | PI53806 | HMGR0005I message does not state that the high availability manager has been disabled | |
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server. | |
Install | PI49801 | installation manager errors when moving symbolic links during update | |
Intelligent Management Component | PI47535 | Cluster based wildcard routing rules fail to route correctly after sever restarts | |
PI50050 | Health Management restart action does not attempt to restart a server if a restart action failed | ||
PI50388 | Logs are full with the following error: "... Request filters..."AsynchHandler E XJMS0006E: Error while invoking.." | ||
PI51341 | SNMP trap for health policy uses wrong health policy name | ||
PI51844 | Create null guard for custom property | ||
PI51906 | ODR returns 500s instead of 404s due to a NullPointerException when processing the request EST | ||
PI51978 | Prevent a buildup of HttpRouteAction objects that would cause an OutOfMemory in the ODR | ||
PI52307 | Incorrect applications are stopped when performing validation operations on a base edition | ||
PI53566 | On Demand Router memory leak when upgraing applications under load | ||
PI53850 | APC is not removing nodes on AIX with APC.predictor=CPU | ||
PI53857 | APC hangs when placement decision includes one instance stop in a node and one instance start in the other node of same cluster | ||
PI54818 | GlobalGCObjectType is being logged in SystemOut under normal logging | ||
PI55004 | Message "ODR:NOTICE: Default tracing has been set to ." is confusing and concerning | ||
PI56172 | Lack of spaces in ODR match expressions cause the rules to fail validation | ||
PI57156 | Introduce "Not equals" operator for queryParm match expression | ||
Java 2 Connectivity (J2C) | PI49357 | Deadlock situation can occur during server startup due to synchronization issues in J2C | |
PI53120 | Datasource connection pool minimumPoolSize to be 0 by default for newly created datasources | ||
PI54775 | FFDC log does not have the datasource name | ||
Java Message Service (JMS) | PI43752 | AsyncContext.dispatch() dispatches to an incorrect URI | |
PI47103 | java.lang.NullPointerException when using async servlets and PMI | ||
PI48725 | Initial TLSv1.0 application data packet read into the wrong buffer by the SSL channel | ||
PI48986 | An FFDC is created if a request containing a content-encoding header does not have a body | ||
PI49369 | Starting applications continuously fail with NullPointerException | ||
PI50538 | Webcontainer throws a java.lang.IllegalArgumentException when parsing parameters. | ||
PI51523 | HTTP Channel getCookieValue throws ArrayIndexOutOfBoundsException when cookie is only one-digit double quote " | ||
PI52845 | SSL handshake fails due to a java.lang.IllegalArgumentException. | ||
PI53190 | Update IBM WebSphere MQ JCA resource adapter to version 7.1.0.7 | ||
Java SDK | PI47885 | h:selectManyCheckbox and h:selectOneRadio components do not support f:ajax tags. | |
PI47898 | Bean property initialization fails with a org.apache.commons.logging.LogConfigurationException. | ||
PI49486 | MyFaces leaking file descriptors when reading stylesheet files | ||
PI54702 | Null renderer-type tag causes custom TagLib xml parse error | ||
JNDI/Naming | PI47875 | Excessive memory use when an application uses many classloaders. | |
Liberty | Fix List | Detailed list of APARs for WebSphere Application Server Liberty | |
Migration | PI51236 | WASPostUpgrade not setting virtualHosts ports correctly. | |
PI53930 | Improve migration GUI message for incompatible profile | ||
PI53942 | Wrong cell name read from setupCmdLine.sh.bak file during migration | ||
Object Request Broker (ORB) | PI49424 | Dump occurs during stop of job scheduler control region. | |
PI50098 | High cpu and delays in app server controller caused by high number of worker threads created. | ||
PD tools (for example: Log Analyzer) | PI45128 | HPEL logging takes a long time to export when using the administrative console. | |
PI46069 | When HPEL log file path is changed, ISADC cannot acquire HPEL logs | ||
PI53378 | Undeprecate collector.bat/.sh | ||
Plug-in | PI50205 | Apache LogFormat not working for %{WAS}e | |
PI50473 | Error starting web server plugin on HP | ||
PI50823 | Improve plugin messages for file related errors | ||
PI52071 | Intelligent Management enabled WebSphere HTTP plugin, limit excessive memory growth via custom property. | ||
PI52490 | Improve the web server plugin logging to show ephemeral port on existing connections. | ||
PI53803 | iPlanet static contents returned 503 status code when it has plug-in configured. | ||
Runtime | PI46897 | Application update operation fails with "ADMA0078W" message on Microsoft Windows server | |
Runtime (zSeries®) | PI48675 | z/OS SMF 120 subtype 9 requests are not being written for asynchronous requests that were submitted as daemon request | |
Security | PI44539 | CWWDR0012E: java.lang.StackOverflowError error between WebSphere security and DRS for auth cache invalidation. | |
PI46800 | Renew of certificate fails with com.ibm.crypto.hdwrCCA.provider.JCECCARuntimeException | ||
Servlet Engine/Web Container | PI48485 | Duplicate registration of SimpleFileServlet when PMI is enabled | |
PI54235 | A redirect using an URI relative to the current request URL redirects to the wrong URL | ||
Session Initiation Protocol (SIP) Container | PI42211 | SIP parse errors not in textlog by default | |
PI52153 | No CANCEL request sent when session expired | ||
System Management/Repository | PI51061 | Corruption in administrative console. Application will not start, cannot access console. | |
PI52208 | deleteSymbolicLinks does not work for WebSphere Application Server running on Microsoft Windows | ||
PI53399 | Not able to delete a server or cluster | ||
Transaction Service | PI43413 | Deadlock in controller due to timing window in the recovery log service; servant times out | |
PI45590 | WTRN0146I message should not be output when XA recover has failed | ||
PI47909 | Migration fails when one node name is a substring of another | ||
PI51364 | Transaction context is not cleaned up when JTA transaction is broken | ||
PI54849 | Transaction timeouts triggered during EJB calls from Liberty | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI25423 | Incorrect ports are used for HTTPs and HTTP web services aync calls. | |
PI45894 | Workspace leak in SysmgmtHelperImpl during application install. | ||
PI48668 | Add a JVM property to enable the "org.apache.axiom.om.OMFormat.use.cteBase64.forNonTextualAttachments" format property. | ||
✓
|
PI50993 | Hide the HTTPClient API in JAX-RS engine | |
PI54925 | Extra information in FFDC log files when customer has defined strings | ||
Web Services Security | PI50119 | More error info required on WSEC7074E when KeyInfo missing from SAML assertion |
Fix Pack 8.5.5.8
|
|
---|---|
Fix release date: 11 December 2015 Last modified: 11 December 2015 Status: Superseded Download Fix Pack 8.5.5.8 |
Component
|
Security APAR
|
APAR
|
Description
|
---|---|---|---|
Administrative Console (all non-scripting) | PI42891 | No way to delete runtime messages from the administrative console | |
Administrative Scripting Tools (for example: wsadmin or ANT) | PI43440 | WASX7015E: Exception running command: "AdminUtilities.getScriptLibraryFiles()" | |
Classloader | PI28774 | Enable ClearClassCache to emit results | |
Data Replication Services | PI45227 | Session data is returned after a full 5 second DRS timeout | |
Default Messaging Component | PI39339 | sibDBUpgrade.sh syntax error | |
Federated Repositories | PI44152 | Use entity type search filter in get group membership call. | |
PI44899 | NullPointerException while searching for DB repository users | ||
General | PI33449 | Full profile OpenID Connect RP does not work with Google OP | |
PI37409 | Possible ABENDEC3 timeout in WebSphere z/OS servant region when running as client with webservices and JMS (sibus) in same SR | ||
PI38899 | java.lang.NullPointerException might occur when the deployed J2EE application with CDI annotations is stopped. | ||
PI40088 | Producer-field for EntityManager leads to exception | ||
PI40549 | UnproxyableResolutionException when injecting a bean with non-private final methods | ||
PI40568 | Custom property com.ibm.ws.management.suppressPortScan not stopping all port scanning | ||
PI40870 | New jobs do not start when the WebSphere batch scheduler is terminated abnormally while an existing job is running | ||
PI41555 | The javax.persistence.query.timeout property does not work as expected | ||
PI41573 | SchedulerComponent class gets stuck in a while loop when a server stops while in invokeSRToUpdateJobStatus method | ||
PI41707 | Data corruption in copied tree because when materializing, the child is being linked to the wrong parent | ||
PI42523 | Root not injected on URL containing query but omitted path | ||
PI42761 | java.lang.ArrayIndexOutOfBoundsException processing parallel batch with no subjobs defined and tracing is enabled | ||
PI42967 | ContextNotActiveException encountered when accessing a RequestScoped CDI bean inside a @PostConstruct method | ||
PI43325 | ODR server on z/OS is not listening on port defined for ORB_SSL_LISTENER_ADDRESS | ||
PI43900 | Parallel job manager subjob stuck in submitted state. | ||
PI44000 | The Cross Component Tracing (XCT) requestID is null or not correctly propagated. | ||
PI44337 | The error messages displayed when trying to manage an unmanageable server in a standalone environment are not helpful. | ||
PI44494 | Message BBOA7102E is seen when variable ola_rrs_context_propagate_otma=1 | ||
PI44534 | Provide Windows debugging information for the was.process native-code DLL | ||
PI44580 | Updating the SERVER_LOG_ROOT environment variable doesn't update the location of the btrace and objects log files. | ||
PI44859 | Error when trying to force an eager fetch on a query | ||
PI45241 | The call to the API /Cell=:ServerCluster=:EventInfrastructureProvider:/ is failing | ||
✓
|
PI45266 | HTTP response splitting vulnerability CVE-2015-2017 | |
PI45287 | APAR PI9074 might cause unexpected issues with web services applications | ||
PI45355 | Users in the LRMONITOR role cannot view saved jobs in the job repository | ||
PI45360 | Error "Duplicate resources found with name:" when running migrateConfigTo85.py | ||
PI45575 | HashMaps are not thread-saved in org.apache.openjpa.datacache.DataCacheManagerImpl | ||
PI45852 | IMS Batch DLI jog gets ABEND04E reason code 00D44033 when calling bboa1reg | ||
PI45899 | Editing a custom health policy in intelligent management shortens original text. | ||
PI45900 | Portlet API Version 2.1.0 update | ||
PI46605 | Small performance improvement to CDI | ||
PI46614 | NullPointerException at NamedDeclaration when XML has duplicate XSTypeDefinitions | ||
PI47114 | ODR fails to start due to invalid routing rule syntax | ||
PI47460 | Add multi-provider support to OpenID Connect relying party in the full profile. | ||
PI47812 | App edition rollout fails when attempting a split deployment rollout with EJB modules | ||
PI47842 | When doing IdP-initiated SSO, if a RelayState is not in the SAMLResponse, the authentication will fail. | ||
PI47989 | Session affinity break when using intelligent management validation mode | ||
PI48116 | Incorrect default path for WebSphere plugin, when creating an IHS webserver from the administrative console. | ||
PI48222 | Extra = in ibm-ejb-jar-bnd.xml for the work manager JNDI name triggers an ADMA0115W warning during deployment | ||
PI48547 | Under stress Intelligent Managment sends out of order messages which causes the Plugin to crash | ||
PI49036 | Prevent console links from opening as new tabs after viewing charts | ||
PI49194 | Numerous GSK_WOULD_BLOCK messages in the http_plugin.log during web server startup with intelligent management enabled plug-in | ||
PI49211 | Application binaries not updated during WebSphere Portal Server upgrade on z/OS | ||
PI49437 | Need to ship batik.jar that correctly displays with Tivoli Performance Viewer. | ||
PI49506 | Numerous 307 responses for the IM enabled plug-in and increased network traffic when im plug-in switches between connectors | ||
PI49871 | Intelligent Management enabled plug-in changed $WSRA value. | ||
PI49890 | Health management SNMP trap sets agentAddr to wrong IP address | ||
PI49937 | Exception com.ibm.ws.xd.vv.nodedetect.NetworkInterfaceUtil.getMacAddresses is seen on start up on Solaris | ||
PI50075 | EJBDeploy RMIC class not found exception on Sun OS when using non-default JVM | ||
PI50503 | Post install shows partial success in WebSphere Hypervisor environment on applying a fix pack | ||
PI50525 | Excessive append calls cause high CPU when using VE and PMI | ||
PI50562 | Intelligent Management DCPC0332E reason code is not always correct. | ||
PI50566 | FFDC logged during node agent startup on Liberty profile server creation | ||
PI50672 | After a new edition is rolled out and old edition deleted requests will return 500 errors in the ODR | ||
PI50889 | Add capability to LogRecordContext to have add and remove Extension | ||
PI51426 | Publish WSDL is not picking up the changes made to the HTTP URL | ||
PI51486 | FileNotFoundException during profile creation | ||
High Availability (HA) | PI40412 | DCSV8030 message explanation should include a link to appropriate technical document | |
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server. | |
Install | PI41455 | WAS_HOME/properties/postinstall/actions/os400PropertiesSetup.ant corrected | |
PI45999 | javax.rmi.CORBA.UtilClass=com.ibm.ws.orb.WSUtilDelegateImpl needs to be removed from orb.properties file | ||
PI49927 | Update to command productInfo viewLicenseInfo | ||
Java 2 Connectivity (J2C) | PI41925 | Improve administrative resource display performance | |
PI42046 | Datasource TestConnection through wsadmin can result in a failure after a client reroute warning | ||
Java Management Extensions (JMX) or JMX Client API | PI45882 | Handle error condition gracefully with corrupted configuration | |
Java Message Service (JMS) | PI46480 | NullPointerException thrown after input stream closed. | |
PI48759 | The TCP Channel's Host Name Include and Exclude lists are case sensitive | ||
JSP | PI43036 | JspTranslationException when using a JSP tag containing another tag with deferred-attributes | |
PI44611 | JSP engine throwing an IllegalStateException when PageContext.findAttribute(string attributename) is called | ||
Liberty | Fix List | Detailed list of APARs for WebSphere Application Server Liberty | |
Object Request Broker (ORB) | PI47559 | A large amount of common storage is being used when there is a large number of WebSphere cells on a single z/OS system. | |
PD tools (for example: Log Analyzer) | PI37108 | Unexpected commit when WebSphere is cancelled | |
PI41701 | No warning message for Java dumps and cores when server is not started | ||
PI44459 | Improper loglevel of trace string will not generate trace | ||
PI48699 | Unable to set the level for loggers that are requested by classes in the com.ibm.ws.bootstrap.jar bundle. | ||
Plug-in | PI46569 | Plugin may crash if connect calls are interrupted | |
PI49893 | Allow certificate validation to be disabled | ||
PMI/Performance Tools | PI48619 | Excessive appendCustomSetString calls cause high CPU when using VE and PMI. | |
Runtime | PI42112 | WSVR0322W emitted for empty classpath definition | |
Runtime (zSeries®) | PI44159 | Activation specs not started in all servers in a cluster during server initialization. | |
PI44409 | Server takes a long time to start through the administrative console | ||
Security | PI41238 | ErrorPage parameter on AdminTask.addSAMLTAISSO has a misleading description | |
PI42628 | Local OS registry initialization error | ||
PI43727 | Expiration monitor stopped working if the certificate is not generated by WebSphere Application Server | ||
PI44588 | The pull-down menu "cipher suite groups" cannot be displayed correctly in Microsoft Internet Explorer | ||
PI44880 | Improve serviceability for form-logout processing. | ||
PI47190 | Add simple ldapSearch function to help configure user registry. | ||
PI48386 | Extra information in Trace | ||
PI48460 | Failure to convert certificates when CMS keystore is present | ||
PI49025 | z/OS users could experience authorization failures and see error message: SECJ0129E: Authorization failed for user | ||
Services Component Architecture | PI48565 | SCA implementation.jee application may not start | |
Session Initiation Protocol (SIP) Container | PI42867 | Exception in SIP container caused by many disconnections from the failovered server in very short period of time | |
System Management/Repository | PI43788 | Auto-deploy not setting session manager attributes | |
✓
|
PI52103 | Vulnerability in Apache Collections used by WebSphere Application Server | |
Transaction Service | PI43890 | Add additional information to CWRLS0030 message to aid startup trouble-shooting. | |
PI44969 | NullPointerException thrown from TerminatorImpl initialization | ||
PI45319 | NullPointerException appears during partner log recovery processing | ||
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI44237 | CData section is not preserved during parsing the SOAP message | |
PI44570 | GET request with a SOAPAction header ends in 503 response on z/OS. | ||
PI44781 | Dynamic outbound endpoint SSL configuration is not picked up by webservices when proxy is used. | ||
PI45126 | In JMS messages, special characters are not correctly encoded. | ||
Web Services Security | PI38151 | Throw exception if receive unsupported keyinfo in SAML | |
PI45840 | Allow PasswordDigest on UsernameToken in JAX-WS WS-Security with custom login module | ||
PI48578 | CWWSS8014E error in SAML Web SSO can be misleading | ||
WebSphere Common Configuration Model (WCCM) | PI42186 | Application deployment does not preserve signatures of fragment jar files. | |
PI45373 | The cmp-field elements of EJB deployment descriptors are ignored. |
Fix Pack 8.5.5.7
|
|
---|---|
Fix release date: 11 September 2015 Last modified: 11 September 2015 Status: Superseded Download Fix Pack 8.5.5.7 |
Component
|
APAR
|
Description
|
---|---|---|
Administrative Console (all non-scripting) | PI35762 | Administrator role unable to see the CORBA naming service users permissions |
PI37045 | Renewing a personal certificate in RSA token keystore does not update a certificate alias name in security.xml | |
PI38589 | After modifying an application's default session mgmt properties in admin console, its not possible to re-enable the defaults | |
PI39360 | Command generated using console command line assistance failed with StringIndexOutOfBoundsException | |
PI40490 | NullPointerException when creating a nameserver using a wsadmin jython script | |
PI41076 | JMX client fails to connect with ClassNotFoundException: com.ibm.ws.management.PlatformMBeanServerBuilder | |
PI42083 | NullPointerException when opening memory-to-memory replication page in administrative console. | |
PI42208 | Override the console preferences of all users to always sync with a save. | |
Default Messaging Component | PI33341 | Service integration bus messaging engine fails to start with NullPointerException when PMI is enabled |
PI36881 | Messaging engine attempts to obtain lock on the datastore even after the defined timeout value. | |
Enterprise Edition (EE) | PI32805 | java.lang.ArrayIndexOutOfBoundsException thrown by com.ibm.xml.xlxp2.api.util.DataBufferHelper.computeCoords10 |
PI37349 | Content in XML elements sometimes lost when using JAX-RPC web services | |
Federated Repositories | PI35743 | Race condition may cause excessive number of SQL calls to property extension database |
PI36794 | VMM database schema missing city property definition | |
PI37525 | Concurrent update/create failing on shared Oracle LA/DB in VMM | |
PI37682 | Retrieving users/groups on manage users and groups panel by default | |
PI38918 | VMM api not returning value if attribute name contains semicolon ; | |
PI40830 | Set default of value of supportChangeLog to none from CLI | |
General | PI17457 | Javacore file is packaged into the server dump in an incorrect encoding. |
PI31024 | Data corruption in copied tree due to original tree not being built. | |
PI31273 | osgiCfgInit.sh -all may output unreadable messages | |
PI31409 | CDI support with EJB timer usage | |
PI31682 | FileNotFoundException when using installWSGridMQ.py script. | |
PI33284 | NullPointerException generated by Apache wink library when processing HEAD requests | |
PI33955 | SIP container throws NullPointerException when invalidating SipApplicationSession | |
PI34088 | Error in SAML web SSO TAI with custom sp-initiated SSO | |
PI34326 | Frequent WSOpaqueToken W SECJ5003W: errors in systemout.log when using OAuth TAI | |
PI34330 | NullPointerException while providing internationalization service | |
PI34375 | Exception not caught in the Decorator | |
PI34445 | Exception while shutting down the application server | |
PI34548 | URL fragments may be removed when requests are processed by the SAML Web SSO TAI | |
PI34779 | Implement a way to configure the default representation of JPA boolean fields | |
PI34897 | ArrayIndexOutOfBoundsException starting a server that has no compute grid function enabled | |
PI35439 | NullPointerException while running recoverMEConfig command | |
PI35453 | OpenJPA transforms JPQL to SQL incorrectly | |
PI35756 | Deploying an application with an embedded CICS resource adapter fails with an AccessControlException. | |
PI35894 | LibraryMgr is not enabled for recovery mode start of was in z/OS | |
PI36179 | ReInvites are frequently canceled with NullPointerExceptions | |
PI37165 | java.io.NotSerializableException occurs when serializing an HTTPSession used by the UDDI GUI application. | |
PI37687 | IBM Embedded WebSphere Application Server is missing the jar files for OpenID and OpenID Connect | |
PI37710 | WebSphere Application Server Servant Region receives an OC4 ABEND. | |
PI37712 | OSGi dynamic import resolution is slow | |
PI37912 | Console shows "Add a server" instead of "New server" under "Servers" option | |
PI38116 | Provide option to not flush internal response objects in FileServletWrapper. | |
PI38200 | APC doesn't take instant action for cluster violations between time period specified by the min time between placements value | |
PI38265 | WS-Notification broker may fail to deliver notifications due to IllegalStateException issued by the IBM StAX parser. | |
PI38626 | z/OS servant hangs during initialization | |
PI38764 | Enable Kerberos token in HTTP header for web services | |
PI38793 | WebSphere batch scheduled jobs through JMC are not starting. | |
PI38811 | manageprofiles.sh -backupProfile runs even if there are clusters or managed webservers up and running. | |
PI39657 | SIP Proxy can deadlock if client uses the CRLF Keep-Alive technique. | |
PI39748 | While restarting the job java.lang.RuntimeException is thrown with parse error 13. | |
PI40002 | Update the system SSL cipher list | |
PI40117 | Setting date after 2038 year as "long date" generates ArrayIndexOutOfBoundsException | |
PI40212 | Requests are being accepted and served before all the ear is started. | |
PI40292 | Active cell agent gets erased in star topology, so that center cell APC has no point cell information. | |
PI40544 | CDI decorator for an interface must directly implement cannot inherit from a super class | |
PI40941 | Truncated DNS response causes SIP threads to block | |
PI41114 | APC hang problem causing uneven load balancing | |
PI41133 | Unable to update job log mapping file: delete() failed, not found or could not be formatted. | |
PI41325 | Improve logging in wctcmd command | |
PI41369 | Using @Inject @Any causes errors | |
PI41373 | Colon (:) gets removed from ODR HTTP redirection rule | |
PI41525 | CWWIM4564I reworded to include that the host was pinged. | |
PI41557 | Change default certificate to be SHA256withRSA certificates | |
PI41582 | Purge issue for scheduled jobs | |
PI41588 | Best routing rules not always found when using generic server cluster routing policies | |
PI41729 | The grid endpoint list shows up empty when using an app server running on an administrative agent profile | |
PI41941 | Improve error messages SRVE9002E and SRVE8011E | |
PI42077 | ODCF0002E is printed in nodeagent's systemout when starting nodeagent | |
PI42231 | Exception retrieving the value of a nilled element in order to pass to a Java extension function. | |
PI42281 | Suppress SRVE0255E error message in systemout trace | |
PI42338 | NullPointerException when XSI type has no namespace defined | |
PI42499 | Cannot set maintenance mode when number of nodes = minInstances of a dynamic cluster & vertical stacking is enabled | |
PI42609 | PJM batch jobs that go to restartable will not restart | |
PI42673 | Extra information in logs with Datasource custom properties | |
PI42784 | unsetMaintenance mode for nodes fails intermittently | |
PI43096 | Missing serverindex.XML throws NullPointerException | |
PI43144 | Extra information in Mail Trace | |
PI43215 | Compilation error when multiple XQuery files import one common file | |
PI43251 | Isolate deployed artifacts from OSS packages | |
PI43347 | Overlapping context roots may result in an HTTP 404 error message. | |
PI43678 | Application server fail to start if old pid file exists and is being used by other process | |
PI43749 | Data corruption in copied tree during unnecessary materializing copied nodes | |
PI43964 | Multiple APC instances are seen running at the same time in a cell | |
PI44066 | WSGrid issue when restarting the messaging engine inside the administrative console | |
PI44214 | getParameter() does not work after getReader() | |
PI44976 | Remove the NullPointerException thrown when running createLibertyServer command in local mode | |
PI44978 | Intelligent management enabled websphere plug-in does not process any updates after an initial error is encountered | |
PI44983 | PrivilegedActionException due to DocumentNotFoundException generated FFDC on the ODR in a multi-cell environment | |
PI44989 | Update CWOBB1009W message | |
PI45136 | Cluster server template property change does not reflect in server | |
PI45153 | wctcmd.exe does not list existing definitions when using the -listDefinitions argument | |
PI45639 | Out of memory errors in on demand router(odr) | |
PI45844 | NumberFormatException occurs when running in environments that has a locale setting that uses a comma for the decimal mark | |
PI46291 | Uncaught exception displays error in visualization trace | |
PI46502 | Error in handling the input parameter of on demand route cluster for routing rule commands | |
High Availability (HA) | PI41276 | Server fails to start when HA coregroup "transport memory size" is set more than 256 Mb |
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server. |
Install | PI34928 | Installation warnings when rolling back offerings that include a Java JRE |
PI41712 | Installing Java 7.1 on RHEL 7.1 it gives message no supported operating system | |
PI43868 | Update intelligent management webserver plugin retryInterval property with correct unit | |
PI45052 | Update license files | |
Java 2 Connectivity (J2C) | PI33656 | Enhance statement cache multi-thread access detection |
PI36870 | Memory leak when "_" character used in JMS connection factory name | |
PI37749 | JDBC Wrapper implementation of ResultSet.isClosed returns false after DB2 JCC driver has closed the ResultSet | |
PI44021 | ActivationSpecWrapperImpl.toString() null checking is incorrect | |
PM97050 | javax.transaction.TransactionRolledbackException is thrown due to java.lang.NoClassDefFoundError | |
Java Message Service (JMS) | PI35277 | Server not responding to Continue message as expected |
PI35402 | java.lang.NumberFormatException is thrown when expiry is set to "SPECIFIED" for a v5 default messaging topic or queue | |
PI37454 | BBOJ0099E: MDB problem: internal stop issued for MDB listener | |
PI40241 | A web service request using secure sockets fails | |
Java SDK | PI38788 | Hung thread caused by MyFaces |
PI42335 | Package the ORB 7.1 jars with the WSAS 8.5.5 thin client jars | |
JSP | PI45939 | The JSP batch compiler asumes that the -response.file file contains only ISO 8859-1 charset. |
Liberty | Fix List | Detailed list of APARs for WebSphere Application Server Liberty Profile |
Object Request Broker (ORB) | PI38104 | Server took an abend EC3 reason code 0406002e when a CG thread attempts to get a cell from an expanded ORBR cell pool. |
PI40209 | Message BBOO0327I can be improved by having it include: transaction class, service class, and report class if available | |
PI41788 | control_region_dreg_on_no_srs=1 not working as expected when an adjunct region is active but servant regions are not | |
PI42590 | BBOO0038E function IWMSTEND failed with RC=8, reason=119c084f, extended 473727 reason=xxxxxxxx. | |
PI43141 | WebSphere z/OS MODIFY commands, PAUSELISTENERS and RESUMELISTENERS, do not include Activation Spec listeners. | |
PD tools (for example: Log Analyzer) | PI37095 | 0C2 Abend 00C2 reason code: 00000002 during recovery from an 0C4abend |
PI39744 | Server stops due to FFDCFilter.processException() not catching exception | |
PI41698 | Javacore function in the console not displaying right msg | |
PI43063 | Collector tool does not collect files in temp directory | |
Plug-in | PI29182 | Consolidate domino choice within PCT |
PI39126 | Modify plugin to automatically accept GSKit security upgrades | |
PI40974 | Websocket connection fails when origin server does not send a content length header in the upgrade response | |
PI42116 | Message C2M1212 produced in websphere plugin job log | |
PI42490 | Second connect fails when using same socket | |
PMI/Performance Tools | PI35028 | CWPMI0010W message should be warning instead of error message. |
Proxy Server | PI38403 | Potential Information Disclosure in On Demand Router CVE-2015-1932 |
Runtime | PI38330 | library.policy is not applied to non-isolated shared library but is applied to isolated shared library may see SECJ0314W |
PI44532 | An AdminException occurs when syncing node containing a Liberty profile server | |
Security | PI29527 | Abend S878 when high number of users from a large SAF group log in. |
PI37396 | Potential spoofing vulnerability in WebSphere Application Server CVE-2015-4938 | |
PI38492 | The PropFilePasswordEncoder.sh did not work properly when running from command line. | |
PI38596 | Hang in findNonNullKeyEntry() of com.ibm.ws.security.EJB.BeanPermissionRoleMap | |
PI38685 | Servant region does not stop, deadlock | |
PI38917 | NullPointerException when attempting to enable FIPS | |
PI39046 | Custom TAI throws NullPointerException when TAIResult returns null | |
PI39369 | NullPointerException error may occur when security is enabled and provisioning is disabled. | |
PI39396 | Same value is set for LTPAToken and LTPAToken2 cookie in HTTP response | |
PI39552 | The TAI interceptor in the global security is deleted when the TAI interceptor in the security domain is being deleted. | |
PI42153 | Retrieve signers from port does not honor the enabled cipher suites setting. | |
PI43170 | Display a better message when keystore file does not exist. | |
PI43768 | Remove SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA from the strong cipher list. | |
Servlet Engine/Web Container | PI46499 | NullPointerException might be caught in the servlet listener code when security is enabled. |
System Management/Repository | PI38090 | SOAP connector port conflict message in nodeagent log |
PI40060 | ADMA8019E message seen while trying to map resources during application deployment | |
PI43161 | Partial application update fails due to case sensitivity on Microsoft Windows operating systems | |
Systems Management Functions | PI41554 | Job manager job generateMergedPluginConfigForLibertyProfileServers might fail. |
Transaction Service | PI38387 | When storing transaction service logs in a non-HA database data may be lost and the transaction service may fail to connect |
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI34919 | WSDL4J throws WSDLException caused by SAXParseException when schemaLocation="" |
PI35741 | JAX-WS service provider application does not use temp files for large attachments | |
PI37671 | Missing JSON response data from JAX-RS client appliction. | |
PI40869 | Out of memory when too many webservice-ref elements in ejb-jar.xml | |
PI42135 | Extra information is displayed in browser window | |
PI45894 | Workspace leak in SysMgmtHelperImpl during application install. | |
Web Services Security | PI32262 | AuthenticationCache entries with SAML tokens getting large and causing OutOfMemory |
Workload Management (WLM) | PI41759 | Cluster ripplestart delays when attempted from stopped or started state |
Fix Pack 8.5.5.6
|
|
---|---|
Fix release date: 26 June 2015 Last modified: 22 June 2015 Status: Superseded Download Fix Pack 8.5.5.6 |
Component
|
APAR
|
Description
|
---|---|---|
Administrative Console (all non-scripting) | PI31313 | In an HA Dmanager configuration, registering a Dmanager to a Job Manager can select the wrong Dmanager instance. |
PI34418 | Long wait time when clicking apply after changing application startup weight in admin console. Hung thread showing in logs. | |
PI36363 | Setting browser to never refresh prevents sync from taking place. | |
PI37945 | Null message in administrative console caused by NullPointerException when modifying SSL Config due to missing trustStore | |
Administrative Scripting Tools (for example: wsadmin or ANT) | PI35758 | NullPointerException in wsadmin when connecting to node agent with trace on |
Data Replication Services | PI33639 | Message "CWWDR0008E runtime exception occured : Unable to locate replication domain" does not include the name of the domain. |
Default Messaging Component | PI31775 | JMS messages buildup on the destination when TopicSpace mapping is used across multiple buses |
PI32705 | Large number of TickRange instances under GuaranteedTargetStream consumes more memory and may create | |
Dynamic Cache | PI34631 | DYNA0044E: xml parsing warning: Document is invalid: No grammar filed., while parsing file xxxxxx.xsd |
Federated Repositories | PI30252 | getUsersForGroup does not return members of subgroups when baseEntries and nameInRepository differs |
General | PI06130 | Edge Load Balancer for IPv4 and IPv6 crashes, when LB tries to remove a node |
PI26198 | SIP Container does not recognize that SIP Proxy is available. | |
PI27749 | UDDI registry application fails to handle non-ASCII characters | |
PI28627 | CScope component is causing a 10 minute delay to server startup and generates multiple CWRLS0030W messages in the logs | |
PI28851 | NullPointerException when starting the job scheduler server in a cell with intelligent management enabled | |
PI28981 | When JVM restarts and jobscheduler EJB s are not started yet, an exception can occur | |
PI29184 | Changes to AnnotatedType are not reflected in ProcessBean.getAnnotated() | |
PI29397 | LTPAToken cookie is always deleted when LTPAToken cookies are deleted even though interoperability mode is disabled. | |
PI29412 | When using a fetch group with a JPQL query, only the fields in the fetch group are returned. | |
PI29421 | CDI getInjectableReference() is not working as expected | |
PI29464 | Error on Firefox browser while accessing console from firststeps. | |
PI29634 | WebSphere OAuth TAI template cache has a synchronized lock and can block many threads. | |
PI29817 | JPA persistence not working in case of specifying O/R mapping information in orm.xml | |
PI29885 | While using the async threads inside the main thread, session manager code throws IndexOutOfBoundsException. | |
PI30007 | The administrative ID lost authorization roles after applying fix pack 8.5.5.3. | |
PI30035 | Temporary files created by Liberty profile as it installs the EBA packages are not getting deleted | |
PI30212 | CWWSS8031E error when a request matches the acsUrl and filter definitions for the SAML Web SSO AcsTrustAssociationInterceptor | |
PI30321 | Detailed message for BBOO0221W: Could not resolve variable | |
PI30385 | Domino nhttp task crashes when using the WebSphere plugin with the option ChunkedResponse=true | |
PI30464 | Error creating transport chain via dynamic cluster server template | |
PI30467 | Incorrect locking behaviour of OpenJPA | |
PI30597 | Web server crashes if plugin-cfg.xml config file is not specified in the web server configuration | |
PI31323 | JPA cache.contains(...) returns wrong value | |
PI31557 | Message bean instances injected with the CDI @new annotations are not @PostConstructed | |
PI31689 | WebSphere NPE ContextImpl.HandleSyncToOSThread using EJBTimer after migration from v6.0.1 to v8.0.0. | |
PI31734 | WebSphere HTTP response might have multiple Set-Cookie: JSESSIONID headers | |
PI31799 | A NullPointerException error may occur when a WS-Security kerberos token generator is mis-configured and trace is enabled | |
PI31826 | Enabling version 8 server for performance data collection services causes abort | |
PI31922 | New JSF applications may fail after deployment if another JSF application is deployed in the server using its own EL parser | |
PI31945 | CDI UnsatisfiedResolutionException from MDBs and startup beans | |
PI32026 | The message "BBOA8090E An error occurred during TRUE enablement with reason code 63" is not clear for client self-assist. | |
PI32113 | During Initialization of the WebSphere Application Server, there is a delay of 5 minutes or more. | |
PI32117 | WebSphere plugin crashing on request to /server-status when intelligent management is enabled | |
PI32125 | NullPointerException in Portlet Container CacheHelper | |
PI32250 | NullPointerException in PortletFilterRegistry method getFilters | |
PI32293 | SAML web SSO TAI is not working when IDP certificate renewed | |
PI32374 | JAX-RPC application with large attachment may consume large memory for calculating the size of the attachment. | |
PI32545 | Skip record processing is not working for job writer. | |
PI32579 | Allow the OnBehalfOf or ActAs elements in an STS request to contain a SAML token | |
PI32632 | Duplicate error page will be shown when 413 return code received | |
PI32652 | Unable to start server from IBM i QShell environment due to class loading issue | |
PI32689 | OpenJPA fails to recompute the JPQL when a null field of an embedded primary key is now correctly filled | |
PI32828 | ClassCastException com.ibm.ejs.container.WASBeanMetaData incompatable with webcontainer.metadata.WebComponentMetaData | |
PI32917 | The console does not indicate when a new user is being created when adding a primary admin user. | |
PI33012 | CVE-2014-8917 - XSS in dojox | |
PI33182 | The plug-in connection to the application server can fail if it is interrupted during the initial connect. | |
PI33193 | Enabling the same interceptor in different beans.xml fails with interceptor class is already defined error | |
PI33328 | javax.faces.application.FacesMessage is not serializable | |
PI33412 | Storage leak occurs when OSGi applications are stopped and started repeatedly | |
PI33453 | Chunked request might fail to receive all responses caused by delayed last CRLF | |
PI33513 | Edge Load Balancer is observed using high CPU | |
PI33655 | WASX7017E: Exception received while running file "./dumpOdrState.jacl" | |
PI33782 | WebSphere webserver plug-in does not set or propagate headers used by XCT (cross-component trace) | |
