similar to: CESA-2014:1652 Important CentOS 6 openssl Security Update

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

The following updates address POODLE on CentOS: CentOS-5: http://lists.centos.org/pipermail/centos-announce/2014-October/020696.html CentOS-6.5: http://lists.centos.org/pipermail/centos-announce/2014-October/020697.html CentOS-7: http://lists.centos.org/pipermail/centos-announce/2014-October/020695.html Please note that the CentOS-6.5 updates are built from: openssl-1.0.1e-30.el6_5.2.src.rpm

CentOS Errata and Security Advisory 2014:0127 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0127.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 7f582307cabadd730387b49d93e454ab8e9007a98c991210ed3b86f67b9f29f9 librsvg2-2.26.0-6.el6_5.2.i686.rpm

CentOS Errata and Security Advisory 2014:0127 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0127.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 7f582307cabadd730387b49d93e454ab8e9007a98c991210ed3b86f67b9f29f9 librsvg2-2.26.0-6.el6_5.2.i686.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

after morning update of librsvg2 Feb 04 09:39:15 Updated: librsvg2-2.26.0-6.el6_5.2.x86_64 nautilus crashed with nautilus[3419]: segfault at 21 ip 00007f68b2d2733c sp 00007fffe2ce04f0 error 4 in librsvg-2.so.2.26.0[7f68b2d01000+37000] temporary solution yum downgrade librsvg2 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type:

CentOS Errata and Security Advisory 2014:1326 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1326.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 713dbbfa6b5bbe8b9dc74de079be9065e8cd1d9d0b1e0c2acc2853a7eb591a7b php-5.3.3-27.el6_5.2.i686.rpm

CentOS Errata and Security Advisory 2014:1326 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1326.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 713dbbfa6b5bbe8b9dc74de079be9065e8cd1d9d0b1e0c2acc2853a7eb591a7b php-5.3.3-27.el6_5.2.i686.rpm

According to the vulnerability test script from shellshocker.net, the latest bash versions on CentOS5 and CentOS6, 3.2-33.el5_11.4 and 4.1.2-15.el6_5.2, resp., are still vulnerable to CVE-2014-6277. In fact, on CentOS6, abrtd will send you a nice report about it. Does anyone know if upstream is working on a fix? [root at host ~]# bash ~/shellshock_test.sh CVE-2014-6271 (original shellshock):

CentOS Errata and Bugfix Advisory 2013:1836 Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1836.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: d390b1f7d615553c9275ced0f7706d1a914a6d5b1a4ee1d51947a1376981ad07 glx-utils-9.2-0.5.el6_5.2.i686.rpm

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Enhancement Advisory 2014:0031 Upstream details at : https://rhn.redhat.com/errata/RHEA-2014-0031.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 1f46e89510adc8ca8a2d7fb7f048459aae28b093288704ae52456eb1a818ff0a pacemaker-1.1.10-14.el6_5.2.i686.rpm

CentOS Errata and Bugfix Advisory 2014:0543 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0543.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 646353d24e7b98a82728147d03501703a922b1c4aa3e10e1ec2a80612a997895 glibc-2.12-1.132.el6_5.2.i686.rpm

Hi, how do I protect dovecot 1.2.17 against poodle? Br /Marc -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 842 bytes Desc: Message signed with OpenPGP using GPGMail URL: <http://dovecot.org/pipermail/dovecot/attachments/20141019/b4152487/attachment-0001.sig>

Thanks Kelvin I'm a bit confised tho, is this patch already avaiable? if yes, what is the parameter that disable ssl into the smb.conf? Maybe the guys from Enterprise samba have already included the patch into their releases so it's just a maatter of enabling the flag. I'm using sernet-samba-4.2.2 Thanks!

CentOS Errata and Bugfix Advisory 2014:1099 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1099.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: a4f6c5c76eed2de244cb73747f0547b8626fd097b0ad1047fabbf5b9d4979d05 net-snmp-5.5-49.el6_5.2.i686.rpm

Good Day All Sorry if this is a repeated email, but I need some information about how to disable SSL on a Samba4.2.2 AD domain controller as the nessus scanner is reporting the POODLE vulnerability and we are not allowed to have any of that in our environment. the nessus scan reports poodle vulnerability on all these ports: 443, 636, 3269 I had a look at previous posts but couldn't find a

Send CentOS-announce mailing list submissions to centos-announce at centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request at centos.org You can reach the person managing the list at centos-announce-owner at centos.org When

CentOS Errata and Bugfix Advisory 2014:1016 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1016.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: fecb1d7188cc96c840f41c86661286a94cbf2be8251088488e2059680ff13aec cups-1.4.2-52.el6_5.2.i686.rpm

CentOS Errata and Bugfix Advisory 2013:1856 Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-1856.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 488920f329f234c27ec7e3865c3aedc5370d3dd5ba37944b6bb545fcfb6fdde1 libvirt-0.10.2-29.el6_5.2.i686.rpm