Statistics ver 28 ja vanhempien versioiden aktivointi
IBM SPSS Statistics lisenssipalvelin on päivitetty vastaamaan vain HTTPS-pyyntöihin. Vanhemmat versiot IBM SPSS Statistics -lisenssiohjelman ohjattavasta toiminnosta ja muista lisensointikomponenteista (Statistics 27.0 - 28.0.1.1) käyttivät HTTP-protokollaa lisenssien rekisteröintiin. Tämä ei enää toimi.
Statistics versiot ja 27 ja 28 saat kuitenkin aktivoitua päivitettyäsi ensin alla olevan tiedoston sille Statistics versiolle joka sinulla on asennettuna.
Alla oleva korjaus päivittää License Authorization Wizardin HTTPS- versioksi.
27.0.1.0-IM-S27STATC-ALL-IF032.zip
28.0.1.1-IM-S28STATC-ALL-IF014.zip
Tämä ongelma on korjattu myöhemmissä versioissa
(IBM SPSS Statistics 29.0.2.0, 30.0 ja 31.0).
Asennusohjeet Statistics versio 28
more
1. Kyseessä olevat tuotteet: Statistics Desktop 28.0.1.1
Kyseessä olevat alustat: Linux 64-bittinen, MacOS, pLinux, Win64, zLinux
2. Kyseessä olevat tiedostot:
Kaikki tiedostot kansiossa ”[INSTALLDIR]/JRE”
Liitteenä oleva väliaikainen korjauszip-tiedosto sisältää seuraavat tiedostot:
Linux64 JRE versio 1.8.0_452
MacOS JRE versio 8.0.8.45
pLinux64 JRE versio 1.8.0_452
Win64 JRE versio 1.8.0_452
zLinux64 JRE versio 1.8.0_452
Readme_28.0.1.1-12.txt (tämä tiedosto)
3. Kuinka korjaus asennetaan:
1) Sulje Statistics Desktop-sovellus.
2) Pura JRE-korjaus väliaikaiseen kansioon.
3) Siirrä kansio ”[INSTALLDIR]/JRE” väliaikaiseen varmuuskopiokansioon [INSTALLDIR]-kansion ulkopuolelle.
4) Linux64-, pLinux64- ja zLinux64-käyttöjärjestelmissä siirrä purettu JRE-kansio kansioon /opt/IBM/SPSS/StatisticsServer28/.
5) Windowsissa siirrä purettu JRE-kansio kansioon C:\Program Files\IBM\SPSS Statistics.
6) MacOS-käyttöjärjestelmässä siirrä purettu JRE-kansio kansioon /Applications/IBM SPSS Statistics/SPSS Statistics.app/Contents.
7) Linux-, pLinux-, zLinux- ja MacOS-käyttöjärjestelmissä varmista, että kaikilla ”[INSTALLDIR]/JRE”-kansion tiedostoilla on oikeat käyttöoikeudet (esim. chmod 755).
(Huomaa: Jos [INSTALLDIR]-polku poikkeaa annetusta oletusasennustiedostopolusta, käytä omaa paikallista asennushakemistoasi annetun oletuspolun sijaan).
4. IBM SPSS Statistics 28 on nyt käyttövalmis.
Asennusohjeet Statistics versio 27
more
1. Tuotteet, joita vika koskee: SPSS Statistics 27.0.1.0
Alustat, joita vika koskee: Win64 ja MAC
2. Vian tunnusnumero(t):
[9017] ITSS | Päivitä LAW-koodi rajoittamaan HTTP:tä vanhemmille Stats 27-29 -versioille
3. Vaikuttavat tiedostot:
Liitteenä oleva väliaikainen korjauszip-tiedosto sisältää seuraavat tiedostot:
Abstract.txt
Readme_27.0.1.0-32.txt (tämä tiedosto)
├── Client
│ ├── Mac
| | |-- licenseactivator.jar
│ └── Windows
| |-- licenseactivator.jar
4. Tämä väliaikainen korjaus voidaan soveltaa SPSS Statistics 27.0.1.0:aan (Client [Folder])
5. Kuinka soveltaa korjauspäivitystä:
Asennuksestasi riippuen seuraavat toimet saattavat edellyttää käyttäjää, jolla on koneen järjestelmänvalvojan oikeudet.
SPSS Statistics 27.0.1.0 [Client]
Windows:
(1) Sulje kaikki Statistics 27.0.1.0 -sovelluksen instanssit.
(2) Pura zip-tiedosto, joka sisältää tämän väliaikaisen korjauksen, mihin tahansa hakemistoon.
(3) Avaa purettu zip-hakemisto ja avaa alihakemisto ”Client/Windows”.
(4) Etsi tiedosto licenseactivator.jar. Oletusarvoisesti se sijaitsee alihakemistossa (C:\Program Files\IBM\SPSS Statistics\) ja tee varmuuskopio nimittämällä tiedostot uudelleen nimellä licenseactivator.jar.bak.
(5) Kopioi väliaikainen korjaus tiedosto licenseactivator.jar alikansioon (asennus).
Mac:
(1) Sulje kaikki Statistics 27.0.1.0 -sovelluksen instanssit.
(2) Pura tämän väliaikaisen korjauksen sisältävä zip-tiedosto mihin tahansa hakemistoon.
(3) Avaa purettu zip-hakemisto ja avaa alikansio ”Client/Mac”.
(4) Etsi tiedosto licenseactivator.jar. Oletusarvoisesti se sijaitsee kansiossa /Applications/IBM SPSS Statistics/IBM SPSS Statistics.app/Contents/bin/ ja tee varmuuskopio nimittämällä tiedostot uudelleen nimellä licenseactivator.jar.bak.
(5) Kopioi väliaikainen korjaustiedosto licenseactivator.jar kansioon /Applications/IBM SPSS Statistics/SPSS Statistics.app/Contents/bin/.
Activating Statistics ver 28 and older
Statistics activations do not work in old versions of License Wizard
The IBM SPSS Statistics Traditional On-Prem license server has been updated to answer only to HTTPS requests.
Older versions of IBM SPSS Statistics License Authorization Wizard and other licensing components (Statistics 27.0 - 28.0.1.1) were using HTTP protocol to register licenses. This will no longer work.
Convert to HTTPS URLs for Statistics on-prem licensing.
This issue has been addressed in later releases (IBM SPSS Statistics 29.0.2.0, 30.0 and 31.0)
An Interim Fix was developed for customers who need the fix
Installation instructions for Statistics version 28
more
1. Products affected: Statistics Desktop and Server 28.0.1.1
Platforms affected: Linux 64bit, MacOS, pLinux, Win64, zLinux
2. Affected Files:
All files under "[INSTALLDIR]/JRE"
The attached interim fix zip file contains the following:
Linux64 JRE Version 1.8.0_452
MacOS JRE Version 8.0.8.45
pLinux64 JRE Version 1.8.0_452
Win64 JRE Version 1.8.0_452
zLinux64 JRE Version 1.8.0_452
Readme_28.0.1.1-12.txt (this file)
3. How to apply the hot fix:
1) Close all instances of Statistics Desktop and Server
2) Uncompress and unzip the JRE fix into a temporary folder
3) Move folder "[INSTALLDIR]/JRE" to a temporary back-up folder outside of the [INSTALLDIR] folder
4) For Linux64, pLinux64, and zLinux64, move extracted JRE folder into /opt/IBM/SPSS/StatisticsServer28/ folder.
5) For Windows, move extracted JRE folder into C:\Program Files\IBM\SPSS Statistics folder.
6) For MacOS, move extracted JRE folder into /Applications/IBM SPSS Statistics/SPSS Statistics.app/Contents folder.
7) For Linux, pLinux, zLinux and MacOS make sure all files under "[INSTALLDIR]/JRE" have correct permissions (e.g. chmod 755)
(Note : If your [INSTALLDIR] path is different from the default installation path provided, use your own local installation directory instead of given default path)
4. IBM SPSS Statistics 28 is now ready to be used.
Installation instructions for Statistics version 27
more
1. Products affected: SPSS Statistics 27.0.1.0
Platforms affected: Win64 and MAC
2. The related defect id(s):
[9017] ITSS | Update the LAW Code to limit HTTP for older versions of Stats 27-29
3. Affected Files:
The attached interim fix zip file contains the following:
Abstract.txt
Readme_27.0.1.0-32.txt (this file)
├── Client
│ ├── Mac
| | |-- licenseactivator.jar
│ └── Windows
| |-- licenseactivator.jar
4. This interim fix can be applied to SPSS Statistics 27.0.1.0 (Client [Folder])
5. How to apply the hot fix:
Depending upon your installation, the following may require a user with machine administrative rights.
