Monday, March 31, 2014

[CentOS-announce] CESA-2014:0342 Moderate CentOS 6 wireshark Update

CentOS Errata and Security Advisory 2014:0342 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0342.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
e86f9c91381562e4ed24f3be923675eef44e0c6023a0cdca443c59c1c09687df wireshark-1.8.10-7.el6_5.i686.rpm
01a5149ec6028dc2be17b1118d44c0fa9054a6bee017bd55e5c7a521fafe6cd8 wireshark-devel-1.8.10-7.el6_5.i686.rpm
c9fdd1f944111358f6a038a8e151b726bd626ef20dc40f1ef00b9500d3423402 wireshark-gnome-1.8.10-7.el6_5.i686.rpm

x86_64:
e86f9c91381562e4ed24f3be923675eef44e0c6023a0cdca443c59c1c09687df wireshark-1.8.10-7.el6_5.i686.rpm
4d85f7abcd56ab9c99156037445c5288505ba930c9d5b220a2bf3e9a7b7b5508 wireshark-1.8.10-7.el6_5.x86_64.rpm
01a5149ec6028dc2be17b1118d44c0fa9054a6bee017bd55e5c7a521fafe6cd8 wireshark-devel-1.8.10-7.el6_5.i686.rpm
798968dd1fa8b839acaa65fc32595ba22993dc217139afde6004e0f3d29ca2d6 wireshark-devel-1.8.10-7.el6_5.x86_64.rpm
f1965eabc7c53b3c085555db4ac3ac6a31f5ee2dfc261ef644a6a0a767ede4b3 wireshark-gnome-1.8.10-7.el6_5.x86_64.rpm

Source:
71a97a11004793b0fd19c3bfe98f65917f05690079aaa77f629eb4553bb7dfae wireshark-1.8.10-7.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2014:0341 Moderate CentOS 5 wireshark Update

CentOS Errata and Security Advisory 2014:0341 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0341.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
08c8c02b8cedb60b86ec5c10c5caadeb4549493751a112ab44367ae35825a201 wireshark-1.0.15-6.el5_10.i386.rpm
0f9a6201343210ba03cf0d218d6d1781aa3f8766c1ccdb2ad2b40d1891676f63 wireshark-gnome-1.0.15-6.el5_10.i386.rpm

x86_64:
0f76ec04395bd97354cc4388ead650651d81a1ef1b2261d193f87762428cf46a wireshark-1.0.15-6.el5_10.x86_64.rpm
9c19cb783ff6c54a96da465f69c7d2ddc0391565470e1709b3071e9c0d31a07a wireshark-gnome-1.0.15-6.el5_10.x86_64.rpm

Source:
0cfa8fc9cb3a5ccf88ff1fec32de647b06a42a2e6eb8e9b003f68dff867ef812 wireshark-1.0.15-6.el5_10.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

F21 Self Contained Change: Improved Ivy Packaging

= Proposed Self Contained Change: Improved Ivy Packaging =
https://fedoraproject.org/wiki/Changes/ImprovedIvyPackaging

Change owner(s): Mikolaj Izdebski <mizdebsk@redhat.com>

This change aims at improving the way of packaging Java software, which uses
Apache Ivy to manage build dependencies.

== Detailed Description ==
Currently packages which use Apache Ivy as dependency manager are packaged in
manual way. Dependencies must be symlinked manually, all files have to be
explicitly installed, there are no auto-requires.

This change aims at simplifying Ivy packaging in a similar way as it was done
with Maven packaging [1].

In particular, the following changes will be implemented:

* automatic resolution of Ivy artifacts,
* integration with system Maven repository,
* automatic installation of Ivy artifact metadata,
* auto requires.

== Scope ==
Proposal owners:
* Implement code to resolve and publish Ivy artifacts in XMvn upstream
* Package new upstream version XMvn in Fedora or backport Ivy changes to
current XMvn version
* Implement necessary macros in Javapackages Tools upstream
* Package new upstream version Javapackages Tools in Fedora or backport
necessary changes to current Javapackages Tools version
* Prepare draft of Java packaging guidelines change and submit to FPC

Other developers:
* Maintainers of packages using Apache Ivy during build or installing Ivy
artifacts can optionally update their packages to use the new packaging
techniques, but that's not absolutely required as existing ways of packaging
Ivy artifacts will continue to work.

Release engineering:
* No action required.

Policies and guidelines:
* Java packaging guidelines will have to be updated to include the new way of
packaging Ivy artifacts.

[1] https://fedoraproject.org/wiki/Features/Simplified_Maven_Packaging
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Mailing list downtime: 4/5/2014

The OpenBSD mailing lists will be down on Saturday April 5 at 6am
MDT for machine room maintenance. As long as things go well the
lists should be back before noon but they could be down as long as
6pm MDT.

This also affects ftp.usa.openbsd.org (aka ftp3.usa.openbsd.org)
and anoncvs3.usa.openbsd.org which reside in the same machine room.

- todd

F21 Self Contained Change: Better Erlang Support

= Proposed Self Contained Change: Better Erlang Support =
https://fedoraproject.org/wiki/Changes/BetterErlangSupport

Change owner(s): Peter Lemenkov <lemenkov@gmail.com>, Sam Kottler <skottler
[at] redhat.com>, Fedora Erlang SIG <erlang@lists.fedoraproject.org>

Update Erlang/OTP to R17, and improve Erlang integration with the rest of
Fedora.

== Detailed Description ==
Erlang in Fedora is already in a good shape. However we can do better since
there are a number of annoying shortcomings and issues. Just a few of them:

* Fedora partially enabled Ellyptic Curve Crypto recently but we still provide
Erlang with EC disabled completely because there is no way to enable just a
few EC in the current Erlang version.
* Erlang<->systemd interaction is in a quite poor state currently.
* There is no way to install "headless" Erlang. Every Fedora Erlang user have
to install graphical libraries even if (s)he doesn't want to use GUI on the
target machine.
* Every daemon written in Erlang has its own logging solution which doesn't
use neither syslog nor Journald.
* Erlang packaging is quite complex and undocumented mostly.

In order to address all these issues we should do the following:

* Enable fine grained EC crypto support [1] by upgrading Erlang to the latest
R17 (not yet released, and scheduled to April, 2014).
* Start working on a better systemd support in Erlang by enabling EPMD systemd
support. This could be done by merging patches from Matwey V. Kornilov [2]
and systemd unit-files from openSUSE [3].
* Add erlang-ejournald [4], erlang-lager_journald_backend [5], and make
Journald as a default logging backend.
* Split-off infrequently used modules [6] which requires X11, Pulseaudio and
ensure that it won't break anything.
* Fix the long-standing noarch issue by providing additional default location
for Erlang bytecode data.
* Update Erlang RPM-related macros to improve packaging by reducing spec-file
sizes.

== Scope ==
Proposal owners:
* We must rebuild Erlang R17 and submit it to build-overrides.
** We have to rebuild all the packages listed below in the Dependencies [7]
section.
* WiP: A necessary *.socket unit must be added to erlang-erts to enable EPMD
socket activation.
** Every Erlang daemon's systemd unit must require epmd.socket.
* We need to fill new review request for erlang-ejournald
** We have to fill new review request for erlang-lager_journald_backend
* We have to patch out GUI parts and provide a way to tell user what to do in
order to enable this functionality.
* Add another default directory to look for Erlang *.beam files.
* Every Erlang package must require erlang-rpm-macros.
* Riak has growing Bugzilla backlog. We have to address all of these issues.
Other developers: N/A
Release engineering: N/A
Policies and guidelines: We should create Erlang Packaging Guidelines which
doesn't exist yet.

[1] https://bugzilla.redhat.com/1023017
[2] https://github.com/matwey/otp/tree/systemd
[3] https://build.opensuse.org/package/show/openSUSE:Factory/erlang
[4] https://github.com/travelping/ejournald
[5] https://github.com/travelping/lager_journald_backend
[6] https://bugzilla.redhat.com/784693
[7] https://fedoraproject.org/wiki/Changes/BetterErlangSupport#Dependencies
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[announce] NYC*BUG April 1: Secure RNGs

NOTE: Our meeting this month is on TUESDAY, not Wednesday, and it begins
715 PM at NYU. We will return to our normal routine in May.

*****

Tuesday, April 1 - Secure Random Number Generators, Yevgeniy Dodis
19:15, NYU, Warren Weaver Hall (251 Mercer St), WWH 101 (Please note
date, time and location)

Bring ID to get into the building.

The meeting should be streamed, assuming the stars are correctly aligned:

http://www.nycbug.org/streaming.html

Abstract

We will discuss how to design (and not design) secure Random Number
Generators. In particular, we will show attacks on Linux /dev/random,
present first theoretical analysis on the Windows 8 RNG Fortuna, and
talk about the importance of provable security.

We will follow these papers:

http://eprint.iacr.org/2013/338
http://eprint.iacr.org/2014/167

Recent and relevant blog posts:

https://www.schneier.com/blog/archives/2014/03/the_security_of_7.html
https://www.schneier.com/blog/archives/2013/10/insecurities_in.html

http://it.slashdot.org/story/13/10/14/2318211/linux-rng-may-be-insecure-after-all

Speaker Bio

Yevgeniy Dodis is a Professor of computer science at New York
University. Dr. Dodis received his summa cum laude Bachelors degree in
Mathematics and Computer Science from New York University in 1996, and
his PhD degree in Computer Science from MIT in 2000. Dr. Dodis was a
post-doc at IBM T.J.Watson Research center in 2000, and joined New York
University as an Assistant Professor in 2001. He was promoted to
Associate Professor in 2007 and Full Professor in 2012.

Dr. Dodis' research is primarily in cryptography and network security.
In particular, he worked in a variety of areas including
leakage-resilient cryptography, cryptography under weak randomness,
cryptography with biometrics and other noisy data, hash function and
block cipher design, protocol composition and information-theoretic
cryptography. Dr. Dodis has more than 100 scientific publications at
various conferences, journals and other venues, was the Program co-Chair
for the 2015 Theory of Cryptography Conference, has been on program
committees of many international conferences (including FOCS, STOC,
CRYPTO and Eurocrypt), and gave numerous invited lectures and courses at
various venues.

Dr. Dodis is the recipient of National Science Foundation CAREER Award,
Faculty Awards from IBM, Google and VMware, and Best Paper Award at 2005
Public Key Cryptography Conference. As an undergraduate student, he was
also a winner of the US-Canada Putnam Mathematical Competition in 1995.
_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce

F21 System Wide Change: GCC49

= Proposed System Wide Change: GCC49 =
https://fedoraproject.org/wiki/Changes/GCC49

Change owner(s): Jakub Jelínek <jakub@redhat.com >

Switch GCC in Fedora 21 to 4.9.x, rebuild all packages with it.

== Detailed Description ==
GCC 4.9.0 is currently in stage4, in prerelease state with only regression
bugfixes and documentation fixes allowed. The release will happen probably in
the first half of April. Marek Polacek has performed a test mass rebuild on
x86_64 with gcc-4.9.0-0.*.fc21, most packages have built successfully, others
have failed to rebuild also with gcc 4.8.x, for the remaining packages most of
the needed changes are now tracked in [1] or, if it were bugs on the gcc side,
have been fixed in the mean time. GCC 4.9.0 prereleases have so far been built
as scratch packages, [2] (and similarly for ppc* and s390* secondary
architectures). Other distributions have performed test mass rebuilds on other
architectures (i?86, s390x, arm).

== Scope ==
All packages should be rebuilt with the new gcc once it hits f21.

* Proposal owners: Build gcc in f21, rebuild packages that have direct
dependencies on exact gcc version (libtool, llvm, gcc-python-plugin).
* Other developers: First few days/weeks just voluntary rebuilds using the new
system gcc, if things fail, look at http://gcc.gnu.org/gcc-4.9/porting_to.html
and fix bugs in packages or, if there is a gcc bug or suspected gcc bug,
analyze and report.
* Release engineering: Organize a mass rebuild
* Policies and guidelines: No policies need to be changed

---
Change Wrangler Note: Contingency Deadline is a bit vague "Before release" but
with GCC revert, distribution wide coordination would be needed with high
probability of slip. I'll open it for further discussion on list for
FESCo/releng..

[1] http://gcc.gnu.org/gcc-4.9/porting_to.html
[2] http://koji.fedoraproject.org/scratch/jakub/task_6667028/
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

F21 Self Contained Change: Apache Hive

= Proposed Self Contained Change: Apache Hive =
https://fedoraproject.org/wiki/Changes/ApacheHive

Change owner(s): Peter MacKinnon <pmackinn@redhat.com>

Apache Hive [1] is a data warehouse built on top of Apache Hadoop.

== Detailed Description ==
The Apache Hive data warehouse software facilitates querying and managing
large datasets residing in distributed storage. Apache Hive provides a
mechanism to project structure onto this data and query the data using a SQL-
like language called HiveQL.

== Scope ==
* Proposal owners: The Hive package has been accepted into Fedora and provides
all the functionality from the upstream release with the exception of HBase
support since the latest stable versions are not currently aligned.
* Other developers: N/A (not a System Wide Change)
* Release engineering: N/A (not a System Wide Change)
* Policies and guidelines: N/A (not a System Wide Change)

[1] http://hive.apache.org/
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

F21 Self Contained Change: Apache HBase

= Proposed Self Contained Change: Apache HBase =
https://fedoraproject.org/wiki/Changes/ApacheHBase

Change owner(s): Robert Rati <rrati@redhat.com>

Apache HBase [1] is a distributed database built on top of Apache Hadoop.

== Detailed Description ==
Apache HBase is used when you need random, realtime read/write access to your
Big Data. Apache HBase hosts very large tables -- billions of rows X millions
of columns -- atop clusters of commodity hardware. Apache HBase is a
distributed, versioned, non-relational database modeled after Google's
Bigtable: A Distributed Storage System for Structured Data by Chang et al.
Just as Bigtable leverages the distributed data storage provided by the Google
File System, Apache HBase provides Bigtable-like capabilities on top of Hadoop
and HDFS.

== Scope ==
* Proposal owners: The Hbase package has been accepted into Fedora and
provides all the functionality from the upstream release.
* Other developers: N/A (not a System Wide Change)
* Release engineering: N/A (not a System Wide Change)
* Policies and guidelines: N/A (not a System Wide Change)

[1] http://hbase.apache.org/
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

F21 Self Contained Change: Apache Oozie

= Proposed Self Contained Change: Apache Oozie =
https://fedoraproject.org/wiki/Changes/ApacheOozie

Change owner(s): Robert Rati <rrati@redhat.com>

Apache Oozie [1] is a workflow scheduler system to manage Apache Hadoop jobs.

== Detailed Description ==
Apache Oozie is a workflow scheduler. It is integrated with the rest of the
Hadoop stack and supports several types of Hadoop jobs out of the box (such as
Java map-reduce, Streaming map-reduce, Pig, Hive, Sqoop and Distcp) as well as
system specific jobs (such as Java programs and shell scripts).

== Scope ==
* Proposal owners: Apache Oozie is packaged and awaiting review [2].
* Other developers: N/A (not a System Wide Change)
* Release engineering: N/A (not a System Wide Change)
* Policies and guidelines: N/A (not a System Wide Change)

[1] http://oozie.apache.org/
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1071456
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[opensuse-announce] Open Build Service version 2.5 released

People, Friends, Packagers,

are you ready for another set of great features for your free software
packaging needs? We are with version 2.5. of the Open Build
Service(OBS)!

With this release you can plug OBS into your continuous
integration/delivery chain thanks to the new token API that let's you
trigger builds from revision control systems like github. 2.5 further
merges the Web UI and API into one single Ruby on Rails app, so it is
easier for you to maintain, easier for us to extend and most important
way snappier to use for your packagers.

This release also begins to unify the various places where you can
configure things into the OBS API, introduces an integrated comment and
notification system and saves your OBS servers some cycles by
automatically cleaning up left over branches. As you can see our team
never tires to be awesome! Read on for more, in depth, information about
OBS version 2.5.

http://openbuildservice.org/2014/03/31/version-2.5/

The Open Build Service Team

--
http://openbuildservice.org
--
To unsubscribe, e-mail: opensuse-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-announce+help@opensuse.org

Friday, March 28, 2014

[CentOS-announce] CEEA-2014:0338 CentOS 6 tzdata Update

CentOS Errata and Enhancement Advisory 2014:0338

Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-0338.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
e838993fa935111ebd827d74c2566ed6faf6648f17832521c7bf5f94c6f0a478 tzdata-2014b-1.el6.noarch.rpm
51ce6a2ca48acefe8d22d314c8b38f3085fc00df14f4a131d76b520e3dbad837 tzdata-java-2014b-1.el6.noarch.rpm

x86_64:
e838993fa935111ebd827d74c2566ed6faf6648f17832521c7bf5f94c6f0a478 tzdata-2014b-1.el6.noarch.rpm
51ce6a2ca48acefe8d22d314c8b38f3085fc00df14f4a131d76b520e3dbad837 tzdata-java-2014b-1.el6.noarch.rpm

Source:
67517de3e491ca15b1e0ca3cd3aff6b7fc028c7b1ebabcc0a4c30e967bc0e0b1 tzdata-2014b-1.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEEA-2014:0338 CentOS 5 tzdata Update

CentOS Errata and Enhancement Advisory 2014:0338

Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-0338.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
fea2b344366e13afd381523e1454c27f900c238fd3b1a024387adc23b67fc95c tzdata-2014b-1.el5.i386.rpm
111912ddda8cb09f7f4f9e3bdadf1db07cc05c8d7f1a2cf6850cda325c07aa4a tzdata-java-2014b-1.el5.i386.rpm

x86_64:
bcd3c2ff7723a3a6c8fba77ec565bd21b78ffdc9608a66346b3610df2a39e526 tzdata-2014b-1.el5.x86_64.rpm
547f704bd86f02574edb95ad4b3fdd0f43af4298325086904404e967f5f167bb tzdata-java-2014b-1.el5.x86_64.rpm

Source:
008716443c19df9ad5dcacc05faeede34a9fea7a82ad61db88477af9c06a4442 tzdata-2014b-1.el5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Planned Outage: Mass reboots/Upgrades - 2014-04-01 21:00 UTC

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBCgAGBQJTNdRQAAoJEEs3sNgP+7teaZcP/jo+tRYxML09j0xs8aS0yy/f
7/wFnRM/kFBLjCshUN85cKbcI5VoXLqreysHFEqPA4yVXRik07cY9oxmucOnXpWz
hgv6PVTe7M0tC4mQGoV9pxbGfYVp1KyAK5GwGA2R7isWyNStC0OogGWnmwA9kV9Q
hMZQij5rqrqzwBvFBLl1Gtt+yHQADKyw0Uu43O7e+R/eJEtBj84xNax4t7K7Wbxa
+kpYF/LJjXbfXhgT2r7jbV2TZK76AC5r5r3yErOn17VchWBIBph+kVzc4yX6nI++
pIvmCZ7w0uDb/2AMOieqCoXzaEzDOO4FgJh7V69rYv01QihwVS056o7hpGBuLZg7
Qt0s9kGDQLFw3Buq23VFbP+QtM5SrUntE5z+gF4SbNK6SpRBEZW9rZv0AGU98nlR
D92NwUJFFnsXbzRNQ+/sreoADL9aXdaHT7WoZy5EL/DYgVPpMpeiEtRUVPAE6umL
A9QKmqT/gar5fy0if2NSQXY9hb/F+tAr1Z/erutODcRYSZFfAx6MVusl87KljB5q
4fUaa47HfxZZk6bVGgbJKmrpVS2hoynKJGASODfj63Etmh1MdqaJ20tlsb3Lj/pO
Na58LExj1/nh8Xmc8/Oifkbu5QBEP2pIBJtEXqj+TUPjWTXU4To+KczfktRONJci
RjdzOkkY3Dpj+n4bvYXl
=6G50
-----END PGP SIGNATURE-----
Planned Outage: Mass reboots/Upgrades - 2014-04-01 21:00 UTC

There will be an outage starting at 2014-04-01 21:00 UTC, which will
last approximately 4 hours.

To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto
or run:

date -d '2014-04-01 21:00 UTC'

Reason for outage:

We will be rebooting all servers to pick up the latest system updates.
Additionally we will be upgrading the koji build system to 1.9.0.

During the outage window some services may be down and then back up
again, but no single service should be down more than a few minutes,
and some services may not be affected at all.

Affected Services:

Ask Fedora - http://ask.fedoraproject.org/

Badges - https://badges.fedoraproject.org/

BFO - http://boot.fedoraproject.org/

Blockerbugs - https://qa.fedoraproject.org/blockerbugs/

Bodhi - https://admin.fedoraproject.org/updates/

Buildsystem - http://koji.fedoraproject.org/

GIT / Source Control - pkgs.fedoraproject.org

Darkserver - https://darkserver.fedoraproject.org/

DNS - ns-sb01.fedoraproject.org, ns02.fedoraproject.org,
ns04.fedoraproject.org, ns05.fedoraproject.org

Docs - http://docs.fedoraproject.org/

Elections - https://admin.fedoraproject.org/voting

Email system

Fedmsg busmon - http://apps.fedoraproject.org/busmon

Fedora Account System - https://admin.fedoraproject.org/accounts/

Fedora Community - https://admin.fedoraproject.org/community/

Fedora Calendar - https://apps.fedoraproject.org/calendar/

Fedora Hosted - https://fedorahosted.org/

Fedora OpenID - https://id.fedoraproject.org/

Fedora People - http://fedorapeople.org/

Main Website - http://fedoraproject.org/

Mirror List - https://mirrors.fedoraproject.org/

Mirror Manager - https://admin.fedoraproject.org/mirrormanager/

Package Database - https://admin.fedoraproject.org/pkgdb/

QA Services

Secondary Architectures

Spins - http://spins.fedoraproject.org/

Start - http://start.fedoraproject.org/

Torrent - http://torrent.fedoraproject.org/

Wiki - http://fedoraproject.org/wiki/

Unaffected Services:

Contact Information:

Ticket Link:
https://fedorahosted.org/fedora-infrastructure/ticket/4280

Please join #fedora-admin or #fedora-noc on irc.freenode.net or add
comments to the ticket for this outage above.

Thursday, March 27, 2014

Ubuntu 14.04 LTS (Trusty Tahr) Final Beta released

The Ubuntu team is pleased to announce the final beta release of Ubuntu
14.04 LTS Desktop, Server, Cloud, and Core products.

Codenamed "Trusty Tahr", 14.04 LTS continues Ubuntu's proud tradition
of integrating the latest and greatest open source technologies into a
high-quality, easy-to-use Linux distribution. The team has been hard at
work through this cycle, introducing new features and fixing bugs.

This beta release includes images from not only the Ubuntu Desktop,
Server, Cloud, and Core products, but also the Edubuntu, Kubuntu,
Lubuntu, Ubuntu GNOME, UbuntuKylin, Ubuntu Studio and Xubuntu flavours.

In addition to the above flavours, it's expected that, despite missing
the final beta, Mythbuntu will be participating in the final release.

This is a very exciting LTS (long term support) release for Ubuntu's
family of community flavours, as this is the first time that all of our
flavours have applied and been approved for LTS status, some for the
same five years as Ubuntu itself, and some for a shorter period of three
years. This will be highlighted on a per-flavour basis in the final
release announcement.

The beta images are known to be reasonably free of showstopper CD build
or installer bugs, while representing a very recent snapshot of 14.04
that should be representative of the features intended to ship with the
final release expected on April 17th, 2014.

Ubuntu, Ubuntu Server, Ubuntu Core, Cloud Images:
Trusty Final Beta includes updated versions of most of our core set of
packages, including a current 3.13.6 kernel, a new upstart, and many
more.

To upgrade to Ubuntu 14.04 Final Beta from Ubuntu 13.10, follow these
instructions:

https://help.ubuntu.com/community/TrustyUpgrades

The Ubuntu 14.04 Final Beta images can be downloaded at:

http://www.ubuntu.com/testing/download (Ubuntu and Ubuntu Server)

Additional images can be found at the following links:

http://cloud-images.ubuntu.com/releases/14.04/beta-2/ (Cloud Images)
http://cdimage.ubuntu.com/releases/14.04/beta-2/ (Community Supported)
http://cdimage.ubuntu.com/ubuntu-core/releases/14.04/beta-2/ (Core)
http://cdimage.ubuntu.com/netboot/14.04/ (Netboot)

The full release notes for Ubuntu 14.04 Final Beta can be found at:

https://wiki.ubuntu.com/TrustyTahr/ReleaseNotes

Edubuntu:
Edubuntu is a flavor of Ubuntu designed as a free education oriented
operating system for kids of all ages.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/edubuntu/releases/14.04/beta-2/

More information on the Edubuntu Final Beta cand be found here:
https://wiki.ubuntu.com/TrustyTahr/ReleaseNotes/Edubuntu

Kubuntu:
Kubuntu is the KDE based flavour of Ubuntu. It uses the Plasma desktop
and includes a wide selection of tools from the KDE project.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/kubuntu/releases/14.04/beta-2/

More information on Kubuntu Final Beta can be found here:
https://wiki.ubuntu.com/TrustyTahr/Beta2/Kubuntu

Lubuntu:
Lubuntu is a flavor of Ubuntu that targets to be lighter, less
resource hungry and more energy-efficient by using lightweight
applications and LXDE, The Lightweight X11 Desktop Environment,
as its default GUI.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/lubuntu/releases/14.04/beta-2/

More information on Lubuntu Final Beta can be found here:
https://wiki.ubuntu.com/TrustyTahr/ReleaseNotes/Beta2/Lubuntu

Ubuntu GNOME:
Ubuntu GNOME is a flavor of Ubuntu featuring the GNOME desktop
environment.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntu-gnome/releases/14.04/beta-2/

More information on Ubuntu GNOME Final Beta can be found here:
https://wiki.ubuntu.com/TrustyTahr/Beta2/UbuntuGNOME

UbuntuKylin:
UbuntuKylin is a flavor of Ubuntu that is more suitable for Chinese
users.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntukylin/releases/14.04/beta-2/

More information on UbuntuKylin Final Beta can be found here:
https://wiki.ubuntu.com/UbuntuKylin/1404-beta-2-ReleaseNote

Ubuntu Studio:
Ubuntu Studio is a flavor of Ubuntu that provides a full range of
multimedia content creation applications for each key workflows:
audio, graphics, video, photography and publishing.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntustudio/releases/14.04/beta-2/

More information on Ubuntu Studio Final Beta can be found here:
http://ubuntustudio.org/2014/03/ubuntu-studio-beta-2-is-out/

Xubuntu:
Xubuntu is a flavor of Ubuntu that comes with Xfce, which is a stable,
light and configurable desktop environment.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/xubuntu/releases/14.04/beta-2/

More information on Xubuntu Final Beta can be found here:
https://wiki.ubuntu.com/TrustyTahr/ReleaseNotes/Beta2/Xubuntu

Regular daily images for Ubuntu can be found at:
http://cdimage.ubuntu.com

Ubuntu is a full-featured Linux distribution for clients, servers and
clouds, with a fast and easy installation and regular releases. A
tightly-integrated selection of excellent applications is included, and
an incredible variety of add-on software is just a few clicks away.

Professional technical support is available from Canonical Limited and
hundreds of other companies around the world. For more information
about support, visit http://www.ubuntu.com/support

If you would like to help shape Ubuntu, take a look at the list of ways
you can participate at: http://www.ubuntu.com/community/participate

Your comments, bug reports, patches and suggestions really help us to
improve this and future releases of Ubuntu. Instructions can be
found at: https://help.ubuntu.com/community/ReportingBugs

You can find out more about Ubuntu and about this beta release on our
website, IRC channel and wiki.

To sign up for future Ubuntu announcements, please subscribe to Ubuntu's
very low volume announcement list at:

http://lists.ubuntu.com/mailman/listinfo/ubuntu-announce

On behalf of the entire Ubuntu Release Team,
Adam Conrad

--
ubuntu-announce mailing list
ubuntu-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce

[USN-2157-1] ClamAV update

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJTNGBuAAoJEGVp2FWnRL6TnycP/2gKuYSyueLei10Vuq5rv8ZZ
rlVOzfakomGzOSXmHDcMQOE84tiLWIRfw4krRhmU0rkH5I6+gmmt6jTJlf86288t
k2wfc2ZZni+KbDffYKLLW8sQwFxAjMnWbx51pZ6NDFyYew0YuYaxfPljlq8WPWla
g+zw63yXKU9l8GgCEAs/z7wcSvyqLIYtDIU53N3HdGdwubr2wwqcISUqerji/l+m
pLmA/ptevRd4Uu2RxvZGj8LCtSbASuT+rfoOzaryLrRgMaouJfjDP7k89sAg8VEk
9qGgXOiLMXRahazK6ej8iISw+JgxQdK+z5ct+W+VtM1vM87diQvxEMP8g6IvqRgl
eYHnXBFyG2qilUdoqEM9+VKDNQRT/8eUEmVajppWcPTyvKdzEbeTPNXRfcpOykwT
4QKem+FJErC95IiyAnbvnoZmcndfglcOXzX0AqDRIbmy3oiJlxy3WqrgZQjoPyfu
VjEihDL/lOPu0/ha2NwxvAPq4tps0dsRuzT041jLSCd+oOO5RnJhZlJvI0TfDUWP
cJXOZebOgeRpy70MAhYnvOtVqGX79Dte4yQG1RACEJKg+AVEzZ05yLbERJ6Xltpk
Iov1Sj7pK0qkIzRcEQDOtfd9PDBhAjeFmyVSMIneEDTviFA7SD1rhfWCEuB7CDLS
hspJpALnonTWa8aHczVk
=37Et
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2157-1
March 27, 2014

clamav update
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS

Summary:

ClamAV has been updated to a new version.

Software Description:
- clamav: Anti-virus utility for Unix

Details:

This updates ClamAV to a new major version in order to gain new detection
technologies and maintain proper compatibility with the virus signature
database.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
clamav 0.98.1+dfsg-4ubuntu1~ubuntu13.10.2

Ubuntu 12.10:
clamav 0.98.1+dfsg-4ubuntu1~ubuntu12.10.2

Ubuntu 12.04 LTS:
clamav 0.98.1+dfsg-4ubuntu1~ubuntu12.04.2

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
http://www.ubuntu.com/usn/usn-2157-1
https://launchpad.net/bugs/1296856

Package Information:
https://launchpad.net/ubuntu/+source/clamav/0.98.1+dfsg-4ubuntu1~ubuntu13.10.2
https://launchpad.net/ubuntu/+source/clamav/0.98.1+dfsg-4ubuntu1~ubuntu12.10.2
https://launchpad.net/ubuntu/+source/clamav/0.98.1+dfsg-4ubuntu1~ubuntu12.04.2

[CentOS-announce] CEBA-2014:0337 CentOS 6 syslinux Update

CentOS Errata and Bugfix Advisory 2014:0337

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0337.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
524876f0e9d8486d826ca28015a528963dad43aaf9dd1d62d377c56e946c1599 syslinux-4.02-9.el6_5.i686.rpm
0939e1dbf7c36c868bf47edd858084942bd8e2482ec55d1deee1967b80891791 syslinux-devel-4.02-9.el6_5.i686.rpm
aa92ec3fb827166e5f17e15faf0f3830eea5b39b2ab83e0207d3e3aca72e3562 syslinux-extlinux-4.02-9.el6_5.i686.rpm
d939a16eba01617352eb1589a34d2e270945edeabac0e4a0f64c9f7b3feb68fa syslinux-perl-4.02-9.el6_5.i686.rpm
7415b6e1ce6470bfdf53125e4a3eff09cd30109f6351fa1c689d4518d59b5d3b syslinux-tftpboot-4.02-9.el6_5.i686.rpm

x86_64:
1d5a68f9ba89eaae412f5bd175cf246e4df5d4df5018faf86df3a09f90636d53 syslinux-4.02-9.el6_5.x86_64.rpm
0939e1dbf7c36c868bf47edd858084942bd8e2482ec55d1deee1967b80891791 syslinux-devel-4.02-9.el6_5.i686.rpm
57c163b900d19e3e054ef511aa5bdaae4ee3b48dd636d9e79c4fa337ffa41f72 syslinux-devel-4.02-9.el6_5.x86_64.rpm
34fbdab37f48a4e46971d4e4da0e896784efe0e5ab4ce12edae036047ddf9c9b syslinux-extlinux-4.02-9.el6_5.x86_64.rpm
745d1f968094815f169220569dd6db18a4df847faf92cf155624dfb1043202c9 syslinux-perl-4.02-9.el6_5.x86_64.rpm
3dfcc3ce5d297cc70c874aadd9f57dac234cd79d0884126a897337aee7df60e2 syslinux-tftpboot-4.02-9.el6_5.x86_64.rpm

Source:
8e6a2fad98b15fec74ef93b26022daf2b55862168520cff6e5d32c510d39c146 syslinux-4.02-9.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0336 CentOS 6 resource-agents Update

CentOS Errata and Bugfix Advisory 2014:0336

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0336.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
5be2e26cc59bddf25e838d52e510b7cc6767d343c5c0911ef2157db466218c9f resource-agents-3.9.2-40.el6_5.7.i686.rpm
9dc6b29a5ffb3cae6ed21535c4f82f0a048b3b4886436dee6a75892fa62e1c68 resource-agents-sap-3.9.2-40.el6_5.7.i686.rpm

x86_64:
7e1bd49361ff213dbc626e5adad737576a0222885ae6b147cfaa6fb0fd00ed72 resource-agents-3.9.2-40.el6_5.7.x86_64.rpm
0ce0f88bc2e89ab0d4b7cc15c90c1bc3fee9ad292accf110d6c2062588aec3b9 resource-agents-sap-3.9.2-40.el6_5.7.x86_64.rpm

Source:
cf6f2ba6ea4fb7a75d63bdd79278a27fc6acda9ed17d2745b2a514245a79ba71 resource-agents-3.9.2-40.el6_5.7.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2014:0330 Moderate CentOS 6 samba Update

CentOS Errata and Security Advisory 2014:0330 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0330.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
a9408ead92720322953d6138949e0a5570002d467c3d4d3a59993f41066865cb libsmbclient-3.6.9-168.el6_5.i686.rpm
37a8cfe3e2717f0b88b28bf7f2c3e54f0a04bf2bd60b2bc9f752f2af051be6e8 libsmbclient-devel-3.6.9-168.el6_5.i686.rpm
2cf8d728db2ebee433525623aae4c8b205e1628eb282bf2dc6bed1c8451b22eb samba-3.6.9-168.el6_5.i686.rpm
e08443f7162cd8b0f922d90d15531be8a2af71e55df1a1b3f835ea70c4afccc4 samba-client-3.6.9-168.el6_5.i686.rpm
b0a555f1b7b13d832a097c1b37a7f0d1e64ff21fa6ee73f7a309d824acdc4183 samba-common-3.6.9-168.el6_5.i686.rpm
57d0967d574ccb82a7c292355f12ba082160d63042352b0759e950706ac7724d samba-doc-3.6.9-168.el6_5.i686.rpm
d2153ee76d3c197185e29d364a10e27939ec22699bb06e5b0904497c87930b30 samba-domainjoin-gui-3.6.9-168.el6_5.i686.rpm
9dc4ed1d09781b1adc2ec939ab18ead0c3cd32aa9e11eab9bf523e84fd624d0c samba-swat-3.6.9-168.el6_5.i686.rpm
d610f3fa1f6ea25179105c9b7f0262c1e2498e5e44faad98e7f817e1b09f0b41 samba-winbind-3.6.9-168.el6_5.i686.rpm
a5b7515883a9d8fbe257ded39a4d32dae7ffd314ed1884004d59fd35589cc11f samba-winbind-clients-3.6.9-168.el6_5.i686.rpm
ed8ee128dcc0709177abb763c2ccc42d1da9a74ad903ee4f7bf2cb2a5c68bc6f samba-winbind-devel-3.6.9-168.el6_5.i686.rpm
99aedda8cac935709737bc1d3167e8af11dd643d85adf54046174e3ca576c22b samba-winbind-krb5-locator-3.6.9-168.el6_5.i686.rpm

x86_64:
a9408ead92720322953d6138949e0a5570002d467c3d4d3a59993f41066865cb libsmbclient-3.6.9-168.el6_5.i686.rpm
72e681dfa4d2c2db3f76844d3de0e299b10cd1e57e0f171847033aa6b102fbdc libsmbclient-3.6.9-168.el6_5.x86_64.rpm
37a8cfe3e2717f0b88b28bf7f2c3e54f0a04bf2bd60b2bc9f752f2af051be6e8 libsmbclient-devel-3.6.9-168.el6_5.i686.rpm
c412ae6e520a7f1addbfb9306eca1d69cd57c2f9eb71af99b400bb5fd54c7117 libsmbclient-devel-3.6.9-168.el6_5.x86_64.rpm
77dc97558b0f73c7ec796af311fb221234a68b7984d54bfafac0cc6b87208289 samba-3.6.9-168.el6_5.x86_64.rpm
14b976fafe3f070b434e9228017bef1f2e38e541566bf092ab1236965183cdfc samba-client-3.6.9-168.el6_5.x86_64.rpm
b0a555f1b7b13d832a097c1b37a7f0d1e64ff21fa6ee73f7a309d824acdc4183 samba-common-3.6.9-168.el6_5.i686.rpm
0d95f8c9a58563d3f583c66388b2bcf312d3e0c50031c07de12d7cab0224d6cf samba-common-3.6.9-168.el6_5.x86_64.rpm
9cd47b7a93c32c8de5cd9e8fe31493433b0ad46d21e5d8d0419af0479500d673 samba-doc-3.6.9-168.el6_5.x86_64.rpm
8e62c900138be389375b2ffeb5740e858fb9d52581b76397e5087ec1eef3f8a3 samba-domainjoin-gui-3.6.9-168.el6_5.x86_64.rpm
32b213f018ab8383966ec4851942d5264e1855ff1ac74e76e7ae563301d435ac samba-swat-3.6.9-168.el6_5.x86_64.rpm
143154349b732c759ba554cf12b1fa7f03dd36f83f87235f5fb7ef91374e541b samba-winbind-3.6.9-168.el6_5.x86_64.rpm
a5b7515883a9d8fbe257ded39a4d32dae7ffd314ed1884004d59fd35589cc11f samba-winbind-clients-3.6.9-168.el6_5.i686.rpm
725ebaa50ad38817d8e99dae2aef2ab7fc872d45ec4f3fb835769b28f8e5c27e samba-winbind-clients-3.6.9-168.el6_5.x86_64.rpm
ed8ee128dcc0709177abb763c2ccc42d1da9a74ad903ee4f7bf2cb2a5c68bc6f samba-winbind-devel-3.6.9-168.el6_5.i686.rpm
50796ab27e7f6dcead6290da027a73746484ae866df8974ca8625902eef03bb4 samba-winbind-devel-3.6.9-168.el6_5.x86_64.rpm
770f2d7b5d7d3e4ebede8df0aa8582f09901913985f5177e5c143c21bec42bbf samba-winbind-krb5-locator-3.6.9-168.el6_5.x86_64.rpm

Source:
61c421ad3d3d1dddf881404b12fc25502becc75d2645e4d160da7426b2ac27a1 samba-3.6.9-168.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Wednesday, March 26, 2014

[USN-2156-1] Samba vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJTMxcCAAoJEGVp2FWnRL6TTK4QAKpBoifICvx6TDbZ3eqTH4tu
6HtATTScV+8A5zhIf37msbZNWnKSNMbt9mgZGmNqQKK7uZKl84+taoOu61LoatYP
rzoqSs5ZvNofyDiJPVwhSocBMXB2lXCxjJt4TLGN0Ciy9NOLOIGeRKTID+/DqHeP
5cCmBbeskh9iV6rEGxXVBZ0GWX2iTsjCh/S7tPUSlYL41jcAb/dLRVkJl1yJezsu
okSTsqw1dAWZaGrDqATl2oZ1G7x36bXBh3lZkJzEbezbgR3rKcdzHMpnvvS34Qvm
xgEc6T9MoTru2EFeCBz6wqrat3tVuwZTE5NC77jznI0d34h4eBGwijcvnoL6IIYb
uQfknS47TJrGGb22nDpDMPMK7oFZkKz4FtfiXp9ay82k2rdsCU56PdpWbAGrca5L
DiLIHEzHgva7w90e8fiOnuZ9IRb3Hzb+Oni3gbR7b0CwNga9uUpQtwfYGfLDsuxe
BdvAlv0+l0jgb2XBx07YvAnBtCq16qe4QoTNAYl4DcXkVC71ebj22Wx0I4v+lFie
MtEWIHseeN+GT/brpw7+2KR2mOI1/3pvjpqOwT45g3z80m75C9Zt6dGtl5DJOgeg
To4uKIPDX4ktu3Vyv40PVVhXKUvlI1uuThwpK7ZuNt9bEv0fZYptvp9ViHa02DKV
0/gbPeaOpOdqTOZQYFPL
=XQnt
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2156-1
March 26, 2014

samba vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

Samba did not properly enforce the password guessing protection mechanism.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

Andrew Bartlett discovered that Samba did not properly enforce the
password guessing protection mechanism for all interfaces. A remote
attacker could use this issue to possibly attempt to brute force user
passwords.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
samba 2:3.6.18-1ubuntu3.2

Ubuntu 12.10:
samba 2:3.6.6-3ubuntu5.4

Ubuntu 12.04 LTS:
samba 2:3.6.3-2ubuntu2.10

Ubuntu 10.04 LTS:
samba 2:3.4.7~dfsg-1ubuntu3.14

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2156-1
CVE-2013-4496

Package Information:
https://launchpad.net/ubuntu/+source/samba/2:3.6.18-1ubuntu3.2
https://launchpad.net/ubuntu/+source/samba/2:3.6.6-3ubuntu5.4
https://launchpad.net/ubuntu/+source/samba/2:3.6.3-2ubuntu2.10
https://launchpad.net/ubuntu/+source/samba/2:3.4.7~dfsg-1ubuntu3.14

[announce] NYC*BUG Tuesday April 1

IMPORTANT: note that this meeting is 715 PM on Tuesday April 1 at NYU,
not our usual Wednesday at Suspenders.

We strongly encourage you to review the relevant posts and white papers
listed below. This should be a fascinating meeting, and the more you
put in, the more you'll get out of it.

For those unable to attend, the meeting *should* be streamed. The URL
will be posted in an upcoming announce. Of course, no guarantees that
it will work.

******

Tuesday, April 1
Secure Random Number Generators, Yevgeniy Dodis
19:15, NYU, Warren Weaver Hall (251 Mercer St), WWH 101

Abstract

We will discuss how to design (and not design) secure Random Number
Generators. In particular, we will show attacks on Linux /dev/random,
present first theoretical analysis on the Windows 8 RNG Fortuna, and
talk about the importance of provable security.

We will follow these papers:

http://eprint.iacr.org/2013/338
http://eprint.iacr.org/2014/167

Recent and relevant blog posts:

https://www.schneier.com/blog/archives/2014/03/the_security_of_7.html
https://www.schneier.com/blog/archives/2013/10/insecurities_in.html
http://it.slashdot.org/story/13/10/14/2318211/linux-rng-may-be-insecure-after-all

Speaker Bio

Yevgeniy Dodis is a Professor of computer science at New York
University. Dr. Dodis received his summa cum laude Bachelors degree in
Mathematics and Computer Science from New York University in 1996, and
his PhD degree in Computer Science from MIT in 2000. Dr. Dodis was a
post-doc at IBM T.J.Watson Research center in 2000, and joined New York
University as an Assistant Professor in 2001. He was promoted to
Associate Professor in 2007 and Full Professor in 2012.

Dr. Dodis' research is primarily in cryptography and network security.
In particular, he worked in a variety of areas including
leakage-resilient cryptography, cryptography under weak randomness,
cryptography with biometrics and other noisy data, hash function and
block cipher design, protocol composition and information-theoretic
cryptography. Dr. Dodis has more than 100 scientific publications at
various conferences, journals and other venues, was the Program co-Chair
for the 2015 Theory of Cryptography Conference, has been on program
committees of many international conferences (including FOCS, STOC,
CRYPTO and Eurocrypt), and gave numerous invited lectures and courses at
various venues.

Dr. Dodis is the recipient of National Science Foundation CAREER Award,
Faculty Awards from IBM, Google and VMware, and Best Paper Award at 2005
Public Key Cryptography Conference. As an undergraduate student, he was
also a winner of the US-Canada Putnam Mathematical Competition in 1995.
_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce

F21 Self Contained Change: Apache Mesos

= Proposed Self Contained Change: Apache Mesos =
https://fedoraproject.org/wiki/Changes/ApacheMesos

Change owner(s): Timothy St. Clair <tstclair@redhat.com>

Apache Mesos [1] is a cluster manager for sharing distributed application
frameworks. This change brings Mesos to Fedora, which many have called a
micro-kernel for the data center.

== Detailed Description ==
Apache Mesos is a cluster manager that provides efficient resource isolation
and sharing across distributed applications, or frameworks. It can run Hadoop,
MPI, Hypertable, Spark, and other applications on a dynamically shared pool of
nodes.

== Scope ==
* Proposal owners: Currently our Mesos package has been accepted into Fedora.
It should feature all of the functionality available from the upstream
release.
* Other developers: N/A (not a System Wide Change)
* Release engineering: N/A (not a System Wide Change)
* Policies and guidelines: N/A (not a System Wide Change)

[1] http://mesos.apache.org/
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

F21 Self Contained Change: DNSSEC support for FreeIPA

= Proposed Self Contained Change: DNSSEC support for FreeIPA =
https://fedoraproject.org/wiki/Changes/IPAv3DNSSEC

Change owner(s): Petr Špaček <pspacek@redhat.com>

FreeIPA with integrated DNS server will support serving of DNSSEC secured
zones and automatic DNSSEC key maintenance.

This first version will have only the very basic functionality with limited
user interface and limited resiliency. Next versions (to be delivered in
Fedora 22 time frame) will improve resiliency and user interface
significantly.

== Detailed Description ==
DNS server integrated to FreeIPA in Fedora 20 is not able to serve signed DNS
zones. New version of FreeIPA and bind-dyndb-ldap adds support for DNSSEC.
Zone maintenance (like perioding zone re-signing etc.) will be handled
automatically, so the administrative overhead should be minimal.

== Scope ==
* Proposal owners: This change requires major rewrite of bind-dyndb-ldap
package, some isolated changes in packages freeipa* and it's integration with
OpenDNSSEC for key rotation.
* Other developers: FreeIPA team has to prepare user interface for this
feature. (not a System Wide Change)
* Release engineering: N/A (not a System Wide Change)
* Policies and guidelines: N/A (not a System Wide Change)
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

F21 System Wide Change: PrivateDevices=yes and PrivateNetwork=yes For Long-Running Services

= Proposed System Wide Change: PrivateDevices=yes and PrivateNetwork=yes For
Long-Running Services =
https://fedoraproject.org/wiki/Changes/PrivateDevicesAndPrivateNetwork

Change owner(s): Lennart Poettering <lennart at poettering dot net>, Dan
Walsh, Kay Sievers

Let's make Fedora more secure by default! Recent systemd versions provide two
per-service switches PrivateDevices=yes/no and PrivateNetwork=yes/no which
enable services to run without access to any physical devices in /dev, or
without access to kind of network sockets. So far this has seen little use in
Fedora, and with this Fedora Change we'd like to change this, and enable these
for all long-running services that do not require device/network access.

== Detailed Description ==
When PrivateDevices=yes is set in the [Service] section of a systemd service
unit file, the processes run for the service will run in a private file system
namespace where /dev is replaced by a minimal version that only includes the
device nodes /dev/null, /dev/zero, /dev/full, /dev/urandom, /dev/random,
/dev/tty as well as the submounts /dev/shm, /dev/pts, /dev/mqueue,
/dev/hugepages, and the /dev/stdout, /dev/stderr, /dev/stdin symlinks. No
device nodes for physical devices will be included however. Furthermore, the
CAP_MKNOD capability is removed. Finally, the "devices" cgroup controller is
used to ensure that no access to device nodes except the listed ones is
possible. This is an efficient way to take away physical device access for
services, thus minimizing the attack surface.

When PrivateNetwork=yes is set in the [Service] section of a systemd service
unit file, the processes run for the service will run in a private network
namespace whith a private loopback network interface, and no other network
devices. Network communication between host and service can not be initiated.
This is an efficient way to take away network access for services, thus
minimizing the attack surface.

By default both switches default to "no".

Note that PrivateDevices=yes should not be used for:

1. Services that actually require physical device access
2. Services which may be used to execute arbitrary user or administrator
supplied programs (such as cron, ...). We shouldn't limit what people can do
with these services.
3. This option creates a new file system namespace where mount/umount
propagation is turned off back into the host. This means that mounts made by
the service will stay private to the service. Thus this option should not be
used by services which shall be able to establish mounts in the host.

Note that PrivateNetwork=yes should not be used for:

1. Services that actually require network access (with the exception of
daemons only needing socket activation)
2. Services which may be used to execute arbitrary user or administrator
supplied programs. (see above)
3. Services which might need to resolve non-system user and group names.
Since on some setups resolving non-system users might require network access
to an LDAP or NIS server, enabling this option on might break resolving of
these user names. Note however that system users/groups are always resolvable
even without network access. Hence it is safe to enable this option for
daemons which just need to resolve their own system user or group name.
4. This also disconnects the AF_UNIX abstract namespace from the host (In
case you wonder what this refers to: sockets listed in /proc/net/unix that
start with an @ are in the abstract namespace, those which start in / are in
the file system namespace). This means that services which listen or connect
to AF_UNIX sockets in the abstract namespaces might break. AF_UNIX sockets in
the file system continue to work correctly even with PrivateNetwork=yes. We
strongly recommend anyway to stop using abstract namespace AF_UNIX sockets, as
they bring very little benefit these days. If your package uses them please
consider moving them into the file system into a subdirectory in /run (system
services) or $XDG_RUNTIME_DIR (user services).
5. This also disconnects the AF_NETLINK and AF_AUDIT socket families from
the host. For services requiring auditing, that need to subscribe to network
configuration changes, or want to subscribe to hardware devices coming and
going (udev) PrivateNetwork=yes cannot be used hence.

