centos-announce-request at centos.org
2014-Oct-02 12:00 UTC
[CentOS] CentOS-announce Digest, Vol 116, Issue 2
Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2014:X010 Moderate xen Xen4CentOS Security Update (Johnny Hughes) 2. CESA-2014:X011 Moderate kernel Xen4CentOS Security Update (Johnny Hughes) 3. CESA-2014:X012 Moderate libvirt Xen4CentOS Security Update (Johnny Hughes) 4. CESA-2014:X013 Important xen Xen4CentOS Security Update (Johnny Hughes) 5. CEBA-2014:1334 CentOS 7 xz FASTTRACK BugFix Update (Johnny Hughes) ---------------------------------------------------------------------- Message: 1 Date: Wed, 1 Oct 2014 12:07:48 +0000 From: Johnny Hughes <johnny at centos.org> To: centos-announce at centos.org Subject: [CentOS-announce] CESA-2014:X010 Moderate xen Xen4CentOS Security Update Message-ID: <20141001120748.GA5455 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:X010 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- f5a30e6c7c17a391dfc218cce2c2ca52dba4bf61d6c2d664faecda673d72fdea xen-4.2.5-33.el6.centos.alt.x86_64.rpm 993a2d96e1444b4ead48ddb2e04c0dbd96e0ddeffd388c81ef5496c5edc627cc xen-debuginfo-4.2.5-33.el6.centos.alt.x86_64.rpm 8ea623bd210e4b01e99de1e13a12bfad209238feaed9c540ea2fe84d0c09dbaf xen-devel-4.2.5-33.el6.centos.alt.x86_64.rpm 29f2053460161edb3a93e1f4902a817196b9de9ed800e73ca26ac5a8c9aa1946 xen-doc-4.2.5-33.el6.centos.alt.x86_64.rpm b194d1ef94332bd3ee4d5e60190764e244809e270ab0ad506128cdd57ded09f6 xen-hypervisor-4.2.5-33.el6.centos.alt.x86_64.rpm 2d89359ac8ad6b9f853cd9e55b0c6ce6bb740295273157689544f8a4eeacbcf0 xen-libs-4.2.5-33.el6.centos.alt.x86_64.rpm bca6d03a749e531fce006d571847ab2077e2283c0350012f3e2135e26c3a38b3 xen-licenses-4.2.5-33.el6.centos.alt.x86_64.rpm 13ccd1ba3d1af1a68e63c930663bd7afe2b3c635dba58183c076f9c3cd6c3a5a xen-ocaml-4.2.5-33.el6.centos.alt.x86_64.rpm fbb2c5d49177333b0f8fb578ad38de824cba1dc2a2de2364ad1763bb20ab25c9 xen-ocaml-devel-4.2.5-33.el6.centos.alt.x86_64.rpm 2683887a4c4a1f98e0b9479d9587ab5ec7d0ea382538fea4be8c5a92f12c6f61 xen-runtime-4.2.5-33.el6.centos.alt.x86_64.rpm ----------------------------- Source: ----------------------------- f11fbc39bf07f06834fc05e81d3f3b4d916dc5a1ee5aaec6d048041d62cd5aae xen-4.2.5-33.el6.centos.alt.src.rpm ==================================================== xen Changelog info from the SPEC file: * Fri Sep 26 2014 Johnny Hughes <johnny at centos.org> - 4.2.5-33.el6.centos - upgrade to upstream Xen version 4.2.5 - removed patches that are already part of 4.2.5 - Added Patch205 (XSA-97, CVE-2014-5146,CVE-2014-5149) - Added Patch206 (XSA-104, CVE-2014-7154) - Added Patch207 (XSA-105, CVE-2014-7155) - Added Patch208 (XSA-106, CVE-2014-7156) ====================================================The following informaion is available for Xen 4.2.5 from XenProject.org: http://bit.ly/1mABNPg ==================================================== The following Release info is available from the Xen site regarding XSAs: http://xenbits.xen.org/xsa/advisory-97.html http://xenbits.xen.org/xsa/advisory-104.html http://xenbits.xen.org/xsa/advisory-105.html http://xenbits.xen.org/xsa/advisory-106.html -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 2 Date: Wed, 1 Oct 2014 12:08:01 +0000 From: Johnny Hughes <johnny at centos.org> To: centos-announce at centos.org Subject: [CentOS-announce] CESA-2014:X011 Moderate kernel Xen4CentOS Security Update Message-ID: <20141001120801.GA5470 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:X011 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 0ca23e081ddc488aa22b357fd2ad46b26526424f4613f5af7254bcbdcbcf1474 e1000e-2.5.4-3.10.55.2.el6.centos.alt.x86_64.rpm 2699989af4721eaef6615cda9fc3eaa92335e8e9f07bd635f50d0aa69ab6e7bf kernel-3.10.55-11.el6.centos.alt.x86_64.rpm 7339e016f40eb353feee27ff95ab9636f18b0a27087248da5e7bccd5d76dc69c kernel-devel-3.10.55-11.el6.centos.alt.x86_64.rpm 88759f4fa62f62469864d4c4c634903fe8731fb3e4ad93b0091b8aaad47c8493 kernel-doc-3.10.55-11.el6.centos.alt.noarch.rpm fc3fcb15f42a98e7c20fc0ed71deaf44f289cebc6b4c69f8f216aad5860ee3d4 kernel-firmware-3.10.55-11.el6.centos.alt.noarch.rpm f3719c6d0cbf6b9d2c28667de1ed5e067317d4835877c486cb10231c41af5b8c kernel-headers-3.10.55-11.el6.centos.alt.x86_64.rpm a5f0586ce5ac4c26904ea21a3e5ffe166ca2014dfde0fbf940cdd3aa5f3c1fd6 perf-3.10.55-11.el6.centos.alt.x86_64.rpm ----------------------------- Source: ----------------------------- c6441ca87bfca69505b42b82d126e3b51db25361895e15215658fe15765bff13 e1000e-2.5.4-3.10.55.2.el6.centos.alt.src.rpm fe4226dea73a76754332118ff7bca149f2303f7421dd3908b5e0d906eccb0b38 kernel-3.10.55-11.el6.centos.alt.src.rpm ==================================================== Kernel Changelog info from the SPEC file: * Fri Sep 24 2014 Johnny Hughes <johnny at centos.org> - 3.10.55-11 - upgraded to upstream 3.10.55 e1000e Changelog info from the SPEC file: * Fri Sep 26 2014 Johnny Hughes <johnny at centos.org> - 2.5.4-3.10.55.2.el6.centos.alt - build against version 3.10.55 kernel ==================================================== The following kernel changelogs are available from kernel.org since the previous kernel: https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.44 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.45 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.46 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.47 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.48 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.49 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.50 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.51 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.52 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.53 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.54 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.55 ==================================================== The following security issues are addressed in this update: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0181 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0206 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3534 * http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3601 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4014 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4171 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4508 * Applicable to s390 arch only, NA for x86_64 ==================================================== NOTE: You must run /usr/bin/grub-bootxen.sh to update the file /boot/grub/grub.conf (or you must update that file manually) to boot the new kernel on a dom0 xen machine. See for info: http://wiki.centos.org/HowTos/Xen/Xen4QuickStart -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 3 Date: Wed, 1 Oct 2014 12:08:15 +0000 From: Johnny Hughes <johnny at centos.org> To: centos-announce at centos.org Subject: [CentOS-announce] CESA-2014:X012 Moderate libvirt Xen4CentOS Security Update Message-ID: <20141001120815.GA5476 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:X012 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 6d3e7f3a8d393ffae6de4839da785c7102552c7880907b068d0869798cdd50fb libvirt-0.10.2.8-8.el6.centos.alt.x86_64.rpm 902819490821d9f6759d6e610317f1b1675856f4de47725ce01ed3fdb6c1e1b2 libvirt-client-0.10.2.8-8.el6.centos.alt.x86_64.rpm 1d9e492c4b4f78a67be4d149f1108faccccfb29be52cb40a8c348d644658cce7 libvirt-daemon-0.10.2.8-8.el6.centos.alt.x86_64.rpm 59860e8ebbdeacefc798830e0636756bf41fb67d3f106a1975ad8e6e927e4039 libvirt-daemon-config-network-0.10.2.8-8.el6.centos.alt.x86_64.rpm 35a87cdb65f857287354c9032f761e7d0c6cad3d4cf86202de6644c00eaea405 libvirt-daemon-config-nwfilter-0.10.2.8-8.el6.centos.alt.x86_64.rpm 0eb8be5a15cedd823cb8c1b2da525adb7d7a3d16a02db70620f64381c7297135 libvirt-daemon-driver-interface-0.10.2.8-8.el6.centos.alt.x86_64.rpm 8d2b45c5c63dd30194ede6c25b09771b62a1d592a6015465d87205e25de778f8 libvirt-daemon-driver-libxl-0.10.2.8-8.el6.centos.alt.x86_64.rpm a09fce98bd35c27af511a97e99bee636b05fbb63ccf435f8449793e27a017e22 libvirt-daemon-driver-lxc-0.10.2.8-8.el6.centos.alt.x86_64.rpm c23c059fb09bcb488ba7fead18d25bbd8927509842c256e7ee24f303c8d274fd libvirt-daemon-driver-network-0.10.2.8-8.el6.centos.alt.x86_64.rpm e09d8ef08dcaecf7d385ec6c033380449d9f79ce75ed3dbe2eaffc2f7dc21899 libvirt-daemon-driver-nodedev-0.10.2.8-8.el6.centos.alt.x86_64.rpm f10d0f38bdf90f6495fa8cb6a5b5d618099ff6ff1ea44122c05efda10834b0ea libvirt-daemon-driver-nwfilter-0.10.2.8-8.el6.centos.alt.x86_64.rpm 1d1f9dcee7aabdaa279c625e56c438c00cafa835196f6a40bd8aeec29f404d6b libvirt-daemon-driver-qemu-0.10.2.8-8.el6.centos.alt.x86_64.rpm 79369b437127406c419f68dfe2672775b03e4350cce7027f83c06f3e3c2e13a7 libvirt-daemon-driver-secret-0.10.2.8-8.el6.centos.alt.x86_64.rpm ff7ee9a3143860d0be2f38ff7009027b266ac924188558a9b278fe86925a5994 libvirt-daemon-driver-storage-0.10.2.8-8.el6.centos.alt.x86_64.rpm 538c5d84925dea50dae206cb0ac076b2857c4786fa765a6d8026e2667780d33c libvirt-daemon-driver-xen-0.10.2.8-8.el6.centos.alt.x86_64.rpm 57d5eefe9d908d3b72019294df425952c32b64de334d35e03cfc65bd8ace4df5 libvirt-daemon-kvm-0.10.2.8-8.el6.centos.alt.x86_64.rpm 4b06fd1ce1718e0ba1cd64623c691bb29fe5be4cce77b2667449d69df8be76c6 libvirt-daemon-lxc-0.10.2.8-8.el6.centos.alt.x86_64.rpm 79cad5f6987a4a639eef61284847f3d676c4eaa0986d0c85973e2b77a82bc25b libvirt-daemon-xen-0.10.2.8-8.el6.centos.alt.x86_64.rpm fbb04fb9dae9d3645cf736e14de32011b5d8786490944edad532abc7522921ac libvirt-debuginfo-0.10.2.8-8.el6.centos.alt.x86_64.rpm d0a516d2b9043548d998cac2b6dd46f73c420d18c79680219c2db1b3b9063ceb libvirt-devel-0.10.2.8-8.el6.centos.alt.x86_64.rpm 2313676451f52684f8fef627a0062cad04c6a00f523bec3c7d13c0c1067e55a0 libvirt-docs-0.10.2.8-8.el6.centos.alt.x86_64.rpm 625f53461d147e76f1a6b1f879e745af321333a42ebc035343e19fb401abf34b libvirt-lock-sanlock-0.10.2.8-8.el6.centos.alt.x86_64.rpm 4b5c5b760888e3cdb9fb5a5ae98af91751becae8647d4f3f1ecf4b82445da2a5 libvirt-python-0.10.2.8-8.el6.centos.alt.x86_64.rpm ----------------------------- Source: ----------------------------- 19d0268125091780a865cbdfed2dfb7142f75417742fe85db939cac49fb246e9 libvirt-0.10.2.8-8.el6.centos.alt.src.rpm ==================================================== libvirt Changelog info from the SPEC file: * Fri Sep 26 2014 Johnny Hughes <johnny at centos.org> 0.10.2.8-8.el6.centos.alt - added in patches 417-420 from the 0.10.2-maint branch at libvirt.org - patch 420 is for CVE-2014-3633 ==================================================== The following security issues are addressed in this update: https://access.redhat.com/security/cve/CVE-2014-3633 ==================================================== -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 4 Date: Wed, 1 Oct 2014 12:08:23 +0000 From: Johnny Hughes <johnny at centos.org> To: centos-announce at centos.org Subject: [CentOS-announce] CESA-2014:X013 Important xen Xen4CentOS Security Update Message-ID: <20141001120823.GA5482 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2014:X013 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 7bdc9b1e50859e38f1a87d58c79b53d3fc428d102c3b7a1645c07e576927407c xen-4.2.5-34.el6.centos.alt.x86_64.rpm ae27e1c510701c53459a61573a2f0cbcc06d543ddb995bcc35bc1f66f2e34298 xen-debuginfo-4.2.5-34.el6.centos.alt.x86_64.rpm 8a054f6de1d5c558546936bf90c0b4a9298a2b884c159018c1d4bfa14ac7c80d xen-devel-4.2.5-34.el6.centos.alt.x86_64.rpm 4363e339fa39e4b1b09d2beceb5d50e218dca4ef2a44520763f7eb7d73e8493a xen-doc-4.2.5-34.el6.centos.alt.x86_64.rpm e84a36c1d483aedd758ebcb17a557748bc148b2685e4aa182888a171fa6952cc xen-hypervisor-4.2.5-34.el6.centos.alt.x86_64.rpm b5cce0368cfa87df7744c81b0a3f76227a65d9aca27f8e27e0bd019e87e82103 xen-libs-4.2.5-34.el6.centos.alt.x86_64.rpm 4f3facba07e91ed5a1c5d1f2cc0db304d18ec9b09c18230e43ad73e82819a148 xen-licenses-4.2.5-34.el6.centos.alt.x86_64.rpm 6f6922cc7f842bc20652b8b8645bda61c14e62934113b4ed958527d045a1bbdb xen-ocaml-4.2.5-34.el6.centos.alt.x86_64.rpm 9513992c084c13f4050a09fc4fe83ec3ccdd8820ac999701205389cb3fdad5b6 xen-ocaml-devel-4.2.5-34.el6.centos.alt.x86_64.rpm 99faa9057ebd0d608971169c87f50038c7dfcceb540551f05a556ed16f873c56 xen-runtime-4.2.5-34.el6.centos.alt.x86_64.rpm ----------------------------- Source: ----------------------------- 16de798571224461ea2dff22c1329f1299dc6b274d21471c299f510983894468 xen-4.2.5-34.el6.centos.alt.src.rpm ==================================================== xen Changelog info from the SPEC file: * Wed Oct 01 2014 Johnny Hughes <johnny at centos.org> - 4.2.5-34.el6.centos - Roll in Patch209 (XSA-108, CVE-2014-7188) ==================================================== The following Release info is available from the Xen site regarding XSAs: http://xenbits.xen.org/xsa/advisory-108.html -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ Message: 5 Date: Wed, 1 Oct 2014 13:26:23 +0000 From: Johnny Hughes <johnny at centos.org> To: centos-announce at centos.org Subject: [CentOS-announce] CEBA-2014:1334 CentOS 7 xz FASTTRACK BugFix Update Message-ID: <20141001132623.GA25624 at n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Bugfix Advisory 2014:1334 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1334.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: a0079faa6e0cd1829fdd43da437d6673aa1e6f4f1310e8452c1f7cd7e29668e6 xz-5.1.2-9alpha.el7.x86_64.rpm d4e97054a812beccffb9f5d81d8b05a9733dbcfd02708cf195deb49820595a6b xz-compat-libs-5.1.2-9alpha.el7.i686.rpm b455939a21d7df36de4666748e0b2f6f73ee77b99e9733d01f1a8c50ed58f79b xz-compat-libs-5.1.2-9alpha.el7.x86_64.rpm 05dd562e539ede1cae01c7d936fd9d16f8047b021a951de42fef0109bbaf02b6 xz-devel-5.1.2-9alpha.el7.i686.rpm 9d040dba58abe0e5ef8789f7e55295ed835fff3bf5b32d03554e22e78fa77157 xz-devel-5.1.2-9alpha.el7.x86_64.rpm 83aebf197819eb248b5c2bbb96a61e511924e472360eb7dff6d39af740149ecb xz-libs-5.1.2-9alpha.el7.i686.rpm e778ea132c925e46d093c01ffbb37395d9f800da00b2a96973545b3edbe28352 xz-libs-5.1.2-9alpha.el7.x86_64.rpm 79be81ad52214b3a4ff33047c62330b8fce438adc1b819d9f45d77783034ea7c xz-lzma-compat-5.1.2-9alpha.el7.x86_64.rpm Source: 7865e0bfbe79a0df2504a4c2d35cc9dd1d546c952884cac149b5f2741bba4817 xz-5.1.2-9alpha.el7.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos at irc.freenode.net ------------------------------ _______________________________________________ CentOS-announce mailing list CentOS-announce at centos.org http://lists.centos.org/mailman/listinfo/centos-announce End of CentOS-announce Digest, Vol 116, Issue 2 ***********************************************