search for: advisory

...ate) are also released below. =========================================================================================================== TYPE RATING NUMBER DESCRIPTION DATE =========================================================================================================== Security Advisory Critical CESA-2007:0095 Critical: krb5 security update 2007-04-03 https://rhn.redhat.com/errata/RHSA-2007-0095.html Security Advisory Important CESA-2007:0127 Important: xorg-x11-server security 2007-04-03 https://rhn.redhat.com/errata/RHSA-2007-0127.html Security Advisory Important CESA-2...

...ate) are also released below. =========================================================================================================== TYPE RATING NUMBER DESCRIPTION DATE =========================================================================================================== Security Advisory Critical CESA-2007:0095 Critical: krb5 security update 2007-04-03 https://rhn.redhat.com/errata/RHSA-2007-0095.html Security Advisory Important CESA-2007:0127 Important: xorg-x11-server security 2007-04-03 https://rhn.redhat.com/errata/RHSA-2007-0127.html Security Advisory Important CESA-2...

...ate) are also released below. =========================================================================================================== TYPE RATING NUMBER DESCRIPTION DATE =========================================================================================================== Security Advisory Critical CESA-2007:0095 Critical: krb5 security update 2007-04-03 https://rhn.redhat.com/errata/RHSA-2007-0095.html Security Advisory Important CESA-2007:0127 Important: xorg-x11-server security 2007-04-03 https://rhn.redhat.com/errata/RHSA-2007-0127.html Security Advisory Important CESA-2...

Hi, I am missing the advisory for openssl at ftp://ftp.freebsd.org/CERT/ Background: For long time i used the the quickpatch utility at my workstation to notify me about issues and *how* to fix it. With the web based advisory this is not possible since the .asc file contains only the pgp signature (no more details). Regard...

...mail addresses, of course - the purpose is transparency, not spam. * Make it clear that we will share vulnerability information with other projects or vendors if we think the same problem may apply to them, or when it''s necessary to understand the problem and prepare the advisory. xen.org security problem response process ----------------------------------------- Introduction ------------ Computer systems have bugs. Currently recognised best practice for bugs with security implications is to notify significant downstream users in private; leave...

...e=F_RDLCK, l_whence=SEEK_SET, l_start=2265976, l_len=1}) = 0 fcntl(15, F_SETLKW, {l_type=F_UNLCK, l_whence=SEEK_SET, l_start=380, l_len=1}) = 0 fcntl(15, F_SETLKW, {l_type=F_RDLCK, l_whence=SEEK_SET, l_start=380, l_len=1}) = 0 ....... dc000:~# egrep "(28923|28930)" /proc/locks 16: POSIX ADVISORY READ 28923 ca:01:132971 168 EOF 17: POSIX ADVISORY WRITE 28923 ca:01:132971 8 8 18: POSIX ADVISORY READ 28923 ca:01:132978 168 EOF 19: POSIX ADVISORY WRITE 28923 ca:01:132978 8 8 20: POSIX ADVISORY READ 28923 ca:01:132976 168 EOF 21: POSIX ADVISORY WRITE 28923 ca:01:132976 8 8 22: POS...

Hi, FYI - don't sue me for posting this here - I know, everyone who needs this info *should* have it already, but maybe not ;-) Kind regards, B. Courtin -- OpenSSL Security Advisory [30 July 2002] This advisory consists of two independent advisories, merged, and is an official OpenSSL advisory. Advisory 1 ========== A.L. Digital Ltd and The Bunker (http://www.thebunker.net/) are conducting a security review of OpenSSL, under the DARPA program CHATS. Vulnerabilities -------...

I have been looking at the security advisories provided here: http://lists.centos.org/pipermail/centos-announce/ It appears that there is not a 1:1 correlation between advisories listed here and advisories listed by Red Hat: https://rhn.redhat.com/errata Is there a specific reason for this? Also, is there an alternate location to find all Errata information for CentOS? Joshua Bahnsen

Hello.. I've noticed a delay between when the security advisories are sent and when the cvsup servers, ftp mirrors and web mirrors are updated. Is this delay on purpose to give the users some time to update/patch their system(s) before it hit pages like bugtraq, etc.. or is it just a caused by the delay between when the ftp/cvsup servers are synced? Best regard, Jesper Wallin

It seems (at least for me) the patches on ftp.freebsd.org are out of date for the 03:12 security advisory (openssh). ftp2.freebsd.org has them fine. I'm wondering if this is a mirror issue or perhaps round-robin DNS problem? What compounds the issue is that right now the old openssh 3.7 patches are there (on ftp.freebsd.org), but not the 3.7.1 patches (which can be found on ftp2.freebsd.org)....

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:25.kmem Security Advisory The FreeBSD Project Topic: Kernel memory disclosure in firewire(4) Category: core Module: sys_dev Announced: 2006-12-06 Credits: Rodrigo Rubira Branco Affects: All FreeBSD releases. Corrected:...

