[Asterisk-Users] Advantage of Cisco 7960 with 5.x firmware

Paul Vinciguerra pvinci at vinciguerra.com
Tue Sep 23 16:10:56 MST 2003


Yes, without a doubt, this was done to address the loading from TFTP issue,
however, It is my understanding that signed code can be revoked by the issuer,
and also has a limited lifetime based on the lifetime of the certificate it
was signed with. That is what I see as the down side to signed code.

On Tue, 23 Sep 2003 11:13:58 -0500, Matthew Hardeman wrote
> I've found there are some bugs they don't list (bugs of great 
> severity) that are fixed in the latest release that can cause 
> trouble in certain environments.  The phone's handling of ICMP 
> redirects in a multihomed Ethernet environment (two separate,
>  exclusive subnets running on a single segment) is very flaky, and 
> frequently will result in the phone crashing and rebooting.  The 
> latest release seems to mitigate this in most instances, though I 
> actually found the best solution (sadly) was to prevent my gateway 
> from sending ICMP redirects to the Cisco phones.
> 
> The 5.x+ stuff is annoying, due to the whole code-signing issue. 
>  It's kind of anti-open-architecture...  On the other hand, there 
> aren't any non-Cisco firmware builds for these phones floating 
> around out there... Would you even want one?  Cisco implemented the 
> code signing enforcement as a response to a security analysis of the 
> phones that pointed to the ability to make the phone run arbitrary 
> code via TFTP being a security risk.  That risk is no longer.  I 
> have mixed feelings about it, but have no regrets in having deployed 
> the 5.x solutions in my business.
> 
> Matt Hardeman
> PaperSoft
> 
> -----Original Message-----
> From: asterisk-users-admin at lists.digium.com
> [mailto:asterisk-users-admin at lists.digium.com] On Behalf Of Brian 
> West Sent: Tuesday, September 23, 2003 10:23 AM To:
asterisk-users at lists.digium.com
> Subject: Re: [Asterisk-Users] Advantage of Cisco 7960 with 5.x firmware
> 
> their really isn't much fixed between 4.4 and the 5.x stuff but at 
> the time thats all I had.  So I put that on the phone.  So far everything
> works like a champ.  Not one problem.
> 
> 4.4
> http://www.cisco.com/en/US/products/sw/voicesw/ps2156/prod_release_note0
> 9186a008016096f.html#63943
> 
> Resolved Caveats.Release 5.0
> No resolved caveats specific to Cisco IP Phone 7940/7960 Release 5.0
> require documentation in these release notes.
> 
> Resolved Caveats.Release 5.1
> All caveats listed in this section are resolved in Cisco IP Phone
> 7940/7960 Release 5.1. This section lists only severity 1 and 2 caveats
> and select severity 3 caveats
> 
> CSCdz59328: SIPPhone: The UI responsiveness slow, fast fingers cause
> digit
> drop
> CSCdz77783: SIPPhone: Clipping of voice in 7960 SIP phone
> CSCea83100: SIP: Dialing # does not work correctly if dialplan is empty
> CSCea85697: Phone may fail to reset when an Exception occurs
> CSCea93250: SIPPhone: Dialing # does not always work if default rule
> missing
> CSCeb27906: SIPPhone: Null To-tag in REFER causes transfer fail (race
> condition)
> CSCeb29575: SIPPhone: NOTIFY Event header shortform is not supported
> (o:)
> 
> Resolved Caveats.Release 5.2
> All caveats listed in this section are resolved in Cisco IP Phone
> 7940/7960 Release 5.2. This section lists only severity 1 and 2 caveats
> and select severity 3 caveats
> 
> CSCeb41335: DSP mismatch with upgrade failure
> CSCeb44769: Phone removes dots in the IP address when sending ACK
> CSCeb46028: 79x0 Memory leak issues related to DNS query failures
> CSCeb75975: Phone crashes upon any menu exit
> 
> Resolved Caveats.Release 5.3
> All caveats listed in this section are resolved in Cisco IP Phone
> 7940/7960 Release 5.3. This section lists only severity 1 and 2 caveats
> and select severity 3 caveats
> 
> CSCeb85936: SIP phone doesnt use the medium level contact field
> 
> Hope that helps.
> 
> bkw
> 
> On Tue, 23 Sep 2003, Peter Pauly wrote:
> 
> > I'm currently running firmware version 3.2 on my
> > Cisco 7960. I've seen on the list that several
> > people are running the 5.x latest versions.
> >
> > I've avoided going to higher firmware versions
> > because I'm worried about potential problems
> > or issues with the encryption mechanism used
> > in the later firmware versions. (Once you
> > go to an encrypted firmware version, you can't
> > go back, right?)
> >
> > For those of you who have gone to the newer
> > firmware, what features or benefits have
> > you seen by going with the newer firmware?
> > _______________________________________________
> > Asterisk-Users mailing list
> > Asterisk-Users at lists.digium.com
> > http://lists.digium.com/mailman/listinfo/asterisk-users
> >
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users




More information about the asterisk-users mailing list