| I8G006 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 66696 | SAS® Workload Orchestrator crashes with a "double free or corruption (fasttop)" error message |
I8G001 |
| 69127 | Log4SAS ERROR messages might appear in the logs when you use Kerberos authentication |
I8G001 |
| 66395 | Long user passwords that contain Unicode characters might fail to authenticate with PAM authentication |
I8G001 |
| 66937 | You see a "Kerberos failure" message after you set up Integrated Windows Authentication and single sign-on for SAS® 9.4M7 (TS1M7) |
I8G001 |
| 67441 | The PWENCODE procedure does not consider a blank space at the end of a password |
I8G002 |
| 67692 | SAS® Workload Orchestrator might unexpectedly stop running when you use Kerberos authentication |
I8G003 |
| 69741 | SAS® processes that use Kerberos credentials might experience a memory leak |
I8G004 |
| 70537 | ALERT - Jobs might remain in a starting or running state indefinitely when using SAS® Grid Manager (SAS® Workload Orchestrator) |
I8G005 |
| 70658 | The error “Launch cannot locate authentication server” occurs in a SAS client application |
I8G006 |
|
| D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment. |
| I9R026 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 67284 | The SUB_CHAR= LIBNAME statement option is not honored in SAS® 9.4M7 (TS1M7) for the Hadoop and JDBC engines |
I9R014 |
| 66794 | A WHERE clause for a Teradata BIGINT column generates the message "...Precision error in FLOAT type constant or during implicit conversions..." |
I9R018 |
| 67588 | A segmentation violation occurs in SAS/ACCESS® Interface to Oracle when you use PROC SQL with the PRESERVE_COMMENTS option |
I9R026 |
NOTE: If you install this hot fix, you must also install hot fix I9R144 for Base SAS 9.4_M7.
If you install this hot fix and have SAS/ACCESS Interface to Hadoop 9.47 installed, you must also install hot fix J8A009.
If you install this hot fix and have SAS/ACCESS Interface to Teradata 9.47 installed, you must also install hot fix J8F008. |
|
|
| I9R059 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 67561 | A SAS® program takes longer than expected to complete when you use the FEDSRV engine to connect to SAS® Scalable Performance Data Server |
I9R023 |
| 67991 | Running PROC FEDSQL with the FEDSVR engine might fail with an exception error when you use SAS® Federation Server on an HP or Solaris system |
I9R038 |
| 68059 | An inaccurate error or warning occurs when you insert data into Oracle libraries with the FEDSVR LIBNAME engine in SAS® Federation Server 4.4 |
I9R045 |
| 68315 | Deleting SAS® data sets using the FEDSVR engine could cause your SAS® software to stop responding and return a segmentation violation |
I9R057 |
| 68364 | SAS® Federation Server can stop responding when you include BULKLOAD=YES and DBCOMMIT= in the FEDSVR LIBNAME statement |
I9R059 |
|
|
| I9R120 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 67902 | ALERT - Attempting to clone a Git repository using HTTPS authentication generates "Error: Return Code from GIT is (16), the SSL certificate is invalid" |
I9R035 |
| 67755 | Git conflicts are difficult to fully resolve in the SAS® Studio interface |
I9R056 |
| 68623 | Clicking Pull or Push for a Git repository with HTTPS authentication generates "ERROR: Return code from GIT is (16). TLS backend . . ." |
I9R088 |
| 69920 | Attempting to clone a Git repository fails with "ERROR: Unable to load libgit2.module" |
I9R120 |
| 69932 | Attempting to clone a Git repository with the ed25519 keygen algorithm fails with "ERROR: Failed to authenticate with the remote repo" |
I9R120 |
NOTE: If you install this hot fix, you must also install hot fix I9R087 for Base SAS 9.4_M7.
If you install this hot fix and are running on Windows for x64 or Linux for x64, you must also install hot fix I9R121 for Base SAS 9.4_M7.
If you install this hot fix and have SAS Studio 3.81 installed, you must also install hot fix J7H012. |
|
|
| I9R130 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 67003 | ODS PDF creation with the BOOKMARKGEN and COMPRESS arguments seems to stop responding and uses high CPU resources |
I9R016 |
| 66926 | You see a segmentation violation in the SAS® log after you use the Tagsets.RTF ODS destination |
I9R021 |
| 67736 | URL links are not displayed in the expected location inside PDF files that are created by an ODS PDF statement |
I9R030 |
| 68045 | The Output Delivery System RTF destination might fail with insufficient memory on repeated executions |
I9R047 |
| 68165 | Using the ODS POWERPOINT destination can result in the error "Event stack overflow. This is probably caused by mis-matched begin and end event calls" |
I9R054 |
| 66496 | Titles and footnotes do not span the full width of a page when you use the COLUMNS= option with the TAGSETS.RTF_SAMPLE tagset |
I9R063 |
| 68783 | A security vulnerability occurs with PDF and Excel ODS destinations as a result of memory leaks |
I9R072 |
| 68991 | A multi-page PDF file might contain a page with a duplicated image from a previous page |
I9R083 |
| 69167 | Base SAS® contains a zlib library that is affected by CVE-2018-25032 |
I9R096 |
| 69719 | SAS® products contain a version of zlib affected by CVE-2022-37434 |
I9R109 |
| 69671 | Linked text that you create with the URL option might appear faint or incompletely displayed in PDF output when using the ODS PDF destination |
I9R116 |
| 70039 | Generating accessible PDF output with PROC FACTOR might cause a segmentation violation error |
I9R123 |
NOTE: If you install this hot fix, you must also install hot fix I9R142 for Base SAS 9.4_M7.
If you install this hot fix and have ODS Templates 9.4_M7 installed, you must also install hot fix K2P003.
If you install this hot fix, you must also install hot fix L5N002 for Base SAS 9.4_M7.
If you install this hot fix and have SAS Threaded Kernel Extensions for FedSQL and DS2 Standalone 9.4_M7 installed, you must also install hot fix J1F006.
If you install this hot fix and have SAS Table Server Base Components 9.4_M7 installed, you must also install hot fix L5P002.
|
|
|
| I9R132 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 68349 | A procedure pushdown fails for PROC RANK and PROC Sort with SAS/ACCESS® Interface to Spark |
I9R049 |
| 69744 | PROC SORT might encounter a segmentation violation if you write to a compressed SAS/SHARE® library |
I9R112 |
| 70100 | Using the SORT procedure with the OVERWRITE option might result in an unsorted table |
I9R127 |
| 70219 | Running PROC SORT on a DB2 table with OUT= produces fewer rows than expected |
I9R132 |
| NOTE: If you install this hot fix, you must also install hot fix I9R142 for Base SAS 9.4_M7. |
|
|
| I9R136 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 66894 | PROC METALIB fails with "ERROR: Expected "'" or '"'" when table metadata is updated for DB2 |
I9R009 |
| 68360 | The METALIB procedure returns the error "the URL= LIBNAME option must be included on the LIBNAME statement when connecting to Hive" |
I9R060 |
| 69087 | Registering a table to the metadata might fail with the message, "ERROR: JDBC driver 'driver-name' returns NULL for Connection#getSchema()..." |
I9R091 |
| 69397 | The view attribute in SAS® Data Integration Studio is ignored when you use the "Update Metadata" option or register a view in a database |
I9R100 |
NOTE: If you install this hot fix, you must also install hot fix I9R142 for Base SAS 9.4_M7.
If you install this hot fix and have ODS Templates 9.4_M7 installed, you must also install hot fix K2P003.
If you install this hot fix, you must also install hot fix L5N002 for Base SAS 9.4_M7.
If you install this hot fix and have SAS Threaded Kernel Extensions for FedSQL and DS2 Standalone 9.4_M7 installed, you must also install hot fix J1F006.
If you install this hot fix and have SAS Table Server Base Components 9.4_M7 installed, you must also install hot fix L5P002.
|
|
|
| I9R139 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 66750 | The LINES or LINESTABLE option in the LSMEANS or SLICE statement in the PLM procedure might generate an error or reuse letters |
I9R006 |
| 70340 | The creation of very large log files in SAS® Studio could cause excessive and retained heap usage on SASServer2_1 |
I9R139 |
NOTE: If you install this hot fix and need the fix documented in SAS Note 70340,
you must also install hot fixes I9R149 (on UNIX and Windows), I9R150 (on MVS), I9R142 for Base SAS 9.4_M7. |
|
|
| I9R142 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 66832 | The %fcm_controller macro might fail in SAS® Financial Crimes Monitor 6.3 with a Segmentation Violation |
I9R003 |
| 67056 | The message "Cannot hydrate...System.OutOfMemoryException..." occurs when you open a LASR table in SAS® Enterprise Guide® |
I9R003 |
| 67060 | A SAS/SHARE® server unexpectedly terminates while accessing a metadata-bound library |
I9R010 |
| 67429 | Reading data input using the SYSIN card might cause a job to loop |
I9R019 |
| 67614 | Attempting to use an invalid user-defined format definition causes a SAS® program to error and close |
I9R025 |
| 67615 | A TEMPLATE procedure style template with long style names might generate a segmentation violation |
I9R025 |
| 67647 | Using PROC FORMAT with a large data set in a Linux operating environment causes an exception and a segmentation violation |
I9R027 |
| 65983 | The LUA procedure contains an authorization-bypass vulnerability |
I9R032 |
| 67894 | A SAS/SHARE® server might terminate while attempting to access a nonexistent data set in a metadata-bound library |
I9R036 |
| 67972 | An %IF statement in open code can insert additional semicolons in the code after the code is resolved |
I9R039 |
| 68163 | The TERMSTMT= system option is listed twice in the SAS® log after you submit an ENDSAS statement |
I9R048 |
| 68170 | An emoji that is part of a character value is not read into a SAS® application correctly |
I9R048 |
| 68165 | Using the ODS POWERPOINT destination can result in the error "Event stack overflow. This is probably caused by mis-matched begin and end event calls" |
I9R055 |
| 68238 | PROC DOCUMENT cannot replay saved documents from earlier SAS® 9.4 maintenance releases, and a warning states "Could not restore entry..." |
I9R061 |
| 68588 | PROC PRINT contains a stack corruption vulnerability |
I9R066 |
| 66835 | The IMPORT procedure generates extra lines that begin with "dqstring=" and "fmt=" in the SAS® log beginning in SAS® 9.4M7 (TS1M7) |
I9R073 |
| 68712 | A stack-trace vulnerability occurs with the IMPORT procedure while importing a CSV file |
I9R073 |
| 68829 | The FREQ procedure with an ODS CrossTabFreqs template contains a stack-corruption vulnerability and generates a Segmentation Violation error |
I9R075 |
| 68996 | The CVP engine fails on a z/OS system when you use a remote submit block of code in SAS® 9.4M3 (TS1M3) and later |
I9R084 |
| 69013 | An infinite loop within a macro might cause a segmentation violation |
I9R085 |
| 69124 | SAS® 9.4 and SAS® Viya® 3.5 experience a stack corruption vulnerability |
I9R085 |
| 69210 * | Deleting a password-protected data set via SAS® Remote Library Services in a concatenated library might not honor password protection |
I9R094 |
| 69511 | A corrupt user macro store can cause a segmentation violation in Base SAS® |
I9R101 |
| 69744 | PROC SORT might encounter a segmentation violation if you write to a compressed SAS/SHARE® library |
I9R111 |
| 69952 | Using the * comment operator mid-line within a format definition in PROC FORMAT might cause subsequent procedures steps to abend |
I9R122 |
| 70431 | The UNIVARIATE procedure might generate a Segmentation Violation Error in SAS |
I9R137 |
| 70340 | The creation of very large log files in SAS® Studio could cause excessive and retained heap usage on SASServer2_1 |
I9R142 |
| * Indicates that the fix for the issue described in this SAS Note does not apply to all Operating Systems. |
NOTE: If you install this hot fix, you must also install hot fix I8E002 for SAS Threaded Kernel Core Routines 9.4_M7 and hot fixes I9R033, I9R130 and I9R132 for Base SAS 9.4_M7.
