Who says IBM patches? How could EBCDIC conceivably be relevant?
-- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 ________________________________________ From: IBM Mainframe Discussion List <[email protected]> on behalf of Paul Gilmartin <[email protected]> Sent: Thursday, April 11, 2019 4:16 PM To: [email protected] Subject: Re: OpenSSH upgrade option On Thu, 11 Apr 2019 16:01:15 +0000, Mark Jacobs wrote: >I don't believe so. Latest version shipped with z/OS 2.3 is 6.4p1. IBM does >issue APARs against it for any problems found that are applicable to OpenSSH >on zOS. These is/was a list of them in one of the IBM OpenSSH manuals at one >time. > It's reasonable that Security Team look first at the version number and reject immediately if it doesn't meet criteria. They haven't resource to examine every APAR cover letter (and integrity APARs may not be public.) Would IBM do better to apply IBM patches to the newest distribution rather than trying to upgrade an outdated version with APARs? There's yet no assurance that IBM's patching won't regress a needed security patch. Why must IBM patch? Is EBCDIC a culprit? I hate EBCDIC! >‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ >On Thursday, April 11, 2019 11:44 AM, Paul Jodlowski wrote: > >> Is there a way to upgrade OpenSSH on z/OS v2.2? >> Currently OpenSSH is at 6.4p1, I have been asked by our Network Security >> Team to upgrade to OpenSSH 7.4. -- gil ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
