Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2013:X013 Important Xen4CentOS xen Security Update (Johnny Hughes) 2. CESA-2013:X014 Important Xen4CentOS libvirt Security Update (Johnny Hughes) 3. CEEA-2013:X015 Xen4CentOS kernel Enhancement Update (Johnny Hughes) ---------------------------------------------------------------------- Message: 1 Date: Mon, 25 Nov 2013 14:27:12 +0000 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2013:X013 Important Xen4CentOS xen Security Update To: centos-announce at centos.org Message-ID: <20131125142712.GA43146 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2013:X013 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- f3725f9d29b2fd85d3c9568d979b7ea0f26e1844bb7474b8ef4de2e124bae9ff xen-4.2.3-25.el6.centos.alt.x86_64.rpm b8a518ca3807067471d7397481d9ebcb11f1dda80945bf40a34b8c6fd76cdf6b xen-devel-4.2.3-25.el6.centos.alt.x86_64.rpm 71622b65300a17b2bb6d5758e2bbe5ec158a429446b6dff875874641eba585bc xen-doc-4.2.3-25.el6.centos.alt.x86_64.rpm eb4ea62e3455e39df2f468b224a15a30e0f61f5e0ad3e0996244aa1c42c611d3 xen-hypervisor-4.2.3-25.el6.centos.alt.x86_64.rpm e0fe32ba2d7012cc69ac0b5c188abe949c2fb222b177be8c980ed83317eccb93 xen-libs-4.2.3-25.el6.centos.alt.x86_64.rpm 3a566e7a2040f3373285245f7f7c726a597d8de35dec8f601eb2863b432ab3b2 xen-licenses-4.2.3-25.el6.centos.alt.x86_64.rpm 80571d5031b23f6feca314d6b66838b4ba8e0e5e12845b1f3a69df8fd03ff9d5 xen-ocaml-4.2.3-25.el6.centos.alt.x86_64.rpm ef16ee93f197961a3f8fb514816170c23e66a3fa74354c4e78959759b43b19df xen-ocaml-devel-4.2.3-25.el6.centos.alt.x86_64.rpm 22692e325f8ab867730e51570b3cc3977f4c64416c9f38ad0897716d8152a739 xen-runtime-4.2.3-25.el6.centos.alt.x86_64.rpm ----------------------------- Source: ----------------------------- d9db3406ff206cd8be106a63712df1c5daacd9d437fc88fb75f523476d60c840 xen-4.2.3-25.el6.centos.alt.src.rpm ===================================================== xen Changelog info from the SPEC file: * Sat Nov 23 2013 Johnny Hughes <johnny at centos.org> - 4.2.3-25.el6.centos - Roll in patch 145 and 146 for XSA-75 (CVE-2013-4551), XSA-78 (CVE-2013-6375) * Mon Nov 04 2013 Johnny Hughes <johnny at centos.org> - 4.2.3-24.el6.centos - Roll in patches 134 to 141, 143 to 144 for the following XSAs: - XSA-62 (CVE-2013-1442), XSA-63 (CVE-2013-4355), XSA-72 (CVE-2013-4416) - XSA-64 (CVE-2013-4356), XSA-66 (CVE-2013-4361), XSA-67 (CVE-2013-4368) - XSA-68 (CVE-2013-4369), XSA-69 (CVE-2013-4370), XSA-70 (CVE-2013-4371) - XSA-73 (CVE-2013-4494) ===================================================== The following XSA info is available from the Xen site http://xenbits.xen.org/xsa/advisory-62.html http://xenbits.xen.org/xsa/advisory-63.html http://xenbits.xen.org/xsa/advisory-64.html http://xenbits.xen.org/xsa/advisory-66.html http://xenbits.xen.org/xsa/advisory-67.html http://xenbits.xen.org/xsa/advisory-68.html http://xenbits.xen.org/xsa/advisory-69.html http://xenbits.xen.org/xsa/advisory-70.html http://xenbits.xen.org/xsa/advisory-72.html http://xenbits.xen.org/xsa/advisory-73.html http://xenbits.xen.org/xsa/advisory-75.html http://xenbits.xen.org/xsa/advisory-78.html -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 2 Date: Mon, 25 Nov 2013 14:27:37 +0000 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2013:X014 Important Xen4CentOS libvirt Security Update To: centos-announce at centos.org Message-ID: <20131125142737.GA43154 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2013:X014 