CEEA-2014:1718 CentOS 6 qemu-kvm EnhancementUpdate

October 28, 2014 007admin

CentOS Errata and Enhancement Advisory 2014:1718 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-1718.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
dd81778f402fa471779b4092b77a29289960aa9ca78f8ba1d818dd3b656eee6b  qemu-guest-agent-0.12.1.2-2.448.el6_6.i686.rpm

x86_64:
0fb5fd7142a62577b1cde2de70d3152e25430e8e285a35437b3cbc9fec919553  qemu-guest-agent-0.12.1.2-2.448.el6_6.x86_64.rpm
d3c483390aad79f8f991c47f6225d9689fc2d56b2a3cdc9cb8211e59a5563f05  qemu-img-0.12.1.2-2.448.el6_6.x86_64.rpm
0a0cf7f854fdba42c0002ae76d2b24507ba1e180e6c9bca08ece5e5b143b9f4b  qemu-kvm-0.12.1.2-2.448.el6_6.x86_64.rpm
82dfa4774177c57df17eb100c4a2ca534146d4d0f3e5428fbbc88d41e8da8e9b  qemu-kvm-tools-0.12.1.2-2.448.el6_6.x86_64.rpm

Source:
ffdf05d4c7a24e37e3447b1acd0430676f31ab8685e950c1544985b240fae4b3  qemu-kvm-0.12.1.2-2.448.el6_6.src.rpm

CentOS

CEBA-2014:1719 CentOS 6 tuned BugFix Update

October 28, 2014 007admin

CentOS Errata and Bugfix Advisory 2014:1719 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1719.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
e1f83fb08bd6ce7fb83156ba7edb9fcfea7acd7cc315959cecd93bae9396dad9  tuned-0.2.19-13.el6_6.1.noarch.rpm
fac2f9a24dbb510d75c05317e0202df6018eaffdd7b1ab4df8ca3db761c48831  tuned-profiles-sap-0.2.19-13.el6_6.1.noarch.rpm
793da5e75b1feef0af61049133a1badcb561e134e6750652176eee02a706904f  tuned-profiles-sap-hana-0.2.19-13.el6_6.1.noarch.rpm
206103be5e20e89f2d6d8632cfb0acde1794151a32340219f9ea897ddcaa579e  tuned-utils-0.2.19-13.el6_6.1.noarch.rpm

x86_64:
e1f83fb08bd6ce7fb83156ba7edb9fcfea7acd7cc315959cecd93bae9396dad9  tuned-0.2.19-13.el6_6.1.noarch.rpm
fac2f9a24dbb510d75c05317e0202df6018eaffdd7b1ab4df8ca3db761c48831  tuned-profiles-sap-0.2.19-13.el6_6.1.noarch.rpm
793da5e75b1feef0af61049133a1badcb561e134e6750652176eee02a706904f  tuned-profiles-sap-hana-0.2.19-13.el6_6.1.noarch.rpm
206103be5e20e89f2d6d8632cfb0acde1794151a32340219f9ea897ddcaa579e  tuned-utils-0.2.19-13.el6_6.1.noarch.rpm

Source:
787015217a81452f03696b2211456f9dfdae58c89b52568e7eef4b66b1e972b1  tuned-0.2.19-13.el6_6.1.src.rpm

CentOS

CESA-2014:1724 Important CentOS 7 kernel SecurityUpdate

October 28, 2014 007admin

CentOS Errata and Security Advisory 2014:1724 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1724.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
ad8102d609c8ce5c80d43e3a85d39c44e50469bbe6769ad23d311427c87ee641  kernel-3.10.0-123.9.2.el7.x86_64.rpm
8253deabb17f20b35c37d8a1e9f341e4c5318af61b3e10c05c4ec7c8e7d68e3f  kernel-abi-whitelists-3.10.0-123.9.2.el7.noarch.rpm
75177b2e34349f19aa4b5d7faeb30ab20ffa3c3a1c0dbeb513336d5cb5797276  kernel-debug-3.10.0-123.9.2.el7.x86_64.rpm
a786da6540be6eafe1f86d92a1d832234c803f737308ad4a8f79fd4231ac2555  kernel-debug-devel-3.10.0-123.9.2.el7.x86_64.rpm
687766a4b9298624690e0de7b2b47ca792df5d5f33ba2f20a4a8e6411c819ba4  kernel-devel-3.10.0-123.9.2.el7.x86_64.rpm
c7fa78b9168b7a80ed83897699f1524aa239957b288e3ec4600163173615092e  kernel-doc-3.10.0-123.9.2.el7.noarch.rpm
28911895b1a6b57a08bb7284caadcde8c8528b1f1a82aaeb87233e7135f53578  kernel-headers-3.10.0-123.9.2.el7.x86_64.rpm
da75ee6ecaafae4793678409433636eea4260c027961c798904b3860d642c65e  kernel-tools-3.10.0-123.9.2.el7.x86_64.rpm
da5097acb8925f99015a695020494fa3aef2887e8679cb329cedf4207666b2d9  kernel-tools-libs-3.10.0-123.9.2.el7.x86_64.rpm
7cf8756802f3b210e7d5d6db21f80286d0328e6e3e7243598e7ab991086deb24  kernel-tools-libs-devel-3.10.0-123.9.2.el7.x86_64.rpm
90b6ad481f817a2abb791182191516a1b0efba824fa7ec9801381136ad40244b  perf-3.10.0-123.9.2.el7.x86_64.rpm
c652eb39ca849a26e62e76d7c9d9dd175dd3833148558761b26d65d04e8836f4  python-perf-3.10.0-123.9.2.el7.x86_64.rpm

Source:
b590923f0db88d66b1090c63cf76c45f2033b3e7f40793bd26c5590cc36a4c6c  kernel-3.10.0-123.9.2.el7.src.rpm

Full Disclosure

Go Home WP-API, You're Drunk…

October 28, 2014 007admin

Posted by Scott Arciszewski on Oct 29

… or more accurately, asleep at the wheel!
_______________________________________________________
_________/ STORY TIME (feel free to skip this if you don’t care) __________
| |
| Recently, I made a quick analysis of all of the public projects listed |
| on HackerOne….

Debian

DSA-3059 dokuwiki – security update

October 28, 2014 007admin

Two vulnerabilities have been discovered in dokuwiki. Access control in
the media manager was insufficiently restricted and authentication could
be bypassed when using Active Directory for LDAP authentication.

Security Focus