Download
Downloadable File
| File link | File size | File description |
|---|---|---|
Abstract
Lists of fixes in IBM DataPower Gateway 10.0.1.x fix packs.
Download Description
Fix packs and firmware images are located in either Fix Central, Passport Advantage, or the Entitled Registry.
In IBM Documentation you can find information about new and changed features, limitations, and restrictions.
- For new features, see What's new.
- For changes, see What's changed.
- For limitations and restrictions, see the Release notes.
For integration with API Connect 10.0.1.x, the DataPower Gateway and API Connect releases must be within one fix pack of each other. For example, API Connect 10.0.1.n runs with DataPower Gateway 10.0.1.n, 10.0.1.n-1, or 10.0.1.n+1.
ATTENTION
10.0.1.9 - The support to process IBM Transformation Extender maps with a binary transform action are no longer included as a feature in the Integration Module and the B2B Module. If your existing configuration contains a processing rule that includes a binary transform action to process Transformation Extender maps, you must download and activate the new Transformation Extender Module. To validate whether you need this new module, export your complete configuration and search each domain configuration file for the tx-map command.
10.0.1.1 - Includes APAR IT34068 that addresses the inability to use keys that are stored on an HSM whether an HSM-equipped appliance or a network HSM. In versions earlier than 10.0.1.1, support for TLS version 1.3 prevented operations that use keys stored on an HSM.
10.0.0.0 - Adds support for TLS version 1.3 that required the following changes.
- Consider whether these changes impact your environment before you upgrade.
- FIPS mode is no longer available
- SSL version 2 is no longer supported
- When you create new TLS profile, the following changes apply that do not impact existing profiles.
- TLS version 1.0 is disabled by default for new TLS profiles
- 3DES ciphers are disabled by default for new TLS profiles
- In a stylesheet that uses the dp:get-cert-subject extension, an OID that was numeric might now be replaced by its textual equivalent. In 2018.4.1.x, this extension reported the OID as 2.5.4.97, but after upgrade reports this same OID as organizationIdentifier.
Important
- Before you install any fix pack or firmware image, review DataPower® Knowledge Collection on firmware updates.
- For more information about how to download DataPower® fix packs, see Fix download method.
- To download from Fix Central, go to the Fix Central.
- To download from Passport Advantage, go to the Passport Advantage Online for customers.
- 10.0.1.19
- 10.0.1.18 Includes new features.
- 10.0.1.17
- 10.0.1.16 Includes new features.
- 10.0.1.15 Includes new features.
- 10.0.1.14 Includes new features.
- 10.0.1.13 Includes new features.
- 10.0.1.12
- 10.0.1.11 Includes new features.
- 10.0.1.10 Includes new features.
- 10.0.1.9 Includes new features.
- 10.0.1.8
- 10.0.1.7
- 10.0.1.6sr1 This image is a security refresh for DataPower Gateway for Docker. This image is available from IBM Container Registry.
- 10.0.1.6 Includes new features.
- 10.0.1.5 Includes new features.
- 10.0.1.4 Includes new features.
- 10.0.1.3 Includes new features.
- 10.0.1.2 Includes new features.
- 10.0.1.1 Includes new features.
- 10.0.1.0 Includes new features. Includes no new APARs.
- 10.0.0.1 Includes new features.
- 10.0.0.0 Initial release and includes all APARs in 2018.4.1.11
10.0.1.19
Release date: 24 April 2024
Last modified: 24 April 2024
Status: Available
|
APAR
|
Description
|
| IT44537 | DATAPOWER MATCH ACTION MIGHT NOT ESCAPE URIS PROPERLY WHEN USING BACKSLASH CHARACTERS |
| IT45245 | DATAPOWER MIGHT RESTART WHEN MONITORING GATEWAYSCRIPT FILES FOR UPDATES |
| IT45298 | OAUTH CACHE UPDATES EXISTING ENTRIES RATHER THAN CREATE NEW ENTRIES |
| IT45308 | DATAPOWER MIGHT RELOAD WHEN TRANSACTIONS HAVE ERRORS AND CONNECTIONS TIME OUT ON MQV9+ OR MQMFT |
| IT45330 | API GATEWAY: UNABLE TO GENERATE CORRECT CONFIGURATIONS IF SWAGGER CONTAIN EQUIVALENT CASE-INSENSITIVE PATHS |
| IT45355 | UPDATE OPENSSL LIBRARY TO ADDRESS CVE-2023-567 |
| IT45357 | UPDATE OPENSSH LIBRARY TO ADDRESS CVE-2023-48795 |
| IT45514 | DATAPOWER RELOADS WHEN USING A LONG CONTEXT VARIABLE NAME WITH MANY DOT CHARACTERS |
| IT45542 | APIC ASSEMBLY FUNCTION ALLOWS DUPLICATE PARAMETER NAMES |
| IT45570 | DATAPOWER MIGHT RESTART WHEN HANDLING IMS HEALTH CHECKS |
| IT45582 | DATAPOWER MIGHT RESTART WHEN LOGGING TLS ERROR |
| IT45664 | DATAPOWER MQ TLS SNI SETTING NOT TAKING EFFECT |
| IT45666 | DATAPOWER MIGHT RESTART IF CLUSTER-BASED GATEWAY PEERING IS MODIFIED WHILE A PREVIOUS MODIFICATION IS BEING PROCESSED |
| IT45668 | UPDATE OPENSSH LIBRARY TO ADDRESS CVE-2023-48795 |
| IT45669 | UPDATE OPENSSL LIBRARY TO ADDRESS CVE-2024-0727 |
| IT45699 | GATEWAY EXTENSION PUSH WITH POLICY TYPE DP-IMPORT DOES NOT UPDATE THE CHANGES. |
| IT45742 | DATAPOWER MIGHT RELOAD WHEN SENDING MESSAGES FROM IDGMQ URL-OPENER HAS ERRORS. |
| IT45743 | DATAPOWER RELOADS WHEN MQV9+ HANDLER WITH ENABLED PARSE PROPERTIES AND THE RECEIVED MESSAGES EXCEEDS 16 KB |
| IT45764 | AN EBMS MESSAGE PROCESSING ERROR IS GENERATED WHEN STRICT COMPILE OPTION IS ENABLED |
| IT45769 | ERROR:14094417:SSL ROUTINES:SSL3_READ_BYTES:SSLV3 ALERT ILLEGAL PARAMETER |
| IT45773 | FLOAT IS ROUNDED DURING DEEP COPY OF JSON |
| IT45774 | MEDIUM SEVERITY VULNERABILITY IN GOLANG(CVE-2023-45289) |
| IT45777 | MEDIUM SEVERITY VULNERABILITY IN GOLANG CRYPT/X509 (CVE-2024-24783) |
| IT45787 | DATAPOWER MIGHT RESTART WHEN GENERATING A DOMINO-STYLE LTPA TOKEN |
| IT45820 | ERROR LOG SHOWS 2053 Q_FULL BUT FOUND THE MESSAGE IS NOT STAYED IN SYSTEM UNTIL IT COULD BEEN BACKOUT. |
| IT45829 | DATAPOWER HTTP/2 SERVER THROWING TLS ERRORS UNEXPECTEDLY |
| IT45830 | REMAINING ASSEMBLY COUNT LIMIT MIGHT GET UNSYNCED IF CLUSTER-MODE GATEWAY-PEERING IS USED FOR RATELIMIT |
| IT45833 | MEDIUM SEVERITY VULNERABILITIES IN GOLANG |
| IT45853 | DATAPOWER B2B AS4 SERVICE VARIABLES ARE NOT AVAILABLE IN B2B GATEWAY |
| IT45866 | UPGRADE OF A MULTI-GATEWAY CLUSTER TO 10.5.0.9 OR HIGHER MIGHT FAIL TO PERFORM CLOUD UPGRADE |
| IT45869 | QUOTA ENFORCEMENT CANNOT DELETE RATE LIMIT KEY WHILE CLUSTER-MODE GATEWAY PEERING IS USED |
| IT45899 | APIC NESTED V5C SWITCH POLICY WITH AN EMPTY OTHERWISE CLAUSE FAILS TO LOAD. |
| IT45930 | DATAPOWER MIGHT RESTART WHEN MIGRATING XSLT MANUALLY FROM APIC V5 |
| IT45944 | ADDRESS LOW SEVERITY VULNERABILITY IN OPEN VM TOOLS (CVE-2023-20867) |
10.0.1.18
Release date: 1 March 2024
Last modified: 1 March 2024
Status: Available
|
APAR
|
Description
|
| IT44150 | GW SERVICE RESTART DURING A DRR CAUSES CLEARING ISSUE WITH EXTENSION DEPLOYER |
| IT44405 | DATAPOWER ON CONTAINER PLATFORM CANNOT DECRYPT MASKED PASSWORDS |
| IT44823 | DATAPOWER MQ V9+ QUEUE MANAGER MIGHT FAIL WITH MQRC_SSL_INITIALIZATION_ERROR (RC 2393) |
| IT44917 | DATAPOWER SIDECAR MIGHT NOT SHUTDOWN CORRECTLY CAUSING A SYSTEM RELOAD |
| IT44959 | SUPPORT MESSAGE PROPERTIES IN AS4 USER MESSAGES |
| IT44975 | KAFKA HANDLER IS IN SLOW PERFORMANCE AFTER THE QUEUE IS EMPTY |
| IT45008 | MPGW MQ CANNOT SET RESPONSE HEADER THROUGH XSLT OR GWS PROPERLY |
| IT45057 | APIGW RELOAD WHEN MULTIPLE GATHER-AND-SEND LOG POLICIES ENFORCED |
| IT45086 | DATAPOWER COULD EXPERIENCE AN ABRUPT RELOAD IF V5E IN APIC V10 IS APPLIED. |
| IT45129 | APIGW RESPONSE CACHE STOPS WORKING AFTER CACHING INITIAL REQUEST |
| IT45132 | DATAPOWER MIGHT NOT RELEASE ALL MEMORY WHEN USING HTTP/2 PROTOCOL HANDLER |
| IT45133 | APIC USER DEFINED POLICY UPLOAD MIGHT FAIL IF FILES SECTION ISEMPTY |
| IT45134 | APIC GATEWAYSCRIPT MIGHT NOT RELEASE ALL MEMORY WHEN WRITING TO SESSION OUTPUT WHEN USING APIM MODULE |
| IT45144 | APIC GATEWAY SERVICE DOES NOT COME UP DUE TO PASSWORD |
| IT45159 | DATAPOWER MEMORY USAGE GROWTH WHEN ACCEPTING HTTP/2 TRAFFIC AS THE SERVER |
| IT45180 | DATAPOWER LDAP CONNECTION POOL ENTRIES PAGE SHOWS INCORRECT PORT NUMBER |
| IT45214 | DATAPOWER MIGHT RESTART WHEN COMPILING AN INVALID JSV |
| IT45227 | API SWAGGER FILE MAY BE DELETED WHEN THE API CONNECT GATEWAY SERVICE IS RESTARTED. |
| IT45254 | DATAPOWER MIGHT RESTART AFTER CLI COMMAND FLUSH-ANALYTICS-ENDPOINT-BUFFER |
| IT45321 | DATAPOWER MIGHT RESTART WHEN HANDLING LDAP HEALTH CHECKS |
| IT45323 | MEDIUM SEVERITY VULNERABILITY IN NODE.JS MSGPACKR MODULE (CVE-2023-52079) |
| IT45337 | MEDIUM SEVERITY VULNERABILITY IN IBM JRE (CVE-2023-22081, CVE-2023-5676) |
| IT45340 | OAI3 FORM DATA IS NOT BEING RECOGNIZED |
| IT45341 | FOR OAI3, THE PRODUCES AND SOAPELEMENTNAME CONFIG INFORMATION IS GENERATED INCORRECTLY |
| IT45347 | WHEN USING PIV AUTHENTICATION LOGIN AND LOGOUT BEHAVIOR PREVIOUSLY LOOPED |
| IT45359 | MQV9 HANDLER CANNOT GET THE CORRECT SIZE OF THE PARSED INPUT MESSAGE VIA VAR://SERVICE/INPUT-SIZE |
| IT45367 | MEDIUM SEVERITY VULNERABILITY IN GO (CVE-2023-39326) |
| IT45368 | DATAPOWER UNEXPECTEDLY RESTARTS AFTER DELETING DOMAIN WITH AMQP HANDLER |
| IT45387 | APIC RATE LIMIT DATA MIGHT NOT DISPLAY CORRECTLY IN STATUS PROVIDER |
| IT45393 | APIC GATEWAY PEERING IN CLUSTER MODE CANNOT USE STRICT RATE LIMIT POLICY |
| IT45402 | APIC GATEWAY SERVICE FAILS TO START IF DOMAIN NAME IS JUST A NUMBER |
| IT45404 | APIC LOG POLICY NOT BEHAVING CORRECTLY |
| IT45406 | DATAPOWER DOMAIN CANNOT BE DELETED AFTER APIC CONFIGURATION IS LOADED |
| IT45441 | APIC CUSTOM POLICY DEPLOY FAILURE LEADS TO CONFUSING ERRORS IN LOG |
| IT45455 | APIGW DOES NOT PROCESS MULTIPART MESSAGE WITH BAD BOUNDARY CORRECTLY |
| IT45495 | DATAPOWER AND APIC GATEWAY VULNERABILITY IN JRE CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2023-33850 |
| IT45576 | CRITICAL SEVERITY VULNERABILITY IN NODE.JS |
10.0.1.17
Release date: 8 December 2023
Last modified: 8 December 2023
Status: Available
|
APAR
|
Description
|
| IT43302 | GATEWAY PEERING USING TLS MIGHT LEAK MEMORY |
| IT43425 | DATAPOWER KAFKA CLUSTER NAME MUST BE LIMITED TO 60 BYTES OR LESS INCLUDING THE DOMAIN NAME |
| IT44179 | ORIGINAL URL IN REDIRECT EI FLOW SHOULD RETURN DOMAIN NAME |
| IT44212 | ALLOCATED MEMORY DOES NOT MATCH CONFIGURED MEMORY FOR A TENANT |
| IT44514 | DataPower GatewayScript indexOf and lastIndexOf functions fail on a Buffer object |
| IT44538 | DATAPOWER MIGHT UNEXPECTEDLY RELOAD WHEN COMPLETING A DISPATCHED TASK |
| IT44544 | TENANT MANAGEMENT INTERFACES MIGHT BE INACCESSIBLE AFTER A SECURE RESTORE |
| IT44732 | APIC PARAMETER INLINE VARIABLE SUBSTITUTION MIGHT NOT RELEASE ALL MEMORY USED |
| IT44752 | WRONG PAYLOAD MIME TYPE IN OUTGOING EBMS3 GZIP MESSAGES |
| IT44766 | DATAPOWER MIGHT RESTART WHEN USING HTTP/2 |
| IT44768 | DUPLICATE X-GLOBAL-TRANSACTION-ID HEADER RESPONDED TO THE CLIENT IF IT EXISTS IN THE REQUEST HEADER |
| IT44788 | GRAPHQL INCORRECT ARGUMENT TO BACKEND SERVER |
| IT44799 | APIM.SETVARIABLE FUNCTION FAILS WHEN THE VALUE IS THE RESULT OF A QUERYSTRING.PARSE FUNCTION |
| IT44803 | FIX THE RATELIMIT TOKEN FROM LAST INTERVAL TO CONSUME THE LAST REMAINING INSTEAD OF REJECTING. |
| IT44822 | DATAPOWER MIGHT RESTART IF ASSEMBLY LOG ACTION DOES NOT SPECIFY A LOG LEVEL |
| IT44826 | DATAPOWER MIGHT RELOAD WITH HTTP CLIENT TRAFFIC |
| IT44843 | APIC GATEWAY EXTENSION OR POLICY ZIP CREATED ON WINDOWS OS CANNOT BE IMPORTED TO THE GATEWAY |
| IT44844 | PROBE MIGHT NOT RELEASE ALL MEMORY WHEN STARTED AND THEN STOPPED |
| IT44845 | DATAPOWER OR APIC USE OF JSONATA $MATCH FUNCTION MIGHT CAUSE MEMORY GROWTH |
| IT44846 | USE OF $APICTX JSONATA FUNCTION MIGHT RESTART DATAPOWER |
| IT44861 | USER-DEFINED POLICY IN A MULTI-NODE CLUSTER MIGHT NOT BE ADVERTISED TO APIM |
| IT44874 | APIC GATEWAY SERVICE MIGHT LOG INCORRECT ERROR MESSAGES |
| IT44877 | DATAPOWER XML PARSER FAILS TO PARSE IF ENTITY REFERENCE HAS SPECIFIC SIZE IN RELATION TO INTERNAL BUFFERS |
| IT44903 | API CONNECT API RESULT ACTION MIGHT NOT RETURN ALL MEMORY IF THERE IS AN ERROR DURING THE TRANSACTION |
| IT44916 | PAYLOAD/DATA IS GETTING PRINTED IN ACTIVITY LOGS |
| IT44923 | MULTISTEP RULE CALLED FROM API GATEWAY CALLRULE FUNCTION DOES NOT PROPAGATE STATUS CODE AND REASON PHRASE |
| IT44962 | OAI YAML WITHOUT COMPONENTS SECTION CAUSES TYPEERROR: CANNOT READ PROPERTIES OF UNDEFINED (READING SCHEMAS) |
| IT44963 | APIS NOT PUBLISHING AFTER UPGRADE ERROR: MAXIMUM CALL STACK SIZE EXCEEDED |
| IT44969 | DATAPOWER MIGHT RESTART WHEN APIC ASSEMBLY LOG TRIES TO SEND NON-JSON DATA |
| IT44976 | TIMING WINDOW WHERE SOMEHOW PUBSUB RUNS PRIOR TO UPDATING THE SNAPSHOT |
| IT44978 | GATEWAYPEERINGCLUSTERSTATUS MIGHT NOT RELEASE ALL MEMORY |
| IT44987 | POLICYTITLE PROPERTY OF ERROR OBJECT DOES NOT HAVE VALUE IN GLOBAL ERROR RULE |
| IT44988 | DATAPOWER STORE:ENCRYPT/DECRYPT.XSL FAILS TO COMPILE WHEN STRICT COMPILE OPTION IS SELECTED |
| IT44991 | DATAPOWER AS4 MESSAGE WITH ENCRYPTED PAYLOAD IN SOAP BODY MIGHT FAIL TO DECRYPT ACCORDING TO SPECIFICATION |
| IT44992 | MODIFYING DATAPOWER GATEWAY PEERING OBJECTS MIGHT NOT CLOSE ALL EXISTING CONNECTIONS LEADING TO UNEXPECTED ERRORS |
| IT45033 | RESTARTING APIC-GW-SERVICE OR CHANGING ANALYTICS WHILE CATALOG UPDATES ARE PROCESSING MIGHT CAUSE UPDATES TO BE LOST |
| IT45034 | MEDIUM SEVERITY VULNERABILITY IN NODE.JS (CVE-2023-38552, CVE-2023-39333) |
| IT45065 | LOW SEVERITY VULNERABILITY IN REDIS (CVE-2023-45145) |
| IT45068 | MEDIUM SEVERITY VULNERABILITY IN NET-SNMP (CVE-2022-44792, CVE-2022-44793) |
| IT45493 | DATAPOWER B2B GATEWAY CPA FILE IMPORT FAILS DUE TO ADD AND WRITE PERMISSION |
10.0.1.16
Release date: 25 October 2023
Last modified: 25 October 2023
Status: Available
|
APAR
|
Description
|
| IT44026 | GETTING ENTRIES IN THE FAILURE NOTIFICATION STATUS WITH REASON CRASH AFTER UPGRADE TO 10.0.1.13. |
| IT44141 | API CONNECT GATEWAY SERVICE MIGHT RESTART IF MISCONFIGURED |
| IT44196 | API GATEWAY MIGHT RETURN UNEXPECTED 404 ERRORS FOR SOAP 1.2 REQUESTS |
| IT44360 | XPATH ROUTING MAP DOES NOT LOG CORRECTLY |
| IT44427 | DATAPOWER MIGHT RESTART IF DNS REQUEST HAS A TIMEOUT |
| IT44438 | API GATEWAY MIGHT NOT RETURN VALID SOAP ERROR RESPONSES FOR FAILED SOAP REQUESTS |
| IT44453 | URL SHOULD NOT BE ESCAPED IN ASSEMBLY-USER-SECURITY ACTIONS PROPERTIES |
| IT44461 | DATAPOWER MIGHT RESTART WHEN GENERATING ERROR REPORT ON STARTUP |
| IT44470 | IDG-X3 TEST HARDWARE COMMAND DID NOT SHOW POWER SUPPLY FAILURE |
| IT44481 | DATAPOWER TLS SNI SERVER OBJECT DOES NOT USE CORRECT CIPHER SUITES |
| IT44487 | WSDL ZIP ERROR |
| IT44507 | APIC ENCRYPTED PROBE DATA NOT RECORDED WHEN CERTIFICATE NAME IS SPECIFIED WITHOUT NAME PREFIX |
| IT44509 | FOR API GATEWAY SOAP REQUESTS MIGHT FAIL WITH 404 ERRORS BECAUSE DOCUMENT SIZE LIMIT EXCEEDS IN THE API ROUTING ACTION |
| IT44515 | IN A MULTI-GATEWAY CLUSTER, A COLLECTION MIGHT BE ERRONEOUSLY DELETED FROM ONE GATEWAY |
| IT44543 | GATEWAY PEERING SWITCH PRIMARY COMMAND MIGHT NOT RETURN MESSAGE FOR GATEWAY PEERING WHEN IN CLUSTER MODE |
| IT44557 | APIC RATE LIMIT MIGHT THROW UNEXPECTED RATE LIMIT EXCEEDED ERRORS |
| IT44558 | DATAPOWER MIGHT RELOAD WHILE A CSPPASSWORDALIAS IS CONFIGURED FOR A MQ V9+ QUEUE MANAGER |
| IT44580 | SUPPORT NULLABLE ENFORCEMENT IN OAI3.0 IN APIM/APIC |
| IT44588 | UPDATE GO LIBRARY TO 1.20.8 |
| IT44591 | API GATEWAY TEMPORARILY LOSES ASSEMBLY RATE/BURST LIMITS ON PUBLISH OR CONFIGURATION CHANGE |
| IT44605 | DATAPOWER EXTENSION FUNCTION DP:AUTH-INFO SHOULD INDICATE IF NO CERTIFICATE WAS PRESENTED IN RESULT XML NODE |
| IT44650 | DATAPOWER MIGHT RESTART DURING INSTALLATION WIZARD IF SHELL DISCONNECTS |
| IT44665 | DATAPOWER KEYGEN CLI COMMAND USES WRONG DEFAULT FOR SHA DIGEST |
| IT44716 | POTENTIAL DENIAL OF SERVICE VULNERABILITY IN OPENSSL (CVE-2023-4807) |
| IT44720 | MULTIPLE SECURITY ISSUES IN SECURE GATEWAY CLIENT |
| IT44748 | RAPID RESET DDOS VULNERABILITY (CVE-2023-44487 & CVE-2023-39325) |
| IT45049 | DATAPOWER SENDS GRAPHQL JSON PAYLOAD WITH AN ADDITIONAL KEY "OPERATIONTYPE", WHICH IS NOT TO THE STANDARD |
10.0.1.15
Release date: 30 August 2023
Last modified: 30 August 2023
Status: Available
|
APAR
|
Description
|
| IT42195 | MISSING HTTP CONTENT-SECURITY-POLICY RESPONSE HEADER IN WEBGUI |
| IT42964 | DOMAIN AVAILABILITY FEATURE DELAYS DOMAIN STARTUP FOR 1 MINUTE EVEN WHEN DISABLED |
| IT43003 | DataPower might leak memory when the probe is enabled |
| IT43809 | ADD SAMESITE ATTRIBUTE TO THE CSRFTOKEN COOKIE |
| IT43870 | THE APPLIANCE COULD BE RELOADED WHEN THE MQ-QM IS SHUT DOWN DUE TO NETWORK ERRORS, AND A NEW MQ CONNECTION IS INITIALIZED. |
| IT43925 | DATAPOWER GWS CANNOT FIND DEPENDENCY |
| IT43927 | DATAPOWER PARAMETERS DUPLICATE IN USER AGENT FOR BASIC AUTH CAUSING LARGER CONFIGURATION AND OVERHEAD |
| IT43943 | THE VARIABLE SUBSTITUTION DOES NOT CURRENTLY CHECK THE REPLACEMENT VALUE TO DETERMINE IF THERE ARE VARIABLES INSIDE OF IT |
| IT43995 | API GATEWAY DOES NOT RETURN RESPONSE BODY FROM BACKEND FOR REQUESTS WITH OPTIONS METHOD |
| IT44115 | DATAPOWER SSHD TASK ENCOUNTERED CHANNEL ERROR. |
| IT44126 | PARSE OAUTH REQUEST SCOPE VALUES FOR EXTRA WHITESPACES |
| IT44143 | C org creating incorrectly drives config sequence execution |
| IT44145 | ADD FRAME-ANCESTORS: SELF DIRECTIVE IN CONTENT-SECURITY-POLICY |
| IT44165 | APIC API ROUTING WILL FAIL IF URI IS ENCODED BUT THE API PATH IS NOT |
| IT44208 | API GATEWAY : UNABLE TO USE THE OAUTH SHARED SECRET FOR REGISTERING A GATEWAY SERVICE SET IN THE API MANAGEMENT SERVERS CLOUD |
| IT44231 | CERTIFICATE MISMATCH ERROR IN DATAPOWER LOGS |
| IT44237 | MQ OBJECT IS DOWN WHEN 20-LENGTH MQCHANNEL NAME IS SET |
| IT44240 | WSDL APIS THAT ARE SINGLE FILES MIGHT TRIGGER API GATEWAY UPDATES EVEN IF UNCHANGED |
| IT44255 | CONTINUOUS INCREASE IN MEMORY UTILIZATION AND NOT COMING DOWN. |
| IT44257 | KAFKA DP:URL-OPEN USING KEY PARAMETER MIGHT RESTART DATAPOWER |
| IT44262 | GATEWAY PEERING OBJECT CANNOT BE ASSIGNED TO ANYTHING ELSE AFTER BEING ASSIGNED TO PROBE-SETTINGS |
| IT44280 | APIC WEBHOOKS CANNOT BE PROCESSED EVEN AFTER MISCONFIGURATION IS CORRECTED |
| IT44281 | DATAPOWER MQ CLIENT ADDS SUPPORT FOR TLS 1.3 CIPHERS |
| IT44293 | APIC GATEWAY PEERING GROUP WHEN IN CLUSTER MODE SHOULD NOT BE OPERATIONAL STATE UP IF PEER IP ADDRESSES ARE DUPLICATED |
| IT44338 | DATAPOWER QUOTA ENFORCEMENT KEYS MIGHT NOT BE REMOVED AFTER SERVER IS MODIFIED/RESTARTED |
| IT44339 | APIC GATEWAY SERVICE MIGHT LEAK TEMPORARY FILES IF FILESYSTEM IS FULL |
| IT44340 | APIC ASSEMBLY FUNCTION MAY BE IN OPERATIONAL STATE UP EVEN IF PARAMETERS ARE MISCONFIGURED |
| IT44341 | APIC DEVICE MIGHT RESTART WHILE ROUTING A REQUEST IF API DEFINITION IS MISSING ASSEMBLY |
| IT44351 | USE OF JAEGER TRACING CAUSES V5 EMULATED POLICIES TO FAIL |
| IT44381 | DATAPOWER FORCES CLOUD POLICY UPDATE. |
| IT44383 | SUBSCRIPTION LOSS AFTER UPDATES. |
| IT44630 | CREATING APIC PROBE CAPTURE SETTING MIGHT RESTART DATAPOWER |
| IT44654 | UPDATE NODE.JS TO ADDRESS MULTIPLE CVES |
| IT44649 | DENIAL OF SERVICE VULNERABILITY IN NODE SEMVER PACKAGE (CVE-2022-25883) |
10.0.1.14
Release date: 28 June 2023
Last modified: 28 June 2023
Status: Available
|
APAR
|
Description
|
| IT39216 | DATAPOWER ON DOCKER DOES NOT SAVE SNMP COMMUNITIES OR CUSTOM WEBGUI USER AGENT |
| IT41799 | ZE IT41039 FIX APAR - RELOAD MIGHT OCCUR WHEN URLOPEN HAS INCORRECT ENDPOINT SYNTAX |
| IT43107 | CANNOT DELETE PASSWORD MAP OR CRYPTO KEY OBJECT WHEN THE SSH CLIENT PROFILE ASSOCIATED WITH IT IS DELETED |
| IT43125 | HTTP2 BASED CLIENTS USING AN EXPECT HEADER WITH A VALUE OF 100-CONTINUE CAN CAUSE RELOAD |
| IT43150 | APIC GATEWAY MIGHT RESTART WHEN USING API DEBUG PROBE AND A GATEWAYSCRIPT ASSEMBLY IN THE GLOBAL ERROR RULE |
| IT43251 | APIC DURING DRR WITH A LARGE AMOUNT OF CATALOGS, THERE MIGHT BE A TEMPORARILY INCONSISTENT CATALOG LIST |
| IT43409 | SELF BALANCING MIGHT FAIL TO REGISTER ALL CONFIGURED DATAPOWERS AND SERVICE. |
| IT43445 | DATAPOWER USER ACCOUNT IS NOT LOCKED WHEN WRONG PASSWORD IS USED TOO MANY TIMES |
| IT43506 | FORMAT OF CONTEXT VARIABLE OAUTH.VERIFIED_ACCESS_TOKEN.NOT_BEFORE IS NOT CORRECT. |
| IT43513 | APIC GATEWAY MIGHT RESTART WHEN GATEWAYSCRIPT THROWS AN ERROR SETTING MESSAGE HEADERS |
| IT43524 | ANALYTICS ENDPOINT MIGHT GO DOWN AND FAIL TO COME BACK UP |
| IT43593 | CONTEXT VARIABLE REQUEST.URI RETURNS INCORRECT URL IF USING HTTP2 |
| IT43595 | V5 EMULATION FRAMEWORK FAILS IF A MESSAGE HEADER HAS A NULL VALUE |
| IT43640 | DATAPOWER BOOT SWITCH FAILS WITH ERROR: SECONDARY INSTALL NOT AVAILABLE |
| IT43641 | COMPILATION OF XSLT WHICH USE DPFUNC:ZULU-TIME BY AN XML MANAGER WITH COMPILE OPTIONS POLICY MIGHT FAIL. |
| IT43681 | DATAPOWER HTTP/2 DOES NOT ALLOW USER TO SET THE :AUTHORITY HEADER |
| IT43703 | DATAPOWER X2/X3 DEVICE MIGHT HAVE UNUSUAL LATENCY WHEN USING DOCUMENT CACHE |
| IT43729 | APIC REQUEST USING TRACE METHOD MIGHT BE ROUTED INCORRECTLY |
| IT43730 | APIC SCOPE HANDLING REGRESSION IN V10.0.1.8 AND V10.5.0.X |
| IT43755 | VALIDATE POLICY FAILS TO FIND CORRECT WSDL |
| IT43769 | DATAPOWER RELOADS WHEN THE AMQP CLIENT STARTS |
| IT43773 | DATAPOWER MIGHT RESTART WHEN UNABLE TO CALCULATE LOGGING TIMESTAMP |
| IT43813 | AMQP CONNECTION HANDLING CAUSES UNEXPECTED RELOAD ON DATAPOWER |
| IT43814 | IN APIGW APIM.GETVARIABLE(REQUEST.PARAMETERS) SHOULD NOT RETURN PARAMETERS WHICH LOCATION IS HEADER |
| IT43839 | TOPIC STRINGS GREATER THAN 48 CHARACTERS LONG DO NOT WORK WITH DATAPOWER MQ V9+ CLIENT. |
| IT43850 | CHILD ELEMENTS MIGHT BE MISSING FROM RECEIPT WHEN PROCESSING AN AS4 MESSAGE WITH A ONE-WAY/PUSH MEP EXCHANGE |
| IT43852 | APIC GATEWAY RESTART WHEN REPARSING NESTED JSON COMPONENT |
| IT43853 | DATAPOWER MIGHT RESTART WHEN STARTING GATEWAY PEERING WITH MONITOR-PORT OR LOCAL-PORT ALREADY IN USE |
| IT43871 | APIC-GW-SERVICE IS IN PENDING STATE. |
| IT43873 | DATAPOWER MIGHT GENERATE UNRELATED ERROR MESSAGES IF AN SNMP QUERY IS MADE ON AN INVALID OR UNLICENSED OBJECT |
| IT43890 | INVOKE_1.5.0 AND PROXY_1.5.0 POLICIES SHOULD NOT ATTEMPT TO PARSE A MULTIPART RESPONSE BODY |
| IT43891 | ZE IT43288 FIX APAR - DATAPOWER HTTP/2 CLIENT MIGHT RESTART DEVICE WHEN UNDER LOAD |
| IT43899 | DATAPOWER OAUTH PROVIDER OPTIONS NOT DISPLAYING CORRECTLY IN UI |
| IT43900 | DATAPOWER HTTP/2 SERVER MIGHT RESTART |
| IT43907 | APIGW DEBUG PROBE TEMPORARY FILE TEMPORARY://APIGATEWAY-TID_*, IS NOT DELETED AND PILL UP |
| IT43915 | APIGW ASSEMBLY FUNCTION PARAMETER SUBSTITUTION CANT GET A DECODED VALUE |
| IT43917 | DPOD LOG DOES NOT SHOW SPACE NAME AS API DEBUG PROBE DOES |
| IT43919 | TLS PROFILES AT ORG AND CLOUD LEVEL MIGHT COLLIDE |
| IT43924 | APIC GATEWAY SECONDARY PEER NOT RESET |
| IT43931 | IBM DATAPOWER WEB UI IS NOT STABLE |
| IT43933 | POTENTIAL DENIAL OF SERVICE VULNERABILITY IN OPENSSL (CVE-2023-2650) |
| IT43935 | APIC JWT VALIDATE ISSUER CLAIM DOES NOT RESOLVE VARIABLE. |
| IT43980 | PROBLEM WITH PREFLOW GLOBAL POLICY IN V10 |
| IT44028 | ADDRESS FALSE-POSITIVE VULNERABILITY FINDINGS REPORTED BY SCAN UTILITIES |
| IT44112 | TIMING SIDE-CHANNEL IN GSKIT (CVE-2023-32342) FOR DATAPOWER |
| IT44114 | PROVIDE MITIGATION FOR MULTIPLE CVES |
10.0.1.13
Release date: 26 April 2023
Last modified: 26 April 2023
Status: Available
|
APAR
|
Description
|
| IT39416 | WEB APPLICATION FIREWALL INCORRECTLY BLOCKS ALL JSON TRAFFIC IF SQL INJECTION FILTERING IS ENABLED FOR A REQUEST PROFILE |
| IT41761 | DATAPOWER DOMAIN RESTART OR CONFIGURATION CHANGE MIGHT CAUSE SLM PEERING HASH ERRORS |
| IT42607 | LUNA HSM GROUP REMAINS DOWN AFTER STARTUP |
| IT42681 | GATEWAY POD FAILS READINESS CHECK AFTER RESTART WHEN FILESTORE EXTENSION IS REMOVE OR UPDATE |
| IT42988 | UNDOCUMENTED XSLT EXTENSION FUNCTION SIMPLEDATEFORMAT.FORMAT MIGHT RELOAD DATAPOWER |
| IT43070 | API FAILS IF REDACT 1.5 POLICY PARSE FAILS |
| IT43083 | DATAPOWER HTTP/2 CLIENT THROWS A TIMEOUT ERROR WHEN BACKEND SERVER PUTS ENDSTREAM FLAG IN HEADER FRAME. |
| IT43095 | DATAPOWER MIGHT RELOAD WHEN MEMORY CORRUPTION/EXHAUSTION OCCURS FROM AN MQ LIBRARY |
| IT43121 | ERROR RELATED SERVICE VARIABLES NOT SYNC WITH APIGW ASSEMBLY CONTEXT ERROR OBJECT IN V5E MODE |
| IT43122 | DataPower might unexpectedly reload after recommitting a routed API Path |
| IT43137 | INVOKE 1.5 IS NOT ENCODING PARAMETERS LIKE V5 DID |
| IT43155 | B2B GATEWAY PARSING ERROR FOR COMPRESSED MESSAGE |
| IT43156 | FOR APIGW THE CONTEXT VARIABLE CLIENT.APP.METADATA IS MISSING IN THE OAUTH FLOW |
| IT43157 | DataPower might restart under load |
| IT43161 | TLS PROFILES MIGHT FAIL TO SET TLSV1.3 CIPHERS IN SOME CASES. |
| IT43168 | APIM COMPATIBILITY MODULE FUNCTIONS ISJSON AND ISXML MIGHT FAIL |
| IT43202 | CERTAIN OBJECTS MIGHT NOT BE ABLE TO BE DELETED AFTER BEING USED BY GATEWAY PEERING OBJECT |
| IT43223 | APIC CANNOT DYNAMICALLY RECONFIGURE THE API CONNECT GATEWAY FROM THE API MANAGER |
| IT43232 | APIC RATE LIMIT REMAINING COUNTER MIGHT NOT BE CORRECT IF RATE LIMIT GATEWAY PEERING IF DOWN |
| IT43234 | APIC GLOBAL ERROR RULE MIGHT RESTART GATEWAY |
| IT43245 | DOWN TO ONE GATEWAY, QUORUM RECOVERY MIGHT CLEAR THE SUBSCRIPTION CACHE, RESULTING IN 401s FROM ALL APIS |
| IT43246 | Recovery of the peering quorum might result in 401s from all APIs on all gateways |
| IT43253 | APIC ACTIVITY LOGS MIGHT BE LOST WHEN USING THE ASSEMBLY LOG ACTION |
| IT43254 | APIC GATEWAY MIGHT RESTART IF SET VARIABLE POLICY USED TO SET A HEADER ON A NEW CONTEXT |
| IT43257 | DATAPOWER MQ V9 CLIENT MIGHT CAUSE A RESTART UNDER HEAVY LOAD |
| IT43264 | RATE LIMITS MIGHT PRODUCE INVALID 429 RATE LIMIT RESPONSES |
| IT43288 | DATAPOWER HTTP/2 CLIENT MIGHT RESTART DEVICE WHEN UNDER LOAD |
| IT43292 | DATAPOWER AMQP HANDLER WILL CYCLE STATE REPEATEDLY IF MISCONFIGURED |
| IT43298 | APIGW DOES NOT INCLUDE X-POST-BODY-IN HEADER WHEN CALLING THE AUTHENTICATION URL IN AN USER SECURITY ACTION |
| IT43318 | APIGW INVOKE ASSEMBLY ACTION CAN LEAK MEMORY IF RESPONSE IS SOAP ERROR |
| IT43331 | V5 EMULATION FRAMEWORK FAILS WHEN A CONTROL CHARACTER IS PRESENT IN THE API |
| IT43332 | V5 EMULATED POLICY IN A GLOBAL POLICY OUTPUTS INCORRECT RESPONSE PAYLOAD AND HTTP STATUS CODE |
| IT43340 | PLAN.SPACEID IS NOT AVAILABLE IN THE V5C CONTEXT |
| IT43358 | DATAPOWER HTTP/2 CLIENT TIMEOUT WHEN RST_STREAM FLAG IS RECEIVED |
| IT43359 | APIC SUBSCRIBER CACHE MIGHT GROW IN MEMORY FOR CERTAIN ERRORS |
| IT43360 | DATAPOWER MIGHT RESTART IF PASSWORD ALIAS IS REPEATEDLY MODIFIED IN A SHORT PERIOD OF TIME |
| IT43363 | DATAPOWER HTTP/2 PROTOCOL HANDLER MIGHT NOT CLEANUP STREAM IF GET REQUEST HAS CONTENT-LENGTH HEADER BUT NO DATA |
| IT43379 | APIC GATEWAY-PEERING-CLUSTER-REMOVE-STALE-NODE COMMAND MIGHT NOTWORK FOR PRIMARY STALE NODE |
| IT43389 | DATAPOWER AMQP HANDLER GOES INTO PENDING STATE WHEN PULLING MESSAGES |
| IT43390 | AMQP HANDLER MIGHT CRASH UNDER TRAFFIC |
| IT43393 | APIC GATEWAY SERVICE MIGHT LEAK SNAPSHOT DATA |
| IT43402 | DATAPOWER MIGHT UNEXPECTEDLY RELOAD WHILE TRYING TO READ A PAYLOAD OVER TLS WITH AN INVALID SESSION ID |
| IT43421 | Return the format of free memory in log message 0x804000a1 back to percent |
| IT43430 | DATAPOWER RELOAD WHILE ATTEMPTING TO VALIDATE AN INVALID ARGUMENT IN A GRAPHQL QUERY |
| IT43431 | APIC GATEWAY PEERING FAILS TO RESTART AND UNABLE TO RECOVER UNDER LOAD |
| IT43432 | API CONNECT GATEWAY SERVICE MIGHT NOT USE UPDATED SERVICE PARAMETERS |
| IT43434 | DATAPOWER MIGHT RESTART WHEN INTERNAL LIMIT REACHED FOR LARGE NUMBER OF DOMAINS |
| IT43441 | DEFAULT CIPHER CONFIGURATION MIGHT NOT PROVIDE PERFECT FORWARD SECRECY |
| IT43474 | DB2 CONNECTION ERRORS, DB2 DRIVER UPDATED |
| IT43475 | APIC API PATH PARAMETER SETTINGS MIGHT RESTART GATEWAY |
| IT43487 | APIC ANALYTICS ENDPOINT DOES NOT RECOVER MEMORY WHEN SENDING TO A KAFKA-CLUSTER THAT IS DOWN |
| IT43500 | API CALL MIGHT HANG IF RATE LIMIT GATEWAY PEERING IS DOWN |
| IT43519 | APIC PATH REGULAR EXPRESSION DOES NOT CORRECTLY ESCAPE PARENTHESES |
| IT43551 | APIC GATEWAY MIGHT RESTART WHEN CHANGING CONFIGURATION UNDER LOAD |
| IT43572 | APIC USERDEFINEDPOLICY THAT HAS ONEOF PROPERTY IS NOT GENERATING CORRECT DATAPOWER CONFIGURATION |
| IT43640 | DATAPOWER BOOT SWITCH FAILS WITH ERROR: SECONDARY INSTALL NOT AVAILABLE |
| IT43661 | ADDRESS VULNERABILITY IN NODE.JS REPORTED IN CVE-2023-23920. |
10.0.1.12
Release date: 22 February 2023
Last modified: 22 February 2023
Status: Available
|
APAR
|
Description
|
| IT41417 | DATAPOWER MIGHT RESTART WHILE CONFIGURING WEB APPLICATION FIREWALL |
| IT42057 | DATAPOWER SLM MIGHT RESTART WHEN PEER GROUP IS MODIFIED |
| IT42063 | DATAPOWER SLM EXTENSION FUNCTIONS DP:SLM-SET-THRESHOLD-* MIGHT WATCHDOG IF USED INCORRECTLY |
| IT42064 | APIC PARSE ASSEMBLY CONVERTING JSON TO XML CAN RESTART DEVICE IF JSON OBJECT PROPERTY SIZE EXCEEDS INTERNAL LIMITS |
| IT42421 | DATAPOWER MIGHT RESTART WHEN APIC PRODUCT PUBLISH |
| IT42488 | Unlimited rate limit for operation override not set properly |
| IT42521 | APIC GATEWAY SERVICE THROWS ERRORS AFTER SERVICE IS DEREGISTERED FROM THE API MANAGER |
| IT42524 | DATAPOWER MIGHT UNEXPECTEDLY RESTART WHEN TAKING A PACKET CAPTURE |
| IT42538 | APIC GATEWAY MIGHT RESTART IF TRANSACTION CANNOT COMPLETE |
| IT42571 | REFERENCE COUNT PROBLEM IN THE DYNAMIC MQ-QM OBJECT MIGHT CAUSE RELOAD |
| IT42616 | APIC JSON TO XML CONVERSION MIGHT NOT RECOVER ALL USED MEMORY |
| IT42655 | MIGRATED V5 GATEWAY EXTENSION RULES MIGHT THROW AN EXCEPTION IN SOME CASES FOR THE V10 API GATEWAY |
| IT42729 | MORE ERRORS IN THE INTERNAL CONFIGURATION CAN CAUSE DATAPOWER TO THROW 0X8100002E LOG MESSAGES AND ALERTS |
| IT42733 | APIC MEMORY GROWTH WHEN APIGW SENDS THE LOG TO ANALYTICS |
| IT42734 | DATAPOWER MIGHT RESTART IF PASSWORD ALIAS IS MODIFIED REPEATEDLY DURING DOMAIN RESTART |
| IT42735 | POSSIBLE MEMORY GROWTH WHEN GATEWAY PEERING IS CONFIGURED |
| IT42742 | DATAPOWER STATUS PROVIDER MIGHT BECOME STUCK SHOWING INCORRECT CPU USAGE VALUE |
| IT42755 | CONFIGURATION SEQUENCE ERROR FILES CREATED FOR PASSWORD ALIASES WHEN AN API IS DELETED |
| IT42804 | LEAKED GATEWAY TRANSACTIONS |
| IT42849 | API GATEWAY MIGHT RESTART WHEN API PROBE IS ENABLED AND A PARSE ASSEMBLY IS RUN ON NONEXISTENT CONTEXT |
| IT42955 | GATEWAYSCRIPT URLOPEN.OPEN INSTRUMENTATION MIGHT GIVE INCORRECT CONTENT-TYPE HEADER |
| IT42978 | DATAPOWER MIGHT RESTART WHILE GATEWAY PEERING IN CLUSTER MODE IS CONFIGURED WITH ADMIN DISABLED |
| IT42982 | DATAPOWER MIGHT RESTART WHILE CONFIGURING A GROUP OF GATEWAY PEER IN CLUSTER MODE |
| IT42983 | APIC GATEWAY MEMORY GROWTH WHEN GATEWAY FAILS TO RESEND THE ANALYTICS LOG TO THE SERVER |
| IT42984 | CONFIGURING ATTEMPT STREAMING RULE ON DATAPOWER RARELY MIGHT RESULT IN DATAPOWER RESTART WHEN COMPILING A STYLESHEET |
| IT42987 | APIGW UDP TYPE DOES NOT ALLOW VERSION WITH . IN THE FILENAME |
| IT42996 | PASSING NON-NUMBER $TIME PARAMETER FOR DPFUNC:ZULU-TIME() IN STORE:///UTILITIES.XSL MIGHT CAUSE A RESTART OF DATAPOWER |
| IT43160 | UPDATE OPENSSL LIBRARY TO ADDRESS MULTIPLE CVES. |
10.0.1.11
Release date: 14 December 2022
Last modified: 14 December 2022
Status: Available
|
APAR
|
Description
|
| IT40689 | OAUTH CONTROLLER DOESN'T CORRECTLY HANDLE HEADER FOR MTOM MESSAGES |
| IT41601 | "BYTES_SENT" AND "BYTES_RECEIVED" VALUES IN ACTIVITY LOG ARE SOMETIMES INCORRECT |
| IT41642 | DATAPOWER MIGHT RESTART DUE TO RACE CONDITION ON HTTP HANDLER |
| IT41910 | APIC API GATEWAY MIGHT RESTART IF LOCATION HEADER IS MISSING ON A REDIRECT |
| IT42076 | UNABLE TO DELETE AN ASSEMBLY CONTEXT VARIABLE IF ITS PARENT OBJECT DOES NOT EXIST |
| IT42089 | DATAPOWER MQ CLIENT TIMEOUTS SEEN WITH USERS OF MQ IMS BRIDGE |
| IT42162 | DATAPOWER GATEWAY MIGHT RESTART IF APIC RESTORE INCLUDES VERY LARGE NUMBER OF FILES |
| IT42249 | SECURITY FIX FOR JRE (CVE-2022-21626) |
| IT42255 | GRAPHQL QUERY CAN HAVE ONLY QUERY, OPERATIONNAME, AND VARIABLES KEYS. |
| IT42263 | CLOUD AND CATALOG WEBHOOKS PROCESSED IN PARALLEL CAN RESULT IN CATALOG DELETION |
| IT42293 | DATAPOWER MQ CLIENT V9+ SHOWS PENDING STATE WHEN DEPLOYED IN KUEBERNETS ENVIRONMENT. |
| IT42299 | DATAPOWER MIGHT RESTART AFTER GATEWAY PEERING IS DISABLED DURING DOMAIN RESTART |
| IT42336 | INVOKE_1.5.0 POLICY SUPPORT OF X-IBM-GATEWAY-INVOKE-V4-NOMAP-EMULATION API PROPERTY |
| IT42356 | EC CURVES OVER BINARY FIELD WHICH WERE DISABLED ARE NOW AVAILABLE AGAIN |
| IT42364 | INVALID GATEWAY PEERING PEER UPDATE LOCK STATE |
| IT42372 | "+ (%2)" IN THE QUERY PARAMETER "USERNAME" IS CONVERTED TO "(HALF-WIDTH SPACE)" |
| IT42375 | V5 EMULATED UDP FAILS TO RETRIEVE DATA FOR READINPUTAS FUNCTIONS |
| IT42400 | DATAPOWER MIGHT RESTART WHEN ADDING/DELETING PASSWORD OR WHEN RESTARTING DOMAIN |
| IT42406 | DATAPOWER APIC GATEWAY MIGHT RESTART IF OAUTH REVOKE URL IS UNDEFINED |
| IT42478 | APIC API PATH MIGHT BE OPERATIONAL EVEN WITH INVALID CONFIGURATION |
| IT42479 | APIC RATE LIMIT BECOMES INCORRECT FOR STANDALONE GATEWAY IF REMAINING IS EXCEEDED BEFORE CACHE IS CLEARED |
| IT42480 | FORM-DATA LENGTH ERROR. |
| IT42483 | GW MEMORY IS LEAKING WHEN RECOMMIT THE API COLLECTION IF THERE'S RATELIMIT IN THE TRANSACTION |
| IT42493 | APIC GATEWAY MIGHT RESTART IF API PATH WITH PARAMETERS IS MODIFIED |
| IT42510 | DATAPOWER GATEWAY MIGHT RESTART IF XML MANAGEMENT INTERFACE IS ENABLED WHILE APIC GATEWAY SERVICE IS PENDING |
| IT42520 | APIC V5C POLICIES MIGHT FAIL IF V5E POLICIES ARE REMOVED |
| IT42528 | COLLECTION MIGHT BECOME DETACHED FROM API GATEWAY |
| IT42543 | POTENTIAL REQUEST SMUGGLING VULNERABILITY (CVE-2022-35256) |
10.0.1.10
Release date: 26 October 2022
Last modified: 18 January 2023
Status: Available
|
APAR
|
Description
|
| IT31382 | EDITING A JSV OR FLUSHING IT FROM CACHE MIGHT RESTART IF IT PROCESSED TRAFFIC EARLIER |
| IT36173 | DATAPOWER MIGHT RESTART WHEN ACCESSING THE PEER GROUP FROM AN SLM POLICY THAT NO LONGER EXISTS. |
| IT38762 | MQRC_PROP_CONV_NOT_SUPPORTED ERROR WILL OCCUR WHEN DATAPOWER USES IBM MQV9+ |
| IT39395 | DATAPOWER MIGHT RESTART IF APIC OAUTH IS MODIFIED WHILE PROCESSING API |
| IT41159 | DATAPOWER MIGHT RESTART WHEN RUNNING THE SERVICE SHOW COMPONENT-FIRMWARE COMMAND. |
| IT41163 | DATAPOWER IBM MQV9+ OBJECTS CANNOT BE CONFIGURED WITH WEB SERVICE PROXY |
| IT41319 | DATAPOWER MIGHT RESTART AFTER 2 BILLION MESSAGES ARE LOGGED OVER SYSLOG-TCP |
| IT41352 | DATAPOWER UNABLE TO UPDATE HSM FW |
| IT41394 | TLS INTERMEDIARY CERTIFICATES MIGHT FAIL TO CLEAN UP IN V5C GATEWAY |
| IT41459 | APIGW DOES NOT USE THE LOG LEVEL FROM THE LAST ASSEMBLY LOG ACTION AT THE END OF THE TRANSACTION |
| IT41521 | HTTP RESPONSE HEADER SPACE TRUNCATED WHEN REASON PHRASE NOT INCLUDED |
| IT41551 | APIC RATE LIMIT INCORRECTLY ENFORCED FOR STANDALONE GATEWAY WHEN CACHE IS CLEARED |
| IT41552 | DATAPOWER MIGHT RESTART WHEN DPOD CONFIGURES DEVICE DURING BOOTUP |
| IT41558 | DATAPOWER SSH CLI CLIENT LOGIN MIGHT CAUSE SLOW MEMORY GROWTH |
| IT41600 | GATEWAY-PEERING INSTANCES LEAK KEYS. |
| IT41601 | BYTES_SENT AND BYTES_RECEIVED VALUES IN ACTIVITY LOG ARE SOMETIMES INCORRECT |
| IT41632 | IDG-MQ-QM STATUS IS STILL UP EVEN AFTER DISABLING ON MQ SERVER |
| IT41657 | POLICY RULE WEBAPI-V5E-POLICY-INVOKE-GSCRIPT FAILED WITH EXCEPTION DUE TO API PROPERTIES WITH NEWLINE |
| IT41677 | APIC APIM.GETVARIABLE(OAUTH.MISCINFO) RETURNS UNDEFINED |
| IT41678 | MEMORY SPIKES OR OUT OF MEMORY WHEN APIC CATALOGS REFRESHED. |
| IT41685 | REMOVE EXTRANEOUS API SCHEMA DEFINITIONS AND DUPLICATES FROM CONFIGURATION |
| IT41699 | DATAPOWER MIGHT RESTART WHEN SAVING CONFIGURATION AND NO OBJECTS HAVE BEEN CHANGED |
| IT41737 | RATE LIMIT ON API OPERATIONS IN DIFFERENT PRODUCTS MIGHT COLLIDE |
| IT41741 | DATAPOWER MIGHT RESTART WHEN INVALID MIME REQUEST SENT TO API GATEWAY |
| IT41776 | UPDATE DATAPOWER SECURE GATEWAY CLIENT TO 1.8.8FP1 AND NODE 14.20.0 |
| IT41786 | APIC UNCAUGHT EXCEPTION IN GATEWAY DIRECTOR WHEN WEBHOOK NOT SET |
| IT41794 | APIC DOES NOT ALLOW WILDCARD IN CORS RULE ALLOW-ORIGIN FIELD |
| IT41801 | APIC GATEWAY MIGHT RESTART WHEN API IS PUBLISHED |
| IT41802 | DATAPOWER MIGHT RESTART WHEN SHOW GATEWAY-PEERING-KEY-STATUS IS EXECUTED |
| IT41817 | THE RESPONSE HEADER SET BY HEADER-METADATA WONT PROPAGATE TO THE END OF TRANSACTION IF THERE IS AN INVOKE ACTION |
| IT41896 | API COLLECTION CONFIG CREATED AND CONFIGURED BUT IT IS NOT ADDED TO GATEWAY CONFIG |
| IT41908 | DATAPOWER MIGHT RESTART WHEN UPDATING PASSWORD_MAP |
| IT41936 | APIC API COLLECTIONS MIGHT BE MISSING WHEN AN API IS PUBLISHED WITH UNDEFINED UDP OR OTHER USER ERRORS |
| IT41963 | TENANT CANNOT ACCESS PORTS LESS THAN 1024 |
| IT42005 | DETECT DUPLICATE APIS |
| IT42051 | SQL METHOD TO_TIMESTAMP_TZ0 CAUSES DATABASE INSERT FAILURE |
| IT42060 | REMOVING TRUSTSTORE FROM TLS CLIENT PROFILE IN APIC IS NOT REFLECTED ON THE DATAPOWER GATEWAY |
| IT42095 | APIC PROCESSES UDP FROM SNAPSHOT IN WRONG ORDER |
| IT42101 | ON PASSWORD CHANGE, OTHER SESSIONS ARE NOT INVALIDATED (CVE-2022-40228) |
| IT42104 | DATAPOWER MIGHT RESTART DURING KERBEROS PROTOCOL TRANSITION |
| IT42141 | DATAPOWER MIGHT RESTART WHEN PARSE ACTION USES GRAPHQL DETECTION |
| IT42165 | INSECURE OPTION IN TLS CLIENT PROFILE FROM APIM HAS A DIFFERENT BEHAVIOR THAN APIC V5 |
| IT42166 | IF AN ERROR IS DETECTED IN A PLAN, THE PLAN SHOULD BE DISABLED. PREVIOUSLY THE WHOLE CATALOG WAS DISABLED. |
| IT42171 | REDACT_1.5.0 POLICY MIGHT CHANGE THE RETURNED STATUS CODE. |
| IT42203 | APIS WITH APPLICATION AUTHENTICATION MISSING PROPERTY AFTER MIGRATION FROM V2018 TO V10 |
| IT42231 | SECURITY UPDATE TO NODE.JS |
| IT42234 | DATAPOWER CANNOT CHANGE ENCRYPTION KEY ALGORITHM FROM THE DEFAULT RSA1_5 TO RSA-OAEP IN THE B2B MODULE |
| IT42300 | POTENTIAL CSRF VULNERABILITY IN WEB UI (CVE-2022-31773) |
| IT42667 | APIC API PATH ALLOW DOLLAR SIGN IN PATH WITH PATH TEMPLATE |
10.0.1.9
Release date: 24 August 2022
Last modified: 24 August 2022
Status: Available
|
APAR
|
Description
|
| IT38203 | DATAPOWER USES SNI HOSTNAME FOR HOSTNAME VALIDATION WHEN DISABLED FOR MQ CONNECTIONS |
| IT40045 | APIC-GW-SERVICE CAN LOSE CONFIG IN STARTUP CONFIG IF CONFIG SEQUENCE MODIFIES GWD AND USER LATER SAVES |
| IT40541 | DATAPOWER MIGHT RELOAD DUE TO API CONNECT ACTIVITY LOG GENERATION |
| IT40589 | API GATEWAY TAKING TRAFFIC WHILE CHANGING THE CONFIGURATION CAUSED RELOAD |
| IT40689 | OAUTH CONTROLLER DOES NOT CORRECTLY HANDLE HEADER FOR MTOM MESSAGES |
| IT40721 | DATAPOWER MIGHT RELOAD WHEN MODIFYING SNMP |
| IT40765 | API GATEWAY WEBSOCKET CALL DOES NOT USE PROXY POLICY CORRECTLY |
| IT40997 | DATAPOWER MEMORY-REPORT LOGS LIMITED BY 32-BIT REGISTERS AND CANNOT SHOW MEMORY SIZES BEYOND 4294967295 |
| IT41008 | DATAPOWER API GATEWAY MIGHT RELOAD WHEN PARSE ASSEMBLY RUNS A POST WITH NO DATA |
| IT41031 | FOR API GATEWAY, REDACTED DATA IN ASSEMBLY LOG ARE NOT MASKED FOR THE ERROR FLOW WHEN NO ROOT PROPERTY IS DEFINED |
| IT41039 | RELOAD MIGHT OCCUR WHEN URLOPEN HAS INCORRECT ENDPOINT SYNTAX |
| IT41043 | THE PROBLEMATIC POPULATED PATH VALUE OF DATE AND DATE-TIME TYPES RESULTS IN THE WRONG RESOLVED TARGET URL IN INVOKE |
| IT41078 | DATAPOWER MIGHT RELOAD WHEN THE CONNECTIONS ARE TIMED OUT ON MQ V9+ |
| IT41101 | ENHANCE SYSLOG-TCP LOG TARGETS TO IMPROVE CONCURRENCY THROUGHPUT AND PERFORMANCE |
| IT41112 | DATAPOWER FAILS TO PROCESS SQL DATA TYPE VARGRAPHIC INCLUDED IN THE DATABASE CURSOR. |
| IT41156 | FOR API GATEWAY WHEN A THIRD-PARTY OAUTH PROVIDER INTROSPECT URL CONTAIN QUERY PARAMETERS, THE QUERY PARAMETERS MIGHT BE TRUNCATED |
| IT41179 | SPACE ID IS NOT SET IN ANALYTICS DATA WHEN TWO API PLANS CONTAIN THE SAME API. |
| IT41246 | TENANT MEMORY DOES NOT MATCH THE ACTUAL MEMORY ALLOCATED TO A TENANT |
| IT41262 | DATAPOWER MIGHT RELOAD WHILE RUNNING API RULES AFTER DISABLING CERTAIN ACTION |
| IT41307 | IGNORE-EXPIRATION SETTING IS NOT HONORED TO QUOTA ENFORCEMENT SERVER TLS CONNECTION |
| IT41310 | DATAPOWER MIGHT LEAK MEMORY WHEN USING GATEWAYSCRIPT WITH DIFFERENT CONTEXT VALUES |
| IT41311 | THE EXTERNAL REVOCATION BASIC AUTH PASSWORD PROPERTY IS GENERATED WHEN ITS REFERENCED PASSWORD ALIAS DOES NOT EXIST |
| IT41350 | MTOM ROOT PART BODY TRUNCATED IF INVOKES CHUNKED-UPLOADS SET TO FALSE |
| IT41377 | MEMORY LEAK FOR TRANSACTIONS THAT USE MS:CALLRULE() TO CALL AN INVALID OR NONEXISTANT RULE |
| IT41385 | API GATEWAY MIGHT NOT BE DELETED DUE TO THE RELATED ANALYTICS ENDPOINT |
| IT41395 | IN API GATEWAY THE MECHANISM TO MASK THE CLIENT SECRET VALUE IN ANALYTICS DATA IS CASE SENSITIVE FOR HEADER NAME |
| IT41401 | APIC OAUTH TOGGLE AUTH HEADER PASSTHROUGH DELETES AUTHORIZATION HEADER |
| IT41414 | DATAPOWER WEB UI MEDIUM SECURITY VULNERABILITY CVE-2022-32750 CVE-2022-31774 |
| IT41419 | BACKSLASHES REMOVED FROM API DEFINITION ON API GATEWAY BUT NOT WHEN IN V5C COMPATIBILITY MODE |
| IT41433 | SECURITY UPDATE TO JRE TO ADDRESS CVE-2021-35561, CVE-2022-21434, AND CVE-2022-21443 |
| IT41442 | DATAPOWER AMQP CLIENT FAILS TO CONNECT TO EVENT HUB IN AZURE CLOUD ENVIRONMENT. |
| IT41446 | SECURITY UPDATE TO ITX TO ADDRESS CVE-2020-10531, CVE-2014-8147,CVE-2014-8146, AND CVE-2017-14952 |
| IT41448 | V5 CUSTOM POLICIES REGEX CHECK HAS TYPO |
| IT41450 | DATAPOWER MIGHT RELOAD WHEN GENERATING ERROR REPORT WHILE FFDC PACKET CAPTURE IS ENABLED |
| IT41574 | DUPLICATE OAUTH OBJECTS IN CONFIGURATION CAUSES SLOW PROCESSING OF CATALOG EVENTS |
10.0.1.8
Release date: 21 June 2022
Last modified: 21 June 2022
Status: Available
|
APAR
|
Description
|
| IT36680 | ENDPOINT REWRITE POLICY IS NOT SHOWN CORRECTLY IN WEBGUI AFTER WSP IMPORT |
| IT38064 | DATAPOWER WEBSPHERE JMS SOMETIMES GIVES ERROR 26 CONNECT_FAILED |
| IT39017 | RESULTS ACTION WITH "INPUT" AS INPUT CONTEXT AFTER PARSE ACTION WILL RESTART DATAPOWER |
| IT39614 | DATAPOWER MIGHT RELOAD WHEN EXECUTING API ASSEMBLY INVOKE |
| IT39825 | GATEWAYSCRIPT URLOPEN.OPEN() FOR HTTP/2 FAILS WITH TIMEOUT ERROR |
| IT40037 | DATAPOWER MIGHT RELOAD WHEN ROUTING APIC CALL USING SOAP BODY |
| IT40387 | APIC V5C: INVESTIGATE IMPROVING TLS DEPLOYMENT FOR CATALOGS |
| IT40583 | RAID DIRECTORY IS NOT CREATED FOR LOGSTORE FILES WHEN USING DATAPOWER ON DOCKER |
| IT40635 | FAILURE TO LOG TLS KEY DURING PACKET CAPTURE |
| IT40663 | FAILED TO SET RESPONSE STATUS CODE IN GATEWAYSCRIPT OF THE CALLED RULE |
| IT40664 | ADJUST VAR://SERVICE/MAX-ACTION-DEPTH TO BE A READ/WRITE VARIABLE |
| IT40753 | DATAPOWER WS-PROXY MIGHT LEAK QREF WHEN XML PARSING ERROR OCCURS |
| IT40760 | SET VARIABLE POLICY DOES NOT WORK FOR XML PAYLOADS |
| IT40767 | DATAPOWER MIGHT RELOAD WHEN RUNNING GATEWAYSCRIPT IF MQ QM IS NOT UP |
| IT40777 | DATAPOWER MIGHT RELOAD WHEN ADDING OR MODIFYING PASSWORD MAP USED BY B2B |
| IT40801 | MULTIPLE SECURITY ISSUES IN SECURE GATEWAY CLIENT |
| IT40823 | DP AS4 TRANSACTION COLLECTOR DATABASE ACCESS ERRORS/ AS4 TRANSACTIONS FAILING IN V10.0.1.4 |
| IT40856 | REQUIRED FORM PARAMETER CHECK COULD FAIL WHEN PROCESSING REQUESTS OF MULTIPART/FORM-DATA TYPE WITH NON-TEXT PAYLOADS. |
| IT40934 | REMOTE ACCESS TO DATAPOWER HANGS AFTER INPUTTING COPY COMMAND WITH SCP TARGET |
| IT40935 | DATAPOWER DOCKER RAID VOLUME MOUNT POINT MODIFIED |
| IT40946 | APIGW CRASHES IN ROUTING WHEN HANDLING THE SOAP WITH ATTACHMENTS MESSAGE |
| IT40957 | THROTTLER DOES NOT TRIGGER WHEN MEMORY EXCEEDS CONFIGURED THRESHOLD ON TENANTS |
| IT40964 | ADDRESS CVE-2022-24736 & CVE-2022-24735 FOR GATEWAY PEERING AND QUOTA ENFORCEMENT |
| IT40969 | SECURITY VULNERABILITY - XML ENTITY EXPANSION IN WEBGUI |
| IT41091 | DATAPOWER MIGHT RELOAD WHEN LOGGING SSL ERROR MESSAGES UNDER HIGH LOAD |
| IT41106 | APIC GATEWAY SERVICE DOES NOT WORK ON DOCKER DESKTOP 4.X |
10.0.1.7
Release date: 28 April 2022
Last modified: 28 April 2022
Status: Available
|
APAR
|
Description
|
| IT35779 | API GATEWAY REJECT GET REQUEST WHEN PARAMETER NAME CONTAINS A COLON |
| IT37659 | DATAPOWER RAID BATTERY HIGH TEMPERATURE WARNING CAN BE GIVEN INCORRECTLY AT 40 F IN 8441 X2 APPLIANCE |
| IT38066 | PING TEST SHOULD ALLOW USE OF HOST ALIAS |
| IT39549 | DATAPOWER MIGHT RESTART WHEN HANDLING MULTIPLE MQ SESSIONS |
| IT39604 | GATEWAYSCRIPT LOGGING JAVASCRIPT HEAP OUT OF MEMORY WHILE SESSION.OUTPUT.WRITE() CREATES CONSISTENT MEMORY GROWTH |
| IT39610 | DATAPOWER MIGHT RESTART WHEN ACTING AS SFTP CLIENT AND SFTP SERVER RETURNS INVALID UTF-8 IN THE FILENAME |
| IT39663 | DATAPOWER TENANT MISTAKENLY LOGS CPUS MISSING |
| IT39746 | API COUNT LIMIT MAY BE INCORRECT WITH AUTO-DECREMENT ENABLED |
| IT39795 | APIC - DELETING GATEWAY EXTENSION MIGHT NOT RESTORE PREVIOUS PARSE SETTINGS |
| IT39804 | SYSLOG COMMAND IN CLI DOES NOT FUNCTION AS CLI HELP OUTLINES. |
| IT39882 | CONTEXT.MESSAGE.STATUSCODE DO NOT SEND ERROR RESPONSE CODE TO ANALYTICS. |
| IT39912 | ERROR REPORT SECTION MEMSTATSBEFORERELOAD MAY NOT REPORT ACCURATE MEMTOTAL IN KUBERNETES ENVIRONMENTS. |
| IT39926 | DATAPOWER RMI INCORRECTLY REQUIRES JSON ORDERING FOR CERTAIN ACTIONS |
| IT39947 | API CONNECT GATEWAY PEERING OBJECTS CAN HAVE OPERATIONAL STATE UP EVEN WHEN 2 OBJECTS HAVE CONFLICTING PORTS |
| IT39948 | DATAPOWER MIGHT RESTART AFTER CORRECTING THE IP ADDRESS FOR GATEWAY PEERING |
| IT39989 | ZE APAR IT37691: DATAPOWER MIGHT RESTART WHEN AN API HAS LARGE NAMES FOR THE PATH, API, OR OTHER COMPONENT |
| IT40034 | APIC CONNECT GATEWAY SERVICE DOWN WHEN DOMAIN NAME IS LARGE |
| IT40038 | DATAPOWER FAILED TO BACKOUT MQ MESSAGE WITH INVALID CHARACTER. |
| IT40039 | LOGGED OUT FROM WEBGUI WHILE ATTACHING A POLICY SOURCE IN WS PROXY. |
| IT40073 | FAILURE PUBLISHING AN API OR CATALOG IF INCOMPLETE POLICY CONFIGURATION IS ENCOUNTERED |
| IT40078 | APIC GATEWAY PEERING OBJECT MAY BE UP EVEN IF AN INVALID IP ADDRESS IS SPECIFIED FOR A PEER OR CLUSTER NODE |
| IT40079 | APIC API DEFINITION NEW TOGGLE FOR ALLOW TRAILING SLASH |
| IT40097 | INVOKE_1.5.0 AND PROXY_1.5.0 POLICIES GENERATE A PARSE FAILURE FOR HTML RESPONSES |
| IT40132 | DATAPOWER MAY RESTART IF APIC REPUBLISHES WHILE API CALLS ARE BEING PROCESSED |
| IT40139 | DATAPOWER SOURCE MQ MFT FSH MAY HAVE ERROR WHEN PROCESSING MANY PARALLEL TRANSACTIONS |
| IT40152 | DATAPOWER SECURE GATEWAY OBJECT MIGHT GO INTO A PENDING STATE |
| IT40185 | DATAPOWER GATEWAY PEERING MAY LEAVE TCP CONNECTIONS IN CLOSE-WAIT STATE |
| IT40187 | APIC GATEWAY PROXY POLICY SHOULD APPLY TO ANALYTICS ENDPOINTS |
| IT40189 | APIC MEMORY GROWTH WHEN DISABLING MESSAGE BUFFERING AND USING PAYLOAD CONTENT TYPE |
| IT40264 | APIGW MIGHT RETURN INCORRECT CONTENT-ENCODING HEADER |
| IT40321 | DATAPOWER MIGHT RESTART WHEN CONFIGURING APIC PROBE DURING STARTUP |
| IT40341 | API GATEWAY RETURNS UNEXPECTED 404 NOT FOUND ERRORS WHEN REQUEST URL CONTAINS A PIPE CHARACTER IN THE PATH PARAMETER |
| IT40342 | GATEWAY PEERING PROCESSES MIGHT NOT BE TERMINATED PROPERLY WHEN CONFIGURATION CHANGES ARE APPLIED |
| IT40376 | ZE APAR IT32914: X-FORWARDED-FOR HEADER SHOULD BE SANITIZED FOR CORRECT ANALYTICS DATA |
| IT40377 | DATAPOWER RELOADS WHEN GATEWAYSCRIPT PROCESSING ERROR OCCURS DUE TO UNDEFINED VARIABLE |
| IT40395 | CLIENT-ID HEADER NOT SENT TO INVOKE_1.5.0 OR PROXY_1.5.0 POLICY BACKEND SERVER IN SOME INSTANCES |
| IT40420 | DATAPOWER MAY RESTART WHEN PREPARING TO COMPILE AFTER A CONFIGURATION CHANGE. |
| IT40500 | API CONNECT GATEWAY SERVICE MIGHT NOT BE USED SUCCESSFULLY FROM TENANTS |
| IT40510 | APIC CALLS ARE LOST OR RETURNED WITH A 404 ERROR MESSAGE AS READINESS OF GATEWAY IS SIGNALED TOO EARLY |
| IT40518 | API CONNECT RATELIMIT ASSEMBLY REPLENISH ACTION MIGHT NOT WORK CORRECTLY |
| IT40531 | B2B GATEWAY MAY FAIL TO DECOMPRESS RESPONSE WITH MULTIPLE ATTACHMENTS |
