Mutagen Astronomy vulnerability

From ScientificComputing
Revision as of 13:59, 12 December 2018 by Sfux (talk | contribs) (Updates)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Recently the security vulnerability Mutagen Astronomy (CVE-2018-14634) was published.

Due to security precautions the following commands cannot be used at the moment

  • newgrp
  • remote_tmpdir
  • screen
  • ssh-agent
  • ssh-keysign

We apologize for any inconvenience this may cause.


Please watch this space for updates before and during the maintenance.

Updates

2018-10-12 13:05
All Euler login nodes are patched and therefore the commands listed above work again. Only a subset of all compute nodes is patched yet. If you need to use one of the listed commands within a batch job, then you can use the bsub option -R suid and this will assure that your job is dispatched to a patched compute node.
2018-10-17 14:15
All Leonhard Open login nodes are patched. Almost all Leonhard Open compute nodes are patched as well. If your job fails on not patched nodes, then please use the bsub option -R suid.
2018-12-12 15:00
All nodes in all our clusters are patched. Therefore the commands that did not work due to the mitigation of the CVE again work.