<div class="socmaildefaultfont" dir="ltr" style="font-family:Arial, Helvetica, sans-serif;font-size:10pt" ><div dir="ltr" >Ryan,</div>
<div dir="ltr" > </div>
<div dir="ltr" >The vulnerability affects base GPFS, and all client and server nodes will need to be updated fix this vulnerability.</div>
<div dir="ltr" > </div>
<div dir="ltr" > Felipe</div>
<div dir="ltr" > </div>
<div dir="ltr" >----<br>Felipe Knop knop@us.ibm.com<br>GPFS Development and Security<br>IBM Systems<br>IBM Building 008<br>2455 South Rd, Poughkeepsie, NY 12601<br>(845) 433-9314 T/L 293-9314<br> </div>
<div dir="ltr" > </div>
<div dir="ltr" > </div>
<blockquote data-history-content-modified="1" data-history-expanded="1" dir="ltr" style="border-left:solid #aaaaaa 2px; margin-left:5px; padding-left:5px; direction:ltr; margin-right:0px" >----- Original message -----<br>From: "Ryan Novosielski" <novosirj@rutgers.edu><br>Sent by: gpfsug-discuss-bounces@spectrumscale.org<br>To: "gpfsug main discussion list" <gpfsug-discuss@spectrumscale.org><br>Cc:<br>Subject: [EXTERNAL] Re: [gpfsug-discuss] CVE-2021-29740<br>Date: Fri, Aug 6, 2021 2:18 PM<br>
<div><font size="2" face="Default Monospace,Courier New,Courier,monospace" >Can you clarify which components are affected by this? Do I need to upgrade all clients to mitigate this CVE, or every system that has any portion of GPFS installed, or something different?<br><br>--<br>#BlackLivesMatter<br>____<br>|| \\UTGERS, |---------------------------*O*---------------------------<br>||_// the State | Ryan Novosielski - novosirj@rutgers.edu<br>|| \\ University | Sr. Technologist - 973/972.0922 (2x0922) ~*~ RBHS Campus<br>|| \\ of NJ | Office of Advanced Research Computing - MSB C630, Newark<br> `'<br><br>> On Aug 6, 2021, at 2:13 PM, Felipe Knop <knop@us.ibm.com> wrote:<br>><br>> Barry,<br>> <br>> At least from the development point of view, the fix should have very minimal impact. ("none", based on the nature of the code change itself)<br>> <br>> Felipe<br>> <br>> ----<br>> Felipe Knop knop@us.ibm.com<br>> GPFS Development and Security<br>> IBM Systems<br>> IBM Building 008<br>> 2455 South Rd, Poughkeepsie, NY 12601<br>> (845) 433-9314 T/L 293-9314<br>> <br>> <br>> <br>> ----- Original message -----<br>> From: "Barry Chiu" <barryc@northwestern.edu><br>> Sent by: gpfsug-discuss-bounces@spectrumscale.org<br>> To: "gpfsug-discuss@spectrumscale.org" <gpfsug-discuss@spectrumscale.org><br>> Cc:<br>> Subject: [EXTERNAL] Re: [gpfsug-discuss] CVE-2021-29740<br>> Date: Fri, Aug 6, 2021 1:10 PM<br>> <br>> Hi,<br>> <br>> So, it's been about two months since this security bulletin has been posted, and we haven't seen many replies on this listserv about it.<br>> <br>> Just curious: Has anyone mitigated the vulnerability by installing the patch or upgrading GPFS? And how stable has it been for anyone who has?<br>> <br>> Thanks,<br>> Barry<br>> <br>> <br>> <br>> <br>> Barry Chiu<br>> Team Lead<br>> CyberInfrastructure | Platform Services | RCI<br>> Northwestern University | Information Technology<br>> barryc@northwestern.edu<br>> 847.491.2803<br>> <br>> ---<br>> <br>> <br>> Damir Krstic damir.krstic at gmail.com<br>> Tue Jun 1 17:48:26 BST 2021<br>> • Next message: [gpfsug-discuss] CVE-2021-29740<br>> • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]<br>> Subject: Re: [gpfsug-discuss] CVE-2021-29740<br>> IBM posted a security bulletin for the spectrum scale (CVE-2021-29740). Not<br>> a lot of detail provided in that bulletin. Has anyone installed this fix?<br>> Does anyone have more information about it?<br>><br>> Thanks,<br>> Damir<br>> <br>> _______________________________________________<br>> gpfsug-discuss mailing list<br>> gpfsug-discuss at spectrumscale.org<br>> <a href="http://gpfsug.org/mailman/listinfo/gpfsug-discuss" target="_blank">http://gpfsug.org/mailman/listinfo/gpfsug-discuss</a> <br>> <br>><br>><br>> _______________________________________________<br>> gpfsug-discuss mailing list<br>> gpfsug-discuss at spectrumscale.org<br>> <a href="http://gpfsug.org/mailman/listinfo/gpfsug-discuss" target="_blank">http://gpfsug.org/mailman/listinfo/gpfsug-discuss</a> <br><br>_______________________________________________<br>gpfsug-discuss mailing list<br>gpfsug-discuss at spectrumscale.org<br><a href="http://gpfsug.org/mailman/listinfo/gpfsug-discuss" target="_blank">http://gpfsug.org/mailman/listinfo/gpfsug-discuss</a> </font></div></blockquote>
<div dir="ltr" > </div></div><BR>
<BR>