perfSONAR Announcements

["Andrew Lake" <>]

A small correction to my last note: perfSONAR currently only supports Debian “wheezy”, not the “jessie” version. This was my mistake. Please consult our documentation if you have any questions about our Debian support: http://docs.perfsonar.net/install_debian.html

Thank you,

Andy Lake

On Thu, Jul 9, 2015 at 1:39 PM, Andrew Lake <> wrote:

All,

Today a new OpenSSL vulnerability was announced: https://www.openssl.org/news/secadv_20150709.txt

We are contacting the list to let you know that we believe the the operating systems supported by perfSONAR are NOT affected. We do not believe you should not need to take any further action to protect your host from the vulnerability. For reference, the current list of supported perfSONAR operating systems are:

- CentOS 6

- Debian “wheezy" and “jessie"

- Ubuntu 12 and 14

All of the above ship with versions of OpenSSL that are not reported to be vulnerable. For details concerning the vulnerability as relates to specific operating systems see the following:

- CentOS/RedHat: https://access.redhat.com/security/cve/CVE-2015-1793

- Debian: https://security-tracker.debian.org/tracker/CVE-2015-1793

- Ubuntu: http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1793.html

Please let us know if you have any further questions or concerns.

Thank you,

The perfSONAR Team