Wednesday, March 31, 2010

OSG 1.0.6 Update Announcement

OSG Operations and Integration are pleased to announce the release of OSG version 1.0.6

This is a security update for all OSG installations using Gratia probes to report accounting information. The urgency of this update depends on the following factors:

* If your resource is using Gratia probes to report accounting information and are using Condor or Managed Fork, you should apply this update to prevent authorized local users from gaining elevated privileges
* Other resources using Gratia probes for accounting can treat this as a low priority security update that may prevent authorized local users from being able to run a DOS attack on Gratia reporting
* Resources not using Gratia do not need to apply this update since it does not apply in this case

This release updates two software components, see the complete list below.

* Gratia probes
* osg-version

Please see the VDT release notes for more details: http://vdt.cs.wisc.edu/releases/1.10.1/release-p25.html

Update instructions can be found on the OSG twiki under the OSG 1.0.6: https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/OSG106UpdateInstructions

Sites using rpms to install Gratia probes should update their rpms to the latest versions in accordance with the guidelines given in the summary.