[Info-vax] DCL vulnerability write up on The Register
Neil Rieck
n.rieck at sympatico.ca
Fri Feb 9 11:42:17 EST 2018
On Thursday, February 8, 2018 at 6:52:58 AM UTC-5, Ian Miller wrote:
> On Thursday, February 8, 2018 at 2:32:06 AM UTC, Craig A. Berry wrote:
> > On 2/7/18 7:28 PM, Arne Vajhøj wrote:
> > > On 2/7/2018 7:49 AM, Craig A. Berry wrote:
> >
> > >> Side note: the Register article incorrectly stated that Itanium
> > >> customers have to get the patch from HPE, but if you have VSI support
> > >> you can get it from them and it was available there sooner.
> > >
> > > So HPE also released a patch?
> >
> > I assume they repackaged VSI's patch, and I take the Register's word for
> > it that you can get a patch from HPE. I just know they are wrong in
> > saying you *have* to get it from them.
>
> I've not seen a patch nor announcement from HPE on this yet.
>
> As previously mentioned, VSI have done the right thing after receiving the report of the issue.
You are correct. I just (Feb-9) checked all the patches for the Itanium version of OpenVMS (started at 8.4 then went up) and did not see any DCL related patches. There is a CLI related patch published in October of last year which has nothing to do with the security issue.
Neil Rieck
Waterloo, Ontario, Canada.
http://neilrieck.net
More information about the Info-vax
mailing list