-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQyVLvAAoJEAUvNnAY1cPY4wUP/2kGRyoQVuZddrDE5uwuGXmQ
On9gBYJkd2ygbLCVhGNpgukbsRXVFFyhwHlHKwoN/sa00c8raEYG9c53eY+0X7lb
tVRqxbwt+/37bs4sUSXDA23jZ3rA+p7tBLFGiPRwCeBK6gbQVUOLMj5HpJJ2Nnb4
gDxDLYxqDmHSIZofZuxHdeTECYwSgjC8++onASEfy6daK6UksGQMnxouFBnrJcfM
e6Q26Y8REiecOxyNIfOw2kMu8RK85OsT5Zv/e9KBMpPB3eDZfg1+MMi8W85PRbQo
zAqBx/bHJN5v08U3hCUMegnFZLMsTAp78LU2uuyT7dtur9cWrsu3ZqIZLLRevUZY
TZvcjyp04uJaDBWowbf7i9bM9435jq8YxdYZ+FjW6trrXHysfKnPgROszOzYgCC6
St7AINkyO34CSVY3erqHtKhz0zw4RNI+BgOVxwbLzJO9kBArvMO+sqi8Hb42cMwd
AT0t7a7M8Vty+3dFf70WRXh8DPvnGqduR+nU9gBdASns+eZeDfWb99Hu6110lWmk
DfCACt6wTXJ8EYLexeI0MdICxq5JW7NBBG0bbaNgSIAZLH1lO9QOeOwg1YuRDeRB
eTRv7NbuIr/vhfhKZ7xVXS93zq+kJt3RQkG9JQXtixPknN+UrOomz8mMOn53wcQy
8T2lTH9i49m3eJuWCuZz
=ldNI
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1664-1
December 13, 2012
linux-ec2 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.04 LTS
Summary:
The system's firewall could be bypassed by a remote attacker.
Software Description:
- linux-ec2: Linux kernel for EC2
Details:
Zhang Zuotao discovered a bug in the Linux kernel's handling of overlapping
fragments in ipv6. A remote attacker could exploit this flaw to bypass
firewalls and initial new network connections that should have been blocked
by the firewall.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 10.04 LTS:
linux-image-2.6.32-350-ec2 2.6.32-350.58
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1664-1
CVE-2012-4444
Package Information:
https://launchpad.net/ubuntu/+source/linux-ec2/2.6.32-350.58
Wednesday, December 12, 2012
[USN-1663-1] Nova vulnerability
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQyRAGAAoJEFHb3FjMVZVzaksQAIRggczughjL2O4kCYNdLIP5
N6PwyxcQ2IGFdM1IXbZqtH0i3aEoh6WJiqvLfcflEhyyC1xx91WaDGzRQJT3moT4
1QdZC5HhdowbzTYn0ulqKavNaIEzCumTCz1IoBFbz0bunaeKQEYM7q21FqKM1xYj
wKs+nGVU5/DRWJSNWBHHwoWLrW7HnNAp+ocPpyrsLtlV0FIGG1Ho62IX0CEGAN3p
3KGZ1vHMkx5/Nr8bnK8IHsZdAn/hJkGHk4VBV39h4QAf3Eh9G63QoHPmki+Iwo5B
D+ROjqwV9C6NDUwEO/N0CNIFXyonlD3gHbtrwdZZe7yU+cmUN165nqNirBxki+f+
8mqB0tcEkqHhg6GfkelMOJ+9GgSnZixputjD44C+AcJxMu4z4Sr/Sq/DqSOVGGZK
LN19/+7yShhu+pSbvPW/15elAgFlu+S3Mj9XzWN0bn8Fe2FGYNImDbtt7hqVfN4i
s9F/1pOTciyAn5iqBFzH8DonXgFzSQnsfkiYCRqWTxCe2bKMkUbknHamjS4v3LNI
+Rkp2HZVdfJfsab+sePqGekdHTBOLszQjtOAku8PyItyyA7l/zlLd0A08i6Lasv+
RLxcMftuIpkCLNvEoUADCgwFhsSKVCwFAMSgLx83eeCYUvIVpDZOlB+AC8Jn5mXQ
K0YLpvcgn7+wyVlC3Yu2
=WmhT
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1663-1
December 12, 2012
nova vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
Summary:
Nova could be made to expose sensitive information.
Software Description:
- nova: OpenStack Compute cloud infrastructure
Details:
Eric Windisch discovered that Nova did not properly clear LVM-backed images
before they were reallocated which could potentially lead to an information
leak. This issue only affected setups using libvirt LVM-backed instances.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
python-nova 2012.2-0ubuntu5.2
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1663-1
CVE-2012-5625
Package Information:
https://launchpad.net/ubuntu/+source/nova/2012.2-0ubuntu5.2
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQyRAGAAoJEFHb3FjMVZVzaksQAIRggczughjL2O4kCYNdLIP5
N6PwyxcQ2IGFdM1IXbZqtH0i3aEoh6WJiqvLfcflEhyyC1xx91WaDGzRQJT3moT4
1QdZC5HhdowbzTYn0ulqKavNaIEzCumTCz1IoBFbz0bunaeKQEYM7q21FqKM1xYj
wKs+nGVU5/DRWJSNWBHHwoWLrW7HnNAp+ocPpyrsLtlV0FIGG1Ho62IX0CEGAN3p
3KGZ1vHMkx5/Nr8bnK8IHsZdAn/hJkGHk4VBV39h4QAf3Eh9G63QoHPmki+Iwo5B
D+ROjqwV9C6NDUwEO/N0CNIFXyonlD3gHbtrwdZZe7yU+cmUN165nqNirBxki+f+
8mqB0tcEkqHhg6GfkelMOJ+9GgSnZixputjD44C+AcJxMu4z4Sr/Sq/DqSOVGGZK
LN19/+7yShhu+pSbvPW/15elAgFlu+S3Mj9XzWN0bn8Fe2FGYNImDbtt7hqVfN4i
s9F/1pOTciyAn5iqBFzH8DonXgFzSQnsfkiYCRqWTxCe2bKMkUbknHamjS4v3LNI
+Rkp2HZVdfJfsab+sePqGekdHTBOLszQjtOAku8PyItyyA7l/zlLd0A08i6Lasv+
RLxcMftuIpkCLNvEoUADCgwFhsSKVCwFAMSgLx83eeCYUvIVpDZOlB+AC8Jn5mXQ
K0YLpvcgn7+wyVlC3Yu2
=WmhT
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1663-1
December 12, 2012
nova vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
Summary:
Nova could be made to expose sensitive information.