PI33795 | Override session management settings on application fails to work when application state is changed from inactive to valid | |
PI33798 | WebSphere Application Server for z/OS can encounter CML lock contention when under heavy load. | |
PI33923 | Property File Based Configuration does not correctly extract URL Providers having more than one URL | |
PI33930 | XCIUnsupportedOperationException occurs during copy process for simple type elements | |
PI34044 | Improve the debug information for messaging engine to messaging engine communication problems | |
PI34143 | Module updates rewrite the module manifest, meta-inf/manifest.mf | |
PI34299 | The MBean of WebContainer ThreadPool metric now contains 2 MBeans instead of one. | |
PI34319 | When there is a failure during rollout both current and new app editions are left inactive | |
PI34550 | SIP ClassNotFoundException while deserializing asynchronous work object that contains array | |
PI34567 | MIGDONE DDL file not in EBCDIC on z/OS | |
PI34588 | Plug-in crashes web server when intelligent management is disabled or enabled | |
PI35104 | Java2 Security AccessControlException in some system applications | |
PI35174 | WebSphere plugin Apache24 loads wrong GSKit on Intel 64bit | |
PI35178 | Plugin to return req_aborted with rc=500 for Solaris | |
PI35180 | Privilege escalation vulnerability with user roles CVE-2015-1946 | |
PI35232 | OpenJPA runs "SET ENVIRONMENT RETAINUPDATELOCKS 'ALL'" when Informix database is used | |
PI35265 | ECSA storage growth when resource managers (resmgr) are not deleted | |
PI35289 | Remove the RC4 ciphers from the high list of ciphers that are generated by default CVE-2015-2808 | |
PI35332 | Parse error in trace-cfg.xml when LANG=tr_TR | |
PI35548 | Mailer application failing to update table and suspend functionality not working properly for SendPromotionStep | |
PI35667 | Poor transaction performance when storing transaction logs in an a database | |
PI35729 | Issue different message if host and port number are not available. | |
PI35767 | Administrative console produces an FFDC when opening the "job scheduler" link. | |
PI35769 | Heap growth in job scheduler caused by non-WSGrid job notifications. | |
PI35846 | Update WRD help command with Network Deployment edition information | |
PI35850 | Message showing up in logs untranslated | |
PI35866 | Crash in LE module vsnprintf +x 000027fc | |
PI36130 | AdminTask.extractConfigProperties using -configData deployment does not extract the "disable autostart" value | |
PI36134 | NullPointerException when operating HashMap in destroyRequestContext | |
PI36177 | PostConstruct method is not called if there is a second method of the same name | |
PI36211 | Potential privilege escalation with OAUTH2 | |
PI36242 | WSGrid script generates 4 unwanted FFDCs but runs sucessfully | |
PI36346 | Performance issue with certain object model operations | |
PI36563 | Remove the RSA_EXPORT ciphers from the medium list of ciphers | |
PI36566 | Groupby element of current-group()[n] does not return a singleton value for xml that use stripspace elements | |
PI36921 | Timing issue causes APC to see an incorrect value of ProactiveIdleStop resulting in violated min instance | |
PI37124 | Wrong query is generated when using JPA 2.2 with criteria builder and sub query | |
PI37230 | Potential security vulnerability with the Administrative console CVE-2015-1936 | |
PI37291 | WebSphere batch skips input line if there is an exception after restart. | |
PI37304 | Incorrect JSP translation for the expression | |
PI37485 | Comparison between encodings should be case-insensitive. JSPG0088E | |
PI37497 | Application runtime failed with HTTP method PUT is not supported by this URL | |
PI37794 | Load Balancer for IPv4 and IPv6 8.5.5 should work with Linux on Power system | |
PI37982 | NullPointerException thrown when a B2B application uses a linked request | |
PI38043 | Avoid repetitive loading of JSF component classes while restoring view in JSF 2.0 portlet bridge. | |
PI38066 | Request to Prefix mapping of Faces servlet may return a 500 Error. | |
PI38074 | Load Balancer for IPv4 and IPv6 is hung under load | |
PI38211 | Load Balancer for IPv4 and IPv6 gets a segfault attempting to access a null pointer. | |
PI38495 | Logs full of XNMI0004E error messages in cell with some nodes that do not have intelligent management running | |
PI38549 | The intelligent management enabled WebSphere plugin causes a segmentation fault when an edition routing rule is modified. | |
PI38672 | Federating a node to a cell fails | |
PI38804 | When using ODR routing rules in a multi-cell topology affinity is broken when routing to server in point with rulesOverAffinity | |
PI39310 | ODC will account for application reads for apps that were targeted but not enabled | |
PI39725 | Intelligent management enabled plugin not using vhosts as expected. | |
PI39740 | InvalidParameterValueException: ADMF0003E: Invalid parameter value false for parameter mode for command setMaintenanceMode | |
PI39768 | Vulnerability in Apache Batik used by WebSphere Application Server CVE-2015-0250 | |
PI39799 | TLJ never ends when scheduler killed after subjob reaches ended | |
PI40019 | ServletException errors when trying to create a "routing policy HTTP rule" for an ODR cluster in the administrative console | |
PI40225 | Intelligent management enabled plug-in segfaults due to out of order delete of Server and ServerApplication objects | |
PI40958 | Workspace not getting used when running certificate management command task not connected to a server. | |
PI41236 | High volume of add/del route messages causes rapid odrlib crashes | |
PI41471 | PI21072 has new SNMP_EncryptSecurityAttributes.sh file which runs in all operating systems except z/OS | |
PI41550 | With dynamic routing and auto scaling in a Liberty profile collective, routing may fail after a scale out and scale in operation | |
PI41728 | An inherited qualifier with a value is overridden but the more distant value's ancestor is applied to a bean. | |
PM83523 | A Javacore can occur indicating that the Load Balancer manager thread has terminated | |
PM86978 | The dscontrol quiesce/unquiesce command fails intermittently after 250 runs | |
High Availability (HA) | PI35249 | DCSV0001E: DCS stack: Internal error occurred in DCS. The exception is java.lang.NullPointerException |
HTTP Transport | PI33395 | NullPointerException thrown by UDP channel when stopping server. |
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server. |
Install | PI33001 | Pluggable application client installation does not accept Java 1.7 or Java 1.8 during im installation |
PI39793 | Update WebSphere Application Server V8.5.5.5 License to exclude Rational Application Developer | |
PI40207 | Ubuntu 14.04 is unsupported | |
Java 2 Connectivity (J2C) | PI28099 | Defer activation of JMS/MDB activation specification until the synchronized server startup on z/OS |
PI30546 | PMI is showing negative percentUsed for poolsize in TPV | |
PI34641 | Deadlock in J2C code during application server startup or shutdown | |
PI35354 | Custom property of J2C activation spec of rar included in ear is deleted after updating application. | |
PI35502 | NullPointerException during lookup of a ConnectionFactory from a BPM-WXS environment | |
Java Message Service (JMS) | IT00390 | a WMQ 7.1 JMS application fails with J2CA0046E error when trying to create a connection to a queue manager. |
IT01374 | WMQ V7 Java: A message may not be converted to unicode when SHARECNV=0 is set on a client channel. | |
IT04039 | WebSphere MQ FTE error: BFGIO0189E Unable to convert the character set "IBM01141" to a coded character set id | |
IV57472 | WMQ 7.1 AMQ9504 protocol error received at the qmgr and AMQ9213 at the client when a JMS session is shared by multiple threads | |
IV59264 | ABN=0C4-00000004 in CSQMCPRH when using the WebSphere MQ classes for Java | |
IV60008 | Add support to WebSphere MQ and JMS classes for the character set "CP1166", or CCSID 1166 | |
PI31292 | getPathInfo returns a semi-colon for the ";xxxx" appended after the request URI | |
PI31447 | The server adds a /(slash) to response URI if the inbound request URI has a ;(semi-colon) | |
PI35905 | Update 8.5.5 WMQ RA to 7.1.0.6 | |
PI36010 | Channel framework NCSA access log service time | |
PI39376 | The ibmaio.pdb files are not shipped for WebSphere Application Server 8.5.5 | |
JNDI/Naming | PI29849 | Naming exception cause is unclear |
PI30936 | When looking up an EJB using a call to NamingContextExt.resolve_str(), a null might be returned. | |
Liberty | Fix List | Detailed list of APARs for WebSphere Application Server Liberty Profile |
Migration | PI30817 | Migration changes core group IDs to the default CoreGroup ID |
PI34638 | Migration job BBOWDPRE, step PREUPGRD takes a very long time to complete | |
PI35237 | Processing of the sib-engines.xml file during migration causes a NullPointerException on WASPreUpgrade | |
Object Request Broker (ORB) | PI34999 | SMF120-9 record field bytes from server is zero |
PI36356 | Dump occurs during stop of job scheduler control region. | |
PD tools (for example: Log Analyzer) | PI28814 | Deadlock can occur when one thread is trying to rotate log file and another is setting a new trace specification |
PI28937 | java.util.logging.Logger objects do not inherit logging level from parent logger objects | |
PI38083 | Collector tool not gathering was, debug, and os directories in Microsoft Windows 2012 R2 | |
Plug-in | PI32029 | Unnecessary annotation scans for ejb-in-war content in a module. |
PI32786 | Auto-propagation fails if dmgr process has non-default name. | |
Programming Model Extensions (PME) | PI32169 | Asyncbeans logs error ASYN0066E and can lead to a slow memory leak due to timing issues related to work completion |
PI34146 | Repeated start and stop or re-deploy of application resulted in OutOfMemory | |
Proxy Server | PI32034 | HTTPs advisor retries the advisor request if the response does not match the advisorresponse. |
PI32719 | 64-bit 2.6.32-358.18.1 kernel module for RHEL6 is not installed. | |
PI35473 | There is a synchronization issue with quiesce and the server up and down commands. | |
PI40035 | Update WebSphere Application Server 8.5.5.6 licenses | |
Runtime | PI27505 | Generic server creation with no executable name or start command resulted some errors in nodeagent log |
PI29771 | An ABEND DC3 reason 000c0009 surfaces after attempting to start a control region after an IPL. Subsequent start is successful. | |
Runtime (zSeries®) | PI36264 | No message indicating classification level tracing is enabled |
Security | PI32242 | Missing file causes errors during profile creation in BBOWWPFA job. |
PI33215 | ASYN9999E messages may fill logs if security attribute propagation is disabled | |
Servlet Engine/Web Container | PI27835 | Incorrect validation of MultipartConfig annotation |
PI31622 | Privilege escalation with serveservlets CVE-2015-1927 | |
PI35394 | Incorrect validation of WebServlet annotation can result in ValidationException | |
PI38357 | Add more details to the WebAppHostNotFoundException | |
System Management/Repository | PI30878 | Shared library at cluster scope overwritten by PFBC c when user create a shared library at cell scope with the same name |
PI33944 | Microsoft Windows service not used when starting server from command-line | |
PI34572 | AdminTask.applyConfigProperties uses a password incorrectly | |
PI37248 | A property file based configuration (pfbc) file might fail to apply. | |
PI38302 | CVE-2015-1920 Security vulnerability in IBM WebSphere Application Server | |
Transaction Service | PI18414 | Transaction or recovery log file may become corrupt if process dies |
PI28635 | WS-RM 1.0 synchronous application requests are constantly resent despite having been acknowledged | |
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI28681 | ParseException during processing webservice with MTOM request with a space or CRLF before xop:include element |
PI29521 | Allow users to control where attachment files are cached to disk | |
PI29784 | Public method in super class of webservices annoted class is incorrectly exposed as webservice | |
PI30166 | Outgoing web service request is missing the closing MIMEBoundary tag. | |
PI31471 | NullPointerException with WebSphere ThinClient at SandeshaOutHandler.invoke | |
PI31777 | Dynamic outbound endpoint SSL configuration is not picked up for webservices when proxy is used. | |
PI32411 | BPM receives NullPointerException due to jaxwsNoWSDLProviderOperation | |
PI33437 | On error previous SOAP part is not cleared and is sent out | |
PI35285 | WSWS7027E and WSWS7054E errors (WSDL file could not be generated) may occur during web service deployment or startup | |
PI37874 | A web service thread holding a synchronization lock may hang during application deployment | |
Web Services Security | PI33760 | SHA-2 signature algorithm cannot be specified for SAML token in SAMLIssuerConfig.properties or WS-Security bindings |
WebSphere Common Configuration Model (WCCM) | PI28927 | Inner class name containing a $ character is incorrectly obtained by the annotation scanner. |
PI29967 | Mixed node deployment fails when application EJB upgraded by the application server | |
PI37029 | Incorrect behavior of getResources allow one catalog.xml can be recognized and loaded | |
Workload Management (WLM) | PI37801 | Thread sleep in WLM Rule.Etiquette registerNotificationType causes thread hangs when cluster member descriptions not avail |
Fix Pack 8.5.5.5
|
|
---|---|
Fix release date: 13 March 2015 Last modified: 11 March 2015 Status: Superseded Download Fix Pack 8.5.5.5 |
Component
|
APAR
|
Description
|
---|---|---|
Administrative Console (all non-scripting) | PI25136 | Attempting to update an application from the administrative console returns error 500 and NumberFormatException |
PI26128 | From the console if you select everything under policy attachments it generates multiple entries in bindings.xml | |
PI26222 | Memory to memory replication link issue | |
PI26590 | Mapping shared library to an application via admin console: changes not saved and NullPointerException results | |
PI26930 | Mail validation is too strict for security notification emails | |
PI28879 | "Generic Servers" might remain as "defunct" processes in the system after being stopped. | |
PI29003 | Setting memory-to-memory replication fails with NullPointerException | |
PI29631 | Referenceables parameter is missing in the command generated by command assistance | |
PI31142 | If workspace for user exists when logging in to administrative console, the workspace will be loaded regardless of user selection. | |
Administrative Scripting Tools (for example: wsadmin or ANT) | PI25880 | $AdminApp edit fails with java.util.regex.PatternSyntaxException |
Data Replication Services | PI23397 | Delay in replication message delivery |
PI26233 | The members of the replication domain contains excessive members | |
Default Messaging Component | PI22569 | MQ RFH2 header is propagated even though it is disabled at the destination. |
Dynamic Cache | PI28016 | NumberFormatException in extended cache monitor |
PI28515 | Dynacache CWWDY1064E or DYNA1064E is written for containsKeyDisk() operation | |
EJB Container | PI26271 | Remove the FFDC entry |
PI27924 | UserTransaction cannot be used from a CDI instance created within the context of an EJB | |
Enterprise Edition (EE) | PI28418 | Web service request message might be missing a prefix with the namespace in a child element |
Federated Repositories | PI24253 | Duplicate predicates in LDAP query is causing performance issues for client. |
PI24537 | ClassNotFoundException after running command dumpNameSpace.sh | |
PI28542 | NullPointerException while initializing the policy handler for openldap | |
PI30945 | CWWIM4538E message improved to include repository IDs. | |
General | PI15310 | StackOverflow error or NullPointerException occurs under heavy load |
PI16847 | Schema setting in the ORM file does not propagate to the generated sequences | |
PI17577 | PMT freeze after entering a domain user for wasservice panel | |
PI17938 | Multiple profiles creation at same time using manageprofiles.sh fails | |
PI18178 | NullPointerException in QueryKey.createKey using criteria with QueryCache enabled | |
PI19732 | First JPQL with left join fetch for lazy loaded specified and data cache enabled. Subsequent does not get loaded. | |
PI20433 | JPA pagination is not working | |
PI21665 | WebSphere can use the same from tag and via branch in two different requests even if call-id is different. | |
PI22650 | SIP container sends error responses even after ACK received | |
PI22671 | Application issue due to how bindings are merged. | |
PI23126 | adding contact header on derived sessions | |
PI23787 | While using the B2bUAHelper the branch becomes longer when the UAS sends the re-Invite. This fix is to shorten the branch. | |
PI24001 | The JspWriterImp is not properly cleaning up resources in memory after a request completes. | |
PI24352 | Customization jobs should support SMS allocation options | |
PI24575 | Use of JoinColumn targets to another JoinColumn key exposed as an attribute will cause a ConstraintViolation exception | |
PI24728 | installWSGridMQ.py script requires manual changes before runnning | |
PI24850 | "Inbound 412" response not counted in PMI | |
PI25359 | SQLException thrown when running two Oracle DLL files | |
PI25499 | NullPointerException thrown when a session in memory was invalidated before the scheduled invalidation occured. | |
PI25626 | Spurious WASX7486W warning message produced when command assistance output is used | |
PI25740 | Abend 0C4 with SMF enabled on native call to z_getstringutfchars. | |
PI25749 | Include partition table information in logging. | |
PI26023 | Property file encoding error causing monitored directory deployment failure | |
PI26049 | OpenJPA PersistenceException: LongId cannot be cast to <class name> | |
PI26201 | UnsupportedOperationException when using application scope JSF bean with dependency injection via @ManagedProperty & eager=true | |
PI26373 | Remove "log file(s) are purged" message when the logs are purged using purge job utility. | |
PI26375 | ServletException when customer configures security role to user / group mappings. | |
PI26642 | Restart of a job is failing with java.lang.NullPointerException. | |
PI26645 | Exception when 408 received with different tag | |
PI26647 | The restarted job remains in submitted status resulting with java.lang.NullPointerException. | |
PI26666 | Property file based configuration updates to web module environment entries might not take effect. | |
PI26722 | SIP container splits the reason header into two headers due to a comma inside a quoted string | |
PI26735 | WSDL4J consumes excessive amounts of memory in the heap | |
PI26770 | NullPointerException when application uses CDI @Produces method with InjectionPoint | |
PI26845 | AdminTask.importSAMLIdPMetadata command generates invalid SAML Web SSO TAI properties | |
PI26862 | Subjob keeps running after top level job has end. | |
PI27022 | Print the levels of CICS modules to allow customer verification | |
PI27202 | During WOLA request processing across regions minor code c9c24c30 and c9c24c15 appear | |
PI27232 | Track hung threads with thread dumps | |
PI27246 | Data corruption caused by adding incorrect node to mutation map | |
PI27290 | Multi-window usage with server-side state saving throws a javax.faces.application.ViewExpiredException | |
PI27309 | After defining your own cookie name, if you try to revert to original name, it doesn't work | |
PI27385 | JPA unexpectedly adds double-quotation in SQL statement | |
PI27526 | The @Produces annotation method on class results in a non-null injectionpoint instance on first invocation. | |
PI27651 | The native WSGrid client code is not installed on non z/OS operating system environments | |
PI27836 | Update the data collector tool for classloader must gather to include the OSGi trace | |
PI28021 | Integrating Liquibase to Application Server through CDI causes a ClassCastException | |
PI28219 | 503s returned by the Intelligenent Management enabled WebSphere Plug-in when a series of server starts/stops | |
PI28233 | Updating a datasource property value of type #Boolean causes a new datasource to be added as type #String when using wsadmin | |
PI28257 | JPQL query using openjpa.hint.UseLiteralInSQL=true does not handle boolean constants (<parameter> =true) correctly | |
PI28290 | Unexpected response from SIP message 408 to cn=test user | |
PI28397 | WSGrid PJM Subjobs in restartable state after Scheduler goes down may not be able to be restarted. | |
PI28413 | Some SIP container packages were unnecessary exported. | |
PI28440 | SIP container is returning a re-Invite | |
PI28447 | Web Server plugin configuration tool (pct) updated to change response file saving | |
PI28590 | CDI Conversation scope is not working for JavaServer Faces (JSF) 2.0 portlet project in non-Ajax use case. | |
PI28693 | OpenJPA error: org.apache.openjpa.persistence.ArgumentException: Cannot manipulate identity of type <type> | |
PI28751 | Enhance the performance search for resources in /meta-inf/resources | |
PI28788 | PortletSessionWrapper of JavaServer Faces (JSF) 2.0 portlet bridge return attribute names as null if session is null | |
PI28908 | Automatic Placement Controller cannot make any placement decisions when restarted on a nodeagent | |
PI29073 | Out of memory error using com.ibm.xltxe.mm1mfcg.bel.FcgMethodGenBCEL | |
PI29084 | The substitution properties are not working properly in Compute Grid | |
PI29438 | New node (without any servers) does not enter maintenance mode | |
PI29446 | Misleading message when server lookup in coregroup fails when using AdminTask.modifyPolicy | |
PI29501 | SIP container throws NullPointerException when HPEL trace is enabled. | |
PI29537 | The sample response file for the wctcmd command indicates incorrect values | |
PI29583 | SipServletMessage.getLocalAddr/Port and getRemoteAddr/Port do not return null with container generated 408 messages. | |
PI29585 | Cannot edit memberships of garbage collection using Microsoft Internet Explorer | |
PI29666 | Remove system property com.ibm.ws.webbeans.trackInjectionPointsWithStack | |
PI29769 | SOAP ruleset logging HTTP messages | |
PI29848 | Running AdminTask.listServerPorts in Liberty profile server fails with CWPMC0012E exception | |
PI29878 | OutOfMemoryerror from session scoped managed bean | |
PI29980 | WSAS V8.5.5 node with APC and multiple dynamic cluster members running does not move into maintenance mode | |
PI29989 | NullPointerException in JAXBContext creation occurs when using Java 7. | |
PI30043 | Support JITC startup hints on Java 7.1 and 8.0 | |
PI30067 | Application server not starting because of WIMException | |
PI30208 | Support for the Intelligent Management plugin to route in a star topology | |
PI30281 | Need ability to route requests to administrative console through Intelligent Management enabled WebSphere plug-in | |
PI30400 | Update the XML processing for portlet.xml during portlet application installation. | |
PI30449 | Error ASPS0008E during node federation | |
PI30538 | NullPointerException during Transformation hides the real exception | |
PI30579 | Security Vulnerability with FacesPortlet | |
PI30609 | Nillable attribute in schema is not considered when evaluating nilled elements | |
PI30853 | Queue-size PMI counter gets negative on load intermitently | |
PI30885 | Additional output and function need to be added to the configCGSharedLib.py script for usability purposes. | |
PI30892 | A harmless error is created when the Top level job is cancelled while it is in the running state | |
PI30934 | migrateConfigTo85.py --backup generates 2 typos | |
PI30994 | Overlapping URIs in a single ODR workclass can cause the ODR to select the wrong cookie when attempting to honor server affinity | |
PI30995 | APC should not breach the min instance of dynamic cluster | |
PI31093 | Enable declaring EJB beans (stateless or singleton) in an EJB bundle jar as JAX-RS services | |
PI31315 | Capacity leakage issue for CI job in mixed mode | |
PI31429 | Provide a textLog for servants for HPEL on z/OS | |
PI31959 | File name error on the dynamic cluster server template logging and tracing pages | |
PI32544 | Exception during invalidation of SipSession which acts as UAC if message was created but not sent. | |
PI32647 | With Java2 security on, the SECJ0314W is thrown. | |
PI32677 | Parallel job manager top level job stuck in cancel pending state. | |
PI32941 | retrieveSigners.sh failed with java.lang.NoClassDefFoundError: com.ibm.ws.management.connector.JMXConnectorContext | |
PI32953 | Generated class in JAXB code gen process is not finishing its initialization in thread 1 before its accessed by other threads. | |
PI33945 | Heap growth in job scheduler servant region when running WSGrid. | |
PI34033 | WSAS z/OS local communication client may hang in termination. | |
PI34048 | Incorrect default selection in Administration UI | |
PI34253 | Intelligent Management enabled WebSphere plug-in seg faults under stress while routing a request bound to Liberty profile collective | |
PI34372 | Displays error if invalid RuleType is given to wsadmin CreateRuleset command | |
PI34567 | MIGDONE DDL file not in EBCDIC on z/OS | |
PM86697 | Followup to PM73096. Handle additional cases of archive memory leaks. | |
PM94774 | System message: WXMI0004I: Reading action from null | |
High Availability (HA) | PI31401 | Add additional information for DCSV1115W |
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server. |
Install | PI29207 | ClassNotFondException thrown when using JDK for Liberty Core with Liberty profile |
PI29328 | Add support for RedHat 7 and SLES 12 | |
PI31073 | Unsupported platform warning when installing Web 2.0 and Mobile Toolkit 1.1.0.6 offering on Power8 Little Endian | |
PI31340 | On Micrsoft Windows(Win7), installation of JDK7 on Liberty profile fails if the registry entry DelayedExpansion is set to 1 | |
PI32255 | versionInfo.sh and historyInfo.sh failing to process history.xml file | |
PI33671 | Update legal license for IBM WebSphere Application Server V8.5.5.5 | |
