Revision as of 11:51, 17 August 2011

Advisories

EGI SVG primarily issues advisories concerning gLite Middleware.

CSIRT issues general alerts (such as concerning operating system vulnerabilities) at https://wiki.egi.eu/wiki/EGI_CSIRT:Alerts

A guide to the risk categories is available at Notes On Risk

Date	Title	Contents/Link	Risk	Status
2011-08-15	Torque Authentication Bypass Vulnerability CVE-2011-2907	Advisory-SVG-2011-2296	High	Fixed
2011-07-28	Insecure Library Loading Vulnerability in the VOMS server	Advisory-SVG-2011-342	Low	Fixed
2011-07-28	VOMS server /tmp file vulnerability	Advisory-SVG-2011-1866	Low	Fixed
2011-06-24	Torque Server Buffer Overflow Vulnerability - CVE-2011-2193.	Advisory-SVG-2011-1870	Moderate	Fixed
2011-04-19	Critical Vulnerability detected in dCache Admin Web Interface	Advisory-SVG-2011-1569	Critical	Fixed
2011-04-19	VOMS Admin vulnerabilities found by carrying out detailed vulnerability assessment of the package	Advisory-SVG-2011-505	High	Fixed
2011-04-04	WMS vulnerability allowing proxy access	Advisory-SVG-2011-1502	High	Fixed
2011-03-11	SQL injection vulnerability in the APEL software	Advisory-SVG-2011-373	Moderate	Fixed

@@ Line 10: / Line 10: @@
 {| {{egi-table}}
 !Date !!	Title !!	Contents/Link !!	Risk !!  Status !!
+|-
+|2011-08-15 || Torque Authentication Bypass Vulnerability CVE-2011-2907
+  || [[SVG:Advisory-SVG-2011-2296 | Advisory-SVG-2011-2296 ]]
+|| High || Fixed ||
+|-
 |-
 |2011-07-28 || Insecure Library Loading Vulnerability in the VOMS server