Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Tue, 17 Mar 2015 09:24:32 -0500 Reply-To: Pat RieheckySender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 6x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: mlocate-0.22.2-6.el6.i686.rpm ncurses-5.7-4.20090207.el6.i686.rpm ncurses-base-5.7-4.20090207.el6.i686.rpm ncurses-devel-5.7-4.20090207.el6.i686.rpm ncurses-libs-5.7-4.20090207.el6.i686.rpm ncurses-static-5.7-4.20090207.el6.i686.rpm ncurses-term-5.7-4.20090207.el6.i686.rpm ntp-4.2.6p5-3.el6_6.i686.rpm ntpdate-4.2.6p5-3.el6_6.i686.rpm ntp-doc-4.2.6p5-3.el6_6.noarch.rpm ntp-perl-4.2.6p5-3.el6_6.i686.rpm ppp-2.4.5-10.el6.i686.rpm ppp-devel-2.4.5-10.el6.i686.rpm x86_64: mlocate-0.22.2-6.el6.x86_64.rpm ncurses-5.7-4.20090207.el6.x86_64.rpm ncurses-base-5.7-4.20090207.el6.x86_64.rpm ncurses-devel-5.7-4.20090207.el6.i686.rpm ncurses-devel-5.7-4.20090207.el6.x86_64.rpm ncurses-libs-5.7-4.20090207.el6.i686.rpm ncurses-libs-5.7-4.20090207.el6.x86_64.rpm ncurses-static-5.7-4.20090207.el6.x86_64.rpm ncurses-term-5.7-4.20090207.el6.x86_64.rpm ntp-4.2.6p5-3.el6_6.x86_64.rpm ntpdate-4.2.6p5-3.el6_6.x86_64.rpm ntp-doc-4.2.6p5-3.el6_6.noarch.rpm ntp-perl-4.2.6p5-3.el6_6.x86_64.rpm ppp-2.4.5-10.el6.x86_64.rpm ppp-devel-2.4.5-10.el6.i686.rpm ppp-devel-2.4.5-10.el6.x86_64.rpm Date: Tue, 24 Mar 2015 09:09:00 -0500 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 6x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: ccs-0.16.2-75.el6_6.1.i686.rpm cronie-1.4.4-14.el6.i686.rpm cronie-anacron-1.4.4-14.el6.i686.rpm cronie-noanacron-1.4.4-14.el6.i686.rpm keepalived-1.2.13-5.el6_6.i686.rpm libipa_hbac-1.11.6-30.el6_6.4.i686.rpm libipa_hbac-devel-1.11.6-30.el6_6.4.i686.rpm libipa_hbac-python-1.11.6-30.el6_6.4.i686.rpm libsss_idmap-1.11.6-30.el6_6.4.i686.rpm libsss_idmap-devel-1.11.6-30.el6_6.4.i686.rpm libsss_nss_idmap-1.11.6-30.el6_6.4.i686.rpm libsss_nss_idmap-devel-1.11.6-30.el6_6.4.i686.rpm libsss_nss_idmap-python-1.11.6-30.el6_6.4.i686.rpm mgetty-1.1.36-9.el6.i686.rpm mgetty-sendfax-1.1.36-9.el6.i686.rpm mgetty-viewfax-1.1.36-9.el6.i686.rpm mgetty-voice-1.1.36-9.el6.i686.rpm nss-pam-ldapd-0.7.5-20.el6_6.3.i686.rpm pam_passwdqc-1.0.5-8.el6.i686.rpm polkit-0.96-11.el6.i686.rpm polkit-desktop-policy-0.96-11.el6.noarch.rpm polkit-devel-0.96-11.el6.i686.rpm polkit-docs-0.96-11.el6.i686.rpm python-sssdconfig-1.11.6-30.el6_6.4.noarch.rpm ricci-0.16.2-75.el6_6.1.i686.rpm sssd-1.11.6-30.el6_6.4.i686.rpm sssd-ad-1.11.6-30.el6_6.4.i686.rpm sssd-client-1.11.6-30.el6_6.4.i686.rpm sssd-common-1.11.6-30.el6_6.4.i686.rpm sssd-common-pac-1.11.6-30.el6_6.4.i686.rpm sssd-dbus-1.11.6-30.el6_6.4.i686.rpm sssd-ipa-1.11.6-30.el6_6.4.i686.rpm sssd-krb5-1.11.6-30.el6_6.4.i686.rpm sssd-krb5-common-1.11.6-30.el6_6.4.i686.rpm sssd-ldap-1.11.6-30.el6_6.4.i686.rpm sssd-proxy-1.11.6-30.el6_6.4.i686.rpm sssd-tools-1.11.6-30.el6_6.4.i686.rpm time-1.7-38.el6.i686.rpm x86_64: ccs-0.16.2-75.el6_6.1.x86_64.rpm cronie-1.4.4-14.el6.x86_64.rpm cronie-anacron-1.4.4-14.el6.x86_64.rpm cronie-noanacron-1.4.4-14.el6.x86_64.rpm keepalived-1.2.13-5.el6_6.x86_64.rpm libipa_hbac-1.11.6-30.el6_6.4.i686.rpm libipa_hbac-1.11.6-30.el6_6.4.x86_64.rpm libipa_hbac-devel-1.11.6-30.el6_6.4.i686.rpm libipa_hbac-devel-1.11.6-30.el6_6.4.x86_64.rpm libipa_hbac-python-1.11.6-30.el6_6.4.x86_64.rpm libsss_idmap-1.11.6-30.el6_6.4.i686.rpm libsss_idmap-1.11.6-30.el6_6.4.x86_64.rpm libsss_idmap-devel-1.11.6-30.el6_6.4.i686.rpm libsss_idmap-devel-1.11.6-30.el6_6.4.x86_64.rpm libsss_nss_idmap-1.11.6-30.el6_6.4.i686.rpm libsss_nss_idmap-1.11.6-30.el6_6.4.x86_64.rpm libsss_nss_idmap-devel-1.11.6-30.el6_6.4.i686.rpm libsss_nss_idmap-devel-1.11.6-30.el6_6.4.x86_64.rpm libsss_nss_idmap-python-1.11.6-30.el6_6.4.x86_64.rpm mgetty-1.1.36-9.el6.x86_64.rpm mgetty-sendfax-1.1.36-9.el6.x86_64.rpm mgetty-viewfax-1.1.36-9.el6.x86_64.rpm mgetty-voice-1.1.36-9.el6.x86_64.rpm nss-pam-ldapd-0.7.5-20.el6_6.3.i686.rpm nss-pam-ldapd-0.7.5-20.el6_6.3.x86_64.rpm pam_passwdqc-1.0.5-8.el6.i686.rpm pam_passwdqc-1.0.5-8.el6.x86_64.rpm polkit-0.96-11.el6.i686.rpm polkit-0.96-11.el6.x86_64.rpm polkit-desktop-policy-0.96-11.el6.noarch.rpm polkit-devel-0.96-11.el6.i686.rpm polkit-devel-0.96-11.el6.x86_64.rpm polkit-docs-0.96-11.el6.x86_64.rpm python-sssdconfig-1.11.6-30.el6_6.4.noarch.rpm ricci-0.16.2-75.el6_6.1.x86_64.rpm sssd-1.11.6-30.el6_6.4.x86_64.rpm sssd-ad-1.11.6-30.el6_6.4.x86_64.rpm sssd-client-1.11.6-30.el6_6.4.i686.rpm sssd-client-1.11.6-30.el6_6.4.x86_64.rpm sssd-common-1.11.6-30.el6_6.4.x86_64.rpm sssd-common-pac-1.11.6-30.el6_6.4.x86_64.rpm sssd-dbus-1.11.6-30.el6_6.4.x86_64.rpm sssd-ipa-1.11.6-30.el6_6.4.x86_64.rpm sssd-krb5-1.11.6-30.el6_6.4.x86_64.rpm sssd-krb5-common-1.11.6-30.el6_6.4.x86_64.rpm sssd-ldap-1.11.6-30.el6_6.4.x86_64.rpm sssd-proxy-1.11.6-30.el6_6.4.x86_64.rpm sssd-tools-1.11.6-30.el6_6.4.x86_64.rpm time-1.7-38.el6.x86_64.rpm Date: Tue, 24 Mar 2015 09:12:04 -0500 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 5x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: mailman-2.1.9-8.el5_11.i386.rpm x86_64: mailman-2.1.9-8.el5_11.x86_64.rpm Date: Wed, 25 Mar 2015 15:15:21 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Moderate: openssl on SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Moderate: openssl security update Advisory ID: SLSA-2015:0715-1 Issue Date: 2015-03-24 CVE Numbers: CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293 CVE-2015-0288 -- An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker- supplied certificate was verified by the application. (CVE-2015-0286) An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292) A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293) A use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209) An out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287) A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288) A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. -- SL6 x86_64 openssl-1.0.1e-30.el6_6.7.i686.rpm openssl-1.0.1e-30.el6_6.7.x86_64.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.x86_64.rpm openssl-devel-1.0.1e-30.el6_6.7.i686.rpm openssl-devel-1.0.1e-30.el6_6.7.x86_64.rpm openssl-perl-1.0.1e-30.el6_6.7.x86_64.rpm openssl-static-1.0.1e-30.el6_6.7.x86_64.rpm i386 openssl-1.0.1e-30.el6_6.7.i686.rpm openssl-debuginfo-1.0.1e-30.el6_6.7.i686.rpm openssl-devel-1.0.1e-30.el6_6.7.i686.rpm openssl-perl-1.0.1e-30.el6_6.7.i686.rpm openssl-static-1.0.1e-30.el6_6.7.i686.rpm - Scientific Linux Development Team