[CentOS] CentOS-announce Digest, Vol 116, Issue 10

Fri Oct 17 12:00:02 UTC 2014

Send CentOS-announce mailing list submissions to
	centos-announce at centos.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
	centos-announce-request at centos.org

You can reach the person managing the list at
	centos-announce-owner at centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."

Today's Topics:

   1. CESA-2014:1653 Moderate CentOS 5 openssl Security	Update
      (Johnny Hughes)
   2. CEEA-2014:1649 CentOS 7 kpatch Enhancement Update (Johnny Hughes)
   3. CESA-2014:1652 Important CentOS 7 openssl	Security Update
      (Johnny Hughes)
   4. CESA-2014:1653 Moderate CentOS 5 openssl Security	Update
      (Johnny Hughes)
   5. CESA-2014:1652 Important CentOS 6 openssl	Security Update
      (Johnny Hughes)

----------------------------------------------------------------------

Message: 1
Date: Thu, 16 Oct 2014 15:21:39 +0000
From: Johnny Hughes <johnny at centos.org>
To: centos-announce at centos.org
Subject: [CentOS-announce] CESA-2014:1653 Moderate CentOS 5 openssl
	Security	Update
Message-ID: <20141016152139.GA19436 at chakra.karan.org>
Content-Type: text/plain; charset=us-ascii

CentOS Errata and Security Advisory 2014:1653 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1653.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
0c3787137a7d1a0402612833b173693910eb27f79e0c4f8cedf6185b4f7141f9  openssl-0.9.8e-31.el5_11.i386.rpm
5ef64e16dd1349a254a96e91cfdfdd6215fb9daa846360d2efff515bbb6a56b8  openssl-devel-0.9.8e-31.el5_11.i386.rpm
b98e5df6d59eddee85d544ca35bf0b7ca469a4c7032138465189c4c7bc27e5e6  openssl-perl-0.9.8e-31.el5_11.i386.rpm

x86_64:
85ee93123052e86fd4204694e3ac52fad6797b3f7009d8bce8e1f908bfed5352  openssl-0.9.8e-31.el5_11.x86_64.rpm
5ef64e16dd1349a254a96e91cfdfdd6215fb9daa846360d2efff515bbb6a56b8  openssl-devel-0.9.8e-31.el5_11.i386.rpm
11362d4d6755f5e33609a8adf6fbd0002f1343e72cd5e06ddbf2c8e99cf0d514  openssl-devel-0.9.8e-31.el5_11.x86_64.rpm
4aa6b35c036489a83a193ceb26fea4d1b5da93e7fddc08245fe59ffde0d7f509  openssl-perl-0.9.8e-31.el5_11.x86_64.rpm

Source:
1741388be54beb7176f7b5d90a3ddd1be99e1fcd5296725f4999c446a30c35c5  openssl-0.9.8e-31.el5_11.src.rpm

-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net

------------------------------

Message: 2
Date: Thu, 16 Oct 2014 16:22:22 +0000
From: Johnny Hughes <johnny at centos.org>
To: centos-announce at centos.org
Subject: [CentOS-announce] CEEA-2014:1649 CentOS 7 kpatch Enhancement
	Update
Message-ID: <20141016162222.GA58256 at n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii

CentOS Errata and Enhancement Advisory 2014:1649 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-1649.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
51d8cfeb1a49efd3d778fcbf00537076b2d68f6ebcd0098fa174cd885c29dc6a  kpatch-0.1.10-3.el7_0.noarch.rpm

Source:
4d7cb8146fc0433167cd8e18f439d3b3cf7748649ce21b509b501fd46cc45c58  kpatch-0.1.10-3.el7_0.src.rpm

-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net

------------------------------

Message: 3
Date: Thu, 16 Oct 2014 16:22:42 +0000
From: Johnny Hughes <johnny at centos.org>
To: centos-announce at centos.org
Subject: [CentOS-announce] CESA-2014:1652 Important CentOS 7 openssl
	Security Update
Message-ID: <20141016162242.GA58353 at n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii

CentOS Errata and Security Advisory 2014:1652 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1652.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
982ba4376041d2d99d4b84dc05fbeac6b925777aa34d631aceeedb598bb98413  openssl-1.0.1e-34.el7_0.6.x86_64.rpm
426ba8dc7ac74f8b71f7965ec2e6e6b398ab466dc892394e8d1d5bd80ca4a4e6  openssl-devel-1.0.1e-34.el7_0.6.i686.rpm
7fdf24148ed86f0abb2618d92741d5c8f0769de6136b4ed9df2a60b8c795abe3  openssl-devel-1.0.1e-34.el7_0.6.x86_64.rpm
ebc0fc79108a67efd64da36669c90865b4a75a38b4c07a5316078edd98b65da9  openssl-libs-1.0.1e-34.el7_0.6.i686.rpm
5d0607c487922602ae315f62d9d3c0eb8ca76a65c288e6c8fc61f688dad59593  openssl-libs-1.0.1e-34.el7_0.6.x86_64.rpm
4b092081206a1140a5d2901c2f5513c8155ec2b57a05cafdd6c9011ccdde78f5  openssl-perl-1.0.1e-34.el7_0.6.x86_64.rpm
d664f61543bb84773467300c726d870700584f5af616df7a9f29922822773dd8  openssl-static-1.0.1e-34.el7_0.6.i686.rpm
c57075f8c198ec81db1936eb2dea8ff210de317f76047ffa601eefd8230d3bae  openssl-static-1.0.1e-34.el7_0.6.x86_64.rpm

Source:
6638e94c18b6961748e7986823b7115d852b25883ccff03ec89a16234cbca517  openssl-1.0.1e-34.el7_0.6.src.rpm

-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net

------------------------------

Message: 4
Date: Thu, 16 Oct 2014 17:53:19 +0000
From: Johnny Hughes <johnny at centos.org>
To: centos-announce at centos.org
Subject: [CentOS-announce] CESA-2014:1653 Moderate CentOS 5 openssl
	Security	Update
Message-ID: <20141016175319.GA26372 at chakra.karan.org>
Content-Type: text/plain; charset=us-ascii

CentOS Errata and Security Advisory 2014:1653 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1653.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
0f38fea6d167a87276c20f5a4d56c2f41faf7fc08d9c76e28329ecadbe0de51f  openssl-0.9.8e-31.el5_11.i386.rpm
c9660117d38961e5388d2fd72b0a68816b2047dc828a7438b0f6a4c74da4f27b  openssl-0.9.8e-31.el5_11.i686.rpm
6244227177fb88cf9db43d1ffe086014c5786f8764c1d161d7ff5c0e4b4bcb78  openssl-devel-0.9.8e-31.el5_11.i386.rpm
33e546cd8897b47e2ddf836f07ad103a2ebb2f4282cd32c7b730d39ab462b67b  openssl-perl-0.9.8e-31.el5_11.i386.rpm

x86_64:
c9660117d38961e5388d2fd72b0a68816b2047dc828a7438b0f6a4c74da4f27b  openssl-0.9.8e-31.el5_11.i686.rpm
802ed9a049e7ae8c417c2bb108348cc9bd132698e805aa68795862276a320493  openssl-0.9.8e-31.el5_11.x86_64.rpm
6244227177fb88cf9db43d1ffe086014c5786f8764c1d161d7ff5c0e4b4bcb78  openssl-devel-0.9.8e-31.el5_11.i386.rpm
70cc0ab04b906816a2b8db05603c96fb709cb45473b116c73da1e5569295672b  openssl-devel-0.9.8e-31.el5_11.x86_64.rpm
cd7303f6689aac1013530cc766a70b6fdae56dc3b87960ecdec567ed68bfb168  openssl-perl-0.9.8e-31.el5_11.x86_64.rpm

