Unix News Tutorials Events and Stuff: March 2017

Friday, March 31, 2017

[announce] NYC*BUG Upcoming, including April 5 on yes.c

A bunch of upcoming meetings and BSD Cons upcoming:

Getting to yes.c, Mike Burns
Wednesday, April 5, 18:45, LMHQ, 150 Broadway, 20th Floor, Manhattan
Notice: Location Change

Let's read a classic: yes.c. We can look at OpenBSD, FreeBSD, NetBSD,
GNU, Illumos, and Unix 7th ed. implementations. With the many different
authors and distinct cultures we will be sure to have much to discuss
and compare. Some things to think about: what are some uses for the yes
command? What errors can occur, and how are they handled? How did GNU
manage to make this program 88 lines long? How did Illumos get this
program indented by five tabs?

The inspiration is the shared metaphors and expressions we have in
natural language due to common books (e.g. Hitchhiker's Guide to the
Galaxy, Romeo and Juliet) and movies (e.g. Hackers, A Christmas Carol).
Come prepared for a poetry slam crossed with a book club.

Speaker Bio

Mike is an OpenBSD contributor, port maintainer, and long-time BSD user.
He's new to town, having previously run the Classical Code Reading Group
of Stockholm.

*****

Building Open Source Random Number Generators, Rob Seward
Wednesday, May 3, 18:45, LMHQ, 150 Broadway, 20th Floor, Manhattan

*****

BSDCan 2017 in Ottawa, Canada with the conference from June 9-10 and the
tutorials June 7-8.

https://www.bsdcan.org/2017/

****

vBSDCon 2017 has announced its CFP:

Verisign is hosting its 3rd vBSDcon, scheduled for September 8 - 9,
2017, in Reston, VA. A Call For Presentations is currently open and
submissions are being accepted at vBSDcon.com. CFP administration is
being conducted through EasyChair, which require accounts to upload
submissions for consideration. Our call is open through April 30, 2017.
So get your submissions in soon!

Again, submissions can be made at vBSDcon.com!

*****

EuroBSDCon 2017 has announced its CFP:

On behalf of the EuroBSDCon 2017 Program Committee, here is the Call for
Proposals for the EuroBSDCon 2017 conference which will take place in
Paris, France from 21st through 24th of September 2017:

https://2017.eurobsdcon.org/call-for-proposals/

Closing date for the CfP is April, 30th.

_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce

Scientific Linux 5 End of Life

Scientific Linux 5 has reached its End of Life.

After March 31 2017 Scientific Linux 5 will not receive further updates
and the files will be archived.

The existing files will be moved into
http://ftp.scientificlinux.org/linux/scientific/obsolete/ for archival
purposes after March 31 2017.

This will break existing yum repos and kickstarts using the official
distribution servers.

Thursday, March 30, 2017

[USN-3216-2] Firefox regression

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJY3YFRAAoJEGEfvezVlG4PY+AH/AysypB/Cr7KtmJR54979TP6
oStwhro/MYy3/G0iQIEWtkSvoBosmx9dlDSsZWEQTPkt7pJMcxdTd7koUSylvVSa
chFLaVLhHiQIMTwFivzoBSdESN0r9r49Y7KZWf5BXpH5bUoLSVIR+JbS3fpdEtsh
87AylRW0VKuh68x5W5s6O8ZpyhbRkzpJDtsUkWuYiSQiaj+W55Noax6jZ0gER64V
JXEFV3JLNt8Yemi0wk6n776REFyLGCcB4mfup87GbiiFplXXmTryGEbObsUkdp1o
hUZo8BrKoB5f2dN6eICChwU4KL1LJRPdLogYIxaln45V1BUzfPLuap+VbBNxcCM=
=gLEP
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3216-2
March 30, 2017

firefox regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

USN-3216-1 introduced a regression in Firefox.

Software Description:
- firefox: Mozilla Open Source web browser

Details:

USN-3216-1 fixed vulnerabilities in Firefox. The update resulted in a
startup crash when Firefox is used with XRDP. This update fixes the
problem.

We apologize for the inconvenience.

Original advisory details:

Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to bypass same origin restrictions, obtain
sensitive information, spoof the addressbar, spoof the print dialog,
cause a denial of service via application crash or hang, or execute
arbitrary code. (CVE-2017-5398, CVE-2017-5399, CVE-2017-5400,
CVE-2017-5401, CVE-2017-5402, CVE-2017-5403, CVE-2017-5404, CVE-2017-5405,
CVE-2017-5406, CVE-2017-5407, CVE-2017-5408, CVE-2017-5410, CVE-2017-5412,
CVE-2017-5413, CVE-2017-5414, CVE-2017-5415, CVE-2017-5416, CVE-2017-5417,
CVE-2017-5418, CVE-2017-5419, CVE-2017-5420, CVE-2017-5421, CVE-2017-5422,
CVE-2017-5426, CVE-2017-5427)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
firefox 52.0.2+build1-0ubuntu0.16.10.1

Ubuntu 16.04 LTS:
firefox 52.0.2+build1-0ubuntu0.16.04.1

Ubuntu 14.04 LTS:
firefox 52.0.2+build1-0ubuntu0.14.04.1

Ubuntu 12.04 LTS:
firefox 52.0.2+build1-0ubuntu0.12.04.1

After a standard system update you need to restart Firefox to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3216-2
http://www.ubuntu.com/usn/usn-3216-1
https://launchpad.net/bugs/1671079

Package Information:
https://launchpad.net/ubuntu/+source/firefox/52.0.2+build1-0ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/firefox/52.0.2+build1-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/firefox/52.0.2+build1-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/firefox/52.0.2+build1-0ubuntu0.12.04.1

[USN-3242-2] Samba regression

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJY3U5oAAoJEGVp2FWnRL6TJ70P/RKaVJOBQzoH112bpk/swAYd
wpmyYQ3hHca6CdUDThPv06qYksBfrC7S9lntSAIEXuKIGj/SMv/kJo2t66L1PkLZ
KKPd2UyUjFVgxLwDNoP1LQwYc5wYfl/2ZGAHaKh06MCsM50n55RR+aDeh3EU8W9K
utZtMZGCtAqci0DKyUSsnuBJ358BN0xRSe63IweyjjyLEPkItmr2AcDGqu1VyOaw
Zz/d/n+4pGOxP8DDWQgEuPPzbhCl/451X3hkWsnn+8dTocgeH2AOwjJt91LgWRKE
5d5eK3FE5yzocG3VJ3vpzPsxk+jAp1vI/V/K09+qr+aNlcPUenjmZp/qqIU/UpjA
ZsTniio381bhLfAoeNmZDG9Tozy3vbGpOFoKumutIh6wuEre05wEvAwQLY2uRXW8
vamhZuwvYhHR6Mbxe2nIAqEwwhp7aqokLOXSxnUv4CmXNR/NMTDzh/1MpNfitJ15
6QSKQKzqpycYSXP0EkABmWciaeFT2CHGp2Xs6vw9UxXkooXlzBj+R5j9NtQk6gdZ
MjmGdTdi26MhbdRvIxcrSpycz5fyXddRtS7yrMpHm3/9hlE5mQVlSyLFHe+QvkT7
kVICZbX069SvGHZBdFqaXFcMfVW12ZtQbHzjvkafczlTPOlfz5txxFy981wZGV+f
X8YV9lwq/iqiQqucmqbz
=/hUX
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3242-2
March 30, 2017

samba regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

USN-3242-1 introduced a regression in Samba.

Software Description:
- samba: SMB/CIFS file, print, and login server for Unix

Details:

USN-3242-1 fixed a vulnerability in Samba. The upstream fix introduced a
regression when Samba is configured to disable following symbolic links.

This update fixes the problem.

Original advisory details:

Jann Horn discovered that Samba incorrectly handled symlinks. An
authenticated remote attacker could use this issue to access files on the
server outside of the exported directories.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
samba 2:4.4.5+dfsg-2ubuntu5.5

Ubuntu 16.04 LTS:
samba 2:4.3.11+dfsg-0ubuntu0.16.04.6

Ubuntu 14.04 LTS:
samba 2:4.3.11+dfsg-0ubuntu0.14.04.7

Ubuntu 12.04 LTS:
samba 2:3.6.25-0ubuntu0.12.04.10

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3242-2
http://www.ubuntu.com/usn/usn-3242-1
https://launchpad.net/bugs/1675698

Package Information:
https://launchpad.net/ubuntu/+source/samba/2:4.4.5+dfsg-2ubuntu5.5
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.16.04.6
https://launchpad.net/ubuntu/+source/samba/2:4.3.11+dfsg-0ubuntu0.14.04.7
https://launchpad.net/ubuntu/+source/samba/2:3.6.25-0ubuntu0.12.04.10

Fedora 26 Alpha RC1.7 has been declared as GOLD and the status is GO

On the third round of Fedora 26 Alpha Go/No-Go Meeting, has just been
Fedora 26 Alpha RC1.7 declared as GOLD.
GA of this release is planed on Tuesday 2017-April-04.

Meeting details can be seen here:
Minutes: https://meetbot.fedoraproject.org/fedora-meeting-2/2017-03-30/f26-alpha-go-no-go-meeting-3rd.2017-03-30-17.00.html
Log: https://meetbot.fedoraproject.org/fedora-meeting-2/2017-03-30/f26-alpha-go-no-go-meeting-3rd.2017-03-30-17.00.log.html

Thanks everyone who participated on this Alpha release!

Regards,
Jan
--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org

[FreeBSD-Announce] Google Summer of Code Student Deadline

Hi everyone,
There's still time for students to submit their proposals to work with the FreeBSD Project for the 2017 Google Summer of Code. The Student Application Deadline is Monday, April 3. Below is a link to an informational flyer. Please share with anyone you think might be interested.

https://www.freebsdfoundation.org/wp-content/uploads/2017/03/gsoc2017_flyer.pdf

Thanks
Anne

Anne Dickison
Marketing Director
FreeBSD Foundation
510.332.8323
_______________________________________________
freebsd-announce@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"

Wednesday, March 29, 2017

Announce: Fedora Layered Image Release

Hello all,
On behalf of the Fedora Atomic WG[0] and Fedora Release
Engineering[1], I am pleased to announce the latest Fedora Layered
Image Release. This follows the latest Atomic Host Release that came
out yesterday[2].

At this time the following Container Images are available in the
Fedora Registry.

Base Images:

(Note that the "latest" tag currently points to "25" and the "rawhide"
tag currently points to "27", if no tag is provided in your pull
command then it will always default to "latest")

registry.fedoraproject.org/fedora:latest
registry.fedoraproject.org/fedora:rawhide
registry.fedoraproject.org/fedora:27
registry.fedoraproject.org/fedora:26
registry.fedoraproject.org/fedora:25
registry.fedoraproject.org/fedora:24

Layered Images:

(Note: Layered Images are namespaced in the registry and at this time
we are only releasing for the f25 namespace.)

As a reminder, the source of this content is provided in DistGit which
can easily be searched via the container-specific pkgdb namespace[3].

As always, we welcome feedback and would encourage anyone interested
to come join the Fedora Atomic WG[0] as we continue to iterate on
integrating the Project Atomic[4] family of technologies into Fedora.
Anyone interested in contributing Container Images, please feel free
to join in and submit one for Review[5][6].

Thank you,
-AdamM

[0] - https://pagure.io/atomic-wg
[1] - https://docs.pagure.org/releng/
[2] - https://lists.fedoraproject.org/archives/list/cloud@lists.fedoraproject.org/thread/7MTNJIPL4EJOS7WXX6W65JU6S4SI4QEM/
[3] - https://admin.fedoraproject.org/pkgdb/packages/docker/%2A/
[4] - https://www.projectatomic.io/
[5] - https://fedoraproject.org/wiki/Container:Review_Process
[6] - https://fedoraproject.org/wiki/Container:Guidelines
[7] - https://github.com/jessfraz/reg/tree/master/server
[8] - https://bugzilla.redhat.com/show_bug.cgi?id=1432214
_______________________________________________
announce mailing list -- announce@lists.fedoraproject.org
To unsubscribe send an email to announce-leave@lists.fedoraproject.org

[USN-3251-2] Linux kernel (HWE) vulnerability

==========================================================================
Ubuntu Security Notice USN-3251-2
March 30, 2017

linux-hwe vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux-hwe: Linux hardware enablement (HWE) kernel

Details:

USN-3251-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.10.
This update provides the corresponding updates for the Linux Hardware
Enablement (HWE) kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS.

It was discovered that the xfrm framework for transforming packets in the
Linux kernel did not properly validate data received from user space. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code with administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.8.0-45-generic 4.8.0-45.48~16.04.1
linux-image-4.8.0-45-generic-lpae 4.8.0-45.48~16.04.1
linux-image-4.8.0-45-lowlatency 4.8.0-45.48~16.04.1
linux-image-generic-hwe-16.04 4.8.0.45.17
linux-image-generic-lpae-hwe-16.04 4.8.0.45.17
linux-image-lowlatency-hwe-16.04 4.8.0.45.17

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3251-2
http://www.ubuntu.com/usn/usn-3251-1
CVE-2017-7184

Package Information:
https://launchpad.net/ubuntu/+source/linux-hwe/4.8.0-45.48~16.04.1

[USN-3251-1] Linux kernel vulnerability

==========================================================================
Ubuntu Security Notice USN-3251-1
March 29, 2017

linux, linux-raspi2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux: Linux kernel
- linux-raspi2: Linux kernel for Raspberry Pi 2

Details:

It was discovered that the xfrm framework for transforming packets in the
Linux kernel did not properly validate data received from user space. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code with administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
linux-image-4.8.0-1032-raspi2 4.8.0-1032.35
linux-image-4.8.0-45-generic 4.8.0-45.48
linux-image-4.8.0-45-generic-lpae 4.8.0-45.48
linux-image-4.8.0-45-lowlatency 4.8.0-45.48
linux-image-4.8.0-45-powerpc-e500mc 4.8.0-45.48
linux-image-4.8.0-45-powerpc-smp 4.8.0-45.48
linux-image-generic 4.8.0.45.57
linux-image-generic-lpae 4.8.0.45.57
linux-image-lowlatency 4.8.0.45.57
linux-image-powerpc-e500mc 4.8.0.45.57
linux-image-powerpc-smp 4.8.0.45.57
linux-image-raspi2 4.8.0.1032.36

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3251-1
CVE-2017-7184

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.8.0-45.48
https://launchpad.net/ubuntu/+source/linux-raspi2/4.8.0-1032.35

[USN-3250-2] Linux kernel (Trusty HWE) vulnerability

==========================================================================
Ubuntu Security Notice USN-3250-2
March 29, 2017

linux-lts-trusty vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise

Details:

USN-3250-1 fixed a vulnerability in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 LTS.

It was discovered that the xfrm framework for transforming packets in the
Linux kernel did not properly validate data received from user space. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code with administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.13.0-115-generic 3.13.0-115.162~precise1
linux-image-3.13.0-115-generic-lpae 3.13.0-115.162~precise1
linux-image-generic-lpae-lts-trusty 3.13.0.115.106
linux-image-generic-lts-trusty 3.13.0.115.106

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3250-2
http://www.ubuntu.com/usn/usn-3250-1
CVE-2017-7184

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-trusty/3.13.0-115.162~precise1

[USN-3250-1] Linux kernel vulnerability

==========================================================================
Ubuntu Security Notice USN-3250-1
March 29, 2017

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux: Linux kernel

Details:

It was discovered that the xfrm framework for transforming packets in the
Linux kernel did not properly validate data received from user space. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code with administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-3.13.0-115-generic 3.13.0-115.162
linux-image-3.13.0-115-generic-lpae 3.13.0-115.162
linux-image-3.13.0-115-lowlatency 3.13.0-115.162
linux-image-3.13.0-115-powerpc-e500 3.13.0-115.162
linux-image-3.13.0-115-powerpc-e500mc 3.13.0-115.162
linux-image-3.13.0-115-powerpc-smp 3.13.0-115.162
linux-image-3.13.0-115-powerpc64-smp 3.13.0-115.162
linux-image-generic 3.13.0.115.125
linux-image-generic-lpae 3.13.0.115.125
linux-image-lowlatency 3.13.0.115.125
linux-image-powerpc-e500 3.13.0.115.125
linux-image-powerpc-e500mc 3.13.0.115.125
linux-image-powerpc-smp 3.13.0.115.125
linux-image-powerpc64-smp 3.13.0.115.125

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3250-1
CVE-2017-7184

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.13.0-115.162

[USN-3249-2] Linux kernel (Xenial HWE) vulnerability

==========================================================================
Ubuntu Security Notice USN-3249-2
March 30, 2017

linux-lts-xenial vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty

Details:

USN-3249-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.

It was discovered that the xfrm framework for transforming packets in the
Linux kernel did not properly validate data received from user space. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code with administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-4.4.0-71-generic 4.4.0-71.92~14.04.1
linux-image-4.4.0-71-generic-lpae 4.4.0-71.92~14.04.1
linux-image-4.4.0-71-lowlatency 4.4.0-71.92~14.04.1
linux-image-4.4.0-71-powerpc-e500mc 4.4.0-71.92~14.04.1
linux-image-4.4.0-71-powerpc-smp 4.4.0-71.92~14.04.1
linux-image-4.4.0-71-powerpc64-smp 4.4.0-71.92~14.04.1
linux-image-generic-lpae-lts-xenial 4.4.0.71.58
linux-image-generic-lts-xenial 4.4.0.71.58
linux-image-lowlatency-lts-xenial 4.4.0.71.58
linux-image-powerpc-e500mc-lts-xenial 4.4.0.71.58
linux-image-powerpc-smp-lts-xenial 4.4.0.71.58
linux-image-powerpc64-smp-lts-xenial 4.4.0.71.58

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3249-2
http://www.ubuntu.com/usn/usn-3249-1
CVE-2017-7184

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-71.92~14.04.1

[USN-3249-1] Linux kernel vulnerability

==========================================================================
Ubuntu Security Notice USN-3249-1
March 29, 2017

linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-raspi2: Linux kernel for Raspberry Pi 2
- linux-snapdragon: Linux kernel for Snapdragon Processors

Details:

It was discovered that the xfrm framework for transforming packets in the
Linux kernel did not properly validate data received from user space. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code with administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
linux-image-4.4.0-1009-gke 4.4.0-1009.9
linux-image-4.4.0-1012-aws 4.4.0-1012.21
linux-image-4.4.0-1051-raspi2 4.4.0-1051.58
linux-image-4.4.0-1054-snapdragon 4.4.0-1054.58
linux-image-4.4.0-71-generic 4.4.0-71.92
linux-image-4.4.0-71-generic-lpae 4.4.0-71.92
linux-image-4.4.0-71-lowlatency 4.4.0-71.92
linux-image-4.4.0-71-powerpc-e500mc 4.4.0-71.92
linux-image-4.4.0-71-powerpc-smp 4.4.0-71.92
linux-image-4.4.0-71-powerpc64-smp 4.4.0-71.92
linux-image-aws 4.4.0.1012.15
linux-image-generic 4.4.0.71.77
linux-image-generic-lpae 4.4.0.71.77
linux-image-gke 4.4.0.1009.11
linux-image-lowlatency 4.4.0.71.77
linux-image-powerpc-e500mc 4.4.0.71.77
linux-image-powerpc-smp 4.4.0.71.77
linux-image-powerpc64-smp 4.4.0.71.77
linux-image-raspi2 4.4.0.1051.52
linux-image-snapdragon 4.4.0.1054.47

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3249-1
CVE-2017-7184

Package Information:
https://launchpad.net/ubuntu/+source/linux/4.4.0-71.92
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1012.21
https://launchpad.net/ubuntu/+source/linux-gke/4.4.0-1009.9
https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1051.58
https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1054.58

[USN-3248-1] Linux kernel vulnerability

==========================================================================
Ubuntu Security Notice USN-3248-1
March 29, 2017

linux, linux-ti-omap4 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux: Linux kernel
- linux-ti-omap4: Linux kernel for OMAP4

