Skip to Content.
Sympa Menu

perfsonar-user - Re: [perfsonar-user] perfSONAR security updates

Subject: perfSONAR User Q&A and Other Discussion

List archive

Re: [perfsonar-user] perfSONAR security updates


Chronological Thread 
  • From: Jason Zurawski <>
  • To: perfsonar-user <>, perfsonar-announce <>
  • Cc: "" <>
  • Subject: Re: [perfsonar-user] perfSONAR security updates
  • Date: Wed, 17 Feb 2016 08:53:46 -0500

Greetings All;

To build on Andy's second item - here is a link to a slightly more recent CVE released yesterday:

https://rhn.redhat.com/errata/RHSA-2016-0175.html

Thanks;

-jason

Andrew Lake wrote:
All, 

The following are some important security updates related to perfSONAR that we would like to make everyone aware of:

- Version 3.5.0.7 of the perl-perfSONAR-Toolkit packages were pushed out today. These contain an important fix to the default firewall configuration. For clean installs of version 3.5, the default firewall rules were not setup to properly reject packets. If you upgraded to 3.5 from a previous version your rules should be setup correctly. If you have automatic updates enabled you should get this update automatically, otherwise run “yum update perl-perfSONAR_PS-Toolkit-security” to get the change. No further action is required beyond the yum update. 

- An important update to glibc was released that has pretty wide impact to software beyond just perfSONAR. See https://access.redhat.com/security/cve/CVE-2015-7547 for details. Updated packages for CentOS should be available shortly. Again, if you have automatic updates enabled you should get this update automatically when they are available, otherwise run “yum update glibc” to get the latest version. 

Please let us know if you have any further questions.

Thank you,
The perfSONAR Development Team




Archive powered by MHonArc 2.6.16.

Top of Page