CentOS Errata and Bugfix Advisory 2015:0106
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0106.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
ea5d48d18878658b540b1f263cf5c6b5275816eef56592f2ad1ea81435a0856c libvirt-0.10.2-46.el6_6.3.i686.rpm
c70aef109c73e5a2ea4a1aacd8f994ce082038b7bbf68b78e7463a5295edcf46 libvirt-client-0.10.2-46.el6_6.3.i686.rpm
ae2a478f26b7556fb67a280eb9609e62d30bfbb103b691a8bdaff359fa82688f libvirt-devel-0.10.2-46.el6_6.3.i686.rpm
e7426898e565a6d173aac3b2f1f22eb24aebbe865923d8d509ccba7fc9391d7a libvirt-python-0.10.2-46.el6_6.3.i686.rpm
x86_64:
77ccd05d7ff093dcf14d1f57628df7912754178f02a613ea87ab905114806110 libvirt-0.10.2-46.el6_6.3.x86_64.rpm
c70aef109c73e5a2ea4a1aacd8f994ce082038b7bbf68b78e7463a5295edcf46 libvirt-client-0.10.2-46.el6_6.3.i686.rpm
17bfed0bfd3305f1464fa7d145ff7b000f8c720108c2857e8c7799fea0624d54 libvirt-client-0.10.2-46.el6_6.3.x86_64.rpm
ae2a478f26b7556fb67a280eb9609e62d30bfbb103b691a8bdaff359fa82688f libvirt-devel-0.10.2-46.el6_6.3.i686.rpm
6c412b887b82b69bbafde5d005c9417f2d256b54aa5a32994813d25fee75473a libvirt-devel-0.10.2-46.el6_6.3.x86_64.rpm
28897e103ff2f7dc7bba07ddde217df7958906df861d8f73e8228e15538d69ac libvirt-lock-sanlock-0.10.2-46.el6_6.3.x86_64.rpm
f25e4b29c8ad46f97f6ae2a07db51d5f907d550b2285d5e7bef495e594edc558 libvirt-python-0.10.2-46.el6_6.3.x86_64.rpm
Source:
2012ad82ddfcda7d4989f299888e1f6c58812680bfd033130d1c246690575507 libvirt-0.10.2-46.el6_6.3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Saturday, January 31, 2015
Thursday, January 29, 2015
[CentOS-announce] CESA-2015:0100 Moderate CentOS 7 libyaml Security Update
CentOS Errata and Security Advisory 2015:0100 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0100.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
27be0d9c4fdc9d6d7b83f141e70c7fea1ede9183686f9f4fcbaf4d7708492241 libyaml-0.1.4-11.el7_0.i686.rpm
01fe6b8eb0518670dc14b3095870a96cfcc75de6bf4769cd62c7d21109b13a65 libyaml-0.1.4-11.el7_0.x86_64.rpm
2802f4a924e386b02bab904c9cd2314692ae94821ac939054b420c79a9e21476 libyaml-devel-0.1.4-11.el7_0.i686.rpm
cd06f287cb9fdd77e4b3a91d576ee9912959aecb818bd24d7797d04922827c50 libyaml-devel-0.1.4-11.el7_0.x86_64.rpm
Source:
f87eb345fdd5adac1236e7144286c6f6ba9f7e490dc84fc1e7c1930868aae5b9 libyaml-0.1.4-11.el7_0.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0100.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
27be0d9c4fdc9d6d7b83f141e70c7fea1ede9183686f9f4fcbaf4d7708492241 libyaml-0.1.4-11.el7_0.i686.rpm
01fe6b8eb0518670dc14b3095870a96cfcc75de6bf4769cd62c7d21109b13a65 libyaml-0.1.4-11.el7_0.x86_64.rpm
2802f4a924e386b02bab904c9cd2314692ae94821ac939054b420c79a9e21476 libyaml-devel-0.1.4-11.el7_0.i686.rpm
cd06f287cb9fdd77e4b3a91d576ee9912959aecb818bd24d7797d04922827c50 libyaml-devel-0.1.4-11.el7_0.x86_64.rpm
Source:
f87eb345fdd5adac1236e7144286c6f6ba9f7e490dc84fc1e7c1930868aae5b9 libyaml-0.1.4-11.el7_0.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2015:0102 Important CentOS 7 kernel Security Update
CentOS Errata and Security Advisory 2015:0102 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0102.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
5953bcabb2801ceddffe79684dbef64022546b17d1cebb24a2151e0b2778a04a kernel-3.10.0-123.20.1.el7.x86_64.rpm
584521ddf9d103e9e869e22f50953f6232f9de6ea0a78ade5e9bdb081e7f17a9 kernel-abi-whitelists-3.10.0-123.20.1.el7.noarch.rpm
cafb58042763975693af60cce298fd9d28aae34ba75e2d92b98d0eb94ae1ad82 kernel-debug-3.10.0-123.20.1.el7.x86_64.rpm
535b053dda66e67f163dc0dc05398d5ee0b8aecbc7192071cdf13f3f2f0075c1 kernel-debug-devel-3.10.0-123.20.1.el7.x86_64.rpm
81bc8dc435ff275160c5e3d63180924af1a96dd14307df2c6e7ea2232d86d3fe kernel-devel-3.10.0-123.20.1.el7.x86_64.rpm
39171964cd2f7baa878b6033d5b14d06d3251dd058f92b2237de3dcb3609b5a5 kernel-doc-3.10.0-123.20.1.el7.noarch.rpm
a88bfde708df6f4c0e4a8f894c52812b50d4323e5e1f3912af163fc18a5245ce kernel-headers-3.10.0-123.20.1.el7.x86_64.rpm
36fe40c396d283c429e74204458da5883a5dc1047f4ed39c6395d44693c7f70a kernel-tools-3.10.0-123.20.1.el7.x86_64.rpm
05aeaf149987da5bc8e8fd927c4517f93cdb3df7519a48ada13363d944f836f1 kernel-tools-libs-3.10.0-123.20.1.el7.x86_64.rpm
755f49173741b2c38925cf6eeeae21f0aacfbe03257002af866f6114cb10a710 kernel-tools-libs-devel-3.10.0-123.20.1.el7.x86_64.rpm
e4fbd51094a12cb9e44cc2c279e6415aa87bc6198eb794cb2cb18f6b586c6228 perf-3.10.0-123.20.1.el7.x86_64.rpm
98a1598f025b8c3c2029a7d30bbcfaabca3121562c5a64a5fb81c5875a910dac python-perf-3.10.0-123.20.1.el7.x86_64.rpm
Source:
c8c549348d11f6a676976c6a81ba1551b382f8bfd1cae8d1cd25cd2df6e754be kernel-3.10.0-123.20.1.el7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0102.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
5953bcabb2801ceddffe79684dbef64022546b17d1cebb24a2151e0b2778a04a kernel-3.10.0-123.20.1.el7.x86_64.rpm
584521ddf9d103e9e869e22f50953f6232f9de6ea0a78ade5e9bdb081e7f17a9 kernel-abi-whitelists-3.10.0-123.20.1.el7.noarch.rpm
cafb58042763975693af60cce298fd9d28aae34ba75e2d92b98d0eb94ae1ad82 kernel-debug-3.10.0-123.20.1.el7.x86_64.rpm
535b053dda66e67f163dc0dc05398d5ee0b8aecbc7192071cdf13f3f2f0075c1 kernel-debug-devel-3.10.0-123.20.1.el7.x86_64.rpm
81bc8dc435ff275160c5e3d63180924af1a96dd14307df2c6e7ea2232d86d3fe kernel-devel-3.10.0-123.20.1.el7.x86_64.rpm
39171964cd2f7baa878b6033d5b14d06d3251dd058f92b2237de3dcb3609b5a5 kernel-doc-3.10.0-123.20.1.el7.noarch.rpm
a88bfde708df6f4c0e4a8f894c52812b50d4323e5e1f3912af163fc18a5245ce kernel-headers-3.10.0-123.20.1.el7.x86_64.rpm
36fe40c396d283c429e74204458da5883a5dc1047f4ed39c6395d44693c7f70a kernel-tools-3.10.0-123.20.1.el7.x86_64.rpm
05aeaf149987da5bc8e8fd927c4517f93cdb3df7519a48ada13363d944f836f1 kernel-tools-libs-3.10.0-123.20.1.el7.x86_64.rpm
755f49173741b2c38925cf6eeeae21f0aacfbe03257002af866f6114cb10a710 kernel-tools-libs-devel-3.10.0-123.20.1.el7.x86_64.rpm
e4fbd51094a12cb9e44cc2c279e6415aa87bc6198eb794cb2cb18f6b586c6228 perf-3.10.0-123.20.1.el7.x86_64.rpm
98a1598f025b8c3c2029a7d30bbcfaabca3121562c5a64a5fb81c5875a910dac python-perf-3.10.0-123.20.1.el7.x86_64.rpm
Source:
c8c549348d11f6a676976c6a81ba1551b382f8bfd1cae8d1cd25cd2df6e754be kernel-3.10.0-123.20.1.el7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2015:0102 Important CentOS 7 kernel Security Update
CentOS Errata and Security Advisory 2015:0102 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0102.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
5953bcabb2801ceddffe79684dbef64022546b17d1cebb24a2151e0b2778a04a kernel-3.10.0-123.20.1.el7.x86_64.rpm
584521ddf9d103e9e869e22f50953f6232f9de6ea0a78ade5e9bdb081e7f17a9 kernel-abi-whitelists-3.10.0-123.20.1.el7.noarch.rpm
cafb58042763975693af60cce298fd9d28aae34ba75e2d92b98d0eb94ae1ad82 kernel-debug-3.10.0-123.20.1.el7.x86_64.rpm
535b053dda66e67f163dc0dc05398d5ee0b8aecbc7192071cdf13f3f2f0075c1 kernel-debug-devel-3.10.0-123.20.1.el7.x86_64.rpm
81bc8dc435ff275160c5e3d63180924af1a96dd14307df2c6e7ea2232d86d3fe kernel-devel-3.10.0-123.20.1.el7.x86_64.rpm
39171964cd2f7baa878b6033d5b14d06d3251dd058f92b2237de3dcb3609b5a5 kernel-doc-3.10.0-123.20.1.el7.noarch.rpm
a88bfde708df6f4c0e4a8f894c52812b50d4323e5e1f3912af163fc18a5245ce kernel-headers-3.10.0-123.20.1.el7.x86_64.rpm
36fe40c396d283c429e74204458da5883a5dc1047f4ed39c6395d44693c7f70a kernel-tools-3.10.0-123.20.1.el7.x86_64.rpm
05aeaf149987da5bc8e8fd927c4517f93cdb3df7519a48ada13363d944f836f1 kernel-tools-libs-3.10.0-123.20.1.el7.x86_64.rpm
755f49173741b2c38925cf6eeeae21f0aacfbe03257002af866f6114cb10a710 kernel-tools-libs-devel-3.10.0-123.20.1.el7.x86_64.rpm
e4fbd51094a12cb9e44cc2c279e6415aa87bc6198eb794cb2cb18f6b586c6228 perf-3.10.0-123.20.1.el7.x86_64.rpm
98a1598f025b8c3c2029a7d30bbcfaabca3121562c5a64a5fb81c5875a910dac python-perf-3.10.0-123.20.1.el7.x86_64.rpm
Source:
c8c549348d11f6a676976c6a81ba1551b382f8bfd1cae8d1cd25cd2df6e754be kernel-3.10.0-123.20.1.el7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0102.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
5953bcabb2801ceddffe79684dbef64022546b17d1cebb24a2151e0b2778a04a kernel-3.10.0-123.20.1.el7.x86_64.rpm
584521ddf9d103e9e869e22f50953f6232f9de6ea0a78ade5e9bdb081e7f17a9 kernel-abi-whitelists-3.10.0-123.20.1.el7.noarch.rpm
cafb58042763975693af60cce298fd9d28aae34ba75e2d92b98d0eb94ae1ad82 kernel-debug-3.10.0-123.20.1.el7.x86_64.rpm
535b053dda66e67f163dc0dc05398d5ee0b8aecbc7192071cdf13f3f2f0075c1 kernel-debug-devel-3.10.0-123.20.1.el7.x86_64.rpm
81bc8dc435ff275160c5e3d63180924af1a96dd14307df2c6e7ea2232d86d3fe kernel-devel-3.10.0-123.20.1.el7.x86_64.rpm
39171964cd2f7baa878b6033d5b14d06d3251dd058f92b2237de3dcb3609b5a5 kernel-doc-3.10.0-123.20.1.el7.noarch.rpm
a88bfde708df6f4c0e4a8f894c52812b50d4323e5e1f3912af163fc18a5245ce kernel-headers-3.10.0-123.20.1.el7.x86_64.rpm
36fe40c396d283c429e74204458da5883a5dc1047f4ed39c6395d44693c7f70a kernel-tools-3.10.0-123.20.1.el7.x86_64.rpm
05aeaf149987da5bc8e8fd927c4517f93cdb3df7519a48ada13363d944f836f1 kernel-tools-libs-3.10.0-123.20.1.el7.x86_64.rpm
755f49173741b2c38925cf6eeeae21f0aacfbe03257002af866f6114cb10a710 kernel-tools-libs-devel-3.10.0-123.20.1.el7.x86_64.rpm
e4fbd51094a12cb9e44cc2c279e6415aa87bc6198eb794cb2cb18f6b586c6228 perf-3.10.0-123.20.1.el7.x86_64.rpm
98a1598f025b8c3c2029a7d30bbcfaabca3121562c5a64a5fb81c5875a910dac python-perf-3.10.0-123.20.1.el7.x86_64.rpm
Source:
c8c549348d11f6a676976c6a81ba1551b382f8bfd1cae8d1cd25cd2df6e754be kernel-3.10.0-123.20.1.el7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2015:0110 CentOS 6 nss-softokn BugFix Update
CentOS Errata and Bugfix Advisory 2015:0110
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0110.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
77c7dfa9cdac123d789f1d1a65b8ecb22bd02cf70cf0d74cca4aedcb873be103 nss-softokn-3.14.3-22.el6_6.i686.rpm
845a74c34377474614a69035b2741c8e2e420bfd98b37676cdbed09534fd84c4 nss-softokn-devel-3.14.3-22.el6_6.i686.rpm
c7de3e40ada40624174bd4aea2b3903b3f1dd71ab6ad16ed3a05e9d5574b2bc0 nss-softokn-freebl-3.14.3-22.el6_6.i686.rpm
027aeee015b2281bebdb09ff87b34933380e3bfd79a40f28d14fd3983c730458 nss-softokn-freebl-devel-3.14.3-22.el6_6.i686.rpm
x86_64:
77c7dfa9cdac123d789f1d1a65b8ecb22bd02cf70cf0d74cca4aedcb873be103 nss-softokn-3.14.3-22.el6_6.i686.rpm
fb22476443aa77b1ec969dc09416a9cabde6e652e4712a6a33266a9140c2b7d9 nss-softokn-3.14.3-22.el6_6.x86_64.rpm
845a74c34377474614a69035b2741c8e2e420bfd98b37676cdbed09534fd84c4 nss-softokn-devel-3.14.3-22.el6_6.i686.rpm
cb9d3dbde5a336160083312dc033ded182f2f811c1c2aa9ae5fe98dd5f59f0cf nss-softokn-devel-3.14.3-22.el6_6.x86_64.rpm
c7de3e40ada40624174bd4aea2b3903b3f1dd71ab6ad16ed3a05e9d5574b2bc0 nss-softokn-freebl-3.14.3-22.el6_6.i686.rpm
1078c1194369da908b57512aa6f76655b26694f00106756e290852deda12742b nss-softokn-freebl-3.14.3-22.el6_6.x86_64.rpm
027aeee015b2281bebdb09ff87b34933380e3bfd79a40f28d14fd3983c730458 nss-softokn-freebl-devel-3.14.3-22.el6_6.i686.rpm
2dae21d39a4658bc2977f6119f177ec587af385a16b193c1da012d27bcb81849 nss-softokn-freebl-devel-3.14.3-22.el6_6.x86_64.rpm
Source:
db139757d5d628729ad254de68e45d8595c2727159d991388a93296e221b2c81 nss-softokn-3.14.3-22.el6_6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0110.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
77c7dfa9cdac123d789f1d1a65b8ecb22bd02cf70cf0d74cca4aedcb873be103 nss-softokn-3.14.3-22.el6_6.i686.rpm
845a74c34377474614a69035b2741c8e2e420bfd98b37676cdbed09534fd84c4 nss-softokn-devel-3.14.3-22.el6_6.i686.rpm
c7de3e40ada40624174bd4aea2b3903b3f1dd71ab6ad16ed3a05e9d5574b2bc0 nss-softokn-freebl-3.14.3-22.el6_6.i686.rpm
027aeee015b2281bebdb09ff87b34933380e3bfd79a40f28d14fd3983c730458 nss-softokn-freebl-devel-3.14.3-22.el6_6.i686.rpm
x86_64:
77c7dfa9cdac123d789f1d1a65b8ecb22bd02cf70cf0d74cca4aedcb873be103 nss-softokn-3.14.3-22.el6_6.i686.rpm
fb22476443aa77b1ec969dc09416a9cabde6e652e4712a6a33266a9140c2b7d9 nss-softokn-3.14.3-22.el6_6.x86_64.rpm
845a74c34377474614a69035b2741c8e2e420bfd98b37676cdbed09534fd84c4 nss-softokn-devel-3.14.3-22.el6_6.i686.rpm
cb9d3dbde5a336160083312dc033ded182f2f811c1c2aa9ae5fe98dd5f59f0cf nss-softokn-devel-3.14.3-22.el6_6.x86_64.rpm
c7de3e40ada40624174bd4aea2b3903b3f1dd71ab6ad16ed3a05e9d5574b2bc0 nss-softokn-freebl-3.14.3-22.el6_6.i686.rpm
1078c1194369da908b57512aa6f76655b26694f00106756e290852deda12742b nss-softokn-freebl-3.14.3-22.el6_6.x86_64.rpm
027aeee015b2281bebdb09ff87b34933380e3bfd79a40f28d14fd3983c730458 nss-softokn-freebl-devel-3.14.3-22.el6_6.i686.rpm
2dae21d39a4658bc2977f6119f177ec587af385a16b193c1da012d27bcb81849 nss-softokn-freebl-devel-3.14.3-22.el6_6.x86_64.rpm
Source:
db139757d5d628729ad254de68e45d8595c2727159d991388a93296e221b2c81 nss-softokn-3.14.3-22.el6_6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Call for testers: distgit gitolite3@rhel7
Dear testers,
Mathieu Bridon and I have been working for a little while now on migrating our
existing distgit solution from RHEL6 to RHEL7, this as involved three migrations
in one:
* Migrate from RHEL6 to RHEL7
* Migrate from puppet to Ansible
* Migrate from gitolite2 to gitolite3
All this running now with SELinux enforcing (Many thanks to tfirg on #selinux for
his more than generous help on this point).
We are at the point were we are satisfied with it and all our tests have passed.
So before we actually migrate our production instance we would like to ask for
broader testing.
How to test?
1/ On /etc/rpkg/fedpkg.conf add the following block:
[fedpkgstg]
lookaside = http://pkgs.stg.fedoraproject.org/repo/pkgs
lookasidehash = md5
lookaside_cgi = https://pkgs.stg.fedoraproject.org/repo/pkgs/upload.cgi
gitbaseurl = ssh://%(user)s@pkgs.stg.fedoraproject.org/%(module)s
anongiturl = git://pkgs.stg.fedoraproject.org/%(module)s
tracbaseurl = https://%(user)s:%(password)s@fedorahosted.org/rel-eng/login/xmlrpc
branchre = f\d$|f\d\d$|el\d$|olpc\d$|master$
kojiconfig = /etc/koji.conf
build_client = koji
2/ create your fedpkgstg
ln -s /usr/bin/fedpkg ~/bin/fedpkgstg
(might involve creating the ~/bin directory)
3/ call fedpkgstg instead of fedpkg
What to test?
* clone a package
* push allowed on packages you have commit ACL for
* push blocked on packages you do not have commit ACL for (unless provenpackager
of course)
* push blocked on branches named: origin/<something>
* upload new sources work
* download existing sources work (note: we synced most of the git repos from
two days ago but we did not sync the lookaside cache, so you will most likely
have to upload to test the download)
When you test, you can drop by #fedora-fedmsg on IRC and see that the fedmsg
messages are sent properly.
You should also be receiving the emails about your upload/changes as you do with
the production system.
