IBM Support

SI72576 - OSP-DB-OTHER-INCORROUT Complex SQL security fix

PTF Cover Letter


PTF ( Program Temporary Fixes ) Cover letter


Order this fix

Abstract

OSP-DB-OTHER-INCORROUT Complex SQL security fix


Pre/Co-Requisite PTF / Fix List

REQ  LICENSED           PTF/FIX  LEVEL

TYPE PROGRAM  RELEASE   NUMBER   MIN/MAX  OPTION
---- -------- --------- -------  -------  ------
PRE  5770SS1  V7R3M0    SI71635   00/00    0000
PRE  5770999  V7R3M0    MF64157   00/00    0000
PRE  5770999  V7R3M0    MF62624   00/00    0000
PRE  5770SS1  V7R3M0    SI62657   00/00    0000
PRE  5770999  V7R3M0    MF62560   00/00    0000
PRE  5770999  V7R3M0    MF61900   00/00    0000
CO   5770SS1  V7R3M0    SI71859   00/00    0000
CO   5770SS1  V7R3M0    SI68954   00/00    0000
CO   5770SS1  V7R3M0    SI68086   00/00    0000
CO   5770SS1  V7R3M0    SI67728   00/00    0000
CO   5770SS1  V7R3M0    SI65920   00/00    0000
CO   5770SS1  V7R3M0    SI65876   00/00    0000
CO   5770SS1  V7R3M0    SI65873   00/00    0000
CO   5770SS1  V7R3M0    SI65763   00/00    0000
CO   5770SS1  V7R3M0    SI63853   00/00    0000
CO   5770SS1  V7R3M0    SI63613   00/00    0000
CO   5770SS1  V7R3M0    SI63612   00/00    0000
CO   5770SS1  V7R3M0    SI63262   00/00    0000
CO   5770SS1  V7R3M0    SI61565   00/00    0000
CO   5770SS1  V7R3M0    SI60239   00/00    0000



NOTICE:
-------
Application of this PTF may disable or render ineffective programs that
use system memory addresses not generated by the IBM translator,
including programs that circumvent control technology designed to limit
interactive capacity to purchased levels.  This PTF may be a prerequisite
for future PTFs.  By applying this PTF you authorize and agree to the
foregoing.

This PTF is subject to the terms of the license agreement which
accompanied, or was contained in, the Program for which you are obtaining
the PTF.  You are not authorized to install or use the PTF except as part
of a Program for which you have a valid Proof of Entitlement.

SUBJECT TO ANY WARRANTIES WHICH CAN NOT BE EXCLUDED OR EXCEPT AS EXPLICITLY
AGREED TO IN THE APPLICABLE LICENSE AGREEMENT OR AN APPLICABLE SUPPORT
AGREEMENT, IBM MAKES NO WARRANTIES OR CONDITIONS EITHER EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OR CONDITIONS OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON INFRINGEMENT,
REGARDING THE PTF.

The applicable license agreement may have been provided to you in printed
form and/or may be viewed using the Work with Software Agreements (WRKSFWAGR)
CL command.


APAR Error Description / Circumvention

-------------------------------------------------
Complex SQL security fix

CORRECTION FOR APAR 'SE73081' :
-------------------------------
Complex SQL security fix.  CVE-2020-4345

CIRCUMVENTION FOR APAR 'SE73081' :
----------------------------------
None.


Activation Instructions

None.




Special Instructions

None.


Default Instructions

THIS PTF CAN BE APPLIED IMMEDIATE OR DELAYED.



Supersedes

PTF/FIX NO(S).  APAR TITLE LINE
--------------  ------------------------------------------------------------
   SI72340      OSP MULTIPLE INSERTS CAUSING MATRMD CONTENTION.
   SI72164      OSP-DB MSGSQL0332 binary input not tagged correctly for form
   SI72150      OSP-DB-OTHER-F/QQQVAP-T/QQQVAP-MSGMCH3601 MCH3402 MCH3601 CE
   SI71858      OSP-DB-OTHER-LOOP A COMPLEX CREATE VIEW STATEMENT RESULTS IN
   SI71824      OSP-DB-OTHER-F/QQQVAP-T/QQQVAP-MSGMCH3601 MCH3402 MCH3601 CE
   SI71562      OSP-F/QQQSVRTN-T/QQQSVRTN-MSGCPF426C-F/QQQSVRTN-T/QQQSVRTN-
   SI71562      OSP-DB-OTHER-INCORROUT ACCESSING DDS LF WITH S/O LOGIC USING
   SI71633      OSP-DB Internal Maintenance
   SI71254      OSP-DB Internal Maintenance
   SI71240      OSP-DB Invalid JSON_OBJECTAGG query not resulting in an erro
   SI71240      OSP-DB-MSGSQL0443 f/QSQFETCH t/QSQRUN2 when select from view
   SI71142      OSP-OTHER-PERFM A QUERY MAY NOT REUSE EXISTING OPTIMIZATION
   SI70314      OSP-DB-MSGSQL0332 on binary character input to JSON_TABLE fu
   SI69993      OSP-DB-OTHER-INCORROUT INCORROUT USING TEMPORAL SYSTEM_TIME
   SI69993      OSP SQL FUNCTION FAILS WITH SQL0551
   SI69529      OSP-DB-OTHER USING A FUNCTION MAY FAIL WITH CPD432C
   SI69311      OSP-DB-MSGCPD432D When inlining a complex UDTF.
   SI69175      OSP-DB-OTHER-F/QQQVFMT-T/QQQVFMT-MSGMCH1210 MSGMCH1210 F/QQQ
   SI69164      OSP-DB-OTHER-F/STRINGHIGHUSE4K-T/QQQVWCMP-MSGMCH0601 CPF4204
   SI69008      OSP-DB-OTHER-F/QSQXCUTE-T/QSQXCUTE-MSGSQL0330 RUNSQLSTM CREA
   SI68953      OSP-DB-OTHER-F/QQQVSEL-T/QQQVSEL-MSGMCH3601 MSGMCH3601 F/QQQ
   SI68863      OSP-MSGCPI4323 ACCESS PATHS REBUILT WHEN THEY MAY NOT NEED T
   SI68860      OSP-DB-OTHER-F/QQQSRVI1-T/QQQVFMT-MSGCPF9898 UPDATE_SS_UDF_E
   SI68859      OSP-DB-OTHER-F/QQURA-T/QQURA-MSGCPD4318 WHEN FORCING SQE_NAT
   SI68782      OSP-PAR-940XBASE INCREASE IN CPYTOIMPF RUN TIME AFTER UPGRAD
   SI68718      F/QQQSRVI1-MSGCPF9898 VWCMP - DID NOT FIND POINTER MSGCPF989
   SI68694      OSP-DB-OTHER-F/QLNRMAIN-T/QLNRMAIN-MSGLNR7207 WITH SQL UNIQU
   SI68647      OSP-DB-MSGCPF9898 f/QQQSRVI1 t/QQQOOODBOP NQE: *error* Unrec
   SI68612      OSP-DB-OTHER-F/QQQVWCMP-T/QQQVWCMP-MSGMCH3601 QUERY FAILING
   SI68588      OSP-DB-OTHER-MSGCPI0999 PERFORMANCE ISSUES CAUSED BY SEVERE
   SI68463      OSP-F/QQQOOODBOP-T/QQQOOODBOP-MSGMCH3601 MCH3601 F/QQQOOODBO
   SI68446      OSP-DB-OTHER-INCORROUT CREATE TABLE AS - IDENTITY COLUMN ATT
   SI68402      OSP-DB-OTHER-F/QQQOVALID-MSGCPF4131 MSGCPF4131 F/QQQVALID EV
   SI68402      F/QDMSIGNL-MSGCPF413 F/QDMSIGNL-MSGCPF4131 LVLCHK IS NOT ISS
   SI68213      OSP-DB MSGSQL0901 when operand of JSON_OBJECT contains a fun
   SI68167      OSP-DB-OTHER-F/DBPMTRAP-T/QQQOOODBOP-MSGMCH3203 MSGMCH3203 F
   SI68083      Internal Maintenance
   SI68014      OSP-DB-OTHER-F/DBOPAFFINITY-T/QQQOOODBOP-MSGMCH3203 OPEN OF
   SI67987      OSP-DB Reduce query space usage
   SI67964      OSP-F/MNRESOLVECONTEXT-T/QQQVWCMP-MSGMCH3401 MSGMCH3401 F/MN
   SI67947      QRY-OTHER-THREADS-UNPRED TRUNCATES OUT OF QQQSRVI1 CAUSE FRA
   SI67943      OSP-DB Database Monitor Internal Maintenance
   SI67882      Internal Maintenance
   SI67866      OSP-DB-OTHER-F/QQQSRVI1-T/*SAME-MSGMCH3601 QQALLOC_HEAP_SPAC
   SI67739      OSP-DB-PERFM INLINED SQL TABLE FUNCTION
   SI67729      OSP-DB-OTHER-F/QSQRUN3-T/QSQRUN3-MSGSQL0334 SETTING PARAMETE
   SI67488      OSP-DB-OTHER-F/STRINGHIGHUSE-T/QDBGETSQQO-MSGMCH3601 MSGMCH3
   SI67488      OSP-DB-OTHER-"Member V2 was opened with fewer open options"
   SI67420      OSP-DB-OTHER-INCORROUT UDTF - 'NO EXTERNAL ACTION'
   SI67096      OSP-F/QQQDBLOG-T/QQQDBLOG-MSGCPD4382 CPD4382 RECEIVED FOR GU
   SI67096      OSP-DB-OTHER-F/QSQXCUTE-T/QSQXCUTE-MSGSQL0129 SQL FAILING WI
   SI67321      OSP-DB INCORROUT SQL LATERAL JOIN
   SI67313      OSP-DB Database Monitor Internal Maintenance
   SI67214      OSP-DB-OTHER-F/QQQSRVV1-T/QQQSRVV1-MSGMCH3601 MSGMCH3601 F/Q
   SI67204      Internal Maintenance
   SI67097      OSP-DB-OTHER-F/<IDCONCRETE-T/QQQOOODBOP-MSGMCH3203 MCH3203 W
   SI66921      OSP-DB-OTHER-F/QQQVFMT-T/QSQRUN3-MSGCPD4311 STATEMENT TOO LO
   SI66882      OSP-DB-MSGCPF9898 f/QQQSRVI1 using large LOB global variable
   SI66871      OSP-DB-MSGCPF9898 F/QQQSRVI1 T/QQQOOODBOP (QQQDTQRO) using A
   SI66871      OPS-DB Change result data type of TO_TIMESTAMP to TIMESTAMP(
   SI66549      OSP-DB Database Monitor Internal Maintenance
   SI66464      OSP-DB-MSGMCH3203-RC1720 F/DBOPNODE-MSGMCH3203-RC1720
   SI66244      Internal Maintenance
   SI66181      Internal Maintenance
   SI66050      OSP-DB Internal Maintenance
   SI66030      OSP-DB IBM i enhanced support for LIMIT and OFFSET.
   SI65963      OSP-DB RETURN NULL ON NULL INPUT NOT WORKING CORRECTLY WHEN
   SI65963      Db2 for IBM i Internal Maintenance
   SI65954      OSP-DB IBM i enhanced support for LIMIT and OFFSET.
   SI65919      OSP-DB IBM i enhanced support for LIMIT and OFFSET.
   SI65875      OSP-DB IBM i enhanced support for LIMIT and OFFSET.
   SI65834      Internal Maintenance
   SI65761      OSP-DB IBM i enhanced support for LIMIT and OFFSET.
   SI65737      Internal Maintenance
   SI65715      OSP-DB-DB-OTHER-F/DBOPNODE-T/QQQOOODBOP-MSGMCH3203 MSGMCH320
   SI65499      OSP-MSGCPF426A USER DEFINED FUNCTION USING A VIEW THAT WAS R
   SI65411      Internal Maintenance
   SI65401      OSP-DB-OTHER-RC6-MSGCPD43A4 USING A FILE WITH RCAC IN AN SQL
   SI65365      OSP-DB Internal Maintenance
   SI65365      OSP-DB Internal Maintenance
   SI65327      OSP-DB System i enhanced support for LIMIT and OFFSET.
   SI65266      OSP-DB-OTHER-INCORROUT CPYTOIMPF THE WRONG DECIMAL POINT CHA
   SI65264      OSP-DB-OTHER Support to control data copy allowance for open