Details:

It was discovered that the xfrm framework for transforming packets in the
Linux kernel did not properly validate data received from user space. A
local attacker could use this to cause a denial of service (system crash)
or execute arbitrary code with administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.2.0-125-generic 3.2.0-125.168
linux-image-3.2.0-125-generic-pae 3.2.0-125.168
linux-image-3.2.0-125-highbank 3.2.0-125.168
linux-image-3.2.0-125-omap 3.2.0-125.168
linux-image-3.2.0-125-powerpc-smp 3.2.0-125.168
linux-image-3.2.0-125-powerpc64-smp 3.2.0-125.168
linux-image-3.2.0-125-virtual 3.2.0-125.168
linux-image-3.2.0-1503-omap4 3.2.0-1503.130
linux-image-generic 3.2.0.125.140
linux-image-generic-pae 3.2.0.125.140
linux-image-highbank 3.2.0.125.140
linux-image-omap 3.2.0.125.140
linux-image-omap4 3.2.0.1503.98
linux-image-powerpc-smp 3.2.0.125.140
linux-image-powerpc64-smp 3.2.0.125.140
linux-image-virtual 3.2.0.125.140

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
http://www.ubuntu.com/usn/usn-3248-1
CVE-2017-7184

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.2.0-125.168
https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.2.0-1503.130

[USN-3236-1] Oxide vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJY3BwmAAoJEGEfvezVlG4PQ2wH/2/38r612jex/DDkhzbsFHeT
Tclmf9rNT8Sl8hwtvWn2kgE2fRSFyFiWNpl0zwRQJeKtTJY0/5G3SV0Odj1UaByi
AbRU0Z+7fKQqGU/iKIkVBmF81Veypv0sa+YvnqqSw3/iFLRfgA53y2N9YuRZ1Gxc
g5VoPej5UVOVVr5DidKCW2BQvPc6tM/HGlOnWR0vfqXagXNAX/ulQOatsuqQRrbj
sF5ZqneWBUmF+9zppdSlTA6k3ukrfOpu3bCZVDqtm7/twcF8byWLKzZm54IXOLSY
TDg9s+uXAbxR8nlTaI+w83fXTK4hPU/Vovfj6xtuCuKjwoStXVuJPDVs7o2wcKQ=
=6QDO
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3236-1
March 29, 2017

oxide-qt vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Several security issues were fixed in Oxide.

Software Description:
- oxide-qt: Web browser engine for Qt (QML plugin)

Details:

Multiple vulnerabilities were discovered in Chromium. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to obtain sensitive information, spoof
application UI by causing the security status API or webview URL to
indicate the wrong values, bypass security restrictions, cause a denial
of service via application crash, or execute arbitrary code.
(CVE-2017-5029, CVE-2017-5030, CVE-2017-5031, CVE-2017-5033,
CVE-2017-5035, CVE-2017-5037, CVE-2017-5040, CVE-2017-5041, CVE-2017-5044,
CVE-2017-5045, CVE-2017-5046)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
liboxideqtcore0 1.21.5-0ubuntu0.16.10.1

Ubuntu 16.04 LTS:
liboxideqtcore0 1.21.5-0ubuntu0.16.04.1

Ubuntu 14.04 LTS:
liboxideqtcore0 1.21.5-0ubuntu0.14.04.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3236-1
CVE-2017-5029, CVE-2017-5030, CVE-2017-5031, CVE-2017-5033,
CVE-2017-5035, CVE-2017-5037, CVE-2017-5040, CVE-2017-5041,
CVE-2017-5044, CVE-2017-5045, CVE-2017-5046

Package Information:
https://launchpad.net/ubuntu/+source/oxide-qt/1.21.5-0ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/oxide-qt/1.21.5-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/oxide-qt/1.21.5-0ubuntu0.14.04.1

Re: [announce] The UNIX Archives : Alcatel-Lucent releases source for 8th, 9th and 10th editions of Unix

Hello Eveyone
It was pointed out that I turned off directory indexing , on the
mirror. I turned this back on . Sorry for the confusion. AIso I
think for the next edition of Weird NJ we should petition
them to do a story about UNIX and NJ. :)

On Tue, Mar 28, 2017 at 2:56 PM, NYC*BUG Announcements
<announce@lists.nycbug.org> wrote:
> All
>
> Alcatel-Lucent releases source for 8th, 9th and 10th editions of Unix
> and we now have a copy at
>
> http://mirrors.nycbug.org/pub/The_Unix_Archive/Distributions/Research/
>
> Enjoy and happy hacking
>
>
> --
> mark saad | nonesuch@longcount.org
>
> _______________________________________________
> announce mailing list
> announce@lists.nycbug.org
> http://lists.nycbug.org/mailman/listinfo/announce

--
mark saad | nonesuch@longcount.org

_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce

[CentOS-announce] CESA-2017:0838 Moderate CentOS 7 openjpeg Security Update

CentOS Errata and Security Advisory 2017:0838 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0838.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
57a8fc263d03f7068f90fad0af9773efa9cf500409b53f48edeb7d0c3c6511a7 openjpeg-1.5.1-16.el7_3.x86_64.rpm
9cceb4fcf9673742e58eb15e268006095d383559a9e940b68b763f5ec3aa3370 openjpeg-devel-1.5.1-16.el7_3.i686.rpm
b9a6b4f0f4cc33ba18812f76e951854567e6fe8e7c9207a735f5e225713ffc4c openjpeg-devel-1.5.1-16.el7_3.x86_64.rpm
09096384201d44cdfc09368f80de68eaa47c55620d0aeba86234375264e44281 openjpeg-libs-1.5.1-16.el7_3.i686.rpm
cba929afdd67e4932f76e1efd5dbf946405be2878039b2ff898113053be52ec8 openjpeg-libs-1.5.1-16.el7_3.x86_64.rpm

Source:
ae0181b3ce23493cc653e78af26486a4eccdf278d1b5fc099bb96df36d94685a openjpeg-1.5.1-16.el7_3.src.rpm

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2017:0839 CentOS 7 tzdata BugFix Update

CentOS Errata and Bugfix Advisory 2017:0839

Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-0839.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
ef2ac10ca81fa29dc5c72043e7252fcddbee257c98a53cf64a25c253e38c191e tzdata-2017b-1.el7.noarch.rpm
8837c0389dc7788ce52a92338a7d72e83148bf7680a9a20a7223b5067ae89d34 tzdata-java-2017b-1.el7.noarch.rpm

Source:
e73813d365d3de442ae2e7fbf456c7494ed6b415b41f6ecd0831fb4c950250f1 tzdata-2017b-1.el7.src.rpm

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CESA-2017:0837 Important CentOS 7 icoutils Security Update

CentOS Errata and Security Advisory 2017:0837 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0837.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
0f76b00e410e81cde0b6b4be09548c1bb87acfcb09aa6707e20e63339d768d36 icoutils-0.31.3-1.el7_3.x86_64.rpm

Source:
50e48f018d8550d885c50e15e6f07033da72f30d497b9f183843ca8d21dd4c63 icoutils-0.31.3-1.el7_3.src.rpm

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[CentOS-announce] CEBA-2017:0823 CentOS 7 selinux-policy BugFix Update

CentOS Errata and Bugfix Advisory 2017:0823

Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-0823.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

x86_64:
b7655ac40262e437f9150ab7b23cb0caba2c5a914083d7d89aca0093e15ea30f selinux-policy-3.13.1-102.el7_3.16.noarch.rpm
dccc0451d8e822c0e6b1f45f8437fc27005270f86ace45114ca01b339bf39f76 selinux-policy-devel-3.13.1-102.el7_3.16.noarch.rpm
357e9d0c2cc9894ce512dfd37071297626604b2c6f424f156cfae51a0ffdeb47 selinux-policy-doc-3.13.1-102.el7_3.16.noarch.rpm
c50eb3168371899ae5d39e5088733f59fed60836c884a59339089afa73bc8b2d selinux-policy-minimum-3.13.1-102.el7_3.16.noarch.rpm
9da71a2db1b9ae05910c8a448c2e649c1b991c10a22f9e15b48b3814ff61f2f6 selinux-policy-mls-3.13.1-102.el7_3.16.noarch.rpm
afcfda72700317168719f55f95233ae3733d003df50029256ac8e701b5b04491 selinux-policy-sandbox-3.13.1-102.el7_3.16.noarch.rpm
35b53b8646de10c01263b008b4e1f5a16c22a2068cf48f46aa238b551cbaab93 selinux-policy-targeted-3.13.1-102.el7_3.16.noarch.rpm

Source:
8b974ed11551356b4f906ad5e0940dc2e74d57171105622ab88ab3c8b7c23263 selinux-policy-3.13.1-102.el7_3.16.src.rpm

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

Tuesday, March 28, 2017

reallost1.fbsd2233449：如何设计薪酬体系,让员工无抱怨 hkxnj

《企业绩效考核与薪酬体系设计实战特训班》

【主讲：蔡巍】

【培训时间】2017年 4月14-16北京、4月18-20日21-23深圳

【培训对象】企、事业单位董事长、总经理、人力资源总监、人力资源经理、绩效、薪酬等

【培训费用】5400/ 人 (课程、教材、午餐、茶点等费用)

【报名热线】021-31006787 、0755-61280006 13381601000 许先生

【QQ/微信】 320588808

温馨提示：本课程是2+1课程，第1-2天《绩效考核暨KPI+BSC 实战训练营》
第3天《岗位分析与薪酬设计管理培训》
认证费用：中级证书1000元/人;高级证书1200元/人(参加认证考试的学员须交纳此费用，不参加认证考试的学员无须交纳)

备注:
1.高级证书申请须同时进行理论考试和提交论文考试，学员在报名参加培训和认证时请提前准备好论文并随理论考试试卷一同提交。
2.凡希望参加认证考试之学员，在培训结束后参加认证考试并合格者，颁发与所参加培训课程专业领域相同之："香港培训认证中心HKTCC国际职业资格认证中心《国际注册中（高）级人力资源管理（师）》职业资格证书"。（国际认证／全球通行／雇主认可／联网查询）。
3.课程结束后10日内将证书快递寄给学员；

注：如不需此类信件信息，请转发送"删除"至tuiding02@163.com,我们会及时处理，谢谢您的理解。

【课程背景】
现代企业管理，更注重"以人为本"的人性化管理模式，企业管理的重点也日趋体现在对人的管理策略上。作为现代企业的人力资源管理者，应以战略高度构建高效实用的人力资源管理系统，建立科学考核激励制度和先进的企业薪酬体系，以最大限度地激发人才潜能，来创建优秀团队，并推动组织变革与创新，最终实现组织的持续发展。我们针对中国企业在推行西方管理模式中的种种弊端和疑惑，以及中国企业目前正处于改革与创新时期，特举办"企业绩效考核与薪酬管理实战特训班"。由著名人力资源专家蔡巍讲授，旨在帮助企业家、人力资源经理开阔思路，激发灵感，培养带领企业持续健康发展的卓越人力资源管理人才，欢迎参加！

【课程目标】
了解薪酬改革背景，更新观念，理清改革思路，明确改革目标，
了解岗位测评的相关知识，科学进行岗位测评；
认识绩效管理的重要性、并正确理解绩效管理，
学习考核的方法，全面了解绩效管理的运作程序和设计方法，
重点学习KPI、并介绍平衡计分卡，
了解绩效管理推进中的问题、并避免运作中的误区。

课程大纲:

绩效考核暨KPI+BSC 实战训练营大纲（2天）：
推行KPI与绩效管理体系需要解决的三大问题
1、企业建立绩效体系所面临的方法问题；
   以感觉为基础判断还是以事实为基础判断？
   短期考核还是长期考核？
   短期利益还是长期利益？
   关键业绩还是非关键业绩？
   绩效管理如何与战略接口？
   KPI成绩与奖金挂钩的问题？
2、经理人与员工的认识对推行绩效管理的影响；
   传统文化对绩效管理的影响
   为什么不愿意实现大大超额目标
   为什么推行绩效管理这么困难？
3、管理基础对推行KPI的影响

第一部分绩效制度设计
一、绩效制度设计的总体思路
1、目的是起点
2、其次考核结果应该如何运用，激励效果如何
3、然后选择考核的方式与方法
4、没有公平制度推行不下去
二、绩效制度设计——考核所采用的方法
1、行为还是业绩
2、模糊感觉判断法；
3、关键事件法
4、360°评估；
5、强制分布法；
   要不要排名？
   绩效排名设几档才合理；
   绩效排名每个档次设计什么比例才合理；
   谁和谁排名几个三种常见的方式的优缺点设计；
   部门人数很少怎么排名？
   主管是否要和员工一起排名？
   按照编制排名还是按照实际人数排名？
   经理给员工轮流坐庄怎么办？
   排名是要激励大多数，还是激励一小部分人？
   排名的程序
6、kpi与okr；
7、几种方法之间的关系
三、绩效管理的周期
1、短期考核与长期考核
2、短期与长期如何结合
3、长期考核成绩就是短期考核的平均吗？
四、绩效制度每个章节需要什么内容
1、绩效管理的总则
2、绩效计划
3、绩效辅导
4、考核评价
5、绩效改进

第二部分如何建立公司以业绩为核心的指标体系与绩效合同
一、KPI操作中的几个基本问题
1、什么是目标与指标
2、KPI指标的基本属性与操作注意要点
   为什么评价起来感觉很难操作——刻度问题；
   他们为什么不接受这些考核指标——可控性问题
   为什么考核这些指标后适得其反——行为问题
   选择kpi的维度
   有效性
   操作成本
   区分度
二、平衡计分卡——公司整体指标的设计
1、什么是平衡计分卡；
2、企业操作平衡计分卡的误区；
3、战略与平衡计分卡有什么关系？——战略与战略地图；
4、如何编制战略地图
5、战略地图编制需要注意的10个问题
6、平衡计算分卡落实的三种方式；
三．如何分解KPI
KPI如果不分解落实下去，就会失去了基础，但是分解KPI的过程中会遇到很多问题，比如：一个kpi指标和好多部门都有关系，到底考核谁好呢？
如何解决这些问题呢？如何将KPI分解落实下去呢？
1、指标分解所需要解决的问题
   团队业绩与个体业绩之间的矛盾
2、分解指标的2种基本思想
   按照驱动因素分解指标；
   按照责任人分解指标；
3、按照驱动因素分解KPI指标，上级指标与下级指标之间的关系
4、按照驱动因素分解的四种方法
   按照指标的结构分解法；
   OAM分解法；
   贡献路径图法；
   流程关键控制点法；
   四种方法的优缺点；
   企业如何结合自己的实际情况选择分解的方法；
5、分解KPI指标的注意问题：
   权利对指标分解的影响、
   组织结构的影响、
   职责划分对指标分解的影响
   硬件条件与软件条件对指标分解的影响
四．指标词典的编制
指标找到了就万事大吉了？还存在什么问题呢？为什么需要定义KPI，怎样定义KPI?
1、为什么需要定义KPI
2、财务指标定义时，需要注意的问题；
   收入类指标需要注意的问题
   成本指标考核需要注意的问题
   费用类指标需要注意的问题
3、非财务指标，定义时需要注意的问题；
4、谁来提供数据——自己提供，别人提供，利益相关者提供？
五、任务指标如何定义
职能部门的指标，有些无法量化，该如何定义？
1、职能部门工作的特点；
2、什么是任务指标；
3、难度不同的任务考核
4、工作量不均衡如何处理？
5、谁来制定任务？
6、临时任务多如何处理？
7、任务指标的定义模式；
8、不同领导对员工考核，把我制度不一样要如何处理？
六．目标值的确定
找到了衡量指标就可以了嘛？如何确定目标呢？超过了目标应该计多少分？没有达到目标应该得多少分？
1、设定目标的痛苦；
2、没有历史数据怎么办？
   先定目标在修改，还是先不考核，先积累数据再考核？
3、原点法定目标？还是突破发定目标？
4、原点法需要注意的问题：一刀切？回归分析？
5、突破法定目标需要注意的问题：预测的不准确，是否要修改目标？
6、能不能不定目标，让员工你追我赶——赛马法
7、资源配置对目标设定的影响；
8、淡季旺季，对目标设定的影响；
9、制定目标的程序
10、目标冲突的处理
七、KPI的计分方式
1、计分规则有哪些类别
   比率法；
   层差法；
   说明法；
2、计分规则设计要素
   要不要封顶？
   难度不同怎么区分？
   要不要倒扣分
   不同计分规则设计的要素；
八．权重的设计
1、什么是指标的组合方式；
2、组合方式的种类；
3、设置权重的步骤与注意问题；

第三部分推行绩效管理的问题与对策
推行绩效管理所遇到的问题与对策；
推行KPI不只是人力资源部门或者企管部门的事情，KPI在推行过程中有哪些问题与难点呢？
一、在公司推行绩效需要解决的问题
1、推行者需要能够逻辑自恰——自圆其说
2、经理人的观念问题
3、经理人的技巧问题
   目标指标设定的技巧
   绩效沟通的技巧
   绩效辅导的技巧
二、推行需要注意的问题
1、最高领导的支持
2、同事们的支持
3、快乐考核与痛苦考核
4、推行的时机选择
   内部压力与外部压力
三、推行绩效管理的策略
1、分层次推行与全员推行
2、局部试点与全员推行
3、与激励挂钩的比例问题

岗位分析与薪酬设计课程大纲（1天）：
引子
什么是薪酬；
人力资源价值链；
职位、人、市场、绩效对薪酬的影响；
薪酬设计的框架
薪酬设计中的矛盾：
岗位与技能的矛盾
能力与业绩的矛盾
内部公平与外部公平的矛盾
团队与个体的矛盾

一、岗位分析部分：
1、什么是岗位分析
   什么是岗位分析；
   岗位分析需要分析什么内容；
   职责
   任职资格
   编制
2、职责编制的方法
   职责编制的方法；
   分工需要考虑的问题；
   纵向分工
   横向分工——专业化还是工作扩大化
   如何编制岗位职责；
3、任职资格与晋升通道的设计
   职位族划分与晋升通道的设计；
   岗位任职资格编制的方法；
4、如何确定编制的工具方法
   业务数据分析法；
   劳动效率定编法；
   比例法；
   预算控制法；

二、薪酬设计需要解决的矛盾——内部公平性
1、为什么要职位评估；
2、职位评估所使用的方法；
3、常见的职位评估的工具介绍；
4、如何设计或者选择职位评估模型；
5、职位评估的程序与注意问题；
6、职位评估案

三、薪酬设计需要解决的矛盾——外部公平性
1、什么是外部公平性；
2、如何进行薪酬调查；
   如何自己做调查；
   如何选择薪酬调查公司；
3、如何处理薪酬调查的数据；
4、如何确定薪酬水平；
5、中位值级差的计算；

四、薪酬结构的划分；
1、什么是薪酬结构；
2、薪酬的幅度与重叠度的计算；
3、宽带还是窄带；
4、固定与变动比例的划分需要考虑的问题
   薪酬水平
   行业特点
   管理层次
   历史传统；
   职位序列；

五、薪酬与能力的关系
1、薪酬为什么需要和能力挂钩；
2、什么情况下需要与能力挂钩；
3、技能薪酬帮助企业解决的三个问题；
4、如何评估员工能力；
5、加薪是以能力为核心，还是以业绩为核心；

六、绩效工资发放需要考虑的问题
1、按照分数发还是按照绩效排名；
2、绩效排名需要考虑的问题
   排名的比例；
   谁和谁排名？
   按照编制排名还是按照实际人数排名；
   轮流坐庄怎么办？
   排名的程序
3、如何将目标与奖金挂钩的方式
   联合基数确定法；
   赛马法

七、奖金设计如何使公司、部门、个人三挂钩；
1、几种公司、部门、个人奖金挂钩模式的思考；
2、几种模式优缺点的对比；
3、集团公司下属分子公司的效益是否要与集团公司挂钩？

八、奖金设计与外部因素的影响
1、老总的奖金究竟该不该发？
2、采购经理的奖金究竟该不该发？
3、如果过滤外部因素的影响

九、企业内各部门奖金设计的要点
1、销售部门提成制，还是奖金制？
2、项目类型工作奖金的设计；
3、生产部门奖金的设计；

十、发奖金的周期
1、奖金周期与考核周期；
2、年终奖还是年中奖；
3、时机选择要考虑的要点；
4、奖金的滞后性；

十一、薪酬管理
1、薪酬分析；
   企业宏观的薪酬分析——投入产出；
   微观的薪酬分析——内部竞争比率与外部竞争比率；
2、如何给员工设计加薪
   按照业绩考核成绩加薪；
   分数与排名对加薪的影响；
   按照能力加薪；
   按照能力与业绩综合考虑加薪；
   按照能力与业绩与员工在宽带中的位置加薪；
3、薪酬预算与控制

导师简介 ----【蔡巍】
    国内知名的人力资源管理实务专家，工商管理硕士，权威人力资源管理实战专家，特别在绩效与薪酬体系设计方面有很深的造诣，形成了自己特有的实战方法，从2000年开始从事咨询行业，积累的丰富的实战经验，蔡老师上课所讲述的案例，大多为自己亲自实践的企业，蔡老师于2005年进入培训行业，开始将自己的实践经验传授给众多企业，先后为汽车、家电、航空、电力、互联网、金融等众多行业提供咨询与培训服务。
    在咨询培训之于，蔡老师拙作颇丰。2001年，在中华英才网绩效管理bbs里面，首发了《兔子与猎狗——人力资源管理的目标是什么》，于2002年，出版了第一本著作《奔跑的蜈蚣：如何以考核促进成长》、于2003年《吹口哨的黄牛：以薪酬留住人才》、2004年《KPI，"关键绩效"指引成功》、2005年《BSC，"平衡计分"保证发展》，2006年出版了《人力资源部》，2007年出版了《如何发奖金》受到企业的高度重视，和给予极高的评介。
    蔡老师授课风格严禁务实，逻辑性强，上课从不讲述与主题无关的废话，注重实际操作。
    培训采用案例研讨、情景模拟、视频教学等多种方式将复杂的原理深入浅出的传达给学员。
曾经辅导与参加过蔡老师培训的企业有：
百度、金信、伊利集团、浦东机场、青岛机场、深圳机场、深圳航空公司、中国国际航空公司、首都机场、中国中铁、大连港股份、神华集团天津煤码头、南方电网集团、广东电网、山西电网、云南电网、贵州电网、国华徐电、国华宁电、万家乐、老板电器、海信科龙、海信集团、创维、一汽集团总部、一汽马自达、一汽轿车、一汽吉林汽车、一汽大众、奥迪销售事业部、一汽汽车研究院、奔腾汽车销售公司、解放汽车、东风本田、奇瑞控股、奇瑞汽车、金龙客车、青岛黄岛城投公司、京基地产、兰江地产、武汉高创集团、和讯科技、新农化工、彩虹集团、好利来连锁、新感觉连锁、鹏开中国、青岛海悦地产、广州秀珀化工、振杰国际、仙琚制药、华宁服饰、久泰化工、大富豪家具、广西水电工程局。

温馨提示: 本课程可针对企业需求，上门服务，组织内训，欢迎咨询。

[USN-3247-1] AppArmor vulnerability

==========================================================================
Ubuntu Security Notice USN-3247-1
March 28, 2017

apparmor vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

AppArmor could remove the confinement from some programs.

Software Description:
- apparmor: Linux security system

Details:

Stéphane Graber discovered that AppArmor incorrectly unloaded some profiles
when restarted or upgraded, contrary to expected behavior.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
apparmor 2.10.95-4ubuntu5.3

Ubuntu 16.04 LTS:
apparmor 2.10.95-0ubuntu2.6

Ubuntu 14.04 LTS:
apparmor 2.10.95-0ubuntu2.6~14.04.1

Ubuntu 12.04 LTS:
apparmor 2.7.102-0ubuntu3.11

After a standard system update you need to reboot your computer to make
all the necessary changes.

A new utility, called aa-remove-unknown, was added to assist with profiles that
would have been previously unloaded when AppArmor was restarted or upgraded.

References:
http://www.ubuntu.com/usn/usn-3247-1
CVE-2017-6507

Package Information:
https://launchpad.net/ubuntu/+source/apparmor/2.10.95-4ubuntu5.3
https://launchpad.net/ubuntu/+source/apparmor/2.10.95-0ubuntu2.6
https://launchpad.net/ubuntu/+source/apparmor/2.10.95-0ubuntu2.6~14.04.1
https://launchpad.net/ubuntu/+source/apparmor/2.7.102-0ubuntu3.11

[announce] The UNIX Archives : Alcatel-Lucent releases source for 8th, 9th and 10th editions of Unix

All

Alcatel-Lucent releases source for 8th, 9th and 10th editions of Unix
and we now have a copy at

http://mirrors.nycbug.org/pub/The_Unix_Archive/Distributions/Research/

Enjoy and happy hacking

--
mark saad | nonesuch@longcount.org

_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce

Monday, March 27, 2017

[USN-3246-1] Eject vulnerability

==========================================================================
Ubuntu Security Notice USN-3246-1
March 27, 2017

eject vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

Eject could be made to run programs as an administrator.

Software Description:
- eject: ejects CDs and operates CD-Changers under Linux

Details:

Ilja Van Sprundel discovered that dmcrypt-get-device incorrectly checked setuid
and setgid return values. A local attacker could use this issue to execute code
as an administrator.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
eject 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1

Ubuntu 16.04 LTS:
eject 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1

Ubuntu 14.04 LTS:
eject 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1

Ubuntu 12.04 LTS:
eject 2.1.5+deb1+cvs20081104-9ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3246-1
CVE-2017-6964

Package Information:
https://launchpad.net/ubuntu/+source/eject/2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/eject/2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/eject/2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/eject/2.1.5+deb1+cvs20081104-9ubuntu0.1

[USN-3244-1] GStreamer Base Plugins vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJY2VY7AAoJEGVp2FWnRL6TRscP/26XYkQQowhj5Z1yp7Qpk4BU
xFJnbBwkzUPxYGZDyXCar43w+m9UWnVef5ucqtlnl72SvlWOkbfh+35ZtGH4UFIh
g+juMhjHiDySTrPJphzRzLf4Hsm84TcjrQ1B+8o7ProNeyxroaep1VRLLkeJ3pay
TU+oQYoTVU394eM0pbSEFUvtNmzFKs6LJnEHqckk0hD7kJ2ZpxOoedk1eY8kjVbu
7TBkMlOjoUrudPhsj6wau97+rJg7rjAKQ6Lh9q47dH4IC4qoc4/KrU4jx9dVXqNF
Pr8/pMpccgZlxRiNjmGruVVX+KLLnv9CDioH2k2NRx8tuxVAVZO1T4lDO8XXSbry
qJjhNO7Sw+RzK47h5QGUcWl2YNqonY//JIFn0rW/lN6folGygUM1rZhAuDG+P6n1
2E4uYWBada6zlPpPOBhafkfVyGlJcIbDAbLAdPw010YRyNAJWBgaMx2IlBtf3R8I
g8ntoorgpAe9kt0cN2kS/SOqd0Mv66kGhHOqlZzWezeBbvQcAs3zW3izilKrb1mB
UfQw5/L65qkJOleo3TGSoBzDSgT6hAtmHCwFGwxGNCfHtX/v4yY7Zoa4nS3f85eL
cbElAUx7Cp0iJaZcaJKONW5j+k4lOPMkH6tje4ngqeNHd4/3oFP0m4Kh+mWDR6r+
lw8vpAfNpiEgBIKIZ9MJ
=HGN4
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3244-1
March 27, 2017

gst-plugins-base0.10, gst-plugins-base1.0 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

GStreamer Base Plugins could be made to crash if it opened a specially
crafted file.

Software Description:
- gst-plugins-base1.0: GStreamer Plugins
- gst-plugins-base0.10: GStreamer Plugins

Details:

Hanno Böck discovered that GStreamer Base Plugins did not correctly handle
certain malformed media files. If a user were tricked into opening a
crafted media file with a GStreamer application, an attacker could cause a
denial of service via application crash.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
gstreamer1.0-plugins-base 1.8.3-1ubuntu1.1

Ubuntu 16.04 LTS:
gstreamer1.0-plugins-base 1.8.3-1ubuntu0.2

Ubuntu 14.04 LTS:
gstreamer0.10-plugins-base 0.10.36-1.1ubuntu2.1
gstreamer1.0-plugins-base 1.2.4-1~ubuntu2.1

Ubuntu 12.04 LTS:
gstreamer0.10-plugins-base 0.10.36-1ubuntu0.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3244-1
CVE-2016-9811, CVE-2017-5837, CVE-2017-5839, CVE-2017-5842,
CVE-2017-5844

Package Information:
https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.8.3-1ubuntu1.1
https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.8.3-1ubuntu0.2
https://launchpad.net/ubuntu/+source/gst-plugins-base0.10/0.10.36-1.1ubuntu2.1
https://launchpad.net/ubuntu/+source/gst-plugins-base1.0/1.2.4-1~ubuntu2.1
https://launchpad.net/ubuntu/+source/gst-plugins-base0.10/0.10.36-1ubuntu0.2

[USN-3245-1] GStreamer Good Plugins vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJY2VZKAAoJEGVp2FWnRL6TYXsQAKHn1YfcdlE3h5t+GGDweNoA
i5kXxQ6+J1YcAK59gbacnSAZzVxATjWReWGqlQGwTqd34NNVOFyzvuf1k9KunIA5
GeeqSgSeUr8QlJRUtYQXsf0aKXgrt0bV7ByEvhqD6jk46D+ZBUVmCsAjY6CSfGok
0kYB9KPqONwAiETmWbf2MT9WbsP0BmH4+MfM9cOt4K/ns4BboJKEqI3UEWTLMeVW
90h6Dn4LlV5avOCyhRDgIjvkLx2MlT6ckMJZqIYK+RN6eW+AIvOhfxGj+w6aXP6W
VG9h46AFP5JyPsRjYmx0BeNpfAJETQXQxC4cj4lJzHtwX9vJV9nWHwoOkvz4U+Ob
ddkbvyZBUVSmbDMHoeg/skrnJHZG6RYVTXsEh4cJeQ6I33PmnoqMRAoR6CLj455x
YJWXF96i9YAtso7XhwM0vz1A6AF3qgCYsfaUlMh/NGRym6J5OJnLNQN1yZUzkTvc
2DUme81I0KVPu2aqH/yGlx22AlGkbNPoelrvReEUjSENoeKVGREPd1etn0NZ9RpA
brXHFOoJAlfLhRoQEaTH50HI0u6kiOriHqsRJEoPVqengUkQmDUt+nd19qOp20Lx
LYvMRj4xXYwnDMrRdbqA9ZewstlMGZbLWAZAdLwsMABW9V4oGQMIIFqbU6vn18Tv
fCZokK7bTPs9MWrDcIy1
=LEhF
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3245-1
March 27, 2017

gst-plugins-good0.10, gst-plugins-good1.0 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

GStreamer Good Plugins could be made to crash if it opened a specially
crafted file.

Software Description:
- gst-plugins-good1.0: GStreamer plugins
- gst-plugins-good0.10: GStreamer plugins

Details:

Hanno Böck discovered that GStreamer Good Plugins did not correctly handle
certain malformed media files. If a user were tricked into opening a
crafted media file with a GStreamer application, an attacker could cause a
denial of service via application crash.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
gstreamer1.0-plugins-good 1.8.3-1ubuntu1.3

Ubuntu 16.04 LTS:
gstreamer1.0-plugins-good 1.8.3-1ubuntu0.4

Ubuntu 14.04 LTS:
gstreamer0.10-plugins-good 0.10.31-3+nmu1ubuntu5.3
gstreamer1.0-plugins-good 1.2.4-1~ubuntu1.4

Ubuntu 12.04 LTS:
gstreamer0.10-plugins-good 0.10.31-1ubuntu1.5

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3245-1
CVE-2016-10198, CVE-2016-10199, CVE-2017-5840, CVE-2017-5841,
CVE-2017-5845

Package Information:
https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/1.8.3-1ubuntu1.3
https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/1.8.3-1ubuntu0.4
https://launchpad.net/ubuntu/+source/gst-plugins-good0.10/0.10.31-3+nmu1ubuntu5.3
https://launchpad.net/ubuntu/+source/gst-plugins-good1.0/1.2.4-1~ubuntu1.4
https://launchpad.net/ubuntu/+source/gst-plugins-good0.10/0.10.31-1ubuntu1.5

[CentOS-announce] CEBA-2017:0839 CentOS 5 tzdata BugFix Update

CentOS Errata and Bugfix Advisory 2017:0839

Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-0839.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
d58328c545b0e860954c77bdb60b158a471c341b83354a5ec8724f093158282f tzdata-2017b-1.el5.i386.rpm
22a70cf9924e673ceb03b4adf663fda03103b172288bc174b5da09397770b86c tzdata-java-2017b-1.el5.i386.rpm

x86_64:
fbc86ab21cb3abf327e40e822816ab73feff09d22d96816a793eae4eac4e6328 tzdata-2017b-1.el5.x86_64.rpm
42e9feddb7a0f81ab91ad7a894b753f4c8f38bd64d0530e6f6722c2f78a39208 tzdata-java-2017b-1.el5.x86_64.rpm

Source:
48e3fa1fae0375ad65516800a7bfc0cf099422c2c9e948db2463e60611f442a1 tzdata-2017b-1.el5.src.rpm

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: JohnnyCentOS

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

reallost1.fbsd2233449:企业卓越流程体系规划与流程设计 sykg

reallost1.fbsd2233449：您好

机会是天，运营是地。只会仰望星空，却不能脚踏实地？

天是天，地是地，流程滞后互联网时代，谈何竞争优势？

从理念到行为，从构建到优化，帮助企业打造高效、快赢的流程运营系统

通过流程变革，复制运营团队，实现稳定扩张，提升快赢利润！

当下您所管理的企业是否面临以下困惑：

---依赖个人英雄而不是组织能力，业绩人为影响大而没有持续性？

---客户需求响应速度很慢、交付能力很低，客户满意度不断下降？

---关注结果而忽视做事过程和团队能力培育，导致企业扩张乏力？

---竞争环境越来越严峻，运营成本越来越高，盈利能力越来越差？

更多详细内容，请查阅附件。。。%{RAND_TEXT_5}

2017-3-2715:41:36

Sunday, March 26, 2017

LibreSSL 2.5.2 Released

We have released LibreSSL 2.5.2, which will be arriving in the
LibreSSL directory of your local OpenBSD mirror soon. It includes the following
changes:

* Added the recallocarray(3) memory allocation function, and converted
various places in the library to use it, such as CBB and BUF_MEM_grow.
recallocarray(3) is similar to reallocarray. Newly allocated memory
is cleared similar to calloc(3). Memory that becomes unallocated
while shrinking or moving existing allocations is explicitly
discarded by unmapping or clearing to 0.

* Added new root CAs from SECOM Trust Systems / Security Communication
of Japan.

* Added EVP interface for MD5+SHA1 hashes.

* Fixed DTLS client failures when the server sends a certificate
request.

* Corrected handling of padding when upgrading an SSLv2 challenge into
an SSLv3/TLS connection.

* Allowed protocols and ciphers to be set on a TLS config object in
libtls.

* Improved nc(1) TLS handshake CPU usage and error reporting.

* New tests, portability improvements, and bug fixes.

The LibreSSL project continues improvement of the codebase to reflect modern,
safe programming practices. We welcome feedback and improvements from the
broader community. Thanks to all of the contributors who helped make this
release possible.

reallost1.fbsd2233449：掌握新经济新时代下关键人才管理体系设计的新模式 5re6z

企业关键人才管理体系设计新模式

时间地点：2017年3月31--4月1日上海

参加对象：企业老板和高管；人力资源总监、经理。

学习费用：3800元/人（授课费、教材费、午餐及茶点等）

垂询热线：021-31006787、13381601000 许先生

QQ/微信：320588808

课程背景：
对关键人才的管理，很多企业有这样的困惑：
---如何有效地甄选出关键人才？
---如何进行关键人才的开发和培育？
---如何有效地激励和保留关键人才？
---如何动态地更新关键人才库？
......
本课程讲师凭借多年大型跨国公司人才管理实战经验的积累，整合了具有国际一流水准的关键人才选用育留的实施方案以及相应的实施流程，工具和方法，精心打造兼具策略性和实用性的课程，将帮助您的企业解决以上难题。
新经济来了，无论是互联网+、工业4.0、资本运营还是阿米巴和股权激励等企业的转型变革背后，大家逐渐发现成功的最关键要素还是人才，尤其是关键人才（这是原点）。然而，在新时代下，尽管老板们读了很多"总裁班"，高管们接受了多轮领导力训练，HR们在不断改进公司的人才体系和制度，但对关键人才的管理不但没有改善反而更加严峻：优秀人才越来越难招，越来越难管；好不容易培养的优秀人才也要辞职创业、另立门户。。。。。。关键人才越来越重要，但传统管理对8090后们越来越无效。本课程讲师曾在飞利浦、诺基亚、麦当劳等外企工作多年，给很多内资企业和高校分享过这些"先进"的"管人"工具，但几年下来我发现除了掌声和羡慕的眼光外，真正能运用到的中小企业却很少——不全是HR不很专业而是中小企业的管理基础和职业经理人的素质差距太大。我们也逐渐发现：一些并没有很好管理的"土鳖"公司却和知名外企具有同样的管理效能！用简单的方法就能搞定人才，搞定关键人才！同样也能把业务做得风生水起。"关键人才管理新模式"以传统人才管理的精髓为基础结合先进"土鳖"公司方法，让我们中小企业的老板、高管和HR们更加有效、更加容易搞定关键人才。
当前的人才竞争，不再是简单的人才争夺战，而是人才管理文化的竞争，即管理制度和管理理念的竞争。如果关键人才的培养和管理无章可循，就会成为制约企业持续发展的瓶颈。关键人才的产生需要靠制度保证，没有制度规范，无法吸引人才，更无法激励人才发挥作用。关键人才对企业战略的实施起着决定性作用。通过有效的人才管理，公司的领导层将有机会关注整个组织的强项和发展需求以及为实现战略实施和驱动增长所需要的个人能力，并能提供关键人才具有挑战性和高回报的与公司共同成长的职业经历，为企业和个人带来双赢。

课程收益：
---系统掌握新经济新时代下关键人才管理体系设计的新模式
---深刻理解关键人才管理的意义
---了解关键人才的定义和特征
---掌握关键人才管理选用育留各环节的原理、流程与方法
---了解关键人才管理最佳实践，规避实施风险
......

课程大纲：
一、新经济新时代下的关键人才管理，学习麦当劳还是夫妻店？
1、案例分享：新经济下，关键人才还是企业成功最关键的要素
2、新时代下，传统的人才管理越来越无效
3、新经济新时代下，关键人才管理优秀案例分析
4、关键人才管理新模式的5大步骤以及与阿米巴、股权激励和合伙人机制的区别
5、关键人才管理新模式下，老板、高管和HR的职责定位

二、第一步：确定关键岗位
1、定义关键岗位
2、确定关键岗位的4步骤
3、步骤1：理清商业模式和发展策略
4、步骤2：分析流程价值链
5、步骤3：分析关键成功要素
6、步骤4：评估关键岗位；工具表格：《关键岗位评估表》
7、课题讨论：如何减少关键岗位，降低对关键人才的依赖

三、第二步：找到优秀人才
1、定义优秀人才
2、找到优秀人才的3步骤3机制
3、步骤1：关键岗位人才盘点和规划；表格：《关键人才盘点、调整和规划表》
4、步骤2：关键岗位人才调整和选拔；表格：《关键人才盘点、调整和规划表》
5、步骤3：优秀人才的招募和评估；表格：《关键人才面试评估表》、《入职薪酬谈判表》
6、建立对管理者考评关键人才合格率机制、合伙人选拔机制、股权激励机制
7、案例分享：1）麦当劳人才盘点和规划 2）X民营企业人才盘点和规划 3）芬尼克兹的用人民币选项目总经理
8、课堂练习：关键人才面试和评估

四、第三步：发展关键人才
1、发展关键人才4步骤和2机制
2、步骤1：建立关键岗位胜任力模型工；工具：快速建模卡片
3、步骤2：评估关键人才胜任力差距；工具：胜任力评估线上免费工具
4、步骤3：制定关键人才发展计划：表格；关键人才发展计划和跟进表"
5、步骤4：实施关键人才发展计划：表格；"关键人才发展计划和跟进表"
6、建立激励关键人才发展的晋升机制和合伙人机制
7、案例分享："麦当劳人才发展方案"、"X民营企业的人才发展方案"

五、第四步：建立关键人才梯队
1、建立关键人才梯队的5步骤和2机制
2、步骤1：确定关键岗位和胜任力模型；工具；快速建模卡片
3、步骤2：遴选梯队人才
4、步骤3：评估梯队人选胜任力差距：工具；胜任力评估线上免费工具
5、步骤4：制定梯队人员的发展计划；表格；"关键人才发展计划和跟进表"
6、步骤5：实施梯队人员的发展计划；表格；"关键人才发展计划和跟进表"
7、制定激励发展下属的绩效考核机制和利益捆绑机制
8、案例分享：麦当劳人才供应链、X民企的关键人才梯队建设、X民企的复制店长方案

六、第五步：管控关键人才
1、管控关键人才的常规套路：工作计划、绩效考核和奖惩制度
2、"失控"关键人才的新模式
3、阿米巴和小组制
4、合伙人机制和股权激励
5、案例分享：海尔的内部创客、芬尼克兹的裂变式创业、X民企的门店合伙人机制
6、课堂练习：制定你的关键人才管控/失控方案

七、第六步骤：激励和保留关键人才
1、激励和保留关键人才的常规套路：及时激励、领导魅力、薪酬福利和职业发展
2、保留关键人才的新模式
3、内、外部合伙制
4、股权激励
5、案例分享：芬尼克兹、华为、步步高、X门店零售连锁企业、X美妆服务行业
6、课堂练习：制定你的关键人才保留方案

Friday, March 24, 2017

[USN-3233-1] Thunderbird vulnerabilities

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCAAGBQJY1WSzAAoJEGEfvezVlG4PfSMH/0MrmqtMFdXmAEyaElm/P2Zi
83B5tZZ9krvExjJqRuu8ZITPR0+tPMQQcy+qB02ekKjD+19f+zhdasy1lNb6Ld5J
2TG5mp7sAIxSz3DcPb0ugwZAIgB8EGkacsO4f00Ny5JSBO2Fh+lB14e850NYfhsJ
EojLOAid/C2kPcjAvZBFNhqIV5Fd9lrhJHLWPBqCYTWVv3Mr/PouYwr6COByWUPU
0zKc30HlZEq3hitB+YVJFSX4DR0OwN41SH+FnPeFEY6utwZd/5Uj6a0F9WrjUnPo
gEr69tVr1eaXFVXykgam6TeMVn1hzgSPdEubYMBKI9k4oukt9puYQGjAJkLy89I=
=VxBW
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3233-1
March 24, 2017

thunderbird vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in Thunderbird.

Software Description:
- thunderbird: Mozilla Open Source mail and newsgroup client

Details:

Multiple security issues were discovered in Thunderbird. If a user were
tricked in to opening a specially crafted website in a browsing context,
an attacker could potentially exploit these to bypass same origin
restrictions, obtain sensitive information, cause a denial of service via
application crash or hang, or execute arbitrary code. (CVE-2017-5398,
CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405,
CVE-2017-5407, CVE-2017-5408, CVE-2017-5410)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.10:
thunderbird 1:45.8.0+build1-0ubuntu0.16.10.1

Ubuntu 16.04 LTS:
thunderbird 1:45.8.0+build1-0ubuntu0.16.04.1

Ubuntu 14.04 LTS:
thunderbird 1:45.8.0+build1-0ubuntu0.14.04.1

Ubuntu 12.04 LTS:
thunderbird 1:45.8.0+build1-0ubuntu0.12.04.1

After a standard system update you need to restart Thunderbird to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3233-1
CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402,
CVE-2017-5404, CVE-2017-5405, CVE-2017-5407, CVE-2017-5408,
CVE-2017-5410

Package Information:
https://launchpad.net/ubuntu/+source/thunderbird/1:45.8.0+build1-0ubuntu0.16.10.1
https://launchpad.net/ubuntu/+source/thunderbird/1:45.8.0+build1-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/thunderbird/1:45.8.0+build1-0ubuntu0.14.04.1
https://launchpad.net/ubuntu/+source/thunderbird/1:45.8.0+build1-0ubuntu0.12.04.1

F27 Self Contained Change: Replace Yumex-DNF with dnfdragora

= Proposed Self Contained Change: Replace Yumex-DNF with dnfdragora =
https://fedoraproject.org/wiki/Changes/Replace_yumex-dnf_with_dnfdragora

Change owner(s):
* Björn Esser <besser82 AT fedoraproject DOT org>
* Christian Dersch <lupinix AT fedoraproject DOT org>

Replace the current alternative graphical package manager.

== Detailed Description ==
Yumex-DNF needs a replacement, since upstream stopped development[1].
With dnfdragora[2] we have a versatile (Qt, GTK and NCurses interface)
replacement.

[1] https://github.com/timlau/yumex-dnf/blob/develop/README.md
[2] https://github.com/manatools/dnfdragora

== Scope ==
* Proposal owners:
- Adjust packaging of dnfdragora to properly obsolete/provides yumex-dnf.

* Other developers:
- Adjust default package-manager of alternative desktop-evironment's
packages, if applicable.
- Make needed changes to kickstarts and/or comps.

* Release engineering:
- Merge changes to kickstarts and/or comps.
--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org

[USN-3239-3] GNU C Library regression

==========================================================================
Ubuntu Security Notice USN-3239-3
March 24, 2017

eglibc regression
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

USN-3239-1 introduced a regression in the GNU C Library.

Software Description:
- eglibc: GNU C Library

Details:

USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately,
the fix for CVE-2016-3706 introduced a regression that in some
circumstances prevented IPv6 addresses from resolving. This update
reverts the change in Ubuntu 12.04 LTS. We apologize for the error.

Original advisory details:

It was discovered that the GNU C Library incorrectly handled the
strxfrm() function. An attacker could use this issue to cause a denial
of service or possibly execute arbitrary code. This issue only affected
Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8982)

It was discovered that an integer overflow existed in the
_IO_wstr_overflow() function of the GNU C Library. An attacker could
use this to cause a denial of service or possibly execute arbitrary
code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04
LTS. (CVE-2015-8983)

It was discovered that the fnmatch() function in the GNU C Library
did not properly handle certain malformed patterns. An attacker could
use this to cause a denial of service. This issue only affected Ubuntu
12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8984)

Alexander Cherepanov discovered a stack-based buffer overflow in the
glob implementation of the GNU C Library. An attacker could use this
to specially craft a directory layout and cause a denial of service.
(CVE-2016-1234)

Michael Petlan discovered an unbounded stack allocation in the
getaddrinfo() function of the GNU C Library. An attacker could use
this to cause a denial of service. (CVE-2016-3706)

Aldy Hernandez discovered an unbounded stack allocation in the sunrpc
implementation in the GNU C Library. An attacker could use this to
cause a denial of service. (CVE-2016-4429)

Tim Ruehsen discovered that the getaddrinfo() implementation in the
GNU C Library did not properly track memory allocations. An attacker
could use this to cause a denial of service. This issue only affected
Ubuntu 16.04 LTS. (CVE-2016-5417)

Andreas Schwab discovered that the GNU C Library on ARM 32-bit
platforms did not properly set up execution contexts. An attacker
could use this to cause a denial of service. (CVE-2016-6323)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
libc6 2.15-0ubuntu10.18

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-3239-3
http://www.ubuntu.com/usn/usn-3239-1
https://bugs.launchpad.net/bugs/1674776

Package Information:
https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.18

Thursday, March 23, 2017

Ubuntu 17.04 (Zesty Zapus) Final Beta released

The Ubuntu team is pleased to announce the final beta release of the
Ubuntu 17.04 Desktop, Server, and Cloud products.

Codenamed "Zesty Zapus", 17.04 continues Ubuntu's proud tradition of
integrating the latest and greatest open source technologies into a
high-quality, easy-to-use Linux distribution. The team has been hard
at work through this cycle, introducing new features and fixing bugs.

This beta release includes images from not only the Ubuntu Desktop,
Server, and Cloud products, but also the Kubuntu, Lubuntu, Ubuntu
GNOME, UbuntuKylin, Ubuntu MATE, Ubuntu Studio, and Xubuntu flavours.

We're also pleased with this release to welcome Ubuntu Budgie to the
family of Ubuntu community flavours.

The beta images are known to be reasonably free of showstopper CD build
or installer bugs, while representing a very recent snapshot of 17.04
that should be representative of the features intended to ship with the
final release expected on April 13th, 2017.

Ubuntu, Ubuntu Server, Cloud Images:
Yakkety Final Beta includes updated versions of most of our core set
of packages, including a current 4.10 kernel, and much more.

To upgrade to Ubuntu 17.04 Final Beta from Ubuntu 16.10, follow these
instructions:

https://help.ubuntu.com/community/ZestyUpgrades

The Ubuntu 17.04 Final Beta images can be downloaded at:

http://releases.ubuntu.com/17.04/ (Ubuntu and Ubuntu Server on x86)

Additional images can be found at the following links:

http://cloud-images.ubuntu.com/daily/server/zesty/current/ (Cloud Images)
http://cdimage.ubuntu.com/releases/17.04/beta-2/ (Non-x86 Server)
http://cdimage.ubuntu.com/netboot/17.04/ (Netboot)

As fixes will be included in new images between now and release, any
daily cloud image from today or later (i.e. a serial of 20170323 or
higher) should be considered a beta image. Bugs found should be filed
against the appropriate packages or, failing that, the cloud-images
project in Launchpad.

