[HTCondor-users] Spring Framework Vulnerabilities

["Hitchen, Greg (IM&T, Kensington WA)" <Greg.Hitchen@xxxxxxxx>]

Hi All

 

I’m probably not the only one who will need some info on this after being asked by our management

about the status of HTCondor with respect to the “Spring Framework Vulnerabilities”.

 

On reading about it (https://www.tenable.com/blog/spring4shell-faq-spring-framework-remote-code-execution-vulnerability)

I suspect there is no issue for HTCondor, but, like the log4j issue, we still would need some sort of statement from

all of our 3^rd party “vendors”, including HTCondor.

 

Thanks for help/info.

 

Cheers

 

Greg

 

Dr. Greg Hitchen
Scientific Computing | Systems
Information Management and Technology
CSIRO

Phone: +61 8 6436 8663 | Fax: +61 8 6436 8555 | Mobile: 0407 952 748 
greg.hitchen@xxxxxxxx | www.csiro.au 

Postal Address: PO Box 1130, Bentley Delivery Centre, WA 6983

Street Address: 26 Dick Perry Avenue, Kensington WA 6151

PLEASE NOTE
The information contained in this email may be confidential or privileged. Any unauthorised use or disclosure is prohibited. If you have received this email in error, please delete it immediately and notify the sender by return email. Thank you. To the extent permitted by law, CSIRO does not represent, warrant and/or guarantee that the integrity of this communication has been maintained or that the communication is free of errors, virus, interception or interference.

Please consider the environment before printing this email.