IBM Support

Fix list for IBM WebSphere Application Server V8.5

Product Readmes


Abstract

IBM WebSphere Application Server provides periodic fixes for the base and Network Deployment editions of release V8.5. The following is a complete listing of fixes for V8.5 with the most recent fix at the top.

Content


Release Date
Total number of APARs
Total number of Security APARs
Total number of Ideas
29 July 2024
57
8
1
19 February 2024
75
31 July 2023
108
5
1
13 February 2023
89
6
2
25 July 2022
95
4
21 February 2022
114
5
26 July 2021
137
13
15 February 2021
93
5
28 September 2020
139
13
9 March 2020
137
8
3 September 2019
153
6
4 March 2019
131
16
20 August 2018
187
11
5 February 2018
212
5
21 July 2017
240
10
23 December 2016
177
6
15 August 2016
208
7
18 March 2016
150
2
11 December 2015
111
2
11 September 2015
26 June 2015
13 March 2015
8 December 2014
18 August 2014
28 April 2014
11 November 2013
14 June 2013
15 April 2013
29 October 2012

Fix Pack 8.5.5.26
Fix release date: 29 July 2024
Last modified: 29 July 2024
Status: Recommended

Download Fix Pack 8.5.5.26
Enhancements:
Idea Description
TWAS-I-356 Support for Cookies Having Independent Partitioned State (CHIPS)
Fixes:
Component Security APAR APAR Description
Administrative Console (all non-scripting) PH61204 Javax.management.builder.initial= does not over-ride was default when set as a WebSphere variable
PH61392 Application deployment failure via admin console due to multiple clicks
PH61546 IBM WebSphere Application Server is vulnerable to cross-site scripting (CVE-2024-35153 CVSS 4.8)
Administrative Scripting Tools (for example: wsadmin or ANT) PH59984 Java.lang.noClassDefFoundError: javax.annotation.sql.dataSourceDefinition
PH60922 WS_ant fails with ClassNotFoundException
Channel Framework PH59781 IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to a denial of service (CVE-2024-25026 CVSS 5.9)
PH61176 Support the partitioned cookie attribute
PH61653 Partitioned attribute may be added to cookies which do not have SameSite=none only applies to session/security cookies
DB Connections/ Connection Pooling PH60510 Backport of Apache derby fixes
Default Messaging Component PH54462 Exception persisting batch com.ibm.ws.sib.msgstore.persistenceexception: cwsis1501e: the data sour
Edge Components Fixlist Detailed list of APARs for Edge Components
General PH51236 NumberFormatException in application logs on traditional WebSphere 9.0.5.8
PH55289 Upgrade Jackson version used by JAX-RS
PH57058 Wasservice command needs additional debugging info on Linux
PH59298 Update axis version in uddi.ear installable application
PH60029 Error creating client_auth_token during server shutdown though PH47643 is installed
PH60195 IBM WebSphere Application Server is vulnerable to a denial of service due to jose4j (CVE-2023-51775 CVSS 7.5)
PH60671 PCT on WINDOWS generate forward slashes when creating webserver response file
PH61043 Systemout log header does not contain i-fix information after installing java i-fixes
IBM HTTP Server Fixlist Detailed List of APARs for IBM HTTP Server
Install PH57668 855.24 packaging error may cause jdk ifixes to fail on fixpack upgrade
Intelligent Management Component PH59488 Not automatically restart the application after group rollout completed
PH61247 Regression of PH24552: PI89036 causes native_stdout to fill up with repeating debug timestamps https://www.ibm.com/support/pages
PH61621 XHAD1034W: Problem creating standby Deployment Manager node level managementScope: createManagementScope
Java 2 Connectivity (J2C) PH58090 Deadlock during db2 HADR failover
PH59466 Java.lang.NullPointerException at com.ibm.ejs.j2c.freepool.createmanagedconnectionwithmcwrapper
PH60663 Incorrect connection in-use time in ConnLeakLogic trace
Java Persistence API (JPA) PH59117 IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to server-side request forgery (CVE-2024-22329 CVSS 4.3)
JNDI/Naming PH59047 Extra datas in FFDC generated by CNConextImpl exception
JSP PH50620 Expression Language Service Loader Error causes ClassNotFoundException
PH51645 Repeated JSP re-compilation after the manual update of the JSP file under heavy load
Migration PH51549 Use inclusive language in migration messages
PH61699 Derby jar 10.3 and 10.5 were removed. Derby jar 10.8 was updated
PD tools (for example: Log Analyzer) PH60754 Add a check to make sure the bacb exists
Plug-in PH59064 IBM HTTP Server on Windows operating system fails to start after enabling the ODRLIB
PH59527 Slow memory leak in Web Server Plug-ins for IBM WebSphere Application Server
PH60994 Apache server graceful restarts overflow the plugin ld_library_path environment variable causing webserver crash
PH61169 After PH56263, webserver fails to start when not defining kdb and sth
PH61471 Apache based webserver parent process may exit during startup with sigpipe
PMI/Performance Tools PH61489 IBM WebSphere Application Server is vulnerable to remote code execution (CVE-2024-35154 CVSS 7.2)
Runtime and Classloader PH59682 IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to an XML External Entity (XXE) injection vulnerability (CVE-2024-22354 CVSS 7.0)
Security PH57364 When clients set up SPNEGO, they often configure kerberos instead (and set Kerberos and LTPA), but this ends up breaking SPNEGO
PH58869 IBM WebSphere Application Server could provide weaker than expected security (CVE-2023-50313 CVSS 5.3)
PH59304 IllegalArgumentException when enabling SP800-131/FIPS140-2 with TLSv1.3 post Java upgarde to SR8FP5 and later
PH60850 WSAdmin admintask.createkeystore causes NullPointerException creating kdb keystore
PH61068 When PH59304 is applied over PH58869, NoSuchMethoderror calling getCipherList
PH61803 CMSKeyStore creation may fail for older java version
PH61808 The specified sslAlias =defaultSSLSettings does not exist
Servlet Engine/Web Container PH60242 Add a configurable timeout to webcontainer thread pool operation
Session Initiation Protocol (SIP) Container PH59243 NullPointerException in SIP code
System Management/Repository PH57089 "DataPoweMmgr_inbound_secure" still remains in port setting of the Deployment Manager after 9.0.5.15
Transaction Service PH50987 Incorrect behavior when rollback transaction after timeout
PH57438 WebSphere Application Server hangs indefinitely due to exhausted ORB thread pool caused by misbehaving resource adapter
PH61060 Repair the corrupt tran/partner log entry on systems that do not have the fix for PH56881 already installed
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PH59301 Web services API ServiceFactory.getService() is not validating input data
PH60420 Escaped character in cdata section of a soap request causing xml parsing problems
Web Services Security PH59784 Saml NullPointerException in HttpPostRequestConsumer when no subjectconfirmation element in assertion
PH61504 IBM WebSphere Application Server is vulnerable to identity spoofing (CVE-2024-37532 CVSS 8.8)
WebSphere Common Configuration Model (WCCM) PH58806 Update SAX parser flags in JDT AND EMF
Fix Pack 8.5.5.25
Fix release date: 19 February 2024
Last modified: 19 February 2024
Status: Superseded

Download Fix Pack 8.5.5.25
Component Security APAR APAR Description
Administrative Console (all non-scripting) PH53446 Removal of data power admin commands and related files in the UI
PH55437 WebSphere administrative console displays its own login page after an error when it is protected by a TAI
PH55566 Problems in the console identity panel of the administrative console
PH55702 For some user roles, Federated Repository page shows a blank page
PH56203 The InternalFileRepository text should be a link for users with the admin role
PH57081 Next page button in 'Java Authentication and Authorization Service' page does not work
PH57273 "The output file for the operation is null" message appears when generating system core dumps from Administrative Console
Administrative Scripting Tools (for example: wsadmin or ANT) PH56797 When using aAdminApp.edit() function to run -MapRolesToUsers, an empty string used in place of a role name causes incorrect behavior
Channel Framework PH56229 Timestamp in http_access.log (NCSA access log) is incorrect after upgrade to 9.0.5.16
Edge Components Fixlist Detailed list of APARs for Edge Components
General PH53554 Print proper message when enterprise application level session manager settings are used
PH55104 Update email/utils.py Python script
PH55311 Federated Repositories get API incorrectly returns users based on the defined user search filter criteria
PH55471 Federated Repositories certificate filter does not recognize a plus sign (+) delimiter
PH55523 WebSphere v8.5.5.x Java Batch application fails with J2CA0045E errors after receiving Socket connect timed out error
PH56482 The keys and certificates in WS-Security sample keystores are expired
PH56574 Batch code bug which is causing a lookup failure and subsequent retry(s)
PH56695 Usage metering serviceability improvements
PH56766 WebSphere windows service helper tool (wasservicehelper) logs incorrect command in its report file
PH56805 Update Apache Batik SVG toolkit library to 1.17
PH56806 OAuth provider might fail with an SQL error when retrieving tokens from the token store
PH56866 JAX-WS injects invalid XML in SOAP response for LDAP failure
PH57206 NullPointerException may occur when checking cookie names at EncodeURL()
PH58275 Update axis version in UDDI.ear installable application
PH59054 Upgrade to use ANT version 1.9.16
IBM HTTP Server Fixlist Detailed List of APARs for IBM HTTP Server
Install PH54022 Patch 9.0.5.15 breaks Jython scripts
PH57668 855.24 packaging error may cause JDK iFixes to fail on fixpack upgrade
Intelligent Management Component PH58487 In IPv4/IPv6 dual stack environments, Intelligent Management enabled web servers and On Demand Routers sporadically return 404 or 503 error
Java 2 Connectivity (J2C) PH50702 Handle list code may cause deadlock with older resource adapters
PH51368 Switching the current locks to use synchronized with an object
PH55273 Print PM.toString in FFDC and generate javacore J2CA0045E message
PH55788 When federated node name contain CellManager, install resource adapter failed
PH56962 Application fails with J2CA0045E/J2CA0027E errors after WebSphere Application Server upgrade from 9.0.5.13 to 9.0.5.15
PH57293 WebSphere Application Server can over log DSRA8207I messages when using the Oracle JDBC driver
Migration PH55426 Update the WebSphere Migration Toolkit for Application Binaries to the 23.0.0.2 version
PH57504 Upgrade the migration toolkit in WebSphere Application Server to the latest version
PD tools (for example: Log Analyzer) PH55109 NullPointerException when obtaining JSON output for HPEL logs in LogViewer
PH55179 Large number of FFDC files causing slow down during server startup
Plug-in PH55867 The web server plugin may crash when extended handshake is used
PH55888 The web server plugin reports errors of buffer overflow
PH55990 Improve HTTP 413 error reporting in WebSphere Application Server plugin
PH56263 Plugin startup takes out servers because they were not fully started
PH56386 Topology Plugin generation does not persist all config values
PH56499 A failure to start the WebSphere Plugin does not produce adequate messaging
PH56705 Plugin ANT script does not preserve existing permissions
PH57259 Plugin may overlook SecureHostVerfification under certain conditions of Intelligent Management
PH57339 Plugin generation does not create routing rules after PH48747
PH58250 Define serverIOTimeout > 66000 seconds via ISC
PMI/Performance Tools PH54614 MBean for ActiveCount ORB Thread Pool is incorrect after servant crash
Runtime and Classloader PH52701 NullPointerException occurs at CompoundClassLoader
Scheduler PH55283 Class loader memory leak in WorkManagerDaemonThread
Security PH49777 Incorrect output during ORB connection
PH53800 Provide 4 character cipher support for the WebSphere Application Server daemon using system SSL
PH55146 Customize certificate monitor email alert subject
PH55392 continueAfterTAIError does not behave as expected
PH55723 NullPointerException occurs after change to com.ibm.ISecurityUtilityImpl.PasswordUtil with WebSphere Application Server on IBM i
PH55837 Omit _identityvalue from FFDC
PH57047 The server fails to start up when IBMJCEPlus provider is not configured in java.security file
PH57998 Error detected while opening the certificate database
Session Initiation Protocol (SIP) Container PH55528 StringIndexOutOfBoundsException in WAS SIP container during CANCEL processing - CANCEL not propagated
System Management/Repository PH55165 Running ADMINTASK.VALIDATECONFIGPROPERTIES returns a message with adjustPort property value
PH55755 Include joptions setting -xms256m in iscdeploy.sh script
PH57266 Using WSADMIN with SOAP and wrong password does not return proper message
Transaction Service PH53972 Serviceability enhancement for diagnosing XA protocol violations in certain scenarios
PH56881 NullPointerException during recovery of WS-AT subordinate in WSATRecoveryCoordinator.fromLogData causes recovery to fail
PH58504 Provide mechanism to specify JTA commitPriority of WSCoordinators
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PH55695 Web services application ibmasyncrsp.ear may be flagged by scanners
PH58070 Web services API ServiceFactory.getService() is not validating the input data
Web Services Security PH51485 OIDC TAI: Update JWK cache to associate with discovered OP
PH55042 OIDC TAI does not support Proof Key for Code Exchange
PH55077 OIDC enable introspection to use UserInfo endpoint
PH56076 SAML Web SSO might fail with 'No principal in in Trust Association Result' error
PH56494 SAML recipient is not retrieved if the SubjectConfirmationData element is not the first child
PH57126 SAML importSAMLIdpMetadata wsadmin command might fail with NullPointerException error
PH58024 OIDC getJwtClaimsAsMap API might return null although JWT parameter is valid
z/OS PH55040 Add support for CICS 6.1 in WebsSphere optimized local adapters for WebSphere Application Server traditional
Fix Pack 8.5.5.24
Fix release date: 31 July 2023
Last modified: 31 July 2023
Status: Superseded

Download Fix Pack 8.5.5.24
 Enhancements:
Idea
Description
TWAS-I-104 Display iFix applied in JOBLOG
Fixes:
Component Security APAR APAR Description
Administrative Console (all non-scripting) PH51708 A dollar sign in a JVM generic argument is not processed correctly and the servant.jvm.options file is not updated
PH51816 Removal of extraneous debug messages in the SystemOut logs
PH51822 Admin console displays incorrect string for externalCacheGroup
PH52119 The 'page help' link for the LDAP test query panel is broken
PH52137 The background colour and navigation links are the same colour when using the "my tasks" view
PH52785 IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console (CVE-2023-24966 CVSS 6.1)
PH53159 Deadlock seen in WASResourceSetImpl
PH53830 java.lang.NullPointerException in ServerStateManager.clearState
PH54120 Changes were made to the Eclipse help subsystem (iehs.war)
PH54394 "The report no longer exists" error message in Liberty advisor
PH54585 WebSphere Application Server for z/OS 9.0.5.15 generic JVM arguments not expanded in jvm.options files
Administrative Scripting Tools (for example: wsadmin or ANT) PH52518 RippleStartSingleCluster hangs
PH53011 AdminNodeManagement.syncActiveNodes() takes too much time to complete
DB Connections/ Connection Pooling PH51636 When a data source 4.0 is being used by application with missing password, nullpointerexception is thrown
PH52361 Wrong message key for messages WTRN0006W and WTRN0005W
EJB Container PH54641 NullPointeException in EJSContainer.stopBean after failed application start
Edge Components Fixlist Detailed List of APARs for Edge Components
Federated Repositories PH50114 The security.xml does not get updated for a WAS 8.5.5.21 node during sync process with a WAS 8.5.5.22 DMGR
PH51970 NullPointerException returned when Federated Repository attempts to retrieve the external identifier (getAttributesByExtId)
General PH43374 The nodeagent was not taking action when JVM "crashes"
PH50200 Change the default SSL protocol for the daemon to TLSv1.2
PH50666 OSGI application fails to find bundle dependencies due to partial EBA expansion
PH51371 The optional libraries wsjpatrace.jar file has been removed
PH51496 Update the Apache Commons-Net library in the IBM Support Assistant Data Collector Tool to version 3.9.0
PH51819 Update commons net to version 3.9.0 in CIM
PH52000 backupConfig.sh fails with FileNotFoundException at service level 9.0.5.10
PH52313 Memory leak in JAXRS vector
PH52796 NullPointerExceptions seen in servant region for gridcontainer
PH53138 Add debug to help diagnose problem when getting workspace is not valid error
PH53142 Update commons-fileUpload.jar used in struts
PH53252 IBM WebSphere Application Server is vulnerable to an XML External Entity (XXE) Injection vulnerability (CVE-2023-27554 CVSS 6.3)
PH53389 Update the Apache commons-net library in the WebSphere Customization Toolbox to version 3.9.0
PH53520 Serviceability improvement to aid in debugging CWLRB5841E DB2 SQL Error: SQLCODE=-433, SQLSTATE=22001
PH53549 Update commons BeanUtils to include latest bug fixes
PH53663 Update xml bcel library
PH54161 A CWWIM001E error can be encountered on various code paths
PH54204 Segmentation fault in the WebServer plugin
PH54588 Update Apache commons-codec to v1.15 for usage metering
PH55213 WebSphere plugin HostVerificationStartupCheck problems with Liberty servers configured with TCPOption WaitToAccept="true"
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
Install PH54022 Patch 9.0.5.15 breaks Jython script lib import
Intelligent Management Component PH51240 Health management custom restart actions may not complete successfully
PH54204 Segfault with ODRLib on Apache when there is null server property
Java 2 Connectivity (J2C) PH41002 Improve DSconfig helper tracing
PH47898 Better handling of connection error events on free connections
PH50820 Adding warning messages for RAR properties that are being removed
PH51313 Print connection leak info in FFDC when J2CA0045E
PH51644 Miss thread id and not reported as suspected leak
PH51659 IndexOutOfBoundsException can occur during a resource outage
Java Message Service (JMS) PH51470 Elapsed time of request in the NCSA access log could be a negative value
PH51814 Update the IBM WebSphere MQ JCA resource adapter to version 7.1.0.9-p710ra-09-IT42099
PH52074 Validate HTTP header names
PH52167 HTTP channel custom property DoNotAllowDuplicateSetCookies=true is not preventing multiple Set-Cookie headers from being created
JavaServer Pages (JSP) PH53463 Upgrade to commons-BeanUtils v1.9.4
JNDI/Naming PH52245 Error message needs to be more clear
Migration PH52734 Enable the binary scanner to generate a trace file from the wsadmin AdminTask CreateMigrationReport command
PH53676 Update the Migration Toolkit in WebSphere Application Server to the latest version
MQ IT36647 Enable allow lists for the IBM MQ JMS deserialization code
IT39802 MQ-Java/JMS application appears to hang when connecting to a non-responsive queue manager
IT39919 MQ resource adapter logs large MQJCA4023 messages if an activation specification fails to connect to a queue manager
IT40433 MQ FIPS enabled connections fail to connect with MQRC 2538 after a WAS 8.5 JRE update
IT40776 NullPointerException observed when a security exit is being called concurrently on multiple threads
Object Request Broker (ORB) PH50123 Excessive consumption of subpool228 key 2 common storage
PD tools (for example: Log Analyzer) PH53925 The collector tool output jar contains redundant template files from the profiles config directory, that is not needed
PH53926 The collector tool does not collect the security domain config files
PH53928 SystemCore diagnostic plan action does not work on z/OS
PH54093 Collector tool fails with NullPointerException
Plug-in PH47848 Preconditioning code for new functions
PH48747 IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to spoofing when using Web Server Plug-ins (CVE-2022-39161 CVSS 4.8)
PH52853 Plugin piped logging missing end of line carriage return character on Windows operating systems
PH53629 Plugin does not allow for content body larger than 1386820698 in WAS V8.5.5
PH53838 WebSphere Plugin Configuration fails on AIX if bash is not available
PH54077 Plugin propagation does not wait long enough for node synchronization in some cases
PH54363 When running the Plugin Configuration Tool, an ANT script will incorrectly leave a c:\program file
PH54601 Crash in detailedLog function of web server plugin
PH54768 Plug-in serverIOTimeout value is used in the SSL handshake during connection creation
PH55238 WebServer startup delays with HostVerificationStartupCheck=true
PMI/Performance Tools PH35234 High CPU issue when the web uri PMI URL is enabled
PH54141 No warning message about the performance impact after selecting the "all" performance monitoring infrastructure statistic set
Runtime (zSeries®) PH53682 Log information about installed ifixes and apars at server startup
Runtime and Classloader PH51481 Errors reading configuration files contain insufficient detail
PH54218 Get jar placed into both the ear and war class loader
Security PH51421 Add parameter to genAndReplaceCertificates
PH51611 enablePasswordEncryption wsadmin AdminTask operation fails with CWPKI0773E on IBM i
PH51918 After upgrading to 9.0.5.14 the server does not start with SSL errors to LDAP
PH52363 After server has been running for a few hours, SpnegoTokenHelper API may fail due to the lack of Kerberos credential
PH52832 A subject is created with incorrect principal name when a request comes from a foreign trusted realm
PH53049 Changing to use the JDK java.policy file
PH53333 EnablePasswordEncryption command fails with CWPKI0773E
PH53876 Standalone LDAP uses the wrong SSL configuration
PH54406 IBM WebSphere Application Server could provide weaker than expected security (CVE-2023-35890 CVSS 5.1)
Servlet Engine/Web Container PH50863 IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to a denial of service due to Apache Commons FileUpload (CVE-2023-24998 CVSS 7.5)
Session Initiation Protocol (SIP) Container PH52502 Parsing bad SIP requests/responses can lead to high CPU
PH53665 SIPContainer forwards retransmitted ACK when allow.lower.cseq.in.ack is set to true
System Management/Repository PH53103 The message of IBMJGSSPROVIDER is shown when startServer or stopServer command is executed on Windows platform
PH53199 Misleading error message in stopServer.log when client try to stop a server that is already stopped
PH53332 Improve error when the server registered as Windows service and the service fail to start
PH54438 Running admintask.validateConfigProperties returns ADMG0811I: changing value for this property ****. new value
PH54615 Unstoppable server is not killed by node agent
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PH52638 NoClassDefFoundError on javax.ws.rs.WebApplicationException
Web Services Security PH51700 importSAMLIdpMetadata should not emit sso_1.idp_1.EntityID
PH51712 AdminRask.deleteSAMLIAISSO does not delete the signing certificate
PH51805 AdminTask.importSAMLIdpMetadata emits SECJ8043E when idp exists anywhere
PH52459 OIDC emits a CWTAI2086E error when a JWT is signed with a PS256 key
PH52683 OIDC: an NullPointerException can occur when evaluating a filter value
PI56836 Update JAX-WS WS-Security to allow customization of canonicalization algorithm
WebSphere Common Configuration Model (WCCM) PH47492 NullPointerException from org.eclipse.jem.util.RegistryReader.readRegistry during application update in RegistryReader
PH52005 This apar is to add a cache in EMF of the SAXParserFactory
PH54323 Update ICU4J time zone database to 2023a
z/OS PH50140 WebSphere 9.0.5.11 BB0A8000I: The current CICS level 0506 is not supported after CICS is upgraded to V5.6
Fix Pack 8.5.5.23
Fix release date: 13 February 2023
Last modified: 13 February 2023
Status: Superseded

Download Fix Pack 8.5.5.23
 Enhancements:
Idea
Description
TWAS-I-289 Allow shell identity to be used for authentication of addnode.sh and syncnode.sh on z/OS
ZMFA-I-21 Allow syncNode.sh to work with IBM's MFA for z/OS
Fixes:
Component Security APAR APAR Description
Administrative Console (all non-scripting) PH39232 A dollar sign in -xdump is not processed correctly and servant.jvm.options file is not updated
PH47531 IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console (CVE-2022-34336 CVSS 5.4)
PH50116 IBM WebSphere Application Server is vulnerable to Cross-site Scripting (CVE-2022-22477 CVSS 6.1)
PH50486 A dollar sign in -xtrace is not processed correctly and servant.jvm.options file is not updated
PH50841 The ability to administer Datapower appliances has been removed from the WebSphere Application Server administrative console
Administrative Scripting Tools (for example: wsadmin or ANT) PH49149 Unnecessary information printed in WSAdmin trace
Dynamic Cache PH47936 Inactivity timeout value larger than 2147483 seconds causes immediate cache invalidation
Edge Components Fixlist Detailed List of APARs for Edge Components
EJB Container PH50062 Message-driven bean (MDB) class java heap leak on application start/stop
EJBDeploy (WSAD) PH50465 Remove the Apache axis 1.4 from EJBDeploy tool
PH50478 The heap size for the EJBDeploy tool is not enough
Federated Repositories PH47025 File repository account lockout policy can delay expiring failed logins
PH49752 Setting custom property com.IBM.WebSphere.security.ldap.groupBaseDN results in login failure
PH49768 Adding cache to urbridge in federated repositories
PH49910 CWWIM1999E IllegalArgumentException: class group does not have a feature named password
PH49932 Urbridge removes uniqueID from personAccount and group dataObjects
General PH37481 Leaked connections in com.ibm.ws.batch.schedulerStoreFactory
PH44317 Add log message to notify the user that the syncnode command failed due to missing key and trust files
PH47365 Improve message when addNode fails due to disabling non-SSL port in WebSphere
PH47715 WebSphere service crash in ntdll.dll
PH47827 NullPointerException during batch job execution
PH48009 Security hardening: Apache commons collections
PH48612 Register deployment manager with WebSphere Automation
PH48883 Add AdminTask commands to the migration command group to support running a Transformation Advisor (TA) data collection
PH49381 OAuth TAI: Add regression expressions and logical OR to filter property
PH49382 SAML Web inbound: Add regular expressions and logical OR to filter property
PH49655 IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console (CVE-2022-40750 CVSS 5.4)
PH49790 Application ajaxproxy.war does not accept HTTP requests
PH49914 Update Apache batik svg toolkit library to 1.16
PH50353 Usage metering not handling multiple SSL protocol
PH50986 Update python scripts in Jython 2.1
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
Install PH50616 Visual studio redistributable runtime 32-bit is installed as a prerequisite step starting in IHS 8.5.5.23
Intelligent Management Component PH49275 Update jansson from version 2.0.1 to 2.14
Java 2 Connectivity (J2C) PH44986 Warnings emitted by DB2 driver for unknown Kerberos properties
Java Management Extensions (JMX) or JMX Client API PH38127 Update information returned from SOAP response
Java Message Service (JMS) PH46816 IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to HTTP header injection (CVE-2022-34165 CVSS 5.4)
PH48467 Java/lang/arrayindexOutOfBoundsException when PurgeDataDuringClose=true is set
PH49305 Multiple values in request header "x-forwarded-for" not logged
Java Persistence API (JPA) PH41746 OpenJPA IllegalArgumentException setting persistence properties on entityManagers
Migration PH48997 Migration process from V8 to V9 does not migrate configuration files: extensionRegistry.properties sip_dar.properties
PH51206 Update the WebSphere migration toolkit for application binaries to the 22.0.0.7 version
Plug-in PH46638 Server markdown and retry when 505 is received instead of 100-continue
PH46938 IBM WebSphere Application Server WebServer plugin may not forward request
PH47314 Plugin error: loadSecurityLibrary(<number>): skitlib 0x<hex value> but rc=<num>
PH48383 Plugin should not crash if WebSphere returns null DWLM information and caused IBM HTTP Server crashed
PMI/Performance Tools PH43914 PMI asyncContext response time cannot be set
PH45048 WSThreadPoolStats appear to be missing the relevant static variable id for percentage used
Runtime and Classloader PH43152 Runtime module code does not have the necessary thread context protection
PH46573 Add full headers to error-stream logs
Security PH41442 Provide TLSv1.3 protocol support for daemon system SSL
PH41795 Update in the SSL ciphers (z/OS only)
PH44422 LDAP connection retries take long time
PH46257 Change WebSphere to use the IBMjceplusfips provider when FIPS is enabled
PH47302 SecurityObjectLocator#getSecurityConfig() returns null when run in local mode
PH47643 Error creating client_auth_token during shutdown
PH48140 Renewing was generated personal certificate not reflected by soap port connection
PH48145 WebSphere formLogout does not invoke TAI logouts
PH48637 SSL configuration built from JVM properties not taking FIPS into account when filling in SSL protocol
PH49180 Provide an option to handle ICH31005I from z/OS LDAP as an empty result
PH49360 Improve error handling in WSAdmin scenario
PH49497 Retrieve from port not honoring SSL protocol
PH49944 ReceiveCertificate command fails when the response file does not contain a complete chain
PH50256 Server AES password encryption fails to initialize when client properties file is not found
PH50799 Issues an informative error in the logs when the key manager fails to initialize
PH51280 JVM process not starting after customizing / modifying the cipher list
System Management/Repository PH48128 The syncnode.sh command fails on z/OS with zmfa s one-time use password
PH48526 FFDC for InstanceNotFoundException gets created at start or stop of an application
PH49746 SetAutoAccept flag should not be set during fileTransfer
Transaction Service PH47385 IBM WebSphere Application Server is vulnerable to Server-Side Request Forgery (CVE-2022-35282 CVSS 4.3)
PH47514 IIOP request should be prohibited if the transaction context has already timed out in a subordinate
PH48393 Incorrect locking in transaction sevice PartnerLogTable subclass
PH49974 WS-Transactions initialization failure when javax.xml.rpc.serviceFactory system property specified
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PH46878 Allow ServiceDescription object to be kept in cache for future use
PH49111 IBM WebSphere Application Server is vulnerable to SOAPAction spoofing (CVE-2022-38712 CVSS 5.9)
PH50431 Admin ThinClient support for WDT
PH50618 Remove soap-sec_app22.war as it is very old and not used anymore
Web Services Security PH36335 OIDC TAI cannot process encrypted JWT (JWE) or id tokens
PH45297 OIDC: Introspection requests might fail after access token is refreshed
PH45740 OIDC setting signatureAlgorithm to none results in error
PH46324 OIDC: CWTAI2047E error occurs when no kid claim in the JWT header
PH46408 OIDC: GetValidAccessToken might fail with IllegalArgumentException
PH47272 OIDC: Dynamically choose sigature algorithm instead of requiring a fixed value
PH47461 SAML: Add was_default to userealm property to mean the default realm name instead of requiring a fixed value
PH47482 OIDC: Add was_default to userealm property to mean the default realm name instead of requiring a fixed value
PH47550 SAML: add usejavascript property to replace redirecttoidponserverside for better understanding
PH48083 Update the OIDC RP to logout from an op with RP-initiated logout
PH49279 OIDC: Add regex and logical or support to filter property
PH49373 SAML: Add regular expressions and logical OR support to filter property
PH49566 OIDC: CWTAI2047E when more than one key without alg claim in JWK
WebSphere Common Configuration Model (WCCM) PH46154 Blocked threads in com/IBM/ws/bo/boExtendedMetadata.containsPackage under heavy load
Fix Pack 8.5.5.22
Fix release date: 25 July 2022
Last modified: 25 July 2022
Status: Superseded

Download Fix Pack 8.5.5.22
Component Security APAR APAR Description
Administrative Console (all non-scripting) PH38069 JDWP configuration does not allow an IP address, only a port number
PH42423 A ChainEndpointFilter is set for ORB transport chains page
PH43148 IBM WebSphere Application Server is vulnerable to remote code execution due to Dojo (CVE-2021-23450 CVSS 9.8)
PH43252 Mapping policy sets can take a long time
PH45303 Changes in admin console cookies to meet RFC 6265 compliance
PH45449 PatternSyntaxException occurs when editing the host name include list for tcp inbound channels
PH46332 IBM WebSphere Application Server is vulnerable to Cross-site Scripting  (CVE-2022-22477 CVSS 6.1)
PH46342 IBM WebSphere Application Server is vulnerable to an information disclosure (CVE-2022-22473 CVSS 3.7)
Default Messaging Component PH45134 CWSIJ0047E thrown after connection to messaging engine is replaced
Dynamic Cache PH43733 Distributedmap.remove() results in npe when replication configuration is incorrect
Enterprise Edition (EE) PH46247 When a standard WebSphere Application Server jar file is added to the classpath, the deserialization fails with an exception
Federated Repositories PH42406 Support account lockout policy for the file repository
PH42735 Hang occurs when AttributeRangeStep value is set larger than recommended
PH42990 Improve logging of JNDI_call search trace to include the referral setting
PH44204 Nested group members are not correctly found after setting ApplyEntityTypeSearchFilterForGrouMmembership custom property
PH46082 Add warning message when failed login delay is disabled
General PH30118 OIDC TAI: Discovery endpoint may be invoked multiple times
PH36899 Improvements to WSGRID takeover
PH37642 GetJobDetails api output missing fields
PH39030 WebSphere batch job dispatch can timeout under load
PH39881 File repository user able to login after failed user account creation on managed node
PH40124 The lDAPLoginGroupFilter setting is not honored when a group searches for a group
PH41012 WCT should be updated to clarify the default of "generate ca certificate" creates a self-signed certificate chain
PH42973 Update messages in federated repositories
PH43324 ClassNotFoundException when running the managesdk.bat command on the Windows operating system
PH43334 Incorrect struts action parameter processing for uddi.ear
PH43383 WebSphere Application Server start failed by deadlock between the server.startup thread
PH43825 Support urlencoded string in the SSL certificate
PH43960 Java.lang.classformaterror: jvmcfre106 duplicate method; class=a/b/c/_ejsremote0slasbcbean_cab9549d_tie, offset=51525 reports
PH44339 IBM WebSphere Application Server is vulnerable to Spoofing (CVE-2022-22365 CVSS 5.6)
PH44467 OIDC TAI: filter requests based on the iss claim in the JWT
PH44692 OIDC: add methods to the OIDCClientHelper api to verify JWTS
PH45044 OIDC RP add ability to turn off revoke endpoint
PH45453 PCT response file has invalid paths
PH45586 Update the WebSphere migration toolkit for application binaries to the 22.0.0.1 version
PH45704 0C4 abend in IIOP connection closing code
PH46163 Enhance parser of was-usage-metering.properties
PH46423 File repository account lockout not ignored on versions 8.0 and lower
PH46743 Update the WebSphere migration toolkit for application binaries to the 22.0.0.3 version
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
Install PH32486 Applications button of Suse GUI is not displayed after install
PH44554 AppClient fix pack update fails with: CRIMA1077E error: file /opt/IBM/WebSphere/appclient/bin/sdk/_setupDefaultSDK.sh not found
Intelligent Management Component PH40496 Deadlock in APC APCXDCpuUtilizationBasedPredictor during startup
PH44199 ODCTreeImpl E ODCF0002E: Exception: the string ""--"" is not permitted within comments
PH44203 Middleware servers display issue when filter function is used in conjunction with non-default value for maximum rows preference
PH45943 Changing node maintenance mode state fails and hung thread warnings (WSVR0605W) are observed in systemout.log
PH46914 Routing rules fail with underscore names
Java 2 Connectivity (J2C) PH36595 Connection wait timeout is accounted twice
PH39586 Adapter code reports java.sql.SQLException: unsupported feature for the optional method when the JDBC driver does not implement the methods
PH44437 Work manager code requires synchronization of unprotected boolean value
PH44499 Oracle UCP connection pool cleanup during connection testing
PH44801 NullPointerException is thrown during start after upgrading to 8.5.5.21
Java Message Service (JMS) PH37169 NullPointerException when WMQ_JMS_CLIENT_DETAILS tag is missing in OSGI bundle
PH41928 503 received when server is stopping, not able to retry request
PH45838 Issue in control region with handling connection with async read outstanding
Java SDK PH43113 Java.lang.ClassNotFoundException for SecureSerializedViewCollection during session persistence
Messaging Providers PH41825 Message remains locked
Migration PH24791 Document allowSameRelease option for WASPostUpgrade
PD tools (for example: Log Analyzer) PH44209 Additional diagnostic data needed for tWAS
PH41439 FFDC generating javax.xml.parsers.FactoryConfigurationError: provider
PH42911 Issue in the PMI prometheusresource class
PH43845 Collector tool does not correctly output information in the os/system file on Windows platforms
PH44134 Collector tool does not include the profile file listing and permissions, if it exists outside of installation root directory
PH45926 WebSphere control region abend: NoClassDefFoundError (c9c21235)
Plug-in PH43382 Plugin propagation occurs even though it s set to manual
PH44327 Plugin can see an increase in file descriptors when the plugin reloads the xml file
PH45148 Adding custom properties to plugin-config.xsd file
Portlet Container Environment PH44227 Illegalstateexception occurs during portlet event processing within portlet container's cacheHelper class
Runtime and Classloader PH39981 JVM mbean dumpthreads() can create heap or system core dumps
PH42899 Block classes with known vulnerabilities from being loaded by the application and library class loaders
PH45954 Remove WMIC from clearClassCache.bat
Security PH37362 At admin console, JAAS - System Logins > Web Inbound, "Set Order" button can cause security.xml corruption
PH39883 The user "unauthenticated" (in lower case) asserted by Trust Association Interceptor (TAI) is no longer authenticated
PH40544 LTPA token expiration message (SECJ0371W) was intermittently thrown with the old expiraton time in year 1970
PH41020 CSR fails validation due to extra lines RFC822 name = user@domain
PH42057 Error when disabling custom password encryption
PH42162 Chained certificate creation fails with "signer SKI format must match signed AKI format" error
PH42887 Kerberos error message after upgrading to 8.5.5.20 and 9.0.5.8
PH43573 WebSphere Application Server 8.5.5.20 may use a default cipher list during handshaking
PH43950 Setting sslEnabled on customRegistry results in ClassCastException
PH44197 Make IBMjceplus provider available in the java provider list
PH44602 NullPointerException in WebSphere socket factory in 8.5.5.21 and 9.0.5.11
PH45080 Issue an error when certificate request file path contains spaces
PH45124 Add the WebSphere disabled algorithms to the configuration during profile creation
PH45406 The addnode operation fails during creation of a chained certificate due to java.lang.NumberFormatException
PH45670 NullPointerException in socket factory in 8.5.5.21 and 9.0.5.11
PH45688 Changing the WebSphere default protocol to TLS v1.3,TLS v1.2
PH45689 LoginModules can no longer be created unless the loginModule class is in the classpath
PH46142 QoP settings page doesn t work for daemon SSL config
PH46566 TLS v1.3 failback for thin client
PH46993 Add constrained delegation support to spnego function
System Management/Repository PH43697 Non-planned task clean up causes a FFDC
PH44845 The message of IBMJGSSProvider is shown when startserver or stopserver command is executed
Transaction Service PH44495 Thread hang in transactionImpl.ResumeAssociation due to race condition when a transaction is used across multiple threads
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PH44071 Incorrect error handling in UDDI GUI application
Web Services Security PH43722 SAML sso may emit CWWSS5601E NullPointerException error when decrypting encrypted assertions
Fix Pack 8.5.5.21
Fix release date: 21 February 2022
Last modified: 21 February 2022
Status: Superseded

