Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Tue, 16 Jul 2013 12:13:37 -0500 Reply-To: Bonnie KingSender: Security Errata for Scientific Linux From: Bonnie King Subject: FASTBUGS for SL 6x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: clusterlib-3.0.12.1-49.el6_4.1.i686.rpm clusterlib-devel-3.0.12.1-49.el6_4.1.i686.rpm cman-3.0.12.1-49.el6_4.1.i686.rpm gfs2-utils-3.0.12.1-49.el6_4.1.i686.rpm glibc-2.12-1.107.el6_4.2.i686.rpm glibc-common-2.12-1.107.el6_4.2.i686.rpm glibc-devel-2.12-1.107.el6_4.2.i686.rpm glibc-headers-2.12-1.107.el6_4.2.i686.rpm glibc-static-2.12-1.107.el6_4.2.i686.rpm glibc-utils-2.12-1.107.el6_4.2.i686.rpm ibus-hangul-1.3.0.20100329-6.el6.i686.rpm irqbalance-1.0.4-4.el6_4.i686.rpm kde-settings-4.3.1-2.el6.noarch.rpm kde-settings-kdm-4.3.1-2.el6.noarch.rpm kde-settings-pulseaudio-4.3.1-2.el6.noarch.rpm krb5-devel-1.10.3-10.el6_4.4.i686.rpm krb5-libs-1.10.3-10.el6_4.4.i686.rpm krb5-pkinit-openssl-1.10.3-10.el6_4.4.i686.rpm krb5-server-1.10.3-10.el6_4.4.i686.rpm krb5-server-ldap-1.10.3-10.el6_4.4.i686.rpm krb5-workstation-1.10.3-10.el6_4.4.i686.rpm nscd-2.12-1.107.el6_4.2.i686.rpm python-2.6.6-37.el6_4.i686.rpm python-devel-2.6.6-37.el6_4.i686.rpm python-libs-2.6.6-37.el6_4.i686.rpm python-test-2.6.6-37.el6_4.i686.rpm python-tools-2.6.6-37.el6_4.i686.rpm sblim-wbemcli-1.6.1-2.el6.i686.rpm scl-utils-20120927-2.el6_4.6.i686.rpm scl-utils-build-20120927-2.el6_4.6.i686.rpm tkinter-2.6.6-37.el6_4.i686.rpm x86_64: clusterlib-3.0.12.1-49.el6_4.1.i686.rpm clusterlib-3.0.12.1-49.el6_4.1.x86_64.rpm clusterlib-devel-3.0.12.1-49.el6_4.1.i686.rpm clusterlib-devel-3.0.12.1-49.el6_4.1.x86_64.rpm cman-3.0.12.1-49.el6_4.1.x86_64.rpm gfs2-utils-3.0.12.1-49.el6_4.1.x86_64.rpm glibc-2.12-1.107.el6_4.2.i686.rpm glibc-2.12-1.107.el6_4.2.x86_64.rpm glibc-common-2.12-1.107.el6_4.2.x86_64.rpm glibc-devel-2.12-1.107.el6_4.2.i686.rpm glibc-devel-2.12-1.107.el6_4.2.x86_64.rpm glibc-headers-2.12-1.107.el6_4.2.x86_64.rpm glibc-static-2.12-1.107.el6_4.2.i686.rpm glibc-static-2.12-1.107.el6_4.2.x86_64.rpm glibc-utils-2.12-1.107.el6_4.2.x86_64.rpm ibus-hangul-1.3.0.20100329-6.el6.x86_64.rpm irqbalance-1.0.4-4.el6_4.x86_64.rpm kde-settings-4.3.1-2.el6.noarch.rpm kde-settings-kdm-4.3.1-2.el6.noarch.rpm kde-settings-pulseaudio-4.3.1-2.el6.noarch.rpm krb5-devel-1.10.3-10.el6_4.4.i686.rpm krb5-devel-1.10.3-10.el6_4.4.x86_64.rpm krb5-libs-1.10.3-10.el6_4.4.i686.rpm krb5-libs-1.10.3-10.el6_4.4.x86_64.rpm krb5-pkinit-openssl-1.10.3-10.el6_4.4.x86_64.rpm krb5-server-1.10.3-10.el6_4.4.x86_64.rpm krb5-server-ldap-1.10.3-10.el6_4.4.i686.rpm krb5-server-ldap-1.10.3-10.el6_4.4.x86_64.rpm krb5-workstation-1.10.3-10.el6_4.4.x86_64.rpm nscd-2.12-1.107.el6_4.2.x86_64.rpm python-2.6.6-37.el6_4.i686.rpm python-2.6.6-37.el6_4.x86_64.rpm python-devel-2.6.6-37.el6_4.i686.rpm python-devel-2.6.6-37.el6_4.x86_64.rpm python-libs-2.6.6-37.el6_4.i686.rpm python-libs-2.6.6-37.el6_4.x86_64.rpm python-test-2.6.6-37.el6_4.x86_64.rpm python-tools-2.6.6-37.el6_4.x86_64.rpm sblim-wbemcli-1.6.1-2.el6.x86_64.rpm scl-utils-20120927-2.el6_4.6.x86_64.rpm scl-utils-build-20120927-2.el6_4.6.x86_64.rpm spice-server-0.12.0-12.el6_4.2.x86_64.rpm spice-server-devel-0.12.0-12.el6_4.2.x86_64.rpm tkinter-2.6.6-37.el6_4.x86_64.rpm Date: Wed, 