Flash (Alert)
Abstract
This document contains a list of fixes for Security and HIPER APARs in DB2 Version 9.7
IBM® recommends that you review the APAR descriptions and deploy one of the above fix packs to correct them on your affected DB2 installations.
Content
A set of security vulnerabilities was discovered in some DB2 database products. These vulnerabilities were analyzed by the DB2 development organization and a set of corresponding fixes was created to address the reported issues. IBM is not currently aware of any externally reported incidents where production DB2 installations have been compromised due to these issues.
The affected DB2 for Linux, UNIX, and Windows products are:
- DB2 Enterprise Server Edition
- DB2 Workgroup Server (all Editions)
- DB2 Express Server (all Editions)
- DB2 Personal Edition
- DB2 Connect Server (all Editions)
DB2 Client component and DB2 products or components other than those listed above are not affected.
Due to the complexity of the fixes required to eliminate the reported service issues, it is not feasible to retrofit the same fixes into earlier DB2 Version 9.7 fix packs.
Select a Fix Pack: 8 | 7 | 6 | 5 | 4 | 3a | 3 | 2 | 1
| DB2 Version 9.7 Fix Pack 8 | |||||
|---|---|---|---|---|---|
| HIPER APARs | |||||
| IC87345 | ROWS MIGHT BE INSERTED INTO WRONG MDC TABLE CELL AFTER PREVIOUS INSERTS IN SAME TRANSACTION ENCOUNTER TABLESPACE FULL | ||||
| IC89290 | INDEX CORRUPTION MIGHT BE INTRODUCED DURING A DATABASE UPGRADE TO DB2 VERSION 9.7 | ||||
| IC89412 | READ STABILITY ISOLATION IS NOT ENFORCED UNDER CERTAIN SQL ACCESS PLANS | ||||
| IC89495 | INCORRECT RESULTS ON RANGE PARTITIONED TABLE WITH XML COLUMN | ||||
| IC90199 | ROLLFORWARD OR REPLAY LOG ON THE HADR STANDBY DATABASE FAILS AND LEAVES THE TABLE UNRECOVERABLE | ||||
| Special Attention APARs | |||||
| IC90721 | SQLGETDIAGFIELDW() SHOULD RETURN THE STRINGLENGTHPTR AS BYTES INSTEAD OF AS CHARACTERS. | ||||
| DB2 Version 9.7 Fix Pack 7 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IC84714 | SECURITY: SQLJ.DB2_INSTALL_JAR DIRECTORY ESCAPE VULNERABILITY (CVE-2012-2194). | ||||
| IC84748 | SECURITY: GET_WRAP_CFG_C AND GET_WRAP_CFG_C2 ALLOWS UNAUTHORIZED ACCESS XML FILES (CVE-2012-2196). | ||||
| IC84753 | SECURITY: STACK BUFFER OVERFLOW VULNERABILITY IN JAVA STORED PROCEDURE INFRASTRUCTURE (CVE-2012-2197). | ||||
| IC86781 | SECURITY: STACK BUFFER OVERFLOW VULNERABILITY IN SQL/PERSISTENT STORED MODULES DEBUGGING INFRASTRUCTURE (CVE-2012-4826). | ||||
| HIPER APARs | |||||
| IC83578 | XQUERY MIGHT RETURN INCORRECT RESULTS WHEN BOTH 'AND' AND 'OR' PREDICATES EXIST AND ALL PREDICATES CAN BE APPLIED TO XML INDEXES | ||||
| IC83976 | WITH REOPT ENABLED, STATEMENTS CONTAINING ARRAY OR ROW VARIABLES MIGHT PRODUCE INCORRECT OUTPUT | ||||
| Special Attention APARs | |||||
| IC83608 | SQL WITH NESTED MATH OPERATIONS ON COLUMNS THAT ARE DEFINED WITH NOT NULL AND USING FUNCTIONS MAY RETURNED DIFFERENT RESULTS. | ||||
| IC84764 | INDEX CORRUPTION MAY BE INTRODUCED DURING A DATABASE UPGRADE TO DB2 VERSION 9.7 | ||||
| IC85196 | CREATING A UNIQUE GLOBAL INDEX ON A TABLE WITH DETACHED PARTITION AND DEPENDANT MQT MIGHT LEAD TO INCORRECT RESULT AFTER REFRESH | ||||
| IC85422 | QUERY WITH A UNION AND TWO CORRELATED BRANCHES MIGHT RETURN INCORRECT RESULTS IN PARTITIONED DATABASE ENVIRONMENTS | ||||
| IC85433 | BATCH INSERTS CAUSING DUPLICATE ROWS WHEN USING NULLIDRA (REOPT=ALWAYS) VS. NULLIDR1 (REOPT=ONCE) | ||||
| DB2 Version 9.7 Fix Pack 6 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IC79274 | SECURITY: DB2 ESCALATION OF PRIVILEGE VULNERABILITY | ||||
| IC80729 | SECURITY: REMOTE ESCALATION OF PRIVILEGE VULNERABILITY IN DAS. | ||||
| IC81380 | SECURITY: DENIAL OF SERVICE SECURITY VULNERABILITY IN DB2'S XML FEATURE. | ||||
| IC81390 | SECURITY: UNAUTHORIZED ACCESS TO TABLES | ||||
| IC81462 | SECURITY: UNAUTHORIZED ACCESS TO XML FILES IN DB2'S XML FEATURE | ||||
| IC82234 | SECURITY: DB2 DENIAL OF SERVICE VULNERABILITY IN THE DRDA COMPONENT. | ||||
| HIPER APARs | |||||
| IC81066 | WITH FILE SYSTEM CACHING ENABLED, SYSTEM OUTAGE MIGHT RESULT IN CORRUPTION DURING LOB OR REORG PROCESSING | ||||
| IC82403 | CRASH RECOVERY OR ROLL FORWARD OPERATION MIGHT FAIL WHEN CERTAIN LOG RECORDS ARE REPLAYED ON A TABLE WITH COMPRESSION ENABLED | ||||
| Special Attention APARs | |||||
| IC79727 | QUERIES WITH LIKE OPERATORS MIGHT RETURN INCORRECT RESULTS DUE TO AN INVALID HIGHEST PADDING CHARACTER | ||||
| IC80394 | CHANCES OF MEMORY LEAK INTRODUCED IN VERSION 9.7 FIX PACK 5 | ||||
| IC80456 | LIKE CLAUSES MIGHT RETURN INCORRECT RESULTS FOR COLUMNS WITH VARCHAR DATA TYPE IN UNICODE DATABASES | ||||
| IC81388 | FAILED ONLINE LOAD WITH INDEX REBUILD CAN LEAD TO MISMATCH BETWEEN TABLE AND INDEX | ||||
| IC81466 | WITH FILE SYSTEM CACHING ENABLED, SYSTEM OUTAGE DURING LOAD PROCESSING MIGHT RESULT IN CORRUPTION | ||||
| IC82348 | DATABASE CAN BE MARKED BAD DURING RECOVERY OR HADR REPLAY WHEN XML DATA IS IN THE TABLE | ||||
| IC82921 | INCORRECT RESULTS AFTER LOADING A TABLE WITH CONSTRAINTS FOLLOWED BY RUNNING ALTER TABLE STATEMENT WITH ATTACH OR DETACH OPTIONS | ||||
| DB2 Version 9.7 Fix Pack 5 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IC70473 | SECURITY: POTENTIAL TRAP WITH STMM ENABLED AND DATABASE_MEMORY SET TO AUTOMATIC | ||||
| IC76901 | SECURITY: REMOTE DENIAL OF SERVICE OF DB2 SERVER. | ||||
| HIPER APARs | |||||
| IC78251 | ADMIN_MOVE_TABLE PROCEDURE RETURNS SQL0969N, SQL1188N or SQL0408N ERROR CODE | ||||
| IC77502 | TRANSACTION LOG CORRUPTION DUE TO ENTERING A TIMING HOLE UPON RECEIVING AN INTERRUPT DURING CRASH RECOVERY | ||||
| IC77510 | CLI FUNCTIONS RETURN SQL_SUCCESS EVEN WHEN SQL_ATTR_INSERT_BUFFERING = SQL_ATTR_INSERT_BUFFERING_IGD and INSERT COMMAND FAILS | ||||
| IC77439 | POSSIBLE INCORRECT RESULTS FROM A GROUP OF LEFT JOIN, INNER JOIN, AND COALESCE EXPRESSION IN AN ON PREDICATE | ||||
| IC77337 | INCORRECT OUTPUT MIGHT BE RETURNED BY A QUERY WITH PARTITION ELIMINATION INVOLVING MULTIPLE COLUMNS AND NON-CONSTANT KEYS | ||||
| IC76792 | BAD PAGE HEADER ENCOUNTERED BY PREFETCHER DURING ONLINE BACKUP ON LINUX PLATFORM. BACKUP IMAGE MAY BE CORRUPTED. | ||||
| IC76679 | INCORRECT RESULTS ARE RETURNED IF AN SQL QUERY CONTAINS RID(), RID_BIT() or ROWID | ||||
| IC76116 | INCORRECT RESULTS OBTAINED WHEN USING VARCHAR_FORMAT (TO_CHAR) TO CONVERT NUMERIC VALUES TO FORMATTED STRINGS | ||||
| Special Attention APARs | |||||
| IC76415 | SQL30021 MESSAGE STATING 'MANAGER "0X1440" AT LEVEL "9" NOT SUPPORTED' IS RETURNED WHILE CONNECTING TO HOST VIA SEPARATE GATEWAY | ||||
| DB2 Version 9.7 Fix Pack 4 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IC72119 | Users able to update statistics for tables without appropriate privileges | ||||
| IC71375 | SECURITY: User continues to have privilege to execute a non-DDL statement after role membership has been revoked from its group | ||||
