Monthly Archives: July 2015

Fedora

Fedora EPEL 6 Security Update: wordpress-4.2.3-1.el6

Resolved Bugs
1246396 – CVE-2015-5622 CVE-2015-5623 wordpress: cross-site scripting and permission issue fixed in
1246399 – CVE-2015-5622 CVE-2015-5623 wordpress: cross-site scripting and permission issue fixed in [epel-all]<br
**WordPress 4.2.3 Security and Maintenance Release**
WordPress 4.2.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.2.2 and earlier are affected by a cross-site scripting vulnerability, which could allow users with the Contributor or Author role to compromise a site. This was initially reported by Jon Cave and fixed by Robert Chapin, both of the WordPress security team, and later reported by Jouko Pynnönen.
We also fixed an issue where it was possible for a user with Subscriber permissions to create a draft through Quick Draft. Reported by Netanel Rubin from Check Point Software Technologies.
Our thanks to those who have practiced responsible disclosure of security issues.
WordPress 4.2.3 also contains fixes for 20 bugs from 4.2. For more information, see:
* the release notes: https://codex.wordpress.org/Version_4.2.3
* the list of changes: https://core.trac.wordpress.org/log/branches/4.2?rev=33382&stop_rev=32430

US-CERT

Fiat Chrysler Automobiles (FCA) Uconnect Vulnerability

Original release date: July 27, 2015

A vulnerability affecting the Uconnect software from FCA has been reported. Exploitation of this vulnerability may allow an unauthorized user to take remote control of an affected vehicle, but the attack requires access to Sprint’s cellular network, which connects FCA vehicles to the Internet. Sprint has blocked the port used for attacks. FCA and the National Highway Transportation Safety Administration (NHTSA) have also initiated a safety recall for all potentially affected Chrysler, Dodge, Jeep, and Ram models. See the NHTSA recall announcement for a complete list.

US-CERT recommends that users review ICS Alert 15-203-01 and Vulnerability Note VU#819439 for more information. Uconnect users are encouraged to review the NHTSA recall announcement and apply the software update.

This product is provided subject to this Notification and this Privacy & Use policy.

Avast

Free software and services your start-up can use

Get your small business up and running with free software.

Getting a new business off the ground is not an easy task and can be quite costly, but there are a lot of free software and services available online that your new or small business can use as an alternative to paid-for products.

Here is a list (in alphabetical order, so no favorites ;-) ) of some you will find useful:

Avast for BusinessAvast for Business – cloud-managed security

Avast not only provides consumers with free security, but we also provide small and medium sized businesses with free cloud-managed protection. Avast for Business is easy to install and can be managed from anywhere and at anytime.

Facebook Page – alternative to building your own website   
If you’re a restaurant owner or a small boutique you could also, either in addition to or instead of hosting your own website, create a Facebook page for your business. You won’t be able to sell items online, but you can add your business’ address and directions, opening hours, a description of your business and post images and status updates to inform your customers of new items on your menu or of new items available for sale in your store.

Fundera_LogoFundera – loans for your business
Fundera is a free service that offers you loan options and lets you choose the one best suited for your small business. All you need to do is fill out a short questionnaire and then you are presented with loan products, lenders and rates and can apply to the lenders that fit you best with only one application.

Hootsuite – social media manager
Using social media is a great way to get the word out about your budding business, and a social media manager is, therefore, very helpful to keep track of your sites and their effectiveness. Hootsuite offers a free starter package where you can add three social media platforms, get basic analytics reports and schedule posts.

weeblyJimdo and Weebly – (subdomain) website hosting
Jimdo and Weebly are both web hosting services that offer free starter packages when you create a website using their subdomain. With Jimdo’s free package you get 500MB of storage space, one password-protected area and mobile versions of your site. Weebly offers unlimited pages and a drag and drop builder. Both services offer the possibility to sell up to five items for free in case you want to use your site for ecommerce. Checkout services are also included for free.

Opeopenchart 1nCart – shopping cart solution
OpenCart is a free and open source shopping cart solution. All you need to do is install OpenCart, select your theme, add your products and you are ready to start selling your products on your website!

OpeopenofficenOffice – office suite
Apache OpenOffice is a great alternative to Microsoft’s Office Suite. OpenOffice is an open source office suite that includes essentials like a Word processor, spreadsheet, multimedia, graphics, database and math software. Best of all, OpenOffice is license-free and can be installed on as many computers as your business needs!

Orange HRM – human resource management software
Orange HRM is a free and open source software for human resource management. It is a full-featured HR management system offering various modules such as system administration, personnel information management, and recruitment.

Producteev – task manager
Producteev is a task manager that offers unlimited users, projects and tasks in its free version so you can ensure that you and your team stay on top of the most important to-dos to get your business up and running!

Suite CRM – customer relationship management
Suite CRM is free, open source software for customer relationship management. It’s based on Sugar CRM and comparable to Salesforce. It gives you a full overview, including products, quotes, contracts, projects, reporting, teams, workflow and much more.

wave-media-logoWave – accounting tools
Wave offers cloud-based invoicing, accounting, payroll and payments for free for businesses with 9 people or less. They finance their services by connecting small business owners with vendors of products and services that offer discounts to Wave users.

Nearly all of the above mentioned products also offer premium services your business can take advantage of as it grows. For now, we wish your business the best of luck and hope this list of free software helps your business. :-)

CentOS

CESA-2015:1507 Important CentOS 7 qemu-kvmSecurity Update

CentOS Errata and Security Advisory 2015:1507 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1507.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
861d13528a31a1114727af715fee344d97163bd393928f76f51998e3f95360af  libcacard-1.5.3-86.el7_1.5.i686.rpm
4dcf8e78916bf67ffad805b0dfcc4825bb74c88e5ee1dba3fa28a5944109fc08  libcacard-1.5.3-86.el7_1.5.x86_64.rpm
816d598531dccf3ad9d79ad5ec3af15299b9dd9edf2edbdf6935518ddf34eb99  libcacard-devel-1.5.3-86.el7_1.5.i686.rpm
73f02219eb9cc9e4fa2f5e3a0fad38dbb93834fd66f70c18e68ab4736b3fb849  libcacard-devel-1.5.3-86.el7_1.5.x86_64.rpm
d7861e184d938cb03a0ffbbbc8ba4c204504463faccea5acce1629331c85b64a  libcacard-tools-1.5.3-86.el7_1.5.x86_64.rpm
4d4519f0482f828a0629daa35df2feb77a2753a12bcddf0bf56f8629f6faf466  qemu-img-1.5.3-86.el7_1.5.x86_64.rpm
2f5804453c5cc56665f76dcae66d24438f09a95ecebca811521a03be09f97287  qemu-kvm-1.5.3-86.el7_1.5.x86_64.rpm
47b2fa087ce0b0ce1e35ed226a55b3b1dfe9d339acd12a5243f080d010e1622c  qemu-kvm-common-1.5.3-86.el7_1.5.x86_64.rpm
c347022a36db3f9a7a62d6a630628672f3091a15798d404501d92b4cf2d7c1db  qemu-kvm-tools-1.5.3-86.el7_1.5.x86_64.rpm

Source:
41c44588a8ea4cfb0183447609fac4ce5219192508cb37fcc0a8f816dd50809d  qemu-kvm-1.5.3-86.el7_1.5.src.rpm