Applies To:
Show VersionsGLOBAL-SITE Controller
- 2.2 PTF-02
Summary:
This product temporary fix (PTF) provides enhancements and fixes for the GLOBAL-SITE Controller version 2.2. The PTF includes all fixes since version 2.2.
Contents:
Installing the PTF
Use the following instructions to apply the PTF to the GLOBAL-SITE Controller version 2.2.
- On the GLOBAL-SITE Controller, log in as root.
- Change to the /gSITE/tmp/ directory by typing:
cd /gSITE/tmp/ - Connect to the F5 Networks FTP site (ftp.f5.com).
- From the /globalsite/gsite2.2 directory on the FTP site, download the globalsite2.2ptf-2.tgz file to the /gSITE/tmp directory on the GLOBAL-SITE Controller.
- While still as user root, type:
tar -xzf globalsite2.2ptf-2.tgz upgrade_ptf
./upgrade_ptf
[ Top ]
Software enhancements and fixes
FTP exhaustion attack (CR20373)
The controller is no longer vulnerable to an exhaustion attack that allowed the FTP server to consume all available memory on the host. Please see http://www.proftpd.org/security.html for more information.
snmpd security vulnerability (CR20373)
We have fixed the snmpd security vulnerability by replacing a missing shared library. For details on this CERT, please see http://www.cert.org/advisories/CA-2002-03.html for more information.
zlib CERT advisory (CR20345)
The controller is no longer open to the security vulnerability that could have allowed denial of service attacks on programs that use the zlib compression library. For details on this issue, please see http://www.kb.cert.org/vuls/id/368819.
SSH CERT advisory (CR20311)
The change was to channel.c file. The following is a link to the diff that was applied http://www.pine.nl/advisories/pine-cert-20020301.patch
[ Top ]
Required configuration changes
There are no required configuration changes for this release.
[ Top ]
Known issues
There are no additional known issues for this PTF. Please see the release note for version 2.2 for known issues for that release.
[ Top ]