Monthly Archives: September 2014

Security

Red Hat Security Advisory 2014-1337-01

Leave a comment

Red Hat Security Advisory 2014-1337-01 – OpenStack Image service provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. It was discovered that the image_size_cap configuration option in glance was not honored. An authenticated user could use this flaw to upload an image to glance and consume all available storage space, resulting in a denial of service.

Security

Red Hat Security Advisory 2014-1338-01

Leave a comment

Red Hat Security Advisory 2014-1338-01 – OpenStack Image service provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. It was discovered that the image_size_cap configuration option in glance was not honored. An authenticated user could use this flaw to upload an image to glance and consume all available storage space, resulting in a denial of service.

Security

Red Hat Security Advisory 2014-1339-01

Leave a comment

Red Hat Security Advisory 2014-1339-01 – OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. As of Red Hat Enterprise Linux OpenStack Platform 4.0, ‘neutron’ replaces ‘quantum’ as the core component of OpenStack Networking. It was discovered that the openstack-neutron package in Red Hat Enterprise Linux Open Stack Platform 5.0 for Red Hat Enterprise Linux 6 was released with a sudoers file containing a configuration error. This error caused OpenStack Networking to be vulnerable to the CVE-2013-6433 issue.

Security

Ubuntu Security Notice USN-2366-1

Leave a comment

Ubuntu Security Notice 2366-1 – Daniel P. Berrange and Richard Jones discovered that libvirt incorrectly handled XML documents containing XML external entity declarations. An attacker could use this issue to cause libvirtd to crash, resulting in a denial of service on all affected releases, or possibly read arbitrary files if fine grained access control was enabled on Ubuntu 14.04 LTS. Luyao Huang discovered that libvirt incorrectly handled certain blkiotune queries. An attacker could use this issue to cause libvirtd to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.

CentOS

CEBA-2014:1332 CentOS 7 pacemaker BugFix Update

Leave a comment 
CentOS Errata and Bugfix Advisory 2014:1332 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1332.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
c3558fc340a9913cc5e0dadd901fac00c9a1db5f45ea4099254cdcaef81bfd98  pacemaker-1.1.10-32.el7_0.1.x86_64.rpm
71c8c1cc78390bb0289c19e91cff5b34a1b2c7d06fb9e2d53286babcdb715d0d  pacemaker-cli-1.1.10-32.el7_0.1.x86_64.rpm
3e0cd2632f0b727fe78b41b22069bd123eb296295de2bc3852f66496f45d59dd  pacemaker-cluster-libs-1.1.10-32.el7_0.1.i686.rpm
716a3b02478163810c12d11d3736caa1f84bfc03e9e044774575383429670e9f  pacemaker-cluster-libs-1.1.10-32.el7_0.1.x86_64.rpm
457a234f5c012826a9b17592f1403b84a51f25fb6f6cd7a31d5140fcf560b47d  pacemaker-cts-1.1.10-32.el7_0.1.x86_64.rpm
a97438a0f2932331db905b92965c4a5a6aa703a99d6ca039f4870284a1ece4ff  pacemaker-doc-1.1.10-32.el7_0.1.x86_64.rpm
5e37d7c34ac6282085e6f5c8467b5a64a4dd430f5e509047763f67f30cdee804  pacemaker-libs-1.1.10-32.el7_0.1.i686.rpm
50b7ab48041c9c46a9cc16a22b245e01231ca911ef9ea1ef50b808136db35cd7  pacemaker-libs-1.1.10-32.el7_0.1.x86_64.rpm
92a2d70dc52e31375e72397967ed68417d9b90d0c97a1e5a31e225bd325dd47f  pacemaker-libs-devel-1.1.10-32.el7_0.1.i686.rpm
ff4dfd9b2d602b731fc83343303d3432d071dccbe052a4961a07873b22ce0cec  pacemaker-libs-devel-1.1.10-32.el7_0.1.x86_64.rpm
c22f54d558d61546e01cf6f4456e9348491ca3f6d0dd702c9fa7aa7f868aedc2  pacemaker-remote-1.1.10-32.el7_0.1.x86_64.rpm

Source:
36b2baccba41eb4c355c39413fef599d79ab19abf0a0ab1370f819bd2e3a77dd  pacemaker-1.1.10-32.el7_0.1.src.rpm
CentOS

CEBA-2014:1333 CentOS 6 net-snmp BugFix Update

Leave a comment 
CentOS Errata and Bugfix Advisory 2014:1333 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1333.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
5e7db7a0d97c9aa5f6533b661bcd81aec5f16cb494eae49b0eee0e3d41a68bbb  net-snmp-5.5-49.el6_5.4.i686.rpm
457194e11f448eb91030b0e169fc004f44cc9fe3f7e4c0b13ff7f6bd74527348  net-snmp-devel-5.5-49.el6_5.4.i686.rpm
9e90ad52b6428e440374a700daf3f0b6d3a688ee46e9063a0bec69935bbd1c3a  net-snmp-libs-5.5-49.el6_5.4.i686.rpm
3e7e783931cb248a3b2f08f6bec137700b90a6e0f82b6ca038bf8d4b1d3ec2cb  net-snmp-perl-5.5-49.el6_5.4.i686.rpm
de6b0608818158c09b29a2173a9a23e1411e6950572032680ead1cdeb270b1dd  net-snmp-python-5.5-49.el6_5.4.i686.rpm
534273784522f5a348e256e8f5dd5cda65bd8a40ec9a766b2f7ee457f5cc5b6f  net-snmp-utils-5.5-49.el6_5.4.i686.rpm

x86_64:
876f52854a8daad8c0113c1b9457c45aeeac3b6a34b4eeb15f709d74a7b11563  net-snmp-5.5-49.el6_5.4.x86_64.rpm
457194e11f448eb91030b0e169fc004f44cc9fe3f7e4c0b13ff7f6bd74527348  net-snmp-devel-5.5-49.el6_5.4.i686.rpm
45dc91f41fbe5cd1892f8e0b7996c0ce873742f55f366c2d6499bc3f7aaf3da9  net-snmp-devel-5.5-49.el6_5.4.x86_64.rpm
9e90ad52b6428e440374a700daf3f0b6d3a688ee46e9063a0bec69935bbd1c3a  net-snmp-libs-5.5-49.el6_5.4.i686.rpm
f5af47e7f893ef52783a6b3a314ec7aa90bbe8cae8eb827fb7fa71d0339d88c1  net-snmp-libs-5.5-49.el6_5.4.x86_64.rpm
6f5484e6af936b22fd6bfa850ddbae72108a9f183f506063afc54787cc1e892a  net-snmp-perl-5.5-49.el6_5.4.x86_64.rpm
9a59df5f7949cff8ca1eb72b3076b59ec183e38015b3af1ebcabb30d6edeafba  net-snmp-python-5.5-49.el6_5.4.x86_64.rpm
3b463cce99dba750a2614a7f8592abe97d8f5f4f55eed3537a158a6cbbdcb657  net-snmp-utils-5.5-49.el6_5.4.x86_64.rpm

Source:
41f222d6c934a9de1d8427277e87bf574728094befc6df38a89726ebba2547e4  net-snmp-5.5-49.el6_5.4.src.rpm
AVG

Amazon announce Fire Phone UK launch

Leave a comment

The Amazon Fire Phone, which launched in the US in July was launched in the UK this week.

The Fire Phone, which has a unique Dynamic Perspective feature which alters the display to offer the user a 3D screen from any angle. It achieves this via four front facing cameras which track the user’s face and allow gesture input.

The AVG team took full advantage of the unique head movement gesture control and built into the AVG Alarm Clock Extreme app so that users get can get the full Fire phone experience. This means that users who download the AVG app can nod or shake their head to ‘snooze’ or turn off their alarm and other physical gestures will provide a richer, more impactful experience.

We have developed two new apps, AVG AntiVirus PRO for Fire phone and AVG Alarm Clock Xtreme Free for Fire phone, both available to download from the Amazon store for FREE and are designed to take advantage of all the exiting new functionality built into the Amazon Fire phone.

Just as Amazon has done with the device, we wanted to provide users with a great experience that is engaging and exciting.

Download AntiVirus PRO for Fire phone

Download Alarm Clock Xtreme Free for Fire phone