Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    openSUSE Security Update: Security update for mbedtls ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0790-1 Rating: important References: #1029017 Cross-References: CVE-2017-2784 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update to mbedtls 1.3.19 fixes security issues and bugs. The following vulnerability was fixed: CVE-2017-2784: A remote user could have used a specially crafted certificate to cause mbedtls to free a buffer allocated on the stack when verifying the validity of public key with a secp224k1 curve, which could have allowed remote code execution on some platforms (boo#1029017) The following non-security changes are included: - Add checks to prevent signature forgeries for very large messages while using RSA through the PK module in 64-bit systems. - Fixed potential livelock during the parsing of a CRL in PEM format Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-372=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-372=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): libmbedtls9-1.3.19-15.1 libmbedtls9-debuginfo-1.3.19-15.1 mbedtls-debugsource-1.3.19-15.1 mbedtls-devel-1.3.19-15.1 - openSUSE Leap 42.2 (x86_64): libmbedtls9-32bit-1.3.19-15.1 libmbedtls9-debuginfo-32bit-1.3.19-15.1 - openSUSE Leap 42.1 (i586 x86_64): libmbedtls9-1.3.19-15.1 libmbedtls9-debuginfo-1.3.19-15.1 mbedtls-debugsource-1.3.19-15.1 mbedtls-devel-1.3.19-15.1 - openSUSE Leap 42.1 (x86_64): libmbedtls9-32bit-1.3.19-15.1 libmbedtls9-debuginfo-32bit-1.3.19-15.1 References: https://www.suse.com/security/cve/CVE-2017-2784.html https://bugzilla.suse.com/1029017 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  2. news
    openSUSE Security Update: Security update for mbedtls ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0790-1 Rating: important References: #1029017 Cross-References: CVE-2017-2784 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update to mbedtls 1.3.19 fixes security issues and bugs. The following vulnerability was fixed: CVE-2017-2784: A remote user could have used a specially crafted certificate to cause mbedtls to free a buffer allocated on the stack when verifying the validity of public key with a secp224k1 curve, which could have allowed remote code execution on some platforms (boo#1029017) The following non-security changes are included: - Add checks to prevent signature forgeries for very large messages while using RSA through the PK module in 64-bit systems. - Fixed potential livelock during the parsing of a CRL in PEM format Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-372=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-372=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): libmbedtls9-1.3.19-15.1 libmbedtls9-debuginfo-1.3.19-15.1 mbedtls-debugsource-1.3.19-15.1 mbedtls-devel-1.3.19-15.1 - openSUSE Leap 42.2 (x86_64): libmbedtls9-32bit-1.3.19-15.1 libmbedtls9-debuginfo-32bit-1.3.19-15.1 - openSUSE Leap 42.1 (i586 x86_64): libmbedtls9-1.3.19-15.1 libmbedtls9-debuginfo-1.3.19-15.1 mbedtls-debugsource-1.3.19-15.1 mbedtls-devel-1.3.19-15.1 - openSUSE Leap 42.1 (x86_64): libmbedtls9-32bit-1.3.19-15.1 libmbedtls9-debuginfo-32bit-1.3.19-15.1 References: https://www.suse.com/security/cve/CVE-2017-2784.html https://bugzilla.suse.com/1029017 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  3. news
    openSUSE Security Update: Security update for mbedtls ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0792-1 Rating: important References: #1029017 Cross-References: CVE-2017-2784 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update to mbedtls 1.3.19 fixes security issues and bugs. The following vulnerability was fixed: CVE-2017-2784: A remote user could have used a specially crafted certificate to cause mbedtls to free a buffer allocated on the stack when verifying the validity of public key with a secp224k1 curve, which could have allowed remote code execution on some platforms (boo#1029017) The following non-security changes are included: - Add checks to prevent signature forgeries for very large messages while using RSA through the PK module in 64-bit systems. - Fixed potential livelock during the parsing of a CRL in PEM format Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2017-372=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 ppc64le s390x x86_64): libmbedtls9-1.3.19-5.1 mbedtls-devel-1.3.19-5.1 - SUSE Package Hub for SUSE Linux Enterprise 12 (aarch64 x86_64): libmbedtls9-debuginfo-1.3.19-5.1 mbedtls-debugsource-1.3.19-5.1 References: https://www.suse.com/security/cve/CVE-2017-2784.html https://bugzilla.suse.com/1029017 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  4. news
    TITLE: GIGABYTE AORUS GA-AX370-Gaming 5 Review ( -at -) Vortez CONTENT: The most prominent thing we notice when looking through its feature set is that GIGABYTE have made it a master dual-wielder. They feature dual channel memory, dual BIOS, dual armour, dual networking (Killer E2500 + Intel), dual ALC 1220 audio codecs with dual Smart headphone amps, there are two thermistor headers, two internal USB 3.1 (Gen 1, aka USB 3.0) headers, two SATA Express ports, and of course it supports two-way SLI/CrossFire. LINK: https://www.vortez.net/review.php?id=1280 ---------------------------------------------------------------------------- -------------------- Please post this news item in your news section. Thank you.
  5. news
    Even though various companies successfully produce headsets, we’ve found that even the best manufacturers often struggle to make a well-balanced headset for the PC gaming market. With the Arctis 7 that we are looking at today, SteelSeries brings along some very handy gamer-centric features, a very unique headband that introduces a new level of comfort that you won’t find elsewhere and lag-free wireless audio over USB. With the Arctis 7, SteelSeries are trying to appeal to users who want a stylish, good sounding headset that breaks the mold from typical gaming headset designs, which tend to feature excessive plastic and horribly balanced sound. Article Title: SteelSeries Arctis 7 Wireless Gaming Headset Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/steelseries-arctis-7-wireless-gaming-headset-review_192352 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =
  6. news
