Saturday, May 31, 2014

[FreeBSD-Announce] The FreeBSD.org bug database will be read-only or offline this weekend

Within the next few hours we will be freezing the project's gnats bug database
to make way for a migration attempt to bugzilla.

We are setting aside the entire weekend for migration attempt and at various
times the database will be either read-only or unavailable. We will be
queueing incoming bug related email for later processing.

There are extensive interconnections between the old gnats system and there
are great many tendrils into other cluster systems. We expect this to be
bumpy but we will be doing our best to keep the chaos to a minimum.

There will be a followup once we've either committed or aborted.
--
Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com; KI6FJV
UTF-8: for when a ' just won\342\200\231t do.

Thursday, May 29, 2014

[CentOS-announce] CEBA-2014:0570 CentOS 6 iproute Update

CentOS Errata and Bugfix Advisory 2014:0570

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0570.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
31a7240ff770ddd2f18715bccd1907f290b22468f2fa7d654e912e242cdeafcb iproute-2.6.32-32.el6_5.i686.rpm
ab480269824cfbc232e526cc29f5cd8a4a4728121e5dbb906286a8862b34b80d iproute-devel-2.6.32-32.el6_5.i686.rpm
ff19d039eb2787620f61cfb8de1bcf621b25132d19e73040513c0ec3545a485a iproute-doc-2.6.32-32.el6_5.i686.rpm

x86_64:
79711ce75632a05d5cd2f91bef3a4de1c4567cc01db7b6088e3eb3fbdea2ffc5 iproute-2.6.32-32.el6_5.x86_64.rpm
ab480269824cfbc232e526cc29f5cd8a4a4728121e5dbb906286a8862b34b80d iproute-devel-2.6.32-32.el6_5.i686.rpm
339ed6500b7e67c33efdb2bee3353f6978d726cac64cfc91676fe77e2f1ac6b0 iproute-devel-2.6.32-32.el6_5.x86_64.rpm
86440aacab4a29963a92c42114f69780f731878f7eeb4b744e9ecf1d24f4bba7 iproute-doc-2.6.32-32.el6_5.x86_64.rpm

Source:
e1266658c6b53ec9c6274e2680b91d58a9b9ac9ffb79be073b830ec4fcb4f2de iproute-2.6.32-32.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0572 CentOS 6 ibus-table FASTTRACK Update

CentOS Errata and Bugfix Advisory 2014:0572

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0572.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
5632ab3aaad7983670ae5a919c31f3048b3bc0ae60cc0ce4f539e39fc44e02dd ibus-table-1.2.0.20100111-5.el6.noarch.rpm
1750d4a0a45a5aec63f021312f8977581c0f12a30b32b7542293f9b9b4bfc42f ibus-table-additional-1.2.0.20100111-5.el6.noarch.rpm
111a6134d60342b4e3c609a5a77b3b54bd0a764dc2a3c0b87d3e314bb8e632d4 ibus-table-devel-1.2.0.20100111-5.el6.noarch.rpm

x86_64:
5632ab3aaad7983670ae5a919c31f3048b3bc0ae60cc0ce4f539e39fc44e02dd ibus-table-1.2.0.20100111-5.el6.noarch.rpm
1750d4a0a45a5aec63f021312f8977581c0f12a30b32b7542293f9b9b4bfc42f ibus-table-additional-1.2.0.20100111-5.el6.noarch.rpm
111a6134d60342b4e3c609a5a77b3b54bd0a764dc2a3c0b87d3e314bb8e632d4 ibus-table-devel-1.2.0.20100111-5.el6.noarch.rpm

Source:
b46530795ebff85c969b3e2fa38a6a1b64edfffe51c8853bcd9102102f08d272 ibus-table-1.2.0.20100111-5.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0571 CentOS 5 java-1.7.0-openjdk Update

CentOS Errata and Bugfix Advisory 2014:0571

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0571.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
861a383b7d8c54c1fd174ee50a19094691e67b65dd3e36ee7714e78645857470 java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el5_10.i386.rpm
e916d0444c1ac33f4d8a764a91512c3efff34dd9a8531a760a716cb46b600208 java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el5_10.i386.rpm
8d6170a6bafb6ed81cdd2e4f3be0239fd7422c9c204078889871e0257e72683f java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el5_10.i386.rpm
06a543e22f65ff2fbc17af52da3d8000f253be1224469550948ccb3bb1876a6b java-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el5_10.i386.rpm
96e45ecef7924cd51330160be422baa846dd62840c8ce1e86168c7df2fab19b8 java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el5_10.i386.rpm

x86_64:
10f6de29a4b295ed000f666ad5bbeeb720f99a74cc39334f1597cd8d1f3c1575 java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el5_10.x86_64.rpm
cf62cafa02e44dcfc1b71e4ab2973de3064172c8f4915c4f3d855a8583e8f7ef java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.2.el5_10.x86_64.rpm
bebd4ec55f417749220e5b9dc844630e447ec6a310c239c21429e5ba40ba0d2b java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.2.el5_10.x86_64.rpm
12e644beadf558502a2ab34aa2a14dc966dd446632ce21f67afeb1da5b7ae00e java-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.2.el5_10.x86_64.rpm
9fd537778d5a9f6e23a0744be6449ca924f7860964bd649d240b3ed911d1d1b2 java-1.7.0-openjdk-src-1.7.0.55-2.4.7.2.el5_10.x86_64.rpm

Source:
26a0f7bbc3cafe87008a8c1d62dab6b5f201d691c96cb796bccf4055bb8d3728 java-1.7.0-openjdk-1.7.0.55-2.4.7.2.el5_10.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0569 CentOS 5 gfs2-utils Update

CentOS Errata and Bugfix Advisory 2014:0569

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0569.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
df64a4378505afee7a8f09ab4b60136fc5bd0dd31cecdcf6422e341984ea7f64 gfs2-utils-0.1.62-39.el5_10.3.i386.rpm

x86_64:
2a1b7cadd39d0e5887c8edd7ac4b61b383da664a149c194f23788877ef2f9553 gfs2-utils-0.1.62-39.el5_10.3.x86_64.rpm

Source:
1ba5063d700b93b4f2dca75b1117f2214166b53306b055d6a66fe1e2cbcc5fad gfs2-utils-0.1.62-39.el5_10.3.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Wednesday, May 28, 2014

[CentOS-announce] CEBA-2014:0568 CentOS 6 audit Update

CentOS Errata and Bugfix Advisory 2014:0568

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0568.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
93ab2ebd62dcdbe9e5f8a065fb35512031a326e59677b9c2661b73c64f2fd53d audispd-plugins-2.2-4.el6_5.i686.rpm
ef43d75cfd93d3476f5974376ab00c07c9bf6c4a70912b001e0fac40f3f13429 audit-2.2-4.el6_5.i686.rpm
19dd52e6aa8dd48f10050de569596e5be43328767331cbdeeb9bbf0b1695cde8 audit-libs-2.2-4.el6_5.i686.rpm
110e00faee32c97a3b01d03ed0d594559725e38ef33c36760385998fa3e660af audit-libs-devel-2.2-4.el6_5.i686.rpm
71953753cefb5c6fb39f9eaa721f4457a11c63c7e319f976e286249d7c5e9777 audit-libs-python-2.2-4.el6_5.i686.rpm
83a621c0d53af1325c2a65fdaec214a88a0f08c7a94639671a32ab6ba96d8fcb audit-libs-static-2.2-4.el6_5.i686.rpm

x86_64:
ddc52e17090cd5336441c5a02c637559fb831b289f2cca2b290a07b3e4befff6 audispd-plugins-2.2-4.el6_5.x86_64.rpm
9502c91af5406fb00a6b8ba46bcf63490cd08b6fba6bf25a56048b725c414b9b audit-2.2-4.el6_5.x86_64.rpm
19dd52e6aa8dd48f10050de569596e5be43328767331cbdeeb9bbf0b1695cde8 audit-libs-2.2-4.el6_5.i686.rpm
dcd9683e24eab8f6a08a22216bd5d6135283530352d52d54660d039ff0aa6125 audit-libs-2.2-4.el6_5.x86_64.rpm
110e00faee32c97a3b01d03ed0d594559725e38ef33c36760385998fa3e660af audit-libs-devel-2.2-4.el6_5.i686.rpm
15831f1d23022d871ac6f4f660156ac20daa9ad5329bd46401aa3e44185bc605 audit-libs-devel-2.2-4.el6_5.x86_64.rpm
5dc33dc151e6d5b07748e4d7b903a0d74958c03c738cdd46b578b4b4c062dab1 audit-libs-python-2.2-4.el6_5.x86_64.rpm
68ab0c6bf262f9995d67595dd3e4ee1489d79fe70d9c7e694782380fd2c7babb audit-libs-static-2.2-4.el6_5.x86_64.rpm

Source:
c3b8e1717c809d2ee530b2589b347f076fe8967c9404c9a450713006d847f0d3 audit-2.2-4.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0567 CentOS 6 389-ds-base Update

CentOS Errata and Bugfix Advisory 2014:0567

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0567.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
e8da24c96de6e356c8dbc57f5a0159d1c89ea6aa76ea18ebca42301450e69049 389-ds-base-1.2.11.15-33.el6_5.i686.rpm
afb571c5781358d6dcfb646a2e7f79a66930422da6c9d5b3a2021223d9be6c96 389-ds-base-devel-1.2.11.15-33.el6_5.i686.rpm
6ff856d3ec8ba40834ed4220922edb98c98b5d443ce9746870ca0784be807623 389-ds-base-libs-1.2.11.15-33.el6_5.i686.rpm

x86_64:
37dafe5632e71f68a5140bab74454172115b9abb411c97670f6464a9badb8df1 389-ds-base-1.2.11.15-33.el6_5.x86_64.rpm
afb571c5781358d6dcfb646a2e7f79a66930422da6c9d5b3a2021223d9be6c96 389-ds-base-devel-1.2.11.15-33.el6_5.i686.rpm
00450fc51955103db8def4a17e7a532690122f205d731451ce2e576a5db53407 389-ds-base-devel-1.2.11.15-33.el6_5.x86_64.rpm
6ff856d3ec8ba40834ed4220922edb98c98b5d443ce9746870ca0784be807623 389-ds-base-libs-1.2.11.15-33.el6_5.i686.rpm
146b10a31f884f31b9cfa9db7cf2d7f28a5255520a6befc32d7e79959474db26 389-ds-base-libs-1.2.11.15-33.el6_5.x86_64.rpm

Source:
550a8298a28229e990bdcadb712e4bbdf29ec40b77cf0dae57dfc79674e4d982 389-ds-base-1.2.11.15-33.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0566 CentOS 6 openmotif Update

CentOS Errata and Bugfix Advisory 2014:0566

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0566.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
334b54f70b8c3b7a604383bb7ef31c27e6c4a98ecfbf0a0e245777cf6595ff99 openmotif-2.3.3-7.1.el6_5.i686.rpm
5f3382879a12a701b1ec912abcd948fb4c9cacc041ecde64da860ffd81d5c274 openmotif-devel-2.3.3-7.1.el6_5.i686.rpm

x86_64:
334b54f70b8c3b7a604383bb7ef31c27e6c4a98ecfbf0a0e245777cf6595ff99 openmotif-2.3.3-7.1.el6_5.i686.rpm
b93605d9709b00145f1c1838d50fd85e1a91c5a61fcdcd0d334fa7d381c23aae openmotif-2.3.3-7.1.el6_5.x86_64.rpm
5f3382879a12a701b1ec912abcd948fb4c9cacc041ecde64da860ffd81d5c274 openmotif-devel-2.3.3-7.1.el6_5.i686.rpm
1404413c153751f9180ac81d8369f0017ed2bf6d689593a02f9ae0dfbf357bbd openmotif-devel-2.3.3-7.1.el6_5.x86_64.rpm

Source:
48ebb0b640f18fbd561aacb05eb6ce170d988c17b712feadc28093dff0c333b1 openmotif-2.3.3-7.1.el6_5.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2014:0560 Moderate CentOS 6 libvirt Update

CentOS Errata and Security Advisory 2014:0560 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0560.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
84cfe90ef37aafdf8eb8ab3ddf97d0dc0a7e7b9dc20b01a7a6345535c3cad376 libvirt-0.10.2-29.el6_5.8.i686.rpm
306f9bca74029238d789b9fe89b7968d8e27ff72444934d7da27314632d1c2ad libvirt-client-0.10.2-29.el6_5.8.i686.rpm
7deb83f2aa89174889e62aa42ed1567fab957125ed7df7d52518cdaa548e624d libvirt-devel-0.10.2-29.el6_5.8.i686.rpm
68bd6f4bea37aafb6e28f735d49c85b90fa32941ced0dd54b063beb6fbe13a74 libvirt-python-0.10.2-29.el6_5.8.i686.rpm

x86_64:
f28270885ba213e62c0b19b6d2beabee2d41a75b4453c981018de08f1d504462 libvirt-0.10.2-29.el6_5.8.x86_64.rpm
306f9bca74029238d789b9fe89b7968d8e27ff72444934d7da27314632d1c2ad libvirt-client-0.10.2-29.el6_5.8.i686.rpm
1f2803fe606c0a0ac145f8adc18e3c41a294bac68cba1cadee727854d490e645 libvirt-client-0.10.2-29.el6_5.8.x86_64.rpm
7deb83f2aa89174889e62aa42ed1567fab957125ed7df7d52518cdaa548e624d libvirt-devel-0.10.2-29.el6_5.8.i686.rpm
ab0c58d8d5800503ae4fffa70f058f0bc3b810e6845d573be4fb7bf8af7fa56c libvirt-devel-0.10.2-29.el6_5.8.x86_64.rpm
539331c3d592a0a6b833ea75403805254f0857ad86b75ec8860a3cafec981a99 libvirt-lock-sanlock-0.10.2-29.el6_5.8.x86_64.rpm
2b3826383b429dc31ad4552e70e839776a46ca2991dbb30018ef60dff828ebca libvirt-python-0.10.2-29.el6_5.8.x86_64.rpm

Source:
f5a8961960021783ab329d7970acfc183c4fefd1315e2b81353c8cc3581b17d8 libvirt-0.10.2-29.el6_5.8.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2014:0561 Moderate CentOS 6 curl Update

CentOS Errata and Security Advisory 2014:0561 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0561.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
cf0a982bec1212cc7cbba88aa8329d6ece826ae175c65c1799d614ad326712e5 curl-7.19.7-37.el6_5.3.i686.rpm
4b22a18cdd3771279425911a92adb70522a8e4681e83a04fb567b4aa1a469092 libcurl-7.19.7-37.el6_5.3.i686.rpm
018b0b132b567b023fe4a2f7c0fff5b2dac63fdcf9b0e0705f462112aaa447be libcurl-devel-7.19.7-37.el6_5.3.i686.rpm

x86_64:
14dacdf46e20d59a866ac6e16a85ad4e7ede330fbe1a3585f52e10b92e18b008 curl-7.19.7-37.el6_5.3.x86_64.rpm
4b22a18cdd3771279425911a92adb70522a8e4681e83a04fb567b4aa1a469092 libcurl-7.19.7-37.el6_5.3.i686.rpm
a74646407f46e6b4871259cafcb527047d3f6744aa87e5c3c86c08da43d40543 libcurl-7.19.7-37.el6_5.3.x86_64.rpm
018b0b132b567b023fe4a2f7c0fff5b2dac63fdcf9b0e0705f462112aaa447be libcurl-devel-7.19.7-37.el6_5.3.i686.rpm
374c58267fec287d1a3e38a90a917bc227684ae7287cd5c137104caa972fffed libcurl-devel-7.19.7-37.el6_5.3.x86_64.rpm

Source:
0beb826caead2e6b1d3993e5c9d600dc68d2be83e6558b6b702264ab3cb6732c curl-7.19.7-37.el6_5.3.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

Tuesday, May 27, 2014

[announce] author Michael W Lucas podcast 1 PM EST

He'll be doing a live webcast today at 1PM EDT entitled "Beyond
Security: Getting to Know OpenBSD's Real Purpose":

http://www.oreilly.com/pub/e/3059

As part of this, o'Reilly is offering half off "Absolute OpenBSD, 2nd
Edition" ebook, with coupon code DEAL.

http://shop.oreilly.com/product/9781593274764.do?cmp=tw-na-books-videos-product-dod_daily_tweet&code=DEAL
_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce

[CentOS-announce] CEBA-2014:0543 CentOS 6 glibc Update

CentOS Errata and Bugfix Advisory 2014:0543

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0543.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
646353d24e7b98a82728147d03501703a922b1c4aa3e10e1ec2a80612a997895 glibc-2.12-1.132.el6_5.2.i686.rpm
a3fd211ee6f6919bcd47151c2928a126619fd3a140b2c62f1f219681663169f6 glibc-common-2.12-1.132.el6_5.2.i686.rpm
98ddfca5350f05caefe915dddea0affbd75f1c7322d2a0e13a7c6528680fd56c glibc-devel-2.12-1.132.el6_5.2.i686.rpm
95d1a2a050f462b00df20ebe98c5f027d5b78fb3f1563e4c9caa57f5ee8ab634 glibc-headers-2.12-1.132.el6_5.2.i686.rpm
b461b6d54062b8321e2e980157e49bec3e83d76a4d37aa715d636fcf5b022e9b glibc-static-2.12-1.132.el6_5.2.i686.rpm
c97079fae6c7ba9a6749243e0872485ef80f96bc783b98b6041e4bcc9a6e39d8 glibc-utils-2.12-1.132.el6_5.2.i686.rpm
df8d8397944ff32733e95ecab9e0e866f75e6826cb02e80ed1b717d5dbc3c910 nscd-2.12-1.132.el6_5.2.i686.rpm

x86_64:
646353d24e7b98a82728147d03501703a922b1c4aa3e10e1ec2a80612a997895 glibc-2.12-1.132.el6_5.2.i686.rpm
649fbe5cb00873b827f903f67d1110695c429a6333b71d17ace0cd65e7d57fa7 glibc-2.12-1.132.el6_5.2.x86_64.rpm
1b71ef8b7138b126fb226195ac82031f3605c63ba662368c647230ae6babd28e glibc-common-2.12-1.132.el6_5.2.x86_64.rpm
98ddfca5350f05caefe915dddea0affbd75f1c7322d2a0e13a7c6528680fd56c glibc-devel-2.12-1.132.el6_5.2.i686.rpm
93cdbd31e4a3d926fa3e43a9b04171ca0b07bd544f5b663417d2620c8e558a10 glibc-devel-2.12-1.132.el6_5.2.x86_64.rpm
752daa034bf639acae2584064da3d1380058a5b4622f0899b1a6be3ef3acc6b9 glibc-headers-2.12-1.132.el6_5.2.x86_64.rpm
b461b6d54062b8321e2e980157e49bec3e83d76a4d37aa715d636fcf5b022e9b glibc-static-2.12-1.132.el6_5.2.i686.rpm
9cb559c8888834a235150389c006cf757892986958ca594952ed8c0c9fcc2143 glibc-static-2.12-1.132.el6_5.2.x86_64.rpm
9e72a435a0067d6a824569ecb0a02356599e00a50f68a3206bcefd4308cfd7b0 glibc-utils-2.12-1.132.el6_5.2.x86_64.rpm
ce233677bc97d43e59f3fd6fedc704cbcdd9053dd3bda4e16d5fe9aa68c67c07 nscd-2.12-1.132.el6_5.2.x86_64.rpm

Source:
7d9744402371ac36bde39c84f62c8b5bc5509c64f1cc419018fc00d54b18d5ae glibc-2.12-1.132.el6_5.2.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0554 CentOS 6 fontconfig FASTTRACK Update

CentOS Errata and Bugfix Advisory 2014:0554

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0554.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
09cee79c086775d03e0219dc92d82f2803d6936bfe44f0c71f4ff7c33918d4f8 fontconfig-2.8.0-5.el6.i686.rpm
6019c636a5b93f9f11ff91289dadea1922eeeafc59d9ed6645f6019a3b8730e3 fontconfig-devel-2.8.0-5.el6.i686.rpm

x86_64:
09cee79c086775d03e0219dc92d82f2803d6936bfe44f0c71f4ff7c33918d4f8 fontconfig-2.8.0-5.el6.i686.rpm
6a915b6e1ad740994aa9688d70a67ff2b6b72e0ced668794aeb27b2d0f2e237b fontconfig-2.8.0-5.el6.x86_64.rpm
6019c636a5b93f9f11ff91289dadea1922eeeafc59d9ed6645f6019a3b8730e3 fontconfig-devel-2.8.0-5.el6.i686.rpm
4938701d283915837478b414dcf365592e1581052fcf5c89f9d89f2aea9e5361 fontconfig-devel-2.8.0-5.el6.x86_64.rpm

Source:
8a737297dbb39f12c67f88db1b21b37ef97bed2ca00fa0975b16e264d6953a33 fontconfig-2.8.0-5.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0555 CentOS 6 shared-mime-info FASTTRACK Update

CentOS Errata and Bugfix Advisory 2014:0555

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0555.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
2d793e4365531d7a60789ebd56d169548fa2a9924d04d7afa392c75209b400bf shared-mime-info-0.70-6.el6.i686.rpm

x86_64:
e65f8236fd178a74a174d2659baeb27133ced99ee5cb5e827adef3d641ac0697 shared-mime-info-0.70-6.el6.x86_64.rpm

Source:
f4d93e884c18a6d23cd9a30c62639e47a05090293f4a41be0b5bd8dd3054d6f2 shared-mime-info-0.70-6.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0540 CentOS 6 sgml-common FASTTRACK Update

CentOS Errata and Bugfix Advisory 2014:0540

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0540.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
6107dbc2ecc841048ae183d9fe610c303f21190ceed55a6f477339b65fd85cbf sgml-common-0.6.3-33.el6.noarch.rpm
2f735793dc38cc9f14966fd5f119ae0c50b069c544d95ad62c07e90654662432 xml-common-0.6.3-33.el6.noarch.rpm

x86_64:
6107dbc2ecc841048ae183d9fe610c303f21190ceed55a6f477339b65fd85cbf sgml-common-0.6.3-33.el6.noarch.rpm
2f735793dc38cc9f14966fd5f119ae0c50b069c544d95ad62c07e90654662432 xml-common-0.6.3-33.el6.noarch.rpm

Source:
7424491cd81e0a2103e27f069284e32ba79d0bcff97cb456b0b65bec5e23c01e sgml-common-0.6.3-33.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0538 CentOS 6 xguest FASTTRACK Update

CentOS Errata and Bugfix Advisory 2014:0538

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0538.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
d7f13dd36d43ac5779c905131d1801e6500f94a970ae775c8aae62d981feae4b xguest-1.0.9-5.el6.noarch.rpm

x86_64:
d7f13dd36d43ac5779c905131d1801e6500f94a970ae775c8aae62d981feae4b xguest-1.0.9-5.el6.noarch.rpm

Source:
a0f443f88cf2aaf04e9134881fc2a79a92a17b05507702ecd9b4f6850f3008c2 xguest-1.0.9-5.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2014:0539 CentOS 6 akonadi FASTTRACK Update

CentOS Errata and Bugfix Advisory 2014:0539

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0539.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
d6020e4949ddbfa76f2513216a6acc4d8105923a77343ce635b2bf3795bd7f3b akonadi-1.2.1-3.el6.i686.rpm
0ba9fd6d811b1e30d9c7bcc5885c263699e996008b4dc2185e8480f5bff74c71 akonadi-devel-1.2.1-3.el6.i686.rpm

x86_64:
d6020e4949ddbfa76f2513216a6acc4d8105923a77343ce635b2bf3795bd7f3b akonadi-1.2.1-3.el6.i686.rpm
7db832f132bcc6311167d5d40774851be76401ab3e442ebe506ceedc1fae0a84 akonadi-1.2.1-3.el6.x86_64.rpm
0ba9fd6d811b1e30d9c7bcc5885c263699e996008b4dc2185e8480f5bff74c71 akonadi-devel-1.2.1-3.el6.i686.rpm
b5e4afe64c88d50171843b98815039646e3a6d21829ea9c7684639c1e99d0a5c akonadi-devel-1.2.1-3.el6.x86_64.rpm

Source:
6029f3e58233b1a09b14273a13d11d1036152fc11fb472ac59d7237c794afaae akonadi-1.2.1-3.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

[USN-2228-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJThGVCAAoJEAUvNnAY1cPYG+kQAJFI0KCVcKUwEOWWXYJJyu8G
chiWO5pwSm3DNUQFxBiG3CebSlaMGVGNAid4aRKnZzMhXs5x61MEKrFiWD+AB3vR
wZcDFT9ZtFsmUBARRcYkB3O3XEzO7UsXfjFTL7WI+KQwr9qpHXHKsJf0y4GBOp+K
5mA4mphWIImJAVCZgxWoypzdOw2qTrpOOQKjcXBuKPB8QltQdHFBchXchKvgYBvO
HR0T2/UuNkDhZoJ9nizxJ4gmbwHw9QASl/jP6RsvWFqhk7fN4XTIYJQU0EJ3my3o
tzlYWtyx6/C3SXFV1b+st+Tj2EiWc+jyJZqR56bd3uTlr1ki5mz/sO7S1FKp6R06
X/EJVwdZP/qRlZlftrbOM8vbCfqVBAkFPy+cDSqD9qGybFdU0Bwmu3T63Jl9Nhoc
za533LnK+v5i2pOT6LSmUbRYJbxlkn1vFmsoKMP7IfVWPYyQaaUvIBd9YJI59e69
lOWXC7lcsePV1TqgqlBH9rVZH+hj0ui+HxaAvA6SyuZwN3g/PALp3MIoU+DuRO2F
yFtW1caGBmlLnu5JePoOv+gPyozTJG+4WeZerwXAvEb3Bs4JsihZ5OY7DiCaifOU
tORqoAn+eh1n8mokWEXaz7uILb/DUtb3Szfur1Aj67Z7GmKTPomgJ0PoMmo7bAYQ
zNUEBSlyBfyMmulSIX7R
=e3wt
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2228-1
May 27, 2014

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 13.10

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory. (CVE-2014-1738)

Matthew Daley reported a flaw in the handling of ioctl commands by the
floppy disk driver in the Linux kernel. An unprivileged local user could
exploit this flaw to gain administrative privileges if the floppy disk
module is loaded. (CVE-2014-1737)

A flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest
OS users could exploit this flaw to cause a denial of service (host OS
crash). (CVE-2014-0055)

A flaw was discovered in the handling of network packets when mergeable
buffers are disabled for virtual machines in the Linux kernel. Guest OS
users may exploit this flaw to cause a denial of service (host OS crash) or
possibly gain privilege on the host OS. (CVE-2014-0077)

Nikolay Aleksandrov discovered a race condition in Linux kernel's IPv4
fragment handling code. Remote attackers could exploit this flaw to cause a
denial of service (system crash) or possibly have other unspecified impact.
(CVE-2014-0100)

A flaw was discovered in the Linux kernel's handling of the SCTP handshake.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2014-0101)

A flaw was discovered in the handling of routing information in Linux
kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a
denial of service (memory consumption) via a flood of ICMPv6 router
advertisement packets. (CVE-2014-2309)

An error was discovered in the Linux kernel's DCCP protocol support. A
remote attacked could exploit this flaw to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2014-2523)

Max Sydorenko discovered a race condition in the Atheros 9k wireless driver
in the Linux kernel. This race could be exploited by remote attackers to
cause a denial of service (system crash). (CVE-2014-2672)

Adhemerval Zanella Neto discovered a flaw the in the Transactional Memory
(TM) implementation for powerpc based machine. An unprivileged local user
could exploit this flaw to cause a denial of service (system crash).
(CVE-2014-2673)

An error was discovered in the Reliable Datagram Sockets (RDS) protocol
stack in the Linux kernel. A local user could exploit this flaw to cause a
denial of service (system crash) or possibly have unspecified other impact.
(CVE-2014-2678)

Yaara Rozenblum discovered a race condition in the Linux kernel's Generic
IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit
this flaw to cause a denial of service (system crash). (CVE-2014-2706)

A flaw was discovered in the Linux kernel's ping sockets. An unprivileged
local user could exploit this flaw to cause a denial of service (system
crash) or possibly gain privileges via a crafted application.
(CVE-2014-2851)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
linux-image-3.11.0-22-generic 3.11.0-22.38
linux-image-3.11.0-22-generic-lpae 3.11.0-22.38

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2228-1
CVE-2014-0055, CVE-2014-0077, CVE-2014-0100, CVE-2014-0101,
CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523,
CVE-2014-2672, CVE-2014-2673, CVE-2014-2678, CVE-2014-2706,
CVE-2014-2851

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.11.0-22.38

[USN-2227-1] Linux kernel (OMAP4) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJThGLNAAoJEAUvNnAY1cPYHu8QALAFD6lvgBAOaaS6ZEoLtGLp
DKVUMgnqMj9EqbMxKmHfvMXuJHoCxpG+rT8/pBgsy4METozjYYK3u6yjci+2WY4r
GmU3s5Klw6/9eSHGFmCvwQ/OiVMPp7x/PW7E/T6IQt9siLvu5Mw62RMoOvqQ6+dZ
Q50xZX5VG7Rz8gamiObrm6RSX2yM5WS6o00V6V1HI8oDtE8vA+MnQ73YsO6ohTz4
jPyXHBfKEtGrK1TrzF/4tAqOcqgbRC62uNWt/dBHAkeeZNqSvLLasv27+ZshIgjv
NUfdcQjKxZqDejAPPeKe427y39LW72NgDItfqBS53fzZi5f+IK+LUq1RhqZjLl1a
lGMCAIzom2v63mwWpceoG3pTuDl4Qt4SVEUNxoBSQ/eCRkkLbv/sbusObLtkaYW1
MlQbk0LPvmk285tZVXoDstMjQhkbeG++FZTwdddWMiFwXZmOEqShJRtoxDAgTYiT
xwQZVMSwN7IAWDmMlJ29dnv/0WpY7GP/2UDH0fTWyqKO3nscPVewnRa5BwgBS419
2HGll9pOQt85snbz0NFS8T/o+t7HM53V603+VwcQby7MV9UZu6Qlfp6r4hW+Qjvh
O9IJTNinJpqAq4CmwOVKW5bILxlwQafzifRZQoax8XiNgTobxHSiVVNMFeZ/9fj0
qWugPps0uu4WiXZE1Ffi
=KsBT
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2227-1
May 27, 2014

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

A flaw was discovered in the Linux kernel's pseudo tty (pty) device. An
unprivileged user could exploit this flaw to cause a denial of service
(system crash) or potentially gain administrator privileges.
(CVE-2014-0196)

Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory. (CVE-2014-1738)

Matthew Daley reported a flaw in the handling of ioctl commands by the
floppy disk driver in the Linux kernel. An unprivileged local user could
exploit this flaw to gain administrative privileges if the floppy disk
module is loaded. (CVE-2014-1737)

A flaw was discovered in the Linux kernel's IPC reference counting. An
unprivileged local user could exploit this flaw to cause a denial of
service (OOM system crash). (CVE-2013-4483)

Al Viro discovered an error in how CIFS in the Linux kernel handles
uncached write operations. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash), obtain sensitive
information from kernel memory, or possibly gain privileges.
(CVE-2014-0069)

A flaw was discovered in the handling of network packets when mergeable
buffers are disabled for virtual machines in the Linux kernel. Guest OS
users may exploit this flaw to cause a denial of service (host OS crash) or
possibly gain privilege on the host OS. (CVE-2014-0077)

A flaw was discovered in the Linux kernel's handling of the SCTP handshake.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2014-0101)

A flaw was discovered in the handling of routing information in Linux
kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a
denial of service (memory consumption) via a flood of ICMPv6 router
advertisement packets. (CVE-2014-2309)

An error was discovered in the Linux kernel's DCCP protocol support. A
remote attacked could exploit this flaw to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2014-2523)

Max Sydorenko discovered a race condition in the Atheros 9k wireless driver
in the Linux kernel. This race could be exploited by remote attackers to
cause a denial of service (system crash). (CVE-2014-2672)

An error was discovered in the Reliable Datagram Sockets (RDS) protocol
stack in the Linux kernel. A local user could exploit this flaw to cause a
denial of service (system crash) or possibly have unspecified other impact.
(CVE-2014-2678)

Yaara Rozenblum discovered a race condition in the Linux kernel's Generic
IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit
this flaw to cause a denial of service (system crash). (CVE-2014-2706)

A flaw was discovered in the Linux kernel's ping sockets. An unprivileged
local user could exploit this flaw to cause a denial of service (system
crash) or possibly gain privileges via a crafted application.
(CVE-2014-2851)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-1446-omap4 3.2.0-1446.65

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2227-1
CVE-2013-4483, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101,
CVE-2014-0196, CVE-2014-1737, CVE-2014-1738, CVE-2014-2309,
CVE-2014-2523, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706,
CVE-2014-2851

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.2.0-1446.65

[USN-2225-1] Linux kernel (Saucy HWE) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJThDYRAAoJEAUvNnAY1cPYmtIP/28gAGsnXJEoYR9I/s16P39u
GqCe44KYVdV9vcVYj/Lhd9HyBvwb+K3FGCWpWjod4hEdZY9SNqTwq0eXcHOgDao3
uuc6bCUyIoyp0tGmoqptkJDc+Q4DbYaaWgaL4RCu1wbwhUrUuzgm2ipYP6ZNGYSr
J+RLgt4tewn1ecyBdt18ho3SI+gKuRoDKhMlb9CA1P5nrgApUewfStQbQGzwO/cU
d3lDrAoAFXWtU3myXwl7vVg+k0ZQt87/IP9/N897Dezuc76W94pvdnUlxD2h586F
1xkdPh74kjAKs8wUTkm61RvEtfNZdRnt72JwHYVU+5WaYopdxaFjwHJZ0qiacxX5
r6zA9w741n8mcdIfpQmQqYDdQ8RPhQ7FtAOYOk9/C2z4nEVCG7EuFBtAUv5xfxzG
GmKZUOcKjNUGEpPBciMJO9i89pT/W2Q92IdaBZDfRjVgTT2F+icZIr+HePT6U3ak
oZBJRKxqzhg0cwySSK1Skf81+cj4/H2WgtYOWRrLZYPEXl6KtQmpt+LO7hcCh2Mv
OCJP08ULi4bXnc1c2uC3T0S4HK5LG+X9k+ddc8R9oQy2adkuhWsrTM+WyqYY/9Qv
r83SeQ8ZPwoVy4YvUBD/S/cKj8YLxw12OLbNrBEzNqccq/bKTJqjIhhat/Jxmsh/
5bBYSoeJLWfGPU4lf9O6
=HpoI
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2225-1
May 27, 2014

linux-lts-saucy vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-lts-saucy: Linux hardware enablement kernel from Saucy

Details:

Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory. (CVE-2014-1738)

Matthew Daley reported a flaw in the handling of ioctl commands by the
floppy disk driver in the Linux kernel. An unprivileged local user could
exploit this flaw to gain administrative privileges if the floppy disk
module is loaded. (CVE-2014-1737)

A flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest
OS users could exploit this flaw to cause a denial of service (host OS
crash). (CVE-2014-0055)

A flaw was discovered in the handling of network packets when mergeable
buffers are disabled for virtual machines in the Linux kernel. Guest OS
users may exploit this flaw to cause a denial of service (host OS crash) or
possibly gain privilege on the host OS. (CVE-2014-0077)

Nikolay Aleksandrov discovered a race condition in Linux kernel's IPv4
fragment handling code. Remote attackers could exploit this flaw to cause a
denial of service (system crash) or possibly have other unspecified impact.
(CVE-2014-0100)

A flaw was discovered in the Linux kernel's handling of the SCTP handshake.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2014-0101)

A flaw was discovered in the handling of routing information in Linux
kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a
denial of service (memory consumption) via a flood of ICMPv6 router
advertisement packets. (CVE-2014-2309)

An error was discovered in the Linux kernel's DCCP protocol support. A
remote attacked could exploit this flaw to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2014-2523)

Max Sydorenko discovered a race condition in the Atheros 9k wireless driver
in the Linux kernel. This race could be exploited by remote attackers to
cause a denial of service (system crash). (CVE-2014-2672)

Adhemerval Zanella Neto discovered a flaw the in the Transactional Memory
(TM) implementation for powerpc based machine. An unprivileged local user
could exploit this flaw to cause a denial of service (system crash).
(CVE-2014-2673)

An error was discovered in the Reliable Datagram Sockets (RDS) protocol
stack in the Linux kernel. A local user could exploit this flaw to cause a
denial of service (system crash) or possibly have unspecified other impact.
(CVE-2014-2678)

Yaara Rozenblum discovered a race condition in the Linux kernel's Generic
IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit
this flaw to cause a denial of service (system crash). (CVE-2014-2706)

A flaw was discovered in the Linux kernel's ping sockets. An unprivileged
local user could exploit this flaw to cause a denial of service (system
crash) or possibly gain privileges via a crafted application.
(CVE-2014-2851)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.11.0-22-generic 3.11.0-22.38~precise1
linux-image-3.11.0-22-generic-lpae 3.11.0-22.38~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2225-1
CVE-2014-0055, CVE-2014-0077, CVE-2014-0100, CVE-2014-0101,
CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523,
CVE-2014-2672, CVE-2014-2673, CVE-2014-2678, CVE-2014-2706,
CVE-2014-2851

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-saucy/3.11.0-22.38~precise1

[USN-2226-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJThDYsAAoJEAUvNnAY1cPYSTUP/30tGbu2MkUWne1W5KQxonF/
XqaOigr9Rfnvx45SAqJ+oFS1ogaD9CunMdOlZ5XU07Mgln8cQLUJO1UIYc/IpqPo
zQevTkCmvW3PbfbQAhgNez+l2s0GIsyz2ATcRPDi71nZHEzZDujcLxyt0P0vQpOI
Td6WPWzwJU/dlZ3fmrsoC/6G8KUM6kLULDT5XUBvx9vL5BuZHF4mMFM7AJncFUBw
rxxJSNTx4faFXg3nspfdrq3Gy0BTMFVDHElsF8DxWpX9kHdJCJE70fjO+vfHY8g4
TfuUR21orK+nP6/FvHLcFypf26iFVHrlRrxQmR4UeDr6un2xYQFSGkARrhfo8OEM
aTWFLLyISomHHBYSNuT9FMny2F/P96xDGs2wVBbgb2XqSJ9FxcTL/9DkYYMIzuh8
M82462z4Oiaf8PoMkure11honHjHc/6IkgdakmhC3E6/lC42/pSZM09NyOfuzSVl
O3Dna8GZtztztVBbb4WRxS9duS1/n8isUtbST+cMiUGSjVkZTUN1u9SQT6ai3kZ0
ePfplT5G8Dtvl7/ITTcvkoPXu7WMvirdAj1rEMUzUpHsygmulQ3KIuvMntB1N282
b3JjaNwxSXIiU96BvmKoq3JajeQWfOMRTvK+9iuLj+6YVZesOyCFfGaMO/QZsDts
4aa6RRINhfhUCoo4vD/8
=ugOb
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2226-1
May 27, 2014

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory. (CVE-2014-1738)

Matthew Daley reported a flaw in the handling of ioctl commands by the
floppy disk driver in the Linux kernel. An unprivileged local user could
exploit this flaw to gain administrative privileges if the floppy disk
module is loaded. (CVE-2014-1737)

A flaw was discovered in the handling of network packets when mergeable
buffers are disabled for virtual machines in the Linux kernel. Guest OS
users may exploit this flaw to cause a denial of service (host OS crash) or
possibly gain privilege on the host OS. (CVE-2014-0077)

A flaw was discovered in the Linux kernel's ping sockets. An unprivileged
local user could exploit this flaw to cause a denial of service (system
crash) or possibly gain privileges via a crafted application.
(CVE-2014-2851)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-3.13.0-27-generic 3.13.0-27.50
linux-image-3.13.0-27-generic-lpae 3.13.0-27.50
linux-image-3.13.0-27-lowlatency 3.13.0-27.50
linux-image-3.13.0-27-powerpc-e500 3.13.0-27.50
linux-image-3.13.0-27-powerpc-e500mc 3.13.0-27.50
linux-image-3.13.0-27-powerpc-smp 3.13.0-27.50
linux-image-3.13.0-27-powerpc64-emb 3.13.0-27.50
linux-image-3.13.0-27-powerpc64-smp 3.13.0-27.50

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2226-1
CVE-2014-0077, CVE-2014-1737, CVE-2014-1738, CVE-2014-2851

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.13.0-27.50

[USN-2224-1] Linux kernel (Raring HWE) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJThDX0AAoJEAUvNnAY1cPYpPgP/ibO/lKgN4fp5z+GmwXnSvbJ
/G2Wvc+D1DHgPt2rpWu/jG7dnkBm7af+rmHYQ4TRT+qj61IsV2S1HO8cXaFnhbVg
P8IIJhtNtM86J14vu9hSAVkR3QeExSQq+//q4d1bkQFGnzyFMnLV543ifDmtfz5n
iNwN/2YfjTt9S+/apfeUB6qu6FzRAw8ELP1boyfNVACIHkmbu90N0WpBzrka8Di1
GpXZBNUKc3rGCaOIdThHqWT+GOXEffsl1Es0X8XndwAl4NyclHE/5O1wBVziGCOR
T9uvZ7RA/Mcgt0IL3vHCfqMdoO2KEFrpRIml9oVoikHR17+zxoTGsocpg6GSRQBF
SGxhMN/nTWOSBxmUKKtT4I4+SYDAscHkByuxkqHb1QKZWo7qyxt/FspZikyb5Su0
PNELPK4Avc6wBXaspnyp7iJbjJ7gQuCrzG3rEng8ameDYkZc6xOtXCHbVbhs6oq6
SumUpfEoRqHzWPuBnmuVoIOYuxClxSB1GVJqlZN+7oVF+jIfit8aBS7yxkR1x6xM
1SCsCmaPV/YlzsR8wzUX0NMuK/54y8akxmk0YkZnePiKiBy5Yt/a3R598hLzZC9x
BWJ7IBro+1wPc8ebP3HXvzB4LVXbkhhGPo3GYGCucc8Qid91Cx+DxECVmTP06kDw
VzjZ2mersv47S4fbn390
=augQ
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2224-1
May 27, 2014

linux-lts-raring vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-lts-raring: Linux hardware enablement kernel from Raring

Details:

Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory. (CVE-2014-1738)

Matthew Daley reported a flaw in the handling of ioctl commands by the
floppy disk driver in the Linux kernel. An unprivileged local user could
exploit this flaw to gain administrative privileges if the floppy disk
module is loaded. (CVE-2014-1737)

A flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest
OS users could exploit this flaw to cause a denial of service (host OS
crash). (CVE-2014-0055)

A flaw was discovered in the handling of network packets when mergeable
buffers are disabled for virtual machines in the Linux kernel. Guest OS
users may exploit this flaw to cause a denial of service (host OS crash) or
possibly gain privilege on the host OS. (CVE-2014-0077)

A flaw was discovered in the Linux kernel's handling of the SCTP handshake.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2014-0101)

A flaw was discovered in the handling of routing information in Linux
kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a
denial of service (memory consumption) via a flood of ICMPv6 router
advertisement packets. (CVE-2014-2309)

An error was discovered in the Linux kernel's DCCP protocol support. A
remote attacked could exploit this flaw to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2014-2523)

Max Sydorenko discovered a race condition in the Atheros 9k wireless driver
in the Linux kernel. This race could be exploited by remote attackers to
cause a denial of service (system crash). (CVE-2014-2672)

An error was discovered in the Reliable Datagram Sockets (RDS) protocol
stack in the Linux kernel. A local user could exploit this flaw to cause a
denial of service (system crash) or possibly have unspecified other impact.
(CVE-2014-2678)

Yaara Rozenblum discovered a race condition in the Linux kernel's Generic
IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit
this flaw to cause a denial of service (system crash). (CVE-2014-2706)

A flaw was discovered in the Linux kernel's ping sockets. An unprivileged
local user could exploit this flaw to cause a denial of service (system
crash) or possibly gain privileges via a crafted application.
(CVE-2014-2851)

Sasha Levin reported a bug in the Linux kernel's virtual memory management
subsystem. An unprivileged local user could exploit this flaw to cause a
denial of service (system crash). (CVE-2014-3122)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.8.0-41-generic 3.8.0-41.60~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2224-1
CVE-2014-0055, CVE-2014-0077, CVE-2014-0101, CVE-2014-1737,
CVE-2014-1738, CVE-2014-2309, CVE-2014-2523, CVE-2014-2672,
CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3122

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-raring/3.8.0-41.60~precise1

[USN-2223-1] Linux kernel (Quantal HWE) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJThDXWAAoJEAUvNnAY1cPYW+0P/iJc+bBwjCd0IX98AMTXAdzs
cEZjIYjUritn2lC+SeeoI2Gai2BXBLJr6p3epeM98sCmgA6BGF1VAjmInCsl4tbu
6n5QtaUq3fBj3yYbA4M3RYLUFYOaYMirWbPozUxH43nX9sJPtVq2/LoNJTulsRca
qlttHz68oQCZae8Bd+RiOnXn9djntToA5+x1h6LDqgkzlP9vzVLEoavsvMyZChcr
J6Ym6VZeD4Dx5U+FA+yBGPz8lGKV1hvepziTRhQW9hi20oJIR+cLQmbeAeBmBVDW
eT1BjuY1jfMr04KsBMpSFFvWB0Jeqkr3jVqHmLHOoDWrpaDwUwb8PLszjOZ6neIy
uPS7I7PVQolmYMoskrwyl/w1jZAA1MrUBMg6e5pvSKdB3Not4wE2LJB+ATmkxMC0
fLWFKUfsy40UxIj9PIBnZuj0BrT+6kPi4H+gjmiucxO35PVc8w2YBQbYHy3rQ2/J
3SwysND5gJsd9W/4/rHLyXrBRDHF1wqEm+1Czuaq4lQvL25WoSlTdzoZdjsCnf/A
RpAcP6qdU8VeCuQJeas7JNv+0XO5T/ZNCGojYrvbizTmUVV4lxe/cgC4pEKkEQY+
yrkAcxFamRbFxURp3vKyPflZbi4Ub+1z5j32gISiEt7uFiKUDx4NbPW3PLdJN6hP
BtslIQXr1xWX8A0+B9al
=wFkv
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2223-1
May 27, 2014

linux-lts-quantal vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-lts-quantal: Linux hardware enablement kernel from Quantal

Details:

Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory. (CVE-2014-1738)

Matthew Daley reported a flaw in the handling of ioctl commands by the
floppy disk driver in the Linux kernel. An unprivileged local user could
exploit this flaw to gain administrative privileges if the floppy disk
module is loaded. (CVE-2014-1737)

A flaw was discovered in the Linux kernel's IPC reference counting. An
unprivileged local user could exploit this flaw to cause a denial of
service (OOM system crash). (CVE-2013-4483)

A flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest
OS users could exploit this flaw to cause a denial of service (host OS
crash). (CVE-2014-0055)

A flaw was discovered in the handling of network packets when mergeable
buffers are disabled for virtual machines in the Linux kernel. Guest OS
users may exploit this flaw to cause a denial of service (host OS crash) or
possibly gain privilege on the host OS. (CVE-2014-0077)

A flaw was discovered in the Linux kernel's handling of the SCTP handshake.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2014-0101)

A flaw was discovered in the handling of routing information in Linux
kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a
denial of service (memory consumption) via a flood of ICMPv6 router
advertisement packets. (CVE-2014-2309)

An error was discovered in the Linux kernel's DCCP protocol support. A
remote attacked could exploit this flaw to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2014-2523)

Max Sydorenko discovered a race condition in the Atheros 9k wireless driver
in the Linux kernel. This race could be exploited by remote attackers to
cause a denial of service (system crash). (CVE-2014-2672)

An error was discovered in the Reliable Datagram Sockets (RDS) protocol
stack in the Linux kernel. A local user could exploit this flaw to cause a
denial of service (system crash) or possibly have unspecified other impact.
(CVE-2014-2678)

Yaara Rozenblum discovered a race condition in the Linux kernel's Generic
IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit
this flaw to cause a denial of service (system crash). (CVE-2014-2706)

A flaw was discovered in the Linux kernel's ping sockets. An unprivileged
local user could exploit this flaw to cause a denial of service (system
crash) or possibly gain privileges via a crafted application.
(CVE-2014-2851)

Sasha Levin reported a bug in the Linux kernel's virtual memory management
subsystem. An unprivileged local user could exploit this flaw to cause a
denial of service (system crash). (CVE-2014-3122)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.5.0-51-generic 3.5.0-51.76~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2223-1
CVE-2013-4483, CVE-2014-0055, CVE-2014-0077, CVE-2014-0101,
CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523,
CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851,
CVE-2014-3122

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-quantal/3.5.0-51.76~precise1

Monday, May 26, 2014

[FreeBSD-Announce] The base src to cvs exporter is being retired

While doing some maintenance work on the svn->cvs exporter last week, It was
discovered that its staging areas had been corrupted again.

As a reminder, we said we'd try to keep the exporter running "best effort basis
until 9.0-RELEASE, 8.3-RELEASE, 7.4-RELEASE are no longer supported". All of
these milestones are in the past.

Archives of the last runs of the exporter are propagating to ftp.FreeBSD.org
in /pub/FreeBSD/development/CVS-archive/ at this time.

The contents of the src collection in the cvsup mirrors has been frozen and
will soon only be available from the archive above. The previously removed
ports, doc, www collections are also archived there for archaeology purposes.

We still provide old-style pkg_add binary packages for both "subversion" and
"svnup" for FreeBSD-8.x and 9.x. We provide new style 'pkg install' binary
builds of these every week via pkg.FreeBSD.org.

Both subversion and svnup build from source without too much difficulty on older
versions of FreeBSD if required.

We also provide daily source and ports tarballs on ftp.FreeBSD.org at
/pub/FreeBSD/development/tarballs/ as last resort for people with very
ancient releases.

Obtaining FreeBSD via subversion is documented at:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/svn.html

The temporary transition aid from 2008 had a good run. It is time to put it
to rest.

-Peter (murderer of cvs)
--
Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com; KI6FJV
UTF-8: for when a ' just won\342\200\231t do.

[USN-2222-1] mod_wsgi vulnerabilities

==========================================================================
Ubuntu Security Notice USN-2222-1
May 26, 2014

mod-wsgi vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS
- Ubuntu 13.10
- Ubuntu 12.04 LTS

Summary:

mod_wsgi could be made to run programs as an administrator if it executes
a specially crafted file.

mod_wsgi could be made to expose sensitive information over the network.

Software Description:
- mod-wsgi: Python WSGI adapter module for Apache

Details:

Róbert Kisteleki discovered mod_wsgi incorrectly checked setuid return
values. A malicious application could use this issue to cause a local
privilege escalation when using daemon mode. (CVE-2014-0240)

Buck Golemon discovered that mod_wsgi used memory that had been freed.
A remote attacker could use this issue to read process memory via the
Content-Type response header. This issue only affected Ubuntu 12.04 LTS.
(CVE-2014-0242)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
libapache2-mod-wsgi 3.4-4ubuntu2.1.14.04.1
libapache2-mod-wsgi-py3 3.4-4ubuntu2.1.14.04.1

Ubuntu 13.10:
libapache2-mod-wsgi 3.4-4ubuntu2.1.13.10.1
libapache2-mod-wsgi-py3 3.4-4ubuntu2.1.13.10.1

Ubuntu 12.04 LTS:
libapache2-mod-wsgi 3.3-4ubuntu0.1
libapache2-mod-wsgi-py3 3.3-4ubuntu0.1

After a standard system update you need to restart apache2 to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2222-1
CVE-2014-0240, CVE-2014-0242

Package Information:
https://launchpad.net/ubuntu/+source/mod-wsgi/3.4-4ubuntu2.1.14.04.1
https://launchpad.net/ubuntu/+source/mod-wsgi/3.4-4ubuntu2.1.13.10.1
https://launchpad.net/ubuntu/+source/mod-wsgi/3.3-4ubuntu0.1

[USN-2221-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJTgzDdAAoJEAUvNnAY1cPY3qwQAKaaB2IIsWjHN5G/p3qrKs7I
0EvwImO02K4U21a2EhvuZJ7iA+9HhCzfWQTD4zNd576gMVcDMDkyUCYxR2N9PE7N
k7wpVYaCUK7cWDx+kxAA1prmqibLkzZ7rAH9B/MV24duN2WcPsqzve2wjddlBJQO
9SNRt6Bwo34J+7JQYSyqjSYwAGr3ReTA8FCytPLEFVK3LeFkmlKVn3VEykCTf9BC
7ceDPIY8KYvnJdSIwb6il1vbaFgBdGOR11FjmTjO7ts9qVwH5fQXxYakHzah4J26
PKNgAPy2IRG7VHxvJFQnGYDTywp1VdELIzo/vD1lVp9iw+TnR56DBixPxkjm67Kc
UtKLf0+P0ecdLmXyyoJ6GUULqo2+yY8kIsfhz5C+ghF3UtsK1TN3CUirl4S0VmDZ
JM1uHbTlAcM+wPswiw4cNAJyP4GKrpv+Ri2FpO9xQN1ALSvf5WxYYk1JRJSXn3Pd
5adNxAkHoZAnt+B+Yuin3MTKdByidek2Dmy9qsYMozjEkCspsRXZgEJAuRFXR8tP
qU6G4ge8Tmin10/wPfSqO/kthBWJtVsb++x49hiZOIdu3tzbwS44G+m2+x0/U8/b
o98RY1BG9/Ruo825568cHiKgCYCx2TYb2ORlRb+ps/beaywiHxhzOJ4H4eAo8GDj
arWk3n/FGWfx7Byw4h5Q
=EXr3
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2221-1
May 26, 2014

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory. (CVE-2014-1738)

Matthew Daley reported a flaw in the handling of ioctl commands by the
floppy disk driver in the Linux kernel. An unprivileged local user could
exploit this flaw to gain administrative privileges if the floppy disk
module is loaded. (CVE-2014-1737)

A flaw was discovered in the Linux kernel's IPC reference counting. An
unprivileged local user could exploit this flaw to cause a denial of
service (OOM system crash). (CVE-2013-4483)

Al Viro discovered an error in how CIFS in the Linux kernel handles
uncached write operations. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash), obtain sensitive
information from kernel memory, or possibly gain privileges.
(CVE-2014-0069)

A flaw was discovered in the handling of network packets when mergeable
buffers are disabled for virtual machines in the Linux kernel. Guest OS
users may exploit this flaw to cause a denial of service (host OS crash) or
possibly gain privilege on the host OS. (CVE-2014-0077)

A flaw was discovered in the Linux kernel's handling of the SCTP handshake.
A remote attacker could exploit this flaw to cause a denial of service
(system crash). (CVE-2014-0101)

A flaw was discovered in the handling of routing information in Linux
kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a
denial of service (memory consumption) via a flood of ICMPv6 router
advertisement packets. (CVE-2014-2309)

An error was discovered in the Linux kernel's DCCP protocol support. A
remote attacked could exploit this flaw to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2014-2523)

Max Sydorenko discovered a race condition in the Atheros 9k wireless driver
in the Linux kernel. This race could be exploited by remote attackers to
cause a denial of service (system crash). (CVE-2014-2672)

An error was discovered in the Reliable Datagram Sockets (RDS) protocol
stack in the Linux kernel. A local user could exploit this flaw to cause a
denial of service (system crash) or possibly have unspecified other impact.
(CVE-2014-2678)

Yaara Rozenblum discovered a race condition in the Linux kernel's Generic
IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit
this flaw to cause a denial of service (system crash). (CVE-2014-2706)

A flaw was discovered in the Linux kernel's ping sockets. An unprivileged
local user could exploit this flaw to cause a denial of service (system
crash) or possibly gain privileges via a crafted application.
(CVE-2014-2851)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-63-generic 3.2.0-63.95
linux-image-3.2.0-63-generic-pae 3.2.0-63.95
linux-image-3.2.0-63-highbank 3.2.0-63.95
linux-image-3.2.0-63-omap 3.2.0-63.95
linux-image-3.2.0-63-powerpc-smp 3.2.0-63.95
linux-image-3.2.0-63-powerpc64-smp 3.2.0-63.95
linux-image-3.2.0-63-virtual 3.2.0-63.95

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2221-1
CVE-2013-4483, CVE-2014-0069, CVE-2014-0077, CVE-2014-0101,
CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523,
CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.2.0-63.95

[USN-2220-1] Linux kernel (EC2) vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJTgzC/AAoJEAUvNnAY1cPYCqIP/3jlYKJIEiAOo6DO4K3pUPgx
A4ssThSGY0VdsuQp47v9K+w83EiVKgDnA7VmXKycNHmbPP3+8ar2iVMDQiR4VXtn
bbZj12vZ7PBJYT55InSF8mCeclJyKKpyHFTDWQdHnILuM+ntfHNJKJMJS6yiGLgp
iXC1PFckxIUpb6/Nw5CWgIGZAWAYRcnLRqT0YS5sRe6Xd1yuraffNok7+b4fObUz
wT6a+8fjdYCXZzUDE81gE9Ehua40LUgkPmVOLAQBa5vwLILylKhLRzl4eUw/e/rD
weiZ/pms8D563j2LjnsFlkH+xMBRnlwDIbQUiUchqIiKKh3a2DPvAS4rUoIkuhpW
3Vk3kj+5mMDSc2pEgDYJDzAcUx7yUYeZArGsHj2UBPRb8TnVja9b6CXhBFOXkuFY
blv8jB9Mvlwmt4tI1teo+mnztFi2gFvQXcTGwMRT+mMWTEHL+Z4GeOCLGWrILdq+
qFUcz/s/MxZrqMKSVjZ40r9VL1XY0gb+/dOoX/JeEUlbkXv+tqJYUzj7dn7C+2Q0
bNxslrIjM6QP6BqTG9nYBBs19d82KrLoAZYOJegD1w+WkGivQoFWJsOsjnjorH1s
SJqid9rDebfVoBk42Di4ZTFjg1vAfsIJ7PMYaTGGKVFjEyHVgfShTa7WxSYUUpEW
j+IfDPwQzVz7IERPdDPx
=QMh2
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2220-1
May 26, 2014

linux-ec2 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ec2: Linux kernel for EC2

Details:

Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory. (CVE-2014-1738)

Matthew Daley reported a flaw in the handling of ioctl commands by the
floppy disk driver in the Linux kernel. An unprivileged local user could
exploit this flaw to gain administrative privileges if the floppy disk
module is loaded. (CVE-2014-1737)

A flaw was discovered in the Reliable Datagram Sockets (RDS) protocol
implementation in the Linux kernel for systems that lack RDS transports. An
unprivileged local user could exploit this flaw to cause a denial of
service (system crash). (CVE-2013-7339)

An error was discovered in the Reliable Datagram Sockets (RDS) protocol
stack in the Linux kernel. A local user could exploit this flaw to cause a
denial of service (system crash) or possibly have unspecified other impact.
(CVE-2014-2678)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-364-ec2 2.6.32-364.77

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2220-1
CVE-2013-7339, CVE-2014-1737, CVE-2014-1738, CVE-2014-2678

Package Information:
https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-364.77

[USN-2219-1] Linux kernel vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJTgzCjAAoJEAUvNnAY1cPYBA0QAK+Lssx2z2KDrIPN8ynatTfz
F3PBAEBm+ZeD9ezEq0PFQrsQ1hKhDclPidvswnCCF698OkAs0ZDilL10sqjssZBh
y+KAv2lemaNUWJq8ariXcUCXRpQ+eVPH806nwqWbFyQiwjo36xRDi8o6aOv1dEkp
WGzwblhX8/Lqlu0B3BXbsr/D9X60DYmYX+qjhTKyqA6DE9P402c15Lo9rptIbWXV
cDtiSWpdkLujqM8UXmsq+8uU6l0EE4lBJ0wPEmEuvh4DoCaoAR+FRF4LjvIHbfL+
tYRjpyaJ1eiOkzV6oGpNsmLZlcvq8CNflmx3n94IlifPzE5mZO1RLTVNRzEFYm+r
coYFZzPybsV2MK2KW9irj4cBchG4Mud7dqPt40RlIPvREC7/I0zBK5IpzghAPwC5
9mf8o0gWtu7QQZpXUNo9v7A0DoleCdr7zjS5zYkC11Sje5OjXdXtxkrLMixH6IDz
5igZInOZyKLuCWkU9HjRF4qhyrK6hsqPS7fI0/QWlwS0L9/dRRCtqiV6XCSphN0X
R2syR54o0OOjvbindlcwjTsFjipdLHw3ASJba1yGBa7/koPSv5fgEUA+je6MYfSA
cwfWs0TAtShV5VBEIJ/VldK5AtBcsOx+0GcKhbqVMwxux6FSIQ7az2ppOcIX3izj
pf15MIk8Bif7Vj6pAK90
=dqPF
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2219-1
May 26, 2014

linux vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux: Linux kernel

Details:

Matthew Daley reported an information leak in the floppy disk driver of the
Linux kernel. An unprivileged local user could exploit this flaw to obtain
potentially sensitive information from kernel memory. (CVE-2014-1738)

Matthew Daley reported a flaw in the handling of ioctl commands by the
floppy disk driver in the Linux kernel. An unprivileged local user could
exploit this flaw to gain administrative privileges if the floppy disk
module is loaded. (CVE-2014-1737)

A flaw was discovered in the Reliable Datagram Sockets (RDS) protocol
implementation in the Linux kernel for systems that lack RDS transports. An
unprivileged local user could exploit this flaw to cause a denial of
service (system crash). (CVE-2013-7339)