| IT40603 | PARSE SETTING VALUES ARE NOT WORKING IN APIC V10 |
| IT40640 | DATAPOWER SQL-EXEC FAILED TO RETRIEVE STORED PROCEDURE RESPONSE |
| IT41909 | API CONNECT V10, VALIDATION FAILS DUE TO WHITESPACE IN TLS CLIENT CERTIFICATES |
10.0.1.6sr1
Release date: 30 March 2022
Last modified: 30 March 2022
Status: Available
|
APAR
|
Description
|
| IT39994 | DATAPOWER GATEWAY POTENTIALLY VULNERABLE TO DOS (CVE-2022-22356, CVE-2022-22355) |
| IT40053 | IDG MEMORY GROWTH WHEN USING OAUTH AND API KEY FOR SECURITY |
| IT40215 | WHEN A DUPLICATE CATALOG SNAPSHOT IS RECEIVED FROM API MANAGER AFTER DRR IS INITIATED, API CONNECT GATEWAY SERVICE MIGHT NOT CREATE THE CATALOG |
| IT40243 | CLIENT SECURITY POLICY MAY NOT DETECT INVALID SUBSCRIPTION |
| IT40259 | DURING DRR, API CONNECT GATEWAY SERVICE MIGHT NOT PROPERLY REMOVE CATALOG SNAPSHOT DATA FROM GATEWAY PEERING DATABASE |
| IT40373 | POTENTIAL MODULE RESOLUTION ERROR IN GO IN DATAPOWER OPERATOR (CONTAINER ONLY) |
| IT40394 | POTENTIAL FLAWS IN NODE (CVE-2021-44532, CVE-2021-44531, CVE-2021-44533) |
| IT40487 | HEAP OVERFLOW IN ICU - DFDL (CVE-2020-10531, CVE-2014-8147, CVE-2014-8146, CVE-2017-14952) |
10.0.1.6
Release date: 21 February 2022
Last modified: 26 July 2022
Status: Available
|
APAR
|
Description
|
| IT41431 | GUI ALLOWS USERS TO VIEW AND EDIT FILES THAT ARE NOT ALLOWED TO BE READ VIA RBM ACCESS RIGHTS |
| IT36154 | API CONNECT DATAPOWER GATEWAY MIGHT RELOAD IF THE GATEWAY DIRECTOR CANNOT INITIALIZE |
| IT36680 | ENDPOINT REWRITE POLICY IS NOT SHOWN CORRECTLY IN WEBGUI AFTER WSP IMPORT |
| IT37041 | V5 API CALLS WITH TRAILING SLASH NOT WORKING WITH V10 |
| IT37575 | ADD SUPPORT OF MULTIPART/FORM-DATA CONTENT TYPE FOR REQUEST IN API GATEWAY |
| IT37657 | THE FIELD RESOURCE_ID INSIDE THE ANALYTICS COMPONENT IS NOT SAVING THE REAL RESOURCE, IT IS ONLY SAVING THE BASE PATH |
| IT37679 | MAKE THE DATA BUFFERED AUTOMATICALLY FOR ACTIVITY/ASSEMBLY LOGGING WITH PAYLOAD SETTINGS |
| IT37787 | DATAPOWER WEB APPLICATION FIREWALL ERROR POLICY OBJECT CONTAINS INCORRECT CHANGE/MODIFICATION ENTRIES |
| IT37925 | ADDRESS CVE-2021-32803 IN NODE-TAR |
| IT37997 | CANNOT SAVE THE DATA IN RAID ARRAY WHEN USING DOCKER ON LINUX CONTAINER IMAGE |
| IT38226 | API COLLECTION ROUTING PREFIXES NOT UPDATED AFTER V5 LEGACY ENDPOINT IS DISABLED |
| IT38228 | ERRORS IN THE INTERNAL CONFIGURATION CAN CAUSE DATAPOWER TO THROW 0X8100002E LOG MESSAGES AND ALERTS |
| IT38231 | MEMORY GROWTH WHEN USING GRAPHQL ASSEMBLY |
| IT38234 | IF VANITY HOSTNAME IS SAME AS GATEWAY HOSTNAME, /PROVIDER_ORGANIZATION/CATALOG/ SHOULD CONTINUE TO WORK |
| IT38252 | APIC API PLAN WITH SPACES IN NAME CANNOT BE PUBLISHED |
| IT38253 | DATAPOWER DPMON FILES ARE MISSING FROM ERROR REPORT |
| IT38254 | APIGW SHOULD MASK THE VALUE IN AUTHORIZATION HEADER BEFORE SEND TO THE ANALYTICS ENDPOINT |
| IT38263 | APIC V5 POLICY FAILS ON API GATEWAY WITH AN XML PARSE ERROR |
| IT38285 | DISABLING CSRF HEADER MIGHT IMPACT GUI ACTIONS |
| IT38301 | PRECONFIGURED V5 EMULATION POLICIES MIGHT BE REMOVED FROM CLUSTERED DATAPOWER AFTER RESTART |
| IT38309 | APIC HTTP/2 API CALL IS MARKED AS FAILED IN PORTAL ANALYTICS WHEN CALL WORKED |
| IT38368 | LOADING CERTIFICATES USING ANY ALGORITHM OTHER THAN RSA, DSA, OR ECDSA MIGHT RESTART DATAPOWER |
| IT38371 | APIGW RETURN 403 FORBIDDEN ERROR IF SECONDARY CLIENT_ID IS IN THE REQUEST BODY |
| IT38382 | WHEN OBJECT SUPPORT IS ENABLED FOR A DATA SOURCE, A DATABASE CALL MIGHT RESULT IN AN ERROR |
| IT38385 | APIC GATEWAY EXTENSION NOT APPLIED IMMEDIATELY AFTER DRR |
| IT38388 | V5E GATEWAY EXTENSION CLEANUP MIGHT FAIL TO COMPLETE |
| IT38392 | DATAPOWER - CANNOT SET CACHE-TIMEOUT TO NO TIMEOUT IN MQ QUEUE MANAGER FROM WEBGUI OR CLI |
| IT38401 | APIC API DEFINITION ALLOWS REQUESTS AFTER PUBLISH FAILS DUE TO DUE TO MISCONFIGURATION |
| IT38427 | DATAPOWER RESTART IN GATEWAY SCRIPT WHEN USING JWT GENERATOR |
| IT38480 | API CONNECT GATEWAY SERVICE MIGHT RELOAD AFTER ADDING TO CLUSTER |
| IT38550 | GET ?WSDL REQUESTS WITHOUT SECURITY CREDENTIAL WILL BE REJECTED BY API GATEWAY |
| IT38554 | APIC ROLE ASSIGN ACTION NOT TAKEN FOR GATEWAY PEERING AFTER REJOINING CLUSTER |
| IT38608 | DATAPOWER MIGHT RELOAD WHEN DOMAIN IS ENABLED AND RELOADED AT THE SAME TIME |
| IT38657 | DATAPOWER ISAM CLIENT DOES NOT HONOR DNS TIME TO LIVE (TTL) TIME AS ISAM HOSTNAME IS NOT CACHED. |
| IT38675 | DATAPOWER THROTTLE RESTART DUE TO LOW MEMORY AFTER APPLY FIX PACK 16 |
| IT38685 | PKCS12 ARTIFACTS CONTAINING A CHAIN AND PRIVATE KEY MIGHT NOT BE PARSED CORRECTLY |
| IT38697 | APIC OAUTH PROVIDER DOES NOT RETURN CORRECT VALUE IN X-SELECTED-SCOPE |
| IT38713 | HTTP VERSION TO SERVER NOT WORKING CORRECTLY IN WEB APPLICATION FIREWALL |
| IT38715 | APIC API PLAN RATE LIMITS SORT ORDER ALGORITHM NOT IMPLEMENTED CORRECTLY |
| IT38717 | VALIDATE POLICY MIGHT EXPERIENCE LATENCY IN RETRIEVING THE SCHEMA TO USE IN THE VALIDATION |
| IT38737 | FOR APIGW UNABLE TO GET THE UDP PROPERTY VALUE BY USING APIM.GETPOLICYPROPERTY() |
| IT38751 | NEW APIC CONTEXT VARIABLE FOR THIRD-PARTY LDAP AUTHENTICATION |
| IT38759 | DATAPOWER - CANNOT CONNECT SSH CONNECTION FROM SSH CLIENT |
| IT38763 | CLIENT IDENTIFICATION CHECK COULD FAIL WHEN NEW VERSION OF API IS CREATED |
| IT38773 | DATAPOWER B2B GATEWAY SERVICE SENDS SIGNED AS2 REQUEST WITH S/MIME ENVELOPED DATA INCORRECTLY |
| IT38774 | APIC V5 AND V5C ENHANCEMENT TO KEEP PREVIOUS TLS PROFILES IN CONFIGURATION IF APIM CANNOT BE REACHED |
| IT38775 | SMALL MEMORY GROWTH WHEN CONFIGURING GRAPHQL SCHEMA OPTIONS IN API PLAN |
| IT38777 | APIC REDACT ASSEMBLY ACTION MIGHT RESTART DATAPOWER |
| IT38778 | API CONNECT ASSEMBLY MIGHT CAUSE SMALL MEMORY LEAK |
| IT38779 | REDACT_1.5.0 POLICY MIGHT CAUSE A 500 RESPONSE WHEN REDACTING LOGS |
| IT38780 | INVOKE_1.5.0 POLICY SUCCESSFUL WHEN THE SOURCE V5 POLICY FAILS |
| IT38781 | INVOKE_1.5.0 POLICY MIGHT FAIL WHEN THE SOURCE V5 POLICY SUCCEEDS |
| IT38782 | AMU MIGRATED APIS WITH AN INPUT PARSE IMPLICITLY WRAPPED WITHIN A SWITCH |
| IT38784 | API CONNECT V5C RESPONSE TO OAUTH AUTHENTICATION MIGHT BE INCORRECT |
| IT38838 | MAP POLICY MIGHT BE CASE SENSITIVE FOR HEADER NAMES WITH SOME USE CASES |
| IT38844 | RETURN THE PERCENTAGE MEMORY FREE FIELD TO USE MEMORY FREE IN THE THROTTLER USAGE LOG 0X804000A1 MESSAGES |
| IT38873 | APIC V5 COMPATIBILITY MODE RETURNS NULL FOR APIM.GETVARIABLE(REQUEST,BODY) FOR A GET REQUEST |
| IT38891 | DATAPOWER MIGHT RELOAD IF HTTP/2 CLIENT TIMES OUT BEFORE RESPONSE IS SENT |
| IT38917 | APIGW VALIDATE ACTION IS TAKING A LONG TIME TO COMPLETE |
| IT38919 | MITIGATE VULNERABILITY IN REDIS CVE-2021-32626, CVE-2021-32675 |
| IT38922 | APIGW UNABLE TO GET UDP PROPERTIES THROUGH XSLT EXTENSION FUNCTION |
| IT38924 | APIC INVOKE POLICY DEFAULT PARAMETER CONTROL SHOULD BE AN EMPTY ALLOWLIST |
| IT38928 | DATAPOWER MIGHT RELOAD WHEN GATEWAY PEERING CLUSTER CREATE COMMAND IS USED |
| IT38936 | MAP OPTION TO CREATE REQUIRED SIBLING PROPERTIES OF OPTIONAL OBJECTS FAILS FOR LEAF PROPERTY MAPS |
| IT38937 | PROCESSING OF MALICIOUS REGEXP MIGHT CONSUME EXCESSIVE RESOURCES (CVE-2021-3807) |
| IT38954 | DATAPOWER MIGHT RELOAD WHEN PARSING A NULL INPUT DOCUMENT |
| IT38959 | LOAD BALANCER GROUP ALGORITHM WEIGHTED ROUND ROBIN MIGHT UNEXPECTEDLY RELOAD DATAPOWER |
| IT38962 | UNABLE TO SET HEADER WITH DOTS IN THE NAME WHEN USING APIM.SETVARIABLE() |
| IT39015 | DATAPOWER TENANTS ARE DISABLED WHEN DATAPOWER APPLIANCE IS RELOADED |
| IT39021 | IBM DATAPOWER GATEWAY MIGHT ALLOW JSON INJECTION (CVE-2021-38910) |
| IT39032 | DATAPOWER APIC GATEWAY RATE LIMIT COUNT OF CONCURRENT TRANSACTION NEVER DECREASES |
| IT39040 | IBM DATAPOWER GATEWAY MIGHT PERMIT HEADER INJECTION (CVE-2021-38944) |
| IT39044 | WITH PROBE ENABLED, INCORRECT 39 BYTE XML DECLARATION IS SHOWN INCORRECTLY FOR EMPTY CONTEXT FOR GATEWAYSCRIPT READASBUFFER() |
| IT39115 | DATAPOWER SSH CLIENT MIGHT CAUSE HIGH CPU WHEN ACTING AS AN SFTP CLIENT TO RETRIEVE A BIG FILE LIST |
| IT39117 | DATAPOWER ACCESS MANAGER CLIENT VERSION DEFAULT DOES NOT WORK CORRECTLY |
| IT39119 | FOR API CONNECT INTEGRATION, A DYNAMIC MQ URL OPEN CALL IN GATEWAYSCRIPT MIGHT RESTART DATAPOWER |
| IT39130 | MEMORY GROWTH OR RELOAD WHEN USING OAUTH FOR APIC SECURITY |
| IT39153 | DATAPOWER MIGHT RELOAD WHEN WS-PROXY CONFIGURATION IS CHANGED WHEN NOT QUIESCED |
| IT39154 | TRANSACTION MIGHT HANG AND NEVER COMPLETE IF CLIENT CLOSES TCP CONNECTION UNEXPECTEDLY TO THE APIGW |
| IT39155 | DATAPOWER MIGHT RESTART WHEN USING MULTISTEP PROBE |
| IT39157 | DATAPOWER JSON SCHEMA VALIDATION STRING FORMAT DATE AND DATE-TIME ALLOW FOR INVALID DAYS |
| IT39160 | DATAPOWER MAY UNEXPECTEDLY RESTART WHILE COLLECTING A PACKET CAPTURE |
| IT39161 | DATAPOWER MAY UNEXPECTEDLY RESTART, WHEN AN API IS BEING TESTED FROM APIC MANAGER TEST TOOL |
| IT39165 | SUPPORT NUMERIC TYPES OF OAI DEFINED DATA TYPES |
| IT39171 | DATAPOWER RELOAD WHEN USING API DEBUG PROBE WITH XSLT ASSEMBLY ACTION ERROR |
| IT39186 | USER REGISTRY FOR OAUTH CAN HAVE TLS PROFILE SET TO NONE ON DATAPOWER |
| IT39187 | JWE PRODUCED FROM THE EXAMPLE GATEWAYSCRIPT DOES NOT CONTAIN AN ENCRYPTED KEY PARAMETER |
| IT39203 | CONFIGURATION CHANGES IN API MANAGER MIGHT FAIL TO BE PROPAGATED ACROSS ALL GATEWAYS IN A CLUSTER |
| IT39232 | SAML ASSERTIONS ARE NOT PROCESSED WHEN SENT TO DATAPOWER IN AN HTTP URL QUERY STRING. |
| IT39289 | API GATEWAY - API COLLECTION MISSING AFTER RESTART OF THE GATEWAY |
| IT39299 | DATAPOWER WEBSOCKET UPGRADE MAY RESULT IN INCREASED FILE COUNT AND MEMORY GROWTH |
| IT39300 | DATAPOWER EXTENDED LATENCY LOG MAY HAVE EXTRA CHARACTERS WHICH MIGHT CAUSE ANALYTICS LOG ACTION TO FAIL |
| IT39342 | DATAPOWER MAY GROW IN MEMORY WHEN MQFTE URL OPENER FAILS TO PUT MESSAGES |
| IT39343 | GATEWAY MIGHT RESTART WHEN NO API COLLECTION OR API DEFINITION IS MATCHED |
| IT39384 | CLI COMMAND GATEWAY-PEERING-CLUSTER-REPLICATE SHOULD NOT ALLOW A DOWN PEER TO BE ASSIGNED AS THE PRIMARY |
| IT39436 | WHEN USING A APIC GATEWAY EXTENSIONS, ON RESTART THE GATEWAY MIGHT NOT PROPERLY CONFIGURE USER DEFINED POLICIES |
| IT39468 | DATAPOWER API GATEWAY MIGHT RESTART WHEN RUNNING AN ERROR RULE AFTER NO TARGET HAS BEEN MATCHED IN THE COLLECTION |
| IT39495 | MULTIPLE ISSUES IN SQL DRIVER |
| IT39504 | APIC GATEWAY ASSEMBLY RATE-LIMIT REJECTS REQUESTS WITH CODE 429 BEFORE REACHING THE CONFIGURED LIMIT |
| IT39513 | ASSEMBLY-OPERATION-SWITCH CAUSES MEMORY LEAK |
| IT39534 | DATAPOWER MIGHT RESTART WHEN REMOVING AN OBJECT FROM THE API RATELIMIT CACHE |
| IT39541 | SECURE GATEWAY CLIENT MIGHT HANG IN A UP OR PENDING STATE |
| IT39556 | DB2 ENDPOINT MAY CAUSE UNEXPECTED RELOAD OF DATAPOWER |
| IT39581 | WTX: XML NOT VALIDATING AGAINST DTD AS EXPECTED |
| IT39615 | MITIGATION FOR CVE-2021-22959 & CVE-2021-22960 |
| IT39630 | DATAPOWER GATEWAY USING MQ V9+ OBJECTS MIGHT RESTART IN PERIODS OF HIGH TRAFFIC |
| IT39660 | WHEN PRIMARY GATEWAY GOES DOWN, GWD NODE.JS PROCESS ENCOUNTERS UNHANDLED REJECTION AND RESTARTS ON OTHER GATEWAYS |
| IT39661 | IF API CONNECT PRIMARY GATEWAY IS RESTARTED SOME CATALOGS ON A SECONDARY GATEWAY MIGHT BECOME UNUSABLE |
| IT39669 | APIGW - PEER CLEAN UP CAN CAUSE WEBAPI INIT CHECK TO FAIL AFTER A RELOAD |
| IT39700 | UPDATE DATAPOWER JRE TO ADDRESS CVE-2021-35578 |
| IT39721 | WHEN API CATALOG CREATED AND IMMEDIATELY DELETED, GATEWAY PEERING DATA MIGHT REMAIN |
| IT39764 | SUPPORT API CLIENT ID THAT IS 37 CHARACTERS OR LONGER |
| IT39772 | REGRESSION OF IT36089 IN 10.0.1.4 |
| IT40374 | ADDRESS PROTOTYPE POLLUTION FLAW IN DOJO (CVE-2021-23450) |
10.0.1.5
Release date: 1 October 2021
Last modified: 1 October 2021
Status: Available
|
APAR
|
Description
|
| IT35948 | APIC GATEWAY DIRECTOR TLS CLIENT USING SNI WHEN NOT CONFIGURED TO USE SNI |
| IT36456 | DATAPOWER CAN CAUSE UNCOMMITTED MESSAGES IF MQ URLS WITH SYNC POINT TAGS ARE USED WITHOUT UNITS-OF-WORK SETTING IN MQ-QM OBJECT. |
| IT36675 | INVALID JSON SYNTAX ERROR MIGHT OCCUR WHEN DATAPOWER GATEWAY POD IS DELETED |
| IT36703 | DATAPOWER AMQP CONNECTIONS ARE NOT BEING TORN DOWN |
| IT36736 | DATAPOWER MIGHT RELOAD UNEXPECTEDLY WHEN MAKING AN MQGET CALL |
| IT36786 | DATAPOWER MAY WATCHDOG RELOAD WHILE STARTING UP AFTER A RELOAD |
| IT36859 | DATAPOWER MIGHT RESTART IF THE STYLEPOLICY CONFIGURATION IS CHANGED WHILE TRAFFIC IS USING THAT POLICY |
| IT37053 | DATAPOWER SQL TRACING FAILS TO CREATE ANY LOGS |
| IT37093 | DATAPOWER WTX INTERNAL ERROR. UNEXPECTED MAPPING ERROR. 200 AFTER UPGRADING TO 10.0.1.0 |
| IT37200 | :PORT FORMAT FROM THE SSH CLIENT KNOWN HOST TABLES |
| IT37244 | RATELIMIT MODULE CONCURRENT POLICY WORKS UNEXPECTEDLY ON API GATEWAY |
| IT37281 | SESSION.APIGATEWAY IS NOT RETURNING THE GATEWAY NAME |
| IT37332 | MAP POLICY DOES NOT PROPERLY RESOLVE MAP VARIABLE REFERENCE WITH ESCAPED PERIODS. |
| IT37334 | GUI BANNER SHOWS UNSAVED CHANGES WHEN SHOW NTP-SERVICE COMMAND USED |
| IT37348 | DATAPOWER MAY RELOAD DUE TO A HANG ON AN MQ SESSION |
| IT37354 | DATAPOWER XML SCHEMA CANNOT VALIDATE ... TYPE="XS:DOUBLE" FIXED="NAN" ... CORRECTLY |
| IT37362 | APIC GATEWAY SERVICE CONFIG SEQUENCE HANGS DUE TO ASSEMBLY INVOKE ACTION |
| IT37388 | DATAPOWER MIGHT RESTART AFTER MIGRATION TO MQ V9+ OBJECTS |
| IT37474 | USING QUERY PARAM IN AUTHURL CAUSES ERROR |
| IT37506 | DATAPOWER MAY RESTART AFTER PROCESSING 4 BILLION LOG TARGET MESSAGES VIA SYSLOG-TCP OR NFS |
| IT37513 | CALLING THE XSLT EXTENSION FUNCTION DP:FREEZE-HEADERS IN AN ASYNCHRONOUS ACTION MIGHT RESTART THE DEVICE |
| IT37552 | EXTENSION DRR FLAG NOT CLEARED ON DRRS WHERE GATEWAYEXTENSIONDEPLOYER HAS ALREADY COMPLETED INIT |
| IT37601 | DATAPOWER RESTART WHEN RUNNING TLS-LOG-CLIENT-RANDOM |
| IT37603 | DATAPOWER UI GENERATED ERRONEOUS CLI ERRORS WHEN EDITING RATE LIMIT CONFIGURATION |
| IT37616 | GATEWAYSCRIPT MIGHT HAVE INCORRECT RESULT WITH THE BUFFER.SLICE() FUNCTION |
| IT37636 | THE DIAG FUNCTION, SET-GATEWAYSCRIPT-CACHE DISABLE/ENABLE, MIGHT CAUSE GATEWAYSCRIPT ERRORS |
| IT37653 | APIC PARAMETER INPUT CHECKING TO RESTRICT UNUSABLE CONFIGURATIONS |
| IT37666 | ADD OPTION TO SPECIFY XML MANAGER FOR API GATEWAY GATEWAYSCRIPT MULTISTEP CALLRULE FUNCTION |
| IT37691 | DATAPOWER MIGHT RESTART UNEXPECTEDLY WHEN AN API HAS UNUSUALLY LARGE NAMES FOR THE PATH, API, COMPONENT ETC. |
| IT37706 | SSL CONFIGURATION MAY NOT BE USED IF USING SNI PROFILE |
| IT37722 | APPLICATION.CERTIFICATE CONTEXT VARIABLE RETURNS NULL FOR KEYVALUE ATTRIBUTE |
| IT37750 | APIC ASSEMBLY RATE LIMIT ACTION SHOULD DETECT INVALID CONFIGURATION |
| IT37766 | API CONNECT OPENAPI V3.0 SUPPORT FOR API SYNTAX CHECKING |
| IT37770 | REQUESTS TIME OUT WHEN SENDING DATA LARGER THAN 1 MB BYTES |
| IT37779 | DATAPOWER POST-LOGIN BANNER DOES NOT WORK FOR WEBGUI |
| IT37782 | API CONNECT GATEWAY URLOPEN CALL IN GATEWAYSCRIPT DOES NOT RECOGNIZE THE DEFAULT TLS PROFILE NAME |
| IT37826 | API CONNECT GATEWAY SERVICE RETURNS DIFFERENT VALUE FOR THE CLIENT.APP.SECRET COMPARED TO APIM V5 |
| IT37855 | APIC REDACT 1.5.0 POLICY ISSUES |
| IT37856 | UPDATE OPEN-VM-TOOLS TO ADDRESS SEVERAL CVE |
| IT37923 | ASSEMBLY CONTEXT VARIABLE PLAN.RATE.LIMIT FORMAT DOES NOT MATCH V5 OUTPUT |
| IT37924 | APIC GATEWAY CONTEXT.MESSAGE.BODY.READASBUFFER RETURNING INCORRECT DATA |
| IT37929 | ADDRESS CVE-2021-22918 IN NODE |
| IT37931 | FOR THE APIC GATEWAY SERVICE DOCUMENT CACHE FUNCTION WAS TURNED OFF BY DEFAULT |
| IT37935 | ADDRESS SEVERAL CVES IN KERBEROS |
| IT37936 | API INVOKE AND PROXY 1.5.0 POLICY FAILS WITH PARSE ERROR ON LARGE RESPONSES |
| IT37949 | ADDRESS FALSE-POSITIVE VULNERABILITY FINDINGS REPORTED BY SCAN UTILITIES |
| IT37950 | ADD HEADER TIMEOUT PARAMETER TO ADDRESS CVE-2020-4994 |
| IT37962 | SQL DATA SOURCE GOES INTO PENDING STATE AFTER BEING DISABLED |
| IT37967 | IMPROVE GATEWAY EXTENSION CLEAN UP LOGIC |
| IT37975 | APIC GATEWAY SERVICE TRANSACTION TIMEOUT IS NOT ENFORCED CVE-2021-38872 |
| IT37976 | APIC V5C PRODUCT AFTER REPLACE WILL NOT BE UPDATED CORRECTLY |
| IT37984 | APIC INVOKE ACTION REQUEST HEADERS IN THE API PROBE DATA MIGHT BE NOT CORRECT |
| IT37992 | USING MUTUAL TLS IN AN API DEFINITION RESULTS IN MEMORY LEAK |
| IT37993 | DATAPOWER MIGHT RESTART WHEN UPGRADING GATEWAY PEERING MEMBER UNDER LOAD |
| IT37994 | APIC GATEWAY SERVICE USING INVOKE ACTION MIGHT RESTART WITH HTTP/2 WHEN INJECT PROXY HEADERS IS SELECTED |
| IT38005 | RBM APPLY-CLI OPTION MAY CAUSE SCHEMA FAILURES SSH CLIENT PROFILES |
| IT38026 | APIC GATEWAY SERVICE SHOULD ALLOW SPACES IN PROPERTY NAMES |
| IT38071 | CUSTOMER MAY RECEIVE AN ERROR MESSAGE INDICATING THAT THE SWITCH_1.5.0-INTERNAL FUNCTION IS NOT VALID |
| IT38072 | TIMING ISSUE WITH CONCURRENT PROCESSING OF WEBHOOK REFRESH CAUSES DELETION OF ENTIRE CATALOG |
| IT38088 | UPDATE JRE TO ADDRESS CVE-2021-2341 |
| IT38089 | MITIGATE CVE-2021-3712 FOR PROCESSING ASN.1 IN TLS |
| IT38095 | DATAPOWER TLS CAN FAIL WHEN NEGOTIATING ALPN |
| IT38096 | APIC OAUTH PROVIDER SETTINGS NOT DISPLAYING CORRECTLY |
| IT38112 | ERROR IN JWT AUTHENTICATION |
| IT38114 | MIGRATION POLICY IF BY OPERATION PATH |
| IT38151 | ADD XSLT EXTENSION FUNCTION APIM:GETTLSPROFILEOBJNAME TO THE API GATEWAY XSLT COMPATIBILITY MODULE |
| IT38154 | APIC GATEWAY PROXY POLICY NOT APPLIED CORRECTLY |
| IT38160 | AN XFORM ACTION ASYNCHRONOUS SETTING MIGHT CAUSE API GATEWAY TO RESTART. |
| IT38167 | AU CACHING IS FAILING, NO CACHE HIT, WITH FORMS BASED LOGIN. |
| IT38175 | APIC DATAPOWER GATEWAY MIGHT RESTART WHEN USING API PROBE ON A GET REQUEST |
| IT38176 | DATAPOWER TLS KEY LOG FILE MAY NOT DECODE TLS 1.3 |
| IT38185 | UNABLE TO LOG INTO DATAPOWER CLI |
| IT38193 | XML PARSE ERROR IN APIC GATEWAY V5 POLICY WHEN PARSING MORE THAN 4 MB OF DATA |
| IT38220 | DELETING A CATALOG SHORTLY AFTER IT IS CREATED MIGHT CAUSE API CONNECT GATEWAY SERVICE INITIALIZATION FAILURE |
| IT38292 | DATAPOWER RESTARTS WHEN SENDING REQUEST WITH INVALID CHARACTERS IN URI |
| IT38387 | SCHEMA VALIDATION INCORRECTLY REJECTS BASE64 ELEMENT AS EMPTY |
10.0.1.4
Release date: 6 August 2021
Last modified: 6 August 2021
Status: Available
|
APAR
|
Description
|
| IT21079 | POTENTIAL MEMORY GROWTH WITH AN XQUERY ACTION THAT USES JSON INPUT LANGUAGE |
| IT33993 | NEGOTIATION MODE OF LINK AGGREGATION INTERFACE IS UNKNOWN |
| IT35157 | DATAPOWER DELIMITS COALESCED COOKIES WITH COMMA INSTEAD OF SEMICOLON |
| IT35539 | FAILURE NOTIFICATION WITH SMTP FAILS TO TRANSITION TO UP WHEN ENDPOINT USES AN IPV6 ADDRESS |
| IT35554 | DATAPOWER ALLOWS DOTDOT IN URI WHEN USING PATCH METHOD EVEN IF DISALLOWED |
| IT35868 | INVALID SUBSCRIBER DATA NOT DELETED IN THE LOCAL CACHE |
| IT36001 | DATAPOWER MIGHT RESTART WHEN CLEANING UP AN IBM MQ MANAGEMENT STORE |
| IT36084 | IBM MQ HANDLER STOPS PROCESSING MESSAGES |
| IT36096 | DATAPOWER MIGHT NOT PROPERLY READ RESPONSE FROM THE BACK END |
| IT36143 | EXPIRATION TIME IN LOCAL RATE LIMIT CACHE WAS NOT UPDATED WHEN THE LIMIT IS EXCEEDED |
| IT36156 | PARALLEL UPDATES TO API GATEWAY CONFIGURATION FILES MIGHT CAUSE CORRUPTED FILES |
| IT36162 | DATAPOWER MIGHT RESTART WHEN PROCESSING RBM FOR THE GUI, XML MANAGEMENT, OR REST MANAGEMENT INTERFACES |
| IT36180 | DATAPOWER MIGHT RESTART WHILE UPLOADING A FILE WITH THE DATAPOWER GUI |
| IT36191 | RESTART WHEN QUERYING FOR A ?WSDL WHEN USING OAUTH SECURITY POLICY |
| IT36204 | DURING API PROCESSING WHEN RESPONSE CONTAINS NO BODY, REQUEST CONTENT-TYPE RETURNED TO CLIENT |
| IT36219 | HTTP/2 POST OR PUT REQUEST WITH NO BODY DATA WILL CAUSE TIME OUT ERROR |
| IT36332 | DUPLICATE CSR ENTRIES CREATED WITH THE DATAPOWER KEYGEN UTILITY |
| IT36407 | MITIGATION FOR TLS CVE-2021-3449 |
| IT36417 | UPDATE SECURE GATEWAY CLIENT TO ADDRESS MULTIPLE CVES |
| IT36448 | DATAPOWER MIGHT PRINT EXTRA TEXT WHEN A LONG XML TEXT NODE IS LOGGED FROM AN XSLT ACTION |
| IT36463 | WSDL FAILS TO DEPLOY ON DATAPOWER FOR VMWARE |
| IT36479 | API CONNECT GATEWAY V5C POLICIES STOPPED WORKING AFTER FIRMWARE UPGRADE |
| IT36481 | DATAPOWER RESTARTS WHEN VIEWING GATEWAY PEERING STATUS |
| IT36517 | SPECIAL CASE THREADS MIGHT BE SUSCEPTIBLE TO LOGGING TO A TARGET THAT NO LONGER EXISTS CAUSING AN UNEXPECTED RESTART |
| IT36579 | DATAPOWER SNMP SHOULD NOT QUERY IBM MQ APPLIANCE STATUS PROVIDERS |
| IT36624 | API CONNECT GATEWAY EXTENSION FAILS TO IMPORT ALL OBJECTS |
| IT36625 | DATAPOWER MIGHT RESTART DUE TO API SUBSCRIBER CACHE MANAGEMENT |
| IT36627 | ADDRESS FALSE-POSITIVE VULNERABILITY FINDINGS REPORTED BY SCAN UTILITIES |
| IT36635 | DATAPOWER DOES NOT CONVERT ISO-8859-1 CHARACTERS TO UTF-8 CORRECTLY IN HTTP HEADER |
| IT36637 | DATAPOWER MIGHT RESTART WHEN MODIFYING WEB SERVICE PROXY WHILE REQUESTING WSDL |
| IT36655 | API CONNECT UNABLE TO INPUT INLINED PARAMETER FOR THE TLS PROFILE NAME OF THE ASSEMBLY INVOKE ACTION |
| IT36715 | ADDRESS CORS MISCONFIGURATION CVE-2020-4992 |
| IT36726 | MEMORY GROWTH WHEN CALLING DP:GATEWAYSCRIPT XSLT FUNCTION |
| IT36727 | DATAPOWER DOES NOT CORRECTLY CALCULATE FREE MEMORY |
| IT36732 | ASSEMBLY VALIDATE ACTION MIGHT RESTART DATAPOWER |
| IT36779 | DATAPOWER TPS MIGHT BECOME LIMITED BY ASSEMBLY REDACT ACTION |
| IT36780 | API CONNECT GATEWAY SERVICE LOGS ERRORS AFTER THE PRIMARY GATEWAY RESTARTS AND RECONNECTS |
| IT36946 | API CONNECT REDACT STYLESHEETS ARE NOT RECOMPILED WHEN REPUBLISHED |
| IT36949 | MITIGATION FOR DOJO VULNERABILITIES CVE-2018-15494 AND CVE-2020-4051 |
| IT37035 | API CONNECT GATEWAY SERVICE MIGHT RESTART UNEXPECTEDLY WHEN CLI SHOW CONNECTIONS IS RUN |
| IT37053 | DATAPOWER SQL TRACING FAILS TO CREATE LOGS |
| IT37082 | MITIGATION FOR CVE-2020-7774 UPDATE Y18N NODE MODULE |
| IT37175 | API GATEWAY V5C FAILS WITH SESSION AUTHENTICATION FAILURE |
| IT37214 | DATAPOWER TAM CLIENT GOES DOWN AFTER UPGRADING |
| IT37278 | MITIGATE NODE LIBRARY FOR CVE-2020-8287 AND CVE-2020-8265 |
| IT37523 | UPDATE ICU LIBRARY TO ADDRESS SEVERAL CVES |
| IT37933 | UPDATE ANGULARJS TO ADDRESS MULTIPLE CVES |
10.0.1.3
Release date: 2 April 2021
Last modified: 2 April 2021
Status: Available
|
APAR
|
Description
|
| IT33579 | ENSURE THE ORDER FOR THE LDAP OBJECTS ARE CORRECT AND DEFINED FOR CONFIGURATION. |
| IT34576 | ZE IT30835 FIX APAR: USE OF VAR://SERVICE/TLS-INFO VARIABLE MIGHT LEAD TO UNEXPECTED RESTART |
| IT34675 | DATAPOWER KAFKA OBJECT DOES NOT RETRIEVE ALL THE MESSAGES AFTER THE KAFKA OBJECT IS RESTARTED. |
| IT34680 | LIVE STREAM HANG TRIGGER DATAPOWER WATCHDOG RESTART |
| IT34742 | MEMORY GROWTH MIGHT OCCUR WHEN USING ASSEMBLY LOG ACTION |
| IT34767 | DATAPOWER MIGHT RESTART DUE TO A NETWORK ERROR IN THE MQ FTE HANDLER WHILE BACKOUT |
| IT35177 | INVOKE 1.5.0 DOES NOT CORRECTLY RESPECT STOP ON ERROR OPTIONS |
| IT35219 | DATAPOWER MIGHT RELOAD DUE TO AN INTERNAL DEFECT WITH MQ REFERENCE COUNTING |
| IT35248 | CLIENT SECRET IS NOT REDACTED ON API GATEWAY |
| IT35370 | ADDED HANDLING OF SPECIAL IMS IRM_TIMER VALUES 0 AND -1 |
| IT35454 | ONLY FLUSH CACHE FOR MODIFIED FILES TO PREVENT INTERMITTENT ERRORS |
| IT35462 | DATAPOWER MIGHT RESTART WHILE PROCESSING A LARGE CONFIGURATION FILE OR MULTIPLE CONCURRENT CONFIGURATION FILES |
| IT35492 | DATAPOWER MIGHT RESTART WHILE CLOSING AN LDAP CONNECTION |
| IT35498 | ADD DOMAIN NAME TO ANALYTICS RECORDS |
| IT35529 | WHEN USING MQ HANDLER, DATAPOWER MIGHT RESTART IF CONNECTIONS CANNOT BE ESTABLISHED WITH THE MQ SERVER |
| IT35543 | THE LOCATION HEADER GETS REWRITTEN IN ANY CASE BY THE LOCATION HEADER REWRITE FEATURE WHEN THE HOST CANNOT BE RESOLVED |
| IT35677 | XML FIREWALL CANNOT SET DYNAMIC TLS PROFILE FOR A TLS CLIENT PROFILE |
| IT35724 | DATAPOWER MIGHT RESTART DUE TO A BAD MQRFH2 HEADER IN AN MQ MESSAGE |
| IT35729 | GATEWAYSCRIPT URLOPEN CALL MIGHT TIMEOUT WHEN READING DATA FROM THE NETWORK |
| IT35737 | DATAPOWER MIGHT LEAK MEMORY IF A WSDL BASED API IS INVOKED BY BASEPATH ONLY |
| IT35825 | DATAPOWER VALIDATION ERROR MESSAGES STATE ERROR REASON AT MESSAGE END, WHICH GETS TRUNCATED BY DATAPOWER LOG FOR LONG MESSAGES |
| IT35836 | API CONNECT GATEWAY SERVICE CAN GET STUCK IN A NON-RESPONSIVE STATE WHEN DRR FINISH NOT DETECTED |
| IT35863 | THE CRYPTO-BINARY ACTION GOES DOWN DUE TO NO DATAGLUE LICENSE. |
| IT35868 | INVALID SUBSCRIBER DATA NOT DELETED IN THE LOCAL CACHE |
| IT35869 | DATAPOWER MIGHT RESTART IF A STREAM IS READ WHILE THERE IS FATAL ERROR ON THAT STREAM |
| IT35870 | ADD AN OPTION TO THE ASSEMBLY INVOKE ACTION |
| IT35871 | ANALYTICS CERTIFICATES REMOVED WHEN API CONNECT GATEWAY SERVICE IS RESTARTED |
| IT35873 | ERROR POLICY PROPERTY OF ASSEMBLY VALIDATE ACTION COULD NOT BE SET BY APIC API MANAGER |
| IT35895 | DATAPOWER MIGHT RESTART WHILE ACCESSING A TLS SESSION |
| IT35909 | DATAPOWER MIGHT RESTART DUE TO LOCK ISSUE |
| IT35921 | API CALL FAILS WHEN REQUEST URL CONTAINS NEGATIVE VALUES FOR PATH PARAMETERS OF INTEGER TYPE |
| IT35924 | ANALYTICS CERTIFICATES ARE NOT RESTORED WHEN RE-ADDING ANALYTICS |
| IT35928 | DATAPOWER RELOADS WHILE MAKING AN OCSP CALL |
| IT35930 | CANNOT REFRESH API GATEWAY SERVICE IF OAUTH PROVIDER CONTAINS A USER REGISTRY USING TLS |
| IT35938 | API GATEWAY ONLY ALLOWS SECP256R1 CURVE ALGORITHM FOR TLS CONNECTIONS AS A CLIENT |
| IT35980 | API OPERATION STAYS UP EVEN IF PARAMETER REFERENCE IS MISSING |
| IT35988 | ADDRESS PROBLEMS WITH IBM MQ V9+ INTEGRATION |
| IT35990 | VALIDATION OF TOKENS WITH NON STRINGS IN THE JWT HEADER FAIL |
| IT35996 | MULTIPLE CVE FOR MCP AND UBI |
| IT36032 | ADD PASSWORD CONFIGURATION FOR INTRA-CLUSTER COMMUNICATIONS |
| IT36039 | THE SHARE RATE LIMIT COUNT PROPERTY IN API GATEWAY NOT HONORED WHEN API REPUBLISHED. |
| IT36078 | GUI ISSUE IN ADDING MESSAGE COUNT MONITOR IN WEB SERVICE PROXY |
| IT36089 | ZE IT34014 FIX APAR: COMPRESSION ON HTTPS RESULTS IN FAILING RESPONSES AFTER IT34014 |
| IT36101 | DATAPOWER MIGHT RESTART DUE TO TLS TRANSACTIONS |
| IT36121 | FOR API CONNECT, TLS PROFILE CHANGES IN THE LDAP IS NOT PICKED UP |
| IT36129 | DATAPOWER MIGHT RESTART DUE TO AN INVALID POINTER TO AN LDAP USER REGISTRY |
| IT36325 | THE SECURITY ACCESS MANAGER CLIENT MIGHT FAIL TO START |
| IT36586 | JRE UPDATE TO ADDRESS CVE-2020-14779, CVE-2020-14782, CVE-2020-14803 AND CVE-2020-27221 |
10.0.1.2
Release date: 29 January 2021
Last modified: 29 January 2021
Status: Available
|
APAR
|
Description
|
| IT32643 | STYLESHEET WITH INPUT CONTEXT NULL AND COMPILE OPTIONS POLICY ATTEMPT-STREAMING-RULE MIGHT CAUSE A RESTART |
| IT32767 | DATAPOWER MIGHT RESTART IF A LOG TARGET CONFIGURATION IS MODIFIED |
| IT33795 | GATEWAYSCRIPT READASBUFFERS() CANNOT READ >2GB SIZE INPUT |
| IT33856 | QUIESCE STATE NOT PROPERLY SET IN SELF BALANCE RESULTS IN FAILED REQUESTS TO DOWN SERVICES |
| IT33927 | ERRORS FOR ISAM CLIENT |
| IT34586 | FREEZE GATEWAYSCRIPT GLOBAL OBJECT FOR SECURITY VULNERABILITY |
| IT34610 | ASSEMBLY INVOKE ACTION MIGHT CHANGE VERB FROM HEAD TO POST |
| IT34677 | APPLICATION METADATA CONTAINING COMMAS MIGHT CAUSE IBM DATAPOWER TO RESTART UNEXPECTEDLY |
| IT34798 | DATAPOWER SSH CLIENT MIGHT RESTART WHEN ACTING AS AN SFTP CLIENT FOR LARGE FILES |
| IT34843 | UNABLE TO GET CLIENT CERTIFICATE INFORMATION FROM THE ASSEMBLY CONTEXT IN API GATEWAY |
| IT34845 | CUSTOM DEFINED V5 POLICY IS INTERMITTENTLY MISSING ASSEMBLY REFERENCE |
| IT34847 | CANNOT DELETE PASSWORD ALIAS OBJECT WHEN THE SSH CLIENT PROFILE ASSOCIATED WITH IT IS DELETED |
| IT34848 | REQUEST.HEADERS.X-CLIENT-IP NEEDS TO BE POPULATED IN DATAPOWER API GATEWAY |
| IT34915 | INVOKE 1.5.0 POLICY DOES NOT EXECUTE WITH LONG API NAME |
| IT34923 | GATEWAYSCRIPT 1.0.0 POLICY NOT PROVIDED PARSED XML NODELIST IF CONTENT-TYPE HEADER IS NOT IN LOWER CASE |
| IT34971 | API CONNECT GATEWAY SERVICE WITH USER-DEFINED POLICIES MIGHT CAUSE DATAPOWER TO RESTART |
| IT34996 | PROCESSING OF LARGE NUMBER OF CATALOGS DURING DRR MIGHT CAUSE OUT OF MEMORY CONDITION |
| IT34999 | API CONNECT INTEGRATION IMPORT REJECT USER-POLICY TYPE IF NO POLICY YAML ARE PRESENT |
| IT35002 | RATE LIMIT REPLENISH OPERATION MIGHT REPLENISH AFTER INTERVAL ELAPSES |
| IT35003 | API CONNECT 1.0.0 POLICES THAT FAIL DO NOT RETURN CORRECT HTTP STATUSCODE AND REASON |
| IT35035 | IN API CONNECT INTEGRATION, ELIMINATE DUPLICATE TLS PROFILE CONFIGURATIONS IN CATALOGS. |
| IT35038 | FALLBACK TO CATALOG TITLE IF CATALOG NAME IS NOT FOUND |
| IT35044 | OAUTH ENDPOINTS REJECT REQUESTS WITH A ;CHARSET=XXX APPENDED TO THE CONTENT-TYPE HEADER |
| IT35051 | MAP POLICY FAILS WITH WRONG STATUS CODE WHEN OUTPUT SCHEMA IS INVALID |
| IT35079 | UNEXPECTED RESTART LOGGING RESULT OF DP:BINARYNODETOSTRING CHILD::NODE() FOR EMPTY OR STRING CHILD |
| IT35090 | IN POSTPROCESSING STEP OF AN AAA POLICY, USER CANT ADD ROLE INTO WS-SECURITY USERNAMETOKEN |
| IT35154 | GRAPHQL ASSEMBLY ACTION VALIDATION DOES NOT CHECK VALUE OF RETURNED DATA |
| IT35160 | COUNT LIMIT AUTO DECREMENT MIGHT NOT WORK CORRECTLY FOR CERTAIN EXPLICIT DECREMENT OPERATIONS |
| IT35172 | WHEN ASSEMBLY NAME CONTAINS SPACES, API GATEWAY CANNOT CATCH AN ERROR |
| IT35196 | GRAPHQL ASSEMBLY ACTION VALIDATION DOES NOT CHECK VISIBILITY LIST |
| IT35232 | REQUEST XML PARSING CHANGES CONTENT-TYPE |
| IT35239 | EXCEPTION THROWN WHEN DEPLOY-POLICIES NOT DEFINED |
| IT35242 | WEBSOCKET UPGRADE FAILS IF HTTP RESPONSE CODE IS MANUALLY SET |
| IT35251 | GRAPHQL ASSEMBLY ACTION DOES NOT CHECK CUSTOM DIRECTIVE ARGUMENTS |
| IT35253 | USE OF @COST DIRECTIVE INADVERTENTLY SUPPORTED IN INTERFACE FIELDS |
| IT35266 | ASSEMBLY VALIDATE ACTION CANNOT HANDLE ERROR RESPONSE WHEN DEFINED AS JSON INPUT AGAINST A GRAPHQL SCHEMA |
| IT35275 | API CONNECT 1.0.0 POLICIES CANNOT ACCESS VARIABLES SET BY A 2.0.0 POLICY |
| IT35288 | DATAPOWER MIGHT UNEXPECTEDLY RELOAD ACCESSING THE API SUBSCRIBER CACHE |
| IT35315 | API GATEWAY CANNOT ACCESS THE GATEWAYSCRIPT SESSION OBJECT |
| IT35316 | UNEXPECTED SYSTEM RESTART WHEN QUERYING SNMP (CVE-2020-4869) |
| IT35317 | NODE.JS SECURITY VULNERABILITES (CVE-2020-8174) |
| IT35324 | DEVICE MIGHT RESTART IF A CONTEXT VARIABLE REFERS TO AN UNKNOWN CONTEXT |
| IT35327 | IBM DATAPOWER GATEWAY POTENTIALLY VULNERABLE TO AN RCE ATTACK (CVE-2020-5014) |
| IT35364 | MEMORY GROWTH WHEN API DEFINITION LOGS PAYLOAD ON SUCCESS |
| IT35401 | HTTP CONNECT METHOD IS NOT USED FOR CALLS VIA USER AGENT PROXY |
| IT35441 | DYNAMIC ACTIONS FOR INVOKE POLICIES MIGHT BE CREATED INCORRECTLY |
| IT35447 | GATEWAY PEERING IN STANDALONE MODE CAN HANG WHEN PROCESSING HIGH VOLUME RATE LIMITING |
| IT35449 | UNDER CERTAIN CIRCUMSTANCES, ENCODING IS SET INCORRECTLY DURING VALIDATION OF JSON/GRAPHQL SCHEMA FILE |
| IT35451 | A FOREACH PROPERTY IN A MAP POLICY SET ACTION FAILS IF NOT SPECIFIED AS A STRING VALUE |
| IT35452 | DATAPOWER MIGHT RESTART UNEXPECTEDLY IN RARE CASES WHEN READING STREAM |
| IT35493 | DATAPOWER MIGHT FAIL TO COLLECT DPMON LOGS |
| IT35571 | DATAPOWER UPGRADE TO 10.X.X FAILS |
| IT35769 | ON ERROR, REDACT POLICY NOT HONORED BEFORE SENDING MESSAGE TO ANALYTICS ENDPOINT. |
10.0.1.1
Release date: 9 December 2020
Last modified: 9 December 2020
Status: Available
|
APAR
|
Description
|
| IT31762 | EMPTY MESSAGES AS RESPONSE IN TIBCO EMS FOR SPECIFIC FLOWS |
| IT32057 | <XSL:MESSAGE> CALLED WITH NON-UTF8 CHARACTER WILL PREVENT JSON KEY AND XML NAME CLEANUP |
| IT32347 | SHOW MEMORY COMMAND RESULTS IN CANNOT FETCH STATUS DATA ERROR |
| IT32349 | KEYS STORED IN LUNA MIGHT FAIL TO LOAD |
| IT32577 | HSM PARTITION GIVES ERROR CANNOT LOAD KEY WHEN INCORRECT PASSWORD IS GIVEN |
| IT32876 | DATAPOWER WILL NOW RETURN PROPER GZIP CONTENT FOR A HTTP RESPONSE BODY OF LENGTH 0. |
| IT32937 | DATAPOWER DISREGARDS THE TTL VALUE IN THE DNS CNAME RECORD WHEN USING FIRST ALIVE ALGORITHM |
| IT33441 | WHEN CALLING OAUTH PROVIDER TOKEN ENDPOINT USING REFRESH TOKEN WITH DIFFERENT CLIENT ID, GATEWAY RETURN HTTP 401 INSTEAD OF 400 |
| IT33495 | DATAPOWER RESTARTS DUE TO ODR OBJECTS |
| IT33551 | CREATE TOGGLE FOR LLDP ON THE INTERFACES |
| IT33588 | DELETED DOMAINS DO MAY NOT PROMPT FOR NEED SAVE, RESULTING IN RESURFACING ON DEVICE REBOOT/RESTART. |
| IT33673 | SUPPORT CATALOG PROPERTIES VIA A NEW CONTEXT VARIABLE IN DATAPOWER API GATEWAY |
| IT33679 | SESSION.CLIENTADDRESS API CONTEXT VARIABLE DOES NOT USE CLIENT IP ADDRESS IN X-FORWARDED-FOR OR X-CLIENT-IP HEADER |
| IT33727 | UPDATE ERROR MESSAGE RESPONSE CODE TO BE CORRECT FOR SECURITY. |
| IT33775 | ASSEMBLY RATE LIMIT CACHE STATUS IS INCORRECT |
| IT33778 | LUNA HA GROUP UP IF ONE MEMBER IS UP |
| IT33779 | WHEN A LUNA HA GROUP OR PARTITION OBJECT IS DOWN THE CERTIFICATE OBJECT SHOULD BE DOWN |
| IT33845 | CONTENT-TYPE HEADER SET TO UNKNOWN MIGHT CAUSE ISSUES WITH INVOKE POLICY TARGET SERVERS |
| IT33890 | ON IBM DPOD V1.0.10 DOES NOT DISPLAY API RESPONSE SIZE FOR V2018 APIC DOMAINS |
| IT33897 | MEMORY LEAK WHEN USING OAUTH AND RATE LIMITING |
| IT33898 | GATEWAY PEERING CACHE STATUS DOES NOT INCLUDE GATEWAY RATELIMIT DATA |
| IT33923 | MAXIMUM CONSENT TTL SETTING IN OAUTH PROVIDER SETTINGS DOES NOT WORK PROPERTY |
| IT33953 | UNEXPECTED RESTART OF DATAPOWER ON PASSWORD ALIAS WHICH ARE BLANK OR MALFORMED |
| IT33967 | FIX GRAPHQL SCHEMA PARSER TO PREVENT PARSE ERROR FOR CERTAIN SCHEMAS. |
| IT33975 | GRAPHQL PARSER WILL NOW DISALLOW CERTAIN SCHEMAS WHICH ARE NOT CONSISTENT WITH THE APIC MANAGER |
| IT33981 | COPY FILE AND MOVE FILE MAY ACT INCORRECTLY WITH SPECIFIC RBM ACCESS PROFILES. |
| IT33989 | EXPECTING JSON IN BADGERFISH FORMAT FOR NULL VALUES |
| IT34009 | _LINKS STANZA IN REST MANAGEMENT RESPONSE CONTAINS UNEXPECTED CONTENT |
| IT34014 | HTTP RESPONSE WHERE COMPRESSION REQUESTED AND NO DATA RETURNED CAUSES A DECOMPRESSION ERROR |
| IT34016 | DATAPOWER: LTPA MIGHT CAUSE APPLIANCE TO ENTER FAILSAFE MODE |
| IT34027 | PROVIDE PROTECTIVE CODING AGAINST MALFORMED XML IN REQUEST.CATALOGS AND REQUEST.SWAGGER |
| IT34034 | A CATALOG WITH NO SPACES AND THAT CATALOG IS PARTITIONED INTO SPACES WILL BRING DOWN ALL CATALOGS |
| IT34047 | SLM PEER MESSAGES COUNTS ARE INCORRECT AFTER RESTARTING THE PEER |
| IT34068 | CRYPTO-EXPORT CAUSES NON-HSM KEYS CANNOT BE EXPORTED IN THIS MANNER ERROR |
| IT34070 | THE V10 GATEWAY UNCONDITIONALLY OVERWRITES THE HOST HEADER |
| IT34075 | OAUTH IDENTITY EXTRACTION LOGS INCORRECT MESSAGE WHEN USING A CUSTOM HTML FORM |
| IT34084 | UNDER CERTAIN CIRCUMSTANCES, USER-DEFINED POLICIES ERRONEOUSLY DO NOT MEET AVAILABILITY CRITERIA DUE TO INVALID PEERING DATA |
| IT34142 | DATAPOWER GATEWAY MIGHT RESTART WHEN PROCESSING GATEWAY NAMED RATE-LIMIT POLICIES WITH ASSEMBLY-RATE-LIMIT ACTION |
| IT34144 | THIRD PARTY PROVIDER REQUIRES TOKEN MANAGER TO BE UP |
| IT34159 | DYNAMIC REREGISTRATION AND RECONFIGURATION (DRR) FAILS ON API GATEWAY SERVICES DEPLOYED WITH DEFERRED GATEWAY EXTENSIONS |
| IT34175 | UPDATES TO AN API GATEWAY CATALOG WITH A LARGE NUMBER OF PRODUCTS MIGHT CAUSE API CONNECT GATEWAY SERVICE RESTART |
| IT34176 | UPDATES TO AN API GATEWAY CATALOG WITH A LARGE NUMBER OF PRODUCTS MIGHT CAUSE DATAPOWER RESTART |
| IT34198 | DNS STATIC HOSTS MIGHT NOT WORK WHEN LOAD BALANCING ALGORITHM SET TO FIRST ALIVE |
| IT34236 | SSL CLIENT PROFILE NOT ACCESSIBLE BY WEBAPI GATEWAY |
| IT34256 | USER CANNOT SAVE A CHECKPOINT IN THE WEBGUI |
| IT34264 | SNMP POLLING TIMES OUT DUE TO DATAPOWER RESTART |
| IT34285 | MEMORY GROWTH SEEN WHEN DOMAIN IS RESTARTED IF GATEWAY PEERING IS USED IN THE DOMAIN OR GATEWAY PEERING IS MODIFIED |
| IT34286 | V5C GATEWAY IS INCORRECTLY SENDING API CONNECTS APP CLIENT ID |
| IT34287 | IN V5/V5C GATEWAY, WHEN REFRESH TOKEN IS USED TO GENERATE NEW ACCESS TOKEN THE NEW TOKEN STILL HAS THE OLD REVOCATION URL |
| IT34307 | TLS HANDSHAKE FAILURE WHEN USING NULL CIPHER ECDHE-RSA-NULL-SHA |
| IT34326 | THE <FLASHFILES> SECTION MIGHT UNEXPECTEDLY TRACK FILES ON NFS MOUNTS AND THUS POTENTIALLY DELAY GENERATING ERROR-REPORTS |
| IT34333 | AAA LDAP REQUIRES USERPASSWORD, EMPTY PASSWORD ERROR SHOULD BE THROWN ON FAILURE |
| IT34339 | WHEN YOU REPLACE A PRODUCT IN API MANAGER, INVOKING APIS IN THE PRODUCT MIGHT FAIL DURING THE REPLACEMENT |
| IT34349 | STRICT TRANSPORT SECURITY WILL BE ADDED TO OAUTH APIS IN ORDER TO IMPROVE SECURITY CONCERNS |
| IT34366 | GATEWAYSCRIPT CRYPTO.CREATESIGN() API FAILS WITH PSASSA-PSS ALGORITHM |
| IT34370 | API CONNECT INTEGRATION: DATAPOWER MIGHT RESTART AFTER ADDING IT AS A GATEWAY SERVICE |
| IT34376 | FIX AN ERRONEOUS ERROR MESSAGE ABOUT CLI ARGUMENTS. |
| IT34387 | REMOVE SQUARE BRACKETS FROM IPV6 ADDRESSES WHEN REPORTING ANALYTICS. |
| IT34388 | APIC V5 COMPATIBILITY FEATURES FOR MIGRATED APIS ARE NOW SUPPORTED |
| IT34405 | APIC V5 EMULATION MIGHT RETURN AN INCORRECT PAYLOAD CONTENT TYPE |
| IT34413 | MISCELLANEOUS FIXES FOR APIC V5 EMULATION AND MIGRATION |
| IT34420 | WHEN FILES ARE IN TEMPORARY: DIRECTORY, XSLT APIGW:SWAGGER-DOCUMENT EXTENSION DOES NOT WORK |
| IT34444 | THE CRYPTO PROFILE MIGHT INDICATE SSLV2 IS ENABLED WHILE MAKING CHANGES |
| IT34447 | APIC GATEWAY SERVICE MONITORS INCORRECT FILE LOCATIONS |
| IT34462 | ROUTING TABLES MIGHT HAVE MISSING BROADCAST ENTRIES FOR INTERFACES |
| IT34467 | GATEWAYSCRIPT ERROR MIGHT OUTPUT NAN INSTEAD OF MULTIPLE PERCENT CHARACTERS |
| IT34481 | DATAPOWER IS VULNERABLE TO ROBOT VULNERABILITY ON V10 |
| IT34492 | DATAPOWER COULD NOT LOAD HOST KEY |
| IT34530 | DATAPOWER MIGHT LEAK MEMORY IN API GATEWAY SERVICE SCENARIO |
| IT34598 | $NUMBER() FUNCTION IN JSONATA DOES NOT ACCEPT BOOLEAN VALUES AS INPUT |
| IT34611 | API CONNECT GATEWAY SERVICE MIGHT FAIL TO PROCESS SOME API GATEWAY CONFIGURATION UPDATES |
| IT34616 | LOGS SENT BY SEND-ONLY AND GATHER-AND-SEND OF ASSEMBLY LOG ACTION CAN CAUSE AN IMPACT TO CPU USAGE. |
| IT34621 | DATAPOWER - THE SEND AS A MESSAGE TOOL ON THE PROBE FEATURE DOES NOT WORK |
| IT34627 | APP ID IS INVALID OR NOT WELL-FORMED ERROR WHEN UPDATING AN API SUBSCRIPTION WITH THE WEBGUI |
| IT34635 | API GATEWAY, MISSING EXPIRES_IN ATTRIBUTE IN THE POST REQUEST TO THE EXTERNAL TOKEN MANAGEMENT SERVER |
| IT34652 | SECURE GATEWAY CLIENT RESTART AT HIGH LOAD |
| IT34657 | CATALOG SNAPSHOT PAYLOADS WAS MISSING FROM DATAPOWER GATEWAY |
| IT34706 | PEERING ASSEMBLY BURST LIMIT DOES NOT SYNCHRONIZE ALL COUNTERS CORRECTLY |
| IT34724 | GATEWAY EXTENSION NOT REAPPLIED TO CONFIGURATION THAT WAS NOT ALREADY CREATED. |
| IT34760 | ADDRESSED CVE-2020-4831 IN DATAPOWER V10 |
| IT34769 | V5 POLICY EMULATION: ERROR WITH TLS PROFILE VERSION OBFUSCATION |
| IT34805 | DATAPOWER MAY RELOAD UNEXPECTEDLY WHILE CHANGING OR SAVING DOMAIN CONFIGURATIONS. |
| IT34809 | UDP NOT INSTALLED ON DATAPOWER V5C IF REQUEST CAME IN AS SNAPSHOT |
| IT34858 | SECURITY VULNERABILITIES IN LODASH AND MINIMIST PACKAGES (API CONNECT GATEWAY SERVICE) |
| IT34870 | UNDER HEAVY PROCESSING LOAD, API CONNECT GATEWAY SERVICE MIGHT ENCOUNTER ERRORS ACCESSING GATEWAY PEERING DATABASE |
| IT34888 | API CONNECT GATEWAY SERVICE MIGHT NOT HONOR THE LOGGING TARGET LOG LEVEL |
| IT34894 | API CONNECT GATEWAY SERVICE VERIFICATION OF GATEWAY SERVICE URL DURING REGISTRATION IS TOO RESTRICTIVE |
| IT34914 | CONFIG-SEQUENCE FILE WATCHER MIGHT BE ACTIVATED AFTER MAIN CONFIGURATION FILE IS WRITTEN |
| IT34922 | API CONNECT GATEWAY SERVICE DOES NOT PROPERLY LOG ERROR MESSAGE FOR MISSING CATALOG DURING MANUAL DRR |
| IT34930 | DRR WITH LARGE NUMBER OF CATALOGS MIGHT GET STUCK IN A FAILURE LOOP |
| IT34948 | V5 USER POLICIES WILL NOT BE DEPLOYED ON API GATEWAY WHEN DESCRIPTION YAML DOES NOT HAVE PROPERTIES SECTION |
| IT34954 | ADDRESS MULTIPLE JRE SECURITY VULNERABILITIES |
| IT35000 | POST REQUEST BODY FORM PARAMETERS WHEN ADDED TO A GET REQUEST AS QUERY PARAMETERS ARE NOT REJECTED BY THE WEBGUI |
| IT35179 | USAGE OF A LARGE AMOUNT OF CUSTOM RATE LIMIT KEYS UNDER HIGH LOAD MAY RESULT IN A SYSTEM HANG |
| IT35203 | IN DATAPOWER 10.0.1.0, ILMT IS NONFUNCTIONAL |
10.0.1.0
Release date: 30 September 2020
Last modified: 30 September 2020
Status: Available
10.0.1.0 is a manufacturing refresh that includes no new APARs. 10.0.1.0 is equivalent to 10.0.0.1.
10.0.0.1
Release date: 17 August 2020
Last modified: 17 August 2020
Status: Available
10.0.0.1 is the last fix pack against the 10.0.0.x stream. Future fix packs are against the 10.0.1.x stream.
|
APAR
|
Description
|
| IT32051 | SSH KNOWN HOSTS FILE DOES NOT ACCEPT KEYS >1K BYTES |
| IT32283 | LOCAL-SERVICE-VARIABLE IS NOT POPULATED FOR HTTP/2 REQUESTS |
| IT32296 | SNMP POLLING MQ CONNECTION STATUS PROVIDER LEAKS MEMORY |
| IT32522 | THE "LOGTEMP:///XACT-LOG" AND ASSOCIATED STANZA IN THE ERROR REPORT WOULD REPORT A RANDOM OBJECT NAME FOR ACCEPTED CONNECTIONS |
| IT32758 | DATAPOWER MIGHT RELOAD AFTER INVOKING THE "SAVE INTERNAL-STATE" COMMAND |
| IT32782 | API CONNECT GATEWAY SERVICE MIGHT RESTART DATAPOWER WHILE CREATING CONFIGURATION FROM YAML FILE |
| IT32931 | DATAPOWER MIGHT NOT PARSE UTF16 XML IF BOM IS SPLIT ON DIFFERENT TCP PACKETS |
| IT32934 | DATAPOWER UNQUIESCE LEAVES API GATEWAY SERVICE IN DOWN STATE |
| IT32964 | DATAPOWER ODR INTEGRATION COULD GENERATE INVALID PEER CERTIFICATE ERRORS ON WEBSPHERE APPLICATION SERVER |
| IT32966 | MULTIPLE CVE FOR MCP AND UBI |
| IT33003 | DOMAIN SETTINGS PASSWORD TREATMENT INCORRECTLY IMPACTS PASSPHRASE DECRYPTION. |
| IT33036 | THE "VAR://SERVICE/AAA-ERROR-LOGS" VARIABLE IS NOT POPULATED WHEN LOG LEVEL IS ERROR |
| IT33116 | DATAPOWER USES AN OBSOLETE AAA HEADER |
| IT33129 | MULTIPLE SECURE BACKUPS MIGHT CAUSE A RELOAD |
| IT33142 | IN API GATEWAY, THE "X-GLOBAL-TRANSACTION-ID" HEADER IS NOT GENERATED FOR SOME API CALLS |
| IT33166 | SUBSCRIPTION ERROR IF MULTIPLE PRODUCTS WITH SAME API PATH |
| IT33185 | A TRANSACTION MIGHT HANG UNTIL A RELOAD IF THERE IS AN ERROR IN ITS HANDLER |
| IT33203 | DATAPOWER MIGHT RESTART CAUSED BY POST-HOOK GATEWAYSCRIPT |
| IT33215 | KAFKA CLUSTER FAILS TO COME UP WITH BROKER CONFIGURATION ERROR |
| IT33220 | RBM PASSWORD AGING INTERFERES WITH CONFIGURATION SEQUENCES THAT USE AN ACCESS PROFILE |
| IT33232 | INVALID DOMAIN NAME IS LOGGED IF AUTHENTICATION FAILS AND AN INVALID DOMAIN NAME IS USED. |
| IT33233 | "CONTENT ENCODING" HEADER SET WITH EMPTY BODY RESPONSE THROWS A READ ERROR |
| IT33247 | SUPPRESS AUTOMATIC GENERATION OF SSH DSA KEYS |
| IT33251 | QUEUE MANAGER CONNECTION FAILURE WHEN USING "MQ://" PROTOCOL IDENTIFIER IN API GATEWAY GATEWAYSCRIPT |
| IT33327 | CONSUMER APPLICATION GETS 401 UNAUTHORIZED AFTER INTRODUCING A NEW VERSION OF AN API WITH DIFFERENT SECURITY CONFIGURATION |
| IT33351 | XSS AND HTML INJECTION VULNERABILITY |
| IT33374 | ADDING AN ASSEMBLY FUNCTION WITH THE RATE LIMIT ACTION TO API CONNECT GATEWAY SERVICE THROWS ERROR |
| IT33375 | MEMORY GROWTH MIGHT OCCUR DURING PAYLOAD LOGGING |
| IT33401 | ENABLE ALLOW COMPRESSION BY DEFAULT FOR THE HANDLERS CREATED BY API CONNECT INTEGRATION |
| IT33450 | THE DATAPOWER WEBGUI MIGHT BE SLOW LOADING A MULTI-PROTOCOL GATEWAY |
| IT33455 | UNEXPECTED RELOAD DUE TO MEMORY CORRUPTION IN TLS |
| IT33460 | JSON SCHEMA THAT FAILS COMPILATION WITH INVALID REFERENCE OR INVALID JSON SYNTAX DOES NOT LOG SPECIFIC ERROR |
| IT33536 | DATAPOWER "DYN:EVALUATE()" XSLT COMPILED CODE CACHE ALLOWS FOR ONLY 32 ENTRIES |
| IT33543 | DATAPOWER MIGHT WATCHDOG RELOAD WHILE READING AND SAVING A CONFIGURATION AT THE SAME TIME |
| IT33551 | ENABLE LLDP ON THE ETHERNET INTERFACES |
| IT33597 | WHEN USING API GATEWAY, A PAYLOAD WITH THE "OPTIONS" CALL ECHOES THE RESPONSE |
| IT33741 | DATAPOWER CAN RESTART ON A RARE WEBGUI ACTIVITY RACE CONDITION |
| IT33747 | REINITALIZING WITH 10.0.0.0 FIRMWARE LOSES THE IBM MQ FEATURE |
| IT34050 | X-IBM-CLIENT-ID HEADER EXTRA VALUES IS IGNORED IN OAUTH AUTHENTICATION |
10.0.0.0
Release date: 17 June 2020
Last modified: 17 June 2020
Status: Available
|
APAR
|
Description
|
| IT19885 | DATAPOWER XMI SCHEMA FOR B2B-QUERY-METADATA RESPONSE IS MISSING IN XML-MGMT-OPS.XSD |
| IT31897 | CUSTOM POLICIES DIRECTORIES WILL GET REMOVED ON DRR |
| IT32293 | GWS CLI DEBUGGER PRINT COMMAND FAILS IF THE VALUE HAS A SPACE INIT |
| IT32372 | CANNOT MODIFY VARIABLES USING THE SCOPE PANEL WHEN DEBUGGING GATEWAYSCRIPT REMOTELY |
| IT32380 | REFRESH TOKEN SCOPE IS IGNORED IN API CONNECT GATEWAY SERVICE |
| IT32445 | SSL CLIENT PROFILE FAILS TO WORK IN GATEWAYSCRIPT URLOPEN |
| IT32486 | GWS ACTION CAN LEAK MEMORY WHEN THE TRANSACTION ENCOUNTERS A FATAL ERROR |
| IT32565 | SNMP USER ACCOUNTS MAY ENCOUNTER AN ERROR WHEN ASSIGNING A KEY GENERATED FROM PLAINTEXT. |
| IT32585 | API CONNECT GATEWAY SERVICE CAN RESTART THE DEVICE IF MISCONFIGURED. |
| IT32617 | EXPIRED SUBSCRIBER DATA INCORRECTLY MANAGED BY API SUBSCRIPTION GATEWAY PEERING |
| IT32620 | USER DEFINED POLICIES CANNOT HAVE THE NAME AS AN OUT-OF-BOX POLICY EVEN IF THE VERSIONS DO NOT MATCH |
| IT32626 | PREPARING SCHEMA VALIDATION ACTION CAUSES RELOAD |
| IT32642 | CONTINUOUS ERROR MESSAGES EVEN AFTER POLICY HAS REACHED CONSENSUS |
| IT32697 | SET PASSWORD ALIAS MAP TO DOWN WHEN IMPORT FAILS DUE TO LACK OF MASKED SETTING |
| IT32770 | SECURITY VULNERABILITY IN "MINIMIST" PACKAGE (API CONNECT GATEWAY SERVICE) |
| IT32781 | A CATALOG HAVING MORE THAN ONE USER DEFINED POLICY, ONLY ONE OF THE POLICIES IS RESTORED BY DRR |
| IT32798 | USER DEFINED POLICIES ARE NOT ADVERTISED TO API MANAGER ALTHOUGH GATEWAY REGISTRATION DATA IS AVAILABLE |
| IT32800 | ILLEGAL CATALOG METADATA CAN LEAD TO A CATALOG OUTAGE |
| IT32839 | UPDATE FOR LOW LEVEL CODE ON 4 PORT 10 GB MODULE |
| IT32914 | X-FORWARDED-FOR HEADER SHOULD BE SANITIZED FOR CORRECT ANALYTICS DATA |
| IT32982 | IF INVOKE PASSWORD CONTAINS THE = CHARACTER, IT IS CONVERTED TO = |
| IT33002 | NATIVE DATAPOWER SERVICE VARIABLES ARE NOT AVAILABLE IN API GATEWAY |
| IT32942 | WHEN FIRST RULE IN A POLICY CONTAINS ONLY ONE PROCESSING ACTION, EDITOR SHOWS ONLY THE MATCHING ACTION |
| IT33271 | UDP WITH FILES OUTSIDE OF 'LOCAL:POLICY/ |
Change history
Last modified: 24 April 2024
- 24 April 2024: Added fix list for the 10.0.1.19 fix pack.
- 1 March 2024: Added fix list for the 10.0.1.18 fix pack.
- 8 December 2023: Added fix list for the 10.0.1.17 fix pack.
- 25 October 2023: Added fix list for the 10.0.1.16 fix pack.
- 30 August 2023: Added fix list for the 10.0.1.15 fix pack.
- 28 June 2023: Added fix list for the 10.0.1.14 fix pack.
- 26 April 2023: Added fix list for the 10.0.1.13 fix pack.
- 22 February 2023: Added fix list for the 10.0.1.12 fix pack.
- 18 January 2023: Added IT42171 to 10.0.1.10 fix list.
- 5 January 2023: Added IT42667 to 10.0.1.10 fix list.
- 14 December 2022: Added fix list for 10.0.1.11 fix pack.
- 26 October 2022: Added fix list for 10.0.1.10 fix pack.
- 24 August 2022: Added fix list for 10.0.1.9 fix pack.
- 21 June 2022: Added fix list for 10.0.1.8 fix pack.
- 28 April 2022: Added fix list for 10.0.1.7 fix pack.
- 30 March 2022: Added fix list for 10.0.1.6sr1 security refresh.
- 21 February 2022: Added fix list for 10.0.1.6 fix pack.
- 1 October 2021: Added fix list for 10.0.1.5 fix pack.
- 6 August 2021: Added fix list for 10.0.1.4 fix pack.
- 2 April 2021: Added fix list for 10.0.1.3 fix pack.
- 29 January 2021: Added fix list for 10.0.1.2 fix pack.
- 9 December 2020: Added fix list for 10.0.1.1 fix pack.
- 30 September 2020: Added fix list for 10.0.1.0 fix pack.
- 17 August 2020: Added fix list for 10.0.0.1 fix pack.
- 17 June 2020: Created fix list for 10.0.0.0 fix pack.
Off
Document Location
Worldwide
[{"Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"ARM Category":[{"code":"a8m50000000L0rqAAC","label":"DataPower"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"10.0.1"}]
Problems (APARS) fixed
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
24 April 2024
UID
ibm16205303