I cannot answer the first question, but when you go to the downloads page for 10.6.4 (RSA Security Analytics 10.6.4 - Downloads ) there is a fix and there are instructions on how to install it. The re-release itself is not yet available.
There has not been a post but it is announced in the link above that there is an issue. I agree that not everybody will visit the download page so a post would have been helpful.
Due to a critical defect, we have temporarily removed the ability for customers to download the RSA NetWitness 10.6.4.0 release. The defect impacts any environment where customers are using a Broker and, while there is no data loss, the Broker will only show results from one Concentrator. We are in the process of testing a hotfix that can be applied alongside the 10.6.4.0 build and which will need to be applied to the Broker after it has been upgraded to 10.6.4.0. This hotfix will also be included in our 10.6.4.1 patch. We are actively working to release the download by Friday, August 11th, if not sooner.
Our records indicate that you have already downloaded the 10.6.4.0 upgrade packages from the RSA Link downloads page. If you have not yet upgraded, we recommend that you do not move forward based on the impact of this defect. Although there is no data loss, it will impact analysts visibility into the queries they are running. If you have already upgraded, the only option at this time will be to apply the hotfix. As we are showing that you have already downloaded the packages, we will also send out an additional update to you directly as soon as it’s available.
We are extremely sorry for this inconvenience and any impact it may have caused. If you have any questions, please reach out to RSA Customer Support.
I downloaded the packages directly via RSA Live, and not via the downloads page so I don't think I was notified. It seems only users who downloaded the packages directly from RSA Link would have been notified.
Understand the concerns and question on testing. Our best practice is to conduct regression testing with every release to ensure we catch issues such as what was found with this particular defect. Unfortunately, the issue wasn’t caught based on the timing for a performance fix that was introduced post testing. Engineering has enhanced their testing process to ensure we address this type of situation in the future. Something we are taking steps to ensure it doesn't happen again.
As Mary mentioned above, we posted a hot fix on Friday Aug 11. We are also in process of testing the fix as part of a full update which will include updating the repository. Our expectation is to post this tomorrow, Aug 16.