Today (2018-07-31) we have reached the "Software String Freeze"
deadline. Beyond this deadline there should not be any changes in
strings.
If you want to help with translations, please check the packages that
follow Fedora release cycle (Main projects):
https://fedora.zanata.org/version-group/view/main
The deadline for translations is 2018-08-28 (Software Translation
Deadline). See the translation schedule[1] for more detail.
[1] https://fedorapeople.org/groups/schedule/f-29/f-29-trans-tasks.html
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/SU4LNPDA3JHZKYWBDMBCSB6CNEYDB6DC/
Tuesday, July 31, 2018
HEADS UP: pip upgraded from 9 to 18 (rawhide only)
I've just built python-pip-18.0-1.fc29.
It has a lot of breaking changes, so please file bugs if you have
problems. We do not plan to upgrade pip in stable Fedora releases.
Release notes: https://pip.pypa.io/en/stable/news/
See notes for 18 and 10, as we skipped 10.
Note that upstream changed version scheme, nothing existed between 10
and 18.
Thanks,
--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/S7FE45Y76MBIXU7QE75FTZSPEPLIIWOH/
It has a lot of breaking changes, so please file bugs if you have
problems. We do not plan to upgrade pip in stable Fedora releases.
Release notes: https://pip.pypa.io/en/stable/news/
See notes for 18 and 10, as we skipped 10.
Note that upstream changed version scheme, nothing existed between 10
and 18.
Thanks,
--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/S7FE45Y76MBIXU7QE75FTZSPEPLIIWOH/
Monday, July 30, 2018
[USN-3725-2] MySQL vulnerabilities
==========================================================================
Ubuntu Security Notice USN-3725-2
July 30, 2018
mysql-5.5 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.5: MySQL database
Details:
USN-3725-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update
includes new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.5.61 in Ubuntu 12.04 ESM.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-61.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
mysql-server-5.5 5.5.61-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3725-2
https://usn.ubuntu.com/usn/usn-3725-1
CVE-2018-2767, CVE-2018-3058, CVE-2018-3063, CVE-2018-3066,
CVE-2018-3070, CVE-2018-3081
Ubuntu Security Notice USN-3725-2
July 30, 2018
mysql-5.5 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.5: MySQL database
Details:
USN-3725-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update
includes new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.5.61 in Ubuntu 12.04 ESM.
In addition to security fixes, the updated packages contain bug fixes,
new features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-61.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
mysql-server-5.5 5.5.61-0ubuntu0.12.04.1
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3725-2
https://usn.ubuntu.com/usn/usn-3725-1
CVE-2018-2767, CVE-2018-3058, CVE-2018-3063, CVE-2018-3066,
CVE-2018-3070, CVE-2018-3081
[USN-3725-1] MySQL vulnerabilities
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltfXbcACgkQZWnYVadE
vpMeEw/9GEa+YqP7xMUB0dn1G7Qs4g3E7msVgfzZl/WRPrCD2UAmnyyyf57+X0ed
CIi43fPtX77lkmHF5cFeZ5OOaVcqVR/4scED07ZCUzOo2qniOG1NtOGbLCjbdREI
W4inOTakElSxc+HFPK5U7nkk0Il9/MzTWy45tkA3kH1kEhZ94EPxHZTxIPiHRXqm
3C2xHXA4qJk/1iBYTdNj4m30XdylR1Y+GLXMVX9vVaHbr2pNk3W7An5sPAZ7mMH4
WQcpcu5x6E+tGHu/ysP09MXYNF6fBCFC3QylJKlJaCyFma1vymrN4JEmKBkfPEmJ
eOQ7QcXMq3w3aSzXHjOd0wF+L4kbWhdj9pBv6n9SAeJB2mvk3zvw2rfwUn0lLVL5
QNJMPQi24UOsNKYFQyNwqtPhMN6yx2iGL1HRHPkJddvL7jIPXbzBw8LveCHUsGJN
AbreSp1J5U9SaI2ykXsW31KUXbZ2mGuufrHKi9TO00qNWPzcI01c62EJGa5+BVyN
RbhyDN218jgPQPCXfAlpBzpBMoUR79stQr4bNPL5AvqOl4kua+RxlhpsG6fJdJxs
ZqOePMvZMs92nih7k3RAhZ8wlNzXxXS/0T1xkXTXQ4GYCIzGkrQCwAhLN3ecvvUe
/DVXrn4SvpgEkw78rm90En7OSbSk8SiBLa1jx7++UsjvCcj1Psc=
=uRDX
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3725-1
July 30, 2018
mysql-5.5, mysql-5.7 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.7: MySQL database
- mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.5.61 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and
Ubuntu 18.04 LTS have been updated to MySQL 5.7.23.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-61.html
http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-23.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
mysql-server-5.7 5.7.23-0ubuntu0.18.04.1
Ubuntu 16.04 LTS:
mysql-server-5.7 5.7.23-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.61-0ubuntu0.14.04.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3725-1
CVE-2018-2767, CVE-2018-3054, CVE-2018-3056, CVE-2018-3058,
CVE-2018-3060, CVE-2018-3061, CVE-2018-3062, CVE-2018-3063,
CVE-2018-3064, CVE-2018-3065, CVE-2018-3066, CVE-2018-3070,
CVE-2018-3071, CVE-2018-3077, CVE-2018-3081
Package Information:
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.23-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.23-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.61-0ubuntu0.14.04.1
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltfXbcACgkQZWnYVadE
vpMeEw/9GEa+YqP7xMUB0dn1G7Qs4g3E7msVgfzZl/WRPrCD2UAmnyyyf57+X0ed
CIi43fPtX77lkmHF5cFeZ5OOaVcqVR/4scED07ZCUzOo2qniOG1NtOGbLCjbdREI
W4inOTakElSxc+HFPK5U7nkk0Il9/MzTWy45tkA3kH1kEhZ94EPxHZTxIPiHRXqm
3C2xHXA4qJk/1iBYTdNj4m30XdylR1Y+GLXMVX9vVaHbr2pNk3W7An5sPAZ7mMH4
WQcpcu5x6E+tGHu/ysP09MXYNF6fBCFC3QylJKlJaCyFma1vymrN4JEmKBkfPEmJ
eOQ7QcXMq3w3aSzXHjOd0wF+L4kbWhdj9pBv6n9SAeJB2mvk3zvw2rfwUn0lLVL5
QNJMPQi24UOsNKYFQyNwqtPhMN6yx2iGL1HRHPkJddvL7jIPXbzBw8LveCHUsGJN
AbreSp1J5U9SaI2ykXsW31KUXbZ2mGuufrHKi9TO00qNWPzcI01c62EJGa5+BVyN
RbhyDN218jgPQPCXfAlpBzpBMoUR79stQr4bNPL5AvqOl4kua+RxlhpsG6fJdJxs
ZqOePMvZMs92nih7k3RAhZ8wlNzXxXS/0T1xkXTXQ4GYCIzGkrQCwAhLN3ecvvUe
/DVXrn4SvpgEkw78rm90En7OSbSk8SiBLa1jx7++UsjvCcj1Psc=
=uRDX
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3725-1
July 30, 2018
mysql-5.5, mysql-5.7 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in MySQL.
Software Description:
- mysql-5.7: MySQL database
- mysql-5.5: MySQL database
Details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.5.61 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and
Ubuntu 18.04 LTS have been updated to MySQL 5.7.23.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
http://dev.mysql.com/doc/relnotes/mysql/5.5/en/news-5-5-61.html
http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-23.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
mysql-server-5.7 5.7.23-0ubuntu0.18.04.1
Ubuntu 16.04 LTS:
mysql-server-5.7 5.7.23-0ubuntu0.16.04.1
Ubuntu 14.04 LTS:
mysql-server-5.5 5.5.61-0ubuntu0.14.04.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3725-1
CVE-2018-2767, CVE-2018-3054, CVE-2018-3056, CVE-2018-3058,
CVE-2018-3060, CVE-2018-3061, CVE-2018-3062, CVE-2018-3063,
CVE-2018-3064, CVE-2018-3065, CVE-2018-3066, CVE-2018-3070,
CVE-2018-3071, CVE-2018-3077, CVE-2018-3081
Package Information:
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.23-0ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/mysql-5.7/5.7.23-0ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/mysql-5.5/5.5.61-0ubuntu0.14.04.1
OpenBSD Errata: July 31st, 2018 (ioport)
Errata patches for the kernel have been released for OpenBSD 6.3 and 6.2.
IO port permissions were incorrectly restricted.
Binary updates for the i386 platform are available via the syspatch utility.
Source code patches can be found on the respective errata pages:
https://www.openbsd.org/errata62.html
https://www.openbsd.org/errata63.html
As these affect the kernel, a reboot will be needed after patching.
IO port permissions were incorrectly restricted.
Binary updates for the i386 platform are available via the syspatch utility.
Source code patches can be found on the respective errata pages:
https://www.openbsd.org/errata62.html
https://www.openbsd.org/errata63.html
As these affect the kernel, a reboot will be needed after patching.
OpenBSD Errata: July 31st, 2018 (amdlfence)
Errata patches for the kernel have been released for OpenBSD 6.3 and 6.2.
On AMD CPUs, set a chicken bit which turns LFENCE into a serialization
instruction against speculation.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata62.html
https://www.openbsd.org/errata63.html
As these affect the kernel, a reboot will be needed after patching.
On AMD CPUs, set a chicken bit which turns LFENCE into a serialization
instruction against speculation.
Binary updates for the amd64 and i386 platforms are available via the
syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata62.html
https://www.openbsd.org/errata63.html
As these affect the kernel, a reboot will be needed after patching.
Thursday, July 26, 2018
Ubuntu 18.04.1 LTS released
The Ubuntu team is pleased to announce the release of Ubuntu 18.04.1 LTS
(Long-Term Support) for its Desktop, Server, and Cloud products, as well
as other flavours of Ubuntu with long-term support.
(Long-Term Support) for its Desktop, Server, and Cloud products, as well
as other flavours of Ubuntu with long-term support.
As usual, this point release includes many updates, and updated
installation media has been provided so that fewer updates will need to
be downloaded after installation. These include security updates and
corrections for other high-impact bugs, with a focus on maintaining
stability and compatibility with Ubuntu 18.04 LTS.
Ubuntu Budgie 18.04.1 LTS, Kubuntu 18.04.1 LTS, Ubuntu MATE 18.04.1 LTS,
Lubuntu 18.04.1 LTS, Ubuntu Kylin 18.04.1 LTS, and Xubuntu 18.04.1 LTS
are also now available. More details can be found in their individual
release notes:
https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes#Official_flavours
Maintenance updates will be provided for 5 years for Ubuntu Desktop,
Ubuntu Server, Ubuntu Cloud, Ubuntu Core, and Ubuntu Base. All the
remaining flavours will be supported for 3 years.
To get Ubuntu 18.04.1
---------------------
In order to download Ubuntu 18.04.1, visit:
http://www.ubuntu.com/download
Users of Ubuntu 16.04 will soon be offered an automatic upgrade to
18.04.1 via Update Manager. For further information about upgrading,
see:
https://help.ubuntu.com/community/BionicUpgrades
As always, upgrades to the latest version of Ubuntu are entirely free of
charge.
We recommend that all users read the 18.04.1 release notes, which
document caveats and workarounds for known issues, as well as more
in-depth notes on the release itself. They are available at:
https://wiki.ubuntu.com/BionicBeaver/ReleaseNotes
If you have a question, or if you think you may have found a bug but
aren't sure, you can try asking in any of the following places:
#ubuntu on irc.freenode.net
http://lists.ubuntu.com/mailman/listinfo/ubuntu-users
http://www.ubuntuforums.org
http://askubuntu.com
Help Shape Ubuntu
-----------------
If you would like to help shape Ubuntu, take a look at the list of ways
you can participate at:
http://www.ubuntu.com/community/get-involved
About Ubuntu
------------
Ubuntu is a full-featured Linux distribution for desktops, laptops,
clouds and servers, with a fast and easy installation and regular
releases. A tightly-integrated selection of excellent applications is
included, and an incredible variety of add-on software is just a few
clicks away.
Professional services including support are available from Canonical and
hundreds of other companies around the world. For more information
about support, visit:
More Information
----------------
You can learn more about Ubuntu and about this release on our website
listed below:
To sign up for future Ubuntu announcements, please subscribe to Ubuntu's
very low volume announcement list at:
http://lists.ubuntu.com/mailman/listinfo/ubuntu-announce
On behalf of the Ubuntu Release Team,
... Adam Conrad
--
ubuntu-announce mailing list
ubuntu-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce
[USN-3722-4] ClamAV regression
==========================================================================
Ubuntu Security Notice USN-3722-4
July 26, 2018
clamav regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
USN-3722-1 introduced a regression in ClamAV.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version
removed some configuration options which caused the daemon to fail to
start in environments where the ClamAV configuration file was manually
edited. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)
It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
clamav 0.100.1+dfsg-1ubuntu0.12.04.2
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3722-4
https://usn.ubuntu.com/usn/usn-3722-1
https://launchpad.net/bugs/1783632
Ubuntu Security Notice USN-3722-4
July 26, 2018
clamav regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
USN-3722-1 introduced a regression in ClamAV.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version
removed some configuration options which caused the daemon to fail to
start in environments where the ClamAV configuration file was manually
edited. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)
It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
clamav 0.100.1+dfsg-1ubuntu0.12.04.2
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3722-4
https://usn.ubuntu.com/usn/usn-3722-1
https://launchpad.net/bugs/1783632
[USN-3722-3] ClamAV regression
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltZ+74ACgkQZWnYVadE
vpOblQ/5Ab3Z+yekDwYwRQKEDh9zKramG0MGN6bIBSST6MGDBvLfkKGXUHWkcrRK
5V64Boczah8xiicUxG2f+jELIlkox0A0W5+wMIFlPe43XIZCUMypNABJDyUSQJU8
RioPYbRyKoWEeGsd3ztnbTg07aT6QAEVgEGjOSHvNHsB9ETBZEOBC3IKmPOmTgSS
yt43FWtX2zcyDdXggcb8X/8M2pMQorDq3r3EwUMgJ3A+WPn6sM/J5JWOWnq2dLvG
+OvOM28txD6KnRZSJpNxrxfWX94hKnXwBvr/23yz2VjDWRh2b+nQooUkZ5Zo1xOq
tSJ+4AGHabHNUz81+U84aun7xeN5oZ6zBDqrfdCLLwk6B98RAqdDfoKB7/GFO0RZ
jIH/7GQdeknTMG7WLHqIv2TPyoGSXYqbEwa9cb3tJPDn8k1k3p2G+L7jQEWqmXSO
5ruRB9SVKShfBkhr0YGxZlQA+gs2l1Yp8MJtIPsFjVZ7fnb8l8rWx7FziPkXsvNh
wSIhCKOMUleXi9d23lftWomM9G4RY4U6c23y4BZaD8ix4MLx/a17I8RZqueXTXk3
pI9MgE3+FKwGvf1VI169NkU4sYosKj7nT1bBnGYxgQo2EV140vfhlmxGUnwGUZo6
4JRR+AzVgT7V1BbZOcJtgT+jQ38xZjdrXz1/OYDx3fEUxX08sMc=
=F7oh
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3722-3
July 26, 2018
clamav regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
USN-3722-1 introduced a regression in ClamAV.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version
removed some configuration options which caused the daemon to fail to start
in environments where the ClamAV configuration file was manually edited.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)
It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.18.04.2
Ubuntu 16.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.16.04.2
Ubuntu 14.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.14.04.2
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3722-3
https://usn.ubuntu.com/usn/usn-3722-1
https://launchpad.net/bugs/1783632
Package Information:
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.18.04.2
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.16.04.2
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.14.04.2
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltZ+74ACgkQZWnYVadE
vpOblQ/5Ab3Z+yekDwYwRQKEDh9zKramG0MGN6bIBSST6MGDBvLfkKGXUHWkcrRK
5V64Boczah8xiicUxG2f+jELIlkox0A0W5+wMIFlPe43XIZCUMypNABJDyUSQJU8
RioPYbRyKoWEeGsd3ztnbTg07aT6QAEVgEGjOSHvNHsB9ETBZEOBC3IKmPOmTgSS
yt43FWtX2zcyDdXggcb8X/8M2pMQorDq3r3EwUMgJ3A+WPn6sM/J5JWOWnq2dLvG
+OvOM28txD6KnRZSJpNxrxfWX94hKnXwBvr/23yz2VjDWRh2b+nQooUkZ5Zo1xOq
tSJ+4AGHabHNUz81+U84aun7xeN5oZ6zBDqrfdCLLwk6B98RAqdDfoKB7/GFO0RZ
jIH/7GQdeknTMG7WLHqIv2TPyoGSXYqbEwa9cb3tJPDn8k1k3p2G+L7jQEWqmXSO
5ruRB9SVKShfBkhr0YGxZlQA+gs2l1Yp8MJtIPsFjVZ7fnb8l8rWx7FziPkXsvNh
wSIhCKOMUleXi9d23lftWomM9G4RY4U6c23y4BZaD8ix4MLx/a17I8RZqueXTXk3
pI9MgE3+FKwGvf1VI169NkU4sYosKj7nT1bBnGYxgQo2EV140vfhlmxGUnwGUZo6
4JRR+AzVgT7V1BbZOcJtgT+jQ38xZjdrXz1/OYDx3fEUxX08sMc=
=F7oh
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3722-3
July 26, 2018
clamav regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
USN-3722-1 introduced a regression in ClamAV.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version
removed some configuration options which caused the daemon to fail to start
in environments where the ClamAV configuration file was manually edited.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)
It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.18.04.2
Ubuntu 16.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.16.04.2
Ubuntu 14.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.14.04.2
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3722-3
https://usn.ubuntu.com/usn/usn-3722-1
https://launchpad.net/bugs/1783632
Package Information:
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.18.04.2
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.16.04.2
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.14.04.2
Fedora 29 Self-Contained Change: Cloud Provider Image Updates
https://fedoraproject.org/wiki/Changes/CloudProviderImageUpdates
== Summary ==
Provide monthly updates to cloud provider images.
== Owner ==
* SIG: Cloud
* Primary Contact: [[User:jdoss| Joe Doss]]
* Product: Cloud
* Responsible WG: Cloud SIG
== Detailed Description ==
Fedora Cloud images are not updated after the initial release of the
most current Fedora version. This can leave outstanding issues with
the images that can impact the user experience long after they have
been addressed by package updates. Providing updated Cloud images
across all supported cloud providers on a monthly basis post release
will ensure end users are getting the best Fedora Cloud experience
possible.
== Benefit to Fedora ==
Update Cloud images will provide a better end user experience as it
will ensure it is up to date with the most current packages. This
gives users faster Fedora Cloud provisioning times and a secure out of
the box Cloud instance.
== Scope ==
* Proposal owners:
Cloud SIG
== User Experience ==
* Outstanding bugs post release will no longer be present in images.
* Improved provisioning times as the initial dnf update will be quicker.
* Improved base image security.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/AHZSMUJPBELONVXSOTQDAR3LPP6RXW2R/
== Summary ==
Provide monthly updates to cloud provider images.
== Owner ==
* SIG: Cloud
* Primary Contact: [[User:jdoss| Joe Doss]]
* Product: Cloud
* Responsible WG: Cloud SIG
== Detailed Description ==
Fedora Cloud images are not updated after the initial release of the
most current Fedora version. This can leave outstanding issues with
the images that can impact the user experience long after they have
been addressed by package updates. Providing updated Cloud images
across all supported cloud providers on a monthly basis post release
will ensure end users are getting the best Fedora Cloud experience
possible.
== Benefit to Fedora ==
Update Cloud images will provide a better end user experience as it
will ensure it is up to date with the most current packages. This
gives users faster Fedora Cloud provisioning times and a secure out of
the box Cloud instance.
== Scope ==
* Proposal owners:
Cloud SIG
== User Experience ==
* Outstanding bugs post release will no longer be present in images.
* Improved provisioning times as the initial dnf update will be quicker.
* Improved base image security.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/AHZSMUJPBELONVXSOTQDAR3LPP6RXW2R/
Fedora 29 Self-Contained Change: Stratis Storage 1.0
https://fedoraproject.org/wiki/Changes/StratisStorage-1.0
== Summary ==
Add support for Stratis version 1.0, a local storage management
solution. This will allow further testing and user feedback that will
guide Stratis's development and stabilization, and let us consider
future integration into Anaconda and other more critical aspects of
Fedora.
== Owner ==
* Name: Andy Grover, Igor Gnatenko
* Email: agrover@redhat.com, ignatenkobrain@fedoraproject.org
== Detailed Description ==
Stratis is a local storage system akin to Btrfs, ZFS, and LVM. Its
goal is to enable easier setup and management of disks and SSDs, as
well as enabling the use of advanced storage features -- such as thin
provisioning, snapshots, integrity, and a cache tier -- without
requiring expert-level storage administration knowledge. Furthermore,
Stratis includes monitoring and repair capabilities, and a
programmatic API, for better integration with higher levels of system
management software.
== Benefit to Fedora ==
Stratis can benefit Fedora users by making it easier and less hassle
to administer the system's storage devices. Making this easier is key
to increasing the uptake of advanced storage features (listed above),
which can further benefit the user in reduced administration
headaches, increased reliability, and greater flexibility.
Down the road, integrating Stratis support into Anaconda and other
management tools via its API could simplify the installation
experience, and make a dnf upgrade-rollback feature much easier.
== Scope ==
* Change owner: Stratis is currently in-development, with a 1.0
release coming soon. Stratis pre-1.0 versions are in Fedora 28 and
Rawhide. Although there are clearly later opportunities for
system-wide changes based on Stratis, Stratis 1.0 will be
self-contained.
== Upgrade/compatibility impact ==
Stratis 1.0 will change the on-disk metadata format, so any
bleeding-edge testers of Stratis 0.5 will need to recreate pools. (The
metadata format will be frozen for 1.0 so this will not be the case
going forward.)
== How To Test ==
Stratis 1.0 will be usable only for non boot or root partitions.
Fedora users and testers can use Stratis on non-primary disks, and put
it through its paces to generate bug reports and feature requests that
can guide Stratis future development.
== Contingency Plan ==
Just don't include the Stratis-specific packages in the final release.
== Documentation ==
Please see https://stratis-storage.github.io/ for design documents and
API reference.
Development and issue tracking is at https://github.com/stratis-storage/stratisd
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/7LYYXCJJWQQNSXZBC7YH2BVQZWOEC634/
== Summary ==
Add support for Stratis version 1.0, a local storage management
solution. This will allow further testing and user feedback that will
guide Stratis's development and stabilization, and let us consider
future integration into Anaconda and other more critical aspects of
Fedora.
== Owner ==
* Name: Andy Grover, Igor Gnatenko
* Email: agrover@redhat.com, ignatenkobrain@fedoraproject.org
== Detailed Description ==
Stratis is a local storage system akin to Btrfs, ZFS, and LVM. Its
goal is to enable easier setup and management of disks and SSDs, as
well as enabling the use of advanced storage features -- such as thin
provisioning, snapshots, integrity, and a cache tier -- without
requiring expert-level storage administration knowledge. Furthermore,
Stratis includes monitoring and repair capabilities, and a
programmatic API, for better integration with higher levels of system
management software.
== Benefit to Fedora ==
Stratis can benefit Fedora users by making it easier and less hassle
to administer the system's storage devices. Making this easier is key
to increasing the uptake of advanced storage features (listed above),
which can further benefit the user in reduced administration
headaches, increased reliability, and greater flexibility.
Down the road, integrating Stratis support into Anaconda and other
management tools via its API could simplify the installation
experience, and make a dnf upgrade-rollback feature much easier.
== Scope ==
* Change owner: Stratis is currently in-development, with a 1.0
release coming soon. Stratis pre-1.0 versions are in Fedora 28 and
Rawhide. Although there are clearly later opportunities for
system-wide changes based on Stratis, Stratis 1.0 will be
self-contained.
== Upgrade/compatibility impact ==
Stratis 1.0 will change the on-disk metadata format, so any
bleeding-edge testers of Stratis 0.5 will need to recreate pools. (The
metadata format will be frozen for 1.0 so this will not be the case
going forward.)
== How To Test ==
Stratis 1.0 will be usable only for non boot or root partitions.
Fedora users and testers can use Stratis on non-primary disks, and put
it through its paces to generate bug reports and feature requests that
can guide Stratis future development.
== Contingency Plan ==
Just don't include the Stratis-specific packages in the final release.
== Documentation ==
Please see https://stratis-storage.github.io/ for design documents and
API reference.
Development and issue tracking is at https://github.com/stratis-storage/stratisd
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/7LYYXCJJWQQNSXZBC7YH2BVQZWOEC634/
Fedora 29 Self-Contained Change: Update Haskell packages to Stackage LTS 11
https://fedoraproject.org/wiki/Changes/Update_Haskell_to_Stackage_LTS_11
== Summary ==
Update the Haskell package set from Stackage LTS 10 to LTS 11.
This updates a subset of the Haskell libraries and packages to newer versions.
== Owner ==
* Name: Jens Petersen, Fedora Haskell SIG
* Email: <petersen@redhat.com>
== Detailed Description ==
The Haskell Stackage project provides consist sets of buildable
packages from the upstream Hackage repository.
[https://www.stackage.org/lts-11 Stackage LTS 11] was released in
March, it unlocks newer versions of a number of import Haskell
libraries and other packages.
GHC and its core libraries remain unchanged compared to LTS 10, so
only about half the packages will need to be rebuild (about 200
version bumps and their reverse dependencies).
(The just released Stackage LTS 12 which has a major ghc version bump
to 8.4.3 will wait for Fedora 30.)
== Benefit to Fedora ==
Fedora users will have a newer version of Haskell Stackage LTS
packages to use and develop on.
== Scope ==
* Proposal owners:
** Bump the affected Haskell packages from LTS 10 to LTS 11 using
cabal-rpm, rpmbuild-order and fedora-haskell-tools
** Build them and their reverse dependencies for Rawhide (using
f29-ghc sidetag to avoid disruption)
** Push the builds to Rawhide
** Verify the dependencies are consistent
== How To Test ==
* <code>sudo dnf install ghc-*-devel cabal-install</code>
* <code>sudo dnf update ghc*</code>
* <code>cabal install Favorite-Package</code>
== User Experience ==
The Fedora Haskell packages will be upgraded from Stackage LTS 10 to
LTS 11 versions.
== Documentation ==
https://www.stackage.org/diff/lts-10.10/lts-11.17
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/HHNY4523LWWWQWXUMS53NDQLCDTDWMTU/
== Summary ==
Update the Haskell package set from Stackage LTS 10 to LTS 11.
This updates a subset of the Haskell libraries and packages to newer versions.
== Owner ==
* Name: Jens Petersen, Fedora Haskell SIG
* Email: <petersen@redhat.com>
== Detailed Description ==
The Haskell Stackage project provides consist sets of buildable
packages from the upstream Hackage repository.
[https://www.stackage.org/lts-11 Stackage LTS 11] was released in
March, it unlocks newer versions of a number of import Haskell
libraries and other packages.
GHC and its core libraries remain unchanged compared to LTS 10, so
only about half the packages will need to be rebuild (about 200
version bumps and their reverse dependencies).
(The just released Stackage LTS 12 which has a major ghc version bump
to 8.4.3 will wait for Fedora 30.)
== Benefit to Fedora ==
Fedora users will have a newer version of Haskell Stackage LTS
packages to use and develop on.
== Scope ==
* Proposal owners:
** Bump the affected Haskell packages from LTS 10 to LTS 11 using
cabal-rpm, rpmbuild-order and fedora-haskell-tools
** Build them and their reverse dependencies for Rawhide (using
f29-ghc sidetag to avoid disruption)
** Push the builds to Rawhide
** Verify the dependencies are consistent
== How To Test ==
* <code>sudo dnf install ghc-*-devel cabal-install</code>
* <code>sudo dnf update ghc*</code>
* <code>cabal install Favorite-Package</code>
== User Experience ==
The Fedora Haskell packages will be upgraded from Stackage LTS 10 to
LTS 11 versions.
== Documentation ==
https://www.stackage.org/diff/lts-10.10/lts-11.17
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/HHNY4523LWWWQWXUMS53NDQLCDTDWMTU/
Fedora 29 Self-Contained Change: Kubernetes modules
https://fedoraproject.org/wiki/Changes/kubernetes-modules
== Summary ==
Create modules for all supported Kubernetes versions.
* Name: Lokesh Mandvekar
* Email: lsm5@fedoraproject.org
== Detailed Description ==
Currently, the Kubernetes upstream project develops and supports
multiple versions of Kubernetes, along with component tools like
cri-o/cri-tools which have their versions tightly coupled to OpenShift
versions. This change will result in creation of module builds which
will contain the rpms for Kubernetes / cri-o and other required tools.
== Benefit to Fedora ==
Ability to support/switch between multiple Kubernetes versions with
minimal effort on the user's part would make both users and
maintainers happy.
== Scope ==
* Proposal owners: Creation / review / koji builds of Kubernetes modules
== User Experience ==
Users will be able to quickly setup Kubernetes environments and switch
between versions.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/RSLZ5HMEMMNXBAYIQSS3G435QVQEPQJZ/
== Summary ==
Create modules for all supported Kubernetes versions.
* Name: Lokesh Mandvekar
* Email: lsm5@fedoraproject.org
== Detailed Description ==
Currently, the Kubernetes upstream project develops and supports
multiple versions of Kubernetes, along with component tools like
cri-o/cri-tools which have their versions tightly coupled to OpenShift
versions. This change will result in creation of module builds which
will contain the rpms for Kubernetes / cri-o and other required tools.
== Benefit to Fedora ==
Ability to support/switch between multiple Kubernetes versions with
minimal effort on the user's part would make both users and
maintainers happy.
== Scope ==
* Proposal owners: Creation / review / koji builds of Kubernetes modules
== User Experience ==
Users will be able to quickly setup Kubernetes environments and switch
between versions.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/RSLZ5HMEMMNXBAYIQSS3G435QVQEPQJZ/
[USN-3724-1] Evolution Data Server vulnerability
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAltZ1EAACgkQdyg1Qz0o
XX3e8BAAnrZrNQRN41cI9i1yWVqGDOvegv8BiLAsyJshoeSO7o9k/4iUAvGJXtv0
be4SjtY7sXt9kU5eno02fqlKGjQkSJJ1Q7Qds2Hu8dBoqeUHOc4ePByXtGaO8gyH
qqwAIGOvm7teT4zcGHoEJAFYeGfr0439WyJbOfkdTjcnSQPL/rtWa47/rdjxm2w3
Gj1OurB+qaNLMGT8G1RzFbZdaYyui2oJWh74ooo5SsoRXYE9h8MZ+/dGb+lA5veS
7aQ2s+I/DyFcIisBc+xDLAUzfG+UvqtC7wBZzM6SgEtUK1WvBtr++DK8055lfACJ
1TMfaxy1MhQR+F2DPBXiHX+sgjBDxmUJdx5/nxGhruI/oxsotm9JyX5dFYI4Evn/
LcNiG5PmRxdGSFxnGt3DQIVguGYLo2BRFDftf9HgeEmp3BE915sAckZAFR/m8ik5
cl+eRXO3NTBy0NVVPGDRHFuT0jaMQ11z44yS+YwpnbdxSxxrjqlFL69mILjZNrtE
M2GueiVyWtpqBTLJNRitmGlcuAp0Q9/emOceMNzBnTPrNZHH9wYEMKW2axr6NqcL
Nyp7kuStlf9sKsQzM7tbZURHmQ9pwcrWONLnpDiXfCPanIgJa8+uhn94fOXubfL5
6rznLK9dpnSOi/umRWlVVl5/Nu83GVU2wxrExUebecNCaLNI1j4=
=UlnN
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3724-1
July 26, 2018
evolution-data-server vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Evolution Data Server could be made to expose sensitive information over the
network.
Software Description:
- evolution-data-server: Evolution suite data server
Details:
Jon Kristensen discovered that Evolution Data Server would automatically
downgrade a connection to an IMAP server if the IMAP server did not support
SSL. This would result in the user's password being unexpectedly sent in clear
text, even though the user had requested to use SSL.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
evolution-data-server 3.18.5-1ubuntu1.1
evolution-data-server-common 3.18.5-1ubuntu1.1
libcamel-1.2-54 3.18.5-1ubuntu1.1
libebackend-1.2-10 3.18.5-1ubuntu1.1
libedataserver-1.2-21 3.18.5-1ubuntu1.1
Ubuntu 14.04 LTS:
evolution-data-server 3.10.4-0ubuntu1.6
evolution-data-server-common 3.10.4-0ubuntu1.6
libcamel-1.2-45 3.10.4-0ubuntu1.6
libebackend-1.2-7 3.10.4-0ubuntu1.6
libedataserver-1.2-18 3.10.4-0ubuntu1.6
After a standard system update you need to restart Evolution to make
all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3724-1
CVE-2016-10727
Package Information:
https://launchpad.net/ubuntu/+source/evolution-data-server/3.18.5-1ubuntu1.1
https://launchpad.net/ubuntu/+source/evolution-data-server/3.10.4-0ubuntu1.6
iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAltZ1EAACgkQdyg1Qz0o
XX3e8BAAnrZrNQRN41cI9i1yWVqGDOvegv8BiLAsyJshoeSO7o9k/4iUAvGJXtv0
be4SjtY7sXt9kU5eno02fqlKGjQkSJJ1Q7Qds2Hu8dBoqeUHOc4ePByXtGaO8gyH
qqwAIGOvm7teT4zcGHoEJAFYeGfr0439WyJbOfkdTjcnSQPL/rtWa47/rdjxm2w3
Gj1OurB+qaNLMGT8G1RzFbZdaYyui2oJWh74ooo5SsoRXYE9h8MZ+/dGb+lA5veS
7aQ2s+I/DyFcIisBc+xDLAUzfG+UvqtC7wBZzM6SgEtUK1WvBtr++DK8055lfACJ
1TMfaxy1MhQR+F2DPBXiHX+sgjBDxmUJdx5/nxGhruI/oxsotm9JyX5dFYI4Evn/
LcNiG5PmRxdGSFxnGt3DQIVguGYLo2BRFDftf9HgeEmp3BE915sAckZAFR/m8ik5
cl+eRXO3NTBy0NVVPGDRHFuT0jaMQ11z44yS+YwpnbdxSxxrjqlFL69mILjZNrtE
M2GueiVyWtpqBTLJNRitmGlcuAp0Q9/emOceMNzBnTPrNZHH9wYEMKW2axr6NqcL
Nyp7kuStlf9sKsQzM7tbZURHmQ9pwcrWONLnpDiXfCPanIgJa8+uhn94fOXubfL5
6rznLK9dpnSOi/umRWlVVl5/Nu83GVU2wxrExUebecNCaLNI1j4=
=UlnN
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3724-1
July 26, 2018
evolution-data-server vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Evolution Data Server could be made to expose sensitive information over the
network.
Software Description:
- evolution-data-server: Evolution suite data server
Details:
Jon Kristensen discovered that Evolution Data Server would automatically
downgrade a connection to an IMAP server if the IMAP server did not support
SSL. This would result in the user's password being unexpectedly sent in clear
text, even though the user had requested to use SSL.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
evolution-data-server 3.18.5-1ubuntu1.1
evolution-data-server-common 3.18.5-1ubuntu1.1
libcamel-1.2-54 3.18.5-1ubuntu1.1
libebackend-1.2-10 3.18.5-1ubuntu1.1
libedataserver-1.2-21 3.18.5-1ubuntu1.1
Ubuntu 14.04 LTS:
evolution-data-server 3.10.4-0ubuntu1.6
evolution-data-server-common 3.10.4-0ubuntu1.6
libcamel-1.2-45 3.10.4-0ubuntu1.6
libebackend-1.2-7 3.10.4-0ubuntu1.6
libedataserver-1.2-18 3.10.4-0ubuntu1.6
After a standard system update you need to restart Evolution to make
all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3724-1
CVE-2016-10727
Package Information:
https://launchpad.net/ubuntu/+source/evolution-data-server/3.18.5-1ubuntu1.1
https://launchpad.net/ubuntu/+source/evolution-data-server/3.10.4-0ubuntu1.6
Wednesday, July 25, 2018
[CentOS-announce] CESA-2018:2251 Important CentOS 6 thunderbird Security Update
CentOS Errata and Security Advisory 2018:2251 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2018:2251
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
30aa1a8a359f47a8ccfe80b9ce4e2aabdebe237070f419228693d7010930d142 thunderbird-52.9.1-1.el6.centos.i686.rpm
x86_64:
c6410bd1b556b736517e88ecaf7895674c84a4592d460f3f5189ed6908e87132 thunderbird-52.9.1-1.el6.centos.x86_64.rpm
Source:
d1103c437991413187156a001a9a85be961a38d6fffdb61b541b6b5c05776655 thunderbird-52.9.1-1.el6.centos.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2018:2251
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
30aa1a8a359f47a8ccfe80b9ce4e2aabdebe237070f419228693d7010930d142 thunderbird-52.9.1-1.el6.centos.i686.rpm
x86_64:
c6410bd1b556b736517e88ecaf7895674c84a4592d460f3f5189ed6908e87132 thunderbird-52.9.1-1.el6.centos.x86_64.rpm
Source:
d1103c437991413187156a001a9a85be961a38d6fffdb61b541b6b5c05776655 thunderbird-52.9.1-1.el6.centos.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[USN-3723-1] Tomcat vulnerabilities
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltYwzYACgkQZWnYVadE
vpMUaA//dpG2A27cacHvyGoG9Ro9OyaK+9DoJDmYrjJVvo2vpM05VNN7IIcuia+o
EpKaktU+zawHy4AXv0oGDi4OHfhA/asu66PJ61gynS1X1wpVrJHn2pDYnWEm663i
84rJCPU5bxiDFioG4CwjU2bqmKF0Zt8G9MuXm6SU6hf5XofaR+Ue0BDVX+g7dD6d
NEd5aPu8Q59nOEvIrHfsZ3mntPpK+SP0KcdahTfDHPIY0EMUtsEpHw61jZcXuzhp
OmS3w1Q/RSO5YltznH/9eIW7GsB+c53+d6BYsSxE8kmxlyc7Y4RSprLdnTTJkyIW
dRHkcbp6bJ17nbEhm/QPAn+AwJTtMNejVi8ftHZgisNhJolEMT+xi0a7IwCmfuF5
VWXXRdU3fV8kaExEV24O8cygmfK516Etga1Q1vRuHFsRX9ZxhNyRT9KzgYlYjkv1
QQjLtkdFPAEWLCPaNjS7X+pUT+IFrtkfYlpZCN8QNSZiEbTZwdNudHc/equ1PFWG
Ad63g4l5s9SvWEceFbkOqZCLfxPbQU9gYiWgv1ipjZhck84INWrwmwnuOOxzm8/z
uVtbSYBHTYwIaLetjFEtsyxheVRtgbLmga2WPdxyV2YRGtyBEUWnOTVU0mG+lmih
KlUSHznk+H6NM2oUxKKBf65bo8Akc5fiGbvRkia/dJVASpnTVHQ=
=DR6C
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3723-1
July 25, 2018
tomcat7, tomcat8 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Tomcat.
Software Description:
- tomcat8: Servlet and JSP engine
- tomcat7: Servlet and JSP engine
Details:
It was discovered that Tomcat incorrectly handled decoding certain
UTF-8 strings. A remote attacker could possibly use this issue to cause
Tomcat to crash, resulting in a denial of service. (CVE-2018-1336)
It was discovered that the Tomcat WebSocket client incorrectly performed
hostname verification. A remote attacker could possibly use this issue to
intercept sensitive information. (CVE-2018-8034)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
libtomcat8-java 8.0.32-1ubuntu1.7
tomcat8 8.0.32-1ubuntu1.7
Ubuntu 14.04 LTS:
libtomcat7-java 7.0.52-1ubuntu0.15
tomcat7 7.0.52-1ubuntu0.15
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3723-1
CVE-2018-1336, CVE-2018-8034
Package Information:
https://launchpad.net/ubuntu/+source/tomcat8/8.0.32-1ubuntu1.7
https://launchpad.net/ubuntu/+source/tomcat7/7.0.52-1ubuntu0.15
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltYwzYACgkQZWnYVadE
vpMUaA//dpG2A27cacHvyGoG9Ro9OyaK+9DoJDmYrjJVvo2vpM05VNN7IIcuia+o
EpKaktU+zawHy4AXv0oGDi4OHfhA/asu66PJ61gynS1X1wpVrJHn2pDYnWEm663i
84rJCPU5bxiDFioG4CwjU2bqmKF0Zt8G9MuXm6SU6hf5XofaR+Ue0BDVX+g7dD6d
NEd5aPu8Q59nOEvIrHfsZ3mntPpK+SP0KcdahTfDHPIY0EMUtsEpHw61jZcXuzhp
OmS3w1Q/RSO5YltznH/9eIW7GsB+c53+d6BYsSxE8kmxlyc7Y4RSprLdnTTJkyIW
dRHkcbp6bJ17nbEhm/QPAn+AwJTtMNejVi8ftHZgisNhJolEMT+xi0a7IwCmfuF5
VWXXRdU3fV8kaExEV24O8cygmfK516Etga1Q1vRuHFsRX9ZxhNyRT9KzgYlYjkv1
QQjLtkdFPAEWLCPaNjS7X+pUT+IFrtkfYlpZCN8QNSZiEbTZwdNudHc/equ1PFWG
Ad63g4l5s9SvWEceFbkOqZCLfxPbQU9gYiWgv1ipjZhck84INWrwmwnuOOxzm8/z
uVtbSYBHTYwIaLetjFEtsyxheVRtgbLmga2WPdxyV2YRGtyBEUWnOTVU0mG+lmih
KlUSHznk+H6NM2oUxKKBf65bo8Akc5fiGbvRkia/dJVASpnTVHQ=
=DR6C
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3723-1
July 25, 2018
tomcat7, tomcat8 vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Tomcat.
