A distributed denial-of-service (DDoS) attack puts the Greater Manchester Police website offline twice, with a Twitter user allegedly from Lithuania claiming responsibility.
CentOS Errata and Bugfix Advisory 2015:1711
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1711.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
b2b8caa64685eb9b794af4e7094790d4ea28bbc7484a935c31666998875941f9 selinux-policy-3.7.19-279.el6_7.5.noarch.rpm
4287ca6d9f81dd7a327b9acf3335e08a71375ba51aeebecc46e53eb922b96dab selinux-policy-doc-3.7.19-279.el6_7.5.noarch.rpm
3b78196c046359121b24fea8737beb67b522977b7a6adcf48fe5fa2d4ce7fcf5 selinux-policy-minimum-3.7.19-279.el6_7.5.noarch.rpm
f720c965d044a0463f5bb990074972e000a98946cf1c313f6940f1ce87a61b4f selinux-policy-mls-3.7.19-279.el6_7.5.noarch.rpm
f7fc3ee35292c21ffb4de3bf94d927fab8affd3e1de8e82fb33c6483ded0610b selinux-policy-targeted-3.7.19-279.el6_7.5.noarch.rpm
x86_64:
b2b8caa64685eb9b794af4e7094790d4ea28bbc7484a935c31666998875941f9 selinux-policy-3.7.19-279.el6_7.5.noarch.rpm
4287ca6d9f81dd7a327b9acf3335e08a71375ba51aeebecc46e53eb922b96dab selinux-policy-doc-3.7.19-279.el6_7.5.noarch.rpm
3b78196c046359121b24fea8737beb67b522977b7a6adcf48fe5fa2d4ce7fcf5 selinux-policy-minimum-3.7.19-279.el6_7.5.noarch.rpm
f720c965d044a0463f5bb990074972e000a98946cf1c313f6940f1ce87a61b4f selinux-policy-mls-3.7.19-279.el6_7.5.noarch.rpm
f7fc3ee35292c21ffb4de3bf94d927fab8affd3e1de8e82fb33c6483ded0610b selinux-policy-targeted-3.7.19-279.el6_7.5.noarch.rpm
Source:
22dece7d80867b437589f9bb5182424499320752b4461cd3e1079d00fda0c42c selinux-policy-3.7.19-279.el6_7.5.src.rpm
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allows local users to read arbitrary kernel memory via a 0x22608C ioctl call.
Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allows local users to write to arbitrary memory locations via a 0x226108 ioctl call.
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for management of processes and the Windows registry, which allows local users to obtain a privileged handle to a PID and possibly have unspecified other impact, as demonstrated by a 0x2220c8 ioctl call.
Cross-site scripting (XSS) vulnerability in the cryptography interface in Request Tracker (RT) before 4.2.12 allows remote attackers to inject arbitrary web script or HTML via a crafted public key.
The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a foreign page, which allows remote domains to cause a denial of service by leveraging permissions to map the memory of a foreign guest.