CHG000000006261Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-addons-1.5-1.slf6.i386.rpme72165da6c4930a8b967c81a22ab20ee650b2d48074e0f25047c84bc505005a8CHG000000008273In preparation to Kerboros realm upgrade we need to distribute new krb5.conf. This krb5.conf adds three encryption types des3, aes128, aes256 default_tgs_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 des-cbc-crc default_tkt_enctypes = aes256-cts-hmac- sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 des-cbc-crc permitted_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3 -cbc-sha1 des-cbc-crcScientific Linux FermiScientific Linux Fermi 6krb5-fermi-config-5.0-1.noarch.rpm7789a5e78ee830e9fe85e68acb253b0ce36a3ad37d4d18eceee1c6bca0f068e8CHG000000008632None of the applications understand these lines, they are left from the Fermi Kerberos (modified code) days. Now the OpenAFS aklog is called via scripts (distributed in krb5-fermi-base/addons RPM packages) and in the PAM system. * Add these lines to the pam definitions in the [appdefaults] section to disable any use of the obsolete krb524 service (no longer provided): krb4_convert_524 = false krb4_use_as_req = false The absence of these parameters has caused slow logins (or returns from screen locks) on some systems. * Add the SLAC Kerberos definitions to the [realms] section: SLAC.STANFORD.EDU = { kdc = k5auth1.slac.stanford.edu:88 k5auth2.slac.stanford.edu:88 k5auth3.slac.stanford.edu:88 CHG000000008632 master_kdc = k5auth1.slac.stanford.edu:88 admin_server = k5admin.slac.stanford.edu kpasswd_server = k5passwd.slac.stanford.edu default_domain = slac.stanford.edu }Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-krb5.conf-5.1-1.noarch.rpmb4478e9643655bd43ff47cc0c48725573e592d6d6c247229a321eee6ca0c962ekrb5-fermi-getcert-2.2-1.i386.rpmf4022c907a87d6026cf74fd5796da8a136d800b19f8679f2c416eebfac254f6ckrb5-fermi-config-5.1-1.noarch.rpmd524b242736554b2bb51657f990b8441ac2eda04a1f1d9f1ca60adcfec6125a3CHG000000013739[domain_realm] section will be updated. The [domain_realm] section provides a translation from a domain name or hostname to a Kerberos realm name. We need to map pingdev.fnal.gov to FERMI domain. Additionally 38 translations will be removed since these hostnames no longer exist in DNS. [instancemapping] section will be removed, since there is no AFS at Fermilab anymore.Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-config-5.3-1.6.1.noarch.rpm45bf513697d573439f9e8ed99d0694b28f5f31104632c906a676455407d1245ckrb5-fermi-krb5.conf-5.3-1.6.1.noarch.rpm3af1836760ceade7f97ed616cd7257e89af81eeb96934a08123fd0a61525cdf8CHG000000016873Currently the krb5.conf file has SULLY as the first DC and this machine is located in Accelerator Division's server room. As a group, we have decided to move the servers around so that the first server is ELMO, which is located in FCC.Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-krb5.conf-5.4-1.1.noarch.rpma420dcdb61417cddafa7d52d5a1eb994aaa078f316097e7cf5a915cbdac021b7krb5-fermi-config-5.4-1.1.noarch.rpmcac2ce2dc2a325cbac8afd178276cd2c745e67ad81f30b85d9219bca9efebe98CHG000000016874Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-config-5.5-1.noarch.rpm9014eb7ad74684ebabf09a8464db9989bb561139cd497b9b825e0dd9ff0bae75krb5-fermi-krb5.conf-5.5-1.noarch.rpm4de82f88966cb22d714c6ea7bc248a21bd883b788f657fcbdd1b8d6d60b33594CHG000000017316In some instances the /etc/kdc.list entries were not automatically inserted into the correct place within /etc/krb5.confScientific Linux FermiScientific Linux Fermi 6krb5-fermi-config-5.5-2.noarch.rpmf5131ccf50fd9828d170160783a92079c52ffc2a2b0c5c133219d8dd0718dfbckrb5-fermi-krb5.conf-5.5-2.noarch.rpme30f6238343a490bf2298e9295c9de2a56b85cc897f37b92f8db4ff7819c6740CHG3338Pat Riehecky provided (via E-mail) a patch to detect if Firefox is running.Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-getcert-1.2-1.slf6.i386.rpm704b0e74a4d29556494e6448f79260a38dc52967ff5b9d95e0ef47e4630dbdc7CHG3613Some working in installation scripts in the krb5-fermi-config and krb5 -fermi-krb5.conf packages will be corrected as well (messages to displayed to installer).Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-krb5.conf-4.4-1.noarch.rpm46bbf4dbfc10c75b95b68ef3ffabfa1c6f81b730aa8c92fd4657a1b1ac3273a5krb5-fermi-config-4.4-2.noarch.rpmc4a82ca723685a6adab15e1614e5ae7351a382035d73d4403416b3b64d0ee2aeCHG3799Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-getcert-2.0-1.slf6.i386.rpm7ea2785993593b5a2854c5b8b98d8b6ca6be693ed7f18991786e83ac2e927fe4CHG3931Replace new-portal-ticket script with a "stub" since (a) not really needed for its original purpose and (b) the original used telnet which is no longer really used on any SLF systems by default (mostly superseded by SSH for most users)Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-addons-1.3-2.slf6.i386.rpm6b48bd4f61f21a3e22cbe2d944bbccf78e8b2ba78f4d08e26d7b3a62652d1aaeCHG4264Basically this ports the additions made for Linux back to the Mac OS X versions.Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-getcert-2.1-1.slf6.i386.rpmc222b89f630e828b380bc3cbe5bdaa8924621b5fc206715166e0464f110d48a2CHG4780Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-config-4.5-2.noarch.rpm6d82675ae142025c80c564e7b661ae13f7512b658a949b8a5f94ecc3d9804914krb5-fermi-krb5.conf-4.5-1.noarch.rpm3f050a3ad4807ab17ff7a837e2b13912a16aff7d2ae42b7705caa39394b522edCHG5253Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-krb5.conf-4.6-1.noarch.rpma176ef498b2b893d1266183efcbd98169a6e1801d08fa96d31cf02ebf6f552c3krb5-fermi-config-4.6-1.noarch.rpm20e9dcbc8c41d46795f8ebacab61acc7346390070e28a4ba501b08885347cde7CHG6243Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-krb5.conf-4.7-1.noarch.rpm814ca61273522a43526ed01f0bd7dab2f3b90bbf149c39471538f29bc9bfbf82krb5-fermi-config-4.7-1.noarch.rpm4310a3a3cefcdd42bcc3ae8242ed187947c321d285df2c859cde0df0b65aa3aeCRQ1968Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-base-2.1-14.noarch.rpm9cd42aecd45149527a32f62092b566067ecae830ae1915da5290beb05a84dae3CRQ2176Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-config-4.3-1.noarch.rpm4884625ae9856773b2904fc8a095159a6e7da3612e25a45450cd1a82d8ac547akrb5-fermi-krb5.conf-4.3-1.noarch.rpm7d0ed51f29e59aedc967d60fc9ac00fa558497e2f361ab51f8d87fb2c4742339ENHC0001404Scientific Linux FermiScientific Linux Fermi 6python-cups-1.9.72-22.el6.i686.rpm3397bca8296bd39cb5d0847faeba2ad58763fd841769b07da41894a157b0bd7epython-cups-doc-1.9.72-22.el6.noarch.rpm630dc10acd979646404830d81d8fdf6dd893b434772dfbc47f35af43d26c0a5bENHC0001587Scientific Linux FermiScientific Linux Fermi 6krb5-fermi-krb5.conf-5.0a-1.noarch.rpm6d9007d5f24f8b2fef896fae64e21e77f71158a18855aa86f6eb710b45fded8dkrb5-fermi-base-2.2-2.noarch.rpm9fb69b0bf7f8bc3c13c55cd83859f9c08d1c9fe4f1280bb2f4efcecc9849cd8akrb5-fermi-config-5.0a-1.noarch.rpme4128edefc6db8db670bf54a0ce8078fcef1c109b98190253e1f06be076d6e97krb5-fermi-addons-1.4-1.slf6.i386.rpm7cab2644ed9981a3ab6fad57514d5622c98b5b666d2fed8a4daef6efe0d326f7ENHC0001977This enhancement includes: - Compatibility with EL7 - Proxy support for client reporting - Matlab detectionScientific Linux FermiScientific Linux Fermi 6ocsinventory-fermi-0.9.9-22.noarch.rpm089e71f56eed346279bcfb565cdc7083f532c6113823dda49c077fa9dd202908ENHC0002013Provides the Fermilab krb5.confScientific Linux FermiScientific Linux Fermi 6krb5-fermi-krb5.conf-5.2-1.noarch.rpm8e188bb4bb4f30b450a60b8a71f70996277538c2b0f9d228f143968f87923d73krb5-fermi-config-5.2-1.noarch.rpm3a56b95a976fcf5a608fa94352dfdba81acdc1bc7c900dcdcc65b2724fae6f3fENHC0002481fermilab-util_kx509 contains a kx509 command which gets an X.509 certificate for Fermilab using cigetcert with kerberos authentication.Scientific Linux FermiScientific Linux Fermi 6cigetcert-1.0-1.el6.noarch.rpm03ceb4615ca20bc0620221e14b8f94db6f3715171e50fe738b60134853768661fermilab-util_kx509-3.1-1.el6.noarch.rpm142204fb01f6271b15224bc0a71e2c98a0f38a5006692229ff70c211f487cf08ENHC0002659Update cigetcert to version 1.2Scientific Linux FermiScientific Linux Fermi 6cigetcert-1.2-1.el6.noarch.rpmee75f5521d601f067de7f182fd994e0c775b76bd61cb2b1d839ebdccc821fec7ENHC0002852Scientific Linux FermiScientific Linux Fermi 6cigetcert-1.16-1.el6.noarch.rpm423334be9e3e512dd23864310a2da825177e464584119b34e8f9249152b85526ENHC0002973The wrapper script of cigetcert to unsets more variables such as PYTHONHOME, in response to a user bug report.Scientific Linux FermiScientific Linux Fermi 6cigetcert-1.16-2.el6.noarch.rpmbe82c4e090f65882fb35d8d138968e1335fed049e5fe941e8458f9ebf3244611ENHC0003766Scientific Linux FermiScientific Linux Fermi 6kmod-openafs-754-1.6.22.3-286.sl6.754.i686.rpmf7c3d82a64eddaabf9c98ac7d791ab6c61b46eeaedf4e14e2315cd948d99495ckmod-openafs-1.6.22.3-1.SL610.el6.noarch.rpm2acf39e723919085e97abdd00b5c8c8a6b67fffa13ca88b7d78f549ab6ce3dbcENHC0004153Authentication Services operates a non-accredited CA that is integrated with the FERMI and SERVICES domains.Scientific Linux FermiScientific Linux Fermi 6fermilab-conf_ca-certs-2019.01-2.sl6.noarch.rpmc08eac2053aaaa2ce047f54b41c6615bfbb67247fd0251000eaac3a90d66121cOPENAFS-SA-2015-007This release fixes the high impact security vulnerability named "Tattletale" The packet paylod of Rx ACK packets is not fully initialized, leaking plaintext from packets previously processed.criticalScientific Linux FermiScientific Linux Fermi 6openafs-krb5-1.6.14-219.sl6.i686.rpmf6bb931db552e502ebeb438060a0136532d0fc982cdceb809710af37d4c3731bopenafs-authlibs-devel-1.6.14-219.sl6.i686.rpmcc285b599f2500e51975adb9b36ad2b1ce5fd2375f026d6d38eb6e89f3b2d454openafs-server-1.6.14-219.sl6.i686.rpm82e8f115b20d47526acd8629168cc73c16032be746da40c239b1613782b4a2a9openafs-compat-1.6.14-219.sl6.i686.rpme6a23bee270de854e9c2ce6db9f030b6a2659ac8485fffd6d224bd2068892c1fopenafs-1.6.14-219.sl6.i686.rpmcc014d3865e25eb11c5255a4f5fb4dea44dcb2b3ae9fe5dfbfa2150e9f2389afopenafs-client-1.6.14-219.sl6.i686.rpm15d2f4fd3cad2a3aa03aad5b44144ad209369cf05ffe8958a697fcec762a3b2eopenafs-devel-1.6.14-219.sl6.i686.rpm8bcbcdad7c747f80125ea563fb0a8e113ab3e68dd2069608a15390bc527cffcbopenafs-authlibs-1.6.14-219.sl6.i686.rpma70ca5e4350f428259cbe2629de2239d4d74c7bb9952c6a5ded1ec43a9818a04openafs-kernel-source-1.6.14-219.sl6.i686.rpm0a8e14a176738fc94166399d5226eeca76e0d78b2d0d98bfd902d54462e740e2openafs-module-tools-1.6.14-219.sl6.i686.rpmd6d9f21fa37996960f0bd4df568518681c045961c283b16ed72cd06e3c6a5bdbopenafs-plumbing-tools-1.6.14-219.sl6.i686.rpm3372f69b0c65f07ff3dcc17e3576df973c7476def0289c502454a49da9e87fecopenafs-kpasswd-1.6.14-219.sl6.i686.rpmfcb5d581e6673cc42033a96ee10f772fa7e0d38a55ed6aed5ae9f47fec23a146kmod-openafs-573-1.6.14-219.sl6.573.3.1.i686.rpme2fba81c7371bb0ad3e9a1b25fa89df794a15ba2e1644d9be98782e21658a92fOPENAFS-SA-2016-001-002This release fixes the vulnerabilities tracked as OPENAFS-SA-2016-001 and OPENAFS-SA-2016-002. OPENAFS-SA-2016-001 (CVE-2016-2860): Users from foreign Kerberos realms can create groups as if they were administrators. OPENAFS-SA-2016-002: Information leakage over the network due to uninitialized memory.criticalScientific Linux FermiScientific Linux Fermi 6openafs-kernel-source-1.6.17-234.sl6.i686.rpm3cdbe9d021586fc52f08e41b2c5823ecb1c821263b118d9bd6d6abfcad2cffa4openafs-server-1.6.17-234.sl6.i686.rpma8152ab49f09e5111c6da1af5a2c825be601452b32933fb761d5194991f6ec9dopenafs-kpasswd-1.6.17-234.sl6.i686.rpm295480a000f8b8d60b37bf1ca6be8fcc3319503442a8ccd740b8f23b752ea4eekmod-openafs-573-1.6.17-234.sl6.573.12.1.i686.rpmebd558d0b4ee1225489517530bc895eac69371f6962f88be4cd9de1bf2840fc9kmod-openafs-642-1.6.17-234.sl6.642.i686.rpma602c05c981b77b749b3bfa83ac141395fbbb4dc325e60d9c884f8c9f001d643openafs-krb5-1.6.17-234.sl6.i686.rpm2e9226bd7f40962eddd370452d9e5ef2943d0b7afa448f83f0192acf8fa8c619openafs-1.6.17-234.sl6.i686.rpmea3a7a4ec1faba1292b664a985dc548e4a4c09414628af5d4c129a76e7e805b3openafs-client-1.6.17-234.sl6.i686.rpm1a5d3b00916abedd3e8fb5b07e2430d09b171897fe755a0a6b8c74a050f76eeeopenafs-compat-1.6.17-234.sl6.i686.rpm4f410f4f3cd82518022d5437a2145e9e556b6f07c1f002bedde634897c989d01openafs-plumbing-tools-1.6.17-234.sl6.i686.rpmcc438de54a3f01bfa30e92908c6c506738261b12dd5977f2c557ea3ed828ff11openafs-module-tools-1.6.17-234.sl6.i686.rpma92be02e077fabaa126ef040542869dd5fc56f858691e900f3b1384a93dc28efopenafs-authlibs-devel-1.6.17-234.sl6.i686.rpm43c5ad98807c8911ff495583cd3ade13b2b91b69b78ec56ab5eb9c8cfd849fc7openafs-authlibs-1.6.17-234.sl6.i686.rpm2e5751b97d3c4aabf8f3eb69356d80b56a4258a1c9dff87cbc28667c626402c6openafs-devel-1.6.17-234.sl6.i686.rpmf50360882f0f71428fcf3d28ec37aaaf3864b0bdea9a0d0dbed64c20da65a4e7OPENAFS-SA-2016-003Security Fix(es): There are three different kinds of “dead” residual directory entry leaks, each with a different cause: 1. There may be partial name data after the null terminator in a live directory entry. This happens when a previously used directory entry becomes free, then is reused for a directory entry with a shorter name. 2. “Dead” directory entries are left uncleared after an object is deleted or renamed. 3. Residual directory entries may be inadvertently picked up when a new directory is created or an existing directory is extended by a 2kiB page. This happens because the fileserver shares a buffer pool for directories of all AFS users, but does not clear each buffer upon reuse. This is the most severe problem because the leaked information may be from other directories or volumes for which the AFS user is not authorized.moderateScientific Linux FermiScientific Linux Fermi 6openafs-1.6.20-256.sl6.i686.rpmbd92fa388ed9fb4f240322617fdb1ce13612cd29feecb483e7a32eba61d35f46openafs-authlibs-devel-1.6.20-256.sl6.i686.rpm2a7774841d0be39778441fdd728da509f5babbf2cb27114cd457b910f3c66c2dopenafs-kernel-source-1.6.20-256.sl6.i686.rpm45877149f78c446854b995127978426737b0d57cde8d52500cca6bcd507f9482openafs-compat-1.6.20-256.sl6.i686.rpm3f12685e1d452a6f82569384253bad2355da8710ef2ca50d5c046811c40162d6openafs-authlibs-1.6.20-256.sl6.i686.rpm1a287e6e6aa628f598c0e3d0b659d314187bae4ce84d102084159ce933168172openafs-kpasswd-1.6.20-256.sl6.i686.rpm8f0e40b321279c0514c1258830057d5a873e58010a21513c8c3f61e2a4a87d30openafs-devel-1.6.20-256.sl6.i686.rpm5158f1667e19f43da5baee50c46317ff9fdafff0fe11302596916156799e6c20openafs-client-1.6.20-256.sl6.i686.rpm91a09e2fcb88792ae18c4aa0922587650a48ee4e81083e27aebf4f3332f73930kmod-openafs-642-1.6.20-256.sl6.642.6.2.i686.rpmecce29747c685e9fed37b040200a5382b1df7c1d5cce3cbeda62ac11cfbd42e1openafs-krb5-1.6.20-256.sl6.i686.rpm9de12d4ab7aab6ebbc04acc52668949b413a4fa06594cbf1b238f725e8acc757openafs-module-tools-1.6.20-256.sl6.i686.rpm4c2b7e6e9e1f3cfd5d3b186bc133c8b42f19f0fb3351ee6b6a68d4b53e5ee058openafs-plumbing-tools-1.6.20-256.sl6.i686.rpm14e47b9d9545bf35d3c5da1d42c4131611bb8eccbad190498d0ec45263aeda71openafs-server-1.6.20-256.sl6.i686.rpmdf3ffd739b134ddb09e235a21f234e0afaf323b60d037e8d1003507f2e516d78OPENAFS-SA-2017-001Security Fix(es): * Certain values transmitted in RX ACK packets were not sanity checked by OpenAFS receiving peers, which could lead to an assertion being triggered during construction of outgoing packets on the same connection, resulting in server process crashes or client kernel panics.importantScientific Linux FermiScientific Linux Fermi 6openafs-client-1.6.20-257.sl6.i686.rpm888414f0036675b95ab5aad5a7a8ce5e99622534c28d0ab63aeb8986415c1501openafs-authlibs-1.6.20-257.sl6.i686.rpm1bd7a401b4ddb198a3e1abab19482a27233593e8446f685e6d8b1a9d46b95542kmod-openafs-696-1.6.20-257.sl6.696.i686.rpmaebd122bb5c3cf1d917256d42199becff9561b0a65fb1c82585aa8eed01d58bdopenafs-module-tools-1.6.20-257.sl6.i686.rpmeacdc46e8ca8127dec2d873fa4a49da91501d2a9dfaa4f5ffed59f7ca9c36889openafs-authlibs-devel-1.6.20-257.sl6.i686.rpm914ddb90c7b6122b98fb835a36a1f5cc6c1e75b54ce49c02cae19159389a56cdopenafs-devel-1.6.20-257.sl6.i686.rpm79579aa0d38fe6d84ed615bf61796ada7e5f59b8904f449326e75bac78d179d2openafs-1.6.20-257.sl6.i686.rpm522126e8802aed2787821e6bed71ff3843301d96ebb2c1ad982e9b89f53dc696openafs-kernel-source-1.6.20-257.sl6.i686.rpm677ecee9b44924da34913037bd5375867267ab816d9f6c33fa6f5ade766e2459openafs-server-1.6.20-257.sl6.i686.rpm71a169723b327e61a356afebac8c0216bf8b3dd4c4d2e711aed9b6707356c808openafs-plumbing-tools-1.6.20-257.sl6.i686.rpm570e2ae41411535165f1345e04d3d81aa09dbfa58efe6450f16281dbbc029ab9openafs-krb5-1.6.20-257.sl6.i686.rpme4a791a2d53324b071317eeb52dd05c1c0504c41ae183b67dbfd3c273f6b8e49openafs-kpasswd-1.6.20-257.sl6.i686.rpm88b7cf09746c753cf3ed5e441fa1b9d9d7eb5b765aeeb4d10f76471c9453490fopenafs-compat-1.6.20-257.sl6.i686.rpma6807ac07961497f6161398d817447518a05fab6b62062f78f5f63c50ed74862OPENAFS-SA-2018-001:2:3These releases include fixes for three security advisories, OPENAFS-SA-2018-001, OPENAFS-SA-2018-002, and OPENAFS-SA-2018-003. OPENAFS-SA-2018-001 only affects deployments that run the 'butc' utility as part of the in-tree backup system, but is of high severity for those sites which are affected -- an anonymous attacker could replace entire volumes with attacker-controlled contents. OPENAFS-SA-2018-002 is for information leakage over the network via uninitialized RPC output variables. A number of RPCs are affected, some of which require the caller to be authenticated, but in some cases hundreds of bytes of data can be leaked per call. Of note is that cache managers are also subject to (kernel) memory leakage via AFSCB_ RPCs. OPENAFS-SA-2018-003 is a denial of service whereby anonymous attackers can cause server processes to consume large quantities of memory for a sustained period of time. The changes to fix OPENAFS-SA-2018-001 require behavior change in both butc(8) and backup(8) to use authenticated connections; old and new versions of these utilities will not interoperate absent specific configuration of the new tool to use the old (insecure) behavior. These changes also are expected to cause backup(8)'s interactive mode to be limited to only butc connections requiring (or not requiring) authentication within a given interactive session, based on the initial arguments selected.moderateScientific Linux FermiScientific Linux Fermi 6openafs-authlibs-1.6.23-289.sl6.i686.rpm3b783270c6a8a50f544f5270a1b7ae809354ba0a56c2cfd17e2d0eec9d78c0bfopenafs-plumbing-tools-1.6.23-289.sl6.i686.rpm7a8e8fcbe4ab94497e0086db4edd7e12e6a1a0185779e14bb8bcc3cd0c698525openafs-devel-1.6.23-289.sl6.i686.rpmdc8f3f044a9de4e3a4046ccb055ffc92e9b633ecd8d3285992ee9895b725a806openafs-module-tools-1.6.23-289.sl6.i686.rpmdff95f310dcca400e1e7f8b6ca832d53132c88d7db56fd40ddf2259ccea35dffopenafs-client-1.6.23-289.sl6.i686.rpm3b263772cd504189257f5b5342deaba3b3ed24a7f6275be116b28bfa0182c52eopenafs-1.6.23-289.sl6.i686.rpmeea6a33ab3f6fcae8dd4cc823f7604933eae13432bcc29c1c6f6bf41777b9647openafs-compat-1.6.23-289.sl6.i686.rpm603d2670599485e838f984f51d93c0ebf5886c23d2bb2c35775f35b79e709c06openafs-authlibs-devel-1.6.23-289.sl6.i686.rpmc5a506e3c5b84f45999986ff625b24ba7383efc42a791fb8a80c8a7d310d2999kmod-openafs-754-1.6.23-289.sl6.754.3.5.i686.rpm0d1e1c93acb3b84d24c0512577bcf65732757b96ecce21967d2722ed9969d21dopenafs-krb5-1.6.23-289.sl6.i686.rpmd3566565060384c0c4de2f26d66d5107b9813381192258ca3b8d3e2f6146fc26openafs-kpasswd-1.6.23-289.sl6.i686.rpmcad75d48fc6a606bac2e2def7f6578b9836b8aabb8f826cf6fa1b65e59b012abopenafs-server-1.6.23-289.sl6.i686.rpmfd347282cda817cee871713c7f27139e26b98b2cf5a25157133a01d8de5e2dd9openafs-kernel-source-1.6.23-289.sl6.i686.rpm88c8bd96f451347aee4bfdf7c651cfa14ae8ff4826ae35fbd723d09a1bd89ec6RITM0088723Scientific Linux FermiScientific Linux Fermi 6zz_ntp_configure-4.2.6-6.slf.noarch.rpm95ffe61cafe03991932a13161cf856fe3cd50c2fca7e8133a3a11591536bc622RITM0096493Scientific Linux FermiScientific Linux Fermi 6zz_ntp_configure-4.2.6-7.slf6.noarch.rpmdd38bd3ac37b276e3e9d9428bb58d9ed9e588df548e2e30a96c31839cba28d41RITM0891205Security Fixes: * Fix OPENAFS-SA-2019-001: information leakage in failed RPC output Generated RPC handler routines ran output variables through XDR encoding even when the call had failed and would shortly be aborted (and for which uninitialized output variables is common); any complete packets assembled in the process would be sent to the peer, leaking the contents of the uninitialized memory in question. * Fix OPENAFS-SA-2019-002: information leakage from uninitialized scalars Generated RPC handler routines did not initialize output variables of scalar (fixed-length) type, since they did not require dedicated logic to free. Such variables allocated on the stack could remain uninitialized in some cases (including those affected by OPENAFS-SA-2019-001), and the contents of uninitialized memory would be returned to the peer.importantScientific Linux FermiScientific Linux Fermi 6openafs-devel-1.6.24-290.sl6.i686.rpm27c3ba44661b415b3b678824e518075225a798a58a4cdf2b159310745f9a0380openafs-1.6.24-290.sl6.i686.rpm45c44a28c3759bb534b76e7082ff50099a8fe4815f7a79dddcbc38e2e502dbc7openafs-client-1.6.24-290.sl6.i686.rpm110b6df56bfd875af80024f30392d7f20204941962da01f53bdb0eff27ebb00bopenafs-authlibs-1.6.24-290.sl6.i686.rpm3ef41e809ea7df3e25e1d77f3c68fdfac3f92ee9054d17021f0ac2b254f37d82openafs-kernel-source-1.6.24-290.sl6.i686.rpm8eee0296180ba5e69073187ca8b89b9e00e190c46df10b7af8aa46b8fba79d2dopenafs-kpasswd-1.6.24-290.sl6.i686.rpmd5d45f52ab7c25fcece779c74ff045dab6bc4bb66756d1e5eeac2de097fcc8c2openafs-server-1.6.24-290.sl6.i686.rpm7dafd0f4af181dfb3a5f120bb55c8e155c9da79c4770382937587d0e123ed11eopenafs-krb5-1.6.24-290.sl6.i686.rpm6c473c28bcb1ccc9b3afc09669ae1df2e3d69a8a90868ba2bf7a5b98a55ae0b8openafs-plumbing-tools-1.6.24-290.sl6.i686.rpmb0c9ef40c73648cc448c087f18a1b7ba71084a103333b10a9b335ea7fe8a6506openafs-module-tools-1.6.24-290.sl6.i686.rpmfd1ee25cc110d1dc290c6ef2d7b857625beb3a981e9156a1af399ef318ef47c3openafs-compat-1.6.24-290.sl6.i686.rpmf59e9895af3f6a7a3d4bd1967899463517469759041f76d00b5c39ddffad1bffopenafs-authlibs-devel-1.6.24-290.sl6.i686.rpm54ba766d659e98361a2b16ac66d63c2f388d1f53e6782a117a5c765ea29e2dafkmod-openafs-754-1.6.24-290.sl6.754.23.1.i686.rpm41e199bbd199176515d412e05f24930e7a0de6c2e045906c8effb780eb3ce955SL6.0:xorg-x11-docsProtocol and other technical documentation for the X.Org X11 X Window System implementation.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-docs-1.3-6.1.el6.noarch.rpm6476f96eb1fedcb07ee0cb77566ccc7ada134c82dea23ce963f8ad287d47b731SL6.3:openafs:securityBy carefully crafting an ACL entry an attacker may overflow fixed length buffers within the OpenAFS fileserver, crashing the fileserver, and potentially permitting the execution of arbitrary code. To perform the exploit, the attacker must already have permissions to create ACLs on the fileserver in question. Once such an ACL is present on a fileserver, client utilities such as "fs" which manipulate ACLs, may be crashed when they attempt to read or modify the ACL.(CVE-2013-1794) The ptserver accepts a list of unbounded size from the IdToName RPC. The length of this list is then used to determine the size of a number of other internal data structures. If the length is sufficiently large then we may hit an integer overflow when calculating the size to pass to malloc, and allocate data structures of insufficient length, allowing heap memory to be overwritten. This may allow an unauthenticated attacker to crash an OpenAFS ptserver. (CVE-2013-1795)criticalScientific Linux FermiScientific Linux Fermi 6openafs-server-1.6.1-114.sl6.i686.rpm2fa80ffa6cc771489de766088c4724374ab2b8ce1a900d3ffb6099e3a9056e30openafs-compat-1.6.1-114.sl6.i686.rpm3fe3669c7f88878bdb52ec6c6f5e3ca40f8a9e8cfe493d0e95d0c7268d23beffopenafs-authlibs-1.6.1-114.sl6.i686.rpm2ca8e66cffccce22d06405383975d03e6603bb24ac18e0188fd09f383cffc5e6openafs-krb5-1.6.1-114.sl6.i686.rpm6a23c8e9d5b4bca1fa0f06c43b9bc8dc3e465e445c66b1c3673263f6c75f174dopenafs-1.6.1-114.sl6.i686.rpm8679b05906ae6920fa4e7312acbb0aaf17f7251ffc30d3ddffb250cf1256a2aaopenafs-kernel-source-1.6.1-114.sl6.i686.rpm076f129f457066107b6b729d24b8baf39f95c4fe802a470996a94deaefcb4b41openafs-devel-1.6.1-114.sl6.i686.rpm4a5fe8af63d0eac2ca8a368e0d7e3e7ab4ca063702201a564aed3384ae3b2118openafs-kpasswd-1.6.1-114.sl6.i686.rpm776c59fcde2bdc5025cdc4bc5a98069a95563c3b0f6e5b3c46e796cb6932f1a6kmod-openafs-1.6.1-114.sl6.71.i686.rpm5df404ab76d1fa83dcba0bbfd9a5a8ddbe661e488b68318d087f73670125c003openafs-authlibs-devel-1.6.1-114.sl6.i686.rpm6ae59ea646993ccc271c2adf99078bcbf9730698faea5afa09baa2ceb538678fopenafs-client-1.6.1-114.sl6.i686.rpmfc7930b307ef0d0289da1ad6d1d4fd2c64279ce405a04368c587952c549389cbopenafs-plumbing-tools-1.6.1-114.sl6.i686.rpm8f99a5ff13deffbedfe1d936d146720d4aa52827b23bbee229fdcc1a78638e75SL6.4:kmod-openafs-1Now each minor rev of the kernel gets its own kmod in hopes of avoiding odd behavior when switching between versions.Scientific Linux FermitrueScientific Linux Fermi 6kmod-openafs-1.6.2-4.SL64.el6.noarch.rpm7564621aad363fa0dd69b7234abe07273725be171e14d5e8918eef614efe3579kmod-openafs-279-1.6.2-0.144.sl6.279.i686.rpmeb1fa66c9bdee853c0c6efe052abb1c8c3626c8cb218533661682adf52209b02kmod-openafs-358-1.6.2-0.144.sl6.358.0.1.i686.rpmcdb42abd181b47f876ede238c8370dadb416e31e1c4cb41d9d23ff9fffd029fdopenafs-module-tools-1.6.2-0.144.sl6.i686.rpmbbbd8730f85fcc007237e473054cbcee979cbbff8b2811567c55221d43b5857aSL6.4:kmod-openafs:bugfix-1Scientific Linux FermiScientific Linux Fermi 6kmod-openafs-1.6.2-5.SL64.el6.noarch.rpm762f4dd839a9485db16ab81c37240791b52b1aa415d521b91f6fa08a1f7a090eSL6.5:openafsScientific Linux FermiScientific Linux Fermi 6kmod-openafs-431-1.6.5.1-147.sl6.431.i686.rpm5adc3b1747a3421a335d6d9ac4503cf1e54c5e59fdd6e25229d9ca5aa9a78efdkmod-openafs-1.6.5.1-1.SL65.el6.noarch.rpme172f450aa8ef91732ce07f8473f6d55bdc879ec90141dab78566cc7aa339551SL6.5:openafs:securityAn attacker with the ability to connect to an OpenAFS fileserver can trigger a buffer overflow, crashing the server. The GetStatistics64 remote procedure call (RPC) was introduced in OpenAFS 1.4.8 as part of the support for fileserver partitions larger than 2 TiB. The GetStatistics64 RPC is used by remote administrative programs to retrieve statistical information about fileservers. The GetStatistics64 RPC requests do not require authentication. A bug has been discovered in the GetStatistics64 RPC which can trigger a fileserver crash. The version argument of the GetStatistics64 RPC is used to determine how much memory is allocated for the RPC reply. However the range of this argument is not validated, allowing an attacker to cause insufficient memory to be allocated for the statistical information reply buffer. Clients are not affected.moderateScientific Linux FermiScientific Linux Fermi 6openafs-1.6.5.1-148.sl6.i686.rpm2e1eb5d610ca2b831175e14c4e08b6baa44b81b805ced2dbd5989eda943c946aopenafs-kernel-source-1.6.5.1-148.sl6.i686.rpmec56e8edcc31db5566eab881c68e08a4f1ddc0eed3ff15d0eafe9b764db3e8b7openafs-compat-1.6.5.1-148.sl6.i686.rpmc2b24c6b66c7301200cbd5e12434738f1e331cc01c4b3e99b745872b5320fc88openafs-authlibs-1.6.5.1-148.sl6.i686.rpmb2724a3aa0d869e4e862ee9d157dada24745cfb04156a128d25f335853a216e1openafs-plumbing-tools-1.6.5.1-148.sl6.i686.rpm0b135ca24ee46ce07d35ae6c1ce5c72cea4a53b19eafa9b73bb8e7bd5a8224c6openafs-authlibs-devel-1.6.5.1-148.sl6.i686.rpm56babae07af92d1a4b1a451f679bc302f68b7f21719749cf50502338908f09a7openafs-client-1.6.5.1-148.sl6.i686.rpm0cbaa936a004187318b0ba95153c0a9339d9994d25969ef8ccf1c39de0c1c0daopenafs-server-1.6.5.1-148.sl6.i686.rpmff8b523134c24111e8a83cf754daf07a1eaa30671c4e727f4f4df5e445080e8ekmod-openafs-431-1.6.5.1-149.sl6.431.11.2.i686.rpmcdfada32ee2cd9e58ff11df1fc9b51d647fa51a1656c5399245a7a6d9dc05c9fkmod-openafs-431-1.6.5.1-148.sl6.431.11.2.i686.rpm88b450df34abefbf83e52294fef35ab7bfddb9e47fd7c8debeaca784c8a96ab2openafs-module-tools-1.6.5.1-148.sl6.i686.rpma32570ee14aade3f7dd75ade59c01d8ae3203543a7a7cc120d7c5dcde1ee1754openafs-devel-1.6.5.1-148.sl6.i686.rpm240d574b9f3492c230ef00002d052c7c1e8a2b3a50c457c2fa76252f426594e1openafs-kpasswd-1.6.5.1-148.sl6.i686.rpmda845f6376d6057cc7da0ebe053f973f0476c274535392c25e2e35ccdc6573fbopenafs-krb5-1.6.5.1-148.sl6.i686.rpmccfde39f79cb6bffb31ee98155f00a14caf94e2b57d9d62a5def8df12cdf68ddSL6.5:sl-indexhtml-1Scientific Linux FermiScientific Linux Fermi 6sl-indexhtml-6-6.5.sl6.1.noarch.rpm220c02529557ddbbf5a571381c9157e1ee985ce7f1ae03f4ab91332162325df9SL6.6:openafsScientific Linux FermiScientific Linux Fermi 6openafs-1.6.10-153.sl6.i686.rpme63d49d0fae13e952b885fc59c47fe87b3a7a48404498b1d0c8912e0a555e82ckmod-openafs-504-1.6.10-153.sl6.504.i686.rpmeaad6f7d2de76da2d2a9646b8174534be527d982fc488ecebd09cf9fb926b945openafs-authlibs-1.6.10-153.sl6.i686.rpmd344f4caf334ae27de86dd2e131b02eef15ab9aa93100e25a716996623ea6852openafs-kpasswd-1.6.10-153.sl6.i686.rpm1149a4d05d6cd43fdb9f3ea94f11890091e7892c9f75a69ad52b5916834d276fopenafs-compat-1.6.10-153.sl6.i686.rpm5289363ec0e7d25d38d8a4e2d49049be088f434b498651cbdede77966df1a71ekmod-openafs-1.6.10-1.SL66.el6.noarch.rpm5fa61d5604017748ba203bf1d4ec1fe46a29194190ff8411a1aafed894b24457openafs-kernel-source-1.6.10-153.sl6.i686.rpmf486ca49b7541bdec85007ca8a987c8424b7d0d45ce390a08cf6e9cdfd6e9ac0openafs-client-1.6.10-153.sl6.i686.rpm4f3252a3a632ee1f82abaad6a6c0bc46db575c207441e9962970622639f9bb17openafs-devel-1.6.10-153.sl6.i686.rpm92fdbddd8c1886883925c097b6f5dd6d376a997d7e68bbf9867a4d6ba6798a98openafs-module-tools-1.6.10-153.sl6.i686.rpm908eeb5978cd90ff03f6fd3ccc465f752cf7681ac50b7bf54fbcd1977de92671openafs-plumbing-tools-1.6.10-153.sl6.i686.rpm7e0ffef3a5b8806bf7f024f13b06cd1e264a913231643abe51cbc3bea5114966openafs-krb5-1.6.10-153.sl6.i686.rpm95970114fdb31fce565b2c8991a8b57104a8efbd1578e4f8d16017541cbb8976openafs-server-1.6.10-153.sl6.i686.rpmff712fd9957bd2512312db3ecdad75756aecda11f0176112fb141ae81b0eb09copenafs-authlibs-devel-1.6.10-153.sl6.i686.rpm72393aff3d0550f20fc68a39a51b956e197c53db6e09dc59a989cedb81c11edfSL:openafs-1.6.13:securityAll server platforms * Fix for CVE-2015-3282: vos leaks stack data onto the wire in the clear when creating vldb entries * Workaround for CVE-2015-3283: bos commands can be spoofed, including some which alter server state * Disabled searching the VLDB by volume name regular expression to avoid possible buffer overruns in the volume location server All client platforms * Fix for CVE-2015-3284: pioctls leak kernel memory * Fix for CVE-2015-3285: kernel pioctl support for OSD command passing can trigger a panicScientific Linux FermitrueScientific Linux Fermi 6openafs-authlibs-devel-1.6.13-215.sl6.i686.rpm4ffbf81711ff8a12ed38c8ab562cf2e2ae6830f1ea006babc9fa90093f303371openafs-1.6.13-215.sl6.i686.rpma0c5cad67ae890685c28cfac4612578c45d2d88650ea4493fa690e2cf6021fa3openafs-kpasswd-1.6.13-215.sl6.i686.rpm286063c2c51be8290350a7b81d3b1fee59d1a7579ce2a03be962ad2ee949d6f1openafs-client-1.6.13-215.sl6.i686.rpm219fa854aa79f129c148563239397b880e822da2bfd14eb686403039eff412c1openafs-authlibs-1.6.13-215.sl6.i686.rpmef40ac0638d705b82286088dc79201b325ec9452d1c8ea44bfaf0cfac6974567kmod-openafs-504-1.6.13-215.sl6.504.i686.rpmdad1cda98baad01dd60d0460e43b245aea3453c2b68769100252ff3ffb0ea4f7openafs-plumbing-tools-1.6.13-215.sl6.i686.rpmca8632925badcabb808f7c206c4bf0885571d314e5eb0497aec3ec7aa888c876openafs-module-tools-1.6.13-215.sl6.i686.rpm18a1f3dd47aa745550bdd1a04c8b3652790df9b72dedca10a0ac5d65a02784ebopenafs-devel-1.6.13-215.sl6.i686.rpm928a9625c29694b1caac3166c77680c7973bf06d5d67e94fee44fbc1378f5b05openafs-kernel-source-1.6.13-215.sl6.i686.rpm0bb49386a87a9addbfc224793de62d0bb78ec6ad8c556a7d786caf2aecafbc59openafs-server-1.6.13-215.sl6.i686.rpm130debdfc2c1978ae377fbb5049199af97b25afe191f20769184577c5021d791openafs-krb5-1.6.13-215.sl6.i686.rpm1ec54eb9e4cea75c7d2d2e864bf6f5810d600228c51af438516019acdd8a4f1eopenafs-compat-1.6.13-215.sl6.i686.rpm1d1b3488405768557a6b7d465fa35f671bb9633f68163fa1719da26f83baa3f4SL:sl-index:ff38-1Scientific Linux FermiScientific Linux Fermi 6sl-indexhtml-6-6.6.sl6.noarch.rpm991fea511ad5e7aa6379fef7bf2b9e612c67797aec2927fcbdb3491f4678d1faSLBA-2011:0529-1This update fixes the following bugs: * The perl-Mozilla-LDAP package has been upgraded to upstream version 1.5.3, which provides a number of bug fixes over the previous version. * Previously, the Mozilla Perl LDAP SDK was a wrapper around the Mozilla C LDAP SDK (mozldap). Now that mozldap has been dropped from SL 6, in order to support legacy applications that still use the Mozilla Perl LDAP SDK, it has been ported to use OpenLDAP instead of mozldap. Applications that use the Mozilla Perl LDAP SDK should not notice any difference between the versions that use mozldap and the new one that uses OpenLDAP. perl-Mozilla-LDAP package, which fixes these bugs.Scientific Linux FermiScientific Linux Fermi 6perl-Mozilla-LDAP-1.5.3-4.el6.i686.rpmf3b3b1ceed18831b51134de4cc6367e78de9f4ccc70b327374691423fcd3fbb7SLBA-2011:0570-1This update includes a number of bug fixesScientific Linux FermiScientific Linux Fermi 6certmonger-0.42-1.el6.i686.rpm105bd30b740ef86f8fe299329997abb4ce024ec791bd510405cf993f6a730c07SLBA-2011:0584-1These updated packages contain a number of bug fixes and enhancements, which are documented in detail in the Technical Notes, linked in the References.Scientific Linux FermiScientific Linux Fermi 6glibc-devel-2.12-1.25.el6.i686.rpm48cf3b97217e0eb6fa386f223d142533bf457265bcd5f1f977b69da8c27b8e1cglibc-static-2.12-1.25.el6.i686.rpmf9afff83004d7177d5bf2277262c41ab0b6e2f1f5b9bb9f0db5af6799ef6b76dSLBA-2011:0607-1This update fixes the following bug: * Previously, certain code sequences in the CPython modules caused the object reference count to be computed incorrectly which caused objects to be released too soon. Due to this behavior, a Python "memory error" exception was raised. This update adjusts the internal reference counting logic. This update also adds the following enhancement: * This update adds several new classes, module functions, class methods, and properties.lowScientific Linux FermiScientific Linux Fermi 6python-nss-doc-0.11-3.el6.i686.rpm21e3e2219e9e581b7525187fe30a7cce3bc0c5aeb388fa36b1e10da43ab1fbf2python-nss-0.11-3.el6.i686.rpm93b8f4d8f4fd2ad2cf08ed8abef5ae9d365bb49df7459fcb36d9933d182c527bSLBA-2011:0621-1This update fixes the following bugs: * With this update, JSS has been upgraded to upstream version 4.2.6, which provides a number of bug fixes over the previous version. This rebase is necessary to support the Certificate Server. * Previously, JSS did not release a PK11 slot. Due to this problem, a resource leak occurred and prevented NSS from shutting down because NSS detected that resources were still in use. This update corrects the resource leak and allows NSS to shutdown.lowScientific Linux FermiScientific Linux Fermi 6jss-javadoc-4.2.6-15.el6.i686.rpm687cd3687e9593dacfc0dcbefac6ee20436e4a664433b11245403417a71288f1jss-4.2.6-15.el6.i686.rpmc5ab49c04c310ccf6e2365ca358389d0ac260ccc66825cdc75d1f19cadb1771fSLBA-2011:0673-1This update addresses the following bugs: - Move openldap libraries from /usr/lib to /lib. - Init script is working wrong if database recovery is needed. - Update list of modules in slapd.conf.bak. - slapd init script gets stuck in an infinite loop. - openldap-servers upgrade hangs or do not upgrade the database As well, this update adds the following enhancement: - The openldap packages were rebased (from 2.4.19 to 2.4.23), where OpenLDAP crypto backend was changed from OpenSSL to Mozilla NSS. This brings better certificates management and ability to use OpenLDAP with FreeIPA. The transition should be seamless. OpenLDAP with Mozilla NSS can use all of the PEM cert and key files, and other TLS configuration, that OpenLDAP with OpenSSL used.lowScientific Linux FermiScientific Linux Fermi 6openldap-devel-2.4.23-15.el6.i686.rpmab4d37b09311c3fcdc37ec9e7b6bacdbe476c7f56395853d0e1a8328bfe99805openldap-servers-sql-2.4.23-15.el6.i686.rpmf52f0925d9ce58be11d8dcd54cfbee66578852131c24ee93b190ce33306dd1cdopenldap-clients-2.4.23-15.el6.i686.rpm6aef7b4aceb0387157ffce167aa7f583b22e337ee7eb638f7917dc2b3aa6331eopenldap-2.4.23-15.el6.i686.rpm40725d622965d4abe322929ea0921b363ad0b22bd42174b6cecc32189ea3ac4dopenldap-servers-2.4.23-15.el6.i686.rpm25d96ec944dc5b284af04e392326b5e2b6272240f19868a717d976d79fb91823SLBA-2011:0692-1Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv2, SSLv3, TLS, and other security standards.Scientific Linux FermiScientific Linux Fermi 6nss-softokn-3.12.9-3.el6.i686.rpme5e6d74c5289c32fcfdce334d7cfa77756623f02fbafecfa456066967345eb13nss-softokn-freebl-3.12.9-3.el6.i686.rpmac825348a7b8d0f2dbe87eb6084d00f50efac82592d240166407c4fce8a2547dnss-util-devel-3.12.9-1.el6.i686.rpm3a5e39ae05b55a2dc856da59c09fafd1f111f1bb3d78e7f5ee63acfd3363b07enss-softokn-devel-3.12.9-3.el6.i686.rpm124cd391594509c170b94747406053516a8a008f6dbb1b4b3878e9e4814a81a7nss-softokn-freebl-devel-3.12.9-3.el6.i686.rpm3caed2148eac26c3f38ab0ad6df2bd54c975d5e3a9663fa606e34bab14b73be1nss-util-3.12.9-1.el6.i686.rpme3bec3ddfd2c18d2425ffecec6786938989708935158d33ed9ab3078e85cd168SLBA-2011:0710-1This update fixes the following bugs: * Previously, when a user connected two monitors to a computer and set the GNOME Panel to show hide buttons, the panel did not hide but moved to the adjacent monitor instead. This bug has been fixed, moving the panel to the adjacent monitor no longer takes place. * Previously, there was the untranslated text label "Top Panel" in the GNOME Panel's "Add to Panel" dialog. The problem applied to all non-English locales. The problem has been resolved so that the untranslated text label does not appear anymore in the "Add to Panel" dialog. * Previously, there was a conflicting accelerator key in the GNOME Panel's Date/Time context menu under the kn_IN locale. The fix for this bug has been provided so that there is no more a conflicting accelerator key in the Date/Time context menu. In addition, the following enhancements have been made: * When windows were grouped by the GNOME Panel in the taskbar, they were grouped in an alphabetical order. Such behavior presented a problem when window title changed. This release introduces an option to disable grouping window alphabetically. The fix to enable the option has been applied both in the gnome-panel and the libwnck package. * Previously, when an external monitor was connected to a computer, a user was able to move a panel between monitors by pressing the Alt key and dragging a blank area of the panel. This update introduces an enhancement in that the user can now change the settings with regard to moving the panel between monitors in the GNOME Panel "Properties" dialog.lowScientific Linux FermiScientific Linux Fermi 6libwnck-2.28.0-3.el6.i686.rpm2346f4937b953a50254f89b4c254330d8c9ac0afc1b2e6f7cdbf11d3c5dcdc16libwnck-devel-2.28.0-3.el6.i686.rpm8a90f44ae729dac0791cb8070a3a0aa39c924f7704b533272e6c72dd76b4f008SLBA-2011:0735-1This update fixes the following bugs: * During the Apache HTTP Server startup, a race condition could prevent one or more child processes from receiving the token PIN, rendering such processes unable to use SSL. With this update, the race condition no longer occurs, and all child processes of the Apache HTTP Server can enable SSL as expected. * Due to an incorrect use of the memcpy() function in the mod_nss module, running the Apache HTTP Server with this module enabled could cause some requests to fail with the following message written to the error_log file: request failed: error reading the headers This update applies a patch to ensure that the memcpy() function is now used in accordance with the current specification, and using the mod_nss module no longer causes HTTP requests to fail. * Under certain circumstances, a large "POST" request could cause the mod_nss module to enter an infinite loop. With this update, the underlying source code has been adapted to address this issue, and mod_nss now works as expected. * The mod_nss module is shipped with the gencert utility that generates the default NSS database. Prior to this update, this utility was installed without any documentation on its usage. This error has been fixed, and a manual page for gencert is now included as expected.lowScientific Linux FermiScientific Linux Fermi 6mod_nss-1.0.8-12.el6.i686.rpm3ec7a8743059141d9b6e36336fe61af84fa6370eab5661a0e0aa530a8e17197bSLBA-2011:0793-1The new xorg-x11-drv-xgi package contains a video driver for XGI Z-series graphics chips for the X.Org implementation of the X Window System. The xorg-x11-drivers package contains all of the individual X.Org drivers, to allow installation of all drivers at once, without having to track which individual drivers are present on each architecture. This enhancement update adds the xorg-x11-drv-xgi package to Scientific Linux 6. The xorg-x11-drv-xgi package has been introduced to provide support for XGI Z7, Z9, and Z11 series chips. This new package adds native support for these chips, including native video mode setup, 2D acceleration, and hardware cursor support. In addition, this update fixes the following bug: * Previously, the X Window System failed to load a module containing a driver for the XGI graphics cards. This bug has been fixed and the module is now properly loaded when generating an xorg.conf configuration file. This update also adds the following enhancement: * The driver for XGI Volari Z9s graphics cards has been updated for newer server system support.lowScientific Linux FermiScientific Linux Fermi 6xorg-x11-drivers-7.3-13.3.el6.i686.rpm48e876e4bd8205780faeeb53b229551faa913c6680a7dfd14477ebd02b69eb9fSLBA-2011:0824-2Bugs fixed in this updated package include: * Password changes did not replicate because the method used to pass the changes to consumer servers was rejected on the consumer. This issue has been corrected, and password changes now replicate as expected. * Values could be lost when group memberships were synchronized between 389 Directory Server and Active Directory with the Windows Sync feature. The synchronization and modify operations have been altered to prevent this issue, allowing group updates to synchronize with Active Directory. * The ldclt command-line testing tool crashed during LDAP ADD operations because an LDAP attribute was not set correctly, preventing the creation of entries that did not already exist. This update allows the LDAP ADD to proceed correctly. * The server crashed if a long running task was started using the cn=tasks,cn=config interface and then the server was shut down before the task completed. This update prevents the server from crashing, but does not gracefully terminate the task, which can leave the server database in an inconsistent state. For example, the fixup-memberof.pl script invokes a tasks to fix up the memberOf attribute in group member entries. If the server is shut down before the task can complete, some entries may not have the correct memberOf values. Users should ensure that tasks are complete before shutting down the server to avoid inconsistency. * When using the Entry USN feature, deleting an entry caused a memory leak via the entryusn attribute. This update fixes the memory leak.lowScientific Linux FermiScientific Linux Fermi 6389-ds-base-1.2.8.2-1.el6_1.3.i686.rpm62bb10af92a835790f36ab481ad3f6cdf9accc944edc6498d008b20da65a0b3b389-ds-base-devel-1.2.8.2-1.el6_1.3.i686.rpm181d32d0905bd66ce7fe396b0a09376fe987a5cad7e0618ec6c1950f5621dd37389-ds-base-libs-1.2.8.2-1.el6_1.3.i686.rpm2dcb17157cd60d1d706b435b7ec396f49b89dfbbf1d635e79ec2075d76b8a038SLBA-2011:0907-1This update fixes the following bug: * Certain versions of the KDC software (included for example in Scientific Linux 2.1 and 3) reject requests, which include KDC options the software does not recognize, and do not support the "canonicalize" option. When a client was configured to use one of these versions of the KDC software, the client failed to obtain credentials for authentication to other services. This interoperability regression was introduced in the update to Scientific Linux 6.1. With this update, an upstream patch has been provided to fix this bug.lowScientific Linux FermiScientific Linux Fermi 6krb5-devel-1.9-9.el6_1.1.i686.rpm3a08c356a5b37962322d3a9bcf7c98f200e1728d5ebf6f7bb247901ee8c78ea6SLBA-2011:0935-1This update fixes the following bugs: * Due to a constraint violation, the xinetd daemon was unable to connect to localhost in the enforcing mode, causing the operation to fail. With this update, the xinetd daemon is now trusted to write outbound packets regardless of the network's or node's MLS (Multi-Level Security) range, and the bug no longer occurs. * Previously, a secadm SELinux user was not allowed to modify SELinux configuration files. With this update, the relevant SELinux policy has been fixed, and the secadm SELinux user can now modify these configuration files. * Previously, the rsyslogd daemon was unable to send messages encrypted with the TLS (Transport Layer Security) protocol. This bug has been fixed, and rsyslogd now sends these encrypted messages as expected.lowScientific Linux FermiScientific Linux Fermi 6selinux-policy-mls-3.7.19-93.el6_1.2.noarch.rpmfcb26e941c3171c01e7d95f517f64ce3a1c4da1bfa63e8d8dd3065390e548c93selinux-policy-minimum-3.7.19-93.el6_1.2.noarch.rpm78683cd603485397a783400c13856d51cf6d72dc9c8e831856948aa4e200764aselinux-policy-3.7.19-93.el6_1.2.noarch.rpmcd60a376abd1ef130ad880c6f8bf9273f0ad4ee77a7044b039ef803f07a3c6e8selinux-policy-doc-3.7.19-93.el6_1.2.noarch.rpm765d43515434ea128ee3f2263b4bd98abcb75f9cfcad0d2cf893ffd91096d439selinux-policy-targeted-3.7.19-93.el6_1.2.noarch.rpmb69f1f4d8d49efd48fdb52a0a42adc1d9f0e8860cfffcd7181463752fc33961dSLBA-2011:1158-1This update fixes the following bug: * Prior to this update, the cyclic redundancy check (CRC) was not correctly computed on 64-bit architectures during decompression