IBM Support

PI50993:Apache HTTPComponents vulnerabilities in WebSphere Application Server (CVE-2012-6153, CVE-2014-3577)

Downloadable files


Abstract

Apache HTTPComponents vulnerabilities in WebSphere Application Server (CVE-2012-6153, CVE-2014-3577)

Download Description

PI50993 resolves the following problem:

ERROR DESCRIPTION:
Apache HTTPComponents vulnerabilities in WebSphere Application Server
LOCAL FIX:

PROBLEM SUMMARY:
Apache HTTPComponents vulnerabilities in WebSphere Application Server

PROBLEM CONCLUSION:
Apache HTTPComponents vulnerabilities in WebSphere Application Server

Prerequisites

None

Installation Instructions

Please review the readme.txt for detailed installation instructions.

URL LANGUAGE SIZE(Bytes)
Readme US English 2260
Readme US English 2296

Download package

Known side effects

There would be NoClassDefFoundError observed after applying the fix because the API in HTTPCore and HTTPClient libraries are no long visible to application. To resolve this error, application may need to be updated with HTTPCore and HTTPClient libraries bundled.

Download RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
What is Fix Central(FC)?
8.5.5.6-WS-WASProd-IFPI50993 12-03-2015 US English 254093 HTTP
8.0.0.10-WS-WASProd-IFPI50993 12-03-2015 US English 253242 HTTP

Technical support

Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the WebSphere Application Server support web site (http://www.ibm.com/software/webservers/appserv/was/support/), or contact 1-800-IBM-SERV (U.S. only).

Problems (APARS) fixed
PI50993

Document information

More support for: WebSphere Application Server
General

Software version: 8.0.0.10, 8.0.0.11, 8.5.5.6, 8.5.5.7, 8.5.5.8

Operating system(s): AIX, HP-UX, IBM i, Inspur K-UX, Linux, Solaris, Windows, iOS, z/OS

Software edition: Network Deployment, Single Server

Reference #: 4041394

Modified date: 16 December 2016


Translate this page: