Update packages for DataPower Gateway version 10.0.x.x

Download

Downloadable File

File link	File size	File description

Abstract

Lists of fixes in the update packages for the IBM DataPower Gateway version 10.0.x.x continuous delivery (CD) stream. The CD stream is different from the 10.0.1.x long-term support (LTS) release stream.

Download Description

Update packages are located in Fix Central, Passport Advantage, or the Container Registry.

In IBM Documentation, you can find information about new features, changed features, restrictions and limitations. See the following topics for information.

ATTENTION
The internal representation of the authorization code changed in version 10.0.4 and does not work with earlier DataPower firmware versions. If a gateway peering instance of the API security token service is configured to persist data across a restart, you must upgrade all member in the peer group to version 10.0.4.

For integration with API Connect 10.0.x.x, the DataPower Gateway and API Connect releases must be within one update package of each other. For example, API Connect 10.0.n runs with DataPower Gateway 10.0.n, 10.0.n-1, or 10.0.n+1.

Important

Before you install any package, review DataPower® Knowledge Collection on firmware updates.
For more information about how to download DataPower® packages, see Fix download method.
- To download from Fix Central, go to the Fix Central.
- To download from Passport Advantage, go to the Passport Advantage Online for customers.

10.0.4sr3 This image is a security refresh
10.0.4sr2 This image is a security refresh
10.0.4sr1 This image is a security refresh
10.0.4
10.0.3
10.0.2 This update package includes all APARs in version 10.0.1.2

10.0.4sr3

Release date: 29 March 2023
Last modified: 29 March 2023
Status: Available

APAR	Description
IT41936	APIC API COLLECTIONS MIGHT BE MISSING WHEN AN API IS PUBLISHED WITH UNDEFINED UDP OR OTHER USER ERRORS
IT42166	IF AN ERROR IS DETECTED IN A PLAN, THE PLAN SHOULD BE DISABLED. PREVIOUSLY THE WHOLE CATALOG WAS DISABLED.
IT42249	SECURITY FIX FOR JRE (CVE-2022-21626)
IT42510	DATAPOWER GATEWAY MIGHT RESTART IF XML MANAGEMENT INTERFACE IS ENABLED WHILE APIC GATEWAY SERVICE IS PENDING
IT42543	POTENTIAL REQUEST SMUGGLING VULNERABILITY (CVE-2022-35256)
IT42556	IBM DATAPOWER GATEWAY FLAW IN UDP SOURCE-PORT RANDOMIZATION (CVE-2020-25705)
IT42742	DATAPOWER STATUS PROVIDER MIGHT BECOME STUCK SHOWING INCORRECT CPU USAGE VALUE
IT43160	UPDATE OPENSSL LIBRARY TO ADDRESS MULTIPLE CVES.
IT43161	TLS PROFILES MIGHT FAIL TO SET TLSV1.3 CIPHERS IN SOME CASES.
IT43439	ADDRESS VULNERABILITY IN NODE.JS REPORTED IN CVE-2022-43548.
IT43440	MISSING SECURE ATTRIBUTE IN ENCRYPTED SESSION COOKIE.
IT43441	DEFAULT CIPHER CONFIGURATION MIGHT NOT PROVIDE PERFECT FORWARD SECRECY.

10.0.4sr2

Release date: 26 October 2022
Last modified: 23 January 2023
Status: Available

APAR	Description
IT39160	DATAPOWER MIGHT UNEXPECTEDLY RESTART WHILE COLLECTING A PACKET CAPTURE
IT39534	DATAPOWER MIGHT RESTART WHEN REMOVING AN OBJECT FROM THE API RATELIMIT CACHE
IT39989	DATAPOWER MIGHT RESTART WHEN AN API HAS LARGE NAMES FOR THE PATH, API, OR OTHER COMPONENT
IT40045	APIC-GW-SERVICE CAN LOSE CONFIG IN STARTUP CONFIG IF CONFIG SEQUENCE MODIFIES GWD AND USER LATER SAVES
IT41319	DATAPOWER MIGHT RESTART AFTER 2 BILLION MESSAGES ARE LOGGED OVER SYSLOG-TCP
IT41350	MTOM ROOT PART BODY TRUNCATED IF INVOKES CHUNKED-UPLOADS SET TO FALSE
IT41552	DATAPOWER MIGHT RESTART WHEN DPOD CONFIGURES DEVICE DURING BOOTUP
IT41574	DUPLICATE OAUTH OBJECTS IN CFG CAUSES SLOW PROCESSING OF CATALOG EVENTS
IT41776	UPDATE DATAPOWER SECURE GATEWAY CLIENT TO 1.8.8FP1 AND NODE 14.20.0
IT41786	APIC UNCAUGHT EXCEPTION IN GATEWAY DIRECTOR WHEN WEBHOOK NOT SET
IT41896	API COLLECTION CONFIG CREATED AND CONFIGURED BUT IT IS NOT ADDED TO GATEWAY CONFIG
IT42101	ON PASSWORD CHANGE, OTHER SESSIONS ARE NOT INVALIDATED (CVE-2022-40228)
IT42104	DATAPOWER MIGHT RESTART DURING KERBEROS PROTOCOL TRANSITION
IT42162	DATAPOWER GATEWAY MIGHT RESTART IF APIC RESTORE INCLUDES A VERY LARGE NUMBER OF FILES
IT42231	SECURITY UPDATE TO NODE.JS
IT42300	POTENTIAL CSRF VULNERABILITY IN WEB UI (CVE-2022-31773)

10.0.4sr1

Release date: 30 March 2022
Last modified: 23 January 2023
Status: Available

APAR	Description
IT39289	API GATEWAY - API COLLECTION MISSING AFTER RESTART OF THE GATEWAY
IT39436	WHEN USING A APIC GATEWAY EXTENSIONS, ON RESTART THE GATEWAY MIGHT NOT PROPERLY CONFIGURE USER DEFINED POLICIES
IT39513	ASSEMBLY OPERATION SWITCH CAUSES MEMORY LEAK
IT39660	WHEN PRIMARY GATEWAY GOES DOWN, GWD NODE.JS PROCESS ENCOUNTERS UNHANDLED REJECTION AND RESTARTS ON OTHER GATEWAYS
IT39661	IF API CONNECT PRIMARY GATEWAY IS RESTARTED SOME CATALOGS ON A SECONDARY GATEWAY MIGHT BECOME UNUSABLE
IT39669	API GATEWAY - PEER CLEAN UP CAN CAUSE WEBAPI INIT CHECK TO FAIL AFTER A RELOAD
IT39994	DATAPOWER GATEWAY POTENTIALLY VULNERABLE TO DOS (CVE-2022-22356, CVE-2022-22355)
IT40053	IDG MEMORY GROWTH WHEN USING OAUTH AND API KEY FOR SECURITY
IT40215	WHEN A DUPLICATE CATALOG SNAPSHOT IS RECEIVED FROM API MANAGER AFTER DRR IS INITIATED, API CONNECT GATEWAY SERVICE MIGHT NOT CREATE THE CATALOG
IT40243	CLIENT SECURITY POLICY MAY NOT DETECT INVALID SUBSCRIPTION
IT40259	DURING DRR, API CONNECT GATEWAY SERVICE MIGHT NOT PROPERLY REMOVE CATALOG SNAPSHOT DATA FROM GATEWAY PEERING DATABASE
IT40373	POTENTIAL MODULE RESOLUTION ERROR IN GO IN DATAPOWER OPERATOR (CONTAINER ONLY)
IT40374	ADDRESS PROTOTYPE POLLUTION FLAW IN DOJO (CVE-2021-23450)
IT40380	POTENTIAL REDOS FLAW (PRISMA-2021-0169)
IT40393	POTENTIAL FLAW IN GO IN DATAPOWER OPERATOR (CVE-2021-44716, CVE-2021-44717)
IT40394	POTENTIAL FLAWS IN NODE (CVE-2021-44532, CVE-2021-44531, CVE-2021-44533)
IT40487	HEAP OVERFLOW IN ICU - DFDL (CVE-2020-10531, CVE-2014-8147, CVE-2014-8146, CVE-2017-14952)

