Download
Downloadable File
| File link | File size | File description |
|---|---|---|
Abstract
Lists of fixes in IBM DataPower Gateway 10.5.0.x fix packs.
Download Description
Fix packs and firmware images are located in either Fix Central, Passport Advantage, or the Entitled Registry.
In IBM Knowledge Center you can find information about new and changed features, limitations, and restrictions.
- For new features, see What's new.
- For changes, see What's changed.
- For limitations and restrictions, see the Release notes.
ATTENTION
- 10.5.0.7 - Detailed information in the memory status provider (
show memorycommand) changed. The primary changes are the calculations for memory usage (%) and used memory (KB). If you use the data for either of these properties in scripts, you might need to modify your scripts to account for this change. Without any change to your system, memory usage reports a greater percentage. For more information, see Changes to memory status on the DataPower Gateway with APAR IT44330. - 10.5.0.1 - The support to process IBM Transformation Extender maps with a binary transform action are no longer included as a feature in the Integration Module and the B2B Module. If your existing configuration contains a processing rule that includes a binary transform action to process Transformation Extender maps, you must download and activate the new Transformation Extender Module. To validate whether you need this new module, export your complete configuration and search each domain configuration file for the tx-map command.
Important
- Before you install any fix pack or firmware image, review DataPower® Knowledge Collection on firmware updates.
- For more information about how to download DataPower® fix packs, see Fix download method.
- To download from Fix Central, go to the Fix Central.
- To download from Passport Advantage, go to the Passport Advantage Online for customers.
- 10.5.0.12 Includes new features.
- 10.5.0.11
- 10.5.0.10 Includes new features.
- 10.5.0.9
- 10.5.0.8 Includes new features.
- 10.5.0.7 Includes new features.
- 10.5.0.6 Includes new features.
- 10.5.0.5R Fix pack 10.5.0.5 with only APAR IT43698 added.
- 10.5.0.5 Includes new features.
- 10.5.0.4R Fix pack 10.5.0.4 with only APAR IT43698 added.
- 10.5.0.4
- 10.5.0.3 Includes new features.
- 10.5.0.2 Includes new features.
- 10.5.0.1 Includes new features.
- 10.5.0.0
10.5.0.12
Release date: 28 June 2024
Last modified: 28 June 2024
Status: Available
|
APAR
|
Description
|
| IT44550 | DATAPOWER LOGS ERROR READING FROM CONNECTION: SYSTEM ERROR (110) |
| IT44570 | AMQP HANDLER STUCK IN PENDING STATE AFTER APPLYING CONFIGURATION CHANGES. |
| IT44571 | WHILE LOADING, AMQP HANDLER STOPS PULLING MESSAGES. |
| IT44865 | MODIFYING THE RETRY INTERVAL OR THE COMMENT FIELD OF THE AMQP BROKER CAN CAUSE THE OBJECT TO GO DOWN IN THE PENDING STATE. |
| IT44904 | DATAPOWER MIGHT RELOAD WHEN THE AMQP CONNECTION FOR THE AMQP URLOPENER IS BROKEN DUE TO NETWORK ERRORS |
| IT45580 | HTTP/2 HANDLER DOES NOT HAVE IDLE TIMEOUT PARAMETER |
| IT45786 | DATAPOWER SHOULD NOT ALLOW DUPLICATE ENTRIES UNDER SFTP CLIENT POLICIES FOR USER AGENT |
| IT45793 | TLS BAD LENGTH ERROR WHEN USING TLS VERSION 1.3 AND SESSION CACHING. |
| IT45849 | DATAPOWER DOES NOT ALLOW THE SETTING OF A CUSTOM TLS PROFILE FOR WSDL RETRIEVAL. |
| IT45855 | MQV9+ OR MQMFT MIGHT NOT RETRIEVE MESSAGES WHILE UNITS-OF-WORK IS ENABLED |
| IT45966 | API GATEWAY API WITH LONGEST BASE PATH IS NOT ROUTED WHEN THERE ARE MULTIPLE CANDIDATES. |
| IT45973 | INCORRECT VALUE OF $(API.OPERATION.PATH) WHEN PATTERN KEYWORD IS SPECIFIED IN THE PATH PARAMETER. |
| IT45999 | LOGS FOR THROTTLER USAGE CONTAIN AN INCORRECT VALUE FOR TOTAL TEMPORARY SPACE. |
| IT46008 | CSS BANNER NOT DISPLAYED IN NEW UI. |
| IT46030 | COMPATIBILITY ISSUE OF OBJECT.PROTOTYPE.TOSTRING AFTER UPGRADE. |
| IT46043 | CANNOT CONVERT API YAML OF FORCEHTTP500FORSOAP11 TO DATAPOWER CONFIGURATION. |
| IT46052 | REMOVE THE ANGULAR.JS LIBRARY. |
| IT46054 | CORRUPTED BINARY ATTACHMENTS IN MULTIPART HANDLING. |
| IT46061 | DATAPOWER MIGHT RESTART WHEN PREPARING FOR USER ACTIVITY SUCH AS IMPORT, EXPORT, AND SO FORTH. |
| IT46069 | ADD XSLT EXTENSION FUNCTION APIM:GETREGISTRY TO THE API GATEWAY XSLT COMPATIBILITY MODULE |
| IT46070 | API GATEWAY LOGS MIGHT CONTAIN SPECIAL CHARACTERS FOR THE SPACE NAME. |
| IT46079 | THE QUERY PARAMETER VALIDATION DOES NOT SUPPORT THE URL-ENCODED FORMAT. |
| IT46081 | ADDRESS FALSE POSITIVE FINDINGS IN VULNERABILITY SCANS. |
| IT46096 | WRONG API PARAMETER TYPE WHEN THE FORMAT IS BYTE, BINARY, DATE, DATE-TIME, OR PASSWORD. |
| IT46101 | DATAPOWER B2B EBMS3 SOAP 1.2 MESSAGES INCORRECTLY SET THE MUSTUNDERSTAND ATTRIBUTE. |
| IT46104 | UPDATE OPENSSL LIBRARY TO ADDRESS CVE-2024-2511 |
| IT46105 | UPDATE NODEJS LIBRARY TO ADDRESS CVE-2024-27982 |
| IT46108 | API WITH CONSUME DECLARATION DOES NOT HAVE A HIGHER PRIORITY. |
| IT46116 | MIGRATED V5 POST RESPONSE EXTENSION CORRUPTS CLIENT RESPONSE |
| IT46118 | THE API GATEWAY MIGHT RESTART WHEN SENDING A MULTIPART MESSAGE WITH AN INVALID INVOKE URL IN THE INVOKE ASSEMBLY ACTION. |
| IT46119 | API SUBSCRIPTION SERVICES WITH SAME BASE PATH AND OPERATION RETURN THE WRONG RESPONSE. |
| IT46131 | API RATE LIMIT STATUS DOES NOT RETURN DATA FROM SECONDARY GATEWAY-PEERING INSTANCES. |
| IT46132 | DATAPOWER FOR LINUX, SECURE RESTORE DOES NOT RESET THE PASSWORD FOR THE ADMIN ACCOUNT. |
| IT46135 | TEMPORARY FILES THAT GATEWAYSCRIPT GENERATE DO NOT HONOR THE TTL IF A RELOAD HAPPENS BEFORE TTL IS REACHED. |
| IT46140 | CERTIFICATE DETAILS MISSING IN THE NEW UI |
| IT46145 | DATAPOWER FOR VMWARE, NEW UI DOES NOT DISPLAY ALL RAID ARRAY ACTIONS. |
| IT46146 | REST API RETURNS NUMBER VALUES FOR THE NAME INSTEAD OF A STRING VALUE. |
| IT46150 | SUPPRESS HTTP/2 HOST HEADER IN REQUEST |
| IT46156 | DATAPOWER MQ CLIENT MIGHT GET UNEXPECTED CONNECTION ERRORS |
| IT46167 | UNEXPECTED 404 RESPONSE FOR AN API PATH WITH MANY SPECIAL CHARACTERS. |
| IT46184 | AFTER AN UPGRADE, ILMT SWIDTAGS FROM THE PREVIOUS VERSION MIGHT PERSIST AND BE INCLUDED IN THE SCAN REPORTS. |
| IT46196 | PROBE CANNOT CAPTURE TRANSACTIONS AFTER THE PROBE CAPTURE IS DELETED AND RE-CREATED. |
| IT46214 | API CONNECT GATEWAY SHOULD ALLOW CASE-INSENSITIVE WSDL QUERY PARAMETER FOR WSDL RETRIEVAL |
| IT46253 | DATAPOWER RETURNS INCORRECT TIME REPRESENTATION. |
| IT46260 | DATAPOWER UI DOES NOT DISPLAY LOGS THAT ARE NOT WRITTEN TO THE LOGTEMP: DIRECTORY. |
| IT46261 | GATEWAY PEERING GROUP MIGHT BE OPERATIONAL UP WHILE INVALID LOCAL NODE IS DEFINED FOR CLUSTER MODE. |
| IT46271 | AFTER AN IRREGULAR RESTART, THE DATAPOWER APPLIANCE HAS OLD VERSIONS OF OBJECTS. |
| IT46276 | UPDATE KERNEL TO ADDRESS MULTIPLE CVES. |
| IT46284 | DATAPOWER MIGHT RESTART AFTER DISABLING OR DELETING A GATEWAY-PEERING CLUSTER NODE. |
| IT46285 | API CONNECT GATEWAY SERVICE MIGHT RESTART WHEN /GATEWAY-SERVICE-CONFIGURATION-DELETE IS INVOKED WITH NO BODY. |
| IT46286 | INCORRECT COUNT OF CAPTURED TRANSACTIONS IN THE NEW PROBE. |
| IT46292 | ITX TAG MISSING FROM ILMT-SCAN IN ALL RELEASES |
| IT46293 | MEMORY LEAK ON QUERYING SUBSCRIPTION WITH PATTERN |
| IT46294 | CLEAN UP REFERENCE TO REMOVED CATALOG |
| IT46301 | MEMORY LEAK TO ROUTE AN API CONNECT API WITH QUERY, HEADER, OR FORM PARAMETERS. |
| IT46324 | ENABLING TLS ON GATEWAY PEERING GROUP MIGHT HANG GATEWAY |
| IT46397 | UPDATE KERNEL TO ADDRESS SEVERAL FALSE POSITIVE VULNERABILITIES |
| IT46448 | CRITICAL SEVERITY VULNERABILITY IN OPENSSL (CVE-2024-4741) |
10.5.0.11
Release date: 24 April 2024
Last modified: 24 April 2024
Status: Available
|
APAR
|
Description
|
| IT44537 | DATAPOWER MATCH ACTION MIGHT NOT ESCAPE URIS PROPERLY WHEN USING BACKSLASH CHARACTERS |
| IT44816 | APIC GATEWAY EXTENSION WITH SQL DATA SOURCE MIGHT CAUSE A WATCHDOG |
| IT44982 | LOG TARGET EVENT FILTERS DO NOT WORK WHEN CONFIGURED IN THE WEBGUI |
| IT45245 | DATAPOWER MIGHT RESTART WHEN MONITORING GATEWAYSCRIPT FILES FOR UPDATES |
| IT45298 | OAUTH CACHE UPDATES EXISTING ENTRIES RATHER THAN CREATE NEW ENTRIES |
| IT45308 | DATAPOWER MIGHT RELOAD WHEN TRANSACTIONS HAVE ERRORS AND CONNECTIONS TIME OUT ON MQV9+ OR MQMFT |
| IT45322 | DATAPOWER MIGHT RESTART WHEN USING SET-VAR ACTION |
| IT45330 | API GATEWAY: UNABLE TO GENERATE CORRECT CONFIGURATIONS IF SWAGGER CONTAIN EQUIVALENT CASE-INSENSITIVE PATHS |
| IT45355 | UPDATE OPENSSL LIBRARY TO ADDRESS CVE-2023-567 |
| IT45357 | UPDATE OPENSSH LIBRARY TO ADDRESS CVE-2023-48795 |
| IT45407 | APIC SUBSCRIBER STATUS MIGHT NOT DISPLAY |
| IT45428 | DATAPOWER SYSLOG-TCP LOG TARGET MIGHT NOT COME BACK UP AFTER NETWORK ERROR |
| IT45514 | DATAPOWER RELOADS WHEN USING A LONG CONTEXT VARIABLE NAME WITH MANY DOT CHARACTERS |
| IT45542 | APIC ASSEMBLY FUNCTION ALLOWS DUPLICATE PARAMETER NAMES |
| IT45570 | DATAPOWER MIGHT RESTART WHEN HANDLING IMS HEALTH CHECKS |
| IT45579 | PROBE RETURNS PROBE HEADER WHEN TRANSACTIONS ARE NOT CAPTURED |
| IT45582 | DATAPOWER MIGHT RESTART WHEN LOGGING TLS ERROR |
| IT45598 | PROBE CAPTURE COUNT INCREASES WHEN TRANSACTIONS ARE NOT CAPTURED |
| IT45664 | DATAPOWER MQ TLS SNI SETTING NOT TAKING EFFECT |
| IT45665 | APIC API COLLECTION CACHE CAPACITY SETTING IS NOT TAKING EFFECT |
| IT45666 | DATAPOWER MIGHT RESTART IF CLUSTER-BASED GATEWAY PEERING IS MODIFIED WHILE A PREVIOUS MODIFICATION IS BEING PROCESSED |
| IT45667 | UPDATE NODEJS LIBRARY TO ADDRESS CVE-2024-22025 |
| IT45668 | UPDATE OPENSSH LIBRARY TO ADDRESS CVE-2023-48795 |
| IT45669 | UPDATE OPENSSL LIBRARY TO ADDRESS CVE-2024-0727 |
| IT45698 | APIC GATEWAY MIGHT RELOAD WHEN A NON-STRING TYPE/FORMAT IS USED IN QUERY PARAMETERS |
| IT45699 | GATEWAY EXTENSION PUSH WITH POLICY TYPE DP-IMPORT DOES NOT UPDATE THE CHANGES. |
| IT45708 | DATAPOWER 10.5 CANNOT DELETE DOMAIN IF OLD USER REFERENCED THAT DOMAIN |
| IT45742 | DATAPOWER MIGHT RELOAD WHEN SENDING MESSAGES FROM IDGMQ URL-OPENER HAS ERRORS. |
| IT45743 | DATAPOWER RELOADS WHEN MQV9+ HANDLER WITH ENABLED PARSE PROPERTIES AND THE RECEIVED MESSAGES EXCEEDS 16 KB |
| IT45750 | PROBE DATA MIGHT NOT BE CAPTURED DUE TO INCORRECT COUNTING OF ALLOWED RECORDS |
| IT45751 | CHECK-APIGW-STYLESHEET-CACHE-ENTRY EXTENSION FUNCTION MIGHT RETURN 0 ON CACHED STYLESHEETS |
| IT45764 | AN EBMS MESSAGE PROCESSING ERROR IS GENERATED WHEN STRICT COMPILE OPTION IS ENABLED |
| IT45769 | ERROR:14094417:SSL ROUTINES:SSL3_READ_BYTES:SSLV3 ALERT ILLEGAL PARAMETER |
| IT45773 | FLOAT IS ROUNDED DURING DEEP COPY OF JSON |
| IT45774 | MEDIUM SEVERITY VULNERABILITY IN GOLANG(CVE-2023-45289) |
| IT45775 | UNEXPECTED RECORD COUNT CHECK AND LOGGING FOR PROBE-SETTINGS |
| IT45776 | TYPE STRING AND FORMAT PASSWORD OF QUERY PARAMETER ARE NOT HIDDEN WITH * CHARACTER |
| IT45777 | MEDIUM SEVERITY VULNERABILITY IN GOLANG CRYPT/X509 (CVE-2024-24783) |
| IT45778 | MISSING FIELD VALUE AND CUSTOMIZED FILTER FOR API SUBSCRIBER STATUS |
| IT45787 | DATAPOWER MIGHT RESTART WHEN GENERATING A DOMINO-STYLE LTPA TOKEN |
| IT45810 | SOAP 1.2 FAULT RESPONSE IS RETURNED FOR SOAP 1.1 REQUESTS WHEN THE VALIDATION OF SOAP REQUEST PAYLOAD FAILS |
| IT45820 | ERROR LOG SHOWS 2053 Q_FULL BUT FOUND THE MESSAGE IS NOT STAYED IN SYSTEM UNTIL IT COULD BEEN BACKOUT. |
| IT45829 | DATAPOWER HTTP/2 SERVER THROWING TLS ERRORS UNEXPECTEDLY |
| IT45830 | REMAINING ASSEMBLY COUNT LIMIT MIGHT GET UNSYNCED IF CLUSTER-MODE GATEWAY-PEERING IS USED FOR RATELIMIT |
| IT45833 | MEDIUM SEVERITY VULNERABILITIES IN GOLANG |
| IT45853 | DATAPOWER B2B AS4 SERVICE VARIABLES ARE NOT AVAILABLE IN B2B GATEWAY |
| IT45858 | OBJECT STATUS PERFORMANCE IMPROVEMENT |
| IT45866 | UPGRADE OF A MULTI-GATEWAY CLUSTER TO 10.5.0.9 OR HIGHER MIGHT FAIL TO PERFORM CLOUD UPGRADE |
| IT45869 | QUOTA ENFORCEMENT CANNOT DELETE RATE LIMIT KEY WHILE CLUSTER-MODE GATEWAY PEERING IS USED |
| IT45870 | PATTERN OF PARAMETER NEED TO BE ESCAPED |
| IT45879 | THE VALUE OF FAULT CODE IN SOAP FAULT RESPONSES IS NOT CLIENT WHEN THE VALIDATION OF SOAP REQUEST PAYLOAD FAILS |
| IT45880 | UI CANNOT DISPLAY PROCESSING POLICY CORRECTLY |
| IT45893 | DATAPOWER MIGHT RESTART WHEN MODIFYING THE CONFIGURATION OVER XML/RMI |
| IT45894 | DATAPOWER DOES NOT DISPLAY CORRECT MEMORY STATISTICS ON CONTAINER PLATFORM |
| IT45899 | APIC NESTED V5C SWITCH POLICY WITH AN EMPTY OTHERWISE CLAUSE FAILS TO LOAD. |
| IT45924 | SIMPLIFY THE UPGRADE PROCESS FOR API CONNECT TO 10.5.0.10+ |
| IT45930 | DATAPOWER MIGHT RESTART WHEN MIGRATING XSLT MANUALLY FROM APIC V5 |
| IT45976 | INCORRECT VALUE OF $(API.OPERATION.PATH) WHEN PATTERN KEYWORD IS SPECIFIED IN PATH PARAMETER |
10.5.0.10
Release date: 1 March 2024
Last modified: 1 March 2024
Status: Available
|
APAR
|
Description
|
| IT42693 | IMPROVE DATAPOWER HOST VALIDATION LOGGING |
| IT44150 | GW SERVICE RESTART DURING A DRR CAUSES CLEARING ISSUE WITH EXTENSION DEPLOYER |
| IT44405 | DATAPOWER ON CONTAINER PLATFORM CANNOT DECRYPT MASKED PASSWORDS |
| IT44613 | SOME INTERNAL REQUESTS OF NEW UI ARE WRONGLY CONSIDERED TO COME FROM IP ADDRESS 127.0.0.1 |
| IT44628 | MOVE CONFIGURATION DOES NOT WORK IN NEW UI |
| IT44743 | APIC GATEWAY EXTENSION MODIFYING OR CREATING FRONT PROTOCOL HANDLER TO API GATEWAY SERVICE CAN HANG |
| IT44806 | TCP CONNECTION TEST DOES NOT ALLOW HOST ALIAS |
| IT44823 | DATAPOWER MQ V9+ QUEUE MANAGER MIGHT FAIL WITH MQRC_SSL_INITIALIZATION_ERROR (RC 2393) |
| IT44917 | DATAPOWER SIDECAR MIGHT NOT SHUTDOWN CORRECTLY CAUSING A SYSTEM RELOAD |
| IT44947 | DATAPOWER NEW UI SHOULD SUPPORT FILE NAME PATHS WITH JUST A COLON SEPARATOR BETWEEN DIRECTORY AND FILE NAME |
| IT44952 | THE CONTENT TYPE OF SOAP FAULT RESPONSE FOR SOAP 1.1 REQUESTS IS NOT TEXT/XML |
| IT44959 | SUPPORT MESSAGE PROPERTIES IN AS4 USER MESSAGES |
| IT44964 | DATAPOWER MIGHT RESTART WHEN DELETING DOMAIN |
| IT44975 | KAFKA HANDLER IS IN SLOW PERFORMANCE AFTER THE QUEUE IS EMPTY |
| IT44993 | XML MANAGEMENT VIEWCERTIFICATEDETAILS NOT WORKING WHEN THE CERTIFICATE HAS A PASSWORD VIA THE PASSWORD FIELD |
| IT45008 | MPGW MQ CANNOT SET RESPONSE HEADER THROUGH XSLT OR GWS PROPERLY |
| IT45032 | USE OF RSA-PSS VERIFICATION MIGHT CAUSE THE DATAPOWER APPLIANCE TO RESTART. |
| IT45057 | APIGW RELOAD WHEN MULTIPLE GATHER-AND-SEND LOG POLICIES ENFORCED |
| IT45086 | DATAPOWER COULD EXPERIENCE AN ABRUPT RELOAD IF V5E IN APIC V10 IS APPLIED. |
| IT45129 | APIGW RESPONSE CACHE STOPS WORKING AFTER CACHING INITIAL REQUEST |
| IT45132 | DATAPOWER MIGHT NOT RELEASE ALL MEMORY WHEN USING HTTP/2 PROTOCOL HANDLER |
| IT45133 | APIC USER DEFINED POLICY UPLOAD MIGHT FAIL IF FILES SECTION ISEMPTY |
| IT45134 | APIC GATEWAYSCRIPT MIGHT NOT RELEASE ALL MEMORY WHEN WRITING TO SESSION OUTPUT WHEN USING APIM MODULE |
| IT45144 | APIC GATEWAY SERVICE DOES NOT COME UP DUE TO PASSWORD |
| IT45146 | BASIC AUTHENTICATION MAY GET REJECTED WITH AN HTTP 401 ERROR FOR LARGER PAYLOADS |
| IT45159 | DATAPOWER MEMORY USAGE GROWTH WHEN ACCEPTING HTTP/2 TRAFFIC AS THE SERVER |
| IT45160 | DATAPOWER UI ALLOWS SETTING PROBE CAPTURE COUNT HIGHER THAN IS ACCEPTED BY THE FIRMWARE |
| IT45166 | MEMORY LEAK WHEN USING DENY LIST WITH LOCAL MEMORY IN TOKEN MANAGEMENT SERVICE |
