Security Vulnerabilities, HIPER and Special Attention APARs fixed in DB2 for Linux, UNIX, and Windows Version 10.5

Flashes (Alerts)

Abstract

This document contains a list of fixes for Security and HIPER APARs in DB2 Version 10.5.

IBM® recommends that you review the APAR descriptions and deploy one of the above fix packs to correct them on your affected DB2 installations.

Content

A set of security vulnerabilities was discovered in some DB2 database products. These vulnerabilities were analyzed by the DB2 development organization and a set of corresponding fixes was created to address the reported issues. IBM is not currently aware of any externally reported incidents where production DB2 installations have been compromised due to these issues.

The affected DB2 UDB for Linux, UNIX, and Windows products are:

DB2 Connect Server (all Editions)
DB2 Developer Edition
DB2 Enterprise Server (all Editions)
DB2 Express Server (all Editions)
DB2 Workgroup Server (all Editions)

DB2 Client component and DB2 products or components other than those listed above are not affected.

Due to the complexity of the fixes required to eliminate the reported service issues, it is not feasible to retrofit the same fixes into earlier DB2 Version 10.5 fix packs.

Select a Fix Pack: 11 10 9 8 7 6 5 4 3a 3 1

-->

DB2 Version 10.5 Fix Pack 11
Security APARs
IT25719	SECURITY: BUFFER OVERFLOW IN DB2 DB2LICM UTILITY (CVE-2018-1710)
IT25814	SECURITY: PRIVILEGE ESCALATION VULNERABILITY IN DB2CACPY (CVE-2018-1685)
IT25826	SECURITY: ADMINISTRATIVE TASK SCHEDULER IS VULNERABLE TO A PRIVILEGE ESCALATION (CVE-2018-1711)
IT25829	SECURITY: VULNERABILITIES IN GSKIT AFFECT IBM SPECTRUM SCALE
IT26133	SECURITY: DB2 IS VULNERABLE TO SYMBOLIC LINK ATTACK LEADING TO PRIVILEGE ESCALATION (CVE-2018-1780)
IT26136	SECURITY: DB2 DAS PRIVILEGE ESCALATION FROM DAS OWNER TO ROOT VIA SYMBOLIC LINK ATTACK (CVE-2018-1781)
IT26137	SECURITY: DB2 VULNERABLE TO SYMBOLIC LINK ATTACK RESULTING IN PRIVILEGE ESCALATION (CVE-2018-1799)
IT26138	SECURITY: PRIVILEGE ESCALATION IN ROOT SETUID EXECUTABLES (CVE-2018-1802)
IT26156	SECURITY: IBM SDK JAVA QUARTERLY CPU - JUL 2018
IT26316	SECURITY: DB2 IS VULNERABLE TO PRIVILEGE ESCALATION (CVE-2018-1834)
IT26513	SECURITY: DB2 IS AFFECTED BY A VULNERABILITY IN IBM SPECTRUM SCALE
IT26714	SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2018-1897)
IT26858	SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2018-1922)
IT26881	SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2018-1923, CVE-2018-1978)
IT27031	SECURITY: DB2 IS AFFECTED BY THE SECURITY VULNERABILITIES CVE-2018-3180 [PSIRT
IT27129	SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2018-1980)
IT27143	SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2018-1936)
IT27192	SECURITY: PRIVILEGE ESCALATION DURING ROUTINE EXECUTION IN FENCED MODE (CVE-2019-4057)
IT27305	SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2019-4014)
IT27347	SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2019-4016)
IT27391	SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION
IT27392	SECURITY: DB2 IS VULNERABLE TO BUFFER OVERFLOW LEADING TO PRIVILEGE ESCALATION (CVE-2019-4015)
IT28251	SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE (CVE-2019-4101)
IT28252	SECURITY: DB2 DOES NOT EXPLICITLY FORBID A WEAKER THAN EXPECTED 3DES CIPHER WHEN CONFIGURED TO USE SSL (CVE-2019-4102)
IT28441	SECURITY: DB2 IS VULNERABLE TO A BUFFER OVERFLOW (CVE-2019-4154)
IT29113	SECURITY: DB2 AFFECTED BY BUFFER OVERFLOW VULNERABILITIES (CVE-2019-4322)
IT30140	SECURITY: DB2 AFFECTED BY BUFFER OVERFLOW VULNERABILITIES (CVE-2019-4584)
IT30147	SECURITY: DB2 EXPOSES SENSITIVE INFORMATION WHEN USING ADMIN_CMD WITH LOAD OR UPDATE ALERT CFG (CVE-2019-4524)
IT30428	SECURITY: DB2 IS VULNERABLE TO PRIVILEGE ESCALATION (CVE-2019-4587)
IT31516	SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE ATTACK (CVE-2020-4200)
IT31517	SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE ATTACK (CVE-2020-4135)
IT31639	SECURITY: DB2 IS VULNERABLE TO MULTIPLE BUFFER OVERFLOWS (CVE-2020-4204)
HIPER APARs
IT25314	UNICODE DATA WHICH BUILT WITH SUPPLEMENTARY CHARACTERS FAILS TO CONVERT TO 1392 CODESET
IT25735	INCORRECT RESULTS COULD HAPPEN WITH OUTER JOINS AND EXPRESSIONS IN JOIN COLUMNS
IT25935	FODC APPERR AFTER APPLYING FIXPACK10 ON V10.5 for queries against Created Global Temporary Tables
IT26439	JOIN OF COLUMN-ORGANIZED TABLES MIGHT RETURN INCORRECT RESULTS
IT26454	WHEN USING REOPT OPTIMIZER GUIDELINE UPDATES, INSERTS AND DELETES RUNNING IN BATCHES MIGHT INSERT WRONG DATA
IT27746	POSSIBLE TO LOAD BAD ROWS INTO A TABLE WHICH HAS NOT NULL GENERATED COLUMNS WHEN COMPUTED GENERATED VALUES ARE NULL
IT27825	DB2: HIGH NUMBER OF SQL VARIATIONS & ANCHOR_COMMON LATCH WAITS CAUSING CPU SPIKE
IT27830	PERFORMANCE MAY BE AFFECTED BY DYNAMIC SQL CACHE NON REUSE
IT28738	WRONG RESULTS MIGHT BE OBSERVED WHEN RUNNING QUERIES WITH OUTER JOINS AND GROUP BY OPERATIONS
IT28945	DB2 MAY RETURN INCORRECT RESULT WHEN EXECUTING QUERY WITH UNION VIEW INCLUDE MULTIPLE TABLES
IT29977	DB2 MAY RETURN INCORRECT RESULTS WHEN EXECUTING IUD STATEMENTS CONTAINING A SUBQUERY WITH CORRELATION AND AGGREGATION
IT30006	DB2 MAY PRODUCE INCORRECT RESULTS FOR HSJN WITH PREDICATE THAT HAS CASE(COALESCE) AND NLJN OR ZZJOIN ON THE OUTER
IT30252	WRONG RESULTS ARE POSSIBLE FOR FEDERATED OR COLUMNAR QUERY WITH AGGREGATION OVER DISTINCT OUTER JOIN
IT30469	DB2 MAY PRODUCE INCORRECT RESULTS WHEN EXECUTING QUERIES CONTAINING JOINS WITH DIFFERING FLOATING-POINT PRECISIONS
IT30470	MULTIPLE CLP FRONTENDS ISSUED FROM DIFFERENT SHELL SCRIPTS USES THE SAME BACKEND AGENT, CAUSING UNEXPECTED RESULTS OR ERRORS.
IT31687	ON RARE OCCASION, DATA CORRUPTION MIGHT BE INDUCED BY FAILURE TO PANIC THE DATABASE ON ENCRYPTION ERROR.

-->

DB2 Version 10.5 Fix Pack 10
Security APARs
IT24461	SECURITY: PRIVELEGE ESCALATION VULNERABILIY IN THE DB2 DAS COMPONENT ON WINDOWS
IT24475	SECURITY: PRIVILEGE ESCALATION VIA UNTRUSTED LIBRARY PATH
IT24824	SECURITY: FORMAT STRING VULNERABILITIES EXISTS IN DB2SUPP
IT24837	SECURITY: IBM JAVA UPDATE
IT24215	SECURITY: DB2 IS AFFECTED BY MULTIPLE ARBITRARY FILE OVERWRITE VULNERABILITIES
IT24464	SECURITY: RAH.EXE BUFFER OVERFLOW
IT24478	SECURITY: BUFFER OVERFLOW IN DB2LICM
IT24645	SECURITY: DB2CONVERT IS VULNERABLE TO BUFFER OVERFLOW
IT24802	SECURITY: MULTIPLE VULNERABILITIES IN DB2EXMIG AND DB2EXFMT
IT24212	SECURITY: DB2GENP ARBITRARY FILE OVERWRITE VULNERABILITY
IT24058	SECURITY: UPDATE GSKIT TO THE NEWEST FIPS CERTIFIED VERSION
IT23797	SECURITY: UNSAFE DESERIALIZATION IN DB2 JDBC DRIVER
IT22414	SECURITY: DB2 INSTALL USES WEAK PASSWORD ENCRYPTION
HIPER APARs
IT25336	INFORMATIONAL: IF COLUMNAR TABLES ARE PRESENT THEN UPGRADE FROM 10.5FP10 to 11.1 MIGHT REQUIRE A SPECIAL BUILD
IT20883	WRONG RESULTS OR SQL901N MAY OCCUR WHEN EXECUTING A SQL STATEMENT CONTAINING TWO OR MORE NOT IN OR NOT EXISTS PREDICATES
IT21971	DOING LIKE ON A CODEUNITES32 FIXED LENGTH COLUMN IN THE COLUMNAR ORGANIZED TABLE COULD RETURN AN INCORRECT RESULT
IT22352	DB2 : IF ANY COMMAND WITH RECLAIM EXTENTS OPTION IS RUN ON AN MDC TABLE DURING A BACKUP, A ROLLFORWARD ON IT COULD FAIL
IT22548	INCORRECT RESULT WHEN USING THE XMLTABLE FUNCTION AND REFERENCING ELEMENTS THAT DON'T EXIST IN THE SOURCE DOCUMENT
IT22791	POSSIBLE WRONG RESULTS WITH VARCHAR_FORMAT WHEN USING 'DY DDD YYYY' FORMAT
IT23260	INCORRECT RESULTS WITH AGGREGATION ON OUTER JOINED TABLE WITH FOREIGN KEY ON NULL PRODUCING TABLE
IT23267	A QUERY OVER NICKNAMES CONTAINING FETCH FIRST N ROWS ONLY CLAUSE MAY RETURN INCORRECT RESULTS
IT23341	WRONG RESULTS ARE POSSIBLE WHEN EXECUTING A SQL STATEMENT ELIGIBLE FOR ZIGZAG JOIN ON A NON-PARTITIONED INDEX
IT23938	IN CDE, INCORRECT RESULTS MIGHT BE RETURNED FOR A QUERY THAT REFERENCES A CORRELATED SCALARY SUBQUERY IN A PREDICATE
IT24347	INDEX CORRUPTION MIGHT BE INTRODUCED ON A COMPRESSED INDEX DURING RECOVERY PROCESSING
IT24688	QUERIES USING THE SAME UNNEST IN DIFFERENT PARTS OF THE PLAN COULD RETURN WRONG RESULTS FOR SOME COLUMNS
IT24743	CRASH RECOVERY MIGHT FAIL OR INTRODUCE DATABASE CORRUPTION WHEN USING AN ENCRYPTED DATABASE
IT25194	TO_NCHAR() RETURNS WRONG RESULT WITH UNION
IT27891	PARALLEL IXSCANS FOR COLUMN-ORGANIZED TABLES MIGHT CAUSE AN ABEND/WRONG RESULTS IF UPDATE ACTIVITY OCCURS IN THE SAME CONNECTION

