Friday, June 30, 2017
Fedora 26 Final Release Readiness Meeting on Thursday, July 6th @ 19:00 UTC
Final Release Readiness Meeting meeting.
The meeting is going to be held on Thursday, July 6th, 2017 at 19:00
UTC. Please check the [1] link for your time zone.
We will meet to make sure we are coordinated and ready for the Final
release of Fedora 26. Please note that this meeting is going to be
held even if the release is delayed at the Go/No-Go meeting on the
same day two hours earlier.
You may received this message several times, but it is by purpose to
open this meeting to the teams and to raise awareness, so hopefully
more team representatives will come to this meeting. This meeting
works best when we have representatives from all of the teams.
For more information please check the [2] link.
As I will not be available for this meeting, Jaroslav Reznik <jreznik>
will be the moderator. Please contact Jaroslav in case of a need for
additional information.
[1] https://apps.fedoraproject.org/calendar/meeting/6285/
[2] https://fedoraproject.org/wiki/Release_Readiness_Meetings
Thank you for your support,
Regards, Jan
--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Thursday, June 29, 2017
[USN-3346-1] bind9 vulnerabilities
Ubuntu Security Notice USN-3346-1
June 29, 2017
bind9 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.10
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Bind could be made to serve incorrect information or expose sensitive
information over the network.
Software Description:
- bind9: Internet Domain Name Server
Details:
Clément Berthaux discovered that Bind did not correctly check TSIG
authentication for zone update requests. An attacker could use this
to improperly perform zone updates. (CVE-2017-3143)
Clément Berthaux discovered that Bind did not correctly check TSIG
authentication for zone transfer requests. An attacker could use this
to improperly transfer entire zones. (CVE-2017-3142)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
bind9 1:9.10.3.dfsg.P4-10.1ubuntu5.1
Ubuntu 16.10:
bind9 1:9.10.3.dfsg.P4-10.1ubuntu1.7
Ubuntu 16.04 LTS:
bind9 1:9.10.3.dfsg.P4-8ubuntu1.7
Ubuntu 14.04 LTS:
bind9 1:9.9.5.dfsg-3ubuntu0.15
After a standard system update you need to restart Bind to make
all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3346-1
CVE-2017-3142, CVE-2017-3143
Package Information:
https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-10.1ubuntu5.1
https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-10.1ubuntu1.7
https://launchpad.net/ubuntu/+source/bind9/1:9.10.3.dfsg.P4-8ubuntu1.7
https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.15
[CentOS-announce] CESA-2017:1615 Important CentOS 7 kernel Security Update
Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1615.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
31a6c6f9fe0e42858b6af987ef713ec0db2ddefb464fe7dc5fa4a05ff3dcd773 kernel-3.10.0-514.26.1.el7.x86_64.rpm
ff6512c2d9b003f146ca1be129c8fd40189be0c7e58a2108809416ccd688e96e kernel-abi-whitelists-3.10.0-514.26.1.el7.noarch.rpm
88208dca6251f2c890acf13c4f024bc7145ace3c16160d0246e9dd502da681c1 kernel-debug-3.10.0-514.26.1.el7.x86_64.rpm
9c2c518be28e4fe26575cab4be90ba63e90cf2e8712d00b71a6d57775adff813 kernel-debug-devel-3.10.0-514.26.1.el7.x86_64.rpm
4009bd33aa57abd3d0aa5d8087a938d902ae9981712b107bca161f5824c320d5 kernel-devel-3.10.0-514.26.1.el7.x86_64.rpm
a978179ef67f270b75bccb9774a3edd2107bc394c808330191da9853627dfddd kernel-doc-3.10.0-514.26.1.el7.noarch.rpm
92cdc8bf0b60961cbc228748c13505751d41ab4a7c35f932fa9513ebc612fa3a kernel-headers-3.10.0-514.26.1.el7.x86_64.rpm
59311b7ceae3188e2528e20efa066fa42ee61ae3e081002c738462522997b60e kernel-tools-3.10.0-514.26.1.el7.x86_64.rpm
2b1e51e94f5d2d3cbcf3344f2e37eafc71c695c90ac325bc2ea4ca8c76060b16 kernel-tools-libs-3.10.0-514.26.1.el7.x86_64.rpm
126bab17d082fe773812f72ccd8b3af26155e3caed4f1bce4285a35c96378235 kernel-tools-libs-devel-3.10.0-514.26.1.el7.x86_64.rpm
98600f1d4c3c6062987201cb803b001bf34f9d4a8f0074e96a94f537aea60028 perf-3.10.0-514.26.1.el7.x86_64.rpm
6656a25508be20ea3edb35197688f247c0ccd4d01639ecc498efedfd29db12cc python-perf-3.10.0-514.26.1.el7.x86_64.rpm
Source:
3b6d34f5e8fac41a1d2788cce6fab6f7f2b54cc81a666974ca9179e26a4712cd kernel-3.10.0-514.26.1.el7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[USN-3342-2] Linux kernel (HWE) vulnerabilities
Ubuntu Security Notice USN-3342-2
June 29, 2017
linux-hwe vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-hwe: Linux hardware enablement (HWE) kernel
Details:
USN-3342-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10.
This update provides the corresponding updates for the Linux Hardware
Enablement (HWE) kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS.
USN-3333-1 fixed a vulnerability in the Linux kernel. However, that
fix introduced regressions for some Java applications. This update
addresses the issue. We apologize for the inconvenience.
It was discovered that a use-after-free flaw existed in the filesystem
encryption subsystem in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash). (CVE-2017-7374)
Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)
Ingo Molnar discovered that the VideoCore DRM driver in the Linux kernel
did not return an error after detecting certain overflows. A local attacker
could exploit this issue to cause a denial of service (OOPS).
(CVE-2017-5577)
Li Qiang discovered that an integer overflow vulnerability existed in the
Direct Rendering Manager (DRM) driver for VMWare devices in the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2017-7294)
It was discovered that a double-free vulnerability existed in the IPv4
stack of the Linux kernel. An attacker could use this to cause a denial of
service (system crash). (CVE-2017-8890)
Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel's IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)
Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel's IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)
It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)
It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)
It was discovered that the IPv6 stack in the Linux kernel was performing
its over write consistency check after the data was actually overwritten. A
local attacker could exploit this flaw to cause a denial of service (system
crash). (CVE-2017-9242)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
linux-image-4.8.0-58-generic 4.8.0-58.63~16.04.1
linux-image-4.8.0-58-generic-lpae 4.8.0-58.63~16.04.1
linux-image-4.8.0-58-lowlatency 4.8.0-58.63~16.04.1
linux-image-generic-hwe-16.04 4.8.0.58.29
linux-image-generic-lpae-hwe-16.04 4.8.0.58.29
linux-image-lowlatency-hwe-16.04 4.8.0.58.29
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://www.ubuntu.com/usn/usn-3342-2
https://www.ubuntu.com/usn/usn-3342-1
https://www.ubuntu.com/usn/usn-3333-1
https://launchpad.net/bugs/1699772
CVE-2017-1000363, CVE-2017-5577, CVE-2017-7294, CVE-2017-7374,
CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076,
CVE-2017-9077, CVE-2017-9242
Package Information:
https://launchpad.net/ubuntu/+source/linux-hwe/4.8.0-58.63~16.04.1
[USN-3323-2] GNU C Library vulnerability
Ubuntu Security Notice USN-3323-2
June 29, 2017
eglibc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Gnu C library could be made to run programs as an administrator.
Software Description:
- eglibc: GNU C Library
Details:
USN-3323-1 fixed a vulnerability in the GNU C Library. This update provides the
corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that the GNU C library did not properly handle memory
when processing environment variables for setuid programs. A local attacker
could use this in combination with another vulnerability to gain
administrative privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
libc6 2.15-0ubuntu10.20
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3323-2
https://www.ubuntu.com/usn/usn-3323-1
CVE-2017-1000366
[CentOS-announce] CESA-2017:1576 Important CentOS 7 mercurial Security Update
Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1576.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
5a8d65ed7b74608f2051e4f8d463b5863b71da57f9e586a6deee3f0e63833c6d emacs-mercurial-2.6.2-7.el7_3.x86_64.rpm
b67d2867d270044b7e541a89b7885600af05bd6f8b297afe9293d83692b93e67 emacs-mercurial-el-2.6.2-7.el7_3.x86_64.rpm
12bb2c2dfa0e8d76b6073c84c1e40b5960331034aab60c4a58fa54bd2690b649 mercurial-2.6.2-7.el7_3.x86_64.rpm
21333a84aa4d979cfc47c44033affe62791c15642da61baeed6d25d8f7de16b6 mercurial-hgk-2.6.2-7.el7_3.x86_64.rpm
Source:
cf8a26170b2c0e57f0028e16fd5a69a216871a939b496af153c828717009d4dc mercurial-2.6.2-7.el7_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2017:1581 Important CentOS 7 freeradius Security Update
Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1581.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
e895ea654c98537bf02e45b515a675a320cfaccaaf70acb2212e91a9460a9b56 freeradius-3.0.4-8.el7_3.x86_64.rpm
1228fe62648d13c7d759eae75048ebff83b19ab047464dd5e134d7e5a3febc00 freeradius-devel-3.0.4-8.el7_3.i686.rpm
32f42995ac7a3a533e866ed92412e6fe0024dec1c017bc0739346502f2a59ecb freeradius-devel-3.0.4-8.el7_3.x86_64.rpm
27d77c1285a4cfc5796840bb1c785c5731329f58f620008594a37f9e5e5d449b freeradius-doc-3.0.4-8.el7_3.x86_64.rpm
a786335ea27fa948d7633cefefb1764668e0ec894cc8b2a99db4aca2469198b6 freeradius-krb5-3.0.4-8.el7_3.x86_64.rpm
3db445ffdc95ef63f49ab783d30a79fa995df12d842182212dd8bc1c57ee1f8e freeradius-ldap-3.0.4-8.el7_3.x86_64.rpm
18db49e251705a17b1126e4f3bd290ecce35e85f5515219fb00a2533517f87e5 freeradius-mysql-3.0.4-8.el7_3.x86_64.rpm
d7cae7b0375d58347ce836c5cd6940bca9192e68012144c9c8e45911765ae09a freeradius-perl-3.0.4-8.el7_3.x86_64.rpm
a0bc59f12af00a751cfddd4d0cdb88dd9ef254107a0359206a0749d11ebb063b freeradius-postgresql-3.0.4-8.el7_3.x86_64.rpm
278f234880380da762db32c9dbba70bd9d008e5179b15817219c13727a7733d4 freeradius-python-3.0.4-8.el7_3.x86_64.rpm
94ff3a4278a3620f14b2650c58fe860a8269cb11ae4fd0310f0b3fb799b0ab3b freeradius-sqlite-3.0.4-8.el7_3.x86_64.rpm
3d66c88fa201d2779941d1c18c156875c45fa77c7350f1239fd615dd5f260f21 freeradius-unixODBC-3.0.4-8.el7_3.x86_64.rpm
69f41f6fb446c27593d9f4c2e6dd2b2f678dcbc67511e8e2675b762d961ea660 freeradius-utils-3.0.4-8.el7_3.x86_64.rpm
Source:
dd9e10305ebc787276e016981bc619d52a3522d47471a80c33cc4895876712f5 freeradius-3.0.4-8.el7_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1614 CentOS 7 python-rhsm BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1614.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
0b8646a9df566289792adaee7a035e61b1a3dc4e60596364fd1c5bf08b4d275c python-rhsm-1.17.10-1.el7_3.x86_64.rpm
f2666c251f0ca68348b2d83eacdb690c3925d644b729af3c556c9df17ff75ba9 python-rhsm-certificates-1.17.10-1.el7_3.x86_64.rpm
Source:
c5f78eab2bbd1fdbc9670da2f2e8e0fd96d94af7dccd9bc0a3d93887737cdb3c python-rhsm-1.17.10-1.el7_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1611 CentOS 7 python-dmidecode BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1611.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
16be4d1e916e52d5a8f5294b8d04121b811fc12f5a4265b23fe1113197789afb python-dmidecode-3.10.13-12.el7_3.x86_64.rpm
Source:
4d890363aaf66259817250a8e9e8df5cf70ed7907bc0af4731527c9d74d8b0ee python-dmidecode-3.10.13-12.el7_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1618 CentOS 7 gawk BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1618.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
3aedd340b676e49fe6d25b04a77402d074b2a13f2607e165d6ec94c51a5ced12 gawk-4.0.2-4.el7_3.1.x86_64.rpm
Source:
4ea7058b4c1e6da7dc2f2b11d70969132643721ebe05e86fb94a8d999e11ebdb gawk-4.0.2-4.el7_3.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1608 CentOS 7 pacemaker BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1608.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
5fc6ef36aaf12c91629797d81b768ba6397fbe97d10611e8a115e0cb556c4647 pacemaker-1.1.15-11.el7_3.5.x86_64.rpm
1f1a16bd04aae426a82c998ded2d28a605b8eb3a6f6dc483f62537bca67d0964 pacemaker-cli-1.1.15-11.el7_3.5.x86_64.rpm
f7d896f2307dd4e0e2c69dca36f1b647e17809c947e9f4ee57fe064a32128ddd pacemaker-cluster-libs-1.1.15-11.el7_3.5.i686.rpm
337a8dd316df402b96dde81a4d6d812a87570fd45f93736c41366245fc504de7 pacemaker-cluster-libs-1.1.15-11.el7_3.5.x86_64.rpm
8aaf0ac7166ffb4ed261a3ca6ce731ce7581edbaf5692017e93bf31270871b50 pacemaker-cts-1.1.15-11.el7_3.5.x86_64.rpm
1984f1663a18771f0467364f10827b2f34e40aee48ece0887f179ebaee1bf74d pacemaker-doc-1.1.15-11.el7_3.5.x86_64.rpm
19d30c029d918a5afa1ecad16dcd5e9597c7c3a0410e490adb78479a13ab3a5a pacemaker-libs-1.1.15-11.el7_3.5.i686.rpm
163945370d5217d7297cb06685fe94a430ed184dc47b8b11e8a6ba94c8efb9e3 pacemaker-libs-1.1.15-11.el7_3.5.x86_64.rpm
ebb27de13cc255a8d9ce6af501625f0096173ae18ec30d49127a73bd668d10e6 pacemaker-libs-devel-1.1.15-11.el7_3.5.i686.rpm
c17d6f2980e3519e2a21f9000e80ab48f0dc24b15325a5beaf03858d62434a32 pacemaker-libs-devel-1.1.15-11.el7_3.5.x86_64.rpm
144890c9976f876482436745e76acf04728ea4ce96f7f94303545d92cca14d85 pacemaker-nagios-plugins-metadata-1.1.15-11.el7_3.5.x86_64.rpm
fdaed0a868ca21ef376a61ae1f702013ca27f93e047937c1573553dcfb25d1f5 pacemaker-remote-1.1.15-11.el7_3.5.x86_64.rpm
Source:
35d35577821ab93561da4ac925f6651fb741a3396de55862aec1f4d6dcadafef pacemaker-1.1.15-11.el7_3.5.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1606 CentOS 7 cyrus-imapd BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1606.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
cb221c439f10d2385e34815acd6e654adf318283ddfedf2374c357ad21b60bf3 cyrus-imapd-2.4.17-8.el7_3.1.x86_64.rpm
21f60f67a23d5a11455c84119722103e44e22589efa096d9e725dc99b1bd57ef cyrus-imapd-devel-2.4.17-8.el7_3.1.i686.rpm
1bd229b0d2e12d840b712c8bc193cb3120f18d2f93ab96931227830817303446 cyrus-imapd-devel-2.4.17-8.el7_3.1.x86_64.rpm
dfbfce42525f67698a4349bd51c956a6cadb6c82f4be01bcedc5fcf71327929e cyrus-imapd-utils-2.4.17-8.el7_3.1.x86_64.rpm
Source:
1ddca7e1b4eaef6028aeaf632ed5df4cdbf76fb9d46b7125e244684e8eadf538 cyrus-imapd-2.4.17-8.el7_3.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1613 CentOS 7 dracut BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1613.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
f5f6a4801c7f6e49c9708e6037e5c26d7858921e4986ea42e5acf3b37731e914 dracut-033-463.el7_3.2.x86_64.rpm
8af466ab64d675b516bd701a71b66544937aeaf7a16ac21c3f71d311a89ce3f0 dracut-caps-033-463.el7_3.2.x86_64.rpm
ca3fc342e66d24b9bbc4ef3bc7ce69e46590da09b2993d1a023ff821e28a3013 dracut-config-generic-033-463.el7_3.2.x86_64.rpm
6d84eebd4ff92f7546107add5076208d5b04fe02bfdbfab76a2c7b0cd8c19e58 dracut-config-rescue-033-463.el7_3.2.x86_64.rpm
26d2df229df192406262259485adc38da842e4b2bf9581c1eee7bd9e9358c9bc dracut-fips-033-463.el7_3.2.x86_64.rpm
fc4b2ab395fb68026f06983a6468f7d462f4dbf74914a1cc2c6ad0b55cd89322 dracut-fips-aesni-033-463.el7_3.2.x86_64.rpm
4a6e959af543dc37012ac38c520e0b129945b688775057edd56b248685a7f4e3 dracut-network-033-463.el7_3.2.x86_64.rpm
5ab9cc325499cb9c3930e170e4c3b9c081123f3bcfdf81faf82e7b28e9f93478 dracut-tools-033-463.el7_3.2.x86_64.rpm
Source:
23d7ab2b7420ab368ae5401d6513f9324c81d56444f136d55aa14f5b1fa0656a dracut-033-463.el7_3.2.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1617 CentOS 7 lvm2 BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1617.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
0d1012ff4e3a02ccf9de1625c138ed5e1f8525ad23207c30881a2806adaab10f cmirror-2.02.166-1.el7_3.5.x86_64.rpm
9a894333355bc30d9e618f4d06dc2578f2928dceae71b84c30d214c432f76e96 device-mapper-1.02.135-1.el7_3.5.x86_64.rpm
5795a88f11fd07e35e51a8ec0b7a0d102ba11e3a31392ea93c88a81c2c987a77 device-mapper-devel-1.02.135-1.el7_3.5.i686.rpm
f6ee18235043103b4458ab5afbbdf81e35a86da4899395eb2f2b9aa053712727 device-mapper-devel-1.02.135-1.el7_3.5.x86_64.rpm
3a26566bc440134459eea966442e7e82bd5ed922196dc4808953561b98eca04e device-mapper-event-1.02.135-1.el7_3.5.x86_64.rpm
5976a1523f2d2183e983a2d4e5fa76164f371bc349c39a936e780ebecee912f1 device-mapper-event-devel-1.02.135-1.el7_3.5.i686.rpm
1e033904fa92de3c869f3d524d5bdad3a6636623ba9eea248951ca572d6415f1 device-mapper-event-devel-1.02.135-1.el7_3.5.x86_64.rpm
59ce986dc95e3bbb3e0c837fa091bb59d05e3610d7bf22f88952111ae8dc1ed5 device-mapper-event-libs-1.02.135-1.el7_3.5.i686.rpm
8c788640a66d82335ff813c49f08e607ea92cc4578d3e321ddeb98c4f61ad34f device-mapper-event-libs-1.02.135-1.el7_3.5.x86_64.rpm
b97908e8764caa138e54a8f7937414ac77dae5e5a7219535e6f4241f8b6d73d6 device-mapper-libs-1.02.135-1.el7_3.5.i686.rpm
46a7c0f3118e364824b86c8a4c6d3b75ed208b196d2d040477175a6f08f5c4da device-mapper-libs-1.02.135-1.el7_3.5.x86_64.rpm
c16b3f76502d60e38d2c4cc9939ef240f1159edb4ece048b0e484c0dd399bcc1 lvm2-2.02.166-1.el7_3.5.x86_64.rpm
3e433a8d7a74ec6bb9874e8bb2e9758918cbe570003baa5cc5e136342408fb2a lvm2-cluster-2.02.166-1.el7_3.5.x86_64.rpm
b533a8f1e38918b11d84489462fd6289fb99146204a87f98ffa82e10b051dab6 lvm2-devel-2.02.166-1.el7_3.5.i686.rpm
e7b421c59b0a17d474c3e071408e9221d998119590c8a3fd6b9071b76688b8a9 lvm2-devel-2.02.166-1.el7_3.5.x86_64.rpm
54da08a47eb38e9319661b4d1e9ed44f1039293101486dc605cce4bddf464cd9 lvm2-libs-2.02.166-1.el7_3.5.i686.rpm
4a23a466f1cfce65ed720514d19d9c13f0663a2b205187422adb5de9ca3724bd lvm2-libs-2.02.166-1.el7_3.5.x86_64.rpm
96710617151ecaffd984580134c6a9dc6bfe3deb6eb168dd1104be7f6eda0e84 lvm2-lockd-2.02.166-1.el7_3.5.x86_64.rpm
b0796644328c1981fc62bf99d44bfcc838813173d3f1e4866b41fde25545bed8 lvm2-python-libs-2.02.166-1.el7_3.5.x86_64.rpm
6cd1a07b8ea0a5171f0cf94247c701950f19aeede2cc387498fd9f7589d5968a lvm2-sysvinit-2.02.166-1.el7_3.5.x86_64.rpm
Source:
a1803142900048e63c5cbec44c231287c69a8d651ec249fcbd7b17039224540a lvm2-2.02.166-1.el7_3.5.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1610 CentOS 7 pki-core BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1610.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
4bc43ce8a0d2c766226ab9b1b2cf8b4f43535014eecb12a86bbfc06f485d6a80 pki-base-10.3.3-19.el7_3.noarch.rpm
5b50dd986aa9a4bafb50046380f65f4896fc62ca0827d7c344119ca391fcca46 pki-base-java-10.3.3-19.el7_3.noarch.rpm
796451345e404957fe02ab4a21fadaaad94320fdaef60f75d33c48bd00fc3aef pki-ca-10.3.3-19.el7_3.noarch.rpm
d14d71ebb8dda75bcde7fa0766879c88cac58428079a41cbcdd9409ca80947e3 pki-javadoc-10.3.3-19.el7_3.noarch.rpm
0c81ae5ac01c2cf7e8b321a347d990632a96b14db12ca5234061d92ee27d9c70 pki-kra-10.3.3-19.el7_3.noarch.rpm
861d31758043bf895e87930e313b678e474308cbdffa33026fa88c15879a8bce pki-server-10.3.3-19.el7_3.noarch.rpm
c19a275472eedd0f4ec6434f91ff3e04aed8709073e57df59cbda090fb892a22 pki-symkey-10.3.3-19.el7_3.x86_64.rpm
ecca5c82a22ec4bac7ff9568df18fef4eb8e43fbd2014fca5be9aaf86bdfce96 pki-tools-10.3.3-19.el7_3.x86_64.rpm
Source:
526ed07522f01d949c7c12541d57ca8e8d6e670e7df33bc261bc839db692c70b pki-core-10.3.3-19.el7_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1612 CentOS 7 ghostscript BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1612.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
485dfd1d2b77b62fda729c6c8000536e2efd9e7d76994e33e08112aab48cc764 ghostscript-9.07-20.el7_3.7.i686.rpm
662aefd82966b900bb9c138dd724b97f8fb430abbde591b05d7e94958d0ec6b5 ghostscript-9.07-20.el7_3.7.x86_64.rpm
65839f865fae6ced04bf02e96bdc3c2b8df4dad0b4223668a4678760a4e10e42 ghostscript-cups-9.07-20.el7_3.7.x86_64.rpm
2382068423ab04a77b150b005b345b9a5592111c07314bf83f8eea806b29e844 ghostscript-devel-9.07-20.el7_3.7.i686.rpm
f1adc52e835b15dff3aee10a62d58cf59bb9eabab3bb28b091180c7bc1657898 ghostscript-devel-9.07-20.el7_3.7.x86_64.rpm
5cffe5e4ad6b1ec0b65828b0a43026e8dfde1a3d579141c16e6768b7259731ac ghostscript-doc-9.07-20.el7_3.7.noarch.rpm
af0a710576e7ffa820ac3a31b26fcd9765c889009333588828a9a97902406881 ghostscript-gtk-9.07-20.el7_3.7.x86_64.rpm
Source:
f73fc34459e156db4b49e9bf4a83220ec344a97b95e88459695dc39978205a3a ghostscript-9.07-20.el7_3.7.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1607 CentOS 7 xfsprogs BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1607.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
87ae485753769dfb65699bbed13b87b4de3dbd0cacc3feeda3913efd7e1fffec xfsprogs-4.5.0-10.el7_3.i686.rpm
9a8ee1dc8cae3ccce7be9c3fdacab1904a1b89e036c6938f5a44710ce1a208e8 xfsprogs-4.5.0-10.el7_3.x86_64.rpm
86f0404123ef695a7f1d8bd02020527a51aa896af2d99172d63da268772599cd xfsprogs-devel-4.5.0-10.el7_3.i686.rpm
e377e50149de902b16c25c0728471836710bbdc7ad2ab6d5ad9b47422e1e3cc7 xfsprogs-devel-4.5.0-10.el7_3.x86_64.rpm
Source:
8bb791fb5e035474da8d0b7e9b9f1a46306b610a20853c28382e46583fced72b xfsprogs-4.5.0-10.el7_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1605 CentOS 7 sssd BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1605.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
d0fcbcedb8e18b4385a88b2d6c94fcd3c37811fc85be40bf29168ba1ecdebc2d libipa_hbac-1.14.0-43.el7_3.18.i686.rpm
09d2461e2fc1ca84b9f84a574192347abd199c2f0d720c02de4227dc3a00172a libipa_hbac-1.14.0-43.el7_3.18.x86_64.rpm
7bf4897beb578e755555204c360ea8191c01177fddb1f90d61a9210ef58e932d libipa_hbac-devel-1.14.0-43.el7_3.18.i686.rpm
76767d3d3d3f665e2dc9bbfa9c55c102cfb016f071dc73da128ae94a8d646a5a libipa_hbac-devel-1.14.0-43.el7_3.18.x86_64.rpm
a87e89aeeb21273a2b6fb33a5f4a7558d8226cdb999b6731660b3964b0fe2672 libsss_autofs-1.14.0-43.el7_3.18.x86_64.rpm
2fec684f1f6d477e9e7bfa6a44c1be42e8236f65e23dc7492b42a4fc4ab08c69 libsss_idmap-1.14.0-43.el7_3.18.i686.rpm
a367c702b78383d1c2b1abc4f95cc662c57beb768adccfaf21764470fd8ed31b libsss_idmap-1.14.0-43.el7_3.18.x86_64.rpm
a7f7f97d67b0626d83ab9661cc1cd9dd0b9d1e5f3cf17ab2ad6910458643433a libsss_idmap-devel-1.14.0-43.el7_3.18.i686.rpm
2b77ee869d70fd7eaef134216ab509a43c1190b630afcf424e729e77a81a04a2 libsss_idmap-devel-1.14.0-43.el7_3.18.x86_64.rpm
e706aa5d4dbc10d2066c987a70f698e70ad8e58a11dddf8c84c662000c2bcc9e libsss_nss_idmap-1.14.0-43.el7_3.18.i686.rpm
873d626e66ad232ca8f9a5a328b60e02f6a1ed8aad847fac2da512626f13c12b libsss_nss_idmap-1.14.0-43.el7_3.18.x86_64.rpm
2b4ed7b475c77289ff2107e59e3e1c0386d19b031fed9561e5dd9d4d0bd493d2 libsss_nss_idmap-devel-1.14.0-43.el7_3.18.i686.rpm
ebed0754235c522e218e641c2c3b8279cdb48c9b25d33f693e12426803f0daa3 libsss_nss_idmap-devel-1.14.0-43.el7_3.18.x86_64.rpm
6824afdb2ead14f1f0554f90b9d28e82dd64bb9cf9f65814ca9c2d138b28dfce libsss_simpleifp-1.14.0-43.el7_3.18.i686.rpm
00299f16b90b7bfb8ae2720f54a36fa9ef589cc46e3a04a0dbff547453892164 libsss_simpleifp-1.14.0-43.el7_3.18.x86_64.rpm
2a0c586f1a418d4f013bd13b74b9514abb16ae6227a1b30b06ffeb5e3b8e9f60 libsss_simpleifp-devel-1.14.0-43.el7_3.18.i686.rpm
abc35d7656238080fc3245af8a611a0e0ad05dd8f9cb55910e4a141f457d4065 libsss_simpleifp-devel-1.14.0-43.el7_3.18.x86_64.rpm
389716ff1d6bbdb945c803e00e3c439d0a8c0c5b3a14f00275b831ee14312d45 libsss_sudo-1.14.0-43.el7_3.18.x86_64.rpm
27d7ac8b98a487b7b82f978c3c9c9363a1d59c354ddf0ee10af1fa84466c165f python-libipa_hbac-1.14.0-43.el7_3.18.x86_64.rpm
