Important httpd update
Posted July 20, 2016 - permalink
An important CVE has been announced regarding the Apache web server package and we recommend users update as soon as possible. Details from RedHat, Debian, and Ubuntu can be found below:
It does NOT appear that perfSONAR is directly affected by this issue. The vulnerability affects apache web servers running CGI scripts in certain languages. Perl (which is the language perfSONAR uses in its CGI scripts) does not appear to be affected, but in order to exercise maximum caution we wanted to make people aware of the issue and suggest they update. For languages that are affected, the attacker can set a proxy in the HTTP header of a request and force the host to forward information to remote server of the attackers choosing.
If you are running auto-updates, you likely already have the fix. Otherwise running “yum update httpd” on CentOS/RedHat or "apt-get update && apt-get upgrade apache2" on Debian/Ubuntu should resolve the issue (no restarts required). Please let us know if you have any questions.
New web100 kernel available
Posted July 19, 2016 - permalink
New web100 kernel packages are now available for users of the perfSONAR toolkit. You may run 'yum update' to grab the new kernel. You should restart your host after the upgrade completes.
Note this is just a kernel upgrade and the other perfSONAR packages have NOT been updated.
New perfSONAR Training Videos Released
Posted July 18, 2016 - permalink
The Department of Energy’s Energy Sciences Network (ESnet), and the Network Startup Resource Center (NSRC) at the University of Oregon have teamed up to create an extensive video training library to help organizations improve the performance of their networks by deploying the perfSONAR network measurement tools and the Science DMZ network architecture.
The library can be found here:
A news release on this project can be found here: http://es.net/news-and-publications/esnet-news/2016/new-training-videos-leverage-esnet-s-expertise-to-improve-network-performance-around-the-world/
perfSONAR UI 1.7.1 release
Posted July 13, 2016 - permalink
We are pleased to announce the release of perfSONAR UI 1.7.1. This is mainly a bug-fix release with release notes as follows:
- PSANALYSIS-629 psUI was failing while receiving paginated data from Esmond
- PSANALYSIS-536 fixing clean installs on Debian-styled systems (added chown tomcat7 to database directory)
- PSANALYSIS-611 fixes the problem about not being able to edit and add users
- In occasion some error happened while querying for packet-trace metadata, histogram-ttl data is now properly used for hopcounts
- The state of the community filter is now hopefully more visible and understandable
The new version is deployed on the demo instance: https://psui.geant.net. Anyone having an account with their home organization that is part of eduGAIN can test new features by logging in using “Federated Login” button.
If there is a desire to install it locally, we recommended to follow installation steps outlined here: http://docs.perfsonar.net/install_psui.html. Both DEB and RPM repos are updated with 1.7.1 package and you can update using your usual package manager (yum update/apt-get upgrade).
Direct links to the packages are:
- http://downloads.perfsonar.net/redhat/main/rpms/el6/i386/main/RPMS/perfsonar-ui-web-1.7.1.el6.noarch.rpm (CentOS 6, RHEL 6)
- http://downloads.perfsonar.net/debian/pool/main/p/perfsonar-ui-web/perfsonar-ui-web_1.7.1_all.deb (Debian 7, Ubuntu 12.04, Ubuntu 14.04, Debian 8).
Please report any bugs in the psUI JIRA here:
or to firstname.lastname@example.org mailing list.