security update in Fedora EPEL 7 for condor

Status: testing 11 months ago

Update to latest upstream 8.6.11 Security fix for CVE-2017-16816

How to install

sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-EPEL-2018-3c9292b62d

Comments 9

This update has been submitted for testing by ttheisen.

This update has been pushed to testing.

This update contains .so version bump and following packages break and require rebuild.

karma: -1

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

Since this is a security update, any reason to not perform the rebuilds and push this 6 month old update?

The dependency issue is blocker for this update.

glite-lb-common and glite-lb-server need to be rebuild against this new condor. Afaik no other modifications needed. So just rebuild those two packages against update and it should be ok.

Perhaps we should coordinate with the Italian grid CREAM folks. Updating HTCondor will break their software. They depend on the ClassAds ABI that is present HTCondor versions up to 8.4.11. That is why I did not push it. It should be a simple recompile for them to use the new ABI. No source code changes should be necessary.

I was thinking of breaking out the ClassAd Library into a separate package (libclassad7) where the ABI version is in the name (just like the Debian Packaging). I haven't had time to address that.

Content Type
Test Gating
Submitted by
Update Type
Update Severity
stable threshold: 3
unstable threshold: -3
submitted a year ago
in testing 11 months ago

Related Bugs 2

00 #1508887 CVE-2017-16816 condor: DoS of condor_schedd via specially crafted VOMS proxy
00 #1598628 CVE-2017-16816 condor: DoS of condor_schedd via specially crafted VOMS proxy [epel-all]

Automated Test Results