10.0.4

Release date: 13 December 2021
Last modified: 13 December 2021
Status: Available

APAR	Description
IT35948	APIC GATEWAY DIRECTOR TLS CLIENT USING SNI WHEN NOT CONFIGURED TO USE SNI
IT36675	INVALID JSON SYNTAX ERROR MIGHT OCCUR WHEN DATAPOWER GATEWAY POD IS DELETED
IT36680	ENDPOINT REWRITE POLICY WAS NOT SHOWED CORRECTLY IN WEBGUI AFTER WSP IMPORT
IT36703	DATAPOWER AMQP CONNECTIONS ARE NOT BEING TORN DOWN
IT36736	DATAPOWER MIGHT RELOAD UNEXPECTEDLY WHEN MAKING AN MQGET CALL
IT36786	DATAPOWER MAY WATCHDOG RELOAD WHILE STARTING UP AFTER A RELOAD
IT36859	DATAPOWER MIGHT RESTART IF THE STYLEPOLICY CONFIGURATION IS CHANGED WHILE TRAFFIC IS USING THAT POLICY
IT37053	DATAPOWER SQL TRACING FAILS TO CREATE ANY LOGS
IT37093	DATAPOWER WTX INTERNAL ERROR. UNEXPECTED MAPPING ERROR. 200 AFTER UPGRADING TO 10.0.1.0
IT37200	:PORT FORMAT FROM THE SSH CLIENT KNOWN HOST TABLES
IT37244	RATELIMIT MODULE CONCURRENT POLICY WORKS UNEXPECTEDLY ON API GATEWAY
IT37281	SESSION.APIGATEWAY IS NOT RETURNING THE GATEWAY NAME
IT37332	MAP POLICY DOES NOT PROPERLY RESOLVE MAP VARIABLE REFERENCE WITH ESCAPED PERIODS.
IT37334	GUI BANNER SHOWS UNSAVED CHANGES WHEN SHOW NTP-SERVICE COMMAND USED
IT37348	DATAPOWER MAY RELOAD DUE TO A HANG ON AN MQ SESSION
IT37354	DATAPOWER XML SCHEMA CANNOT VALIDATE ... TYPE=XS:DOUBLE FIXED=NAN ... CORRECTLY
IT37362	APIC GATEWAY SERVICE CONFIG SEQUENCE HANGS DUE TO ASSEMBLY INVOKE ACTION
IT37388	DATAPOWER MIGHT RESTART AFTER MIGRATION TO MQ V9+ OBJECTS
IT37474	USING QUERY PARAM IN AUTHURL CAUSES ERROR
IT37506	DATAPOWER MAY RESTART AFTER PROCESSING 4 BILLION LOG TARGET MESSAGES VIA SYSLOG-TCP OR NFS
IT37513	CALLING THE XSLT EXTENSION FUNCTION DP:FREEZE-HEADERS IN AN ASYNCHRONOUS ACTION MIGHT RESTART THE DEVICE
IT37536	CLIENT.THIRD_PARTY.RESPONSE.USER CONTEXT VARIABLE RETURNS NULL WHEN USING LDAP SECURITY DEFINITION ON API CALL
IT37552	EXTENSION DRR FLAG NOT CLEARED ON DRRS WHERE GATEWAYEXTENSIONDEPLOYER HAS ALREADY COMPLETED INIT
IT37575	ADD SUPPORT OF MULTIPART/FORM-DATA CONTENT TYPE FOR REQUEST IN API GATEWAY
IT37601	DATAPOWER RESTART WHEN RUNNING TLS-LOG-CLIENT-RANDOM
IT37603	DATAPOWER UI GENERATED ERRONEOUS CLI ERRORS WHEN EDITING RATE LIMIT CONFIGURATION
IT37616	GATEWAYSCRIPT MIGHT HAVE INCORRECT RESULT WITH THE BUFFER.SLICE() FUNCTION
IT37636	THE DIAG FUNCTION, SET-GATEWAYSCRIPT-CACHE DISABLE/ENABLE, MIGHT CAUSE GATEWAYSCRIPT ERRORS
IT37653	APIC PARAMETER INPUT CHECKING TO RESTRICT UNUSABLE CONFIGURATIONS
IT37666	ADD OPTION TO SPECIFY XML MANAGER FOR API GATEWAY GATEWAYSCRIPT MULTISTEP CALLRULE FUNCTION
IT37691	DATAPOWER MIGHT RESTART UNEXPECTEDLY WHEN AN API HAS UNUSUALLY LARGE NAMES FOR THE PATH, API, COMPONENT ETC.
IT37706	SSL CONFIGURATION MAY NOT BE USED IF USING SNI PROFILE
IT37722	APPLICATION.CERTIFICATE CONTEXT VARIABLE RETURNS NULL FOR KEYVALUE ATTRIBUTE
IT37750	APIC ASSEMBLY RATE LIMIT ACTION SHOULD DETECT INVALID CONFIGURATION
IT37766	API CONNECT OPENAPI V3.0 SUPPORT FOR API SYNTAX CHECKING
IT37770	REQUESTS TIME OUT WHEN SENDING DATA LARGER THAN 1 MB BYTES
IT37779	DATAPOWER POST-LOGIN BANNER DOES NOT WORK FOR WEBGUI
IT37782	API CONNECT GATEWAY URLOPEN CALL IN GATEWAYSCRIPT DOES NOT RECOGNIZE THE DEFAULT TLS PROFILE NAME
IT37826	API CONNECT GATEWAY SERVICE RETURNS DIFFERENT VALUE FOR THE CLIENT.APP.SECRET COMPARED TO APIM V5
IT37855	APIC REDACT 1.5.0 POLICY ISSUES
IT37856	UPDATE OPEN-VM-TOOLS TO ADDRESS SEVERAL CVE
IT37923	ASSEMBLY CONTEXT VARIABLE PLAN.RATE.LIMIT FORMAT DOES NOT MATCH V5 OUTPUT
