Fresh from the press: new downloads available for IBM Notes and IBM Domino to fix the Java issues disclosed in the Oracle January 2015 Critical Patch Update.
This Java vulnerabilities affect all current versions of IBM Notes and Domino and if you don’t control some of the Java behaviour on the server or client via restrictions or ECL you should get these Java patches.
Direct links to patches for 9.0.1 FP3:
Windows
JVMPatch_SR16FP3_W32_901.3_ClientServer
JVMPatch_SR16FP3_W64_901.3_Server
Linux
JVMPatch_SR16FP3_Linux64_901.3_Server
JVMPatch_SR16FP3_Linux_901.3_ClientServer
Get more information and direct download links to all the patches here.
Above fix broke my Traveler server:
08/03/2015 08:07:49 AM Notes Traveler: SEVERE *system IBM Notes Traveler server could not be started. The exc
eption was java.lang.NoClassDefFoundError: com/ibm/jsse2/aH (wrong name: com/ibm/jsse2/ah). Exception Thrown: j
va.lang.NoClassDefFoundError: com/ibm/jsse2/aH (wrong name: com/ibm/jsse2/ah)
I have heard from others that Traveler runs without issues after applying the fix. Does Traveler work again when you remove the fix?
I’d open a PMR..
Traveler works after removing the fix.
I had the same experience: I applied the patch, got the same error, removed the patch and Traveler is running again. I put in a service request with IBM, but no solution yet.
Thank you for the heads up, let’s see what IBM has to say about this
They are not patches for FP3, but patches which will upgrade you to FP3. You make it sound as if the vulns are in FP3, while they are actually FIXED in FP3.
Also: There is already an FP3IF1, which fixes some booboo’s in the JVM, which some calls LS2J were also hindered by. I find it all too plausible that IF1 might fix the Traveler issue too.
Worth a try…
I read it as a fix for these versions because the “Affected Products and Versions” is listing them:
IBM Notes and Domino 9.0.1 Fix Pack 3 (plus Interim Fixes) and earlier
IBM Notes and Domino 8.5.3 Fix Pack 6 (plus Interim Fixes) and earlier
IBM Notes and Domino 8.5.3 Fix Pack 5 (plus Interim Fixes) and earlier
All 9.0 and 8.5.x releases of IBM Notes and Domino prior to those listed above.
and also because of the description for the fix:
The fix is available for multiple platforms as a single standalone Java patch that covers Notes and Domino version 9.0.1 Fix Pack 3 (plus Interim Fixes).
No. There have been JVM patches for FP2 that are fixed in FP3 but these are _for_ FP3.
BTW: they broke my Sametime community server
Correction: they didn’t break my Sametime community server but the Domino server controller where my Sametime community server is running.
aha, I see i misread. My local test server is now also suffering from the exception: java.lang.NoClassDefFoundError: com/ibm/jsse2/aH (wrong name: com/ibm/jsse2/ah)
Anyone have a fix for this? I can’t run my Domino v9.01fp3 HF239 now at all. I am going to have to downgrade to fp2 HF391 because of this error, so I will miss out on TLS 1.2
Jim, please check Daniel Nashed’s Blog post and maybe the Wiki article as well. There have been different issues and I know several PMR’s about this topic.
Daniel also mentioned during his session at ics.ug that at a customer site he had to revert back to 9.0.1 and reinstall all the appropriate fixes to get the server running.
Daniel’s Blog
http://blog.nashcom.de/nashcomblog.nsf/dx/domino-9.0.1-fp3-if3-is-about-to-ship.htm?opendocument&comments#anc1
IBM Wiki
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/TLS_1.2