Slurm-llnl users please notice this announcement on the slurm-dev
mailing list.
--
Gennaro Oliva
----- Forwarded message from "Mark A. Grondona" <
mgrondona@...> -----
From: "Mark A. Grondona" <
mgrondona@...>
Date: Fri, 16 May 2008 09:10:07 -0700
Subject: [slurm-dev] Debian OpenSSL vulnerability (CVE-2008-0166)
To:
slurm-dev@...
For anyone that uses SLURM on Debian, and uses OpenSSL for job credentials,
please be aware of the recent Debian openssl vulnerability described here:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0166Please be sure to run the latest Debian openssl packages.
Additionally, if you created slurm keys under OpenSSL 0.9.8c-1 up to
0.9.8g-9 on Debian-based operating systems, you'll need to recreate
your keys. Due to the nature of the bug introduced in Debian, your
current keys are trivially exploitable.
mark
----- End forwarded message -----
--
To UNSUBSCRIBE, email to
debian-science-request@...
with a subject of "unsubscribe". Trouble? Contact
listmaster@...
