similar to: CentOS-announce Digest, Vol 105, Issue 5

CentOS Errata and Security Advisory 2013:X012 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 2eb1022ec7ec2d508248c9c152e253aa72acfa08a155701d2791b1458766590a e1000e-2.5.4-3.4.68.2.el6.centos.alt.x86_64.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Security Advisory 2014:X011 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 0ca23e081ddc488aa22b357fd2ad46b26526424f4613f5af7254bcbdcbcf1474 e1000e-2.5.4-3.10.55.2.el6.centos.alt.x86_64.rpm

CentOS Errata and Security Advisory 2014:X009 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- b46a8cc4391424f463aec8e81e716152357426ae3601857b2661bc5a1257f9b3 e1000e-2.5.4-3.10.43.2.el6.centos.alt.x86_64.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Security Advisory 2013:X018 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 2ac8f3b6799eac04c6fc5fe054a68d00bdf914f173087a7802c9bce8b4366e48 e1000e-2.5.4-3.10.25.2.el6.centos.alt.x86_64.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Security Advisory 2013:0620-01 Important (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: a8a913de2ce129fe28c1015d2be0ca72acbb70eb7b4e41ef470f8fdc3d70c6ad kernel-3.4.50-8.el6.centos.alt.x86_64.rpm b01179ca3023f3f3503fe71f8efbdecee9f01f6be552c2a35c91909fe652574f

CentOS Errata and Security Advisory 2013:X002 Important (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- kernel-3.4.53-8.el6.centos.alt.x86_64.rpm: a9dcd1ef0417ed31aad7642b1f5a028e8ad69a11382640b4442059ba1d9ccc23

CentOS Errata and Security Advisory 2014:X005 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 4d780927c1273021f707954531d4f8363f96001a09101ac3b828c02dcf640fc5 e1000e-2.5.4-3.10.29.2.el6.centos.alt.x86_64.rpm

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1692 The NIST advisory says that all versions of OpenSSH potentially contain the flaw. ?But is that really true? ?For example, I looked at the 3.8.1p1 distribution and didn't find any reference to JPAKE at all. Thanks.

Hi I am wondering if this has made it into any updates? http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4645 thanks

<no_spam_98 <at> yahoo.com> writes: > > http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1692 > > The NIST advisory says that all versions of OpenSSH potentially contain > the flaw. ?But is that really true? ?For example, I looked at the > 3.8.1p1 distribution and didn't find any reference to JPAKE at all. Hi. The NVD advisory is inaccurate. JPAKE

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

Thanks for the analysis of second bug. Please also share CVSSv3 score for first bug. Arjit Kumar On Fri, May 26, 2017 at 12:29 PM, Andrew Bartlett <abartlet at samba.org> wrote: > On Fri, 2017-05-26 at 11:36 +0530, Arjit Gupta via samba wrote: > > Hi Team, > > > > Please let me know the severity of CVE-2017-2619 and CVE-2017-7494. > > They are not unpublished:

On Fri, 2017-05-26 at 11:36 +0530, Arjit Gupta via samba wrote: > Hi Team, > > Please let me know the severity of CVE-2017-2619 and CVE-2017-7494. They are not unpublished: https://www.samba.org/samba/security/CVE-2017-2619.html https://www.samba.org/samba/security/CVE-2017-7494.html For this second bug, I did some work on CVSS scores: I've had a go at a CVSSv3 score for the

Hi Everyone, I note that Xen 3.4.4 has been released http://blog.xen.org/index.php/2012/01/27/xen-3-4-4-update-release/ There is something that I am confused about though. In the release announcement, it mentions one of the features of the update being: " Security enhancements includingCVE-2011-1583 <http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1583>" However,

CentOS Errata and Security Advisory 2014:X003 (Xen4CentOS) The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- X86_64 ----------------------------- 885234e7bead8d78e914780e3264f74e4058c4d0211934da4a4d28e3e405f51d e1000e-2.5.4-3.10.27.2.el6.centos.alt.x86_64.rpm

Hello, Does the recent Logjam[1] vulnerability affect Tinc? The security section of the Tinc website says: "Although tinc uses the OpenSSL library, it does not use the SSL protocol to establish connections between daemons" What would that mean, specifically, in regards to Logjam? Thank you for your time and for providing a great piece of VPN software! [1]

Hello, I'm talking about the following hole: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2663 In Slackware 12.2, so far, the current libvorbis version is still 1.2.0. My question is: I don't use ".OGG" files, but I regularly listen to a OGG webstream. Am I secure in this situation or could a corrupted webstream trigger the discussed bug? Thanks in advance Yours