Skip to Content.
Sympa Menu

perfsonar-announce - Re: RedHat CVE for pSPT 3.3.x Releases

Subject: perfSONAR Announcements

List archive

Re: RedHat CVE for pSPT 3.3.x Releases


Chronological Thread 
  • From: Jason Zurawski <>
  • To: "" <>, perfsonar-announce <>
  • Subject: Re: RedHat CVE for pSPT 3.3.x Releases
  • Date: Thu, 3 Apr 2014 10:19:07 -0400

Greetings;

The new kernel (kernel-2.6.32-431.11.2.el6.aufs.web100) has been uploaded to
our yum repo.

Thanks;

-jason

On Mar 27, 2014, at 10:06 AM, Jason Zurawski
<>
wrote:

> Greetings;
>
> A new Red Hat CVE was announced that is related to the Kernel in use on
> CentOS 6/pSPT 3.3.x systems:
>
> https://rhn.redhat.com/errata/RHSA-2014-0328.html
>
> If you are a NetInstall user, a 'yum update' may give you a new non-web100
> kernel and therefore break access to NDT/NPAD. Consult our FAQ for more
> info:
>
> http://psps.perfsonar.net/toolkit/FAQs.html#Q30
>
> Our read of the CVE does not find any issue of concern specific to the
> toolkit software. There are vulnerabilities in via the system itself that
> could lead to local users crashing the system, as well as a remote exploit
> that could result in a DoS in rare situations. As always, if you are in
> doubt about the kernel review the CVE and upgrade to the latest version,
> forgoing NDT/NPAD support for the time being.
>
> The project is in the process of building and testing a new kernel, and
> will alert you via these mailing lists when we have the web100 patched
> version available. We will try to have this ready as soon as possible, but
> please allow us several days of building and testing.
>
> Thank you for your patience and commitment to this software;
>
> -jason


  • Re: RedHat CVE for pSPT 3.3.x Releases, Jason Zurawski, 04/03/2014

Archive powered by MHonArc 2.6.16.

Top of Page