similar to: New glibc for CentOS-6 and CentOS-7 and CVE-2015-7547

Displaying 20 results from an estimated 9000 matches similar to: "New glibc for CentOS-6 and CentOS-7 and CVE-2015-7547"

2016 Feb 17
0
New glibc for CentOS-6 and CentOS-7 and CVE-2015-7547
On 17/02/16 13:01, Johnny Hughes wrote: > I normally just let the daily announce post to this list show what > is available for updates, but there is a CVE (CVE-2015-7547) that > needs a bit more attention which will be on today's announce list > of updates. > > We released a new glibc yesterday for CentOS-6 and CentOS-7 .. it > is VERY important that all users update to
2016 Feb 17
0
New glibc for CentOS-6 and CentOS-7 and CVE-2015-7547
On 2/17/2016 8:01 AM, Johnny Hughes wrote: > I normally just let the daily announce post to this list show what is > available for updates, but there is a CVE (CVE-2015-7547) that needs a > bit more attention which will be on today's announce list of updates. > > We released a new glibc yesterday for CentOS-6 and CentOS-7 .. it is > VERY important that all users update to
2016 Feb 17
4
New glibc for CentOS-6 and CentOS-7 and CVE-2015-7547
On 02/17/2016 07:08 AM, Michael H wrote: > On 17/02/16 13:01, Johnny Hughes wrote: >> I normally just let the daily announce post to this list show what >> is available for updates, but there is a CVE (CVE-2015-7547) that >> needs a bit more attention which will be on today's announce list >> of updates. >> >> We released a new glibc yesterday for
2015 Jan 27
3
CVE-2015-0235 - glibc gethostbyname
Saw this on the Exim List:- From: Tony Finch <dot--at-- at dotat.at> Subject: [exim] CVE-2015-0235 - glibc gethostbyname remotely exploitable via exim Date: Tue, 27 Jan 2015 17:33:45 +0000 "The Exim mail server is exploitable remotely if configured to perform extra security checks on the HELO and EHLO commands ("helo_verify_hosts" or "helo_try_verify_hosts"
2014 Sep 10
2
MariaDB repository
My C7 system has mariadb 5.5.37, installed from the Centos repository. The latest version (with a security update is 5.5.39). Mariadb.org has its own repositories, but they don't list Centos 7 as an option. Is anyone using the repository for Centos 6 with Centos 7? See
2016 Oct 17
3
Is bind-9.8.2-0.47.rc1.el6_8.1.x86_64 vulnerable
Hi I'd like to know if the present version of Bind in CentOS 6 (bind-9.8.2-0.47.rc1.el6_8.1.x86_64) is vulerable to CVE-2016-2776. According to https://www.isc.org/downloads/, version 9.8.x is End-of-Life (EOL) as of Sep 2014. Regards ian
2015 Apr 24
6
Centos security update
Hi, I was using CentOS 7 and when I ran some custom commercial security scan on my machine, I found about 122 vulnerabilities. Can you help me on how to get security upgrades on top of my existing CentOS? # cat /etc/redhat-release CentOS Linux release 7.1.1503 (Core) Thanks for the help. -- Thanks & Regards, Venkateswara Rao Dokku.
2014 Dec 20
4
NTP Vulnerability?
I just saw this: https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01 which includes this: " A remote attacker can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to be executed with the privilege level of the ntpd process. All NTP4 releases before 4.2.8 are vulnerable." "This vulnerability is resolved with NTP-stable4.2.8
2016 May 11
4
openssl Security Update for CentOS 6.7 ETA
Hi, Is there an ETA on the openssl security update (CVE-2016-0799) for CentOS 6.7? I saw the openssl update for CentOS 7 on 5/9, eagerly awaiting the same for 6.7. Thanks! -->Pat
2015 Jan 27
4
CVE-2015-0235 - glibc gethostbyname
On Tue, January 27, 2015 1:58 pm, Peter Lawler wrote: > On 28/01/15 04:47, Always Learning wrote: >> >> Saw this on the Exim List:- >> > <SNIP> >> >> I use Exim on C5 and C6 - should I be worried about Exim on C6 ? >> > > upstream references: > https://rhn.redhat.com/errata/RHSA-2015-0092.html When I read this I read that it is fixed in
2016 Oct 24
3
CVE-2016-5195 “DirtyCOW”: Critical Linux Kernel Flaw
On Sat, 22 Oct 2016, Valeri Galtsev wrote: > On Sat, October 22, 2016 7:49 pm, Valeri Galtsev wrote: >> Dear All, >> >> I guess, we all have to urgently apply workaround, following, say, this: >> >> https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtycow-centos-7rhel7cpanelcloudlinux/ >> >> At least those of us who still have important multi user
2012 Jun 14
11
PV privilege escalation - advisory
Hello, we are using 3.4.3 from Gitco.de on 64bit Centos 5.8 and we have PV guests 64bit. According to described security bug we are in danger. What do you suggest? Wait for gitco update or build xen own with patch? Br Peter
2017 Mar 09
2
Firefox for CentOS
On Thu, Mar 9, 2017 at 9:55 AM, Johnny Hughes <johnny at centos.org> wrote: > On 03/09/2017 07:35 AM, Phelps, Matthew wrote: > > On Wed, Mar 8, 2017 at 6:22 PM, Yamaban <foerster at lisas.de> wrote: > > > >> On Wed, 8 Mar 2017 16:56, Johnny Hughes <johnny at ...> wrote: > >> > >>> On 03/08/2017 09:39 AM, Phelps, Matthew wrote: >
2008 Aug 23
3
Lies wide open ...!
Being as a Windows geek tho, I consider Linux as a more powerful server operating system than Windows. When I saw OS comparison at http://www.microsoft.com/windowsserver/compare/linux/server-security.mspx I was shocked! Showed it to a friend and he felt like being brainwashed :D lol. What do you fellows think about this? Thanks. -------------- next part -------------- An HTML attachment was
2016 Jun 02
2
libtdb and BADLOCK (CVE-2016-2118)
Does mitigation of the so-called BADLOCK CVE (CVE-2016-2118) for Samba 3.x imply an upgrade to a non-vulnerable version of the tdb library? If so, can someone point me to any documentation on the tdb vulnerability? Thanks, Sam
2014 May 29
1
CVE-2014-0196 and upgrade of Centos 6
Hi, I have a question about this vulnerability. Could someone please help me which packages i should upgrade in Centos 6 to fix this vulnerability? I don't want to perform upgrade of whole system with "yum upgrade". -- Best Regards, *Alexander Danilov*
2017 Jan 12
1
[Security Advisory] RHSA-2017:0036 Important: kernel security and bug fix update
Any word on this update for CentOS 6? This one seems pretty bad if it's a remote exploit. -- Matt Phelps System Administrator, Computation Facility Harvard - Smithsonian Center for Astrophysics mphelps at cfa.harvard.edu, http://www.cfa.harvard.edu ---------- Forwarded message ---------- From: Red Hat Errata Notifications <errata at redhat.com> Date: Tue, Jan 10, 2017 at 5:19 PM
2016 Oct 25
2
CVE-2016-5195 DirtyCOW : Critical Linux Kernel Flaw
On Tue, Oct 25, 2016 at 2:18 PM, <m.roth at 5-cent.us> wrote: > My manager just told me that upstream has released a patched kernel for 7: > > CentOS package kernel-3.10.0-327.36.3.el7.x86_64.rpm > see http://rhn.redhat.com/errata/RHSA-2016-2098.html > > I'm hoping Johnny can get us that, hopefully before the end of the week. > > mark > >
2012 May 08
2
Equivalent RHEL package for CentOS httpd package?
I'm trying to find out if a particular RedHat patch has been ported to CentOS yet. In particular, this vulnerability: CVE-2011-3607 According to this: https://rhn.redhat.com/errata/RHSA-2012-0323.html it has been patched as of httpd-2.2.3-63.el5_8.1.x86_64.rpm Now, in the latest CentOS repository, I find httpd-2.2.3-63.el5.centos.1.x86_64.rpm Is this the same (or later) release? I suspect
2015 Mar 11
3
Java SSLv3 status on CentOS-6.6
Can anyone inform me as to whether or not Java on CentOS-6.6 still has SSLv3 enabled? And if it does then how is it disabled? -- *** E-Mail is NOT a SECURE channel *** James B. Byrne mailto:ByrneJB at Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1