Monthly Archives: November 2015
Ubuntu Security Notice USN-2789-1
Ubuntu Security Notice 2789-1 – It was discovered that XScreenSaver incorrectly handled unplugging an external monitor. An attacker with physical access could use this flaw to gain access to a locked session.
Red Hat Security Advisory 2015-1976-01
Red Hat Security Advisory 2015-1976-01 – The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel’s VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system.
Red Hat Security Advisory 2015-1978-01
Red Hat Security Advisory 2015-1978-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel’s VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. A buffer overflow flaw was found in the way the Linux kernel’s virtio-net subsystem handled certain fraglists when the GRO functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system.
Red Hat Security Advisory 2015-1977-01
Red Hat Security Advisory 2015-1977-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel’s VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. A buffer overflow flaw was found in the way the Linux kernel’s virtio-net subsystem handled certain fraglists when the GRO functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system.
DSA-3392 freeimage – security update
Pengsu Cheng discovered that FreeImage, a library for graphic image
formats, contained multiple integer underflows that could lead to a
denial of service: remote attackers were able to trigger a crash by
supplying a specially crafted image.
DSA-3393 iceweasel – security update
Multiple security issues have been found in Iceweasel, Debian’s version
of the Mozilla Firefox web browser: Multiple memory safety errors,
integer overflows, buffer overflows and other implementation errors may
lead to the execution of arbitrary code, information disclosure or
denial of service.
CEBA-2015:1966 CentOS 7 device-mapper-multipathBugFix Update
CentOS Errata and Bugfix Advisory 2015:1966 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1966.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 851aefecffa12b75f4ddf7819179ce9b9b6f46a3080d303ec788d710aaab34b1 device-mapper-multipath-0.4.9-77.el7_1.2.x86_64.rpm 3e8e35fcd99b00255bf50b8e160335257a0d01fc38fa11d3970a33a0d6fafbf8 device-mapper-multipath-libs-0.4.9-77.el7_1.2.i686.rpm 3dff2605283657b53dd892987f5b3ab99382b0d6cf65f7cb0155329c00e92b2d device-mapper-multipath-libs-0.4.9-77.el7_1.2.x86_64.rpm db8efbeba9d7bd7a1d25f7870765428d50c34afabf37559d2878fe1162711ebf device-mapper-multipath-sysvinit-0.4.9-77.el7_1.2.x86_64.rpm bfb524225595e3393ebae392d65d92137deae605cb3c39d329c1cff20f1d79b2 kpartx-0.4.9-77.el7_1.2.x86_64.rpm Source: 2b7ba42c4714c2fd608b57bdf0fc0d4313ea4dd281bc5b1408a6c54ad22555d9 device-mapper-multipath-0.4.9-77.el7_1.2.src.rpm
CEBA-2015:1969 CentOS 7 libvirt BugFix Update
CentOS Errata and Bugfix Advisory 2015:1969 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1969.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 8eaf9d803b4e68358a0aec30d9dca70d02e10cce00aef220cb6dd40ba55743ac libvirt-1.2.8-16.el7_1.5.x86_64.rpm 90957340a5572d03e94e6302460c3e3dfa382ae9ea7a61fccb5dc7b63d377e87 libvirt-client-1.2.8-16.el7_1.5.i686.rpm ddb0e714cab158f75719952cfca68b0424bedea95f1032c9e4ac418dccf3d284 libvirt-client-1.2.8-16.el7_1.5.x86_64.rpm 490f9b4d77f8da1f700b49afa845e3616542f0f49696ea68702fafb9050cc316 libvirt-daemon-1.2.8-16.el7_1.5.x86_64.rpm 9208c44496f8f2b4dc456992a38237ff0dcf6286dc8f5960eef14ce9f4d170f5 libvirt-daemon-config-network-1.2.8-16.el7_1.5.x86_64.rpm 3be53e0f6d1e434b29c999570005450df1879ca3aa6a20619b792dbdcb166ae8 libvirt-daemon-config-nwfilter-1.2.8-16.el7_1.5.x86_64.rpm 39e9a397e651962236eb50b6ba2c9df50becaff86763f0f9363ba42b01be38d3 libvirt-daemon-driver-interface-1.2.8-16.el7_1.5.x86_64.rpm cb2a60202efd58ad703d4f97e1b266979e4f3f9616aee589c8af0a466119431c libvirt-daemon-driver-lxc-1.2.8-16.el7_1.5.x86_64.rpm 22cc65d6448e728afee2d49377c87663c3969fa6540d32c731e7cc586a0635a2 libvirt-daemon-driver-network-1.2.8-16.el7_1.5.x86_64.rpm 8d5415ee4d9fa424c7e71cffdd7fc04b9550dee140821bd5552fb6095b7ce68d libvirt-daemon-driver-nodedev-1.2.8-16.el7_1.5.x86_64.rpm deabffffcabe722372c4c79c3d31d54b66aad5d39415133349f48c22c7cabed5 libvirt-daemon-driver-nwfilter-1.2.8-16.el7_1.5.x86_64.rpm e63405ca5ea023da7394ec0d24310529e5562b5cf18fbde6e58a9eee53f3d6c9 libvirt-daemon-driver-qemu-1.2.8-16.el7_1.5.x86_64.rpm ca7a81bccef72dce17b594ab900a5a274e5c811b58fa90c459442cdda97c9a86 libvirt-daemon-driver-secret-1.2.8-16.el7_1.5.x86_64.rpm df8668dcc5f07815130abe1ae94cababd9861e17d79cf399668cc3d9dbddb292 libvirt-daemon-driver-storage-1.2.8-16.el7_1.5.x86_64.rpm 6a5b5e6e75bd60ccd43de5f39c0221837bc1f492503e4d3fac055619a970fdca libvirt-daemon-kvm-1.2.8-16.el7_1.5.x86_64.rpm 38f19be2324805c2b179c6385880dd2e9505915775c22ce3c203b7ea96302fe0 libvirt-daemon-lxc-1.2.8-16.el7_1.5.x86_64.rpm 19159c5a963662b15b01aa12575cf42d86be8e103571a7fab8b81ba91c4dbc4d libvirt-devel-1.2.8-16.el7_1.5.i686.rpm 17c3f2471bf6cca37fac6b9817c5a1a348b5bd38a3e9cc8e6920d93a6539d54d libvirt-devel-1.2.8-16.el7_1.5.x86_64.rpm 2f051f4f3c0e1f732ce2bc0ddb01f1b3de81c9f43ad5a86f3ef47f427e46bead libvirt-docs-1.2.8-16.el7_1.5.x86_64.rpm 772b03e67418a20c4659a88187153c88ba573fbc8a3018d5546ec0c297614a76 libvirt-lock-sanlock-1.2.8-16.el7_1.5.x86_64.rpm 1f6d0848ba575734533f8b5a891cb1a6a1223c73486bef5823921823f9f00931 libvirt-login-shell-1.2.8-16.el7_1.5.x86_64.rpm Source: 249ed0b80fe3eacda30aea45c3cd206b61a4563e70d64e6cd2247050513783f7 libvirt-1.2.8-16.el7_1.5.src.rpm
CESA-2015:1979 Moderate CentOS 7 libreswanSecurity Update
CentOS Errata and Security Advisory 2015:1979 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1979.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 02644e9cdc5ff1ee3935c7c7fba7c0ad3f65cfba22be5ad4e5005faf81d9c0fe libreswan-3.15-5.el7_1.x86_64.rpm Source: 3d7890ed308428c28cb7f78f4ccb97a5e273c56ba46f4145b78fc6034b062b95 libreswan-3.15-5.el7_1.src.rpm