similar to: Announce: Puppet Dashboard 1.2.22 Available [ security release ]

Greetings, Welcome to another Release Candidate for Puppet Dashboard (number 6). This release is available for download at: http://downloads.puppetlabs.com/dashboard/ We have included Debian and RPM packages as well as a tarball. See the Verifying Puppet Download section at: http://projects.puppetlabs.com/projects/puppet/wiki/Downloading_Puppet Please report feedback via the Puppet Labs

Good Morning, We just performed some security scanning on one of our AIX systems and these vulnerabilities was returned: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4755 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000 We are currently running: 5.8.0.6101 The latest on IBMs

Puppet Dashboard 1.2.23 is a maintenance release of the 1.2 series of Puppet Dashboard with bug fixes and minor features. This release is available for download at: https://downloads.puppetlabs.com/dashboard/puppet-dashboard-1.2.23.tar.gz Available in native package format in the Puppet Labs yum and apt repositories at: http://yum.puppetlabs.com and http://apt.puppetlabs.com Please report

Dear Xen Maintainers The following CVEs(0,1) have been filled against xen. Could you please check, whether they affect any debian versions and how important they are? They are rather left over on our TODO list and I'd like to forward them to you for checking. CVE-2008-1944: Buffer overflow in the backend framebuffer of XenSource Xen Para-Virtualized Framebuffer (PVFB) Message 3.0 through

Dear list, About a week ago, right after 5.4-RELEASE was released, I received a mail from Gentoo Linux's security announcement list about a flaw in tcpdump and gzip. Since none of them are operating system related, I assumed a -p1 and -p2 of the 5.4-RELEASE. Instead, we got a patch for the HTT security issue so I wonder, is the FreeBSD version of tcpdump and/or gzip are secured or simply

Thoughts? [root@ca-sna-pm01 config]# rake RAILS_ENV=production db:migrate (in /usr/share/puppet-dashboard) NOTE: Gem.source_index is deprecated, use Specification. It will be removed on or after 2011-11-01. Gem.source_index called from /usr/share/puppet-dashboard/config/../vendor/rails/railties/lib/rails/gem_dependency.rb:21. config.gem: Unpacked gem rdoc-3.6.1 in vendor/gems has no

Hiera 1.1.2-rc2 is a release candidate in the 1.x series with bug fixes. Downloads are available at: * Source: https://downloads.puppetlabs.com/hiera/hiera-1.1.2-rc2.tar.gz RPMs are available at https://yum.puppetlabs.com/el or /fedora Rubygem available at http://rubygems.org/gems/hiera or by using the --pre option to gem install. Debs are available at https://apt.puppetlabs.com Mac package

I've released Xapian 1.2.22 (including Search::Xapian 1.2.22.0), which you can download from: http://xapian.org/download Since 1.2.16, release tarballs are compressed with xz instead of gzip, as it provides much better compression, without being too slow to decompress. (For now at least, Search::Xapian is still gzipped.) We decided not to provide multiple formats for the downloads. The

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:21.gzip Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in gzip Category: contrib Module: gzip Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:21.gzip Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in gzip Category: contrib Module: gzip Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:21.gzip Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in gzip Category: contrib Module: gzip Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:10.tcpdump Security Advisory The FreeBSD Project Topic: Infinite loops in tcpdump protocol decoding Category: contrib Module: tcpdump

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:10.tcpdump Security Advisory The FreeBSD Project Topic: Infinite loops in tcpdump protocol decoding Category: contrib Module: tcpdump

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SN-03:01 Security Notice The FreeBSD Project Topic: security issue in samba ports Announced: 2003-04-07 I. Introduction Several ports in the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SN-03:01 Security Notice The FreeBSD Project Topic: security issue in samba ports Announced: 2003-04-07 I. Introduction Several ports in the

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SN-02:02 Security Notice The FreeBSD Project Topic: security issues in ports Announced: 2002-05-13 I. Introduction Several ports in the FreeBSD Ports

Hi, FYI - don't sue me for posting this here - I know, everyone who needs this info *should* have it already, but maybe not ;-) Kind regards, B. Courtin -- OpenSSL Security Advisory [30 July 2002] This advisory consists of two independent advisories, merged, and is an official OpenSSL advisory. Advisory 1 ========== A.L. Digital Ltd and The Bunker (http://www.thebunker.net/) are

Good day. Spotted the CVE-2007-1870: the clamav 0.90.2 is already in the ports, but no sign of the issue in the VuXML. The entry is attached. One thing that is a bit strange is that the ChangeLog for the ClamAV (http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog) says about CVE-2007-1997 as the libclamav/cab.c log entry, but I think they are messed the numbers -- there is no such CVE, at

Hello, we run Puppet Dashboard 1.2.23 in our sandbox and get an error deleting a node. - first time we press the delete button nothing happens - second time we press the delete button we get the following error; ActiveRecord::StatementInvalid in NodesController#destroy Mysql::Error: Lock wait timeout exceeded; try restarting transaction: DELETE FROM `node_group_memberships` WHERE `id` = 53

hi all, i haven't seen any discussion here of this issue, nor do i see any obviously related (open) bugs in bugzilla. It's not clear to me from the CVE how important this issue is or isn't, but i'm a bit concerned. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4091 thanks as always to wayne & the other contributors