Dear Discovery Cluster Users,

We have just patched all the login, administrative and compute nodes on the Discovery Cluster. If you are logged in - PLEASE LOG OUT AND LOG IN AGAIN IMMEDIATELY.

Please see http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability for more information on this vulnerability. Although our systems have now been secured and scanned, if you are connecting from another Linux or Mac terminal please check if you system is vulnerable before you connect to the Discovery Cluster.

The command to run is below. If you see the word "vulnerable" in the output then you must patch your system before login into the Discovery Cluster.

[nroy@discovery2 ~]$ env x='() { :;}; echo vulnerable' bash -c 'echo hello'
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
hello
[nroy@discovery2 ~]$ rpm -qa | grep bash
bash-4.1.2-15.el6_5.1.x86_64
[nroy@discovery2 ~]$

If you login without patching your system please be advised that your system could be compromised and with it the login to the Discovery Cluster.

Please treat this matter with utmost importance.

Thank you,

Best
Nilay

########################################################################

To unsubscribe from the DISCOVERY list, click the following link:
http://listserv.neu.edu/cgi-bin/wa?SUBED1=DISCOVERY&A=1