| Author |
Security patches |
mabuse
Member
Posts: 3
Joined: 17.06.16 |
| Posted on June 17 2016 01:00 |
|
|
|
What I have understood is that the OpenVMS 7.3-2 is the latest version for VAX. Are there any later official or unofficial security patches available for this version? If not is there some documentation or tutorial how to mitigate 7.3 vvulnerabilities or secure VAX installations? |
|
|
| Author |
RE: Security patches |
Bruce Claremont
Member
Posts: 623
Joined: 07.01.10 |
| Posted on June 17 2016 02:51 |
|
|
|
Yes, there are later patches, but you need a support contract or partner relationship with HP to obtain them. |
|
|
| Author |
RE: Security patches |
mabuse
Member
Posts: 3
Joined: 17.06.16 |
| Posted on June 17 2016 03:07 |
|
|
Damn  |
|
|
| Author |
RE: Security patches |
malmberg
Moderator
Posts: 530
Joined: 15.04.08 |
| Posted on June 17 2016 03:15 |
|
|
Latest and last version for VAX is just VAX/VMS 7.3. No known dash releases were made.
|
|
|
| Author |
RE: Security patches |
mabuse
Member
Posts: 3
Joined: 17.06.16 |
| Posted on June 17 2016 05:05 |
|
|
How does this affect security of VAX based systems? Up to this date there must be many unpatched vulnerabilities in a base 7.3 VAX system? Although with proper system administration many of these, if not all, could be mitigated, would you dare to host publicly accessible services on a VAX system nowadays??
Of course "security through obscurity" helps a bit, but I wouldn't like count on it.
|
|
|
| Author |
RE: Security patches |
Bruce Claremont
Member
Posts: 623
Joined: 07.01.10 |
| Posted on June 18 2016 02:40 |
|
|
- Properly configured, VMS has few vulnerabilities.
- Patches are issued for select supported versions of VAX VMS. HP has a name for this type of support which escapes me at the moment.
- Ideally, HP (and VSI) would like customers to move on to Integrity and VMS 8.4. |
|
|