Software Description:
- nova: OpenStack Compute cloud infrastructure
Details:
Eric Windisch discovered that Nova did not properly clear LVM-backed images
before they were reallocated which could potentially lead to an information
leak. This issue only affected setups using libvirt LVM-backed instances.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
python-nova 2012.2-0ubuntu5.2
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1663-1
CVE-2012-5625
Package Information:
https://launchpad.net/ubuntu/+source/nova/2012.2-0ubuntu5.2
[CentOS-announce] CEBA-2012:1570 CentOS 6 java-1.7.0-openjdk Update
CentOS Errata and Bugfix Advisory 2012:1570
Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-1570.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
e72c059bdd0e7a5fb9bda9be463b29973c2d9c9fc7324a9f0ad943de192b184a java-1.7.0-openjdk-1.7.0.9-2.3.3.2.el6_3.i686.rpm
d37af1896d75b3d9cc9391397d709095817479c371ecd129b42521494661c2c1 java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.2.el6_3.i686.rpm
d2070be80196bdcdf5c370971651257f9a65c7a7e83bd0d43a75c050bea8ce86 java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.2.el6_3.i686.rpm
16bbe92b89ba2b16b9f31c8d719cb38b3b2f7bafbff9e469824b38344721bab7 java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.2.el6_3.noarch.rpm
d68f5bb2e753fb8046ebf685cf7c0cb6193086075ff48645f632bf39a9cc0ce0 java-1.7.0-openjdk-src-1.7.0.9-2.3.3.2.el6_3.i686.rpm
x86_64:
41cfa81d72b2e75083cb9a317582426a0285999ddcd9954f6932123e90d9d673 java-1.7.0-openjdk-1.7.0.9-2.3.3.2.el6_3.x86_64.rpm
c419432048ffa6a006d87b2ccce35d3be7db2b9041a57ca461cc5c5198c2dfd2 java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.2.el6_3.x86_64.rpm
5df0cf02ae35f20d75df37b34f43014cd6337330c172ec8406ac53ea49a7ff7e java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.2.el6_3.x86_64.rpm
16bbe92b89ba2b16b9f31c8d719cb38b3b2f7bafbff9e469824b38344721bab7 java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.2.el6_3.noarch.rpm
d0e338ae64791f1a577d6be6689949b8bf17c99a0b573ba379383f6d45c94597 java-1.7.0-openjdk-src-1.7.0.9-2.3.3.2.el6_3.x86_64.rpm
Source:
9fbee879021b2d353ec377e82b4bce1d6cc3efb3eeefb28f54750c292fde8e7a java-1.7.0-openjdk-1.7.0.9-2.3.3.2.el6_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-1570.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
e72c059bdd0e7a5fb9bda9be463b29973c2d9c9fc7324a9f0ad943de192b184a java-1.7.0-openjdk-1.7.0.9-2.3.3.2.el6_3.i686.rpm
d37af1896d75b3d9cc9391397d709095817479c371ecd129b42521494661c2c1 java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.2.el6_3.i686.rpm
d2070be80196bdcdf5c370971651257f9a65c7a7e83bd0d43a75c050bea8ce86 java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.2.el6_3.i686.rpm
16bbe92b89ba2b16b9f31c8d719cb38b3b2f7bafbff9e469824b38344721bab7 java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.2.el6_3.noarch.rpm
d68f5bb2e753fb8046ebf685cf7c0cb6193086075ff48645f632bf39a9cc0ce0 java-1.7.0-openjdk-src-1.7.0.9-2.3.3.2.el6_3.i686.rpm
x86_64:
41cfa81d72b2e75083cb9a317582426a0285999ddcd9954f6932123e90d9d673 java-1.7.0-openjdk-1.7.0.9-2.3.3.2.el6_3.x86_64.rpm
c419432048ffa6a006d87b2ccce35d3be7db2b9041a57ca461cc5c5198c2dfd2 java-1.7.0-openjdk-demo-1.7.0.9-2.3.3.2.el6_3.x86_64.rpm
5df0cf02ae35f20d75df37b34f43014cd6337330c172ec8406ac53ea49a7ff7e java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.2.el6_3.x86_64.rpm
16bbe92b89ba2b16b9f31c8d719cb38b3b2f7bafbff9e469824b38344721bab7 java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.2.el6_3.noarch.rpm
d0e338ae64791f1a577d6be6689949b8bf17c99a0b573ba379383f6d45c94597 java-1.7.0-openjdk-src-1.7.0.9-2.3.3.2.el6_3.x86_64.rpm
Source:
9fbee879021b2d353ec377e82b4bce1d6cc3efb3eeefb28f54750c292fde8e7a java-1.7.0-openjdk-1.7.0.9-2.3.3.2.el6_3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[USN-1662-1] APT vulnerability
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQyN4sAAoJEGVp2FWnRL6TppwP/3/AaUAhiFch7JU6W7cCOh3T
12RzGEwQzXx9RGuPba7bNAB6w6esp3YhMdKW1B+FCEMmQVDkrnz12F8fl8ceLJSq
EGnUjHpGNDrsOW10uMeKlSMdd0Ls3HiHlwBX9o5fFh1wf5Akt73kbTgR5f3Lw71G
pf9KFnDmpAFxmwGkZLA+w9PdhWgJ/s2Lyvias9AJZBuTUJAcbtJ20BAJbsErv3f0
+jMM10E+veBZ316X+1WaD78o0bNAV9BTPDj4hmFU3UEf1yFBc3UqDnZUVzu8hUKT
v6Pp0AdP9H7v2HTcxJWQQYS3RdsPAeeTERjGggSLhmCjWJvgyIr5oFr3J3covisQ
/6FAbg7ufxBUQiyYxJaaDEmqDvPP+nTOi/7LL5Fp5L0IDCN8L+B5h7d/F59JweKi
ZY28jBPxRtfns1LLyWTLFQJoGUVwiV5fuciRuBNesNQJApMhzc+nJUQE5vAgnWDP
lZUw+N32D1LxVtMFozsj5XtNI/WdUBKnvqUm6pl56D9gTgiqey28S+FivkXOTobe
zn6UT3A9a8A/mR00yOCjyPSWs/jSHVtik/K/cqn0d2Rb0ct7Z2rraRJl96oRVqXz
gg114kEIac9aIOIUtcmgGfH3BSKfHE9A89DpuKHKPzyM3g4KSjSfQbioiTBn9gq7
3o1fGhkdiC9PVTNCjf1T
=XqUM
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1662-1
December 12, 2012
apt vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
Summary:
APT could expose sensitive information.
Software Description:
- apt: Advanced front-end for dpkg
Details:
It was discovered that APT set inappropriate permissions on the term.log
file. A local attacker could use this flaw to possibly obtain sensitive
information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
apt 0.9.7.5ubuntu5.2
Ubuntu 12.04 LTS:
apt 0.8.16~exp12ubuntu10.7
Ubuntu 11.10:
apt 0.8.16~exp5ubuntu13.6
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1662-1
CVE-2012-0961
Package Information:
https://launchpad.net/ubuntu/+source/apt/0.9.7.5ubuntu5.2
https://launchpad.net/ubuntu/+source/apt/0.8.16~exp12ubuntu10.7
https://launchpad.net/ubuntu/+source/apt/0.8.16~exp5ubuntu13.6
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQyN4sAAoJEGVp2FWnRL6TppwP/3/AaUAhiFch7JU6W7cCOh3T
12RzGEwQzXx9RGuPba7bNAB6w6esp3YhMdKW1B+FCEMmQVDkrnz12F8fl8ceLJSq
EGnUjHpGNDrsOW10uMeKlSMdd0Ls3HiHlwBX9o5fFh1wf5Akt73kbTgR5f3Lw71G
pf9KFnDmpAFxmwGkZLA+w9PdhWgJ/s2Lyvias9AJZBuTUJAcbtJ20BAJbsErv3f0
+jMM10E+veBZ316X+1WaD78o0bNAV9BTPDj4hmFU3UEf1yFBc3UqDnZUVzu8hUKT
v6Pp0AdP9H7v2HTcxJWQQYS3RdsPAeeTERjGggSLhmCjWJvgyIr5oFr3J3covisQ
/6FAbg7ufxBUQiyYxJaaDEmqDvPP+nTOi/7LL5Fp5L0IDCN8L+B5h7d/F59JweKi
ZY28jBPxRtfns1LLyWTLFQJoGUVwiV5fuciRuBNesNQJApMhzc+nJUQE5vAgnWDP
lZUw+N32D1LxVtMFozsj5XtNI/WdUBKnvqUm6pl56D9gTgiqey28S+FivkXOTobe
zn6UT3A9a8A/mR00yOCjyPSWs/jSHVtik/K/cqn0d2Rb0ct7Z2rraRJl96oRVqXz
gg114kEIac9aIOIUtcmgGfH3BSKfHE9A89DpuKHKPzyM3g4KSjSfQbioiTBn9gq7
3o1fGhkdiC9PVTNCjf1T
=XqUM
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1662-1
December 12, 2012
apt vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
Summary:
APT could expose sensitive information.
Software Description:
- apt: Advanced front-end for dpkg
Details:
It was discovered that APT set inappropriate permissions on the term.log
file. A local attacker could use this flaw to possibly obtain sensitive
information.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
apt 0.9.7.5ubuntu5.2
Ubuntu 12.04 LTS:
apt 0.8.16~exp12ubuntu10.7
Ubuntu 11.10:
apt 0.8.16~exp5ubuntu13.6
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1662-1
CVE-2012-0961
Package Information:
https://launchpad.net/ubuntu/+source/apt/0.9.7.5ubuntu5.2
https://launchpad.net/ubuntu/+source/apt/0.8.16~exp12ubuntu10.7
https://launchpad.net/ubuntu/+source/apt/0.8.16~exp5ubuntu13.6
Tuesday, December 11, 2012
Fedora 18 Final change Freeze
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
iQIcBAEBAgAGBQJQx1pwAAoJEEs3sNgP+7te0LwP/2nz0Rk3Xq6YqAH+sAT2ZVWy
/MHqMsWxuNjh/c+CxQ6iv1w/MfoOg2GuHa1wWuCedWPwN4mifHpVJ8v+2XyKrzdC
dbm/gdnjhLwSDnGz6aGj73/pHsDFpS1oXDITZ4cYZusz+dQW0nihxEDhm1eVxrRT
NEO/bfWP5kVrir2yFfHh4lm3oMQ1P7ok09ldaaKnms45a2iyh2AJfiqmMU/uaTC7
b7vU+NPZCVPwOXTK7iZ/hrtmpT1BOrPxExbHdnc6oqAaICbqbdkGcN08rqnOUALc
zUTaOD1iSPmPIYwAZZVcvJLwQOAW0iq7fzwUYtzHbY0Kme6pWBINFUnlf6i+XcGo
pgTtDOrDrs/CqJZDivfblERjEVJVMtxddkbDlrzpMMxMUVBQV84NJ7I9jj7wHhHY
FBNpDYezqYeNAhxHhLewAjTG3fOlPkNyBdvfVeRL4PM+Uj2TJer81dd0yFoKLzSD
gPeDYVzOZRUud2OeoAO+imJ3XDkGgBA4K8pxMDCm+g/Vl0Jag9M667cBh4LQoa9s
jXyAF0WoLwP2/GsIs+syWXFjmCaNuOf4uvlmEPiOolnjoCfbLKHxYpd1meMglidR
OTQNUMLl++/FPIy3AGBF254jlVinQKGPK1umMAPUkB+aaGCJokByJpn/w8ElH5MX
nGI7sIkKQ1RosQSocKX3
=AIjS
-----END PGP SIGNATURE-----
Greetings.
Fedora 18 is entering final change freeze. There will be one more push
to stable at 23:59:59 UTC tonight that will appear in tomorrow's
branched compose.
Newly Submitted updates will land in updates-testing after being
pushed. Only updates that fix accepted blocker and accepted NTH bugs
for the Final release will be pushed into the base repo when stable.
Once Final release is certified gold, any updates waiting for stable
status will be pushed to the stable updates repository, and become 0
day updates for the release.
