APARs fixed in the IBM Storage Protect Server Version 8.2 levels

Fix Readme

Abstract

What APARs and security fixes have been incorporated in the IBM Storage Protect server Version 8.2 levels?

Content

The following tables list APARs that are addressed in the IBM Storage Protect server V8.2 levels.

Tip: In the following list, Rel represents the release number in which the issue was detected. The operating system is identified (A = AIX, L = Linux, and W = Windows). For example, 82L denotes V8.2 running on a Linux operating system.

APARs fixed in level 8.2.0
Security vulnerabilities fixed in level 8.2.0
APARs fixed in level 8.2.1
Security vulnerabilities fixed in level 8.2.1

APARs fixed in level 8.2.0

APAR	Severity	Operating System/Release Of Reported Issue (APAR, CompId, Rel)	Abstract
IT42602	4	IT42602 5698ISMSV 81L	QUERY REPLNODE WITH A SPECIFIC SERVER STILL SHOWS UP AFTER REMOVE REPLNODE
IT44363	3	IT44363 5698ISMSV 81L	EXPIRATION PROCESS SKIPS EXPIRED OBJECTS WHICH ARE REPLICATED BY STORAGE RULE CREATED USING THE IBM SPECTRUM PROTECT OPERATIONS
IT44479	3	IT44479 5698ISMSV 81W	TASKS FOR A SERVER THAT NO LONGER EXISTS KEEPS APPEARING IN THE OPERATIONS CENTER MAINTENANCE VIEW
IT45349	3	IT45349 5698ISMSV 81A	NONEMPTY DECOMMISSIONED FILESPACES ARE REMOVED FROM SUBRULE MEMB ERS DURING EXPIRATION
IT45983	4	IT45983 5698ISMSV 81L	MISLEADING ANR2886E STORAGE RULE WAS NOT FOUND ON REPLICATION STORAGE RULE START WHILE IT IS CORRECTLY DEFINED
IT46141	2	IT46141 5698ISMSV 81A	IBM STORAGE PROTECT SERVER CRASH, MUTEX ACQUISITION FAILURE
IT46554	3	IT46554 5698ISMSV 81L	REMOVE REPLNODE, DELETE SERVER AND REMOVE REPLSERVER COMMANDS DON'T REMOVE ENTRIES FROM DB2 REPLICATED_FILESPACES TABLE
IT47640	2	IT47640 5698ISMSV 81L	DELETE STORAGE POOL CAN GENERATE A LOT OF ANR9999D_2513553707 ERRORS
IT47915	3	IT47915 5698ISMSV 81A	ANR3002E NOTIFY SUBSCRIBERS: PROFILE NAME EXCEEDS 30 CHARACTERS
IT47945	2	IT47945 5698ISMSV 81L	DSMICFGX CREATES UNUSED TSM.PWD FILE
IT47980	3	IT47980 5698ISMSV 81L	REPLICATION FAILS WITH ANR3178E AND ANR0479W WHEN A COPY GROUP IS MISSING
IT48205	3	IT48205 5698ISMSV 81A	ANR4397E/ANR0454E STORAGE AGENT COMMUNICATION PROBLEM WHEN PASSW ORDS CONTAIN SPECIAL CHARACTERS
IT48225	2	IT48225 5698ISMSV 81A	MISSING DSMULOG BINARY IN IBM STORAGE PROTECT INSTALLATION PACKAGE FOR AIX STORAGE AGENT
IT48246	2	IT48246 5698ISMSV 81W	SERVER COULD CRASH WHEN RUNNING WITH THE REPLCMD TRACE FLAG ENABLED
IT48310	2	IT48310 5698ISMSV 81L	REPLICATION STORAGE RULE HANGS AND LEAVES SESSIONS ON TARGET SERVER
IT48320	3	IT48320 5698ISMSV 81L	PROTECT STGPOOL TYPE=LOCAL PROCESS HANGING AFTER UPGRADE TO 8.1.27.000 SERVER VERSION
IT48341	3	IT48341 5698ISMSV 81L	WHEN USING HOST-STYLE CLOUD CONNECTION CONFIGURATION, ORPHAN CLO UD CONTAINER OBJECTS REMAINED AFTER UPGRADING TO 8.1.18 SERVER
IT48342	1	IT48342 5698ISMSV 81W	DISMOUNT OF A NEWLY USED SCRATCH TAPE FAILS WITH ANR8355E I/O ER ROR READING LABEL USING 8.1.27 SERVER
IT48344	3	IT48344 5698ISMSV 81X	MKEYTOOL ERRORS OUT WHEN ADDING CA CERTIFICATES - JAVA.LANG.EXCEP TION: ALIAS DOES NOT EXIST
IT48386	2	IT48386 5698ISMSV 81A	(Reoccurrence of APAR IT44913) - IBM STORAGE PROTECT TARGET SERVER MAY CRASH DURING REPLICATION S TORAGE RULE, WITH SEGMENTATION FAULT
IT48422	1	IT48422 5698ISMSV 81L	COPY STORAGE RULE PERFORMANCE IS SLOW AFTER UPGRADING TO SERVER VERSION 8.1.27.000
IT48452	4	IT48452 5698ISMSV 81A	ANR9759W MESSAGE NEEDS IMPROVEMENT WHEN A DRIVE SLOT IS EMPTY
IT48471	2	IT48471 5698ISMSV 81L	OFFSITE SPACE RECLAMATION FAILS WITH ANR9999D_0222697149 BFTESTOFFSITEMOVEFILE ERRORS
IT48501	2	IT48501 5698ISMSV 81L	IBM STORAGE PROTECT SERVER HALTS AFTER ANR0130E MESSAGE DUE TO REORG OF LARGE TABLES
IT48516	2	IT48516 5698ISMSV 81A	IBM STORAGE PROTECT SERVER CAN CRASH WHILE RUNNING EXPIRATION WHEN MEMORY IS NOT AVAILABLE
IT48527	3	IT48527 5698ISMSV 81L	THE ACTIVELOGSIZE VALUE IN DSMSERV.OPT MAY DIFFER FROM THE VALUE SHOWN IN QUERY OPTION
IT48547	1	IT48547 5698ISMSV 81A	UNEXPECTED DELETION ON A REPLICATION TARGET WITH LONGER DISSIMILAR POLICY AFTER THE REPLICATION IS DONE WITH FORCERECONCILE=YES
IT48567	3	IT48567 5698ISMSV 81L	IBM STORAGE PROTECT SERVER 8.1.27 ANR8507W MESSAGE IMPROPERLY RAISED IF DRIVEENCRYPTION IS SET TO OFF
IT48587	4	IT48587 5698ISMSV 81L	OUTDATED DOCUMENT FOR RECOVERING THE KEYSTORE'S PASSWORD
IT48590	3	IT48590 5698ISMSV 81L	SERVER UPGRADE MAY LOG "ERROR: ... GSKIT NOT FOUND ON SYSTEM"
IT48644	1	IT48644 5698ISMSV 81L	OPEN SNAP STORE MANAGER (OSSM) PRIMARY AGENT PANIC AFTER UPGRADE TO 8.1.27
IT48648	4	IT48648 5698ISMSV 81L	DOCUMENTATION REQUEST FOR FILETEXTEXIT FORMAT IN IBM STORAGE PRO TECT 8.1.X

Security vulnerabilities fixed in level 8.2.0

Security vulnerability	Abstract
CVE-2024-45339	IBM Storage Protect Server use Golang glog library in OSSM component. Golang glog is vulnerable to improper handling of log file existence.
CVE-2024-7254, CVE-2022-3510, CVE-2022-3509, CVE-2022-3171, CVE-2024-49350, CVE-2025-3050, CVE-2025-2518, CVE-2024-52903, CVE-2025-1493, CVE-2025-1000, CVE-2025-1992, CVE-2025-0915	IBM Storage Protect Server, which uses IBM Db2, may be affected by multiple vulnerabilities that could result in denial of service or the loss of confidentiality, integrity.
CVE-2025-47950	IBM Storage Protect Server use Golang CoreDNS library in Object Agent and OSSM component. Golang coredns is vulnerable to Denial of Service.
CVE-2025-22869	IBM Storage Protect Server use Golang crypto library in Object Agent and OSSM component. Golang crypto is vulnerable to Denial of Service.
CVE-2025-22870	IBM Storage Protect Server use Golang net library in Object Agent and OSSM component. Golang net is vulnerable to IPv6 zone ID mishandling leading to proxy bypass.
CVE-2025-21587, CVE-2025-30698, CVE-2025-4447	IBM SDK, Java is vulnerable to improper access control and stack overflow, IBM Storage Protect Server uses IBM SDK, Java and may be affected by this vulnerability.
CVE-2025-58063	IBM Storage Protect Server use Golang CoreDNS library in Object Agent and OSSM component. Golang CoreDNS library is vulnerable to a denial of service, caused by improper input validation.
CVE-2025-50106, CVE-2025-30749	IBM SDK, Java is vulnerable to unauthenticated attacker with network access via multiple protocols and TLS, IBM Storage Protect Server uses IBM SDK, Java and may be affected by this vulnerability.

