Fixes are available
APAR status
Closed as program error.
Error description
To address the Black Duck CVE-2015-1270 vulnerability CVE reported by the customer we are upgrading the icu4j.jar to ICU 60 which is 60.3 level.
Local fix
Problem summary
The BlackDuck security vulnerability CVE-2015-1270 affects CICS Transaction Gateway, which has icu4j level 55.2.
Problem conclusion
The icu4j.jar included is updated to the level 60.3.
Temporary fix
Comments
APAR Information
APAR number
PH14054
Reported component name
CICS TRNS GATE
Reported component ID
5724I8103
Reported release
920
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2019-07-02
Closed date
2019-11-27
Last modified date
2019-11-27
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
CICS TRNS GATE
Fixed component ID
5724I8103
Applicable component levels
R900 PSY
UP
R910 PSY
UP
R920 PSY
UP
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMJ2","label":"CICS Transaction Gateway"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.2","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
15 October 2021