We are in the Pre release section of the release, so the Pre release
to final updates policy applies:
http://fedoraproject.org/wiki/Updates_Policy#Pre_release
Please see:
http://fedoraproject.org/wiki/Branch_Freeze_Policy
http://fedoraproject.org/wiki/Change_deadlines
http://fedoraproject.org/wiki/QA:SOP_blocker_bug_process
http://fedoraproject.org/wiki/QA:SOP_nth_bug_process
For more details.
kevin
Version: GnuPG v2.0.19 (GNU/Linux)
iQIcBAEBAgAGBQJQx1pwAAoJEEs3sNgP+7te0LwP/2nz0Rk3Xq6YqAH+sAT2ZVWy
/MHqMsWxuNjh/c+CxQ6iv1w/MfoOg2GuHa1wWuCedWPwN4mifHpVJ8v+2XyKrzdC
dbm/gdnjhLwSDnGz6aGj73/pHsDFpS1oXDITZ4cYZusz+dQW0nihxEDhm1eVxrRT
NEO/bfWP5kVrir2yFfHh4lm3oMQ1P7ok09ldaaKnms45a2iyh2AJfiqmMU/uaTC7
b7vU+NPZCVPwOXTK7iZ/hrtmpT1BOrPxExbHdnc6oqAaICbqbdkGcN08rqnOUALc
zUTaOD1iSPmPIYwAZZVcvJLwQOAW0iq7fzwUYtzHbY0Kme6pWBINFUnlf6i+XcGo
pgTtDOrDrs/CqJZDivfblERjEVJVMtxddkbDlrzpMMxMUVBQV84NJ7I9jj7wHhHY
FBNpDYezqYeNAhxHhLewAjTG3fOlPkNyBdvfVeRL4PM+Uj2TJer81dd0yFoKLzSD
gPeDYVzOZRUud2OeoAO+imJ3XDkGgBA4K8pxMDCm+g/Vl0Jag9M667cBh4LQoa9s
jXyAF0WoLwP2/GsIs+syWXFjmCaNuOf4uvlmEPiOolnjoCfbLKHxYpd1meMglidR
OTQNUMLl++/FPIy3AGBF254jlVinQKGPK1umMAPUkB+aaGCJokByJpn/w8ElH5MX
nGI7sIkKQ1RosQSocKX3
=AIjS
-----END PGP SIGNATURE-----
Greetings.
Fedora 18 is entering final change freeze. There will be one more push
to stable at 23:59:59 UTC tonight that will appear in tomorrow's
branched compose.
Newly Submitted updates will land in updates-testing after being
pushed. Only updates that fix accepted blocker and accepted NTH bugs
for the Final release will be pushed into the base repo when stable.
Once Final release is certified gold, any updates waiting for stable
status will be pushed to the stable updates repository, and become 0
day updates for the release.
We are in the Pre release section of the release, so the Pre release
to final updates policy applies:
http://fedoraproject.org/wiki/Updates_Policy#Pre_release
Please see:
http://fedoraproject.org/wiki/Branch_Freeze_Policy
http://fedoraproject.org/wiki/Change_deadlines
http://fedoraproject.org/wiki/QA:SOP_blocker_bug_process
http://fedoraproject.org/wiki/QA:SOP_nth_bug_process
For more details.
kevin
[announce] NYC*BUG Party Tonight & BSDCan 2013
User Group-Wide Holiday Party Tonight, House of Brews
http://www.nycbug.org/?action=home&id=10331
Another Holiday Party,
NYC*BUG has joined with LispNYC, NY Haskell, the New York Linux User
Group (NYLUG), PuppetNYC and LOPSA-NY to hold a holiday party on
Tuesday, December 11, 2012 from 7:00 PM until it's over.
It will be at the House of Brews (http://www.houseofbrewsny.com/) at 302
W 51st street in the upstairs room.
There will be complementary beer, wine and hors d'oeuvres for a least a
few hours.
See the NYCBUG.org page for RSVP sites, which may be required for entry.
***
BSDCan 2013 will be held 17-18 May, 2013 in Ottawa at the University of
Ottawa. It will be preceded by two days of tutorials on 15-16 May.
NOTE: This will be Fri/Sat with tutorials on Wed/Thu.
We are now accepting proposals for talks.
The talks should be designed with a very strong technical content bias.
Proposals of a business development or marketing nature are not
appropriate for this venue.
More information at BSDCan.org
_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce
http://www.nycbug.org/?action=home&id=10331
Another Holiday Party,
NYC*BUG has joined with LispNYC, NY Haskell, the New York Linux User
Group (NYLUG), PuppetNYC and LOPSA-NY to hold a holiday party on
Tuesday, December 11, 2012 from 7:00 PM until it's over.
It will be at the House of Brews (http://www.houseofbrewsny.com/) at 302
W 51st street in the upstairs room.
There will be complementary beer, wine and hors d'oeuvres for a least a
few hours.
See the NYCBUG.org page for RSVP sites, which may be required for entry.
***
BSDCan 2013 will be held 17-18 May, 2013 in Ottawa at the University of
Ottawa. It will be preceded by two days of tutorials on 15-16 May.
NOTE: This will be Fri/Sat with tutorials on Wed/Thu.
We are now accepting proposals for talks.
The talks should be designed with a very strong technical content bias.
Proposals of a business development or marketing nature are not
appropriate for this venue.
More information at BSDCan.org
_______________________________________________
announce mailing list
announce@lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/announce
Monday, December 10, 2012
[USN-1661-1] Linux kernel vulnerability
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQxruhAAoJEAUvNnAY1cPYjzsQAJwjLe/8V5bs9coBLKZ8Qx7o
1/sIAEMBfV37vy2BD2FAyUJf8qRkQNj/f+OLcAOnt7omn/ggTW6cJQto+EmqSTxf
ETFemPemSkNuFhQ16pAB/OWS47g7InBzfJ9qWhgVM5dbigbw4KEjN2eBDeqYEVmB
xYKYCtMrnZzqONKVd1Z32mr82wa/BnfnVYG6bHhRl9MEN7xc9/0rZ6ET5JZ4wj+T
EUQkTDh/k1WvPe1ys7PXYgasKtenvwyfD9V8oyyc020kk9r2uj70egwLq5b3bxov
tiZgwlBQAoS5MqLnN20iog8YNboiCgN6sIUe8yb7Iowqin/yY3xQxm9hEnWDLB8K
hO0YCA5I86vxX38dh2pQvWiqiT7YHzK0dqkzJwwYtPOLEsozp9C+DfaV/QLB4OA0
KG2iCFHThp9tnkEkdz2/IbwZeqQRpohJNTbYvIuFzKsc6EU/eZyQP9I3pQE0Q4xZ
T8v3mgHcTtUt3qz0Jf7HrucS1Onzb6apdZtd+mhH5mApOj8aBM2dlnttbQGYhh3w
koU1jag6N8HtoqfgdAMR9BrbJ26ijKbdhzJKigMahqh2TbQjLUwWY3P9hf3q7KS4
gi+TP300dcp7T+swI1gZyv5uAjgkmfoZ67bN31mx/ZIziXhJascJBk5iQNL/rd6R
u4QgdBEqo9cZJxlou1dQ
=4GCs
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1661-1
December 11, 2012
linux vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.04 LTS
Summary:
The system's firewall could be bypassed by a remote attacker.
