IBM Support

Fix List for Sterling B2B Integrator V6.1.0.0

Fix Readme


Abstract

This page contains comprehensive fix information for all Fix Packs released for Sterling B2B Integrator and Sterling File Gateway V6.1.0.0 and later versions.

Content

  IBM periodically releases fix packs for download to resolve issues in Sterling B2B Integrator. All Sterling B2B Integrator customers should download the most recently available fix pack and apply it to their environments.
Follow these steps to update your system:

  1. Download the fix pack from Fix Central.
  2. Install the fix pack on each node in your environment. Remember that a node outage is required. You should apply the fix pack to your test environment first and run regression tests against it before applying it to production.

Mod Pack (v6.1.0.0)
Link Date Released Status
 Download
Note: This Fix Pack also contains APAR security and regular fixes from 5263_15,  5.2.6.4_45.2.6.5_2, 6.0.2.2, and 6.0.3.2 releases.

Security Fixes

APAR Description
IT33331 REST API CREDENTIALS ARE SHOWN IN THE LIBERTY LOGS
IT33520 PERMISSION CONTROL SECURITY VULNERABILITY EXISTS IN DASHBOARD UI
IT33724     GLOG COOKIE DOES NOT HAVE SECURE OR HTTPONLY FLAG ON
IT33753 FTP SERVER LOGS STORE USER PASSWORDS WHEN PASS COMMAND USED VIA TELNET
IT33882  A USER CAN VIEW THE DIRECTORY STRUCTURE OF STERLING B2B INTEGRATOR HOST WITHOUT PERMISSION
IT33991  XSS SECURITY VULNERABILITY IN IMPORT MANAGER OF DASHBOARD UI
IT33523 PERMISSION CONTROL SECURITY VULNERABILITY EXISTS IN ACCOUNT MANAGEMENT DASHBOARD UI             
IT32838 SPE REMOTE MAP TEST SSL ERROR VERSION OF JAVA RUNTIME DOES NOT SUPPORT THE TLS VERSION ON THE SERVER

Regular Fixes

APAR Description
IT32280 ERROR IN USEREXIT LOG FOR ANY USER AUTHENTICATED WITH THE REST API
IT32339 CREATESCHEDULE XAPI UNABLE TO PASS NAME OR VALUE PAIRS TO SCHEDULE IN DATAXML
IT32786 SPLASH PAGE LOADED FOR FILE GATEWAY AFTER UPGRADING TO 6.0.3
IT33034 MAILBOXAS2SENDSYNCMDN IS NOT NOTIFYING A FAILURE ON THE AS2 TRANSMISSION AND THE MESSAGE SENT REMAINS LOCKED
IT33301 SOFTSTOP.SH DOES NOT WORK IN 6.0.3
IT32812 AFTER UPGRADE TO 6.0.1, AND DEPLOYMENT OF WAR FILES THE HTTP SERVER ADAPTER SESSION INFORMATION IS NOT DISPLAYED
IT32704 THE REST API CLIENT SERVICE GET FAILS WHEN URL INCLUDES COMMA
IT33624    AIX B2B INTEGRATOR CLUSTER NOAPP PROCESSES STILL RUN AFTER RUNNING SOFTSTOP.SH ALL AND HARDSTOP
IT33465 JAVA.LANG.NULLPOINTEREXCEPTION IN UI.LOG WHEN CHANGING SYSTEM CERTIFICATE NAME
IT29000 IF X12 EDI DATA IS 00402 OR GREATER, ENVELOPE SERVICE DOES NOT USE THE ISA 11 CHARACTER TO SEPERATE ELEMENTS MARKED REPETITIVE
IT32350 UNABLE TO IMPORT THE EXPORT OF USER ACCOUNTS WITH PASSWORD POLICY INTO ANOTHER INSTANCE
IT33182 MAILBOX DOES NOT THROW AN ERROR WHEN USING THE COMMAND SFTP     
CLIENT TO LIST FILES IN GLOBAL MAILBOX                          
IT34153 ERROR WHEN UPGRADING IBM STERLING B2B INTEGRATOR FROM V5.2 to
V6.0.x AS PART OF BTI INTEGRATION SERVICE                    
IT33958 XML JSON TRANSFORMER SERVICE STAYS ACTIVE INDEFINITELY WHEN     
TRANSFORMING AN XML FILE TO JSON                                

Fix Pack (V6.1.0.1)
Link Date Released Status
 No Longer Available
Note: This Fix Pack also contains APAR security and regular fixes from 6.0.3.3 and 6.0.2.3 releases.

Security Fixes

APAR Description
IT35207 CDSA SECURE+ SESSIONS CONFIGURED WITH ECDSA-BASED CIPHERS FAIL AFTER UPGRADING FROM 6.0.3.0 TO 6.0.3.3  
IT35348 SECURITY VULNERABILITY: PERMISSION CONTROL SECURITY VULNERABILITIES AFFECT THE DASHBOARD UI

Regular Fixes

APAR Description
IT34636 SFTP USER EXIT FAILS WHEN GLOBAL MAILBOX IS TURNED ON FOR THE SFG ACCOUNT AND A NULL POINTER EXCEPTION IS SEEN IN SFTPSERVER.LOG    
IT32906 CROSS-SITE SCRIPTING VULNERABILITY - /FILEGATEWAY/SMARTCLIENTRPC.DO    
IT34961 UNABLE TO LOG IN TO STERLING FILEGATEWAY WITH SPANISH LOCALIZATION: REFERENCE ERROR: FG_I18N IS NOT DEFINED    
IT33335 FILE ROUTING AND SFTP UPLOADS VIA GLOBAL MAILBOX TAKES MORE TIME THAN TRADITIONAL MAILBOX    
IT34577 AWSS3 CLIENT GET ACTION, NEITHER KEEPS THE DOCUMENT IN PROCESS-DATA NOR IN DOWNLOADED-FILE-NAME    
IT34917 POST INSTALLATION OF DOCKER AND THE STANDARDS JAR AS MENTIONED IN DOCUMENTATION STRLING FILE GATEWAY GETS ENABLED   
IT34599 GB18030 CHARACTERS ARE INCORRECTLY DISPLAYED   
IT35032 GENCON GARBAGE COLLECTION POLICY IS OUTDATED AND DOESN'T WORK WELL WITH NEWER ENVIRONMENTS
IT35031 CHANGING DEFAULT VISIBILITY OF QUEUES TO 6 
IT34569 GB18030 CHARACTERS DON'T DISPLAY CORRECTLY   
IT34935 IMPLEMENTATION OF CONNECTION POOLING FOR WSMQ SUITE  
IT34898 STERLING B2B INTEGRATOR 6.1 IIM INSTALL PACKAGE UI DISPLAYS UNREADABLE JAPANESE CHARACTER    

Fix Pack (V6.1.0.2)
Link Date Released Status
 No Longer Available
Note: This Fix Pack also contains APAR security and regular fixes from 6.0.3.4 release.

Security Fixes

APAR Description
IT35181 THE FILEGATEWAY AND MYFILEGATEWAY USER INTERFACES LACK SUFFICIENT PERMISSION CONTROL 
IT35605 ACCESS CONTROL VULNERABILITY AFFECTS IBM STERLNG FILE GATEWAY (CVE-2021-20372)
IT35654 ACCESS SECURITY CONTROL VULNERABILITY AFFECTS IBM STERLING FILE GATEWAY (CVE-2021-20375)
IT35660 SECURITY VULNERABILITY: USER ENUMERATION VULNERABILITY IN MYFILEGATEWAY USER INTERFACE                                     
IT35837 SECURITY VULNERABILITY: SESSION FIXATION SECURITY VULNERABILITY IN FILEGATEWAY
IT35845 CROSS SITE SCRIPTING VULNERABILITY 6.1 (PERSISTENT XSS)       
IT37912 IBM WEBSPHERE MQ (PUBLICLY DISCLOSED VULNERABILITY)

Regular Fixes

APAR Description
IT31929 IBM STERLING B2B INTEGRATOR HAS SLOW FILE TRANSFER DOWNLOAD     
VIA THE SFTP CLIENT GET SERVICE
IT35721 IBM STERLING B2B INTEGRATOR USES THE AFFECTED FUNCTIONALITY WITHIN XSTREAM LIBRARIES FOR CVE-2020-26217    
IT35738 EMAIL ADDRESS IS INCLUDED IN HTTP RESPONSE AFTER USER LOGIN 
IT35845 CROSS SITE SCRIPTING VULNERABILITY 6.1 (PERSISTENT XSS)       
IT35920 TEMP COOKIE FROM DASHBOARD UI DOES NOT HAVE HTTPONLY OR SECURE SET                      

Fix Pack (V6.1.0.3)
Link Date Released Status
 Download
Note: This Fix Pack also contains APAR security and regular fixes from 5.2.6.5_4 release.

Security Fixes

APAR Description
IT35458 SECURITY VULNERABILITY: [ALL] ECLIPSE JETTY (PUBLICLY DISCLOSED VULNERABILITY)
IT36390 SECURITY VULNERABILITY: MYFILEGATEWAY USER CAN UPLOAD THE FILE EVEN THOUGH THE UPLOAD TAB IS DISABLED
IT36447 SECURITY VULNERABILITY: 3RD PARTY STORED CROSS SITE SCRIPTING IN IBM STERLING B2B INTEGRATOR
IT36570 SECURITY VULNERABILITY: INFORMATION DISCLOSURE SECURITY VULNERABILITY IN THE DASHBOARD USER INTERFACE
IT36609 SECURITY VULNERABILITY: PERSISTENT XSS SECURITY VULNERABILITY EXISTS IN THE WEB SERVICE MANAGEMENT USER INTERFACE
IT36300 SECURITY VULNERABILITY - MYFILEGATEWAY FILE-NAME COULD BE INTERCEPTED TO INJECT DISALLOWED CHARACTERS IN FILENAME
IT36280 SECURITY VULNERABILITY: MYFILEGATEWAY UI DISPLAYS SENSITIVE INFORMATION AFTER LOGOUT
IT38515 APACHE KAFKA VULNERABILITIES AFFECT THE B2B API OF IBM STERLING B2B INTEGRATOR (CVE-2017-12610, CVE-2018-1288)
IT37914 UPGRADE NETTY JAR (CVSS 9.1)
IT37682 UPDATE APACHE TOMCAT JARS (CVSS 9.8)
IT37681 UPGRADE XML BEAN (CVSS 9.1)
IT38512 UPDATE JACKSON-DATABIND JAR (CVSS 9.8)
IT37913 UPDATE BOUNCY CASTLE JAR IN GATEWAY.WAR (CVSS 9.8)
IT36552 UPDATE JASPERREPORTS (CVSS 8.8)
IT36688 SECURITY VULNERABILITY: CSRF TOKEN APPEARS IN THE URLS FOR FILEGATEWAY USER INTERFACE (AFT)

Regular Fixes

APAR Description
IT34735 AWS S3 CLIENT SERVICE GET OPERATION UNABLE TO GET THE DOCUMENTS AND LIST THEM AS PRIMARY DOCUMENTS
IT35379 AWS S3 CLIENT SERVICE DOES NOT DELETE THE TEMPORARY FILES CREATED WHEN DOCUMENTS OR FILES ARE SENT FROM MAILBOX TO AWS S3 STORAGE
IT36079 RCT CREATION USING SPECIAL CHARACTERS DOES NOT WORK IN THE SWAGGER UI
IT36097 INCORRECT PATH SPECIFIED IN DECRYPT_STRING.CMD SCRIPT
IT36217 UNABLE TO UPDATE THE USER ACCOUNT API WITH CUSTOM PASSWORD POLICY
IT36272 V6.1 NODE2 CHECKBOX IS HIDDEN IN THE IIM INSTALLATION PANEL
IT36286 THE CHECKBOX FOR DATABASE SCHEMA INFORMATION IS HIDDEN IN THE IIM INSTALLATION PANEL
IT36335 FILE SYSTEM ADAPTER FAILS TO COLLECT FILENAMES WITH LATIN CHARACTERS SPECIFIC TO AIX
IT36649 UNABLE TO SET THE "REVIEWED" TICK ON FILEGATEWAY IN V6.1.0.2 ON AN ARRIVED FILE
IT36687 WITH NATIVE PGP, PGP PACKAGE SERVICE RESULTS IN BLANK ENCRYPTED DOCUMENT WHEN A SMALL FILE IS ENCRYPTED AND DOCUMENT STORAGE IS FILE SYSTEM
IT36696 NATIVE PGP DOES NOT WORK WHEN DOCUMENT ENCRYPTION IS  ENABLED
IT36710 DUMPINFO OUTPUT FILE SHOWS REPETITION OF LICENSE, DBINFO, AND JVMINFO IN A WINDOWS SETUP
IT37063 CONSUMER PROTOCOL IN ROUTING CHANNEL TEMPLATE IS UPDATED FROM "MAILBOX ONLY" TO "PROTOCOL OR MAILBOX" WHEN THE ROUTING CHANNEL TEMPLATE IS IMPORTED FROM V5.6.6.3 TO V6.1

Fix Pack (V6.1.0.4)
Link Date Released Status
 Download
Note: This Fix Pack also contains APAR security and regular fixes from 6.0.3.5 release.

