IJ56931: IBMJCEPLUS: UPDATED IBM JAVA CRYPTO BINARIES TO FIX A BUFFER OVERFLOW WHEN LOADING THE LIBRARY ON WINDOWS.

APAR status

• Closed as program error.

Error description

• Error Message: N/A
  .
  Stack Trace: N/A
  .
  

Local fix

Problem summary

• IBMJCEPlus: Updated IBM Java Crypto binaries to fix a buffer
  overflow when loading the library on Windows.
  This issue could lead to JVM crashes due to segmentation faults
  or cause incorrect cryptographic operations.?
  

Problem conclusion

• The JVM has been updated to allocate the correct buffer size on
  Windows, eliminating the buffer overflow issue.
  The associated Hursley RTC Problem Report: 153413
  The associated Austin git issue IBMJCEPlus: 939
  Binaries affected: IBM Java Crypto binaries (8.9.18.x).
  JVMs affected: Java 8
  The problem was found in Java 8 SR8 FP55
  The fix was delivered for Java 8 SR8 FP60
  .
  This APAR will be fixed in the following Releases:
  .
  IBM Semeru Runtimes
  IBM SDK, Java Technology Edition
   8 SR8 FP60 (8.0.8.60)
  .
  Downloads and supplementary documentation can be found at the
  following locations:
  - For non z/OS operating systems:
   - IBM Semeru Runtimes, Version 11 and later
   https://www.ibm.com/semeru-runtimes/downloads/
   - IBM SDK, Java Technology Edition, Version 8
   https://www.ibm.com/support/pages/java-sdk-downloads/
  - For the z/OS operating system:
   - Java SDK Products on z/OS
   https://www.ibm.com/support/pages/java-sdk-products-zos
  

Temporary fix

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

Fix information

• Fixed component name

  SECURITY

• Fixed component ID

  620700125

Applicable component levels