900979c87320322b8620d4864acf0549a1deed13f247f4f22b78e433503286a1 python-libsss_nss_idmap-1.14.0-43.el7_3.18.x86_64.rpm
6f322b835e5a3b18147be36d4bbe9e48dadc2f971c9b6a91b3a94784468d7942 python-sss-1.14.0-43.el7_3.18.x86_64.rpm
6bf8bfedd0d976dd0452e8fb87ef0a7bde521dc4806fdfdd29ceaf714eaabc18 python-sssdconfig-1.14.0-43.el7_3.18.noarch.rpm
f74780e2276e3976f4d964e4306c8c55754e4f8d767ebe02545f6dc02fad3b78 python-sss-murmur-1.14.0-43.el7_3.18.x86_64.rpm
c77f22c5c12af394798800c6bbe98efe07f76b13fa0bf7de115cc4eaaea66463 sssd-1.14.0-43.el7_3.18.x86_64.rpm
cbe9044e4cf700e2573b57ac122041ed6db74a695fe51199fc0b3ddd616c6ca2 sssd-ad-1.14.0-43.el7_3.18.x86_64.rpm
3938ebe682470a5eeb5116cb4ceea1ce56e6d39b22b86e87e1228e0e238e5a8c sssd-client-1.14.0-43.el7_3.18.i686.rpm
03baa6bb30b756d2a9af78cedd1e268a4c726355f029f2f9b1c7c6107584f2e7 sssd-client-1.14.0-43.el7_3.18.x86_64.rpm
4c57e0783f20b08dc7661a33bf623f4f75dc987aa2e688aa6df6bc4d9d991de8 sssd-common-1.14.0-43.el7_3.18.x86_64.rpm
068378b77852c4f55f0029f30fc910ac608108e54c5018dd816a424e5d3e97d0 sssd-common-pac-1.14.0-43.el7_3.18.x86_64.rpm
bce45e006d0274678f7a4f8341254e858cfd857dffed1768ce4f48df29859566 sssd-dbus-1.14.0-43.el7_3.18.x86_64.rpm
004fe0ea6d1a272b8b9ce9220c589c75a0ca8b0dd1d00baa97747780b9602413 sssd-ipa-1.14.0-43.el7_3.18.x86_64.rpm
40cbd3a5af7dabb0573641759c635f7091065d242737dd6582f369551e482573 sssd-krb5-1.14.0-43.el7_3.18.x86_64.rpm
8f365f62ef19030e6b2ef543048e92f902365b51fda05f1218bf9a66305fc31f sssd-krb5-common-1.14.0-43.el7_3.18.x86_64.rpm
1bbff8406aafc2040918b498e4f4ebd5d23dc954121b9eab50a9a78d8b8da8f0 sssd-ldap-1.14.0-43.el7_3.18.x86_64.rpm
2d8b510d24db401cdd7576e22c0b7fc6c76d6f3797eff450ac41ea418d34ff7a sssd-libwbclient-1.14.0-43.el7_3.18.x86_64.rpm
ce9b154d00e36361666aeb1ba684eea4c962c0783575a23839dc19a9533b65a2 sssd-libwbclient-devel-1.14.0-43.el7_3.18.i686.rpm
85dd8d0cc915573d73a1b03ebe1924d3c68c6de8f458f42268bfe0d30c96eef5 sssd-libwbclient-devel-1.14.0-43.el7_3.18.x86_64.rpm
dd6e962d49293eb4357d3303707f3d061dfa8d4d4322e994627d5cdd3bbfae2f sssd-polkit-rules-1.14.0-43.el7_3.18.x86_64.rpm
fc7176dce2fe9f986ab8f3dd0322bbaeb49bc4745d9336f4d3b9b61c6278034d sssd-proxy-1.14.0-43.el7_3.18.x86_64.rpm
0262ba98e2727ed8affc7eebd9a47d4340d9f98d335a97c0de841ba84faa765b sssd-tools-1.14.0-43.el7_3.18.x86_64.rpm
9888cebeb28a8889e5b17cf08b2b4fb54b2a1db486a2c498e16094597a0d5cac sssd-winbind-idmap-1.14.0-43.el7_3.18.x86_64.rpm
Source:
1b73e7e66c03754f0b0420e74eebfe46dc206a79af98c3770d170c02e716826a sssd-1.14.0-43.el7_3.18.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEEA-2017:1602 CentOS 7 conntrack-tools Enhancement Update
Upstream details at : https://rhn.redhat.com/errata/RHEA-2017-1602.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
2a2ca9f95b1506f519b2fd19891d4970529ebedc44e5203dd1cf46f9b4f3b7ba conntrack-tools-1.4.4-3.el7_3.x86_64.rpm
Source:
a44a15c09135e35aaaf4f5629461ce388457f9891a14a25115b33784b24f9e7f conntrack-tools-1.4.4-3.el7_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1604 CentOS 7 chkconfig BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1604.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
3ec95eb167c93d0254740594e0380734ed3b30ce3ab170a230cecd9721881585 chkconfig-1.7.2-1.el7_3.1.x86_64.rpm
f1996a8cb6b1616a19a0608b0adcad68bc91eeea43c45dbc3022189f2e883505 ntsysv-1.7.2-1.el7_3.1.x86_64.rpm
Source:
79e5d4d8dc53e00b08f1e1311ce8f39a39e3fc570c0588ff2e5b4f6c27bd0889 chkconfig-1.7.2-1.el7_3.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1603 CentOS 7 xmvn BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1603.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
5293befc74778dd52df0ba598edfd9e02a92adc030c67c12e99803a0b5511b7a xmvn-1.3.0-6.el7_3.noarch.rpm
563202db112c81f6863ffffac0ce5f3c7330720e965d8f751d59ccf7696ec406 xmvn-javadoc-1.3.0-6.el7_3.noarch.rpm
Source:
b6b5992b10546e5b75f445d5f019c356b2d3b5eb1bb4455da8e80ad6587c0917 xmvn-1.3.0-6.el7_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2017:1609 CentOS 7 libguestfs BugFix Update
Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-1609.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
3bc00ec8416dc71bf1edaae51a26d1cc2007b190f4652a640404590040aa7220 libguestfs-1.32.7-3.el7_3.3.x86_64.rpm
d81045bdffdfcac4b9cba45334a29aea490ea81d059f71c2ceabf83be01ceabb libguestfs-bash-completion-1.32.7-3.el7_3.3.noarch.rpm
89cee59bdada188199c77fd53874606c73e5f3f8d55370c779cc2e581eb9b426 libguestfs-devel-1.32.7-3.el7_3.3.x86_64.rpm
82edf717ccf6e9a2900dd416865766a29e78ee7b3afa447c43751dec66a1fc77 libguestfs-gfs2-1.32.7-3.el7_3.3.x86_64.rpm
2d7ee1b8d0663e9f60c61be4bd17d1b805fbbc952511ba08f1c402b9ba088b18 libguestfs-gobject-1.32.7-3.el7_3.3.x86_64.rpm
4c71337fc5990e127162ed97b9001f193c0fdab8b49a7bbb6df501efd02840e5 libguestfs-gobject-devel-1.32.7-3.el7_3.3.x86_64.rpm
428a5b70671c7920169a4c282416688f1340280ac18f55c9a2d55ad85ec88919 libguestfs-gobject-doc-1.32.7-3.el7_3.3.noarch.rpm
8cd115bd590fa6106bac46f54a6f9559b5dfdd9962a2784c52c9e1a0a8b2cf90 libguestfs-inspect-icons-1.32.7-3.el7_3.3.noarch.rpm
f6506c6b1f6f98d147d4a2534b915afb77a7d49bd74a66c751d1bdf9ea12393d libguestfs-java-1.32.7-3.el7_3.3.x86_64.rpm
8ef4aa48ceb034249d155d13fe5a700aaf361f9aa50706cb11f25ff0cb1dd67c libguestfs-java-devel-1.32.7-3.el7_3.3.x86_64.rpm
0c989fd195095d8faa42bd622030d90c45c1952285ac33a58cae22a7918df356 libguestfs-javadoc-1.32.7-3.el7_3.3.noarch.rpm
413ae6286b50c67a3161270e9892ea5427f3378da72b4fa8c2e84279255dfa0f libguestfs-man-pages-ja-1.32.7-3.el7_3.3.noarch.rpm
155e42548cf33428e1df8876183cc4e24d86afdf051e84d0ca588e4fbd3f730f libguestfs-man-pages-uk-1.32.7-3.el7_3.3.noarch.rpm
f02e1a5dcec64e0084cb671a94071a25427784c65ae3cffb98900e816f2750a2 libguestfs-rescue-1.32.7-3.el7_3.3.x86_64.rpm
7046fe473764459192af471cbce20b4f0b992b95bb6c2224ea3d0645d9b35d71 libguestfs-rsync-1.32.7-3.el7_3.3.x86_64.rpm
83dcc680aeba317fa4996264c4c00dc786e462f7bfd29628cbe4c5217b62114b libguestfs-tools-1.32.7-3.el7_3.3.noarch.rpm
5ac63f85e510e29ef9d73835218e26f1086ed1aaaae8ca2ca9553dfd6d25a701 libguestfs-tools-c-1.32.7-3.el7_3.3.x86_64.rpm
a71b8252039fa2cc104153fa695c305b41bc78fb00f8fa00945c85cc494cc1c8 libguestfs-xfs-1.32.7-3.el7_3.3.x86_64.rpm
e4876c5eb4ce821bb3b9e8d5bbd00902ebc90efd35031e4a2fcffba8606a49fa lua-guestfs-1.32.7-3.el7_3.3.x86_64.rpm
e425044ab646df324799c0baeb0e243a4c6e28c55fcd4abd472822916633ad17 ocaml-libguestfs-1.32.7-3.el7_3.3.x86_64.rpm
d5343890212ca10a1e4a218593ca00d13a1c559c861b373620923cbfc12b3cc2 ocaml-libguestfs-devel-1.32.7-3.el7_3.3.x86_64.rpm
833a761d994b7871b44663e2c29eac206da067ad2c6f1dc3bf85387f699a9ac9 perl-Sys-Guestfs-1.32.7-3.el7_3.3.x86_64.rpm
76d8b8770737a132700b80e0d18a6f9d9221bc96ece52bb7da3b60efc62b91d5 python-libguestfs-1.32.7-3.el7_3.3.x86_64.rpm
b039e2f9f8e9fe0ce7ed5e045da90e9e0f32b1486fbf3e5b68f84400ce686bf0 ruby-libguestfs-1.32.7-3.el7_3.3.x86_64.rpm
0cb7c001a9cdb83483cdc222128d120aaa4e2162ea9675f013dcf31e729623fb virt-dib-1.32.7-3.el7_3.3.x86_64.rpm
b70f31fa4448331073ba903fac91766ecfc3a3afa37fe0228d18a805508b30af virt-v2v-1.32.7-3.el7_3.3.x86_64.rpm
Source:
3da73b83136deee863725c1a20be885eaee3d729c16e422afdff09772647e8ee libguestfs-1.32.7-3.el7_3.3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
F27 Self Contained Change: Samba AD
https://fedoraproject.org/wiki/Changes/Samba_AD
Change owner(s):
* Alexander Bokovoy <abokovoy AT redhat DOT com>
* Andreas Schneider <asn AT redhat DOT com>
Samba AD is an open source implementation of an Active Directory set
of tools and protocols. It allows Windows clients to be enrolled and
managed using native Windows tools. In addition, Samba AD can serve as
a domain controller for Fedora workstations and servers utilizing
DCERPC, LDAP and Kerberos.