APARs fixed in level 8.2.1

APAR	Severity	Operating System/Release Of Reported Issue (APAR, CompId, Rel)	Abstract
IT44363	3	IT44363 5698ISMSV 81L	EXPIRATION PROCESS SKIPS EXPIRED OBJECTS WHICH ARE REPLICATED BY STORAGE RULE CREATED USING THE IBM SPECTRUM PROTECT OPERATIONS
IT45220	2	IT45220 5698ISMSV 81W	DELETE FILESPACE COMMAND FAILS AND INCORRECTLY DISPLAYS ANR0210W AND ANR0104E
IT45349	3	IT45349 5698ISMSV 81A	NONEMPTY DECOMMISSIONED FILESPACES ARE REMOVED FROM SUBRULE MEMBERS DURING EXPIRATION
IT46270	2	IT46270 5698ISMSV 81A	PROCESS APPARENT HANG WHEN QUERYING/USING STORAGE POOL WITH VIRTUAL VOLUMES
IT46554	3	IT46554 5698ISMSV 81L	REMOVE REPLNODE, DELETE SERVER AND REMOVE REPLSERVER COMMANDS DON'T REMOVE ENTRIES FROM DB2 REPLICATED_FILESPACES TABLE
IT46866	2	IT46866 5698ISMSV 81A	IBM STORAGE PROTECT TARGET SERVER MAY CRASH WHEN REPLRECOVERDAMAGED IS SET TO ON
IT46909	3	IT46909 5698ISMSV 81W	QUERY JOB COMMAND REPORTS INCORRECT REPLICATION PROCESS STATUS UNDER CERTAIN SCENARIOS
IT47640	2	IT47640 5698ISMSV 81L	DELETE STORAGE POOL CAN GENERATE A LOT OF ANR9999D_2513553707 ERRORS
IT47899	3	IT47899 5698ISMSV 81W	UNABLE TO UPDATE STORAGE PROTECT SERVERMON OUTPUT LOCATION
IT47980	3	IT47980 5698ISMSV 81L	REPLICATION FAILS WITH ANR3178E AND ANR0479W WHEN A COPY GROUP IS MISSING
IT48064	2	IT48064 5698ISMSV 81L	USING DELETE VOLHIST COMMAND TO DELETE DB BACKUP VOLUMES FROM CLOUD MAY LEAVE ORPHANED OBJECTS
IT48424	3	IT48424 5698ISMSV 81L	ANR1650W MESSAGE DISPLAYED IN ACTIVITY LOG WHEN RECENT REPLICATION COMPLETES SUCCESSFULLY WITHOUT REPORTING ANY ERRORS/WARNINGS
IT48547	1	IT48547 5698ISMSV 81A	UNEXPECTED DELETION ON A REPLICATION TARGET WITH LONGER DISSIMILAR POLICY AFTER THE REPLICATION IS DONE WITH FORCERECONCILE=YES
IT48590	3	IT48590 5698ISMSV 81L	SERVER UPGRADE MAY LOG "ERROR: ... GSKIT NOT FOUND ON SYSTEM"
IT48603	3	IT48603 5698ISMSV 81W	VERSION MISMATCH BETWEEN IBM INSTALLATION MANAGER AND WINDOWS "PROGRAM AND FEATURES" OUTPUT FOR SERVER LICENSE
IT48644	1	IT48644 5698ISMSV 81L	OPEN SNAP STORE MANAGER (OSSM) PRIMARY AGENT PANIC AFTER UPGRADE TO 8.1.27
IT48682	2	IT48682 5698ISMSV 81A	IBM STORAGE PROTECT SERVER TARGET SERVER CRASHES DURING STGRULE FOR REPLICATION, DUE TO GSK ISSUE
IT48681	2	IT48681 5698ISMSV 81A	IBM STORAGE PROTECT SERVER TARGET SERVER CRASHES DURING STGRULE FOR REPLICATION, STACK POINTS TO MALLOC_Y
IT48156	2	IT48156 5698ISMSV 81L	OPERATIONS CENTER CLIENT UPDATES MISSING ELIGIBLE CANDIDATES AFTER UPGRADE TO 8.1.26
IT48826	3	IT48826 5698ISMSV 81L	DOCUMENTATION ABOUT SET DRMPRIMSTGPOOL NEEDS IMPROVEMENTS
IT48865	3	IT48865 5698ISMSV 81A	REPLICATION COMPATIBILITY IS NOT UPDATED SINCE SERVER VERSION 8.1.17
IT48897	3	IT48897 5698ISMSV 81A	DSMULOG DOCUMENTATION REQUIRES IMPROVEMENTS
IT48906	3	IT48906 5698ISMSV 81L	THE IBM STORAGE PROTECT SERVER MAY CRASH WHEN EXECUTING THE TIERING STORAGE POOL PROCESS
IT48953	3	IT48953 5698ISMSV 81A	OBSOLETE DOCUMENTATION REFERENCE TO THE MESSAGE - DO YOU WANT TO UPDATE THIS INSTANCE? ON HACMP SECONDARY NODE UPGRADE
IT48954	3	IT48954 5698ISMSV 81L	ANR9999D_3402937811 OCCURS WHEN LIBRARY CLIENTS UNABLE TO LOCATE EMPTY TAPE HOME POSITION WITH DRIVEENCRYPTION ENABLED
IT48964	1	IT48964 5698ISMSV 81L	OPERATIONS CENTER USERS WITH STATUSMONITIOR ENABLED MAY RUN INTO ISSUE WITH THE SERVER ACTIVELOG FULL

