This is Lite Plone Theme
You are here: Home System Status EMERGENCY security patch [RESOLVED]

EMERGENCY security patch [RESOLVED]

Dear users,

A security vulnerability has been announced in the GNU libc library used on all cosmos machines. This vulnerability can be exploited remotely without the need to even try to log on to the machine and can under certain circumstances [1] lead to root-level access being granted to the attacker.

This is as bad as a security bug gets, except the discoverers of this bug have been co-operating with OS vendors so a fix has been published at the same time as the vulnerability, so we can fix the machines right away.

Unfortunately, installing the fix requires a reboot.

We will reboot the machines as soon as the last job currently running has finished and in the meantime, all user access has been blocked for security reasons.

We expect to be able to re-enable the queues and reopen user access during the night, but please check http://www.cosmos.damtp.cam.ac.uk/system-status/aggregator for updates.

We apologise for the inconvenience.

Best regards, COSMOS Management

[1] We do not know what exactly these circumstances are, so we cannot ascertain whether we are safe and need to take steps to ensure we are.

UPDATE@2015-01-29 01:03: All the patches have been applied and machines rebooted. However, the CXFS metadata server is not in a co-operative mood. It will have to be looked at in the morning. Meanwhile, please feel free to log in use the systems: the /slow and /fast filesystems will become available once the metadata server is up and there should be no need for any further reboots.