******************************************************************************* IBM CICS Transaction Gateway 9.3.0 for Linux on IBM Z container image README ******************************************************************************* This readme file contains important information about the IBM CICS Transaction Gateway for Linux on Intel (CICS TG) container image that might not be available in the IBM Documentation. The product documentation is provided in the IBM Documentation at: https://www.ibm.com/docs/en/cics-tg-multi In the IBM Documentation "Table of Contents" select: CICS Transaction Gateway for Multiplatforms 9.3.0 This readme file is available in plain text . Summary of topics ================= - Deploying the IBM CICS® Transaction Gateway container. - Verifying the security Signature. - Service and updates - APARs included in V9.3 - Future service and updates - Linux copyright statements and licensing notes - Notices and Information Deploying the IBM CICS® Transaction Gateway container ======================================================= The IBM® CICS TG container for Linux on Intel available in ibm-cicstg-container-linux-s390x.tar.gz format is loaded through docker load command. docker load -i ibm-cicstg-container-linux-s390x.tar.gz Upon successful completion of docker load, the image can be viewed using docker images command. docker images For more details for deploying the CICS TG container , see https://www.ibm.com/docs/en/cics-tg-multi/9.3?topic=container-getting-cics-tg-image Verifying the security Signature ================================ Complete the following the steps in the same order to verify the digital signature. To complete the following steps, you must have RHEL8.4 or higher installed. 1. Create a temporary directory 'verify-ibm-cics-tg'. For using any other temporary directory, replace them in place of 'verify-ibm-cics-tg' in all the commands. mkdir -p verify-ibm-cics-tg 2. Extract files required for verification from the installable image. tar xzf ibm-cicstg-container-linux-s390x.tar.gz -C verify-ibm-cics-tg\ manifest.json gpgkeyfingerprint public.asc signature 3. Import the gpg key to your system. This is a one-time activity. Since all the images of the CICS tg Standard installable package are signed with the same gpg key and fingerprint. sudo gpg2 --import verify-ibm-cics-tg/public.asc 4. You can verify the gpg key by using the following command: sudo gpg2 -v --list-packets verify-ibm-cics-tg/public.asc 5. Extract the gpg key fingerprint. cat verify-ibm-cics-tg/gpgkeyfingerprint Please note that the extracted key will be displayed on the console. Save this for verifying the signature of other files in the CICS TG Standard installable package. 6. Verify the signature for the image. skopeo standalone-verify verify-ibm-cics-tg/manifest.json ibm-cicstg-container-linux-s390x \ verify-ibm-cics-tg/signature Service and updates =================== Below is a list of APARs included in this version of the CICS Transaction Gateway for Multiplatforms. APARs included in V9.3 ---------------------- PI83252 Password is not available in clear text to security exit functions PI52933 CICS TG .NET API DEADLOCKS WHEN SENDING HANDSHAKE REQUEST TO GATEWAY DAEMON PI68883 When the adminport parameter is not specified in the CICS TG initialization file the Gateway daemon will not start PI71876 Provide a local CICS JEE Inbound Resource Adapter for use with TXSeries applications PI68597 Signal 11 in the Client daemon received after a SNA communications failure PI68596 Message CCL2162W "The Client daemon process has become unresponsive" is written to the Client daemon error log PI48306 Message CCL9126E is written to the Client daemon error log PI73008 IPIC connections are unresponsive after a CICS server restart PI81372 Client daemon process may run out of sockets when the server isn't reachable for a long time PI85148 The Gateway daemon continues in an inconsistent state after an OutOfMemoryError is thrown PI89305 APPLID fails to reset after a connection failure with IPIC PI86409 WLM exits with error CCL7654E. PI96720 ECI_COMMIT/ECI_ROLLBACK FAILS FOR EXTENDED LUW WORK RESULTING IN UNRESOLVED TRANSACTION IN CICS REGION. PI98597 Default value of pingfrequency and idletimeout parameter in protocol handlers are incorrect PI96951 SSL SOCKET TIMEOUT VALUE ALWAYS DEFAULTED TO 2000MS DURING HANDSHAKE PH08915 XASUPPORT=NONE FOR FLOWTYPE "ECISYNCONRETURN" PH10851 CTG Trace file shouldn't be created by default PH10921 CTG Trace feature should support multiple processes PH11763 TMSUCCESS might fail after TMSUSPEND in XA resolution flow PH15037 UPGRADE CICS TG LIBERTY LEVEL FROM 8.5.5.8 TO 19.0.0.7 PH16663 Transaction tracking with trackingToken Support PH10005 APPLID AND NETID RESET TO BLANK ON A CICS TS RESTART WITH RETRY INTERVAL SET PH34255 Upgrade ICU4J level to 68.2 level PH34621 CICS TG work load manager disabled with error CCL7654E PH26389 No information when using default codepage in case of unsupported code page setting PH42483 Removal of redundant SSL renegotiation call PH49411 UPGRADE CICS TG LIBERTY LEVEL TO 20.0.0.8 PH50737 Fix for WhiteSource reported vulnerabilities for CICS TG PH47786 cicsftrace not working when the memory mapped tracing is turned on in aix 64 bit PH51694 PSIRT Liberty Upgrade to 22.0.0.10 PH52666 TS011625535 Handling Exception when Session Pool Size goes beyond 2 PH52872 Fix for WhiteSource reported vulnerabilities for CICS TG - jettison jar update (jettison-1.5.3.jar) PH53573 Java heap OutOfMemory reported with large number of connects and disconnects to the CICS TG inbound resource adapter PH54133 Fix for WhiteSource reported vulnerabilities for CICS TG - jettison jar update (jettison-1.5.4.jar) PH54134 PSIRT Liberty upgrade to 23.0.0.4 PH35826 CICS TG Windows Workload Manager (WLM) is not routing the transaction to the available server during server shutdown PH54666 Fix for ctgsymlinks option for converting 64-bit CICS TG client daemon to a 32-bit CICS TG client daemon PH55503 CICS TG Inbound Adapter supports channels and containers for inbound communications from TXSeries PH57424 Fix for Mend Scan reported vulnerabilities for CICS TG - jackson jars update PH59608 Fix for TwistLock Scan reported vulnerabilities and IBM WebSphere Application Server Liberty vulnerability affecting CICS TG Future service and updates -------------------------- Future service and updates to CICS TG will be made available on Fix Central at http://www.ibm.com/support/fixcentral/ Linux copyright statements and licensing notes ============================================== This product uses the following libraries from the glibc package: * ld.so * libc.so * libm.so * libdl.so * libnsl.so * librt.so * libpthread.so Refer to the glibc package on your machine for the various copyright statements and licensing terms for these libraries. This product also uses libncurses.so from the ncurses package. Again, refer to this package on your machine for the copyright statement and licensing terms applicable to this library. Updated Notices and Information =============================== https://www.ibm.com/support/pages/node/6618699 IMPORTANT NOTE: Your use of the libgcc or libstdc++ packages will be subject to the GNU GPL license terms which could require you to provide source code in certain circumstances. In this connection, bear in mind that IBM will not supply source code, for example for the CICS TG C++ libraries. ******************************************************************************* (C) Copyright IBM Corporation 2022. All rights reserved. For legal information, see http://www.ibm.com/legal/copytrade.shtml *******************************************************************************