Tim Mooney wrote:

In regard to: [Networker] NetWorker 7.x.x Security Vulnerability in...:

yesterday I got an ETA (EMC Technical Advisory) obout a security
vulnerability in nsrexecd 7.2.2. For the problem resolution there was
the following link
ftp.legato.com/pub/NetWorker/Updates/LGTsc02250/7.2.2_jumbo.

Except that there still aren't updated binaries for some of the platforms
(e.g. linux86).

I also think it's pretty bad that

 - they don't specifically say in the readme or security announcement that
   this problem affects the client component of the software, so it needs
   to be applied to all your clients.

 - the dates on most of the directories are June 1st, meaning that they've
   known about this issue for well over two months and we're just learning
   about it now.

So far so good.
What sets me up is the absurd denotation of the platforms the fixes are
used for.
So what the heck is hp11n or hp11w?

I'm pretty sure that HP started that.  n == narrow, i.e. 32 bit.  w ==
wide, i.e. 64 bit.  Someone at EMC just seems to be following HP's
nomenclature.  I've never seen it applied to Solaris before, but they
seem to be doing the same thing there and elsewhere.

# ls -l LGTpa93975
total 2
drwxr-xr-x   2 root     root         512 May 28 20:42 NW732_solaris7w

Tim

--

-- Yaron.

To sign off this list, send email to listserv AT listserv.temple DOT edu and type 
"signoff networker" in the body of the email. Please write to networker-request 
AT listserv.temple DOT edu if you have any problems with this list. You can access the 
archives at http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER