DB2 FOR LUW / DB2FORLUW / 950 - DB2

If a user successfully execute a non-DDL statement, and the 
needed privileges are inherited through role membership (with 
the role granted to the user's group), then after the role was 
revoked from the group, the user can still execute the same 
statement where the statement has already completed the 
authorization checking. The user will continue to be able to 
re-execute this same statement until they disconnect from the 
database or attempt to execute another statement.

**************************************************************** 
* USERS AFFECTED:                                              * 
* All DB2 systems on all Linux, Unix and Windows platforms at  * 
* service levels from Version 9.5 GA through to Version 9.5    * 
* Fix Pack 6.                                                  * 
**************************************************************** 
* PROBLEM DESCRIPTION:                                         * 
* See Error Description.                                       * 
**************************************************************** 
* RECOMMENDATION:                                              * 
* Upgrade to DB2 Version 9.5 Fix Pack 7.                       * 
****************************************************************

DB2 Version 9.5 Fix Pack 8 for Linux, UNIX, and Windows
 DB2 Version 9.5 Fix Pack 9 for Linux, UNIX, and Windows
 DB2 Version 9.5 Fix Pack 10 for Linux, UNIX, and Windows
 

The complete fix for this problem first appears in DB2 Version 
9.5 Fix Pack 7 and all the subsequent Fix Packs.

not known / see Local fix

forerunner  : APAR is sysrouted TO one or more of the following: IC71375 IC71376 IC83464 
follow-up : 

Date  - problem reported    :
Date  - problem closed      :
Date  - last modified       :

16.09.2010
26.04.2011
26.04.2011

9.5.FP7