Description:
We would like to call your attention to security advisories for TIBCO Rendezvous® and TIBCO Hawk®, which have been sent to the CERT Coordination Center for distribution. Copies of the advisories can be viewed at http://www.tibco.com/resources/mk/rendezvous_security_advisory.txt and http://www.tibco.com/resources/mk/hawk_security_advisory.txt. These advisories describe vulnerabilities that have been discovered in Rendezvous® and Hawk®. The affected components are RVSD, RVRD, RVSRD, RVA, RVCACHE and TIBHAWKHMA. The basic RVD is not affected.

These issues may impact customers who utilize Rendezvous or Hawk directly, as well as those who install or utilize Rendezvous or Hawk via TIBCO Runtime Agent™ in support of products such as TIBCO BusinessWorks™, TIBCO BusinessConnect™, TIBCO BusinessEvents™, and TIBCO PortalBuilder® . Guidelines for determining whether your TIBCO software installation is affected can be found at the web link below.

Please be assured that we have taken proactive steps to address these issues, including the release of new versions of Rendezvous (v7.5.1), Hawk (v4.6.1) and Runtime Agent™ (v5.4.0) that eliminate the vulnerabilities. TIBCO customers with current maintenance contracts can obtain the latest releases of these products from their standard TIBCO download site. TIBCO recommends that customers upgrade to the latest versions of these products as quickly as possible.

For those unable to upgrade at this time, the web link below provides remedial administrative actions that can be taken to mitigate the impact on existing installations. Many customers will find that their standalone Rendezvous installations do not utilize the affected daemons, or that mitigating administrative actions have already been implemented as part of standard operating procedures.  The web link below will assist customers in determining whether the affected daemons are utilized or if mitigating actions have already occurred.

For more detailed information, including how to access new Rendezvous, Hawk and Runtime Agent maintenance downloads, installation instructions, remedial actions for existing installations, frequently asked questions, and contact information through which additional questions can be answered, please visit http://www.tibco.com/mk/advisory.jsp.

Product: TIBCO Rendezvous Version: All OS: --------------------

We would like to call your attention to security advisories for TIBCO Rendezvous® and TIBCO Hawk®, which have been sent to the CERT Coordination Center for distribution. Copies of the advisories can be viewed at http://www.tibco.com/resources/mk/rendezvous_security_advisory.txt and http://www.tibco.com/resources/mk/hawk_security_advisory.txt. These advisories describe vulnerabilities that have been discovered in Rendezvous® and Hawk®. The affected components are RVSD, RVRD, RVSRD, RVA, RVCACHE and TIBHAWKHMA. The basic RVD is not affected.

These issues may impact customers who utilize Rendezvous or Hawk directly, as well as those who install or utilize Rendezvous or Hawk via TIBCO Runtime Agent™ in support of products such as TIBCO BusinessWorks™, TIBCO BusinessConnect™, TIBCO BusinessEvents™, and TIBCO PortalBuilder® . Guidelines for determining whether your TIBCO software installation is affected can be found at the web link below.

Please be assured that we have taken proactive steps to address these issues, including the release of new versions of Rendezvous (v7.5.1), Hawk (v4.6.1) and Runtime Agent™ (v5.4.0) that eliminate the vulnerabilities. TIBCO customers with current maintenance contracts can obtain the latest releases of these products from their standard TIBCO download site. TIBCO recommends that customers upgrade to the latest versions of these products as quickly as possible.

For those unable to upgrade at this time, the web link below provides remedial administrative actions that can be taken to mitigate the impact on existing installations. Many customers will find that their standalone Rendezvous installations do not utilize the affected daemons, or that mitigating administrative actions have already been implemented as part of standard operating procedures.  The web link below will assist customers in determining whether the affected daemons are utilized or if mitigating actions have already occurred.

For more detailed information, including how to access new Rendezvous, Hawk and Runtime Agent maintenance downloads, installation instructions, remedial actions for existing installations, frequently asked questions, and contact information through which additional questions can be answered, please visit http://www.tibco.com/mk/advisory.jsp.

Security Advisory for TIBCO Rendezvous