| IT45180 | DATAPOWER LDAP CONNECTION POOL ENTRIES PAGE SHOWS INCORRECT PORT NUMBER |
| IT45191 | DATAPOWER RMI SHOULD NOT RETURN _LINKS CONTENT ON AUTHENTICATION ERROR |
| IT45192 | DATAPOWER NEW UI OBJECT STATUS PAGE DOES NOT LOAD |
| IT45210 | RESTART IF READING NULL FOR APIM.READINPUTASBUFFER IN ERROR RULE |
| IT45214 | DATAPOWER MIGHT RESTART WHEN COMPILING AN INVALID JSV |
| IT45227 | API SWAGGER FILE MAY BE DELETED WHEN THE API CONNECT GATEWAY SERVICE IS RESTARTED. |
| IT45229 | GATEWAY-PEERING DATA INACCESSIBLE AFTER UPGRADE TO 10.5.0.9 |
| IT45246 | DATAPOWER RESTARTS DUE TO BAD MIME MESSAGE |
| IT45254 | DATAPOWER MIGHT RESTART AFTER CLI COMMAND FLUSH-ANALYTICS-ENDPOINT-BUFFER |
| IT45267 | DATAPOWER MIGHT RESTART WHEN VALIDATING CERTIFICATE FOR MTLS |
| IT45273 | DATAPOWER PROBE MIGHT CAUSE RESTART ON CAPTURE |
| IT45276 | API GATEWAY MIGHT INTRODUCE UNEXPECTED DELAY IN API ROUTING POLICY WHEN PROCESSING REQUESTS WITH LARGE FILES |
| IT45288 | DATAPOWER REFLECTED CROSS-SITE-SCRIPTING (XSS) VULNERABILITY |
| IT45321 | DATAPOWER MIGHT RESTART WHEN HANDLING LDAP HEALTH CHECKS |
| IT45323 | MEDIUM SEVERITY VULNERABILITY IN NODE.JS MSGPACKR MODULE (CVE-2023-52079) |
| IT45324 | APIC COUNT LIMITS TO BE AUTO-REPLENISHED CORRECTLY |
| IT45325 | APIC RATE LIMIT MAXIMUM VALUES DISPLAYED INCORRECTLY IN ACTIVITY LOG |
| IT45326 | APIC SUBSCRIBER CLIENT ID SHOULD BE CASE-SENSITIVE |
| IT45337 | MEDIUM SEVERITY VULNERABILITY IN IBM JRE (CVE-2023-22081, CVE-2023-5676) |
| IT45340 | OAI3 FORM DATA IS NOT BEING RECOGNIZED |
| IT45341 | FOR OAI3, THE PRODUCES AND SOAPELEMENTNAME CONFIG INFORMATION IS GENERATED INCORRECTLY |
| IT45342 | SCALE RATE LIMITS DO NOT ENFORCE MULTIPLE VALUES |
| IT45347 | WHEN USING PIV AUTHENTICATION LOGIN AND LOGOUT BEHAVIOR PREVIOUSLY LOOPED |
| IT45359 | MQV9 HANDLER CANNOT GET THE CORRECT SIZE OF THE PARSED INPUT MESSAGE VIA VAR://SERVICE/INPUT-SIZE |
| IT45360 | PROBE MIGHT NOT ALWAYS CAPTURE TRANSACTIONS |
| IT45367 | MEDIUM SEVERITY VULNERABILITY IN GO (CVE-2023-39326) |
| IT45368 | DATAPOWER UNEXPECTEDLY RESTARTS AFTER DELETING DOMAIN WITH AMQP HANDLER |
| IT45369 | MAX-RECORDS IS NOT UPDATED WHEN PROBE-SETTINGS IS MODIFIED |
| IT45384 | API GATEWAY DOES NOT RETURN HTTP 500 INTERNAL SERVER ERROR FOR SOAP 1.1 FAULT RESPONSES. |
| IT45387 | APIC RATE LIMIT DATA MIGHT NOT DISPLAY CORRECTLY IN STATUS PROVIDER |
| IT45388 | DATAPOWER JSONATA MIGHT RESTART WHEN USING EXECUTETOANY |
| IT45392 | APIC PROBE SHOULD NOT MIX CONTEXT DATA |
| IT45393 | APIC GATEWAY PEERING IN CLUSTER MODE CANNOT USE STRICT RATE LIMIT POLICY |
| IT45394 | APIC APIGW:CHECK-APIGW-STYLESHEET-CACHE-ENTRY EXTENSION FUNCTION DOES NOT ALWAYS WORK |
| IT45400 | APIC RMI REQUEST FOR POLICY PARAMETERS MIGHT RETURN INCORRECT DATA |
| IT45401 | DATAPOWER SOURCE-HTTPS MAXIMUM HEADER LENGTH NOT ENFORCED FOR HTTP/2 |
| IT45402 | APIC GATEWAY SERVICE FAILS TO START IF DOMAIN NAME IS JUST A NUMBER |
| IT45403 | PROBE FAILS TO CAPTURE FIRST TRANSACTION AFTER CHANGING CONFIGURATION |
| IT45404 | APIC LOG POLICY NOT BEHAVING CORRECTLY |
| IT45405 | UI DOES NOT WARN USER ABOUT REBOOT NEEDED AFTER CONFIGURATION CHANGES |
| IT45406 | DATAPOWER DOMAIN CANNOT BE DELETED AFTER APIC CONFIGURATION IS LOADED |
| IT45408 | UI SHOULD NOT OFFER ISCSI OPTION FOR ERROR REPORT SETTINGS |
| IT45409 | DATAPOWER MIGHT RESTART WHEN LOGGING AFTER LOGGING TARGET ADDITIONS OR DELETIONS |
| IT45418 | ACTIVE USERS STATUS INCORRECTLY SHOWS EPHEMERAL SESSIONS |
| IT45419 | APIC UI TRACING OPTION MIGHT GET EMPTY RESPONSE AFTER RECEIVING TOO MANY TRANSACTIONS. |
| IT45429 | APIC SUBSCRIBER STATUS PAGE MIGHT NOT DISPLAY CORRECTLY IN UI WITH MANY ENTRIES |
| IT45440 | PROBE CONTEXT DATA MIGHT INCLUDE XML DECLARATION IN NON-XML DATA |
| IT45441 | APIC CUSTOM POLICY DEPLOY FAILURE LEADS TO CONFUSING ERRORS IN LOG |
| IT45455 | APIGW DOES NOT PROCESS MULTIPART MESSAGE WITH BAD BOUNDARY CORRECTLY |
| IT45495 | DATAPOWER AND APIC GATEWAY VULNERABILITY IN JRE CVE-2024-20952, CVE-2024-20918, CVE-2024-20921, CVE-2023-33850 |
| IT45576 | CRITICAL SEVERITY VULNERABILITY IN NODE.JS |
10.5.0.9
Release date: 8 December 2023
Last modified: 8 December 2023
Status: Available
|
APAR
|
Description
|
| IT43302 | GATEWAY PEERING USING TLS MIGHT LEAK MEMORY |
| IT43425 | DATAPOWER KAFKA CLUSTER NAME MUST BE LIMITED TO 60 BYTES OR LESS INCLUDING THE DOMAIN NAME |
| IT44179 | ORIGINAL URL IN REDIRECT EI FLOW SHOULD RETURN DOMAIN NAME |
| IT44212 | ALLOCATED MEMORY DOES NOT MATCH CONFIGURED MEMORY FOR A TENANT |
| IT44514 | DataPower GatewayScript indexOf and lastIndexOf functions fail on a Buffer object |
| IT44538 | DATAPOWER MIGHT UNEXPECTEDLY RELOAD WHEN COMPLETING A DISPATCHED TASK |
| IT44544 | TENANT MANAGEMENT INTERFACES MIGHT BE INACCESSIBLE AFTER A SECURE RESTORE |
| IT44616 | DATAPOWER SFTP CLIENT MIGHT RESTART DEVICE IF SERVER HAS LONG PATH NAMES |
| IT44732 | APIC PARAMETER INLINE VARIABLE SUBSTITUTION MIGHT NOT RELEASE ALL MEMORY USED |
| IT44745 | NEW UI: EVENT FILTERS IN LOG TARGET DO NOT SHOW THE TEXT FOR MESSAGES. |
| IT44752 | WRONG PAYLOAD MIME TYPE IN OUTGOING EBMS3 GZIP MESSAGES |
| IT44766 | DATAPOWER MIGHT RESTART WHEN USING HTTP/2 |
| IT44768 | DUPLICATE X-GLOBAL-TRANSACTION-ID HEADER RESPONDED TO THE CLIENT IF IT EXISTS IN THE REQUEST HEADER |
| IT44788 | GRAPHQL INCORRECT ARGUMENT TO BACKEND SERVER |
| IT44799 | APIM.SETVARIABLE FUNCTION FAILS WHEN THE VALUE IS THE RESULT OF A QUERYSTRING.PARSE FUNCTION |
| IT44803 | FIX THE RATELIMIT TOKEN FROM LAST INTERVAL TO CONSUME THE LAST REMAINING INSTEAD OF REJECTING. |
| IT44822 | DATAPOWER MIGHT RESTART IF ASSEMBLY LOG ACTION DOES NOT SPECIFY A LOG LEVEL |
| IT44826 | DATAPOWER MIGHT RELOAD WITH HTTP CLIENT TRAFFIC |
| IT44843 | APIC GATEWAY EXTENSION OR POLICY ZIP CREATED ON WINDOWS OS CANNOT BE IMPORTED TO THE GATEWAY |
| IT44844 | PROBE MIGHT NOT RELEASE ALL MEMORY WHEN STARTED AND THEN STOPPED |
| IT44845 | DATAPOWER OR APIC USE OF JSONATA $MATCH FUNCTION MIGHT CAUSE MEMORY GROWTH |
| IT44846 | USE OF $APICTX JSONATA FUNCTION MIGHT RESTART DATAPOWER |
| IT44861 | USER-DEFINED POLICY IN A MULTI-NODE CLUSTER MIGHT NOT BE ADVERTISED TO APIM |
| IT44874 | APIC GATEWAY SERVICE MIGHT LOG INCORRECT ERROR MESSAGES |
| IT44875 | DATAPOWER SCP FILE COPY COMMAND MIGHT LEAK INTERNAL RESOURCES CAUSING INABILITY TO CREATE OR ACCEPT NEW CONNECTIONS |
| IT44877 | DATAPOWER XML PARSER FAILS TO PARSE IF ENTITY REFERENCE HAS SPECIFIC SIZE IN RELATION TO INTERNAL BUFFERS |
| IT44903 | API CONNECT API RESULT ACTION MIGHT NOT RETURN ALL MEMORY IF THERE IS AN ERROR DURING THE TRANSACTION |
| IT44916 | PAYLOAD/DATA IS GETTING PRINTED IN ACTIVITY LOGS |
| IT44923 | MULTISTEP RULE CALLED FROM API GATEWAY CALLRULE FUNCTION DOES NOT PROPAGATE STATUS CODE AND REASON PHRASE |
| IT44953 | TLS PROFILE REPORTED TO GO DOWN AFTER A RESTART OF DATAPOWER GATEWAY. |
| IT44962 | OAI YAML WITHOUT COMPONENTS SECTION CAUSES TYPEERROR: CANNOT READ PROPERTIES OF UNDEFINED (READING SCHEMAS) |
| IT44963 | APIS NOT PUBLISHING AFTER UPGRADE ERROR: MAXIMUM CALL STACK SIZE EXCEEDED |
| IT44965 | INVALID JSONATA EXPRESSION IN EXTRACT POLICY MIGHT CAUSE DATAPOWER TO RESTART |
| IT44967 | DATAPOWER RMI CREATEPROBECAPTURE REQUEST MIGHT FAIL DUE TO DUPLICATE NAME |
| IT44969 | DATAPOWER MIGHT RESTART WHEN APIC ASSEMBLY LOG TRIES TO SEND NON-JSON DATA |
| IT44976 | TIMING WINDOW WHERE SOMEHOW PUBSUB RUNS PRIOR TO UPDATING THE SNAPSHOT |
| IT44978 | GATEWAYPEERINGCLUSTERSTATUS MIGHT NOT RELEASE ALL MEMORY |
| IT44979 | PROBE MAXIMUM CAPTURE COUNT LOWERED TO 1000 FROM 64K |
| IT44981 | API PROBE CAPTURE WITH REQUIRE DEBUG HEADER TRUE CAPTURES TRANSACTIONS THAT DO NOT HAVE THE CORRECT HEADER |
| IT44987 | POLICYTITLE PROPERTY OF ERROR OBJECT DOES NOT HAVE VALUE IN GLOBAL ERROR RULE |
| IT44988 | DATAPOWER STORE:ENCRYPT/DECRYPT.XSL FAILS TO COMPILE WHEN STRICT COMPILE OPTION IS SELECTED |
| IT44990 | CHANGE ORDERING OF API-RESULT IN GLOBAL FINALLY RULE TO ALLOW USERS TO SET CUSTOM HEADERS OR DATA |
| IT44991 | DATAPOWER AS4 MESSAGE WITH ENCRYPTED PAYLOAD IN SOAP BODY MIGHT FAIL TO DECRYPT ACCORDING TO SPECIFICATION |
| IT44992 | MODIFYING DATAPOWER GATEWAY PEERING OBJECTS MIGHT NOT CLOSE ALL EXISTING CONNECTIONS LEADING TO UNEXPECTED ERRORS |
| IT45033 | RESTARTING APIC-GW-SERVICE OR CHANGING ANALYTICS WHILE CATALOG UPDATES ARE PROCESSING MIGHT CAUSE UPDATES TO BE LOST |
| IT45034 | MEDIUM SEVERITY VULNERABILITY IN NODE.JS (CVE-2023-38552, CVE-2023-39333) |
| IT45065 | LOW SEVERITY VULNERABILITY IN REDIS (CVE-2023-45145) |
| IT45068 | MEDIUM SEVERITY VULNERABILITY IN NET-SNMP (CVE-2022-44792, CVE-2022-44793) |
| IT45493 | DATAPOWER B2B GATEWAY CPA FILE IMPORT FAILS DUE TO ADD AND WRITE PERMISSION |
10.5.0.8
Release date: 25 October 2023
Last modified: 25 October 2023
Status: Available
|
APAR
|
Description
|
| IT43765 | DATAPOWER MIGHT RESTART WHEN CREATING ISAM/TAM OBJECTS WITH XML MANAGEMENT OR REST MANAGEMENT INTERFACES |
| IT43987 | OTHER SENSOR OUTPUT ON AN 8496 HAS A WRONG NAME |
| IT44026 | GETTING ENTRIES IN THE FAILURE NOTIFICATION STATUS WITH REASON CRASH AFTER UPGRADE TO 10.0.1.13. |
| IT44046 | APIGW MIGHT RESTART IF MIME MESSAGE HAS NO BODY |
| IT44141 | API CONNECT GATEWAY SERVICE MIGHT RESTART IF MISCONFIGURED |
| IT44145 | ADD FRAME-ANCESTORS: SELF DIRECTIVE IN CONTENT-SECURITY-POLICY |
| IT44196 | API GATEWAY MIGHT RETURN UNEXPECTED 404 ERRORS FOR SOAP 1.2 REQUESTS |
| IT44360 | XPATH ROUTING MAP DOES NOT LOG CORRECTLY |
| IT44382 | GATEWAY POD RESTART AFTER FIRMWARE UPGRADE. |
| IT44408 | X-CLIENT-CERTIFICATE HEADER FAILS WITH BEGIN/END CERTIFICATE TAG |
| IT44427 | DATAPOWER MIGHT RESTART IF DNS REQUEST HAS A TIMEOUT |
| IT44438 | API GATEWAY MIGHT NOT RETURN VALID SOAP ERROR RESPONSES FOR FAILED SOAP REQUESTS |
| IT44453 | URL SHOULD NOT BE ESCAPED IN ASSEMBLY-USER-SECURITY ACTIONS PROPERTIES |
| IT44461 | DATAPOWER MIGHT RESTART WHEN GENERATING ERROR REPORT ON STARTUP |
| IT44467 | ACCESSING THE SYSTEM LOGS IN B2B DOMAIN CAUSING INSTABILITY IN NEW UI AND REPORTING BROWSER OUT OF MEMORY ERRORS. |
| IT44468 | DATAPOWER CONFIGURATION SEQUENCE FEATURE MIGHT RESTART THE DEVICE, IF THE DIRECTORY STRUCTURE IS LARGE |
| IT44470 | IDG-X3 TEST HARDWARE COMMAND DID NOT SHOW POWER SUPPLY FAILURE |
| IT44481 | DATAPOWER TLS SNI SERVER OBJECT DOES NOT USE CORRECT CIPHER SUITES |
| IT44482 | GATEWAY PEERING CLUSTER STATUS DISPLAY CAN HANG |
| IT44487 | WSDL ZIP ERROR |
| IT44506 | NEW UI IN DATAPOWER IS MISSING ILMT SCANNER |
| IT44507 | APIC ENCRYPTED PROBE DATA NOT RECORDED WHEN CERTIFICATE NAME IS SPECIFIED WITHOUT NAME PREFIX |
| IT44509 | FOR API GATEWAY SOAP REQUESTS MIGHT FAIL WITH 404 ERRORS BECAUSE DOCUMENT SIZE LIMIT EXCEEDS IN THE API ROUTING ACTION |
| IT44515 | IN A MULTI-GATEWAY CLUSTER, A COLLECTION MIGHT BE ERRONEOUSLY DELETED FROM ONE GATEWAY |
| IT44534 | SQL QUERY TIMES OUT WHEN TRACE IS ENABLED |
| IT44543 | GATEWAY PEERING SWITCH PRIMARY COMMAND MIGHT NOT RETURN MESSAGE FOR GATEWAY PEERING WHEN IN CLUSTER MODE |
| IT44545 | JSONATA ERROR WITH WILDCARD EXPRESSION |
| IT44556 | RATE LIMIT OBJECT IN ANALYTICS TO USE THE SHORTNAME |
| IT44557 | APIC RATE LIMIT MIGHT THROW UNEXPECTED RATE LIMIT EXCEEDED ERRORS |
| IT44558 | DATAPOWER MIGHT RELOAD WHILE A CSPPASSWORDALIAS IS CONFIGURED FOR A MQ V9+ QUEUE MANAGER |
| IT44564 | APIC PROBE CAPTURE SETTINGS RESPONSE RETURNS NUMBERS INSTEAD OF STRINGS |
| IT44569 | DATAPOWER EXPORT DIALOG SCREEN DOES NOT RENDER CORRECTLY |
| IT44580 | SUPPORT NULLABLE ENFORCEMENT IN OAI3.0 IN APIM/APIC |
| IT44588 | UPDATE GO LIBRARY TO 1.20.8 |
| IT44591 | API GATEWAY TEMPORARILY LOSES ASSEMBLY RATE/BURST LIMITS ON PUBLISH OR CONFIGURATION CHANGE |
| IT44605 | DATAPOWER EXTENSION FUNCTION DP:AUTH-INFO SHOULD INDICATE IF NO CERTIFICATE WAS PRESENTED IN RESULT XML NODE |
| IT44630 | CREATING API PROBE CAPTURE SETTING MIGHT RESTART DATAPOWER |
| IT44631 | SYSTEMS LOG CANNOT PROPERLY DISPLAY GB18030 CHARACTERS IN THE UI |
| IT44650 | DATAPOWER MIGHT RESTART DURING INSTALLATION WIZARD IF SHELL DISCONNECTS |
| IT44665 | DATAPOWER KEYGEN CLI COMMAND USES WRONG DEFAULT FOR SHA DIGEST |
| IT44691 | DATAPOWER UI FAILURE NOTIFICATION SETTINGS ARE NOT APPLIED OR SAVED |
| IT44716 | POTENTIAL DENIAL OF SERVICE VULNERABILITY IN OPENSSL (CVE-2023-4807) |
| IT44720 | MULTIPLE SECURITY ISSUES IN SECURE GATEWAY CLIENT |
| IT44748 | RAPID RESET DDOS VULNERABILITY (CVE-2023-44487 & CVE-2023-39325) |
| IT44809 | NEW UI PROBE EXTENSION TRACE OMITS SOME TRANSACTIONAL DATA |
| IT45049 | DATAPOWER SENDS GRAPHQL JSON PAYLOAD WITH AN ADDITIONAL KEY "OPERATIONTYPE", WHICH IS NOT TO THE STANDARD |
| IT45213 | MEDIUM SEVERITY VULNERABILITY (CVE-2023-46177) |
10.5.0.7
Release date: 30 August 2023
Last modified: 30 August 2023
Status: Available
|
APAR
|
Description
|
| IT42964 | DOMAIN AVAILABILITY FEATURE DELAYS DOMAIN STARTUP FOR 1 MINUTE EVEN WHEN DISABLED |
| IT43003 | DataPower might leak memory when the probe is enabled |
| IT43699 | DATAPOWER X3 APPLIANCES HAVE A POTENTIAL MEMORY ISSUE IN THE BMC CODES THAT MIGHT CAUSE THE BMC RESET ITSELF |
| IT43870 | THE APPLIANCE COULD BE RELOADED WHEN THE MQ-QM IS SHUT DOWN DUE TO NETWORK ERRORS, AND A NEW MQ CONNECTION IS INITIALIZED. |
| IT43925 | DATAPOWER GWS CANNOT FIND DEPENDENCY |
| IT43927 | DATAPOWER PARAMETERS DUPLICATE IN USER AGENT FOR BASIC AUTH CAUSING LARGER CONFIGURATION AND OVERHEAD |
| IT43934 | APIC GATEWAY DOES NOT PROCESS JSONATA $$ CORRECTLY |
| IT43943 | THE VARIABLE SUBSTITUTION DOES NOT CURRENTLY CHECK THE REPLACEMENT VALUE TO DETERMINE IF THERE ARE VARIABLES INSIDE OF IT |
| IT43951 | DATAPOWER RBM ACCESS PROFILES WHICH ALLOW LOGIN THROUGH RMI MIGHT NO LONGER WORK AS EXPECTED |
| IT43952 | DATAPOWER GENERATES TWO R4 RECORDS |
| IT43995 | API GATEWAY DOES NOT RETURN RESPONSE BODY FROM BACKEND FOR REQUESTS WITH OPTIONS METHOD |
| IT43997 | DATAPOWER MIGHT RESTART IF APIC API COLLECTION HAS API RULE WITH NO ACTIONS |
| IT44042 | THE X-CLIENT-IP HEADER SHOULD NOT SEND BACK TO THE CLIENT IN THE ERROR RESPONSE |
| IT44115 | DATAPOWER SSHD TASK ENCOUNTERED CHANNEL ERROR. |
| IT44126 | PARSE OAUTH REQUEST SCOPE VALUES FOR EXTRA WHITESPACES |
| IT44143 | C org creating incorrectly drives config sequence execution |
| IT44161 | APIC API PROBE OPERATIONAL STATE INCORRECT WHEN MISCONFIGURED |
| IT44162 | APIC API CALL MIGHT RETURN UNAUTHORIZED HTTP RESPONSE IF 2 PATHS IN THE API HAVE DIFFERENT SECURITY REQUIREMENTS |
| IT44164 | SSH SESSIONS USING THE REDIRECTION OPERATOR MIGHT NOT HANDLE THE SHELL LOGIN COMMAND PROPERLY |
| IT44165 | APIC API ROUTING WILL FAIL IF URI IS ENCODED BUT THE API PATH IS NOT |
| IT44208 | API GATEWAY : UNABLE TO USE THE OAUTH SHARED SECRET FOR REGISTERING A GATEWAY SERVICE SET IN THE API MANAGEMENT SERVERS CLOUD |
| IT44231 | CERTIFICATE MISMATCH ERROR IN DATAPOWER LOGS |
| IT44237 | MQ OBJECT IS DOWN WHEN 20-LENGTH MQCHANNEL NAME IS SET |
| IT44240 | WSDL APIS THAT ARE SINGLE FILES MIGHT TRIGGER API GATEWAY UPDATES EVEN IF UNCHANGED |
| IT44254 | ENHANCED STABILITY IN NEW UI |
| IT44255 | CONTINUOUS INCREASE IN MEMORY UTILIZATION AND NOT COMING DOWN. |
| IT44257 | KAFKA DP:URL-OPEN USING KEY PARAMETER MIGHT RESTART DATAPOWER |
| IT44262 | GATEWAY PEERING OBJECT CANNOT BE ASSIGNED TO ANYTHING ELSE AFTER BEING ASSIGNED TO PROBE-SETTINGS |
| IT44265 | APIC SUBSCRIBERS RMI STATUS PROVIDER CALL DOES NOT RETURN CONSISTENT RESULTS |
| IT44266 | DATAPOWER MULTISTEP PROBE MIGHT RESTART DEVICE FOR CERTAIN RULE CONFIGURATIONS |
| IT44280 | APIC WEBHOOKS CANNOT BE PROCESSED EVEN AFTER MISCONFIGURATION IS CORRECTED |
| IT44281 | DATAPOWER MQ CLIENT ADDS SUPPORT FOR TLS 1.3 CIPHERS |
| IT44293 | APIC GATEWAY PEERING GROUP WHEN IN CLUSTER MODE SHOULD NOT BE OPERATIONAL STATE UP IF PEER IP ADDRESSES ARE DUPLICATED |
| IT44330 | DP RELOADING BEFORE THROTTLE IS TRIGGERED |
| IT44336 | DATAPOWER 10GB NETWORK MODULE FAILURE MIGHT ALSO CAUSE 40GB MODULE FAILURE ON X3 |
| IT44338 | DATAPOWER QUOTA ENFORCEMENT KEYS MIGHT NOT BE REMOVED AFTER SERVER IS MODIFIED/RESTARTED |
| IT44339 | APIC GATEWAY SERVICE MIGHT LEAK TEMPORARY FILES IF FILESYSTEM IS FULL |
| IT44340 | APIC ASSEMBLY FUNCTION MAY BE IN OPERATIONAL STATE UP EVEN IF PARAMETERS ARE MISCONFIGURED |
| IT44341 | APIC DEVICE MIGHT RESTART WHILE ROUTING A REQUEST IF API DEFINITION IS MISSING ASSEMBLY |
| IT44351 | USE OF JAEGER TRACING CAUSES V5 EMULATED POLICIES TO FAIL |
| IT44380 | ALLOW WEBSOCKET PROTOCOLS IN OAI3 |
| IT44381 | DATAPOWER FORCES CLOUD POLICY UPDATE. |
| IT44383 | SUBSCRIPTION LOSS AFTER UPDATES. |
| IT44654 | UPDATE NODE.JS TO ADDRESS MULTIPLE CVES |
| IT44649 | DENIAL OF SERVICE VULNERABILITY IN NODE SEMVER PACKAGE (CVE-2022-25883) |
10.5.0.6
Release date: 28 June 2023
Last modified: 28 June 2023
Status: Available
|
APAR
|
Description
|
| IT39216 | DATAPOWER ON DOCKER DOES NOT SAVE SNMP COMMUNITIES OR CUSTOM WEBGUI USER AGENT |
| IT41799 | ZE IT41039 FIX APAR - RELOAD MIGHT OCCUR WHEN URLOPEN HAS INCORRECT ENDPOINT SYNTAX |
| IT43107 | CANNOT DELETE PASSWORD MAP OR CRYPTO KEY OBJECT WHEN THE SSH CLIENT PROFILE ASSOCIATED WITH IT IS DELETED |
| IT43125 | HTTP2 BASED CLIENTS USING AN EXPECT HEADER WITH A VALUE OF 100-CONTINUE CAN CAUSE RELOAD |
| IT43150 | APIC GATEWAY MIGHT RESTART WHEN USING API DEBUG PROBE AND A GATEWAYSCRIPT ASSEMBLY IN THE GLOBAL ERROR RULE |
| IT43251 | APIC DURING DRR WITH A LARGE AMOUNT OF CATALOGS, THERE MIGHT BE A TEMPORARILY INCONSISTENT CATALOG LIST |
| IT43409 | SELF BALANCING MIGHT FAIL TO REGISTER ALL CONFIGURED DATAPOWERS AND SERVICE. |
| IT43445 | DATAPOWER USER ACCOUNT IS NOT LOCKED WHEN WRONG PASSWORD IS USED TOO MANY TIMES |
| IT43506 | FORMAT OF CONTEXT VARIABLE OAUTH.VERIFIED_ACCESS_TOKEN.NOT_BEFORE IS NOT CORRECT. |
| IT43513 | APIC GATEWAY MIGHT RESTART WHEN GATEWAYSCRIPT THROWS AN ERROR SETTING MESSAGE HEADERS |
| IT43524 | ANALYTICS ENDPOINT MIGHT GO DOWN AND FAIL TO COME BACK UP |
| IT43593 | CONTEXT VARIABLE REQUEST.URI RETURNS INCORRECT URL IF USING HTTP2 |
| IT43595 | V5 EMULATION FRAMEWORK FAILS IF A MESSAGE HEADER HAS A NULL VALUE |
| IT43641 | COMPILATION OF XSLT WHICH USE DPFUNC:ZULU-TIME BY AN XML MANAGER WITH COMPILE OPTIONS POLICY MIGHT FAIL. |
| IT43668 | APIC ANALYTICS ENDPOINT MIGHT NOT RETURN ALL MEMORY AFTER A RETRY |
| IT43669 | APIC TO ALLOW USER TO SPECIFY PORTS FOR GATEWAY PEERING MEMBERS IN THE UI |
| IT43681 | DATAPOWER HTTP/2 DOES NOT ALLOW USER TO SET THE :AUTHORITY HEADER |
| IT43698 | DATAPOWER MEMORY MANAGEMENT SEGMENTATION MIGHT CAUSE HIGHER THAN EXPECTED CPU USAGE |
| IT43703 | DATAPOWER X2/X3 DEVICE MIGHT HAVE UNUSUAL LATENCY WHEN USING DOCUMENT CACHE |
| IT43719 | DATAPOWER SECURE RESTORE FROM FTP FAILS |
| IT43726 | DATAPOWER SNMP SERVICE MIGHT CAUSE A RELOAD |
| IT43727 | APIC V5E POLICY LIST IN GATEWAY EXTENSION MANIFEST IS NOT VALIDATED PROPERLY |
| IT43729 | APIC REQUEST USING TRACE METHOD MIGHT BE ROUTED INCORRECTLY |
| IT43730 | APIC SCOPE HANDLING REGRESSION IN V10.0.1.8 AND V10.5.0.X |
| IT43755 | VALIDATE POLICY FAILS TO FIND CORRECT WSDL |
| IT43769 | DATAPOWER RELOADS WHEN THE AMQP CLIENT STARTS |
| IT43773 | DATAPOWER MIGHT RESTART WHEN UNABLE TO CALCULATE LOGGING TIMESTAMP |
| IT43803 | APIC GATEWAY MIGHT RESTART IF APPLICATION DOMAIN IS DISABLED/RESTARTED WHEN GATEWAY PEERING IS ACTIVE |
| IT43810 | APIC ANALYTICS ENDPOINT IS DOWN INCORRECTLY |
| IT43813 | AMQP CONNECTION HANDLING CAUSES UNEXPECTED RELOAD ON DATAPOWER |
| IT43814 | IN APIGW APIM.GETVARIABLE(REQUEST.PARAMETERS) SHOULD NOT RETURN PARAMETERS WHICH LOCATION IS HEADER |
| IT43839 | TOPIC STRINGS GREATER THAN 48 CHARACTERS LONG DO NOT WORK WITH DATAPOWER MQ V9+ CLIENT. |
| IT43840 | BATTERY TEMPERATURE REVISION TO 50 DEGREES CELSIUS ON 8496 APPLIANCE |
| IT43841 | APIC OPENTRACING PARAMETERS MISSING FROM EVENTS |
| IT43850 | CHILD ELEMENTS MIGHT BE MISSING FROM RECEIPT WHEN PROCESSING AN AS4 MESSAGE WITH A ONE-WAY/PUSH MEP EXCHANGE |
| IT43852 | APIC GATEWAY RESTART WHEN REPARSING NESTED JSON COMPONENT |
| IT43853 | DATAPOWER MIGHT RESTART WHEN STARTING GATEWAY PEERING WITH MONITOR-PORT OR LOCAL-PORT ALREADY IN USE |
| IT43869 | APIC RATE LIMIT WITH SCALE LIMIT MIGHT USE WRONG VALUE WHEN GATEWAY PEERING GROUP CONNECTION IS DISCONNECTED |
| IT43871 | APIC-GW-SERVICE IS IN PENDING STATE. |
| IT43873 | DATAPOWER MIGHT GENERATE UNRELATED ERROR MESSAGES IF AN SNMP QUERY IS MADE ON AN INVALID OR UNLICENSED OBJECT |
| IT43890 | INVOKE_1.5.0 AND PROXY_1.5.0 POLICIES SHOULD NOT ATTEMPT TO PARSE A MULTIPART RESPONSE BODY |
| IT43891 | ZE IT43288 FIX APAR - DATAPOWER HTTP/2 CLIENT MIGHT RESTART DEVICE WHEN UNDER LOAD |
| IT43899 | DATAPOWER OAUTH PROVIDER OPTIONS NOT DISPLAYING CORRECTLY IN UI |
| IT43900 | DATAPOWER HTTP/2 SERVER MIGHT RESTART |
| IT43901 | APIC DISABLING JWT OPTION FOR ANALYTICS IS NOT CORRECTLY PROPAGATED TO GATEWAY |
| IT43907 | APIGW DEBUG PROBE TEMPORARY FILE TEMPORARY://APIGATEWAY-TID_*, IS NOT DELETED AND PILL UP |
| IT43915 | APIGW ASSEMBLY FUNCTION PARAMETER SUBSTITUTION CANT GET A DECODED VALUE |
| IT43917 | DPOD LOG DOES NOT SHOW SPACE NAME AS API DEBUG PROBE DOES |
| IT43919 | TLS PROFILES AT ORG AND CLOUD LEVEL MIGHT COLLIDE |
| IT43924 | APIC GATEWAY SECONDARY PEER NOT RESET |
| IT43933 | POTENTIAL DENIAL OF SERVICE VULNERABILITY IN OPENSSL (CVE-2023-2650) |
| IT43935 | APIC JWT VALIDATE ISSUER CLAIM DOES NOT RESOLVE VARIABLE. |
| IT43957 | UI COMPARE CONFIGURATION TOOL SHOWS BLANK ROWS FOR CHANGED CONFIGURATION |
| IT43980 | PROBLEM WITH PREFLOW GLOBAL POLICY IN V10 |
| IT44028 | ADDRESS FALSE-POSITIVE VULNERABILITY FINDINGS REPORTED BY SCAN UTILITIES |
| IT44112 | TIMING SIDE-CHANNEL IN GSKIT (CVE-2023-32342) FOR DATAPOWER |
| IT44114 | PROVIDE MITIGATION FOR MULTIPLE CVES |
10.5.0.5R
Release date: 8 August 2023
Last modified: 8 August 2023
Status: Available
|
APAR
|
Description
|
| IT43698 | DATAPOWER MEMORY MANAGEMENT SEGMENTATION MIGHT CAUSE HIGHER THAN EXPECTED CPU USAGE |
10.5.0.5
Release date: 26 April 2023
Last modified: 8 August 2023
Status: No longer available
|
APAR
|
Description
|
| IT39416 | WEB APPLICATION FIREWALL INCORRECTLY BLOCKS ALL JSON TRAFFIC IF SQL INJECTION FILTERING IS ENABLED FOR A REQUEST PROFILE |
| IT41699 | DATAPOWER MIGHT RESTART WHEN SAVING CONFIGURATION AND NO OBJECTS HAVE BEEN CHANGED |
| IT41761 | DATAPOWER DOMAIN RESTART OR CONFIGURATION CHANGE MIGHT CAUSE SLM PEERING HASH ERRORS |
| IT42607 | LUNA HSM GROUP REMAINS DOWN AFTER STARTUP |
| IT42681 | GATEWAY POD FAILS READINESS CHECK AFTER RESTART WHEN FILESTORE EXTENSION IS REMOVE OR UPDATE |
| IT42976 | REMOVE ACCESS TO A JAVASCRIPT SOURCE MAP |
