[CentOS] CentOS-announce Digest, Vol 9, Issue 6
centos-announce-request at centos.org
centos-announce-request at centos.orgFri Nov 11 12:00:06 UTC 2005
- Previous message: [CentOS] CUPS and Okidata ML 395
- Next message: [CentOS] php versions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2005:806-01: Low CentOS 2 i386 cpio security update (John Newbigin) 2. CESA-2005:838-01: Moderate CentOS 2 i386 php security update (John Newbigin) 3. CESA-2005:831 Moderate CentOS 3 i386 php - security update (Lance Davis) 4. CESA-2005:831 Moderate CentOS 4 x86_64 php - security update (Johnny Hughes) 5. CESA-2005:831 Moderate CentOS 4 i386 php - security update (Johnny Hughes) 6. CESA-2005:825 Low CentOS 4 i386 lm_sensors - security update (Johnny Hughes) 7. CESA-2005:825 Low CentOS 4 x86_64 lm_sensors - security update (Johnny Hughes) 8. CESA-2005:1110-001 Moderate CentOS 4 i386 php - security update (CENTOSPLUS only) (Johnny Hughes) 9. CESA-2005:1110-001 Moderate CentOS 4 x86_64 php - security update (CENTOSPLUS only) (Johnny Hughes) ---------------------------------------------------------------------- Message: 1 Date: Fri, 11 Nov 2005 10:44:34 +1100 From: John Newbigin <jnewbigin at ict.swin.edu.au> Subject: [CentOS-announce] CESA-2005:806-01: Low CentOS 2 i386 cpio security update To: centos-announce at centos.org Message-ID: <4373DB62.5030009 at ict.swin.edu.au> Content-Type: text/plain; charset=us-ascii; format=flowed The following errata for CentOS-2 have been built and uploaded to the centos mirror: RHSA-2005:806-01 Low: cpio security update Files available: cpio-2.4.2-25.i386.rpm More details are available from the RedHat web site at https://rhn.redhat.com/errata/rh21as-errata.html The easy way to make sure you are up to date with all the latest patches is to run: # yum update -- John Newbigin Computer Systems Officer Faculty of Information and Communication Technologies Swinburne University of Technology Melbourne, Australia http://www.ict.swin.edu.au/staff/jnewbigin ------------------------------ Message: 2 Date: Fri, 11 Nov 2005 10:45:48 +1100 From: John Newbigin <jnewbigin at ict.swin.edu.au> Subject: [CentOS-announce] CESA-2005:838-01: Moderate CentOS 2 i386 php security update To: centos-announce at centos.org Message-ID: <4373DBAC.7000102 at ict.swin.edu.au> Content-Type: text/plain; charset=us-ascii; format=flowed The following errata for CentOS-2 have been built and uploaded to the centos mirror: RHSA-2005:838-01 Moderate: php security update Files available: php-4.1.2-2.3.i386.rpm php-devel-4.1.2-2.3.i386.rpm php-imap-4.1.2-2.3.i386.rpm php-ldap-4.1.2-2.3.i386.rpm php-manual-4.1.2-2.3.i386.rpm php-mysql-4.1.2-2.3.i386.rpm php-odbc-4.1.2-2.3.i386.rpm php-pgsql-4.1.2-2.3.i386.rpm More details are available from the RedHat web site at https://rhn.redhat.com/errata/rh21as-errata.html The easy way to make sure you are up to date with all the latest patches is to run: # yum update -- John Newbigin Computer Systems Officer Faculty of Information and Communication Technologies Swinburne University of Technology Melbourne, Australia http://www.ict.swin.edu.au/staff/jnewbigin ------------------------------ Message: 3 Date: Fri, 11 Nov 2005 01:54:54 +0000 From: Lance Davis <lance at uklinux.net> Subject: [CentOS-announce] CESA-2005:831 Moderate CentOS 3 i386 php - security update To: centos-announce at centos.org Message-ID: <1131674093.4655.47.camel at centos3.wellhouse> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory CESA-2005:831 php security update for CentOS 3 i386: https://rhn.redhat.com/errata/RHSA-2005-831.html refers The following updated files have been uploaded and are currently syncing to the mirrors: i386: updates/i386/RPMS/php-4.3.2-26.ent.i386.rpm updates/i386/RPMS/php-devel-4.3.2-26.ent.i386.rpm updates/i386/RPMS/php-imap-4.3.2-26.ent.i386.rpm updates/i386/RPMS/php-ldap-4.3.2-26.ent.i386.rpm updates/i386/RPMS/php-mysql-4.3.2-26.ent.i386.rpm updates/i386/RPMS/php-odbc-4.3.2-26.ent.i386.rpm updates/i386/RPMS/php-pgsql-4.3.2-26.ent.i386.rpm source: updates/SRPMS/php-4.3.2-26.ent.src.rpm You may update your CentOS-3 i386 installations by running the command: yum update php -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.centos.org/pipermail/centos-announce/attachments/20051111/28a9d170/attachment-0001.bin ------------------------------ Message: 4 Date: Thu, 10 Nov 2005 21:28:30 -0600 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2005:831 Moderate CentOS 4 x86_64 php - security update To: CentOS-Announce <centos-announce at centos.org> Message-ID: <1131679710.3912.12.camel at myth.home.local> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory CESA-2005:831 php security update for CentOS 4 x86_64: https://rhn.redhat.com/errata/RHSA-2005-831.html refers The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: php-4.3.9-3.9.x86_64.rpm php-devel-4.3.9-3.9.x86_64.rpm php-domxml-4.3.9-3.9.x86_64.rpm php-gd-4.3.9-3.9.x86_64.rpm php-imap-4.3.9-3.9.x86_64.rpm php-ldap-4.3.9-3.9.x86_64.rpm php-mbstring-4.3.9-3.9.x86_64.rpm php-mysql-4.3.9-3.9.x86_64.rpm php-ncurses-4.3.9-3.9.x86_64.rpm php-odbc-4.3.9-3.9.x86_64.rpm php-pear-4.3.9-3.9.x86_64.rpm php-pgsql-4.3.9-3.9.x86_64.rpm php-snmp-4.3.9-3.9.x86_64.rpm php-xmlrpc-4.3.9-3.9.x86_64.rpm src: php-4.3.9-3.9.src.rpm -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.centos.org/pipermail/centos-announce/attachments/20051110/081c65e7/attachment-0001.bin ------------------------------ Message: 5 Date: Thu, 10 Nov 2005 21:28:42 -0600 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2005:831 Moderate CentOS 4 i386 php - security update To: CentOS-Announce <centos-announce at centos.org> Message-ID: <1131679722.3912.13.camel at myth.home.local> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory CESA-2005:831 php security update for CentOS 4 i386: https://rhn.redhat.com/errata/RHSA-2005-831.html refers The following updated files have been uploaded and are currently syncing to the mirrors: i386: php-4.3.9-3.9.i386.rpm php-devel-4.3.9-3.9.i386.rpm php-domxml-4.3.9-3.9.i386.rpm php-gd-4.3.9-3.9.i386.rpm php-imap-4.3.9-3.9.i386.rpm php-ldap-4.3.9-3.9.i386.rpm php-mbstring-4.3.9-3.9.i386.rpm php-mysql-4.3.9-3.9.i386.rpm php-ncurses-4.3.9-3.9.i386.rpm php-odbc-4.3.9-3.9.i386.rpm php-pear-4.3.9-3.9.i386.rpm php-pgsql-4.3.9-3.9.i386.rpm php-snmp-4.3.9-3.9.i386.rpm php-xmlrpc-4.3.9-3.9.i386.rpm src: php-4.3.9-3.9.src.rpm -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.centos.org/pipermail/centos-announce/attachments/20051110/e696abed/attachment-0001.bin ------------------------------ Message: 6 Date: Thu, 10 Nov 2005 21:34:35 -0600 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2005:825 Low CentOS 4 i386 lm_sensors - security update To: CentOS-Announce <centos-announce at centos.org> Message-ID: <1131680075.3912.20.camel at myth.home.local> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory CESA-2005:825 lm_sensors security update for CentOS 4 i386: https://rhn.redhat.com/errata/RHSA-2005-825.html refers The following updated files have been uploaded and are currently syncing to the mirrors: i386: lm_sensors-2.8.7-2.40.3.i386.rpm lm_sensors-devel-2.8.7-2.40.3.i386.rpm src: lm_sensors-2.8.7-2.40.3.src.rpm -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.centos.org/pipermail/centos-announce/attachments/20051110/ead1e4c1/attachment-0001.bin ------------------------------ Message: 7 Date: Thu, 10 Nov 2005 21:34:37 -0600 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2005:825 Low CentOS 4 x86_64 lm_sensors - security update To: CentOS-Announce <centos-announce at centos.org> Message-ID: <1131680077.3912.21.camel at myth.home.local> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory CESA-2005:825 lm_sensors security update for CentOS 4 x86_64: https://rhn.redhat.com/errata/RHSA-2005-825.html refers The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: lm_sensors-2.8.7-2.40.3.i386.rpm lm_sensors-2.8.7-2.40.3.x86_64.rpm lm_sensors-devel-2.8.7-2.40.3.x86_64.rpm src: lm_sensors-2.8.7-2.40.3.src.rpm -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.centos.org/pipermail/centos-announce/attachments/20051110/045ea7b1/attachment-0001.bin ------------------------------ Message: 8 Date: Thu, 10 Nov 2005 21:54:29 -0600 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2005:1110-001 Moderate CentOS 4 i386 php - security update (CENTOSPLUS only) To: CentOS-Announce <centos-announce at centos.org> Message-ID: <1131681269.3912.41.camel at myth.home.local> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory 2005:1110-001 Moderate CentOS 4 i386 php - security update This CESA is for the version of php is that is included in the centosplus repo for CentOS-4 ... this is not an update to the main CentOS-4 repo. ------------------ Name : php Version : 5.0.4 Vendor: CentOS Release : 4.centos4 Build Date: Fri 11 Nov 2005 Install Date: (not installed) Build Host: build-i386 Group : Development/Languages Source RPM: php-5.0.4-4.centos4.src.rpm License: The PHP License Packager : Johnny Hughes <johnny at centos.org> Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor) ------------------ Update Information: This update is considered moderate by the CentOS Development Team. This update includes several security fixes: - fixes for prevent malicious requests from overwriting the GLOBALS array (CVE-2005-3390) - a fix to stop the parse_str() function from enabling the register_globals setting (CVE-2005-3389) - fixes for Cross-Site Scripting flaws in the phpinfo() output (CVE-2005-3388) - a fix for a denial of service (process crash) in EXIF image parsing (CVE-2005-3353) All Users of PHP-5 from the CentOSPlus Repo should upgrade to these updated packages. More info is available at: https://www.redhat.com/archives/fedora-announce-list/2005-November/msg00022.html https://rhn.redhat.com/errata/RHSA-2005-831.html ------------------------ The following updated files have been uploaded and are currently syncing to the mirrors: i386: php-5.0.4-4.centos4.i386.rpm php-bcmath-5.0.4-4.centos4.i386.rpm php-dba-5.0.4-4.centos4.i386.rpm php-devel-5.0.4-4.centos4.i386.rpm php-gd-5.0.4-4.centos4.i386.rpm php-imap-5.0.4-4.centos4.i386.rpm php-ldap-5.0.4-4.centos4.i386.rpm php-mbstring-5.0.4-4.centos4.i386.rpm php-mysql-5.0.4-4.centos4.i386.rpm php-ncurses-5.0.4-4.centos4.i386.rpm php-odbc-5.0.4-4.centos4.i386.rpm php-pear-5.0.4-4.centos4.i386.rpm php-pgsql-5.0.4-4.centos4.i386.rpm php-snmp-5.0.4-4.centos4.i386.rpm php-soap-5.0.4-4.centos4.i386.rpm php-xml-5.0.4-4.centos4.i386.rpm php-xmlrpc-5.0.4-4.centos4.i386.rpm src: php-5.0.4-4.centos4.src.rpm -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.centos.org/pipermail/centos-announce/attachments/20051110/0c2f1fd2/attachment-0001.bin ------------------------------ Message: 9 Date: Thu, 10 Nov 2005 21:55:21 -0600 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2005:1110-001 Moderate CentOS 4 x86_64 php - security update (CENTOSPLUS only) To: CentOS-Announce <centos-announce at centos.org> Message-ID: <1131681322.3912.42.camel at myth.home.local> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory 2005:1110-001 Moderate CentOS 4 x86_64 php - security update This CESA is for the version of php is that is included in the centosplus repo for CentOS-4 ... this is not an update to the main CentOS-4 repo. ------------------- Name : php Version : 5.0.4 Vendor: CentOS Release : 4.centos4 Build Date: Fri 11 Nov 2005 Install Date: (not installed) Build Host: build-i386 Group : Development/Languages Source RPM: php-5.0.4-4.centos4.src.rpm License: The PHP License Packager : Johnny Hughes <johnny at centos.org> Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor) ------------------ Update Information: This update is considered moderate by the CentOS Development Team. This update includes several security fixes: - fixes for prevent malicious requests from overwriting the GLOBALS array (CVE-2005-3390) - a fix to stop the parse_str() function from enabling the register_globals setting (CVE-2005-3389) - fixes for Cross-Site Scripting flaws in the phpinfo() output (CVE-2005-3388) - a fix for a denial of service (process crash) in EXIF image parsing (CVE-2005-3353) All Users of PHP-5 from the CentOSPlus Repo should upgrade to these updated packages. More info is available at: https://www.redhat.com/archives/fedora-announce-list/2005-November/msg00022.html https://rhn.redhat.com/errata/RHSA-2005-831.html ------------------------ The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: php-5.0.4-4.centos4.x86_64.rpm php-bcmath-5.0.4-4.centos4.x86_64.rpm php-dba-5.0.4-4.centos4.x86_64.rpm php-devel-5.0.4-4.centos4.x86_64.rpm php-gd-5.0.4-4.centos4.x86_64.rpm php-imap-5.0.4-4.centos4.x86_64.rpm php-ldap-5.0.4-4.centos4.x86_64.rpm php-mbstring-5.0.4-4.centos4.x86_64.rpm php-mysql-5.0.4-4.centos4.x86_64.rpm php-ncurses-5.0.4-4.centos4.x86_64.rpm php-odbc-5.0.4-4.centos4.x86_64.rpm php-pear-5.0.4-4.centos4.x86_64.rpm php-pgsql-5.0.4-4.centos4.x86_64.rpm php-snmp-5.0.4-4.centos4.x86_64.rpm php-soap-5.0.4-4.centos4.x86_64.rpm php-xml-5.0.4-4.centos4.x86_64.rpm php-xmlrpc-5.0.4-4.centos4.x86_64.rpm src: php-5.0.4-4.centos4.src.rpm -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.centos.org/pipermail/centos-announce/attachments/20051110/63467c32/attachment-0001.bin ------------------------------ _______________________________________________ CentOS-announce mailing list CentOS-announce at centos.org http://lists.centos.org/mailman/listinfo/centos-announce End of CentOS-announce Digest, Vol 9, Issue 6 *********************************************
- Previous message: [CentOS] CUPS and Okidata ML 395
- Next message: [CentOS] php versions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list