IBM Support

PI90598: CVE-2017-12613 for IBM HTTP Server

Download


Abstract

CVE-2017-12613 for IBM HTTP Server

Download Description

PI90598 resolves the following problem:

ERROR DESCRIPTION:
Potential information disclosure or denial of service in IBM HTTP Server.

PROBLEM SUMMARY:
The Portable Runtime APR bundled with IHS could allow a remote attacker to obtain sensitive information or cause a denial of service.

PROBLEM CONCLUSION:
The Apache Portable Runtime Utility code was updated to prevent this possible vulnerability.

This fix is targeted for IBM HTTP Server fix packs:
- 7.0.0.45
- 8.0.0.15
- 8.5.5.14
- 9.0.0.7

Prerequisites

Please download the UpdateInstaller below to install this fix for Version 7.0.

[{"PRLabel":"UpdateInstaller","PRLang":"US English","PRSize":"7250000","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/docview.wss?rs=180&uid=swg21205991"}]

Installation Instructions

Please review the readme.txt for detailed installation instructions.

[{"INLabel":"V85 Readme","INLang":"US English","INSize":"2326","INURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PI90598/8.5.5.13/readme.txt"},{"INLabel":"V80 Readme","INLang":"US English","INSize":"2327","INURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PI90598/8.0.0.14/readme.txt"},{"INLabel":"V70 Readme","INLang":"US English","INSize":"5321","INURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PI90598/7.0.0.43/readme.txt"},{"INLabel":"V90 Readme","INLang":"US English","INSize":"2402","INURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PI90598/9.0.0.6/readme.txt"}]

Download Package

NOTE: For the fixpack versions that have a fix file provided by the PI95670 interim fix, it is recommended that you use that newer interim fix which also includes the fix for PI90598.

On
[{"DNLabel":"9.0.0.6-WS-WASIHS-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"5149976","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=9.0.0.6-WS-WASIHS-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"9.0.0.5-WS-WASIHS-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"68291987","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=9.0.0.5-WS-WASIHS-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"8.5.5.13-WS-WASIHS-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"7874224","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=8.5.5.13-WS-WASIHS-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"8.5.5.12-WS-WASIHS-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"70677691","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=8.5.5.12-WS-WASIHS-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"8.0.0.14-WS-WASIHS-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"61295216","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=8.0.0.14-WS-WASIHS-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"8.0.0.13-WS-WASIHS-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"60671581","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=8.0.0.13-WS-WASIHS-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"7.0.0.43-WS-WASIHS-AixPPC32-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"1016815","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=7.0.0.43-WS-WASIHS-AixPPC32-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"7.0.0.43-WS-WASIHS-HpuxIA64-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"2626893","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=7.0.0.43-WS-WASIHS-HpuxIA64-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"7.0.0.43-WS-WASIHS-HpuxPaRISC-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"1008419","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=7.0.0.43-WS-WASIHS-HpuxPaRISC-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"7.0.0.43-WS-WASIHS-LinuxPPC32-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"451199","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=7.0.0.43-WS-WASIHS-LinuxPPC32-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"7.0.0.43-WS-WASIHS-LinuxS390-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"474897","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=7.0.0.43-WS-WASIHS-LinuxS390-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"7.0.0.43-WS-WASIHS-LinuxX32-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"419049","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=7.0.0.43-WS-WASIHS-LinuxX32-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"7.0.0.43-WS-WASIHS-SolarisSparc-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"881865","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=7.0.0.43-WS-WASIHS-SolarisSparc-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"7.0.0.43-WS-WASIHS-SolarisX64-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"450487","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=7.0.0.43-WS-WASIHS-SolarisX64-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null},{"DNLabel":"7.0.0.43-WS-WASIHS-WinX32-IFPI90598","DNDate":"03-15-2018","DNLang":"US English","DNSize":"1587285","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm/WebSphere&product=ibm/WebSphere/WebSphere Application Server&release=All&platform=All&function=fixId&fixids=7.0.0.43-WS-WASIHS-WinX32-IFPI90598&includeSupersedes=0","DNURL_FTP":"","DDURL":null}]

Technical Support

Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the WebSphere Application Server support web site (http://www.ibm.com/software/webservers/appserv/was/support/), or contact 1-800-IBM-SERV (U.S. only).

[{"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"IBM HTTP Server","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"},{"code":"PF035","label":"z\/OS"}],"Version":"7.0.0.43;8.0.0.13;8.0.0.14;8.5.5.12;8.5.5.13;9.0.0.5;9.0.0.6","Edition":"Advanced;Base;Enterprise;Network Deployment;Single Server","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
07 November 2018

UID

swg24044650