Yes, but this sounds more like a bureaucratic requirement ("all
available patches must be installed") and less like something someone
has thought through.
It's conceivable that one might be able to talk to a security officer
and convince them that this is not in fact an important issue, but I'm
not optimistic about that ...
Ben Bolker
On 2024-05-16 1:38 p.m., CALUM POLWART wrote:
Do you receive RDS objects from unknown (untrusted) sources?
?? If not - the security issue is a non-issue as I understand it.
On Thu, 16 May 2024, 16:21 Vega, Ann (she/her/hers) via R-help, <
r-help@r-project.org> wrote:
I help to coordinate the USEPA's R user group. We have over 500 members
and our security officer has required us to update to R version 4.4.0
because of the security vulnerability to versions prior. However, we
cannot download the patched version because it does not have a signed
certificate and Microsoft Defender won't allow us to install it.
Most of our users rely on the RStudio viewer pane so we are in a bit of a
quandary. We suspect other government agencies are impacted by this as
well.
Can you give me an estimated time for when another official version will
be released with the patch included? I may be able to ask our security
officer to allow us to delay our install until that official version is
released. Alternatively, if the patched version could have a signed
certificate, that would allow us to install it.
Thank you.
Ann Vega, PSPO
She/Her/Hers (Learn More<https://intranet.ord.epa.gov/dei/gender-pronouns
)
Office of Science Information Management, Data Architect
EPA Office of Research and Development
Cincinnati, OH
Mobile: 513-418-1922 - or reach out to me on Teams!
Hours: Monday-Thursday, 7:30am - 6:00 pm, CDO: Fridays
Email: vega....@epa.gov<mailto:vega....@epa.gov>
[[alternative HTML version deleted]]
______________________________________________
R-help@r-project.org mailing list -- To UNSUBSCRIBE and more, see
https://stat.ethz.ch/mailman/listinfo/r-help
PLEASE do read the posting guide
http://www.R-project.org/posting-guide.html
and provide commented, minimal, self-contained, reproducible code.
[[alternative HTML version deleted]]
______________________________________________
R-help@r-project.org mailing list -- To UNSUBSCRIBE and more, see
https://stat.ethz.ch/mailman/listinfo/r-help
PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
and provide commented, minimal, self-contained, reproducible code.
______________________________________________
R-help@r-project.org mailing list -- To UNSUBSCRIBE and more, see
https://stat.ethz.ch/mailman/listinfo/r-help
PLEASE do read the posting guide http://www.R-project.org/posting-guide.html
and provide commented, minimal, self-contained, reproducible code.
