[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Condor-users] Condor 6.7.18 released!

Title: RE: [Condor-users] Condor 6.7.18 released!

I may have missed an option in the installer, but are the examples included?  I did a fresh install and I don't have the examples.


-----Original Message-----
From: condor-users-bounces@xxxxxxxxxxx
[mailto:condor-users-bounces@xxxxxxxxxxx]On Behalf Of Greg Quinn
Sent: March 28, 2006 11:50 AM
To: condor-users@xxxxxxxxxxx; condor-world@xxxxxxxxxxx
Subject: [Condor-users] Condor 6.7.18 released!

The Condor Team is pleased to announce the release of Condor 6.7.18.

This release features important security fixes and many other
improvements, including Kerberos support for Windows enabling
cross-platform authentication, the ability to run jobs as the submitting
user on Windows, and a port to HPUX11. We strongly recommend sites
running earlier versions of Condor in the 6.7 development series upgrade
to 6.7.18 as soon as feasible.

See the Version History and Release Notes in the 6.7.18 Condor manual
for details:


The following information describing the security fixes is included from
the release notes:

A security team at UW-Madison is conducting an ongoing security audit
of the Condor system and has identified a few important
vulnerabilities.  Condor versions 6.6.11 and 6.7.18 fix these security
problems and other bugs.  There have been no reported exploits, but
all sites are urged to upgrade immediately.

The Condor Team will publish detailed reports of these vulnerabilities
on 2006-04-24, four weeks from the date when the fixes were first
released (2006-03-27).  This will allow all sites time to upgrade
before enough information to exploit these bugs is widely available.

Summary of vulnerabilities fixed in this release:

* Bugs in previous versions of Condor could allow any user who can
   submit jobs on a machine to gain access to the "condor" account (or
   whatever non-privileged user the Condor daemons are running as).
   This bug can not be exploited remotely, only by users already logged
   onto a submit machine in the Condor pool.

* The security of the "condor_config_val -set" feature was found to be
   insufficient, so this feature is now disabled by default.  There are
   new configuration settings to enable this feature in a secure
   manner.  Please read the descriptions of ENABLE_RUNTIME_CONFIG,
   configuration file shipped with the latest Condor releases, or in
   the Condor manual.

The Condor Team
Condor-users mailing list


This e-mail, and any attachments, may contain information that
is confidential, subject to copyright, or exempt from disclosure.
Any unauthorized review, disclosure, retransmission, 
dissemination or other use of or reliance on this information 
may be unlawful and is strictly prohibited.  


Le présent courriel, et toute pièce jointe, peut contenir de 
l'information qui est confidentielle, régie par les droits 
d'auteur, ou interdite de divulgation. Tout examen, 
divulgation, retransmission, diffusion ou autres utilisations 
non autorisées de l'information ou dépendance non autorisée 
envers celle-ci peut être illégale et est strictement interdite.