CESA-2016:0185 Important CentOS 7 kernel SecurityUpdate

CentOS Errata and Security Advisory 2016:0185 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0185.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
53d75d74dd13de9c1faaa5a3a1611770393467811aca486d4514a509d98ea5d2  kernel-3.10.0-327.10.1.el7.x86_64.rpm
17c6cf26b616493137c888c57786955affe1b85abd9b4fc3a94c076633fe02e1  kernel-abi-whitelists-3.10.0-327.10.1.el7.noarch.rpm
cebaa3165ada21be962b6ab0405a343048bb5cb70f44e6b6d799ae71d3037034  kernel-debug-3.10.0-327.10.1.el7.x86_64.rpm
6c7973d176f62a1c15b7c6f0e6a2221177cd202cfcb845dd1e412bde749c31fb  kernel-debug-devel-3.10.0-327.10.1.el7.x86_64.rpm
bb02b2fb15a5ada922b5df8b34b1d9497f0ea29440eaa21ca5cd9adb1aa55d14  kernel-devel-3.10.0-327.10.1.el7.x86_64.rpm
174690529653667dc027c8954f7e107f39b8460d4cd6036e4df4d0409466117f  kernel-doc-3.10.0-327.10.1.el7.noarch.rpm
e1d7c019f643a0a5e9dab5b7b5a67c864417090c66fd0da09ce1b342a978c0f7  kernel-headers-3.10.0-327.10.1.el7.x86_64.rpm
833e3276861ea4b0f4d85aec468c9d10e01072e28fb3003342c280f5c814d605  kernel-tools-3.10.0-327.10.1.el7.x86_64.rpm
f255e97e7baab979da5b6f1e3b2c4104e280caa84e41aead00f9cf2b0a183693  kernel-tools-libs-3.10.0-327.10.1.el7.x86_64.rpm
f2e1faca5d02a33a3bcd300b152404222ba19efca58698e922b6b0391b5aecb0  kernel-tools-libs-devel-3.10.0-327.10.1.el7.x86_64.rpm
753ee94a80e83f10432d87794478aeead8c781d9d8e0cf18a585f50f2b20ed75  perf-3.10.0-327.10.1.el7.x86_64.rpm
e54ef9d2b7c1d87468a3164a6bb8dc962e681012613f3eb1ad7e3ae319e1c35c  python-perf-3.10.0-327.10.1.el7.x86_64.rpm

Source:
a329bd12c8a2c3106d2aebe19908e2ca4b47f12a6364b37a47d9a3d5e5d2aa76  kernel-3.10.0-327.10.1.el7.src.rpm



CVE-2015-7795

Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7796, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.

CVE-2015-7796

Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7797, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.

CVE-2015-7797

Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7798, CVE-2016-1149, and CVE-2016-1150.

CVE-2015-7798

Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7795, CVE-2015-7796, CVE-2015-7797, CVE-2016-1149, and CVE-2016-1150.

CVE-2015-8484

Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152.

CVE-2015-8485

Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary posting titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8486, and CVE-2016-1152.

CVE-2015-8486

Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152.