CEEA-2015:0275 CentOS 5 cyrus-imapd EnhancementUpdate

CentOS Errata and Enhancement Advisory 2015:0275 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2015-0275.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
dd29d23eccd0d884980bc486eed5898294616b5f1698644409e5ec0e5b0eec28  cyrus-imapd-2.3.7-16.el5_11.i386.rpm
424a0ef95930ae543fec2c8415be603232330050651f70493f148133ced97381  cyrus-imapd-devel-2.3.7-16.el5_11.i386.rpm
ba67ad052b541adb36b0f8f1ae395b5ab5621f7860fdac559c08ae8cedd02148  cyrus-imapd-perl-2.3.7-16.el5_11.i386.rpm
0309b20c3f0672234fdd6c831ac425be8de30c2e1f2e3e40a66b708224e37762  cyrus-imapd-utils-2.3.7-16.el5_11.i386.rpm

x86_64:
f6fa3aed83cfd51c8bb41c2cf9b9c6c3f3b5a6212feae5ea70f21f9a777e01be  cyrus-imapd-2.3.7-16.el5_11.x86_64.rpm
424a0ef95930ae543fec2c8415be603232330050651f70493f148133ced97381  cyrus-imapd-devel-2.3.7-16.el5_11.i386.rpm
b01915f3ac66d050a0707518fb798891b1e6dd27e98eb7f529c315b23bb2469f  cyrus-imapd-devel-2.3.7-16.el5_11.x86_64.rpm
85f3ad6fefeaf3f0e104a98e305f1d45cc3caa998ee11d50d86da6f2ce6aa088  cyrus-imapd-perl-2.3.7-16.el5_11.x86_64.rpm
8bdcac1856535d4972f6c0d955f784af66d0c62b1027ae299e76895245990ec5  cyrus-imapd-utils-2.3.7-16.el5_11.x86_64.rpm

Source:
646f5530c92f50b0f248e2469af4795a46825dbec4e8bef9f5c44685241a76b4  cyrus-imapd-2.3.7-16.el5_11.src.rpm



CEEA-2015:0277 CentOS 6 cyrus-imapd EnhancementUpdate

CentOS Errata and Enhancement Advisory 2015:0277 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2015-0277.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
d594d24cd32730c0b708488b16ce239e31bd896535cf6616ff69c2a50f0b5204  cyrus-imapd-2.3.16-13.el6_6.i686.rpm
fa4fdbb3abca0dd103b3204915ef7e1c0f2cd0c65a5f768f80cebc2c148396b0  cyrus-imapd-devel-2.3.16-13.el6_6.i686.rpm
98f1663fc3f2139c6dabfdba2237fb8168d259a115c38dcb16159bb0504c3749  cyrus-imapd-utils-2.3.16-13.el6_6.i686.rpm

x86_64:
ccba4c5dbc695d2bece41d9bce8031d49b5b76aae92064796f8c6d70cedfa2dc  cyrus-imapd-2.3.16-13.el6_6.x86_64.rpm
fa4fdbb3abca0dd103b3204915ef7e1c0f2cd0c65a5f768f80cebc2c148396b0  cyrus-imapd-devel-2.3.16-13.el6_6.i686.rpm
a34d8ff05fbf1b12aedc6808b6675399f9d3ddd557172c5519db86cfdf511769  cyrus-imapd-devel-2.3.16-13.el6_6.x86_64.rpm
cd49a8be2cbe05621ccb9c701acc7c3223edc559d00a503a49dcbbf952bf0aad  cyrus-imapd-utils-2.3.16-13.el6_6.x86_64.rpm

Source:
81d04d82b259e081600a6d9378327e2040a929b0d6e6e63e305c4cadaff19322  cyrus-imapd-2.3.16-13.el6_6.src.rpm



