Monday, September 30, 2013

[USN-1981-1] HPLIP vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJSSchDAAoJEGVp2FWnRL6TNa0P/j7BOOkHNIHlQOeXnovqCveq
jOpcvUVsmxKD0MlgRPbUbSih9wlG3gRuZ9tgOhAWrh3zJHrB5sXn7u2ra90n4paY
NaF+dnNXGhDcvMSj/I5Y1Iu0Aqnf5LIK7+80jOXt2hKe7lygKvmsAcQZ8ogN0IYr
6UOSzWrsA6lGwyUxKG/boMlVto/u+tzfDSJGWdqIzj2PmUy16dxtJ5VaQX8biqLJ
lg9eRCzSeA4xqrWu8zRJLENDamwBD/HMWW97RVPkze9af/6uUxCQQzgbsxT6mUif
BMqxUeXVRh+Uxg9c/Dc13YuEbMxElvTnhHNr172lzftXYi0uIePTW+66sFZDS9P1
QLVwa2lQb+8QUEpvX+gedxTPC/mF2ssiagm5HwpXY6zmZW8X7mJKiVeQ+b4iMzrw
cvEblQ8VyWdkYA4iP0cwRAVtDDMjN8LlXwMtlLe+AEn6LxH4f7BfFlQzlwLYPdQY
UDZ9n1LoZK/QZmvwgEv3/fmLUsbh3hU4BTtiIJwgVUl4KrVCxYgcj3jPpHTQ4sTI
cWbU476SNmYi+Wa+aaWXte3505Uy/bn4h9xk7Obopn0omvDfYMv6QknKUxTTopCo
Rn45Fc/sNe2uLScglEg7xAZwTw4fJ10upzgG+38yL89tzAKemgOBpG7D4KIin68J
cBHrs71/sWOpNDYkykAK
=To6a
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1981-1
September 30, 2013

hplip vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

HPLIP could be made to overwrite files.

Software Description:
- hplip: HP Linux Printing and Imaging System (HPLIP)

Details:

It was discovered that HPLIP incorrectly handled temporary files when using
the fax capabilities. A local attacker could possibly use this issue to
overwrite arbitrary files. This issue only applied to Ubuntu 10.04 LTS.
(CVE-2011-2722)

Tim Waugh discovered that HPLIP incorrectly handled temporary files when
printing. A local attacker could possibly use this issue to overwrite
arbitrary files. In the default installation of Ubuntu 12.04 LTS and Ubuntu
12.10, this should be prevented by the Yama link restrictions.
(CVE-2013-0200)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
hplip 3.12.6-3ubuntu4.2

Ubuntu 12.04 LTS:
hplip 3.12.2-1ubuntu3.3

Ubuntu 10.04 LTS:
hplip 3.10.2-2ubuntu2.4

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1981-1
CVE-2011-2722, CVE-2013-0200

Package Information:
https://launchpad.net/ubuntu/+source/hplip/3.12.6-3ubuntu4.2
https://launchpad.net/ubuntu/+source/hplip/3.12.2-1ubuntu3.3
https://launchpad.net/ubuntu/+source/hplip/3.10.2-2ubuntu2.4

[FreeBSD-Announce] FreeBSD 9.2-RELEASE Now Available

The FreeBSD Release Engineering Team is pleased to announce the availability
of FreeBSD 9.2-RELEASE. This is the second release from the stable/9 branch,
which improves on the stability of FreeBSD 9.1 and introduces some new
features. Some of the highlights:

* The ZFS filesystem now supports TRIM when used on solid state
drives.
* The virtio(4) drivers have been added to the GENERIC kernel
configuration for amd64 and i386 architectures.
* The ZFS filesystem now supports lz4 compression.
* OpenSSL has been updated to version 0.9.8y.
* DTrace hooks have been enabled by default in the GENERIC kernel.
* DTrace has been updated to version 1.9.0.
* Sendmail has been updated to version 8.14.7.
* OpenSSH has been updated to version 6.2p2.
* Import unmapped I/O support from head/.

For a complete list of new features and known problems, please see the
online release notes and errata list, available at:

http://www.FreeBSD.org/releases/9.2R/relnotes.html
http://www.FreeBSD.org/releases/9.2R/errata.html

For more information about FreeBSD release engineering activities,
please see:

http://www.FreeBSD.org/releng/

Availability
-------------

FreeBSD 9.2-RELEASE is now available for the amd64, i386, ia64, powerpc,
powerpc64, and sparc64 architectures.

FreeBSD 9.2 can be installed from bootable ISO images or over the
network. Some architectures also support installing from a USB memory
stick. The required files can be downloaded via FTP as described in the
section below. While some of the smaller FTP mirrors may not carry all
architectures, they will all generally contain the more common ones such
as amd64 and i386.

MD5 and SHA256 hashes for the release ISO and memory stick images are
included at the bottom of this message.

The purpose of the images provided as part of the release are as follows:

dvd1: This contains everything necessary to install the base FreeBSD
operating system, the documentation, and a small set of pre-built
packages aimed at getting a graphical workstation up and running.
It also supports booting into a "livefs" based rescue mode. This
should be all you need if you can burn and use DVD-sized media.

disc1: This contains the base FreeBSD operating system. It also supports
booting into a "livefs" based rescue mode. There are no pre-built
packages.

bootonly: This supports booting a machine using the CDROM drive but
does not contain the support for installing FreeBSD from the
CD itself. You would need to perform a network based install
(e.g. from an FTP server) after booting from the CD.

memstick: This can be written to an USB memory stick (flash drive) and
used to do an install on machines capable of booting off USB
drives. It also supports booting into a "livefs" based rescue
mode. There are no pre-built packages.

As one example of how to use the memstick image, assuming the USB drive
appears as /dev/da0 on your machine something like this should work:

# dd if=FreeBSD-9.2-RELEASE-amd64-memstick.img of=/dev/da0 bs=10240 conv=sync

Be careful to make sure you get the target (of=) correct.

FreeBSD 9.2-RELEASE can also be purchased on CD-ROM or DVD from several
vendors. One of the vendors that will be offering FreeBSD 9.2-based
products is:

~ FreeBSD Mall, Inc. http://www.freebsdmall.com/

FTP
---

At the time of this announcement the following FTP sites have
FreeBSD 9.2-RELEASE available.

ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.2/

However before trying these sites please check your regional mirror(s)
first by going to:

ftp://ftp.<yourdomain>.FreeBSD.org/pub/FreeBSD

Any additional mirror sites will be labeled ftp2, ftp3 and so on.

More information about FreeBSD mirror sites can be found at:

http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mirrors-ftp.html

For instructions on installing FreeBSD or updating an existing machine to
9.2-RELEASE please see:

http://www.FreeBSD.org/releases/9.2R/installation.html

Support
-------

FreeBSD 9.2-RELEASE will be supported until 2014-09-30.
The End-of-Life dates can be found at:

http://www.FreeBSD.org/security/

Other Projects Based on FreeBSD
-------------------------------

There are many "third party" Projects based on FreeBSD. The Projects
range from re-packaging FreeBSD into a more "novice friendly" distribution
to making FreeBSD available on Amazon's EC2 infrastructure. For more
information about these Third Party Projects see:

http://wiki.FreeBSD.org/3rdPartyProjects

Acknowledgments
---------------

Many companies donated equipment, network access, or man-hours to
support the release engineering activities for FreeBSD 9.2 including
The FreeBSD Foundation, Yahoo!, NetApp, Internet Systems Consortium,
Sentex Communications, New York Internet, Juniper Networks, and
iXsystems.

The release engineering team for 9.2-RELEASE includes:

Ken Smith <kensmith@FreeBSD.org> Release Engineering Lead
Marcus von Appen <mva@FreeBSD.org> Release Engineering
Glen Barber <gjb@FreeBSD.org> Release Engineering, 9.2-RELEASE Release Engineer
Konstantin Belousov <kib@FreeBSD.org> Release Engineering
Joel Dahl <joel@FreeBSD.org> Release Engineering
Marc Fonvieille <blackend@FreeBSD.org> Release Engineering, Documentation
Steven Kreuzer <skreuzer@FreeBSD.org> Release Engineering
Erwin Lansing <erwin@FreeBSD.org> Package Building
Xin Li <delphij@FreeBSD.org> Release Engineering, Security
Simon L. B. Nielsen <simon@FreeBSD.org> Security Officer Emeritus
Josh Paetzel <jpaetzel@FreeBSD.org> Release Engineering
Colin Percival <cperciva@FreeBSD.org> Security Officer Emeritus
Craig Rodrigues <rodrigc@FreeBSD.org> Release Engineering
Hiroki Sato <hrs@FreeBSD.org> Release Engineering, Documentation
Gleb Smirnoff <glebius@FreeBSD.org> Release Engineering
Dag-Erling Smørgrav <des@FreeBSD.org> Security Officer
Marius Strobl <marius@FreeBSD.org> Release Engineering
Robert Watson <rwatson@FreeBSD.org> Release Engineering, Security

Trademark
---------

FreeBSD is a registered trademark of The FreeBSD Foundation.

ISO Image Checksums
-------------------

amd64:
SHA256 (FreeBSD-9.2-RELEASE-amd64-bootonly.iso) = 63db06d3f468d219b308bb3fbc3f48e791134481fb1abf39e9b1ee415dcfc099
SHA256 (FreeBSD-9.2-RELEASE-amd64-disc1.iso) = a8c1751b83646530148766618a89a97009e7500e7057a5cbe3afd74ef480c915
SHA256 (FreeBSD-9.2-RELEASE-amd64-dvd1.iso) = 36c99ac1ffb90f2272df1bf10cafec999fde1b1a6bd289b5583836639c3639ae
SHA256 (FreeBSD-9.2-RELEASE-amd64-memstick.img) = fbc0c46f2db8c347145ee7c8308e4f3058dc5ec3155a9fb51d0f0e52ab2bf5cb

MD5 (FreeBSD-9.2-RELEASE-amd64-bootonly.iso) = 2338f255d0ddc4659d04545a3c27bfa1
MD5 (FreeBSD-9.2-RELEASE-amd64-disc1.iso) = cde180e3c5e3e370c97598a4feccb5b4
MD5 (FreeBSD-9.2-RELEASE-amd64-dvd1.iso) = 21448c2688ba938b42c1727449d69750
MD5 (FreeBSD-9.2-RELEASE-amd64-memstick.img) = 8a7f0ee3cb2570785b2d0a760d99bad6

i386:
SHA256 (FreeBSD-9.2-RELEASE-i386-bootonly.iso) = e2df14515911ab964a587c4ae5e23882c71908c4e589ae57f7848399232c161d
SHA256 (FreeBSD-9.2-RELEASE-i386-disc1.iso) = 76093c27288f0ab939a5de14b621ec8eb1420d96343132c2b7c382747d35b67c
SHA256 (FreeBSD-9.2-RELEASE-i386-dvd1.iso) = a1bba5668792cfc8197c0f81b28cdd17e912a1ae5816887f8518bf1536a99af8
SHA256 (FreeBSD-9.2-RELEASE-i386-memstick.img) = aa635578fea1136da680420afaab21a8e0b7c39541566d28f468d6ebb7a1e3a8

MD5 (FreeBSD-9.2-RELEASE-i386-bootonly.iso) = c868d09dace9ec2d673fd62cbd1305b4
MD5 (FreeBSD-9.2-RELEASE-i386-disc1.iso) = ba7ba7943177aee9626df228fb1ee6c2
MD5 (FreeBSD-9.2-RELEASE-i386-dvd1.iso) = 917104df8d559f2ec981e98bfdf78e05
MD5 (FreeBSD-9.2-RELEASE-i386-memstick.img) = affea2f784472cfbed9d16a6fdeab5ce

ia64:
SHA256 (FreeBSD-9.2-RELEASE-ia64-bootonly.iso) = 138b6f9fe7bbad418db956a53539ff75f77c918aedaf7fcc1d4960aa2ccca476
SHA256 (FreeBSD-9.2-RELEASE-ia64-disc1.iso) = 906cfc5012504501547aa0c89292e66047faaed34f18e79594ab95635c43f6c2
SHA256 (FreeBSD-9.2-RELEASE-ia64-memstick.img) = b178d6466f4b2eb9af0520eb8b434ce98ecab11b9d24bf6ad9478a30f9875531

MD5 (FreeBSD-9.2-RELEASE-ia64-bootonly.iso) = 2ef154556774c55ce0a5a27c7a674859
MD5 (FreeBSD-9.2-RELEASE-ia64-disc1.iso) = aa06455bfd9f54f1257c6b8484e81334
MD5 (FreeBSD-9.2-RELEASE-ia64-memstick.img) = b047ea9791272a4fbc66cd9f401d6122

powerpc:
SHA256 (FreeBSD-9.2-RELEASE-powerpc-bootonly.iso) = 89fea7d441a71b96def24a80815566936b7b6eaab640030ae78518001806d626
SHA256 (FreeBSD-9.2-RELEASE-powerpc-disc1.iso) = b5f5adc9ab2392c2796881553582a1da1cfa99c62b62b57a3325fc7e6a7259c4
SHA256 (FreeBSD-9.2-RELEASE-powerpc-memstick.img) = 3951ab28d6226f9c32a71f6d81d6ad9f9d05c9af5d11cf00118380f6ba20f282

MD5 (FreeBSD-9.2-RELEASE-powerpc-bootonly.iso) = 84ba491526faf1115827ee3c81593f92
MD5 (FreeBSD-9.2-RELEASE-powerpc-disc1.iso) = 1a1f683a69d20419834d056d43c8e3de
MD5 (FreeBSD-9.2-RELEASE-powerpc-memstick.img) = dd959ede1dff0971334d3722db8c8bcc

powerpc64:
SHA256 (FreeBSD-9.2-RELEASE-powerpc-powerpc64-bootonly.iso) = 092fa817a0a44fb49d05ed7aae44d98e78f4e3e0fc6e0297ee0d11ec8f8ccf37
SHA256 (FreeBSD-9.2-RELEASE-powerpc-powerpc64-disc1.iso) = 56daf1f49bff7ee9e31c3255170fe2373c8674cfce1c560e78deff4ae81c505d
SHA256 (FreeBSD-9.2-RELEASE-powerpc-powerpc64-memstick.img) = be87c9edaa0b343a1223ebfb68dd161a023e287e067dd6550198c4ac23d47062

MD5 (FreeBSD-9.2-RELEASE-powerpc-powerpc64-bootonly.iso) = c914b221a8f09ac8d004aa4d7db710a0
MD5 (FreeBSD-9.2-RELEASE-powerpc-powerpc64-disc1.iso) = f471466df756ae85162fb8bb794d007a
MD5 (FreeBSD-9.2-RELEASE-powerpc-powerpc64-memstick.img) = c6b739c889dd94e3ed3ac8ef277ced91

sparc64:
SHA256 (FreeBSD-9.2-RELEASE-sparc64-bootonly.iso) = 76813e3a5b400ea56533a3d5762f76284746a736281b6e1bce882d9f0e2dd076
SHA256 (FreeBSD-9.2-RELEASE-sparc64-disc1.iso) = 0a15095210058fa7c1572102e6af49407462fcd670d28a3af9dfc154efaeb72e

MD5 (FreeBSD-9.2-RELEASE-sparc64-bootonly.iso) = ae21e0dc63aa0d6327f44c733705c055
MD5 (FreeBSD-9.2-RELEASE-sparc64-disc1.iso) = 7ce9c00d4b6e23124062cc2be8b56a74

Glen

[USN-1980-1] Vino vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJSSbP8AAoJEGVp2FWnRL6TgO0P/3RBr6WmqiHzREVooz1SSARW
87506WTl7lhKvB6/icUolbwsojAPi/KuQJLmlPX88AO3kYzk5eZbeaxQkKp/s8k7
WukGhXdtvHNR01IPnTSsdMWnq4RkTVP+zQAvoHuSe1jeBVWOA7z7rvgQJFIiFCs5
E0qch1OAxvqhleF6GphA4vasD2D5RO98fPOyJECTAOrhvPNu0tpqVpMNchLt8+CR
K6WtKW/7JyYsguNJjMHwyVp6MHTD48e2rBtgRq85CehpkWTsykPe2ZDyqISB4SR2
72K+RFN8hyzO41l5t4GP0EwYBvuqOorRzGsHRsmlJQKRIex3lD6QCAloyb7bu2IB
j8yTwXwVkRFBP8G12Z14brwoJF7gFfT9z7IdtFgYqfMr4EvxRmv2IrPIMvWqzRH8
IkuX03QCWKON7O/KgYNRDbvt9ujKo4OiM3xJCeuyMrVhNP4+skDvP3yBIfxDgzl/
iW+lnhs3K0p4IMXX8BVeKm5tKpZwJ472zYXTJE0W97MPCGOAK38IIgwZZ7TSrmae
1bK0/xWe/T07YAN6V1UW8asde5bMvlSXoLLoUcoRsRWd9qHpRJvDqKiatepLdXVk
3FYt8GmdofhIFk6EWigPlvtybbUTxX/S1M0tFkwgWAHgigL55udTlD2XjdNSdzC/
gIODjC9nUagmD/XKHE+f
=lGNm
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1980-1
September 30, 2013

vino vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

Vino could be made to hang if it received specially crafted network
traffic.

Software Description:
- vino: VNC server for GNOME

Details:

Jonathan Claudius discovered that Vino incorrectly handled closing invalid
connections. A remote attacker could use this issue to cause Vino to
consume resources, resulting in a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
vino 3.6.2-0ubuntu4.1

Ubuntu 12.10:
vino 3.6.0-0ubuntu1.2

Ubuntu 12.04 LTS:
vino 3.4.2-0ubuntu1.3

After a standard system update you need to restart your session to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1980-1
CVE-2013-5745

Package Information:
https://launchpad.net/ubuntu/+source/vino/3.6.2-0ubuntu4.1
https://launchpad.net/ubuntu/+source/vino/3.6.0-0ubuntu1.2
https://launchpad.net/ubuntu/+source/vino/3.4.2-0ubuntu1.3

[USN-1977-1] Linux kernel (EC2) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJSSbPwAAoJEAUvNnAY1cPYadkQALbspws7Sd4Ue0OxOlC3U6Gz
Z+D3X9z3vNpnwKxbz/vFZxsk5OLGL709Quo/ATyCe5jcG9cq+96JRj8DCJppYwie
bPWDwOo3X4CMqhEi1TCj0orAyh6FFSsqQop9zF9ykHksAVN2bZ989DR6EultsXF1
ANCF1ISRQhFFf1rpm+bMWLuENaWrc9+/p/ACVy3QE16CaUIig4EcXMSlzw/GkgQl
tJxjiKNy8Dtt9QJO4u8VxHcuTGysJtTMCjj8UGGWnqQ+03Z3svWqWKBCv1f57YkE
nrNDXDmGK3ClMEgjq0myflTO/mhhSLqfrAY+B6YxTgNru+ukiP9nNmhecSx4JIfs
7bpfsbcgPMnNy0u7Ip3pHLQnGYMaAiGcmE1BUu/bH21CP6dNEGFlP3O0qOG88XyR
lwteeX9pvoFLzd/ZFSiEpgWD+QVB5hl4468cJvrtkVamza+R9pA4OPPwyQScW5RA
lejAO4gqxceMQdTocUmjo4hl6MZR8dUsb4Q9j+BoXvnvDgMhGezLoMOQufQytlvu
NRQmXInEO+pfqhSecV/3W4S/orWmw6JHKA8opRlbbo4Go3cBo0bu5R244P+wYtns
o4s1ENH+9Mw3HSA7hQRFvyiKKZdFYaiixCTZ14mZTfiBfYM09EEOmq6LIhK7uERj
pO8FqmLZKXBC9aMBN18D
=cPl0
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1977-1
September 30, 2013

linux-ec2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ec2: Linux kernel for EC2

Details:

An information leak was discovered in the handling of ICMPv6 Router
Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A
remote attacker could exploit this flaw to cause a denial of service
(excessive retries and address-generation outage), and consequently obtain
sensitive information. (CVE-2013-0343)

Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of
the Linux kernel. A physically proximate attacker could exploit this flaw
to execute arbitrary code or cause a denial of service (heap memory
corruption) via a specially crafted device that provides an invalid Report
ID. (CVE-2013-2888)

Kees Cook discovered a flaw in the Human Interface Device (HID) subsystem
of the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled. A physically
proximate attacker could cause a denial of service (heap out-of-bounds
write) via a specially crafted device. (CVE-2013-2892)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-357-ec2 2.6.32-357.70

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1977-1
CVE-2013-0343, CVE-2013-2888, CVE-2013-2892

Package Information:
https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-357.70

[USN-1979-1] txt2man vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJSSbPqAAoJEGVp2FWnRL6T/sIP/jPNNSRk0x6Bts7V+34ZSh0a
b9rO7soBzpQt6Vwe1JLArrPagDNDatzZL7zqjrLEj2BXiUMHXjaEyz995J+OZ5KH
N5MbQP6r9eIMNxl8o08SHjB5J0mjl138LDe7o8TKbU2aNvy7DW7/4k3lOOfBL/ft
GmnejjZDsvpw+jO5sZQlQ+tGffl3pz3kizmvRB7Kh/mSIvlw5dDOWqqc7zZyJu1C
satIFhKAZcW3zkhe/ajk1QYmAGGv0JcuGUw7xIUN2bYSPA47UhgD+AroCoZsKB2z
mLKXy0pYcQck4mNoOeX5b4Hxft39cK4SjRteZgarj2pXt4dkpaJuTuAq/F3wJbcz
SY9ek4YtDEfgDiaqBhtTAgzVoANO5q56zRoxfDWPIBXWJPq8EgZkBINu4MvqxzUc
UIuCpDFMPLxeOYEQ3y3P4Uw3iumHOziGdH4v0nqZXqzDRFFyZMsGnynwc2pqlorZ
Nb/btQb4+eY8ZoSA3r6yGqQu6UW2EHTl9uACUuDUGl51YcVGswDuC/XDpc7QtbXA
yceeBIWBxvPa77lPnYxL+Zdzo4F8lRYGivQYRgWEJgdN2n8+RQSj/fpgTuMAt6FR
/8n3F5+UUxlY/vnZKLkfqZFrzfyWcsgy32IGN7tOJHGZOQMY5/lCjghZBKCnEw00
uFrfpWI1Tlzt7SXV2+fd
=DUqr
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1979-1
September 30, 2013

txt2man vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

txt2man could be made to overwrite files.

Software Description:
- txt2man: Converts flat ASCII text to man page format

Details:

Patrick J Cherry discovered that txt2man contained leftover debugging code
that incorrectly created a temporary file. A local attacker could possibly
use this issue to overwrite arbitrary files. In the default Ubuntu
installation, this should be prevented by the Yama link restrictions.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
txt2man 1.5.5-4ubuntu0.13.04.1

Ubuntu 12.10:
txt2man 1.5.5-4ubuntu0.12.10.1

Ubuntu 12.04 LTS:
txt2man 1.5.5-4ubuntu0.12.04.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1979-1
CVE-2013-1444

Package Information:
https://launchpad.net/ubuntu/+source/txt2man/1.5.5-4ubuntu0.13.04.1
https://launchpad.net/ubuntu/+source/txt2man/1.5.5-4ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/txt2man/1.5.5-4ubuntu0.12.04.1

[USN-1978-1] libKDcraw vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJSSbPLAAoJEGVp2FWnRL6TRc0P/0sBzeo+DGPxG7NFHH0d0mdQ
KX5bZ1ZfzAng/tdD094xNWv1/qYwDoD33wp0AJRswSYHZspp/DFCVjhI46spPO4m
7n5LKBBjOvQQX1e543jvNhRiPKkI64x2y+o20/A+Inog8JgipkaW8Nch9cgaD27V
42/k4CHXYPH4D8feXaSIrhshOugpk1UVz+SoqzTjQbnlQxdRgPBAfvT/sn70LTZt
PuDltn2M8SoqpfRDojOvdg5Wfz8W0ghVSag3aFXUfbMPKpr7zixClx3UIQO3yQMk
acD3dh9eKphw2NAkBOgnzEMQsQ9NCN2jmjr3VZ2jKnh+CDP6kD9Mt6FQeaA1MnXq
DuM5nsw1+sD1uWZ2kwCGy60DeyAPufUgyqOCkZ8p8R6f1GcS+XpvGSAOzJOmi+t0
yomMtVwPeqjqnG4DXAaAyjY6FCzmxqR7HLa8CH63aEzSt4xuNRCAu8WvEfrXg8SV
p/t+Tqcxh6bO14pOcZ3AM6zhRka5y3Lp3E9b81tcF/AOWj45W1q7Jk29JTjV2NRk
m4O+KFCe4vblY/Ifzzk2O6xieKIXhjS4Zcr5I6LSqbC347Zjme7vbW5lALsRzsJn
u6Cftt/MXoDM3TjZFxFIup1DqZIjwrLkiL0WPfAUPLn90TmsypAx5qLhAF3RR49z
GRK4PVpeEp39Z2LvsRXS
=/F5T
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1978-1
September 30, 2013

libkdcraw vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

libKDcraw could be made to crash if it opened a specially crafted file.

Software Description:
- libkdcraw: RAW picture decoding library

Details:

It was discovered that libKDcraw incorrectly handled photo files. If a user
or automated system were tricked into processing a specially crafted photo
file, applications linked against libKDcraw could be made to crash,
resulting in a denial of service. (CVE-2013-1438, CVE-2013-1439)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
libkdcraw20 4:4.8.5-0ubuntu0.3

After a standard system update you need to restart your session to make all
the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1978-1
CVE-2013-1438, CVE-2013-1439

Package Information:
https://launchpad.net/ubuntu/+source/libkdcraw/4:4.8.5-0ubuntu0.3

[USN-1976-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJSSbPPAAoJEAUvNnAY1cPY8eIP/RCqi72GTWXmqnpZanLvYZ+r
MxDDAYfkBpyzNLkruahTFwdXFG5CYq0Zw2OS+9llUs9AgtjccfWFEdzuyHkHaRwe
dPE0qmNRi/OTfwVEFTi8vdqXm4LijHzy+jR+KagRie9/Gp6xzXTwybw9kzS/T5rw
/NcqHgUNX9czKwclqWr67d0gbgCpnNHkcyF3F/XrIi4Aqojw0Ge660MSV83BSRG+
6rn0MnI842SVuPS/6pq9X0XgVfoPbNYf8lFrrO4usHupTeR4IrxFbcmjOcCoC3f+
bqgT+L9P9UYFBL3chPcNDyunrecLMgWD35JuOmS04ar7XadS8sHpMrFX57q1WJQK
hZe2x24gnNMwx6ZOsE3kfRNYcm1H1OW/a0/R4hdf5MpZMNHLSITe8O052vzYMrxT
4qZctvC4nzi7aqIDU0iiRKjGAtJWYmdj1Wi5MkSkjda1C8biKH8cQRbc98Sic+ve
6hhNGlyeYqjmrSNJdd6fA1TAvsGYk7P7aQ9cwqxJsOpJPDunf3MPOcBaz0uUUyp7
pN7oK8MzPkE96M+qv6hm9ZCV9oelHuPIhkBa2XTfAjj/qaRHg66aPY14s2XF2kwR
hkkz2ztpcrEUrDnk/lp6IzfTS8tkkVnDUOx8c/+cgF//2AWXOnnpeRtMGBkv3pqW
nK+GhbyxGHVLBRd/B4NJ
=vVsT
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1976-1
September 30, 2013

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

An information leak was discovered in the handling of ICMPv6 Router
Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A
remote attacker could exploit this flaw to cause a denial of service
(excessive retries and address-generation outage), and consequently obtain
sensitive information. (CVE-2013-0343)

Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of
the Linux kernel. A physically proximate attacker could exploit this flaw
to execute arbitrary code or cause a denial of service (heap memory
corruption) via a specially crafted device that provides an invalid Report
ID. (CVE-2013-2888)

Kees Cook discovered a flaw in the Human Interface Device (HID) subsystem
of the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled. A physically
proximate attacker could cause a denial of service (heap out-of-bounds
write) via a specially crafted device. (CVE-2013-2892)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-52-386 2.6.32-52.114
linux-image-2.6.32-52-generic 2.6.32-52.114
linux-image-2.6.32-52-generic-pae 2.6.32-52.114
linux-image-2.6.32-52-ia64 2.6.32-52.114
linux-image-2.6.32-52-lpia 2.6.32-52.114
linux-image-2.6.32-52-powerpc 2.6.32-52.114
linux-image-2.6.32-52-powerpc-smp 2.6.32-52.114
linux-image-2.6.32-52-powerpc64-smp 2.6.32-52.114
linux-image-2.6.32-52-preempt 2.6.32-52.114
linux-image-2.6.32-52-server 2.6.32-52.114
linux-image-2.6.32-52-sparc64 2.6.32-52.114
linux-image-2.6.32-52-sparc64-smp 2.6.32-52.114
linux-image-2.6.32-52-versatile 2.6.32-52.114
linux-image-2.6.32-52-virtual 2.6.32-52.114

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1976-1
CVE-2013-0343, CVE-2013-2888, CVE-2013-2892

Package Information:
https://launchpad.net/ubuntu/+source/linux/2.6.32-52.114

[announce] NYC*BUG Wednesday

* Wednesday, Oct 2: Boris K on "A Year After Sandy"
* Wednesday, Nov 6: Moe Nasser on "Regular Expressions Fundamentals"
* vBSDCon
* BSDNow.tv
* NYCBSDCon Feb 1

****

October 2, 645 PM
Suspenders Bar
111 Broadway in Manhattan

Year after Sandy, Boris Kochergin

In October 2012, New York City was befallen by perhaps the worst natural
disaster in its history. This meeting will consist of a first-hand
account of how, situated at the heart of the crippled financial
district, with no working infrastructure for miles around, New York
Internet operated throughout the storm and its aftermath.

About the speaker:

Boris Kochergin is currently a system administrator and programmer at
New York Internet. He was a network and system administrator at
NYU-Poly`s business incubator at 160 Varick Street (consulting), network
and system administrator at EmPower Solar (consulting), network and
system administrator at Ecological, LLC (consulting), and programmer for
the Long Island Solar Energy Industries Association (consulting).

****

vBSDCon is coming up on October 25-27 in Dulles, Virginia. Are you
going? Interested in coordinating travel with other people from NYC?
Feel free to use talk@ as your tool.

****

BSD Now is a weekly BSD news Podcast. Episode 004 is out, and it's
definitely worth checking out at bsdnow.tv

****

Details are forthcoming, but NYCBSDCon is back. It will be held Feb 1
in Manhattan, and will be a day-long event focused on BSD in production.
Join the NYCBSDCon mailing list at lists.nycbug.org to get involved.
_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce

Friday, September 27, 2013

Planned Outage: Server reboots/Migrations - 2013-10-02 21:00 UTC

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (GNU/Linux)

iQIcBAEBCgAGBQJSRcutAAoJEEs3sNgP+7te1KgQANYIYpm+1gibD39jyeHuR9YT
fOiQ9Oec9SA3BQZLqU99B5TU0ukkmtzb5OUbqmm+9wkTj5/RtoV9fSVgFTYRiEr0
fINef33wqReoWcfPX5/KDz73MsDjxkiPu61HWsHDxdFi/JHCJbZzm5l6LuxJQ/IF
SoqyYp1Oli3XN1tVgx0qUrVzXE33m9AC0+rP1aD8eQxTqxZ9l+o59NY6PTB5mXMd
UWioT/L7dOpSxDLhdt6FL/UOiSZZsZ5MnvgASTjtbKbw7NOuVG0i/k1O/7a/ig6o
Ftb6R48rL4FmzwOzwoq2aVJWXBWaeiKDvrG2PrpEJH16rh77UXs+ungb2nID173d
mQNia48xM0zVw2GA5gu34pQ7XsM9GpVVpzKIVlEepF8jEkbbgndEUPSEI4UHWUNX
7xkfLaGC3LouEt3FWTjttNTlr2wleFl69YlODI9qCOQpzsHZlvRqiSIu9QtV2yaZ
Uevz7ntd3Z97HdYiKwe+NdfUqWMkNI3UAccJRPVN8+P9ZwFmzyFXyXpctzhF7Uyl
aqZa22twkJiyOUv1ZfXotoX0Dtuhl1z2b6YRinsdn5WIBzr/qYmahkQqJ5T/h5o5
U+PnsSXzyIxBou7bv+6ww/fmCyUpoBZUroqShLawbpGrL/BNPa2ASDFW+XJs9Mpq
ObYAPg4ZXHyitX4dNNFz
=tZBA
-----END PGP SIGNATURE-----
Planned Outage: Server reboots/Migrations - 2013-10-02 21:00 UTC

There will be an outage starting at 2013-10-02 21:00 UTC, which will
last approximately 3 hours.

