You can get them through RSS: http://www-01.ibm.com/software/support/rss/tivoli/
-----Original Message----- From: ADSM: Dist Stor Manager [mailto:[email protected]] On Behalf Of Zoltan Forray Sent: Wednesday, February 25, 2015 3:01 PM To: [email protected] Subject: Re: [ADSM-L] Privilege escalation bug Where are you getting the bulletins/alerts from? I wouldn't have know about it if it wasn't for your posting. I have passed this on to my folks - we too have old clients going back to 5.3 and older (IRIX?) On Wed, Feb 25, 2015 at 12:55 PM, Thomas Denier <[email protected] > wrote: > The body of the bulletin I received states that the affected platforms > are AIX, HP-UX, Linux, Solaris, and Mac. > > -----Original Message----- > From: ADSM: Dist Stor Manager [mailto:[email protected]] On Behalf > Of Zoltan Forray > Sent: Wednesday, February 25, 2015 12:12 PM > To: [email protected] > Subject: Re: [ADSM-L] Privilege escalation bug > > Does not specifically say if it includes SOLARIS (only says "*UNIX, > Linux, and OS X allows local users to gain privileges via unspecified > vectors.*"). > Do I assume since it says "UNIX" SOLARIS is includes? We have some > old Domino Solaris boxes (supposed to go away some time soon....) > still running 6.1.3.... > > > > On Wed, Feb 25, 2015 at 10:56 AM, Thomas Denier < > [email protected] > > wrote: > > > I received a security bulletin from IBM yesterday regarding "Tivoli > > Storage Manager Stack-based Buffer Overflow Elevation of Privilege: > > CVE-2014-6184". The affected version/release combinations listed in > > the bulletin run from 5.4 to 6.3. We still have one Linux system > > with > > 5.3 client code. Can I treat the list of affected releases as an > > explicit assurance that the 5.3 client does not have the > > vulnerability discussed in the bulletin? The alternative possibility > > that worries me is that 5.4 is the oldest level IBM thought it worthwhile > > to check. > > > > Thomas Denier > > Thomas Jefferson University > > The information contained in this transmission contains privileged > > and confidential information. It is intended only for the use of the > > person named above. If you are not the intended recipient, you are > > hereby notified that any review, dissemination, distribution or > > duplication of this communication is strictly prohibited. If you are > > not the intended recipient, please contact the sender by reply email > > and destroy all copies of the original message. > > > > CAUTION: Intended recipients should NOT use email communication for > > emergent or urgent health care matters. > > > > > > -- > *Zoltan Forray* > TSM Software & Hardware Administrator > Hobbit / Xymon Administrator > Virginia Commonwealth University > UCC/Office of Technology Services > [email protected] - 804-828-4807 > Don't be a phishing victim - VCU and other reputable organizations > will never use email to request that you reply with your password, > social security number or confidential personal information. For more > details visit http://infosecurity.vcu.edu/phishing.html > The information contained in this transmission contains privileged and > confidential information. It is intended only for the use of the > person named above. If you are not the intended recipient, you are > hereby notified that any review, dissemination, distribution or > duplication of this communication is strictly prohibited. If you are > not the intended recipient, please contact the sender by reply email > and destroy all copies of the original message. > > CAUTION: Intended recipients should NOT use email communication for > emergent or urgent health care matters. > > -- *Zoltan Forray* TSM Software & Hardware Administrator Hobbit / Xymon Administrator Virginia Commonwealth University UCC/Office of Technology Services [email protected] - 804-828-4807 Don't be a phishing victim - VCU and other reputable organizations will never use email to request that you reply with your password, social security number or confidential personal information. For more details visit http://infosecurity.vcu.edu/phishing.html
