Interviews GroupWise and iPhone GroupWise vs. Exchange Cool Solutions GroupWise Research In Motion (RIM) - Download the BlackBerry Enterprise Server Trial Offer ! GWAVA - Serving the GroupWise Community and strengthening GroupWise Omni - The GroupWise Integration Company SkyPRO - Rock Solid Solution for GroupWise Advansys - The GroupWise Solutions Company Open Horizons - connecting the GroupWise Community The Radicati Group - A Technology Market Research Firm Tay Kratzer is the creator of GWAVA's Reload, author of Success With GroupWise 7 for Linux and co-author of the GroupWise 7 Administrator Solutions Guide Caledonia - Networking Consulting

 



Patches & Updates

Deploy Security Patches ASAP

31.01.09 | Comment?

Check out Dean Lythgoe’s response on the security issue as fixed in the latest Hot Patches (see this blog item).

Quoted text :

There have been a few members of the GroupWise community that have reached out to Alex and I in the spirit of doing the right thing and communicating the right tone about this security issue. We appreciate not only your involvement and feedback, but the very professional way in which you have requested a ‘better’ response from us.

Instead of a simple reply to these individuals, I decided it would be best to simply post in the same public places we have been having the discussion.

The criticism received has to do with the our characterization of this security issue. You have been concerned that we were not treating this with the level of urgency and seriousness of the problem. Specific examples were used to demonstrate that not ‘just’ regular network security processes would protect you.

I appreciate this feedback and I apologize. You are absolutely correct. This , along with all security related bugs, should be treated with the utmost concern and seriousness. We would never recommend not deploying a security related patch and I am sorry if this is the impression we left you. I hope you know that was not the intention.

It is sometimes a fine line between communicating a security issue and all out hysteria. We want the GroupWise community to be informed and to treat all security issues with the appropriate amount of attention. You should deploy security patches as soon as possible. You should take the appropriate measure to protect your network and your users.

These particular code fixes affect GWIA and the WebAccess servlet. In order to protect your system, these need to be updated with the patches provided. If you run any of these components on the same server as a POA or MTA, those components will require updating as well.

Thank you for the opportunity to clarify and I hope this discussion better meets expectations.

Dean

For info on the vulnerability, check out TID’s …
7002319,
7002320,
7002321,
7002322,
7002502.

To resolve the security issue :
For GroupWise 7.x systems,
apply GroupWise 7.03 Hot Patch 2 (HP2) or later

For GroupWise 8.0 systems,
apply GroupWise 8.0 Hot Patch 1 (HP1) or later

GroupWise 6.5x is End-of-Life.
GroupWise 6.5 systems will need to be upgraded to GroupWise 7.03 HP2 or 8.0 HP1
_

  • Share/Bookmark

related

have your say

Add your comment below, or trackback from your own site. Subscribe to these comments.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

:

: