SIDEBAR
»
S
I
D
E
B
A
R
«
Bug in Password Expiration email program
Apr 28th, 2014 by Tim Watts

I have to apologise publicly.

There was a weird bug in the program that emails 3-2-1-0 weeks warning emails to account holders when their DDH LDAP password is about to expire.

The mail module had an undocumented feature that caused it to do a perl die() if the SMTP server rejected the email at send time, which it might if a KCL user had left. This then prevented the rest of the people due for a warning message, from getting one.

I have now fixed this so all should be back to normal – but if anyone says they cannot log in, please let me know their name so I can check and fix their account.

Apologies for the inconvenience.

 

Tim

Updated the backup server miner to Debian 7
Apr 14th, 2014 by Tim Watts

Partly to address issues with the XFS filesystem throwing errors under very high load.

OpenSSL Vulnerability (CVE-2014-0106 aka “Heartbleed”)
Apr 10th, 2014 by Tim Watts

Firstly – kudos to Miguel for alerting me to the existence of this:

http://heartbleed.com/

It is a bug in the OpenSSL library that is used on many of our servers to implement https:// amongst other things. The bug allows 64KB blocks of RAM to be read from the server’s process space which in turn can be used to leak the SSL private key. Once an attacker has the private key they can decrypt all the SSL protected traffic to and from that server – eg steal passwords and other sensitive data.

I can report that we are now fully patched and the latest scan I’ve done shows that we appear to have no vulnerable servers. Only our Debian 6 and 7 servers had issues and also had patches available from Debian. Debian 4 5 and SuSE servers do not have this bug.

As some of the patching work was rushed, I apologise for the un-scheduled rebooting of many servers last night and this morning.

SIDEBAR
»
S
I
D
E
B
A
R
«
»  Substance:WordPress   »  Style:Ahren Ahimsa