reallost1.fbsd2233449:如何制定谈判计划？

                        降低采购成本与供应商谈判技巧

---

时间地点： 2015年12月5-6日广州  2016年1月6-7日上海  2016年1月16-17日深圳

---

参加对象： 高层管理者、采购、品管、物流、财务等部门及其他相关部门的职业经理。

---

学习费用： 3200元/2天/1人（含课程讲义、午餐、茶点等）

---

垂·询·热·线：上海：021-31006787，北京：010-5129-9910 深圳：0755-6128-0006

---

QQ/微信:320588808            值·班·手·机：189-17870808     许先生

注：如不需此类信件信息，请转发送"删除"至wytuixin@163.com,我们会及时处理，打扰之处，请您的理解。

课程背景：
　　在当前经济环境下，如何降低采购的各项成本？采购管理的绩效考核目标有哪些？我方的要求过多或过高会怎样？怎样分析供应商给我们的报价? 企业招投标与政府招投标有何区别?如何提高采购谈判的实效性?如何控制原材料的库存?

培训收益：
* 如何设定采购管理的绩效目标？ 
* 如何制订采购成本预算？
* 如何避免不必要的采购成本？
* 如何分析供应商的报价？
* 采购谈判的挑战是什么？
* 如何制定谈判计划？
* 如何与不同性格的人谈判？
* 如何降低采购物品的库存成本？
* 如何通过招投标进行有效的"砍价"？

讲师介绍：【张仲豪】
教育背景：
　　张老师是改革开放后早期海归派讲师。1986 年获美国 Gerber公司的奖学金赴美国密西州立大学(MichiganState University )留学，硕士学位。毕业后,受聘于美国Heinz(亨氏)集团公司。

工作经历:
张老师曾先后受聘于美国亨氏公司、英国联合饼干公司、美国美赞臣公司等，曾任美赞臣公司的技术及运作总监。从2000年开始,张老师开始自己创业,从事于多行业的经营管理。所以,张老师既有世界500强 企业职业经理人的丰富阅历,又有作为企业老板的心得 体会。在二十多年的职业生涯中，张老师曾接受过各种国际国内的职业培训。曾赴加拿大、美国、英国、新加坡、泰国、菲律宾、马来西亚等国考察学习。

主讲课程:
降低采购成本及供应商谈判技巧
采购流程优化及供应商评估与管理
高效仓储管理与工厂物料配送
现代企业物流及供应链优化实战
PMC管理-生产计划、订单管理与库存控制
需求预测与库存控制

授课风格:
* 富有很强的激情, 风趣、幽默, 现场感染力强
* 采用循序渐进、深入浅出的教学方式、丰富生动的实战案例，帮助学员拓宽视野，提高思维能力，掌握相关的方法和工具
* 课件设计力求深度，实用、案例多为工具性案例,有很强的实操性。课程内容跨度大,尽量吸取各个行业的精粹，具有高度的浓缩性。

课程大纲：
第一讲：如何设定采购管理的绩效目标？
采购管理的KPI指标有哪些？
各种采购管理的目标差异
采购成本的学习曲线
采购实物与采购服务的顺序区别
为什么采购成本越来越敏感？
采购成本管理的方法有哪些？
套期保值
如何做好采购供应商的管理？
完整的采购管理体系
第二讲：如何编制采购成本预算？
公司财务预算的五大内容
费用预算的四套方法
如何控制运作性采购的固定预算
零基预算与增量预算
什么是概率预算
影响采购预算准确性的六大因素
公司如何设定采购预算的考核目标
什么是多品复合预算？
如何获取行情价格信息？
网络搜索的四大途径
如何提高百度等搜索的效率？
什么是系统性搜索
什么是垂直搜索
采购职场论坛
B to B 网站一览表
有效利用价格预测的专业网站
第三讲：如何避免不必要的采购成本？
采购的权力有多大？
如何让各部门配合
如何避免不必要的采购成本？
案例分析
第四讲：如何分析供应商的报价？
第一节：供应商们是如何定价？
产品价格是怎样定出来的？
什么是行情定价法?
什么是价值定价法？
价值定价法如何定价
成本定价法如何定价
什么是边际成本定价法
什么是变动成本与固定成本
什么是边际贡献
边际成本定价法对采购的启发
什么是目标收益定价法
目标收益定价法的采购启发
企业类型不同对成本定价法的影响
生产厂家的四种供应链类型
四种供应链类型的定价
代工企业的成本定价法
代工企业成本定价法的采购要点
什么是"按生产时间分摊"?
商贸型企业的定价特点
商贸型商品的五大分类
商贸产品分类的采购启
第二节：如何分析供应商的报价？
供应商的两种报价形式
消耗性产品成本明细表
资产性产品成本明细表
资产型采购的三种形式
为什么我们租而不买？
可租赁的领域
为什么要外包？
服务性供应商如何报价
第五讲：影响采购谈判效果的因素有哪些？
各种谈判的比较
立场性谈判与利益性谈判的比较
何为"公平"
何为双赢
采购谈判的KPI指标有哪些
采购谈判的基本流程
哪些因素对我的谈判能力影响较大
性格的四种类型
性格的组合特征
性格与职业
性格的匹配性
性格与谈判
您最容易和最不容易相处的谈判对手
四种谈判对手的特点有哪些
如何克服自身的弱点
第六讲：如何制定谈判的计划？
即兴性谈判与计划性谈判
制定谈判计划的七大步骤
第一步：双方意向的明确
第二步：双方差异的分析
第三步：各项分歧的重要性评分
第四步：设定各项分歧的谈判目标
第五步：各谈判目标的策略定性
第六步：谈判方式的确定
第七步：小组成员的分工
第七讲：如何实施有效的谈判？
开场开得如何
整个谈判的掌控如何
哪种砍价方式更好
哪种谈判形式容易出问题
如何做好电话谈判
为什么我方会弱势？
我方为弱势怎么谈
什么是分阶段蚕食
分阶段蚕食的策略步骤
如何提升说服力
第三方的参考依据
如何提高谈判时的沟通实效
我们会问问题吗
如何问问题吗
反驳对方的几种方式
沟通的禁忌
对方忽悠我怎么谈
如何挽回失误（失口）
出现僵局怎么谈
谈判结束时怎么办
如何与不同的对象谈判
采购谈判的'降龙十九掌'
第一：试探计
第二：声东击西计
第三：强人所难计
第四：换位思考计
第五：巧立名目计
第六：先轻后重计
第七：档箭牌计
第八：顺手牵羊计
第九：激将计
第十：限定选择计
第十一：人情计
第十二：小圈密谈计
第十三：奉送选择权计
第十四：以静制动计
第十五：车轮计
第十六：挤牙膏计
第十七：欲擒故纵计
第十八：告将计
第十九：红脸与白脸
第八讲：如何降低采购物品的库存成本？
第一节：库存管理的挑战是什么？
我们为什么要备库存
库存过高的缺点有哪些
财务管理的三张表
占用大量资金的后果
企业老总对库存管理的要求有哪些
衡量库存是否积压的指标有哪些
库存周转率的几种算法
如何计算某单品在单库的周转率
如何计算公司总库存的周转率
造成公司总库存缓慢的因素有哪些
库存周转率太快的缺点
第二节：如何合理设置安全库存？
什么是安全库存
决定安全库存量的两大要素
安全库存因子与库存服务水平的关系表
如何计算安全库存管理现状值
如何计算指定送货日期的'订单响应时间'
什么是标准差
什么是正态分布
计算标准差的作用
标准差的计算
如何推算现有库存量时的安全库存量及缺货率
怎样推算不能缺货时的安全库存量
如何减少安全库存量
影响安全库存设置的因素
如何设定安全库存量
如何判断安全库存设定的合理性
第三节：如何做好JIT供应管理？
什么是JIT供应管理
什么是"零库存管理"
JIT供应的三种类型
JIT供应对双方的利与弊
如何有效实施JIT供应方式
第九讲：如何通过招投标进行有效的"砍价"？
企业采购与政府采购的区别
政府采购的管理对象
政府采购的五种形式
什么叫"邀标"
什么情况下应该采用招投标
不同采购的招标特点
如何实施邀请招投标
如何准备招标文件
评标方法有哪些
某公司的评标案例
第二步：计算平均报价值
第三步：计算商务标得分
第四步：计算综合评分值
如何评定技术标
招投标方式的分类
暗标与明标的比较
招标的几种形式
什么是串通投标罪？特征有哪些
如何破解参标者的'不轨'
如何保持投标商的积极性
招标实践中的几个问题
投标保证金与履约保证金

[USN-2821-1] GnuTLS vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJWXLO+AAoJEGVp2FWnRL6Tb/gP+gPd83r8uaB7+M4YYONCPdmH
mpgk+lxK3LXJfv0cZvcjxG+etuqe6K4cg54J6z19hlruAoO8TRH8OExd8LjbYjJo
U1uzB3u0poGpzP11qLLR/PyT3X+T/hajKNaO+9OC4LikRhXfhgtCm/ygWW+vi6qh
iOowjuH6jBDIR10avSck6NQznQL8jnPStG0/2sk07JzgUMMg0H3Ub4E/4ourMSTO
lv6tPtzf3vzmcgDnEWmQ1l8Socf3wXAUIIHqD0WyI5la4KVFjC/nJwkCBSmxYrrw
48phhCNHCZtVI29KSVgCvY0+DW2tGVl6qIBl/+CTVDoPEwEsomQOWwTXZummeJSC
zffDAwt0kY+l4pCLhYoRo1nCMAzc4IrpWHnMkRp6od6B83oOUewHoG0MBjBBY4C4
4jOGXcjXRJTGXvcAURgYfI1PKTBoofn5NyLWH0jcIaczq6FdwEG05DQKrAAoLp2N
VsHjMc+qSxJcwfwFZ5ywRHG6Jos5NzTcguwyMF7AFTP8De6rBPjUL621LOsADOzN
hVElwKmvQ5zlZbpUqBaqsUgLOcjDLdODOYbUae19TkjCnOXF5VRKUwb/nU6oBMYU
3U7FvM5cT+HU4KZusaKuIb4NZSfPE92bnV6ir0gOlg0wQHmLtSe0ukribF/B4BC1
WtL0Xh6gaf3vBBS3lb3v
=hlXu
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2821-1
November 30, 2015

gnutls26 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

GnuTLS could be made to expose sensitive information over the network.

Software Description:
- gnutls26: GNU TLS library

Details:

It was discovered that GnuTLS incorrectly validated the first byte of
padding in CBC modes. A remote attacker could possibly use this issue to
perform a padding oracle attack.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
libgnutls26 2.12.23-12ubuntu2.3

Ubuntu 12.04 LTS:
libgnutls26 2.12.14-5ubuntu3.10

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2821-1
https://launchpad.net/bugs/1510163

Package Information:
https://launchpad.net/ubuntu/+source/gnutls26/2.12.23-12ubuntu2.3
https://launchpad.net/ubuntu/+source/gnutls26/2.12.14-5ubuntu3.10

reallost1.fbsd2233449:您如何看待俄罗斯制裁土耳其

reallost1.fbsd2233449     您好。

附件中的内容希望对您的工作和学习有所帮助

欢迎您的咨询

2015/12/1 星期二%{CURRENT_TI

3z7ubiME}

F24 System Wide Change: Default Local DNS Resolver

= Default Local DNS Resolver =
https://fedoraproject.org/wiki/Changes/Default_Local_DNS_Resolver

Change owner(s):
* P J P <pjp AT fedoraproject DOT org>
* Pavel Šimerda <pavlix AT pavlix DOT net>
* Tomas Hozza <thozza AT redhat DOT com>
* Petr Špaček <pspacek AT redhat DOT com>

Plain DNS protocol is insecure and therefore vulnerable from various
attacks (e.g. cache poisoning). A client can never be sure that there
is no man-in-the-middle, if it does not do the DNSSEC validation
locally.
We want to have Unbound server installed and running on localhost by
default on Fedora systems. Where necessary, have also dnssec-trigger
installed and running by default. Unbound and dnssec-trigger will be
properly integrated with the default network configuration manager
(e.g. NetworkManager for Fedora Server and Workstation) and with the
graphical user interface (especially GNOME). The localhost address
will be the only record in /etc/resolv.conf and no other software
except dnssec-trigger will be allowed to change its content.

== Detailed Description ==
Plain DNS protocol is insecure and therefore vulnerable from various
attacks (e.g. cache poisoning). DNSSEC is a DNS extension which
enabled the client to verify the DNS query response and make sure
there is no attacker to spoof some records. A user connected to
network usually receives a set of resolvers from DHCP, which should be
used for name resolution. These resolvers may also do the DNSSEC
validation. However a client can never be sure that there is no
man-in-the-middle, if it does not do the DNSSEC validation locally.
Purpose of this Fedora change is to have a validating DNS resolver
installed on Fedora systems by default. This includes necessary
discussions, coordination and integration with other components
installed on Fedora by default.

