perfsonar-user - [perfsonar-user] Re: RedHat CVE for pSPT 3.3.x Releases
Subject: perfSONAR User Q&A and Other Discussion
List archive
- From: Jason Zurawski <>
- To: "" <>, perfsonar-announce <>
- Subject: [perfsonar-user] Re: RedHat CVE for pSPT 3.3.x Releases
- Date: Thu, 3 Apr 2014 10:19:07 -0400
Greetings;
The new kernel (kernel-2.6.32-431.11.2.el6.aufs.web100) has been uploaded to
our yum repo.
Thanks;
-jason
On Mar 27, 2014, at 10:06 AM, Jason Zurawski
<>
wrote:
> Greetings;
>
> A new Red Hat CVE was announced that is related to the Kernel in use on
> CentOS 6/pSPT 3.3.x systems:
>
> https://rhn.redhat.com/errata/RHSA-2014-0328.html
>
> If you are a NetInstall user, a 'yum update' may give you a new non-web100
> kernel and therefore break access to NDT/NPAD. Consult our FAQ for more
> info:
>
> http://psps.perfsonar.net/toolkit/FAQs.html#Q30
>
> Our read of the CVE does not find any issue of concern specific to the
> toolkit software. There are vulnerabilities in via the system itself that
> could lead to local users crashing the system, as well as a remote exploit
> that could result in a DoS in rare situations. As always, if you are in
> doubt about the kernel review the CVE and upgrade to the latest version,
> forgoing NDT/NPAD support for the time being.
>
> The project is in the process of building and testing a new kernel, and
> will alert you via these mailing lists when we have the web100 patched
> version available. We will try to have this ready as soon as possible, but
> please allow us several days of building and testing.
>
> Thank you for your patience and commitment to this software;
>
> -jason
- [perfsonar-user] Re: RedHat CVE for pSPT 3.3.x Releases, Jason Zurawski, 04/03/2014
Archive powered by MHonArc 2.6.16.