Flashes (Alerts)
Abstract
This document contains a list of fixes for Security and HIPER APARs in DB2 Version 9.8
IBM® recommends that you review the APAR descriptions and deploy one of the above fix packs to correct them on your affected DB2 installations.
Content
A set of security vulnerabilities was discovered in some DB2 database products. These vulnerabilities were analyzed by the DB2 development organization and a set of corresponding fixes was created to address the reported issues. IBM is not currently aware of any externally reported incidents where production DB2 installations have been compromised due to these issues.
The affected DB2 for Linux, UNIX, and Windows products are:
- DB2 Enterprise Server Edition
Due to the complexity of the fixes required to eliminate the reported service issues, it is not feasible to retrofit the same fixes into earlier DB2 Version 9.8 fix packs.
Select a Fix Pack: 5
| DB2 Version 9.8 Fix Pack 5 | |||||
|---|---|---|---|---|---|
| Security APARs | |||||
| IC81836 | SECURITY: UNAUTHORIZED ACCESS TO TABLES | ||||
| IC81837 | SECURITY: DENIAL OF SERVICE SECURITY VULNERABILITY IN DB2'S XML FEATURE. | ||||
| IC81839 | SECURITY: UNAUTHORIZED ACCESS TO XML FILES IN DB2'S XML FEATURE | ||||
| IC82367 | SECURITY: DB2 DENIAL OF SERVICE VULNERABILITY IN THE DRDA COMPONENT. | ||||
| HIPER APARs | |||||
| IC77566 | CLI FUNCTIONS RETURN SQL_SUCCESS EVEN WHEN SQL_ATTR_INSERT_BUFFERING=SQL_ATTR_INSERT_BUFFERING_IGD and INSERT COMMAND FAILS | ||||
| IC81086 | WITH FILE SYSTEM CACHING ENABLED, SYSTEM OUTAGE MIGHT RESULT IN CORRUPTION DURING LOB OR REORG PROCESSING | ||||
| Special Attention APARs | |||||
| IC81467 | WITH FILE SYSTEM CACHING ENABLED, SYSTEM OUTAGE DURING LOAD PROCESSING MIGHT RESULT IN CORRUPTION | ||||
| IC81496 | QUERIES WITH LIKE OPERATORS MIGHT RETURN INCORRECT RESULTS DUE TO AN INVALID HIGHEST PADDING CHARACTER | ||||
| IC81699 | FAILED ONLINE LOAD WITH INDEX REBUILD CAN LEAD TO MISMATCH BETWEEN TABLE AND INDEX | ||||
| IC82728 | DATABASE CAN BE MARKED BAD DURING RECOVERY OR HADR REPLAY WHEN XML DATA IS IN THE TABLE | ||||
DB2 fix packs for all supported versions can be downloaded at the following site: http://www.ibm.com/support/docview.wss?uid=swg27007053
The DB2 team will continue to have a strong focus on delivering timely fixes for newly discovered issues along with information that helps our customers to decide on an appropriate course of action. The DB2 team regrets the inconvenience that these issues are causing to you, our customers. We believe that our actions are the most prudent steps to address your concerns and remain open to suggestions on how to further improve our processes.
My Notifications
Sign-up to receive e-mail notification of changes to this document.
1. Sign in to My Notifications
2. select Subscribe tab
3. select "Information Management" from the Software column
4. select the check box for "DB2 for Linux, UNIX and Windows"
click the Continue button.
5. select the check box for "Flashes" and all other document types
click the Submit button.
For more information about My Notifications please click on
- the Benefits and features or
- take an guided tour of My Notifications.
Was this topic helpful?
Document Information
Modified date:
25 September 2022
UID
swg21595316