Apache Struts vulnerability affecting VOMS-Admin

A serious vulnerability has been found in Apache Struts on which VOMS-Admin is dependent. The exploit of this vulnerability could cause remote code execution. Apache Struts version 2.5.26 fixes this issue. Sites running VOMS-Admin should upgrade to voms-admin-server...

High risk vulnerability concerning Squid

The Squid project has publicly announced new vulnerabilities, one of which is deemed HIGH risk, viz. CVE-2020-25097, because it may allow services to be exposed that are not directly accessible from the client host. The other ones only concern potential denial of...

Various Linux kernel vulnerabilities

We would like to point out two vulnerabilities found in the Linux Kernel, that are high risk for our infrastructure. CVE-2020-25211 A buffer overflow vulnerability has been announced by RedHat which may allow a local user to crash the system, compromise data...

dCache file ownership vulnerability

In the end of November, a vulnerability has been discovered in dCache service, which may in some circumstances allow an unauthenticated person to change file ownership, view and delete arbitrary files. The vulnerability has been fixed in dCache versions 6.2.10,...