Friday, May 31, 2013

[FreeBSD-Announce] FreeBSD Virtual Machine images

I am happy to announce the availablilty of pre-installed VM images for
the FreeBSD head/ branch.

Images are available for the amd64 and i386 architectures, and can be
downloaded from the FreeBSD FTP site, including most mirrors:

ftp://ftp.freebsd.org/pub/FreeBSD/snapshots/VM-IMAGES/Latest/

Images are planned to be generated at the same 1-week interval as
installer snapshots. VM images for stable/9 are not yet available, but
are a work in progress.

Technical details:

o VM hard disk image formats available are QCOW2 (qemu) and VMDK
(VirtualBox and VMWare)

o The VM disk images are approximately 750Mb uncompressed, and 10Gb
when attached to a VM. File size of the raw disk image will grow as
data is written to the virtual device.

o The partition layout is:

- 512k - freebsd-boot GPT partition type (bootfs GPT label)
- 1Gb - freebsd-swap GPT partition type (swapfs GPT label)
- ~8Gb - freebsd-ufs GPT partition type (rootfs UFS label)

Those interested are encouraged to subscribe to the freebsd-snapshots
announcement list for relevant updates and/or notices regarding these
VM images:

http://lists.freebsd.org/mailman/listinfo/freebsd-snapshots

Regards,

Glen
No comments:

[USN-1849-1] Linux kernel (Raring HWE) vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRqC9IAAoJEAUvNnAY1cPYRrsP/iCWSNqRM1lPLddYCDwQAcnj
35Bc9U/Vqbr1TqMJstu/ew53SEufqvUczaRKjaGtPsb3LEulzmkJSu9dPrl2mpjY
tNId6jv3MMFjVAsmFpRfoRLDZVd/USTaa6xH8Q8iirp3Li2frhpI6UNWG+c5RB+s
J5RzwjM9ep/kdjJm3lkr7R1VhEphLVbPvSEjdf5tWSfrVUiMxDBWVExERPm4Jqj9
lEaCdKLPFBIKAuF2JpkPMAN3jiOkP8Y556WCxwyjFSw7PUlZuo2gsv9kh839G5k2
jKN0OMEbQXSmuOxb0RUE4H4FWOdjW05+HLVWqWmGMkhd3GTAIDIo4opCrrAOmjcM
YdgmFXckzQenvbGiQT/A4xlTwQ/Uohv1aYoW5Lk1Z4IdSaCGG6w7M1YXPy80J+04
oIVeQRTFOHvsz9Vy7ziaNdqu6LjIUCZ2gPqxBsLhaT8oUMY8tmmD+MzLmOyq70xY
irClwuivKvE6/6osWolcgD7jh1y/fv5ZsNXIxf9M7K0Pgg0lD2i3gugTrh8d5oMZ
MMrLv6ESxjs0UNvcBt8MHG0MK3rRtpAflEHd7KDoLqTTvRqqiH5Xxy7vw3S6NW0V
N9mrxdNN4kPSEGPP6XaONLufVjqJqDnx2YgKjZXhrBEtudilzvrBFpDF/Co6DLQn
Wkfw74JjoDzEwQCkYoAM
=AR9h
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1849-1
May 31, 2013

linux-lts-raring vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator if
it received specially crafted network traffic.

Software Description:
- linux-lts-raring: Linux hardware enablement kernel from Raring

Details:

Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote
unauthenticated attacker could exploit this flaw to cause a denial of
service (system crash) or potentially gain administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.8.0-23-generic 3.8.0-23.34~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1849-1
CVE-2013-2094

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-raring/3.8.0-23.34~precise1
No comments:

Thursday, May 30, 2013

[USN-1847-1] Linux kernel vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRp+gWAAoJEAUvNnAY1cPYt4QP/iYNyVFxB0pCm8fgpggqXCnI
qN6+qRtcuf8d9tAShgI6v7Hb6bPX5Iz1HoD6GXbuzfT5yHOjq0P/HUAchWmT9Jbc
XxX1uwL5MhRLIqe9SA79pE6JFtrK4qNAojLl77Y5X5md3dUJyEaur+ymThtCzDNx
2EInw3JuW2oet37BA+Zz+faSZSnShizTaHs1t9ISI4bx+zrKyZjU9Ukmv90DqL9/
1gcrNvplgweg4G1434ffSLI33qjeFIIVphh6gGkHjJaOmUMLl8IZctAA9sgQbybr
v4fvi5B6W7K/KJrUj9K9XVi/QSeOcG/wehTOR0rH2nX2GsbU24v492vDZMHeENM7
1nYbx/X0wGcXBJCcXdl3+eUsCXMKrjiltaesEwOEl7/1leUqZFLN8GhMpz/zH1VA
7YVGf4QqqVXvHNWTGHwwN8XrjVFv5d8RJAfhDpwLOZMq5cPgrNg/AZa/a1Nwr1hw
SEtaJ05QUhCDN8xQFxUxQgMZ9DBHzX5MvHFaIJZ/he6tf+L/GCD+/U/Mzme3QFNH
+6GOxtDZrvwSooi+wnHcJUcWXj81hgpaTYVKi+H7rvHxHZwRkSMbRPEM35DWIWW0
QKH1guPp/EfbhYr22MJ9YrFySyFGdJnmGW+VhrPC2fTIDYQ7nBibiiHMvFeJk9bR
GhymqFQ7A+jzlgqUz3wJ
=9rN3
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1847-1
May 30, 2013

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04

Summary:

The system could be made to crash or run programs as an administrator if
it received specially crafted network traffic.

Software Description:
- linux: Linux kernel

Details:

Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote
unauthenticated attacker could exploit this flaw to cause a denial of
service (system crash) or potentially gain administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
linux-image-3.8.0-23-generic 3.8.0-23.34

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1847-1
CVE-2013-2850

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.8.0-23.34
No comments:

[USN-1846-1] Linux kernel vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRp+fzAAoJEAUvNnAY1cPYLUIP/2Y3OgE6QZpPJ1Sv7mPqyRGU
3yjSQURbiFC/GX4NFM8T2tPeVQvOxTb2zg0Lv8zlow4rNMPjCfkesgZrZQWmYT3h
2Mia5CgEKWYf57mThZkGwKBzzuwdiUf3RZlYE16mnK2US6nhKDXzp11t372r/VlP
PfxRkj6VHbzLncbCKNH/Au4a6hhaKq/I3USm3VTH8bKWHjnyOBrJOBT1oFWnsnhx
RJ5NFHgv9CXva6E25X4QwmDhA/dZzcIz7pAAMqoZSGqZmHnAeyVx9ZpRkdDncbym
ays9NBqZ2pOXM41lTqD/sP1hbrYZ6bAkcY7BoBJXFTi9Hgp4w7okIWwWD2IdjzyH
uM4Q6bKvMR6zkA96WS5AK7GX1uZ9ChHjt/a1j624qzlXehhyZaXj81S5V7JxFFtl
flVbQUljjDttdQ7i3O5BZoLqWIx/pjYeWpTzatngIrr4aYNZV9zOYmQ8qlocxoaD
t7+M/BKfl58BtrPizwOkERb/EB2EhvLTjH+aYJsHEzD8jTFbhdiQvZ2sSk0Qigji
dhIWhhRXyOLGOiJE/S4aRhOQv46U5RjHHMr2hn0G6MpR+eghJwtFYm0zTtEybi4H
tp8hqUgpH7N+HPf2hhp5B8PANmENmNgS+PVkJ4VRkpl28cO6HUxoaZCqYyDtoItZ
kxizM8BHFZYkcReWMz4g
=RGe4
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1846-1
May 30, 2013

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10

Summary:

The system could be made to crash or run programs as an administrator if
it received specially crafted network traffic.

Software Description:
- linux: Linux kernel

Details:

Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote
unauthenticated attacker could exploit this flaw to cause a denial of
service (system crash) or potentially gain administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
linux-image-3.5.0-32-generic 3.5.0-32.53
linux-image-3.5.0-32-highbank 3.5.0-32.53
linux-image-3.5.0-32-omap 3.5.0-32.53
linux-image-3.5.0-32-powerpc-smp 3.5.0-32.53
linux-image-3.5.0-32-powerpc64-smp 3.5.0-32.53

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1846-1
CVE-2013-2850

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.5.0-32.53
No comments:

[USN-1845-1] Linux kernel (Quantal HWE) vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRp+fLAAoJEAUvNnAY1cPYATcP/0CeZ20jo4cuPjiooX5oDL0o
3NhG4OWzy8huwAEFn662vdDmSKNz32pG1Ihe3ZETauDMjrpjKUSz324iB4YeIV9i
O+CqtZ3IArGYckkoMCXotIyaBYEftssvvgREdIg6orGbeOGm6lRN6DBIPE+TyPFf
pOk7oHDCcBAdvMc1a/v2nj63VAHvaiT5LBQp5OlOdjAH0EUIpTFN6f5uAYIrDGZl
Wf1+CGjiHn073bhoK+ZEr1Ry7Z7JTwcATespqI9tBeqskRHEbDCyQan2mFFY4ZLb
JWv0Rp5BJ6n3BsfDhiBB9AVuMdZK7QHhKYOFlcA4Za/I1LxFuImocnE6e7UVN7hC
6NhHRljGvycowHQIPyCFplUuJd1+z5tcggiORs+jn9IbMhQpv7FTkzwUcE0Wbv8H
mAaRDwcL5G5frGnO2gc5Qbo8XaClASjK9S5RFXXMMFJBpHRUaCKwWtuQ9Spuf4me
ZjVD7/usMLzgAyBOx5Ewc663uX7ovw4PboE2IoxeeGoznBg1r7vTUTC6l78X/Usx
miVT1oKqTTImr14eGKex7XgsDC83WJjtaQDOjdCB29W39KT4GnqoZ5uzNlYRFNcd
S5HXxRWFWrFArwYYsxZq63ot1/fzPciqxuT1hurV5nhHB/4U59tM+0B/ELVFjLv8
lPfJoS9g4XjqrYbS6iTb
=RlPq
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1845-1
May 30, 2013

linux-lts-quantal vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator if
it received specially crafted network traffic.

