CentOS Errata and Bugfix Advisory 2015:1992 Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1992.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: eee95115b1e07dfd02b52d828bdacc1906ba6af563387ffd2d1c981c778460c5 kernel-2.6.32-573.8.1.el6.i686.rpm b4991c5730872965602f700038c3716c23cc66348ab777ee572d7102b69445e3 kernel-abi-whitelists-2.6.32-573.8.1.el6.noarch.rpm be443edac80174bc06a7dd22810da4a6f8d0f0a4b6a61d83df879b7474b1f576 kernel-debug-2.6.32-573.8.1.el6.i686.rpm 59e7b6cfe030cc40ac7e07ef97eb6b6c09a1f62fcddd1c9c16c90244968be127 kernel-debug-devel-2.6.32-573.8.1.el6.i686.rpm 6958ae6d2d365c9c1b867cb896c82fea854ad53e22b0a1e863ac712b0b36424a kernel-devel-2.6.32-573.8.1.el6.i686.rpm 272e0f10cbbf99fba9fac54f3ad3d38c15b576782f9057bf227ab5d96d04fe8d kernel-doc-2.6.32-573.8.1.el6.noarch.rpm 2d48181c0697183dda331b80e621294b6ed87faa92d0ff7fe852ddacbed62b58 kernel-firmware-2.6.32-573.8.1.el6.noarch.rpm 66544ca94ae72f1458695480922b74eb1d153328254939ff3e85cc492bc54c05 kernel-headers-2.6.32-573.8.1.el6.i686.rpm 3a0f8eda1e635538e919ca1207c51cd45b9efdd45e4d45b31a3aec3765e98c1e perf-2.6.32-573.8.1.el6.i686.rpm f36a1f3f349f62ef316071c49ee397e769b42284326d17cabf180398f326d0c5 python-perf-2.6.32-573.8.1.el6.i686.rpm x86_64: 4b2bc7742aba49bc4e576ea2a86a79a4140e34791d1e7e31d9346454395052b4 kernel-2.6.32-573.8.1.el6.x86_64.rpm b4991c5730872965602f700038c3716c23cc66348ab777ee572d7102b69445e3 kernel-abi-whitelists-2.6.32-573.8.1.el6.noarch.rpm 6f55a7bf8de6dddd097e27f89f1a80cc955d899903eeb850eaffba47c7004c0b kernel-debug-2.6.32-573.8.1.el6.x86_64.rpm 59e7b6cfe030cc40ac7e07ef97eb6b6c09a1f62fcddd1c9c16c90244968be127 kernel-debug-devel-2.6.32-573.8.1.el6.i686.rpm 6b9a479923bb6bd940526a45791b1488ab21a10e03364a39dbd8b138c165cfa4 kernel-debug-devel-2.6.32-573.8.1.el6.x86_64.rpm 8ef51c675f89d88e59ac917ceb70061222e76e802737a5f875e98698a4985e4e kernel-devel-2.6.32-573.8.1.el6.x86_64.rpm 272e0f10cbbf99fba9fac54f3ad3d38c15b576782f9057bf227ab5d96d04fe8d kernel-doc-2.6.32-573.8.1.el6.noarch.rpm 2d48181c0697183dda331b80e621294b6ed87faa92d0ff7fe852ddacbed62b58 kernel-firmware-2.6.32-573.8.1.el6.noarch.rpm 7620087539b341a9b42a3cb5e27368506dee304756012748c417b10989ac7325 kernel-headers-2.6.32-573.8.1.el6.x86_64.rpm 95337897c3f3e2061b6aa4dfb68e595fb43e08c45995aaee17be3fd7ce661853 perf-2.6.32-573.8.1.el6.x86_64.rpm 70d1661315cf3d7413de494b8c6fef24b960fd7faf044ffb863a47f702dd9851 python-perf-2.6.32-573.8.1.el6.x86_64.rpm Source: 5459866f5dd62bdee3d90044295063e39da53cda5f53afdaad9b928148d54e5e kernel-2.6.32-573.8.1.el6.src.rpm
Monthly Archives: November 2015
Oracle Security Alert for CVE-2015-4852 – 10 November 2015
Ubuntu Security Notice USN-2805-1
Ubuntu Security Notice 2805-1 – Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.
Ubuntu Security Notice USN-2806-1
Ubuntu Security Notice 2806-1 – Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.
Debian Security Advisory 3386-2
Debian Linux Security Advisory 3386-2 – The update for unzip issued as DSA-3386-1 introduced a regression when extracting 0-byte files. Updated packages are now available to address this regression.
Debian Security Advisory 3396-1
Debian Linux Security Advisory 3396-1 – Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service.
CVE-2015-4551
LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow remote attackers to obtain sensitive information via a crafted document, which embeds data from local files into (1) Calc or (2) Writer.
CVE-2015-5212
Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting “Load printer settings with the document” is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.
CVE-2015-5213
Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.
CVE-2015-5214
LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.