In regard to: [Networker] NetWorker 7.x.x Security Vulnerability in...:
yesterday I got an ETA (EMC Technical Advisory) obout a security
vulnerability in nsrexecd 7.2.2. For the problem resolution there was
the following link
ftp.legato.com/pub/NetWorker/Updates/LGTsc02250/7.2.2_jumbo.
Except that there still aren't updated binaries for some of the platforms
(e.g. linux86).
I also think it's pretty bad that
- they don't specifically say in the readme or security announcement that
this problem affects the client component of the software, so it needs
to be applied to all your clients.
- the dates on most of the directories are June 1st, meaning that they've
known about this issue for well over two months and we're just learning
about it now.
So far so good.
What sets me up is the absurd denotation of the platforms the fixes are
used for.
So what the heck is hp11n or hp11w?
I'm pretty sure that HP started that. n == narrow, i.e. 32 bit. w ==
wide, i.e. 64 bit. Someone at EMC just seems to be following HP's
nomenclature. I've never seen it applied to Solaris before, but they
seem to be doing the same thing there and elsewhere.