Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Tue, 8 Sep 2015 09:07:54 -0500 Reply-To: Pat RieheckySender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 6x i386, x86_64 now available MIME-Version: 1.0 Message-ID: <55EEEBBA.4060701@fnal.gov> The following FASTBUGS have been uploaded to i386: selinux-policy-3.7.19-279.el6_7.5.noarch.rpm selinux-policy-doc-3.7.19-279.el6_7.5.noarch.rpm selinux-policy-minimum-3.7.19-279.el6_7.5.noarch.rpm selinux-policy-mls-3.7.19-279.el6_7.5.noarch.rpm selinux-policy-targeted-3.7.19-279.el6_7.5.noarch.rpm x86_64: selinux-policy-3.7.19-279.el6_7.5.noarch.rpm selinux-policy-doc-3.7.19-279.el6_7.5.noarch.rpm selinux-policy-minimum-3.7.19-279.el6_7.5.noarch.rpm selinux-policy-mls-3.7.19-279.el6_7.5.noarch.rpm selinux-policy-targeted-3.7.19-279.el6_7.5.noarch.rpm Date: Tue, 8 Sep 2015 16:18:36 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Important: haproxy on SL6.x, SL7.x i386/x86_64 MIME-Version: 1.0 Message-ID: <20150908161836.9797.69946@slpackages.fnal.gov> Synopsis: Important: haproxy security update Advisory ID: SLSA-2015:1741-1 Issue Date: 2015-09-08 CVE Numbers: CVE-2015-3281 -- An implementation error related to the memory management of request and responses was found within HAProxy's buffer_slow_realign() function. An unauthenticated remote attacker could possibly use this flaw to leak certain memory buffer contents from a past request or session. (CVE-2015-3281) -- SL6 x86_64 haproxy-1.5.4-2.el6_7.1.x86_64.rpm haproxy-debuginfo-1.5.4-2.el6_7.1.x86_64.rpm i386 haproxy-1.5.4-2.el6_7.1.i686.rpm haproxy-debuginfo-1.5.4-2.el6_7.1.i686.rpm SL7 x86_64 haproxy-1.5.4-4.el7_1.1.x86_64.rpm haproxy-debuginfo-1.5.4-4.el7_1.1.x86_64.rpm - Scientific Linux Development Team