Hi All,
I was away last weekend and took this Monday off as well. I did not have
Internet access over the extended weekend, therefore I cannot answer some of
your questions.
Firstly I would like to thank Andrew to bring this issue up and I am glad to
see his email generated the hot debate. Before I answer any of your
question, let us take a moment to look back what had happened. Following is
the timeline of how GridPP sites were informed of the issue.
I also replied numerous emails about this issue, many of them are from our
site admins. I answered questions at dteam meeting and UK monthly operation
meeting as well.
I was made aware of EGEE PMB decision on Thursday (24th), thus I passed this
information to All gridPP sites and asked an update on site patching status.
I think it is not unreasonable to ask sites to report the patching status by
the end of the day given the fact that this issue is going on for over a
month (from 14/08 to 24/09), especially on 15th September I had requested
all sites to provide a patching report. It should take you minutes instead
of hours to prepare the patching report if you responded my first request
made on 15th Sep.
I will address the questions about Pakiti in a separate email.
Cheers,
Mingchao
=================================
* Fri 14/08/2009 13:48 - Initial alert sent to EGEE CSIRTs by OSCT about the
Linux kernel vulnerability
* Fri 14/08/2009 (after initial alert) - discussions at TB-Support about the
kernel vulnerability
* Tue 18/08/2009 - emails sent to TB-Support to explain the vulnerabilities
* Mon 24/08/2009 11:29 - update (Redhat 4&5 patch available) sent to
TB-Support
* Tue 25/08/2009 15:25 - Another update (SLC4/5 patch available) sent to
TB-Support
* Fri 28/08/2009 10:02 - One more update (RedHat3 patch available) sent to
TB-support
* Mon 07/09/2009 10:52 - EGEE CSIRT alert sent to All EGEE sites, update to
Grid-SEC-001 incident
* Mon 07/09/2009 11:48 - A update following above EGEE CSIRT alert sent to
ALL GridPP CSIRTs, in this update, I explicitly stressed "previously
suggested workaround does NOT apply to CVE-2009-2698 (which affected Linux
kernel <= 2.6.18.8), you must apply the security update from the vender to
fix the vulnerability."
* Tue 15/09/2009 15:00 - EGEE security alert to all EGEE sites, Grid-SEC-002
incident
* Tue 15/09/2009 16:15 - A update following EGEE CSIRT, also required all
GridPP sites to report patching status by noon 16 September.
* Wed 16/09/2009 14:51 - A reminder sent to TB-support, again require
patching status report from sites
* Thu 24/09/2009 11:56 - email sent to all GridPP CSIRTs, inform all GridPP
sites of EGEE PMB decision and require site patching report by end of the
day
=================================
|