17 Jul 2013 16:44:41 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Bonnie King Subject: Security ERRATA Moderate: kernel on SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Moderate: kernel security and bug fix update Advisory ID: SLSA-2013:1051-1 Issue Date: 2013-07-16 CVE Numbers: CVE-2013-0914 CVE-2013-1848 CVE-2013-2634 CVE-2013-2635 CVE-2013-3222 CVE-2013-3224 CVE-2013-3225 CVE-2012-6548 CVE-2013-3301 CVE-2013-2128 CVE-2013-2852 -- This update fixes the following security issues: * A flaw was found in the tcp_read_sock() function in the Linux kernel's IPv4 TCP/IP protocol suite implementation in the way socket buffers (skb) were handled. A local, unprivileged user could trigger this issue via a call to splice(), leading to a denial of service. (CVE-2013-2128, Moderate) * Information leak flaws in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user-space. (CVE-2012-6548, CVE-2013-2634, CVE-2013-2635, CVE-2013-3222, CVE-2013-3224, CVE-2013-3225, Low) * An information leak was found in the Linux kernel's POSIX signals implementation. A local, unprivileged user could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2013-0914, Low) * A format string flaw was found in the ext3_msg() function in the Linux kernel's ext3 file system implementation. A local user who is able to mount an ext3 file system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1848, Low) * A format string flaw was found in the b43_do_request_fw() function in the Linux kernel's b43 driver implementation. A local user who is able to specify the "fwpostfix" b43 module parameter could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-2852, Low) * A NULL pointer dereference flaw was found in the Linux kernel's ftrace and function tracer implementations. A local user who has the CAP_SYS_ADMIN capability could use this flaw to cause a denial of service. (CVE-2013-3301, Low) The system must be rebooted for this update to take effect. -- SL6 x86_64 kernel-2.6.32-358.14.1.el6.x86_64.rpm kernel-debug-2.6.32-358.14.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.14.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.14.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.14.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.14.1.el6.x86_64.rpm kernel-devel-2.6.32-358.14.1.el6.x86_64.rpm kernel-headers-2.6.32-358.14.1.el6.x86_64.rpm perf-2.6.32-358.14.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.14.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.14.1.el6.x86_64.rpm python-perf-2.6.32-358.14.1.el6.x86_64.rpm i386 kernel-2.6.32-358.14.1.el6.i686.rpm kernel-debug-2.6.32-358.14.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-358.14.1.el6.i686.rpm kernel-debug-devel-2.6.32-358.14.1.el6.i686.rpm kernel-debuginfo-2.6.32-358.14.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-358.14.1.el6.i686.rpm kernel-devel-2.6.32-358.14.1.el6.i686.rpm kernel-headers-2.6.32-358.14.1.el6.i686.rpm perf-2.6.32-358.14.1.el6.i686.rpm perf-debuginfo-2.6.32-358.14.1.el6.i686.rpm python-perf-debuginfo-2.6.32-358.14.1.el6.i686.rpm python-perf-2.6.32-358.14.1.el6.i686.rpm noarch kernel-doc-2.6.32-358.14.1.el6.noarch.rpm kernel-firmware-2.6.32-358.14.1.el6.noarch.rpm - Scientific Linux Development Team