Monthly Archives: July 2015

CentOS

CESA-2015:1515 Important CentOS 5 bind97 SecurityUpdate

CentOS Errata and Security Advisory 2015:1515 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1515.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
70be08407007ee373075a7f4c0e8f30f9ae9486cc6e86d758e145c7e0452fbba  bind97-9.7.0-21.P2.el5_11.2.i386.rpm
4b4e40fca6cf07b64db40860a6b5c9102f4d1968d3996bd0cff8804a92273bce  bind97-chroot-9.7.0-21.P2.el5_11.2.i386.rpm
2f4ca3bb619d4fb2a98e61d36b1a415a8f774da3ee48cdec5b36b3c2c4ae883e  bind97-devel-9.7.0-21.P2.el5_11.2.i386.rpm
5e1cd26638a0ad32eb0e77c7bdff74283dc67eaf98d6b43883fecf1cbd8c1e8e  bind97-libs-9.7.0-21.P2.el5_11.2.i386.rpm
a3d8ecd851aeb1600abc328b35b48e1afaa6f64b3ac9bae46033e7cfc1db7353  bind97-utils-9.7.0-21.P2.el5_11.2.i386.rpm

x86_64:
b826b3406eec2980fb56649f18d0b5372589d49ede9656ea0a8fcca3634e3943  bind97-9.7.0-21.P2.el5_11.2.x86_64.rpm
6a39f618114777091a0a35f879465d6fb7365b253a53f8802d4cb328d70fffaa  bind97-chroot-9.7.0-21.P2.el5_11.2.x86_64.rpm
2f4ca3bb619d4fb2a98e61d36b1a415a8f774da3ee48cdec5b36b3c2c4ae883e  bind97-devel-9.7.0-21.P2.el5_11.2.i386.rpm
415af4cc884957116f9b7111dbe75a65bdfe60fb52d9c864cb2718b04bf8711c  bind97-devel-9.7.0-21.P2.el5_11.2.x86_64.rpm
5e1cd26638a0ad32eb0e77c7bdff74283dc67eaf98d6b43883fecf1cbd8c1e8e  bind97-libs-9.7.0-21.P2.el5_11.2.i386.rpm
d8045281af26202376e42d47bed00998946e2005db418c114843da05b728bc05  bind97-libs-9.7.0-21.P2.el5_11.2.x86_64.rpm
93d966dcf44c39c8f07a3b46d74d46ae0cd57fa29d6ffab510fb0a5d1acbe7c8  bind97-utils-9.7.0-21.P2.el5_11.2.x86_64.rpm

Source:
baa5aa7d9bf6f235fdebe677c8e716c4495471bac02acec7f51b66ae7d20bdd0  bind97-9.7.0-21.P2.el5_11.2.src.rpm
NVD

CVE-2015-0732

Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0-193; Email Security Appliance (ESA) 8.5.6-113, 9.1.0-032, 9.1.1-000, and 9.6.0-000; and Content Security Management Appliance (SMA) 9.1.0-033 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug IDs CSCuu37430, CSCuu37420, CSCut71981, and CSCuv50167.

NVD

CVE-2015-4287

Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower 9000 devices allows remote attackers to bypass intended access restrictions and obtain sensitive device information by visiting an unspecified web page, aka Bug ID CSCuu82230.

NVD

CVE-2015-4288

The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Appliance (ESA) 8.5.7-042, and Content Security Management Appliance (SMA) 8.3.6-048 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka Bug IDs CSCuo29561, CSCuv40466, and CSCuv40470.

CentOS

CESA-2015:1513 Important CentOS 7 bind SecurityUpdate

CentOS Errata and Security Advisory 2015:1513 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1513.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
9c5c7ecb8477d65dbee21c713bc1682a186491a9b81885e5369fc85cf6db2ca1  bind-9.9.4-18.el7_1.3.x86_64.rpm
62eab23efa33dc6860cebfc4fa472778386c953783327068459cb832852aa470  bind-chroot-9.9.4-18.el7_1.3.x86_64.rpm
4d038f6059f4b05e0eef1d3e54ea0d30384e7184e484c7298c68de4d14a4ba34  bind-devel-9.9.4-18.el7_1.3.i686.rpm
3a6e11021ddadfecd3ae3ad6e44c9967655cbd03cbce5b3e81dec1894780bae6  bind-devel-9.9.4-18.el7_1.3.x86_64.rpm
c373ece790e2529f3712cf6b949a50560811381d1275bd4a8a395a91f1533aec  bind-libs-9.9.4-18.el7_1.3.i686.rpm
412969a1cf5a64b6e2b76f61fbd80e0b398710091cc5675c83294ec5ea60a1b9  bind-libs-9.9.4-18.el7_1.3.x86_64.rpm
5ca41fdbb73ea32acfcc9ee32ea8732090165d131970ea6cba1df926f1c3a207  bind-libs-lite-9.9.4-18.el7_1.3.i686.rpm
06fcfad4fe46cf5bb869aeeaf5d2aa39e1252ce2d98164eef25595883ee3741c  bind-libs-lite-9.9.4-18.el7_1.3.x86_64.rpm
b4bdecc323c44527ad29102062a902c61e0d49e19f90ec9a3a2c94e83cb33b7b  bind-license-9.9.4-18.el7_1.3.noarch.rpm
f3bc495f2f068075712f59bb446ff262771371b9729d946ed58e2d380655326b  bind-lite-devel-9.9.4-18.el7_1.3.i686.rpm
ba5e6f001722090f86e6d6f7c5f13a70aaa2fd83d494793da689324c2a7603d1  bind-lite-devel-9.9.4-18.el7_1.3.x86_64.rpm
091830f725b50163e503be86e4973ab95613b3cc9934a2151285305d79e3c4d0  bind-sdb-9.9.4-18.el7_1.3.x86_64.rpm
4b4bb1c576931457478a6f4864fd10c085ec5d612698650d029bb33a95919090  bind-sdb-chroot-9.9.4-18.el7_1.3.x86_64.rpm
0ec01671e720be4e5678b2ee2593668fe98d8b5db83215e94abc10b346bdd2c7  bind-utils-9.9.4-18.el7_1.3.x86_64.rpm

Source:
b0702c059ab0c337a06f36f078a2e036291bcb53fa53f6eea65a2bdc2c66b119  bind-9.9.4-18.el7_1.3.src.rpm
Security

Red Hat Security Advisory 2015-1512-01

Red Hat Security Advisory 2015-1512-01 – KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU’s IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the host’s QEMU process corresponding to the guest.

Security

Ubuntu Security Notice USN-2689-1

Ubuntu Security Notice 2689-1 – Andy Lutomirski discovered a flaw in the Linux kernel’s handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel’s keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

Security

Ubuntu Security Notice USN-2687-1

Ubuntu Security Notice 2687-1 – Andy Lutomirski discovered a flaw in the Linux kernel’s handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel’s keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.

Security

Ubuntu Security Notice USN-2688-1

Ubuntu Security Notice 2688-1 – Andy Lutomirski discovered a flaw in the Linux kernel’s handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. Colin King discovered a flaw in the add_key function of the Linux kernel’s keyring subsystem. A local user could exploit this flaw to cause a denial of service (memory exhaustion). Various other issues were also addressed.