If you want to play further with the system and need to change the ACLs on some
packages, feel free to poke at pkgdb in stg (and give it a couple of minutes to
sync between pkgdb and gitolite):
https://admin.stg.fedoraproject.org/pkgdb/
All the change made there are only valid for stg, so you can orphan all your
packages without risk, just be sure of the URL ;-)
If you face any problem, please let us know
* by email
* on irc #fedora-admin
* on the fedora infrastructure trac: https://admin.stg.fedoraproject.org/pkgdb/
Thanks in advance for your help,
Pierre, Mathieu and your dear Fedora Infrastructure team
Mathieu Bridon and I have been working for a little while now on migrating our
existing distgit solution from RHEL6 to RHEL7, this as involved three migrations
in one:
* Migrate from RHEL6 to RHEL7
* Migrate from puppet to Ansible
* Migrate from gitolite2 to gitolite3
All this running now with SELinux enforcing (Many thanks to tfirg on #selinux for
his more than generous help on this point).
We are at the point were we are satisfied with it and all our tests have passed.
So before we actually migrate our production instance we would like to ask for
broader testing.
How to test?
1/ On /etc/rpkg/fedpkg.conf add the following block:
[fedpkgstg]
lookaside = http://pkgs.stg.fedoraproject.org/repo/pkgs
lookasidehash = md5
lookaside_cgi = https://pkgs.stg.fedoraproject.org/repo/pkgs/upload.cgi
gitbaseurl = ssh://%(user)s@pkgs.stg.fedoraproject.org/%(module)s
anongiturl = git://pkgs.stg.fedoraproject.org/%(module)s
tracbaseurl = https://%(user)s:%(password)s@fedorahosted.org/rel-eng/login/xmlrpc
branchre = f\d$|f\d\d$|el\d$|olpc\d$|master$
kojiconfig = /etc/koji.conf
build_client = koji
2/ create your fedpkgstg
ln -s /usr/bin/fedpkg ~/bin/fedpkgstg
(might involve creating the ~/bin directory)
3/ call fedpkgstg instead of fedpkg
What to test?
* clone a package
* push allowed on packages you have commit ACL for
* push blocked on packages you do not have commit ACL for (unless provenpackager
of course)
* push blocked on branches named: origin/<something>
* upload new sources work
* download existing sources work (note: we synced most of the git repos from
two days ago but we did not sync the lookaside cache, so you will most likely
have to upload to test the download)
When you test, you can drop by #fedora-fedmsg on IRC and see that the fedmsg
messages are sent properly.
You should also be receiving the emails about your upload/changes as you do with
the production system.
If you want to play further with the system and need to change the ACLs on some
packages, feel free to poke at pkgdb in stg (and give it a couple of minutes to
sync between pkgdb and gitolite):
https://admin.stg.fedoraproject.org/pkgdb/
All the change made there are only valid for stg, so you can orphan all your
packages without risk, just be sure of the URL ;-)
If you face any problem, please let us know
* by email
* on irc #fedora-admin
* on the fedora infrastructure trac: https://admin.stg.fedoraproject.org/pkgdb/
Thanks in advance for your help,
Pierre, Mathieu and your dear Fedora Infrastructure team
[CentOS-announce] CEBA-2015:0098 CentOS 6 curl BugFix Update
CentOS Errata and Bugfix Advisory 2015:0098
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0098.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
4e4cd05361833384ad287cfb5cfcd8aed1ec0461d83bc754e51ee6c630e06c63 curl-7.19.7-40.el6_6.4.i686.rpm
1fdd61fea79c7e0f4f1c416909a54269f01f7879d2f2199e296089b52bb5f042 libcurl-7.19.7-40.el6_6.4.i686.rpm
6ff5a5059dfde80bdb33add0894bc6d89d9de5aa805d790c9b29784f79cabd41 libcurl-devel-7.19.7-40.el6_6.4.i686.rpm
x86_64:
43ac2a840e3bc14b3397ab4bc094315f6e285e291739d53146d4ec9c8287d221 curl-7.19.7-40.el6_6.4.x86_64.rpm
1fdd61fea79c7e0f4f1c416909a54269f01f7879d2f2199e296089b52bb5f042 libcurl-7.19.7-40.el6_6.4.i686.rpm
f05250feaea200500e271cf1bff1725bdebef29f002bb8fb80dfd9653dfc9f30 libcurl-7.19.7-40.el6_6.4.x86_64.rpm
6ff5a5059dfde80bdb33add0894bc6d89d9de5aa805d790c9b29784f79cabd41 libcurl-devel-7.19.7-40.el6_6.4.i686.rpm
3d853c62440e5ac2fdd67d2abd6fd438ba0170d6c9f2698c9654f192541fb9f3 libcurl-devel-7.19.7-40.el6_6.4.x86_64.rpm
Source:
44dfa657f77c2777366f6255b71938278db86014fc407e659c228dd3665a4e6b curl-7.19.7-40.el6_6.4.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0098.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
4e4cd05361833384ad287cfb5cfcd8aed1ec0461d83bc754e51ee6c630e06c63 curl-7.19.7-40.el6_6.4.i686.rpm
1fdd61fea79c7e0f4f1c416909a54269f01f7879d2f2199e296089b52bb5f042 libcurl-7.19.7-40.el6_6.4.i686.rpm
6ff5a5059dfde80bdb33add0894bc6d89d9de5aa805d790c9b29784f79cabd41 libcurl-devel-7.19.7-40.el6_6.4.i686.rpm
x86_64:
43ac2a840e3bc14b3397ab4bc094315f6e285e291739d53146d4ec9c8287d221 curl-7.19.7-40.el6_6.4.x86_64.rpm
1fdd61fea79c7e0f4f1c416909a54269f01f7879d2f2199e296089b52bb5f042 libcurl-7.19.7-40.el6_6.4.i686.rpm
f05250feaea200500e271cf1bff1725bdebef29f002bb8fb80dfd9653dfc9f30 libcurl-7.19.7-40.el6_6.4.x86_64.rpm
6ff5a5059dfde80bdb33add0894bc6d89d9de5aa805d790c9b29784f79cabd41 libcurl-devel-7.19.7-40.el6_6.4.i686.rpm
3d853c62440e5ac2fdd67d2abd6fd438ba0170d6c9f2698c9654f192541fb9f3 libcurl-devel-7.19.7-40.el6_6.4.x86_64.rpm
Source:
44dfa657f77c2777366f6255b71938278db86014fc407e659c228dd3665a4e6b curl-7.19.7-40.el6_6.4.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2015:0097 CentOS 6 libssh2 BugFix Update
CentOS Errata and Bugfix Advisory 2015:0097
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0097.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
28ab4d79c33a10d055b6eed05dc0c2051e9abb5932a69889cb2f70bb2172a7b7 libssh2-1.4.2-1.el6_6.1.i686.rpm
4650f891e63ecf6f13a1e5c1e84a5675f69188af5250a9ed8768c595fb5eb652 libssh2-devel-1.4.2-1.el6_6.1.i686.rpm
9435dc4114a3e66619562863bb5f4af4473c9f2c6bef4c503bd9767df863f6b5 libssh2-docs-1.4.2-1.el6_6.1.i686.rpm
x86_64:
28ab4d79c33a10d055b6eed05dc0c2051e9abb5932a69889cb2f70bb2172a7b7 libssh2-1.4.2-1.el6_6.1.i686.rpm
2e07438d7789237523d415dd3a92d99215867b7641ad267b424880b0dca9c89c libssh2-1.4.2-1.el6_6.1.x86_64.rpm
4650f891e63ecf6f13a1e5c1e84a5675f69188af5250a9ed8768c595fb5eb652 libssh2-devel-1.4.2-1.el6_6.1.i686.rpm
7e00157f2af61f22fe18260a9f2204982d92066cf8613384168d6972643df70c libssh2-devel-1.4.2-1.el6_6.1.x86_64.rpm
57800bbe07d3f5cfe4315c9aff91145fb2463e324ef18d9a82a0f2ddf1c22fac libssh2-docs-1.4.2-1.el6_6.1.x86_64.rpm
Source:
10684ae17a697ab8cce1cfca1dcd8915c0a7d2a5f4e84f568bf52dabe97c1c6c libssh2-1.4.2-1.el6_6.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0097.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
28ab4d79c33a10d055b6eed05dc0c2051e9abb5932a69889cb2f70bb2172a7b7 libssh2-1.4.2-1.el6_6.1.i686.rpm
4650f891e63ecf6f13a1e5c1e84a5675f69188af5250a9ed8768c595fb5eb652 libssh2-devel-1.4.2-1.el6_6.1.i686.rpm
9435dc4114a3e66619562863bb5f4af4473c9f2c6bef4c503bd9767df863f6b5 libssh2-docs-1.4.2-1.el6_6.1.i686.rpm
x86_64:
28ab4d79c33a10d055b6eed05dc0c2051e9abb5932a69889cb2f70bb2172a7b7 libssh2-1.4.2-1.el6_6.1.i686.rpm
2e07438d7789237523d415dd3a92d99215867b7641ad267b424880b0dca9c89c libssh2-1.4.2-1.el6_6.1.x86_64.rpm
4650f891e63ecf6f13a1e5c1e84a5675f69188af5250a9ed8768c595fb5eb652 libssh2-devel-1.4.2-1.el6_6.1.i686.rpm
7e00157f2af61f22fe18260a9f2204982d92066cf8613384168d6972643df70c libssh2-devel-1.4.2-1.el6_6.1.x86_64.rpm
57800bbe07d3f5cfe4315c9aff91145fb2463e324ef18d9a82a0f2ddf1c22fac libssh2-docs-1.4.2-1.el6_6.1.x86_64.rpm
Source:
10684ae17a697ab8cce1cfca1dcd8915c0a7d2a5f4e84f568bf52dabe97c1c6c libssh2-1.4.2-1.el6_6.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2015:0108 CentOS 6 tcsh BugFix Update
CentOS Errata and Bugfix Advisory 2015:0108
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0108.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
2534940990a5957d0d18a19ca1ab803df8febda4dcdc74cdd4d1fb4ed77ac4f3 tcsh-6.17-25.el6_6.i686.rpm
x86_64:
4ef1392aef0a90045b8147235bafe2faa195b49ecf3404f8f1a3468c6569e50d tcsh-6.17-25.el6_6.x86_64.rpm
Source:
d94793dc7e12799e65c46dd420a12c48f3b7b152d578d5b4aded7ca90faa4a77 tcsh-6.17-25.el6_6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0108.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
2534940990a5957d0d18a19ca1ab803df8febda4dcdc74cdd4d1fb4ed77ac4f3 tcsh-6.17-25.el6_6.i686.rpm
x86_64:
4ef1392aef0a90045b8147235bafe2faa195b49ecf3404f8f1a3468c6569e50d tcsh-6.17-25.el6_6.x86_64.rpm
Source:
d94793dc7e12799e65c46dd420a12c48f3b7b152d578d5b4aded7ca90faa4a77 tcsh-6.17-25.el6_6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
The Fedora Store is live!
It's been a long time coming, but we now have a store for Fedora-branded items!
https://redhat.corpmerchandise.com/ProductList.aspx?did=20588
It's a part of the Red Hat Cool Stuff Store because that was the easiest way for us to be able to maintain an inventory. The list of available items is currently four (a pub glass, a t-shirt, a cap, and a water bottle) as a test. The best way you can help fill the store with more items is to buy the things that are there to prove that people want Fedora-branded goodies. So get shopping! https://redhat.corpmerchandise.com/ProductList.aspx?did=20588
Ruth
Wednesday, January 28, 2015
[CentOS-announce] CESA-2015:0087 Important CentOS 6 kernel Security Update
CentOS Errata and Security Advisory 2015:0087 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0087.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
94ab95f3538737900c033c35b6cddab925c14e98c1b631fa053c8ff5f498461f kernel-2.6.32-504.8.1.el6.i686.rpm
93eec82ece225b086896b7c4f5f16af12a01f63e36584e1b6a5dbc6588a77427 kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm
fab5bf5c42f887a41d74ac6f9e5ce04e88c0174da5387f96d0f6ca79502ab279 kernel-debug-2.6.32-504.8.1.el6.i686.rpm
bba6a3e485cb3bbe62601ea8b562dd68f1c40d7ab4817d9a48fa78467fe14127 kernel-debug-devel-2.6.32-504.8.1.el6.i686.rpm
feba5bf77ba9999e8ceba3cdace5011789f287b8dc4ee13cec77f21e2b597466 kernel-devel-2.6.32-504.8.1.el6.i686.rpm
6607141df93f8942c97ec62efa6a94ef3f55f4edd1ec5170127fc6df5f6e233b kernel-doc-2.6.32-504.8.1.el6.noarch.rpm
267e47d4661ebe0d792e168ac8ab8cea13392ebc941bf4fb2555e8ba9f60d491 kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm
7178d1695bb488a58dd68fe6f292bfaab89c95aaa97fc2bde172de2709cdf53c kernel-headers-2.6.32-504.8.1.el6.i686.rpm
aae456c0f81e72e6e97ae801fb5a8bfd12a75eb2da64513130df451e274cc06a perf-2.6.32-504.8.1.el6.i686.rpm
4bff539dd14f78703fd024d81d7d567630a88f0669592b701c2e253f9bc3ab0b python-perf-2.6.32-504.8.1.el6.i686.rpm
x86_64:
b560c92df0e9bde6ca0c6f69422f68996631c48032b910e273cf29bae5975171 kernel-2.6.32-504.8.1.el6.x86_64.rpm
93eec82ece225b086896b7c4f5f16af12a01f63e36584e1b6a5dbc6588a77427 kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm
999a188bf7b1bf4a2baa128ec5db0d7659bb032f88160d6f483ef40a60713d21 kernel-debug-2.6.32-504.8.1.el6.x86_64.rpm
40aad0abba0365c19f422db044285049dea4d023d8bcbdf48df26e6980e3f5ad kernel-debug-devel-2.6.32-504.8.1.el6.x86_64.rpm
d569c488353082fbb24b980dcb5d9c7616203bafeee21917181a8055bb02bf54 kernel-devel-2.6.32-504.8.1.el6.x86_64.rpm
6607141df93f8942c97ec62efa6a94ef3f55f4edd1ec5170127fc6df5f6e233b kernel-doc-2.6.32-504.8.1.el6.noarch.rpm
267e47d4661ebe0d792e168ac8ab8cea13392ebc941bf4fb2555e8ba9f60d491 kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm
baa01c254be105e0e56b48f784813d5ec601460aa75c12b86eef96a581435b64 kernel-headers-2.6.32-504.8.1.el6.x86_64.rpm
9b9abc0f737dd4c3e15180c093395cb1a65e03c5afe94a0c8ae58852ec346284 perf-2.6.32-504.8.1.el6.x86_64.rpm
0151584f3e8196718572b4aaa4344398484cfbc6e5b4b131f0a00de99102fef6 python-perf-2.6.32-504.8.1.el6.x86_64.rpm
Source:
468cf0e8fe7ed619fe4595a5139acce5fc7b62b28b3a821c9d030a38a2e2843a kernel-2.6.32-504.8.1.el6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0087.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
94ab95f3538737900c033c35b6cddab925c14e98c1b631fa053c8ff5f498461f kernel-2.6.32-504.8.1.el6.i686.rpm
93eec82ece225b086896b7c4f5f16af12a01f63e36584e1b6a5dbc6588a77427 kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm
fab5bf5c42f887a41d74ac6f9e5ce04e88c0174da5387f96d0f6ca79502ab279 kernel-debug-2.6.32-504.8.1.el6.i686.rpm
bba6a3e485cb3bbe62601ea8b562dd68f1c40d7ab4817d9a48fa78467fe14127 kernel-debug-devel-2.6.32-504.8.1.el6.i686.rpm
feba5bf77ba9999e8ceba3cdace5011789f287b8dc4ee13cec77f21e2b597466 kernel-devel-2.6.32-504.8.1.el6.i686.rpm
6607141df93f8942c97ec62efa6a94ef3f55f4edd1ec5170127fc6df5f6e233b kernel-doc-2.6.32-504.8.1.el6.noarch.rpm
267e47d4661ebe0d792e168ac8ab8cea13392ebc941bf4fb2555e8ba9f60d491 kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm
7178d1695bb488a58dd68fe6f292bfaab89c95aaa97fc2bde172de2709cdf53c kernel-headers-2.6.32-504.8.1.el6.i686.rpm
aae456c0f81e72e6e97ae801fb5a8bfd12a75eb2da64513130df451e274cc06a perf-2.6.32-504.8.1.el6.i686.rpm
4bff539dd14f78703fd024d81d7d567630a88f0669592b701c2e253f9bc3ab0b python-perf-2.6.32-504.8.1.el6.i686.rpm
x86_64:
b560c92df0e9bde6ca0c6f69422f68996631c48032b910e273cf29bae5975171 kernel-2.6.32-504.8.1.el6.x86_64.rpm
93eec82ece225b086896b7c4f5f16af12a01f63e36584e1b6a5dbc6588a77427 kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm
999a188bf7b1bf4a2baa128ec5db0d7659bb032f88160d6f483ef40a60713d21 kernel-debug-2.6.32-504.8.1.el6.x86_64.rpm
40aad0abba0365c19f422db044285049dea4d023d8bcbdf48df26e6980e3f5ad kernel-debug-devel-2.6.32-504.8.1.el6.x86_64.rpm
d569c488353082fbb24b980dcb5d9c7616203bafeee21917181a8055bb02bf54 kernel-devel-2.6.32-504.8.1.el6.x86_64.rpm
6607141df93f8942c97ec62efa6a94ef3f55f4edd1ec5170127fc6df5f6e233b kernel-doc-2.6.32-504.8.1.el6.noarch.rpm
267e47d4661ebe0d792e168ac8ab8cea13392ebc941bf4fb2555e8ba9f60d491 kernel-firmware-2.6.32-504.8.1.el6.noarch.rpm
baa01c254be105e0e56b48f784813d5ec601460aa75c12b86eef96a581435b64 kernel-headers-2.6.32-504.8.1.el6.x86_64.rpm
9b9abc0f737dd4c3e15180c093395cb1a65e03c5afe94a0c8ae58852ec346284 perf-2.6.32-504.8.1.el6.x86_64.rpm
0151584f3e8196718572b4aaa4344398484cfbc6e5b4b131f0a00de99102fef6 python-perf-2.6.32-504.8.1.el6.x86_64.rpm
Source:
468cf0e8fe7ed619fe4595a5139acce5fc7b62b28b3a821c9d030a38a2e2843a kernel-2.6.32-504.8.1.el6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2015:0100 Moderate CentOS 6 libyaml Security Update
CentOS Errata and Security Advisory 2015:0100 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0100.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
e1cbe81e3041167ffaa66311a3aa2b1844988ec2b88f6387dc1ac2b83b2a2714 libyaml-0.1.3-4.el6_6.i686.rpm
fc34f6a55ec35a240bb8adc5ceceb270f5d16cfa90a3df78a2ed244850cbafb7 libyaml-devel-0.1.3-4.el6_6.i686.rpm
x86_64:
e1cbe81e3041167ffaa66311a3aa2b1844988ec2b88f6387dc1ac2b83b2a2714 libyaml-0.1.3-4.el6_6.i686.rpm
a2edbc9cda1d710f27d09af40f3780d9b69933e21e54d61c1c7400b03281ec2a libyaml-0.1.3-4.el6_6.x86_64.rpm
fc34f6a55ec35a240bb8adc5ceceb270f5d16cfa90a3df78a2ed244850cbafb7 libyaml-devel-0.1.3-4.el6_6.i686.rpm
41226a5117f6e34f6c1028615742fef8a3acf663efbefa11b664c010e32c45c5 libyaml-devel-0.1.3-4.el6_6.x86_64.rpm
Source:
80ee67196d7c279836002fc9d78667cacb09c26f87d441b02ddc1067fd7536b8 libyaml-0.1.3-4.el6_6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0100.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
e1cbe81e3041167ffaa66311a3aa2b1844988ec2b88f6387dc1ac2b83b2a2714 libyaml-0.1.3-4.el6_6.i686.rpm
fc34f6a55ec35a240bb8adc5ceceb270f5d16cfa90a3df78a2ed244850cbafb7 libyaml-devel-0.1.3-4.el6_6.i686.rpm
x86_64:
e1cbe81e3041167ffaa66311a3aa2b1844988ec2b88f6387dc1ac2b83b2a2714 libyaml-0.1.3-4.el6_6.i686.rpm
a2edbc9cda1d710f27d09af40f3780d9b69933e21e54d61c1c7400b03281ec2a libyaml-0.1.3-4.el6_6.x86_64.rpm
fc34f6a55ec35a240bb8adc5ceceb270f5d16cfa90a3df78a2ed244850cbafb7 libyaml-devel-0.1.3-4.el6_6.i686.rpm
41226a5117f6e34f6c1028615742fef8a3acf663efbefa11b664c010e32c45c5 libyaml-devel-0.1.3-4.el6_6.x86_64.rpm
Source:
80ee67196d7c279836002fc9d78667cacb09c26f87d441b02ddc1067fd7536b8 libyaml-0.1.3-4.el6_6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
OpenNTPD 5.7p3 released
OpenNTPD 5.7p3 has just been released. It will be available from the mirrors
listed at http://www.openntpd.org/ shortly.
OpenNTPD is a FREE, secure, and easy to use implementation of the Network Time
Protocol. It provides the ability to sync the local clock to remote NTP servers
and can act as NTP server itself, redistributing the local clock.
Because it uses isolated, unprivileged processes for DNS and NTP operations,
OpenNTPD is especially well-hardened against bugs such as CVE-2015-0235.
Changes since OpenNTPD 5.7p2
============================
* Fixed issue resolving hostnames when the network is initially unavailable.
* Fixed process name logging on Linux and OS X.
* Fixed adjfreq failures on Solaris due to uninitialized struct timex.
* Support building on Linux musl libc.
* Default suggested privilege separation directory changed from /var/empty/ntp
to /var/empty. This directory may be in a different location, depending on
your operating system's packaging scheme. Please ensure that that the ntp
user's home directory is empty, owned by root, and has no write privileges
for other users.
Changes since OpenNTPD 5.7p1
============================
* Switched the drift file from an unscaled frequency offset to ppm.
The latter format is compatible with the NTP daemon from ntp.org.
No forward migration steps are necessary.
* Fixed a memory leak in DNS handler.
* Added support for setting the process title on Linux and OS X.
* Added NetBSD support.
For detailed changes, see the changes either in the OpenBSD CVS repository or
the GitHub mirror.
Checksums:
==========
SHA1 (openntpd-5.7p3.tar.gz) = 02ad9ae80f2dfd6cfbcc642d35f73093d167a067
SHA256 (openntpd-5.7p3.tar.gz) = 4f417c8a4c21ed7ec3811107829f931404f9bf121855b8571a2ca3355695343a
Reporting Bugs:
===============
General bugs may be reported to tech@openbsd.org
Portable bugs may be filed at https://github.com/openntpd-portable/openntpd-portable/
Thanks to all of the contributors so far who have helped with this project.
listed at http://www.openntpd.org/ shortly.
OpenNTPD is a FREE, secure, and easy to use implementation of the Network Time
Protocol. It provides the ability to sync the local clock to remote NTP servers
and can act as NTP server itself, redistributing the local clock.
Because it uses isolated, unprivileged processes for DNS and NTP operations,
OpenNTPD is especially well-hardened against bugs such as CVE-2015-0235.
Changes since OpenNTPD 5.7p2
============================
* Fixed issue resolving hostnames when the network is initially unavailable.
* Fixed process name logging on Linux and OS X.
* Fixed adjfreq failures on Solaris due to uninitialized struct timex.
* Support building on Linux musl libc.
* Default suggested privilege separation directory changed from /var/empty/ntp
to /var/empty. This directory may be in a different location, depending on
your operating system's packaging scheme. Please ensure that that the ntp
user's home directory is empty, owned by root, and has no write privileges
for other users.
Changes since OpenNTPD 5.7p1
============================
* Switched the drift file from an unscaled frequency offset to ppm.
The latter format is compatible with the NTP daemon from ntp.org.
No forward migration steps are necessary.
* Fixed a memory leak in DNS handler.
* Added support for setting the process title on Linux and OS X.
* Added NetBSD support.
For detailed changes, see the changes either in the OpenBSD CVS repository or
the GitHub mirror.
Checksums:
==========
SHA1 (openntpd-5.7p3.tar.gz) = 02ad9ae80f2dfd6cfbcc642d35f73093d167a067
SHA256 (openntpd-5.7p3.tar.gz) = 4f417c8a4c21ed7ec3811107829f931404f9bf121855b8571a2ca3355695343a
Reporting Bugs:
===============
General bugs may be reported to tech@openbsd.org
Portable bugs may be filed at https://github.com/openntpd-portable/openntpd-portable/
Thanks to all of the contributors so far who have helped with this project.
Tuesday, January 27, 2015
[Guielines Change] Changes to the packaging guidelines
%license must be used in place of %doc to designate any file containing
the license information for a package. See
https://fedoraproject.org/wiki/Packaging:Guidelines#Documentation and
https://fedoraproject.org/wiki/Packaging:LicensingGuidelines
the license information for a package. See
https://fedoraproject.org/wiki/Packaging:Guidelines#Documentation and
https://fedoraproject.org/wiki/Packaging:LicensingGuidelines
Guidelines for DevAssistant packages (DAP) were added:
https://fedoraproject.org/wiki/Packaging:DevAssistant
The Python guidelines relating to naming of executables in /usr/bin were
updated to account for F22's "Python3 by default" feature:
https://fedoraproject.org/wiki/Packaging:Python#Executables_in_.2Fusr.2Fbin
The Python Egg packaging guidelines have been cleaned up to properly
refer to egg packages and egg metadata:
https://fedoraproject.org/wiki/Packaging:Python_Eggs
Clarified the naming guidelines to indicate how language bindings are
named: lua-randomdb instead of randomdb-lua:
https://fedoraproject.org/wiki/Packaging:NamingGuidelines#Addon_Packages_.28General.29
Added information on dealing with unversioned shared libraries:
https://fedoraproject.org/wiki/Packaging:Guidelines#Downstream_.so_name_versioning
The systemd guidelines were revised to include a section about the use
of PrivateDevices and PrivateNetwork:
https://fedoraproject.org/wiki/Packaging:Systemd#Private_devices_and_networking
Information on when timer activation must and must not be used was
added to the Systemd guidelines:
https://fedoraproject.org/wiki/Packaging:Systemd#Timer_activation
Removed pre-Fedora 18 information from systemd section of
https://fedoraproject.org/wiki/Packaging:ScriptletSnippets
A section has been added on log files and logrotate:
https://fedoraproject.org/wiki/Packaging:Guidelines#Log_Files
Several changes have been made to the MinGW packaging guidelines to
reflect new macros and changes to accepted practice:
https://fedoraproject.org/wiki/Packaging:MinGW
The mono guidelines were modified to mention the %{_monodir} and
%{_monogacdir} macros:
https://fedoraproject.org/wiki/Packaging:Mono
Guidelines for the application of patches have been added:
https://fedoraproject.org/wiki/Packaging:Guidelines#Applying_patches
Added information to the PHP guidelines on dealing with PSR-4
libraries:
http://fedoraproject.org/wiki/Packaging:PHP
The Ruby guidelines have been updated to account for the removal of the
testrb utility:
https://fedoraproject.org/wiki/Packaging:Ruby
Added a section to the review guidelines indicating how to handle
packages with unreviewed dependencies:
https://fedoraproject.org/wiki/Packaging:ReviewGuidelines#A_note_on_dependencies
A class of exceptions for bundling of libraries was added. This class
applies to reverse bundling, where a large upstream has had a piece
forked off into a separate library. The exception allows for reverse
bundling in cases where an API from an upstream is being forked into its
own library so that code using an older version of that upstream is able
to make use of the new API. Packagers making use of this exception need
to still apply to the FPC for a virtual provide for tracking this
usage. This exception is not applicable to all cases of reverse bundling
so please read the full guideline:
https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries#Reverse_Bundling
and open an FPC ticket if things are still unclear.
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce
[USN-2487-1] OpenJDK 7 vulnerabilities
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUyEnCAAoJEFHb3FjMVZVzTjIP/2IyVOWFt6KsGlT1lXC5GwVp
tHWKbjOC0kV+AipF9aFT6Y6TjkH9h+EnK7/mTfSEfe6J0bQJWFY+FA2ppPkAIC3t
LKkFbxi7FnTohbqAk34loaOBmk5j5MT1VPzlXNho3gj/OiCab2At/v/RSP0SqHMb
ML4Z7jS54pWVZzr7JiGzEhE6t/RKGNjbwo9aUIIY8MpT8rN02Rvi9gZTHk3lmVxd
UbiVHFLV0OY2F6u3xL8hRFktvXTyx+mziQmZOvBjZL6jf9M9dYyCrVX/0HeDL31R
v2CXFoViQLe9LJShA/xyUws70IYL00aJr6eMx/uvlXr3S6IvovCf6z3rdCYSD2AJ
cZTOdsCphS8UEEEbm0tWCvBu46mEl0AXswaozZINdmjH06yvX30yC0FbxeuAIRwx
LoD275XVwjAq0/AqcbqqwxBTr9m4FRmxGLaBgfl639mSw9Gve8K+ac7wFQWYlToA
+lG2x4dtJ3W+JQF0g3xqWgunu31r1MppCsZTIxod13Zt8phOZPGjmBeZMdjGobIE
6s0K+xLV1Wa0uGACQDxJCY0YqyBk4Qxs8QCV8XdJBebbkOwGe6rpg0ii2Xond4Q/
X9B+E/ZK20qM9WYzVMgyG5RxfheUGGpOjnyGblLO/31YL8kPlGahSeJbZWwa18WT
tC1AczS7Sy6JUuwZsrAW
=YwBe
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2487-1
January 28, 2015
openjdk-7 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in OpenJDK 7.
Software Description:
- openjdk-7: Open Source Java implementation
Details:
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395,
CVE-2015-0408, CVE-2015-0412)
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure. An attacker could exploit these to expose sensitive
data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400,
CVE-2015-0407)
A vulnerability was discovered in the OpenJDK JRE related to
information disclosure and integrity. An attacker could exploit this to
expose sensitive data over the network. (CVE-2014-6593)
A vulnerability was discovered in the OpenJDK JRE related to integrity and
availability. An attacker could exploit this to cause a denial of service.
(CVE-2015-0383)
A vulnerability was discovered in the OpenJDK JRE related to availability.
An attacker could this exploit to cause a denial of service.
(CVE-2015-0410)
A vulnerability was discovered in the OpenJDK JRE related to data
integrity. (CVE-2015-0413)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.10:
icedtea-7-jre-jamvm 7u75-2.5.4-1~utopic1
openjdk-7-jre 7u75-2.5.4-1~utopic1
openjdk-7-jre-headless 7u75-2.5.4-1~utopic1
openjdk-7-jre-lib 7u75-2.5.4-1~utopic1
openjdk-7-jre-zero 7u75-2.5.4-1~utopic1
openjdk-7-source 7u75-2.5.4-1~utopic1
Ubuntu 14.04 LTS:
icedtea-7-jre-jamvm 7u75-2.5.4-1~trusty1
openjdk-7-jre 7u75-2.5.4-1~trusty1
openjdk-7-jre-headless 7u75-2.5.4-1~trusty1
openjdk-7-jre-lib 7u75-2.5.4-1~trusty1
openjdk-7-jre-zero 7u75-2.5.4-1~trusty1
openjdk-7-source 7u75-2.5.4-1~trusty1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.
This update contains a known regression in the Zero alternative Java
Virtual Machine on PowerPC and a future update will correct this issue. See
https://launchpad.net/bugs/1415282 for details. We apologize for the
inconvenience.
References:
http://www.ubuntu.com/usn/usn-2487-1
CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591,
CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395,
CVE-2015-0400, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410,
CVE-2015-0412, CVE-2015-0413
Package Information:
https://launchpad.net/ubuntu/+source/openjdk-7/7u75-2.5.4-1~utopic1
https://launchpad.net/ubuntu/+source/openjdk-7/7u75-2.5.4-1~trusty1
Version: GnuPG v1
iQIcBAEBCgAGBQJUyEnCAAoJEFHb3FjMVZVzTjIP/2IyVOWFt6KsGlT1lXC5GwVp
tHWKbjOC0kV+AipF9aFT6Y6TjkH9h+EnK7/mTfSEfe6J0bQJWFY+FA2ppPkAIC3t
LKkFbxi7FnTohbqAk34loaOBmk5j5MT1VPzlXNho3gj/OiCab2At/v/RSP0SqHMb
ML4Z7jS54pWVZzr7JiGzEhE6t/RKGNjbwo9aUIIY8MpT8rN02Rvi9gZTHk3lmVxd
UbiVHFLV0OY2F6u3xL8hRFktvXTyx+mziQmZOvBjZL6jf9M9dYyCrVX/0HeDL31R
v2CXFoViQLe9LJShA/xyUws70IYL00aJr6eMx/uvlXr3S6IvovCf6z3rdCYSD2AJ
cZTOdsCphS8UEEEbm0tWCvBu46mEl0AXswaozZINdmjH06yvX30yC0FbxeuAIRwx
LoD275XVwjAq0/AqcbqqwxBTr9m4FRmxGLaBgfl639mSw9Gve8K+ac7wFQWYlToA
+lG2x4dtJ3W+JQF0g3xqWgunu31r1MppCsZTIxod13Zt8phOZPGjmBeZMdjGobIE
6s0K+xLV1Wa0uGACQDxJCY0YqyBk4Qxs8QCV8XdJBebbkOwGe6rpg0ii2Xond4Q/
X9B+E/ZK20qM9WYzVMgyG5RxfheUGGpOjnyGblLO/31YL8kPlGahSeJbZWwa18WT
tC1AczS7Sy6JUuwZsrAW
=YwBe
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2487-1
January 28, 2015
openjdk-7 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in OpenJDK 7.
Software Description:
- openjdk-7: Open Source Java implementation
Details:
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395,
CVE-2015-0408, CVE-2015-0412)
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure. An attacker could exploit these to expose sensitive
data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400,
CVE-2015-0407)
A vulnerability was discovered in the OpenJDK JRE related to
information disclosure and integrity. An attacker could exploit this to
expose sensitive data over the network. (CVE-2014-6593)
A vulnerability was discovered in the OpenJDK JRE related to integrity and
availability. An attacker could exploit this to cause a denial of service.
(CVE-2015-0383)
A vulnerability was discovered in the OpenJDK JRE related to availability.
An attacker could this exploit to cause a denial of service.
(CVE-2015-0410)
A vulnerability was discovered in the OpenJDK JRE related to data
integrity. (CVE-2015-0413)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.10:
icedtea-7-jre-jamvm 7u75-2.5.4-1~utopic1
openjdk-7-jre 7u75-2.5.4-1~utopic1
openjdk-7-jre-headless 7u75-2.5.4-1~utopic1
openjdk-7-jre-lib 7u75-2.5.4-1~utopic1
openjdk-7-jre-zero 7u75-2.5.4-1~utopic1
openjdk-7-source 7u75-2.5.4-1~utopic1
Ubuntu 14.04 LTS:
icedtea-7-jre-jamvm 7u75-2.5.4-1~trusty1
openjdk-7-jre 7u75-2.5.4-1~trusty1
openjdk-7-jre-headless 7u75-2.5.4-1~trusty1
openjdk-7-jre-lib 7u75-2.5.4-1~trusty1
openjdk-7-jre-zero 7u75-2.5.4-1~trusty1
openjdk-7-source 7u75-2.5.4-1~trusty1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.
This update contains a known regression in the Zero alternative Java
Virtual Machine on PowerPC and a future update will correct this issue. See
https://launchpad.net/bugs/1415282 for details. We apologize for the
inconvenience.
References:
http://www.ubuntu.com/usn/usn-2487-1
CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591,
CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395,
CVE-2015-0400, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410,
CVE-2015-0412, CVE-2015-0413
Package Information:
https://launchpad.net/ubuntu/+source/openjdk-7/7u75-2.5.4-1~utopic1
https://launchpad.net/ubuntu/+source/openjdk-7/7u75-2.5.4-1~trusty1
[CentOS-announce] CESA-2015:0092 Critical CentOS 7 glibc Security Update
CentOS Errata and Security Advisory 2015:0092 Critical
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0092.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
88b4a73933e26f68fc1d20993a76ff10a1c3d4df1ac7145f8850ef0287868bb1 glibc-2.17-55.el7_0.5.i686.rpm
6bb674826ea44a4d021fced67a4078e2f91b4afef53288be2d4757a9359bfecd glibc-2.17-55.el7_0.5.x86_64.rpm
b12773c817fe1881497465aa0fc8ed279ae3bc716d8fda1f8435f07ae12a4db3 glibc-common-2.17-55.el7_0.5.x86_64.rpm
91df89963799570660ef1e7d34ce88d52e69970a4bdfb3df8352e4ce06a88fd5 glibc-devel-2.17-55.el7_0.5.i686.rpm
82405edb7d6418eca472b5976726a6ed1601e26d14e4aa712b1ffc114ac62ebc glibc-devel-2.17-55.el7_0.5.x86_64.rpm
fbc16ddd14487d6b532267f9bed5efdd04bc731ab820bb27c2e983372c3685a5 glibc-headers-2.17-55.el7_0.5.x86_64.rpm
1c9bd186806e5947e0b5154c36647dbe0b4402184bdb1598ae9979fd2a77442d glibc-static-2.17-55.el7_0.5.i686.rpm
88eba00f312596074ce272a51c303989ee75e370c2326d884581b48d27939d10 glibc-static-2.17-55.el7_0.5.x86_64.rpm
9240f40f44e819baa1e76d6f8c98022aea7e337ee7e12c1391b64ce0edd20272 glibc-utils-2.17-55.el7_0.5.x86_64.rpm
a96da73287ae765e5f399b54abbe89f056fddd088a1f4e2f62a3a6d749455bc3 nscd-2.17-55.el7_0.5.x86_64.rpm
Source:
80325956daa24dd2b64563d642917db6c30e53d895d07a2f8de87082cacd2b4d glibc-2.17-55.el7_0.5.src.rpm
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0092.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
88b4a73933e26f68fc1d20993a76ff10a1c3d4df1ac7145f8850ef0287868bb1 glibc-2.17-55.el7_0.5.i686.rpm
6bb674826ea44a4d021fced67a4078e2f91b4afef53288be2d4757a9359bfecd glibc-2.17-55.el7_0.5.x86_64.rpm
b12773c817fe1881497465aa0fc8ed279ae3bc716d8fda1f8435f07ae12a4db3 glibc-common-2.17-55.el7_0.5.x86_64.rpm
91df89963799570660ef1e7d34ce88d52e69970a4bdfb3df8352e4ce06a88fd5 glibc-devel-2.17-55.el7_0.5.i686.rpm
82405edb7d6418eca472b5976726a6ed1601e26d14e4aa712b1ffc114ac62ebc glibc-devel-2.17-55.el7_0.5.x86_64.rpm
fbc16ddd14487d6b532267f9bed5efdd04bc731ab820bb27c2e983372c3685a5 glibc-headers-2.17-55.el7_0.5.x86_64.rpm
1c9bd186806e5947e0b5154c36647dbe0b4402184bdb1598ae9979fd2a77442d glibc-static-2.17-55.el7_0.5.i686.rpm
88eba00f312596074ce272a51c303989ee75e370c2326d884581b48d27939d10 glibc-static-2.17-55.el7_0.5.x86_64.rpm
9240f40f44e819baa1e76d6f8c98022aea7e337ee7e12c1391b64ce0edd20272 glibc-utils-2.17-55.el7_0.5.x86_64.rpm
a96da73287ae765e5f399b54abbe89f056fddd088a1f4e2f62a3a6d749455bc3 nscd-2.17-55.el7_0.5.x86_64.rpm
Source:
80325956daa24dd2b64563d642917db6c30e53d895d07a2f8de87082cacd2b4d glibc-2.17-55.el7_0.5.src.rpm
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2015:0092 Critical CentOS 6 glibc Security Update
CentOS Errata and Security Advisory 2015:0092 Critical
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0092.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
0f0554770d7a565500adf20a0d403376de57f111118c04fed003266e2405598a glibc-2.12-1.149.el6_6.5.i686.rpm
167bd7bd46bd8cc6005397b1ea5048ee7868a8717935ee6f95e13b00d8f7499c glibc-common-2.12-1.149.el6_6.5.i686.rpm
d6c144e7cd4b67ecf5eafb02671c0f6f48d27f81df97c35808d2d442c7db582e glibc-devel-2.12-1.149.el6_6.5.i686.rpm
c9484d79a9aac4a8b706aa17f5edbd51b5e5731fe0afb3e9914b3e83de1e801a glibc-headers-2.12-1.149.el6_6.5.i686.rpm
250055e2980d905b82597cd8d6ef3e7b1dceec16da836b563bb781dc21d6ad1d glibc-static-2.12-1.149.el6_6.5.i686.rpm
eea7f375894f8023953705e227ab82ab0fbe99915a4bab8d0e278392b43a1127 glibc-utils-2.12-1.149.el6_6.5.i686.rpm
c66347ad9cf803554e12f0c259f4f67fa6d313d34a58201ea80f67f890c899f9 nscd-2.12-1.149.el6_6.5.i686.rpm
x86_64:
0f0554770d7a565500adf20a0d403376de57f111118c04fed003266e2405598a glibc-2.12-1.149.el6_6.5.i686.rpm
51df53cceee0f4a7c1cbbc4cea8aecb1910eb1232592e330b6fe467eb2d7b5b5 glibc-2.12-1.149.el6_6.5.x86_64.rpm
65285684336366a98c5ac3c33982c0ccd0d5291563faea655b5fc6f47e8cfa63 glibc-common-2.12-1.149.el6_6.5.x86_64.rpm
d6c144e7cd4b67ecf5eafb02671c0f6f48d27f81df97c35808d2d442c7db582e glibc-devel-2.12-1.149.el6_6.5.i686.rpm
b6feecfbc9fbb10259c61ab60d7414d5a70c0cdef553fb2a4f14b7468e664160 glibc-devel-2.12-1.149.el6_6.5.x86_64.rpm
803fa33d7f62d944b019a644d1f3b0ec9f9e8aa67fde4c905cd7000939a1f872 glibc-headers-2.12-1.149.el6_6.5.x86_64.rpm
250055e2980d905b82597cd8d6ef3e7b1dceec16da836b563bb781dc21d6ad1d glibc-static-2.12-1.149.el6_6.5.i686.rpm
3668f99e7d21eea55d9b823e86c735ed946ccf8d4f7d6ca9adb8a5fd348238c8 glibc-static-2.12-1.149.el6_6.5.x86_64.rpm
af41828eb52e0ae5c2d6239943f476cf186118edb4903ff884c5d6cc08665d6a glibc-utils-2.12-1.149.el6_6.5.x86_64.rpm
bccce013dd1d94c1448eebb5febd25cc8abaa0bcb6b8bf744cf0eb2797b4f2bf nscd-2.12-1.149.el6_6.5.x86_64.rpm
Source:
35b591c1fa712aba6b334d244374e182e0f1b7c1f85268c9bbc9dde42f4d9fb3 glibc-2.12-1.149.el6_6.5.src.rpm
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0092.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
0f0554770d7a565500adf20a0d403376de57f111118c04fed003266e2405598a glibc-2.12-1.149.el6_6.5.i686.rpm
167bd7bd46bd8cc6005397b1ea5048ee7868a8717935ee6f95e13b00d8f7499c glibc-common-2.12-1.149.el6_6.5.i686.rpm
d6c144e7cd4b67ecf5eafb02671c0f6f48d27f81df97c35808d2d442c7db582e glibc-devel-2.12-1.149.el6_6.5.i686.rpm
c9484d79a9aac4a8b706aa17f5edbd51b5e5731fe0afb3e9914b3e83de1e801a glibc-headers-2.12-1.149.el6_6.5.i686.rpm
250055e2980d905b82597cd8d6ef3e7b1dceec16da836b563bb781dc21d6ad1d glibc-static-2.12-1.149.el6_6.5.i686.rpm
eea7f375894f8023953705e227ab82ab0fbe99915a4bab8d0e278392b43a1127 glibc-utils-2.12-1.149.el6_6.5.i686.rpm
c66347ad9cf803554e12f0c259f4f67fa6d313d34a58201ea80f67f890c899f9 nscd-2.12-1.149.el6_6.5.i686.rpm
x86_64:
0f0554770d7a565500adf20a0d403376de57f111118c04fed003266e2405598a glibc-2.12-1.149.el6_6.5.i686.rpm
51df53cceee0f4a7c1cbbc4cea8aecb1910eb1232592e330b6fe467eb2d7b5b5 glibc-2.12-1.149.el6_6.5.x86_64.rpm
65285684336366a98c5ac3c33982c0ccd0d5291563faea655b5fc6f47e8cfa63 glibc-common-2.12-1.149.el6_6.5.x86_64.rpm
d6c144e7cd4b67ecf5eafb02671c0f6f48d27f81df97c35808d2d442c7db582e glibc-devel-2.12-1.149.el6_6.5.i686.rpm
b6feecfbc9fbb10259c61ab60d7414d5a70c0cdef553fb2a4f14b7468e664160 glibc-devel-2.12-1.149.el6_6.5.x86_64.rpm
803fa33d7f62d944b019a644d1f3b0ec9f9e8aa67fde4c905cd7000939a1f872 glibc-headers-2.12-1.149.el6_6.5.x86_64.rpm
250055e2980d905b82597cd8d6ef3e7b1dceec16da836b563bb781dc21d6ad1d glibc-static-2.12-1.149.el6_6.5.i686.rpm
3668f99e7d21eea55d9b823e86c735ed946ccf8d4f7d6ca9adb8a5fd348238c8 glibc-static-2.12-1.149.el6_6.5.x86_64.rpm
af41828eb52e0ae5c2d6239943f476cf186118edb4903ff884c5d6cc08665d6a glibc-utils-2.12-1.149.el6_6.5.x86_64.rpm
bccce013dd1d94c1448eebb5febd25cc8abaa0bcb6b8bf744cf0eb2797b4f2bf nscd-2.12-1.149.el6_6.5.x86_64.rpm
Source:
35b591c1fa712aba6b334d244374e182e0f1b7c1f85268c9bbc9dde42f4d9fb3 glibc-2.12-1.149.el6_6.5.src.rpm
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2015:0090 Critical CentOS 5 glibc Security Update
CentOS Errata and Security Advisory 2015:0090 Critical
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0090.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
de2d9fe25d7e178d02f19e05b9846218899d9fbee7954647ed7bf20bf82b932a glibc-2.5-123.el5_11.1.i386.rpm
f6b6314b95cb7a1bdfe076fa2ecbc7726a78fe3861e7c4765e379e45450dd51a glibc-2.5-123.el5_11.1.i686.rpm
7f42ba356e442e9f9336f12cc3c7bc74720db4064256975ae876267bb68d1d1b glibc-common-2.5-123.el5_11.1.i386.rpm
2814251a11726dccff4d9c841e9c04ccc327000591cd5354267caf576b1e4bd1 glibc-devel-2.5-123.el5_11.1.i386.rpm
e193b22ed56d39586f7161c02a5e66d0b5ef60785bef4ad00f2bee0fec0e037a glibc-headers-2.5-123.el5_11.1.i386.rpm
a4ce5b65c002c59a2554df3a10416cb9db08b18a7540ef8b729d6cabb4b93ddc glibc-utils-2.5-123.el5_11.1.i386.rpm
dc49612fa98f4a4ec9350994dd4e1aadaf696e3b4d3ba3d64c8d0b3d9f61e06d nscd-2.5-123.el5_11.1.i386.rpm
x86_64:
f6b6314b95cb7a1bdfe076fa2ecbc7726a78fe3861e7c4765e379e45450dd51a glibc-2.5-123.el5_11.1.i686.rpm
5e4038e4171fd179abb505261f3dcc4b30f5e1951c8ddedb8b0c3255e3eeac00 glibc-2.5-123.el5_11.1.x86_64.rpm
c8c8c040a410d1fe55f5c31987f1e2b8acc0f5395c1fadd333dfbf13fe9eb54d glibc-common-2.5-123.el5_11.1.x86_64.rpm
2814251a11726dccff4d9c841e9c04ccc327000591cd5354267caf576b1e4bd1 glibc-devel-2.5-123.el5_11.1.i386.rpm
95bc9433ae83d6c0f1d272abf0922e67d294a6660aa31f6b32f2c049339e5c21 glibc-devel-2.5-123.el5_11.1.x86_64.rpm
381d969abd7036451949e4c7782d334865c24011d0cf4a9ebf16d3e0479dde29 glibc-headers-2.5-123.el5_11.1.x86_64.rpm
8f1f673e3dada621cf8ed943565f7bb3d3680497d918eb8dad3ae5d69176af23 glibc-utils-2.5-123.el5_11.1.x86_64.rpm
068c6219a96289c557796aee742b2728397b0bbf4398f53e3eb36e2e4f4aff7b nscd-2.5-123.el5_11.1.x86_64.rpm
Source:
c4830df76209da0fcd243d24f555a2c2af8345770f53553a83b7d75ad56fc201 glibc-2.5-123.el5_11.1.src.rpm
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0090.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
de2d9fe25d7e178d02f19e05b9846218899d9fbee7954647ed7bf20bf82b932a glibc-2.5-123.el5_11.1.i386.rpm
f6b6314b95cb7a1bdfe076fa2ecbc7726a78fe3861e7c4765e379e45450dd51a glibc-2.5-123.el5_11.1.i686.rpm
7f42ba356e442e9f9336f12cc3c7bc74720db4064256975ae876267bb68d1d1b glibc-common-2.5-123.el5_11.1.i386.rpm
2814251a11726dccff4d9c841e9c04ccc327000591cd5354267caf576b1e4bd1 glibc-devel-2.5-123.el5_11.1.i386.rpm
e193b22ed56d39586f7161c02a5e66d0b5ef60785bef4ad00f2bee0fec0e037a glibc-headers-2.5-123.el5_11.1.i386.rpm
a4ce5b65c002c59a2554df3a10416cb9db08b18a7540ef8b729d6cabb4b93ddc glibc-utils-2.5-123.el5_11.1.i386.rpm
dc49612fa98f4a4ec9350994dd4e1aadaf696e3b4d3ba3d64c8d0b3d9f61e06d nscd-2.5-123.el5_11.1.i386.rpm
x86_64:
f6b6314b95cb7a1bdfe076fa2ecbc7726a78fe3861e7c4765e379e45450dd51a glibc-2.5-123.el5_11.1.i686.rpm
5e4038e4171fd179abb505261f3dcc4b30f5e1951c8ddedb8b0c3255e3eeac00 glibc-2.5-123.el5_11.1.x86_64.rpm
c8c8c040a410d1fe55f5c31987f1e2b8acc0f5395c1fadd333dfbf13fe9eb54d glibc-common-2.5-123.el5_11.1.x86_64.rpm
2814251a11726dccff4d9c841e9c04ccc327000591cd5354267caf576b1e4bd1 glibc-devel-2.5-123.el5_11.1.i386.rpm
95bc9433ae83d6c0f1d272abf0922e67d294a6660aa31f6b32f2c049339e5c21 glibc-devel-2.5-123.el5_11.1.x86_64.rpm
381d969abd7036451949e4c7782d334865c24011d0cf4a9ebf16d3e0479dde29 glibc-headers-2.5-123.el5_11.1.x86_64.rpm
8f1f673e3dada621cf8ed943565f7bb3d3680497d918eb8dad3ae5d69176af23 glibc-utils-2.5-123.el5_11.1.x86_64.rpm
068c6219a96289c557796aee742b2728397b0bbf4398f53e3eb36e2e4f4aff7b nscd-2.5-123.el5_11.1.x86_64.rpm
Source:
c4830df76209da0fcd243d24f555a2c2af8345770f53553a83b7d75ad56fc201 glibc-2.5-123.el5_11.1.src.rpm
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[USN-2486-1] OpenJDK 6 vulnerabilities
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUyAKpAAoJEFHb3FjMVZVzDVUP/0IqJkVYmsJy4x4xsZyCnluP
VDVgAdRV4ea5GoOhC4OuFOI+ez9UD7EQvZxB7dEKzy035XD1ezKOsAK2aFBzq3jO
IX4uFAH9xBAdauht+L8RRrUD9/Sa+DkuebON2ZqMxDdqyDpc7a4Eo4AC4Jo3xQ3y
N/46+0yvoLNWYG7oO+0fP9lz9tGgv6UWm+G+b8Z22ilpg/8qbGZ1ObtCNAdRZADQ
+Pm6nAf7jmgpbt1fEkvNKHthhkh+zaUMmkSWHbjhuSkLrX6YWjZezH076LqDMOPX
aS9HiP3fnAbJXC3scBTC/5HQQoLRdwPAiKCPPKA5nhWUcIFdxT4JMShtktoesOfc
T7Igx+2Aflvdqy8jDvn0HJ2kIIdJszT2/yClsWGkK/GkcUWM3dsul/11dnXN7qYm
3d32wXAVbBqLyeWVKJ3U8g8F4ZQ7u8mRoPXq8eoKmfozx/7l21m6oyGODLUKA7SY
StRDKx6AjFLxhIVTS24TKJYoEeAecJn0BClVy1kCZNYZ2FYU/ILPURQXXuKLQcJ8
olqi+GoBcfC1Kf5xvB4vZkw6qUEE69FsW2Ys/wDnj8KBSWAViHzYgWl+ZpKRjiIf
NweCtxY0pm8/A7v/vLQQgpZ67z9okEi57XyZOoDPGjE0usqYSvPJiwYQErfHPStS
kUCB6YD1XL77gXlVX4Yt
=yUd7
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2486-1
January 27, 2015
openjdk-6 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK 6.
Software Description:
- openjdk-6: Open Source Java implementation
Details:
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395,
CVE-2015-0408, CVE-2015-0412)
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure. An attacker could exploit these to expose sensitive
data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400,
CVE-2015-0407)
A vulnerability was discovered in the OpenJDK JRE related to
information disclosure and integrity. An attacker could exploit this to
expose sensitive data over the network. (CVE-2014-6593)
A vulnerability was discovered in the OpenJDK JRE related to integrity and
availability. An attacker could exploit this to cause a denial of service.
(CVE-2015-0383)
A vulnerability was discovered in the OpenJDK JRE related to availability.
An attacker could this exploit to cause a denial of service.
(CVE-2015-0410)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
icedtea-6-jre-cacao 6b34-1.13.6-1ubuntu0.12.04.1
icedtea-6-jre-jamvm 6b34-1.13.6-1ubuntu0.12.04.1
openjdk-6-jre 6b34-1.13.6-1ubuntu0.12.04.1
openjdk-6-jre-headless 6b34-1.13.6-1ubuntu0.12.04.1
openjdk-6-jre-lib 6b34-1.13.6-1ubuntu0.12.04.1
openjdk-6-jre-zero 6b34-1.13.6-1ubuntu0.12.04.1
Ubuntu 10.04 LTS:
icedtea-6-jre-cacao 6b34-1.13.6-1ubuntu0.10.04.1
openjdk-6-jre 6b34-1.13.6-1ubuntu0.10.04.1
openjdk-6-jre-headless 6b34-1.13.6-1ubuntu0.10.04.1
openjdk-6-jre-lib 6b34-1.13.6-1ubuntu0.10.04.1
openjdk-6-jre-zero 6b34-1.13.6-1ubuntu0.10.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2486-1
CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591,
CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395,
CVE-2015-0400, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410,
CVE-2015-0412
Package Information:
https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.12.04.1
https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.10.04.1
Version: GnuPG v1
iQIcBAEBCgAGBQJUyAKpAAoJEFHb3FjMVZVzDVUP/0IqJkVYmsJy4x4xsZyCnluP
VDVgAdRV4ea5GoOhC4OuFOI+ez9UD7EQvZxB7dEKzy035XD1ezKOsAK2aFBzq3jO
IX4uFAH9xBAdauht+L8RRrUD9/Sa+DkuebON2ZqMxDdqyDpc7a4Eo4AC4Jo3xQ3y
N/46+0yvoLNWYG7oO+0fP9lz9tGgv6UWm+G+b8Z22ilpg/8qbGZ1ObtCNAdRZADQ
+Pm6nAf7jmgpbt1fEkvNKHthhkh+zaUMmkSWHbjhuSkLrX6YWjZezH076LqDMOPX
aS9HiP3fnAbJXC3scBTC/5HQQoLRdwPAiKCPPKA5nhWUcIFdxT4JMShtktoesOfc
T7Igx+2Aflvdqy8jDvn0HJ2kIIdJszT2/yClsWGkK/GkcUWM3dsul/11dnXN7qYm
3d32wXAVbBqLyeWVKJ3U8g8F4ZQ7u8mRoPXq8eoKmfozx/7l21m6oyGODLUKA7SY
StRDKx6AjFLxhIVTS24TKJYoEeAecJn0BClVy1kCZNYZ2FYU/ILPURQXXuKLQcJ8
olqi+GoBcfC1Kf5xvB4vZkw6qUEE69FsW2Ys/wDnj8KBSWAViHzYgWl+ZpKRjiIf
NweCtxY0pm8/A7v/vLQQgpZ67z9okEi57XyZOoDPGjE0usqYSvPJiwYQErfHPStS
kUCB6YD1XL77gXlVX4Yt
=yUd7
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2486-1
January 27, 2015
openjdk-6 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK 6.
Software Description:
- openjdk-6: Open Source Java implementation
Details:
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395,
CVE-2015-0408, CVE-2015-0412)
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure. An attacker could exploit these to expose sensitive
data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400,
CVE-2015-0407)
A vulnerability was discovered in the OpenJDK JRE related to
information disclosure and integrity. An attacker could exploit this to
expose sensitive data over the network. (CVE-2014-6593)
A vulnerability was discovered in the OpenJDK JRE related to integrity and
availability. An attacker could exploit this to cause a denial of service.
(CVE-2015-0383)
A vulnerability was discovered in the OpenJDK JRE related to availability.
An attacker could this exploit to cause a denial of service.
(CVE-2015-0410)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
icedtea-6-jre-cacao 6b34-1.13.6-1ubuntu0.12.04.1
icedtea-6-jre-jamvm 6b34-1.13.6-1ubuntu0.12.04.1
openjdk-6-jre 6b34-1.13.6-1ubuntu0.12.04.1
openjdk-6-jre-headless 6b34-1.13.6-1ubuntu0.12.04.1
openjdk-6-jre-lib 6b34-1.13.6-1ubuntu0.12.04.1
openjdk-6-jre-zero 6b34-1.13.6-1ubuntu0.12.04.1
Ubuntu 10.04 LTS:
icedtea-6-jre-cacao 6b34-1.13.6-1ubuntu0.10.04.1
openjdk-6-jre 6b34-1.13.6-1ubuntu0.10.04.1
openjdk-6-jre-headless 6b34-1.13.6-1ubuntu0.10.04.1
openjdk-6-jre-lib 6b34-1.13.6-1ubuntu0.10.04.1
openjdk-6-jre-zero 6b34-1.13.6-1ubuntu0.10.04.1
This update uses a new upstream release, which includes additional bug
fixes. After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2486-1
CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591,
CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395,
CVE-2015-0400, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410,
CVE-2015-0412
Package Information:
https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.12.04.1
https://launchpad.net/ubuntu/+source/openjdk-6/6b34-1.13.6-1ubuntu0.10.04.1
[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-15:03.sctp
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-15:03.sctp Security Advisory
The FreeBSD Project
Topic: SCTP stream reset vulnerability
Category: core
Module: sctp
Announced: 2015-01-27
Credits: Gerasimos Dimitriadis
Affects: All supported versions of FreeBSD.
Corrected: 2015-01-27 19:36:08 UTC (stable/10, 10.1-STABLE)
2015-01-27 19:37:02 UTC (releng/10.1, 10.1-RELEASE-p5)
2015-01-27 19:37:02 UTC (releng/10.0, 10.0-RELEASE-p17)
2015-01-27 19:36:08 UTC (stable/9, 9.3-STABLE)
2015-01-27 19:37:02 UTC (releng/9.3, 9.3-RELEASE-p9)
2015-01-27 19:36:08 UTC (stable/8, 8.4-STABLE)
2015-01-27 19:37:02 UTC (releng/8.4, 8.4-RELEASE-p23)
CVE Name: CVE-2014-8613
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
SCTP protocol provides reliable, flow-controlled, two-way transmission
of data. It is a message oriented protocol and can support the SOCK_STREAM
and SOCK_SEQPACKET abstractions.
II. Problem Description
The input validation of received SCTP RE_CONFIG chunks is insufficient,
and can result in a NULL pointer deference later.
III. Impact
A remote attacker who can send a malformed SCTP packet to a FreeBSD system
that serves SCTP can cause a kernel panic, resulting in a Denial of
Service.
IV. Workaround
On FreeBSD 10.1 or later systems, the system administrator can set
net.inet.sctp.reconfig_enable to 0 to disable processing of RE_CONFIG
chunks. This workaround is not available on earlier FreeBSD releases,
but systems that do not serve SCTP connections are not vulnerable.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-15:03/sctp.patch
# fetch https://security.FreeBSD.org/patches/SA-15:03/sctp.patch.asc
# gpg --verify sctp.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r277807
releng/8.4/ r277808
stable/9/ r277807
releng/9.3/ r277808
stable/10/ r277807
releng/10.0/ r277808
releng/10.1/ r277808
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8613>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:03.sctp.asc>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.1 (FreeBSD)
iQIcBAEBCgAGBQJUx+qbAAoJEO1n7NZdz2rnR98QAOWIIf7+akuopMxuVnppZKub
DKCgVAJznitKoxnBtYMAOTcKdf65dQqaAgznAWBRo+USue5LIOI0jjgLuQgepoG6
eIosPiRXqvMQL6Qqx8ydwM3xiVQd+b9pMiLkh3cfljr1Oh6OV+YSRXC+HBKZXaR6
sn5kHRR7xFiwV/HsX4RoSik3qPbDl1x66jeN5jL0Wqg2qjCagK6OxGOtkIlt3pDj
QrYNX/l20hXmvPjRojSEPhY+52X29/nlQjfJg/pwpsmiZJe3cqmfsh1aceUOH1Tu
BOVxwE3oYWrJ8NZBa2cKReU1Sdvl1FxtlaXwkE+sRBzh1/vA7AZU6jWL7fEV1wv0
2mZYLoCrSHfBongLMohs4DQ8CCnH3iEoUBRbG9HGwlAh4s9CAre87oIdHHFWRSsg
oIHxNDG+lk+yNJuOKfjDT+poyuYw7TlBfYN+ifO5UHPOEIH430FWF3B3P2oH4I/M
7VQRClaxaNiPfAJxa11IwHKWM12yrrM7483AuPqdd1r9OUnx33y1jPY0ByemXv9d
LE8jJXs0cdR7zCJuV9R8Uif9xkdGLTj9emsqjaS1KxSJrSzPJaah4nkWq8BRmMXK
3xOxlIM/cGJLU+/cliDy3CqHipU4pt+S4RuAB41xx2k5g9YiAMH178xrfOgrklSH
xKfAM/gz4YqESK5QPjqO
=859G
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Hash: SHA512
=============================================================================
FreeBSD-SA-15:03.sctp Security Advisory
The FreeBSD Project
Topic: SCTP stream reset vulnerability
Category: core
Module: sctp
Announced: 2015-01-27
Credits: Gerasimos Dimitriadis
Affects: All supported versions of FreeBSD.
Corrected: 2015-01-27 19:36:08 UTC (stable/10, 10.1-STABLE)
2015-01-27 19:37:02 UTC (releng/10.1, 10.1-RELEASE-p5)
2015-01-27 19:37:02 UTC (releng/10.0, 10.0-RELEASE-p17)
2015-01-27 19:36:08 UTC (stable/9, 9.3-STABLE)
2015-01-27 19:37:02 UTC (releng/9.3, 9.3-RELEASE-p9)
2015-01-27 19:36:08 UTC (stable/8, 8.4-STABLE)
2015-01-27 19:37:02 UTC (releng/8.4, 8.4-RELEASE-p23)
CVE Name: CVE-2014-8613
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
SCTP protocol provides reliable, flow-controlled, two-way transmission
of data. It is a message oriented protocol and can support the SOCK_STREAM
and SOCK_SEQPACKET abstractions.
II. Problem Description
The input validation of received SCTP RE_CONFIG chunks is insufficient,
and can result in a NULL pointer deference later.
III. Impact
A remote attacker who can send a malformed SCTP packet to a FreeBSD system
that serves SCTP can cause a kernel panic, resulting in a Denial of
Service.
IV. Workaround
On FreeBSD 10.1 or later systems, the system administrator can set
net.inet.sctp.reconfig_enable to 0 to disable processing of RE_CONFIG
chunks. This workaround is not available on earlier FreeBSD releases,
but systems that do not serve SCTP connections are not vulnerable.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-15:03/sctp.patch
# fetch https://security.FreeBSD.org/patches/SA-15:03/sctp.patch.asc
# gpg --verify sctp.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r277807
releng/8.4/ r277808
stable/9/ r277807
releng/9.3/ r277808
stable/10/ r277807
releng/10.0/ r277808
releng/10.1/ r277808
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8613>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:03.sctp.asc>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.1 (FreeBSD)
iQIcBAEBCgAGBQJUx+qbAAoJEO1n7NZdz2rnR98QAOWIIf7+akuopMxuVnppZKub
DKCgVAJznitKoxnBtYMAOTcKdf65dQqaAgznAWBRo+USue5LIOI0jjgLuQgepoG6
eIosPiRXqvMQL6Qqx8ydwM3xiVQd+b9pMiLkh3cfljr1Oh6OV+YSRXC+HBKZXaR6
sn5kHRR7xFiwV/HsX4RoSik3qPbDl1x66jeN5jL0Wqg2qjCagK6OxGOtkIlt3pDj
QrYNX/l20hXmvPjRojSEPhY+52X29/nlQjfJg/pwpsmiZJe3cqmfsh1aceUOH1Tu
BOVxwE3oYWrJ8NZBa2cKReU1Sdvl1FxtlaXwkE+sRBzh1/vA7AZU6jWL7fEV1wv0
2mZYLoCrSHfBongLMohs4DQ8CCnH3iEoUBRbG9HGwlAh4s9CAre87oIdHHFWRSsg
oIHxNDG+lk+yNJuOKfjDT+poyuYw7TlBfYN+ifO5UHPOEIH430FWF3B3P2oH4I/M
7VQRClaxaNiPfAJxa11IwHKWM12yrrM7483AuPqdd1r9OUnx33y1jPY0ByemXv9d
LE8jJXs0cdR7zCJuV9R8Uif9xkdGLTj9emsqjaS1KxSJrSzPJaah4nkWq8BRmMXK
3xOxlIM/cGJLU+/cliDy3CqHipU4pt+S4RuAB41xx2k5g9YiAMH178xrfOgrklSH
xKfAM/gz4YqESK5QPjqO
=859G
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-15:02.kmem
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
=============================================================================
FreeBSD-SA-15:02.kmem Security Advisory
The FreeBSD Project
Topic: SCTP SCTP_SS_VALUE kernel memory corruption and disclosure
Category: core
Module: sctp
Announced: 2015-01-27
Credits: Clement LECIGNE from Google Security Team and
Francisco Falcon from Core Security Technologies
Affects: All supported versions of FreeBSD.
Corrected: 2015-01-27 19:36:08 UTC (stable/10, 10.1-STABLE)
2015-01-27 19:37:02 UTC (releng/10.1, 10.1-RELEASE-p5)
2015-01-27 19:37:02 UTC (releng/10.0, 10.0-RELEASE-p17)
2015-01-27 19:36:08 UTC (stable/9, 9.3-STABLE)
2015-01-27 19:37:02 UTC (releng/9.3, 9.3-RELEASE-p9)
2015-01-27 19:36:08 UTC (stable/8, 8.4-STABLE)
2015-01-27 19:37:02 UTC (releng/8.4, 8.4-RELEASE-p23)
CVE Name: CVE-2014-8612
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
SCTP protocol provides reliable, flow-controlled, two-way transmission
of data. It is a message oriented protocol and can support the SOCK_STREAM
and SOCK_SEQPACKET abstractions.
SCTP allows the user to choose between multiple scheduling algorithms to
optimize the sending behavior of SCTP in scenarios with different
requirements.
II. Problem Description
Due to insufficient validation of the SCTP stream ID, which serves as an array
index, a local unprivileged attacker can read or write 16-bits of kernel
memory.
III. Impact
An unprivileged process can read or modify 16-bits of memory which
belongs to the kernel. This smay lead to exposure of sensitive
information or allow privilege escalation.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch
# fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch.asc
# gpg --verify sctp.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r277807
releng/8.4/ r277808
stable/9/ r277807
releng/9.3/ r277808
stable/10/ r277807
releng/10.0/ r277808
releng/10.1/ r277808
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
We would like to acknowledge Clement LECIGNE from Google Security Team and
Francisco Falcon from Core Security Technologies who discovered the issue
independently and reported to the FreeBSD Security Team.
<URL:http://www.coresecurity.com/content/freebsd-kernel-multiple-vulnerabilities>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8612>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:02.kmem.asc>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.1 (FreeBSD)
iQIcBAEBCgAGBQJUx+qPAAoJEO1n7NZdz2rndPwQAJYuUZhkBqt6Lj0Wnuu220QL
OwMQAVBDggfNMJj5GCMRYqniARGg53UpzBjbKyen9N7tQtjgF6ll9EcWQhUdQSSl
07iCLGkn7kAu5jRO7+S/fJLXaUBfo+KfrUakHBdrWGKD0VVp/DDMbjbzZWl8Yw0S
7g0tqSmNcR1uUbAAsSXUfN9N/8OZzkqCiDvmVcFtalw1CjFyl6XbYXxNS+/j7LrU
YQBJdz9F/X/oPe19VQ36olZWzTdlSLwa/ylwNW7O6K5NdoCq73Co4IDL0gkAgtdQ
s4A7h4UwEoYleRRX+g9Rbeq2tz9FwfIwSferFRF5/1thc0cVJ2e/oDq9lmzyepwa
rbH8jy/TMtSKHlali8I3w6KYfqRFs6whS9Bud1b0SgrqqZizsO64BbvSzkELxHJl
PMUPHHCh3w0CXnRcaxC+rY/kazPZeRzebMaxQLAV0KTEVp0aSGw7FBtEE+ldrHUd
rp1bLESjTjtagr1K1UsCKKZr/t9RSHSZ1I6vfxBPUsUu7oUgd+aOmEpiyYKxna0y
vS5ECCrJG4k9fsQ1emyB5NhROYCXdq2CavfWWOOi3LoUhVvh34N27HVZlqv2m3Y9
sM20xOB3dSx3ufsv19nAclVpL76Pu7fD/MNe+lhUk1KKgqx0L7vdiJfMIrafLYsR
V2Rre46fapln8T+wvhQP
=o9yw
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
Hash: SHA512
=============================================================================
FreeBSD-SA-15:02.kmem Security Advisory
The FreeBSD Project
Topic: SCTP SCTP_SS_VALUE kernel memory corruption and disclosure
Category: core
Module: sctp
Announced: 2015-01-27
Credits: Clement LECIGNE from Google Security Team and
Francisco Falcon from Core Security Technologies
Affects: All supported versions of FreeBSD.
Corrected: 2015-01-27 19:36:08 UTC (stable/10, 10.1-STABLE)
2015-01-27 19:37:02 UTC (releng/10.1, 10.1-RELEASE-p5)
2015-01-27 19:37:02 UTC (releng/10.0, 10.0-RELEASE-p17)
2015-01-27 19:36:08 UTC (stable/9, 9.3-STABLE)
2015-01-27 19:37:02 UTC (releng/9.3, 9.3-RELEASE-p9)
2015-01-27 19:36:08 UTC (stable/8, 8.4-STABLE)
2015-01-27 19:37:02 UTC (releng/8.4, 8.4-RELEASE-p23)
CVE Name: CVE-2014-8612
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
I. Background
SCTP protocol provides reliable, flow-controlled, two-way transmission
of data. It is a message oriented protocol and can support the SOCK_STREAM
and SOCK_SEQPACKET abstractions.
SCTP allows the user to choose between multiple scheduling algorithms to
optimize the sending behavior of SCTP in scenarios with different
requirements.
II. Problem Description
Due to insufficient validation of the SCTP stream ID, which serves as an array
index, a local unprivileged attacker can read or write 16-bits of kernel
memory.
III. Impact
An unprivileged process can read or modify 16-bits of memory which
belongs to the kernel. This smay lead to exposure of sensitive
information or allow privilege escalation.
IV. Workaround
No workaround is available.
V. Solution
Perform one of the following:
1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.
2) To update your vulnerable system via a binary patch:
Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:
# freebsd-update fetch
# freebsd-update install
3) To update your vulnerable system via a source code patch:
The following patches have been verified to apply to the applicable
FreeBSD release branches.
a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch
# fetch https://security.FreeBSD.org/patches/SA-15:02/sctp.patch.asc
# gpg --verify sctp.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
# patch < /path/to/patch
c) Recompile your kernel as described in
<URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.
VI. Correction details
The following list contains the correction revision numbers for each
affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/8/ r277807
releng/8.4/ r277808
stable/9/ r277807
releng/9.3/ r277808
stable/10/ r277807
releng/10.0/ r277808
releng/10.1/ r277808
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:
# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
Or visit the following URL, replacing NNNNNN with the revision number:
<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
VII. References
We would like to acknowledge Clement LECIGNE from Google Security Team and
Francisco Falcon from Core Security Technologies who discovered the issue
independently and reported to the FreeBSD Security Team.
<URL:http://www.coresecurity.com/content/freebsd-kernel-multiple-vulnerabilities>
<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8612>
The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-15:02.kmem.asc>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.1 (FreeBSD)
iQIcBAEBCgAGBQJUx+qPAAoJEO1n7NZdz2rndPwQAJYuUZhkBqt6Lj0Wnuu220QL
OwMQAVBDggfNMJj5GCMRYqniARGg53UpzBjbKyen9N7tQtjgF6ll9EcWQhUdQSSl
07iCLGkn7kAu5jRO7+S/fJLXaUBfo+KfrUakHBdrWGKD0VVp/DDMbjbzZWl8Yw0S
7g0tqSmNcR1uUbAAsSXUfN9N/8OZzkqCiDvmVcFtalw1CjFyl6XbYXxNS+/j7LrU
YQBJdz9F/X/oPe19VQ36olZWzTdlSLwa/ylwNW7O6K5NdoCq73Co4IDL0gkAgtdQ
s4A7h4UwEoYleRRX+g9Rbeq2tz9FwfIwSferFRF5/1thc0cVJ2e/oDq9lmzyepwa
rbH8jy/TMtSKHlali8I3w6KYfqRFs6whS9Bud1b0SgrqqZizsO64BbvSzkELxHJl
PMUPHHCh3w0CXnRcaxC+rY/kazPZeRzebMaxQLAV0KTEVp0aSGw7FBtEE+ldrHUd
rp1bLESjTjtagr1K1UsCKKZr/t9RSHSZ1I6vfxBPUsUu7oUgd+aOmEpiyYKxna0y
vS5ECCrJG4k9fsQ1emyB5NhROYCXdq2CavfWWOOi3LoUhVvh34N27HVZlqv2m3Y9
sM20xOB3dSx3ufsv19nAclVpL76Pu7fD/MNe+lhUk1KKgqx0L7vdiJfMIrafLYsR
V2Rre46fapln8T+wvhQP
=o9yw
-----END PGP SIGNATURE-----
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[USN-2485-1] GNU C Library vulnerability
==========================================================================
Ubuntu Security Notice USN-2485-1
January 27, 2015
eglibc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
The GNU C Library could be made to crash or run programs.
Software Description:
- eglibc: GNU C Library
Details:
It was discovered that a buffer overflow existed in the gethostbyname
and gethostbyname2 functions in the GNU C Library. An attacker could
use this issue to execute arbitrary code or cause an application crash,
resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
libc6 2.15-0ubuntu10.10
Ubuntu 10.04 LTS:
libc6 2.11.1-0ubuntu7.20
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2485-1
CVE-2015-0235
Package Information:
https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.10
https://launchpad.net/ubuntu/+source/eglibc/2.11.1-0ubuntu7.20
Ubuntu Security Notice USN-2485-1
January 27, 2015
eglibc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
The GNU C Library could be made to crash or run programs.
Software Description:
- eglibc: GNU C Library
Details:
It was discovered that a buffer overflow existed in the gethostbyname
and gethostbyname2 functions in the GNU C Library. An attacker could
use this issue to execute arbitrary code or cause an application crash,
resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
libc6 2.15-0ubuntu10.10
Ubuntu 10.04 LTS:
libc6 2.11.1-0ubuntu7.20
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2485-1
CVE-2015-0235
Package Information:
https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.10
https://launchpad.net/ubuntu/+source/eglibc/2.11.1-0ubuntu7.20
[CentOS-announce] CEBA-2015:0089 CentOS 6 gdbm FASTTRACK BugFix Update
CentOS Errata and Bugfix Advisory 2015:0089
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0089.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
ff6addf9697a57eca18c2424bc6791648caa99c105f2b8c1c9d6c136b6afd7d3 gdbm-1.8.0-38.el6.i686.rpm
a5efc92ffa4f3a35f7cbb8e34dfa4e6eb52a835a8a79db96b7e44c0aa2cded13 gdbm-devel-1.8.0-38.el6.i686.rpm
x86_64:
ff6addf9697a57eca18c2424bc6791648caa99c105f2b8c1c9d6c136b6afd7d3 gdbm-1.8.0-38.el6.i686.rpm
8ff51f12fff5cdac53e72f0dc757d53a5aa4093b8b0fd704684df9e520639a2a gdbm-1.8.0-38.el6.x86_64.rpm
a5efc92ffa4f3a35f7cbb8e34dfa4e6eb52a835a8a79db96b7e44c0aa2cded13 gdbm-devel-1.8.0-38.el6.i686.rpm
eb06ba9ec5565e7c6c9971ef6a0289b89ce76461d19571af46730e1e50fd53f2 gdbm-devel-1.8.0-38.el6.x86_64.rpm
Source:
161cd66d7663b9f549aee37358060dc32cff2017f62ce853ed9fa096b751a0f2 gdbm-1.8.0-38.el6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0089.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
ff6addf9697a57eca18c2424bc6791648caa99c105f2b8c1c9d6c136b6afd7d3 gdbm-1.8.0-38.el6.i686.rpm
a5efc92ffa4f3a35f7cbb8e34dfa4e6eb52a835a8a79db96b7e44c0aa2cded13 gdbm-devel-1.8.0-38.el6.i686.rpm
x86_64:
ff6addf9697a57eca18c2424bc6791648caa99c105f2b8c1c9d6c136b6afd7d3 gdbm-1.8.0-38.el6.i686.rpm
8ff51f12fff5cdac53e72f0dc757d53a5aa4093b8b0fd704684df9e520639a2a gdbm-1.8.0-38.el6.x86_64.rpm
a5efc92ffa4f3a35f7cbb8e34dfa4e6eb52a835a8a79db96b7e44c0aa2cded13 gdbm-devel-1.8.0-38.el6.i686.rpm
eb06ba9ec5565e7c6c9971ef6a0289b89ce76461d19571af46730e1e50fd53f2 gdbm-devel-1.8.0-38.el6.x86_64.rpm
Source:
161cd66d7663b9f549aee37358060dc32cff2017f62ce853ed9fa096b751a0f2 gdbm-1.8.0-38.el6.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEEA-2015:X002 Xen and LibVirt Xen4CentOS Enhancement Update
CentOS Errata and Enhancement Advisory 2015:X002 (Xen4CentOS)
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
-----------------------------
x86_64
-----------------------------
cdfc144852265d5b5d5ad929bc5b31159a6ca859715ba795134e2b85fe7e3399 libvirt-1.2.10-3.el6.x86_64.rpm
5c9b50eae196a3beb710b1aa37ef212d1fb19062a3e0a0a0b1448c3e38695898 libvirt-client-1.2.10-3.el6.x86_64.rpm
f75375eca3a0088aa9a537dda0cdebc047bb74fc24364b0f75a3f3315ea5fee1 libvirt-daemon-1.2.10-3.el6.x86_64.rpm
04a7c8d378aaa85aa0962afa24193df37bc884a4f0f812c82f196d9657f6faea libvirt-daemon-config-network-1.2.10-3.el6.x86_64.rpm
f6b969d3c89e4f7d10b18464f5a5b7d8b4627bba8194426a4f528d572ef9b378 libvirt-daemon-config-nwfilter-1.2.10-3.el6.x86_64.rpm
89a220c0964427ec8e914d7fe01c799e1223c1a0ccbf6e9c9a8b722dbfb2e6c2 libvirt-daemon-driver-interface-1.2.10-3.el6.x86_64.rpm
d52b96cd2cbb807e93a74970d4309f2ff0b8a5c5030918cfa74b070152b561ef libvirt-daemon-driver-libxl-1.2.10-3.el6.x86_64.rpm
14e49bd64281368826a4d7bff9dcebe63f7693fd6b50e681febf515b09ae098b libvirt-daemon-driver-lxc-1.2.10-3.el6.x86_64.rpm
48dbc513689a93689eb89ea514ee7fee560d66a6f8d49e61424fcfa155105308 libvirt-daemon-driver-network-1.2.10-3.el6.x86_64.rpm
dfa11209f31bedf18938d85eb12456d82d46af84070fe4f47e5521a3f4fcbfea libvirt-daemon-driver-nodedev-1.2.10-3.el6.x86_64.rpm
46e6872c93140df1aa662470b4e72fe49b960412b059c32b5d2128ce6f61a10e libvirt-daemon-driver-nwfilter-1.2.10-3.el6.x86_64.rpm
23233e23f9e41d47a7f7489647e308394f94018b4789a225a6df6b49291ecbf0 libvirt-daemon-driver-qemu-1.2.10-3.el6.x86_64.rpm
9ab5624fcfed9a1401b46b458bb23aded8bc603e2ba10e267a12eec64c7ec683 libvirt-daemon-driver-secret-1.2.10-3.el6.x86_64.rpm
464f904baea4beec68fe90708c2895e697f215551d423a5dc9950c6f2df672b4 libvirt-daemon-driver-storage-1.2.10-3.el6.x86_64.rpm
1f6242a8ca12578bb7c0046e604e87caa13a3b2bfcae0e2a75d8d7d957d77837 libvirt-daemon-driver-xen-1.2.10-3.el6.x86_64.rpm
9dcf36b9708b145df230de9e4967a880620d5fbb91c874c34b0a06110b2fcb0f libvirt-daemon-kvm-1.2.10-3.el6.x86_64.rpm
521e8fd3fe56d00c3ed9b4b83fbf8d145fd0cb40ed57ca163cf4dad065d0c83e libvirt-daemon-lxc-1.2.10-3.el6.x86_64.rpm
604a476a2cb73578411d1780e915ec12ef5421c4ddd1c6501af8baedddb11b05 libvirt-daemon-xen-1.2.10-3.el6.x86_64.rpm
ada1948fb39ff73b9462b3b4a88d83650768811da6cf041dfc82c8cb4440ca3c libvirt-devel-1.2.10-3.el6.x86_64.rpm
12b7d939d5bbb902d19c9f10ab1d0e09b7d6f2569d6c08d361faa7a078537580 libvirt-docs-1.2.10-3.el6.x86_64.rpm
9b5966f617704138b57c0158ffc24bd722e3c45fc163c4b57fbb78a6a46bab3f libvirt-lock-sanlock-1.2.10-3.el6.x86_64.rpm
cf3c8b24dd749d3a58502153e68908ee7d7f6c935a24a42c1939d776a394ad34 libvirt-login-shell-1.2.10-3.el6.x86_64.rpm
4a6fefb92c51a8c808519c14c0f05bf4bba5d15cc6c80a9189233cea429f81f3 libvirt-python-1.2.10-2.el6.x86_64.rpm
cfb51d27393b89ce9ea778c90fc78387e1bbd66ee526900f4d1d30b0ce2939f2 xen-4.4.1-5.el6.x86_64.rpm
8112529df37665282b18ac255024a5298b4a0d2c3b43047feb2411d04bb8493b xen-devel-4.4.1-5.el6.x86_64.rpm
eceef9fe592a624c58321095223f1694aaeafc5188d7af2a63545169ce4c2935 xen-doc-4.4.1-5.el6.x86_64.rpm
2604e220fb3bd9dade6f032eb3688770dec07969b4000dbeda0d950fb94f647d xen-hypervisor-4.4.1-5.el6.x86_64.rpm
8645ef7f6d40c2f1374d4749dafa30e636db78650e262b9f3c7208748234be47 xen-libs-4.4.1-5.el6.x86_64.rpm
d7e292c6593100328b324451bcb71ffd5aca25748826af1e67bca0950d611674 xen-licenses-4.4.1-5.el6.x86_64.rpm
81b62af7f92f6df99e85678ba7b5856006673f04b27c9d3cc9e437f702879f39 xen-ocaml-4.4.1-5.el6.x86_64.rpm
2b6fe42c4e34cc6b41a7e7ee3c7409db10a606ff4cf90dfbf6f4dcccd6adf2de xen-ocaml-devel-4.4.1-5.el6.x86_64.rpm
2a85526a06d64cd6d23b292a132f49c48bd4d446854c9834ecd816da6978da69 xen-runtime-4.4.1-5.el6.x86_64.rpm
-----------------------------
Source
-----------------------------
02d6120f7bbeb61b52b1529bec526c078a2c5d13560337098f12d3755f28d926 libvirt-1.2.10-3.el6.src.rpm
550fcd79d3d32752847cc8901155b8870816b4f6bd0fee304503024962679962 libvirt-python-1.2.10-2.el6.src.rpm
17fd39507d1bbac73b0e1c60f56faf775f7cf64ba71fa1a8748159529e42fe52 xen-4.4.1-5.el6.src.rpm
=====================================================
NOTE: This is an upgrade of libvirt to version 1.2.10 and xen to 4.4.1
By default version 4.4 of Xen uses libxl by default, not xm. You must convert
your xm DomU virtual machines to xl or you must turn on xend manually to use your
older DomU virtual machines.
Please review this before upgrading and decide how to proceed:
http://wiki.centos.org/HowTos/Xen/Xen4QuickStart/MigratingToXl
=====================================================
These new RPMs have been produced by the new CentOS Virtualization SIG:
http://wiki.centos.org/SpecialInterestGroup/Virtualization/
Utilizing the new CentOS Community Build System (CBS):
http://cbs.centos.org
Special thanks to the SIG for their hard work in building and testing this
release, especially Lars Kurth, George Dunlap and Pasi Kärkkäinen.
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
-----------------------------
x86_64
-----------------------------
cdfc144852265d5b5d5ad929bc5b31159a6ca859715ba795134e2b85fe7e3399 libvirt-1.2.10-3.el6.x86_64.rpm
5c9b50eae196a3beb710b1aa37ef212d1fb19062a3e0a0a0b1448c3e38695898 libvirt-client-1.2.10-3.el6.x86_64.rpm
f75375eca3a0088aa9a537dda0cdebc047bb74fc24364b0f75a3f3315ea5fee1 libvirt-daemon-1.2.10-3.el6.x86_64.rpm
04a7c8d378aaa85aa0962afa24193df37bc884a4f0f812c82f196d9657f6faea libvirt-daemon-config-network-1.2.10-3.el6.x86_64.rpm
f6b969d3c89e4f7d10b18464f5a5b7d8b4627bba8194426a4f528d572ef9b378 libvirt-daemon-config-nwfilter-1.2.10-3.el6.x86_64.rpm
89a220c0964427ec8e914d7fe01c799e1223c1a0ccbf6e9c9a8b722dbfb2e6c2 libvirt-daemon-driver-interface-1.2.10-3.el6.x86_64.rpm
d52b96cd2cbb807e93a74970d4309f2ff0b8a5c5030918cfa74b070152b561ef libvirt-daemon-driver-libxl-1.2.10-3.el6.x86_64.rpm
14e49bd64281368826a4d7bff9dcebe63f7693fd6b50e681febf515b09ae098b libvirt-daemon-driver-lxc-1.2.10-3.el6.x86_64.rpm
48dbc513689a93689eb89ea514ee7fee560d66a6f8d49e61424fcfa155105308 libvirt-daemon-driver-network-1.2.10-3.el6.x86_64.rpm
dfa11209f31bedf18938d85eb12456d82d46af84070fe4f47e5521a3f4fcbfea libvirt-daemon-driver-nodedev-1.2.10-3.el6.x86_64.rpm
46e6872c93140df1aa662470b4e72fe49b960412b059c32b5d2128ce6f61a10e libvirt-daemon-driver-nwfilter-1.2.10-3.el6.x86_64.rpm
23233e23f9e41d47a7f7489647e308394f94018b4789a225a6df6b49291ecbf0 libvirt-daemon-driver-qemu-1.2.10-3.el6.x86_64.rpm
9ab5624fcfed9a1401b46b458bb23aded8bc603e2ba10e267a12eec64c7ec683 libvirt-daemon-driver-secret-1.2.10-3.el6.x86_64.rpm
464f904baea4beec68fe90708c2895e697f215551d423a5dc9950c6f2df672b4 libvirt-daemon-driver-storage-1.2.10-3.el6.x86_64.rpm
1f6242a8ca12578bb7c0046e604e87caa13a3b2bfcae0e2a75d8d7d957d77837 libvirt-daemon-driver-xen-1.2.10-3.el6.x86_64.rpm
9dcf36b9708b145df230de9e4967a880620d5fbb91c874c34b0a06110b2fcb0f libvirt-daemon-kvm-1.2.10-3.el6.x86_64.rpm
521e8fd3fe56d00c3ed9b4b83fbf8d145fd0cb40ed57ca163cf4dad065d0c83e libvirt-daemon-lxc-1.2.10-3.el6.x86_64.rpm
604a476a2cb73578411d1780e915ec12ef5421c4ddd1c6501af8baedddb11b05 libvirt-daemon-xen-1.2.10-3.el6.x86_64.rpm
ada1948fb39ff73b9462b3b4a88d83650768811da6cf041dfc82c8cb4440ca3c libvirt-devel-1.2.10-3.el6.x86_64.rpm
12b7d939d5bbb902d19c9f10ab1d0e09b7d6f2569d6c08d361faa7a078537580 libvirt-docs-1.2.10-3.el6.x86_64.rpm
9b5966f617704138b57c0158ffc24bd722e3c45fc163c4b57fbb78a6a46bab3f libvirt-lock-sanlock-1.2.10-3.el6.x86_64.rpm
cf3c8b24dd749d3a58502153e68908ee7d7f6c935a24a42c1939d776a394ad34 libvirt-login-shell-1.2.10-3.el6.x86_64.rpm
4a6fefb92c51a8c808519c14c0f05bf4bba5d15cc6c80a9189233cea429f81f3 libvirt-python-1.2.10-2.el6.x86_64.rpm
cfb51d27393b89ce9ea778c90fc78387e1bbd66ee526900f4d1d30b0ce2939f2 xen-4.4.1-5.el6.x86_64.rpm
8112529df37665282b18ac255024a5298b4a0d2c3b43047feb2411d04bb8493b xen-devel-4.4.1-5.el6.x86_64.rpm
eceef9fe592a624c58321095223f1694aaeafc5188d7af2a63545169ce4c2935 xen-doc-4.4.1-5.el6.x86_64.rpm
2604e220fb3bd9dade6f032eb3688770dec07969b4000dbeda0d950fb94f647d xen-hypervisor-4.4.1-5.el6.x86_64.rpm
8645ef7f6d40c2f1374d4749dafa30e636db78650e262b9f3c7208748234be47 xen-libs-4.4.1-5.el6.x86_64.rpm
d7e292c6593100328b324451bcb71ffd5aca25748826af1e67bca0950d611674 xen-licenses-4.4.1-5.el6.x86_64.rpm
81b62af7f92f6df99e85678ba7b5856006673f04b27c9d3cc9e437f702879f39 xen-ocaml-4.4.1-5.el6.x86_64.rpm
2b6fe42c4e34cc6b41a7e7ee3c7409db10a606ff4cf90dfbf6f4dcccd6adf2de xen-ocaml-devel-4.4.1-5.el6.x86_64.rpm
2a85526a06d64cd6d23b292a132f49c48bd4d446854c9834ecd816da6978da69 xen-runtime-4.4.1-5.el6.x86_64.rpm
-----------------------------
Source
-----------------------------
02d6120f7bbeb61b52b1529bec526c078a2c5d13560337098f12d3755f28d926 libvirt-1.2.10-3.el6.src.rpm
550fcd79d3d32752847cc8901155b8870816b4f6bd0fee304503024962679962 libvirt-python-1.2.10-2.el6.src.rpm
17fd39507d1bbac73b0e1c60f56faf775f7cf64ba71fa1a8748159529e42fe52 xen-4.4.1-5.el6.src.rpm
=====================================================
NOTE: This is an upgrade of libvirt to version 1.2.10 and xen to 4.4.1
By default version 4.4 of Xen uses libxl by default, not xm. You must convert
your xm DomU virtual machines to xl or you must turn on xend manually to use your
older DomU virtual machines.
Please review this before upgrading and decide how to proceed:
http://wiki.centos.org/HowTos/Xen/Xen4QuickStart/MigratingToXl
=====================================================
These new RPMs have been produced by the new CentOS Virtualization SIG:
http://wiki.centos.org/SpecialInterestGroup/Virtualization/
Utilizing the new CentOS Community Build System (CBS):
http://cbs.centos.org
Special thanks to the SIG for their hard work in building and testing this
release, especially Lars Kurth, George Dunlap and Pasi Kärkkäinen.
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[USN-2458-3] Firefox regression
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJUx4G8AAoJEGEfvezVlG4PVmIH/0sNthNoIFByYCfUxIhofsHR
mNoo7vfGXGOC163Wxj1dmN39lsNuP9EH8oiyXSUbQQsbdA1BT5kNJRrbpIeabD5B
OSEPokOSM4mDulQw6WrjYyBOpr668OJTvWtcksrIE5hMcgyoazR1t73eJWbI3N65
ExorFVb653vl171re6JqTrnGwpzrLzW67wDPcrGxtwgJ3xYvhpfNbpkXoUn1LrkT
afWvOOPc+Zht07ZgozIXnSBdGGiXGFS+sF21Rsh9gO2LPZNKtJlFaBwdm7wgxoLj
niTpUP3bBToSrmtPHXoIdHmD3VP4KS45bHVgRk9WltGnL5Aul1lqrbeaLMNzvCQ=
=H5PA
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2458-3
January 27, 2015
firefox regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
USN-2458-1 introduced a regression in Firefox
Software Description:
- firefox: Mozilla Open Source web browser
Details:
USN-2458-1 fixed vulnerabilities in Firefox. This update introduced a
regression which could make websites that use CSP fail to load under some
circumstances. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse
Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered
multiple memory safety issues in Firefox. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
these to cause a denial of service via application crash, or execute
arbitrary code with the privileges of the user invoking Firefox.
(CVE-2014-8634, CVE-2014-8635)
Bobby Holley discovered that some DOM objects with certain properties
can bypass XrayWrappers in some circumstances. If a user were tricked in
to opening a specially crafted website, an attacker could potentially
exploit this to bypass security restrictions. (CVE-2014-8636)
Michal Zalewski discovered a use of uninitialized memory when rendering
malformed bitmap images on a canvas element. If a user were tricked in to
opening a specially crafted website, an attacker could potentially
exploit this to steal confidential information. (CVE-2014-8637)
Muneaki Nishimura discovered that requests from navigator.sendBeacon()
lack an origin header. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to conduct
cross-site request forgery (XSRF) attacks. (CVE-2014-8638)
Xiaofeng Zheng discovered that a web proxy returning a 407 response
could inject cookies in to the originally requested domain. If a user
connected to a malicious web proxy, an attacker could potentially exploit
this to conduct session-fixation attacks. (CVE-2014-8639)
Holger Fuhrmannek discovered a crash in Web Audio while manipulating
timelines. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial
of service. (CVE-2014-8640)
Mitchell Harper discovered a use-after-free in WebRTC. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2014-8641)
Brian Smith discovered that OCSP responses would fail to verify if signed
by a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck
extension, potentially allowing a user to connect to a site with a revoked
certificate. (CVE-2014-8642)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.10:
firefox 35.0.1+build1-0ubuntu0.14.10.1
Ubuntu 14.04 LTS:
firefox 35.0.1+build1-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
firefox 35.0.1+build1-0ubuntu0.12.04.1
After a standard system update you need to restart Firefox to make
all the necessary changes.
Package Information:
https://launchpad.net/ubuntu/+source/firefox/35.0.1+build1-0ubuntu0.14.10.1
https://launchpad.net/ubuntu/+source/firefox/35.0.1+build1-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/firefox/35.0.1+build1-0ubuntu0.12.04.1
Version: GnuPG v1
iQEcBAEBAgAGBQJUx4G8AAoJEGEfvezVlG4PVmIH/0sNthNoIFByYCfUxIhofsHR
mNoo7vfGXGOC163Wxj1dmN39lsNuP9EH8oiyXSUbQQsbdA1BT5kNJRrbpIeabD5B
OSEPokOSM4mDulQw6WrjYyBOpr668OJTvWtcksrIE5hMcgyoazR1t73eJWbI3N65
ExorFVb653vl171re6JqTrnGwpzrLzW67wDPcrGxtwgJ3xYvhpfNbpkXoUn1LrkT
afWvOOPc+Zht07ZgozIXnSBdGGiXGFS+sF21Rsh9gO2LPZNKtJlFaBwdm7wgxoLj
niTpUP3bBToSrmtPHXoIdHmD3VP4KS45bHVgRk9WltGnL5Aul1lqrbeaLMNzvCQ=
=H5PA
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2458-3
January 27, 2015
firefox regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS
Summary:
USN-2458-1 introduced a regression in Firefox
Software Description:
- firefox: Mozilla Open Source web browser
Details:
USN-2458-1 fixed vulnerabilities in Firefox. This update introduced a
regression which could make websites that use CSP fail to load under some
circumstances. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse
Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered
multiple memory safety issues in Firefox. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
these to cause a denial of service via application crash, or execute
arbitrary code with the privileges of the user invoking Firefox.
(CVE-2014-8634, CVE-2014-8635)
Bobby Holley discovered that some DOM objects with certain properties
can bypass XrayWrappers in some circumstances. If a user were tricked in
to opening a specially crafted website, an attacker could potentially
exploit this to bypass security restrictions. (CVE-2014-8636)
Michal Zalewski discovered a use of uninitialized memory when rendering
malformed bitmap images on a canvas element. If a user were tricked in to
opening a specially crafted website, an attacker could potentially
exploit this to steal confidential information. (CVE-2014-8637)
Muneaki Nishimura discovered that requests from navigator.sendBeacon()
lack an origin header. If a user were tricked in to opening a specially
crafted website, an attacker could potentially exploit this to conduct
cross-site request forgery (XSRF) attacks. (CVE-2014-8638)
Xiaofeng Zheng discovered that a web proxy returning a 407 response
could inject cookies in to the originally requested domain. If a user
connected to a malicious web proxy, an attacker could potentially exploit
this to conduct session-fixation attacks. (CVE-2014-8639)
Holger Fuhrmannek discovered a crash in Web Audio while manipulating
timelines. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial
of service. (CVE-2014-8640)
Mitchell Harper discovered a use-after-free in WebRTC. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via application
crash, or execute arbitrary code with the privileges of the user invoking
Firefox. (CVE-2014-8641)
Brian Smith discovered that OCSP responses would fail to verify if signed
by a delegated OCSP responder certificate with the id-pkix-ocsp-nocheck
extension, potentially allowing a user to connect to a site with a revoked
certificate. (CVE-2014-8642)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.10:
firefox 35.0.1+build1-0ubuntu0.14.10.1
Ubuntu 14.04 LTS:
firefox 35.0.1+build1-0ubuntu0.14.04.1
Ubuntu 12.04 LTS:
firefox 35.0.1+build1-0ubuntu0.12.04.1
After a standard system update you need to restart Firefox to make
all the necessary changes.
Package Information:
https://launchpad.net/ubuntu/+source/firefox/35.0.1+build1-0ubuntu0.14.10.1
https://launchpad.net/ubuntu/+source/firefox/35.0.1+build1-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/firefox/35.0.1+build1-0ubuntu0.12.04.1
[opensuse-announce] openSUSE board election 2014/2015 results
The openSUSE board election 2014/2015 ended last night.
In this election we had 3 seats to be elected, all for a standard 2 year (24 months) term :
- Robert Schweikert and Kosta Koudaras' terms were coming to expiration.
- Peter Linnell's seat was up for election as he got appointed in the
board as a replacement for Richard Brown.
Election results:
We had 148 people voting.
Robert Schweikert, 101 votes (68%)
Michal Hrusecky, 96 votes (65%)
Kostas Koudaras, 81 votes (55%)
Peter Linnell, 63 votes (43%)
Craig Gardner, 60 votes (41%)
Are elected to openSUSE Board, for a 2 years (24 months) term:
- Robert Schweikert
- Michal Hrusecky
- Kostas Koudaras
Thanks for all candidates who stepped up and all members who casted
their votes!
openSUSE 2014/2015 Election Committee (election-officials@opensuse.org)
Frederic "fcrozat" Crozat
Marcus "darix" Rueckert
[1] https://connect.opensuse.org/pg/polls/read/RBrownSUSE/46342/opensuse-board-election-20142015
--
To unsubscribe, e-mail: opensuse-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-announce+help@opensuse.org
In this election we had 3 seats to be elected, all for a standard 2 year (24 months) term :
- Robert Schweikert and Kosta Koudaras' terms were coming to expiration.
- Peter Linnell's seat was up for election as he got appointed in the
board as a replacement for Richard Brown.
Election results:
We had 148 people voting.
Robert Schweikert, 101 votes (68%)
Michal Hrusecky, 96 votes (65%)
Kostas Koudaras, 81 votes (55%)
Peter Linnell, 63 votes (43%)
Craig Gardner, 60 votes (41%)
Are elected to openSUSE Board, for a 2 years (24 months) term:
- Robert Schweikert
- Michal Hrusecky
- Kostas Koudaras
Thanks for all candidates who stepped up and all members who casted
their votes!
openSUSE 2014/2015 Election Committee (election-officials@opensuse.org)
Frederic "fcrozat" Crozat
Marcus "darix" Rueckert
[1] https://connect.opensuse.org/pg/polls/read/RBrownSUSE/46342/opensuse-board-election-20142015
--
To unsubscribe, e-mail: opensuse-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-announce+help@opensuse.org
Monday, January 26, 2015
FESCo elections are open
Greetings,
FESCo elections are now open and we're looking for five new
committee members. Elections closes promptly at 23:59 UTC
on February 3rd. Don't forget to vote!
FESCo elections are now open and we're looking for five new
committee members. Elections closes promptly at 23:59 UTC
on February 3rd. Don't forget to vote!
To cast your vote, go to:
https://admin.fedoraproject.org/voting
Read more about Fedora elections at
https://fedoraproject.org/wiki/Elections
and about the new FESCo at
http://fedoraproject.org/wiki/Development/SteeringCommittee
We use range voting in this process — vote for as many or as
few candidates as you like on a sliding scale.
Note: we were planning Env and Stacks WG elections too but
as number of candidates was the same as open seats, Env and
Stacks group decided not to run elections this time and
accept all candidates as committee members. See the announce-
ment from Honza Horak.
The Fedora Magazine interviews got delayed as we were waiting
for more questions being asked from the community. If you
need it to make your decision, please check magazine later.
Jaroslav
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel-announce
[CentOS-announce] CESA-2015:0085 Important CentOS 7 java-1.6.0-openjdk Security Update
CentOS Errata and Security Advisory 2015:0085 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0085.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
a12ac158dd046c4b2fcca4e459c73c423feaa0ffbe2b742a6468b118ca71bdec java-1.6.0-openjdk-1.6.0.34-1.13.6.1.el7_0.x86_64.rpm
bdbdaa4bb3124fd61ef79f123f7a5084eec1b30a464fe1936dc507b864b5423a java-1.6.0-openjdk-demo-1.6.0.34-1.13.6.1.el7_0.x86_64.rpm
6804f0158a96aac2e44be109ccd743b6bdfe646ae38701fad6aeebc322d98a42 java-1.6.0-openjdk-devel-1.6.0.34-1.13.6.1.el7_0.x86_64.rpm
bd73ffdc593af0fd8aad8c6c92ae3aa5878f66595cf19188f7fc1e957f1cf9a8 java-1.6.0-openjdk-javadoc-1.6.0.34-1.13.6.1.el7_0.x86_64.rpm
99dd0f3f41a8b7117b12d8cd2fcbefe2ec6629dcbe6ef071777d34cd41be520f java-1.6.0-openjdk-src-1.6.0.34-1.13.6.1.el7_0.x86_64.rpm
Source:
e2bfb4c35aa042b816db749b87aba4dab4951672dbd98a28481d8f89127b2d5d java-1.6.0-openjdk-1.6.0.34-1.13.6.1.el7_0.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0085.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
a12ac158dd046c4b2fcca4e459c73c423feaa0ffbe2b742a6468b118ca71bdec java-1.6.0-openjdk-1.6.0.34-1.13.6.1.el7_0.x86_64.rpm
bdbdaa4bb3124fd61ef79f123f7a5084eec1b30a464fe1936dc507b864b5423a java-1.6.0-openjdk-demo-1.6.0.34-1.13.6.1.el7_0.x86_64.rpm
6804f0158a96aac2e44be109ccd743b6bdfe646ae38701fad6aeebc322d98a42 java-1.6.0-openjdk-devel-1.6.0.34-1.13.6.1.el7_0.x86_64.rpm
bd73ffdc593af0fd8aad8c6c92ae3aa5878f66595cf19188f7fc1e957f1cf9a8 java-1.6.0-openjdk-javadoc-1.6.0.34-1.13.6.1.el7_0.x86_64.rpm
99dd0f3f41a8b7117b12d8cd2fcbefe2ec6629dcbe6ef071777d34cd41be520f java-1.6.0-openjdk-src-1.6.0.34-1.13.6.1.el7_0.x86_64.rpm
Source:
e2bfb4c35aa042b816db749b87aba4dab4951672dbd98a28481d8f89127b2d5d java-1.6.0-openjdk-1.6.0.34-1.13.6.1.el7_0.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[USN-2476-1] Oxide vulnerabilities
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJUxp10AAoJEGEfvezVlG4PGl0IAIXrcvWFX1d44Oc5cmzYRz76
PGVcn9SS8HWkoSzYxUwPUtbSGabl+wIgjVt/xzxa/vgb2bizRuypnuYbd+/+qrxN
J6Ke5P0SY6RtYTOh2ArxHumlD3FY0BVYMfMu2oPzRCwnaD7MYu2EdCISMKV+uq/c
24tLeQng+i8EVWN3XDVgSnHyWd/FBa+Sy8+8Xj/Tz3rWuEQbOxi0MA0z6cUmk6D/
Nl9fDSK9jUYJsJU2iBDeWDEDm+bwyzovLbUR7bgvnn6wxVReJ007NDnIaOiMq3vH
CG490bbztiWMMgBPdciRD+V/UkN9AsNgswNe15CqQ8VT60o5eG6vhapRteT+Jzg=
=/L8H
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2476-1
January 26, 2015
oxide-qt vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Oxide.
Software Description:
- oxide-qt: Web browser engine library for Qt (QML plugin)
Details:
Several memory corruption bugs were discovered in ICU. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via renderer crash
or execute arbitrary code with the privileges of the sandboxed render
process. (CVE-2014-7923, CVE-2014-7926)
A use-after-free was discovered in the IndexedDB implementation. If a user
were tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via application
crash or execute arbitrary code with the privileges of the user invoking
the program. (CVE-2014-7924)
A use-after free was discovered in the WebAudio implementation in Blink.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
renderer crash or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2014-7925)
Several memory corruption bugs were discovered in V8. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via renderer crash
or execute arbitrary code with the privileges of the sandboxed render
process. (CVE-2014-7927, CVE-2014-7928, CVE-2014-7931)
Several use-after free bugs were discovered in the DOM implementation in
Blink. If a user were tricked in to opening a specially crafted website,
an attacker could potentially exploit these to cause a denial of service
via renderer crash or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2014-7929, CVE-2014-7930, CVE-2014-7932,
CVE-2014-7934)
A use-after free was discovered in FFmpeg. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via renderer crash or execute arbitrary
code with the privileges of the sandboxed render process. (CVE-2014-7933)
Multiple off-by-one errors were discovered in FFmpeg. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via renderer crash
or execute arbitrary code with the privileges of the sandboxed render
process. (CVE-2014-7937)
A memory corruption bug was discovered in the fonts implementation. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to cause a denial of service via renderer
crash or execute arbitrary code with the privileges of the sandboxed
render process. (CVE-2014-7938)
It was discovered that ICU did not initialize memory for a data structure
correctly. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via renderer crash or execute arbitrary code with the privileges
of the sandboxed render process. (CVE-2014-7940)
It was discovered that the fonts implementation did not initialize memory
for a data structure correctly. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
cause a denial of service via renderer crash or execute arbitrary code
with the privileges of the sandboxed render process. (CVE-2014-7942)
An out-of-bounds read was discovered in Skia. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via renderer crash. (CVE-2014-7943)
An out-of-bounds read was discovered in Blink. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via renderer crash. (CVE-2014-7946)
It was discovered that the AppCache proceeded with caching for SSL
sessions even if there is a certificate error. A remote attacker could
potentially exploit this by conducting a MITM attack to modify HTML
application content. (CVE-2014-7948)
Multiple security issues were discovered in Chromium. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, cause a denial
of service via application crash or execute arbitrary code with the
privileges of the user invoking the program. (CVE-2015-1205)
Multiple security issues were discovered in V8. If a user were tricked
in to opening a specially crafted website, an attacker could potentially
exploit these to read uninitialized memory, cause a denial of service via
renderer crash or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2015-1346)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.10:
liboxideqtcore0 1.4.2-0ubuntu0.14.10.1
oxideqt-codecs 1.4.2-0ubuntu0.14.10.1
oxideqt-codecs-extra 1.4.2-0ubuntu0.14.10.1
Ubuntu 14.04 LTS:
liboxideqtcore0 1.4.2-0ubuntu0.14.04.1
oxideqt-codecs 1.4.2-0ubuntu0.14.04.1
oxideqt-codecs-extra 1.4.2-0ubuntu0.14.04.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2476-1
CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926,
CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930,
CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934,
CVE-2014-7937, CVE-2014-7938, CVE-2014-7940, CVE-2014-7942,
CVE-2014-7943, CVE-2014-7946, CVE-2014-7948, CVE-2015-1205,
CVE-2015-1346
Package Information:
https://launchpad.net/ubuntu/+source/oxide-qt/1.4.2-0ubuntu0.14.10.1
https://launchpad.net/ubuntu/+source/oxide-qt/1.4.2-0ubuntu0.14.04.1
Version: GnuPG v1
iQEcBAEBAgAGBQJUxp10AAoJEGEfvezVlG4PGl0IAIXrcvWFX1d44Oc5cmzYRz76
PGVcn9SS8HWkoSzYxUwPUtbSGabl+wIgjVt/xzxa/vgb2bizRuypnuYbd+/+qrxN
J6Ke5P0SY6RtYTOh2ArxHumlD3FY0BVYMfMu2oPzRCwnaD7MYu2EdCISMKV+uq/c
24tLeQng+i8EVWN3XDVgSnHyWd/FBa+Sy8+8Xj/Tz3rWuEQbOxi0MA0z6cUmk6D/
Nl9fDSK9jUYJsJU2iBDeWDEDm+bwyzovLbUR7bgvnn6wxVReJ007NDnIaOiMq3vH
CG490bbztiWMMgBPdciRD+V/UkN9AsNgswNe15CqQ8VT60o5eG6vhapRteT+Jzg=
=/L8H
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2476-1
January 26, 2015
oxide-qt vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.10
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Oxide.
Software Description:
- oxide-qt: Web browser engine library for Qt (QML plugin)
Details:
Several memory corruption bugs were discovered in ICU. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via renderer crash
or execute arbitrary code with the privileges of the sandboxed render
process. (CVE-2014-7923, CVE-2014-7926)
A use-after-free was discovered in the IndexedDB implementation. If a user
were tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via application
crash or execute arbitrary code with the privileges of the user invoking
the program. (CVE-2014-7924)
A use-after free was discovered in the WebAudio implementation in Blink.
If a user were tricked in to opening a specially crafted website, an
attacker could potentially exploit this to cause a denial of service via
renderer crash or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2014-7925)
Several memory corruption bugs were discovered in V8. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service via renderer crash
or execute arbitrary code with the privileges of the sandboxed render
process. (CVE-2014-7927, CVE-2014-7928, CVE-2014-7931)
Several use-after free bugs were discovered in the DOM implementation in
Blink. If a user were tricked in to opening a specially crafted website,
an attacker could potentially exploit these to cause a denial of service
via renderer crash or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2014-7929, CVE-2014-7930, CVE-2014-7932,
CVE-2014-7934)
A use-after free was discovered in FFmpeg. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via renderer crash or execute arbitrary
code with the privileges of the sandboxed render process. (CVE-2014-7933)
Multiple off-by-one errors were discovered in FFmpeg. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit this to cause a denial of service via renderer crash
or execute arbitrary code with the privileges of the sandboxed render
process. (CVE-2014-7937)
A memory corruption bug was discovered in the fonts implementation. If a
user were tricked in to opening a specially crafted website, an attacker
could potentially exploit this to cause a denial of service via renderer
crash or execute arbitrary code with the privileges of the sandboxed
render process. (CVE-2014-7938)
It was discovered that ICU did not initialize memory for a data structure
correctly. If a user were tricked in to opening a specially crafted
website, an attacker could potentially exploit this to cause a denial of
service via renderer crash or execute arbitrary code with the privileges
of the sandboxed render process. (CVE-2014-7940)
It was discovered that the fonts implementation did not initialize memory
for a data structure correctly. If a user were tricked in to opening a
specially crafted website, an attacker could potentially exploit this to
cause a denial of service via renderer crash or execute arbitrary code
with the privileges of the sandboxed render process. (CVE-2014-7942)
An out-of-bounds read was discovered in Skia. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via renderer crash. (CVE-2014-7943)
An out-of-bounds read was discovered in Blink. If a user were tricked in to
opening a specially crafted website, an attacker could potentially exploit
this to cause a denial of service via renderer crash. (CVE-2014-7946)
It was discovered that the AppCache proceeded with caching for SSL
sessions even if there is a certificate error. A remote attacker could
potentially exploit this by conducting a MITM attack to modify HTML
application content. (CVE-2014-7948)
Multiple security issues were discovered in Chromium. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to read uninitialized memory, cause a denial
of service via application crash or execute arbitrary code with the
privileges of the user invoking the program. (CVE-2015-1205)
Multiple security issues were discovered in V8. If a user were tricked
in to opening a specially crafted website, an attacker could potentially
exploit these to read uninitialized memory, cause a denial of service via
renderer crash or execute arbitrary code with the privileges of the
sandboxed render process. (CVE-2015-1346)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.10:
liboxideqtcore0 1.4.2-0ubuntu0.14.10.1
oxideqt-codecs 1.4.2-0ubuntu0.14.10.1
oxideqt-codecs-extra 1.4.2-0ubuntu0.14.10.1
Ubuntu 14.04 LTS:
liboxideqtcore0 1.4.2-0ubuntu0.14.04.1
oxideqt-codecs 1.4.2-0ubuntu0.14.04.1
oxideqt-codecs-extra 1.4.2-0ubuntu0.14.04.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2476-1
CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926,
CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930,
CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934,
CVE-2014-7937, CVE-2014-7938, CVE-2014-7940, CVE-2014-7942,
CVE-2014-7943, CVE-2014-7946, CVE-2014-7948, CVE-2015-1205,
CVE-2015-1346
Package Information:
https://launchpad.net/ubuntu/+source/oxide-qt/1.4.2-0ubuntu0.14.10.1
https://launchpad.net/ubuntu/+source/oxide-qt/1.4.2-0ubuntu0.14.04.1
[CentOS-announce] CESA-2015:C001 CentOS 6 boost Bugfix Update
CentOS Errata and BugFix Advisory 2015:C001
Upstream details at : http://bugs.centos.org/view.php?id=8117
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
6044ee7a7863e087a32391c31d94e030abf7d6d5d74dff8a6bd96cd32c5c63ca boost-1.41.0-25.el6.centos.i686.rpm
bff46f66bdf08d7af49f2579070a2986489f4d0cf2fc50fbefb1db1bbf8b4b44 boost-date-time-1.41.0-25.el6.centos.i686.rpm
a98e0eee6562a62a9faa4bb35af33baa8605f55ea5d6f60f3474db067658004c boost-devel-1.41.0-25.el6.centos.i686.rpm
4703a894eacfb5457c7c75afa21270215772d9c1c61599f203bb8e2c84d0a7a2 boost-doc-1.41.0-25.el6.centos.i686.rpm
59d70f7c8445b38f096d7da99a457a707dc222f32458341513161de0558d8f66 boost-filesystem-1.41.0-25.el6.centos.i686.rpm
9ff07e5431c6b441f75d75f49ad8de98b58cfbcd7313fcdf1d9a748acb5cac4d boost-graph-1.41.0-25.el6.centos.i686.rpm
1236439492e10f87a653a0bcbfb586489ef26a889daee4a5725006963bac942f boost-graph-mpich-1.41.0-25.el6.centos.i686.rpm
7e1b63820423893fea7fe878a6192b316ce21e0c3fb688791fbe97a66ce9ab9a boost-graph-openmpi-1.41.0-25.el6.centos.i686.rpm
89c9f6f5c2efa34deabec09fcde997a2153e85b919f559fce4497da48bfd5526 boost-iostreams-1.41.0-25.el6.centos.i686.rpm
c4c1e8d676e00a0b802b6d02a2cd306109758b375eed4524689ee2d03e5021e8 boost-math-1.41.0-25.el6.centos.i686.rpm
b7680e21976304879f8fff0f348f875b5d01167240f5cd885b7ea0674c35b144 boost-mpich-1.41.0-25.el6.centos.i686.rpm
bc23cf70300d7350f52ae99e06cf51c2a7ca3b9e3ba8d09572429e3ab2de8f08 boost-mpich-devel-1.41.0-25.el6.centos.i686.rpm
495a81eb57547558548ce44a3bace668593891326ea5aa8e23a0522b62d06346 boost-mpich-python-1.41.0-25.el6.centos.i686.rpm
06995f61b0e2ed4bd009a0e1e7137afc91568907265acf31e15c5bd7dd2659af boost-openmpi-1.41.0-25.el6.centos.i686.rpm
a88b5b6c95d242765b52107be4ea1343ae94cf3cc684b915ca0eb8038424c316 boost-openmpi-devel-1.41.0-25.el6.centos.i686.rpm
a7cc5758b88a02a6a8a16a785e45c1246134d4266b3bdcc0954069efa681861c boost-openmpi-python-1.41.0-25.el6.centos.i686.rpm
383821a09269f59b4a2eed1c7ddbef14de9efb802dad465a23247446a6472cfc boost-program-options-1.41.0-25.el6.centos.i686.rpm
c3274326c0fd0c73248a51fcae954e2505382cb30e0ed8a006e7c464d06e23b9 boost-python-1.41.0-25.el6.centos.i686.rpm
3e868c4d33b3700511ecfe3c5c573c524796d5d2ea7567e7e78c851a68e1b724 boost-regex-1.41.0-25.el6.centos.i686.rpm
20b99b44519954028f74fade095aba484092e91c392244db15eadb048eac0199 boost-serialization-1.41.0-25.el6.centos.i686.rpm
fc995f4d57c0c6430366a90d47aa0bae96483977f3fc56183f8d9f0ee83a78fd boost-signals-1.41.0-25.el6.centos.i686.rpm
7d4f1cbc257b3062ae29d6a04387ced7e9f6167601cb41b7ba237a996cf90d1e boost-static-1.41.0-25.el6.centos.i686.rpm
6b1c61b5032dc2315c787ace884e64fbf2a87256d029643afd6ee5027a57b9f5 boost-system-1.41.0-25.el6.centos.i686.rpm
54c59cf3aaa718c2ceff96629982dc7260688f8a1b85a2ee4dac2f671d244367 boost-test-1.41.0-25.el6.centos.i686.rpm
132874e4afbeae657762f0efa7d9904a37fd4a1f6ca70e183b017ed723744372 boost-thread-1.41.0-25.el6.centos.i686.rpm
10f4479916e901578d448e818b9982a294023dbf77eba33fb5ecae23e16f0db4 boost-wave-1.41.0-25.el6.centos.i686.rpm
x86_64:
80f8e8a1f9269a1b33a536097db8f44f531a47268341d799f7a61c6abc28a3f7 boost-1.41.0-25.el6.centos.x86_64.rpm
bff46f66bdf08d7af49f2579070a2986489f4d0cf2fc50fbefb1db1bbf8b4b44 boost-date-time-1.41.0-25.el6.centos.i686.rpm
5e15947023016feab3051729559bfb5d07ceba8f17cf0cda72bd1dbca08313b3 boost-date-time-1.41.0-25.el6.centos.x86_64.rpm
a98e0eee6562a62a9faa4bb35af33baa8605f55ea5d6f60f3474db067658004c boost-devel-1.41.0-25.el6.centos.i686.rpm
94204ecd50d31518d372c7305a48b0bc93a2c410135a61b77f1dc083dd6f898c boost-devel-1.41.0-25.el6.centos.x86_64.rpm
b9c47962055ea82df305a131653b4089f8303678980746567b7879315b494372 boost-doc-1.41.0-25.el6.centos.x86_64.rpm
59d70f7c8445b38f096d7da99a457a707dc222f32458341513161de0558d8f66 boost-filesystem-1.41.0-25.el6.centos.i686.rpm
277295739bff9dcf391ade497c8af89723d259c5db51f65a8bb55e0c7a1d0bea boost-filesystem-1.41.0-25.el6.centos.x86_64.rpm
9ff07e5431c6b441f75d75f49ad8de98b58cfbcd7313fcdf1d9a748acb5cac4d boost-graph-1.41.0-25.el6.centos.i686.rpm
94df2c022340e5ad62722dadbc0f2cbe82f440387a8f73047aef888c55004314 boost-graph-1.41.0-25.el6.centos.x86_64.rpm
1236439492e10f87a653a0bcbfb586489ef26a889daee4a5725006963bac942f boost-graph-mpich-1.41.0-25.el6.centos.i686.rpm
3954077118183281c894ff223ab14e54c23da1b51df3bbf87b8adb6441d9da58 boost-graph-mpich-1.41.0-25.el6.centos.x86_64.rpm
b1467b823b386ac7a5773cd71e1679d775469eab7fdd138a313779f1010efce3 boost-graph-openmpi-1.41.0-25.el6.centos.x86_64.rpm
89c9f6f5c2efa34deabec09fcde997a2153e85b919f559fce4497da48bfd5526 boost-iostreams-1.41.0-25.el6.centos.i686.rpm
839f3dc455ca95554329de5d343d91b0bc99ad4b11e0ce448b0ed9f72d0fe7d0 boost-iostreams-1.41.0-25.el6.centos.x86_64.rpm
c4c1e8d676e00a0b802b6d02a2cd306109758b375eed4524689ee2d03e5021e8 boost-math-1.41.0-25.el6.centos.i686.rpm
40e0dc74f9db523a5d9387577ae0509a6177df691f90c3c3a96ea31ee0c26e34 boost-math-1.41.0-25.el6.centos.x86_64.rpm
b7680e21976304879f8fff0f348f875b5d01167240f5cd885b7ea0674c35b144 boost-mpich-1.41.0-25.el6.centos.i686.rpm
7bc206968de4b9eb6ce5e034f8b24820a73ada391ee41ffcc978a32fb7752e77 boost-mpich-1.41.0-25.el6.centos.x86_64.rpm
bc23cf70300d7350f52ae99e06cf51c2a7ca3b9e3ba8d09572429e3ab2de8f08 boost-mpich-devel-1.41.0-25.el6.centos.i686.rpm
64968bfa5d9fe9e6defdc53fb4f801a8f0f5a58c20561c9a0827936a98f990f5 boost-mpich-devel-1.41.0-25.el6.centos.x86_64.rpm
495a81eb57547558548ce44a3bace668593891326ea5aa8e23a0522b62d06346 boost-mpich-python-1.41.0-25.el6.centos.i686.rpm
cceca1692f653c3273267e830ae78cc695182b869fa4e3605f49e82e3ec3859b boost-mpich-python-1.41.0-25.el6.centos.x86_64.rpm
34079acfce3f8ff1a400bfb5cbbe6a76febef015abd359074747d71f4f6e7a00 boost-openmpi-1.41.0-25.el6.centos.x86_64.rpm
cb53d574c86d6baf1095882c223838995f997acb2eae4b86e2988a4ffaacf797 boost-openmpi-devel-1.41.0-25.el6.centos.x86_64.rpm
d617f0bc5c87c40247b30322f0da3ee0e99b468ef16783a16e319bf10948d819 boost-openmpi-python-1.41.0-25.el6.centos.x86_64.rpm
383821a09269f59b4a2eed1c7ddbef14de9efb802dad465a23247446a6472cfc boost-program-options-1.41.0-25.el6.centos.i686.rpm
2ede0e11e914cd26cb0f48dbcd5991e490d3a1305d1978e71ab6273cfc1709ad boost-program-options-1.41.0-25.el6.centos.x86_64.rpm
c3274326c0fd0c73248a51fcae954e2505382cb30e0ed8a006e7c464d06e23b9 boost-python-1.41.0-25.el6.centos.i686.rpm
41de8a5c1f24897555315cec4d6e281463bcf1e0c526b4acba6491424c360b21 boost-python-1.41.0-25.el6.centos.x86_64.rpm
3e868c4d33b3700511ecfe3c5c573c524796d5d2ea7567e7e78c851a68e1b724 boost-regex-1.41.0-25.el6.centos.i686.rpm
ba5d04db023eeae3c417b12281f05bb6c725c47d2beffd09a4a66d957c0e5668 boost-regex-1.41.0-25.el6.centos.x86_64.rpm
20b99b44519954028f74fade095aba484092e91c392244db15eadb048eac0199 boost-serialization-1.41.0-25.el6.centos.i686.rpm
dfd5ade6c63ef8584d8ea90838d96dbff02820c9f407ef4018bf36b2687741a2 boost-serialization-1.41.0-25.el6.centos.x86_64.rpm
fc995f4d57c0c6430366a90d47aa0bae96483977f3fc56183f8d9f0ee83a78fd boost-signals-1.41.0-25.el6.centos.i686.rpm
bd5734bca19a5f2e61f92a36a08a59c75c178619a9dac1a9165515a6fc7e50a1 boost-signals-1.41.0-25.el6.centos.x86_64.rpm
48396350c4e2bac0182051b30027d7e72cf837213366f22a2bcfd7d4e942e54c boost-static-1.41.0-25.el6.centos.x86_64.rpm
6b1c61b5032dc2315c787ace884e64fbf2a87256d029643afd6ee5027a57b9f5 boost-system-1.41.0-25.el6.centos.i686.rpm
25dc40e35c587bce397433f78b344ef4c2d51a3526f691ccd8054db1ad5ecdff boost-system-1.41.0-25.el6.centos.x86_64.rpm
54c59cf3aaa718c2ceff96629982dc7260688f8a1b85a2ee4dac2f671d244367 boost-test-1.41.0-25.el6.centos.i686.rpm
94adefbfd4999c475688324630eac915d7b9eac9f80e5c754e8e0d535b8286c0 boost-test-1.41.0-25.el6.centos.x86_64.rpm
132874e4afbeae657762f0efa7d9904a37fd4a1f6ca70e183b017ed723744372 boost-thread-1.41.0-25.el6.centos.i686.rpm
2e87a5a79d68e16fca038b790aa735c7d23a74b4571bd3da29786bd5328c2e50 boost-thread-1.41.0-25.el6.centos.x86_64.rpm
10f4479916e901578d448e818b9982a294023dbf77eba33fb5ecae23e16f0db4 boost-wave-1.41.0-25.el6.centos.i686.rpm
bdf79d7041394fdb224fd1e50771f443f1395d4176b571c51b8af45be4668c6e boost-wave-1.41.0-25.el6.centos.x86_64.rpm
Source:
16cc2afe5508f4be9fdedf9c0b421a85b96386638bc61afb4dab8f3cbec51aae boost-1.41.0-25.el6.centos.src.rpm
NOTE: This is a rebuild of the boost-1.41.0-25.el6.centos.src.rpm SRPM to fix CentOS bug 8117 ...