== Detailed Description ==
Samba AD is an implementation of an Active Directory set of tools and
protocols. It is developed and released as part of Samba suite.
Upcoming Samba 4.7 release will contain changes to allow Samba AD to
be built and used with MIT Kerberos. Prior to Samba 4.7 it was
impossible to compile Samba AD with MIT Kerberos. As result, Samba AD
was not packaged in Fedora.
== Scope ==
* Proposal owners:
Samba packages in Fedora already include a stub subpackage samba-dc
that is going to be replaced with a full Samba AD implementation.
Appropriate dependencies are already present in Fedora 27/Rawhide or
will be added together with Samba 4.7 update. This mostly concerns
upgrade of Samba-related libraries: libtevent, libldb, libtdb, and MIT
Kerberos update to support new APIs added to accommodate Samba AD
(already in Rawhide).
* Other developers:
N/A (not a System Wide Change)
* Release engineering:
- https://pagure.io/releng/issue/6869
- We believe no impact to Release Engineering is needed for this change
* List of deliverables:
N/A (not a System Wide Change)
* Policies and guidelines:
N/A (not a System Wide Change)
* Trademark approval:
N/A (not needed for this Change)
--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
[USN-3343-2] Linux kernel (Trusty HWE) vulnerabilities
Ubuntu Security Notice USN-3343-2
June 29, 2017
linux-lts-trusty vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise
Details:
USN 3343-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu
12.04 ESM.
USN 3335-2 fixed a vulnerability in the Linux kernel. However, that
fix introduced regressions for some Java applications. This update
addresses the issue. We apologize for the inconvenience.
It was discovered that a use-after-free vulnerability in the core voltage
regulator driver of the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2014-9940)
It was discovered that a buffer overflow existed in the trace subsystem in
the Linux kernel. A privileged local attacker could use this to execute
arbitrary code. (CVE-2017-0605)
Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)
Li Qiang discovered that an integer overflow vulnerability existed in the
Direct Rendering Manager (DRM) driver for VMWare devices in the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2017-7294)
It was discovered that a double-free vulnerability existed in the IPv4
stack of the Linux kernel. An attacker could use this to cause a denial of
service (system crash). (CVE-2017-8890)
Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel's IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)
Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel's IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)
It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)
It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)
It was discovered that the IPv6 stack in the Linux kernel was performing
its over write consistency check after the data was actually overwritten. A
local attacker could exploit this flaw to cause a denial of service (system
crash). (CVE-2017-9242)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
linux-image-3.13.0-123-generic 3.13.0-123.172~precise1
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172~precise1
linux-image-generic-lpae-lts-trusty 3.13.0.123.114
linux-image-generic-lts-trusty 3.13.0.123.114
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://www.ubuntu.com/usn/usn-3343-2
https://www.ubuntu.com/usn/usn-3343-1
https://www.ubuntu.com/usn/usn-3335-2
https://launchpad.net/bugs/1699772
CVE-2014-9940, CVE-2017-0605, CVE-2017-1000363, CVE-2017-7294,
CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076,
CVE-2017-9077, CVE-2017-9242
[USN-3338-2] Linux kernel regression
Ubuntu Security Notice USN-3338-2
June 29, 2017
linux regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
Details:
USN-3338-1 fixed vulnerabilities in the Linux kernel. However, the fix
for CVE-2017-1000364 introduced regressions for some Java applications.
This update addresses the issue. We apologize for the inconvenience.
Original advisory details:
It was discovered that the stack guard page for processes in the Linux
kernel was not sufficiently large enough to prevent overlapping with the
heap. An attacker could leverage this with another vulnerability to execute
arbitrary code and gain administrative privileges (CVE-2017-1000364)
Jesse Hertz and Tim Newsham discovered that the Linux netfilter
implementation did not correctly perform validation when handling 32 bit
compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local
unprivileged attacker could use this to cause a denial of service (system
crash) or execute arbitrary code with administrative privileges.
(CVE-2016-4997)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
linux-image-3.2.0-129-generic 3.2.0-129.174
linux-image-3.2.0-129-generic-pae 3.2.0-129.174
linux-image-3.2.0-129-highbank 3.2.0-129.174
linux-image-3.2.0-129-omap 3.2.0-129.174
linux-image-3.2.0-129-powerpc-smp 3.2.0-129.174
linux-image-3.2.0-129-powerpc64-smp 3.2.0-129.174
linux-image-3.2.0-129-virtual 3.2.0-129.174
linux-image-generic 3.2.0.129.143
linux-image-generic-pae 3.2.0.129.143
linux-image-highbank 3.2.0.129.143
linux-image-omap 3.2.0.129.143
linux-image-powerpc 3.2.0.129.143
linux-image-powerpc-smp 3.2.0.129.143
linux-image-powerpc64-smp 3.2.0.129.143
linux-image-virtual 3.2.0.129.143
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://www.ubuntu.com/usn/usn-3338-2
https://www.ubuntu.com/usn/usn-3338-1
https://launchpad.net/bugs/1699772
[USN-3345-1] Linux kernel vulnerabilities
Ubuntu Security Notice USN-3345-1
June 29, 2017
linux, linux-raspi2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-raspi2: Linux kernel for Raspberry Pi 2
Details:
USN 3324-1 fixed a vulnerability in the Linux kernel. However, that
fix introduced regressions for some Java applications. This update
addresses the issue. We apologize for the inconvenience.
Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)
It was discovered that a double-free vulnerability existed in the IPv4
stack of the Linux kernel. An attacker could use this to cause a denial of
service (system crash). (CVE-2017-8890)
Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel's IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)
Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel's IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)
It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)
It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)
Jann Horn discovered that bpf in Linux kernel does not restrict the output
of the print_bpf_insn function. A local attacker could use this to obtain
sensitive address information. (CVE-2017-9150)
It was discovered that the IPv6 stack in the Linux kernel was performing
its over write consistency check after the data was actually overwritten. A
local attacker could exploit this flaw to cause a denial of service (system
crash). (CVE-2017-9242)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
linux-image-4.10.0-1010-raspi2 4.10.0-1010.13
linux-image-4.10.0-26-generic 4.10.0-26.30
linux-image-4.10.0-26-generic-lpae 4.10.0-26.30
linux-image-4.10.0-26-lowlatency 4.10.0-26.30
linux-image-generic 4.10.0.26.28
linux-image-generic-lpae 4.10.0.26.28
linux-image-lowlatency 4.10.0.26.28
linux-image-raspi2 4.10.0.1010.12
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://www.ubuntu.com/usn/usn-3345-1
https://www.ubuntu.com/usn/usn-3324-1
https://launchpad.net/bugs/1699772
CVE-2017-1000363, CVE-2017-8890, CVE-2017-9074, CVE-2017-9075,
CVE-2017-9076, CVE-2017-9077, CVE-2017-9150, CVE-2017-9242
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.10.0-26.30
https://launchpad.net/ubuntu/+source/linux-raspi2/4.10.0-1010.13
[USN-3344-2] Linux kernel (Xenial HWE) vulnerabilities
Ubuntu Security Notice USN-3344-2
June 29, 2017
linux-lts-xenial vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty
Details:
USN-3344-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
USN 3334-1 fixed a vulnerability in the Linux kernel. However, that
fix introduced regressions for some Java applications. This update
addresses the issue. We apologize for the inconvenience.
Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)
A reference count bug was discovered in the Linux kernel ipx protocol
stack. A local attacker could exploit this flaw to cause a denial of
service or possibly other unspecified problems. (CVE-2017-7487)
It was discovered that a double-free vulnerability existed in the IPv4
stack of the Linux kernel. An attacker could use this to cause a denial of
service (system crash). (CVE-2017-8890)
Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel's IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)
Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel's IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)
It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)
It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)
It was discovered that the IPv6 stack in the Linux kernel was performing
its over write consistency check after the data was actually overwritten. A
local attacker could exploit this flaw to cause a denial of service (system
crash). (CVE-2017-9242)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
linux-image-4.4.0-83-generic 4.4.0-83.106~14.04.1
linux-image-4.4.0-83-generic-lpae 4.4.0-83.106~14.04.1
linux-image-4.4.0-83-lowlatency 4.4.0-83.106~14.04.1
linux-image-4.4.0-83-powerpc-e500mc 4.4.0-83.106~14.04.1
linux-image-4.4.0-83-powerpc-smp 4.4.0-83.106~14.04.1
linux-image-4.4.0-83-powerpc64-emb 4.4.0-83.106~14.04.1
linux-image-4.4.0-83-powerpc64-smp 4.4.0-83.106~14.04.1
linux-image-generic-lpae-lts-xenial 4.4.0.83.68
linux-image-generic-lts-xenial 4.4.0.83.68
linux-image-lowlatency-lts-xenial 4.4.0.83.68
linux-image-powerpc-e500mc-lts-xenial 4.4.0.83.68
linux-image-powerpc-smp-lts-xenial 4.4.0.83.68
linux-image-powerpc64-emb-lts-xenial 4.4.0.83.68
linux-image-powerpc64-smp-lts-xenial 4.4.0.83.68
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://www.ubuntu.com/usn/usn-3344-2
https://www.ubuntu.com/usn/usn-3344-1
https://www.ubuntu.com/usn/usn-3334-1
https://launchpad.net/bugs/1699772
CVE-2017-1000363, CVE-2017-7487, CVE-2017-8890, CVE-2017-9074,
CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, CVE-2017-9242
Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-83.106~14.04.1
[USN-3344-1] Linux kernel vulnerabilities
Ubuntu Security Notice USN-3344-1
June 29, 2017
linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-gke: Linux kernel for Google Container Engine (GKE) systems
- linux-raspi2: Linux kernel for Raspberry Pi 2
- linux-snapdragon: Linux kernel for Snapdragon processors
Details:
USN 3328-1 fixed a vulnerability in the Linux kernel. However, that
fix introduced regressions for some Java applications. This update
addresses the issue. We apologize for the inconvenience.
Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)
A reference count bug was discovered in the Linux kernel ipx protocol
stack. A local attacker could exploit this flaw to cause a denial of
service or possibly other unspecified problems. (CVE-2017-7487)
It was discovered that a double-free vulnerability existed in the IPv4
stack of the Linux kernel. An attacker could use this to cause a denial of
service (system crash). (CVE-2017-8890)
Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel's IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)
Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel's IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)
It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)
It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)
It was discovered that the IPv6 stack in the Linux kernel was performing
its over write consistency check after the data was actually overwritten. A
local attacker could exploit this flaw to cause a denial of service (system
crash). (CVE-2017-9242)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
linux-image-4.4.0-1018-gke 4.4.0-1018.18
linux-image-4.4.0-1022-aws 4.4.0-1022.31
linux-image-4.4.0-1061-raspi2 4.4.0-1061.69
linux-image-4.4.0-1063-snapdragon 4.4.0-1063.68
linux-image-4.4.0-83-generic 4.4.0-83.106
linux-image-4.4.0-83-generic-lpae 4.4.0-83.106
linux-image-4.4.0-83-lowlatency 4.4.0-83.106
linux-image-4.4.0-83-powerpc-e500mc 4.4.0-83.106
linux-image-4.4.0-83-powerpc-smp 4.4.0-83.106
linux-image-4.4.0-83-powerpc64-emb 4.4.0-83.106
linux-image-4.4.0-83-powerpc64-smp 4.4.0-83.106
linux-image-aws 4.4.0.1022.25
linux-image-generic 4.4.0.83.89
linux-image-generic-lpae 4.4.0.83.89
linux-image-gke 4.4.0.1018.20
linux-image-lowlatency 4.4.0.83.89
linux-image-powerpc-e500mc 4.4.0.83.89
linux-image-powerpc-smp 4.4.0.83.89
linux-image-powerpc64-emb 4.4.0.83.89
linux-image-powerpc64-smp 4.4.0.83.89
linux-image-raspi2 4.4.0.1061.62
linux-image-snapdragon 4.4.0.1063.56
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://www.ubuntu.com/usn/usn-3344-1
https://www.ubuntu.com/usn/usn-3328-1
https://launchpad.net/bugs/1699772
CVE-2017-1000363, CVE-2017-7487, CVE-2017-8890, CVE-2017-9074,
CVE-2017-9075, CVE-2017-9076, CVE-2017-9077, CVE-2017-9242
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.4.0-83.106
https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1022.31
https://launchpad.net/ubuntu/+source/linux-gke/4.4.0-1018.18
https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1061.69
https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1063.68
[USN-3343-1] Linux kernel vulnerabilities
Ubuntu Security Notice USN-3343-1
June 29, 2017
linux vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
Details:
USN 3335-1 fixed a vulnerability in the Linux kernel. However, that
fix introduced regressions for some Java applications. This update
addresses the issue. We apologize for the inconvenience.
It was discovered that a use-after-free vulnerability in the core voltage
regulator driver of the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2014-9940)
It was discovered that a buffer overflow existed in the trace subsystem in
the Linux kernel. A privileged local attacker could use this to execute
arbitrary code. (CVE-2017-0605)
Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)
Li Qiang discovered that an integer overflow vulnerability existed in the
Direct Rendering Manager (DRM) driver for VMWare devices in the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2017-7294)
It was discovered that a double-free vulnerability existed in the IPv4
stack of the Linux kernel. An attacker could use this to cause a denial of
service (system crash). (CVE-2017-8890)
Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel's IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)
Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel's IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)
It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)
It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)
It was discovered that the IPv6 stack in the Linux kernel was performing
its over write consistency check after the data was actually overwritten. A
local attacker could exploit this flaw to cause a denial of service (system
crash). (CVE-2017-9242)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
linux-image-3.13.0-123-generic 3.13.0-123.172
linux-image-3.13.0-123-generic-lpae 3.13.0-123.172
linux-image-3.13.0-123-lowlatency 3.13.0-123.172
linux-image-3.13.0-123-powerpc-e500 3.13.0-123.172
linux-image-3.13.0-123-powerpc-e500mc 3.13.0-123.172
linux-image-3.13.0-123-powerpc-smp 3.13.0-123.172
linux-image-3.13.0-123-powerpc64-emb 3.13.0-123.172
linux-image-3.13.0-123-powerpc64-smp 3.13.0-123.172
linux-image-generic 3.13.0.123.133
linux-image-generic-lpae 3.13.0.123.133
linux-image-lowlatency 3.13.0.123.133
linux-image-powerpc-e500 3.13.0.123.133
linux-image-powerpc-e500mc 3.13.0.123.133
linux-image-powerpc-smp 3.13.0.123.133
linux-image-powerpc64-emb 3.13.0.123.133
linux-image-powerpc64-smp 3.13.0.123.133
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://www.ubuntu.com/usn/usn-3343-1
https://www.ubuntu.com/usn/usn-3335-1
https://launchpad.net/bugs/1699772
CVE-2014-9940, CVE-2017-0605, CVE-2017-1000363, CVE-2017-7294,
CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076,
CVE-2017-9077, CVE-2017-9242
Package Information:
https://launchpad.net/ubuntu/+source/linux/3.13.0-123.172
[USN-3342-1] Linux kernel vulnerabilities
Ubuntu Security Notice USN-3342-1
June 29, 2017
linux, linux-raspi2 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
Summary:
Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-raspi2: Linux kernel for Raspberry Pi 2
Details:
USN 3326-1 fixed a vulnerability in the Linux kernel. However, that
fix introduced regressions for some Java applications. This update
addresses the issue. We apologize for the inconvenience.
It was discovered that a use-after-free flaw existed in the filesystem
encryption subsystem in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash). (CVE-2017-7374)
Roee Hay discovered that the parallel port printer driver in the Linux
kernel did not properly bounds check passed arguments. A local attacker
with write access to the kernel command line arguments could use this to
execute arbitrary code. (CVE-2017-1000363)
Ingo Molnar discovered that the VideoCore DRM driver in the Linux kernel
did not return an error after detecting certain overflows. A local attacker
could exploit this issue to cause a denial of service (OOPS).
(CVE-2017-5577)
Li Qiang discovered that an integer overflow vulnerability existed in the
Direct Rendering Manager (DRM) driver for VMWare devices in the Linux
kernel. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2017-7294)
It was discovered that a double-free vulnerability existed in the IPv4
stack of the Linux kernel. An attacker could use this to cause a denial of
service (system crash). (CVE-2017-8890)
Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux
kernel's IPv6 stack. A local attacker could cause a denial of service or
potentially other unspecified problems. (CVE-2017-9074)
Andrey Konovalov discovered a flaw in the handling of inheritance in the
Linux kernel's IPv6 stack. A local user could exploit this issue to cause a
denial of service or possibly other unspecified problems. (CVE-2017-9075)
It was discovered that dccp v6 in the Linux kernel mishandled inheritance.
A local attacker could exploit this issue to cause a denial of service or
potentially other unspecified problems. (CVE-2017-9076)
It was discovered that the transmission control protocol (tcp) v6 in the
Linux kernel mishandled inheritance. A local attacker could exploit this
issue to cause a denial of service or potentially other unspecified
problems. (CVE-2017-9077)
It was discovered that the IPv6 stack in the Linux kernel was performing
its over write consistency check after the data was actually overwritten. A
local attacker could exploit this flaw to cause a denial of service (system
crash). (CVE-2017-9242)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.10:
linux-image-4.8.0-1042-raspi2 4.8.0-1042.46
linux-image-4.8.0-58-generic 4.8.0-58.63
linux-image-4.8.0-58-generic-lpae 4.8.0-58.63
linux-image-4.8.0-58-lowlatency 4.8.0-58.63
linux-image-4.8.0-58-powerpc-e500mc 4.8.0-58.63
linux-image-4.8.0-58-powerpc-smp 4.8.0-58.63
linux-image-4.8.0-58-powerpc64-emb 4.8.0-58.63
linux-image-generic 4.8.0.58.71
linux-image-generic-lpae 4.8.0.58.71
linux-image-lowlatency 4.8.0.58.71
linux-image-powerpc-e500mc 4.8.0.58.71
linux-image-powerpc-smp 4.8.0.58.71
linux-image-powerpc64-emb 4.8.0.58.71
linux-image-powerpc64-smp 4.8.0.58.71
linux-image-raspi2 4.8.0.1042.46
linux-image-virtual 4.8.0.58.71
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://www.ubuntu.com/usn/usn-3342-1
https://www.ubuntu.com/usn/usn-3326-1
https://launchpad.net/bugs/1699772
CVE-2017-1000363, CVE-2017-5577, CVE-2017-7294, CVE-2017-7374,
CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9076,
CVE-2017-9077, CVE-2017-9242
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.8.0-58.63
https://launchpad.net/ubuntu/+source/linux-raspi2/4.8.0-1042.46
Wednesday, June 28, 2017
[CentOS-announce] CESA-2017:1576 Important CentOS 6 mercurial Security Update
Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1576.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
0f06aa1a175e32ee32a8f0413311a728e10442a97ee1e773a7e953b7ae01bdce emacs-mercurial-1.4-5.el6_9.i686.rpm
cc27dd9e2a904e45ceef913b0e338006c0b7f3c62dbddea5178690e7359aab3a emacs-mercurial-el-1.4-5.el6_9.i686.rpm
7972d0782bc989277e6fa036969195db2e4899c0d3b5b9fd068857b3b6411818 mercurial-1.4-5.el6_9.i686.rpm
f59e6b133464b4b41cef31ba4b6c5e329c7e5b1e5d43f451069dfa45c9f9635d mercurial-hgk-1.4-5.el6_9.i686.rpm
x86_64:
10b9c0a48c2a8cdf57ae1babec88416b263f83373d99547cae91e6e2188c43f7 emacs-mercurial-1.4-5.el6_9.x86_64.rpm
978b38d6c34beaf8f560ff94534e0edf1d9afbf53f083cfe7dbc7381dc6cc338 emacs-mercurial-el-1.4-5.el6_9.x86_64.rpm
b3a1342bd8f82ad47ae9d79fac3ea175da25257015ed2703371f46f9016ee9a1 mercurial-1.4-5.el6_9.x86_64.rpm
42517fc88a18062b49742a40174a7b3360c666c0a4918b2b5495adb9b9ecd362 mercurial-hgk-1.4-5.el6_9.x86_64.rpm
Source:
3101a19c150870a7c5dd7885516762f6d85f5dbccaa49f518039eb26f310b685 mercurial-1.4-5.el6_9.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
F27 Self Contained Change: Remove SSH-1 from OpenSSH clients
https://fedoraproject.org/wiki/Changes/Remove_SSH-1_from_OpenSSH
Change owner(s):
* Jakub Jelen <jjelen AT redhat DOT com>
Upstream removes support for SSH-1 protocol and we plan to do the same
in Fedora. The protocol is years obsolete and not even supported in
current default binaries (only in openssh-clients-ssh1 subpackage).