Security vulnerabilities fixed in level 8.2.1

Security vulnerability	Abstract
CVE-2024-13009	IBM Storage Protect Server uses the Eclipse Jetty web server library in certain components; Jetty is vulnerable to improper handling of malformed gzip requests that may lead to request data corruption or leakage between sessions.
CVE-2024-6763, CVE-2024-8184	IBM Storage Protect Server uses the Eclipse Jetty web server library in certain components; Eclipse Jetty web server library is vulnerable to issues in certificate and protocol handling that could lead to denial-of-service.
CVE-2025-48924	IBM Storage Protect Server uses the Apache Commons IO library in certain components; Apache Commons IO is vulnerable to improper resource handling that may lead to denial-of-service when processing specially crafted input.
CVE-2025-47913, CVE-2025-47914, CVE-2025-58181	IBM Storage Protect Server uses the Golang crypto library in Object Agent and OSSM component. Golang crypto is vulnerable to Denial of Service.
CVE-2025-13855	IBM Storage Protect Server provides a JSON-RPC endpoint through which authenticated users can execute backend SQL SELECT queries and access data from internal database tables, potentially exposing administrative metadata.
CVE-2025-11226	IBM Storage Protect Server uses the logback-core library in certain components; the library is vulnerable to improper handling of certain inputs that could lead to denial-of-service under specific conditions.
CVE-2025-50106, CVE-2025-30749, CVE-2025-30761, CVE-2025-30754	IBM SDK, Java Technology Edition Quarterly CPU - July 2025 - Includes Oracle July 2025 CPU.
CVE-2026-1225	IBM Storage Protect Server uses the logback-core library in certain components; the library is affected by an input handling flaw that could allow specially crafted inputs to trigger a denial-of-service condition.
CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925	IBM SDK, Java Technology Edition Quarterly CPU - Jan 2026 - Includes Oracle January 2026 CPU.

[{"Type":"MASTER","Line of Business":{"code":"LOB69","label":"Storage TPS"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEGHY","label":"IBM Storage Protect"},"ARM Category":[{"code":"a8m3p000000hAZuAAM","label":"Server"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"and future releases;8.2.0"}]

Tips

APARs fixed in the IBM Storage Protect Server Version 8.2 levels

Fix Readme

Abstract

Content

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?