|
Problem IT17645
|
Status: Closed |
SECURITY: VULNERABILITY IN GSKIT AFFECTS IBM DB2 (CVE-2016-2183) |
| product: |
DB2 FOR LUW / DB2FORLUW / A10 - DB2 |
| Problem description: |
GSKit is an IBM component that is used by IBM DB2 LUW. The
version of GSKit that is shipped with DB2 LUW contains the
"Sweet32 Birthday Attack" vulnerability.
See security bulletin for details:
http://www-01.ibm.com/support/docview.wss?uid=swg21994375 |
| Problem Summary: |
****************************************************************
* USERS AFFECTED: *
* All DB2 systems on all Linux, Unix and Windows platforms at *
* service levels Version 10.1 GA through to Version 10.1 Fix *
* Pack 5. *
****************************************************************
* PROBLEM DESCRIPTION: *
* See Error Description *
****************************************************************
* RECOMMENDATION: *
* Upgrade to DB2 Version 10.1 Fix Pack 6. *
**************************************************************** |
| Local Fix: |
See security bulletin for details:
http://www-01.ibm.com/support/docview.wss?uid=swg21994375 |
| Solution |
The complete fix for this problem first appears in DB2 Version
10.1 Fix Pack 6 and all the subsequent Fix Packs. |
| Workaround |
not known / see Local fix |
| Timestamps |
Date - problem reported :
Date - problem closed :
Date - last modified :
| 24.10.2016
28.02.2017
28.02.2017 |
| Problem solved at the following versions (IBM BugInfos) |
|
| Problem solved according to the fixlist(s) of the following version(s) |