of gzip archives. In this update, constant-width integer types are used to compute CRC to make the results stable across all architectures.lowScientific Linux FermiScientific Linux Fermi 6boost-graph-openmpi-1.41.0-11.el6_1.2.i686.rpm06afd061930273051e71b6950af1fd8fe79d30d9d06377226de782cc60e2bf43boost-openmpi-python-1.41.0-11.el6_1.2.i686.rpmf6a0485f5b1d08299a4006616084cbe35c226350d8a516d97c06533dd95b10fdboost-openmpi-devel-1.41.0-11.el6_1.2.i686.rpmd969aea0932caaa45a5d69bfbcfdd53eaf7b95c3514df9a26ad55d52c4b2aa9bboost-openmpi-1.41.0-11.el6_1.2.i686.rpmaec8a60eb8a0cc984bc18ab80e65397711d9531ca4dac1b9da290739a513d0c2SLBA-2011:1186-1These updated curl packages fix the following bug: * As a solution to a security issue, GSSAPI credential delegation was disabled, which broke the functionality of the applications that were relying on delegation, which was incorrectly enabled by libcurl. To fix this issue, the CURLOPT_GSSAPI_DELEGATION libcurl option has been introduced in order to enable delegation explicitly when applications need it. All applications using GSSAPI credential delegation can now use this new libcurl option to be able to run properly. All running applications using libcurl have to be restarted for the update to take an effect.lowScientific Linux FermiScientific Linux Fermi 6curl-7.19.7-26.el6_1.2.i686.rpmc5c2563a4ffd94d6286ebe3c235867a80fc13402d6804dd746976497dc0f8e9alibcurl-7.19.7-26.el6_1.2.i686.rpmc7f928629e64320480397352f3c3be71a16bedce7b98d23406018ba0c1d8ad7clibcurl-devel-7.19.7-26.el6_1.2.i686.rpm22ea55d23633ebab24718e328317e83e0dac07f8da2cdc5ae48607597a34d9a1SLBA-2011:1193-1This update fixes the following bug: * Prior to this update, the SELinux policy package did not allow the RHEV agent to execute. This update adds the policy for RHEV agents, so that they can be executed as expected. * Previously, several labels were incorrect and rules for creating new 389-ds instances were missing. As a result, access vector caches (AVC) appeared when a new 389-ds instance was created through the 389-console. This update fixes the labels and adds the missing rules. Now, new 389-ds instances are created without further errors. * Prior to this update, AVC error messages occurred in the audit.log file. With this update, the labels causing the error messages have been fixed, thus preventing this bug.lowScientific Linux FermiScientific Linux Fermi 6selinux-policy-targeted-3.7.19-93.el6_1.7.noarch.rpm6a712cf884752b93bb0f7f4fa49a8c9bcab72d6a9c7861e513aaf36fea81bca9selinux-policy-mls-3.7.19-93.el6_1.7.noarch.rpm367ddc8834d92d551fdc712a841863f291bb291036cf865389b35bc354e6785fselinux-policy-minimum-3.7.19-93.el6_1.7.noarch.rpm340260982e044a2f8b8544d9d121c275e97c73dd57ce5974e6959ca79869c040selinux-policy-doc-3.7.19-93.el6_1.7.noarch.rpm66b3f66d67e7c0c621d7c4820517f801957e0dd4cd94e767b22f243e173c58ddselinux-policy-3.7.19-93.el6_1.7.noarch.rpmaf057318d1221ecdb5d7a18a8f37f8bdb3b36fbd2b841a8a4bfe0fe672a50d26SLBA-2011:1284-1This update fixes the following bug: * Prior to this update, the GSSAPI credential delegation was disabled due to a security issue. As a result, the functionality of applications that relied on delegation was broken. This update adds a new constructor argument in the xmlrpc-c++ client API to set the new CURLOPT_GSSAPI_DELEGATION libcurl option to enable the credential delegation. All applications that use xmlrpc-c with GSSAPI credential delegation can now apply this new constructor to run as expected.lowScientific Linux FermiScientific Linux Fermi 6xmlrpc-c-1.16.24-1200.1840.el6_1.4.i686.rpm628977b50e6030387ed2e3ff89aa02dd8d305d1060a9a8d21c81b31d846da8ecxmlrpc-c-client-1.16.24-1200.1840.el6_1.4.i686.rpm43c817421ebe805b34effe7dec0805ca7998b1332367947af6f94af5857b41bbxmlrpc-c-apps-1.16.24-1200.1840.el6_1.4.i686.rpm26d53f1ce59b480d13d7208376b40eea5e30eadb97d3bf3e163e3493ca93c24bxmlrpc-c-devel-1.16.24-1200.1840.el6_1.4.i686.rpm45eb617182c4cd2093a441943b34822997579fc5c3af258c5cc4d428a4a384a2xmlrpc-c-c++-1.16.24-1200.1840.el6_1.4.i686.rpm6f6602b21bc166bb863cedd0baacc5c3725b800da37aba097a98d1e9ecfcb035xmlrpc-c-client++-1.16.24-1200.1840.el6_1.4.i686.rpmb1575115f65770c7615bec2f3307490f6b235ad02e1af74586250e6f489b10bbSLBA-2011:1511-2This update includes a number of bug fixeslowScientific Linux FermiScientific Linux Fermi 6selinux-policy-minimum-3.7.19-126.el6.noarch.rpm53842d14201cb38286c507d27a5e9e7b5c85476970be3562f7abb26234c4c626selinux-policy-doc-3.7.19-126.el6.noarch.rpm05793f3e98938bfd6e1b4d308f5878e39ae8146491a25783f82114d5c4f7e23fselinux-policy-targeted-3.7.19-126.el6.noarch.rpm15c690ebce6eba11db84676bcc9f45ecdc97065bd5b5be17a0a5b5f06e2341c5selinux-policy-mls-3.7.19-126.el6.noarch.rpmd21b20e199c8d169c6a168eb4ed1ebff600e1620db835eabe6a190de52288156selinux-policy-3.7.19-126.el6.noarch.rpm96ce738619a95468e7c7e3c5a6957f96d6613aa007b6e0853dab0ab2c054e4a2SLBA-2011:1518-2The libcacard package contains Common Access Card (CAC) emulation library.Scientific Linux FermiScientific Linux Fermi 6libcacard-tools-0.15.0-2.el6.i686.rpmbf5dc2226135431aad82ac5741cfb9164856be2ba1640bee3a209040d37a73balibcacard-devel-0.15.0-2.el6.i686.rpmcecd31882af078af5d579c91ed33116abc467481d9d523d3db1acecc7a1947aalibcacard-0.15.0-2.el6.i686.rpmaf2f2296ee39e47a68db64e9ea565549d7104e97e5aec361b4a2c6347ceb6451SLBA-2011:1529-2This update includes a number of bug fixeslowScientific Linux FermiScientific Linux Fermi 6libipa_hbac-devel-1.5.1-66.el6.i686.rpmc121eacbfdcfe1036df98f0eb06921404c080e451e98d573d29f5096e1687b9dsssd-tools-1.5.1-66.el6.i686.rpm1f2f87398f1ec70e209f029f05459d3d2b6be2d1f49610848b3eeafa372c7abcsssd-client-1.5.1-66.el6.i686.rpm9bc70bcdce3bfa729442f83ce9ae204cf96b2251a3de3e1526896e6adecab30clibipa_hbac-python-1.5.1-66.el6.i686.rpm284660395b1ec771023fc5cd92c34e6c101b94ea4cf735dd6cbae0406560fc02libipa_hbac-1.5.1-66.el6.i686.rpm48a77ebd0da1f1c4e95d365394ba3976e76c46a4b90f59294a85f375fcee597bsssd-1.5.1-66.el6.i686.rpm7fc96814e97a270f2ceba4fcd0fcf9b84d906b4efefd0ab5af908760f5ac6db9SLBA-2011:1570-2The mingw32-sigar package provides the MinGW (Minimalist GNU for Windows) sigar library. The sigar package has been upgraded to upstream version 1.6.5, which updates sigar to use Windows device names instead of ethX names. This update also adds a number of bug fixes and enhancements over the previous version. These updated packages fix the following bug: * Previously, sigar could print incorrect system information on the IBM System z architecture due to a specific format for the /proc/cpuinfo file. This update ensures that the /proc/cpuinfo file is correctly parsed on all non-x86 architectures. As a result, the correct system information is now displayed. In addition, these updated packages provide the following enhancement: * This update adds PowerPC and IBM System z as a dependency for the Matahari framework on the AMD64 and Intel 64 architectures.lowScientific Linux FermiScientific Linux Fermi 6sigar-1.6.5-0.4.git58097d9.el6.i686.rpmf68f45da077a6e0e17044c7610ff14fa81fa13c905a0b1355a77f9c8a1e3ef61sigar-devel-1.6.5-0.4.git58097d9.el6.i686.rpm7a06b8913074eef1fbf44efc555a3cb3b808ffb90e7261ff32c2d5262788e209SLBA-2011:1600-2This update fixes the following bug: * Prior to this update, one process was used to scan for all defects. As a result, xorg-x11-drv-nouveau packages did not build without patches against its supporting components. This update scans defects in downstream patches separately. Now, the packages build as expected when not all downstream patches are present. This update also adds the following enhancement: * This update adds the updated Xorg Nouveau driver for NVIDIA GeForce/Quadro hardware to the xorg-x11-drv-nouveau package.lowScientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-nouveau-0.0.16-13.20110719gitde9d1ba.el6.i686.rpm52f3af894a9bf3016f816cde6ddd0c6b4177522fac8ff64a1e716e235ad6d416SLBA-2011:1613-2The libpciaccess library provides portable PCI access routines across multiple operating systems. The Direct Rendering Manager runtime library (libdrm) provides a user-space interface library for direct rendering clients. The xorg-x11-font-utils package provides X.Org X11 font utilities required for font installation, conversion and generation. The xorg-x11-util-macros package provides X.Org X11 autotools macros required for building various packages that comprise the X Window System. The xorg-x11-proto-devel package provides X.Org X11 Protocol headers. The following packages have been upgraded to the higher upstream versions, which provide a number of bug fixes and enhancements over the previous versions: * The libpciaccess package has been upgraded to upstream version 0.12.1. * The libdrm package has been upgraded to upstream version 2.4.25. * The xorg-x11-font-utils package has been upgraded to upstream version 7.2. * The xorg-x11-util-macros package has been upgraded to upstream version 1.14.0. * The xorg-x11-proto-devel package package has been upgraded to upstream version 7.6. In addition, this update fixes the following bug: * The file permissions were set incorrectly for certain device nodes, such as the /dev/dri/controlD64 file. This problem could have been misused for DoS (Denial of Service) attacks against the current console users if the users were running X Windows. With this update, the file permissions are now set more strictly for these device nodes.lowScientific Linux FermiScientific Linux Fermi 6libdrm-2.4.25-2.el6.i686.rpm42f23643102106dd0270bed4fca29f9c260262aaae277cbfe19bf8db88659c84xorg-x11-proto-devel-7.6-13.el6.noarch.rpm2e9eedf53ca2e33cb7cf6af5cfb533df3381aebee6c07d4a65ac03b49dde9afalibdrm-devel-2.4.25-2.el6.i686.rpmc1195ade641eed13aa251cb483ceb506338261a7fd06c84bcb34687a4d51dcb3SLBA-2011:1631-2The netcf packages have been upgraded to upstream version 0.1.9, which provides a number of bug fixes and enhancements over the previous version. As well, this update fixes the following bug: * Prior to this update, certain interfaces associated configuration files in the /etc/sysconfig/network-scripts/ directory, but no corresponding device in the kernel. As a result, netcf returned an error status every time it was asked for the current status of an interface it was unable to find in the kernel, so management applications collected a large number of error log messages. With this update, failures to find an interface in the kernel are now ignored. This update also adds the following enhancements: * In this update, netcf has been modified to capture the stdout and stderr output of ifup and ifdown, and, in the case of an error, forward that information back to the management application, which used netcf to start or stop an interface. This makes it easier to troubleshoot problems. * Changes made to a host's network configuration by netcf (via netcf's API, or the ncftool commands) immediately and permanently modify the host's configuration files (in /etc/sysconfig/network-scripts/ifcfg-*). With this update, new API/virsh commands have been added to enable saving the current state of network configuration before any changes are made, and easily reverting to that configuration if any problems are encountered. All users are advised to updated to these updated packages, which fix these bugs and add these enhancements.lowScientific Linux FermiScientific Linux Fermi 6netcf-devel-0.1.9-2.el6.i686.rpm43efce107d25c75c02eee0285051d5d7805fb4183bf37b2f8c4f37e6036ad309netcf-0.1.9-2.el6.i686.rpm3e531f5b6e6b3e2ca921a49bb1d8e0413b283b395d00085912713b6d8703dda5netcf-libs-0.1.9-2.el6.i686.rpmb4c1d97906cb4da19046186cdff11b4ba035c0abdac6bc2eefc7d2eaa8102e2dSLBA-2011:1655-2Note: The Certificate Authority component provided by this update is not intended to be used as a standalone server. It is installed and operates as a part of IPA. Bug fixes: * Configuration of a certificate server failed with the following error: "Unable to retrieve CA chain: request failed with HTTP status 500". This occurred due to a race condition between the process reading the /etc/pki- ca/registry.cfg file and the restart process as registry.cfg was timestamped on startup. registry.cfg is now left unmodified on startup. * On RH Certificate System 8, the 64-bit pkicreate script was attempting to use libCryptoki2.so for SafeNet Luna SA and failed to load it as the library did not exist. The code has been changed and pkicreate on 64-bit platforms now uses libCryptoki2_64.so. * The pkiremove command removed all instances of the CA (Certification Authority) type instead of removing only a specific instance. This occurred because pkiremove removed the registry directory /etc/sysconfig/pki/[subsystem_type] instead of removing only the registry entry for the specific instance in the /etc/sysconfig/pki/[type]/ directory. The command now removes only the respective type instance. * In a NAT (Network Address Translation) environment, authentication of an IPA machine clone could fail with a NullPointerException on machine setup. This happened when the clone tried to authenticate itself with a NAT translated IP address that was different from the IP address previously used for the authentication. Therefore, the master IPA machine rejected the authentication. As the machines use a shared key throughout the connection, the IP check was redundant and has been removed. * PKI provided Apache Tomcat configuration files which set "user:group" to "pkiuser:pkiuser". Therefore, the /var/log/tomcat6/catalina.out file was also owned by pkiuser. As the file needs to be owned by Tomcat 6, the TOMCAT_LOG variable has been added to the configuration files and Tomcat now uses "tomcat:tomcat" as its "user:group". * The Dogtag subsystem did not detect a replication failure if the replication failed during clone setup. Therefore, Dogtag kept looking for the root directory on the directory server and got into an infinite loop as the replication failed and the root directory was never created. Dogtag now waits for the replication to finish and the problem no longer occurs. * Due to changes in startup scripts, the PKI SElinux policy was not applied and tomcat6 instances ran unconfined. The startup scripts now applies the SElinux policy if enabled and tomcat6 instances now run with the restrictions defined in the policy. Enhancements: * The default validity period of the default and constraint server certificates has been changed to 2 years. * The number of restarts needed during installation of Dogtag Certicate Server was decreased. * Several checks have been added to speed up installation of Dogtag Certificate Server. * The client usage flag has been added to the caIPAserviceCert server certificate. This allows an IPA server to use the server certificate as a client certificate and authenticate itself. * The pki-setup-proxy script that adds a configuration file to Apache Tomcat, updates the server.xml and CS.cfg files has been added. The script upgrades the proxy configuration of an existing IPA installation to the AJP (Apache JServ Protocol) proxy code introduced in upstream version 2.1.1. pki-core packages, which fix the bugs and add the enhancements.Scientific Linux FermiScientific Linux Fermi 6pki-java-tools-9.0.3-20.el6.noarch.rpm400112d64ec54f0b980d5be1b2ee2ae3c91eb1d21c340a67b2fd6f6e8302590apki-ca-9.0.3-20.el6.noarch.rpma8e1495cdfa161609a0c1e5632619ee692f4ef7698c4b359ca0866c6001332bfpki-silent-9.0.3-20.el6.noarch.rpm946928afb3e9a5e9b573b9b8a0d77e507c3ff5261c7f9d2308f804d51a89423fpki-java-tools-javadoc-9.0.3-20.el6.noarch.rpma5b068ca91e0793edd58a23519bb45767a54612bd9a2f78ac62cd7cc290dfa67pki-common-javadoc-9.0.3-20.el6.noarch.rpmd576d2d22d1164de325e46bb1f73f2e18ff7cdbda81abea4371a2343bb66bac2pki-setup-9.0.3-20.el6.noarch.rpma94ef5e574bed3772badacacff746b13c83db5e2fa5908eaa1d4d5a49c337729pki-util-9.0.3-20.el6.noarch.rpm6a8503278ce4c7c59acdce54e3e72ccdfe1c91e5642430b83f0c8c90e3b54e0dpki-util-javadoc-9.0.3-20.el6.noarch.rpm26762949d91edc1e62fdea6c7dfe53b65c1b45f62a36862ede6dd5374b14e14fpki-symkey-9.0.3-20.el6.i686.rpm7fed3f96713f1292d5346f8443af4036c3f59325d6a65c570a30e9a4505666d0pki-native-tools-9.0.3-20.el6.i686.rpm685ebd253c333cd4d1d60a7d4bafec8a8cdc82054d2aaa18326fc9d074d52e5cpki-common-9.0.3-20.el6.noarch.rpmcb43f51842b17197255fefe71b21c13b3a45ae2660cfeb511c767c24b50d6db9pki-selinux-9.0.3-20.el6.noarch.rpmaa882e550ea4af079925b262561f6d8c50926f98618be2d3855428c7b064646aSLBA-2011:1666-2The python-qpid package provides a python client library for the Apache Qpid implementation of the Advanced Message Queuing Protocol (AMQP). The python-qpid package has been upgraded to upstream version 0.12.Scientific Linux FermiScientific Linux Fermi 6python-qpid-0.12-1.el6.noarch.rpmb20220adf752d22e664a8e94ca982b47efff4ab4389a2dc89001a2332fe5516cSLBA-2011:1754-2The ipa-pki-theme packages provide Identity Management theme components for PKI packages. Certificate System (CS) manages enterprise Public Key Infrastructure (PKI) deployments and requires a theme for the specific type of PKI deployment with which it is used. This package makes a IPA theme available for CS, and therefore makes it possible for users of Scientific Linux 6 to use CS as a part of IPA deployments. These updated ipa-pki-theme packages fix the following bug: * IPA (Identity, Policy and Audit) is an identity and access management system. Prior to this update, Certificate System (CS), which is implemented in pki- core, required multiple ports to be open in a firewall for IPA to work. The number of open ports required has been reduced, and support for a proxy using Apache JServ Protocol (AJP) ports has been added, by enhancements made in pki- core. With this update, ipa-pki-theme has been changed to make use of the updates to CS, including adding the proxy-ipa.conf configuration file, and fixing broken links in certain user interface files. As a result, it is now possible for ipa-pki-theme to support running CS behind a proxy Apache server. Important: this theme is mutually exclusive with the PKI themes for other types of PKI deployments, such as dogtag-pki-theme for Dogtag Certificate System deployments for RH Certificate System deployments.Scientific Linux FermiScientific Linux Fermi 6ipa-pki-common-theme-9.0.3-7.el6.noarch.rpm77e29c4114116d03b959626ca4d0f5d492d83b70d9f9afc3e175ab1003e4bc46ipa-pki-ca-theme-9.0.3-7.el6.noarch.rpm0cfab1d9163ea13cbd8c2e6f3406e4e67887b18953ca499cbe8ddedfd3924481SLBA-2011:1837-1This update fixes the following bug: * When running a KDE session on a virtual machine with SELinux in enforcing mode, the session was not locked as expected when the SPICE console was closed. This update adds necessary SELinux rules which ensure that the user's session is properly locked under these circumstances.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-mls-3.7.19-126.el6_2.4.noarch.rpmcd751252f2d8199216f03287cd9a13cee6cd6e6695c1aeba564da35b8612a440selinux-policy-targeted-3.7.19-126.el6_2.4.noarch.rpm215e4a121f5b3436525cd01c20b894b1d868190c2690aa72d4b989b579ddf758selinux-policy-3.7.19-126.el6_2.4.noarch.rpm5dd76f790b9159d64528300e87e43266302659cb4bedf8726431580f49fde6efselinux-policy-doc-3.7.19-126.el6_2.4.noarch.rpm14a3a47c24b57f6bd2eabaf532d5ebfd2153c7f07601e963c329646fe2874060selinux-policy-minimum-3.7.19-126.el6_2.4.noarch.rpm785603e0f65433a89f0147de70e0f6f239e6a86a8d8f720497b61d4a124be39aSLBA-2012:0123-1This update fixes the following bug: * An incorrect SELinux policy prevented the qpidd service from starting. These selinux-policy packages contain updated SELinux rules, which allow the qpidd service to be started correctly. * With SELinux in enforcing mode, the ssh-keygen utility was prevented from access to various applications and thus could not be used to generate SSH keys for these programs. With this update, the "ssh_keygen_t" SELinux domain type has been implemented as unconfined, which ensures the ssh-keygen utility to work correctly.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-targeted-3.7.19-126.el6_2.6.noarch.rpmb5e0fa1c67827a0936e5882e74e7c23b40a307cc17ee2f930e8e38b01fcd95afselinux-policy-3.7.19-126.el6_2.6.noarch.rpm13cd992714259fa7e16759a033f8bcc65c0d325e3f9c9ef5c73eb9e835aa7e5cselinux-policy-mls-3.7.19-126.el6_2.6.noarch.rpmc2320da50f507d06a45714ae905df2d40938c9cd1937cd4ffe07712599532640selinux-policy-minimum-3.7.19-126.el6_2.6.noarch.rpme8a62a795c4338ddd800ebb41c997935fbf2dd8d34605b5cdbe4b6d79dce5774selinux-policy-doc-3.7.19-126.el6_2.6.noarch.rpmffab62df794da13f775419460496099bdd54446beba43423fa907f19f4112ed3SLBA-2012:0337-1Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. The nss-util package has been upgraded to upstream version 3.13, which provides a number of enhancements over the previous version. The nss packages have been upgraded to upstream version 3.13, which provides a number of bug fixes and enhancements over the previous version. The nspr package has been upgraded to upstream version 4.8.9, which provides a number of enhancements over the previous version. This update also fixes the following bugs: * A lack of robustness flaw caused crashes in the administration server for RH Directory Server because the mod_nss module made nss calls before initializing nss per documented API. With this update, nss protects itself against being called before it as been properly initialized by the caller. * Previously, due to a bug in the FreeBL library, Openswan could generate a Key Exchange payload that was one byte shorter than what was required by the Diffie Hellman (DH) protocol. As a consequence, Openswan dropped connections during such payloads. With this update, the size of the payload is set to zero by default, and the Softoken module is queried for the size. Connections are no longer dropped by Openswan in the described scenario.Scientific Linux FermiScientific Linux Fermi 6nss-util-3.13.1-3.el6_2.i686.rpm047c84c41a999197fcc1e7ff13129a93084da7f57d77d55335bd4742c4918f85nspr-devel-4.8.9-3.el6_2.i686.rpm48770866e22600e2ca71ff72b57aed354c1a833ffbf3053a85511b1c8896ea2cnspr-4.8.9-3.el6_2.i686.rpm1c6b4aa09d961871bf714fea5ad8767a30728c5d2585c5150e23807fb2d60735nss-util-devel-3.13.1-3.el6_2.i686.rpm8fe1cd0606a0f2cc79be33ed3f4bd50b522636dfa546fb00421eec7bc9373a8fSLBA-2012:0338-1These updated selinux-policy packages fix the following bug: * Previously, SELinux received deny AVC messages if the dirsrv utility executed the "modutil -dbdir /etc/dirsrv/slapd-instname -fips" command to enable FIPS mode in an NSS (Network Security Service) key/cert database. This happened because the NSS_Initialize() function attempted to use prelink which uses the dirsrv_t context. With this update, prelink with the dirsrv_t context is allowed to relabel its own temporary files under these circumstances and the problem no longer occurs.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-minimum-3.7.19-126.el6_2.9.noarch.rpmefabf86bdf4dc6b283539348f8dce7d005d2740ea5dae4d10def388d6e491a08selinux-policy-mls-3.7.19-126.el6_2.9.noarch.rpm5331fb6048e6cb176e42018c75dc75000e08b605d0762d0df07b07eb04939ecaselinux-policy-3.7.19-126.el6_2.9.noarch.rpmecc15a3983c0aafd8fcbd44dfca06eaa00e91368bddd07bf3e14fe4c9964fb53selinux-policy-targeted-3.7.19-126.el6_2.9.noarch.rpmf16806818dea6634ae9d7bd52e8a6faf4029c6879bbc0cd30cba9781fe920a17selinux-policy-doc-3.7.19-126.el6_2.9.noarch.rpmafc05f8ebcd452ed9214e07966ea4d6df8e79b5b3343a4d71ef8c56a47dc03afSLBA-2012:0344-1This update fixes the following bugs: * Crashes were reported in the messaging daemon (qpidd) included in MRG after a recent update to nss. This occurred as qpidd made nss calls before initializing nss. These updated packages prevent qpidd, and other affected processes that call nss without initializing as mandated by the API, from crashing.Scientific Linux FermiScientific Linux Fermi 6nss-devel-3.13.1-7.el6_2.i686.rpmda9df452cc8d45670aeb09910340c65b8253a090dc055869366c6adf03e40b78nss-sysinit-3.13.1-7.el6_2.i686.rpmb3be32138678b02f5f597c90c3a679e58abed5027e249377cdb180d46bb71049nss-3.13.1-7.el6_2.i686.rpmbcbc964dd90dcc078168c0d7316f1f94d49b5af0a9e910131814a2fd92d8f342nss-tools-3.13.1-7.el6_2.i686.rpmb289d4c9208685dcb8ed7318eef6f07455c6bfce65595ebf1c7dae03575db6d9nss-pkcs11-devel-3.13.1-7.el6_2.i686.rpm51c31340be00d0124dc468f5e5fe554d569158c506fb1ec2bce21523ecacec50SLBA-2012:0364-1This update fixes the following bugs: * An incorrect SELinux policy prevented the qpidd service from connecting to the AMQP (Advanced Message Queuing Protocol) port when the qpidd daemon was configured with Corosync clustering. These selinux-policy packages contain updated SELinux rules, which allow the qpidd service to be started correctly. (#BZ796331) * With SELinux in enforcing mode, an OpenMPI job submitted to the parallel universe environment failed on ssh keys generation. This happened because the ssh-keygen utility was not able to read from and write to the "/var/lib/condor/" directory". With this update, a new SELinux policy has been added for the "/var/lib/condor/" directory, which allows the ssh-keygen utility to read from and write to this directory. (#BZ796585)Scientific Linux FermiScientific Linux Fermi 6selinux-policy-3.7.19-126.el6_2.10.noarch.rpm4cc31f680e48a8ad0361739397fe3e615da2843dfe8523046fabc0b6f29ecf30selinux-policy-targeted-3.7.19-126.el6_2.10.noarch.rpm02b17a5ac502b877c564ac90bcbcb4c6382c623d4024c0b101ba6845296a3e7fselinux-policy-mls-3.7.19-126.el6_2.10.noarch.rpmeedeca700f143b31c3e343f47e971317b6557623a189fe402e6ac16f5d4c063dselinux-policy-minimum-3.7.19-126.el6_2.10.noarch.rpm56f5d9c8513cb9882d45fd8af541e3be12594637f43eac7313586f2c07610178selinux-policy-doc-3.7.19-126.el6_2.10.noarch.rpmc4f6da7089b0d6eb47fe8c51f27d58d0472ce5086c41d8fccbe18409a71d5bb7SLBA-2012:0380-1This update fixes the following bugs: * The QXL driver for Scientific Linux 6.2 did not contain the compatibility layer. As a consequence, updating a Scientific Linux 6 guest running on a Scientific Linux 5 host in the RHEV 2.2 environment caused the SPICE client window to become black after the update, and therefore unusable. A patch has been applied to ensure proper compatibility and the driver now works correctly in the described scenario. * The QXL driver for Scientific Linux 6.2 was not able to cache images on the client side. This led to visible and significant impact on user experience (users could have experienced delays when loading images contained in web presentations or slideshows). With this update, images can be optionally cached on the client side.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-qxl-0.0.14-13.el6_2.i686.rpme04c7ba282916dbef0cc699cd6cfa2b92231d145687d2f1142d1975f4016c8a2SLBA-2012:0550-1This update fixes the following bug: * When executing either the "mdir" or "mls" command, the FTP client stores results returned by the server in a specified local file. Previously, when opening the file, the client did not ensure that the mode value it passed to the fopen() function was properly null-terminated. This could cause unpredictable failures. This update ensures that the value is properly null- terminated so that the failures no longer occur in this scenario.Scientific Linux FermiScientific Linux Fermi 6krb5-appl-clients-1.0.1-7.el6_2.1.i686.rpm07895fa517b4bf06612294c38f14618a43c75a7815cbdc2f237dce7e1247d357krb5-appl-servers-1.0.1-7.el6_2.1.i686.rpm917cd85497c46cb8f32a071d1c6ea458784a66d54efcc30cfb93fcc55a35180aSLBA-2012:0747-4This update includes a number of bug fixesScientific Linux FermiScientific Linux Fermi 6sssd-client-1.8.0-32.el6.i686.rpm503dc4c51fbb934e14e8dbfe596e24b2add34e9b4797c4df83b1940417acc62asssd-1.8.0-32.el6.i686.rpm886c0bbed2e2308950a6cd665fb10196f33b5809d3cd79b8fd18038bdcaa527flibipa_hbac-1.8.0-32.el6.i686.rpmd0059b000828f173d8d980eed30e9d54e80417c3144161d953a6ece837bec5belibsss_autofs-1.8.0-32.el6.i686.rpma98c457c71a79e211617cec2448af8f902c0e79a4ae00345c92a75796ba342b3sssd-tools-1.8.0-32.el6.i686.rpmda586770a8837a71d5c5612a416b40e1550e12a66f4a45455ba009be9fabb353libipa_hbac-python-1.8.0-32.el6.i686.rpm1c69b4ab6a7458e85d57a24a96c417a2fe96e22bad846e4fd15e94dcae1f5615libipa_hbac-devel-1.8.0-32.el6.i686.rpme03e0c72b0545655c226d801150e12f837c4ea074381b7bcc190ee8042cb3387SLBA-2012:0755-2This update fixes the following bug: * Previously, the packages did not contain manual pages for the vios-proxy-host and vios-proxy-guest daemons. With this update, these manual pages are now available.Scientific Linux FermiScientific Linux Fermi 6vios-proxy-host-0.2-1.el6.i686.rpmc570f76e29c3396a2da5294b7d4df429302c8938699e663885667683d1913889vios-proxy-guest-0.2-1.el6.i686.rpm301fd1a06ebc56af133577701f6f93bbbc87ae4b9d7d08e0fca0f5c607aae9a7vios-proxy-doc-0.2-1.el6.i686.rpm6238b73dba2f43f5438db3aa26e28796b9817967e07ecf2934874a0de1b1edc9SLBA-2012:0757-2The libvirt-cim package has been upgraded to upstream version 0.6.1, which provides a number of bug fixes and enhancements over the previous version. This update fixes the following bug: * Previously, the libvirt-cim package required as its dependency the tog- pegasus package, which contains the OpenPegasus Web-Based Enterprise Management (WBEM) services. This is, however, incorrect as libvirt-cim should not require specifically tog-pegasus but any CIM server. With this update, libvirt-cim has been changed to require cim-server instead. The spec files of libvirt-cim and sblim-sfcb have been modified appropriately and libvirt-cim now uses either of the packages as its dependency. This update also adds the following enhancements: * Extension for Quality-of-Service (QoS) networking has been added. * Support for domain events has been added. * Extensions for networking of Central Processing Unit (CPU) shares have been added.Scientific Linux FermiScientific Linux Fermi 6libvirt-cim-0.6.1-3.el6.i686.rpmed68e0a4b89519ff7af1e82ae440b6343baf4eb4e2798a3bfe9441321c6aadb5SLBA-2012:0759-1The libusb1 packages have been upgraded to upstream version 1.0.9, which provides a number of bug fixes and enhancements over the previous version. In addition, this update adds a new API needed for support of the SPICE (The Simple Protocol for Independent Computing Environments) USB redirection.Scientific Linux FermiScientific Linux Fermi 6libusb1-static-1.0.9-0.5.rc1.el6.i686.rpm52e6a612257920818e159eb9e1fc2ddb7c1f75eea55bb46083fce5440a735901libusb1-1.0.9-0.5.rc1.el6.i686.rpma3aeb8d17c609edf6da989280663e0149af0d4b25c8fc2cd915d589eaf24613clibusb1-devel-1.0.9-0.5.rc1.el6.i686.rpm8b139ecd106bf38088f485bba89cb058dd31f976007792259df37161590faad7SLBA-2012:0761-2Note: The Certificate Authority component provided by this advisory cannot be used as a standalone server. It is installed and operates as a part of IPA. These updated pki-core packages provide fixes for the following bugs: * A Firefox launcher setting which opened a non-functional Certificate Authority (CA) page was improperly created and applied to all user profiles. With this update, all PKI-related desktop icons have been removed and the problem no longer occurs. * The pkisilent script did not accept special shell characters, such as spaces or quotation marks, in argument values even if they were properly escaped. Consequently, errors occurred and the script failed. This update improves the code and the problem no longer occurs. * When installing IPA, the installer uses the "sslget" utility to communicate with the CA. Due to a change in Network Security Services (NSS), the server sent out a full response to the sslget client consisting of 9906 bytes but the client received only 5 bytes of the encrypted stream. With this update the problem is fixed and sslget now prints the returned XML form from the PKI CA as expected. * Tomcat has changed the way the server startup is logged. In previous versions, server startup and operation was written to the catalina.out file by the root and tomcat users. Now, the root and tomcat users write to different logs. After the change, the Certificate System (CS) tomcat subsystems failed to start due to incorrect permissions. The CS startup code has been modified to reflect this new logging and now works as expected.Scientific Linux FermiScientific Linux Fermi 6pki-util-9.0.3-24.el6.noarch.rpmeade361aef80ec0ba35ac55f1766b52455b606ea792f20784a547b1858e8a4acpki-java-tools-javadoc-9.0.3-24.el6.noarch.rpm04722cf6ae974dba477d0224c418969f0846a995b1eac082fadfe0999e7aae12pki-native-tools-9.0.3-24.el6.i686.rpme13b0a7d337ca9e997ecbedd4897961878b38bbea033e6f3675eea57ff672b33pki-setup-9.0.3-24.el6.noarch.rpmc2725684dd9b3cc4e36bccafd782dbcc75826769a2e2dc7c6c8f16ce81d6e3dbpki-silent-9.0.3-24.el6.noarch.rpm4ebb76dde6316d386d590213cdafce8ba3a06102c4ea3f2bbff55c42f4711ee5pki-selinux-9.0.3-24.el6.noarch.rpm3128f3aab7879dee73966f14594271bcd93b02375df77845ba210587142aee3epki-symkey-9.0.3-24.el6.i686.rpm8106d955dc17bffc1839e8179dac6e59c04aae0cb8ccb215a489bced049af30cpki-util-javadoc-9.0.3-24.el6.noarch.rpm01d19b6941a5cf2aa92e4f02ba7c5ce10cc44be137e6fd861f23135538508466pki-ca-9.0.3-24.el6.noarch.rpmffeab1bf92d559c26cb9c6ac61595218306b50209d9f27a535f9fa8a5bf95b3apki-java-tools-9.0.3-24.el6.noarch.rpm7115ec1aec14de9a81d82ca4187502c75c25bb122f5db46f54fd943f9c200430pki-common-9.0.3-24.el6.noarch.rpmcf9759ee414ad7a2fdba9fa9f13a1ea7ed6de4157a17ea84d71feb4d07afd5b6pki-common-javadoc-9.0.3-24.el6.noarch.rpmf1ad3f8ae0560b317775a148d44210accfc3fafd2583a18baa524e64859f13fdSLBA-2012:0764-2All qpid packages have been upgraded to upstream version 0.14, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * Prior to this update, the spec file incorrectly used the "Vendor" tag. As a consequence, rebuilds could, under certain circumstances, incorrectly label packages. This update removes the "Vendor" tag. * Prior to this update, the qpid daemon could, under certain circumstances, abort with a segmentation fault when attempting to shut down the SslPlugin if the plug-in was loaded without setting the "--ssl-cert-db" option. This update modifies the ssl.so module so that the SslPlugin shuts now down as expected. * Prior to this update, the service qpid daemon was always enabled by default, which was not required. This update modifies the service settings so that the qpidd service is no longer enabled by default but only when required. In addition, this update adds the following enhancements: * This update provides the environment variable "QPIDC_CONF_FILE" to allow to specify the location to look for the configuration file of the client. * This update adds the python-saslwrapper package as a dependency for qpid-stat so that qpid-stat can use the DIGEST-MD5 module to authenticate to a broker. * With this update, the spec file depends on specific boost-* packages instead of the boost metapackage. * This update adds support for 64-bit PowerPC and IBM System z platforms to the python-saslwrapper package.Scientific Linux FermiScientific Linux Fermi 6saslwrapper-0.14-1.el6.i686.rpmd7d6d82040ca89f78c54f65903a75cac44fdac245ff4ecdb221b6db44d2df944python-saslwrapper-0.14-1.el6.i686.rpmf4c1d3dcbcf7e7215107c97cd1a4c49c5edb14fd0d67457a5835d6c49bf829ecruby-saslwrapper-0.14-1.el6.i686.rpmf57c03f1155e7929c1d8422064dbaa69c51f409ba4501245490efcec6c515db3saslwrapper-devel-0.14-1.el6.i686.rpm5d9d0d74104127af234e8f64b1363d41103bb096f872deeb02a42643333cc934SLBA-2012:0770-1The following general upgrade has been performed: * The InfiniBand/iWARP/RDMA stack components have been upgraded to the latest upstream versions.Scientific Linux FermiScientific Linux Fermi 6mpitests-mvapich2-3.2-5.el6.i686.rpm17caa1d2256eb33f1060bc946cdfbb8cf6b6565bffa9849f4114f3cac9d33fc9mvapich2-devel-1.8-1.el6.i686.rpm91ac52c1adbdd3b6a94b177e1c77feec439ebd5c5fc7cf7c3a8d0be8ca2a1111mvapich2-common-1.8-1.el6.noarch.rpm37cce381808c05b88caabed8fff2705678f42e70847835ce805479a619b74030mpitests-mvapich-3.2-5.el6.i686.rpm8b61c493da70388651b05c4ba94d384868b0a656c94547f4c0576957b8698a20mvapich-static-1.2.0-0.3563.rc1.5.el6.i686.rpm0539e79d8a3bfe7838853a418c9763eebc7b4e7864991a6c7610a8e12eb0483aopenmpi-1.5.4-1.el6.i686.rpm88f956ce31a32f4d605d77dfd748e7f24c2c7aad2d2db3e1f0320ccf34796d59mvapich2-1.8-1.el6.i686.rpm3ad2e7644baea766431adef1f9e65771f867c5ba1f3b03be2f7c5cb8ab31505csrptools-0.0.4-15.el6.i686.rpm051c921f667dff04987fd6bea169f71a82ac1a988b94bc205b64d0ac905b8ddbmvapich-common-1.2.0-0.3563.rc1.5.el6.noarch.rpmef429a269ee5ab7119332461ab9b6031dd98948049f68e6d3664ad66b913bea3mvapich-1.2.0-0.3563.rc1.5.el6.i686.rpme4a94f424ecb2262005e8bf11ce7937c591e021b5191c3144074dbbde44db937mpitests-openmpi-3.2-5.el6.i686.rpmebc9d9ef5412d3a6c546cf16cc166172ccd6b4c4ccae903f7c5f8d3954118ac9openmpi-devel-1.5.4-1.el6.i686.rpm62b2c5a5cb15a57bbf4998a0bb02d057e198b93c11a3d367cf398df4d1d00b7fmvapich-devel-1.2.0-0.3563.rc1.5.el6.i686.rpmb79fa3ef09b418c80d9d2c8f475a702b7680c27408a1baad7f971f2f109d091eSLBA-2012:0772-1This update includes a number of bug fixesScientific Linux FermiScientific Linux Fermi 6virt-viewer-0.5.2-9.el6.i686.rpm21bf6aee3325fbb4952bac2d61629bd3f5e75c4ac57ba1f65b325e8f40b9cd8fSLBA-2012:0800-2This update fixes the following bugs: * Prior to this update, the libvirt-qpid plug-in did not handle exceptions correctly. As a consequence, the fence_virtd daemon could unexpectedly terminate with a segmentation fault if the connection to the specified qpid daemon failed. This update modifies the exception handling. Now, the fencing operation works as expected. * Prior to this update, the hashing utility sha_verify did not handle errors correctly when a key file could not be read. As a consequence, the fence_virtd daemon could unexpectedly terminate with a segmentation fault when receiving a fencing request if fence_virtd failed to read the specified key file during startup. This update modifies the error handling if a key file cannot be read. Now, fence_virtd no longer terminates under these conditions. * Prior to this update, the XML example for serial mode in the fence_virt.conf(5) man page contained an incorrect closing tag. This update corrects this tag. * Prior to this update, the libvirt-qpid plug-in was linked directly against the qpid libraries instead of only the qmfv2 library. As a consequence, newer versions of the qpid libraries could not be used with the libvirt-qpid plug-in. This update no longer links against the qpid libraries directly. Now, also newer qpid libraries can be used with libvirt-qpid. * Prior to this update, the fence_virtd.conf manpage and the fence_virtd.conf generator incorrectly stated that by default, fence_virtd listened on all network interfaces. Both have been amended to state that by default, fence_virtd listens on the default network interface.Scientific Linux FermiScientific Linux Fermi 6fence-virt-0.2.3-9.el6.i686.rpmf377ef3c08f51e30fd3ce92dba272309ed1709f0e59378b1e97b90b25f218124fence-virtd-serial-0.2.3-9.el6.i686.rpm990fb55ebb7416ae7d3954f1d437e7006fd023281acfd0802edbada83ae44109fence-virtd-libvirt-qpid-0.2.3-9.el6.i686.rpm173777b926d074552b286bce2d2c83e4bb6295382811d3de7f4213f7c9bb2b22fence-virtd-checkpoint-0.2.3-9.el6.i686.rpmc0da6b108978b40d42618c4fed9fe17d2024753993d3aee3957b2cd7016bfa3bfence-virtd-libvirt-0.2.3-9.el6.i686.rpmab9e5dc23ace3640342f3d62108dae7708675876f9f1ae8ea388636476f17a81fence-virtd-0.2.3-9.el6.i686.rpmbc38fff8beb3139b9ddeeffafab1f774fac134f9228fd64ed89331e1715c5e83fence-virtd-multicast-0.2.3-9.el6.i686.rpmb88bd2e87305706739e0f29585311c10dd539e81f0407e5b1a0cb64e9098eaf3SLBA-2012:0801-2The xorg-x11-drv-wacom package has been upgraded to upstream version 0.13.0, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bug: * Prior to this update, the xorg-x11-drv-wacom driver allowed users only to use a pointer-focusing model. As a consequence, a dual-monitor layout on certain hardware could lead to an offset between the pen position and the cursor position. This update modifies the mapping offset in screen mode to provide new multi-screen handling. * Prior to this update, xorg-x11-drv-wacom driver could, under certain circumstances, encounter an "off by one" error in the array access of files and a null dereference. This update modifies the array indexing and checks for the right allocation before dereferencing. This update also adds the following enhancement: * This update adds xorg-x11-drv-wacom to HPC Compute Node ( v. 6 ). Now, xorg-x11-drv-wacom is a dependency for the gnome-settings-daemon and the control-center. * This update adds support for the Wacom Intuos4 Wireless device.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-wacom-devel-0.13.0-6.el6.i686.rpm94150dab7da8185dfb9f77bc1ada0ccdba96cda68ef4e08002cb484d721658c9xorg-x11-drv-wacom-0.13.0-6.el6.i686.rpm036bfebb78c8c225db188aed857d0653789a829110d958b8d752b068fea09f84SLBA-2012:0809-1This update fixes the following bugs: * Previously, the "Open Files" dialog box failed to show the "Size" column if it was previously used in "Search" mode. This update fixes the bug by ensuring that the "Size" column is always displayed accordingly to the "Show Size Column" context menu option. * Previously, copying text from selectable labels, such as those displayed in message dialog boxes, using the Ctrl+Insert key combination did not work. This update adds the Ctrl+Insert key combination that copies selected text to clipboard when activated. * Previously, certain GTK applications, such as virt-viewer, failed to properly initialize key bindings associated with menu items. This was due to a bug in the way properties associated with the menu items were parsed by the library. This update fixes the bug, rendering the menu items accessible again by key bindings for applications that use this feature. This update also adds the following enhancement: * Previously, the "Open Files" dialog box could appear with an abnormal width when the "file type" filter contained a very long string (as observed with certain image hosting websites), making the dialog unusable. With this update, the dialog box splits the filter string into multiple lines of text, so that the dialog keeps a reasonable width.Scientific Linux FermitrueScientific Linux Fermi 6gtk2-2.18.9-10.el6.i686.rpmc55aec1b86752d17a33ffdc8c9a7bcca8af65f0e8869e29a55244dc1d80e4a51gtk2-immodule-xim-2.18.9-10.el6.i686.rpm0b9567e5974a092925948d5415d55d9551c482a407cbe294f049b6a7c4c00833gtk2-devel-2.18.9-10.el6.i686.rpm2cbfb9d1ad39d9f85e3149fdc53fb17c051bb5ea9b33ab6aaa44be235ceab3dcgtk2-immodules-2.18.9-10.el6.i686.rpm4b208736d710b04f83b57d8267f0793249829d881728675fc3f272c1874cfaa2gtk2-devel-docs-2.18.9-10.el6.i686.rpm176a1529316043d9ea0ba5505aa2f976fca68fce21c362997935ec7b4367136fSLBA-2012:0821-2The slapi-nis packages have been upgraded to upstream version 0.40, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * Prior to this update, the schema compatibility plug-in could, under certain circumstances, leak memory when computing values for inclusion in the constructed entries even if the relevant values were not changed. As a consequence, the performance could decrease rapidly and all available memory was consumed. This update modifies the underlying code so that the memory leaks no longer occur. * Prior to this update, the directory server could terminate unexpectedly when processing a distinguished name if the relative distinguished name of a compatibility entry contained an escaped special character. This update modifies the plug-in so that special characters are now escaped when generating relative distinguished name values. * Prior to this update, padding values passed to %link were read as literal values. As a consequence, the values could not use the "%ifeq" expression. This update modifies the underlying code to treat the padding values as expressions using the "%ifeq" expression. This update also adds the following enhancement: * Prior to this update, the plug-ins used the platform-neutral Netscape Portable Runtime (NSPR) read-write locking APIs to manage some of their internal data. This update modifies slapi-nis to use the locking functionality provided by the directory server itself.Scientific Linux FermiScientific Linux Fermi 6slapi-nis-0.40-1.el6.i686.rpm4d3aee1f56fcd25a9f1b17784c5437475f5e50872ae9d5438feff7bc1a0c9e6bSLBA-2012:0833-1The certmonger packages have been upgraded to upstream version 0.56, which provides a number of bug fixes and enhancements over the previous version. This update fixes the following bugs: * Prior to this update, one of the examples provided in the getting-started.txt file did not work as expected if the daemon was prevented from accessing files in user-specified locations, for example by the SELinux policy. With this update, this problem is now documented in the getting-started.txt file. * Prior to this update, the certmonger daemon was not configured to start by default when the package was installed. This update enables the certmonger service by default. * Prior to this update, the "getcert" command could under certain circumstances, display the misleading error message "invalid option" when an option that required an argument was used and the argument was not specified. This update modifies the error code so that the correct message is now sent. In addition, this update adds the following enhancement: * Prior to this update, newly added certificates were not automatically visible. To see these certificates, servers had to be manually restarted. This update adds the emission of D-Bus signals over the message bus to allow applications to perform the actions they need to use a new certificate. Also, the new "-C" option was added to invoke a user-specified command.Scientific Linux FermiScientific Linux Fermi 6certmonger-0.56-1.el6.i686.rpm2c902ac384a943cd8cac13642b66b22e263e21eecfed5f6e99ddf5b72489ae08SLBA-2012:0837-1This update includes a number of bug fixesScientific Linux FermiScientific Linux Fermi 6bind-dyndb-ldap-1.1.0-0.9.b1.el6.i686.rpm05037b9a3f3133dbba2737ff4ce4a44e34e4aa34398773aab63cf73c993c6be3SLBA-2012:0844-1Note: The Matahari agent framework (matahari-*) packages are deprecated starting with the Scientific Linux 6.3 release. Focus for remote systems management has shifted towards the use of the CIM infrastructure. This infrastructure relies on an already existing standard, which provides a greater degree of interoperability for all users. It is strongly recommended that users discontinue the use of the matahari packages and other packages which depend on the Matahari infrastructure (specifically, libvirt-qmf and fence-virtd-libvirt- qpid). It is recommended that users uninstall Matahari from their systems to remove any possibility of security issues being exposed. Users who choose to continue to use the Matahari agents should note the following: * The matahari packages are not installed by default starting with Scientific Linux 6.3 and are not enabled by default to start on boot when they are installed. Manual action is needed to both install and enable the matahari services. * The default configuration for qpid (the transport agent used by Matahari) does not enable access control lists (ACLs) or SSL. Without ACLs/SSL, the Matahari infrastructure is not secure. Configuring Matahari without ACLs/SSL is not recommended and may reduce your system's security. * The matahari-services agent is specifically designed to allow remote manipulation of services (start, stop). Granting a user access to Matahari services is equivalent to providing a remote user with root access. Using Matahari agents should be treated as equivalent to providing remote root SSH access to a host. * By default in Scientific Linux, the Matahari broker (qpidd running on port 49000) does not require authentication. However, the Matahari broker is not remotely accessible unless the firewall is disabled, or a rule is added to make it accessible. Given the capabilities exposed by Matahari agents, if Matahari is enabled, system administrators should be extremely cautious with the options that affect remote access to Matahari. Note that Matahari will not be shipped in future releases of Scientific Linux (including Scientific Linux 7), and may be considered for formal removal in a future release of Scientific Linux 6. This update fixes, among others, the following bug: * Prior to this update, matahari agents were being unnecessarily restarted during upgrades. As a consequence, unexpected output could appear during the upgrade process. This update modifies the underlying code so that agents are not restarted more than once and no more unexpected reporting occurs. This update also adds the following enhancements: * Prior to this update, no shell tool for using matahari agents was available. This update adds a Python API and command-line shell to matahari. * Prior to this update, the matahari interface could not identify Python scripts written by users. This update adds the RPC agent to provide an API to execute user-written Python scripts installed on the target machine.Scientific Linux FermiScientific Linux Fermi 6matahari-vios-proxy-guest-0.6.0-14.el6.i686.rpmafea0035eaed709896a60dc7eb5efe79e45528f825f63cdf36c54486aa3cc64fmatahari-python-0.6.0-14.el6.i686.rpm38e7a66cf96f43972288401742d972be32341ce8dee668e581cec8fa001f0a97matahari-devel-0.6.0-14.el6.i686.rpm56ccdf869852861f42be85f340c49e41acda43c87f31a5aabd85f48144b95ad9matahari-service-0.6.0-14.el6.i686.rpmeb23a4d862cf690c7d6599c039c12ad08cc01218d043e89f41871fdf67c651b8matahari-agent-lib-0.6.0-14.el6.i686.rpm155ee0ac65ba36c427071ac357d36be5b88aa49ba2029bad8903460d8b3c5f57matahari-broker-0.6.0-14.el6.i686.rpm49f6eb2ada070127f9b0d08efa41a4af3bdd373acaba9f0b7e6f0191424524bematahari-vios-proxy-host-0.6.0-14.el6.i686.rpma560fd485d4d16c31f0872f69a77de8c939bdbb4eae4bf7278f6c73586f6abf1matahari-host-0.6.0-14.el6.i686.rpma824ac57de1abb03fb10b9900ee873102845c31b3786e31896c20f64b0c2093amatahari-sysconfig-0.6.0-14.el6.i686.rpm2e3a83b84ee2c8c049f9795c11844455dd9f69ab2fd1c8bbcbe32ee4c1e07a14matahari-lib-0.6.0-14.el6.i686.rpmf611f84fc78af82c843b8b0de52dbfb0c518262ba8d52eaa2ea7ee7a54794420matahari-rpc-0.6.0-14.el6.i686.rpm10ce0db4cee44c3846203495bee606c15ebf35e41adb8a4fd2748c9af61c9994matahari-shell-0.6.0-14.el6.i686.rpm573d5409e58e108ee1d37832636c74343e02302a6ac2df1be5b74b4ce1da0844matahari-consoles-0.6.0-14.el6.i686.rpm4ba06c01a827282829b981bdfe21082bcb07796e5d7244c5025f9bd81046413fmatahari-core-0.6.0-14.el6.i686.rpmc1476865db4c7619c757ac86324a3224f536f3c97e11241d2e2e11c27f985aa3matahari-network-0.6.0-14.el6.i686.rpm948cf6ff67c7d723b658749236778481ede9fef772b24932f1225aec2d7f7ddamatahari-0.6.0-14.el6.i686.rpm21d8f3d6c4261030331e457f6a493f943fbd4f08cd9bc91d88fc4ba38c7cff0cSLBA-2012:0877-1These updated mod_auth_kerb packages fix the following bug: * Due to a bug in the handling of memory lifetime when the module was configured to allow delegated credentials, the $KRB5CCNAME variable was lost after the first request of an authenticated connection, causing web applications which relied on the presence of delegated credentials to fail. The memory lifetime handling has been fixed, allowing such web applications to access delegated credentials. In addition, these updated mod_auth_kerb packages provide the following enhancement: * Support for "S4U2Proxy" constrained delegation has been added, which allows mod_auth_kerb to obtain credentials on behalf of an authenticated user.Scientific Linux FermiScientific Linux Fermi 6mod_auth_kerb-5.4-9.el6.i686.rpmf8b42233e9a5aa05f2946ea11752bf50fc5f58438bdb9b65d376b9addd9ffdfdSLBA-2012:0888-1Bug fixes: * The SPICE client did not pass the volume multimedia keys events to the guest operating system. Therefore, it was not possible to change the guest's volume with these keys. Usage of the multimedia keys is now correctly caught by the client and passed to the guest system. * In certain special multiscreen setups, after switching to full-screen mode and then quitting the SPICE client, the physical client screen turned off due to a bug in the code handling resolution switching. This updates fixes the code and the problem no longer occurs. * The SPICE client did not properly support the Xinerama extension in full- screen mode on multi-screen setups. Therefore, if the user switched to full- screen mode while using Xinerama, SPICE client windows failed to cover all physical screens used by the guest. This update improves Xinerama support and the SPICE client now behaves correctly in full-screen mode. * Sound recording in the guest failed when another application was accessing the recording device on the SPICE client start-up. The client now uses the PulseAudio sound server, which allows multiple applications to access the recording device at the same time. * The RHEV console accessible from User Portal failed to open and returned error code 1032. This occurred on certain non-English locales as the value of the localized keyboard modifier was not considered a legal value of the hot- keys property. With this update, the hot-key value is parsed correctly even if unrecognized by the parser and falls back to its default value in such case. * USB Auto-Share did not work on the initial full-screen of a SPICE session and a USB device could remain inaccessible unless the user switched focus to a different application and then back to the SPICE-client window. This occurred due to a race condition in the underlying code. The code has been modified and the problem no longer occurs. * The SPICE context (right-click) menu was not always available in the client. The context menu was not displayed on clients where the USB Redirector Service was installed but not started and the user switched to window mode. The SPICE client has been updated and the context menu is now always available in window mode. * Starting the SPICE client from the RHEV portal failed when the local username was too long. With this update, the code has been modified and they are no longer constrains on the username length. Enhancements: * Support for receiving a controller message telling the client to enable smart-card support has been added. * The SPICE client is now able to handle requests from the RHEV portal to enable or disable passing of the Ctrl+Alt+Delete key combination to the guest operating system.Scientific Linux FermiScientific Linux Fermi 6spice-client-0.8.2-15.el6.i686.rpm70ec2fe4ddd3b2583d7d4bf103406acebedf96df4aa165fd698d16aece62a61eSLBA-2012:0889-1This update fixes the following bug: Prior to this update, python-memcached failed to get statistics for the memcached server and the "get_stats()" function returned a warning message. This update modifies the "get_stats()" method so that python-memcached can now get the statistics as expected.Scientific Linux FermiScientific Linux Fermi 6python-memcached-1.43-6.el6.noarch.rpm71ef3ca703e2fcf871e661fffcec9b37436874a92c7f96aa4b6493909b829e75SLBA-2012:0924-1This update fixes the following bugs: * When the diskdevstat or netdevstat tool was run with wrong command-line arguments, the tool returned a compilation error and exited. Both tools have been fixed to check the command-line arguments. With this update, a short usage help message is printed in the described scenario, describing the available options. * When the tuned utility was running in a virtual guest, the disk-scheduler setting was not applied on virtual disks (vd*). Now, default configuration files that cover virtual disks have been updated and the disk-scheduler setting is now applied on the virtual disks in virtual guests. This update adds the following enhancements: * With this update, a new "virtual-host" profile has been added to the tuned package, providing fine-tuned profile for hypervisors managed by RHEV Manager. * With this update, a new "virtual-guest" profile for virtual systems has been added to the tuned package, providing fine-tuned profile for Scientific Linux 6 KVM virtual guests.Scientific Linux FermiScientific Linux Fermi 6tuned-0.2.19-7.el6.noarch.rpme92afca0d532c537e50fa47b3d531a49d3ee5850008ed3901e5a25c285b3846ctuned-utils-0.2.19-7.el6.noarch.rpm5fcfb7d97fb5a90e00dc98507d26b1f382cc73204faa7e4beb38d422a3ccca91SLBA-2012:0927-1This update fixes the following bug: * A bug in memory handling could cause memory corruption when converting a serialized object to a PHP object. Consequently, a PHP script terminated unexpectedly with a segmentation fault. This update corrects the bug so that memory corruption no longer occurs and PHP scripts are now executed successfully.Scientific Linux FermiScientific Linux Fermi 6php-pecl-memcache-3.0.5-4.el6.i686.rpm2407171dfd1ec24f562d61cc86c649f0fa1beddbc63a31f44eb83acf531862a2SLBA-2012:0936-1This update fixes the following bug: * Prior to this update, the "memalign" and "posix_memalign" replacements could only handle alignments of 1 MB maximum. As a consequence, running qemu-kvm in valgrind could cause alignment errors. This update modifies the underlying code so that memalign and posix_memalign replacement can now handle alignments up to 4 MB. This update also adds the following enhancement: * With this update, valgrind has been updated to provide complete support for IBM POWER7 Series and VPN-1 Power VSX hardware as well as support for Decimal Floating Point (DFP).Scientific Linux FermiScientific Linux Fermi 6valgrind-devel-3.6.0-5.el6.i686.rpm12fc5c69a108a09adbe4a66ae49c304d48e1f20bebad3a0462100db091396eadvalgrind-openmpi-3.6.0-5.el6.i686.rpm3256ed3825e93d9106f4c00425e01fc002320554c8b84b64ae2fd4c558a0c0c5valgrind-3.6.0-5.el6.i686.rpm22076e65e644e116bcd319e1b564fd11cb0459ba380b971dded4dc7e74c8f35cSLBA-2012:0967-1This update fixes the following bugs: * Previously, the "--autosave" option did not work correctly when using Augeas in batch mode, which caused that configuration changes were not saved. As a consequence, configuration changes could be saved only in interactive mode. This update ensures that the "--autosave" option functions in batch mode as expected. * Prior to this update, when parsing GRUB configuration files, Augeas did not parse the "--encrypted" option of the "password" command correctly. Instead, it parsed the "--encrypted" part as the password, and the password hash as a second "menu.lst" filename. This update ensures that the "--encrypted" option of the password command is parsed correctly when parsing GRUB configuration files. * Previously, Augeas was not able to parse the /etc/fstab file containing mount options with an equals sign but no value. This update fixes the fstab lens so that it can handle such mount options. As a result, Augeas can now parse an /etc/fstab file containing mount options with an equals sign but no value correctly. In addition, this update adds the following enhancements: * Previously, the finite-automata-DOT graph tool (fadot) did not support the -h option. Consequently, when fadot was launched with the -h option the "Unknown option" message was displayed. This update adds support for the -h option and ensures that a help message is displayed when fadot is launched with the option. * Previously, Augeas did not have a lens to parse the /etc/mdadm.conf file. Consequently, the tool for conversion of physical servers to virtual guests, Virt-P2V, could not convert physical hosts on MD devices. This update adds a new lens to parse the /etc/mdadm.conf file, enabling Virt-P2V to convert physical hosts on MD devices as expected.Scientific Linux FermiScientific Linux Fermi 6augeas-0.9.0-4.el6.i686.rpm884915349595853ab9ed3761bb45fa16d21ec2ae53e6cebbb98ac24ff8712f1eaugeas-devel-0.9.0-4.el6.i686.rpmd13ecaa697243d1fdc25ec76877a93db3768038b028e2de16488fd846feda82faugeas-libs-0.9.0-4.el6.i686.rpmc78ec5a971a8336ffd40992298017d230fdcd88eef5e0f1bde28cf16671c6db0SLBA-2012:0969-1These updated policycoreutils packages provide fixes for the following bugs: * The semanage utility did not produce correct audit messages in the Common Criteria certified environment. This update modifies semanage so that it now sends correct audit events when the user is assigned to or removed from a new role. This update also modifies behavior of semanage concerning the user's SELinux Multi-Level Security (MLS) and Multi-Category Security (MCS) range. The utility now works with the user's default range of the MLS/MCS security level instead of the lowest. In addition, the semanage(8) manual page has been corrected to reflect the current semanage functionality. * Prior to this update, the ppc and ppc64 versions of the policycoreutils package conflicted with each other when installed on the same system. This update fixes this bug; ppc and ppc64 versions of the package can now be installed simultaneously. * The missing exit(1) function call in the underlying code of the sepolgen- ifgen utility could cause the restorecond daemon to access already freed memory when retrieving user's information. This would cause restorecond to terminate unexpectedly with a segmentation fault. With this update, restorecond has been modified to check the return value of the getpwuid() function to avoid this situation. * When installing packages on the system in Federal Information Processing Standard (FIPS) mode, parsing errors could occur and installation failed. This was caused by the "/usr/lib64/python2.7/site-packages/sepolgen/yacc.py" parser, which used MD5 checksums that are not supported in FIPS mode. This update modifies the parser to use SHA-256 checksums and installation process is now successful. * Due to a pam_namespace issue which caused a leak of mount points to the parent namespace, polyinstantiated directories could be seen by users other than the owner of that directory. With this update, the mount points no longer leak to the parent namespace, and users can only see directories they own. * When a user or a program ran the "semanage fcontext" command, a traceback error was returned. This was due to a typographical error in the source code of the semanage command. This updates fixes this error, and executing the semanage fcontext command works as expected.Scientific Linux FermiScientific Linux Fermi 6policycoreutils-python-2.0.83-19.24.el6.i686.rpm58c0d4025a2fe8a0881945f2795e3919237996d838a663ed43b64ca119427b83policycoreutils-2.0.83-19.24.el6.i686.rpm970b49f5bfad67633b19adda4a9a41b49dc7d11a2ef3cdd6f511d92ca1465fc1policycoreutils-gui-2.0.83-19.24.el6.i686.rpm86fdae3e7ff4d804717d3427555d1f36b4203f32eb4639474bafec5cf37959bfpolicycoreutils-newrole-2.0.83-19.24.el6.i686.rpm39cbe212b8560273ec53d973655ecf33e23a5a80a06aa2d464063a222356cc8apolicycoreutils-sandbox-2.0.83-19.24.el6.i686.rpmea78dada30b216d554b724ffa49f472a94609bdb30ae5e03a66b8991b8365956SLBA-2012:0992-1The mysql-connector-java package has been upgraded to the latest upstream version, which provides a number of bug fixes and enhancements over the previous version. For a list of changes, refer to the MySQL Connector/J documentation: http://dev.mysql.com/doc/connector-j/en/cj-news-5-1-17.html http://dev.mysql.com/doc/connector-j/en/cj-news-5-1-16.html http://dev.mysql.com/doc/connector-j/en/cj-news-5-1-15.html http://dev.mysql.com/doc/connector-j/en/cj-news-5-1-14.html http://dev.mysql.com/doc/connector-j/en/cj-news-5-1-13.html This update also adds "stub" implementations of methods required by the JDBC 4.1 API specification. Currently, these methods throw exceptions when called, but their presence is necessary for the driver to function properly in JDK 7 and later. This update also converts the driver from a GCJ build to a pure jar (noarch) build. mysql-connector-java package, which resolves these issues and adds these enhancements.Scientific Linux FermiScientific Linux Fermi 6mysql-connector-java-5.1.17-6.el6.noarch.rpm86c1756eb8b35dbad220b3ed0ad4fff1bd17acf6b9320b39e8bef405b609459dSLBA-2012:0995-1This update fixes the following bugs: * On Lenovo ThinkPad T500 laptops, the display could have stayed blank after opening the lid when it was used with an external display in mirror mode. Consequently, the following message appeared: Could not switch the monitor configuration Could not set the configuration for CRT63 With this update, the underlying source code has been modified so that the display turns on as expected when the lid is open. * On Lenovo ThinkPad series laptops, the system did not always resume from the suspend state. This was dependent on monitor configuration and could occur under various circumstances, for example if the laptop was suspended docked with only external display enabled, and later resumed undocked with no external display. With this update, the system now resumes correctly regardless of the monitor configuration. This update also adds the following enhancement: * In addition, this update adds accelerated rendering support for the Intel Core i5 and i7 processors.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-intel-2.16.0-4.el6.i686.rpm44ce72807d75eb348bcb8ecd67e2b87e6bdc2f9a09ed22f558106d280ab15aa2xorg-x11-drv-intel-devel-2.16.0-4.el6.i686.rpm2bcacdabe5790a52a33b5ee15524bb7c003854fba8fa5938880724bd88619cc3SLBA-2012:1003-1This update fixes the following bug: * Due to a missing out-of-memory (OOM) check and improper freeing of allocated memory, the Privacy Enhanced Mail (PEM) module did not fully validate the encoding of certificates stored in a PEM-formatted file. As a consequence, error handling tests failed. With this update, the PEM module correctly validates the encoding, handles memory deallocation consistently, and error handling tests pass as expected.Scientific Linux FermiScientific Linux Fermi 6nss-devel-3.13.3-8.el6.i686.rpm242165033f1d6beaaca44c072f4b5cf081d3b43d171946bba3c5c4ca17cceffcnss-3.13.3-8.el6.i686.rpm3fa1a462cdee7bcddaf05f7bdabc5ef810e2c71b95e2a8cb12bad8b6a4553326nss-sysinit-3.13.3-8.el6.i686.rpm5fabfa4797762e92caf3b04f938b929f66cf33008831bb5b28c7839baea47c38nss-pkcs11-devel-3.13.3-8.el6.i686.rpm125d42e51e80a46f0d355ff230da064e32463b1e77400fb5b84e7e8b3145d97enss-tools-3.13.3-8.el6.i686.rpm3f96181310bd4b6ea241fc27e3bce5c15443cb83e331cc63ca08e91721f77e1bSLBA-2012:1004-1This update fixes the following bug: * When the system produces a new SELinux denial, the setroubleshootd daemon executes the rpm tool to check information about the relevant packages. Previously, setroubleshootd was unable to execute the rpm tool, and AVC denials were logged in the /var/log/audit/audit.log file. With this update, the relevant policy has been corrected so that SELinux denials are no longer produced in the described scenario.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-doc-3.7.19-155.el6_3.noarch.rpm791c18aad6439a6cc5bc5d4cd16aec14fcec368471204b4b223db751b153ec5cselinux-policy-minimum-3.7.19-155.el6_3.noarch.rpm44fb1c1c776c206bc9045c24e646ea2d561ee7e865dd12c01fb6847664fd6683selinux-policy-mls-3.7.19-155.el6_3.noarch.rpmb03b3304c5b0f5e2807ac7e9b345d9ac2920016fc31e843b03d0f6dc0f22b2a2selinux-policy-3.7.19-155.el6_3.noarch.rpm5e5713080988512cad75caa55b3556cdbef87126c921bd441cf5514e9e5e3d6cselinux-policy-targeted-3.7.19-155.el6_3.noarch.rpm302fcc98886a307debad05b1674e763cafc1d7f16fe69e33c9d27aaf2b246440SLBA-2012:1252-1This update fixes the following bugs: * Previously, with the MLS policy activated, a user created with a MLS level was not able to log into the system using the ssh utility because an appropriate MLS policy rule was missing. This update adds the MLS rule and users can now log into the system as expected in the described scenario. * When OpenMPI (Open Message Passing Interface) was configured to use the parallel universe environment in the Condor server, a large number of AVC messages was returned when an OpenMPI job was submitted. Consequently, the job failed. This update fixes the appropriate SELinux policy and OpenMPI jobs now pass successfully and no longer cause AVC messages to be returned.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-mls-3.7.19-155.el6_3.4.noarch.rpm2f319dec3987c02c4d7b55c2007651dcd6a19b84551c167240bebb92696edc78selinux-policy-3.7.19-155.el6_3.4.noarch.rpm8e6941c8f0c1a846fce6260174410562a0f2ed486d35ecf3b75b3d9516d2eb3dselinux-policy-targeted-3.7.19-155.el6_3.4.noarch.rpm0f5cf723157e9f93e4fab4c9e1e958f6c6fe8ded8204b0cacb59c30e958f3328selinux-policy-doc-3.7.19-155.el6_3.4.noarch.rpm3122d2c77073ed6703c1231db7e6b9d2dadc1f261888389ec92eb9965eb0c25cselinux-policy-minimum-3.7.19-155.el6_3.4.noarch.rpm3bdfba5da0785f4fb9050a51a623f6f04276705c979dd2af964f9c270554285aSLBA-2012:1367-1This update fixes the following bugs: * Prior to this update, the "/etc/profile" script used a non-portable method for undefining the pathmunge() function. As a consequence, the script could encounter problems when using the korn shell (ksh). This update modifies the undefining method of the function to work more efficiently with alternative shells. * Prior to this update, the accounts for the haproxy system user, the jbosson- agentsystem user, and the jbosson system group were created with dynamic uid/gid assignment, which is not recommended for network daemons and for sensitive data. With this update, the static uid/gid pair 188:188 can be used to create these users and groups.Scientific Linux FermiScientific Linux Fermi 6setup-2.8.14-20.el6.noarch.rpmc66d968570be30c8b02c5519be4132675a0b5edfe61e876bce66ac2b3fb7c61eSLBA-2012:1441-1This update fixes the following bugs: * Previously, SELinux was blocking the /usr/libexec/qemu-kvm utility during a migration of a virtual machine from RHEV Manager. Consequently, such a migration attempt failed and AVC messages were returned. This update fixes the virt_use_fusefs boolean and adds the sanlock_use_fusefs boolean, thus allowing the migration to succeed in the described scenario. * When trying to start a virtual machine on a POSIX-compliant file system, SELinux denied the operation and returned AVC messages. This update amends the SELinux policy to allow the described scenario to succeed.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-minimum-3.7.19-155.el6_3.6.noarch.rpm3ce8128a6503a9da08e4ec82d13b65f1066ac31fbf9fedcf7218f096faa28028selinux-policy-doc-3.7.19-155.el6_3.6.noarch.rpmc849ab76a6b21c81ceb5fb9fd46715662c8d78fcdc7d8ca370379e07627ecf75selinux-policy-3.7.19-155.el6_3.6.noarch.rpm7d3d7e49f42b38b8e65f413b8d96742c982c6b88b2b4070822ff0a3712b4e220selinux-policy-targeted-3.7.19-155.el6_3.6.noarch.rpm8fa922df00cf0fcc09f8cc609a25d6723b4d510a5b7103219640ae8b16c8350eselinux-policy-mls-3.7.19-155.el6_3.6.noarch.rpm855a5e1f05cad649fa42f2b8fd95fd548652a74c44634894363162d5124982c8SLBA-2012:1581-1This update fixes the following bug: * Due to a bug in the SELinux policy, it was not possible to run a cron job with a valid MLS (Multi Level Security) context for the sysadm_u SELinux user. This update fixes relevant SELinux policy rules and cron now works as expected in the described scenario. * Previously, SELinux prevented "rhevm-guest-agent-gdm-plugin" to connect to the SO_PASSCRED UNIX domain socket. Consequently, Single Sign-On (SSO) did not work because the access to the credential socket was blocked. This update fixes the relevant policy and SSO now works as expected in the described scenario.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-doc-3.7.19-155.el6_3.13.noarch.rpm697f63722dcfc89480650ad4fc8fe83119d51c2ca9199709cdad460ef5f72c10selinux-policy-minimum-3.7.19-155.el6_3.13.noarch.rpm63df81815bb5efecf5bfcc93c8e64084279708b5e100a903ce5f48e75b10dc97selinux-policy-targeted-3.7.19-155.el6_3.13.noarch.rpm1b08842e4e05f013410edc4be0179da368a476e2b4de6c9a5505dd2b8009a2eeselinux-policy-mls-3.7.19-155.el6_3.13.noarch.rpmd90b9010a36daaa85166574c79b8ceb9133e4d35291ad2f1c135851fc4072bcbselinux-policy-3.7.19-155.el6_3.13.noarch.rpm0e08a79a2e66efdc347e5374904bec67e9f386dc6ccb9826c69772b9c27c3b16SLBA-2013:0002-1This update fixes the following bug: * Previously, the quota_db type was created as the openshift_var_lib_t type. Consequently, an attempt to create a quota system on openshift_var_lib_t failed with a permission error. The relevant part of the SELinux policy has been fixed and the quota system can now be created as expected.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-mls-3.7.19-155.el6_3.14.noarch.rpmb1c443006c283e254ae0412fd6e452c2383be3e448ea2ca86a829d272f61cd88selinux-policy-minimum-3.7.19-155.el6_3.14.noarch.rpm22ec879ba7f35720e66d88f3e83ea9e2b51bdf6978066a805229678afa5daeaeselinux-policy-doc-3.7.19-155.el6_3.14.noarch.rpm604c2935a179f20609c0198c1830438096e9bee83137534fa9982bc4a07a0251selinux-policy-targeted-3.7.19-155.el6_3.14.noarch.rpm421f17658a924ba2849513988acf557a81b2d51e89ebc8d84171971df4cdbf88selinux-policy-3.7.19-155.el6_3.14.noarch.rpm814680b0f3e8081fde71ace6aac53e8eb6980f212e1560a8ec68c9f4a2087045SLBA-2013:0294-1The Core X11 libraries packages contain the base protocol of the X Window System, which is a networked windowing system for bitmap displays used to build graphical user interfaces on Unix, Unix-like, and other operating systems.Scientific Linux FermiScientific Linux Fermi 6libXxf86misc-1.0.3-4.el6.i686.rpm39c45320e6b2695ede5a1684d379061d54c19095084319c18f44b53d70fb7898libX11-1.5.0-4.el6.i686.rpm4d885ee8de00fd605fdfdfde0b31496a879266985a603b4af00c56d1c4880321libXt-1.1.3-1.el6.i686.rpm10b2f0a1707b3200c26e1c759821b1456a23aceb50c22b8fb5fcfdcec45b4d75libXext-devel-1.3.1-2.el6.i686.rpmc2e4260e0de338292580bdc77abc39a595a6d4d66a8a0f646b87cfe8bd1e2f46libXinerama-devel-1.1.2-2.el6.i686.rpm70e1094f6bc8d8fb4f112d8290bd6facd8472d5f16a7972b2b2444480db302cdlibXxf86vm-1.1.2-2.el6.i686.rpmfa1ab9f59ad4221e60c1b6e8b39e0b353ea4fc4b2cd29c57c2492a800a97bf6alibXdamage-devel-1.1.3-4.el6.i686.rpma55ba019865c84572a8e43064589f947a83bedad0dc777d70c7096d36c4aeb9blibXScrnSaver-devel-1.2.2-2.el6.i686.rpmed54d35ad193c5d98845e5ce6ef1d6053d9c219652e6564f7b3f0a271d3bce1elibXau-devel-1.0.6-4.el6.i686.rpmd0a49c146e417343a769d7f89933eb24337d9dde2a9902de14880c0d79f20bd0libXdamage-1.1.3-4.el6.i686.rpm5ee6ff170158d0d62ec3a82b170e16e9ece294af01772f07f4d7756f015e8f25libXft-2.3.1-2.el6.i686.rpmb0be9280fbeaaa6bfdae1948d6a5d8bcf421602d738a54b9493113a2eb184b02libXcursor-1.1.13-2.el6.i686.rpm1206790bd936193c087e1a5be4d4d1860396ec30987ef884ce80ab76c91902celibXft-devel-2.3.1-2.el6.i686.rpm7c7fa74c6988c564466f04fd8354410e1bc0a6672e1c8e8ab43a5d43e37ba443libxcb-1.8.1-1.el6.i686.rpm875f7cdc5bea2ccbd18a77540e5ae5e754944e1b2cd642cef08f44c79642ed40libXfixes-devel-5.0-3.el6.i686.rpma33823bb7cf7170de5d22fc8c8221aa127fa84ff68ce1b29c38854b6f7430d00libX11-common-1.5.0-4.el6.noarch.rpm172e465be44128c814665b37972860ca8a4b502c31a5b5152efb825118163a8flibxcb-devel-1.8.1-1.el6.i686.rpm565dec38e3bd5c44490ae63cde606e681222f7713d07abeac7771ed03124d280libXtst-1.2.1-2.el6.i686.rpm2373bdee9a3eb613ca021a935fcae3b4f94ceca3c6996b3ddfd99e68e0fd0af9libXevie-devel-1.0.3-4.el6.i686.rpmc1ade16a6fb93799b7e617f3f1ff7cd997bd14b8791508c2d1fbe16bbaefb467libXvMC-1.0.7-2.el6.i686.rpm1df306c8c7bc44507881ac0aa52db09f9c3760c7f2a0cda1a4b31e4aa4e6d9belibxcb-doc-1.8.1-1.el6.noarch.rpm7548cd8f920717aa228f7c437d88987f350e4ad56723a9a27b3a3ad6e6209fd3libXres-1.0.6-2.el6.i686.rpme52306e32c557b38f11456f3382cecef63b477c0a1e9f0f787cdb6069434eb0elibXtst-devel-1.2.1-2.el6.i686.rpm4a83bbd683cd572637c52bbb15091282e9583916a02bb62c27d738ecebec7b8alibdrm-2.4.39-1.el6.i686.rpmf352418aa0d57d2fe569f41196486d5c59326efb9d406550acba45a533d49c52libXaw-devel-1.0.11-2.el6.i686.rpm43dbfaf03693f61440542fd45c0d0d1afabef5e05dc6045d2be04c51e1561d74libXaw-1.0.11-2.el6.i686.rpm800813b954de7e8092755a105e1aa6087e69f34278b894a44f040ef942d64a18libXevie-1.0.3-4.el6.i686.rpm450c9dc53097e64014ea4e5c60d7f97b704794d384d9412040f443f88dcfce8clibXcomposite-devel-0.4.3-4.el6.i686.rpmbf1869d839dac8eeb1328af0630ca6743150e365d0535b9febbcdd42a4cb76fclibXau-1.0.6-4.el6.i686.rpmebfe2ecae3115ffbcfe5e3b74d0a80cba9784e33745fca00255ce650aecd66c3libXfont-devel-1.4.5-2.el6.i686.rpm1285cfa94a5cf84614bdd77b8125bde304b5d3f66860d019de124fb0b960893clibXrandr-1.4.0-1.el6.i686.rpmf22e6bb4d9615e5471e552ed5b6c4fda01dd0152511bf8a789b04b4b771ccdc4libdrm-devel-2.4.39-1.el6.i686.rpmae17c778906642ceb2ed9d5db8860fd3ee333d85df877812dfb9246990323945libXfont-1.4.5-2.el6.i686.rpm48a92d8fef94d2b93b7bae8c2a64fdffda773471130eae280abda772a1d3e7b9pixman-devel-0.26.2-4.el6.i686.rpm710fc83ef387d468c8fb8a5200ec3c31e8709f2c1c48a9802f067fabbfc4314clibXcursor-devel-1.1.13-2.el6.i686.rpm98eb8051a6090ea1468c7b67acc0c3dc752f754e33721378d5cb5ebaf028a872xcb-proto-1.7-2.el6.noarch.rpm6e6810b45e82b4a21c5b4926c19e1226a2cc3794142d4a82fd104349036248felibXdmcp-devel-1.1.1-3.el6.i686.rpm7676fee77c38bdc9c865f227c1bf6f90bd33ead1b63e485a086b0e8eea115ee9libXxf86dga-devel-1.1.3-2.el6.i686.rpmb6d82c0c2f9de2563ae2077ee5049c9d385721c8c9c9e7883d9fa0aec9d36a52libXfixes-5.0-3.el6.i686.rpm17ea462382a63f25d35aad2902e97b4f2e7d8b31395c3e38fa7b572359b15031libXt-devel-1.1.3-1.el6.i686.rpm4df163d931f3e0f6a577f3854e5dfdfa5ef94f0647e94856eed5206aa9b0f3bdlibXmu-1.1.1-2.el6.i686.rpmf69566d5f0b9ff42f283c848cf112c25972c2c69f23170bf3394f83a540097c8libXrandr-devel-1.4.0-1.el6.i686.rpmb0e4ca600ed66a24b8b54adcfdf6d4730a5367f5eae63c7e70be79674bda8bb4libXrender-0.9.7-2.el6.i686.rpme73d907adbdcbd7d77a079c6c7a826430234347287b2670f6138e1f6944cc55epixman-0.26.2-4.el6.i686.rpm69a6f108be25980174823299032c109c6d9e5aece35314c70eb2904f9d3ab1aalibpciaccess-0.13.1-2.el6.i686.rpm5126ef120abc5d544f5c1e5d5997333fecedd048e52a0f174662bf0c8586330blibXv-1.0.7-2.el6.i686.rpm77de15c94fb6509447c7df95684e783a98e40b25bbfbaf4e7b4d8ad10b07ab1dlibXinerama-1.1.2-2.el6.i686.rpmd02dfa77baa03d0a63f126e9e539429acab0e0ff2d9ff9ba9f1bd6cd9c6a56cdxorg-x11-util-macros-1.17-2.el6.noarch.rpm770fea005a20762486bb901169620092479d3b7371f5b726b7c357589ee0de54libXpm-devel-3.5.10-2.el6.i686.rpmde28febcfa2bb7d0279552a65f56d56b7d17f76f00b4eaff99ba1e3c9a351ec7libXcomposite-0.4.3-4.el6.i686.rpmcf98c4412b2d5b289501af8f855f6d9666fd2edf8555431d18d8a9161ad0b182libpciaccess-devel-0.13.1-2.el6.i686.rpm78c0b384e30327658d1ed5514e6241c47bf2810b3378ecad3fb645303a4ec412libXpm-3.5.10-2.el6.i686.rpm56c3214d98b64f35f49d7f73fb7de0e29a199937088716d3b9fb50e8640ab4a7libXi-1.6.1-3.el6.i686.rpma1b135b13b6093e41b354d1f8b1e7b71c4d93f785c5f80649fe088ec0b47fc5alibxcb-python-1.8.1-1.el6.i686.rpm396d40a5a35f92a87be6a96ddf9133d4230cb6b4092bb0f9c9dfaa015c0f9c4dlibXxf86misc-devel-1.0.3-4.el6.i686.rpm183a46cf9a879828e4992053c43e0ed428ec016134c4d5fe8378536d2e656e9alibXxf86vm-devel-1.1.2-2.el6.i686.rpm0b25bddebf9da3770cf665b28b053d7cd7945cb3129d2bce5797553d179e90f9libXxf86dga-1.1.3-2.el6.i686.rpma201742ec66c1c8f375006041c159a72acac2476b5a8fdd5feb26ca73d8516b4libXrender-devel-0.9.7-2.el6.i686.rpmdc7fea0946681e4606276810dc011b31d46e10e7011adfd70cdee9596cf7e9d6xorg-x11-proto-devel-7.6-25.el6.noarch.rpm389a470b3f3024d33638f5b2ff831d1ae6b40babfbe3c99a161f58bd384e9e94libXvMC-devel-1.0.7-2.el6.i686.rpmd4b5f5838026eb6b8da57796f31a2038cf3c8a519358653fe958370d75b64263libXScrnSaver-1.2.2-2.el6.i686.rpm605bbbc38e416c3c45f01c48489734607cee7c7c6a64b061e66d8ed4136ece06libXdmcp-1.1.1-3.el6.i686.rpm91be5ae171c8f7e2cf1ad766a5ec32a6ca272a7ae72002fa806fb75b81af450dlibXres-devel-1.0.6-2.el6.i686.rpm57ae398020c2f48702a8617d03af0099eaa2e10a9924a4cdad0d101ddda1a92dlibXi-devel-1.6.1-3.el6.i686.rpm3df15adb75dce5d4aa6d6bbb083ad7efa031a26cfa6f1ed9e5af49f2ff5363b5libXv-devel-1.0.7-2.el6.i686.rpmccb2e085aabcbd50522607f3bc8db183f34e634f6d658c1b8b9bea7ec1d3c825libX11-devel-1.5.0-4.el6.i686.rpm19b51b82bf3864f78da7d63958cd0f2f399ed4af901255e96875e72e91e4f4b1xorg-x11-xtrans-devel-1.2.7-2.el6.noarch.rpme6143fb58bc4b73c1ceecfdf6f814de2c12379b3f917b1363a6edc586130c919libXext-1.3.1-2.el6.i686.rpm55c2987fddaf4ab8e3808f6d56abf95d04ea2bf35637b2fbbf04357018463e83libXmu-devel-1.1.1-2.el6.i686.rpmee9562c34eb4c80eb46aca942978e2e594c64e1cfdf15350653e689cb837ed96SLBA-2013:0296-1The xorg-x11-drv-wacom package has been upgraded to upstream version 0.16.1, which provides a number of bug fixes and enhancements over the previous version. This update fixes the following bugs: * Due to a bug in the input driver, covering the Expresskeys on the Wacom Intuos5 graphics tablet caused a spurious stylus jump to the upper left corner (0,0). This bug has been fixed and the described issue no longer occurs. * Previously, the xorg.conf configuration file with two devices containing the same input node caused a double free error and subsequent failure of the X server. With this update, xorg.conf has been fixed, and the server crash is now prevented. This update also adds the following enhancements: * With this update, support for the Wacom Intuos5 series graphics tablets has been added to the xorg-x11-drv-wacom package. * With this update, support for the Wacom Cintiq 22HD series graphics tablets has been added to the xorg-x11-drv-wacom package.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-wacom-0.16.1-3.el6.i686.rpm3baddaa7443d6bff7d1469d5c85f9885f7e86bb7b9bfe1c4d31ee3a139ef031exorg-x11-drv-wacom-devel-0.16.1-3.el6.i686.rpm17b37feaf423b5edcdea7ee0905484c0f664010ee80330f1f319b4bfabfa3041SLBA-2013:0297-1The xorg-x11-drv-evdev package has been upgraded to upstream version 2.7.3, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-evdev-2.7.3-5.el6.i686.rpm6ef8099beb31bf491ce8316fdd174ea3cbcc7fd63f95c075579e1ba7823598fcxorg-x11-drv-evdev-devel-2.7.3-5.el6.i686.rpmc89deead590575d08419cca9da44c6a415026d1bf51a2c3958e1e048d474d7c5SLBA-2013:0298-1The xorg-x11-drv-synaptics packages have been upgraded to upstream version 1.6.2, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-synaptics-1.6.2-11.el6.i686.rpm1c1c91c5cdf6d6d30c079a9c133f93578ce41cad13ee99c2a32914ca00eaeb59xorg-x11-drv-synaptics-devel-1.6.2-11.el6.i686.rpmc5804693dcb54db27f430bb72836092cd735553205615ed4d85386d4a0af2297SLBA-2013:0299-1The xorg-x11-server packages have been upgraded to upstream version 1.13.0, which provides a number of bug fixes and enhancements over the previous version. This update fixes the following bugs: * When the GNOME sound volume applet was configured to pop up after pressing the "mute", "volume up", or "volume down" hardware buttons, doing so caused a graphical glitch to appear in a dual monitor configuration. Now, the screen glitch no longer appears. * When spice-client was opened in full-screen mode, the client screen contained a static image which was not refreshed until it was switched back to window mode. Now, the static image no longer appears when opened in full-screen mode. * When the screen saver started to fade, pressing keys did not interrupt the fade and did not immediately display the unlock screen. Now, pressing keys stops the screen from fading. * A NULL pointer dereference caused X.Org to terminate unexpectedly with a segmentation fault on certain servers. The error is fixed and X.Org no longer crashes on those servers. * An invalid pointer dereference in the server caused the server to unexpectedly terminate with a segmentation fault when the mouse was moved over the VNC window. Crashes no longer occur when moving the mouse over the VNC window. * The KVM process could not access the X server because the "/usr/bin/Xorg" binary was unreadable for non-root users. Now, all users can read the binary and KVM guests can access host operating systems. * A transformation matrix is used to bind a device to a specific area on the screen. An uninitialized device transformation matrix caused the pointer to jump to the top-left corner of the screen on some devices. With this update, the transformation matrix is properly initialized and pointer device movement works as expected. * An X Input Extension (XI 1.x) grab on a disabled device led to a NULL pointer dereference error which caused the server to terminate unexpectedly. Currently, the XI 1.x grab functions normally and the X server no longer crashes. * When screens are reconfigured, the server updates some internal fields to adjust input device coordinate scaling if the device is bound to a specific screen. The NVIDIA binary driver did not have access to these internal methods, and was not able to update these fields when it changed output configurations. A new API is now exported for the driver and the NVIDIA driver is now able to update the server-internal fields. * Pointer screen crossings for non-Xinerama setups caused the mouse pointer to wrap around on the first screen instead of moving to the second screen. Now, the mouse pointer can move between both screens on non-Xinerama setups. * Running xrestop on servers that used Intel, ATI or Nouveau drivers caused the server to terminate unexpectedly with a segmentation fault. Now, users are able to run xrestop on those servers without crashes.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-server-common-1.13.0-11.sl6.i686.rpm2763095cee0af42959dfc9a1d48cded162d76f35d774ff6c78459a73b3b8b402xorg-x11-server-Xnest-1.13.0-11.sl6.i686.rpm87add54874ee11dbbc900554c0a50b23c15fb6a356be8c1ed6622e450df8489exorg-x11-server-Xephyr-1.13.0-11.sl6.i686.rpm8365e1a792ffba97b4f5932eeb289df346bbf93a5ab78750f415ed8cca1f29daxorg-x11-server-Xdmx-1.13.0-11.sl6.i686.rpmed02357d8a6b4fb7fde437f2b7466172da3eadec12db56497537154ea66dfc49xorg-x11-server-devel-1.13.0-11.sl6.i686.rpmf4502cbc28a8732b023dd3751efd6e35c890327f51d6de8fdbb0dc5723256cd6xorg-x11-server-source-1.13.0-11.sl6.noarch.rpm7aa282aec6eca63b184be7da570a4957dc4a56093e2e564aa403e506b0d27007xorg-x11-server-Xvfb-1.13.0-11.sl6.i686.rpmba6512b90198277b3457006cee22afd950a2d6cb2a3b5bac79d6e8fbbbe2f28fxorg-x11-server-Xorg-1.13.0-11.sl6.i686.rpm79dac109074c8fe2e075f61987041e35bf39c9032aa3678d057b5aae3b5c483eSLBA-2013:0300-1The xorg-x11-drv-vmmouse package has been upgraded to upstream version 12.9.0, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-vmmouse-12.9.0-10.el6.i686.rpmb011ba0c8df33af8b19f4d676da12cf67d2a87ccd35d4521317c3219452f8565SLBA-2013:0302-1The xorg-x11-drv-ati packages have been upgraded to upstream version 6.99.99, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-ati-6.99.99-1.el6.i686.rpmcb697f6b8fd4ad49519d29f4881c1e6c3a24b2102346d1154b8002f68b78e57fxorg-x11-drv-ati-firmware-6.99.99-1.el6.noarch.rpme92a15fe7278985c3bd22c050aeba19a1d869384098f898f3c61a5942c939400SLBA-2013:0303-1The xorg-x11-drv-intel packages have been upgraded to upstream version 2.20.2, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-intel-devel-2.20.2-2.el6.i686.rpmc0cb0b37dd2be62f664a2f3f62fc9291f0a93b44ee0ba22953ad770d3eab2824xorg-x11-drv-intel-2.20.2-2.el6.i686.rpme5ce2308e73d89cd3e857587d27302aacccfc7535df952ebdeb1cbdcbe0d94d8SLBA-2013:0304-1The xorg-x11-drv-nouveau package has been upgraded to upstream version 1.0.1, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-nouveau-1.0.1-3.el6.i686.rpm41a945a5c5e0e27c32c77d79177bd6646bba5a7182317e4c3fe8fb42e88cb48fSLBA-2013:0305-1The x11-xkb-utils packages have been upgraded to upstream version 7.7, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-xkb-extras-7.7-4.el6.i686.rpm71b8a84c32dcf061a1eec18710f070ba37a992bbe226225f3eb5e34bccfca663xorg-x11-xkb-utils-7.7-4.el6.i686.rpmc363a824027f5e6f4b68625a942287fa9921cf4dabd1783002b4570d0b8d51fbxorg-x11-xkb-utils-devel-7.7-4.el6.i686.rpm4a561e5ad04aa4a50e6980ad52e036ceb7a0fa2fc1ee0696e7f99b3e8520dfd0SLBA-2013:0308-1The xorg-x11-drv-qxl packages have been upgraded to upstream version 0.1.0, which adds support for multiple monitors and continuous resolution. It aslo provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: Due to overlapping memory areas, remote-viewer became unresponsive after a migration of a guest playing a video. This update adjusts the monitors_config pointer to fix this issue, and migration of a guest, which is displaying video, works as expected. This update disables "surfaces" by default due to a performance regression with the rendering support.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-qxl-0.1.0-4.el6.i686.rpm9a25a8afd53d82f9b98fc31360ad78d0cdd38c96b35a870ed4fe3828e4788913SLBA-2013:0312-1This update fixes the following bugs: * Previously, the LED indicators of some Wacom graphics tablets were not supported in the gnome-settings-daemon package. Consequently, the status LEDs on Wacom tablets would not accurately indicate the current control mode. With this update, LED support has been added to gnome-settings-daemon. As a result, the tablet LEDs now work as epected. * Previously, using function keys without modifiers (F1, F2, and so on) as keyboard shortcuts for custom actions did not work. With this update, a patch has been added to fix this bug. As a result, gnome-settings-daemon now allows unmodified function keys to be used as keyboard shortcuts for custom actions. * In certain cases, the gnome-settings-daemon did not properly handle the display configuration settings. Consequently, using the system's hot-key to change the display configuration either did not select a valid XRandR configuration or kept monitors in clone mode. This bug has been fixed and gnome-settings-daemon now selects valid XRandR modes and handles the clone mode as expected. * Previously, connecting a screen tablet to a computer before activation of the tablet screen caused the input device to be matched with the only available monitor - the computer screen. Consequently, the stylus motions were incorrectly mapped to the computer screen instead of the tablet itself. With this update, a patch has been introduced to detect the tablet screen as soon as it becomes available. As a result, the device is correctly re-matched when the tablet screen is detected. * Previously, using the shift key within a predefined keyboard shortcut mapped to the tablet's ExpressKey button caused gnome-settings-daemon to crash after pressing ExpressKey. This bug has been fixed, and the shortcuts which use the shift key can now be mapped to ExpressKey without complications. * Prior to this update, the mouse plug-in in the gnome-settings-daemon package interfered with Wacom devices. Consequently, using ExpressKey on a tablet after hot-plugging generated mouse click events. With this update, the mouse plug-in has been fixed to ignore tablet devices and the interference no longer occurs. * Previously, on tablets with multiple mode-switch buttons such as the Wacom Cintiq 24HD, all mode-switch buttons would cycle though the different modes. With this update, each different mode-switch button will select the right mode for the given button. * Due to a bug in the gnome settings daemon, changing the monitor layout led to incorrect tablet mapping. With this update, the graphics tablet mapping is automatically updated when the monitor layout is changed. As a result, the stylus movements are correctly mapped after the layout change and no manual update is needed. This update also adds the following enhancements: * With this update, several integration improvements for Wacom graphics tablets have been backported from upstream: - touchscreen devices are now automatically set in absolute mode instead of relative - memory leaks on tablet hot plug have been fixed - ExpressKeys no longer fail after the layout rotation - test applications are now included in the package to help with debugging issues. * With this update, the touch feature of input devices has been enabled in the default settings of gnome-settings-daemon.Scientific Linux FermitrueScientific Linux Fermi 6gnome-settings-daemon-devel-2.28.2-30.el6.i686.rpmebe58bb669aadd5fd54368c790f5a4f10380d086f340de94c978d77d05797858gnome-settings-daemon-2.28.2-30.el6.i686.rpm935b7ffee634baab74ab86016c0af7d4856ace572877684a832a98322acf1273SLBA-2013:0314-1This update includes a number of bug fixesScientific Linux FermiScientific Linux Fermi 6selinux-policy-doc-3.7.19-195.el6.noarch.rpmcf848078a4cac5cc45a4b54a5e3b36249f4f838b8dca3693904cce7d03c6ad47selinux-policy-targeted-3.7.19-195.el6.noarch.rpme9b4d7e380204369e24e2a2dc4d9033c3af1b28aa8dbda8d834b6f805d3eec1dselinux-policy-mls-3.7.19-195.el6.noarch.rpmc11dded6dee69d46f3026b714966435b2a55ff3723ebb1d9bfb12f3c644f2fd7selinux-policy-3.7.19-195.el6.noarch.rpm264dd93072955c8988003ea1c7e0a1aa3945df91c12a0eb90a7fb348b0aa79c5selinux-policy-minimum-3.7.19-195.el6.noarch.rpm5a17e46c0470f67599dc147c0ede4157d46c9fa0ff8e9c3cfccab2325b64fe31SLBA-2013:0315-1The bfa-firmware packages have been upgraded to upstream version 3.0.3.1, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6bfa-firmware-3.0.3.1-1.el6.noarch.rpmf07e0a03e346a26814a7ada0054524c838f0772ed4b45af290f28f2e3e40e20eSLBA-2013:0319-1The krb5 packages have been upgraded to upstream version 1.10.3, which provides a number of bug fixes over the previous version, including better support of cross-domain trust functionality in other packages. This update fixes the following bugs: * Older versions of the libsmbclient package incorrectly depended on the krb5_locate_kdc() function, which is no longer supported. Consequently, applications which used older versions of libsmbclient became incompatible after the Kerberos library update. With this update, an explicit conflict with older versions of libsmbclient has been added. As a result, an incompatible combination cannot be installed. * Previously, when the krb5-auth-dialog application was used and the prompter was left hanging for a long period of time, a large clock skew was mistakenly recorded. This clock drift was applied in the next kinit session. Consequently, the klist function reported an incorrect expiration time. This bug has been fixed, and the spurious time offset no longer occurs in the described scenario. * Previously, when a list of trusted roots of a PKINIT client included the KDC's certificates, certain KDC implementations omitted such anchors from the list of certificates in the signed data structure. Consequently, the client failed to verify the KDC's signature on the signed data. With this update, a backported fix has been included to allow the client to use its own copies of relevant certificates. As a result, the verification no longer fails in the aforementioned scenario. * Prior to this update, attempts to use the kinit command with a keytab file often failed when the keytab file did not contain the Advanced Encryption Standard (AES) keys, but the client's libraries and the KDC both supported AES. The strongest supported encryption type (AES) was chosen by default, even though it was not present in keytab. Consequently, a mismatch error occurred. The bug has been fixed, and keytabs containing any of the supported encryption types are now correctly processed. * Previously, the krb5 package did not handle the timeout variable properly. In certain cases, the timeout variable became a negative number. Consequently, the client entered a loop while checking for responses. With this update, the client logic has been modified and the described error no longer occurs. * Prior to this update, the passwd utility failed when used by an Identity Management client. Consequently, an error occurred with the following message: token manipulation error The bug has been fixed, and the passwd utility now works with Identity Management as expected. * Due to a previous update to a locally-applied patch, files created by the libkrb5 library were given correct SELinux labels. However, each flushing of the replay cache caused the file context configuration to be reloaded to ensure that the correct label is applied to the newly-created replacement replay cache file. This resulted in large performance degradation in applications which accept authentication and use replay caches. With this update, the context configuration is only loaded when the context configuration file has been modified and the configuration is now freed only when the library is unloaded or the calling application exits, thus greatly lowering the impact of this problem.Scientific Linux FermiScientific Linux Fermi 6krb5-server-ldap-1.10.3-10.el6.i686.rpmb2d23d76690011c7a0c6efe8cfd0dcade52644517020359940005e0fd7220c44krb5-devel-1.10.3-10.el6.i686.rpmba69570745a26a92e317448538c8126c2789ae8b3b37e0a2bb86aed181e30a88krb5-server-1.10.3-10.el6.i686.rpm8ddbbecd54b16b71930d9b64a5aa469b43b433b3bd01b18daef8d35a0fb4790fkrb5-pkinit-openssl-1.10.3-10.el6.i686.rpmf91141a2b40b9bfd5a0cd2ee113570cd49ecd8f5e22ddae28be936646b01a696krb5-workstation-1.10.3-10.el6.i686.rpm7d698f9894472d677a6b8e192f2ec8484e344088fef7735860e2dc29fba175dfkrb5-libs-1.10.3-10.el6.i686.rpm9ba30b65e4a3a8efa708133250d33212582bfe805bfc21cb7be333d29c47ef10SLBA-2013:0320-1The certmonger packages have been upgraded to upstream version 0.61, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * When certmonger was set up to not attempt to obtain a new certificate and the certificate's valid remaining time crossed a configured time to live (TTL) threshold, certmonger warned of a certificate's impending not-valid-after date. Certmonger then immediately logged the warning again, and continued to do so indefinitely, causing the /var/log/messages file to fill up with warnings. This bug has been fixed and certmonger returns a warning again only when another configured TTL threshold is crossed or the service is restarted. * When certmonger attempts to save a certificate to an NSS database, it necessarily opens that database for writing. Previously, if any other process, including any other certmonger tasks that could require access to that database, had the database open for writing, that database could become corrupted. This update backports changes from later versions of certmonger which change its behavior. Now, actions that could result in database modifications are only performed one at a time.Scientific Linux FermiScientific Linux Fermi 6certmonger-0.61-3.el6.i686.rpm8c589c2020a9c404df691d48e18af3edc1fd3cceda69f63298ccfdf9fcf18a84SLBA-2013:0329-1The libssh2 packages have been upgraded to upstream version 1.4.2, which provides a number of bug fixes and enhancements over the previous version, including fixes for memory leaks, missing error handling, and incompatibilities in the SSH2 protocol implementation. This update fixes the following bugs: * With this update, several stability patches have been added to libssh2. As a result, memory leaks, buffer overruns, and null pointer problems are avoided when managing a large number of nodes. * Previously, an insufficient data type was used for certain bit shift operations in the libssh2 code. This behavior caused the curl utility to terminate unexpectedly when downloading files larger than 2 GB over the SSH File Transfer Protocol (SFTP). With this update, the underlying code has been modified to use the correct data type and curl now works as expected in the described scenario. * Under certain circumstances, libssh2 failed to resume an interrupted key exchange when sending a large amount of data over SSH. Moreover, further data was erroneously sent, which caused the remote site to close the connection immediately. With this update, libssh2 has been modified to properly resume the interrupted key exchange before sending any further data. As a result, the connection remains open and the data transfer proceeds as expected. * Previously, the function for writing to a channel in libssh2 incorrectly handled error states, which, under certain circumstances, resulted in an infinite loop. The function has been fixed and the error handling now works properly. * Previously, the window size adjustment in libssh2 did not work properly, which resulted in unclosed connections when transferring huge files over SCP or SFTP, extensive memory consumption or both. The window-adjusting code has been fixed and works now properly for blocks of arbitrary size. * Previously, libssh2 incorrectly returned the LIBSSH2_ERROR_EAGAIN error code when operating in blocking mode. The error code is used by libssh2 internally to initiate a blocking operation on a socket. The error code was, however, not properly cleared on success and leaked through the public API of libssh2. An upstream patch has been applied to clear the error code prior to initiating the blocking operation, and libssh2 no longer returns LIBSSH2_ERROR_EAGAIN when operating in blocking mode. After installing these updated packages, all running applications using libssh2 have to be restarted for this update to take effect.Scientific Linux FermiScientific Linux Fermi 6libssh2-docs-1.4.2-1.el6.i686.rpmd96db690cfd1fc33794aa2a2f55c471967b8a4907f6d860369a0b612ba12d792libssh2-1.4.2-1.el6.i686.rpm5f1519a69d2edc179d7baf6df88ba370668f942b15b1f7daffc12d727f9b460blibssh2-devel-1.4.2-1.el6.i686.rpm921c46745ebc40169a3d118964bbccca964019b0150e6c8a112e8a7769b7e0baSLBA-2013:0338-1This update includes a number of bug fixesScientific Linux FermiScientific Linux Fermi 6samba-swat-3.6.9-151.el6.i686.rpma15af61b233434da359a2d891c1074dd5d7febafeae6041c3fc22b877ab9dcb0samba-domainjoin-gui-3.6.9-151.el6.i686.rpm3673fa967da28724e235a54423b5a7ee26c8d6d418841bde654276ffbfe25830samba-3.6.9-151.el6.i686.rpm525ea6a5e8c954dd37a3a3194c98753c771e9db21c3ed1ec59dc40ec88829defsamba-common-3.6.9-151.el6.i686.rpmc5d6a097ea26c9b2a5aa0e28205504a31388e47dd80ad8773db38bdf67a5c3a6samba-doc-3.6.9-151.el6.i686.rpmca6e187175ff1137624f6d4150cb00455c948453b7dba702f7c288625f96d0f7samba-winbind-3.6.9-151.el6.i686.rpm274b77845a9ea2d0a6ce9d73186af1dbe0582d7ffbd809d68a58999c650f6a8esamba-client-3.6.9-151.el6.i686.rpm24e212419b60369c72cbf46c01e3924ef155d249d2a7a9ebfcf4513e142571b7libsmbclient-devel-3.6.9-151.el6.i686.rpmc4e24486977d9dd44e5a81a3475a4a0ae8c54c686506cb6f948cc73652a303afsamba-winbind-devel-3.6.9-151.el6.i686.rpm1ef915ea1e206e2629532a381a26ee81a6b4b2d7937d522b6afcbce435f251a3samba-winbind-krb5-locator-3.6.9-151.el6.i686.rpm59fc6fdec5e1bd3f2f4b80b0417df05e1488fda116a6ec1e4ac3af3c8a8b873flibsmbclient-3.6.9-151.el6.i686.rpm18f43317b970178e7d98b7de991421e281e430f1d9c58ab6af81f8e3a9d151fcsamba-winbind-clients-3.6.9-151.el6.i686.rpm220567de9ed518574c95465723781713fa8b23c42ea63b11a76f13c0554c3ddcSLBA-2013:0343-1This update includes a number of bug fixesScientific Linux FermiScientific Linux Fermi 6spice-glib-0.14-7.el6.i686.rpm3b2e504221538dad5278a121e11867aa15dcbc65331f1338b9713f4a64c0b4easpice-gtk-tools-0.14-7.el6.i686.rpm2ed568412ebecfd5f730ddd1b2ccf6a68879c2faba805a3648fe08910fb2ef12spice-glib-devel-0.14-7.el6.i686.rpma82e99f22a73474e9737938b6df4dee643b4340cb690c5f57a079f91fdca52d8spice-gtk-0.14-7.el6.i686.rpm13631ce6822b27b5de0641f42c9200767c9153a8e985d4f8ef256ba3674efcf8spice-gtk-python-0.14-7.el6.i686.rpm2f964a2934aba37fff68e96d4bb7be76eaaf2e856bbb5e2ea128b850addaaa21spice-gtk-devel-0.14-7.el6.i686.rpm17acd1d272e2b795f22922264b533b91706209724be3657d360edcd587148284SLBA-2013:0344-1The mesa packages have been upgraded to upstream version 9.0, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * If the user logged in from Scientific Linux 5 to a Scientific Linux 6 machine by using the "ssh" command with the "-Y" option, an attempt to run an application that uses GLX failed with the "Error: couldn't find RGB GLX visual or fbconfig" error message. This bug has been fixed and the remote login now works as expected. * Due to an error in the mesa packages, using the multisample anti-aliasing (MSAA) technique with the KWin window manager caused errors in the desktop compositing. This update provides a patch that fixes this bug and MSAA now works correctly with the KWin window manager. * Previously, when connecting to a remote machine using SSH with the X11 forwarding enabled caused a "failed to load driver: i965" error in the libGL library. With this update, a patch has been provided to fix this bug and drivers are now loaded as expected. In addition, this update adds the following enhancements: * An accelerated driver for Intel Core i5 and i7 processors has been added to the mesa packages. * This update adds the new mesa-dril-drivers package to mesa. This package implements support for the DRI1 drivers.Scientific Linux FermiScientific Linux Fermi 6mesa-demos-9.0-0.7.el6.i686.rpm2c49962cb2a1c68d71a72caa3118d376da7186564117d4d0b0cde12ec9c97e74mesa-dri1-drivers-7.11-8.el6.i686.rpmd10f6e8c375c066963a2584a13e349c8aa219c11cefc7c6c3c12764d73d8368amesa-libGL-devel-9.0-0.7.el6.i686.rpmed9207db650631b0ce5c9cc51405188bdc561ef6bc9d07d964fa1aa14fbfd2d5mesa-libGLU-devel-9.0-0.7.el6.i686.rpmd9e2023f8db39d1a58d5724030b505f13c31c80ccf24784710049f44a25cbfd2mesa-libOSMesa-9.0-0.7.el6.i686.rpm98100de36e6571e50b4ae72d0b4c8f3616e934314fdc514e3acf17f033620b5cmesa-libGLU-9.0-0.7.el6.i686.rpm6d5aabc2cf75e4316fd076fb19efd6df812bccf7bc5706f52138e90c49f9efc1mesa-dri-drivers-9.0-0.7.el6.i686.rpm80c20831a727d9d56f2372b3c6490dc4a691b0476cdef6dfed9e03b6737555a2mesa-libOSMesa-devel-9.0-0.7.el6.i686.rpm969f762b17b345c1d9850cd4a4df48a39d617e220525c7c16dbcf305c2a3d894mesa-libGL-9.0-0.7.el6.i686.rpm709c12203b1c262d98eaa7c83195b9b00764e1c474991b6331ed5cbb368393d1mesa-dri-filesystem-9.0-0.7.el6.i686.rpm1531314d4fa7ffc7808ec71ca2b805abd7c07284a4c848ad9d75a74b78cf1c31SLBA-2013:0346-1The usbredir packages have been upgraded to upstream version 0.5.1, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * Due to a bug in the libusbredirhost library, handling of timeouts for bulk transfers did not work correctly. Consequently, traffic of USB ACM serial port devices, such as PSTN modems and SmartCard readers, could not be properly redirected. With this update, no timeout is set on the usb-host side for these devices and the traffic redirection works as expected. * The usbredir code was allocating an unlimited amount of write buffers. Consequently, when a USB webcam produced data faster then it could be written out, the write queue grew boundlessly and the remote-viewer utility used an enormous amount of RAM. The underlying source code has been modified so that usbredir now checks how large the write queue is and drops isochronous data packets when the queue is too long. In addition, this update adds the following enhancement: * Support for live migration of SPICE USB redirection requires support for state serialization. This update adds this missing support to the libusbredirparser library.Scientific Linux FermiScientific Linux Fermi 6usbredir-server-0.5.1-1.el6.i686.rpmf6b9713ebe19b24eb9b0b42418702c6746d0ff7926e478d70ba5fdb71954910cusbredir-devel-0.5.1-1.el6.i686.rpmf2fde55afd903641e99ec2dca334bfb35166fd768eee588fb15c277b17ddfdbausbredir-0.5.1-1.el6.i686.rpm447f139fa650f1347a63d37b2b366c63aae5114f8cba12fb39ccc16ee000ee5bSLBA-2013:0352-1The libtalloc packages have been upgraded to upstream version 2.0.7, which provides a number of bug fixes over the previous version.Scientific Linux FermiScientific Linux Fermi 6pytalloc-devel-2.0.7-2.el6.i686.rpm34d219a313f1e8abbacf2dee2a5a88d5beff016dfdc77573b4d34739f2285dfclibtalloc-2.0.7-2.el6.i686.rpmdb845888795289e1e34b0a653fa54a7abc3b131eb1135af1ce3aaf7b8adc7ad1libtalloc-devel-2.0.7-2.el6.i686.rpmd93f729df60df06942c06860a81873d41d2615113f80f646285d1931536990f5pytalloc-2.0.7-2.el6.i686.rpmc7b68a26a6b83b37479b809ed00e7314fb6ec595a5f62d6b9e806e88b4569021SLBA-2013:0353-1The libtdb packages have been upgraded to upstream version 1.2.10, which provides a number of bug fixes and enhancements over the previous version. These updated libtdb packages are compliant with requirements of Samba 4.Scientific Linux FermiScientific Linux Fermi 6libtdb-1.2.10-1.el6.i686.rpm97bd20e9f208a90892540e27c44abd3498e15111bd462a7cce8086028ae3398dtdb-tools-1.2.10-1.el6.i686.rpmccc4a1f238b83af385f2c8ea3dfddf58b447039b230c712eaa0ba6fb4a5cc776libtdb-devel-1.2.10-1.el6.i686.rpmedb833a77f0624adc1bb09af22c724ea15af61beb5eeb4a63aae9477309cae3fpython-tdb-1.2.10-1.el6.i686.rpmf52f58793fb3db9b779ba14b52f3fd3103f76a1675eba8f85c9dc96e3b9253e6SLBA-2013:0354-1The libtevent packages have been upgraded to upstream version 0.9.17, which provides a number of bug fixes and enhancements over the previous version. These updated libtevent packages are compliant with requirements of Samba 4.Scientific Linux FermiScientific Linux Fermi 6libtevent-0.9.17-1.el6.i686.rpm2c58324426f42ccb3f19c2b3f272c6130f98d9e2599833c2c2f5bf194d0db828libtevent-devel-0.9.17-1.el6.i686.rpm2298ffb9dc4a8e1cab236396e7c163b68c9b832bee6a72bf09fcab12cda1feb8python-tevent-0.9.17-1.el6.i686.rpm81db51e3c9fe2fed062367b8aab63f2b7adfc80f75ab1d9e8c7c0404aaaa8ca5SLBA-2013:0359-1Scientific Linux FermiScientific Linux Fermi 6bind-dyndb-ldap-2.3-2.el6.i686.rpm63a0c16400b9755485c2c8fdccf1da0e171765af0da269e3e966547b4ec389f2SLBA-2013:0361-1This update includes a number of bug fixesScientific Linux FermiScientific Linux Fermi 6virt-viewer-0.5.2-18.el6.i686.rpmc465a4776fd7bb96c154eebf71d5bcc77df18a94144e1ab4e00910eb1e4b8680SLBA-2013:0372-1The libldb packages have been upgraded to upstream version 1.1.13, which provides a number of bug fixes and enhancements over the previous version. One of the most significant changes is that the source code of libldb is no longer a part of the samba4 packages but has been extracted to a separate SRPM package. This resolves the problem caused by recent changes in the Samba build system, which made the libldb library impossible to build as a shared library from the Samba tarball. Additionally, this update fixes the following bug: * Recent changes in the Samba compiling script caused libldb to expose internal functions and symbols in the public interface. This could lead to various linking and building problems if these internal symbols were used directly out of the libldb code. This update corrects the compiling script so that internal symbols of libldb are no longer exported and visible in the libldb public interface.Scientific Linux FermiScientific Linux Fermi 6libldb-1.1.13-3.el6.i686.rpme636488b89fcce1a983077d0ea6a3f80586997bb0a99d5b8a308d072beb5a4eelibldb-devel-1.1.13-3.el6.i686.rpmb366a2c0925169369b35b93fbd9b9125e179b5262686ae2ca4ca85285c3ceda3ldb-tools-1.1.13-3.el6.i686.rpm60053db19db062f293d8ff170e5853978f986776573e8bac385eb1f320ce32e7pyldb-devel-1.1.13-3.el6.i686.rpm521e6d02df8d9115f3361acb5e411d485c775090648a681c35e7c9c668d88c69pyldb-1.1.13-3.el6.i686.rpm5ebbee8db02e3c134787ba4568b77fe573f761708428d72bff5d38b8c42d860cSLBA-2013:0387-1This update fixes the following bugs: * Prior to this update, the "sealert -a /var/log/audit/audit.log -H" command did not work correctly. When opening the audit.log file, the sealert utility returned an error when the "-H" option was used. The relevant source code has been modified and the "-H" sealert option is no longer recognized as a valid option. * Previously, SELinux Alert Browser did not display alerts even if SELinux denial messages were present. This was caused by the sedispatch utility, which did not handle audit messages correctly, and users were not able to fix their SELinux issues according to the SELinux alerts. Now, SELinux Alert Browser properly alerts the user in the described scenario. * Under certain circumstances, sealert produced the " 'tuple' object has no attribute 'split' " error message. A patch has been provided to fix this bug. As a result, sealert no longer returns this error message. * The sealert utility returned parse error messages if an alert description contained parentheses. With this update, sealert has been fixed and now, the error messages are no longer returned in the described scenario. * Previously, improper documentation content was present in files located in the /usr/share/doc/setroubleshoot/ directory. This update removes certain unneeded files and fixes content of others.Scientific Linux FermiScientific Linux Fermi 6setroubleshoot-plugins-3.0.40-2.el6.noarch.rpme82315f7c2405a1f48bce3a62017363afd120645eaef1a68205fab745d837de8SLBA-2013:0398-1This update fixes the following bug: * Due to missing information about the zlib version, some applications using zlib could not work properly. The zlib.map version script, which provides version information, has been added to the underlying source code and zlib now works as expected. This update also adds the following enhancement: * This enhancement optimizes the zlib compression library for IBM System z.Scientific Linux FermiScientific Linux Fermi 6zlib-devel-1.2.3-29.el6.i686.rpm382a81d3733599d926b0b318f53c0b08a133e45216e6b646bfda8aa95fad66edzlib-static-1.2.3-29.el6.i686.rpm6ec261fd4cf5cd89fda2b66eb3e10b5d371866428c273bc544fdb446ceeb422bzlib-1.2.3-29.el6.i686.rpmaae088f62c42809e16259f6b1fc3030036f95dae81fe878523870e326948b036minizip-1.2.3-29.el6.i686.rpmbffd02534724891d35d46c0c9fcdf3943adf1619b286d868f2442bc1a77171c3minizip-devel-1.2.3-29.el6.i686.rpmc436aa9c4cbf8c4cbd7e4810f83b6810e81e113320eb5b3024f4edcef1f3fab9SLBA-2013:0445-1This update fixes the following bugs: * The Privacy Enhanced Mail (PEM) module initialization function did not return an error informing the caller that it is not thread-safe. Consequently, invalid writes were made resulting in unexpected terminations in multi-threaded libcurl-based applications. The PEM module initialization function now returns the PKCS #11 prescribed KR_CANT_LOCK constant when the type of locking requested by the caller for thread safety is not available. As a result, clients are informed of the lack of thread safety and can provide their own locking to prevent crashes. * Due to a missing out-of-memory (OOM) check and improper freeing of allocated memory, the Privacy Enhanced Mail (PEM) module did not fully validate the encoding of certificates stored in a PEM-formatted file. As a consequence, error handling tests failed. With this update, the PEM module correctly validates the encoding, handles memory deallocation consistently, and error handling tests pass as expected. After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.Scientific Linux FermitrueScientific Linux Fermi 6nss-pkcs11-devel-3.14.0.0-12.el6.i686.rpm4c7886929d94475dac9f285a2d9dc272ba5c85354b89d776201d322a3ed68287nss-sysinit-3.14.0.0-12.el6.i686.rpmcccc9206c013a2b737d985bff152dc56a1e09a91a3557b5d67e8e898befc1fa7nss-util-3.14.0.0-2.el6.i686.rpm01ff471f0d1e0e0e18290aff8b5483779f873adcc8318672039c64bbb9774e5anss-devel-3.14.0.0-12.el6.i686.rpm5ac969611daea58606ac262b97ac2b6a88cd8d2153fc0a354ca0ba7aa04392denss-3.14.0.0-12.el6.i686.rpm6b9f5318134e51c822f2a4ad277ea1a6b2cca8c43ad83ec922732f2b33b4363anss-tools-3.14.0.0-12.el6.i686.rpmaeb67db8215e92b4cbdb10574646407007278404b6db545a8c23616452bad76cnss-util-devel-3.14.0.0-2.el6.i686.rpm66c1626f2984ee26663c9fa83352db87d6c64fa96b6abc4f3dbe484764839d8aSLBA-2013:0459-1This update fixes the following bugs: * Previously, spice-xpi did not check port validity. Consequently, if an invalid port number was provided, spice-xpi sent it to the client. With this update, spice-xpi checks validity of provided port numbers, warns about invalid ports, and does not run the client if both ports are invalid. * Previously, the disconnect() function failed to terminate a SPICE client when invoked. The underlying source code has been modified and disconnect() now works as expected in the described scenario.Scientific Linux FermiScientific Linux Fermi 6spice-xpi-2.7-22.el6.i686.rpmd1698d6deb485ec798d824c24c59036bcacead445b13163c4074ff8f6d891b9eSLBA-2013:0492-1This update fixes the following bug: * The kernel ipmi_msghandler and ipmi_si modules are no longer delivered as standalone modules. As a consequence, an error occurred if these modules were used independently. With this update, the OpenIPMI init script has been modified to enable IPMI service operations on a kernel with ipmi_si and ipmi_msghandler statically compiled in the kernel. Also, the service status message now includes a new "in kernel" module state.Scientific Linux FermiScientific Linux Fermi 6OpenIPMI-libs-2.0.16-14.el6.i686.rpm1433e7f6046184b57d403ddbf2a2176290cec82493322dcda2c59b5d89ba23a6OpenIPMI-2.0.16-14.el6.i686.rpm725d3b566b1e010d97a2fbdf4a0744dca6a1cb32639091f3047d28b466eff380OpenIPMI-perl-2.0.16-14.el6.i686.rpmcb7433a5fad9fcfa56d5e05428a04401215f24d30967fed0a6cd591bf707d4daOpenIPMI-devel-2.0.16-14.el6.i686.rpm54dfc74cf2a41603f9ac141c4bbec9f267b145c153fe7f9955c61ee497a13b32OpenIPMI-python-2.0.16-14.el6.i686.rpm7715a919af0578d3abe83def0891f3b4a1f5a3f36789841d3444064887dae127SLBA-2013:0510-1The spice-protocol package has been upgraded to upstream version 0.12.2, which provides a number of enhancements over the previous version, including support for USB redirection. This update also adds the following enhancement: * This update adds support for seamless migration to the spice-protocol packages.Scientific Linux FermiScientific Linux Fermi 6spice-protocol-0.12.2-1.el6.noarch.rpm8987c3c807dc0fb09ff10b53a4ed3800f92e82a181703bff56d881550ca0ff43SLBA-2013:0513-1This update fixes the following bug: * The mod_nss module reported 'Required value NSSCipherSuite not set.' even though a value for NSSCipherSuite was present in the virtual host. This bug was a configuration issue which was exacerbated by a couple of confusing log messages. As a result, several log messages were changed to help clarify what values were actually missing. In addition, this update adds the following enhancements: * Added support for TLSv1.1 to mod_nss module * Added the ability to share mod_proxy with other SSL providersScientific Linux FermiScientific Linux Fermi 6mod_nss-1.0.8-18.el6.i686.rpmbf26fa820d78e6729362d6b8031bcae2c27a33f5e9b7e9dabb5bd38f3bf5fe6dSLBA-2013:0537-1This update fixes the following bug: * When multiple devices were added into the system, udev rules restarted ktune services for each new device, so there were several restarts in a short time interval. The multiple restarts triggered a race condition in the kernel which was not easily fixable. Currently, the tuned code is modified not to trigger more than one restart per 10 seconds and the race condition is avoided.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-minimum-3.7.19-195.el6_4.1.noarch.rpm5d3920f55a7ac14a3b9538084e643f6623b98e9fd4c34bc850ba7c9612c53544selinux-policy-doc-3.7.19-195.el6_4.1.noarch.rpm0b1adf25098bda029e4993359bebb89510c0a92f0388efbf68b95db05b3af910selinux-policy-3.7.19-195.el6_4.1.noarch.rpm59a55702ba30c12a4538450350d477f33c1a2f77ffac50f8bc23e2db8cf589e6selinux-policy-targeted-3.7.19-195.el6_4.1.noarch.rpmbdd1c0744a7f1e180b7de78ce23a4ef4d973ec343a4ff4db09df25b08df9f16fselinux-policy-mls-3.7.19-195.el6_4.1.noarch.rpma75c1f7e2b264ab8ef723c4be10c0a9ad5e91c5a6443b8ea7d255320f8fbcd0eSLBA-2013:0618-1This update fixes the following bugs: * Previously, the cgrulesengd daemon attempted to use inotifyfs scripts for monitoring filesystem changes. Due to a missing rule, the SELinux subsystem denied access to inotifyfs. This update adds an allow rule to selinux-policy and cgrulesengd can now use inotifyfs. * The selinux-policy packages did not contain rules that would have allowed the mount.glusterfs application to mount a Gluster file system when SELinux was in enforcing mode. The "mount.glusterfs" command attempted to start the glusterfs daemon and transition to the right SELinux domain and, consequently, SELinux subsystem denied these actions. Currently, selinux-policy has allow rules and the application is able to mount a gluster filesystem.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-mls-3.7.19-195.el6_4.3.noarch.rpm85301f2bc56fb4e8cb10ceb95306a5ead18d883d47492faabec3375832b80a46selinux-policy-3.7.19-195.el6_4.3.noarch.rpm416800dc964e2a039703a4c836ab70d66a4062e96ccda50e4a1919212eef2105selinux-policy-targeted-3.7.19-195.el6_4.3.noarch.rpmfb455f072de621cacb3112a7d45b5a1661bbacf951a8607a36b778f9ee170478selinux-policy-doc-3.7.19-195.el6_4.3.noarch.rpm70dfc7600bce9ddb04f79759deafd27ea00b8c9d94ba9ac3d15a1834a58ec5dfselinux-policy-minimum-3.7.19-195.el6_4.3.noarch.rpm4ed74862683529a80cd42221d3520ac46483f3e66f23be5366837dd326c508d4SLBA-2013:0835-1This update fixes the following bug: * Due to an incorrect label on the /var/lock/subsys/dirsrv-admin file, attempts to restart the Administration server from the console or from the command line failed and AVC denial messages were returned. This update adds the proper default security context for the /var/lock/subsys/dirsrv- admin file, and denial messages are no longer returned in the described scenario.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-targeted-3.7.19-195.el6_4.5.noarch.rpm49160f2987436c1c86578bfa72efbedb27ea5215d474f03b30b6ef4d3e74dff8selinux-policy-mls-3.7.19-195.el6_4.5.noarch.rpm4115f45804397d8f58748bd5b5538fc3c85b190583e98b64f1171e9fd7a1db3dselinux-policy-minimum-3.7.19-195.el6_4.5.noarch.rpm20a69b59bff1cedc749f0991ef68f2d49335a30be0a959ed513fc765b8073d36selinux-policy-doc-3.7.19-195.el6_4.5.noarch.rpm9e495d61b72b8b700f8df6c45cb6efda347f812529d81e4fb075108b3e8aacaaselinux-policy-3.7.19-195.el6_4.5.noarch.rpm313bfc2e446125ed7b8b12237d3407cc9e50a4eff9d54f88ac8fa90f3e69ff44SLBA-2013:0865-1This update fixes the following bug: * When installing Scientific Linux in graphical mode, the X server failed and the installation proceeded in text mode. With this update, a backported patch is provided and installation in graphical mode proceeds as expected.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-mach64-6.9.3-4.1.el6_4.i686.rpmc5cdc2a12505f31c18dd75e9f264f7093927017a803501675dc669adc81f4c1aSLBA-2013:0893-1This update fixes the following bug: * Previously, the mysqld_safe script was unable to execute a shell (/bin/sh) with the shell_exec_t SELinux security context. Consequently, the mysql55 and mariadb55 Software Collection packages were not working correctly. With this update, SELinux policy rules have been updated and these packages now work as expected.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-targeted-3.7.19-195.el6_4.6.noarch.rpm4461a67d23fbf3dc0ec21fe7c94bba989e10eb5032f31828a021f9e43da19d25selinux-policy-3.7.19-195.el6_4.6.noarch.rpm0dc9562378641e8237b5cd917afdb789bb6977802f8dad0964d2452aec6a4f5cselinux-policy-doc-3.7.19-195.el6_4.6.noarch.rpmf23e50e1f56ebd4184f43876b8d630d8936707c35d9b733162ad54d38696fdf8selinux-policy-minimum-3.7.19-195.el6_4.6.noarch.rpm737a5bc596a9ff1ee10bf2ffb482eacd6fd511ab446608881d6e8adb95fda3f4selinux-policy-mls-3.7.19-195.el6_4.6.noarch.rpmde23ddaf965c104479131d3356ac30f78681dddde4c8c637d5a30eb3e1b2eb8bSLBA-2013:0909-1This update fixes the following bug: * When using some versions of Quantum with netns support, SELinux denied various operations, which caused Quantum to fail. AVCs did not appear unless in permissive mode, due to a "dontaudit" rule for these operations. With this update, SELinux no longer denies operations using Quantum with netns support and failures no longer occur in the described scenario.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-3.7.19-195.el6_4.10.noarch.rpm5e3f85af5477add8f75c3601e056c6e345b7fe9de23aa1139603bff2edf39415selinux-policy-targeted-3.7.19-195.el6_4.10.noarch.rpm99e026ff6bad8ab2588ee5910d0f44847dde1144a111f8d6219aa8d96f7f0fc8selinux-policy-doc-3.7.19-195.el6_4.10.noarch.rpme6032d9a9295583b7dc43804ea8fc6bcc379eb6354153e1d6936ae5f0f972db1selinux-policy-minimum-3.7.19-195.el6_4.10.noarch.rpmbeb3fe8692066ed409c81cd862db6022bef6ec8f4934b1dac6dae1b379d583a3selinux-policy-mls-3.7.19-195.el6_4.10.noarch.rpm507bcce590c4b711584573166965db6768fc912ca795ab8072f8ee011a2c18a6SLBA-2013:0959-1This update fixes the following bug: * A java-1.7.0-openjdk package change released via SLSA-2013:0957 caused the icedtea-web browser plug-in and the javaws application to exit with a NullPointerException. This update fixes icedtea-web to work correctly with the updated java-1.7.0-openjdk packages.Scientific Linux FermiScientific Linux Fermi 6icedtea-web-javadoc-1.2.3-4.el6_4.i686.rpmd7db60a2b2bb1b7467efdb2b674b53751fe59d00b9866ede3ba8f514ab16bf23icedtea-web-1.2.3-4.el6_4.i686.rpm1a16f303101b179b471209f0ad19bd33fba0575ffba4f81eb8049f6a5b911a6dSLBA-2013:1000-1This update fixes the following bug: * Previously, SELinux returned AVC denial messages during attempts to attach an LVM volume to a Red Hat OpenStack 3 instance. The relevant SELinux policy rules have been modified to add an additional MCS attribute for hald_t SELinux domain, and AVC denial messages are no longer returned when attaching LVM volume to a Red Hat OpenStack 3 instance. * When using Quantum 2013.1.2 with netns support, several SELinux denials were produced. This update allows qemu to manage nova lib files, hald to read svirt images, and AVC denials no longer occur in the described scenario. * Previously, the logrotate daemon rotated logs and tried to update the process ID (PID) in the "/var/run/openvswitch/ovs-vswitchd.pid" configuration, which caused AVC denials. Usually, the logrotate script sends a SIGHUP to a daemon to order it to reopen log files after they were rotated. This update revises the openvswitch policy, and AVC denials no longer occur in the described scenario.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-mls-3.7.19-195.el6_4.12.noarch.rpm516d0e3c0f3992620d1fea08ff784502cdc21e4094019c8a93251a71e0633561selinux-policy-3.7.19-195.el6_4.12.noarch.rpm18d8e674cd1061bcd785e1609b64874b4f97c2c6a4ddf13004cfd30de2a694d5selinux-policy-minimum-3.7.19-195.el6_4.12.noarch.rpmacb8850387bdea327f71105742e69e055dfdb8bdfd5ab8c4ec44e6393b35d012selinux-policy-targeted-3.7.19-195.el6_4.12.noarch.rpmf620b25101676e2ecea078451377a287b2423962c574fb64ed72001b0ac98ec6selinux-policy-doc-3.7.19-195.el6_4.12.noarch.rpma7622f32fec0007d0b5056a92f85347fa9312213b07758ad260f9b1c67e6a2ebSLBA-2013:1109-1This update fixes the following bug: * Previously, resolutions higher than 1440x900 were not available with Scientific Linux (SL) 6.4 using the Kronos 3 and 4 chips. Consequently, the Matrox driver would not allow native resolutions to be reached for many monitors. With this update, X Server no longer discards larger resolution modes, and resolutions higher than 1440x900 are now available.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-mga-1.6.1-8.el6_4.i686.rpmdfcde58b8cfcd11617e9a659b07f146c2de1a416e751b98e050bd3d087926068SLBA-2013:1419-1This update fixes the following bug: * Previously, the synaptics driver scaled input coordinates based on the device resolution. This prevented the X server from applying uniform resolution-based scaling for other devices in relative mode. The synaptics driver has been fixed to only apply scaling if the X server does not support per-device resolution scaling.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-synaptics-devel-1.6.2-11.el6_4.1.i686.rpm0635f7e8d65efdd3b0fe46041ab5257a0b896c0f441ed5cf3eadd2af805c1e65xorg-x11-drv-synaptics-1.6.2-11.el6_4.1.i686.rpm33f65e98e0dbc711839c139e39fc001537e3c48e4534168460d47d8d817e4dfaSLBA-2013:1486-1This update fixes the following bug: * Previously, the SELinux policy prevented running virtual machines based on volumes under the VDSM's deamon directory, /var/run/vdsm/storage/. As a consequence, trying to a run virtual machine with these settings resulted in an error. This update fixes the ability of the svirt_t SELinux process domain to read symbolic links in the /var/run/ directory, and now virtual machines based on volumes can be used under the VDSM's daemon directory. * Previously, due to SELinux permission errors, trying to run a QEMU process using the libvirt library resulted in and error and the process being terminated. This bug has now been fixed, and QEMU processes start and run successfully in this scenario.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-3.7.19-195.el6_4.13.noarch.rpmccf877f189fc6756e9341a2691ffe3633b5f4b59405b695679ee3fccd4b8fb1bselinux-policy-mls-3.7.19-195.el6_4.13.noarch.rpm68dc82358d54d032b4749e7231139162c0a83ebac5bbd2e933e1b5be4663f5e4selinux-policy-targeted-3.7.19-195.el6_4.13.noarch.rpm55424b594b21fc9cd7f218bfa8dfb170f5fb593c553e9b5b5e9b7ddd3008ba6aselinux-policy-minimum-3.7.19-195.el6_4.13.noarch.rpm53c0c9d04f730654b8e84807b9500c5041ac6f05fc8cbd0cbefb71c03b822420selinux-policy-doc-3.7.19-195.el6_4.13.noarch.rpmcdbe905bbaa53885dfc292acf60c98af51c99200690b063f107353f1749ef073SLBA-2013:1491-1This update fixes the following bug: * Previously, the pacemaker resource manager did not have its own policy defined and started in the initrc_t domain. With this update, the wrong context has been fixed and proper permissions have been set for pacemaker, thus fixing the bug.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-3.7.19-195.el6_4.18.noarch.rpm72a1f32ebfbf34e15adb66277fb3e926177004209f9af5dd468c1ae15a44ee0eselinux-policy-targeted-3.7.19-195.el6_4.18.noarch.rpmf306165b83b531376be1002068d749e5ab72bd374dffda6c03520f1733360218selinux-policy-doc-3.7.19-195.el6_4.18.noarch.rpme26a6237706485e2b7db39d4584f225057bd48e3b348bde465a503a90011d9daselinux-policy-minimum-3.7.19-195.el6_4.18.noarch.rpm7fce370c7092d80325a7ab26e5e7c1e7d2bad69dade005af2e3a267fdce482ffselinux-policy-mls-3.7.19-195.el6_4.18.noarch.rpm9fefc6ff77f45d8db83b98906423230ad5a4dfdc8d80836a8001f4b3efc18eb3SLBA-2013:1499-1The xorg-x11-drv-cirrus package has been upgraded to upstream version 1.5.2, which provides a bug fix over the previous version. With this upgraded version, Cirrus Logic driver no longer terminates unexpectedly in some cases and Scientific Linux 6.4 can now be used with a graphical user interface as a guest on Xen.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-cirrus-1.5.2-1.el6_4.i686.rpmd0c0173caa0af7570452bb805b9956c4e4bded299f49a5d7ef415ed4cd65a3ffSLBA-2013:1531-1Scientific Linux FermiScientific Linux Fermi 6corosynclib-1.4.1-17.el6.i686.rpmf2b4645f203f822e0b2b1f792087e9b0006692df3f6f9bea36e414f21d2de1b9corosynclib-devel-1.4.1-17.el6.i686.rpm4b596b3019f70d2466ce7c43a3cd6ebe521fe0d01fcbdc34fbb1885ae598109acorosync-1.4.1-17.el6.i686.rpm5fd6345dc29b17c125b0b6c4db848010c6ab32d96e86c9b9be9df36f5db87685SLBA-2013:1544-1The ATK library provides a set of interfaces for adding accessibility support to applications and graphical user interface toolkits. By supporting the ATK interfaces, an application or toolkit can be used with tools such as screen readers, magnifiers, and alternative input devices. The gtk2 packages have been upgraded to upstream version 2.20.1, which provides a number of bug fixes and enhancements over the previous version. The atk packages have been upgraded to upstream version 1.30.0, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * When rendering the text in a combo box, the GTK+ cell renderer always rendered text that was rendered last time as the first item. Consequently, if the previously rendered text did not match any item in the name set, the first item in the "Categories" combo box in the Contacts view could have been rendered as empty, which affected accessibility and automated tests. This update ensures that the cell renderer is now properly updated and renders items for the current combo box call so the aforementioned problem no longer occurs. * Due to a bug in the GtkTreeView interface, the expand arrows in a tree view in Evolution stopped functioning after clicking on an icon in the system tray. This update increases robustness of the tree expanding and collapsing code, which fixes this bug.Scientific Linux FermitrueScientific Linux Fermi 6gtk2-devel-2.20.1-4.el6.i686.rpm0271399d3808b40be4da48883cefa0cf0aff9e30763ce82412bb9368b627deb4gtk2-2.20.1-4.el6.i686.rpm0e779ac4e1f08308c159bfc3821eb0343c4154d29a49b420240c7bfbd3e1e190atk-1.30.0-1.el6.i686.rpm2a545906c69f5aa2dce9adc97c7fc2f96e5ece2dd32441811766918f3b1e8f72gtk2-immodule-xim-2.20.1-4.el6.i686.rpm8b796984e94e9ce8abfc9e576b68a92b9fddd157f03c27d29a4ad680c199fd41gtk2-immodules-2.20.1-4.el6.i686.rpm5fee554aff04b6cb2aef61e51b6f9a7e818ea88c6c034bcfa26e6210686967a9atk-devel-1.30.0-1.el6.i686.rpmbc696575335cc9901a752444520b69f9fb412f6112d0fd65908c149b17ffcae4gtk2-devel-docs-2.20.1-4.el6.i686.rpm98af797987bcce5a8718289533137762f83024166a0adee24d2a1cb7a2394d36SLBA-2013:1545-1The glib2 packages have been upgraded to upstream version 2.26.0, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6glib2-2.26.1-3.el6.i686.rpme0cc6f6264073e9f23798e975acaed1f405375e8923efc1edb94dd2fa422ed6dglib2-static-2.26.1-3.el6.i686.rpmf35dd34dcb9d059cf19d866e05b26839f7f56f15f7452056761d96a2169d0975glib2-devel-2.26.1-3.el6.i686.rpme3fc87f0ab3a5cdc44aab06496647cfaba6f644323cf7c481b7d03177ed64dbfSLBA-2013:1549-1The bfa-firmware packages have been upgraded to upstream version 3.2.21-1, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6bfa-firmware-3.2.21.1-2.el6.noarch.rpm8ca9032ba7e14eac974c1a085fbafaba55b5fa97515317e2faab66defdff5fafSLBA-2013:1552-1The libtevent packages have been upgraded to upstream version 0.9.18, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * Prior to this update, a condition in the poll backend copied a 64-bit variable into an unsigned integer variable, which was smaller than 64-bit on 32-bit architectures. Using the unsigned integer variable in a condition rendered the condition to be always false. The variable format has been changed to the uint64_t format guaranteeing its width to be 64 bits on all architectures. As a result, the condition now yields expected results. * Previously, the tevent_loop_wait() function internally registered its own signal handler even though it had been never removed. Consequently, tevent_loop_wait() could not end even there were no registered custom handlers. This update applies a patch to fix this bug and tevent_loop_wait() now works as expected.Scientific Linux FermiScientific Linux Fermi 6libtevent-0.9.18-3.el6.i686.rpmf279ea98d2b9b7f0bb1c93b23f20dc2f88fa7aaf98c45ece3c556b0afd4d87d6python-tevent-0.9.18-3.el6.i686.rpmf511f42b695709e4f808f49c2a559d1a2a6c8e5f745fdab4c5db0e992c1cd26elibtevent-devel-0.9.18-3.el6.i686.rpm8d166a69404de89781f7a55a4522785207c43726a1bd5e40ce5db1ea22e0aafcSLBA-2013:1559-1This update fixes the following bugs: * On certain Intel GT2+ processors, segmentation faults could have been reported in the output of the dmesg command after running a Piglit quick- driver test. A patch has been applied to address his bug, and the unwanted behavior no longer occurs. * Prior to this update, compressed texture size checks were performed in an incorrect manner. Consequently, checking the image size against the compression block size could cause certain applications to terminate unexpectedly. The underlying source code has been modified, and the texture error no longer causes the applications to crash in the described scenario. In addition, this update adds the following enhancements: * Support for future Intel 2D and 3D graphics has been added to allow systems using future Intel processors to be certified through the Red Hat Hardware Certification program. * With this update, the mesa-private-llvm library has been added.Scientific Linux FermiScientific Linux Fermi 6mesa-libEGL-9.2-0.5.el6.i686.rpm2de8f2e8c1d08eac72219d13c3173fd050271f1033914aa3df605aa0a11a9c4emesa-libEGL-devel-9.2-0.5.el6.i686.rpmebaea40b0b391301bf981916ff0c0df51a41b44c0d1e279bb8c52fe6d3e7313amesa-libgbm-9.2-0.5.el6.i686.rpm3d1343e9219127fbba30abd594a022c642ca0df631193738f4efac2aa6d5c184SLBA-2013:1562-1Scientific Linux FermiScientific Linux Fermi 6fence-agents-3.1.5-35.el6.i686.rpmaf50b8716b964731cd05bbed5334716c3d9175e929949025d2de0925662bc2bdSLBA-2013:1567-1This update fixes the following bug: * Previously, the Wacom Stylus pen was not supported on Lenovo ThinkPad X220 tablets by the libwacom database. Consequently, the pen was not recognized by the gnome-wacom-properties tool, and warning messages were returned. Support for the Wacom Stylus on Lenovo ThinkPad X220 tablets has been added and gnome-wacom-properties is now able to calibrate the tablet.Scientific Linux FermiScientific Linux Fermi 6libwacom-0.5-5.el6.i686.rpmf1e4afb5e40d11f43828d95f39b931b663173cf1880c0b94082b51ac4655e254libwacom-data-0.5-5.el6.noarch.rpm23fa487d7620353886734d3a04a6b33e438baa9ba7acdcc2b8a9e8e45a456882libwacom-devel-0.5-5.el6.i686.rpm5fcc73445640ee3a894824a8a99b6df303fb609e1c93753dab925eb85e596effSLBA-2013:1568-1* Previously, the xsetwacom command was unable to map the Esc key to one of the buttons on a Wacom Cintiq 22HD tablet using the xsetwacom command. As a consequence, the command failed without displaying an error message, and the key was not mapped. This bug has now been fixed, and, as a result, the driver now maps the Esc key as expected.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-wacom-0.16.1-4.el6.i686.rpm6601f2e63fb1138b5edb1d634917a9dd560655a597ea20bb5214f716b18cdf37xorg-x11-drv-wacom-devel-0.16.1-4.el6.i686.rpm30795a93a902e91f3d44c596eb379b618e8019d54377b99e6fddf6f2f19f69b2SLBA-2013:1584-1The icedtea-web packages have been upgraded to upstream version 1.4.1, which provides a number of bug fixes and enhancements over the previous version including support for updated versions of OpenJDK6 and OpenJDK7. enhancementsScientific Linux FermiScientific Linux Fermi 6icedtea-web-1.4.1-0.el6.i686.rpme7dd80d00f1780b35ee43d70b5f271d52164896e92e710419e2c89272b30bb04icedtea-web-javadoc-1.4.1-0.el6.noarch.rpmafe1a901bcf4baae00ca5f271e08e3573ac4d9cc43698ebd322ded3f8d13b509SLBA-2013:1585-1The openssl packages have been upgraded to upstream version 1.0.1e, which provides a number of bug fixes and enhancements over the previous version, including support for multiple new cryptographic algorithms and support for the new versions (1.1, 1.2) of the transport layer security (TLS) protocol. This update adds the following ciphers needed for transparent encryption and authentication support in GlusterFS: Cipher-based MAC (CMAC), XEX Tweakable Block Cipher with Ciphertext Stealing (AES-XTS), and Galous Counter Mode (AES-GCM). The following new additional algorithms are now supported: ECDH, ECDSA, and AES-CCM. This update also fixes the following bugs: * Previously, an incorrect variable size was passed to the getsockopt() function. As a consequence, using the BIO (OpenSSL I/O) layer in datagram mode caused termination with a segmentation fault. More specifically, the openssl s_client command terminated unexpectedly on IBM System z with the "-dtls1" option enabled. After this update, a correctly-sized variable is used, and the datagram BIO functions no longer terminate with a segmentation fault on System z. * Prior to this update, the getaddrinfo() function returned an error that was handled incorrectly in the openssl s_server command implementation. Consequently, the OpenSSL s_server did not work on IPv4-only systems. With this update, when getaddrinfo() fails on IPv6 addresses, the code has been modified to fall back to the IPv4 address lookup. As a result, the openssl s_server now correctly starts up on a computer with only IPv4 addresses configured. In addition, this update adds the following enhancements: * The Intel RDRAND instruction is now used, when available, to generate random numbers and has replaced the default OpenSSL random number generator. The instruction is not used when OpenSSL runs in FIPS mode. * The performance of OpenSSL on current IBM PowerPC processors has been improved. * The elliptic curve digital signature algorithm (ECDSA) and elliptic curve Diffie?Hellman (ECDH) algorithms are now enabled in OpenSSL. These algorithms support only elliptic curves listed in the national institute of standards and technology (NIST) Suite B specification. * The new "-trusted_first" option has been added to OpenSSL. This enables preferring locally stored intermediate certificates instead of the intermediate certificates sent by the TLS server. * Versions 1.1 and 1.2 of the transport layer security (TLS) protocol are now supported by the OpenSSL library. * With this update, the "%{_prefix}" macro is used instead of the hardcoded /usr/ directory in the openssl.spec file when configuring OpenSSL before building. * The next protocol negotiation (NPN) extension of the TLS protocol is now supported by OpenSSL. This extension allows for negotiation of the application protocol, which is used by the application, during the TLS handshake. * Due to the FIPS validation requirements, the FIPS Power-on self-tests (POST) always have to run when the FIPS module is installed. For libraries, this is ensured by running the self-tests from the dynamic library constructor function. If the dracut-fips package is installed, OpenSSL now treats it as an indicator that the OpenSSL FIPS module is installed and complete, and the self-tests run whenever the OpenSSL dynamic library is loaded. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.Scientific Linux FermitruetrueScientific Linux Fermi 6openssl-perl-1.0.1e-15.el6.i686.rpmb1b79357b2174121183fe50f6de913d76cdb15776f24d9717f90dcf6ba8ecd05openssl-devel-1.0.1e-15.el6.i686.rpma17370633055ce4d83ce2a0b5629b5403f3f32395765c021951c74d62f28c392openssl-static-1.0.1e-15.el6.i686.rpm70215f91dadf12e9dc0325dd851c4625d4b7933c63edc3d87bdda3b158cfb45dopenssl-1.0.1e-15.el6.i686.rpma518a91308920d4a1fc68de277cde1ae640f8b75f72ea5fec8a034ce835a4eb0SLBA-2013:1589-1Within the xorg-x11 package, intel-gpu-tools has been upgraded to upstream version 2.21.12, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * Previously, when Scientific Linux 6 was installed on some workstations, Anaconda chose the fbdev driver instead of the i915 Intel driver. With this update, the Intel driver is selected, thus fixing the bug. * When building rpms from src rpms, the spec definition and sources produced files, which were not packaged in the last phase of the rpmbuild procedure. Consequently, rpmbuild did not create rpm(s) even if everything else was built successfully, and the following error message was returned: Installed (but unpackaged) file(s) found This bug has been fixed and all files are now packaged as expected.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-intel-devel-2.21.12-2.el6.i686.rpm11ca5502e35d0765b775909aceba8d112342b22bf3ae5dfae110f2f3199354a5xorg-x11-drv-intel-2.21.12-2.el6.i686.rpmdfe0ba50b6a87a90284e2fb0d6c38f620ddbcabe597f220913c7cb0d5c732b26SLBA-2013:1597-1This update fixes the following bug: * Previously, the hot plug detection and mode setting were not performed automatically. As a consequence, the user had to run the utility program to enforce the changes when plugging in multiple monitors. The driver has been updated, and the hotplug detection and mode setting now work as expected. In addition, this update adds the following enhancements: * Support for new graphics processing unit (GPU) hardware has been added. * Support for hardware acceleration, including OpenGL, of the Radeon HD 7000 Series has been added.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-ati-7.1.0-3.el6.i686.rpmfdef87e1f08266da1011f50c32ebe65e5b077dbf335d2936979ce223535988b3xorg-x11-drv-ati-firmware-7.1.0-3.el6.noarch.rpm3cc68946e9b47d47820f3c8f7ee6a8e1c8f68d2dde0e3a6cbffc4694a90faaa0SLBA-2013:1598-1Scientific Linux FermiScientific Linux Fermi 6selinux-policy-minimum-3.7.19-231.el6.noarch.rpm47882243670f82c18e192bd607afc3c924266e8b6325fdbb375559df156e2d94selinux-policy-doc-3.7.19-231.el6.noarch.rpmee48ff7a899ab4e916383069c7b73c3ca07bb36e7021cf0f441611d169b1daffselinux-policy-targeted-3.7.19-231.el6.noarch.rpm602fe3837360ade3314bc21f7a31a4ec2c0510a1a2f38bfea80f79630f0acd4aselinux-policy-3.7.19-231.el6.noarch.rpma788f2be451ee40ee8934172d15c4c2d285c81a7537a84e334d86037bfde847aselinux-policy-mls-3.7.19-231.el6.noarch.rpmc616a6dafaf86c32c65617cd5985d5abd0f88d4a18ddc2e2e6dddc7f22fbbb47SLBA-2013:1610-1This update fixes the following bugs: * Prior to this update, the graphical user interface could appear distorted on 19-inch monitors with the 16:9 ratio. The xorg-x11-drv-mga packages have been fixed, and so the distortion no longer occurs in this scenario. * Previously, resolutions higher than 1440x900 were not available with Scientific Linux 6.4 using the MGA G200e chips. Consequently, the Matrox driver did not allow native resolutions to be reached for many monitors. With this update, the X Server no longer discards larger resolution modes, and resolutions higher than 1440x900 are now available.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-mga-1.6.1-10.el6.i686.rpm67e411efa398436de259dc652d913730a688e7b1414a48981890f2b88e3fecf6SLBA-2013:1617-1Scientific Linux FermiScientific Linux Fermi 6cman-3.0.12.1-59.el6.i686.rpmefc0e3b8eda913d5c39fffa9f102d14701ba21340a000209994e88d3373d8399gfs2-utils-3.0.12.1-59.el6.i686.rpm6a70a36b5c62e4041d248f5e92b59bec69cae0153702d6dde2077b0398ec29b5clusterlib-3.0.12.1-59.el6.i686.rpm15c99ac9d0aacab78f4421fe3630e3bcc647b497e7ae86d792621abe9723a534clusterlib-devel-3.0.12.1-59.el6.i686.rpme6544bd97a13672912e1773de8684e2115220a8c8127ac90231918a45768ae32SLBA-2013:1634-1The libqb packages have been upgraded to upstream version 0.16.0, which provides a number of bug fixes and enhancements over the previous version, including a patch to fix a bug in the qb_log_from_external_source() function that caused the Pacemaker's policy engine to terminate unexpectedly. This update also fixes the following bug: * Output of the Blackbox window manager did not contain logging information if the string's length or precision was specified. This affected usability of the Blackbox output for debugging purposes, specifically when used with the Pacemaker cluster resource manager. The problem was caused by bugs in the libqb's implementation of the strlcpy() and strlcat() functions and the code responsible for the Blackbox log formatting. This update corrects these bugs so the Blackbox output is now formatted as expected.Scientific Linux FermiScientific Linux Fermi 6libqb-0.16.0-2.el6.i686.rpm6ae933d71c06b8ba9e0db50136d9cffd47420fdfb01802f84dbe49c0991357a4libqb-devel-0.16.0-2.el6.i686.rpm15360c3fbd27ee68d653ad5bd76b2342bec044b00e2923b4ea7bc5c07585efceSLBA-2013:1644-1This update fixes the following bug: * Previously, the synaptics driver scaled input coordinates based on the device resolution. Consequently, the X server could not apply the uniform resolution-based scaling for other devices in relative mode. The synaptics driver has been fixed to apply the scaling feature only if the X server does not support the per-device resolution scaling.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-synaptics-devel-1.6.2-13.el6.i686.rpm0cbe6cbc3785444c3805ab743d48e35fc2f2fb034a1e6ddff45626f064df7421xorg-x11-drv-synaptics-1.6.2-13.el6.i686.rpmbd29cac8785c18fee3f945290c925c7ff16ebedd4f4b36c0674e48327dfc693eSLBA-2013:1650-1This update fixes the following bugs: * When the user tried to start a guest with Scientific Linux 6 on a host with Scientific Linux 5, the QEMU QXL video accelerator failed with a segmentation fault. As a consequence, the guest was not able to start the system GUI. This update applies a patch to fix this bug and the guest now starts correctly. * When using multiple QXL devices with the Xinerama extension, or multiple QXL devices while each being a separate screen, an attempt to set a resolution higher than 1024 x 768 pixels in the xorg.conf file failed with an error. With this update, the underlying source code has been modified and the resolution can now be set as expected.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-qxl-0.1.0-7.el6.i686.rpm00312ffa6f800de9361fe88db3c23d0a8cb9079a7d081dd9169698abc3f5e72fSLBA-2013:1664-1This update fixes the following bug: * Previously, when using a VGA-compatible controller for certain NVIDIA Quadro graphics cards, the rendercheck test suite was not able to perform the complete check due to rendering problems. The xorg-x11-drv-nouveau packages have been fixed, rendering problems no longer occur, and the test suite completes the check as expected.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-nouveau-1.0.1-4.el6.i686.rpm6ccb6ca85c232796ccec69990116ed961d82febc47671abe246ebe8e82cb8755SLBA-2013:1716-1This update fixes the following bugs: * The imgssapi module is initialized as soon as the configuration file reader encounters the $InputGSSServerRun directive in the /etc/rsyslog.conf configuration file. The supplementary options configured after $InputGSSServerRun are therefore ignored. For configuration to take effect, all imgssapi configuration options must be placed before $InputGSSServerRun. Previously, when this order was reversed, the rsyslogd daemon terminated unexpectedly with a segmentation fault. This bug has been fixed, and rsyslogd no longer crashes in the described scenario. * Rsyslog directives used for controlling the file owner or group (FileOwner, FileGroup, DirOwner, DirGroup) translate names to numerical IDs only during rsyslogs's initialization. Previously, when user data were not available at rsyslogs's startup, IDs where not assigned to these log files. With this update, new directives that do not depend on the translation process have been added (FileOwnerId, FileGroupId, DirOwnerId, DirGroupId). As a result, log files are assigned the correct user or group ID even when user information is not available during rsyslog's startup. * Due to a bug in the source code, the host name was replaced by an empty string if the $RepeatedMsgReduction directive was enabled. This bug has been fixed, and the host name is now stored correctly when $RepeatedMsgReduction is on. * Prior to this update, the $FileGroup directive did not process groups larger than a certain size. Consequently, when this size was reached, the rsyslogd daemon failed to set the requested group and the root user was left as the owner of a file. This bug has been fixed and $FileGroup now creates groups properly in the described case. * An erroneous patch in a previous release, which changed the implementation of the configuration file parser, caused the rsyslogd daemon to terminate unexpectedly with a segmentation fault for certain configurations. With this update, the patch has been removed, and file crashes no longer occur with the default configuration. However, the $IncludeConfig directive must be placed at the beginning of the /etc/rsyslog.conf configuration file before other directives. If there is need to use $IncludeConfig further in the file, users are advised to prepend it with a dummy action such as "syslog.debug /dev/null". * Prior to this update, a numerical value of the PRI property was appended to the pri-text variable. The resulting pri-text value looked for example like "local0.info". With this update the suffix has been removed. Now, the variable only contains textual facility and severity values. * Previously, an incorrect data type was set for the variable holding the spool file size limit. Consequently, the intended size limit was not accepted and a message loss could occur. With this update, the data type of the aforementioned variable has been corrected. As a result, spool files are set correctly with the user-defined size limit.Scientific Linux FermiScientific Linux Fermi 6rsyslog-5.8.10-8.el6.i686.rpme3ac6aa896c7f4c5fbd22a3f760eb5b0697f4fdf61fa5ff662b5ecfa80e2d480rsyslog-gssapi-5.8.10-8.el6.i686.rpmc52f9cc4b62be7daf3b69a2454059b3bb93de7c80d6234589bdcc6049e981decrsyslog-relp-5.8.10-8.el6.i686.rpm5a02cd9ba08b5942f2b4fc850e965b423fa1ce338143a5b02681767f18ab9deersyslog-gnutls-5.8.10-8.el6.i686.rpm798dcae571dfbd3ccf0242f0ffa954d610e74da83a9553eb75d1f85585c97aabrsyslog-pgsql-5.8.10-8.el6.i686.rpm40676522630b47c04dedc9a9976a503907da59869c82e9c37e75143558c53281rsyslog-mysql-5.8.10-8.el6.i686.rpm7eca162855b0b1747afc04493636731acd2818c566cf946a576f444ead5304d7rsyslog-snmp-5.8.10-8.el6.i686.rpm139ea47e84b0d2c26a53f6e052ee5b3a9b593a65940c6f3658e0aac121bbf7eaSLBA-2013:1730-1This update fixes the following bugs: * When a domain was started using the libvirt client libraries and utilities, a memory leak was triggered from the libnl library because libnl continued to use memory that was no longer in use. With this update, memory leaks in libnl are fixed, and libnl releases memory after it completes its usage. * Prior to this update, libnl's error handling made generous use of the strerror() function. Nevertheless, the strerror() function was not threadsafe, and it was possible for multiple threads in an application to call libnl. With this update, all the occurrences of strerror() are replaced with a call to the strerror_r() function that puts the message into a thread-local static buffer. * When the max_vfs parameter of the igb module, which allocates the maximum number of Virtual Functions, was set to any value greater than 50,50 on a KVM (Kernel-based Virtual Machine) host, the guest failed to start with the following error messages: error : virNetDevParseVfConfig:1484 : internal error missing IFLA_VF_INFO in netlink response error : virFileReadAll:457 : Failed to open file '/var/run/libvirt/qemu/eth0_vf0': No such file or directory error : virFileReadAll:457 : Failed to open file '/var/run/libvirt/qemu/eth1_vf0': No such file or directory This update increases the default receive buffer size to allow receiving of Netlink messages that exceed the size of a memory page. Thus, guests are able to start on the KVM host, and error messages no longer occur in the described scenario.Scientific Linux FermiScientific Linux Fermi 6libnl-devel-1.1.4-2.el6.i686.rpm0b3ae53e07020c6a851027496f0b795bd1153e0b2416e72c36e11649078608a3libnl-1.1.4-2.el6.i686.rpma5d78d9d9f951a026b8449d546627b0416c7e0b5b3a9825eb5ca8c832d133d20SLBA-2013:1751-1This update fixes the following bugs: * Previously, the OpenSSL code incorrectly used RDRAND instruction when running on Cyrix CPU, which does not support it. Consequently, the applications that use the OpenSSL utility terminated unexpectedly on startup. The detection of CPU features on Cyrix CPU has been fixed, and the applications using OpenSSL no longer crash in the described scenario. * Prior to this update, the Transport Layer Security (TLS) client advertised support for some elliptic curves that are not supported by it. As a consequence, server could choose unsupported elliptic curve and client would not be able to communicate with the server over the TLS. With this update, OpenSSL TLS client advertises only the curves that are supported by it, and TLS communication with server (using also curves not supported by the Scientific Linux OpenSSL TLS client) can now be established. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.Scientific Linux FermitruetrueScientific Linux Fermi 6openssl-1.0.1e-16.el6_5.i686.rpm8e6da949a6e62ac2fb353c6df307cfc86059bd3ae930271c975fea758d19149fopenssl-static-1.0.1e-16.el6_5.i686.rpm12c8593a3835fa40fb6faf864ff3a14a3eeee872ec40dae45227938e16fc27f3openssl-devel-1.0.1e-16.el6_5.i686.rpm68cd7f2c1c5956122f32a1ebb0a7114e763b1ca9d9679477d3c9f40e37c7bc57openssl-perl-1.0.1e-16.el6_5.i686.rpmedaebd3ee15e26a7a747348472f2bb812f5c0825e0d388d587ac6f9b52072b0eSLBA-2014:0101-1This update adds the following enhancement: * This update retroactively changes the Daylight Saving Time (DST) rules for Fiji, which entered DST at 2:00 a.m. on Sunday, 19th of January, 2014 instead of the previously-scheduled 3:00 a.m.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2013i-2.el6.noarch.rpm98754c267522cbf45356e5a3aac5da6fa18ffbe3da6a4639cff29a2e82e24d1dtzdata-2013i-2.el6.noarch.rpm34e238df0312b5bde6ad6bb8e3444a81dcd42792268803a5d98e875193b577aaSLBA-2014:0295-1This update adds the following enhancement: * The Turkish government decided to delay the start of daylight saving time (DST) in Turkey this year. DST will begin at 3 a.m. on Monday, March 31 instead of 3 a.m. on Sunday, March 30. The respective tzdata rules have been updated to reflect this change.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2014a-1.el6.noarch.rpm5227998dfd793415054f8fa4aca4047013325dbebd4f8c8d8fc69a472a03a1f2tzdata-2014a-1.el6.noarch.rpm8e09786936ce5094909c0585450aa047e8b572c735166564156dc29276b305cbSLBA-2014:0324-1This update fixes the following bug: * Previously, the newly implemented functionality in the snmpd daemon did not work as it required the update of selinux-policy. To fix this bug, the net-snmp packages have been updated along with the selinux-policy update, and snmpd no longer fails.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-minimum-3.7.19-231.el6_5.1.noarch.rpm212cef6f0fedd54815c27db7dc1d36af4bf34612df96465844e9713d2dcebfcdselinux-policy-doc-3.7.19-231.el6_5.1.noarch.rpm8d637b31e3ed6147187425c4cf4b7d6b4bb8d1bcd1a475263402a5aca7876641selinux-policy-targeted-3.7.19-231.el6_5.1.noarch.rpmd2dc4c70209887d0f19082c71093932237f2b0e4d1317882370669ef21fc2cd6selinux-policy-mls-3.7.19-231.el6_5.1.noarch.rpm143b82e96cc75189788f448d51eb2875e9e9aa176aaa438e3eb98f5773cbb058selinux-policy-3.7.19-231.el6_5.1.noarch.rpm65ca0e29e626b4b1a61f6466ca08e104c28ddbc24778c0ea7536975935e12d9cSLBA-2014:0766-1This update fixes the following bug: * The CVE-2014-0191 security fix for libxml2 changed the condition for loading external parameter entities. Additionally, after this fix, some patterns of validation, such as the "xmllint --postvalid" command, failed to execute, and KDE documents could not be generated correctly. This update fixes the aforementioned regression and allows "xmllint --postvalid" to work as expected. The desktop must be restarted (log out, then log back in) for this update to take effect.Scientific Linux FermitrueScientific Linux Fermi 6libxml2-static-2.7.6-14.el6_5.2.i686.rpmd64a1d6f6db4b3569adcdc0c3c3b06f8fbf1e38e0684a82416a592e3ae65894clibxml2-2.7.6-14.el6_5.2.i686.rpm3087086c97102fafe6c77edf1f087ab9620758dbe9d8f8a2f4e62a0267889b15libxml2-python-2.7.6-14.el6_5.2.i686.rpmf0d8475398e6b78d711525913a59a0572f82f85956f63fefb6de097c135e5924libxml2-devel-2.7.6-14.el6_5.2.i686.rpm33b7d95b26c6eabdb860ddac1afea274c7ff5f7b8abc083908879bf3ca49fcd7SLBA-2014:0777-1The ql2500-firmware packages have been upgraded to upstream version 7.03.00, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6ql2500-firmware-7.03.00-1.el6_5.noarch.rpm64abe3d0099e73667379c8d1a1b2352bdc52f23a8ab10b672f13dff7f3de8295SLBA-2014:0778-1The ql2400-firmware packages have been upgraded to upstream version 7.03.00, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6ql2400-firmware-7.03.00-1.el6_5.noarch.rpmcc5327ff81954cd17ced361360c6821684addf500dc80cb73a295c9e724c635fSLBA-2014:1249-1The firefox packages have been upgraded to upstream version 31.1.0, which provides a number of bug fixes and enhancements over the previous version. After installing the update, Firefox must be restarted for the changes to take effect.Scientific Linux FermitrueScientific Linux Fermi 6firefox-31.1.0-5.el6_5.i686.rpmaeaa3555f72896ec512cdca7cddcd22941e8f44b4c333adcec836e29125afaadSLBA-2014:1376-1The individual X.Org drivers, previously provided by the xorg-x11-drivers package, are included to allow installation of all drivers at once, without having to track which individual drivers are present on each architecture. This package also provides Mesa 3D graphics API that is compatible with Open Graphics Library (OpenGL), as well as hardware-accelerated drivers for many popular graphics chips.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-xgi-1.6.0-20.20121114git.el6.i686.rpm0806f9ac3e6f27e01f9ecfb07b7363c0126ce8bbd67928eda1c2df0795855ab5xorg-x11-drv-mouse-1.9.0-1.el6.i686.rpm822d87832c2a17ba64b30d464bfa63df2e19ceef3483455bb4634d05031f4f43xorg-x11-drv-evdev-devel-2.8.2-4.el6.i686.rpm766f8bdd420c6d5ae9cd0ea6a4329009092b9f61454ae828742ea3de26dc10eaxorg-x11-drv-penmount-1.5.0-5.el6.i686.rpm518cfd01b320f61c313fc96965d98fab1da404f243e824794309d10078528344xorg-x11-drv-mga-1.6.3-5.el6.i686.rpm972d6d00555dafcf7b3888f9c05a41d1ceda92db0fef9ed1d5ef91b58fd9b02axcb-util-keysyms-0.3.9-5.el6.i686.rpmb5b2a76d15df1b039f7be1bc8b063be1923d0b666a36f885465b8dd9a3741485xorg-x11-drv-mach64-6.9.4-8.el6.i686.rpm9139aad045dd01fad76f253259a1c001d8968c0c960453f34db72f871a77e698mesa-private-llvm-3.4-3.el6.i686.rpm29313f091759b8eadb3b50485daa1cb4dfb320939a9b4a739efb095c33293fb2xorg-x11-drv-geode-2.11.15-1.el6.i686.rpm7fc869163ded8407330aa68d88dda757c9aa0fc4e38652321dcc1cc150f4e4cbmesa-libgbm-10.1.2-2.el6.i686.rpma64fbf719f6de97fcffa86883525ef7c612c5db20942f21262d6a00bcae421c0xorg-x11-drv-r128-6.9.1-8.el6.i686.rpm38350c8e00ce58d368d001c131e4fd6541051e5f686c99170aa0657f45c1766cmesa-private-llvm-devel-3.4-3.el6.i686.rpm5e2869e42acf96bce0c3e730eda137bc17573503779bbb4c7916983ca54876bdmesa-libOSMesa-10.1.2-2.el6.i686.rpm6155382cd61c67b0fc8c6e50652514b0419c0139469835c9db76598a583a3dd0xorg-x11-drv-vmware-13.0.1-9.el6.i686.rpm734dcb6469eeb4422098f5e43a3be0a99808c5b38ecc7262f1ccee16cefc89bbxorg-x11-server-common-1.15.0-22.sl6.i686.rpmb3095bd0ef21b35732847790f220f06d7d77f5a2592fb9c55d57dec9233fff6bxcb-util-0.3.6-5.el6.i686.rpmefd4b98749d0c4b49a60be0e655e76a735216f6d5e51f786125367b2f2bb5ea7xorg-x11-drv-nv-2.1.20-5.el6.i686.rpm5b4a35e6ecb134f732c09cec513f0d28dc25f3d9464c587b6ddf0450e318cf35mesa-libEGL-devel-10.1.2-2.el6.i686.rpmc49deb8108f5503a1ef0e4e3457da3811b565477b5fe2dfa5945a7a308309906xorg-x11-drv-nouveau-1.0.10-1.el6.i686.rpmf87559aea06b26b36425763d8d6def2a74838985f2f5f3a286e42f7653a9f4d1xorg-x11-drv-voodoo-1.2.5-10.el6.i686.rpmd3ed557aa594a7455b5ee0baf11b1c95d2e6cffa56d57fe3534a93db38671e7cxorg-x11-server-Xorg-1.15.0-22.sl6.i686.rpmbade66f5b05773a1f928ec77ea03f2601c5491649e5c5f3a48fa68755af9632fxorg-x11-drv-vmmouse-13.0.0-2.el6.i686.rpmb0486934546f291506e403086436291ac55d1113ba3b28ac8f8c9715e9ec4ba7xorg-x11-drv-synaptics-devel-1.7.6-1.el6.i686.rpm7c84d6e6c105bc3458a02f5189c0836a23ed1c88a4333a5b3356744fc2ecf69cxorg-x11-drv-openchrome-0.3.3-6.el6.i686.rpmc5517ec9af63cc3fb24e0e37f10cd4f9e62add717e66281aeb6553ebae18d9c2xorg-x11-drv-fbdev-0.4.3-16.el6.i686.rpm3ee74b4ce3ea42c48274541ec0bfdef472f01c10d6e610e0d8950856aad6a362xorg-x11-drv-rendition-4.2.5-10.el6.i686.rpmc53bc63a8aad14bd651601665f553ac412da09cbfa9b70864881fcf6cba1f46axorg-x11-drv-intel-devel-2.99.911-6.el6.i686.rpm9f1facde401631f122c646a18734a14145b44128c4254dd78f0670645fb1fc73xorg-x11-drv-keyboard-1.8.0-1.el6.i686.rpm3671c4269bd9a071aa47bcb975a58cb7583af6d66f087a0261bb1904e2539648xorg-x11-drv-savage-2.3.7-2.el6.i686.rpmdf6911bb27aa76b76957fee4b60334ee5070ff101588e041581d1b7e7cdf21b2pixman-0.32.4-4.el6.i686.rpmf173514407e82be1ce1e9cd63989f26ba7db9eda6ffd4d9406f45b63c97d63c9xorg-x11-drv-trident-1.3.6-10.el6.i686.rpm539a8423e32e835fce7091fe404230d4fab4a658ef84790322c16982bf4ccc2exorg-x11-drv-apm-1.2.5-10.el6.i686.rpme2e22ee003826e353fbfd98833b3cdbbacff0937ef971d98650aed981edb8d1axorg-x11-drv-evdev-2.8.2-4.el6.i686.rpm4622ea471a321b106990d55d68a7904efdfabb2a72ba57047c841fe5da86ed34xorg-x11-server-Xvfb-1.15.0-22.sl6.i686.rpm974d0a78456da7e907994d8acd468d1d8b6ed1830094728b4ff8600681a58a39xorg-x11-drv-cirrus-1.5.2-2.el6.i686.rpm4d3298e39a6a6ea22c93854e3b49d3822b289eab21fd00755ce21f643e601672xorg-x11-drv-openchrome-devel-0.3.3-6.el6.i686.rpm9d6b01c6e3637cf01683c40479537d907d062ef06eed09d45bf0f7132fcc65b3xorg-x11-drv-qxl-0.1.1-15.el6.i686.rpm8571aaa1972d3ad6e7918a1aa672d0a1e47560b52e373e654419b032a152bae1xorg-x11-drv-elographics-1.4.1-3.el6.i686.rpm83457fbd87c2e36afb0d8ce9c0fde8a7c44924dfadb4ce07ceac7a8275d10e31xorg-x11-server-utils-7.7-2.el6.i686.rpmdfaa3e5b6735054d0b8eb83dd0cbf87b3dec9b78b4fb7d7482e7ba7f37400d85mesa-demos-10.1.2-2.el6.i686.rpma23d05441132615f1c6caa38aee1fc5ffe6cf78cc1f3f218eabe5fb9ef3ed469pixman-devel-0.32.4-4.el6.i686.rpmbe432d4dba2fe35cb07ec0c0ee575184126201cb2f0fd6e2b09b1c95d63dde6dxcb-util-wm-devel-0.3.9-5.el6.i686.rpme17365c0aadb02dbf45627db3f35481d66659e392e14e8dd7bb083c93dd4c67axorg-x11-drv-modesetting-0.8.0-14.el6.i686.rpm8c39f3768e923d40e19e1d01fe63f8d02680ec5d0298abea9a7374c0478c8466xorg-x11-drv-i740-1.3.4-11.el6.i686.rpm8f97cf1d8a9f61779855a7421d107987da0604617a1ed1c87c3a233eba1221d3xorg-x11-server-Xephyr-1.15.0-22.sl6.i686.rpm076460a78f131b5753f87731e1602369042da835079fb4043a55167dd2313a7bxorg-x11-drv-sis-0.10.7-10.el6.i686.rpm8c98a56258c66d7a112e003ca90011da6d1d744b7fdf7b0525dff8b3481418f5mesa-libEGL-10.1.2-2.el6.i686.rpm9a66af454eb6757f26a479ea5fda3b73ff86365f56f6cb5bf8545f2ac25de7bcxorg-x11-drv-ati-7.3.99-2.el6.i686.rpmb8021a69b0350e4f0708bb078e5e6b641eee5442bb9202843349b377ec774b76xcb-util-wm-0.3.9-5.el6.i686.rpm9760a7df3ddd5c84d02c9a758aa06f781ac011d099b42f4478bb6cb8a6fe741exorg-x11-drv-intel-2.99.911-6.el6.i686.rpm901f4d45627c48d199374c335989e3ce309aac4ff281568c742b4296eacd46a3xorg-x11-drv-wacom-0.23.0-4.el6.i686.rpm92b746b6804d0f2e2c88afd342d50ed9f2a1fa33fb01cb13d39aeb41ef4187bfxorg-x11-server-Xdmx-1.15.0-22.sl6.i686.rpm28572030050ded5e8aa443fa0356948d3601bd9243a30700dd39da59dd22a56bmesa-libGL-10.1.2-2.el6.i686.rpm7b3d61b0cb9d537bf5b72a2e6b6e737a95bee3356b33a53d6c6bcd3e815395f0xorg-x11-drv-s3virge-1.10.6-10.el6.i686.rpm7f60561c260dd5da1b13b9878d7d010d2883647424564339d3a468812f0c1875mesa-libGLU-10.1.2-2.el6.i686.rpmd611c1787b4be661ac097ecaec77f225e0a35a5fd7c47244d271a5aff712b873libdrm-devel-2.4.52-4.el6.i686.rpma1fdcf47e5658e4f571924798ace95cd8c2397d376b7dc3357b25c0fe37a2119mesa-libOSMesa-devel-10.1.2-2.el6.i686.rpm9743f9b99816939b3c00eb1db3d76da70e100352a7efe45124936f7b02d97629xorg-x11-drv-wacom-devel-0.23.0-4.el6.i686.rpmc424c481d93a013a3f70bd074fd82556a3107ad28805c70a3e61f44cdcbd04f6xcb-util-keysyms-devel-0.3.9-5.el6.i686.rpm8c98496725f77b3cdbcb205ee237a6b5d5e7dec570d05ed61f1e66d2e581d60dxorg-x11-drv-aiptek-1.4.1-5.el6.i686.rpm5f4e70d25a5fb600c4b83c2de41af6b9ff2d9cedd0b391404ba35c48213f7b7bmesa-libGL-devel-10.1.2-2.el6.i686.rpm2e04a8306d62519426805c520ca2b14bc635d44f3607b34df7c14c42691ab596xorg-x11-drv-fpit-1.4.0-6.el6.i686.rpmf74f0677ec95299f584025410e2716db7b2c3c2d1992245fa3f185224f754ccbxorg-x11-drv-vesa-2.3.2-15.el6.i686.rpm6297fe46d7330d1638634f2cc3589c5fc471f1f8f13d45e4d6f2a5a14fc38fbdxcb-util-image-0.3.9-4.el6.i686.rpm28f2f83fc96f40f9a69e0a37bc07e153acf26a0c88a10428ba422a98a717f699libdrm-2.4.52-4.el6.i686.rpmc6a39c35601c3921c2148e14436ce3d226f6058e1bbd15cdef0c6041791c8c2dxorg-x11-drv-neomagic-1.2.7-7.el6.i686.rpm2527482bba973b40aaeb7bbeb26971e4881630d204e00180fd47a373682e2538xorg-x11-drv-dummy-0.3.6-15.el6.i686.rpmf50db072242324af7c6f75977c3e2a824f464f0fd44e4c9211264ea603274826xorg-x11-drv-void-1.4.0-23.el6.i686.rpmee96cd14f1e699947f6716df2923cc06c65c3781545a13590beb44b421ab56eaxorg-x11-drv-hyperpen-1.4.1-5.el6.i686.rpm6185155d199f864fe55c04c5e97f46c57779c63d6061f1d9b8f0cc1a56987571xorg-x11-drv-siliconmotion-1.7.7-9.el6.i686.rpm7a8aca98b8f43c0417691491d599e2597afaaf4d694d640cdb78d4bbd77a09b5xorg-x11-drv-synaptics-1.7.6-1.el6.i686.rpm1ebfe26547d16a6ab4c1260fcaeb3baecc5c3ccd987d00b678bf8e9b58ac54b5xorg-x11-server-devel-1.15.0-22.sl6.i686.rpm38751224fb74e24d4ea6e11926a65d0091df8bc6e29795504b0cc3eafaac2464xcb-util-devel-0.3.6-5.el6.i686.rpm24125b84889ce51b40ae356854c025d84d457b05bf8e0bd676612bdf7e7d83d1mesa-libgbm-devel-10.1.2-2.el6.i686.rpmaf48197dbe9ca31661426acc7f400e3aa272b39ac3cef1ebfdfc22b2ba392eaaxorg-x11-drv-glint-1.2.8-10.el6.i686.rpm7be0a687441afd34464e72fbc33bcb3316bed949d7e688e38589848a08eb54bdxorg-x11-drv-acecad-1.5.0-7.el6.i686.rpm6db5f7bdf379c3d078acb5acab758b68f30d8413c3c497f4fec86cb9b0c10b0axorg-x11-drv-mouse-devel-1.9.0-1.el6.i686.rpm26b830a6dc2f0e713b97c4f5672864e198e09b498457c02e18eced070a91f391mesa-libGLU-devel-10.1.2-2.el6.i686.rpm0e5c6d3704f2cd0e8500474c3fa8bb485b5630d7c79bf1351490c9ffe7ee8b8fxorg-x11-drv-v4l-0.2.0-36.el6.i686.rpm6711c4fb170ffb8305dbf5b3bbbe976adcf0705e67aecfc5d62fb413f60b283excb-util-image-devel-0.3.9-4.el6.i686.rpm77e51073a75616a87b981a5cdbf74624aa4d6afbe45ac7e72d397a198afa43bcxorg-x11-drv-tdfx-1.4.5-10.el6.i686.rpm23d3a153c538346c06b10b85eda190e94df37f00b834963efaa6896acf77e5faxorg-x11-glamor-0.6.0-5.20140506gitf78901e.el6.i686.rpm7d378f58de5d640b3ea4c0493c1dd9effa9d29cac93a49eaa0e197ecfc3d3803xorg-x11-apps-7.7-6.el6.i686.rpm63bf6aed292e5b9d629afa48523ad1212c14cb8d315007a086cd928bc63bf3e0xorg-x11-server-Xnest-1.15.0-22.sl6.i686.rpme78254eb175207a41d6afd73d36a66e1d9dc5257dee27da3e5fc061d7be9eab0xorg-x11-glamor-devel-0.6.0-5.20140506gitf78901e.el6.i686.rpm4d940f037d748f0663f62d1d4de2c3b3bdd0ce7569397ede2d9100f8df06d467xorg-x11-server-source-1.15.0-22.sl6.noarch.rpm8c680e5bbc2b7ca04922efba17dd8599941d89821ad3dcb15f310093792d376cxorg-x11-drv-mutouch-1.3.0-5.el6.i686.rpm7b94d84b3ff53d1f5a2bba858051b5c06eb0f345e9f02093c4bc2d06e446a180mesa-dri-filesystem-10.1.2-2.el6.i686.rpm06999caa8af471a2f16974b261aadf63a34304ca730abe3de2821baea4e06478mesa-dri-drivers-10.1.2-2.el6.i686.rpmea290a609bae27d40723c6ba5c5846df5e181b8691924a8ef991d3d81c1fcd52xorg-x11-drv-i128-1.3.6-10.el6.i686.rpmb35d9c5f018247dea32c6e208198daaed0835f10d1058368de2a51a892375000xorg-x11-drv-ast-0.98.0-1.el6.i686.rpm4914c961a755abf50bcac7a2303580efea005b9582e6390921f5a6f634f392d6xorg-x11-drv-sisusb-0.9.6-10.el6.i686.rpm8c8e9af22393a3842a76ae8e4dbe1348dea6defbc8a605f3864c7a502f9f4ce4xorg-x11-drv-ati-firmware-7.3.99-2.el6.noarch.rpm1b1b28f3dd27383cd751d8231766ab851ce7d2250abfd70456619f8eb59458faSLBA-2014:1486-1The bfa-firmware package has been upgraded to upstream version 3.2.23, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6bfa-firmware-3.2.23.0-2.el6.noarch.rpm5bd3db3f11525db80697a43931faa73616090377a3ea43f9d6bd37912863b326SLBA-2014:1496-1The ding-libs packages have been upgraded to upstream version 0.3.0, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6libini_config-devel-1.1.0-11.el6.i686.rpm0cd09b6b85909e1e9bb267969d8be9a96ae0200b85d216cdaa3a0d30447c9595libbasicobjects-devel-0.1.1-11.el6.i686.rpm260f6b11c7fcf954a6ea8e714e490738dcbc637bc7eb752ca5fa45b5d09606c5libdhash-devel-0.4.3-11.el6.i686.rpm3195b37984ff5f8d19d9dc9e3c817edcd2b0afec9567bae572eb07832c9ea144libdhash-0.4.3-11.el6.i686.rpm035681d0dc8bf501d3269f551226d0e79b1460c9625077ea5868d1fd462afbe9libpath_utils-devel-0.2.1-11.el6.i686.rpm748b095c55bfb38ff6126facb86a84440dff32b8939c81dace654a88791852e9libcollection-0.6.2-11.el6.i686.rpm8927b1c1c134a665d7da713ab48783f8bac8be071228d0a92b2afc420e0b3eb9libref_array-devel-0.1.4-11.el6.i686.rpm60eb23bca79adc0161cad61bd30d267d1703b44993b2afd7584a85d0596274e3libbasicobjects-0.1.1-11.el6.i686.rpm26b3763383845986eb62bc64a9e6bdb3aef737cf7ca2b4c9b8ab65d5c53df22dlibini_config-1.1.0-11.el6.i686.rpm33b6206f77e0c79dc1cfe5bc1876d835badefffa210066caf8c41ed6b64ddda3libref_array-0.1.4-11.el6.i686.rpmeed7d44771834988450799101e9bb09e55d3e986e3e17fd4f586e066aca2a850libcollection-devel-0.6.2-11.el6.i686.rpm6a76ab268fdccbf3d6a98d8fc1799f66f2fa9355eb38fc87f9e04fce53b2953blibpath_utils-0.2.1-11.el6.i686.rpm8276fc22cd564cf6d84d18a0b1cc893538c873ffda41e07cfe62cb06fe5d612fSLBA-2014:1498-1The gdisk packages provide a fdisk-like partitioning tool for GPT disks. GPT fdisk features a command-line interface, fairly direct manipulation of partition table structures, recovery tools fort dealing with corrupt partition tables, and the ability to convert MBR disks to GPT format. This enhancement update adds the gdisk packages to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6gdisk-0.8.10-1.el6.i686.rpm3c93d1b2f9e050c4d1feea316edc2cab6e4336b1afcd5bcf18d6c5c4f566702bSLBA-2014:1527-1This update fixes the following bugs: * A bug previously caused the LineBreakMeasurer class to produce the ArrayIndexOutOfBoundsException error when Java attempted to display certain characters in certain fonts. This update fixes the bug and Java now displays the affected characters correctly. * Prior to this update, an application accessing an unsynchronized HashMap could potentially enter an infinite loop and consume an excessive amount of CPU resources. As a consequence, the OpenJDK server became unresponsive. This update prevents unsynchronized HashMap access from causing an infinite loop and as a result, the OpenJDK server no longer hangs in the described scenario. In addition, this update adds the following enhancement: * Shared Java libraries have been modified to allow users to run Java with the cap_net_bind_service, cap_net_admin, and cap_net_raw capabilities granted. All running instances of OpenJDK Java must be restarted for the update to take effect.Scientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-demo-1.6.0.0-11.1.13.4.el6.i686.rpmfd6e68498f7ef533d20c8eab4f030ef2ed2408fc85ca3ff0e38cc9713a1b5c85java-1.6.0-openjdk-1.6.0.0-11.1.13.4.el6.i686.rpm3042343d5fec0991624b2e7578281f10ad951439d639a5465f765e76fb1c3933java-1.6.0-openjdk-devel-1.6.0.0-11.1.13.4.el6.i686.rpm52a553a4fc5ad351563d6080f1ae06bcf877df893710311f9c0014722d57fbe1java-1.6.0-openjdk-javadoc-1.6.0.0-11.1.13.4.el6.i686.rpmf24370350ccab02a4ab44625a7a673cfc10fae1af481aeab629455bedad0a4b3java-1.6.0-openjdk-src-1.6.0.0-11.1.13.4.el6.i686.rpm3a64ca9425941d7a824e8db25486c788908b5f2df912a7b296d7058d03db1395SLBA-2014:1538-1The glib2 packages have been upgraded to upstream version 2.28.8, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6glib2-2.28.8-4.el6.i686.rpmc683b4760512c3eff47d8135e61bf702920e246080b3e09b5c61fe0fdfff7d99glib2-doc-2.28.8-4.el6.noarch.rpm5a46c255b6bc2fb31401b27a8a41a4545cda30aeb03d3782b4cead9375b30fdfglib2-static-2.28.8-4.el6.i686.rpm7623bba53da4db1a62c7653643b7b75e270c6fd10dd19e52f3b620cfd91f55e9glib2-devel-2.28.8-4.el6.i686.rpmd3a376e55df6fa0c2cfd954fe6df8634c0408602c208d48357ec781f5a3655c0SLBA-2014:1554-1The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits such as GTK+ or clutter. The librsvg2 packages provide an SVG (Scalable Vector Graphics) library based on the libart library. The libwmf packages provide a library for reading and converting Windows Metafile Format (WMF) vector graphics. The library is used by applications such as GIMP and ImageMagick. The gtk2 packages have been upgraded to upstream version 2.24.23, which provides a number of bug fixes and enhancements over the previous version. In addition, this update fixes the following bugs: * The gtk_cups_connection_test_new() function used the default IPP port instead of the real one. Consequently, the GTK print dialog failed to get printer information from remote CUPS servers with a non-standard port number. With this update, the correct port number is used and GTK no longer fails. * The rsvg-convert utility of the librsvg2 library did not respect the width and height specified with the viewBox attribute in SVG files. As a consequence, avatar icons were smaller than they were supposed to be. With this update, the utility uses the correct width and height. * The gdk-pixbuf loaders were moved to a separate directory as part of the separation of the gdk-pixbuf2 library to its own package. This update moves the loaders present in the librsvg2 and libwmf libraries to the new directory. * The newly-added GtkComboBoxText widget could cause applications that used it to terminate unexpectedly due to the incorrect initialization of one of the widget's properties. With this update, the initialization has been fixed and the applications no longer crash in the described scenario. * Missing forward declarations for various functions caused the compiler to assume an implicit 32-bit integer return type. Consequently, the compiler terminated unexpectedly because the string pointer was truncated to 32-bits and then extended back to 64-bits. With this update, the "#include" lines for the appropriate headers have been added at the top of the affected source files. As a result, the compiler no longer crashes. * Previously, the GTK+ print dialog failed to print to a file in the default directory due to an incorrect path generation of the file. The generation of the path has been fixed, and GTK+ prints to a file as intended.Scientific Linux FermitrueScientific Linux Fermi 6libwmf-lite-0.2.8.4-23.el6.i686.rpmfe4f28cceae96542fa57274c5b0fa7d8cef1da7f11f5b455684bf68afd358efbgdk-pixbuf2-2.24.1-5.el6.i686.rpmf8eb166724df7c3a05c1a853be97d6270e992dfc7afa2d4f8cc990e29818078dlibwmf-devel-0.2.8.4-23.el6.i686.rpm1fd26e2ee62e98376e5e35fa6aea0bc21b6e17951d1507bfed7da2439ebc1eb0gtk2-devel-2.24.23-6.el6.i686.rpm56b58a04940edc66b6f161bbff42bff1f509f1e14425c0ae1c5d80dfbd59348alibwmf-0.2.8.4-23.el6.i686.rpm9a8e4ca17a0aa1b4bc190b4ea941ffc4d9fa930d9619e9441d28b7e13f3d8bbbgdk-pixbuf2-devel-2.24.1-5.el6.i686.rpm5dd44bdf9bcb9070691fcf6778b7fa52bd75bf862fb0aebfca325f460ee9cc9cgtk2-2.24.23-6.el6.i686.rpme7fcf0ab1e65873359c305cc4e28462c8deb699cc01bd42421a27c621664366blibrsvg2-2.26.0-14.el6.i686.rpm8d7682ba28eebe4744930192990723350f33e496e8909b574c6ee1ff79f58f26gtk2-immodule-xim-2.24.23-6.el6.i686.rpmeed264dde535fb8b8341f4b6d1e3c6e4208694883c700e96cadcb8fb67cdf47egtk2-immodules-2.24.23-6.el6.i686.rpma43ed6248e11bd14e24e54aa9f88f7c19db2b86be7ae46a0df232fef8c17fb83librsvg2-devel-2.26.0-14.el6.i686.rpme1d631dd71235d4a34235f6e5746af0694bdd29f515cb6f309405c2ddf3902f1gtk2-devel-docs-2.24.23-6.el6.i686.rpm060e2b47511169852999e45c2edb1d87e15639e4a3cc9b4fbe2b7d78466d31e1SLBA-2014:1867-1This update fixes the following bug: * Previously, the nss-softokn-freebl library under certain circumstances called the prelink program, which in turn sent the SIGCHLD signal. However, the "ps" command was not compatible with SIGCHLD and failed. With this update, the signal handler prevents SIGCHLD from affecting "ps" and the command thus executes as intended. In addition, this update adds the following enhancement: * The NSS support for Elliptic Curve Cryptography (ECC) has been enhanced to enable the OpenJDK SunEC provider to use the nss-softokn implementation.Scientific Linux FermiScientific Linux Fermi 6nss-softokn-devel-3.14.3-18.el6_6.i686.rpm8e6c972b62f235d3364dfab5989649cc6cd10b75d6a83b79879ce110bb283e6dnss-softokn-3.14.3-18.el6_6.i686.rpm5e2dcce93b744876bfd52ebc4b5ae1386a33db7e0ddaa70770687dbab602dca9nss-softokn-freebl-devel-3.14.3-18.el6_6.i686.rpme7c429caa774bc87f6693c42c6d85ab0c3240aa404aff8e3fcd6c34e194b97f4nss-softokn-freebl-3.14.3-18.el6_6.i686.rpm4f9a3ae697e352ee660e0fb6ea4fb6a3674591abf3bcacf047285f55399c91e6SLBA-2015:0048-1This update fixes the following bug: * When updating the nss-softokn packages to SLBA-2014-1867 advisory, some programs terminated unexpectedly with segmentation faults. With this update, the softoken and freebl libraries have been modified and a new auxiliary private freebl library has been introduced to properly handle FIPS-140 requirement, and the segmentation faults no longer occur in this situation.Scientific Linux FermiScientific Linux Fermi 6nss-softokn-freebl-3.14.3-19.el6_6.i686.rpm4e0e7b008c3e4493ad64094d862c9e17b001a2c9b9cd06e2ccf24aa6892a2017nss-softokn-freebl-devel-3.14.3-19.el6_6.i686.rpm6a743a6f6ab27efc8acbef775b8203a5adedbdfd7db087335877d41f4aefa408nss-softokn-3.14.3-19.el6_6.i686.rpm7aa019685ef595054bc3aa1ff022e7f712066f10f0784111d3ec9b95f502b8dcnss-softokn-devel-3.14.3-19.el6_6.i686.rpm999c59ada1a1e35c51cdc43f7a10f664785c3f843b0a9fd1ff5de60eb62b8465SLBA-2015:0089-1This update fixes the following bug: * The previous release of gdbm introduced a regression in the way file handlers were used. Consequently, gdbm failed to write to a database opened for reading and writing. With this update, the file handlers have been fixed to use the right flags, and as a result, gdbm works with such databases as expected.Scientific Linux FermiScientific Linux Fermi 6gdbm-1.8.0-38.el6.i686.rpm5d838c7bb019ceda7e68341f45e1dfe747a3e20928b553c63e16c316caa528a2gdbm-devel-1.8.0-38.el6.i686.rpm4ac621ec4af46e5f02ce0115cd6683029d40618bb64c2702ba6665fa74016681SLBA-2015:0110-2This update fixes the following bug: * Previously, changes in the spec file were introduced to meet FIPS requirements where a new libfreeblpriv3.so library was added along with its corresponding .chk file. However, the libreebl3.chk file was dropped which caused problems in dracut. As a consequence, when updating the nss- softokn packages to SLBA-2015:0048-02 advisory, brew failed to create a livecd process because nss-softokn was missing the aforementioned file. With this update, the nss-softoken.spec file has been modified to keep a dummy libfreebl3.chk, which ensures that dracut now works properly. * A bug introduced in a previous update caused the rpm and yum comands to fail. To fix this bug, a dependency on nss-softokn-freebl has been added to nss-softokn. As a result, yum and rpm now work correctly.Scientific Linux FermiScientific Linux Fermi 6nss-softokn-3.14.3-22.el6_6.i686.rpmc3e5736b180addace85669e894dc9f98a75fea16a1333ebb7cbdea740da3d2b6nss-softokn-freebl-devel-3.14.3-22.el6_6.i686.rpm1fa4e1b9d1d151e67333bd5af3630924f6894014826e4297665538afc1dc55denss-softokn-devel-3.14.3-22.el6_6.i686.rpm0428e9950b5ec0efb13c2567666d8cc56763b3d165e98da597cc58253170ffc9nss-softokn-freebl-3.14.3-22.el6_6.i686.rpm08904d4bdf215657365a34ad4c3229bb969e7d3f4a95a442d3c7ff66d36f75b2SLBA-2015:0693-1This update fixes the following bugs: * When parsing the "tls_cacertdir" configuration option, the nss-pam-ldapd utility terminated unexpectedly with a segmentation fault when the nslcd daemon started. This bug has been fixed and nslcd no longer causes nss- pam-ldapd to crash. * Prior to this update, the nss-pam-ldapd utility did not fail over properly on certain SSL-enabled LDAP server implementations. This caused the queries processed by the original LDAP server to be aborted and not resumed on an alternate LDAP server. The nss-pam-ldapd failover capabilities have been updated to prevent this problem from occurring.Scientific Linux FermiScientific Linux Fermi 6nss-pam-ldapd-0.7.5-20.el6_6.3.i686.rpm5c59fafb3bf0c9d8191fc02084b20c60fb8a7c5419dd20978cd6e1c6bbf2836aSLBA-2015:0705-1This update fixes the following bug: * Previously, the luci application server and the ccs cluster configuration command in some cases displayed incorrect information about certain aspects of the cluster, such as the daemon status or specific management tasks. With this update, replies to clients' requests against service modules included with the ricci daemon are composed correctly again. As a result, luci and ccs now provide correct information about the cluster.Scientific Linux FermiScientific Linux Fermi 6ccs-0.16.2-75.el6_6.1.i686.rpma10f81c14db7c10b744ba5691dd6e8867c89ce21cd8c3cd3925926d471d317acricci-0.16.2-75.el6_6.1.i686.rpma9bdd4d82b9f1f2805b7f47be397b307fe2a01050b5d23fee4d52c06fa32465cSLBA-2015:0926-1The nss and nss-util packages have been upgraded to upstream versions 3.18, and the nspr packages have been upgraded to upstream version 4.10.8. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Notably, these upgrades allow users to upgrade to Mozilla Firefox 38 Extended Support Release. This update also fixes the following bugs: * Previously, a race condition in NSS in some cases caused heavily threaded applications, such as the ns-slapd daemon, to terminate unexpectedly when under load. This update fixes the underlying cause, and the described crash no longer occurs. * When using version 3.16.1-4 of the nss packages, NSS returned different cipher suites than the prior versions of NSS. This caused certain applications that add external constraints to the cipher suites, such as the Lightweight Directory Access Protocol server (LDAPS), to fail. With this update, the cipher suites table in the /nss/lib/ssl/ssl3con.c file has been adjusted to be compatible with the previous version of NSS, and the affected applications now work as expected.Scientific Linux FermiScientific Linux Fermi 6nspr-devel-4.10.8-1.el6_6.i686.rpm30f72a9483f61a1281340ab1eb6ae877c325303cc39dbafb455f6eb3b566a139nss-3.18.0-5.3.el6_6.i686.rpm0a24527c25938db902100cfdef5eac806fa92ebf6fc771073d35d984ed8ebc86nss-sysinit-3.18.0-5.3.el6_6.i686.rpmb84b8a2266e5c130ebc9e6975d45fe226c475f1dc5da9705ce06473c479497bfnss-pkcs11-devel-3.18.0-5.3.el6_6.i686.rpm21cb2f05f8fe20e7e3f7e6c319de542f2d13445068628c3a83b5645aeddf623dnss-devel-3.18.0-5.3.el6_6.i686.rpmebd42efd43c755400bdf93d67fc91b4efcc0fe68796b11799c60e9b2f18746e5nspr-4.10.8-1.el6_6.i686.rpm89cd254f0a44ff7051aec8d8af610168af88a2cb19843ea0f09ca94e49585682nss-util-3.18.0-1.el6_6.i686.rpm1e2013665db61c5f421bfad97181b417f284e4a9e3e95d79f0f1a851a3a9a3d5nss-util-devel-3.18.0-1.el6_6.i686.rpm8cc7dc378da71799dbde9e17bc79efa8e8fa8b7d49a7f8929ea805dc388aad59nss-tools-3.18.0-5.3.el6_6.i686.rpmf8b6afd9ba1dd17ace5952c989efb9b2fb639e40950a13b0a2c818cc3f343103SLBA-2015:0953-1This update fixes the following bugs: * Previously, when the rh-passenger40 and httpd24 Software Collections were used together in SELinux enforcing mode, running the PassengerWatchd process was not able to connect to the httpd service. With this update, SELinux policy rules have been updated to prevent this problem, and PassengerWatchd can now access the httpd service as expected. * Prior to this update, the SELinux context for the /var/log/mariadb(/.*) path was not defined. As a consequence, the mariadb service running in the mysqld_t SELinux process domain was not able to access its own logging files with the aforementioned location. This update adds the missing SELinux context and thus allows mariadb service to access its logging files. * The /etc/my.cnf.d/ directory previously had only the default etc_t SELinux context defined, which was not sufficient. The undefined specific context for the /etc/my.cnf.d/*cnf configuration files has been added to the mysql SELinux policy, thus fixing this bug. * When a MariaDB plug-in was was added to the server.cnf or my.cnf files and the user was created to authenticate using Pluggable Authentication Module (PAM) in the mysqld service, the plug-in could not be loaded. To fix this bug, SELinux policy rules have been updated, and the plugin is now loaded successfully. * Prior to this update, the mongos binary and the mongos SysV init scripts did not have the SELinux context defined. This update fixes the bug by adding the respective SELinux context.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-minimum-3.7.19-260.el6_6.3.noarch.rpme89e263bb3e9e473ede70201e1e53ff8d6bd1e5675e4c5f4bfbc2fc42c03cc65selinux-policy-doc-3.7.19-260.el6_6.3.noarch.rpm449ef2af2a24254eb998bc96fb9f169c680847243dee39a87c72b42432ba1cb1selinux-policy-targeted-3.7.19-260.el6_6.3.noarch.rpma7d6be3bdcc17a72461b57def918266e540da046d19f0046052889009a595823selinux-policy-3.7.19-260.el6_6.3.noarch.rpmd1da773868d3d4fc87165be9d14c560af99bc63685636ef877f9db28d112642eselinux-policy-mls-3.7.19-260.el6_6.3.noarch.rpmc38f022e05ac52f79bf038cb4f5f61c0525120aded3651a198deaa43bf6ce2c0SLBA-2015:1085-1This update fixes the following bug: * Previously, querying memory pool file statistics in some cases caused the calling process to terminate unexpectedly. This update fixes the way the statistics are queried, and the query thus no longer crashes the calling process.Scientific Linux FermiScientific Linux Fermi 6db4-cxx-4.7.25-19.el6_6.i686.rpm2ed16208f57fdafade0518af8068953a6f90ad80d9ddec9a5b48168b49dd1471db4-4.7.25-19.el6_6.i686.rpm9bc402c81b3e95bdd7468ae55569cb7bf791467181e900c44c31d219e69caddddb4-utils-4.7.25-19.el6_6.i686.rpmc4f784fbf451b1a2bae4194ecea1efa4282f9d73e5f83ceeaa815f46bfa6871edb4-java-4.7.25-19.el6_6.i686.rpm95678a95169b4b59b601c9feeead9342d1acb5b6432a6041632eb79046aca846db4-devel-static-4.7.25-19.el6_6.i686.rpma248f5e9178c808d7879b2bb69cc962cc06d0750e9beebdd440a1f4f9637d92bdb4-tcl-4.7.25-19.el6_6.i686.rpm2a23f033a9b72331b71aa3c078d7063fd051b342e5afc9c880ce78ff17a6dc57db4-devel-4.7.25-19.el6_6.i686.rpm97be6b298f20b035b9849067552cadcc56f44551fc4c8c1eca05b5efbd74ca0fSLBA-2015:1222-1This update fixes the following bug: * Prior to this update, the drbg kernel module was not a mandatory component of the initramfs packages, which caused encrypted hard disk drives to be impossible to decrypt. This update includes drbg in initramfs, and all hard disk drives can now be decrypted as expected. Scientific Linux Fermi 6dracut-fips-aesni-004-356.el6_6.3.noarch.rpm1afa54053a3d32d05d9b0e791cf86fa5c9ca5a6c83b180c43a1fb4ec7051bb92dracut-fips-004-356.el6_6.3.noarch.rpmc56ed200e4008e28aba4effbb67b75a0eceb89d62ada5c4a8d508dac05a65e00dracut-generic-004-356.el6_6.3.noarch.rpme8caee9775a77697e73f3056f2d065c3924447637a47d4763f6589e3a3ef701bdracut-tools-004-356.el6_6.3.noarch.rpm28a430386813e7fde2d221b2d8c26b0a4d60ee87b0dce8cc77af830d5cae3564dracut-004-356.el6_6.3.noarch.rpmc4b8ae276d6be342ecea6a85c845b9a6b739d15df57107fc1742f0c6b5062280dracut-network-004-356.el6_6.3.noarch.rpm72e6a5fd78300a8cd68840577cb7c0ff9939fe2195568c263973905c178642a3dracut-kernel-004-356.el6_6.3.noarch.rpmfd435c4dffa5136abefb0764a6e505eb18c391bdef4d0c4040277063a6892270dracut-caps-004-356.el6_6.3.noarch.rpm5e9aaa8a08d10af6b312c84885e96ccf898d56a4df46b5b703ae8ac575dd73d7SLBA-2015:1256-1This update fixes the following bugs: * Previously, some cgroup controller types used in the /etc/cgconfig.conf file were not recognized. As a consequence, parsing error occurred in Augeas and an error message was returned. With this update, the Augeas module can parse files containing these controller names as expected. * Entries in the /etc/services file containing colons in the service name prevented Augeas from parsing the file. This update makes sure that the "service_name" field in the services.aug file is able to support the colon character, and the aforementioned entries can now be parsed successfully. * When entries in /etc/rsyslog.conf were configured for remote logging over Transmission Control Protocol (TCP), Augeas was unable to parse the file. The underlying source code has been fixed, and files containing this configuration are now parsed successfully. * By default, the /etc/sysconfig/iptables.save file was parsed by the wrong module, which led to a parsing failure and an error reported by Augeas. The wrong module has been substituted with a correct one, and /etc/sysconfig/iptables.save is now parsed correctly by default. * Previously, the Augeas utility did not correctly parse the "ssh" and "fence_kdump_*" parameters in the /etc/kdump.conf file. As a consequence, using Augeas to edit these parameters in kdump configuration failed. With this update, Augeas has been updated to parse "ssh" and "fence_kdump_*" as intended, and the described problem no longer occurs. * Previously, the aug_match API returned paths of files and nodes with special characters unescaped, unsuitable for use in further API calls. Consequently, specially constructed file names could cause programs built on Augeas to function incorrectly, and implementing escaping in such programs was impossible. With this update, Augeas escapes paths returned from aug_match correctly, and paths returned from aug_match can be used safely and reliably in further API calls. * Prior to this update, Augeas was unable to parse the /etc/krb5.conf configuration files containing values with curly brackets ("{}"). To Augeas lens (parser) has been fixed to handle these characters in krb5.conf setting values, and Augeas can now parse these krb5.conf files as expected. * Previously. Augeas was unable to parse the .properties (Java-style) files containing a multi-line value that begins with a blank line. Augeas lens (parser) has been fixed to accept an empty starting line, thus fixing this bug. In addition, this update adds the following enhancement: * A lens for the /etc/shadow file format has been added to Augeas to parse the shadow password file.Scientific Linux FermiScientific Linux Fermi 6augeas-libs-1.0.0-10.el6.i686.rpm689d43586b5686131839113eee4fb235c2080790c121647298679dfdf2cc9e7caugeas-devel-1.0.0-10.el6.i686.rpmd90443d900faf973001728bc7a6821b6800658064d03f40b521143f15f19c9adaugeas-1.0.0-10.el6.i686.rpm874c661c0b187b0892aa287ac0235b5d2bb5c1375f9dcf3f96aa381db08d8993SLBA-2015:1281-1The libqb packages have been upgraded to upstream version 0.17.1, which provides a number of bug fixes and enhancements over the previous version. One of the notable changes gives components consuming inter-process communication (IPC) API of libqb more control over IPC buffer sizes. The ability to utilize larger buffer sizes in a consistent way between the IPC client and server allows pacemaker to scale much further in the number of resources the cluster can manage.Scientific Linux FermiScientific Linux Fermi 6libqb-0.17.1-1.el6.i686.rpm5f8c777a1406ca991c6449cb773f86f5458c0b7e1afa231ab06ff1671e5f64e6libqb-devel-0.17.1-1.el6.i686.rpm86510d3e6c1b5a451a86b786dfd31edbe2620b7be4e04400384ba9e105997135SLBA-2015:1284-1The mod_nss packages have been upgraded to upstream version 1.0.10, which provides a number of bug fixes and enhancements over the previous version. Most notably, this update adds support for TLS version 1.2 to mod_nss. The httpd service must be restarted for this update to take effect.Scientific Linux FermitrueScientific Linux Fermi 6mod_nss-1.0.10-1.el6.i686.rpm0ec102172926532c3e831ac46436e798ffec01c01f08d66564a0245547545605SLBA-2015:1288-1This update fixes the following bug: * Previously, running the "tcpdump" command with the filter expression containing the keyword "vlan" produced unexpected output, as the filter generated by the libpcap Berkeley Packet Filter (BPF) compiler did not employ BPF extensions. To libpcap has been amended and now generates filters that use BPF extensions when appropriate. As a result, running "tcpdump" with filters containing "vlan" produces correct results.Scientific Linux FermiScientific Linux Fermi 6libpcap-1.4.0-4.20130826git2dbcaa1.el6.i686.rpm35e112acc246bab9e2defdbe91174245efe5635a654e54bf67572057772591a2libpcap-devel-1.4.0-4.20130826git2dbcaa1.el6.i686.rpm76e018efe2b2f53ef6689df49cb38e7bbfee1444cffd7bb44269f18bb3dc1a47SLBA-2015:1315-1This update fixes the following bugs: * Previously, the HASH_ALGORITHM constant was defined incorrectly. As a consequence, object identifiers (OIDs) for SHA-256, SHA-384, and SHA-512 hash functions were incorrect. With this update, the underlying source code has been modified, and the mentioned OIDs are now correct. * Prior to this update, the source code for JSS was missing a condition for validating the key strength for the RC4 software stream cipher. As a consequence, JSS did not validate the key strength properly. A patch has been applied to and JSS now performs key strength validation checks as expected. In addition, this update adds the following enhancement: * The Tomcat service has been updated to support the Transport Layer Security cryptographic protocol version 1.1 (TLSv1.1) and the Transport Layer Security cryptographic protocol version 1.2 (TLSv1.2) using JSS.Scientific Linux FermiScientific Linux Fermi 6jss-4.2.6-35.el6.i686.rpm862cb675d70a13d50f98590bfc5f9e77619b16d3ccd4f60ac23d5dcec67390b7jss-javadoc-4.2.6-35.el6.i686.rpmdd2feab2252d7fac41de588cbb2ddebea0bdda9fe648c05aebd50db373cab9bdSLBA-2015:1316-1This update fixes the following bug: * Previously, the init() function in tomcatjss looked for the clientauth attribute which was not present. As a consequence, Tomcat returned NullPointerException in init() on startup, and in addition, some properties, such as enableOSCP and properties for enabling certain SSL ciphers, were not called. A patch has been applied to fix this problem. As a result, NullPointerException no longer occurs in the described situation, and the mentioned properties are called as expected. In addition, this update adds the following enhancement: * The Tomcat service has been updated to support the Transport Layer Security cryptographic protocol version 1.1 (TLSv1.1) and the Transport Layer Security cryptographic protocol version 1.2 (TLSv1.2) using JSS.Scientific Linux FermiScientific Linux Fermi 6tomcatjss-2.1.0-4.el6.noarch.rpme0861cc40a43a1f929466f43f21389246046d3c08ab1943f17b4927b6e31e73bSLBA-2015:1324-1The python-nss packages have been upgraded to upstream version 0.16.0, which provides a number of bug fixes and enhancements over the previous version, including: * Added support for setting trust attributes on a certificate. * Added support for the SSL version range API, information on the SSL cipher suites, and information on the SSL connection.Scientific Linux FermiScientific Linux Fermi 6python-nss-0.16.0-1.el6.i686.rpmaf2390bd15136d9b2022441aa8ae39dd0bd648e454d39edd9dcc8df7fcc8aa00python-nss-doc-0.16.0-1.el6.i686.rpm4688d7f33bc34eb290dd0e44295f08f022c727df5118831fee1aad0ba9a04ca6SLBA-2015:1326-1This update fixes the following bugs: * When a suffix-mapping tree entry was created without the corresponding back-end database, the server failed to start. This bug has been fixed. * If a value of a password policy attribute was deleted, it caused a null reference and an unexpected termination of the server. These crashes no longer occur. * This update fixes a memory leak caused by a previous patch for BZ#1080185. * If a Virtual List View search fails with the timelimit or adminlimit parameters exceeded, the allocated memory of the IDL no longer leaks. * If a search for "passwordAdminDN" in a "cn=config" entry returns a non- existing value, a memory leak no longer occurs. * Rebuilding the Class of Service (CoS) cache no longer causes a memory leak. * A bug in the nested CoS, when the closest above password policy was sometimes not selected as expected, has been fixed. * When a SASL bind operation fails and Account Lockout is enabled, the Root DSE entry no longer gets incorrectly updated with passwordRetryCount. * Password restrictions and syntax checks for Directory Manager and password administrators are now properly applied so that these roles are not affected by them. * Performance degradation with searches in large groups has been fixed by introducing normalized DN cache. * Due to a known vulnerability in SSLv3, this protocol is now disabled by default. * This update adds the flow control so that unbalanced process speed between a supplier and a consumer does not cause replication to become unresponsive. * A bug to replicate an "add: userPassword" operation has been fixed. * A bug in the Windows Sync plug-in code caused AD-only member values to be accidentally removed. Now, local and remote entries are handled properly, preventing data loss. * Performing a schema reload sometimes caused a running search to fail to return results. Now, the old schema is not removed until the reload is complete. The search results are no longer corrupted. * The Berkeley DB library terminated unexpectedly when the Directory Server simultaneously opened an index file and performed a search on the "cn=monitor" subtree. The two operations are now mutually exclusive, which prevents the crash. * When simple paged results requests were sent to the Directory Server asynchronously and then abandoned immediately, the search results could leak. Also, the implementation of simple paged results was not thread- safe. This update fixes the leak and modifies the code to be thread-safe. In addition, this update adds the following enhancements: * A new memberOf plug-in configuration attribute memberOfSkipNested has been added. This attribute allows you to skip the nested group check, which improves performance of delete operations. * The Directory Server now supports TLS versions supported by the NSS library. * The logconv.pl utility has been updated to include information about the SSL/TLS versions in the access log. After installing this update, the 389 server service will be restarted automatically.Scientific Linux FermiScientific Linux Fermi 6389-ds-base-1.2.11.15-60.el6.i686.rpm66ba6669c5b142106ea983eac065327140c10ac4d0de6c6cdfac7b9534e63801389-ds-base-devel-1.2.11.15-60.el6.i686.rpmb3530e933736efb55f6ee8b0c3467518cd718523cffa96a55e5d7385ea60aed8389-ds-base-libs-1.2.11.15-60.el6.i686.rpm676855959f61308cad7d59ec2341ae1f4e00651d61e4e1d145786e43c5cac293SLBA-2015:1328-1Bugs: * Previously, the dracut utility incorrectly printed an error message if the /tmp/net.$netif.override file did not exist. With this update, dracut verifies whether /tmp/net.$netif.override exists before it attempts to read it, which prevents the described error from occurring. * Prior to this update, the dracut logrotate configuration determined that the "time" option had priority over the "size" option. Consequently, the dracut logs were rotated only yearly regardless of their size. This update removes the "time" option of the logrotate configuration, and the dracut logs now rotate when the size exceeds 1 MB. * If "ip=ibft" was specified as a kernel command-line argument, but the "ifname=<iface>:<mac>" parameter was not, dracut did not handle network interfaces correctly. As a consequence, iSCSI disks were not connected to the system, and thus the system failed to boot. With this update, dracut handles "ip=ibft" as a kernel command-line argument, even without "ifname=<iface>:<mac>", and iSCSI disks are now connected to the system successfully resulting in successful system boot. * If the /etc/crypttab file did not contain a new line as the last character, dracut failed to parse the last line of the file, and the encrypted disk could not be unlocked. This update fixes dracut to handle /etc/crypttab without a new line at the end, and the encrypted disk specified on the last line is now handled as expected, requesting a password and unlocking the disk. * If the /etc/lvm/lvm.conf file had host tags defined, the initramfs virtual file system did not insert the /etc/lvm/lvm_hostname.conf file during kernel upgrade, which previously led to a boot failure. This update adds /etc/lvm/lvm_hostname.conf along with /etc/lvm/lvm.conf, and the system now boots with host tags as intended. * Previously, dracut did not parse the kernel command line correctly for some iSCSI parameters, which led to iSCSI disks not being connected. With this update, dracut parses the kernel command-line parameters for iSCSI correctly, and iSCSI disks are now connected successfully. * Due to an internal change in the nss-softokn-freebl package, dracut could not build an initramfs file in FIPS mode. To nss-softokn-freebl delivers its own dracut module and dracut now requires nss-softokn-freebl as a dependency. As a result, dracut can build FIPS-enabled initramfs with all files. * When network parameters were specified on the kernel command line, dracut only attempted to connect to iSCSI targets provided the network could be brought up. Consequently, for misconfigured networks, iSCSI firmware settings or iSCSI offload connections were not explored. To dracut now attempts to connect to the iSCSI targets even if after a certain timeout no network connection can be brought up. As a result, iSCSI targets can be connected even for misconfigured kernel command-line network parameters. * Due to changes in FIPS requirements, a new deterministic random-byte generator (drbg) was added to the kernel for FIPS purposes. With this update, dracut loads drbg as other kernel modules in FIPS mode. Enhancements: * With this update, dracut can boot from iSCSI on a network with VLANs configured, where the VLAN settings are stored in the iBFT BIOS. * LVM thin volumes are now supported in initramfs.Scientific Linux FermiScientific Linux Fermi 6dracut-004-388.el6.noarch.rpm58061aa06807005ff940695c115d5bd86fc2c249ae2282a18a08634cc0fe63cadracut-network-004-388.el6.noarch.rpm8e46411b94068d4c8945d353b5b8a46c9f23134a77c7646d3ef4717d9be6d4d9dracut-fips-aesni-004-388.el6.noarch.rpm4616c080c7d1e02a6b8ef64b83021a17f5a67606278aee1d2c91215bd5251ef0dracut-fips-004-388.el6.noarch.rpm7c1f311fb15842d6775fef9d96ce2a3e6d26cea4c0a8d9608a997a41e51992bfdracut-kernel-004-388.el6.noarch.rpme7b4f6836575075ef4f3c24036402e7fe590c6b0cd8975be6e6cfbf65e06b878dracut-generic-004-388.el6.noarch.rpm77facae5c4edcf17e71a279659208cf19308417c689a10a45a3a77ae87300a03dracut-tools-004-388.el6.noarch.rpmec956b540e760a490c6636ea78d1611577d4166e8cdba5c35a61fad58cce9e98dracut-caps-004-388.el6.noarch.rpm466d8879b12214a7855f39b0c8fb80a29858a5d1669c5c192dcb294467186056SLBA-2015:1359-1The ImageMagick packages have been upgraded to upstream version 6.7.2.7, which provides a number of bug fixes and enhancements over the previous version. Notably, it addresses a problem with conversion of Portable Network Graphics (PNG) images that caused the size of the converted file to be much larger than that of the original file.Scientific Linux FermiScientific Linux Fermi 6inkscape-docs-0.47-10.el6.i686.rpma92ad2b601740e1fa08eadfed7c3ad50345a2d5364ba7893f0a70e0c554e5100autotrace-0.31.1-28.el6.i686.rpmabe492c51a039d4dcf45ab2bdd889f854fba35571f0bec656bee69ce2f3d3296autotrace-devel-0.31.1-28.el6.i686.rpm1b51417055a9eca0d64e3908924cf30a35b06f01c5fc273f1b9f7947a2f66df4inkscape-0.47-10.el6.i686.rpm574a823b22a7ffbe0c455203725c60a4ebfa9f2b9e02fba3345ccc2d310b5095inkscape-view-0.47-10.el6.i686.rpmbf65846eae05eccb36df9336775dcadeaf52851acfb40ff2f96b4e903c297f88SLBA-2015:1375-1This update fixes the following bugs: * When the /etc/nsswitch.conf file was modified so that the SSSD service was used for various lookups, certain services were not able to communicate with SSSD due to insufficient SELinux policy rules. With this update, the SELinux policy has been modified to allow the services to work as expected in this situation. * With this update, SELinux policy rules for the glusterd, ctdbd, samba, and nagios services have been fixed to allow the Gluster layer product to work with SELinux properly. In addition, this update adds the following enhancement: * When writing SELinux policy rules that allow random services to read or execute general files located, for example, in the /etc/ or /usr/ directories, policy writers had to add additional rules for each service. These updated selinux-policy packages introduce the new "base_ro_file_type" and "base_file_type" SELinux attributes, which policy writers can use to declare global rules against a rule per service.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-targeted-3.7.19-279.el6.noarch.rpm15fcaf071819b1785df805e879bf058987149ae4f68b4edf58a39524de7261d6selinux-policy-3.7.19-279.el6.noarch.rpmbf46f9c59069059addfa0324ffc60d4a5cdbb9e1f7a726cdc97eaed77631c9e4selinux-policy-mls-3.7.19-279.el6.noarch.rpm1a4b7768dea179da8575b447a7fe7734b498bfb78c74a680c398ddcdf984f3d1selinux-policy-minimum-3.7.19-279.el6.noarch.rpm963ee23631fa915403b144ba8a721b920f7677069294de708a080915ee0448a0selinux-policy-doc-3.7.19-279.el6.noarch.rpm9e48e943da467c55572b6178771477dfd23bbba6900e18aabffd4076ad9df8baSLBA-2015:1396-1This update fixes the following bugs: * Prior to this update, the find-requires.ksyms script provided by the redhat-rpm-config package could not locate the kernel Application Binary Interface (ABI) reference files provided by the kabi-whitelists package. As a consequence, building an RPM that contained a kernel module (*.ko) resulted in the "KERNEL ABI COMPATIBILITY WARNING" error message, and no compatibility check was performed. With this update, the kernel ABI reference files can be successfully located, and ABI compatibility of kernel object files can now be verified in the described situation. * RPM scans files during the build process for dependencies, and if a file is accidentally detected as a script by libmagic, RPM parses the first line for the "#!" string to get the interpreter. Previously, RPM could pick up random data if the "#!" string was not included at the beginning of the file. With this update, the RPM verification process is more thorough, and incorrect requirements are no longer picked up. * With this update, the redhat-rpm-config package has been added as a dependency of the rpm-build package. A new RPM virtual provide has been added to the system-rpm-config package, which allows system-rpm-config to be required by rpm-build while still being able to be replaced by a third party package.Scientific Linux FermiScientific Linux Fermi 6redhat-rpm-config-9.0.3-44.sl6.noarch.rpm3a39ae6fc2f834054114c0ef4c1bd07e65ae5f81f28dbd8eca0b24824ef72798SLBA-2015:1448-1The sssd packages have been upgraded to upstream version 1.12.4, which provides a number of bug fixes and enhancements over the previous version. * The "domains=" option for the pam_sss module * The UPN (User Principal Name) attribute to identify users and user logins * Password expiration warnings for non-password authentication * The ID views feature * Transferring the user shell attribute from an Active Directory (AD) server to an Identity Management (IdM) client * Updating cached entries out-of- band in the background * The ad_site option can be used to override the AD site discovered from DNS * A new Kerberos plug-in maps Kerberos principals to local SSSD user names * Groups for AD trusted users are displayed without logging in * The case_sensitive option accepts the "preserve" value. * The ldap_access_order option accepts the "ppolicy" value. * SSSD can use GPOs on an AD server Bug fixes: * Applications leveraging identities from SSSD could terminate unexpectedly while invalidating the memory cache using the sss_cache utility. This bug has been fixed, and using sss_cache is safe. * SSSD properly recognizes Windows 2012R2 as an AD server and applies the correct AD-specific performance optimizations. * SSSD failed to connect to servers that only allowed authenticated connections to read the rootDSE entry, such as IBM Tivoli LDAP servers. SSSD now retries an authenticated connection after a non-authenticated connection fails while reading rootDSE. As a result, SSSD works as expected with these servers. * When the simple_allow_groups and simple_allow_users options contained non-existent and existing entries, SSSD denied access to the existing users or groups. Now, SSSD logs and skips the non-existent entries and correctly handles the existing ones. * This update fixes bugs that caused SSSD to terminate unexpectedly due to memory errors or when trying to access callback data. * The sssd-ldap(5) and sssd.conf(5) man pages have been modified. * SSSD downloaded an unnecessary amount of data when obtaining information about groups from an AD provider when using POSIX attributes on the server. With this update, SSSD downloads only the information about the group object, not the contents of the group. * SSSD did not properly handle the "objectGUID" AD LDAP attribute. Now, SSSD considers "objectGUID" a binary value as expected, and the attribute is stored correctly. * If a multi-process program requested the initgroups data immediately after SSSD startup, before the SSSD cache was ready, the NSS responder could incorrectly return an empty group list. With this update, the initgroups requests from a multi-process program with an empty cache work correctly, and the described problem no longer occurs. * Setups with "subdomains_provider=none" set for AD domains did not sometimes work as expected. Now, the ldap_idmap_default_domain_sid option value is used for the SSSD main domain, thus fixing the bug. Note that ldap_idmap_default_domain_sid must be set for SSSD to function correctly in this situation. Enhancement: * SRV queries now honor the time to live (TTL) values from DNS.Scientific Linux FermiScientific Linux Fermi 6libsss_idmap-devel-1.12.4-47.el6.i686.rpm050357acb39411c2e753319f81b018a1760e6c5a87446293e607f69fff060104python-sssdconfig-1.12.4-47.el6.noarch.rpm527420455931d013a996b48a2e9b3b2de25cde89bb8d50746c9a925d422b5c63sssd-ipa-1.12.4-47.el6.i686.rpmaaba62cdd06cab44faee00a6ff54798f08df104963de0217cb0fae076062f02blibsss_nss_idmap-devel-1.12.4-47.el6.i686.rpm90ca92cb82b13c4b1a4dd78db5b91e6c5f6bf3475577159d4157e31db29223f5sssd-ad-1.12.4-47.el6.i686.rpm735cc8bc231fdb75f936598c39dcccd76a6e757724259860046ae95d4a7aa6c8sssd-client-1.12.4-47.el6.i686.rpmba10a9cb3f57ef92b655f885d7659788abe7b7fa0bb8fc7fbdad80bf6a6fb2f0libsss_idmap-1.12.4-47.el6.i686.rpmb47c270773f8ae8bc115d8e1c2b1929add3be37fa51fa23f4dff1c217a06b250libsss_nss_idmap-1.12.4-47.el6.i686.rpmbc68f18ce284c48655f8301a79cc2234d90d45c25e051219b619141a23868061libsss_nss_idmap-python-1.12.4-47.el6.i686.rpmd7e9afe311ea35ab54aaaff61640f3f8e6d7bdf7008a4856097248bcad8df5b2sssd-dbus-1.12.4-47.el6.i686.rpmf2e6ffbdd387241086dd1e67ef5588868904754627ff9eceb1e4a632d1c1c0a5sssd-krb5-common-1.12.4-47.el6.i686.rpm9021a823ecdf2a9a25fb517f432e21e05acd31e3f9283c6cb8d3b30bd44144d2libsss_simpleifp-1.12.4-47.el6.i686.rpmf28c0528eec1d4df2bd04539a95f5a1df3ab9fb3381bcbd98bc1f60ac4200511sssd-common-pac-1.12.4-47.el6.i686.rpm44c3fcaaae15651f5e9ba70166e3965f88887817a99bb0dcc2e42840b5d6a981sssd-1.12.4-47.el6.i686.rpmc2938488603c9403e0b53b8e09dee37947985b2bf0d8faa6762714fbabcef601libipa_hbac-devel-1.12.4-47.el6.i686.rpm5216d8800944c5b55f91448b6ed8d580bc98fac927c2db3f249ebf48cc2f39cdlibipa_hbac-1.12.4-47.el6.i686.rpm23d57047561ce5d4552d7c178de0fd795d057afb63b93890bde4f03542413508libipa_hbac-python-1.12.4-47.el6.i686.rpm85ad8a1d569449355c09c957332ddb4c89b311a377f6623e523de185560c8d34sssd-tools-1.12.4-47.el6.i686.rpmb506d76e0faaa7e03e595dc7fde10b2c961d00271c9612aec0b337b01b1b339esssd-proxy-1.12.4-47.el6.i686.rpm9f3a62c33188f9fd7d1893d3b9dc9261d75ed883e50937a5797a67a302470cc3sssd-krb5-1.12.4-47.el6.i686.rpmef139fc823a283153f8909f5f6c6941d174b879aa5c57cf314571eadee5bfdf9sssd-common-1.12.4-47.el6.i686.rpm93205802cb68695167f26d63ad13f4895ca514321cac7331fd656d9b90b02473sssd-ldap-1.12.4-47.el6.i686.rpme8156f369cc61618c4af8d3ae1838ddafab60d0e1945b01ea594dbbfb0d30602libsss_simpleifp-devel-1.12.4-47.el6.i686.rpm144574798abc6f8895b20db3aff0feba35867b1d099d281413e2e623f8142255SLBA-2015:1452-1This update fixes the following bugs: * The output of the %posttrans scriptlet was not correctly displayed to the user, which could lead to important errors being ignored. This update introduces a new API that collects the output from the %posttrans scriptlet. As a result, the yum utility can now access the %posttrans output, and displays it to the user. * Although the RPM Package Manager does not support packages with files larger than 4 GB, the rpm utility allowed creating source packages where individual files exceeded 4 GB. The installation of such packages then failed with a "Digest mismatch" error. Now, rpm no longer allows the creation of such packages, which in turn prevents the described installation failure. * On certain architectures, the value of the "LONGSIZE" tag was displayed incorrectly. This update ensures that on these architectures, the value of "LONGSIZE" is converted to the native byte order correctly, and that it is therefore displayed correctly. * The behavior of the file mode and directory mode parameters for the %defattr directive was changed in a prior update, which caused building packages that still expected the previous behavior to fail or to experience problems. The directive has been reverted to the previous behavior, and a warning about the potential problems with %defattr has been added to the "rpmbuild" command. * If the standard output of the rpm utility was redirected to a file and the file system was full, rpm failed without writing any error messages. Now, rpm prints an error message as a standard error output if the described scenario occurs. * The rpm utility was unable to download and install packages the remote locations of which were specified with an IPv6 address and a specific path format. Now, rpm automatically uses the "--globoff" option with IPv6 addresses, which turns off cURL globbing, and allows packages to be properly downloaded and installed in the described scenario. * If a Perl script in a package contained a string declared as a here- document that included the "use" or "require" words, or a multiline string with these words, the package in some cases had incorrect dependencies when it was created using the "rpmbuild" command. Now, the "use" and "require" strings are ignored as keywords in here-documents and multiline strings, which prevents the problem from occurring. * Previously, build scriptlets using the pipe character ("|") in some cases failed. This update properly sets the default handling of the SIGPIPE signal in build scriptlets, thus fixing the bug. In addition, this update adds the following enhancements: * The OrderWithRequires feature has been added to the RPM Package Manager, which provides the new OrderWithRequires package tag. If a package specified in OrderWithRequires is present in a package transaction, it is installed before the package with the corresponding OrderWithRequires tag is installed. However, unlike the Requires package tag, OrderWithRequires does not generate additional dependencies, so if the package specified in the tag is not present in the transaction, it is not downloaded. * The %power64 macro has been added to the rpm packages. This macro can be used to specify any or all 64-bit PowerPC architectures in RPM spec files by using the "%{power64}" string. All running applications linked against the RPM library must be restarted for this update to take effect.Scientific Linux FermitrueScientific Linux Fermi 6rpm-cron-4.8.0-47.el6.noarch.rpm71cdaf2d4c47791ab75d761110ba7d5523fabfc609757b6b031832244e0673ddrpm-build-4.8.0-47.el6.i686.rpm4bc832e93b5118a43368fb9048f2f223c320aee7403623c89ebd64b29f3e34a7rpm-libs-4.8.0-47.el6.i686.rpm979a868c981e117f2a9d7f10661ef26d1838ba608805986386d846c052e24673rpm-apidocs-4.8.0-47.el6.noarch.rpm878b981ea1a580ad46e60d0c72af8e91a67568438b4ca6f71678e08c0c742278rpm-devel-4.8.0-47.el6.i686.rpm91ad6159b2643c1269e8128800ebf3d6dc3545dea51a2c1b1e2c67c015c052f4rpm-python-4.8.0-47.el6.i686.rpm9c313231e685f42146d5c346eec04ef2452d4f6e4f6b655ee142a34a69fabcd8rpm-4.8.0-47.el6.i686.rpme5e3810851cbedacad521a85bbfaf213d4a3d7ffbf9129548aa35c092df806e1SLBA-2015:1453-1The libreport libraries provide APIs for reporting different problems in applications to different bug targets like Bugzilla, FTP, or Trac. The satyr packages provide a library that is used for creating and processing ABRT micro-reports. This update fixes the following bugs: * The abrt-addon-ccpp process logs messages using the rsyslog daemon. When rsyslog terminated unexpectedly, abrt-addon-ccpp could enter a deadlock state, because the /dev/log socket was not freed. The underlying source code has been modified to and the deadlock no longer occurs in the described situation. * The "bootloader" plug-in was renamed to "boot". However, ABRT still used the old name when generating SOS reports. As a consequence, ABRT did not include SOS report data in its crash reports. With this update, ABRT now uses the correct name and generates SOS reports as expected. * The libreport library could previously change mode of any file or mode of the dump directory because it followed symbolic links. Also, libreport could change ownership of a new dump directory. This behavior could lead to security issues. With this update, this bug has been fixed, and libreport no longer changes modes or ownership. In addition, this update adds the following enhancement: * This update introduces ABRT micro-reporting. When a crash occurs, users can now send authenticated reports about the problem called micro-reports. These reports contain non-sensitive data describing the problem and optionally host name, machine ID, and RHN account number. Micro-reports help Red Hat to track bug occurrences and to provide instant solutions to crashes. See for more information about micro-reporting.Scientific Linux FermiScientific Linux Fermi 6satyr-0.16-2.el6.i686.rpmaa7ef294161d72849ee56db2b96140572064ac965a1b65a75db0e64d5c5c9a36satyr-devel-0.16-2.el6.i686.rpmf0d2fbc89fc506d9459302c4c5917c22f4265bbaa63cfef9029a0e091344e135satyr-python-0.16-2.el6.i686.rpmc9cfef2b8d87fe0b08d79b806ada7f7a3450146965ca2f5070575211493f2189SLBA-2015:1616-1This update fixes the following bugs: * Prior to this update, SELinux unintentionally prevented Gluster from connecting to remote procedure call (RPC) services on NFS clients. This update modifies the relevant SELinux policies, and Gluster now connects to RPC services successfully. * Due to insufficient SELinux policy rules for the glusterd service, gluster monitored nodes failed with an Access Vector Cache (AVC) denial error. With this update, SELinux policy rules for glusterd have been fixed to allow the Gluster layer product to work with SELinux properly. * Attempting to set up the Gluster storage on an NFS-Ganesha cluster previously failed with an Access Vector Cache (AVC) denial error. The responsible SELinux policy has been adjusted to allow handling of volumes mounted by NFS-Ganesha, and the described failure no longer occurs. * Previously, due to an Access Vector Cache (AVC) denial error, CTDB failed to start the smb service and remained in the UNHEALTHY state. This update modifies the relevant SELinux policies, and CTDB is now able to start smb service as expected. * Previously, for the winbind and nmbd processes, improper SELinux rules were set. Consequently, when SELinux was set to enforcing mode with Windows Active Directory setup for Samba and Gluster, the domain user failed to access the Samba share. This update provides the missing SELinux policies, and the share access now proceeds successfully.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-minimum-3.7.19-279.el6_7.4.noarch.rpm3344a3387db091868b0eb2986797bd497598a49384cce7389bb1ebc821d88bbdselinux-policy-3.7.19-279.el6_7.4.noarch.rpm55b46710f27a6502c6e2f19faf3310c2ea235267c5f1c5fb368fa82199516f62selinux-policy-mls-3.7.19-279.el6_7.4.noarch.rpm1a17dfd7753e7f9ce70a7e69ab5d143353d351eb4efdf03207a9d37f0e800e9dselinux-policy-targeted-3.7.19-279.el6_7.4.noarch.rpmd05c5c759a201041f213584a54dd012f62bb4a12a7115854069581795482f90dselinux-policy-doc-3.7.19-279.el6_7.4.noarch.rpm2dbae1e0e941fb8f2b3f1735b47b4b5b5895f9082f1535de4601171970685ebbSLBA-2015:2006-1This update fixes the following bug: * Due to insufficient SELinux policy rules, the libreswan utility was not able to access the /sys/fs/ directory and requested the kernel to load a module. With this update, SELinux policy rules have been updated and libreswan, running as the ipsec_mgmt_t SELinux type, works as expected.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-minimum-3.7.19-279.el6_7.7.noarch.rpm2de35811cd86edc54ac609e900f06580452a37e18717087d0f96f26bd4fa3d4fselinux-policy-doc-3.7.19-279.el6_7.7.noarch.rpmd24cd0bf4f3d401f5846986c07d7e62d116a94ed66336e1be1ad5805c9daf64bselinux-policy-targeted-3.7.19-279.el6_7.7.noarch.rpmcfcb2a163e6fc15c2505391cda10b60cf0b3ce2f4b6f7d5b29af302a2e182151selinux-policy-mls-3.7.19-279.el6_7.7.noarch.rpmec033934fffd1c694553bcb2abbc81b3ab810a81316e47412c818c449f0ca11aselinux-policy-3.7.19-279.el6_7.7.noarch.rpmf45b1edb4a1279083a2bea8c2880268c0db6411b157ba222f49e667ca401e9dbSLBA-2015:2644-1This update fixes the following bug: * Due to insufficient SELinux policy rules, the NetworkManager-openswan plug-in was not able to access Linux IPv4 routing sockets to establish a connection. With this update, SELinux policy rules have been updated, and NetworkManager-openswan, running as the ipsec_mgmt_t SELinux type, can establish a connection as expected.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-targeted-3.7.19-279.el6_7.8.noarch.rpmd86a9affe16127871450edeff36973502bf9b5fe3815bf4e8240b48b3be1fde2selinux-policy-doc-3.7.19-279.el6_7.8.noarch.rpm5191dfa2356a55eb0e449b5a19adac5b786276c423930717666388b9691ade32selinux-policy-minimum-3.7.19-279.el6_7.8.noarch.rpm80107f8cd3d6e4123e5f60878afa39aa4e22c01578137eee879bf97dcd6b9e25selinux-policy-3.7.19-279.el6_7.8.noarch.rpm1dfe63b421a7fcc01fd6d92ec2ebcba90ca933b82276f04d64a3fbbed4a89720selinux-policy-mls-3.7.19-279.el6_7.8.noarch.rpm8d22cc81d5890d48b08d72d6f2ff6b6ca408c33e5c67af57f3ef619e05ecea6bSLBA-2016:0736-1The X.Org video driver packages provide video drivers needed for various graphics cards to work properly in the X.Org implementation of the X Window System.Scientific Linux FermiScientific Linux Fermi 6xcb-util-renderutil-devel-0.3.9-3.el6.i686.rpm81516f396dd26f5a00f38b2d8af0d6ca1ba66dcaea810b0e6e53f840864b7ab4libepoxy-devel-1.2-3.el6.i686.rpm6b93f9aa48711920a991339f8a125534638754bdb9c6c8e756c618f7fdb9959ecompat-xcb-util-0.4.0-2.2.el6.i686.rpma5eeced49d68a2fbe0448ec6690c26ebbf10491d5d8f80542d4225205b75eef1xcb-util-renderutil-0.3.9-3.el6.i686.rpm8409fcfe81bc516c440242b78a0c00ff51ad905009be079ef2781c4dfae4be20libxshmfence-1.2-1.el6.i686.rpmbd2303fe6c7aac220ef0e53cdb38d650b5dba47641994d73f8b52b5804f6ef57libxshmfence-devel-1.2-1.el6.i686.rpmadd430edd131a4b33fbb1030c9e6fe2c28aff270cc08fa060dc965f05b005dcaxcb-util-0.4.0-2.2.el6.i686.rpmb424bc106f262f26a6b95d2516d78912779153b680bc48fbf8b76dbb66e018c2xcb-util-devel-0.4.0-2.2.el6.i686.rpm643f1641b023ef21bda59f176be56d569d3be52d9eb2fea2657db83dba2a838alibepoxy-1.2-3.el6.i686.rpmb16d1dc786ac3609059f48d5009bcdf26ce4ec148e07fd8c40fbcc90ffc4bd7fSLBA-2016:0761-1The X.Org video driver packages provide video drivers needed for various graphics cards to work properly in the X.Org implementation of the X Window System.Scientific Linux FermitrueScientific Linux Fermi 6xorg-x11-drv-wacom-devel-0.32.0-1.el6.i686.rpma18e5e42644517f6a5d36e08741914ff006fd99e2fa688aa1ae2848572add178xorg-x11-drv-wacom-0.32.0-1.el6.i686.rpma5006611219d2695af420c9416e2d824e71606abd2c08978eedca1c4aa5290f5xorg-x11-drv-glint-1.2.8-11.el6.i686.rpma3197691b143c47914a576aab121c6593425759bda9463851a1cd58db11cecd2xorg-x11-drv-intel-devel-2.99.917-0.4.20151111.el6.i686.rpma671a67bc00a071bfd386f4534ad6e6c6a82c700d716f009e863f9b5adbf4edbxorg-x11-drv-void-1.4.1-1.el6.i686.rpm4eadb7d404442437ed9e5757b6fc1c800080c5b0532122e773c2fa13cd3aac4cxorg-x11-drv-qxl-0.1.1-19.el6.i686.rpm10455c0c66a3ea965b41359d50944b125a365fb6a8c716646d52468efff469c0xorg-x11-drv-neomagic-1.2.9-1.el6.i686.rpmb9a3a879998b2eb9952540db867875ca8095750cf385beaa85db8b9d7e7a00ddxorg-x11-drv-nv-2.1.20-6.el6.i686.rpm90f60780ce0d66b969b1f736a2120b4bdb13720930bbb7cc8d0d3520d6178beexorg-x11-drv-mouse-1.9.1-1.el6.i686.rpm08d8fdcd41552a18a3eb998aded5e10d103226c87b251632e923c87fb81db56cxorg-x11-drv-fbdev-0.4.3-17.el6.i686.rpma1d867703dc869113e97a5df94efc611ed22d4c66ac00801c842e6f51696203cxorg-x11-drv-synaptics-1.8.3-1.el6.i686.rpm6e2edd167bd66bdafe4a719b64bb9fc1412544cb5dead4fa26d6bb590387f748xorg-x11-drv-evdev-devel-2.9.2-1.el6.i686.rpma77234dd8f968691ab127941980a1a299660e48b7cd8d8b82ee363ad51c01c66xorg-x11-drv-sisusb-0.9.6-11.el6.i686.rpma7c1a14fe5ebbba87607cbb3a8e5fa93677ba8dc10eb55adbcbed2fd1b2a0f57xorg-x11-drv-v4l-0.2.0-37.el6.i686.rpm850ed00772901661076154e2d52a57133d1e5d74039898eae67dca543b4f27b2xorg-x11-drv-ast-1.1.5-1.el6.i686.rpmed7d714ca7487b015d0d4affb7a229e56eed7251e4d5e425c8a95ed29ba95d90xorg-x11-drv-dummy-0.3.6-16.el6.i686.rpmc50ed86c8139be329c95f6f1281662d4e05986a46c87809127db1bb569d54294xorg-x11-drv-tdfx-1.4.6-1.el6.i686.rpmf71b7b2ab5f36061c8a1c5db9435e8aa108cd8a63219192f680775450b9af51bxorg-x11-drv-vesa-2.3.4-1.el6.i686.rpm190e73d7330832c355289d98d522da3c63661c3bb79629f9c11be4b6535a42e1xorg-x11-drv-sis-0.10.8-1.el6.i686.rpmc385ef50731bfde786e519bd434bc446a3870664d3782b4a1e2e74f926e55a50xorg-x11-drv-evdev-2.9.2-1.el6.i686.rpm4f653d37431912b50f5b450492e5e17757a45573666a9474c096db5d06fbf894xorg-x11-drv-synaptics-devel-1.8.3-1.el6.i686.rpm73c1a6acdf8903f1be62798a22d6388e8a464d7c1a36b6394d1887b5ca8f7012xorg-x11-drv-mutouch-1.3.0-6.el6.i686.rpmbbb98518ce1c8e638fc298ad2097eca4dc1a32426198f4c6e61fba63f1621f2bxorg-x11-drv-voodoo-1.2.5-11.el6.i686.rpm0b016bb63607ac4b89efbf53e591893c15dca2f791354ec7c44ca94cc54f2fc9xorg-x11-drv-r128-6.10.0-1.el6.i686.rpm7f86b5263016b9690cdf0b836686eb2c48078fd4ad35642eba6162c0394ed544xorg-x11-drv-openchrome-0.3.3-7.el6.i686.rpm7dbcc8cf72511cee6d2cdaad270a8f2a7f926537c2715e0813caf662d53bf6aexorg-x11-drv-vmware-13.1.0-2.el6.i686.rpm54530f1d377d2e1abadaf4e63f10d0022224c5701f58a47072aa41e786eb7952xorg-x11-drv-savage-2.3.7-3.el6.i686.rpm43b6c66907eaacb694bad52e90001892efc9826e8f5a73e928553b8a0f38f29axorg-x11-drv-aiptek-1.4.1-6.el6.i686.rpmb9ae6527f270cea55caef6cd8a353af5ff46d7a362ce2451035257d470f1bee3xorg-x11-drv-hyperpen-1.4.1-6.el6.i686.rpm719a911db8d8b28da02ce5236bcf01d7b7e8b49871066e4606e54090041a4edfxorg-x11-drv-xgi-1.6.1-1.el6.i686.rpm4d2dd78268173f1f91f633f4c290023a30a7dc0de618a0455603e724c5440a6fxorg-x11-drv-penmount-1.5.0-6.el6.i686.rpmaef2140e2b39cd516d38246f3bcbaf14a004160779119fe7dff1453417b39748xorg-x11-drv-intel-2.99.917-0.4.20151111.el6.i686.rpm5b50ccbedd6effe4fa5f1ed8c2deae4871721092a69cb8e7cdc788817069005dxorg-x11-drv-nouveau-1.0.12-1.el6.i686.rpma9e3423dfc0796df66347bf6cfe49009ec1ef183e4d8576e19384d61c161df51xorg-x11-drv-siliconmotion-1.7.8-1.el6.i686.rpm03bcc5e35a552a1ee6bae0045534d5a43ddb665e4b74073f0dc3298094ef15c7xorg-x11-drv-i740-1.3.4-12.el6.i686.rpm89a288b1ed535dacf75df96dfdd51ce74d25ef34219975914bf2c84d543e8353xorg-x11-drv-geode-2.11.17-1.el6.i686.rpmae345c0e1f7c5c95f85a9f1cf15e24d8937e04744196d420536df04ae48b2cbdxorg-x11-drv-i128-1.3.6-11.el6.i686.rpm22238526ea3c4e4137318d640a562a5f3f77958ee5acd40fb8eba847d3164ee9xorg-x11-drv-ati-firmware-7.6.1-2.el6.noarch.rpmc205cf9a7027f299f0c38245b99d9a7d62189b4e871c1244c6a2f33ea212d3b0xorg-x11-drv-trident-1.3.6-11.el6.i686.rpmbad06a11a7799e3f2034601a6832373c791e6191dcace761419f95e2c659151fxorg-x11-drv-elographics-1.4.1-4.el6.i686.rpmca4406167320bbbdfea7d2731310ad7bc7099e4c1786e5b4e562f23fe35dc388xorg-x11-drv-mouse-devel-1.9.1-1.el6.i686.rpmb69c887867e1aa7f322855c8e39580b630cedcde75db52edaee12bc3c1582cf1xorg-x11-drv-cirrus-1.5.3-1.el6.i686.rpmb94bd1a24dbb81ffeadd071bdb8032b9a513d6c4fe42067ffadc2b58434c4bfcxorg-x11-drv-fpit-1.4.0-7.el6.i686.rpm3d20e85cb59871b851b740ccf3572ebcfa104194b47f94b05eeadd8b5bf39a1exorg-x11-drv-acecad-1.5.0-8.el6.i686.rpm483d8068353f32eefd3bab809d9dcf44b4bb89f66ded8dbe97bd67bf0f4f4554xorg-x11-drv-apm-1.2.5-11.el6.i686.rpm08537f60e123845f7471c68637185d4b264f72e056192ae1488a6a748288ad8axorg-x11-drv-s3virge-1.10.7-1.el6.i686.rpm0232b0591b2881bc57b74c6136597a405aa7e041675360ef021b59e61215b1fdxorg-x11-drv-keyboard-1.8.1-1.el6.i686.rpm61d2b5f130bda14e03db74da0edae6d096e0a607c643a5bf2fdea89707add84exorg-x11-drv-openchrome-devel-0.3.3-7.el6.i686.rpmc12cdbcd4a47084f8eecc936f5f07cbf4add766a7bb817bea46ea65264e6c0ecxorg-x11-drv-rendition-4.2.6-1.el6.i686.rpmd36c7f3bdba4d457a584462fd953d17ad8cf0f168c72340b29f023bdc3f41146xorg-x11-drv-ati-7.6.1-2.el6.i686.rpm5d7ce92ea34d1d5c4ad7ea15a7494511a8695b4de023f86cf319bbf32ed9c86dxorg-x11-drv-vmmouse-13.1.0-1.el6.i686.rpmadbe7c62d90552560697f81947dac9edd96ed869d080a9bb9fdd6792c0ba2181SLBA-2016:0811-1The libnl3 packages contain a convenience library that simplifies using the Linux kernel's Netlink sockets interface for network manipulation.Scientific Linux FermiScientific Linux Fermi 6libnl3-cli-3.2.21-8.el6.i686.rpm7a26d52442ffc746114c34525099543456633de02702d9dedd5573e8e2767c5dlibnl3-3.2.21-8.el6.i686.rpmf635c88959ef8d0aaaa62809764178398025409a2ec98264f8faa4afbe63fa90libnl3-devel-3.2.21-8.el6.i686.rpm74d44d151bae34939111c896eef2902edb8b79748fe659ec14c1fadc969f43dclibnl3-doc-3.2.21-8.el6.i686.rpm2f48d0601c21f30e55565fb04229b00f0542d31a52da0b6f6d04ff84b4e379eeSLBA-2016:0820-1Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications.Scientific Linux FermiScientific Linux Fermi 6nspr-4.11.0-1.el6.i686.rpmc8282437ee45e103a38ba6914fc2c814f2036cb35d719a98e3fdfc06a6dcab06nspr-devel-4.11.0-1.el6.i686.rpmf976e3d1fddc45108777a0ed3addc27da81dacb73d83386ea796999664f461f1SLBA-2016:0832-1The libgovirt packages contain a library that allows applications to use the oVirt Representational State Transfer (REST) API to list virtual machines (VMs) managed by an oVirt instance. The library is also used to get the connection parameters needed to establish a connection to the VMs using Simple Protocol For Computing Environments (SPICE) or Virtual Network Computing (VNC). The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for Simple Protocol for Independent Computing Environments (SPICE) clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. The usbredir packages provide a network protocol for sending USB device traffic over a network connection and a number of libraries to help implement support for this protocol. The virt-viewer packages provide Virtual Machine Viewer, which is a lightweight interface for interacting with the graphical display of a virtualized guest.Scientific Linux FermiScientific Linux Fermi 6usbredir-devel-0.5.1-3.el6.i686.rpmb8f720a29aa858851bb3e935d80ab9df19554e70a3af19bb26a87fc9ffaa93bausbredir-server-0.5.1-3.el6.i686.rpm42a9467461ae4f3d924f3ecf469651c68bb45f9a1a813f0fd939a385c708a62cusbredir-0.5.1-3.el6.i686.rpm2b638ae1698b71984ced858f580130900d401612c3ef03b97ce615d641c473b0SLBA-2016:0960-1The device-mapper-persistent-data packages provide device-mapper thin provisioning utilities.Scientific Linux FermiScientific Linux Fermi 6device-mapper-persistent-data-0.6.2-0.1.rc7.el6.i686.rpmae1e352b36fb1ce1f522cbf28ade65665861394068fd0745075ae7bffe7db95cSLBA-2016:0995-1This update fixes the following bug: * A previous regression in dracut caused systems with iSCSI offloading or iSCSI Boot Firmware Table (iBFT) to stop booting in some cases. Consequently, freshly installed Scientific Linux 6.8 systems with "iscsi_firmware" on the kernel command line could be unable to boot. This update fixes the bug, and systems in the described scenario are able to boot.Scientific Linux FermiScientific Linux Fermi 6dracut-kernel-004-409.el6_8.2.noarch.rpm17642998741daee2d9092d04400c27d97877a6a44df6502edbe97f21a76836a4dracut-tools-004-409.el6_8.2.noarch.rpm013a84a8fcfa3cc0e14eea50929788adfeaf218409e5b0d962480af8e36a895bdracut-fips-aesni-004-409.el6_8.2.noarch.rpm7e9f6bf09d401fe1120a23cd6e5ec1278761dc942a9f4add2f03c0ccd6a95deedracut-generic-004-409.el6_8.2.noarch.rpm41f165ab4da51641d88966489c7708879c496ca78180d90ec1f160f378976423dracut-network-004-409.el6_8.2.noarch.rpm0cd1fb15b22fd47d2c990b1dc95a7f855ff48c09937f1e80bd68dce010bfb6e9dracut-fips-004-409.el6_8.2.noarch.rpm3efbb0877197e7eae1e59764d2d892198af29edb030bf3cfd58a925d0b32535adracut-caps-004-409.el6_8.2.noarch.rpm11a7c1c68f94c27b5bcd72bc378984f30f459ef92caf03b4b87bbb24d30c6591dracut-004-409.el6_8.2.noarch.rpm755b97ea8f38cbb6f4a76b85eac4a2b5c117de343e15bc7270a2e28e17a14b03SLBA-2016:1266-1This update fixes the following bugs: * In 2015, Egypt did not observe Daylight Savings Time (DST). However, in 2016, Egypt observes DST from July 7 at 24:00 to October 27 at 24:00. As a consequence of this change, the tzdata package had incorrect data regarding DST in Egypt in 2016. This has been fixed, and tzdata now has the correct data.