The Open MPI Team, representing a consortium of research, academic, and 
industry partners is releasing Open MPI version 1.4 in reaction to the GNU 
Libtool 2.2.6b security update release (see for more details).

This release closes a potential security vulnerability associated with the 
embedded version of GNU Libtool used in the Open MPI v1.3 series.  This release 
also represents the transition from the v1.3 series of functional enhancement 
releases to the stable v1.4 series of bug fix releases.  We recommend that all 
users currently on the v1.3 series upgrade to this v1.4 release.  As this 
represents the transition to the v1.4 stable branch, we also encourage all 
v1.2.x users to upgrade to v1.4.

*** More details about this release were sent to the Open MPI user's list:

Version 1.4 can be downloaded from the main Open MPI web site or any of its 
mirrors (mirrors will be updating shortly). 

As indicated above, there is only one change from the 1.4 release:

 - Use GNU Libtool 2.2.6b to build Open MPI, which updates the
   embedded "libltdl" library to fix a potential security
   vulnerability.  There are no other changes compared to Open MPI

Note that the GNU Libtool libltdl problem extends back quite a few versions; it 
includes the version that was used to build Open MPI v1.2.9.  There are no 
plans to release a patched v1.2.10 at this time; we are recommending that 
v1.2.x users upgrade to v1.4.  If you have a need for v1.2.10, please send mail 
to the Open MPI users' mailing list.

Jeff Squyres

Reply via email to