search for: 5715

...758) Verify that report events are correctly created de85f8d Prep work for #5758: set audited=true on all audit events e162da9 Prep work for #5758: clean up initializer for Puppet::Transaction::Event 06a8d1e Fix #5698 puppet inspect shouldn''t report of attributes of deleted files 1f72c31 (#5715) Added attributes resource_type and title to Puppet::Resource::Status. a6cd736 (#5715) Removed attribute source_description from the YAML representation of Puppet::Resource::Status. 98db2da (#5715) Removed unnecessary attributes from YAML of Puppet::Transaction::Event. bd4a8a1 (#5715) Make certain...

...758) Verify that report events are correctly created de85f8d Prep work for #5758: set audited=true on all audit events e162da9 Prep work for #5758: clean up initializer for Puppet::Transaction::Event 06a8d1e Fix #5698 puppet inspect shouldn''t report of attributes of deleted files 1f72c31 (#5715) Added attributes resource_type and title to Puppet::Resource::Status. a6cd736 (#5715) Removed attribute source_description from the YAML representation of Puppet::Resource::Status. 98db2da (#5715) Removed unnecessary attributes from YAML of Puppet::Transaction::Event. bd4a8a1 (#5715) Make certain...

...758) Verify that report events are correctly created de85f8d Prep work for #5758: set audited=true on all audit events e162da9 Prep work for #5758: clean up initializer for Puppet::Transaction::Event 06a8d1e Fix #5698 puppet inspect shouldn''t report of attributes of deleted files 1f72c31 (#5715) Added attributes resource_type and title to Puppet::Resource::Status. a6cd736 (#5715) Removed attribute source_description from the YAML representation of Puppet::Resource::Status. 98db2da (#5715) Removed unnecessary attributes from YAML of Puppet::Transaction::Event. bd4a8a1 (#5715) Make certain...

...g it for release in a few hours. Here's the changelog: * Thu Jan 04 2018 Sandro Bonazzola <sbonazzo at redhat.com> - ev-2.9.0-16.el7_4.13.1 - Removing RH branding from package name * Thu Dec 14 2017 Miroslav Rezanina <mrezanin at redhat.com> - rhev-2.9.0-16.el7_4.13 - Fix CVE-2017-5715 * Thu Nov 16 2017 Miroslav Rezanina <mrezanin at redhat.com> - rhev-2.9.0-16.el7_4.12 - kvm-util-async-use-atomic_mb_set-in-qemu_bh_cancel.patch [bz#1513362] - Resolves: bz#1513362 (QEMU's AIO subsystem gets stuck inhibiting all I/O operations on virtio-blk-pci devices [rhel-7.4.z]) --...

Author: cjj Repository: /hg/zfs-crypto/gate Revision: a58472277959c34c37827af84da191ceba990899 Log message: 6398779 Need to reduce address limits for devices downstream of a BCM 5708/5714/5715 bridge Files: create: usr/src/uts/sparc/pxb_bcm/Makefile update: usr/src/cmd/pcidr/etc/SUNW,EC_dr,ESC_dr_req,sysevent.conf update: usr/src/pkgdefs/SUNWckr/prototype_sparc update: usr/src/uts/sparc/Makefile.sparc.shared update: usr/src/uts/sparc/os/driver_aliases update: usr/src/uts/sparc/os/...

On Jan 4, 2018, at 12:18 PM, Walter H. <walter.h at mathemainzel.info> wrote: > > will there be updates for these CVEs for CentOS 6? Red Hat hasn?t released them all yet. Quoting Christopher Robinson in the thread for this here: https://access.redhat.com/errata/RHSA-2018:0007 "We will be pushing errata out as soon as they have passed our QA team's testing. The more

I have released everything for CentOS-6 that has been released upstream in RHEL source code. I will continue to do so when they release new sources. NOTE: We will NOT be releasing anything for CentOS versions before CentOS-6 (ie, CentOS-2.1, 3.x, 4.x, 5.x releases in vault that are past EOL will not get updates) CentOS-6 and CentOS-7 will continue to get updates based on the specific version

How about kernel-lt and kernel-ml? Mike On 01/04/2018 05:41 PM, Warren Young wrote: > On Jan 4, 2018, at 12:18 PM, Walter H. <walter.h at mathemainzel.info> wrote: >> will there be updates for these CVEs for CentOS 6? > Red Hat hasn?t released them all yet. Quoting Christopher Robinson in the thread for this here: > > https://access.redhat.com/errata/RHSA-2018:0007

Hi all! I'm running an up-to-date Centos-7 on an AMD Vishera 6300, 6 core CPU. I note that when I run the redhat script to test for spectre & meltdown I get this result for variant 2: Variant #2 (Spectre): Vulnerable CVE-2017-5715 - speculative execution branch target injection - Kernel with mitigation patches: OK - HW support / updated microcode: NO - IBRS: Not disabled on kernel commandline - IBPB: Not disabled on kernel commandline and when I run the one from github I get this: CVE-2017-5715 [branch target...

Hello, will there be updates for these CVEs for CentOS 6? Thanks, Walter

...as a hacking platform (according to my ISP). I was running a fairly recent version of OpenSSH (3.9p1). I reinstalled my box (now with 3.8p1 as supplied by Debian Stable), and started tcpdump to see if I would get lucky. I DID! The aut.log file shows the following: Nov 4 06:25:01 localhost su[5715]: + ??? root:nobody Nov 4 06:25:01 localhost su[5715]: (pam_unix) session opened for user nobody by (uid=0) In the auth.log from my hacked box, I also had these lines. However, I could not correlate them to TCP messages, so they didn't help me. Now, I do have a full tcp dump ;-) In the d...

hi, At home I used to have a multihomed server. Now it only has 1 nic. Since I removed the physical card and its configuration entry from for the OS, I have this kind of warnings in the logfiles: Dec 23 16:47:44 etch nmbd[5715]: [2007/12/23 16:47:44, 0] nmbd/nmbd_browsesync.c:get_domain_master_name_node_status_fail(486) Dec 23 16:47:44 etch nmbd[5715]: get_domain_master_name_node_status_fail: Dec 23 16:47:44 etch nmbd[5715]: Doing a node status request to the domain master browser at IP 10.0.0.150 failed. Dec 23 16:4...

...unning fast and successful. Also running a doveadm sync tcp:... is working fine for all users. I can't see exactly, but I haven't seen mailboxes timeouting again and again. So I would assume it's not related to the mailbox. >From the logs: server1: Oct 16 08:29:25 server1 dovecot[5715]: dsync-local(username1 at domain.com)<FXnVDW22pl0tGAAA1cwDxA>: Error: dsync(172.16.0.1): I/O has stalled, no activity for 600 seconds (version not received) Oct 16 08:29:25 server1 dovecot[5715]: dsync-local(username1 at domain.com)<FXnVDW22pl0tGAAA1cwDxA>: Error: Timeout during state=...

...ing a doveadm sync tcp:... is working fine for all users. >> I can't see exactly, but I haven't seen mailboxes timeouting again and >> again. So I would assume it's not related to the mailbox. >> From the logs: >> server1: >> Oct 16 08:29:25 server1 dovecot[5715]: >> dsync-local(username1 at domain.com)<FXnVDW22pl0tGAAA1cwDxA>: Error: >> dsync(172.16.0.1): I/O has stalled, no activity for 600 seconds (version >> not received) >> Oct 16 08:29:25 server1 dovecot[5715]: >> dsync-local(username1 at domain.com)<FXnVDW22pl0...

...on the workload. As such, the tunable can also be overridden by the end-user if they are willing to accept the risk. Initial work can be tracked at https://reviews.freebsd.org/D13797. Please note this is a work in progress and some stuff is likely to be broken. Spectre (CVE-2017-5753 and CVE-2017-5715) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ When it comes to the Spectre vulnerabilities, it is much harder to sort these out. Variant 1 (CVE-2017-5753) is going to require some static analysis to determine vulnerable use cases that will require barriers to stop speculation from disclosing informati...

...on the workload. As such, the tunable can also be overridden by the end-user if they are willing to accept the risk. Initial work can be tracked at https://reviews.freebsd.org/D13797. Please note this is a work in progress and some stuff is likely to be broken. Spectre (CVE-2017-5753 and CVE-2017-5715) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ When it comes to the Spectre vulnerabilities, it is much harder to sort these out. Variant 1 (CVE-2017-5753) is going to require some static analysis to determine vulnerable use cases that will require barriers to stop speculation from disclosing informati...

...our best bet is to try to get up to a new >> version of Xen that is under upstream security support, probably 4.8. > > Oracle VM 3.4 product is based on Xen 4.4, and they seem to have backported the fixes already.. > > It looks like those src.rpms have {CVE-2017-5753} {CVE-2017-5715} {CVE-2017-5754} fixes included. > > https://oss.oracle.com/pipermail/oraclevm-errata/2018-January/thread.html > https://oss.oracle.com/pipermail/oraclevm-errata/2018-January/000816.html > https://oss.oracle.com/pipermail/oraclevm-errata/2018-January/000817.html > > http://oss.o...

Hi, I am very sorry to do this on short notice, but obviously Meltdown and Spectre are a lot more than anyone was really expecting to come down the pipeline. Xen 4.4 has been EOL upstream for about a year now and I have personally been reviewing and backporting patches based on the 4.5 versions made available upstream. Given that 4.5 is now also reaching EOL, backporting to 4.4 will become

...I'm running an up-to-date Centos-7 on an AMD Vishera 6300, 6 core CPU. > What kernel are you running (uname -r)? > I note that when I run the redhat script to test for spectre & meltdown > I get this result for variant 2: > > Variant #2 (Spectre): Vulnerable > CVE-2017-5715 - speculative execution branch target injection > - Kernel with mitigation patches: OK > - HW support / updated microcode: NO > - IBRS: Not disabled on kernel commandline > - IBPB: Not disabled on kernel commandline > > > and when I run the one from github I g...

...ning a doveadm sync tcp:... is working fine for all users. > > I can't see exactly, but I haven't seen mailboxes timeouting again and > again. So I would assume it's not related to the mailbox. > > From the logs: > > server1: > Oct 16 08:29:25 server1 dovecot[5715]: > dsync-local(username1 at domain.com)<FXnVDW22pl0tGAAA1cwDxA>: Error: > dsync(172.16.0.1): I/O has stalled, no activity for 600 seconds (version > not received) > Oct 16 08:29:25 server1 dovecot[5715]: > dsync-local(username1 at domain.com)<FXnVDW22pl0tGAAA1cwDxA>: Err...