[nsp] recent SNMP vulnerability vs 12.1(13)E14

Fri Apr 23 10:29:14 EDT 2004

hello,

  and the most important Q is:

if there are some maintenance releases of a train, for instance 12.1(13)E, 12.1(14)E, 12.1(19)E and 12.1(20)E,
- and each has several rebuilds, E1, E2, E3, and so on...
- and there is a bug, which get first integrated, say in April into 12.1(19.x)E interim,
will it be intergrated, say in June into later rebuilds of less numbered (e.g. y<19) maintenence release.

see my point?

April		12.1(19.x)E gets the fix, as the bugnav tells us, it's the 'first fixed-in' version
		at this time, say 12.1(13)E13 is alreay available
  time passes
May		12.1(20)E comes out, and of course it gets the fix
  time passes
June		12.1(13)E14 comes out... Q: will it receive the fix?

  what's tha main logic behind?

rgds
 --zoltan

-----Original Message-----
From: Gert Doering [mailto:gert at greenie.muc.de]
Sent: Friday, April 23, 2004 3:57 PM
To: Jay Young
Cc: cisco-nsp at puck.nether.net
Subject: Re: [nsp] recent SNMP vulnerability vs 12.1(13)E14

Hi,

On Fri, Apr 23, 2004 at 09:45:42AM -0400, Jay Young wrote:
> Along a similar line what about 12.2.18S3 the advisory says that 12.2S 
> is vulnerable and the fix is 12.2.20S2 or 12.2.22S. Neither of which is 
> available for a 7200.

As far as I understand it, the bug was introduced *after* 12.2(18)S, so 18S 
is not-yet-vulnerable.

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/