****************** IMPORTANT Notice ****************** The latest version contains the cumulative fixes for Security Vulnerability and High Impact / Pervasive (HIPER) issues, and it is highly recommended to upgrade to this version as soon as possible to protect the system and to prevent from having the undetected data loss or data corruption under special conditions. The list of issues and links to the Technical Flashes/Alerts (Newest issue at the top) ================================================================================ Vulnerability in Apache Log4j (CVE-2021-45105, CVE-2021-45046) <Category> Security Vulnerability <Affected version> IBM Spectrum Archive Enterprise Edition (EE) 1.3.2.2 and prior releases <URL> https://www.ibm.com/support/pages/node/6540478 https://www.ibm.com/support/pages/node/6537640 ================================================================================ <Title> Vulnerability in Apache Log4j (CVE-2021-44228) <Category> Security Vulnerability <Affected version> IBM Spectrum Archive Enterprise Edition (EE) 1.3.2.1 and prior releases <URL> https://www.ibm.com/support/pages/node/6527808 https://www.ibm.com/support/pages/node/6527824 ================================================================================ <Title> Asynchronous WRITE PERM error during the migration may result in undetected data loss when specific conditions are met. <Affected version> IBM Spectrum Archive Enterprise Edition (EE) 1.2.2.0 through 1.3.2.0 <Abstract> IBM has identified an issue in IBM Spectrum Archive Enterprise Edition (EE) 1.2.2.0 through 1.3.2.0, in which a WRITE PERM error is mishandled if the following two conditions are met: 1) A hardware error precedes an index (tape metadata information) write to the tape media. 2) The error is reported from a tape drive during the time when file system on tape (the LE component) is processing a sync request. In such case, files that were migrated before the index write will be incorrectly changed to the “migrated” state, even if the data blocks on the tape are invalid. These files may result in undetected data loss if the migration was not performed to multiple pools. <URL> https://www.ibm.com/support/pages/node/6525586 ================================================================================ <Title> Potential undetected data corruption or possible data loss when running multiple recalls simultaneously for the same file. <Affected version> IBM Spectrum Archive Enterprise Edition (EE) 1.3.2.0 and prior releases <Abstract> IBM has identified a potential problem in IBM Spectrum Archive Enterprise Edition (EE), in which wrong data is read when a selective recall and a transparent recall is carried out simultaneously for the same file. The contents of the affected file become zero partially or completely which result in undetected data corruption or possible data loss. <URL> https://www.ibm.com/support/pages/node/6525584 ================================================================================ <Title> WRITE PERM error may cause IBM Spectrum Archive to truncate the previously written files on tape and may result in undetected data corruption or in possible data loss <Affected version> IBM Spectrum Archive Enterprise Edition (EE) 1.2.2.0 through 1.3.1.1 <Abstract> IBM has identified an issue in IBM Spectrum Archive Enterprise Edition (EE) 1.2.2.0 through 1.3.1.1, in which a WRITE PERM error for SCSI LOCATE command is treated as if the deferred write error was reported from the tape drive. IBM Spectrum Archive EE incorrectly invalidates the user data blocks on tape from the current tape position at the WRITE PERM error to the end of tape. The affected files are truncated to the 0-byte length on tape, and this may result in undetected data corruption or in deletion of valid data blocks (data loss). <URL> https://www.ibm.com/support/pages/node/6415807 ================================================================================ <Title> Use of filenames with certain special characters can cause invalid LTFS tape <Affected version> IBM Spectrum Archive EE v1.3.0.0 <Abstract> IBM has identified a problem in the following IBM Spectrum Archive versions: IBM Spectrum Archive Single Drive Edition (SDE) v2.4.0.1 to v2.4.1.0 (either Linux or Mac) IBM Spectrum Archive Library Edition (LE) v2.4.0.1 to v2.4.1.0 (Linux only) IBM Spectrum Archive Enterprise Edition (EE) v1.3.0.0 All prior versions are NOT affected. <URL> https://www.ibm.com/support/pages/node/871824