Monthly Archives: March 2015
Mattel's Barbie Found Spying On Your Children
US Industrial Control Systems Attacked 245 Times In 12 Months
CEBA-2015:0676 CentOS 6 mlocate FASTTRACK BugFixUpdate
CentOS Errata and Bugfix Advisory 2015:0676 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0676.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 9d76f451da0b0d8f11a0f7fcccabe7b84338026ddc5f60353c0fb89910c253f0 mlocate-0.22.2-6.el6.i686.rpm x86_64: 82003a710e7baf8904210c26ac9a800108f6a8916a5240fe7d713d6a5fdf52be mlocate-0.22.2-6.el6.x86_64.rpm Source: f2296c5f7e3414b4da578f6b8578bc6b828aa05f9b13b5bf8618b5af7078ab10 mlocate-0.22.2-6.el6.src.rpm
CESA-2015:0674 Important CentOS 6 kernel SecurityUpdate
CentOS Errata and Security Advisory 2015:0674 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-0674.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: fbeee40ffef15ea96835436206634c74f5c11a4651b3f253f745947a13267d93 kernel-2.6.32-504.12.2.el6.i686.rpm c2b2367d9b7ed37394bb37174deb4160d40b9bfeb0abb3fabe8800b84d3c9423 kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm 6d85607a7807eff0f4c8f6d3e2b15e9a7f2c57b4db0581a6d3e05b93689c3a03 kernel-debug-2.6.32-504.12.2.el6.i686.rpm 3d896122315bdf009b49c5d926a12e22f625e11a0f626ae32f7da8eb355eee77 kernel-debug-devel-2.6.32-504.12.2.el6.i686.rpm 5312afe83ca1e4206d8bf46ce16cc1a21a903c4f43d4f1967abcebfcdac28b22 kernel-devel-2.6.32-504.12.2.el6.i686.rpm 6846cca6a6d5045ff838f3e185578bf46a7722f8337c303fbc7981e51da88ce0 kernel-doc-2.6.32-504.12.2.el6.noarch.rpm 3748172d580a7d212088844c88144db37f665559d55444d737281ba5b646d504 kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm 0b977d2f1a5c692e718c7f6dee389db46241aea915a9e7cd7f1540c54e15f9f2 kernel-headers-2.6.32-504.12.2.el6.i686.rpm 4cf8dbb7255d71591c799f34209b1549f92347ad0caa136b85cfefd7cdfa3b6c perf-2.6.32-504.12.2.el6.i686.rpm 5c460e014b0e1be2fe9c7f2000a2742bde4977cbf94d628085ff88326ca0f836 python-perf-2.6.32-504.12.2.el6.i686.rpm x86_64: 7bde9958b908f4c2d0184ac3fa28d44539129d1e8f25a88fad9d79e239b995fa kernel-2.6.32-504.12.2.el6.x86_64.rpm c2b2367d9b7ed37394bb37174deb4160d40b9bfeb0abb3fabe8800b84d3c9423 kernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm 69bf5147a069af1ec61ff9961c22bf21af3fdd2758e7b546f3bb7c7a5339c833 kernel-debug-2.6.32-504.12.2.el6.x86_64.rpm a8f91fd72c401b7696ce0244500574b772b28659ff291bab034955ce1b3022af kernel-debug-devel-2.6.32-504.12.2.el6.x86_64.rpm 6ca0b08a83dfc5211bf59112807a77840f6872e9afb7550f33190c78506da723 kernel-devel-2.6.32-504.12.2.el6.x86_64.rpm 6846cca6a6d5045ff838f3e185578bf46a7722f8337c303fbc7981e51da88ce0 kernel-doc-2.6.32-504.12.2.el6.noarch.rpm 3748172d580a7d212088844c88144db37f665559d55444d737281ba5b646d504 kernel-firmware-2.6.32-504.12.2.el6.noarch.rpm 40490852a394ba558fd2c11860a6c1519b8b76c9e4d7b69807a6c4e12343562e kernel-headers-2.6.32-504.12.2.el6.x86_64.rpm b44912e00f0ff4225c2739d41a1461f0eb0623759012e0da81058c898a37dd02 perf-2.6.32-504.12.2.el6.x86_64.rpm 40432398edd4cdd9347e3016be46dae07f5e5f94c2c965df5aafcc1534d02618 python-perf-2.6.32-504.12.2.el6.x86_64.rpm Source: 96437f63c16ff5ec85f88e479315b668fec710041b4e316214d1a3c555858231 kernel-2.6.32-504.12.2.el6.src.rpm
CVE-2015-2044 (xen)
The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involving an unsupported access size.
CVE-2015-2045 (xen)
The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.
CVE-2015-2150 (xen)
Xen 3.3.x through 4.5.x does not properly restrict access to PCI command registers, which might allow local guest users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.
CVE-2015-2151 (xen)
The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors.
CVE-2015-2208 (phpmoadmin)
The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute arbitrary commands via shell metacharacters in the object parameter.