Introducing the all-new TIBCO Community site!

For current users, please click "Sign In" to reset your password and access the enhanced features. If you're a first-time visitor, we extend a warm welcome—click "Sign Up" to become a part of the TIBCO Community!

If you're seeking alternative community sites, explore ibi, Jaspersoft, and Spotfire.

Jump to content
  • Meltdown and Spectre Vulnerability Update


    admin

    TIBCO has investigated and identified applicable mitigation measures recommended by microprocessor and operating system vendors (“the Vendors”) for the Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715) microprocessor vulnerabilities. The table below contains the current status of the Vendor-recommended mitigations for TIBCO offerings.

    TIBCO Offering Mitigation status
    Virtual Machine images

    TIBCO BusinessWorks™ Container Edition and Plug-ins for AWS
    TIBCO BusinessWorks™ Container Edition and Plug-ins for AWS (BYOL)

    TIBCO BusinessWorks™ Container Edition and Plug-ins for AWS 2.3.3 and TIBCO BusinessWorks™ Container Edition and Plug-ins for AWS (BYOL) 2.3.3 are now available on AWS Marketplace. These releases use CentOS 7 x86_64 AMI version 1801_1 with kernel version 3.10.0-693.11.6.el7.x86_64, as recommended by a RedHat Security Advisory https://access.redhat.com/errata/RHSA-2018:0007

    TIBCO Clarity

    An update of TIBCO Clarity with appropriate Vendor-recommended mitigation updates is now available as on AWS Marketplace. TIBCO encourages its users to ensure they are using the latest version.

    TIBCO Jaspersoft for AWS with Multi-Tenancy

    An update for this virtual image with appropriate Vendor-recommended mitigation updates is now available on AWS Marketplace. TIBCO encourages its users to ensure they are using the latest version.

    TIBCO Jaspersoft Reporting and Analytics for AWS (Hourly)
    TIBCO Jaspersoft Reporting and Analytics for AWS (BOYL)

    An update for these virtual images with appropriate Vendor-recommended mitigation updates is now available on AWS Marketplace. TIBCO encourages its users to ensure they are using the latest version.

    TIBCO LogLogic Enterprise Virtual Appliance Software

    TIBCO continues to monitor recommendations of its upstream vendors to determine the best solution to address these vulnerabilities. See https://support.tibco.com/s/article/TIBCO-LogLogic-LMI-exposure-and-impact-status-regarding-Meltdown-and-Spectre-Vulnerabilities for specific information on this product. Note: A TIBCO Customer Support Portal account is required to access this URL.

    TIBCO Mashery Local

    TIBCO Mashery Local 4.3.0, which is now available, includes CentOS 2.6.32-696.18.7.el6.x86_64. This is the version of CentOS announced by a Redhat Security Advisory to address Meltdown/Spectre: https://access.redhat.com/errata/RHSA-2018:0008

    TIBCO Spotfire® Analytics Platform for AWS Marketplace

    An update for this virtual image with appropriate Vendor-recommended mitigation updates is available on AWS Marketplace.

    Hardware appliances

    TIBCO FTL® Message Switch

    A software and/or firmware update for the TIBCO FTL® Message Switch appliance with appropriate Vendor-recommended mitigation updates is scheduled to be available by April 30, 2018 on the TIBCO eDelivery site.

    TIBCO LogLogic® Log Management Intelligence (LMI)

    TIBCO continues to monitor its upstream vendors to determine the best solution to address these vulnerabilities. Please see https://support.tibco.com/s/article/TIBCO-LogLogic-LMI-exposure-and-impact-status-regarding-Meltdown-and-Spectre-Vulnerabilities for specific information on this product. Note: A TIBCO Customer Support Portal account is required to access this URL.

    TIBCO-hosted services

    TIBCO Mashery

    Mashery® has been updated to include appropriate patches recommended by the Vendors to mitigate these vulnerabilities in externally accessible systems.

    TIBCO® Reward

    TIBCO is currently testing appropriate Vendor-recommended mitigation updates for TIBCO Reward. Following completion of testing, TIBCO will contact customers to schedule upgrades to TIBCO Reward.

    All other hosted services

    TIBCO hosted services other than TIBCO Mashery and TIBCO Reward, have been upgraded to include appropriate Vendor-recommended mitigation updates.



×
×
  • Create New...