ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] 7.1.8/8.1.3 Security Upgrade Install Issues

2017-10-09 12:16:39
Subject: Re: [ADSM-L] 7.1.8/8.1.3 Security Upgrade Install Issues
From: Skylar Thompson <skylar2 AT U.WASHINGTON DOT EDU>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Mon, 9 Oct 2017 16:14:54 +0000 
 Content preview:  I definitely agree with this; at least for TSM v7 it would
    have been far better to call it v7.2.0 to make it clear that it's a huge
   change with lots of caveats and potential failure points. We've just now 
discovered
    that TSM v7.1.8 does not play nicely with GPFS/mmbackup due to a change in
    how SSL certificates are loaded - hopefully it's a simple fix but who 
knows...
    [...]

 Content analysis details:   (0.7 points, 5.0 required)

  pts rule name              description
 ---- ---------------------- --------------------------------------------------
  0.7 SPF_NEUTRAL            SPF: sender does not match SPF record (neutral)
 -0.0 RP_MATCHES_RCVD        Envelope sender domain matches handover relay 
domain
X-Barracuda-Connect: mx.gs.washington.edu[128.208.8.134]
X-Barracuda-Start-Time: 1507565699
X-Barracuda-Encrypted: ECDHE-RSA-AES256-GCM-SHA384
X-Barracuda-URL: https://148.100.49.27:443/cgi-mod/mark.cgi
X-Barracuda-Scan-Msg-Size: 1182
X-Virus-Scanned: by bsmtpd at marist.edu
X-Barracuda-BRTS-Status: 1
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using global scores of TAG_LEVEL=3.5 
QUARANTINE_LEVEL=1000.0 KILL_LEVEL=5.5 tests=
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.43739
        Rule breakdown below
         pts rule name              description
        ---- ---------------------- 
--------------------------------------------------

I definitely agree with this; at least for TSM v7 it would have been far
better to call it v7.2.0 to make it clear that it's a huge change with lots
of caveats and potential failure points. We've just now discovered that TSM
v7.1.8 does not play nicely with GPFS/mmbackup due to a change in how SSL
certificates are loaded - hopefully it's a simple fix but who knows...

On Sat, Oct 07, 2017 at 02:36:13PM -0500, Roger Deschner wrote:
> This difficulty comes up while there are open, now-published security
> vulnerabilities out there inviting exploits, and making our Security
> people very nervous. But the considerations described in
> http://www-01.ibm.com/support/docview.wss?uid=swg22004844 make it very
> difficult and risky to proceed with 7.1.8/8.1.3 as though it was just a
> patch. It's a major upgrade, requiring major research and planning, with
> the threat of an exploit constantly hanging over our heads. I really
> wish this had been handled differently.

--
-- Skylar Thompson (skylar2 AT u.washington DOT edu)
-- Genome Sciences Department, System Administrator
-- Foege Building S046, (206)-685-7354
-- University of Washington School of Medicine
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] 7.1.8/8.1.3 Security Upgrade Install Issues, Zoltan Forray
Next by Date:  Re: [ADSM-L] 7.1.8/8.1.3 Security Upgrade Install Issues, Sergio O. Fuentes
Previous by Thread:  Re: [ADSM-L] 7.1.8/8.1.3 Security Upgrade Install Issues, Roger Deschner
Next by Thread:  Re: [ADSM-L] 7.1.8/8.1.3 Security Upgrade Install Issues, Sergio O. Fuentes
Indexes:  [Date] [Thread] [Top] [All Lists]
ADSM.ORG Privacy and Data Security by KimLaw, PLLC