On Thu, Jul 17, 2003 at 03:20:18PM -0700, Steve Rude wrote:
Quick question, I'm not sure if this is applicable, but I am having some confusion of what versions of code to upgrade to, and a call to the TAC didn't help. All apologies if this is off topic at all.
We are currently running 12.2(8)T5 on several of our 2600 series routers and according to the advisory, we should upgrade to 12.2(8)T10 to get the fix. I downloaded 12.2(8)T10, and the date is June 16th. ?? What gives, that seems really old for a rebuild.
For those of you that haven't figured it out yet, this bug has been around for a long time. They probally found it and then said "since nothing is going on, we found this ourselves, we'll code the fix, test it, and then tell everyone about it." This means that some of the "CCO Stalkers" that watch for new software and test/play with it will not have a problem. Their devices will be in good shape.
The same thing with 12.2(15)T5, the date is June 25th. Am I downloading the right code?
I'd go off what they say is fixed. it was probally someones more than full time job to go around to each grou of people that ever built some weird software train at one time and say "here's the bugid, you need to provide customers a fix".
I don't want to reboot every router on our network 2 times.
I would contact the TAC to ask any questions you have. Cisco has been historically kind when this type of thing comes out and gives software updates out to people that do not have contracts to insure that they don't have a bad customer experience. I know the chart is hard to read because the product people need hardware support for their new thing they're shipping and are so impatient to ship it that they create these shortlived software trains that get the new hardware support they need. - Jared
TIA.
Steve Rude
-----Original Message----- From: Matthew Kaufman [mailto:matthew@eeph.com] Sent: Thursday, July 17, 2003 12:00 PM To: 'Scott Call'; nanog@nanog.org Subject: RE: Fixed IOS datestamps?
I had the same problem, with no resolution from any of my contacts yet either (perhaps they're busy?)... In my case, 12.2(14)S is a recommended option for 7200s (but built a while back), but that leaves me wondering about 12.2(14)S2 and 12.2(14)S3 (the last of which was at least built recently).
Perhaps someone on the list has already compiled a quick "here's a good set of releases for ISPs" list that covers the obvious router choices?
I'm also having trouble deciphering whether or not there's an "old enough" release that isn't affected by the bug for 2511 and 2611, since the bug tool data isn't the same as the vulnerability announcement list.
Matthew Kaufman matthew@eeph.com
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Scott Call Sent: Thursday, July 17, 2003 11:52 AM To: nanog@nanog.org Subject: Fixed IOS datestamps?
I started collecting the new IOS files for tonight's reboot of the Internet, and I had a quick question.
The datestamps on a lot of the maintainence releases are months old, and I just want to make sure I'm getting the right stuff, as they say, so we don't have to do this dance again tomorrow.
For example, 12.0S users are recommended to go to 12.0(25)S, which at least for the GSR is dated April 14, 2003.
Do I have the right build of 12.0(25)S or will there be one with a date closer to the revelation of the exploit showing up on the cisco FTP site?
Thanks -Scott
-- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.