Direct links to fixes
APAR status
Closed as program error.
Error description
There are multiple vulnerabilities in IBM SDK Java Technology Edition, which IBM Integration Designer and IBM WebSphere Integration Developer use. These issues were disclosed as part of the IBM SDK Java Technology Edition updates in January 2016, discussed in "Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Integration Designer and WebSphere Integration Developer (CVE-2016-0475, CVE-2016-0466, CVE-2015-7575, CVE-2016-0448)" (http://www.ibm.com/support/docview.wss?uid=swg21977249). This bulletin also addresses the Java specific "SLOTH - Weak MD5 Signature Hash" vulnerability. PRODUCTS AFFECTED: WebSphere Integration Developer IBM Integration Designer
Local fix
Problem summary
No additional information is available.
Problem conclusion
A fix is available for the latest fix pack of all supported releases of Integration Designer and WebSphere Integration Developer. On Fix Central (http://www.ibm.com/support/fixcentral), search for JR55223: 1. Select IBM WebSphere Integration Developer or IBM Integration Designer from the product selector, the installed version to the fix pack level, and your platform, and then click Continue. 2. Select APAR or SPR, enter JR55223, and click Continue. When you download fix packages, ensure that you also download the readme file for each fix. Review each readme file for additional installation instructions and information about the fix.
Temporary fix
Comments
APAR Information
APAR number
JR55223
Reported component name
INTEGRATION DES
Reported component ID
5725C9702
Reported release
856
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2016-02-10
Closed date
2016-02-23
Last modified date
2016-02-23
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
INTEGRATION DES
Fixed component ID
5725C9702
Applicable component levels
R751 PSY
UP
R801 PSY
UP
R850 PSY
UP
R855 PSY
UP
R856 PSY
UP
R857 PSY
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSTLXK","label":"IBM Integration Designer"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"856","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
16 October 2021