APAR status
Closed as program error.
Error description
A vulnerability in the Java Runtime Environment (JRE) with parsing XML data might allow a remote client to create a denial-of-service condition on the system that the JRE runs on. This is the issue described by CVE-2009-2625 / Sun Alert 263489.
Local fix
Problem summary
This version includes the fix for Updated version of XML4J 4.4.17
Problem conclusion
This defect will be fixed in: 5.0.0 SR10 . This version includes the fix for Updated version of XML4J 4.4.17 . To obtain the fix: Install build 20090626 or later
Temporary fix
Comments
APAR Information
APAR number
IZ63920
Reported component name
JAVA 5 XML/XSL
Reported component ID
620500126
Reported release
500
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2009-10-29
Closed date
2009-10-29
Last modified date
2009-11-18
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
JAVA 5 XML/XSL
Fixed component ID
620500126
Applicable component levels
R500 PSN
UP
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSCVQ3V","label":"XML"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.0","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
18 November 2009