Issued:: 2013-08-21
Updated:: 2013-08-21

RHSA-2013:1171 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: condor security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated condor packages that fix one security issue are now available for
Red Hat Enterprise MRG 2.3 for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

HTCondor is a specialized workload management system for compute-intensive
jobs. It provides a job queuing mechanism, scheduling policy, priority
scheme, and resource monitoring and management.

A denial of service flaw was found in the way HTCondor's policy definition
evaluator processed certain policy definitions. If an administrator used an
attribute defined on a job in a CONTINUE, KILL, PREEMPT, or SUSPEND
condor_startd policy, a remote HTCondor service user could use this flaw to
cause condor_startd to exit by submitting a job that caused such a policy
definition to be evaluated to either the ERROR or UNDEFINED states.
(CVE-2013-4255)

Note: This issue did not affect the default HTCondor configuration.

This issue was found by Matthew Farrellee of Red Hat.

All Red Hat Enterprise MRG 2.3 users are advised to upgrade to these
updated packages, which contain a backported patch to correct this issue.
HTCondor must be restarted for the update to take effect.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Affected Products

MRG Grid 2 for RHEL 5 x86_64
MRG Grid 2 for RHEL 5 i386
MRG Grid from RHUI 2 for RHEL 5 x86_64

Fixes

BZ - 919401 - CVE-2013-4255 condor: condor_startd DoS when parsing policy definition that evaluates to ERROR or UNDEFINED

CVEs

CVE-2013-4255

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

MRG Grid 2 for RHEL 5

SRPM
condor-7.8.8-0.4.2.el5_9.src.rpm	SHA-256: 1966036dc18db75d40d8078cc4c705b1f90705451c14db83e93bbd05e2ece5e2
x86_64
condor-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: 82eea59cc32960229d36c12bc7f47f072164029ab8d6015ab417bd780e4e4c7f
condor-aviary-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: 1448e4686fcfa8868c46f50060112a4084acce4da9966aaf97d1ba23813d3a2f
condor-classads-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: 0dae4b22b1794f04a4dfb5a628299a86f704f7da095980da5fa16be06aa231e6
condor-kbdd-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: 0eb02a3aec57448fbeddbeb9f87a4e4a9fac68ff69a66c891be2949567d6400c
condor-qmf-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: 1d9a6aa714672b224b53365886f854331c27c437b9935698cac49367e3b19313
condor-vm-gahp-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: c1335a61a03073945d8113c8a580ab4d8893a94a35f70de13306c3001fa65172
i386
condor-7.8.8-0.4.2.el5_9.i386.rpm	SHA-256: e4d0b3c446a519928d2a532c8f92d1a83ac36f88e4452c5063e37068f7f3670d
condor-aviary-7.8.8-0.4.2.el5_9.i386.rpm	SHA-256: 9d0dfb8a959c6124a738b1948c21fd22e55b282c0fb61d284d60545c6af7535d
condor-classads-7.8.8-0.4.2.el5_9.i386.rpm	SHA-256: a0445b2ae2bc1c3ddd8eee9e299d70b7ed8869434bde3766ec4701a27096681b
condor-kbdd-7.8.8-0.4.2.el5_9.i386.rpm	SHA-256: ee72606ad88b26384a47fac96006c2b6b283ac67f23518a2060d61e849f1013b
condor-qmf-7.8.8-0.4.2.el5_9.i386.rpm	SHA-256: 41ab23a16c23fd2245805c40e7fb98173bc71679e3b1513bd10dbcac8c7cd789
condor-vm-gahp-7.8.8-0.4.2.el5_9.i386.rpm	SHA-256: 1e3d30c417bcbe7989e0f91b74c3709ed7f92d8b64d41bd406b504c1b7e5f104

MRG Grid from RHUI 2 for RHEL 5

SRPM
condor-7.8.8-0.4.2.el5_9.src.rpm	SHA-256: 1966036dc18db75d40d8078cc4c705b1f90705451c14db83e93bbd05e2ece5e2
x86_64
condor-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: 82eea59cc32960229d36c12bc7f47f072164029ab8d6015ab417bd780e4e4c7f
condor-aviary-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: 1448e4686fcfa8868c46f50060112a4084acce4da9966aaf97d1ba23813d3a2f
condor-classads-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: 0dae4b22b1794f04a4dfb5a628299a86f704f7da095980da5fa16be06aa231e6
condor-kbdd-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: 0eb02a3aec57448fbeddbeb9f87a4e4a9fac68ff69a66c891be2949567d6400c
condor-qmf-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: 1d9a6aa714672b224b53365886f854331c27c437b9935698cac49367e3b19313
condor-vm-gahp-7.8.8-0.4.2.el5_9.x86_64.rpm	SHA-256: c1335a61a03073945d8113c8a580ab4d8893a94a35f70de13306c3001fa65172

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation