Friday, August 30, 2013

[lfs-announce] LFS 7.4-rc2 Release

The Linux From Scratch community announces the release of LFS Version
7.4-rc2. This is the second release candidate on the road to LFS-7.4.
The changes from 7.4-rc1 include a one-line revision to glibc to revert
an upstream change that causes problems on some architectures. The linux
kernel has also been updated to version 3.10.10.

-- Bruce
--
http://linuxfromscratch.org/mailman/listinfo/lfs-announce
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page

Thursday, August 29, 2013

[CentOS-announce] CEBA-2013:1184 CentOS 6 sos Update

CentOS Errata and Bugfix Advisory 2013:1184

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1184.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
5478bcfd187cdeefcf9612db2d04ff7669a97073bb1cc19bd98a11e8f3e67675 sos-2.2-38.el6.centos.2.noarch.rpm

x86_64:
5478bcfd187cdeefcf9612db2d04ff7669a97073bb1cc19bd98a11e8f3e67675 sos-2.2-38.el6.centos.2.noarch.rpm

Source:
6e7a7c39586dca00699822630b1d782f00334cf3d4ef544074e581f0df196123 sos-2.2-38.el6.centos.2.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Documenting Changes

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSHuw4AAoJEL1wZM0+jj2ZEhMH/0jvIq1UHKXWa/33Nh/nx0/6
EIOLfOXNQPP7Yo1ECQnfY+OzU5r3DSQ2HRYqtlL+9uzjrsMsqz9Ql4oDNN6t3k8a
z8DGJiHGcuUvnZfPU1skADuJ6y+CtL2n0qrPETQssk+YUDjZB6YJpmPgj6RMRNQq
Md477ZZMnTKb6HHAcHPN03LkZ1+kJxlznuP94sDDGWHZpQVhYFPP7uuzNLsusbV2
CkIlI0qiW8By4NEok6dOACA8EY5Q2a6z828nN76anFV9wbNIAdQf++F2GBCiJ+VY
xvsuilS4V6FOPh3Iw4bA1YAOw/m21azwLuL65Dvy2chHa+fMJd4oBEBP393CPNo=
=aHo3
-----END PGP SIGNATURE-----
The Fedora Documentation Project, as part of the Changes process, is
using bugzilla tickets to track the documentation of Changes. Those of
you tracking tickets for System Wide Changes probably noticed that I
recently cloned your bugs for this, and I'll move on to the and here's
what's going on:

First, you should know that you aren't expected to work on these
tickets. Docs writers will take them, and the information already in
the Change page is usually enough to get the process rolling. It helps
if you can answer any questions that might pop up, of course.

Each Change ticket is blocking two docs tickets. One is to track
representation of the Change in the official Release Notes that are
shipped with the media and published to docs.fedoraproject.org . The
other is filed against the "docs-requests" component, which is
traditionally used to request new documentation or for task tracking.
This second bug is for us to do a general assessment of the existing
documentation - I'm expecting to do some tasteful grepping - and open
bugs for guides that need to be updated to reflect the Change.

While I've got your attention, I want to mention that if you have
anything interesting that might fit in the Release Notes - or any other
docs - you can jot a note in the wiki page at
https://fedoraproject.org/wiki/Category:Documentation_beats?rd=Docs/Beats ,
mail the list at docs@lists.fedoraproject.org , set the
fedora_requires_release_note flag in a bug, drop in to #fedora-docs.
Again, don't worry about presentation and such; it can be difficult to
know what needs to be written about in the distribution and a point in
the right direction really helps.

--
-- Pete Travis
- Fedora Docs Project Leader
- 'randomuser' on freenode
- immanetize@fedoraproject.org

[FreeBSD-Announce] EuroBSDCon 2013 early bird rates through August 31

EuroBSDCon 2013, set in sunny Malta, is only a month away.

The main program is at
http://2013.eurobsdcon.org/eurobsdcon-2013/talks-and-schedule/

Register via http://2013.eurobsdcon.org/eurobsdcon-2013/registration/,
early bird rates apply through August 31.

See you in Malta!

Beat Gätzi
On behalf of the EuroBSDcon 2013 Program Committee

--
Beat Gätzi | FreeBSD Committer
beat@FreeBSD.org | http://www.FreeBSD.org
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

Wednesday, August 28, 2013

[CentOS-announce] CESA-2013:1182 Important CentOS 6 389-ds-base Update

CentOS Errata and Security Advisory 2013:1182 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-1182.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
5ff14eaaa8015b2bb84c37e8de146dbbe73fd1e0015101d410ba521258f5331b 389-ds-base-1.2.11.15-22.el6_4.i686.rpm
e15ab1cd11ad3a3c8421314d7b6ef69de5164c8c494c443008bd9b3b5bc8c980 389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm
a05bb72fc0bb86da26cebac987cd099b4e9510b480ee8490fc01a3a80ebd09b9 389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm

x86_64:
25474f30f49dc0fb593ed4c48bc3eef5d58a28d98bf2199289a45a15d8b3c1e5 389-ds-base-1.2.11.15-22.el6_4.x86_64.rpm
e15ab1cd11ad3a3c8421314d7b6ef69de5164c8c494c443008bd9b3b5bc8c980 389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm
86e25a383fa3c584cb1bbeda6055833495fd0e3de4f266d6b4d4227fc761a0ea 389-ds-base-devel-1.2.11.15-22.el6_4.x86_64.rpm
a05bb72fc0bb86da26cebac987cd099b4e9510b480ee8490fc01a3a80ebd09b9 389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm
35fad0f7bce2be849687ddc7624b717a43de62456937b8c9758b7ad3861919f7 389-ds-base-libs-1.2.11.15-22.el6_4.x86_64.rpm

Source:
eb49c74c076dbd1f4dddcfd68cce1c69d69df5f0f4593fda2ae9d7764586b538 389-ds-base-1.2.11.15-22.el6_4.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2013:1173 Important CentOS 6 kernel Update

CentOS Errata and Security Advisory 2013:1173 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-1173.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
18b4ef3ba23b0fa5fef9a397feaeb2b9069face9568d08ee75b6babad9971a88 kernel-2.6.32-358.18.1.el6.i686.rpm
12c037c93a1674ed08b3dd4004959d58843ceae1aad4fb1616360a4c33d7ccdf kernel-debug-2.6.32-358.18.1.el6.i686.rpm
ce4fa4f3e7b53f682e3404eadad7deeffb248201ea16cefed0bf927f9d42edaf kernel-debug-devel-2.6.32-358.18.1.el6.i686.rpm
d6d3583f90f2377e1548cfcf56e9e5c751acbe0d2bd2e51df50e53180e6de70f kernel-devel-2.6.32-358.18.1.el6.i686.rpm
95ef23c453a0c009e6564b1c5bd88d3b7ad2f98005b519e4f71ee05a33c45335 kernel-doc-2.6.32-358.18.1.el6.noarch.rpm
ddc0e97e329986de690212395fd2fa1f9f84118153569eb322fb83bf7627d8e0 kernel-firmware-2.6.32-358.18.1.el6.noarch.rpm
d82cfa64e9cdc4c75ea34a5fceb5ced6a839ea48e3457dddaad2536b8b5a734e kernel-headers-2.6.32-358.18.1.el6.i686.rpm
df4139359ffc9db1ba2d8c786cc28c8ac12442035c1ee39107ab77fba066ea33 perf-2.6.32-358.18.1.el6.i686.rpm
61ab672fd48b8b502611e3bd9c3e1a5e9bf3819ad1f2d78213b40f71af48bfe8 python-perf-2.6.32-358.18.1.el6.i686.rpm

x86_64:
17ffb63ca589a49220a56706c83ade7c7b7e5c734798fc1acd4a716d5487491c kernel-2.6.32-358.18.1.el6.x86_64.rpm
5f8381b7c042804c107e5187b375eb276291a69b2b1faa6a7ee381c69a5feed4 kernel-debug-2.6.32-358.18.1.el6.x86_64.rpm
d642635ccac3637e7a10bc22fd0b4fadd903aee7f6869e5857f32011e3261076 kernel-debug-devel-2.6.32-358.18.1.el6.x86_64.rpm
4a8c87c6830f66c5df97b845c82c065d294997e359addcfe5fd18ecd5ffbe01d kernel-devel-2.6.32-358.18.1.el6.x86_64.rpm
95ef23c453a0c009e6564b1c5bd88d3b7ad2f98005b519e4f71ee05a33c45335 kernel-doc-2.6.32-358.18.1.el6.noarch.rpm
ddc0e97e329986de690212395fd2fa1f9f84118153569eb322fb83bf7627d8e0 kernel-firmware-2.6.32-358.18.1.el6.noarch.rpm
fa228ec834bf96dfb72e5ed18e5f3543b7cefe79b47acf41f24019dd7fa4019f kernel-headers-2.6.32-358.18.1.el6.x86_64.rpm
a4165184c3569e4f341f0a8b4ae0cc25eb9ec671885fa349cd9962df58f437d1 perf-2.6.32-358.18.1.el6.x86_64.rpm
5d1c95b60566fa21af0fb138c8f461553ed1c97289ba130ec51d60e53566f7d1 python-perf-2.6.32-358.18.1.el6.x86_64.rpm