To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto
or run:

date -d '2013-10-02 21:00 UTC'

Reason for outage:

We will be updating all servers to the latest updates and rebooting.
Additionally we will be moving several virtual server instances to new
hardware. During the outage window any of the affected services could
be down intermittently. Where possible outages of any particular
service will be kept to a minimum.

Affected Services:

Ask Fedora - http://ask.fedoraproject.org/

Badges - https://badges.fedoraproject.org/

BFO - http://boot.fedoraproject.org/

Blockerbugs - https://qa.fedoraproject.org/blockerbugs/

Bodhi - https://admin.fedoraproject.org/updates/

DNS - ns-sb01.fedoraproject.org, ns02.fedoraproject.org,
ns04.fedoraproject.org, ns05.fedoraproject.org

Docs - http://docs.fedoraproject.org/

Elections - https://admin.fedoraproject.org/voting

Email system

Fedmsg busmon - http://apps.fedoraproject.org/busmon

Fedora Account System - https://admin.fedoraproject.org/accounts/

Fedora Community - https://admin.fedoraproject.org/community/

Fedora Calendar - https://apps.fedoraproject.org/calendar/

Fedora Hosted - https://fedorahosted.org/

Fedora OpenID - https://id.fedoraproject.org/

Fedora People - http://fedorapeople.org/

Main Website - http://fedoraproject.org/

Mirror List - https://mirrors.fedoraproject.org/

Mirror Manager - https://admin.fedoraproject.org/mirrormanager/

Package Database - https://admin.fedoraproject.org/pkgdb/

QA Services

Secondary Architectures

Spins - http://spins.fedoraproject.org/

Start - http://start.fedoraproject.org/

Torrent - http://torrent.fedoraproject.org/

Wiki - http://fedoraproject.org/wiki/

Unaffected Services:

Buildsystem - http://koji.fedoraproject.org/

GIT / Source Control - pkgs.fedoraproject.org

Darkserver - https://darkserver.fedoraproject.org/

Contact Information:

Ticket Link:

https://fedorahosted.org/fedora-infrastructure/ticket/4030

Please join #fedora-admin or #fedora-noc on irc.freenode.net or add
comments to the ticket for this outage above.

Planned Outage: build system reboots/migration - 2013-10-01 21:00 UTC

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (GNU/Linux)

iQIcBAEBCgAGBQJSRcuNAAoJEEs3sNgP+7texYcP/1MsoQJXDqh2ozIECjGTCH3z
XTzaXu4TEzJP7DR26YghYjoOBr/OPFxY0XWwZmwskfODysP6RAF2SWyTzHDtOz15
BDWSVF+dlOENSp2iKtj9ujWO02r4TS0EZxkiqqVgz3IAYz07eS8SV8etny+9Da0p
YtYaNjrvyVdJiy0gP5z9Rn4JtGqCnZFGHfTko+dW7h5vVa/YY52Dhd6ps8Eu37C7
iwyHR/77AN3l5bHAEeyD5LCfIjI1dcAMhohmMFx4pMbTRMRV7gmP6fF/qfITOu2/
M9aPOOJWxiEhH+RapcW9fEMtJ4sLFwwwef+fH8EbqFhusT7WdWkOCl9X4xq+pKdj
TGKIXeJAYa8NdgjFKs+SD4KhiUIM7pXn22rGUSat1XwYoDrCSRRQ+j3mWcOUxn2T
+EbJN6Ld9swpswutBe0Wjd+Mw+pXADingAz0VIeC2c3IDPclp1SK2NSD56LbqLTV
UK2f7IktaKXJKT9HmtOimNnMF+pOt0b3MXg2eqJ7fquEUk//7/y0prhROXGE24ku
KqTd8/UWJarMl/j9pAimp05Z/FXj4bGQ4LUHYljS78AwYIscjMz5epXU9d6agW1K
y41BY4nmiFuQOVAe5mKoUfN2yMUQ+TdbaMheCOebLItiliQkjCCzO+/eyA66eIjC
dDQgrcMORRUm4ws2KOhB
=RnWG
-----END PGP SIGNATURE-----
Planned Outage: build system reboots/migration - 2013-10-01 21:00 UTC

There will be an outage starting at 2013-10-01 21:00 UTC, which will
last approximately 2 hours.

To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto
or run:

date -d ' 2013-10-01 21:00 UTC'

Reason for outage:

We will be updating all build system / release engineering machines to
the latest updates and rebooting them. Additionally, we will be moving
the pkgs lookaside cache to new backend strorage and migrating 3
virtual servers to new hardware.

Affected Services:

Bodhi - https://admin.fedoraproject.org/updates/

Buildsystem - http://koji.fedoraproject.org/

GIT / Source Control - pkgs.fedoraproject.org

Darkserver - https://darkserver.fedoraproject.org/

Unaffected Services:

Ask Fedora - http://ask.fedoraproject.org/

Badges - https://badges.fedoraproject.org/

BFO - http://boot.fedoraproject.org/

Blockerbugs - https://qa.fedoraproject.org/blockerbugs/

DNS - ns-sb01.fedoraproject.org, ns02.fedoraproject.org,
ns04.fedoraproject.org, ns05.fedoraproject.org

Docs - http://docs.fedoraproject.org/

Elections - https://admin.fedoraproject.org/voting

Email system

Fedmsg busmon - http://apps.fedoraproject.org/busmon

Fedora Account System - https://admin.fedoraproject.org/accounts/

Fedora Community - https://admin.fedoraproject.org/community/

Fedora Calendar - https://apps.fedoraproject.org/calendar/

Fedora Hosted - https://fedorahosted.org/

Fedora OpenID - https://id.fedoraproject.org/

Fedora People - http://fedorapeople.org/

Main Website - http://fedoraproject.org/

Mirror List - https://mirrors.fedoraproject.org/

Mirror Manager - https://admin.fedoraproject.org/mirrormanager/

Package Database - https://admin.fedoraproject.org/pkgdb/

QA Services

Secondary Architectures

Spins - http://spins.fedoraproject.org/

Start - http://start.fedoraproject.org/

Torrent - http://torrent.fedoraproject.org/

Wiki - http://fedoraproject.org/wiki/

Contact Information:

Ticket Link:

https://fedorahosted.org/fedora-infrastructure/ticket/4029

Please join #fedora-admin or #fedora-noc on irc.freenode.net or add
comments to the ticket for this outage above.

[USN-1968-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSRZJ2AAoJEAUvNnAY1cPYIM4P/iQ1pwfMgCVBAlyfMhZA2CwU
kQwDhJmefLJBrdSX5NsMpA46Ko9ZvFbcPFP4DPuzcTKX6Cbq25LrTzQ3dg/h4r98
VOL1pJwsp8cmD5ROC+4U3Q53RFcDBDWKf2lf0x9JJC1xsN9vlWCgNdGJQf2Fsfqi
ofQRSK4w88NYKgv4vOFeOE2YFOlzb9Nd4hZh7mYDBg8sJK2FdC+uJayDtxJnvYHp
jS5XNtsvLZl74BrGWIPIvN51vNBp0SNFqwc3CoD4GLeQs6Wa6OCBgouLWHpRPH7l
QM8E4dnvVbdjjgdIkTBjgTMSYzCCSkffm/FAzxnYEZAEvl1laH+xapD0PAtGomLA
Oi4PwrKAFcMwMmKg0UEhfopDzM4PWKY+ATfZpm3075UjKzmolIvbIwhVsJgsHFgd
Kb/37FnXx8ZL+QKh558CUloALSV0klqNWnPWisEo97awmnnMv8D8TV4iNcvA/3er
75RYt5kbQ17lnr02c3WPBjYtEuYnK5/m6a9cR8Bg4HtfXukE3YZG1OhpJFTJySw+
6OZRI/mXK8v/+ekFA6CXS90E7iu4YilKHT5aP8T4fQmdVidvi3nFcCNcuA11WiDK
M7ZH6C/Ts4iu6YyZu2M1HX57A5mme3jX/eeHKfRYPpryj95HldCGCeFa7jdofd0Z
iWWTRpvLWlpw5+6gJG+f
=YLSA
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1968-1
September 27, 2013

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on
ARM platforms. A local user could exploit this flaw to gain privileges or
cause a denial of service (system crash). (CVE-2013-4254)

A failure to validate block numbers was discovered in the Linux kernel's
implementation of the XFS filesystem. A local user can cause a denial of
service (system crash) if they can mount, or cause to be mounted a
corrupted or special crafted XFS filesystem. (CVE-2013-1819)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-54-generic 3.2.0-54.82
linux-image-3.2.0-54-generic-pae 3.2.0-54.82
linux-image-3.2.0-54-highbank 3.2.0-54.82
linux-image-3.2.0-54-omap 3.2.0-54.82
linux-image-3.2.0-54-powerpc-smp 3.2.0-54.82
linux-image-3.2.0-54-powerpc64-smp 3.2.0-54.82
linux-image-3.2.0-54-virtual 3.2.0-54.82

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1968-1
CVE-2013-1819, CVE-2013-4254