Source: xen Severity: grave Tags: security Multiple vulnerabilities are unfixed in xen: CVE-2015-5307: http://xenbits.xen.org/xsa/advisory-156.html CVE-2016-3960 http://xenbits.xen.org/xsa/advisory-173.html CVE-2016-3159 / CVE-2016-3158 http://xenbits.xen.org/xsa/advisory-172.html CVE-2016-2271 http://xenbits.xen.org/xsa/advisory-170.html CVE-2016-2270 http://xenbits.xen.org/xsa/advisory-154.html CVE-2016-1571 http://xenbits.xen....

...nal /dev/hdb1 tune2fs 1.32 (09-Nov-2002) The needs_recovery flag is set. Please run e2fsck before clearing the has_journal flag. Any ideas? Thanks! Tom [root at marvin download]# ide-smart /dev/hdb1 Id= 3 Status=39 {Prefailure Online } Value=219 Threshold= 63 Passed Id= 4 Status=50 {Advisory Online } Value=253 Threshold= 0 Passed Id= 5 Status=51 {Prefailure Online } Value=240 Threshold= 63 Passed Id= 6 Status= 1 {Prefailure OffLine} Value=253 Threshold=100 Passed Id= 7 Status=10 {Advisory Online } Value=253 Threshold= 0 Passed Id= 8 Status=39 {Prefailu...

Recent events, including vulnerabilities that were reported and the subsequent discussions about how they were handled, have made those of us that manage Asterisk development decide that it is time for the Asterisk project to have a formal security vulnerability and advisory reporting process. Over the next few weeks we will begin to formalize and document this process on the asterisk.org website, but here are the initial steps we are taking: 1) We will begin to assign our own advisory numbers and publish our own advisory reports when security issues are reported to...

Recent events, including vulnerabilities that were reported and the subsequent discussions about how they were handled, have made those of us that manage Asterisk development decide that it is time for the Asterisk project to have a formal security vulnerability and advisory reporting process. Over the next few weeks we will begin to formalize and document this process on the asterisk.org website, but here are the initial steps we are taking: 1) We will begin to assign our own advisory numbers and publish our own advisory reports when security issues are reported to...

CentOS Errata and Security Advisory 2013:X013 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- f3725f9d29b2fd85d3c9568d979b7ea0f26e1844bb7474b8ef4de2e124bae9ff xen-4.2.3-25.el6.centos.alt.x...

...Xen System on i386 (meta-package) xen-utils-4.1 - XEN administrative tools xen-utils-common - Xen administrative tools - common files xenstore-utils - Xenstore utilities for Xen Changes: xen (4.1.4-3+deb7u2) wheezy-security; urgency=high . * Security upload. * Apply fix for Xen Security Advisory 52 (CVE-2013-2076) * Apply fix for Xen Security Advisory 53 (CVE-2013-2077) * Apply fix for Xen Security Advisory 54 (CVE-2013-2078) * Apply fix for Xen Security Advisory 55 (CVE-2013-2194, CVE-2013-2195, CVE-2013-2196) * Apply fix for Xen Security Advisory 57 (CVE-2013-2211) *...

...Xen System on i386 (meta-package) xen-utils-4.1 - XEN administrative tools xen-utils-common - Xen administrative tools - common files xenstore-utils - Xenstore utilities for Xen Changes: xen (4.1.4-3+deb7u2) wheezy-security; urgency=high . * Security upload. * Apply fix for Xen Security Advisory 52 (CVE-2013-2076) * Apply fix for Xen Security Advisory 53 (CVE-2013-2077) * Apply fix for Xen Security Advisory 54 (CVE-2013-2078) * Apply fix for Xen Security Advisory 55 (CVE-2013-2194, CVE-2013-2195, CVE-2013-2196) * Apply fix for Xen Security Advisory 57 (CVE-2013-2211) *...

...p; Caldera) made a new RPM, based on the most current BIND version, which fixes the remote exploit bug, but has showstopper bugs in other areas for SOME people. I haven't been told what these are. -- REW] ---------- Forwarded message ---------- Date: Wed, 10 Nov 1999 22:58:14 -0500 From: CERT Advisory <cert-advisory@cert.org> X-Reply-To: cert-advisory-request@cert.org To: cert-advisory@coal.cert.org Subject: CERT Advisory CA-99.14 - Multiple Vulnerabilities in BIND -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CERT Advisory CA-99-14 Multiple Vulnerabilities in BIND Original release d...

Is there an archive of security advisories for Asterisk? We recently upgraded a customer from 1.2 to 1.4 and now they are asking for documentation of all security and bug related fixes. I know the advisories get published on this list but is there an easier way to find them than trying to search the list. -- Telecomunicaciones Abiertas de M?xico S.A. de C.V. Carlos Ch?vez Prats Director de