The focus for this change is to turn one or both switches on, primarily on
long-running services, and not on services that quickly run at boot and do not
stay running continuously afterwards.

== Scope ==
* Proposal owners:
We'll file a number of bugs to more important packages where
PrivateDevices=yes and/or PrivateNetwork=yes might be applicable.

We'll also update systemd itself to make use of these options for all its own
services, where this is applicable. (DONE)

* Other developers:
Fedora developers should check whether their long-running services might be
candidates for PrivateDevices=yes and/or PrivateNetwork=yes, and if so set
these settings for their services.

* Release engineering:
Nothing required.

* Policies and guidelines:
It might be nice to update the packaging policies to also recommend making use
of these settings.

_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[CentOS-announce] CEBA-2014:0333 CentOS 6 man-pages-overrides Update

CentOS Errata and Bugfix Advisory 2014:0333

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0333.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
387d1b18affef08a2216039ff4a9f24c75e3a5e8ab676601a45a89063143c648 man-pages-overrides-6.5.3-1.el6_5.noarch.rpm

x86_64:
387d1b18affef08a2216039ff4a9f24c75e3a5e8ab676601a45a89063143c648 man-pages-overrides-6.5.3-1.el6_5.noarch.rpm

Source:
8bad5d5adca1db5cb03aa5d6814d482cf84bd818f08627bd82362d89782bbebc man-pages-overrides-6.5.3-1.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Summary of accepted Fedora 21 Changes - week 12

Greetings!
This is a summary of FESCo's accepted Fedora 21 Changes for week 12
(2014-03-19 meeting).

Reminder: the Change Submission deadline for System Wide Change is due in less
than two weeks!

= System Wide Changes =
* u-boot syslinux by default
URL: ​https://fedoraproject.org/wiki/Changes/u-boot_syslinux
Announcement: ​https://lists.fedoraproject.org/pipermail/devel/2014-March/196448.html

Add syslinux support to u-boot enabling both pxelinux and extlinux support.
simplifying booting arm machines, making anaconda installs easy and overall
providing for a better user experience. Default u-boot to using syslinux
config files for booting. pxelinux for network and extlinux for local booting.
u-boot is the bootloader used on ARM systems in Fedora so the scope of this
change is limited to ARM hardware only.

* jQuery
URL: https://fedoraproject.org/wiki/Changes/jQuery
Announcement: https://lists.fedoraproject.org/pipermail/devel/2014-March/196411.html

jQuery is a fast, small, and feature-rich JavaScript? library. It makes
things like HTML document traversal and manipulation, event handling,
animation, and Ajax much simpler with an easy-to-use API that works across a
multitude of browsers. With a combination of versatility and extensibility,
jQuery has changed the way that millions of people write JavaScript?.

Traditionally, a copy of jQuery has been included with every web application
that requires it. This change will migrate many of those applications to a
shared system copy of jQuery. Both the 1.x branch of jQuery that supports
Internet Explorer 6 and the 2.x branch of jQuery that only works with modern
web browsers will be provided.

* Xorg without root rights
URL: https://fedoraproject.org/wiki/Changes/XorgWithoutRootRights
Announcement: https://lists.fedoraproject.org/pipermail/devel/2014-March/196534.html

The Xorg xserver is a large piece of software which currently runs as root,
making it a potential vector for attacks against the system. With recent
changes made to systemd-logind it is possible for the xserver to let systemd-
logind do device management for it, at which point the xserver will no longer
need root rights. Initially this will likely be implemented as the xserver
dropping root rights early on.

= Self Contained Changes =
* Allwinner sunxi (A10 / A13 / A20) ARM SoC support​
URL: https://fedoraproject.org/wiki/Changes/AllwinnerSunxiSupport
Announcement: ​https://lists.fedoraproject.org/pipermail/devel/2014-March/196231.html

Allwinner A10 / A13 / A20 SoCs? are used in a number of popular low cost arm
development boards and arm mini computers. Currently Fedora ARM is supported
on these devices through a Remix. Allwinner kernel support is progressing
rapidly upstream, and with this upstream kernel support it should be possible
to support Allwinner SoCs? in the official Fedora ARM images, without the need
for a remix.

* Add amd map parser to autofs
URL: https://fedoraproject.org/wiki/Changes/Add_amd_map_parser_to_autofs
Announcement: https://lists.fedoraproject.org/pipermail/devel/2014-March/196372.html

The am-utils package provides automount services for automount maps that use
an amd format. However, the am-utils project has not been actively maintained
for quite a while now.

The am-utils package in Fedora has significant problems that are not easily
resolved so an amd format parser is to be added to the autofs package.

* CUPS Journal Logging
URL: https://fedoraproject.org/wiki/Changes/CupsJournalLogging
Announcement: https://fedoraproject.org/wiki/Changes/CupsJournalLogging

By default, CUPS will send log output to the system journal rather than
/var/log/cups/error_log.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

F21 Self Contained Change: Amplab Tachyon

= Proposed Self Contained Change: Amplab Tachyon =
https://fedoraproject.org/wiki/Changes/AmplabTachyon

Change owner(s): Timothy St. Clair <tstclair@redhat.com>

Amplab-Tachyon [1] is a fault tolerant distributed file system enabling
reliable file sharing at memory-speed across cluster frameworks.

== Detailed Description ==
Amplab-Tachyon is a fault tolerant distributed file system enabling reliable
file sharing at memory-speed across cluster frameworks, such as Spark and
MapReduce. It achieves high performance by leveraging lineage information and
using memory aggressively. Amplab-Tachyon caches working set files in memory
thereby avoiding going to disk to load datasets that are frequently read. This
enables different jobs/queries and frameworks to access cached files at memory
speed.

== Scope ==
* Proposal owners: Currently our Amplab-Tachyon package has been accepted into
Fedora. It should feature all of the functionality available from the upstream
release.
* Other developers: N/A (not a System Wide Change)
* Release engineering: N/A (not a System Wide Change)
* Policies and guidelines: N/A (not a System Wide Change)

[1] http://tachyon-project.org/index.html
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

[HEADS UP] Update to Django-1.6, even for f20

On Tue, Mar 18, 2014 at 08:17:36AM -0400, Stephen Gallagher wrote:
> When this goes to updates-testing for F20, please make a
> devel-announce post describing what changes that Django package owners
> should make in order to keep their package on Django 1.5 or older if
> they need to.

Earlier today, I've built Django-1.6 for Rawhide and for F20 as well and
submitted the upgrade to f20-testing via bodhi[1]. Please test
and leave karma there.

If you're a packager and your package requires an older Django version,
please change your package to require python-django15 and add

from pkg_resources import require
require('Django>=1.5,<1.6')

to appropriate location(s) in your package. There is a blog post[2] on
how to consume older versions of Django. Even if the update to
Django-1.6 won't make it to stable, it should be safe to change your
package anyways, as older Django versions will be retired sooner or
later.

If you require help, please contact me off list.

Thanks,
Matthias

[1] https://admin.fedoraproject.org/updates/python-django-1.6.2-1.fc20
[2] https://www.matthias-runge.de/2014/03/26/fedora-django-1-6/
--
Matthias Runge <mrunge@matthias-runge.de>
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Tuesday, March 25, 2014

[CentOS-announce] CESA-2014:0328 Important CentOS 6 kernel Update

CentOS Errata and Security Advisory 2014:0328 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0328.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
5c28b49df7bbb5265494e1d86bf1b78376712659a97759c10575a92d9c5e8596 kernel-2.6.32-431.11.2.el6.i686.rpm
c8ff9fd5252ec4dcda097f0d1982a40c8ffeaf304f3bb4f5c8b0303cc913ebd7 kernel-abi-whitelists-2.6.32-431.11.2.el6.noarch.rpm
fb8779fcfc93a3ad7a1801208608d1da349548ae4dac97debd9944328e823d2e kernel-debug-2.6.32-431.11.2.el6.i686.rpm
d07345b943522f969c2f2a686262d0f0ac9a14ce16e7c1c77fb8fd8b7423847d kernel-debug-devel-2.6.32-431.11.2.el6.i686.rpm
f9e5654c087affe2b07676ccb7a3a41d68d905d6581f22d3d943d6d52358c652 kernel-devel-2.6.32-431.11.2.el6.i686.rpm
b964bbca0cf10b8efe9007a400806bf5b46165703f860be8275b95a4b4501e9f kernel-doc-2.6.32-431.11.2.el6.noarch.rpm
bfef19058b363179d474cca7a71ef85142662797b229305a363b116c1a54a417 kernel-firmware-2.6.32-431.11.2.el6.noarch.rpm
331e73a9b1e77d6bfbde942df0faff952200bbfde489f2a9a1375576e0317fa6 kernel-headers-2.6.32-431.11.2.el6.i686.rpm
4f2378f0fdcfe84a20d95dc25c66c2370fc86d3771918ee873c898ef756af31b perf-2.6.32-431.11.2.el6.i686.rpm
2e89538f783cbea2bf0a47d74cd8959f7d71109857afefde218d396178cd77d0 python-perf-2.6.32-431.11.2.el6.i686.rpm

x86_64:
180db0d389a84dc4d487f4aa6abc560a8f7d5a57f8e58806a261a505fec7fb02 kernel-2.6.32-431.11.2.el6.x86_64.rpm
c8ff9fd5252ec4dcda097f0d1982a40c8ffeaf304f3bb4f5c8b0303cc913ebd7 kernel-abi-whitelists-2.6.32-431.11.2.el6.noarch.rpm
453de76a3785e98e23dab0b7e5a7cc3f0a2421ae0542137c8917bd5cc433fb79 kernel-debug-2.6.32-431.11.2.el6.x86_64.rpm
76b51f4f7bf41410c8936d472aec1f61f42c6a89552560ffbf8a27c7476ad2c8 kernel-debug-devel-2.6.32-431.11.2.el6.x86_64.rpm
23a81721befdfddda90b104e6999516e20b53bc26bb5f7574c6c4c527edb7c09 kernel-devel-2.6.32-431.11.2.el6.x86_64.rpm
b964bbca0cf10b8efe9007a400806bf5b46165703f860be8275b95a4b4501e9f kernel-doc-2.6.32-431.11.2.el6.noarch.rpm
bfef19058b363179d474cca7a71ef85142662797b229305a363b116c1a54a417 kernel-firmware-2.6.32-431.11.2.el6.noarch.rpm
98e795a4cb6dba3e1dc8e54128e24b587d7694bc7a8ff65c4e512f644f62bfde kernel-headers-2.6.32-431.11.2.el6.x86_64.rpm
95ce7b21f56a106c3d4c56731d835a4e23c0fbb32a10ff8e92daf1a375cce00c perf-2.6.32-431.11.2.el6.x86_64.rpm
2f5458be327f408ed5177713b33d81dbc645f36c9c01b5ff4f32b12a9560e732 python-perf-2.6.32-431.11.2.el6.x86_64.rpm

Source:
a381bf1e5a9fde9566bb85254827c622fbba7288d7cdf0e1a65dba837361b422 kernel-2.6.32-431.11.2.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0332 CentOS 6 star Update

CentOS Errata and Bugfix Advisory 2014:0332

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0332.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
716bdf769d14cae77f779b26ebaf238dfc48f6c5e706831894e8fd076860d566 star-1.5-11.1.el6_5.i686.rpm

x86_64:
424d5bac4c64783c096c7f2c18f5f6f976ceeb5486de5b04f91c5fb759f0a807 star-1.5-11.1.el6_5.x86_64.rpm

Source:
f3ce1dc4ba1930900f966d4151b49ba3ffcd648654ccf811342dd1ed568c5579 star-1.5-11.1.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[USN-2155-1] OpenSSH vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJTMZ4eAAoJEGVp2FWnRL6TG88P/1yEnFO2PLOjP+IAeP32SCN4
CVoV3GQgBmMZxNFA2zTUriKbsPrlBNUZENsi3j2DGGIVdmEjlZvfwduO208ribm+
j/hegrLO+ZjuvRvSyHxCzROyFtAn4aMBFy7hZmId2ZPaDgDVLWWXB1Ov8+X/xpYs
qqmmrlpteXpG7vBGFRlIqfylaXOzPHCTDVr6uWXwBtgv8+eb9/l2grlsywQhSwVM
bXqdeBR0UvnS6OJr67/QL6CZK3j0VWSJIGFnieDDlrc9/doJG796tFDQ0ixG01Jj
wD5r8pby8PFjvGHMTu9je7iY0BKmP+qCXr/VB7NQ/WShNVYCF7C34pTFK2kTgSf0
9stBUuxIVBPlsAAuPn3fF8GkJDQtV8INiaV9BXM9JToxZUyPLh6V3PYZgt24vsfU
gZV3u/3kcMYcF66erfvZIVVpNJ5KXIWqhpXsNXWbqlO1izS8zgVRfAUWYqC31MQq
jIi+wbzbGJw4PX99K8roGKYDxeCKl/dGGPPqYqv2pfBfxh23oJ5q03HyWC4ddWNX
uSNxuG45lip1KsQwKX4ZwrbghGqHYw8/yNTM1l6BYUk7H1w0S5ZpjLQoAIMFmlIv
/xuPXy/S1niHswmSa+1VJVuJxA3QDTqI7KX0GY5I4oCXoYVnEYWmW8xiI0KCjFkW
M9O61obJ55AIPgwYzy4s
=G1nZ
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2155-1
March 25, 2014

openssh vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

OpenSSH incorrectly handled environment restrictions with wildcards.

Software Description:
- openssh: secure shell (SSH) for secure access to remote machines

Details:

Jann Horn discovered that OpenSSH incorrectly handled wildcards in
AcceptEnv lines. A remote attacker could use this issue to possibly bypass
certain intended environment variable restrictions.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
openssh-server 1:6.2p2-6ubuntu0.2

Ubuntu 12.10:
openssh-server 1:6.0p1-3ubuntu1.1

Ubuntu 12.04 LTS:
openssh-server 1:5.9p1-5ubuntu1.2

Ubuntu 10.04 LTS:
openssh-server 1:5.3p1-3ubuntu7.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2155-1
CVE-2014-2532

Package Information:
https://launchpad.net/ubuntu/+source/openssh/1:6.2p2-6ubuntu0.2
https://launchpad.net/ubuntu/+source/openssh/1:6.0p1-3ubuntu1.1
https://launchpad.net/ubuntu/+source/openssh/1:5.9p1-5ubuntu1.2
https://launchpad.net/ubuntu/+source/openssh/1:5.3p1-3ubuntu7.1

[CentOS-announce] CESA-2014:0330 Moderate CentOS 5 samba3x Update

CentOS Errata and Security Advisory 2014:0330 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0330.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
155627437b522531e1150a2523426c96885ffae7d899c7a14a8e0ccb4212720c samba3x-3.6.6-0.139.el5_10.i386.rpm
31d202278c5ed51e35cbb3433bc96af07f47ec774681e3d4c3193ef2e6d2f5cf samba3x-client-3.6.6-0.139.el5_10.i386.rpm
d5634735a9505200ec1b2f795dfb114ed009427d5d8bb70bc9bb7e28044edebe samba3x-common-3.6.6-0.139.el5_10.i386.rpm
c83582e7d2924acc02a1cb952cfc163e49ecc0f7e06d93c542673e1278fa57c7 samba3x-doc-3.6.6-0.139.el5_10.i386.rpm
8a978d8dc038a7cd5eb592f3946c7a3e8199ca7553b2ed5c9467a094c9904ffe samba3x-domainjoin-gui-3.6.6-0.139.el5_10.i386.rpm
687d83faa9c9ae20c7d4f5f53f87d6423c566fb9638a56aca4657f7cc0f087cc samba3x-swat-3.6.6-0.139.el5_10.i386.rpm
a172e76db16cee5da3384b19095be82d2604c1a34db64b70dc199775744b860a samba3x-winbind-3.6.6-0.139.el5_10.i386.rpm
2100f0ddda6edcebb1794c2f764294a1950040012a4189f7ee935ca823e68120 samba3x-winbind-devel-3.6.6-0.139.el5_10.i386.rpm

x86_64:
167c3dc4b652d64d20f6840d56e225f2f6b596c7df238ad67e14f91541e52dc1 samba3x-3.6.6-0.139.el5_10.x86_64.rpm
8862ba8d8e635b10c4994ff83f6ef91c8fe80171d04931d3d91439f152d47ba4 samba3x-client-3.6.6-0.139.el5_10.x86_64.rpm
a0565b210c672d10aa7ccf61bedd0c2f48f0bc7dbfb765529ec2889861e60394 samba3x-common-3.6.6-0.139.el5_10.x86_64.rpm
97e93f19313eb2cfb5397b45033b8a8abd4f3ebf0d9dae6967c46f19a5194493 samba3x-doc-3.6.6-0.139.el5_10.x86_64.rpm
79ea0843893c870cfa753a6f58b15246f2c472c5ad4e7671cb14058d3c9c34d3 samba3x-domainjoin-gui-3.6.6-0.139.el5_10.x86_64.rpm
3b69070948f1ccb72ec0004680742a5087ee5d15520481034176ae505fb4febc samba3x-swat-3.6.6-0.139.el5_10.x86_64.rpm
a172e76db16cee5da3384b19095be82d2604c1a34db64b70dc199775744b860a samba3x-winbind-3.6.6-0.139.el5_10.i386.rpm
d86853970a781284f0d503df9b88d570dd9bb6c011e1886daf33b96103993f07 samba3x-winbind-3.6.6-0.139.el5_10.x86_64.rpm
2100f0ddda6edcebb1794c2f764294a1950040012a4189f7ee935ca823e68120 samba3x-winbind-devel-3.6.6-0.139.el5_10.i386.rpm
ad2c74792eaf67b8ead0ad9f360660cc02d7993fceebe899f494b22a6a73c952 samba3x-winbind-devel-3.6.6-0.139.el5_10.x86_64.rpm

Source:
4c1c4240c97ec6455ddb3da7072141f12c8297ed037c0c52f7049413508feacf samba3x-3.6.6-0.139.el5_10.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0324 CentOS 6 selinux-policy Update

CentOS Errata and Bugfix Advisory 2014:0324

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0324.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
0d9aa41392b9b44b91eefb7ee6e6509c94fb0dc56736bec4ef8ee4a9abd40e8a selinux-policy-3.7.19-231.el6_5.1.noarch.rpm
bd505e16ebbe8ea7b12993f4f4be37d835a61936ede3e081deac190bf18c159a selinux-policy-doc-3.7.19-231.el6_5.1.noarch.rpm
b757a962cc4c4b135899a704adc752fcd13a8509a6c46c86ebcd78afcf96ac4c selinux-policy-minimum-3.7.19-231.el6_5.1.noarch.rpm
238f08323e7b91e30e61b9b947c6738907a35ad5865d01cda8bfdab5962007a2 selinux-policy-mls-3.7.19-231.el6_5.1.noarch.rpm
e393d32b825586280ee717b9bfeb94cf656fdcae4e8216b04e227c53f0484435 selinux-policy-targeted-3.7.19-231.el6_5.1.noarch.rpm

x86_64:
0d9aa41392b9b44b91eefb7ee6e6509c94fb0dc56736bec4ef8ee4a9abd40e8a selinux-policy-3.7.19-231.el6_5.1.noarch.rpm
bd505e16ebbe8ea7b12993f4f4be37d835a61936ede3e081deac190bf18c159a selinux-policy-doc-3.7.19-231.el6_5.1.noarch.rpm
b757a962cc4c4b135899a704adc752fcd13a8509a6c46c86ebcd78afcf96ac4c selinux-policy-minimum-3.7.19-231.el6_5.1.noarch.rpm
238f08323e7b91e30e61b9b947c6738907a35ad5865d01cda8bfdab5962007a2 selinux-policy-mls-3.7.19-231.el6_5.1.noarch.rpm
e393d32b825586280ee717b9bfeb94cf656fdcae4e8216b04e227c53f0484435 selinux-policy-targeted-3.7.19-231.el6_5.1.noarch.rpm

Source:
2f0727df2ba3b82d0497b7b5eb806aa495992c393e72112133489374af4e3b40 selinux-policy-3.7.19-231.el6_5.1.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEEA-2014:0326 CentOS 6 dmidecode Update

CentOS Errata and Enhancement Advisory 2014:0326

Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-0326.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
ea3a44b1efa0d5e6626e7096081dccef8ffab3fc5fe0404f0abb2b9f8ccc69b6 dmidecode-2.12-5.el6_5.i686.rpm

x86_64:
d91766c743490432eed1e83f935ed6fbe0088ab6c9050317b415f8f52516f1f7 dmidecode-2.12-5.el6_5.x86_64.rpm

Source:
79e2a715a3006b9740797c4fc8e3cb238e95118250bdd7f3e09cffac8f0e0540 dmidecode-2.12-5.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0327 CentOS 6 environment-modules Update

CentOS Errata and Bugfix Advisory 2014:0327

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0327.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
0ed80e288726d256c1f8d4eea5a9ce233f61172045186750870dbb6932f2e752 environment-modules-3.2.10-1.el6_5.i686.rpm

x86_64:
a84fbc7e7d5101e29a8f1bcbd956727887f33388af7c13eb6523724ed3ee0dd1 environment-modules-3.2.10-1.el6_5.x86_64.rpm

Source:
58441c6552ea027f09f103a4e0668f209ee9aba6bf3b60d7989f3549480dc6a4 environment-modules-3.2.10-1.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Reminder: Change Proposals Submission Deadline in two weeks

Hi,
the Change Proposals Submission Deadline is coming soon, in two weeks [1]
- 2014-04-08. I'd like to ask especially WGs to work on the PRD/Tech
Specs break out into the Change Proposals - so the scope of release
can be evaluated and also for tracking purposes to knwo where we are
with Fedora 21/Next release.

Help us with Fedora 21 and .next initiative planning and development
coordination!

See https://fedoraproject.org/wiki/Changes/Policy for current policy for
submissions and start a new proposal using this template
https://fedoraproject.org/wiki/Changes/EmptyTemplate

Let me know in case of any issues, I'll try to help you!

[1] https://fedoraproject.org/wiki/Releases/21/Schedule

Jaroslav
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce

Monday, March 24, 2014

[CentOS-announce] CESA-2014:0321 Moderate CentOS 6 net-snmp Update

CentOS Errata and Security Advisory 2014:0321 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0321.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
ed63a0745a91e66a8085e76cd8a4724ced643931fcf0a497d8ab96c4e0d9d331 net-snmp-5.5-49.el6_5.1.i686.rpm
2867c0482cf6458d6c7d8c58a757c9fb72d68cdd322f83037675195033f47f20 net-snmp-devel-5.5-49.el6_5.1.i686.rpm
8a20235cee0a372f3239ebdf60bf39b0a9b7d3d2c3bb17e704eaa24742543466 net-snmp-libs-5.5-49.el6_5.1.i686.rpm
d492676907ef30fa111f27afb77590c59475513810f35866bf40bac51680b088 net-snmp-perl-5.5-49.el6_5.1.i686.rpm
3e9186d37496df8f128803128468029382cd99969119f11bc8f4ba23a464ac7b net-snmp-python-5.5-49.el6_5.1.i686.rpm
8e9b0c8ae8d1e1fd81c96e60d7613b48b91207c258bd43e68ce8594543d7dd29 net-snmp-utils-5.5-49.el6_5.1.i686.rpm

x86_64:
d22b12f0403d61dac7a522b994a6764e7a527fa2de11d8c6b689f333e19d0516 net-snmp-5.5-49.el6_5.1.x86_64.rpm
2867c0482cf6458d6c7d8c58a757c9fb72d68cdd322f83037675195033f47f20 net-snmp-devel-5.5-49.el6_5.1.i686.rpm
f5611ae3c38a90cadc19c0711bc098002ee690a607ddec2f49b3b8696b5bdfe5 net-snmp-devel-5.5-49.el6_5.1.x86_64.rpm
8a20235cee0a372f3239ebdf60bf39b0a9b7d3d2c3bb17e704eaa24742543466 net-snmp-libs-5.5-49.el6_5.1.i686.rpm
eacb1cb848b4a873368bcdc927e88ef5ce26070354b2ea513923eaf42c774592 net-snmp-libs-5.5-49.el6_5.1.x86_64.rpm
af5ccfa91e33e71e0525d90088b58110d6a767b447ebc0899f5387ea9fb50fbd net-snmp-perl-5.5-49.el6_5.1.x86_64.rpm
9b3cd7d2d82d668b61cfd4a350ff5a69b825d8f47cacaf1a44412656df0eb86f net-snmp-python-5.5-49.el6_5.1.x86_64.rpm
5d425790e81a5647910e86314e019eeb0034e28a6ecd5fa84d7ffedf9e8b9e10 net-snmp-utils-5.5-49.el6_5.1.x86_64.rpm

Source:
41f0428ecf99e21b1128ae4501e41b901bb03834f05939bb7bf34e0ffe28d21b net-snmp-5.5-49.el6_5.1.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2014:0322 Moderate CentOS 5 net-snmp Update

CentOS Errata and Security Advisory 2014:0322 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0322.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
aac06404e9773899457e9ded7cf7c627f8e1918dd3d16be17e16da8580492882 net-snmp-5.3.2.2-22.el5_10.1.i386.rpm
429150fac6a12e51fe4e5b7773b4b66126467c0083e8ef127af0c34c5b2bd382 net-snmp-devel-5.3.2.2-22.el5_10.1.i386.rpm
923b759ff2c6dfc9d2aa97640841635516b3bc3a844e1b8ed5a40e9571898bc8 net-snmp-libs-5.3.2.2-22.el5_10.1.i386.rpm
462484a7f4e12df4858b6cafc9dd7566f833648d6e0d6ef0824cca03fa263cef net-snmp-perl-5.3.2.2-22.el5_10.1.i386.rpm
c1de2b2320b5399df8641711579f0fe210c9d40b2b58a0c973481126cc3f4a32 net-snmp-utils-5.3.2.2-22.el5_10.1.i386.rpm

x86_64:
b09d05fdf5f1d90b409ee2abd380154512bb7e7f80adde81435dc1e19c796f6a net-snmp-5.3.2.2-22.el5_10.1.x86_64.rpm
429150fac6a12e51fe4e5b7773b4b66126467c0083e8ef127af0c34c5b2bd382 net-snmp-devel-5.3.2.2-22.el5_10.1.i386.rpm
f3b9f6df6f861ec9eb39f573db0faf10df645e20bcb4f168b73ed6271577ee1a net-snmp-devel-5.3.2.2-22.el5_10.1.x86_64.rpm
923b759ff2c6dfc9d2aa97640841635516b3bc3a844e1b8ed5a40e9571898bc8 net-snmp-libs-5.3.2.2-22.el5_10.1.i386.rpm
53ff6f516a9b166bea5cdcb10b9f0cc515222b6e0c1ebbefeb116c3a1fbeb54d net-snmp-libs-5.3.2.2-22.el5_10.1.x86_64.rpm
ad4fa9d822ff617040dcb8b9c60e20d966ef6fb93445bb21080db18784f6bb2a net-snmp-perl-5.3.2.2-22.el5_10.1.x86_64.rpm
0b70cf8aeb14b58b1ce743db81f116c0b124a01f0efb5c1cb699adcb135c54e3 net-snmp-utils-5.3.2.2-22.el5_10.1.x86_64.rpm

Source:
30d455db455f11d77f965ca324d6a1cd68c8d0f1e08feffa99184db22b8d1338 net-snmp-5.3.2.2-22.el5_10.1.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[USN-2154-1] ca-certificates update

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJTMIiSAAoJEGVp2FWnRL6Tm3cQAKuYGBMYZFKG8NNyfN8HKml3
mgbt+JfqnxqZ9609meWf1aP+bsdzKboPKK2w8gtzuBOOyJaowdeP184UM09BRffI
uSEFCnZPi4H/uzBDxYbO9mHGFeOZ54vYxlkEf9hEYGvSmSKoQ2btIuoV/zlMZnQw
P78JPEZIZ1iiZ/uu4x2YKbWemrFUK8PnzmCa1D6PsIb8WQk5HWlSQnUIcf1HToIX
Jrf5lXjUgKU5S54WC8Lcnbjyvvrajvna2wiJgowV449xGTpkJiio2fAlRJn6EcQj
Ave+krC6eWhT9aHBw/XG6yEoZcyyymztepwZfCYnCEwugsK0A5WDup7sytnqVBSO
TmYACUtdI8rHsSuzwhvkIBM1j3aONP/V3IiGqbpLcRYBgO3TjriwyTqm58unY3ks
wPOt3MeJ5v3FkMOzNMhd6cWj21Lhf08wcxMDk7fNMyIkjm6GQcB8r5E6hd7dTgux
BQFVRYPNl7Cm3DXQtedbEOJVqzbnfykS+1NA6ite6X9Wx4LRehDm0CHuJUC8LHkc
+DZprzn9ZQmks6tzzh0tgMXnBLp2Hjn5vQedKt/1z1RQC8iWMfhWuImfUIZP7K0z
si08f19V00ptr7uTv7eLas7OXcGhxjVwKzCb0x0ZMbZ5zPnu6mBo4LKRfhL/qiba
GW9ENyDujH1AfG4M97ul
=T0ww
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2154-1
March 24, 2014

ca-certificates update
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.10
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS

Summary:

ca-certificates was updated to the 20130906 package.

Software Description:
- ca-certificates: Common CA certificates

Details:

The ca-certificates package contained outdated CA certificates. This update
refreshes the included certificates to those contained in the 20130906
package.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
ca-certificates 20130906ubuntu0.13.10.1

Ubuntu 12.10:
ca-certificates 20130906ubuntu0.12.10.1

Ubuntu 12.04 LTS:
ca-certificates 20130906ubuntu0.12.04.1

Ubuntu 10.04 LTS:
ca-certificates 20130906ubuntu0.10.04.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2154-1
https://launchpad.net/bugs/1257265

Package Information:
https://launchpad.net/ubuntu/+source/ca-certificates/20130906ubuntu0.13.10.1
https://launchpad.net/ubuntu/+source/ca-certificates/20130906ubuntu0.12.10.1
https://launchpad.net/ubuntu/+source/ca-certificates/20130906ubuntu0.12.04.1
https://launchpad.net/ubuntu/+source/ca-certificates/20130906ubuntu0.10.04.1