there is no modification to the actual source code, just needed to be built
against the older (Version from CentOS-6.5 cmake) to match the way it was
built in RHEL 6.6.
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : http://bugs.centos.org/view.php?id=8117
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
6044ee7a7863e087a32391c31d94e030abf7d6d5d74dff8a6bd96cd32c5c63ca boost-1.41.0-25.el6.centos.i686.rpm
bff46f66bdf08d7af49f2579070a2986489f4d0cf2fc50fbefb1db1bbf8b4b44 boost-date-time-1.41.0-25.el6.centos.i686.rpm
a98e0eee6562a62a9faa4bb35af33baa8605f55ea5d6f60f3474db067658004c boost-devel-1.41.0-25.el6.centos.i686.rpm
4703a894eacfb5457c7c75afa21270215772d9c1c61599f203bb8e2c84d0a7a2 boost-doc-1.41.0-25.el6.centos.i686.rpm
59d70f7c8445b38f096d7da99a457a707dc222f32458341513161de0558d8f66 boost-filesystem-1.41.0-25.el6.centos.i686.rpm
9ff07e5431c6b441f75d75f49ad8de98b58cfbcd7313fcdf1d9a748acb5cac4d boost-graph-1.41.0-25.el6.centos.i686.rpm
1236439492e10f87a653a0bcbfb586489ef26a889daee4a5725006963bac942f boost-graph-mpich-1.41.0-25.el6.centos.i686.rpm
7e1b63820423893fea7fe878a6192b316ce21e0c3fb688791fbe97a66ce9ab9a boost-graph-openmpi-1.41.0-25.el6.centos.i686.rpm
89c9f6f5c2efa34deabec09fcde997a2153e85b919f559fce4497da48bfd5526 boost-iostreams-1.41.0-25.el6.centos.i686.rpm
c4c1e8d676e00a0b802b6d02a2cd306109758b375eed4524689ee2d03e5021e8 boost-math-1.41.0-25.el6.centos.i686.rpm
b7680e21976304879f8fff0f348f875b5d01167240f5cd885b7ea0674c35b144 boost-mpich-1.41.0-25.el6.centos.i686.rpm
bc23cf70300d7350f52ae99e06cf51c2a7ca3b9e3ba8d09572429e3ab2de8f08 boost-mpich-devel-1.41.0-25.el6.centos.i686.rpm
495a81eb57547558548ce44a3bace668593891326ea5aa8e23a0522b62d06346 boost-mpich-python-1.41.0-25.el6.centos.i686.rpm
06995f61b0e2ed4bd009a0e1e7137afc91568907265acf31e15c5bd7dd2659af boost-openmpi-1.41.0-25.el6.centos.i686.rpm
a88b5b6c95d242765b52107be4ea1343ae94cf3cc684b915ca0eb8038424c316 boost-openmpi-devel-1.41.0-25.el6.centos.i686.rpm
a7cc5758b88a02a6a8a16a785e45c1246134d4266b3bdcc0954069efa681861c boost-openmpi-python-1.41.0-25.el6.centos.i686.rpm
383821a09269f59b4a2eed1c7ddbef14de9efb802dad465a23247446a6472cfc boost-program-options-1.41.0-25.el6.centos.i686.rpm
c3274326c0fd0c73248a51fcae954e2505382cb30e0ed8a006e7c464d06e23b9 boost-python-1.41.0-25.el6.centos.i686.rpm
3e868c4d33b3700511ecfe3c5c573c524796d5d2ea7567e7e78c851a68e1b724 boost-regex-1.41.0-25.el6.centos.i686.rpm
20b99b44519954028f74fade095aba484092e91c392244db15eadb048eac0199 boost-serialization-1.41.0-25.el6.centos.i686.rpm
fc995f4d57c0c6430366a90d47aa0bae96483977f3fc56183f8d9f0ee83a78fd boost-signals-1.41.0-25.el6.centos.i686.rpm
7d4f1cbc257b3062ae29d6a04387ced7e9f6167601cb41b7ba237a996cf90d1e boost-static-1.41.0-25.el6.centos.i686.rpm
6b1c61b5032dc2315c787ace884e64fbf2a87256d029643afd6ee5027a57b9f5 boost-system-1.41.0-25.el6.centos.i686.rpm
54c59cf3aaa718c2ceff96629982dc7260688f8a1b85a2ee4dac2f671d244367 boost-test-1.41.0-25.el6.centos.i686.rpm
132874e4afbeae657762f0efa7d9904a37fd4a1f6ca70e183b017ed723744372 boost-thread-1.41.0-25.el6.centos.i686.rpm
10f4479916e901578d448e818b9982a294023dbf77eba33fb5ecae23e16f0db4 boost-wave-1.41.0-25.el6.centos.i686.rpm
x86_64:
80f8e8a1f9269a1b33a536097db8f44f531a47268341d799f7a61c6abc28a3f7 boost-1.41.0-25.el6.centos.x86_64.rpm
bff46f66bdf08d7af49f2579070a2986489f4d0cf2fc50fbefb1db1bbf8b4b44 boost-date-time-1.41.0-25.el6.centos.i686.rpm
5e15947023016feab3051729559bfb5d07ceba8f17cf0cda72bd1dbca08313b3 boost-date-time-1.41.0-25.el6.centos.x86_64.rpm
a98e0eee6562a62a9faa4bb35af33baa8605f55ea5d6f60f3474db067658004c boost-devel-1.41.0-25.el6.centos.i686.rpm
94204ecd50d31518d372c7305a48b0bc93a2c410135a61b77f1dc083dd6f898c boost-devel-1.41.0-25.el6.centos.x86_64.rpm
b9c47962055ea82df305a131653b4089f8303678980746567b7879315b494372 boost-doc-1.41.0-25.el6.centos.x86_64.rpm
59d70f7c8445b38f096d7da99a457a707dc222f32458341513161de0558d8f66 boost-filesystem-1.41.0-25.el6.centos.i686.rpm
277295739bff9dcf391ade497c8af89723d259c5db51f65a8bb55e0c7a1d0bea boost-filesystem-1.41.0-25.el6.centos.x86_64.rpm
9ff07e5431c6b441f75d75f49ad8de98b58cfbcd7313fcdf1d9a748acb5cac4d boost-graph-1.41.0-25.el6.centos.i686.rpm
94df2c022340e5ad62722dadbc0f2cbe82f440387a8f73047aef888c55004314 boost-graph-1.41.0-25.el6.centos.x86_64.rpm
1236439492e10f87a653a0bcbfb586489ef26a889daee4a5725006963bac942f boost-graph-mpich-1.41.0-25.el6.centos.i686.rpm
3954077118183281c894ff223ab14e54c23da1b51df3bbf87b8adb6441d9da58 boost-graph-mpich-1.41.0-25.el6.centos.x86_64.rpm
b1467b823b386ac7a5773cd71e1679d775469eab7fdd138a313779f1010efce3 boost-graph-openmpi-1.41.0-25.el6.centos.x86_64.rpm
89c9f6f5c2efa34deabec09fcde997a2153e85b919f559fce4497da48bfd5526 boost-iostreams-1.41.0-25.el6.centos.i686.rpm
839f3dc455ca95554329de5d343d91b0bc99ad4b11e0ce448b0ed9f72d0fe7d0 boost-iostreams-1.41.0-25.el6.centos.x86_64.rpm
c4c1e8d676e00a0b802b6d02a2cd306109758b375eed4524689ee2d03e5021e8 boost-math-1.41.0-25.el6.centos.i686.rpm
40e0dc74f9db523a5d9387577ae0509a6177df691f90c3c3a96ea31ee0c26e34 boost-math-1.41.0-25.el6.centos.x86_64.rpm
b7680e21976304879f8fff0f348f875b5d01167240f5cd885b7ea0674c35b144 boost-mpich-1.41.0-25.el6.centos.i686.rpm
7bc206968de4b9eb6ce5e034f8b24820a73ada391ee41ffcc978a32fb7752e77 boost-mpich-1.41.0-25.el6.centos.x86_64.rpm
bc23cf70300d7350f52ae99e06cf51c2a7ca3b9e3ba8d09572429e3ab2de8f08 boost-mpich-devel-1.41.0-25.el6.centos.i686.rpm
64968bfa5d9fe9e6defdc53fb4f801a8f0f5a58c20561c9a0827936a98f990f5 boost-mpich-devel-1.41.0-25.el6.centos.x86_64.rpm
495a81eb57547558548ce44a3bace668593891326ea5aa8e23a0522b62d06346 boost-mpich-python-1.41.0-25.el6.centos.i686.rpm
cceca1692f653c3273267e830ae78cc695182b869fa4e3605f49e82e3ec3859b boost-mpich-python-1.41.0-25.el6.centos.x86_64.rpm
34079acfce3f8ff1a400bfb5cbbe6a76febef015abd359074747d71f4f6e7a00 boost-openmpi-1.41.0-25.el6.centos.x86_64.rpm
cb53d574c86d6baf1095882c223838995f997acb2eae4b86e2988a4ffaacf797 boost-openmpi-devel-1.41.0-25.el6.centos.x86_64.rpm
d617f0bc5c87c40247b30322f0da3ee0e99b468ef16783a16e319bf10948d819 boost-openmpi-python-1.41.0-25.el6.centos.x86_64.rpm
383821a09269f59b4a2eed1c7ddbef14de9efb802dad465a23247446a6472cfc boost-program-options-1.41.0-25.el6.centos.i686.rpm
2ede0e11e914cd26cb0f48dbcd5991e490d3a1305d1978e71ab6273cfc1709ad boost-program-options-1.41.0-25.el6.centos.x86_64.rpm
c3274326c0fd0c73248a51fcae954e2505382cb30e0ed8a006e7c464d06e23b9 boost-python-1.41.0-25.el6.centos.i686.rpm
41de8a5c1f24897555315cec4d6e281463bcf1e0c526b4acba6491424c360b21 boost-python-1.41.0-25.el6.centos.x86_64.rpm
3e868c4d33b3700511ecfe3c5c573c524796d5d2ea7567e7e78c851a68e1b724 boost-regex-1.41.0-25.el6.centos.i686.rpm
ba5d04db023eeae3c417b12281f05bb6c725c47d2beffd09a4a66d957c0e5668 boost-regex-1.41.0-25.el6.centos.x86_64.rpm
20b99b44519954028f74fade095aba484092e91c392244db15eadb048eac0199 boost-serialization-1.41.0-25.el6.centos.i686.rpm
dfd5ade6c63ef8584d8ea90838d96dbff02820c9f407ef4018bf36b2687741a2 boost-serialization-1.41.0-25.el6.centos.x86_64.rpm
fc995f4d57c0c6430366a90d47aa0bae96483977f3fc56183f8d9f0ee83a78fd boost-signals-1.41.0-25.el6.centos.i686.rpm
bd5734bca19a5f2e61f92a36a08a59c75c178619a9dac1a9165515a6fc7e50a1 boost-signals-1.41.0-25.el6.centos.x86_64.rpm
48396350c4e2bac0182051b30027d7e72cf837213366f22a2bcfd7d4e942e54c boost-static-1.41.0-25.el6.centos.x86_64.rpm
6b1c61b5032dc2315c787ace884e64fbf2a87256d029643afd6ee5027a57b9f5 boost-system-1.41.0-25.el6.centos.i686.rpm
25dc40e35c587bce397433f78b344ef4c2d51a3526f691ccd8054db1ad5ecdff boost-system-1.41.0-25.el6.centos.x86_64.rpm
54c59cf3aaa718c2ceff96629982dc7260688f8a1b85a2ee4dac2f671d244367 boost-test-1.41.0-25.el6.centos.i686.rpm
94adefbfd4999c475688324630eac915d7b9eac9f80e5c754e8e0d535b8286c0 boost-test-1.41.0-25.el6.centos.x86_64.rpm
132874e4afbeae657762f0efa7d9904a37fd4a1f6ca70e183b017ed723744372 boost-thread-1.41.0-25.el6.centos.i686.rpm
2e87a5a79d68e16fca038b790aa735c7d23a74b4571bd3da29786bd5328c2e50 boost-thread-1.41.0-25.el6.centos.x86_64.rpm
10f4479916e901578d448e818b9982a294023dbf77eba33fb5ecae23e16f0db4 boost-wave-1.41.0-25.el6.centos.i686.rpm
bdf79d7041394fdb224fd1e50771f443f1395d4176b571c51b8af45be4668c6e boost-wave-1.41.0-25.el6.centos.x86_64.rpm
Source:
16cc2afe5508f4be9fdedf9c0b421a85b96386638bc61afb4dab8f3cbec51aae boost-1.41.0-25.el6.centos.src.rpm
NOTE: This is a rebuild of the boost-1.41.0-25.el6.centos.src.rpm SRPM to fix CentOS bug 8117 ...
there is no modification to the actual source code, just needed to be built
against the older (Version from CentOS-6.5 cmake) to match the way it was
built in RHEL 6.6.
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2015:0083 CentOS 6 dhcp BugFix Update
CentOS Errata and Bugfix Advisory 2015:0083
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0083.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
26568e6ea4be3e49429463f2155d88d75bf3632ba22ff52ae7f558623d9f56cc dhclient-4.1.1-43.P1.el6.centos.1.i686.rpm
55dca66705701a819a6e752ca8513ccecd74cfef038e7c673e5cb89ca2d576c5 dhcp-4.1.1-43.P1.el6.centos.1.i686.rpm
7178b03a5f4a40a537c56a606576f9f772b6b85e54de130004129a1195f439cb dhcp-common-4.1.1-43.P1.el6.centos.1.i686.rpm
03c772c1c8bfab34a0526c3d9109da74051e1ff665cc34859c6593724a47d9b2 dhcp-devel-4.1.1-43.P1.el6.centos.1.i686.rpm
x86_64:
62ea2a3ecede028d1fe12f8ff5fd5aaab093b35f48bd730f529001d633e46005 dhclient-4.1.1-43.P1.el6.centos.1.x86_64.rpm
a900a3114d0587de7f6559a7e4616372dab10dbb403c1728beb88d5a007d8655 dhcp-4.1.1-43.P1.el6.centos.1.x86_64.rpm
7511b8f60ea733a9e6799cb8ae189b8bc7efddb8f69328aa03ccf0b71fc13c2b dhcp-common-4.1.1-43.P1.el6.centos.1.x86_64.rpm
03c772c1c8bfab34a0526c3d9109da74051e1ff665cc34859c6593724a47d9b2 dhcp-devel-4.1.1-43.P1.el6.centos.1.i686.rpm
0b61842a4964ccb4ed2235ce3638cff659c7e5a1e8e5388cf58ae46672af21ba dhcp-devel-4.1.1-43.P1.el6.centos.1.x86_64.rpm
Source:
07ad93348d57a1aca3369584148922bb00bccaba9e5659691f3270e6c7522ff0 dhcp-4.1.1-43.P1.el6.centos.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0083.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
26568e6ea4be3e49429463f2155d88d75bf3632ba22ff52ae7f558623d9f56cc dhclient-4.1.1-43.P1.el6.centos.1.i686.rpm
55dca66705701a819a6e752ca8513ccecd74cfef038e7c673e5cb89ca2d576c5 dhcp-4.1.1-43.P1.el6.centos.1.i686.rpm
7178b03a5f4a40a537c56a606576f9f772b6b85e54de130004129a1195f439cb dhcp-common-4.1.1-43.P1.el6.centos.1.i686.rpm
03c772c1c8bfab34a0526c3d9109da74051e1ff665cc34859c6593724a47d9b2 dhcp-devel-4.1.1-43.P1.el6.centos.1.i686.rpm
x86_64:
62ea2a3ecede028d1fe12f8ff5fd5aaab093b35f48bd730f529001d633e46005 dhclient-4.1.1-43.P1.el6.centos.1.x86_64.rpm
a900a3114d0587de7f6559a7e4616372dab10dbb403c1728beb88d5a007d8655 dhcp-4.1.1-43.P1.el6.centos.1.x86_64.rpm
7511b8f60ea733a9e6799cb8ae189b8bc7efddb8f69328aa03ccf0b71fc13c2b dhcp-common-4.1.1-43.P1.el6.centos.1.x86_64.rpm
03c772c1c8bfab34a0526c3d9109da74051e1ff665cc34859c6593724a47d9b2 dhcp-devel-4.1.1-43.P1.el6.centos.1.i686.rpm
0b61842a4964ccb4ed2235ce3638cff659c7e5a1e8e5388cf58ae46672af21ba dhcp-devel-4.1.1-43.P1.el6.centos.1.x86_64.rpm
Source:
07ad93348d57a1aca3369584148922bb00bccaba9e5659691f3270e6c7522ff0 dhcp-4.1.1-43.P1.el6.centos.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Subscribe to:
Posts (Atom)