Download Fix Pack 8.5.5.21
Component Security APAR APAR Description
Administrative Console (all non-scripting) PH36476 Console security tightening
PH38485 Unable to configure logging parameters on the admin console
PH39747 Domino webserver definitions cannot be changed in the console
PH39939 Default trust store name in the SSL configuration panel is incorrect
PH39949 Confusing wording in adminconsole around application startup
Administrative Scripting Tools (for example: wsadmin or ANT) PH36027 Improve message when renameNode is run against an unmanaged node
Default Messaging Component PH31734 Admin console reports incorrect messaging queue information
EJB Container PH28694 EJB method names that differ only in capitalization may result in org.omg.corba.bad_operation
PH36416 EJB Singleton Bean possible deadlock during lifecycle methods
Federated Repositories PH30775 NullPointerException is thrown when creating a property extension (lookaside) repository
PH38929 WebSphere Application Server is vulnerable to Information Disclosure (CVE-2021-29842 CVSS 3.7)
General IJ02960 Poison messages are discarded by MQ classes for JMS after failing to send to the backout queue
IT22127 Java client hang when queue manager is quiescing as new connection attempts are made.
IT24521 Activation Specifications that consume request messages without an MQRFH2 results in reply messages omitting an MQRFH2
IT24751 JMS messages delivered to a configured backout queue instead of an MDB can have a missing group id value
IT24782 WebSphere MQ classes for JMS generate FFDC containing probe ID JO136001 when the queue manager they are using stops
IT26482 MQ classes for JMS incorrectly require "get" authority on the target cluster queue for an alias queue
IT31238 MQ classes for Java application cannot get NameValueData from RFH2 when using CCSID 1200 with little endian encoding
IT32725 Add ability to use newer CipherSuites with the MQ-RA 7.1 for use within the WAS 8.5 environment
IT36699 Extend the fix IT32725 to include the use of CCDTs
IT38158 Connection handle leak when a MQ-JMS application security exit reports an error
IV93924 Clarify error reported on JMSObjectMessage.toString() when object not in allowlist
IV99246 A MQ Java send exit is only invoked for the last TSH packet sent over TCP/IP when sending a message larger than 32KB
PH35789 Same fix as PI78935 but for transaction commit processing
PH35225 Improve handling of cancel notifications in compute grid
PH35226 Making log part rotation configurable based on file size or number of lines in compute grid
PH36354 Deadlock in logging code
PH37038 Charset="utf8" fails with UnsupportedEncodingException in Wink JAXWS
PH37590 Invalid bundle-version in derby
PH38967 BufferOverflowException causes activation specs to stop
PH39085 Processing Base64 encoded data using JAXB can cause a loop
PH39123 HTTP sessions should not be using DRS thread pool
PH39373 WebSphere Windows service fails when the hostname contains the word "test"
PH39398 SESN8558E message giving wrong error details
PH40345 Update the websphere migration toolkit for application binaries to the 21.0.0.3 version
PH41336 WSGrid job submission may fail after APAR PH35447
PH41889 Current javamail com.ibm.ws.prereq.javamail.jar does not work with TLS1.2
PH42093 Update the WebSphere migration toolkit for application binaries to the 21.0.0.4 version
PH42762
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
Intelligent Management Component PH37071 Certificate monitor fails on secondary dmgr in HADmgr configuration
PH37335 Multiple IM enabled web server definitions with the same shortname may overwrite active routing rules definitions
PH37897 Application Edition Management feature fails to clean up admin sessions
PH37919 Launch command for assisted life-cycle middleware servers runs with umask 042 rather than 022 and is not configurable
PH39180 Exception: java.lang.NullPointerException at com.ibm.ws.odc.nd.ODCTreeImpl.commitTransaction(ODCTreeImpl.java:1047)
PH40934 Provide option for Application Edition Manager deploy to not start another server if only 1 is running
PH42111 ODR Lib Excess debug memory consumption
Java 2 Connectivity (J2C) PH31827 A reduction of connection leak logic information was introduced to help decrease the size of the stack information logged
PH34972 Invalid properties in the ra.xml causes websphere v8.5.5.x resource adapter update to fail
PH35564 Add support for encoding the passwords inside of the customer datasource property "ConnectionProperties"
PH38667 Allow container managed behavior for direct lookups
PH39960 J2CA0081E caught exception:java.lang.nullpointerexception occurs when stopping the server
PH40106 WMQ activation specification uses incorrect classpath for xa recovery when resource adapter native library path specified
PH41279 CMPConnectorFactory is removed unexpectedly when deleting JDBC provider from a server template
Java Message Service (JMS) PH27943 Add extra information to CWSIS1577E and CWSIS1578E error messages
PH41078 Issue in control region with handling connection with async write outstanding
PH42628 Update the IBM WebSphere MQ JCA resource adapter to version 7.1.0.9-k710-09-it38826
JSP PH35599 Out of memory in jspbatchcompiler.sh
PH39923 NullPointerException in jspbatchcompiler.sh
Messaging Providers PH41504 AppServers go into retry cycle with error message "exception caught increasing range of unique key generator!"
Migration PH36102 MIGR0285E: an unexpected internal error occurred with exception java.io.eofexception: unexpected end of zlib input stream error
PH36493 WASPostUpgrade fails with NullPointerException processing domain-security.xml configuration file
PH36935 WASPreUpgrade - the "plugins" directory was not in the list of was_install_root protected directories
PH37617 Nullpointerexception occurs when processing a virtualhosts.xml that contains a mimeType entry with no type specified
PH39025 Remote migration jar WASPreUpgrade on RHEL8 prints (Ootpa): integer expression expected
PH39100 WASPostUpgrade from 7.0 to 9.0 fails with ArrayIndexOutOfBoundsException
PD tools (for example: Log Analyzer) PH38053 Add new server scrape duration metric for prometheus metrics endpoint
PH39243 Add ISO-8601 date option for systemout/err.log files
Plug-in PH37891 Plugin error message repeatedly logged - "error: ws_transport: address_as_string: unknown family 4098"
PH38203 Unix pluginCfgMerge lacks was.install.root which causes WVER0001E
PH38773 Add propagateKeyring option to httpPluginManagement.py
PH40758 Crash shortly after startup with intelligent management enabled
PH41412 99SPluginsBootStrapIIS8.ant may fail if path contains a space
PMI/Performance Tools PH40246 More prometheus endpoint enhancements
Programming Model Extensions (PME)
PH41676 WebSphere Application Server is vulnerable to a Denial of Service (CVE-2021-38951 CVSS 7.5)
Runtime and Classloader PH37476 In AIX and Linux, lastmodified() timestamp is not detailed to millisecond
PH37493 osgi.configuration.area.readonly=true not taking affect for servant region
PH39733 Provide a switch to disable javacores for unexpected shutdowns
PH40676 Allow Websphere Application Server to return jar urls rather than wsjar
PH42759 Block class loads for vulnerable classes
PH42899 Block classes with known vulnerabilities from being loaded by the application and library class loaders
Security PH34539 Running addnode could cause the ssl configuration to change and reset the soap connection
PH34690 Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2021-29736 CVSS 5.0)
PH36184 LDAP certificate filter does not recognize a plus sign + delimiter
PH36593 Provide an option to turn off hostname information for audit function
PH36842 Support for a customized list of SSL protocols
PH36934 CWSCF0002I: Flooding the logs
PH37067 CWPKI0045E correction
PH37447 Profile creation fails when the domain name starts with a digit
PH37462 javax.net.ssl.keystore, javax.net.ssl.truststore properties are not honored
PH37483 With application security enabled, 500 is returned when http request has more reference to the parents/upper directory
PH37872 LTPA token getting refreshed using the custom cacheKey instead having to relogin
PH38493 Remove unnecessary manual garbage collecting in security code
PH38655 EJB Thin client jars not recognising TLSV1.3 protocol
PH39176 com.ibm.websphere.tls.disabledAlgorithms property is not honored in a certain Java thin client scenario
PH39568 StopServer and serverStatus fails to work after upgrading to 9.0.5.8 and 8.5.5.20
PH39917 Unable to retrieve group in a custom standalone user registry implementation
PH40186 Replace certificate function did not replace certificate alias name
PH40437 ClassCastException in webcollaborator in 9.0.5.8
PH40829 Websphere Application Server tries to invoke TLS1.3 and fails even though it is not the default protocol
PH41313 Provide an option to include application name in the terse audit function
System Management/Repository PH30748 Error creating client_auth_token during shutdown
PH38349 ADMU3029I: conflict detected on port 9999 for endpoint JSR160RMI_connector_address of the server server1
PI92142 ADMU3011E unable to start a web server using startserver command
Transaction Service PH27371 Adding support for Kerberos keytab and ccache during XA recovery
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PH35078 Soap response message is not valid, but Websphere parsing should not fail it with NullPointerException
PH38944 "Error case - primContains() found null zipfile " error may be seen in dmgr log when installing an application
PH42728 Vulnerability in Apache Log4j affects  WebSphere Application Server (CVE-2021-44228 CVSS 10)
Web Services Security PH35481 OIDC APIs may not find idToken token on runAs subject
PH39666 OIDC RP initial login may fail when OIDC stateID name contains special characters
PH39847 OIDC RP: entry is never removed from cache when initial login is via introspection
PH40532 OIDC TAI might not remove OAuth access token cache entries
PH40533 OIDC TAI might encounter a thread hang when sessions are removed from the local cache
WebSphere Common Configuration Model (WCCM) PH38310 Xml parser does not recognize the setting which disables processing of docType
Workload Management (WLM) PH29620 Cluster ripple stops processing cluster members when a members nodeagent is down
Fix Pack 8.5.5.20
Fix release date: 26 July 2021
Last modified: 26 July 2021
Status: Superseded

Download Fix Pack 8.5.5.20
Component Security APAR APAR Description
Administrative Console (all non-scripting) PH29429 Admin console not working correctly in some cases with fine grained security
PH31184 Fixes/enhancements for PH31613
PH32886 Incorrect variable definition leads to failure in transformer script
PH33656 Wsadmin Jython command does not change status of scheduler JNDI name
PH33754 The ok button of login configuration page for Java Authentication and Authorization (JAAS) not working consistently
PH33795 Default scope should not affect virtualhosts.xml. there is only one scope for virutalhosts
PH34318 Extra character at the top of managing repository page
PH35829 Not able to move a target of a SIP application router to another SIP application router through the administrative console
Default Messaging Component PH29166 Message engine deadlock problem
PH31182 Loop when trying to delete the first message in the queue
Dynamic Cache PH31693 Programmatically created object cache instances cannot be configured for replication
PH35811 com.ibm.ws.cache.cacheConfig.BatchUpdateMilliseconds does not affect the batch update daemon on recv side
EJB Container PH33683 EJB timer service does not adjust based on daylight savings time adjustment
PH33994 Server-side Request Forgery (SSRF) in WebSphere Application Server (CVE-2021-20480 CVSS 4.3)    
EJBDeploy (WSAD) PH36122 Remove unnecessary was.product file from EJBDeploy tool
Enterprise Edition (EE) PH36441 Fix deserialization issue for lists when jaxb.fp.fallback.for.typed.arrays is enabled
Federated Repositories PH33842 CWWIM5107E error message seen reporting a failure against a webserver node
General PH21496 CWSAH0009E: An internal error occurred
PH31150 NullPointerException during getSession when request contains a session ID with invalid length
PH31454 Remove jackson-databind from SCA
PH31840 Moveable DMGR fails to create VIPARANGE DVIPA on second LPAR
PH32163 Deadlock condition in memory session and logging console handler
PH32352 Print trace points if cookies or url rewriting is enabled
PH32501 Print trace points if session shared between webmodules
PH32561 Print a message saying that the custom property is needed if the length of the JSESSIONID cookie is greater than 23 chars
PH32868 Exported ear file does not include latest application files
PH33299 WebSphere Application Server windows service continues to run when WebSphere ends unexpectedly
PH33368 CWSIK0901E: An internal messaging error
PH33596 The WebSphere windows service should not use startserver.log for its logfile
PH33648 Directory Traversal vulnerability in WebSphere Application Server (CVE-2021-20354 CVSS 5.9)
PH34067 XML External Entity (XXE) Injection vulnerability in WebSphere Application Server (CVE-2021-20453 CVSS 8.2)
PH34122 Vulnerability in Dojo affects WebSphere Application Server (CVE-2020-5258 CVSS Score 7.5)
PH34424 Update Apache httpClient to 4.5.13 for usage metering
PH34501 Multiple Vulnerabilities in Apache HttpComponents and HttpCommons affect WebSphere Application Server
PH34906 XML External Entity Injection (XXE) in WebSphere Application Server Java Batch (CVE-2021-20492 CVSS 6.5)
PH34944 Multiple Vulnerabilities in Apache HttpComponents and HttpCommons affect WebSphere Application Server
PH35134 Prevent calls to remote EJB during read/write external
PH35447 Property to enable preference to use local connection between compute grid scheduler and endpoint servers
PH35767 Update the migration toolkit in WAS to the latest version
PH35877 Session activeCount shows a negative value
PH36236 Compile error returns com.ibm.ws.exception.WsNestedException is unknown
PH36253 Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2021-29754 CVSS 4.2)
PH37034 Update the version of log4j contained in the installable UDDI.ear application
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
IBM i PH35467 QSVTP24 service program not updated by fix pack if ownership incorrect
Install PH33568 WebSphere Application Server 9.0.5.6 does not support the 64-bit version of Installation Manager 1.9.1.4 for HPUX
PH34646 64-bit Installation Manager on z/OS generates warning messages
PH36085 Repeating update and rollback between 8.5.0.0 and 8.5.5.19 fails
Intelligent Management Component PH31531 ArrayIndexOutOfBoundsException in ODR vector operation    
PH32919 ODC does not carry url-patterns associated with filter-mapping definitions held in module level web-inf/web.xml files resulting in 404 responses    
PH33164 SWF type files in XD code after end of life for flash player    
PH34475 Intelligent Management enabled web servers and On Demand Routers (ODR) return 404 error codes for requests that could be served by the mapped applications default servlet    
PH34977 Intelligent Management enabled plugin attempts too many retries when application with session affinity returns 503
PH35058 Unable to configure Java SDKs from console for ODR servers
PH35098   Directory Traversal vulnerability in WebSphere Application Server ND (CVE-2021-20517 CVSS 6.4)
PH35997 After upgrade to 9.0.5.7 static content which was previously being served by IHS was returning 404 error codes 
PH36124 WASX7017E: Exception received while running file "dumpimpstate.py"    
PH36840 Dmgr fails to start, with msg DCUT0003E: 32 bit native library    
PH37099 Prevent high CPU resulting from concurrent server-status access
Java 2 Connectivity (J2C) PH31288 J2CA0045E Tolerating the connection error occurred event during the matchManagedConnention
PH32187 Receiving J2CA0646E error when updating MQ resource adapter
PH33941 Deadlock issue when close JMS connection
PH34294 Datasource url property syntax validation does not allow new format in admin console
PH35899 java.security.unrecoverableKeyException after upgrading to WebSphere v8.5.5.19
PH36295 Attempt to fix J2Cmodule PMI object memory leak
Java Management Extensions (JMX) or JMX Client API PH36026 Improve log message when the node agent restarts an unresponsive application server
Java Message Service (JMS) PH31692 Not all message listeners started in the control region after startup
PH34639 destDescription message header with no value set after editing MQ topic configuration
PH35855 WebSphere control region failed with ABEND 0C4 in com/ibm/ws390/xmem/proxy/XMemProxyCRCppUtilities.queueInboundRequest
Java SDK
PH34711 Vulnerability in Apache MyFaces affects WebSphere Application Server (CVE-2021-26296 CVSS 8.8)
PH36923 java.lang.nullPointerException caused by PH34711
Migration PH33872 WasPostMigration fails with java.lang.noSuchMethodException
PH38010 Update the migration toolkit for application binaries to the latest version - 21.0.0.2
Object Request Broker (ORB) PH35522 WebSphere Application Server servant or adjunct region may not come down quickly after a 5C6 ABEND
PD tools (for example: Log Analyzer) PH38048 Prometheus endpoint enhancements for performance monitoring infrastructure metrics on WebSphere Application Server traditional
Plug-in PH32435 Encoded charcters (%2f etc) in uri
PH32528 Plugin does not allow personal certificates using weak signature algorithms such as SHA1withRSA
PH32738 Applying Plugin fix pack 9.0.5.4 creates an unexpected empty file "c:\program"
PH33264 When using Intelligent Manager and WebSphere Plugin, the web server may crash when processing a non-websphere request
PH34305 Adding deprecated messaging to plugin topology centric generation
PH34566 Limit number of retries for 503 responses
PH36211 Crash with Plugin 8.5.5.19 on Linux PPC64LE
PH36487 WAS Webserver plug-in possible crash in detailedLog function
PH36942 Ant script fails in post install processing
PMI/Performance Tools PH24409 Prometheus endpoint for PMI metrics on WebSphere Application Server traditional
Scheduler PH31154 Xor encoding keyStorePasswords and trustStorePasswords used in datasource custom properties lead to SSLhandshake errors
Security PH28393 Login audit for SPNEGO and Kerberos login
PH29840 Create the ability to select additional protocol
PH30522 Fix code to not allow a keySetGroup referenced by the default LTPA auth mechanism to be deleted
PH30570 Provide an option to use only custom cookie name in traditional WebSphere
PH31086 WIM exception in wsadmin using RMI with / character in username
PH33038 Intermittent error parsing an unchanged wsjaas.conf
PH34028 Server does not start after enabling AES encryption
PH34651 The RSAPSS algorithm needs to be disabled when IBMJCEFIPS provider is being used
PH34899 java.lang.nullPointerException in security interceptor during WAS server startup
PH34963 The underscores (_) in ND name cause profile creation error
PH35227 The certificate monitor did not renew the default certificate on WAS v8.5.5.17 using JDK1.7
PH35299 A custom cache key is not returned correctly when the subject has more than one hashtable in the credential
PH35329 If an extremely large number is input for LTPA timeout, it may exceed the maximum long value, resulting in an invalid token
PH35421 ADMIN_REPOSITORY_SAVE audit events are not generated in an AdminAgent environment
PH35998 When certificates contian multiple DNS or IP values not all values are displayed when viewing the certifiate information
PH36007 The genAndReplaceCertificate task is not working when not connected to the server
PH36017 Error message CWPKI0662E is vauge and does not provide user with much information to help them
PH36615 QShell command line remains hidden after prompting for password with administrative security enabled for a WebSphere Application Server profile
PH36649 AdminTask.ValidateAdminName results in NullPointerException when ran as operator role
PH36732 Add ability to delete corrupted keystore
PH36733 A certificate signing request (CSR) is created with an extra information in the subject alternate name(SAN) field
PH36858 Add warning during server start when TLSv1 or TLSv1.1 is configured
PH36864 Message CWPKI0429I has an incorrect parameter that needs to be fixed
PH36985 SSL failed handshake with a BAD CERT error
Service Data Objects (SDO) PH35619 Use of "OneDB" causes many "not a recognized database type" message error messages
Servlet Engine/Web Container PH29912 Change default value for WebContainer suppressHtmlRecursiveErrorOutput
PH33180 Enable TrustedHeaderOrigin to be configured with hostnames and IP segments
PH35019 There are scenarios where the HTTP dispatcher will set a 404 status and send a response without ever engaging the web container
PH35470 PMI stats for the servlet are not collected for application until application is restarted
PI80786 HTTP 500 is returned from a request with too many parent directories (forward slashes) in the url
System Management/Repository PH29354 Add JVM option to narrow down trace spec for command line tools
PH32869 Temporary EAR file not deleted after partial application update
PH35272 "ADMG0811I: Changing value for this property password" message displayed when the value has not changed
Transaction Service PH35202 Server using ENABLE_DBTXLOG_PEERLOCKING=TRUE fails to start if the transaction log tables are empty
PH36461 org.xml.sax.SAXParseException: the namespace prefix "wsa" was not declared
Web Services (for example: SOAP or UDDI or WSGW or WSIF)
PH33037 Directory Traversal vulnerability in WebSphere Application Server (CVE-2020-5016 CVSS 5.3)
PH34048 XXE Injection Vulnerability in WebSphere Application Server (CVE-2021-20454 CVSS 8.2)
PH35981 OverlappingFileLockException on z/OS after applying PH26972 ifix
PH37152 IWAE0017E unable to replace original archive - during role mapping
Web Services Security PH23614 OIDC add programmatic support for some OAuth functions
PH30368 OIDC RP may not delete session cookie when SameSite cookie policy=lax
PH30911 OIDC RP: Allow a resource parameter to be sent to the token and authorize endpoints
PH31682 OIDC RP may not load config from a non-default security domain
PH32257 NotSerializableException with OIDC
PH32421 Saml assertions are not created with AudienceRestriction
PH33170 OIDC JWT authentication using custom cache key can be slow
PH34227 OIDC RP: Support the basic_start_authorization scope
PH34840 OIDC RP: Make the state parameter alphanumeric
PH35185 OIDC RP may fail with CWTAI2007E saying a nonce claim is required when the nonce is present
WebSphere Common Configuration Model (WCCM) PH32277 Application deployment is slow when application has many EJB jars
PH33228 XML External Entity (XXE) Injection vulnerability in WebSphere Application Server (CVE-2021-20353  CVSS 8.2)
PH34197 ICU4J IllegalArgumentException on Dec 31 of a leap year
Fix Pack 8.5.5.19
Fix release date: 15 February 2021
Last modified: 15 February 2021
Status: Superseded

Download Fix Pack 8.5.5.19
Component Security APAR APAR Description
Administrative Console (all non-scripting) PH26166 Performance problems in certain collection pages of the WebSphere Application Server admin console
PH28097 J_security_check allows GET requests
PH28098 Users without appropriate roles can access links that eventually throw errors
PH28336 Webserver virtual host creation failure
PH29871 WebSphere Application Server Admin Console is vulnerable to a directory traversal vulnerability (CVE-2020-4782 CVSS 6.5)
PH30566 After updating to 8.5.5.18 and 9.0.5.5 accessing the admin console fails with 500 error
PH31120 WebSphere z/OS 8.5.5.* details of com.ibm.ws.management.util.zos.transformationError not in joblog
PH31219 Property to allow the monitoring role to do testConnections in the integrated solutions console
PH31320 Tivoli Performance Viewer (TPV) servlet summary report page not rendering images correctly
PH31564 Setting string value on J2EEResourceProperty to emptry string removes attribute
PI79928 WIM LDAP panel navigation causes java.lang.NoSuchMethodException: unknown property alias error
EJB Container PH27912 CNTR5104E or CNTR5102E occurs at EJB start after upgrading WebSphere to v8.5.5.16, v9.0.5.0, v9.0.5.1, or v9.0.5.2
Federated Repositories PH23888 LDAPHelper.getrdn failover does not properly account for escaped commas
PH28634 Remove extra logging from UI script
General PH31135 Abend 0C4 in BBODASLU entry point BBODAL03 when daemon is stopped
PH26451 ODRLib should consider all vcs when searching for the server app a request has affinity with in multi-cell topologies
PH26641 IndexOutOfBoundsException when performing some of APIs on SDO list
PH27557 Apache derby component currency update
PH27825 Deadlock in HPEL code when running SIP tracing
PH27883 CWXRS0003W message in adjunct region with dynacache enabled
PH28733 Server not shutting down when started in recovery mode when using HPEL
PH28795 Update the migration toolkit in WAS to latest version and remove setting sourceJava and sourceAppServer manually
PH30529 WAS service entered the running state. msg is sometimes recorded twice
PH30827 Session active for over 1 hour is not invalidated
PH31008 Cryptic exception when session max count exceeded
PH31267 For WSGrid STEP_COMPLETE_EXECUTION_FAILED should be rc -14 but throws -16
PH31965 WAS service generation fails on SLES 15 and above
PH32188 Update the migration toolkit in WebSphere to version 20.0.0.4
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
Install PH18404 Disable optional IBM java 8 offerings for websphere application server
PH30851 Updating fix pack 8.5.5.15 with the interim fix PH25216 fails
Intelligent Management Component PH26451 ODRLIB should consider all VCs when searching for the sapp
PH31889 NullPointerException during batch rollout
Java 2 Connectivity (J2C) PH28590 FFDC data output may display database configuration information
Java Management Extensions (JMX) or JMX Client API PH24396 Add ability to generate multiple javacores before node agent restarts unresponsive application servers
Java Message Service (JMS) PH26694 A Message Driven Bean bound to MQ via a listener port stops consuming messages after an MQRC_CONNECTION_BROKEN error
PH26914 A rare timing condition may lead to the file store stopping
PH28619 Queue message priority setting via commitPriority in descriptor is not working
PH29128 Mis-identification of IBM MQ JMS provider
JNDI/Naming
PH27583 WebSphere Application Server is vulnerable to an information disclosure vulnerability (CVE-2020-4629 CVSS 2.9)
JSP PH11216 Redirect context root for missing slash fails in WAS V9.0 and Liberty when using HTTPS connection
Object Request Broker (ORB) PH27364 WebSphere z/OS 8.5.5.17 Abend 0C4 (gpf) in com/ibm/ws/asynchbeans/services/wlm/enclavemanager.deregisterWorkUnit
PD tools (for example: Log Analyzer) PH29537 [RFE 276826] Increase max number of historical files from 200 to any positive number in tWAS
PH30146 Remove -serverName from -help listing in collector
PH30984 Increase collector tool max heap memory size
Plug-in PH27966 Plugin does not set special header $wsxx for websocket request
PH29434 Avoid hang in ODRHttpResponseContextClean() when using im "MaxRequestsPerDaemon" option
PH29829 Customer should not have their plugin-key.kdb/sth files within /etc
PH29951 Plugin cannot manually propagate without overrideAutoProp
PH30071 Conflict between mod_deflate and the WAS plugin
PH31857 IBM WebSphere Application Server web server plugin sets the incorrect default for ignoreAffinityRequest settings
PH32280 IHS server/plugin loop at startup with zero byte plugin-cfg.xml file
PMI/Performance Tools PH29087 TPV in admin console shows incorrect activeCount value afterServant region is restarted
Runtime and Classloader PH32612 Unexpected server shutdown produces no additional debug data
Security PH25204 After server is restarted, SpnegoTokenHelper APIs may fail due to the lack of Kerberos credential
PH26308 LDAPTestQuery tool is not honoring dynamically updated SSL settings set at test query tool
PH28196 Sensitive information may be stored in a system dump
PH29343 Allow receiveCertificate to handle pkcs7 files
PH29377 Unable to read multiple certs from a cert file
PH29549 Displaying email entry in san for information user did not provide
PH30511 Failed to create dynamic cluster and seeing lots of WKSP0501I: xx workspaces exist in the wstemp directory
PH30569 Provide an option to only show the info user need in wsadmin getSSLConfig command
PH31613 LDAP/VMM support Kerberos authentication
PH32041 Plug point for custom password encryption is not working on 8.5.5.18
PH32284 MalformedURLException connecting to Standalone LDAP Server with SSL (LDAPS)
Services Component Architecture PH30846 Remove open SCA from WebSphere 8.5.5
System Management/Repository PH24460 Add configurable write timeout to IPCConnectorInboundLink
PH26777 Enable post sync deploy processing on the DMGR with system prop
PH30918 Incorrect java library path set when a server SDK is different from the node/profile SDK
PH31439 Non planned task management tasks never get deleted
Transaction Service PH10643 Cascading server restart due to transaction auto peer recovery locking issue
PH22988 Poor performance when transaction and compensation recovery logs are stored in a relational database
PH23968 java.util.concurrentModificationException when stopping server
PH29639 Control process is terminated with error C9C21862 following a RRS RC 761
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PH26629 Error may occur when calling ServiceDelegate.releaseService() SPI in client application
PH26778 Axis2 jaxbUtils class consuming large amount of memory
PH26972 zWAS JAXBContext cache corruption possible in multi-servant environments
PH27157 WebSphere Application Server is vulnerable to an information disclosure vulnerability (CVE-2020-4576 CVSS 5.3)
PH27509 WebSphere Application Server is vulnerable to an information disclosure vulnerability (CVE-2020-4643 CVSS 7.5)
PH28223 StringIndexOutOfBounds exeception occurs during policyset attachment
PH28645 AbstractMethodError in wsdlReaderImpl.getDocument
PH29156 JAX-WS client may not send request to provider: expose SerializeSecurityContext at JVM level
PH29763 Need an option to enable WSDL4J verbose messages
Web Services Security PH26925 OIDC RP generates javascript with extra end-script to send to OP
PH27514 OIDC TAI add basic auth support for the JWK endpoint
PH27827 OIDC RP support unique clientid and clientsecret for introspection endpoint
PH27971 OIDC RP: expose end_session_endpoint with an api
PH28253 OIDC RP should intercept callback from OP without special filter config
PH28386 OIDC RP: give the option to validate a JWT access token
PH28534 OIDC TAI: Do not load config entry if no filter defined
PH29099 OIDC RP: ClassNotFoundException for JsonUtil$DupeKeyDisallowingLinkedHashMap
PH31727 XXE vulnerability in WebSphere Application Server (CVE-2020-4949 CVSS 8.2)
WebSphere Common Configuration Model (WCCM) PH31370 Update ICU4J time zone information
Workload Management (WLM) PH27505 WLM can get in a loop when receiving compressed data running on z15 hardware
Fix Pack 8.5.5.18
Fix release date: 28 September 2020
Last modified: 28 September 2020
Status: Superseded

Download Fix Pack 8.5.5.18
Component Security APAR APAR Description
Administrative Console (all non-scripting) PH20162 The configure scanner page is not enabled for monitor with admin access to an application
PH20878 Add content-security_policy to the response header on the dmgr
PH21166 Connection pool timeout hover help is confusing
PH21177 Update copyright for admin console
PH23369 The color settings of console identity is backed to default
PH23600 Hover help for ORB tracing is not helpful
PH23638 WebSphere Application Server is vulnerable to server-side request forgery (CVE-2020-4365 CVSS 5.3)
PH23783 Support url to go directly to three specific pages in the admin console
PH26220 WebSphere Application Server is vulnerable to cross-site scripting (CVE-2020-4578 CVSS  5.4)
PH26874 ADMA8019E warning even if "validate input" parameter set to off during the deployment
Contexts and Dependency Injection (CDI) PH19003 NullPointerException while stopping an application in org.apache.webbeans.*
PH22277 NPE when deleting conversationcontext
EJB Container PH26295 Injection processing in adjunct region for z/OS for war modules causes CWNEN0044E error
EJBDeploy (WSAD) PH24687 Show a deprecated message when running EJBdeploy
Federated Repositories PH19260 WIMConfigurationException is thrown when updating caches on admin console
PH23240 Adding a node from 9.0.5.1+ deployment manager fails for 8.5.5.17+ node with CWWIM5106E
General PI67099 Provide option to add STS response header for HTTPS request
PH17297 Corrections are needed to the documentation in the knowledge center for IBM WebSphere Application Server version 8.5
PH18158 SESN8558E: An attempt was made to write more than 2M to the large column
PH19392 When checkpointing is turned on it increases the node synchronization times
PH19805 Display run_jobs_under_user_credential at startup
PH19880 Update was migration tools to work with binary scanner updates
PH20275 The session manager behavior after fix of PI78540 is not updated into the knowledge center
PH20390 Add MaxHeap MaxInt error message
PH20735 Dmgr CR issued ABEND0C4-11 dump after stop command
PH21046 First element in list gets duplicated when parent is copy of another parent with a child list that replaced with copy of itself
PH21413 Validate zeroEarCopy apps when running the binary scanner
PH22517 WS-security may decode Kerberos token and retrieve the realm name for the principal name
PH23125 Need informative message when session table does not exist on database
PH25463 With HPEL enabled and "enable log record buffering" set to true, the Textlog is not updated instantly
PH25972 Updating the WebSphere Application migration toolkit (binary scanner) in WAS to the latest version
PH26083 WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4534 CVSS 7.8)
PH26761 Vulnerability in Apache Batik affects WebSphere Application Server (CVE-2019-17566 CVSS 7.5)
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
Install PH20560 Update IHS 8.5.5.16 fails with error getting file for installation on Solaris
PH26325 Fail to check VisualStudio 2013 redistributable package during IHS fix pack install
Intelligent Management Component PH20397  zOS atomic rollout fails when updating edition due to incorrect web server state
PH22238 HeapDetect: Error notifying monitor: 52 message is logged on standard error log
PH23775 Ensure 32 bit libraries are laid down on 64-bit systems.
PH24552 PI89036 causes native_stdout to fill up with repeating debug
PH25216 Remote code execution vulnerability in WebSphere Application Server ND (CVE-2020-4448 CVSS 9.8)  
PH25657 ODR needs to handle encoded uri request patterns
PH25931 Min/max instance script update does not update min/max nodes
PH26354 WebSphere Application Server ND is vulnerable to cross-site scripting (CVE-2020-4575 CVSS 4.7)
PH26364 Improper handling of INADDR_ANY by the Intelligent Management communication layer (P2P/SON) results in NPE
PH27037 New property appEdition.rollout.softReset.waitToQuiesceApplication to set quiesce interval
PH27806 Deadlock between com/ibm/ws/odc/nd/ODCTreeImpl and org/eclipse/osgi/framework/internal/core/BundleRepository blocks start-up
Java 2 Connectivity (J2C) PH17466 J2CA0051E due to NullPointerException during server shutdown while stopping a resource adapter
PH18970 Connection pool hands out aborted connection
PH20373 java.lang.IndexOutOfBoundsException thrown from com.ibm.ejs.container.BeanO.reAssociateHandleList
PH21284 Incorrect waitingThreadCount due to mishandling of interrupted threads
PH21407 OutOfMemory message is occuring when J2CModule reference is not freed up (J2CModule = null)
PH23168 NullPointerException with showPoolContents
Java Management Extensions (JMX) or JMX Client API PH08470 Since moving to WebSphere 9.0.0.8, jsf-nls.jar is not being found
Java Message Service (JMS)
PH19528 WebSphere Application Server is vulnerable to a denial of service (CVE-2019-4720 CVSS 7.5)
PH19730 Launchclient jobs failed with error message WSCL0912E "Component failed to initialize"
PH20912 Unable to set samesite cookie option with response.addHeader
PH22157 Add support for the SameSite cookie attribute
Java SDK PH22773 ConcurrentModificationException during JSF initialization
JavaServer Pages (JSP) PH24643 Unresolved bundle warning message when using SunRI 1.2
Migration PH23359 Message MIGR0590I is incorrectly formatted
PH24741 Migration to WebSphere Application Server V9 may fail to carry forward some SSL endpoint configurations
PH25522 java.lang.NullPointerException while running migration BBOWMPOS job
PH26288 WasPostUpgrade extracts a file before its parent directory with regard to shared libraries
PD tools (for example: Log Analyzer) PH15449 No stack trace printed when NullPointerException printed
PH20856 OSGI logs are not captured by collector tool
PH21934 Profile root is not captured by collector tool for Windows 2016
Plug-in PH21258 z/OS plugin bld version does not show fix pack level
PH21768 Plugin fix pack does not update IIS_webserver copy of binary
PH22593 Plugin-gen does not refer session management configuration of app-level which overrided when set web-level setting exist
PH26192 Web server crashes when WebSphere plugin dynamically reloaded
PH26422 Flexibility needed in setting $wssn used in place of host: header
PH26475 Switch IIS_webserver plugin binaries to symLinks
PH26856 ServerIOTimeoutRetry defaults to 0 (none) if property does not exist in plugin configuration
PH27968 Allow non-RFC5280 certificates by default
PH28096 Http_plugin.log entries for SSL read/write errors are treated like a timeout
Runtime and Classloader PH20328 WSadmin renameNode() and adminConfig.save() commands deleting WSBundleMetaData/jsf-myfaces.xml
PH24756 WebSphere Application Server JVM start failed on parsing meta-inf/ejb-jar_merged.xml
Scheduler
PH27414 WebSphere Application Server could allow a remote attacker to execute arbitrary code (CVE-2020-4589 CVSS 8.1)
Security PH12072 SMF records not recorded with security auditing using the SMF emitter with SECURITY_FORM_LOGIN and SECURITY_FORM_LOGOUT
PH14756 NullPointerException in CertificateMapper.getDnSubField WebSphere setup with global security LDAP with security domain
PH18052 Add an option to use hostname in ORB IOR
PH19164 If custom encryption module throws PasswordEncryptException or PasswordEncryptException, it can corrupt passwords in security.xml
PH20571 When the audit policy is loaded, a commandValidationException occurs (SEC6051E)
PH21586 ADMG0012E Unable to add the custom properties in CA client configurations
PH21890 External authentication retrieved user via TAI intercept as unauthenticated failed with null for getUserPrincipal
PH22557 Creating a custom CA client by implementing WSPKIClient interface provided by websphere failed class loader
PH22986 The renewed certificate is not honored when certificate expiration monitor renewed a certificate
PH23211 Password on commandline is not masked correctly
PH25309 Preventing users from making a deletion of a certificate if the alias is being used in dynamic SSL config or SSL config
PH25806 Add password encryption support for passwordUtil into WebSphere Application Server 8.5.5
PH25855 LtpaToken2 value is same after relogin
PH26401 Add certificate extension support
PH27328 The modifyAuditPolicy command throws a NullPointerException
PH28615 The password encryption feature errors opening a default custom encryption implementation
Servlet Engine/Web Container
PH20847 Information Disclosure in WebSphere Application Server (CVE-2020-4329 CVSS 4.3)
PH24879 OutOfMemory event on web service BAIS.create()
PI83141 WebContainer performance issue when under high load
Session Initiation Protocol (SIP) Container PH21349 SIP notify arriving before 202 for refer causes a memory leak
PH21614 SIP requests with appropriate CSeq numbers receive message 500 incorrect CSeq
PH22590 B2buaHelper.getPendingMessages might return an empty list when an initial INVITE request is forked
PH25483 SIP re-invite might be sent to wrong interface
System Management/Repository
PH21511 Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2020-4276 CVSS 7.5)
PH21848 Display the absolute path value of the temporary location if the copy of asset fails
PH23853 Privilege Escalation Vulnerability in WebSphere Application Server (CVE-2020-4362 CVSS 7.5)
PH26952 WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4464 CVSS 8.8)  
Transaction Service PH08281 Information services director fails when invoking a web service - deployment.xml composition unit is not found
PH23464 Add JVM property to disable one phase commit optimization
PH25074 WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4450 CVSS 9.8) and Information Exposure (CVE-2020-4449 CVSS 7.5)
PH25955 REMOVE_PARTNER_LOG_ENTRY does not work for XAResource.recover() failure
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PH22498 JAX-PRC web service client creation fails if an HTTP redirect switches protocol when accessing the WSDL url
PH22765 WSWS7054E error during WSDL generation due to ClassNotFoundException on javax.validation.ConstraintViolation
PH26204 Org.apache.axiom.om.omException: a data handler was not found
Web Services Security PH16455 JAX-WS engine did not redirect response with 301 status code
PH19333 OIDC RP: Unable to override the realm name in an ID token
PH19907 OIDC RP: Login fails when createSession=true and HTTP sessions exhausted
PH20118 OIDC RP: Should not require scope claim on response from OP
PH21008 OIDC RP: The TAI is completely disabled if any provider config fails to initialize
PH21178 OIDC RP: Access-token refresh may be attempted when it should not
PH21611 OIDC RP may attempt to refresh access tokens that are not expired
PH21827 OIDC TAI: NotSerializableException for JWTclaims error may occur
PH22038 OIDC RP: Session cookie name should to be related to provider_<id>.identifier but related to provider_<id>.clientid
PH22195 OIDC RP: Enable use OpenID provider's well known configuration url
PH22621 OIDC RP: Add programmatic support for grant_type = client_credentials
PH23572 OIDC RP code flow cannot be used if JavaScript is not enabled
PH23697 OIDC RP support RS512 support to OIDC TAI signature algorithm
PH24501 Saml web SSO TAI may fail signature verification when a keyInfo contains both keyName and x509data
PH24737 OIDC RP: Make the introspection response available via api
PH25547 OIDC incorrect behavior if opaque token is in Authorization header and useJwtFromRequest=ifPresent
PH25697 OIDC RP sessionCacheTimeoutMinutes=0 is not overriding idToken exp claim
PH25774 OIDC RP: Session cookie value is too short
PH26523 OIDC RP allow call to userinfo endpoint to be disabled
PH26842 Saml Web SSO ClassNotFoundException for trustAssociationUtil in 9.0.5.4
PH27173 OIDC RP login may fail when nonce is enabled
PH27213 OIDC TAI: Give option to not write LTPA cookie in RP path
PI96403 OIDC RP does not support implicit login flow for initial requests
WebSphere Common Configuration Model (WCCM) PH20188 Incorrect time policy for turkey in com.ibm.icu.jar
PH25334 Application update failure slow due to excessive retries
z/OS PH22659 zWAS crash in bbog_failuremonitor::dispatchrecovery(mvs::stoken) following normal shutdown
PH24730 Repetative characters at the end of message BBOA7101E
Fix Pack 8.5.5.17
Fix release date: 9 March 2020
Last modified: 9 March 2020
Status: Superseded

Download Fix Pack 8.5.5.17
Component Security APAR APAR Description
Administrative Console (all non-scripting)
PH11319 XSS issues with the WebSphere Admin console (CVE-2019-4270)
PH12325 WebSphere Application Server Admin Console could allow a file traversal vulnerability (CVE-2019-4268)
PH14295 Classloader conflict causing problems accessing the admin console in WebSphere Application Server
PH14552 java.lang.arrayIndexOutOfBoundsException: array index out of range: 1 exception on was 8.5.5.14 after BPM 18.0.0.1 upgrade
PH15351 Admin console updates to removeNodelLstener and addNodeListener servlets
PH15415 Improve status text for scan error for the application migration scanner functionality
PH15700 Target java options on 'Configure scanner…' pate are out of order
PH17272 An error is shown in the administrative console, when viewing the systemout.log.owner or thesystemerr.log.owner files
PH17962 Request to allow web server log path to be outside of WAS and not require the .log filename extension
PH18268 When a scheduler that an EJB timer service uses no longer exists, the console does not display an error
PH18533 After the update to WAS 8.5.5.16 there is a problem in the admin console with my tasks in the navigator on the left side
PH18947 Information disclosure in WebSphere Application Server Admin Console (CVE-2019-4670)
PH19920 When invalid characters are introduced in the admin console url error page java.lang.nullPointerException is received
PI94624 Remove struts-legacy.jar from isclite.ear
Contexts and Dependency Injection (CDI) PH05014 Null CDI bean results in a NullPointerException thrown in Apache WebBeans code
PH15728 CDI not protecting the thread context classloader and loading a wrong version of XML parser
Default Messaging Component PH16502 WebSphere Application Server messaging engine stops due to DSRA9110E when short duration lock feature is enabled
EJB Container PH18256 CNTR5104E received when deploying EJB application
PH18828 Corba.Marshal: incompatibility between stub and tie on WebSphere batch application
EJBDeploy (WSAD) PH21271 Failed to run EJPDeploy when installing application by admin console
Federated Repositories PH12039 The WIM GET API does not consider the allowOperationIfReposDown setting on the realm
PH12167 Authentication fails with a cause by of illegal capacity
PH14099 Federated repository is not returning all requested attributes when searching
PH15390 NullPointerException ocurrs when security trace is enabled
PH15543 CWWIM4564I saying it connected to the failover LDAP, when reconnecting with the primary LDAP
PH16420 Non-participating repositories are accessed from WIM get api
PH17028 AdminAgent console can display incorrect security configuration
PH17839 When adding an LDAP attribute that requires a boolean value, an InvalidAttributeSyntax error occurs
PH18467 Enhanced file-based and database repository password hashing algorithms
PH18761 NullPointerException is thrown when running deregisterNode.sh wsadmin
PH19289 NullPointerException occurs when security trace is enabled
General PH10371 lrcmd.sh script ignores values specified in soap.client.props
PH11280 PI58498 is not fixed on 8.5.5.13 under certain circumstances
PH12982 "write Interval" of HTTPSession store configuration is not honored
PH13564 WOLA is not freeing IMS TPIPE after an error
PH13660 Reduce HPEL buffer flush interval and timer implementation
PH13786 ABENDCC3 RSN040E0001 in local communication close processing
PH13807 NullPointerException in the SIBus component may occur when Cross Component Trace is enabled
PH14351 Update the binary scanner in tWAS to 19.0.0.3.1
PH14473 Add translations for the access denied message
PH14613 PH14613: Intelligent Management enabled Plugin crashes in multicell environment
PH14926 Deserializing a session loads classes form different class loaders
PH15134 CSA shortage with WebSphere Appserver z/OS fix pack 9.0.0.9 BBOO0335E BPX1LDX load of BBODPCRT failed RC=84, reason=BDF0624
PH15820 OAuth provider may create a principal with realm name prepended to user name
PH16837 Unresolvable variable warning message CWLRB6203W: issued when no action is required
PH17314 Too many open files in WebSphere V8.5.5 SIBus messaging engine
PH17557 Upgrade apache commons beanUtils in admin console (CVE-2019-10086)
PH17942 Some session attributes are not stored with session database of Oracle
PH18042 EmbeddableUOW cause RollbackException of global transactions
PH18894 Change the default value of ModifyActiveCountOnInvalidatedSession
PH19061 Multiple plugin-cfg.xml files & folders under profile_home/config/cells/ causing Liberty report hung on console
PH20314 LogViewer not able to write logViewer.pos file
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
IBM i PH18059 QueryWASInstalls command not listing 9.0 ND installs
Install PH16993 Cannot install WebSphere Application Server 9.0 on SUSE Linux Enterprise 15
PH17876 CRIMA1137W: packages do not support the 64-bit version of installation manager
PH18202 User's files and logs are deleted when applying ULB fix pack through installation manager
PH18236 Incorrect Java 7 EOS warning message on WAS 8.5.5.13 (Java 6)
PH18278 Warning message is issued when install IHS and Plugin 9.0.5.2 and 8.5.5.17 on Windows without MSVC 2013 runtime installed
PH20560 Update ihs 8.5.5.16 fails with error getting file for installation on Solaris
Intelligent Management Component PH11456 Custom transport chains added to dynamic cluster server templates are not properly propagated to dynamic cluster members
PH14613 Intelligent Management enabled Plugin crashes in multicell environment
PH14796 /MiddlewareAgentRPCService/noadmin/../<file_path> allows for arbitrary file access of files in the WAS/profiles/dmgr directory
PH15889 dumpIMPState.py enumerate function not available in Jython v2.1
PH16498 Implement the ability to disable the ODC REST Service
PI89036 JVM CRASH ON WINDOWS IN PROCESSCPU64.DLL WHILE INVOKING PMI TO COLLECT CPU STATS
Java 2 Connectivity (J2C) PH10198 2CA0695E: Unable to find primary pool manager during failover processing for a resource with a JNDI name of ibm/cm
PH13915 High cpu when synchronizing resources.xml
PH20223 RRA=all trace results in SECJ0314W violation of Java 2 security permission error
Java Management Extensions (JMX) or JMX Client API PH16983 Use TriggerDump with request=exclusive instead of SystemDump
Java Message Service (JMS) PH01737 Changing default to NIO on HP platform
PH14915 At shutdown, when the filestore is nearly full, threads persisting messages will hang
PH15289 Updating the address include list for server transports causes an exception
PH17473 Case sensitivity issues when headers are not being cached
Java Persistence API (JPA) PH18777 ConcurrentModificationException after PH07008
Java SDK PH16818 File descriptor leak in defaultFaceletFactory
JavaServer Pages (JSP) PH12946 StringIndexOutOfBoundsException when using JSF 2.2 in Liberty
PH12972 Thread safety issue on the WeakHashMap with JSF SunRI causes the WebContainer threads to hang
PH14966 JSF portlet bridge should not be bundled by WebSphere
JSP
PH13983 Information disclosure in WebSphere Application Server (CVE-2019-4441)
PH20785 WebSphere Application Server is vulnerable to command execution (CVE-2020-4163)
Migration PH13284 After the migration to v8.5, plugin-cfg.xml contains all cluster information even which is not supposed to be included
PH14635 WASPreUpgrade in remote migration jar does not work on zLinux
PH15019 Spaces in application name cause migration failure as WASMigrationAppInstaller gets parsing error
PH15110 Migration tool should notify the user in the case that the old value is not migrated
PH15373 Coregroup template not found
PH15764 WASPostUpgrade fails when the profile was created with sym links
PH18142 Running BBOWMPRO during a migration to a newer release of WAS z/OS gets configuration mismatch error
PH19983 WASPreUpgrade migration script fails to run on AIX
PH20869 Migration fails with java.lang.noSuchMethodException:com.ibm.websphere.models.config.applicationserver.sipontainer.impl.SIPContainerImpl
Object Request Broker (ORB) PH13233 Remove unformatted cout trace entries
PD tools (for example: Log Analyzer) PH14607 FileNotFoundException appear when running tWAS LogViewer
PH14673 WAS diag plan trace dump file directory correction
PH15079 Modify traceInit outputs BBOO0427E at 8.5.5.15
PH17273 Collector tool does not collect properties files for IBM i platform
PH17283 Diagnostic plans utility is incompatible with the java_dump_opts
Plug-in PH13091 WebSphere plug-in has uneven distribution when multiple servers have a weight of 0
PH14563 Plugin merge creates extra URI group when erroneous ports are within the VirtualHostGroup
PH17449 WAS HTTP plugin fails to generate $WSRA $WSRH headers
PH19420 Plugin propagation for managed definition on remote node fails to copy plugin-key.kdb to webServer location on the remote node
PH19922 Unnecessary polling can take place causing high cpu
PH20154 Plugin websocket upgrade request response code not verified
PH20311 Plug-in does not read entire response from the socket when ESI is enabled and response shows data is not modified
PH20448 IHS crash on restart when plugin log rotation is enabled
Profile PH11873 Create profile failed with java.net.uriSyntaxException: illegal character in path
PH18889 Update WAS 8.5.5 IES for x86-32 platform
Runtime and Classloader PH10673 Property com.ibm.ws.runtime.dumpShutdown=true causes two heapdumps and two java cores during shutdown
PH11036 Corrupted KOR/CN/JPN locale messages during startserver if WS_CMT_PI_STARTSERVER_CA_MESSAGES=true
Security PH09722 Reload the SSL runtime when certificate monitor executes
PH10457 ReplaceCertificate is not horned to replace a personal certificate with another personal certificate
PH11248 Information Disclosure in WebSphere Application Server (CVE-2019-4477)
PH13835 Outbound EJB-WOLA connection fails NO_PERMISSION due to TransportLayer settings being picked up from incoming RMI call
PH15965 Intermittent SECJ0129E after upgrade to 9.0.0.10 or 8.5.5.14
PH16017 FFDC data output may display JAAS configuration information
PH16741 Client certificate authentication not finding previously logged in subject
PH17654 WSVR0661W starts to happen after the application of 8.5.5.16
PH18217 Need to stop auditing subsystem from doing DNS lookup
PH20055 Provide an option to add KRBAuthnToken to Subject
Servlet Engine/Web Container PH15852 Missing translation key: Exception occurred while running servlet ContainerInitializers on startup
PH16279 Memory leak in WebFragMergerImpl due to multiple start/stop of application without restarting the application server
Session Initiation Protocol (SIP) Container PH15985 A via header field in ACK requests might contain incorrect address in a dual stack environment
PH17737 WebSphere does not reject SIP invite with invalid CSEQ header
System Management Configuration PH15796 Monitored directory deployment hangs when application is deployed on more than one target
System Management/Repository
PH14004 Path traversal vulnerability in WebSphere Application Server (CVE-2019-4442)
PH18800 ADMA7021I message in a deployment manager systemout.log file causes confusion
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PH09116 NullPointerException generated due to a partial update of the EJB application
PH16949 WAS 8.5.5.15 / 9.0.5.0 - issues with annotation scanning filters (include-scanning-packages etc.)
Web Services Security PH14676 OIDC RP: Omit client_secret oAuth 2.0 parameter if the client_secret is an empty string
PH15248 OIDCClientHelper methods may return null unexpectedly
PH15626 OIDC RP: Enable configuration of a login error url
PH17304 OIDC RP cannot send a content-security-policy header to the openIDconnect provider
PH18150 The OIDC RP does not check the id-token for an ACR value if the configured auth endpoint url includes "acr_values"
PH19189 OIDC RP cannot send a nonce parameter to an OP
WebSphere Common Configuration Model (WCCM) PH08678 In WebSphere V8.5.5 AdminTask.extractConfigProperties incorrectly sets the CCSID value to 0 as the default
PH17696 Encrypted passwords deleted if custom encryption JAS is removed
PH19871 BO attributes are not working correctly after upgrading to WebSphere 8.5.5.16
PI77392 Incorrect generation of ibm-metadata.xml when deploying with pre-generated merged descriptors
z/OS PH19192 Waittime is not passed to BBOCLSCC under certain circmstances
Fix Pack 8.5.5.16
Fix release date: 3 September 2019
Last modified: 3 September 2019
Status: Superseded

Download Fix Pack 8.5.5.16
Component Security APAR APAR Description
Administrative Console (all non-scripting) PH05129 Prompt user for confirmation of stop cluster
PH06242 Change background color for admin console (REF 120205)
PH07676 Potential denial of service in WebSphere Application Server Admin Console (CVE-2019-4080)
PH07698 Incorrect application status for web server in target specific application status display
PH07915 Update admin console JSP to remedy false error
PH08979 Data power panels may show html in messages when creating objects
PH09151 Add Liberty migration effort details to application collection page in admin console
PH09977 Some administrative console urls are using: target="_blank"
PH10072 WebSphere Application Server admin console to add secure attribute to some cookies
PH10464 Urls based on the admin console return error 500
PH10816 Serviceability issues for Liberty advisor feature
PH10824 UI bug fixes and changes for Liberty advisor feature
PH10831 Add color to navigation border to make color change more visible
PH11318 Do not display log_root directories for application installation
PH12508 After upgrade to fix pack 9.0.0.11 get msg: SRVE0190E: File not found: /libertyadvisorsummary
PH13030 Rename Liberty application migration analysis functionality
PH13295 Scopes in resource panels are unsorted which makes it hard to find a specific scope
PH13303 Access denied in logs when calling LibertyAdvisorSummaryServlet even when user has required roles
Contexts and Dependency Injection (CDI) PH05014 Null CDI bean results in a NullPointerException thrown in Apache WebBeans code
PH09834 java.lang.VerifyError on openwebbeans with Java, 8 update 11 and 7 update 65
EJB Container PH01591 Nonpersistent EJB timer dying if timeout throws exception on last retry
PH08828 OutOfMemory in injectionEngine cache
PH12563 Support JIT deploy of EJB 1.x and 2.x modules
Federated Repositories PH01831 WIMUserRegistry.authenticateWithPassword() discards the causal exception when throwing a new exception
PH05207 NullPointerException occurs when nameInRepository is not set in wimconfig.xml
PH08837 LDAP search fails with NumberFormatException
PH10154 Group members are not listed (in manage users/groups) when domainnameforauomaticdiscoveryofldapservers is configured
PH11325 In rare cases, the federated repository attributes cache will store an attribute beyond the specified cache timeout
PH11792 Changing wstemp directory to a different directory with the following property websphere.workspace.root is not being honored
PH12039 The WIM get API does not consider the allowOperationIfReposDown setting on the realm
PI97871 Cannot change administrative user in federated repositories
General PH01829 The lrcmd command fails with SocketTimeoutException
PH03840 Attempting to create a new ILContainer after SqlException causes com.ibm.websphere.batch.ilc.ILContainerException
PH04833 Java batch scheduler in WebSphere v8.5.5 running OutOfMemory
PH05754 Cannot set a timeout for URLReturnCodeMetric which can cause blocking of other metrics
PH06301 CWLRB6179E: Failed to invoke EndpointCRMBean
PH07247 Unnecessary HttpHostConnectException FFDC logged for usage metering
PH07725 Cross-site Scripting (Stored) on URL 9043/ibm/console/ChartDetail.do: datasets parameter
PH08375 WASServiceHelper.bat builds command contains "stopargs" twice
PH08503 Configured cluster level resources are dropped when a dynamic cluster scales to zero members and back up again
PH08548 The number of concurrent sub jobs running under a top-level batch job may exceed the configured maximum
PH08898 WebSphere v8.5.5 Job Scheduler throws NullPointerException
PH08993 CWLRB6203W is issued for properties which do not need a value
PH09335 managesdk.sh does not set user.install.root
PH09407 CommonExtensionsHelper class prints out a lot of information messages
PH09657 Usage metering discards metrics on HTTP 500 response from metering service
PH09810 Health Controller stops working when executing Health Policy actions - Moved asyncRestart functionality into separate thread
PH09872 CWMMS0469E: Error getting application placement controller (APC) MBean
PH10119 Add support for CICS 5.5 to optimized local adapters
PH10333 During extension of clusters jobs abended with RC=12 and existing endpoints are not found
PH10511 OSGI throws an unexpected NullPointerException
PH10843 Javamail password hardcoded to null in the trace
PH11142 Running the wctcmd.bat from outside of the <wct_root> directory causes
PH11182 NPE in JSF after WebSphere Fix pack 8.0.0.15 + apar PH04915
PH11334 Need to check users tWAS version and source Java version
PH11542 DefaultApplication changed in 9.0.0.11
PH11655  Remote code execution in WebSphere Application Server ND (CVE-2019-4279)
PH11807 "Routing policy HTTP rules" console page broken and validation for duplicate ODR rules not throwing proper error
PH11818 Unnecessary annotation scan happens if a class implements java.util.eventListener
PH12312 Admin agent environments not able to create migration reports through the console or wsadmin
PH12467 WSSessionInvalidatorThread should have thread number
PH12533 Admin console allows Client-side HTTP Parameter Pollution and xss
PH12560 Support customization of usage metering metrics
PH12630 JSessionID value may contain 2 consecutive dashes
PH12773 Add/remove neighbor loop with messages ODCF8041I, ODCF8040I, CWWOBB1009W
PH13339 Implement fine grain permissions for migration commands
PH13693 Change to allow the facesContext object to remain open after lifecycle method execution
PH13798 Error resulting from PH09335 when user_install_root is unset
PH14088 Disabling isolation of third-party JAX-RS providers causes FileNotFoundException
PH14124 The binary scanner needs to be updated in tWAS to version 19.0.0.3
PI92265 Setting one JVM of multiple dynamic clusters into maintenance mode fails for all dyanmic clusters expect one
High Availability (HA) PH08584 Moving dynamic cluster to new core group fails to update dynamic clusters server template
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
IBM i PH12823 _setupDefaultSDK script fails to update WAS product and profiles to use JDK 8 when JDK 7/7.1 is configured
Install PH07691 IHS 8.5.5.14 replaces 64-bit Solaris binaries with 32-bit
PH08340 Install application client 8.5.5.14 on Win 32bit
PH08611 Add pre-requisite checker for Microsoft Visual Studio 2013 runtime
PH08924 NPE in Installation Manager while installing Java 8
PH10416 Unable to apply Application Client, IHS, Plug-ins fix pack 8.5.5.15 on Sun Solaris operating system
PH11170 Incorrect output of VersionInfo -fixpacks
PH11382 32-bit version of IBM WebSphere SDK Java 7.0 is replaced by 64-bit version after updating Application Client 8.5.5.15
PH12075 Cannot install Java 8 (optional) offering on AppClient 85514+ on Solaris Sparc64
PH12320 NullPointerException is thrown while using the modify option in silent mode on installation manager for IBM i
PH12698 WebSphere Application Server 8.5.5.15 cannot be installed on Solaris 10 update 9 and up
PH13270 IBM SDK Java Technology Edition Versions 7 and 7.1 will be end of service
Java 2 Connectivity (J2C) PH04931 FFDC for java.lang.IllegalStateException logged intermittently while many transactions start in parallel are not a problem
PH10198 2CA0695E: Unable to find primary pool manager during failover processing for a resource with a JNDI name of ibm/cm
PI81554 J2CA0045E connectionWaitTimeoutException timeout is not calculated as expected in version 9.0.0.3
Java Message Service (JMS)
PH06340 Potential denial of service vulnerability in WebSphere Application Server (CVE-2019-4046)
PH07036 Potential vulnerability in WebSphere Application Server WebContainer
PH09048 During Tibco EMS server failover, transaction rollback issues may occur that lead to stuck messages on the Tibco queue
PH09750 Hanging threads in com.ibm.ejs.jms.JMSQueueConnectionHandle.createQueueSession
PH11186 HTTP inbound channel custom properties trustedHeaderOrigin and trustedSensitiveHeaderOrigin do not work properly on z/OS
Java Persistence API (JPA) PH07008 Have OpenJPA update the descriminator class cache as classes become loaded and registered in the metadatarepository
PH13889 OpenJPA enhanced classes version change causes warning
JSP PH08381 JSP compilation error when using line comment within JSP expression
Migration PH07936 Migrating to WAS v9.0 but application did not get deployed
PH08002 Not all profiles migrate when migrating to WAS v8.5.5 WASPreUpgrade fails when no default is used
PH09937 After migration automatically create element automatically that not exist before migration
Object Request Broker (ORB) PH08205 SMF 120 subtype 9 records should report the value of cvtzcbp
PH09011 UnsupportedClassVersionError JVMCFRE003 when starting the NDDMZ on z/OS
Other PH13095 If the admin agent console times out, you must provide the username/password twice
PD tools (for example: Log Analyzer) PH05042 WebSphere Application Server traditonal HPEL logging json format
PH12910 java.lang.stringIndexOutOfBoundsException & SRVE0232E while accessing admin console
Plug-in PH06308 WebSphere WebServer plugin crashes when handling WebSocket request in ESI cache
PH07999 WebSphere 9.0 plugin using SSL fails to read entire message above 8k in size
PH08290 Plugin needs to provide some GSKit scripts
PH08740 Apache v2.4 web werver plug-in crashed caused by a conflict withmod_was_ap22_http and mod_hpfilter2.4
PH08998 WebSphere plug-in process is not properly cleaned up when using Apache piped logger rotatelogs
PH09034 Set default connectionTTL to 28 if not present in configuration for the WebSphere webserver plugin
PH09316 New plugin configuration copies the etc/plugin-key.rdb file unnecessarily
PH09639 HTML dashboards fail in Web Query with HTTP 500 when running in IE or Firefox
PH10258 ORDPortPathPrefix cannot be added from the WebSphere admin console
PH10504 Servlet request remote address value is incorrect with WAS 8.5.5.15 Plugins fix pack level
PH11287 Web Server plug-in crashed in memcpy call ws_reallySendRequest function
Programming Model Extensions (PME) PH06673 WorkItem.getResult may return null and this cause NPE in customer's asyncbean application
Runtime and Classloader PH05460 Emit diagnostics for OSGI unsatisfied bundle constraints diagnostics when starting a server
PI91529 NullPointerException is thrown when processing application deployment.xml file
PI97290 NullPointerExceptions while enabling the classloader traces
Security
PH05769 Weaker than expected security with WebSphere Application Server with SP800-131 transition mode (CVE-2018-1996)
PH06236 When selecting a certificate alias with mixed case an SECJ7428E error is recieved
PH06574 When creating a new WebServer definitions in the integrated solutions console, plug-in key (CMS keystore) do not generate
PH07760 Correction for PH02461
PH08265 Cannot remove audit notification: SECJ7387E: audit notification in use
PH09574 PI97974 was about LDAP search filter issue, which did not handle parenthesis correctly
Servlet Engine/Web Container PI99214 Error message "SRVE0190E: File not found: {0}" is missing file name
Session Initiation Protocol (SIP) Container PH07841 SIP parse errors seem to put the parsing thread into a tight loop indefinitely
System Management/Repository PH06545 AdminApp.edit command may not update servers correctly when using the MapModulesToServers option
PH07140 Editing an application with EJB content in a WAR module may experience slow performance
PH07946 Running managesdk on a node works but it modifies a JVM on another node
PH10218 Logging for JVM is not showing up in the console
PH10565 Stopping an application server with wrong user or/and password failed with error from stack trace
PH10810 Improve ADMA0245W message to include permission problem
PH11113 Cannot map a J2EE role named role to users and groups
PH12932 Missing Javadoc in ManagedObjectMetaDataHelper APIs
Transaction Service PH05716 Transactions repeatedly fail to commit with OBJECT_NOT_EXIST minor code 0. Transaction outcome is mixed
PI95615 Server startup fails with "base product version for node "mynode" is not available"
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PH10556 The <dmgr_profile>/temp/wscache/installextract folder is not being cleaned up after the deployment or after dmgr restart
PH11905 Increased deployment manager startup caused by inefficient data structure
Web Services Security PH04344 Invalidate SAML token when user logs out from WebSphere application
PH07297 Denial of Service vulnerability in Guava (CVE-2018-10237)
PH08391 Set WebSphere Application Server SAML cookie to httpOnly
PH08804 OIDC RP default identifiers are not available when customs are configured
PH10503 OIDC relyingParty TAI sessionCacheTimeoutMinutes is in seconds
PH10892 OIDC RP has no api for obtaining tokens or manually triggering access token refresh
PH11107 OIDC RP always includes port number on redirect_uri parameter
PH11684 OIDC: Failed to validate id token, exception thrown during verify [unsupportedoperationexception: ]
PH12520 ODIC: Enable JWT SSO in WebSphere Applicaiton Server
PH13175 Tokens are not revoked when sessions are evicted from the cache
PH13533 Web service request containing ws-at context fails if provider web service is configured to support ws-rm
WebSphere Common Configuration Model (WCCM) PH06565 <multi-config> child elements are added to web.xml/web-merged.xml
PH08461 During dmgr startup the /tmp folder is filling up and preventing the dmgr from starting
PH09294 Slow application startup for applications with many files
PH12669 NullPointerException occurs in EMF do to concurrent initialization
Fix Pack 8.5.5.15
Fix release date: 4 March 2019
Last modified: 4 March 2019
Status: Superseded

Download Fix Pack 8.5.5.15
Component Security APAR APAR Description
Administrative Console (all non-scripting)
PH01617 Potential file traversal in WebSphere Application Server (CVE-2018-1770)
PH01621 Potential cross-site scripting in WebSphere Application Server Admin console (CVE-2018-1777)
PH02638 Getting blank screen in dmgr console when trying to update server template in dynamic cluster
PH05812 The restart does not always work because of a change to the JVM so this provides a system property to stop/wait/restart instead
PH06889 Problems changing web_install_root and config path
PI98354 No test connection button for operator role in datasourcename page in admin console
Contexts and Dependency Injection (CDI) PH04844 The javassist used by the application is collided with javassist version used by CDI
EJB Container PI95982 The timer.getInfo() not properly returning new instance
PI96086 Nested EJB Async method calls not honoring nested get(timeout, unit) timeouts
Embedded/Express PH01284 Clean server OSGI cache on restart after hard shutdown
Enterprise Edition (EE) PH04187 Issue with the Windows 125x support in xlxp during conversion of bytes to utf-8
Federated Repositories
PH02811 Privilege escalation vulnerability in WebSphere Application Server (CVE-2018-1901)
PH02868 Automatic discovery of LDAP servers fails with EntryNotFoundException
General PH04234 /ibm/console/ChartCollection.do javascript injection XSS vulnerability
PH00071 WebSphere z/OS 8.5.5.12 ABEND 0C4 in ORB_Request::setsystemexception in control region
PH00353 JAX-WS web service requests may fail when using an unmanaged client and Java 8 if ws-policy is used
PH00438 Provide switch to disable isolation of third-party JAX-RS providers
PH01316 FileNotFoundException (404) when entering ISC help pages running Java 8
PH01735 Inputting an invalid webserver conf file path on the console produces a blank page
PH01753 Cross-site scripting vulnerability in OAuth ear in WebSphere Application Server (CVE-2018-1794)
PH01810 Provide connectivity with IBM cloud private metering
PH02014 Infinite loop scanning multi-release jars for annotations
PH02024 CDI beanManager.getBeans() should not filter out non-alternatives
PH02031 Potential directory traversal vulnerability in WebSphere Application Server (CVE-2018-1797)
PH02049 Cross-site scripting vulnerability in CacheMonitor for WebSphere Application Server (CVE-2018-1767)
PH02063 Potential security bypass in WebSphere Application Server with Expression Language EL (CVE-2014-7810)
PH02310 The wctcmd command does not create a webServer definition
PH02349 J2CA1004E seen in adjunct region
PH02429 Add IIS 10 to WebSphere fix pack to allow the installation of this product
PH02700 Do not persist or transfer inactive conversation contexts
PH02919 Migration policy set issue
PH03324 Clone server doesn't appear in the Administrative console
PH03492 Potential Cross-site scripting in SIBMsgMigrationUtility (CVE-2018-1798)
PH03604 Update Apache Batik SVG toolkit library to 1.10
PH03710 Annotation scanning include-filters not working
PH04583 RuntimeException in vapBinaryStreamToSerializableObjectConverter
PH04653 Updated CPU limit (--cpus) not recognized by usage metering feature
PH05071 JVM hang when calling garbageCollectorMXBean.getLastGcInfo for usageMetering-1.0
PH05126 Provide support for com.ibm.websphere.jaxrs.server.DisableIBMEJBJAXRSinEJBJarSupport
PH05544 Custom property `HttpSessionCloneId` set at the sessionManager scope is not honored by ODC resulting in broken affinity
PH05700 The was-usage-metering.properties does not work in cluster name directory
PH06668 ARFM5024E: ARFM suffered unexpected exception while handling ODC event: com.ibm.wsspi.odc.ODCException: A svcgoal has no relationship with the following:  cell (EXCM_HAS_NO_RELATIONSHIP1)
PH07141 Increase grammar's unresolved component cache size
PH07228 Final usage metrics not submitted on server shutdown
PH07725 Cross-site Scripting (Stored) on URL 9043/ibm/console/ChartDetail.do: datasets parameter
PI89701 ODC error logic that runs on the dmgr is erroneously removing OSGI app data from the ODC data structures resulting in 404
PI92331 Large object com/ibm/xml/xml4j/internal/s1/util/symboltable$entry arrays
PI95333 There is no way to detect if a compute grid batch job is producing grossly excessive output in its job log
PI95906 It takes very long time to update eba
PI99123 Add a new message to show total workspaces and ids to help reduce OutOfMemory problems
PI99361 upon deployment, the <context-root uri..> entry in the ibm-web-ext.xml is changing position within the file.
PI99507 Native outofmemory errors due thread leak in OTIS connection handling
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
Install PH02129 Fixpack rollback fails with NullPointerException on Solaris
PH02912 The setupProfileSDK script usage is not translated
PH03402 Installation manager reports im_root/eclipse/IBMIM is launched even though im_root/eclipse/tools/imcl is called
PH03775 WAS 8.5.5.14 fix pack installation working on Solaris 10
PH04095 Extra directories and broken links after WAS 8.5.5 FP 14 installation
PH04524 WebSphere Application Server fix pack fails to install due to invalid Java 6 checking
PH04606 Installation of WebSphere plugin 8.5.5.14 to WebSphere plugin 8.5.5.11 and higher with fix PI96287 fails
PH04771 Rollback to 8.5.5.14 fails after update 8.5.5.13+Java6 to 8.5.5.14 and then to 8.5.5.15
PH04781 WAS 8.5.5.14 includes embedded java 6 binaries
PH04782 Update PLG to 8.5.5.14 failed
PH04784 Installing fix pack 8.5.5.14 with 32 bit Java 1.7.0 does not work correctly
PH06871 Rollback fails from WAS 8.5.5.14 to WAS 8.5.5.8
Intelligent Management Component PH01352 High CPU after TCPIP is forcefully stopped
PH01832 High CPU driven by VisualizationEngine.CacheWorkItemsTP thread
PH04119 `Runtime Operations > Applications` panel does not properly report applications that deployed to a started target but not running
PH04886 Deadlock in DMGR when federating primary portal node
PI65154 HeapDetect: error notifying monitor: 52 message appears during server shutdown
PI88622 On demand configuration (ODC) thread causes hang in deployment manager (dmgr)
PI98187 APC HAManagedItem hangs when it is in the process of becoming dormant and receives notification that it should be active
Java 2 Connectivity (J2C) PH00304 WAS Liberty not respecting max connection pool setting
PI97241 Server hang on server shutdown due to deadlock
Java Message Service (JMS) PH01447 Improvement to SSL closing handshake
PH02713 Contention for the intrinsic lock in the JMSConnectionHandle.createSession method
PI95709 PreferredServerlist are not saved as the sequence as defined by client
Java Persistence API (JPA) PH01768 Deadlock potential exists with orm xml processing for OpenJPA
PI97686 OpenJPA query cache miss results in classCastException
Java SDK PH03268 NullPointerException at JSF initialization
PH06389 JSF can leak JarFiles causing problems with application removal
JavaServer Pages (JSP)
PI99524 Remote code execution vulnerability in the JSF used by WebSphere Application Server
Messaging Providers PH05525 WLM is failing the SIB destination lookup even though me is running with out any issues
PH05890 Unexpected response from WebSphere Application Server to datapower client request
Migration PH01218 WASPreUpgrade.bat fails when path to java contains a space
PH01746 Potential privilege escalation vulnerability in WebSphere Application Server after migration (CVE-2018-1840)
PH01984 An ArePrimaryKeysEqual Exception is thrown when the DeploymentDescriptor for an Application contains an IconType entry
PH05565 Security domain definitions were not migrated correctly
PH06386 migration.sh is not supported on Solaris and should not be packaged
PH06941 SyntaxError: string constant too large in wasPostUpgrade app deployment
PI98798 MIGR0573W seen running wasPreUpgrade on node profiles
Object Request Broker (ORB) PH03646 Daemon ABEND0C4S in BBOOIND and possible termination
PI94719 WebSphere abend=00dc3000 rsncode=0a150001 moving node to new fix pack level
PD tools (for example: Log Analyzer) PH04941 Trace triggered by trace for use under L2 direction
PH06642 Back port diagnostic plan to 8.5.5.15
Plug-in PH04047 WAS plug-in v9 for HIS v9 and Apache 2.4. forward useragent_ip to support use of mod_remoteip in ihs v9 and Apache 2.4
PMI/Performance Tools PH01816 NullPointerException in RepositoryCache.getRCSDataSourceResources
PH05033 JVM runtime - processCPUUsage counter shows zero value
PH05230 Count not present in the PerfServlet xml output, under count TimeStatistic not present in the PerfServlet xml
Programming Model Extensions (PME) PH03333 Deadlock situation in DefaultWorkManager:AlarmManager
Runtime and Classloader PH02197 Server assocated shared libraries not being picked up by WebSphere Application Server
PI83239 After upgrade to WebSphere 8.5, some applications using JAXB classes have noClassDefFoundError messages
PI88219 WSVR0320W warning messages due to the deprecated module deployment classloading mode
PI91331 Isolated shared library's parent is missing in the search path
PI99339 NoSuchMethodException generated for the missing method in the urlStreamHandlerAdapter
Security PH01676 CreateKrbConfigFile command leaves pipe character in Kerberos config file for encrypt types
PH02461 Modifying OIDC RP custom properites in a security domain via the admin console resulted in duplicates
PH02480 CMSKeystore is removed when webserver deletion is on hold without admin config save
PH04174 Remove or update PI97281
PI97974 Invalid user id that contains a parenthesis should be escaped for standalone LDAP configuration
PI98604 CWPKI0666e: certificate "certificatealias " is not a personal certificate
PI98768 Weaker than expected security using WebSphere Application Server(CVE-2018-1719)
PI99402 Spoofing vulnerability in WebSphere Application Server Form login (CVE-2018-1695)
Session Initiation Protocol (SIP) Container PH01070 In a multi-homed environment a Via header field might not be set to the preferred outbound address
System Management/Repository PH00755 Fixing ConcurrentModificationException reported during multi sync operation
PH01546 JVM custom property to disable node synchronization
PH02503 Server creation fails with NullPointerException due to leftover application folders
PH03986 Code execution vulnerability in WebSphere Application Server (CVE-2018-1567)
PH03989 Issues with autodeploy feature on WAS 8.5.5 after applying fix pack 13
PH04060 Code execution vulnerability in WebSphere Application Server (CVE-2018-1904)
PH04723 An application contains was.policy file to apply additional permissions might not be detected and allowed to installed
PI91977 WebSphere Application Server config files length zero bytes
PI95973 Code execution vulnerability in WebSphere Application Server (CVE-2018-1567)
Transaction Service PH02450 WS-AT keeps consuming webcontainer threads
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI88318 Incorrect version number was displayed when running endptEnabler.sh or endptEnabler.bat
Web Services Security PH00569 Openid connect relying party handling of id_token expiry is not configurable
PH01752 Cross-site scripting vulnerability in SAML ear in WebSphere Application Server (CVE-2018-1793)
PH02192 OIDC RP extra <br/> tag added in saved post body
PH03525 OIDC TAI may not intercept requests to http:// endpoints
WebSphere Common Configuration Model (WCCM) PH00201 jsp_2_2.xsd is not packaged in the com.ibm.ws.wccm.jar
PH01005 NullPointerException when application provides a xalan jar
PI98177 Package objects not available from archive class loaders
Fix Pack 8.5.5.14
Fix release date: 20 August 2018
Last modified: 20 August 2018
Status: Superseded

Download Fix Pack 8.5.5.14
Component Security APAR APAR Description
Administrative Console (all non-scripting) PI84457 Incorrect handling of invalid parameters in the admin console
PI87791 WebSphere Admin Console error message invalid format
PI89327 MIGR0506E migrate a profile that is registered to an admin agent
PI89498 Privilege escalation in WebSphere Application Server Admin Console (CVE-2017-1731)
PI90042 Information disclosure in WebSphere Application Server Admin Console (CVE-2017-1741)
PI90487 Start/Stop from the admin console failes after a change to the processDef startCommandArgs or stopCommandArgs
PI91052 Set X-Content-Type-Options "nosniff" on Administrative Console
PI91328 Update struts.jar for latest fixes
PI91760 Classes are missing in the Administrative Console after EAR deployment
PI92079 Duplicate ports are assigned when the node uses different host alias in same host machine where the DMGR is running
PI92185 Accessing the Admin Console on MS IE or Edge browser causes some issues when mapping roles
PI92241 Admonconsole command assistance gave wrong output for EJBTimer
PI92513 MANIFEST.MF file in isclite does not get updated correctly with fix pack upgrade.
PI92600 SIB admin panels render incorrectly
PI94097 "Rollout Update" option not shown during app update for users with both deployer and operator role
PI94144 ORB ConnectionCacheMimimum cannot be set to 1 in the Admin-Console (10 is the current limit)
PI95655 Potential vulnerability in WebSphere Application Server (CVE-2015-0899)
PI98780 Web server definition show incorrect status
PI98928 Potential vulnerability in WebSphere Application Server (CVE-2015-0899)
PI99077 Options menu to set log trace pops up but doesn't set trace
Contexts and Dependency Injection (CDI) PI90637 Avoid concurrent modification of maps creating issues with timeouts
Default Messaging Component PI85830 JMS transit through the SIB corrupts double byte charactes
PI86995 Errors captured in SIB logs within output of ObjectMessage.toString()
PI87338 Expired messages will not be handled correctly when messaging engine will be restarted
Double Byte Charatcer Set (DBCS) PI94519 UserInternationalization javadoc contains broken links
Dynamic Cache PI96665 Servlet caching doesn't support HTTP 1.1 transfer-encoding: chunked requests
EJB Container PI92119 EJB embeddable container fails to start application with @schedule
PI92731 "CORBA.MARSHAL: incompatibility between stub and tie" on WebSphere Acheduler Application
PI93822 EJB Auto-Link fails for java:global with beanName provided
PI93950 NullPointerException from EJSContainer postInvoke() method
PI93952 CWNEN0030E when multiple deployed editions of an application contain the same environment entries
PI94171 IllegalStateException: the JTA transaction is not started or invalid
EJBDeploy (WSAD) PI73197 Enable Java 8 support for EJBDeploy on WebSphere Application Server
PI97841 Add missing database options to EJBDeploy on Admin Console
Enterprise Edition (EE) PI95175 java.lang.ArrayIndexOutOfBoundsException may be thrown when parsing XML files larger than 64k bytes
Federated Repositories PI88438 When defining a root base DN for a federated repository, display and login problems occur
PI88864 Duplicate users returned if LDAP connectivity errors occur during paged searches
PI90846 Exception occurs when a mapping exists for PersonAccount or Group, but not both
PI91971 Poor performance using file-based registry under load
PI92274 Server fails to start when Domino Ldap server is not reachable
PI93225 Users logging in with parentheses in their names cause "unbalanced parethesis error"
PI93552 java.lang.runtimeexception: an invalid XML character (Unicode: 0x0) was found in the element content:group
General PI56169 Wrong ID logged whne stopping an app server through the admin console
PI79520 Compute Grid proxy job abends with CC 4084
PI85595 Performance issue with SIB link connection when transferring large messages from one cell to another cell
PI88319 Expired SIB messages might not be deleted after a messaging engine failure
PI89274 IndexOutOfBoundsException when setting a list on DataObject
PI89997 ConcurrentModification error might happen when tracing AMM code
PI90792 PluginMerge script has issue when merge the ODR generated plugin with cell generated plugin
PI91256 ODCF8101E java.lang.nullPonterException thrown
PI92056 postInstaller messages are not printing out special characters
PI92182 Server stop processing gets hung up in SIB component
PI93374 Session affinity can be broken and result in errorneous 503S
PI93477 CWSIP0001E: an internal messaging error occurred in com.ibm.ws.sib.processor.impl.anycastinputhandler.co
PI94670 _setupsdk1.8_64_bundled.sh has 31 bit java_home
PI95381 OAuth 2.0 configured in a security domain may fail to initialize
PI95676 "in-use" count can be wrong after APAR PI77049 - causing abend=00dc3000 rsncode=0a150001
PI95821 Stabilize Product Insights Enablement
PI96041 Incorrect headers in outbound request with JAX-RS 1.1
PI96427 When mail trace is enabled passwords are changed to be *******
PI96436 Wink code logging every error 404
PI96471 "submit jobs" option not available in WebSphere v8.5.5 JMC
PI96616 Enable OSGI option cleanUponSave
PI96685 Vulnerability in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)
PI96748 Enhance workspace code to help reduce OOM problem
PI96826 IllegalArgumentException in classReader during the annotation scan
PI97045 Invalid Content-Type header logs ArrayIndexOutOfBoundsException.
PI97162 Multiple vulnerabilities in Apache Struts and Apache Commons that is used by WebSphere Application Server UDDI
PI97986 StringIndexOutOfBoundsException occurs when reading custom routing policies for OSGi applications
PI98928 LongRunningScheduler.ear affected by CVE-2015-0899
PI99029 Warn the user that Java SE 7 and 7.1 are going out of service in September 2019
PI99410 NPE happened in the SNMP Agent systemout.log
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
IBM i PI89504 Application server fails to start when generic JVM argument value contain blank(s)
PI95735 stopServer/stopNode/stopManager scripts hang when LOGOUTPUT is set to *pnd in QWASJOBD
PI95742 Fix pack 8.5.5.13 will fail to install if /QOpenSys/qQIBM/ProdData/JavaVM/jdk80 exists and is empty
Java 2 Connectivity (J2C) PI90290 NullPointerException when using JDBC custom property JDBCTimingThreshold in WebSphere v8.5.5.x
PI90388 The resource adapter sending a CONNECTION_ERROR_OCCURRED on a connection while it is in free pool results negative conn. count
PI90945 Autocommit is not being reset back to default when using non-transactional datasource
PI92626 Block the calling of several new methods on OracleConnection in the OJDBC8 12.2 driver that are unsafe
PI93901 NullPointerException in Admin Console when trying to display connection factory status for CICSECI resource adapter.
PI96072 NullPointerException in com.ibm.ejs.j2c.j2cutili
PI97001 Incorrect db2_classes16.jar file path in the default description for the DB2 UDB for iSeries (native) JDBC provider in WAS
PI97372 Intermittent J2CA0046E/NullPointerException when obtaining a connection from datasource
PI98140 Information disclosure in WebSphere Application Server (CVE-2018-1621)
Java Management Extensions (JMX) or JMX Client API
PI90009 Information disclosure in WebSphere Application Server (CVE-2017-1743)
Java Message Service (JMS) PI87580 NullPointerExceptions from webcontainer code
PI88594 Request to context root without trailing slash gets redirected, but the query string was not added to the redirect URL.
PI88676 Setting system date 100 years into the future generates an ArrayIndexOutOfBoundsException
PI89346 8.5.5.10 Control Region com.ibm.ws.xct.impl.xctstack OOM
PI96735 Access Log "maxFiles" attribute not working as intended with value of 0
Java Persistence API (JPA) PI92398 Under certain conditions OpenJPA can insert an embeddable into the datacache map
PI95766 DB representation of boolean values with POSTgres is incorrect
PI95871 Wrong context classloader in org.apache.openjpa.enhance.pc
Java SDK PI88850 High CPU issues from org/apache/myfaces/
PI90509 Fix for myFaces-3752
PI94947 Update of composite component within an ui:repeat doesn't work
JavaServer MyFaces (JSF) Apache MyFaces implementation PI87954 Hung thread issue in MyFaces getPropertyDescriptor
JNDI/Naming PI94660 Got a warning "NMSV0822W" message during a server startup
PI95598 Naming implementation in a IBM Thin Client for EJBs takes additional time while trying to look up EJBs in a wlp server
JSP PI82426 Incorrect output for JSP in an expression tag when using certain string concatenations.
PI87886 generated_web.xml is empty when installing an application using an exported EAR and when pre-compiling JSPs on the install
PI89577 Lambda expressions might fail to compile when using Java SDK 8 to compile JavaServer Pages (JSP)
Messaging Providers PI93516 JMS destination marked toBeDeleted cannot be destroyed and recreated
PI93628 Diagnostics for "CWSOM0005W: the ObjectManager found that the logfile was too full..."
Migration PI92469 Configurations of new target profile template remain untouched during migration although they do not exist in old profile
PI92480 Migration process omitted LDAP failover configuration
PI92605 WebSphere SSL protocol should be auto updated to ssl_tlsv2
PI92942 Migration changes the order of the login modules in the security.xml file
PI93298 Port conflict after migrating from v7 to v855x on the same server into the same directory
PI93466 Remote WASPreUpgrade fails on Solaris with "test: argument expected" error
PI93622 Migrating from WebSphere v7 to v8.5.5+ with a server-level security.xml causes post-upgrade NullPointerException
PI95217 WASPostUpgrade failed with MIGR0464E due to NullPointerException
PI97582 WASPostUpgrade failing with NullPointerException coming from the ServerIndexConfig
Other PI97486 Left panel of Admin Console does not disappear after auto log-off due to session timeout
PD tools (for example: Log Analyzer) PI92935 WAS 8.5 stopServer script intermittently results in hang, fails to stop server
Plug-in PI89525 Invalid plug-in path for property "PluginInstallRoot" is created for WebSphere on iSeries
PI91280 Secure transports may use the wrong timeout value if URL timeouts are configured using SetEnvIf
PI91879 ConnectionTTL="0" in transport statements in the plugin-cfg.xml
PI92967 IBM WebSphere web server plugin for iPlanet/SunOne sending wrong response code
PI93554 Plugin propagate does not work from commandline using genplugincfg.sh
PI94724 Admin console command helper generating an incorrect script command for adding StashfileLocation plug-in property
PI96048 Plugin generation should have a way to add removeSpecialHeaders to the configuration section
PI96130 HTTP2302: Function as_handler aborted the request without setting the status code
PI96649 Plug-in fails to write data with RC=10035 in windows
PMI/Performance Tools PI90503 Cannot start logging in TPV
PI97663 NPE in perfModules.getConfigFromXMLFile
Programming Model Extensions (PME) PI96604 StreamCorruptedException in workarea on WAS v8.5 with JDK 8.0.5.5 (SR5/FP5)
Runtime and Classloader PI72506 Support openConnection(URL, Proxy) using MultplexingURLStreamHandler in OSGI
PI84518 Administrative console libraries are not designed to be run with a "parent_last" application class loader
PI92979 High CPU due to the classloader stack
Security PI86770 Remove unsupported security events from audit log.
PI87414 After deleting the existing default certificates, the newly created default certificates are using SHA1
PI88044 Calling purgeUserFromAuthCache or a user that is in a group permitted to a role does not take affect.
PI88161 The ibm_security_logout page does not render correctly when the X-Content-Type-Options heade rvalue uses nosniff
PI90068 WebSphere Application Server v8.5.5.2 crashing after several minutes of running after InfoSphere DataStage 11.5.0.2 restart
PI92316 Inconsistent behavior with replacing SSL certificates
PI94021 Not able to renew a self-signed wildcard certificate.
PI94230 Certificate Monitor does not refresh RSA keys after renewal
PI94239 Certificate Monitor leaves temporary workspace
PI94291 Certificate Notification not working with SMPT Mail Server
PI95120 AuthCache not updated with renewed subject
PI95256 Enabling security audit breaks WebSeal Trust Association
PI96566 ArrayIndexOutOfBoundsException: array index out of range: 14
PI97281 Add jceks.key.serialFilter Java security property so that JCEKS keystores will work properly
PI98386 Allow the elliptical curve ciphers to show up in the high/strong ciphers list by default.
Security (zSeries®) PI96383 High CPU and increased AUX storage in WebSphere Daemon if connection is closed during SSL handshake
Servlet Engine/Web Container PI91920 Improve the SRVE0080E error message
Session Initiation Protocol (SIP) Container PI89322 Headers in the sipproxy.log are different than in trace.log
PI93796 SIP container uses a wrong interface for a loopback request
System Management/Repository PI69603 Extra data in FFDC file generated by JSR160RMIConnectorClient.reconnect exception
PI89938 Property file based configuration serviceability improvement
PI94228 Scheduler Services startup issues due to the resource binding issues with JNDI
PI94531 Update the default values of JVM options -xscmaxaot and -xscmx to decrease application server starup time.
PI94757 Issue with application edition management and ADMA0159W messages
Transaction Service PI53320 WS-RM internal error caused sequence containing application messages to be deleted
PI53384 WS-RM sequence reallocation processing may delete application messages from the persistent store
PI88168 WebSphere AppServer startup fails with WTRN0045W errors
PI89405 App Server Controller terminates with C9C21A44 followed by C9C21A30
PI92239 Client cannot unmount tranlog directory after calling disableMember on HAManager MBean when using memory-mapped files
PI93971 CR terminates after WTRN0108I: contextDisassociation. Unexpected state: 3 and failedXAResources = true
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI78733 Two service clients displayed on administrative console for an application
PI80913 WASAxis2ConfigurationBuilder loads the jax-ws-catalog.xml file using a call to 'getResource' instead of 'getResources'
PI83389 JAXBException error occurred when a JAXB class was not included in JAXBContext
PI86063 SAMLResponse XMLOutputFactory does not recognize the property "reuse-instance"
PI88248 ConcurrentModificationException error may occur when running JAX-RPC application
PI89987 Starting application fails with CWMDF0002E ArrayIndexOutOfBoundsException
PI91683 Require the ability to mask or remove the "AXIS2NS1" from the fault
PI92940 Avoid sudden high CPU usage and threads hung on busy servers.
PI94754 ADMR0024E: user <null> does not have the required role to access 1 document(s).
PI98251 Vulnerability in Apache Commons HttpClient used by WebSphere Application Server (CVE-2012-5783)
Web Services Security
PI78804 Information disclosure in WebSphere Application Server using SAML (CVE-2018-1614)
PI88253 OIDC RP secure flag not set on the OIDCREQURL cookie
PI88896 OIDC RP refreshed access_token is not put into subject
PI90373 OIDC RP authorizationEndpointUrls does not handle query parameters correctly
PI92210 OIDC RP configuration of location of sign verify certificate is not customizable
PI92332 OIDC RP does not support OP userInfo endpoint
PI94538 OpenID Connect relying party does not invoke the revocation endpoint on the OP on logout
PI95884 JAX-WS WS-Security cannot use SHA384 or SHA512 digest algorithms
PI96508 OIDC RP may not connect to token endpoint due to SSL handshake_failure
WebSphere Common Configuration Model (WCCM) PI89038 Annotation not processed in the ra.xml file during deployment of CTG cicseci.rar with websphere configured with Java 8
PI89708 The log4j-api-2.9.1.jar contains classes under the META-INF directory cause an exception during startup
PI90832 WEB-INF/lib classloader order specification
PI92105 Allow empty main-class attribute in MANIFEST.MF for application client module
PI93744 The log4j-api-2.9.1.jar contains classes under the META-INF directory cause an exception during startup
PI97612 Unset deployment descriptor attributes become set during deployment with web.xml using Servlet 2.5 schema
z/OS PI97012 CICS throws resp=8 resp2=34 going inbound via WOLA when servant is not started
Fix Pack 8.5.5.13
Fix release date: 5 February 2018
Last modified: 5 February 2018
Status: Superseded

Download Fix Pack 8.5.5.13
Component
Security APAR
APAR
Description
Administrative Console (all non-scripting) PI78907 Null pointer exception in the console when adding a new host with bad parameters
PI80683 Admin console resource environment custom property name in all capital letters may not be handled properly
PI82237 Increase the Java shared class cache size for WebSphere Application Server for z/OS servant address spaces
PI82507 WebSphere administrative console display consent banner before granting access
PI83039 Iscdeploys leaves temporary files
PI83138 Clicking the LDAP test query link causes NoSuchElementException which also leads to an NPE
PI83563 Update the Batik library in isclite.ear to 1.9
PI84716 com.ibm.WebSphere.security.spnego.useRACMAPMappingToSAF property value not displayed correctly in admin console
PI87525 EJB remote home binding setting is not displayed correctly on admin console
PI87667 Java 2 security is enabled briefly during WebSphere Appplication Server for z/OS server startup even when it is configured off
PI88509 ISC console's app deployment panel pause long time after finish button clicked, if clicked twice, deploys twice on large ear
Contexts and Dependency Injection (CDI) PI81536 NPE in InterceptorData.createNewInstance
PI82284 ConcurrentModificationException on sync session
PI82777 Modify OpenWebBeansConfiguration class to avoid thread locks
PI83251 NullPointerException during load test at org.apache.webbeans.context.SessionContext.isAnyRequestActive
Default Messaging Component PI81815 In WebSphere v8.5.5, messaging engine takes unusually long time to start after failover and throws CWSID0032W warning messages
PI86830 CWSIS1530E: the data type, 2, was found instead of the expected type, 3, for column
Dynamic Cache PI81162 DynaCache does not replicate alias entries
PI84946 TimeToLive is not updated when cache entry is updated
PI85747 Create a EntryInfo.SHARED_DEFAULT setting for the DynaCache sharing policy
EJB Container PI77856 EJB 3.x Stub class throws RemoteException for communication failure
Enterprise Edition (EE) PI80477 JAXB fails to unmarshal arrays with custom type inside @XMLElement annotation
Federated Repositories PI81497 When one base DN is the subset of another in a federated repository, LDAP failures occur
PI81722 Federated repositories throws AccessControlException when Java SecurityManager is enabled and an SSL connection is attempted
PI82111 Federated repositories fails to change password when IRE is Java 8
PI82306 Federated repositories uses wrong security domain
PI82997 Extra information may be in trace when configuring a RACF LDAP repository
PI83149 File registry XML file not synchronized to nodes
PI85881 Custom property handling for federated stand-alone LDAP registries needs updating
General PI82298 WAS controller region abends with AB/S0DC3 PRCS/03080002 after Modify RESUMELISTENERS
PI33088 Synchronization begin method does not get invoked on the restart of a top level job
PI65154 HeapDetect: error notifying monitor: 52 message appears during server shutdown
PI66886 Updates and fixes for endpoint job purge
PI73588 Deadlock occurs in SIP Proxy under heavy TCP load
PI75567 SchedulerException when deleting compute grid jobs from a clustered scheduler environment
PI77076 When enable "start components as needed", can t submit job from other cluster member not host the scheduler
PI77232 Compute grid property overrides passed for a sub-job restart fail to be applied
PI78935 Transactions become corrupted after CWSIC8007E, CWSIC2029 and CWSIK0016E error-messages in the JFapChannel
PI80020 NullPointerException occurs while starting DMGR in policyset
PI80078 When profileRegistry.xml file moved to non-default location, batch migration script fails during config backup processing
PI80333 Support CPU constraints in ProductInsights
PI80971 Allow modification of message driven bean bindings in OSGI applications to bind to listener ports
PI81191 Plugin with intelligent management enabled breaks affinity
PI81356 Incorrect jobstats caused application to hang
PI81396 Unable to register a Liberty server with product insights though an authentication required proxy
PI81527 In WebSphere v8.5.5, after a lost database connection, WSGrid hangs and jobs remain in submitted state
PI81591 WASService does not recognize running process
PI81699 Update the manifest file for com.ibm.jaxws.tools.jar to import javax.enterprise.inject
PI81891 DMZ SIP proxy parsing via header incorrectly
PI82240 Changes to XD_AGENTport may not updtae in the plugin-cfg.xml with intelligent management enabled
PI82522 NPE at com.ibm.son.mesh.CfwTCPImpl.ready(CfwTCPImpl.java:887) logged in ODCF8601E message after shutdown invocation
PI82527 ODR session affinity breaks when request contains multiple session cookies of the same name
PI82529 HTTP transport encoding CP943C will be used for JSTL params
PI82632 When a rollout fails, it takes a long time for the rollout process to finish
PI82642 Job log sections on the endpoint to fail on write when full
PI82819 Issue with allocating job numbers
PI83053 List elements go missing when moving the list from one dataobject into another
PI83231 Add support for CICS 5.4 in WebSphere optimized local adapters for Liberty and t-WAS
PI83279 GPF in com/ibm/ws390/tx/NativeTransactionContext.resume_tti
PI83363 Intelligent Management for Web Servers: When a Liberty server is stopped and restarted, the server might not be used for routing
PI83682 ProductInsights not reporting used JVM memory correctly
PI83743 The message CWLRB1800I: Job [xxx] Step [nnn] is skipped. is not printing in WebSphere 8.5.5.7 with compute grid
PI84083 Usage data is not queued if connection to Bluemix Product Insights host fails
PI84327 WAS Product Insights does not send in group name translations
PI84742 Disabling an application's 'Target Specific Application Status' while the application is running results in 404/503
PI84836 ACK request sent on 2XX retransmission might be mapped to the wrong application session
PI85138 CDI classloader leak when restarting application. CDI to create timer without classloader
PI85268 Hover help for plugin's RetryInterval is wrong in the WAS console
PI85386 Display problem of adminconsole at "InternalClassAccessMode"
PI85490 Deadlock caused by WsLogManager and SIB trace code
PI85519 During start up of the JVMS, receiving CWPTF0002W messages in the systemOut.log
PI85587 Java.lang.NullPointerException when starting an EBA containing an EJB
PI85865 NullPointerException in LRUHashMap
PI86097 Intermittent issues with APC promptly responding to lazy start DC
PI86758 Negative active session count is being reported
PI87029 ODR port update is not reflected in high availability plugin-cfg.xml
PI87050 Load module BBODPCRT can be deleted while still in use
PI87069 When running with Java8, EBCDIC strings data conversion shows wrong behavior
PI87522 getRequestUri() in a JAX-RS resource throws IllegalArgumentException when URI contains UTF8 characters
PI87542 During nodeagent startup NullPointerException in WORKPROFILERHAMANAGEDITEM, issue can be ignored
PI87613 Product Insights should be disabled when no config is present
PI87723 NullPointerException occurs during application start
PI88185 WXIM0127E invalid value specified for routingLocations
PI88776 Health policy log message for garbage collection percentage threshold exceeded is missing message Id
PI88907 Additional ODC application data sanity checks
PI88965 Bundle could not be resolved because of missing constraint JavaSE-1.8
PI89254 ActivityPublisher can move between DMGR and Node Agent, if ActivityPublisher is deactivated, NullPointerException occurs
PI89817 Delay when setting node into maintenance mode
PI90786 Web service injection processor not being registered
PI90804 Security vulnerability in Apache Commons used by WebSphere Application Server (CVE-2016-1000031)
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server
IBM i PI82400 Enhance queryWASInstalls to no longer use Java 6
Install PI86428 Handle Java 6 EOS on IBM i
PI89244 Java 8 is not installed on Linux Ubuntu 16.04
PI91734 Cannot install WAS 8.5.5.12 with embedded JAVA 8 on Windows 7 Professional SP1
Java 2 Connectivity (J2C) PI80822 NullPointerException thrown when requesting connections to a RAR from several threads
PI81163 Container-managed authentication alias not applied for JMS connection factories if mapping-configuration alias is not set
PI82761 Runtime performance advisor has hung thread w/ J2SDiagnosticAlertHelperImpl.java on line 419
PI83198 Muti-threaded deployment exposes race condition in connection factory initialization code
PI87631 High number of rollback/aborts occurring during connection validation for JDBC connection pools
PI88017 JMS connections from WebSphere Application Server (WAS) are not destroyed after upgrading WAS to fix pack v8.5.5.12
PI88123 JPA failure when defining data source custom property JDBCTimingThreshold
Java Management Extensions (JMX) or JMX Client API PI75519 Node federation fails because it can t find the IPv6 address
Java Message Service (JMS) PI80377 New activiation spec properties - control build up/flow of MDB requests
PI80680 WebSphere z/OS 8.5.5.10 control region abend 0c4 in XMemProxyCppUtilities::flushResponse(acrwObj*)
PI81124 Closing websocket session will throw NullPointerException
PI81329 NCSA access logs %b option output displays "-" instead of the size of the response in bytes
PI81342 Web service call is failing after applying latest fix packs + IFPI70810
PI81569 Introduce switch for getQueryString() to return original query string in forwarded servlet
PI81572 Parsing errors when the connection is reused and there is unread data on the wire after the response is read
PI81864 ConcurrentLinkedList tailSequenceNumberLock garbage collected
PI83369 Modifying advanced properties of activation spec resets arbitrary properties
Java Persistence API (JPA) PI80863 Issue with the way OpenJPA caches and reuses query parameters for between expressions when OpenJPA's QueryCache property enbled
PI81260 OpenJPA does not passthrough SSL connection properties that set using openjpa.ConnectionProperties when creating Db2 connection
PI81931 org.apache.openjpa.lib.util.ParseException
PI84016 JPA application behavior changes after migration to WAS 9.0.0.4
PI84428 ArrayIndexOutOfBoundsException from OpenJPA for @EmbeddedId
Java SDK PI80895 MYFACES-3415 - [UI:REPEAT] field value disappears if validation error exists on current site
PI85250 Hung thread issue in Myfaces _getMetadataTarget
PI86494 Messages returned from JSF APIs are in the incorrect order
PI87299 Information disclosure in Apache MyFaces affects WebSphere Application Server (CVE-2011-4343)
PI87300 Information disclosure in WebSphere Application Server in JSF (CVE-2017-1583)
JavaServer MyFaces (JSF) Apache MyFaces implementation PI82893 Javax.faces.INTERPRET_EMPTY_STRING_SUBMITTED_VALUES_AS_NULL value affects display behaviour for required fields
JavaServer Pages (JSP) PI85892 ClassCastExceptions while doing a naming lookup for BeanManager
JSP PI82193 ClassCastException with TransformerFactoryImpl when running JSPBatchCompiler
Messaging Providers PI76990 Mediation points stuck in waiting for status
Migration PI76634 Migration disabled source node prior to successful sync
PI81328 Running WASPostUpgrade fails with AllAuthenticatedUsersInTrustedRealmsExt
PI83890 Migration is not handling SPNEGO security settings correctly
PI85014 Remote WASPreUpgrade fails with Embedded Derby exception
PI89175 WASPreUpgrade.sh with "-machinechange true" fails with error MIGR0104E
PI89790 The zmmManagedNodeInstructions.html file is generated with an incomplete body element in the ZMMT tool
Object Request Broker (ORB) PI85206 ABEND0C4 PIC-11 in module BBOCLSCC, a WOLA module running in a CICS region address space when stopping zWAS server timing window
PD tools (for example: Log Analyzer) PI80995 Asynchronous log records does not show up in systemout.log
PI82686 The -summary option information is missing in the -help option in the collector tool
PI82911 Ulimit value to be printed to logs
PI85570 collector.sh script may not be updated with new maintenence under certain condition
PI85899 Collector tool failed to gather all docs
PI87581 Trace output in runtime tab will show memory buffer as trace output instead of none
PI88370 Memory buffer trace output performance is slow when basic trace format is used
Plug-in PI81951 Client failure may occur when the web server plug-in connection is reused and previous connection timed out waiting for response
PI81973 iPlanet Web Server cannot load the WebSphere plugin on Solaris x86
PI82314 Application response without a reason phrase causes plug-in to return 500 error
PI84620 WebSphere plugin needs better message for a wrong CertLabel
PI86280 Several misleading debug level messages in the WAS webserver plugin
PI86414 400 is thrown when ESI is enabled but the response from the app server does not indicate ESI caching and client disconnects
PI89253 Unable to use ECDHE cipher on outbound handshake from HTTP server plugin
PMI/Performance Tools PI77706 TPV statistic counter is aggregated incorrectly
PI82624 PerfServlet application returns empty version information
Profile PI85714 PCT command line - WCTCMD - with response file fails to configure IHS admin
Proxy Server
PI82630 Potential information disclosure with WebSphere Application Server proxy server or On-Demand-Router (ODR) (CVE-2017-1381)
Runtime (zSeries®) PI81698 ABEND00C and ABEND0C4 in was after stop was issued
Runtime and Classloader PI52066 clearClassCache.sh on z/OS completes with RC 1 even though the script worked
PI75794 JDNI namespace scoping issue occurring during runtime
PI80620 Message WSVR0655I is seen continuously in the systemout.log
PI82621 Handle NPE and emit servicable failure message when parsing server endpoint metadata
PI86187 Bootstrap code to check the WebSphere product version XML files for updates to determine OSGI cache state
PI88036 Export com.ibm.WebSphere.product.metadata.im packages within
Security PI78326 WebSphere sub-domain servers with SPNEGO Web authentication getting error SECJ6236E
PI80170 The managementScopes element fails to be deleted from security.xml when removing a server via WAS admin console
PI80721 WebSphere default chained certificate doesn t have DNS names under subject alternative name field
PI80962 Creation of remote keystore fails when existing keystore is specified
PI81050 Client certificate authentication failure does not fall back to basic authentication
PI81168 NullPointerException when attempting to create a keystore remotely in wsadmin
PI82135 Converting certificates in cms keystore may not delete an old signer certificate
PI82342 Each ORB/EJB request is making 3 LDAP search requests
PI82509 The value of property mapping.targetRealmName is not passed to Db2/RACF via the data source
PI82746 NPE at org.apa
PI83677 Monitor role not showing fips information
PI85356 Unable to delete keystores - corrupted deleted.p12
PI85394 When using webapp security a session may be created even if one should not be created for the request
PI86143 Dynamic outbound SSL configuration incorrectly matching outbound request
Servlet Engine/Web Container PI82547 NPE during servlet initialization process
PI88642 Information disclosure in WebSphere Application Server (CVE-2017-1681)
PI89628 A directory might not be found when using JDK8 SR4 PK10
Session Initiation Protocol (SIP) Container PI78794 The SIP Container fails to parse a message when the size exceeds 2048 bytes and double CRLF is sent prior to the message
PI83395 In a multi-homed environment, multiple 200 responses are not proxied back to the originating endpoint
PI86498 Record-route header field might contain incorrect port
PI86934 WebSphere SIP container delays 10 seconds when DNS is unreachable
PI87745 In a multi-homed environment WebSphere puts wrong address family in a SIP response contact header field
PI88312 NullPointerException might be thrown when a failover occurs in WebSphere SIP container
System Management/Repository PI75986 Incorrect java library path set when a server SDK is different from the node/profile SDK
PI77669 Sequencing of PAUSELISTENERS/RESUMELISTENERS
PI78268 Allow option -Declipse.security to only be specified when Java 2 security is actually enabled
PI80126 Application server fails to start, and throws a NullPointerException
PI81263 IWAE0006e archive is not a valid EJB jar file because the deployment descriptor cannot be found
PI88658 When using a property file for autodeploy with the parameter userdefaultbindings the ear is saved with different permission
PI89521 AdminTask.extractConfigProperties is too slow
PI89756 Reimplements the fixes for PI75986 and PI78268
PI90276 Set default value of JVM option -Xscmaxaot to 8m to decrease application server startup time
Transaction Service PI59372 Deadlock may occur in CScope RecoveryManager
PI67513 ClassCastException thrown during ActiveMQ resource recovery
PI73138 Transaction recovery may fail when a resource adapter is embedded in an installed application
PI74163 WebSphere Application Server for z/OS started in recovery-only mode fails to complete when the compensation service is enabled
PI81452 Improve serviceability for activity service
PI82951 WTRN0100E: server stopping but no reserved connection when closing SQL recoverylog occurs when stopping the server
PI89985 Update WMQ RA to version 7.1.0.9
Web Services Security PI61915 More diagnostics required when the SAML Web SSO redirect URL is null
PI75355 ADMA0078W the file cannot be deleted when deploying new version of our applications, can t delete old version of application
PI80543 OIDC TAI cannot dynamically build callback URL
PI80549 OpenID Connect (OIDC) Relying Party (RP) does not support post introspection endpoints
PI82308 OpenID Connect (OIDC) relying party (RP) loses URL fragments during the login process
PI84244 OIDC RP does not restore single-quote characters in post data
PI86752 OIDC RP is requiring optional iat claim in introspected access token
PI87354 OpenID Connect (OIDC) Relying Party (RP) does not logout user if OIDC session cookie is not present
WebSphere Common Configuration Model (WCCM) PI78526 EJBDeploy tool fails when setting metadata-complete during deployment
PI82255 Call in violation of protocol message during annotation scanning
PI82698 Remove "failed to open resource" warnings
PI88862 Failure to delete temporary file during application deployment
PI88964 CWWAM2601E errors during the startup of WebSphere Application Server v9.0
PI89038 Annotation not processed in the ra.xml file during deployment of CTG cicseci.rar with WebSphere configured with Java 8
PI89196 Bug 304213-CacheManifest.getManifest returns NULL
PI89385 Incorrect MSK time in com.ibm.icu.jar

Back to Top

Fix Pack 8.5.5.12
Fix release date: 21 July 2017
Last modified: 21 July 2017
Status: Superseded

Download Fix Pack 8.5.5.12
Component
Security APAR
APAR
Description
Administrative Console (all non-scripting) PI56575 No command assistance link after updating the session pool properties of a connection factory via admin console
PI60748 Incorrect warning in admin console with changing from 64-bit mode to 31 bit mode
PI67851 Console show items at the following authorization group level does not show drop down
PI70627 Potential cross-site scripting in WebSphere Application Server Admin Console (CVE-2016-8934)
PI71198 Console getting blank page when clicking on rollout update
PI71926 Bind DN not saved correctly when editing security configuration
PI72154 Bind password is "pre-populated" incorrectly in VMM panel and authentication error comes up
PI73367 Potential Cross-Site Scripting in Admin Console (CVE-2017-1121)
PI73570 Different behavior observed when updating PMI statistic thru admin console and using wsadmin script
PI74709 Selecting to update multiple roles in an application causes the original users to be updated incorrectly
PI76088 Potential security vulnerability in WebSphere Application Server Administrative Console (CVE-2017-1137)
PI77447 Inconsistent port assignment when creating multi_node cluster with wsadmin scripting
PI77682 Server.xml may have unexpected tags when server is created based on a custom template
PI78745 Update the custom property values for Virtual Member Manager for a custom property table
PI79650 System property to disable admin console loginForm when certLogin is required
PI80889 Potential weaker than expected security with Admin Console (CVE-2017-1501)
PI82078 Cross-site scripting issue in WebSphere Admin Console (CVE-2017-1380)
PI83464 Failure when attempting to create profile for cell BBOWWPFC
Administrative Scripting Tools (for example: wsadmin or ANT) PI70895 IllegalArgumentException may occur when running AdminJDBC.createDataSourceAtScope with @ and commas in the URL
PI74657 AdminServerManagement.stopAllServers() throws error when the servers are already stopped
Contexts and Dependency Injection (CDI) PI31136 Methods of conversation should throw ContextNotActiveException when scope not active
PI66630 UnsatisfiedResolutionException thrown in non-CDI environment
PI70218 Stale ApplicationContext in webContextsService
PI70323 Principal injection does not inject unauthenticated subject when there is not an authenticated subject in the context
PI72275 Injection does not work during concurrent initialization
PI74201 Collections.synchronizedMap does not perform as well as it could under high load
PI74454 Infinite loop restoring session context from failover
PI76412 NullPointerException generated on sessionDestroy
PI76509 Hang on org/apache/webbeans/context/sessioncontext.addchildrequest
DB Connections/ Connection Pooling PI80294 During application server startup, the EJB timer service fails to start
Default Messaging Component PI75834 MDB application startup failed due to CWSIP0211E
Dynamic Cache PI73233 Servlet caching cannot parse WebSphere Development Tools generated cachespec.xml based on cachespec.xsd schema
PI73339 Unable to define an alternate cache provider to replace the default dynacache cache provider
PI78148 SRVE0014E rom dynacache component after upgrading
PI78552 DYNA1064E while calling "getIdsSizeDisk()" by commerce when XS is used as cache provider
PI81077 NullPointerException at ESISupport.parentResponseIsJSFFacesServlet in an async servlet with servlet caching enabled
EJB Container PI66621 ReferenceContextImpl caching empty list of targets for JSP classes
PI69192 Remove unneeded information from FFDC log file
PI79302 Javax.ejb.Timer cancellation does not work as expected if uniqueTimerManagerForNP=true
Enterprise Edition (EE) PI70714 Potential NullPointerException during JAXB unmarshalling
Federated Repositories PI65681 SECJ0363E errors with IllegalArgument exceptions from SDOUtil.createDataObject
PI67955 LDAP connection timeout leads to NullPointerException
PI69071 Wsadmin changeMyPassword command on file repository user command fails with caller is not in the required role
PI72152 GetIdMgrLdapServer should obfuscate bind password in logs
PI75159 A base entry of "root" defined on a MicroSoft Active Directory LDAP server is not supported
PI75642 It is slow to open "Manage Groups" page in WebSphere administrative console
PI75684 User and group DNs contain extra escaped spaces for RDNs with multiple trailing spaces
PI76481 LocalServiceProvider initialization fails with NullPointerException
PI79440 NullPointerException in URBridgeXPathHelper.getExpression()
PI79452 NullPointerException in LdapConfigManager.getSupportedProperties()
PI79781 Federated repositories fails to search repository when overlapping base DN's exist
General PI61450 Apache Wink code does not remove quotes from the boundary value. CONTENT-TYPE: MULTIPART/MIXED; BOUNDARY="SIMPLE BOUNDARY"
PI63058 Add timeout to OAuth cache
PI65490 Incorrect status of the job when end point server is restarted
PI65688 MergeException at application start up
PI66789 WSGrid jobs not getting ended status returned when using SIBus
PI68308 High CPU in RMFGAT address space with most time spent in WLM module IWMI2PVT
PI68375 Local EJB references created from annotations incorrectly resolved as remote references
PI69922 Javadoc AppConstants.APPDEPL_* fields are incorrect
PI70001 Controller abends with 0c4-3b in CF_TCP_Connection::init_As_Client
PI71380 Allow SAML web inbound to retrieve saml assertion from an http request parameter
PI72848 Provide mechanism to retrieve WS-RM messages via SIB message store dump
PI72917 SQL timeout while updating CHECKPOINTREPOSITORY table
PI73393 Ampersand character is not escaped by XCI serializer
PI73403 ManageSDK help for -enableProfileAll task is missing -user and -password
PI73632 Java batch job scheduler is unable to refactor the job log file
PI73829 Multiple occurances of the same stack trace are filling up the logs
PI74264 ArrayIndexOutOfBoundsException generated by session management when application is managing HTTPsession through a framework
PI74491 z/OS: WOLA CICS messages: message and documentation updates messages prefixed with BBOA
PI75485 Issue message explaining from where session timeout is picked up
PI75573 Destroy session and conversation contexts before application context
PI75583 Link session to current request on session spawn
PI75593 Support third-party JAX-RS providers when jaxrs-1.1 feature is configured
PI76992 Provide connectivity with IBM Cloud Product Insights
PI77770 Potential cross-site request forgery with WebSphere Application Server enabled with OAuth (CVE-2017-1194)
PI78316 Xml parser validating normalizedString and token data types incorrectly
PI78540 WsSessionMgrComponentImpl throws NullPointerExceptions
PI78849 ManageSDK gives error deployment manager not running when running on node with security enabled
PI79939 Missing Java runtime version information in the header of the high performance extensible logs (HPEL) binary logs
PI79990 The copyzos.sh script produces a "EDC5003I Truncation of a record occurred during an I/O operation" error
PI80467 Update how cells are obtained from the ORB cell pool
PI81025 ManageSDK command will log wsadmin interaction
PI82110 Provide JDBC hang detection and timings feature to V9 and V855
PI82689 NPE is thrown from InterceptOrHandler.resolveDecoratorDelegateHandler
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server.
Install PI75153 Process detection is running when IM is invoked with -record and -skipinstall arguments
PI77184 WebSphere AppClient silent installation failing when using Installation Manager imcl command
PI77292 WAS_Classpath in profile level gets overwritten by the WAS_HOME/bin/setupcmdline script
PI77304 VersionInfo shows Java 6 after install of IBM HTTP Server 8.5.5.11 with Java 8.0
PI78138 Java version not updated after install of interim fix on App Client V8.5.5.11
PI78601 The -installfixes option does not correctly handle superceding ifixes
PI79037 javax.xml.parsers.DocumentBuilderFactory cannot be instantiated
PI79103 VersionInfo does not show default Java 6 or Java 8
PI79731 Javax.xml.steam.XMLInputFactory could not be instantiated
PI82108 Issue a message about JDK 6 EOS for IBM i
Intelligent Management Component PI71329 DeadLock detected in NodeAgent process during shutdown of node
PI72200 On-Demand-Configuration (ODC) support for the Intelligent Management (IM) enabled web server routing rules feature
PI72201 Configuration objects and AdminTasks in support of the Intelligent Management (IM) enabled web server routing rules feature
PI73529 High CPU in ODR code caching
PI73782 Customization of log Filenames and paths affected by WAS variable SERVER_LOG_ROOT
PI74450 Deadlock detected in nodeagent process during shutdown of node while users are unsubscribing from topics
PI74867 Health policies that have a "restart server" action occasionally do not restart due to port conflict
PI75474 Some request receive 404 or 503 when introducing a new ODR routing or GSC rule
PI76533 Modules in $WAS_INSTALL/lib are missing the program control bit
PI76865 Converted static cluster continues to show TYPE=static
PI76949 The 'IN' operator of Intelligent Management: HTTP operands does not work
PI77226 Additional retry logic needed for PI74867
PI77254 DMGR or Node Agent times out during shutdown issuing AdminException ADMU3060E
PI77303 APC is taking a long time to issue a runtime task to start an application server
PI77452 AdminTask.setMaintenanceMode sets the wrong server when the node name is wrong
PI78238 Due to a timing issue, sometimes APC will lose server information and not make placements as a result
PI78774 On Demand Router routes request to web module mapped with less specific virtual host match
PI79951 IHS plugin with IM enabled does not set IM.ENABLED=TRUE cell custom property which is necessary for complete routing data
PI79967 ODR custom log does not observe DST
PI80230 Setting WebSphere configuration problems validation policy to high causes custoom action policy creation issue in admin console
PI80862 Dynamic cluster template does not persist change to modify log rotation from file size to a 24 hour period
PI80972 PAUSELISTENERS command issued using the process name instead of server shortname in edition control center
PI81916 Changes in custom health actions are not picked up when nodes automatically synch
Java 2 Connectivity (J2C) PI66697 J2CA0041E exceptions may occur when ComponentMetaData instance is null in method GetObjectInstance
PI69995 Incorrect exception message CWTE_NORMAL_J2CA1009 displayed instead of translated error message
PI71092 java.lang.UnsupportedOperationException when accessing tested data source
PI72640 java.lang.IllegalStateException is seen during database operations
PI77612 J2CA0045E ConnectionTimeout happens too often after upgrading to 8.5.5.11
Java Message Service (JMS) PI59008 The error CHFW0031E invalid call to WSByteBuffer method generated when stopping the server
PI67946 Using pause_listeners_include_cra causes all activation specs to be resumed regardless of prior state
PI69684 Message processed by not_supported MDB listening in SR using bindings mode remains on destination
PI70081 When using AIO, performance issues can occur if a high number of open connections are opened on a pollset
PI70810 SNI hostname not being picked up correctly
PI76539 AdminTask.republishEDMessages fails due to insufficient or empty credentials
PI77306 Deadlock may occur when stopping listener port
PI78738 Loop while closing an SSL connection
PI78975 Increase the configurable limit of the maximum header field size
PI80222 Change default of EnabledBuildBackupList to be true
Java Persistence API (JPA) PI66193 Memory leak in JPA persistence provider
JSP PI69870 IllegalAccessException on EL expression that processes isLast() of object referencing varStatus in JSTL for-each tag
PI73022 JSP comments containing "%>" might throw a StringIndexOutOfBoundsException
PI79800 The JSP engine is not processing EL expressions correctly when they are in large blocks of character data
Messaging Providers PI71240 SIB message deadlock after servant is restarted due to ABENDEC3
Migration PI75028 WIM user registry not working after migration
PI75257 LoginModules ordering issue on migration
PI79041 -requireEmbeddedDBMigration setting is not available on z based migrations
PI80073 WebSphere migrations to V855 give old sdk warnings
Object Request Broker (ORB) PI73950 Issuing the PAUSELISTENERS command is causing some HTTP requests to fail
PI76979 Timing window where timers are not calculated correctly
PI77049 Server is able to restart after ABENDDC3 RC 0A150001 when it should not
PI79561 Add a timer to abend servant at shutdown if there are stalled threads
PD tools (for example: Log Analyzer) PI66291 IllegalArgumentException when enabling HPEL with text logging disabled
PI69131 VMDUMP039I Processing dump event "GPF", please wait. During WebSphere servant region abnormal termination
PI69845 Deadlock when the Java logging framework logs a warning in com.ibm.ws.logging.WsLogConfigurator
PI70169 Potential cross-site scripting in WebSphere Application Server Admin Console (CVE-2016-8934)
PI71530 WsLogManager deadlock
PI72211 HPEL logging fails to export the trace from the log viewer if there are spaces or a space in the directory path
PI73425 Non-admin users cannot export HPEL logs when log format is set to basic/advanced
PI73818 Include interim fix install history for collector tool
PI76878 z/OS: LE ESTAE extension BBORLEXT update to suppress dumps for PGM checks of type PIC 7 / 0c7 with DXC code of x'00' / 0x00
PI78318 HPEL message content filter is not working on multiline messages
Plug-in PI72525 Plugin generation creates erroneous directories when implementing log rotation
PI73674 com.ibm.websphere.PLG.zos.v85 fails to install
PI74689 Sun ONE Web Server uses ConnectTimeout for handshake and 100-continue
PI74882 Plugin should always present the ConnectionTTL property
PI75603 Plug-in LIBODR does not utilize all of the xml's SSL configuration
PI76515 Fix for GenPluginCfg to account for admin console's command assistance
PI76835 Connections between web server and client may remain open when using intelligent management
PI77124 Plugin does not persist custom ServerIOTimeout value to existing stream
PI77181 Plugin config lock is not released when dynamic cfg update is attempted which disables intelligent management
PI77606 Domino plugin fails on IBM i for V8.5.5 and higher
PI79439 IHS 9.0 / Apache 2.4 with intelligent management enabled does not work after a graceful restart
PI79492 Plugin is crashing because it cannot open the log file defined in its configuration
PMI/Performance Tools PI70346 NullPointerException seen in nodeagent SystemErr.log during TPV performance monitoring startup
Portlet Container Environment PI74986 NullPointerException in portlet container method StringUtils .convertMapToString if tracing is enabled
Profile PI67988 PrintDebugInfo: /websphere/base/appserver/bin/zCreateProfile.sh 205 FSUM7351 not found
PI71878 Manageprofiles command unable to select SSL protocol to use TLSV 1.2 or SSL_TLSV2
Programming Model Extensions (PME) PI66837 Indirect JNDI lookup failed with a NullPointerException in async bean code WSVR0600W
PI68743 NullPointerException may occur in async bean code
Runtime (zSeries®) PI65226 z/OS: hang in XMEM proxy code reading parameter from HTTP request body following multiple COMM failures
Runtime and Classloader PI61238 Failure to load class in project deployed from workspace
PI63856 Thread pool reuses threads instead of dispatching to new threads
PI65836 Javacores continuously created on a hung thread
PI68791 NoClassDefFoundError when using shared library and BLA
PI78941 An application server may use an unexpected Java SDK after updating to SDK 8.0
Scheduler PI74952 Classloader leak caused by EJB timer thread
Security PI66478 Security code incorrectly calls JAXBPermission class
PI69664 Data in dynacache may be overwritten when LTPA tokens of multiple requests expire at the same time
PI69884 CMS option is not shown in IKeyman pulldown list
PI71849 The Anonymousxxxxx directory of wstemp is stored by binaryAuditLogReader command is never deleted
PI72003 Unable to delete remotekeystore from administrative console due to CWPKI0039E
PI73842 Intermittently Java 2 security runtime thrown the warning message SECJ0314W during application startup
PI73938 Dynamic outbound endpoint SSL configuration does not pick up correct hostname and SSLConfig
PI75196 WebSphere JVM aborts when you try to stop the server with a non-existent user in local os registry in Linux Red Hat V7
PI76562 The expirationMonitorNotificationPeriod is set to zero by default
PI77129 Request method might be changed from get to post while processing an invalid WASPostParam cookie
PI79988 Migration failure when SSL protocol is TLSV1.2
Session Initiation Protocol (SIP) Container PI76983 Wrong network interface being used for SIP signalling
PI79119 With number.of.parse.errors.allowed set to -1, WebSphere drops well formed requests
System Management/Repository PI69590 MetaDataCompleteForModules section is missing from the output of AdminTask.extractConfigProperties
PI71223 When the clusters are started some applications show as stopped but they are running
PI73519 Potential Denial of Service with SOAP connectors (CVE-2016-8919)
PI75160 AdminTask.extractConfigProperties is failed with WASResourceException: java.util.NoSuchElementException
PI77078 CustomService configuration object created using property file based command cannot be viewed from console
PI77601 Wsadmin ExtractConfigProperties command triggers InvalidAttributeName error
PI79343 WebSphere Application Server may have insecure file permissions (CVE-2017-1382)
PM69415 Update needed to FFDC log when server stopped for a second time
Transaction Service PI53380 WS-ReliableMessaging sequence may be misidentified as not existing
PI66462 Transaction log column is too short and reports a SqlDataException
PI69918 Synchronization issue in the EBAClassLoader causes OSGI application startup to fail due to java.lang.LinkageError
PI72028 ActivityPendingExceptions are thrown in the event of a JAX-WS request timeout that propagates a WS-Business activity
PI72179 Transaction logging to RDBMS refinement for JDBC4.1 compliance
PI72191 Control region abend after BBOT0004E: RRS service ATRAFGT failed with return code 730
PI73221 java.lang.stackOverflowError may occur in JAX-WS web service client when processing provider side WS-Policy
PI73262 ScheduledExecutorService implementation does not use correct time interval if not specified in TimeUnit.MILLISECONDS
PI74356 java.lang.illegalArgumentException: logger passed as argument to SetAttributes must be a named logger
PI74862 Update IBM WebSphere MQ JCA resource adapter to version 7.1.0.7 + APARs IT14385 and IT15559
PI75181 Stackoverflow is caused by repeated calls to: ibm.wsdl.definitionImpl.getAllServices
PI75985 ClassCastException processing JAX-RPC request containing whitespace in WS-Coordination context
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI34058 Web Service Client policy sets might not function correctly if Application Editions are in use
PI65042 Part of content in an element is lost after invoking a web service
PI70321 Spurious WSSC1013E error logged by JAX-RPC web service
PI72518 Web services call failed with 500 (Internal Server Error) response and Content-Length 0
PI73343 Web project with @WebServiceRef does not generate ibm-webservicesclient-bnd during deployment
PI74335 WSWS3396E handler error: protected state violation
PI76816 Message WASX7008E incorrectly reported a flawed integer port
PI79863 Different prefixes are used for the same namespace url
PI80922 Issues with responseWrapper after PI60666
Web Services Security PI69720 CWWSS7542E error in web services security SAML can be misleading
PI70402 SAML Web SSO OutOfMemory in KeyStoreManager
PI73318 Unique Cookie Names in WebSphere Application Server Traditional OIDC RP can accumulate on the browser
PI74857 Privilege escalation in full profile OIDC RP (CVE-2017-1151)
PI75095 OIDC ClassCastException java.util.ArrayList
PI76017 JAX-WS WS-Security Error CWWSS5634E with relative URI
PI78336 WebSphere Application Server OpenID connect Relying Party jndiCacheName Property does not work
PI80317 OpenID Connect (OIDC) Relying Party(RP) may store incorrect data in DynaCache
WebSphere Common Configuration Model (WCCM) PI64475 Incomplete metadata obtained for JavaEE modules when multiple resources are used
PI65464 High CPU utilitization may occur when copying business objects
PI70110 EJB jar metadata TransactionAttribute may be incorrect
PI71928 EJB injection failing for some EJBs inside JSF backing beans
PI72163 Deployment manager crashes with OOM when application is deployed
PI76106 @Resource annotation loses shareable and AuthenticationType attributes
PI76439 Application client module created when empty "main-class:" found in manifest.mf of jar
PI78493 Servlet container initialization can fail on server created from template
PI81911 NullPointerException might occur if WTP trace turned on
z/OS PI69959 BBO# should allow for a transid to be included on CICS link command
PI78153 OTMA client timeout cannot be configured for WOLA

Back to Top

Fix Pack 8.5.5.11
Fix release date: 23 December 2016
Last modified: 23 December 2016
Status: Superseded

Download Fix Pack 8.5.5.11
Component
Security APAR
APAR
Description
Administrative Console (all non-scripting) PI60292 The admin script offered after creating a MailSession via the administrative console is incomplete
PI65059 Administrative console servlet exception in user and groups administrative group roles
WebSphere Application Server is affected by Apache Struts vulnerability (cve-2016-3092)
PI65602 SRVE0278E - Missing ibm-web-ext.xmi in iehs.war
PI65924 Pipe "|" symbol cannot be used for external provider URL when configuring a 3rd party JMS provider.
PI66439 Session management bread crumb incorrect
Contexts and Dependency Injection (CDI) PI42311 EJB interceptors not called intermittently
PI51620 NullPointerException when doing injection with com.ibm.ws.cdi.immediate.ejb.start set to true
PI55406 IllegalAccessException occurs when multiple users access.
PI58561 WebBeans referencing classloader causing memory leak.
PI58669 CDI javax.decorator.decorator annotation not working as expected
PI59487 OutOfMemory error due to view scoped beans not being garbage collected
PI60228 CDI injection not working after application restart
PI61034 Classloader leak in ScannerServiceImpl
PI61397 Ensure application scoped context is initalized properly and active during bean preDestroy
PI62583 IllegalArgumentException in CreationalContextImpl only when trace is enabled
PI63475 NullPointerException in CDI
PI64231 Classloader leak in JcdiComponentImpl.
PI64266 Memory leak detector producing false positive reports
PI64374 Race condition with session scoped contexts
PI68889 Startup bean initialization failure is ignored when CDI is active
PI69193 ContextNotActiveException in SessionScoped bean preDestroy()
Default Messaging Component PI31587 Service integration bus messaging engine fails to start if DB2 version is higher than 10.1
PI64827 JMSDestination header field is missing for the MQ inbound messages which don't have destination header information
Dynamic Cache PI62769 Disk off-load is turned off if app invokes the clearMemory API
PI68741 HTTP status code 200 is returned to a client when the servlet or JSP throws an exception
EJB Container PI60567 New system property to configure the EJB pool wait timeout
PI62639 NullPointerException in CDIEJBManagedObjectFactoryImpl.getEjbDescriptor when creating EJB instance to pre-load the bean pool
EJBDeploy (WSAD) PI71611 EJBDeploy operation fails with java.lang.NoClassdefFoundError exception
Enterprise Edition (EE) PI67707 Inherited methods are ignored in the XLXP2 unmarshaller when scanning JAXB class for before/after events
General PI54362 Session manager error messages SESN0202E and SESN0201E need more details
PI56589 User or group mapping to a security role fails for EBA application if it belongs to a user registry configured in security domain
PI58666 JobScheduler in WebSphere Batch fails to start with CWLRB6261E
PI60843 Message "CWSIS1577E: The persistent dispatcher cannot accept work" needs improvement
PI60850 CWSIS1578E message content should be more meaningful regarding why spill dispatcher cannot accept work
PI62655 SQLFeatureNotSupportedException may occur when Oracle native SQL statements are used
PI62976 Controller region abends with 0C4-11.
PI63329 The EJBDeploy component adds functionality to work with an alternate JDK for Portal users.
PI63536 AdminAgent login: com.ibm.wsspi.IPluginRegistryFactory getPluginRegistry error getting registry
PI64084 Microsoft Windows start menu items are confusing when multiple profiles created
PI64288 ClassNotFoundException occurred when executing LaunchClient script with web service application.
PI64662 When application server and nodeagent restart, bundle cache is re-expanded
PI65021 Rollback Batik library to 1.6.1 because it breaks Intelligent Management charting
PI65190 Modifying a copied tree causes corruption in the original tree
PI65760 Map users or groups not showing available users on the first time the page loads.
PI65815 Apache Commons FileUpload Vulnerability (CVE-2016-3092)
PI65853 WebSphere Application Server Web Container affected by Apache Struts vulnerability (CVE-2016-3092)
PI65857 Modify the default for the maximum number of headers
PI66463 Error on OTMA_open call, RC = 8, RSN codes = 100 : 8 : 24 : 2 after upgrade from 8.5.5.7 to #9
PI67166 EJBDeploy component fix for Portal customers
PI67571 HMGR0130I message needs more information about JVM termination
PI67633 Multiple server applications are added to the virtual cluster list
PI67671 Application Placement Controller (APC) hangs and JVMs are not starting after minimum cluster violation
PI68110 Incorrect logging by ModuleLocatorClassAdapter
PI68142 HPEL reader throws NullPointerException error while given invalid java log level
PI68357 Add messages for hot deployment events.
PI68755 Remote migration jar needs message about incompatible JDK
PI68911 NullPointerException in com.ibm.ejs.ras.Tr.formatObj using trace in thin client
PI68930 JavaMail garbled if charset is ISO-2022-JP and the body ends with DBCS
PI69052 logViewer -includeExtensions component command gets "Pattern cannot be null"
PI69325 OAuth emits NullPointerException when no state parameter in request
PI69332 The "serialize session access" option may not work correctly
PI70026 Can not configure Compute Grid job scheduler using default Derby datasource
PI70358 Every SystemErr log record line is ending with a "null", with High Performance Extensible Logging (HPEL) enabled.
PI70371 Ampersand character within an entity reference is no longer escaped by XCI component
PI70841 OpenJPAs ConfigurationImpl.loadGlobals() has java.util.ConcurrentModificationException
PI71044 java.lang.IllegalArgumentException: Illegal decimalType. From commonData.GetExternalBytecounts
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server.
IBM i PI63504 Remove message CPF9E17 when running WebSphere Application Server on IBM i.
Install PI64328 Files in the <was_install>/properties folder are being overwritten when fix packs are installed
PI69529 Turn off APAR regression warning when updating optional Java offering, using IBM Installation Manager.
PI72143 Display Java 6 end of service warning during fix pack update
Intelligent Management Component PI57206 ODRLIB returned partial routing data from the ODC rest service, resulting in 404s
PI63373 Unable to add a remote cell for Intelligent Management for web servers
PI65363 HeapDetect code is failing to determine the maximum heap size
PI66664 Application edition validation with inconsistent policies breaks affinity on the default edition
PI66698 Hang with high CPU occurs during rollout in certain situations
PI68011 Slow Deployment Manager start-up due to annotation scanning when several EJB modules have been deployed to the cell
PI68090 If SERVER_LOG_ROOT variable is not set, a CWPTF0002W warning message is reported in the SystemOut.log
PI68582 Health controller cycle length is not being honored
PI69939 Dynamic Routing stops working when the collective controller becomes stopped or unavailable
Java 2 Connectivity (J2C) PI61635 Activation Specification Config ID's are getting mapped to the same ID while making any changes to the existing application
PI65595 InstanceNotFoundException occurs when stopping an application hosting message endpoints
PI67203 java.lang.NoClassDefFoundError: com.ibm.ws.jdbc.jcc.DB2Statement
PI69122 J2C pretest being used despite FailingConnectionOnly option
Java Message Service (JMS) PI58640 Exception WSCL0912E : Component could not be initialized running launchClient on Microsoft Windows.
PI61894 An MDB app fails to start on activation error, but the activation spec starts and tries to consume messages
PI63193 SRVE8094W happens even if invokeFlushAfterServiceForStaticFile=false
PI66925 Update CWMSR0063E message to clearly state it is only applicable to WMQ
PI70191 Update IBM WebSphere MQ JCA resource adapter to version 7.1.0.7 + APAR IT15559
PI70332 System property to enable SSL Channel timeoutValueInSSLClosingHandshake property
Java Persistence API (JPA) PI58114 ClassCastException when an equals comparison query is run on an entity with a composite @EmbeddedId
PI65593 The database schema name cannot be configured with openjpa.jdbc.SchemaFactory
PI66770 JPA returns incorrect results when using a native query and @SqlResultSetMapping
PI67790 java.lang.ClassCastException using JPA
JavaServer MyFaces (JSF) Apache MyFaces implementation PI63633 Thread-safety issue in the underlying (Apache) JSF 2.0 code causes webcontainer threads to hang
JSP PI63554 HTTP error code: 500 after requesting a JSP page that statically imports more than one file from the same web fragment.
PI65333 A JSP error "Unresolved compilation problem" is thrown during runtime
PI66266 JSP engine cannot compile with Java V8
PI66271 When using c:import to import a file that does not exist, an error 500 is received
PI67257 An escaped EL expression is being evaluated if an escaped dollar sign precedes the former expression
Messaging Providers PI60131 Unavoidable clash detected in bus link
Migration PI68035 Remote migration changing hostname variables of IPC connector and NODE_IPV6 endpoints
Object Request Broker (ORB) PI63926 Crash in SMF code BBOODSAB.PLX on first server startup after an IPL.
PD tools (for example: Log Analyzer) PI63045 Unable to change log level
PI63178 Hung threads or infinite loop on startup in WeakHashMap.getEntry
PI66579 Deadlock due to frequent log rotation
Plug-in PI63576 Crash on Microsoft Internet Information Services web server plugin module
PI65153 HTTP IM Plugin doesn't have visibility to RemoveSpecialHeaders property
PI65396 IHS crash in free call when using Intelligent Management
PI66812 Plugin for IIS does not initialize correctly
PI67230 z/OS set_attributes doesn't set a & p attributes for mod_was_ap24_http.so .
PMI/Performance Tools PI60858 NullPointerExceptions on NodeAgent when starting TPVLogging via wsadim for 2 different servers at the same time
PI61355 NullPointerException on nodeAgent when starting TPV Logging for any server in deployment manager.
PI67607 Tivoli Performance Viewer does not sum the ConcurrentHungThreadCount
PI70075 The PMI counters URIRequestCount, URIConcurrentRequests, URIServiceTime were disabled after starting server.
Profile PI66897 Customization temporary directory cannot be shared
PI69447 Profile creation accepts -enableAdminSecurity True (should be true) which leads to subsequent config action(s) failing
Programming Model Extensions (PME) PI65037 java.lang.IllegalArgumentException: threadpool name already defined
Proxy Server PI60985 Add a custom property that will always clear the cache regardless of its state
Runtime (zSeries®) PI63822 ABEND SEC3,RSN=0406002C does not terminate a WebSphere node agent
PI65437 Servant region abends with ABEND430/ABENDS430 and reason 02390815 during process signal handling
Runtime and Classloader PI54461 Application server process uses wrong hostname to communicate status to node agent
PI55574 Handlers start in incorrect order when provisioning is enabled
PI58591 Deadlock on startup between two server.startup threads
PI62090 Classloader leak problems
PI63963 Rollout of an application edition may fail with error WPVR0011E due to condition WPVR0041W
Security PI58172 SSLException error occurred when having a "#" in the keystore or truststore filepath.
PI61077 Limitation of wsadmin API AdminTask AdminTask.exportSAMLSpMetadata
PI62070 Full chain created in PKCS12 but not for JKS key store
PI62375 Potential code execution vulnerablity in WebSphere Application Server (CVE-2016-5983)
PI62619 SAML Web SSO AdminTask command importSAMLIdpMetadata fails
PI63726 Custom Kerberos login module for identity mapping
PI63989 Security auditing enabled log in calls via wsadmin are not being logged when using SECURITY_AUTHN
PI65120 NullPointerException from AdminTask.getInheritedSSLConfig command
PI66137 NullPointerException found in logs when creating the security server.
PI68115 Remove 3DES ciphers from default cipher list
PI69042 Security crypto jar failed with "not signed by a trusted signer" error after upgrade
PI69518 Group search fails with a ClassCastException after upgrade to 8.5.5.10
PI69815 NullPointerException when printing error in WSX509TrustManager
PI70737 Unnecessary setCookie header might be set after applying interim fixes for pi62375.
Servlet Engine/Web Container PI58875 Application is started even though there has been a listener exception during application start up
PI61651 An uncaught exception in javax.servlet.AsyncListener.onComplete() might cause threads to hang
PI62068 Remove Struts from WebSphere Application Serve
PI67093 Information disclosure in IBM WebSphere Application Server CVE-2016-5986
PI67942 javax.servlet.HttpServletRequest.getRequestURI() might return a decoded value after dispatching
PI68061 Option to display customized text for some server errors
PI70493 Unhelpful message: uncaught.init.exception.thrown.by.servlet, logged when exception thrown during servlet initialization
Session Initiation Protocol (SIP) Container PI62617 The SIP container does not support etOutboundInterface() for Proxy and ProxyBranch interfaces
System Management Configuration PI64222 Too many open files exception on property file causing uninstallation of apps deployed by monitored directory
System Management/Repository PI63461 AuditServiceProvider and AuditEventFactory settings are overwritten by PFBCT
PI64069 Application upload fails with java.net.SocketException: Invalid argument
PI64685 providerType is null or missing in configuration when JDBCProvider is created using properties file.
PI67746 AdminApp.isAppReady() cannot retrieve the correct application distribution status in an AdminAgent environment
Transaction Service PI45254 Collect more serviceability data for transaction log service
PI62603 BBOT0004E: RRS SERVICE ATRBACK FAILED WITH RETURN CODE=731 occurs with request in a local transaction
PI65127 Deadlock issue when transaction service logs stored in a database and transactional high availability is configured
PI68664 Record-level sharing (RLS) is miscalculating the amount of data to be written to partner logs
PI69183 APAR PI18414 may result in the recovery log service using incorrect sequence numbers.
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI54081 AdminApp.isAppReady and AdminApp.getDeployStatus show incorrect result after app expansion failure
PI56058 JAX-WS throws XMLStreamException upon an SML-SOAP message write attempt
PI58461 WSWS1002E when no matched value returned from servletImplName object from the servletClassMapping hashmap
PI60284 Accept header for SOAPOverHttps is not compatible with all webservice implementations
PI60666 @XmlJavaTypeAdapter annotation failed to work
PI60791 AxisDescription objects might consume excessive memory
PI63025 Repeatedly attempting to start an application that will not start might cause a memory leak
PI64053 WSWS7054E is thrown when deploying a JAX-WS web service application
PI65925 A JAX-WS web service client does not honor an HTTP 307 redirect received from a web service provider.
PI66557 Information disclosure with malformed SOAP requests
PI67688 RuntimeException: Internal error
Web Services Security PI57565 WS-Security does not emit TokenType on reference to SAML token
PI63906 WebTrustAssociationFailedException thrown by the OpenID Connect Relying Party during authorization
PI64924 OpenID Connect RP cannot locate key in JWK set
PI65466 OpenID Connect ear and py files and the OpenID py file are missing from IBM Embedded WebSphere Application Server
PI65751 The interceptedPathFilter OIDC custom property should not be required
PI66128 SAML Web SSO may reject requests when proxy is in use
WebSphere Common Configuration Model (WCCM) PI60902 Annotation processing fails with runtime exception
PI63177 Slow application update for web modules which have many web-inf/lib jars
Fix Pack 8.5.5.10
Fix release date: 15 August 2016
Last modified: 15 August 2016
Status: Superseded

Download Fix Pack 8.5.5.10
Component
Security APAR
APAR
Description
Administrative Console (all non-scripting) PI52255 Change the administrative console error message displays
PI53221 Any update to a WMQ Connection Factory via the Admin Console will delete its default component-managed authentication alias
PI54150 Add functionality to allow users to perform ldapSearch function from the administrative console
PI54179 Failure to assign a unique port value to a newly created cluster member
PI56391 The please wait icon does not display on the admin screen when an application is uploading
PI56917 Information Disclosure in WebSphere Application Server Admin Console (CVE-2016-0377)
PI57111 When the application path is incorrect, it leads to incorrect application status on the Administrative Console
PI58615 Web services client security bindings configuration not saving changes
PI58743 Administrative console login page picture overlapping on username and password fields
PI59552 Application update corrupted deployment.xml with incorrect appcfg: ApplicationConfig reference
PI60805 Update the flags on the CSRF token cookie
PI60959 Change in DN name of the certificate if it has special characters in the name
PI60992 Unable to change maximum headers value in templates from admininstrative console
PI61246 Unable to edit resource adapter custom properties
PI62111 Console displays blank page when "view or download the current web server plug-in configuration file" clicked using Chrome
PI62458 Console is slow when using fine grained authorization.
PI64303 Vulnerabilities in Apache Struts affects WebSphere Application Server (CVE-2016-1181, CVE-2016-1182)
Administrative Scripting Tools (for example: wsadmin or ANT) PI56887 Wsadmin loades all jars under the path if the path name contains "admin" or "runtime"
Classloader PI52661 Stopping an application while using a single shared class loader causes an ArrayIndexOutOfBoundsException
Default Messaging Component PI53301 Delay observed when consuming messages from a V8.5.5 SIB destination
PI56146 when the message load is heavy, some of the messages move to the exception destination with CWSIK0035E error
PI57059 NullPointerException when XCT tracing is enabled and sending a javax.jms.MapMessage with its value set as null
EJB Container PI50798 Custom property to avoid checking timer service database if server contains only non-persistent timer applications
PI60135 Custom property to avoid checking timer service database if server contains only non-persistent timer applications
Enterprise Edition (EE) PI57463 OutOfMemory generated with 64k "com.ibm.xml.xlxp2.scan.util.DataBuffer" objects
Federated Repositories PI53848 User login failed with automatic discovery of LDAP servers at runtime in VMM
PI54592 getIdMgrLDAPServer CLI shows bind password in encrypted format
General PI36921 A timing issue causes APC to see incorrect value of proactiveIdleStop property, resulting in violation of minimum instances
PI40062 Application does not start during server start but then starts from console
PI46156 ICH408I as the servant userid attempts to create and delete the oauth20 directory
PI46318 WOLA serviceability enhancements
PI46546 Additional debug statements needs to be included for SAML.
PI46801 Ampersand '&' within an entity is escaped unnecessarily in XML
PI47003 Modification/deletion of a job class causes all job classes to be cleared from memory if SCH/endpoint are on the same server
PI47334 CDI interceptor not triggered for MDB (onMessage)
PI48360 More diagnostics required when relaystate is invalid in SAMLResponse
PI48614 NullPointerExceptions from CDI code
PI48714 Compute Grid/Batch workload balancing not working as expected
PI49306 zWAS: Batch job using WOLA service hung after server recycle
PI49810 Application fails to start after rolling update due to hung MessageReferenceHandler thread
PI50137 The WebSphere session management database uses the LONG VARCHAR attribute which is not supported in DB2
PI50714 Program error in the annotation merge code
PI50904 Invalid URL request values need more specific details in the exception produced
PI51435 Port conflicts are possible when two cells are installed on the same host
PI52244 SAML response information might display in browser.
PI52428 UnsupportedOperationException thrown when trying to inject an InjectionPoint
PI52434 In a clustered was environment with M2M session replication, non-serialized session access can cause NullPointerException
PI52604 OpenID Connect SSO with active directory fails with 403 Forbidden
PI52613 SAML SP-initiated Web SSO requires DynaCache or frontend affinity
PI52898 The commonj.work.workmanager class will not complile with JDK 1.7
PI53222 Admin client gets security exception when running file transfer commands in HA Dmgr setup when security enabled
PI53321 Using WOLA with CICS version 5.3 causes BBOX abend
PI53538 WOLA IMS multi-segment message support is not working when trying to increase segment or message size
PI54086 Request fails if insufficient memory to cache
PI54362 Session manager error messages SESN0202E and SESN0201E need more details
PI54621 If the JMS resource adapter is used for JBoss for subscribtion to a topic in WSAS, the messages are not consumed in JBoss
PI54811 When querying a UDDI Registry that contains a large data set an E_resultSetTooLarge error may occur
PI54872 Compute Grid purge utility CleanUpCIEar.ear is failing with ClassNotFoundException
PI54881 Threads being allocated to access an MDB that has already reached max sessions
PI54961 Extra information in trace file
PI55413 CICS BBO (WebSphere) link server abends with WRITEQ TSQ BBO* error eibresp: 16 eibresp2: 0
PI55545 Attempting to replace an existing list of a DataObject results in NullPointerException within the XCI component
PI55697 OpenID Connect Relying Party: No entry in cache for stateid
PI55889 JPA merge fails with foreign key constraint error
PI56000 Exception logged with EJBQuery 2.0
PI56020 IBM HTTP Server server-status with ?auto query string gives incorrect format of output
PI56187 False error seen in plugin log when using rotatelogs functionality
PI56253 Plug-in not handling ServerIOTimeout correcty to mark down a server when ESI caching is enabled
PI56331 May not be able to access web page protected with OpenID Connect after initial logon
PI56584 Unable to select SSL Protocol TLSv 1.0, TLS 1.1, or TLS 1.2 for the web server plugin
PI56811 Potential security vulnerability in IBM WebSphere Application Server (CVE-2015-0254)
PI56924 Non-posix launchWsadminListener.sh causing problems on Ubuntu
PI56928 The manageprofiles -profilePath related error messages need additional information to help debug profile path errors
PI57180 Update plugin-config.xsd with latest V8.5.5 properties
PI57186 With elasticity enabled APC does not add additional node(s) when memory overload protection (MOP) is triggered
PI57228 The HTTP Channel will consume additional memory, in specific circumstances, when processing inbound data
PI57239 Error when multiple threads attempt to authenticate to Mongo at the same time
PI57402 The & part of a character entity is escaped twice
PI57465 OIDC: remove session cookie after logout
PI57905 Using the JSP Batch Compiler to compile JSP files that contain warnings causes incorrect behavior of -compileAfterFailure
PI58029 Classloader leak associated with PCRegistry
PI58166 Small timing window causes a deadlock when the APC.predictor custom property is changed
PI58223 dspwasinst hang on a long running application server job
PI58226 GB18030 IHS deploy failure
PI58275 ERROR: Error accessing safkeyring:///KEYRING A component of path does not name an existing file or path is an empty string
PI58337 Batch job fails with could not open file, not found or could not be formatted
PI58376 Cannot run workclassoperations.py script
PI58509 DuplicateKeyException after migrating from WebSphere Compute Grid V8.0 to WebSphere Application Sever V8.5
PI58594 ODR returns 503s after application edition rollout when node based ARFM is selected
PI58853 Big Installation Manager history.xml file causes out of memory
PI58862 ODRSESSION cookie should match JESSIONID cookie
PI59131 NoSuchMethodException is thrown when attempting to generate Java class from WSDL file
PI59309 UpdateSymlinks.sh script may not report an error if a directory exists when it tries to create a symbolic link
PI59568 Plugin sockets not closed when using web sockets
PI59831 Support for using local x509 public certificate for signature verification on OIDC
PI59912 Add ability to move messages from exception destination to the original destination via wsadmin
PI59923 WebSphere Load Balancer site selector and content based routing problems
PI59999 JPA custom plugins can cause classloader leaks.
PI60049 Error WSVR0100W is not providing enough information about why the server fails to start
PI60058 Trim white space from ssl.client.props propertie values to prevent errors
PI60064 Support customized error page in SAML TAI
PI60302 Startup scripts need to be included in collector output
PI60355 OAuth2 provider expired tokens are never removed when database is incompatible with its SQL queries
PI60398 Message CWPKI0045E is not displaying properly
PI60462 XQuery function fn:current-dateTime returns a value with less accuracy than required by the standard
PI60545 Gather and report minimal data for a web UI login and logout with audit
PI61331 Add host header to LB HTTP Advisor
PI61488 An application restart could cause an application classloader leak when using Bean Validation
PI61636 IllegalArgumentException when creating an ODR object
PI61934 runConfigActions fails but returns exit code 0
PI61998 The JSSE is not getting initialized to enable FIPs when using Java 8
PI62148 Expose APIs to retrieve tokens from runAs subject
PI62166 Portal requires adding VMM realms dynamically in cWAS
PI62425 setupSdk.sh has #!/usr/bin/qsh on Linux
PI63141 A null pointer exception is encountered when attempting to service a request through the Java ODR causing the request to fail
PI63329 EJBDeploy support to specify a different JDK than the one being used by Application Server
PI63560 JVM crash on Microsoft Windows while invoking ProcessCPU
PI63586 The application placement controller cannot start or stop the server instances in the point cell in the multiple cell topology.
PI64238 Centralized Installation Manager failed to install IBM Installatiaon Manager on Linux PPC64LE
PI64573 A 403 Error may occur when using the OIDC RP
PI64645 setupDefaultSDK fails after upgrade to IBM i R730
PI64981 Add a property for JAXB-937 fixes
PI65649 RenameCell doesn't update some Extreme Scale Domains and health policy targets
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server.
Install PI61710 Enable V8.5.5 offerings to support 64-bit Installation Manager on zLinux
Java 2 Connectivity (J2C) PI54850 Unable to remove the default search query for connections validation properties on the console
PI56277 Some "advanced connection pool properties" are not honored at runtime
PI61989 Optimize connection pool behavior when the free pool distribution table size is set to one
Java Message Service (JMS) PI51122 Webcontainer intermittently generates a 500 error with StringIndexOutOfBoundsException
PI52696 WebSphere Application Server proxy - Too many open files
PI54578 NCSA logging in deployment manager is not working.
PI57327 Missing session attributes with Oracle 12 as database session persistence when multi-row configuration is enabled
PI57869 When using binding mode and MQ goes down, listener keeps trying to reconnect regardless of retry count settings
PI58883 "%{r}w" in accessLogFormat is printing string "%{r}w" instead of the time value
PI58918 Response Splitting Vulnerability using a specific API CVE-2016-0359
PI59158 NullPointerException in InboundProtocolLink.close causes control region abend with REASON=C9C21236
PI59509 SSLC0008E SSLHandshake exception after turning off TLSv1 protocol
PI59687 Some JMSExceptions related to Queue Manager connection errors are misidentified and connection cleanup does not occur
Java SDK PI60837 A StackOverflowError can occur when evaluating EL expressions
JNDI/Naming PI60053 Not able to disable name server cache for Corba object URLs
JSP PI52135 File descriptor leak when using Wsadmin to deploy and precompile applications with JAR files at EAR level
PI61073 Deploying an application "Precompile JavaServer Pages files" box checked might fail with a java.lang.NullPointerException
Migration PI55136 WASPreUpgrade java.io.IOException when variable has ":" and -machineChange is set to true
PI56559 Change in the order of login modules in security.xml after running the migration scripts
PI58430 After migration the NodeAgent server throws an exception because it is missing the XDAGENT_PORT endpoint
Object Request Broker (ORB) PI51932 SMF type 120 subtype 9 records may report the completion minor code (SMF1209CJ) in in little-endian format
PI59076 S0C4-38 abend from out of a JVM method
PD tools (for example: Log Analyzer) PI55683 collector.sh failing on z/OS
PI57134 Files in the <was_install>/properties folder are being overwritten when fix packs are installed
PI57860 After upgrading java version, header information out of order in SystemOut.log
PI61029 NullPointerException in MultipleCriteriaFilter when retrieving logs with HPEL
PI61135 StackOverflow caused by SLF4J infinite lookup.
Plug-in PI55092 Plugin generation for a mixed environment can't generate the necessary property
PI63490 Plugin's build version information reported in the log has 8.5.0 when it should be 8.5.5.
PMI/Performance Tools PI62283 NullPointerException in PMI class ModuleItem
Runtime PI40095 Emit messages recommending web container threadpool adjustment
PI48280 IWAE0006E during application server startup
Security PI50599 SSL CSR being sent to SSL clients after restarting WebSphere
PI52179 Add SAML web inbound TAI support
PI52860 In console "Administrative User Groups" panel, group search does not show any hits but there are valid groups
PI53397 Outbound SSL with two-way SSL handshake fails because WebsShere does not send client certificate to SSL server
PI53493 Local OS registry cannot get members in group which contains a lot of members
PI54477 Add ability to disable logging of SECJ0371W Expired LTPA token messages
PI54809 The "com.ibm.websphere.security.spnego.useRACMAPMappingToSAF" property is not displayed correctly in the console
PI54960 Provide property to set java security algorithm related properties
PI55025 com.ibm.websphere.security.auth.WSLoginFailedException: The user is from a foreign realm and this foreign realm is not trusted
PI55440 Extra information is in the FFDC log files
PI56086 HMGR0149E exception: The received token starts with null
PI56190 Potential security vulnerability in WebSphere Application Server if FIPS140-2 is enabled (CVE-2016-0306)
PI56877 NumberFormatException in CSIv2ConfigImpl getInteger() getting properties from com.ibm.CORBA.loginSource sas.client.props
PI57641 Memory leak was detected when stopping an application
PI58717 Unexpected GPF exception BOSSNAP
PI61650 IllegalArgumentException is logged while processing RSAToken
PI61695 NullPointerException for wasadmin AdminTask.mapUsersToNamingRole
Servlet Engine/Web Container PI56833 WebContainer is setting the Content-Language
PI57516 A NullPointerException may occur during application deployment
PI57951 Line feed code disappears when data is uploaded with enctype="multipart/form-data" in an HTML form
PI58920 Dispatcher type obtained from HttpServletRequest is not updated on post processes
PI60797 Change transport methods for form login
PI61594 AsyncContext.dispatch() might dispatch to an incorrect URI if using different versions of ServletRequest.startAsync()
PI61628 A 404 error might be generated when using redirectToWelcomeFile
Session Initiation Protocol (SIP) Container PI51393 Issues with mixed IPv4/IPv6 SIP support
PI54003 Leak caused by new ProxyBranch created from response
PI54646 Unable to obtain SipURIs of available outbound interface
PI54666 NullPointerException when using IPv4/IPv6 loopback addresses
PI56387 SIP container incorrectly combines multiple SIP Supported headers
PI60893 Deadlock caused by SIP Subscribe
PI61548 Potential Denial of Service in WebSphere Application Server if using SIP services (CVE-2016-2960)
Sessions and Session Management PI53170 Classloader leak causes OutOfMemoryError when applications repeatedly restarted with restarting Application Server
PI60026 Bypass security restrictions in WebSphere Application Server (CVE-2016-0385)
System Management/Repository PI56357 Error message ADMR0104E updated to include full path name
PI56966 There is no message logged by the NodeAgent when a server is terminated
Transaction Service PI53996 Memory leak can occur in a static HashMap in class com.ibm.ws.cscope.CScopeSubordImpl
PI54552 WOLA BBOA1INV abend RC8 reason 44
PI61057 WTRN0112E errors when running standalone application using the Embeddable EJB container
PI61081 J2CA0030E occurs due to DSRA9350E: Operation Connection.commit is not allowed during a global transaction
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI50801 With multiple overriddenEndpointURI values specified, only the last value is used
PI54325 Memory leak with sourceParent.replaceChild
PI55656 java.lang.IllegalArgumentException JsonMappingException when using Apache Wink
PI56581 Signature in propagated SAML token may not be valid due to added namespace declarations
PI60370 During an installation of webservice application, ADMA0078W might happen.
PI63175 Upgrade to V8.5.5.9 generates a WSDL ClassCastException
Web Services Security PI56377 Signature in propagated SAML token may not be valid due to added namespace declarations
PI56669 TheJAX-RPC UsernameToken consumer cannot be forced to login
PI58160 Add new client and provider general bindings with SHA256
PI58900 CWSML7011E exception occurs when a SAML Assertion contains a SAML 2: Advice element
PI59201 NullPointerException when decrypting a SOAP message in JAX-WS
PI60820 CWWSS5634E when using relative URI
WebSphere Common Configuration Model (WCCM) PI59279 Infinite loop during application startup while accessing program model extension metadata

Back to Top

Fix Pack 8.5.5.9
Fix release date: 18 March 2016
Last modified: 18 March 2016
Status: Superseded

Download Fix Pack 8.5.5.9
Component
Security APAR
APAR
Description
Administrative Console (all non-scripting) PI48976 No console identity is displayed on the administrative console login screen
PI49497 CreateWebserver issued thru admin console is not mapping all existing deployed applciations.
PI50191 Generic jvm arguments with spaces are not handled properly by WebSphere Application Server
PI51214 Swedish characters are not displayed correctly in the administrative console.
PI51487 Administrator group role displays auditor role twice.
Administrative Scripting Tools (for example: wsadmin or ANT) PI46759 java.util.regex.PatternSyntaxException in AdminApp.edit when string includes question mark (?)
PI49833 Leading space when adding custom properties to resource environment providers via wsadmin - adminConfig.create
Default Messaging Component PI45426 Unable to stop or reset MQLink sender channel in mixed topology with V8.5 deployment manager and V7.0 nodes
Dynamic Cache PI49336 OutOfMemory issues in DRS due to large DRSQueueMessage collection caused by looping.
EJB Container PI52932 JPA2 error com.ibm.wsspi.injectionengine.InjectionException after migration from V7
PI53807 Improve message text when EJB SessionContext fails to serialize
Enterprise Edition (EE) PI50020 JAXB unmdarshalling does not work correctly, and returns null for a simple xml string.
PI50673 JAXB unmarshalling not tolerating whitespace around token enumerations
Federated Repositories PI47826 VMM does not clear the cache if clearEntity mode is used.
PI48613 Group search filter not applied while dynamic groups search
General PI16200 Message driven bean failed to get scheduler MBean during init().
PI24684 Hanging proxy jobs after IPL
PI31579 IllegalStateException when accessing BeanManager in JSF SystemEventListener for PreDestroyApplicationEvent
PI35887 CDI method getName() can result in null
PI38270 NullPointerException in InvocationContextImpl.configureTarget when destroying an already destroyed bean
PI40003 Security roles mapped to special subject "All authenticated in trusted realms" for OSGi applications are ignored at runtime.
PI40520 OSGi commands listOSGiExtensions and listAvailableOSGiExtensions cause files to accumulate in the wstemp directory
PI40596 MalformedParameterizedTypeException thrown during deployment of webbeans does not give enough information to debug
PI41965 SAML TAI restores post parameters from original request prematurely
PI42582 Cannot specify SpecialSubject AllAuthenticatedInTrustedRealms from wsadmin script when mapping roles to users
PI43084 Reduce the amount of data which is output when printing out data buffers from within WMQ-RA traces
PI44309 Thread hang due to the "Allow serial access" enabled in session manager
PI44496 Users see many threads generically named thread-xx, like "thread-23"
PI45044 JSF problem in a Portlet environment: Form inputs inside a data table lose their values if validation fails
PI45352 OSGi related admin tasks may not close asset files in workspace in wstemp preventing deletion
PI45449 Exception message is not included in the SOAP fault when the application explicitly throws a RuntimeException.
PI45557 Remote EJB call to clustered WebSphere z/OS server fails due to missing security context
PI45811 @AroundInvoke interceptors must declare throws exception
PI46640 Incorrect URL appears in Plugin Configuration Toolbox command
PI46699 A null value is returned when trying to use OpenJPAs DelegatingConnection's unwrap()
PI46964 WOLA gets error on otma_open call, rc = 8, rsn codes = 0 : 0 : 0 : 2
PI47070 OSGi commands leave open files
PI47144 Merging an unmanaged entity multiple (3) times leads to an exception.
PI47454 NullPointerException is logged on console when DEBUG_PHASE_LISTENER set to true and validation fails
PI48806 Compute Grid endpoint logging
PI49066 Use of OpenID TAI may cause ClassCastException error in cluster environment
PI49174 Namespace missing in the nodes with default namespace when moved
PI49272 Cross site scripting vulnerability in OAuth Service Provider CVE-2015-7417
PI49705 NullPointerExceptions in binding listener code, causes the invalidation to fail.
PI50016 WebSphere grid endpoint not able to run OSGi batch application
PI50100 Compute grid scheduler unable to dispatch to an OSGi batch job.
PI50291 Beans searched for through instance interface are not found
PI50513 In a clustered environment the job tables "XJCLREPOSITORY" and "GLOBALJOBIDASSIGNMENT" will not be purged correctly
PI50691 java.lang.IllegalArgumentException on Solaris JDK 7 only
PI50694 ClassCastException is thrown in JPA when QueryCache is enabled.
PI50728 Submitting jobs thru EJB/webservices interface part.1.log is missing latest entries and displaying old jobs entries
PI50765 NullPointerException in OpenID when key not in cache
PI51134 NullPointerException if all interceptors are on methods overriden, defined at class level or defined in a different method
PI51301 OAuth may not honor Security Domain credentials
PI51327 Need warnining message when uninstalling running enterprise apps
PI51447 Increase memory space to pass routing information between plugin and the ODR module
PI51508 Reduce contention in AbstractOwbBean.equals use
PI51777 zWAS WOLA abendc78 rc5c in CICS TRUE BBOATRUE on path after OLA unregister API
PI51950 Increase in 50 cluster creation in large topology
PI52121 In case of a parse error in any of the SIP messages, the TCP connection to the container is dropped.
PI52169 Nodes do not preserve declaration related information when copied
PI52209 EntityNotFoundException in OpenJPA
PI52756 CDI is activated and generates error with no existence of beans.xml
PI52832 Scheduled jobs in WebSphere batch are not run on z/OS
PI52887 OSGi application startup problem - SECJ0326E: No received or invocation credential exist on the thread.
PI53085 A message flow control mechanism in ME-to-ME communications in pub/sub environments to prevent message pile ups in the target ME
PI53220 Session attribute not stored with Oracle as DB session persistence and MultiRowSchema=true
PI53403 IBM WebSphere Software Development Kit (SDK) Java Technology Edition version 7.1 fails to uninstall on AIX 64-bit operating systems
PI53425 DUMP TITLE=COMPON=WEBSPHERE Z/OS, COMPID=5655I3500, ISSUER=BBORADMP, ABEND IN PC ROUTINE BBOCLSPC
PI53589 Add Java 8 as optional JDK for V8.5.5.9 and up
PI53931 HPEL trace and default trace not showing the same information
PI54212 Update one class in Apache Commons
PI54236 When stopping an application the administrative console shows extraneous error about a web server.
PI55299 EJBConfigurationException: Bean class com.ibm.ws.batch.JobSchedulerMDB could not be found or loaded
PI55465 Messaging Engine fails to start when the schema name contains special characters
PI55692 Jobnumber SQL issue after migrating from Compute Grid V8 to WebSphere Application Server V8.5.5
PI55853 java.lang.OutOfMemoryError in the control region output after a failed WOLA reqeust.
PI55910 Logging in InvocationContextImpl outputs array ids instead of array contents
PI57520 WAS855 issue with wsgridConfig.py -remove after a migration
High Availability (HA) PI53806 HMGR0005I message does not state that the high availability manager has been disabled
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server.
Install PI49801 installation manager errors when moving symbolic links during update
Intelligent Management Component PI47535 Cluster based wildcard routing rules fail to route correctly after sever restarts
PI50050 Health Management restart action does not attempt to restart a server if a restart action failed
PI50388 Logs are full with the following error: "... Request filters..."AsynchHandler E XJMS0006E: Error while invoking.."
PI51341 SNMP trap for health policy uses wrong health policy name
PI51844 Create null guard for custom property
PI51906 ODR returns 500s instead of 404s due to a NullPointerException when processing the request EST
PI51978 Prevent a buildup of HttpRouteAction objects that would cause an OutOfMemory in the ODR
PI52307 Incorrect applications are stopped when performing validation operations on a base edition
PI53566 On Demand Router memory leak when upgraing applications under load
PI53850 APC is not removing nodes on AIX with APC.predictor=CPU
PI53857 APC hangs when placement decision includes one instance stop in a node and one instance start in the other node of same cluster
PI54818 GlobalGCObjectType is being logged in SystemOut under normal logging
PI55004 Message "ODR:NOTICE: Default tracing has been set to ." is confusing and concerning
PI56172 Lack of spaces in ODR match expressions cause the rules to fail validation
PI57156 Introduce "Not equals" operator for queryParm match expression
Java 2 Connectivity (J2C) PI49357 Deadlock situation can occur during server startup due to synchronization issues in J2C
PI53120 Datasource connection pool minimumPoolSize to be 0 by default for newly created datasources
PI54775 FFDC log does not have the datasource name
Java Message Service (JMS) PI43752 AsyncContext.dispatch() dispatches to an incorrect URI
PI47103 java.lang.NullPointerException when using async servlets and PMI
PI48725 Initial TLSv1.0 application data packet read into the wrong buffer by the SSL channel
PI48986 An FFDC is created if a request containing a content-encoding header does not have a body
PI49369 Starting applications continuously fail with NullPointerException
PI50538 Webcontainer throws a java.lang.IllegalArgumentException when parsing parameters.
PI51523 HTTP Channel getCookieValue throws ArrayIndexOutOfBoundsException when cookie is only one-digit double quote "
PI52845 SSL handshake fails due to a java.lang.IllegalArgumentException.
PI53190 Update IBM WebSphere MQ JCA resource adapter to version 7.1.0.7
Java SDK PI47885 h:selectManyCheckbox and h:selectOneRadio components do not support f:ajax tags.
PI47898 Bean property initialization fails with a org.apache.commons.logging.LogConfigurationException.
PI49486 MyFaces leaking file descriptors when reading stylesheet files
PI54702 Null renderer-type tag causes custom TagLib xml parse error
JNDI/Naming PI47875 Excessive memory use when an application uses many classloaders.
Liberty Fix List Detailed list of APARs for WebSphere Application Server Liberty
Migration PI51236 WASPostUpgrade not setting virtualHosts ports correctly.
PI53930 Improve migration GUI message for incompatible profile
PI53942 Wrong cell name read from setupCmdLine.sh.bak file during migration
Object Request Broker (ORB) PI49424 Dump occurs during stop of job scheduler control region.
PI50098 High cpu and delays in app server controller caused by high number of worker threads created.
PD tools (for example: Log Analyzer) PI45128 HPEL logging takes a long time to export when using the administrative console.
PI46069 When HPEL log file path is changed, ISADC cannot acquire HPEL logs
PI53378 Undeprecate collector.bat/.sh
Plug-in PI50205 Apache LogFormat not working for %{WAS}e
PI50473 Error starting web server plugin on HP
PI50823 Improve plugin messages for file related errors
PI52071 Intelligent Management enabled WebSphere HTTP plugin, limit excessive memory growth via custom property.
PI52490 Improve the web server plugin logging to show ephemeral port on existing connections.
PI53803 iPlanet static contents returned 503 status code when it has plug-in configured.
Runtime PI46897 Application update operation fails with "ADMA0078W" message on Microsoft Windows server
Runtime (zSeries®) PI48675 z/OS SMF 120 subtype 9 requests are not being written for asynchronous requests that were submitted as daemon request
Security PI44539 CWWDR0012E: java.lang.StackOverflowError error between WebSphere security and DRS for auth cache invalidation.
PI46800 Renew of certificate fails with com.ibm.crypto.hdwrCCA.provider.JCECCARuntimeException
Servlet Engine/Web Container PI48485 Duplicate registration of SimpleFileServlet when PMI is enabled
PI54235 A redirect using an URI relative to the current request URL redirects to the wrong URL
Session Initiation Protocol (SIP) Container PI42211 SIP parse errors not in textlog by default
PI52153 No CANCEL request sent when session expired
System Management/Repository PI51061 Corruption in administrative console. Application will not start, cannot access console.
PI52208 deleteSymbolicLinks does not work for WebSphere Application Server running on Microsoft Windows
PI53399 Not able to delete a server or cluster
Transaction Service PI43413 Deadlock in controller due to timing window in the recovery log service; servant times out
PI45590 WTRN0146I message should not be output when XA recover has failed
PI47909 Migration fails when one node name is a substring of another
PI51364 Transaction context is not cleaned up when JTA transaction is broken
PI54849 Transaction timeouts triggered during EJB calls from Liberty
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI25423 Incorrect ports are used for HTTPs and HTTP web services aync calls.
PI45894 Workspace leak in SysmgmtHelperImpl during application install.
PI48668 Add a JVM property to enable the "org.apache.axiom.om.OMFormat.use.cteBase64.forNonTextualAttachments" format property.
PI50993 Hide the HTTPClient API in JAX-RS engine
PI54925 Extra information in FFDC log files when customer has defined strings
Web Services Security PI50119 More error info required on WSEC7074E when KeyInfo missing from SAML assertion

Back to Top

Fix Pack 8.5.5.8
Fix release date: 11 December 2015
Last modified: 11 December 2015
Status: Superseded

Download Fix Pack 8.5.5.8
Component
Security APAR
APAR
Description
Administrative Console (all non-scripting) PI42891 No way to delete runtime messages from the administrative console
Administrative Scripting Tools (for example: wsadmin or ANT) PI43440 WASX7015E: Exception running command: "AdminUtilities.getScriptLibraryFiles()"
Classloader PI28774 Enable ClearClassCache to emit results
Data Replication Services PI45227 Session data is returned after a full 5 second DRS timeout
Default Messaging Component PI39339 sibDBUpgrade.sh syntax error
Federated Repositories PI44152 Use entity type search filter in get group membership call.
PI44899 NullPointerException while searching for DB repository users
General PI33449 Full profile OpenID Connect RP does not work with Google OP
PI37409 Possible ABENDEC3 timeout in WebSphere z/OS servant region when running as client with webservices and JMS (sibus) in same SR
PI38899 java.lang.NullPointerException might occur when the deployed J2EE application with CDI annotations is stopped.
PI40088 Producer-field for EntityManager leads to exception
PI40549 UnproxyableResolutionException when injecting a bean with non-private final methods
PI40568 Custom property com.ibm.ws.management.suppressPortScan not stopping all port scanning
PI40870 New jobs do not start when the WebSphere batch scheduler is terminated abnormally while an existing job is running
PI41555 The javax.persistence.query.timeout property does not work as expected
PI41573 SchedulerComponent class gets stuck in a while loop when a server stops while in invokeSRToUpdateJobStatus method
PI41707 Data corruption in copied tree because when materializing, the child is being linked to the wrong parent
PI42523 Root not injected on URL containing query but omitted path
PI42761 java.lang.ArrayIndexOutOfBoundsException processing parallel batch with no subjobs defined and tracing is enabled
PI42967 ContextNotActiveException encountered when accessing a RequestScoped CDI bean inside a @PostConstruct method
PI43325 ODR server on z/OS is not listening on port defined for ORB_SSL_LISTENER_ADDRESS
PI43900 Parallel job manager subjob stuck in submitted state.
PI44000 The Cross Component Tracing (XCT) requestID is null or not correctly propagated.
PI44337 The error messages displayed when trying to manage an unmanageable server in a standalone environment are not helpful.
PI44494 Message BBOA7102E is seen when variable ola_rrs_context_propagate_otma=1
PI44534 Provide Windows debugging information for the was.process native-code DLL
PI44580 Updating the SERVER_LOG_ROOT environment variable doesn't update the location of the btrace and objects log files.
PI44859 Error when trying to force an eager fetch on a query
PI45241 The call to the API /Cell=:ServerCluster=:EventInfrastructureProvider:/ is failing
PI45266 HTTP response splitting vulnerability CVE-2015-2017
PI45287 APAR PI9074 might cause unexpected issues with web services applications
PI45355 Users in the LRMONITOR role cannot view saved jobs in the job repository
PI45360 Error "Duplicate resources found with name:" when running migrateConfigTo85.py
PI45575 HashMaps are not thread-saved in org.apache.openjpa.datacache.DataCacheManagerImpl
PI45852 IMS Batch DLI jog gets ABEND04E reason code 00D44033 when calling bboa1reg
PI45899 Editing a custom health policy in intelligent management shortens original text.
PI45900 Portlet API Version 2.1.0 update
PI46605 Small performance improvement to CDI
PI46614 NullPointerException at NamedDeclaration when XML has duplicate XSTypeDefinitions
PI47114 ODR fails to start due to invalid routing rule syntax
PI47460 Add multi-provider support to OpenID Connect relying party in the full profile.
PI47812 App edition rollout fails when attempting a split deployment rollout with EJB modules
PI47842 When doing IdP-initiated SSO, if a RelayState is not in the SAMLResponse, the authentication will fail.
PI47989 Session affinity break when using intelligent management validation mode
PI48116 Incorrect default path for WebSphere plugin, when creating an IHS webserver from the administrative console.
PI48222 Extra = in ibm-ejb-jar-bnd.xml for the work manager JNDI name triggers an ADMA0115W warning during deployment
PI48547 Under stress Intelligent Managment sends out of order messages which causes the Plugin to crash
PI49036 Prevent console links from opening as new tabs after viewing charts
PI49194 Numerous GSK_WOULD_BLOCK messages in the http_plugin.log during web server startup with intelligent management enabled plug-in
PI49211 Application binaries not updated during WebSphere Portal Server upgrade on z/OS
PI49437 Need to ship batik.jar that correctly displays with Tivoli Performance Viewer.
PI49506 Numerous 307 responses for the IM enabled plug-in and increased network traffic when im plug-in switches between connectors
PI49871 Intelligent Management enabled plug-in changed $WSRA value.
PI49890 Health management SNMP trap sets agentAddr to wrong IP address
PI49937 Exception com.ibm.ws.xd.vv.nodedetect.NetworkInterfaceUtil.getMacAddresses is seen on start up on Solaris
PI50075 EJBDeploy RMIC class not found exception on Sun OS when using non-default JVM
PI50503 Post install shows partial success in WebSphere Hypervisor environment on applying a fix pack
PI50525 Excessive append calls cause high CPU when using VE and PMI
PI50562 Intelligent Management DCPC0332E reason code is not always correct.
PI50566 FFDC logged during node agent startup on Liberty profile server creation
PI50672 After a new edition is rolled out and old edition deleted requests will return 500 errors in the ODR
PI50889 Add capability to LogRecordContext to have add and remove Extension
PI51426 Publish WSDL is not picking up the changes made to the HTTP URL
PI51486 FileNotFoundException during profile creation
High Availability (HA) PI40412 DCSV8030 message explanation should include a link to appropriate technical document
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server.
Install PI41455 WAS_HOME/properties/postinstall/actions/os400PropertiesSetup.ant corrected
PI45999 javax.rmi.CORBA.UtilClass=com.ibm.ws.orb.WSUtilDelegateImpl needs to be removed from orb.properties file
PI49927 Update to command productInfo viewLicenseInfo
Java 2 Connectivity (J2C) PI41925 Improve administrative resource display performance
PI42046 Datasource TestConnection through wsadmin can result in a failure after a client reroute warning
Java Management Extensions (JMX) or JMX Client API PI45882 Handle error condition gracefully with corrupted configuration
Java Message Service (JMS) PI46480 NullPointerException thrown after input stream closed.
PI48759 The TCP Channel's Host Name Include and Exclude lists are case sensitive
JSP PI43036 JspTranslationException when using a JSP tag containing another tag with deferred-attributes
PI44611 JSP engine throwing an IllegalStateException when PageContext.findAttribute(string attributename) is called
Liberty Fix List Detailed list of APARs for WebSphere Application Server Liberty
Object Request Broker (ORB) PI47559 A large amount of common storage is being used when there is a large number of WebSphere cells on a single z/OS system.
PD tools (for example: Log Analyzer) PI37108 Unexpected commit when WebSphere is cancelled
PI41701 No warning message for Java dumps and cores when server is not started
PI44459 Improper loglevel of trace string will not generate trace
PI48699 Unable to set the level for loggers that are requested by classes in the com.ibm.ws.bootstrap.jar bundle.
Plug-in PI46569 Plugin may crash if connect calls are interrupted
PI49893 Allow certificate validation to be disabled
PMI/Performance Tools PI48619 Excessive appendCustomSetString calls cause high CPU when using VE and PMI.
Runtime PI42112 WSVR0322W emitted for empty classpath definition
Runtime (zSeries®) PI44159 Activation specs not started in all servers in a cluster during server initialization.
PI44409 Server takes a long time to start through the administrative console
Security PI41238 ErrorPage parameter on AdminTask.addSAMLTAISSO has a misleading description
PI42628 Local OS registry initialization error
PI43727 Expiration monitor stopped working if the certificate is not generated by WebSphere Application Server
PI44588 The pull-down menu "cipher suite groups" cannot be displayed correctly in Microsoft Internet Explorer
PI44880 Improve serviceability for form-logout processing.
PI47190 Add simple ldapSearch function to help configure user registry.
PI48386 Extra information in Trace
PI48460 Failure to convert certificates when CMS keystore is present
PI49025 z/OS users could experience authorization failures and see error message: SECJ0129E: Authorization failed for user
Services Component Architecture PI48565 SCA implementation.jee application may not start
Session Initiation Protocol (SIP) Container PI42867 Exception in SIP container caused by many disconnections from the failovered server in very short period of time
System Management/Repository PI43788 Auto-deploy not setting session manager attributes
PI52103 Vulnerability in Apache Collections used by WebSphere Application Server
Transaction Service PI43890 Add additional information to CWRLS0030 message to aid startup trouble-shooting.
PI44969 NullPointerException thrown from TerminatorImpl initialization
PI45319 NullPointerException appears during partner log recovery processing
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI44237 CData section is not preserved during parsing the SOAP message
PI44570 GET request with a SOAPAction header ends in 503 response on z/OS.
PI44781 Dynamic outbound endpoint SSL configuration is not picked up by webservices when proxy is used.
PI45126 In JMS messages, special characters are not correctly encoded.
Web Services Security PI38151 Throw exception if receive unsupported keyinfo in SAML
PI45840 Allow PasswordDigest on UsernameToken in JAX-WS WS-Security with custom login module
PI48578 CWWSS8014E error in SAML Web SSO can be misleading
WebSphere Common Configuration Model (WCCM) PI42186 Application deployment does not preserve signatures of fragment jar files.
PI45373 The cmp-field elements of EJB deployment descriptors are ignored.

Back to Top

Fix Pack 8.5.5.7
Fix release date: 11 September 2015
Last modified: 11 September 2015
Status: Superseded

Download Fix Pack 8.5.5.7
Component
APAR
Description
Administrative Console (all non-scripting) PI35762 Administrator role unable to see the CORBA naming service users permissions
PI37045 Renewing a personal certificate in RSA token keystore does not update a certificate alias name in security.xml
PI38589 After modifying an application's default session mgmt properties in admin console, its not possible to re-enable the defaults
PI39360 Command generated using console command line assistance failed with StringIndexOutOfBoundsException
PI40490 NullPointerException when creating a nameserver using a wsadmin jython script
PI41076 JMX client fails to connect with ClassNotFoundException: com.ibm.ws.management.PlatformMBeanServerBuilder
PI42083 NullPointerException when opening memory-to-memory replication page in administrative console.
PI42208 Override the console preferences of all users to always sync with a save.
Default Messaging Component PI33341 Service integration bus messaging engine fails to start with NullPointerException when PMI is enabled
PI36881 Messaging engine attempts to obtain lock on the datastore even after the defined timeout value.
Enterprise Edition (EE) PI32805 java.lang.ArrayIndexOutOfBoundsException thrown by com.ibm.xml.xlxp2.api.util.DataBufferHelper.computeCoords10
PI37349 Content in XML elements sometimes lost when using JAX-RPC web services
Federated Repositories PI35743 Race condition may cause excessive number of SQL calls to property extension database
PI36794 VMM database schema missing city property definition
PI37525 Concurrent update/create failing on shared Oracle LA/DB in VMM
PI37682 Retrieving users/groups on manage users and groups panel by default
PI38918 VMM api not returning value if attribute name contains semicolon ;
PI40830 Set default of value of supportChangeLog to none from CLI
General PI17457 Javacore file is packaged into the server dump in an incorrect encoding.
PI31024 Data corruption in copied tree due to original tree not being built.
PI31273 osgiCfgInit.sh -all may output unreadable messages
PI31409 CDI support with EJB timer usage
PI31682 FileNotFoundException when using installWSGridMQ.py script.
PI33284 NullPointerException generated by Apache wink library when processing HEAD requests
PI33955 SIP container throws NullPointerException when invalidating SipApplicationSession
PI34088 Error in SAML web SSO TAI with custom sp-initiated SSO
PI34326 Frequent WSOpaqueToken W SECJ5003W: errors in systemout.log when using OAuth TAI
PI34330 NullPointerException while providing internationalization service
PI34375 Exception not caught in the Decorator
PI34445 Exception while shutting down the application server
PI34548 URL fragments may be removed when requests are processed by the SAML Web SSO TAI
PI34779 Implement a way to configure the default representation of JPA boolean fields
PI34897 ArrayIndexOutOfBoundsException starting a server that has no compute grid function enabled
PI35439 NullPointerException while running recoverMEConfig command
PI35453 OpenJPA transforms JPQL to SQL incorrectly
PI35756 Deploying an application with an embedded CICS resource adapter fails with an AccessControlException.
PI35894 LibraryMgr is not enabled for recovery mode start of was in z/OS
PI36179 ReInvites are frequently canceled with NullPointerExceptions
PI37165 java.io.NotSerializableException occurs when serializing an HTTPSession used by the UDDI GUI application.
PI37687 IBM Embedded WebSphere Application Server is missing the jar files for OpenID and OpenID Connect
PI37710 WebSphere Application Server Servant Region receives an OC4 ABEND.
PI37712 OSGi dynamic import resolution is slow
PI37912 Console shows "Add a server" instead of "New server" under "Servers" option
PI38116 Provide option to not flush internal response objects in FileServletWrapper.
PI38200 APC doesn't take instant action for cluster violations between time period specified by the min time between placements value
PI38265 WS-Notification broker may fail to deliver notifications due to IllegalStateException issued by the IBM StAX parser.
PI38626 z/OS servant hangs during initialization
PI38764 Enable Kerberos token in HTTP header for web services
PI38793 WebSphere batch scheduled jobs through JMC are not starting.
PI38811 manageprofiles.sh -backupProfile runs even if there are clusters or managed webservers up and running.
PI39657 SIP Proxy can deadlock if client uses the CRLF Keep-Alive technique.
PI39748 While restarting the job java.lang.RuntimeException is thrown with parse error 13.
PI40002 Update the system SSL cipher list
PI40117 Setting date after 2038 year as "long date" generates ArrayIndexOutOfBoundsException
PI40212 Requests are being accepted and served before all the ear is started.
PI40292 Active cell agent gets erased in star topology, so that center cell APC has no point cell information.
PI40544 CDI decorator for an interface must directly implement cannot inherit from a super class
PI40941 Truncated DNS response causes SIP threads to block
PI41114 APC hang problem causing uneven load balancing
PI41133 Unable to update job log mapping file: delete() failed, not found or could not be formatted.
PI41325 Improve logging in wctcmd command
PI41369 Using @Inject @Any causes errors
PI41373 Colon (:) gets removed from ODR HTTP redirection rule
PI41525 CWWIM4564I reworded to include that the host was pinged.
PI41557 Change default certificate to be SHA256withRSA certificates
PI41582 Purge issue for scheduled jobs
PI41588 Best routing rules not always found when using generic server cluster routing policies
PI41729 The grid endpoint list shows up empty when using an app server running on an administrative agent profile
PI41941 Improve error messages SRVE9002E and SRVE8011E
PI42077 ODCF0002E is printed in nodeagent's systemout when starting nodeagent
PI42231 Exception retrieving the value of a nilled element in order to pass to a Java extension function.
PI42281 Suppress SRVE0255E error message in systemout trace
PI42338 NullPointerException when XSI type has no namespace defined
PI42499 Cannot set maintenance mode when number of nodes = minInstances of a dynamic cluster & vertical stacking is enabled
PI42609 PJM batch jobs that go to restartable will not restart
PI42673 Extra information in logs with Datasource custom properties
PI42784 unsetMaintenance mode for nodes fails intermittently
PI43096 Missing serverindex.XML throws NullPointerException
PI43144 Extra information in Mail Trace
PI43215 Compilation error when multiple XQuery files import one common file
PI43251 Isolate deployed artifacts from OSS packages
PI43347 Overlapping context roots may result in an HTTP 404 error message.
PI43678 Application server fail to start if old pid file exists and is being used by other process
PI43749 Data corruption in copied tree during unnecessary materializing copied nodes
PI43964 Multiple APC instances are seen running at the same time in a cell
PI44066 WSGrid issue when restarting the messaging engine inside the administrative console
PI44214 getParameter() does not work after getReader()
PI44976 Remove the NullPointerException thrown when running createLibertyServer command in local mode
PI44978 Intelligent management enabled websphere plug-in does not process any updates after an initial error is encountered
PI44983 PrivilegedActionException due to DocumentNotFoundException generated FFDC on the ODR in a multi-cell environment
PI44989 Update CWOBB1009W message
PI45136 Cluster server template property change does not reflect in server
PI45153 wctcmd.exe does not list existing definitions when using the -listDefinitions argument
PI45639 Out of memory errors in on demand router(odr)
PI45844 NumberFormatException occurs when running in environments that has a locale setting that uses a comma for the decimal mark
PI46291 Uncaught exception displays error in visualization trace
PI46502 Error in handling the input parameter of on demand route cluster for routing rule commands
High Availability (HA) PI41276 Server fails to start when HA coregroup "transport memory size" is set more than 256 Mb
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server.
Install PI34928 Installation warnings when rolling back offerings that include a Java JRE
PI41712 Installing Java 7.1 on RHEL 7.1 it gives message no supported operating system
PI43868 Update intelligent management webserver plugin retryInterval property with correct unit
PI45052 Update license files
Java 2 Connectivity (J2C) PI33656 Enhance statement cache multi-thread access detection
PI36870 Memory leak when "_" character used in JMS connection factory name
PI37749 JDBC Wrapper implementation of ResultSet.isClosed returns false after DB2 JCC driver has closed the ResultSet
PI44021 ActivationSpecWrapperImpl.toString() null checking is incorrect
PM97050 javax.transaction.TransactionRolledbackException is thrown due to java.lang.NoClassDefFoundError
Java Message Service (JMS) PI35277 Server not responding to Continue message as expected
PI35402 java.lang.NumberFormatException is thrown when expiry is set to "SPECIFIED" for a v5 default messaging topic or queue
PI37454 BBOJ0099E: MDB problem: internal stop issued for MDB listener
PI40241 A web service request using secure sockets fails
Java SDK PI38788 Hung thread caused by MyFaces
PI42335 Package the ORB 7.1 jars with the WSAS 8.5.5 thin client jars
JSP PI45939 The JSP batch compiler asumes that the -response.file file contains only ISO 8859-1 charset.
Liberty Fix List Detailed list of APARs for WebSphere Application Server Liberty Profile
Object Request Broker (ORB) PI38104 Server took an abend EC3 reason code 0406002e when a CG thread attempts to get a cell from an expanded ORBR cell pool.
PI40209 Message BBOO0327I can be improved by having it include: transaction class, service class, and report class if available
PI41788 control_region_dreg_on_no_srs=1 not working as expected when an adjunct region is active but servant regions are not
PI42590 BBOO0038E function IWMSTEND failed with RC=8, reason=119c084f, extended 473727 reason=xxxxxxxx.
PI43141 WebSphere z/OS MODIFY commands, PAUSELISTENERS and RESUMELISTENERS, do not include Activation Spec listeners.
PD tools (for example: Log Analyzer) PI37095 0C2 Abend 00C2 reason code: 00000002 during recovery from an 0C4abend
PI39744 Server stops due to FFDCFilter.processException() not catching exception
PI41698 Javacore function in the console not displaying right msg
PI43063 Collector tool does not collect files in temp directory
Plug-in PI29182 Consolidate domino choice within PCT
PI39126 Modify plugin to automatically accept GSKit security upgrades
PI40974 Websocket connection fails when origin server does not send a content length header in the upgrade response
PI42116 Message C2M1212 produced in websphere plugin job log
PI42490 Second connect fails when using same socket
PMI/Performance Tools PI35028 CWPMI0010W message should be warning instead of error message.
Proxy Server PI38403 Potential Information Disclosure in On Demand Router CVE-2015-1932
Runtime PI38330 library.policy is not applied to non-isolated shared library but is applied to isolated shared library may see SECJ0314W
PI44532 An AdminException occurs when syncing node containing a Liberty profile server
Security PI29527 Abend S878 when high number of users from a large SAF group log in.
PI37396 Potential spoofing vulnerability in WebSphere Application Server CVE-2015-4938
PI38492 The PropFilePasswordEncoder.sh did not work properly when running from command line.
PI38596 Hang in findNonNullKeyEntry() of com.ibm.ws.security.EJB.BeanPermissionRoleMap
PI38685 Servant region does not stop, deadlock
PI38917 NullPointerException when attempting to enable FIPS
PI39046 Custom TAI throws NullPointerException when TAIResult returns null
PI39369 NullPointerException error may occur when security is enabled and provisioning is disabled.
PI39396 Same value is set for LTPAToken and LTPAToken2 cookie in HTTP response
PI39552 The TAI interceptor in the global security is deleted when the TAI interceptor in the security domain is being deleted.
PI42153 Retrieve signers from port does not honor the enabled cipher suites setting.
PI43170 Display a better message when keystore file does not exist.
PI43768 Remove SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA from the strong cipher list.
Servlet Engine/Web Container PI46499 NullPointerException might be caught in the servlet listener code when security is enabled.
System Management/Repository PI38090 SOAP connector port conflict message in nodeagent log
PI40060 ADMA8019E message seen while trying to map resources during application deployment
PI43161 Partial application update fails due to case sensitivity on Microsoft Windows operating systems
Systems Management Functions PI41554 Job manager job generateMergedPluginConfigForLibertyProfileServers might fail.
Transaction Service PI38387 When storing transaction service logs in a non-HA database data may be lost and the transaction service may fail to connect
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI34919 WSDL4J throws WSDLException caused by SAXParseException when schemaLocation=""
PI35741 JAX-WS service provider application does not use temp files for large attachments
PI37671 Missing JSON response data from JAX-RS client appliction.
PI40869 Out of memory when too many webservice-ref elements in ejb-jar.xml
PI42135 Extra information is displayed in browser window
PI45894 Workspace leak in SysMgmtHelperImpl during application install.
Web Services Security PI32262 AuthenticationCache entries with SAML tokens getting large and causing OutOfMemory
Workload Management (WLM) PI41759 Cluster ripplestart delays when attempted from stopped or started state

Back to Top

Fix Pack 8.5.5.6
Fix release date: 26 June 2015
Last modified: 22 June 2015
Status: Superseded

Download Fix Pack 8.5.5.6
Component
APAR
Description
Administrative Console (all non-scripting) PI31313 In an HA Dmanager configuration, registering a Dmanager to a Job Manager can select the wrong Dmanager instance.
PI34418 Long wait time when clicking apply after changing application startup weight in admin console. Hung thread showing in logs.
PI36363 Setting browser to never refresh prevents sync from taking place.
PI37945 Null message in administrative console caused by NullPointerException when modifying SSL Config due to missing trustStore
Administrative Scripting Tools (for example: wsadmin or ANT) PI35758 NullPointerException in wsadmin when connecting to node agent with trace on
Data Replication Services PI33639 Message "CWWDR0008E runtime exception occured : Unable to locate replication domain" does not include the name of the domain.
Default Messaging Component PI31775 JMS messages buildup on the destination when TopicSpace mapping is used across multiple buses
PI32705 Large number of TickRange instances under GuaranteedTargetStream consumes more memory and may create
Dynamic Cache PI34631 DYNA0044E: xml parsing warning: Document is invalid: No grammar filed., while parsing file xxxxxx.xsd
Federated Repositories PI30252 getUsersForGroup does not return members of subgroups when baseEntries and nameInRepository differs
General PI06130 Edge Load Balancer for IPv4 and IPv6 crashes, when LB tries to remove a node
PI26198 SIP Container does not recognize that SIP Proxy is available.
PI27749 UDDI registry application fails to handle non-ASCII characters
PI28627 CScope component is causing a 10 minute delay to server startup and generates multiple CWRLS0030W messages in the logs
PI28851 NullPointerException when starting the job scheduler server in a cell with intelligent management enabled
PI28981 When JVM restarts and jobscheduler EJB s are not started yet, an exception can occur
PI29184 Changes to AnnotatedType are not reflected in ProcessBean.getAnnotated()
PI29397 LTPAToken cookie is always deleted when LTPAToken cookies are deleted even though interoperability mode is disabled.
PI29412 When using a fetch group with a JPQL query, only the fields in the fetch group are returned.
PI29421 CDI getInjectableReference() is not working as expected
PI29464 Error on Firefox browser while accessing console from firststeps.
PI29634 WebSphere OAuth TAI template cache has a synchronized lock and can block many threads.
PI29817 JPA persistence not working in case of specifying O/R mapping information in orm.xml
PI29885 While using the async threads inside the main thread, session manager code throws IndexOutOfBoundsException.
PI30007 The administrative ID lost authorization roles after applying fix pack 8.5.5.3.
PI30035 Temporary files created by Liberty profile as it installs the EBA packages are not getting deleted
PI30212 CWWSS8031E error when a request matches the acsUrl and filter definitions for the SAML Web SSO AcsTrustAssociationInterceptor
PI30321 Detailed message for BBOO0221W: Could not resolve variable
PI30385 Domino nhttp task crashes when using the WebSphere plugin with the option ChunkedResponse=true
PI30464 Error creating transport chain via dynamic cluster server template
PI30467 Incorrect locking behaviour of OpenJPA
PI30597 Web server crashes if plugin-cfg.xml config file is not specified in the web server configuration
PI31323 JPA cache.contains(...) returns wrong value
PI31557 Message bean instances injected with the CDI @new annotations are not @PostConstructed
PI31689 WebSphere NPE ContextImpl.HandleSyncToOSThread using EJBTimer after migration from v6.0.1 to v8.0.0.
PI31734 WebSphere HTTP response might have multiple Set-Cookie: JSESSIONID headers
PI31799 A NullPointerException error may occur when a WS-Security kerberos token generator is mis-configured and trace is enabled
PI31826 Enabling version 8 server for performance data collection services causes abort
PI31922 New JSF applications may fail after deployment if another JSF application is deployed in the server using its own EL parser
PI31945 CDI UnsatisfiedResolutionException from MDBs and startup beans
PI32026 The message "BBOA8090E An error occurred during TRUE enablement with reason code 63" is not clear for client self-assist.
PI32113 During Initialization of the WebSphere Application Server, there is a delay of 5 minutes or more.
PI32117 WebSphere plugin crashing on request to /server-status when intelligent management is enabled
PI32125 NullPointerException in Portlet Container CacheHelper
PI32250 NullPointerException in PortletFilterRegistry method getFilters
PI32293 SAML web SSO TAI is not working when IDP certificate renewed
PI32374 JAX-RPC application with large attachment may consume large memory for calculating the size of the attachment.
PI32545 Skip record processing is not working for job writer.
PI32579 Allow the OnBehalfOf or ActAs elements in an STS request to contain a SAML token
PI32632 Duplicate error page will be shown when 413 return code received
PI32652 Unable to start server from IBM i QShell environment due to class loading issue
PI32689 OpenJPA fails to recompute the JPQL when a null field of an embedded primary key is now correctly filled
PI32828 ClassCastException com.ibm.ejs.container.WASBeanMetaData incompatable with webcontainer.metadata.WebComponentMetaData
PI32917 The console does not indicate when a new user is being created when adding a primary admin user.
PI33012 CVE-2014-8917 - XSS in dojox
PI33182 The plug-in connection to the application server can fail if it is interrupted during the initial connect.
PI33193 Enabling the same interceptor in different beans.xml fails with interceptor class is already defined error
PI33328 javax.faces.application.FacesMessage is not serializable
PI33412 Storage leak occurs when OSGi applications are stopped and started repeatedly
PI33453 Chunked request might fail to receive all responses caused by delayed last CRLF
PI33513 Edge Load Balancer is observed using high CPU
PI33655 WASX7017E: Exception received while running file "./dumpOdrState.jacl"
PI33782 WebSphere webserver plug-in does not set or propagate headers used by XCT (cross-component trace)
PI33795 Override session management settings on application fails to work when application state is changed from inactive to valid
PI33798 WebSphere Application Server for z/OS can encounter CML lock contention when under heavy load.
PI33923 Property File Based Configuration does not correctly extract URL Providers having more than one URL
PI33930 XCIUnsupportedOperationException occurs during copy process for simple type elements
PI34044 Improve the debug information for messaging engine to messaging engine communication problems
PI34143 Module updates rewrite the module manifest, meta-inf/manifest.mf
PI34299 The MBean of WebContainer ThreadPool metric now contains 2 MBeans instead of one.
PI34319 When there is a failure during rollout both current and new app editions are left inactive
PI34550 SIP ClassNotFoundException while deserializing asynchronous work object that contains array
PI34567 MIGDONE DDL file not in EBCDIC on z/OS
PI34588 Plug-in crashes web server when intelligent management is disabled or enabled
PI35104 Java2 Security AccessControlException in some system applications
PI35174 WebSphere plugin Apache24 loads wrong GSKit on Intel 64bit
PI35178 Plugin to return req_aborted with rc=500 for Solaris
PI35180 Privilege escalation vulnerability with user roles CVE-2015-1946
PI35232 OpenJPA runs "SET ENVIRONMENT RETAINUPDATELOCKS 'ALL'" when Informix database is used
PI35265 ECSA storage growth when resource managers (resmgr) are not deleted
PI35289 Remove the RC4 ciphers from the high list of ciphers that are generated by default CVE-2015-2808
PI35332 Parse error in trace-cfg.xml when LANG=tr_TR
PI35548 Mailer application failing to update table and suspend functionality not working properly for SendPromotionStep
PI35667 Poor transaction performance when storing transaction logs in an a database
PI35729 Issue different message if host and port number are not available.
PI35767 Administrative console produces an FFDC when opening the "job scheduler" link.
PI35769 Heap growth in job scheduler caused by non-WSGrid job notifications.
PI35846 Update WRD help command with Network Deployment edition information
PI35850 Message showing up in logs untranslated
PI35866 Crash in LE module vsnprintf +x 000027fc
PI36130 AdminTask.extractConfigProperties using -configData deployment does not extract the "disable autostart" value
PI36134 NullPointerException when operating HashMap in destroyRequestContext
PI36177 PostConstruct method is not called if there is a second method of the same name
PI36211 Potential privilege escalation with OAUTH2
PI36242 WSGrid script generates 4 unwanted FFDCs but runs sucessfully
PI36346 Performance issue with certain object model operations
PI36563 Remove the RSA_EXPORT ciphers from the medium list of ciphers
PI36566 Groupby element of current-group()[n] does not return a singleton value for xml that use stripspace elements
PI36921 Timing issue causes APC to see an incorrect value of ProactiveIdleStop resulting in violated min instance
PI37124 Wrong query is generated when using JPA 2.2 with criteria builder and sub query
PI37230 Potential security vulnerability with the Administrative console CVE-2015-1936
PI37291 WebSphere batch skips input line if there is an exception after restart.
PI37304 Incorrect JSP translation for the expression
PI37485 Comparison between encodings should be case-insensitive. JSPG0088E
PI37497 Application runtime failed with HTTP method PUT is not supported by this URL
PI37794 Load Balancer for IPv4 and IPv6 8.5.5 should work with Linux on Power system
PI37982 NullPointerException thrown when a B2B application uses a linked request
PI38043 Avoid repetitive loading of JSF component classes while restoring view in JSF 2.0 portlet bridge.
PI38066 Request to Prefix mapping of Faces servlet may return a 500 Error.
PI38074 Load Balancer for IPv4 and IPv6 is hung under load
PI38211 Load Balancer for IPv4 and IPv6 gets a segfault attempting to access a null pointer.
PI38495 Logs full of XNMI0004E error messages in cell with some nodes that do not have intelligent management running
PI38549 The intelligent management enabled WebSphere plugin causes a segmentation fault when an edition routing rule is modified.
PI38672 Federating a node to a cell fails
PI38804 When using ODR routing rules in a multi-cell topology affinity is broken when routing to server in point with rulesOverAffinity
PI39310 ODC will account for application reads for apps that were targeted but not enabled
PI39725 Intelligent management enabled plugin not using vhosts as expected.
PI39740 InvalidParameterValueException: ADMF0003E: Invalid parameter value false for parameter mode for command setMaintenanceMode
PI39768 Vulnerability in Apache Batik used by WebSphere Application Server CVE-2015-0250
PI39799 TLJ never ends when scheduler killed after subjob reaches ended
PI40019 ServletException errors when trying to create a "routing policy HTTP rule" for an ODR cluster in the administrative console
PI40225 Intelligent management enabled plug-in segfaults due to out of order delete of Server and ServerApplication objects
PI40958 Workspace not getting used when running certificate management command task not connected to a server.
PI41236 High volume of add/del route messages causes rapid odrlib crashes
PI41471 PI21072 has new SNMP_EncryptSecurityAttributes.sh file which runs in all operating systems except z/OS
PI41550 With dynamic routing and auto scaling in a Liberty profile collective, routing may fail after a scale out and scale in operation
PI41728 An inherited qualifier with a value is overridden but the more distant value's ancestor is applied to a bean.
PM83523 A Javacore can occur indicating that the Load Balancer manager thread has terminated
PM86978 The dscontrol quiesce/unquiesce command fails intermittently after 250 runs
High Availability (HA) PI35249 DCSV0001E: DCS stack: Internal error occurred in DCS. The exception is java.lang.NullPointerException
HTTP Transport PI33395 NullPointerException thrown by UDP channel when stopping server.
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server.
Install PI33001 Pluggable application client installation does not accept Java 1.7 or Java 1.8 during im installation
PI39793 Update WebSphere Application Server V8.5.5.5 License to exclude Rational Application Developer
PI40207 Ubuntu 14.04 is unsupported
Java 2 Connectivity (J2C) PI28099 Defer activation of JMS/MDB activation specification until the synchronized server startup on z/OS
PI30546 PMI is showing negative percentUsed for poolsize in TPV
PI34641 Deadlock in J2C code during application server startup or shutdown
PI35354 Custom property of J2C activation spec of rar included in ear is deleted after updating application.
PI35502 NullPointerException during lookup of a ConnectionFactory from a BPM-WXS environment
Java Message Service (JMS) IT00390 a WMQ 7.1 JMS application fails with J2CA0046E error when trying to create a connection to a queue manager.
IT01374 WMQ V7 Java: A message may not be converted to unicode when SHARECNV=0 is set on a client channel.
IT04039 WebSphere MQ FTE error: BFGIO0189E Unable to convert the character set "IBM01141" to a coded character set id
IV57472 WMQ 7.1 AMQ9504 protocol error received at the qmgr and AMQ9213 at the client when a JMS session is shared by multiple threads
IV59264 ABN=0C4-00000004 in CSQMCPRH when using the WebSphere MQ classes for Java
IV60008 Add support to WebSphere MQ and JMS classes for the character set "CP1166", or CCSID 1166
PI31292 getPathInfo returns a semi-colon for the ";xxxx" appended after the request URI
PI31447 The server adds a /(slash) to response URI if the inbound request URI has a ;(semi-colon)
PI35905 Update 8.5.5 WMQ RA to 7.1.0.6
PI36010 Channel framework NCSA access log service time
PI39376 The ibmaio.pdb files are not shipped for WebSphere Application Server 8.5.5
JNDI/Naming PI29849 Naming exception cause is unclear
PI30936 When looking up an EJB using a call to NamingContextExt.resolve_str(), a null might be returned.
Liberty Fix List Detailed list of APARs for WebSphere Application Server Liberty Profile
Migration PI30817 Migration changes core group IDs to the default CoreGroup ID
PI34638 Migration job BBOWDPRE, step PREUPGRD takes a very long time to complete
PI35237 Processing of the sib-engines.xml file during migration causes a NullPointerException on WASPreUpgrade
Object Request Broker (ORB) PI34999 SMF120-9 record field bytes from server is zero
PI36356 Dump occurs during stop of job scheduler control region.
PD tools (for example: Log Analyzer) PI28814 Deadlock can occur when one thread is trying to rotate log file and another is setting a new trace specification
PI28937 java.util.logging.Logger objects do not inherit logging level from parent logger objects
PI38083 Collector tool not gathering was, debug, and os directories in Microsoft Windows 2012 R2
Plug-in PI32029 Unnecessary annotation scans for ejb-in-war content in a module.
PI32786 Auto-propagation fails if dmgr process has non-default name.
Programming Model Extensions (PME) PI32169 Asyncbeans logs error ASYN0066E and can lead to a slow memory leak due to timing issues related to work completion
PI34146 Repeated start and stop or re-deploy of application resulted in OutOfMemory
Proxy Server PI32034 HTTPs advisor retries the advisor request if the response does not match the advisorresponse.
PI32719 64-bit 2.6.32-358.18.1 kernel module for RHEL6 is not installed.
PI35473 There is a synchronization issue with quiesce and the server up and down commands.
PI40035 Update WebSphere Application Server 8.5.5.6 licenses
Runtime PI27505 Generic server creation with no executable name or start command resulted some errors in nodeagent log
PI29771 An ABEND DC3 reason 000c0009 surfaces after attempting to start a control region after an IPL. Subsequent start is successful.
Runtime (zSeries®) PI36264 No message indicating classification level tracing is enabled
Security PI32242 Missing file causes errors during profile creation in BBOWWPFA job.
PI33215 ASYN9999E messages may fill logs if security attribute propagation is disabled
Servlet Engine/Web Container PI27835 Incorrect validation of MultipartConfig annotation
PI31622 Privilege escalation with serveservlets CVE-2015-1927
PI35394 Incorrect validation of WebServlet annotation can result in ValidationException
PI38357 Add more details to the WebAppHostNotFoundException
System Management/Repository PI30878 Shared library at cluster scope overwritten by PFBC c when user create a shared library at cell scope with the same name
PI33944 Microsoft Windows service not used when starting server from command-line
PI34572 AdminTask.applyConfigProperties uses a password incorrectly
PI37248 A property file based configuration (pfbc) file might fail to apply.
PI38302 CVE-2015-1920 Security vulnerability in IBM WebSphere Application Server
Transaction Service PI18414 Transaction or recovery log file may become corrupt if process dies
PI28635 WS-RM 1.0 synchronous application requests are constantly resent despite having been acknowledged
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI28681 ParseException during processing webservice with MTOM request with a space or CRLF before xop:include element
PI29521 Allow users to control where attachment files are cached to disk
PI29784 Public method in super class of webservices annoted class is incorrectly exposed as webservice
PI30166 Outgoing web service request is missing the closing MIMEBoundary tag.
PI31471 NullPointerException with WebSphere ThinClient at SandeshaOutHandler.invoke
PI31777 Dynamic outbound endpoint SSL configuration is not picked up for webservices when proxy is used.
PI32411 BPM receives NullPointerException due to jaxwsNoWSDLProviderOperation
PI33437 On error previous SOAP part is not cleared and is sent out
PI35285 WSWS7027E and WSWS7054E errors (WSDL file could not be generated) may occur during web service deployment or startup
PI37874 A web service thread holding a synchronization lock may hang during application deployment
Web Services Security PI33760 SHA-2 signature algorithm cannot be specified for SAML token in SAMLIssuerConfig.properties or WS-Security bindings
WebSphere Common Configuration Model (WCCM) PI28927 Inner class name containing a $ character is incorrectly obtained by the annotation scanner.
PI29967 Mixed node deployment fails when application EJB upgraded by the application server
PI37029 Incorrect behavior of getResources allow one catalog.xml can be recognized and loaded
Workload Management (WLM) PI37801 Thread sleep in WLM Rule.Etiquette registerNotificationType causes thread hangs when cluster member descriptions not avail
Fix Pack 8.5.5.5
Fix release date: 13 March 2015
Last modified: 11 March 2015
Status: Superseded

Download Fix Pack 8.5.5.5
Component
APAR
Description
Administrative Console (all non-scripting) PI25136 Attempting to update an application from the administrative console returns error 500 and NumberFormatException
PI26128 From the console if you select everything under policy attachments it generates multiple entries in bindings.xml
PI26222 Memory to memory replication link issue
PI26590 Mapping shared library to an application via admin console: changes not saved and NullPointerException results
PI26930 Mail validation is too strict for security notification emails
PI28879 "Generic Servers" might remain as "defunct" processes in the system after being stopped.
PI29003 Setting memory-to-memory replication fails with NullPointerException
PI29631 Referenceables parameter is missing in the command generated by command assistance
PI31142 If workspace for user exists when logging in to administrative console, the workspace will be loaded regardless of user selection.
Administrative Scripting Tools (for example: wsadmin or ANT) PI25880 $AdminApp edit fails with java.util.regex.PatternSyntaxException
Data Replication Services PI23397 Delay in replication message delivery
PI26233 The members of the replication domain contains excessive members
Default Messaging Component PI22569 MQ RFH2 header is propagated even though it is disabled at the destination.
Dynamic Cache PI28016 NumberFormatException in extended cache monitor
PI28515 Dynacache CWWDY1064E or DYNA1064E is written for containsKeyDisk() operation
EJB Container PI26271 Remove the FFDC entry
PI27924 UserTransaction cannot be used from a CDI instance created within the context of an EJB
Enterprise Edition (EE) PI28418 Web service request message might be missing a prefix with the namespace in a child element
Federated Repositories PI24253 Duplicate predicates in LDAP query is causing performance issues for client.
PI24537 ClassNotFoundException after running command dumpNameSpace.sh
PI28542 NullPointerException while initializing the policy handler for openldap
PI30945 CWWIM4538E message improved to include repository IDs.
General PI15310 StackOverflow error or NullPointerException occurs under heavy load
PI16847 Schema setting in the ORM file does not propagate to the generated sequences
PI17577 PMT freeze after entering a domain user for wasservice panel
PI17938 Multiple profiles creation at same time using manageprofiles.sh fails
PI18178 NullPointerException in QueryKey.createKey using criteria with QueryCache enabled
PI19732 First JPQL with left join fetch for lazy loaded specified and data cache enabled. Subsequent does not get loaded.
PI20433 JPA pagination is not working
PI21665 WebSphere can use the same from tag and via branch in two different requests even if call-id is different.
PI22650 SIP container sends error responses even after ACK received
PI22671 Application issue due to how bindings are merged.
PI23126 adding contact header on derived sessions
PI23787 While using the B2bUAHelper the branch becomes longer when the UAS sends the re-Invite. This fix is to shorten the branch.
PI24001 The JspWriterImp is not properly cleaning up resources in memory after a request completes.
PI24352 Customization jobs should support SMS allocation options
PI24575 Use of JoinColumn targets to another JoinColumn key exposed as an attribute will cause a ConstraintViolation exception
PI24728 installWSGridMQ.py script requires manual changes before runnning
PI24850 "Inbound 412" response not counted in PMI
PI25359 SQLException thrown when running two Oracle DLL files
PI25499 NullPointerException thrown when a session in memory was invalidated before the scheduled invalidation occured.
PI25626 Spurious WASX7486W warning message produced when command assistance output is used
PI25740 Abend 0C4 with SMF enabled on native call to z_getstringutfchars.
PI25749 Include partition table information in logging.
PI26023 Property file encoding error causing monitored directory deployment failure
PI26049 OpenJPA PersistenceException: LongId cannot be cast to <class name>
PI26201 UnsupportedOperationException when using application scope JSF bean with dependency injection via @ManagedProperty & eager=true
PI26373 Remove "log file(s) are purged" message when the logs are purged using purge job utility.
PI26375 ServletException when customer configures security role to user / group mappings.
PI26642 Restart of a job is failing with java.lang.NullPointerException.
PI26645 Exception when 408 received with different tag
PI26647 The restarted job remains in submitted status resulting with java.lang.NullPointerException.
PI26666 Property file based configuration updates to web module environment entries might not take effect.
PI26722 SIP container splits the reason header into two headers due to a comma inside a quoted string
PI26735 WSDL4J consumes excessive amounts of memory in the heap
PI26770 NullPointerException when application uses CDI @Produces method with InjectionPoint
PI26845 AdminTask.importSAMLIdPMetadata command generates invalid SAML Web SSO TAI properties
PI26862 Subjob keeps running after top level job has end.
PI27022 Print the levels of CICS modules to allow customer verification
PI27202 During WOLA request processing across regions minor code c9c24c30 and c9c24c15 appear
PI27232 Track hung threads with thread dumps
PI27246 Data corruption caused by adding incorrect node to mutation map
PI27290 Multi-window usage with server-side state saving throws a javax.faces.application.ViewExpiredException
PI27309 After defining your own cookie name, if you try to revert to original name, it doesn't work
PI27385 JPA unexpectedly adds double-quotation in SQL statement
PI27526 The @Produces annotation method on class results in a non-null injectionpoint instance on first invocation.
PI27651 The native WSGrid client code is not installed on non z/OS operating system environments
PI27836 Update the data collector tool for classloader must gather to include the OSGi trace
PI28021 Integrating Liquibase to Application Server through CDI causes a ClassCastException
PI28219 503s returned by the Intelligenent Management enabled WebSphere Plug-in when a series of server starts/stops
PI28233 Updating a datasource property value of type #Boolean causes a new datasource to be added as type #String when using wsadmin
PI28257 JPQL query using openjpa.hint.UseLiteralInSQL=true does not handle boolean constants (<parameter> =true) correctly
PI28290 Unexpected response from SIP message 408 to cn=test user
PI28397 WSGrid PJM Subjobs in restartable state after Scheduler goes down may not be able to be restarted.
PI28413 Some SIP container packages were unnecessary exported.
PI28440 SIP container is returning a re-Invite
PI28447 Web Server plugin configuration tool (pct) updated to change response file saving
PI28590 CDI Conversation scope is not working for JavaServer Faces (JSF) 2.0 portlet project in non-Ajax use case.
PI28693 OpenJPA error: org.apache.openjpa.persistence.ArgumentException: Cannot manipulate identity of type <type>
PI28751 Enhance the performance search for resources in /meta-inf/resources
PI28788 PortletSessionWrapper of JavaServer Faces (JSF) 2.0 portlet bridge return attribute names as null if session is null
PI28908 Automatic Placement Controller cannot make any placement decisions when restarted on a nodeagent
PI29073 Out of memory error using com.ibm.xltxe.mm1mfcg.bel.FcgMethodGenBCEL
PI29084 The substitution properties are not working properly in Compute Grid
PI29438 New node (without any servers) does not enter maintenance mode
PI29446 Misleading message when server lookup in coregroup fails when using AdminTask.modifyPolicy
PI29501 SIP container throws NullPointerException when HPEL trace is enabled.
PI29537 The sample response file for the wctcmd command indicates incorrect values
PI29583 SipServletMessage.getLocalAddr/Port and getRemoteAddr/Port do not return null with container generated 408 messages.
PI29585 Cannot edit memberships of garbage collection using Microsoft Internet Explorer
PI29666 Remove system property com.ibm.ws.webbeans.trackInjectionPointsWithStack
PI29769 SOAP ruleset logging HTTP messages
PI29848 Running AdminTask.listServerPorts in Liberty profile server fails with CWPMC0012E exception
PI29878 OutOfMemoryerror from session scoped managed bean
PI29980 WSAS V8.5.5 node with APC and multiple dynamic cluster members running does not move into maintenance mode
PI29989 NullPointerException in JAXBContext creation occurs when using Java 7.
PI30043 Support JITC startup hints on Java 7.1 and 8.0
PI30067 Application server not starting because of WIMException
PI30208 Support for the Intelligent Management plugin to route in a star topology
PI30281 Need ability to route requests to administrative console through Intelligent Management enabled WebSphere plug-in
PI30400 Update the XML processing for portlet.xml during portlet application installation.
PI30449 Error ASPS0008E during node federation
PI30538 NullPointerException during Transformation hides the real exception
PI30579 Security Vulnerability with FacesPortlet
PI30609 Nillable attribute in schema is not considered when evaluating nilled elements
PI30853 Queue-size PMI counter gets negative on load intermitently
PI30885 Additional output and function need to be added to the configCGSharedLib.py script for usability purposes.
PI30892 A harmless error is created when the Top level job is cancelled while it is in the running state
PI30934 migrateConfigTo85.py --backup generates 2 typos
PI30994 Overlapping URIs in a single ODR workclass can cause the ODR to select the wrong cookie when attempting to honor server affinity
PI30995 APC should not breach the min instance of dynamic cluster
PI31093 Enable declaring EJB beans (stateless or singleton) in an EJB bundle jar as JAX-RS services
PI31315 Capacity leakage issue for CI job in mixed mode
PI31429 Provide a textLog for servants for HPEL on z/OS
PI31959 File name error on the dynamic cluster server template logging and tracing pages
PI32544 Exception during invalidation of SipSession which acts as UAC if message was created but not sent.
PI32647 With Java2 security on, the SECJ0314W is thrown.
PI32677 Parallel job manager top level job stuck in cancel pending state.
PI32941 retrieveSigners.sh failed with java.lang.NoClassDefFoundError: com.ibm.ws.management.connector.JMXConnectorContext
PI32953 Generated class in JAXB code gen process is not finishing its initialization in thread 1 before its accessed by other threads.
PI33945 Heap growth in job scheduler servant region when running WSGrid.
PI34033 WSAS z/OS local communication client may hang in termination.
PI34048 Incorrect default selection in Administration UI
PI34253 Intelligent Management enabled WebSphere plug-in seg faults under stress while routing a request bound to Liberty profile collective
PI34372 Displays error if invalid RuleType is given to wsadmin CreateRuleset command
PI34567 MIGDONE DDL file not in EBCDIC on z/OS
PM86697 Followup to PM73096. Handle additional cases of archive memory leaks.
PM94774 System message: WXMI0004I: Reading action from null
High Availability (HA) PI31401 Add additional information for DCSV1115W
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server.
Install PI29207 ClassNotFondException thrown when using JDK for Liberty Core with Liberty profile
PI29328 Add support for RedHat 7 and SLES 12
PI31073 Unsupported platform warning when installing Web 2.0 and Mobile Toolkit 1.1.0.6 offering on Power8 Little Endian
PI31340 On Micrsoft Windows(Win7), installation of JDK7 on Liberty profile fails if the registry entry DelayedExpansion is set to 1
PI32255 versionInfo.sh and historyInfo.sh failing to process history.xml file
PI33671 Update legal license for IBM WebSphere Application Server V8.5.5.5
Java 2 Connectivity (J2C) PI22672 JCA connection is not freed after an exception is encountered
PI23279 OutOfMemory caused by leak in com.ibm.ejs.ras.TraceComponent and java.util.concurrent.ConcurrentHashMap
PI24960 Variable in the user id field is not expanded correctly when contains "$" sign
PI28237 Error messages during testConnection need to include JNDI name of the datasource
PI28913 DSRA0304E and DSRA0302E messages with cause and exception as null creates confusion.
PI30814 FFDC dumped with J2C exception does not contain the name of the datasource
PI30968 J2CA0112W message could occur due to duplicate JNDI names
PI30983 Print datasource name when printing JDBC driver info
Java Message Service (JMS) IC93960 A browse of WMQ Java PCF messages fails with a MQRCCF_STRUCTURE_TYPE_ERROR when using MQGMO_CONVERT
IC94850 WMQ 7.1 Information Center incorrectly states that interface JmsConnection is serializable.
IC95844 WMQ classes for Java application receives RC 2195 when it attempts to create a PCFMessage
IC97121 WMQ classes for Java: An MQGet fails with completion code '2', reason '2247' MQRC_MATCH_OPTIONS_ERROR
IV46272 MQRC_SSL_PEER_NAME_MISMATCH error when connecting to queue sharing group.
IV46878 WebSphere MQ Classes for JMS: MessageConsumer#receive does not return
IV47335 NumberFormatException thrown when consuming a JMS message with a non-integer value in the Seq field of the RFH2 JMS folder
IV47459 A WebSphere MQ messaging provider activation specification in WSAS issues error JMSCC0034 about being in an inconsistent state
IV47964 MQ V7 RA JBoss throws an exception: No property "WMQ_MESSAGE_BODY" for admin object.
IV48023 com.ibm.mqetclient.jar is omitted from the WMQ 7.0.1.10 resource adapter
IV50249 A JMS app requests a dynamic queue specifying an asterisk in the QMGR name, the connect is successful but the MQOpen fails.
IV50451 MDBs registered against a shared queue stop receiving messages and appear hung after coupling facility failure
PI26313 Jobs run with launch client intermittently fail with WSCL0912E component failed to initialize
PI27662 Update the administrativ console fly-over for the TCP channel access lists
PI29618 A new directive option for NCSA logging to demonstrate XCT logging ID
PI31576 Update IBM WebSphere MQ JCA resource adapter to version 7.1.0.5
PM89892 WMQ JMS resource adapter: Reason 2012 (MQRC_ENVIRONMENT_ERROR) when handling a Poison message in RRS-enabled bindings mode
PM92437 MQCMIT and MQQueueManager.disconnect() for MQ Java under CICS get MQJE001: Completion code '2', reason '2298'
Liberty Fix List Detailed list of APARs for WebSphere Application Server Liberty Profile
Migration PI27459 Migration failing in the WASPostUpgrade stage with ADMA0251E
PI28359 Migration change to wcinbound transport name causes synch error
PI28415 WASpostUpgrade on the deployment manager shows MIGR0440W... SaveFailureException
PI30728 The -portBlock -replacePorts option does not work properly for WASPostUpgrade command
Object Request Broker (ORB) PI24328 Same file names when using redirect_server_output_dir function on JES3 system
PI27448 Thread hang recovery not terminating a thread in DB2 type 2 driver env with WebSphere for z/OS
PI28764 WebSphere control region hung after JVM error
PI31117 SSD blocks in ESQA associated with WebSphere control not freed
Other PI30745 When webcontainer begins disallowing serveServletsByClassname, console no longer redirects from /admin to /ibm/console
PD tools (for example: Log Analyzer) PI25721 OutOfMemory while running collector by ISADC
PI27063 Need to add new operation in TraceService Mbean , so that user can get the output after setting trace specification
PI29534 HPEL indication from job outputs
PI30599 includeExtensions must be able to accept wild card characters for logViewer
Plug-in PI25624 Field name getDLMTable incorrect
PI25779 The WebSphere plug-in may crash when used with Domino version 9.
PI26971 Plug-in generation ignores cell custom property ignoreInternalApplicationsList
PI28074 WebSphere plug-in for the IBM HTTP Server will issue MVS console message if initialization fails.
PI28144 Provide information about client write failures in the WebSphere web server plugin log
PI28922 Provide plugin-cfg.xsd for validation of plugin-cfg.xml
PI30108 Message "ESI: esiMonitorCreate: unable to unset $WSRH header"
PI30202 Ant script doesn t provide a proper failure message when wrong XML location is provided.
PI31899 Server may get stuck in marked down state
PMI/Performance Tools PI21024 ClassCastException found while aggregating perfMBean PMI statistics for the servant process in z/OS
PI21072 Potential Information Disclosure with SNMP Configuration files at DMGR.
PI27222 SNMP agent consumes more than 50 % CPU
PI28801 Memory leak is not being countered properly with Gencon GC Policy
Programming Model Extensions (PME) PI24943 Asyncbeans logs the error ASYN0066E upon WorkTimeout
Runtime PI27028 Server startup fails and does not any log any error message when RunAs user set
Runtime (zSeries®) PI24580 Incorrect counts when using WLM classification file
PI27262 z/OS WebSphere public variable needed to disable FFDC logging of buffer overflow events
PI27374 CreateFailureException when application is re-deployed
Security PI16641 Add a warning message if the realm name in the wimconfig.xml file does not match the global realm name in security.xml.
PI18305 Extra information in FFDC logs
PI20171 EJBConfigData object reference not removed when done, causing memory leak and high memory consumption
PI20238 GSSEncodeDecodeException when connecting from a thin client to WebSphere Application Server for z/OS
PI21667 Security domain custom properties overwritten when changing RMI/IIOP security settings.
PI23764 After removing the server which is mapped to the scope of dynamic SSL, server fails to start with NullPointerException
PI23823 Native storage leak in subpool 249 key 2 of size 1000 on call to BBOSSNAP SAF service IRRSIA00 resulting in abend 878.
PI26151 CWPKI0036E enabling certificate expiration monitor
PI26983 java.lang.ClassNotFoundException using getSSOCookieFromSSOToken method
PI28207 SECJ0395E: Could not locate the security server host and port
PI28315 Applications using java.net.ssl properties may see CWPKI0022E: SSL handshake failure followed by certificate chaining error.
PI28513 Server fails to start during initializing federated repository with java.security.AccessControlException.
PI29000 High CPU utilization may be seen when security configuration change is made for a cell with many application servers
PI30137 Emit warning messsage only when realms differ between security.xml and wimconfig.xml.
Servlet Engine/Web Container PI19621 Fix the server error messages in the logs.
PI23529 ServletConfig returns null on empty mappings list
PI25144 Enhance HTTPOnly to support wild card in cookie name
PI26448 When using HandlesTypes annotation, the handle class may not be passed in correctly on the onStartup method.
PI26908 Error page handling is broken when the web application is CDI enabled.
PI28910 ServletRequest.isAsyncStarted() incorrectly returns false on a thread after AsynContext.dispatch() has been called.
PI31339 Potential information disclosure with servlets
Session Initiation Protocol (SIP) Container PI32326 ArrayOutOfBoundsException is thrown during failover
System Management/Repository PI18902 Some scripts generate a new .tmp file under <profile_root>\configuration\org.eclipse.core.runtime\.manager
PI24847 Nodeagent might not start application server after system reboot because of wrong PID info in monitor.state
PI27378 AdminTask UpdateAppOnCluster is not pausing application server during rollout updates
PI28200 Extracted properties of type double, byte and short are shown as type #String using AdminTask.extractConfigProperties
Systems Management Functions PI24134 Add switch to disable Job Manager Remote Host Jobs capability
Transaction Service PI12449 Server fails to start due to transaction recovery failure
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI09785 Exported WS-Security policy bindings with encrypted passwords may be unusable
PI23342 Deploying application with JSP precompile option issues error "getZipFile File not found".
PI23552 WSDL definition could not be generated for the implementation class
PI24188 Remove abandoned connections from JAX-WS connection pool after a specified time
PI26284 Plugin generation fails with NoSuchMethodError due to a class conflict of the webservices classes.
PI26385 Console shows unknown status for the webservices "service provider" status for all "edition managed" applications
Web Services Security PI24503 A SAML token cannot be sent in a response message.
PI32373 CredentialConfiguration class is missing from was_public.jar
WebSphere Common Configuration Model (WCCM) PI27628 Servlet container initialization can fail when using shared libraries
Workload Management (WLM) PI20776 WSVR0605W hung thread in UnavailableManagerImpl
PI34283 WebSphere cluster status hangs in partial state or fails when ripplestarted from a stopped state
Fix Pack 8.5.5.4
Fix release date: 8 December 2014
Last modified: 2 December 2014
Status: Superseded

Download Fix Pack 8.5.5.4
Component
APAR
Description
100% CPU Usage PI12571 WorkCompletedException occurs when importing transaction via JCA
PI13683 Partner log full error CWRLS0008E: Recovery log is being marked as failed
PI13992 Deadlock between transaction and activity services when remote request times out
PI16613 NullPointerException in FFDC coming from RecoveryManager.preShutdown
PI23532 Control region hang waiting for transaction resolution
Administrative Console (all non-scripting) PI14218 Not able to modify or select activation spec custom property
PI16046 Security role and runAs role checks are inconsistent
PI16095 Port assignment issues
PI16524 Command assistance in the console does not show all commands to the AuthorizationGroup MBean
PI16834 Remotely-managed keystore inaccessible
PI17532 Admin page being cached locally
PI19234 Save option needs to be disabled on failed deployment
PI19347 WMQ activation specification showing wrong infromation in the administrative console.
PI19624 Reduce the number of security calls made when logging on to the administrative console
PI20136 Exception thrown when trying to display an error for invalid provider type for a JDBC provider.
PI20257 Wsadmin script jobs run in an admin agent by a Job Manager might fail with an InstanceNotFound exception
PI20602 Can not remove TAI from security domain
PI20805 Administrative console reports status of a running application as partial start after server restart.
PI20983 Update information returned from SOAP port
PI21680 Unable to enable interoperability mode under single sign on settings from administrative console
PI27152 WebSphere Application Server console clickjacking vulnerability
Default Messaging Component PI15969 Blank page is returned when clicking on MQLink in the administrative console panel.
PI17533 JMS message producer and consumer applications fail to produce and consume messages from service integration bus destination
PI17537 Deadlock detected between service integration bus threads
PI18320 NullPointerException when service integration bus messaging engine is disabled and enabled,resulting in CWSIP0785W
PI18511 When MQ Server is a bus member and correllationID of the message is used, queue is browsed against all messages.
PI19322 Restrict long running locks warning messages logged though the feature is not enabled
PI20317 IllegalMonitorStateException leads to corrupt destination in WebSphere Application Server service integration bus
PI21325 JVM panic followed by IllegalStateException due to timing issue when mutilple threads attempt to persist large messages
EJB Container PI23290 EJB sessionContext.getCallerPrincipal() call not working in asyncbeans
PI23717 Deadlock in com/ibm/ejs/util/cache/Cache.findAndFault and com/ibm/ejs/container/HomeRecord.getHomeAndInitialize
EJBDeploy (WSAD) PI21937 EJBQLs with FROM clause in joins may produce invalid SQL
Enterprise Edition (EE) PI19114 ClassGenException - Branch target offset exception - is thrown during code generation process in the JAXB Marshalling process.
Federated Repositories PI17239 Principal name for the users in local OS and domain returned in the format machineid\userid or domain\userid
PI17504 VMM throws NullPointerException during login if contextPool is disabled
PI18109 getGroups not returning propertyForInput if uniqueName is provided
PI18910 Exception in loading JDBC driver class when skipDBCreation set to true while runningsetupIdMgrPropertyExtensionRepositoryTables
PI19315 Context pool checkbox is disabled by default for custom LDAP repository type but traces show that it is enabled.
PI20696 Iterator is not handled correctly while generating hashed password
PI20941 Server startup has SECJ0363E and SECJ0369E errors
PI21458 Support for login policy to change password after first login in federated repository with LDAP repository configured.
PI23929 Server fails to restart after enabling servlet caching.
General PI04723 Security checks cause insufficient authority errors Intelligent Management is enabled.
PI06713 Incorrect or indeterminate state for WSAS reported by RAD when WSAS is stopped with unsupported system.exit.
PI10197 DOMException showing HIERARCHY_REQUEST_ERR during an applicationupdate.
PI10457 Allow configuring response code when a non-confirmed session is invalidated
PI11849 org.eclipse.emf.ecore.xmi.FeatureNotFoundException: Feature xmlns not found error.
PI12300 WSGRID fails with JobSchedulerMDB.SecureSubmitter: caught exception com.ibm.websphere.longrun.JCLException
PI13445 Change mapWebserverToApplications to mapWebServerToApplications in pct_responsefile.txt
PI13643 Linkage error publishing an ear
PI13944 SIP annotations not found on loose EBA jar files.
PI14132 SIP container does not handle error case where a UA uses the same to-tags in different responses.
PI14411 Updates to the mailer sample appliction
PI14754 Leverage database HA to implement recovery log HA
PI15638 Follow-up to apar PM74190 for web services component
PI15819 LinkageError due to class loader is trying to define a class the second time.
PI15837 Problem mapping resource references to resources
PI17082 GetClasses.dll does not ship Microsoft Windows PDBs
PI17652 Conversation id (cid) is propagated in links (h:link)
PI17680 SipApplicationSession accumulate after BYE transaction if reINVITE transaction not responded to
PI17820 SIP custom property dip.no.route.error.code is ignored if the application is down
PI18016 JSF MyFaces incorrectly prefixing external namespace to IDs
PI18212 WSVR0120E in getClassBytes causes class loader deadlock
PI18379 Unable to install feature when its name contains a slash character
PI18521 stopServer failed if osgi.embedded.cleanupOnOpen option set to true
PI18604 Uncaught application exceptions thrown during a JSF AJAX request instead of error element in the AJAX response
PI18687 Fatal error files continue to be generated
PI18703 Add support for Inspur K-UX operating systems
PI18727 The SIP container throws java.lang.IllegalArgumentException on incoming SIP requests when WSAS is configured to work with IPv6
PI18729 SIP transaction is not being destroyed when application is un-deployed because of a timer
PI18737 createSetupGSKitLibPath script sets incorrect GSKit path for generated setupGSKitLibPath script
PI18933 SIP proxy parsing error results "internal server error" message
PI19074 javax.servlet.ServletException: WebBeans context with scope type annotation @RequestScoped does not exist within current thread
PI19266 SAML web single-sign on (sso) may corrupt HTTP Request Parameter bytes
PI19305 Top level job status not updated even when sub job completed.
PI19558 Incorrect element order when using multiple threads
PI19599 Contention on classloader operations found impacting performance
PI19688 Outbound service from WSAS to CICS via WOLA hangs
PI19698 SAML web single-sign on (sso) may redirect client to the wrong URL
PI20040 Unset deployment descriptor attributes become set during deployment.
PI20221 SIP container removes data from reason header if it contains white space
PI20350 Unable to add Require: precondition to reliable 18x response
PI20360 xJCL property substitution inconsistent between version 611 and version 8
PI20674 NullPointerException in Equinox prevents OSGi applications Blueprint working correctly
PI20712 Update resource filtering to handle getResources
PI20803 Thread pool fails to detect interrupted tasks
PI20817 The application-scoped managed bean are not instantiated/initialized when the web app is
PI20835 NumberFormatException returns to Administrative Console if server running with "-Dfile.encoding=Cp943".
PI20909 SAML web single-sign on (sso) is corrupting NL characters on various actions and logins
PI20922 No messages are issued if multicell environment is not configured correctly
PI21144 Cell profile creation using Z-PMT tool fails when ports are blocked by RACF
PI21332 ABEND301 during WOLA unregister force
PI21414 Analyze not being invoked due to notification issues.
PI21421 Application deployment fails on z/OS with SECJ0305I
PI21521 SipSession leaks in B2B application when there is downstream forking
PI21551 On demand router ignores virtual host mappings when selecting a transport to proxy a request.
PI21552 Provide required support to remove symlink dependencies to authorized modules when starting servers via scripting.
PI21777 Duplicate submission of a scheduled job at the scheduled job submission time.
PI21875 ODR returns 500 because of a NullPointerException in response filter when the request is served from the cache
PI22003 Cannot select EJB methods for IIOP service policies
PI22097 NullPointerException when BJEE name in the JOBSTATUS table is null
PI22240 Memory overload protection (mop) can no longer be enabled/disabled on a per-cluster basis
PI22688 Exception java.net.URISyntaxException: Illegal character in path error during startup if was_home path contains a blank space
PI22912 NullPointerException thrown from session manager code even though the application server is up and running.
PI22949 Rapid recycling of a jvm results in a failed server restart indicating java.io.IOException: The P2P layer was unable to bind to
PI23055 Administrative Console may be vulnerable to cross-site scripting and cross-site request forgery
PI23059 The com.ibm.CSI.SSLPort not honored in client programs
PI23178 When viewing schedules from job management console, no schedules are shown even though they were created successfully
PI23307 JVMOptions flag on WSGrid does not work
PI23430 Remote attacker may be able to spoof OpenID and OpenID connect cookies
PI23501 NoClassDefFoundError when loading the StudioPervasiveServlet
PI23547 When REU=Y some requests to override a link succeed when all should fail
PI23723 modifyHealthPolicy asks for a valid expression for non-custom actions.
PI23819 Potential XSS vulnerability on session identifier handling when using URL rewriting
PI23826 List items from the copied-tree are missing after mutating the original.
PI23836 NullPointerException with XML tracing enable
PI23957 AdminTask.checkMode returns false rather than error for non-existent servers
PI24071 Update to IBM Dojo Toolkit (idt) version 1.10.0
PI24153 Support PostInstaller messages on console
PI24192 Duplicated first element within a list for simple elements
PI24246 HttpSessionBindingEvent.getValue() returns null
PI24289 SNMP trap step inside garbage collection action does not work
PI24358 ABEND 0D6 happens when a WOLA unregister call is made when the application server is down
PI24362 ArrayIndexOutOfBoundsException with fast access array
PI24420 pmiJvmtiProfiler.dll does not ship Microsoft Windows PDBs
PI24421 systemData.dll does not ship Microsoft Windows PDBs
PI24444 WebSphere WOLA API calls failing with abend BBOX in CICS for CICS TS 5.2
PI24706 Memory Overload protection (MOP) value is not persistent after server restart.
PI24787 When using xsd:normalizedString type, "amp;" is added to special characters during serialization.
PI24807 Dialog boxes created by JavaScript in VE administrative console pages disappear on page reload
PI24811 The server needs to be restarted in order to pick up user/group mapping changes.
PI24846 NullPointerException occurs because the environment hashtable is null.
PI25221 A potential performance issue with ODR/Proxy on Microsoft Windows
PI25298 OpenID Connect relying party on full profile cannot authenticate with Liberty profile OpenID Connect relying party provider using access token
PI25310 CEA Service could allow information disclosure
PI25329 Add include options for annotation filtering.
PI25409 InvocationTargetException loading service EndpointComponentImpl caused by NullPointerException
PI25429 Nilled elements within a list are not removed from the actual tree
PI25458 Too many subJobs are dispatched on the restart of a top level job.
PI25467 Elements missing from the copy when original and copy are in same tree
PI25570 500 error when building an expression in the subexpression builder
PI25649 Creating a merged plugin function for Liberty profile servers from a jobManager server fails.
PI25681 Remove export packages of the org.apache.commons.codec from the com.ibm.ws.security.oidc.client.jar
PI25712 Node federation of non-IBM i to IBM i deployment manager fails
PI25730 CWWIM5045E InitializationException thrown by the copyIdMgrFilesForDomain command
PI25828 Node and associated server data may remain in ODC for a federated node that was removed using the removeNode command.
PI25988 isDaemon property of workManager threads in batch context
PI26119 CANCEL on reINVITE causes a leak
PI27275 Issues with portlet fragment caching
PI27492 Extraneous output during duplicate purge operation
PI27828 In certain situations, Compute Grid jobs remain stuck in canceled pending state and cannot be re-submitted
PI28393 Potential high web server memory usage with Intelligent Management for web servers in large cells.
PI28411 Changes to support Liberty Profile collectives
PI28420 java.io.IOException caused by installation of a BPM archive on Java 7
PI28433 Fixes for various memory leaks
PI28492 System garbage collection(gc) is getting called very frequently causing high CPU usage.
PI28703 Displaying CPU utilization or Average Queue Length with many nodes, WVE Report chart showed all the same color and shape
PI28715 Accessing Operations tab for a dynamic clusters results in java.lang.StringIndexOutOfBoundsException in SystemErr.log
PI28722 WTMS013E Status Received for TaskId messages in logs
PM83565 installedApps did not get updated after application deployment due to httpOnly attribute in the deployment.xml under mixed cell
PM99139 Poor performance doing lookup of object in JNDI particularly when using DSMLCtxFactory and DSMLCtx
High Availability (HA) PI18362 BBOA8782E during OLA processing of transactions with char containers.
PI22073 DCSV9421W (general network problem) messages should contain the node and server name member failing to connect.
PI24177 In the administrative console, the hover text for the transport memory size coregroup property is misleading.
IBM HTTP Server Fix List Detailed list of APARs for IBM HTTP Server.
Install PI24109 Microsoft Windows service for IBM HTTP Server is not configured correctly from installation manager
PI24155 Installation Manager times out on some IBM i hardware
PI24470 Cannot create the IMShared location inside the Installation Manager agent data location anymore in IM1.8 for os400.
Java 2 Connectivity (J2C) PI12978 DB2 insert is rolled back for unknown reason
PI13707 Resource adapter version information is not updated in deployment manager.
PI15051 showPoolContents shows other datasource pool content information
PI16455 The WebSphere J2C resource workload routing mbean operation failOverToAlternateResource fails with IllegalStateException
PI16660 ClassCastException during invocation of method findByPrimaryKey on a CMP 2.1 EJB
PI17324 AdminControl.invoke fails for purgePoolContents immediate
PI20126 Password on a connection factory is not decoded when used to establish a connection
PI23616 When EJB embedded jar is used to access DB2 datasource, it throws ClassNotFoundException
Java Message Service (JMS) PI18962 The remaining request body is purged after the request is completed
PI19787 Servant region fails to completely restart after timeout abend
PI20299 Cache control header was updated by channel framework but updated incorrectly with quotes
PI21276 %U NCSA access logging directive does not record the URL path
Java SDK PI12666 Getting the IllegalStateException: component with duplicate id message when using the shipped MyFaces 2.0
PI22281 Application startup failed while initializing MyFaces with commons-logging
JSP PI18025 JSPG0046E: Unable to locate TagFile
Liberty Fix List Detailed list of APARs for WebSphere Application Server Liberty Profile
Object Request Broker (ORB) PI18081 WebSphere control region adjunct (cra) address space fails to start during server startup
PI23528 BBOO0327I MDB request timeout message contains a bad origin string in field 11
PI24231 IX90122 fails to work properly when security is not enabled.
PI25047 Change the unit of measure to milliseconds in messages BBOJ0123I, BBOJ0124I, BBOJ0125I
PD tools (for example: Log Analyzer) PI13142 The FFDC files grows. No control on the size when exception happens.
PI20363 Error message enabling trace specification in runtime even though the trace specification is valid.
PI21768 Deadlock when using java logging framework
Plug-in PI15488 Plugin synchronization not working
PI17737 Suppress transport port values from virtual host groups
PI19303 Plugin configuration tool needs to support a choice for the Apache 2.4 plugin
PI19607 iPlanet web server ca not load the WebSphere plugin
PI20279 PLGC0018E after updating web server plug-in cluster level property
PI22682 Cannot load ODRLIB due to missing jansson symbol json_dumps
PI23012 The plugin-cfg.xml file is not generated on base application server
PI23057 Unknown property error for UseInsecure property
PI23157 When running with PRIMEPSA enabled plugin transportSetServerAddress overlaid heap headers, causing ABEND
PI25302 Plug-in race condition can occur when multiple threads are trying to retrieve the partition table at the same time.
PI25325 Reuse SSL sessions to reduce renegotation cost
PI25780 GSK_ERROR_BAD_CERT (414) with web server plugin and smart routing
PI27023 Intelligent Management enabled WebSphere Plug-in stops routing after an application is removed and added.
PI27204 Connection count may be incorrect when using embedded ESI caching
PI27606 Crash in lib_htrequest when using Intelligent Management
PMI/Performance Tools PI18314 "CWPMI0032W: PMI Service is not available in the Deployment Manager process" unnecessarily thrown
Programming Model Extensions (PME) PI20194 OutOfMemoryError due to leak in com/ibm/ws/asynchbeans/am/_Alarm
PI20701 EJBQLs with FROM clause in joins may produce invalid SQL
Proxy Server PI22640 a NullPointerException occurs when caching is enabled and the proxy server has tracing enabled.
Runtime (zSeries®) PI16062 SR abend U4087 when WOLA message received in LLZZ format and with adapter flag format LLLLZZ
PI17345 Requests with gzip content-encoding may be truncated
PI19751 Update exception jfap.NotValidInCurrentStateException: Server is not configured with a CRA
PI20907 Administrative console ports don't open after maintenance upgrade
PI20914 Native storage leak when SMF120 sub-type9 recording turned on.
PI22382 Exception in thread ChannelFramework Threadpool : 0 java.lang.NullPointerException
Scheduler PI16842 Scheduler misses first time with cron string specification
Security PI08268 Information Disclosure in WebSphere Application Server
PI14178 Certificate monitor did not renew chained certificate ( not IBM-default chained certificate)
PI17564 Can not enable SP800-131A and FIPS concurrently.
PI20492 The PropFilePasswordEncoder.sh did not work properly when running from command line.
PI20818 The TLS_EMPTY_RENEGOTIATION_INFO_SCSV cipher is not available for custom cipher configuration.
PI21620 NullPointerException occurred during the first server startup after LTPA keys were regenerated.
PI22490 The application login page is repeatedly displayed after supplying userid and password.
PI23164 The ikeyman.bat fails to launch when there is a space in the installation path.
PI23190 In WebSphere Process Server environment, LTPA token expiration error is thrown intermittently.
PI26426 NullPointerException may happen during WebSphere Application Server startup.
Servlet Engine/Web Container PI20210 Request's parameters can be modified by the application (via string object modification).
PI20456 POST data is read in by the server even if there has been an exception.
PI20514 If servlet init() method throws an exception then the remaining servlets in the web module are not initialized during startup.
PI22830 404 not found error generated for a request without trailing slash
System Management/Repository PI18432 Application update results in lost bindings
PI18498 Custom web module virtual host mappings lost on app update when generate default bindings is used
PI19736 Deploying web application and leaving blank values for web modules does not remove values from web.xml
PI21163 Unable to delete a JVM custom property using property file based configuration
PI21260 Deployment manager log shows automatic synchronization in some nodes was disabled without being re-enabled
PI21377 Cluster status remains partial start even if all cluster members are started
PI21951 Job Manager or PFBC Update of an application fails with CWWSY0300E: Problem while processing updateApplication
PI22455 A newly defined server port is not created using AdminTask.applyConfigProperties() command
Web 2.0 and Mobile Toolkit PI12209 Request for Dojo 1.9.2
PI13007 IBM Dojo Toolkit (IDT) Version 1.8.6
PI13390 IBM Dojo Toolkit 1.9.3
PI24071 Update to IBM Dojo Toolkit (IDT) Version 1.10.0
PI26037 IBM Dojo Toolkit (IDT) Version 1.8.7
PI26038 IBM Dojo Toolkit (IDT) V1.9.4
Web Services (for example: SOAP or UDDI or WSGW or WSIF) PI16734 Policy settings are not migrated correctly
PI18036 MapsId class packaged with the Feature Pack for JPA is not located automatically by wsgen
PI18780 Port types reported as invalid during web services application deployment
PI20751 Web service provider incorrectly handles schema file with "/" context root
PI20931 Synctimeout in web services client binding file not overrirding server timeout setting.
Web Services Security PI18059 a self-issued saml token that includes an x.500 ldap attribute cannot be created
Workload Management (WLM) PI17578 Cluster status is partial in the console.
PI21685 OutOfMemoryError java.util.concurrent.LinkedBlockingQueue owned by BBDescriptionManager$UpdateThread
Fix Pack 8.5.5.3
Fix release date: 18 August 2014
Last modified: 12 August 2014
Status: Superseded

Download Fix Pack 8.5.5.3
Component
APAR
Description
100% CPU Usage PI06988 org.omg.CORBA.INTERNAL in Activity Service
PI07168 Compensation Scope log grows steadily until LogFullException following XAER_RMERR from CScope XAResource
PI08306 WebSphere abends s0c4-0004 after segmentation error with dump event "gpf" during the server's startup.
PI08781 Administrative console incorrectly reports WS-ReliableMessaging sequence state as Error for successfully terminated sequence
PI10107 Slow performance when manipulating EBAs and CUs
PI11211 New nodes are not populated with existing bundles.
PI11788 Blueprint bundles using JPA fail to start.
PI14544 Blueprint application startup deadlocks when using a bean for a reference-listeners and the bean uses the reference
PI16871 TRANSACTION_ROLLEDBACK EXCEPTION in client when request routed to quiescing server and does not get re-routed to another server
PM99381 WSAT transaction failed when using JDBC and JPA together
Administrative Console (all non-scripting) PI08082 Monitor users have access to TestConnection
PI09388 DSRA3602E error when argument Duser.language set in administrative console when creating JDBC datasource
PI09657 False ADMU7713E messages might be logged.
PI09758 Application deployment fails with "WebSphere FileBrowser MBEAN not found. Node agent may not be running."
PI10741 #ERROR# is prefixed to IBM HTTP Server's ServerName directive when updated in administrative console under global directives
PI11434 Information Disclosure in WebSphere Application Server
PI12744 Connection timeout property of SOAP client ineffective in some cases
PI13887 Several console panels do not display correctly with Microsoft Internet Explorer 11
PI14045 Un-registering dmgr from job manager causes trust.p12 to become an empty file
PI14501 List of servers to map application modules to is an unsorted list and hard to navigate.
PI16761 Incomplete node sync might occur that requires a restart of the nodeagent to resolve.
PI17450 JVM dump environment variables not accounted for in console
PI19365 Change the message that is displayed when an on demand router is created from the administrative console
PI20353 Fails to register secure proxy server to an adminagent or starting admin subsystem fails
PI20605 Exception in log when session times out and workspace contains changes.
Default Messaging Component PI04730 Messaging engine failover is initiated a few seconds before the configured DB lock wait time out.
PI07713 Support for SQL Server 2012 not added for sibDDLGenerator
PI07806 JMFSchemaViolationException: schemaId=null when messages are sent over service integration bus link
PI09219 Some messages in service integration bus destinations are not dispalyed in the administrative console.
PI10877 Messages are not consumed after restart of messaging engine.
PI13118 On either side of the MQLink, if the target destination is not found, messages are not put in the exception destination
PM93480 Enablement of DB2 10.1 support
PM97695 RippleStart of WebSphere Application Server causes currently running transactions to fail
PM99351 JMS thin clients hang after IllegalArgumentException is thrown
Dynamic Cache PI10209 ConcurrentModificationException by dynacache while multiple threads are creating the cache instances at the same time.
PI13004 Serviceability apar to enhance dynacache tracing.
EJB Container PI09894 WLM classification of IIOP work requests not working
PI10351 LocalTransaction.RolledbackException occurs when EJB method is called in transaction started by TransactionManager interface
PI11816 ClassCastException, EJB stub cannot be cast.
PI13514 Unnecessary FFDC when interceptors are used for asynchronous EJB methods
EJBDeploy (WSAD) PI15998 EJBDeploy hanging in JDT
Embedded/Express PM97575 Provide resource filtering in protection class loading
Enterprise Edition (EE) PI10924 The JAXB Unmarshaller may throw a RuntimeException in the code generation process when handling a XMLJavaTypeAdapter.
PI12873 JAXB unmarshaller may return an unexpected null value with respect to an attribute being declared in it's superclass.
Federated Repositories PI13001 Federated repository does not allow logins for users with referred group memberships when referrals=ignore
PI13172 getUniqueUserId not returning user when userSecurityName contains single quote
PI15231 Add group search filter for LDAP user in login process
PI16765 Potential bypass security vulnerability in Virtual Member Manager (VMM)
General PI04819 batchsimulator.jar not available in WebSphere Application Server 8.5
PI04945 Trace for multiple containers is generated even when tracing is disabled
PI05405 The JSR 303 implementation of BeanValidation cannot be configured as expected.
PI05455 EMF IllegalValueException does not display feature information.
PI06079 Unable to proceed with job submission in AIX if the folder count reaches 32k
PI06738 Deadlock detected on compute grid
PI06904 Issue with JSF and WSRP
PI07204 VerifyError JVMVRFY012 using OSGi applications
PI07849 JVM launched in running the WSGrid utility may hang at the end, run its ShutdownHook(s).
PI08385 Display cluster members in application target status
PI08923 Application installation fails with NullPointerException when an ear file contains nested jar files
PI09231 null entries in the scheduler s jobstatus table.
PI09368 The protocol_bboc_log_response_failure code treats "0" response as error. Should only treat negative return code as error.
PI09402 Error in chkSectionFromFile during job execution setup on the endpoint causes jobs to be stuck in submitted state.
PI09576 Unable to create a default server name with "server1" during profile creation.
PI09596 NoClassdefFoundError for a particular JSP servlet. Causes permanent failure of loads
PI09754 SIP container DNS APIs do not allow the application to configure the timeout value.
PI09768 HTTP session object being locked by the SIP application
PI09799 Server JVM locks nodeagent's native_stderr.log
PI09878