Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CEBA-2014:0158 CentOS 6 nss Update (Johnny Hughes) 2. CESA-2014:0159 Important CentOS 6 kernel Update (Johnny Hughes) 3. CESA-2014:X005 Moderate Xen4CentOS kernel Security Update (Johnny Hughes) 4. CESA-2014:X004 Moderate Xen4CentOS xen Security Update (Johnny Hughes) ---------------------------------------------------------------------- Message: 1 Date: Tue, 11 Feb 2014 13:28:45 +0000 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CEBA-2014:0158 CentOS 6 nss Update To: centos-announce at centos.org Message-ID: <20140211132845.GA62118 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Bugfix Advisory 2014:0158 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0158.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 310b1aeb6a141060d8d5aa9ae5917f22af5d6772b3c1b38095469dfc7c92ba39 nss-3.15.3-6.el6_5.i686.rpm 70eebce630134280c4bdef73fa1bb3e516b2a268256cc8aa4bce3757388952ec nss-devel-3.15.3-6.el6_5.i686.rpm 6017281dc055f29ea81b7f6efa07854552925b06b570eb7b013b293150d3acc2 nss-pkcs11-devel-3.15.3-6.el6_5.i686.rpm 340e367a0e67787cf4491770b15830f5eddef223633c59dc774146f107d129ab nss-sysinit-3.15.3-6.el6_5.i686.rpm 681e59d442c114390f28b3f0ef289427ecc0f1607dc5f11fbabe05e95df034cf nss-tools-3.15.3-6.el6_5.i686.rpm x86_64: 310b1aeb6a141060d8d5aa9ae5917f22af5d6772b3c1b38095469dfc7c92ba39 nss-3.15.3-6.el6_5.i686.rpm 40f8a4da558a0040ed9cf85ad4e3c93b2fec47360b95b0b134c4635b7b986635 nss-3.15.3-6.el6_5.x86_64.rpm 70eebce630134280c4bdef73fa1bb3e516b2a268256cc8aa4bce3757388952ec nss-devel-3.15.3-6.el6_5.i686.rpm 0d12c2cc1b8d78bb0c9124d9afdb4eeabf56651fe5c079703aaf9e4ebfeae517 nss-devel-3.15.3-6.el6_5.x86_64.rpm 6017281dc055f29ea81b7f6efa07854552925b06b570eb7b013b293150d3acc2 nss-pkcs11-devel-3.15.3-6.el6_5.i686.rpm 733075233b68de52267f1a0deb419028c571097b2e03e7d0470d61eb5ebd1115 nss-pkcs11-devel-3.15.3-6.el6_5.x86_64.rpm 5825c6b6c0565442f17cc125dbe3576b8deacc3d2d37fe18ae16cefa7fb9a4b3 nss-sysinit-3.15.3-6.el6_5.x86_64.rpm 868a02e6cadd7af1f1f10f870e7bf11567193bee559d2c41d4b4f3f84df0c9ed nss-tools-3.15.3-6.el6_5.x86_64.rpm Source: a6b663df279af7dc05d9d57e385adfb8f9610d37ea42480159e3f9742e37081e nss-3.15.3-6.el6_5.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 2 Date: Wed, 12 Feb 2014 04:44:55 +0000 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2014:0159 Important CentOS 6 kernel Update To: centos-announce at centos.org Message-ID: <20140212044455.GA12265 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:0159 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0159.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: ea97a65892db65c6440909e7c1aae72f7a4967dd40acd6b7083efb669675f82e kernel-2.6.32-431.5.1.el6.i686.rpm f414c76e5f917e64ec06d58569819668de317f6bdf4fa664319798fc1d9c700b kernel-abi-whitelists-2.6.32-431.5.1.el6.noarch.rpm a8cc1be550eb37e7aa87952f47f35d09cff9320d70d0a6ed5d94ebbbdb174814 kernel-debug-2.6.32-431.5.1.el6.i686.rpm f46b9c2dc6b943b4d8584355af74dce5efd26259b57f430e255bb8043961d168 kernel-debug-devel-2.6.32-431.5.1.el6.i686.rpm aed0d4d4c5a8a18ac976a6051aa071c6203ff81f33a1b90f4f969cbf268c82fb kernel-devel-2.6.32-431.5.1.el6.i686.rpm 86b38a37649d74ca4f8b32008c0c4b00fde9a992fbc6173b264e170101f5566c kernel-doc-2.6.32-431.5.1.el6.noarch.rpm c60c4e980136fd64f8073323af857c202a61e80a26b39949403f2f5c2ca2dbf6 kernel-firmware-2.6.32-431.5.1.el6.noarch.rpm 06eadc863ceaa33cb1b7d46ca6d752e877a9cbb7084b8a6ba4c924117d4d1eb0 kernel-headers-2.6.32-431.5.1.el6.i686.rpm 27bfc9e2e9d158d55e174ee22d1e4475c56e210528403f57064c455dbca05839 perf-2.6.32-431.5.1.el6.i686.rpm 6ccf0df7199af6008649ba4ebbf24e8f6989246b397d1b67fb14cb845ef965a8 python-perf-2.6.32-431.5.1.el6.i686.rpm x86_64: 6fb4e540cf0a38a3881671c7097c4f2400986200959a51a5cd811c34c8780343 kernel-2.6.32-431.5.1.el6.x86_64.rpm f414c76e5f917e64ec06d58569819668de317f6bdf4fa664319798fc1d9c700b kernel-abi-whitelists-2.6.32-431.5.1.el6.noarch.rpm 422caa7fce83f70f1ce9e0104141d6b4f30cfeb9e54048001cdf5da93f0263d6 kernel-debug-2.6.32-431.5.1.el6.x86_64.rpm 21378f0499d012d533fdaf5701d0096df8dac620395fc243abcae1c2ce1d6a08 kernel-debug-devel-2.6.32-431.5.1.el6.x86_64.rpm 601578e4bc4e13e821fb2706f4ce2be79bb94af7d07ba42bd66afafddd9e50a9 kernel-devel-2.6.32-431.5.1.el6.x86_64.rpm 86b38a37649d74ca4f8b32008c0c4b00fde9a992fbc6173b264e170101f5566c kernel-doc-2.6.32-431.5.1.el6.noarch.rpm c60c4e980136fd64f8073323af857c202a61e80a26b39949403f2f5c2ca2dbf6 kernel-firmware-2.6.32-431.5.1.el6.noarch.rpm d8926d4740630dad9f1837eee89a242a4b59961e7dadbae3c38fa6a9bdbcca30 kernel-headers-2.6.32-431.5.1.el6.x86_64.rpm 6b821263e676e6b802988076d6d002f7ffd6816ad1fcbbabb281423c59882182 perf-2.6.32-431.5.1.el6.x86_64.rpm bb6c8c891e9893c3c8b8f3802e2317fccfbb0859c53060e97fc184dffd7dd4eb python-perf-2.6.32-431.5.1.el6.x86_64.rpm Source: 0139e1b4e74e3305354b5e27bf77f8c5944c20b7fe0e99f353ce69cced17c5a3 kernel-2.6.32-431.5.1.el6.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 3 Date: Wed, 12 Feb 2014 05:03:32 +0000 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2014:X005 Moderate Xen4CentOS kernel Security Update To: CentOS-announce at centos.org Message-ID: <20140212050332.GA15422 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:X005 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 4d780927c1273021f707954531d4f8363f96001a09101ac3b828c02dcf640fc5 e1000e-2.5.4-3.10.29.2.el6.centos.alt.x86_64.rpm 8665f64a64ba10ff731077eb7a25a1eb282cf46739d9d18383d07da7131833aa kernel-3.10.29-11.el6.centos.alt.x86_64.rpm e66b9c91d42024a4af3752d557a2e0c8fe4c7f2026f9b4a9eea0a500cfc0da4b kernel-devel-3.10.29-11.el6.centos.alt.x86_64.rpm ce7481db6e7b8c1bca4a104c8bfcdfaa3e8e2334b7ae430c2246685f61ae2b81 kernel-doc-3.10.29-11.el6.centos.alt.noarch.rpm f3308009ccd8565b5465b8215676c4267e1112abf726404f0553ffc058b3ea56 kernel-firmware-3.10.29-11.el6.centos.alt.noarch.rpm c5d1a5429a03f2be7dd14865ef5bd8595e5d2691a4d00b4065cbbddddc0b6d6d kernel-headers-3.10.29-11.el6.centos.alt.x86_64.rpm 9dbd0fecce020f0a2b979500ec56ca2c134b6f7c9885133ce31a5fb811f5cd33 perf-3.10.29-11.el6.centos.alt.x86_64.rpm ----------------------------- Source: ----------------------------- daacfa96cd99b7d61e4c020b7c92e2039e8867b0cc0d2c0b8a7ecd9b0d251bcb e1000e-2.5.4-3.10.29.2.el6.centos.alt.src.rpm 447c3e834e97b7c4a4b872663a576eef0a984869f6e2fdb06334301f197c1dfe kernel-3.10.29-11.el6.centos.alt.src.rpm ===================================================== Kernel Changelog info from the SPEC file: * Tue Feb 11 2014 Johnny Hughes <johnny at centos.org> - 3.10.29-11 - upgrade to upstream 3.10.29 - addresses CVE-2014-0038 and CVE-2013-6885 e1000e Changelog info from the SPEC file: * Tue Feb 11 2014 