Fix Readme
Abstract
IBM API Connect V5.0.8.13-ifix1 is available. This update addresses an important security fix reported since the availability of API Connect v5.0.8.13.
Content
IBM API Connect V5.0.8.13-ifix1 is now available to address internal fixes and customer APARs reported since API Connect v5.0.8.12. We advise all users of IBM API Connect V5.0 to install this update to take advantage of the fixes.
Special Note:
-- YOU MUST INSTALL API CONNECT V5.0.8.10-ifix2 PRIOR TO UPGRADING V5.0.8.11 or later
-- All RSS nodes need to be removed and re-added to the cluster after the upgrade
API Connect v5.0.8.11 includes an upgrade of platform in version 5 from Bedrock to the Centos operating system. Bedrock systems were based upon RHEL6 which went out of support in Nov 2020. There are major changes in platform code specifically and involved a rebuild/fix of application packages on Centos7. Centos 7 is supported until June 2024.
In order to upgrade to 5.0.8.11 or later, Customers MUST upgrade first to 5.0.8.10-ifix2 (as this build contains the code required for upgrade to 5.0.8.11) as a pre-requisite. The steps for upgrading from 5.0.8.10-ifix2 to 5.0.8.11 are documented here.
An important note for customers who leverage API Connect v5 analytics before upgrading to 5.0.8.11 (from a version earlier than 5087-ifix4): A one time upgrade step is required to retain analytics data during the upgrade window when updating to 5087-ifix4 or later, see the following link for details: https://www.ibm.com/support/knowledgecenter/SSMNED_5.0.0/com.ibm.apic.install.doc/prereq_5087ifix4_dpgw_certs.html
An important on migrating Developer Portal OVAs from Ubuntu V16.04 to Ubuntu V18.04: It is strongly recommended that you migrate your Developer Portal to Ubuntu V18.04 because support for Ubuntu V16.04 is being withdrawn in March 2021. To migrate your Developer Portal OVAs from Ubuntu V16.04 to Ubuntu V18.04, you need to perform a backup and restore method of migration. This method involves backing up your current Ubuntu V16.04 Developer Portal content, standing up new OVAs on Ubuntu V18.04, and then restoring the Developer Portal content onto the new OVAs. See the following link for details: https://www.ibm.com/support/knowledgecenter/SSMNED_5.0.0/com.ibm.apic.install.doc/tapim_portal_production_migrate_ubuntu18.html
Note: The Linux® distribution for the Developer Portal OVA has moved from a Debian V7 base to an Ubuntu V16.04 base. Support for the Debian V7 OVA was withdrawn in May 2018. You are encouraged to migrate your Developer Portal to the Ubuntu V16.04 base now, as support for Debian V7 upgrades was removed in May 2018.
Deprecation of IBM API Connect Micro Gateway Component on 31 March 2020:
IBM® API Connect Micro Gateway was deprecated in IBM API Connect Version 5.0.8 in favor of DataPower® Gateway. From 1 April 2020, Micro Gateway will no longer be supported.
Existing users can migrate their API definitions to IBM DataPower Gateways. For information on supported API policies, see Built-in policies.
Support lifecycle policy for IBM API Connect Version 5.0.8.13:
IBM API Connect Version 5.0.8.x is a Long Term Supported (LTS) release and is a recommended product level for which support, including defect and security updates, will be provided through cumulative, in-place fixpacks until the effective end of support (EOS) date for IBM API Connect Version 5.0. An LTS release is intended for customers that might need a longer-term deployment for their environment.
APAR fixes
| APAR | SUMMARY |
| LI82207 | MAP POLICY DOES NOT PROPERLY RESOLVE MAP VARIABLE REFERENCE WITH ESCAPED PERIODS. |
| LI82276 | VALIDATE POLICY DOES NOT ACCEPT CONTENT TYPE TEXT/JSON AS JSON |
| LI82387 | CANNOT REDACT A BOOLEAN VALUE |
| LI82388 | APP DELETION IS NOT REMOVING APPROVAL REQUEST |
| LI82393 | MAP POLICY MAY BE CASE SENSITIVE FOR HEADER NAMES WITH SOME USE CASES |
| LI82401 | MAP OPTION TO CREATE REQUIRED SIBLING PROPERTIES OF OPTIONAL OBJECTS WILL FAIL TO DO SO FOR LEAF PROPERTY MAPPINGS |
| LI82414 | DISABLE DATEEXT FOR LOGROTATE |
| LI82449 | LOG4J CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 |
| LI82459 | FOR UBUNTU 18 BASE DEVELOPER PORTAL AFTER ADD A NEW DISK AND REBOOT IT DOES NOT AUTOMATICALLY ADDED TO THE ROOT PARTITION |
| LI82460 | EDITING PROVIDER ORG TLS PROFILE SHOULD NOT INCLUDE SSLV3 AS AN OPTION |
| LI82461 | CREATING A NEW TLS PROFILE IN CMC SHOULD ONLY SELECT TLSV12 BY DEFAULT |
| LI82462 | DISABLE TLS 1.0 ON API CONNECT SERVERS |
| LI82489 | PORTAL PDUR (USING LDAP) LOGIN FAILS DUE TO AN OLDER LDAP MODULE |
| APAR | SUMMARY |
| LI82486 | Polkit Local Privilege Escalation Vulnerability (CVE-2021-4034) |
Upgrade paths for API Connect:
For more information on IBM API Connect upgrade paths, see Supported Upgrade Paths.
There are specific validated upgrade paths between IBM® API Management Version 4.0 or later and IBM API Connect Version 5.0 or later. For more information, see Validated upgrade path for API Connect
In addition to the specific validated upgrade paths for the API Management appliance, you must upgrade your IBM DataPower Gateway appliance. For more information, see Upgrading your DataPower appliances
Refer to the life-cycle support page for the IBM DataPower Gateway
Downloads:
Full installation and upgrade files for IBM API Connect Version 5.0.8.13-ifix1 can be downloaded from Fix Central: IBM API Connect Version 5.0.8.13-ifix1
There may be newer fixes posted to Fix Central that do not contain APARs or any API Connect code changes but are made available as they contain updates to underlying dependent software packages.
A one time upgrade step is required to retain analytics data during the upgrade window when updating from a version prior to 5087 iFix 4 to 5087 iFix 4 or later. See the following link for details: https://www.ibm.com/support/knowledgecenter/SSMNED_5.0.0/com.ibm.apic.install.doc/prereq_5087ifix4_dpgw_certs.html
An important on migrating Developer Portal OVAs from Ubuntu V16.04 to Ubuntu V18.04: It is strongly recommended that you migrate your Developer Portal to Ubuntu V18.04 because support for Ubuntu V16.04 is being withdrawn in March 2021. To migrate your Developer Portal OVAs from Ubuntu V16.04 to Ubuntu V18.04, you need to perform a backup and restore method of migration. This method involves backing up your current Ubuntu V16.04 Developer Portal content, standing up new OVAs on Ubuntu V18.04, and then restoring the Developer Portal content onto the new OVAs. See the following link for details: https://www.ibm.com/support/knowledgecenter/SSMNED_5.0.0/com.ibm.apic.install.doc/tapim_portal_production_migrate_ubuntu18.html
Ensure that you have read and understood the upgrade and installation instructions before downloading and using the installation or upgrade files. You can find detailed installation instructions in IBM API Connect Knowledge Center -- Installing API Connect
| What is Fix Central (FC)? |
Was this topic helpful?
Document Information
Modified date:
01 February 2022
UID
ibm16538964