IBM Support

z/OS 3.1 Communications Server New Function APAR Summary

General Page

New function APAR summary for z/OS 3.1 Communications Server
3.1 header
For more 3.1 new functions, see z/OS 3.1 Communications Server: New Function Summary.

Application Modernization

 pin Network support for IBM z/OS Container Platform Mar 2024

z/OS® Communications Server provides network communications and network-related services for IBM z/OS Container Platform (zOSCP).

z/OS 3.1 Communications Server, with APAR PH39613, provides network support for zOSCP workload by introducing a new type of VIPARANGE dynamic VIPA (DVIPA) called ZCONTainer. A ZONTainer DVIPA provides network access for a Pod or a container when a container image is started on z/OS. It also enhances support for several new Language Environment (LE) and UNIX System Services (USS) Callable Services APIs, as well as System Resolver APIs and the Netstat application. With this Communications Server support, containerized z/OS application can now co-exist with native z/OS applications.

Restriction:
IBM z/OS Container Platform support is added for LE APIs, USS Callable Services APIs, and System Resolver APIs only.
Dependencies:
The z/OS Communication Server support for IBM z/OS Container Platform has dependencies on LE, USS and the IBM z/OS Container Platform function. Here’s a list of LE and USS APARs:
  • IP_TTL and gethostname()/sethostname() dependencies - USS OA61799 and LE PH42264
  • UTS namespace, clone()/unshare()/setns() support - USS APAR OA61972, USS APAR OA62757 and LE APAR PH40094
  • Container ID support - USS APAR OA62281
Note:
The Network Configuration Assistant (NCA) cannot be used to update the TCP/IP profile. If you are currently using NCA to manage your TCP/IP profile, the recommended method to configure these new VIPARANGE DVIPAs is to create a new TCP/IP profile data set that has an INCLUDE statement for the NCA-generated TCP/IP profile data set, followed by an INCLUDE statement for a second TCP/IP profile data set with the VIPARANGE DVIPA ZCONTainer definitions. See z/OS Communications Server: IP Configuration Reference for more information about the INCLUDE statement.

Enhancing security

Pin zERT support for z/OS 3.1 OpenSSH upgrade Mar 2024

z/OS® Encryption Readiness Technology (zERT) with APAR PH58110 is updated to recognize and report new SSH cryptographic attributes. zERT supports the following new SSH key exchange methods: gss-group14-sha256-, gss-group16-sha512-, gss-curve25519-sha256-, and gss-nistp256-sha256-. zERT supports the following new SSH key types: sk-ecdsa-sha2-nistp256@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, sk-ssh-ed25519@openssh.com, and sk-ssh-ed25519-cert-v01@openssh.com.

The new attributes can be recognized and reported in the zERT SMF 119 connection detail (subtype 11) and summary (subtype 12) records. With APAR PH58105, the IBM zERT Network Analyzer supports the new key exchange methods and key types in SMF zERT summary records.

You can use the new key exchange methods for zERT policy enforcement. With APAR PH57412, you can configure the new key exchange methods for zERT enforcement in the IBM Network Configuration Assistant for z/OS Communications Server.

Pin z/OS UNIX syslogd support for secure logging over TCP September 2023

z/OS®3.1 Communications Server provides syslog daemon support to receive and send messages over the network using TCP. These TCP connections can be protected with AT-TLS. The syslog daemon supports receiving and sending messages with octet-counted framing over TCP connections. With Communications Server APAR PH56548, the syslogd daemon also supports receiving messages with non-transparent (traditional) framing.

Restriction:
The syslog daemon does not support sending messages with non-transparent (traditional) framing over TCP connections.
 
Dependencies:
Syslogd is an AT-TLS aware application. To secure messages received by syslogd over a TCP connection, an AT-TLS server rule must be configured for the connection. To secure messages sent by syslogd over a TCP connection, an AT-TLS client rule must be configured for the connection.

Application Development

 PinReplaceSubjectAtSign configuration option for CSSMTP Dec 2023

z/OS® 3.1 with TCP/IP APAR PH56747 enables customization of the Communications Server SMTP (CSSMTP) processing of the at sign (@) symbol in the mail message subject line.

The existing AtSign option allows CSSMTP to recognize a different character as the industry standard at sign (@) symbol and replace it in the mail message commands and headers. You can use the new option ReplaceSubjectAtSign to indicate whether the mail message subject line should be updated or not.

If you have any comments or questions about New Function APAR Summary, send an email to comsvrcf@us.ibm.com.

[{"Type":"MASTER","Line of Business":{"code":"LOB56","label":"Z HW"},"Business Unit":{"code":"BU070","label":"IBM Infrastructure"},"Product":{"code":"SWG90","label":"z\/OS"},"ARM Category":[{"code":"a8m0z0000000AW3AAM","label":"z\/OS Comm Server"}],"ARM Case Number":"","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"All Versions"}]

Document Information

Modified date:
08 April 2024

UID

ibm17031984

Page Feedback