[gpfsug-discuss] CVE-2021-29740
Ryan Novosielski
novosirj at rutgers.edu
Fri Aug 6 19:18:37 BST 2021
Can you clarify which components are affected by this? Do I need to upgrade all clients to mitigate this CVE, or every system that has any portion of GPFS installed, or something different?
--
#BlackLivesMatter
____
|| \\UTGERS, |---------------------------*O*---------------------------
||_// the State | Ryan Novosielski - novosirj at rutgers.edu
|| \\ University | Sr. Technologist - 973/972.0922 (2x0922) ~*~ RBHS Campus
|| \\ of NJ | Office of Advanced Research Computing - MSB C630, Newark
`'
> On Aug 6, 2021, at 2:13 PM, Felipe Knop <knop at us.ibm.com> wrote:
>
> Barry,
>
> At least from the development point of view, the fix should have very minimal impact. ("none", based on the nature of the code change itself)
>
> Felipe
>
> ----
> Felipe Knop knop at us.ibm.com
> GPFS Development and Security
> IBM Systems
> IBM Building 008
> 2455 South Rd, Poughkeepsie, NY 12601
> (845) 433-9314 T/L 293-9314
>
>
>
> ----- Original message -----
> From: "Barry Chiu" <barryc at northwestern.edu>
> Sent by: gpfsug-discuss-bounces at spectrumscale.org
> To: "gpfsug-discuss at spectrumscale.org" <gpfsug-discuss at spectrumscale.org>
> Cc:
> Subject: [EXTERNAL] Re: [gpfsug-discuss] CVE-2021-29740
> Date: Fri, Aug 6, 2021 1:10 PM
>
> Hi,
>
> So, it's been about two months since this security bulletin has been posted, and we haven't seen many replies on this listserv about it.
>
> Just curious: Has anyone mitigated the vulnerability by installing the patch or upgrading GPFS? And how stable has it been for anyone who has?
>
> Thanks,
> Barry
>
>
>
>
> Barry Chiu
> Team Lead
> CyberInfrastructure | Platform Services | RCI
> Northwestern University | Information Technology
> barryc at northwestern.edu
> 847.491.2803
>
> ---
>
>
> Damir Krstic damir.krstic at gmail.com
> Tue Jun 1 17:48:26 BST 2021
> • Next message: [gpfsug-discuss] CVE-2021-29740
> • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Subject: Re: [gpfsug-discuss] CVE-2021-29740
> IBM posted a security bulletin for the spectrum scale (CVE-2021-29740). Not
> a lot of detail provided in that bulletin. Has anyone installed this fix?
> Does anyone have more information about it?
>
> Thanks,
> Damir
>
> _______________________________________________
> gpfsug-discuss mailing list
> gpfsug-discuss at spectrumscale.org
> http://gpfsug.org/mailman/listinfo/gpfsug-discuss
>
>
>
> _______________________________________________
> gpfsug-discuss mailing list
> gpfsug-discuss at spectrumscale.org
> http://gpfsug.org/mailman/listinfo/gpfsug-discuss
More information about the gpfsug-discuss
mailing list