Date: Mon, 15 Dec 2014 18:15:18 -0600
Reply-To: "SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV"
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Subject: SCL 1.2 on SL6.x, SL7.x x86_64 now available
Scientific Linux Software Collection Library 1.2 on SL6.x, SL7.x x86_64
== Introduction =The publication of the Software Collection Library 1.2 on SL6.x, SL7.x
x86_64 is now complete.
Software Collections give you power to build, install, and use multiple
versions of software on the same system, without affecting system-wide
installed packages.
== Publication Information =
http://ftp.scientificlinux.org/linux/scientific/7x/external_products/softwarecollections/
This release includes:
- devassist09
- devtoolset-3
- binutils
- dwz
- dyninst
- eclipse
- elfutils
- gcc
- gdb
- memstomp
- valgrind
- git19
- httpd24
- mariadb55
- maven30
- mongodb24
- mysql55
- nginx14
- nginx16
- nodejs010
- perl516
- php54
- php55
- postgresql92
- python27
- python33
- ror40
- ruby193
- ruby200
- thermostat1
- v8314
Date: Tue, 16 Dec 2014 09:17:21 -0600
Reply-To: Pat Riehecky
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Subject: FASTBUGS for SL 6x i386, x86_64 now available
MIME-Version: 1.0
The following FASTBUGS have been uploaded to
i386:
resource-agents-3.9.5-12.el6_6.1.i686.rpm
x86_64:
resource-agents-3.9.5-12.el6_6.1.x86_64.rpm
resource-agents-sap-3.9.5-12.el6_6.1.x86_64.rpm
Date: Tue, 16 Dec 2014 09:36:33 -0600
Reply-To: Pat Riehecky
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Subject: FASTBUGS for SL 5x i386, x86_64 now available
MIME-Version: 1.0
The following FASTBUGS have been uploaded to
i386:
gcc44-4.4.7-11.el5_11.i386.rpm
gcc44-c++-4.4.7-11.el5_11.i386.rpm
gcc44-gfortran-4.4.7-11.el5_11.i386.rpm
libgfortran44-4.4.7-11.el5_11.i386.rpm
libgomp-4.4.7-11.el5_11.i386.rpm
libstdc++44-devel-4.4.7-11.el5_11.i386.rpm
x86_64:
gcc44-4.4.7-11.el5_11.x86_64.rpm
gcc44-c++-4.4.7-11.el5_11.x86_64.rpm
gcc44-gfortran-4.4.7-11.el5_11.x86_64.rpm
libgfortran44-4.4.7-11.el5_11.i386.rpm
libgfortran44-4.4.7-11.el5_11.x86_64.rpm
libgomp-4.4.7-11.el5_11.i386.rpm
libgomp-4.4.7-11.el5_11.x86_64.rpm
libstdc++44-devel-4.4.7-11.el5_11.i386.rpm
libstdc++44-devel-4.4.7-11.el5_11.x86_64.rpm
Date: Tue, 16 Dec 2014 09:41:10 -0600
Reply-To: Pat Riehecky
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Subject: FASTBUGS for SL 7x x86_64 now available
MIME-Version: 1.0
The following FASTBUGS have been uploaded to
http://ftp.scientificlinux.org/linux/scientific/7x/x86_64/updates/fastbugs/
x86_64:
ibus-kkc-1.5.18-5.el7.x86_64.rpm
libcacard-1.5.3-60.el7_0.11.i686.rpm
libcacard-1.5.3-60.el7_0.11.x86_64.rpm
libcacard-devel-1.5.3-60.el7_0.11.i686.rpm
libcacard-devel-1.5.3-60.el7_0.11.x86_64.rpm
libcacard-tools-1.5.3-60.el7_0.11.x86_64.rpm
libgudev1-208-11.el7_0.5.i686.rpm
libgudev1-208-11.el7_0.5.x86_64.rpm
libgudev1-devel-208-11.el7_0.5.i686.rpm
libgudev1-devel-208-11.el7_0.5.x86_64.rpm
libkkc-0.3.1-5.el7.i686.rpm
libkkc-0.3.1-5.el7.x86_64.rpm
libkkc-common-0.3.1-5.el7.noarch.rpm
libkkc-data-0.3.1-5.el7.x86_64.rpm
libkkc-devel-0.3.1-5.el7.i686.rpm
libkkc-devel-0.3.1-5.el7.x86_64.rpm
libkkc-tools-0.3.1-5.el7.x86_64.rpm
libpcap-1.5.3-3.el7_0.1.i686.rpm
libpcap-1.5.3-3.el7_0.1.x86_64.rpm
libpcap-devel-1.5.3-3.el7_0.1.i686.rpm
libpcap-devel-1.5.3-3.el7_0.1.x86_64.rpm
NetworkManager-0.9.9.1-29.git20140326.4dba720.el7_0.i686.rpm
NetworkManager-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm
NetworkManager-config-server-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm
NetworkManager-devel-0.9.9.1-29.git20140326.4dba720.el7_0.i686.rpm
NetworkManager-devel-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm
NetworkManager-glib-0.9.9.1-29.git20140326.4dba720.el7_0.i686.rpm
NetworkManager-glib-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm
NetworkManager-glib-devel-0.9.9.1-29.git20140326.4dba720.el7_0.i686.rpm
NetworkManager-glib-devel-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm
NetworkManager-tui-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm
opencryptoki-3.0-11.el7_0.1.i686.rpm
opencryptoki-3.0-11.el7_0.1.x86_64.rpm
opencryptoki-devel-3.0-11.el7_0.1.i686.rpm
opencryptoki-devel-3.0-11.el7_0.1.x86_64.rpm
opencryptoki-icsftok-3.0-11.el7_0.1.i686.rpm
opencryptoki-icsftok-3.0-11.el7_0.1.x86_64.rpm
opencryptoki-libs-3.0-11.el7_0.1.i686.rpm
opencryptoki-libs-3.0-11.el7_0.1.x86_64.rpm
opencryptoki-swtok-3.0-11.el7_0.1.i686.rpm
opencryptoki-swtok-3.0-11.el7_0.1.x86_64.rpm
opencryptoki-tpmtok-3.0-11.el7_0.1.i686.rpm
opencryptoki-tpmtok-3.0-11.el7_0.1.x86_64.rpm
publican-3.2.0-4.el7.noarch.rpm
publican-common-db5-web-3.2.0-4.el7.noarch.rpm
publican-common-web-3.2.0-4.el7.noarch.rpm
publican-doc-3.2.0-4.el7.noarch.rpm
qemu-guest-agent-1.5.3-60.el7_0.11.x86_64.rpm
qemu-img-1.5.3-60.el7_0.11.x86_64.rpm
qemu-kvm-1.5.3-60.el7_0.11.x86_64.rpm
qemu-kvm-common-1.5.3-60.el7_0.11.x86_64.rpm
qemu-kvm-tools-1.5.3-60.el7_0.11.x86_64.rpm
sl-release-7.0-2.2.sl7.x86_64.rpm
spice-server-0.12.4-5.el7_0.1.x86_64.rpm
spice-server-devel-0.12.4-5.el7_0.1.x86_64.rpm
systemd-208-11.el7_0.5.x86_64.rpm
systemd-devel-208-11.el7_0.5.i686.rpm
systemd-devel-208-11.el7_0.5.x86_64.rpm
systemd-journal-gateway-208-11.el7_0.5.x86_64.rpm
systemd-libs-208-11.el7_0.5.i686.rpm
systemd-libs-208-11.el7_0.5.x86_64.rpm
systemd-python-208-11.el7_0.5.x86_64.rpm
systemd-sysv-208-11.el7_0.5.x86_64.rpm
yum-conf-sl7x-7.0-2.2.sl7.noarch.rpm
Date: Tue, 16 Dec 2014 21:27:26 +0000
Reply-To: scientific-linux-users@listserv.fnal.gov
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Subject: Security ERRATA Moderate: mailx on SL6.x, SL7.x i386/x86_64
MIME-Version: 1.0
Synopsis: Moderate: mailx security update
Advisory ID: SLSA-2014:1999-1
Issue Date: 2014-12-16
CVE Numbers: CVE-2004-2771
CVE-2014-7844
--
A flaw was found in the way mailx handled the parsing of email addresses.
A syntactically valid email address could allow a local attacker to cause
mailx to execute arbitrary shell commands through shell meta-charactersand the direct command execution functionality. (CVE-2004-2771,
CVE-2014-7844)
Note: Applications using mailx to send email to addresses obtained from
untrusted sources will still remain vulnerable to other attacks if they
accept email addresses which start with "-" (so that they can be confused
with mailx options). To counteract this issue, this update also introduces
the "--" option, which will treat the remaining command line arguments as
email addresses.
--
SL6
x86_64
mailx-12.4-8.el6_6.x86_64.rpm
mailx-debuginfo-12.4-8.el6_6.x86_64.rpm
i386
mailx-12.4-8.el6_6.i686.rpm
mailx-debuginfo-12.4-8.el6_6.i686.rpm
SL7
x86_64
mailx-12.5-12.el7_0.x86_64.rpm
mailx-debuginfo-12.5-12.el7_0.x86_64.rpm
- Scientific Linux Development Team
SciLinux: CVE-2004-2771 Moderate: mailx SL6.x, SL7.x i386/x86_64
Moderate: mailx security update
Summary
Moderate: mailx security update
Security Fixes
Severity
Advisory ID: SLSA-2014:1999-1
Issued Date: : 2014-12-16
CVE Numbers: CVE-2004-2771
CVE-2014-7844
News
HOWTOs
Features
About Us
Powered By
