Hi Maria,
On Mon, 2011-08-22 at 12:44 +0000, Maria Alandes Pradillo wrote:
> Hi Andreas,
>
> Please, note that you should not enable EPEL to install gLite 3.1/3.2 middleware.
>
> https://twiki.cern.ch/twiki/bin/view/LCG/GenericInstallGuide320#Repositories
>
> You should install torque from the gLite repositories instead. If you are aware of any issue affecting the last torque available in the gLite repositories, I would appreciate very much if you report it in a GGUS ticket.
>
> Torque is supported for standard updates in both 3.1 and 3.2 until October 2011 and for security updates until April 2012.
OK, this was actually the way I thought it should be. But the advisory
EGI-ADV-20110615-02 states something completely different!
---
Component Installation information
==================================
A patch is now available from RedHat EPEL
They are detailed fully in the release notes:
https://admin.fedoraproject.org/updates/torque-2.5.7-1.el4.1
https://admin.fedoraproject.org/updates/torque-2.5.7-1.el5.1
https://admin.fedoraproject.org/updates/torque-2.5.7-1.el6
Recommendations
===============
Sites are strongly recommended to run Torque behind a firewall, in
particular port 15001 should be restricted so that direct access to
Torque from an untrusted host is not allowed.
Sites should check the configuration and follow the mitigating action to
prevent the expolitation of this vulnerability in the Torque software.
Sites should upgrade as soon as is practical, and leave firewalling in
place.
---
This simply causes confusion for me. There's no single statement that
would announce an upcoming availability of the updated packages in any
gLite repo I should wait for.
So do I understand you correctly, site admins should wait for updated
packages in the gLite 3.1 / 3.2 repos?
Cheers,
Andreas
--
| Andreas Haupt | E-Mail: [log in to unmask]
| DESY Zeuthen | WWW: http://www-zeuthen.desy.de/~ahaupt
| Platanenallee 6 | Phone: +49/33762/7-7359
| D-15738 Zeuthen | Fax: +49/33762/7-7216
|