Mutagen Astronomy vulnerability

From ScientificComputing
Revision as of 12:15, 17 October 2018 by Sfux (talk | contribs) (Updates)

Jump to: navigation, search

Recently the security vulnerability Mutagen Astronomy (CVE-2018-14634) was published.

Due to security precautions the following commands cannot be used at the moment

  • newgrp
  • remote_tmpdir
  • screen
  • ssh-agent
  • ssh-keysign

We apologize for any inconvenience this may cause.

Please watch this space for updates before and during the maintenance.


2018-10-12 13:05
All Euler login nodes are patched and therefore the commands listed above work again. Only a subset of all compute nodes is patched yet. If you need to use one of the listed commands within a batch job, then you can use the bsub option -R suid and this will assure that your job is dispatched to a patched compute node.
2018-10-17 14:15
All Leonhard login nodes are patched. Almost all compute nodes are patched as well. If your job fails on not patched nodes, then please use the bsub option -R suid.