similar to: CESA-2014:1306 Important CentOS 6 bash Security Update

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Security Advisory 2014:1306 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1306.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 9755e86ad8536c908f95340be308190b52989bfa0d9268a461c40a3f0d493bc7 bash-3.2-33.el5_10.4.i386.rpm x86_64:

CentOS Errata and Security Advisory 2014:1306 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1306.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: d2806c39117791707b6f528afd2bfa35b20a67f6ad40231057d6dd27f4eb7e36 bash-4.2.45-5.el7_0.4.x86_64.rpm

CentOS Errata and Security Advisory 2014:1652 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- i386 ----------------------------- 5898ac3179dfdd904c352badd79b6f5ec702315f4bc7b8989de8f114304fbd78 openssl-1.0.1e-30.el6_5.2.i686.rpm dcc5d47340d69f53af592a92282df89ef3bd4705ce34f4a57a93d211e93cfd7d

CentOS Errata and Security Advisory 2014:1652 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) ----------------------------- i386 ----------------------------- 5898ac3179dfdd904c352badd79b6f5ec702315f4bc7b8989de8f114304fbd78 openssl-1.0.1e-30.el6_5.2.i686.rpm dcc5d47340d69f53af592a92282df89ef3bd4705ce34f4a57a93d211e93cfd7d

CentOS Errata and Security Advisory 2014:1326 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1326.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 713dbbfa6b5bbe8b9dc74de079be9065e8cd1d9d0b1e0c2acc2853a7eb591a7b php-5.3.3-27.el6_5.2.i686.rpm

CentOS Errata and Security Advisory 2014:1326 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1326.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 713dbbfa6b5bbe8b9dc74de079be9065e8cd1d9d0b1e0c2acc2853a7eb591a7b php-5.3.3-27.el6_5.2.i686.rpm

CentOS Errata and Security Advisory 2014:0626 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0626.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 4911acddf50a3f48cc5d2ce6f4011193a06112142a2d93e7e9f36aa7fd44e1bd openssl098e-0.9.8e-18.el6_5.2.i686.rpm x86_64:

CentOS Errata and Security Advisory 2014:1293 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1293.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: f17f9e203cc55846a050ce57efd67159e208ef8bd469633a471233e8b9c54a74 bash-4.1.2-15.el6_5.1.i686.rpm

CentOS Errata and Security Advisory 2014:0175 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0175.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 4d4241930e9d10070344dbb6d9883796f53e34614cb8a0fb105aa75f8c5095be piranha-0.8.6-4.el6_5.2.i686.rpm x86_64:

CentOS Errata and Security Advisory 2014:0127 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0127.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 7f582307cabadd730387b49d93e454ab8e9007a98c991210ed3b86f67b9f29f9 librsvg2-2.26.0-6.el6_5.2.i686.rpm

CentOS Errata and Security Advisory 2014:0127 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0127.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 7f582307cabadd730387b49d93e454ab8e9007a98c991210ed3b86f67b9f29f9 librsvg2-2.26.0-6.el6_5.2.i686.rpm

For those of us still in shell shock, the following was sent several days ago under a misleading subject/thread mixed in with a bunch of other nonsense. (Message-ID: <54291071.7010209 at centos.org>) According to Johnny the second bash patch addressed all of the known issues. I had been waiting for a third patch to come through and missed this important information sent on Monday. On

CentOS Errata and Security Advisory 2014:1293 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1293.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 39f53e854969bb0bcbb280bf6581ec5857c086cdd727adc5eec9b7a9b7dcd0a6 bash-3.2-33.el5.1.i386.rpm x86_64:

CentOS Errata and Security Advisory 2014:1293 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1293.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 4274e74893b2e3f31704befbd4c0968c68f153bfcd869c286d6df0a269280e87 bash-4.2.45-5.el7_0.2.x86_64.rpm

According to the vulnerability test script from shellshocker.net, the latest bash versions on CentOS5 and CentOS6, 3.2-33.el5_11.4 and 4.1.2-15.el6_5.2, resp., are still vulnerable to CVE-2014-6277. In fact, on CentOS6, abrtd will send you a nice report about it. Does anyone know if upstream is working on a fix? [root at host ~]# bash ~/shellshock_test.sh CVE-2014-6271 (original shellshock):

CentOS Errata and Enhancement Advisory 2014:0031 Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-0031.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 1f46e89510adc8ca8a2d7fb7f048459aae28b093288704ae52456eb1a818ff0a pacemaker-1.1.10-14.el6_5.2.i686.rpm

CentOS Errata and Bugfix Advisory 2014:0543 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0543.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 646353d24e7b98a82728147d03501703a922b1c4aa3e10e1ec2a80612a997895 glibc-2.12-1.132.el6_5.2.i686.rpm

CentOS Errata and Bugfix Advisory 2014:1099 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1099.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: a4f6c5c76eed2de244cb73747f0547b8626fd097b0ad1047fabbf5b9d4979d05 net-snmp-5.5-49.el6_5.2.i686.rpm

CentOS Errata and Bugfix Advisory 2014:1016 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1016.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: fecb1d7188cc96c840f41c86661286a94cbf2be8251088488e2059680ff13aec cups-1.4.2-52.el6_5.2.i686.rpm