[mgrondona@llnl.gov: [slurm-dev] Debian OpenSSL vulnerability (CVE-2008-0166)]

To: debian-science@lists.debian.org
Subject: [mgrondona@llnl.gov: [slurm-dev] Debian OpenSSL vulnerability (CVE-2008-0166)]
From: oliva.g@na.icar.cnr.it
Date: Fri, 16 May 2008 22:45:00 +0200
Message-id: <[🔎] 20080516204500.GA16234@hamsik.na.icar.cnr.it>

Slurm-llnl users please notice this announcement on the slurm-dev
mailing list.
-- 
Gennaro Oliva

----- Forwarded message from "Mark A. Grondona" <mgrondona@llnl.gov> -----

From: "Mark A. Grondona" <mgrondona@llnl.gov>
Date: Fri, 16 May 2008 09:10:07 -0700
Subject: [slurm-dev] Debian OpenSSL vulnerability (CVE-2008-0166)
To: slurm-dev@lists.llnl.gov

For anyone that uses SLURM on Debian, and uses OpenSSL for job credentials,
please be aware of the recent Debian openssl vulnerability described here:

 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0166

Please be sure to run the latest Debian openssl packages.

Additionally, if you created slurm keys under OpenSSL 0.9.8c-1 up to
0.9.8g-9 on Debian-based operating systems, you'll need to recreate
your keys. Due to the nature of the bug introduced in Debian, your
current keys are trivially exploitable.

mark 

----- End forwarded message -----

Reply to:

Prev by Date: Re: Wiki or tasks?
Next by Date: How about hosting the avida package in Debian-Science's git repository ?
Previous by thread: Re: Draft on wiki.debian.org for Debian Science
Next by thread: How to exclude parts of repositories in my local copy?
Index(es):
- Date
- Thread