[torqueusers] Security Vulnerability in Torque
garrick at clusterresources.com
Fri Oct 20 16:06:42 MDT 2006
On Fri, Oct 20, 2006 at 10:46:31PM +0100, David Golden alleged:
> On 2006-10-20 21:13:23 +0200, ?ke Sandgren wrote:
> > On Fri, 2006-10-20 at 14:03 -0500, Jason Allen wrote:
> > > I've received several notifications regarding the following
> > > vulnerability in the past hour. Is there a patch or workaround
> > > available?
> > No official patch yet.
> > It's under Garricks scrupulous eyes...
> > The patch used by EGEE/LCG isn't perfect but "good enough" for the
> > weekend.
> > Garrick have been sent a more complete patch to look at.
> Hmmm. Are --disable-spool torque builds still vulnerable ?
I wouldn't think so, but I haven't confirmed that.
More information about the torqueusers