Potential Denial Of Service was discovered wherein an attacker could use a specially-crafted VOMS proxy to crash the condor_schedd. * If your site is not using GSI authentication, you are not affected. This includes using GSI for authentication with condor, but also allowing users to submit jobs that have the x509UserProxy attribute set. * If you have disabled VOMS in your condor_config file, you are not affected. VOMS support in HTCondor is *ENABLED* by default.
Acknowledgments: Name: the HTCondor project
Statement: Condor in Red Hat Enterprise MRG is built with both GSI and VOMS disabled and therefore is not affected by this issue.
External Reference: http://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2017-0001.html
Upstream Patch: https://github.com/htcondor/htcondor/commit/2f3c393feb819cf6c6d06fb0a2e9c4e171f3c26d
Created condor tracking bugs for this issue: Affects: epel-all [bug 1598628] Affects: fedora-all [bug 1598627]