TIBCO Runtime Agent (TRA) 5.12.0 Hotfix 01 is now available
Article ID: KB0100928
Updated On:
| Products | Versions |
|---|---|
| TIBCO Runtime Agent (TRA) | 5.12.0 |
| TIBCO Administrator | 5.12.0 |
Description
Note: TRA 5.12.1 is released and upgrades log4j to 2.17.1.
==========
The hotfix addresses CVE-2021-44228, a remote code execution vulnerability in Apache Log4j for the following products:
- TIBCO BusinessWorks™ 5 version 5.15 (TRA 5.12 and TIBCO Administrator™ 5.12)
- TIBCO ActiveMatrix® Adapter for Database 7.3
- TIBCO ActiveMatrix® Adapter for Files for Unix/Win 7.1
- TIBCO ActiveMatrix® Adapter for SAP 7.3
Note: Use TIBCO Universal Installer 3.7.3 to install this TRA hotfix. The Universal Installer can be downloaded from https://support.tibco.com/s/hotfixes?id=a014z00000yUBYHAA4
The customer will be able to download the Hotfix from the TIBCO Support Customer Portal Web UI using their username and password for the TIBCO Support Web page.Once logged on they can find the Hotfix under the Download Menu :
AvailableDownloads/TRA_Designer/5.12.0/hotfix-01
OR
The customer will be able to download the Hotfix by using direct link to TRA_Designer/5.12.0/hotfix-01
https://support.tibco.com/s/hotfixes?id=a014z00000yUBY7AAO
================================================================================
Affected Files for 5.12.0_HF-001 (This Release)
The following files are installed by this hotfix. Note that some
files are platform-specific and are installed only on that platform.
All Platforms:
-------------
5.12.0 is the TIBCO Runtime Agent minor version for which this hotfix is applied.
{TIBCO_HOME}\release_notes directory:
- TIB_TRA_5.12.0_HF-001_readme.txt
{TIBCO_HOME}\tra\5.12\hotfix\lib directory:
- log4j-api-2.16.0.jar
- log4j-appserver-2.16.0.jar
- log4j-core-2.16.0.jar
- log4j-slf4j-impl-2.16.0.jar
================================================================================
Closed Issues in 5.12.0_HF-001 (This Release)
TRA-5241
Log4j has been upgraded to Log4j-2.16.0
================================================================================
Issue/Introduction
TIBCO Runtime Agent (TRA) 5.12.0 Hotfix 01 is now available
Additional Information
Apache Log4J Vulnerability Update
• https://www.tibco.com/support/notices/2021/12/apache-log4j-vulnerability-update
TIBCO BusinessWorks: Mitigation for CVE-2021-44228 (Log4Shell)
• https://support.tibco.com/s/article/TIBCO-BusinessWorks-Mitigation-for-CVE-2021-44228-Log4Shell
• https://www.tibco.com/support/notices/2021/12/apache-log4j-vulnerability-update
TIBCO BusinessWorks: Mitigation for CVE-2021-44228 (Log4Shell)
• https://support.tibco.com/s/article/TIBCO-BusinessWorks-Mitigation-for-CVE-2021-44228-Log4Shell
Feedback
Yes
No
Powered by
