This document describes how to download and install IBM Security AppScan Source 8.7 Fix Pack 1 (AppScan Source version 220.127.116.11).
This fix pack contains various bug fixes for AppScan Source version 8.7.
IMPORTANT: AppScan Source is affected by a vulnerability in OpenSSL (CVE-2014-0160). We strongly encourage you to apply the latest iFix, which addresses that vulnerability. See http://www.ibm.com/support/docview.wss?uid=swg21670303 for more details - and, after applying AppScan Source version 18.104.22.168, follow the instructions in http://ibm.com/support/docview.wss?uid=swg24037355 for applying the iFix.
This fix pack can only be applied to Security AppScan Source version 8.7. See the product user assistance for information about upgrading previous versions to version 8.7 before applying this fix pack. If you are upgrading early product versions, technote 1455145: Upgrading from versions 6.x to version 7.0 or 8.0 contains additional information.
|System Requirements||A detailed list of the supported hardware, operating systems and information related to IBM and third party software requirements.|
|Knowledge Center||Browse or search on-line information related to the deployment, configuration and usage of the product.|
See the Fix pack installation topic in the IBM Security AppScan Source Installation and Administration Guide that accompanies the download. This topic is also available in the product Knowledge Center collection at https://www.ibm.com/support/knowledgecenter/SSS9LM_22.214.171.124/com.ibm.rational.appscansrc.install.doc/topics/install_fix.html. The IBM Security AppScan Source Installation and Administration Guide can also be downloaded at https://www.ibm.com/support/knowledgecenter/SSS9LM_126.96.36.199/com.ibm.security.appscansrc.infocenter.nav.doc/topics/help_pdf.html.
This fix pack is available at Fix Central. To obtain the fix pack, use the direct Download links below or follow these instructions:
- Go to http://www.ibm.com/support/fixcentral/.
- Select Security Systems in the Product Group list. The Product list will then display.
- Select IBM Security AppScan Source in the Product list. The Version list will then display.
- Select 188.8.131.52 in the Installed Version list. The Platform list will then display.
(You can also select 184.108.40.206 in the Installed Version list. If you do this, select the Show fixes that get me to this version (220.127.116.11) radio button in the Identify fixes page (see Step 6 below).)
- Select the appropriate platform in the Platform list, then click Continue.
- You can accept the defaults on the Identify Fixes page and click Continue.
(If you selected 18.104.22.168 in the Installed Version list (see Step 4 above), select the Show fixes that get me to this version (22.214.171.124) radio button in the Identify fixes page.)
- The available fixes (based on your prior selections) will be displayed. Select the check box next to the fix that you want to download and then click Continue to proceed.
- You are prompted to sign in using your IBM ID and password, click Continue.
NOTE: There are helpful links on this page if you need to Register or if you do not remember your password.
- In the Download options page, select the download method (Download using Download Director (default) or Download using your browser). In this page, leave the Include prerequisites and co-requisite fixes check box selected. Click Continue to proceed.
- In the Download files page, make the necessary selections to obtain the media.
|PM72446||Environment variables in ppf files are replaced with hardcoded path after import|
|PM73841||Lost sinks marked as validation routines still show up as lost sinks|
|PM84639||CLI's SASE command does not enforce access privileges for setting the ASE URL|
|PM71923||Console output and scanner_exceptions log on a Japanese OS contains odd characters|
|PM74280||Appscan source java.exe process still running after AppScan Source clients are terminated|
|PM70059||Custom rules are not always added to project file after creation|
|PM73369||SRC: ORA-01704 when publishing assessments|
|PM85837||ouncemake applies to .C files (C++) the FileOptions intended for .c files (C)|
|PM87127||Not being able to mark a virtual lost sink as "not susceptible to taint|
|PM87904||Virtual Lost Sink reported on non-virtual method|
|PM84637||After adding an additional file extension, file does not show up in Explorer view|
|PM85020||Jars on the classpath from project dependencies tab are incorrectly displayed on one line|
|PM85379||Custom Validation is not saved in SolidDB|
|PM85645||Doc Defect: Doc references Quality > Data Flow Analysis > C/C++ which does not exist|
|Download||RELEASE DATE||LANGUAGE||SIZE(Bytes)||Download Options
What is Fix Central (FC)?
|Windows setup.exe||15 May 2013||English||376687323||FC|
|Linux setup.bin||15 May 2013||English||433999432||FC|
|Mac OS X setup.dmg||15 May 2013||English||299524437||FC|
- Visit the AppScan Source Support portal to review lists of known problems, fixes, and a wealth of important support information.
- If you have an issue with the AppScan product, open a support ticket (PMR) at IBM Service Request.
- For quick questions, use the AppScan Source Forum.
Known issues can also be found in the AppScan Source product documentation. See Where to find documentation for AppScan Source.
Helpful Hints For Obtaining Technical Assistance
Before you contact IBM Security Software Support, gather the background information that you need to describe the problem. When creating the ticket, provide this information:
- What operation did you performed - and what error messages have you received?
- The background information needed to understand the issue.
- Version of AppScan Source. Make sure that you are opening the ticket for AppScan Source (there are several AppScan products supported by different teams).
- Impact of the issue on your organization, schedule, and deadlines.
- Upload logs, screen captures, and background information for the ticket.
Problems (APARS) fixed