    <http://www.eteknix.com> Ryzen Vs Intel GTX 1080 Ti Showdown Revisited: More Resolutions, Overclocks & Games Ryzen has been with us for a few weeks now, and there has been quite the rollercoaster of feedback from around the world about its performance. We've tested the CPUs <http://www.eteknix.com/amd-ryzen-7-1800x-am4-8-core-processor-review/> , and they're pretty fantastic and offer some excellent performance, despite a few issues with memory speeds and latency. While we tested the Ryzen 1800X with the Nvidia GeForce GTX 1080 Ti <http://www.eteknix.com/nvidia-geforce-gtx-1080-ti-11gb-graphics-card-review/>  to see how well the new flagship AMD CPU would work in a high-end gaming PC, a few people didn't take kindly to us using overclocks only on Ryzen. I initially tested on stock only and matched that with the stock performance on the i7-5820K, as we do with all GPUs on that chip as it's our graphics card test bench. I did the same with the 7700K as I had access to it and my whole trip was to give us some metric for the stock and overclocked gaming performance of Ryzen. However, many of you wanted the Intel chips to be overclocked, and we're not going to shy away from what our readers want, and we're going above and beyond. URL - http://www.eteknix.com/ryzen-vs-intel-gtx-1080-ti-showdown-revisited-more-resolutions-overclocks-games-tested/ --
  7. news
    <http://www.eteknix.com> Linksys WRT3200ACM AC3200 MU-MIMO Gigabit WiFi Router Review Linksys has had a lot of success with their WRT series, and that can't come as a surprise to anyone. They look great, are packed with features, and perform great too. Today I have the pleasure to take a closer look at the newest family member in the WRT series, the WRT3200ACM. Linksys' WRT3200ACM is, as the name suggests, an AC3200 class router which means that it can deliver up to N600 speeds on the 2.4GHz band and up to AC2600 on the 5GHz band. The reason why it is so fast on the 5GHz band is that it uses the Tri-Stream 160 technology. The Tri-Stream 160 effectively doubles the bandwidth of the 5 GHz band through the use of three 160MHz channels. It is also Dynamic frequency selection (DFS) certified from the FCC which not only allows operation at 160MHz, it also triples the channels available at 80MHz. That allows your router to operate in the clearest airspace and where other routers aren't allowed. URL - http://www.eteknix.com/linksys-wrt3200acm-ac3200-mu-mimo-gigabit-wifi-router-review/ --
  8. news
    Seasonic PRIME 1200W Platinum PSU Review ------------------------------------------------------------ http://us2.campaign-archive1.com/?u=bfb2b902b5fb045ad6f841f98&id=7a0613c53e&e=872093acb5 http://www.kitguru.net Seasonic PRIME 1200W Platinum PSU Review This week we take a look at another of the latest Seasonic PRIME Platinum power supplies – this time in a 1200 watt capacity. These new supplies are less expensive than the previous flagship Titanium graded units but still offer a pure modular design and feature high grade Fluid Dynamic Bearing (FDB) cooling fans. Read the review here: http://www.kitguru.net/components/power-supplies/zardon/seasonic-prime-1200w-platinum-psu-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=7a0613c53e&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  9. news
    <http://www.eteknix.com> Acer Predator X34 34-Inch G-Sync Ultrawide 21:9 Gaming Monitor Review Have you invested a small fortune in a high-end gaming PC, with one or more of the fastest graphics cards on the market, a powerful overclocked CPU, and more? Then you're likely in the market for a high-end display that can reveal the visual potential of your gaming system, and that's where the Acer X34 comes into play! Of course, not all monitors are created equally, but this one is certainly a little more extreme than most, and it has a spec sheet that's so mighty it's only matched by its enormous price tag, so don't expect to get much, if any, change from £1000! URL - http://www.eteknix.com/acer-predator-x34-34-inch-g-sync-ultrawide-219-gaming-monitor-review/ --
  10. news
    ** TECHSPOT ------------------------------------------------------------ ** Simulating AMD Ryzen 5 1600X, 1500X Gaming Performance ------------------------------------------------------------ ** http://www.techspot.com/review/1360-amd-ryzen-5-1600x-1500x-gaming/ ------------------------------------------------------------ AMD confirmed the official specifications for its upcoming Ryzen 5 CPUs last week, however by announcing those specs, the company has largely let the cat out of the bag. Now armed with that knowledge and the ability to mimic Ryzen 5 settings, I pulled a stack of GPUs out of storage and got testing. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA
  11. news
    32GB Corsair Vengeance RGB DDR4-3000MHz ------------------------------------------------------------ http://us2.campaign-archive1.com/?u=bfb2b902b5fb045ad6f841f98&id=0f855fb560&e=872093acb5 http://www.kitguru.net 32GB Corsair Vengeance RGB DDR4-3000MHz Corsair has jumped on the RGB band wagon with its new Vengeance RGB memory. The 32GB kit we were sent consists of 4x8GB modules and is rated at DDR4-3000MHz which is a perfectly decent speed. The reviewer’s guide also puts the CAS 15 timing front and centre, a point we shall return to later. Read and watch more over here: http://www.kitguru.net/components/leo-waldock/32gb-corsair-vengeance-rgb-ddr4-3000mhz/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=0f855fb560&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  12. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: UE BOOM 2 "Reka One - Lost Time" Edition Link: https://www.techpowerup.com/reviews/Ultimateears/BOOM_2_Reka_One Brief: UE's newest artist version of the BOOM 2 is made in coorporation with Reka One. Street artist styling along with the orginal BOOM 2 performance should be a hit. We also get to play around with the multi speaker functionality of the UE BOOM 2.
  13. news
    SUSE Security Update: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0786-1 Rating: important References: #1025013 #1025254 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for the Linux Kernel 3.12.69-60_64_29 fixes several issues. The following security bug was fixed: - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bsc#1025013). The following non-security bug was fixed: - Fix for a "Data miscompare on a read" which was observed during the rebuilding of degraded MDRAID VDs. (bsc#1025254) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-443=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_69-60_64_29-default-2-2.1 kgraft-patch-3_12_69-60_64_29-xen-2-2.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  14. news
    Title: TRENDnet TEW-827DRU AC2600 StreamBoost MU-MIMO WiFi Router Review ( -at -) NikKTech Description: The TRENDnet TEW-827DRU AC2600 router will not be getting any awards for its looks but thanks to its very good wireless performance and available features it's still a solid choice for home and office networks. Article Link: http://www.nikktech.com/main/articles/peripherals/network/modem-routers/7599 -trendnet-tew-827dru-ac2600-streamboost-mu-mimo-wifi-router-review Image Link: http://www.nikktech.com/main/images/pics/reviews/trendnet/tew_827dru/trendne t_tew_827drua.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas
  15. news
    View this email in your browser (http://us3.campaign-archive2.com/?u=efc4c507c2cf964fc2462caca&id=8dd177ae15&e=0c004f9c13) Although the brand isn't very well known here in the U.S., Huami is actually the second largest manufacturer of smart wearables in the world. As such, it was only a matter of time before the Chinese manufacturer, which provides wearable technology to Xiaomi, made its way onto our shores. Huami and Xiaomi established their partnership in 2014 and have since sold over 24 million Mi Bands. Huami recently purchased Amazfit, an American wearable technology company. Amazfit was launched in 2016 and was quickly scooped up by Huami. They were best known for the Moon Beam and Equator fitness trackers, but Huami and Amazfit together launched the smartwatch we will be looking at today, the Amazfit Pace. The Amazfit Pace was only available in China when it initially launched, but hopped over the pond this past autumn... Amazfit Pace GPS Smartwatch Review: Sleek, Attractive, And Great Battery Life (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=6f3915f8c0&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=9013137e77&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=e370d7466a&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=6664b7558a&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=5ad4df8470&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=cc50b83172&e=0c004f9c13 http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=6278145334&e=0c004f9c13 ============================================================
  16. news
    ‘[censored] for Geeks’ producer on why the Digital Economy Bill will kill British business ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=6f61be2d8e&e=872093acb5 http://www.kitguru.net ‘[censored] for Geeks’ producer on why the Digital Economy Bill will kill British business British [censored] producer Harriet Sugarcookie is no stranger to overreaching and economically damaging laws. Two years ago she moved her flourishing business overseas to avoid the talons of moral grandstanding on the part of UK legislation and has been very successful since. Now though, while she sees the Digital Economy Bill as something far more dangerous to British business, she’s just as concerned, but far less likely to be affected. Read the exclusive article here: http://www.kitguru.net/channel/jon-martindale/[censored]-for-geeks-producer-on-why-the-digital-economy-bill-will-kill-british-business/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=6f61be2d8e&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  17. news
    A simple application to access, organize and share your photos on GNOME. It is meant to be a simple and elegant replacement for using a file manager to deal with photos. Seamless cloud integration is offered through GNOME Online Accounts. Overview of changes in 3.24.0 ============================= * Updated translations: Latvian Russian Bugs: https://bugzilla.gnome.org/enter_bug.cgi?product=gnome-photos Design: https://wiki.gnome.org/Design/Apps/Photos Download: http://download.gnome.org/sources/gnome-photos/3.24/ Git: http://git.gnome.org/browse/gnome-photos Website: https://wiki.gnome.org/Apps/Photos Happy hacking, Debarshi _______________________________________________
  18. news
    *Corsair Vengeance RGB DDR4 memory review* Join us as we check out the all new RGB series Vengeance DDR4 memory from Corsair. Not only do these puppies look awesome, they are properly specced as well. We received a 4x8GB DDR4 3000MHz CAS 15 DRAM kit from Corsair, so that is 32Gb at your disposal for dual and even quad-channel memory configurations. Read the * article here <http://www.guru3d.com/articles-pages/corsair-vengeance-rgb-ddr4-memory-review,1.html>'>http://www.guru3d.com/articles-pages/corsair-vengeance-rgb-ddr4-memory-review,1.html> *. URL: http://www.guru3d.com/articles-pages/corsair-vengeance-rgb-ddr4-memory-review,1.html <http://www.guru3d.com/articles-pages/corsair-vengeance-rgb-ddr4-memory-review,1.html> --
  19. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: qemu-kvm security and bug fix update Advisory ID: RHSA-2017:0621-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0621.html Issue date: 2017-03-21 CVE Names: CVE-2016-3712 ===================================================================== 1. Summary: An update for qemu-kvm is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Security Fix(es): * An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance. (CVE-2016-3712) Red Hat would like to thank Zuozhi Fzz (Alibaba Inc.) for reporting this issue. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 876993 - qemu-kvm: vm's become non-responsive during migrate disk load from 2 domains to a 3ed 1281713 - system_reset should clear pending request for error (IDE) 1292678 - Qemu should report error when cmdline set threads=2 in amd host 1294941 - QEMU crash on snapshot revert when using Cirrus 1297653 - "qemu-img convert" can't create a fully allocated image passed a "-S 0" option 1300626 - e1000/rtl8139: qemu mac address can not be changed via set the hardware address in guest 1318712 - CVE-2016-3712 qemu-kvm: Out-of-bounds read when creating weird vga screen surface 1320066 - Qemu should not report error when cmdline set threads=2 in Intel host 1333697 - qemu-kvm: /builddir/build/BUILD/qemu-kvm-0.12.1.2/hw/virtio-scsi.c:724: virtio_scsi_push_event: Assertion `event == 0' failed 1346981 - Regression from CVE-2016-3712: windows installer fails to start [rhel-6.9] 1356924 - rtl8139 driver hangs in widows guests 1361490 - system_reset should clear pending request for error (virtio-blk) 1392287 - Core dump occurs when query qtree after migration with "-vga cirrus" 1392520 - [RHEL6.9] KVM guest shuts itself down after 128th reboot 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: qemu-kvm-0.12.1.2-2.503.el6.src.rpm i386: qemu-guest-agent-0.12.1.2-2.503.el6.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.503.el6.x86_64.rpm qemu-img-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.503.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: qemu-kvm-0.12.1.2-2.503.el6.src.rpm x86_64: qemu-guest-agent-0.12.1.2-2.503.el6.x86_64.rpm qemu-img-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.503.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: qemu-kvm-0.12.1.2-2.503.el6.src.rpm i386: qemu-guest-agent-0.12.1.2-2.503.el6.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6.i686.rpm ppc64: qemu-guest-agent-0.12.1.2-2.503.el6.ppc64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6.ppc64.rpm x86_64: qemu-guest-agent-0.12.1.2-2.503.el6.x86_64.rpm qemu-img-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.503.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: qemu-kvm-0.12.1.2-2.503.el6.src.rpm i386: qemu-guest-agent-0.12.1.2-2.503.el6.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.503.el6.x86_64.rpm qemu-img-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.503.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-3712 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY0PPGXlSAg2UNWIIRAgw5AKCAMF/URlZmNOgr8yCFfeEKLqpxSgCbBIKS sC7bBv8SYbZXjKAmWa10ewM= =jAzj -----END PGP SIGNATURE----- --
