LISTSERV - HP3000-L Archives

HP3000-L Archives

February 2001, Week 4

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L February 2001, Week 4

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: MPE/iX missing (again) from an explicit HP OS list
From:	"F. Alfredo Rego" <[log in to unmask]>
Reply To:	F. Alfredo Rego
Date:	Mon, 26 Feb 2001 14:28:14 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (73 lines)

Mike Yawn <[log in to unmask]> wrote:

>Hi Alfredo,
>
>I'm not sure why MPE/iX wasn't explicitly mentioned in the OS list
>on this security bulletin,

Neither am I...


>but I can assure you that the Java folks
>on the HP-UX side did a very good job of keeping us in the loop as
>this security problem was uncovered and worked on.

This is excellent and I am very glad to hear the good news.


>The security team for the HP-UX Java implementation provided us with
>details of the problem, test cases to reproduce the problem, and
>code patches that fixed the problem.  We applied these patches
>to our Java implementation.

I am sure everyone will be as pleased as I am to see this kind of
fundamental TECHNICAL cooperation from our HP-UX colleagues.


>Since the timing of our release was
>different from the timing of the HP-UX release, we issued a
>separate security bulletin for the MPE/iX security patch.
>
>The team putting out the bulletin was aware that we were also
>working on the same problem; perhaps they felt it was our
>prerogative to release any information about the status of
>the fix on MPE/iX.

Fair enough.


>I agree that MPE/iX could have been added to the list of
>platforms that the patch 'does not cover', but that might
>have lead a reader to erroneously conclude that either the
>problem did not exist on MPE, or worse, that it wasn't being
>fixed for MPE.

I agree.  It just so happens that MPE/iX folks (myself included)
tend to get a bit sensitive whenever it "appears" that some HP
people go out of their way not to mention MPE/iX even though
there seems to be no such "silent treatment" for the other OSs.

(BTW, my trusty dictionary defines "silent treatment" as a noun
that refers to "the act or an instance of totally disregarding
the object of one's contempt or disapproval as a means of
expressing one's attitude: gave her boss the silent treatment.")

Fortunately, HP (at all levels) has an easy solution to avoid
such an incorrect perception:  Just mention MPE/iX every now and
then :-)


With a big sigh of relief,

  _______________
|               |
|               |
|            r  |  Alfredo                     [log in to unmask]
|          e    |                           http://www.adager.com
|        g      |  F. Alfredo Rego
|      a        |  Manager, R & D Labs
|    d          |  Adager Corporation
|  A            |  Sun Valley, Idaho 83353-3000            U.S.A.
|               |
|_______________|

ATOM RSS1 RSS2

RAVEN.UTC.EDU