An error was discovered in the Reliable Datagram Sockets (RDS) protocol
stack in the Linux kernel. A local user could exploit this flaw to cause a
denial of service (system crash) or possibly have unspecified other impact.
(CVE-2014-2678)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 10.04 LTS:
linux-image-2.6.32-60-386 2.6.32-60.122
linux-image-2.6.32-60-generic 2.6.32-60.122
linux-image-2.6.32-60-generic-pae 2.6.32-60.122
linux-image-2.6.32-60-ia64 2.6.32-60.122
linux-image-2.6.32-60-lpia 2.6.32-60.122
linux-image-2.6.32-60-powerpc 2.6.32-60.122
linux-image-2.6.32-60-powerpc-smp 2.6.32-60.122
linux-image-2.6.32-60-powerpc64-smp 2.6.32-60.122
linux-image-2.6.32-60-preempt 2.6.32-60.122
linux-image-2.6.32-60-server 2.6.32-60.122
linux-image-2.6.32-60-sparc64 2.6.32-60.122
linux-image-2.6.32-60-sparc64-smp 2.6.32-60.122
linux-image-2.6.32-60-versatile 2.6.32-60.122
linux-image-2.6.32-60-virtual 2.6.32-60.122

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2219-1
CVE-2013-7339, CVE-2014-1737, CVE-2014-1738, CVE-2014-2678

Package Information:
https://launchpad.net/ubuntu/+source/linux/2.6.32-60.122

Sunday, May 25, 2014

reallost1.fbsd2233449 行政人员如何自我提升

                     行 政 管 理 实 操 训 练

【时间地点】 2015年05月30-31日深圳、06月13-14日上海

【参加对象】 行政总监、行政经理、办公室主任、董事长秘书、总经理秘书、行政助理、行政主管等其它
             行政管理人员。

【授课方式】 案例分享、实务分析、互动讨论、专题研讨、培训游戏等

【学习费用】 3800/人(含课程讲义、午餐、茶点等)

垂询热线:上海:021-31006787、深圳:0755-6128-0006

 在·线·QQ:320588808    值班手机:189-189-56595  许先生

注:如不需此类信件信息,请转发送"删除"至qytuixin@163.com,我们会及时处理,谢谢您的理解。

课程赠送资料:行政管理部门全套岗位说明书
              行政管理部门全套制度、全套流程
              行政管理部门必须掌握的管理知识
              PPT精美(400多个胚)模板
              彼得德鲁克、稻盛和夫、杰克.韦尔奇等经典管理著作

【培训特点】 500强企业的工作背景、对不同企业的深入咨询经验,系统缜密的思维体系给学员专业的提升

【认证费用】 中级600/人;高级800/人(参加认证考试的学员须交纳此费用,不参加认证考试的学员无
             须交纳)

备注:
1. 凡参加认证的学员,在培训结束参加考试合格者由《国际职业认证标准联合会》颁发《行政管理师》国际国内中英文版双职业资格证书,(国际国内认证/全球通行/社会认可/官方网上查询);
2. 凡参加认证的学员须课前准备大一寸红底或蓝底数码照片;
3.课程结束后20个工作日内将证书快递寄给学员;
4.可申请中国国家人才网入库备案。

课程背景:
  随着企业管理水平的不断提升,对行政管理的专业素质要求也越来越高,他们在工作中常遇到以下问题,不清楚行政管理在企业中的价值,不明晰自己的工作职责与角色定位,或者不知道如何去管理团队。诸如此类的问题,都是每个行政管理人员都要面对的,如何把握正确思路和方向、找到最适当方法,迅速提升自身职业素养、有效控制行政成本,更好的达成企业管理的目的。

培训目的:
  本课程专门为行政总监、行政经理、董事会或总经办秘书、行政部门工作人员、部门经理助理、其他行政人员设计提升专业能力,成为上司在工作中的得力助手而设计的,目的是要使学员能够帮助上司提升工作效率与品质,维护商业形象,取得事业更大成功,成为老板的"管家", 做好办公室的上传下达、做好领导的左膀右臂和参谋助手。

讲师介绍:【欧阳少波】
* 咨询培训经验:10年
* 专注于的业务领域
* 行政管理
* 战略管理
* 组织结构设计
* HCM全面解决方案
* 流程与制度管理
* 欧阳少波先生毕业于北京大学,拥有工商管理硕士学位

  曾在微软、艾默生电气、伊顿、IBM工作,担任过接待专员、总经理、办事处主任、合伙人等职位。
  他具有多年丰富的管理咨询和培训经验,为不同行业的国内外客户提供卓有成效的培训和咨询服务,所服务过的客户包括上市公司、国有独资企业、外商独资企业、民营企业及合资企业,行业涉及金融、能源、制造业、快速消费品、电信运营商等多个行业

授课风格:
案例分析      模拟演练      游戏导入 
理论讲解      短片播放      故事调节

擅长课程:
《行政统筹管理实操训练》
《企业关键人才的招募、留用及管理实战解析》
《行政统筹管理》
《流程与制度管理》
《管理者与绩效管理》
《企业文化与品牌塑造》
《解决问题的能力塑造》
《金字塔公文写作》
《商务接待》

咨询项目:
2011 敏华控股组织人力项目    新奥燃气能力素质模型     人力资源专家
2010 格力电器绩效管理项目    项目经理
2010 中国电信运营中心人力资源战略规划    项目总监
2010 内蒙古锋威硅业流程、组织、制度、薪酬、绩效项目  项目经理
2010 江西煤炭集团战略规划 项目总监
2009 乌鲁木齐电信人力资源提升项目    项目经理
2009 长沙烟草服务品牌项目 项目经理
2009 江西蓝天驾校连锁项目一、项目二 项目经理
2008 宁波日升电器流程与制度、组织结构设计、薪酬与绩效管理项目 项目经理
2008 红松风力发电有限公司战略、组织与流程、薪酬与绩效项目  项目经理
2008 山东万丰集团组织、流程与制度、薪酬与绩效、股权激励项目 项目经理
2007上海豫园商城母子公司管控、子公司层激励、组织设计  项目经理
2007 用友移动商务有限公司组织、流程、薪酬与绩效、预算管理体系 项目经理
2007 中国石油西南销售公司绩效管理项目  项目经理
2006 中国电子信息产业集团公司战略项目  项目经理

培训特色:
  授课层次清晰,条理性和逻辑性强。在培训过程中,活跃流畅,充分调动学员的积极性、参与性。注重启发式教学,充分运用案例和体验式教学方法,将理论与实际有效结合,在与大家分享心得的同时,使学员思考方式发生改变。此外欧阳老师亲和力非常强,亦很受客户领导、学员的喜爱。

曾培训或咨询过的企业有:
  华润啤酒、山东电力、建亨集团、中国电信乌鲁木齐分公司、中国电信增值运营中心、中国移动网络管理中心、中石油华北油田钢管公司、中国石油西南销售公司、中国电子信息产业集团、中国南方电网、上海豫园、宁波日升电器有限公司等


客户评价:
  行政统筹管理是杂烦乱的,但是培训老师能够使学员不觉得枯燥,气氛很活跃,学习到了平时工作中很理论知识 ,以及实操方法。

                                                    ————上海英提尔交运汽车零部件有限公司  黄伟祥

  行政人事工作杂乱、烦锁,通过华为,微软等案例,学习行政管理正确方法,行政管理正确思维和行政管理正确工具。
                                                               ————江苏新亚房地产开发有限公司  曹丽华

  课程精彩部份挺多的,但有一点,回去要实践的就是高效中的节约奖惩制度,做任何事,一定要"早一点,好一点,多一点"从事行政工作5年多,第一次参加有关行政管理类培训,让我把平常所做的事汇总,检讨。感觉很棒!!

                                                                                                ————东莞万好  黄玉婵

  老师的举例说明让人记忆深刻,能把学的内容用到实际的工作中去,把以往觉得难以处理的事务能有新方法更好的理顺,有信心在以后带领好自己的团队,课程时间有点短,能用三天来安排也许会更加理解深刻。

                                                               ————明治(青岛)橡塑制品有限公司 彭大珍

  课程非常有实操性,针对一件事情从最细节的地主出发分析,对我个人而言,课程让我更多关注到的就是行政管理方面的细节(会议接待,待人接物等)在行政基础如何做到出彩!
                                                                              ————宁波朗生医药有限公司 施佩佩

  课程每一章都会有小组讨论,倾听同学的想法并进行点评,加深了课程的印象,对行政管理有了一个系统的理解。

                                                                             ————铿腾(上海)有限公司 陈朔涓

  案例多,老师很幽默,课程气氛很好。认识到,一个人不是做越多越好,而且把重要的事做好。
                                                                 ————福建安健致远国际贸易有限公司  林聪

  通过此次培训,对行政工作的定位作用,具体工作方法及领导者的能力有了全面的了解,同时也认识了各行各业的行政精英,正所谓"三人行,必有我师",这将是一笔丰富的资源。
                                                             ————湛江国联水产开发股份有限公司  唐岸莲

  课程老师与学员互动,老师讲课非常的风趣,鼓励学员自己总结,根据老师的培训内容及案例,联系到自己的工作,有了很多新的想法和思路。
                                                                        ————耐驰(兰州)泵业有限公司  徐东

课程大纲:
第一讲  行政管理的使命与价值——稳定、高效、辅助
行政管理的定位
行政管理的困惑?
——杂、烦、琐碎、做得好大家没有感觉,做得不好大家都看得见
行政管理的定义与三重境界

一、如何让行政部工作出彩——第一个关键词:稳定
1. 每个接触点都是白金点
2. 行政管理的服务理念——有礼热情,有理服务
3. 工作分析的5个步骤
信件管理工作分析与最佳实践
卫生管理工作分析与最佳实践
食堂管理工作分析与最佳实践
司机接待工作分析与最佳实践
保安管理工作分析与最佳实践
督导督办工作分析与最佳实践
内部服务质量与服务利润链
行政团队建设的八个要素
行政团队建设的五个阶段
案例讨论:如何让行政部出彩

二、如何成为老板得力的管家人——第二个关键词:高效
1. 五个方面打造高效的行政团队
2. 预算管理
3. 行政采购体系搭建与战略采购
4. 打造高效型的行政组织机构
案例讨论:如何打造高效的行政团队?

三、成为老板的左右手和眼镜——第三个关键词:辅助
1. 差旅管理
2. 会议管理
会务分类-组织思路
组织阶段:会前准备、会中协助、会后整理
如何担任会议主持人
如何当好会议秘书?如何组织开会
如何避免陷于会议忙碌之中?
3. 时间管理
时间管理的四象限法则
时间管理的三个重要步骤
谋杀时间的四个凶手
4. 接待管理
商务礼仪的三个核心要素
商务接待
行政人员的着装、仪表、语言
行政接待安排与点菜
行政接待的无缝连接
案例讨论:如何接待考察公司的客户?

第二讲、 行政的使命、目的和价值——如何做一名出色的当家人
一、行政管理是一个专业的工作要有自己的方法、工具和技巧
1. 做好办公室工作的三要素——脑勤、嘴勤、腿勤;
2. 行政管理就是管人(包括管自己)、管事、管时间

二、卓越绩效模型——第四个关键词:管人
1. 意愿——什么是职业化的心态?
案例分享:野田圣子,追求卓越,成功自然相随
2. 职责
职业生涯中的劳伦斯定律
工作中的角色与ARCPI模型
行政管理人员如何跟其它部门人员打交道
行政管理人员如何跟上级打交道——管理者与信息
行政管理人员如何跟下属打交道——下属获得成就感的管理三要素
能力——提升能力的三种途径
案例讨论:行政主管职业生涯成功之道

三、行政管理人员的能力素质——管事
1. 能力素质模型基本概念与行政管理人员的能力素质模型的特点
行政管理人员的能力发展路径与岗位图谱
行政管理人员能力素质开发
案例分享:行政主管能力的素质模型
总裁秘书的能力素质模型
档案管理人员的能力素质模型
2. 行政管理人员沟通能力建设——行政人员必备技能
沟通的模型
语言与非语言沟通
成功沟通的四个步骤
沟通的三大法则
如何布置任务、批评和表扬下属
案例实战:如何批评司机王罡
3. 公文写作
公文写作技巧——公文写作的5个关键步骤
金字塔写作原则---公文写作的最佳写作法则
案例:高级秘书何芬的烦恼
实操演练:年终总结
4. PPT写作法则与技巧
PPT吸引人的关键法则——伟大的思想与广告式表达
PPT的3R原则
实战案例:8步铸就世界级ppt演讲
5. 行政管理人员解决问题能力建设——行政管理人员理性思维突破
界定问题——成功的出发点
分解问题——理性思维突破
优先排序——行动指南
分析议题——具体问题指引
关键性分析——具体问题具体分析
归纳建议---解决方案汇总
交流沟通—贯穿始终
案例实操:公司10周年庆典
6. 行政管理人员绩效管理能力建设——行政管理人员的核心工作
绩效管理成功的核心要素之一 —— 先人后事
绩效管理成功的核心要素之二 —— 两个勤劳的人(主管与人力资源绩效管理员)
绩效管理行政管理人员绩效管理指标库建设的两个工具——平衡积分卡与CQQT模型
绩效辅导与检查计划
绩效考核
绩效反馈面谈与改进计划
案例实操:如何考核公司秘书
7. 行政管理人员制度管理能力建设——行政管理人员必须掌握的核心技能
制度的制定——制度制定的7个要素
制度的管理——火炭效应与破窗户理论
案例实操:如何拟定管理制度
8. 行政管理人员流程管理能力建设——行政管理人员必备技能
流程的价值
流程的规范与标准格式
流程的三个关键成功要素
案例实操:会议管理流程
9. 行为规范建设
案例分享:某电力公司行为规范手册

总结:分享收获与行动计划

Saturday, May 24, 2014

X Font Service Protocol Erratum

From http://www.openbsd.org/errata55.html:

X Font Service Protocol & Font metadata file handling issues in libXfont
CVE-2014-0209: integer overflow of allocations in font metadata file parsing
CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies
CVE-2014-0211: integer overflows calculating memory needs for xfs replies
Please see the advisory for more information.
http://lists.x.org/archives/xorg-announce/2014-May/002431.html

Source code patch:

untrusted comment: signature from openbsd 5.5 base secret key
RWRGy8gxk9N93+eLgi55eB+q+iJdk3vT7fqMhrHUN7dUsETsdek0CEyTtx7kXq9vjF5sYa/lCtsUIEgykH7yxDmuIuNUmE3wegc=

OpenBSD 5.5 errata 6, May 24, 2014: X Font Service Protocol
& Font metadata file handling issues in libXfont

This is revision 2 of the patch (the first version forgot to use
signify).

Apply patch using:

signify -Vep /etc/signify/openbsd-55-base.pub -x 006_libXfont.patch.sig \
-m - | (cd /usr/xenocara && patch -p0)

Then build and install libXfont

cd /usr/xenocara/lib/libXfont
make -f Makefile.bsd-wrapper obj
make -f Makefile.bsd-wrapper build

Index: lib/libXfont/src/fc/fsconvert.c
===================================================================
RCS file: /cvs/OpenBSD/xenocara/lib/libXfont/src/fc/fsconvert.c,v
retrieving revision 1.4
diff -u -p -u -r1.4 fsconvert.c
--- lib/libXfont/src/fc/fsconvert.c 4 Mar 2012 18:13:47 -0000 1.4
+++ lib/libXfont/src/fc/fsconvert.c 13 May 2014 19:42:23 -0000
@@ -118,6 +118,10 @@ _fs_convert_props(fsPropInfo *pi, fsProp
for (i = 0; i < nprops; i++, dprop++, is_str++)
{
memcpy(&local_off, off_adr, SIZEOF(fsPropOffset));
+ if ((local_off.name.position >= pi->data_len) ||
+ (local_off.name.length >
+ (pi->data_len - local_off.name.position)))
+ goto bail;
dprop->name = MakeAtom(&pdc[local_off.name.position],
local_off.name.length, 1);
if (local_off.type != PropTypeString) {
@@ -125,10 +129,15 @@ _fs_convert_props(fsPropInfo *pi, fsProp
dprop->value = local_off.value.position;
} else {
*is_str = TRUE;
+ if ((local_off.value.position >= pi->data_len) ||
+ (local_off.value.length >
+ (pi->data_len - local_off.value.position)))
+ goto bail;
dprop->value = (INT32) MakeAtom(&pdc[local_off.value.position],
local_off.value.length, 1);
if (dprop->value == BAD_RESOURCE)
{
+ bail:
free (pfi->props);
pfi->nprops = 0;
pfi->props = 0;
@@ -712,7 +721,12 @@ fs_alloc_glyphs (FontPtr pFont, int size
FSGlyphPtr glyphs;
FSFontPtr fsfont = (FSFontPtr) pFont->fontPrivate;

- glyphs = malloc (sizeof (FSGlyphRec) + size);
+ if (size < (INT_MAX - sizeof (FSGlyphRec)))
+ glyphs = malloc (sizeof (FSGlyphRec) + size);
+ else
+ glyphs = NULL;
+ if (glyphs == NULL)
+ return NULL;
glyphs->next = fsfont->glyphs;
fsfont->glyphs = glyphs;
return (pointer) (glyphs + 1);
Index: lib/libXfont/src/fc/fserve.c
===================================================================
RCS file: /cvs/OpenBSD/xenocara/lib/libXfont/src/fc/fserve.c,v
retrieving revision 1.4
diff -u -p -u -r1.4 fserve.c
--- lib/libXfont/src/fc/fserve.c 4 Mar 2012 18:13:47 -0000 1.4
+++ lib/libXfont/src/fc/fserve.c 13 May 2014 19:42:23 -0000
@@ -70,6 +70,7 @@ in this Software without prior written a
#include "fservestr.h"
#include <X11/fonts/fontutil.h>
#include <errno.h>
+#include <limits.h>

#include <time.h>
#define Time_t time_t
@@ -91,6 +92,15 @@ in this Software without prior written a
(pci)->descent || \
(pci)->characterWidth)

+/*
+ * SIZEOF(r) is in bytes, length fields in the protocol are in 32-bit words,
+ * so this converts for doing size comparisons.
+ */
+#define LENGTHOF(r) (SIZEOF(r) >> 2)
+
+/* Somewhat arbitrary limit on maximum reply size we'll try to read. */
+#define MAX_REPLY_LENGTH ((64 * 1024 * 1024) >> 2)
+
extern void ErrorF(const char *f, ...);

static int fs_read_glyphs ( FontPathElementPtr fpe, FSBlockDataPtr blockrec );
@@ -206,9 +216,22 @@ _fs_add_rep_log (FSFpePtr conn, fsGeneri
rep->sequenceNumber,
conn->reqbuffer[i].opcode);
}
+
+#define _fs_reply_failed(rep, name, op) do { \
+ if (rep) { \
+ if (rep->type == FS_Error) \
+ fprintf (stderr, "Error: %d Request: %s\n", \
+ ((fsError *)rep)->request, #name); \
+ else \
+ fprintf (stderr, "Bad Length for %s Reply: %d %s %d\n", \
+ #name, rep->length, op, LENGTHOF(name)); \
+ } \
+} while (0)
+
#else
#define _fs_add_req_log(conn,op) ((conn)->current_seq++)
#define _fs_add_rep_log(conn,rep)
+#define _fs_reply_failed(rep,name,op)

Thursday, May 22, 2014

[CentOS-announce] CESA-2014:0537 Moderate: mysql55-mysql SCL Security Update

CentOS Errata and Security Advisory 2014:0537 (CentOS Software Collections)

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

-----------------------------
X86_64
-----------------------------

b0fc2ef19139477f41242bbe96b5d739cb3ee7272aea5ef80130a3ad59af0cfe mysql55-mysql-5.5.37-1.2.el6.centos.alt.x86_64.rpm
4014a470d90d95e395b3b937017eda0fec67288175185cb8045a52b41761781d mysql55-mysql-bench-5.5.37-1.2.el6.centos.alt.x86_64.rpm
0fed2afab61b415194bf0b6fe44ceb9ec5837cecf0dee9ece4a7b256010cf929 mysql55-mysql-devel-5.5.37-1.2.el6.centos.alt.x86_64.rpm
c54a04c04ee1308bc66fed0e34ac9d484259e9868ea726cca0a14d04ae09a550 mysql55-mysql-libs-5.5.37-1.2.el6.centos.alt.x86_64.rpm
a289afb4ed73c70cf1d01e1a0ecc161238d3ab2b37254e8f20ba5c998afc3a2d mysql55-mysql-server-5.5.37-1.2.el6.centos.alt.x86_64.rpm
fdda47c7de9cc1a68644b1b9b2a25d05ad8452bdafd044bbfb3ed6bde1aaac92 mysql55-mysql-test-5.5.37-1.2.el6.centos.alt.x86_64.rpm


-----------------------------
Source:
-----------------------------

a5b5e7b7942fff083035f2aada8b7d603a95d8494d02888e4e69accef5487f0e mysql55-mysql-5.5.37-1.2.el6.centos.alt.src.rpm

=====================================================

The following upstream security issues are addressed in this update:

https://rhn.redhat.com/errata/RHSA-2014-0537.html

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce