perfsonar-announce - [perfsonar-announce] MaDDash 2.0.1 security update
Subject: perfSONAR Announcements
List archive
- From: Andrew Lake <>
- To: "" <>
- Cc:
- Subject: [perfsonar-announce] MaDDash 2.0.1 security update
- Date: Thu, 13 Jul 2017 09:03:03 -0400
- Ironport-phdr: 9a23:3RxwIB1CU05SAPy5smDT+DRfVm0co7zxezQtwd8ZsesfKvad9pjvdHbS+e9qxAeQG96Eu7QZ06L/iOPJZy8p2d65qncMcZhBBVcuqP49uEgeOvODElDxN/XwbiY3T4xoXV5h+GynYwAOQJ6tLw6annrnpyYfABvkMgx8PKHoAYPIp8Wxy+2o/ZDPOUNFiCf3KedqIQ+4tgLXv9NTnJBvMI4wzAfEuH1FZ74QyG91cwG9hRH5s+628IRu7Gx0svEsv5pJV6nrV6kjC7pVEGJ1YCgO+MT3uEybHkO07XwGXzBOnw==
All, A new version of the MaDDash packages are now in our yum and Debian repositories. They only changes are to the web interface to prevent a _javascript_ injection vulnerability that was brought to our attention. The vulnerability could allow someone to generate a URL that creates a defaced page or similar. We recommend anyone running MaDDash update as soon as possible. It affects all versions of MaDDash. The fixed packages are named maddash, maddash-server and madash-webui version 2.0.1. If you are running auto-updates you should get the change automatically. If you need to manually update you can run the following: CentOS/RedHat: yum update maddash maddash-server maddash-webui Debian/Ubuntu: apt-get update apt-get upgrade maddash maddash-server maddash-webui Please let us know if you have any questions. Thank you, Andy Lake |
- [perfsonar-announce] MaDDash 2.0.1 security update, Andrew Lake, 07/13/2017
Archive powered by MHonArc 2.6.19.