Is the 5.3 release so old that it is considered "not in support"?
-----Original Message----- From: ADSM: Dist Stor Manager [mailto:ADSM-L@VM.MARIST.EDU] On Behalf Of Thomas Denier Sent: Wednesday, February 25, 2015 9:56 AM To: ADSM-L@VM.MARIST.EDU Subject: [ADSM-L] Privilege escalation bug I received a security bulletin from IBM yesterday regarding "Tivoli Storage Manager Stack-based Buffer Overflow Elevation of Privilege: CVE-2014-6184". The affected version/release combinations listed in the bulletin run from 5.4 to 6.3. We still have one Linux system with 5.3 client code. Can I treat the list of affected releases as an explicit assurance that the 5.3 client does not have the vulnerability discussed in the bulletin? The alternative possibility that worries me is that 5.4 is the oldest level IBM thought it worthwhile to check. Thomas Denier Thomas Jefferson University The information contained in this transmission contains privileged and confidential information. It is intended only for the use of the person named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. CAUTION: Intended recipients should NOT use email communication for emergent or urgent health care matters. [Confidentiality notice:] *********************************************************************** This e-mail message, including attachments, if any, is intended for the person or entity to which it is addressed and may contain confidential or privileged information. Any unauthorized review, use, or disclosure is prohibited. If you are not the intended recipient, please contact the sender and destroy the original message, including all copies, Thank you. ***********************************************************************