Two vulnerabilities in HTCondor have been found, one of them may allow users to run code as another user or read the data accessible to that user’s running jobs, which is considered a HIGH risk for EGI infrastructure.
Versions 8.8.15, 9.0.4, 9.1.2 contain fixes for those vulnerabilities. Affected sites should upgrade as soon as possible. You can find more details in our SVG advisory.
Recent Comments