Software Description:
- tomcat8: Servlet and JSP engine
- tomcat7: Servlet and JSP engine
Details:
It was discovered that Tomcat incorrectly handled decoding certain
UTF-8 strings. A remote attacker could possibly use this issue to cause
Tomcat to crash, resulting in a denial of service. (CVE-2018-1336)
It was discovered that the Tomcat WebSocket client incorrectly performed
hostname verification. A remote attacker could possibly use this issue to
intercept sensitive information. (CVE-2018-8034)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
libtomcat8-java 8.0.32-1ubuntu1.7
tomcat8 8.0.32-1ubuntu1.7
Ubuntu 14.04 LTS:
libtomcat7-java 7.0.52-1ubuntu0.15
tomcat7 7.0.52-1ubuntu0.15
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3723-1
CVE-2018-1336, CVE-2018-8034
Package Information:
https://launchpad.net/ubuntu/+source/tomcat8/8.0.32-1ubuntu1.7
https://launchpad.net/ubuntu/+source/tomcat7/7.0.52-1ubuntu0.15
[CentOS-announce] CESA-2018:2252 Important CentOS 7 thunderbird Security Update
CentOS Errata and Security Advisory 2018:2252 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2018:2252
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
b95ae9790ae69d4c5992c16748084fafbc85eeb83dfa16171de5fe81c692f7a3 thunderbird-52.9.1-1.el7.centos.x86_64.rpm
Source:
194a6fc2b2b7b78b1f83584c5e2d5ffa68a39500593cbae8b1261e03d8f26508 thunderbird-52.9.1-1.el7.centos.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2018:2252
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
b95ae9790ae69d4c5992c16748084fafbc85eeb83dfa16171de5fe81c692f7a3 thunderbird-52.9.1-1.el7.centos.x86_64.rpm
Source:
194a6fc2b2b7b78b1f83584c5e2d5ffa68a39500593cbae8b1261e03d8f26508 thunderbird-52.9.1-1.el7.centos.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2018:2242 Moderate CentOS 7 java-1.8.0-openjdk Security Update
CentOS Errata and Security Advisory 2018:2242 Moderate
Upstream details at : https://access.redhat.com/errata/RHSA-2018:2242
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
2efafe9c0a53f2988a0b5a9073dc31d1c9c83327768287e7a2f40b38fff70f3c java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.i686.rpm
43d1f69814eacee4f1d61b94321ae070e95f4dbc354a2e2b74a57916c3964054 java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64.rpm
846668d1ec302081e5ec75e08c17e2da94d8cda5a38f3b1cf778842cbb460b3f java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.i686.rpm
de53d382bba3872aa55572c599a38bc7672b6909f6d644a9bcf386dd43f5d9f3 java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.x86_64.rpm
3c2ed74bc778fe43c110569aea1a1ab24dd7e0b5100b3fd1ea2d1e7e1f3d4614 java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.i686.rpm
dbd74f776778263b9ff535d6de31d837738b96c0d756f3cc46dbe6ceb2b82d15 java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
bc228d22e2965ddcd1a03a1e69d7018881f098242bfb57e97b415978cd53fdf0 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.i686.rpm
838a73811f0f2cd7d7bcc2dfa10c0e4918fb9c6228aa97f24541da195649fc55 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
8d221523f42c48d17aba37e3a96f9611e7a03b5576149652f3273e8e08a92ffa java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.i686.rpm
26cfc40b7844c0f49c3110bf519c530f21fe4ec6a9bf168d3dff188171d60eaf java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.x86_64.rpm
2a9c5e1b933bb69d6b1773f20580bc54f46b0d0a969022c0bf7ed79d8faa2a18 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.i686.rpm
743af2eb9ce2770b1d4c4838435f2e29482b20a81b68ebdeb1901eb83cbb74d7 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
9fdbc85c1801e543de56444d34957d9c0fd3a299ec45bb06faeee3791017f792 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.i686.rpm
461bc40d9b0e81797af5d62ee405c9f96339089f6083ccc2a4e93f87bfe19037 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.x86_64.rpm
13ecf09cc47d8c9f8c9c7d5066beeb67d8de6fcef070567396cc38a3ab9e9cf9 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.i686.rpm
5cf1cda3750249ac05c48d51e35fede17d7a63f89f15767a755841ab98be93ae java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
e00d022ec202b13da7fcc620ce4d793dc08f181a6536e7b509d94c77046e9ff0 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.i686.rpm
2501b5352a134aca6e470c869724a0c6f6a8cfcbee58d0c6f2af2d7ecfc02871 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64.rpm
1f0c235f25313b2ebb479c421743190a15e768f4d67e6db0574200fd49615c05 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.i686.rpm
ccaaec3f4a1c8a2026df252d17388b4edafb0d25ca6169d0420b24d8e2d02955 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
5b370d8afdc95c11ed844395d333d1f86565c814da142e31f30ce2d8ec599fbb java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5.noarch.rpm
6081c26e9ae7fc2844e6811844d1d0bd62af4e03908fd0e29bcff65606900c21 java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5.noarch.rpm
09341fa84d07de2eeea2fb418a491fa9fd12dda841842642dff30147f9a73b28 java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5.noarch.rpm
39a0152f28c927126373f111c054570ff58c49b52bafc1c99fccb83368eb7518 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5.noarch.rpm
227916c3d4e1c3c158114036797ba285c192ef5330b0c0c038a1b27d62fa6927 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.i686.rpm
e910133ef0be59aa1559629e0c6bdbe5c80d30991dab6148237645d92b88d2b8 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.x86_64.rpm
fa1e9e82891293bb580d5875d527d393836c523f6a7d223058298b8e04f8f84d java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.i686.rpm
5b9f9ce867185109534a143ad6c46c2dd387c9cf9b087b2c84395f113d9c9024 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
Source:
82dc07bb320be8023c730132dd12c60972a6c90b35afc82acee7b03037147154 java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2018:2242
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
2efafe9c0a53f2988a0b5a9073dc31d1c9c83327768287e7a2f40b38fff70f3c java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.i686.rpm
43d1f69814eacee4f1d61b94321ae070e95f4dbc354a2e2b74a57916c3964054 java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.x86_64.rpm
846668d1ec302081e5ec75e08c17e2da94d8cda5a38f3b1cf778842cbb460b3f java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.i686.rpm
de53d382bba3872aa55572c599a38bc7672b6909f6d644a9bcf386dd43f5d9f3 java-1.8.0-openjdk-accessibility-1.8.0.181-3.b13.el7_5.x86_64.rpm
3c2ed74bc778fe43c110569aea1a1ab24dd7e0b5100b3fd1ea2d1e7e1f3d4614 java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.i686.rpm
dbd74f776778263b9ff535d6de31d837738b96c0d756f3cc46dbe6ceb2b82d15 java-1.8.0-openjdk-accessibility-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
bc228d22e2965ddcd1a03a1e69d7018881f098242bfb57e97b415978cd53fdf0 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.i686.rpm
838a73811f0f2cd7d7bcc2dfa10c0e4918fb9c6228aa97f24541da195649fc55 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
8d221523f42c48d17aba37e3a96f9611e7a03b5576149652f3273e8e08a92ffa java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.i686.rpm
26cfc40b7844c0f49c3110bf519c530f21fe4ec6a9bf168d3dff188171d60eaf java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el7_5.x86_64.rpm
2a9c5e1b933bb69d6b1773f20580bc54f46b0d0a969022c0bf7ed79d8faa2a18 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.i686.rpm
743af2eb9ce2770b1d4c4838435f2e29482b20a81b68ebdeb1901eb83cbb74d7 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
9fdbc85c1801e543de56444d34957d9c0fd3a299ec45bb06faeee3791017f792 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.i686.rpm
461bc40d9b0e81797af5d62ee405c9f96339089f6083ccc2a4e93f87bfe19037 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el7_5.x86_64.rpm
13ecf09cc47d8c9f8c9c7d5066beeb67d8de6fcef070567396cc38a3ab9e9cf9 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.i686.rpm
5cf1cda3750249ac05c48d51e35fede17d7a63f89f15767a755841ab98be93ae java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
e00d022ec202b13da7fcc620ce4d793dc08f181a6536e7b509d94c77046e9ff0 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.i686.rpm
2501b5352a134aca6e470c869724a0c6f6a8cfcbee58d0c6f2af2d7ecfc02871 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el7_5.x86_64.rpm
1f0c235f25313b2ebb479c421743190a15e768f4d67e6db0574200fd49615c05 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.i686.rpm
ccaaec3f4a1c8a2026df252d17388b4edafb0d25ca6169d0420b24d8e2d02955 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
5b370d8afdc95c11ed844395d333d1f86565c814da142e31f30ce2d8ec599fbb java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el7_5.noarch.rpm
6081c26e9ae7fc2844e6811844d1d0bd62af4e03908fd0e29bcff65606900c21 java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el7_5.noarch.rpm
09341fa84d07de2eeea2fb418a491fa9fd12dda841842642dff30147f9a73b28 java-1.8.0-openjdk-javadoc-zip-1.8.0.181-3.b13.el7_5.noarch.rpm
39a0152f28c927126373f111c054570ff58c49b52bafc1c99fccb83368eb7518 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.181-3.b13.el7_5.noarch.rpm
227916c3d4e1c3c158114036797ba285c192ef5330b0c0c038a1b27d62fa6927 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.i686.rpm
e910133ef0be59aa1559629e0c6bdbe5c80d30991dab6148237645d92b88d2b8 java-1.8.0-openjdk-src-1.8.0.181-3.b13.el7_5.x86_64.rpm
fa1e9e82891293bb580d5875d527d393836c523f6a7d223058298b8e04f8f84d java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.i686.rpm
5b9f9ce867185109534a143ad6c46c2dd387c9cf9b087b2c84395f113d9c9024 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el7_5.x86_64.rpm
Source:
82dc07bb320be8023c730132dd12c60972a6c90b35afc82acee7b03037147154 java-1.8.0-openjdk-1.8.0.181-3.b13.el7_5.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2018:2240 Important CentOS 7 openslp Security Update
CentOS Errata and Security Advisory 2018:2240 Important
Upstream details at : https://access.redhat.com/errata/RHSA-2018:2240
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
b287d15116c6454f0bec311355046b64741376062dda04741e3ada6a7d0d3eb1 openslp-2.0.0-7.el7_5.i686.rpm
ffec29135ba77fe9481a621b52d7303a4f02e7e433d0300bb8126217c4cae4eb openslp-2.0.0-7.el7_5.x86_64.rpm
cdaa9f17a2a88e554f0591d181d0e2498db13f8b5076c39fea267ef80759489e openslp-devel-2.0.0-7.el7_5.i686.rpm
8d6294322003adf0d1cea6e8b42e258a7bad9d7b85903213e1c62411b7738989 openslp-devel-2.0.0-7.el7_5.x86_64.rpm
84d88c873f03501493270e8533a329080dfffab12de2ff8a5887ea8565f3431c openslp-server-2.0.0-7.el7_5.x86_64.rpm
Source:
96fd0f144be07c42eef763bcfe7ef8416872647c2f0ba842e5627c5a40a9bb4c openslp-2.0.0-7.el7_5.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2018:2240
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
b287d15116c6454f0bec311355046b64741376062dda04741e3ada6a7d0d3eb1 openslp-2.0.0-7.el7_5.i686.rpm
ffec29135ba77fe9481a621b52d7303a4f02e7e433d0300bb8126217c4cae4eb openslp-2.0.0-7.el7_5.x86_64.rpm
cdaa9f17a2a88e554f0591d181d0e2498db13f8b5076c39fea267ef80759489e openslp-devel-2.0.0-7.el7_5.i686.rpm
8d6294322003adf0d1cea6e8b42e258a7bad9d7b85903213e1c62411b7738989 openslp-devel-2.0.0-7.el7_5.x86_64.rpm
84d88c873f03501493270e8533a329080dfffab12de2ff8a5887ea8565f3431c openslp-server-2.0.0-7.el7_5.x86_64.rpm
Source:
96fd0f144be07c42eef763bcfe7ef8416872647c2f0ba842e5627c5a40a9bb4c openslp-2.0.0-7.el7_5.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2018:2241 Moderate CentOS 6 java-1.8.0-openjdk Security Update
CentOS Errata and Security Advisory 2018:2241 Moderate
Upstream details at : https://access.redhat.com/errata/RHSA-2018:2241
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
dc50b4eaa098e890b3f1fa2bc83c9ecc00ffd55c02fb36abbd604b6a1641c8bc java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10.i686.rpm
f6c10ff016f2999c154b9717b2d07d2e0a1303551fb05d2b4474df1561b38098 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10.i686.rpm
d1fe2b514479841b5444bcaa16f9664b92e5b39fc002ce21cb60bc850abc1052 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10.i686.rpm
46eba7fe27734ae01772d8aa2d92abf8c31ac44ce373a07d23d12aaad6d83232 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10.i686.rpm
11a5b1ef5b7acca8cfe81e0d0aca35d7cace874ddc594ed7c176ab43a0cf7864 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10.i686.rpm
a57b426ed55f596c84e602f43320e9e3e336401ccef9a43f8c4413ad8d390c37 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10.i686.rpm
28977070172e55fa0a0b35494b4f71dc3399e9e2b61045e4282a4975ebfcbb38 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10.i686.rpm
f31d4ab1ee3d04614ba2528c02998447699e9f91485317f3dbaa7e6d17965c42 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10.i686.rpm
a1acb1c4d73a01cbc9cb8d3146edbd74964e75b800bf5f5b7325b564cfded576 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el6_10.noarch.rpm
5440c6a6bf9c55cabe4175f43a63765011d8a27520ddf96f3fd93f75180cdc5e java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el6_10.noarch.rpm
2ca469b34ebae827445fb447bf132e3170603d83aa9753d125460609bd3cb96f java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10.i686.rpm
37a53618f31ee491958cde4fdba4f65b8f36f8c16658e7dd94ce10edac4307b3 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10.i686.rpm
x86_64:
5d248906c4541dac9ee0ba03358edc1b8693b6d5d85995168308375720aa5aed java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10.x86_64.rpm
c4925778a7dc92f8c6df67e4102f9012bb50b6431aeeba8066b0a53f8defed26 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10.x86_64.rpm
4130a2140817e40eae87f11df6270e4b404d37889f3610c0eae6e26c2b934dcb java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10.x86_64.rpm
6c2363a8360f53fac97eeefcf4446e01435d579f1485c58c7b2845604fa121f7 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10.x86_64.rpm
59ccb92358d41fd5fdfe15a914994fe4a9b259b2752c54f1f9a39b6f8c489e1c java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10.x86_64.rpm
d8671b3ebac48d796bb041fe1b1464b69e61789638ef251b7866c15a254b6f58 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10.x86_64.rpm
2a5503edf4cca298ab22196376908e6fc4ef95c8309bde03c39fa4cdc83202ee java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10.x86_64.rpm
cb1d8389ffee8564f16a58cd88c35dd9e536b2e18ab2f36d23ecd1b1dc8b07e2 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10.x86_64.rpm
a1acb1c4d73a01cbc9cb8d3146edbd74964e75b800bf5f5b7325b564cfded576 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el6_10.noarch.rpm
5440c6a6bf9c55cabe4175f43a63765011d8a27520ddf96f3fd93f75180cdc5e java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el6_10.noarch.rpm
d6222000d967406b884680aaf0f48f216759fb9f29f9cef58abe54960775001c java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10.x86_64.rpm
7e8839457384dd1f9349b3997c586eaada8665f0c4b55d421d09fd8b8717f901 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10.x86_64.rpm
Source:
477dc31244ee0d5cd57d26d848bedd0a0d2ddb3bef176bb430b466e84253c483 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://access.redhat.com/errata/RHSA-2018:2241
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
dc50b4eaa098e890b3f1fa2bc83c9ecc00ffd55c02fb36abbd604b6a1641c8bc java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10.i686.rpm
f6c10ff016f2999c154b9717b2d07d2e0a1303551fb05d2b4474df1561b38098 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10.i686.rpm
d1fe2b514479841b5444bcaa16f9664b92e5b39fc002ce21cb60bc850abc1052 java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10.i686.rpm
46eba7fe27734ae01772d8aa2d92abf8c31ac44ce373a07d23d12aaad6d83232 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10.i686.rpm
11a5b1ef5b7acca8cfe81e0d0aca35d7cace874ddc594ed7c176ab43a0cf7864 java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10.i686.rpm
a57b426ed55f596c84e602f43320e9e3e336401ccef9a43f8c4413ad8d390c37 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10.i686.rpm
28977070172e55fa0a0b35494b4f71dc3399e9e2b61045e4282a4975ebfcbb38 java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10.i686.rpm
f31d4ab1ee3d04614ba2528c02998447699e9f91485317f3dbaa7e6d17965c42 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10.i686.rpm
a1acb1c4d73a01cbc9cb8d3146edbd74964e75b800bf5f5b7325b564cfded576 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el6_10.noarch.rpm
5440c6a6bf9c55cabe4175f43a63765011d8a27520ddf96f3fd93f75180cdc5e java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el6_10.noarch.rpm
2ca469b34ebae827445fb447bf132e3170603d83aa9753d125460609bd3cb96f java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10.i686.rpm
37a53618f31ee491958cde4fdba4f65b8f36f8c16658e7dd94ce10edac4307b3 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10.i686.rpm
x86_64:
5d248906c4541dac9ee0ba03358edc1b8693b6d5d85995168308375720aa5aed java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10.x86_64.rpm
c4925778a7dc92f8c6df67e4102f9012bb50b6431aeeba8066b0a53f8defed26 java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10.x86_64.rpm
4130a2140817e40eae87f11df6270e4b404d37889f3610c0eae6e26c2b934dcb java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10.x86_64.rpm
6c2363a8360f53fac97eeefcf4446e01435d579f1485c58c7b2845604fa121f7 java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10.x86_64.rpm
59ccb92358d41fd5fdfe15a914994fe4a9b259b2752c54f1f9a39b6f8c489e1c java-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10.x86_64.rpm
d8671b3ebac48d796bb041fe1b1464b69e61789638ef251b7866c15a254b6f58 java-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10.x86_64.rpm
2a5503edf4cca298ab22196376908e6fc4ef95c8309bde03c39fa4cdc83202ee java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10.x86_64.rpm
cb1d8389ffee8564f16a58cd88c35dd9e536b2e18ab2f36d23ecd1b1dc8b07e2 java-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10.x86_64.rpm
a1acb1c4d73a01cbc9cb8d3146edbd74964e75b800bf5f5b7325b564cfded576 java-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el6_10.noarch.rpm
5440c6a6bf9c55cabe4175f43a63765011d8a27520ddf96f3fd93f75180cdc5e java-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el6_10.noarch.rpm
d6222000d967406b884680aaf0f48f216759fb9f29f9cef58abe54960775001c java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10.x86_64.rpm
7e8839457384dd1f9349b3997c586eaada8665f0c4b55d421d09fd8b8717f901 java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10.x86_64.rpm
Source:
477dc31244ee0d5cd57d26d848bedd0a0d2ddb3bef176bb430b466e84253c483 java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
Twitter: @JohnnyCentOS
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce
[USN-3722-2] ClamAV vulnerabilities
==========================================================================
Ubuntu Security Notice USN-3722-2
July 25, 2018
clamav vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
ClamAV could be made to hang if it opened a specially crafted file.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
USN-3722-1 fixed a vulnerability in ClamAV. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)
It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
clamav 0.100.1+dfsg-1ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3722-2
https://usn.ubuntu.com/usn/usn-3722-1
CVE-2018-0360, CVE-2018-0361
Ubuntu Security Notice USN-3722-2
July 25, 2018
clamav vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
ClamAV could be made to hang if it opened a specially crafted file.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
USN-3722-1 fixed a vulnerability in ClamAV. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)
It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
clamav 0.100.1+dfsg-1ubuntu0.12.04.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3722-2
https://usn.ubuntu.com/usn/usn-3722-1
CVE-2018-0360, CVE-2018-0361
Tuesday, July 24, 2018
[Guidelines change] Changes to the packaging guidelines
Here are the recent changes to the packaging guidelines.
-----
The packaging guidelines for enabling services by default were
significantly revised to emphasize that services starting by default
should fail only in exceptional conditions, and to provide additional
guidance for services related to hardware enablement.
* https://fedoraproject.org/wiki/Packaging:DefaultServices
* https://pagure.io/packaging-committee/issue/777
-----
The Python guidelines were modified to mention the %pypi_source macro
(available in all Fedora and EPEL releases) which conveniently expands
to the proper source URL for the package at PyPi.
* https://fedoraproject.org/wiki/Packaging:Python#Source_Files_from_PyPI
* https://pagure.io/packaging-committee/issue/759
-----
The Python guidelines were modified to indicate that packages must not
own the top-level __pycache__ directory.
* https://fedoraproject.org/wiki/Packaging:Python#Byte_compiling
* https://pagure.io/packaging-committee/issue/782
-----
A small change was made to the Java packaging guidelines to specify a
dependency on javapackages-filesystem instead of javapackages-tools.
* https://fedoraproject.org/wiki/Packaging:Java#BuildRequires_and_Requires
* https://pagure.io/packaging-committee/issue/781
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/HP4LRC2RJNMOMXITZZYJ6FLF2RITY6H6/
-----
The packaging guidelines for enabling services by default were
significantly revised to emphasize that services starting by default
should fail only in exceptional conditions, and to provide additional
guidance for services related to hardware enablement.
* https://fedoraproject.org/wiki/Packaging:DefaultServices
* https://pagure.io/packaging-committee/issue/777
-----
The Python guidelines were modified to mention the %pypi_source macro
(available in all Fedora and EPEL releases) which conveniently expands
to the proper source URL for the package at PyPi.
* https://fedoraproject.org/wiki/Packaging:Python#Source_Files_from_PyPI
* https://pagure.io/packaging-committee/issue/759
-----
The Python guidelines were modified to indicate that packages must not
own the top-level __pycache__ directory.
* https://fedoraproject.org/wiki/Packaging:Python#Byte_compiling
* https://pagure.io/packaging-committee/issue/782
-----
A small change was made to the Java packaging guidelines to specify a
dependency on javapackages-filesystem instead of javapackages-tools.
* https://fedoraproject.org/wiki/Packaging:Java#BuildRequires_and_Requires
* https://pagure.io/packaging-committee/issue/781
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/HP4LRC2RJNMOMXITZZYJ6FLF2RITY6H6/
OpenBSD Errata: July 25th, 2018 (ipsecexpire)
Errata patches for IPsec have been released for OpenBSD 6.3 and 6.2.
When an IPsec key expired, the kernel could panic due to unfinished
timeout tasks.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata62.html
https://www.openbsd.org/errata63.html
As these affect the kernel, a reboot will be needed after patching.
When an IPsec key expired, the kernel could panic due to unfinished
timeout tasks.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata62.html
https://www.openbsd.org/errata63.html
As these affect the kernel, a reboot will be needed after patching.
OpenBSD Errata: July 25th, 2018 (execsize)
Errata patches for the kernel have been released for OpenBSD 6.3 and 6.2.
A regular user could trigger a system crash by executing an invalid
ELF binary.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata62.html
https://www.openbsd.org/errata63.html
As these affect the kernel, a reboot will be needed after patching.
A regular user could trigger a system crash by executing an invalid
ELF binary.
Binary updates for the amd64, i386, and arm64 platforms are available via
the syspatch utility. Source code patches can be found on the respective
errata pages:
https://www.openbsd.org/errata62.html
https://www.openbsd.org/errata63.html
As these affect the kernel, a reboot will be needed after patching.
[USN-3722-1] ClamAV vulnerabilities
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltXc4kACgkQZWnYVadE
vpPzBA/8Ctc1P5InCkqHsYmMhWFDbzC3jovc1Uu3SNE4JAfk3qeQ3I/cNXbQRjtR
MjHqqt548s47F7+iJv3yo1XWGb3W2EkDftbIJoY+Df/xYUjjjrOntMHHBnuT5jlF
GEq01P9PE5RpEpmramG2aguOlcRgiSVCSdlU6S6t+d9XI6lkQJrWtqTQFG+p2331
rDASPN9Rehl5JJUIouDdyemSbV5oRPll975NDeUOGTxIbhVi4NsrqsJmrW7zlViG
bFOCsxotrOrVp3dPe4Oli92FrXvmtZsfNIWbYwKSbSh5K7jmN9fwsCvoe5rQSsgD
VUL5jm0UvP4m29Q2bcS4FPWVUTzqmXuvoA2ZLQnExyBQj9qRHHuyi+jAMmW3Gm99
vuMfQr9a3HpWXJifnFe+uIT6lIEjd6d+TGlV2e7IRyK2Ydt3QSNU/gfhdOtSYCF5
ubuyjo8eU6bfb7zbcaHmaDqCIGt9HLpRcINIkse6kkL8CBKqWnXk6QyGmNkRn0fx
sKecztnA+ub08L224bevXQov/6Lne4/Ciy4pbBJBZBP4QYZrE5BF755OHnv9lR1G
D6Ltr638ToHCkehPvAlH9+g4LE5Yim2hUPAGrE97NQIFEicKypZgsMJ3pTsfNiQU
o2yy4XweOFeH+Xc05cCYfzwz/NmimsNe6pjEVTrjNU0vyM4N4o4=
=8RdH
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3722-1
July 24, 2018
clamav vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
ClamAV could be made to hang if it opened a specially crafted file.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)
It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.18.04.1
Ubuntu 16.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.16.04.1
Ubuntu 14.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.14.04.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3722-1
CVE-2018-0360, CVE-2018-0361
Package Information:
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.14.04.1
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAltXc4kACgkQZWnYVadE
vpPzBA/8Ctc1P5InCkqHsYmMhWFDbzC3jovc1Uu3SNE4JAfk3qeQ3I/cNXbQRjtR
MjHqqt548s47F7+iJv3yo1XWGb3W2EkDftbIJoY+Df/xYUjjjrOntMHHBnuT5jlF
GEq01P9PE5RpEpmramG2aguOlcRgiSVCSdlU6S6t+d9XI6lkQJrWtqTQFG+p2331
rDASPN9Rehl5JJUIouDdyemSbV5oRPll975NDeUOGTxIbhVi4NsrqsJmrW7zlViG
bFOCsxotrOrVp3dPe4Oli92FrXvmtZsfNIWbYwKSbSh5K7jmN9fwsCvoe5rQSsgD
VUL5jm0UvP4m29Q2bcS4FPWVUTzqmXuvoA2ZLQnExyBQj9qRHHuyi+jAMmW3Gm99
vuMfQr9a3HpWXJifnFe+uIT6lIEjd6d+TGlV2e7IRyK2Ydt3QSNU/gfhdOtSYCF5
ubuyjo8eU6bfb7zbcaHmaDqCIGt9HLpRcINIkse6kkL8CBKqWnXk6QyGmNkRn0fx
sKecztnA+ub08L224bevXQov/6Lne4/Ciy4pbBJBZBP4QYZrE5BF755OHnv9lR1G
D6Ltr638ToHCkehPvAlH9+g4LE5Yim2hUPAGrE97NQIFEicKypZgsMJ3pTsfNiQU
o2yy4XweOFeH+Xc05cCYfzwz/NmimsNe6pjEVTrjNU0vyM4N4o4=
=8RdH
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3722-1
July 24, 2018
clamav vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
ClamAV could be made to hang if it opened a specially crafted file.
Software Description:
- clamav: Anti-virus utility for Unix
Details:
It was discovered that ClamAV incorrectly handled parsing certain HWP
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0360)
It was discovered that ClamAV incorrectly handled parsing certain PDF
files. A remote attacker could use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2018-0361)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.18.04.1
Ubuntu 16.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.16.04.1
Ubuntu 14.04 LTS:
clamav 0.100.1+dfsg-1ubuntu0.14.04.1
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3722-1
CVE-2018-0360, CVE-2018-0361
Package Information:
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.18.04.1
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.16.04.1
https://launchpad.net/ubuntu/+source/clamav/0.100.1+dfsg-1ubuntu0.14.04.1
[USN-3721-1] Apache Ant vulnerability
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAltXc0UACgkQdyg1Qz0o
XX294Q//awxTQRBg+xfaotfCHcJfqm6aUfKauXziHY/LZ6O9fNNWXL5QCiGyrzZS
kfSKi217H5SkD8vjG2laFMluhmmEKn3gbDMBRuTPhCCvSOvFjsO2K4cD6wAGRcbV
+vNhtauGXYZsN1ul0AP0UWsLRXBfIlBtSW9qxKmhskM8uudbSqh7PQxnMM2JJkqL
nU3eElb6WzmLyc00lcbLRX9BXEAi7JpfI50iGo+6VbMLihSbgXjd4uDAKQehzzf4
lnSpBHL5teufEpJ4WqXiqKAKw08A8K797+QTVDgeyzj7av7VyXozkI8HTnyFhFqM
CV/+uaKXoQtBvZ/fmNtqAoUEn9ztVE1hFyLG6EK0iUsIRcyuR77jPc5ROfUkF/kk
TM5mBmLdFOr/ffraSZu+RZEc7Wxlg4/Gyl29YCmwm/dMt+EK/JWFv6wo0/JtLETC
/kqEZVEJ3Hya0PaQcbltkOzezpnzak6zdIPmwvMPmfqW1yvpeJFrdkYL949KB8sf
Zj/iVLOKOSJRTR2KSw8qIHEj9HoT3N9O4U8KNRxsOeXf5FSLDVXa3XbytH1CvEWo
2aWbHKQu5asK5CDZzZNaMzojB0PWPPrIB5HC+xTWm07MnYWja9MjtSiksDgGrK2b
FFhM6dt/0fZv802S3IVs9z3lTjhNwnQ+z/Hcr7WgikVC4PpwBfo=
=6yMt
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3721-1
July 24, 2018
ant vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Apache Ant could be made to overwrite files.
Software Description:
- ant: Java based build tool like make
Details:
Danny Grander discovered that Apache Ant incorrectly handled certain
compressed files. If a user or automated system were tricked into
processing a specially crafted file, a remote attacker could use this issue
to overwrite arbitrary files.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
ant 1.9.3-2ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3721-1
CVE-2018-10886
Package Information:
https://launchpad.net/ubuntu/+source/ant/1.9.3-2ubuntu0.1
iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAltXc0UACgkQdyg1Qz0o
XX294Q//awxTQRBg+xfaotfCHcJfqm6aUfKauXziHY/LZ6O9fNNWXL5QCiGyrzZS
kfSKi217H5SkD8vjG2laFMluhmmEKn3gbDMBRuTPhCCvSOvFjsO2K4cD6wAGRcbV
+vNhtauGXYZsN1ul0AP0UWsLRXBfIlBtSW9qxKmhskM8uudbSqh7PQxnMM2JJkqL
nU3eElb6WzmLyc00lcbLRX9BXEAi7JpfI50iGo+6VbMLihSbgXjd4uDAKQehzzf4
lnSpBHL5teufEpJ4WqXiqKAKw08A8K797+QTVDgeyzj7av7VyXozkI8HTnyFhFqM
CV/+uaKXoQtBvZ/fmNtqAoUEn9ztVE1hFyLG6EK0iUsIRcyuR77jPc5ROfUkF/kk
TM5mBmLdFOr/ffraSZu+RZEc7Wxlg4/Gyl29YCmwm/dMt+EK/JWFv6wo0/JtLETC
/kqEZVEJ3Hya0PaQcbltkOzezpnzak6zdIPmwvMPmfqW1yvpeJFrdkYL949KB8sf
Zj/iVLOKOSJRTR2KSw8qIHEj9HoT3N9O4U8KNRxsOeXf5FSLDVXa3XbytH1CvEWo
2aWbHKQu5asK5CDZzZNaMzojB0PWPPrIB5HC+xTWm07MnYWja9MjtSiksDgGrK2b
FFhM6dt/0fZv802S3IVs9z3lTjhNwnQ+z/Hcr7WgikVC4PpwBfo=
=6yMt
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-3721-1
July 24, 2018
ant vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Apache Ant could be made to overwrite files.
Software Description:
- ant: Java based build tool like make
Details:
Danny Grander discovered that Apache Ant incorrectly handled certain
compressed files. If a user or automated system were tricked into
processing a specially crafted file, a remote attacker could use this issue
to overwrite arbitrary files.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
ant 1.9.3-2ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3721-1
CVE-2018-10886
Package Information:
https://launchpad.net/ubuntu/+source/ant/1.9.3-2ubuntu0.1
Monday, July 23, 2018
Reminder: Fedora 29 software string freeze
Hello everyone,
This is your reminder that the software string freeze is scheduled for
31 July 2018. For more information on the string freeze policy see
https://fedoraproject.org/wiki/Software_String_Freeze_Policy
The full Fedora 29 schedule is available at
https://fedoraproject.org/wiki/Releases/29/Schedule
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/CUCFAL7I7CKS7QD4XF67EFVV4DTYQJ7J/
This is your reminder that the software string freeze is scheduled for
31 July 2018. For more information on the string freeze policy see
https://fedoraproject.org/wiki/Software_String_Freeze_Policy
The full Fedora 29 schedule is available at
https://fedoraproject.org/wiki/Releases/29/Schedule
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/CUCFAL7I7CKS7QD4XF67EFVV4DTYQJ7J/
Reminder: Fedora 29 self-contained change deadline
Hello everyone,
This is your reminder that the deadline for self-contained changes is
24 July 2018. The full Fedora 29 schedule is available at
https://fedoraproject.org/wiki/Releases/29/Schedule
Changes not marked with the "ChangeReadyForWrangler" category by the
deadline will be moved to Fedora 30.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/SQLY7ZJKFMKGV22SAYBANRPH6KPUHUJF/
This is your reminder that the deadline for self-contained changes is
24 July 2018. The full Fedora 29 schedule is available at
https://fedoraproject.org/wiki/Releases/29/Schedule
Changes not marked with the "ChangeReadyForWrangler" category by the
deadline will be moved to Fedora 30.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/SQLY7ZJKFMKGV22SAYBANRPH6KPUHUJF/
Fedora 29 Self-Contained Change: Liberation Fonts 2
== Summary ==
Upgrading Liberation fonts in Fedora to Liberation 2.00.3 version.
Presently we are having Liberation fonts 1.07.4. Both version has its
advantages and disadvantages. Users interested in using Liberation
1.07.4 can install it from Copr repo.
== Owner ==
* Name: [[User:Pravins| Pravin Satpute]], [[User:Pnemade| Parag
Nemade]], [[User:Vishalvvr| Vishal Vijayraghavan]]
* Email: psatpute AT redhat DOT com, pnemade AT redhat DOT com,
vvijayra AT redhat DOT com
== Detailed Description ==
Liberation 1.07.4:
This is traditional version for Liberation fonts.
Advantages:
* It has bytecode hinting instructions and works very well.
* In uses from long time.
Disadvantages:
* Not good Unicode character coverage.
* License: Liberation
Liberation 2.00.3:
Advantages
* Wide character coverage.
** '''Latest Version - Older Version'''
** 2302 (sans) - 667
** 2274 (mono) - 666
** 2303 (serif) - 662
* License: OFL
Disadvantage
* Not bytecode hinting instructions.
We tried to change Liberation 1.07.4 with Liberation 2.00.3 in
[http://fedoraproject.org/wiki/Features/Liberation_Fonts_2 Fedora 19]
but due to regression about hinting, we revoked
[https://bugzilla.redhat.com/show_bug.cgi?id=856239 this change].
Over the period many users suggested for upgrade. We had discussion on
fedora devel lists and also in fedora i18n meeting about same.
With this change planning to upgrade Fedora version to 2.00.3 and
provide Copr repo for 1.07.5
TODO List:
1. Update Liberation 2.00.3 in Fedora (Done)
2. Split Liberation Narrow fonts from Liberation 1.07.4. (Done)
3. Package Liberation-narrow-fonts in Fedora (Ongoing)
4. Build Liberation 1.07.5 in copr.
== Benefit to Fedora ==
Liberation 2.00.3 has wider character coverage and automated hinting
instructions. Uuser interested in liberation 1.07.5 can install it
from copr repo.
== Scope ==
* Proposal owners:
** Presently liberation [https://github.com/pravins/liberation-fonts
upstream] has both version in single repo (in different branch).
Upstream project splitting required. [Done]
** Update Liberation 2.00.3 in Fedora (Done)
** Split Liberation Narrow fonts from Liberation 1.07.5. (Done)
** Package Liberation-narrow-fonts in Fedora (Ongoing)
** Build Liberation 1.07.4 in copr.
== Upgrade/compatibility impact ==
* Liberation 1.07.4 will be updated to Liberation 2.00.3
* User interested in Liberation 1.07.4 need to install it from Copr
Upgrade will be smooth.
== How To Test ==
* Check whether Liberation Fonts 2.00.3 has been installed or not.
* Try to install Liberation 1.07.5 and see if users can use it properly.
== Contingency Plan ==
* Drop the change and move to next release.
== Documentation ==
Not at this moment, planning to update github.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/5AVI3OGKZQN45ZZAXWFLFWDCYOEERPEQ/
Upgrading Liberation fonts in Fedora to Liberation 2.00.3 version.
Presently we are having Liberation fonts 1.07.4. Both version has its
advantages and disadvantages. Users interested in using Liberation
1.07.4 can install it from Copr repo.
== Owner ==
* Name: [[User:Pravins| Pravin Satpute]], [[User:Pnemade| Parag
Nemade]], [[User:Vishalvvr| Vishal Vijayraghavan]]
* Email: psatpute AT redhat DOT com, pnemade AT redhat DOT com,
vvijayra AT redhat DOT com
== Detailed Description ==
Liberation 1.07.4:
This is traditional version for Liberation fonts.
Advantages:
* It has bytecode hinting instructions and works very well.
* In uses from long time.
Disadvantages:
* Not good Unicode character coverage.
* License: Liberation
Liberation 2.00.3:
Advantages
* Wide character coverage.
** '''Latest Version - Older Version'''
** 2302 (sans) - 667
** 2274 (mono) - 666
** 2303 (serif) - 662
* License: OFL
Disadvantage
* Not bytecode hinting instructions.
We tried to change Liberation 1.07.4 with Liberation 2.00.3 in
[http://fedoraproject.org/wiki/Features/Liberation_Fonts_2 Fedora 19]
but due to regression about hinting, we revoked
[https://bugzilla.redhat.com/show_bug.cgi?id=856239 this change].
Over the period many users suggested for upgrade. We had discussion on
fedora devel lists and also in fedora i18n meeting about same.
With this change planning to upgrade Fedora version to 2.00.3 and
provide Copr repo for 1.07.5
TODO List:
1. Update Liberation 2.00.3 in Fedora (Done)
2. Split Liberation Narrow fonts from Liberation 1.07.4. (Done)
3. Package Liberation-narrow-fonts in Fedora (Ongoing)
4. Build Liberation 1.07.5 in copr.
== Benefit to Fedora ==
Liberation 2.00.3 has wider character coverage and automated hinting
instructions. Uuser interested in liberation 1.07.5 can install it
from copr repo.
== Scope ==
* Proposal owners:
** Presently liberation [https://github.com/pravins/liberation-fonts
upstream] has both version in single repo (in different branch).
Upstream project splitting required. [Done]
** Update Liberation 2.00.3 in Fedora (Done)
** Split Liberation Narrow fonts from Liberation 1.07.5. (Done)
** Package Liberation-narrow-fonts in Fedora (Ongoing)
** Build Liberation 1.07.4 in copr.
== Upgrade/compatibility impact ==
* Liberation 1.07.4 will be updated to Liberation 2.00.3
* User interested in Liberation 1.07.4 need to install it from Copr
Upgrade will be smooth.
== How To Test ==
* Check whether Liberation Fonts 2.00.3 has been installed or not.
* Try to install Liberation 1.07.5 and see if users can use it properly.
== Contingency Plan ==
* Drop the change and move to next release.
== Documentation ==
Not at this moment, planning to update github.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/5AVI3OGKZQN45ZZAXWFLFWDCYOEERPEQ/
Fedora 29 Self-Contained Change: Merge Dstat And Performance Co-Pilot
== Summary ==
[http://dag.wiee.rs/home-made/dstat/ Dstat] is a resource statistics
tool for the local host. [https://pcp.io Performance Co-Pilot] is a
system performance analysis toolkit.
This change will merge the existing python2 '''dstat''' utility and
associated ''dstat'' package into the ''pcp-system-tools'' package
where a python3 implementation is provided.
A symbolic link and package replacement rules will streamline the transition.
== Owner ==
* Name: [[User:nathans| Nathan Scott]]
* Email: nathans@redhat.com
* Name: [https://src.fedoraproject.org/user/dkaspar David Kaspar]
* Email: dkaspar@redhat.com
== Detailed Description ==
The original '''dstat''' utility has reached end of life - it does not
support python3 and there are no plans to update it. It has been
unsupported upstream for some time. However, it is a widely used and
much loved tool. The Performance Co-Pilot (PCP) project has produced
a '''pcp-dstat''' utility which strives for 100% output compatibility
with the original '''dstat'''.
The new '''pcp-dstat''' utility displays metric values and metadata
(e.g. units) by accessing the PCP python APIs. This utility was first
included in PCP version 4.1.0 which is now available in all supported
Fedora versions, in the ''pcp-system-tools'' package. It is invoked
as: 'pcp dstat'.
This proposed change will transition Fedora to provide
''/usr/bin/dstat'' as a symbolic link to the ''pcp-dstat'' script, and
will deprecate the original dstat package which requires python2.
== Benefit to Fedora ==
There are several benefits. First and foremost - the original
motivation - we are able to continue to provide the primary dstat
functionality in a python3-based system.
In addition to providing the same compact, colourful output that the
original dstat provided, the new utility also supports distributed
analysis (monitoring one host from another) using PCP protocol, and
retrospective analysis via Performance Co-Pilot archives.
A configuration file format for plugins has been introduced to
'''pcp-dstat'''(1). This was on the original dstat roadmap for many
years, but not implemented. Because PCP metrics can be accessed by
name, and have strong metadata (including units), a generalised plugin
configuration is possible which allows pcp-dstat to display any
Performance Co-Pilot metric values. All of the original '''dstat'''
"builtin" plugins as well as many of the "extended" plugins are
provided by these configuration files, below the ''/etc/pcp/dstat''
directory.
Customised plugins are encouraged and supported in '''pcp-dstat'''
just as they were in the original '''dstat''', except these are now
configuration files rather than python code.
== Scope ==
* Proposal owners:
The primary goal has been accomplished - providing the python3
pcp-dstat utility. The remaining effort involves ensuring a clean
transition through packaging updates. The pcp-system-tools package
will need to provide a spec file Obsoletes line and symbolic link in
/usr/bin/dstat to complete the transition - this final stage of work
has not yet been done.
* Other developers: N/A (not a System Wide Change)
* Release engineering: [https://pagure.io/releng/issues #7648]
* Policies and guidelines: N/A (not a System Wide Change)
* Trademark approval: N/A (not needed for this Change)
== Upgrade/compatibility impact ==
On upgrade, a system with ''dstat'' installed will be seamlessly
transitioned to using the ''pcp-system-tools'' package. The command
output format is the same.
The original dstat provided a facility for adding new (python2 code)
'plugins' to provide user-customisable metric reports. This feature
remains, but instead uses the configuration files for providing this
extension. Performance Co-Pilot allows arbitrary metrics to be added
to the framework as well (via PMDAs - Performance Metric Domain
Agents).
The upstream PCP mailing list, books, man pages and tutorials can be
used for anyone wishing to add new metrics, which will then be
automatically available to '''pcp-dstat''' configuration files for
displaying.
== How To Test ==
1. Install pcp-system-tools
2. Verify that ''/usr/bin/dstat'' is now a symbolic link to
'''pcp-dstat''' and that the ''dstat'' package is no longer installed.
3. Run '''dstat''' and compare the output to the original dstat utility.
== User Experience ==
Users of the dstat utility will have an improved analysis experience
using pcp-dstat, as not only is it more easily extended through
configuration files instead of python2 code, it also offers
distributed (remote hosts) and retrospective (historical) analysis
capabilities that the original utility does not provide.
== Dependencies ==
The ''pcp-system-tools'' package depends on ''python3-pcp'', which in
turn depends on ''pcp-libs'' and ''python3''.
== Contingency Plan ==
* Contingency mechanism: (What to do? Who will do it?) N/A (not a
System Wide Change)
* Contingency deadline: N/A (not a System Wide Change)
* Blocks release? N/A (not a System Wide Change)
* Blocks product? No
== Documentation ==
The new version of the utility is documented in the '''pcp-dstat'''(1)
and '''pcp-dstat'''(5) man pages, in the ''pcp-doc'' package.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/S2TZ2VS4DMK2PW466U3GKZUYPGAVWOGA/
[http://dag.wiee.rs/home-made/dstat/ Dstat] is a resource statistics
tool for the local host. [https://pcp.io Performance Co-Pilot] is a
system performance analysis toolkit.
This change will merge the existing python2 '''dstat''' utility and
associated ''dstat'' package into the ''pcp-system-tools'' package
where a python3 implementation is provided.
A symbolic link and package replacement rules will streamline the transition.
== Owner ==
* Name: [[User:nathans| Nathan Scott]]
* Email: nathans@redhat.com
* Name: [https://src.fedoraproject.org/user/dkaspar David Kaspar]
* Email: dkaspar@redhat.com
== Detailed Description ==
The original '''dstat''' utility has reached end of life - it does not
support python3 and there are no plans to update it. It has been
unsupported upstream for some time. However, it is a widely used and
much loved tool. The Performance Co-Pilot (PCP) project has produced
a '''pcp-dstat''' utility which strives for 100% output compatibility
with the original '''dstat'''.
The new '''pcp-dstat''' utility displays metric values and metadata
(e.g. units) by accessing the PCP python APIs. This utility was first
included in PCP version 4.1.0 which is now available in all supported
Fedora versions, in the ''pcp-system-tools'' package. It is invoked
as: 'pcp dstat'.
This proposed change will transition Fedora to provide
''/usr/bin/dstat'' as a symbolic link to the ''pcp-dstat'' script, and
will deprecate the original dstat package which requires python2.
== Benefit to Fedora ==
There are several benefits. First and foremost - the original
motivation - we are able to continue to provide the primary dstat
functionality in a python3-based system.
In addition to providing the same compact, colourful output that the
original dstat provided, the new utility also supports distributed
analysis (monitoring one host from another) using PCP protocol, and
retrospective analysis via Performance Co-Pilot archives.
A configuration file format for plugins has been introduced to
'''pcp-dstat'''(1). This was on the original dstat roadmap for many
years, but not implemented. Because PCP metrics can be accessed by
name, and have strong metadata (including units), a generalised plugin
configuration is possible which allows pcp-dstat to display any
Performance Co-Pilot metric values. All of the original '''dstat'''
"builtin" plugins as well as many of the "extended" plugins are
provided by these configuration files, below the ''/etc/pcp/dstat''
directory.
Customised plugins are encouraged and supported in '''pcp-dstat'''
just as they were in the original '''dstat''', except these are now
configuration files rather than python code.
== Scope ==
* Proposal owners:
The primary goal has been accomplished - providing the python3
pcp-dstat utility. The remaining effort involves ensuring a clean
transition through packaging updates. The pcp-system-tools package
will need to provide a spec file Obsoletes line and symbolic link in
/usr/bin/dstat to complete the transition - this final stage of work
has not yet been done.
* Other developers: N/A (not a System Wide Change)
* Release engineering: [https://pagure.io/releng/issues #7648]
* Policies and guidelines: N/A (not a System Wide Change)
* Trademark approval: N/A (not needed for this Change)
== Upgrade/compatibility impact ==
On upgrade, a system with ''dstat'' installed will be seamlessly
transitioned to using the ''pcp-system-tools'' package. The command
output format is the same.
The original dstat provided a facility for adding new (python2 code)
'plugins' to provide user-customisable metric reports. This feature
remains, but instead uses the configuration files for providing this
extension. Performance Co-Pilot allows arbitrary metrics to be added
to the framework as well (via PMDAs - Performance Metric Domain
Agents).
The upstream PCP mailing list, books, man pages and tutorials can be
used for anyone wishing to add new metrics, which will then be
automatically available to '''pcp-dstat''' configuration files for
displaying.
== How To Test ==
1. Install pcp-system-tools
2. Verify that ''/usr/bin/dstat'' is now a symbolic link to
'''pcp-dstat''' and that the ''dstat'' package is no longer installed.
3. Run '''dstat''' and compare the output to the original dstat utility.
== User Experience ==
Users of the dstat utility will have an improved analysis experience
using pcp-dstat, as not only is it more easily extended through
configuration files instead of python2 code, it also offers
distributed (remote hosts) and retrospective (historical) analysis
capabilities that the original utility does not provide.
== Dependencies ==
The ''pcp-system-tools'' package depends on ''python3-pcp'', which in
turn depends on ''pcp-libs'' and ''python3''.
== Contingency Plan ==
* Contingency mechanism: (What to do? Who will do it?) N/A (not a
System Wide Change)
* Contingency deadline: N/A (not a System Wide Change)
* Blocks release? N/A (not a System Wide Change)
* Blocks product? No
== Documentation ==
The new version of the utility is documented in the '''pcp-dstat'''(1)
and '''pcp-dstat'''(5) man pages, in the ''pcp-doc'' package.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/S2TZ2VS4DMK2PW466U3GKZUYPGAVWOGA/
Fedora 29 Self-Contained Change: xfce 4.1
== Summary ==
Xfce desktop environment has utilized GTK-2 up until version 4.12.x
which is currently available in Fedora. Significant work has been
completed to migrate the DE to GTK-3 completely. The obvious benefit
to this migration is the use of a modern and actively maintained
toolkit.
Xfce 4.13 is a development release leading up to the eventual 4.14
stable release, however 4.13 components have proven to be very stable,
provide features users want and the 4.14 release is unscheduled
currently. This change proposal is submitted to sync fedora packages
with latest upstream releases.
== Owners ==
* Name: [[User:nonamedotc| Mukundan Ragavan]]
* Email: nonamedotc@fedoraproject.org
* Name: [[User:kevin| Kevin Fenzi]]
* Email: kevin@scrye.com
== Detailed Description ==
This change mirgrates Xfce desktop evironment (DE) to latest version
provided by upstream developers. This is a near complete GTK-3
migration of the DE.
== Benefit to Fedora ==
Other GTK-based DEs such as cinnamon and MATE have already migrated to
using GTK-3 libraries. This change proposes to migrate the popular
Xfce DE to the latest GTK-3 based versions upstream developers have
released.
This change would result in fewer packages depending on the older
GTK-2 libraries and move Xfce to using a modern toolkit.
== Scope ==
* Proposal owners:
** Update core xfce packages to 4.13
** Rebuild plugins once core packages are build
* Other developers: N/A (not a System Wide Change)
== User Experience ==
* A fresh install should have fully functional Xfce DE
* Upgrade from Fedora 28 or older should show no visible changes to
the end users.
** GTK-3 applications will be better integrated
No special configuration or hardware needed.
== Documentation ==
N/A (not a System Wide Change)
== Release Notes ==
Fedora 29 ships with Xfce 4.13 components. Xfce-4.13 features near
complete GTK-3 migration.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/3ZCDIKCASWEQEUC24NFBUVX5KFNJ3JT6/
Xfce desktop environment has utilized GTK-2 up until version 4.12.x
which is currently available in Fedora. Significant work has been
completed to migrate the DE to GTK-3 completely. The obvious benefit
to this migration is the use of a modern and actively maintained
toolkit.
Xfce 4.13 is a development release leading up to the eventual 4.14
stable release, however 4.13 components have proven to be very stable,
provide features users want and the 4.14 release is unscheduled
currently. This change proposal is submitted to sync fedora packages
with latest upstream releases.
== Owners ==
* Name: [[User:nonamedotc| Mukundan Ragavan]]
* Email: nonamedotc@fedoraproject.org
* Name: [[User:kevin| Kevin Fenzi]]
* Email: kevin@scrye.com
== Detailed Description ==
This change mirgrates Xfce desktop evironment (DE) to latest version
provided by upstream developers. This is a near complete GTK-3
migration of the DE.
== Benefit to Fedora ==
Other GTK-based DEs such as cinnamon and MATE have already migrated to
using GTK-3 libraries. This change proposes to migrate the popular
Xfce DE to the latest GTK-3 based versions upstream developers have
released.
This change would result in fewer packages depending on the older
GTK-2 libraries and move Xfce to using a modern toolkit.
== Scope ==
* Proposal owners:
** Update core xfce packages to 4.13
** Rebuild plugins once core packages are build
* Other developers: N/A (not a System Wide Change)
== User Experience ==
* A fresh install should have fully functional Xfce DE
* Upgrade from Fedora 28 or older should show no visible changes to
the end users.
** GTK-3 applications will be better integrated
No special configuration or hardware needed.
== Documentation ==
N/A (not a System Wide Change)
== Release Notes ==
Fedora 29 ships with Xfce 4.13 components. Xfce-4.13 features near
complete GTK-3 migration.
--
Ben Cotton
Fedora Program Manager
TZ=America/Indiana/Indianapolis
_______________________________________________
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org/message/3ZCDIKCASWEQEUC24NFBUVX5KFNJ3JT6/
[USN-3720-1] python-cryptography vulnerability
==========================================================================
Ubuntu Security Notice USN-3720-1
July 23, 2018
python-cryptography vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
python-cryptography could be made to expose sensitive information
if it received a specially crafted input.
Software Description:
- python-cryptography: Cryptography Python library
Details:
It was discovered that python-cryptography incorrectly handled certain
inputs. An attacker could possibly use this to get access to sensitive
information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
python-cryptography 2.1.4-1ubuntu1.2
python3-cryptography 2.1.4-1ubuntu1.2
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3720-1
CVE-2018-10903
Package Information:
https://launchpad.net/ubuntu/+source/python-cryptography/2.1.4-1ubuntu1.2
Ubuntu Security Notice USN-3720-1
July 23, 2018
python-cryptography vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
python-cryptography could be made to expose sensitive information
if it received a specially crafted input.
Software Description:
- python-cryptography: Cryptography Python library
Details:
It was discovered that python-cryptography incorrectly handled certain
inputs. An attacker could possibly use this to get access to sensitive
information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
python-cryptography 2.1.4-1ubuntu1.2
python3-cryptography 2.1.4-1ubuntu1.2
In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/usn/usn-3720-1
CVE-2018-10903
Package Information:
https://launchpad.net/ubuntu/+source/python-cryptography/2.1.4-1ubuntu1.2
[USN-3719-2] Mutt vulnerabilities
==========================================================================
Ubuntu Security Notice USN-3719-2
July 23, 2018
mutt vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in Mutt.
Software Description:
- mutt: text-based mailreader supporting MIME, GPG, PGP and threading
Details:
USN-3719-1 fixed a vulnerability in Mutt. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that Mutt incorrectly handled certain requests.
An attacker could possibly use this to execute arbitrary code.
(CVE-2018-14350, CVE-2018-14352, CVE-2018-14354, CVE-2018-14359,
CVE-2018-14358, CVE-2018-14353 ,CVE-2018-14357)
It was discovered that Mutt incorrectly handled certain inputs.
An attacker could possibly use this to access or expose sensitive
information. (CVE-2018-14355, CVE-2018-14356, CVE-2018-14351,
CVE-2018-14362, CVE-2018-14349)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
mutt 1.5.21-5ubuntu2.3
mutt-patched 1.5.21-5ubuntu2.3
After a standard system update you need to restart mutt to make
all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3719-2
https://usn.ubuntu.com/usn/usn-3719-1
CVE-2018-14349, CVE-2018-14350, CVE-2018-14351, CVE-2018-14352,
CVE-2018-14353, CVE-2018-14354, CVE-2018-14355, CVE-2018-14356,
CVE-2018-14357, CVE-2018-14358, CVE-2018-14359, CVE-2018-14362
Ubuntu Security Notice USN-3719-2
July 23, 2018
mutt vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in Mutt.
Software Description:
- mutt: text-based mailreader supporting MIME, GPG, PGP and threading
Details:
USN-3719-1 fixed a vulnerability in Mutt. This update provides
the corresponding update for Ubuntu 12.04 ESM.
Original advisory details:
It was discovered that Mutt incorrectly handled certain requests.
An attacker could possibly use this to execute arbitrary code.
(CVE-2018-14350, CVE-2018-14352, CVE-2018-14354, CVE-2018-14359,
CVE-2018-14358, CVE-2018-14353 ,CVE-2018-14357)
It was discovered that Mutt incorrectly handled certain inputs.
An attacker could possibly use this to access or expose sensitive
information. (CVE-2018-14355, CVE-2018-14356, CVE-2018-14351,
CVE-2018-14362, CVE-2018-14349)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
mutt 1.5.21-5ubuntu2.3
mutt-patched 1.5.21-5ubuntu2.3
After a standard system update you need to restart mutt to make
all the necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3719-2
https://usn.ubuntu.com/usn/usn-3719-1
CVE-2018-14349, CVE-2018-14350, CVE-2018-14351, CVE-2018-14352,
CVE-2018-14353, CVE-2018-14354, CVE-2018-14355, CVE-2018-14356,
CVE-2018-14357, CVE-2018-14358, CVE-2018-14359, CVE-2018-14362
[USN-3719-1] Mutt vulnerabilities
==========================================================================
Ubuntu Security Notice USN-3719-1
July 23, 2018
mutt vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Mutt.
Software Description:
- mutt: text-based mailreader supporting MIME, GPG, PGP and threading
Details:
It was discovered that Mutt incorrectly handled certain requests.
An attacker could possibly use this to execute arbitrary code.
(CVE-2018-14350, CVE-2018-14352, CVE-2018-14354, CVE-2018-14359,
CVE-2018-14358, CVE-2018-14353 ,CVE-2018-14357)
It was discovered that Mutt incorrectly handled certain inputs.
An attacker could possibly use this to access or expose sensitive
information. (CVE-2018-14355, CVE-2018-14356, CVE-2018-14351,
CVE-2018-14362, CVE-2018-14349)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
mutt 1.9.4-3ubuntu0.1
Ubuntu 16.04 LTS:
mutt 1.5.24-1ubuntu0.1
mutt-patched 1.5.24-1ubuntu0.1
Ubuntu 14.04 LTS:
mutt 1.5.21-6.4ubuntu2.2
mutt-patched 1.5.21-6.4ubuntu2.2
After a standard system update you need to restart mutt to make all the
necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3719-1
CVE-2018-14349, CVE-2018-14350, CVE-2018-14351, CVE-2018-14352,
CVE-2018-14353, CVE-2018-14354, CVE-2018-14355, CVE-2018-14356,
CVE-2018-14357, CVE-2018-14358, CVE-2018-14359, CVE-2018-14362
Package Information:
https://launchpad.net/ubuntu/+source/mutt/1.9.4-3ubuntu0.1
https://launchpad.net/ubuntu/+source/mutt/1.5.24-1ubuntu0.1
https://launchpad.net/ubuntu/+source/mutt/1.5.21-6.4ubuntu2.2
Ubuntu Security Notice USN-3719-1
July 23, 2018
mutt vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Mutt.
Software Description:
- mutt: text-based mailreader supporting MIME, GPG, PGP and threading
Details:
It was discovered that Mutt incorrectly handled certain requests.
An attacker could possibly use this to execute arbitrary code.
(CVE-2018-14350, CVE-2018-14352, CVE-2018-14354, CVE-2018-14359,
CVE-2018-14358, CVE-2018-14353 ,CVE-2018-14357)
It was discovered that Mutt incorrectly handled certain inputs.
An attacker could possibly use this to access or expose sensitive
information. (CVE-2018-14355, CVE-2018-14356, CVE-2018-14351,
CVE-2018-14362, CVE-2018-14349)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
mutt 1.9.4-3ubuntu0.1
Ubuntu 16.04 LTS:
mutt 1.5.24-1ubuntu0.1
mutt-patched 1.5.24-1ubuntu0.1
Ubuntu 14.04 LTS:
mutt 1.5.21-6.4ubuntu2.2
mutt-patched 1.5.21-6.4ubuntu2.2
After a standard system update you need to restart mutt to make all the
necessary changes.
References:
https://usn.ubuntu.com/usn/usn-3719-1
CVE-2018-14349, CVE-2018-14350, CVE-2018-14351, CVE-2018-14352,
CVE-2018-14353, CVE-2018-14354, CVE-2018-14355, CVE-2018-14356,
CVE-2018-14357, CVE-2018-14358, CVE-2018-14359, CVE-2018-14362
Package Information:
https://launchpad.net/ubuntu/+source/mutt/1.9.4-3ubuntu0.1
https://launchpad.net/ubuntu/+source/mutt/1.5.24-1ubuntu0.1
https://launchpad.net/ubuntu/+source/mutt/1.5.21-6.4ubuntu2.2
Friday, July 20, 2018
[USN-3718-2] Linux kernel (HWE) regression
==========================================================================
Ubuntu Security Notice USN-3718-2
July 21, 2018
linux-hwe, linux-azure, linux-gcp regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
A regression that caused boot failures was fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
Details:
USN-3695-2 fixed vulnerabilities in the Linux Hardware Enablement
Kernel (HWE) kernel for Ubuntu 16.04 LTS. Unfortunately, the fix
for CVE-2018-1108 introduced a regression where insufficient early
entropy prevented services from starting, leading in some situations
to a failure to boot, This update addresses the issue.
We apologize for the inconvenience.
Original advisory details:
Jann Horn discovered that the Linux kernel's implementation of random
seed data reported that it was in a ready state before it had gathered
sufficient entropy. An attacker could use this to expose sensitive
information. (CVE-2018-1108)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly initialize the crc32c checksum driver. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-1094)
It was discovered that the cdrom driver in the Linux kernel contained an
incorrect bounds check. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-10940)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly validate xattr sizes. A local attacker could use
this to cause a denial of service (system crash). (CVE-2018-1095)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
linux-image-4.15.0-1014-gcp 4.15.0-1014.14~16.04.1
linux-image-4.15.0-1018-azure 4.15.0-1018.18~16.04.1
linux-image-4.15.0-29-generic 4.15.0-29.31~16.04.1
linux-image-4.15.0-29-generic-lpae 4.15.0-29.31~16.04.1
linux-image-4.15.0-29-lowlatency 4.15.0-29.31~16.04.1
linux-image-azure 4.15.0.1018.24
linux-image-gcp 4.15.0.1014.26
linux-image-generic-hwe-16.04 4.13.0.45.64
linux-image-generic-lpae-hwe-16.04 4.13.0.45.64
linux-image-gke 4.15.0.1014.26
linux-image-lowlatency-hwe-16.04 4.13.0.45.64
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3718-2
https://usn.ubuntu.com/usn/usn-3718-1
https://launchpad.net/bugs/1779827, https://usn.ubuntu.com/usn/usn-3695-2
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1018.18~16.04.1
https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1014.14~16.04.1
https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-29.31~16.04.1
Ubuntu Security Notice USN-3718-2
July 21, 2018
linux-hwe, linux-azure, linux-gcp regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
A regression that caused boot failures was fixed in the Linux kernel.
Software Description:
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
Details:
USN-3695-2 fixed vulnerabilities in the Linux Hardware Enablement
Kernel (HWE) kernel for Ubuntu 16.04 LTS. Unfortunately, the fix
for CVE-2018-1108 introduced a regression where insufficient early
entropy prevented services from starting, leading in some situations
to a failure to boot, This update addresses the issue.
We apologize for the inconvenience.
Original advisory details:
Jann Horn discovered that the Linux kernel's implementation of random
seed data reported that it was in a ready state before it had gathered
sufficient entropy. An attacker could use this to expose sensitive
information. (CVE-2018-1108)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly initialize the crc32c checksum driver. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-1094)
It was discovered that the cdrom driver in the Linux kernel contained an
incorrect bounds check. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-10940)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly validate xattr sizes. A local attacker could use
this to cause a denial of service (system crash). (CVE-2018-1095)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 16.04 LTS:
linux-image-4.15.0-1014-gcp 4.15.0-1014.14~16.04.1
linux-image-4.15.0-1018-azure 4.15.0-1018.18~16.04.1
linux-image-4.15.0-29-generic 4.15.0-29.31~16.04.1
linux-image-4.15.0-29-generic-lpae 4.15.0-29.31~16.04.1
linux-image-4.15.0-29-lowlatency 4.15.0-29.31~16.04.1
linux-image-azure 4.15.0.1018.24
linux-image-gcp 4.15.0.1014.26
linux-image-generic-hwe-16.04 4.13.0.45.64
linux-image-generic-lpae-hwe-16.04 4.13.0.45.64
linux-image-gke 4.15.0.1014.26
linux-image-lowlatency-hwe-16.04 4.13.0.45.64
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3718-2
https://usn.ubuntu.com/usn/usn-3718-1
https://launchpad.net/bugs/1779827, https://usn.ubuntu.com/usn/usn-3695-2
Package Information:
https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1018.18~16.04.1
https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1014.14~16.04.1
https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-29.31~16.04.1
[USN-3718-1] Linux kernel regression
==========================================================================
Ubuntu Security Notice USN-3718-1
July 21, 2018
linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
A regression that caused boot failures was fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oem: Linux kernel for OEM processors
Details:
USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04
LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression
where insufficient early entropy prevented services from starting,
leading in some situations to a failure to boot, This update addresses
the issue.
We apologize for the inconvenience.
Original advisory details:
Jann Horn discovered that the Linux kernel's implementation of random
seed data reported that it was in a ready state before it had gathered
sufficient entropy. An attacker could use this to expose sensitive
information. (CVE-2018-1108)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly initialize the crc32c checksum driver. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-1094)
It was discovered that the cdrom driver in the Linux kernel contained an
incorrect bounds check. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-10940)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly validate xattr sizes. A local attacker could use
this to cause a denial of service (system crash). (CVE-2018-1095)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
linux-image-4.15.0-1014-gcp 4.15.0-1014.14
linux-image-4.15.0-1016-aws 4.15.0-1016.16
linux-image-4.15.0-1016-kvm 4.15.0-1016.16
linux-image-4.15.0-1018-azure 4.15.0-1018.18
linux-image-4.15.0-29-generic 4.15.0-29.31
linux-image-4.15.0-29-generic-lpae 4.15.0-29.31
linux-image-4.15.0-29-lowlatency 4.15.0-29.31
linux-image-4.15.0-29-snapdragon 4.15.0-29.31
linux-image-aws 4.15.0.1016.16
linux-image-azure 4.15.0.1018.18
linux-image-gcp 4.15.0.1014.16
linux-image-generic 4.15.0.29.31
linux-image-generic-lpae 4.15.0.29.31
linux-image-gke 4.15.0.1014.16
linux-image-kvm 4.15.0.1016.16
linux-image-lowlatency 4.15.0.29.31
linux-image-oem 4.15.0.1012.14
linux-image-snapdragon 4.15.0.29.31
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3718-1
https://launchpad.net/bugs/1779827, https://usn.ubuntu.com/usn/usn-3695-1
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.15.0-29.31
https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1016.16
https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1018.18
https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1014.14
https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1016.16
https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1012.15
Ubuntu Security Notice USN-3718-1
July 21, 2018
linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
A regression that caused boot failures was fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
- linux-aws: Linux kernel for Amazon Web Services (AWS) systems
- linux-azure: Linux kernel for Microsoft Azure Cloud systems
- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems
- linux-kvm: Linux kernel for cloud environments
- linux-oem: Linux kernel for OEM processors
Details:
USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04
LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression
where insufficient early entropy prevented services from starting,
leading in some situations to a failure to boot, This update addresses
the issue.
We apologize for the inconvenience.
Original advisory details:
Jann Horn discovered that the Linux kernel's implementation of random
seed data reported that it was in a ready state before it had gathered
sufficient entropy. An attacker could use this to expose sensitive
information. (CVE-2018-1108)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly initialize the crc32c checksum driver. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2018-1094)
It was discovered that the cdrom driver in the Linux kernel contained an
incorrect bounds check. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-10940)
Wen Xu discovered that the ext4 file system implementation in the Linux
kernel did not properly validate xattr sizes. A local attacker could use
this to cause a denial of service (system crash). (CVE-2018-1095)
Jann Horn discovered that the 32 bit adjtimex() syscall implementation for
64 bit Linux kernels did not properly initialize memory returned to user
space in some situations. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-11508)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
linux-image-4.15.0-1014-gcp 4.15.0-1014.14
linux-image-4.15.0-1016-aws 4.15.0-1016.16
linux-image-4.15.0-1016-kvm 4.15.0-1016.16
linux-image-4.15.0-1018-azure 4.15.0-1018.18
linux-image-4.15.0-29-generic 4.15.0-29.31
linux-image-4.15.0-29-generic-lpae 4.15.0-29.31
linux-image-4.15.0-29-lowlatency 4.15.0-29.31
linux-image-4.15.0-29-snapdragon 4.15.0-29.31
linux-image-aws 4.15.0.1016.16
linux-image-azure 4.15.0.1018.18
linux-image-gcp 4.15.0.1014.16
linux-image-generic 4.15.0.29.31
linux-image-generic-lpae 4.15.0.29.31
linux-image-gke 4.15.0.1014.16
linux-image-kvm 4.15.0.1016.16
linux-image-lowlatency 4.15.0.29.31
linux-image-oem 4.15.0.1012.14
linux-image-snapdragon 4.15.0.29.31
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/usn/usn-3718-1
https://launchpad.net/bugs/1779827, https://usn.ubuntu.com/usn/usn-3695-1
Package Information:
https://launchpad.net/ubuntu/+source/linux/4.15.0-29.31
https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1016.16
https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1018.18
https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1014.14
https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1016.16
https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1012.15
Possible Distribution Servers Downtime - July 20 2018 to July 22 2018
Hello,
The Scientific Linux distribution servers may be unavailable from Today July 20 2018 15:00 CDT (Chicago) until July 22 2018 16:00 CDT(Chicago).
Downloads, yum operations, and mirror syncs may fail against the following hosts:
* rsync.scientificlinux.org
* ftp.scientificlinux.org
* ftp1.scientificlinux.org
* ftp2.scientificlinux.org
Additionally www.scientificlinux.org is expected to be unavailable during this entire interval.
For your local time you can run:
date -d '2018-07-20 15:00 CDT'
date -d '2018-07-22 16:00 CDT'
Thank you for your patience while we perform this maintenance.
SL Team
The Scientific Linux distribution servers may be unavailable from Today July 20 2018 15:00 CDT (Chicago) until July 22 2018 16:00 CDT(Chicago).
Downloads, yum operations, and mirror syncs may fail against the following hosts:
* rsync.scientificlinux.org
* ftp.scientificlinux.org
* ftp1.scientificlinux.org
* ftp2.scientificlinux.org
Additionally www.scientificlinux.org is expected to be unavailable during this entire interval.
For your local time you can run:
date -d '2018-07-20 15:00 CDT'
date -d '2018-07-22 16:00 CDT'
Thank you for your patience while we perform this maintenance.
SL Team
-- Pat Riehecky Fermi National Accelerator Laboratory www.fnal.gov www.scientificlinux.org
Thursday, July 19, 2018
Ubuntu 17.10 (Artful Aardvark) End of Life reached on July 19 2018
This is a follow-up to the End of Life warning sent earlier this month
to confirm that as of today (July 19, 2018), Ubuntu 17.10 is no longer
supported. No more package updates will be accepted to 17.10, and
it will be archived to old-releases.ubuntu.com in the coming weeks.
to confirm that as of today (July 19, 2018), Ubuntu 17.10 is no longer
supported. No more package updates will be accepted to 17.10, and
it will be archived to old-releases.ubuntu.com in the coming weeks.
The original End of Life warning follows, with upgrade instructions:
Ubuntu announced its 17.10 (Artful Aardvark) release almost 9 months
ago, on October 19, 2017. As a non-LTS release, 17.10 has a 9-month
support cycle and, as such, the support period is now nearing its
end and Ubuntu 17.10 will reach end of life on Thursday, July 19th.
At that time, Ubuntu Security Notices will no longer include
information or updated packages for Ubuntu 17.10.
The supported upgrade path from Ubuntu 17.10 is via Ubuntu 18.04.
Instructions and caveats for the upgrade may be found at:
https://help.ubuntu.com/community/BionicUpgrades
Ubuntu 18.04 continues to be actively supported with security updates
and select high-impact bug fixes. Announcements of security updates
for Ubuntu releases are sent to the ubuntu-security-announce mailing
list, information about which may be found at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Since its launch in October 2004 Ubuntu has become one of the most
highly regarded Linux distributions with millions of users in homes,
schools, businesses and governments around the world. Ubuntu is Open
Source software, costs nothing to download, and users are free to
customise or alter their software in order to meet their needs.
On behalf of the Ubuntu Release Team,
Adam Conrad
--
ubuntu-announce mailing list
ubuntu-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce
Subscribe to:
Posts (Atom)