Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 21: 2015-10832 Critical: Condor Code Execution Risk Fix

fedora
Calendar Grey July 18, 2015
Dist Fedora Esm H88
System patch for Condor on Fedora 21 addresses CVE-2014-8126 and enhances overall performance.
Security fix for CVE-2014-8126 and update to latest source 8.3.6

Summary

HTCondor is a workload management system for high-throughput and

high-performance jobs. Like other full-featured batch systems, HTCondor

provides a job queueing mechanism, scheduling policy, priority scheme,

resource monitoring, and resource management. Users submit their

serial or parallel jobs to HTCondor, HTCondor places them into a queue,

chooses when and where to run the jobs based upon a policy, carefully

monitors their progress, and ultimately informs the user upon

completion.

Update Information:

Security fix for CVE-2014-8126 and update to latest source 8.3.6

Topics%20covered

Topics Covered

security advisory update Fedora code execution system stability CVE-2014-8126

Change Log

* Thu Jun 25 2015 Ben Cotton - 8.3.6-1 - Update to latest source 8.3.6 - Re-enable aviary * Wed Jun 17 2015 Matthew Farrellee - 8.3.5-1 - Update to latest source 8.3.5 - Disable aviary - Moved 00personal_condor.config to SOURCES, removed upstream * Wed Jun 17 2015 Fedora Release Engineering - 8.3.1-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild * Sat May 2 2015 Kalev Lember - 8.3.1-3 - Rebuilt for GCC 5 C++11 ABI change * Tue Jan 27 2015 Petr Machata - 8.3.1-2 - Rebuild for boost 1.57.0 * Sat Nov 22 2014 Matthew Farrellee - 8.3.1-1 - Update to latests source 8.3.1 - Build from tag instead of commit SHA - Disabled plumage (mongodb dep) - New require perl-Data-Dumper for param table generator - Updated libpyclassad lib version to 8.3.1 - No longer stripping condor_load_history or config_fetch, removed upstream - Now including condor_pool_job_report and associated man pages

References


[ 1 ] Bug #1169800 - CVE-2014-8126 condor: mailx invocation enables code execution as condor user https://bugzilla.redhat.com/show_bug.cgi?id=1169800

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update condor' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: condor
Product: Fedora 21
Version: 8.3.6
Release: 1.fc21
URL: https://research.cs.wisc.edu/htcondor/
Summary: Condor: High Throughput Computing

Topics%20covered

Topics Covered

security advisory update Fedora code execution system stability CVE-2014-8126

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here