Software Description:
- linux-lts-quantal: Linux hardware enablement kernel from Quantal

Details:

Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote
unauthenticated attacker could exploit this flaw to cause a denial of
service (system crash) or potentially gain administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.5.0-32-generic 3.5.0-32.53~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1845-1
CVE-2013-2850

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-quantal/3.5.0-32.53~precise1
No comments:

[USN-1844-1] Linux kernel vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRp+elAAoJEAUvNnAY1cPYxGoQAJWMwnVlbanx/Al4I/Qi8UWe
oS0SSFeLoHd0KWBFBEz3hBsJ3SZcl9/dIy8YfnOtr6KoIBVoNZpbLlwC7pLu/RvR
GjmpHsFtYD4YIY/RXXaqAK8uUUWLWuPj6lLy3zJtPrSkXXDkayDI3PhrT0D2LHh8
KkMORknGo9eBbEs/+EIor+V+xS0C0wOio1NLOrptdG3pIqiToDbNs6snkxxBe+f9
iZO0tnnemRN1sWKe8yrXEI16IMc9VwU1jCxcTql7BluxKgOxumkGHY9aPiXwIKUB
HBpOa+U8jkBHuW7xVn3zaP1ptIDmE/33ghF+5dlCN59TmC2UTqqVHRAn8jBI3nH9
1/j4pPcJX00g9Fg4AtEpoJwhMbmap7RwCiESrOk9/H/5yVURUfqVeVyuTFm32NAk
259rKP2fiN+PeZMcZBR7W5EbanHCvqNfAoPMTbQ40tIpXvBBOZNDiezic3GG6hzV
nZo8ugrQNBkM6DwJmbgYgCV2PV3FEKDxsb2vdsYAVAyGju+IRoOl5f9pGafvMxvX
jW66mgJILJtlLb90IAkrNdSdbyoQgyBp/yTKC6xtpP+XMxQNJs++FeyKyvXXmNB7
Ah0NYU6CqiSMOSa14cj4IYYn6fuaIjj3lzbMqhvLKj9yp5CiudS2ZEE8hL/Yi5OS
ZN75M1YgnQS6iBkQqBT/
=hEEq
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1844-1
May 30, 2013

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator if
it received specially crafted network traffic.

Software Description:
- linux: Linux kernel

Details:

Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote
unauthenticated attacker could exploit this flaw to cause a denial of
service (system crash) or potentially gain administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-45-generic 3.2.0-45.70
linux-image-3.2.0-45-generic-pae 3.2.0-45.70
linux-image-3.2.0-45-highbank 3.2.0-45.70
linux-image-3.2.0-45-omap 3.2.0-45.70
linux-image-3.2.0-45-powerpc-smp 3.2.0-45.70
linux-image-3.2.0-45-powerpc64-smp 3.2.0-45.70
linux-image-3.2.0-45-virtual 3.2.0-45.70

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1844-1
CVE-2013-2850

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.2.0-45.70
No comments:

[CentOS-announce] CEBA-2013:0885 CentOS 5 glibc Update

CentOS Errata and Bugfix Advisory 2013:0885

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0885.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
1974b2314b9bdabeb365ea727d94d259441c51fced426aa316b2b26ca4e79925 glibc-2.5-107.el5_9.5.i386.rpm
a517b6cd87b3cdba6cf987a64d8eabd75f4bffae5f40462fd84f7c901d1c7f6a glibc-2.5-107.el5_9.5.i686.rpm
5f05797e8d622080fe04d76543af83604e4c576d07529ced0cb59fcb3fc67c37 glibc-common-2.5-107.el5_9.5.i386.rpm
3ddddf1cfcfe3516e8bfe4255f92a7f9339813c872b1567dada7780b18f903d1 glibc-devel-2.5-107.el5_9.5.i386.rpm
1ef8e5d432fcd2033f0d0f9c6473b9eaed49fba3f94c8d9079e27c2cbed6bf23 glibc-headers-2.5-107.el5_9.5.i386.rpm
f2b639e62cd75e38d055f8e03aa6ea7c38bf92714df52e0baa9c619d594b0b70 glibc-utils-2.5-107.el5_9.5.i386.rpm
43e67f56a2860848013289afc4bcdc1e9bfc6a843edb83c870c320e59e324fb9 nscd-2.5-107.el5_9.5.i386.rpm

x86_64:
a517b6cd87b3cdba6cf987a64d8eabd75f4bffae5f40462fd84f7c901d1c7f6a glibc-2.5-107.el5_9.5.i686.rpm
27e86f7f2ba834013da51d03a8ac916cc611db725a9fe3625b01f7087f249d8c glibc-2.5-107.el5_9.5.x86_64.rpm
8ea7c5b5a0b7c92aefe8e1d3b6328182b28ce45761ff8ea43531e6c6c8d8465e glibc-common-2.5-107.el5_9.5.x86_64.rpm
3ddddf1cfcfe3516e8bfe4255f92a7f9339813c872b1567dada7780b18f903d1 glibc-devel-2.5-107.el5_9.5.i386.rpm
140a9c8abe16dced595c56b3527cda126c78063c487c7d95d859621545ad6f02 glibc-devel-2.5-107.el5_9.5.x86_64.rpm
09a7100818b83ff64534a50c7f43f7377cf100d56d62778f271cc6a881c51444 glibc-headers-2.5-107.el5_9.5.x86_64.rpm
ca2b6b39b6216b23bdc24c174101a82f7692026f96ee23631d6d20185b2d5d09 glibc-utils-2.5-107.el5_9.5.x86_64.rpm
49e178f825ab762d6a1781e9daacdb331b0d0b5ea6b434c4e6fecff200e7970a nscd-2.5-107.el5_9.5.x86_64.rpm

Source:
cbaaadd75c61c5546a62851a631c092d8927d67fe9baefcc34cdc12d62020cf4 glibc-2.5-107.el5_9.5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CESA-2013:0884 Moderate CentOS 6 libtirpc Update

CentOS Errata and Security Advisory 2013:0884 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0884.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
a74006aa4b401f261e1f14e49e68c38e1a7c8e44e614e202c9986098cb171770 libtirpc-0.2.1-6.el6_4.i686.rpm
fd91a212bf269f381ea8b975a9d19f21b6416b29b6727d9b325f21f321f32e8e libtirpc-devel-0.2.1-6.el6_4.i686.rpm

x86_64:
a74006aa4b401f261e1f14e49e68c38e1a7c8e44e614e202c9986098cb171770 libtirpc-0.2.1-6.el6_4.i686.rpm
ccbd632d4920f8cd813cdcccc689763099b166805af5d65dbd725a5ac9d56028 libtirpc-0.2.1-6.el6_4.x86_64.rpm
fd91a212bf269f381ea8b975a9d19f21b6416b29b6727d9b325f21f321f32e8e libtirpc-devel-0.2.1-6.el6_4.i686.rpm
f4a61a0a332018e0f2154046d6cd1e6f42266bbb9d1c19a3837e28233f1ab5f5 libtirpc-devel-0.2.1-6.el6_4.x86_64.rpm

Source:
18c3d5860ec0551ec40c92ef376bb45d7af641169ee620e1e10fdb99bf720083 libtirpc-0.2.1-6.el6_4.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CESA-2013:0883 Important CentOS 6 gnutls Update

CentOS Errata and Security Advisory 2013:0883 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0883.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
67db64c6503776a303693ce1f8813df40bbc1724d172ebbcb931e3f93a367db9 gnutls-2.8.5-10.el6_4.2.i686.rpm
492754f93d1f99bf49b8206fbc231126a3b5930bf38f40e056cc800a3f13faa0 gnutls-devel-2.8.5-10.el6_4.2.i686.rpm
12cec5aaa963efb5020f36178d150c0ac5af888b8b2c445b9a7a0a8d145ec8f7 gnutls-guile-2.8.5-10.el6_4.2.i686.rpm
911ee17332980796ec91faac99dfac0fb6a916ed5f0b0df25a9bfa6d033eddbf gnutls-utils-2.8.5-10.el6_4.2.i686.rpm

x86_64:
67db64c6503776a303693ce1f8813df40bbc1724d172ebbcb931e3f93a367db9 gnutls-2.8.5-10.el6_4.2.i686.rpm
20fdc7b719fefce8f0571c247c6ab8e51ab5e216475078d3d8bbfa6e20211da2 gnutls-2.8.5-10.el6_4.2.x86_64.rpm
492754f93d1f99bf49b8206fbc231126a3b5930bf38f40e056cc800a3f13faa0 gnutls-devel-2.8.5-10.el6_4.2.i686.rpm
e05caa6d9a6185abe0daeeb9f834ed81f5e0c4811831fb231e1ac4b6d675fc98 gnutls-devel-2.8.5-10.el6_4.2.x86_64.rpm
12cec5aaa963efb5020f36178d150c0ac5af888b8b2c445b9a7a0a8d145ec8f7 gnutls-guile-2.8.5-10.el6_4.2.i686.rpm
785a1a17f1800e6643e4b5cd2e42cd5c2b34774fc53cad9a54ec6d43a138ec9d gnutls-guile-2.8.5-10.el6_4.2.x86_64.rpm
95ca6868dc4790561dfacc68135439bcfe82914dabe6ce5dc1ad42e61260320b gnutls-utils-2.8.5-10.el6_4.2.x86_64.rpm

Source:
d7fa200c501d1f16178ead48f883455ef443b46e97748603b34a762e7db6b99a gnutls-2.8.5-10.el6_4.2.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CESA-2013:0883 Important CentOS 5 gnutls Update

CentOS Errata and Security Advisory 2013:0883 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0883.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
6b99ce8aff86a024181f44140f23005849e836c8ed953d2e9d6239c6872831ce gnutls-1.4.1-10.el5_9.2.i386.rpm
249f779ad2a17162408fe6deeadfd16dd6880a4984d08930ee4cdd1ff78990fa gnutls-devel-1.4.1-10.el5_9.2.i386.rpm
d4df710c1eef0bb3b3f4c53a120013b93970f114fd73653c73103f1cd4f21981 gnutls-utils-1.4.1-10.el5_9.2.i386.rpm

x86_64:
6b99ce8aff86a024181f44140f23005849e836c8ed953d2e9d6239c6872831ce gnutls-1.4.1-10.el5_9.2.i386.rpm
09bd5715383415dccc9c14a34d64a4994c507817b773bb898f64bbcae07d01de gnutls-1.4.1-10.el5_9.2.x86_64.rpm
249f779ad2a17162408fe6deeadfd16dd6880a4984d08930ee4cdd1ff78990fa gnutls-devel-1.4.1-10.el5_9.2.i386.rpm
da9c1d7f0b5711f9a819f4b54d3bb88bd89c1f88cea0a68b1bf1363eaa05c4fe gnutls-devel-1.4.1-10.el5_9.2.x86_64.rpm
e3bbc306741e5fdf0d8cc02d1d76f7618f90ad31268d8ebe8003764278841f09 gnutls-utils-1.4.1-10.el5_9.2.x86_64.rpm

Source:
ec5e3a5d6d5f14b2b69072fb2b10033b6dd3bda9aef225c2d4efa394b611e226 gnutls-1.4.1-10.el5_9.2.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0881 CentOS 6 nmap FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0881

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0881.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
60a09c375423f65a3d62d65a7b2590991095aa89f655f21eee07f4c4665fe91d nmap-5.51-3.el6.i686.rpm
24eb30224cb24a84ef007ab57b438b89ccc006c6bf657a598d3ed19dabf08c11 nmap-frontend-5.51-3.el6.noarch.rpm

x86_64:
f20a881bbb245fc80cfec960641fc05c5b9b399284c3273bb0d28f6b91a399c9 nmap-5.51-3.el6.x86_64.rpm
24eb30224cb24a84ef007ab57b438b89ccc006c6bf657a598d3ed19dabf08c11 nmap-frontend-5.51-3.el6.noarch.rpm

Source:
71f464607fe020b7e97b6da51f5b2b81e5c32d7de540edade1aede291a43b932 nmap-5.51-3.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEEA-2013:0880 CentOS 6 tzdata Update

CentOS Errata and Enhancement Advisory 2013:0880

Upstream details at : https://rhn.redhat.com/errata/RHEA-2013-0880.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
57abb858d703e92c3743135d2b891a802b5c39855ed724c509b32c2c802dd415 tzdata-2013c-1.el6.noarch.rpm
cd1e8476a2fc45133f14a0d915fdb4631da4c2305f0973cd551ea101dd5c7cb3 tzdata-java-2013c-1.el6.noarch.rpm

x86_64:
57abb858d703e92c3743135d2b891a802b5c39855ed724c509b32c2c802dd415 tzdata-2013c-1.el6.noarch.rpm
cd1e8476a2fc45133f14a0d915fdb4631da4c2305f0973cd551ea101dd5c7cb3 tzdata-java-2013c-1.el6.noarch.rpm

Source:
dfdbde3da46438e00cad992da621bdc531df0974f0898c5a8d8b7076e9370aaf tzdata-2013c-1.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEEA-2013:0880 CentOS 5 tzdata Update

CentOS Errata and Enhancement Advisory 2013:0880

Upstream details at : https://rhn.redhat.com/errata/RHEA-2013-0880.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
32e9c3028ac37c3075c058f7a78c63d3c5523dc5948f8879f2a76b5bc6badda7 tzdata-2013c-1.el5.i386.rpm
12dc73965d3e19662f51187baa386816773e4e11481d695ce56526451dc642a3 tzdata-java-2013c-1.el5.i386.rpm

x86_64:
03b4658e82e3dfbcc6fe03ef2b8d2946da407ec945557b6476d17fd1111b56e5 tzdata-2013c-1.el5.x86_64.rpm
84cce806e473e328d1566fcbbd9c929e531b79b3267b116ddf8651b4f4bbd94d tzdata-java-2013c-1.el5.x86_64.rpm

Source:
88808974b71bdcea0a3f4480d9292fb711d561f9dc312dd60ad31acdd49f8487 tzdata-2013c-1.el5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0879 CentOS 6 createrepo FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0879

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0879.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
ff6a7bb9ea904a17436b462e950a657e9b2f6809b696690b197064abde138d1e createrepo-0.9.9-18.el6.noarch.rpm

x86_64:
ff6a7bb9ea904a17436b462e950a657e9b2f6809b696690b197064abde138d1e createrepo-0.9.9-18.el6.noarch.rpm

Source:
9602940380bda0d30d87d18f17a3efb4adb3e3f9872ac6beda4d0602b60c5954 createrepo-0.9.9-18.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[USN-1838-1] Linux kernel (OMAP4) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRpxktAAoJEAUvNnAY1cPYSiQP/Rb0dwv1bTkCmLg/JGIPlWya
oH1KjeJAp0Rqapxpq2OrVCoFKrKKGIV8GqS4YqlOsxXhR+Ev4cIrZlqGMk0/SxdH
atAqjWhOiSc3ZIvtPkYZFvqwwBd6MUqBNGrR+Sd0msmaznqIQ6WVYb+XceAEFRGY
vAhKxqr7OMV4MSjK6sDb0g74SD53EOw9D7PG1hZn8yBPojHYXqCvxFt8cqwnnIlP
KZBsVEQojFqNErP0kVyx9Mj3+oo2gnMLZTy3n/VlSEM1i+iE6HPBts/sm+Lw3ctn
oNGyd7eYa+PlGY7TBRerwvHROc2Pq8w7ZZaz30+8IDUR/yn4lN3yRrIo8CMAa8Uu
qt3IwOYYQGj7kOzyKCrUAInM5tfxIxyL2S72smZ/FvctiA2lDiI6yKQDtj7o07zh
J6CSVi8UgQ511+qfW15f6rJN+c3JFZWyGIAO3869ZVERJkllVm4CT4KJZ/W2QLw3
119iQj8cj2/OaKQvAiXoT/NiPjwSVqqlDbYsXSt6U9bnjOnBWvS3Je/W+gCi3Vhc
TAi0ez+67BaE1HHT5wTtnHoH3zUAaEDm3x/+FXB4b/AEDAFOsbjNeuNl7CqmqO6s
LdVKMrvXiKUmcqq7M7lnez6PKqmulZ6Uppesdkk14cc5+i6+5CmO5vGxTw+gnlZp
Hl5TunEZcUHwOx0Ecsbn
=2jCh
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1838-1
May 30, 2013

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

An flaw was discovered in the Linux kernel's perf_events interface. A local
user could exploit this flaw to escalate privileges on the system.
(CVE-2013-2094)

A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet
driver for the Linux kernel. A local user could exploit this flaw to cause
a denial of service (crash the system) or potentially escalate privileges
on the system. (CVE-2013-1929)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
linux-image-3.5.0-225-omap4 3.5.0-225.36

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1838-1
CVE-2013-1929, CVE-2013-2094

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.5.0-225.36
No comments:

Wednesday, May 29, 2013

[CentOS-announce] CEBA-2013:0860 CentOS 6 mod_auth_kerb FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0860

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0860.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
a66348b86c4700b3e43d01394b21e502c2ec857b47973f2b8bf4140262345186 mod_auth_kerb-5.4-10.el6.i686.rpm

x86_64:
3a4a39587d2ba8f7b29b004f801d95de0a282977dbf5be7c4e3620be90c1a0c7 mod_auth_kerb-5.4-10.el6.x86_64.rpm

Source:
a60e3185d0a3240afbcad1ab3df191a7be072b0ebdd1431cbfb23b80aeca0069 mod_auth_kerb-5.4-10.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0859 CentOS 6 perl-Test-Memory-Cycle FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0859

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0859.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
2efbcbc20d439a524d45bd69263fc20fac38e501669fa1a355f75e6c3ab955bf perl-Test-Memory-Cycle-1.04-8.el6.noarch.rpm

x86_64:
2efbcbc20d439a524d45bd69263fc20fac38e501669fa1a355f75e6c3ab955bf perl-Test-Memory-Cycle-1.04-8.el6.noarch.rpm

Source:
ef22add13b44f6784dfdd8ad933cee4e47b94b7718f33e81e0f94755818c1ca2 perl-Test-Memory-Cycle-1.04-8.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0851 CentOS 6 perl-CGI-Session FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0851

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0851.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
7ecca8f4b78181c90e5d83fbfe5e684734eaa0fc60f289a75ae7b94117deb958 perl-CGI-Session-4.35-6.el6.noarch.rpm

x86_64:
7ecca8f4b78181c90e5d83fbfe5e684734eaa0fc60f289a75ae7b94117deb958 perl-CGI-Session-4.35-6.el6.noarch.rpm

Source:
12ca3292fae11921adf787f2fb956d6f4d7fc2248719d08148ebd4c15ca7cac7 perl-CGI-Session-4.35-6.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0844 CentOS 6 environment-modules FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0844

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0844.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
6b8635a86c520de743252c941df6d9737b5fcecd2fd46700495981ecb763924e environment-modules-3.2.9c-6.el6.i686.rpm

x86_64:
8894929bf52723ca625ba9fe7591a17d6a74fb82a05f01eaa07c11d405c27d17 environment-modules-3.2.9c-6.el6.x86_64.rpm

Source:
13d825e96b53255b7e7e1ebece313269bd771d7a382fb0a493e68d64deff50f9 environment-modules-3.2.9c-6.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0843 CentOS 6 arptables_jf FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0843

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0843.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
b06920c018e054572c416b29f35e3019c14dc1047393ad790b8a208bfd9dd0d5 arptables_jf-0.0.8-23.el6.i686.rpm

x86_64:
a95d6d47ed117615813d96eb4327fbf1c8dfb1934a9fae62c22045c1341c9abd arptables_jf-0.0.8-23.el6.x86_64.rpm

Source:
b33d5e5f31345429d5f0e6dc5e49aaea344c0e3eb4b2932dd6764e824b93fed9 arptables_jf-0.0.8-23.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0845 CentOS 6 ftp FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0845

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0845.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
88b81f06f804f1c6313d11dc670696ca62836719344ca2b8700913f53f2dce42 ftp-0.17-54.el6.i686.rpm

x86_64:
e4236f1d331ef0e7bfd2bf4da2a504f664f8df05d1794bb7d4165982959ecb07 ftp-0.17-54.el6.x86_64.rpm

Source:
7a2edf2fcc9ef08d143ba9fbc929429a4cf84bcc447f7bf0b2aa3d92cc2e68c3 ftp-0.17-54.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0836 CentOS 6 perl-Test-MockObject FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0836

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0836.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
d4bf3d056da18202bc6f7710d274c1ff2079f9867eb774c40fcfd36ccb9b3be4 perl-Test-MockObject-1.09-4.el6.noarch.rpm

x86_64:
d4bf3d056da18202bc6f7710d274c1ff2079f9867eb774c40fcfd36ccb9b3be4 perl-Test-MockObject-1.09-4.el6.noarch.rpm

Source:
6443c307f887fe2246383ee277b78e3557ef3b6f952e8b0caa912799fb37ed8f perl-Test-MockObject-1.09-4.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0837 CentOS 6 libksba FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0837

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0837.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
154a9bbd8f61d33c155965369ccd24eee5a08d59b5bf9cc2c45c37e18b637f76 libksba-1.0.7-4.el6.i686.rpm
2df38ae2260c046ae1afcb1d4eb5b2648999db815f41972695a9cd24647869ba libksba-devel-1.0.7-4.el6.i686.rpm

x86_64:
154a9bbd8f61d33c155965369ccd24eee5a08d59b5bf9cc2c45c37e18b637f76 libksba-1.0.7-4.el6.i686.rpm
7bd16068eec3cc8f1e9d00d93ce6684f70c4d87441c5c66bbb107efe29179a13 libksba-1.0.7-4.el6.x86_64.rpm
2df38ae2260c046ae1afcb1d4eb5b2648999db815f41972695a9cd24647869ba libksba-devel-1.0.7-4.el6.i686.rpm
d9fb7731231aa420f9403af6bc619d975005130cf96bdb802ffb62dd899421e2 libksba-devel-1.0.7-4.el6.x86_64.rpm

Source:
23525feeb901a73959cf47b91f5fb0eb8c8a338cf996790ca6280854d10c2eba libksba-1.0.7-4.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0838 CentOS 6 perl-XML-Dumper FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0838

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0838.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
8019a34dc00a2c522b60c8bcfaea4432f3b49b3ea47d308bf789c191d5783b9d perl-XML-Dumper-0.81-8.el6.noarch.rpm

x86_64:
8019a34dc00a2c522b60c8bcfaea4432f3b49b3ea47d308bf789c191d5783b9d perl-XML-Dumper-0.81-8.el6.noarch.rpm

Source:
4202e12345532e85b11b5bf041fd447305a08a038864aa72aed78aa87a33099d perl-XML-Dumper-0.81-8.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0785 CentOS 6 perl-Net-DNS FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0785

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0785.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
6eb60d6aa86499321606239acb229b4b6c69567b3ccd3509fbf49d1949472247 perl-Net-DNS-0.65-5.el6.i686.rpm
2e4d335227cd2f51e4d570b297b7724f85a2a0be0d2e9361d28d031ffec784dd perl-Net-DNS-Nameserver-0.65-5.el6.i686.rpm

x86_64:
1acdda18b7a933ea4b98678d68f4b42dded4684bcfe6196bf939ebe1ec2d8d6b perl-Net-DNS-0.65-5.el6.x86_64.rpm
b386ff11e172740eeeadce690d9ab7977347dce01d4295729b4886540dbf628c perl-Net-DNS-Nameserver-0.65-5.el6.x86_64.rpm

Source:
abc82b8ae937afa595ed6fbc60d0bf04f528dc8187717477d7a1f7a572704551 perl-Net-DNS-0.65-5.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0777 CentOS 6 perl-Socket6 FASTTRACK Update

CentOS Errata and Bugfix Advisory 2013:0777

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0777.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
8af4f4ae9581407bc8bc334fbf71fb99bad6bb4e7c05c16fb040723bdccc6552 perl-Socket6-0.23-4.el6.i686.rpm

x86_64:
6fadf3544900f72d380b2c2dcb610b29f17ee16d3770f9ea6a573ddd1e047501 perl-Socket6-0.23-4.el6.x86_64.rpm

Source:
94be556206973a541689e7e1928a43e88a3e906343d3b152a690270bfb1d55ff perl-Socket6-0.23-4.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[USN-1843-1] GnuTLS vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIbBAEBCgAGBQJRpkb5AAoJEGVp2FWnRL6TEDUP9RmZeW6JzO4u89eZVesUojwJ
TVUc5w5DO3BJ2xfzzcmgIYHbmHNFEICFYODbmzSQ/AkcfEvOSCs+L5LxWkarFtvT
1rvi94DiJHcpylpZuW0JTwGTJ+ahWG6646zGCqjAT7a67/2u6R9+xMBXrqy0YH3L
X2OO7nrZpmhX6nb6FkPCzHod3k9+3u1PfiJCKyYlBJ789GTO2hrpO7HFQHLyhG9n
tu4Tf3CRnRG+HwCTHU5BWkvEPIR3G+Yh7BV2DljG/6A5Qo1O4ivhYCD5SesmlqIb
RqfTHO1HmFuPPcidb+JvMjAjV4B6kRg/tjtZZYsiEmHgrv3SWDNZGMQMbJlFMhaD
5PqCWMh9RG/kxuyHJX98NCOQ9ATCw/I4e2AJfJu8h070n+IpijQYqC/XuzdH6MFd
VZz/f0o8MFOlOrrKQZo/56Tx1c4cgGfb33Wt4UUYMRr8Jcsbl/qvnuWzz1JYgcID
Fnv4CTP5c+QxsnrU+iZbZ7bFBbxVyS/F/o8gKrP6pig625nhm0TRjUflnsg0gwFg
+XM9g/HgCw8xXDYDy+q3Pgz9GCK7mwUrlDt2ARtMVKm4s6k0/0xLdwjQlvv/Iz5R
d9O/z5MieJ36soFhi3sn30ksSZs3Qz4S0MQoWpMvTqVUFU4xKa0Ax/j1x9S3Dpet
Kjops+j55zV19cmDWF8=
=C1Wi
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1843-1
May 29, 2013

gnutls26 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

GnuTLS could be made to crash if it received specially crafted network
traffic.

Software Description:
- gnutls26: GNU TLS library

Details:

It was discovered that GnuTLS incorrectly handled certain padding bytes. A
remote attacker could use this flaw to cause an application using GnuTLS to
crash, leading to a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libgnutls26 2.12.23-1ubuntu1.1

Ubuntu 12.10:
libgnutls26 2.12.14-5ubuntu4.3

Ubuntu 12.04 LTS:
libgnutls26 2.12.14-5ubuntu3.4

Ubuntu 10.04 LTS:
libgnutls26 2.8.5-2ubuntu0.4

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1843-1
CVE-2013-2116

Package Information:
https://launchpad.net/ubuntu/+source/gnutls26/2.12.23-1ubuntu1.1
https://launchpad.net/ubuntu/+source/gnutls26/2.12.14-5ubuntu4.3
https://launchpad.net/ubuntu/+source/gnutls26/2.12.14-5ubuntu3.4
https://launchpad.net/ubuntu/+source/gnutls26/2.8.5-2ubuntu0.4
No comments:

[USN-1842-1] KDE-Libs vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRpgE4AAoJEFHb3FjMVZVz+c8P/0qvAiXj000SnKCyqbcEreSm
kDNMetbDXZBKktYnO8S7MqE18s2Ou7iRC8rthNPEQydTG2pewnIdfuWMHW4cDwT+
Ty+HYs+87rIryFuGVUrg85k2uXVMvFYcNqzRG++Ux24gx7MRBaDgaR+UbmBI3taN
qYvJTUTeppb8SAUpp16zEBdDC57o2jY15gKFaemVF3wk6ENu6wR6BRb3UwWBvOWX
2KdvZ7viMd8rBZ1z7CKB3eONgz8uhZE5O9HVVgaTzfhI4jWt20vBFyaKCuAY3FDk
yVkmEqWdAhzIq2XjswKShOtEiGv6TfevUW7cW3LPCfu8ghcTHHqE1DHGWhZEXpuM
wanV1LGNEmcV1PN1+U4r14rtd7wDYdbfRZAnI4nbMcSozbhLjTrFfAUDdSfFfiRG
rXTWrRXE6VElR0HjlKvtkiWJmzV7a51CaYlQJ18rqf+pLBddA8OqKrbw2ut2r1Vc
W7+Yk7nDyuYgtSJ+pV9knA70/kVgnG1qw32CuIu2G3oT3ItLKo2ApdwfElq2K/+d
KBN3Ue5o+DwW5IwDPvmqLxps2oab+2LR3CUp6wMKtk5EHgkMC825WQDgtU9eJT8N
bd3IWgirDD/OG9/V8WFPf0fpsL0DnIMd5Md5WfZYqdzLDEG/bSRJHbb2au6WGlMH
50EMde8T7gDi5Nv8q076
=+VA9
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1842-1
May 29, 2013

kde4libs vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

KDE-Libs could be made to expose web credentials.

Software Description:
- kde4libs: KDE 4 core applications and libraries

Details:

It was discovered that KIO would sometimes display web authentication
credentials under certain error conditions. If a user were tricked into
opening a specially crafted web page, an attacker could potentially exploit
this to expose confidential information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libkio5 4:4.10.2-0ubuntu2.2

Ubuntu 12.10:
libkio5 4:4.9.5-0ubuntu0.2

Ubuntu 12.04 LTS:
libkio5 4:4.8.5-0ubuntu0.2

After a standard system update you need to restart any applications that
use KIO from KDE-Libs, such as Konqueror, to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1842-1
CVE-2013-2074

Package Information:
https://launchpad.net/ubuntu/+source/kde4libs/4:4.10.2-0ubuntu2.2
https://launchpad.net/ubuntu/+source/kde4libs/4:4.9.5-0ubuntu0.2
https://launchpad.net/ubuntu/+source/kde4libs/4:4.8.5-0ubuntu0.2
No comments:

[CentOS-announce] CESA-2013:0869 Important CentOS 6 tomcat6 Update

CentOS Errata and Security Advisory 2013:0869 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0869.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
71cf32f8d0b8bf929e1b205104d7d9e34cf33cf29771b52006c6525752f8a3eb tomcat6-6.0.24-55.el6_4.noarch.rpm
4384b3dbe6d5128ce87f93cb4c6aea9dd72e6d654ab99cf73bdf33d092144bcf tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
23e0000f9b193ece184d072594ee9e21d9dca24860879fb9ee969c3092d6fe5f tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
b3b2f92469891a3d33f82ed4d8e6a4157d5d159c4c8a1ecb95a6a50e01cfa1de tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
08abab2bcd43825f132a926684eb75cb73df7d973cbc0ebf0d1f845d7a0c980f tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
8e9aaa1a741a5877f876e6dbf60a9dca7453a5af9d1a569affa7bd1d4867de3e tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
a09570ac190da06adf0db3fb22d49249bed8a3db2cdba59e760a861020f3444e tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
78345e3dcc99a57b13ffbe3e93dd3e3a6321ba8d85a0b848621bf6a06c606525 tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
bc07d4db221573e25785eea2652d81296baed8dd38792e08514596d75a5467bf tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm

x86_64:
71cf32f8d0b8bf929e1b205104d7d9e34cf33cf29771b52006c6525752f8a3eb tomcat6-6.0.24-55.el6_4.noarch.rpm
4384b3dbe6d5128ce87f93cb4c6aea9dd72e6d654ab99cf73bdf33d092144bcf tomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm
23e0000f9b193ece184d072594ee9e21d9dca24860879fb9ee969c3092d6fe5f tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm
b3b2f92469891a3d33f82ed4d8e6a4157d5d159c4c8a1ecb95a6a50e01cfa1de tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpm
08abab2bcd43825f132a926684eb75cb73df7d973cbc0ebf0d1f845d7a0c980f tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm
8e9aaa1a741a5877f876e6dbf60a9dca7453a5af9d1a569affa7bd1d4867de3e tomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpm
a09570ac190da06adf0db3fb22d49249bed8a3db2cdba59e760a861020f3444e tomcat6-lib-6.0.24-55.el6_4.noarch.rpm
78345e3dcc99a57b13ffbe3e93dd3e3a6321ba8d85a0b848621bf6a06c606525 tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm
bc07d4db221573e25785eea2652d81296baed8dd38792e08514596d75a5467bf tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm

Source:
ba4934b58aaf0cf19ae68b6f3f3556026c3632fa510a6b0f075e9fc7b2124c66 tomcat6-6.0.24-55.el6_4.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CESA-2013:0868 Moderate CentOS 6 haproxy Update

CentOS Errata and Security Advisory 2013:0868 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0868.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
f34166210421d7e7a5f4754b19563ff5f09027ba369a9cd60bd51114231ae89c haproxy-1.4.22-4.el6_4.i686.rpm

x86_64:
63adcb393fd5cd2b4688bf28c40d58d2e504976470b1c590c7b5b2c1339f0dba haproxy-1.4.22-4.el6_4.x86_64.rpm

Source:
12493f2e35943c87e8ca20d81e03311d7863b41b055dd488aeaecd5857d7240b haproxy-1.4.22-4.el6_4.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

Tuesday, May 28, 2013

[USN-1831-2] OpenStack Nova regression

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRpXWBAAoJEFHb3FjMVZVz8IgQAItQsWFPqWORNxB7Equodz3Q
fKFuPPPl/5xcgPorUaR8UqWWSi4RUvqEbtr3RutT8lczGdLn73ud9dfNNIP/T/ix
64VL6QWJuJ38urHCx0L7ZbAGzZSg1aST7PtzRRsB1mQS+kleK/7h2rQtwNVJmTNO
OAz+We6wlU+q4WUf9bY+xiW+StmSnsaf5HfDpQzxAl0Z9vZZ7z7VlhjcG8nvgZ9n
nAzBSku/YG8uIOG9a6u/2LbxM3gqtsWlf2RwwNDddBEpXP9zLuqqxrR5s/AJd5CE
LCzBbTnrIdAlusBmu+veP6dNISCPjd+CARuFcfRr3gus5pdFQX1gC7kKSPNWvf8a
ks/FWXOd4IYRlG+vEwa2CZidszXEGG11qRM5PVKw8ki6f0cIVEhyDbEZ9jB8X8iI
0HWhpdyl982ldIoM1ro6KJIP/cOur90Rd5Ql/4yD0S73MsWwWb2sU15VcCwS0kUF
LdBowWK9gVkrZ7CvVLfHVdFa+ekFsqXvlWEIBW8K8AVaK+pPwZXA82w6PlVxnqBf
RHOIXfLMt4Ky1STXda3/kvgOOWAcOtMxm48Ru4adc4QolfrtjSg+iB4F59rTU2pO
lID/kKGuYSMOFhJm9A5kcaCNElyRL/OHGYSGtVx75RcM/Et77NVJUiVEdlxqCB+d
a21HhlsHYGBddqf3KvyI
=9idL
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1831-2
May 29, 2013

nova regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10

Summary:

USN-1831-1 introduced a regression in OpenStack Nova.

Software Description:
- nova: OpenStack Compute cloud infrastructure

Details:

USN-1831-1 fixed a vulnerability in OpenStack Nova. The upstream fix
introduced a regression where instances using uncached QCOW2 images would
fail to start. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Loganathan Parthipan discovered that Nova did not verify the size of QCOW2
instance storage. An authenticated attacker could exploit this to cause a
denial of service by creating an image with a large virtual size with
little data, then filling the virtual disk.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
python-nova 2012.2.3-0ubuntu2.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1831-2
http://www.ubuntu.com/usn/usn-1831-1
https://launchpad.net/bugs/1183606

Package Information:
https://launchpad.net/ubuntu/+source/nova/2012.2.3-0ubuntu2.2
No comments:

[CentOS-announce] CESA-2013:0870 Important CentOS 5 tomcat5 Update

CentOS Errata and Security Advisory 2013:0870 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0870.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
c8bc1dd16e175e2ac1d4bfab221ae4a7d09b9db8ee229724103d1c5a697ff7a0 tomcat5-5.5.23-0jpp.40.el5_9.i386.rpm
764e1c2a1327d2e002ff387ca7d81d85c3f1d8daa8867caee8083b45fbfaf66b tomcat5-admin-webapps-5.5.23-0jpp.40.el5_9.i386.rpm
7e141d134b02eceaf6f8851e364fb3cc86674205e2fc0dc41f80bc4e078316de tomcat5-common-lib-5.5.23-0jpp.40.el5_9.i386.rpm
8fc81f7d4beb178cec01bc091a0eb12499b74eb9bec92727752e69b0b4452c03 tomcat5-jasper-5.5.23-0jpp.40.el5_9.i386.rpm
caa002ae0f3955d131cf98a3f19f7ce53b8cedbd2597075492c17429d7200d30 tomcat5-jasper-javadoc-5.5.23-0jpp.40.el5_9.i386.rpm
ef03335695eed27c09a060105eb117b9449a726ec3e41547a64953525349f5d0 tomcat5-jsp-2.0-api-5.5.23-0jpp.40.el5_9.i386.rpm
ff4811a6c80b566b2e3e574952b9d38f4f6aa5ccb63f092441663ba4df362eb3 tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.40.el5_9.i386.rpm
cac3df17ad4dd740942657f0fff8408e739012550fb8d8c021374c020792dc59 tomcat5-server-lib-5.5.23-0jpp.40.el5_9.i386.rpm
0851de8984b252f89a3dccfabd7389b17f702d3a754f917b624782664be59e10 tomcat5-servlet-2.4-api-5.5.23-0jpp.40.el5_9.i386.rpm
29c79ab522e210421e6c34b7fa6741c7c2970ee0fb56ff2917a3251dbfaa0069 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.40.el5_9.i386.rpm
076b66365bd10a2ae3989a76d86ca4b3d107a7aa6dd8933a24fec3324fed1467 tomcat5-webapps-5.5.23-0jpp.40.el5_9.i386.rpm

