PM12610: SUN SECURITY FIX 6898622

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
    .
    Stack Trace: N/A
    .
    N/A
    

Local fix

  • N/A
    

Problem summary

  • Abstract: ObjectIdentifer.equals is not capable of detecting
    incorrectly encoded CommonName OIDs
    This is a Sun security fix, but it has not been deemed serious
    enough to warrant publication of a Sun Alert. However, it should
    still be ported.
    The testcase for SSB 6898622 is shown below:
      import com.ibm.security.util.*;
    
       public class BerOid {
           public static void main(String<OSB><CSB> args) throws
    Exception {
               new DerValue(new byte<OSB><CSB> {6, 4, 85, 4,
    (byte)0x80, 3}).getOID();
    
           }
      }
    On running this with the latest Sun JDK (which includes the fix
    for this SSB) it throws the exception below:
    Exception in thread "main" java.io.IOException:
    ObjectIdentifier() -- sub component starts with 0x80
            at
    sun.security.util.ObjectIdentifier.getComponent(ObjectIdentifier
    .java:310)
            at
    sun.security.util.ObjectIdentifier.initFromEncoding(ObjectIdenti
    fier.java:212)
            at
    sun.security.util.ObjectIdentifier.<init>(ObjectIdentifier.java:
    174)
            at sun.security.util.DerValue.getOID(DerValue.java:431)
            at BerOid.main(BerOid.java:12)
    But when the same testcase is run with the IBM JDK it is not
    throwing this exception.
    

Problem conclusion

  • This defect will be fixed in:
    1.4.2 SR13 FP5
    5.0.0 SR11 FP2
    6.0.0 SR8
    .
    The fix for the reported Sun Bug has been ported.
    .
    To obtain the fix:
    Install build 20100217 or later
    

Temporary fix

Comments

APAR Information

  • APAR number

    PM12610

  • Reported component name

    JAVA(1.3/1.4 CO

  • Reported component ID

    5648C9800

  • Reported release

    42A

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2010-04-20

  • Closed date

    2010-05-25

  • Last modified date

    2010-06-20

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    IZ74740 IZ74778

Fix information

  • Fixed component name

    JAVA(1.3/1.4 CO

  • Fixed component ID

    5648C9800

Applicable component levels

  • R42A PSN

       UP

  • R42L PSN

       UP

  • R42W PSN

       UP

  • R420 PSN

       UP



Rate this page:

(0 users)Average rating

Document information


More support for:

z/OS family

Software version:

1.4.2

Reference #:

PM12610

Modified date:

2010-06-20

Translate my page

Machine Translation

Content navigation