Potential Denial Of Service was discovered wherein an attacker could use a specially-crafted VOMS proxy to crash the condor_schedd.
* If your site is not using GSI authentication, you are not affected. This includes using GSI for authentication with condor, but also allowing users to submit jobs that have the x509UserProxy attribute set.
* If you have disabled VOMS in your condor_config file, you are not affected. VOMS support in HTCondor is *ENABLED* by default.
Name: the HTCondor project
Condor in Red Hat Enterprise MRG is built with both GSI and VOMS disabled and therefore is not affected by this issue.
Created condor tracking bugs for this issue:
Affects: epel-all [bug 1598628]
Affects: fedora-all [bug 1598627]