IBM Support

APARs fixed in IBM Spectrum Protect server 7.1.13 interim fix levels

Question & Answer


Question

What APARs and security vulnerabilities were fixed in interim fix (patch) levels for IBM Spectrum Protect server Version 7.1.13?

Answer

Beginning with Version 7.1.3, IBM Tivoli Storage Manager is now IBM Spectrum Protect. Some applications such as the software fulfillment systems and IBM License Metric Tool use the new product name. However, the software and its product documentation continue to use the Tivoli Storage Manager product name. To learn more about the rebranding transition, see technote 534193.

This table lists APARs and security vulnerabilities addressed in interim fix levels for IBM Spectrum Protect V7.1.13 server users. For a list of APARs that were resolved in Fix Pack 7.1.13.000, see technote 515761.

Find the latest IBM Spectrum Protect downloads by going to Fixes by Version.

Tip: In the following list, Rel represents the release number in which the issue was detected. In some cases, the operating system is identified (A = AIX, L = Linux®, S = Solaris, H = HP-UX, and W = Windows). For example, 71L denotes V7.1 running on a Linux operating system.

APARs fixed in level 7.1.13.200
Security vulnerabilities fixed in level 7.1.13.200
APARs fixed in level 7.1.13.100
Security vulnerabilities fixed in level 7.1.13.100

APARs fixed in level 7.1.13.200

APAR
Operating System/Release of Reported Issue
(APAR, CompId, Rel)
Abstract
IT36437 IT36437 5698ISMSV 81A IMPORTED DATA MAY FAIL TO RESTORE WITH ANR9999D_3632385001 "
IT36693 IT36693 5698ISMSV 71L IBM SPECTRUM PROTECT SERVER MAY CRASH DURING DATABASE RESTOR

Security vulnerabilities fixed in level 7.1.13.200

Security vulnerability
Abstract
CVE-2020-5024, CVE-2020-5025, CVE-2020-4976 The IBM Spectrum Protect Server is affected by IBM Db2 vulnerabilities such as denial of service, buffer overflow, and weak file permissions.

APARs fixed in level 7.1.13.100

APAR
Operating System/Release of Reported Issue
(APAR, CompId, Rel)
Abstract
IT35814 IT35814 5698ISMSV 81A DATABASE RESTORE OPERATION WITH RESTOREKEYS=YES/ONLY MAY FAI
IT35858 IT35858 5698ISMSV 81W IBM SPECTRUM PROTECT SERVER DOES NOT PROMPT FOR A PASSWORD D

Security vulnerabilities fixed in level 7.1.13.100

Security vulnerability
Abstract
CVE-2020-14782 An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
CVE-2020-27221 Eclipse OpenJ9 is vulnerable to a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding.

[{"Type":"SW","Line of Business":{"code":"LOB26","label":"Storage"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSEQVQ","label":"IBM Spectrum Protect"},"ARM Category":[{"code":"a8m0z00000006gxAAA","label":"Server->APAR"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"7.1.13"}]

Document Information

Modified date:
08 June 2021

UID

ibm16410576

Page Feedback