[CentOS] CentOS-announce Digest, Vol 108, Issue 7

Wed Feb 12 12:00:05 UTC 2014
centos-announce-request at centos.org <centos-announce-request at centos.org>

Send CentOS-announce mailing list submissions to
	centos-announce at centos.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
	centos-announce-request at centos.org

You can reach the person managing the list at
	centos-announce-owner at centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. CEBA-2014:0158  CentOS 6 nss Update (Johnny Hughes)
   2. CESA-2014:0159 Important CentOS 6 kernel Update (Johnny Hughes)
   3. CESA-2014:X005 Moderate Xen4CentOS kernel	Security Update
      (Johnny Hughes)
   4. CESA-2014:X004 Moderate Xen4CentOS xen Security	Update
      (Johnny Hughes)


----------------------------------------------------------------------

Message: 1
Date: Tue, 11 Feb 2014 13:28:45 +0000
From: Johnny Hughes <johnny at centos.org>
Subject: [CentOS-announce] CEBA-2014:0158  CentOS 6 nss Update
To: centos-announce at centos.org
Message-ID: <20140211132845.GA62118 at n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2014:0158 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0158.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
310b1aeb6a141060d8d5aa9ae5917f22af5d6772b3c1b38095469dfc7c92ba39  nss-3.15.3-6.el6_5.i686.rpm
70eebce630134280c4bdef73fa1bb3e516b2a268256cc8aa4bce3757388952ec  nss-devel-3.15.3-6.el6_5.i686.rpm
6017281dc055f29ea81b7f6efa07854552925b06b570eb7b013b293150d3acc2  nss-pkcs11-devel-3.15.3-6.el6_5.i686.rpm
340e367a0e67787cf4491770b15830f5eddef223633c59dc774146f107d129ab  nss-sysinit-3.15.3-6.el6_5.i686.rpm
681e59d442c114390f28b3f0ef289427ecc0f1607dc5f11fbabe05e95df034cf  nss-tools-3.15.3-6.el6_5.i686.rpm

x86_64:
310b1aeb6a141060d8d5aa9ae5917f22af5d6772b3c1b38095469dfc7c92ba39  nss-3.15.3-6.el6_5.i686.rpm
40f8a4da558a0040ed9cf85ad4e3c93b2fec47360b95b0b134c4635b7b986635  nss-3.15.3-6.el6_5.x86_64.rpm
70eebce630134280c4bdef73fa1bb3e516b2a268256cc8aa4bce3757388952ec  nss-devel-3.15.3-6.el6_5.i686.rpm
0d12c2cc1b8d78bb0c9124d9afdb4eeabf56651fe5c079703aaf9e4ebfeae517  nss-devel-3.15.3-6.el6_5.x86_64.rpm
6017281dc055f29ea81b7f6efa07854552925b06b570eb7b013b293150d3acc2  nss-pkcs11-devel-3.15.3-6.el6_5.i686.rpm
733075233b68de52267f1a0deb419028c571097b2e03e7d0470d61eb5ebd1115  nss-pkcs11-devel-3.15.3-6.el6_5.x86_64.rpm
5825c6b6c0565442f17cc125dbe3576b8deacc3d2d37fe18ae16cefa7fb9a4b3  nss-sysinit-3.15.3-6.el6_5.x86_64.rpm
868a02e6cadd7af1f1f10f870e7bf11567193bee559d2c41d4b4f3f84df0c9ed  nss-tools-3.15.3-6.el6_5.x86_64.rpm

Source:
a6b663df279af7dc05d9d57e385adfb8f9610d37ea42480159e3f9742e37081e  nss-3.15.3-6.el6_5.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net



------------------------------

Message: 2
Date: Wed, 12 Feb 2014 04:44:55 +0000
From: Johnny Hughes <johnny at centos.org>
Subject: [CentOS-announce] CESA-2014:0159 Important CentOS 6 kernel
	Update
To: centos-announce at centos.org
Message-ID: <20140212044455.GA12265 at n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2014:0159 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0159.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
ea97a65892db65c6440909e7c1aae72f7a4967dd40acd6b7083efb669675f82e  kernel-2.6.32-431.5.1.el6.i686.rpm
f414c76e5f917e64ec06d58569819668de317f6bdf4fa664319798fc1d9c700b  kernel-abi-whitelists-2.6.32-431.5.1.el6.noarch.rpm
a8cc1be550eb37e7aa87952f47f35d09cff9320d70d0a6ed5d94ebbbdb174814  kernel-debug-2.6.32-431.5.1.el6.i686.rpm
f46b9c2dc6b943b4d8584355af74dce5efd26259b57f430e255bb8043961d168  kernel-debug-devel-2.6.32-431.5.1.el6.i686.rpm
aed0d4d4c5a8a18ac976a6051aa071c6203ff81f33a1b90f4f969cbf268c82fb  kernel-devel-2.6.32-431.5.1.el6.i686.rpm
86b38a37649d74ca4f8b32008c0c4b00fde9a992fbc6173b264e170101f5566c  kernel-doc-2.6.32-431.5.1.el6.noarch.rpm
c60c4e980136fd64f8073323af857c202a61e80a26b39949403f2f5c2ca2dbf6  kernel-firmware-2.6.32-431.5.1.el6.noarch.rpm
06eadc863ceaa33cb1b7d46ca6d752e877a9cbb7084b8a6ba4c924117d4d1eb0  kernel-headers-2.6.32-431.5.1.el6.i686.rpm
27bfc9e2e9d158d55e174ee22d1e4475c56e210528403f57064c455dbca05839  perf-2.6.32-431.5.1.el6.i686.rpm
6ccf0df7199af6008649ba4ebbf24e8f6989246b397d1b67fb14cb845ef965a8  python-perf-2.6.32-431.5.1.el6.i686.rpm

x86_64:
6fb4e540cf0a38a3881671c7097c4f2400986200959a51a5cd811c34c8780343  kernel-2.6.32-431.5.1.el6.x86_64.rpm
f414c76e5f917e64ec06d58569819668de317f6bdf4fa664319798fc1d9c700b  kernel-abi-whitelists-2.6.32-431.5.1.el6.noarch.rpm
422caa7fce83f70f1ce9e0104141d6b4f30cfeb9e54048001cdf5da93f0263d6  kernel-debug-2.6.32-431.5.1.el6.x86_64.rpm
21378f0499d012d533fdaf5701d0096df8dac620395fc243abcae1c2ce1d6a08  kernel-debug-devel-2.6.32-431.5.1.el6.x86_64.rpm
601578e4bc4e13e821fb2706f4ce2be79bb94af7d07ba42bd66afafddd9e50a9  kernel-devel-2.6.32-431.5.1.el6.x86_64.rpm
86b38a37649d74ca4f8b32008c0c4b00fde9a992fbc6173b264e170101f5566c  kernel-doc-2.6.32-431.5.1.el6.noarch.rpm
c60c4e980136fd64f8073323af857c202a61e80a26b39949403f2f5c2ca2dbf6  kernel-firmware-2.6.32-431.5.1.el6.noarch.rpm
d8926d4740630dad9f1837eee89a242a4b59961e7dadbae3c38fa6a9bdbcca30  kernel-headers-2.6.32-431.5.1.el6.x86_64.rpm
6b821263e676e6b802988076d6d002f7ffd6816ad1fcbbabb281423c59882182  perf-2.6.32-431.5.1.el6.x86_64.rpm
bb6c8c891e9893c3c8b8f3802e2317fccfbb0859c53060e97fc184dffd7dd4eb  python-perf-2.6.32-431.5.1.el6.x86_64.rpm

Source:
0139e1b4e74e3305354b5e27bf77f8c5944c20b7fe0e99f353ce69cced17c5a3  kernel-2.6.32-431.5.1.el6.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net



------------------------------

Message: 3
Date: Wed, 12 Feb 2014 05:03:32 +0000
From: Johnny Hughes <johnny at centos.org>
Subject: [CentOS-announce] CESA-2014:X005 Moderate Xen4CentOS kernel
	Security Update
To: CentOS-announce at centos.org
Message-ID: <20140212050332.GA15422 at n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii

CentOS Errata and Security Advisory 2014:X005 (Xen4CentOS)

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

-----------------------------
X86_64
-----------------------------

4d780927c1273021f707954531d4f8363f96001a09101ac3b828c02dcf640fc5 e1000e-2.5.4-3.10.29.2.el6.centos.alt.x86_64.rpm
8665f64a64ba10ff731077eb7a25a1eb282cf46739d9d18383d07da7131833aa kernel-3.10.29-11.el6.centos.alt.x86_64.rpm
e66b9c91d42024a4af3752d557a2e0c8fe4c7f2026f9b4a9eea0a500cfc0da4b kernel-devel-3.10.29-11.el6.centos.alt.x86_64.rpm
ce7481db6e7b8c1bca4a104c8bfcdfaa3e8e2334b7ae430c2246685f61ae2b81 kernel-doc-3.10.29-11.el6.centos.alt.noarch.rpm
f3308009ccd8565b5465b8215676c4267e1112abf726404f0553ffc058b3ea56 kernel-firmware-3.10.29-11.el6.centos.alt.noarch.rpm
c5d1a5429a03f2be7dd14865ef5bd8595e5d2691a4d00b4065cbbddddc0b6d6d kernel-headers-3.10.29-11.el6.centos.alt.x86_64.rpm
9dbd0fecce020f0a2b979500ec56ca2c134b6f7c9885133ce31a5fb811f5cd33 perf-3.10.29-11.el6.centos.alt.x86_64.rpm