Software Description:
- linux: Linux kernel
Details:
Zhang Zuotao discovered a bug in the Linux kernel's handling of overlapping
fragments in ipv6. A remote attacker could exploit this flaw to bypass
firewalls and initial new network connections that should have been blocked
by the firewall.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 10.04 LTS:
linux-image-2.6.32-45-386 2.6.32-45.101
linux-image-2.6.32-45-generic 2.6.32-45.101
linux-image-2.6.32-45-generic-pae 2.6.32-45.101
linux-image-2.6.32-45-ia64 2.6.32-45.101
linux-image-2.6.32-45-lpia 2.6.32-45.101
linux-image-2.6.32-45-powerpc 2.6.32-45.101
linux-image-2.6.32-45-powerpc-smp 2.6.32-45.101
linux-image-2.6.32-45-powerpc64-smp 2.6.32-45.101
linux-image-2.6.32-45-preempt 2.6.32-45.101
linux-image-2.6.32-45-server 2.6.32-45.101
linux-image-2.6.32-45-sparc64 2.6.32-45.101
linux-image-2.6.32-45-sparc64-smp 2.6.32-45.101
linux-image-2.6.32-45-versatile 2.6.32-45.101
linux-image-2.6.32-45-virtual 2.6.32-45.101
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1661-1
CVE-2012-4444
Package Information:
https://launchpad.net/ubuntu/+source/linux/2.6.32-45.101
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQxruhAAoJEAUvNnAY1cPYjzsQAJwjLe/8V5bs9coBLKZ8Qx7o
1/sIAEMBfV37vy2BD2FAyUJf8qRkQNj/f+OLcAOnt7omn/ggTW6cJQto+EmqSTxf
ETFemPemSkNuFhQ16pAB/OWS47g7InBzfJ9qWhgVM5dbigbw4KEjN2eBDeqYEVmB
xYKYCtMrnZzqONKVd1Z32mr82wa/BnfnVYG6bHhRl9MEN7xc9/0rZ6ET5JZ4wj+T
EUQkTDh/k1WvPe1ys7PXYgasKtenvwyfD9V8oyyc020kk9r2uj70egwLq5b3bxov
tiZgwlBQAoS5MqLnN20iog8YNboiCgN6sIUe8yb7Iowqin/yY3xQxm9hEnWDLB8K
hO0YCA5I86vxX38dh2pQvWiqiT7YHzK0dqkzJwwYtPOLEsozp9C+DfaV/QLB4OA0
KG2iCFHThp9tnkEkdz2/IbwZeqQRpohJNTbYvIuFzKsc6EU/eZyQP9I3pQE0Q4xZ
T8v3mgHcTtUt3qz0Jf7HrucS1Onzb6apdZtd+mhH5mApOj8aBM2dlnttbQGYhh3w
koU1jag6N8HtoqfgdAMR9BrbJ26ijKbdhzJKigMahqh2TbQjLUwWY3P9hf3q7KS4
gi+TP300dcp7T+swI1gZyv5uAjgkmfoZ67bN31mx/ZIziXhJascJBk5iQNL/rd6R
u4QgdBEqo9cZJxlou1dQ
=4GCs
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1661-1
December 11, 2012
linux vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.04 LTS
Summary:
The system's firewall could be bypassed by a remote attacker.
Software Description:
- linux: Linux kernel
Details:
Zhang Zuotao discovered a bug in the Linux kernel's handling of overlapping
fragments in ipv6. A remote attacker could exploit this flaw to bypass
firewalls and initial new network connections that should have been blocked
by the firewall.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 10.04 LTS:
linux-image-2.6.32-45-386 2.6.32-45.101
linux-image-2.6.32-45-generic 2.6.32-45.101
linux-image-2.6.32-45-generic-pae 2.6.32-45.101
linux-image-2.6.32-45-ia64 2.6.32-45.101
linux-image-2.6.32-45-lpia 2.6.32-45.101
linux-image-2.6.32-45-powerpc 2.6.32-45.101
linux-image-2.6.32-45-powerpc-smp 2.6.32-45.101
linux-image-2.6.32-45-powerpc64-smp 2.6.32-45.101
linux-image-2.6.32-45-preempt 2.6.32-45.101
linux-image-2.6.32-45-server 2.6.32-45.101
linux-image-2.6.32-45-sparc64 2.6.32-45.101
linux-image-2.6.32-45-sparc64-smp 2.6.32-45.101
linux-image-2.6.32-45-versatile 2.6.32-45.101
linux-image-2.6.32-45-virtual 2.6.32-45.101
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1661-1
CVE-2012-4444
Package Information:
https://launchpad.net/ubuntu/+source/linux/2.6.32-45.101
[USN-1660-1] Linux kernel vulnerability
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQxrn4AAoJEAUvNnAY1cPYRdQQAMA6OY70BuIkMQtC2Vxik28e
9rgrhAI43xac+C5QF88IX3wxWHbP/goBkUsYK7eAaAk3OFqAe/QrZswC9NZ1kEbL
x5fNeHFo4j6tfPIMaGkvZUSskZUBGuJexhq8IZsfxPYRwqqaP+REkNtyvkZSkVho
YLK/+nDcKcE9TiWd1i+b4LcO9zJdgSAxyz/36AYUZaU7w9/HVDHaXn3IssvFj8NF
HdIwrQE77h/FW0Lqd+NjIT2jqLUkfSwx1saoX9LHhyUqDW84c9uYLk9x90yJKmaN
m9rGq2z5ani5UBNAdF2X4Oxjmx2px8IzPfJtkVUle0CDuh2YUOXIR6XafmaCK/FM
dC4IIRhJzPusGP0QrOSOPfpnYRgKlrCJ3T9UxvkD8KEDQbdMoabFEDOjxMkNki93
bRSB1sH744g3q6Ntdek6FqQN6yoKOUdm06fATFhDU1hQwEWt7RHLG//Z5icL1EyY
Qpypmhz/wUZlqIJOq+/kdt6YW9CtaC47wMAIybCoS5XSHmScrY9l/a63b/u5Nj41
qBo1hRkvYXuMasgralrYH7S5JLamzl202RYs3rJnNUXbuAOxGJxEmc+8vod1L8+P
vkgndNBi5owBCbncV/jhhbOHUD0w5xM5eFpn5jIVZjyZazVstMmNTN662jF2o58P
fF7kHpM5XTNsKLpfeIE0
=M5/q
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1660-1
December 11, 2012
linux vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 8.04 LTS
Summary:
The system's firewall could be bypassed by a remote attacker.
Software Description:
- linux: Linux kernel
Details:
Zhang Zuotao discovered a bug in the Linux kernel's handling of overlapping
fragments in ipv6. A remote attacker could exploit this flaw to bypass
firewalls and initial new network connections that should have been blocked
by the firewall.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 8.04 LTS:
linux-image-2.6.24-32-386 2.6.24-32.107
linux-image-2.6.24-32-generic 2.6.24-32.107
linux-image-2.6.24-32-hppa32 2.6.24-32.107
linux-image-2.6.24-32-hppa64 2.6.24-32.107
linux-image-2.6.24-32-itanium 2.6.24-32.107
linux-image-2.6.24-32-lpia 2.6.24-32.107
linux-image-2.6.24-32-lpiacompat 2.6.24-32.107
linux-image-2.6.24-32-mckinley 2.6.24-32.107
linux-image-2.6.24-32-openvz 2.6.24-32.107
linux-image-2.6.24-32-powerpc 2.6.24-32.107
linux-image-2.6.24-32-powerpc-smp 2.6.24-32.107
linux-image-2.6.24-32-powerpc64-smp 2.6.24-32.107
linux-image-2.6.24-32-rt 2.6.24-32.107
linux-image-2.6.24-32-server 2.6.24-32.107
linux-image-2.6.24-32-sparc64 2.6.24-32.107
linux-image-2.6.24-32-sparc64-smp 2.6.24-32.107
linux-image-2.6.24-32-virtual 2.6.24-32.107
linux-image-2.6.24-32-xen 2.6.24-32.107
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1660-1
CVE-2012-4444
Package Information:
https://launchpad.net/ubuntu/+source/linux/2.6.24-32.107
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQxrn4AAoJEAUvNnAY1cPYRdQQAMA6OY70BuIkMQtC2Vxik28e
9rgrhAI43xac+C5QF88IX3wxWHbP/goBkUsYK7eAaAk3OFqAe/QrZswC9NZ1kEbL
x5fNeHFo4j6tfPIMaGkvZUSskZUBGuJexhq8IZsfxPYRwqqaP+REkNtyvkZSkVho
YLK/+nDcKcE9TiWd1i+b4LcO9zJdgSAxyz/36AYUZaU7w9/HVDHaXn3IssvFj8NF
HdIwrQE77h/FW0Lqd+NjIT2jqLUkfSwx1saoX9LHhyUqDW84c9uYLk9x90yJKmaN
m9rGq2z5ani5UBNAdF2X4Oxjmx2px8IzPfJtkVUle0CDuh2YUOXIR6XafmaCK/FM
dC4IIRhJzPusGP0QrOSOPfpnYRgKlrCJ3T9UxvkD8KEDQbdMoabFEDOjxMkNki93
bRSB1sH744g3q6Ntdek6FqQN6yoKOUdm06fATFhDU1hQwEWt7RHLG//Z5icL1EyY
Qpypmhz/wUZlqIJOq+/kdt6YW9CtaC47wMAIybCoS5XSHmScrY9l/a63b/u5Nj41
qBo1hRkvYXuMasgralrYH7S5JLamzl202RYs3rJnNUXbuAOxGJxEmc+8vod1L8+P
vkgndNBi5owBCbncV/jhhbOHUD0w5xM5eFpn5jIVZjyZazVstMmNTN662jF2o58P
fF7kHpM5XTNsKLpfeIE0
=M5/q
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1660-1
December 11, 2012
linux vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 8.04 LTS
Summary:
The system's firewall could be bypassed by a remote attacker.
Software Description:
- linux: Linux kernel
Details:
Zhang Zuotao discovered a bug in the Linux kernel's handling of overlapping
fragments in ipv6. A remote attacker could exploit this flaw to bypass
firewalls and initial new network connections that should have been blocked
by the firewall.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 8.04 LTS:
linux-image-2.6.24-32-386 2.6.24-32.107
linux-image-2.6.24-32-generic 2.6.24-32.107
linux-image-2.6.24-32-hppa32 2.6.24-32.107
linux-image-2.6.24-32-hppa64 2.6.24-32.107
linux-image-2.6.24-32-itanium 2.6.24-32.107
linux-image-2.6.24-32-lpia 2.6.24-32.107
linux-image-2.6.24-32-lpiacompat 2.6.24-32.107
linux-image-2.6.24-32-mckinley 2.6.24-32.107
linux-image-2.6.24-32-openvz 2.6.24-32.107
linux-image-2.6.24-32-powerpc 2.6.24-32.107
linux-image-2.6.24-32-powerpc-smp 2.6.24-32.107
linux-image-2.6.24-32-powerpc64-smp 2.6.24-32.107
linux-image-2.6.24-32-rt 2.6.24-32.107
linux-image-2.6.24-32-server 2.6.24-32.107
linux-image-2.6.24-32-sparc64 2.6.24-32.107
linux-image-2.6.24-32-sparc64-smp 2.6.24-32.107
linux-image-2.6.24-32-virtual 2.6.24-32.107
linux-image-2.6.24-32-xen 2.6.24-32.107
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1660-1
CVE-2012-4444
Package Information:
https://launchpad.net/ubuntu/+source/linux/2.6.24-32.107
[CentOS-announce] CEBA-2012:1554 CentOS 6 kexec-tools Update
CentOS Errata and Bugfix Advisory 2012:1554
Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-1554.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
0f52d4b56549e58171a9dc2655c60c9ce08b694757acb1ea71edbc33a48e5625 kexec-tools-2.0.0-245.el6_3.1.i686.rpm
x86_64:
daf72e78f386d4fad7a35eba205a98b87d32e654dce9dd677bb3e69c613f39f9 kexec-tools-2.0.0-245.el6_3.1.x86_64.rpm
Source:
86a3367af2c97f10f3f403adaff106a449904d0c62e2ac6f57a161e31197af39 kexec-tools-2.0.0-245.el6_3.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-1554.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
0f52d4b56549e58171a9dc2655c60c9ce08b694757acb1ea71edbc33a48e5625 kexec-tools-2.0.0-245.el6_3.1.i686.rpm
x86_64:
daf72e78f386d4fad7a35eba205a98b87d32e654dce9dd677bb3e69c613f39f9 kexec-tools-2.0.0-245.el6_3.1.x86_64.rpm
Source:
86a3367af2c97f10f3f403adaff106a449904d0c62e2ac6f57a161e31197af39 kexec-tools-2.0.0-245.el6_3.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
[opensuse-announce] openSUSE Conference 2013 in Thessaloniki, Greece. OPA!