There are growing instances of discussions and debates about the need
for a trusted local validating DNS resolver. There are multiple
reasons for having such a resolver, most importantly security and
usability. Security and protection of user's privacy becomes paramount
with the backdrop of the increasingly snooping governments and service
providers world wide.

People use Fedora on portable/mobile devices which are connected to
diverse networks as and when required. The automatic DNS
configurations provided by these networks are never trustworthy for
DNSSEC validation, as currently there is no way to establish such
trust.

Apart from trust, these name servers are often known to be flaky and
unreliable which only adds to the overall bad and at times even
frustrating user experience. In such a situation, having a trusted
local validating DNS resolver not only makes sense but is, in fact,
badly needed. It has become a need of the hour. (See: [1], [2], [3])

All DNS literature strongly recommends it and amongst all discussions
and debates about the issues involved in establishing such trust, it
is unanimously agreed upon and accepted that having a trusted local
DNS resolver is the best solution possible. It will simplify and
facilitate a lot of other design decisions and application development
in the future. (See: [1], [2], [3])

[1] https://www.ietf.org/mail-archive/web/dane/current/msg06469.html
[2] https://www.ietf.org/mail-archive/web/dane/current/msg06658.html
[3] https://lists.fedoraproject.org/pipermail/devel/2014-April/197755.html

== Scope ==
Proposal owners: Proposal owners shall have to
* define the syntax and semantics for new configuration parameters/files.
* properly document how to test and configure the new default setup
* persuade and coordinate with the other package owners to incorporate
new changes/workflow in their applications.
* discuss with WGs in which products the change makes sense and what
are the expectations of WGs for different Fedora products
* resolve interoperability issues for Docker and other containers use-cases

Other developers: (especially NetworkManager and the likes)
* NetworkManager has to implement notifications on connectivity state changes
* Gnome Shell has to use the connection provided resolvers (fetched
directly from NM) for Hot-Spot login purposes
* Ideally other developers and user should test their software and
application in this setup and verify that it is working as expected

Release engineering:
* Make sure that the necessary packages (dnssec-trigger, unbound) are
part of the composes for the appropriate Fedora Products.
* Add services needed for the setup into the default presets
(dnssec-triggerd.service)

Policies and guidelines:
* Any software, including NetworkManager, will have to be configured
to not tamper with the content of '/etc/resolv.conf' by default. The
connection-provided resolver entries should be stored in a separate
configuration file or in memory and accessible via some API.

--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-announce@lists.fedoraproject.org

Planned Outage: fedorainfracloud.org / copr - 2015-12-01 00:00 UTC

Planned Outage: fedorainfracloud.org / copr - 2015-12-01 00:00 UTC

There will be an outage starting at 2015-12-01 00:00 UTC, which will
last approximately 1 hour.

To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto or run:

date -d '2015-12-01 00:00 UTC'

Reason for outage:

We will be diagnosing and fixing issues in our openstack cloud. This
will result in downtime for any cloud related instances, in particular
copr will be unavailable.

Affected Services:

fedorainfracloud.org copr.fedoraproject.org fedoramagazine.org
taiga.fedorainfracloud.org testdays.fedorainfracloud.org
jenkins.fedorainfracloud.org

various development instances

Contact Information:

Ticket
Link: ​​​https://fedorahosted.org/fedora-infrastructure/ticket/5001

Please join #fedora-admin or #fedora-noc on irc.freenode.net or add
comments to the ticket for this outage above.

[CentOS-announce] Announcing Release for Gluster 3.7 on CentOS Linux 7 x86_64

Over the last few weeks we have been working on getting the repositories
and related bits in place so that the Storage SIG is able to release
Gluster packages for general consumption. I am pleased to announce that
the majority of the requested versions are now available. Users can now
simple install Gluster on CentOS 6 and 7 with only these two commands:

# yum install centos-release-gluster
# yum install glusterfs-server

The centos-release-gluster content comes from the
centos-release-gluster37 package delivered via CentOS Extras repos. This
contains all the metadata and dependancy information, needed to install
Gluster 3.7.

For people looking at running Gluster 3.6, we will soon also release a
centos-release-gluster36 package. In order to get this version,
substitute the step-1 mentioned above with : yum install
centos-release-gluster36. A new announcement will be posted once this
content has been tested and released.

We have a quickstart guide specifically built around the packages we are
releasing today, it makes for a good introduction to Gluster and will
help get you started in just a few simple steps, this quick start is
available at
https://wiki.centos.org/SpecialInterestGroup/Storage/gluster-Quickstart

More details about the packages that the Gluster project provides in the
Storage SIG is available in the documentation:
https://wiki.centos.org/SpecialInterestGroup/Storage/Gluster

The centos-release-gluster* repositories offer additional packages that
enhance the usability of Gluster itself. Users can request additional
tools and applications to be provided, just send us an email with your
suggestions. The current list of packages that is (planned to become)
available can be found here:
https://wiki.centos.org/SpecialInterestGroup/Storage/Gluster/Ecosystem-pkgs

Gluster is the first project that provides packages through the Storage
SIG. Other projects are in the process to do so too. General information
about the SIG can be read in the wiki:
https://wiki.centos.org/SpecialInterestGroup/Storage

We welcome all feedback, comments and contributions. You can get in
touch with the CentOS Storage SIG on the centos-devel mailing list
( https://lists.centos.org ) and with the Gluster developer and user
communities at https://www.gluster.org/mailman/listinfo , we are also
available on irc at #gluster on irc.freenode.net, and on twitter at
@gluster .

Cheers,
Niels de Vos
Storage SIG member & Gluster maintainer

reallost1.fbsd2233449:全面提升档案管理人员有效管理档案和应变管理需求和现场及时更新等的能力和工作效率；

               基于企业知识管理的现代企业全面档案管理实务

【时间地点】 2015年12月11-12日深圳、12月18-19日上海

【参加对象】 档案管理经理及各类档案资料管理人员；工程项目经理及资料员；

                         人事行政财务档案与文控及文秘人员

【课程特点】 理论精讲与实务演练、案例研讨与互动结合；讲师20多年经验分享与辅导，提供实用有效 的模板。

【学习费用】 3600/人，（含课程讲义、午餐、茶点等）

垂询热线：上海：021-3100-6787、北京：010-5129-9910，深圳：0755-6128-0006 

在·线·QQ：3205 88808        189-189-56595    许先生

注：如不需此类信件信息，请转发送"删除"至 wytuixin@163.com,我们会及时处理，谢谢您的理解。

让您的企业知识百分百立方！
让企业文书资料档案、工程档案、工艺技术及人事财务档案更规范专业高效管理！
基于企业知识管理的现代企业全面档案管理实务
                                            ————《企业全面档案管理体系构建实务高级研修班》

课程背景：
    21世纪是一个网络时代，知识管理已经成为现代企业管理的一个战略举措和重要内容。档案管理是知识管理系统的重要基础。然而，常常的事实是：各类资料档案分散、毫无规范、标识不一，归档迟延，查找困难，归档混乱，不断丢失,提取使用无效率等等，为什么？观念缺失？工具方法缺少？流程标准与系统缺乏！本课程旨在通过对档案管理新理念认知，档案管理的工具方法论、流程和操作实务的学习，提升档案管理人员的专业化和职业化素养和档案处理工作效率，为企业建立规范化、科学化的档案管理系统，建立企业知识管理体系打造基础！

培训目标：
系统学习掌握档案管理的全套流程、工具方法与操作实务，通过持续学习和实践，达至：
*  学习掌握知识管理理念，建立知识与档案管理的新思维，提高对现代档案管理的重要性和意义的认知；
*  掌握档案管理规划流程和档案管理职能设计、落实的科学方法，建立高效管理的基础；
*  掌握档案管理规范方法、流程与操作实务标准，提高企业档案的规范化、系统化水平和应用基础；
*  熟练掌握企业档案的识别、收集、标识、分类、立卷、归档、应用、鉴别和销毁的流程和方法，提高企业档案管理的规范水平和管理效率；
*  掌握档案的保护、查阅、使用等操作标准和技巧，提升档案调阅查找准确度和速度与应用效率；
*  全面提升档案管理人员有效管理档案和应变管理需求和现场及时更新等的能力和工作效率；
*  为企业建立规范化、科学化的档案管理系统，建立企业知识管理体系打造基础！

讲师简介：【博文（Bowen）老师】
◎  资深管理咨询师
◎  资深人力资源实战专家
◎  高级会计师
◎  精益管理专家
◎  高级培训师
◎  全球500强企业商学院TOP100培训专家
◎  全国20多家顾问机构签约高级顾问。有20多年的企业管理、管理咨询、教育
     与培训实践经验。专注于企业精益管理与人力资源管理，人才教育培训。

咨询项目背景：
具有跨国IT、电子、汽车零部件、船舶重工、五金家具、胶合板、玩具服装、陶瓷等制造企业及金融证券、服务业、房地产及物业管理、移动通讯等行业企业培训、咨询改善项目经验。

主要课程：
☆  互动式多媒体教学，动感享受
☆  声情并茂，激情演绎
☆  案例分析，现场点评
☆  经验分享，悟道结合
☆  理论与实操结合，实战实用
☆  通俗幽默，趣味生动。

工作背景：
有20多年政府外经贸部门、大型外资（新港台资）企业高管、管理咨询顾问的工作经历，曾任行政财务总监、人力资源总监、教育训练中心负责人、董事长助理、总经理助理、总裁助理。曾任职主要机构：政府外经贸局及国有大型股份、大型港\台\新上市企业，包括：新加坡IPC 集团（ IT 上市）、亿胜集团（新资IT、房产上市）、亿胜生物科技（港资上市）、九龙物业、PTS 集团（台资上市）、MOXELL （摩托罗拉合作
 IT 公司）。

咨询教育训练成功案例：（尚未详列）
平安银行、中铝集团、联想（惠阳）、福建兴业银行、江西电信、常林集团、华润银行、澳银基金、文山移动、名雕集团、银仕来纺织、森大外贸、深圳移动、宝裕玩具、韩通船舶、温氏集团、安吉尔、新兴地产、翔顺集团、广丰卷烟、华忆科技、华兴玻璃、航天金穗、香港华宝、深港驾校、ASK驾校、广仁驾校、活力家具、利合地产、金泰国际、诚业家具、新中源陶瓷、佳兆业地产、玉柴LT汽零件、兄弟工业、合兴木业、龙森物流、二连浩特农商行、察右后农商行、太卜寺农商行、惠州燃气、卓宝科技、中国安防、北方联合电力、太原兴业银行、泛亚人力、特发信息、省广电股份、劲嘉彩印、玉溪矿业、武汉万达、中大深圳、云南移动、周口移动、中远航运、讯方通信、徐工重机、鹏华基金、华贸地产、深圳农商行、江门农商行、淮安农行、长大公路、南京移动、黑龙江移动、天河城集团、安徽联通、浙江电信、西部机场、徐工液压、华达集团、津村药业、勐海电力、桂林移动、深圳联通、海印集团、众生药业、中电电子、中捷集团、惠州电力、发耳电厂、华润电力、佛山公控、天彩电子、上海移动、成都联想、深圳联通、江西MBA班、宁波银行、露天煤业、华电集团、白沙物流、三国（日）、安徽昌河汽车、珠海农商行、广西移动、浙江电信、柳州银行、常德烟草机械、南方电网、贵州电网、蓝光集团、武汉光谷、东莞移动、香满楼畜牧、华电、保山移动、东风裕隆汽车、西双版纳移动、勐腊供电、曲靖师宗供电、成都联想----

授课风格：
☆  互动式多媒体教学，动感享受           ☆  声情并茂，激情演绎
☆  案例分析，现场点评                   ☆  经验分享，悟道结合
☆  理论与实操结合，实战实用             ☆  通俗幽默，趣味生动。

课程大纲：
引子：视频---一个老干部的困惑、企业档案管理的困惑
上篇：理念与理论原理篇
第一章：第五代管理---知识管理认知
1.1知识与知识管理
1.2 知识管理新理念--现代企业的档案管理理念
1.3 档案管理是知识管理的基础
案例分享： 企业知识分布图

第二章：企业档案及档案管理概述
2.1什么是档案？有何重要性和作用
2.2企业档案管理的涵义、特点
2.3企业档案管理的作用及目的
2.4企业档案的类型及特点
2.5企业档案管理的发展
案例互动：企业档案管理的价值

第三章：基于企业知识管理的企业档案管理制度体系规划
3.1 档案管理管理制度体系规划；
3.2 档案管理流程梳理与设计、指引编制
3.3 档案管理组织与岗位职能设计
案例互动： 档案管理组织、流程图设计

第四章：企业档案管理人员的角色与任务
4.1企业档案管理职能机构的职责
4.2 档案管理人员的角色与任务
案例互动：档案管理误区

第五章：企业档案库（室）的规划与管理
5.1档案室（库）的要求
5.2档案室（库）的规划
5.3档案室（库）的管理
※【案例分享】： 某企业档案库图

中篇：基础实务篇
第六章：企业文件（文书）处理规范
6.1文件处理概述：原则与要求
6.2办文程序
6.3收文程序
6.4发文程序
※【案例分享练习】：办文流程图

第七章：企业档案管理的内容、分类与标识规范
7.1企业档案管理的内容规范
7.2企业档案管理的分类与标识规范
案例互动：企业档案分类规范表

第八章：企业档案的收集、分类
8.1档案的识别与定义：档案与文件的区别、件的定义
8.2档案的收集与识别
8.3档案的分类组卷
8.4档案的排列编页
案例互动：档案的收集识别

第九章：企业档案的立卷、标识
9.1档案立卷与案卷的涵义、立卷的意义
9.2档案立卷的原则和方法
9.3案卷的编目（标识）
9.4案卷的整理装订
9.5填写案卷
案例互动： 立卷

第十章：企业档案的编录归档
10.1 档案的目录编制
10.2 档案的装盒
10.3 入库上柜（架）
案例互动：目录编制

第十一章：企业档案借阅应用与鉴定销毁
11.1企业档案日常保管维护
112企业档案的应用
11.3企业档案的鉴定与销毁
案例互动： 档案的鉴定

下篇：专业档案实务篇
第十二章：企业人事档案管理
12.1 人事档案的定义与意义
12.2 人事档案的归档要求
12.3 人事档案的范围与期限
12.4 人事档案标识、整理方法
12.5 人事档案的归档、保管
12.6 人事档案的应用与销毁 
案例互动：员工档案鉴定销毁 、选育用留人才如何应用员工档案信息？

第十三章：企业工艺技术档案管理
13.1工艺技术档案概述 (定义、特点、范围分类)
13.2工艺技术档案形成及管理特点、质量要求
13.3工艺技术档案的收集与鉴别
13.4工艺技术档案的整理（整理原则、分类、组卷、排列、编目）
13.5工艺技术档案的归档与保管应用、鉴定销毁
案例互动：科技项目归档文件目录式样、技术工艺档案鉴别

第十四章：企业电子文档管理
14.1 电子文档的定义及特点
14.2 电子文档管理的原则
14.3 电子文档管理的基本方法
14.4 电子文档管理的程序与指引
14.5 电子文档管理的借阅使用与鉴定销毁
案例互动： 鉴定销毁

第十五章：企业工程档案管理
15.1工程档案概述 (定义、特点、范围分类、术语、职责)
15.2工程档案形成及管理特点
15.3工程档案的收集与鉴定(范围、方法、质量要求)
15.4工程档案的整理（分类、组卷、排列、编目）
15.5工程档案的验收与移交（验收中档案处理:--重点资料）
15.6工程档案编研
案例互动：工程档案鉴定与管理重点

结语：知识就是既是生产力又是竞争力。规范化、科学化的档案管理是企业的知识管理的核心基础！做好档
案管理，让您的企业知识百分之百的立方。

[CentOS-announce] CESA-2015:2519 Important CentOS 6 thunderbird Security Update

CentOS Errata and Security Advisory 2015:2519 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2519.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
7d94acf6d46a4ffa415d8eefece825154c79f6c080b694c3f0780dd9b65271d6 thunderbird-38.4.0-1.el6.centos.i686.rpm

x86_64:
655c0162a6bb9d918c8a497531329d5ba13225a2cea9ce5f46756426ad066cbc thunderbird-38.4.0-1.el6.centos.x86_64.rpm

Source:
58473f1a2f8951dd8f8b2276f07e3c2da8894a1f8ebaa65b0b4d90d6eb63a50b thunderbird-38.4.0-1.el6.centos.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2015:2519 Important CentOS 5 thunderbird Security Update

CentOS Errata and Security Advisory 2015:2519 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2519.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
bb8e25af5ff6287b1e25e1f022e4fa5194721bf442d1ad84523cc3000b320d8e thunderbird-38.4.0-1.el5.centos.i386.rpm

x86_64:
b234caf73d4d5b8819dc8ba3fd8a15f9a221b8f90dd3e4ebdbb9331dd5dcf86c thunderbird-38.4.0-1.el5.centos.x86_64.rpm

Source:
080d0b3b6404131402cc2da5db51316ba96c6944488f8d44a7d788cdcf82a24d thunderbird-38.4.0-1.el5.centos.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

reallost1.fbsd2233449:库存管理的绩效目标有哪些？

                     如何减少库存及提高库存周转率

【时间地点】 2015年12月01-02日深圳、12月22-23日上海

【参加对象】 高层管理者、计划管理部门、仓储部门、物流部门、采购部门、销售部门、财务部门及其他相关部门的职业经理人

【授课方式】 讲师讲授 + 视频演绎 + 案例研讨 +角色扮演 + 讲师点评

【学习费用】 3200元/2天/1人（含课程讲义、午餐、茶点等）

【垂询热线】  021-31006787、0755-61280006、010-51299910

【电子邮箱】 jsqyxuxin@vip.163.com

【QQ/微信】：320588808    值·班·手·机：18918958501  许先生

课程背景：
    企业老总都希望公司的库存越少越好。但是，库存为什么就降不下来？库存管理与仓储管理有何区别？库存周转率应该如何计算？电脑上的数据为什么老不靠谱？需求预测不准确如何来备库存？安全库存为什么越存越多？呆滞库存怎么办？该不该设RDC？如何管好耗材库存？各相关部门对公司的库存都应该尽哪些责任？

课程收益:
■ 库存管理的绩效目标有哪些？
■ 如何确保库存信息及时、准确
■ 如何对库存物品进行分类管理
■ 如何准确补货以减少库存
■ 如何预测需求量
■ 如何减少安全库存量
■ 如何减少呆滞库存
■ 销售库存管理的挑战有哪些？
■ 如何做好项目型的库存管理
■ 如何做好备件（耗材）库存的管理
■ 计划管理对库存的影响
■ 仓储管理对库存的影响
■ 采购管理对库存的影响

讲师介绍：【张仲豪】
    毕业于美国密西根州立大学，硕士学位，是改革开放后早期的海归派讲师。曾先后任职于美国亨氏、英国联合饼干、美国美赞臣等500强跨国公司，担任公司运作总监及其他高级管理职务。二十多年的实战经历，专长于采购与供应链管理，是国内采购物流领域中少有的集丰富海外工作经验、国内资深管理阅历及国际权威认证于一身的实战派培训讲师。
    张老师是国际四大职业证书授权讲师：美国注册物流师（CTL）认证、ILT国际物流职业资格认证"、CIPS国际注册采购与供应经理认证、ITC国际贸易中心授权采购与供应链管理国际资格认证中心。
    张老师授课富有很强的激情, 风趣、幽默, 现场感染力强；采用循序渐进、深入浅出的教学方式、丰富生动的实战案例，帮助学员拓宽视野，提高思维能力，掌握相关的方法和工具；课件设计力求深度、实用、案例多为工具性案例,有很强的实操性。课程内容跨度大,尽量吸取各个行业的精粹，具有高度的浓缩性。

培训过的企业，包括但不限于:
    新百丽鞋业；风华高科；伊利集团；美的集团；泸天化；佐敦涂料；东风本田发动机；长春一汽；新中源陶瓷企业集团；东莞创宝达电器；大连真心食品；黑龙江三得利酒业；上海和黄药业；江苏大众；索尼爱立信；宇通集团；统一集团；九安医疗电子；华润水泥；顺丰速运；华宏眼镜；建滔化工；亨斯迈化工；舍弗勒集团；南方李锦记保健品；中国移动广东分公司；科力远新能源； SIMON电器；百事可乐；优普电子；华阳电子；真功夫；华孚集团；平安集团； 立白集团；大全集团；株洲电力机车；；山东汇丰机械集团；唐钢集团承德钢厂；西子奥的斯电梯；广发银行;广东新兴县先锋不锈钢制品；贺利氏古莎齿科有限公司；上海福临门食品有限公司；捷高科技等等。

课程大纲：
第一讲：库存管理的绩效目标有哪些？
库存的类别有哪些
五种库存类别的比较
销售型库存与仓库的关系
仓库的物品都算库存吗
同一库存物品包括哪些成分
如何界定各个库存成分
如何编制库存物品的分类统计表
我们为什么要备库存
库存过高的缺点有哪些
企业老总对库存管理的要求有哪些？
老总对库存管理各目标逻辑顺序的要求？
什么是"零库存管理"
周转率的类别
如何计算库存周转率？
单库周转率与总库存周转率的区别？
库存周转率的计算案例
两种计算法的比较
库存周转率对公司财务的影响
库存管理的绩效考核体系

第二讲：如何确保库存信息及时、准确？
库存信息为什么会不准确
盘点的KPI指标有哪些？
盘点各KPI指标的关系？
盘点亏或盈应不应该罚
全面盘点的工作流程如何？
盘点管理的难度是什么？
四种盘点类型的比较
盘点的三种方法
盲盘与实盘的比较
车间物品怎么盘？
账实不符的产生原因
对于无法点准的物品，如何保证数量
填表为什么经常出错？
如何改进'库存数据分散、混乱'
如何缩短'实库数据与电脑数据的时差'
商品条形码和物流条形码
条形码技术的组成部分
什么是RF实时技术？
RF手持终端电子体系的费用

第三讲：如何做好原材料的库存管理？
原材料库存的主要问题
如何计算某原材料的缺货成本
呆滞物料控制流程
原料呆滞的'未来'期限如何设定
不同类别物料的呆滞期限如何设置
呆滞物品如何处理
各相关单位对原材料库存的影响
不同类型工厂的库存差异
四种工厂类型的比较
不同类别工厂的仓库物品特点
什么是前置时间
物料呆滞、过长或缺货产生的共同原因
一次性物料的订货 － 甘特图法
订单进度计划制定的基本步骤
第一步：罗列某订单项目的生产采购活动
第二步：编制各活动的逻辑层次图
第三步：明确各项活动的预计工期
第四步：预测'项目'完成总时间
第五步：分析交货延迟缺口
第六步：计算每项活动的时间缺口
第七步：调整相关活动的工期
第八步：采购、生产活动的优化
第九步：编制活动计划甘特图
第十步：计划执行的及时调整
重复性物料的订货流程
如何提高采购供应的稳定性？
什么是JIT供应
JIT供应的三种要求
JIT供应对双方的利与弊
如何有效实施JIT供应方式
双方数据交换的方式
EDI与电子邮件的区别
如何做到"先进先出"
如何改进'掏式库位法'
库存呆滞或过长的其他原因

第四讲：如何正确补货以减少库存？
电脑依据什么提出补货要求
如何做好重复性物料的补货管理
如何分析各库存物品的补货管理现状
第一步：绘制该单品库存曲线图
第二步：在库存曲线图上标出订货日期
第三步：分析库存曲线图（案例结论）
如何选择适合的补货方法
什么是定量补货法
如何确定补货点?
影响补货点的因素
如何确定补货量?
如何计算经济订货量
采购订货的成本包括哪些内容
"狭义库存持有成本"包括哪些费用
"广义库存持有成本"包括哪些费用
如何计算平均狭义库存持有成本率
为什么要计算单品库存持有成本
经济订货量的含义是什么
什么是定期补货法
定期补货法示意图
两种补货法的比较
如何确定定期法的订货日期？
影响定期法补货量确定的因素有哪些
情况一：当定期间隔等于订单响应期时
情况二：当定期间隔长于订单响应期时
当订单响应期太长时？
滚动式补货的利与弊

第五讲：如何做好原材料的分类管理？
如何进行原材料的分类？
不同材料的库存管理策略
如何进行帕累托分类？
第一步：对所需分析的指标，从大到小进行排序
第二步：计算每一物品占总体的百分率
第三步：计算每一物品的累积百分率
第四步：如何填画帕累托曲线图
第五步：对物品进行分类
对ABC分类的误解
库存管理如何"盯死它"？

第六讲：如何预测库存需求量？
需求的两大预测方法
什么是时间序列预测法
时间序列预测的基本原理
如何实施时间序列预测法
时间序列预测的三大方法
什么是移动平均法?
如何选择移动平均法的N值
什么是加权移动平均法
什么是指数平滑法?
如何选择α值
时间序列预测法的原理 – 反向模拟
如何衡量趋势性预测的误差性
误差率的比较
计算标准差的作用
标准差值的解读
标准差值大小的含意
标准差的计算
如何选择较佳的预测系数
为什么要"先看标准差，后看平均值"
为什么要对预测值进行校正？
如何对预测值进行校正
什么时候需用周期性指数法预测未来
如何用 "周期性指数法"预测未来
什么是周期性指数法?

第七讲：如何合理设置安全库存量？
什么是安全库存?
什么是最低库存?
安全库存量不是库存补货点
如何计算安全库存量
安全库存因子与库存服务水平的关系表
如何计算安全库存管理现状值?
如何推算不同安全库存量时的缺货率？
怎样推算不能缺货时的最高库存是多少？
如何减少安全库存量
影响安全库存设置的两大因素
如何计算指定送货日期的'订单响应时间'

第八讲：如何做好销售库存的管理？
成品呆滞或缺货产生的原因
Zara模式
成品库存的订货流程
成品单库补货管理的要素
成品如何分类？
成品库存的分类管理策略
同一商品在各仓库的库存联动管理
牛鞭效应案例
牛鞭效应的后果
平方根法则的案例
销售多库存管理的三种改进方法
销售自身设仓的利与弊
是否就地设仓的判定依据
如何管理各渠道商的库存
如何实施渠道扁平化
如何管理代理式商家的库存
如何管理买断式商家的库存
什么是上下家自动补货系统
如何做好自动补货系统

第九讲：如何做好门店库存的管理？
门店库存何为'缺货'
如何计算门店缺货的损失
零售库存管理混乱的原因
门店应该经营多少个SKU
门店采购管理的两大内容
负库存产生的原因
门店订货管理的工作流程
连锁型企业订货系统的挑战
制定采购订单时，考虑的因素
供应商的问题
连锁企业配送中心的挑战
如何做好退货及门店调拨工作

第十讲：如何做好备件（耗材）的库存管理？
什么是备件、耗材
衡量备件（耗材）库存是否积压的指标是什么
如何计算某备件（耗材）的缺货成本
备件（耗材）仓库应该归哪个部门管理
如何做好备件性物品的库存管理
什么是备件生命期 —浴盆曲线
备件浴盆曲线的指导意义是什么
两类备件的不同库存策略
如何做好备件的补货管理
使用部门如何制定'备件需求计划'
如何做好耗材性物品的库存管理
耗材性物品如何分类
不同类别耗材的库存管理策略
什么是双堆法

注：如不需此类信件信息，请转发送"删除"至wytuixin@163.com,我们会及时处理，谢谢您的理解。

[USN-2820-1] dpkg vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJWV1Q/AAoJEGVp2FWnRL6TLfUP/3l3rxGwaednsZjIcO6knJ/6
6BCBez8Uj5UKpGSXRp0xzFYXvPCwlW8lXvVaT8sVk71spzBVo92UU9/CPG/JzMJd
fvZa/SBney6h1tiiGXQRlMTnm5douV+jdaV96UTGBSQebk9QacCyIau2DBk8dNA2
/ZOjPZkAcY7qjPNeFKqRxaOLtKE01EhXPkiQrODmi+rMH+5e9SFs/fpzL0qopGXv
RXAEjlEgrd9cXyXyQfML6TydvqXS6NP1bFARJqbty1uYKwI9cLLPBI7DPaXGcqLe
01TdwAOQRhxQpfVatvs/l/YU4HWhEa+K7Cp6XeRku1jGf7kh1JW4GSqo6Pt+WdvS
Y02v6OyW/XtJgoSm6Khn8Er8gq/sTgNo7vEMfk7aMxRjfpdi9ZjQZYnBisCzQP6q
GwqAcJc8K0tY2O/29LuKZORKhLGe13jjCPlbX7YcauLsfUtq7UE6vPLu1JjMhbLM
Tt21y3LuRCocMcRGqouK+R0Hfudj34PfBuTxttVJkWrUW+iXfNtp4fSjpKiT56AA
xuo2jaDp8WNrZFRirpgFbocvxaE2htmX/GoZwKxluHeGoITJbUMK88KLm1vNA5n/
hEIdkWgUmycEw300U1bLhXvR1VmGHThcoPlCTxQiaXm8NVaODpnpVcZsD5ajWexA
Dz48Y7JNzvb27HZMAmWe
=/Ovi
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2820-1
November 26, 2015

dpkg vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

dpkg-deb could be made to crash or run programs as your login if it
opened a specially crafted file.

Software Description:
- dpkg: Debian package management system

Details:

Hanno Boeck discovered that the dpkg-deb tool incorrectly handled certain
old style Debian binary packages. If a user or an automated system were
tricked into unpacking a specially crafted binary package, a remote
attacker could possibly use this issue to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
dpkg 1.18.2ubuntu5.1

Ubuntu 15.04:
dpkg 1.17.25ubuntu1.1

Ubuntu 14.04 LTS:
dpkg 1.17.5ubuntu5.5

Ubuntu 12.04 LTS:
dpkg 1.16.1.2ubuntu7.7

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2820-1
CVE-2015-0860

Package Information:
https://launchpad.net/ubuntu/+source/dpkg/1.18.2ubuntu5.1
https://launchpad.net/ubuntu/+source/dpkg/1.17.25ubuntu1.1
https://launchpad.net/ubuntu/+source/dpkg/1.17.5ubuntu5.5
https://launchpad.net/ubuntu/+source/dpkg/1.16.1.2ubuntu7.7

Planned Outage: Copr upgrade - 2015-11-30 08:00 UTC

Planned Outage: Copr upgrade - 2015-11-30 08:00 UTC

There will be an outage starting at 2015-11-30 08:00 UTC, which will last approximately 4 hours.

To convert UTC to your local time, take a look at http://fedoraproject.org/wiki/Infrastructure/UTCHowto or run:

date -d 'YYYY-MM-DD HH:MM UTC'

Reason for outage:
Upgrade of Copr backend and Copr frontend to Fedora 23.

Affected Services:
copr.fedoraproject.org
copr-be.cloud.fedoraproject.org

Services not listed are not affected by this outage.

Contact Information: ​msuchy@redhat.com

Ticket Link:
https://fedorahosted.org/fedora-infrastructure/ticket/4999

Please join #fedora-admin or #fedora-noc on irc.freenode.net or add comments to the ticket for this outage above.

--
Miroslav Suchy, RHCA
Red Hat, Senior Software Engineer, #brno, #devexp, #fedora-buildsys
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-announce@lists.fedoraproject.org

reallost1.fbsd2233449---如何 规避 劳动 用工 风险

reallost1.fbsd2233449   您 好

附件中的内容希望对您的工作有所帮助

感谢您对我们工作的理解和支持，谢谢！

[USN-2818-1] OpenJDK 7 vulnerability

==========================================================================
Ubuntu Security Notice USN-2818-1
November 25, 2015

openjdk-7 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS

Summary:

A security issue was fixed in OpenJDK 7.

Software Description:
- openjdk-7: Open Source Java implementation

Details:

It was discovered that rebinding of the receiver of a
DirectMethodHandle may allow a protected method to be accessed. Am
attacker could use this to expose sensitive information or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
icedtea-7-jre-jamvm 7u91-2.6.3-0ubuntu0.15.10.1
openjdk-7-jre 7u91-2.6.3-0ubuntu0.15.10.1
openjdk-7-jre-headless 7u91-2.6.3-0ubuntu0.15.10.1
openjdk-7-jre-lib 7u91-2.6.3-0ubuntu0.15.10.1
openjdk-7-jre-zero 7u91-2.6.3-0ubuntu0.15.10.1

Ubuntu 15.04:
icedtea-7-jre-jamvm 7u91-2.6.3-0ubuntu0.15.04.1
openjdk-7-jre 7u91-2.6.3-0ubuntu0.15.04.1
openjdk-7-jre-headless 7u91-2.6.3-0ubuntu0.15.04.1
openjdk-7-jre-lib 7u91-2.6.3-0ubuntu0.15.04.1
openjdk-7-jre-zero 7u91-2.6.3-0ubuntu0.15.04.1

Ubuntu 14.04 LTS:
icedtea-7-jre-jamvm 7u91-2.6.3-0ubuntu0.14.04.1
openjdk-7-jre 7u91-2.6.3-0ubuntu0.14.04.1
openjdk-7-jre-headless 7u91-2.6.3-0ubuntu0.14.04.1
openjdk-7-jre-lib 7u91-2.6.3-0ubuntu0.14.04.1
openjdk-7-jre-zero 7u91-2.6.3-0ubuntu0.14.04.1

After a standard system update you need to restart any Java
applications or applets to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2818-1
CVE-2015-4871

Package Information:
https://launchpad.net/ubuntu/+source/openjdk-7/7u91-2.6.3-0ubuntu0.15.10.1
https://launchpad.net/ubuntu/+source/openjdk-7/7u91-2.6.3-0ubuntu0.15.04.1
https://launchpad.net/ubuntu/+source/openjdk-7/7u91-2.6.3-0ubuntu0.14.04.1

F24 System Wide Change: Livemedia Creator

= System Wide Change: Livemedia Creator =
https://fedoraproject.org/wiki/Changes/LivemediaCreator

Change owner(s):
* Dennis Gilmore <dennis AT ausil DOT us>

livemedia-creator is a tool that is part of lorax, it has the ability
to make livecd's, raw disk images, and to do pxe2live. We plan to use
it to make pxe2live for Atomic, the LiveCD's and ARM disk images in
fedora.

== Detailed Description ==
We will be adding to koji the the ability to run livemedia-creator in
a chroot. We will replace the long legacy tools used to make LiveCD's
and ARM disk images, as well as as the ability to deliver pxe2live for
atomic. livecd-creator and appliance-creator only support python2 and
yum, they have not seen any significant development in years and are
increasingly crufty. Using livemedia-creator allows us to use dnf to
create the media via anaconda and to ensure that the media is made the
same way we install any Fedora system, reducing the code paths and
differences in how a system looks based on which tool made it.

== Scope ==
Proposal owners:
* add livemedia-creator support to koji
* add support to pungi to create media using livemedia-creator

Other developers: port spin-kickstarts to work with livemedia-creator

Release engineering: communicate the changes and work with spins
owners to assist in kickstart porting

List of deliverables: All LiveCD's, ARM disk images and pxe2live will
be made with tooling changes

Policies and guidelines: We will be writing and/or updating docs on
how to write kickstarts for Spins

Trademark approval: N/A (not needed for this Change)
--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-announce@lists.fedoraproject.org

reallost1.fbsd2233449:如何基于产品需求与竞争友商对比分析，确定我们的核心诉求，形成产品概念？

reallost1.fbsd2233449     您好

附件中的内容希望对您的工作和学习有说帮助

xkkrc8581lcdq6

7:47:45

[USN-2816-1] Django vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJWVLDuAAoJEGVp2FWnRL6T+lUP/1uierDypzxhQ1q5nEjCGCFu
r8hBQq7zGnYGhfniqzYrtbpX0uI38o31Wlws+t7bclY/txtrYDcm+wCsYSQga99o
3D2upRFROjJnsPSscOa6cRIS7WhlRh6L/kaUzdhmYDwbx+Nf0sWUGU8Y2+Tj6llI
u/ZpJLWMKumsteBNS5XWFR1c2pRsa7rYDmXzKn526TKjsAAbi+QdMmCsST9ckUb6
aghnyKRyhAJsm2T4nQIMkYUuU8VeKV+ad4MHKwWnXXN8nO+nkOB8Po3AJBAMgCP1
96FGCy75yRNO7MXaJqtx7A+c13GJBds9mz7LUoYnZ4ZagpQl4q/3UDpE/C6dQwqS
d1J16s2Hd4pP2KVisGab+APrDLRrvF1W6r0FaD5Qrl8dKKvbXGbz+1FVzhDRv1pL
QJyToV9ZOp52QiWHdwdydxERYXD7mzLw/BTDY5NeYLH7ukaI32rSm/FyiGWqTHls
lm/TFsziLi44Tky6BZ28WMFN/Cm3HD6/RVVimRQJHrDcK5e/DYUl7um+7OLDffRI
7tVNPqW7XYCXETKPcxpccZBSn3gC7rHHAPLesuX1kaBzvCbyqbBk7OK5AO9h9dIq
bwpeW2ZndD6CIVDVkXxJVLhSGKH8ubyCWbXGf/2yCz2FefH1RljM4aAEkp2AKbgE
shlpYznwZxb7rLufTYEy
=356I
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2816-1
November 24, 2015

python-django vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

Django could be made to expose sensitive information over the network.

Software Description:
- python-django: High-level Python web development framework

Details:

Ryan Butterfield discovered that Django incorrectly handled the date
template filter. A remote attacker could possibly use this issue to obtain
secrets from application settings.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
python-django 1.7.9-1ubuntu5.1
python3-django 1.7.9-1ubuntu5.1

Ubuntu 15.04:
python-django 1.7.6-1ubuntu2.3
python3-django 1.7.6-1ubuntu2.3

Ubuntu 14.04 LTS:
python-django 1.6.1-2ubuntu0.11

Ubuntu 12.04 LTS:
python-django 1.3.1-4ubuntu1.19

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2816-1
CVE-2015-8213

Package Information:
https://launchpad.net/ubuntu/+source/python-django/1.7.9-1ubuntu5.1
https://launchpad.net/ubuntu/+source/python-django/1.7.6-1ubuntu2.3
https://launchpad.net/ubuntu/+source/python-django/1.6.1-2ubuntu0.11
https://launchpad.net/ubuntu/+source/python-django/1.3.1-4ubuntu1.19

[USN-2817-1] IcedTea Web vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJWVLEMAAoJEGVp2FWnRL6Tdq0P/0A7Q4hhUMXv+E6IIbUl2FSh
4vFpe4Cmy+Tu0DxpigWetuLRGlmGeM2O6CdvUk3EKk7gkVE2So0fz1MLeVQU8SI5
WIA0P4V3A1ha355SjPusCj//GFQB5QtwBEjtwXImMsMugjJz9k6SLO/swMG38Cuu
gA6yVYbqDycTa75HoUebGmW989IR1HQf2J8BZbCh24rc8NAYamUiTXVUm3rhdfzg
vMYsYgmHYwHeT5DP/izZaZVqNOzviGyv3I7t2X70A6bbB6WspmCiahmvVeSb3sod
URU6IacsSsUPeFCr2vPR/ZYMX+c+KJ09HkonjNWgLoQkHSfvrWw7D9NL3jgpfKrb
wSHCf/qZLpTCaIujVofq2PxQYTRm+ZVXZ3h/K0S4E+2DedNXD7342dYv9en7AffJ
g7UeXSoCb7OWq9j/oUVrjTxnj5o37eOxEBV10X/zsxG1UAT6BsJ1Yqni93+J3WXx
xUTNXgfxeU4CnpYzdlzhY4NI1vuHEr4FoY97thHMnuK9qnKiqMbUrsHPoDVA19GF
yoqil9xE1UfZgyY6SJCDMUv8fGIx+cOGB3qjFx6i6UmGKiaZjgyZW+7BrbClRFgp
8qKKF+3Phxlc4iYbGUp4UJKdnqj31PSrrylPjNr+Obu7GsNfeNoXvhR8pYS7pLpW
8Lp0vQj7+MNw2ZbXeBaF
=XbG1
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2817-1
November 24, 2015

icedtea-web vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in IcedTea Web.

Software Description:
- icedtea-web: A web browser plugin to execute Java applets

Details:

It was discovered that IcedTea Web incorrectly handled applet URLs. A
remote attacker could possibly use this issue to inject applets into the
.appletTrustSettings configuration file and bypass user approval.
(CVE-2015-5234)

Andrea Palazzo discovered that IcedTea Web incorrectly determined the
origin of unsigned applets. A remote attacker could possibly use this issue
to bypass user approval, or to trick the user into approving applet
execution. (CVE-2015-5235)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
icedtea-7-plugin 1.5.3-0ubuntu0.15.10.1

Ubuntu 15.04:
icedtea-7-plugin 1.5.3-0ubuntu0.15.04.1

Ubuntu 14.04 LTS:
icedtea-6-plugin 1.5.3-0ubuntu0.14.04.1
icedtea-7-plugin 1.5.3-0ubuntu0.14.04.1

After a standard system update you need to restart your browser to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2817-1
CVE-2015-5234, CVE-2015-5235

Package Information:
https://launchpad.net/ubuntu/+source/icedtea-web/1.5.3-0ubuntu0.15.10.1
https://launchpad.net/ubuntu/+source/icedtea-web/1.5.3-0ubuntu0.15.04.1
https://launchpad.net/ubuntu/+source/icedtea-web/1.5.3-0ubuntu0.14.04.1

Re: Fedora Elections - Campaign period started

Due to the Thanksgiving Day in U.S., later this week, I have prolonged
the Campaign period for one week to minimize conflicts of these
Elections with holidays people might take.

I hope this will help nominees to present their self to the community
and get the attention they need. I am also sorry for any
inconvenience, this might cause to someone.

Best Regards,
Jan

On Tue, Nov 24, 2015 at 9:25 AM, Jan Kurik <jkurik@redhat.com> wrote:
> The Nomination period of Elections to Council, FESCo, FAmSCo and
> Env&Stacks is now over. The list of nominees follows:
>
> == Council (1 open seat) ==
> * Robert Mayr (robyduck)
> * Joe Brockmeier (jzb)
> [ https://fedoraproject.org/wiki/Council/Nominations ]
>
> == FESCo (5 open seats) ==
> * Kevin Fenzi (nirik / kevin)
> * Parag Nemade (paragn)
> * Justin Forbes (jforbes)
> * Germano Massullo (Caterpillar / germano)
> * Jared Smith (jsmith)
> * Adam Miller (maxamillion)
> * Kalev Lember (kalev)
> [ https://fedoraproject.org/wiki/Development/SteeringCommittee/Nominations ]
>
> == FAmSCo (7 open seats) ==
> * Gabriele Trombini (IRC/FAS mailga)
> * Abdel G. Martínez L. (IRC/FAS potty)
> * Christoph Wickert (IRC/FAS cwickert)
> * Sirko Kemter (IRC/FAS gnokii)
> * Matthew Williams (IRC/fas Lorddrachenblut)
> * Truong Anh Tuan (IRC/FAS tuanta)
> * Dan Mossor (IRC: danofsatx FAS:dmossor)
> * Ben Williams (IRC: kk4ewt FAS:jbwillia)
> * Alick Zhao (IRC/FAS alick)
> * Luis Bazan (IRC/FAS lbazan)
> [ https://fedoraproject.org/wiki/FAmSCo_nominations ]
>
> == Env & Stacks (4 open seats) ==
> * Tomas Tomecek (ttomecek)
> * Petr Hracek (phracek)
> [ https://fedoraproject.org/wiki/Env_and_Stacks/Nominations ]
>
>
> As you can see, we have got enough nominees for all the teams/groups,
> except Env & Stacks working group. As we can not cover 4 open seats in
> Env & Stacks working group with just 2 nominees, I am going to talk to
> the working group to agree on a backup plan.
>
> Nominees for Council, FESCo and FAmSCo can now start with their own
> campaign, to attract people in the Fedora community. I am also going
> to work with people from CommOps team to prepare Community Blog for
> publishing answers from candidates on collected questions in the
> Election's Questionnaire [
> https://fedoraproject.org/wiki/Elections/Questionnaire ].
>
> I wish all the nominees good luck and a lot of fun during the campaign
> period, attracting people from the community :)
>
> Regards,
> Jan
>
> --
> Jan Kuřík
> Platform & Fedora Program Manager
> Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic

--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-announce@lists.fedoraproject.org

Fedora Elections - Campaign period started

The Nomination period of Elections to Council, FESCo, FAmSCo and
Env&Stacks is now over. The list of nominees follows:

== Council (1 open seat) ==
* Robert Mayr (robyduck)
* Joe Brockmeier (jzb)
[ https://fedoraproject.org/wiki/Council/Nominations ]

== FESCo (5 open seats) ==
* Kevin Fenzi (nirik / kevin)
* Parag Nemade (paragn)
* Justin Forbes (jforbes)
* Germano Massullo (Caterpillar / germano)
* Jared Smith (jsmith)
* Adam Miller (maxamillion)
* Kalev Lember (kalev)
[ https://fedoraproject.org/wiki/Development/SteeringCommittee/Nominations ]

== FAmSCo (7 open seats) ==
* Gabriele Trombini (IRC/FAS mailga)
* Abdel G. Martínez L. (IRC/FAS potty)
* Christoph Wickert (IRC/FAS cwickert)
* Sirko Kemter (IRC/FAS gnokii)
* Matthew Williams (IRC/fas Lorddrachenblut)
* Truong Anh Tuan (IRC/FAS tuanta)
* Dan Mossor (IRC: danofsatx FAS:dmossor)
* Ben Williams (IRC: kk4ewt FAS:jbwillia)
* Alick Zhao (IRC/FAS alick)
* Luis Bazan (IRC/FAS lbazan)
[ https://fedoraproject.org/wiki/FAmSCo_nominations ]

== Env & Stacks (4 open seats) ==
* Tomas Tomecek (ttomecek)
* Petr Hracek (phracek)
[ https://fedoraproject.org/wiki/Env_and_Stacks/Nominations ]

As you can see, we have got enough nominees for all the teams/groups,
except Env & Stacks working group. As we can not cover 4 open seats in
Env & Stacks working group with just 2 nominees, I am going to talk to
the working group to agree on a backup plan.

Nominees for Council, FESCo and FAmSCo can now start with their own
campaign, to attract people in the Fedora community. I am also going
to work with people from CommOps team to prepare Community Blog for
publishing answers from candidates on collected questions in the
Election's Questionnaire [
https://fedoraproject.org/wiki/Elections/Questionnaire ].

I wish all the nominees good luck and a lot of fun during the campaign
period, attracting people from the community :)

Regards,
Jan

--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-announce@lists.fedoraproject.org

Planned Outage: Buildsystem Server updates/reboots - 2015-11-24 21:00 UTC

Planned Outage: Buildsystem Server updates/reboots - 2015-11-24 21:00
UTC

There will be an outage starting at 2015-11-24 21:00 UTC, which will
last approximately 2 hours.

To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto
or run:

date -d '2015-11-24 21:00 UTC'

Reason for outage:

We will be applying system updates and rebooting servers related to our
buildsystem. No one service should be down the entire time,
services will come up or down as we reboot things.

Affected Services:

koji.fedoraproject.org
kojipkgs.fedoraproject.org
bodhi.fedoraproject.org
apps.fedoraproject.org/koschei
pkgs.fedoraproject.org

Services not listed are not affected by this outage.

Contact Information:

Ticket Link: https://fedorahosted.org/fedora-infrastructure/ticket/4980

Please join #fedora-admin or #fedora-noc on irc.freenode.net or add
comments to the ticket for this outage above.

Planned Outage: fedorainfracloud.org / copr - 2015-11-24 00:00 UTC

Planned Outage: fedorainfracloud.org / copr - 2015-11-24 00:00 UTC

There will be an outage starting at 2015-11-24 00:00 UTC, which will
last approximately 4 hours.

To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto or run:

date -d '2015-11-24 00:00 UTC'

Reason for outage:

We will be updating and rebooting our openstack cloud and all the
instances in it. This will result in downtime for any cloud related
instances, in particular copr will be unavailable.

Affected Services:

fedorainfracloud.org copr.fedoraproject.org fedoramagazine.org
taiga.fedorainfracloud.org testdays.fedorainfracloud.org
jenkins.fedorainfracloud.org

various development instances

Contact Information:

Ticket
Link: ​https://fedorahosted.org/fedora-infrastructure/ticket/4977

Please join #fedora-admin or #fedora-noc on irc.freenode.net or add
comments to the ticket for this outage above.

Planned Outage: Server updates/reboots - 2015-11-25 21:00 UTC

Planned Outage: Server updates/reboots - 2015-11-25 21:00 UTC

There will be an outage starting at 2015-11-25 21:00 UTC, which will
last approximately 4 hours.

To convert UTC to your local time, take a look at
http://fedoraproject.org/wiki/Infrastructure/UTCHowto
or run:

date -d '2015-11-25 21:00 UTC'

Reason for outage:

We will be applying updates and rebooting servers. Particular services
should only be down for short periods of time during the outage
window.

Affected Services:

http://fedoraplanet.org

https://admin.fedoraproject.org/accounts

https://admin.fedoraproject.org/collectd/

https://admin.fedoraproject.org/nagios

https://admin.fedoraproject.org/pkgdb

https://admin.fedoraproject.org/updates

https://admin.fedoraproject.org/voting

https://apps.fedoraproject.org/calendar

https://apps.fedoraproject.org/datagrepper

https://apps.fedoraproject.org/kerneltest

https://apps.fedoraproject.org/notifications

https://apps.fedoraproject.org/nuancier

https://apps.fedoraproject.org/packages

https://apps.fedoraproject.org/releng-dash/

https://apps.fedoraproject.org/tagger

https://ask.fedoraproject.org/

https://badges.fedoraproject.org

https://darkserver.fedoraproject.org

https://docs.fedoraproject.org

https://fedorahosted.org

https://fedorapeople.org

https://fedoraproject.org/easyfix

https://fedoraproject.org/membership-map/ambassadors.html

https://fedoraproject.org/PackageReviewStatus/

https://fedoraproject.org/wiki

https://lists.fedoraproject.org

https://meetbot.fedoraproject.org

https://paste.fedoraproject.org

https://qa.fedoraproject.org/blockerbugs

https://release-monitoring.org

https://retrace.fedoraproject.org

https://taskotron.fedoraproject.org

Additional services may be affected.

Contact Information:

Ticket Link: https://fedorahosted.org/fedora-infrastructure/ticket/4981

Please join #fedora-admin or #fedora-noc on irc.freenode.net or add
comments to the ticket for this outage above.

Fedora community SIP and WebRTC trial at FedRTC.org

We've been trialling a SIP and WebRTC service at https://FedRTC.org for about a year now.

Anybody with a Fedora OpenID can request a matching SIP address in the service. For example:

Fedora user ID: pocock@fedoraproject.org
FedRTC SIP address: pocock@fedrtc.org

The service is completely built using RHEL7/CentOS7/EPEL7 packages.

Users have been able to successfully connect to the service using:
- WebRTC from Firefox and Chrome on just about any OS, including mobile
- softphones packaged in Fedora (GNOME Empathy, Ekiga and many others)
- mobile SIP apps such as Lumicall[1]

A key benefit of the service is that it federates with other communities such as the Debian SIP service[2]. People without a Fedora user ID can make calls to your SIP address using https://FreePhoneBox.net

I would encourage anybody who hasn't tried the service already to do so. Please give feedback through the mailing lists for any specific softphone you try or the Free-RTC mailing list:
https://lists.fsfe.org/mailman/listinfo/free-rtc

1. http://danielpocock.com/lumicall-rapid-provisioning-opus-and-other-enhancements
2. https://rtc.debian.org
--
announce mailing list
announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/announce@lists.fedoraproject.org

reallost1.fbsd2233449:研发中高层领导的述职管理

reallost1.fbsd2233449     您好。

附件中的内容希望对您的工作和学习有所帮助

9moqtg

司晟晟

祝您工作顺利，身体健康

18:53:47

F24 System Wide Change: Fedora 24 Boost 1.60 uplift

= System Wide Change: Fedora 24 Boost 1.60 uplift =
https://fedoraproject.org/wiki/Changes/F24Boost160

Change owner(s):
* Jonathan Wakely <jwakely AT redhat DOT com >

This change brings Boost 1.60.0 to Fedora 24. This will mean F24 ships
with the latest upstream Boost release.

== Detailed Description ==
The aim is to synchronize Fedora with the most recent Boost release.
Because ABI stability is one of explicit Boost non-goals, this entails
rebuilding of all dependent packages. This has also always entailed
yours truly assisting maintainers of client packages in decoding
cryptic boostese seen in output from g++. Such care is to be expected
this time around as well.

Boost 1.60 is scheduled for release on 2 Dec 2016 and a beta release
is already available for testing

== Scope ==
Proposal owners:
* Build will be done with Boost.Build v2 (which is upstream-sanctioned
way of building Boost)
* Request a "f24-boost" build system tag (discussion):
https://fedorahosted.org/rel-eng/ticket/6235 → f24-boost
* Build boost into that tag (take a look at the build #606493 for inspiration)
* Post a request for rebuilds to fedora-devel (XXX link to
fedora-devel message here)
* Work on rebuilding dependent packages in the tag.
* When most is done, re-tag all the packages to rawhide
* Watch fedora-devel and assist in rebuilding broken Boost clients (by
fixing the client, or Boost).

In order to discover any problems ASAP the proposal owner has created
a COPR and built the Boost 1.60.0 beta, and started rebuilding the
300+ dependent packages. The results of this COPR will be thrown away,
but it means any bugs in the upstream release can be reported and
fixed before the final release (rather than patched in the Fedora
package) and any changes needed in dependent packages will be known
sooner.

Other developers:
* Those who depend on Boost DSOs will have to rebuild their packages.
Feature owners will alleviate some of this work as indicated above,
and will assist those whose packages fail to build in debugging them.
* The proposal owner has already started test rebuilds of affected
packages and identifying the needed changes, and will propose patches
to Boost upstream or to the client packages' upstreams as appropriate.

Policies and guidelines:
* Apart from scope, this is business as usual, so no policies, no guidelines.

Trademark approval:
* N/A (not needed for this Change)

--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-announce@lists.fedoraproject.org

reallost1.fbsd2233449:如何做好库存的分类管理

                  高效仓储管理与工厂物料配送

【时间地点】 2015年11月21-22日深圳、12月26-27日广州

【参加对象】 高层管理者、采购、品管、物流、财务等部门及其他相关部门的职业经理

【学习费用】  3200/2天/1人（含课程讲义、午餐、茶点等）

垂·询·热·线：上海：021-3100-6787  深圳：0755-6128-0006   北京：010-51299910 

在线QQ、微信号：320588808           值班手机：189 189 58501

注：如不需此类信件信息，请转发送"删除"至wytuixin@163.com,我们会及时处理，谢谢您的理解。

课程背景：
仓储物流管理的好坏对公司的影响有多大? 为什么进货环节经常出问题?为什么仓库的利用率低?盘点的作用有多大?为什么拣货配送需要那么多人?仓库损耗如何 降低?什么是现代化仓库?如何降低运输成本?如何管理好库存?条形码有用吗?

本课程从实战的角度，结合先进的工厂物流管理理念、众多企业的成功经验以及讲师在企业仓储物流方面多年的经验体会，教授如何管理物流仓储部门，提高仓库运营效率、提升部门绩效以及物流仓储部门在公司的影响。

培训收益：
1、当今物流仓储管理的挑战是什么？
2、如何做好收货入库管理？
3、如何做好储位管理？
4、如何提高盘点的有效性？
5、库存管理的挑战是什么？
6、如何做好库存的分类管理？
7、如何提高物料拣货配送的效率？
8、如何降低仓储管理的损耗？
9、如何选择与维护物流设备？
10、如何降低物流运输成本？
11、如何提高物流仓储的电子化水平？

讲师介绍：【张仲豪】
教育背景：
张老师是改革开放后早期海归派讲师。1986 年获美国 Gerber公司的奖学金赴美国密西州立大学 (MichiganState University )留学，硕士学位。毕业后,受聘于美国Heinz(亨氏)集团公司。

工作经历:
张老师曾先后受聘于美国亨氏公司、英国联合饼干公司、美国美赞臣公司等，曾任美赞臣公司的技术及运作总监。从2000年开始,张老师开始自己创业,从事于多行业的经营管理。所以，张老师既有世界500强 企业职业经理人的丰富阅历,又有作为企业老板的心得 体会。在二十多年的职业生涯中，张老师曾接受过各种国际国内的职业培训。曾赴加拿大、美国、英国、新加坡、泰国、菲律宾、马来西亚等国考察学习。

主讲课程:
降低采购成本及供应商谈判技巧
采购流程优化及供应商评估与管理
高效仓储管理与工厂物料配送
现代企业物流及供应链优化实战
PMC管理-生产计划、订单管理与库存控制
需求预测与库存控制

授课风格:
富有很强的激情, 风趣、幽默, 现场感染力强
采用循序渐进、深入浅出的教学方式、丰富生动的实战案例，帮助学员拓宽视野，提高思维能力，掌握相关的方法和工具
课件设计力求深度，实用、案例多为工具性案例,有很强的实操性。课程内容跨度大,尽量吸取各个行业的精
粹，具有高度的浓缩性。

课程大纲：
第一讲：当今物流仓储管理的挑战是什么？
仓库的类别有哪些
老板对仓储管理的最基本要求是什么？
谁是我们的'客户'？
'客户'对物流服务的要求有哪些-KPI？
不同'客户'的要求侧重点
储运管理的基本流程应该如何？
不同仓库的工作量侧重点？
组织架构设置（岗位设置）的原则
仓储（物流）岗位设置的依据
仓储（物流）岗位设置地图
岗位说明书的作用
岗位说明书应包括哪些内容
储运管理各环节的主要难度是什么？
物流管理的绩效考核体系
建立物流管理绩效考核体系的难度

第二讲：如何做好收货入库管理？
不同仓库的收货特点
收货入库的KPI指标？
收货作业的流程应该如何？
如何做好收货前的准备
卸货与检查
库存信息不准的仓库原因
填表为什么经常出错？
单证应该何时输入电脑？
为什么抽样方法很重要？
抽样的三类方法
如何抽样？
服装检验的抽样方法
抽样数量及判定标准
如何取样？
半成品库如何做好入库的点数
如何编写仓库的标准操作规程- SOP？

第三讲：如何做好储位管理？
储位管理的核心是什么？
三种仓库运作模式
储位管理的KPI指标有哪些
仓库的常规布局
如何计算仓库的利用率？
如何提高仓库的有效利用率
仓库合理布局的比例参考
立体仓与平面仓的比较
库区如何分配
各归类物品如何分配库区
如何摆放？
自建仓库还是外租仓库？

第四讲：如何提高盘点的有效性？
盘点的KPI指标有哪些？
盘点各KPI指标的关系？
盘点亏或盈应不应该罚
全面盘点的工作流程如何？
盘点准备工作做些什么？
盘点管理的难度是什么？
五种盘点方式的比较？
盘点的三种形式
盲盘与实盘的比较
车间物品怎么盘？

第五讲：库存管理的挑战是什么？
存放于仓库的物品都算库存吗
我们为什么要存库存
库存过高的缺点有哪些？
企业老总对库存管理有哪些要求？
企业老总对库存管理各目标的逻辑顺序？
什么是"零库存管理"？
周转率的类别
库存周转率的不同算法？
单库周转率与总周转率的区别？
库存周转率的计算案例
两种计算法的比较

第六讲：如何做好库存的分类管理？
库存管理的挑战是什么？
如何做好库存物品的分类管理？
如何进行原材料的分类？
饼干加工厂的原材料分类
本企业采购物品的分类
不同材料的库存管理策略
成品如何分类？
成品库存的分类管理策略
什么是Pareto(帕累托)分类法
如何进行帕累托分类？
第一步：对所需分析的指标，从大到小进行排序
第二步：计算每一物品占总体的百分率
第三步：计算每一物品的累积百分率
计算累积百分率的捷径法
计算累积百分率的意义
库存物品ABC分类的误解
如何应用帕累托法则
库存管理如何"盯死它"？
备件（耗材）如何备库存？
高值备件的库存管理特点
什么是备件生命期 —浴盆曲线
如何制定'资产类备件需求计划'？

第七讲：如何提高物料拣货配送的效率？
拣货（发料）的KPI？
哪些因素会影响拣货绩效？
如何建立拣货员的绩效工资制度
如何创建电子模板  
拣货运作的流程如何？
各阶段会出什么问题？
领料计划单的大小如何确定
拣货计划为什么会下的太晚
如何合理分配拣货单
如何按照拣货时间分配拣货单
拣货的两种基本方法
如何实施播种法？
两种拣货方法的比较
如何避免拣（发）错货？
领料与发料
拣货与发货
如何做到"先进先出"
如何改进'掏式库位法'
硬件设施对拣货的帮助
成品出货的流程？
成品出货的主要问题？
如何解决数量'不准'的问题

第八讲：如何降低仓储管理的损耗？
仓储管理不当造成的损耗有哪些？
看不见型损耗的产生原因
看得见型损耗的缘由会有哪些？
不同存放物的仓储要求有哪些？
仓库的设计要求
仓库如何防潮？
双门制
仓库日常管理的侧重点？
板货标识的形式
完整板货标示的基本内容
板货标示的作用有哪些？
堆码操作要求
'堆码'为什么要定量？
非托盘式仓库如何定量
如何计算各物品的库容需求？
垛堆法图示
如何管理好待定物品和不能用物品
退货的管理
如何做好仓库的日常管理工作
安全管理的防范？
如何防治野蛮操作？
物流安全的国家相关规定
仓库日常巡查制度

第九讲：如何选择与维护物流设备？
第一节：货架设施的选择
设计货架所需考虑的因素
货架的一般分类
低位货架
低位货架图示
悬臂式货架
其他货架
中高位货架
机械手式VNA
各种特种货架的比较
第二节：叉车设备的选择及保养
如何选购叉车
叉车的动力分类
叉车的种类
叉车示意图
叉车应该如何保养？
第三节：其他设备
托盘类
托盘是租好还是买好
托盘国际标准共有6种规格
中国的托盘标准
其他器具
填充气袋

