This is a cumulative security hotfix to deploy package update for LMI 6.2.1. 
This hotfix includes all previously available cumulative security hotfixes
for TIBCO LogLogic LMI 6.2.1.

This hotfix has no dependencies on any other non-cumulative hotfixes and 
cumulative maintenance hotfixes. It can be used in conjunction with other 
non-cumulative hotfixes and cumulative maintenance hotfixes.

================================================================================
Closed Issues in 6.2.1 SEC1-HF-2968

LLCE-2968:
6.2.1 package updates v1 cumulative security HF for package updates

LLCE-2963:
gnupg2: Improper sanitization of filenames allows for the display of fake
status messages and the bypass of signature verification - CVE-2018-12020

LLCE-3033:
Yum-Utils: Reposync: Improper Path Validation May Lead to Directory Traversal
Vulnerability - CVE-2018-10897

LLCE-3037:
NSS: ServerHello.random is All Zeros When Handling a v2-compatible ClientHello
- CVE-2018-12384

The following security issues are resolved with listed packages or newer ones:

bind (ELSA-2018-2571): CVE-2018-5740 by bind-libs-9.8.2-0.68.rc1.el6_10.1,
bind-utils-9.8.2-0.68.rc1.el6_10.1

dhcp (ELSA-2018-1454): CVE-2018-1111 by dhclient-4.1.1-53.P1.0.1.el6_9.4,
dhcp-common-4.1.1-53.P1.0.1.el6_9.3

ding-libs (ELSA-2018-1877): CVE-2018-1877 by libipa_hbac-1.13.3-60.el6,
libsss_idmap-1.13.3-60.el6

gnupg2 (ELSA-2018-2180): CVE-2018-12020 by gnupg2-2.0.14-9.el6_10

java-1.8.0-openjdk (ELSA-2018-2241): CVE-2018-2952 by
java-1.8.0-openjdk-1.8.0.191.b12-0.el6_10,
java-1.8.0-openjdk-devel-1.8.0.191.b12-0.el6_10,
java-1.8.0-openjdk-headless-1.8.0.191.b12-0.el6_10

nspr (ELEA-2018-1865): nspr-4.19.0-1.el6

nss (ELSA-2018-2898): CVE-2018-12384 by nss-3.36.0-9.0.1.el6_10,
nss-sysinit-3.36.0-9.0.1.el6_10, nss-tools-3.36.0-9.0.1.el6_10,
nss-util-3.36.0-1.el6

procps (ELSA-2018-1777): CVE-2018-1124, CVE-2018-1126 by
procps-3.2.8-45.0.1.el6_9.3

samba4 (ELSA-2018-1883): CVE-2018-1050 by samba4-client-4.2.10-15.el6,
samba4-common-4.2.10-15.el6, samba4-libs-4.2.10-15.el6

sssd (ELSA-2018-1877): CVE-2017-12173 by python-sss-1.13.3-60.0.1.el6,
python-sssd-config-1.13.3-60.0.1.el6, sssd-1.13.3-60.el6,
sssd-ad-1.13.3-60.el6, sssd-client-1.13.3-60.el6, sssd-common-1.13.3-60.el6,
sssd-common-pac-1.13.3-60.el6, sssd-ipa-1.13.3-60.el6,
sssd-krb5-1.13.3-60.el6, sssd-krb5-common-1.13.3-60.el6,
sssd-ldap-1.13.3-60.el6, sssd-proxy-1.13.3-60.el6, sssd-tools-1.13.3-60.el6

yum-utils (ELSA-2018-2284): CVE-2018-10897 by yum-3.2.29-81.el6,
yum-plugin-fastestmirror-1.1.30-41.0.1.el6_10,
yum-plugin-security-1.1.30-42.0.1.el6_10,  yum-utils-1.1.30-42.0.1.el6_10

================================================================================
This hotfix can be downloaded from the TIBCO Support Customer Portal at https://support.tibco.com.
You will need to provide your TIBCO Support Portal credentials. Once logged in you can download
the hotfix by selecting “Downloads” -> “Hotfixes” under AvailableDownloads/LogLogic/LMI/6.2.1_Hotfixes