x86_64:
111ec74f446aef5e58b9e7eb3b78d8981c1e10e28f415a0f4e100473333d1e3f tomcat5-5.5.23-0jpp.40.el5_9.x86_64.rpm
dc69f8f6e201494b35b3ccc57a5fa138e7a87b5b5d9ab9bc227c695fc1ed98b2 tomcat5-admin-webapps-5.5.23-0jpp.40.el5_9.x86_64.rpm
9567eb0501a428b8c5a3724b361c5597c22351192edbb5110f211075742bd198 tomcat5-common-lib-5.5.23-0jpp.40.el5_9.x86_64.rpm
b76f1f162224a29decafbd72e6f8c359fbeaf073fb489f89e1e719ca531256bf tomcat5-jasper-5.5.23-0jpp.40.el5_9.x86_64.rpm
ee17909f73ed284cda08699740c3959564c8dce31f0d610bad30363f92b5ef7b tomcat5-jasper-javadoc-5.5.23-0jpp.40.el5_9.x86_64.rpm
2fe19d75b61dcfd9ca9fb0eb5bd96c7eb0d6f1f2d902601197e16227f12335a8 tomcat5-jsp-2.0-api-5.5.23-0jpp.40.el5_9.x86_64.rpm
c82007af124a9e1d54cea6700146bf28262dc06f9bfa6a7b429cf1626df050dd tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.40.el5_9.x86_64.rpm
5de43d1d924fca427bb60039c35d547f15468e92fbd985106bd72834ad5ea23d tomcat5-server-lib-5.5.23-0jpp.40.el5_9.x86_64.rpm
3428bae73eda5c8b4d6281e8880ba0684288332b0666f455d98b4a9eb83e5e85 tomcat5-servlet-2.4-api-5.5.23-0jpp.40.el5_9.x86_64.rpm
851b4e4da280418cc093e27c1d0b5f09581110aa504892e05aebf68fab7c5776 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.40.el5_9.x86_64.rpm
bc50ab77d0ca38788e7f2d73c45cc5550ac00b3cc07c04165192614dbc9ce4d0 tomcat5-webapps-5.5.23-0jpp.40.el5_9.x86_64.rpm

Source:
83e94d9fdf8f5dd5c433477d5c93724afc9077b816a4aa367747b21ae05ca92d tomcat5-5.5.23-0jpp.40.el5_9.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[USN-1841-1] Tomcat vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRpOk9AAoJEGVp2FWnRL6TNn0QAKBwK47nFm3yrRxbI47bqXyx
B1rjXjRB3iznl0JuES9BryO4MWuCna5jiTEQwHrM1NhHsHTXGAIy5zoBWpyernI+
He+NIdRj45XhYh+35WMLyb4AQuY9fP4h5cfmj52jEIV0qzCb7x4ga3VV7dcEyi56
K57mqY+uHT8iRGC053eBGxUxQOEZJrMU/eKc+DaL9XuwosV3iycW2jkgrRLSqk1n
GTX89QHK5alVHdu+N8O1SguHENHvc1bIKmNIMuMJBh+snD0BWrKwiv7pOPaPgqb4
5aQzuMRqYlHYQNKnyqbYVLfdEJ1JLr4SMVFUjQKCAVOAgyllcUJD92E3piGwSf0H
hHIL0ukP+2ZneDSL8vSIjmrboQaAwoW8UP8BnIj/mpVMiE3lXNNJ7MgPsbgqGnVe
2k4NPfSTYxZhCBKjJQjBEEJ59cR3M6spnZAgGMAMw/5YuHHFoMOloY4Evl7nyAQB
4R0VwAdcfuw4gV82ehe647nXxZBjB9vYqIdhhiAn8fdl/zfV08rgrXoC4tixClrA
bTNs07QLG+dXVPaTfxOsSGjtzapbgPCndKKiVahIvxbgKKJj5aP7ZcVDa3TI5jcJ
UV0XlNPfNeXb870At1Dxo7u7/JNYodoNZaSU/9DqldNgH0fbIW4h8Rgv48b4YekD
f9lQyXFgZPYsi8jjHMGQ
=XBrL
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1841-1
May 28, 2013

tomcat6, tomcat7 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in Tomcat.

Software Description:
- tomcat7: Servlet and JSP engine
- tomcat6: Servlet and JSP engine

Details:

It was discovered that Tomcat incorrectly handled certain requests
submitted using chunked transfer encoding. A remote attacker could use this
flaw to cause the Tomcat server to stop responding, resulting in a denial
of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS.
(CVE-2012-3544)

It was discovered that Tomcat incorrectly handled certain authentication
requests. A remote attacker could possibly use this flaw to inject a
request that would get executed with a victim's credentials. This issue
only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 12.10.
(CVE-2013-2067)

It was discovered that Tomcat sometimes exposed elements of a previous
request to the current request. This could allow a remote attacker to
possibly obtain sensitive information. This issue only affected Ubuntu
12.10 and Ubuntu 13.04. (CVE-2013-2071)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
libtomcat7-java 7.0.35-1~exp2ubuntu1.1

Ubuntu 12.10:
libtomcat7-java 7.0.30-0ubuntu1.2

Ubuntu 12.04 LTS:
libtomcat6-java 6.0.35-1ubuntu3.3

Ubuntu 10.04 LTS:
libtomcat6-java 6.0.24-2ubuntu1.13

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1841-1
CVE-2012-3544, CVE-2013-2067, CVE-2013-2071

Package Information:
https://launchpad.net/ubuntu/+source/tomcat7/7.0.35-1~exp2ubuntu1.1
https://launchpad.net/ubuntu/+source/tomcat7/7.0.30-0ubuntu1.2
https://launchpad.net/ubuntu/+source/tomcat6/6.0.35-1ubuntu3.3
https://launchpad.net/ubuntu/+source/tomcat6/6.0.24-2ubuntu1.13
No comments:

Fedora 19 Beta for ARM Available Now!

The Fedora ARM team is pleased to announce the Fedora 19 Beta for ARM is now
available for download from:

https://dl.fedoraproject.org/pub/fedora-secondary/releases/test/19-Beta/Images/armhfp/

This marks the last significant milestone before reaching the final release of
Fedora 19 for ARM, with only critical bug fixes being added as updates to make this
our most solid release to date.

This marks the first time the Fedora ARM team will be releasing the F19 Beta
alongside Primary Architectures.

The Fedora 19 Beta for ARM includes two pre-built images - one for use with the
Pandaboard and Pandaboard ES which require special partitioning, the second will
support the Trimslice and Versatile Express(QEMU). The Beta for ARM also includes an
installation tree in the yum repository which may be used to PXE-boot a
kickstart-based installation on systems that support this option, such as the
Calxeda EnergyCore (HighBank).

For additional information including detailed installation instructions, please visit
the Fedora 19 Beta for ARM page:

http://fedoraproject.org/wiki/Architectures/ARM/F19/Beta

Join us on the IRC in #fedora-arm on Freenode or send feedback and comments to the
ARM mailing list.

On behalf of the Fedora ARM team,
Paul
--
announce mailing list
announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/announce

No comments:

Announcing the release of Fedora 19 Beta.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

We've opened the box for the Fedora 19 "Schrödinger's Cat" beta release
and confirmed it's alive! Ready to purr at the latest free and open
source technology? Download it now:

http://fedoraproject.org/get-prerelease

**** What is the Beta release? ****

The Beta release is the last important milestone before the release of
Fedora 19. Only critical bug fixes will be pushed as updates, leading
up to the general release of Fedora 19. Join us in making Fedora 19 a
solid release by downloading, testing, and providing your valuable
feedback.

Of course, this is a beta release, meaning that some problems may still
be lurking. A list of the problems we already know about is found at
the Common F19 bugs page, seen here:
http://fedoraproject.org/wiki/Common_F19_bugs

Fedora 19 Beta's default configuration allows applications and users
with administrative privileges to install signed packages from the
official Fedora repositories (but no other packages) without
authentication or confirmation. This was inherited from PackageKit
upstream, is not Fedora's intended behavior, and will not be the case
for the Fedora 19 final release. More details on this issue and the
planned behavior for the final release can be found at
https://fedorahosted.org/fesco/ticket/1115 .

**** Features ****

Fedora 19 continues our long tradition of bringing the latest
technologies to open source software users. No matter what you do with
open source, Fedora 19 has the tools you need to help you get things
done.

A complete list with details of each new feature is available here:

http://fedoraproject.org/wiki/Releases/19/FeatureList

=== Make new things ===
Would you like to play? Whether you're a developer, maker, or just
starting to learn about open source development, we have what you need
to bring your ideas to reality. Here's a peek at some of our new tools:

* 3D modelling and printing are enabled through a variety of tools,
including OpenSCAD, Skeinforge, SFACT, Printrun, and RepetierHost. By
bringing 3D printing tools into Fedora, you can get started with
what's ready-to-go in the repositories without having to download
binary blobs or run Python code from git.

* OpenShift Origin makes it easy for you to build your own
Platform-as-a-Service (PaaS) infrastructure, allowing you to enable
others to easily develop and deploy software.

* node.js is a popular Javascript-based platform for those building
scalable network applications or real-time apps across distributed
devices. Also included is the npm package manager, providing access
to over 20,000 programs and libraries available under free and open
source licenses.

* Ruby 2.0.0, just released in February, comes to Fedora while
maintaining source-level backwards compatibility with your Ruby 1.9.3
software. Also included: a custom Ruby loader for easy switching of
interpreters.

* MariaDB, a community-developed fork of MySQL, is the default
implementation of MySQL in Fedora 19, offering users a truly open
MySQL implementation.

=== Get things done ===

* Federated VOIP means Fedora users can make calls using a user@domain
address with the same convenience as email.

* CUPS has been updated to the latest upstream release, using PDF
rather than PostScript as the baseline document format.

=== Learn ===

* Developer's Assistant is great for those new to development or even
new to Linux, this tool helps you to get started on a code project
with templates, samples, and toolchains for the languages of your
choice. Bonus: It lets you publish directly to GitHub.

=== Deploy, Monitor, and Manage ===
Make your machines work for you--not the other way around. Whether you
have one or "one too many" machines, Fedora 19 helps you boot manage
your systems and enables you to be proactive with tools for diagnosis,
monitoring, and logging.

* Syslinux optional boot tool integration brings you optional,
simplified booting of Fedora. We have added support for using
syslinux instead of GRUB via kickstart and plan to add a hidden
option in Anaconda installer as well. syslinux is especially ideal
for images used in cloud environments and virt appliances where the
advanced features of GRUB are not needed.

* Among other systemd enhancements in this release, systemd Resource
Control lets you modify your service settings without a reboot by
dynamically querying and modifying resource control parameters at
runtime.

* Kerberos administrators will enjoy an easier experience, thanks to
Fedora 19 removing the need for Kerberos clients to sync their clocks
or to have reverse DNS records carefully setup for services. In
addition, it provies Kerberos-enabled, LDAP replicated, two-factor
authentication for FreeIPA.

* OpenLMI is a common infrastructure for the management of Linux
systems that makes remote management of machines much simpler.

**** Desktop Environments and Spins ****

=== GNOME 3.8 ===

GNOME 3.8 brings new applications such as clock and improvements to the
desktop including privacy and sharing settings, ordered search,
frequent applications overview, and additionally provides the ability
to enable a "classic mode" for a user experience similar to GNOME 2
built out of a collection of GNOME Shell extensions. Refer to
https://help.gnome.org/misc/release-notes/3.8/ for more details.

=== KDE Plasma Workspaces 4.10 ===

A modern, stable desktop environment, KDE Plasma Workspaces 4.10
includes new features for printing and screenlocking, better indexing
of files, and improved accessibility features. Refer to
http://www.kde.org/announcements/4.10/ for more details.

=== Spins ===

Spins are alternate versions of Fedora. In addition to various desktop
environments for Fedora, spins are also available as tailored
environments for various types of users via hand-picked application
sets or customizations. You can read more about Fedora's Spins here:
http://spins.fedoraproject.org

Interest-specific Spins include the Design Suite Spin, the Robotics
Spin, and the Security Spin, among others. Other available desktop
environments, in addition to the GNOME 3.8 desktop which is shipped in
the default version of Fedora 19, as well as those highlighted above,
include Xfce, Sugar on a Stick, and LXDE.

To see all of the Official Fedora 19 Release Spins, see the Fedora 19
Release Spins link: https://fedoraproject.org/wiki/Releases/19/Spins

Nightly composes of alternate Spins are available here:
http://dl.fedoraproject.org/pub/alt/nightly-composes

**** Contributing ****

We can't build Fedora inside a box. We need your help! Bug reports are
especially helpful--if you encounter any issues, please report them!

Fedora is a fantastic, friendly community, and we have many ways in
which you can contribute, including documentation, marketing, design,
QA, and development.

To learn how to help us, visit:
http://join.fedoraproject.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)

iEYEARECAAYFAlGkt94ACgkQkSxm47BaWffTswCfVZFIVREFpUp0LgzsMgFu2J24
aGkAnj3sAYVw62swiQWyuGabasT+TOpA
=05Ri
-----END PGP SIGNATURE-----
--
announce mailing list
announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/announce
No comments:

[USN-1839-1] Linux kernel (OMAP4) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRpKE/AAoJEAUvNnAY1cPY89cQAIuczUHmGj2i77ZDPV9JOAkN
XWOEjgOA/Cr3h5v3rmRQjKMyk2X6ES1/Fgx6Ea5lNKUSiV+ZhVWUaZh5w1bmGIAp
ARvUy/cIm8F7oiJaZzwuru+0RvnWnBcGv1wSjYZb8y0qRJ+YpHfVuGqKSzE8zbHX
I4rItD67eSiAIzlU9VUx0naN8mzhEFfLVB+cDaSpyvCm4xVtQ59UsozvKkHAt3HX
aXpH+6eyeOs8U7ghzTq0iYPypePcmCHdouRJA3xdSPwsu+GRSX4/ptQojZkFNLsV
ph+RI4s32PxZOd0x+51UBPJOsEjVXX21/6/i3JwFg3RhP/jQGfqvnqPDQHNM/8tF
9f+IJgV7F9ZEpWJJPtvYAkTScOL8bKVdnVQfrLCIRhtTDtHQgXbpcgzTAtpj2bBL
/lxztLGlqxNIDdA4LaTasbr/P0z8tEtE2kW37Z7Pmf1FU8tLyEqr0aEZBllqpi/B
dlm8pX4UWWYHjGY/p6dCoPpe1MvyD2W7G6ThyyLEdhwh7N7130E9/yI0CJa9DoB8
PNlOzYzzZkXFqlKaVXesfMtz90IVkDRvNteaFY++CIE0nVzqSrqET1H+x0jB6Bls
q7HbM9hS7DT/qIrCw3izAeuAYQmUkQHIA/RS8MnhwmBRCSDYkur3r3Nh8onQTNfF
89OJ1JrAVbRuVer4YGe9
=M1UI
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1839-1
May 28, 2013

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

A flaw was discovered in the Linux kernel's perf_events interface. A local
user could exploit this flaw to escalate privileges on the system.
(CVE-2013-2094)

Andy Lutomirski discover an error in the Linux kernel's credential handling
on unix sockets. A local user could exploit this flaw to gain
administrative privileges. (CVE-2013-1979)

A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet
driver for the Linux kernel. A local user could exploit this flaw to cause
a denial of service (crash the system) or potentially escalate privileges
on the system. (CVE-2013-1929)

A flaw was discovered in the Linux kernel's ftrace subsystem interface. A
local user could exploit this flaw to cause a denial of service (system
crash). (CVE-2013-3301)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-1432-omap4 3.2.0-1432.41

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1839-1
CVE-2013-1929, CVE-2013-1979, CVE-2013-2094, CVE-2013-3301

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.2.0-1432.41
No comments:

Monday, May 27, 2013

[CentOS-announce] CEBA-2013:0866 CentOS 6 spice-server Update

CentOS Errata and Bugfix Advisory 2013:0866

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0866.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )


x86_64:
efe7b5b8ad917803dcdb69ff8c4d69d6a9ef070395ae16f57720b83a9d1c6acf spice-server-0.12.0-12.el6_4.1.x86_64.rpm
49d23f863ed3b9d158a6f20930b1c719bf54b5ba4eb94fb6eaf03675e56c6f92 spice-server-devel-0.12.0-12.el6_4.1.x86_64.rpm

Source:
df25e9c361e8d376f6b947ea1dcd491818e5ea3d7f110db6b85c2c288c1b7d58 spice-server-0.12.0-12.el6_4.1.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0865 CentOS 6 xorg-x11-drv-mach64 Update

CentOS Errata and Bugfix Advisory 2013:0865

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0865.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
d96572faafae1eeda3137c7c7b999f66114db3ac82e8ef159ea509cd50b4a72c xorg-x11-drv-mach64-6.9.3-4.1.el6_4.i686.rpm

x86_64:
eb0a215019ccc5e086497e79c3f3833ca5c384864bb3b1304101defe65a543bf xorg-x11-drv-mach64-6.9.3-4.1.el6_4.x86_64.rpm

Source:
d474d3441badbca6455b2d8f1d7e7ef17039b48c5dc640197cd0b970a945a0dc xorg-x11-drv-mach64-6.9.3-4.1.el6_4.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0864 CentOS 5 am-utils Update

CentOS Errata and Bugfix Advisory 2013:0864

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0864.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
930017193c925ce7bf5616cb06e39f020343298392ac0cbaee82283511ed3789 am-utils-6.1.5-5.el5_9.i386.rpm

x86_64:
d2c0f49b04db1253edba0f336862ac0333290c3cae971cb67a6508cb621344f2 am-utils-6.1.5-5.el5_9.x86_64.rpm

Source:
c6e2a320591f1fcd84457d6400f8b6d9671cdc2f15e1bfeb74ad152b442d13a1 am-utils-6.1.5-5.el5_9.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0862 CentOS 6 gzip Update

CentOS Errata and Bugfix Advisory 2013:0862

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0862.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
a96cfb5dcb8dbbeb16f84d9501447764241b3023ac87f3f8de10ab562cde5699 gzip-1.3.12-19.el6_4.i686.rpm

x86_64:
3c589d91b359ba255bf950fde7c2d32ca91d0dcb306b6315f2070acb67968de4 gzip-1.3.12-19.el6_4.x86_64.rpm

Source:
2b4f53dbacc16f5c61498f24ef3d70b609c7fc93e74192709f62d51aae4d7db4 gzip-1.3.12-19.el6_4.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0861 CentOS 6 mdadm Update

CentOS Errata and Bugfix Advisory 2013:0861

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0861.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
626913999bd96caedd88a3f303e9c80aadc247d5ffa721152e41d1dd6470eb01 mdadm-3.2.5-4.el6_4.1.i686.rpm

x86_64:
365d8ff76ff6a2b7c1533bad61dfc7e245241342c17ae1b38d9a33e00f3456ec mdadm-3.2.5-4.el6_4.1.x86_64.rpm

Source:
d4a5e9402ae2618e6348f08c2c96a979840483d7cb4b98fff38f031835d5d472 mdadm-3.2.5-4.el6_4.1.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

[CentOS-announce] CEBA-2013:0863 CentOS 5 mkinitrd Update

CentOS Errata and Bugfix Advisory 2013:0863

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0863.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
01cf0a69042bfd510f083b8a37d0a716a32109d97c1363c5370ac8f2a5b8759f libbdevid-python-5.1.19.6-80.el5_9.i386.rpm
c59f21046f0595dc3c762b319d8a8b8f36a158ee58a84c1be7ef28cc22de19af mkinitrd-5.1.19.6-80.el5_9.i386.rpm
04acffda31653e572eb63bd60cf05a87407652c0ddbb3d9c8aa396bf2651073c mkinitrd-devel-5.1.19.6-80.el5_9.i386.rpm
24dc70d563fb051c57d3385a3a2a6ac460009cae174e9bba0a83816b55be1f95 nash-5.1.19.6-80.el5_9.i386.rpm

x86_64:
06442fef79ff6656b4803105c9e8aec0a4d7760409bf41160b61215e9318ac2a libbdevid-python-5.1.19.6-80.el5_9.x86_64.rpm
c59f21046f0595dc3c762b319d8a8b8f36a158ee58a84c1be7ef28cc22de19af mkinitrd-5.1.19.6-80.el5_9.i386.rpm
582be74b8ef80ce6a310e0342ef27f96e6df2c936f020fca2fc90d64036b8fb7 mkinitrd-5.1.19.6-80.el5_9.x86_64.rpm
04acffda31653e572eb63bd60cf05a87407652c0ddbb3d9c8aa396bf2651073c mkinitrd-devel-5.1.19.6-80.el5_9.i386.rpm
4344e021eded662118170fbd92bdb8cb5b19988bf06ed980541d6aab0c2089be mkinitrd-devel-5.1.19.6-80.el5_9.x86_64.rpm
83b998efc85dc66611417087e01f302bdddd6616bb505855eb16324b502c26fa nash-5.1.19.6-80.el5_9.x86_64.rpm

Source:
f27071d8fdd54da34a66a626a6cf2eed8320761d1861c3e666776893ad0f9d70 mkinitrd-5.1.19.6-80.el5_9.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
No comments:

Saturday, May 25, 2013

Appointee to the Fedora Board; election nominations closing imminently.

I'm happy to announce that John Rose, aka inode0, has been reappointed to the Fedora Board. His insight and knowledge about Fedora's culture and history, his ongoing participation in the Ambassadors' group, and his belief in preserving freedom within the project are, I believe, important facets to the Board's collective knowledge, and I'm pleased that he is willing to stay with us another year.

An additional appointee will be named after the elections have concluded.

A friendly reminder that the time period for nominations for the various Fedora Project committees, as well as the time period for adding questions to the candidate questionnaire (which is currently *empty!*), ends today, May 25th, at 23:59:59 UTC.

Additional information about Elections, including where and how to nominate, and where to add questions to the questionnaire, can be seen here:
http://fedoraproject.org/wiki/Elections

A complete history of Board Members is available here:
http://fedoraproject.org/wiki/Board/History

Cheers,

-Robyn
--
announce mailing list
announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/announce

No comments:

Friday, May 24, 2013

Fedora 20 Elections: Nominations and questionnaire close today!

Hello everyone!

A reminder that both nominations and questionnaires for the Fedora 20
governance elections (Board, FESCo, FAmSCo) will close **today** (May 25
23:59 UTC)!

Please add your nominations and any questions that you'd like your
nominees to answer to the wiki pages before the deadline:

https://fedoraproject.org/wiki/Elections/Questionnaire

https://fedoraproject.org/wiki/Board_nominations?rd=Board/Elections/Nominations
https://fedoraproject.org/wiki/Development/SteeringCommittee/Nominations
https://fedoraproject.org/wiki/FAmSCo_nominations

More information on the Fedora 20 Elections can be found here:
https://fedoraproject.org/wiki/Elections

--
Thanks,
Warm regards,
Ankur: "FranciscoD"

Please only print if necessary.

Looking to contribute to Fedora? Look here: https://fedoraproject.org/wiki/Fedora_Join_SIG

http://fedoraproject.org/wiki/User:Ankursinha
http://ankursinha.in/blog
No comments:

Flock hotel reservations now open

We have a rate of $129 at the Francis Marion hotel. Reservations in the room block must be made by July 9. It's a stellar rate at a really lovely place:

http://www.francismarionhotel.com/

Rooms include wifi, since I know that's your first question. :-)

Direct URL for attendee registration:
https://reservations.ihotelier.com/crs/g_reservation.cfm?groupID=1040693&hotelID=76320

If you call or try to book through the usual web link, the attendee code is FLOCK.

If you know you'll be attending, please book as soon as possible so that if we run out of rooms, I can secure more. This is an amazing price for downtown Charleston, so we'll want to move fast if we need more space.

Thanks!
Ruth


No comments:

Re: Update libical to 1.0 in rawhide the next week (soname version bump)

On Thu, 2013-05-16 at 13:01 +0200, Milan Crha wrote:
> there was a release of libical 1.0 recently [1], and I'd like to update
> rawhide with it. It seems to be API compatible with 0.48, they only
> bumped the soname version due to version jump to 1.0. Rex Dieter helped
> me to fix a spec file to it (to use cmake), thus I plan to push the
> change around May 23rd, 2013, aka at the end of the next week.

Hi,
this is unfortunate, but I just realized that I do not have commit
rights for libical. Unless anyone else will take on this, it'll wait
till the main maintainer gets to the update, or I gain the commit
rights. I'm sorry for the confusion I caused.

Here [1] is a patch to master branch of libical which I wanted to
commit.
Bye,
Milan

[1] https://bugzilla.redhat.com/show_bug.cgi?id=959925#c9

_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

No comments:

[USN-1837-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJRnzj+AAoJEAUvNnAY1cPYQiQP/3yH4A9knv83d3pH2MxD6LIX
39tsScktoJrAU64rbHnTaEjOgcCDMCNFvRoKtJnNtq9cGpDC6Qyrgl7rzK1x9z4J
EZiK3JTO1CHLa1eS35eurqAfBPFz1c+bMK3SIGXJpdKy3ymoniegKTYu2LjNmCL1
Ro4XYQC3+vIM5/7kavVnf+EHqzdiWtp+b6Rkp//fNAfZ+JZXyneJFzJQrg3BpuoX
ypEmALUGG3Y9t4I4zSPYFOGYaLlTl61fOa5PYQif2FnzgSSOD2GJAsXQh0ESm5ZI
9IMwthIfpZT5Xu16YlOYQfuGw4+I/QumGiopTMC/Y5JsLQAQf6y6SbBB/XAkFR0S
EL8SdchutFFUyF6enHKSd6LXhN5wfIN4vq7o/8bPsJ0UEhKohezVt9ZDv7bLbTVU
aStTcqADZOXtL688vsctLbZ+l0FzmwdLGpwF5l8NjqIHa6iJkOfiKbalSF31YKbR
Et0j+mFYV0O+xxP99Q4kch1fWoI8m/Yn5VGF56w8cI8Zu32DmyZ1cijXbdyUt9Ue
wM74ULaT4DXsUc6o1dLX8ZoXSdlhr4vzXWBjXtj/L8piTwST2g9JXSBIuv3T0egs
11vSRTlV302SYnocsxOE9+lkQCaqQRKkV1SS65yQVRTPxL8V0D8wbBY08Skx8xb2
6IF/rOpF/rB2YwDhANXj
=n/Vj
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1837-1
May 24, 2013

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

An information leak was discovered in the Linux kernel's crypto API. A
local user could exploit this flaw to examine potentially sensitive
information from the kernel's stack memory. (CVE-2013-3076)

An information leak was discovered in the Linux kernel's rcvmsg path for
ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to
examine potentially sensitive information from the kernel's stack memory.
(CVE-2013-3222)

An information leak was discovered in the Linux kernel's recvmsg path for
ax25 address family. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3223)

An information leak was discovered in the Linux kernel's recvmsg path for
the bluetooth address family. A local user could exploit this flaw to
examine potentially sensitive information from the kernel's stack memory.
(CVE-2013-3224)

An information leak was discovered in the Linux kernel's bluetooth rfcomm
protocol support. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3225)

An information leak was discovered in the Linux kernel's bluetooth SCO
sockets implementation. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3226)

An information leak was discovered in the Linux kernel's CAIF protocol
implementation. A local user could exploit this flaw to examine potentially
sensitive information from the kernel's stack memory. (CVE-2013-3227)

An information leak was discovered in the Linux kernel's IRDA (infrared)
support subsystem. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3228)

An information leak was discovered in the Linux kernel's s390 - z/VM
support. A local user could exploit this flaw to examine potentially
sensitive information from the kernel's stack memory. (CVE-2013-3229)

An information leak was discovered in the Linux kernel's l2tp (Layer Two
Tunneling Protocol) implementation. A local user could exploit this flaw to
examine potentially sensitive information from the kernel's stack memory.
(CVE-2013-3230)

An information leak was discovered in the Linux kernel's llc (Logical Link
Layer 2) support. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3231)

An information leak was discovered in the Linux kernel's nfc (near field
communication) support. A local user could exploit this flaw to examine
potentially sensitive information from the kernel's stack memory.
(CVE-2013-3233)

An information leak was discovered in the Linux kernel's Rose X.25 protocol
layer. A local user could exploit this flaw to examine potentially
sensitive information from the kernel's stack memory. (CVE-2013-3234)

An information leak was discovered in the Linux kernel's TIPC (Transparent
Inter Process Communication) protocol implementation. A local user could
exploit this flaw to examine potentially sensitive information from the
kernel's stack memory. (CVE-2013-3235)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
linux-image-3.8.0-22-generic 3.8.0-22.33

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1837-1
CVE-2013-3076, CVE-2013-3222, CVE-2013-3223, CVE-2013-3224,
CVE-2013-3225, CVE-2013-3226, CVE-2013-3227, CVE-2013-3228,
CVE-2013-3229, CVE-2013-3230, CVE-2013-3231, CVE-2013-3233,
CVE-2013-3234, CVE-2013-3235

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.8.0-22.33
No comments:
Subscribe to: Posts (Atom)