perfSONAR User Q&A and Other Discussion

[Jason Zurawski <>]

Greetings;

A new Red Hat CVE was announced that is related to the Kernel in use on 
CentOS 6/pSPT 3.3.x systems:

  https://rhn.redhat.com/errata/RHSA-2014-0328.html

If you are a NetInstall user, a 'yum update' may give you a new non-web100 
kernel and therefore break access to NDT/NPAD. Consult our FAQ for more info: 

  http://psps.perfsonar.net/toolkit/FAQs.html#Q30

Our read of the CVE does not find any issue of concern specific to the 
toolkit software.  There are vulnerabilities in via the system itself that 
could lead to local users crashing the system, as well as a remote exploit 
that could result in a DoS in rare situations.  As always, if you are in 
doubt about the kernel review the CVE and upgrade to the latest version, 
forgoing NDT/NPAD support for the time being.  

The project is in the process of building and testing a new kernel, and will 
alert you via these mailing lists when we have the web100 patched version 
available. We will try to have this ready as soon as possible, but please 
allow us several days of building and testing.  

Thank you for your patience and commitment to this software;

-jason