Applies To:Show Versions
- 2.2 PTF-02
This product temporary fix (PTF) provides enhancements and fixes for the GLOBAL-SITE Controller version 2.2. The PTF includes all fixes since version 2.2.
Use the following instructions to apply the PTF to the GLOBAL-SITE Controller version 2.2.
- On the GLOBAL-SITE Controller, log in as root.
- Change to the /gSITE/tmp/ directory by typing:
- Connect to the F5 Networks FTP site (ftp.f5.com).
- From the /globalsite/gsite2.2 directory on the FTP site, download the globalsite2.2ptf-2.tgz file to the /gSITE/tmp directory on the GLOBAL-SITE Controller.
- While still as user root, type:
tar -xzf globalsite2.2ptf-2.tgz upgrade_ptf
FTP exhaustion attack (CR20373)
The controller is no longer vulnerable to an exhaustion attack that allowed the FTP server to consume all available memory on the host. Please see http://www.proftpd.org/security.html for more information.
snmpd security vulnerability (CR20373)
We have fixed the snmpd security vulnerability by replacing a missing shared library. For details on this CERT, please see http://www.cert.org/advisories/CA-2002-03.html for more information.
zlib CERT advisory (CR20345)
The controller is no longer open to the security vulnerability that could have allowed denial of service attacks on programs that use the zlib compression library. For details on this issue, please see http://www.kb.cert.org/vuls/id/368819.
SSH CERT advisory (CR20311)
The change was to channel.c file. The following is a link to the diff that was applied http://www.pine.nl/advisories/pine-cert-20020301.patch
There are no required configuration changes for this release.
There are no additional known issues for this PTF. Please see the release note for version 2.2 for known issues for that release.