On Mon, 28 Nov 2005, David McBride wrote: > EGEE BROADCAST wrote: > > ------------------------------------------------------------------------------------ > > Publication from : Oliver Keeble 9443 <[log in to unmask]> (CERN) > > This mail has been sent using the broadcasting tool available at http://cic.in2p3.fr > > ------------------------------------------------------------------------------------ > > > > A patch for the R-GMA Pong Servlet vulnerability is now available. > > This doesn't appear to affect the other R-GMA security bugs? > (ie it doesn't configure each site to run in authenticating mode?) > > Cheers, > David Apparently not, which is a pity as the current chaos would provide the ideal opportunity to force through this change LCG-wide. Henry (and if this is an official LCG update, shouldn't the notification be going to the csirts list that originally warned us all to stop running R-GMA?) -- Dr. Henry Nebrensky [log in to unmask] http://people.brunel.ac.uk/~eesrjjn "The opossum is a very sophisticated animal. It doesn't even get up until 5 or 6 p.m."