PRODUCT_LINE: BCM ============================================ TITLE ===== BCM370.245-UTPS-SRG ======================== Release: 3.7 Issue: N/A Category: GEN Superceded By: NONE Release Date: 20071017 Patch Conflict(s): N/A Special Instructions: NO Patch Version: N/A ======================== Software Update Name: BCM370.245-UTPS-SRG Applicable H/W Platforms: BCM1000, BCM200, BCM400, SRG200 1.0, SRG400 1.0 Applicable S/W Platforms: BCM 3.7 and SRG 1.0 based on BCM 3.7 Category: GEN Installation Recommendations: This patch should be applied to all new installs of BCM 3.7 and SRG 1.0 based on BCM 3.7. Customers concerned about security should install this patch as soon as possible. Otherwise, systems should be updated at the next regular service opportunity. Component & Version: utps 37.170.90.12 srg 37.110.2.51 Dependencies: Required patches - None Product Dependencies - None Size: ~1.3 MB System Impact: time to apply patch ~ 20 min Does patch application force reboot: yes - two reboots Other - Installation of the patch will cause all telephony services to cease during this time. The services will restart automatically after the patch installs. Limitations: None Patch Removable: No Description: ----------- The following issues are addressed: 1. Spoofed Brute-Force UNISTIM message attack puts IP set in surveillance mode. This vulnerability is removed by using 30 bits for the initial reliable UDP sequence number seeding, and good randomization in the phone and the BCM. Q01737416 2. Spoofed UNISTIM reauthentication messages cause Denial-of-Service to IP Clients When an illegitimate request comes in from an unknown or fake (spoofed) set which has the same IP address as that of an IP set which has already booted up and is running, we send a NACK with the NextRxSequenceNumber. This will ensure that there is no disruption to the connection of the legitimate IP set. Q01737411 This patch includes the content of the following superseded patches: BCM370.197-UTPS-SRG ------------------- 1. User is unable to make adjustments to ringing volume via Feature *80. This patch ensures that the adjustments to ringing volume can be made. Q01379077 2. SRG: IP sets caught in a loop while attempting firmware download. Q01437372 Q01345540 3. SRG: Application of patch BCM_370.131_UTPS-SRG caused set firmware downgrade. Q01428955 BCM_370.189_UTPS ---------------- 1. User is unable to make adjustments to ringing volume via Feature *80. This patch ensures that the adjustments to ringing volume can be made. Q01379077 BCM_370.131_UTPS-SRG -------------------- 1. SRG Sets Stay in Local Mode after WAN outage, Main Office upgrade or reboot. This SRG patch solves the issue where sets remained in local mode after a WAN outage, Main Office upgrade or reboot. It also lessens the likelihood of SRG systems in a large configuration flooding the NCS with messages during this scenario. Q01164987, Q01306625 BCM_370.120_UTPS-SRG -------------------- 1. Fixes for SRG's firmware download logic BCM_370.096_UTPS-SRG -------------------- 1. Q01268861 - D89 patch for 3.7 2. UTPS fix to ensure sets properly register after a FW installation