It was my impression that SECINT PTFs were shipped in the normal maintenance
stream with the description 'INTEGRITY PROBLEM' as the only description (and of
course the SUPed apar).
I am not aware if SECINT PTFS go through the RSU process. If they do not, this
would be an argument for SMP apply
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Robert A. Rosenberg
>
> At 09:30 -0400 on 08/03/2014, Shmuel Metz (Seymour J.) wrote about
> Re: LE APAR PM99349:
>
> >In <2830304844335286.wa.ibmmaintpg.com...@listserv.ua.edu>, on
&g
John Gilmore observed:
>I bought yesterday a roundtrip rail ticket, and in order to do so I
>was required to produce "picture ID".
Yes, and that's an important facet of price discrimination, a practice most
IBM-MAIN readers' employers employ. It's "security," but it's mostly
revenue security for t
At 09:30 -0400 on 08/03/2014, Shmuel Metz (Seymour J.) wrote about
Re: LE APAR PM99349:
In <2830304844335286.wa.ibmmaintpg.com...@listserv.ua.edu>, on
08/03/2014
at 06:52 AM, Shane Ginnane said:
Security through obfuscation has never worked.
Might appear to for a while,
As long
On Sun, Aug 3, 2014 at 9:10 AM, Shane Ginnane wrote:
> Then of course we have the inane stupidity in force at USA airports. 'Bruce
> Schneier regales us about that regularly - nuff said.
>
> Shane ...
There is a photo meme going around.
A TSA officer putting on a latex glove with text above:
"
On Sun, 3 Aug 2014 09:52:32 -0400, John Gilmore wrote:
>I bought yesterday a roundtrip rail ticket, and in order to do so I
>was required to produce "picture ID".
When in Boston I was required to provide similar to buy a bottle of a rather
nice Islay scotch.
The "senior" staff member who replace
My previous post did not, it would seem, sufficiently emphasize that
security problems are still perceived to be, in large measure,
public-relations ones.
I bought yesterday a roundtrip rail ticket, and in order to do so I
was required to produce "picture ID".
Now, just as every unmasked spy prov
In <2830304844335286.wa.ibmmaintpg.com...@listserv.ua.edu>, on
08/03/2014
at 06:52 AM, Shane Ginnane said:
>Security through obfuscation has never worked.
>Might appear to for a while,
As long as it works long enough to develop a fix and get it installed,
it's worth doing.
--
Shmuel (
In <53de1890.6020...@us.ibm.com>, on 08/03/2014
at 07:10 AM, John Eells said:
>Shmuel, I'm not following you. Do you think that ETR text is somehow
> accessible to users of the portal (and if so why do you think
>that)?
You wrote "All information about security and integrity problems is
avai
Shane's diagnosis is on the mark, but he is too sanguine.
Security is an area in which every CIO and the CEO to who he or she
reports feel a need to be perceived to be doing something, even a lot
of somethings; but few of them have any clear notion of what to do,
how to do it, or how helpful doing
Shane Ginnane wrote:
Security through obfuscation has never worked.
Might appear to for a while, but once the lid-less eye focuses on you ...
Surely heartbleed should have shaken/woken everyone up.
That's not exactly the only leg of the stool. Nonetheless, a number of
customers tell us they t
On Sun, 3 Aug 2014 07:10:08 -0400, John Eells wrote:
>We provide CVSS scorings and APAR/PTF information in the portal, not
>direct information about the vulnerabilities themselves or ETR text.
Security through obfuscation has never worked.
Might appear to for a while, but once the lid-less eye fo
Shmuel Metz , Seymour J. wrote:
Does the creator of a security ETR have the option to exclude critical
details from the security portal?
Shmuel, I'm not following you. Do you think that ETR text is somehow
accessible to users of the portal (and if so why do you think that)?
We provide CVSS
In <53dbaa60.90...@us.ibm.com>, on 08/01/2014
at 10:55 AM, John Eells said:
>All information about security and integrity problems is available
>only to customers who agree to keep it confidential, and available
>only through the security portal.
Does the creator of a security ETR have the op
(Resending to the list server, as I responded via NNTP accidentally.
Sorry for the double post!)
All information about security and integrity problems is available only
to customers who agree to keep it confidential, and available only
through the security portal. We'd love to have you sign u
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of Dennis Trojak
>
> Yes it is a security/integrity APAR. If you subscribe to the Security Portal
> you can review it.
> Description: This issue may pertain to users of Language Environment for z/OS
> with FMID HLE7770,
-MAIN@LISTSERV.UA.EDU] On Behalf
Of Chase, John
Sent: Friday, August 01, 2014 7:09 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: LE APAR PM99349
Hi, All,
One newly-available PTF for LE, UI18450, fixes APAR PM99349, but a search for
PM99349 on IBMLink fails with a "not found" error. Am I to
Hi, All,
One newly-available PTF for LE, UI18450, fixes APAR PM99349, but a search for
PM99349 on IBMLink fails with a "not found" error. Am I to "ass.u.me" that
it's a security / integrity APAR and just apply the PTF?
TIA,
-jc-
18 matches
Mail list logo