Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Chart - map uccx version to Red Hat Linux version?

Where would I find a chart/list which maps the UCCX version to Red Hat Linux version?

 

Thanks

5 REPLIES

Hi,why are you interested in

Hi,

why are you interested in that?

Technically, UCCX is a "black box", from the user's perspective it's not necessary (or advisable) to touch the operating system. Yes, we do know it's Red Hat but it's just a useless fact. Yes, I know one can get root access and start bash (or just anything) but it's kind of risky.

G.

New Member

Since the Linux bash

Since the Linux bash vulnerability (ShellShock) issue, Red Hat have released a lot of security issues associated with the different versions of RHEL (e.g. kernel, ssl, krb5, poodle, etc - there have been 25 different "modules" affected in the last 2 months), even though it's a "black box", we need to evaluate the possible security issue/s that could occur with the different versions of UCCX.

I have been raising Cases with Cisco to try to understand the possible security implications for each version of UCCX (e.g. if the issue is on RHEL 6.2 only, it would only affect UCCX version X), but it depends on how good the support person is as to how long it takes to get an answer.

Rgds, Terry

I see.Well, Cisco does not

I see.

Well, Cisco does not like to give out this information officially and I can understand that. Can you tell me your exact UCCX version and I will try to ask around about the specific RH version, although I cannot guarrantee I'm able to get the answer.

Speaking of the ShellShock issue, I believe it's a bit overhyped. No sane programmer would ever use bash (or run a shell command or a program via shell) from a user interfacing application (for instance, a web page).

Anyway, there is a bug (https://tools.cisco.com/bugsearch/bug/CSCur02861) open for evaluating the impact and there's already a patch released (on 17th October) so if you are lucky to have a supported version, you should probably apply that patch.

G.

New Member

Hi G,ThanksWell, Cisco does

Hi G,

Thanks

Well, Cisco does not like to give out this information officially and I can understand that. Can you tell me your exact UCCX version and I will try to ask around about the specific RH version, although I cannot guarrantee I'm able to get the answer.

They will be the same versions as per ShellShock link https://tools.cisco.com/bugsearch/bug/CSCur02861

10.0(1)SU2
10.5(1)SU1
8.0(2)SU5
8.5(1)SU4
9.0(1)
9.0(2)SU2
 

Speaking of the ShellShock issue, I believe it's a bit overhyped. No sane programmer would ever use bash (or run a shell command or a program via shell) from a user interfacing application (for instance, a web page).

Agreed, but it's not the answer that customers accept, especially those in the financial sector

Anyway, there is a bug (https://tools.cisco.com/bugsearch/bug/CSCur02861) open for evaluating the impact and there's already a patch released (on 17th October) so if you are lucky to have a supported version, you should probably apply that patch.

Ahh, the "ShellShock" link that still shows 

Known Fixed Releases:

(0)

and the associated link takes one to their Download Software home page

Rgds,

         Terry

New Member

No need to post here as my

No need to post here as my support case provided the information I needed. I can provide the details if others want it

61
Views
0
Helpful
5
Replies
CreatePlease login to create content