Mutagen Astronomy vulnerability

From ScientificComputing
Revision as of 12:19, 17 October 2018 by Sfux (talk | contribs) (Updates)

Jump to: navigation, search

Recently the security vulnerability Mutagen Astronomy (CVE-2018-14634) was published.

Due to security precautions the following commands cannot be used at the moment

  • newgrp
  • remote_tmpdir
  • screen
  • ssh-agent
  • ssh-keysign

We apologize for any inconvenience this may cause.


Please watch this space for updates before and during the maintenance.

Updates

2018-10-12 13:05
All Euler login nodes are patched and therefore the commands listed above work again. Only a subset of all compute nodes is patched yet. If you need to use one of the listed commands within a batch job, then you can use the bsub option -R suid and this will assure that your job is dispatched to a patched compute node.
2018-10-17 14:15
All Leonhard Open login nodes are patched. Almost all Leonhard Open compute nodes are patched as well. If your job fails on not patched nodes, then please use the bsub option -R suid.