MQ V8.0.0.3 is available – What does that mean for you?

On Thursday 18th June, IBM released V8.0.0 Fix Pack 3 for the MQ product.

You can obtain this Fix Pack from IBM Fix Central from the above link.

What does this Fix Pack mean to you?

Defect Fixes

First and foremost, this is a Fix Pack and contains fixes to various defects. The list of defects that have been fixed can be found here. Note that MQ Fix Packs are cumulative service, meaning that all the fixes from previous Fix Packs are included, so you’ll get all the fixes from Fix Pack 2, for example, even if you didn’t have that Fix Pack installed before.

Security Fixes

The table of fixes in the above link indicates, in the first two columns, whether the fix is a security APAR or a HIPER APAR. Fix Pack 3 contains 2 security APARs and 1 HIPER APAR.

The security and HIPER APARs from Fix Pack 3
APAR Description
  IT07224 CVE-2015-1957
  IT08199 CVE-2015-1967
  IV70337 Memory errors with cluster queue managers when putting applications are using queues with the DEFBIND(GROUP) attribute

T.Rob reminds us that where security fixes are concerned, to stay compliant, you have a limited amount of time to get this Fix Pack applied. The time span will vary depending on what your shop has dictated, or your business partners have dictated or whether you are trying to stay compliant with a particular system, for example PCI-DSS.

Here are some good articles on the subject:-

New Function

This Fix Pack also releases some new functions.

PAM Authentication

The first delivers RFE 61007 which requested that the Connection Authentication feature introduced in IBM MQ V8 should make use of Pluggable Authentication Module (PAM).

Mark Taylor introduces us to this new function in FixPac 3.

To use this new function you need to run a special variant of the strmqm command to set the new command level, as described in an earlier blog post about the 801 Queue Manager.

Due to the introduction of this new function, which contains a new object attribute, there is a new Command Level 802, so the post I originally wrote for the new Command Level 801 has been updated to include the small number of changes for 802 as well.

Extended “Queue Manager Active” Events

The second is some new information in the Queue Manager Active Event which helps when running a multi-instance queue manager by adding both the hostname that the queue manager is running on and indicating whether standby is permitted or not.

Mark Taylor has another video for us on this new function.

You can see the details of this extra data in the event reference section of Knowledge Center.

More Deprecated CipherSpecs

Does this count as new function or not? Well, one thing that is new is the way you re-enable these deprecated CipherSpecs if you’re unlucky enough to still have requirements to use these weaker algorithms. Read all about it in another blog post, “Deprecated CipherSpecs”.

Giving channel exits access to details of Remote connection

There are two fields that tell you a lot of information about the remote connection, and those are Remote Product (RPRODUCT) and Remote Version (RVERSION). You can read more about these fields in IBM MQ Little Gem #2: RPRODUCT and RVERSION. These fields were previously only available on the DISPLAY CHSTATUS command. In this Fix Pack they are extended to be available to channel exits by being provided in the channel exits parameter structure (MQCXP). This change delivers RFE 60616 which notes that it will be delivered on z/OS at some future point. Here is a snippet of the end of the structure definition from Fix Pack 3 so that you can see the fields. You can read more details in Knowledge Center: MQCXP fields RemoteProduct and RemoteVersion.

typedef struct tagMQCXP MQCXP;

struct tagMQCXP {
  MQCHAR4   RemoteProduct;            /* The identifier for the */
                                      /* remote product */
  MQCHAR8   RemoteVersion;            /* The version of the remote */
                                      /* product */
  /* Ver:9 */

Next MQLight Beta Phase

The next phase of the MQLight Beta relies upon Fix Pack Among other things it adds CHLAUTH rules and SSL/TLS support to the AMQP channels. You can read more about the changes in this blog post by Matthew Whitehead.

IBM Certified Specialist

Morag Hughson is a Certified IBM MQ Specialist
IBM Certified System Administrator – MQ V8.0
Find her on: LinkedIn:   Twitter:   SlideShare:

This entry was posted in IBM MQ and tagged , , , by Morag. Bookmark the permalink.

About Morag

I'm an IBM MQ expert and family history nut. By day I write MQ Technical Education Courses, and in the evening I delve into my family history. I’m from Shetland, in fact from Unst, Britain’s most northerly island, and I am trying to put together a complete Unst family tree.

The team at MQGem would love to hear what you think. Leave your comments here.

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.