Stay Secure with the Latest Linux Advisories

security advisorymoderatesecurity update

Scientific Linux: 2014:1999-1 Moderate: mailx Command Issue

Moderate: mailx security update. Date: Mon, 15 Dec 2014 18:15:18 -0600 Reply-To: "SCIENTIFIC-LINUX-USERS@" Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: SCL 1.2 on SL6.x, SL7.x x86_64 now available Scientific Linux Software Collection Library 1.2 on SL6.x, SL7.x x86_64 == Introduction =The publication of the Software Collection Library 1.2 on SL6.x, SL7.x x86_64 is now complete. Software Collections give you power to build, install, and use multiple versions of software on the same system, without affecting system-wide installed packages. == Publication Information = This release includes: - devassist09 - devtoolset-3 - binutils - dwz - dyninst - eclipse - elfutils - gcc - gdb - memstomp - valgrind - git19 - httpd24 - mariadb55 - maven30 - mongodb24 - mysql55 - nginx14 - nginx16 - nodejs010 - perl516 - php54 - php55 - postgresql92 - python27 - python33 - ror40 - ruby193 - ruby200 - thermostat1 - v8314 Date: Tue, 16 Dec 2014 09:17:21 -0600 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 6x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: resource-agents-3.9.5-12.el6_6.1.i686.rpm x86_64: resource-agents-3.9.5-12.el6_6.1.x86_64.rpm resource-agents-sap-3.9.5-12.el6_6.1.x86_64.rpm Date: Tue, 16 Dec 2014 09:36:33 -0600 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 5x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: gcc44-4.4.7-11.el5_11.i386.rpm gcc44-c++-4.4.7-11.el5_11.i386.rpm gcc44-gfortran-4.4.7-11.el5_11.i386.rpm libgfortran44-4.4.7-11.el5_11.i386.rpm libgomp-4.4.7-11.el5_11.i386.rpm libstdc++44-devel-4.4.7-11.el5_11.i386.rpm x86_64: gcc44-4.4.7-11.el5_11.x86_64.rpm gcc44-c++-4.4.7-11.el5_11.x86_64.rpm gcc44-gfortran-4.4.7-11.el5_11.x86_64.rpm libgfortran44-4.4.7-11.el5_11.i386.rpm libgfortran44-4.4.7-11.el5_11.x86_64.rpm libgomp-4.4.7-11.el5_11.i386.rpm libgomp-4.4.7-11.el5_11.x86_64.rpm libstdc++44-devel-4.4.7-11.el5_11.i386.rpm libstdc++44-devel-4.4.7-11.el5_11.x86_64.rpm Date: Tue, 16 Dec 2014 09:41:10 -0600 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 7x x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to x86_64: ibus-kkc-1.5.18-5.el7.x86_64.rpm libcacard-1.5.3-60.el7_0.11.i686.rpm libcacard-1.5.3-60.el7_0.11.x86_64.rpm libcacard-devel-1.5.3-60.el7_0.11.i686.rpm libcacard-devel-1.5.3-60.el7_0.11.x86_64.rpm libcacard-tools-1.5.3-60.el7_0.11.x86_64.rpm libgudev1-208-11.el7_0.5.i686.rpm libgudev1-208-11.el7_0.5.x86_64.rpm libgudev1-devel-208-11.el7_0.5.i686.rpm libgudev1-devel-208-11.el7_0.5.x86_64.rpm libkkc-0.3.1-5.el7.i686.rpm libkkc-0.3.1-5.el7.x86_64.rpm libkkc-common-0.3.1-5.el7.noarch.rpm libkkc-data-0.3.1-5.el7.x86_64.rpm libkkc-devel-0.3.1-5.el7.i686.rpm libkkc-devel-0.3.1-5.el7.x86_64.rpm libkkc-tools-0.3.1-5.el7.x86_64.rpm libpcap-1.5.3-3.el7_0.1.i686.rpm libpcap-1.5.3-3.el7_0.1.x86_64.rpm libpcap-devel-1.5.3-3.el7_0.1.i686.rpm libpcap-devel-1.5.3-3.el7_0.1.x86_64.rpm NetworkManager-0.9.9.1-29.git20140326.4dba720.el7_0.i686.rpm NetworkManager-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm NetworkManager-config-server-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm NetworkManager-devel-0.9.9.1-29.git20140326.4dba720.el7_0.i686.rpm NetworkManager-devel-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm NetworkManager-glib-0.9.9.1-29.git20140326.4dba720.el7_0.i686.rpm NetworkManager-glib-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm NetworkManager-glib-devel-0.9.9.1-29.git20140326.4dba720.el7_0.i686.rpm NetworkManager-glib-devel-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm NetworkManager-tui-0.9.9.1-29.git20140326.4dba720.el7_0.x86_64.rpm opencryptoki-3.0-11.el7_0.1.i686.rpm opencryptoki-3.0-11.el7_0.1.x86_64.rpm opencryptoki-devel-3.0-11.el7_0.1.i686.rpm opencryptoki-devel-3.0-11.el7_0.1.x86_64.rpm opencryptoki-icsftok-3.0-11.el7_0.1.i686.rpm opencryptoki-icsftok-3.0-11.el7_0.1.x86_64.rpm opencryptoki-libs-3.0-11.el7_0.1.i686.rpm opencryptoki-libs-3.0-11.el7_0.1.x86_64.rpm opencryptoki-swtok-3.0-11.el7_0.1.i686.rpm opencryptoki-swtok-3.0-11.el7_0.1.x86_64.rpm opencryptoki-tpmtok-3.0-11.el7_0.1.i686.rpm opencryptoki-tpmtok-3.0-11.el7_0.1.x86_64.rpm publican-3.2.0-4.el7.noarch.rpm publican-common-db5-web-3.2.0-4.el7.noarch.rpm publican-common-web-3.2.0-4.el7.noarch.rpm publican-doc-3.2.0-4.el7.noarch.rpm qemu-guest-agent-1.5.3-60.el7_0.11.x86_64.rpm qemu-img-1.5.3-60.el7_0.11.x86_64.rpm qemu-kvm-1.5.3-60.el7_0.11.x86_64.rpm qemu-kvm-common-1.5.3-60.el7_0.11.x86_64.rpm qemu-kvm-tools-1.5.3-60.el7_0.11.x86_64.rpm sl-release-7.0-2.2.sl7.x86_64.rpm spice-server-0.12.4-5.el7_0.1.x86_64.rpm spice-server-devel-0.12.4-5.el7_0.1.x86_64.rpm systemd-208-11.el7_0.5.x86_64.rpm systemd-devel-208-11.el7_0.5.i686.rpm systemd-devel-208-11.el7_0.5.x86_64.rpm systemd-journal-gateway-208-11.el7_0.5.x86_64.rpm systemd-libs-208-11.el7_0.5.i686.rpm systemd-libs-208-11.el7_0.5.x86_64.rpm systemd-python-208-11.el7_0.5.x86_64.rpm systemd-sysv-208-11.el7_0.5.x86_64.rpm yum-conf-sl7x-7.0-2.2.sl7.noarch.rpm Date: Tue, 16 Dec 2014 21:27:26 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Moderate: mailx on SL6.x, SL7.x i386/x86_64 MIME-Version: 1.0 Synopsis: Moderate: mailx security update Advisory ID: SLSA-2014:1999-1 Issue Date: 2014-12-16 CVE Numbers: CVE-2004-2771 CVE-2014-7844 -- A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-charactersand the direct command execution functionality. (CVE-2004-2771, CVE-2014-7844) Note: Applications using mailx to send email to addressesobtained from untrusted sources will still remain vulnerable to other attacks if they accept email addresses which start with "-" (so that they can be confused with mailx options). To counteract this issue, this update also introduces the "--" option, which will treat the remaining command line arguments as email addresses. -- SL6 x86_64 mailx-12.4-8.el6_6.x86_64.rpm mailx-debuginfo-12.4-8.el6_6.x86_64.rpm i386 mailx-12.4-8.el6_6.i686.rpm mailx-debuginfo-12.4-8.el6_6.i686.rpm SL7 x86_64 mailx-12.5-12.el7_0.x86_64.rpm mailx-debuginfo-12.5-12.el7_0.x86_64.rpm - Scientific Linux Development Team . Important mailx security patch for Scientific Linux versions SL6.x and SL7.x; resolves command execution vulnerability.. mailx Security Advisory, Scientific Linux Update, Local Attack mitigation. . LinuxSecurity.com Team

Dec 16, 2014 Scientific Linux