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- ab3a48f7c3dbd4f47cd4676fff16282f852ccc230653fdc64b1e7ec6864fb04d libvirt-0.10.2.8-5.el6.centos.alt.x86_64.rpm 780981c95cbe4dd352b8ecbfd23bcd04abacb6f9a522e45f5dd890acb4bab87a libvirt-client-0.10.2.8-5.el6.centos.alt.x86_64.rpm bd57d22f0aff2276f3263fb0920614f3fa917a1b5baef37d1e411c131ae480a5 libvirt-daemon-0.10.2.8-5.el6.centos.alt.x86_64.rpm fbbec7851f73e9fee1d036a080af2c64df42d443452cdf5e9943070bcf4579fc libvirt-daemon-config-network-0.10.2.8-5.el6.centos.alt.x86_64.rpm df5b7c70bd4f2fa491701d092d29fc4ad8ce2a0cf0b349b0300d7452bdbfdde9 libvirt-daemon-config-nwfilter-0.10.2.8-5.el6.centos.alt.x86_64.rpm c6b232073043d4829b91533c7ba32ab772aaf28139b5e7973342ecb2b98f97b7 libvirt-daemon-driver-interface-0.10.2.8-5.el6.centos.alt.x86_64.rpm 33b62166a71a086f1a61a096710aca65061fa750025e12899da5ef7e74bfdb16 libvirt-daemon-driver-libxl-0.10.2.8-5.el6.centos.alt.x86_64.rpm fb1d37174690e4a96bfec95c2cabe56a65e185e0d096f3614fb435cc647e1c69 libvirt-daemon-driver-lxc-0.10.2.8-5.el6.centos.alt.x86_64.rpm 56d26c84705780c9c9c56f7469fb56d4ac7c9f801b406ff153878a4ddc6fb1d2 libvirt-daemon-driver-network-0.10.2.8-5.el6.centos.alt.x86_64.rpm 1fcadda32beaa6cb3d9059cb0ceaa04946f00947230faeede0d4a1b0b6f55af2 libvirt-daemon-driver-nodedev-0.10.2.8-5.el6.centos.alt.x86_64.rpm 39d8709453d808fea84257e6cc3c13c5e94e3b4cd0728c6f12653b9aed0fb416 libvirt-daemon-driver-nwfilter-0.10.2.8-5.el6.centos.alt.x86_64.rpm 940af268c17c9beaf891edb6df16361d7f5ba59665c4b6ab4a87b92ec6b5d6b2 libvirt-daemon-driver-qemu-0.10.2.8-5.el6.centos.alt.x86_64.rpm d6ff73e1d643f904364b45f5476df098c6b7b81fc2f738cc8118e6977c8b58f0 libvirt-daemon-driver-secret-0.10.2.8-5.el6.centos.alt.x86_64.rpm f67bf0653579994a919839de854ef6c90429ae150fc6f5d4231fe650c3d42caa libvirt-daemon-driver-storage-0.10.2.8-5.el6.centos.alt.x86_64.rpm db24201784fa8704367b8e7b64fb2cad272262883b125a6e6fefe6d48f90a4c9 libvirt-daemon-driver-xen-0.10.2.8-5.el6.centos.alt.x86_64.rpm 1df91c45531c2eee12cbf477ece1056a66ea62f8a1190ac9c9c0006ef66eba10 libvirt-daemon-kvm-0.10.2.8-5.el6.centos.alt.x86_64.rpm b53d71dc6ae1c45f251f2fa04566c4ced34be07278813fb4489ad1bf26a9d709 libvirt-daemon-lxc-0.10.2.8-5.el6.centos.alt.x86_64.rpm 95e0b80e8ab2327e06ad741d0eda8e54e3b62cf8e8707eacb5927c7aa753bae6 libvirt-daemon-xen-0.10.2.8-5.el6.centos.alt.x86_64.rpm 1f0b1021d167b73ff0e96bc13a4d0484eb005f0a551baa6265c79b8d93174bd4 libvirt-devel-0.10.2.8-5.el6.centos.alt.x86_64.rpm 5c968c67c0fd8864a37d27f076b2dda9309ceb20d9909bbb6a6552426f3dbe97 libvirt-docs-0.10.2.8-5.el6.centos.alt.x86_64.rpm 224f5f9faec54b970bf5694614d74bfe9fbb136dab84871881c5de88d22fd75f libvirt-lock-sanlock-0.10.2.8-5.el6.centos.alt.x86_64.rpm 214db0e8afe97848c741f195debd4a70864563963da71940e94c636cb57e4028 libvirt-python-0.10.2.8-5.el6.centos.alt.x86_64.rpm ----------------------------- Source: ----------------------------- 0736cb1d219fa72766c235c46fc58e356e96eec4324ca1d6503911ad64746398 libvirt-0.10.2.8-5.el6.centos.alt.src.rpm ===================================================== libvirt Changelog info from the SPEC file: * Tue Nov 05 2013 Johnny Hughes <johnny at centos.org> 0.10.2.8-5.el6.centos.alt - upgrade to upstream version 0.10.2.8 - reomve patches 403, 404, 405 as they are rolled in upstream - added patch 406 from the from libvirt 0.10.2-maint channel - CVE-2013-4296 is addressed in this update ===================================================== The following Security issues are addressed in this release: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4296 -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 3 Date: Mon, 25 Nov 2013 14:30:21 +0000 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CEEA-2013:X015 Xen4CentOS kernel Enhancement Update To: centos-announce at centos.org Message-ID: <20131125143021.GA43191 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Enhancement Advisory 2013:X015 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- c0e393639da8712303ae87a379fbc7584b4a5b20229473c73e640653702da4db e1000e-2.5.4-3.10.20.2.el6.centos.alt.x86_64.rpm 436669a1b8d5a71a7b6f8432dc05916d1779a7d0a3cc78221a2be147756bda85 kernel-3.10.20-11.el6.centos.alt.x86_64.rpm 9d30f870eebed13633a29ba7f57807e82486da0e29b51bbfe9e56feb76623b6b kernel-devel-3.10.20-11.el6.centos.alt.x86_64.rpm c29b37bd41b8e15476e62a5319fce3cdd1dc6705089ac8101d28c5cab5a29b6d kernel-doc-3.10.20-11.el6.centos.alt.noarch.rpm 18d0d9236fe801263004f8481256b1c991f9b5139fa432e8620dbc3a27978ea6 kernel-firmware-3.10.20-11.el6.centos.alt.noarch.rpm 080b1a8904625d50e83cfcebc7c36551c7a2d3e05292a438204042b6c99dc0a8 kernel-headers-3.10.20-11.el6.centos.alt.x86_64.rpm d1d510730f6fd668bd93be42cb5cc178504352b2603e7e383de0219c1f27aa64 perf-3.10.20-11.el6.centos.alt.x86_64.rpm ----------------------------- Source: ----------------------------- 95bcf551904667c4e5753da1b800febfac0319585a5702e896ca6b41065b3730 e1000e-2.5.4-3.10.20.2.el6.centos.alt.src.rpm 2ab3e14b38837b5239cf01d30f8fa72a20ea2956a9758a7a771e162aa128fe57 kernel-3.10.20-11.el6.centos.alt.src.rpm ===================================================== Kernel Changelog info from the SPEC file: * Sat Nov 23 2013 Johnny Hughes <johnny at centos.org> 3.10.20-11 - modified patch patch130 to add all bnx2 drivers * Sat Nov 23 2013 Johnny Hughes <johnny at centos.org> 3.10.20-10 - upgraded to upstream version 3.10.20 - removed sources 4, 5, 6, and 7 to instead roll in all bnx2 and bnx2x firmware files instead of doing them individually - created sources 8 and 9 that are tarballs of the latest bnx2 and bnx2x firmware files from kernel.org - modified to spec file to extract sources 8 and 9 and build all fw files in bnx2 and bnx2x dirs * Wed Nov 13 2013 Johnny Hughes <johnny at centos.org> 3.10.18-10 - upgraded to upstream version 3.10.18 - modified/enabled patch130 to work with the 3.10.x tree (new broadcom drivers) * Tue Nov 12 2013 Johnny Hughes <johnny at centos.org> 3.10.12-10 - Move to the 3.10.12 LTS Kernel - add /etc/bash_completion.d/perf to the kernel-perf package - removed all patches except 118 and 119 to add blktap25 as they are upstream - modified patches 118 and 119 to apply to the 3.10.x kernel tree e1000e Changelog info from the SPEC file: * Mon Nov 25 2013 Johnny Hughes <johnny at centos.org> - 2.5.4-3.10.20.2.el6.centos.alt - build against version 3.10.20 kernel ===================================================== NOTE: This is a rebase of the kernel for the Xen4CentOS6 project from the 3.4.x LTS tree to the 3.10.x LTS tree. NOTE: You must run /usr/bin/grub-bootxen.sh to update the file /boot/grub/grub.conf (or you must update that file manually) to boot the new kernel on a dom0 xen machine. See for info: http://wiki.centos.org/HowTos/Xen/Xen4QuickStart -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ _______________________________________________ CentOS-announce mailing list CentOS-announce at centos.org http://lists.centos.org/mailman/listinfo/centos-announce End of CentOS-announce Digest, Vol 105, Issue 11 ************************************************