Java 2 Connectivity (J2C) | PI22672 | JCA connection is not freed after an exception is encountered |
PI23279 | OutOfMemory caused by leak in com.ibm.ejs.ras.TraceComponent and java.util.concurrent.ConcurrentHashMap | |
PI24960 | Variable in the user id field is not expanded correctly when contains "$" sign | |
PI28237 | Error messages during testConnection need to include JNDI name of the datasource | |
PI28913 | DSRA0304E and DSRA0302E messages with cause and exception as null creates confusion. | |
PI30814 | FFDC dumped with J2C exception does not contain the name of the datasource | |
PI30968 | J2CA0112W message could occur due to duplicate JNDI names | |
PI30983 | Print datasource name when printing JDBC driver info | |
Java Message Service (JMS) | IC93960 | A browse of WMQ Java PCF messages fails with a MQRCCF_STRUCTURE_TYPE_ERROR when using MQGMO_CONVERT |
IC94850 | WMQ 7.1 Information Center incorrectly states that interface JmsConnection is serializable. | |
IC95844 | WMQ classes for Java application receives RC 2195 when it attempts to create a PCFMessage | |
IC97121 | WMQ classes for Java: An MQGet fails with completion code '2', reason '2247' MQRC_MATCH_OPTIONS_ERROR | |
IV46272 | MQRC_SSL_PEER_NAME_MISMATCH error when connecting to queue sharing group. | |
IV46878 | WebSphere MQ Classes for JMS: MessageConsumer#receive does not return | |
IV47335 | NumberFormatException thrown when consuming a JMS message with a non-integer value in the Seq field of the RFH2 JMS folder | |
IV47459 | A WebSphere MQ messaging provider activation specification in WSAS issues error JMSCC0034 about being in an inconsistent state | |
IV47964 | MQ V7 RA JBoss throws an exception: No property "WMQ_MESSAGE_BODY" for admin object. | |
IV48023 | com.ibm.mqetclient.jar is omitted from the WMQ 7.0.1.10 resource adapter | |
IV50249 | A JMS app requests a dynamic queue specifying an asterisk in the QMGR name, the connect is successful but the MQOpen fails. | |
IV50451 | MDBs registered against a shared queue stop receiving messages and appear hung after coupling facility failure | |
PI26313 | Jobs run with launch client intermittently fail with WSCL0912E component failed to initialize | |
PI27662 | Update the administrativ console fly-over for the TCP channel access lists | |
PI29618 | A new directive option for NCSA logging to demonstrate XCT logging ID | |
PI31576 | Update IBM WebSphere MQ JCA resource adapter to version 7.1.0.5 | |
PM89892 | WMQ JMS resource adapter: Reason 2012 (MQRC_ENVIRONMENT_ERROR) when handling a Poison message in RRS-enabled bindings mode | |
PM92437 | MQCMIT and MQQueueManager.disconnect() for MQ Java under CICS get MQJE001: Completion code '2', reason '2298' | |
Liberty | Fix List | Detailed list of APARs for WebSphere Application Server Liberty Profile |
Migration | PI27459 | Migration failing in the WASPostUpgrade stage with ADMA0251E |
PI28359 | Migration change to wcinbound transport name causes synch error | |
PI28415 | WASpostUpgrade on the deployment manager shows MIGR0440W... SaveFailureException | |
PI30728 | The -portBlock -replacePorts option does not work properly for WASPostUpgrade command | |
Object Request Broker (ORB) | PI24328 | Same file names when using redirect_server_output_dir function on JES3 system |
PI27448 | Thread hang recovery not terminating a thread in DB2 type 2 driver env with WebSphere for z/OS | |
PI28764 | WebSphere control region hung after JVM error | |
PI31117 | SSD blocks in ESQA associated with WebSphere control not freed | |
Other | PI30745 | When webcontainer begins disallowing serveServletsByClassname, console no longer redirects from /admin to /ibm/console |
PD tools (for example: Log Analyzer) | PI25721 | OutOfMemory while running collector by ISADC |
PI27063 | Need to add new operation in TraceService Mbean , so that user can get the output after setting trace specification | |
PI29534 | HPEL indication from job outputs | |
PI30599 | includeExtensions must be able to accept wild card characters for logViewer | |
Plug-in | PI25624 | Field name getDLMTable incorrect |
PI25779 | The WebSphere plug-in may crash when used with Domino version 9. | |
PI26971 | Plug-in generation ignores cell custom property ignoreInternalApplicationsList | |
PI28074 | WebSphere plug-in for the IBM HTTP Server will issue MVS console message if initialization fails. | |
PI28144 | Provide information about client write failures in the WebSphere web server plugin log | |
PI28922 | Provide plugin-cfg.xsd for validation of plugin-cfg.xml | |
PI30108 | Message "ESI: esiMonitorCreate: unable to unset $WSRH header" | |
PI30202 | Ant script doesn t provide a proper failure message when wrong XML location is provided. | |
PI31899 | Server may get stuck in marked down state | |
PMI/Performance Tools | PI21024 | ClassCastException found while aggregating perfMBean PMI statistics for the servant process in z/OS |
PI21072 | Potential Information Disclosure with SNMP Configuration files at DMGR. | |
PI27222 | SNMP agent consumes more than 50 % CPU | |
PI28801 | Memory leak is not being countered properly with Gencon GC Policy | |
Programming Model Extensions (PME) | PI24943 | Asyncbeans logs the error ASYN0066E upon WorkTimeout |
Runtime | PI27028 | Server startup fails and does not any log any error message when RunAs user set |
Runtime (zSeries®) | PI24580 | Incorrect counts when using WLM classification file |
PI27262 | z/OS WebSphere public variable needed to disable FFDC logging of buffer overflow events | |
PI27374 | CreateFailureException when application is re-deployed | |
Security | PI16641 | Add a warning message if the realm name in the wimconfig.xml file does not match the global realm name in security.xml. |
PI18305 | Extra information in FFDC logs | |
PI20171 | EJBConfigData object reference not removed when done, causing memory leak and high memory consumption | |
PI20238 | GSSEncodeDecodeException when connecting from a thin client to WebSphere Application Server for z/OS | |
PI21667 | Security domain custom properties overwritten when changing RMI/IIOP security settings. | |
PI23764 | After removing the server which is mapped to the scope of dynamic SSL, server fails to start with NullPointerException | |
PI23823 | Native storage leak in subpool 249 key 2 of size 1000 on call to BBOSSNAP SAF service IRRSIA00 resulting in abend 878. | |
PI26151 | CWPKI0036E enabling certificate expiration monitor | |
PI26983 | java.lang.ClassNotFoundException using getSSOCookieFromSSOToken method | |
PI28207 | SECJ0395E: Could not locate the security server host and port | |
PI28315 | Applications using java.net.ssl properties may see CWPKI0022E: SSL handshake failure followed by certificate chaining error. | |
PI28513 | Server fails to start during initializing federated repository with java.security.AccessControlException. | |
PI29000 | High CPU utilization may be seen when security configuration change is made for a cell with many application servers | |
PI30137 | Emit warning messsage only when realms differ between security.xml and wimconfig.xml. | |
Servlet Engine/Web Container | PI19621 | Fix the server error messages in the logs. |
PI23529 | ServletConfig returns null on empty mappings list | |
PI25144 | Enhance HTTPOnly to support wild card in cookie name | |
PI26448 | When using HandlesTypes annotation, the handle class may not be passed in correctly on the onStartup method. | |
PI26908 | Error page handling is broken when the web application is CDI enabled. | |
PI28910 | ServletRequest.isAsyncStarted() incorrectly returns false on a thread after AsynContext.dispatch() has been called. | |
PI31339 | Potential information disclosure with servlets | |
Session Initiation Protocol (SIP) Container | PI32326 | ArrayOutOfBoundsException is thrown during failover |
System Management/Repository | PI18902 | Some scripts generate a new .tmp file under <profile_root>\configuration\org.eclipse.core.runtime\.manager |
PI24847 | Nodeagent might not start application server after system reboot because of wrong PID info in monitor.state | |
PI27378 | AdminTask UpdateAppOnCluster is not pausing application server during rollout updates | |
PI28200 | Extracted properties of type double, byte and short are shown as type #String using AdminTask.extractConfigProperties | |
Systems Management Functions | PI24134 | Add switch to disable Job Manager Remote Host Jobs capability |
Transaction Service | PI12449 | Server fails to start due to transaction recovery failure |
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI09785 | Exported WS-Security policy bindings with encrypted passwords may be unusable |
PI23342 | Deploying application with JSP precompile option issues error "getZipFile File not found". | |
PI23552 | WSDL definition could not be generated for the implementation class | |
PI24188 | Remove abandoned connections from JAX-WS connection pool after a specified time | |
PI26284 | Plugin generation fails with NoSuchMethodError due to a class conflict of the webservices classes. | |
PI26385 | Console shows unknown status for the webservices "service provider" status for all "edition managed" applications | |
Web Services Security | PI24503 | A SAML token cannot be sent in a response message. |
PI32373 | CredentialConfiguration class is missing from was_public.jar | |
WebSphere Common Configuration Model (WCCM) | PI27628 | Servlet container initialization can fail when using shared libraries |
Workload Management (WLM) | PI20776 | WSVR0605W hung thread in UnavailableManagerImpl |
PI34283 | WebSphere cluster status hangs in partial state or fails when ripplestarted from a stopped state |
Fix Pack 8.5.5.4
|
|
---|---|
Fix release date: 8 December 2014 Last modified: 2 December 2014 Status: Superseded Download Fix Pack 8.5.5.4 |
Component
|
APAR
|
Description
|
---|---|---|
100% CPU Usage | PI12571 | WorkCompletedException occurs when importing transaction via JCA |
PI13683 | Partner log full error CWRLS0008E: Recovery log is being marked as failed | |
PI13992 | Deadlock between transaction and activity services when remote request times out | |
PI16613 | NullPointerException in FFDC coming from RecoveryManager.preShutdown | |
PI23532 | Control region hang waiting for transaction resolution | |
Administrative Console (all non-scripting) | PI14218 | Not able to modify or select activation spec custom property |
PI16046 | Security role and runAs role checks are inconsistent | |
PI16095 | Port assignment issues | |
PI16524 | Command assistance in the console does not show all commands to the AuthorizationGroup MBean | |
PI16834 | Remotely-managed keystore inaccessible | |
PI17532 | Admin page being cached locally | |
PI19234 | Save option needs to be disabled on failed deployment | |
PI19347 | WMQ activation specification showing wrong infromation in the administrative console. | |
PI19624 | Reduce the number of security calls made when logging on to the administrative console | |
PI20136 | Exception thrown when trying to display an error for invalid provider type for a JDBC provider. | |
PI20257 | Wsadmin script jobs run in an admin agent by a Job Manager might fail with an InstanceNotFound exception | |
PI20602 | Can not remove TAI from security domain | |
PI20805 | Administrative console reports status of a running application as partial start after server restart. | |
PI20983 | Update information returned from SOAP port | |
PI21680 | Unable to enable interoperability mode under single sign on settings from administrative console | |
PI27152 | WebSphere Application Server console clickjacking vulnerability | |
Default Messaging Component | PI15969 | Blank page is returned when clicking on MQLink in the administrative console panel. |
PI17533 | JMS message producer and consumer applications fail to produce and consume messages from service integration bus destination | |
PI17537 | Deadlock detected between service integration bus threads | |
PI18320 | NullPointerException when service integration bus messaging engine is disabled and enabled,resulting in CWSIP0785W | |
PI18511 | When MQ Server is a bus member and correllationID of the message is used, queue is browsed against all messages. | |
PI19322 | Restrict long running locks warning messages logged though the feature is not enabled | |
PI20317 | IllegalMonitorStateException leads to corrupt destination in WebSphere Application Server service integration bus | |
PI21325 | JVM panic followed by IllegalStateException due to timing issue when mutilple threads attempt to persist large messages | |
EJB Container | PI23290 | EJB sessionContext.getCallerPrincipal() call not working in asyncbeans |
PI23717 | Deadlock in com/ibm/ejs/util/cache/Cache.findAndFault and com/ibm/ejs/container/HomeRecord.getHomeAndInitialize | |
EJBDeploy (WSAD) | PI21937 | EJBQLs with FROM clause in joins may produce invalid SQL |
Enterprise Edition (EE) | PI19114 | ClassGenException - Branch target offset exception - is thrown during code generation process in the JAXB Marshalling process. |
Federated Repositories | PI17239 | Principal name for the users in local OS and domain returned in the format machineid\userid or domain\userid |
PI17504 | VMM throws NullPointerException during login if contextPool is disabled | |
PI18109 | getGroups not returning propertyForInput if uniqueName is provided | |
PI18910 | Exception in loading JDBC driver class when skipDBCreation set to true while runningsetupIdMgrPropertyExtensionRepositoryTables | |
PI19315 | Context pool checkbox is disabled by default for custom LDAP repository type but traces show that it is enabled. | |
PI20696 | Iterator is not handled correctly while generating hashed password | |
PI20941 | Server startup has SECJ0363E and SECJ0369E errors | |
PI21458 | Support for login policy to change password after first login in federated repository with LDAP repository configured. | |
PI23929 | Server fails to restart after enabling servlet caching. | |
General | PI04723 | Security checks cause insufficient authority errors Intelligent Management is enabled. |
PI06713 | Incorrect or indeterminate state for WSAS reported by RAD when WSAS is stopped with unsupported system.exit. | |
PI10197 | DOMException showing HIERARCHY_REQUEST_ERR during an applicationupdate. | |
PI10457 | Allow configuring response code when a non-confirmed session is invalidated | |
PI11849 | org.eclipse.emf.ecore.xmi.FeatureNotFoundException: Feature xmlns not found error. | |
PI12300 | WSGRID fails with JobSchedulerMDB.SecureSubmitter: caught exception com.ibm.websphere.longrun.JCLException | |
PI13445 | Change mapWebserverToApplications to mapWebServerToApplications in pct_responsefile.txt | |
PI13643 | Linkage error publishing an ear | |
PI13944 | SIP annotations not found on loose EBA jar files. | |
PI14132 | SIP container does not handle error case where a UA uses the same to-tags in different responses. | |
PI14411 | Updates to the mailer sample appliction | |
PI14754 | Leverage database HA to implement recovery log HA | |
PI15638 | Follow-up to apar PM74190 for web services component | |
PI15819 | LinkageError due to class loader is trying to define a class the second time. | |
PI15837 | Problem mapping resource references to resources | |
PI17082 | GetClasses.dll does not ship Microsoft Windows PDBs | |
PI17652 | Conversation id (cid) is propagated in links (h:link) | |
PI17680 | SipApplicationSession accumulate after BYE transaction if reINVITE transaction not responded to | |
PI17820 | SIP custom property dip.no.route.error.code is ignored if the application is down | |
PI18016 | JSF MyFaces incorrectly prefixing external namespace to IDs | |
PI18212 | WSVR0120E in getClassBytes causes class loader deadlock | |
PI18379 | Unable to install feature when its name contains a slash character | |
PI18521 | stopServer failed if osgi.embedded.cleanupOnOpen option set to true | |
PI18604 | Uncaught application exceptions thrown during a JSF AJAX request instead of error element in the AJAX response | |
PI18687 | Fatal error files continue to be generated | |
PI18703 | Add support for Inspur K-UX operating systems | |
PI18727 | The SIP container throws java.lang.IllegalArgumentException on incoming SIP requests when WSAS is configured to work with IPv6 | |
PI18729 | SIP transaction is not being destroyed when application is un-deployed because of a timer | |
PI18737 | createSetupGSKitLibPath script sets incorrect GSKit path for generated setupGSKitLibPath script | |
PI18933 | SIP proxy parsing error results "internal server error" message | |
PI19074 | javax.servlet.ServletException: WebBeans context with scope type annotation @RequestScoped does not exist within current thread | |
PI19266 | SAML web single-sign on (sso) may corrupt HTTP Request Parameter bytes | |
PI19305 | Top level job status not updated even when sub job completed. | |
PI19558 | Incorrect element order when using multiple threads | |
PI19599 | Contention on classloader operations found impacting performance | |
PI19688 | Outbound service from WSAS to CICS via WOLA hangs | |
PI19698 | SAML web single-sign on (sso) may redirect client to the wrong URL | |
PI20040 | Unset deployment descriptor attributes become set during deployment. | |
PI20221 | SIP container removes data from reason header if it contains white space | |
PI20350 | Unable to add Require: precondition to reliable 18x response | |
PI20360 | xJCL property substitution inconsistent between version 611 and version 8 | |
PI20674 | NullPointerException in Equinox prevents OSGi applications Blueprint working correctly | |
PI20712 | Update resource filtering to handle getResources | |
PI20803 | Thread pool fails to detect interrupted tasks | |
PI20817 | The application-scoped managed bean are not instantiated/initialized when the web app is | |
PI20835 | NumberFormatException returns to Administrative Console if server running with "-Dfile.encoding=Cp943". | |
PI20909 | SAML web single-sign on (sso) is corrupting NL characters on various actions and logins | |
PI20922 | No messages are issued if multicell environment is not configured correctly | |
PI21144 | Cell profile creation using Z-PMT tool fails when ports are blocked by RACF | |
PI21332 | ABEND301 during WOLA unregister force | |
PI21414 | Analyze not being invoked due to notification issues. | |
PI21421 | Application deployment fails on z/OS with SECJ0305I | |
PI21521 | SipSession leaks in B2B application when there is downstream forking | |
PI21551 | On demand router ignores virtual host mappings when selecting a transport to proxy a request. | |
PI21552 | Provide required support to remove symlink dependencies to authorized modules when starting servers via scripting. | |
PI21777 | Duplicate submission of a scheduled job at the scheduled job submission time. | |
PI21875 | ODR returns 500 because of a NullPointerException in response filter when the request is served from the cache | |
PI22003 | Cannot select EJB methods for IIOP service policies | |
PI22097 | NullPointerException when BJEE name in the JOBSTATUS table is null | |
PI22240 | Memory overload protection (mop) can no longer be enabled/disabled on a per-cluster basis | |
PI22688 | Exception java.net.URISyntaxException: Illegal character in path error during startup if was_home path contains a blank space | |
PI22912 | NullPointerException thrown from session manager code even though the application server is up and running. | |
PI22949 | Rapid recycling of a jvm results in a failed server restart indicating java.io.IOException: The P2P layer was unable to bind to | |
PI23055 | Administrative Console may be vulnerable to cross-site scripting and cross-site request forgery | |
PI23059 | The com.ibm.CSI.SSLPort not honored in client programs | |
PI23178 | When viewing schedules from job management console, no schedules are shown even though they were created successfully | |
PI23307 | JVMOptions flag on WSGrid does not work | |
PI23430 | Remote attacker may be able to spoof OpenID and OpenID connect cookies | |
PI23501 | NoClassDefFoundError when loading the StudioPervasiveServlet | |
PI23547 | When REU=Y some requests to override a link succeed when all should fail | |
PI23723 | modifyHealthPolicy asks for a valid expression for non-custom actions. | |
PI23819 | Potential XSS vulnerability on session identifier handling when using URL rewriting | |
PI23826 | List items from the copied-tree are missing after mutating the original. | |
PI23836 | NullPointerException with XML tracing enable | |
PI23957 | AdminTask.checkMode returns false rather than error for non-existent servers | |
PI24071 | Update to IBM Dojo Toolkit (idt) version 1.10.0 | |
PI24153 | Support PostInstaller messages on console | |
PI24192 | Duplicated first element within a list for simple elements | |
PI24246 | HttpSessionBindingEvent.getValue() returns null | |
PI24289 | SNMP trap step inside garbage collection action does not work | |
PI24358 | ABEND 0D6 happens when a WOLA unregister call is made when the application server is down | |
PI24362 | ArrayIndexOutOfBoundsException with fast access array | |
PI24420 | pmiJvmtiProfiler.dll does not ship Microsoft Windows PDBs | |
PI24421 | systemData.dll does not ship Microsoft Windows PDBs | |
PI24444 | WebSphere WOLA API calls failing with abend BBOX in CICS for CICS TS 5.2 | |
PI24706 | Memory Overload protection (MOP) value is not persistent after server restart. | |
PI24787 | When using xsd:normalizedString type, "amp;" is added to special characters during serialization. | |
PI24807 | Dialog boxes created by JavaScript in VE administrative console pages disappear on page reload | |
PI24811 | The server needs to be restarted in order to pick up user/group mapping changes. | |
PI24846 | NullPointerException occurs because the environment hashtable is null. | |
PI25221 | A potential performance issue with ODR/Proxy on Microsoft Windows | |
PI25298 | OpenID Connect relying party on full profile cannot authenticate with Liberty profile OpenID Connect relying party provider using access token | |
PI25310 | CEA Service could allow information disclosure | |
PI25329 | Add include options for annotation filtering. | |
PI25409 | InvocationTargetException loading service EndpointComponentImpl caused by NullPointerException | |
PI25429 | Nilled elements within a list are not removed from the actual tree | |
PI25458 | Too many subJobs are dispatched on the restart of a top level job. | |
PI25467 | Elements missing from the copy when original and copy are in same tree | |
PI25570 | 500 error when building an expression in the subexpression builder | |
PI25649 | Creating a merged plugin function for Liberty profile servers from a jobManager server fails. | |
PI25681 | Remove export packages of the org.apache.commons.codec from the com.ibm.ws.security.oidc.client.jar | |
PI25712 | Node federation of non-IBM i to IBM i deployment manager fails | |
PI25730 | CWWIM5045E InitializationException thrown by the copyIdMgrFilesForDomain command | |
PI25828 | Node and associated server data may remain in ODC for a federated node that was removed using the removeNode command. | |
PI25988 | isDaemon property of workManager threads in batch context | |
PI26119 | CANCEL on reINVITE causes a leak | |
PI27275 | Issues with portlet fragment caching | |
PI27492 | Extraneous output during duplicate purge operation | |
PI27828 | In certain situations, Compute Grid jobs remain stuck in canceled pending state and cannot be re-submitted | |
PI28393 | Potential high web server memory usage with Intelligent Management for web servers in large cells. | |
PI28411 | Changes to support Liberty Profile collectives | |
PI28420 | java.io.IOException caused by installation of a BPM archive on Java 7 | |
PI28433 | Fixes for various memory leaks | |
PI28492 | System garbage collection(gc) is getting called very frequently causing high CPU usage. | |
PI28703 | Displaying CPU utilization or Average Queue Length with many nodes, WVE Report chart showed all the same color and shape | |
PI28715 | Accessing Operations tab for a dynamic clusters results in java.lang.StringIndexOutOfBoundsException in SystemErr.log | |
PI28722 | WTMS013E Status Received for TaskId messages in logs | |
PM83565 | installedApps did not get updated after application deployment due to httpOnly attribute in the deployment.xml under mixed cell | |
PM99139 | Poor performance doing lookup of object in JNDI particularly when using DSMLCtxFactory and DSMLCtx | |
High Availability (HA) | PI18362 | BBOA8782E during OLA processing of transactions with char containers. |
PI22073 | DCSV9421W (general network problem) messages should contain the node and server name member failing to connect. | |
PI24177 | In the administrative console, the hover text for the transport memory size coregroup property is misleading. | |
IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server. |
Install | PI24109 | Microsoft Windows service for IBM HTTP Server is not configured correctly from installation manager |
PI24155 | Installation Manager times out on some IBM i hardware | |
PI24470 | Cannot create the IMShared location inside the Installation Manager agent data location anymore in IM1.8 for os400. | |
Java 2 Connectivity (J2C) | PI12978 | DB2 insert is rolled back for unknown reason |
PI13707 | Resource adapter version information is not updated in deployment manager. | |
PI15051 | showPoolContents shows other datasource pool content information | |
PI16455 | The WebSphere J2C resource workload routing mbean operation failOverToAlternateResource fails with IllegalStateException | |
PI16660 | ClassCastException during invocation of method findByPrimaryKey on a CMP 2.1 EJB | |
PI17324 | AdminControl.invoke fails for purgePoolContents immediate | |
PI20126 | Password on a connection factory is not decoded when used to establish a connection | |
PI23616 | When EJB embedded jar is used to access DB2 datasource, it throws ClassNotFoundException | |
Java Message Service (JMS) | PI18962 | The remaining request body is purged after the request is completed |
PI19787 | Servant region fails to completely restart after timeout abend | |
PI20299 | Cache control header was updated by channel framework but updated incorrectly with quotes | |
PI21276 | %U NCSA access logging directive does not record the URL path | |
Java SDK | PI12666 | Getting the IllegalStateException: component with duplicate id message when using the shipped MyFaces 2.0 |
PI22281 | Application startup failed while initializing MyFaces with commons-logging | |
JSP | PI18025 | JSPG0046E: Unable to locate TagFile |
Liberty | Fix List | Detailed list of APARs for WebSphere Application Server Liberty Profile |
Object Request Broker (ORB) | PI18081 | WebSphere control region adjunct (cra) address space fails to start during server startup |
PI23528 | BBOO0327I MDB request timeout message contains a bad origin string in field 11 | |
PI24231 | IX90122 fails to work properly when security is not enabled. | |
PI25047 | Change the unit of measure to milliseconds in messages BBOJ0123I, BBOJ0124I, BBOJ0125I | |
PD tools (for example: Log Analyzer) | PI13142 | The FFDC files grows. No control on the size when exception happens. |
PI20363 | Error message enabling trace specification in runtime even though the trace specification is valid. | |
PI21768 | Deadlock when using java logging framework | |
Plug-in | PI15488 | Plugin synchronization not working |
PI17737 | Suppress transport port values from virtual host groups | |
PI19303 | Plugin configuration tool needs to support a choice for the Apache 2.4 plugin | |
PI19607 | iPlanet web server ca not load the WebSphere plugin | |
PI20279 | PLGC0018E after updating web server plug-in cluster level property | |
PI22682 | Cannot load ODRLIB due to missing jansson symbol json_dumps | |
PI23012 | The plugin-cfg.xml file is not generated on base application server | |
PI23057 | Unknown property error for UseInsecure property | |
PI23157 | When running with PRIMEPSA enabled plugin transportSetServerAddress overlaid heap headers, causing ABEND | |
PI25302 | Plug-in race condition can occur when multiple threads are trying to retrieve the partition table at the same time. | |
PI25325 | Reuse SSL sessions to reduce renegotation cost | |
PI25780 | GSK_ERROR_BAD_CERT (414) with web server plugin and smart routing | |
PI27023 | Intelligent Management enabled WebSphere Plug-in stops routing after an application is removed and added. | |
PI27204 | Connection count may be incorrect when using embedded ESI caching | |
PI27606 | Crash in lib_htrequest when using Intelligent Management | |
PMI/Performance Tools | PI18314 | "CWPMI0032W: PMI Service is not available in the Deployment Manager process" unnecessarily thrown |
Programming Model Extensions (PME) | PI20194 | OutOfMemoryError due to leak in com/ibm/ws/asynchbeans/am/_Alarm |
PI20701 | EJBQLs with FROM clause in joins may produce invalid SQL | |
Proxy Server | PI22640 | a NullPointerException occurs when caching is enabled and the proxy server has tracing enabled. |
Runtime (zSeries®) | PI16062 | SR abend U4087 when WOLA message received in LLZZ format and with adapter flag format LLLLZZ |
PI17345 | Requests with gzip content-encoding may be truncated | |
PI19751 | Update exception jfap.NotValidInCurrentStateException: Server is not configured with a CRA | |
PI20907 | Administrative console ports don't open after maintenance upgrade | |
PI20914 | Native storage leak when SMF120 sub-type9 recording turned on. | |
PI22382 | Exception in thread ChannelFramework Threadpool : 0 java.lang.NullPointerException | |
Scheduler | PI16842 | Scheduler misses first time with cron string specification |
Security | PI08268 | Information Disclosure in WebSphere Application Server |
PI14178 | Certificate monitor did not renew chained certificate ( not IBM-default chained certificate) | |
PI17564 | Can not enable SP800-131A and FIPS concurrently. | |
PI20492 | The PropFilePasswordEncoder.sh did not work properly when running from command line. | |
PI20818 | The TLS_EMPTY_RENEGOTIATION_INFO_SCSV cipher is not available for custom cipher configuration. | |
PI21620 | NullPointerException occurred during the first server startup after LTPA keys were regenerated. | |
PI22490 | The application login page is repeatedly displayed after supplying userid and password. | |
PI23164 | The ikeyman.bat fails to launch when there is a space in the installation path. | |
PI23190 | In WebSphere Process Server environment, LTPA token expiration error is thrown intermittently. | |
PI26426 | NullPointerException may happen during WebSphere Application Server startup. | |
Servlet Engine/Web Container | PI20210 | Request's parameters can be modified by the application (via string object modification). |
PI20456 | POST data is read in by the server even if there has been an exception. | |
PI20514 | If servlet init() method throws an exception then the remaining servlets in the web module are not initialized during startup. | |
PI22830 | 404 not found error generated for a request without trailing slash | |
System Management/Repository | PI18432 | Application update results in lost bindings |
PI18498 | Custom web module virtual host mappings lost on app update when generate default bindings is used | |
PI19736 | Deploying web application and leaving blank values for web modules does not remove values from web.xml | |
PI21163 | Unable to delete a JVM custom property using property file based configuration | |
PI21260 | Deployment manager log shows automatic synchronization in some nodes was disabled without being re-enabled | |
PI21377 | Cluster status remains partial start even if all cluster members are started | |
PI21951 | Job Manager or PFBC Update of an application fails with CWWSY0300E: Problem while processing updateApplication | |
PI22455 | A newly defined server port is not created using AdminTask.applyConfigProperties() command | |
Web 2.0 and Mobile Toolkit | PI12209 | Request for Dojo 1.9.2 |
PI13007 | IBM Dojo Toolkit (IDT) Version 1.8.6 | |
PI13390 | IBM Dojo Toolkit 1.9.3 | |
PI24071 | Update to IBM Dojo Toolkit (IDT) Version 1.10.0 | |
PI26037 | IBM Dojo Toolkit (IDT) Version 1.8.7 | |
PI26038 | IBM Dojo Toolkit (IDT) V1.9.4 |
Web Services (for example: SOAP or UDDI or WSGW or WSIF) | PI16734 | Policy settings are not migrated correctly |
PI18036 | MapsId class packaged with the Feature Pack for JPA is not located automatically by wsgen | |
PI18780 | Port types reported as invalid during web services application deployment | |
PI20751 | Web service provider incorrectly handles schema file with "/" context root | |
PI20931 | Synctimeout in web services client binding file not overrirding server timeout setting. | |
Web Services Security | PI18059 | a self-issued saml token that includes an x.500 ldap attribute cannot be created |
Workload Management (WLM) | PI17578 | Cluster status is partial in the console. |
PI21685 | OutOfMemoryError java.util.concurrent.LinkedBlockingQueue owned by BBDescriptionManager$UpdateThread |
Fix Pack 8.5.5.3
|
|
---|---|
Fix release date: 18 August 2014 Last modified: 12 August 2014 Status: Superseded Download Fix Pack 8.5.5.3 |
Component
|
APAR
|
Description
|
---|---|---|
100% CPU Usage | PI06988 | org.omg.CORBA.INTERNAL in Activity Service |
PI07168 | Compensation Scope log grows steadily until LogFullException following XAER_RMERR from CScope XAResource | |
PI08306 | WebSphere abends s0c4-0004 after segmentation error with dump event "gpf" during the server's startup. | |
PI08781 | Administrative console incorrectly reports WS-ReliableMessaging sequence state as Error for successfully terminated sequence | |
PI10107 | Slow performance when manipulating EBAs and CUs | |
PI11211 | New nodes are not populated with existing bundles. | |
PI11788 | Blueprint bundles using JPA fail to start. | |
PI14544 | Blueprint application startup deadlocks when using a bean for a reference-listeners and the bean uses the reference | |
PI16871 | TRANSACTION_ROLLEDBACK EXCEPTION in client when request routed to quiescing server and does not get re-routed to another server | |
PM99381 | WSAT transaction failed when using JDBC and JPA together | |
Administrative Console (all non-scripting) | PI08082 | Monitor users have access to TestConnection |
PI09388 | DSRA3602E error when argument Duser.language set in administrative console when creating JDBC datasource | |
PI09657 | False ADMU7713E messages might be logged. | |
PI09758 | Application deployment fails with "WebSphere FileBrowser MBEAN not found. Node agent may not be running." | |
PI10741 | #ERROR# is prefixed to IBM HTTP Server's ServerName directive when updated in administrative console under global directives | |
PI11434 | Information Disclosure in WebSphere Application Server | |
PI12744 | Connection timeout property of SOAP client ineffective in some cases | |
PI13887 | Several console panels do not display correctly with Microsoft Internet Explorer 11 | |
PI14045 | Un-registering dmgr from job manager causes trust.p12 to become an empty file | |
PI14501 | List of servers to map application modules to is an unsorted list and hard to navigate. | |
PI16761 | Incomplete node sync might occur that requires a restart of the nodeagent to resolve. | |
PI17450 | JVM dump environment variables not accounted for in console | |
PI19365 | Change the message that is displayed when an on demand router is created from the administrative console | |
PI20353 | Fails to register secure proxy server to an adminagent or starting admin subsystem fails | |
PI20605 | Exception in log when session times out and workspace contains changes. | |
Default Messaging Component | PI04730 | Messaging engine failover is initiated a few seconds before the configured DB lock wait time out. |
PI07713 | Support for SQL Server 2012 not added for sibDDLGenerator | |
PI07806 | JMFSchemaViolationException: schemaId=null when messages are sent over service integration bus link | |
PI09219 | Some messages in service integration bus destinations are not dispalyed in the administrative console. | |
PI10877 | Messages are not consumed after restart of messaging engine. | |
PI13118 | On either side of the MQLink, if the target destination is not found, messages are not put in the exception destination | |
PM93480 | Enablement of DB2 10.1 support | |
PM97695 | RippleStart of WebSphere Application Server causes currently running transactions to fail | |
PM99351 | JMS thin clients hang after IllegalArgumentException is thrown | |
Dynamic Cache | PI10209 | ConcurrentModificationException by dynacache while multiple threads are creating the cache instances at the same time. |
PI13004 | Serviceability apar to enhance dynacache tracing. | |
EJB Container | PI09894 | WLM classification of IIOP work requests not working |
PI10351 | LocalTransaction.RolledbackException occurs when EJB method is called in transaction started by TransactionManager interface | |
PI11816 | ClassCastException, EJB stub cannot be cast. | |
PI13514 | Unnecessary FFDC when interceptors are used for asynchronous EJB methods | |
EJBDeploy (WSAD) | PI15998 | EJBDeploy hanging in JDT |
Embedded/Express | PM97575 | Provide resource filtering in protection class loading |
Enterprise Edition (EE) | PI10924 | The JAXB Unmarshaller may throw a RuntimeException in the code generation process when handling a XMLJavaTypeAdapter. |
PI12873 | JAXB unmarshaller may return an unexpected null value with respect to an attribute being declared in it's superclass. | |
Federated Repositories | PI13001 | Federated repository does not allow logins for users with referred group memberships when referrals=ignore |
PI13172 | getUniqueUserId not returning user when userSecurityName contains single quote | |
PI15231 | Add group search filter for LDAP user in login process | |
PI16765 | Potential bypass security vulnerability in Virtual Member Manager (VMM) |
General | PI04819 | batchsimulator.jar not available in WebSphere Application Server 8.5 |
PI04945 | Trace for multiple containers is generated even when tracing is disabled | |
PI05405 | The JSR 303 implementation of BeanValidation cannot be configured as expected. | |
PI05455 | EMF IllegalValueException does not display feature information. | |
PI06079 | Unable to proceed with job submission in AIX if the folder count reaches 32k | |
PI06738 | Deadlock detected on compute grid | |
PI06904 | Issue with JSF and WSRP | |
PI07204 | VerifyError JVMVRFY012 using OSGi applications | |
PI07849 | JVM launched in running the WSGrid utility may hang at the end, run its ShutdownHook(s). | |
PI08385 | Display cluster members in application target status | |
PI08923 | Application installation fails with NullPointerException when an ear file contains nested jar files | |
PI09231 | null entries in the scheduler s jobstatus table. | |
PI09368 | The protocol_bboc_log_response_failure code treats "0" response as error. Should only treat negative return code as error. | |
PI09402 | Error in chkSectionFromFile during job execution setup on the endpoint causes jobs to be stuck in submitted state. | |
PI09576 | Unable to create a default server name with "server1" during profile creation. | |
PI09596 | NoClassdefFoundError for a particular JSP servlet. Causes permanent failure of loads | |
PI09754 | SIP container DNS APIs do not allow the application to configure the timeout value. | |
PI09768 | HTTP session object being locked by the SIP application | |
PI09799 | Server JVM locks nodeagent's native_stderr.log | |
PI09878 |