-
condor (7.8.2~dfsg.1-1+deb7u1) unstable; urgency=high
* Security update. This release addresses four CVE issues (Closes: #688210):
- Security Item: Some code that was no longer used was removed. The presence
of this code could expose information which would allow an attacker to
control another user's job. (CVE-2012-3493)
- Security Item: Some code that was no longer used was removed. The presence
of this code could have lead to a Denial-of-Service attack which would
allow an attacker to remove another user's idle job. (CVE-2012-3491)
- Security Item: Filesystem (FS) authentication was improved to check the
UNIX permissions of the directory used for authentication. Without this,
an attacker may have been able to impersonate another submitter on the
same submit machine. (CVE-2012-3492)
- Security item: Check setuid return value (CVE-2012-3490)
-- Michael Hanke <email address hidden> Wed, 26 Sep 2012 16:10:17 +0200
-
condor (7.8.2~dfsg.1-1) unstable; urgency=high
* Upstream security release. Prevent an attacker who is manipulating
reverse-DNS entries and is able to connect to a Condor daemon to gain
access to a Condor pool that is using DNS/hostname host-based authentication
(only). CVE-2012-3416
-- Michael Hanke <email address hidden> Thu, 16 Aug 2012 08:32:49 +0200
-
condor (7.8.1~dfsg.1-1) unstable; urgency=low
* New upstream bugfix release:
- Fixed a bug in the condor init script that would cause
the init script to hang if condor wasn't running (Ticket 2872)
- Fixed a bug that caused Parallel Universe jobs using Parallel
Scheduling Groups to occasionally stay idle even when there were
available machines to run them (Ticket 3017)
- Fixed a bug that caused the Condor GridManager to crash when
attempting to submit jobs to a local PBS/LSF/SGI cluster
(Ticket 3014)
- Fixed a bug in the handling of local universe jobs which caused
the Condor SCHEDD to log a spurious ERROR message every time a local
universe job exited, and then further caused the statistics for local
universe jobs to be incorrectly computed (Ticket 3008)
- Fixed a bug when Condor runs under the PrivSep model, in which if a job
created a hard link from one file to another, Condor was unable to
transfer the files back to the submit side, and the job was put on hold.
(Ticket 2987)
- When configuration variables MaxJobRetirementTime or MachineMaxVacateTime
were very large, estimates of machine draining badput and completion time
were sometimes nonsensical because of integer overflow (Ticket 3001)
- Fixed a bug where per-job sub-directories and their contents in the
SPOOL directory would not be removed when the associated job left the
queue (Ticket 2942). Closes: #663031
* Updated Swedish Debconf translation (Closes: #676943).
-- Michael Hanke <email address hidden> Wed, 06 Jun 2012 10:39:35 +0200
-
condor (7.8.0~dfsg.1-2) unstable; urgency=low
* Actually include the Russian, Italian, and Polish translations.
* Add Debconf template translations:
- Swedish -- courtesy of Martin Bagge <email address hidden>
(Closes: #673877)
- French -- courtesy of Steve Petruzzello <email address hidden>
(Closes: #673138)
- Portuguese -- courtesy of Pedro Ribeiro <email address hidden>
(Closes: #674943)
* Add explicit dependency on Python (for condor_router_history).
* Remove word duplication from package description.
* Fix typos in debian/copyright.
-- Michael Hanke <email address hidden> Mon, 04 Jun 2012 08:49:07 +0200
-
condor (7.8.0~dfsg.1-1) unstable; urgency=low
* New upstream release (Closes: #670304). This is the first release of the
new 7.8 stable series. Patches introduced to prevent FTBFS on mips, ia64
and s390x are merged/obsolete.
* Add Debconf template translations (Closes: #670487):
- German -- courtesy of Erik Pfannenstein <email address hidden>
(Closes: #671394)
- Russian -- courtesy of Yuri Kozlov <email address hidden>
(Closes: #671510)
- Italian -- courtesy of Beatrice Torracca <email address hidden>
(Closes: #671641)
- Polish -- courtesy of Michał Kułach <email address hidden>
(Closes: #671547)
-- Michael Hanke <email address hidden> Wed, 09 May 2012 11:35:19 +0200
