Monthly Archives: January 2016

Security

Red Hat Security Advisory 2016-0062-01

Red Hat Security Advisory 2016-0062-01 – Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.

CentOS

CESA-2016:0050 Important CentOS 6java-1.8.0-openjdk Security Update

CentOS Errata and Security Advisory 2016:0050 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0050.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
47b53df7e7686445917d6fa73347f7b2a9ecdc367a7ef4310a195db863e07605  java-1.8.0-openjdk-1.8.0.71-1.b15.el6_7.i686.rpm
870e54d67858bd6cb473c2b6f3f02df983e86aac76672ae866d87cd68d2cd620  java-1.8.0-openjdk-debug-1.8.0.71-1.b15.el6_7.i686.rpm
593a96913506264ac728a7c25c4df9f951a228379875a2d150ca31612867d979  java-1.8.0-openjdk-demo-1.8.0.71-1.b15.el6_7.i686.rpm
5a63b9a303d8422dfcd29918239aa861d13157e73355435470fc89822e476786  java-1.8.0-openjdk-demo-debug-1.8.0.71-1.b15.el6_7.i686.rpm
773f1218e7be4ec4dbcd1f07cd504fb86eee9e33fff1d378126b1132a80d44f9  java-1.8.0-openjdk-devel-1.8.0.71-1.b15.el6_7.i686.rpm
a06276ec78d8620e9070bdd2bea350da675bdb53b825021b8eb83e668b12b266  java-1.8.0-openjdk-devel-debug-1.8.0.71-1.b15.el6_7.i686.rpm
201775357a1744277ecd0a15dd8ad2efc01600829459d1721eba4eda2c3d5192  java-1.8.0-openjdk-headless-1.8.0.71-1.b15.el6_7.i686.rpm
552bf64c3faeeecf9a535058f6d9b6125ea776443f6933fad3c2bae4ae844198  java-1.8.0-openjdk-headless-debug-1.8.0.71-1.b15.el6_7.i686.rpm
2cc63c950232a52e2af986de282810ca877b5d1c1ba731bdfbbb29da8364ee94  java-1.8.0-openjdk-javadoc-1.8.0.71-1.b15.el6_7.noarch.rpm
3437cfdbe9de045e1fb93a972050c8c085f4a7c11cc5a28dbb49d91ef3b3e12a  java-1.8.0-openjdk-javadoc-debug-1.8.0.71-1.b15.el6_7.noarch.rpm
fe32babcde4bc7a81099ed84c8afd5a554b58dedf4d48328a7bc8fa98b1bdbd1  java-1.8.0-openjdk-src-1.8.0.71-1.b15.el6_7.i686.rpm
93b30f6466817116aba80e5a5560557206c26b83121530f87db3c338f03c5f47  java-1.8.0-openjdk-src-debug-1.8.0.71-1.b15.el6_7.i686.rpm

