search for: vulenr

Thanks for the reply. Sorry for the typo in the earlier mail. I have PV-HVM of CentOS 7 & I need to convert it to PV kernel. Basically here I am trying to see whether my PV_HVM kernel is vulenrable to this issue given in the following link http://seclists.org/oss-sec/2015/q3/212 In the above link, it was mentioned that the PV kernel is not vulnerable to this bug, but HVM is. It didnt say anything about PV-HVM. Can you please help me in this regard? On Wed, Aug 19, 2015 at 10:43 AM,...

...> On 8/18/2015 10:37 PM, Venkateswara Rao Dokku wrote: > >> Thanks for the reply. >> Sorry for the typo in the earlier mail. >> I have PV-HVM of CentOS 7 & I need to convert it to PV kernel. >> >> Basically here I am trying to see whether my PV_HVM kernel is vulenrable >> to >> this issue given in the following link >> http://seclists.org/oss-sec/2015/q3/212 >> > > > that is talking about a problem with QEMU and emulated cdroms, and as far > as I can tell, the bug is in the qemu emulator, not in the VM's. it > mere...

Hi, I have php 5.4.16 php in my centos 7 machine & when I searched over internet I could see it is effected by some vulenrabilities. So I wanted to upgrade my PHP to 5.6.x, but did not find procedure for it. When I tried yum upgrade php, it says "no packages marked for update" Can you please give me some pointers so that I can continue. On Tue, Apr 28, 2015 at 2:11 AM, Johnny Hughes <johnny at centos.or...

Hi, I have installed CentOS 7 HVM kernel. I would like to convert it to CentOs 7 PV kernel. When googled about it, I found that this can be done by following commands yum install xen or yum install kernel-xen But, when I tried the below commands, I am getting the error *"No package kernel-xen available.**"* What am I missing here. Any help is much appreciated. -- Thanks &

On 8/18/2015 10:37 PM, Venkateswara Rao Dokku wrote: > Thanks for the reply. > Sorry for the typo in the earlier mail. > I have PV-HVM of CentOS 7 & I need to convert it to PV kernel. > > Basically here I am trying to see whether my PV_HVM kernel is vulenrable to > this issue given in the following link > http://seclists.org/oss-sec/2015/q3/212 that is talking about a problem with QEMU and emulated cdroms, and as far as I can tell, the bug is in the qemu emulator, not in the VM's. it merely states that if you only use PV VM's you...

...enkateswara Rao Dokku wrote: > > > >> Thanks for the reply. > >> Sorry for the typo in the earlier mail. > >> I have PV-HVM of CentOS 7 & I need to convert it to PV kernel. > >> > >> Basically here I am trying to see whether my PV_HVM kernel is vulenrable > >> to > >> this issue given in the following link > >> http://seclists.org/oss-sec/2015/q3/212 > >> > > > > > > that is talking about a problem with QEMU and emulated cdroms, and as far > > as I can tell, the bug is in the qemu emula...

...pers to ''remove any non-standard string escaping mechanisms from their applications, such as the popular "backslash-escape", or "\''", or at least modify them to use the SQL-standard doubling ('''') to escape quotes.'' In particular, the vulenrability relates to applications that ''use ad-hoc methods to "escape" strings going into the database, such as regexes, or PHP3''s addslashes() and magic_quotes. Since these bypass database-specific code for safe handling of strings, many such applications will need to be r...

Thanks for the replies. The tool that we used for testing the security vulnerability is "Nessus". I have glibc version 2.17-78.el7, I saw that CVE-2015-0235 (Ghost) is fixed in this version and I want to apply patch for the vulnerbailities CVE-2015-1472 & CVE-2015-1473. Can you please help me in finding the right version that has fixes for these? Thanks On Sat, Apr 25, 2015 at