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.2.0-54.82

[CentOS-announce] CESA-2013:1292 Moderate CentOS 5 kernel Update

CentOS Errata and Security Advisory 2013:1292 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-1292.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
a7e10caacf1fdd1e08e144495e71fe0e94f2310999603a90b89468e95bc84378 kernel-2.6.18-348.18.1.el5.i686.rpm
1b7276db4b4052672e8e02180c34547443ef98ef8fa7e1201ab65097c95133b1 kernel-debug-2.6.18-348.18.1.el5.i686.rpm
a7d7519839ea65828797fd5952bdb57d618ce4cedc8426af71c1c7609efe9db5 kernel-debug-devel-2.6.18-348.18.1.el5.i686.rpm
a5b4abe506beec8c7d273ff6a7eb1f0e902b5c4bd5bb71c0f46f1f8b3a38e7bb kernel-devel-2.6.18-348.18.1.el5.i686.rpm
79a4d84b1bba491e30e2c328a8369b5cb47ed0fd3cade4b895df8f33f940feac kernel-doc-2.6.18-348.18.1.el5.noarch.rpm
78908ea2f130e05f3eb374035b64f1f7fb094ec5d5d0c534981e3c1e041c3c03 kernel-headers-2.6.18-348.18.1.el5.i386.rpm
5e3b1755b02ee7f592908f85219d74f56d1d15690c8d8f16efcfef6f7356d410 kernel-PAE-2.6.18-348.18.1.el5.i686.rpm
61a8ad1bc7bd51e3de4564907ec8b5e0827bed7caed0280eeb4971affa6b1b27 kernel-PAE-devel-2.6.18-348.18.1.el5.i686.rpm
4c62299cf2b2f40ec498a8c6205627512a807c44c17be16748a328b9908e3b23 kernel-xen-2.6.18-348.18.1.el5.i686.rpm
8bf1ba60e90222113cf2599fe7a16a9125817231319cfbc4e26a5174af0c6e76 kernel-xen-devel-2.6.18-348.18.1.el5.i686.rpm

x86_64:
3de38207deb3d1a3ffb4320f1306c0600c3d00ea30ec60a18ad2651020b5b9cb kernel-2.6.18-348.18.1.el5.x86_64.rpm
183f34a264e9901700dd89521c891c14dbd45d9aa5ce3e2597df324006281bf2 kernel-debug-2.6.18-348.18.1.el5.x86_64.rpm
8944b1d2d73d91964dca2a80d84f17e1cc88b0e645d51e4c8159bdaa95d4f2a3 kernel-debug-devel-2.6.18-348.18.1.el5.x86_64.rpm
567c562993a1a9419d476267d7bf64471748219d6f13687b850f1b89b842772d kernel-devel-2.6.18-348.18.1.el5.x86_64.rpm
79a4d84b1bba491e30e2c328a8369b5cb47ed0fd3cade4b895df8f33f940feac kernel-doc-2.6.18-348.18.1.el5.noarch.rpm
9fca88447fd4e506e468d331a57dd04e9294757bf31ae7e6fe2d676605fa4540 kernel-headers-2.6.18-348.18.1.el5.x86_64.rpm
d3c98ef6884f552336fbea906e17478a612dbd63d521460f6acd8618b7c3e85b kernel-xen-2.6.18-348.18.1.el5.x86_64.rpm
902f0e407a109476bafcb412a3f59dcfe44c73d353188eec6c9debaece519105 kernel-xen-devel-2.6.18-348.18.1.el5.x86_64.rpm

Source:
a0d99df8dfcbcb99a9480c785716304671c0b63de2b9018c9eba21e277ae38c0 kernel-2.6.18-348.18.1.el5.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[USN-1975-1] Linux kernel (OMAP4) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSRYUWAAoJEAUvNnAY1cPYVsAP+wWemiWWWvkPyZt/OCxzExKG
kXaYQOTX8jCo6recQnFYf6PcDc5s151RIlTvEkjLUvZVTuvBs9etir7u8TZQF6tH
xpk5oge1JcMbn9xnE/xzSSTsZ1Sw7qM28dxdBQaIQLniW4F1ol3z0VgvYXM2RwK2
xwzBTZLCLUY0pFGDVN9EwcY0oNvQ6yl3ESA/fDfXidREkKqoHi3baFWAHXbswHO8
P04xNgnI9F+JtfmtTvfpnpj9vfxNKfMdpN6ETJWz0JJb1hrtP50qId7iuotFSdHw
nOj5mLBASRpwDYwg1Rg8ltHpDS4mCNDarb4CmIoFXSs27pnwEK7o6HpTA9kcNrKU
0uSjHpA7YgBlNJCfAILUNaSfMRUyVO5TY5+NzlPKvQ/gmQjO9DKkCMHKChY7X0O3
iO0+w3P5gXhlPYtfuXGMpDS4GS+wwB4NjBw1a/TX2KAvcosYVWDWL1T1X1JtbtMm
Izl6MaCnW2agOzjJn4Zr6tZeepcCHaN4HLeiNP9csGe2+36pENChNRtVW1rpKVUD
6C2Z/718h0YZmsSxE+WBAyCKrkUzOlTZzHYIYp0rFjSFUhmbcRZSRt9Ehso5pzDm
RXLCgqpjnB2g6BWhO/Tf6Nor4lj6qY+c19MN/eVzVeHFblD0BpIU+UbSNC3uFh3/
gFR2kSMEXd16qVyfCUXz
=FHFT
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1975-1
September 27, 2013

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on
ARM platforms. A local user could exploit this flaw to gain privileges or
cause a denial of service (system crash). (CVE-2013-4254)

A failure to validate block numbers was discovered in the Linux kernel's
implementation of the XFS filesystem. A local user can cause a denial of
service (system crash) if they can mount, or cause to be mounted a
corrupted or special crafted XFS filesystem. (CVE-2013-1819)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
linux-image-3.5.0-233-omap4 3.5.0-233.49

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1975-1
CVE-2013-1819, CVE-2013-4254

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.5.0-233.49

[USN-1974-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSRYTxAAoJEAUvNnAY1cPYDdsQAKIYvC41BxLYJFMFpdxF7Mlb
ZWI7byDQsnerEoNdMuuRDZms1zYQ1aLYZJiowSey2I/PgEVNgR5+plaC/xvTK7zd
zS6lFOTY9msCI2ro5Y7GeyklahDEEs/eAojbIjqSv50sX2YOA7oufmpMtnMZhkN4
qJJtHUphAxzY8OinSP6AdH2YBQ4r8VfzlDw3MpuP0sxauDOgiAJ1nWUcqsQe9zkq
traA77UGzDtvC5F1CMsgcV2qx+XwUL9NCIZ+WVY1zMsZsBScLAxDSle4WthcKc+i
DgwYk6tQiv0icMOTbRKHF9Kmg835GyStaUOqeejykxqXlm53nQBuBXwalj+Ic/XP
WLva4GZCOHNbRJley3/UMFXVAFlkwsjybCBTAKwzKf80Yct8Gt561QdJC8kSUAdu
uW7AMExaTq5KTiH8UQQ/hq7aTK1QEW/E1aOOdv0Q4A+KwGMJyH1lxVE/8lz4/6Ap
/iYtElWe5zJ7F6trOJNQ1guK3edB1YvDBMsmiz6wrC+yUnaBHgGCBp7M+tFn4wqB
8XYNuyEBovMEM+cbdzvHdQIqRiuYKWJZJYq3MlZ0Xizd8cp5jlj27XDYdRgMrwm3
phj5YHeo3FP81HeGQwW77J75xHRClrIOhDg6f+d3lg+1QeL5a6xbT2qBRyQmPiql
6WiwpFvN2SN6tapbGO+2
=ypdj
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1974-1
September 27, 2013

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.04

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on
ARM platforms. A local user could exploit this flaw to gain privileges or
cause a denial of service (system crash). (CVE-2013-4254)

A memory leak was discovered in the user namespace facility of the Linux
kernel. A local user could cause a denial of service (memory consumption)
via the CLONE_NEWUSER unshare call. (CVE-2013-4205)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.04:
linux-image-3.8.0-31-generic 3.8.0-31.46

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1974-1
CVE-2013-4205, CVE-2013-4254

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.8.0-31.46

[USN-1973-1] Linux kernel (OMAP4) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSRYTWAAoJEAUvNnAY1cPYN1gP/jA6K/VXYpUlocEukakJzJD7
YiB4/UcVGrsrzpJTrpe7F/nXNkMgnyFG5ofOKT3b+NltMecpGj3tEdFBXyjYVMpc
ZCYOJpuFSNXae5HB792PJqgjqsr4BgK32OaxoKXYP9BqBj1DeQnzHc8AKgsO5QO2
u9+EOhvlvel1MX0Mc9T0feuqdQcGeb+0tcA15H5U6z7cPnY8Wu1l6nui5V5RHchu
NfjZ8tdjfH2PTx99c1ouDxo8TB9OutG12959ePE4D8jaB9wI+NyAjXBqcMxsSG/0
9RYhs/8w1aJ/yntjJkgaDRNGpNq3XODmFjDIpnUWMg4IfzenOqvO+UDlmHTNJ6PH
A7Dj158YADPn6Juavt9q/jE4oAZPI4UVDgvkqtqJ6PpUN8r/zfviWJmX1dp8G9II
y+LEFazJsu9W89FNV5q29rtzQT3nSCqrfcqc1++L0r5yfE3yp7i6dE7Nphlarmnm
218Isb8I5YpPZH+J0WqU3429jhS3HUqNTZrLCwyHy4PknEJXf9GEfp9cBjdblesi
yr7XpjaB6vt3lS6561+wG0FzW+EYpPq224Z9fCfW+kZwWEk0H/KBy0tQqYqMw5Dk
fjfB5fNlw0/mj2+sWwfvXohrMNFBM+y1nxNSGsS8w5XM+Bs+TP1QOSBkEYVfU9Jm
u0PoIIjCH5qApVtH60C/
=3sWc
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1973-1
September 27, 2013

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on
ARM platforms. A local user could exploit this flaw to gain privileges or
cause a denial of service (system crash). (CVE-2013-4254)

A failure to validate block numbers was discovered in the Linux kernel's
implementation of the XFS filesystem. A local user can cause a denial of
service (system crash) if they can mount, or cause to be mounted a
corrupted or special crafted XFS filesystem. (CVE-2013-1819)

An information leak was discovered in the Linux kernel's IPSec key_socket
when using the notify_policy interface. A local user could exploit this
flaw to examine potentially sensitive information in kernel memory.
(CVE-2013-2237)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
linux-image-3.5.0-233-omap4 3.5.0-233.49

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1973-1
CVE-2013-1819, CVE-2013-2237, CVE-2013-4254

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.5.0-233.49

[USN-1971-1] Linux kernel (Raring HWE) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSRYSaAAoJEAUvNnAY1cPY4zIP/3qA2+o0SdoN9o7Abxt/yksX
UqtPL9c6NSeJL/pC7cvnOxBAHXKNKvumVkRJtvANakHjY6XSJN8TS5QVAUPJMCW4
Ww6DKum6nyUJktV0g+dGKKrBcUnxtCOpW4h7agzS+c2jR6Nc8knNoCddMAjZ7QTu
NybM6+rtwI2TUrNn211B+HdAAY5dTurxQmj+fUa0gtN2wbVjQ7XG5Kt38YG//R87
Bq4Secnq6jkubm89ML0lIfEucocqmvt5rzHnWLD03VMAoQSbxiOcjehddzKbVXZ1
bVNGD2qsYxQk8bLDtM8hD9pnw48vPRHQV2lx6bj0Jy0RehF++SrM4Q8RAkXvKQqu
z2ZyfzhrjcA2mizLsAhMY2CB0K26f6BhHkRkWayY7B7/t1khCZcjTa2CHE2Y24K4
OfVOCdXJR4QDy/uyW51GHIx7jMcPL2j/DUezA8uoLDLnwPKYer7blBpnhH/h5R9l
Cc88Q59AgZlCbkl8wvVe+zIBVmyxX3ahc4lLgKis8nn0MLX06LNT2l8ElqG50vKu
+yIpEiBE0HYSEOYYQCD81Awwxy0DC8n9Iw2XggPU87HmTwl9da5hbe4jt7Z5ys+e
/xnU+YWUemdXrFypTPnFA5vh2dRRXIgxkp8wSnz4fwyfa2QQpqQGVGiQNg/cIJi7
2ReEwoes3DC1UePn6hi9
=uwHQ
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1971-1
September 27, 2013

linux-lts-raring vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-lts-raring: Linux hardware enablement kernel from Raring

Details:

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on
ARM platforms. A local user could exploit this flaw to gain privileges or
cause a denial of service (system crash). (CVE-2013-4254)

A memory leak was discovered in the user namespace facility of the Linux
kernel. A local user could cause a denial of service (memory consumption)
via the CLONE_NEWUSER unshare call. (CVE-2013-4205)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.8.0-31-generic 3.8.0-31.46~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1971-1
CVE-2013-4205, CVE-2013-4254

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-raring/3.8.0-31.46~precise1

[USN-1972-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSRYS6AAoJEAUvNnAY1cPYm/8QAMB+Yo7jpyFX3zFR8R/Orm7s
Sg8yDjrOhDtf0Fb4CI9bW26d3pMM+QQovFrQx5fWu/wYGnR3Su17RjJwY1uE7Mdo
Ut+Oq64zXRkNXkGQPzdDVXolVzSakz+At6XOMoi4adxmYC/fRAoqnN/Aa+hnKYpe
jkIpzogIvrAixZHVnQQKCF5vOX70UNGPtR+HmpvJ4sHMfZ0GKed7oSqPhqT3FWTz
X4r/BA1fFTsl60s+xq3PGWDyplx2QBkIIiugp89aFycDWNZ/Ms6e2AORg19tsu95
0w8Rd8ueshQXnrD6u1ZqKy47eOYdamiNhtWBf7Ke1qFP5NLk2ri8BXoEQfKb7Ys8
hBwpHPllVl7dYFHJsfAZRFGf32gfhkouXXEirn7fQ+4jNhNfzdGmxPuYIlih98zF
yBUvxJcJekybHkN6uoeHcAkRVjt0MyEkJRbgEdyDlHqXeWCkxoH8lyLdEGFlte1u
lZ39KGtpLDrtsKBxW06Tcez1cE1fORFHihsxu9R2SAkkFeMnNmBRvaH7HQEo8sI4
zh/8YG79WyKwn4RxaZp2Uf9i4Qxxjfrd/nwW3fbT5hFG+Ms+yJw1Ex1/7O/GWdgM
a52Naoj0fbD2PpqFZv+INBKndj6ShrMAvV8T7uCWMKsTmQEyAsgEFnwfOCmK9Z8T
S/WMXoRRw8sg7OWGI9iM
=T2Mc
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1972-1
September 27, 2013

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on
ARM platforms. A local user could exploit this flaw to gain privileges or
cause a denial of service (system crash). (CVE-2013-4254)

A failure to validate block numbers was discovered in the Linux kernel's
implementation of the XFS filesystem. A local user can cause a denial of
service (system crash) if they can mount, or cause to be mounted a
corrupted or special crafted XFS filesystem. (CVE-2013-1819)

An information leak was discovered in the Linux kernel's IPSec key_socket
when using the notify_policy interface. A local user could exploit this
flaw to examine potentially sensitive information in kernel memory.
(CVE-2013-2237)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
linux-image-3.5.0-41-generic 3.5.0-41.64
linux-image-3.5.0-41-highbank 3.5.0-41.64
linux-image-3.5.0-41-omap 3.5.0-41.64
linux-image-3.5.0-41-powerpc-smp 3.5.0-41.64
linux-image-3.5.0-41-powerpc64-smp 3.5.0-41.64

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1972-1
CVE-2013-1819, CVE-2013-2237, CVE-2013-4254

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.5.0-41.64

[USN-1970-1] Linux kernel (Quantal HWE) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSRYR9AAoJEAUvNnAY1cPY9GMP/Aq6y5u39oZJGo25DpDJrZZD
VkEJPKz84T82hyU+7hPJeetqBCyBcsHKHbQw8zG6XrwWZ2HV5Yiy8zhwGdj7FeDZ
F7o75apl9S6SIXgm4F+Am6rZaMXrATbh+WnACp7dwI/hbVdoIZPPT8VUj1MgH5Py
r4N/2Q/hRo84fFG34dsp4sRwC2+Ib1JSBjHN8zMHNVEVpJpZEtjyzmHPJnPzuPAr
UOXLVCZur0IqrO0Dm/uaPN9YcDOoSDhlhDW9GiOLQWN9DSha08ywnNyQRQdcyblQ
oLScovndud0DZp34TyhJs5X1qNIeFI04ZT7yysCW/V3va/B0ovCONYVJMxTUDZWq
9JBFDj8f0SN38ZKiXa6TZ/lQJPlXICyIVZkzMlt4pOa6Wc0dTXJ6ZAf6sWNzbkEN
RTB5uXBTtxJyzNY68ViruBN+r7tvZo96/kcHANz/uB6Oi3rt4t4L8WofOV5Ubc50
56Ylopoi900zcAnZreYC7Etj7UYS/0Ntus6b78Pay26IBrsXS3wIwOI0bF3+6KVP
awJA0FwRJbUA4jXOEVhi+VxJuHEg5rlfvCEMaSeMemlYw6waptDKIDk1NpFHL5Yl
tf0hjTnMfVrpPDYDPdASF+whI2CXPT84S2TdLMNcakn/Hfzyw/moC9C4lOB2lCxT
l2Ciq3G63iBlS1qusyGv
=t6Ar
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1970-1
September 27, 2013

linux-lts-quantal vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-lts-quantal: Linux hardware enablement kernel from Quantal

Details:

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on
ARM platforms. A local user could exploit this flaw to gain privileges or
cause a denial of service (system crash). (CVE-2013-4254)

A failure to validate block numbers was discovered in the Linux kernel's
implementation of the XFS filesystem. A local user can cause a denial of
service (system crash) if they can mount, or cause to be mounted a
corrupted or special crafted XFS filesystem. (CVE-2013-1819)

An information leak was discovered in the Linux kernel's IPSec key_socket
when using the notify_policy interface. A local user could exploit this
flaw to examine potentially sensitive information in kernel memory.
(CVE-2013-2237)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.5.0-41-generic 3.5.0-41.64~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1970-1
CVE-2013-1819, CVE-2013-2237, CVE-2013-4254

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-quantal/3.5.0-41.64~precise1

[USN-1969-1] Linux kernel (OMAP4) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBCgAGBQJSRYRcAAoJEAUvNnAY1cPYvlkQAIuE1LTxZA+5xvQxvJtSBw1z
XwR+jGG/OnC+dSVPNWzzf7GNInrIut5RJyjmRdkdW/umZcrV3GTrcbRAs7v78MS7
NYbwp7LraW0ymauYg2gd4E7crTG+lvzZ81SjHxY4nYsVq0QAlnMdW5cdqAPl//NY
lR8WKLLy1McmFkDrbPeA67FXvS8h3fdtlMAZzM4+3duxBf1ILeDrf8lTekbnFnCm
4ZA0VNZU5utQzTL3WyWufBcKLvV17Hw5aarUuVh5MF/KhxBNyIQqQzxbetLma2mY
GYT7crZExyMs83ERlStwS8PGQQydGHd1vfYfJiePsv/78bTYoFv3rOtgMCJpaJkX
hsFPSRozQjxetjF/INe2llHcb0vtcfdhgvzoxqOY6H+KepWEUoLqms8kQmafxHgy
Mx0HogiQs3QurwciaZuYa4p88ba+dtkmgfdt2VA+dtArY0s35sX/nVweGf1uaWRf
7PORhy1LJkH0QF0Six2eUk0QscnYGraCVxj+jsGp7TQSRptj8SSIcX3aGMFm9FCT
DDm9eKN31VQQx6E5xr1Py4XscDmxR7RpkJNb36Dc9/YL8RTsmnxZgvJD4eFM6odm
sgb20EJMkJ2wpvifrLKlR9EVPSwM0ve729jBFfPPlIcCTBqos7OCXkCFTh2kOaax
WKUtl517daRp7XYVqEL3
=2PAW
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1969-1
September 27, 2013

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on
ARM platforms. A local user could exploit this flaw to gain privileges or
cause a denial of service (system crash). (CVE-2013-4254)

A failure to validate block numbers was discovered in the Linux kernel's
implementation of the XFS filesystem. A local user can cause a denial of
service (system crash) if they can mount, or cause to be mounted a
corrupted or special crafted XFS filesystem. (CVE-2013-1819)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-1438-omap4 3.2.0-1438.57

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1969-1
CVE-2013-1819, CVE-2013-4254

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.2.0-1438.57

Ubuntu 13.10 (Saucy Salamander) Final Beta released

The Ubuntu team is pleased to announce the final beta release of Ubuntu
13.10 Desktop, Server, Cloud, and Core products.

Codenamed "Saucy Salamander", 13.10 continues Ubuntu's proud tradition
of integrating the latest and greatest open source technologies into a
high-quality, easy-to-use Linux distribution. The team has been hard at
work through this cycle, introducing new features and fixing bugs.

This beta release includes images from not only the Ubuntu Desktop,
Server, Cloud, and Core products, but also the Edubuntu, Kubuntu,
Lubuntu, Ubuntu GNOME, UbuntuKylin, Ubuntu Studio and Xubuntu flavours,
and the first official beta release of Ubuntu for phones.

The beta images are known to be reasonably free of showstopper CD build
or installer bugs, while representing a very recent snapshot of 13.10
that should be representative of the features intended to ship with the
final release expected on October 17th, 2013.

Ubuntu, Ubuntu Server, Ubuntu Core, Cloud Images:
Saucy Final Beta includes updated versions of most of our core set of
packages, including a current 3.11.1 kernel, a new upstart, and many
more.

To upgrade to Ubuntu 13.10 Final Beta from Ubuntu 13.04, follow these
instructions:

https://help.ubuntu.com/community/SaucyUpgrades

The Ubuntu 13.10 Final Beta images can be downloaded at:

http://www.ubuntu.com/testing/download (Ubuntu and Ubuntu Server)

Additional images can be found at the following links:

http://cloud-images.ubuntu.com/releases/13.10/beta-2/ (Cloud Images)
http://cdimage.ubuntu.com/releases/13.10/beta-2/ (Community Supported)
http://cdimage.ubuntu.com/ubuntu-core/releases/13.10/beta-2/ (Core)
http://cdimage.ubuntu.com/netboot/13.10/ (Netboot)

The full release notes for Ubuntu 13.10 Final Beta can be found at:

https://wiki.ubuntu.com/SaucySalamander/ReleaseNotes

Ubuntu for phones:
Together with existing builds of Ubuntu for PCs and servers, with this
milestone, Ubuntu images for phones are also included in a beta for
the first time. It is not recommended that casual users install
Ubuntu on their phone, but developers can find instructions for
installing the latest stable build of Ubuntu for phones at:

https://wiki.ubuntu.com/Touch/Install

Edubuntu:
Edubuntu is a flavor of Ubuntu designed as a free education oriented
operating system for kids of all ages.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/edubuntu/releases/13.10/beta-2/

More information on the Edubuntu Final Beta cand be found here:
http://www.edubuntu.org/news/13.10-beta2

Kubuntu:
Kubuntu is the KDE based flavour of Ubuntu. It uses the Plasma desktop
and includes a wide selection of tools from the KDE project.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/kubuntu/releases/13.10/beta-2/

More information on Kubuntu Final Beta can be found here:
https://wiki.kubuntu.org/SaucySalamander/Beta2/Kubuntu

Lubuntu:
Lubuntu is a flavor of Ubuntu that targets to be lighter, less
resource hungry and more energy-efficient by using lightweight
applications and LXDE, The Lightweight X11 Desktop Environment,
as its default GUI.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/lubuntu/releases/13.10/beta-2/

More information on Lubuntu Final Beta can be found here:
https://wiki.ubuntu.com/SaucySalamander/Beta2/Lubuntu

Ubuntu GNOME:
Ubuntu GNOME is a flavor of Ubuntu featuring the GNOME desktop
environment.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntu-gnome/releases/13.10/beta-2/

More information on Ubuntu GNOME Final Beta can be found here:
https://wiki.ubuntu.com/SaucySalamander/Beta2/UbuntuGNOME

UbuntuKylin:
UbuntuKylin is a flavor of Ubuntu that is more suitable for Chinese
users.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntukylin/releases/13.10/beta-2/

More information on UbuntuKylin Final Beta can be found here:
https://wiki.ubuntu.com/UbuntuKylin/1310-beta-2-ReleaseNote

Ubuntu Studio:
Ubuntu Studio is a flavor of Ubuntu that provides a full range of
multimedia content creation applications for each key workflows:
audio, graphics, video, photography and publishing.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntustudio/releases/13.10/beta-2/

More information on Ubuntu Studio Final Beta can be found here:
https://wiki.ubuntu.com/SaucySalamander/Beta2/UbuntuStudio

Xubuntu:
Xubuntu is a flavor of Ubuntu that comes with Xfce, which is a stable,
light and configurable desktop environment.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/xubuntu/releases/13.10/beta-2/

More information on Xubuntu Final Beta can be found here:
https://wiki.ubuntu.com/SaucySalamander/Beta2/Xubuntu

Regular daily images for Ubuntu can be found at:
http://cdimage.ubuntu.com

Ubuntu is a full-featured Linux distribution for clients, servers and
clouds, with a fast and easy installation and regular releases. A
tightly-integrated selection of excellent applications is included, and
an incredible variety of add-on software is just a few clicks away.

Professional technical support is available from Canonical Limited and
hundreds of other companies around the world. For more information
about support, visit http://www.ubuntu.com/support

If you would like to help shape Ubuntu, take a look at the list of ways
you can participate at: http://www.ubuntu.com/community/participate

Your comments, bug reports, patches and suggestions really help us to
improve this and future releases of Ubuntu. Instructions can be
found at: https://help.ubuntu.com/community/ReportingBugs

You can find out more about Ubuntu and about this beta release on our
website, IRC channel and wiki.

To sign up for future Ubuntu announcements, please subscribe to Ubuntu's
very low volume announcement list at:

http://lists.ubuntu.com/mailman/listinfo/ubuntu-announce

On behalf of the entire Ubuntu Release Team,
Adam Conrad

--
ubuntu-announce mailing list
ubuntu-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce

Thursday, September 26, 2013

[CentOS-announce] CEBA-2013:1290 CentOS 6 iputils Update

CentOS Errata and Bugfix Advisory 2013:1290

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1290.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
94f58ee75df2cdcbc120e6356aedbcf0d8143d75fbfed64b7c36c70108cc6ed9 iputils-20071127-17.el6_4.2.i686.rpm

x86_64:
69a07e6f69e84479b441e29f3fba1f3cbca41e783c6544d967b045bcdb433c40 iputils-20071127-17.el6_4.2.x86_64.rpm

Source:
3e1be8d16b4b61d472cf6f6e0f32631d202928777c2189473bfb969ecbfb6315 iputils-20071127-17.el6_4.2.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2013:1291 CentOS 6 libvirt-cim Update

CentOS Errata and Bugfix Advisory 2013:1291

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1291.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
52d4625d3cd000c0d4e298b7a698caf937cf87f487977b6c8b5eeeae7c865104 libvirt-cim-0.6.1-4.el6_4.2.i686.rpm

x86_64:
52d4625d3cd000c0d4e298b7a698caf937cf87f487977b6c8b5eeeae7c865104 libvirt-cim-0.6.1-4.el6_4.2.i686.rpm
582a42e4f9a24af8e5ceb186fa4546a2556b113ba768e3cb03668b0a1b5631f5 libvirt-cim-0.6.1-4.el6_4.2.x86_64.rpm

Source:
1603c78c037285804291cfea58717ce479c08a06f6b12f2cf48949aa0c407afb libvirt-cim-0.6.1-4.el6_4.2.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2013:1289 CentOS 6 abrt Update

CentOS Errata and Bugfix Advisory 2013:1289

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1289.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
b201d09a7b2122d998fcf5aeeac00c57adc238968c89fe705e5f6b65efc5c86d abrt-2.0.8-16.el6.centos.1.i686.rpm
455a31fb7b254c35c62a30d1635585e34e407d81429b258768cc68324cd30de7 abrt-addon-ccpp-2.0.8-16.el6.centos.1.i686.rpm
73c68d36e346b0099f26d370bb4d23612423f2c8d73af0c3db4d86820bf0c3ea abrt-addon-kerneloops-2.0.8-16.el6.centos.1.i686.rpm
cfd7239c0399282998067ff73a5dbfe217139b76b863ec876b428b89bcd7bc4c abrt-addon-python-2.0.8-16.el6.centos.1.i686.rpm
1eb1bf85777bc73a2e75720cfee1b2720a02cf65921e774d7bef18bce19aee75 abrt-addon-vmcore-2.0.8-16.el6.centos.1.i686.rpm
fe67320fb1d02167703e947beecfc0e2c3637930da7c167d76f5d429dfd94a86 abrt-cli-2.0.8-16.el6.centos.1.i686.rpm
35971a76a39cdd787e38d1a66b6fb8e6624c5633650d4e829625882b995da32e abrt-desktop-2.0.8-16.el6.centos.1.i686.rpm
f0cb1a7dc52d63996ec50f1ebce6d94729c6c0e9aa1b85da52fc76ec3c99a52e abrt-devel-2.0.8-16.el6.centos.1.i686.rpm
e7a30d9d0cc4758422e4022e7040e9df6223c199a3d57dca36fa84867adecea1 abrt-gui-2.0.8-16.el6.centos.1.i686.rpm
4a00e48f44de680eb79b7898c270374c417e4527bbdbcae1340d637985544f36 abrt-libs-2.0.8-16.el6.centos.1.i686.rpm
6552f1ecb81819871d2a83adf9214b526122325b9bd79f9583f1556aa0f7aa71 abrt-tui-2.0.8-16.el6.centos.1.i686.rpm

x86_64:
6006ad3fcc1e32f2812a38e89ca8f91b99d0f4f93e035a4746d68bb30eedb069 abrt-2.0.8-16.el6.centos.1.x86_64.rpm
ddf7b67f64a5cf5aee41d6a778d934cf2e674abda59c88753c12cddda07dd540 abrt-addon-ccpp-2.0.8-16.el6.centos.1.x86_64.rpm
9386118d9964f3847f721333b4e49e0a394f598ceda8e31a129f57ff38b468bd abrt-addon-kerneloops-2.0.8-16.el6.centos.1.x86_64.rpm
bcfce61379c22d4623ed6bd080b88ade4b32459d0dce65f581709c607e1600c2 abrt-addon-python-2.0.8-16.el6.centos.1.x86_64.rpm
3643ed20796270728192cba5859c0dc02bf0217b7cb1aa9961a643b2291f22ae abrt-addon-vmcore-2.0.8-16.el6.centos.1.x86_64.rpm
d6ee7c7027c7b799a745036716b072cd7c6b78b54e4c657681cb0c81ef7b6a6f abrt-cli-2.0.8-16.el6.centos.1.x86_64.rpm
9d5de3d6012162fcfc5cdac5e04c3d8b671ce7a52e8769416685ce5516a4c2cd abrt-desktop-2.0.8-16.el6.centos.1.x86_64.rpm
f0cb1a7dc52d63996ec50f1ebce6d94729c6c0e9aa1b85da52fc76ec3c99a52e abrt-devel-2.0.8-16.el6.centos.1.i686.rpm
23c54733d7226fddee270fc827a767b0295dc7cf3849c470632f79a86ac3dadf abrt-devel-2.0.8-16.el6.centos.1.x86_64.rpm
b9fc295e8a19823dc8f5216268cdf7ed71d5493e6a6bac3ca5982a987b3f4032 abrt-gui-2.0.8-16.el6.centos.1.x86_64.rpm
4a00e48f44de680eb79b7898c270374c417e4527bbdbcae1340d637985544f36 abrt-libs-2.0.8-16.el6.centos.1.i686.rpm
58940d4074e89e0787b3e148cda68efd2f7764396c0874d4dcf39fc7a4f2a2b8 abrt-libs-2.0.8-16.el6.centos.1.x86_64.rpm
6b1190b728c7d0a3c732708fce2d974de8bcb68f20f3e6de4096bc191826cb3e abrt-tui-2.0.8-16.el6.centos.1.x86_64.rpm

Source:
daadafeba1ae8999a3d6279c56abd157da1a5781a67e81bc26a48e55a4c6b026 abrt-2.0.8-16.el6.centos.1.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2013:1289 CentOS 6 libreport Update

CentOS Errata and Bugfix Advisory 2013:1289

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1289.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
a3491a470f10dd38fc5039ec5dd15b46512f5c4f7d05d68cd92a8b190a10919d libreport-2.0.9-15.el6.centos.1.i686.rpm
3b643608976ff309d65a6ef9bbf6fa16d510eb3800b3ba40d1b4d2ebd4f6d49b libreport-cli-2.0.9-15.el6.centos.1.i686.rpm
c97c015614b735e635d374009629dd49b27f46d217333987367836560c007b83 libreport-compat-2.0.9-15.el6.centos.1.i686.rpm
30e57f61f966e27fbeb7a99f317fddfaca544537f7a8eb9a7626efa1ea342c0a libreport-devel-2.0.9-15.el6.centos.1.i686.rpm
a38c2c852052fa4418933603cec1faa5d67ef6741545e34ca7e252c76c4b2b49 libreport-filesystem-2.0.9-15.el6.centos.1.i686.rpm
bf7c906172023096693661eb2b4ba8b20b4e47c8c9be8f0284270ca33a02dcbf libreport-gtk-2.0.9-15.el6.centos.1.i686.rpm
e620b4bd2543e24ed989627769ee97135d0423059e389e9e9d38985863d6f3c1 libreport-gtk-devel-2.0.9-15.el6.centos.1.i686.rpm
d009ad11bb071d6e174b208c19e688355e3d6b8603c4bd340d190817ed64ed7b libreport-newt-2.0.9-15.el6.centos.1.i686.rpm
c034e9814c3c5790b0f4bb477c1b17c6363935dd254a03fcd918a6689c2d8a18 libreport-plugin-bugzilla-2.0.9-15.el6.centos.1.i686.rpm
ab1e6b6547ec8ff63ad83fe0189dd67082151f494b5e57790cd715b03bf0575e libreport-plugin-kerneloops-2.0.9-15.el6.centos.1.i686.rpm
21e51756fc0746915987f89bb9c232e292910efa9136f269c690f2b6c7ce9186 libreport-plugin-logger-2.0.9-15.el6.centos.1.i686.rpm
fed471c7110203c80a1b2dc76ff6324a15ad00ca0f33c38e5e2816d852902655 libreport-plugin-mailx-2.0.9-15.el6.centos.1.i686.rpm
b7c2a6070e3b674c1b8ef644c8f3019ce5da30a62d9e58adf8573e1a01ed6dde libreport-plugin-reportuploader-2.0.9-15.el6.centos.1.i686.rpm
0e3ce83ab152155726b8419d72895d4e848fc238262743ead9e27ecdfdfe31be libreport-plugin-rhtsupport-2.0.9-15.el6.centos.1.i686.rpm
704a6974aae0a2a009e2a418d8e136fc48f893b94c3beb57c68b9a2e997ee104 libreport-python-2.0.9-15.el6.centos.1.i686.rpm

x86_64:
a3491a470f10dd38fc5039ec5dd15b46512f5c4f7d05d68cd92a8b190a10919d libreport-2.0.9-15.el6.centos.1.i686.rpm
6c749e2e1763e1ac5998f5f2059662a92bf15d59d4a4fe69e04b45d60421418d libreport-2.0.9-15.el6.centos.1.x86_64.rpm
d0b8ff6e8ed482efdb8e2abd8043fb33d18893d1a63c2e892f4205f10d2a0fbf libreport-cli-2.0.9-15.el6.centos.1.x86_64.rpm
2fb28904d17bca1296c42ca8464522789b4ac4a5b50243734576fc9dd6f496f8 libreport-compat-2.0.9-15.el6.centos.1.x86_64.rpm
30e57f61f966e27fbeb7a99f317fddfaca544537f7a8eb9a7626efa1ea342c0a libreport-devel-2.0.9-15.el6.centos.1.i686.rpm
437d0891b5dd38f00bcac3b1bb8a552c0e9acd21308bbadd4874b5d4e37a4f0f libreport-devel-2.0.9-15.el6.centos.1.x86_64.rpm
0f24088c281a2fc9ddfb7a31e2ddb907600fec0681ecba04255af3e020c32e6d libreport-filesystem-2.0.9-15.el6.centos.1.x86_64.rpm
bf7c906172023096693661eb2b4ba8b20b4e47c8c9be8f0284270ca33a02dcbf libreport-gtk-2.0.9-15.el6.centos.1.i686.rpm
a4dc12987bf1d71eeb155397106ea6afe3d1964fa4a470c79c03aca7f8d993ca libreport-gtk-2.0.9-15.el6.centos.1.x86_64.rpm
e620b4bd2543e24ed989627769ee97135d0423059e389e9e9d38985863d6f3c1 libreport-gtk-devel-2.0.9-15.el6.centos.1.i686.rpm
e1ff39a014d3355492ec970c898aa06c0109dfe64627b0e2589bd655a0836912 libreport-gtk-devel-2.0.9-15.el6.centos.1.x86_64.rpm
9cadf6b5532c0a88d545ec7cc4e063ad1cd39ad25791b380bfc6308acbd5dc81 libreport-newt-2.0.9-15.el6.centos.1.x86_64.rpm
2851d2ffdff8742b56654c615c561884e17cf5a60eee704ff852dd7330c805f7 libreport-plugin-bugzilla-2.0.9-15.el6.centos.1.x86_64.rpm
5fcf22394c23531dcca3cb6abd00ba272a7682857e4b3a37f584d5efdd6452c1 libreport-plugin-kerneloops-2.0.9-15.el6.centos.1.x86_64.rpm
65e05075557ae09ab522cd96adf360d723dc04aa0e729407ef05d89d1c9ea0bb libreport-plugin-logger-2.0.9-15.el6.centos.1.x86_64.rpm
c016363032a65d481f6d76169228aa94af0a14c22addbd3cacddfbee0c975db9 libreport-plugin-mailx-2.0.9-15.el6.centos.1.x86_64.rpm
efaef5473cf5fd6d99267da56cd434728554959beef0b39057878ee992e6bef0 libreport-plugin-reportuploader-2.0.9-15.el6.centos.1.x86_64.rpm
816f45a43e982c5ee8185ef9cb5c0f118f264cb99f46b25de3d21525d543a677 libreport-plugin-rhtsupport-2.0.9-15.el6.centos.1.x86_64.rpm
c33ec084c343b61ca6e3584df19faea9fac46c8806ec5d5f5680044346cc0ab9 libreport-python-2.0.9-15.el6.centos.1.x86_64.rpm

Source:
a2c2653cef62bf639dac65db086d040ca235cfb165055397ffcb0fe1f16ed25a libreport-2.0.9-15.el6.centos.1.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2013:1288 CentOS 5 mkinitrd Update

CentOS Errata and Bugfix Advisory 2013:1288

Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1288.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
83dc958013d4095db5c63ba7762e0aebf9897e1247190b7fa2ae370ec525ad97 libbdevid-python-5.1.19.6-81.el5_9.i386.rpm
e9e4912862694a3d7121efc28a766365e12c939f83637bd33551b805094df391 mkinitrd-5.1.19.6-81.el5_9.i386.rpm
9f4fa1a2f7e7a85ae77b191590c449084e8dd80a200745cc48066d0ccdea5780 mkinitrd-devel-5.1.19.6-81.el5_9.i386.rpm
2baeb7c7876dc9386d48c5ba7a10fed0500306836d186157e97a6fca9bed43ef nash-5.1.19.6-81.el5_9.i386.rpm

x86_64:
54077274a6a4e519baf3ef9a9e84c12ba96cd5f280e77c67a807cf3673fcebc5 libbdevid-python-5.1.19.6-81.el5_9.x86_64.rpm
e9e4912862694a3d7121efc28a766365e12c939f83637bd33551b805094df391 mkinitrd-5.1.19.6-81.el5_9.i386.rpm
42305dd7561730826707c2be2fc6767ea7937555f7ffe1b6231e506c74d05f63 mkinitrd-5.1.19.6-81.el5_9.x86_64.rpm
9f4fa1a2f7e7a85ae77b191590c449084e8dd80a200745cc48066d0ccdea5780 mkinitrd-devel-5.1.19.6-81.el5_9.i386.rpm
fac665b1217b61e036ad2779d2fd5c25ecd433dc3a365087a2a6d2ada7a3bed9 mkinitrd-devel-5.1.19.6-81.el5_9.x86_64.rpm
b6fb41e9e0d5f505e1a078a6dfa777a937fe92a181a026596783fc2b65c49f4f nash-5.1.19.6-81.el5_9.x86_64.rpm

Source:
0b8eb4eba5f5a4dd21566d7d0ea17745a70aef05196b21f5533cefab6f1c5dc1 mkinitrd-5.1.19.6-81.el5_9.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Wednesday, September 25, 2013

Build package with latest translation for l10n testing

Hello Fedora package maintainers,

Kindly build and push your packages with latest translation files (ie,
pull the latest translations from Transifex/Zanata) by FRIDAY
2013-09-27, for Fedora 20 L10n test scheduled on 2013-10-03 (Thursday).
The packages with latest translations can thus be used to create the
live image, which the language translators worldwide can use for testing
in their own languages on this test day. Any issues they find will be
filed as bug. Appreciate your help in this regard as this is an
opportunity for the translators to check and modify the translation
quality of your package.

Thanks for your support and understanding.

Best regards
Ani Peter
FLTG member
URL: https://fedoraproject.org/wiki/FLTG
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Tuesday, September 24, 2013

[FreeBSD-Announce] FreeBSD 20 Year Anniversary Party: Long Live FreeBSD!

Hey folks!

20 years ago, Nate Williams, Rod Grimes, and Jordan Hubbard came
together to turn their 386BSD patchkit into something greater. David
Greenman gave their combined efforts a name.

Today, FreeBSD is the stable, powerful operating system they dreamed
of and people all around the world come together to make it better
every day.

In honor of its users, administrators, developers, and advocates, we
are pleased to invite you to FreeBSD's 20th Anniversary Celebration
being held Saturday, November 2, 2013 at the DNA Lounge in San
Francisco! Festivities will begin at 6 pm, during which time we'll
have exclusive access to the upstairs area of the club. At 9 pm doors
will be opened to the public, who will join us as we celebrate into
the wee hours of the morning.

There will be drinks, music, and great company. Sponsors of the event
include iXsystems, Netflix, Google, NetApp, and the FreeBSD
Foundation. There will also be a raffle with giveaways from O'Reilly
Media and No Starch Press, among others.

We hope you'll join us for an evening of revelry and merriment on
November 2nd! Please RSVP at http://www.freebsdparty.com by Friday,
October 18th if you plan to attend this historic event.

When: Saturday, November 2nd, 2013, 6PM-2AM PST
Where: DNA Lounge, San Francisco, CA, USA
Cost: Nothing

Note: If you plan to bring someone, please RSVP with their name, too!
We have limited spots, so if you know you can make it, RSVP soon.

Feel free to spread the word.

Cheers,
-matt
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

[CentOS-announce] CESA-2013:1282 Important CentOS 6 rtkit Update

CentOS Errata and Security Advisory 2013:1282 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-1282.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
f9adad489bc9bc5fe4b82a400059ef87d5c7663d08e4607779d075772d42b1df rtkit-0.5-2.el6_4.i686.rpm

x86_64:
9838626edb2a8f72b85c9610500a9e27b456c23c2bd3de5a41db96df99071082 rtkit-0.5-2.el6_4.x86_64.rpm

Source:
7d55168f15c69ff83b8ba40387b3a5935e5266cb220b30d31ec902120b640b17 rtkit-0.5-2.el6_4.src.rpm



--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce