[cisco-voip] glibc/ghost vulnerability
Ryan LaFountain (rlafount)
rlafount at cisco.com
Fri Jul 10 18:57:16 EDT 2015
To add to what Wes said:
If you have other UCC products that run on VOS (Finesse, SocialMiner, MediaSense, CUIC) you'll see further differences between underlying VOS versions between them, UCCX and CUCM. This causes not only a lot of confusion in tracking bug fixes in the platform between products but delay in integrating fixes like these as Wes has described below.
We are working to address this. The first part is in better tracking of bug fixes and security issues in the platform and between products. The second part is moving to a common underlying platform version and build process for most UCC products. This will greatly speed up our fix inclusion and standardize the underlying VOS version in many of our applications leading to greater consistency and stability. Without exposing too much more, we should see this common VOS in UCC system release 11.0.
HTH.
Thank you,
Ryan LaFountain
Unified Contact Center
Cisco Services
Direct: +1 919 392 9898
Hours: M - F 9:00am - 5:00pm Eastern Time
From: cisco-voip on behalf of Charles Goldsmith
Date: Friday, July 10, 2015 at 5:21 PM
To: "Wes Sisk (wsisk)"
Cc: voip puck
Subject: Re: [cisco-voip] glibc/ghost vulnerability
Gotcha, thanks for the explanation Wes, that's what I was looking for and can explain it to the customer. I'll let the customer know of the risks and let them make the decision to upgrade or wait for a minor patch.
Thanks!
On Fri, Jul 10, 2015 at 1:58 PM, Wes Sisk (wsisk) <wsisk at cisco.com<mailto:wsisk at cisco.com>> wrote:
I’ll lead off with: UCCX does a fair amount of work to customize the VOS platform to their needs. As such they don’t pull in updates and fixes as fast as UCM, UC, and CUP.
I bet if you check the kernel or RHEL version you will find significant difference and that contributes to the complexity of the fix.
admin:show packages active kernel
Active Side Package(s): for kernel package(s)
kernel-firmware-2.6.32-431.20.3.el6.noarch
kernel-2.6.32-431.20.3.el6.x86_64
platform-kernel-tunable-1.0.0.0-1.i386
dracut-kernel-004-336.el6_5.1.noarch
RyanL may weigh in with better details.
-w
On Jul 10, 2015, at 11:41 AM, Charles Goldsmith <wokka at justfamily.org<mailto:wokka at justfamily.org>> wrote:
I understand that CUCM and UCCX are both VOS, and that it's probably not the same version, but I don't understand why the platform team for CUCM can give us a minor patch but we can't get the same out of UCCX.
I'm sure most of you are like me, and steer clear of .0 releases. There is an old saying, dot Oh, oh no.
I'm not comfortable advising a customer to upgrade to the 11.0 release.
Would like thoughts on this, and some explanation of the differences of the VOS between CUCM/CUC and UCCX.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150710/25e5f4ac/attachment.html>
More information about the cisco-voip
mailing list