-->

DB2 Version 10.5 Fix Pack 9
Security APARs
IT21164	SECURITY: ESCALATION TO ROOT VULNERABILITY IN DB2.
IT21394	ESCALATION TO ROOT VULNERABILITY IN DB2.
IT21454	SECURITY: DB2CONNECT SERVER CAN CRASH UNDER SPECIFIC CONDITIONS.
IT21462	SECURITY: USER WITHOUT PROPER AUTHORITY CAN ACTIVATE DATABASE.
IT21463	SECURITY: DB2 CAN BE USED TO OVERWRITE ARBITRARY FILES OWNED BY DB2 INSTANCE
HIPER APARs
IT12781	DB2 MAY CONVERT VIEW COLUMN TYPES INCORRECTLY OR RETURN SQL0418N UPON REVALIDATION OF A VIEW WITH UNTYPED EXPRESSIONS
IT15618	IF ARRAY USED IN AN OPEN CURSOR IS MODIFIED WRONG RESULT OR A TRAP ARE POSSIBLE
IT16693	SELECT ROW CHANGE TOKEN WILL RETURN WRONG RESULT WHEN USING RIDSCAN (ROW IDENTIFIER SCAN)
IT16825	ONLINE BACKUP WITH COMPRESSION AND ENCRYPTION MAY CREATE A CORRUPTED BACKUP FILE
IT16918	INCORRECT QUERY RESULTS WHEN USING OFFSET-CLAUSE AND/OR FETCH-FIRST-CLAUSE
IT17311	WRONG RESULT IN STORED PROCEDURE QUERY WHEN ADD/DROP CHECK CONSTRAINT
IT17395	SELECT AGAINST MDC TABLE WITH A RANGE PREDICATE IN SMP MIGHT RETURN A WRONG RESULT.
IT17472	INCORRECT RESULTS ARE POSSIBLE WHEN JOIN AGAINST CDE TABLES IS DONE AND AN UNDOCUMENTED JOIN SUPPORT REGISTRY VARIABLE SET
IT17512	IN Db2 DPF, POSSIBLE WRONG RESULT WHEN OUTER JOIN PREDICATE COL1=COL2 AND BOTH COLUMNS ARE FROM THE OUTER TABLE
IT17679	WRONG RESULTS AGAINST COLUMN ORGANIZED TABLE ARE POSSIBLE WITH EXPANDING JOIN PLAN
IT17789	SQL STATEMENT WITH AN EXISTS PREDICATE AND A JOIN INVOLVING NON-DETERMINISTIC CORRELATED SUBQUERY MAY RETURN MORE ROWS
IT17951	POSSIBLE WRONG RESULTS WHEN THE INPUT PARAMETERS OF AN INLINED SQL SCALAR UDF CONTAINS AN OLAP SPECIFICATION
IT18020	INCORRECTLY GENERATED DERIVED PREDICATES MIGHT CAUSE INCORRECT QUERY RESULTS DUE TO TRAILING BLANKS
IT18022	A CORRELATED SCALAR SUBQUERY IN AN UPDATE STATEMENT MAY NOT CORRECTLY RETURN SQL0811N IF SPECIFIC REGISTRY IS SET
IT18102	AN SQL STATEMENT IN A PARTITIONED DATABASE ENV CONTAINING THE ROW_NUMBER() OVER() OPERATION MIGHT PRODUCE INCONSISTENT RESULTS
IT18201	WRONG RESULT IS POSSIBLE IF GENERATED ALWAYS EXPRESSION REFERENCES A BUILT-IN FUNCTION WITH MORE THEN ONE STRING INPUT
IT18206	WRONG RESULT IS POSSIBLE IN ORACLE COMPATIBILITY MODE UNICODE DB WHEN COMPARING A CHAR COLUMN WITH A GRAPHIC CONSTANT
IT18237	PREDICATE COMPARING SUBSTR ON CODEUNITES32 COLUMN IN THE COLUMNAR ORGANIZED TABLE TO HOST VAR COULD RETURN AN INCORRECT RESULT
IT18343	Db2 MAY RETURN INCORRECT RESULTS IF USING A CASE STATEMENT TO COMPARE FIXED CHAR/GRAPHIC STRINGS IN VARCHAR2 COMPATIBILITY MODE
IT18505	Db2 CAN RETURN WRONG RESULTS WHEN USING THE SPECIAL REGISTER 'CURRENT DECFLOAT ROUNDING MODE' IN A QUERY IN AN MPP ENVIRONMENT
IT18514	Db2 MAY RETURN SQLCODE:-901 OR RETURN WRONG RESULTS ON QUERIES WITH PLANS THAT INVOVLE SORT ON AN ENCRYPTED DATABASE
IT18732	WHEN RUNNING THE DYNAMIC SQL IN A PACKAGE, THE WRONG STATEMENT COULD BE PICKED UP, RESULTING IN WRONG RESULT.
IT18761	TRUNC ON MINIMUM INTEGER VALUE MIGHT RETURN 0 WHEN (VALUE, -X) IS DONE
IT18771	PURESCALE: QUERY MIGHT RETURNS WRONG RESULT WHEN INPLACE (ONLINE) TABLE REORGANIZATION IS RUNNING
IT19095	DB2 MIGHT PRODUCE INCORRECT RESULT WHEN EXECUTING XQUERY WITH MULTIPLE OR SUBTERMS
IT19808	COMPILED COMPOUND SQL OR A PL/SQL ANONYMOUS BLOCK CAN DELETE ALL ROWS OF A ON COMMIT DELETE ROWS TEMPORARY TABLE
IT19976	SQL QUERIES WITH IN OR NOT IN CLAUSE MAY PRODUCE INCORRECT RESULTS FOR A COLUMN-ORGANIZED TABLE
IT20436	INCORRECT RESULT OR SQL0811N ARE POSSIBLE WHEN SQL CONTAINS SCALAR NOT EXISTS SUBQUERY
IT20475	INCORRECT RESULTS ARE POSSIBLE WHEN CONCURRENT QUERIES ACCESS COLUMNAR ORGANIZED TABLES AND USE CS ISOLATION
IT20517	IN DPF, WHEN UNIQUE TQ IS PRESENT IN THE PLAN AND SPECIAL INTERNAL PERFORMANCE OPTIMIZATION IS HAPPENING, POSSIBLE DUPLICATE VALUES RETURNED
IT20597	WRONG RESULTS MIGHT OCCUR WHEN SCALAR SUB-QUERY IS ON THE LEFT HAND SIDE OF A NOT IN PREDICATE
IT20790	INCORRECT RESULT POSSIBLE WHEN CASE AND ANOTHER PREDICATE HAVE THE SAME COMPARISON OPERATION
IT21015	AGAINST COLUMNAR TABLES, COMBINATION OF EXCLUSIVE TABLE LOCK AND UNCOMMITTED INSERT AND SELECT COULD RETURN INCORRECT RESULTS
IT21060	SQL QUERIES WITH IN OR NOT IN CLAUSE MAY PRODUCE INCORRECT RESULTS FOR A COLUMN-ORGANIZED TABLE
IT21077	UPDATE OF UNIQUE COLUMNS MIGHT RESULT IN DUPLICATES IN A TABLE WITH A UNIQUE INDEX
IT21760	Db2 MAY RETURN WRONG RESULTS WITH ORACLE COMPATIBILITY AND SUBSTR
IT21897	WRONG RESULT IS POSSIBLE WHEN CODEUNITS 32 IS USED IN A ROW DATA TYPE ASSIGNMENT AND CAST IS USED
IT21971	DOING LIKE ON A CODEUNITES32 FIXED LENGTH COLUMN IN THE COLUMNAR ORGANIZED TABLE COULD RETURN AN INCORRECT RESULT
IT22360	WRONG RESULT IS POSSIBLE WHEN EXPRESSION ON JOIN COLUMN
IV89630	ON COLUMN ORGANIZED TABLES, Db2 MIGHT INSERT INCORRECT NUMBER OF ROWS FOR INSERT FROM SELECT THAT INCLUDES ANTI JOIN
IV92833	WRONG RESULT IS POSSIBLE WHEN COLUMNAR TABLES ARE INVOLVED IN A A PLAN WITH A UNION AND CSE IS PUSHED DOWN ON TO CDE
IV97815	A QUERY AGAINST COLUMNAR ORGANIZED TABLE AND ARITHMETIC ON BOTH TIME AND DECIMAL DATATYPES MAY RETURN INCORRECT RESULT

-->

DB2 Version 10.5 Fix Pack 8
Security APARs
IT11536	SECURITY: DB2 IS AFFECTED BY SECURITY VULNERABILITIES IN IBM GPFS (CVE-2015-4974, CVE-2015-4981 & CVE-2015-7403)
IT12488	SECURITY: DB2 SERVER MAY CRASH DUE TO MALFORMATTED DRDA MESSAGES (CVE-2016-0211)
IT12642	SECURITY: GSKIT UPGRADE DUE TO SECURITY VULNERABILITIES (CVE-2015-7420, CVE-2015-7421 & CVE-2016-0201)
IT12675	SECURITY: DB2 may trap when running query with AVG OLAP function on Oracle compatible database (CVE-2016-0215)
IT15000	SECURITY: DB2 IS VULNERABLE TO THE DLL-PLANTING VULNERABILITY IN INSTALLSHIELD (CVE-2016-2542)
IT15578	SECURITY: DB2 IS AFFECTED BY OPEN SOURCE APACHE XERCES-C XML PARSER VULNERABILITIES (CVE-2016-0729)
IT16323	SECURITY: DB2 PURESCALE AFFECTED BY MULTIPLE VULNERABILITIES IN GPFS
IT16921	SECURITY: ELEVATED PRIVILEGES WITH DB2 EXECUTABLES (CVE-2016-5995)
HIPER APARs
IT12532	SQL STATEMENT CAN FAIL WITH SQL0901N OR PRODUCE WRONG RESULT WHEN ZZJOIN IS CHOSEN IN THE ACCESS PLAN
IT12568	DB2 INSTANCE MAY ABEND WHEN CREATING COMPOUND STATEMENTS CONTAINING LIKE PREDICATES
IT12741	COMPILED TRIGGERS NOT FIRING AFTER UPGRADE FROM VERSION 9.7 TO 10.1 OR 10.5
IT12997	TRUNCATE OF A DECLARED GLOBAL TEMPORARY TABLE MAY NOT RESULT IN TRUNCATED TABLE IN A PARTITIONED DATABASE
IT13002	VALUE FUNCTION WITH HASH JOIN MIGHT RETURN WRONG RESULT SET
IT13020	DB2 MIGHT PRODUCE INCORRECT RESULT WHEN EXECUTING QUERIES WITH INTERSECT AND DISTINCT
IT13416	QUERY ON CREATED GLOBAL TEMPORARY TABLE MAY RETURN WRONG RESULTS IN DPF WHEN RUNNING THE SAME STATEMENT ON DIFFERENT PARTITIONS
IT13454	COMPLEX XML QUERY GIVES INCORRECT RESULTS IN RARE CIRCUMSTANCES DUE TO INCORRECT PROCESSING OF PARTIALLY MATCHED ELEMENTS.
IT13502	INCORRECT RESULTS FROM SELECT ON INDEX CONTAINING MORE THAN 4,294,967,295 ROWS
IT13607	DB2 ON AIX WITH DB2AUTH OR DB2_ALTERNATE_GROUP_LOOKUP SET MAY GET WRONG USER GROUP MEMBERSHIP RESULTING IN WRONG PRIVILEGES
IT13665	QUERIES CONTAINING BOTH AN IN (SUBQUERY) AND NOT IN (SUBQUERY) MAY EXPERIENCE INCORRECT RESULTS
IT14131	DB2 MIGHT ABEND WHEN EXECUTING QUERIES WITH MULTIPLE PREDICATES ON SUBSUMABLE SCALAR SUBQUERIES
IT14357	SLOW ROLLBACK PERFORMANCE SLOWING OVERALL PERFORMANCE OF THE APPLICATIONS
IT14559	DB2 SHORTCUTS DO NOT APPEAR POST INSTALLATION ON WINDOWS 2012 IF MICROSOFT SECURITY PATCH KB3126593 WAS APPLIED
IT14604	IN FEDERATED SCENARIO, TABLE EXPRESSION AGAINST NICKNAME WITH BOTH CORRELATION AND FFNR CLAUSE COULD PRODUCE INCORRECT RESULT
IT14972	10.5 FP7 SQL USING IN/OR/= PREDICATES AGAINST COLUMNS OF VARYING LENGTH STRING TYPES IN COLUMNAR TABLES CAN RETURN WRONG RESULTS
IT15043	ENABLING REOPT_ALWAYS VIA OPTIMIZATION PROFILE MAY LEAD TO INCORRECT RESULTS AS PARAMETER VALUES MAY BE RE-USED INCORRECTLY
IT15051	JSON2BSON() FUNCTION REMOVES BACKSLASH FROM JSON DATA ASSUMING IT IS AN ESCAPE CHARACTER
IT15057	DB2 MIGHT PRODUCE INCORRECT RESULT WHEN EXECUTING QUERY WITH UNION AND MULTIPLE BASE TABLES
IT15311	QUERY WITH UNION ALL AND EXISTENTIAL SUBQUERY COULD PRODUCE INCORRECT RESULT IN DB2 10.5 FP7
IT15313	QUERIES CONTAINING MULTIPLE OUTER JOIN OPERATIONS AND NESTED EXPRESSIONS MAY PRODUCE INCORRECT RESULTS
IT15362	WRONG RESULT IS POSSIBLE IF SQL CONTAINS "NULL IS NULL" IN SUB-BRANCH OF AN OR
IT15621	INCORRECT RESULT SET COULD BE RETURNED WHEN USING JSON SQL ON TABLE CONTAINING NESTED ARRAYS
IT16651	DB2 MAY RETURN INCORRECT RESULTS WHEN USING STRING EQUALITY PREDICATES CONTAINING DIFFERING CODE UNITS
IV80025	MIN_DEC_DIV_3 MIGHT NOT GET PICKED UP IN QUERIES AGAINST COLUMN ORGANIZED TABLES
IV81444	AGAINST COLUMNAR TABLES SCALAR FUNCTIONS WEEK_ISO;TIMESTAMP_ISO; MICROSECOND(NON-TIMESTAMP COLUMN) COULD RETURN INCORRECT RESULT
IV83653	WE COULD LOOSE UPDATED ROWS WHEN DOING INDEX SCAN ON COLUMNAR TABLE WITH CURSOR STABILITY ISOLATION LEVEL

-->

DB2 Version 10.5 Fix Pack 7
Security APARs
IT07394	SECURITY: DB2 ACS IS AFFECTED BY OPENSSL VULNERABILITY (CVE-2015-0204)
IT08753	SECURITY: LOCAL ESCALATION OF PRIVILEGE VULNERABILITY IN DB2 (CVE-2015-1947)
IT09900	SECURITY: GSKIT IS AFFECTED BY SECURITY VULNERABILITIES (CVE-2015-1788)
IT09964	SECURITY:Vulnerability in FCM affects DB2 (CVE-2015-4000)
IT09969	SECURITY: Multiple vulnerabilities in FCM affects DB2 LUW (CVE-2015-1788 & CVE-2015-2808)
HIPER APARs
IT05825	WRONG RESULT FROM STATEMENT WITH TWO OR MORE OLAP FUNCTIONS WITH COMPATIBLE PARTITION-BY CLAUSES WITH ONE EQUATING TO CONSTANTS
IT06542	EMPTY RESULT OR A HANG MAY HAPPEN FOR CDE TABLE QUERY IF TABLESPACE HAS ENOUGH TABLES TO GENERATE NEGATIVE TABLE_ID
IT06951	POSSIBLE WRONG RESULT FROM SQL STATEMENT JOINING 4 OR MORE COLUMN-ORGANIZED TABLES
IT08456	INCORRECT QUERY RESULTS OR SQL0901N REASON "BAD OUTER COMPARE" POSSIBLE IN DPF WHEN SQL PLAN HAS MDTQ AND MERGE JOIN LOLEPOPS
IT09073	INCORRECT RESULTS FROM SORT OPERATIONS ON DB2 VERSION 10.5.0.5
IT09085	INDEX SCAN ON A DATA PARTITIONED TABLE MAY TRAP OR RETURN INCORRECT RESULTS IF PARTITIONS BECOME AVAILABLE DURING THE SCAN
IT09332	WRONG RESULTS MAY HAPPEN WHEN ACCESS PLAN CONTAINS INDEX SCAN ON THE OUTER LEG OF THE HASH JOIN
IT09336	IN A RARE CONDITION, A QUERY OF A CHAIN OF EQUALITY JOIN PREDICATES BETWEEN 4 OR MORE TABLES COULD PRODUCE EXTRA ROWS
IT09392	DB2 MAY CRASH WHEN REPLAYING FEDERATED XA LOG RECORDS IF FEDERATED TWO_PHASE COMMIT IS USED
IT09394	INGEST: SQL0804N OR INCORRECT DECIMAL DATA LOADED WHEN DECIMAL IS IN ASCII AND PRECISIONS DO NOT MATCH
IT09419	INCORRECT RESULT WHEN QUERY HAS LEFT OUTER JOIN AND UNION ALL
IT09541	DB2 PURESCALE: RSCT APAR IV68484 TB_BREAK ROUTINE CAN REPORT FALSE FAILURE ON LINUX
IT09596	SYSIBM.POWER ( EXPRESSION1, EXPRESSION2 ) WILL RETURN INCORRECT RESULTS FOR SOME VALUES WHEN THE BIGINT DATA TYPE IS USED
IT10009	WRONG RESULTS ARE POSSIBLE WHEN USING THE SAME COLUMN TWICE IN DIFFERENT AGGREGATION FUNCTIONS
IT10256	DB2 PURESCALE: RSCT APAR IV74148: BACKLEVEL RESOURCE MANAGERS MAY HANG UNDER ERROR CONDITIONS
IT10812	INDEX/DATA MISMATCH MIGHT OCCUR IN AN MDC TABLE AFTER A DEFERRED ROLLOUT IS SUSPENDED
IT11108	RESTORE DB WITH ENCROPTS "SHOW MASTER KEY DETAILS" ON NON-ENCRYPTED IMAGE CAUSES UNEXPECTED RESTORE TO COMPLETE
IV69346	A ':' CHARACTER IN A COLUMN-ORGANIZED TABLE NAME REFERENCED IN A NESTED QUERY CAN RESULT IN AN INCORRECT EMPTY RESULT SET
IV70418	INCORRECT RESULTS POSSIBLE AGAINST COLUMN-ORGANIZED TABLES WHEN A CAST IS USED IN THE LEFT HAND SIDE OF AN IN LIST EXPRESSION
IV72718	QUERY ON A COLUMNAR TABLE CAN RETURN INCORRECT RESULTS IF IT HAS VARIABLE LENGTH STRINGS WITH SPECIAL CHARS LIKE TABS OR BLANKS
IV78737	WRONG RESULT IS POSSIBLE WITH QUERIES AGAINST COLUMNAR TABLES WHEN PLAN HAS SHARED COMMON SUBEXPRESSION AND INDEX SCAN
JR54057	INCORRECT RESULT IS POSSIBLE IN FEDERATED ENVIRONMENT WHEN PLAN PUSHES DOWN FETCH FIRST N ROWS CLAUSE TO REMOTE SERVER

-->

DB2 Version 10.5 Fix Pack 6
Security APARs
IT06351	SECURITY: TLS padding vulnerability affects IBM® DB2® LUW (CVE-2014-8730)
IT06353	SECURITY: IBM DB2 contains a file disclosure vulnerability using a SELECT statement with XML/XSLT function (CVE-2014-8910)
IT07109	SECURITY: DB2 TRAPS WHEN EXECUTING A SPECIALLY-CRAFTED SQL STATEMENT WITH SCALAR FUNCTIONS (CVE-2015-0157)
IT07554	SECURITY: DB2 contains a sensitive information exposure vulnerability in the monitoring and audit feature (CVE-2014-0919)
IT07635	SECURITY: VULNERABILITIES IN GSKIT AFFECT IBM DB2 LUW (CVE-2015-0138)
IT08075	SECURITY: DB2 CONTAINS A FILE DISCLOSURE VULNERABILITY IN THE DATABASE AUTOMATED MAINTENANCE FEATURE (CVE-2015-1883)
IT08113	SECURITY: DB2 IS AFFECTED BY MULTIPLE SECURITY VULNERABILITIES IN GPFS (CVE-2015-0197, CVE-2015-0198, CVE-2015-0199)
IT08526	SECURITY: DB2 USER CAN DELETE TABLE DATA WITHOUT APPROPRIATE PRIVILEGES (CVE-2015-1922)
IT08537	SECURITY: VULNERABILITY IN RC4 STREAM CIPHER AFFECTS IBM® DB2® LUW (CVE-2015-2808)
IT08656	SECURITY: DB2 LUW CONTAINS A VULNERABILITY IN SCALAR FUNCTION THAT MAY CAUSE DB2 SERVER TO TERMINATE ABNORMALLY (CVE-2015-1935)
HIPER APARs
IT06433	PERFROMANCE DEGRADATION DURING INPLACE REORG IN A HADR ENVIRONMENT ON A STANDBY DATABASE
IT07392	IN RARE SCENARIOS COMPLEX QUERY WITH AN OLAP SPECIFICATION AND A SUBQUERY MIGHT RETURN EXTRA ROWS
IT07403	SELECT ON XML USING FN:UPPER-CASE & TABLE HAS AN INDEX CAN RETURN INCORRECT RESULTS
IT09018	HADR STANDBY LOG REPLAY OR ROLLFORWARD RECOVERY CAN FAIL DUE TO SQLB_BAD_PAGE
IT09073	INCORRECT RESULTS FROM SORT OPERATIONS ON DB2 VERSION 10.5.0.5

-->

DB2 Version 10.5 Fix Pack 5
Security APARs
IT04138	SECURITY: Multiple ALTER TABLE statements can cause DB2 to terminate (CVE-2014-6210).
IT04730	SECURITY: DB2 may terminate abnormally when issuing an ALTER TABLE statement with AUTO_REVAL set to IMMEDIATE (CVE-2014-6159).
IT04786	SECURITY: ALTER TABLE on an identity column may cause DB2 to terminate (CVE-2014-6209).
IT05933	SECURITY: XML QUERY WILL CAUSE DB2 TO INCREASE CPU USAGE (CVE-2014-8901).
HIPER APARs
IT03298	INSERT MIGHT NOT RESPOND OR BE VERY SLOW OR HANG ON PURESCALE SYSTEMS
IT03970	PERFORMING MEMBER CRASH RECOVERY IN PURESCALE WITH EHL ENABLED MIGHT CORRUPT THE TABLE IN CERTAIN SITUATIONS
IT04173	SQL STATEMENT WITH MULTIPLE SIMILAR CORRELATED SUBEXPRESSIONS MIGHT RETURN INCORRECT RESULTS
IT04307	INCORRECT RESULTS FROM A COLUMN-ORGANIZED TABLE WHEN OPERATIONS INCLUDE NEGATIVE FLOAT/DOUBLE VALUES AND A RESULT OF ZERO
IT04326	PACKAGE CACHE MEMORY USE CAN EXCEED CONFIGURED SIZE RESULTING IN MEMORY EXHAUSTION ON DB2 Cancun Release 10.5.0.4.
IT04426	"<TIMESTAMP_COLUMN> + <DECIMAL_COLUMN> SECONDS" MIGHT PRODUCE INCORRECT RESULTS IN COLUMN-ORGANIZED TABLES
IT04660	RESTORE DATABASE MIGHT INTRODUCE CORRUPTION IN OBJECTS THAT RESIDE IN SMS TABLESPACES AND ARE LARGER THAN 2GB (WINDOWS ONLY)
IT04924	WHEN INTRA_PARALLEL ENABLED, SQL STATEMENT WITH IN PREDICATE MIGHT RETURN INCORRECT RESULTS
IT05009	SEVERE MEMORY LEAK IN DATABASE MEMORY ON DB2 10.5 FIX PACK 4 IN DPF ENVIRONMENTS WITH INTRAPARTITION PARALLELISM ENABLED
IT05044	INCORRECT RESULTS MIGHT BE RETURNED FOR A QUERY INVOLVING AN AGGREGATION FUNCTION AND AN OUTER JOIN OPERATOR
IT05068	POTENTIAL CORRUPTION DURING READAHEAD DATA PREFETCHING WHEN A DECIMAL KEY PART IS USED WITH INDEX COMPRESSION
IT05185	SQL STATEMENT WITH REPARTITIONED JOINS MIGHT RETURN INCORRECT RESULTS IN A DPF SYSTEM
IT05194	TABLE MAY BE INCONSISTENT AFTER INPLACE TABLE REORG IN PURESCALE WITH EXPLICIT HIERARCHICAL LOCKING ENABLED
IT05544	PERFORMANCE DEGRADATION AND DROPPED DATABASE CONNECTIONS DUE TO INCORRECTLY REPORTED LICENSE ERRORS ON DB2 VERSION 10.5.0.4
IT05812	INCORRECT RESULTS MIGHT BE RETURNED FOR COLUMN-ORGANIZED TABLES WITH AN ENFORCED PRIMARY KEY OR UNIQUE CONSTRAINTS
IT05898	WRONG RESULTS RECEIVED FOR A QUERY DUE TO INCORRECT INTERNAL COLUMN STRUCTURES
IT05904	INCORRECT RESULTS MIGHT BE PRODUCED IF HSJOIN HAS 2 NLJNs ON THE PROBE SIDE AND HSJN PROBE PUSH DOWN INTO THE SECOND NLJN DONE
IT09336	IN A RARE CONDITION, A QUERY OF A CHAIN OF EQUALITY JOIN PREDICATES BETWEEN 4 OR MORE TABLES COULD PRODUCE EXTRA ROWS

-->

DB2 Version 10.5 Fix Pack 4
Security APARs
IT02201	SECURITY: DB2 IS AFFECTED BY THE JSON-C HASH FUNCTION DENIAL OF SERVICE VULNERABILITY (CVE-2013-6371 )
IT02291	Security: DB2 contains a denial of service vulnerability in ALTER MODULE statement handling. (CVE-2014-3094)
IT02433	SECURITY: DB2 contains a denial of service vulnerability in SQL Compiler (CVE-2014-3095)
IT03761	Security: Unauthorized Access to user data vulnerability in DB2 during certain LOAD operations into CDE tables (CVE-2014-4805)
HIPER APARs
IC97290	INSTANCE MIGHT ABEND OR RETURN INCORRECT RESULTS DUE TO AN INCORRECT EXECUTION SECTION FOR STAR JOIN
IC99419	CLI-BASED APPLICATIONS RECEIVE SQL0501N AGAINST DB2 Z/OS WHEN STORED PROCEDURE CALL HAS MULTIPLE CURSORS
IC99679	A REORG INPLACE OPERATION ON A TABLE WITH ADAPTIVE COMPRESSION ENABLED MIGHT FAIL OR RESULT IN AN INCORRECTLY COMPRESSED ROW
IT00270	SQL QUERY CONTAINING NODENUMBER PREDICATE MIGHT PRODUCE AN INCORRECT RESULT
IT00421	POTENTIAL INDEX CORRUPTION WHEN USING INDEX COMPRESSION AND UNICODE DATABASES WHICH USE UCA COLLATION WITH S(STRENGTH) = 1 OR 2
IT00510	REPLAY OF REORG-INDEX-RECLAIM-EXTENTS LOG RECORDS MIGHT LEAD TO INDEX CORRUPTION
IT00521	INCORRECT RESULT CAN BE RETURNED FOR COLUMN-ORGANIZED TABLES
IT00649	INCORRECT RESULTS FROM INSERT WITH VALUES, WHEN INSERTING TO A COLUMN-ORGANIZED TABLE
IT00712	INCORRECT RESULT IN COLUMN-ORGANIZED TABLES IN SQL WITH "COL >= RHS1 AND COL <= RHS2", IF BOTH DECIMALS AND DOUBLES ARE INVOLVED
IT00930	COLLATION_KEY_BIT MIGHT GENERATE EMPTY STRINGS IN ORACLE MODE IF INPUT STRING CONSISTS OF BLANKS
IT00933	IN DB2 DPF ENVIRONMENTS ONLY, A SPECIFIC TYPE OF QUERY AND RESULTING ACCESS PLAN MIGHT RETURN WRONG RESULTS
IT01000	CHAR(' ',0) RETURNS EMPTY STRING INSTEAD OF NULL IN VARCHAR2 ENABLED DATABASE.
IT01020	ROWS MISSING WHEN LARGE RESULT SET IS PRODUCED BY NULLS FIRST SORT ON INTEGER OR BIGINT
IT01024	POSSIBLE WRONG RESULTS WHEN INDEX JUMP SCANS ARE USED IN REFERENTIAL INTEGRITY CHECKING
IT01084	SQL STATEMENT WITH UNCORRELATED SUBQUERY PREDICATE MIGHT RETURN INCORRECT RESULTS WHEN INTRA_PARALLEL IS ENABLED
IT01088	SQL STATEMENT WITH ORDERED COLUMN GROUP OR PREDICATES MIGHT RETURN INCORRECT RESULT SET WHEN JUMP SCAN USED
IT01236	CONCURRENT DELETE CAUSED INCORRECT RESULTS IN UPDATE OF COLUMN-ORGANIZED TABLE
IT01256	QUERY MIGHT HAVE OR PREDICATE WRONGLY REMOVED RESULTING IN EXTRA ROWS IN THE RESULTS
IT01340	INCORRECT RESULTS MIGHT BE RETURNED WHEN QUERYING A COLUMN-ORGANIZED TABLE WHEN USING "GROUP BY "
IT01617	QUERIES WITH XMLTABLE FUNCTIONS MIGHT RETURN INCORRECT RESULTS WHEN MORE THAN ONE EQUAL PREDICATE IS USED IN WHERE CLAUSE
IT01656	TABLE SPACE ROLLFORWARD MIGHT NOT UNDO TRANSACTION CORRECTLY, LEAVING INCONSISTENT DATA
IT01662	INCORRECT RESULTS MIGHT BE PRODUCED WITH PREDICATES INVOLVING NULL CONSTANTS
IT01742	INCORRECT VALUES MIGHT BE INSERTED INTO A TABLE WHEN AN INCORRECT PLAN IS CHOSEN FOR INSERT FROM SELECT
IT01899	DB2 MIGHT PRODUCE INCORRECT RESULT WHEN REFERENCING EMPTY TABLE WITH AGGREGATE FUNCTIONS IN SUBSELECT
IT02004	INCORRECT RESULTS FROM COLUMN ORGANIZED TABLE WHEN WHERE CLAUSE HAS "OR ( IS NOT NULL AND IS NOT NULL)"
IT02047	ACCESS PLANS CONTAINING INDEX ORING BETWEEN MDC AND NON MDC INDEX MAY NOT FETCH ALL ROWS FROM SECOND EXECUTION ONWARDS
IT02214	INCORRECT RESULTS WHEN SELECTING "DISTINCT LENGTH()" FROM A COLUMN-ORGANIZED TABLE
IT02215	INCORRECT RESULTS FROM COLUMN-ORGANIZED TABLE WHEN PREDICATE COMPARES NULL VS CAST(NULL AS )
IT02761	MISSING INDEX KEY OR WRONG RESULT WHEN USING EXCLUDE NULL KEYS RANDOM INDEXES AFTER SOME DATA PARTITION ATTACH OPERATION
IT02843	PERFORMING MEMBER CRASH RECOVERY IN PURESCALE WITH EHL ENABLED MIGHT CORRUPT THE TABLE IN CERTAIN SITUATIONS
IT03045	WRONG RESULTS WITH CONCURRENT UPDATES AND DELETES ON A COLUMN-ORGANIZED TABLE
IT03076	DATA CORRUPTION POSSIBLE AFTER RECREATING PAGE DICTIONARY
IT03203	INCORRECT RESULTS MIGHT BE RETURNED WHEN USING THE UNION SET OPERATOR TO SELECT FROM COLUMN-ORGANIZED TABLES
IT03642	INCORRECT RESULTS POSSIBLE IN CASES WHERE A COLUMN ORGANIZED TABLE IS MODIFIED BY TWO TRANSACTIONS AT THE SAME TIME
IT16779	QUERY USING ZIGZAG IN THE ACCESS PLAN MIGHT PRODUCE WRONG RESULTS WHEN IN2JOIN IS IN THE ACCESS PLAN AS WELL
IV64020	EXPANDING (NOT EARLY OUT) JOIN OF MORE THAN 2 COLUMN-ORGANIZED TABLES MIGHT CAUSE INCORRECT RESULTS

DB2 Version 10.5 Fix Pack 3a
Security APARs
IC99477	Security: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963)
IC99481	SECURITY: VULNERABILITY IN STORED PROCEDURE INFRASTRUCTURE CAN ALLOW ESCALATION OF PRIVILEGE TO ADMINISTRATOR (CVE-2013-6744).
IT00687	SECURITY: ELEVATED PRIVILEGES WITH DB2 EXECUTABLES (CVE-2014-0907)

-->

DB2 Version 10.5 Fix Pack 3
Security APARs
IC94939	SECURITY: DENIAL OF SERVICE VULNERABILITY IN DB2's FAST COMMUNICATIONS MANAGER. (CVE-2013-4032)
IC97472	SECURITY: NULL POINTER DEREFERENCE IN DB2'S XSLT PARSING ENGINE (CVE-2013-5466).
IC97738	SECURITY: QUERY WITH OLAP SPECIFICATION CAUSES DB2 SERVER TO SHUTDOWN DATABASE. (CVE-2013-6717)
HIPER APARs
IC94890	THERE MIGHT BE A DOUBLE FREE OR LIST CORRUPTION IN THE SQLRLC_CSM_DEFUNCT() FUNCTION
IC95146	THE LOAD COMMAND WITH THE REMOTE FETCH OR SOURCEUSEREXIT OPTIONS MIGHT FAIL TO INSERT SOME ROWS INTO A TABLE
IC95522	THE QUERY STATEMENT WITH A SUBQUERY PREDICATE MIGHT NOT RETURN ROWS AFTER ENABLING DB2_COMPATIBILITY_VECTOR=ORA
IC95669	TCP CONNECTIONS FROM NON-HADR DATABASE SOFTWARE TO THE STANDBY MIGHT ALTER THE HADR STATE AND STALL LOG SHIPPING ON THE PRIMARY
IC95689	THE ROUND FUNCTION WITH A MINIMUM VALUE FOR INTEGER AND BIGINT VALUES IS NOT RETURNING THE CORRECT RESULTS
IC96922	USER-DEFINED FUNCTION WITH INDEX EXTENSION EXPLOITATION MIGHT RETURN INCORRECT RESULTS IF INDEX IS NOT PRESENT
IC97269	THE DBMS_LOB.COMPARE FUNCTION AND DBMS_LOB.READ PROCEDURE DO NOT PROCESS CLOBS CORRECTLY IF MULTI-BYTE CHARACTERS ARE PRESENT
IC97340	QUERIES WITH THE XMLTABLE FUNCTION MIGHT RETURN INCORRECT RESULTS
IC97805	UNEXPECTED LOCK ESCALATIONS ON DB2 PURESCALE SYSTEMS USING STMM LOCKLIST TUNING OR MANUAL DYNAMIC UPDATE OF LOCKLIST SETTING
IC97851	INCORRECT RESULT IN UNICODE DB WITH LIKE PREDICATE AND FULLWIDTH UNDERSCORE WILD CHARACTER ON A CLOB COLUMN
IC97928	ALTER TABLE DROP COLUMN ON A TABLE WITH AN INDEX WITH RANDOM ORDERING MIGHT LEAD TO INDEX CORRUPTION
IC98160	POSSIBLE INCORRECT RESULT ON MULTIPLE OUTER JOINS AND A COMBINATION OF EQUALITY JOIN PREDICATES AND LOCAL PREDICATES
IC98350	A QUERY WITH AN OR PREDICATE MIGHT RETURN INCORRECT RESULTS
IC98875	QUERY ON PARTITIONED TABLE MIGHT FAIL WITH SQLD_BADPAGE AND SQLDFETCHDIRECT PROBE: 5395 ERRORS WHEN RUNNING EHL
IT00671	INCORRECT RESULTS FROM COLUMN-ORGANIZED TABLE WHEN LIKE IS DONE AGAINST A COLUMN WHICH IS ENCODED WITH FORCED PREFIX COMPRESSION
IT03122	RECOVERING A FAILED ONLINE INCREMENTAL LOAD ON AN INDEX CREATED WITH THE "PCTFREE 0" OPTION MIGHT CORRUPT THE INDEX
IV53366	MINOR POSSIBILITY OF WRONG RESULTS DURING INEQUALITY PREDICATE PROCESSING ON CHAR OR GRAPHIC COLUMNS IN COLUMN-ORGANIZED TABLES

-->

DB2 Version 10.5 Fix Pack 1
Security APARs
IC94758	SECURITY: UNAUTHORIZED ACCESS TO TABLE VULNERABILITY IN DB2 (CVE-2013-4033)
HIPER APARs
IC93971	INDEX / DATA MISMATCH MIGHT OCCUR IN AN MDC TABLE AFTER A DEFERRED ROLLOUT
IC94095	EXCESSIVELY LARGE MEMORY ALLOCATION ATTEMPTS FROM FAST INTEGER SORT DUE TO WRONG MEMORY SIZE CALCULATION
IC94298	RANGE PARTITIONED TABLES DEFINED WITH A NULLS FIRST PARTITIONING COLUMN MIGHT RETURN INCORRECT RESULTS
IC94991	BITWISE SCALAR FUNCTIONS MIGHT RETURN INCORRECT RESULTS WHEN USED WITH DECFLOAT DATATYPE ON AIX POWER7
IV46859	LOAD INTO COLUMN-ORGANIZED TABLE MAY CORRUPT DATA RESULTING IN INCORRECT RESULTS
IV46889	ERRORS AFTER RESTORING AN ONLINE BACKUP TAKEN WHILE LOADING INTO A COLUMN-ORGANIZED TABLE

DB2 fix packs for all supported versions can be downloaded at the following site: http://www.ibm.com/support/docview.wss?uid=swg27007053

The DB2 team will continue to have a strong focus on delivering timely fixes for newly discovered issues along with information that helps our customers to decide on an appropriate course of action. The DB2 team regrets the inconvenience that these issues are causing to you, our customers. We believe that our actions are the most prudent steps to address your concerns and remain open to suggestions on how to further improve our processes.

My Notifications
Sign-up to receive e-mail notification of changes to this document.
1. Sign in to My Notifications
2. select Subscribe tab
3. select "Information Management" from the Software column
4. select the check box for "DB2 for Linux, UNIX and Windows"
click the Continue button.
5. select the check box for "Flashes" and all other document types
click the Submit button.

For more information about My Notifications please click on

the Benefits and features or
take a guided tour of My Notifications.

[{"Product":{"code":"SSEPGG","label":"Db2 for Linux, UNIX and Windows"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Security \/ Plug-Ins - Security Vulnerability","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"10.5","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}},{"Product":{"code":"SSEPDU","label":"Db2 Connect"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"10.5","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Tips

Security Vulnerabilities, HIPER and Special Attention APARs fixed in DB2 for Linux, UNIX, and Windows Version 10.5

Flashes (Alerts)

Abstract

Content

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?