Send CentOS-announce mailing list submissions to
centos-announce@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-request@centos.org
You can reach the person managing the list at
centos-announce-owner@centos.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."
Today's Topics:
1. CESA-2014:1653 Moderate CentOS 5 openssl Security Update
(Johnny Hughes)
2. CEEA-2014:1649 CentOS 7 kpatch Enhancement Update (Johnny Hughes)
3. CESA-2014:1652 Important CentOS 7 openssl Security Update
(Johnny Hughes)
4. CESA-2014:1653 Moderate CentOS 5 openssl Security Update
(Johnny Hughes)
5. CESA-2014:1652 Important CentOS 6 openssl Security Update
(Johnny Hughes)
----------------------------------------------------------------------
Message: 1
Date: Thu, 16 Oct 2014 15:21:39 +0000
From: Johnny Hughes johnny@centos.org
To: centos-announce@centos.org
Subject: [CentOS-announce] CESA-2014:1653 Moderate CentOS 5 openssl
Security Update
Message-ID: 20141016152139.GA19436@chakra.karan.org
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Security Advisory 2014:1653 Moderate
Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1653.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
0c3787137a7d1a0402612833b173693910eb27f79e0c4f8cedf6185b4f7141f9 openssl-0.9.8e-31.el5_11.i386.rpm
5ef64e16dd1349a254a96e91cfdfdd6215fb9daa846360d2efff515bbb6a56b8 openssl-devel-0.9.8e-31.el5_11.i386.rpm
b98e5df6d59eddee85d544ca35bf0b7ca469a4c7032138465189c4c7bc27e5e6 openssl-perl-0.9.8e-31.el5_11.i386.rpm
x86_64:
85ee93123052e86fd4204694e3ac52fad6797b3f7009d8bce8e1f908bfed5352 openssl-0.9.8e-31.el5_11.x86_64.rpm
5ef64e16dd1349a254a96e91cfdfdd6215fb9daa846360d2efff515bbb6a56b8 openssl-devel-0.9.8e-31.el5_11.i386.rpm
11362d4d6755f5e33609a8adf6fbd0002f1343e72cd5e06ddbf2c8e99cf0d514 openssl-devel-0.9.8e-31.el5_11.x86_64.rpm
4aa6b35c036489a83a193ceb26fea4d1b5da93e7fddc08245fe59ffde0d7f509 openssl-perl-0.9.8e-31.el5_11.x86_64.rpm
Source:
1741388be54beb7176f7b5d90a3ddd1be99e1fcd5296725f4999c446a30c35c5 openssl-0.9.8e-31.el5_11.src.rpm
--
Johnny Hughes
CentOS Project {
http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
------------------------------
Message: 2
Date: Thu, 16 Oct 2014 16:22:22 +0000
From: Johnny Hughes
johnny@centos.org
To: centos-announce@centos.org
Subject: [CentOS-announce] CEEA-2014:1649 CentOS 7 kpatch Enhancement
Update
Message-ID:
20141016162222.GA58256@n04.lon1.karan.org
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Enhancement Advisory 2014:1649
Upstream details at :
https://rhn.redhat.com/errata/RHEA-2014-1649.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
51d8cfeb1a49efd3d778fcbf00537076b2d68f6ebcd0098fa174cd885c29dc6a kpatch-0.1.10-3.el7_0.noarch.rpm
Source:
4d7cb8146fc0433167cd8e18f439d3b3cf7748649ce21b509b501fd46cc45c58 kpatch-0.1.10-3.el7_0.src.rpm
--
Johnny Hughes
CentOS Project {
http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
------------------------------
Message: 3
Date: Thu, 16 Oct 2014 16:22:42 +0000
From: Johnny Hughes
johnny@centos.org
To: centos-announce@centos.org
Subject: [CentOS-announce] CESA-2014:1652 Important CentOS 7 openssl
Security Update
Message-ID:
20141016162242.GA58353@n04.lon1.karan.org
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Security Advisory 2014:1652 Important
Upstream details at :
https://rhn.redhat.com/errata/RHSA-2014-1652.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
982ba4376041d2d99d4b84dc05fbeac6b925777aa34d631aceeedb598bb98413 openssl-1.0.1e-34.el7_0.6.x86_64.rpm
426ba8dc7ac74f8b71f7965ec2e6e6b398ab466dc892394e8d1d5bd80ca4a4e6 openssl-devel-1.0.1e-34.el7_0.6.i686.rpm
7fdf24148ed86f0abb2618d92741d5c8f0769de6136b4ed9df2a60b8c795abe3 openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm
ebc0fc79108a67efd64da36669c90865b4a75a38b4c07a5316078edd98b65da9 openssl-libs-1.0.1e-34.el7_0.6.i686.rpm
5d0607c487922602ae315f62d9d3c0eb8ca76a65c288e6c8fc61f688dad59593 openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm
4b092081206a1140a5d2901c2f5513c8155ec2b57a05cafdd6c9011ccdde78f5 openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm
d664f61543bb84773467300c726d870700584f5af616df7a9f29922822773dd8 openssl-static-1.0.1e-34.el7_0.6.i686.rpm
c57075f8c198ec81db1936eb2dea8ff210de317f76047ffa601eefd8230d3bae openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm
Source:
6638e94c18b6961748e7986823b7115d852b25883ccff03ec89a16234cbca517 openssl-1.0.1e-34.el7_0.6.src.rpm
--
Johnny Hughes
CentOS Project {
http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
------------------------------
Message: 4
Date: Thu, 16 Oct 2014 17:53:19 +0000
From: Johnny Hughes
johnny@centos.org
To: centos-announce@centos.org
Subject: [CentOS-announce] CESA-2014:1653 Moderate CentOS 5 openssl
Security Update
Message-ID:
20141016175319.GA26372@chakra.karan.org
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Security Advisory 2014:1653 Moderate
Upstream details at :
https://rhn.redhat.com/errata/RHSA-2014-1653.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
0f38fea6d167a87276c20f5a4d56c2f41faf7fc08d9c76e28329ecadbe0de51f openssl-0.9.8e-31.el5_11.i386.rpm
c9660117d38961e5388d2fd72b0a68816b2047dc828a7438b0f6a4c74da4f27b openssl-0.9.8e-31.el5_11.i686.rpm
6244227177fb88cf9db43d1ffe086014c5786f8764c1d161d7ff5c0e4b4bcb78 openssl-devel-0.9.8e-31.el5_11.i386.rpm
33e546cd8897b47e2ddf836f07ad103a2ebb2f4282cd32c7b730d39ab462b67b openssl-perl-0.9.8e-31.el5_11.i386.rpm
x86_64:
c9660117d38961e5388d2fd72b0a68816b2047dc828a7438b0f6a4c74da4f27b openssl-0.9.8e-31.el5_11.i686.rpm
802ed9a049e7ae8c417c2bb108348cc9bd132698e805aa68795862276a320493 openssl-0.9.8e-31.el5_11.x86_64.rpm
6244227177fb88cf9db43d1ffe086014c5786f8764c1d161d7ff5c0e4b4bcb78 openssl-devel-0.9.8e-31.el5_11.i386.rpm
70cc0ab04b906816a2b8db05603c96fb709cb45473b116c73da1e5569295672b openssl-devel-0.9.8e-31.el5_11.x86_64.rpm
cd7303f6689aac1013530cc766a70b6fdae56dc3b87960ecdec567ed68bfb168 openssl-perl-0.9.8e-31.el5_11.x86_64.rpm
Source:
2d15a9cccc5453a329e53986061386de39e6e512af147b84354c3473b39a957b openssl-0.9.8e-31.el5_11.src.rpm
--
Johnny Hughes
CentOS Project {
http://www.centos.org/ }
irc: hughesjr, #centos@irc.freenode.net
------------------------------
Message: 5
Date: Thu, 16 Oct 2014 20:48:09 +0000
From: Johnny Hughes
johnny@centos.org
To: centos-announce@centos.org
Subject: [CentOS-announce] CESA-2014:1652 Important CentOS 6 openssl
Security Update
Message-ID:
20141016204809.GA19739@n04.lon1.karan.org
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Security Advisory 2014:1652
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
-----------------------------
i386
-----------------------------
5898ac3179dfdd904c352badd79b6f5ec702315f4bc7b8989de8f114304fbd78 openssl-1.0.1e-30.el6_5.2.i686.rpm
dcc5d47340d69f53af592a92282df89ef3bd4705ce34f4a57a93d211e93cfd7d openssl-devel-1.0.1e-30.el6_5.2.i686.rpm
dc42eb136b3cfef78d590d4ab29d36e5e5951bc9433d20d5ca633033d960a00d openssl-perl-1.0.1e-30.el6_5.2.i686.rpm
95e67f00f7d58348e5f0df6ac74d7baecb9d5fc214d58ad257a14bec353219a3 openssl-static-1.0.1e-30.el6_5.2.i686.rpm
-----------------------------
X86_64
-----------------------------
5898ac3179dfdd904c352badd79b6f5ec702315f4bc7b8989de8f114304fbd78 openssl-1.0.1e-30.el6_5.2.i686.rpm
17bfdb52afcb2ebaa16875819b9d8d2f3dc84eb061ee3e194da14e286bc76029 openssl-1.0.1e-30.el6_5.2.x86_64.rpm
dcc5d47340d69f53af592a92282df89ef3bd4705ce34f4a57a93d211e93cfd7d openssl-devel-1.0.1e-30.el6_5.2.i686.rpm
7c390aab888c07887fc783686f42216711665738e58c2b23029748292dd0f96d openssl-devel-1.0.1e-30.el6_5.2.x86_64.rpm
dfdcf88163743d5f4fda06a69cba00b822b73ba66aa5841faf8c0e9841b91bcb openssl-perl-1.0.1e-30.el6_5.2.x86_64.rpm
0f8cc0615d96d4d7e74b5ffc109143873510406dbb6be679d4ab94bd4f731cdb openssl-static-1.0.1e-30.el6_5.2.x86_64.rpm
-----------------------------
Source:
-----------------------------
1a1c3ed0d8eb5775d89b726e7f19ff2d8b52b7ef27f6e36260e83ffc40328460 openssl-1.0.1e-30.el6_5.2.src.rpm
=====================================================
The following upstream security issues are addressed in this update:
https://rhn.redhat.com/errata/RHSA-2014-1652.html
=====================================================
NOTE: This update is released into the CentOS-6.5 tree and has a .el6_5 dist
tag, *NOT* the .el6_6 dist tag that Red Hat used for RHEL in the link above.
This update was built against 'CentOS-6.5 + updates' and that is where it is
intended to be used.
The CentOS team will build and release a openssl-1.0.1e-30.el6_6.2.src.rpm as
a zero day update to CentOS-6.6 when that is released as we are currently
building CentOS-6.6 from the released Red Hat Enterprise Linux sources.
Please also note that even after installing this update, further action is
required to mitigate the POODLE issue on CentOS-6. Please see this link for
steps to take and ways to test for both the POODLE and TLS_FALLBACK_SCSV issues.
http://wiki.centos.org/Security/POODLE
--
Johnny Hughes
CentOS Project {
http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net
------------------------------
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
End of CentOS-announce Digest, Vol 116, Issue 10
************************************************