Question & Answer
Question
What APARs and security vulnerabilities were fixed in interim fix (patch) levels for IBM Spectrum Protect server Version 7.1.13?
Answer
Beginning with Version 7.1.3, IBM Tivoli Storage Manager is now IBM Spectrum Protect. Some applications such as the software fulfillment systems and IBM License Metric Tool use the new product name. However, the software and its product documentation continue to use the Tivoli Storage Manager product name. To learn more about the rebranding transition, see technote 534193.
This table lists APARs and security vulnerabilities addressed in interim fix levels for IBM Spectrum Protect V7.1.13 server users. For a list of APARs that were resolved in Fix Pack 7.1.13.000, see technote 515761.
Find the latest IBM Spectrum Protect downloads by going to Fixes by Version.
Tip: In the following list, Rel represents the release number in which the issue was detected. In some cases, the operating system is identified (A = AIX, L = Linux®, S = Solaris, H = HP-UX, and W = Windows). For example, 71L denotes V7.1 running on a Linux operating system.
Security vulnerabilities fixed in level 7.1.13.200
APARs fixed in level 7.1.13.100
Security vulnerabilities fixed in level 7.1.13.100
APARs fixed in level 7.1.13.200
APAR
|
Operating System/Release of Reported Issue
(APAR, CompId, Rel) |
Abstract
|
IT36437 | IT36437 5698ISMSV 81A | IMPORTED DATA MAY FAIL TO RESTORE WITH ANR9999D_3632385001 " |
IT36693 | IT36693 5698ISMSV 71L | IBM SPECTRUM PROTECT SERVER MAY CRASH DURING DATABASE RESTOR |
Security vulnerabilities fixed in level 7.1.13.200
Security vulnerability
|
Abstract
|
CVE-2020-5024, CVE-2020-5025, CVE-2020-4976 | The IBM Spectrum Protect Server is affected by IBM Db2 vulnerabilities such as denial of service, buffer overflow, and weak file permissions. |
APAR
|
Operating System/Release of Reported Issue
(APAR, CompId, Rel) |
Abstract
|
IT35814 | IT35814 5698ISMSV 81A | DATABASE RESTORE OPERATION WITH RESTOREKEYS=YES/ONLY MAY FAI |
IT35858 | IT35858 5698ISMSV 81W | IBM SPECTRUM PROTECT SERVER DOES NOT PROMPT FOR A PASSWORD D |
Security vulnerabilities fixed in level 7.1.13.100
Security vulnerability
|
Abstract
|
CVE-2020-14782 | An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact. |
CVE-2020-27221 | Eclipse OpenJ9 is vulnerable to a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding. |
Was this topic helpful?
Document Information
Modified date:
08 June 2021
UID
ibm16410576