-----------------------------
Source:
-----------------------------

daacfa96cd99b7d61e4c020b7c92e2039e8867b0cc0d2c0b8a7ecd9b0d251bcb e1000e-2.5.4-3.10.29.2.el6.centos.alt.src.rpm
447c3e834e97b7c4a4b872663a576eef0a984869f6e2fdb06334301f197c1dfe kernel-3.10.29-11.el6.centos.alt.src.rpm


=====================================================

Kernel Changelog info from the SPEC file:

* Tue Feb 11 2014 Johnny Hughes <johnny at centos.org> - 3.10.29-11
- upgrade to upstream 3.10.29
- addresses CVE-2014-0038 and CVE-2013-6885

e1000e Changelog info from the SPEC file:

* Tue Feb 11 2014 Johnny Hughes <johnny at centos.org> - 2.5.4-3.10.29.2.el6.centos.alt
- build against version 3.10.29 kernel

=====================================================

The following kernel changelogs are available from kernel.org since the previous kernel:

https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.29
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.28

=====================================================

The following security issues are addressed in this update:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0038
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6885

=====================================================

NOTE: You must run /usr/bin/grub-bootxen.sh to update the file
      /boot/grub/grub.conf (or you must update that file manually)
      to boot the new kernel on a dom0 xen machine.  See for info:
      http://wiki.centos.org/HowTos/Xen/Xen4QuickStart
 
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net



------------------------------

Message: 4
Date: Wed, 12 Feb 2014 05:03:53 +0000
From: Johnny Hughes <johnny at centos.org>
Subject: [CentOS-announce] CESA-2014:X004 Moderate Xen4CentOS xen
	Security	Update
To: CentOS-announce at centos.org
Message-ID: <20140212050353.GA15436 at n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii

CentOS Errata and Security Advisory 2014:X004 (Xen4CentOS)

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

-----------------------------
X86_64
-----------------------------

bb6f3ba6c19f731b233c6c0ec338f9b92f418664dc1fd4f31ddc2e3ee2848583 xen-4.2.3-28.el6.centos.alt.x86_64.rpm
e1ba3b17464f8992bc81c861826bb03f1a46f7421872abb138d30317fec5e880 xen-devel-4.2.3-28.el6.centos.alt.x86_64.rpm
b308ef85354cba806ae30a54466f66c95bea81937a9ac4fe58434750f2089d76 xen-doc-4.2.3-28.el6.centos.alt.x86_64.rpm
0bc067a9225953b3034e8adc285e82931be1f61fe832a910391f773bfee75e9e xen-hypervisor-4.2.3-28.el6.centos.alt.x86_64.rpm
96c44ad669efe2c7315f8b2bebec7be559d5557d381cb8015667a494367aaa96 xen-libs-4.2.3-28.el6.centos.alt.x86_64.rpm
b33ef015bab2a1381ed0cba9300313fdbda2c00e0241c93f99025b79820d0b7e xen-licenses-4.2.3-28.el6.centos.alt.x86_64.rpm
89de11af00731b0ad158b544967724c27bc6f43c71f035bb76d3f12b6500577f xen-ocaml-4.2.3-28.el6.centos.alt.x86_64.rpm
9ec958a4bd8c80fcff5121fc30b63874f3854a9a3f81f0a4441c35017f97bd41 xen-ocaml-devel-4.2.3-28.el6.centos.alt.x86_64.rpm
2abf9c625ee014646760bea77c7cd376db73ee4a11a28226004c2fc6f003c3ef xen-runtime-4.2.3-28.el6.centos.alt.x86_64.rpm

-----------------------------
Source:
-----------------------------

252cbc61a5ad6360fdb675d7ba95d09585f9b5cb3af7d68c47229cad7c103bb0 xen-4.2.3-28.el6.centos.alt.src.rpm

=====================================================

xen Changelog info from the SPEC file:

* Tue Feb 11 2014 Johnny Hughes <johnny at centos.org> - 4.2.3-28.el6.centos
- Roll in Patches 153, 154, and 155
  XSA-84 (CVE-2014-1891, CVE-2014-1892, CVE-2014-1893, CVE-2014-1894)
  XSA-85 (CVE-2014-1894), XSA-86 (CVE-2014-1896)



=====================================================

The following XSA info is available from the Xen site 

http://xenbits.xen.org/xsa/advisory-84.html
http://xenbits.xen.org/xsa/advisory-85.html
http://xenbits.xen.org/xsa/advisory-86.html

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net



------------------------------

_______________________________________________
CentOS-announce mailing list
CentOS-announce at centos.org
http://lists.centos.org/mailman/listinfo/centos-announce


End of CentOS-announce Digest, Vol 108, Issue 7
***********************************************