If you install this hot fix and need the fix documented in SAS Note 70340,
you must also install hot fixes I9R139 for Base SAS 9.4_M7, I9R149 (on UNIX and Windows), I9R150 (on MVS).
If you install this hot fix to address the issue described in SAS Note 69013, you must also apply I9R086. |
|
|
| I9R144 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 66896 | Inconsistent results are generated with the PROC SQL Median summary function |
I9R002 |
| 67029 | SAS® Data Integration Studio 4.905 displays the wrong row count for a table when multiple work tables are used in a job |
I9R002 |
| 67298 | A read-access or segmentation violation occurs when you access a DBMS with a DATEPART function in a WHERE clause |
I9R015 |
| 67011 | A query that is passed to the database might include an incorrect variable name in the GROUP BY clause |
I9R020 |
| 67563 | A column name might be listed twice in a query that is passed to the database management system (DBMS) and "column ambiguously defined" occurs |
I9R020 |
| 67697 | A segmentation violation might occur when the SQL query contains a HAVING clause with a function |
I9R028 |
| 68150 | The message "...column-name is not valid in the context where it is used" occurs with a PROC SQL view that contains a GROUP BY clause |
I9R051 |
| 68230 | An SQL self join produces an incorrectly textualized query |
I9R051 |
| 68860 | A segmentation violation occurs when you use a SELECT DISTINCT query that refers to an SQL view |
I9R078 |
| 68901 | Incorrect query results might occur with SAS/ACCESS® Interface to DB2 when you specify the LIBNAME option READ_LOCK_TYPE=ROW |
I9R078 |
| 69110 | Formats are not applied correctly in SAS® Studio 3.x |
I9R095 |
| 69802 | Trying to use a WHERE clause with an SQL view might result in the error "ERROR: sqlplan internal error" |
I9R114 |
| 70279 | The SUBSTRN and KSUBSTRN functions used in PROC SQL with a numeric first argument return an incorrect result |
I9R133 |
| 70497 | A PROC SQL GROUP BY clause might return incorrect results and "The query requires remerging summary statistics back with the original data" |
I9R144 |
NOTE: If you install this hot fix, you must also install hot fix I9R026 for Base SAS 9.4_M7.
If you install this hot fix and have SAS/ACCESS Interface to Teradata 9.47 installed, you must also install hot fix J8F008. |
|
|
| I9R152 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 67770 | Creating a DATA step view that references an external file might result in a "Freeing Memory Not Allocated…" error |
I9R029 |
| 68944 | SAS® software fails to start with "ERROR: Unable to initialize the SAS kernel" if an autoexec.sas file resides in a directory with a space in its name |
I9R080 |
| 69523 | Trying to use the AUTHLIB procedure remove statement returns an error when the metadata bound library has a view from a different operating system |
I9R103 |
| 69554 | The Select Portfolio Data window is unresponsive and returns "An HTTP error occurred (504 - error)" in SAS® Model Implementation Platform |
I9R105 |
| 69871 | MXG code cannot read TYPE 70/72 records that are longer than 32K record due to a change that IBM made |
I9R119 |
| 70340 | The creation of very large log files in SAS® Studio could cause excessive and retained heap usage on SASServer2_1 |
I9R140 |
| 70709 | A memory corruption vulnerability exists in Base SAS® and SAS/STAT® |
I9R149 |
| 71105 | Tracebacks in the SAS log are displayed in plain text when runtime exceptions occur |
I9R152 |
NOTE: All Operating Systems: To ensure that you apply all the relevant hot fixes for this product and release, search for 70709. Then, download and apply the hot fixes listed on the page for SAS Note 70709.
To ensure that your system is completely up to date with all fixes, consider using the SAS Hot Fix Analysis, Download and Deployment Tool (SASHFADD).
If you install this hot fix to address the issue described in SAS Note 71105, you must also install hot fix L7E002 for SAS Threaded Kernel Core Routines 9.4_M7. |
|
|
| I9R153 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 66883 | Jobs that require memory fail with the message "FATAL: Insufficient memory to execute DATA step program. Aborted during the COMPILATION phase..." |
I9R007 |
| 60730 | Initialization of SAS® results in system abend 0C4 when there are no General Processors configured within the first 16 Central Processors |
I9R008 |
| 67244 | A DATA step that reads a PDS directory in an INFILE statement changes the BLKSIZE value to 256 |
I9R012 |
| 67247 | The CONTENTS procedure shows incorrect values for Created and Last Modified times in SAS® 9.4M7 (TS1M7) |
I9R012 |
| 67569 | A SAS/SHARE® server with COMAMID=XMS or COMAUX1=XMS becomes temporarily unresponsive and connected users (TSO sessions) consume excessive CPU resource |
I9R024 |
| 68944 | SAS® software fails to start with "ERROR: Unable to initialize the SAS kernel" if an autoexec.sas file resides in a directory with a space in its name |
I9R081 |
| 69523 | Trying to use the AUTHLIB procedure remove statement returns an error when the metadata bound library has a view from a different operating system |
I9R102 |
| 69554 | The Select Portfolio Data window is unresponsive and returns "An HTTP error occurred (504 - error)" in SAS® Model Implementation Platform |
I9R104 |
| 69871 | MXG code cannot read TYPE 70/72 records that are longer than 32K record due to a change that IBM made |
I9R118 |
| 70340 | The creation of very large log files in SAS® Studio could cause excessive and retained heap usage on SASServer2_1 |
I9R141 |
| 70771 | SAS/ACCESS ® Interface to DB2 threads are left active when used from the SAS/CONNECT® server and the SAS/CONNECT server abruptly terminates |
I9R146 |
| 70709 | A memory corruption vulnerability exists in Base SAS® and SAS/STAT® |
I9R150 |
| 71105 | Tracebacks in the SAS log are displayed in plain text when runtime exceptions occur |
I9R153 |
NOTE: All Operating Systems: To ensure that you apply all the relevant hot fixes for this product and release, search for 70709. Then, download and apply the hot fixes listed on the page for SAS Note 70709.
To ensure that your system is completely up to date with all fixes, consider using the SAS Hot Fix Analysis, Download and Deployment Tool (SASHFADD).
If you install this hot fix to address the issue described in SAS Note 71105, you must also install hot fix L7E002 for SAS Threaded Kernel Core Routines 9.4_M7. |
|
|
| I9S005 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 66807 | FCMP procedure code with certain function calls might cause memory errors with the DS2 procedure |
I9S001 |
| 70466 | SAS® Model Implementation Platform returns an error when loading a large number of models |
I9S003 |
| 70505 | PROC FCMP package names might not find the function and return "WARNING: Cannot find function 'function_name' in any of the libraries specified" |
I9S004 |
| 70709 | A memory corruption vulnerability exists in Base SAS® and SAS/STAT® |
I9S005 |
NOTE: All Operating Systems: To ensure that you apply all the relevant hot fixes for this product and release, search for 70709. Then, download and apply the hot fixes listed on the page for SAS Note 70709.
To ensure that your system is completely up to date with all fixes, consider using the SAS Hot Fix Analysis, Download and Deployment Tool (SASHFADD). |
|
| D indicates that the Documentation has special pre-installation, post-installation or other unique instructions not commonly used for hot fix deployment. |
| J7L004 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 64690 | The message "The SAS System stopped processing this step because of errors" occurs when you use IAM role security credentials with PROC S3 |
J7L001 |
| 69866 | The S3 Procedure returns an InvalidClientTokenId error when executed in an AWS EC2 instance |
J7L002 |
| 69457 | A "Parse failed" error appears when you use PROC S3 and CAS actions to access S3 sources using either custom regions or predefined regions |
J7L003 |
| 70804 | The message "SSL Error: Invalid subject name in partner's certificate..." can occur when accessing Amazon Web Services (AWS) S3 |
J7L004 |
|
|
| K1P012 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 66487 | Authentication to the CAS server fails with the error "Access denied..." when initiated on a SAS/CONNECT® server in a Microsoft Windows environment |
K1P001 |
| 67252 | A SAS/CONNECT® spawner using the NETENCRYPTALGORITHM=SSL option fails with "Resource temporarily unavailable..." after exhausting pthreads |
K1P001 |
| 67416 | SAS® 9.4M7 fails to load FIPS 140-2 capable OpenSSL libraries when the ENCRYPTFIPS system option is enabled |
K1P001 |
| 68169 | "Cannot start remote process" occurs when SAS/CONNECT® 9 clients attempt to sign on to the SAS/CONNECT® spawner on SAS® Viya® 2020 and later |
K1P002 |
| 68611 | A SAS/CONNECT® client signon on SAS® 9.x or SAS® Viya® 3.x to a SAS/CONNECT spawner for SAS® Viya® 2020 and later fails with an error |
K1P003 |
| 68741 | A SAS/CONNECT® spawner connection to SAS® Viya® with a SCIM configuration results in a failure |
K1P004 |
| 68486 | A SAS/CONNECT® spawner in the SAS 9.4M6 and SAS 9.4M7 releases executed on z/OS fails with a S0C4-10 abend |
K1P005 |
| 68838 | ALERT - The SAS® Foundation products are affected by multiple vulnerabilities |
K1P006 |
| 69105 | Support for Kerberos SIGNON from SAS/CONNECT® UNIX client and support for forced Kerberos SIGNON when SAS option SASCMD is set |
K1P007 |
| 69245 | The SAS® Foundation products are affected by multiple vulnerabilities in OpenSSL |
K1P008 |
| 69904 | The SAS® Foundation products are affected by multiple vulnerabilities in OpenSSL |
K1P009 |
| 70313 | The SAS® Foundation products are affected by multiple vulnerabilities in OpenSSL |
K1P010 |
| 70726 | The SAS/CONNECT® spawner randomly abends S0C4 on z/OS at the maintenance level on SAS® 9.4M7 (TS1M7) |
K1P011 |
| 70783 | SAS® Infrastructure for Risk Management job flows might fail due to an encryption failure |
K1P012 |
NOTE: If you install this hot fix to address the issue described in SAS Note 68838, SAS Note 69245 or SAS Note 67252 for z/OS, you must also apply K1M007 for SAS/Secure SSL 9.41_M4.
NOTE: If you install this hot fix to address the issue described in SAS Note 68741, you must also apply J7I006 for SAS/CONNECT 9.4_M7. |
|
|
| K1P013 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 66487 | Authentication to the CAS server fails with the error "Access denied..." when initiated on a SAS/CONNECT® server in a Microsoft Windows environment |
K1P001 |
| 67252 | A SAS/CONNECT® spawner using the NETENCRYPTALGORITHM=SSL option fails with "Resource temporarily unavailable..." after exhausting pthreads |
K1P001 |
| 67416 | SAS® 9.4M7 fails to load FIPS 140-2 capable OpenSSL libraries when the ENCRYPTFIPS system option is enabled |
K1P001 |
| 68169 | "Cannot start remote process" occurs when SAS/CONNECT® 9 clients attempt to sign on to the SAS/CONNECT® spawner on SAS® Viya® 2020 and later |
K1P002 |
| 68611 | A SAS/CONNECT® client signon on SAS® 9.x or SAS® Viya® 3.x to a SAS/CONNECT spawner for SAS® Viya® 2020 and later fails with an error |
K1P003 |
| 68741 | A SAS/CONNECT® spawner connection to SAS® Viya® with a SCIM configuration results in a failure |
K1P004 |
| 68486 | A SAS/CONNECT® spawner in the SAS 9.4M6 and SAS 9.4M7 releases executed on z/OS fails with a S0C4-10 abend |
K1P005 |
| 68838 | ALERT - The SAS® Foundation products are affected by multiple vulnerabilities |
K1P006 |
| 69105 | Support for Kerberos SIGNON from SAS/CONNECT® UNIX client and support for forced Kerberos SIGNON when SAS option SASCMD is set |
K1P007 |
| 69245 | The SAS® Foundation products are affected by multiple vulnerabilities in OpenSSL |
K1P008 |
| 69904 | The SAS® Foundation products are affected by multiple vulnerabilities in OpenSSL |
K1P009 |
| 70313 | The SAS® Foundation products are affected by multiple vulnerabilities in OpenSSL |
K1P010 |
| 70726 | The SAS/CONNECT® spawner randomly abends S0C4 on z/OS at the maintenance level on SAS® 9.4M7 (TS1M7) |
K1P011 |
| 70783 | SAS® Infrastructure for Risk Management job flows might fail due to an encryption failure |
K1P012 |
| 71071 * | Memory consumption might increase over time when configuring IOM servers with TLS communication |
K1P013 |
| * Indicates that the fix for the issue described in this SAS Note does not apply to all Operating Systems. |
NOTE: If you install this hot fix to address the issue described in SAS Note 68838, SAS Note 69245 or SAS Note 67252 for z/OS, you must also apply K1M007 for SAS/Secure SSL 9.41_M4.
NOTE: If you install this hot fix to address the issue described in SAS Note 68741, you must also apply J7I006 for SAS/CONNECT 9.4_M7. |
|
|
| L1K004 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 68804 | SAS/SECURE® contains an RSA Crypto-J library with known vulnerabilities |
L1K001 |
| 69426 | You must upgrade Crypto-C ME to 4.1.5 or later when you use SAS/SECURE® with SAS® 9.4M7 (TS1M7) |
L1K002 |
| 69690 | Connections to the SAS/CONNECT® spawner on SAS® 9.4M7 under z/OS fail when you use AES network encryption or AES encrypted credentials |
L1K002 |
| 69720 | SAS/SECURE® contains unsigned DLL libraries |
L1K002 |
| 70905 | Support for the 2048 and 4096 key lengths with AES encryption on z/OS |
L1K003 |
| 69209 | Added support for the ICSFST2 internal call for AES encryption under z/OS |
L1K004 |
| NOTE: If you install this hot fix, you must also install hot fix K9Z001 to fully implement the fix for the issue described in SAS Note 68804. |
|
|
| L5N002 |
| Base SAS 9.4_M7 |
| Issue(s) Addressed: | Introduced: |
| 69167 | Base SAS® contains a zlib library that is affected by CVE-2018-25032 |
L5N001 |
| 69719 | SAS® products contain a version of zlib affected by CVE-2022-37434 |
L5N002 |
NOTE: If you install this hot fix, you must also install hot fix I9R130 for Base SAS 9.4_M7.
If you install this hot fix and have SAS Threaded Kernel Extensions for FedSQL and DS2 Standalone 9.4_M7 installed, you must also install hot fix J1F006.
If you install this hot fix and have SAS Table Server Base Components 9.4_M7 installed, you must also install hot fix L5P002.
|
|
|
General Information about Hot Fixes