announce October 2014

announce@lists.centos.org

3 participants
67 discussions

CESA-2014:1635 Critical CentOS 5 firefox Security Update
by Johnny Hughes 15 Oct '14

15 Oct '14

CentOS Errata and Security Advisory 2014:1635 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1635.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 9df05ee668d515f3ece37ee2e4cf518ffef8d1c52de35a0c59743ef9cf574cd7 firefox-31.2.0-3.el5.centos.i386.rpm x86_64: 9df05ee668d515f3ece37ee2e4cf518ffef8d1c52de35a0c59743ef9cf574cd7 firefox-31.2.0-3.el5.centos.i386.rpm fbd203f1998e1dee8e25010a1d4fa29b4b5321d20db4125b985b03a8592346ff firefox-31.2.0-3.el5.centos.x86_64.rpm Source: f5201abc4f86e806a1fcb6f85333b750203339111f506ffb2641beb02c3693f4 firefox-31.2.0-3.el5.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos(a)irc.freenode.net

1 0

CEBA-2014:1639 CentOS 5 net-snmp BugFix Update
by Johnny Hughes 15 Oct '14

15 Oct '14

CentOS Errata and Bugfix Advisory 2014:1639 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1639.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: b70149570ae2995abb99608eed92879d7a858eb2cfca30bd1df788fac005143d net-snmp-5.3.2.2-25.el5_11.i386.rpm a309f1be7154379823dbb4dcad793a426860d57a9063a9071c6c4fc25d86f8da net-snmp-devel-5.3.2.2-25.el5_11.i386.rpm 16daccea483c63520a2665dd6b8f5b6b9e5ca7a3d990109b8389fd8a7f17b5b4 net-snmp-libs-5.3.2.2-25.el5_11.i386.rpm 011f4a8144dac538d55631f98c1a4db05f9316dc5c1bc63dbd3affc81b07e655 net-snmp-perl-5.3.2.2-25.el5_11.i386.rpm 557ebacc5f44df2073603b637603c92ff8f6576d2fa0352a644aa2f785169e2d net-snmp-utils-5.3.2.2-25.el5_11.i386.rpm x86_64: b18f5a065751910d91b014c2b57e8e4a1156eb19cf008a938640ba7f7be00b7e net-snmp-5.3.2.2-25.el5_11.x86_64.rpm a309f1be7154379823dbb4dcad793a426860d57a9063a9071c6c4fc25d86f8da net-snmp-devel-5.3.2.2-25.el5_11.i386.rpm 61850313ddb00551779bdda13504f64c1c976d19587c9a4dfb579b041d1600cf net-snmp-devel-5.3.2.2-25.el5_11.x86_64.rpm 16daccea483c63520a2665dd6b8f5b6b9e5ca7a3d990109b8389fd8a7f17b5b4 net-snmp-libs-5.3.2.2-25.el5_11.i386.rpm 96c97bea6d12840f8c5634d6310c1271778c521194d7f1341f78072f8c0a739c net-snmp-libs-5.3.2.2-25.el5_11.x86_64.rpm 075c93c0d56e59b7ed95cb8891b20517a6f0b1e35fed6ff59189345db6e31702 net-snmp-perl-5.3.2.2-25.el5_11.x86_64.rpm d82127347b7a456a59e73b896c11e557a04f55c9132ab67921e5168e65a7f902 net-snmp-utils-5.3.2.2-25.el5_11.x86_64.rpm Source: 9fa4c80c2a48f0197074d61efb65fa96a19528029ce279cf6a675a99e92a4ad7 net-snmp-5.3.2.2-25.el5_11.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos(a)irc.freenode.net

1 0

CESA-2014:1634 Important CentOS 5 java-1.6.0-openjdk Security Update
by Johnny Hughes 15 Oct '14

15 Oct '14

CentOS Errata and Security Advisory 2014:1634 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1634.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 661ee4730f4b847a6759206f27d39ea88e796f5f75326a8e8b6a50c8534d0c50 java-1.6.0-openjdk-1.6.0.33-1.13.5.0.el5_11.i386.rpm 2e0b2410b3fb71b755e5425d8fdac9ce8cc32a16e9d5fdad7fe7de1b6fe69684 java-1.6.0-openjdk-demo-1.6.0.33-1.13.5.0.el5_11.i386.rpm 8cd100f0e593436a38106a1eb418d4015f7efda3ce22cd47bd2ff31c6dcff9b9 java-1.6.0-openjdk-devel-1.6.0.33-1.13.5.0.el5_11.i386.rpm c28a3885d6f74565bc890487d860e2ca144d9ab3480b514c49262ed5e597f54a java-1.6.0-openjdk-javadoc-1.6.0.33-1.13.5.0.el5_11.i386.rpm a631d1939042978f2aa4cf19899e35b6ff09c4decc439d471270871ef9105d1b java-1.6.0-openjdk-src-1.6.0.33-1.13.5.0.el5_11.i386.rpm x86_64: 08570abc3fa70ee0eb250bde4c3a7679b9f00acbf968c63d2308e30cb5713a83 java-1.6.0-openjdk-1.6.0.33-1.13.5.0.el5_11.x86_64.rpm af80d8b7b6e438c5a7bafab1f848c453bad845b01afbf10a83261b2707847342 java-1.6.0-openjdk-demo-1.6.0.33-1.13.5.0.el5_11.x86_64.rpm e53c299c6b906b6e126d599a88cdab2d9fd8e6209e1b5ab955c8aef42d4be1d1 java-1.6.0-openjdk-devel-1.6.0.33-1.13.5.0.el5_11.x86_64.rpm 2b0ff42033c13fe5b819463e68ee2818a5caa1ae7f73e9a15f8414bdca458980 java-1.6.0-openjdk-javadoc-1.6.0.33-1.13.5.0.el5_11.x86_64.rpm 8fb298b923222215736751045c40c818c96e25da8bd1c2db6755e1e725a9abf5 java-1.6.0-openjdk-src-1.6.0.33-1.13.5.0.el5_11.x86_64.rpm Source: ed6c6e06e2aebf5e17428ea9a88a6e64fae6c1dc92cc464daad06cca96e90c9f java-1.6.0-openjdk-1.6.0.33-1.13.5.0.el5_11.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos(a)irc.freenode.net

1 0

CESA-2014:1633 Important CentOS 5 java-1.7.0-openjdk Security Update
by Johnny Hughes 15 Oct '14

15 Oct '14

CentOS Errata and Security Advisory 2014:1633 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1633.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: cda53101232eb6cd5602ef8753a3e211a2009ea72e6a428d6cd5a0ac53ec4ae9 java-1.7.0-openjdk-1.7.0.71-2.5.3.1.el5_11.i386.rpm 1f3b95aeb134a6e4bb5a4c21fab7dd29bb39045b49ec17805d3cc92f94d5e2ac java-1.7.0-openjdk-demo-1.7.0.71-2.5.3.1.el5_11.i386.rpm c36d94ab305e34ee6fbf0426b38ddfc311961469840b0e285d15c079da0f2452 java-1.7.0-openjdk-devel-1.7.0.71-2.5.3.1.el5_11.i386.rpm 450a1b7c215204619f677b0b8f1ec34f69bee537fced59bd46b3d8b112635479 java-1.7.0-openjdk-javadoc-1.7.0.71-2.5.3.1.el5_11.i386.rpm ff09dcdba9b572eda5bd338bf5b28aed10e8c2fc558597262da814e236813ff1 java-1.7.0-openjdk-src-1.7.0.71-2.5.3.1.el5_11.i386.rpm x86_64: 6052c5e61bbec143e623c9a91c2cce72f9f7f3aadbf924fc29b4555de0992501 java-1.7.0-openjdk-1.7.0.71-2.5.3.1.el5_11.x86_64.rpm 04537efd65f66d22657111f675d0da2597a8690a7d648a2b5e71a04d21646d79 java-1.7.0-openjdk-demo-1.7.0.71-2.5.3.1.el5_11.x86_64.rpm 52081c3a681a0bbe48c3eff1f0e38e9b40fb13ac1f4bc49209fc4e8c58faffbc java-1.7.0-openjdk-devel-1.7.0.71-2.5.3.1.el5_11.x86_64.rpm d60ec241efd0a10052570ca64736c54d754a79f4470ffb4e6a6aa6477d545bf5 java-1.7.0-openjdk-javadoc-1.7.0.71-2.5.3.1.el5_11.x86_64.rpm 9297219ee7607057e537e1c7742f1821b61c15b8b6ec62af79cb741984eb0ab9 java-1.7.0-openjdk-src-1.7.0.71-2.5.3.1.el5_11.x86_64.rpm Source: ed1eb38a7f79e0943f24bc846766a3186ec0bb1d38e17cb5ce7bef094ea9fc62 java-1.7.0-openjdk-1.7.0.71-2.5.3.1.el5_11.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos(a)irc.freenode.net

1 0

Koji/CBS infra and sslv3/Poodle important notification
by Fabian Arrotin 15 Oct '14

15 Oct '14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, As most of you already know, there is an important SSLv3 vulnerability (CVE-2014-3566 - see https://access.redhat.com/articles/1232123) , known as Poodle. While it's easy to disable SSLv3 in the allowed Protocols at the server level (for example SSLProtocol All -SSLv2 -SSLv3 for apache), some clients are still defaulting to SSLv3, and Koji does that. We currently have disabled SSLv3 on our cbs.centos.org koji instance, so if you're a cbs/koji user, please adapt your local koji package (local fix !) At the moment, there is no available upstream package, but the following patch has been tested by Fedora people too (and credits go to https://lists.fedoraproject.org/pipermail/infrastructure/2014-October/01497…) ===================================================== - --- SSLCommon.py.orig 2014-10-15 11:42:54.747082029 +0200 +++ SSLCommon.py 2014-10-15 11:44:08.215257590 +0200 @@ -37,7 +37,8 @@ if f and not os.access(f, os.R_OK): raise StandardError, "%s does not exist or is not readable" % f - - ctx = SSL.Context(SSL.SSLv3_METHOD) # SSLv3 only + #ctx = SSL.Context(SSL.SSLv3_METHOD) # SSLv3 only + ctx = SSL.Context(SSL.TLSv1_METHOD) # TLSv1 only ctx.use_certificate_file(key_and_cert) ctx.use_privatekey_file(key_and_cert) ctx.load_client_ca(ca_cert) @@ -45,7 +46,8 @@ verify = SSL.VERIFY_PEER | SSL.VERIFY_FAIL_IF_NO_PEER_CERT ctx.set_verify(verify, our_verify) ctx.set_verify_depth(10) - - ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1) + #ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1) + ctx.set_options(SSL.OP_NO_SSLv2 | SSL.OP_NO_TLSv1 | SSL.OP_NO_SSLv3) return ctx ===================================================== We'll keep you informed about possible upstream koji packages that would default to at least TLSv1 If you encounter a problem, feel free to drop into #centos-devel channel on irc.freenode.net and have a chat with us on behalf of the Infra team, - -- Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlQ+TUUACgkQnVkHo1a+xU4JyQCfefp2h7yRdmljBqRc+M76jPTf z7wAn3dOkaNPNfEnV0pxWDFX7BDDqKuY =lxsg -----END PGP SIGNATURE-----

1 0

CESA-2014:1397 Important CentOS 7 rsyslog Security Update
by Johnny Hughes 13 Oct '14

13 Oct '14

CentOS Errata and Security Advisory 2014:1397 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1397.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 948575ad1feeb02cbe239668584e1b84268e3bec81215d02d5d06cea0b8f533c rsyslog-7.4.7-7.el7_0.x86_64.rpm c7e99647faec3af85a3d174a7aeac248a1d8d2c80410b6676049fe221188265a rsyslog-crypto-7.4.7-7.el7_0.x86_64.rpm 66be2ec9a2b8d0fa79960c38866ef7562ac59cde6717853eac0e140e320ffba0 rsyslog-doc-7.4.7-7.el7_0.x86_64.rpm 9a74dfc032f6946fa9bca1a8c7af4188c2a937ce04831ace8bb12bf84bd9e32c rsyslog-elasticsearch-7.4.7-7.el7_0.x86_64.rpm 805fb5b2aebd9a88028e496d49695918b8f4b5dc6d07b23babb4619b1c09a8b0 rsyslog-gnutls-7.4.7-7.el7_0.x86_64.rpm ef6c468d97fd791b0313a0755f8403355c5437b89aacf2a23c3e8e71d64883e8 rsyslog-gssapi-7.4.7-7.el7_0.x86_64.rpm 3ea324bf1b7274030b08eaf298345e31f462879ee2379756a32f13f505a59c97 rsyslog-libdbi-7.4.7-7.el7_0.x86_64.rpm 45ddb5e5d772077101b12edaea5282a6d17bdfb2b2bfd62c2f404fcf0782cdcd rsyslog-mmaudit-7.4.7-7.el7_0.x86_64.rpm 207a69be5ab3237c5fe6eba4811b6cadf6d7cd3a91af02cac1f2153c66257c9c rsyslog-mmjsonparse-7.4.7-7.el7_0.x86_64.rpm dfcff07a291887e0666402cf33a76399270dcb8f9ea1fbbf752951425207ff20 rsyslog-mmnormalize-7.4.7-7.el7_0.x86_64.rpm eedb2881ec82be8560681310fc6a7d67b6bbd6556bf45bf3a58b53b38c681f77 rsyslog-mmsnmptrapd-7.4.7-7.el7_0.x86_64.rpm 6fabf1ceff6963dfc1fd0f9f379c25e33ca913776270e9cd067414ca92470738 rsyslog-mysql-7.4.7-7.el7_0.x86_64.rpm d1e5dceec4084daa457a39cd2e60526ae5be249b695344a21be7ed8dea0add65 rsyslog-pgsql-7.4.7-7.el7_0.x86_64.rpm 5732b9cd681a759410d93815d77c42f039bb087907be8164055a7d5680039966 rsyslog-relp-7.4.7-7.el7_0.x86_64.rpm 57411118ac2fa283b397c3be55d7f21a222292656f14d656271ceaeaee494d28 rsyslog-snmp-7.4.7-7.el7_0.x86_64.rpm 771e03bb4a37817aa4e417f47a689b0712c115b4263d7df1079dee3376080028 rsyslog-udpspoof-7.4.7-7.el7_0.x86_64.rpm Source: 250ed2cfdecd54d606fe2a8c9139c7e0f634bf4a6d3fc2f32b1a198191fe5573 rsyslog-7.4.7-7.el7_0.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos(a)irc.freenode.net

1 0

CEEA-2014:1393 CentOS 6 be2iscsi Enhancement Update
by Johnny Hughes 13 Oct '14

13 Oct '14

CentOS Errata and Enhancement Advisory 2014:1393 Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-1393.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: d0d7eaa262746e1760fd3d533b9fa82684ef87bb344b38422946f6b1b81c69c1 kmod-be2iscsi-10.2.273.0r-1.el6_5.i686.rpm x86_64: c066e98a14fc3db9b8237d19d3ffef9a62bcb8e063d6f996b166040f2a047bd2 kmod-be2iscsi-10.2.273.0r-1.el6_5.x86_64.rpm Source: 6d708190df4651c157dd173748290b83bb624071c37e0602540e04a72696d085 be2iscsi-10.2.273.0r-1.el6_5.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos(a)irc.freenode.net

1 0

CEBA-2014:1395 CentOS 6 ksh BugFix Update
by Johnny Hughes 13 Oct '14

13 Oct '14

CentOS Errata and Bugfix Advisory 2014:1395 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1395.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 1387ed663fe471b6b1b4c7ace450886b76d8513ca399fa407f91125cf5b6c765 ksh-20120801-10.el6_5.12.i686.rpm x86_64: 1376e7817bab4dd5b14a4bd2ec56e973d05fbc6367350ceb110a5e39163a7be9 ksh-20120801-10.el6_5.12.x86_64.rpm Source: 7c1fe6ed97a97af63f4810947c747fd9ec6017ba9dcd7104b6d0c9fe007833fc ksh-20120801-10.el6_5.12.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos(a)irc.freenode.net

1 0

CESA-2014:1255 Moderate CentOS 5 krb5 Security Update
by Johnny Hughes 10 Oct '14

10 Oct '14

CentOS Errata and Security Advisory 2014:1255 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1255.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: bdedf72c20131241fe22c3377a2687514bc15a1b0c8cfa0b2437d5c95ddca9f7 krb5-devel-1.6.1-80.el5_11.i386.rpm 9fffda97beadefb7c10e1db2aaf1d78e6d868a1b8fc72b2b0d985deb4b1eb0f3 krb5-libs-1.6.1-80.el5_11.i386.rpm 33edfc1b5fec4efceffc6d31eb5b049c9f325ea2e2ec5899bf72bdae8b528e32 krb5-server-1.6.1-80.el5_11.i386.rpm 92d20a98d3f3f7688b960edc2fbaec43991761dbebbd7e7a2c52ba79ba2f8a49 krb5-server-ldap-1.6.1-80.el5_11.i386.rpm b43c346face17ce142faf5be78ec3af611a9a946321720e24ef5e6b8b6d40683 krb5-workstation-1.6.1-80.el5_11.i386.rpm x86_64: bdedf72c20131241fe22c3377a2687514bc15a1b0c8cfa0b2437d5c95ddca9f7 krb5-devel-1.6.1-80.el5_11.i386.rpm 8299528ca4f6fb42a2d0eb2cf0e40d31c090af54344bc61c731bd123d0ff58d2 krb5-devel-1.6.1-80.el5_11.x86_64.rpm 9fffda97beadefb7c10e1db2aaf1d78e6d868a1b8fc72b2b0d985deb4b1eb0f3 krb5-libs-1.6.1-80.el5_11.i386.rpm fc2d06194339c7a5e1f860a4054ac4e1c18ea224464357c76a5265c5bf3af1e4 krb5-libs-1.6.1-80.el5_11.x86_64.rpm e89f87c8ad03fcdf36373d4f7bb1162abc7c551b9ed1de95721042ac2dc6dc39 krb5-server-1.6.1-80.el5_11.x86_64.rpm a868a052676af36fde1b3523696977459d012cfabe1cd5458b3b49fc7de668bd krb5-server-ldap-1.6.1-80.el5_11.x86_64.rpm 7126bc94f693ccdda6da0242d67ce2850492187155a921c3fe9892e40136f017 krb5-workstation-1.6.1-80.el5_11.x86_64.rpm Source: 1804a362842e1d343d6ec9805831cd475eee88236087d5078c2b8f85477a5f8b krb5-1.6.1-80.el5_11.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos(a)irc.freenode.net

1 0

Infra - CentOS Wiki instance migration
by Fabian Arrotin 09 Oct '14

09 Oct '14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We have to do some hardware/software maintenance on the machine actually hosting the Wiki service (http://wiki.centos.org) Instead of just taking the wiki instance down during that maintenance, we've decided to relocate it to a temporary host, proceed to maintenance, and then migrate it back to the previous node. Migration is scheduled for Friday October 10th, 11:00 am UTC time. You can convert to local time with $(date -d '2014-10-10 11:00 UTC') Migration will happen in several steps: 1 - we "freeze" the wiki on the actual node, transfer data, update the A record, restore the service on the temporary node (disruption ~ 30min) 2 - we proceed to the needed maintenance on first node (no disruption in service, but no estimated time) 3 - depending on time needed for step [2], and assuming we have no hardware issue, we proceed like step [1], but in reverse (so disruption ~30 minutes again) Thanks for your comprehending and patience. on behalf of the Infra team, - -- Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlQ2g0kACgkQnVkHo1a+xU4flACfc1IjPeHelBntwt4eNTd6SBvM wXAAnAqtOg4Ko4nqd0QVUfX7ZcQevD5K =v15z -----END PGP SIGNATURE-----

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

announce October 2014