Geekos all over the world,
we are very happy to inform you that next year's openSUSE Conference
(oSC13), the yearly get together of our community, will happen in July
in the beautiful city of Thessaloniki, Greece. oSC13 will bring together
a wide variety of Free and Open Source (FOSS) contributors to
collaborate on one of the major Linux distribution projects. In exciting
talks, workshops and social events our community will bring alive our
motto "Have a lot of fun".
We are entering the organization phase right now and have not yet
settled on an exact date and location but we will let you know once we
have that info. In the meantime how about you help us organize oSC13?
We need you at the kick off meeting!
To make this the most awesome conference ever, we are looking for people
who are willing to help out. We need you! There is a lot of organizing
to be done, logos to be drawn, websites to be designed, schedules to be
made, hotels to be booked, sponsors to be found and a million of other
things you can help with. So to kick off the organization team and to
get everyone on the same page we are going to meet this Thursday,
December 13th on IRC to discuss what we need to do and how we are going
to do it. If you're looking for a chance to give back to the openSUSE
community this is it!
When: 2012-12-13 at 15:00 UTC
Where: #opensuse-project on the freenode network
Who: Everybody who want's to make oSC13 great
If you, for whatever reason, can't participate but still want to help
you should subscribe to our conference mailinglist:
opensuse-conference@opensuse.org
we are going to post meeting minutes there and will use this list to
further organize oSC13.
Let's get going and make oSC13 in Thessaloniki the best conference ever!
Your oSC13 Team
--
To unsubscribe, e-mail: opensuse-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-announce+help@opensuse.org
we are very happy to inform you that next year's openSUSE Conference
(oSC13), the yearly get together of our community, will happen in July
in the beautiful city of Thessaloniki, Greece. oSC13 will bring together
a wide variety of Free and Open Source (FOSS) contributors to
collaborate on one of the major Linux distribution projects. In exciting
talks, workshops and social events our community will bring alive our
motto "Have a lot of fun".
We are entering the organization phase right now and have not yet
settled on an exact date and location but we will let you know once we
have that info. In the meantime how about you help us organize oSC13?
We need you at the kick off meeting!
To make this the most awesome conference ever, we are looking for people
who are willing to help out. We need you! There is a lot of organizing
to be done, logos to be drawn, websites to be designed, schedules to be
made, hotels to be booked, sponsors to be found and a million of other
things you can help with. So to kick off the organization team and to
get everyone on the same page we are going to meet this Thursday,
December 13th on IRC to discuss what we need to do and how we are going
to do it. If you're looking for a chance to give back to the openSUSE
community this is it!
When: 2012-12-13 at 15:00 UTC
Where: #opensuse-project on the freenode network
Who: Everybody who want's to make oSC13 great
If you, for whatever reason, can't participate but still want to help
you should subscribe to our conference mailinglist:
opensuse-conference@opensuse.org
we are going to post meeting minutes there and will use this list to
further organize oSC13.
Let's get going and make oSC13 in Thessaloniki the best conference ever!
Your oSC13 Team
--
To unsubscribe, e-mail: opensuse-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-announce+help@opensuse.org
[FreeBSD-Announce] Faces of FreeBSD Series Kick-Off
Dear FreeBSD Community,
We kicked-off our year-end fundraising campaign last week and we can't
be more thrilled and thankful to everyone who has made a donation so far
this year! Since our campaign started on December 4th, we've raised over
$20,000 with more than 400 donations. Historically, we have started this
campaign at the beginning of December. And, we typically are about half
way to our goal at this time. It's very common for non-profits to raise
70% of their funds during December. We have always been confident that
we will meet our goals each year and we always have, or have gotten very
close.
This is our most ambitious fundraising drive to date. We have big plans
to bring on technical staff members and put more funding into
development projects. We are also collaborating more with companies who
use FreeBSD and working to get more companies to co-sponsor projects
with us.
We are excited to be kicking off our Faces of FreeBSD series. It's a
chance for us to spotlight different people who contribute to FreeBSD
and have received funding from us to work on development projects, run
conferences, travel to conferences, and advocate for FreeBSD.
Let us introduce you to Alberto Mijares. We helped him attend EuroBSDCon
2012 by assisting him with his travel expenses. Here's his story:
http://www.freebsdfoundation.org/press/FacesofFreeBSD-Alberto.pdf
Please consider making a donation to help us continue and increase our
support of the FreeBSD Project and community worldwide! To make a
donation go to:
http://www.freebsdfoundation.org/donate/
Thank You,
The FreeBSD Foundation
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
We kicked-off our year-end fundraising campaign last week and we can't
be more thrilled and thankful to everyone who has made a donation so far
this year! Since our campaign started on December 4th, we've raised over
$20,000 with more than 400 donations. Historically, we have started this
campaign at the beginning of December. And, we typically are about half
way to our goal at this time. It's very common for non-profits to raise
70% of their funds during December. We have always been confident that
we will meet our goals each year and we always have, or have gotten very
close.
This is our most ambitious fundraising drive to date. We have big plans
to bring on technical staff members and put more funding into
development projects. We are also collaborating more with companies who
use FreeBSD and working to get more companies to co-sponsor projects
with us.
We are excited to be kicking off our Faces of FreeBSD series. It's a
chance for us to spotlight different people who contribute to FreeBSD
and have received funding from us to work on development projects, run
conferences, travel to conferences, and advocate for FreeBSD.
Let us introduce you to Alberto Mijares. We helped him attend EuroBSDCon
2012 by assisting him with his travel expenses. Here's his story:
http://www.freebsdfoundation.org/press/FacesofFreeBSD-Alberto.pdf
Please consider making a donation to help us continue and increase our
support of the FreeBSD Project and community worldwide! To make a
donation go to:
http://www.freebsdfoundation.org/donate/
Thank You,
The FreeBSD Foundation
_______________________________________________
freebsd-announce@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-announce
To unsubscribe, send any mail to "freebsd-announce-unsubscribe@freebsd.org"
[USN-1659-1] GIMP vulnerability
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQxfdYAAoJEGVp2FWnRL6TmLEP/3fV1GpQ/DljJkzT6UE6FnWj
Ydrw3/prD+Qe32qw056QZoNBdpwAtRxiWdlH+mQXwh358FZUXZJz/CZC8eT9bk1s
r6I5njsaN7VHY8bChiNczEkEvv38uMVjZOFkZFPXrPADw/q9zQQVM5HbxtEXO6WH
22lnZDBINc1WgCi5YY0kWa5kn8mMqqX54QSdO9hfASdQ3Q2dzPHRKEmTQg7SFXkN
cLfbRZBc4tE3wloMwQVl2BpVfkA9HMhg2a/riD8HBMFurbdyCfrB94I7f3Lyd5z1
EghAtW8afgeIum2Jgc2PyCBfk78lwAxemrRpSfa/Qsejltb8wNJXjvSWshK98qNV
B/qSMoJ2tVxAT1Wbxo8H/jXDH2mFvgJ6Q2wXgkW72Dz8zKEG+Iltn0L5i90AQh3B
zhrnlKg56QJMWh0qARzReVVFzySVqnEwDr+tVljq4mORzsXrPO73HwVKK4lJ9FeZ
OYS3WGxWQu1i1uJIAJdRPUnMmUT/CxcBIzDjdUs+7khbKGiFEV1zBtdWuiil5llR
9CZA/O28N3GDLKHnN1mSmMnmSwyeahcIslawi4S+rQzZxLGdQFlDmI6SGX9Auero
Vl1flHku7HIcbD5xAI/D7GdETBNXdN8zanO3I+ZiPINp0pc15VhUcMc4sooLszvk
7VRbu4V0wDFPxnR5UYdh
=U7lV
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1659-1
December 10, 2012
gimp vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS
Summary:
GIMP could be made to crash or run programs as your login if it opened a
specially crafted file.
Software Description:
- gimp: The GNU Image Manipulation Program
Details:
It was discovered that GIMP incorrectly handled malformed XWD files. If a
user were tricked into opening a specially crafted XWD file, an attacker
could cause GIMP to crash, or possibly execute arbitrary code with the
user's privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
gimp 2.8.2-1ubuntu1.1
Ubuntu 12.04 LTS:
gimp 2.6.12-1ubuntu1.2
Ubuntu 11.10:
gimp 2.6.11-2ubuntu4.2
Ubuntu 10.04 LTS:
gimp 2.6.8-2ubuntu1.6
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1659-1
CVE-2012-5576
Package Information:
https://launchpad.net/ubuntu/+source/gimp/2.8.2-1ubuntu1.1
https://launchpad.net/ubuntu/+source/gimp/2.6.12-1ubuntu1.2
https://launchpad.net/ubuntu/+source/gimp/2.6.11-2ubuntu4.2
https://launchpad.net/ubuntu/+source/gimp/2.6.8-2ubuntu1.6
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCgAGBQJQxfdYAAoJEGVp2FWnRL6TmLEP/3fV1GpQ/DljJkzT6UE6FnWj
Ydrw3/prD+Qe32qw056QZoNBdpwAtRxiWdlH+mQXwh358FZUXZJz/CZC8eT9bk1s
r6I5njsaN7VHY8bChiNczEkEvv38uMVjZOFkZFPXrPADw/q9zQQVM5HbxtEXO6WH
22lnZDBINc1WgCi5YY0kWa5kn8mMqqX54QSdO9hfASdQ3Q2dzPHRKEmTQg7SFXkN
cLfbRZBc4tE3wloMwQVl2BpVfkA9HMhg2a/riD8HBMFurbdyCfrB94I7f3Lyd5z1
EghAtW8afgeIum2Jgc2PyCBfk78lwAxemrRpSfa/Qsejltb8wNJXjvSWshK98qNV
B/qSMoJ2tVxAT1Wbxo8H/jXDH2mFvgJ6Q2wXgkW72Dz8zKEG+Iltn0L5i90AQh3B
zhrnlKg56QJMWh0qARzReVVFzySVqnEwDr+tVljq4mORzsXrPO73HwVKK4lJ9FeZ
OYS3WGxWQu1i1uJIAJdRPUnMmUT/CxcBIzDjdUs+7khbKGiFEV1zBtdWuiil5llR
9CZA/O28N3GDLKHnN1mSmMnmSwyeahcIslawi4S+rQzZxLGdQFlDmI6SGX9Auero
Vl1flHku7HIcbD5xAI/D7GdETBNXdN8zanO3I+ZiPINp0pc15VhUcMc4sooLszvk
7VRbu4V0wDFPxnR5UYdh
=U7lV
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1659-1
December 10, 2012
gimp vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS
Summary:
GIMP could be made to crash or run programs as your login if it opened a
specially crafted file.
Software Description:
- gimp: The GNU Image Manipulation Program
Details:
It was discovered that GIMP incorrectly handled malformed XWD files. If a
user were tricked into opening a specially crafted XWD file, an attacker
could cause GIMP to crash, or possibly execute arbitrary code with the
user's privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.10:
gimp 2.8.2-1ubuntu1.1
Ubuntu 12.04 LTS:
gimp 2.6.12-1ubuntu1.2
Ubuntu 11.10:
gimp 2.6.11-2ubuntu4.2
Ubuntu 10.04 LTS:
gimp 2.6.8-2ubuntu1.6
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1659-1
CVE-2012-5576
Package Information:
https://launchpad.net/ubuntu/+source/gimp/2.8.2-1ubuntu1.1
https://launchpad.net/ubuntu/+source/gimp/2.6.12-1ubuntu1.2
https://launchpad.net/ubuntu/+source/gimp/2.6.11-2ubuntu4.2
https://launchpad.net/ubuntu/+source/gimp/2.6.8-2ubuntu1.6
Subscribe to:
Posts (Atom)