The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "SVG:Advisories"
| Line 22: | Line 22: | ||
| 2016-04-28 || OpenStack VM management permissions || [[SVG:Advisory-SVG-2016-10636 | Advisory-SVG-2016-10636]] || Moderate || (Config) || | | 2016-04-28 || OpenStack VM management permissions || [[SVG:Advisory-SVG-2016-10636 | Advisory-SVG-2016-10636]] || Moderate || (Config) || | ||
|- | |- | ||
|- | |- | ||
| 2016-03-11 || NSS heap buffer overflow vulnerability || [[SVG:Advisory-SVG-CVE-2016-1950 | Advisory-SVG-CVE-2016-1950]] || Critical || Fixed || | | 2016-03-11 || NSS heap buffer overflow vulnerability || [[SVG:Advisory-SVG-CVE-2016-1950 | Advisory-SVG-CVE-2016-1950]] || Critical || Fixed || | ||
|- | |- | ||
|- | |- | ||
| 2016-02-17 || glibc remote code execution vulnerability - CVE-2015-7547 || [[SVG:Advisory-SVG-CVE-2015-7547 | Advisory-SVG-CVE-2015-7547]] || Critical || Fixed || | | 2016-02-17 || glibc remote code execution vulnerability - CVE-2015-7547 || [[SVG:Advisory-SVG-CVE-2015-7547 | Advisory-SVG-CVE-2015-7547]] || Critical || Fixed || | ||
|- | |- | ||
|- | |- | ||
| 2016-02-03 || Linux Kernel Vulnerability - CVE-2016-0728 || [[SVG:Advisory-SVG-2016-10376 | Advisory-SVG-2016-10376 ]] || High || Fixed || | | 2016-02-03 || Linux Kernel Vulnerability - CVE-2016-0728 || [[SVG:Advisory-SVG-2016-10376 | Advisory-SVG-2016-10376 ]] || High || Fixed || | ||
|- | |- | ||
|- | |- | ||
| Line 45: | Line 39: | ||
|- | |- | ||
|} | |||
Advisories from prior to 2011 [https://archive.gridpp.ac.uk/gsvg/advisories/ Gridpp Advisories Archive] | |||
Revision as of 11:15, 29 April 2016
| Main page | Software Security Checklist | Issue Handling | Advisories | Notes On Risk | Advisory Template | More |
Advisories
EGI SVG produces advisories according to the EGI SVG issue handling procedure, which was revised in autumn 2015.
All advisories which are disclosed publicly by SVG are placed on this wiki.
In the past (up to the end of 2015) CSIRT also issued general alerts at https://wiki.egi.eu/wiki/EGI_CSIRT:Alerts
and EGI SVG advisories primarily concerned gLite Middleware.
A guide to the risk categories is available at Notes On Risk
Earlier Advisories: Advisories from 2014 and 2015
Earlier Advisories: Advisories from 2011 to 2013
| Date | Title | Contents/Link | Risk | Status | |
|---|---|---|---|---|---|
| 2016-04-28 | OpenStack VM management permissions | Advisory-SVG-2016-10636 | Moderate | (Config) | |
| 2016-03-11 | NSS heap buffer overflow vulnerability | Advisory-SVG-CVE-2016-1950 | Critical | Fixed | |
| 2016-02-17 | glibc remote code execution vulnerability - CVE-2015-7547 | Advisory-SVG-CVE-2015-7547 | Critical | Fixed | |
| 2016-02-03 | Linux Kernel Vulnerability - CVE-2016-0728 | Advisory-SVG-2016-10376 | High | Fixed | |
| 2016-01-05 | Linux Kernel Vulnerabilities | Advisory-SVG-2015-CVE-2015-7613 | Moderate/High | Fixed |
Advisories from prior to 2011 Gridpp Advisories Archive