OSG 1.2.22 Release Notification

OSG Operations and Integration are pleased to announce the release of OSG version 1.2.22.


******************************
OSG 1.2.22 Update Notification
******************************

Date: September 13, 2011

Affected Components

The following components are affected:

* CE installations
* RSV installations
* CEMon
* Any other installation that uses apache httpd

Summary

This release contains the following security updates:

* Apache httpd

This update addresses and closes a DOS attack on apache httpd.
Sites using components that use apache httpd are encouraged to
update as soon as possible. This vulnerability as been listed as
CVE-2011-3192 ( https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192 ).

Update Instructions
Update instructions can be found on the OSG Twiki under the OSG
1.2 update instructions ( https://twiki.grid.iu.edu/bin/view/ReleaseDocumentation/OSG12UpdateInstructions ).

Additional Information
The release notes for the VDT 2.0.0p29 release underlying this
release can be found here ( http://vdt.cs.wisc.edu/releases/2.0.0/release-p28.html ).