x86_64:
96588bd153d0d1329a323133875ebbb0d5e967fb28965aa3125684f26b0cc043  java-1.8.0-openjdk-1.8.0.71-1.b15.el6_7.x86_64.rpm
627356e6e6f5bbb3ca1d5d6a507a1effc1025b12b61873ca1c357c26a8a43efc  java-1.8.0-openjdk-debug-1.8.0.71-1.b15.el6_7.x86_64.rpm
5ac2c57a63695698340ec5cdb89480276e2e6269c932a688d35f602c65c7868c  java-1.8.0-openjdk-demo-1.8.0.71-1.b15.el6_7.x86_64.rpm
babd40e500c64ffee910ab63415a1cb25aadbbdbfb7b707e9409150518dae9f5  java-1.8.0-openjdk-demo-debug-1.8.0.71-1.b15.el6_7.x86_64.rpm
483aea0f4864308627a2b395815d7c3f1a2989fb5059db0f12bec3d265a20a4e  java-1.8.0-openjdk-devel-1.8.0.71-1.b15.el6_7.x86_64.rpm
83387eb090989234c8ad3e9ffe184fab4925ae12b04760cedf0e8aa20d819b55  java-1.8.0-openjdk-devel-debug-1.8.0.71-1.b15.el6_7.x86_64.rpm
e0501f0f22a7735b904a6d162f450ef77bc1d735d0f4f119f501c242a684ce06  java-1.8.0-openjdk-headless-1.8.0.71-1.b15.el6_7.x86_64.rpm
31f01911434c0fe843111162b7ac6c87b4e11f5c3f110dc9e0efbd6b9154e947  java-1.8.0-openjdk-headless-debug-1.8.0.71-1.b15.el6_7.x86_64.rpm
2cc63c950232a52e2af986de282810ca877b5d1c1ba731bdfbbb29da8364ee94  java-1.8.0-openjdk-javadoc-1.8.0.71-1.b15.el6_7.noarch.rpm
3437cfdbe9de045e1fb93a972050c8c085f4a7c11cc5a28dbb49d91ef3b3e12a  java-1.8.0-openjdk-javadoc-debug-1.8.0.71-1.b15.el6_7.noarch.rpm
3169c0afbcc6999f1f9fda2a07d9c146c3161fa190dbe084d1b640056dcd92a1  java-1.8.0-openjdk-src-1.8.0.71-1.b15.el6_7.x86_64.rpm
2b02726d886cd3abedfd73f9cb6ff9e03cd0b576275b3cbcb82ab7e4fe27317b  java-1.8.0-openjdk-src-debug-1.8.0.71-1.b15.el6_7.x86_64.rpm

Source:
00f2a32ac01877cde580b25cde11c7096fc4ffd0137ae7a0a9d74febee7efa2c  java-1.8.0-openjdk-1.8.0.71-1.b15.el6_7.src.rpm
CentOS

CESA-2016:0053 Critical CentOS 6java-1.7.0-openjdk Security Update

CentOS Errata and Security Advisory 2016:0053 Critical

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0053.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
ba07b9873ad020637ad87fa5461567c30824d1d47a5c730dcb4ddfc2b7b0e621  java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.i686.rpm
48053b4ee1c3f92ce571a802f5c62dfb82f1b54b44cfd3d1275ad315fceb23a2  java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.i686.rpm
81bc06f8710916fce5322b4277c68d322941530c98fe75c8d9eb4e879495736d  java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.i686.rpm
cfa68369b2407adba901e08208a678cb5def76b13d75fc9cbfccc0dfd41e6d9c  java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
f7db8743e5fdc82080d98c1f83c2bb649973a02ae2f44cf6db3a8bf95806a11a  java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.i686.rpm

x86_64:
1fb2b15249e687bdae09a788812b392140253b5efe9441db413f167e35bce35c  java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
2ecb8b09b37816c7c951f826ae0c407fa186a10a256cc15dc43cce2dc343d08e  java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
87df6c92b692cd8c4f69b4f2ae9622a042b3cc543f01d94c56690253fc2e881f  java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm
cfa68369b2407adba901e08208a678cb5def76b13d75fc9cbfccc0dfd41e6d9c  java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpm
a5f528018c13fdca3618156d2be105341809d757240553664ae95b642a3cd647  java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.x86_64.rpm

Source:
1fea81b61588824cde87bd7105926d5afbee266662a1bf0b4050ec3a6dfcca8a  java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.src.rpm
CentOS

CESA-2016:0054 Important CentOS 7java-1.7.0-openjdk Security Update

CentOS Errata and Security Advisory 2016:0054 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0054.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
34a083e03bede53b2c21a92a78f8ef5ebb8d4d90d6515964ea033520377da29c  java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el7_2.x86_64.rpm
129b9fc953071ee3b8d02be5fcb756e4b28705e7ee4c83719b8df8ff285cdb00  java-1.7.0-openjdk-accessibility-1.7.0.95-2.6.4.0.el7_2.x86_64.rpm
9e30915fbf9ee99956cf622efea09df4276d11eeabd8c35a038657b2b334582f  java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el7_2.x86_64.rpm
6f4f42c2c075d969943990acb12ec636b56b8836dc60364099c19c00efba98f7  java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el7_2.x86_64.rpm
aa9d7936c73e38effed04a9a13e94cec5daf1182e5e7dce165f77e72c17448c0  java-1.7.0-openjdk-headless-1.7.0.95-2.6.4.0.el7_2.x86_64.rpm
78e6b544f654077c49b150173a3083a3a23eeab606314b9bf97264e6e9483d42  java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el7_2.noarch.rpm
69b41483f492ffaacd178fe8f73af892181ef0624dfffddb2ba456ef9cc03232  java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el7_2.x86_64.rpm