== Detailed Description ==
SSH-1 protocol was introduced more than 20 years ago and is no longer
considered secure. OpenSSH package in Fedora is built without SSH-1
protocol since 2015 (SSH-1 clients are available in
openssh-clients-ssh1 subpackage). OpenSSH upstream plans to remove the
code completely in next release, which prevents us from using this
technique further and remove the support completely (unless there will
be significant demand for compat package).
== Scope ==
* Proposal owners:
Remove subpackage openssh-clients-ssh1 and potentially create
compat-openssh-clients-7.5 package with clients supporting SSH-1
protocol.
* Other developers:
N/A (not a System Wide Change)
* Release engineering:
#6867 https://pagure.io/releng/issues/6867
* List of deliverables:
N/A (not a System Wide Change)
* Policies and guidelines:
N/A (not a System Wide Change)
* Trademark approval:
N/A (not needed for this Change)
--
Jan Kuřík
Platform & Fedora Program Manager
Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Tuesday, June 27, 2017
OpenBSD Errata: June 27th, 2017 (icmp6_linklocal)
When pinging an IPv6 link-local address, the reflected packet had ::1
as source address. The echo reply was ignored as it must be from the
link-local address.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. A source code patch can be found on the respective
errata page:
https://www.openbsd.org/errata61.html
As this affects the kernel, a reboot will be needed after patching.
If IPv6 is not configured on your system, this issue does not affect you.
[USN-3341-1] Systemd vulnerability
iQEcBAEBCAAGBQJZUozAAAoJEGEfvezVlG4P3HwH+wd4aH0RnwQp9GXyG84We5TT
aQMUS/PaPopYGfi+W0v4Ai6+XwBwwfgOwJj9kT44J28RSWWvAiLqWurJtt1q5Czy
VH/AdTffmHK7/5g1PrKXse70HNRZbn/wZuJBpOreq7JB3f8Y14OKEapJsRgnfu3D
hGEeaXBa0PvuR2m4j1JnRwmMyp1mJ7txa8wkFF32Sn81KEEO0m1hJ0jB+DnermV0
J8iVJWBqoYygdZZ4DZt7k8AfAyHG3XKgN75AALhNlIPLop3fftvw90qDF/MbtxCt
k/iJ+RZKQAQI+8JbnqOZsVObDjUSdq/Ei/N9Wk7p5zUHIJCFyA0d47ugJnNHD4E=
=jDcv
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3341-1
June 27, 2017
systemd vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.10
Summary:
systemd-resolved could be made to crash or run programs if it received
a specially crafted DNS response.
Software Description:
- systemd: system and service manager
Details:
An out-of-bounds write was discovered in systemd-resolved when handling
specially crafted DNS responses. A remote attacker could potentially
exploit this to cause a denial of service (daemon crash) or execute
arbitrary code. (CVE-2017-9445)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
systemd 232-21ubuntu5
Ubuntu 16.10:
systemd 231-9ubuntu5
In general, a standard system update will make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3341-1
CVE-2017-9445, https://launchpad.net/bugs/1695546
Package Information:
https://launchpad.net/ubuntu/+source/systemd/232-21ubuntu5
https://launchpad.net/ubuntu/+source/systemd/231-9ubuntu5
Monday, June 26, 2017
reallost1.fbsd2233449:危险化学品安全管理学习 10:17:40
危险化学品安全管理
【时间地点】2017年7月06-07日 上海、
【参加对象】EHS经理、EHS工程师、安全工程师、中高层管理者,采购经理、危险化学品库管理员库房经理、安全员、ISO14001内审员、OHS18001内审员等。
【授课方式】讲师讲授 + 视频演绎 + 案例研讨 +角色扮演 + 讲师点评 + 落地工具
【学习费用】3200元/2天/1人(含学习费、资料费、两天午餐、茶点、税费)
【垂询热线】021-31006787、 13381601000 许先生
【QQ/ 微信】320588808
课 程 目 的:
对于在工作中要接触化学品的员工,化学品的特性及其他性质,可能会对身体造成严重损伤,有时
也会对健康有长期潜在的危害。此外,一些化学品更有可能引起火灾和爆炸,导致财务损失,甚至危
及生命。本课程通过介绍如何通过对化学品进行分类/标识,完成化学品危害知识沟通,建立本公司的
化学品的管理系统,减少因化学品而导致的事故发生。
培训收益:
2天通过大量案例,完全以一般工业企业(非化工厂)危险化学品管理基本流程,从原理、法规要求
到具体各个危险化学品形成环节的管理要求进行讲解,同时深入剖析法规要求、企业常见问题,推荐的
知名企业有效做法,让经验不足的管理者迅速学会危险化学品管理的有效流程及重点环节,让资深EHS
人员及危险化学品库房经理全面掌握危险化学品系统化管理方法及关键点。
课程大纲:
危险化学品基本特性
危险化学品基本概念
危险化学品主要危险特性分析
危险化学品分类
全球化学品统一分类和标签制度(GHS)介绍
危险化学品MSDS内容及要点解析
危险化学品安全标签形式及要求
联合国关于危险货物运输建议书(TDG)介绍
危险化学品标志设置与管理
危险化学品采购与运输管理
危险化学品生产经营企业基本资质及管理要求
危险化学品运输管理资质与控制
危险化学品运输车辆基本要求与资质
危险化学品运输人员资质与技能要求
危险化学品登记管理
危险化学品库房设计基本要求
易燃易爆危险化学品存储防火防爆要求
防止土壤和地下水污染的防渗措施及废液收集要求
消防设施(灭火器、气体灭火系统等)
泄漏等应急处理设施(应急洗眼设施、应急物资、应急劳保用品)等
温湿度监控与控制系统
一般库房内危险化学品存储设施—防爆柜
危险化学品验收、出入库管理及在库管理
危险化学品出入库区管理要求
危险化学品验收要求
危险化学品装卸及搬运管理要求
危险化学品在库管理要求
MSDS及安全标签等使用
人员资质与技能要求
危险化学品重大危险源管理
危险化学品使用管理
现场临时存储及搬运管理
作业岗位安全设施管理(通风、防火、紧急洗眼等)
作业岗位警示标识与危险化学品标识
使用作业指导文件
使用前员工个体防护
作业人员职业健康管理
现场安全作业要求
泄漏等异常处理等作业要求
危险化学品废弃管理
中国废物管理现状
国家废物管理基本思路
企业废物分类标准
危险废物产生、鉴别及分类
危险废物容器设置及废物产生管理
危险废物内部转运、暂存场设置及管理
危险废物的委托处理及转移管理
危险废物的最终处置
危险废物统计与申报
废弃危险化学品的法规要求
危险化学品应急管理
化学品事故案例分析
环保相关法规对化学品应急管理的要求
管理体系标准中"4.4.7应急准备与响应"的要求。
企业化学品应急预案体系设计思考
化学品应急预案编写研讨
化学品应急预案的准备、定期评审、演练、执行和完善。
特殊危险化学品管理要求
剧毒化学品管理
易制毒化学品管理
农药使用管理
大众、宝马等著名企业危险化学品管理典型案例解析
几十部危险化学品相关法规深度解读,结合危险化学品管理要求讲解包括法规最新版本、内容变化、使用要点等。
答疑与交流
适用法律法规评价与公司合规性评审
c)EHS职责、目标与绩效系统设计
研讨:如何避免各部门在EHS执行中推诿、扯皮
EHS KPI体系设计:确定目标,展示绩效
EHS目标的设计:基于职责,结果与过程两个纬度
让部门动起来:充分运用EHS目标的沟通技巧
案例演练:基于部门职责绘制部门绩效管制图
EHS绩效考核与履责沟通
d)EHS检查的实施
EHS检查的目标与参与者
EHS检查的三项准备
让EHS检查更实效:立体式检查表设计
EHS检查闭环
为决策者提供关键依据:柏拉图在EHS检查中的运用
e)EHS应急体系设计
研讨:小偷入室盗窃,进屋以后最先干什么?
预案的必要性
预案架构
研讨:根据提供信息,进行案例研讨
预案编写步骤
事故响应级别
应急救援设备与物资储备管理
如何编制应急预案
企业需要考虑的常见应急事态
编制预案的基本原则
f)变更管理的实施要领
g)三同时实施流程与基本要求
主题四:基于EHS因素的系统控制
a)危险源辨识与风险评估
岗位操作步骤划分技巧
危险源认知与危险源辨识技巧
核心:危险源的特点与危险源控制的四种方法
演练:危险源识别与控制
风险评估基本方法与原则
风险评估范例:厄姆雷特评价法与矩阵法
基于"源"因分析制定控制对策
危险源治理模型
更新记录的时机与原则
基于流程实施的环境因素识别
重要环境因素评估方法
编制一线员工可参与的环境控制措施
b)EHS因素相关作业指导书编制与现场目视化
案例:不实用SOP仅仅用于应付审核
一套足以:将EHS作业指导书融入实际工作
作业指导书辨识过程中的三大关注因素与五大原则
目视化的意义
独家研发:目视化在EHS管理中运用
案例:EHS现场标识的标准化编制技巧
c)EHS培训与督导体系构建
岗位培训在EHS管理中的重要性
如何建立有效的岗位EHS培训
基于TWI课程体系的岗位EHS培训方法
颠覆传动模式:行为安全管理(BBS)在EHS管理中的有效运用
纠正员工行为五步法
罚款不是处罚的全部:正确认知处罚行为
主题五:EHS文化构建
a)文化的定义与理解要领
b)案例:文化部的核心职能
c)基于行为习惯培养团队文化
d)案例:长城汽车企业文化形成借鉴
e)常见EHS改善活动
不仅仅是一种形式:EHS活动的意义
案例:实效EHS活动的五大展现形式
小伤害、小事故提报
合理化建议
f)EHS宣传与活动的开展要领
EHS宣传的目标
EHS宣传的常见展现形式
宣传的八字方针
主题六:EHS管理者沟通技术
a)不再有隔阂:EHS人员的高效沟通技巧
沟通的原理:接受与认可
彼此理解和接受:高效沟通的目的
EHS管理者的痛:部门的参与度与沟通
研发:EHS高效沟通的三个要素和八个策略
让更多人接受:EHS人员的四大沟通对象与沟通策略
b)EHS管理中的问题应对与技巧
巧用老板:如何让老板关注EHS管理绩效
巧用报表:EHS KPI设定与运行监测
巧用案例:EHS管理人员如何运用压力管理
巧用氛围:如何让全员参与EHS管理
讲师介绍 :马亮
资历背景:
实战派资深咨询专家、高级培训师,常年以高级审核员、专业咨询顾问和培训师身份进入国内众多行业的企业,开展企业的管理诊断、咨询辅导和管理人员培训项目,具有广泛的行业基础和培训经验。
马老师大学毕业后从外企生产车间保全工、班组长等基层岗位做起,到成为一位积累近300多家优秀企业的成功经验优秀顾问讲师、经历过从企业、客户、顾问、认证公司和讲师等不同角度系统专研管理体系实效应用、拥有10多年数百场的培训经历、培训过数千学员。在行业内真正实战派的培训师。
马老师授课思路简洁清晰、内容丰富系统、拥有大量鲜活的典型案例,启发性和参考性很强。他经验丰富,能够在短时间解决学员提出的各种难题并给出针对性建议,同时又能一针见血指出企业深层问题,其一些观点是一些企业困惑多年问题的良药,实用性特别强。他讲课诙谐生动、通过互动启发式交流,
引导学员突破旧思维,能够根据学员反映调节讲课节奏,是经过专业训练的优秀讲师。
工作经验:
纪伊塑料(大连)有限公司(日本独资企业,1997-2001),负责生产/质量/环保管理等,并以ISO事务局主任身份于1999年和2000年为公司建立了环境和质量管理体系。
爱波瑞管理咨询有限公司(2001-2004),咨询部经理兼高级讲师,负责企业管理咨询、企业管理培训、管理项目监控考评工作。
中国一汽集团进行供应商评审(2004),负责按照德国大众供应商过程审核、产品审核(VDA6.3/VDA6.5)对近60家供应商进行二方审核。
德国莱茵TUV大连办事处(2005-2009),主任审核员、培训部经理兼资深培训讲师等工作,负责客户管理体系评审、企业管理培训和管理咨询辅导工作。
资深咨询师、资深培训师(2009—自今),为众多客户提供了公开课培训、专题咨询和企业内部培训。
擅长的领域:
企业高管EHS领导力经典培训(大连、沈阳、长春等地多次举办公开课,深圳天马集团上市公司、庞巴迪轨道、创新零部件、奇瑞汽车等企业进行过内训)
危险化学品管理-独创课程,在大连和长春等举办过多期公开课,一汽大众、蒂森克虏伯等数十家企业QC七工具培训(为辽宁THK、大连盘起工业、沈阳常春内饰件等多家企业进行过内训)
企业消防管理实务(2011年在大连和长春等地举办过多期公开课)
质量管理流程梳理与策划(2009年为德国海密梯克等企业进行咨询和培训)
班组长、工段长质量管理培训(为辽宁THK、沈阳华晨宝马等企业进行过内训课程)
供应商质量管理(2011年在大连和长春举办过公开课)
VDA6.3过程审核2010版(为一汽集团供应商、一汽轿车股份进行内训,并在长春举办公开课)
汽车4S店环保及安全管理专项培训(为大众品牌、奥迪品牌近200家4S店进行过公开课培训)
现场5S及精益生产培训(为三洋、宝马等企业进行过内训)
ISO9001:2008内审员(从2001年开始举办多次公开课,并为韩国现代电子、日本三洋、美国泰科安全产品、赛德隆等多家客户进行咨询和内训)
ISO14001:2004内审员(从2001年开始举办多次公开课,并为美国辉瑞制药、一汽大众、日本电产、珠海佳能、富士电机等多家客户进行辅导咨询和内训)
OHS18001:2007内审员(从2002年开始举办多次公开课,并为青岛汽车厂、美国铁姆肯轴承、伟巴斯特、松下汽车电子、等多家客户进行辅导咨询和内训)
三体系整合内审员(2005年开始为深圳天马集团5家公司、中兴通讯、三洋冷链等很多客户进行过内训)
EHS整合内审员(2002年开始大连、长春、青岛等地多次举办公开课,为德国庞巴迪轨道客车、美国铁姆肯轴承等众多客户进行内训)
ISO9001高级审核技巧(为日本富士电机、日本辽宁THK等客户客户进行过内训、大连举办过公开课)
ISO14001高级审核技巧提升(为华晨宝马、一汽大众、美国德尔福等客户进行过内训)
OHS18001高级审核技巧提升(为华晨宝马、一汽大众等客户进行过内训)
车间班组长安全管理实务(举办过公开课)
识别与控制环境因素实战技能训练(一汽大众、德国海密梯克、施奈莱克等客户进行过内训和辅导)
客户评价:
他的授课思路简洁清晰、内容丰富系统、拥有大量鲜活的典型案例,启发性和参考性很强。
他经验丰富,能够在短时间解决学员提出的各种难题并给出针对性建议,同时又能一针见血指出企业深层问题,其一些观点是一些企业困惑多年问题的良药,实用性特别强。
他讲课诙谐生动、通过互动启发式交流,引导学员突破旧思维,能够根据学员反映调节讲课节奏,是经过专业训练的优秀讲师。
主讲课程:
企业高管EHS领导力|企业危险化学品管理|部长经理EHS经典培训|ISO14001内审员|OHS18001内审员|QC七工具实战|VDA6.3过程审核|能源管理体系建立及人员训练|企业有效节能降耗管理|最新安全环境法规解析|班组安全管理实战|工厂消防管理实务|应急管理与应急预案|固体废物管理|危险废物管理|经销商绿色合作伙伴|化学品MSDS管理|班组EHS管理
服务客户:
汽车行业客户有:
一汽-大众汽车、一汽轿车股份公司、一汽-大众销售公司、华晨宝马汽车、重庆长安铃木汽车、哈飞汽车、一汽集团、青岛汽车厂、上海一汽专用车厂、一汽-大众成都分公司、成都一汽解放汽车厂、大众一汽发动机、德尔福、上海江森自控蓄电池、延锋彼欧汽车、延锋百利得安全系统、延锋江森座椅、大陆汽车电子、海拉车灯、一东离合器、蒂森克虏伯、一汽鞍井、固特异轮胎等100多家企业。
电子行业客户有:
青岛海信电视、海尔冰箱、佳能(珠海)、大连松下汽车电子、欧姆龙(大连)、柯尼卡美能达、三洋家电、大陆汽车电子(原西门子VDO)、上海中航光电子(原日本NEC)、深圳天马微电子、上海天马电子、美国泰科安全产品、富士电机、斯大精密(大连)、五大电子(大连)、阿来德好利(大连)、日本电产日新工机(大连)、大连城北电子、大连太平洋电子、千代达电子、大连太平洋多层线路板、奥巴克(大连)、大连LG产电、大连现代液晶显示器、赛德隆国际电器、大连高千穗电子、奇宏电子有限公司、大金空调、海太半导体等80多家企业。
机械行业客户有:
亿达日平机床YNC、大连蒂业技凯瓦轴、大连三洋冷链、辽宁THK、三一重型装备、利勃海尔机械、大连星玛电梯、沈阳柏林特电梯、德国海密梯克泵业、里瓦泵业、德国蒂森克虏伯、大连施奈莱克、大连创新零部件美国塔奥金环、美国铁姆肯轴承、长春曼•胡默尔富奥滤清器、富奥威泰克底盘、冰山菱设等
其他行业客户有:
鞍钢集团、首钢集团、辽宁成大集团、大连实德集团、金德管业集团、大连路明集团、大商集团、美国辉瑞制药、YKK吉田建材、大连飞马家具、德力国际运输、上海紫丹印务、大连桑扶兰时装、欧伦船业、好望角大连金石滩、老虎滩海洋公园等70余家企业。
汽车4S店:
辽宁鑫迪、北京百得利、上海东昌金桥、绍兴联奥汽车、东莞市世奥汽车、成都三和汽车、上海嘉安汽车、河南合众汇金、北京汽车贸易中心、北京海联力通、四川精典吉众、四川申蓉和浩、佛山南海拓华、广州锦众汽车、长春华阳、长春华之城等近40家。