FEDORA-EPEL-2018-3c9292b62d

security update in Fedora EPEL 7 for condor

Status: testing a year ago

Update to latest upstream 8.6.11 Security fix for CVE-2017-16816

Comments 11

This update has been submitted for testing by ttheisen.

This update has been pushed to testing.

This update contains .so version bump and following packages break and require rebuild.

glite-lb-common-9.1.1-4.el7
glite-lb-server-3.0.18-9.el7
karma: -1

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

Since this is a security update, any reason to not perform the rebuilds and push this 6 month old update?

The dependency issue is blocker for this update.

glite-lb-common and glite-lb-server need to be rebuild against this new condor. Afaik no other modifications needed. So just rebuild those two packages against update and it should be ok.

Perhaps we should coordinate with the Italian grid CREAM folks. Updating HTCondor will break their software. They depend on the ClassAds ABI that is present HTCondor versions up to 8.4.11. That is why I did not push it. It should be a simple recompile for them to use the new ABI. No source code changes should be necessary.

I was thinking of breaking out the ClassAd Library into a separate package (libclassad7) where the ABI version is in the name (just like the Debian Packaging). I haven't had time to address that.

This update's test gating status has been changed to 'greenwave_failed'.

This update's test gating status has been changed to 'ignored'.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
testing
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
-1
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted a year ago
in testing a year ago

Related Bugs 2

00 #1508887 CVE-2017-16816 condor: DoS of condor_schedd via specially crafted VOMS proxy
00 #1598628 CVE-2017-16816 condor: DoS of condor_schedd via specially crafted VOMS proxy [epel-all]

Automated Test Results