Source:
2d15a9cccc5453a329e53986061386de39e6e512af147b84354c3473b39a957b  openssl-0.9.8e-31.el5_11.src.rpm

-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net

------------------------------

Message: 5
Date: Thu, 16 Oct 2014 20:48:09 +0000
From: Johnny Hughes <johnny at centos.org>
To: centos-announce at centos.org
Subject: [CentOS-announce] CESA-2014:1652 Important CentOS 6 openssl
	Security Update
Message-ID: <20141016204809.GA19739 at n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii

CentOS Errata and Security Advisory 2014:1652 

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

-----------------------------
i386
-----------------------------

5898ac3179dfdd904c352badd79b6f5ec702315f4bc7b8989de8f114304fbd78 openssl-1.0.1e-30.el6_5.2.i686.rpm
dcc5d47340d69f53af592a92282df89ef3bd4705ce34f4a57a93d211e93cfd7d openssl-devel-1.0.1e-30.el6_5.2.i686.rpm
dc42eb136b3cfef78d590d4ab29d36e5e5951bc9433d20d5ca633033d960a00d openssl-perl-1.0.1e-30.el6_5.2.i686.rpm
95e67f00f7d58348e5f0df6ac74d7baecb9d5fc214d58ad257a14bec353219a3 openssl-static-1.0.1e-30.el6_5.2.i686.rpm

-----------------------------
X86_64
-----------------------------

5898ac3179dfdd904c352badd79b6f5ec702315f4bc7b8989de8f114304fbd78 openssl-1.0.1e-30.el6_5.2.i686.rpm
17bfdb52afcb2ebaa16875819b9d8d2f3dc84eb061ee3e194da14e286bc76029 openssl-1.0.1e-30.el6_5.2.x86_64.rpm
dcc5d47340d69f53af592a92282df89ef3bd4705ce34f4a57a93d211e93cfd7d openssl-devel-1.0.1e-30.el6_5.2.i686.rpm
7c390aab888c07887fc783686f42216711665738e58c2b23029748292dd0f96d openssl-devel-1.0.1e-30.el6_5.2.x86_64.rpm
dfdcf88163743d5f4fda06a69cba00b822b73ba66aa5841faf8c0e9841b91bcb openssl-perl-1.0.1e-30.el6_5.2.x86_64.rpm
0f8cc0615d96d4d7e74b5ffc109143873510406dbb6be679d4ab94bd4f731cdb openssl-static-1.0.1e-30.el6_5.2.x86_64.rpm

-----------------------------
Source:
-----------------------------

1a1c3ed0d8eb5775d89b726e7f19ff2d8b52b7ef27f6e36260e83ffc40328460 openssl-1.0.1e-30.el6_5.2.src.rpm

=====================================================

The following upstream security issues are addressed in this update:

https://rhn.redhat.com/errata/RHSA-2014-1652.html

=====================================================

NOTE: This update is released into the CentOS-6.5 tree and has a .el6_5 dist
tag, *NOT* the .el6_6 dist tag that Red Hat used for RHEL in the link above.

This update was built against 'CentOS-6.5 + updates' and that is where it is
intended to be used.

The CentOS team will build and release a openssl-1.0.1e-30.el6_6.2.src.rpm as
a zero day update to CentOS-6.6 when that is released as we are currently
building CentOS-6.6 from the released Red Hat Enterprise Linux sources.

Please also note that even after installing this update, further action is
required to mitigate the POODLE issue on CentOS-6. Please see this link for
steps to take and ways to test for both the POODLE and TLS_FALLBACK_SCSV issues.

http://wiki.centos.org/Security/POODLE

--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net

------------------------------

_______________________________________________
CentOS-announce mailing list
CentOS-announce at centos.org
http://lists.centos.org/mailman/listinfo/centos-announce

End of CentOS-announce Digest, Vol 116, Issue 10
************************************************