  20. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: tigervnc security and bug fix update Advisory ID: RHSA-2017:0630-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0630.html Issue date: 2017-03-21 CVE Names: CVE-2016-10207 CVE-2017-5581 ===================================================================== 1. Summary: An update for tigervnc is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 3. Description: Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients. The tigervnc packages contain a client which allows users to connect to other desktops running a VNC server. Security Fix(es): * A denial of service flaw was found in the TigerVNC's Xvnc server. A remote unauthenticated attacker could use this flaw to make Xvnc crash by terminating the TLS handshake process early. (CVE-2016-10207) * A buffer overflow flaw, leading to memory corruption, was found in TigerVNC viewer. A remote malicious VNC server could use this flaw to crash the client vncviewer process resulting in denial of service. (CVE-2017-5581) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1323065 - tigervnc cannot build against xorg-x11-server-source 1378922 - tigervnc-server needs to be rebuilt to re-enable listen-on-tcp behavior in RHEL 6.8 1390458 - New version of tigervnc-server disconnects Xsession when initiated from xinetd 1415712 - CVE-2017-5581 tigervnc: Buffer overflow in ModifiablePixelBuffer::fillRect 1418761 - CVE-2016-10207 tigervnc: VNC server can crash when TLS handshake terminates early 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: tigervnc-1.1.0-24.el6.src.rpm i386: tigervnc-1.1.0-24.el6.i686.rpm tigervnc-debuginfo-1.1.0-24.el6.i686.rpm tigervnc-server-1.1.0-24.el6.i686.rpm x86_64: tigervnc-1.1.0-24.el6.x86_64.rpm tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm tigervnc-server-1.1.0-24.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: tigervnc-debuginfo-1.1.0-24.el6.i686.rpm tigervnc-server-module-1.1.0-24.el6.i686.rpm noarch: tigervnc-server-applet-1.1.0-24.el6.noarch.rpm x86_64: tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm tigervnc-server-module-1.1.0-24.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: tigervnc-1.1.0-24.el6.src.rpm noarch: tigervnc-server-applet-1.1.0-24.el6.noarch.rpm x86_64: tigervnc-1.1.0-24.el6.x86_64.rpm tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm tigervnc-server-1.1.0-24.el6.x86_64.rpm tigervnc-server-module-1.1.0-24.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: tigervnc-1.1.0-24.el6.src.rpm i386: tigervnc-1.1.0-24.el6.i686.rpm tigervnc-debuginfo-1.1.0-24.el6.i686.rpm tigervnc-server-1.1.0-24.el6.i686.rpm ppc64: tigervnc-1.1.0-24.el6.ppc64.rpm tigervnc-debuginfo-1.1.0-24.el6.ppc64.rpm tigervnc-server-1.1.0-24.el6.ppc64.rpm s390x: tigervnc-1.1.0-24.el6.s390x.rpm tigervnc-debuginfo-1.1.0-24.el6.s390x.rpm tigervnc-server-1.1.0-24.el6.s390x.rpm x86_64: tigervnc-1.1.0-24.el6.x86_64.rpm tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm tigervnc-server-1.1.0-24.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: tigervnc-debuginfo-1.1.0-24.el6.i686.rpm tigervnc-server-module-1.1.0-24.el6.i686.rpm noarch: tigervnc-server-applet-1.1.0-24.el6.noarch.rpm ppc64: tigervnc-debuginfo-1.1.0-24.el6.ppc64.rpm tigervnc-server-module-1.1.0-24.el6.ppc64.rpm x86_64: tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm tigervnc-server-module-1.1.0-24.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: tigervnc-1.1.0-24.el6.src.rpm i386: tigervnc-1.1.0-24.el6.i686.rpm tigervnc-debuginfo-1.1.0-24.el6.i686.rpm tigervnc-server-1.1.0-24.el6.i686.rpm x86_64: tigervnc-1.1.0-24.el6.x86_64.rpm tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm tigervnc-server-1.1.0-24.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: tigervnc-debuginfo-1.1.0-24.el6.i686.rpm tigervnc-server-module-1.1.0-24.el6.i686.rpm noarch: tigervnc-server-applet-1.1.0-24.el6.noarch.rpm x86_64: tigervnc-debuginfo-1.1.0-24.el6.x86_64.rpm tigervnc-server-module-1.1.0-24.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-10207 https://access.redhat.com/security/cve/CVE-2017-5581 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY0PPlXlSAg2UNWIIRAoieAJ4q8tyit2+xODoaleVP+7d0c50PYQCfbjhp 3VwSxFQUXaRD0jKuopoPGds= =mFj1 -----END PGP SIGNATURE----- --
  21. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openssh security and bug fix update Advisory ID: RHSA-2017:0641-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0641.html Issue date: 2017-03-21 CVE Names: CVE-2015-8325 ===================================================================== 1. Summary: An update for openssh is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): * It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pam_env PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary code as root. (CVE-2015-8325) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the OpenSSH server daemon (sshd) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1218424 - infinite loop, at 100% cpu in ssh if ^Z is pressed at password prompt 1327547 - ssh-copy-id fails with shells unaware of ~/ 1328012 - CVE-2015-8325 openssh: privilege escalation via user's PAM environment and UseLogin=yes 1341747 - sftp -m doesn't work as advertised 1353359 - 5.3p1-117.el6 breaks gss-group1-sha1- key exchange algorithm for GSSAPIKeyExchange authentication 1353410 - [ssh-copy-id] add "The agent has no identities." in remote ~/.ssh/authorized_keys 1373836 - Remove RC4 cipher and questionable MACs enabled by default from OpenSSH 1397547 - SSH does not use the ibmca crypto hardware 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: openssh-5.3p1-122.el6.src.rpm i386: openssh-5.3p1-122.el6.i686.rpm openssh-askpass-5.3p1-122.el6.i686.rpm openssh-clients-5.3p1-122.el6.i686.rpm openssh-debuginfo-5.3p1-122.el6.i686.rpm openssh-server-5.3p1-122.el6.i686.rpm x86_64: openssh-5.3p1-122.el6.x86_64.rpm openssh-askpass-5.3p1-122.el6.x86_64.rpm openssh-clients-5.3p1-122.el6.x86_64.rpm openssh-debuginfo-5.3p1-122.el6.x86_64.rpm openssh-server-5.3p1-122.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: openssh-debuginfo-5.3p1-122.el6.i686.rpm openssh-ldap-5.3p1-122.el6.i686.rpm pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm x86_64: openssh-debuginfo-5.3p1-122.el6.i686.rpm openssh-debuginfo-5.3p1-122.el6.x86_64.rpm openssh-ldap-5.3p1-122.el6.x86_64.rpm pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm pam_ssh_agent_auth-0.9.3-122.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: openssh-5.3p1-122.el6.src.rpm x86_64: openssh-5.3p1-122.el6.x86_64.rpm openssh-clients-5.3p1-122.el6.x86_64.rpm openssh-debuginfo-5.3p1-122.el6.x86_64.rpm openssh-server-5.3p1-122.