There is a vulnerability in the libsdp package which is used to enablean
application to communicate over the Infiniband SDP protocol instead of
ordinary TCP:
https://bugzilla.redhat.com/show_bug.cgi?id=647941
Sites that use infiniband will want to look at the measures in the
notification above.
Updated openssl packages that fix one security issue are now available for
Red Hat Enterprise Linux 6.
https://www.redhat.com/security/data/cve/CVE-2010-3864.html
https://rhn.redhat.com/errata/RHSA-2010-0888.html
Updated systemtap packages that fix two security issues are now available
for Red Hat Enterprise Linux 5 and 6.
https://rhn.redhat.com/errata/RHSA-2010-0894.html
There is a security vulnerability in PGP Desktop versions 10.0.3 and
earlier, as well as the upcoming 10.1 release. This vulnerability
may allow someone to spoof emails signed by the OSG security team.
For OSG users who use this version there is a knowledge base page,
as well as remediation steps at:
https://pgp.custhelp.com/app/answers/detail/a_id/2290
Tuesday, November 23, 2010
Subscribe to:
Posts (Atom)