[slurm-dev] Debian OpenSSL vulnerability (CVE-2008-0166)
1 view
Skip to first unread message
Mark A. Grondona
May 16, 2008, 12:10:07 PM5/16/08
to slur...@lists.llnl.gov
For anyone that uses SLURM on Debian, and uses OpenSSL for job credentials,
please be aware of the recent Debian openssl vulnerability described here:
please be aware of the recent Debian openssl vulnerability described here:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0166
Please be sure to run the latest Debian openssl packages.
Additionally, if you created slurm keys under OpenSSL 0.9.8c-1 up to
0.9.8g-9 on Debian-based operating systems, you'll need to recreate
your keys. Due to the nature of the bug introduced in Debian, your
current keys are trivially exploitable.
mark
Reply all
Reply to author
Forward
0 new messages