第十讲：如何降低物流运输成本？
第一节：降低运输成本的方法有哪些？
运输管理的挑战有哪些？
运输管理的KPI？
如何降低运输成本
四种运输工具的比较
我们应该选择哪种运输工具为好？
某物流公司各种运输形式的成本比较
本案例的要点
如何降低运输的损耗
第二节：如何实施物流外包的招投标？
物流招标的方式
如何实施物流外包招投标？
如何准备招标文件
仓储物流管理的电子模板工具
评标方法有哪两大类别？
某公司的评标案例
第一步：计算技术标的评分
第二步：计算平均报价值
第三步：计算商务标得分
第四步：计算综合评分值
综合评标法
如何评定技术标？
第三节：如何评估物流服务商？
物流企业分类与评估指标
运输型物流企业的评定内容？
经营状况
资产
设备设施
管理及服务
人员素质
信息化水平
什么是第四方物流？
物流商的愿望？
货运服务的类型
不同货运公司的评估侧重点
仓储服务商的设备设施
如何做好仓库的租赁或外包？

第十一讲：如何提高物流仓储的电子化水平？
四大信息管理系统
WMS系统－仓储管理系统
什么是物联网-Internet of things  - IOT？
四种信息传感设备
为什么要用物流条码技术？
什么是条形码技术
条形码的分类
商品条形码和物流条形码
物流条码如何编制
一维码与二维码的区别
数据采集器的类别
手持终端的组成部分
什么是RF实时技术（无线局域网络）？
RF手持终端电子体系的费用
什么是射频识别技术?
为什么要用RFID？
三种拣货方式的比较

[USN-2815-1] libpng vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJWThzZAAoJEGVp2FWnRL6T/nQP/ie5zVmPep4wAcAe06JuemRJ
Ao1Wf+Qa8iW/sJm5OXZ8igAqFLLhU0N3l37fJ+YGsB3Pa3phvcJz/htiC/g9UtNh
d9S3RD/NgGuBU5P8Iru2oLQ0WrXpL3T+89Z74ktlvCRY24wiU+XPznxS7nraEvEU
IWuB98hzNKf6xdgVzllWy5hbBnU/zmUKVi5CmIfV74XDV/EWiH4emccu8lid9HZM
nGDfFRspJLSby03ODqb+qr6uTqb07/ZjolGk/aHLIm4LzbzqaNpyuau6hqBfj2pw
B7N1TzWczEmALdVXKqI//NDQO2llP5KNQUL0OrCwcAEWH6Bw7kmg9vOmSY3CEXzF
AaR/20TyoKeWH0G3PkRNdu3ljxiGXA9dvVqYcy5+5DXS+QzZF+KVbBiIL0wlp0sC
KdLg5rkiQq5jsxIc5+p8u0TkSEmn7+SjbYPSxqowesHhltsi0vqU9208At8k2W7z
qoPHDWSuYx9KNOv94lH4sdL5OgwGrI26r1QHq6K3GpWFhiu5I700zO3D4p8L7D0Z
LGLHQ6166tCohecBl540sIL42HOMbQ5BKBEaNwjrJrefFI0XjakamtpJwBu7LAXt
uzx/iWmUFAC0OpPJ2P+LllVN/mBFMUNjS1FccshQLtzaDjQZbpAtiyl6hgGTXmZQ
mqZ+aZCpwXRZ/BqfyJ7w
=FzjS
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2815-1
November 19, 2015

libpng vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

libpng could be made to crash or run programs as your login if it
opened a specially crafted file.

Software Description:
- libpng: PNG (Portable Network Graphics) file library

Details:

Mikulas Patocka discovered that libpng incorrectly handled certain large
fields. If a user or automated system using libpng were tricked into
opening a specially crafted image, an attacker could exploit this to cause
libpng to crash, leading to a denial of service. This issue only affected
Ubuntu 12.04 LTS. (CVE-2012-3425)

Qixue Xiao discovered that libpng incorrectly handled certain time values.
If a user or automated system using libpng were tricked into opening a
specially crafted image, an attacker could exploit this to cause libpng to
crash, leading to a denial of service. (CVE-2015-7981)

It was discovered that libpng incorrectly handled certain small bit-depth
values. If a user or automated system using libpng were tricked into
opening a specially crafted image, an attacker could exploit this to cause
a denial of service or execute code with the privileges of the user
invoking the program. (CVE-2015-8126)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
libpng12-0 1.2.51-0ubuntu3.15.10.1

Ubuntu 15.04:
libpng12-0 1.2.51-0ubuntu3.15.04.1

Ubuntu 14.04 LTS:
libpng12-0 1.2.50-1ubuntu2.14.04.1

Ubuntu 12.04 LTS:
libpng12-0 1.2.46-3ubuntu4.1

After a standard system update you need to restart your session to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2815-1
CVE-2012-3425, CVE-2015-7981, CVE-2015-8126

Package Information:
https://launchpad.net/ubuntu/+source/libpng/1.2.51-0ubuntu3.15.10.1
https://launchpad.net/ubuntu/+source/libpng/1.2.51-0ubuntu3.15.04.1
https://launchpad.net/ubuntu/+source/libpng/1.2.50-1ubuntu2.14.04.1
https://launchpad.net/ubuntu/+source/libpng/1.2.46-3ubuntu4.1

[announce] NYC*BUG Tonight: Stephen R Bourne

The meeting happens tonight 645 PM at Stone Creek at 140 East 27th
Street in the backroom.

It will be streamed. We will hit talk@ with the details before the meeting.

December 14th is the city-wide NYC Holiday Party at Clyde Frazier's Wine
and Dine. There will be no NYC*BUG meeting in December.

NYLUG posted details here:

http://rsvp.nylug.org/225970914

We will have an email address up soon for RSVPs.

We are working out details for 2016's meetings. Those will be posted in
the near-future.

Note the birth of some new BSD User Groups:

in New Delhi, India: ndbug.org

in Detroit, MI: semibug.org

_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce

fedora-packages rebuild/upgrade

Hello,

In the coming hours we will be both upgrading fedora-packages [1] to a new
version (relying on mdapi [2]) and rebuilding its index.

This should take a couple of hours during which fedora-packages will not be
available. It will impact the package name completion in the new update form
of Bodhi as well as the pkgwat utility.

We will update http://status.fedoraproject.org to reflect the progress and
announce here when the rebuild is finished.

Thanks for your attention,

Pierre & Ralph for the Fedora infrastructure team

[1] https://apps.fedoraproject.org/packages
[2] https://apps.fedoraproject.org/mdapi/
_______________________________________________
devel-announce mailing list
devel-announce@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel-announce@lists.fedoraproject.org

[CentOS-announce] CESA-2015:2078 Moderate CentOS 7 postgresql Security Update

CentOS Errata and Security Advisory 2015:2078 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2078.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
dac984ae0f6ec9bbb3fbf89ab18387c911ecd381d0d42502212090583a255fb0 postgresql-9.2.14-1.el7_1.i686.rpm
48c8a0de83c28f79cc1a85f1b6572560860563610721ee7700d7ada688d25b4e postgresql-9.2.14-1.el7_1.x86_64.rpm
da0f25e0fa38d0fc93d6b3817797b67ed1f5130e49c91477b19f27bde73770f7 postgresql-contrib-9.2.14-1.el7_1.x86_64.rpm
4ff2972830681f8b3878fb465c3b0eb93e315645eb5f8d32d19f04b983f563a6 postgresql-devel-9.2.14-1.el7_1.i686.rpm
eae197326a7ae78b9f633c718d0e7eb48f5ac3520fe5ff787ab07dfb9a23ab79 postgresql-devel-9.2.14-1.el7_1.x86_64.rpm
efd8026ec5026a22471688e0c19b2a53657c8d9a3333770829dbc12234c46e1c postgresql-docs-9.2.14-1.el7_1.x86_64.rpm
3897ca7ab0e9ed9df4c81c3e15da0ba069b74bd59c2e9743755e3654d8b3b712 postgresql-libs-9.2.14-1.el7_1.i686.rpm
4a409cfde77bc7b14f18a152e896ad3290aef94355a8c9ee993e9075b05160e9 postgresql-libs-9.2.14-1.el7_1.x86_64.rpm
89f5050225e4bc4ca162822ed0bdd16a0cf34f0b70fd0b2b3422a5850d37556d postgresql-plperl-9.2.14-1.el7_1.x86_64.rpm
35868c84234ab8afe3fdc05b181463f2161e2785fe0f55d21ec5368eb556c7a6 postgresql-plpython-9.2.14-1.el7_1.x86_64.rpm
2598a7f5e6b3d9fa1354fd373c039d7eec38e980b60af005a0051096d5e845a6 postgresql-pltcl-9.2.14-1.el7_1.x86_64.rpm
bd457b9b0838e97e8dc54e8d730ac75da3ab297623bebaae23ec249c9da32fb2 postgresql-server-9.2.14-1.el7_1.x86_64.rpm
59674923b6e61253f8442a75ad7b1b671af6d8f3d02fac54ee9d93402c357f0a postgresql-test-9.2.14-1.el7_1.x86_64.rpm
7e81ff716e88e95e0157c53a02d2050c4858cce6d8fd22ace50287f18c481789 postgresql-upgrade-9.2.14-1.el7_1.x86_64.rpm

Source:
7e684cc6556afa15a60582354c7a110461946416b70332fe09bbb499bd6f0aec postgresql-9.2.14-1.el7_1.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2015:2086 Important CentOS 7 java-1.6.0-openjdk Security Update

CentOS Errata and Security Advisory 2015:2086 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2086.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
dbde32b3ea0f1870bd997de2978ae16c39b5702982e26641b1361e525d836a2a java-1.6.0-openjdk-1.6.0.37-1.13.9.4.el7_1.x86_64.rpm
8c10f117b441e78024068c7d8aebdbe23ed46a772e739c2ec6c8fc5a9bd19300 java-1.6.0-openjdk-demo-1.6.0.37-1.13.9.4.el7_1.x86_64.rpm
b9cc50e5cc098bd8cdec6d2c57ed9957b84b17140b20c4dff86116a321fb5743 java-1.6.0-openjdk-devel-1.6.0.37-1.13.9.4.el7_1.x86_64.rpm
d7555996e4355cfd7f42227a7dcbc82760cb92dd0387c0e8943a62d58a96a85c java-1.6.0-openjdk-javadoc-1.6.0.37-1.13.9.4.el7_1.x86_64.rpm
242c990b1fb3bbbec7ae853077c9785752d1a11364241070004ed245a84fd564 java-1.6.0-openjdk-src-1.6.0.37-1.13.9.4.el7_1.x86_64.rpm

Source:
5ca8bb4d945891ee068baac317351d7a571cf7dbf8e28f94fb1b2e2679580aeb java-1.6.0-openjdk-1.6.0.37-1.13.9.4.el7_1.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2015:2086 Important CentOS 5 java-1.6.0-openjdk Security Update

CentOS Errata and Security Advisory 2015:2086 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2086.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
aa99f34b3c368695046b073a2065735f41b443f5014998662141472784808fc8 java-1.6.0-openjdk-1.6.0.37-1.13.9.4.el5_11.i386.rpm
22a5e9945db46cbc09e28e944037f97e08ada786a29633fc0749c473bf27a75e java-1.6.0-openjdk-demo-1.6.0.37-1.13.9.4.el5_11.i386.rpm
1c74dc66b90779a55849b0f2857c99ed7c44d0e4071bfd0afec944d85df32e2b java-1.6.0-openjdk-devel-1.6.0.37-1.13.9.4.el5_11.i386.rpm
6fdbd6c9f8cf75a2e59755291275d4dd649ae80a723389495e5174eab93cdf20 java-1.6.0-openjdk-javadoc-1.6.0.37-1.13.9.4.el5_11.i386.rpm
9cb01c62fa3a3c13e33a88fe3e121d9e0509a3fe1aadf1b13a45067046eecf4e java-1.6.0-openjdk-src-1.6.0.37-1.13.9.4.el5_11.i386.rpm

x86_64:
647faf2b65173da2df9cb57b1fc4c55605474eb675b8695551d6ea51f695213c java-1.6.0-openjdk-1.6.0.37-1.13.9.4.el5_11.x86_64.rpm
1e99cb89adbd0b8331adbef47eab6911df5fb042481c004dc9e55978c828acf0 java-1.6.0-openjdk-demo-1.6.0.37-1.13.9.4.el5_11.x86_64.rpm
df9c09dc2debaf5315d92f63a2516ba59f1b1a21cf9b8c1817beaa3b76f2f700 java-1.6.0-openjdk-devel-1.6.0.37-1.13.9.4.el5_11.x86_64.rpm
e85105b2fe6f41629828fcae5f78bc62bd3b4d4b3e41a27f06c333799c3e74cf java-1.6.0-openjdk-javadoc-1.6.0.37-1.13.9.4.el5_11.x86_64.rpm
3a46d303cfaff3b86d43d157a039181542895f45d109c77bd0f81540f69a75e0 java-1.6.0-openjdk-src-1.6.0.37-1.13.9.4.el5_11.x86_64.rpm

Source:
02ad1a69ec9a3b1832ec47ff1c4f13fcb54d45f55bf5d9907b6a582888b71bb8 java-1.6.0-openjdk-1.6.0.37-1.13.9.4.el5_11.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2015:2086 Important CentOS 6 java-1.6.0-openjdk Security Update

CentOS Errata and Security Advisory 2015:2086 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2086.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
e8af0bccd304323e1aa843eb766e70c14e41f10d37f36a10a119a2e5a0a29d99 java-1.6.0-openjdk-1.6.0.37-1.13.9.4.el6_7.i686.rpm
1d5d0435df46b38dd76625bf74d399130fc880d253cce65cc56af02ae95369f6 java-1.6.0-openjdk-demo-1.6.0.37-1.13.9.4.el6_7.i686.rpm
a1fb61dd21d3c39e76dd4b586616a0eb9f0e7385f4ffc0646b64caab8e39e023 java-1.6.0-openjdk-devel-1.6.0.37-1.13.9.4.el6_7.i686.rpm
e6ef8834495a00342c6795c6350e481121ec1679a11faf111974a8e1cfb513e9 java-1.6.0-openjdk-javadoc-1.6.0.37-1.13.9.4.el6_7.i686.rpm
8746d8d277b92216022f72bde731eb208376ef80189ff9b537b39818af6191a4 java-1.6.0-openjdk-src-1.6.0.37-1.13.9.4.el6_7.i686.rpm

x86_64:
5aa22726ce93be62ff0833e0ff0a2258dd44b36968f9787c106ce7abac9de92b java-1.6.0-openjdk-1.6.0.37-1.13.9.4.el6_7.x86_64.rpm
5fa7345e069a5d00c0257e1559ec8fe97a2f828306d5538a22c773f800c07181 java-1.6.0-openjdk-demo-1.6.0.37-1.13.9.4.el6_7.x86_64.rpm
ed681b21bbcb93543dffc3f82ed8bd93226ad1cdd640d4300c3656630664bce6 java-1.6.0-openjdk-devel-1.6.0.37-1.13.9.4.el6_7.x86_64.rpm
c83158d7a0c733b44279ccb95a66a87c137441e1a47c55be94d057e667289a23 java-1.6.0-openjdk-javadoc-1.6.0.37-1.13.9.4.el6_7.x86_64.rpm
a248aefa9bc1c02541ff465f6eb6f98a32072b6fef348adcdf924fd051d06151 java-1.6.0-openjdk-src-1.6.0.37-1.13.9.4.el6_7.x86_64.rpm

Source:
5d935ad8df489bd9c6dcf51e5fa0cdb2eda17face6eccce30cccf8fbfd0312f3 java-1.6.0-openjdk-1.6.0.37-1.13.9.4.el6_7.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2015:2081 Moderate CentOS 6 postgresql Security Update

CentOS Errata and Security Advisory 2015:2081 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-2081.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
0e97fe4a73fd3e52d253aa01a78d4a2c75e57415e62a2468dc8639352016e817 postgresql-8.4.20-4.el6_7.i686.rpm
54877c2fedcbdd30cc66941d449dc70077fc886fcac53e3d589e764452171354 postgresql-contrib-8.4.20-4.el6_7.i686.rpm
23992e58740882150065ac43e544b4f8aa53a942b9393e354faa7bf20411b4b4 postgresql-devel-8.4.20-4.el6_7.i686.rpm
a4fc45d81815c93da5d5a3948eaba1f598937a0e6b80a7ced9de1958daa66158 postgresql-docs-8.4.20-4.el6_7.i686.rpm
217f335cc844426b53558859ae65f7e45b96e02ea2e3b267288f9404bbba9fd4 postgresql-libs-8.4.20-4.el6_7.i686.rpm
6e7534efb6c9eb1db98ec1e1e581a351cee2733f7d641decb390f6f60d448099 postgresql-plperl-8.4.20-4.el6_7.i686.rpm
cc50decba345bf784b9821edb1c8f1921a708a4d9440f444ece54383c2bf005b postgresql-plpython-8.4.20-4.el6_7.i686.rpm
b1d88b3f571a551d5438f3f397ecf79a1bbf45df822019160db4f22776e6a91e postgresql-pltcl-8.4.20-4.el6_7.i686.rpm
65e5d758024188f6ba096bc1c96754f45d6ce98944beddb9ecfa087dad9bf55f postgresql-server-8.4.20-4.el6_7.i686.rpm
9b4ddd7a4cf4ff7c24e91be92fa8062092e19672f3fb939817abd7d770eb9baa postgresql-test-8.4.20-4.el6_7.i686.rpm

x86_64:
0e97fe4a73fd3e52d253aa01a78d4a2c75e57415e62a2468dc8639352016e817 postgresql-8.4.20-4.el6_7.i686.rpm
2cf6ecc14534ef1bb553da2743b1a2b7679ad6e076dd2301d241833c8288e02c postgresql-8.4.20-4.el6_7.x86_64.rpm
0cebe83b0f5f91d5055eec015539904d9d6c5c6e4a41848f0f39ddfebf54a082 postgresql-contrib-8.4.20-4.el6_7.x86_64.rpm
23992e58740882150065ac43e544b4f8aa53a942b9393e354faa7bf20411b4b4 postgresql-devel-8.4.20-4.el6_7.i686.rpm
f02d225b9769f8a69c9a38bdc360e92b96d37b37db2c372ca020d597dea19dae postgresql-devel-8.4.20-4.el6_7.x86_64.rpm
b001349770fb86984191de0d8a90d30d41dab95ca1467d8e31ef067cefd050b8 postgresql-docs-8.4.20-4.el6_7.x86_64.rpm
217f335cc844426b53558859ae65f7e45b96e02ea2e3b267288f9404bbba9fd4 postgresql-libs-8.4.20-4.el6_7.i686.rpm
252e3df351f8007191831d1c40b13e868811672d11c40a81fac17e3d213be926 postgresql-libs-8.4.20-4.el6_7.x86_64.rpm
54c0316956e115eb0c41c445a211675cff32f2628575765b368de7a735119350 postgresql-plperl-8.4.20-4.el6_7.x86_64.rpm
60e79f2a2d21dd3d8d8e1714ca063ecd5a2a302db824f9a735006c700bc351e7 postgresql-plpython-8.4.20-4.el6_7.x86_64.rpm
ba395b85bb86749ddb58b1e43509412c684d0b18c7fe41052874073dafc926de postgresql-pltcl-8.4.20-4.el6_7.x86_64.rpm
d189c260a6280f771eeed522750d4f7928fad095293fdd287f29b4dd2e8f6871 postgresql-server-8.4.20-4.el6_7.x86_64.rpm
77309a9e212b2f424990eae82510308ea036d9a40040162068be8b4f0a66a597 postgresql-test-8.4.20-4.el6_7.x86_64.rpm

Source:
b0eb57695234f5cc6f2ab2df3eef661726f065926a303cfa0278cc003ab24ed2 postgresql-8.4.20-4.el6_7.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[USN-2814-1] NVIDIA graphics drivers vulnerability

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJWTNJPAAoJEGVp2FWnRL6TFAwQAJSM3iLL19zjBbQRMTPUsfDU
2PRUUa0PDxXK0R3onpY+EkHEq/Bq/INRIM2xYDlG8oze65rmq6y2xVI0WoWkxXTr
UXnAwkOpLdtYvwlnqwna8bpPsh4bwgyy6/J1fXmRze8MGble4cifxleWatJzIGO5
PojFf1/9rjuNZhFmPEFHKq6flu5cuxkNojddhwWQO/biVAww0cxHWr35Xcvtp7KG
NXp6d5FZqqYb+sas5xw6HMS0StfHWZ5TDoBv74elvpu5mCY4bvcSPP0yo6RnXS+j
4/5No00/yQs3FKV1sWKlSjZx1rxSXfNeoeraUCxg/Nq2o5eGc5lhuyzqHoGQYB3v
neytdTuF4JvD/bb/pxOvAWLmucHISJbgOEWkOeZewFr+WSls4uA8I+96DXJ5Av5V
GwdObfg2ju4ZIzIBLJwHfvbx0feLEip/I1KehUVPFDh7/xc/FssxCYYsNWrH871f
kTCIF1hKkykR6BsvcuJcIZLpOYLu5TQGrezAz1BOTt18Os8LcomRr49P618EotLX
9/qlM/D0Csg92wVzzicZXQxKoEFkUEkzS6wSlKd/dchKcOeQXmlkzq8TiAyjpauy
V1d1ceufGvPWZVtd12J4VRI2J5NnMV1XyhlFj6eQjwGnLCDdSU21uXAAKsDJrwZe
ZHh2VkLzKxMpyz28HDdC
=ZcSb
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-2814-1
November 18, 2015

nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates,
nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates,
nvidia-graphics-drivers-352, nvidia-graphics-drivers-352-updates vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.10
- Ubuntu 15.04
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

NVIDIA graphics drivers could be made to run programs as an administrator.

Software Description:
- nvidia-graphics-drivers-304: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-304-updates: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-340: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-340-updates: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-352: NVIDIA binary X.Org driver
- nvidia-graphics-drivers-352-updates: NVIDIA binary X.Org driver

Details:

It was discovered that the NVIDIA graphics drivers incorrectly sanitized
user mode inputs. A local attacker could use this issue to possibly gain
root privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
nvidia-304 304.131-0ubuntu0.15.10.1
nvidia-304-updates 304.131-0ubuntu0.15.10.1
nvidia-331 340.96-0ubuntu0.15.10.1
nvidia-331-updates 340.96-0ubuntu0.15.10.1
nvidia-340 340.96-0ubuntu0.15.10.1
nvidia-340-updates 340.96-0ubuntu0.15.10.1
nvidia-346 352.63-0ubuntu0.15.10.1
nvidia-346-updates 352.63-0ubuntu0.15.10.1
nvidia-352 352.63-0ubuntu0.15.10.1
nvidia-352-updates 352.63-0ubuntu0.15.10.1

Ubuntu 15.04:
nvidia-304 304.131-0ubuntu0.15.04.1
nvidia-304-updates 304.131-0ubuntu0.15.04.1
nvidia-331 340.96-0ubuntu0.15.04.1
nvidia-331-updates 340.96-0ubuntu0.15.04.1
nvidia-340 340.96-0ubuntu0.15.04.1
nvidia-340-updates 340.96-0ubuntu0.15.04.1
nvidia-346 352.63-0ubuntu0.15.04.1
nvidia-346-updates 352.63-0ubuntu0.15.04.1
nvidia-352 352.63-0ubuntu0.15.04.1
nvidia-352-updates 352.63-0ubuntu0.15.04.1

Ubuntu 14.04 LTS:
nvidia-304 304.131-0ubuntu0.14.04.1
nvidia-304-updates 304.131-0ubuntu0.14.04.1
nvidia-331 340.96-0ubuntu0.14.04.1
nvidia-331-updates 340.96-0ubuntu0.14.04.1
nvidia-340 340.96-0ubuntu0.14.04.1
nvidia-340-updates 340.96-0ubuntu0.14.04.1
nvidia-346 352.63-0ubuntu0.14.04.1
nvidia-346-updates 352.63-0ubuntu0.14.04.1
nvidia-352 352.63-0ubuntu0.14.04.1
nvidia-352-updates 352.63-0ubuntu0.14.04.1

Ubuntu 12.04 LTS:
nvidia-304 304.131-0ubuntu0.12.04.1
nvidia-304-updates 304.131-0ubuntu0.12.04.1
nvidia-331-updates 340.96-0ubuntu0.12.04.1
nvidia-340 340.96-0ubuntu0.12.04.1
nvidia-340-updates 340.96-0ubuntu0.12.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2814-1
CVE-2015-7869

Package Information:

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.131-0ubuntu0.15.10.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304-updates/304.131-0ubuntu0.15.10.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.96-0ubuntu0.15.10.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340-updates/340.96-0ubuntu0.15.10.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-352/352.63-0ubuntu0.15.10.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-352-updates/352.63-0ubuntu0.15.10.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.131-0ubuntu0.15.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304-updates/304.131-0ubuntu0.15.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.96-0ubuntu0.15.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340-updates/340.96-0ubuntu0.15.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-352/352.63-0ubuntu0.15.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-352-updates/352.63-0ubuntu0.15.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.131-0ubuntu0.14.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304-updates/304.131-0ubuntu0.14.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.96-0ubuntu0.14.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340-updates/340.96-0ubuntu0.14.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-352/352.63-0ubuntu0.14.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-352-updates/352.63-0ubuntu0.14.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304/304.131-0ubuntu0.12.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304-updates/304.131-0ubuntu0.12.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340/340.96-0ubuntu0.12.04.1

https://launchpad.net/ubuntu/+source/nvidia-graphics-drivers-340-updates/340.96-0ubuntu0.12.04.1