The Progress DataDirect Dedication to Security:
Progress DataDirect has defined a stringent set of policies and practices around product
development and distribution. This ensures there is transparency with regard to third party dependencies,
proactive policies, and practices to meet the highest security standards when releasing products. In
addition, Progress DataDirect is dedicated to finding a timely and effective resolution to any serious
security concerns that arise.
Apache Log4j Vulnerability and DataDirect Hybrid Data Pipeline:
DataDirect Hybrid Data Pipeline: We have identified Hybrid Data Pipeline (HDP) as susceptible to the Apache Log4j vulnerability -- Hybrid Data Pipeline 4.6.1 and higher. As an immediate mitigation, the general recommendation is to configure the Java system property, "log4j2.formatMsgNoLookups" to "true" via the setenv.sh script.
For more details, review the following Knowledge Base article.
To keep updated on this, and other DataDirect announcements, go to https://community.progress.com/s/pans and select the info that applies to you. PANS, our email notification service, is the primary way we communicate vital information such as critical alerts, product alerts, knowledge base articles, and support information.