HIPER LPS-1036 Corrupt OpenPGP Files

PKWARE HIPER ID: LPS-1036

Announced: 03/02/2020

Affected Products:

Smartcrypt and SecureZIP for IBM i

Affected Feature:

Encryption of data within OpenPGP encrypted files.

Required Processing Parameters:

PKPGPZ command for OpenPGP encryption.

Notification Details:

The PKWARE Development team has identified an issue which could result in corruption of data within an OpenPGP-encrypted file for particular data sets.  This issue affects encryption and the result of this error may not be seen until attempts are made to decrypt an OpenPGP-encrypted file that exhibits this error.  When this issue occurs, the OpenPGP-encrypted data cannot be recovered.  This issue affects only OpenPGP encrypted data and it does not apply to file encrypted or compressed using the ZIP or GZIP formats.

Action Required:

A code fix is available to correct this issue.  Update to the latest version level available for your version as follows.  SecureZIP users should migrate to the latest Smartcrypt version.

V14.0 - tbd

V16.0 - tbd

V16.1 - update to V16.1.0C

Additional Action Recommended:

Review/test existing encrypted data sets for possible exposure to this data corruption issue (PKPGPU).

Contact PKWARE:

If additional information is required regarding this announcement, please contact the PKWARE Technical Support Team at http://support.pkware.com, by phone at +1.937.847.2687 (select option 2).