Columbia University Information Technology

Service Alerts

WEB SECURITY UPDATE

Service Impact: 
Alert Date: 
(Approximate) 03/06/2013 - 08:00am to 03/06/2013 - 09:00am
Main Content
Alert Message: 

UPDATE: Closing this old Service Alert.

 

On Wednesday, March 6 between 8 and 9am, we will be making configuration changes to a number of web servers to protect against a security vulnerability.

Deploying the configuration change will require restarts, which could cause an interruption in service of a few minutes. The services potentially affected include: Confluence, Cubmail, DARTS, Dokuwiki, Doris, ECRT, HyperContent, Mailman, Sundial, Wind, and websites hosted on our main webservers.

For more information about the vulnerability, known as BEAST, see
<https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls>.

CUIT apologizes for any inconvenience this may cause, but this action is necessary to ensure a more reliable service.  If clients continue to experience issues after the service-interruption hours, please contact the CUIT Helpdesk at:

Web:     http://cuit.columbia.edu/support

Phone:   212-854-1919

Email:     askcuit@columbia.edu

 

For a list of active and future Service Alerts, please visit http://cuitalerts.columbia.edu/.