OSG-SEC-2022-02-17 CRITICAL ALERT ACTION REQUIRED xcache image purge notification
Dear Security and Sysadmin contacts,
A CRITICAL security flaw was detected in OSG XCache images published in DockerHub  and OSG’s Harbor  which could compromise the integrity and confidentiality of data on other containers for all varieties of XCache and XRootD standalone.
To mitigate this flaw, the OSG software team has pushed new images to DockerHub and will be purging all images prior to February 16, 2022.
What this means for you
You will need to update to the latest image and restart all affected containers by the end of Feb 17, 2022. Containers running images older than 2/16/22 are considered vulnerable and may no longer function as expected.
To download the latest image:
docker pull opensciencegrid/:release
Where is one of : atlas-xcache cms-xcache stash-cache stash-origin xcache xrootd-standalone
If you have any questions, please contact [email protected]
Sincerely, OSG Security Team