Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Tue, 2 Sep 2014 09:59:43 -0500 Reply-To: Scientific Linux UsersSender: Security Errata for Scientific Linux From: Bonnie King Subject: FASTBUGS for SL 6x i386, x86_64 now available Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it. In-Reply-To: <53FCFBA7.40509@fnal.gov> MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: gstreamer-plugins-bad-free-0.10.19-3.el6_5.i686.rpm gstreamer-plugins-bad-free-devel-0.10.19-3.el6_5.i686.rpm gstreamer-plugins-bad-free-devel-docs-0.10.19-3.el6_5.i686.rpm gstreamer-plugins-bad-free-extras-0.10.19-3.el6_5.i686.rpm java-1.6.0-openjdk-1.6.0.0-7.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-demo-1.6.0.0-7.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-devel-1.6.0.0-7.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-7.1.13.4.el6_5.i686.rpm java-1.6.0-openjdk-src-1.6.0.0-7.1.13.4.el6_5.i686.rpm kmod-memstick_dup-0.1_rh1-1.el6_5.i686.rpm kmod-mmc_block_dup-0.1_rh1-1.el6_5.i686.rpm kmod-mmc_core_dup-0.1_rh1-1.el6_5.i686.rpm kmod-rtsx_pci-0.1_rh1-1.el6_5.i686.rpm kmod-rtsx_pci_ms-0.1_rh1-1.el6_5.i686.rpm kmod-rtsx_pci_sdmmc-0.1_rh1-1.el6_5.i686.rpm ksh-20120801-10.el6_5.9.i686.rpm libvirt-0.10.2-29.el6_5.12.i686.rpm libvirt-client-0.10.2-29.el6_5.12.i686.rpm libvirt-devel-0.10.2-29.el6_5.12.i686.rpm libvirt-python-0.10.2-29.el6_5.12.i686.rpm libvpx-1.3.0-5.el6_5.i686.rpm libvpx-devel-1.3.0-5.el6_5.i686.rpm libvpx-utils-1.3.0-5.el6_5.i686.rpm net-snmp-5.5-49.el6_5.2.i686.rpm net-snmp-devel-5.5-49.el6_5.2.i686.rpm net-snmp-libs-5.5-49.el6_5.2.i686.rpm net-snmp-perl-5.5-49.el6_5.2.i686.rpm net-snmp-python-5.5-49.el6_5.2.i686.rpm net-snmp-utils-5.5-49.el6_5.2.i686.rpm sysstat-9.0.4-20.el6_4.1.i686.rpm sysstat-9.0.4-22.el6_5.1.i686.rpm x86_64: gstreamer-plugins-bad-free-0.10.19-3.el6_5.i686.rpm gstreamer-plugins-bad-free-0.10.19-3.el6_5.x86_64.rpm gstreamer-plugins-bad-free-devel-0.10.19-3.el6_5.i686.rpm gstreamer-plugins-bad-free-devel-0.10.19-3.el6_5.x86_64.rpm gstreamer-plugins-bad-free-devel-docs-0.10.19-3.el6_5.x86_64.rpm gstreamer-plugins-bad-free-extras-0.10.19-3.el6_5.i686.rpm gstreamer-plugins-bad-free-extras-0.10.19-3.el6_5.x86_64.rpm java-1.6.0-openjdk-1.6.0.0-7.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-7.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-7.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-7.1.13.4.el6_5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-7.1.13.4.el6_5.x86_64.rpm kmod-memstick_dup-0.1_rh1-1.el6_5.x86_64.rpm kmod-mmc_block_dup-0.1_rh1-1.el6_5.x86_64.rpm kmod-mmc_core_dup-0.1_rh1-1.el6_5.x86_64.rpm kmod-rtsx_pci-0.1_rh1-1.el6_5.x86_64.rpm kmod-rtsx_pci_ms-0.1_rh1-1.el6_5.x86_64.rpm kmod-rtsx_pci_sdmmc-0.1_rh1-1.el6_5.x86_64.rpm ksh-20120801-10.el6_5.9.x86_64.rpm libvirt-0.10.2-29.el6_5.12.x86_64.rpm libvirt-client-0.10.2-29.el6_5.12.i686.rpm libvirt-client-0.10.2-29.el6_5.12.x86_64.rpm libvirt-devel-0.10.2-29.el6_5.12.i686.rpm libvirt-devel-0.10.2-29.el6_5.12.x86_64.rpm libvirt-lock-sanlock-0.10.2-29.el6_5.12.x86_64.rpm libvirt-python-0.10.2-29.el6_5.12.x86_64.rpm libvpx-1.3.0-5.el6_5.i686.rpm libvpx-1.3.0-5.el6_5.x86_64.rpm libvpx-devel-1.3.0-5.el6_5.i686.rpm libvpx-devel-1.3.0-5.el6_5.x86_64.rpm libvpx-utils-1.3.0-5.el6_5.x86_64.rpm net-snmp-5.5-49.el6_5.2.x86_64.rpm net-snmp-devel-5.5-49.el6_5.2.i686.rpm net-snmp-devel-5.5-49.el6_5.2.x86_64.rpm net-snmp-libs-5.5-49.el6_5.2.i686.rpm net-snmp-libs-5.5-49.el6_5.2.x86_64.rpm net-snmp-perl-5.5-49.el6_5.2.x86_64.rpm net-snmp-python-5.5-49.el6_5.2.x86_64.rpm net-snmp-utils-5.5-49.el6_5.2.x86_64.rpm sysstat-9.0.4-20.el6_4.1.x86_64.rpm sysstat-9.0.4-22.el6_5.1.x86_64.rpm Date: Thu, 4 Sep 2014 14:42:22 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Pat Riehecky Subject: Security ERRATA Important: squid on SL5.x, SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Important: squid security update Advisory ID: SLSA-2014:1148-1 Issue Date: 2014-09-03 CVE Numbers: CVE-2013-4115 CVE-2014-3609 -- A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609) A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115) After installing this update, the squid service will be restarted automatically. -- SL5 x86_64 squid-2.6.STABLE21-7.el5_10.x86_64.rpm squid-debuginfo-2.6.STABLE21-7.el5_10.x86_64.rpm i386 squid-2.6.STABLE21-7.el5_10.i386.rpm squid-debuginfo-2.6.STABLE21-7.el5_10.i386.rpm SL6 x86_64 squid-3.1.10-22.el6_5.x86_64.rpm squid-debuginfo-3.1.10-22.el6_5.x86_64.rpm i386 squid-3.1.10-22.el6_5.i686.rpm squid-debuginfo-3.1.10-22.el6_5.i686.rpm - Scientific Linux Development Team