Quoting Steve Shockley <steve.shockley@xxxxxxxxxxxx>:
That's it. NOT ONE WORD ABOUT A VULNERABILITY OR A FIX.
In NetApp's defense, they did send out an advisory to customers five hours after the initial notice of the availability of the fix. I understand only customers
who have licensed the iSCSI component get a notification.