Cisco Cisco TelePresence Video Communication Server Expressway 릴리즈 노트
Resolved caveats
Cisco TelePresence Video Communication Server X7.2.3 Software Release Notes
Page 30 of 50
Identifier
Summary
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110830-
apache.shtml.
PSIRT Evaluation: the Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation are 7.8/7.8:
apache.shtml.
PSIRT Evaluation: the Cisco PSIRT has assigned this bug the following CVSS version 2
score. The Base and Temporal CVSS scores as of the time of evaluation are 7.8/7.8:
CVE ID CVE-2011-3192 has been assigned to document this issue.
Additional information on Cisco's security vulnerability policy can be found at the following
URL:
Additional information on Cisco's security vulnerability policy can be found at the following
URL:
The Cisco VCS now uses Apache 2.2.21, which addresses these security advisories.
CSCtr84963
Possible loss of grace period for call licenses (in cluster configuration):
If a cluster peer loses contact with its cluster, the remaining peers can continue to use the non-
contactable peer’s licenses for a 2-week grace period. But, if another peer within the cluster is
restarted during that period, that restarted peer will not be able to make use of the non-
contactable peer’s licenses for the remainder of the grace period.
This issue is resolved; grace periods are now observed if a peer is restarted.
contactable peer’s licenses for a 2-week grace period. But, if another peer within the cluster is
restarted during that period, that restarted peer will not be able to make use of the non-
contactable peer’s licenses for the remainder of the grace period.
This issue is resolved; grace periods are now observed if a peer is restarted.
CSCts05797
VCS SIP/H323 interworking does not adhere to change in SIP payload type after
hold/resume: interworked calls can lose video after a hold/resume if there is a change in the
SIP payload type.
VCS now manages correctly a change in the payload type.
hold/resume: interworked calls can lose video after a hold/resume if there is a change in the
SIP payload type.
VCS now manages correctly a change in the payload type.
CSCts15739
Cisco VCS challenges B2BUA SUBSCRIBE for authentication when Default Zone is set
to “Check credentials”:
to “Check credentials”:
When a Cisco VCS is set up with the Default Zone set to “Check credentials” and the X7.0
B2BUA feature is also set up on the same VCS, any SUBSCRIBE messages sent from the
B2BUA will result in a 407 Proxy Authentication Required response from the VCS. Eventually
the B2BUA gives up sending SUBSCRIBE messages and this results in failed subscription
states for B2BUA/Lync users. This does not affect customers still using OCS Relay (rather than
the B2BUA).
This issue is resolved; subscribe messages now include a P-Asserted-Identity header.
B2BUA feature is also set up on the same VCS, any SUBSCRIBE messages sent from the
B2BUA will result in a 407 Proxy Authentication Required response from the VCS. Eventually
the B2BUA gives up sending SUBSCRIBE messages and this results in failed subscription
states for B2BUA/Lync users. This does not affect customers still using OCS Relay (rather than
the B2BUA).
This issue is resolved; subscribe messages now include a P-Asserted-Identity header.
CSCtt14099
Duo Video fails from an H.323 endpoint: Duo Video from an H.323 endpoint can fail when
using BFCP and interworking with SIP.
using BFCP and interworking with SIP.
CSCtt41169
VCS rejects outgoing call from specific device registered on it
Requests to FindMe from an H.323 device which has a large number of aliases associated with
it will fail. This is especially relevant to large MCUs and MPSs.
it will fail. This is especially relevant to large MCUs and MPSs.
CSCts60535
Encryption status under call summary is shown as none: active calls always show the
encryption status as none. When the call is completed the call history shows the correct status.
The correct encryption status is now displayed for active calls.
encryption status as none. When the call is completed the call history shows the correct status.
The correct encryption status is now displayed for active calls.
Resolved in X7.0.1
Identifier
Summary
CSCts87885
DNS lookup problems that make VCS appear to have a hardware fault: for a Cisco VCS
Expressway running X7.0 with DNS zones configured (e.g. for business to business calling), it
has been observed when there are DNS lookup issues that the VCS may get into a hung state.
When the DNS lookup problem occurs the VCS does not respond to Web, SSH, Telnet or
Serial access.
Expressway running X7.0 with DNS zones configured (e.g. for business to business calling), it
has been observed when there are DNS lookup issues that the VCS may get into a hung state.
When the DNS lookup problem occurs the VCS does not respond to Web, SSH, Telnet or
Serial access.