******************
IMPORTANT Notice
******************
The latest version contains the cumulative fixes for Security Vulnerability and High
Impact / Pervasive (HIPER) issues, and it is highly recommended to upgrade to this
version as soon as possible to protect the system and to prevent from having the
undetected data loss or data corruption under special conditions.
The list of issues and links to the Technical Flashes/Alerts (Newest issue at the top)
================================================================================
Vulnerability in Apache Log4j (CVE-2021-44832)
Security Vulnerability
IBM Spectrum Archive Enterprise Edition (EE) 1.3.2.3 and prior releases
https://www.ibm.com/support/pages/node/6549768
https://www.ibm.com/support/pages/node/6540846
================================================================================
Vulnerability in Apache Log4j (CVE-2021-45105, CVE-2021-45046)
Security Vulnerability
IBM Spectrum Archive Enterprise Edition (EE) 1.3.2.2 and prior releases
https://www.ibm.com/support/pages/node/6540478
https://www.ibm.com/support/pages/node/6537640
================================================================================
Vulnerability in Apache Log4j (CVE-2021-44228)
Security Vulnerability
IBM Spectrum Archive Enterprise Edition (EE) 1.3.2.1 and prior releases
https://www.ibm.com/support/pages/node/6527808
https://www.ibm.com/support/pages/node/6527824
================================================================================
Asynchronous WRITE PERM error during the migration may result in undetected data loss
when specific conditions are met.
IBM Spectrum Archive Enterprise Edition (EE) 1.2.2.0 through 1.3.2.0
IBM has identified an issue in IBM Spectrum Archive Enterprise Edition (EE) 1.2.2.0 through 1.3.2.0,
in which a WRITE PERM error is mishandled if the following two conditions are met:
1) A hardware error precedes an index (tape metadata information) write to the tape media.
2) The error is reported from a tape drive during the time when file system on tape
(the LE component) is processing a sync request.
In such case, files that were migrated before the index write will be incorrectly changed
to the “migrated” state, even if the data blocks on the tape are invalid.
These files may result in undetected data loss if the migration was not performed to multiple pools.
https://www.ibm.com/support/pages/node/6525586
================================================================================
Potential undetected data corruption or possible data loss when running multiple recalls
simultaneously for the same file.
IBM Spectrum Archive Enterprise Edition (EE) 1.3.2.0 and prior releases
IBM has identified a potential problem in IBM Spectrum Archive Enterprise Edition (EE),
in which wrong data is read when a selective recall and a transparent recall is carried out
simultaneously for the same file.
The contents of the affected file become zero partially or completely which result in
undetected data corruption or possible data loss.
https://www.ibm.com/support/pages/node/6525584
================================================================================
WRITE PERM error may cause IBM Spectrum Archive to truncate the previously written files
on tape and may result in undetected data corruption or in possible data loss
IBM Spectrum Archive Enterprise Edition (EE) 1.2.2.0 through 1.3.1.1
IBM has identified an issue in IBM Spectrum Archive Enterprise Edition (EE) 1.2.2.0 through 1.3.1.1,
in which a WRITE PERM error for SCSI LOCATE command is treated as if the deferred write error
was reported from the tape drive.
IBM Spectrum Archive EE incorrectly invalidates the user data blocks on tape from
the current tape position at the WRITE PERM error to the end of tape.
The affected files are truncated to the 0-byte length on tape, and this may result in
undetected data corruption or in deletion of valid data blocks (data loss).
https://www.ibm.com/support/pages/node/6415807
================================================================================
Use of filenames with certain special characters can cause invalid LTFS tape
IBM Spectrum Archive EE v1.3.0.0
IBM has identified a problem in the following IBM Spectrum Archive versions:
IBM Spectrum Archive Single Drive Edition (SDE) v2.4.0.1 to v2.4.1.0 (either Linux or Mac)
IBM Spectrum Archive Library Edition (LE) v2.4.0.1 to v2.4.1.0 (Linux only)
IBM Spectrum Archive Enterprise Edition (EE) v1.3.0.0
All prior versions are NOT affected.
https://www.ibm.com/support/pages/node/871824