| Administrative Console (all non-scripting) | server.xml may have unexpected tags when server is created based on a custom template |
| Logon screen contains extraneous information when specialized xml is used |
| Admin Console Resource Environment custom property name in all capital letters may not be handled properly. |
โ | Web Services Potential weak Client security bindings (CVE-2017-1501) |
โ | Potential Cross-site scripting in WebSphere Application Server Admin Console (CVE-2017-1380) |
| Increase the Java shared class cache size for WebSphere application server for z/os servant address spaces |
| The deployed application has a possibility to be removed unexpectedly |
| iscdeploys leaves temporary files |
| Clicking the LDAP test query link causes NoSuchElementException which also leads to an NPE |
| JavaEE default resources page goes blank if proxy server selected |
| Update the batik library in isclite.ear to 1.9 |
| KC info messages in systemout.log have formatting issues |
| com.ibm.websphere.security.spnego.useracmapmappingtosaf property value not displayed correctly in admin console |
| Administrative Scripting Tools (for example: wsadmin or ANT) | wsadmin determines scripting lang based on 1st JACL command in wsadmin interactive mode |
| DB Connections/ Connection Pooling | During application server start-up, the EJB timer service fails start |
| Default Messaging Component | In WebSphere v8.5.5, messaging engine takes unusually long time to start after failover and throws CWSID0032W warning messages |
| Update IBM WebSphere MQ JCA resource adapter to version 9.0.0.1 |
| Dynamic Cache | NPE occurs with the class ESISupport.java in the parentResponseIsJSPFacesServlet method |
| dynacache does not replicate alias entries |
| TimeToLive is not updated when cache entry is updated. |
| EJB Container | EJB 3.x stub class throws RemoteException for communication failure |
| Lookup of remote EJBS may result in NoSuchObjectException |
| Enterprise Edition (EE) | JAXB fails to unmarshal arrays with custom type inside @xmlelement annotation |
| Federated Repositories | SPECJ0363E errors with illegalargument exceptions from sdoutil.createdataobject |
| LDAP connection timeout leads to NullPointerException |
| WASADMIN ChangeMyPassword command on file repository user command fails with 'Caller is not in the required role' |
| Update the trace information for federated repositories |
| A base entry of "root" defined on a microsoft active directory LDAP server is not supported |
| It's slow to open "manage groups" page in WebSphere administrative console |
| User and group DNS contain extra escaped spaces for RDNS with multiple trailing spaces |
| LocalServiceProvider initialization fails with NullPointerException |
| NullPointerException in urbridgexpathhelper.getexpression() |
| NullPointerException in ldapconfigmanager.getsupportedproperties() |
| Federated repositories fails to search repository when overlapping base dn's exist |
| When one base DN is the subset of another in a federated repository, LDAP failures occur. |
| Federated repositories throws AccessControlException when Java SecurityManager is enabled and an SSL connection is attempted |
| Federated repositories fails to change password when JRE is Java 8 |
| Federated repositories uses wrong security domain |
| General | Updates and fixes for endpoint job purge |
| Deadlock occurs in SIP Proxy under heavy TCP load. |
| zWAS WOLA CICS messages: message and documentation updates messages prefixed with BBOA |
| NoSuchMethodException when a program is using CONCAT function |
| EclipseLink scrollable cursor results in a ClassCastException |
| org.omg.corba.bad_operation when executing "select sql statement" |
| Prevent WebSphere internal packages from being exposed to applications |
| Missing Java runtime version information in the header of the high performance extensible logs (HPEL) binary logs |
| The copyzos.sh script produces a "EDC5003I truncation of a record occurred during an i/o operation" error |
| JAX-RS 2.0 options methods are not invoked when used in sub-resource locator classes |
| inclusive=false of @DecimalMin and @DecimalMax does not work as expected |
| Update how cells are obtained from the ORB cell pool |
| managesdk command will log wsadmin interaction |
| ServerSession numberOfNonPooledConnectionsUsed can become invalid when Exception is thrown connecting |
| Unable to register a liberty server with product insights though an authentication required proxy |
| WASService does not recognize running process |
| zPMT emits message "EOFException: unexpected EOT looking for matching quote: '" |
| Update the manifest file for com.ibm.jaxws.tools.jar to import javax.enterprise.inject |
| WeldTerminalListener is not registered. |
| Provide JDBC hang detection and timings feature to v9 and v855 |
| NullPointerException after stopping one of multiple jaxrs applications |
| Add support for CICS 5.4 in WebSphere optimized local adapters for Liberty and WebSphere Application Server traditional |
| GPF in com/ibm/ws390/tx/nativetransactioncontext.resume_tti |
| Enhance bluemixutility login and listservices commands |
| JAXRS server response does not contain a servlet exception when an unmapped checked exception occurs |
| ProductInsights not reporting used JVM memory correctly |
| Group ID for cells in product insighst contains wrong dmgr host |
| HttpServletRequest#getRequestedSessionId() is executed with the session absent is different between WebSphere Application Server v8.5.5 and v9.0 |
| Usage Data is not queued if connection to bluemix PI host fails |
| WebSphere Application Server Product Insights does not send in group name translations. |
| Unable to login to Bluemix with bluemixUtility |
| High Availability (HA) | HMGR0152W message is misleading |
| IBM HTTP Server | Fix List | Detailed list of APARs for IBM HTTP Server |
| IBM i | Modify iSeries native launcher to honor new default VerboseGC enablement |
| Install | javax.xml.parsers.DocumentBuilderFactory cannot be instantiated |
| Intelligent Management Component | Due to a timing issue, sometimes APC will lose server information and not make placements as a result |
| On Demand Router routes request to web module mapped with less specific virtual host match |
| Dynamic cluster template does not persist change to modify log rotation from file size to a 24 hour period |
| PAUSELISTENERS command issued using the process name instead of server shortname in edition control center |
| Plugin with intelligent management enabled breaks affinity |
| Changes in custom health actions are not picked up when nodes automatically sync |
| ODR session affinity breaks when request contains multiple session cookies of the same name |
| When a rollout fails, it takes a long time for the rollout process to finish |
| Intelligent Management for Web Servers: When a server is stopped and restarted, the server might not be used for routing |
| Disabling an applications 'Target Specific Application Status' while the application is running results in 404/503 |
| Display problem of AdminConsole at "INTERNALCLASSESACCESSMODE" |
| Segfault when high traffic coming to the Intelligent Management Enabled plug-in and a Liberty member is stopped |
| Java 2 Connectivity (J2C) | J2CA0045E ConnectionTimeout happens too often after upgrading to 8.5.5.11 |
| NullPointerException thrown when requesting connections to a RAR from several threads |
| J2CA0045E ConnectionWaitTimeoutException timeout is not calculated as expected in version 9.0.0.3 |
| Runtime performance advisor has hung thread with j2cdiagnosticalerthelperimpl.java on line 419 |
| Java Management Extensions (JMX) or JMX Client API | Node federation fails because it cannot find the IPv6 address |
| Java Message Service (JMS) | Mis-identification of IBM MQ JMS provider |
| Increase the configurable limit of the maximum header field size |
| Change default of EnableBuildBackupList to be true |
| New activiation specification properties - control build up/flow of MDB requests |
| Web service call is failing after applying latest fix packs + IFPI70810 |
| Introduce switch for GetQueryString() to return original query string in forwarded servlet |
| ConcurrentLinkedList TAIlSequenceNumberLock garbage collected |
| Modifying advanced properties of activation spec resets arbitrary properties |
| Java Persistence API (JPA) | Issue with the way OpenJPA caches and reuses query parameters for between expressions when OpenJPA's QueryCache property enabled |
| OpenJPA does not pass-through SSL connection properties that set using openjpa.ConnectionProperties when creating DB2 connection |
| org.apache.openjpa.lib.util.parseexception |
| JavaServer MyFaces (JSF) Apache MyFaces implementation | javax.faces.interpret_empty_string_submitted_values_as_null value affects display behaviour for required fields |
| JavaServer Pages (JSP) | The JSP engine is not processing EL expressions correctly when they are in large blocks of character data |
| Incorrect output for jsp in an expression tag when using certain string concatenations |
| Migration | Migration disabled source node before successful sync |
| After a profile that WebSphere Application Server created in WebSphere Application Server 6.1 is migrated up to 9.0, images in the admin console return error 500 instead of displaying |
| -requireEmbeddedDBMigration setting is not available on z based migrations |
| Migration with cloning to v9 mis-handles the virtualhosts creating duplicate entries |
| Running WebSphere Application Server PostUpgrade fails with AllAuthenticatedUsersInTrustedRealmsExtImpl |
| Support z/OS migration specifying SMS classes for config file systems |
| Migration job fails to read JCL started procedure names from old configuration |
| Migration is not handling SPNEGO security settings correctly |
| Allow WASPreUpgrade to work specifying userinstallroot as second positional parameter |
| Remote WASPreUpgrade fails with embedded derby exception |
| Object Request Broker (ORB) | Add a timer to abend servant at shutdown if there are stalled threads |
| PD tools (for example: Log Analyzer) | zWAS LE ESTAE extension BBORLEXT update to suppress dumps for pgm checks of type pic 7 / 0c7 with DXC code of x'00' / 0x00 |
| HPEL message content filter is not working on multiline messages |
| Asynchronous log records does not show up in systemout.log |
| The -summary option information is missing in the -help option in the collector tool |
| Plug-in | Plugin is crashing because it cannot open the log file defined in its configuration |
| Client failure may occur when the web server plug-in connection is reused and previous connection timed out waiting for response |
| iPlanet web server cannot load the WebSphere plug-in on Solaris x86 |
| Application response without a reason phrase causes plug-in to return 500 error |
| IBM WebSphere application server web server plug-in users with web sockets traffic |
| PMI/Performance Tools | perfServlet application returns empty version information |
| Proxy Server | โ | Potential Information Disclosure with WebSphere Application Server Proxy Server or On-demand-router (ODR) (CVE-2017-1381) |
| Runtime (zSeriesยฎ) | ABEND00C and ABEND0C4 in WebSphere Application Server after stop WebSphere Application Server issued |
| Runtime and Classloader | Thread context Class Loader not set up correctly during CDI bootstrap |
| Message WSVR0655I is seen continuously in the systemout.log |
| Handle NPE and emit serviceable failure message when parsing server endpoint metadata |
| Security | The expirationMonitorNotificationPeriod is set to zero by default |
| WebSphere sub-domain servers with SPNEGO web authentication getting error SECJ6236E |
| The managementScopes element fails to be deleted from security.xml when removing a server via WebSphere Application Server admin console |
| Creation of remote keystore fails when existing keystore is specified |
| Client certificate authentication failure does not fall back to basic authentication |
| Converting certificates in CMS keystore may not delete an old signer certificate |
| The password encryption might fail if multiple wsadmin commands are invoked without saving |
| Each ORB/EJB request is making 3 LDAP search requests |
| Incorrect output for JSP in an expression tag when using certain string concatenations |
โ | Weaker than expected security after using PasswordUtil Commands (CVE-2017-1504) |
| Removenode from admin console fails when AES password encryption is enabled |
| A message of passwordutil wsadmin command needs to be modified for clarification. |
| NPE at ORG.APA |
| Servlet Engine/Web Container | Issues with JSF portlets due to CDI regression |
| NPE during servlet initialization process |
| WebContainer Performance Issue When Under High Load |
| Session Initiation Protocol (SIP) Container | The SIP Container fails to parse a message when the size exceeds 2048 bytes and double CRLF is sent before the message |
| In a multi-homed environment, multiple 200 responses are not proxied back to the originating endpoint. |
| System Management/Repository | Sequencing of PAUSELISTENER/RESUMELISTENER |
โ | WebSphere Application Server may have insecure file permissions with custom startup script (CVE-2017-1382) |
| Failure when attempting to create profile for cell with Java 7 |
| Migration fails for Federated Nodes when cell name is renamed |
| Transaction Service | Deadlock may occur in the CScope RecoveryManager |
| "WTRN0029E: error closing the log in shutdown!" error when stopping a cluster |
| Web Services (for example: SOAP or UDDI or WSGW or WSIF) | WSWS3396E Handler Error: Protected state violation |
| Message WASX7008E incorrectly reported a flawed integer port |
| Two service clients displayed on administrative console for an application. |
| Different prefixes are used for the same namespace url |
| Issues with ResponseWrapper after PI60666 |
| Web Services Security | More diagnostics required when the SAML web SSO redirect url is null |
| ADMA0078W the file cannot be deleted when deploying new version of our applications, cannot delete old version of application |
| OpenID Connect (OIDC) Relying Party(RP) may store incorrect data in DynaCache |
| OIDC TAI cannot dynamically build callback URL |
| OpenID connect (OIDC) Relying Party (RP) does not support post introspection endpoints |
| OIDC RP does not restore single-quote characters in post data |
| WebSphere Common Configuration Model (WCCM) | Incomplete metadata obtained for Java EE modules when multiple resources are used |
| EJB injection failing for some EJBs inside JSF backing beans |
| Incorrect generation of ibm-metadata.xml when deploying with pre-generated merged descriptors |
| EJBDeploy tool fails when setting metadata-complete during deployment |
| Call in violation of protocol message during annotation scanning |
| Remove "failed to open resource" warnings |
| WebFragMergerImpl warning messages when starting an application in WebSphere Application Server 9 |
| ClassSourceException when using WDT |
| Unable to deploy modules which use namespaces in the XML elements of deployment descriptors |
| z/OS | BBO# should allow for a transid to be included on CICS link command |
| OTMA client timeout cannot be configured for WOLA |