Re: [Networker] NMC security vulnerability and customer notification
2007-03-08 09:07:25
Hi Everyone,
I thought I would throw my two cents in here. I recieved the Update 1
notification and I am an Adv_File user. So I opened a ticket with EMC and
they indicated that update 1 and Jumbo 11 were two seperate things.. I
agree the naming is confusing and just looking at it I would have assumed
that Jumbo 11 would include Update 1, but in this case better safe than
sorry so always good to double check. Anyhow I applied the Update 1 to
my server and storage nodes this last week. I did have some problems with
one Adv_File volume on a storge node the resolution ended up bieng to
stage all the savesets off the volume, other than that the update went
well.
So when EMC called me back wanting to close out my open ticket on Update
1 - I asked them why the alert didn't include notification of
a "Explotable Security Vulnerability" in nmc? The answer I recieved was
that it wasn't announced yet because they are still working the
vulnerability announcement through CERT, and would be doing a follow on
announcement this week. This seemed like a reasonable response to me...
It will be interesting to see how long this announcement takes to come
out.
Nancy
To sign off this list, send email to listserv AT listserv.temple DOT edu and
type "signoff networker" in the body of the email. Please write to
networker-request AT listserv.temple DOT edu if you have any problems with this
list. You can access the archives at
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
|
|
|