Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "SVG:Advisories"

From EGIWiki
Jump to navigation Jump to search
(Deprecate and redirect page)
Tag: Replaced
 
(6 intermediate revisions by one other user not shown)
Line 1: Line 1:
{{svg-header}}
{{DeprecatedAndMovedTo|new_location=https://advisories.egi.eu/}}
 
 
All advisories which are disclosed publicly by SVG are placed on this wiki.
 
All advisories which are disclosed publicly by SVG are subject to the  Creative commons licence
[https://creativecommons.org/licenses/by/4.0/    CC-BY 4.0.] including crediting the EGI  [https://www.egi.eu/ https://www.egi.eu/] Software Vulnerability Group. 
 
A guide to the risk categories is available at  [[SVG:Notes On Risk | Notes On Risk]]
 
SVG also provides information that may be useful to various sites concerning the various
[[SVG:Speculative Execution Vulnerabilities | SVG Speculative execution vulnerabilities ]]
 
 
{| {{egi-table}}
!Date !! Title !! Contents/Link !! Risk !!  Status !!
 
|-
| 2021-06-08, updated 2021-06-22 ||  VOMS-Admin vulnerability
|| [[SVG:Advisory-SVG-2020-17010| Advisory-SVG-2020-17010]] || HIGH || Fixed ||
|-
 
|-
|  2021-06-22 ||  Singularity vulnerabilities
|| [[SVG:Advisory-SVG-CVE-2021-32635 | Advisory-SVG-CVE-2021-32635]] ||  || Fixed ||
|-
 
|-
|  2021-05-18, updated  2021-06-16 ||  vulnerability concerning SLURM
|| [[SVG:Advisory-SVG-CVE-2021-31215 | Advisory-SVG-CVE-2021-31215]] || HIGH || Fixed ||
|-
 
 
|-
|  2021-03-17, updated 2021-04-19, 2021-05-12 || Local Privilege Escalation via iSCSI 
|| [[SVG:Advisory-SVG-CVE-2021-27365 | Advisory-SVG-CVE-2021-27365]] || CRITICAL || Fixed ||
|-
 
 
|-
|  2021-05-12, updated 2021-06-03 ||  Squid Vulnerability
|| [[SVG:Advisory-EGI-SVG-2021-17247 | Advisory-SVG-2021-17247]] || HIGH || Fixed ||
|-
 
 
|-
|  2021-01-06, updated2021-03-22, 2021-04-06  ||  Linux Kernel release fixing various software vulnerabilities
|| [[SVG:Advisory-SVG-CVE-2020-25211 | Advisory-SVG-CVE-2020-25211]] || HIGH || Fixed ||
|-
 
 
|-
|  2020-11-06, updated 2021-03-23 ||  DPM vulnerability allowing file deletion
|| [[SVG:Advisory-SVG-2020-16935 | Advisory-SVG-2020-16935]] || Critical || Fixed ||
|-
 
|-
|  2021-01-15, updated 2021-03-22 ||  2 HTCondor Vulnerabilities affecting a limited number of versions.
|| [[SVG:Advisory-SVG-2021-17030 | Advisory-SVG-2021-17030]] || Critical || Fixed ||
|-
 
|-
|  2021-01-27 ||  sudo privilege escalation vulnerability
|| [[SVG:Advisory-SVG-CVE-2021-3156 | Advisory-SVG-CVE-2021-3156]] || Critical || Fixed ||
|-
|  2020-11-19 updated 2020-11-25, 2021-01-14 ||  Vulnerability concerning dCache
|| [[SVG:Advisory-SVG-2020-16939 | Advisory-SVG-2020-16939]] || Critical || Fixed ||
|-
|}
 
EGI SVG produces advisories according to the [https://documents.egi.eu/document/3145  EGI Software Vulnerability Issue Handling Process ], which was revised in 2017 and approved by the EGI OMB in November 2017.
 
Note that SVG is currently working on how to better cope with reducing homogeneity of the infrastructure and handle vulnerabilities related to the EOSC-hub services.
 
Earlier Advisories:  [[SVG:Advisories-SVG-2020 | Advisories from 2020]]
 
Earlier Advisories:  [[SVG:Advisories-SVG-2019 | Advisories from 2019]]
 
Earlier Advisories:  [[SVG:Advisories-SVG-2018 | Advisories from 2018]]
 
Earlier Advisories:  [[SVG:Advisories-SVG-2017 | Advisories from 2017]]
 
Earlier Advisories:  [[SVG:Advisories-SVG-2016 | Advisories from 2016]]
 
Earlier Advisories:  [[SVG:Advisories-SVG-2014-2015 | Advisories from 2014 and 2015 ]]
 
In the past (up to the end of 2015) CSIRT also issued general alerts at https://wiki.egi.eu/wiki/EGI_CSIRT:Alerts
and EGI SVG advisories primarily concerned gLite Middleware. 
 
Earlier Advisories: [[SVG:Advisories-SVG-2011-2013 | Advisories from 2011 to 2013 ]]
 
 
 
Advisories from prior to 2011 [https://archive.gridpp.ac.uk/gsvg/advisories/ Gridpp Advisories Archive]

Latest revision as of 14:15, 24 June 2022

Alert.png This article is Deprecated and has been moved to https://advisories.egi.eu/.