perfSONAR User Q&A and Other Discussion

[Andrew Lake <>]

Greetings;

New LiveCD and LiveUSB images are now available containing the latest openssl 
packages at the link below:

http://software.internet2.edu/pS-Performance_Toolkit/

This is required since LiveCD/USB users cannot update packages and have them 
survive a reboot due to the nature of the live media. It is advised all 
LiveCD and LiveUSB users upgrade to the latest version at this time. If you 
are a NetInstall user, see Jason's previous note for steps on how to update 
your host. As always, please let us know if you have any questions

Thanks,
Andy


On Apr 8, 2014, at 12:35 PM, Jason Zurawski 
<>
 wrote:

> Greetings;
> 
> Please see below for an important security alert related to a package on 
> CentOS version 6.5 (the operating system that underpins the pS Performance 
> Toolkit versions 3.3.x).  This issue is described in more detail at the 
> following site:
> 
>  http://heartbleed.com/
> 
> The perfSONAR project is recommending that all users run 'yum update' to 
> pull down these packages immediately.  
> 
> Our read of the CVE and affiliated documentation does indicate there is a 
> potential for compromise of private key material that may impact the host, 
> or users of the system.  For those that have concerns about this, the 
> project is recommending that users regenerate the host certificate.  If you 
> are using the provided 'self signed' certificate, you can follow these 
> instructions to regenerate new credentials:
> 
>> # build a new key
>> /usr/bin/openssl genrsa > /etc/pki/tls/private/localhost.key
>> 
>> # create  a new self-signed cert
>> cd /etc/pki/tls/certs
>> make testcert
>> 
>> # restart apache
>> sudo /etc/init.d/httpd restart
> 
> 
> If you have installed a customized certificate, refer to instructions 
> specific to that process.  Please send along any questions to the 
> developers list 
> ()
>  if you have them.  
> 
> Thanks;
> 
> -jason
> 
> Begin forwarded message:
> 
>> From: Karanbir Singh 
>> <>
>> Subject: [CentOS-announce] CESA-2014:0376 Important CentOS 6 openssl Update
>> Date: April 7, 2014 7:54:58 PM PDT
>> To: 
>> 
>> Reply-To: 
>> 
>> 
>> 
>> CentOS Errata and Security Advisory 2014:0376 Important
>> 
>> Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0376.html
>> 
>> The following updated files have been uploaded and are currently 
>> syncing to the mirrors: ( sha256sum Filename ) 
>> 
>> i386:
>> 6ceff4bad2608484b9b9ab74b8e9047b593b6b7a6ca5ba3cc16db7d8b447f1d8  
>> openssl-1.0.1e-16.el6_5.7.i686.rpm
>> ef6c735885f24ca8618357b880e8cdc6fcb7c6895d99f740169684a3a6f0b8ba  
>> openssl-devel-1.0.1e-16.el6_5.7.i686.rpm
>> 5724d24708d8b62ee48585ea530d379c258a9dd537ce3d350a61af4489c11ea5  
>> openssl-perl-1.0.1e-16.el6_5.7.i686.rpm
>> 601108f27b4716355d972d70e8711b6ff53f4375962b3d6e81321736c6709b90  
>> openssl-static-1.0.1e-16.el6_5.7.i686.rpm
>> 
>> x86_64:
>> 6ceff4bad2608484b9b9ab74b8e9047b593b6b7a6ca5ba3cc16db7d8b447f1d8  
>> openssl-1.0.1e-16.el6_5.7.i686.rpm
>> 42cdc321aa3d46889c395c5d6dc11961ed86be5f4d98af0d6399d6c4e1233712  
>> openssl-1.0.1e-16.el6_5.7.x86_64.rpm
>> ef6c735885f24ca8618357b880e8cdc6fcb7c6895d99f740169684a3a6f0b8ba  
>> openssl-devel-1.0.1e-16.el6_5.7.i686.rpm
>> 3328f32f211b2e136c25ec8538c768049f288f0b410932b31880fa4b4de8e73b  
>> openssl-devel-1.0.1e-16.el6_5.7.x86_64.rpm
>> 89cdbaed00f8348a6a6d567c6c1eb8aba9f94578653be475e826e24c51f10594  
>> openssl-perl-1.0.1e-16.el6_5.7.x86_64.rpm
>> 9222db08c5cbf4fded04fd7d060f5b91ed396665e2baa4c899fc2aa8aa9297d0  
>> openssl-static-1.0.1e-16.el6_5.7.x86_64.rpm
>> 
>> Source:
>> 3a08cda99f54b97c027ed32758e7b1ddcff635be5c3737c1e9084321561a015d  
>> openssl-1.0.1e-16.el6_5.7.src.rpm
>> 
>> 
>> 
>> -- 
>> Karanbir Singh
>> CentOS Project { http://www.centos.org/ }
>> irc: z00dax, 
>> #
>> 
>> _______________________________________________
>> CentOS-announce mailing list
>> 
>> http://lists.centos.org/mailman/listinfo/centos-announce