Grid Engine (SGE) 5.3p5 is a patch release which fixes multiple vulnerabilites of the OpenSSL library 0.9.7a. Only users who run Grid Engine with OpenSSL support enabled ("CSP mode") should install this patch. Other users should check the complete list of bug fixes in this release (see below) to find out whether they need to install this release. Grid Engine 5.3p5 is linked with OpenSSL 0.9.7c.
For more information about the the openSSL vulnerabilites see the CERT® Advisory CA-2003-26
http://www.cert.org/advisories/CA-2003-26.htmland the OpenSSL Security Advisory
http://www.openssl.org/news/secadv_20030930.txtSGE 5.3p5 is fully compatible with previous SGE 5.3 releases. This release is available as a courtesy binary distribution from Sun Microsystems at the project download page. This patch release changes the binaries and the architecture independent files ("common" package). The unchanged PDF documentation set for SGE and SGEEE is provided by Sun Microsystems as a courtesy contribution for users of the Grid Engine open source software.
Users who do a new installation of SGE need to follow the directions at the project download page. Users who install this version as a patch for any previous SGE 5.3 release can find directions how to install the patch at
install53patchA list of bugfixes for this release can be found at
53patchesUsers who want to access the corresponding source code need to checkout the CVS tag
V53p5_TAGin the branch of the CVS repository
V53_beta2_BRANCHA snapshot of the Grid Engine 5.3p4 sources is available as a source tarball at the File Exchange Tool as file sge-V53p5_TAG-src.tar.gz.