Access Manager 7 patch 10 (revision 10) fixes a number of problems, as listed in the README file included with the patch.
Security Fixes. Patch 10 includes several important security fixes. Oracle recommends that you install patch 10 to prevent from being exposed to these security risks. Refer to the patch README file for a list of these fixes.
Patch 10 also includes these changes:
Access Manager now reregisters the notification URL after a server restart if the following property is set in the server's AMConfig.properties file:
The default value for this property is false. In a multi-server deployment, set this property for each Access Manager server.
On Solaris SPARC systems, the SecurID authentication process (amsecuridd) now avoids crashes because the process no longer writes to a closed connection. These CRs also fix a problem that caused users to be denied access even when authentication was successful. Also, more debug messages are added for better analysis in case other amsecuridd process problems occur.