Solved: security advisory for ASA

julxu · ‎04-19-2009

Greeting

On cisco security advisory (http://www.cisco.com/en/US/products/products_security_advisory09186a0080a994f6.shtml) said the recommended version for 7.2 is 7.2(4)30.

Could anyone advice me about the 7.2(4)30. I know the version like 7.2(4), not 7.2(4)30. what the 30 means?

Any comments will be appreciated

Thanks in advance

Richard Burts · ‎04-20-2009

Julie

The 7.2(4)30 indicates that this is an interim release. Cisco will produce interim releases to address urgent issues such as some important bug fixes or security advisories. When you begin to download an interim release there is generally a warning that the interim releases do not go through the regression testing that the normal releases do. So you need to compare the advantages of the more extensive regression testing in a normal release such as 7.2(4) and the more quick availability of fixes for the security advisory in 7.2(4)30.

HTH

Rick

HTH

Rick

View solution in original post

Richard Burts · ‎04-20-2009

Julie

I was puzzled for a bit about where to get this software that provides fixes for these vulnerabilities. But then I figured it out. If you look in the advisory that is a section with title:

Software Versions and Fixes

and if you look in that section you will find this explanation:

Fixed Cisco ASA software can be downloaded from:

http://www.cisco.com/pcgi-bin/tablebuild.pl/ASAPSIRT

The fixed software/interim releases are available through that link.

Note that the advise in the section Customers with Service Contracts about obtaining fixed software does not point you in the right direction and the fixed software is not available through the link that it provides.

HTH

Rick

HTH

Rick

View solution in original post

Richard Burts · ‎04-20-2009

Julie

The 7.2(4)30 indicates that this is an interim release. Cisco will produce interim releases to address urgent issues such as some important bug fixes or security advisories. When you begin to download an interim release there is generally a warning that the interim releases do not go through the regression testing that the normal releases do. So you need to compare the advantages of the more extensive regression testing in a normal release such as 7.2(4) and the more quick availability of fixes for the security advisory in 7.2(4)30.

HTH

Rick

HTH

Rick

julxu · ‎04-20-2009

thanks for the reply

at ASA download page, I seems do not find the 7.2(4)30, where to download 7.2(4)30 - the interim release?

Richard Burts · ‎04-20-2009

Julie

I was puzzled for a bit about where to get this software that provides fixes for these vulnerabilities. But then I figured it out. If you look in the advisory that is a section with title:

Software Versions and Fixes

and if you look in that section you will find this explanation:

Fixed Cisco ASA software can be downloaded from:

http://www.cisco.com/pcgi-bin/tablebuild.pl/ASAPSIRT

The fixed software/interim releases are available through that link.

Note that the advise in the section Customers with Service Contracts about obtaining fixed software does not point you in the right direction and the fixed software is not available through the link that it provides.

HTH

Rick

HTH

Rick