[138816] in North American Network Operators' Group
Deferral Announcement for the March 2011 Cisco IOS Software Security
daemon@ATHENA.MIT.EDU (Cisco Systems Product Security Inc)
Thu Mar 17 12:03:22 2011
From: Cisco Systems Product Security Incident Response Team <psirt@cisco.com>
To: nanog@merit.edu
Date: Thu, 17 Mar 2011 11:58:12 -0400
Cc: psirt@cisco.com
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Cisco PSIRT regularly discloses vulnerabilities in Cisco IOS Software on
the fourth Wednesday in March and September via the Cisco IOS Security
Advisory bundle. The next bundled disclosure was planned for Wednesday,
March 23, 2011, but Cisco will defer this disclosure until the next
scheduled Cisco IOS bundle on September 28, 2011.
Cisco has a long-standing policy of disclosing vulnerabilities to
customers and the public simultaneously to ensure equal access to
patched software. Based on recent events in Japan and eastern Asia, we
are sensitive to the fact that customers globally are impacted directly
or indirectly by these events and may not be able to respond effectively
to the scheduled disclosure event.
This regional disaster has not affected the ability of Cisco to disclose
vulnerability information. In keeping with our policy, if we see
evidence of active exploitation of a vulnerability that could lead
to increased risk for Cisco customers, we will disclose appropriate
information out of cycle.
Please direct any questions about this announcement to either
psirt@cisco.com or your local Cisco support team.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iF4EAREIAAYFAk2CKzMACgkQQXnnBKKRMNBLjgD/bPLtpIYQd/8DSNfx9/PQg1jA
Wmpe6qGaHA3L1YXSzP0A/i7Kyal+nGaJJnqwSsAzaQeV+Lh261Ah9fozXSBba0Kb
=kX8s
-----END PGP SIGNATURE-----
