perfsonar-announce - Re: [perfsonar-user] RedHat CVE and New CentOS Kernel
Subject: perfSONAR Announcements
List archive
- From: Michael Johnson <>
- To: , ,
- Subject: Re: [perfsonar-user] RedHat CVE and New CentOS Kernel
- Date: Thu, 13 Nov 2014 12:31:20 -0500
All,
New web100 kernel packages are now available for netinstall users of the
perfSONAR-PS toolkit. You may run 'yum update' to grab the new kernel. You
should restart your host after the upgrade completes. Full details on this
particular patch can be found in the previous email.
Note this is just a kernel upgrade and the other perfSONAR-PS packages have
NOT been updated. As we often do with incremental kernel updates, we will
not be providing a new LiveCD for this particular update. Please let us know
if you have any questions or issues.
Thank you,
The perfSONAR Team
On Wed, Nov 12, 2014 at 10:10:29AM -0500, Michael Johnson wrote:
All;
Last night marked the release of a new Red Hat CVE:
Upstream details at: https://rhn.redhat.com/errata/RHSA-2014-1843.html
If you are a NetInstall user, a 'yum update' may give you a new non-web100
kernel and therefore break access to NDT/NPAD. Consult our FAQ for more info:
http://www.perfsonar.net/about/faq/#Q25
Our read of the CVE does not find any issue of concern specific to the
toolkit. It's possible the host may be vulnerable to some types of DoS
attacks in some particular cases. If you are in doubt about your kernel, feel
free to review the CVE, upgrade to the latest version, and forgo NDT/NPAD
support for the time being. We are in the process of building and testing a
new kernel, and will alert you when we have our web100 patched version
available. We'll try to have it ready as soon as possible.
Thank you for your patience,
The perfSONAR Team
--
Michael Johnson
GlobalNOC Software Engineering
Indiana University
812-856-2771
--
Michael Johnson
GlobalNOC Software Engineering
Indiana University
812-856-2771
Attachment:
pgplv2WxwbIjG.pgp
Description: PGP signature
- RedHat CVE and New CentOS Kernel, Michael Johnson, 11/12/2014
- Re: [perfsonar-user] RedHat CVE and New CentOS Kernel, Michael Johnson, 11/13/2014
Archive powered by MHonArc 2.6.16.