Trace:
[[oar_2.5.7]]

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
oar_2.5.7 [2016/04/07 17:01] neyronoar_2.5.7 [2016/04/07 17:04] neyron
Line 6: Line 6:
  
 ===== Forword ===== ===== Forword =====
-Thanks to Emmanuel Thomé, a **vulnerability** was discovered in OAR, which affects all previous versions of OAR. This vulnerability allows any user of a cluster managed by OAR to read parts of data which are not supposed to be readable by the user. This vulnerability could eventually be exploited to gain root privileges on the cluster. It is in particular known to eventually allow one to disclose private ssh keys (CVE-2016-1235).+Thanks to Emmanuel Thomé, a **vulnerability** was discovered in OAR, which affects all previous versions of OAR. This vulnerability allows any user of a cluster managed by OAR to read parts of data which are not supposed to be readable by the user. This vulnerability might be exploited to gain root privileges on the cluster. It is in particular known to eventually allow one to disclose part of private ssh keys (CVE-2016-1235).
  
 **OAR 2.5.7 fixes this vulnerability. Upgrading is highly recommended.** **OAR 2.5.7 fixes this vulnerability. Upgrading is highly recommended.**
oar_2.5.7.txt · Last modified: 2016/04/07 18:08 by neyron
Recent changes RSS feed GNU Free Documentation License 1.3 Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki