Skip to Content.
Sympa Menu

perfsonar-announce - [perfsonar-announce] RedHat CVE and New CentOS Kernel

Subject: perfsonar-announce

List archive

[perfsonar-announce] RedHat CVE and New CentOS Kernel


Chronological Thread 
  • From: Michael Johnson <>
  • To: ,
  • Subject: [perfsonar-announce] RedHat CVE and New CentOS Kernel
  • Date: Thu, 26 May 2016 10:26:10 -0400

Hi,

May 10 marked the release of a new Red Hat CVE:

https://rhn.redhat.com/errata/RHSA-2016-0855.html

CentOS just released new kernel source RPMs.

A 'yum update' may give you a new non-web100 kernel and therefore break
access to NDT/NPAD. Consult our FAQ for more info:
http://www.perfsonar.net/about/faq/#Q25

Our read of the CVE does not find any issue of concern specific to the
toolkit. It is possible the host may be vulnerable to some types of DoS
attacks in some particular cases. If you are in doubt about your kernel, feel
free to review the CVE, upgrade to the latest version, and forgo NDT/NPAD
support for the time being. We are in the process of building and testing a
new kernel, and will alert you when we have our web100 patched version
available. We'll try to have it ready as soon as possible.

Thank you for your patience,
The perfSONAR Team

--
Michael Johnson
GlobalNOC Software Engineering
Indiana University

812-856-2771

Attachment: pgpgyPmL954jQ.pgp
Description: PGP signature




Archive powered by MHonArc 2.6.16.

Top of Page