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: openssh-askpass-5.3p1-122.el6.x86_64.rpm openssh-debuginfo-5.3p1-122.el6.i686.rpm openssh-debuginfo-5.3p1-122.el6.x86_64.rpm openssh-ldap-5.3p1-122.el6.x86_64.rpm pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm pam_ssh_agent_auth-0.9.3-122.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: openssh-5.3p1-122.el6.src.rpm i386: openssh-5.3p1-122.el6.i686.rpm openssh-askpass-5.3p1-122.el6.i686.rpm openssh-clients-5.3p1-122.el6.i686.rpm openssh-debuginfo-5.3p1-122.el6.i686.rpm openssh-server-5.3p1-122.el6.i686.rpm ppc64: openssh-5.3p1-122.el6.ppc64.rpm openssh-askpass-5.3p1-122.el6.ppc64.rpm openssh-clients-5.3p1-122.el6.ppc64.rpm openssh-debuginfo-5.3p1-122.el6.ppc64.rpm openssh-server-5.3p1-122.el6.ppc64.rpm s390x: openssh-5.3p1-122.el6.s390x.rpm openssh-askpass-5.3p1-122.el6.s390x.rpm openssh-clients-5.3p1-122.el6.s390x.rpm openssh-debuginfo-5.3p1-122.el6.s390x.rpm openssh-server-5.3p1-122.el6.s390x.rpm x86_64: openssh-5.3p1-122.el6.x86_64.rpm openssh-askpass-5.3p1-122.el6.x86_64.rpm openssh-clients-5.3p1-122.el6.x86_64.rpm openssh-debuginfo-5.3p1-122.el6.x86_64.rpm openssh-server-5.3p1-122.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: openssh-debuginfo-5.3p1-122.el6.i686.rpm openssh-ldap-5.3p1-122.el6.i686.rpm pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm ppc64: openssh-debuginfo-5.3p1-122.el6.ppc.rpm openssh-debuginfo-5.3p1-122.el6.ppc64.rpm openssh-ldap-5.3p1-122.el6.ppc64.rpm pam_ssh_agent_auth-0.9.3-122.el6.ppc.rpm pam_ssh_agent_auth-0.9.3-122.el6.ppc64.rpm s390x: openssh-debuginfo-5.3p1-122.el6.s390.rpm openssh-debuginfo-5.3p1-122.el6.s390x.rpm openssh-ldap-5.3p1-122.el6.s390x.rpm pam_ssh_agent_auth-0.9.3-122.el6.s390.rpm pam_ssh_agent_auth-0.9.3-122.el6.s390x.rpm x86_64: openssh-debuginfo-5.3p1-122.el6.i686.rpm openssh-debuginfo-5.3p1-122.el6.x86_64.rpm openssh-ldap-5.3p1-122.el6.x86_64.rpm pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm pam_ssh_agent_auth-0.9.3-122.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: openssh-5.3p1-122.el6.src.rpm i386: openssh-5.3p1-122.el6.i686.rpm openssh-askpass-5.3p1-122.el6.i686.rpm openssh-clients-5.3p1-122.el6.i686.rpm openssh-debuginfo-5.3p1-122.el6.i686.rpm openssh-server-5.3p1-122.el6.i686.rpm x86_64: openssh-5.3p1-122.el6.x86_64.rpm openssh-askpass-5.3p1-122.el6.x86_64.rpm openssh-clients-5.3p1-122.el6.x86_64.rpm openssh-debuginfo-5.3p1-122.el6.x86_64.rpm openssh-server-5.3p1-122.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: openssh-debuginfo-5.3p1-122.el6.i686.rpm openssh-ldap-5.3p1-122.el6.i686.rpm pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm x86_64: openssh-debuginfo-5.3p1-122.el6.i686.rpm openssh-debuginfo-5.3p1-122.el6.x86_64.rpm openssh-ldap-5.3p1-122.el6.x86_64.rpm pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm pam_ssh_agent_auth-0.9.3-122.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-8325 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY0PQ/XlSAg2UNWIIRAi5mAJ9N0SUovsOhyNa/26rOagBARxm0RACgn5Sc xwXZcqKY2U+28IaC5rAYIB8= =zb8F -----END PGP SIGNATURE----- --
  22. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: wireshark security and bug fix update Advisory ID: RHSA-2017:0631-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0631.html Issue date: 2017-03-21 CVE Names: CVE-2013-4075 CVE-2015-3811 CVE-2015-3812 CVE-2015-3813 ===================================================================== 1. Summary: An update for wireshark is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The wireshark packages contain a network protocol analyzer used to capture and browse the traffic running on a computer network. Security Fix(es): * Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2013-4075) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of Wireshark must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 972680 - CVE-2013-4075 wireshark: DoS (crash) in the GMR-1 BCCH dissector (wnpa-sec-2013-33) 1222436 - CVE-2015-3811 wireshark: WCP dissector crash (wnpa-sec-2015-14) 1222437 - CVE-2015-3812 wireshark: X11 memory leak (wnpa-sec-2015-15) 1222438 - CVE-2015-3813 wireshark: Reassembly memory leak (wnpa-sec-2015-16) 1222895 - Problems decoding TLS Server Key Exchange messages 1222902 - Encrypt-then-MAC TLS extension unrecognised 1238166 - tshark -F option fails to create capture files in .pcap format. 1240675 - No dissection of the TLS Certificate Verify message 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: wireshark-1.8.10-25.el6.src.rpm i386: wireshark-1.8.10-25.el6.i686.rpm wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-gnome-1.8.10-25.el6.i686.rpm x86_64: wireshark-1.8.10-25.el6.i686.rpm wireshark-1.8.10-25.el6.x86_64.rpm wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-debuginfo-1.8.10-25.el6.x86_64.rpm wireshark-gnome-1.8.10-25.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-devel-1.8.10-25.el6.i686.rpm x86_64: wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-debuginfo-1.8.10-25.el6.x86_64.rpm wireshark-devel-1.8.10-25.el6.i686.rpm wireshark-devel-1.8.10-25.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: wireshark-1.8.10-25.el6.src.rpm i386: wireshark-1.8.10-25.el6.i686.rpm wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-gnome-1.8.10-25.el6.i686.rpm ppc64: wireshark-1.8.10-25.el6.ppc.rpm wireshark-1.8.10-25.el6.ppc64.rpm wireshark-debuginfo-1.8.10-25.el6.ppc.rpm wireshark-debuginfo-1.8.10-25.el6.ppc64.rpm wireshark-gnome-1.8.10-25.el6.ppc64.rpm s390x: wireshark-1.8.10-25.el6.s390.rpm wireshark-1.8.10-25.el6.s390x.rpm wireshark-debuginfo-1.8.10-25.el6.s390.rpm wireshark-debuginfo-1.8.10-25.el6.s390x.rpm wireshark-gnome-1.8.10-25.el6.s390x.rpm x86_64: wireshark-1.8.10-25.el6.i686.rpm wireshark-1.8.10-25.el6.x86_64.rpm wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-debuginfo-1.8.10-25.el6.x86_64.rpm wireshark-gnome-1.8.10-25.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-devel-1.8.10-25.el6.i686.rpm ppc64: wireshark-debuginfo-1.8.10-25.el6.ppc.rpm wireshark-debuginfo-1.8.10-25.el6.ppc64.rpm wireshark-devel-1.8.10-25.el6.ppc.rpm wireshark-devel-1.8.10-25.el6.ppc64.rpm s390x: wireshark-debuginfo-1.8.10-25.el6.s390.rpm wireshark-debuginfo-1.8.10-25.el6.s390x.rpm wireshark-devel-1.8.10-25.el6.s390.rpm wireshark-devel-1.8.10-25.el6.s390x.rpm x86_64: wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-debuginfo-1.8.10-25.el6.x86_64.rpm wireshark-devel-1.8.10-25.el6.i686.rpm wireshark-devel-1.8.10-25.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: wireshark-1.8.10-25.el6.src.rpm i386: wireshark-1.8.10-25.el6.i686.rpm wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-gnome-1.8.10-25.el6.i686.rpm x86_64: wireshark-1.8.10-25.el6.i686.rpm wireshark-1.8.10-25.el6.x86_64.rpm wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-debuginfo-1.8.10-25.el6.x86_64.rpm wireshark-gnome-1.8.10-25.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-devel-1.8.10-25.el6.i686.rpm x86_64: wireshark-debuginfo-1.8.10-25.el6.i686.rpm wireshark-debuginfo-1.8.10-25.el6.x86_64.rpm wireshark-devel-1.8.10-25.el6.i686.rpm wireshark-devel-1.8.10-25.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2013-4075 https://access.redhat.com/security/cve/CVE-2015-3811 https://access.redhat.com/security/cve/CVE-2015-3812 https://access.redhat.com/security/cve/CVE-2015-3813 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY0PQCXlSAg2UNWIIRAi7hAKCGdAZrAsxu0CZZcptOrqRNEI8V5ACggyFd rDJs2bcg7mbGoZL4jUwUSCY= =13EA -----END PGP SIGNATURE----- --
