Note: This web site is only kept up to date for OSG Software 1.2 (VDT 2.0.0). If you are looking for information for the most recent release, the RPM-based OSG Software 3.0, please see the OSG documentation web site

VDT 2.0.0p14 Update

On 2010-03-08, the VDT team announced the release of VDT 2.0.0p14.

Changes to VDT 2.0.0p14

  1. Updated software to fix a security problem with inserting a null byte into the DN portion of a certificate: (VDT ticket 6146)
    • Wget version 1.12
    • Java version 1.5.0_22
    • Java version 1.6.0_17
    • OpenLDAP version 2.4.19
      Note:The update of OpenLDAP also requires us to rebuild LCG-Utils and GFAL, which link against OpenLDAP. The version of these two components has not changed.
  2. Updated Squid to fix a denial of service attack vulnerability (VDT ticket 6382)
  3. Fixed a bug in vdt-update-certs related to setting up CA Certificates when they are not present during an update. (VDT ticket 6419)

Updating to VDT 2.0.0p14

If you installed VDT 2.0.0 after VDT 2.0.0p14 was released on 2010-03-08, you do not need to do any of these update operations because you will have 2.0.0p14.

Recommended method: VDT Updater

We strongly encourage users to update the VDT using the VDT updater script: VDT Updater Instructions

Not recommended: Pacman update

If you really want to do it the hard way, instructions for updating by using Pacman directly are available on another page. This method is hard to follow and error prone.