Примечания к выпуску для Cisco Cisco TelePresence MX700
D15325.01
Cisco
TelePresence
TC7.3.0
and
TC7.3.1
Software
Deferral
Notice
Software
deferral
notice
Dear
Cisco
Customer,
Cisco
engineering
has
identified
a
software
issue
with
the
release,
which
you
have selected. This issue may affect your use of this software. Please review
the deferral notice below to determine if the issue applies to your
environment. Customers are urged to upgrade to the recommended solution
image or most current software version.
have selected. This issue may affect your use of this software. Please review
the deferral notice below to determine if the issue applies to your
environment. Customers are urged to upgrade to the recommended solution
image or most current software version.
For
more
comprehensive
information
about
what
is
included
in
this
software,
please refer to the following documents:
please refer to the following documents:
Cisco
TelePresence
TC
Software
Release
Notes
(TC7)
Affected
software
and
replacement
solution
Reason
for
Advisory:
The
NTP.org
and
glibc
"GHOST"
vulnerabilities
affects
certain
software
versions.
versions.
CDETS
No:
CSCus69550
-‐
CVE-‐2015-‐0235
CSCus88487 -‐ CVE-‐2014-‐9298
CSCus88487 -‐ CVE-‐2014-‐9298
Headline:
The
NTP.org
and
glibc
"GHOST"
vulnerabilities
make
systems
running
the
affected software versions vulnerable.
affected software versions vulnerable.
Description:
The
listed
TelePresence
product
software
versions
are
affected
by
the
NTP.org
vulnerability (CVE-‐2014-‐9298) and glibc commonly known as the "GHOST"
vulnerability (CVE-‐2015-‐0235).
vulnerability (CVE-‐2014-‐9298) and glibc commonly known as the "GHOST"
vulnerability (CVE-‐2015-‐0235).
January
27,
2015,
a
buffer
overflow
vulnerability
in
the
GNU
C
library
(glibc)
was publicly announced. This vulnerability is related to the various
gethostbyname functions included in glibc and affect applications that call
these functions. This vulnerability may allow an attacker to obtain sensitive
information from an exploited system or, in some instances, perform remote
code execution with the privileges of the application being exploited.
was publicly announced. This vulnerability is related to the various
gethostbyname functions included in glibc and affect applications that call
these functions. This vulnerability may allow an attacker to obtain sensitive
information from an exploited system or, in some instances, perform remote
code execution with the privileges of the application being exploited.