Note: This web site is only kept up to date for OSG Software
1.2 (VDT 2.0.0). If you are looking for information for the most recent
release, the RPM-based OSG Software 3.0, please see
the OSG documentation web site
VDT 2.0.0p14 Update
On 2010-03-08, the VDT team announced the release of VDT 2.0.0p14.
Updated software to fix a security problem with inserting a null byte
into the DN portion of a certificate: (VDT Ticket 6146)
- Wget version 1.12
- Java version 1.5.0_22
- Java version 1.6.0_17
- OpenLDAP version 2.4.19
Note:The update of OpenLDAP also requires us to rebuild LCG-Utils
and GFAL, which link against OpenLDAP. The version of these two components
has not changed.
Updated Squid to fix a denial of service attack vulnerability (VDT Ticket 6382)
Fixed a bug in vdt-update-certs related to setting up CA Certificates when they
are not present during an update. (VDT Ticket 6419)
If you installed VDT 2.0.0 after VDT 2.0.0p14 was released on
2010-03-08, you do not need to do any of these update operations
because you will have 2.0.0p14.
Recommended method: VDT Updater
We strongly encourage users to update the VDT using the VDT updater
VDT Updater Instructions
Not recommended: Pacman update
If you really want to do it the hard way,
instructions for updating by using
Pacman directly are available on another page. This method is
hard to follow and error prone.