| HIPER APARs | |||||
| IC75037 | AFTER LOAD INSERT INTO MDC+RP (RANGE PARTITIONED) TABLE, SET INTEGRITY MAY SILENTLY FAIL TO VALIDATE ROWS AGAINST CONSTRAINTS | ||||
| IC74244 | NESTED-LOOP JOIN WITH EARLYOUT FOR GROUPBY CLAUSES, YIELDS INCORRECT RESULTS WHEN JOIN COLUMNS ARE OF DIFFERENT DATA TYPES | ||||
| IC72698 | INCORRECT RESULTS OR "SQL204N TABLE NOT FOUND" ERROR RETURNED WHEN SELECTING FROM VIEW. | ||||
| Special Attention APARs | |||||
| IC73163 | HIGH MEMORY ALLOCATION WHILE PROCESSING TABLE QUEUE ( TQ ) SPILLS ON DPF SYSTEMS | ||||
| DB2 Version 9.7 Fix Pack 3a | |||||
|---|---|---|---|---|---|
| HIPER APARs | |||||
| IC70959 | INSERT OR UPDATE WITH INDEX COMPRESSION MAY CAUSE MEMORY CORRUPTION AND CRASH | ||||
| IC69772 | POTENTIAL CORRUPTION WHEN REPLAYING LOG RECORDS THAT INSERT KEYS INTO AN INDEX AND TRIGGER PAGE SPLITS | ||||
| DB2 Version 9.7 Fix Pack 3 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IC68015 | SECURITY: FUNCTIONS ARE NOT INVALIDATED NOR DROPPED EVEN WHEN THE OWNER LOSES SUFFICIENT PRIVILEGE TO ACCESS UNDERLYING OBJECTS. | ||||
| IC70406 | SECURITY: UPDATE AGAINST A TABLE VIA A COMPOUND SQL (COMPILED) STATEMENT MAY BE EXECUTED BY USER WTHOUT REQUIRED PRIVILEGE | ||||
| IC70539 | SECURITY: REMOTE BUFFER OVERFLOW VULNERABILITY IN DB2 ADMINISTRATIVE SERVER | ||||
| IC72029 | SECURITY: DB2 DAS REMOTE CODE EXECUTION VULNERABILITY | ||||
| HIPER APARs | |||||
| IC71241 | Possible incorrect result on recursive views which joins to a table on a unique column | ||||
| Special Attention APARs | |||||
| IC70482 | OCCURRENCE OF INSTANCE CRASH WITH SIGNAL 11 | ||||
| DB2 Version 9.7 Fix Pack 2 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IC67008 | SECURITY: SYSTEM GRANTED PRIVILEGES NOT REGENERATED ON VIEWS WHEN AUTO_REVAL IS SET TO IMMEDIATE | ||||
| IC67819 | SECURITY: MONITOR ADMINISTRATIVE VIEWS IN SYSIBMADM SCHEMA ARE VIEWABLE BY PUBLIC. | ||||
| IC63548 | SECURITY APAR: MODIFIED SQL DATA table function is not dropped when definer loses required privileges to maintain the objects. | ||||
| IC65742 | SECURITY: VULNERABILITY IN DB2STST. | ||||
| IC65762 | Security: DB2DART CAN OVERWRITE FILES OWNED BY THE NSTANCE OWNER. | ||||
| IC65935 | SECURITY: BUFFER OVERRUN IN REPEAT UDF (CVE-2010-0462) | ||||
| IC68762 | SECURITY: THE TIVOLI MONITORING AGENT (KUDDB2) FOR DB2 HAS DOS VULNERABILITY. (CVE-2010-0472) | ||||
| IC66643 | Security: Special group and user enumeration on Windows 2008 could trap the server. | ||||
| IC68055 | SECURITY: TRANSPORT LAYER SECURITY (TLS) HANDSHAKE RENEGOTIATION WEAK SECURITY CVE-2009-3555 | ||||
| IC66815 | SECURITY: User continues to have privilege to execute a non-DDL statement after their DBADM authority has been revoked. | ||||
| HIPER APARs | |||||
| IC66358 | DELETE NOT REMOVING DATA FROM MDC TABLE. | ||||
| IC65446 | LOAD FROM CURSOR FROM A TABLE WITH LOB COLUMN IN DPF ENVIRONMENT MIGHT LOAD WRONG RESULTS IN THE TARGET TABLE LOB COLUMN | ||||
| IC65328 | In DB2 V9.7 FP1 ONLINE BACKUP MAY FAIL WITH SQL2048 RC = 5, ERROR RAISED IN SQLUBRESIZEBUFSPACE PROBE 472 or it may hang. | ||||
| IC64864 | DELETING DATA FROM MULTIDIMENSIONAL CLUSTERED (MDC) TABLES RETURNS INACCURATE RESULTS DUE TO DEFERRED ROLLOUT PROCESSING | ||||
| IC62126 | Multi-threaded non-Java application either crashes or has code page conversion issues such as truncation of data | ||||
| IC64092 | THE ROUND SQL FUNCTION CAN RETURN THE WRONG RESULT ON A DECFLOAT INPUT VALUES OF Infinity/-Infinity | ||||
| DB2 Version 9.7 Fix Pack 1 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IC64759 | DASAUTO COMMAND CAN BE RUN BY NON-PRIVILEGED USERS | ||||
| IC62502 | Security: db2licm utility vulnerability | ||||
| IC63525 | SECURITY: Remote exploits of DB2 provided routines. | ||||
| IC63302 | Security: Manipulation of db2ra data stream of Load utility request can cause seg fault. | ||||
| IC64852 | SECURITY: SEQUENCE OR GLOBAL VARIABLE CAN BE USED WITHOUT THE APPROPRIATE PRIVILEGE | ||||
| IC63959 | INCORRECT FILE PERMISSION AND AUTHORIZATION FOR HA SCRIPTS WHEN INSTALLED VIA V9.5. | ||||
| IC64325 | In a rare case, calling a SQL stored procedure could cause the DB2 server to trap | ||||
| IC64853 | VISIBILITY OF PASSWORDS IN SET ENCRYPTION PASSWORD STATEMENT AS SEEN VIA GET SNAPSHOT DYNAMIC SQL | ||||
| IC68055 | SECURITY: TRANSPORT LAYER SECURITY (TLS) HANDSHAKE RENEGOTIATION WEAK SECURITY CVE-2009-3555 | ||||
| Security: DB2 instance terminates abnormally while compiling a SQL query | |||||
| HIPER APARs | |||||
| IC61886 | VERSION 9.7 DATABASE UPGRADE MAY CREATE A CORRUPTED LOG CONTROL FILE | ||||
| IC62219 | DYNAMIC SQL STATEMENTS WITH HOST VARIABLES, USING A REOPT ALWAYS OPTIMIZER GUIDELINE, MAY RETURN WRONG RESULTS | ||||
| IC62771 | INDEX COMPRESSION CAN RESULT IN A CORRUPTED INDEX | ||||
| IC64066 | Incorrect result with multiple IN list to join (GENROW) plans via transivity on SMP and MPP environment | ||||
| IC62088 | LOAD UTILITY MAY MARK A ROW BIT INCORRECTLY CAUSING INDEX SCAN TO RETURN INCORRECT RESULTS | ||||
| IC63415 | OUTER JOIN OPERATION MAY RETURN INCORRECT RESULTS WITH A PREDICATE WITH A SUBQUERY RETURNING NOT MORE THAN ONE ROW | ||||
| IC63668 | INCORRECT RESULTS WHEN ORDERED COLUMN GROUP OR PREDICATE CAN BE USED AS INDEX KEYS | ||||
| IC64767 | ALTER BUFFERPOOL REDUCE OR STMM MAY HANG IF SET WRITE SUSPEND HAD BEEN ISSUED | ||||
| IC64541 | SQLSETSTMTATTRW(SQL_ATTR_CHAINING_END) RETURNS 0, EVEN WHEN ONE OF THE PREVIOUS CHAINED STATEMENTS FAILED | ||||
| IC64462 | UPDATE/DELETE OPERATION FROM A TABLE AFTER ONLINE TABLE MOVE CAUSES DB2 TO CRASH | ||||
DB2 fix packs for all supported versions can be downloaded at the following site: http://www.ibm.com/support/docview.wss?uid=swg27007053
The DB2 team will continue to have a strong focus on delivering timely fixes for newly discovered issues along with information that helps our customers to decide on an appropriate course of action. The DB2 team regrets the inconvenience that these issues are causing to you, our customers. We believe that our actions are the most prudent steps to address your concerns and remain open to suggestions on how to further improve our processes.
My Notifications
Sign-up to receive e-mail notification of changes to this document.
1. Sign in to My Notifications
2. select Subscribe tab
3. select " Information Management" from the Software column
4. select the check box for " DB2 for Linux, UNIX and Windows"
click the Continue button.
5. select the check box for " Flashes" and all other document types
click the Submit button.
For more information about My Notifications please click on
- the Benefits and features or
- take an guided tour of My Notifications.
Rate this page:
Average rating
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.