You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CHANGELOG.md
+6Lines changed: 6 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,13 @@
3
3
## 9.3.5.0 (2024-02)
4
4
5
5
* Updated to MQ version 9.3.5.0
6
+
7
+
### Security Fixes
6
8
* Fixed a security issue, where unencrypted credentials in mqwebuser.xml would be copied to /var/mqm. A symbolic link is now used instead.
9
+
* golang.org/x/crypto library has been upgraded to remediate CVE-2023-48795 vulnerability.
10
+
* More secure sha512 algorithm will be used instead of sha256 to create self signed Certificate in the Web keystore.
11
+
* The MQ container generates a PKCS#12 key store for use with the MQ web server.This keystore is generated using a legacy SHA-1 encryption,container code has been updated to use Pkcs12.Modern.Encode function which uses SHA-2 encryption.
12
+
* Vulnerability has been reported on PathTraversal method usages which now have been fixed.
0 commit comments