The full release notes for Ubuntu 17.04 Final Beta can be found at:

https://wiki.ubuntu.com/ZestyZapus/ReleaseNotes

Kubuntu:
Kubuntu is the KDE based flavour of Ubuntu. It uses the Plasma desktop
and includes a wide selection of tools from the KDE project.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/kubuntu/releases/17.04/beta-2/

More information on Kubuntu Final Beta can be found here:
https://wiki.ubuntu.com/ZestyZapus/Beta2/Kubuntu

Lubuntu:
Lubuntu is a flavor of Ubuntu that targets to be lighter, less
resource hungry and more energy-efficient by using lightweight
applications and LXDE, The Lightweight X11 Desktop Environment,
as its default GUI.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/lubuntu/releases/17.04/beta-2/

More information on Lubuntu Final Beta can be found here:
https://wiki.ubuntu.com/ZestyZapus/Beta2/Lubuntu

Ubuntu Budgie:
Ubuntu Budgie is community developed desktop, integrating Budgie
Desktop Environment with Ubuntu at its core.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntu-budgie/releases/17.04/beta-2/

More information on Ubuntu Budgie Final Beta can be found here:
https://wiki.ubuntu.com/ZestyZapus/Beta2/UbuntuBudgie

Ubuntu GNOME:
Ubuntu GNOME is a flavor of Ubuntu featuring the GNOME desktop
environment.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntu-gnome/releases/17.04/beta-2/

More information on Ubuntu GNOME Final Beta can be found here:
https://wiki.ubuntu.com/ZestyZapus/Beta2/UbuntuGNOME

UbuntuKylin:
UbuntuKylin is a flavor of Ubuntu that is more suitable for Chinese
users.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntukylin/releases/17.04/beta-2/

More information on UbuntuKylin Final Beta can be found here:
https://wiki.ubuntu.com/ZestyZapus/ReleaseNotes/UbuntuKylin

Ubuntu MATE:
Ubuntu MATE is a flavor of Ubuntu featuring the MATE desktop
environment.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntu-mate/releases/17.04/beta-2/

More information on UbuntuMATE Final Beta can be found here:
https://ubuntu-mate.org/blog/ubuntu-mate-zesty-beta2/

Ubuntu Studio:
Ubuntu Studio is a flavor of Ubuntu that provides a full range of
multimedia content creation applications for each key workflows:
audio, graphics, video, photography and publishing.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/ubuntustudio/releases/17.04/beta-2/

More information about Ubuntu Studio Final Beta can be found here:
https://wiki.ubuntu.com/ZestyZapus/Beta2/UbuntuStudio

Xubuntu:
Xubuntu is a flavor of Ubuntu that comes with Xfce, which is a stable,
light and configurable desktop environment.

The Final Beta images can be downloaded at:
http://cdimage.ubuntu.com/xubuntu/releases/17.04/beta-2/

More inormation about Xubuntu Final Beta can be found here:
http://wiki.xubuntu.org/releases/17.04/release-notes

Regular daily images for Ubuntu, and all flavours, can be found at:
http://cdimage.ubuntu.com

Ubuntu is a full-featured Linux distribution for clients, servers and
clouds, with a fast and easy installation and regular releases. A
tightly-integrated selection of excellent applications is included, and
an incredible variety of add-on software is just a few clicks away.

Professional technical support is available from Canonical Limited and
hundreds of other companies around the world. For more information
about support, visit http://www.ubuntu.com/support

If you would like to help shape Ubuntu, take a look at the list of ways
you can participate at: http://www.ubuntu.com/community/participate

Your comments, bug reports, patches and suggestions really help us to
improve this and future releases of Ubuntu. Instructions can be
found at: https://help.ubuntu.com/community/ReportingBugs

You can find out more about Ubuntu and about this beta release on our
website, IRC channel and wiki.

To sign up for future Ubuntu announcements, please subscribe to Ubuntu's
very low volume announcement list at:

http://lists.ubuntu.com/mailman/listinfo/ubuntu-announce

On behalf of the Ubuntu Release Team,

Adam Conrad

--
ubuntu-announce mailing list
ubuntu-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce

reallost1.fbsd2233449：致所有HR的一封信 3:16:35

人力资源效能方程式

【时间地点】 2017年 4月14-15日杭州

【学习费用】4980元/人（包含教材，午餐，茶点。。。）

【参加对象】 HR经理、总监；中高层领导、基础管理人员及对本课程感兴趣的人士

【授课方式】讲师讲授 + 视频演绎 + 案例研讨 +角色扮演 + 讲师点评 + 落地工具
【联系方式】 021-31006787, 13381601000 (许先生)
【QQ/微信】320588808

【课程特色】

1、全国第一个HR与财务相结合的课程；

2、原创提出人力资源效能方程式的概念；

3、系统地提出HR资产负债表、HR价值转化表及HR现金流向表；

4、原创性提出HR数据预警指标的概念；

5、结合个税筹划，提出HR开源和人工成本降低的方法。

【课程收益】

1、HR与财务同频：去六大模块思维，把财务数据转化为工具，形成产品化思维；

2、HR与业务实现：了解财务与经营，更好地支持业务部门工作的开展；

3、HR与数据分析：理解财务报表背后的数据信息，减少与业务部门沟通的成本；

4、HR与绩效改进：掌握绩效数据间的勾稽关系，从财务角度理解KPI指标设定；

5、HR与价值创造：学会个税筹划的技巧，及降本提效的方法。

【工具包】

工具1：HR效能方程式

工具2：业务的量本利分析法

工具3：杜邦分析法在HR中的运用

工具4：HR业务数据分析图

工具5：年终奖计税

工具6： HR价值表

【场景应用】
应用1：盈亏平衡点用在HR的编制管理上

应用2：毛利率如何用在HR的绩效考核上

应用3：利润表上的净利润在HR考核中的误区

应用4：如何从财务角度来做HR成本表

应用5：杜邦分析法用在HR的绩效改进上

应用6：业务仪表盘—预警业务进展

【课程大纲】
第一部分新时代赋予HR的新使命（第一天上午，上午0.5小时）

一、互联网对HR的新挑战

二、新时代对HR的新定义

工具1：HR效能方程式

第二部分 HR经营化（第一天上午， 2.5小时+第一天下午2小时）

一、看业务

（一）HR如何理解销售收入？-案例1：卖多少包子店才盈亏平衡？

工具2：业务的量本利分析法

场景应用1：盈亏平衡点用在HR的编制管理上

（二）HR如何理解毛利率？

场景应用2：毛利率如何用在HR的绩效考核上

案例2：某公司的基于业务毛利率考核方案

二、看财务

（一）跨界打劫－财务是HR门口的"野蛮人"吗？

（二）同频对话－HR如何看懂财务的三张报表？

1、HR的地盘能自己做主吗？

场景应用3：利润表上的净利润在HR考核中的误区

2、大部分HR不知道财务数据之间的勾稽关系

场景应用4：如何从财务角度来做HR成本表

（三）杜邦分析法－HR与财务的结合点（实操演练，带笔记本电脑）

案例3：某企业ROE由28.6%下降至9.82%，经分析是人工成本过高造成的，HR是如何做绩改改进的

应用5：杜邦分析法用在HR的绩效改进上

第三部分 HR数据化（第一天下午，2小时+第二天上午2小时）

一、看关联

（一）HR数据间关联－HR的静态存量数据

某IT企业骨干员工离职率由39%下降到8%，销售收入增长55%？

案例4：某企业如何通过三定数据分析减少3人？

（二）HR与业务关联－HR的动态增量数据

1、HR拿到的数据和呈现给领导的数据是两回事，如何处理？

案例5：去年人工成本率是8.3%，今年是9.2%，人工成本增加在哪些科目上，对业务是什么影响？

2、人工成本结构数据。

工具4： HR业务数据分析图

二、看预警

（一）HR指标预警

1、业务仪表盘—预警业务进展（应用5）---实操演练，带笔记本电脑

2、KPI仪表盘－预警项目进展的指标

3、人工成本率－预警人效提升的指标

（二）HR人才预警

第四部分 HR价值化（第二天下午，1.5小时，实操演练，带笔记本电脑）

一、看开源

（一）HR贡献

案例6：HR部门的贡献如何测算？

（二）个税筹划

工具5：年终奖计税

二、看节流

案例7：华为公司如何让一个企业实现员工下降50%，人均劳动力增长80%，而销售收入增长20%？

第五部分 HR"才"报化（第二天下午，1.5小时）

现场演练：HR价值表

工具6： HR价值表

讲师简介：郑指梁

实战人力资源＆财务管理专家

管理学硕士、注册会计师、注册税务师

浙江大学、中山大学总裁班特邀讲师

浙江省企业培训师协会副会长

国家人力资源管理师一级辅导师

曾任美国Bel Fuse Inc.中国区人力资源经理、财务总监

曾任世界500强人力资源总监、财务总监

国内人力资源与财务管理结合专家

个人经历
具有近20年的HR、财务、税务、投行、资本运作等从业经验，曾服务于世界500强企业及中国民营500强企业；熟悉跨国公司与民营企业管理的规律与特点。是业内不多的能同时把人力资源与财务、投行有效结合起来的专家。

熟悉私募基金运营、资本运作、投融资、股权融资、收购兼并。参与并主导多家企业的IPO（主板与新三板）上市工作，并积累丰富的投行经验。
原创性提出私募基金在合伙人制度当中的运用，HR效能方式方程式等思路与模式。他在多年HR和财务工作实践经验中总结提炼而成的《合伙人制度》、《人力资源效能方程式》、《非财务经理的财务管理》课程多次面向社会开设公开课，获得学员高度认可和广泛运用。

主讲课程
《合伙人制度》《人力资源效能方程式》《HR如何有效支持业务伙伴》《非财务经理的财务管理》《绩效管理实操及落地提升》

《人力资源经理的财务管理》《绩效平衡与落地》《基于smart原理的薪酬体系设计》