Steve Rude writes:
Quick question, I'm not sure if this is applicable, but I am having some confusion of what versions of code to upgrade to, and a call to the TAC didn't help. All apologies if this is off topic at all.
We are currently running 12.2(8)T5 on several of our 2600 series routers and according to the advisory, we should upgrade to 12.2(8)T10 to get the fix. I downloaded 12.2(8)T10, and the date is June 16th. ?? What gives, that seems really old for a rebuild.
The same thing with 12.2(15)T5, the date is June 25th. Am I downloading the right code?
I don't want to reboot every router on our network 2 times.
Please keep in mind that the releases shown in the software table of a Cisco Security Advisory are the first fixed releases for a train. They are _NOT_ necessarily recommended releases for your situation. To get a recommendation, you need to talk to the TAC or your support team. The purpose of the first fixed release table is to help you determine if you are running a vulnerable release. If you happen to be running an old rebuild that's shown in that table, then you're not vulnerable. If you happen to be running an old rebuild that's _newer_ than the one in the same train shown in that table, you're still not vulnerable. Feel free to ask the TAC for a later release than those shown in the FFR table. They or your support team are much better able to help you find the best release for your situation. The advisory can't possibly do that; all it can tell you is if you are vulnerable or not. Hope this helps. I know it's a confusing issue. Disclaimer: I'm not a member of the PSIRT team anymore, nor do I work in the TAC. I only a former PSIRT member trying to lessen the load on the TAC and the Cisco PSIRT. Jim == Jim Duncan, Critical Infrastructure Assurance Group, Cisco Systems, Inc. jnduncan@cisco.com, +1 919 392 6209, http://www.cisco.com/go/ciag/. PGP: DSS 4096/1024 E09E EA55 DA28 1399 75EB D6A2 7092 9A9C 6DC3 1821