Hello all,

I am posting this to notify you that IBM has just published a TSM Client
security flash.

There is a buffer overrun security vulnerability in the TSM Client
acceptor daemon (CAD), and also in the TSM Client scheduler if SCHEDMODE
is set to PROMPTED.

Here is the link to the TSM Client security flash:
http://www.ibm.com/support/docview.wss?uid=swg21322623

We also published a TSM Windows Client flash (
http://www.ibm.com/support/docview.wss?uid=swg21322625) and a TSM
Macintosh Client flash (
http://www.ibm.com/support/docview.wss?uid=swg21322626) earlier this week,
that are referred to in the security flash. There are client packages
available (5.5.1.6 and 5.4.2.4) that fix both of those problems as well as
the security vulnerability, as detailed in the security flash.

Andy Raibeck
IBM Software Group
Tivoli Storage Manager Client Product Development
Level 3 Team Lead
Internal Notes e-mail: Andrew Raibeck/Tucson/IBM@IBMUS
Internet e-mail: storman AT us.ibm DOT com

IBM Tivoli Storage Manager support web page:
http://www.ibm.com/software/sysmgmt/products/support/IBMTivoliStorageManager.html


The only dumb question is the one that goes unasked.
The command line is your friend.
"Good enough" is the enemy of excellence.