Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @


From EGIWiki
Jump to navigation Jump to search
Main page Software Security Checklist Issue Handling Advisories Notes On Risk Advisory Template More


Recent Advisories

Earlier Advisories: Advisories from 2014 and 2015

Earlier Advisories: Advisories from 2011 to 2013

Date Title Contents/Link Risk Status

2016-12-20 Linux kernel's IPv6 implementation - mishandled socket options Advisory-SVG-CVE-2016-3841 High Fixed
2016-11-10 updated 2016-12-14, 2017-01-13 Linux kernel vulnerability Advisory-SVG-CVE-2016-7117 High Heads up
2016-12-06 HIGH risk vulnerabilities concerning Xen Advisory-SVG-CVE-2016-9379 High Fixed
2016-11-24 VOMS server certificate chain/user validation Advisory-SVG-2016-11495 Moderate Fixed
2016-10-21 XSS in DIRAC Webapp and Web portal Advisory-SVG-2016-11107 Moderate Fixed
2016-10-20 updated 2016-10-26 Linux kernel privilege escalation Advisory-SVG-CVE-2016-5195 Critical Fixed
2016-10-10 gridsite / canl-c impersonation vulnerability Advisory-SVG-2016-11476 Critical Fixed
2016-08-25 KeyStone VOMS does not check CRLs Advisory-SVG-2016-10558 Moderate Fixed
2016-07-18 DIRAC configuration - database passwords visible on dirac interface Advisory-SVG-2016-11255 Up to High Fixed
2016-07-15 Two Perfsonar Vulnerabilities announced by the Perfsonar team Advisory-SVG-2016-11363 Moderate Fixed
2016-07-12 dCache READONLY and non-/ user root not enforced Advisory-SVG-2016-11288 Moderate Fixed
2016-06-20 STORM WebDAV interface XXE vulnerability Advisory-SVG-2015-10134 Low Fixed
2016-06-20 dCache WebDAV interface XXE vulnerability Advisory-SVG-2015-10121 Low Fixed
2016-06-13 iperf3 used in perfSONAR CVE-2016-4303 Advisory-SVG-CVE-2016-4303 Critical Fixed
2016-06-08 Vulnerability in IBM's GPFS CVE-2016-0392 Advisory-SVG-CVE-2016-0392 Critical Fixed
2016-06-08 Arbitrary file overwrite vulnerability in WebAppDIRAC Advisory-SVG-2016-11033 High Fixed
2016-06-08 dCache configuration issue Advisory-SVG-2016-10837 High (Config)
2016-06-08 LHCb Setup scripts Advisory-SVG-2015-9809 Low Fixed
2016-06-07 Authorization by user_id to manage VMs does not work in V2.1 Nova API for OpenStack Advisory-SVG-2016-11190 High
2016-05-25 Dirac Pilot factory payload verification Advisory-SVG-2014-7440 Low Migrating from
2016-05-25 PANDA Pilot factory payload verification Advisory-SVG-2014-7430 Low Migrating from
2016-04-28 OpenStack VM management permissions Advisory-SVG-2016-10636 Moderate (Config)
2016-03-11 NSS heap buffer overflow vulnerability Advisory-SVG-CVE-2016-1950 Critical Fixed
2016-02-17 glibc remote code execution vulnerability - CVE-2015-7547 Advisory-SVG-CVE-2015-7547 Critical Fixed
2016-02-03 Linux Kernel Vulnerability - CVE-2016-0728 Advisory-SVG-2016-10376 High Fixed
2016-01-05 Linux Kernel Vulnerabilities Advisory-SVG-2015-CVE-2015-7613 Moderate/High Fixed