Source:
42548add96eda82841b615021d325f9b7fc2dd09ddd4b4cedf60cf665204f6b7 kernel-2.6.32-358.18.1.el6.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2013:1179 CentOS 6 glibc Update

CentOS Errata and Bugfix Advisory 2013:1179

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1179.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
4c14dd60cada88633694c3f1c605ad59f4d6c05fad3d13d4ecdb6ef1d94c3e3f glibc-2.12-1.107.el6_4.4.i686.rpm
0474826d2bcecbb57b712f7831012c2e6695c8c2d200eb5f41b284975b08302c glibc-common-2.12-1.107.el6_4.4.i686.rpm
67e0981289434ab468f9f511a253515ce39f0e9228d865217b4247e726a31c97 glibc-devel-2.12-1.107.el6_4.4.i686.rpm
ed509429a40408c08b214f0599283969ba9632f3f3a4615d72d0418f48fa68ce glibc-headers-2.12-1.107.el6_4.4.i686.rpm
5246965ec796f129359c140b6737e8866d9f5e76aebd07eedc399775b7c0c6ec glibc-static-2.12-1.107.el6_4.4.i686.rpm
cd8226e5f96af1fb86c974ae42949f1ce091a357c5cc1930b2a645f60d598540 glibc-utils-2.12-1.107.el6_4.4.i686.rpm
2b6977f39993900296c8e78ad9576096dc4b11bed8c56df2c09d711f97d70546 nscd-2.12-1.107.el6_4.4.i686.rpm

x86_64:
4c14dd60cada88633694c3f1c605ad59f4d6c05fad3d13d4ecdb6ef1d94c3e3f glibc-2.12-1.107.el6_4.4.i686.rpm
dcabc218db99ed42b3436e6e6100ff105ff2c3c0801a0c7cd07d770ea28a9804 glibc-2.12-1.107.el6_4.4.x86_64.rpm
83ed0593a6d128b678c229f36130074a4dc244c1f4a7c4f775a960a128bd145c glibc-common-2.12-1.107.el6_4.4.x86_64.rpm
67e0981289434ab468f9f511a253515ce39f0e9228d865217b4247e726a31c97 glibc-devel-2.12-1.107.el6_4.4.i686.rpm
fe6912d08c2dcc08d0655070aae56d45dd7da4dafe0d81a87768ab4899c5f8b0 glibc-devel-2.12-1.107.el6_4.4.x86_64.rpm
52808ebb0c15df074bfe5b71e350bd06402e8f22679dc259d77c8b3bf1ea82a4 glibc-headers-2.12-1.107.el6_4.4.x86_64.rpm
5246965ec796f129359c140b6737e8866d9f5e76aebd07eedc399775b7c0c6ec glibc-static-2.12-1.107.el6_4.4.i686.rpm
5f55c7717bf87a13d418539f83c3bf53615ec1c9cf08544be545e948e6a03305 glibc-static-2.12-1.107.el6_4.4.x86_64.rpm
e11c38cd17532fb476108e6f087f8c3fc08d47aa1d3b936d0e9651da4f01f039 glibc-utils-2.12-1.107.el6_4.4.x86_64.rpm
12b17db87f3c9545618c636ecd3c2d2b276074caaa0cd2ec7ac7a1076e3d4578 nscd-2.12-1.107.el6_4.4.x86_64.rpm

Source:
2bbf73b48dcbfc8372703f33eee7634f5a501c9194f45a4c75d0ceb32ae2cf5a glibc-2.12-1.107.el6_4.4.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Tuesday, August 27, 2013

[CentOS-announce] CEBA-2013:1175 CentOS 6 qemu-kvm Update

CentOS Errata and Bugfix Advisory 2013:1175

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1175.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
86ebbbe0d4f1a2d787c074089a4fcc6cae017207e0d2073f8dfe5f49b855ba66 qemu-guest-agent-0.12.1.2-2.355.0.1.el6.centos.7.i686.rpm

x86_64:
e638adc5c5195e2fb68c309bfe8fe712818162fd8b5f1f0dc6e7f376e7589e45 qemu-guest-agent-0.12.1.2-2.355.0.1.el6.centos.7.x86_64.rpm
c544e819f2c588346a9adc4ee890b366c6ec362ff2999041dd05ea0cde733c79 qemu-guest-agent-win32-0.12.1.2-2.355.0.1.el6.centos.7.x86_64.rpm
51f63800e6dd7e15c37fa38c8e80c87d2e236c322d721b1a274df5c3e24b0e97 qemu-img-0.12.1.2-2.355.0.1.el6.centos.7.x86_64.rpm
d2f9fbd8e937405ed760055c26e251b465e98d5dc287c6cb71e207ee2748e4f6 qemu-kvm-0.12.1.2-2.355.0.1.el6.centos.7.x86_64.rpm
5afef8a0080cb0bf9cfe7f74c5a4db6015444423bf2414788402eee24d0a79ad qemu-kvm-tools-0.12.1.2-2.355.0.1.el6.centos.7.x86_64.rpm

Source:
f16f8c72ee6f4d0fe9a3356c77293121a85b5c44a66212d853836283fbf795cb qemu-kvm-0.12.1.2-2.355.0.1.el6.centos.7.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEEA-2013:1176 CentOS 6 device-mapper-multipath Update

CentOS Errata and Enhancement Advisory 2013:1176

Upstream details at : https://rhn.redhat.com/errata/RHEA-2013-1176.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
8b059570632120d09cced784dff2b8c36371c2583e1f0c6c6e329d84748fa06c device-mapper-multipath-0.4.9-64.el6_4.2.i686.rpm
5030e128f6cb2879ac01233769300742374025e70f4ee7fd091ca94062799bf3 device-mapper-multipath-libs-0.4.9-64.el6_4.2.i686.rpm
8f8b5c95dc48281fa3a7da26d2b843aada10729a8b3727daa2f3ffc244087a13 kpartx-0.4.9-64.el6_4.2.i686.rpm

x86_64:
0b7e42c97b31bdc74bf00a2ecbb53f5c144b2cccb95134fdddd1be15a0489cdd device-mapper-multipath-0.4.9-64.el6_4.2.x86_64.rpm
5030e128f6cb2879ac01233769300742374025e70f4ee7fd091ca94062799bf3 device-mapper-multipath-libs-0.4.9-64.el6_4.2.i686.rpm
b739fe748a6bddbd044151c9a30a45abe35d8cca0f0355f242515377619e25b1 device-mapper-multipath-libs-0.4.9-64.el6_4.2.x86_64.rpm
860d23c2a33d927dbcdc75a648d737391dab179aeef7fadb8504c55947867b28 kpartx-0.4.9-64.el6_4.2.x86_64.rpm

Source:
e49a96b3303dcc59780879e53c47e9b8cc084444f4ee21f054a9e4ce06a51e5b device-mapper-multipath-0.4.9-64.el6_4.2.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2013:1178 CentOS 6 gnome-screensaver Update

CentOS Errata and Bugfix Advisory 2013:1178

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1178.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
34719c363fe24b77ee9fe99065005ceef5fa6ab4c2e541f9c37050efdb842f65 gnome-screensaver-2.28.3-24.el6_4.1.i686.rpm

x86_64:
89c10bf521181cb21b9344ae738cc09495e447d7f2c333fc359b50cb89c467e1 gnome-screensaver-2.28.3-24.el6_4.1.x86_64.rpm

Source:
85b32ee66f4a42dd91a493de61e3ba6f0faf9bbb6fe2481655bdc8d7942f0ea6 gnome-screensaver-2.28.3-24.el6_4.1.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2013:1177 CentOS 6 bind Update

CentOS Errata and Bugfix Advisory 2013:1177

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1177.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
f226f15207fa5a9b15796efe9b91aad162b383379e5345b5b2808394702342ed bind-9.8.2-0.17.rc1.el6_4.6.i686.rpm
a797067517c2a04b480141973e7b6f12f90447bc823beec7925e12edbcc5629a bind-chroot-9.8.2-0.17.rc1.el6_4.6.i686.rpm
36f9a74d832e47ef3c98aaec7c0442f82bb552219cad242e1c89687ce68eba9a bind-devel-9.8.2-0.17.rc1.el6_4.6.i686.rpm
dc5cf9d80a08c8a95c0ba479cc2e2394c41a6d20535ad64c06d9842656a96f01 bind-libs-9.8.2-0.17.rc1.el6_4.6.i686.rpm
d4e79276810bfcebca4f2a0caadda17ebd00d0dbe148da68b7a9b67d43e0c18a bind-sdb-9.8.2-0.17.rc1.el6_4.6.i686.rpm
9cdbb85b779af80d42898692c904e3d5b29be2fd7153415d7c741eaf84b2b71a bind-utils-9.8.2-0.17.rc1.el6_4.6.i686.rpm

x86_64:
b7f321bb550cf9f627cc95d84ee5c079714cbf3e079a4548b488bf2113609eca bind-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm
06abaa9b573b39d514b6a8d45fed27b41ff0c060580b92082c6867389f7f56b8 bind-chroot-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm
36f9a74d832e47ef3c98aaec7c0442f82bb552219cad242e1c89687ce68eba9a bind-devel-9.8.2-0.17.rc1.el6_4.6.i686.rpm
a72b965f6de653301887aabaa1aa4cd3c58f61eea72e94e43474b620eec37b29 bind-devel-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm
dc5cf9d80a08c8a95c0ba479cc2e2394c41a6d20535ad64c06d9842656a96f01 bind-libs-9.8.2-0.17.rc1.el6_4.6.i686.rpm
f49061f24d02bb0b4944c301841d800e4e1a51b7fdd4d136256c31d44853c38f bind-libs-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm
260a39b5ca129b4c810b53ede3e6e642ad5cf9226f75efb8176f6997d53ec957 bind-sdb-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm
6fca3b328817673580999942c05ef8326211ba139f117611942685e3c08d92bf bind-utils-9.8.2-0.17.rc1.el6_4.6.x86_64.rpm

Source:
e82b06985ba58d619d7a064fbbe1f502c7bb1325f2ca46244481c4be952b4a5e bind-9.8.2-0.17.rc1.el6_4.6.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2013:X008 Xen4CentOS kernel Update

CentOS Errata and Security Advisory 2013:X008 (Xen4CentOS)

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

-----------------------------
X86_64
-----------------------------

9ed8dcc6bf5dd3fdb3caf6380f1362079f3d3a109dc938db97c8a0b423798a5e kernel-firmware-3.4.59-9.el6.centos.alt.noarch.rpm


-----------------------------
Source:
-----------------------------

23ab4591c8b3e66ba6b24f2ea2778f3167076c05c0c5e00a2a3d0235106af907 kernel-3.4.59-9.el6.centos.alt.src.rpm

=====================================================

Kernel Changelog info from the SPEC file:

* Sat Aug 24 2013 Johnny Hughes <johnny@centos.org> 3.4.59-9
- fix issue with Source6 (centos bug 6609)


--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Reminder: Fedora 20 Alpha Change Deadline in one week

Greeting!
This is a reminder, that the Alpha Change Deadline is coming in one week,
on Sep 03, according to the schedule approved by FESCo [1].

After the freeze, you will have to use Bodhi for any updates to branched
Fedora 20. Updates will land in updates-testing after being pushed.
Updates that fix accepted blocker [2] and accepted Freeze Exception bugs [3]
for the Alpha release will be pushed into the base repo when stable.

Current Alpha Blocker Bugs list is available at [4].

Software String Freeze is the same date.

Jaroslav

PS: I'll be out for a few days this week but back by the deadline...

[1] https://fedoraproject.org/wiki/Releases/20/Schedule
[2] https://fedoraproject.org/wiki/QA:SOP_blocker_bug_process
[3] http://fedoraproject.org/wiki/QA:SOP_freeze_exception_bug_process
[4] https://qa.fedoraproject.org/blockerbugs/milestone/20/alpha/buglist
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Monday, August 26, 2013

[opensuse-announce] openSUSE 13.1 and Evergreen

Hello,

The openSUSE Evergreen team would like to announce that openSUSE 13.1
will be the next Evergreen release. This means that openSUSE 13.1 will
continue to be supplied with security updates and important bugfixes
until it has had a total life time of at least three years.


The openSUSE Evergreen team expands the lifespan of openSUSE releases by
issuing security- and stability fixes after the usual 18 months. The
team has kept selected releases maintained for an additional one and a
half to three years. The first Evergreen release was openSUSE 11.1.
Current releases in the Evergreen maintenance program are openSUSE 11.2
to be maintained until november 2013 (a total of 4 years) and 11.4 to be
maintained until July 2014 (reaching over three).

Find more information about Evergreen and how to keep your openSUSE
release alive on the Evergreen wiki page:
http://en.opensuse.org/openSUSE:Evergreen


on behalf of the whole Evergreen team
Wolfgang Rosenauer
--
To unsubscribe, e-mail: opensuse-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-announce+help@opensuse.org

Friday, August 23, 2013

Ubuntu 12.04.3 LTS released

The Ubuntu team is pleased to announce the release of Ubuntu 12.04.3 LTS
(Long-Term Support) for its Desktop, Server, Cloud, and Core products,
as well as other flavours of Ubuntu with long-term support.

As with 12.04.2, 12.04.3 contains an updated kenrel and X stack for new
installations on x86 architectures.

As usual, this point release includes many updates, and updated
installation media has been provided so that fewer updates will need to
be downloaded after installation. These include security updates and
corrections for other high-impact bugs, with a focus on maintaining
stability and compatibility with Ubuntu 12.04 LTS.

Kubuntu 12.04.3 LTS, Edubuntu 12.04.3 LTS, Xubuntu 12.04.3 LTS,
Mythbuntu 12.04.3 LTS, and Ubuntu Studio 12.04.3 LTS are also now
available. For some of these, more details can be found in their
announcements:

Kubuntu: http://www.kubuntu.org/news/12.04.3-release
Edubuntu: http://www.edubuntu.org/news/12.04.3-release
Mythbuntu: http://www.mythbuntu.org/home/news/12043released
Ubuntu Studio: http://ubuntustudio.org/2013/08/ubuntu-studio-12-04-3-released/


To get Ubuntu 12.04.3
---------------------

In order to download Ubuntu 12.04.3, visit:

http://www.ubuntu.com/download

Users of Ubuntu 10.04 will be offered an automatic upgrade to
12.04.3 via Update Manager. For further information about upgrading,
see:

https://help.ubuntu.com/community/PreciseUpgrades

As always, upgrades to the latest version of Ubuntu are entirely free of
charge.

We recommend that all users read the 12.04.3 release notes, which
document caveats and workarounds for known issues, as well as more
in-depth notes on the release itself. They are available at:

http://www.ubuntu.com/getubuntu/releasenotes/12043

If you have a question, or if you think you may have found a bug but
aren't sure, you can try asking in any of the following places:

#ubuntu on irc.freenode.net
http://lists.ubuntu.com/mailman/listinfo/ubuntu-users
http://www.ubuntuforums.org
http://askubuntu.com


Help Shape Ubuntu
-----------------

If you would like to help shape Ubuntu, take a look at the list of ways
you can participate at:

http://www.ubuntu.com/community/get-involved


About Ubuntu
------------

Ubuntu is a full-featured Linux distribution for desktops, laptops,
clouds and servers, with a fast and easy installation and regular
releases. A tightly-integrated selection of excellent applications is
included, and an incredible variety of add-on software is just a few
clicks away.

Professional services including support are available from Canonical and
hundreds of other companies around the world. For more information
about support, visit:

http://www.ubuntu.com/support


More Information
----------------

You can learn more about Ubuntu and about this release on our website
listed below:

http://www.ubuntu.com/

To sign up for future Ubuntu announcements, please subscribe to Ubuntu's
very low volume announcement list at:

http://lists.ubuntu.com/mailman/listinfo/ubuntu-announce

--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com

Thursday, August 22, 2013

[CentOS-announce] CESA-2013:X007 Moderate Xen4CentOS kernel Security Update

CentOS Errata and Security Advisory 2013:X007 (Xen4CentOS)

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

-----------------------------
X86_64
-----------------------------
88c77ff2be214b47e3cb65b4e10c52e09d0e383c87b18f1f25314432df928e14 e1000e-2.4.14-3.4.59.1.el6.centos.alt.x86_64.rpm
c610f54dbe17dee11552d192c9ad4abcea90f86ad44c3f6a4ba8f8a231fb2fe2 kernel-3.4.59-8.el6.centos.alt.x86_64.rpm
5c0e93700126742dcfba87bf864c3d9788399997b745ea00cc76b3f9d15c66ac kernel-devel-3.4.59-8.el6.centos.alt.x86_64.rpm
9839c70ff43fbeaf5faf899910d9359b22d327245230ecbf8a1e6c45408766b4 kernel-doc-3.4.59-8.el6.centos.alt.noarch.rpm
51c04d1aa18d43bae7c9d6a913b6dde69b2614f568ada764e7d054ec148bb12f kernel-firmware-3.4.59-8.el6.centos.alt.noarch.rpm
90f6e25e43e196ed44c295885555b7de4fe38d7d8b5bf7875cb2f318c8afa9ee kernel-headers-3.4.59-8.el6.centos.alt.x86_64.rpm
47bb11f798ec08082fdf0ad25b211f1d195451204b0e5eddda4a713e73e31a4f perf-3.4.59-8.el6.centos.alt.x86_64.rpm

-----------------------------
Source:
-----------------------------
fad9548e81f62b60718d523eb950c90fe80e7f675c4713359313d78eed785f63 e1000e-2.4.14-3.4.59.1.el6.centos.alt.src.rpm
3749922e7c1c0f49b2cfd4f346206786320101bffc96c7e689144c52deec876d kernel-3.4.59-8.el6.centos.alt.src.rpm

=====================================================

Kernel Changelog info from the SPEC file:

* Thu Aug 22 2013 Johnny Hughes <johnny at centos.org> 3.4.59-8
- upgraded to upstream 3.4.59
- added Source6 to fix a firmware issue (centos bug 6609)
- modified the x86_64 and i386 config files (centos bug 6619)

* Tue Aug 13 2013 Johnny Hughes <johnny at centos.org> 3.4.57-8
- upgraded to upstream 3.4.57
- removed patch 131 as it was rolled in upstream

e1000e Changelog info from the SPEC file:

* Thu Aug 22 2013 Johnny Hughes <johnny at centos.org> - 2.4.14-3.4.59.1.el6.centos.alt>
- built against new 3.4.59 kernel

* Tue Aug 13 2013 Johnny Hughes <johnny at centos.org> - 2.4.14-3.4.57.1.el6.centos.alt>
- built against new 3.4.57 kernel

=====================================================

The following Secuirty issues have been addressed in this kernel:

CVE-2013-2140 (Moderate):
https://access.redhat.com/security/cve/CVE-2013-2140

=====================================================

The following kernel.org changelog entries are applicable since the last
kernel update:

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.55

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.56

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.57

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.58

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.59

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Fedora Magazine Mailing list created

A new Fedora Magazine mailing list have been created, in order to write
all about the Fedora magazine in this list, instead of the Marketing list.
All info related to the magazine and updates will be sent to this
mailing list. Anyone can signup.

Subscribe here: https://lists.fedoraproject.org/mailman/listinfo/magazine

Regards,
Zacharias Mitzelos
--
announce mailing list
announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/announce

Fedora 20 Release Name Voting

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Voting[0] is now going on for the Fedora 20 release name. Voters will need to have a FAS login and be in one non-CLA group.

Voting will end on 2013-08-30 at 23:59 UTC. Results will be published soon afterwards.

[0] https://admin.fedoraproject.org/voting/about/relnamef20

- -- Eric

- --------------------------------------------------
Eric "Sparks" Christensen
Fedora Project

sparks@fedoraproject.org - sparks@redhat.com
097C 82C3 52DF C64A 50C2 E3A3 8076 ABDE 024B B3D1
- --------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQGcBAEBCgAGBQJSFm5EAAoJEB/kgVGp2CYv26cL/iWihqqcWM13CyX1SjYCqadI
DU9gcGES+ITHLDJRpJvBLWFFuYYxyLyaQ1zYE8SkWL0qfwkC4oXhn5ERQ7a/mzLO
dDnwDKoCLU7L2nt30ql5cQyKO4Kcm+kcF7Dc5FmwtzcA7i7VlOCkuriqDAlId3nC
0NKJZT8DGxSuzqCPAPC3NjuGXO2rmtdd7UCPej2aKYuw6/Vyb2XvkkHcgCEaHZxC
OM5JoQvxCxwKEknmLtY5zOEqbG7PKpOXKXCOxUZq0oQgo15krHh0rQiQLyMHPqJN
sWK8q9GgwMjTKFtIRPUHHZ/zSATL/P2g8tCzi41ZJsEaJEAFKb0X/wi3T4R1cKsO
/Wbh6KK72JrMTT3/t6XhkSQ58RT9S+lCKfWKrsWFTl/cZtFZnK97jMqscG5FQzdR
SlUW/kKvHPJuh1S4CxGadZ1tGlfjGIDBeaDhSSROFrz4yRimUs8faJWswCdkMvjU
QRHY1Hh8P1ID8cW+nN3gXrF8daI+kmV8zWFeIrR/Nw==
=95Pa
-----END PGP SIGNATURE-----
--
announce mailing list
announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/announce

F21 schedule: what would you do with more time?

Based on discussion at Flock, on the devel mailing list, and in the FESCo
meeting, we are looking for feedback on the idea of a longer release cycle
for Fedora 21 -- not (right now at least) the bigger question of the 6-month
cycle overall, but just, right now, slowing down for a release to get some
things in order.

Specifically, both Release Engineering and QA have clear needs (and even
plans for) greater automatiion, but are also incredibly busy simply doing
the things they need to do _now_ to get the release out the door.

So, FESCo would like to see some specifics, like "If we had one week with
nothing else to worry about, we could have automated generation and upload
of cloud images" (to pick an example I personally care about). Or "with six
months of overall delay, we could have continuous integration testing of a
key subset of rawhide". Or "we could spend a couple of weeks and automate
the new package and review workflow".

What Infrastructure projects would be helped by this? Web and design team,
would slowing down the release focus allow time to work on, oh, say, getting
the Wiki beautiful (or does it not matter)? What else?

As we look at Fedora.next ideas and possibly decide to start implementation
in the F21 timeframe, we will likely find _new_ things that take specific
work. Let's not worry about that right now. What things we do _now_ could be
improved with the investment of some effort?


--
Matthew Miller ☁☁☁ Fedora Cloud Architect ☁☁☁ <mattdm@fedoraproject.org>
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Wednesday, August 21, 2013

[FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-13:03.mfi

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
FreeBSD-EN-13:03.mfi Errata Notice
The FreeBSD Project

Topic: data corruption with mfi(4) JBOD disks > 2TB

Category: contrib
Module: mfi
Announced: 2013-08-22
Credits: Steven Hartland, Doug Ambrisko
Affects: FreeBSD 9.1
Corrected: 2012-12-03 18:37:02 UTC (stable/9, 9.1-STABLE)
2013-08-22 00:51:48 UTC (releng/9.1, 9.1-RELEASE-p6)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:http://security.freebsd.org/>.

I. Background

The mfi(4) driver supports LSI's next generation PCI Express SAS RAID
controllers. The driver supports JBOD attachment through /dev/mfisyspd?
device nodes.

Logical block addressing (LBA) is a common scheme used for specifying the
location of sectors on hard drives.

II. Problem Description

The way mfi(4) implements access of "syspd" or also known as JBOD always
uses READ10/WRITE10 commands for underlying disk. When writing over 2^32
sectors, the LBA would wrap and starts writing at the beginning of the
disk.

III. Impact

Writing beyond 2TB to mfi(4) connected JBODs would result in data corruption.

IV. Workaround

No workaround is available, but systems that do not use mfi(4) as a JBOD
HBA or do not have disks with 2^32 or more sectors (2^41 or more bytes with
512-byte logical sector size) are not affected.

V. Solution

Perform one of the following:

1) Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.

2) To update your present system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch http://security.FreeBSD.org/patches/EN-13:03/mfi.patch
# fetch http://security.FreeBSD.org/patches/EN-13:03/mfi.patch.asc
# gpg --verify mfi.patch.asc

b) Apply the patch.

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.

3) To update your system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

VI. Correction details

The following list contains the revision numbers of each file that was
corrected in FreeBSD.

Branch/path Revision
- -------------------------------------------------------------------------
stable/9/ r243824
releng/9.1/ r254631
- -------------------------------------------------------------------------

VII. References

http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/173291

The latest revision of this Errata Notice is available at
http://security.FreeBSD.org/advisories/FreeBSD-EN-13:03.mfi.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (FreeBSD)

iEYEARECAAYFAlIVY1YACgkQFdaIBMps37IHmwCfZH+1Gi0u7eYMXYevu0KHaG3a
rCwAn2ecdXnLOsaC6D6i2mo4dmI4HLDk
=AwdQ
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-13:10.sctp

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=============================================================================
FreeBSD-SA-13:10.sctp Security Advisory
The FreeBSD Project

Topic: Kernel memory disclosure in sctp(4)

Category: core
Module: sctp
Announced: 2013-08-22
Credits: Julian Seward, Michael Tuexen
Affects: All supported versions of FreeBSD.
Corrected: 2013-08-15 04:25:16 UTC (stable/9, 9.2-PRERELEASE)
2013-08-15 05:14:20 UTC (releng/9.2, 9.2-RC2)
2013-08-22 00:51:48 UTC (releng/9.1, 9.1-RELEASE-p6)
2013-08-15 04:35:25 UTC (stable/8, 8.4-STABLE)
2013-08-22 00:51:56 UTC (releng/8.4, 8.4-RELEASE-p3)
2013-08-22 00:51:56 UTC (releng/8.3, 8.3-RELEASE-p10)
CVE Name: CVE-2013-5209

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.

I. Background

The SCTP protocol provides reliable, flow-controlled, two-way transmission
of data. It is a message oriented protocol and can support the SOCK_STREAM
and SOCK_SEQPACKET abstractions.

The SCTP protocol checks the integrity of messages by validating the state
cookie information that is returned from the peer.

II. Problem Description

When initializing the SCTP state cookie being sent in INIT-ACK chunks,
a buffer allocated from the kernel stack is not completely initialized.

III. Impact

Fragments of kernel memory may be included in SCTP packets and
transmitted over the network. For each SCTP session, there are two
separate instances in which a 4-byte fragment may be transmitted.

This memory might contain sensitive information, such as portions of the
file cache or terminal buffers. This information might be directly
useful, or it might be leveraged to obtain elevated privileges in
some way. For example, a terminal buffer might include an user-entered
password.

IV. Workaround

No workaround is available, but systems not using the SCTP protocol
are not vulnerable.

V. Solution

Perform one of the following:

1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

2) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch http://security.FreeBSD.org/patches/SA-13:10/sctp.patch
# fetch http://security.FreeBSD.org/patches/SA-13:10/sctp.patch.asc
# gpg --verify sctp.patch.asc

b) Apply the patch.

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.

3) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

VI. Correction details

The following list contains the correction revision numbers for each
affected branch.

Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r254354
releng/8.3/ r254632
releng/8.4/ r254632
stable/9/ r254352
releng/9.1/ r254631
releng/9.2/ r254355
- -------------------------------------------------------------------------

To see which files were modified by a particular revision, run the
following command, replacing XXXXXX with the revision number, on a
machine with Subversion installed:

# svn diff -cXXXXXX --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing XXXXXX with the revision number:

<URL:http://svnweb.freebsd.org/base?view=revision&revision=XXXXXX>

VII. References

<other info on vulnerability>

<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5209>

The latest revision of this advisory is available at
<URL:http://security.FreeBSD.org/advisories/FreeBSD-SA-13:10.sctp.asc>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (FreeBSD)

iEYEARECAAYFAlIVY1YACgkQFdaIBMps37L0AQCgh30FZd+f+rmzMabRFkTPVEmX
tZgAnRuZptKgvlHkqnEhUj30tH6xLDCO
=KJ8k
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

FreeBSD-SA-13:09.ip_multicast Security Advisory
The FreeBSD Project

Topic: integer overflow in IP_MSFILTER

Category: core
Module: kernel
Announced: 2013-08-22
Credits: Clement Lecigne (Google Security Team)
Affects: All supported versions of FreeBSD.
Corrected: 2013-08-22 00:51:37 UTC (stable/9, 9.2-PRERELEASE)
2013-08-22 00:51:43 UTC (releng/9.2, 9.2-RC2-p1)
2013-08-22 00:51:48 UTC (releng/9.1, 9.1-RELEASE-p6)
2013-08-22 00:51:37 UTC (stable/8, 8.4-STABLE)
2013-08-22 00:51:56 UTC (releng/8.4, 8.4-RELEASE-p3)
2013-08-22 00:51:56 UTC (releng/8.3, 8.3-RELEASE-p10)
CVE Name: CVE-2013-3077

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.

I. Background

IP multicast is a method of sending Internet Protocol (IP) datagrams to a
group of interested receivers in a single transmission.

II. Problem Description

An integer overflow in computing the size of a temporary buffer can
result in a buffer which is too small for the requested operation.

III. Impact

An unprivileged process can read or write pages of memory which belong to
the kernel. These may lead to exposure of sensitive information or allow
privilege escalation.

IV. Workaround

No workaround is available.

V. Solution

Perform one of the following:

1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

2) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch http://security.FreeBSD.org/patches/SA-13:09/ip_multicast.patch
# fetch http://security.FreeBSD.org/patches/SA-13:09/ip_multicast.patch.asc
# gpg --verify ip_multicast.patch.asc

b) Apply the patch.

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.

3) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

VI. Correction details

The following list contains the correction revision numbers for each
affected branch.

Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r254629
releng/8.3/ r254632
releng/8.4/ r254632
stable/9/ r254629
releng/9.1/ r254631
releng/9.2/ r254630
- -------------------------------------------------------------------------

To see which files were modified by a particular revision, run the
following command, replacing XXXXXX with the revision number, on a
machine with Subversion installed:

# svn diff -cXXXXXX --summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing XXXXXX with the revision number:

<URL:http://svnweb.freebsd.org/base?view=revision&revision=XXXXXX>

VII. References

<other info on vulnerability>

<URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3077>

The latest revision of this advisory is available at
<URL:http://security.FreeBSD.org/advisories/FreeBSD-SA-13:09.ip_multicast.asc>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (FreeBSD)

iEYEARECAAYFAlIVY1YACgkQFdaIBMps37K1cwCeOwXryun/C0EceD7v1se+z8w1
EUYAoJ7Hh/bOjyuD6oR6ZOEqtDVIL5LP
=6Ehk
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

Fedora 20 Bugzilla Rawhide rebase

Greetings,
This e-mail is intended to inform you about the upcoming Bugzilla changes
happening the week after August 20, 2013 (Rawhide bug rebase) and what you need
to do, if anything.

We will be automatically changing the version for most rawhide bugs to Fedora 20.
This will result in regular bugs reported against rawhide during the Fedora 20
development cycle being changed to version '20' instead of their
current assignment, 'rawhide'. This is to align with the branching of
Fedora 20 from rawhide and to more accurately tell where in the lineage of
releases the bug was last reported.

Note that this procedure does not apply to bugs that are open for the 'Package Review'
component or bugs that have the ''FutureFeature'' or ''Tracking'' keywords set.
They will stay open as rawhide bugs indefinitely.

If you do not want your bugs changed to version '20', add the FutureFeature keyword.
If you need help changing a large amount of bugs manually, we'd be glad to help.

The process was re-approved by FESCo https://fedorahosted.org/fesco/ticket/1096.

Jaroslav

_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[CentOS-announce] CESA-2013:1166 Important CentOS 5 kernel Update

CentOS Errata and Security Advisory 2013:1166 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-1166.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
d02631426bf24dc5b6ab52909548711542561098f4b2931b907f9678d9001a17 kernel-2.6.18-348.16.1.el5.i686.rpm
8617484bd963aec1a7f84d705cc047810a4f3af211c016402fbde4be074470d4 kernel-debug-2.6.18-348.16.1.el5.i686.rpm
ad448d8ce3206559193d06fd62fc933b07e5615d5517dd7b8f90948599b1a979 kernel-debug-devel-2.6.18-348.16.1.el5.i686.rpm
c07b257a0ed439dfbbcdfcb278c1337a9c3cb021f25a126920c092d063a676ec kernel-devel-2.6.18-348.16.1.el5.i686.rpm
d50d6a0d2ef226c2c67cdf9552442ebdbc9c93e178b3cbc358ea8a21041addb8 kernel-doc-2.6.18-348.16.1.el5.noarch.rpm
7084e6b3a0727ff09c43cb052da3699c711e6fcb51ef9702de857f90d98cb48d kernel-headers-2.6.18-348.16.1.el5.i386.rpm
107c53fb1a093228e8b05ac0d51a90172da4e2e3bd1b9d4af14ef19bfa7c5dc9 kernel-PAE-2.6.18-348.16.1.el5.i686.rpm
f218dac210040482c44c58571244b705477910b301625ca44ce2ce9a68e8b285 kernel-PAE-devel-2.6.18-348.16.1.el5.i686.rpm
38ea6a7835d3681ae92277a915f48f00b6ff849394edf38ebb70d18bd428a45f kernel-xen-2.6.18-348.16.1.el5.i686.rpm
415991779db25c929880d8f402b66b595c36ae59acbf0686ce68e0a634357941 kernel-xen-devel-2.6.18-348.16.1.el5.i686.rpm

x86_64:
7152266d0736015841b97c347d7e945e49b7d4b142e29388ff69d0ff1308290a kernel-2.6.18-348.16.1.el5.x86_64.rpm
68bce41ba30d780c09a2897f55e0d3a3f365d460cc44db1e5e0dd7964a8d2d46 kernel-debug-2.6.18-348.16.1.el5.x86_64.rpm
cae667f0a8f4048e1f7dd5c888eaceb6c3eab862d4c1005523d723750d4a6b26 kernel-debug-devel-2.6.18-348.16.1.el5.x86_64.rpm
040e4246861e2915aa560e7aa05ce2a778bcfaf08a5693bd0b02ebb6ede86147 kernel-devel-2.6.18-348.16.1.el5.x86_64.rpm
d50d6a0d2ef226c2c67cdf9552442ebdbc9c93e178b3cbc358ea8a21041addb8 kernel-doc-2.6.18-348.16.1.el5.noarch.rpm
23a8033ee3ec409fe9e2019841354cdd04472ca72f7c8f51e2b4580da7a0e3bc kernel-headers-2.6.18-348.16.1.el5.x86_64.rpm
4063def792a700b1f33db59337f913d12b0a13c53beeecc90a94f5644756fd95 kernel-xen-2.6.18-348.16.1.el5.x86_64.rpm
8e1fc76336a82f113bcfca5ec5b15071cfcc83467c2e5f350f5fa435ab5e9e28 kernel-xen-devel-2.6.18-348.16.1.el5.x86_64.rpm

Source:
0e20cfa308fedba59bea2312a0096e1c085a990377f40197a98ae44ef75f8ca6 kernel-2.6.18-348.16.1.el5.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2013:1168 CentOS 6 authd Update

CentOS Errata and Bugfix Advisory 2013:1168

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1168.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
66c183194b6d9aff038d39e26ab850d207122e5d986bd80318b12c4c9a032dd2 authd-1.4.3-31.el6_4.i686.rpm

x86_64:
c5ee02eb06014972d49e75f5ed784da700a6b29738ddfb165a50fa571d1f325d authd-1.4.3-31.el6_4.x86_64.rpm

Source:
b598e422e2deb588693d6021c5dff34c77d250947a7484ffb372166abd29b2fc authd-1.4.3-31.el6_4.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Tuesday, August 20, 2013

Fedora 20 Mass Branching

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi All,

Fedora 20 has been branched, please be sure to do a git pull --rebase to
pick up the new branch, as an additional reminder rawhide/f21 has had
inheritance cut off from previous releases, so this means that
anything you do for f20 you also have to do in the master branch and do
a build there. This is the same as we did for fedora 19.

Dennis
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)

iEYEARECAAYFAlIT7AQACgkQkSxm47BaWffWEgCgkw9eldBN1H0hBSna3lWQ0FzG
63AAn2/qomutLvZQe/jsxk8PcsBtHDq2
=mUyD
-----END PGP SIGNATURE-----
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Fedora 20 Changes Freeze today & tracking bugs

Hi!
All Changes Tracking bugs should be reported now [1] as a
replacement for tracking changes/features in the wiki page and
using usually meaningless percentage status. Please, use this
tracking bug for bugs blocking your Change (if you already have
a tracking bug, ignore this one and please change component to
Changes Tracking one).

Full list of accepted Changes by FESCo is on:
https://fedoraproject.org/wiki/Releases/20/ChangeSet

* What should I do with my Change now?
According to the policy, the Change has to be substantially complete
and in a testable state; enabled by default -- if so specified by the
Change. If the above applies for you Change, please set bug status
to MODIFIED state. Otherwise if your Change is at risk, please,
write a new comment to the bug with the current status and let me
know. We'll try to deal with this situation.

Current schedule is available at [2]. Fedora 20 is really pretty
tight, as we wanted to avoid major holidays, so help us with
tracking status of this release!

Thanks
Jaroslav

[1] https://bugzilla.redhat.com/buglist.cgi?component=Changes%20Tracking&product=Fedora
[2] https://fedoraproject.org/wiki/Releases/20/Schedule
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[USN-1936-1] Linux kernel (Raring HWE) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSE23WAAoJEGVp2FWnRL6Tc7gP/iP3iQRLUFHVTmDVPQkRGc28
3BftKfeFYAYV/fsvAObISA/yLumpgErGzaBKWoFs61NrNLXTkL72ulCJ5g7q2/8F
Gn6XFYl9HW84TceSE1esukllxFcAvWiasNIjtu5kCDQoydMNCj+PfmxGpyKX9b9E
d9744W8ThKethzAtj7ZAnSbrG/CrZlJSgLdyTIeKjHR/b+2IfpGZ/9r0ownm4imR
oo8CnWBBU2nBi0cFcLOsbbyEh9Qj73CyGuMzuY03MDkQ3jSSW4ejGjjKsqnNHMJ9
OIKqZbNiOaSbQnyUOxhiPpDx9WPweWS4H506yXVTHPq7isWjDwL1wDoVmE0WL87p
kKQp84pMWyO8r05EyOQISDBDNRuAn8C0D/KliW2S1PvraDJ2sTs4lp0S44SkwY6H
N4wSE3nck6WwVrcs5OXH6SYatzqH7N2u9biuvvWIqFLuBIWeMMBXiikvie7GLRJB
shCIc1zmmvjgIsXjKYCS85T2xVNq0ebZTIUcZhJ7aGcqzSnCOQyT5sIIPyDJXXoU
6e80QMtBoBo7Qp8Ne7/zr5bJG40k3+vwwZFzJT3/K9Or35ld0P8DiYD5i9WauUMO
KmWcC6TMb9kgthjnTh3pogr7swfrXJasHbSVTNWnI8k9FzYwt/H6AsSvvAnH7x6r
cC3/KuphxaQpaZL//kQo
=aRW+
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1936-1
August 20, 2013

linux-lts-raring vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-lts-raring: Linux hardware enablement kernel from Raring

Details:

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2013-1059)

An information leak was discovered in the Linux kernel's fanotify
interface. A local user could exploit this flaw to obtain sensitive
information from kernel memory. (CVE-2013-2148)

Jonathan Salwan discovered an information leak in the Linux kernel's cdrom
driver. A local user can exploit this leak to obtain sensitive information
from kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164)

Kees Cook discovered a format string vulnerability in the Linux kernel's
disk block layer. A local user with administrator privileges could exploit
this flaw to gain kernel privileges. (CVE-2013-2851)

Kees Cook discovered a format string vulnerability in the Broadcom B43
wireless driver for the Linux kernel. A local user could exploit this flaw
to gain administrative privileges. (CVE-2013-2852)

Hannes Frederic Sowa discovered that the Linux kernel's IPv6 stack does not
correctly handle Router Advertisement (RA) message in some cases. A remote
attacker could exploit this flaw to cause a denial of service (system
crash). (CVE-2013-4125)

A vulnerability was discovered in the Linux kernel's vhost net driver. A
local user could cause a denial of service (system crash) by powering on a
virtual machine. (CVE-2013-4127)

Marcus Moeller and Ken Fallon discovered that the CIFS incorrectly built
certain paths. A local attacker with access to a CIFS partition could
exploit this to crash the system, leading to a denial of service.
(CVE-2013-4247)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.8.0-29-generic 3.8.0-29.42~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1936-1
CVE-2013-1059, CVE-2013-2148, CVE-2013-2164, CVE-2013-2851,
CVE-2013-2852, CVE-2013-4125, CVE-2013-4127, CVE-2013-4247

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-raring/3.8.0-29.42~precise1

[USN-1935-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSE2OBAAoJEGVp2FWnRL6TlkkQAI3dZfD+STfqw6Xm+dX6y7oq
7u3dqU+0kxQdY/7R1gliEru8Sf6Y/IFoSm1DCJi23yaK8tTWBWb7Lq8vggVYPsw9
N8L2uw7j6MKZyWUDEyBYCZEZZeALxkjFygecPBhEeTk/s0RKZRElatEjUJAxfb3A
RMQ9wsYmsChO95hSF2zync+G0HXANgl6h05CKK+11rYFAXccFIPfUfehoKCsRPFu
3q5wlWU092E5o6a+7IFQYTecreMFh5wDRnZM3/lQbVhelxUypssU4wpN13S632Cj
VbNJzxGKimWPi5vTdVEqNITNIFBR5oAmD5Sa9zeNwon6cOVqFq6pBFEaH9R2z/eu
Y7bejB6R06HU7/wGK7JYCFzK/OYEWt98Lp12x7c3U/VpK0pleXUUpY02BFkkLwM9
mfyLJmxD1no4bgVJtIlEB94t+MBVLPaN8jhwE2GEx3sELJYWsvcKbss86I9fqmxg
i2kzdg72clIo7t2Uv79NzZELfxxMOV9vpY58eZt3M76akiOtRuPFMD1oIJZGX82S
A/UolmV58CDQXOVFQtZTf3MSRqJpW4nzuc+bxIfgjs2JAJ354GNlLL2usQtEWi/X
3KwaGMx/uvaz4ALynSYQSMIC64sf4aMDBgY21cJ93yVJ5Fj6ylC37seHTXT8taPj
mNl0hQaC6r8oT82kDYk+
=UdnQ
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1935-1
August 20, 2013

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2013-1059)

An information leak was discovered in the Linux kernel's fanotify
interface. A local user could exploit this flaw to obtain sensitive
information from kernel memory. (CVE-2013-2148)

Jonathan Salwan discovered an information leak in the Linux kernel's cdrom
driver. A local user can exploit this leak to obtain sensitive information
from kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164)

Kees Cook discovered a format string vulnerability in the Linux kernel's
disk block layer. A local user with administrator privileges could exploit
this flaw to gain kernel privileges. (CVE-2013-2851)

Hannes Frederic Sowa discovered that the Linux kernel's IPv6 stack does not
correctly handle Router Advertisement (RA) message in some cases. A remote
attacker could exploit this flaw to cause a denial of service (system
crash). (CVE-2013-4125)

A vulnerability was discovered in the Linux kernel's vhost net driver. A
local user could cause a denial of service (system crash) by powering on a
virtual machine. (CVE-2013-4127)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
linux-image-3.8.0-29-generic 3.8.0-29.42

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1935-1
CVE-2013-1059, CVE-2013-2148, CVE-2013-2164, CVE-2013-2851,
CVE-2013-4125, CVE-2013-4127

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.8.0-29.42

[USN-1933-1] Linux kernel (OMAP4) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSE2BaAAoJEGVp2FWnRL6TxCoQAJ4MSIKeniAFYzGmFUN+Ozxw
rxB2YknlTapwVKA27Fa9E7/VYpoZLbdupacKLqLM6hd/KhYTiiz3DdZCbFDrvqNH
Cz54an/cw/Z0kpAVxRsJXkLyagpF7BplJZLm31MG7/Zu3vhbBprRdVorX/E6ROwz
5gD+SO5nhbksIyGZFVWS8U3TmCD+EkNxVbL9jz32YX6fejnLPkAiRQZvUEIDgqAN
VV+CwqVLkhTXAaWYfuEhyE/9AxMkgo+hkthku4k3F4dpAoXK9VgR0JPD3o+QaIKL
RFU6jo34edf7nB9Ra2svfskrLLQNApim7B0rPAVS7ZTKtxdS9l/pAl8iVjbdmwRK
fGrT/SKopu4ebTBaHYlBciUvPzMPcRGK6sCHtJ0eywDMXPvSdJTULPhoMEDRyQHX
7I5oS7Q37O3mbJ1i0ACHp2+sbUS7nbD/I24LjeJJmC8Bq/8++fONkRSGORAM1Yl2
S16mgU2KImE8FIEPP/y1BSGjN71zO7nTrW1PfnOH9y0J6rXQOtWT9g5CTcT3z+i5
jyRtQXSvh6JQfzkCdBX9/MXlvUevBw1zxxvWUh25/rHbh6qd5/k+ACsja8Ngi/Xh
/hvoaXXqwq39Jg4fVG/eIdIDy/QdeMZpSzmwjWmE4zFLjDzBl7K7Y3PvU8vQ7sUk
1FWa7HAkIlbhVENa6x8y
=dBmm
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1933-1
August 20, 2013

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2013-1059)

An information leak was discovered in the Linux kernel's fanotify
interface. A local user could exploit this flaw to obtain sensitive
information from kernel memory. (CVE-2013-2148)

Jonathan Salwan discovered an information leak in the Linux kernel's cdrom
driver. A local user can exploit this leak to obtain sensitive information
from kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164)

Kees Cook discovered a format string vulnerability in the Linux kernel's
disk block layer. A local user with administrator privileges could exploit
this flaw to gain kernel privileges. (CVE-2013-2851)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
linux-image-3.5.0-231-omap4 3.5.0-231.47

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1933-1
CVE-2013-1059, CVE-2013-2148, CVE-2013-2164, CVE-2013-2851

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.5.0-231.47

[USN-1934-1] Linux kernel (OMAP4) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSE2BtAAoJEGVp2FWnRL6TjA0P/12oepdsls5vFCHd97Q/APbJ
5ZqbB0ZymbJg8Mjuor3kKOtfNbOLxp1wF5sWG0cb/4f51iqPpVALGg3Zf4EYmbgx
Ah95HQGzVFW+RZe1yhIQmMyGan/osgSnhPXQKU8zbd2Mjp9oSfQxWRqCctXWm/JR
wntQrw4hAuGJtr6CMvleH8Jps85W7kgYR2X2nx6YaB/EleKOAoQyYEkfcr6jq2X7
+w8smvEXDLjn3gzUqzv7JU3dxftaMLko2vzf/0vFnP+GT2TFwB6vZZTUbyPRvk7g
JanpOm/yikn630ljWcwzEoNWqrnUKsIKz5p1JP61ClznnmjgDDHNRStNCmEdG6kS
GRGiJrAtGkzICsakvEHXxJ1rkDNhTVpRaVQMwaifFzXKqxveXbWA8NeEsyxpHj9+
6Crgk0DuJo6d36eCMeHVc00oFzcZ9jG7nytsQhrICbEQAVCsJNEVXoAjaAtBMYqL
3cB89tDLHHiNy/Uoy8JTI3ywepgiG11+hmD6O2AzcYpEGjewZr5cEO9j3zs4bV2P
8aKs9KyBhG+myeaz/DaZTE+5NcHhjwSYHPtmIEK9MUqDC7j7jxqqAi//EjaBnXYs
MiynuDOaMSmTGyEzo+aMo51QqD4sdtnUj6fHH5xriQrE4HtzFvqUH5gAxDhn4+u/
D5NVmX+Y2UKzQaZmvYbV
=R79w
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1934-1
August 20, 2013

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2013-1059)

An information leak was discovered in the Linux kernel's fanotify
interface. A local user could exploit this flaw to obtain sensitive
information from kernel memory. (CVE-2013-2148)

Kees Cook discovered a format string vulnerability in the Linux kernel's
disk block layer. A local user with administrator privileges could exploit
this flaw to gain kernel privileges. (CVE-2013-2851)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
linux-image-3.5.0-231-omap4 3.5.0-231.47

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1934-1
CVE-2013-1059, CVE-2013-2148, CVE-2013-2851

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.5.0-231.47

[USN-1932-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSE2BHAAoJEGVp2FWnRL6TGmUP/3t4kwME6/W0+J5te+Jhblc8
X3jQasP7XbfLSa2x8Aqj7m9yq6Qug4BEypfdEeihpHrXEmHsmJ/hw8aVfU9KcqQ8
8fEAXLZexdz9EaCW+Jt7cdBb5TQEJYHLJZvZSWrqNcziKztBRHjRFxX91tCJ59ZX
OfKkU2pXVmf/1papc7thAuzjeK/GtvnCKbWXmtEsK/ow12CAY38uPQovd6Jxhbkz
eROkgnc9hNyDvtDLVk63blmQskO1Sa/hEsDb1j8661yny+CW4F1DsAzVIIK7sOSM
hrgr01QK2F9haPXtnbkZ1SmXTaHLS0BCHb3e7mV6EzJ+mpVoV9i1BYXPYhub9MK/
oCoTviFWQ0Q7b8Yyf6EQx9uhEfeM1gMq57Qcu3I3BJ0qEFULGeDl2SguvweScm5e
URZ222QNttgjEs1cvReUt9/1TbFKlY+JG268Vyq/NzzaytvIXCDoUqeVOs6Ws7aE
UA2pwmUBxYL88ALLJjkebUts4Vu5ZIwrcX0IdHQp2KON2RoC3tAc39/OPdIS1XUv
x/4E0pGB07/EU4ZvliMGxwtRh1Dk3IKpNcSdNxc594vvAaTEg0LE46thM6dxEMOv
W2ooaQ4EZRj4SE3TWqFTkcI1jFcOL6TsI6M0F/pUYAi45bMBsrKseXgeNhaehHhe
891kt23DbidHBLOT37Ts
=cJ46
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1932-1
August 20, 2013

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2013-1059)

An information leak was discovered in the Linux kernel's fanotify
interface. A local user could exploit this flaw to obtain sensitive
information from kernel memory. (CVE-2013-2148)

Jonathan Salwan discovered an information leak in the Linux kernel's cdrom
driver. A local user can exploit this leak to obtain sensitive information
from kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164)

Kees Cook discovered a format string vulnerability in the Linux kernel's
disk block layer. A local user with administrator privileges could exploit
this flaw to gain kernel privileges. (CVE-2013-2851)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
linux-image-3.5.0-39-generic 3.5.0-39.60
linux-image-3.5.0-39-highbank 3.5.0-39.60
linux-image-3.5.0-39-omap 3.5.0-39.60
linux-image-3.5.0-39-powerpc-smp 3.5.0-39.60
linux-image-3.5.0-39-powerpc64-smp 3.5.0-39.60

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1932-1
CVE-2013-1059, CVE-2013-2148, CVE-2013-2164, CVE-2013-2851

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.5.0-39.60

[USN-1931-1] Linux kernel (Quantal HWE) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSE2A1AAoJEGVp2FWnRL6TNZgP/AnOmgP50/aD8n8ZxB4nIYdz
wFzw7bqc63JhrCFotWzAUpIUJn5XpVYLYFC4EBW+VQYfMoW7QwSsZaJxmk1pnjSv
gYogd4xguWJzVnVAzmZNRJJMBbzf2Y+9VhFWH2nlpvAGA0977IXltwR7Ql2wJX7B
7oPTOZ0AYFPygHNm6e4HzoKLGylkhfwnGOPHnfrYzZB1hdq/7SWVE/3taLfZPs3D
JTNXehWC/+5xDvtB5e0gPNV1N7K5BAKuVitoBAEtZhhTMskhxzCXrpCEcGVlxxks
ZaN8hk/2uQTfKan91VtfvxrZxj5/CgCbT858Hp8VHbjuJ0HQlH90QJDVg9pcUMZE
ICE32c/qRHFnvbMTKzpY2AWZFjCMfa38Jin4o2youRfaS6lR40xQBaSRsEjdVbNz
LzRq/rOL43vYBgFDUOX9fd6KQAMqmsAToFUAX8La1eGentxZ/SJ7BAwrdUkPFtKH
rNzHgB5LjBAJIYJvAMkkXV9D0jwO2Ss3T9Il9xZ/oJpzSXahkjYqkASbzdrl1Gqw
18bXPhHOTdSwo5O+y93hh0W7pNcM8tDvk1jGbrP/QKSoLkfxEoKdhAdmF20eHFMP
Ghir5iPbdGzdt+CLI/pWKisAtgQfaNBo5CD/OTgsuG1PEDGgVOHEyEUx/s1KNLVl
jb5eyw4LF3L9jqmV5yg9
=ksmf
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1931-1
August 20, 2013

linux-lts-quantal vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-lts-quantal: Linux hardware enablement kernel from Quantal

Details:

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2013-1059)

An information leak was discovered in the Linux kernel's fanotify
interface. A local user could exploit this flaw to obtain sensitive
information from kernel memory. (CVE-2013-2148)

Jonathan Salwan discovered an information leak in the Linux kernel's cdrom
driver. A local user can exploit this leak to obtain sensitive information
from kernel memory if the CD-ROM drive is malfunctioning. (CVE-2013-2164)

Kees Cook discovered a format string vulnerability in the Linux kernel's
disk block layer. A local user with administrator privileges could exploit
this flaw to gain kernel privileges. (CVE-2013-2851)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.5.0-39-generic 3.5.0-39.60~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1931-1
CVE-2013-1059, CVE-2013-2148, CVE-2013-2164, CVE-2013-2851

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-quantal/3.5.0-39.60~precise1

[USN-1930-1] Linux kernel (OMAP4) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSE2AjAAoJEGVp2FWnRL6TUxUQAJ2y3MfLzjCVyI4+0S3jZ1HX
2u1eetdwk21m2qNZn5EErfo/PGGlzY4DsJoxhdcGl3HCyqb7UN7pXE/f8Kxc+Pns
CYSeB0lGv+EhP0PSO2edvPhL2p08+z6R8ymcXSO4X2jv9dMM0jKLm8UqdN2BNs0r
dyGOq5RbD60dU9Bz3CZ9Sn8S9h9rt+aDfLh/HTDif2gf1EDltDsQOl3qxQS9pINV
b2+h7R9JGJvTmQC0GXFmnNSkirHaPQSzSah+0ZRMG2gC7OnwR8Jf/lvn+FIf9Tmc
MccplcSfVeudZSTblmjMKmc4kb+iQtI83WNl3zlkP06NlW8MFW1RMQKziZveuWO/
kbVqEhRnSYXeqwOs/qhvsqQhgzrOG3nc7jBsXrDMVzq8uuNk1DZp3ICAlvrag2bT
LSWQk5pJJynNFrugImydttKYn735wlvhkMRxDNFnwmJ3/V2my+1XXmfXqjPcN4W3
ay2wBe5gB2RimXdkjC3QV+36gCew0Wh0ah0w+UUDGj0xA6JyddUxatgG4pIqKbG8
mDPvoOnAaK2Gnd6gPo+lWYcmTAy2UcVzv5AXhPKxaD71TH/IDp+kcH1UNwo5FgC5
HCZj2QFh8tlAIKLY1eg0O0pDdImWtOfBGSZHDUjkj4sbZtRKx9GTCGCJ3LVJx8as
6v9sXj+pgulbWCq72kPm
=d6QF
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1930-1
August 20, 2013

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

An information leak was discovered in the Linux kernel's fanotify
interface. A local user could exploit this flaw to obtain sensitive
information from kernel memory. (CVE-2013-2148)

Kees Cook discovered a format string vulnerability in the Broadcom B43
wireless driver for the Linux kernel. A local user could exploit this flaw
to gain administrative privileges. (CVE-2013-2852)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-1436-omap4 3.2.0-1436.55

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1930-1
CVE-2013-2148, CVE-2013-2852

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.2.0-1436.55

[USN-1929-1] Linux kernel vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSE2AQAAoJEGVp2FWnRL6T4BQQAKc6vVDFBhlv43A5YP10sBdJ
je1zTo/uFUCCcf+wGiPF0IQypKnKiYS4hlnAxvcZCHJGNOQ8e/pVAyg8SBNzzOuK
nkyIzt4Yk7iw87IuzQe+34Dt1vljKhreC67wNvS4ozLnNLcIEOkZkMQ6zjbi1Npx
gyT4joGcgr1Uz2Uw+ME04YghOFjJJSueNZlex3yhgCMjkBJmJxPrULrxA9Mb2hw6
9k/1JI7v++0UDs8Zj3EsWnrtDD3i/zipzwYzPUaBikfNB8jsWxqgPGtBH/okleyS
5EH9CEKZuMqkKI7ObZroejBw5BSgUmii15x314nm5tmjqtlCgeg9FJxmMSDNFG9G
ONAmsTGxrjCzYydcrKs9ZPziEsmX88k4tFTdMLTyq6IvWujCryeUNMCGtL70ukUr
LeLThWGDSGQ7DBcvTqF2Fpr1/ZS+VhK7waAOhUnqk4DUvGSeDxwKjAUPy6LHP7VK
kXZKMVrbu1HZKBlnyOtGo8oD5Zrs7asmQSekaNTDSSeKnuNMGP1O4kFfT5199oY6
MNzErziBgxChBjGaptBThZddpl3GVpENSaWMTEJK1v3ow9pfM4wCvQNQ0dm7X5nV
ljMP7Ma8rI8Rp9/svqTTy69q/qWj+MQdNa4qAJhrg1R3HLM+uakq62e5fTRVnWC3
IGX2ZRhtscC3XoJTZ9i8
=kwNr
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1929-1
August 20, 2013

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to expose sensitive information.

Software Description:
- linux: Linux kernel

Details:

An information leak was discovered in the Linux kernel's fanotify
interface. A local user could exploit this flaw to obtain sensitive
information from kernel memory.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-52-generic 3.2.0-52.78
linux-image-3.2.0-52-generic-pae 3.2.0-52.78
linux-image-3.2.0-52-highbank 3.2.0-52.78
linux-image-3.2.0-52-omap 3.2.0-52.78
linux-image-3.2.0-52-powerpc-smp 3.2.0-52.78
linux-image-3.2.0-52-powerpc64-smp 3.2.0-52.78
linux-image-3.2.0-52-virtual 3.2.0-52.78

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1929-1
CVE-2013-2148

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.2.0-52.78

Monday, August 19, 2013

[ACTION REQUIRED] Retiring long-term FTBFS packages for Fedora 20

The following packages did not build for two releases and will be
retired around 2013-08-26 unless someone rebuilds them or announces to
actively working on fixing them.

Note: If you received this mail directly you (co)maintain one of the affected
packages or a package that depends on one.

Package (co)maintainers
===========================================================================
curry gemi, oliver
eclipse-phpeclipse mbooth, swagiaal
libgarmin fab
libvpd emunson, hegdevasant, fkocina, lnykryn, rrakus,
jskala
lsvpd emunson, hegdevasant, fkocina, lnykryn, wolfy,
rrakus, jskala
mod_mono chkr
nautilus-sendto-trac mbooth
open-cobol s4504kr
petitboot dwmw2, tbreeds, jwboyer
python-pylons kylev, cicku
simulavr ndim
smart athimm, scop
synce-connector awjb
tango-icon-theme cwickert
tango-icon-theme-extras cwickert

The following packages require above mentioned FTBS packages:
Depending on: python-pylons
python-repoze-what-pylons (maintained by: spot, lmacken)
python-repoze-what-pylons requires python-pylons = 1.0-4.fc17


Depending on: smart
PackageKit (maintained by: rhughes, rdieter, stefw, jcm, rnorwood, lmacken, rhughes, timlau, tuxbrewr)
PackageKit-smart requires smart = 1.3.1-68.fc17

fedora-package-config-smart (maintained by: athimm, scop)
fedora-package-config-smart requires smart = 1.3.1-68.fc17


Depending on: synce-connector
synce-gnome (maintained by: awjb)
synce-gnome requires odccm = 0.15.2-5.fc17

synce-kpm (maintained by: awjb)
synce-kpm requires odccm = 0.15.2-5.fc17


Depending on: tango-icon-theme
gnome-theme-curvylooks (maintained by: pgordon)
gnome-theme-curvylooks requires tango-icon-theme = 0.8.90-6.fc17

Affected (co)maintainers
athimm: smart
awjb: synce-connector
chkr: mod_mono
cicku: python-pylons
cwickert: tango-icon-theme-extras, tango-icon-theme
dwmw2: petitboot
emunson: lsvpd, libvpd
fab: libgarmin
fkocina: lsvpd, libvpd
gemi: curry
hegdevasant: lsvpd, libvpd
jcm: smart
jskala: lsvpd, libvpd
jwboyer: petitboot
kylev: python-pylons
lmacken: python-pylons, smart
lnykryn: lsvpd, libvpd
mbooth: nautilus-sendto-trac, eclipse-phpeclipse
ndim: simulavr
oliver: curry
pgordon: tango-icon-theme
rdieter: smart
rhughes: smart
rnorwood: smart
rrakus: lsvpd, libvpd
s4504kr: open-cobol
scop: smart
spot: python-pylons
stefw: smart
swagiaal: eclipse-phpeclipse
tbreeds: petitboot
timlau: smart
tuxbrewr: smart
wolfy: lsvpd


The script creating this output is run and developed by Fedora
Release Engineering. Please report issues at its trac instance:
https://fedorahosted.org/rel-eng/
The sources of this script can be found at:
https://git.fedorahosted.org/cgit/releng/tree/scripts/find-unblocked-orphans.py
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Re: [ACTION REQUIRED] Retiring packages for Fedora 20 v2

The following packages have been retired:

alsa-oss
firmware-extract
firstboot
gkrellm-timestamp
guiloader
justmoon
lybniz
mars-sim
miau
openstack-tempo
osgal
python3-cherrypy
vblade

Because alsa-oss was retired, mumble needs to be rebuild without OSS
support (just removing the BR failed in a scratch build because
libspeechd.h cannot be found, maybe this is an unrelated bug)

modplugtools needs to be changed to not ship modplugplay anymore, but
modplug123 should still work.

I will soon post a follow-up message regarding FTBFS packages.

Regards
Till
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[CentOS-announce] CEBA-2013:1167 CentOS 6 prelink Update

CentOS Errata and Bugfix Advisory 2013:1167

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1167.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
37e0c1897102ba0f909b7848ea03c12d64896c1aa8df810ce18476c5115d7aae prelink-0.4.6-3.1.el6_4.i686.rpm

x86_64:
060fc0846a739e7cfacbf68c539b0ac9b0fca8a883d914c7e22fb6f76dac4498 prelink-0.4.6-3.1.el6_4.x86_64.rpm

Source:
258323b68526cc620b799d3dda21001be784784e1c508d8c513cf2b2a519262f prelink-0.4.6-3.1.el6_4.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

(+libcamel) Re: (+libebackend, libedataserver) Re: evolution-data-server soname version bump for libedata-book/libedata-cal next week (3.9.90 release)

On Fri, 2013-08-16 at 16:47 +0200, Milan Crha wrote:
> I've just committed a fix which changes soname version also for
> libebackend and libedataserver. Like before, whatever I'll be able to
> rebuild I will rebuild.

Hi again,
I'm sorry, but there was done an API change in libcamel at the very last
moment too, thus this one is affected as well. Like before, whatever
I'll be able to rebuild I will rebuild.
Bye,
Milan

_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce