GNU Bash CVE-2014-7187 Local Memory Corruption Vulnerability
Monthly Archives: February 2015
Vuln: mpg123 MP3 Decoding Heap Based Buffer Overflow Vulnerability
mpg123 MP3 Decoding Heap Based Buffer Overflow Vulnerability
Gentoo Linux Security Advisory 201502-02
Gentoo Linux Security Advisory 201502-2 – Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.442 are affected.
Digitally Signed Malware Risk on the Rise, Kaspersky Finds – Search Security
Review: Kaspersky Total Security – PC Magazine
Experts on the Anthem Hack: Kaspersky Lab’s Patrick Nielsen – The Wall Street Journal
Inside the Dark Web – PC Magazine
Cyber Thieves Using QR Codes for Phishing – Mobile Enterprise
CESA-2015:X003 kernel Xen4CentOS Security Update
The following packages are updated for Xen4CentOS for CentOS 6:
Source:
91e65bf3d0bd8586fbbfcac77ecc7b677ef3582acd8ac11893c71d511edb59cb e1000e-2.5.4-3.10.68.2.el6.centos.alt.src.rpm
d2019ca40e3d4beb2c7a55ed8bfd7bb0295d9028726f71bf6dff1389d79ae5cd kernel-3.10.68-11.el6.centos.alt.src.rpm
x86_64:
be570bc1212273433fb7df1c4f1a7b5ba471db9a61c78b88756f306528847138 e1000e-2.5.4-3.10.68.2.el6.centos.alt.x86_64.rpm
0ea9ea9afa93d26f6e28635b060295d76a7b090e44ea64124f375036db055ab0 kernel-3.10.68-11.el6.centos.alt.x86_64.rpm
58a36c6314dabe487165538f508de60e57429c328263113d152cc324daf5a483 kernel-devel-3.10.68-11.el6.centos.alt.x86_64.rpm
f7c24fb8439b505ca1af7c43bc6803721a055c82d5cf0d167a78e2271c610dae kernel-doc-3.10.68-11.el6.centos.alt.noarch.rpm
9c282481f31b4761e6f4b8b0091b96331cd1a5dbb2f135db110289caab4fcc1b kernel-firmware-3.10.68-11.el6.centos.alt.noarch.rpm
c59984f2f5d635eec7362ee60ad63262e7dd133fbee1b7094f99f722547c983e kernel-headers-3.10.68-11.el6.centos.alt.x86_64.rpm
35a21a2eea7e4f4a8ea11bfe349068ec1b84d579cbd2c852d8d453533aa43a20 perf-3.10.68-11.el6.centos.alt.x86_64.rpm
========================================================================
These updates address the following issues:
e1000e:
Just a rebuild of the module for the new kernel.
========================================================================
Kernel:
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.64
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.65
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.66
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.67
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.68
Kernel CVE's: CVE-2014-8134, CVE-2014-8989, CVE-2014-9529
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net
CEEA-2015:0141 CentOS 7 tzdata Enhancement Update
CentOS Errata and Enhancement Advisory 2015:0141 Upstream details at : https://rhn.redhat.com/errata/RHEA-2015-0141.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 921a3e9d60400d5fff290f41d5c3a8290893efdf82916dd25ba4fedf43704d6e tzdata-2015a-1.el7_0.noarch.rpm 697a93ca1f89d37f62f8dec3148a9f6416951a13b1180838cd0a13b6273d53b8 tzdata-java-2015a-1.el7_0.noarch.rpm Source: e83a3cfd7f10e75c194ef53d63e661b9494ffa4799d494ee0b7d5aaed4e120b0 tzdata-2015a-1.el7_0.src.rpm