  23. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libguestfs security and bug fix update Advisory ID: RHSA-2017:0564-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0564.html Issue date: 2017-03-21 CVE Names: CVE-2015-8869 ===================================================================== 1. Summary: An update for libguestfs is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - x86_64 Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64 3. Description: The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images. Security Fix(es): * An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak. (CVE-2015-8869) Note: The libguestfs packages in this advisory were rebuilt with a fixed version of OCaml to address this issue. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1319086 - libguestfs-java: mismatch class version vs java dependency 1332090 - CVE-2015-8869 ocaml: sizes arguments are sign-extended from 32 to 64 bits 1388407 - virt-sysprep will fail detecting OS if "/usr" is a distinct partition mounted in "/" via fstab 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: libguestfs-1.20.11-20.el6.src.rpm x86_64: libguestfs-1.20.11-20.el6.x86_64.rpm libguestfs-debuginfo-1.20.11-20.el6.x86_64.rpm libguestfs-java-1.20.11-20.el6.x86_64.rpm libguestfs-tools-1.20.11-20.el6.x86_64.rpm libguestfs-tools-c-1.20.11-20.el6.x86_64.rpm perl-Sys-Guestfs-1.20.11-20.el6.x86_64.rpm python-libguestfs-1.20.11-20.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): x86_64: libguestfs-debuginfo-1.20.11-20.el6.x86_64.rpm libguestfs-devel-1.20.11-20.el6.x86_64.rpm libguestfs-java-devel-1.20.11-20.el6.x86_64.rpm libguestfs-javadoc-1.20.11-20.el6.x86_64.rpm ocaml-libguestfs-1.20.11-20.el6.x86_64.rpm ocaml-libguestfs-devel-1.20.11-20.el6.x86_64.rpm ruby-libguestfs-1.20.11-20.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: libguestfs-1.20.11-20.el6.src.rpm x86_64: libguestfs-1.20.11-20.el6.x86_64.rpm libguestfs-debuginfo-1.20.11-20.el6.x86_64.rpm libguestfs-java-1.20.11-20.el6.x86_64.rpm libguestfs-tools-1.20.11-20.el6.x86_64.rpm libguestfs-tools-c-1.20.11-20.el6.x86_64.rpm perl-Sys-Guestfs-1.20.11-20.el6.x86_64.rpm python-libguestfs-1.20.11-20.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: libguestfs-debuginfo-1.20.11-20.el6.x86_64.rpm libguestfs-devel-1.20.11-20.el6.x86_64.rpm libguestfs-java-devel-1.20.11-20.el6.x86_64.rpm libguestfs-javadoc-1.20.11-20.el6.x86_64.rpm ocaml-libguestfs-1.20.11-20.el6.x86_64.rpm ocaml-libguestfs-devel-1.20.11-20.el6.x86_64.rpm ruby-libguestfs-1.20.11-20.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: libguestfs-1.20.11-20.el6.src.rpm x86_64: libguestfs-1.20.11-20.el6.x86_64.rpm libguestfs-debuginfo-1.20.11-20.el6.x86_64.rpm libguestfs-java-1.20.11-20.el6.x86_64.rpm libguestfs-tools-1.20.11-20.el6.x86_64.rpm libguestfs-tools-c-1.20.11-20.el6.x86_64.rpm perl-Sys-Guestfs-1.20.11-20.el6.x86_64.rpm python-libguestfs-1.20.11-20.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): x86_64: libguestfs-debuginfo-1.20.11-20.el6.x86_64.rpm libguestfs-devel-1.20.11-20.el6.x86_64.rpm libguestfs-java-devel-1.20.11-20.el6.x86_64.rpm libguestfs-javadoc-1.20.11-20.el6.x86_64.rpm ocaml-libguestfs-1.20.11-20.el6.x86_64.rpm ocaml-libguestfs-devel-1.20.11-20.el6.x86_64.rpm ruby-libguestfs-1.20.11-20.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: libguestfs-1.20.11-20.el6.src.rpm x86_64: libguestfs-1.20.11-20.el6.x86_64.rpm libguestfs-debuginfo-1.20.11-20.el6.x86_64.rpm libguestfs-java-1.20.11-20.el6.x86_64.rpm libguestfs-tools-1.20.11-20.el6.x86_64.rpm libguestfs-tools-c-1.20.11-20.el6.x86_64.rpm perl-Sys-Guestfs-1.20.11-20.el6.x86_64.rpm python-libguestfs-1.20.11-20.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): x86_64: libguestfs-debuginfo-1.20.11-20.el6.x86_64.rpm libguestfs-devel-1.20.11-20.el6.x86_64.rpm libguestfs-java-devel-1.20.11-20.el6.x86_64.rpm libguestfs-javadoc-1.20.11-20.el6.x86_64.rpm ocaml-libguestfs-1.20.11-20.el6.x86_64.rpm ocaml-libguestfs-devel-1.20.11-20.el6.x86_64.rpm ruby-libguestfs-1.20.11-20.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-8869 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY0PM/XlSAg2UNWIIRAsh5AJ9uYOz1Vh7C+iGchMXh+5WcPoqvUQCeOgMN p+d2DYe4l+Mj3WDUflLM1F0= =GFWF -----END PGP SIGNATURE----- --
  24. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: samba security and bug fix update Advisory ID: RHSA-2017:0662-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0662.html Issue date: 2017-03-21 CVE Names: CVE-2016-2125 CVE-2016-2126 ===================================================================== 1. Summary: An update for samba is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix(es): * It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) * A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the smb service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1327697 - schannel connections fail to the DC because netlogon credentials are not updated correctly 1372611 - NetAPP SMB servers don't negotiate NTLMSSP_SIGN for SESSION KEY setup 1403114 - CVE-2016-2125 samba: Unconditional privilege delegation to Kerberos servers in trusted realms 1403115 - CVE-2016-2126 samba: Flaws in Kerberos PAC validation can trigger privilege elevation 1413672 - BADLOCK REGRESSION: Member fails to authenticate against nt4_dc, if the member changes it secret 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: samba-3.6.23-41.el6.src.rpm i386: libsmbclient-3.6.23-41.el6.i686.rpm samba-client-3.6.23-41.el6.i686.rpm samba-common-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-winbind-3.6.23-41.el6.i686.rpm samba-winbind-clients-3.6.23-41.el6.i686.rpm x86_64: libsmbclient-3.6.23-41.el6.i686.rpm libsmbclient-3.6.23-41.el6.x86_64.rpm samba-client-3.6.23-41.el6.x86_64.rpm samba-common-3.6.23-41.el6.i686.rpm samba-common-3.6.23-41.el6.x86_64.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.x86_64.rpm samba-winbind-3.6.23-41.el6.x86_64.rpm samba-winbind-clients-3.6.23-41.el6.i686.rpm samba-winbind-clients-3.6.23-41.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: libsmbclient-devel-3.6.23-41.el6.i686.rpm samba-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-doc-3.6.23-41.el6.i686.rpm samba-domainjoin-gui-3.6.23-41.el6.i686.rpm samba-swat-3.6.23-41.el6.i686.rpm samba-winbind-devel-3.6.23-41.el6.i686.rpm samba-winbind-krb5-locator-3.6.23-41.el6.i686.rpm x86_64: libsmbclient-devel-3.6.23-41.el6.i686.rpm libsmbclient-devel-3.6.23-41.el6.x86_64.rpm samba-3.6.23-41.el6.x86_64.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.x86_64.rpm samba-doc-3.6.23-41.el6.x86_64.rpm samba-domainjoin-gui-3.6.23-41.el6.x86_64.rpm samba-glusterfs-3.6.23-41.el6.x86_64.rpm samba-swat-3.6.23-41.el6.x86_64.rpm samba-winbind-devel-3.6.23-41.el6.i686.rpm samba-winbind-devel-3.6.23-41.el6.x86_64.rpm samba-winbind-krb5-locator-3.6.23-41.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: samba-3.6.23-41.el6.src.rpm x86_64: samba-client-3.6.23-41.el6.x86_64.rpm samba-common-3.6.23-41.el6.i686.rpm samba-common-3.6.23-41.el6.x86_64.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.x86_64.rpm samba-winbind-3.6.23-41.el6.x86_64.rpm samba-winbind-clients-3.6.23-41.el6.i686.rpm samba-winbind-clients-3.6.23-41.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: libsmbclient-3.6.23-41.el6.i686.rpm libsmbclient-3.6.23-41.el6.x86_64.rpm libsmbclient-devel-3.6.23-41.el6.i686.rpm libsmbclient-devel-3.6.23-41.el6.x86_64.rpm samba-3.6.23-41.el6.x86_64.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.x86_64.rpm samba-doc-3.6.23-41.el6.x86_64.rpm samba-domainjoin-gui-3.6.23-41.el6.x86_64.rpm samba-glusterfs-3.6.23-41.el6.x86_64.rpm samba-swat-3.6.23-41.el6.x86_64.rpm samba-winbind-devel-3.6.23-41.el6.i686.rpm samba-winbind-devel-3.6.23-41.el6.x86_64.rpm samba-winbind-krb5-locator-3.6.23-41.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: samba-3.6.23-41.el6.src.rpm i386: libsmbclient-3.6.23-41.el6.i686.rpm samba-3.6.23-41.el6.i686.rpm samba-client-3.6.23-41.el6.i686.rpm samba-common-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-winbind-3.6.23-41.el6.i686.rpm samba-winbind-clients-3.6.23-41.el6.i686.rpm ppc64: libsmbclient-3.6.23-41.el6.ppc.rpm libsmbclient-3.6.23-41.el6.ppc64.rpm samba-3.6.23-41.el6.ppc64.rpm samba-client-3.6.23-41.el6.ppc64.rpm samba-common-3.6.23-41.el6.ppc.rpm samba-common-3.6.23-41.el6.ppc64.rpm samba-debuginfo-3.6.23-41.el6.ppc.rpm samba-debuginfo-3.6.23-41.el6.ppc64.rpm samba-winbind-3.6.23-41.el6.ppc64.rpm samba-winbind-clients-3.6.23-41.el6.ppc.rpm samba-winbind-clients-3.6.23-41.el6.ppc64.rpm s390x: libsmbclient-3.6.23-41.el6.s390.rpm libsmbclient-3.6.23-41.el6.s390x.rpm samba-3.6.23-41.el6.s390x.rpm samba-client-3.6.23-41.el6.s390x.rpm samba-common-3.6.23-41.el6.s390.rpm samba-common-3.6.23-41.el6.s390x.rpm samba-debuginfo-3.6.23-41.el6.s390.rpm samba-debuginfo-3.6.23-41.el6.s390x.rpm samba-winbind-3.6.23-41.el6.s390x.rpm samba-winbind-clients-3.6.23-41.el6.s390.rpm samba-winbind-clients-3.6.23-41.el6.s390x.rpm x86_64: libsmbclient-3.6.23-41.el6.i686.rpm libsmbclient-3.6.23-41.el6.x86_64.rpm samba-3.6.23-41.el6.x86_64.rpm samba-client-3.6.23-41.el6.x86_64.rpm samba-common-3.6.23-41.el6.i686.rpm samba-common-3.6.23-41.el6.x86_64.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.x86_64.rpm samba-winbind-3.6.23-41.el6.x86_64.rpm samba-winbind-clients-3.6.23-41.el6.i686.rpm samba-winbind-clients-3.6.23-41.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: libsmbclient-devel-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-doc-3.6.23-41.el6.i686.rpm samba-domainjoin-gui-3.6.23-41.el6.i686.rpm samba-swat-3.6.23-41.el6.i686.rpm samba-winbind-devel-3.6.23-41.el6.i686.rpm samba-winbind-krb5-locator-3.6.23-41.el6.i686.rpm ppc64: libsmbclient-devel-3.6.23-41.el6.ppc.rpm libsmbclient-devel-3.6.23-41.el6.ppc64.rpm samba-debuginfo-3.6.23-41.el6.ppc.rpm samba-debuginfo-3.6.23-41.el6.ppc64.rpm samba-doc-3.6.23-41.el6.ppc64.rpm samba-domainjoin-gui-3.6.23-41.el6.ppc64.rpm samba-swat-3.6.23-41.el6.ppc64.rpm samba-winbind-devel-3.6.23-41.el6.ppc.rpm samba-winbind-devel-3.6.23-41.el6.ppc64.rpm samba-winbind-krb5-locator-3.6.23-41.el6.ppc64.rpm s390x: libsmbclient-devel-3.6.23-41.el6.s390.rpm libsmbclient-devel-3.6.23-41.el6.s390x.rpm samba-debuginfo-3.6.23-41.el6.s390.rpm samba-debuginfo-3.6.23-41.el6.s390x.rpm samba-doc-3.6.23-41.el6.s390x.rpm samba-domainjoin-gui-3.6.23-41.el6.s390x.rpm samba-swat-3.6.23-41.el6.s390x.rpm samba-winbind-devel-3.6.23-41.el6.s390.rpm samba-winbind-devel-3.6.23-41.el6.s390x.rpm samba-winbind-krb5-locator-3.6.23-41.el6.s390x.rpm x86_64: libsmbclient-devel-3.6.23-41.el6.i686.rpm libsmbclient-devel-3.6.23-41.el6.x86_64.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.x86_64.rpm samba-doc-3.6.23-41.el6.x86_64.rpm samba-domainjoin-gui-3.6.23-41.el6.x86_64.rpm samba-glusterfs-3.6.23-41.el6.x86_64.rpm samba-swat-3.6.23-41.el6.x86_64.rpm samba-winbind-devel-3.6.23-41.el6.i686.rpm samba-winbind-devel-3.6.23-41.el6.x86_64.rpm samba-winbind-krb5-locator-3.6.23-41.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: samba-3.6.23-41.el6.src.rpm i386: libsmbclient-3.6.23-41.el6.i686.rpm samba-3.6.23-41.el6.i686.rpm samba-client-3.6.23-41.el6.i686.rpm samba-common-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-winbind-3.6.23-41.el6.i686.rpm samba-winbind-clients-3.6.23-41.el6.i686.rpm x86_64: libsmbclient-3.6.23-41.el6.i686.rpm libsmbclient-3.6.23-41.el6.x86_64.rpm samba-3.6.23-41.el6.x86_64.rpm samba-client-3.6.23-41.el6.x86_64.rpm samba-common-3.6.23-41.el6.i686.rpm samba-common-3.6.23-41.el6.x86_64.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.x86_64.rpm samba-winbind-3.6.23-41.el6.x86_64.rpm samba-winbind-clients-3.6.23-41.el6.i686.rpm samba-winbind-clients-3.6.23-41.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: libsmbclient-devel-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-doc-3.6.23-41.el6.i686.rpm samba-domainjoin-gui-3.6.23-41.el6.i686.rpm samba-swat-3.6.23-41.el6.i686.rpm samba-winbind-devel-3.6.23-41.el6.i686.rpm samba-winbind-krb5-locator-3.6.23-41.el6.i686.rpm x86_64: libsmbclient-devel-3.6.23-41.el6.i686.rpm libsmbclient-devel-3.6.23-41.el6.x86_64.rpm samba-debuginfo-3.6.23-41.el6.i686.rpm samba-debuginfo-3.6.23-41.el6.x86_64.rpm samba-doc-3.6.23-41.el6.x86_64.rpm samba-domainjoin-gui-3.6.23-41.el6.x86_64.rpm samba-glusterfs-3.6.23-41.el6.x86_64.rpm samba-swat-3.6.23-41.el6.x86_64.rpm samba-winbind-devel-3.6.23-41.el6.i686.rpm samba-winbind-devel-3.6.23-41.el6.x86_64.rpm samba-winbind-krb5-locator-3.6.23-41.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-2125 https://access.redhat.com/security/cve/CVE-2016-2126 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html https://www.samba.org/samba/security/CVE-2016-2125.html https://www.samba.org/samba/security/CVE-2016-2126.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY0PTJXlSAg2UNWIIRAj7/AKC4d9EjAtWkRfzZcMTNjs9QSyA7WwCeO3zK 2t8dVsQW4eJIwkQvC5dEpS0= =OzKU -----END PGP SIGNATURE----- --
  25. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: glibc security and bug fix update Advisory ID: RHSA-2017:0680-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0680.html Issue date: 2017-03-21 CVE Names: CVE-2014-9761 CVE-2015-8776 CVE-2015-8778 CVE-2015-8779 ===================================================================== 1. Summary: An update for glibc is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code. (CVE-2014-9761) * It was found that out-of-range time values passed to the strftime() function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure. (CVE-2015-8776) * An integer overflow vulnerability was found in hcreate() and hcreate_r() functions which could result in an out-of-bounds memory access. This could lead to application crash or, potentially, arbitrary code execution. (CVE-2015-8778) * A stack based buffer overflow vulnerability was found in the catopen() function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code. (CVE-2015-8779) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all services linked to the glibc library must be restarted, or the system rebooted. 5. Bugs fixed (https://bugzilla.redhat.com/): 1012343 - Thread issue in glibc can cause the application to not get any identity information 1101858 - glibc: Add el_GR ( -at -) euro, ur_IN, and wal_ET locales 1223095 - access to uninitialized memory in getaddrinfo if nscd is running 1270950 - getaddrinfo() takes long time when lots of IP addresses are configured 1300299 - CVE-2015-8776 glibc: Segmentation fault caused by passing out-of-range data to strftime() 1300303 - CVE-2015-8778 glibc: Integer overflow in hcreate and hcreate_r 1300310 - CVE-2014-9761 glibc: Unbounded stack allocation in nan* functions 1300312 - CVE-2015-8779 glibc: Unbounded stack allocation in catopen function 1338673 - glibc: GCC 6 enablement for struct sockaddr_storage [el6] 1373646 - tzdata-update uses default umask 1416496 - getaddrinfo() call returns wrong IPv6 address if nscd is used 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: glibc-2.12-1.209.el6.src.rpm i386: glibc-2.12-1.209.el6.i686.rpm glibc-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-devel-2.12-1.209.el6.i686.rpm glibc-headers-2.12-1.209.el6.i686.rpm glibc-utils-2.12-1.209.el6.i686.rpm nscd-2.12-1.209.el6.i686.rpm x86_64: glibc-2.12-1.209.el6.i686.rpm glibc-2.12-1.209.el6.x86_64.rpm glibc-common-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.x86_64.rpm glibc-devel-2.12-1.209.el6.i686.rpm glibc-devel-2.12-1.209.el6.x86_64.rpm glibc-headers-2.12-1.209.el6.x86_64.rpm glibc-utils-2.12-1.209.el6.x86_64.rpm nscd-2.12-1.209.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-static-2.12-1.209.el6.i686.rpm x86_64: glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.x86_64.rpm glibc-static-2.12-1.209.el6.i686.rpm glibc-static-2.12-1.209.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: glibc-2.12-1.209.el6.src.rpm x86_64: glibc-2.12-1.209.el6.i686.rpm glibc-2.12-1.209.el6.x86_64.rpm glibc-common-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.x86_64.rpm glibc-devel-2.12-1.209.el6.i686.rpm glibc-devel-2.12-1.209.el6.x86_64.rpm glibc-headers-2.12-1.209.el6.x86_64.rpm glibc-utils-2.12-1.209.el6.x86_64.rpm nscd-2.12-1.209.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.x86_64.rpm glibc-static-2.12-1.209.el6.i686.rpm glibc-static-2.12-1.209.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: glibc-2.12-1.209.el6.src.rpm i386: glibc-2.12-1.209.el6.i686.rpm glibc-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-devel-2.12-1.209.el6.i686.rpm glibc-headers-2.12-1.209.el6.i686.rpm glibc-utils-2.12-1.209.el6.i686.rpm nscd-2.12-1.209.el6.i686.rpm ppc64: glibc-2.12-1.209.el6.ppc.rpm glibc-2.12-1.209.el6.ppc64.rpm glibc-common-2.12-1.209.el6.ppc64.rpm glibc-debuginfo-2.12-1.209.el6.ppc.rpm glibc-debuginfo-2.12-1.209.el6.ppc64.rpm glibc-debuginfo-common-2.12-1.209.el6.ppc.rpm glibc-debuginfo-common-2.12-1.209.el6.ppc64.rpm glibc-devel-2.12-1.209.el6.ppc.rpm glibc-devel-2.12-1.209.el6.ppc64.rpm glibc-headers-2.12-1.209.el6.ppc64.rpm glibc-utils-2.12-1.209.el6.ppc64.rpm nscd-2.12-1.209.el6.ppc64.rpm s390x: glibc-2.12-1.209.el6.s390.rpm glibc-2.12-1.209.el6.s390x.rpm glibc-common-2.12-1.209.el6.s390x.rpm glibc-debuginfo-2.12-1.209.el6.s390.rpm glibc-debuginfo-2.12-1.209.el6.s390x.rpm glibc-debuginfo-common-2.12-1.209.el6.s390.rpm glibc-debuginfo-common-2.12-1.209.el6.s390x.rpm glibc-devel-2.12-1.209.el6.s390.rpm glibc-devel-2.12-1.209.el6.s390x.rpm glibc-headers-2.12-1.209.el6.s390x.rpm glibc-utils-2.12-1.209.el6.s390x.rpm nscd-2.12-1.209.el6.s390x.rpm x86_64: glibc-2.12-1.209.el6.i686.rpm glibc-2.12-1.209.el6.x86_64.rpm glibc-common-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.x86_64.rpm glibc-devel-2.12-1.209.el6.i686.rpm glibc-devel-2.12-1.209.el6.x86_64.rpm glibc-headers-2.12-1.209.el6.x86_64.rpm glibc-utils-2.12-1.209.el6.x86_64.rpm nscd-2.12-1.209.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-static-2.12-1.209.el6.i686.rpm ppc64: glibc-debuginfo-2.12-1.209.el6.ppc.rpm glibc-debuginfo-2.12-1.209.el6.ppc64.rpm glibc-debuginfo-common-2.12-1.209.el6.ppc.rpm glibc-debuginfo-common-2.12-1.209.el6.ppc64.rpm glibc-static-2.12-1.209.el6.ppc.rpm glibc-static-2.12-1.209.el6.ppc64.rpm s390x: glibc-debuginfo-2.12-1.209.el6.s390.rpm glibc-debuginfo-2.12-1.209.el6.s390x.rpm glibc-debuginfo-common-2.12-1.209.el6.s390.rpm glibc-debuginfo-common-2.12-1.209.el6.s390x.rpm glibc-static-2.12-1.209.el6.s390.rpm glibc-static-2.12-1.209.el6.s390x.rpm x86_64: glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.x86_64.rpm glibc-static-2.12-1.209.el6.i686.rpm glibc-static-2.12-1.209.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: glibc-2.12-1.209.el6.src.rpm i386: glibc-2.12-1.209.el6.i686.rpm glibc-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-devel-2.12-1.209.el6.i686.rpm glibc-headers-2.12-1.209.el6.i686.rpm glibc-utils-2.12-1.209.el6.i686.rpm nscd-2.12-1.209.el6.i686.rpm x86_64: glibc-2.12-1.209.el6.i686.rpm glibc-2.12-1.209.el6.x86_64.rpm glibc-common-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.x86_64.rpm glibc-devel-2.12-1.209.el6.i686.rpm glibc-devel-2.12-1.209.el6.x86_64.rpm glibc-headers-2.12-1.209.el6.x86_64.rpm glibc-utils-2.12-1.209.el6.x86_64.rpm nscd-2.12-1.209.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-static-2.12-1.209.el6.i686.rpm x86_64: glibc-debuginfo-2.12-1.209.el6.i686.rpm glibc-debuginfo-2.12-1.209.el6.x86_64.rpm glibc-debuginfo-common-2.12-1.209.el6.i686.rpm glibc-debuginfo-common-2.12-1.209.el6.x86_64.rpm glibc-static-2.12-1.209.el6.i686.rpm glibc-static-2.12-1.209.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2014-9761 https://access.redhat.com/security/cve/CVE-2015-8776 https://access.redhat.com/security/cve/CVE-2015-8778 https://access.redhat.com/security/cve/CVE-2015-8779 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY0PUyXlSAg2UNWIIRAhr6AJ41TwpX4GlTdzHFMpTodtlmlfMZTwCfQ0pd XJUoh8+cFg11T95uhak9bLA= =V1Eh -----END PGP SIGNATURE----- --
×