On Mon, 28 Nov 2005, David McBride wrote:
> EGEE BROADCAST wrote:
> > ------------------------------------------------------------------------------------
> > Publication from : Oliver Keeble 9443 <[log in to unmask]> (CERN)
> > This mail has been sent using the broadcasting tool available at http://cic.in2p3.fr
> > ------------------------------------------------------------------------------------
> >
> > A patch for the R-GMA Pong Servlet vulnerability is now available.
>
> This doesn't appear to affect the other R-GMA security bugs?
> (ie it doesn't configure each site to run in authenticating mode?)
>
> Cheers,
> David
Apparently not, which is a pity as the current chaos would provide the
ideal opportunity to force through this change LCG-wide.
Henry
(and if this is an official LCG update, shouldn't the notification be
going to the csirts list that originally warned us all to stop running
R-GMA?)
--
Dr. Henry Nebrensky [log in to unmask]
http://people.brunel.ac.uk/~eesrjjn
"The opossum is a very sophisticated animal.
It doesn't even get up until 5 or 6 p.m."
|