Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs support in x86 PV guests, which allows local PV guest users to cause a denial of service (guest OS crash) by attempting to access a hugetlbfs mapped area.
Monthly Archives: April 2016
CEBA-2016:0633 CentOS 7 resource-agents BugFixUpdate
CentOS Errata and Bugfix Advisory 2016:0633 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-0633.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: b3c936a6b2ba34c715c83974124c2bcb3a29e5a118a623ac139d861dec66cf3f resource-agents-3.9.5-54.el7_2.9.x86_64.rpm Source: f7cda24a2690fb85e8db6c4b537b1e8b29378146bdc42e6808cfb64bd65662f1 resource-agents-3.9.5-54.el7_2.9.src.rpm
CEEA-2016:0635 CentOS 6 selinux-policyEnhancement Update
CentOS Errata and Enhancement Advisory 2016:0635 Upstream details at : https://rhn.redhat.com/errata/RHEA-2016-0635.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 3fbac3612a01fa5da4efee31ece5c4c433c199f1343f230ff43b976475b580de selinux-policy-3.7.19-279.el6_7.9.noarch.rpm 07d2c2b39a405b9a3c111dec9fd535a356a6591157efe6af532260d2d00d2ee1 selinux-policy-doc-3.7.19-279.el6_7.9.noarch.rpm 34856eefb25e5966b1a3f5522a3a28f596b2224468abd3d112a6822a4b7c83ef selinux-policy-minimum-3.7.19-279.el6_7.9.noarch.rpm b7e85fb3d13518baff2fba1133fc80b1a0dfd8acb425abdea7af2b81f72623ba selinux-policy-mls-3.7.19-279.el6_7.9.noarch.rpm 352c2893984dbed8aebbdb8a1709002522568c97da38eaae0148c36454ad43e0 selinux-policy-targeted-3.7.19-279.el6_7.9.noarch.rpm x86_64: 3fbac3612a01fa5da4efee31ece5c4c433c199f1343f230ff43b976475b580de selinux-policy-3.7.19-279.el6_7.9.noarch.rpm 07d2c2b39a405b9a3c111dec9fd535a356a6591157efe6af532260d2d00d2ee1 selinux-policy-doc-3.7.19-279.el6_7.9.noarch.rpm 34856eefb25e5966b1a3f5522a3a28f596b2224468abd3d112a6822a4b7c83ef selinux-policy-minimum-3.7.19-279.el6_7.9.noarch.rpm b7e85fb3d13518baff2fba1133fc80b1a0dfd8acb425abdea7af2b81f72623ba selinux-policy-mls-3.7.19-279.el6_7.9.noarch.rpm 352c2893984dbed8aebbdb8a1709002522568c97da38eaae0148c36454ad43e0 selinux-policy-targeted-3.7.19-279.el6_7.9.noarch.rpm Source: 776a0e146093111a91ebde12412d2bd8f55884ff80b90ab6b048fe083b5919f3 selinux-policy-3.7.19-279.el6_7.9.src.rpm
CEBA-2016:0634 CentOS 7 fence-agents BugFix Update
CentOS Errata and Bugfix Advisory 2016:0634 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-0634.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 20830edd1a6f9c3e8e494c225d76fd8fd0f5ff806481dcdded56815cf57942af fence-agents-all-4.0.11-27.el7_2.7.x86_64.rpm 20955043af6f89b48bc8b1a77541527712a10e02127a4b4da520043753466173 fence-agents-apc-4.0.11-27.el7_2.7.x86_64.rpm 669bb03c1aabfc3e3b5153b87b09f936f7159343f08e5cea6f7c2cb49c866031 fence-agents-apc-snmp-4.0.11-27.el7_2.7.x86_64.rpm 239ec501b48789996d311aeea97c653f905b367aae9c35a24ad34607dcd25751 fence-agents-bladecenter-4.0.11-27.el7_2.7.x86_64.rpm 3e0c1d0ad979686d2a451798ea196f3e0d5ef2a3dcad9f40608f85b073a2228b