IBM Support

IJ04037: FIX SECURITY VULNERABILITY CVE-2018-2637

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
    .
    Stack Trace: N/A
    .
    

Local fix

Problem summary

  • A security vulnerability has been identified.
    

Problem conclusion

  • The Java Runtime Environment has been or will be updated to fix
    the problem described in CVE-2018-2637 at
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637.
    .
    This APAR will be fixed in the following Java Releases:
       8    SR5 FP10  (8.0.5.10)
       6    SR16 FP60 (6.0.16.60)
       6 R1 SR8 FP60  (6.1.8.60)
       7 R1 SR4 FP20  (7.1.4.20)
       7    SR10 FP20 (7.0.10.20)
    .
    Contact your IBM Product's Service Team for these Service
    Refreshes and Fix Packs.
    For those running stand-alone, information about the available
    Service Refreshes and Fix Packs can be found at:
               https://www.ibm.com/developerworks/java/jdk/
    

Temporary fix

Comments

APAR Information

  • APAR number

    IJ04037

  • Reported component name

    JAVA CLASS LIBS

  • Reported component ID

    620700130

  • Reported release

    800

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2018-02-09

  • Closed date

    2018-02-20

  • Last modified date

    2018-02-20

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    JAVA CLASS LIBS

  • Fixed component ID

    620700130

Applicable component levels

  • R800 PSY

       UP

  • R600 PSY

       UP

  • R700 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.0","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
22 February 2022