funsec mailing list archives
[Condor-world] Condor 6.7.18 released!
From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Tue, 28 Mar 2006 16:51:54 -0700
Security Updates to Condor? Yaay!! -JP ---------- Forwarded message ---------- From: Greg Quinn <gquinn () cs wisc edu> Date: Mar 28, 2006 9:50 AM Subject: [Condor-world] Condor 6.7.18 released! To: condor-users () cs wisc edu, condor-world () cs wisc edu The Condor Team is pleased to announce the release of Condor 6.7.18. This release features important security fixes and many other improvements, including Kerberos support for Windows enabling cross-platform authentication, the ability to run jobs as the submitting user on Windows, and a port to HPUX11. We strongly recommend sites running earlier versions of Condor in the 6.7 development series upgrade to 6.7.18 as soon as feasible. See the Version History and Release Notes in the 6.7.18 Condor manual for details: http://www.cs.wisc.edu/condor/manual/v6.7.18/8_3Development_Release.html The following information describing the security fixes is included from the release notes: A security team at UW-Madison is conducting an ongoing security audit of the Condor system and has identified a few important vulnerabilities. Condor versions 6.6.11 and 6.7.18 fix these security problems and other bugs. There have been no reported exploits, but all sites are urged to upgrade immediately. The Condor Team will publish detailed reports of these vulnerabilities on 2006-04-24, four weeks from the date when the fixes were first released (2006-03-27). This will allow all sites time to upgrade before enough information to exploit these bugs is widely available. Summary of vulnerabilities fixed in this release: * Bugs in previous versions of Condor could allow any user who can submit jobs on a machine to gain access to the "condor" account (or whatever non-privileged user the Condor daemons are running as). This bug can not be exploited remotely, only by users already logged onto a submit machine in the Condor pool. * The security of the "condor_config_val -set" feature was found to be insufficient, so this feature is now disabled by default. There are new configuration settings to enable this feature in a secure manner. Please read the descriptions of ENABLE_RUNTIME_CONFIG, ENABLE_PERSISTENT_CONFIG and PERSISTENT_CONFIG_DIR in the example configuration file shipped with the latest Condor releases, or in the Condor manual. -- The Condor Team condor-admin () cs wisc edu http://www.cs.wisc.edu/condor _______________________________________________ Condor-world mailing list Condor-world () cs wisc edu https://lists.cs.wisc.edu/mailman/listinfo/condor-world _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- [Condor-world] Condor 6.7.18 released! Dude VanWinkle (Mar 28)