fence-agents-brocade-4.0.11-27.el7_2.7.x86_64.rpm e19f05b16e4bde45256851b69fc485b5b0143b992845d25efdd8b7dc7c0b0f2c fence-agents-cisco-mds-4.0.11-27.el7_2.7.x86_64.rpm e9fa61989e6f6e14c192c5bd2e00fd86d68ea0c30c7c56e4603ad2a8a859929a fence-agents-cisco-ucs-4.0.11-27.el7_2.7.x86_64.rpm 52f30047fbcef6db3b35d7873da0e7653fae550ccebb9464c2f06165cfb1f674 fence-agents-common-4.0.11-27.el7_2.7.x86_64.rpm baf36697fd5187874f6a08654edd6a056b53d74ad8215b6abafa1e967f43cfe4 fence-agents-compute-4.0.11-27.el7_2.7.x86_64.rpm c29f062d2e173e84fd72c20ad049ba3cb0b404452bdfbea6f45d959f0092eb7b fence-agents-drac5-4.0.11-27.el7_2.7.x86_64.rpm 9f8991e5dc63a61d72cead2313dcb6b6be1276123582c712aeda058c3fc454ba fence-agents-eaton-snmp-4.0.11-27.el7_2.7.x86_64.rpm 82f1201aa7a887a4cc51d949d7e9d07c81a6a2b97e274c469bf9e1a0c8307270 fence-agents-emerson-4.0.11-27.el7_2.7.x86_64.rpm b80f0c63444195fc81a99bbb4098c1ee4de0593e417fa56bfe77e88ad5aac746 fence-agents-eps-4.0.11-27.el7_2.7.x86_64.rpm a9cb96dc233aa3bc8eeefcb07512c0ccfd330dad00a432d193bc17b964728b16 fence-agents-hpblade-4.0.11-27.el7_2.7.x86_64.rpm 226733ea504cb21b6f3d3e3a87c64716917d56e4a7780d15c3a57e28205233f1 fence-agents-ibmblade-4.0.11-27.el7_2.7.x86_64.rpm a3e4d0f21ad950349cf1d76ee76fcd46d00dc4568d2810b05434655414716ba5 fence-agents-ifmib-4.0.11-27.el7_2.7.x86_64.rpm c990735054893dd62145b33bf156b4f61684cd1c722e2e5b663e9b8851e8349d fence-agents-ilo2-4.0.11-27.el7_2.7.x86_64.rpm e3fe37a21707b1d5157d4efc7c23c3ed7acb4799fb4d09e46274118bd2963c46 fence-agents-ilo-moonshot-4.0.11-27.el7_2.7.x86_64.rpm 37a88a558c0fc6eed270470b14e9c4b262a4fcc32e1f41edfcba1071f2980c68 fence-agents-ilo-mp-4.0.11-27.el7_2.7.x86_64.rpm fb6aed754f2de3b674dd746db52894776aaf63bf0603e7dd2a8e2e17661a8fb2 fence-agents-ilo-ssh-4.0.11-27.el7_2.7.x86_64.rpm 261365fd9ae2a80685cc3b6411745feba6b154d381ebb202ae87dc54b0f41071 fence-agents-intelmodular-4.0.11-27.el7_2.7.x86_64.rpm 4e1064804923252cbe133775686a7b30d38910f69b6e0b5dc5b0de7a2d747e0a fence-agents-ipdu-4.0.11-27.el7_2.7.x86_64.rpm 9493e541b9b520b292f2b3876fd62055fa6f1a5a69b1de3cba1c348539ac2e1e fence-agents-ipmilan-4.0.11-27.el7_2.7.x86_64.rpm 88892aad8a690f93b1d7393e5f313d816b83031e29113cf3489c4a5d9a0cdc97 fence-agents-kdump-4.0.11-27.el7_2.7.x86_64.rpm 16de803aef77df78197b73a1bc7e6f3f9c311846215493fa706a348d1c1bbdcd fence-agents-mpath-4.0.11-27.el7_2.7.x86_64.rpm 4591f774e49c1491ba54d36e29ba49fc8c88e690fa6f5eb209a5d8d609387efb fence-agents-rhevm-4.0.11-27.el7_2.7.x86_64.rpm 9c6f0eeebda11faab2e333a297ffdd00351687ef8a95e2d382ca2ffc6a4f4045 fence-agents-rsa-4.0.11-27.el7_2.7.x86_64.rpm f6efd0013d2769cd630ec8a990b70e9975539e237df00b3655caa657cdac51eb fence-agents-rsb-4.0.11-27.el7_2.7.x86_64.rpm 0ec6af62c4b87db6043380dbc3655d76fdc828744b1593fee4f1622b52d0d02f fence-agents-scsi-4.0.11-27.el7_2.7.x86_64.rpm 1b8270079e29531def7788c07c6d6265e04f053f649c0116a59daed181988672 fence-agents-virsh-4.0.11-27.el7_2.7.x86_64.rpm a125eb953b482f1db870570241a0a168045f8b35ff250045131e7c442944aeb8 fence-agents-vmware-soap-4.0.11-27.el7_2.7.x86_64.rpm 6114707cd2bf16db06e663d4f458d386360b0230fce0b6a6317dc844b998ea23 fence-agents-wti-4.0.11-27.el7_2.7.x86_64.rpm Source: 7396b575084002def17fed12716a9c0c0ca1214a0e0d7515e5f84b3318f78d01 fence-agents-4.0.11-27.el7_2.7.src.rpm
[ERPSCAN-16-001] SAP NetWeaver 7.4 – XSS vulnerability
Posted by ERPScan inc on Apr 15
Application:SAP NetWeaver
Versions Affected: SAP NetWeaver J2EE Engine 7.40
Vendor URL: http://SAP.com
Bugs: Cross-Site Scripting
Sent: 01.09.2015
Vendor response: 02.09.2015
Date of Public Advisory: 12.01.2016
Reference: SAP Security Note 2206793
Author: Vahagn Vardanyan (ERPScan)
Description
1. ADVISORY INFORMATION
Title: SAP NetWeaver J2EE Engine 7.40
Advisory ID: [ERPSCAN-16-001]
Risk: Hight
Advisory URL:…
[ERPSCAN-16-002] SAP HANA – log injection and no size restriction
Posted by ERPScan inc on Apr 15
Application: SAP HANA
Versions Affected: SAP HANA
Vendor URL: http://SAP.com
Bugs: Log injection
Sent: 28.09.2015
Reported: 28.09.2015
Vendor response: 29.09.2015
Date of Public Advisory: 12.01.2016
Reference: SAP Security Note 2241978
Author: Mathieu Geli (ERPScan)
Description
1. ADVISORY INFORMATION
Title: SAP HANA
Advisory ID: [ERPSCAN-16-002]
Risk: Hight
Advisory URL:…
Re: end of useable crypto in browsers?
Posted by Reindl Harald on Apr 15
Am 14.04.2016 um 00:54 schrieb Sebastian:
how do you come to the conclusion that you need any 3rd party CA for a
client certificate which you accept on your server?
Re: end of useable crypto in browsers?
Posted by Sebastian on Apr 15
Am 2016-04-14 16:19, schrieb Reindl Harald:
I don’t. But even if you roll your own CA, you’ll have a hard time
avoiding someone with a wildcard CA (updater, every other page you open,
…). Also, to use <keygen> you need to have a secure connection
beforehand (or use http, which would make every MITM happy). Now it is
possible to work around this, too, but then you may as well use fully
encrypted channel.
The actual point…
Re: end of useable crypto in browsers?
Posted by Tony Arcieri on Apr 15
On Sat, Apr 9, 2016 at 2:34 AM, Árpád Magosányi <mag () magwas rulez org>
wrote:
Using X.509 client certificates with browsers has a *huge* problem: they
don’t follow the same-origin policy, and <keygen> was not designed for this
in mind. Without following SOP, browsers wind up doing a terrible thing:
prompting the user to select which TLS client cert/key to use with a
particular web site. This is bad for both UX and…
PfSense Community Edition Multiple Vulnerabilities
Posted by Francesco Oddo on Apr 15
( , ) (,
. ‘.’ ) (‘. ‘,
). , (‘. ( ) (
(_,) .’), ) _ _,
/ _____/ / _ ____ ____ _____
____ ==/ /_ _/ ___/ _ /
/ / | \ __( <_> ) Y Y
/______ /___|__ / ___ >____/|__|_| /
/ /.-. / /:wq
(x.0)
‘=.|w|.=’
_=”””=….