perfsonar-announce - Re: RedHat CVE for pSPT 3.3.x Releases
Subject: perfSONAR Announcements
- From: Jason Zurawski <>
- To: "" <>, perfsonar-announce <>
- Subject: Re: RedHat CVE for pSPT 3.3.x Releases
- Date: Thu, 3 Apr 2014 10:19:07 -0400
The new kernel (kernel-2.6.32-431.11.2.el6.aufs.web100) has been uploaded to
our yum repo.
On Mar 27, 2014, at 10:06 AM, Jason Zurawski
> A new Red Hat CVE was announced that is related to the Kernel in use on
> CentOS 6/pSPT 3.3.x systems:
> If you are a NetInstall user, a 'yum update' may give you a new non-web100
> kernel and therefore break access to NDT/NPAD. Consult our FAQ for more
> Our read of the CVE does not find any issue of concern specific to the
> toolkit software. There are vulnerabilities in via the system itself that
> could lead to local users crashing the system, as well as a remote exploit
> that could result in a DoS in rare situations. As always, if you are in
> doubt about the kernel review the CVE and upgrade to the latest version,
> forgoing NDT/NPAD support for the time being.
> The project is in the process of building and testing a new kernel, and
> will alert you via these mailing lists when we have the web100 patched
> version available. We will try to have this ready as soon as possible, but
> please allow us several days of building and testing.
> Thank you for your patience and commitment to this software;
- Re: RedHat CVE for pSPT 3.3.x Releases, Jason Zurawski, 04/03/2014
Archive powered by MHonArc 2.6.16.