Johnny Hughes <johnny at centos.org> - 2.5.4-3.10.29.2.el6.centos.alt - build against version 3.10.29 kernel ===================================================== The following kernel changelogs are available from kernel.org since the previous kernel: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.29 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.28 ===================================================== The following security issues are addressed in this update: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0038 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6885 ===================================================== NOTE: You must run /usr/bin/grub-bootxen.sh to update the file /boot/grub/grub.conf (or you must update that file manually) to boot the new kernel on a dom0 xen machine. See for info: http://wiki.centos.org/HowTos/Xen/Xen4QuickStart -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 4 Date: Wed, 12 Feb 2014 05:03:53 +0000 From: Johnny Hughes <johnny at centos.org> Subject: [CentOS-announce] CESA-2014:X004 Moderate Xen4CentOS xen Security Update To: CentOS-announce at centos.org Message-ID: <20140212050353.GA15436 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:X004 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- bb6f3ba6c19f731b233c6c0ec338f9b92f418664dc1fd4f31ddc2e3ee2848583 xen-4.2.3-28.el6.centos.alt.x86_64.rpm e1ba3b17464f8992bc81c861826bb03f1a46f7421872abb138d30317fec5e880 xen-devel-4.2.3-28.el6.centos.alt.x86_64.rpm b308ef85354cba806ae30a54466f66c95bea81937a9ac4fe58434750f2089d76 xen-doc-4.2.3-28.el6.centos.alt.x86_64.rpm 0bc067a9225953b3034e8adc285e82931be1f61fe832a910391f773bfee75e9e xen-hypervisor-4.2.3-28.el6.centos.alt.x86_64.rpm 96c44ad669efe2c7315f8b2bebec7be559d5557d381cb8015667a494367aaa96 xen-libs-4.2.3-28.el6.centos.alt.x86_64.rpm b33ef015bab2a1381ed0cba9300313fdbda2c00e0241c93f99025b79820d0b7e xen-licenses-4.2.3-28.el6.centos.alt.x86_64.rpm 89de11af00731b0ad158b544967724c27bc6f43c71f035bb76d3f12b6500577f xen-ocaml-4.2.3-28.el6.centos.alt.x86_64.rpm 9ec958a4bd8c80fcff5121fc30b63874f3854a9a3f81f0a4441c35017f97bd41 xen-ocaml-devel-4.2.3-28.el6.centos.alt.x86_64.rpm 2abf9c625ee014646760bea77c7cd376db73ee4a11a28226004c2fc6f003c3ef xen-runtime-4.2.3-28.el6.centos.alt.x86_64.rpm ----------------------------- Source: ----------------------------- 252cbc61a5ad6360fdb675d7ba95d09585f9b5cb3af7d68c47229cad7c103bb0 xen-4.2.3-28.el6.centos.alt.src.rpm ===================================================== xen Changelog info from the SPEC file: * Tue Feb 11 2014 Johnny Hughes <johnny at centos.org> - 4.2.3-28.el6.centos - Roll in Patches 153, 154, and 155 XSA-84 (CVE-2014-1891, CVE-2014-1892, CVE-2014-1893, CVE-2014-1894) XSA-85 (CVE-2014-1894), XSA-86 (CVE-2014-1896) ===================================================== The following XSA info is available from the Xen site http://xenbits.xen.org/xsa/advisory-84.html http://xenbits.xen.org/xsa/advisory-85.html http://xenbits.xen.org/xsa/advisory-86.html -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ _______________________________________________ CentOS-announce mailing list CentOS-announce at centos.org http://lists.centos.org/mailman/listinfo/centos-announce End of CentOS-announce Digest, Vol 108, Issue 7 ***********************************************