Community
Search Options
Search Options
Log in
Skip to main content (Press Enter).
Sign in
Skip auxiliary navigation (Press Enter).
Data Management
Topic areas
Data Management Global
Db2
Db2 for z/OS and its ecosystem
Db2 Tools for z/OS
Informix
Integrated Analytics Systems
Netezza Performance Server
Open Source Offerings
User groups
Events
Data Webinars
Upcoming Data Management Events
IBM TechXchange Webinars
All IBM TechXchange Community Events
Participate
Gamification Program
Community Manager's Welcome
Post to Forum
Share a Resource
Share Your Expertise
Blogging on the Community
Connect with Data Management Users
All IBM TechXchange Community Users
Resources
IBM TechXchange Group
Data and AI Learning
IBM Champions
IBM Cloud Support
IBM Documentation
IBM Support
IBM Support 101
IBM Technology Zone
IBM Training
TechXchange Conference
IBM TechXchange Conference 2024
Marketplace
Marketplace
IBM Data Management Community
Connect with Db2, Informix, Netezza, open source, and other data experts to gain value from your data, share insights, and solve problems.
Join / Log in
Skip main navigation (Press Enter).
Toggle navigation
Search Options
Data Management User Groups
Db2
View Only
Group Home
Discussion
3.7K
Library
413
Blogs
394
Events
2
Members
2.3K
Expand all
|
Collapse all
Db2 11.5 GA - "Special Build 39711 for 11.5.0.0", Security APARs (Release Date 2020/02/08)
1.
Db2 11.5 GA - "Special Build 39711 for 11.5.0.0", Security APARs (Release Date 2020/02/08)
0
Like
Erwin Hattingh
Posted Fri February 21, 2020 08:21 AM
Edited by System Fri January 20, 2023 04:17 PM
Reply
Options Dropdown
There is a
Special Build 39711
for DB2 11.5.0 Fix Pack 0 (
V11.5 GA
) , Release Date
2020/02/08
(it's the second SB for V11.5 GA : previous Special Build 39398 for DB2 11.5.0 Fix Pack 0 was Released 2019/11/12)
Sadly, so far, only the GA version (v.11.5.0.0) is available (through Passport Advantage) for on-premise Db2 customers.
( good news however, this new Special Build 39711 does include the Security APAR's that were in the previous Special Build 39398)
fixed Security APAR's
: IT30143, IT30432, IT30157 and IT31515, IT31637, IT31481, IT31462, IT31520
- IT30143: SECURITY: DB2 AFFECTED BY BUFFER OVERFLOW VULNERABILITIES (CVE-2019-4584)
- IT30432: SECURITY: DB2 IS VULNERABLE TO PRIVILEGE ESCALATION (CVE-2019-4587)
- IT30157: SECURITY: DB2 EXPOSES SENSITIVE INFORMATION WHEN USING ADMIN_CMDWITH LOAD OR UPDATE ALERT CFG (CVE-2019-4524)
- IT31515: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE ATTACK. (CVE-2020-4200)
- IT31637: SECURITY: DB2 IS VULNERABLE TO MULTIPLE BUFFER OVERFLOWS (CVE-2020-4204)
- IT31481: SECURITY: DB2 IS VULNERABLE TO A PRIVILEGE ESCALATION ATTACK (CVE-2020-4230)
- IT31462: SECURITY: DB2 IS VULNERABLE TO DENIAL OF SERVICE ATTACK (CVE-2020-4161)
- IT31520: SECURITY: DB2 IS VULNERABLE TO A DENIAL OF SERVICE ATTACK (CVE-2020-4135)
Can be downloaded from Fix Central , after logging on ( the Linux 64-bit,x86_64 tar file) :
http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/DB2&release=All&platform=All&function=fixId&fixids=special_39711_DB2-linuxx64-universal_fixpack-11.5.0.0-FP000%3A680752447250358528&includeSupersedes=0
Notice: Special Builds are not downloadable 'for the public', and also undergo limited IBM testing compared to regular FixPacks
So, sure hope IBM will deliver the first FixPack for v11.5 Db2 on-premise very soon ...
what I heard, that could be as late as march / april 2020 ....
------------------------------
Erwin Hattingh
Systems Engineer / Db2 DBA
Triodos Bank
------------------------------
#Db2
×
New Best Answer
This thread already has a best answer. Would you like to mark this message as the new best answer?
IBM Community Home
Browse
Discussions
Resources
Groups
Events
IBM TechXchange Conference 2023
IBM Community Webinars
All IBM Community Events
Participate
Gamification Program
Community Manager's Welcome
Post to Forum
Share a Resource
Blogging on the Community
All IBM Community Users
Resources
Community Front Porch
IBM Champions
IBM Cloud Support
IBM Documentation
IBM Support
IBM Technology Zone
IBM Training
Marketplace
Marketplace
Data Management
Topic areas
Data Management Global
Db2
Db2 for z/OS and its ecosystem
Db2 Tools for z/OS
Informix
Integrated Analytics Systems
Netezza Performance Server
Open Source Offerings
User groups
Events
Data Webinars
Upcoming Data Management Events
IBM TechXchange Webinars
All IBM TechXchange Community Events
Participate
Gamification Program
Community Manager's Welcome
Post to Forum
Share a Resource
Share Your Expertise
Blogging on the Community
Connect with Data Management Users
All IBM TechXchange Community Users
Resources
IBM TechXchange Group
Data and AI Learning
IBM Champions
IBM Cloud Support
IBM Documentation
IBM Support
IBM Support 101
IBM Technology Zone
IBM Training
TechXchange Conference
IBM TechXchange Conference 2024
Marketplace
Marketplace
Powered by Higher Logic