similar to: CentOS security advisories

It seems that httpd24-httpd from SCL is affected by CVE-2019-0211 [1]. Does the SIG has plans to update these rpms for EL6? [1] https://httpd.apache.org/security/vulnerabilities_24.html -- Thanks, LF

Quick Q: while running my A.M. update today, I see several updates that I haven't seen announced yet. The one concerning me is glibc. I killed the update since it glibc is so central to a system. Is it safe to install? If so, I presume I'll want to update it first and then the rest of the system? TIA for any information. -- Bill

> Am 08.04.2019 um 17:49 schrieb Johnny Hughes <johnny at centos.org>: > > On 4/3/19 1:53 PM, Leon Fauster via CentOS wrote: >> It seems that httpd24-httpd from SCL is affected by CVE-2019-0211 [1]. >> >> Does the SIG has plans to update these rpms for EL6? >> >> [1] https://httpd.apache.org/security/vulnerabilities_24.html >> > >

Red Hat's Security policy for Production 3 Phase of the Life Cycle for EL5 is that they will only release "Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available. Other errata advisories may be delivered as appropriate." https://access.redhat.com/support/policy/updates/errata/#Production_3_Phase

On 29/12/14 01:52, Always Learning wrote: > > On Thu, 2014-12-18 at 10:30 -0600, Les Mikesell wrote: > >> .............. The design changes are done in Fedora, by >> people who apparently never liked unix or consistency, not the people >> using Red Hat or CentOS that already have things working that they >> would like to keep working the same way across upgrades.

Hi, I want to setup Samba as a new PDC. I followed the instructions on IBM's site (http://www-1.ibm.com/servers/esdd/tutorials/samba/index.html) The problem I currently have is that Windows 9X boxes can't connect to the Mandrake 9.1 Bamboo box. However, I can make connections on localhost to localhost using smbclient //localhost/share -U username I've tried a couple of different

I wish your help files were more descriptive. I can't get the NT box to connect to the samba share ... due to some permission bullshit. You needs a knowledge base ... i cant find the error im getting, anywhere on their site ... Searching via a search engine -- says that:- when you're upgrading to SP3 on NT, samba will stop working unless you put the regkey EnablePlainTextPassword ...

Just following your the Diagnosis Article located at (http://samba.org/samba/docs/DIAGNOSIS.html):- At Test 3, there is nothing mentioned if the test prompts for a password:- mercury# smbclient -L mercury added interface ip=203.220.30.98 bcast=203.220.30.103 nmask=255.255.255.248 added interface ip=192.168.10.122 bcast=192.168.10.255 nmask=255.255.255.0 Password: When I press ENTER, it then

Is there an archive of security advisories for Asterisk? We recently upgraded a customer from 1.2 to 1.4 and now they are asking for documentation of all security and bug related fixes. I know the advisories get published on this list but is there an easier way to find them than trying to search the list. -- Telecomunicaciones Abiertas de M?xico S.A. de C.V. Carlos Ch?vez Prats Director de

It seems (at least for me) the patches on ftp.freebsd.org are out of date for the 03:12 security advisory (openssh). ftp2.freebsd.org has them fine. I'm wondering if this is a mirror issue or perhaps round-robin DNS problem? What compounds the issue is that right now the old openssh 3.7 patches are there (on ftp.freebsd.org), but not the 3.7.1 patches (which can be found on

Dear List, I have spent some time playing around with oscap and the RHEL OVAL feed (https://www.redhat.com/security/data/oval/v2/RHEL8/, also check Chapter 16 of the RHEL 8 Design Guide). Because I could not find an existing OVAL file for CentOS, I downloaded one of the RHEL8 files and managed to modify (eg. the rhel-8.1-e4s.oval.xml) it to make it work on a CentOS machine. Basically I just

Hello.. I've noticed a delay between when the security advisories are sent and when the cvsup servers, ftp mirrors and web mirrors are updated. Is this delay on purpose to give the users some time to update/patch their system(s) before it hit pages like bugtraq, etc.. or is it just a caused by the delay between when the ftp/cvsup servers are synced? Best regard, Jesper Wallin

Hello Folks, Just a status on upcoming advisories. FreeBSD-SA-03:15.openssh This is in final review and should be released today. Fixes for this issue entered the tree on September 24. I apologize for the delay in getting this one out. FreeBSD-SA-03:16.filedesc A reference counting bug was discovered that could lead to kernel memory disclosure or a system panic.

Hello dear CentOS community, I'm writing on this mailing list because I'm discovering CentOS 8 after several years of practice on CentOS 7. One of my main concern about a distribution is Bug Fixes and Security Fixes. For CentOS 7, all fixes where identified on CentOS-Announces lists with CESA, CEBA and CEEA which is a good thing in order to identify how a distribution can be broken,

On 4/3/19 1:53 PM, Leon Fauster via CentOS wrote: > It seems that httpd24-httpd from SCL is affected by CVE-2019-0211 [1]. > > Does the SIG has plans to update these rpms for EL6? > > [1] https://httpd.apache.org/security/vulnerabilities_24.html > https://access.redhat.com/security/cve/cve-2019-0211 That says SCLs are affected .. BUT .. they do not yet have a plan. The

This is the notification of the End of Life (EOL) for CentOS 4. The 7-year enterprise lifetime of CentOS-4 ends now. CentOS-4 has been copied to the CentOS Vault. The last released tree is available here: http://vault.centos.org/4.9/ All architectures of CentOS-4 (i386, x86_64, ppc, s390, and s390x) are impacted. Support for the CentOS-4 Cluster Server and the CentOS-4 Global File Server

Concerns: R 1.5.0 gui version, Windows (downloaded binary) and Linux (installed from sources). # Load the data from the attached file: kk<-read.table("__filename__", header=1) # attach the data: attach(kk) Snr<-factor(Snr) # fool around with a call to anova.glm(): anova.glm( aov( nFD~Type+size+Modality+Error(Snr/(Type+size+Modality)) ) ) # Error: object nFD not found # Well, I

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

I'm trying to confirm that LDAP traffic is encrypted on my Samba 4 DC. I have read and followed https://wiki.samba.org/index.php/Setup_LDAPS_on_a_DC but when I attempt to connect to the DC on port 636 or via ldaps:// or both via ldapsearch (linux) and ldp (windows) I cannot connect. Failed tests: *ldapsearch -I -H ldaps://dc* ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

Digium X100P / new cards are is available on ebay for $43. http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=3073050567&category=3309 <http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=3073050567&category=3309 > Hope this helps to who want to play with X100P! Are these being sold by Digium ? I don't know ?? - SamW -------------- next part -------------- An HTML