[Info-vax] DCL vulnerability write up on The Register
Craig A. Berry
craigberry at nospam.mac.com
Wed Feb 7 07:49:59 EST 2018
On 2/6/18 9:27 PM, IanD wrote:
> Could not the security exploit release have have waited for another
> 6-8 months more (1.6% of the time it existed for!) until VSI rolled
> out x86 and given people a positive pathway forward?
This doesn't make any sense. People can get the vulnerability patched
today on Alpha and Itanium. They do have to get to a current release,
which apparently even includes that very loose definition of "current"
which is HPE v8.4. An architecture change to x86_64 may be attractive
for many reasons, but has nothing to do with addressing this particular
vulnerability.
Side note: the Register article incorrectly stated that Itanium
customers have to get the patch from HPE, but if you have VSI support
you can get it from them and it was available there sooner.
More information about the Info-vax
mailing list