Source:
8274517116950f9c43aa7778034f8e24a9898641f9634c6799872d6a87065e70  java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el7_2.src.rpm
CentOS

CESA-2016:0049 Critical CentOS 7java-1.8.0-openjdk Security Update

CentOS Errata and Security Advisory 2016:0049 Critical

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0049.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
ce972ee5146c1601bd4e80cc7f233935d91a6561eae2c6646e23fa901e8803e2  java-1.8.0-openjdk-1.8.0.71-2.b15.el7_2.x86_64.rpm
231d337b267173e8a97b639e1decd8fd3c363dca5b7e99d0431e1132b2b79ab3  java-1.8.0-openjdk-accessibility-1.8.0.71-2.b15.el7_2.x86_64.rpm
da7363c0e8de3f8029fd0b53c6d9360e5329c00bbb49fba45250e36fd90b3343  java-1.8.0-openjdk-accessibility-debug-1.8.0.71-2.b15.el7_2.x86_64.rpm
98bd270515a7c1aafad7eb97903d03c222bb20a313396def8b5e0707b280feaa  java-1.8.0-openjdk-debug-1.8.0.71-2.b15.el7_2.x86_64.rpm
cdea29711a04ec7cbdde298f32f0e9797322b57a0bd27347f941b59187246932  java-1.8.0-openjdk-demo-1.8.0.71-2.b15.el7_2.x86_64.rpm
08d660cc791cf5774ff85f4898f1e07c1478f9432b9df92db2c99ea983fef652  java-1.8.0-openjdk-demo-debug-1.8.0.71-2.b15.el7_2.x86_64.rpm
28a1a1670ec397215ae6d086921433e848fd6afdf3b151c3f9c22b65da3750c0  java-1.8.0-openjdk-devel-1.8.0.71-2.b15.el7_2.x86_64.rpm
4390bc07cdbd221b9660f6234d6a5a31266763266b0235ecebdb00280e825f29  java-1.8.0-openjdk-devel-debug-1.8.0.71-2.b15.el7_2.x86_64.rpm
695fa0a9f4dd4c5355cd9d6fe6ad3fbcd72a37f827fe04391b4ad2b26e13eb03  java-1.8.0-openjdk-headless-1.8.0.71-2.b15.el7_2.x86_64.rpm
2b3511bd9252d1a35c8487619477676fa4f407efc0714a99521be7782e1c67a5  java-1.8.0-openjdk-headless-debug-1.8.0.71-2.b15.el7_2.x86_64.rpm
5027f41974391053607acdca9acf710f69404acdfacc503ff27c57f3e422e67d  java-1.8.0-openjdk-javadoc-1.8.0.71-2.b15.el7_2.noarch.rpm
9f36232b55a394ac03320db4b967818d2c9bf8c2f625880db5ba0c2d8e8b4862  java-1.8.0-openjdk-javadoc-debug-1.8.0.71-2.b15.el7_2.noarch.rpm
47b026a2dff15ec605adae0f006cf38315119bc8d958cd06fa372286f944253a  java-1.8.0-openjdk-src-1.8.0.71-2.b15.el7_2.x86_64.rpm
2eccd02abf028db63f02189ad0612456f350442199ac954f32f35aaa203ce52f  java-1.8.0-openjdk-src-debug-1.8.0.71-2.b15.el7_2.x86_64.rpm

Source:
4c3401804b87f95607cbbe70d70a11b51c8317418c508e2edd19d8d3cc73c851  java-1.8.0-openjdk-1.8.0.71-2.b15.el7_2.src.rpm
Security

OpenDNSSEC 1.4.9

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Security

Red Hat Security Advisory 2016-0061-01

Red Hat Security Advisory 2016-0061-01 – Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks.