[c-nsp] Cisco Security Advisories

Jared Mauch jared at puck.nether.net
Thu Jan 25 08:30:40 EST 2007


On Thu, Jan 25, 2007 at 08:21:19AM -0500, Joe Provo wrote:
> On Thu, Jan 25, 2007 at 12:48:33PM +0200, Saku Ytti wrote:
> > On (2007-01-25 10:40 -0000), Moerman, Maarten wrote:
> > 
> > > 12.2(18)SXF5 is replaced by SXF7, that version, is however from
> > > 30-nov-2006.
> > > 
> > > I am now running 12.2(18)SXD7b, which is from dec-2006, that one is
> > > newer... Or is cisco's website not updated regarding the date.
> > 
> > I saw it enter ftp site 2006-12-14, so yes, it's newer than
> > than SXF7. But I'm not sure about the relevance of release date though.
> 
> The SXF code is modular arther than monolithic.  Likely cleaned in 
> the rewrite, therefore the claim 'all SXF are clean' for both issues.
> Bigger - be sure you've not cheaped out your flash.

	No, one of the 3 releases did not have impact of SXF based images.
The other two were fixed in SXF5 and newer SXF releases.

	You do have a choice of running the modular code (those
images that have a -vz- instead of -mz-).  Those images support
things like local core files and other important things
that most of us *nix folks know can be used to easily diagnose
problems.  But the feature set of the -vz- != -mz- of the same name,
namely IPv6 and some MPLS stuff.  I think the next SX* release will
resolve that.

	- Jared

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.


More information about the cisco-nsp mailing list