Hi All,
On January 28th, a new vulnerability CVE-2016-0701 was announced. The Globus
team has reviewed the vulnerability and determined that the Globus services and
client interactions to Globus services are not vulnerable.
As a precaution, it is recommended to upgrade any installations using the
vulnerable openssl version.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0701
https://www.openssl.org/news/secadv/20160128.txt
If you have any concerns about this issue, please contact us at
supp...@globus.org.
- Globus Team
