A fix is available
APAR status
Closed as program error.
Error description
Category 1 transactions: CXRE & CXCU are not being handled correctly and users may see security violation errors ICH408I DFHXS1111 DFHAC2003 due to the category 1 list length being incorrectly calculated. As a consequence the length is short by 8 bytes and the last 2 transactions don't get checked. A similar problem applies to the Category 3 transactions as well. . The affected Category 3 transactions are CXRT and CSXM.
Local fix
n/a
Problem summary
**************************************************************** * USERS AFFECTED: All CICS Users. * **************************************************************** * PROBLEM DESCRIPTION: Security errors for category 1 * * transactions CXRE and CXCU. * **************************************************************** When starting up a CICS region with security enabled, the region user id will be checked to see if it has the authority to run all category 1 transactions. The category 1 transactions list is copied into XS domain anchor block, but the length of the transactions list is incorrectly calculated, short by 8 bytes. As a consequence the last 2 transactions are not checked at start up. This can lead to an unexpected security violation at runtime if CXRE or CXCU are used. The length of category 3 transactions list is also incorrectly calculated in XS domain anchor block.
Problem conclusion
DFHXSDM has been changed to make sure the length of category 1 and category 3 transactions list are correctly calculated in XS domain anchor block.
Temporary fix
Comments
APAR Information
APAR number
PH09198
Reported component name
CICS TS Z/OS V5
Reported component ID
5655Y0400
Reported release
100
Status
CLOSED PER
PE
NoPE
HIPER
YesHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2019-03-04
Closed date
2019-05-09
Last modified date
2019-06-13
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UI62938 UI62939
Modules/Macros
DFHXSDM
Fix information
Fixed component name
CICS TS Z/OS V5
Fixed component ID
5655Y0400
Applicable component levels
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.4","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.4","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
13 June 2019