Skip to Content.
Sympa Menu

perfsonar-announce - [perfsonar-announce] MaDDash 2.0.1 security update

Subject: perfsonar-announce

List archive

[perfsonar-announce] MaDDash 2.0.1 security update


Chronological Thread 
  • From: Andrew Lake <>
  • To: "" <>
  • Cc:
  • Subject: [perfsonar-announce] MaDDash 2.0.1 security update
  • Date: Thu, 13 Jul 2017 09:03:03 -0400
  • Ironport-phdr: 9a23:3RxwIB1CU05SAPy5smDT+DRfVm0co7zxezQtwd8ZsesfKvad9pjvdHbS+e9qxAeQG96Eu7QZ06L/iOPJZy8p2d65qncMcZhBBVcuqP49uEgeOvODElDxN/XwbiY3T4xoXV5h+GynYwAOQJ6tLw6annrnpyYfABvkMgx8PKHoAYPIp8Wxy+2o/ZDPOUNFiCf3KedqIQ+4tgLXv9NTnJBvMI4wzAfEuH1FZ74QyG91cwG9hRH5s+628IRu7Gx0svEsv5pJV6nrV6kjC7pVEGJ1YCgO+MT3uEybHkO07XwGXzBOnw==

All,

A new version of the MaDDash packages are now in our yum and Debian repositories. They only changes are to the web interface to prevent a _javascript_ injection vulnerability that was brought to our attention. The vulnerability could allow someone to generate a URL that creates a defaced page or similar. We recommend anyone running MaDDash update as soon as possible. It affects all versions of MaDDash. The fixed packages are named maddash, maddash-server and madash-webui version 2.0.1. If you are running auto-updates you should get the change automatically.  If you need to manually update you can run the following:

CentOS/RedHat: 
    yum update maddash maddash-server maddash-webui

Debian/Ubuntu:
   apt-get update
   apt-get upgrade maddash maddash-server maddash-webui


Please let us know if you have any questions.

Thank you,
Andy Lake




  • [perfsonar-announce] MaDDash 2.0.1 security update, Andrew Lake, 07/13/2017

Archive powered by MHonArc 2.6.19.

Top of Page