Forum Discussion
NimbostratusHow interpret vulnerability SOLs that seem to recommend conflicting code revisions?
I have VCMP guest LTMs on Viprion chassis running version 11.4.1 HF3, and have been tasked with re-mediating the following vulnerabilities:
https://support.f5.com/kb/en-us/solutions/public/16000/800/sol16821.html https://support.f5.com/kb/en-us/solutions/public/16000/600/sol16620.html https://support.f5.com/kb/en-us/solutions/public/16000/900/sol16920.html
SOL16821 looks to have no fix, but the other two do list "Versions known to be not vulnerable"; however, they do not line up on the exact levels and hot fixes. My question is what do you do when these don't line up across all the vulnerabilities?
I would expect that 11.5.3 HF1, the most currently offered 11.5.x, should have all the previous fixes. If this is true, then it would satisfy the 11.5.1 HF9 in SOL16620 and the 11.5.2 - 11.5.3 in SOL16920. But the wording of the SOL documents implies that no, you must use the exact listed version.
If that is true, how could you ever reconcile this stuff?
1 Reply
Rob_Stansbury_1Let me try to post those URLs again with some line breaks in them...
https://support.f5.com/kb/en-us/solutions/public/16000/800/sol16821.html[support.f5.com]
https://support.f5.com/kb/en-us/solutions/public/16000/600/sol16620.html[support.f5.com]
https://support.f5.com/kb/en-us/solutions/public/16000/900/sol16920.html[support.f5.com]