Security Fixes

APAR Description
IT37848 UPGRADE LOG4J (CVSS 7.8)
IT37693 UPDATE APACHE COMMONS BEANUTILS (CVSS 7.5)
IT37615 UPDATE APACHE XCERCES2 J (CVSS 7.5)
IT38514 UPDATE APACHE TAGLIBS (CVSS 7.5)
IT37678 UPGRADE DATA MAPPER FOR JACKSON (CVSS 7.5)
IT38149 UPDATE JBOSS DROOLS (CVSS 7.5)
IT36447 SECURITY VULNERABILITY: 3RD PARTY STORED CROSS SITE SCRIPTING IN IBM STERLING B2B INTEGRATOR
IT37677 UPGRADE JACKSON DATAFORMATS JAR (CVSS 7.5)
IT38515 APACHE KAFKA VULNERABILITIES AFFECT THE B2B API OF IBM STERLING B2B INTEGRATOR (CVE-2017-12610, CVE-2018-1288)
IT38674 IBM STERLING B2B INTEGRATOR IS VULNERABLE TO CROSS-SITE REQUEST FORGERY (CVE-2020-4668)

Regular Fixes

APAR Description
IT38047 EBICS PARTNERS WITH ENTRIES IN STERLING FILE GATEWAY - PARTNERS ARE LEFT WHEN ENTRIES IN PROFILE MANAGER - PARTNER CONFIGURATION ARE DELETED
IT37875 STERLING B2BI-RESTAPI-GETPAYLOADDATA FAILS IN V6.1.0.2
IT37845 USER HAVING PROBLEM LOGGING INTO MYFG2.0 AFTER CLOSING BROWSER
IT37843 FILTERS MYFG2.0
IT37343 ERROR WHEN USING JMS 1,1 ACQUIRE CONNECTION AND SESSION SERVICE WITH SSL AND DESTINATION TYPE AS TOPIC
IT37631 USING JDBCSERVICE.LWJDBC.WRITEDOCFORNONSELECT FUNCTION CREATES ERROR IN SYSTEM.LOG
IT37688 USER RESTRICTION IN SFTP SERVER ADAPTER IS ONLY WORKING WITH PASSWORD AUTHENTICATION BUT NOT WITH PUBLIC KEY AUTHENTICATION
IT37718 MISSING TRANSLATION IN THE POP-UP MESSAGE PT-BR MYFG2.0
IT36708 ROUTING CHANNELS WITH A GLOBAL MAILBOX PRODUCER CANNOT BE IMPORTED VIA THE IMPORT SERVICE IN A BP
IT37692 EBICS SERVER GENERATES DUPLICATE ORDER IDS
IT38235 CUSTOMIZATION LINK IS NOT ACCESSIBLE
IT38442 EBICS BANK - GERMAN ORDER TYPES - TEST PARAMETER HANDLING
IT36996 FILEGATEWAY RE-DLIVER USING REST API TRIGGERS TWO FILES INSTEAD OF ONE FILE CREATING DUPLICATES ON CONSUMER SIDE
IT38579 MANY ENTRIES LIKE THE INSIDE SSHKEYDBINFOBASE SETTING RAW KEY AFTER UPGRADE
IT37296 SBI NATIVE PGP ERROR WHEN DECRYPTING FILE FROM SYMANTEC COMMAND LINE PGP
IT37771 ERROR "JAVAX.NAMING.COMMUNICATIONEXCEPTION [ROOT EXCEPTION IS JAVA.RMI.NOSUCHOBJECTEXCEPTION: NO SUCH OBJECT IN TABLE]" IN OPS.LOG AFTER UPGRADING TO 6.1.0.2
IT36929 CASE SENSITIVE ISSUE OF FILENAME FILTER IN SFTP CLIENT SERVICES 2.0 IN BP FOR ".PDF" / ".PDF" IN 6.1 VERSION
IT37921 EBICS CLIENT SERVICES DOES NOT REPORT PROPERLY FAILURE STATUS
IT36405 INCORRECT MQ POOLING BEHAVIOR FOR TLS CHANNELS, CONNECTIONS ARE NOT BEING RE-USED
IT36406 WEBSPHERE MQ SUITE ASYNC RECEIVE ADAPTER RECONNECT FAILURE
IT37288 CANNOT CREATE A CERTIFICATE CONTAINING SPACES USING REST API ALTHOUGH FROM THE DASHBOARD THEY ARE ALLOWED
IT38067 AFTER UPGRADE TO 61,WSMQ ASYNCH RECEIVE ADAPTER DOESNT PULL MESSAGES WHEN QM IS LEFT BLANK
IT32183 REVERT FIX FOR IT32183 - AS2INBOUND WORKFLOW PROCESSES OUTBOUND MDN INSTEAD OF ACTUAL PAYLOAD WHENEVER EDIINTPIPELINEPARSE FAILS
IT38091 USERACCOUNTS LIST API ALONG WITH QUERY PARAMETERS IS THROWING AN ERROR
IT37208 EDIT OF PARTNERS IN SFG NOT POSSIBLE ANYMORE WITH ITALIAN LANGUAGE SET IN BROWSER
IT38454 CACHE REFRESH SERVICE NOT REFRESHING PROPERTIES DELETED VIA THE CUSTOMIZATION UI
IT37558 ISSUE WITH THE DEFAULT PASSWORD POLICY ON FIRST LOGIN IN B2BI V6.1.0.1 DASHBOARD
IT38036 NULLPOINTEREXCEPTION RAISED WHEN TRYING TO VIEW DATA FLOW DETAILS
IT38132 COMMUNICATION SESSIONS ARE NOT CLOSED WHEN SFTP SERVER IS USED WITH GLOBAL MAILBOX
IT36968 HPB ORDER TYPE EBICS CLIENT DOES RECEIVE AN INVALID XML CHARACTER (UNICODE: 0X5) WHEN SECURITY.ENC_DECR_DOCS=ENC_ALL IS SET ON EBICS SERVER SIDE
IT38628 CLEAN UP THE OLD JGROUPS-3.4.0.ALPHA2.JAR
IT38251 HTTP GET SERVICE SETTING INVALID CONTENT TYPE, CAUSES ERRORS WITH GLOBAL MAILBOX
IT38630 IF YOU CLICK FINISH MULTIPLE TIMES IN CREATE SSH HOST KEY, MULTIPLE DUPLICATE KEYS CREATED
iFix Pack (V6.1.0.4_1)
Link Date Released Status
 Download Available

Security Fixes

APAR Description
IT39380 UPGRADE LOG4J TO 2.17.0

iFix Pack (V6.1.0.4_2)
Link Date Released Status
 Download Current

Regular Fixes

APAR Description
IT39649 UNABLE TO CREATE A ROUTE ON A SUB-MAILBOX IN GLOBAL MAILBOX IF A ROUTE ALREADY EXISTS ON ANOTHER SUB-MAILBOX UNDER THE SAME PARENT MAILBOX
IT39935 FILES ARE NOT BEING REMOVED FROM FILE SHARE EVEN THOUGH THEY ARE DELETING ALL MAILBOX MESSAGES AFTER 14 DAYS WITH A BUSINESS PROCESS
IT39936 NULLPOINTEREXCEPTION OCCURRED IN DELETING MESSAGE WITH MAILBOX DELETE SERVICE FOR GLOBAL MAILBOX

Fix Pack (V6.1.0.5)
Link Date Released Status
 Download Available

Note: This Fix Pack also contains APAR security and regular fixes from 6.0.3.6 release.

Security Fixes

APAR Description
IT39737 UPGRADE LOG4J TO 2.17.1
IT38878 SECURITY VULNERABILITIES IN APACHE SANTURARIO AFFECT IBM STERLING B2B INTEGRATOR (CVE-2013-4517, CVE-2013-2172 CVSS 5.0)
IT40546 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT40945 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT40552 IBM STERLING B2B INTEGRATOR VULNERABLE TO DENIAL OF SERVICE DUE TO XSTREAM (CVE-2021-43859)
IT38705 INFORMATION DISCLOSURE SECURITY VULNERABILITY EXISTS IN THE REST B2B API IN IBM STERLING B2B INTEGRATOR
IT40669 IBM STERLING FILE GATEWAY IS VULNERABLE TO MULTIPLE ISSUES DUE TO BOUNCY CASTLE
IT39545 SECURITY VULNERABILITY IN APACHE COMMON IO AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2021-29425 CVSS 7.5)

Regular Fixes

APAR Description
IT39649 UNABLE TO CREATE A ROUTE ON A SUB-MAILBOX IN GLOBAL MAILBOX IF A ROUTE ALREADY EXISTS ON ANOTHER SUB-MAILBOX UNDER THE SAME PARENT MAILBOX
IT38915 TEMPLATE SEARCH FROM SFG ROUTES > CHANNELS PAGE IS BROKEN
IT39689 CAN EXTERNAL PURGE PROPERTIES BY MODIFIED IN THE CUSTOMIZATION UI?
IT38789 WHEN OVERRIDING A PROPERTY VALUE IN CUSTOMER_OVERRIDES IN DB / CUSTOMIZATION UI. SHOULD THE NEW VALUE BE REFLECTED ON QUEUEWATCHER / VIEW PROPERTIES?
IT39642 DBVERIFY.SH FOR REGRESSION-FORCE DBVERIFY.SH RUN DIRECTLY FROM COMMAND LINE PLACE RESULTING FILES IN <INSTALL_DIR>/BIN. REGARDLESS OF USE_CONNECTION_SERVICE_FOR_DBVERIFY PARAMETER VALUE
IT39308 FG FILE SHOWN AS FAILED, BUT FILE SUCCESSFULLY DELIVERED TO PARTNER
IT38956 BROKEN DOCUMENT FILE ICON ON EDI CORRELATION SCREEN AFTER UPGRADE TO 6102, FROM 5263
IT39987 SI 6104_1 OFFSET ISSUE ON SI UI DASHBOARD WHILE USING CHROME BROWSER
IT38721 CANNOT ACCESS CERTIFICATE CAPTURE UTILITY WITHOUT SYSTEM CERTIFICATES PERMISSION
IT38454 QUEUE WATCHER NOT INCLUDING THE CUSTOMIZATION UI PROPERTIES
IT40230 GET FUNCTIONALITY NOT WORKING FOR AWS S3 CLIENT ADAPTER IN WINDOWS
IT39664 CANNOT USE FOLDERNAME ALONG WITH FILEPATTERN FOR AWS S3 GET ADAPTER
IT38947 STERLING CONNECT DIRECT NETMAP SERVICES UPDATE AND DELETE FUNCTION SELECT THE WRONG NETMAP WHEN THE NETMAP NAMES ARE CASE SENSITIVE
IT39574 THE CHINESE DASHBOARD IS GARBLED IN 6.1.0.4
IT39816 REST API ALWAYS DELETES ALL VERSIONS OF A BP EVEN WHEN YOU SELECT A SPECIFIC VERSION TO BE DELETED
IT38702 TRADING PARTNER API FAILING TO UPDATE PARTNER PASSWORD
IT38771 BLANK PAGE WHEN TRYING TO CREATE SFG TRADING PARTNER
IT38904 BLANK PAGE WHEN EDITING A SFG TRADING PARTNER
IT39453 REST API MAX. FIELD LENGTH MISMATCH
IT40368 IN SBI 6010001, THE SFTP CLIENT CONNECTION USING SFTP2.0 IS SUCESSFUL EVEN IF THE KNOWN HOST KEY IS INCORRECT IN THE SSH REMOTE PROFILE
IT40498 MYFG 2.0: UPLOADED FILENAME IS DISPLAYED WRONG IF THE FILE NAME CONTAINS GB18030 CHARACTERS
IT39445 INTERRUPTED FILE TRANSFER BEHAVES DIFFERENTLY FOR GLOBAL MAILBOX
IT39236 STERLING B2B INTEGRATOR WEBSPHEREMQ ASYNC RECEIVE ADAPTER HANGING AFTER FAILOVER
IT39650 "WAITING FOR FILE TO PROCESS" POPUP KEEP SPINNING IN MYFILEGATEWAY FOR GLOBAL MAILBOX
IT38747 SFTP SERVER ADAPTER (MAVERICK) REPORTING CIPHER NOT FOUND IN SERVER CIPHER LIST
IT38698 UPDATE OF JAR FILE IN CUSTOM SERVICE DOES NOT WORK
IT38977 UNABLE TO CHANGE FONT COLOR OF SELECTED LINK AND HOVER LINK IN B2B DASHBOARD
IT39974 MULTIPLE SECURITY ISSUES FOR SAME MYFILEGATEWAY URL
IT39732 SPE SERVICE IS NOT RETURNING DATA TO THE MESSAGE FROM SERVICE INSTEAD RETURNING TO THE PROCESS DATA WHEN LOAD IS HIGH
IT40056 EBICS SERVER UI VERY SLOW WHEN MANY ORDER TYPES AND FILE FORMATS ARE CONFIGURED
IT40136 SWIFTNET7: UPGRADE PATH FOR MEFG - LOST ABILITY TO PERFORM IN PLACE UPGRADE
IT40944 PAGE NOT FOUND ERROR ON RETURNING FROM PARTNER LIST VIEW UI
IT39827 MYFG2.0 ERRORS POST LOGIN
IT39505 FILEGATEWAY PARTNER LIST UI IS BROKEN IN 6.1.0.3
IT39992 JVM MONITOR THREAD DUMP UTILITY WILL ONLY USE CLA2AUTH
IT39106 CONTROLLERWORKFLOW SHOWN MESSAGE WORKFLOW STATE (<STATUS>) UNEXPECTED, IGNORING THIS REQUEST."
IT40661 FAILS TO DOWNLOAD MESSAGES FROM DISTRIBUTED MAILBOX THROUGH B2B'S SFTP SERVER ADAPTER 2.0 CONNECTION
IT40684 AWSS3EXCEPTION: ACCESS DENIED (SERVICE: AMAZON S3; STATUS CODE: 403;
IT37341 NOTIFICATION ISSUE AFTER ENABLING REDELIVER AND REPLAY IN UI FOR TPS
IT40766 [SFTP 2.0] INTERRUPTED FILE TRANSFER BEHAVES DIFFERENTLY FOR GLOBAL MAILBOX
IT40810 PGP KEYS OF TYPE NATIVE ARE LISTED UNDER PGP PUBLIC KEYS WHEN ACCESSED USING APIS
iFix Pack (V6.1.0.5_1)
Link Date Released Status
 Download Available

Regular Fixes

APAR Description
IT41631 ENHANCE B2B MAIL CLIENT ADAPTER FOR ACCESSING MICROSOFT EXCHANGE WITH OAUTH 2.0

iFix Pack (V6.1.0.5_2)
Link Date Released Status
 Download Available

Security Fixes

APAR Description
IT41648 SECURITY VULNERABILITY EXISTS IN SFTP SERVER ADAPTER 2.0 IN IBM STERLING B2B INTEGRATOR

Regular Fixes

APAR Description
IT40662 FOR SFG ARRIVEDFILE EVENTS THE DATA FLOW HYPERLINK IS NOT AVAILABLE IN FILEGATEWAY WHEN CLICKING ON THE DATA FLOW LINK IN THE ARRIVED FILE SEARCH SCREEN
IT41706 GLOBAL MAILBOX - FILES UPLOADED TO ONE DC ARE NOT REPLICATED TO THE OTHER DC
 

Fix Pack (V6.1.0.6)
Link Date Released Status
 Download Available

Note: This Fix Pack also contains APAR security and regular fixes from 6.0.3.7 release.

Security Fixes

APAR Description
IT40312 XSS SECURITY VULNERABILITIES EXISTS IN DASHBOARD UI OF IBM STERLING B2B INTEGRATOR (DBS)
IT39958 XSS SECURITY VULNERABILITIES EXISTS IN DASHBOARD UI OF IBM STERLING B2B INTEGRATOR (DBS)
IT38888 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT38884 INVESTIGATE THE SECURITY VULNERABILITY OF APACHE COMPRESS (CVSS 7.5)
IT39547 SECURITY VULNERABILITY IN HTTP CLIENT AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2020-13956 CVSS 5.3)
IT38879 IBM STERLING B2B INTEGRATOR IS VULNERABLE TO INFORMATION DISCLOSURE DUE TO JUNIT4 (CVE-2020-15250)
IT41291 UPDATE SPRING FRAMEWORK (CVSS 5.4)
IT42094 SECURITY VULNERABILITIES IN JACKSON-DATABIND EXISTS IN B2B API OF IBM STERLING B2B INTEGRATOR FROM CORE-IO JAR (CVE-2019-12384 AND OTHERS CVSS 9.8)
IT42188 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42189 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT38890 SECURITY VULNERABILITIES IN ECLIPSE JETTY AFFECT IBM STERLING B2B INTEGRATOR (CVE-2021-34428, CVE-2021-28169, CVE-2021 CVSS 5.3)
IT42222 DENIAL OF SERVICE SECURITY VULNERABILITY IN SPRING FRAMEWORK AFFECTS B2B API OF IBM STERLING B2B INTEGRATOR (CVE-2022-22970 CVSS 6.5)
IT41672 [DAS] SQL INJECTION SECURITY VULNERABILITY EXISTS IN EBICS UI OF IBM STERLING B2B INTEGRATOR (CVE-2022-22338 CVSS 6.3)
IT41689 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)

Regular Fixes

APAR Description
IT36929 CASE SENSITIVE ISSUE OF FILENAME FILTER IN SFTP CLIENT SERVICES 2.0 IN BP FOR ".PDF" / ".PDF" IN 6.1 VERSION
IT41771 CHANGING ENCRYPTION STRENGTH SHOW ILLEGAL CHARACTERS WHEN BROWSER PREFERRED LANGUAGE IS CHINESE
IT39574 FILE GATEWAY IS GARBLED WHEN BROWSER PREFERRED LANGUAGE IS CHINESE
IT41493 XMLJSONTRANSFORMER DOCUMENTATION DOES NOT STATE IF XML DATA OF ONLY NUMERICS WILL BE OUTPUT AS STRING (IN QUOTES) OR NUMERIC (NO QUOTES)
IT40810 PGP KEYS OF TYPE NATIVE ARE LISTED UNDER PGP PUBLIC KEYS WHEN ACCESSED USING APIS
IT41500 UI NOT DISPLAYING ALL THE ENTRIES IN A CODE LIST IF THE COMBINATION OF SENDER AND RECEIVER RESULT IN THE SAME VALUE
IT40961 ERRORS IN OPS.LOG : JAVAX.NAMING.COMMUNICATIONEXCEPTION
IT40746 IF YOU CLICK FINISH MULTIPLE TIMES IN CREATE SSH USER IDENTITY KEY, MULTIPLE DUPLICATES ARE CREATED
IT40733 SWIFTNET7 AIX RA 7.4 : DEPENDENT MODULE LIBSWLNK.A COULD NOT BE LOADED
IT41814 CANNOT UPDATE B2B MAIL CLIENT ADAPTER INSTANCE VIA REST API IF SSL IS ENABLED AND MULTIPLE CA CERTIFICATES ARE ASSIGNED
IT41945 NO MQ REASON CODES FOR MQGET EXCEPTIONS IF DEBUG DISABLED IN WEBSPHEREMQ ASYNC RECEIVE ADAPTER
IT41034 REMOTE FAILS TO EXTRACT REAL FILENAME FROM B2B ENCRYPTED DOCUMENT BY NATIVEPGP PUBLIC KEY
IT41591 ISSUE WHILE ENABLING AND DISABLING ADAPTERS THROUGH UI
IT42048 ZIP FILE GETS CORRUPTED WHEN DOWNLOADED WITH THE REST API CLIENT SERVICE
IT41585 CUSTOMER IS SOMEHOW CREATING DUPLICATE NAMED SSH USER IDENTITY KEYS AND THEN IS UNABLE TO DELETE THEM IN THE DASHBOARD GUI
IT41763 FSA DOES NOT CLEAR THE LOCK. INTERMITTENT ISSUE
IT39445 INTERRUPTED FILE TRANSFER BEHAVES DIFFERENTLY FOR GLOBAL MAILBOX
IT42192 INSTALLING JARS OF LARGE SIZE - AWS S3 - OPENSHIFT
IT42183 SMIME/CMS SIGNATURE FAILURE FOR CUSTOMER "M GROUP" WITH "CANNOT FIND CLASS NAME FOR OID: OID 1.2.840.113549.1.9.52"
IT42200 AKS K8S 19.X USING HELM CHART IBM-SFG-PROD-2.0.5 TO CHANGE THE REST API POD TO USE MSSQL TLSV1.2 INSTEAD OF V1
IT42245 HELM CHART IBM-SFG-PROD-2.0.5 NOT COMPATIBLE WITH K8S 1.17.11
 

Fix Pack (V6.1.0.7)
Link Date Released Status
 Download Available

Note: This Fix Pack also contains APAR security and regular fixes from 6.0.3.8 release.

Security Fixes

APAR Description
IT43073 [ALL] IBM WEBSPHERE MQ - CVE-2022-42436 (PUBLICLY DISCLOSED VULNERABILITY) (CVSS 4.0)
IT43310 [ALL] JACKSON-DATABIND - CVE-2022-42004 (PUBLICLY DISCLOSED VULNERABILITY) (CVE-2022-42004 CVSS 6.2)
IT42431 IBM WEBSPHERE APPLICATION SERVER LIBERTY IS VULNERABLE TO HTTP HEADER INJECTION (CVE-2022-34165 CVSS 5.4)
IT43312 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43311 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42890 SECURITY VULNERABILITIES IN JQUERY.JS AFFECTS EBICS CLIENT UI OF IBM STERLING B2B INTEGRATOR (CVS 7.2)
IT41109 THE SECURITY VULNERABILITIES IN APACHE SANTUARIO XML SECURITY AFFECT IBM STERLING B2B INTEGRATOR (CVE-2021-40690, CVE-2014-8152 CVSS 5.3)
IT41111 XXE SECURITY VULNERABILITY IN APACHE POI AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2019-12415 CVSS 5.3)
IT40617 SECURITY VULNERABILITY IN JDOM AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2021-33813 CVSS 5.3)
IT43308 SECURITY VULNERABILITIES IN XSTREAM AFFECT IBM STERLING B2B INTEGRATOR (CVEID: CVE-2022-40151, 40152, 40153, 40154, 40155, 40156 CVSS 6.5)
IT43309 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42806 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)

Regular Fixes

APAR Description
IT42844 SEARCHING AS2 PARTNER PROFILE DOES NOT DISPLAY THE PARTNER WHILE TYPING IT IF THE PROFILE WAS CREATED VIA REST API
IT41206 SFTP SERVER ADAPTER 2.0 ENHANCEMENT
IT43147 WORKDAY WSDL IMPORT FAILS IN SI DUE TO SIZE
IT39574 FILE GATEWAY IS GARBLED WHEN BROWSER PREFERRED LANGUAGE IS CHINESE
IT39445 INTERRUPTED FILE TRANSFER BEHAVES DIFFERENTLY FOR GLOBAL MAILBOX
IT42530 NATIVEPGP ENCRYPTION FAILS FOR LARGER FILES WHEN COMPRESSION IS TURNED OFF
IT43152 SWAGGER-UI ERROR 500: JAVAX.SERVLET.SERVLETEXCEPTION: FILTER [SPRINGSECURITYFILTERCHAIN]: COULD NOT BE INITIALIZED
IT43071 CUSTOM PROTOCOLS ARE ONLY SEEN AS ENABLED FROM FILEGATEWAY UI WHEN A STANDARD PROTOCOL IS ENABLED
IT42689 RESOURCE TAG CONSISTS OF DELETED FILEGATEWAY PARTNERS WHEN EXPORTING
IT42453 SFGDBCHECK TOOL CREATES A MISSING MAILBOX WITH PRODUCERCODE INSTEAD OF PRODUCERNAME
IT43188 THE READ USER ACCOUNT REST API IS RETURNING THE WRONG AUTHENTICATION HOST OF EXTERNAL USERS
IT43300 FEW FILES ARE NOT PROCESSED AND BLOCKED ON CLA2 STEP. ENCRYPTION THREADS ARE RUNNING AND BLOCKING THE QUEUE WHEN TOO MUCH THREADS ARE IN THE QUEUE
IT42859 UNABLE TO CREATE SSH PROFILE IN V6.1.0.6 DUE TO ERROR - THE NAME IS DUPLICATE
IT43322 GLOBAL MAILBOX EVENT RULE ADAPTER DOES NOT SEND A USER ID PASSWORD TO IBM MQ GREATER THAN 12 CHARACTERS
IT42726 PGP PACKAGE SERVICE SIGNS DOCUMENT ALSO IF "SIGNED BY THE PARTNER" SET TO NO
IT42929 SFGDBCHECK TOOL IS REPORTING COMMUNITIES IN THE INCONSISTENT PARTNERS LIST
IT43103 MAILBOX MESSAGES IN MYFG2.0 UI DO NOT HONOR EXTRACTABILITY POLICIES
IT42619 TP_IMPORT/EXPORT.SH ALWAYS SHOWS "ERROR '1' DURING EXPORT FOR CD_NETMAPS
IT42237 LIBERTY LOGGING - STRANGE FOLDER NAME ${LOG-PATH} WITH ANALYTICS-%D{YYYY-MM-DD}.LOG
IT43181 UPDATION OF CODELIST ENTRIES UPON SORTING BY RECEIVERCODE/SENDERCODE REPORTS UI ERROR
IT42676 UNABLE TO IMPORT A PARTNER CONTAINING & IN THE PARTNER NAME
IT42746 SFTP CLIENT BEGIN SESSION STATUS REPORT VERY GENERIC
IT42490 NATIVE PGP UNPACKAGE SERVICE HAS INCORRECT "ACTION" IN PROCESS DATA FOR DECRYPT AND VERIFY
IT42461 SFTP CLIENT MOVE SERVICE FAILS WITH NO SUCH FILE
IT43468 EBICS SERVER AND EBICS CLIENT VERSIONS ARE NOT UPDATED ON THE SUPPORT PAGE IN OCP
IT43250 REST API UPDATE TRADING PARTNER API000411 ERROR FOR GLOBAL MAILBOX LISTENING PRODUCER
IT41142 WHEN CREATING ROUTING CHANNELS (VIA RESTAPI) FOR A PRODUCER PARTNER WITH SUBMAILBOXES, THE EVENT RULE IS GETTING CREATED FOR THE FIRST SUBMAILBOX ONLY AND NOT FOR THE SUBSEQUENT SUBMAILBOXES, AND THE EVENT RULE LIST ONLY ONE MAILBOX
IT42019 GLOBAL MAILBOX EVENTS WHICH ARE OLD ARE NOT BEING CLEARED FROM CASSANDRA TABLES
 

Fix Pack (V6.1.0.8)
Link Date Released Status
 Download Current

Security Fixes

APAR Description
IT43138 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43549 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43090 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43508 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43522 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44091 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44092 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44078 ECLIPSE JETTY (PUBLICLY DISCLOSED VULNERABILITY) (CVSS 5.3)
IT44300 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43649 SECURITY VULNERABILITIES IN JETTISON AFFECT EBICs CLIENT OF IBM STERLING B2B INTEGRATOR (CVE-2023-1436, CVSS 5.3)
IT43908 [ALL] APACHE COMMONS FILEUPLOAD (PUBLICLY DISCLOSED VULNERABILITY) (CVE-2023-24998 CVS 7.5)
IT44182 UPDATE SNAPPY-JAVA IN B2B API (CVSS 7.5)
IT44198 [ALL] IBM WEBSPHERE MQ - CVE-2023-32342 (PUBLICLY DISCLOSED VULNERABILITY) (CVSS 5.9)
IT44322 SECURITY VULNERABILITY IN COMMONS-BCEL AFFECT IBM STERLING B2B INTEGRATOR (CVE-2022-42920 CVSS 9.8)

Regular Fixes

APAR Description
IT43645 GM IMPORT UTILITY FAILS WITH JAVA.LANG.NOCLASSDEFFOUNDERROR: ORG.APACHE.COMMONS.COLLECTIONS.ARRAYSTACK
IT43762 EXTERNAL PURGE INSTALLED ON OPENSHIFT PLATFORM CLEARS ALL THE LOCKS WHEN IT STARTS
IT43734 RESTAPI - WHEN USING THE RESTAPI UI HTTP://IP:BASEPORT+74/B2BAPIS/SVC TO CREATE MAILBOXES THE FOLLOWING ERROR MESSAGE IS RAISED IN LOGFILE (SYSTEM.LOG)
IT43643 STERLING INTEGRATOR IB 997 PROCESS DATA SHOWS SUCCESSFUL BUT THE 997 RECONCILIATION REPORT HAS AN ERROR
IT41328 QUERY ON FG_ROUTE TABLE DOES NOT USE BIND VARIABLES
IT43785 NOT ABLE TO SEND EMAIL FROM STERLING INTEGRATOR / SBI / B2BI TO MS EXCHANGE ONLINE USING SMTP SEND ADAPTER
IT43301 DIRECT TRANSFERS ARE SLOW WHEN USING GLOBAL MAILBOX
IT42183 SMIME/CMS SIGNATURE FAILURE FOR CUSTOMER "M GROUP" WITH "CANNOT FIND CLASS NAME FOR OID"
 

Mod Pack (V6.1.1.0)
Date Released Status
Important: You can download the fix from Passport Advantage.
Note: This Mod Pack also contains APAR security and regular fixes from 6.0.0.7 and 6.1.0.3 releases.

Security Fixes

APAR Description
IT35823 INFORMATION DISCLOSURE VULNERABILITIES AFFECT IBM STERLING B2B FILE GATEWAY USER INTERFACE (CVE-2021-20485, CVE-2021-20563)
IT36688 SECURITY VULNERABILITY: CSRF TOKEN APPEARS IN THE URLS FOR FILEGATEWAY USER INTERFACE (AFT)
IT37682 UPDATE APACHE TOMCAT JARS (CVSS 9.8)
IT36354 SECURITY VULNERABILITY: REFLECTED CROSS-SITE SCRIPTING VULNERABILITY IN IBM STERLING B2B INTEGRATOR​ DISCOVERED BY THIRD PARTY
IT37597 CROSS-SITE SCRIPTING VULNERABILITY AFFECTS THE MAILBOX USER INTERFACE OF IBM STERLING B2B INTEGRATOR (CVE-2021-29855)
IT33759 IBM STERLING B2B INTEGRATOR VULNERABLE TO CROSS-SITE AJAX REQUEST VULNERABILITY DUE TO PROTOTYPE JAVASCRIPT (CVE-2008-7220)
IT36390 SECURITY VULNERABILITY: MYFILEGATEWAY USER CAN UPLOAD THE FILE EVEN THOUGH THE UPLOAD TAB IS DISABLED
IT36280 SECURITY VULNERABILITY: MYFILEGATEWAY UI DISPLAYS SENSITIVE INFORMATION AFTER LOGOUT
IT36300 SECURITY VULNERABILITY - MYFILEGATEWAY FILE-NAME COULD BE INTERCEPTED TO INJECT DISALLOWED CHARACTERS IN FILENAME
IT37862 B2BIAPIS --> SECOND_ORDER_SQL_INJECTION [1]
IT36900 SECURITY VULNERABILITY: PERMISSION CONTROL SECURITY VULNERABILITY EXISTS IN CREATING USER NEWS IN THE DASHBOARD USER INTERFACE
IT36914 SECURITY VULNERABILITY: PERMISSION CONTROL SECURITY VULNERABILITIES EXISTS WHILE DOWNLOADING WAR FILE FROM WEB EXTENSION UTILITY
IT36930 SECURITY VULNERABILITY: ACCESS CONTROL SECURITY VULNERABILITY EXISTS WHILE VIEWING THE ROSETTA NET ACTIVITIES
IT36609 SECURITY VULNERABILITY: PERSISTENT XSS SECURITY VULNERABILITY EXISTS IN THE WEB SERVICE MANAGEMENT USER INTERFACE
IT36447 SECURITY VULNERABILITY: 3RD PARTY STORED CROSS SITE SCRIPTING IN IBM STERLING B2B INTEGRATOR
IT37031 SECURITY VULNERABILITY: STORED XSS SECURITY VULNERABILITY EXISTS IN DASHBOARD USER INTERFACE CAUSED BY NOT CHECKING SERVER NAME IN CREATING A PERIMETER SERVER
IT37777 UNABLE TO DISABLE SPECIFIC TLS VERSION (TLS 1.0) ON HTTP SERVER ADAPTER USING SSLHELLOPROTOCOL
IT37848 UPGRADE LOG4J (CVSS 7.8)
IT37914 UPGRADE NETTY JAR (CVSS 9.1)
IT37678 UPGRADE DATA MAPPER FOR JACKSON (CVSS 7.5)
IT37859 UPGRADE XSTREAM TO 1.4.17 (CVSS 8.8)
IT37693 UPDATE APACHE COMMONS BEANUTILS (CVSS 7.5)
IT37613 B2BI_DOCKER CLUMP --> SECOND_ORDER_SQL_INJECTION [2]
IT37612 CROSS-SITE REQUEST FORGERY [3]
IT35458 SECURITY VULNERABILITY: [ALL] ECLIPSE JETTY (PUBLICLY DISCLOSED VULNERABILITY)
IT37681 UPGRADE XML BEAN (CVSS 9.1)
IT37858 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT37642 CROSS-SITE SCRIPTING VULNERABLITY AFFECTS THE DASHBOAD UI OF IBM STERLING B2B INTEGRATOR (CVE-2021-29836)
IT38514 UPDATE APACHE TAGLIBS (CVSS 7.5)
IT37677 UPGRADE JACKSON DATAFORMATS JAR (CVSS 7.5)
IT37615 UPDATE APACHE XCERCES2 J (CVSS 7.5)
IT38149 UPDATE JBOSS DROOLS (CVSS 7.5)
IT37913 UPDATE BOUNCY CASTLE JAR IN GATEWAY.WAR (CVSS 9.8)
IT36552 UPDATE JASPERREPORTS (CVSS 8.8)
IT36570 SECURITY VULNERABILITY: INFORMATION DISCLOSURE SECURITY VULNERABILITY IN THE DASHBOARD USER INTERFACE
IT35845 CROSS SITE SCRIPTING VULNERABILITY 6.1 (PERSISTENT XSS)       
IT37912 IBM WEBSPHERE MQ (PUBLICLY DISCLOSED VULNERABILITY)
IT35837 SECURITY VULNERABILITY: SESSION FIXATION SECURITY VULNERABILITY IN FILEGATEWAY
IT35660 SECURITY VULNERABILITY: USER ENUMERATION VULNERABILITY IN MYFILEGATEWAY USER INTERFACE                              
IT35654 ACCESS SECURITY CONTROL VULNERABILITY AFFECTS IBM STERLING FILE GATEWAY (CVE-2021-20375)
IT35605 ACCESS CONTROL VULNERABILITY AFFECTS IBM STERLNG FILE GATEWAY (CVE-2021-20372)
IT35181 THE FILEGATEWAY AND MYFILEGATEWAY USER INTERFACES LACK SUFFICIENT PERMISSION CONTROL
IT38515 APACHE KAFKA VULNERABILITIES AFFECT THE B2B API OF IBM STERLING B2B INTEGRATOR (CVE-2017-12610, CVE-2018-1288)
IT38512 UPDATE JACKSON-DATABIND JAR (CVSS 9.8)

Regular Fixes

APAR Description
IT35859 ROSETTANET ISSUE AFTER REACHING INT LIMIT FOR WFID
IT36453 ERROR DECRYPTING DB PASSWORD AFTER UPGRADING TO B2BI 6.1.0.1 WITH FIPS
IT37796 IGNORELATEINBOUND LOG SHOWS INCORRECT DELIVERY TIME AND AS A RESULT REQUEST IS HANDLED AS TIMEOUT
IT37462 THE NEW QUERY.CALCDOCUMENTLIFESPANSQL1.MSSQL QUERY IS TRYING TO INSERT DUPLICATE WORKFLOW_ID IN THE BPMV_LS_WRK TABLE
IT37692 EBICS SERVER GENERATES DUPLICATE ORDER IDS
IT38106 SILENTINSTALLATIONFILECONVERTER UTILITY IS CREATING DUPLICATE PARAMETERS WITH OPPOSITE VALUES
IT38091 USERACCOUNTS LIST API ALONG WITH QUERY PARAMETERS IS THROWING AN ERROR
IT37875 STERLING B2BI-RESTAPI-GETPAYLOADDATA FAILS IN V6.1.0.2
IT37921 EBICS CLIENT SERVICES DOES NOT REPORT PROPERLY FAILURE STATUS
IT38047 EBICS PARTNERS WITH ENTRIES IN STERLING FILE GATEWAY - PARTNERS ARE LEFT WHEN ENTRIES IN PROFILE MANAGER - PARTNER CONFIGURATION ARE DELETED

Fix Pack (V6.1.1.0_1)
Link Date Released Status
 Download Superseded

Security Fixes

APAR Description
IT39380 UPGRADE LOG4J TO 2.17.0

Fix Pack (V6.1.1.0_2)
Link Date Released Status
 Download Available

Security Fixes

APAR Description
IT39737 UPGRADE LOG4J TO 2.17.1

Regular Fixes

APAR Description
IT38166 AFTER APPLYING 6.0.3.4 IFIX APAR IT37392, SFTP CLIENT GET FAILS WITH ERROR MESSAGE = [NO SUCH FILE: THE MESSAGE [XXX/ABC] IS NOT EXTRACTABLE!
IT40130 AFTER UPGRADING FROM B2BI 6.1.0.0 TO 6.1.1.0, MANY OF THE HTTPS SERVER ADAPTERS FAIL TO START AFTER THE NODE STARTS UP

Fix Pack (V6.1.1.1)
Link Date Released Status
 Download
Note: This Fix Pack also contains APAR security and regular fixes from 6.1.0.4 release.

Security Fixes

APAR Description
IT37287 INFORMATION DISCLOSURE SECURITY VULNERABILITY EXISTS IN IBM STERLING B2B INTEGRATOR WEB USER INTERFACE (JETTY 404) (CVE-2021-39033 4.3)
IT38888 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT38877 SECURITY VULNERABILITIES IN XSTREAM AFFECT THE B2B API OF IBM STERLING B2B INTEGRATOR
IT38878 SECURITY VULNERABILITIES IN APACHE SANTURARIO AFFECT IBM STERLING B2B INTEGRATOR (CVE-2013-4517, CVE-2013-2172 CVSS 5.0)
IT38879 IBM STERLING B2B INTEGRATOR IS VULNERABLE TO INFORMATION DISCLOSURE DUE TO JUNIT4 (CVE-2020-15250)
IT38884 INVESTIGATE THE SECURITY VULNERABILITY OF APACHE COMPRESS (CVSS 7.5)
IT39126 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39125 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39090 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT38412 PERMISSION CONTROL SECURITY VULNERABILITY EXITS IN THE MAILBOX USER INTERFACE OF IBM STERLING B2B INTEGRATOR
IT33759 IBM STERLING B2B INTEGRATOR VULNERABLE TO CROSS-SITE AJAX REQUEST VULNERABILITY DUE TO PROTOTYPE JAVASCRIPT (CVE-2008-7220)
IT38705 INFORMATION DISCLOSURE SECURITY VULNERABILITY EXISTS IN THE REST B2B API IN IBM STERLING B2B INTEGRATOR
IT39737 UPGRADE LOG4J TO 2.17.1

Regular Fixes

APAR Description
IT39094 ERROR WHILE CREATING EBICS BTF SERVICE
IT39226 S3 CLIENT ADAPTER STOPS AFTER UPGRADE TO SI 6.1.1
IT39228 EBICS: DUPLICATE ORDER FAILURES NOT LOGGED IN FILEGATEWAY
IT39229 ERRORCODE = "CONNECTION LEAK" IN JETTY.LOG AND SCI.LOG
IT39281 ENHANCE CDSA TO PASS SACCOUNT AND PACCOUNT INFORMATION TO A B2BI BUSINESSES PROCESS
IT39445 INTERRUPTED FILE TRANSFER BEHAVES DIFFERENTLY FOR GLOBAL MAILBOX
IT39494 UNABLE TO VIEW A SWIFTNETROUTING RULE IN B2BI 6.1.1
IT39649 UNABLE TO CREATE A ROUTE ON A SUB-MAILBOX IN GLOBAL MAILBOX IF A ROUTE ALREADY EXISTS ON ANOTHER SUB-MAILBOX UNDER THE SAME PARENT MAILBOX
IT35379 AWSS3CLIENT / PUT SERVICE GENERATES FILES INTO THE SI INSTALL/TMP DIRECTORY WHICH ARE NOT DELETED
IT39528 WINDOWS XCOPY COMMANDS CAUSING UPGRADEJDK.CMD SCRIPT TO FAIL
IT39855 FILE UPLOAD TO S3 BUCKET USING MAILBOX OPTION DOESN’T WORK
IT39681 B2BI TAGLIBS (JSLT) UPGRADE FROM 1.1.2 TO 1.2.5 IN EBICS CLIENT AND SERVER REST APIS
IT39163 DUPLICATE HAC REQUEST SENT BY THE EBICS HAC SCHEDULER
IT39774 SFTP CLIENT 2.0 PWD SERVICE DIDN'T RETURN THE SAME RESULT COMPARED TO SFTP CLIENT 1.0 PWD SERVICE
IT34982 REMOTE HOST IS INVALID. PLEASE ENTER A VALID DOMAIN NAME OR IPV4 OR IPV6 ADDRESS

Fix Pack (V6.1.1.2)
Link Date Released Status
 Download
Note: This Mod Pack also contains APAR security and regular fixes from releases:

Security Fixes

APAR Description
IT38890 SECURITY VULNERABILITIES IN ECLIPSE JETTY AFFECT IBM STERLING B2B INTEGRATOR (CVE-2021-34428, CVE-2021-28169, CVE-2021 CVSS 5.3)
IT40312 XSS SECURITY VULNERABILITIES EXISTS IN DASHBOARD UI OF IBM STERLING B2B INTEGRATOR (DBS)
IT39442 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39357 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39422 IBM STERLING B2B INTEGRATOR DASHBOARD UI IS VULNERABLE TO SENSITIVE INFORMATION EXPOSURE (CVE-2021-39087)
IT39433 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39434 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39424 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39440 SQL INJECTION SECURITY VULNERABILITY EXISTS IN THE DASHBOARD UI OF IBM STERLING B2B INTEGRATOR (CVE-2021-39085, CVSS 6.3)
IT39438 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39547 SECURITY VULNERABILITY IN HTTPCLIENT AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2020-13956 CVSS 5.3)
IT41026 HTTP SESSION DOES NOT EXPIRE AFTER PASSWORD CHANGE
IT40552 IBM STERLING B2B INTEGRATOR VULNERABLE TO DENIAL OF SERVICE DUE TO XSTREAM (CVE-2021-43859)
IT39958 XSS SECURITY VULNERABILITIES EXISTS IN DASHBOARD UI OF IBM STERLING B2B INTEGRATOR (DBS)
IT38888 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT41002 SECURITY VULNERABILITIES IN CKEDITOR EXISTS IN B2B API OF IBM STERLING B2B INTEGRATOR (CVSS 7.6)
IT41085 WILDCARD IS SPECIFIED FOR HTTP CORS HEADER IN THE B2BI API FOR IBM STERLING B2B INTEGRATOR
IT41370 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT41292 JACKSON-DATABIND BEFORE 2.13.0 ALLOWS A JAVA STACKOVERFLOW EXCEPTION AND DENIAL OF SERVICE (CVE-2020-36518 CVSS 7.5)
IT41369 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT41250 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT41291 UPDATE SPRING FRAMEWORK (CVSS 5.4)
IT39105 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT40617 SECURITY VULNERABILITY IN JDOM AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2021-33813 CVSS 5.3)
IT39360 INFORMATION DISCLOSURE SECURITY VULNERABILITY EXISTS IN THE USER INTERFACE OF IBM STERLING FILE GATEWAY (DBS VERBOSE ERROR MESSAGE)  (CVE-2021-39086 CVSS 4.3)
IT41490 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT40669 IBM STERLING FILE GATEWAY IS VULNERABLE TO MULTIPLE ISSUES DUE TO BOUNCY CASTLE
IT41648 SECURITY VULNERABILITY EXISTS IN SFTP SERVER ADAPTER 2.0 IN IBM STERLING B2B INTEGRATOR
IT39104 DBS HAS REPORTED STORED CROSS SITE SCRIPTING VULNERABILITY ON 6.0.3.3
IT39235 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)

Regular Fixes

APAR Description
IT40068 SSHKEYGRABBER - ORG.APACHE.SSHD.COMMON.RUNTIMESSHEXCEPTION: FAILED TO GET THE SESSION
IT40444 SWIFTNET7: REQUEST FAILING DURING START OF ADAPTER
IT38279 CUSTOM IFIX REQUEST FOR APAR IT38279 AND IT36968
IT41153 SFG PARTNER CREATION ROUTINE HAS LONG DELAYS FOR SOME SCREENS TO POPULATE
IT40821 SWIFTNET7: HANDLING OF MESSAGEEXPIRED
IT40778 SFTP SERVER ADAPTER IN READ-ONLY VIEW SHOWS "CIPHER NOT FOUND IN SERVER CIPHER LIST" NEXT TO PREFERREDCIPHER
IT39881 EBICS A/B SIGNATURES NOT WORKING
IT39445 INTERRUPTED FILE TRANSFER BEHAVES DIFFERENTLY FOR GLOBAL MAILBOX
IT40236 CHANGING DASHBOARD_TOPBAR_SUB_INTEGRATOR.GIF WITH API CUSTOMIZATION UI IS NOT PERMANENT / DEPLOYER RESETS
IT40988 CDSA - STERLING CONNECT:DIRECT SERVER PRIMITIVE COPYTO SERVICE STATUS REPORT MISSING INFORMATION
IT40057 DATE PICKER IN DOWNLOAD TAB OF MYFILEGATEWAY UI IS DISABLED
IT41090 OLD VERSION OF CDJAI.JAR COMPILED WITH OLD JAVA VERSION
IT41372 SQL INJECTION EXISTS IN EBICSCLIENT UI
IT41089 UNABLE TO UPLOAD ZERO BYTE FILE VIA MYFILEGATEWAY IN B2BI 6010101
IT39867 ERROR WHEN SEARCHING OR LISTING FILE FORMATS IN THE EBICS CLIENT UI SET FOR FRENCH LANGUAGE
IT40972 STERLING INTEGRATOR NATIVE PGP DISABLE COMPRESS
IT40141 NATIVE PGP DECRYPTION OF FILE WITH .ASC FILE EXTENSION ADDS PERIOD TO END OF DECRYPTED FILE NAME
IT40263 ACCENTED CHARACTERS DISPLAY INCORRECTLY IN THE EBICS CLIENT UI SET FOR FRENCH LANGUAGE
IT40130 AFTER UPGRADING FROM B2BI 6.1.0.0 TO 6.1.1.0, MANY OF THE HTTPS SERVER ADAPTERS FAIL TO START AFTER THE NODE STARTS UP
IT41271 EBICS COF FOR CDB - H003 WITH FILEFORMAT PAIN.008.00X.02.SBB.CDB FAILING
IT39970 EBICS SERVER COF CONFIGURATION ERROR DURING CREATION
IT40056 EBICS - VEU/EDS ORDER FAILED FOR HVE ON 6.1.1.0 EBICS SERVER / CLIENT USING H003
IT39964 SOA OUTBOUND SERVICE - CANNOT FIND DOM MECHANISM TYPE
IT41150 RESTAPICLIENT: STRINGINDEXOUTOFBOUNDSEXCEPTION IN BP
IT40633 UNIQUE CONSTRAINT (PKOS09.SCI_PK_215) VIOLATED ON REST API POST
IT40252 GETARRIVEDFILEDETAILS API DOES NOT RETURN RESPONSE IN SWAGGER UI
IT40348 PGP DECRYPT FAILING AFTER MIGRATING FROM SYMANTEC TO NATIVE PGP
IT40346 BULK IMPORT OF PGP KEYS INTO NATIVE PGP THROWS ERROR AFTER IMPORTING AROUND 100 PGP KEYS
IT41411 EDIT SERVICE ADAPTOR CONFIG FAILS WITH "PROCESSING ERROR"
IT36929 SFTP CLIENT LIST SERVICE FAILS TO LIST FILES BY CASE-INSENSITIVE SEARCH
IT41631 ENHANCE B2B MAIL CLIENT ADAPTER FOR ACCESSING MICROSOFT EXCHANGE WITH OAUTH 2.0

Fix Pack (V6.1.1.3)
Link Date Released Status
 Download
Note: This Fix Pack also contains APAR security and regular fixes from 6.1.0.6 release.

Security Fixes

APAR Description
IT41109 THE SECURITY VULNERABILITIES IN APACHE SANTUARIO XML SECURITY AFFECT IBM STERLING B2B INTEGRATOR (CVE-2021-40690, CVE-2014-8152 CVSS 5.3)
IT42431
IBM WEBSPHERE APPLICATION SERVER LIBERTY IS VULNERABLE TO HTTP HEADER INJECTION (CVE- 2022-34165 CVSS 5.4)
IT42505 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT41715 SPECIAL CHARACTERS CAN BE ENTERED TO A LOG FILE WITH UNSUCCESSFUL LOGIN TO DASHBOARD UI OF IBM STERLING B2B INTEGRATOR
IT41689 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42295 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42440 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT41362 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)

Regular Fixes

APAR Description
IT42211 UNABLE TO EXPORT OFTP PARTNERS IN SI 6.1.1
IT42353 SFTP CLIENT ADAPTER SESSIONS ARE NOT DISTRIBUTED ACROSS CLUSTER NODES
IT41102 CD REQUESTER SUBMIT SERVICE IS FAILING
IT41838 EXCEPTION WHEN GNUPG 8BIT KEY IS MIGRATED VIA PGPPARTNERKEYSMIGRATION.SH
IT41833 ERROR WHILE SYSTEM CERT CHECKIN IN TXT FORMAT - OBJECTIDENTIFIER() -- DATA ISN'T AN OBJECT ID (TAG = 48)
IT41739 PARTNER USER NOT ADDED TO MAILBOX PERMISSIONS WHEN CREATING ROUTING CHANNEL USING B2B API
IT40821 HANDLING OF MESSAGEEXPIRED
IT42419 MONTHLY SCHEDULE NOT WORKING PROPERLY ON V6.1.1.1
IT36929 SFTP CLIENT LIST SERVICE FAILS TO LIST FILES BY CASE-INSENSITIVE SEARCH
IT40918 6.1.1 HAVING ISSUES WITH SCP (LINUX) TO SSH 2.0 SERVER ADAPTER
IT42144 EBICS CLIENT UI NOT SHOWING X509 CERTIFICATE NAMES WHILE CREATING NEW EBICS USER
IT41974 COF CREATION IS CAUSING ISSUE IF CONFIGURED ON EBICS CLIENT AND SERVER IN THE SAME ENVIRONMENT
IT41790 IBM STERLING & ADP SSH SPECIAL CHARACTER ENHANCEMENT REQUEST
IT42186 REST API FOR FETCHING SCHEDULE DETAILS, IT'S GIVING WRONG INFORMATION WHEN IT COMES TO SCHEDULE TYPE “SERVICE CONFIGURATION”
IT41912 ON RESTART HTTP SERVER ADAPTERS CREATES NEW BLOB ENTRIES IN HSM AND DELETES THE OLDER ONE
IT42286 EXTERNAL PURGE LOG ERROR DB2 SQL ERROR: SQLCODE=-805, SQLSTATE=51002 (PROD)
IT42241 INCORRECT ITEMS SELECTED ON PGP MANAGER WHILE USING CHROME OR EDGE BROWSER
IT42508 DEFAULTSFTP IN SFTP.PROPERTIES HAS BEEN SET TO 1.0. IT SHOULD BE 2.0
IT42547 UPGRADE FROM V6.1.1.0 TO V6.1.1.1 FAILS WITH ERROR COM.IBM.STERLING.AFC.INSTALL.LAUNCH.BACKENDLAUNCHER.RUN(BACKENDLAUNCHER.JAVA:354)
IT41814 CANNOT UPDATE B2B MAIL CLIENT ADAPTER INSTANCE VIA REST API IF SSL IS ENABLED AND MULTIPLE CA CERTIFICATES ARE ASSIGNED
IT42496 CREATE A NEW PARTNER ON FILEGATEWAY 6.1.1.1 --> UI WINDOW REMAINS WHITE WITH SPANISH LANGUAGE SETTINGS
IT42622 CONNECT:DIRECT SERVER ADAPTER NOT HONOR DOCUMENT STORAGE TYPE OF SYSTEM DEFAULT WITH DEFAULTSTORAGETYPE=FS
IT40662 FOR SFG ARRIVEDFILE EVENTS THE DATA FLOW HYPERLINK IS NOT AVAILABLE IN FILEGATEWAY WHEN CLICKING ON THE DATA FLOW LINK IN THE ARRIVED FILE SEARCH SCREEN
IT42019 GLOBAL MAILBOX EVENTS WHICH ARE OLD ARE NOT BEING CLEARED FROM CASSANDRA TABLES
IT42549 DOCUMENT NOT FOUND DURING ROUTING AFTER UPGRADING TO 6112 + CUSTOM FIX
IT41706 GLOBAL MAILBOX - FILES UPLOADED TO ONE DC ARE NOT REPLICATED TO THE OTHER DC
IT41065 GLOBAL MAILBOX EVENT RULE ADAPTER DOES NOT RESPECT BATCH MODE AND INVOKES AS IMMEDIATE MODE LEADING TO SAME FILES TO BE PROCESSED TWICE

Fix Pack (V6.1.1.4)
Link Date Released Status
 Download
Note: This Fix Pack also contains APAR security and regular fixes from 6107 release.

Security Fixes

APAR Description
IT42896 SECURITY VULNERABILITIES IN SPRING SECURITY AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2022-31692, CVE-2022-22978 CVSS 8.2)
IT43557 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43555 VULNERABILITY IN THE APACHE JAMES MIME4J LIBRARY USED BY IBM WEBSPHERE APPLICATION SERVER LIBERTY WHEN THE FEATURE RESTFULWS-3.0 IS ENABLED (CVE-2022-45787 CVSS 5.5)
IT43625 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43624 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43473 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43508 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43110 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43073 [ALL] IBM WEBSPHERE MQ - CVE-2022-42436 (PUBLICLY DISCLOSED VULNERABILITY) (CVSS 4.0)
IT43308 SECURITY VULNERABILITIES IN XSTREAM AFFECT IBM STERLING B2B INTEGRATOR (CVEID: CVE-2022-40151, 40152, 40153, 40154, 40155, 40156 CVSS 6.5)
IT42890 SECURITY VULNERABILITIES IN JQUERY.JS AFFECTS EBICS CLIENT UI OF IBM STERLING B2B INTEGRATOR (CVS 7.2)
IT41109 THE SECURITY VULNERABILITIES IN APACHE SANTUARIO XML SECURITY AFFECT IBM STERLING B2B INTEGRATOR (CVE-2021-40690, CVE-2014-8152 CVSS 5.3)
IT43312 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43678 SECURITY VULNERABILITIES IN SNAKEYAML AFFECT B2B API OF IBM STERLING B2B INTEGRATOR (CVE-2017-18640, CVE-2022-25857, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-41854, CVE-2022-1471 CVSS CVSS 8.3)
IT43720 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43649 SECURITY VULNERABILITIES IN JETTISON AFFECT EBLICS CLIENT OF IBM STERLING B2B INTEGRATOR (CVE-2023-1436, CVSS 5.3)
IT43310
[ALL] JACKSON-DATABIND - CVE-2022-42004 (PUBLICLY DISCLOSED VULNERABILITY) (CVE-2022-42004 CVSS 6.2)
IT43051 CSRF SECURITY VULNERABILITY EXISTS IN ROSETTANET SEARCH IN DASHBOARD UI OF IBM STERLING B2B INTEGRATOR (CVE-2022-35638)
IT43090 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)

Regular Fixes

APAR Description
IT43547 INSTALLATION LEAVES JAR FILE IN <INSTALL-DIR> - WASTE OF SPACE OR NEEDED
IT42719 EBICS SERVER - FDL FROM CLIENT INTERMITTENTLY FAILING
IT43244 /B2BAPIS/SVC/USERACCOUNTS DOES NOT ALLOW UPPERCASE FOR EMAIL FIELD
IT43149 PROPERTY STRONGTLS1.2ONLYCIPHERSUITE NOT HONORED
IT42745 ITEMS RELATED TO THE "SOCKET.TCPKEEPALIVE" PROPERTY CONFLICT WITH EACH OTHER
IT43400 WHEN SQL BATCHING IS ENABLED THE INSERTS IN DB ON THE OUTPUT SIDE ARE EXECUTED IN AN UNPREDICTABLE ORDER
IT43321 DELETE ROUTINGCHANNEL API RETURNS 400 RESPONSE, ROUTING CHANNEL IS DELETED
IT43601 ERROR JAVAX.XML.TRANSFORM.TRANSFORMERFACTORYCONFIGURATIONERROR: PROVIDER COM.STERLINGCOMMERCE.WOODSTOCK.XML.XSLT.TRANSFORMERFACTORYIMPL NOT FOUND
IT43047 SFTP2.0 USER EXIT ISFTPSERVERUSEREXIT_ONPUTBEFOREEXECUTE USING OUTPUT PARAMETER KEY_CONTINUE_CMD_EXECUTION DOESN'T WORK AS DOCUMENTED
IT42747 XMLJSONTRANSFORMER SERVICE FAILS WHEN INPUT JSON IS ARRAY OF ELEMENTS WITHOUT ROOT ELEMENT
IT43059 SFTP2.0 USER EXIT ISFTPSERVERUSEREXIT_ONLSCDBEFOREEXECUTE DOESN'T WORK AS DOCUMENTED
IT43027 CIPHERS DEFINED IN SECURITY.STRONG/WEAK/ALLCIPHERSUITE THROUGH CUSTOMIZATION UI ARE NOT PICKED UP BY ADAPTER PORT
IT43026 CIPHERS DEFINED IN SECURITY.JDKCIPHERSUITE THROUGH CUSTOMIZATION UI ARE NOT PICKED UP BY SECURE BASE PORT
IT43651 FILGATEWAY FLICKERING ISSUE IN B2BI 6.1.1.0
IT42183 EDIINTPIPELINEPARSE HITS AN ERROR MESSAGE: COM.TRUSTPOINT.ASN.ASNEXCEPTION: CANNOT FIND CLASS NAME FOR OID: OID 1.2.840.113549.1.9.52
IT43301 DIRECT TRANSFERS ARE SLOW WHEN USING GLOBAL MAILBOX
IT43054 PRIVATE CERTIFICATES FOR AN EBICS USER ARE NOT DISPLAYED IN EBICS CLIENT UI
IT43250 REST API UPDATE TRADING PARTNER API000411 ERROR FOR GLOBAL MAILBOX LISTENING PRODUCER
IT41142 WHEN CREATING ROUTING CHANNELS (VIA RESTAPI) FOR A PRODUCER PARTNER WITH SUBMAILBOXES THE EVENT RULE IS GETTING CREATED FOR THE FIRST SUBMAILBOX ONLY AND NOT THE SUBSEQUENT SUBMAILBOXES, AND THE EVENT RULE LIST ONLY 1 MAILBOX
IT43747 EBICS SERVER - COF CANNOT BE CONFIGURED FOR CERTAIN FILE FORMATS
IT42502 EBICS SERVER INI AND HIA IS FAILING
IT43878 HTD ORDER IS FAILING FOR H003
IT43874 FUL ORDER SUBMISSION IS FAILING

Mod Pack (V6.1.2.0)
Link Date Released Status
 Download
Important: Download the Mod Pack from Passport Advantage.
Note: This Mod Pack also contains APAR security and regular fixes from releases:

Security Fixes

APAR Description
IT39380 UPGRADE LOG4J TO 2.17.1
IT38884 INVESTIGATE THE SECURITY VULNERABILITY OF APACHE COMPRESS (CVSS 7.5)
IT38888 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT38879 IBM STERLING B2B INTEGRATOR IS VULNERABLE TO INFORMATION DISCLOSURE DUE TO JUNIT4 (CVE-2020-15250)
IT38878 SECURITY VULNERABILITIES IN APACHE SANTURARIO AFFECT IBM STERLING B2B INTEGRATOR (CVE-2013-4517, CVE-2013-2172 CVSS 5.0)
IT38877 SECURITY VULNERABILITIES IN XSTREAM AFFECT THE B2B API OF IBM STERLING B2B INTEGRATOR
IT33759 IBM STERLING B2B INTEGRATOR VULNERABLE TO CROSS-SITE AJAX REQUEST VULNERABILITY DUE TO PROTOTYPE JAVASCRIPT (CVE-2008-7220)
IT38705 INFORMATION DISCLOSURE SECURITY VULNERABILITY EXISTS IN THE REST B2B API IN IBM STERLING B2B INTEGRATOR
IT39126 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT38890 SECURITY VULNERABILITIES IN ECLIPSE JETTY AFFECT IBM STERLING B2B INTEGRATOR (CVE-2021-34428, CVE-2021-28169, CVE-2021 CVSS 5.3)
IT40669 IBM STERLING FILE GATEWAY IS VULNERABLE TO MULTIPLE ISSUES DUE TO BOUNCY CASTLE
IT39125 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39545 SECURITY VULNERABILITY IN APACHE COMMON IO AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2021-29425 CVSS 7.5)

Regular Fixes

APAR Description
IT39936 NULLPOINTEREXCEPTION OCCURRED IN DELETING MESSAGE WITH MAILBOX DELETE SERVICE FOR GLOBAL MAILBOX
IT39935 FILES ARE NOT BEING REMOVED FROM FILE SHARE EVEN THOUGH THEY ARE DELETING ALL MAILBOX MESSAGES AFTER 14 DAYS WITH A BUSINESS PROCESS
IT41631 ENHANCE B2B MAIL CLIENT ADAPTER FOR ACCESSING MICROSOFT EXCHANGE WITH OAUTH 2.0

Fix Pack (V6.1.2.1)
Link Date Released Status
 Download
Note: This Fix Pack also contains APAR security and regular fixes from 6.1.0.6 release.

Security Fixes

APAR Description
IT42094
SECURITY VULNERABILITIES IN JACKSON-DATABIND EXISTS IN B2B API OF IBM STERLING B2B INTEGRATOR FROM CORE-IO JAR (CVE-2019-12384 AND OTHERS CVSS 9.8)
IT39422 DBS HAS REPORTED SECURITY VULNERABILITY, INSUFFICIENT AUTHORIZATION CONTROLS ON 6.0.3.3
IT39547 SECURITY VULNERABILITY IN HTTPCLIENT AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2020-13956  CVSS 5.3)
IT39357 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39360 INFORMATION DISCLOSURE SECURITY VULNERABILITY EXISTS IN THE USER INTERFACE OF IBM STERLING FILE GATEWAY (DBS VERBOSE ERROR MESSAGE)  (CVE-2021-39086 CVSS 4.3)
IT39562 SECURITY VULNERABILITY IN APACHE COMMON COMPRESS 1.20 AFFECTS B2B API OF IBM STERLING B2B INTEGRATOR (CVSS 5.5)
IT39105 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT41648 SECURITY VULNERABILITY EXISTS IN SFTP SERVER ADAPTER 2.0 IN IBM STERLING B2B INTEGRATOR
IT39958 XSS SECURITY VULNERABILITIES EXISTS IN DASHBOARD UI OF IBM STERLING B2B INTEGRATOR (DBS)
IT40312 XSS SECURITY VULNERABILITIES EXISTS IN DASHBOARD UI OF IBM STERLING B2B INTEGRATOR (DBS)
IT39438 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39434 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39433 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39424 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39442 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39440 DBS HAS REPORTED SQL INJECTION VULNERABILITY ON 6.0.3.3
IT42395 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42393 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42394 XSS SECURITY VULNERABILITY EXISTS IN THE MAILBOX UI OF IBM STERLING B2B INTEGRATOR (CHECKMARX)
IT42443 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT40617 SECURITY VULNERABILITY IN JDOM AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2021-33813 CVSS 5.3)
IT41715 SPECIAL CHARACTERS CAN BE ENTERED TO A LOG FILE WITH UNSUCCESSFUL LOGIN TO DASHBOARD UI OF IBM STERLING B2B INTEGRATOR
IT41002
SECURITY VULNERABILITIES IN CKEDITOR EXISTS IN B2B API OF IBM STERLING B2B INTEGRATOR (CVSS 7.6)
IT39104 DBS HAS REPORTED STORED CROSS SITE SCRIPTING VULNERABILITY ON 6.0.3.3
IT39235 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT40841 ACCESS CONTROL VULNERABILITY EXISTS IN SFTP SERVER ADAPTER IN IBM STERLING B2B INTEGRATOR
IT41672 [DAS] SQL INJECTION SECURITY VULNERABILITY EXISTS IN EBICS UI OF IBM STERLING B2B INTEGRATOR (CVE-2022-22338 CVSS 6.3)
IT41689 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT41362 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42828 SECURITY VULNERABILITY IN GOOGLE GSON AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2022-25647 CVSS 7.7)
IT39127 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT41371 IBM STERLING B2B INTEGRATOR IS VULNERABLE TO DENIAL OF SERVICE DUE TO NETTY (CVE-2021-37136, CVE-2021-37137)

Regular Fixes

APAR Description
IT42216 OAUTH2_1.CLASS_NAME PROPERTY IN OAUTH2.PROPETIES GOT INCORRECT ABSOLUTE CLASS NAME
IT42353 SFTP CLIENT ADAPTER SESSIONS ARE NOT DISTRIBUTED ACROSS CLUSTER NODES
IT41822 REST API STILL DISPLAYS DELETED PERMISSIONS IF LISTED DIRECTLY VIA THE URL
IT41893 OAUTH2 ERROR - B2BMAIL ADAPTER FAILED TO GET AN ACCESS TOKEN JAVA.IO.IOEXCEPTION: SERVER RETURNED HTTP RESPONSE CODE: 401
IT42317 ORACLEPOOL.URL NOT READ FROM FROM THE CUSTOMER_OVERRIDES.PROPERTIES
IT39392 VALUE TOO LARGE FOR COLUMN ON ACT_SESSION.PRINCIPAL
IT39574 FILE GATEWAY IS GARBLED WHEN BROWSER PREFERRED LANGUAGE IS CHINESE
IT37315 CREATE PROPERTY API DOESN'T CREATE PROPERTY IN CUSTOM_PROPERTY TABLE
IT37845 BROWSER CACHE ISSUE WHILE LOGIN TO MYFG 2.0 UI
IT39345 EDIINTPARSE BP FAILS WITH FAILURE UNPACKAGING MESSAGE ERROR - CLASS: 0; SUBCLASS: 0; CODE: 0;
IT41706 GLOBAL MAILBOX - FILES UPLOADED TO ONE DC ARE NOT REPLICATED TO THE OTHER DC
IT41065 GLOBAL MAILBOX EVENT RULE ADAPTER DOES NOT RESPECT BATCH MODE AND INVOKES AS IMMEDIATE MODE LEADING TO SAME FILES TO BE PROCESSED TWICE
IT40662 FOR SFG ARRIVEDFILE EVENTS THE DATA FLOW HYPERLINK IS NOT AVAILABLE IN FILEGATEWAY WHEN CLICKING ON THE DATA FLOW LINK IN THE ARRIVED FILE SEARCH SCREEN

Fix Pack (V6.1.2.2)
Link Date Released Status
 Download
Note: This Fix Pack also contains APAR security and regular fixes from releases:

Security Fixes

APAR Description
IT42936 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42935 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43058 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42505 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT41109
THE SECURITY VULNERABILITIES IN APACHE SANTUARIO XML SECURITY AFFECT IBM STERLING B2B INTEGRATOR (CVE-2021-40690, CVE-2014-8152 CVSS 5.3)
IT42985 INFORMATION DISCLOSURE SECURITY VULNERABILITY EXISTS IN RESOURCE IMPORTER OF IBM STERLING B2B INTEGRATOR (CVE-2023-25682 CVSS 6.2)
IT43099
SECURITY VULNERABILITY IN DOJO TOOLKIT AFFECTS EBICS CLIENT UI OF IBM STERLING B2B INTEGRATOR (CVE-2020-23450 CVSS 9.8)
IT43055 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT39312 SECURITY VULNERABILITY IN APACHE XML SECURITY AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2021-40690 CVSS 5.3)
IT43051 CSRF SECURITY VULNERABILITY EXISTS IN ROSETTANET SEARCH IN DASHBOARD UI OF IBM STERLING B2B INTEGRATOR (CVE-2022-35638)
IT43057 SECURITY VULNERABILITY IN XSTREAM AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2022-41966 CVSS 8.2)
IT42806 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42896
SECURITY VULNERABILITIES IN SPRING SECURITY AFFECTS IBM STERLING B2B INTEGRATOR (CVE-2022-31692, CVE-2022-22978 CVSS 8.2)

Regular Fixes

APAR Description
IT42781 IN SI 6.1.2 AWS S3 GET SERVICE DOES NOT WORK FOR GETTING FILES MATCHING A PATTERN
IT42807 EVENT SCREEN ON MYFG2.0 DOESN'T FINISH LOADING
IT43081 XML DIGITAL SIGNATURE SERVICE HAS BEEN ENHANCED TO SUPPORT STAX DOCUMENT STREAMING IN SIGNING AND VERIFICATION OPERATIONS
IT43041 WSDL SERVICE IS FAILING AND UNABLE TO REDIRECTING TO HTTPS PORT
IT42383 DEVELOP MSSQL FRIENDLY DATASWEEPER TO CLEAN UP *_GUID TABLES
IT42827 OLD JARS IN THE <INSTALL_DIR>/PACKAGES DIRECTORY ARE NOT REMOVED
IT43030 UNABLE TO CATCH THE EXCEPTION FROM PGPUNPACKAGESERVICE IN ONFAULT
IT42726 PGP PACKAGE SERVICE SIGNS DOCUMENT ALSO IF "SIGNED BY THE PARTNER" SET TO NO

Fix Pack (V6.1.2.3)
Link Date Released Status
 Download
Note: This Fix Pack also contains APAR security and regular fixes from 6114 release.

Security Fixes

APAR Description
IT43555
VULNERABILITY IN THE APACHE JAMES MIME4J LIBRARY USED BY IBM WEBSPHERE APPLICATION SERVER LIBERTY WHEN THE FEATURE RESTFULWS-3.0 IS ENABLED (CVE-2022-45787 CVSS 5.5)
IT43678 SECURITY VULNERABILITIES IN SNAKEYAML AFFECT B2B API OF IBM STERLING B2B INTEGRATOR (CVE-2017-18640, CVE-2022-25857, CVE-2022-38749, CVE-2022-38750, CVE-2022-38751, CVE-2022-38752, CVE-2022-41854, CVE-2022-1471 CVSS 8.3)
IT43937 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43308 SECURITY VULNERABILITIES IN XSTREAM AFFECT IBM STERLING B2B INTEGRATOR (CVEID: CVE-2022-40151, 40152, 40153, 40154, 40155, 40156 CVSS 6.5)
IT43649 SECURITY VULNERABILITIES IN JETTISON AFFECT EBLICS CLIENT OF IBM STERLING B2B INTEGRATOR (CVE-2023-1436, CVSS 5.3)
IT43908 [ALL] APACHE COMMONS FILEUPLOAD (PUBLICLY DISCLOSED VULNERABILITY) (CVE-2023-24998 CVS 7.5)
IT43976 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT42806 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43090 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43549 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43522 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43941 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43508 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43138 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43972 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT43848 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)

Regular Fixes

APAR Description
IT43905 MORE CHINESE DASHBOARD UI IS GARBLED IN 6.1.2.1
IT39345 OBSERVED SLOWNESS IN AS2 WITH LARGE FILE
IT43438 CURRENT PROCESSES AND CENTRAL SEARCH PAGE IS NOT WORKING
IT43693 WITH NIST TRANSITION OR STRICT MODE ENABLED, SSH KNOWN HOST KEY ECDSA-SHA2-NISTP256 KEYS CANNOT BE ENABLED WITH DEFAULTSFTP=1.0
IT43692 WITH NIST TRANSITION OR STRICT MODE ENABLED, SSH KNOWN HOST KEY ECDSA-SHA2-NISTP256 FAILS TO BE CHECKED IN OR IMPORTED
IT43321 DELETE ROUTINGCHANNEL API RETURNS 400 RESPONSE, ROUTING CHANNEL IS DELETED
IT41328 QUERY ON FG_ROUTE TABLE DOES NOT USE BIND VARIABLES
IT43401 UTF-8 ENCODING FAILS WHILE RUNNING JSON TO XML TRANSFORMER SERVICE
IT43734 ERROR EXCEPTION DECRYPTING PASSPHRASE
IT43785 NOT ABLE TO SEND EMAIL FROM STERLING INTEGRATOR TO MS EXCHANGE ONLINE USING SMTP SEND ADAPTER
IT43735 SI 6.1.1 KEEP GETTING EXCEPTION DECRYPTING PASSPHRASE -JAVAX.CRYPTO.BADPADDINGEXCEPTION: GIVEN FINAL BLOCK NOT PROPERLY PADDED
IT43761 SCP OPTIONS DO NOT SHOW IN SFTP SERVER ADAPTER OF V6.1.2.2
IT43554 INTERMITTENT SSH HANDSHAKE FAILURES WITH B2BI AS CLIENT <MAVERICK JAR UPGRADE 1.7.51>
IT43689 EXTERNAL PURGE DB2 SQL ERROR: SQLCODE=-805, SQLSTATE=51002, SQLERRMC=NULLID.SYSLH203
IT44027 UNABLE TO EXPORT/IMPORT OFTP PROFILE IN A SYSTEM USING A DIFFERENT SYSTEM PASSPHRASE
IT42218 ROUTING CHANNEL FOR A GLOBAL MAILBOX PARTNER VIA THE ROUTING CHANNEL REST API WHEN A DC IS DOWN
IT41142 WHEN CREATING ROUTING CHANNELS (VIA RESTAPI) FOR A PRODUCER PARTNER WITH SUBMAILBOXES THE EVENT RULE IS GETTING CREATED FOR THE FIRST SUBMAILBOX ONLY AND NOT THE SUBSEQUENT SUBMAILBOXES, AND THE EVENT RULE LIST ONLY 1 MAILBOX
IT43250 REST API UPDATE TRADING PARTNER API000411 ERROR FOR GLOBAL MAILBOX LISTENING PRODUCER
IT43645 GM IMPORT UTILITY FAILS WITH JAVA.LANG.NOCLASSDEFFOUNDERROR: ORG.APACHE.COMMONS.COLLECTIONS.ARRAYSTACK
IT44610 IDOC META DATA BUILlDER IS LOOPING IN+C84 VERSION 6010201

Fix Pack (V6.1.2.5)
Link Date Released Status
 Download
Note: This Fix Pack also contains APAR security and regular fixes from releases:

Security Fixes

APAR Description
IT44322 SECURITY VULNERABILITY IN COMMONS-BCEL AFFECT IBM STERLING B2B INTEGRATOR (CVE-2022-42920 CVSS 9.8)
IT45063 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44862 SECURITY VULNERABILITY IN NETTY AFFECTS IBM STERLING B2B INTERGRATOR (CVE-2023-34462 CVSS 6.5)
IT44329 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT45062 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44198
[ALL] IBM WEBSPHERE MQ - CVE-2023-32342 (PUBLICLY DISCLOSED VULNERABILITY) ( CVSS 5.9)
IT40443 MISSING SAMESITE ATTRIBUTE IN THE COOKIE GENERATED BY DASHBOARD PAGES
IT43976 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44222 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44223 ADD BOUND TO THE LOOP CONDITION IN BASEUIGLOBALS.ESCAPESPECIFICCHARS FOR THE FINDINGS FROM CHECKMARX
IT44899 XSS SECURITY VULNERABILITY EXISTS IN THE UI OF IBM STERLING FILE GATEWAY (FROM DBS (CVE-2023-47714 CVSS 4.8)
IT44144 XSS SECURITY VULNERABILITY EXISTS IN THE DASHBOARD UI OF IBM STERLING B2B INTEGRATOR FROM DBS 
IT44091 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44092 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44415 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44287 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44317 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44304 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44312 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44284 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44311 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44283 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44078 ECLIPSE JETTY (PUBLICLY DISCLOSED VULNERABILITY) (CVSS 5.3)
IT43591 UPDATE ESAPI-JAR-LEGACY (CVSS 7.5)
IT44559 XSS SECURITY VULNERABILITY EXISTS IN THE DASHBOARD UI OF IBM STERLING B2B INTEGRATOR FROM DBS 
IT44182 UPDATE SNAPPY-JAVA IN B2B API (CVSS 7.5)
IT44452 NO WEB SECURITY HTTP RESPONSE HEADERS ARE RETURNED IN THE WEBAPP ON HTTP SERVER ADAPTER IN IBM STERLING B2B INTEGRATOR (CVE-2024-22355)
IT44185 UPDATE STRUTS FOR SECURITY VULNERABILITIES (CVSS 7.5)
IT45140 UPDATE JACKSON-DATABIND (CVSS 5.5)
IT43508 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)

Regular Fixes

APAR Description
IT44536 EXCESSIVE TX.LOG INFORMATION AFTER UPGRADING TO STERLING INTEGRATOR 6.1.2.3
IT44524 DISCEPERANCY IN LISTING USERS IN USER LISTS WHILE SELECTING USER FOR ROUTING RULE/BUSINESS PROCESS
IT44651 OFTP PHYSICAL PARTNER WHILE EDITING, AUTO-CONFIGURE PREVIOUSLY MANUALLY CHOSE CONFIGURATION BY CUSTOMER
IT44758 ROOT DOC SIZE SHOWS 0 BYTES FOR THE FILES UPLOADED FROM MYFILEGATEWAY IN SI VERSION 6.1.2.2
IT44593 GENERIC EDIFACT OUTBOUND UNH ENVELOPE REGRESSION
IT44446 GETTING "UNDEFINED" MESSAGES WHILE DELETING GROUP WHEN THAT GROUP IS USED IN RCT
IT44847 RETRIEVEERRORSETSUCCESS PARAMETER IN SFTP CLIENT GET SERVICE IS NOT TAKEN INTO ACCOUNT WITH SFTP2.0
IT44213 SFTP CLIENT GET NOT RETURNING THE DOCUMENT DOWNLOADED TO PRIMARYDOCUMENT WHEN TRANSFER MODE IS SET TO ASCII
IT44361 404 WHEN ACCESSING MYFILEGATEWAY WITH REBRANDING AFTER UPGRADING TO 6122
IT44443 NETMAP CORRUPTION WHEN SYNCING
IT44023 EBICS SERVER COF ORDERS ARE NOT VEU ENABLED
IT44939 EC / SERVICES INVESTIGATION - CDSA DB FAILUREOVER "OPTIMIZATION"
IT38789 CUSTOMER_OVERRIDES PROPERTIES IN CUSTOMIZATION-UI / DB ARE NOT DISPLAYED IN QUEUEWATCHER
IT44894 INCORRECT FILENAME WHILE DECRYPTING NATIVE PGP ENCRYPTED FILE
IT45025 EBICS SERVER - COF CANNOT BE CONFIGURED FOR CERTAIN FILE FORMATS WITH HF6
IT45010 EBICS CLIENT/SERVER - PROCESSING STILL CREATES 16BYTE FILE ON DISC AND LEFT OVER
IT44793 CHANGES DONE USING UPDATE SERVICE INSTANCE REST API DO NOT REFLECT IN THE UI
IT44787 EBICS SERVER - CANNOT VIEW EBICS REQUEST FROM SFG UI WHEN THE BROWSER IS CONFIGURED WITH SPANISH LANGUAGE
IT44626 SAP RFC XML SCHEMA BUILDER DOESN'T WORK IN SI 6123
IT44974 NOT ABLE TO INSTALL PS IN WIN 2K22
IT44619 CHANGE URI IN DOCUMENTION FOR SFG FILEGATEWAY_UI.PROPERTIES
IT44618 SFTP CLIENT ERROR IN SERVICE SFTPCLIENTENDSESSION (NULLPOINTEREXCEPTION) SINCE UPGRADE TO B2BI 6114
IT44753 ROSSETTANET MESSAGE PARSER SERVICE ERROR OUT WITH "COM.TRUSTPOINT.ASN.ASNEXCEPTION: CANNOT FIND CLASS NAME FOR OID: OID 1.2.840.113549.1.9.52"
IT44830 REWORK FIX TO REST API TO NOT GET PERMISSIONS DELETED THROUGH DASHBOARD
IT44755 UNABLE TO DECRYPT SIGNED FILE THROUGH OFTP2 IN 6123
IT44754 XMLJSONTRANSFORMER 6.1.2.3: UNABLE TO ACCESS OR VERIFY MANDATORY SERVICE PARAMETER
IT44247 EBICS SERVER: OOM WHEN PROCESSING HVZ AND HVU EBICS REQUEST
IT44927 INCORRECT FILENAME WHILE DECRYPTING NATIVE PGP ENCRYPTED FILE
IT44566 ERROR IN CHECKOUT SSH USERIDENTITYKEY AFTER USING CHANGESYSTEMPASSPHRASE.SH IN SI 6120
IT44521 APAR IT33167 IS NOT PRESENT IN 6.1.2.3 RELEASE
IT44356 CANNOT EDIT CODES AFTER SORTING CODELIST BY SENDER CODE/RECEIVER CODE IN SI V6.1.2.3
IT45011 EBICS SERVER - HAC PROCESS DOES NOT RETURN ANY EVENTS
IT44801 AS2 PROTOCOL: CANNOT FIND A CLASS THAT CORRESPONDS TO OID 1.2.840.113549.1.1.10
IT45083 EBICS SERVER - CASCADE DELETE NOT WORKING FOR COF ORDER
IT43985 LOCAL_QUORUM ERROR AND FILE TRANSFERS ARE FAILING
IT44494 PAYLOADPURGE NOT DELETING FILES ON FILESYSTEM ON HORIZON DC
IT44417 HEALTHCHECK TAKES TOO LONG TO PERFORM SHUTTING DOWN CONNECTION TO DC'S
IT45164 LIVENESS PROBE FAILED: STARTING LIVENESS PROBE FOR API - LIBERTY SERVER IS NOT UP
IT45162 EBICS CLIENT LINDE CONNECTIVITY ISSUE FOR HEV
IT45234 EBICS 3.0 NEW CUSTOM BTF SERVICE FAILS
IT45119 GLOBAL MAILBOX HEALTHCHECK MESSAGE GETTING EXPIRED AFTER DEFAULT NUMBER OF DAYS AND LEADING TO HEALTHCHECK FAILURE
IT45118 EBICS SERVER - HKD ORDER TYPE ERROR FOR H003 AND H004 NOT WORKING WITH HF6
IT44045 EBICS SERVER - HPB FAILING FOR CLIENT IN PROD BECAUSE OF FILE FORMAT
IT45284 UPGRADE TO 6.1.2.2 OR 6.1.2.3, OR INSTALL A FRESH COPY OF 6.1.2.X, THERE ARE 2 CDJAVA.JAR FILES IN DYNAMICCLASSPATH.CFG, THE OLDEST JAR SHOULD BE REMOVED

iFix Pack (V6.1.2.5_1)
Link Date Released Status
 Download
Security Fixes
APAR Description
IT46478 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)

Fix Pack (V6.1.2.6)
Link Date Released Status
 Download

Security Fixes

APAR Description
IT45059 SECURITY VULNERABILITIES FOUND IN PENETRATION TESTING: TRACK SQL INJECTION
IT46388 STORED XSS IN SSH REMOTE PROFILE CREATION UI
IT46193 NAB FINDING 129290-3 - THE IBM STERLING INTEGRATOR ADMIN WEB APPLICATION IS VULNERABLE TO STORED CROSS-SITE SCRIPTING (XSS) IN THE CREATION OF A NEW PGP SECRET KEY
IT45045 PERSISTENT XSS SECURITY VULNERABILITIES FOUND IN PENETRATION TESTING
IT46767 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46083 STORED XSS SECURITY VULNERABILITY EXISTS IN STERLING INTEGRATOR IN DEPLOYEMENT -->MAILBOXES --> MESSAGES USING THE RENAME SFTP COMMAND - WITH MAVERICK SFTP SERVER
IT45197 3RD PARTY: H1-2283533: 'STORED CROSS-SITE SCRIPTING IN IBM STERLING FILE GATEWAY USING THE RENAME SFTP COMMAND'
IT46849 UPGRADE APACHE AXIS (CVSS 9.8)
IT46567 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46832 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46707 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46464 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT45994 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46060 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46966 UPDATE IBM LIBERTY SERVER (CVSS 5.3)
IT46967 UPDATE LIBERTY (CVSS 7.5)
IT43937 UPGRADE COMMONS NET JAR IN WMQFTE_CORE_BUNDLE_9_2_0_7.JAR (CVSS 6.5)
IT46103 STORED XSS ON QUEUEWATCHER UI (VIEW STATELESS ADAPTERS) - FSA ADAPTER
IT46748 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44322 SECURITY VULNERABILITY IN APACHE XALAN AFFECTS IBM STERLING B2B INTEGRATOR (CVSS 7.3)
IT46036 UPDATE APACHE COMMONS COMPRESS (CVSS 5.5)
IT46268 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46478 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT45450 UPDATE APACHE SANTUARIO (CVSS 6.5)
IT45485 UPDATE JSON-JAVA (CVSS 7.5)
IT45690 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT45722 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46458 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46965 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46254 UPDATE MQ (CVSS 7.5)
IT46964 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT45521 UPDATE MAVERICK SERVER AND CLIENT FOR A HIGH-RISK SECURITY VULNERABILITY
IT45233 UPDATE SPRING BOOT (CVSS 5.3)
IT46084 STORED XSS SECURITY VULNERABILITY EXISTS IN STERLING INTEGRATOR IN DEPLOYEMENT -->MAILBOXES --> MESSAGES USING THE RENAME SFTP COMMAND - ISSUE WITH APACHE 20 SERVER
IT46100 STORED XSS SECURITY VULNERABILITY EXISTS IN STERLING INTEGRATOR IN DEPLOYEMENT -->MAILBOXES --> MESSAGES USING THE RENAME FTP COMMAND
IT44109 XSS SECURITY VULNERABILITY EXISTS IN DASHBOARD UI OF IBM STERLING B2B INTEGRATOR FROM CHECKMARX SCAN (CVSS 4.6)
IT44314 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44081 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44440 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT44303 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT45596 USERID (CLEAR TEXT) AND DLSSO TOKEN (BASE64 ENCODED) BEING VISIBLE AND UNENCRYPTED IN THE URL OF BROWSER ADDRESS LINE WHEN CLICKING "LAUNCH CUSTOMIZATION ADMINISTRATION UI" IN DASHBOARD
IT46252 NAB F129290-12-CROSS-SITE SCRIPTING (XSS)"TRADING PARTNER – SSH – AUTHORIZED USER KEY"
IT46739 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT45244 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46955 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46396 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46931 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT45620 UPDATE JSON-JAVA IN MEG JARS (CVSS 7.5)
IT46798 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46353 UPDATE BOUNCY CASTLE (CVSS 7.5)
IT45204 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT47147 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT45140 UPDATE JACKSON-DATABIND (CVSS 5.5)
IT46045 SECURITY VULNERABILITY IN APACHE MINA SSHD AFFECTS IBM STERLING B2B INTEGRATOR (CVSS 6.5)
IT47206 UPDATE NETTY (CVSS 5.3)
IT47207 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT47204 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT47205 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT45623 ADD AUTHORIZATION TO MYFG 2.0
IT46195 DESCRIPTION IS NOT AVAILABLE (SECURITY/INTEGRITY ISSUE)
IT46983 UPDATE JETTY (CVSS 5.3)
IT46710 IBM STERLING B2B INTEGRATOR IS AFFECTED BY MULTIPLE VULNERABILITIES IN CKEDITOR

Regular Fixes

APAR Description
IT45445 ERROR UPDATING AS2 RELATIONSHIP VIA REST API
IT45320 REQUEST FOR CORRECTIONS TO MYFILEGATEWAY PHRASING FOR THE NORWEGIAN LANGUAGE
IT45170 REST API CLIENT FOR DELETE OPERATION RETURNS HTTP 405 METHOD NOT ALLOWED
IT46128 STERLING SFTP SERVER ADAPTER IS NOT ALLOWING TO CREATE DIRECTORY (MKDIR) WITH ABSOLUTE PATH AFTER RUNNING IS COMMAND
IT45932 ERRORS REPORTED IN FTPCLIENT.LOG WHEN DOING A FTP LIST
IT45709 STORED CROSS SITE SCRIPTING
IT45066 JCE_DIST_FILE PARAMETER PRESENT IN UPGRADED SI 6.1.2.1 AND ABOVE
IT46851 IMPROPER SERVER VALIDATION ON EMAIL FIELD
IT45190 UNABLE TO GENERATE GRAPHICAL TRAFFIC SUMMARY REPORT AFTER UPGRADE
IT45808 UPGRADE FROM 6114 TO 6125 FAILS WHEN FIPS MODE IN ENABLED
IT45934 MAILBOX MESSAGE CAN'T BE VIEWED THROUGH UI WHEN MESSAGENAME IS SHORTER THAN 3 CHARATERS
IT46775 GLOBAL MAILBOX EVENT RULES DISAPPEARING
IT45201 WORKFLOWMONITOR APIS FAILING WHEN MULTIPLE API PODS EXIST IN OCP ENV
IT45464 COM.IBM.JSSE2.RENEGOTIATE=DISABLED DOES NOT DISABLE SSL RENEGOTIATION    
IT46318 XMLTOJSONTRANFORMER ERRORS AFTER UPGRADE TO 6.2.0.1        
IT45749 UPDATES TO SPEC2000 ATA STANDARDS
IT46504 CMS SERVICE FAILING TO VERIFY SIGNATURE WITH ERROR: CANNOT FIND CLASS NAME FOR OID: OID 1.2.840.113549.1.9.52
IT46453 STERLING B2B INTEGRATOR DOESN'T START AFTER THE UPGRADE TO 6.1.2.5 ON WINDOWS 2022    
IT45313 SOA OUTBOUND MESSAGE CREATION TAKES A SIGNIFICANTLY LONG TIME    
IT45310 6.1.2.3 FAILED_DELETE_LOG CONTAINS ENTRIES FOR ALREADY DELETED FILES  
IT45315 PASSWORD FIELD FOR CREATING AND UPDATING AS2 PARTNERS USING THE API B2BAPIS/SVC/AS2TRADINGPARTNERS/ IS NOT MASKED
IT45754 UNABLE TO STOP EXTERNAL PURGE    
IT45718 CHECKOUT OF AUTHORISED USER KEY NOT GENERATING THE KEY IN OPENSSH FORMAT WHEN DEFAULTSFTP IS SET TO 2.0    
IT45873 PROPERTY *.FORCEREMOTEDNS=TRUE NOT HONOURED IN SSHKEYGRABBER WITH REMOTE PERIMETER SERVER AND DEFAULTSFTP=2.0    
IT45115 OPTION "USE IMPLICIT SSL" IN SFG PARTNER PROTOCOL DOES NOT RETAIN THE NON-DEFAULT "YES" SETTING
IT45610 DELETE OPERATION ON /B2BAPIS/SVC/WORKFLOWS NOT WORKING CORRECTLY
IT46389 PROFILE IMPORTS FAIL DUE PGP FIELD IS REQUIRED EVEN THOUGH PROFILE DOESN'T USE PGP
IT45770 UI PERFORMANCE ISSUES CD NODES/XREF
IT45447 NATIVE PGP ENCRYPTION OVER TEXTMODE
IT45311 WEBSPHEREMQ SUITE ASYNC RECEIVE ADAPTER - INCONSISTENT STATUS AFTER DEPLOYMENT
IT45462 SSHKEYGRABBER - JAVA.LANG.NULLPOINTEREXCEPTION USING REMOTE PS ON 6.1.2.3
IT45901 UPGRADE TO 6.1.2.4 (OLD MEDIA) THROWS ERROR "[TEMPLATEDEPLOYER.WORK()] ERROR OCCURED DEPLOYING TEMPLATE: ...."    
IT46134 CAN'T LIST THE UPLOAD/DOWNLOAD FILES MENU IN MYFILEGATEWAY 2.0
IT45898 PROPERTY FOR ENABLE OR DISABLE CASE SENSITIVITY IN SFTP CLIENT LIST SERVICE IN A FUTURE FIX PACK
IT45178 FAILURES DURING SFTP PUT SERVICE ARE NOT SHOWN ON THE COMMUNICATION SESSION DETAILS SCREEN
IT45655 6124 DUMMY IFIX INSTALLATION IS FAILING ON RHL AND WINDOWS
IT46465 SSHD CLIENT CAUSING MEMORY LEAK IN 6122
IT46568 "KB DEBUG NEW CODE IN PLACE" IN EXTPURGE_EXE.LOG
IT46466 PGP UNPACKAGE SERVICE CORRUPTING DOCUMENT NAME    
IT44592 B2BI UPGRADE UPDATES THE DOCUMENT STORAGE OF BUSINESS PROCESSES
IT45663 PURGE PROCESS NOT PURGING ALL THE FILES ON FILESYSTEM
IT46328 ADMIN AUDIT REPORTS SHOW WRONG USER AROUND CERTIFICATES, CONTRACTS, AND BP    
IT46467 ENTRY IN CUSTOMER_OVERRIDES NOT USED FOR CHECK_EXPIRE_DAYS    
IT45840 ASI, AC, AND API PODS TAKING LONGER TIME TO STARTUP IN V6.1.2.3    
IT45461 EDIINTPARSE BP FAILS WITH FAILURE UNPACKAGING MESSAGE ERROR - CLASS: 0; SUBCLASS: 0; CODE: 0
IT45200 PRODUCTION, PEM/PCM 504 GATEWAY TIMEOUT WHEN CONNECTING TO B2BI REST APIS IN OCP ENVIRONMENT
IT46177 RUNNING WORKFLOW LAUNCHER CREATES A NEW SYSTEM.LOG FOR EVERY EXECUTION    
IT45827 AVAILABLE CYPHERS ARE DIFFERNT IN UI AND WITH RESTAPI    
IT46773 ISSUE WITH SFTP DELETE SERVICE ON WINDOWS SERVER WITH SOLAR WINDS SFTP_SERVER    
IT45459 WEBSPHERE MQ SUITE ASYNC RECEIVE ADAPTERS DO NOT START UP AFTER RESTART    
IT46805 B2B MAIL CLIENT ADAPTER VERY SLOW TO RETRIEVE MESSAGES    
IT46506 IN B2BI 6.1.2.1 THE APPLICATION REPORTS THE SFTP 2.0 LOGIN METHOD AS 'PASSWORD' EVEN WHEN THE USER LOGS IN USING A PUBLIC KEY.
IT46449 ERRORS IN THE PERIMETER.LOG AND THE SYSTEM.LOG, BUT THE CAUSE IS UNCLEAR
IT45173 UNABLE TO VIEW FULL LIST OF PREFERRED MAC ALGO LISTS IN RESTAPI    
IT46778 USING MULTIPLE PARAMETERS IN LDAP SEARCH_FILTER    
IT46410 AFTER UPGRADE TO 6.0.3.9, NEED A WAY TO SPECIFY A CONTENT SECURITY POLICY
IT45569 EXCESSIVE LOGGING IN MAVERICK3SP.LOG AFTER UPGRADING TO 6.1.2.2    
IT44193 HEALTHCHECKUTILITY.SH RECEIVE SEVERE: ERROR WHILE CALLING WATCHER. JAVA.LANG.NULLPOINTEREXCEPTION
IT46378 H005 ORDER TYPES ARE NOT DISPLAYED CORRECTLY WHEN CREATING A NEW OFFER    
IT45672 NEED SYNTAX FOR OPSCMD SETTUNINGPARAMS    
IT46944 SUPPORT OBJECT EXPORT WITHOUT DEPENDENCIES
IT46983 EBICS CLIENT URL THROWS 503 SERVICE UNAVAILABLE

[{"Line of Business":{"code":"LOB59","label":"Sustainability Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"ARM Category":[{"code":"a8m50000000CjqAAAS","label":"Sterling File Gateway"}],"Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"6.1.0"}]

Document Information

Modified date:
29 November 2024

UID

ibm16335211