[gpfsug-discuss] GPFS 5 and supported rhel OS
Valdis Kl=?utf-8?Q?=c4=93?=tnieks
valdis.kletnieks at vt.edu
Fri Feb 21 02:00:59 GMT 2020
On Thu, 20 Feb 2020 23:38:15 +0000, Jonathan Buzzard said:
> For us, it is a Scottish government mandate that all public funded
> bodies in Scotland are Cyber Essentials Plus compliant. That's 10 days
> from a critical vulnerability till your patched. No if's no buts, just
> do it.
Is that 10 days from vuln dislosure, or from patch availability?
The latter can be a headache, especially if 24-48 hours pass between when the
patch actually hits the streets and you get the e-mail, or if you have other
legal mandates that patches be tested before production deployment.
The former is simply unworkable - you *might* be able to deploy mitigations
or other work-arounds, but if it's something complicated that requires a lot
of re-work of code, you may be waiting a lot more than 10 days for a patch....
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20200220/daa2c5db/attachment-0002.sig>
More information about the gpfsug-discuss
mailing list