Security Advisories for TIBCO Rendezvous and TIBCO Enterprise Message Service

Security Advisories for TIBCO Rendezvous and TIBCO Enterprise Message Service

book

Article ID: KB0108161

calendar_today

Updated On:

Products

All Products Not Applicable

Description

Description:
We would like to call your attention to security advisories for TIBCO Enterprise Message Service™ and TIBCO Rendezvous®.

Both products are delivered as standalone offerings, and included or bundled with:

•    TIBCO Rendezvous® TX
•    TIBCO Rendezvous® DataSecurity
•    TIBCO Hawk®
•    TIBCO Runtime Agent™
•    TIBCO Adapter™ for Files z/OS
•    TIBCO Substation ES™
•    TIBCO iProcess™ Engine
•    TIBCO ActiveMatrix BusinessWorks™ Service Engine
    o    Bundled for download with ActiveMatrix BusinessWorks™
•    TIBCO ActiveMatrix™ Service Grid
•    TIBCO ActiveMatrix™ Service Bus

Rendezvous®, Enterprise Message Service™, and TIBCO Runtime Agent are also bundled for download with additional TIBCO products that are listed in a FAQ that is available with copies of the advisories at http://www.tibco.com/mk/advisory.jsp.

These advisories describe vulnerabilities that have been discovered in Rendezvous® (including Rendezvous® OS390 and Rendezvous® Server In-Process Module Add-on) clients and daemons, and Enterprise Message Service™ servers.

These vulnerabilities impact TIBCO products that link with the Rendezvous client libraries, or bundle the Rendezvous daemons, Rendezvous client libraries, or Enterprise Message Service servers.

To fully secure current Rendezvous and Enterprise Message Service implementations, customers will need to upgrade to the latest versions of these products, and upgrade to the latest version of products with built-in dependencies on either Rendezvous or Enterprise Message Service. Please see the FAQ linked at http://www.tibco.com/mk/advisory.jsp for details on recommended upgrade steps.

Please be assured that we have taken proactive steps to address these issues, including the release of new versions of Rendezvous (8.1.0), Enterprise Message Service (4.4.3), and any products with built-in dependencies. We have updated the soft links of dependent products such as ActiveMatrix BusinessWorks™ to provide the necessary updates to Rendezvous and/or Enterprise Message Service.

TIBCO customers and OEM partners with current maintenance contracts can obtain the latest releases of these products from their standard TIBCO fulfillment channel. TIBCO recommends upgrading to the latest versions of these products as quickly as possible. Customers that are using TIBCO PortalBuilder®, TIBCO BusinessFactor®, TIBCO BusinessWorks™ Workflow (TIBCO BusinessWorks™ FormBuilder, TIBCO BusinessWorks™ Collaborator) in conjunction with Weblogic 8.x please contact TIBCO Support for additional information.

For more detailed information, including how to access updated maintenance downloads, installation instructions, frequently asked questions, and contact information through which additional questions can be answered, please visit http://www.tibco.com/mk/advisory.jsp.

Issue/Introduction

Security Advisories for TIBCO Rendezvous and TIBCO Enterprise Message Service

Environment

Product: All Products Version: OS: --------------------

Attachments

Security Advisories for TIBCO Rendezvous and TIBCO Enterprise Message Service get_app
Security Advisories for TIBCO Rendezvous and TIBCO Enterprise Message Service get_app