| IT42988 | UNDOCUMENTED XSLT EXTENSION FUNCTION SIMPLEDATEFORMAT.FORMAT MIGHT RELOAD DATAPOWER |
| IT43070 | API FAILS IF REDACT 1.5 POLICY PARSE FAILS |
| IT43083 | DATAPOWER HTTP/2 CLIENT THROWS A TIMEOUT ERROR WHEN BACKEND SERVER PUTS ENDSTREAM FLAG IN HEADER FRAME. |
| IT43095 | DATAPOWER MIGHT RELOAD WHEN MEMORY CORRUPTION/EXHAUSTION OCCURS FROM AN MQ LIBRARY |
| IT43097 | APIGW DOES NOT INCLUDE X-GLOBAL-TRANSACTION-ID HEADER WHEN CALLING THE AUTHENTICATION URL IN AN USER SECURITY ACTION |
| IT43121 | ERROR RELATED SERVICE VARIABLES NOT SYNC WITH APIGW ASSEMBLY CONTEXT ERROR OBJECT IN V5E MODE |
| IT43122 | DataPower might unexpectedly reload after recommitting a routed API Path |
| IT43137 | INVOKE 1.5 IS NOT ENCODING PARAMETERS LIKE V5 DID |
| IT43155 | B2B GATEWAY PARSING ERROR FOR COMPRESSED MESSAGE |
| IT43156 | FOR APIGW THE CONTEXT VARIABLE CLIENT.APP.METADATA IS MISSING IN THE OAUTH FLOW |
| IT43157 | DataPower might restart under load |
| IT43161 | TLS PROFILES MIGHT FAIL TO SET TLSV1.3 CIPHERS IN SOME CASES. |
| IT43162 | ADDRESS VULNERABILITY IN NODE PACKAGE HTTP-CACHE-SEMANTICS (CVE-2022-25881) |
| IT43168 | APIM COMPATIBILITY MODULE FUNCTIONS ISJSON AND ISXML MIGHT FAIL |
| IT43202 | CERTAIN OBJECTS MIGHT NOT BE ABLE TO BE DELETED AFTER BEING USED BY GATEWAY PEERING OBJECT |
| IT43223 | APIC CANNOT DYNAMICALLY RECONFIGURE THE API CONNECT GATEWAY FROM THE API MANAGER |
| IT43232 | APIC RATE LIMIT REMAINING COUNTER MIGHT NOT BE CORRECT IF RATE LIMIT GATEWAY PEERING IF DOWN |
| IT43233 | APIC VALIDATION OF JSON DATA FROM EXTRACT ASSEMBLY MIGHT RESTART GATEWAY IF DATA IS NOT SIMPLE JSON |
| IT43234 | APIC GLOBAL ERROR RULE MIGHT RESTART GATEWAY |
| IT43239 | APIC REDACT ASSEMBLY DOES NOT WORK WHEN LAST ELEMENT IN JSONATA QUERY IS A PREDICATE |
| IT43245 | DOWN TO ONE GATEWAY, QUORUM RECOVERY MIGHT CLEAR THE SUBSCRIPTION CACHE, RESULTING IN 401s FROM ALL APIS |
| IT43246 | Recovery of the peering quorum might result in 401s from all APIs on all gateways |
| IT43252 | APIC CONFIGURATION SEQUENCE OVERRIDE OPTION DOES NOT WORK AS EXPECTED |
| IT43253 | APIC ACTIVITY LOGS MIGHT BE LOST WHEN USING THE ASSEMBLY LOG ACTION |
| IT43254 | APIC GATEWAY MIGHT RESTART IF SET VARIABLE POLICY USED TO SET A HEADER ON A NEW CONTEXT |
| IT43257 | DATAPOWER MQ V9 CLIENT MIGHT CAUSE A RESTART UNDER HEAVY LOAD |
| IT43264 | RATE LIMITS MIGHT PRODUCE INVALID 429 RATE LIMIT RESPONSES |
| IT43288 | DATAPOWER HTTP/2 CLIENT MIGHT RESTART DEVICE WHEN UNDER LOAD |
| IT43292 | DATAPOWER AMQP HANDLER WILL CYCLE STATE REPEATEDLY IF MISCONFIGURED |
| IT43298 | APIGW DOES NOT INCLUDE X-POST-BODY-IN HEADER WHEN CALLING THE AUTHENTICATION URL IN AN USER SECURITY ACTION |
| IT43318 | APIGW INVOKE ASSEMBLY ACTION CAN LEAK MEMORY IF RESPONSE IS SOAP ERROR |
| IT43331 | V5 EMULATION FRAMEWORK FAILS WHEN A CONTROL CHARACTER IS PRESENT IN THE API |
| IT43332 | V5 EMULATED POLICY IN A GLOBAL POLICY OUTPUTS INCORRECT RESPONSE PAYLOAD AND HTTP STATUS CODE |
| IT43340 | PLAN.SPACEID IS NOT AVAILABLE IN THE V5C CONTEXT |
| IT43358 | DATAPOWER HTTP/2 CLIENT TIMEOUT WHEN RST_STREAM FLAG IS RECEIVED |
| IT43359 | APIC SUBSCRIBER CACHE MIGHT GROW IN MEMORY FOR CERTAIN ERRORS |
| IT43363 | DATAPOWER HTTP/2 PROTOCOL HANDLER MIGHT NOT CLEANUP STREAM IF GET REQUEST HAS CONTENT-LENGTH HEADER BUT NO DATA |
| IT43378 | APIC V5E GATEWAY EXTENSION IMPORT WITH DOMAIN SETTINGS MIGHT RESTART APIC GATEWAY SERVICE |
| IT43379 | APIC GATEWAY-PEERING-CLUSTER-REMOVE-STALE-NODE COMMAND MIGHT NOTWORK FOR PRIMARY STALE NODE |
| IT43380 | APIC GATEWAY MIGHT RESTART IF USER MODIFIES RATE LIMIT TYPE IN CLI OR UI AFTER CONFIGURATION HAS BEEN GENERATED |
| IT43389 | DATAPOWER AMQP HANDLER GOES INTO PENDING STATE WHEN PULLING MESSAGES |
| IT43390 | AMQP HANDLER MIGHT CRASH UNDER TRAFFIC |
| IT43393 | APIC GATEWAY SERVICE MIGHT LEAK SNAPSHOT DATA |
| IT43402 | DATAPOWER MIGHT UNEXPECTEDLY RELOAD WHILE TRYING TO READ A PAYLOAD OVER TLS WITH AN INVALID SESSION ID |
| IT43412 | APIC RATE LIMIT CACHE CANNOT BE FLUSHED |
| IT43421 | Return the format of free memory in log message 0x804000a1 back to percent |
| IT43430 | DATAPOWER RELOAD WHILE ATTEMPTING TO VALIDATE AN INVALID ARGUMENT IN A GRAPHQL QUERY |
| IT43431 | APIC GATEWAY PEERING FAILS TO RESTART AND UNABLE TO RECOVER UNDER LOAD |
| IT43432 | API CONNECT GATEWAY SERVICE MIGHT NOT USE UPDATED SERVICE PARAMETERS |
| IT43434 | DATAPOWER MIGHT RESTART WHEN INTERNAL LIMIT REACHED FOR LARGE NUMBER OF DOMAINS |
| IT43474 | DB2 CONNECTION ERRORS, DB2 DRIVER UPDATED |
| IT43475 | APIC API PATH PARAMETER SETTINGS MIGHT RESTART GATEWAY |
| IT43487 | APIC ANALYTICS ENDPOINT DOES NOT RECOVER MEMORY WHEN SENDING TO A KAFKA-CLUSTER THAT IS DOWN |
| IT43500 | API CALL MIGHT HANG IF RATE LIMIT GATEWAY PEERING IS DOWN |
| IT43501 | APIC GATEWAY MIGHT RESTART WHEN RATE LIMIT DEFINITION GROUP PROCESSES HEAVY LOAD |
| IT43515 | MISSING FILENAME PARAMETER IN INVALID GATEWAY PEERING QUERY TRIGGERS API CONNECT GATEWAY SERVICE RESTART |
| IT43519 | APIC PATH REGULAR EXPRESSION DOES NOT CORRECTLY ESCAPE PARENTHESES |
| IT43532 | TLS CLIENT PROFILE GO DOWN IN OF THE APPLIANCE IN GATEWAY CLUSTER OF 3 GATEWAY SERVICE |
| IT43551 | APIC GATEWAY MIGHT RESTART WHEN CHANGING CONFIGURATION UNDER LOAD |
| IT43552 | DATAPOWER CANNOT CREATE A WS-POLICY USING RMI |
| IT43559 | ENABLING DEBUG PROBE MIGHT CAUSE UNEXPECTED WEBGUI ISSUES |
| IT43572 | APIC USERDEFINEDPOLICY THAT HAS ONEOF PROPERTY IS NOT GENERATING CORRECT DATAPOWER CONFIGURATION |
| IT43581 | APIC AFTER UPDATE TO 10.5.X SOME CERTIFICATES MIGHT BE MARKED DOWN INCORRECTLY |
| IT43640 | DATAPOWER BOOT SWITCH FAILS WITH ERROR: SECONDARY INSTALL NOT AVAILABLE |
| IT43661 | ADDRESS VULNERABILITY IN NODE.JS REPORTED IN CVE-2023-23920. |
10.5.0.4R
Release date: 8 August 2023
Last modified: 8 August 2023
Status: Available
|
APAR
|
Description
|
| IT43698 | DATAPOWER MEMORY MANAGEMENT SEGMENTATION MIGHT CAUSE HIGHER THAN EXPECTED CPU USAGE |
10.5.0.4
Release date: 22 February 2023
Last modified: 8 August 2023
Status: No longer available
|
APAR
|
Description
|
| IT42057 | DATAPOWER SLM MIGHT RESTART WHEN PEER GROUP IS MODIFIED |
| IT42063 | DATAPOWER SLM EXTENSION FUNCTIONS DP:SLM-SET-THRESHOLD-* MIGHT WATCHDOG IF USED INCORRECTLY |
| IT42064 | APIC PARSE ASSEMBLY CONVERTING JSON TO XML CAN RESTART DEVICE IF JSON OBJECT PROPERTY SIZE EXCEEDS INTERNAL LIMITS |
| IT42421 | DATAPOWER MIGHT RESTART WHEN APIC PRODUCT PUBLISH |
| IT42481 | ERROR MESSAGES ARE NOT CONSISTENT. |
| IT42485 | ADMIN USER FROM LDAP CANNOT ACCESS DATAPOWER ROOT FOLDER |
| IT42488 | Unlimited rate limit for operation override not set properly |
| IT42521 | APIC GATEWAY SERVICE THROWS ERRORS AFTER SERVICE IS DEREGISTERED FROM THE API MANAGER |
| IT42524 | DATAPOWER MIGHT UNEXPECTEDLY RESTART WHEN TAKING A PACKET CAPTURE |
| IT42538 | APIC GATEWAY MIGHT RESTART IF TRANSACTION CANNOT COMPLETE |
| IT42571 | REFERENCE COUNT PROBLEM IN THE DYNAMIC MQ-QM OBJECT MIGHT CAUSE RELOAD |
| IT42616 | APIC JSON TO XML CONVERSION MIGHT NOT RECOVER ALL USED MEMORY |
| IT42655 | MIGRATED V5 GATEWAY EXTENSION RULES MIGHT THROW AN EXCEPTION IN SOME CASES FOR THE V10 API GATEWAY |
| IT42729 | MORE ERRORS IN THE INTERNAL CONFIGURATION CAN CAUSE DATAPOWER TO THROW 0X8100002E LOG MESSAGES AND ALERTS |
| IT42732 | API GATEWAY MIGHT RESTART IF MULTIPART REQUEST INVOKE ASSEMBLY RESPONSE IS NOT MULTIPART |
| IT42733 | APIC MEMORY GROWTH WHEN APIGW SENDS THE LOG TO ANALYTICS |
| IT42734 | DATAPOWER MIGHT RESTART IF PASSWORD ALIAS IS MODIFIED REPEATEDLY DURING DOMAIN RESTART |
| IT42735 | POSSIBLE MEMORY GROWTH WHEN GATEWAY PEERING IS CONFIGURED |
| IT42736 | REQUIRED PROPERTY IS NOT ENFORCED IN OAI V3 |
| IT42742 | DATAPOWER STATUS PROVIDER MIGHT BECOME STUCK SHOWING INCORRECT CPU USAGE VALUE |
| IT42753 | APIC RATE LIMITS DO NOT WORK PROPERLY WHEN SCALE CACHE IS TURNED ON IN RATE LIMIT DEFINITION |
| IT42755 | CONFIGURATION SEQUENCE ERROR FILES CREATED FOR PASSWORD ALIASES WHEN AN API IS DELETED |
| IT42772 | API GATEWAY MIGHT RESTART IF API PLAN HAS AN ASSEMBLY RATE LIMIT THAT REFERENCES A RATE LIMIT DEFINITION WHICH IS MIS CONFIGURED. |
| IT42791 | DRR issues erroneous error messages |
| IT42804 | LEAKED GATEWAY TRANSACTIONS |
| IT42845 | API GATEWAY MIGHT RESTART WHEN CALLING JSON.STRINGIFY ON MESSAGE.ATTACHMENTS |
| IT42849 | API GATEWAY MIGHT RESTART WHEN API PROBE IS ENABLED AND A PARSE ASSEMBLY IS RUN ON NONEXISTENT CONTEXT |
| IT42875 | APIC API PLAN WITH BOTH RATE LIMIT AND BURST LIMIT SHARING THE SAME NAME CAN LEAD TO UNEXPECTED RESULTS |
| IT42878 | DEFAULT FOR HARD LIMIT ON RATE LIMIT SHOULD BE FALSE |
| IT42914 | FAILURE TO LOG TLS KEY DURING PACKET CAPTURE |
| IT42955 | GATEWAYSCRIPT URLOPEN.OPEN INSTRUMENTATION MIGHT GIVE INCORRECT CONTENT-TYPE HEADER |
| IT42957 | ADDRESS FALSE-POSITIVE VULNERABILITY FINDINGS REPORTED BY SCAN UTILITIES |
| IT42978 | DATAPOWER MIGHT RESTART WHILE GATEWAY PEERING IN CLUSTER MODE IS CONFIGURED WITH ADMIN DISABLED |
| IT42983 | APIC GATEWAY MEMORY GROWTH WHEN GATEWAY FAILS TO RESEND THE ANALYTICS LOG TO THE SERVER |
| IT42984 | CONFIGURING ATTEMPT STREAMING RULE ON DATAPOWER RARELY MIGHT RESULT IN DATAPOWER RESTART WHEN COMPILING A STYLESHEET |
| IT42987 | APIGW UDP TYPE DOES NOT ALLOW VERSION WITH . IN THE FILENAME |
| IT42996 | PASSING NON-NUMBER $TIME PARAMETER FOR DPFUNC:ZULU-TIME() IN STORE:///UTILITIES.XSL MIGHT CAUSE A RESTART OF DATAPOWER |
| IT43160 | UPDATE OPENSSL LIBRARY TO ADDRESS MULTIPLE CVES. |
10.5.0.3
Release date: 16 December 2022
Last modified: 16 December 2022
Status: Available
|
APAR
|
Description
|
| IT31382 | EDITING A JSV OR FLUSHING IT FROM CACHE MIGHT CAUSE UNEXPECTED RESTART IF IT PROCESSED TRAFFIC BEFORE |
| IT41394 | TLS INTERMEDIARY CERTIFICATES MIGHT FAIL TO CLEAN UP IN V5C GATEWAY |
| IT41417 | DATAPOWER MIGHT RESTART WHILE CONFIGURING WEB APPLICATION FIREWALL |
| IT41521 | HTTP RESPONSE HEADER SPACE TRUNCATED WHEN REASON PHRASE NOT INCLUDED |
| IT41552 | DATAPOWER MIGHT RESTART WHEN DPOD CONFIGURES DEVICE DURING BOOTUP |
| IT41601 | "BYTES_SENT" AND "BYTES_RECEIVED" VALUES IN ACTIVITY LOG ARE SOMETIMES INCORRECT |
| IT41642 | DATAPOWER MIGHT RESTART DUE TO RACE CONDITION ON HTTP HANDLER |
| IT41741 | DATAPOWER MIGHT UNEXPECTED RESTART WHEN INVALID MIME REQUEST SENT TO API GATEWAY |
| IT41776 | UPDATE DATAPOWER SECURE GATEWAY CLIENT TO 1.8.8FP1 AND NODE 14.20.0 |
| IT41786 | APIC UNCAUGHT EXCEPTION IN GATEWAY DIRECTOR WHEN WEBHOOK NOT SET |
| IT41908 | DATAPOWER MIGHT UNEXPECTED RESTART WHEN UPDATING PASSWORD_MAP |
| IT41910 | APIC API GATEWAY MIGHT RESTART IF LOCATION HEADER IS MISSING ON A REDIRECT |
| IT41936 | APIC API COLLECTIONS MIGHT BE MISSING WHEN AN API IS PUBLISHED WITH UNDEFINED UDP OR OTHER USER ERRORS |
| IT42005 | DETECT DUPLICATE APIS |
| IT42051 | SQL METHOD TO_TIMESTAMP_TZ0 CAUSES DATABASE INSERT FAILURE |
| IT42060 | REMOVING TRUSTSTORE FROM TLS CLIENT PROFILE IN APIC IS NOT REFLECTED ON THE DATAPOWER GATEWAY |
| IT42076 | UNABLE TO DELETE AN ASSEMBLY CONTEXT VARIABLE IF ITS PARENT OBJECT DOES NOT EXIST |
| IT42089 | DATAPOWER MQ CLIENT TIMEOUTS SEEN WITH USERS OF MQ IMS BRIDGE |
| IT42095 | APIC PROCESSES UDP FROM SNAPSHOT IN WRONG ORDER |
| IT42101 | UPON PASSWORD CHANGE, OTHER SESSIONS ARE NOT INVALIDATED (CVE-2022-40228) |
| IT42104 | DATAPOWER MIGHT RESTART DURING KERBEROS PROTOCOL TRANSITION |
| IT42141 | GRAPHQL DETECTION IN PARSE POLICY CAUSES DATAPOWER GATEWAY TO RESTART |
| IT42165 | INSECURE OPTION IN TLS CLIENT PROFILE IS NOT BEHAVING THE SAME IN V10 AS IN V5 |
| IT42166 | IF AN ERROR IS DETECTED IN A PLAN, THE PLAN SHOULD BE DISABLED. PREVIOUSLY THE WHOLE CATALOG WAS DISABLED. |
| IT42198 | SNMP ENGINE ID IS NOT UNIQUE FOR TENANTS |
| IT42234 | DATAPOWER DOESN'T ALLOW TO CHANGE ENCRYPTION KEY ALGORITHM FROM THE DEFAULT RSA1_5 TO RSA-OAEP IN THE B2B MODULE |
| IT42249 | SECURITY FIX FOR JRE (CVE-2022-21626) |
| IT42255 | GRAPHQL QUERY CAN HAVE ONLY QUERY, OPERATIONNAME, AND VARIABLES KEYS. |
| IT42263 | CLOUD AND CATALOG WEBHOOKS PROCESSED IN PARALLEL CAN RESULT IN CATALOG DELETION |
| IT42293 | DATAPOWER MQ CLIENT V9+ SHOWS PENDING STATE WHEN DEPLOYED IN KUEBERNETS ENVIRONMENT. |
| IT42299 | DATAPOWER MIGHT RESTART AFTER GATEWAY PEERING IS DISABLED DURING DOMAIN RESTART |
| IT42332 | API ROUTING FAILS WITH THIRD-PARTY OAUTH PROVIDER SECURITY REQUIREMENT, "CLIENT ID MISSING" |
| IT42336 | INVOKE_1.5.0 POLICY SUPPORT OF X-IBM-GATEWAY-INVOKE-V4-NOMAP-EMULATION API PROPERTY |
| IT42356 | EC CURVES OVER BINARY FIELD WHICH WERE DISABLED ARE NOW AVAILABLE AGAIN |
| IT42364 | INVALID GATEWAY PEERING PEER UPDATE LOCK STATE |
| IT42372 | "+ (%2)" IN THE QUERY PARAMETER "USERNAME" IS CONVERTED TO "(HALF-WIDTH SPACE)" |
| IT42375 | V5 EMULATED UDP FAILS TO RETRIEVE DATA FOR READINPUTAS FUNCTIONS |
| IT42389 | SECURE RESTORE FAILS WHEN BACKUP WAS GENERATED ON A SPECIAL BUILD AND TARGET IS A STANDARD BUILD |
| IT42400 | DATAPOWER MIGHT RESTART WHEN ADDING/DELETING PASSWORD OR WHEN RESTARTING DOMAIN |
| IT42406 | DATAPOWER APIC GATEWAY MIGHT RESTART IF OAUTH REVOKE URL IS UNDEFINED |
| IT42477 | APIC GATEWAY DIRECTOR MIGHT CREATE INVALID API LDAP REGISTRY OBJECT |
| IT42478 | APIC API PATH MIGHT BE OPERATIONAL EVEN WITH INVALID CONFIGURATION |
| IT42479 | APIC RATE LIMIT BECOMES INCORRECT FOR STANDALONE GATEWAY IF REMAINING IS EXCEEDED BEFORE CACHE IS CLEARED |
| IT42480 | FORM-DATA LENGTH ERROR. |
| IT42482 | USERS OF THE NEW UI ARE REQUIRED TO HAVE READ ACCESS TO THE DEFAULT DOMAIN. |
| IT42483 | GW MEMORY IS LEAKING WHEN RECOMMIT THE API COLLECTION IF THERE'S RATELIMIT IN THE TRANSACTION |
| IT42493 | APIC GATEWAY MIGHT RESTART IF API PATH WITH PARAMETERS IS MODIFIED |
| IT42510 | DATAPOWER GATEWAY MIGHT RESTART IF XML MANAGEMENT INTERFACE IS ENABLED WHILE APIC GATEWAY SERVICE IS PENDING |
| IT42523 | ADDRESS FALSE POSITIVE VULNERABILITY FINDINGS REPORTED BY SCAN UTILITIES |
| IT42528 | COLLECTION MIGHT BECOME DETACHED FROM API GATEWAY |
| IT42543 | POTENTIAL REQUEST SMUGGLING VULNERABILITY (CVE-2022-35256) |
| IT42555 | APIC V5E ACTIVITY-LOG_1.5.0 DOES NOT CHOOSE ERROR LOGGING WHEN THE HTTP STATUS CODE FOR THE API IS 400 OR LARGER |
10.5.0.2
Release date: 28 September 2022
Last modified: 5 January 2023
Status: Available
|
APAR
|
Description
|
| IT36173 | DATAPOWER MIGHT RELOAD WHEN ACCESSING THE PEER GROUP FROM AN SLM POLICY THAT NO LONGER EXISTS |
| IT38762 | MQRC_PROP_CONV_NOT_SUPPORTED ERROR OCCURS WHEN NULL-TYPE PROPERTIES EXIST |
| IT39395 | DATAPOWER MIGHT RESTART IF API CONNECT OAUTH IS MODIFIED WHILE PROCESSING APIS |
| IT40689 | OAUTH CONTROLLER DOESNT CORRECTLY HANDLE HEADER FOR MTOM MESSAGES |
| IT41159 | DATAPOWER MIGHT RELOAD WHEN RUNNING THE "SERVICE SHOW COMPONENT-FIRMWARE" COMMAND. |
| IT41163 | DATAPOWER MQV9+ OBJECTS CANNOT BE CONFIGURED WITH WEB SERVICE PROXY |
| IT41319 | DATAPOWER MIGHT RELOAD AFTER 2 BILLION MESSAGES ARE LOGGED OVER SYSLOG-TCP |
| IT41513 | ASSEMBLY GOES DOWN IF FINALLY RULE IS RECOMMITED |
| IT41551 | API CONNECT RATE LIMIT INCORRECTLY ENFORCED FOR STANDALONE GATEWAY WHEN CACHE IS CLEARED |
| IT41558 | DATAPOWER SSH CLI CLIENT LOGIN CAN CAUSE SLOW MEMORY GROWTH |
| IT41600 | GATEWAY-PEERING INSTANCES LEAK KEYS |
| IT41601 | BYTES_SENT AND BYTES_RECEIVED VALUES IN ACTIVITY LOG ARE SOMETIMES INCORRECT |
| IT41632 | IDG-MQ-QM STATUS IS UP EVEN AFTER DISABLING ON THE MQ SERVER |
| IT41657 | POLICY RULE WEBAPI-V5E-POLICY-INVOKE-GSCRIPT FAILED WITH EXCEPTION DUE TO API PROPERTIES WITH NEWLINE |
| IT41675 | OVF-ENV.XML NOT ACCESSIBLE THROUGH CDROM MOUNT ON INITIAL OVA STARTUP |
| IT41677 | API CONNECT APIM.GETVARIABLE(OAUTH.MISCINFO) RETURNS UNDEFINED |
| IT41678 | MEMORY SPIKES OR OUT OF MEMORY WHEN API CONNECT CATALOGS REFRESHED |
| IT41685 | REMOVE EXTRANEOUS API SCHEMA DEFINITIONS AND DUPLICATES FROM CONFIGURATION |
| IT41737 | RATE LIMIT ON API OPERATIONS IN DIFFERENT PRODUCTS MIGHT COLLIDE |
| IT41794 | API CONNECT DOES NOT ALLOW WILDCARD CHARACTER IN ALLOW-ORIGIN FIELD OF CORS RULE |
| IT41801 | API CONNECT GATEWAY MIGHT RESTART WHEN API IS PUBLISHED |
| IT41802 | DATAPOWER MIGHT RESTART WHEN "SHOW GATEWAY-PEERING-KEY-STATUS" IS ISSUED |
| IT41817 | THE RESPONSE HEADER SET BY HEADER-METADATA DOES NOT PROPAGATE TO THE END OF TRANSACTION IF THERE IS AN INVOKE ASSEMBLY ACTION |
| IT41896 | API COLLECTION CONFIG CREATED AND CONFIGURED BUT IT IS NOT ADDED TO GATEWAY CONFIG |
| IT42231 | SECURITY UPDATE TO NODE.JS/td> |
| IT42667 | APIC API PATH ALLOW DOLLAR SIGN IN PATH WITH PATH TEMPLATE |
10.5.0.1
Release date: 27 July 2022
Last modified: 27 July 2022
Status: Available
|
APAR
|
Description
|
| IT38203 | DATAPOWER USES SNI HOSTNAME FOR HOSTNAME VALIDATION WHEN DISABLED FOR MQ CONNECTIONS |
| IT40045 | APIC-GW-SERVICE CAN LOSE CONFIG IN STARTUP CONFIG IF CONFIG SEQUENCE MODIFIES GWD AND USER LATER SAVES |
| IT40341 | API GATEWAY RETURNS UNEXPECTED 404 NOT FOUND ERRORS WHEN REQUEST URL CONTAINS A PIPE CHARACTER IN THE PATH PARAMETER |
| IT40541 | DATAPOWER RELOADS DUE TO API CONNECT ACTIVITY LOG GENERATION |
| IT40584 | APIC NEW RATE LIMIT PROPERTY FOR EMULATE BURST LIMIT HEADER |
| IT40589 | API GATEWAY TAKING TRAFFIC WHILE CHANGING THE CONFIGURATION CAUSED CRASH |
| IT40664 | ADJUST VAR://SERVICE/MAX-ACTION-DEPTH TO BE A READ/WRITE VARIABLE |
| IT40689 | OAUTH CONTROLLER DOESN'T CORRECTLY HANDLE HEADER FOR MTOM MESSAGES |
| IT40721 | DATAPOWER MIGHT RESTART WHEN MODIFYING SNMP |
| IT40759 | CORRECT THE DATA TYPE IN ANALYTICS DATA FROM DATAPOWER |
| IT40760 | SET VARIABLE POLICY DOES NOT WORK FOR XML PAYLOADS |
| IT40765 | API GATEWAY WEBSOCKET CALL DOES NOT USE PROXY POLICY CORRECTLY |
| IT40856 | REQUIRED FORM PARAMETER CHECK COULD FAIL WHEN PROCESSING REQUESTS OF MULTIPART/FORM-DATA TYPE WITH NON-TEXT PAYLOADS. |
| IT40997 | DATAPOWER MEMORY-REPORT LOGS WERE LIMITED BY 32-BIT REGISTERS AND COULD NOT SHOW MEMORY SIZES BEYOND 4294967295 |
| IT41008 | DATAPOWER API GATEWAY MIGHT RESTART WHEN PARSE-ASSEMBLY RUNS ON A POST WITH NO DATA |
| IT41031 | FOR API GATEWAY, REDACTED DATA IN ASSEMBLY LOG ARE NOT MASKED FOR THE ERROR FLOW WHILE NO ROOT PROPERTY IS DEFINED |
| IT41039 | RESTART MAY OCCUR WHEN URLOPEN HAS INCORRECT ENDPOINT SYNTAX |
| IT41043 | THE PROBLEMATIC POPULATED PATH VALUE OF DATE AND DATE-TIME TYPES RESULTS IN THE WRONG RESOLVED TARGET URL IN INVOKE |
| IT41078 | APPLIANCE MAY RELOAD WHEN THE CONNECTIONS ARE TIMED OUT ON MQ V9+ CLIENT OR MQ V9+ MFT CLIENT |
| IT41112 | DATAPOWER FAILS TO PROCESS SQL DATA TYPE VARGRAPHIC INCLUDED IN THE DATABASE CURSOR. |
| IT41156 | FOR APIGW WHEN A THIRD PARTY OAUTH PROVIDER INTROSPECT URL CONTAIN QUERY PARAMETERS, THE QUERY PARAMETERS MIGHT BE TRUNCATED |
| IT41171 | DEFAULT-LOG-CONSOLE LOGGING TARGET MAY BEHAVE INCORRECTLY ON CONTAINER PLATFORMS. |
| IT41179 | WHEN ONE API IS IN TWO DIFFERENT PLANS AND THESE TWO PLANS ARE ASSOCIATED WITH THE SAME SPACE. |
| IT41246 | SHOW TENANT-MEMORY ON TENANT DOESN'T MATCH THE ACTUAL MEMORY ALLOCATED TO A TENANT |
| IT41262 | DATAPOWER MIGHT RESTART WHILE RUNNING API RULES AFTER DISABLING CERTAIN ACTION |
| IT41307 | IGNORE-EXPIRATION SETTING IS NOT HONORED TO QUOTA-ENFORCEMENT-SERVER TLS CONNECTION |
| IT41310 | DATAPOWER MAY GROW IN MEMORY WHEN USING GATEWAYSCRIPT WITH DIFFERENT CONTEXT VALUES |
| IT41311 | THE EXTERNALREVOCATIONBASICAUTHPASSWORD PROPERTY IS GENERATED EVEN ITS REFERENCED PASSWORDALIAS DOES NOT EXIST |
| IT41350 | MTOM ROOT PART BODY TRUNCATED IF INVOKES CHUNKED-UPLOADS SET TO FALSE |
| IT41377 | TRANSACTION USING MS:CALLRULE() TO CALL AN INVALID OR NOT EXISTING RULE LEAKS MEMORY |
| IT41385 | API GATEWAY CANNOT BE DELETED DUE TO THE RELATED ANALYTICS ENDPOINT |
| IT41395 | IN APIGW THE MECHANISM TO MASK THE CLIENT SECRET VALUE IN ANALYTICS DATA SHOULD BE CASE-INSENSITIVE FOR HEADER NAME |
| IT41401 | APIC OAUTH TOGGLE AUTH-HEADER-PASS-THRU SHOULD NOT DELETE AUTHORIZATION HEADER |
| IT41414 | DATAPOWER WEB UI MEDIUM SECURITY VULNERABILITY CVE-2022-32750 CVE-2022-31774 |
| IT41419 | BACKSLASHES REMOVED FROM API DEFINITION ON V6 GATEWAY BUT NOT ON V5C GATEWAY |
| IT41433 | SECURITY UPDATE TO JRE |
| IT41442 | DATAPOWER AMQP CLIENT FAILS TO CONNECT TO EVENT HUB IN AZURE CLOUD ENVIRONMENT. |
| IT41446 | SECURITY UPDATE TO IBM TRANSFORMATION EXTENDER |
| IT41448 | V5 CUSTOM POLICIES REGEX CHECK HAS TYPOGRPAHIC ERROR |
| IT41450 | DATAPOWER MIGHT RESTART WHEN GENERATING ERROR REPORT WHILE FFDC PACKET CAPTURE IS ENABLED |
| IT41453 | APIGW DOES NOT SEND APIC ANALYTICS SCALE RATELIMIT INFORMATION |
| IT41454 | HTML PAGE DID NOT UPDATE SCHEMA AFTER SETTING CREDENTIAL |
| IT41459 | APIGW DOES NOT USE THE LOG LEVEL FROM THE LAST ASSEMBLY LOG ACTION AT THE END OF THE TRANSACTION |
| IT41574 | DUPLICATE OAUTH OBJECTS IN CONFIGURATION CAUSES SLOW PROCESSING OF CATALOG EVENTS |
10.5.0.0
Release date: 31 May 2022
Last modified: 24 January 2023
Status: Unavailable
|
APAR
|
Description
|
| IT39534 | DATAPOWER MIGHT RESTART WHEN REMOVING AN OBJECT FROM THE API RATELIMIT CACHE |
| IT42162 | DATAPOWER GATEWAY MIGHT RESTART IF APIC RESTORE INCLUDES A VERY LARGE NUMBER OF FILES |
Change history
Last modified: 24 April 2024
- 28 June 2024: Added fix list for the 10.5.0.12 fix pack.
- 24 April 2024: Added fix list for the 10.5.0.11 fix pack.
- 1 March 2024: Added fix list for the 10.5.0.10 fix pack.
- 8 December 2023: Added fix list for the 10.5.0.9 fix pack.
- 25 October 2023: Added fix list for the 10.5.0.8 fix pack.
- 30 August 2023: Added fix list for the 10.5.0.7 fix pack.
- 8 August 2023: Added fix lists for the 10.5.0.4R and 10.5.0.5R fix packs, which added APAR IT43698. Updated stated for fix packs 10.5.0.4R and 10.5.0.5R to state no longer available.
- 28 June 2023: Added fix list for the 10.5.0.6 fix pack.
- 26 April 2023: Added fix list for the 10.5.0.5 fix pack.
- 22 February 2023: Added fix list for the 10.5.0.4 fix pack.
- 23 January 2023: Added IT39534to the 10.5.0.0 fix list.
- 5 January 2023: Added IT42667 to the 10.5.0.2 fix list.
- 16 December 2022: Added fix list for the 10.5.0.3 fix pack.
- 14 December 2022: Updated fix list for the 10.5.0.0 and 10.5.0.2 fix packs.
- 28 September 2022: Added fix list for the 10.5.0.2 fix pack.
- 27 July 2022: Added fix list starting with the 10.5.0.1 fix pack.
- 31 May 2022: Created fix list for 10.5 LTS stream.
Off
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"ARM Category":[{"code":"a8m50000000L0rqAAC","label":"DataPower"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"10.5.0"}]
Problems (APARS) fixed
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
28 June 2024
UID
ibm16607067