Mandriva Linux Security Advisory 2014-194

October 3, 2014 007admin Leave a comment

Mandriva Linux Security Advisory 2014-194 – With a crafted ENUM value it is possible to trigger an XSS in table search and table structure pages. This upgrade provides the latest phpmyadmin version to address this vulnerability.

Security

Mandriva Linux Security Advisory 2014-195

October 3, 2014 007admin Leave a comment

Mandriva Linux Security Advisory 2014-195 – An out-of-bounds read flaw was found in the way libvirt’s qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process. A denial of service flaw was found in the way libvirt’s virConnectListAllDomains() function computed the number of used domains. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to make any domain operations within libvirt unresponsive. The updated libvirt packages have been upgraded to the 1.1.3.6 version and patched to resolve these security flaws.

CentOS

CESA-2014:1352 Moderate CentOS 7 libvirt SecurityUpdate

October 3, 2014 007admin Leave a comment

CentOS Errata and Security Advisory 2014:1352 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1352.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
5d4e335476289de76b6876d8ca2c4d3a5693d1be4cbfbc75182490a1baaa75bf  libvirt-1.1.1-29.el7_0.3.x86_64.rpm
8ea2020ae45d9667c3a6b2b70199ff3ddc2477fd9a0290364e8410cee9ab5185  libvirt-client-1.1.1-29.el7_0.3.i686.rpm
80883e84d8663ffe584397bc70cde3b6885e3960090e510449261fbd060a7dfd  libvirt-client-1.1.1-29.el7_0.3.x86_64.rpm
09365cea21fecf4cacceef67d6aaebf2c4f1681b3718c8d60782ebd31d05793a  libvirt-daemon-1.1.1-29.el7_0.3.x86_64.rpm
039014ec72916b7e47fe8d19fb74ad45fe9102e834ea71f088e58a30bae6f85b  libvirt-daemon-config-network-1.1.1-29.el7_0.3.x86_64.rpm
4d8033781ad5077f2f6a6b59927db8d880d588b259decf62bac16d6f27bb621f  libvirt-daemon-config-nwfilter-1.1.1-29.el7_0.3.x86_64.rpm
23569edf9e4346dfbd9a68aee7dbbb87f393545f9f9f211c97999645111f784c  libvirt-daemon-driver-interface-1.1.1-29.el7_0.3.x86_64.rpm
3b9cb23f9d14fee9086e1cc9880bfe8281d32870c63e07a15fc1d8d81feb7dca  libvirt-daemon-driver-lxc-1.1.1-29.el7_0.3.x86_64.rpm
cfe4df1695ab422e912e7b2307ad8643db22cf533e620496c77fffc1f242841d  libvirt-daemon-driver-network-1.1.1-29.el7_0.3.x86_64.rpm
e3804dd562afe94e9ddc06e4b3f8667a8c5499830ce25a1514807f00383b036e  libvirt-daemon-driver-nodedev-1.1.1-29.el7_0.3.x86_64.rpm
44ddadb96a7905574797f1e3f80358209514365654ae3ef586dbef6115210a87  libvirt-daemon-driver-nwfilter-1.1.1-29.el7_0.3.x86_64.rpm
4fe40757899a828e89e12ba087bfeb61b419e000fc9ded701d2059e69b50d776  libvirt-daemon-driver-qemu-1.1.1-29.el7_0.3.x86_64.rpm
9633932a78618c4262012137e660fb48b919dc35f06623e75a34871fcfec5288  libvirt-daemon-driver-secret-1.1.1-29.el7_0.3.x86_64.rpm
16b7dc9f8ed16bd0fb68b318df39f377506cd3949829be8d6947419cb776fe26  libvirt-daemon-driver-storage-1.1.1-29.el7_0.3.x86_64.rpm
9c1ddd2ef885dc5cbce1540ea61ad96e3710278b3ae9e43883a2e1da072ff1cf  libvirt-daemon-kvm-1.1.1-29.el7_0.3.x86_64.rpm
688eb39000bc87c3c1eaf46b0552f8dc344cd18b6a29da03c2be6d38d38d2b22  libvirt-daemon-lxc-1.1.1-29.el7_0.3.x86_64.rpm
e37deb636beaeb465d2a865b9f2fdc4c651aaf8c0273bc8c57425293e8db20d4  libvirt-devel-1.1.1-29.el7_0.3.i686.rpm
6fdae96140597670be8265d68ff952c2ecf5dfdabe4d6bedf347a84aa69819bd  libvirt-devel-1.1.1-29.el7_0.3.x86_64.rpm
eb1f57f07285f612fa5395c87b4b35ea45e15d68b0ff50652720c4a2a999b7c1  libvirt-docs-1.1.1-29.el7_0.3.x86_64.rpm
fd39913f5cccb50116fa38a20f747bb89e44d528e888682741d954db6ed82ca5  libvirt-lock-sanlock-1.1.1-29.el7_0.3.x86_64.rpm
11fb63467cdfd83fd985c23da250b7dc12106ae407bb8171917003f6e09416d5  libvirt-login-shell-1.1.1-29.el7_0.3.x86_64.rpm
937fe26ae532a0d4709db886e4a4e2bcbb55ee8d2ae17c40f42cd15f5211a2c3  libvirt-python-1.1.1-29.el7_0.3.x86_64.rpm

Source:
de7527a24db56a274b091010da214c4da03cc99577966c4d65127480e1616d4b  libvirt-1.1.1-29.el7_0.3.src.rpm

CentOS

CEEA-2014:1355 CentOS 7 tzdata Enhancement Update

October 3, 2014 007admin Leave a comment

CentOS Errata and Enhancement Advisory 2014:1355 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-1355.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
ff21b78082b95850edb4958a82f95265ae7ce15cee4f61408bc9b6a8189b8636  tzdata-2014h-1.el7.noarch.rpm
ae1db34fc4cc85fe92ea78fb5c0303bcae86d689973dd35ea6d87160e5cc4a84  tzdata-java-2014h-1.el7.noarch.rpm

Source:
4b8d36b1b425e314fc1ebdbca475fc8899eb588b40fda4cfd29d75648cf91360  tzdata-2014h-1.el7.src.rpm

CentOS

CEEA-2014:1355 CentOS 5 tzdata Enhancement Update

October 3, 2014 007admin Leave a comment

CentOS Errata and Enhancement Advisory 2014:1355 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-1355.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
5dd343cbd6b2c315f5c037d8229b80c02c29228c25b6481e9aafa5eac224bd4c  tzdata-2014h-2.el5.i386.rpm
54930f1954727524b2a65c2678772a6dd67d54ed94e5dc4a8619805da4d82171  tzdata-java-2014h-2.el5.i386.rpm

x86_64:
b302b440d1cbd0b8ca882acb65931b9e8b671cab2864dfb794d94af80a629264  tzdata-2014h-2.el5.x86_64.rpm
a0a377edcba02c6341320381b4ea8c59ff723f94c0eac760e90b6bbe8657f4a9  tzdata-java-2014h-2.el5.x86_64.rpm

Source:
46e17f84bff87914df35157a8aaa928a7c88e9a6ff25400ee4c276a7c20768ce  tzdata-2014h-2.el5.src.rpm

CentOS

CEEA-2014:1355 CentOS 6 tzdata Enhancement Update

October 3, 2014 007admin Leave a comment

CentOS Errata and Enhancement Advisory 2014:1355 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-1355.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
8478a7a8c207e68435859480f155e86325841242aefbb31a9f9171cf01f394fa  tzdata-2014h-1.el6.noarch.rpm
c9aa98d2cb42be7efdd49f5268a9d268a3195df83a45477080aa65995c413f50  tzdata-java-2014h-1.el6.noarch.rpm

x86_64:
8478a7a8c207e68435859480f155e86325841242aefbb31a9f9171cf01f394fa  tzdata-2014h-1.el6.noarch.rpm
c9aa98d2cb42be7efdd49f5268a9d268a3195df83a45477080aa65995c413f50  tzdata-java-2014h-1.el6.noarch.rpm

Source:
66a194c5537755201e4a510d251303e2e4bbdac0e1f49911a6e6d583e5100d10  tzdata-2014h-1.el6.src.rpm

Kaspersky

JPMorgan Breach Hints at Financial Sector Bombardment – Third Certainty

October 3, 2014 007admin Leave a comment

Kaspersky

Finding the Right Approach: Three Ways to Protect Your Virtual Environment – Virtual Strategy Magazine

007 Software

Mandriva Linux Security Advisory 2014-194

Mandriva Linux Security Advisory 2014-195

CESA-2014:1352 Moderate CentOS 7 libvirt SecurityUpdate

CEEA-2014:1355 CentOS 7 tzdata Enhancement Update

CEEA-2014:1355 CentOS 5 tzdata Enhancement Update

CEEA-2014:1355 CentOS 6 tzdata Enhancement Update

JPMorgan Breach Hints at Financial Sector Bombardment – Third Certainty

Finding the Right Approach: Three Ways to Protect Your Virtual Environment – Virtual Strategy Magazine

Me and My Job: Michael Canavan, Kaspersky Lab North America – SC Magazine

Kaspersky Expands Partnership with INTERPOL, Europol – Info Security

Software and Security Information