Well...basically yes. The issue (PSN-2011-08-327) is known since august. I guess the fact that juniper has listed the issue as "the probability of exploiting this defect is extremely low" has led many networks to not implent a immediate fix for this on a security perspective. As you know maintenance usually causes service impact for customers and (if possible) most networks like to avoid unneccessary downtimes. Additionally alot of folks like to test new software in a lab environment first so a simple update to a new JunOS version can sometimes be quite complex and cost intensive.
-Jonas Am Montag, den 07.11.2011, 22:46 -0600 schrieb Jack Bates: > On 11/7/2011 8:28 PM, Chris Adams wrote: > > Once upon a time, Jack Bates<jba...@brightok.net> said: > >> More importantly, if it was the issue dated in August, how in the heck > >> do I get on a list which tells me such a critical bug exists? > > If you have a Juniper support account, go to www.juniper.net/alerts, > > scroll to the bottom, and click on "Modify Your Alert Preferences". > > > > Thanks. So I'm guessing anyone effected by it, shouldn't have been > (given I'd think large networks would have been notified and have valid > support contracts). > > > Jack > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp
signature.asc
Description: This is a digitally signed message part
_______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp