Re: Fixed IOS datestamps?

[Jared Mauch <jared () puck Nether net>]

On Thu, Jul 17, 2003 at 03:20:18PM -0700, Steve Rude wrote:
> Quick question, I'm not sure if this is applicable, but I am having some
> confusion of what versions of code to upgrade to, and a call to the TAC
> didn't help. All apologies if this is off topic at all.
>
> We are currently running 12.2(8)T5 on several of our 2600 series routers
> and according to the advisory, we should upgrade to 12.2(8)T10 to get
> the fix.  I downloaded 12.2(8)T10, and the date is June 16th.  ??  What
> gives, that seems really old for a rebuild.

        For those of you that haven't figured it out yet, this
bug has been around for a long time.  They probally found
it and then said "since nothing is going on, we found this
ourselves, we'll code the fix, test it, and then tell everyone
about it."

        This means that some of the "CCO Stalkers" that watch
for new software and test/play with it will not have a problem.
Their devices will be in good shape.

> The same thing with 12.2(15)T5, the date is June 25th.  Am I downloading
> the right code?  

        I'd go off what they say is fixed.  it was probally
someones more than full time job to go around to each grou of people
that ever built some weird software train at one time and say "here's
the bugid, you need to provide customers a fix".

> I don't want to reboot every router on our network 2 times.

        I would contact the TAC to ask any questions you have.  Cisco
has been historically kind when this type of thing comes out and gives
software updates out to people that do not have contracts to insure
that they don't have a bad customer experience.

        I know the chart is hard to read because the product people
need hardware support for their new thing they're shipping and are
so impatient to ship it that they create these shortlived
software trains that get the new hardware support they need.

        - Jared

> TIA.
>
> Steve Rude
>
> -----Original Message-----
> From: Matthew Kaufman [mailto:matthew () eeph com] 
> Sent: Thursday, July 17, 2003 12:00 PM
> To: 'Scott Call'; nanog () nanog org
> Subject: RE: Fixed IOS datestamps?
>
>
> I had the same problem, with no resolution from any of my contacts yet
> either (perhaps they're busy?)... In my case, 12.2(14)S is a recommended
> option for 7200s (but built a while back), but that leaves me wondering
> about 12.2(14)S2 and 12.2(14)S3 (the last of which was at least built
> recently).
>
> Perhaps someone on the list has already compiled a quick "here's a good
> set
> of releases for ISPs" list that covers the obvious router choices?
>
> I'm also having trouble deciphering whether or not there's an "old
> enough"
> release that isn't affected by the bug for 2511 and 2611, since the bug
> tool
> data isn't the same as the vulnerability announcement list.
>
> Matthew Kaufman
> matthew () eeph com
>
> > -----Original Message-----
> > From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On 
> > Behalf Of Scott Call
> > Sent: Thursday, July 17, 2003 11:52 AM
> > To: nanog () nanog org
> > Subject: Fixed IOS datestamps?
> >
> >
> >
> > I started collecting the new IOS files for tonight's reboot of the 
> > Internet, and I had a quick question.
> >
> > The datestamps on a lot of the maintainence releases are 
> > months old, and 
> > I just want to make sure I'm getting the right stuff, as they 
> > say, so we 
> > don't have to do this dance again tomorrow.
> >
> > For example, 12.0S users are recommended to go to 12.0(25)S, which at 
> > least for the GSR is dated April 14, 2003.
> >
> > Do I have the right build of 12.0(25)S or will there be one 
> > with a date 
> > closer to the revelation of the exploit showing up on the 
> > cisco FTP site?
> >
> > Thanks
> > -Scott

-- 
Jared Mauch  | pgp key available via finger from jared () puck nether net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.