SPSS Statistics 27.0.1.0 [Client]
---------------------------------
Windows:
(1) Close all instances of the Statistics 27.0.1.0 application.
(2) Unzip the zip file containing this interim fix to any directory.
(3) Open zip extracted directory and open sub folder "Client/Windows".
(4) Locate the file licenseactivator.jar. By default, it is under subfolder (C:\Program Files\IBM\SPSS Statistics\) and take up a back up by renaming the files to licenseactivator.jar.bak.
(5) Copy the interim fix file licenseactivator.jar to the subfolder(installation).
Mac:
(1) Close all instances of the Statistics 27.0.1.0 application.
(2) Unzip the zip file containing this interim fix to any directory.
(3) Open zip extracted directory and open sub folder "Client/Mac".
(4) Locate the file licenseactivator.jar. By default, it is under /Applications/IBM SPSS Statistics/IBM SPSS Statistics.app/Contents/bin/ and take up a back up by renaming the files to licenseactivator.jar.bak.
(5) Copy the interim fix file licenseactivator.jar to /Applications/IBM SPSS Statistics/SPSS Statistics.app/Contents/bin/.
6. IBM SPSS Statistics 27.0.1.0 is now ready to be used.
Authorization failed
Authorization failed. Authorization Error in License Wizard for SPSS Statistics
- Description
The IBM SPSS Statistics Traditional On-Prem license server has been updated to answer only to HTTPS requests. Older versions of IBM SPSS Statistics License Authorization Wizard and other licensing components (Statistics 27.0 - 28.0.1.1) were using HTTP protocol to register licenses. This will no longer work.
- Problem summary
Convert to HTTPS URLs for Statistics on-prem licensing.
- Problem conclusion
This issue has been addressed in later releases (IBM SPSS Statistics 29.0.2.0, 30.0 and 31.0)
For versions prior to IBM SPSS Statistics 27.0.0.0, see the workaround below.
An Interim Fix was developed for customers who need the fix
prior to updating to IBM SPSS Statistics 29.0.2.0 and later.
Note: Interim fixes are limited corrections to specific issues reported by one or more customers. They are normally sent only to customers who have reported one of the corrected problems, and who require an immediate correction. Interim Fixes do not address customer enhancement requests, and not all defect corrections can be delivered as Interim Fixes. Due to their urgency Interim Fixes undergo only targeted testing of specific fixes, not full regression testing. If the fix is not urgently required, you may prefer to wait for a scheduled Fix Pack Release, which will be fully regression tested. Interim F...
- Show more
- Temporary workaround
In that case, please email your locking code and your authorization code to
- In the next step after receiving your response, supply the license string from the email and proceed through the end of the License Authorization Wizard.
Your instance of IBM SPSS Statistics is now activated/licensed and ready for use.
Security Bulletin: Update JRE for Older Versions of IBM SPSS Statistics
Security Bulletin
Summary
Vulnerabilities related to encryption were found in older versions of the Java Runtime Environment (JRE). This Interim Fix addresses those problems. The IF applies to all applicable Java SE CVEs published by Oracle as part of their April 2025 Critical Patch Update plus CVE-2025-4447.
Vulnerability Details
CVEID: CVE-2025-21587
DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high integrity impact.
CWE: CWE-284: Improper Access Control
CVSS Base score: 7.4
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N)
CVEID: CVE-2025-30698
DESCRIPTION: An unspecified vulnerability in Java SE related to the 2D component could allow a remote attacker to cause low confidentiality, low integrity and low availability impact.
CWE: CWE-284: Improper Access Control
CVSS Base score: 5.6
CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
CVEID: CVE-2025-4447
DESCRIPTION: In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts.
CWE: CWE-121: Stack-based Buffer Overflow
CVSS Base score: 7
CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
| SPSS Statistics | 27.0.1 |
| SPSS Statistics | 28.0.1 |
| SPSS Statistics | 29.0.2 |
| SPSS Statistics |
30.0.0 31.0.0 |
Instructions in english
Uncompress and unzip the JRE fix below into a temporary folder and read the Readme.txt file for detailed instructions in english for the following operating systems; Linux64, MacOS, pLinux64, Win64, zLinux64,
Asennusohje suomeksi - Windows:
more
1) Sulje Statistics
2) Tarkista mikä Statistics versio sinulla on käytössä ja valitse alta oikea versio.
Pura alla oleva JRE-korjaus väliaikaiseen kansioon
3) Siirrä Statistics asennuskansiossa oleva JREkansio (C:\Program Files\IBM\SPSS Statistics\) väliaikaiseen varmuuskopiokansioon, asennuskansion ulkopuolelle. (Tämä on pelkkä varotoimenpide)
4) Siirrä purettu JRE-kansio kansioon C:\Program Files\IBM\SPSS Statistics\.
(Huomaa: Jos Statistics asennushakemistosi eroaa annetusta oletusasennuspolusta, käytä omaa paikallista asennushakemistoasi annetun oletuspolun sijaan)
Statistics on nyt käyttövalmis.
Asennusohje suomeksi - Mac:
more
1) Sulje Statistics
2) Tarkista mikä Statistics versio sinulla on käytössä ja valitse alta oikea versio.
Pura JRE-korjaus väliaikaiseen kansioon
3) Siirrä Statistics asennuskansiossa oleva JRE kansio väliaikaiseen varmuuskopiokansioon, asennuskansion ulkopuolelle. (Tämä on pelkkä varotoimenpide)
4) Siirrä purettu JRE hakemisto /Applications/IBM SPSS Statistics/SPSS Statistics.app/Contents hakemistoon.
5) Varmista että kaikilla tiedostoilla on oikeat käyttöoikeudet Statistics hakemistoon "[INSTALLDIR]/JRE" (kuten chmod 755)
(Huomaa: Jos Statistics asennushakemistosi eroaa annetusta oletusasennuspolusta, käytä omaa paikallista asennushakemistoasi annetun oletuspolun sijaan)
Statistics on nyt käyttövalmis.
Remediation/Fixes
Version 27: 27.0.1.0-IM-S27STAT-ALL-IF031
Version 28: 28.0.1.1-IM-S28STAT-ALL-IF012
Version 29: 29.0.2.0-IM-S29STAT-ALL-IF01629.0.2.0-IM-S29STAT-ALL-IF016
Version 30: 30.0.0.0-IM-S30STAT-ALL-IF009
Version 31: 31.0.0.0-IM-S31STAT-ALL-IF001
Security Bulletin: A Denial of Service Vulnerability in Zlib affects IBM SPSS Statistics (CVE-2018-25032)
Security Bulletin
Summary
There is a vulnerability in the Zlib version used by IBM SPSS Statistics. IBM SPSS Statistics has addressed the vulnerability.
Vulnerability Details
CVEID: CVE-2018-25032
DESCRIPTION: Zlib is vulnerable to a denial of service, caused by a memory corruption in the deflate operation. By using many distant matches, a remote attacker could exploit this vulnerability to cause the application to crash.
CVSS Base score: 7.5
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/222615 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Affected Products and Versions
| Affected Product(s) | Version(s) |
| SPSS Statistics | 29.0 |
Remediation/Fixes
| Affected Product(s) | Version(s) | |
| SPSS Statistics | 29.0 | Install Statistics 29.0.1.0 |
Workarounds and Mitigations
None
Get Notified about Future Security Bulletins
Subscribe to My Notifications to be notified of important product support alerts like this.
References
Complete CVSS v3 Guide
On-line Calculator v3
Related Information
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog
Change History
24 Apr 2023: Initial Publication
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES ""AS IS"" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY. In addition to other efforts to address potential vulnerabilities, IBM periodically updates the record of components contained in our product offerings. As part of that effort, if IBM identifies previously unidentified packages in a product/service inventory, we address relevant vulnerabilities regardless of CVE date. Inclusion of an older CVEID does not demonstrate that the referenced product has been used by IBM since that date, nor that IBM was aware of a vulnerability as of that date. We are making clients aware of relevant vulnerabilities as we become aware of them. "Affected Products and Versions" referenced in IBM Security Bulletins are intended to be only products and versions that are supported by IBM and have not passed their end-of-support or warranty date. Thus, failure to reference unsupported or extended-support products and versions in this Security Bulletin does not constitute a determination by IBM that they are unaffected by the vulnerability. Reference to one or more unsupported versions in this Security Bulletin shall not create an obligation for IBM to provide fixes for any unsupported or extended-support products or versions.