IT37924	APIC GATEWAY CONTEXT.MESSAGE.BODY.READASBUFFER RETURNING INCORRECT DATA
IT37925	ADDRESS CVE-2021-32803 IN NODE-TAR
IT37929	ADDRESS CVE-2021-22918 IN NODE
IT37931	FOR THE APIC GATEWAY SERVICE DOCUMENT CACHE FUNCTION WAS TURNED OFF BY DEFAULT
IT37935	ADDRESS SEVERAL CVES IN KERBEROS
IT37936	API INVOKE AND PROXY 1.5.0 POLICY FAILS WITH PARSE ERROR ON LARGE RESPONSES
IT37949	ADDRESS FALSE-POSITIVE VULNERABILITY FINDINGS REPORTED BY SCAN UTILITIES
IT37950	ADD HEADER TIMEOUT PARAMETER TO ADDRESS CVE-2020-4994
IT37962	SQL DATA SOURCE GOES INTO PENDING STATE AFTER BEING DISABLED
IT37967	IMPROVE GATEWAY EXTENSION CLEAN UP LOGIC
IT37975	APIC GATEWAY SERVICE TRANSACTION TIMEOUT IS NOT ENFORCED CVE-2021-38872
IT37976	APIC V5C PRODUCT AFTER REPLACE WILL NOT BE UPDATED CORRECTLY
IT37984	APIC INVOKE ACTION REQUEST HEADERS IN THE API PROBE DATA MIGHT BE NOT CORRECT
IT37992	USING MUTUAL TLS IN AN API DEFINITION RESULTS IN MEMORY LEAK
IT37993	DATAPOWER MIGHT RESTART WHEN UPGRADING GATEWAY PEERING MEMBER UNDER LOAD
IT37994	APIC GATEWAY SERVICE USING INVOKE ACTION MIGHT RESTART WITH HTTP/2 WHEN INJECT PROXY HEADERS IS SELECTED
IT38005	RBM APPLY-CLI OPTION MAY CAUSE SCHEMA FAILURES SSH CLIENT PROFILES
IT38026	APIC GATEWAY SERVICE SHOULD ALLOW SPACES IN PROPERTY NAMES
IT38071	CUSTOMER MAY RECEIVE AN ERROR MESSAGE INDICATING THAT THE SWITCH_1.5.0-INTERNAL FUNCTION IS NOT VALID
IT38072	TIMING ISSUE WITH CONCURRENT PROCESSING OF WEBHOOK REFRESH CAUSES DELETION OF ENTIRE CATALOG
IT38088	UPDATE JRE TO ADDRESS CVE-2021-2341
IT38089	MITIGATE CVE-2021-3712 FOR PROCESSING ASN.1 IN TLS
IT38095	DATAPOWER TLS CAN FAIL WHEN NEGOTIATING ALPN
IT38096	APIC OAUTH PROVIDER SETTINGS NOT DISPLAYING CORRECTLY
IT38112	ERROR IN JWT AUTHENTICATION
IT38114	MIGRATION POLICY IF BY OPERATION PATH
IT38151	ADD XSLT EXTENSION FUNCTION APIM:GETTLSPROFILEOBJNAME TO THE API GATEWAY XSLT COMPATIBILITY MODULE
IT38154	APIC GATEWAY PROXY POLICY NOT APPLIED CORRECTLY
IT38160	AN XFORM ACTION ASYNCHRONOUS SETTING MIGHT CAUSE API GATEWAY TO RESTART.
IT38167	AU CACHING IS FAILING, NO CACHE HIT, WITH FORMS BASED LOGIN.
IT38175	APIC DATAPOWER GATEWAY MIGHT RESTART WHEN USING API PROBE ON A GET REQUEST
IT38176	DATAPOWER TLS KEY LOG FILE MAY NOT DECODE TLS 1.3
IT38185	UNABLE TO LOG INTO DATAPOWER CLI
IT38193	XML PARSE ERROR IN APIC GATEWAY V5 POLICY WHEN PARSING MORE THAN 4 MB OF DATA
IT38220	DELETING A CATALOG SHORTLY AFTER IT IS CREATED MIGHT CAUSE API CONNECT GATEWAY SERVICE INITIALIZATION FAILURE
IT38226	API COLLECTION ROUTING PREFIXES NOT UPDATED AFTER V5 LEGACY ENDPOINT IS DISABLED
IT38231	MEMORY GROWTH WHEN USING GRAPHQL ASSEMBLY
IT38234	IF VANITY HOSTNAME IS SAME AS GATEWAY HOSTNAME, /PROVIDER_ORGANIZATION/CATALOG/ SHOULD CONTINUE TO WORK
IT38252	APIC API PLAN WITH SPACES IN NAME CANNOT BE PUBLISHED
IT38253	DATAPOWER DPMON FILES ARE MISSING FROM ERROR REPORT
IT38263	APIC V5 POLICY FAILS ON API GATEWAY WITH AN XML PARSE ERROR
IT38285	DISABLING CSRF HEADER MIGHT IMPACT GUI ACTIONS
IT38292	DATAPOWER MIGHT RESTART WHEN SENDING REQUEST WITH BAD CHARACTERS IN URI
IT38301	PRECONFIGURED V5 EMULATION POLICIES MIGHT BE REMOVED FROM CLUSTERED DATAPOWER AFTER RESTART
IT38309	APIC HTTP/2 API CALL IS MARKED AS FAILED IN PORTAL ANALYTICS WHEN CALL WORKED
IT38368	LOADING CERTIFICATES USING ANY ALGORITHM OTHER THAN RSA, DSA, OR ECDSA MIGHT RESTART DATAPOWER
IT38371	APIGW RETURN 403 FORBIDDEN ERROR IF SECONDARY CLIENT_ID IS IN THE REQUEST BODY
IT38385	APIC GATEWAY EXTENSION NOT APPLIED IMMEDIATELY AFTER DRR
IT38387	SCHEMA VALIDATION INCORRECTLY REJECTS BASE64 ELEMENT AS EMPTY
IT38388	V5E GATEWAY EXTENSION CLEANUP MIGHT FAIL TO COMPLETE
IT38401	APIC API DEFINITION ALLOWS REQUESTS AFTER PUBLISH FAILS DUE TO DUE TO MISCONFIGURATION
IT38480	API CONNECT GATEWAY SERVICE MIGHT RESTART AFTER ADDING TO CLUSTER
IT38528	SYSLOG-TCP LOG TARGETS ALLOW ONLY A SINGLE CONNECTION
IT38550	GET ?WSDL REQUESTS WITHOUT SECURITY CREDENTIAL WILL BE REJECTED BY API GATEWAY
IT38554	APIC ROLE ASSIGN ACTION NOT TAKEN FOR GATEWAY PEERING AFTER REJOINING CLUSTER
IT38685	PKCS12 ARTIFACTS CONTAINING A CHAIN AND PRIVATE KEY MIGHT NOT BE PARSED CORRECTLY
IT38697	APIC OAUTH PROVIDER DOES NOT RETURN CORRECT VALUE IN X-SELECTED-SCOPE
IT38715	APIC API PLAN RATE LIMITS SORT ORDER ALGORITHM NOT IMPLEMENTED CORRECTLY
IT38717	VALIDATE POLICY MIGHT EXPERIENCE LATENCY IN RETRIEVING THE SCHEMA TO USE IN THE VALIDATION
IT38737	FOR APIGW UNABLE TO GET THE UDP PROPERTY VALUE BY USING APIM.GETPOLICYPROPERTY()
IT38751	NEW APIC CONTEXT VARIABLE FOR THIRD-PARTY LDAP AUTHENTICATION
IT38763	CLIENT IDENTIFICATION CHECK COULD FAIL WHEN NEW VERSION OF API IS CREATED
IT38773	DATAPOWER B2B GATEWAY SERVICE SENDS SIGNED AS2 REQUEST WITH S/MIME ENVELOPED DATA INCORRECTLY
IT38774	APIC V5 AND V5C ENHANCEMENT TO KEEP PREVIOUS TLS PROFILES IN CONFIGURATION IF APIM CANNOT BE REACHED
IT38775	SMALL MEMORY GROWTH WHEN CONFIGURING GRAPHQL SCHEMA OPTIONS IN API PLAN
IT38777	APIC REDACT ASSEMBLY ACTION MIGHT RESTART DATAPOWER
IT38778	MEMORY LEAK IN API CONNECT ASSEMBLY
IT38779	REDACT_1.5.0 POLICY MIGHT CAUSE A 500 RESPONSE WHEN REDACTING LOGS
IT38780	INVOKE_1.5.0 POLICY SUCCESSFUL WHEN THE SOURCE V5 POLICY FAILS
IT38781	INVOKE_1.5.0 POLICY MIGHT FAIL WHEN THE SOURCE V5 POLICY SUCCEEDS
IT38782	AMU MIGRATED APIS WITH AN INPUT PARSE IMPLICITLY WRAPPED WITHIN A SWITCH
IT38784	API CONNECT V5C RESPONSE TO OAUTH AUTHENTICATION MIGHT BE INCORRECT
IT38795	ADDRESS FALSE POSITIVE VULNERABILITY FINDINGS REPORTED BY SCAN UTILITIES
IT38838	MAP POLICY MIGHT BE CASE SENSITIVE FOR HEADER NAMES WITH SOME USE CASES
IT38873	APIC V5 COMPATIBILITY MODE RETURNS NULL FOR APIM.GETVARIABLE(REQUEST,BODY) FOR A GET REQUEST
IT38891	DATAPOWER MIGHT RESTART IF HTTP/2 CLIENT TIMES OUT BEFORE RESPONSE IS SENT
IT38917	APIGW VALIDATE ACTION IS TAKING A LONG TIME TO COMPLETE
IT38919	MITIGATE VULNERABILITY IN REDIS (CVE-2021-32626, CVE-2021-32675)
IT38922	APIGW UNABLE TO GET UDP PROPERTIES THROUGH XSLT EXTENSION FUNCTION
IT38924	APIC INVOKE POLICY DEFAULT PARAMETER CONTROL SHOULD BE AN EMPTY ALLOWLIST
IT38928	DATAPOWER MIGHT RESTART WHEN GATEWAY PEERING CLUSTER CREATE COMMAND IS USED
IT38936	MAP OPTION TO CREATE REQUIRED SIBLING PROPERTIES OF OPTIONAL OBJECTS FAILS FOR LEAF PROPERTY MAPS
IT38937	PROCESSING OF MALICIOUS REGEXP MIGHT CONSUME EXCESSIVE RESOURCES(CVE-2021-3807)
IT38962	UNABLE TO SET HEADER WITH DOTS IN THE NAME WHEN USING APIM.SETVARIABLE()
IT39015	DATAPOWER TENANTS ARE DISABLED WHEN DATAPOWER APPLIANCE IS RESTARTED
IT39021	IBM DATAPOWER GATEWAY MIGHT ALLOW JSON INJECTION (CVE-2021-38910)
IT39040	IBM DATAPOWER GATEWAY MIGHT PERMIT HEADER INJECTION (CVE-2021-38944)
IT39117	DATAPOWER ACCESS MANAGER CLIENT VERSION DEFAULT DOES NOT WORK CORRECTLY
IT39119	FOR API CONNECT INTEGRATION, A DYNAMIC MQ URL OPEN CALL IN GATEWAYSCRIPT MIGHT RESTART DATAPOWER
IT39130	MEMORY GROWTH OR RESTART WHEN USING OAUTH FOR APIC SECURITY
IT39186	USER REGISTRY FOR OAUTH CAN HAVE TLS PROFILE SET TO NONE ON DATAPOWER
IT39203	CONFIGURATION CHANGES IN API MANAGER MIGHT FAIL TO BE PROPAGATED ACROSS ALL GATEWAYS IN A CLUSTER

10.0.3

Release date: 25 June 2021
Last modified: 25 June 2021
Status: Available

APAR	Description
IT21079	POTENTIAL MEMORY GROWTH WITH AN XQUERY ACTION THAT USES JSON INPUT LANGUAGE
IT32464	POTENTIALLY RESTART WITH AN XQUERY ACTION THAT USES XML INPUT LANGUAGE, JSON OUTPUT LANGUAGE, FN:NUMBER(), AND THE PIPE OUTPUT CONTEXT
IT33993	NEGOTIATION MODE OF LINK AGGREGATION INTERFACE IS UNKNOWN
IT35157	DATAPOWER DELIMITS COALESCED COOKIES WITH COMMA INSTEAD OF SEMICOLON
IT35539	FAILURE NOTIFICATION WITH SMTP FAILS TO TRANSITION TO UP WHEN ENDPOINT USES AN IPV6 ADDRESS
IT35554	DATAPOWER ALLOWS DOTDOT IN URI WHEN USING PATCH METHOD EVEN IF DISALLOWED
IT36001	DATAPOWER MIGHT RESTART WHEN CLEANING UP AN IBM MQ MANAGEMENT STORE
IT36084	IBM MQ HANDLER STOPS PROCESSING MESSAGES
IT36096	DATAPOWER MIGHT NOT PROPERLY READ RESPONSE FROM THE BACK END
IT36109	ENSURE RFC 2616 HTTP CACHING CONFORMS TO SPECIFICATION
IT36120	DATAPOWER MIGHT RESTART WHILE COMPLETING AN AMQP TASK
IT36143	EXPIRATION TIME IN LOCAL RATE LIMIT CACHE WAS NOT UPDATED WHEN THE LIMIT IS EXCEEDED
IT36156	PARALLEL UPDATES TO API GATEWAY CONFIGURATION FILES MIGHT CAUSE CORRUPTED FILES
IT36162	DATAPOWER MIGHT RESTART WHEN PROCESSING RBM FOR THE GUI, XML MANAGEMENT, OR REST MANAGEMENT INTERFACES
IT36180	DATAPOWER MIGHT RESTART WHILE UPLOADING A FILE WITH THE DATAPOWER GUI
IT36191	RESTART WHEN QUERYING FOR A ?WSDL WHEN USING OAUTH SECURITY POLICY
IT36204	DURING API PROCESSING WHEN RESPONSE CONTAINS NO BODY, REQUEST CONTENT-TYPE RETURNED TO CLIENT
IT36219	HTTP/2 POST OR PUT REQUEST WITH NO BODY DATA WILL CAUSE TIMEOUT ERROR
IT36268	DATAPOWER MIGHT UNEXPECTEDLY RESTART WHILE PROCESSING A COUNT MONITOR
IT36332	DUPLICATE CSR ENTRIES CREATED WITH THE DATAPOWER KEYGEN UTILITY
IT36346	CONFIGURATION SEQUENCE PROCESSING DOES NOT COMPLETE AFTER PASSWORD ALIAS PROCESSING
IT36407	MITIGATION FOR TLS CVE-2021-3449
IT36415	FIX REGRESSION TO APAR IT34339
IT36417	UPDATE SECURE GATEWAY CLIENT TO ADDRESS MULTIPLE CVES
IT36448	DATAPOWER MIGHT PRINT EXTRA TEXT WHEN A LONG XML TEXT NODE IS LOGGED FROM AN XSLT ACTION
IT36456	MESSAGES UNCOMMITTED IF MQ URLS WITH SYNC POINT TAGS ARE USED WITHOUT UNITS-OF-WORK SETTING IN MQ-QM OBJECT
IT36463	WSDL FAILS TO DEPLOY ON DATAPOWER FOR VMWARE
IT36471	ALLOW TIMEOUT TO BE CONFIGURED FOR NODE HTTP SERVER (CVE-2020-8251)
IT36479	API CONNECT GATEWAY V5C POLICIES STOPPED WORKING AFTER FIRMWARE UPGRADE
IT36481	DATAPOWER RESTARTS WHEN VIEWING GATEWAY PEERING STATUS
IT36517	SPECIAL CASE THREADS MIGHT BE SUSCEPTIBLE TO LOGGING TO A TARGET THAT NO LONGER EXISTS CAUSING AN UNEXPECTED RESTART
IT36579	DATAPOWER SNMP SHOULD NOT QUERY IBM MQ APPLIANCE STATUS PROVIDERS
IT36585	INACCURATE LIST OF SUPPORTED FEATURES DUE TO UNDEFINED CATALOG ID
IT36597	TYPE 8441: DATAPOWER MIGHT FAIL TO ESTABLISH TLS CONNECTIONS IF CERTIFICATES ARE STORED IN HSM
IT36625	DATAPOWER MIGHT RESTART DUE TO API SUBSCRIBER CACHE MANAGEMENT
IT36627	ADDRESS FALSE-POSITIVE VULNERABILITY FINDINGS REPORTED BY SCAN UTILITIES
IT36635	DATAPOWER DOES NOT CONVERT ISO-8859-1 CHARACTERS TO UTF-8 CORRECTLY IN HTTP HEADER
IT36637	DATAPOWER MIGHT RESTART WHEN MODIFYING WEB SERVICE PROXY WHILE REQUESTING WSDL
IT36655	API CONNECT UNABLE TO INPUT INLINED PARAMETER FOR THE TLS PROFILE NAME OF THE ASSEMBLY INVOKE ACTION
IT36705	NEED MORE ERROR MESSAGES WHEN TRYING TO GET A NON-EXISTING CONTEXT VARIABLE WITH LONG VARIABLE NAME
IT36714	USER-DEFINED POLICY PARAMETER ORDER IN EXPORT.XML DIFFERS FROM ORDER SPECIFIED ON ASSEMBLY TAB IN API MANAGER
IT36723	DATAPOWER MIGHT RESTART IF A DSA KEY IS USED IN THE SFTP POLLER HANDLER
IT36727	DATAPOWER DOES NOT CORRECTLY CALCULATE FREE MEMORY
IT36732	ASSEMBLY VALIDATE ACTION MIGHT RESTART DATAPOWER
IT36779	DATAPOWER TPS MIGHT BECOME LIMITED BY ASSEMBLY REDACT ACTION
IT36822	MIGRATION PUSH OF CERTAIN CUSTOM POLICIES FAIL
IT36838	DATAPOWER MIGHT RESTART WHILE RECEIVING A NULL POST REQUEST
IT36843	UNQUIESCING DATAPOWER TENANT CAN CAUSE RESTART
IT36946	API CONNECT REDACT STYLESHEETS ARE NOT RECOMPILED WHEN REPUBLISHED
IT36949	MITIGATION FOR DOJO VULNERABILITIES CVE-2018-15494 AND CVE-2020-4051
IT36963	ECC CERTIFICATES FAIL TO BE RECOGNIZED WHEN ONLY TLSV1.3 CIPHER SUITES ARE AVAILABLE
IT36988	XSLT APIM:GETAPIPROPERTY NOT WORKING AFTER MIGRATION
IT37018	API CONNECT XSLT VERSION 1.0.0 POLICY FAILS TO COMPILE
IT37035	API CONNECT GATEWAY SERVICE MIGHT RESTART UNEXPECTEDLY WHEN CLI SHOW CONNECTIONS IS RUN
IT37152	VERSION 1.0.0 XSLT POLICY APIM:GETVARIABLE OF MESSAGE.STATUS ALWAYS RETURNS 200 OK
IT37175	API GATEWAY V5C FAILS WITH SESSION AUTHENTICATION FAILURE
IT37214	DATAPOWER ACCESS MANAGER CLIENT GOES DOWN AFTER UPGRADING
IT37278	MITIGATE NODE LIBRARY FOR CVE-2020-8287 AND CVE-2020-8265
IT37933	UPDATE ANGULARJS TO ADDRESS MULTIPLE CVES

10.0.2

Release date: 26 March 2021
Last modified: 26 March 2021
Status: Available

APAR	Description
IT33579	ENSURE THE ORDER FOR THE LDAP OBJECTS ARE CORRECT AND DEFINED FOR CONFIGURATION
IT34576	ZE IT30835 FIX APAR: USE OF VAR://SERVICE/TLS-INFO VARIABLE MIGHT LEAD TO UNEXPECTED RESTART
IT34675	DATAPOWER KAFKA OBJECT DOES NOT RETRIEVE ALL THE MESSAGES AFTER THE KAFKA OBJECT IS RESTARTED
IT34680	LIVE STREAM HANG TRIGGER DATAPOWER WATCHDOG RESTART
IT34742	MEMORY GROWTH MIGHT OCCUR WHEN USING ASSEMBLY LOG ACTION
IT34767	DATAPOWER MIGHT RESTART DUE TO A NETWORK ERROR IN THE MQ FTE HANDLER WHILE BACKOUT
IT35153	ADDRESS MULTIPLE NODE.JS SECURITY VULNERABILITIES
IT35177	INVOKE 1.5.0 DOES NOT CORRECTLY RESPECT STOP ON ERROR OPTIONS
IT35219	DATAPOWER MIGHT RELOAD DUE TO AN INTERNAL DEFECT WITH MQ REFERENCE COUNTING
IT35248	CLIENT SECRET IS NOT REDACTED ON API GATEWAY
IT35370	ADDED HANDLING OF SPECIAL IMS IRM_TIMER VALUES 0 AND -1
IT35454	ONLY FLUSH CACHE FOR MODIFIED FILES TO PREVENT INTERMITTENT ERRORS
IT35462	DATAPOWER MIGHT RESTART WHILE PROCESSING A LARGE CONFIGURATION FILE OR MULTIPLE CONCURRENT CONFIGURATION FILES
IT35492	DATAPOWER MIGHT RESTART WHILE CLOSING AN LDAP CONNECTION
IT35498	ADD DOMAIN NAME TO ANALYTICS RECORDS
IT35529	WHEN USING MQ HANDLER, DATAPOWER MIGHT RESTART IF CONNECTIONS CANNOT BE ESTABLISHED WITH THE MQ SERVER
IT35543	THE LOCATION HEADER GETS REWRITTEN IN ANY CASE BY THE LOCATION HEADER REWRITE FEATURE WHEN THE HOST CANNOT BE RESOLVED
IT35677	XML FIREWALL CANNOT SET DYNAMIC TLS PROFILE FOR A TLS CLIENT PROFILE
IT35724	DATAPOWER MIGHT RESTART DUE TO A BAD MQRFH2 HEADER IN AN MQ MESSAGE
IT35729	GATEWAYSCRIPT URLOPENER SOMETIMES HANGS WHEN READING DATA FROM THE NETWORK
IT35737	DATAPOWER MIGHT LEAK MEMORY IF A WSDL BASED API IS INVOKED BY BASEPATH ONLY
IT35825	DATAPOWER VALIDATION ERROR MESSAGES STATE ERROR REASON AT MESSAGE END, WHICH GETS TRUNCATED BY DATAPOWER LOG FOR LONG MESSAGES
IT35836	API CONNECT GATEWAY SERVICE CAN GET STUCK IN A NON-RESPONSIVE STATE WHEN DRR FINISH NOT DETECTED
IT35863	THE CRYPTO-BINARY ACTION GOES DOWN DUE TO NO DATAGLUE LICENSE
IT35868	INVALID SUBSCRIBER DATA NOT DELETED IN THE LOCAL CACHE
IT35869	DATAPOWER MIGHT RESTART IF A STREAM IS READ WHILE THERE IS FATAL ERROR ON THAT STREAM
IT35870	ADD AN OPTION TO THE ASSEMBLY INVOKE ACTION
IT35871	ANALYTICS CERTIFICATES REMOVED WHEN API CONNECT GATEWAY SERVICE IS RESTARTED
IT35873	ERROR POLICY PROPERTY OF ASSEMBLY VALIDATE ACTION COULD NOT BE SET BY API CONNECT API MANAGER
IT35895	DATAPOWER MIGHT RESTART WHILE ACCESSING A TLS SESSION
IT35909	DATAPOWER MIGHT RESTART DUE TO LOCK ISSUE
IT35921	API CALL FAILS WHEN REQUEST URL CONTAINS NEGATIVE VALUES FOR PATH PARAMETERS OF INTEGER TYPE
IT35924	ANALYTICS CERTIFICATES ARE NOT RESTORED WHEN RE-ADDING ANALYTICS
IT35928	DATAPOWER RELOADS WHILE MAKING AN OCSP CALL
IT35930	CANNOT REFRESH API GATEWAY SERVICE IF OAUTH PROVIDER CONTAINS A USER REGISTRY USING TLS
IT35938	API GATEWAY ONLY ALLOWS SECP256R1 CURVE ALGORITHM FOR TLS CONNECTIONS AS A CLIENT
IT35980	API OPERATION STAYS UP EVEN IF PARAMETER REFERENCE IS MISSING
IT35988	ADDRESS PROBLEMS WITH IBM MQ V9+ INTEGRATION
IT35990	VALIDATION OF TOKENS WITH NON STRINGS IN THE JWT HEADER FAIL
IT35996	MULTIPLE CVE FOR MCP AND UBI
IT36039	THE SHARE RATE LIMIT COUNT PROPERTY IN API GATEWAY NOT HONORED WHEN API REPUBLISHED
IT36078	GUI ISSUE IN ADDING MESSAGE COUNT MONITOR IN WEB SERVICE PROXY
IT36089	ZE IT34014 FIX APAR: COMPRESSION ON HTTPS RESULTS IN FAILING RESPONSES AFTER IT34014
IT36101	DATAPOWER MIGHT RESTART DUE TO TLS TRANSACTIONS
IT36129	DATAPOWER MAY RESTART DUE TO AN INVALID POINTER TO AN LDAP USER REGISTRY
IT36325	THE SECURITY ACCESS MANAGER CLIENT MIGHT FAIL TO START
IT36346	CONFIGURATION SEQUENCE PROCESSING DOES NOT COMPLETE AFTER PASSWORD ALIAS PROCESSING
IT36586	JRE UPDATE TO ADDRESS CVE-2020-14779, CVE-2020-14782, CVE-2020-14803 AND CVE-2020-27221

Change history
Last modified: 29 March 2023

29 March 2023: Added fix list for 10.0.4sr3 security refresh.
23 January 2023: Moved IT39534 from 10.0.4sr1 to 10.0.4sr2.
14 December 2022: Updated fix list for 10.0.4sr2 security refresh.
26 October 2022: Added fix list for 10.0.4sr2 security refresh.
30 March 2022: Added fix list for 10.0.4sr1 security refresh.
13 December 2021: Added fix list for 10.0.4 update package.
25 June 2021: Added fix list for 10.0.3 update package.
26 March 2021: Created fix list for 10.0.2 update package.

Off

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"ARM Category":[{"code":"a8m50000000L0rqAAC","label":"DataPower"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"10.0.2;10.0.3;10.0.4"}]

Problems (APARS) fixed
IT33579; IT34576; IT34675; IT34680; IT34742; IT34767; IT35153; IT35177; IT35219; IT35248; IT35370; IT35454; IT35462; IT35492; IT35498; IT35529; IT35543; IT35677; IT35724; IT35729; IT35737; IT35825; IT35836; IT35863; IT35868; IT35869; IT35870; IT35871; IT35873; IT35895; IT35909; IT35921; IT35924; IT35928; IT35930; IT35938; IT35980; IT35988; IT35990; IT35996; IT36039; IT36078; IT36089; IT36101; IT36129; IT36325; IT36346; IT36586; IT21079; IT32464; IT33993; IT35157; IT35539; IT35554; IT36001; IT36084; IT36096; IT36109; IT36120; IT36143; IT36156; IT36162; IT36180; IT36191; IT36204; IT36219; IT36268; IT36332; IT36346; IT36407; IT36415; IT36417; IT36448; IT36456; IT36463; IT36471; IT36479; IT36481; IT36517; IT36579; IT36585; IT36597; IT36625; IT36627; IT36635; IT36637; IT36655; IT36705; IT36714; IT36723; IT36727; IT36732; IT36779; IT36822; IT36838; IT36843; IT36946; IT36949; IT36963; IT36988; IT37018; IT37035; IT37152; IT37175; IT37214; IT37278; IT37933; IT35948; IT36675; IT36680; IT36703; IT36736; IT36786; IT36859; IT37053; IT37093; IT37200; IT37244; IT37281; IT37332; IT37334; IT37348; IT37354; IT37362; IT37388; IT37474; IT37506; IT37513; IT37536; IT37552; IT37575; IT37601; IT37603; IT37616; IT37636; IT37653; IT37666; IT37691; IT37706; IT37722; IT37750; IT37766; IT37770; IT37779; IT37782; IT37826; IT37855; IT37856; IT37923; IT37924; IT37925; IT37929; IT37931; IT37935; IT37936; IT37949; IT37950; IT37962; IT37967; IT37975; IT37976; IT37984; IT37992; IT37993; IT37994; IT38005; IT38026; IT38071; IT38072; IT38088; IT38089; IT38095; IT38096; IT38112; IT38114; IT38151; IT38154; IT38160; IT38167; IT38175; IT38176; IT38185; IT38193; IT38220; IT38226; IT38231; IT38234; IT38252; IT38253; IT38263; IT38285; IT38292; IT38301; IT38309; IT38368; IT38371; IT38385; IT38387; IT38388; IT38401; IT38480; IT38528; IT38550; IT38554; IT38685; IT38697; IT38715; IT38717; IT38737; IT38751; IT38763; IT38773; IT38774; IT38775; IT38777; IT38778; IT38779; IT38780; IT38781; IT38782; IT38784; IT38795; IT38838; IT38873; IT38891; IT38917; IT38919; IT38922; IT38924; IT38928; IT38936; IT38937; IT38962; IT39015; IT39021; IT39040; IT39117; IT39119; IT39130; IT39186; IT39203; IT39289; IT39436; IT39513; IT39534; IT39660; IT39661; IT39669; IT39994; IT40053; IT40215; IT40243; IT40259; IT40373; IT40374; IT40380; IT40393; IT40394; IT40487; IT39989; IT41319; IT41350; IT41552; IT41574; IT41776; IT41786; IT41896; IT42101; IT42104; IT39160; IT40045; IT42162; IT42231; IT42300; IT41936; IT42166; IT42249; IT42510; IT42543; IT42556; IT42742; IT43160; IT43161; IT43439; IT43440; IT43441;

Tips

Update packages for DataPower Gateway version 10.0.x.x

Download

Downloadable File

Abstract

Download Description

Important

Document Location

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?