CEBA-2015:0274 CentOS 6 ruby BugFix Update

CentOS Errata and Bugfix Advisory 2015:0274 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0274.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
71234f9406eca6a41884cbaaff642485e10e0a031e300e1d054453e9cfb14ff8  ruby-1.8.7.374-4.el6_6.i686.rpm
b3163be4b0290781509741fe40c3f31d590507101a8a49a874f52cc3481ebb0b  ruby-devel-1.8.7.374-4.el6_6.i686.rpm
ed32c82f71478c9ff251d81d48db568b90371e067b67090dc611018a80cdc32b  ruby-docs-1.8.7.374-4.el6_6.i686.rpm
f074916f420a394ff4f6e102dfbd0264896630817e70c25ae122cb4662b25cc5  ruby-irb-1.8.7.374-4.el6_6.i686.rpm
99c696d220f88578b9ac908c52d7c7d50fc1cde62f5b90beaff61a2cabb7d55b  ruby-libs-1.8.7.374-4.el6_6.i686.rpm
95043fecd149c116e7596fecdef5765e2518f38e56f192b73d5d7435acd3951a  ruby-rdoc-1.8.7.374-4.el6_6.i686.rpm
3e070909710e9329b92b570c6128057122d2b1c04a97a62a8ac8a47bc9e79ed7  ruby-ri-1.8.7.374-4.el6_6.i686.rpm
1d80cda61fc8cd6f4d65ce605197b71ed8d774d5006c702bee281988203636fb  ruby-static-1.8.7.374-4.el6_6.i686.rpm
bee5cf1fd558d263b3cafff8c1d28abf2fdfb64f84cf552002e2b30dce443f29  ruby-tcltk-1.8.7.374-4.el6_6.i686.rpm

x86_64:
760db1ec22721384125263dc7d4f8f5e74d6d6cb1867659e17e6a8fdbc5726b2  ruby-1.8.7.374-4.el6_6.x86_64.rpm
b3163be4b0290781509741fe40c3f31d590507101a8a49a874f52cc3481ebb0b  ruby-devel-1.8.7.374-4.el6_6.i686.rpm
0821dea5d7e3d79c9b8faa01275706d411f61a846bc78d94e305da06f46d6585  ruby-devel-1.8.7.374-4.el6_6.x86_64.rpm
542442bc6e620e6c11bd0ea9a49c0e1dc7e16ac57a0b76bd1f8b1543e43b0c1a  ruby-docs-1.8.7.374-4.el6_6.x86_64.rpm
e04c1fc17afdfd29e1e23d788c47715894b553cc90318e4146d3d93d65a0cf3a  ruby-irb-1.8.7.374-4.el6_6.x86_64.rpm
99c696d220f88578b9ac908c52d7c7d50fc1cde62f5b90beaff61a2cabb7d55b  ruby-libs-1.8.7.374-4.el6_6.i686.rpm
b473a43d5c201bf9706ab1cbe2d6ef0fc1a6042295e20753d8307326b2fce116  ruby-libs-1.8.7.374-4.el6_6.x86_64.rpm
93b3e1baf539d598efe1a1ab094e6718d10472947086ca7e89638615c8b57dbd  ruby-rdoc-1.8.7.374-4.el6_6.x86_64.rpm
f2d677239f26999f710bb228e57525a64ab0b95f3b9ec2e384daa1b5b1569a26  ruby-ri-1.8.7.374-4.el6_6.x86_64.rpm
e5cd12caa438960187e3c724592de30ff80cc9e14ebf9b3c5a0fe3ab9550ff6d  ruby-static-1.8.7.374-4.el6_6.x86_64.rpm
9dbe206d541870495944580e18247031fc0873f33b2711d19aa2ccaaed1b559c  ruby-tcltk-1.8.7.374-4.el6_6.x86_64.rpm

Source:
d59e8ddea5341b50b411253dd5b5c9975038a9b880a12d9675ebb4b7b71ec8e1  ruby-1.8.7.374-4.el6_6.src.rpm



CEBA-2015:0273 CentOS 6 ksh BugFix Update

CentOS Errata and Bugfix Advisory 2015:0273 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-0273.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
1b18a7ba2e3dfd59515f0d722a92cf970474bb1d4b4be5014bbd30050f90c5a4  ksh-20120801-21.el6_6.2.i686.rpm

x86_64:
b7fa412e41427c37a6bc017787ba5904bceee292e9e583b4b53f67353e43dff6  ksh-20120801-21.el6_6.2.x86_64.rpm

Source:
fd62e15f6e729922a78ed7c883041dc2267ce380fabd25575c5d467d033d5043  ksh-20120801-21.el6_6.2.src.rpm



CVE-2013-7421

The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.

CVE-2014-8160

net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers.

CVE-2014-9644

The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-2013-7421.