python security, bug fix, and enhancement update

2.6.6-64.0.1 - Add Oracle Linux distribution in platform.py orabug 21288328 Keshav Sharma 2.6.6-64 - Enable use of deepcopy with instance methods Resolves: rhbz1223037 2.6.6-63 - Since -libs now provide python-ordered dict, added ordereddict dist-info to site-packages Resolves: rhbz1199997 2.6.6-...

Fedora 21 : ufraw-0.21-1.fc21 (2015-8717)

This update contains a fix for a bug which could cause dcraw write past array boundaries. Additionally, it updates ufraw to version 0.21, an upstream bugfix release. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenabl...

Fedora 21 : torque-4.2.10-3.fc21 (2015-8571)

Bugfix - 1215207 create/install service files for these Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 22 : torque-4.2.10-3.fc22 (2015-8544)

Bugfix - 1215207 create/install service files for these Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

SUSE SLES10 Security Update : nfs-utils (SUSE-SU-2013:1668-1)

nfs-utils receives hereby a LTSS roll-up security and bugfix update. - CVE-2013-1923: Allow DNS lookups to be avoided when determining kerberos identity of server. The NFSGSSDAVOIDDNS sysconfig variable must to be set for this to take full effect as some installations could be negatively affected...

Unbreakable Enterprise kernel security and bugfix update

kernel-uek 3.8.13-68.2.2 - crypto: aesni - fix memory usage in GCM decryption Stephan Mueller Orabug: 21077385 CVE-2015-3331 3.8.13-68.2.1 - xen/pciback: Don't disable PCICOMMAND on PCI device reset. Konrad Rzeszutek Wilk Orabug: 20807438 CVE-2015-2150 - xen-blkfront: fix accounting of reqs when...

Fedora 20 : mksh-50f-1.fc20 (2015-6505)

"R50f is a required security and bugfix release : - Add a patch marker for vendor patch versioning to mksh.1 - SECURITY: make unset HISTFILE actually work - Document some more issues with the current history code - Remove some unused code - RCSID-only sync with OpenBSD, for bogus and irrelevant...

Fedora 22 : mksh-50f-1.fc22 (2015-6558)

"R50f is a required security and bugfix release : - Add a patch marker for vendor patch versioning to mksh.1 - SECURITY: make unset HISTFILE actually work - Document some more issues with the current history code - Remove some unused code - RCSID-only sync with OpenBSD, for bogus and irrelevant...

Fedora 21 : varnish-4.0.3-3.fc21 (2015-4079)

This update fixes a bug trigged by a bogus content-length header. Under special circumstances, it could crash a varnishd subthread. New upstream release. A bugfix release. Highlights from the changelog : - 26 reported bugs fixed. - Replaced objects are now expired immediately, instead of kept...

Fedora 22 : varnish-4.0.3-3.fc22 (2015-4063)

Added an update that fixes a bug trigged by a bogus content-length header. Under special circumstances, it could crash a varnishd subthread. New upstream release. A bugfix release. Highlights from the changelog : - 26 reported bugs fixed. - Replaced objects are now expired immediately, instead of...

Unbreakable Enterprise kernel security and bugfix update

kernel-uek 3.8.13-55.1.5 - CIFS Possible null ptr deref in SMB2tcon Steve French Orabug: 20433140 CVE-2014-7145 3.8.13-55.1.4 - net: sctp: fix NULL pointer dereference in af-fromaddrparam on malformed packet Daniel Borkmann Orabug: 20425332 CVE-2014-7841 3.8.13-55.1.3 - ACPI: x2apic entry ignored...

Unbreakable Enterprise kernel security and bugfix update

2.6.39-400.246.2 - net: sctp: fix NULL pointer dereference in af-fromaddrparam on malformed packet Daniel Borkmann Orabug: 20425333 CVE-2014-7841 2.6.39-400.246.1 - sched: Fix possible divide by zero in avgatom calculation Mateusz Guzik Orabug: 20148169 - include/linux/math64.h: add div64ul Alex...

Fedora 21 : openvas-cli-1.3.1-1.fc21 / openvas-manager-5.0.7-1.fc21 / openvas-scanner-4.0.5-1.fc21 (2014-17049)

Bugfix release of Openvas-7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

openSUSE Security Update : libreoffice (openSUSE-SU-2014:1727-1)

This libreoffice update fixes the following security and non secuirty issues : - Fix for CVE-2014-9093 bnc907636. - Fix typo %libdir - %libdir - Remove dangling symlinks from previous versions bnc884942. - Fix build with boost 1.56 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

openSUSE Security Update : pdns-recursor (openSUSE-SU-2014:1685-1)

This pdns-recursor version update fixes the following security issue and non secuirty issues. Update to upstream release 3.6.2. - boo906583: Degraded service through queries to queries to specific domains CVE-2014-8601 - Fixed broken localstatedir Update to upstream release 3.6.1. - gab14b4f:...

[SECURITY] [DLA 94-1] php5 security update

Package : php5 Version : 5.3.3-7+squeeze23 CVE ID : CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 CVE-2014-3710 CVE-2014-3668 Fix bug 68027 - fix date parsing in XMLRPC lib CVE-2014-3669 Fix bug 68044: Integer overflow in unserialize 32-bits only CVE-2014-3670 Fix bug 68113 Heap corruption in...

openSUSE Security Update : sssd (openSUSE-SU-2014:1407-1)

sssd was updated to new upstream release 1.12.2 bugfix release, bnc900159 Changes : - Fixed a regression where the IPA provider did not fetch User Private Groups correctly - An important bug in the GPO access control which resulted in a wrong principal being used, was fixed. - Several new options...

xen: security and bugfix update (important)

XEN was updated to fix security issues and bugs. Security issues fixed: - bnc897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation - bnc895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts - bnc895799 - CVE-2014-7155:...

xen: security and bugfix update (important)

XEN was updated to fix various bugs and security issues. Security issues fixed: - bnc897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation - bnc895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts - bnc895799 - CVE-2014-715...

bash: security and bugfix update (critical)

bash was updated to fix a critical security issue, a minor security issue and bugs: In some circumstances, the shell would evaluate shellcode in environment variables passed at startup time. This allowed code execution by local or remote attackers who could pass environment variables to bash...