|
Problem IT17531
|
Status: Closed |
SECURITY: VULNERABILITY IN GSKIT AFFECTS IBM DB2 (CVE-2016-2183)
|
| product: |
DB2 FOR LUW / DB2FORLUW / 970 - DB2 |
| Problem description: |
GSKit is an IBM component that is used by IBM DB2 LUW. The
version of GSKit that is shipped with DB2 LUW contains the
"Sweet32 Birthday Attack" vulnerability.
See security bulletin for details:
http://www-01.ibm.com/support/docview.wss?uid=swg21994375 |
| Problem Summary: |
****************************************************************
* USERS AFFECTED: *
* All DB2 systems on all Linux, Unix and Windows platforms at *
* service levels Version 9.7 GA through to Version 9.7 Fix *
* Pack 11. *
****************************************************************
* PROBLEM DESCRIPTION: *
* See Error Description *
****************************************************************
* RECOMMENDATION: *
* Upgrade to Db2 V10.5 or newer. *
**************************************************************** |
| Local Fix: |
See security bulletin for details:
http://www-01.ibm.com/support/docview.wss?uid=swg21994375 |
| Solution |
|
| Workaround |
not known / see Local fix |
| BUG-Tracking |
forerunner :
follow-up : IT17645 IT17646 IT17647 |
| Timestamps |
Date - problem reported :
Date - problem closed :
Date - last modified :
| 17.10.2016
06.10.2017
06.10.2017 |
| Problem solved at the following versions (IBM BugInfos) |
|
| Problem solved according to the fixlist(s) of the following version(s) |
