IBM Support

JVM security patches for IBM Lotus Domino 8.x servers

Fix readme


This technote contains download and install information for JVM security patches for IBM Lotus Domino 8.x servers.


Refer to technote #1616652 for detailed information on the related JVM security vulnerability.

Fix availability & download information

Domino 8.5.3 thru 8.5.3 Fix Pack 2 Interim Fix 1; 8.5.2.x; 8.5.1.x

IMPORTANT NOTE: The fix is included in Domino 8.5.3 Fix Pack 3. Do not attempt to apply the interim patches linked below to 8.5.3 Fix Pack 3.

Fix Central
Fix Central download link
file name
AIX 85x_Server_AIX32_JVM_Security_Patch_11212012
AIX64 85x_Server_AIX64_JVM_Security_Patch_11212012
Linux 85x_Server_Linux_JVM_Security_Patch_11212012
Solaris 85x_Server_Sol_JVM_Security_Patch_11212012
W32 85x_Server_W32_JVM_Security_Patch_11212012
W64 85x_Server_W64_JVM_Security_Patch_11212012
zLinux 85x_Server_zLinux_JVM_Security_Patch_11212012

Note the following:
  • The patches linked above, which work with 8.5.1.x through 8.5.3 Fix Pack 2 Interim Fix 1, were posted to Fix Central on 21 November 2012.
    • If a Fix Pack was installed, the prior JVM update would not uninstall on W32 or W64. This new version corrects that. If you installed the previously available JVM patch, there is no need to take any action. Future Fix Packs and Maintenance Releases will install correctly.
  • The patch will work with 8.5.0.x, but has had minimal testing. IBM recommends customers on 8.5.0.x move to a more current release.

Domino 8.0.2.x & 8.0.1.x
Limited availability via Interim Fix. To inquire about availability, open a service request with IBM Support and reference SPR KLYH8ZVQ37.

Additional information
  • You can run the executable from any directory. By default, you will not receive a prompt that install was successful. To force a prompt to appear upon install script completion, set the environment variable JVMPATCHER_UIMODE=1
    Note the following caveat: If you run the installer in silent mode from Command Prompt (with the -s switch), the prompt will appear if the environment variable is set even though it is running in silent mode.
  • The patch will not interfere with existing Interim Fixes (hotfixes), Fix Packs, or Maintenance Releases, and it will not revise the Domino version string.
  • The server patch can be run a second time to uninstall.

Options to confirm fix is installed

OPTION 1: Issue "java -version" command
-- In Command Prompt, navigate to \<Domino Program Directory>\jvm\bin
-- Issue the command java -version (On Linux, use ./java -version)
-- The output should appear as follows:

java version "1.6.0"
Java(TM) SE Runtime Environment (build pwi3260sr12ifix-20121108_01(SR12+IV31417))
IBM J9 VM (build 2.4, JRE 1.6.0 IBM J9 2.4 Windows XP x86-32 jvmwi3260sr12-20121
024_126067 (JIT enabled, AOT enabled)
J9VM - 20121024_126067
JIT  - r9_20120914_26057
GC   - 20120928_AA)
JCL  - 20121108_01

Note: If you do not issue "java -version" from within the \<Domino Program Directory>\jvm\bin directory, the system JVM version will be returned instead of the Domino JVM version.

OPTION 2: Issue "Show JVM" command
-- At the Domino server console, issue the command Show JVM
-- The output should appear as follows:

> show jvm
[0B6C:0002-1B5C] 11/13/2012 02:04:14 PM  JVM: Java Virtual Machine initialized.
[0B6C:0002-1B5C] 11/13/2012 02:04:14 PM  JVM version: JRE 1.6.0 IBM J9 2.4 Windows XP x86-32 jvmwi3260sr12-20121024_126067 (JIT enabled, AOT enabled) J9VM - 20121024_126067 JIT  - r9_20120914_26057 GC   - 20120928_AA

Related information

Security Bulletin: Notes & Domino affected by vulnerabi
JVM security patches for IBM Lotus Notes 8.x clients
A simplified Chinese translation is available

Document information

More support for: IBM Domino

Software version: 8.0, 8.5

Operating system(s): AIX, IBM i, Linux, Solaris, Windows

Reference #: 1617197

Modified date: 19 August 2013