OSG Security
JoiningLeavingSecurityTeam
Initializing search
GitHub
OSG Security
GitHub
Home
Security Team
Security Announcements
Security Announcements
Overview
Overview x86 vulnerabilities
Announcement Details
Announcement Details
OSG-SEC-2024-01-08 HIGH SSH vulnerability exploitable in Terrapin attacks
OSG-SEC-2023-09-26 CRITICAL PMIx race condition vulnerability affecting Slurm
OSG-SEC-2023-09-25 HIGH Multiple Linux Kernel Vulnerabilities
OSG-SEC-2023-08-01 MEDIUM OpenJDK TLS vulnerability
OSG-SEC-2023-07-28 HIGH OpenSSH remote code execution
OSG-SEC-2023-06-30 CRITICAL Go programming language vulnerabilities
OSG-SEC-2023-05-31 UPDATE on setuid-mode Apptainer exploit
OSG-SEC-2023-05-24 MEDIUM multiple git vulnerabilities
OSG-SEC-2023-05-18 HIGH Linux kernel user-after-free flaw in TLS protocol
OSG-SEC-2023-05-17 HIGH Flaw in Linux kernel Netfilter module
OSG-SEC-2023-04-26_2 MEDIUM GNU Emacs Org Mode arbitrary command injection
OSG-SEC-2023-04-26 HIGH setuid-mode Apptainer exploit
OSG-SEC-2023-04-25 CRITICAL Linux Kernel OverlayFS
OSG-SEC-2023-04-05 HIGH Apache HTTP request splitting
OSG-SEC-2023-03-08 HIGH multiple Linux kernel vulnerabilities
OSG-SEC-2023-02-28 MEDIUM Linux kernel use-after-free in mm/mremap
OSG-SEC-2023-02-17 INFO OpenSSL vulnerability
OSG-SEC-2023-01-24 HIGH sudoedit privilege escalation
OSG-SEC-2022-11-02 HIGH OpenSSL buffer overflows
OSG-SEC-2022-10-25 HIGH libksba integer overflow
OSG-SEC-2022-10-17 HIGH Linux kernel use-after-free in cls_route filter
OSG-SEC-2022-10-07 HIGH expat use-after-free
OSG-SEC-2022-10-04 MEDIUM DNS BIND memory leaks
OSG-SEC-2022-08-26 HIGH Linux systemd use-after-free vulnerability
OSG-SEC-2022-08-10_2 HIGH Linux rsyslog heap-based buffer overflow
OSG-SEC-2022-08-10 HIGH Linux kernel perf use-after-free flaw
OSG-SEC-2022-07-05 HIGH Use-after-free vulnerability in the Linux kernel Netfilter subsystem
OSG-SEC-2022-05-05 CRITICAL Vulnerability in Slurm authentication handling
OSG-SEC-2022-03-31 CRITICAL Expat XML parser arbitrary code execution vulnerability
OSG-SEC-2022-03-18 CRITICAL OOB memory access flaw in Linux kernel
OSG-SEC-2022-03-16 UPDATE - HIGH Severity DOS Vulnerability in OpenSSL
OSG-SEC-2022-03-16 HIGH Severity DOS Vulnerability in OpenSSL
OSG-SEC-2022-03-15 HTCondor Security Release 8.8.16, 9.0.10, and 9.6.0
OSG-SEC-2022-03-09 CRITICAL “dirtypipe” vulnerability in Linux Kernel 5.8 and above
OSG-SEC-2022-02-17 CRITICAL ALERT ACTION REQUIRED xcache image purge notification
OSG-SEC-2022-01-26 CRITICAL local privilege escalation in polkit's pkexec
OSG-SEC-2022-01-25 CRITICAL heap buffer overflow vulnerability in Linux kernel for RHEL 8 and derivatives
OSG-SEC-2022-01-05 Additional UPDATE on Log4J Vulnerability
OSG-SEC-2021-12-17 UPDATE on Log4J Vulnerability
OSG-SEC-2021-12-16 Vulnerability in golang/Singularity
OSG-SEC-2021-12-13 CRITICAL Vulnerability in Java Library Log4j
OSG-SEC-2021-12-02 RCE Vulnerability in NSS
OSG-SEC-2021-11-03 Privilege Escalation Vulnerability in dCache
OSG-SEC-2021-11-03 HIGH severity vulnerability in Apache HTTP mod_proxy
OSG-SEC-2021-09-10 Vulnerability in Linux Kernel Traffic Control Subsystem
OSG-SEC-2021-08-25 Vulnerabilities in JupyterLab and Jupyter Notebook
OSG-SEC-2021-07-27 Vulnerabilities in HTCondor
OSG-SEC-2021-07-22 Vulnerability in Linux kernel
OSG-SEC-2021-05-27 Vulnerability in Singularity
OSG-SEC-2021-05-18 Vulnerability in SLURM CVE-2021-31215
OSG-SEC-2021-03-17 Vulnerabilities in SQUID
OSG-SEC-2021-03-17 Vulnerabilities in iSCSI
OSG-SEC-2021-01-28 vulnerabilities in HTCondor
OSG-SEC-2021-01-27 heap-based buffer overflow in sudo
OSG-SEC-2020-09-22 CVE-2020-14386 Memory corruption in kernel on EL8 **UPDATE**
OSG-SEC-2020-09-22 CVE-2020-14386 Memory corruption in kernel on EL8
OSG-SEC-2020-08-31 Vulnerabilities in frontier-squid
OSG-SEC-2020-05-05 Singularity and unprivileged user namespaces
OSG-SEC-2020-03-26 Vulnerability in xrootd-scitokens Plugin
OSG-SEC-2020-02-07 Vulnerabilities in Frontier Squid
OSG-SEC-2019-11-15 Vulnerability in Squid UPDATE 2
OSG-SEC-2019-11-11 Vulnerability in Squid UPDATE
OSG-SEC-2019-11-08 Vulnerability in Squid
OSG-SEC-2019-07-25 Vulnerability in Squid
OSG-SEC-2019-05-14 Vulnerability in Singularity
OSG-SEC-2018-12-12 Critical vulnerability in Singularity Update 2
OSG-SEC-2018-12-12 Critical vulnerability in Singularity Update
OSG-SEC-2018-12-12 Critical vulnerability in Singularity
OSG-SEC-2018-10-18 Vulnerability in Linux kernel’s create_elf_tables() function Update
OSG-SEC-2018-10-04 Vulnerability in RedHat Ceph Storage
OSG-SEC-2018-10-02 Vulnerability in Linux kernel’s create_elf_tables() function
OSG-SEC-2018-09-20 Vulnerability in AFS
OSG-SEC-2018-09-06 Vulnerability in Apache Struts
OSG-SEC-2018-08-17 Foreshadow
OSG-SEC-2018-08-07 Data channel encryption not guaranteed
OSG-SEC-2018-07-05 Vulnerabilities in Singularity
OSG-SEC-2018-07-03 BLAHP vulnerability
OSG-SEC-2018-05-23 CILogon OSG CA service retirement
OSG-SEC-2018-05-18 Multiple EL7 Linux kernel vulnerabilities
OSG-SEC-2018-05-08 Meltdown-Spectre Update
OSG-SEC-2018-05-07 Unprivileged user namespaces in Singularity
OSG-SEC-2018-04-30 Multiple vulnerabilities in Singularity
OSG-SEC-2018-04-25 Including Let’s Encrypt CA in the OSG CA bundle
OSG-SEC-2018-04-19 Critical vulnerability in Singularity Update
OSG-SEC-2018-04-17 Vulnerability in MariaDB MySQL
OSG-SEC-2018-04-02 Critical vulnerability in Singularity
OSG-SEC-2018-03-27 Vulnerability in SLURM
OSG-SEC-2018-03-13 SAML Vulnerabilities affecting multiple implementations
OSG-SEC-2018-03-08 Limiting Singularity image types
OSG-SEC-2018-03-05 Vulnerability in Singularity
OSG-SEC-2018-02-28 Disable weak ciphers in SSL
OSG-SEC-2018-01-22 Meltdown-Spectre Update
OSG-SEC-2018-01-10 Meltdown-Spectre Update
OSG-SEC-2018-01-04 Meltdown-Spectre Update
CILogon OSG CA
CILogon OSG CA
CILogon OSG CA
Frequently Asked Questions (FAQ)
Certificate Authorities (CA) Distribution
OSG Security Policies & Procedures
OSG Security Policies & Procedures
Including Let’s Encrypt signing certificate in OSG CA bundle
Approved OSG Security Policies
Site/VO Removal Policy
OSG Security Procedures
Site/VO Removal Procedure
Secure Communications in OSG
Software Vulnerability Handling
Incident Discovery Reporting
Joining Security-SIG mailing list
Integrated Security for the OSG
Integrated Security for the OSG
Security Awareness for the OSG
Security User Responsibilities
Security Site Responsibilities
JoiningLeavingSecurityTeam