{"id":2205,"date":"2019-09-09T15:31:47","date_gmt":"2019-09-09T14:31:47","guid":{"rendered":"http:\/\/blogs.it.ox.ac.uk\/networks\/?p=2205"},"modified":"2019-09-09T15:31:47","modified_gmt":"2019-09-09T14:31:47","slug":"frodo-upgrades-2019","status":"publish","type":"post","link":"https:\/\/blogs.it.ox.ac.uk\/networks\/2019\/09\/09\/frodo-upgrades-2019\/","title":{"rendered":"Frodo Upgrades 2019"},"content":{"rendered":"<p><strong>FroDo Comware Upgrade<\/strong><\/p>\n<p>We would like to announce a staged upgrade of the version of Comware running on our HPE 5510 and 5940 FroDos. This blog entry aims to answer the majority of questions that this work will raise. Please, however, feel free to contact the Networks team with any further questions at\u00a0<a href=\"mailto:networks@it.ox.ac.uk\">networks@it.ox.ac.uk<\/a><\/p>\n<p><strong>NOTE:<\/strong> This does not include upgrading the dcdist FroDos &#8211; these will be upgraded as a separate task in due course.<\/p>\n<p><strong>Why?<\/strong><\/p>\n<p>As part of ongoing maintenance it is essential that we keep our FroDo software\u00a0up to date. The new versions of software being deployed address a number of vulnerabilities and bugs. For those interested this upgrade takes us from R1309P06 to R1311P02 for HPE 5510 devices and R2612H01 to R2702 for HPE 5940s. In total this change involves over 330 devices.<\/p>\n<p><strong>Addressed Vulnerabilities<\/strong><\/p>\n<p><strong>201811140403<\/p>\n<p><\/strong><\/p>\n<ul>\n<li>Symptom: CVE-2018-15473<\/li>\n<\/ul>\n<p>Condition: OpenSSH is prone to a user-enumeration vulnerability. An attacker may leverage this issue to harvest valid user accounts, which may aid in brute-force attacks. OpenSSH through 7.7 are vulnerable; other versions may also be affected.<\/p>\n<p>&nbsp;<\/p>\n<p>Information about the detail of vulnerabilities can be found at\u00a0<a href=\"https:\/\/cve.mitre.org\/cve\/search_cve_list.html\">https:\/\/cve.mitre.org\/cve\/search_cve_list.html<\/a><\/p>\n<p><strong>\u00a0<\/strong><\/p>\n<p><strong>Impact<\/strong><\/p>\n<p>The expected impact is ~5-10 minutes for Option 1 customers during which time the FroDo will reload and external services will not be available. For Option 2 customers the impact is expected to be minimal thanks to the In Service Software Upgrade (ISSU) capability.<\/p>\n<p>We will be carrying out the upgrades between 06:30 and 08:00 to minimise impact.<\/p>\n<p><strong>Timescale<\/strong><\/p>\n<p>We plan to upgrade approximately\u00a080 FroDo\u2019s on each of the following days:<\/p>\n<p>Group A: Thursday 19<sup>th<\/sup> September<br \/>\nGroup B: Tuesday 24<sup>th<\/sup> September<br \/>\nGroup C: Thursday 26<sup>th<\/sup> September<br \/>\nGroup D: Tuesday 1<sup>st<\/sup> October<\/p>\n<p><strong>Schedule<\/strong><\/p>\n<p>&nbsp;<\/p>\n<p>We have attempted, where possible, to group devices around main sites and annexes so that those sites will only see one period of disruption from this upgrade schedule. Detailed schedules listing devices and dates\u00a0can be found at\u00a0<a href=\"https:\/\/docs.ntg.ox.ac.uk\/pub\/reference\/odin-frodo-software-upgrade-september-october-2019\">https:\/\/docs.ntg.ox.ac.uk\/pub\/reference\/odin-frodo-software-upgrade-september-october-2019<\/a><\/p>\n<p>&nbsp;<\/p>\n<p>Once again, if you have any further queries then please contact us at\u00a0<a href=\"mailto:networks@it.ox.ac.uk\">networks@it.ox.ac.uk<\/a><\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>FroDo Comware Upgrade We would like to announce a staged upgrade of the version of Comware running on our HPE 5510 and 5940 FroDos. This blog entry aims to answer the majority of questions that this work will raise. Please, &hellip; <a href=\"https:\/\/blogs.it.ox.ac.uk\/networks\/2019\/09\/09\/frodo-upgrades-2019\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":388,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2205","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.it.ox.ac.uk\/networks\/wp-json\/wp\/v2\/posts\/2205","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.it.ox.ac.uk\/networks\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.it.ox.ac.uk\/networks\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.it.ox.ac.uk\/networks\/wp-json\/wp\/v2\/users\/388"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.it.ox.ac.uk\/networks\/wp-json\/wp\/v2\/comments?post=2205"}],"version-history":[{"count":1,"href":"https:\/\/blogs.it.ox.ac.uk\/networks\/wp-json\/wp\/v2\/posts\/2205\/revisions"}],"predecessor-version":[{"id":2206,"href":"https:\/\/blogs.it.ox.ac.uk\/networks\/wp-json\/wp\/v2\/posts\/2205\/revisions\/2206"}],"wp:attachment":[{"href":"https:\/\/blogs.it.ox.ac.uk\/networks\/wp-json\/wp\/v2\/media?parent=2205"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.it.ox.ac.uk\/networks\/wp-json\/wp\/v2\/categories?post=2205"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.it.ox.ac.uk\/networks\/wp-json\/wp\/v2\/tags?post=2205"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}