similar to: CVE-2012-2122 ()

On 17/02/16 13:01, Johnny Hughes wrote: > I normally just let the daily announce post to this list show what > is available for updates, but there is a CVE (CVE-2015-7547) that > needs a bit more attention which will be on today's announce list > of updates. > > We released a new glibc yesterday for CentOS-6 and CentOS-7 .. it > is VERY important that all users update to

On 2/17/2016 8:01 AM, Johnny Hughes wrote: > I normally just let the daily announce post to this list show what is > available for updates, but there is a CVE (CVE-2015-7547) that needs a > bit more attention which will be on today's announce list of updates. > > We released a new glibc yesterday for CentOS-6 and CentOS-7 .. it is > VERY important that all users update to

I normally just let the daily announce post to this list show what is available for updates, but there is a CVE (CVE-2015-7547) that needs a bit more attention which will be on today's announce list of updates. We released a new glibc yesterday for CentOS-6 and CentOS-7 .. it is VERY important that all users update to these versions: This update is rated as Critical by Red Hat, meaning that

Dear NUT users, I recently came across a MAJOR potential flaw in the network server (upsd), that results, when exploited, in a crash of this server [1] This is the first security flaw in this software, since it's very beginning (~15 years)! It is still potential, and not actual, since Sebastian's report is a first-timer. But it should be very seriously considered, and you should take all

If you are using Bind as your caching name server, please take note. http://www.net-security.org/secworld.php?id=5366 I use DJB's dnscache so I could care less.

Lest anyone think STARTTLS MITM doesn't happen, https://threatpost.com/eff-calls-out-isps-modifying-starttls-encryption-commands/109325/3/ Not only for security, I prefer port 993/995 as it's just plain simpler to initiate SSL from the get-go rather than to do some handshaking that gets you to the same point. Joseph Tam <jtam.home at gmail.com>

I think there is nothing FreeBSD can do about this besides making sure our users are aware of it. The situation in which this is a problem is specific but one you should consider if you are using TLS with compression. TLS 1.2 and earlier are vulnerable to an attack commonly known as CRIME. The attack involves TLS sessions using compression where an attacker is able to inject known plaintext into

According to arstechnica, <http://arstechnica.com/reviews/games/forever.ars>Duke Nukem Forever has been ported to Ruby on Rails and is now rendered with some kind of magic mishmash of svg-canvas and ajax! This truely is an example of the incredible power of a web browser. Any hope for getting Mr. Fowler to add a Recipe for this type of thing in his new book? ;) -------------- next part

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

Dear Sir/s, Can a crashed centos system be restore to its previous state before it crash? And if so, can you please tell me how to do it? Thanks, your help is very much appreciated. ----- Original Message ----- From: "Richard" <lists-centos at listmail.innovate.net> To: "CentOS mailing list" <centos at centos.org> Sent: Tuesday, November 1, 2016 5:05:59 PM

I see there's a release today or so from Oracle of a new zero-day vulnerability. Any idea how soon we'll have an update? <https://threatpost.com/en_us/blogs/oracle-rushes-emergency-java-update-patch-mcrat-vulnerabilities-030413> mark

RedHat and Centos 4.x can be explored by this flaw? -----Mensagem original----- De: centos-bounces at centos.org [mailto:centos-bounces at centos.org] Em nome de Valeri Galtsev Enviada em: sexta-feira, 28 de outubro de 2016 12:50 Para: CentOS mailing list <centos at centos.org> Assunto: Re: [CentOS] CVE-2016-5195 ???DirtyCOW???: Critical Linux Kernel Flaw On Fri, October 28, 2016 9:43

In article <5818CD31.4050008 at moving-picture.com>, James Pearson <james-p at moving-picture.com> wrote: > Leonardo Oliveira Ortiz wrote: > > RedHat and Centos 4.x can be explored by this flaw? > > See: > > https://access.redhat.com/security/cve/cve-2016-5195 In other words, no: RHEL 4 and CentOS4 are not affected by this flaw. Tony -- Tony Mountifield

> Date: Tuesday, November 01, 2016 18:49:56 -0500 > From: Valeri Galtsev <galtsev at kicp.uchicago.edu> > > On Tue, November 1, 2016 6:25 pm, Tony Mountifield wrote: >> In article <5818CD31.4050008 at moving-picture.com>, >> James Pearson <james-p at moving-picture.com> wrote: >>> Leonardo Oliveira Ortiz wrote: >>> > RedHat and Centos

I'm old school. If it works... On Sun, May 10, 2015 at 2:17 PM, Tim Dunphy <bluethundr at gmail.com> wrote: > Hi Earl, > > >I think I found your problem, you do not have the correct package > installed > > >[root at c7-db1 ~]# rpm -qa | grep maria > >mariadb-libs-5.5.41-2.el7_0.x86_64 > >mariadb-server-5.5.41-2.el7_0.x86_64 >

I am building a Dockerfile and I am setting up MariaDB repos as follow: # Setup MariaDB repos RUN touch /etc/yum.repos.d/MariaDB.repo I should write this inside the MariaDB.repo file: [mariadb] name = MariaDB baseurl = http://yum.mariadb.org/5.5/centos6-amd64 gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB gpgcheck=1 What's the right way to do this? The one below? echo

On Tue, November 1, 2016 6:25 pm, Tony Mountifield wrote: > In article <5818CD31.4050008 at moving-picture.com>, > James Pearson <james-p at moving-picture.com> wrote: >> Leonardo Oliveira Ortiz wrote: >> > RedHat and Centos 4.x can be explored by this flaw? >> >> See: >> >> https://access.redhat.com/security/cve/cve-2016-5195 > > In

Hi all, I have tried to install MySQL package but get next: [kim at forge tools]$ sudo yum install mysql [sudo] password for kim: Loaded plugins: fastestmirror, rhnplugin This system is receiving updates from RHN Classic or Red Hat Satellite. Loading mirror speeds from cached hostfile * base: cosmos.cites.illinois.edu * epel: mirrors.syringanetworks.net * extras: mirror.acsnet.com *

Hi Earl, >I think I found your problem, you do not have the correct package installed >[root at c7-db1 ~]# rpm -qa | grep maria >mariadb-libs-5.5.41-2.el7_0.x86_64 >mariadb-server-5.5.41-2.el7_0.x86_64 >mariadb-5.5.41-2.el7_0.x86_64 >[root at c7-db1 ~]# >Install the mariadb-x package and you should be able to start the service Thanks. While I could go with mariadb 5, the

At 09:36 AM 9/23/2016, you wrote: >On 2016-09-22 18:07, david wrote: > > Folks > > > > I'm having problems installing Mariadb in Centos 7. > > > > > > Here's what I did: > > > > 0) Become root > > 1) Make sure that mariadb and mysql are NOT installed. > > 2) Delete residual libs > > rm -rf /var/lib/mysq* >