DB2 - Problembeschreibung
Problem IC99474 | Status: Geschlossen |
Security: IBM DB2 is impacted by multiple TLS/SSL security vulnerabilities (CVE-2013-6747, CVE-2014-0963) | |
Produkt: | |
DB2 FOR LUW / DB2FORLUW / 970 - DB2 | |
Problembeschreibung: | |
IBM DB2 is affected by multiple problems related to the SSL implementation. which, under very specific conditions, can cause DB2 server to become unresponsive, hang or crash. By default, DB2 does not use TLS/SSL for client-server communication and therefore, potential exposure only exists if you are using TLS/SSL. See security bulletin for details: http://www.ibm.com/support/docview.wss?uid=swg21671732 | |
Problem-Zusammenfassung: | |
**************************************************************** * USERS AFFECTED: * * All DB2 systems on all Linux, Unix and Windows platforms at * * service levels from Version 9.7 GA through to Version 9.7 * * Fix Pack 9. * **************************************************************** * PROBLEM DESCRIPTION: * * See security bulletin: * * http://www.ibm.com/support/docview.wss?uid=swg21671732 * **************************************************************** * RECOMMENDATION: * * Upgrade to DB2 Version 9.7 Fix Pack 9a. * **************************************************************** | |
Local-Fix: | |
verfügbare FixPacks: | |
DB2 Version 9.7 Fix Pack 9a for Linux, UNIX, and Windows | |
Lösung | |
The complete fix for this problem first appears in DB2 Version 9.7 Fix Pack 9a and all the subsequent Fix Packs. | |
Workaround | |
keiner bekannt / siehe Local-Fix | |
Weitere Daten | |
Datum - Problem gemeldet : Datum - Problem geschlossen : Datum - der letzten Änderung: | 19.02.2014 26.06.2014 26.06.2014 |
Problem behoben ab folgender Versionen (IBM BugInfos) | |
9.7.FP9 | |
Problem behoben lt. FixList in der Version | |
9.7.0.10 |