   SI65150      OSP-DB-OTHER-F/QQQVALID-T/QSQCRTV-MSGCPD437F WITH COMPLEX JO
   SI65032      OSP-DB System i LISTAGG SQL Function Multiple Fixes
   SI65015      OSP-DB-OTHER MSGCPD4328 F/QQQVFMT T/QDBRSPRE MSGCPF4278 F/QQ
   SI64995      OSP-DB-OTHER-F/QSQRUN3-T/QSQRUN3-MSGSQL0408 RUNNING AN UPDAT
   SI64995      OSP-DB-MSGMCH3203 f/DbstMdContextBase t/QQQOOODBOP mod/QQQOO
   SI64962      OSP-DB MSGMCH3402 F/QQQSRVE1 T/QQQSRVE1 AFTER DB GROUP 4 AND
   SI64962      F/ASSERT-MSGMCH3203-RC1720-MOD/ASSERT SP UPDATE SQL SENTENCE
   SI64503      F/QSQROUTS-MSGSQL0313 RANDOM SQL0313 ON TOOLBOX CONNECTION S
   SI64503      OSP-DB-MSGMCH3203 f/DbpmTrap t/QQQOOODBOP proc/CALLDBMAINTFO
   SI64503      OSP-DB-MSGMCH3203 f/DbpmTrap t/QQQOOODBOP proc/CALLDBMAINTFO
   SI64503      OSP-DB-MSGMCH3203 f/DbpmTrap t/QQQOOODBOP proc/CALLDBMAINTFO
   SI64503      OSP-SRCB6000317-UNPRED SYSTEM CRASH
   SI64474      OSP-DB-OTHER-F/QQQQUERY-T/QQQQUERY-MSGMCH3601 ON QUERY USED
   SI64457      OSP-DB-OTHER-INCORROUT DSPFFD SHOWS INCORRECT BUFFER INFORMA
   SI64455      OSP-DB-OTHER-F/QSQCRTV-T/QQQVSEL-MSGCPD4329 MSGCPD4329 F/QSQ
   SI64426      OSP-DB-OTHER-INCORROUT BIDI ISSUE.
   SI64255      Internal Maintenance
   SI64084      OSP-DB System i XML publishing function special character es
   SI63988      Internal Maintenance
   SI63983      OSP-DB-OTHER Rebuild Access Plan too often for partition tab
   SI63900      OSP-DB-OTHER-F/QDBIOERRQO-T/QSQRUN2-MSGCPF5023 MERGE STATEME
   SI63891      OSP-PAR PRESTART JOBS ARE NOT CLEANING UP MUTEXES WHEN ENDIN
   SI63866      OSP-DB Internal Maintenance
   SI63844      Internal Maintenance
   SI63824      OSP-DB-OTHER-F/QQQOPTIM-T/QQQOPTIM-MSGMCH3601 CREATING A VIE
   SI63783      OSP-DB WHEN CALLING A UDF *LIBL IS NOT BEING USED TO LOCATE
   SI63628      OSP-DB-MSGMCH3601 using inlined UDF with a parameter that ha
   SI63614      Internal Maintenance
   SI63582      OSP-DB System i MCH1210 when Upper with LOB col in CHECK con
   SI63532      OSP-DB-MSGMCH4429 using nested subqueries or nested UDTFs th
   SI63523      OSP-DB-OTHER-INCORROUT QSQPRCED DROP CREATE FUNCTION UDTF
   SI63521      OSP-DB-OTHER-INCORROUT INCORRECT FIELD CCSID AFTER REPLICATI
   SI63303      OSP-DB Internal Database Maintenance
   SI62959      OSP-DB-OTHER-F/QQQSRVE1-T/QQQSRVE1-MSGMCH3601 MSGMCH3601 F/Q
   SI62898      OSP-DB-MSGMCH3203 F/DbpmTrap T/QQQOOODBOP for invalid GROUP
   SI62898      OSP-DB-OTHER-INCORROUT ATTRIBUTE OF ID COL IN CREATE TABLE A
   SI62884      OSP-DB-MSGMCH5601 f/t RmslUnlockMiObject/QQQQEXIT executing
   SI62855      OSP-DB-f/QQQSRVV1-MSGCPD432D when inlining UDF with a select
   SI62830      OSP-DB-MSGMCH3203 f/DbpmTrap t/QQQOOODBOP using NULLIF scala
   SI62830      OSP-DB-MSGMCH3203 f/DbpmTrap t/QQQOOODBOP using recursive co
   SI62732      OSP-DB System i XML publishing function special character es
   SI62547      LIC-DB-PERFM improved expression evaluator performance
   SI62601      Internal Maintenance
   SI62558      OSP-DB Internal Database Maintenance
   SI62543      Internal Maintenance
   SI62533      OSP-DB Internal Database Maintenance
   SI62442      Internal Maintenance
   SI62418      F/QQQVALID-MSGCPD433F CPD433F F/QQQVALID T/QSQPREP
   SI62456      OSP-DB Internal Database Maintenance
   SI62288      OSP-DB-PERFM Unnecessary hard close of open data path for qu
   SI62288      OSP-DB-MSGCPD432B Query of UTF-16 global variable based on u
   SI62142      OSP-DB Internal Database Maintenance
   SI62132      OSP-DB Internal Database Maintenance
   SI61806      OSP-DB-PERFM Unnecessary access plan rebuild for query of vi
   SI61564      OSP-DB INFRASTRUCTURE
   SI61313      OSP-DB Internal Database Maintenance
   SI61221      OSP-DB Internal Database Maintenance
   SI61220      OSP-DB Internal Database Maintenance
   SI61145      OSP-DB-OTHER Allow more then 8192 literals values in a query
   SI60981      OSP-DB SQL Percentile Functions
   SI60889      OSP-DB SQL Regression Functions
   SI60798      OSP-DB Internal Database Maintenance
   SI60775      OSP-DB-OTHER-F/QQQOOODBOP/DBOPEXPRGETATTR-MSGMCH3601X/1 SELE
   SI60753      OSP-DB-OTHER-F/QQQSRVE1-MSGMCH3601 A MSGMCH3601 F/QQQSRVE1 F
   SI60608      OSP-DB-OTHER-UNPRED UNABLE TO CREATE VIEWS THAT CONTAIN CTES
   SI60527      OSP-DB Internal Database Maintenance
   SI60544      F/QDBCHGCT-MSGCPD32B2 DURING UPGRADE TO R730, 5770SS1 OPTION
   SI60394      OSP-DB Internal Database Maintenance
   SI60394      OSP-INCORROUT SQL GET DESCRIPTOR RETURNS ERRONEOUS VALUES FO
   SI60394      OSP-DB-OTHER-THREADS-F/QQQSRVE1-T/QQQSRVE1-MSGMCH3601 MCH360
   SI60332      OSP-DB Internal Database Maintenance
   SI60240      OSP-DB Internal Database Maintenance
   SI60106      OSP-DB-OTHER-PERFM Allow Psuedo close opens for special regi
   SI59938      OSP-DB Internal Database Maintenance
   SI59938      OSP-DB Internal Database Maintenance
   SI59938      OSP-DB Internal Database Maintenance
   SI60004      OSP-DB-OTHER-F/AIEAGERACTIVATOR-T/QQQUDFAC-MSGMCH4430 FTP OR
   SI59954      OSP-DB Internal Database Maintenance
   SI59937      OSP-DB Internal Database Maintenance
   SI59710      OSP-DB Internal Database Maintenance
   SI59707      OSP-DB Internal Database Maintenance
   SI59702      OSP-DB Internal Database Maintenance
   SI59633      OSP-DB-MSGCPD434C f/QQQQUERY t/QDBRSPRE on restore of SQL vi
   SI59633      OSP-DB Internal Database Maintenance
   SI59586      OSP-DB Internal Database Maintenance
   SI59564      OSP-DB-MSGMCH1210 f/QQQQUERY t/QQQQUERY proc/CRTNEWQDT
   SI59544      OSP-DB Internal Database Maintenance
   SI59544      OSP-DB-OTHER-F/DBPMTRAP-T/QQQOOODBOP-MSGMCH3203 MSGMCH3203 F
   SI59544      OSP-DB INCORRECT INFORMATION IN THE DESCRIPTORS PARAMTERS RE
   SI59494      OSP-DB Internal Database Maintenance
   SI59447      OSP QIBM_QQQ_QUERY_GOVR EXIT PROGRAM PASSED INCORRECT SQL ST
   SI59375      OSP-DB Internal Database Maintenance
   SI59340      OSP-DB Internal Database Maintenance
   SI59295      OSP-DB-OTHER-INCORROUT INCORRECT OUTPUT DEPENDING ON THE SPA
   SI59274      OSP-DB-OTHER-F/#MNRNRL-T/QQQVWCMP-MSGMCH3401 WITH SELECT FAI
   SI59257      OSP-DB Incremental Enhancement
   SI59251      OSP-DB-OTHER-F/DBOPAFFINITY-T/QQQOOODBOP-MSGMCH3203 RUNNING
   SI59174      OSP-DB Internal Database Maintenance
   SI59115      OSP-DB Internal Database Maintenance
   SI59037      OSP-DB Internal Database Maintenance
   SI59025      OSP-DB Internal Database Maintenance
   SI59025      OSP-DB-OTHER-F/DBPMTRAP-T/QQQOOOUPCL-RCX'1720'-MSGMCH3203 CR
   SI58939      OSP-DB Internal Database Maintenance
   SI58912      OSP-DB Internal Database Maintenance
   SI58901      OSP-DB-OTHER-INCORROUT OPNQRYF ON DDM FILE REFERENCING V6R1
   SI58534      OSP-DB Internal Database Maintenance
   SI58534      OSP-DB-OTHER-F/DBPMTRAP-T/QQQOOODBOP-RC1720-MSGMCH3203 STATE
   SI58534      OSP-F/QQQOOODBOP-T/QQQOOODBOP-MSGMCH1210 SQL SELECT FAILS WI
   SI58534      OSP-DB-OTHER Encoded Vector Index Include Case with Aggregat
   SI58534      OSP-DB-OTHER-INCORROUT INCORRECT CCSID IS USED WHEN CAST A G
   SI58534      OSP-DB-OTHER-F/QQOOOINV-T/QQQOOODBOP-MSGMCH3202 Function Err
   SI58534      OSP-DB Internal Database Maintenance

Summary Information

System..............................i
Models..............................
Release.............................V7R3M0
Licensed Program...............5770SS1
APAR Fixed..........................View details for APAR SE73081
Superseded by:......................View fix details for PTF SI76075
Recompile...........................N
Library.............................QSYS
MRI Feature ........................NONE
Cum Level...........................C0310730


IBM i Support

IBM disclaims all warranties, whether express or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. By furnishing this document, IBM grants no licenses to any related patents or copyrights. Copyright © 1996,1997,1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021 IBM Corporation. Any trademarks and product or brand names referenced in this document are the property of their respective owners. Consult the Terms of use link for trademark information.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"7.3","Product":{"code":"SG15V","label":"PTF Cover Letters - IBM i General"},"Component":"5770SS1","Edition":""},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"7.3","Product":{"code":"SG16H","label":"PTF Cover Letters - IBM i 7.3"},"Component":"5770SS1","Edition":""}]

Document Information

Modified date:
13 May 2021