- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- How to cross reference HP security bulletins to ot...
Operating System - OpenVMS
1753415
Members
7001
Online
108793
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-09-2010 10:20 AM
тАО06-09-2010 10:20 AM
How to cross reference HP security bulletins to other sources...
Generally, can someone explain how to coorelate HP security bulletins to HP QXCR... fixes to CVE bulletins.
Specifically, I am trying to determine if the QXCR... fixes in BIND 9.3.2.7/8 satisfy the vulnerabilities identified in CVE:2010-0097.
Prior to 9/11 it was sufficient to simply upgrade to the latest product version available from HP. Now we are primarily driven by notifications from a couple computer security organizations and must address them first.
Specifically, I am trying to determine if the QXCR... fixes in BIND 9.3.2.7/8 satisfy the vulnerabilities identified in CVE:2010-0097.
Prior to 9/11 it was sufficient to simply upgrade to the latest product version available from HP. Now we are primarily driven by notifications from a couple computer security organizations and must address them first.
3 REPLIES 3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-09-2010 10:21 PM
тАО06-09-2010 10:21 PM
Re: How to cross reference HP security bulletins to other sources...
You'll have to ask HP.
I'll get notified of a security issue. I will then have to look it up to determine which CVEs are included in this security issue. I would then have to log a call with HP to determine if their product (i.e. HP SWS Secure Web Server) is vulnerable. If it is then they send a patch. The QXCR numbers increase in time so if you get a patch for say MOD_JK and then later there is another patch with a higher QXCR number then you can assume that the previous fix is included.
Hope this helps
I'll get notified of a security issue. I will then have to look it up to determine which CVEs are included in this security issue. I would then have to log a call with HP to determine if their product (i.e. HP SWS Secure Web Server) is vulnerable. If it is then they send a patch. The QXCR numbers increase in time so if you get a patch for say MOD_JK and then later there is another patch with a higher QXCR number then you can assume that the previous fix is included.
Hope this helps
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-10-2010 12:32 AM
тАО06-10-2010 12:32 AM
Re: How to cross reference HP security bulletins to other sources...
Also logging a call can trigger the creation of a patch if it does not already exist.
So log a call listing the software you are running and the CVE bulletins.
So log a call listing the software you are running and the CVE bulletins.
____________________
Purely Personal Opinion
Purely Personal Opinion
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-10-2010 07:42 AM
тАО06-10-2010 07:42 AM
Re: How to cross reference HP security bulletins to other sources...
I also put the originating security notification number in the call to HP so I can link back the CVEs to the original issue later.
Having a good spreadsheet of all the different numbers is good too
Having a good spreadsheet of all the different numbers is good too
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP