Advisory ID: cisco-sa-20090408-asa describes a vulnerability that applies to an ASA 5520 I administer.
The advisory page, http://www.cisco.com/warp/public/707/cisco-sa-20090408-asa.shtml, says this:
8.0(4)25: earliest fixed version,
8.0(4)28: recommended version.
But, the Interim Sofware download page is confusing. There's a version 220.127.116.11, released 04-FEB-2009, but that version doesn't fix the problem. There's a version 18.104.22.168, but the release date, 11-SEP-2008, is far in the past.
8.1(2)15: earliest fixed
But, on Interim Software download page, most recent version is 22.214.171.124 (04-FEB-2009).
I have support contracts that are in the process of being renewed, so if I need TAC for this, I'll have to wait.
Is there some other location to find the releases specified in the advisory?
it is hard to find for some reason, but its in the advisory:
"Fixed Cisco ASA software can be downloaded from:
Fixed Cisco PIX software can be downloaded from: