Hi, There is a new release for the application testbed because of the updated ssh rpms. v2_0_3. Of course there may be another ssh on the way if the rumours can be untangled. I will create some generic notes but for those in the upgrade situation but. # ./gpp-fetch-edg-release.sh -r v2_0_3 -o /tmp # cp /tmp/edg-release/ng_updaterep/updaterep.conf /etc/. # cp /tmp/edg-release/ng_source/* /var/obj/conf/server/source/. # cp /tmp/edg-release/ng_rpmlist/* /opt/local/linux/7.3/rpmcfg/ With the last two take care not overwrite and modifications you made. There is no change in the site-cfg.h within any of the v2_0_X releases so far. Download the extra rpms. # updateRPMCache.pl --rpcfg /opt/local/linux/7.3/rpmcfg/*rpm.h Recompile the profiles. # /sbin/service mkxprofd reload Trick, previously I had recommended that you log into all the nodes and run updaterpms. You can run this centrally if you change the updaterpms profile. A simple way to do this is to edit redhat73-cfg.h, find the line. updaterpms.rpmcfgdir /export/local/linux/7.3/rpmcfg by making a trivial edit to updaterpms.rpmcfgdir /export/local/linux/7.3/rpmcfg/ the updaterpms profile is changed and updaterpms is called. By alternating between these two and compiling the profile you can cause rpms to be installed. Don't forget to upgrade openssh on the LCFG server itself. Steve -- Steve Traylen [log in to unmask] http://www.gridpp.ac.uk/ ---------- Forwarded message ---------- Date: Wed, 17 Sep 2003 07:49:35 +0200 From: Charles Loomis <[log in to unmask]> To: ITeam <[log in to unmask]>, Site Admin. <[log in to unmask]> Subject: [SA-HELP] SECURITY upgrade for APP. TB Hi, There is a new release for the application testbed--v2_0_3. This include an upgrade of the openssh rpms. There is a rumor of an active exploit of the security hole. This release also includes a new IDL rpm which removes the RH4.2 dependencies (as a consequence the RH6.2 paths in updaterep.conf have been removed). It may be necessary to remove IDL and reinstall it; however, the upgrade worked correctly on my machines. Also included: a change to site-cfg.h to really turn off GOUT by default. Please upgrade to this release as soon as possible. Thanks. Cal