Hi Jens,
RALPP headnode updated to 1.9.1-10 earlier today.
Chris.
P.s. Just running the checks on what looks like it might be a successful
test pnfs->chimera migration. It's not too difficult so unless I find
problems I will probably schedule the real thing for a few weeks from
now.
> -----Original Message-----
> From: GRIDPP2: Deployment and support of SRM and local storage
> management [mailto:[log in to unmask]] On Behalf Of Jensen,
> J (Jens)
> Sent: 29 July 2009 17:54
> To: [log in to unmask]
> Subject: [Fwd: Warning : Vulnerability in the SRM subsystem of dCache
> (all production releases)]
>
> Will this affect our dCache sites? I don't see 1.(< 9) mentioned but
> the recommendation is to "upgrade to a 1.9 so you can apply the patch"
>
> --jens
>
> -------- Original Message --------
> Subject: Warning : Vulnerability in the SRM subsystem of dCache
(all
> production releases)
> Date: Mon, 27 Jul 2009 18:04:38 +0200
> From: [log in to unmask]
<[log in to unmask]>
> Reply-To: [log in to unmask]
> To: [log in to unmask], [log in to unmask],
> [log in to unmask]
>
>
>
> Dear all,
>
> we recently detected a vulnerability in the SRM subsystem of dCache.
> Security patches are already available at dCache.org. Please find
> details on the issue below.
> In case you need further help : Drop us an e-mail at :
> [log in to unmask] <mailto:[log in to unmask]>.
>
> regards
> patrick
>
>
> - Affected releases
>
> All production releases are affected.
>
> - Footprint :
>
> * One needs to be authenticated in order to abuse the system (based on
> this vulnerability).
> * Neither the file system metadata nor the actual data is in danger.
> * The flaw is in the code since the introduction of SRM 2.2.
> * This security issue has not been reported by a customer and up to
now
> only the dCache core team has knowledge on how to misuse the system
> based on this flaw.
>
> - Solution :
>
> Please find fixes for this security bug at dCache.org
> (http://www.dcache.org/downloads/1.9) for releases
>
> 1.9.1 -> patch 1.9.1-10
> 1.9.2 -> patch 1.9.2-9
> 1.9.3 -> patch 1.9.3-3
> 1.9.4 -> patch 1.9.4-2
>
> * Only the SRM door needs to be patched.
> * In case you are running a pre 1.9.1 version you should consider to
> upgrade your system to a release for which we provide a patch.
> * Please check the compatibility matrix in the release notes if you
> want
> to run mixed releases.
> * All current 1.9.x head nodes, including 1.9.3 and 1.9.4, are
> compatible with 1.9.0 pool nodes.
> * Although you may mix different head-node releases with different
pool
> node releases, please make sure all head node services are running the
> same release (eg 1.9.3). For mixing head node services within a patch
> level (1.9.3-x) please refer to the corresponding release notes.
--
Scanned by iCritical.
|