-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am pleased to announce general availability of the Feb 2015 snapshot for CentOS Linux. Todays release includes CentOS Linux 7 iso based install media, Generic Cloud images, Atomic Host and Docker containers. CentOS Linux rolling builds are point in time snapshot media rebuild from original release time, to include all updates pushed to mirror.centos.org's repositories. This includes all security, bugfix, enhancement and general updates for CentOS Linux. Machines installed from this media will have all these updates pre-included and will look no different when compared with machines installed with older media that have been yum updated to the same point in time. All rpm/yum repos remain on mirror.centos.org with no changes in either layout or content. Files marked as 20150228_01 indicate that it includes all content released to mirror.centos.org upto ( and including ) the 28th of Feb 2015. Since there is a need to test these images, the release will always lag few days behind the datestamp ( and therefore content included ) in the release. My aim is to automate as much of this as possible going forward to reduce this time lag as much as possible, however we might not be able to remove the lag completely. Other content formats like containers and vendor specific images will aim to start with the same cycle as the main CentOS Linux media, but might move to a more frequent build and release cycle if needed. Special Interest Groups ( http://wiki.centos.org/SpecialInterestGroup) wanting to do media and installer releases should also consider using the rolling timelines to sync with. - ----------- CentOS Linux distro installer media: File: CentOS-7-x86_64-DVD-20150228_01.iso Sha256sum: 8e1195b922def89f4d5846726f3bb1eaecd8bbfcb7a6e415d54a1ed6260ac21d File: CentOS-7-x86_64-Everything-20150228_01.iso Sha256sum: 09f76128a9d613ebc2ec0c6ad1313e78f0ce349dc669b2714e4e9f694c5c569b File: CentOS-7-x86_64-Minimal-20150228_01.iso Sha256sum: c4da447eba9806d50d8a6369f44d5f847f0da4fd49144e5900227e0ca66ae3b2 Symlinks are provided that will always map to the latest released builds, as follows ( including their current mapping ) http://buildlogs.centos.org/rolling/7/isos/x86_64/CentOS-7-x86_64-DVD.iso - -> CentOS-7-x86_64-DVD-20150228_01.iso http://buildlogs.centos.org/rolling/7/isos/x86_64/CentOS-7-x86_64-Everything.iso - -> CentOS-7-x86_64-Everything-20150228_01.iso http://buildlogs.centos.org/rolling/7/isos/x86_64/CentOS-7-x86_64-Minimal.iso - -> CentOS-7-x86_64-Minimal-20150228_01.iso These symlinks are updated to point at the latest tested and released media and make for a good target in automation that requires CentOS Linux media. - ---------- For more information and comments please join us on the centos-devel mailing list ( http://lists.centos.org/ ) Enjoy! - -- Karanbir Singh, Project Lead, The CentOS Project -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) iQEcBAEBAgAGBQJU+E2+AAoJEI3Oi2Mx7xbthVgH/21II7Wu00wLUJzU5uZn7xl6 olnu3CtTC0Nq7fm7MiP59PoaLTk1GKe4SaQFJQIuNJYdooH06XvarwiIo34SgOWq MV/7KFRhWER0ZLpvJQIa0+r5WjL7OXuOHZ18FomC3/PqIZZaVwhXSXtFnCGgnirD O6C3Ku6ErlTh4tF5gImw8s0FUkTBOOjfl5lL2jcqoSyXJkggs7CqBoH9LzfK/ddw HeLqCenosk72bIXPMhZsM2JiGK8dujjBftcJ3GtvXOvXoWs3+Rl8fTsaSlHUa37/ brPfSDDaVWcp3sVMPmw7XCgT1s3RSxVKVZM1lHvvwZFNMnEj67mCeQN/XMlMdQU= =5Dnk -----END PGP SIGNATURE-----
Monthly Archives: March 2015
Five alternatives to Bitcoin
Here’s a small selection of alternatives to Bitcoin – each of which has its own advantages. All of them share Bitcoin’s fundamental strengths, however – minimal or zero transfer fees, and freedom from traditional banking restrictions.
The post Five alternatives to Bitcoin appeared first on We Live Security.
Mobile World Congress 2015: the unstoppable growth of mobile devices
After attending the Mobile World Congress 2015 one thing is clear to us: the growth of mobile devices is unstoppable!
As the number of users and mobile devices increase, the number of threats and attacks do too. And with more and more mobile devices and users linked to movility the cyber-criminals have found their target niche.
How can we protect ourselves from that raising number of threats?
Panda Mobile Security: Maximum protection for your Android devices
This is not the first time we talk about our antivirus for Android, but today we want to tell you about the new features our colleagues in PandaLabs are working on!
For example, a couple of moths ago we saw how the downloading of some apps traped us in to using SMS Premium. That’s why Panda Mobile Security has created in “Privacy Auditor” a new functionality called “Cost Money”. So if you downloaded a Weight Loss app or a QR reader, or any app with permissions to behave in this malicious way will be flagged as such. Check them and if they seem malicious remove them rightaway!
Nor should we forget that the threats there were previously founded on other platforms now can be atacking our mobile phones or tablets. For instance, the Ramsonware virus that “hijack” the device requesting a payment, as it renders useless the device and prevents us accessing our data.
We are even descovering threats cybercriminals created to take pictures of the users while the device is turned off or paused, and steal their data.
In addition, Panda Mobile Security, available in 16 languages in a few days, highlights the importance of geolocation. For example, the “Theft Alert” allows the device when someone introduces the wrong password, takes a photo and sends it via email with the device location.
What to protect with a mobile antivirus?
We want that our Android antivirus to be a complete security solution so it makes the users life easier and safer!
With that in mind we are able to protect againts virus, fraud and threats, locate the mobile phone or tablet in case you lose it (or someone steals it!), protects private data and resource management.
Want to try our free antivirus for Android?
The post Mobile World Congress 2015: the unstoppable growth of mobile devices appeared first on MediaCenter Panda Security.
Re: Java 8u40 released: why?
Posted by Gsunde Orangen on Mar 05
I’d be interested in that, too.
In case this out-of-band release is about an important security fix,
then either this is something new (details still to be disclosed).
Or it is associated with CVE-2014-6593 (e.g. incomplete or buggy fix in
the January release)? The detais (named as “SKIP-TLS”) had been
disclosed just this week along with the “FREAK” attack (see
https://www.smacktls.com/#skip). Former descriptions of…
Fedora 21 Security Update: libmspack-0.5-0.1.alpha.fc21
Resolved Bugs
1196154 – libmspack: various flaws [fedora-all]
1196153 – libmspack: off-by-one(?) buffer under-read in mspack/lzxd.c
1196157 – libmspack: off-by-one buffer over-read in mspack/mszipd.c
1180177 – libmspack: pointer arithmetic overflow during CHM decompression
1180180 – libmspack: pointer arithmetic overflow during CHM decompression [fedora-all]
1180175 – libmspack: denial of service while processing crafted CHM file (floating point exception)
1180178 – libmspack: denial of service while processing crafted CHM file (floating point exception) [fedora-all]
1178867 – CVE-2014-9556 libmspack: buffer overflow causing denial of service in qtmd_decompress()
1179822 – CVE-2014-9556 libmspack: buffer overflow causing denial of service in qtmd_decompress() [fedora-all]<br
updated to bugfix release 0.5alpha
Fedora 20 Security Update: gnupg-1.4.19-2.fc20
Resolved Bugs
1198154 – CVE-2015-0837 CVE-2014-3591 gnupg: various flaws [fedora-all]
1198145 – CVE-2014-3591 libgcrypt: use ciphertext blinding for Elgamal decryption (new side-channel attack)
1198147 – CVE-2015-0837 libgcrypt: last-level cache side-channel attack<br
New upstream v1.4.19
Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]
Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837]
Add AUTOPOINT=true to autoreconf so that it will build with gettext 0.18.x