CentOS Errata and Bugfix Advisory 2015:1595 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1595.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: bea9cf656b7e455702f1a78fe3b975470f8ddd08a3798e82765a3849cb0eb7c3 perl-Test-Warn-0.24-6.el7.noarch.rpm Source: 3d90517974a699b2b34211838d3c0a666688f3e29ae4de7a9a0d8c513a05476a perl-Test-Warn-0.24-6.el7.src.rpm
Monthly Archives: August 2015
CEBA-2015:1597 CentOS 7 perl-Test-HarnessFASTTRACK BugFix Update
CentOS Errata and Bugfix Advisory 2015:1597 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1597.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 3414c239f0b991dad77b3b6652e1a5f6c54d0931ad69fbe4286223e34c6b1a40 perl-Test-Harness-3.28-3.el7.noarch.rpm Source: eaf5fbcde0700d430249fb53f62e99b98e8918f836f6b852cc94c38044187356 perl-Test-Harness-3.28-3.el7.src.rpm
CEBA-2015:1594 CentOS 7 perl-Test-Pod-Coverage FASTTRACK BugFix Update
CentOS Errata and Bugfix Advisory 2015:1594 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1594.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: a6a0ad6e5b82f523a4ad42484442be9d44819884ca99a1d47b64c404dd3e2bca perl-Test-Pod-Coverage-1.08-21.el7.noarch.rpm Source: 9fa26cd237299d7b24f69a806ee8ee7f4eb2c2a7792fc791d9fab38e326c1ab9 perl-Test-Pod-Coverage-1.08-21.el7.src.rpm
CVE-2013-7443 (sqlite)
Buffer overflow in the skip-scan optimization in SQLite 3.8.2 allows remote attackers to cause a denial of service (crash) via a crafted SQL statements.
CVE-2015-0851 (xmltooling)
XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider (SP), does not properly handle integer conversion exceptions, which allows remote attackers to cause a denial of service (crash) via schema-invalid XML data.
CVE-2015-1331 (lxc)
lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
CVE-2015-1334 (lxc)
attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a poc filesystem with a crafted (1) AppArmor profile or (2) SELinux label.
CVE-2015-1867 (pacemaker)
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command.
CVE-2015-2058 (jabberd2)
c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID.
CVE-2015-2059 (libidn)
The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 characters in a string, which triggers an out-of-bounds read.