z/OS Package Maintenance Levels - Agent 8.0.x
This page identifies the package contents for all Universal Agent 8.0.x for z/OS maintenance releases, including the initial release, and the maintenance level of every component in each package.
For each release, changes made to individual components for z/OS only, and for z/OS and one or more other platforms, are identified. Maintenance level changes to a component for non-z/OS platforms are not shown.
For a list of all changes in a release - all platforms, all components - see All Platforms Package Maintenance Levels - Agent 8.0.x.
For a list of all changes in a release - all platforms, specific components - see Component Maintenance Levels - Agent 8.0.x.
Universal Agent 8.0.x for z/OS Packages
The following table identifies the maintenance level of all components contained in each Universal Agent 8.0.x for z/OS package.
Release | Release Date | SMP/E | Universal | Universal | Universal | Controller | Universal | Universal | Universal | Universal | Universal | Universal | Universal | Universal | Universal | Universal | Universal | Universal | Universal | Universal |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 | 8.0.0.0 |
Install changes refer to changes to the programs, scripts, or supporting files used to install the package. There are no changes to the actual product components.
Agent 8.0.0.0 - March 31, 2026
Platform | Component | Description | |
|---|---|---|---|
B-14810 | z/OS | UAGSRV | Add TLS 1.3 connection support when Universal Agent components on z/OS are configured to use SystemSSL. |
B-22268 | z/OS | UAGSRV | Add the ability to apply a jobname filter to Universal Agent File Monitor tasks that execute on z/OS. If dataset activity is performed via TSO, this same jobname filter will accept a TSO user ID. |
B-22672 | z/OS | USAP | Add the ability to create SNC connections to an SAP server using USAP for z/OS. To implement this feature, support for the SAP Netweaver RFC libaries was also added to USAP for z/OS. See the SNC_MODE and SNC_QOP configuration options for information about how to configure this new feature. Note This change provides a significant update to USAP for z/OS. Prior versions still rely on the legacy SAP RFC libraries. The versioning for USAP on z/OS was back-leveled to reflect this lack of contemporary RFC library support. This USAP that is now provided for z/OS has partity with the USAP provided for Unix and Windows. To implement this change required porting USAP for z/OS to a 64-bit module. This means the 64-bit C runtimes will be needed on your z/OS system. This should not be a problem, but it is an updated platform requirement. With this change, the LIBRFC shared object module previously installed with the Agent on z/OS is no longer provided. The SAP Netweaver RFC libraries must be available on your z/OS system in order for USAP to run. The libraries' location can be set using the LIBPATH configuration option. Finally, a copy of the sample RFC INI member (USPRFC00) installed to &HLQ..UNV.SUNVSAMP is no longer placed in &HLQ..UNV.UNVCONF during the install. You may use the sample USPRFC00 provided as a reference, but the file itself must reside on the USS file system. This location is set with the USAP_RFC_INI_DIR configuration option. This feature also changes the USPPRC JCL procedure installed to &HLQ..UNV.SUNVSAMP. The DD statement that pointed to the USPRFC00 member is no longer needed. While no REGION statement is provided by the sample JCL procedure, this updated version of USAP has different runtime requirements than the back-leveled version. It may be necessary to add a REGION statement to USPPRC or to your job cards to accomodate these newer requirements. ::: |
B-23143 | All | All | Upgrade the OpenSSL 3pp vendor library used by Universal Agent to OpenSSL 3.5.5 to ensure continued maintainability of OpenSSL updates and fixes. Virtually all Universal Agent components use OpenSSL for cryptographic functions. Not all components have user-facing visibility, but for practical purposes, a change to OpenSSL is a change to all Universal Agent components. |
B-23362 | z/OS | All | Certify Universal Agent 8.0.0.0 for z/OS 3.2. |
B-23529 | All | UAGSRV | Ensure that UAG Server refreshes the IP address of any hosts specified in its OMS_SERVERS list, to support DNS updates without having to cycle the Agent. |
B-23685 | All | UBROKER | Enhance security for the Universal Broker's external service interface by adding peer authentication support. When the new AUTHENTICATE_PEER configuration option is set to yes, the Universal Broker will require that any client that tries to connect to its external service interface provide a valid client certificate. This will ensure that only trusted clients can connect to the Universal Broker. |
D-11005 | z/OS | UAGSRV | Fix truncation of a message responsible for reporting secondary Universal Agent status to the Controller. The truncation could cause the Agent to show Active even if it were actually offline. |
D-13552 | All | UAGSRV | Ensures that an Agent's configured BUSINESS_SERVICES are part of any HELLO message the Agent sends to the Controller. This change was specifically intended to fix an issue where a transient Linux Agent would lose business service information after temporarily going offline. A persistent Agent on any platform would also benefit from this change if, for example, it were inadvertently deleted from the Controller. |
D-13947 | z/OS | UAGSRV | Ensure that a z/OS task does not fail with a JCL error when the task's job issues an IEFC677I message. Prior to this change, it may be possible for the Agent to fail with a S0C4 ABEND or return accurate error information to the Universal Controller. |
D-13958 | z/OS | UAGSRV | Prior to the Universal Agent's attempt to calculate a system workload value, ensure that the sample size value in an SMF record type 70-1 (SMF70SAM) is non-zero. This check will prevent a divide-by-zero exception (S0C9). |
D-13913 | z/OS | UAGSRV | Restores the list of secondary Agent name(s) to the following Universal Controller locations:
|
D-14036 | All (depending on component availability) | UAGSRV | Ensure that an attempt to establish an improper SSL/TLS session over the affected Server application's component interface is handled gracefully. |
D-14051 | All | UAGSRV | Fixes an issue where the UAG Server's configured SERVICE_TIMEOUT value is ignored when receiving messages from OMS. This fix will decrease the time it takes for UAG Server to detect a dropped connection with OMS, which will in turn decrease connection recovery times. |
D-14191 | Unix | UAGSRV | Fix a possible memory corruption when an application monitored by an Application Control Task is stopped immediately after the application is started. |
D-14197 | Unix | UFTP | Update the libSSH2 3pp vendor library used by UFTP to remediate Critical- and High-severity CVEs. |
D-14348 | All | All | Update the zlib 3pp vendor library to remediate Critical- and High-severity CVEs. The zlib library is used by all Universal Agent components, excluding the z/OS SMF exit modules. |
D-14409 | z/OS | UAGSRV (UAGRERUN) | Fixes a problem where the JCL for a z/OS task containing a backward reference to a DD statement in the same step prevented that step from being marked "Restartable" in the z/OS task instance. Steps that contain local backward references should be restartable. Steps that contain backward references to other steps in the job will continue to be non-restartable. |
D-14416 | z/OS | UFTP | Fixes a problem where the Universal FTP Client generates an excessive number of log messages that seems to indicate a failure when trying to establish a TLS 1.3 session. |
D-14448 | z/OS | UAGSRV | Fixes two memory leaks for UAGSRV on z/OS:
|
D-15569 | z/OS | UAGSRV | Fixes an issue where Universal Agents configured to use IBM's System SSL are unable to establish connections with z/OS 3.2 system. info ** Note** This fix enables support for the following ciphers when using System SSL on any supported version of z/OS:
Use of either of the ECDHE-ECDSA-* ciphers requires that data sessions established between UCMD and UCMD Server and between UDM and UDM Server enable encryption. For information about enabling encryption for UCMD standard i/o redirection sesions, refer to one or more of the following:
For information about enabling encryption for a UDM data session, refer to one or more of the following: |