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2016e-1.el6.noarch.rpme1a4af31a55615a2cecd4cfeecaf097374c0d5126930ca32cf81efaad4c3fe52tzdata-2016e-1.el6.noarch.rpm42427f93789cbf7a712c2b2842f7dde1645f624692e2fb9005af7381c487a2dfSLBA-2016:2096-1This update fixes the following bug: * This update fixes the daylight saving time (DST) date for Palestine. The correct date and time is October 29, 2016 at 01:00.Scientific Linux FermiScientific Linux Fermi 6tzdata-2016h-1.el6.noarch.rpm1bc56b0f7e90fbb151f43b8bb2b9c2fd0c7deb65bd51677c9dd4c871c197313etzdata-java-2016h-1.el6.noarch.rpm73c6299e358cfd72cf152a348f74e0ab88b3015b4c98f8582e62b998a349941dSLBA-2016:2660-1The tzdata packages have been updated as follows: * A new time zone Asia/Famagusta has been created, which is a UTC+03 year round time zone. As of 2016-10-30, Cyprus split into two time zones. Northern Cyprus is now in the Asia/Famagusta time zone. * The Pacific/Tongatapu time zone will reintroduce Daylight Saving Time (DST) on 2016-11-06. * The Antarctica/Casey time zone has changed from UTC+08 to UTC+11 on 2016-10-22.Scientific Linux FermiScientific Linux Fermi 6tzdata-2016i-1.el6.noarch.rpm51021abb88fb7552df1aab8739fda3e647e061ba41105586ecbe3d2c54f00fb1tzdata-java-2016i-1.el6.noarch.rpm2f08cb4c79bd12bb6a620f876c3f7a85bf63acb38600d963445dd700d51e5f3bSLBA-2017:0306-1This update fixes the following bug: * A missing SELinux rule was previously causing errors when adding a webhook using the gluster-eventsapi command. The rule to allow "glusterd_t" domain binds on glusterd UDP port has been added, and adding a webhook using gluster- eventsapi now works properly.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-mls-3.7.19-292.el6_8.3.noarch.rpm612d47d59c1414ad2dab622512531fc48e444dbe9b89c3bbaaef17d2eb13f5d7selinux-policy-3.7.19-292.el6_8.3.noarch.rpm178817e226d6baee9e2bd8dc6e9849cd45584de2f4f769df15d65f5036d1b8aeselinux-policy-targeted-3.7.19-292.el6_8.3.noarch.rpm090b200629aa18495f20ad5c09c87f49406de35f299b8526622f75b24c509950selinux-policy-doc-3.7.19-292.el6_8.3.noarch.rpm29bed18b6b655579a0bc075ad893aade17383368c279c0e5e92435d8fcc71a72selinux-policy-minimum-3.7.19-292.el6_8.3.noarch.rpme4caba6c9f79680f567b42fc7966dd63b8a764d32c9338df69d3af089d859fe8SLBA-2017:0472-1The tzdata packages have been updated as follows: * Mongolia no longer observes DST. * The Magallanes Region of Chile has moved from a UTC-04/-03 scheme to UTC-03 all year. Starting 2017-05-13 at 23:00, the clocks for the Magallanes Region will differ from America/Santiago. To accommodate for this change, the new America/Punta_Arenas zone has been created. * The zone1970.tab file has been added to the list of files to be installed with the tzdata packages installation.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2017a-1.el6.noarch.rpm4e39b931c86e93566fdc97b5ce2e2e7c5b6ff388496f9aae52700decf5ea553etzdata-2017a-1.el6.noarch.rpm037c2782146fb0c464bac96539845bbbeb830ec1963d607cafdb822c5d5f73d0SLBA-2017:0627-1Scientific Linux FermiScientific Linux Fermi 6selinux-policy-doc-3.7.19-307.el6.noarch.rpme6e6a8aae1b5ebd860ba507ed772c8a4f3dfbab02de689ad2403fc332e2ffbeeselinux-policy-targeted-3.7.19-307.el6.noarch.rpm25bbb3278f4b0c6135dfce27cbe743f284e113c8630656a837c2f23cba4335a2selinux-policy-3.7.19-307.el6.noarch.rpm29c83cb6cddf1f8e710306aaea2c8cad138959cfd9833ae5fb7e9a6d2709374dselinux-policy-mls-3.7.19-307.el6.noarch.rpm398b732bd2bdc10ddf3edff04b24e8b453af1d8468e2671933b4343d70065032selinux-policy-minimum-3.7.19-307.el6.noarch.rpm0d73d4de3058dc63bd1b9d95c04d88601da4348e981355d87a562fe8053e49b3SLBA-2017:0696-1Scientific Linux FermiScientific Linux Fermi 6yum-plugin-list-data-1.1.30-40.el6.noarch.rpm3dfe726b496c9708e3343cf27f634238b16a9bbbf99d1a7da11390c24a3022c5yum-plugin-filter-data-1.1.30-40.el6.noarch.rpm812eaeb03a9491ea38484649f94fa57c5d3ee5becd6fdb3174339f562622a22eyum-plugin-ovl-1.1.30-40.el6.noarch.rpm5906127a1c9834bc244fe9fa27441ea6669c4cd2a4b43fd8703f0776cebd5ccayum-plugin-fs-snapshot-1.1.30-40.el6.noarch.rpme2d32bfed08416c85737a4ca63f927bd1efb2ec098312358a3c15dfa838c9798yum-plugin-changelog-1.1.30-40.el6.noarch.rpmea0ccae84995abb5a8c493fcfbc903356d745d2955721e46f04c359f3eecec6byum-plugin-remove-with-leaves-1.1.30-40.el6.noarch.rpmbf7035a0917efbfa6ff19052c92b25102fb5bdad56208fa4c59936a0c14c96b7yum-NetworkManager-dispatcher-1.1.30-40.el6.noarch.rpm2901e3552256f245091d2f14bd1c7b1a074834fa049824cc5ba73a1cea3a1074yum-plugin-tsflags-1.1.30-40.el6.noarch.rpm90f155f4730e9d0d7f39229fd7d1323ccbc67b69b4a5d4dafec949fb26b7fbcayum-plugin-protectbase-1.1.30-40.el6.noarch.rpm1257e21a8695cb60ceceaebc398b7b1fe43e6cc7ab13d55e713b9026d13b34dbyum-plugin-local-1.1.30-40.el6.noarch.rpmb50610b99ff61f8a61a2f67f3b0dd3aa75520acb12a5f173676ae00f44663eefyum-plugin-security-1.1.30-40.el6.noarch.rpm7c21edc2fd60d5ede4bb736747ecd2cc11aff43db83bf952e9ee5e58c41a4543yum-updateonboot-1.1.30-40.el6.noarch.rpmce06c2224c44ec217aacdcd501d5135d6352a8320cc5310e2bbc30e9f297236byum-plugin-rpm-warm-cache-1.1.30-40.el6.noarch.rpme5876ceb9d4c492b3b06ac9a95e69735fd6a0d4911425706ec465730e8c60b5dyum-plugin-tmprepo-1.1.30-40.el6.noarch.rpmc79f1c61c480f12d8263c6181e86ec1b093f32b0846d65e3009896ef89e996d6yum-plugin-versionlock-1.1.30-40.el6.noarch.rpmbf5271c0fecf727e2596e67f8baa40db7eaef57e52d80a25704c6c1108472457yum-plugin-upgrade-helper-1.1.30-40.el6.noarch.rpmd854e40894470026231e7a9b9735e7893b0a7350fe94a5e5b3c4a8dd5a2c38b1yum-plugin-priorities-1.1.30-40.el6.noarch.rpm9945db5a7a156612aa1bd5045d1a5f81ca788fe642a30ef0ad9c5a147662b2a6yum-plugin-show-leaves-1.1.30-40.el6.noarch.rpm13d55d17c68373a1876a87c09d90f168ccbcda6e13ac05a3412527ec4083c601yum-plugin-auto-update-debug-info-1.1.30-40.el6.noarch.rpm36277616bd554cd3fdbc5ba2875380e5c021c995a172ca25398073cae67b9c04yum-plugin-verify-1.1.30-40.el6.noarch.rpmaea09613189f98d4807ac75c3afdbc7547ea783b444d1ded8385200020c246c5yum-plugin-fastestmirror-1.1.30-40.el6.noarch.rpm7e8632abde998147ced6ce6adad0980c61845027bd9e895c8c26883eb5180c4ayum-plugin-merge-conf-1.1.30-40.el6.noarch.rpm2a7a8b8bd4300d269d7f3ddf708bc5f1bf1ed107f8bf2c554fd13756f6003960yum-plugin-keys-1.1.30-40.el6.noarch.rpmba270aed752c12e9e6fc9590e2a020906f5d5ffe59279ffac8bc83fe0e868a38yum-utils-1.1.30-40.el6.noarch.rpmf72ab989deed3d75d479b11b37ba658964df14ddd1db78e682707a447916c558yum-plugin-ps-1.1.30-40.el6.noarch.rpmfc4c6fc7cc3761cc1496e64079ee670444b9357b11c89afeb3aa34a2ce7f8fb4yum-plugin-post-transaction-actions-1.1.30-40.el6.noarch.rpm64169819e4dd38e1243e52d7b9993d5bd8cc9e1b3fa04c5eac396259b381af3cyum-plugin-aliases-1.1.30-40.el6.noarch.rpmb4b9e99616afbfbc23ab310d1c30fb418849d957206b94e7e0565e729890fe51SLBA-2017:0697-1Scientific Linux FermiScientific Linux Fermi 6device-mapper-multipath-0.4.9-100.el6.i686.rpm55f17bfde902f807444acebe9ed144a789dda45e8a4ed9889d3a73ce2793e36bdevice-mapper-multipath-libs-0.4.9-100.el6.i686.rpm9f90a63fd7d8f13ac275293abd44a12ff9323e1761d9f59b53d4d37c1111e319kpartx-0.4.9-100.el6.i686.rpma82361b63700c4afe0ae5df7ede3154d2821226705c28eb0d3edda6dc6cda9ddSLBA-2017:0700-1Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-mga-1.6.3-11.el6.i686.rpm87a90efe01c1fd23e9be2df2b46c95701667d60d2daf1f1818c79918434acd4fSLBA-2017:0702-1Scientific Linux FermiScientific Linux Fermi 6yum-cron-3.2.29-81.el6.noarch.rpmaf29d4249148b45a35581e4dc12835848cc10821ad6b4fd62b6bec6a376ba290yum-3.2.29-81.el6.noarch.rpmbeb8bb3f68320f47172369b4711c479aaba35a4bb257b30b3d3a3d4ef7a17883SLBA-2017:0713-1Scientific Linux FermiScientific Linux Fermi 6python-requests-2.6.0-4.el6.noarch.rpm76b4f822c128b5254bd72cd5233cfe4009682597064836c728ae81a4c35199fbSLBA-2017:0729-1Scientific Linux FermiScientific Linux Fermi 6xorg-x11-server-Xvfb-1.17.4-16.sl6.i686.rpm17d2a83f14ce2573ee23388b6e5af38d2498ba348db55633d06d75252ce52192xorg-x11-server-Xephyr-1.17.4-16.sl6.i686.rpma850f0c651c98e3f63a9b81b16ccb086286f91c4029010fe59bccc1c88cc6757xorg-x11-server-Xnest-1.17.4-16.sl6.i686.rpmb76b0fd58138424d19bffc35a59bf25e5b094a4820ae5163fc92858ba67acf89xorg-x11-server-Xorg-1.17.4-16.sl6.i686.rpm81a0047cf6873f3d838bc4cc550c841780c4e7c431ea3230658c66cbd5b8ab7axorg-x11-server-devel-1.17.4-16.sl6.i686.rpm762920a817e8ad177aa60b188ef689285f2fd8770385214b6de5f0b9e002ae30xorg-x11-server-source-1.17.4-16.sl6.noarch.rpm8f9c3f754b88bd417364a0726fb9af996043d94a396977caa66f9b370f183805xorg-x11-server-Xdmx-1.17.4-16.sl6.i686.rpm515571a2d150c7d57e31654f3ffd57e24ae92aea5cf96e5f165ea7a050a13d22xorg-x11-server-common-1.17.4-16.sl6.i686.rpm6043497d0c95375cf06f1e9642920733cb3b0f0738e47c6b54a0d220e1652a35SLBA-2017:0730-1Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-mach64-6.9.5-1.el6.i686.rpm740da831effde07e8e0f449419f33bdbd4301d7a0ba52d7fcb8c92c0d656d0c0SLBA-2017:0748-1Scientific Linux FermiScientific Linux Fermi 6virt-what-1.11-1.3.el6.i686.rpmdb7bb356f785af7a774035a89ec720c8209642a26b53e3e6a71e92c3ad8e0361SLBA-2017:0757-1Scientific Linux FermiScientific Linux Fermi 6systemtap-sdt-devel-2.9-7.el6.i686.rpmbc726c5936be4bf267d3de5b2ef431a2a059e0a5b6c8b922f9f250b599df0190systemtap-initscript-2.9-7.el6.i686.rpm8463bdee663dc63bc4914eab90b0d2918e075fda08dce7bb040199bd17d85123systemtap-server-2.9-7.el6.i686.rpm786dda639358f775fd841884bd7631f5d9ee146a67ad3b03a23533e83d6f9f30systemtap-devel-2.9-7.el6.i686.rpm61f2feaf01c016c52aade6249ee053a4b1bd6f3704c4f33236d643fd3208bbb6systemtap-runtime-2.9-7.el6.i686.rpm858d0b7eafbcdd648f7942c6f8b83c1775aa2d2e78b1843c864d5a9316794c5asystemtap-2.9-7.el6.i686.rpm67a5adf359ec4c7df3479ab862ef6dd6d9076da4530ccf8c232389af50ac71ffsystemtap-runtime-virtguest-2.9-7.el6.i686.rpme616a86028e92759cc473262ab1ebf5e1fe9990f0d5d6aa655f0640bd4f29a6csystemtap-client-2.9-7.el6.i686.rpm15c1f00725f7ecb4b41f9fcf2ee5740e0a36561695be5fcfdd19dfad816ebcbesystemtap-testsuite-2.9-7.el6.i686.rpm482c390ae0f41bfe49009636df72c7e50729ed4daf6330c1edb117d8223b7998SLBA-2017:0775-1Scientific Linux FermiScientific Linux Fermi 6plymouth-theme-rings-0.8.3-29.sl6.noarch.rpm6fe03e8fae79c27fdeecbee33b27f1a43cbb0ce8338af72b547ead44dba128f7plymouth-plugin-label-0.8.3-29.sl6.i686.rpm5d00caed2272a54e913df175ce6aa8bb5c35a52c866e0155eec1de71e0cc9046plymouth-theme-fade-in-0.8.3-29.sl6.noarch.rpm860754d239945c9f7c6897c1ce09314566bcc9040701b83f0979ec60ba8a1d82plymouth-system-theme-0.8.3-29.sl6.noarch.rpmf3cd59bd54664b36ec92a0217d26623c7ccd842993f001c8e69daa7bdbb2978dplymouth-theme-solar-0.8.3-29.sl6.noarch.rpmd854e20abe915ba44bce1408187090a2f60199d1ef5cf1237df9d82ee9249018plymouth-core-libs-0.8.3-29.sl6.i686.rpme3e2034b2d00342bdfc8aa78f8770ad55b704622a6e31363af5d728b5840159fplymouth-theme-spinfinity-0.8.3-29.sl6.noarch.rpm93b4dc724ee71e888203e3118f0deab45f2d822cb745db30bac22122ad8df87cplymouth-plugin-throbgress-0.8.3-29.sl6.i686.rpm921467a68761cbe27246a4f183b6d5f04f6a64867cee8e7be693b43820a7a838plymouth-scripts-0.8.3-29.sl6.i686.rpm582eb86fd0e25f132b9fa265ea3159480688a809d194452918500297702db2d9plymouth-plugin-space-flares-0.8.3-29.sl6.i686.rpm4835a878d5f6723705bcdbbce89050db7ece60a6c9312e668a5f05e3fc29f666plymouth-plugin-two-step-0.8.3-29.sl6.i686.rpm19effde76a37a10b193a01d05c9e3fb55961a7758cf9eca2fbfc624f185073d1plymouth-devel-0.8.3-29.sl6.i686.rpm798450604f7698a9869abf2869b29b47dc91d24e50f29b61767e22bc8bb4b422plymouth-plugin-script-0.8.3-29.sl6.i686.rpm355da5e0781e1d596556888654bdc951b08039ef3a460011b2cf1a51a4cfcf9bplymouth-gdm-hooks-0.8.3-29.sl6.i686.rpmf31793aea50cbaf585cc20b4ff857e8fa8e03ce8369d3432cb6190bba2a13d9fplymouth-theme-script-0.8.3-29.sl6.noarch.rpm238129117581837b4047e6fae9ffc34741ca0145db8526735830f64fcf3a2b61plymouth-utils-0.8.3-29.sl6.i686.rpmba5a19c6cfb895cc0f333ad4be1854e781860ea81c07e2a7db8b504a93248198plymouth-plugin-fade-throbber-0.8.3-29.sl6.i686.rpm1d3a63a4fbe9aa3faf1ad42c399d9fb088ecc526ba04aa4aec85422de554c942plymouth-graphics-libs-0.8.3-29.sl6.i686.rpm3d9f961321fb1e06414f2463327a4eca0b3e7637498d437e33c50e971cf3b7c7plymouth-0.8.3-29.sl6.i686.rpmfce702daf30d38804638314f619d8434a83e9611766106889e5d7036e8025df2SLBA-2017:0798-1Scientific Linux FermiScientific Linux Fermi 6lvm2-devel-2.02.143-12.el6.i686.rpm1721bdbb6cd733281fab1fe13cbe67846a4db3f3cb0d63ba7ee3efbecd42be38device-mapper-libs-1.02.117-12.el6.i686.rpm93b57aa74d31392916a07f908a1b2577fffcb5eb40116f5e438a82ce6b016f7fdevice-mapper-event-libs-1.02.117-12.el6.i686.rpm730968f38c4325f1cc2d22969275a6033d268dd841155b002c043ba0fa09b3dbdevice-mapper-event-devel-1.02.117-12.el6.i686.rpm0f41bddfc35c496fdca97189598195ee38300315211371d4c8ee806c64bec32bdevice-mapper-event-1.02.117-12.el6.i686.rpmb972734bf2900834338f2067118364ac9749f65760e44ca95f2fdb25425758a1device-mapper-devel-1.02.117-12.el6.i686.rpmbeefab6ad730d20a7bda0dff837db7d3d1f0a0d4de811f737a85390cbfc26db8lvm2-libs-2.02.143-12.el6.i686.rpm78d40aeee2b883fb970bd23854a5b365d0ad5c50cf8cd648860c09eef4acf597device-mapper-1.02.117-12.el6.i686.rpmedbdc112e4f9fbb2cde79644894189697ca064375e319e7ae0e710f5cf203dd4cmirror-2.02.143-12.el6.i686.rpmcd480f3a3c4dc6c451ebd32f347fcc7d98337cb1ddddb524cc1b5e595f5cc892lvm2-2.02.143-12.el6.i686.rpm43327275451f1693339275dabb815ccbff279f0d2da17350fc1072f1db7cc0c9lvm2-cluster-2.02.143-12.el6.i686.rpm95c811c56605cf68ef4d3b18f0a826d037f43e93d730628150aff4066f919101SLBA-2017:0807-1The libpciaccess library provides portable PCI access routines across multiple operating systems. The Direct Rendering Manager runtime library (libdrm) provides a user- space interface library for direct rendering clients. The xorg-x11-font-utils package provides X.Org X11 font utilities required for font installation, conversion and generation. The xorg-x11-util-macros package provides X.Org X11 autotools macros required for building various packages that comprise the X Window System. The xorg-x11-proto-devel package provides X.Org X11 protocol headers.Scientific Linux FermiScientific Linux Fermi 6libXrandr-devel-1.5.1-1.el6.i686.rpme1540e0fa118695364b4cc74097de8682f0064e7b15dacafc055a6ffb3e4d008xorg-x11-proto-devel-7.7-14.el6.noarch.rpmf4982fcdc51011d964f5e6154fc7c6bf9ca6eb1a901c52b2f34d37bc4fa5c357libxcb-1.12-4.el6.i686.rpm0e27055dc89be4776c9b28440fd8812b24a0398c06142eeee3462c3d7e52b71elibXtst-devel-1.2.3-1.el6.i686.rpm5645f74f95374ab11e0097ff505f05014f56d22cba41105730370f0995e58442libX11-devel-1.6.4-3.el6.i686.rpmda0cc100ca39054fcb327e7575c400d1f90c059ef61e577e78e83df429ede433libX11-1.6.4-3.el6.i686.rpm7323a0f1a8a3b6c32d9adb3517cdddc916e3ef6e1f3e9bc3f8fe5b01d83e4b77libXv-devel-1.0.11-1.el6.i686.rpme95fbfa14fb734fbf440582a4a07c1c6de0cd1621dec8b285edc1af8e8219617libXfixes-devel-5.0.3-1.el6.i686.rpm077f398bfd8f98348243518d5a2f2582272089a2fe8faf3440a40038997a4833libxcb-doc-1.12-4.el6.noarch.rpmd4f228f0ecf8c6cc63ffe0a95ab390c5892b1eb3bdfb321ca9bb7c5c60f651adxcb-proto-1.12-1.el6.noarch.rpm1dcfc4ec6f180a230736873837f5fa11f4dc91715264cba26f1813253dd496aalibXv-1.0.11-1.el6.i686.rpm4e241d4d9f3d3583c88155cf27a2e3c4b8bb0be3b99d5c38e8c0f92fc4385b26libX11-common-1.6.4-3.el6.noarch.rpme150e172456ecdfa04b94d1b51e87bf9734f157aba000ba3aea0b07265faf1b6libXi-devel-1.7.8-1.el6.i686.rpm4662323d61500018ec5d818f0e06ddbb667fcfec6bdbc7df3b16ae63674ae5f3libXvMC-1.0.10-1.el6.i686.rpm90449fb358b2dfa50d7385ea0e9b4e8cfc0246500034ac4f10b44e9ac8cd6b93libXfixes-5.0.3-1.el6.i686.rpm1dfddfac566a877e0216d0c141b413cf05d4b27ed772e5d06e9dbf53bb2f1006libxcb-devel-1.12-4.el6.i686.rpm8ffd90bf1e11a21ac34b9a9bd426f7e2b2deca946dfd375ab0fc2a4d79fae8e6libXvMC-devel-1.0.10-1.el6.i686.rpm8d0fe522b9e0b1bd527d4bdeed7ec48210d1d7a49942b8ef3579171c0f8a2ce9libXrandr-1.5.1-1.el6.i686.rpmc13506bb3318f1e900ec69804f86cbfb543c061347dc092e2824540a91e44863libXtst-1.2.3-1.el6.i686.rpm71d5d8f07dbd1d8f9708c6bf5841c746255c898be9f54d303c40e6caa724e2d5libXrender-devel-0.9.10-1.el6.i686.rpm27c9f398a6550afdfffaf221977485bdcb7fecde5fd6122a44c080c83035db12libxcb-python-1.12-4.el6.i686.rpmc2157181fced0b43c7c18f0fabfb8268cc377b5b4683dfb49d0f1e831db070falibXi-1.7.8-1.el6.i686.rpm19b2eb4d9eff88f1eac56bafbdbb8be9fb9db25adccd72b2171a88feeee11650libXrender-0.9.10-1.el6.i686.rpm97162c4b07565ec4e168f868c1cccd813239b4d0fe5f0574eb2722070a499ebdSLBA-2017:0812-1Scientific Linux FermiScientific Linux Fermi 6python-prettytable-0.7.2-11.el6.noarch.rpmb0f94eab5125347f1765762bd9f4c10129cb6745968d4ff2bbc51162b2def377SLBA-2017:0839-1This update adds the following enhancement: * Haiti began daylight saving time (DST) on March 12, 2017.Scientific Linux FermiScientific Linux Fermi 6tzdata-2017b-1.el6.noarch.rpmcce8e6fb65711f66a670c1045de4110a65bfc0f3d4b85442afe6bac36dedac8ctzdata-java-2017b-1.el6.noarch.rpmfcabb622dd0627a7a9e21b60a0071e1dfc013e636757ff0520bb8f2a245bd980SLBA-2017:1434-1* An updated version of libntirpc (1.4.3-4) that contains changes to the transport independent RPC (TI-RPC) library for NFS-Ganesha is included in this package. Since NFS-Ganesha consumes those functions, it is now recompiled against libntirpc-1.4.3.4.Scientific Linux FermiScientific Linux Fermi 6libntirpc-devel-1.4.3-4.el6.i686.rpm6db84c38548e80079fcbc259fb45bd999980f5d82cddf3aea8bda63ccace1ce5libntirpc-1.4.3-4.el6.i686.rpmd1d62919e0d32969404a6212e688bdcfe9f9063d722b99af9dab7673fa0ca818SLBA-2017:1435-1This update fixes the following bug: * Prior to this update, the rpcbind utility terminated unexpectedly on start. A patch has been applied, and rpcbind now starts as expected.Scientific Linux FermiScientific Linux Fermi 6rpcbind-0.2.0-13.el6_9.1.i686.rpm070d683de09ff14e54b39a9bf7e3c3ec960e86ef4fdc4535c6531d2ef69f9a18SLBA-2018:0176-1Scientific Linux FermiScientific Linux Fermi 6selinux-policy-targeted-3.7.19-307.el6_9.3.noarch.rpm95423e3b58cc925b5a358890bedd91f31454e27b968fabca5fd8f091373254e2selinux-policy-doc-3.7.19-307.el6_9.3.noarch.rpmba63efd959353ba6c550f8dd623aee421da76cd9b93e18df71bca5760d199e12selinux-policy-3.7.19-307.el6_9.3.noarch.rpmcdbf6e7669e5d5f1a21068eb68125c559ff0b471ba26d51256027df7950db09bselinux-policy-minimum-3.7.19-307.el6_9.3.noarch.rpm0a01da2f03e640243879ffe83610ca1da8bb70bda284221db154eb9de7754c1bselinux-policy-mls-3.7.19-307.el6_9.3.noarch.rpm91ad7b260c80b7cef0ba31e3922f18eb53e022b02fa8bbdaa6c5a8ff1f0e3948SLBA-2018:0597-1* The Antarctica/Casey time zone has been changed from UTC+11 to UTC+8.Scientific Linux FermiScientific Linux Fermi 6tzdata-2018d-1.el6.noarch.rpmb0311e8b6f5dc1b3944f1de7961e85bd237abc109eebda3fa51c40dc8e33d4d7tzdata-java-2018d-1.el6.noarch.rpm155eef77fc54cb05c666c1b5a742488d2aab7adbe2c7d486c4d61e8f5d6ca01bSLBA-2018:1339-1* In this update, the upstream project now defaults to using the "vanguard" data implementation which includes negative DST offsets. However, we are continuing to provide the "rearguard" format for data which does not use negative DST offsets to provide better compatibility with existing tools. We intend to transition to the "vanguard" data implementation in the future.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2018e-3.el6.noarch.rpm40fb5cb634cedda909a94696ce1f83da58b67dafc599b8ec342db293b9871368tzdata-2018e-3.el6.noarch.rpmf7e03d38a6de62a054de45a2db10340f06a9a4e30d9d1c80314fbe6cfc0bb050SLBA-2018:1857-1Scientific Linux FermiScientific Linux Fermi 6copy-jdk-configs-3.3-9.el6.noarch.rpm3265471cef84f21333bce8cf101268b52cc7f6fa5fdc136ecbf9de61dd9d02e9SLBA-2018:1923-1Scientific Linux FermiScientific Linux Fermi 6clufter-common-0.77.1-1.el6.noarch.rpm389e5b2cce8fb7ab6ba9b39c28b18bd0644221daf28822e7d7e088644eb22558clufter-lib-pcs-0.77.1-1.el6.noarch.rpm4a497cae3fab4d2d531668a02d125f74c4e1a983b45980bc46308606deda709cpython-clufter-0.77.1-1.el6.noarch.rpm3fcabeebdbf603bb3eafcba40097095d9d7a5ea062e4835ff5bd2b6255724ce3clufter-lib-general-0.77.1-1.el6.noarch.rpm5857472ac34d33a8e087f4da84d34ed4d4d2607a59075bb0df81446e66511cf3clufter-bin-0.77.1-1.el6.i686.rpm57dd1475f806f7b11431cbf0e935a3da83bc603193abe66917636ee6e9ab251bclufter-cli-0.77.1-1.el6.noarch.rpm2250b16cc8a423dd2304b30d5fa3c8deac5917ed6557626bc5506af9880f31adclufter-lib-ccs-0.77.1-1.el6.noarch.rpme633dbc982b69031eab0027926cf39eea7e53abb357441b0f881625fa0529399SLBA-2018:3013-1* The Pacific/Fiji time zone will end Daylight Saving Time (DST) on January 13, 2019 rather than January 20, 2019. * Most regions in Chile will end Daylight Saving Time (DST) on the first Sunday in April, 2019.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2018f-1.el6.noarch.rpm92b0d5fce4699b908a80d999f188607d82d1e284ec4e219ca1a1e840b31d4c00tzdata-2018f-1.el6.noarch.rpmf0da448a10ba632c51d202b7889cd86ee06d2fe891e30282e2b31d44c2b4fd7aSLBA-2018:3454-1Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2018g-1.el6.noarch.rpm2fb8cb6851408affdaafa8881f9fdb109c22d10226edaa8bdae769523c025baetzdata-2018g-1.el6.noarch.rpmdd6914d95ecc991db1d1a76a6d8c6d831e1c6ca386ccc5189abe9e2399a5660aSLBA-2019:0037-1The tzdata packages have been updated to version 2018i, which addresses recent time zone changes. Notably: * Africa/São Tomé and Príncipe changed from UTC+01 to UTC+00 on January 01, 2019. * Asia/Qyzylorda, Kazakhstan changed from UTC+06 to UTC+05 on December 21, 2018. * A new time zone, Asia/Qostanay, has been created because Qostanay, Kazakhstan did not transition with the Asia/Qyzylorda change. * America/Metlakatla, Alaska will observe Pacific Standard Time (PST) for this winter only. * Updates to Asia/Casablanca have been implemented based on a prediction that Morocco will continue to adjust clocks around Ramadan. * Changes to Asia/Tehran have been made based on predictions for Iran from 2038 through 2090.Scientific Linux FermiScientific Linux Fermi 6tzdata-2018i-1.el6.noarch.rpm60e2001038dfb303134d64a9068f1544d239b0ddca9c382a09982fa4cbdf3775tzdata-java-2018i-1.el6.noarch.rpm5a741f8213fd65ad537f949d2006bf2878358e743726a8e5844316a62c35b0a9SLBA-2019:0689-1The tzdata packages have been updated to version 2019a, which addresses recent time zone changes. Notably: * The Asia/Hebron and Asia/Gaza zones will start DST on 2019-03-30, rather than 2019-03-23 as previously predicted. * Metlakatla rejoined Alaska time on 2019-01-20, ending its observances of Pacific standard time.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2019a-1.el6.noarch.rpm09657e7344eb2c6f84d4f463481576d59b7a5dc54c76f86057c8edbb3615ccd5tzdata-2019a-1.el6.noarch.rpm988fc743347abada03a088728a3e751d7e0577ef016442fdb16bda5480454228SLBA-2019:1227-1This update fixes the following bug: * The spice-vdagent is not starting and spice is opening thousands of unix sockets.Scientific Linux FermiScientific Linux Fermi 6spice-vdagent-0.14.0-13.el6_10.1.i686.rpmc1907296bab148b6cba00eadd989559db50cf7454f6704292d6ed4538007fc56SLBA-2019:1651-1* dentry with DCACHE_SHRINKING set but no task shrinking dcacheScientific Linux FermiScientific Linux Fermi 6kernel-2.6.32-754.17.1.el6.i686.rpm9a6e1248791f75edfc661cc64b83bbb8b9cb0baaafd7a727a60b5762c1af2ce5kernel-devel-2.6.32-754.17.1.el6.i686.rpmfb96ffab9ca2b76099de803a292da6e7588f38035bef72c241786b02b9b2d05akernel-headers-2.6.32-754.17.1.el6.i686.rpm33b6b5e829accc30db3d9450694e247933878abc0830b72e6a63cc0e20dfdcabkernel-firmware-2.6.32-754.17.1.el6.noarch.rpmd6eb649785de43e9eaabcc5b18bd4c9405cfd2ff40524467703ba5d63eb615f9kernel-debug-devel-2.6.32-754.17.1.el6.i686.rpm6d04b7de6f99a043663bf889f4f4a1f108bd72960e6ae60a25eb40a8ce5021a3kernel-doc-2.6.32-754.17.1.el6.noarch.rpmd93f41a04c12482def9428979c1111bbd32d3366de833f6af0269ee8e77d1f6bkernel-abi-whitelists-2.6.32-754.17.1.el6.noarch.rpm6c25ef94a9ebc45d194d41b66918917019c5f3d25e72eae9d72243f4ff902a38perf-2.6.32-754.17.1.el6.i686.rpmbd224abbd3720424b34322ee0d2f92a413e3a1ea0ebc1178f55b8748fd94a7dekernel-debug-2.6.32-754.17.1.el6.i686.rpm032ee282eaa3acee0fb34686f89f14704c1e6caab6fcce0aa7683bbbff5ca9e3SLBA-2019:1703-1* The 2019 spring DST transition for Palestine occurred on March 29, not March 30.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2019b-2.el6.noarch.rpm7008f8ae57c82cb201946f2fc12167249b4373a78bd8ffe548f9d63fb1099037tzdata-2019b-2.el6.noarch.rpm6f36b7d2cf5955cf97d56e2a64c64941cf74133b2f4425a9c97afdc037794563SLBA-2019:2871-1The tzdata packages have been updated to version 2019c, which addresses recent time zone changes. Notably: * Fiji will observe the daylight saving time (DST) from November 10, 2019 to January 12, 2020. * Norfolk Island will start to observe Australian-style DST on November 06, 2019.Scientific Linux FermiScientific Linux Fermi 6tzdata-2019c-1.el6.noarch.rpma39f2001bf8cfc0be237ccf50a9ace47f164e735c182ab8b5d999c2e637764eatzdata-java-2019c-1.el6.noarch.rpm6674b8c0d3301c748fe7b73ebfe17a14974cde36deb4d81ed6fa2742f85b868aSLBA-2020:1982-1The tzdata packages have been updated to version 2020a, which addresses recent time zone changes. Notably: In Morocco (the Africa/Casablanca time zone), daylight saving time starts on 2020-05-31 instead of on 2020-05-24. Canada's Yukon region (the America/Whitehorse and America/Dawson time zones) changed to a year-round UTC-07 time on 2020-03-08. The America/Godthab time zone has been renamed to America/Nuuk.Scientific Linux FermiScientific Linux Fermi 6tzdata-2020a-1.el6.noarch.rpm8b0c71c5689666a060de7b991d6d8c7ac2f5a903d8b42af4da0bef2812bcfe63tzdata-java-2020a-1.el6.noarch.rpmacc38f1677f866ea1fd1f115ecb9a4ed831d7a5b7ccda6b6effaf7a314659c4dSLBA-2020:4282-1The tzdata packages have been updated to version 2020b, which addresses recent time zone changes. Notably: * Yukon timezones represented by America/Whitehorse and America/Dawson will change time zone rules from -08/-07 to permanent -07 on November 01, 2020, not on August 03, 2020, contrary to what was in the version 2020a. * The most recent winter(+08)/summer(+11) transition for Casey Station, Antarctica was on April 04, 2020 at 00:01. * Obsolete pacificnew, systemv, and yearistype.sh files have been removed from the distribution.Scientific Linux FermiScientific Linux Fermi 6tzdata-2020b-2.el6.noarch.rpm45de9b5c05f500bb9f37ce3cf655437c91f107403bc843fe9ee441a5d2140d7etzdata-java-2020b-2.el6.noarch.rpm3c911a314eea6f7ab5633bbb68684d444288a2b595d69b2ff0bae0f9bf45fd34SLBA-2020:4329-1The tzdata packages have been updated to version 2020d, which addresses recent time zone changes. Notably: * Fiji starts the daylight saving time (DST) later than usual on December 20, 2020, rather than the predicted November O8, 2020. * Palestine will end summer time on October 24, 2020 rather than the predicted October 31, 2020.Scientific Linux FermiScientific Linux Fermi 6tzdata-2020d-1.el6.noarch.rpm32d9a91f4702285b3295efd420d69823bbeeefa05251da72f3fbae6a61771a7ctzdata-java-2020d-1.el6.noarch.rpm4d2f476832375f815cf1b39ef3c4e03c526f6b188af7f71d12a3d7e94f222e3cSLEA-2011:0532-1The svrcore package contains an API library which provides various methods of handling and managing secure Personal Identification Number (PIN) storage. The svrcore library uses the Mozilla NSS cryptographic library. An example of an application which would use svrcore is one that must be restarted without user intervention, but which requires a PIN to unlock a private key and other cryptographic objects. This enhancement update adds a new svrcore package to Scientific Linux 6. All users requiring svrcore should install this newly-released package.Scientific Linux FermitrueScientific Linux Fermi 6svrcore-devel-4.0.4-5.1.el6.i686.rpm020117bc12d67abfa2ab1d2f76b403f90b688afd7bf27da1517cb51f3d6a8d51svrcore-4.0.4-5.1.el6.i686.rpm625cf672493c88ac67852f918ad280fed2bd668a6f2546e7334c91e0d65a473fSLEA-2011:0575-1The slapi-nis package provides two plug-ins for the 389 Directory Server and RH Directory Server: The NIS Server plug-in allows a directory server to serve its data to clients using the NIS protocol. The Schema Compatibility plug-in allows a directory server to provide a modified view of a set of entries in a designated section of the directory. This enhancement update adds the slapi-nis package to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6slapi-nis-0.23-1.el6.i686.rpm53f0f5480c1a8084b4592c5699f22065fe6f00d44c4e17479315df8e333dec16SLEA-2011:0589-1OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. The compat-openldap package provides compatibility libraries for the OpenLDAP suite. Previously, the compat-openldap package was released as a subpackage of openldap. This enhancement update adds compat-openldap to Scientific Linux 6 as a separate package. All users who require compat-openldap should install this new package.Scientific Linux FermiScientific Linux Fermi 6compat-openldap-2.3.43-2.el6.i686.rpm8b3ac81417f73c2f89e698d2ce6f088ef8059e8a2467a350e2c9711ba1f74df4SLEA-2011:0612-1This new python-kerberos package contains a high-level wrapper for Kerberos (GSSAPI) operations. * This limited set provides all needed functions for client-server Kerberos authentication. Users who require Kerberos authentication for or from Python programs are advised to install this new python-kerberos package.Scientific Linux FermiScientific Linux Fermi 6python-kerberos-1.1-6.2.el6.i686.rpm0718f1d2880ee92be188a37b44d4520f80481fd3b6319cc203b27da20b4ab35fSLEA-2011:0613-1Kerberos is a network authentication system. The krbV module provides a Python binding to the Kerberos 5 libraries, and allows Python programs to utilize Kerberos functions and services. This enhancement update adds the python-krbV package to Scientific Linux 6. All users who require the krbV Python module should install this new package.Scientific Linux FermiScientific Linux Fermi 6python-krbV-1.0.90-3.el6.i686.rpme1e1707b17297d32cfd0c9f4157a483d887e935f296a554452310c46afb15369SLEA-2011:0622-1The python-netaddr package provides a network address representation and manipulation library for Python. The netaddr library allows Python applications to work with IPv4 and IPv6 addresses, subnetworks, non-aligned IP address ranges and sets, MAC addresses, Organizationally Unique Identifiers (OUI), Individual Address Blocks (IAB), and IEEE EUI-64 identifiers. This enhancement update adds the python-netaddr package to Scientific Linux 6. All users who require python-netaddr should install this new package.Scientific Linux FermiScientific Linux Fermi 6python-netaddr-0.7.5-3.el6.noarch.rpm80c6c5a48c96c246d9ced56b6e863d7258c82da2ffb62235f601424b9ab22469SLEA-2011:0626-1The Operating System Utilities Java Native Interface (JNI) package supplies various native operating system operations to Java programs. This new package adds JNI features that allow Scientific Linux 6 users to use the operating system utility libraries that are made available to java programs using JNI. IPA and the Certificate System CA depend on JNI for their interface with the operating system.Scientific Linux FermiScientific Linux Fermi 6osutil-2.0.1-1.el6.i686.rpm667426bfb79e1f4d036870f26717f8ac52d6b73d873618a5900bb0e31f6c6d29SLEA-2011:0630-1The python-pyasn1 package provides an implementation of ASN.1 types (concrete syntax) and codecs (transfer syntax) for the Python programming language. This enhancement update adds the python-pyasn1 package to Scientific Linux 6. All users who require python-pyasn1 should install this new package.Scientific Linux FermiScientific Linux Fermi 6python-pyasn1-0.0.12a-1.el6.noarch.rpm2c471fd607f054048fad0b8a0f0683460636ec61be32c440c03a92b19fbe8eb3SLEA-2011:0657-1The tomcatjss package provides a Java Secure Socket Extension (JSSE) implementation using Java Security Services (JSS) for Tomcat 6. This enhancement update provides the Java Native Interface (JNI) extension for JSS based on Network Security Services (NSS). All tomcat users who wish to use NSS for servlet connectors are advised to install this new package.Scientific Linux FermiScientific Linux Fermi 6tomcatjss-2.1.0-1.el6.noarch.rpmfe63453a824ffdebf3f60d70bdecbedb089aa40788b4cea0a46b43304ca06448SLEA-2011:1128-1This updated package addresses the following changes to Daylight Saving Time (DST): * The Daylight Saving Time has been canceled in the Russian Federation in 2011 and the upcoming years.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2011h-2.el6.noarch.rpmf550d2810f5cf8f178d620706064d4b233174fa32fd8d62f94fd7b3f4053f0aetzdata-2011h-2.el6.noarch.rpmec0415f49e6cbc2802d6df310814aa6963669a270f73983782009f6c6ecb08acSLEA-2011:1214-1This updated package addresses the following changes to Daylight Saving Time (DST): * The government of Newfoundland and Labrador plans to change the hour of the Daylight Saving Time switch from 12:01AM to 2:00AM.Scientific Linux FermiScientific Linux Fermi 6tzdata-2011h-3.el6.noarch.rpm257792bd4654122ffcaf450d73e5202f3f0b73fc4b561e98deda63f54d1a0d64tzdata-java-2011h-3.el6.noarch.rpm1eadf1186e691bdc0e2d48969c7584705af73f4f0473fed04bfbaaa4705a79f6SLEA-2011:1410-2The tzdata package contains data files with rules for various time zones around the world. This updated package addresses the following change to Daylight Saving Time (DST): * Belarus has canceled the Daylight Saving Time. * New time zones have been added to track South Sudan (Africa/Juba) and West Bank (Asia/Hebron). * Samoa changed its Time Zone so that it is on the west side of the International Date Line. * Palestine suspended the Daylight Saving Time for the month of Ramadan. * Fiji will observe the Daylight Saving Time in 2011. * State of Bahia, Brazil, will resume Summer Time on Oct 16.Scientific Linux FermiScientific Linux Fermi 6tzdata-2011l-4.el6.noarch.rpm1baa7d44357e2a345c3d46f6822cd4b96369d220d9eb3ad1935db306e62fdd1btzdata-java-2011l-4.el6.noarch.rpm68e5c1c7cb1136e30721fb2662996e023736072038d254ee32c6c070f55388cbSLEA-2011:1590-2The sanlock package provides a shared disk lock manager that uses disk paxos to manage leases on shared storage. Hosts connected to a common Storage Area Network (SAN) can use sanlock to synchronize the access to the shared disks. Both libvirt and vdsm can use sanlock to synchronize access to shared virtual machine (VM) images. This enhancement update adds the sanlock package to Scientific Linux 6. All users who require sanlock are advised to install this new package.Scientific Linux FermiScientific Linux Fermi 6sanlock-devel-1.8-2.el6.i686.rpm6c06233608a2be8bfcd5ff18d1a8aaf6990339f6d540389ff1fe102e699badffsanlock-1.8-2.el6.i686.rpm6dbb0788837986846d13a709f89198ca23ecd8536768b6100e7640f96316bb20sanlock-lib-1.8-2.el6.i686.rpme3c32f68c14702c2345f52436f52033120c9096b20826f20a98bbca9a5cce6ecsanlock-python-1.8-2.el6.i686.rpm26eeac27023475da9f18f30f7fd55b5eec1f9d4a1c63fb174e891ae753a0d1f0SLEA-2011:1592-2The xorg-x11-drv-acecad, xorg-x11-drv-aiptek, xorg-x11-drv-hyperpen, xorg-x11 -drv-elographics, xorg-x11-drv-fpit, xorg-x11-drv-mutouch, xorg-x11-drv- penmount, xorg-x11-drv-evdev, xorg-x11-drv-vmmouse, and xorg-x11-drv-synaptics packages contain the X.Org X11 input drivers for legacy devices. * The xorg-x11-drv-acecad package has been upgraded to upstream version 1.5.0. * The xorg-x11-drv-aiptek package has been upgraded to upstream version 1.4.1. * The xorg-x11-drv-elographics package has been upgraded to upstream version 1.3.0. * The xorg-x11-drv-fpit package has been upgraded to upstream version 1.4.0. * The xorg-x11-drv-hyperpen package has been upgraded to upstream version 1.4.1. * The xorg-x11-drv-evdev package has been upgraded to upstream version 2.6.0. * The xorg-x11-drv-vmmouse package has been upgraded to upstream version 12.7.0. * The xorg-x11-drv-mouse package has been upgraded to upstream version 1.7.0. * The xorg-x11-drv-keyboard package has been upgraded to upstream version 1.6.0. * The xorg-x11-drv-synaptics package has been upgraded to upstream version 1.4.1. * The xorg-x11-drv-mutouch package has been upgraded to upstream version 1.3.0. * The xorg-x11-drv-penmount package has been upgraded to upstream version 1.5.0.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-evdev-devel-2.6.0-2.el6.i686.rpm5ffc8cc9db8ca837be37db8ae5544ceabada5f62a6d132932299b0a5d2cfe536xorg-x11-drv-hyperpen-1.4.1-2.el6.i686.rpm310c6bf1df883b58c16bcc8f7fa7d0602b8a90b7e2c27772a7da39fac52019ccxorg-x11-drv-vmmouse-12.7.0-1.el6.i686.rpm8b4b5bcf8a2bcd6963709cae77d5d5cabb852dae21991cacd1ddc37d4c2ae3fexorg-x11-drv-elographics-1.3.0-2.el6.i686.rpma9a1dab96680d1286f76a09f824ffdf1ccf7b31bf3f65266028d055b77c27ca1xorg-x11-drv-keyboard-1.6.0-1.el6.i686.rpmc86a5207c3740b38582d948f28d7cb7a25c603eae466c1a50a267a7efedbc40exorg-x11-drv-fpit-1.4.0-2.el6.i686.rpm86efd2008e97a28df1de9d9efcfef8aa8dc5485bda14ac1a9625f60ff2fa492bxorg-x11-drv-acecad-1.5.0-3.el6.i686.rpm83ee1fa715d945e616e723160170eca4844b95693645461d35924012677a209bxorg-x11-drv-synaptics-1.4.1-3.el6.i686.rpmea442080b16bc0786a9c9ed832bda89624731d74adeaf0fc80aca8132306bac4xorg-x11-drv-aiptek-1.4.1-2.el6.i686.rpm62d8275ed3abec7e478a8104c956da556677a9bbffe978e78bfeea81f7f38af6xorg-x11-drv-evdev-2.6.0-2.el6.i686.rpm468ee8ef3e373eb38ef5094607314eba98f37c7caa88de8c209a40a36048e991xorg-x11-drv-mutouch-1.3.0-2.el6.i686.rpme09d87f0154ea9a0ceefb2614407908e66fb2192dc79de9f043d3682bc8d6836xorg-x11-drv-void-1.4.0-1.el6.i686.rpm95c8a996d7e34974c62d357d519f6291658272eadaafe1dce01c29bfd6478beaxorg-x11-drv-mouse-1.7.0-4.el6.i686.rpma72a4462ad5c0dafac61c2f2fb7bb1e9de11f0eb37bc9d5a96827724520018eexorg-x11-drv-penmount-1.5.0-2.el6.i686.rpmb80923a716c4aed4e8a5f819af5330dc220c2f7de69de796786b6df4fbb87975xorg-x11-drv-synaptics-devel-1.4.1-3.el6.i686.rpm8fb010728d138d3dc3fe5719950d809833022158119c505a68ffb9964608c8afSLEA-2011:1601-2The following packages have been upgraded to the higher upstream versions, which provide a number of bug fixes and enhancements over the previous versions: * The xorg-x11-drv-apm package has been upgraded to upstream version 1.2.3. * The xorg-x11-drv-ast package has been upgraded to upstream version 0.91.10. * The xorg-x11-drv-cirrus package has been upgraded to upstream version 1.3.2. * The xorg-x11-drv-dummy package has been upgraded to upstream version 0.3.4. * The xorg-x11-drv-fbdev package has been upgraded to upstream version 0.4.2. * The xorg-x11-drv-geode package has been upgraded to upstream version 2.11.12. * The xorg-x11-drv-glint package has been upgraded to upstream version 1.2.5. * The xorg-x11-drv-i128 package has been upgraded to upstream version 1.3.4. * The xorg-x11-drv-i740 package has been upgraded to upstream version 1.3.2. * The xorg-x11-drv-mach64 package has been upgraded to upstream version 6.9.0. * The xorg-x11-drv-neomagic package has been upgraded to upstream version 1.2.5. * The xorg-x11-drv-nv package has been upgraded to upstream version 2.1.18. * The xorg-x11-drv-openchrome package has been upgraded to upstream version 0.2.904. * The xorg-x11-drv-r128 package has been upgraded to upstream version 6.8.1. * The xorg-x11-drv-rendition package has been upgraded to upstream version 4.2.4. * The xorg-x11-drv-s3virge package has been upgraded to upstream version 1.10.4. * The xorg-x11-drv-savage package has been upgraded to upstream version 2.3.2. * The xorg-x11-drv-siliconmotion package has been upgraded to upstream version 1.7.5. * The xorg-x11-drv-sis package has been upgraded to upstream version 0.10.3. * The xorg-x11-drv-sisusb package has been upgraded to upstream version 0.9.4. * The xorg-x11-drv-tdfx package has been upgraded to upstream version 1.4.3. * The xorg-x11-drv-trident package has been upgraded to upstream version 1.3.4. * The xorg-x11-drv-v4l package has been upgraded to upstream version 0.2.0. * The xorg-x11-drv-vesa package has been upgraded to upstream version 2.3.0. * The xorg-x11-drv-vmware package has been upgraded to upstream version 11.0.3. * The xorg-x11-drv-voodoo package has been upgraded to upstream version 1.2.4. * The xorg-x11-drv-xgi package has been upgraded to upstream version 1.6.0. In addition, this update fixes the following bug: * Due to a missing XGIPowerSaving() function call in the xgi video driver's source code, a server using XGI Z9-series graphics chipset was not able to recover from power-saving mode. With this update, the XGIPowerSaving() function call has been added and the server now recovers properly.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-trident-1.3.4-1.el6.i686.rpm46a9638b9dcc30227954cd8c36da794f5bcfba90cb5a76541202ca9745866835xorg-x11-drv-s3virge-1.10.4-2.el6.i686.rpm28893e3e219b7b44b3e7a3605758ab8f97ee8aa90c05276c1592d0ca3838e502xorg-x11-drv-siliconmotion-1.7.5-1.el6.i686.rpm4da22f1e7ef8fc952d35d6ab3a199b598bd3ed6f0412a4f3ca410df89e36216axorg-x11-drv-openchrome-0.2.904-4.el6.i686.rpm8d801026e769639357d7426941c80dfcccd79e0821732b6d8f367a0dcf6002fbxorg-x11-drv-mach64-6.9.0-1.el6.i686.rpmaba894d64da93568f93f34dade10ad15317a2e5f87e0a8cbbf69f28d8502cfe8xorg-x11-drv-r128-6.8.1-3.el6.i686.rpm89fd566519ddf1b993bb3daa6d2df2551f376fe6bd5ec44f07fdddd0cc5f9017xorg-x11-drv-v4l-0.2.0-4.el6.i686.rpm237f68f6566007be04375a221c199bcffa3798880993cd97330c9fa8bef0cc7axorg-x11-drv-sisusb-0.9.4-1.el6.i686.rpm036a8a09a341fda59b6c49ee6d9cd1ce0c36ccd71c39c8b51a0c8dfa31360226xorg-x11-drv-openchrome-devel-0.2.904-4.el6.i686.rpm88b6def07d2cc1af9c303cf07688bc6ff540c6d8b5d99c056b31b196b0aedc57xorg-x11-drv-i740-1.3.2-2.el6.i686.rpmddb4b73fddb102b3d937e4b16f006b47328e10f7fa4a33a6fca93c7b92e8722bxorg-x11-drv-vmware-11.0.3-1.el6.i686.rpm1845e10f04a8eef3a2f72e57662aa4ec13ded7f0ef52326fca80c826d1065c0bxorg-x11-drv-dummy-0.3.4-1.el6.i686.rpm6f3d111b93d70325ca6b551c2fb7101badabecce5fc8230bdfa8d206a537244dxorg-x11-drv-nv-2.1.18-2.el6.i686.rpmd6d72a809ca09b609a487915121cb914a2315668113e52f3c689a2d3c472b915xorg-x11-drv-fbdev-0.4.2-2.el6.i686.rpm5c1c2889cf21b1feb7dc8ef65c8c2cea38c556b92af29b5b1220734b6d440f8axorg-x11-drv-voodoo-1.2.4-1.el6.i686.rpm0ac2e71e21ff25bb9fafd5950030b02156b31f5f4a7e87fde947cbd152dd5224xorg-x11-drv-glint-1.2.5-1.el6.i686.rpm92821c447fccf96c1a4bf2944c3ee2633cbc54325cc7c62a50f2aff4af16c923xorg-x11-drv-tdfx-1.4.3-2.el6.i686.rpm7c97a2ced18130d0e1490ac99620f4ab7942f8efbaa6cb1314ca3a9908ce799cxorg-x11-drv-vesa-2.3.0-2.el6.i686.rpm404993fa8c7a66d3a90327ff231dee050e749ad572dc2960fac07d9e543509aexorg-x11-drv-cirrus-1.3.2-2.el6.i686.rpm847fde1754a58c1b5d1371ac9404c8b3a8f1330c541b9f8e66151af17e04635cxorg-x11-drv-ast-0.91.10-1.el6.i686.rpmb7d8dafa761ecf6f62796d8b1ff0a4c05a5100e17e9d7e966e2ffd19a618882axorg-x11-drv-i128-1.3.4-1.el6.i686.rpmf3d84a838f9d8da2428c3d9a84153ca33c5401958deddb043fe0b87516f6ddeaxorg-x11-drv-apm-1.2.3-2.el6.i686.rpm8471a7352b248e5caaaf1837dae716aaea6043d73638ce2c40035d34a7061ac8xorg-x11-drv-rendition-4.2.4-1.el6.i686.rpm277a5b1458ae82f6d396da8027092148783e7fb63841c25804958ce4d976d730xorg-x11-drv-savage-2.3.2-1.el6.i686.rpm242cc8097e9e72e7902a34c534d51e3c8595ecea68242efb422b25bbcde25c45xorg-x11-drv-geode-2.11.12-1.el6.i686.rpm0d5c52bcde569954cbea923871734c1a97d7fd526a409966690c923ea6bf24b0xorg-x11-drv-neomagic-1.2.5-1.el6.i686.rpm386975c505ab9528d974e3d639be443045f60f55bc4466d0430d1a486cf796a3xorg-x11-drv-sis-0.10.3-1.el6.i686.rpmc06bae22ea5139b7f80aa4ebb69207d12965606547cc64c13fcad98d827db11bxorg-x11-drv-xgi-1.6.0-11.el6.i686.rpmaf95dbbe555bd0134d72a930a18b94dadaa9d43af188e37dd38b90dba02df6c3SLEA-2011:1639-2The following general upgrade has been performed: * The InfiniBand/iWARP/RDMA stack components have been upgraded to more recent upstream versions. Also, these updated packages fix numerous bugs, including but not limited to the following: * The perftest, qperf, and srptool packages spec files erroneously limited the 32 bit Intel build to just the i386 architecture while Scientific Linux 6 now defaults 32 bit Intel builds to the i686 architecture. As a consequence these packages failed to build on the i686 architecture. With this update the error has been corrected and the packages build as expected. * In Scientific Linux 6.1 changes to network functions to support multiple IP addresses on an interface were made. This caused the ifup-ib script to fail to start IPoIB interfaces depending on how the ifcfg-ib[n] (where [n] is 0 or greater) file was written. Erroneous error messages, "Error: an inet prefix is expected rather than" or "Error, some other host already uses address" were logged. With this update, the ifup-ib script has been changed to handle an array of multiple IP addresses and the error no longer occurs in the scenario described. In addition, these updated packages provide the following enhancements: * This update provides support in OpenSM for Single Root I/O Virtualization (SRIOV) using SRIOV ports exposed on Mellanox SRIOV capable devices. * An OpenSM update was required in order to provide SRIOV support and the update changed the names of the libraries exported by OpenSM and the rest of the InfiniBand management stack. Therefore a new package, "compat-opensm-libs", that provides a copy of the original libraries, was added to the stack to prevent this upgrade from breaking installed applications.Scientific Linux FermiScientific Linux Fermi 6compat-openmpi-1.4.3-1.el6.i686.rpmf7c491320e7b9bcfa75f00416f247fed81e93849b295d0a58aeadcbd0d6c23a0compat-openmpi-devel-1.4.3-1.el6.i686.rpm78650803727cdefc87262f7cf831d2573131920e63c78bd54f6456e299670746SLEA-2011:1652-2This update fixes the following bugs: * When the user locked the screen and the X Window System did not support the X Resize, Rotate (XRandR) or XF86VM gamma fade extensions, then the gnome- screensaver utility terminated with a segmentation fault. With this update, additional checks are made before calling the fade_setup() function, and gnome- screensaver no longer terminates. * Prior to this update, the Unlock dialog box arbitrarily changed between the monitors in dual head setups, based on the position of the mouse pointer. The Unlock dialog box is now placed on a consistent monitor instead of where the mouse is located. * Previously, when docking a laptop and using an external monitor, parts of the background got cut off due to incorrect logic for determining monitor dimensions. With this update, the source code is modified and the login screen is now displayed correctly. * Previously, in rare cases, the screen saver entered a deadlock if monitors were removed during the fade up. The screen was locked as a consequence. This update modifies gnome-screensaver so that the screen saver responds as expected. This update also adds the following enhancement: * Previously, there was no indicator of the keyboard layout when the screen was locked. Users who used more than one layout did not know which layout was active. Consequently, users could be forced to type the password several times. This update adds the missing keyboard layout indicator.Scientific Linux FermitrueScientific Linux Fermi 6gnome-screensaver-2.28.3-18.el6.i686.rpm1ec3ff63013dd49dd7c137396e79dac18ab051695e1a9c42f613332ae85f0942SLEA-2011:1653-2This portable C library implements the UTF-8, UTF-16 and UTF-32 Unicode string types, together with functions for character processing (names, classifications, and properties) and functions for string processing (iteration, formatted output, width, word breaks, line breaks, normalization, case folding, and regular expressions). This enhancement update adds the libunistring package to Scientific Linux 6. The libunistring package has been added as a dependency for the System Security Services Daemon (SSSD) in order to process internationalized HBAC rules on FreeIPA servers. All users who require libunistring should install this new package.Scientific Linux FermiScientific Linux Fermi 6libunistring-devel-0.9.3-4.el6.i686.rpmf5c95e2f11ab76d2b1f650d43ee8eb21be8734189f88aa7db0b406d1d6a5cefclibunistring-0.9.3-4.el6.i686.rpmf9c348e6afb127cb090dbc800137f81897f724f8eee2df2748df3034dcff5f09SLEA-2011:1657-2This update adds the following enhancements: * Prior to this update, the ACL library did not provide any function to check for extended ACLs of a file without following symbolic links. The only available function, acl_extended_file(), used to cause unnecessary mounts of autofs. This update introduces a new function, acl_extended_file_nofollow(), that checks for extended ACLs of a file without following symbolic links. * Previously, the ACL library was linked without support for RELRO (read-only relocations) flags. With this update, the library is now linked with partial RELRO support.Scientific Linux FermiScientific Linux Fermi 6libacl-devel-2.2.49-6.el6.i686.rpm4ca25b2b84175496827c730543befd87b3a1d038c645e085b72abe5d69de9b5eacl-2.2.49-6.el6.i686.rpma3fbff539b17753fd522307fd24e4e0d57d053b30ec4589c350eefc230e14657libacl-2.2.49-6.el6.i686.rpm3cc2d467914087414cf85f6f4e7e603046df781db6710322b4af7ff22afe8407SLEA-2011:1711-2This update fixes the following bugs: * If a server sent a response to an unbind request and the client simply closed the connection, Directory Server 8.2 logged "Netscape Portable Runtime error -5961 (TCP connection reset by peer.)". * An incorrect SELinux context caused AVC errors in /var/log/audit/audit.log. * A number of memory leaks and performance errors were fixed.. * The DS could not restart after a new object class was created which used the entryUSN attribute. * The ns-slapd process segfaulted if suffix referrals were enabled. * A high volume of TCP traffic could cause the slapd process to quit responding to clients. * Attempting to delete a VLV index caused the server to hang. * Connections to the DS by an RSA authentication server using simple paged results by default would timeout. * Running a simple paged search against a subtree with a host-based ACI would hang the server. * If the target attribute list for an ACI had syntax errors and more than five attributes, the server crashed. * It was not possible to set account lockout policies after upgrading from RHDS 8.1. * Adding an entry with an RDN containing a % caused the server to crash. * Only FIPS-supported ciphers can be used if the server is running in FIPS mode. * It is possible to disable SSLv3 and only allow TLS. * If the changelog was encrypted and the certificate became corrupt, the server crashed. * If the passwordisglobalpolicy attribute was enabled on a chained server, a secure connection to the master failed. * If a chained database was replicated, the server could segfault. * Editing a replication agreement to use SASL/GSS-API failed with GSS-API errors. * In replication, a msgid may not be sent to the right thread, which caused "Bad parameter to an LDAP routine" errors. This causes failures to propagate up and halt replication. * Password changes were replicated among masters replication, but not to consumers. * If an entry was modified on RHDS and the corresponding entry was deleted on the Windows side, the sync operation attempts to use the wrong entry. * Some changes were not properly synced over to RHDS from Windows. * RHDS entries were not synced over to Windows if the user's CN had a comma. * Intensive update loads on master servers could break the cache on the consumer, causing it to crash. * Syncing a multi-valued attribute could delete all the other instances of that attribute when a new value was added. * If a synced user subtree on Windows was deleted and then a user password was changed on the RHDS, the DS would crash. This update provides the following enhancements: * The nsslapd-idlistscanlimit configuration attribute can be set dynamically, instead of requiring a restart. * Separate resource limits can be set for paged searches, independent of resource limits for regular searches. * The sudo schema has been updated. * A new configuration attribute sets a different list of replicated attributes for a total update versus an incremental update. * A new configuration option allows the server to be started with an expired certificate. * New TLS/SSL error messages have been added to the replication error log level. 389-ds-base packages, which resolve these issues and add these enhancements.Scientific Linux FermiScientific Linux Fermi 6389-ds-base-1.2.9.14-1.el6.i686.rpm30b7cc280e69d22edef98ea0bd66d6ef6a0213a1759b8b695416983f6e6b6512389-ds-base-libs-1.2.9.14-1.el6.i686.rpm3650ae3a3696a307634a7a6b998bdf9da8cded4279425d9d854b6d053b26945d389-ds-base-devel-1.2.9.14-1.el6.i686.rpmb2adb8541054406b905b7a3d8aa69a72865158a3dfcd1aed96e02f44aa305b6bSLEA-2011:1714-2The mesa-libGLw packages provide an Xt/Motif OpenGL Drawing Area Widget. This enhancement update adds the esa-libGLw package to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6mesa-libGLw-6.5.1-10.el6.i686.rpmcff529d393532e2029c0d5a839f383ece3956473aa236c341e46334ab8e4d4fdmesa-libGLw-devel-6.5.1-10.el6.i686.rpm36fb7c659d930f395d296640a1cbe503ea20ec7da8e15d0e424e39b2be5042c8SLEA-2011:1733-2This update adds the following enhancement: * Prior to this update, the fipscheck library was linked without support for read-only relocations (RELRO) flags. The updated fipscheck packages are now provided with partial RELRO support.Scientific Linux FermiScientific Linux Fermi 6fipscheck-1.2.0-7.el6.i686.rpmf1bb975e5f05ad7b3bc707e59173f19ded77ac4fe8529d7003fe2dd54d32fc3efipscheck-lib-1.2.0-7.el6.i686.rpm79a760019fe47b0d9d17a2f4f729a69262d3f81dcf54dc21a3d3923bbf8b3976fipscheck-devel-1.2.0-7.el6.i686.rpm02942c0220d2f3be4cebe1f2a273b97204a13d647bc11cbc62fe90dfa719f2e5SLEA-2011:1752-2The vios-proxy program suite creates a network tunnel between a server in the QEMU host and a client in a QEMU guest. The proxied server and client programs open normal TCP network ports on localhost and the vios-proxy tunnel connects them using QEMU virtioserial channels. This enhancement update adds a new vios-proxy package to Scientific Linux 6 as a Technology Preview. All users who want to use the vios-proxy Technology Preview should install this newly-released package, which adds this enhancement.Scientific Linux FermiScientific Linux Fermi 6vios-proxy-0.1-1.el6.i686.rpm585e5bfe48a0a05036a94b6e326383891cc6a8f4e12fff6f61f92e8cf1e390b3SLEA-2012:0022-1The python-suds package provides a lightweight implementation of the Simple Object Access Protocol (SOAP) for the Python programming environment. This enhancement update adds the python-suds package to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6python-suds-0.4.1-3.el6.noarch.rpmd4f5fed7b4b89407c51791827bad95166911615d37955037188fc8f211234702SLEA-2012:0327-2The firefox packages have been upgraded from version 3.6.26 to version 10.0.1, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bug: * Previously, with the xulrunner-5.0-2.el6 package installed, the yelp plug-in failed to start and returned the "Could not initialize gecko!" error message. Now, the updated yelp package has been provided and yelp works as expected in the described scenario. Important: Firefox 10 is not completely backwards-compatible with all Mozilla add-ons and Firefox plug-ins that worked with Firefox 3.6. Firefox 10 checks compatibility on first-launch, and, depending on the individual configuration and the installed add-ons and plug-ins, may disable said Add-ons and plug-ins, or attempt to check for updates and upgrade them. Add-ons and plug-ins may have to be manually updated. After installing the update, Firefox must be restarted for the changes to take effect.Scientific Linux FermitrueScientific Linux Fermi 6yelp-2.28.1-13.el6_2.i686.rpmb1bbd62b27baeabb63882f5553789bcf3de9f93d0322b9bc59a73d6b3b0e5729SLEA-2012:0356-2This updated package addresses the following changes in zone info database: * The leap second database now includes the leap second that will occur at the end of June 2012. Note that only zones in the subdirectory called "right/" are affected. Unless you set up your system to specifically use "right" time zones, this change will not affect you in any way. Normally, the information about leap seconds is distributed via the NTP protocol, and the NTP client should update your system properly even without this update. * This update changes the Daylight Saving Time rules for Chile, which decided to exit DST on March 11 2012 instead of the previous date of April 28th 2012 * This update retroactively changes the Daylight Saving Time rules for Cuba, which left the period of DST in November. * This update retroactively changes the Daylight Saving Time rules for Fiji, which entered DST in January.Scientific Linux FermiScientific Linux Fermi 6tzdata-2011n-2.el6.noarch.rpmd1c303040e6a8b2b29c76c11fd61b9f85c6c3fc55e6652847fd4b5349d4a5fbdtzdata-java-2011n-2.el6.noarch.rpm174eca96a655023992844f11c7ce291ec1c023fc02da566632dac16ebc5dd4e7SLEA-2012:0412-1This updated package adds the following time-zone changes to the zone info database: * On 2012-03-15, Morocco announced it will switch to daylight savings time (DST) on the last Sunday in April (29th April) and not the 25th of March. The earlier date was announced as the daylight savings switch date on 2012-03-09. The change was made "after discussion of proposals to consider the demands of schooling", according to Mustapha El Khalfi, the Morocco Minister of Communications. The switch back to standard Moroccan time will still occur at 03:00 on the last Sunday in September, 2012-09-30. This update reflects the later switching date announced on 2012-03-15. Note: the 2012-03-09 announcement also noted Morocco DST will run to September 30, 2012 "except the month of Ramadan". Relative to the Gregorian calendar, Ramadan runs from 2012-07-20 to 2012-08-18 this year. Specific times for this temporary switching to Morocco standard time and then back to Morocco DST were not available as of this errata's publication, however. Consequently this mooted exception is not yet included in the tzdata package. * Armenia announced it will abolish local daylight savings time observance. This update reflects this: the Armenian time-zone will not advance an hour on 2012-03-24 as was previously set. * The Falkland Islands announced it will remain on Falklands Summer Time for the rest of 2012 and will likely remain so for future years. This update assumes a permanent summer time for the Falkland Islands until advised differently. * Cuba has delayed the 2012 DST switch by three weeks. Originally set to switch at 01:00 2012-03-11, Cuba will now switch to local DST at 01:00 2012-04-01. The switch back to standard time remains unchanged at 2012-11-13. This update incorporates the delayed DST switch for Cuba. Note: other changes noted in the bug reports referenced above (for example, the changes to Chile’s DST observance for 2012 and 2013) were previously incorporated into the tzdata package.Scientific Linux FermiScientific Linux Fermi 6tzdata-2012b-3.el6.noarch.rpm46198415cede7c98827f9952a45bac3e1957a6394ae56335d617a8c5cc0dbf84tzdata-java-2012b-3.el6.noarch.rpmc4506d4527fe3daf2d40577f43a134e634a036efb1f9aed7b297f578e709f720SLEA-2012:0689-1This update adds the following enhancements: * The following time-zone changes have been added to the zone info database: Haiti entered a period of Daylight Saving Time (DST) on March 11; Gaza Strip, West Bank and Syria entered a period of DST on March 30.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2012c-1.el6.noarch.rpm83d37f235351e73de3445a3e471e02fe64182d53f2c9ce8f237c05fc0bc4cd20tzdata-2012c-1.el6.noarch.rpmbcb179483709e484b6e9377433ac6a57e7e01378270f79638cdfd643718888afSLEA-2012:0760-1* The spice-protocol package has been upgraded to upstream version 0.10.1, which provides a number of enhancements over the previous version, including support for USB redirection.Scientific Linux FermiScientific Linux Fermi 6spice-protocol-0.10.1-5.el6.noarch.rpmbd0a764646a075bff06edd2794e9dc17e2d8b74af6cce0406c56a916fb2c2e59SLEA-2012:0806-2The scl-utils packages provide a runtime utility and RPM packaging macros for packaging Software Collections. Software Collections allow users to concurrently install multiple versions of the same RPM packages on the system. Using the scl utility, users may enable specific versions of RPMs, which are installed into the /opt directory. This enhancement update adds the scl-utils packages to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6scl-utils-20120423-2.el6.i686.rpm7facbe7728eda9efea45f89075268918cb13a2fe730fbae43547fa4c0041ea05scl-utils-build-20120423-2.el6.i686.rpm7eb0ecd373f10a2a637b3a2e185a8958dfaa811531c688fc0ad852388d2ad8a5SLEA-2012:0853-1The usbredir packages provide a protocol for redirection of USB traffic from a single USB device to a different virtual machine then the one to which the USB device is attached. The usbredir package contains a number of libraries to help implement support for usbredir. This enhancement update adds the usbredir package to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6usbredir-0.4.3-1.el6.i686.rpm310e95b047fdc3af4b1794b8e247ec1c00da8b66be695446491ca3dcd24a6b8eusbredir-server-0.4.3-1.el6.i686.rpm49ae3c355ddcf0757674c0164cf9f4513df7bb45407180594584619a11c22529usbredir-devel-0.4.3-1.el6.i686.rpmced38a0b89b86c4a26ee19a43b5d1dd601dcefd4c87021955d79fe40a48fe03bSLEA-2012:0890-1The numad package provides a daemon for NUMA (Non-Uniform Memory Architecture) systems, that monitors NUMA characteristics. As an alternative to manual static CPU pining and memory assignment, numad provides dynamic adjustment to minimize memory latency on an ongoing basis. The package also provides an interface that can be used to query the numad daemon for the best manual placement of an application. This enhancement update adds the numad package to Scientific Linux 6 as a Technology preview. All users who want to use the numad Technology Preview should install this newly-released package, which adds this enhancement.Scientific Linux FermiScientific Linux Fermi 6numad-0.5-4.20120522git.el6.i686.rpmd993369a06eeb6298af9ab311206c339b8eabcb34fd8fb10ba20ef6dd770ba9aSLEA-2012:0903-1This update fixes the following bug: * Previously, Mesa did not recognize Intel HD Graphics chipsets integrated into Intel E3-family processors. Consequently, these chipsets provided limited display resolutions and their graphics performance was low. This update adds support for these chipsets. As a result, the chipsets are recognized by Mesa and perform as expected. In addition, this update adds the following enhancement: * This update adds support for AMD FirePro M100 (alternatively referred to as AMD FirePro M2000), AMD Radeon HD 74xx Series, AMD Radeon HD 75xx Series, and AMD Radeon HD 76xx Series graphics cards, and the AMD FusionA integrated graphics processing unit.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-ati-firmware-6.14.2-9.el6.noarch.rpm395049faee95db42da42a6804b3f1e905af0ee045961b7d46b657b3ff1fb0c77xorg-x11-drv-ati-6.14.2-9.el6.i686.rpm5d4b323b5b85042bec99f0c2cd3a1790268baa03db3d319bc39577423662d20aSLEA-2012:0940-1This update adds the following enhancement: * RandR 1.2 support for G200-based graphics chipsets has been added. It allows dynamic reconfiguration of display settings to match the currently plugged in monitor. This is particularly important on servers, as they often start with no monitor attached, having it attached later in runtime.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-mga-1.4.13-7.el6.i686.rpm6a7a521093f84e976d1299a2e7f02736f8c55971057654625751507ae6cce432SLEA-2012:1101-1This update adds the following enhancement: * Daylight Saving Time will be interrupted during the holy month of Ramadan in Morocco (that is July 20 - August 19, 2012 in the Gregorian Calendar). This update incorporates the exception so that Daylight Saving Time is turned off and the time setting returned back to the standard time during Ramadan.Scientific Linux FermiScientific Linux Fermi 6tzdata-2012c-3.el6.noarch.rpm547dcd5600073bdfd9070985e97f58f3b40cbe2e3ed6138ad3a56602a7625895tzdata-java-2012c-3.el6.noarch.rpme115a4854a345caec9d92c352d40c5b0ab6ffebc01d89c4870a6b488b4562039SLEA-2012:1338-1This update adds the following enhancements: * Daylight saving time in Fiji will start at 2:00 a.m. on Sunday, 21st October 2012, and end at 3 am on Sunday, 20th January 2013. * Tokelau was listed in an incorrect time zone for as long as the Zoneinfo project was in existence. The actual zone was supposed to be GMT-11 hours before Tokelau was moved to the other side of the International Date Line at the end of year 2011. The local time in Tokelau is now GMT+13.Scientific Linux FermiScientific Linux Fermi 6tzdata-2012f-1.el6.noarch.rpm6a51945df5c079921bb7e923e821e0525ee42c37c959994aa8e7b0acd1b71dcbtzdata-java-2012f-1.el6.noarch.rpm143e6caff6b6d7a7b3dc0ca677af47ab34c98f4bc8486a520f05d740765dd9b5SLEA-2012:1471-1This update adds the following enhancement: * An SELinux policy for openshift packages has been added.Scientific Linux FermiScientific Linux Fermi 6selinux-policy-doc-3.7.19-155.el6_3.8.noarch.rpma0741fe1c2d80fb57130d77bf8255635e07e79172e49145279e7bc996ef0b897selinux-policy-minimum-3.7.19-155.el6_3.8.noarch.rpmb5f6ce9ffd30afa949f3a8d111f4281b44ee5700797fbd094a2ff694f6bcfe91selinux-policy-mls-3.7.19-155.el6_3.8.noarch.rpmfe0454df0790cdb2b6f41e55c87b5ca62f788a6b3836e8c1c7ff456f17600566selinux-policy-3.7.19-155.el6_3.8.noarch.rpm8d746f49a69eea66c1c02a678d230c740e00b4b0f7ce3194a53f036eda8d1efeselinux-policy-targeted-3.7.19-155.el6_3.8.noarch.rpm7720accd78faff74cb566909edd1abf5919c88dcc48b07249a6cad1e377b0672SLEA-2012:1473-1The gstreamer-plugins-base packages provide a collection of base plug-ins for the GStreamer streaming media framework. This update adds the following enhancement: * This update adds color-matrix support for color conversions to the ffmpegcolorspace plugin.Scientific Linux FermiScientific Linux Fermi 6gstreamer-plugins-base-devel-0.10.29-2.el6.i686.rpm02e4972eb72dde047252306a293636a315df4e34d8865aa1a4928464d958aca8gstreamer-plugins-base-0.10.29-2.el6.i686.rpme3705f2fd103691627e2a3d03955c994cea6af89f98bd83fe7aa1db157055ba4gstreamer-plugins-base-devel-docs-0.10.29-2.el6.noarch.rpmd8ee7484a49190928c06e61fa0decba24c5349ea174ea042fa0283191a8769e2SLEA-2012:1488-1The tzdata packages contain data files with rules for various time zones around the world. This updated package adds the following time-zone changes to the zone info database: * On October 24 2012, the Jordanian Cabinet rescinded a 2012-10-14 instruction to switch from daylight saving time (DST) to standard time on 2012-10-26. Instead, Jordan will remain on local DST (ITC +3) for the 2012-2013 Jordanian winter. * Cuba, which was scheduled to move back to standard time on 2012-11-12, switched to standard time on 2012-11-04. * In Brazil, the North Region state, Tocantins, will observe DST in 2012-2013. This is the first time Tocantins has observed DST since 2003. By contrast, Bahia, a Northeast Region state, will not observe DST in 2012-2013. Like Tocantins, Bahia stopped observing DST in 2003. Bahia re-introduced DST on October 16 2011. On October 17 2012, however, Bahia Governor, Jaques Wagner, announced DST would not be observed in 2012, citing public surveys showing most Bahia residents were opposed to it. * Israel has new DST rules as of 2013. DST now starts at 02:00 on the Friday before the last Sunday in March. DST now ends at 02:00 on the first Sunday after October 1, unless this day is also the second day of (Rosh Hashanah). In this case, DST ends a day later, at 02:00 on the first Monday after October 2. * The Palestinian territories, which were scheduled to move back to standard time on 2012-09-28, switched to standard time on 2012-09-21. * Although Western Samoa has observed DST for two consecutive seasons (2010-2011 and 2011-2012), there is no official indication of DST continuing according to a set pattern for the foreseeable future. On 2012-09-04, the Samoan Ministry of Commerce, Industry, and Labour announced Samoa would observe DST from Sunday, 2012-09-30 until Sunday 2012-04-07.Scientific Linux FermiScientific Linux Fermi 6tzdata-2012i-2.el6.noarch.rpm154865643e76ca828163015422440bef96f3e595a32e6cc15f2f39fa4faffcf0tzdata-java-2012i-2.el6.noarch.rpmdd2a44cc2342b7596406cf39ef69690f72973942b6c47266f9adb4879b017966SLEA-2013:0182-1The tzdata packages contain data files with rules for time zones. This update adds the following enhancement: * On Nov 10, 2012, Libya changed to the time zone UTC+1. Therefore, starting from the year 2013 Libya will be switching to daylight saving time on the last Friday of March and back to the standard time on the last Friday of October. The time zone setting and the daylight saving time settings for the Africa/Tripoli time zone have been updated accordingly.Scientific Linux FermiScientific Linux Fermi 6tzdata-2012j-1.el6.noarch.rpmfa010955191fa2f0b96a3788e4f64c146c8e6f88198d48b1cb661fb710491056tzdata-java-2012j-1.el6.noarch.rpmd6cc015fdb1dc03093757498290e119cc46bbe007a11f61bd5c37090e31bc5fbSLEA-2013:0289-1The new mtdev package contains a library that converts kernel input events from multitouch protocol A into multitouch protocol B events. Protocol B events provide per-touchpoint tracking which is required by the xorg-x11-drv-evdev and xorg-x11-drv-synaptics packages. This enhancement update adds the mtdev package to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6mtdev-1.1.2-5.el6.i686.rpm9f38cd5440feaf6a0107ec5dfef5714e3163934152ddfb0d557c307e3f3f0bcfmtdev-devel-1.1.2-5.el6.i686.rpmbadb5473fb6395a2a9c22fec39ec2dbdd08d539060ea6b47ee9d93f6672bf614SLEA-2013:0295-1The xorg-x11-drv-acecad, xorg-x11-drv-aiptek, xorg-x11-drv-hyperpen, xorg-x11 -drv-elographics, xorg-x11-drv-fpit, xorg-x11-drv-mutouch, xorg-x11-drv- penmount, and xorg-x11-drv-void packages contain the X.Org X11 input drivers for legacy devices.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-mutouch-1.3.0-4.el6.i686.rpm55904b0aa8337e12a84a5437e928429ec45ab2dff3d22d1ee883a5a3e5f9fd05xorg-x11-drv-mouse-devel-1.8.1-7.el6.i686.rpm19de1583d998f62cf7e4917e11112818489fb6c5fcd44e10d1f5cf2938e18431xorg-x11-drv-acecad-1.5.0-6.el6.i686.rpma34d7b3ffcb1c8a54fcd161d3103f3edb517be896bbad5d0c75a10c399c7a9d3xorg-x11-drv-fpit-1.4.0-5.el6.i686.rpm943a5cade5bf7892bd1dc6fb76a002730bc9ffed2a7372c75959124f42663f9cxorg-x11-drv-void-1.4.0-3.el6.i686.rpm186655cb353a320cee83e53f74ab9369b6c94976123ee071cd0c5fdca236eba2xorg-x11-drv-elographics-1.4.1-2.el6.i686.rpmaeca1b8fda1de230416d8ed3368706bb1bebebbbf393cfe91247ed8215c38e3dxorg-x11-drv-keyboard-1.6.2-7.el6.i686.rpm6979fc32c6968727bf4678a695e9e0853632024a294d4a3148daa3b7d0bc9c86xorg-x11-drv-hyperpen-1.4.1-4.el6.i686.rpm678ee4cfc7b5c56d7707698aced29134cc69f18838448c6fbd0a076bbfb75392xorg-x11-drv-aiptek-1.4.1-4.el6.i686.rpmf661d6a6c59116bd5b89f04408730617aa4ed0f3266173e161d5314fd6e5f6b5xorg-x11-drv-penmount-1.5.0-4.el6.i686.rpm0a82ee3fb76eb7a67fed5db3bf97fb5bff76cb5ebf0dba4c5662ceda56e53dc3xorg-x11-drv-mouse-1.8.1-7.el6.i686.rpm556ec74f4181550e84957907d531563d715231fbdc43889a032acac2330bca8aSLEA-2013:0301-1This update provides new drivers compatible with the new Xorg driver ABI.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-drv-openchrome-0.3.0-3.20120806git.el6.i686.rpmd32bfe2579a7a3ae1044ee0a342d7540aefbe23e85e87e362cd501fc89742c02xorg-x11-drv-sis-0.10.7-2.el6.i686.rpm60f642ad78d923307d13a266a8bb9a3d5badd1ec2f2d841eca32cf5cb37501b1xorg-x11-drv-fbdev-0.4.3-2.el6.i686.rpmb549c48d27ebe2bdc042729fcdf6459c9aab0f7375739ca8506784389f129facxorg-x11-drv-r128-6.9.1-1.el6.i686.rpm224b79214c7eac65c802ad585021e8910e4b293b0cbd61dc9cbd190e189e9181xorg-x11-drv-cirrus-1.5.1-2.el6.i686.rpm5f9462dbab78aa7fe8608c3befcecb0a7a9da15a0704449b1e29df24f0c8151fxorg-x11-drv-siliconmotion-1.7.7-2.el6.i686.rpm07bfad36db460df3a8ff2f7ec034e0d005d4b951c7d0f3300e645a6534ae8143xorg-x11-drv-dummy-0.3.6-2.el6.i686.rpmdb11864ed66e6ac42cda0bcc0f86da2112ed714ae61b01def8c83b3dcf21d51cxorg-x11-drv-geode-2.11.13-1.el6.i686.rpmadbe104c308c7cf188196b92c9526d8add1a8d87c54c72cd8456666a1e509d06xorg-x11-drv-i740-1.3.4-5.el6.i686.rpm8dabebfeb6706241f791e70516c121b57c56e2a9bb60ad32fe7b1c4523b721dfxorg-x11-drv-ast-0.97.0-2.el6.i686.rpm5017a88be9c5501e82c357129125d85a8c9beefa7bb88236cf71cdf369781f30xorg-x11-drv-sisusb-0.9.6-2.el6.i686.rpm23880330f9659744bba374b86157f12105e54ff46239ad927180a72774e31dc4xorg-x11-drv-s3virge-1.10.6-2.el6.i686.rpm23b66cc7f3e9d328de05b268e4e7466bcd71b4dba88392e29ada47b4ce18302axorg-x11-drv-rendition-4.2.5-2.el6.i686.rpmee0b7608bc12c23e67f07bfde037bfca45a72861b2c3fe5b53357c6929676205xorg-x11-drv-v4l-0.2.0-6.el6.i686.rpmd3d2d06125518ec1e3210aa05163c24c8b8b5eed3576556b57efd999c6ec207exorg-x11-drivers-7.3-13.4.el6.i686.rpm059b637415806a107574c4a2bf8f1747be079bc205a12128ce8e7ddf49a4ac71xorg-x11-drv-vesa-2.3.2-4.el6.i686.rpm18e33242dbfa8d579809bf2587b4c116eb48db206ffae3d85b35a78e8c7e6f2axorg-x11-drv-glint-1.2.8-3.el6.i686.rpm722223a0976780e219b40206afc1d7d960dc749885d99e41861f19cc8f2a4292xorg-x11-drv-neomagic-1.2.7-3.el6.i686.rpm71606f135e93d3b4dd89f6b3973b685c81e397fc20ff13b2b49328e3ed73aaa6xorg-x11-drv-mach64-6.9.3-4.el6.i686.rpm3a91a13339c3ec258fcca1b72c18c6ea26b823a796e7ecd24671c55d21846163xorg-x11-drv-openchrome-devel-0.3.0-3.20120806git.el6.i686.rpmac621d8e1c1196f6d0926f7adabede6e33f165c93439fd4bbb9bad0e406fedf7xorg-x11-drv-i128-1.3.6-3.el6.i686.rpmff2d5bb101c2e107faccb55e25c42ad8fa33425f39cd7f8f0fc6037b701124e5xorg-x11-drv-vmware-12.0.2-3.20120718gite5ac80d8f.el6.i686.rpma02d8b7d482fd4e49caaade63d45c76ed5eef69fe4522782daa702f11340424bxorg-x11-drv-tdfx-1.4.5-2.el6.i686.rpmfb5d289207220ce4bbc6717c421448ec7cc9b9a1c6a68e96d5b535733bb9e103xorg-x11-drv-mga-1.6.1-7.el6.i686.rpm59022556ca32a26dddc11f3a283afb9b1e77d368cf46d2bfbb12a9a880523e72xorg-x11-drv-apm-1.2.5-5.el6.i686.rpm239631df1bdcb4285c3dc8c0ea48a6c27ede2a70a1ea0784bbe651c97a4f4dc7xorg-x11-drv-voodoo-1.2.5-3.el6.i686.rpm5fdbb82bc930832b380c4bc8473c25d445a938ac1367ab63acfe6fb826d6e0b6xorg-x11-drv-modesetting-0.5.0-1.el6.i686.rpmd281ef1e8486ebdf423278ab689fb47e2e5ec018d47579821af2def36417195bxorg-x11-drv-savage-2.3.6-2.el6.i686.rpmec754a6e53e846510d3148a7729d6574e8901b9c4958b53e252bb4ad21fc3394xorg-x11-drv-xgi-1.6.0-18.20121114git.el6.i686.rpm675472df5f41efbb1cba00e2161421f138b88396fd89a6480cad2983c8462181xorg-x11-drv-nv-2.1.20-4.el6.i686.rpm176443d2375023337caa8ecdd590545215a9b8105613ff5d10d57f6ffba6e0cexorg-x11-drv-trident-1.3.6-4.el6.i686.rpm94dc4118bc8ae46a5b0ecf55c835c79a29cdd3a782846a97097cd934b787bba2SLEA-2013:0311-1The spice-vdagent packages have been upgraded to upstream version 0.12.0, which provides a number of enhancements over the previous version. This update adds the following enhancements: * The spice-vdagent agent now uses the syslog standard for logging. Syslog provides previously missing information on time stamps and severity marks of the logged events. * With this update, support for dynamic multiple monitors and arbitrary window resolution has been added to the spice-vdagent agent.Scientific Linux FermiScientific Linux Fermi 6spice-vdagent-0.12.0-4.el6.i686.rpmab4246df9a730c1025d13687c9956e9c40674a22ea33b75f46009884766bab3cSLEA-2013:0422-1The libjpeg-turbo packages contain a library of functions for manipulating JPEG images. They also contain simple client programs for accessing the libjpeg functions. These packages provide the same functionality and API as libjpeg but with better performance. This enhancement update adds the libjpeg-turbo packages to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6libjpeg-turbo-1.2.1-1.el6.i686.rpma5af5466e39e84fa3afee8c3cadc8b186718db0cc6c7aaab56b6807511ec1e16libjpeg-turbo-devel-1.2.1-1.el6.i686.rpme2d09e268eced0d7f2f00f28abd681eeda8e9b36ddf565d3f3b12f414b801227libjpeg-turbo-static-1.2.1-1.el6.i686.rpme311cb103f9c86d79aedd0a2b9cb40ffd1446c73ad544d1cbb63e8eea15e2c30SLEA-2013:0615-1This update adds the following enhancement: * The Chilean Government is extending the period of Daylight Saving Time (DST) in the year 2013 until April the 27th. Then, Chile Standard Time (CLT) and Easter Island Standard Time (EAST) will be in effect until September the 7th when switching again to DST. With this update, the rules used for Chile time zones have been adjusted accordingly.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2012j-2.el6.noarch.rpmee15dd91eb00901736c4ad502616f60af59c4867691a85e2ebffe75f15f10daetzdata-2012j-2.el6.noarch.rpmb255e3f709eb23367959eb355415da09e2866081ac453f027304312dffd5d71aSLEA-2013:0674-1This update adds the following enhancement: * Time zone rules of tzdata have been modified to reflect the following changes: The period of Daylight Saving Time (DST) in Paraguay will end on March 24 instead of April 14. Haiti will use US daylight-saving rules in the year 2013. Morocco does not observe DST during Ramadan. Therefore, Morocco is expected to switch to Western European Time (WET) on July 9 and resume again to Western European Summer Time (WEST) on August 8. Also, the tzdata packages now provide rules for several new time zones: Asia/Khandyga, Asia/Ust-Nera, and Europe/Busingen.Scientific Linux FermiScientific Linux Fermi 6tzdata-2013b-1.el6.noarch.rpm5c8483a3f3f09ed1c7a71f69c17c6fbf0a07de8d461db6e3f1eb991ae5fd6bc2tzdata-java-2013b-1.el6.noarch.rpm98cdd67c162b7c43aa73f8add9aff8e34e43319896195150fee1cdbcf42f25efSLEA-2013:0880-1This update adds the following enhancements: * The Gaza Strip and the West Bank entered Daylight Saving Time on March 28 at midnight local time. * Recent change to Daylight Saving rules in Paraguay appears to be perpetual. Transition times in years 2014 and later were updated accordingly. * The Macquarie Island was uninhabited between years 1919 and 1948. This update introduces a new time type with a "zzz" abbreviation, which distinguishes uninhabited regions from the inhabited ones. * The Macquarie Island belongs to Australia. This updated modifies the /usr/share/zoneinfo/zone.tab file accordingly.Scientific Linux FermiScientific Linux Fermi 6tzdata-2013c-1.el6.noarch.rpmc55171abbb0be0f01e4ce42db5b5bd4db2f00a79c560934490c901d5bb779b7ctzdata-java-2013c-1.el6.noarch.rpmc3d0b617f9b8feba9d0e14d43b31cf652cc937d206e3a9a95238108a7277ffadSLEA-2013:1025-1This update adds the following enhancement: * Morocco does not observe DST during Ramadan. Therefore, Morocco is expected to switch to Western European Time (WET) on July 7 and resume again to Western European Summer Time (WEST) on August 10. Also, the period of DST in Israel has been extended until the last Sunday in October from the year 2013 onwards.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2013c-2.el6.noarch.rpmfa0deed56003334e8cea518084e4ea75cfdeb1122b2c6f1bc5fd83d87c7e9978tzdata-2013c-2.el6.noarch.rpm6c5d8e049223dd9648a823ed26698fe48ca58ee560389f1bb81a2bf5cfed9616SLEA-2013:1622-1The glamor module is an open-source 2D graphics common driver for the X Window System as implemented by X.org. It supports a variety of graphics chip sets which have OpenGL, EGL or GBM support. This enhancement update adds the xorg-x11-glamor packages to Scientific Linux 6. The glamor library is provided to support new AMD GPU hardware and can be used by the DDX driver to implement acceleration using the OpenGL driver. Some new hardware, such as AMD HD7xxx Series, needs glamor for acceleration.Scientific Linux FermiScientific Linux Fermi 6xorg-x11-glamor-0.5.0-6.20130401git81aadb8.el6.i686.rpm6f38d4a3085f054b8c4c585ea3978d125bccac2eeed88ce472f641a59f801544xorg-x11-glamor-devel-0.5.0-6.20130401git81aadb8.el6.i686.rpmdc37cf85bcf3a98a09faa58ed72eb85582a2c2cb63bb67af933bb118e2dabf8bSLEA-2013:1626-1The p11-kit package provides a mechanism to manage PKCS#11 modules. The p11-kit-trust subpackage includes a PKCS#11 trust module that provides certificate anchors and black lists based on configuration files. This enhancement update adds the p11-kit packages to Scientific Linux 6. * Scientific Linux 6.5 provides the p11-kit package to implement the Shared System Certificates feature. If enabled by the administrator, it ensures system-wide trust store of static data that is used by crypto toolkits as input for certificate trust decisions. These new packages had several bugs fixed during testing: * Support for using the freebl3 library for the SHA1 and MD5 cryptographic hash functions has been added even though the hashing is done in a strictly non-cryptographic context. * All file handles opened by p11-kit are created with the O_CLOEXEC flag, so that they are automatically closed on the execve() function and do not leak to subprocesses. * When expanding the "$HOME" variable or the "~/" path for SUID and SGID programs, the expand_home() function returns NULL. This change allows for avoiding vulnerabilities that could occur if SUID or SGID programs accidentally trusted this environment. Also, documentation concerning the fact that user directories are not read for SUID/SGID programs has been added. * Users need to use the standard environment $TMPDIR variable for locating the temp directory. * If a critical module fails to initialize, module initialization stops and the user is informed about the failure. * The p11_kit_space_strlen() function returns a "0" value for empty strings. * Arguments of the size_t variable are correctly passed to the "p11_hash_xxx" functions. * Changes in the code ensures that the memdup() function is not called with a zero length or NULL pointers.Scientific Linux FermiScientific Linux Fermi 6p11-kit-0.18.5-2.el6.i686.rpm9a135699dd66ffd6950bcf20101fedde6b22bb77f5f173b682671183cc931458p11-kit-trust-0.18.5-2.el6.i686.rpm6eced11892fe0ef97b87be6e6daca7d3d912ac151d761fe7a4b69d0a8aeabc1cp11-kit-devel-0.18.5-2.el6.i686.rpm4f1f2cfa321d08a373e85de21381f1df28f8089c473502073cdd42347f94893eSLEA-2013:1867-1This update adds the following enhancement: * The Jordanian government has reversed its decision to observe daylight saving time (DST) all year and in the year 2014, Jordan is going to resume to the transition schedule from the years 2006 - 2011. This year, Jordan will switch back to Arabia Standard Time (AST) at 00:00 on December the 20th.Scientific Linux FermiScientific Linux Fermi 6tzdata-2013i-1.el6.noarch.rpm8d55bb056778b7a83b08c9cf4d09f199f4bf1093dd51c89b57e1e527715858a1tzdata-java-2013i-1.el6.noarch.rpm2a9f6269252007b92189e67bdd38a707e64d9971d53cef86d5904da0df8e1ed0SLEA-2014:0338-1This update adds the following enhancement: * Crimea is switching to the Moscow time zone on March 30, 2014 at 2 a.m. local time. The respective tzdata rules have been updated to reflect this change.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2014b-1.el6.noarch.rpma5f17cd6dbfbb30019ba96d9e5ecc3e4f09b4fa845cbd06c02042822b56c0da4tzdata-2014b-1.el6.noarch.rpm62c967a22c99218e9d2a1f6ed134d34e31545e48ccfaf4ef3bfbd9696b488780SLEA-2014:0774-1The following two changes are included in this update: * Based on the official government announcement, Egypt's 2014 Ramadan-based transitions were updated to June 26 and July 31 at 24:00. * Morocco's Ramadan transitions were also updated to June 28 at 03:00 and August 2 at 02:00.Scientific Linux FermiScientific Linux Fermi 6tzdata-2014e-1.el6.noarch.rpme7594caece58b527a2fb8c7f0c6e2d11b83ede335c219940ef5db26085b97867tzdata-java-2014e-1.el6.noarch.rpmb766c33f343849d098108522f6be692208bce48af4fdfc0ea8cc7710f886e27fSLEA-2014:1105-1The libvpx packages have been upgraded to upstream version 1.3.0, which provides new functions for Mozilla Firefox 31 on Scientific Linux 6, as well as a number of other enhancements over the previous version. After installing the update, all applications using libvpx must be restarted for the changes to take effect.Scientific Linux FermitrueScientific Linux Fermi 6libvpx-1.3.0-5.el6_5.i686.rpmc9b19db5d18f5a5c3acae1fdb5b1f45739be4a2afd903e3ceb2befbb4f311f8alibvpx-devel-1.3.0-5.el6_5.i686.rpmbb07f70f65fa12ab35ef2a25d2583e86a69230d862c686aa6ec8515c04985eb3gstreamer-plugins-bad-free-0.10.19-3.el6_5.i686.rpm6ab41fd5ec163988745112d08befdc6ce92b499673002be5d191f9da283efcdblibvpx-utils-1.3.0-5.el6_5.i686.rpm94a19b069c79e25095c0c6ec8698665ecbbc6252393a25b8100343394e36e249gstreamer-plugins-bad-free-extras-0.10.19-3.el6_5.i686.rpm3d4e2007487606676f678ea967761d479287805bdcfad8e12068a8a896684d5bgstreamer-plugins-bad-free-devel-docs-0.10.19-3.el6_5.i686.rpm77b53af6d5074ea619d937108111f0570e98ddd8b70be6575375503a793867f3gstreamer-plugins-bad-free-devel-0.10.19-3.el6_5.i686.rpmdc670fbd0659c2fccb8e1198657e86a50499451fee547ee585bab3fbec8ab803SLEA-2014:1242-1This update adds the following enhancements: * The tzdata-java sub-package now includes time zone data in format compatible with OpenJDK 8. It is available in the /usr/share/javazi-1.8/tzdb.dat file. This data is used by OpenJDK 8 packages to keep up-to-date with the system time zone data updates. Note that the new format requires OpenJDK 7 to be installed for the rebuild of the tzdata package, otherwise the rebuild will fail. To workaround this problem, a new build option '--without java7' has been introduced to the rpmbuild command. This option can be used to rebuild tzdata on systems without OpenJDK 7 support. However, the tzdata packages rebuilt with the 'rpmbuild --without java7' command will not include OpenJDK-8-compatible data that is present in the original RPM packages. * Effective from October 26, 2014, 2 a.m., Russia returns to using the standard "winter" time. Also, Russia will now be divided to 11 time zones. The tzdata database and rules have been updated to reflect these changes.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2014f-1.el6.noarch.rpm9355c290af67e036eeab66d4298b2bcef6f568a81f168dd931be3344d677322btzdata-2014f-1.el6.noarch.rpmdae9841ce72a8f5b7adfe134e072245019fd35250c44917e9572eda9bed84754SLEA-2014:1253-1This update contains all the changes implemented in tzdata-2014g, including the following enhancement: * Effective from November 02, 2014, 2 a.m., Turks and Caicos Islands are switching from US Eastern time to UTC-4 year-round, modeled as a switch from EST/EDT to AST.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2014g-1.el6.noarch.rpm600026470990f2cbd5530c25484203b15b1042af3706dcb1af4572a5c819c012tzdata-2014g-1.el6.noarch.rpm39fe9e08ead7f7b8f2f320bb1a82792271dc212768683fb985e0565b83353a34SLEA-2014:1431-1TagSoup is a SAX-compliant HTML parser written in Java. This enhancement update adds the tagsoup package to Scientific Linux 6. All users who require tagsoup are advised to install this new package.Scientific Linux FermiScientific Linux Fermi 6tagsoup-javadoc-1.2.1-8.el6.noarch.rpme7bc98b4178c5f0965bc4dd6a907d9117e08a0d29c320166a0a057d3e846a506tagsoup-1.2.1-8.el6.noarch.rpm207e815defc8fdbcf31469362f1f18b38473c817a4a23e3254fec4b40af4ea6bSLEA-2014:1433-1The Caladea font family is metric-compatible with the Cambria font. Caladea is a serif typeface family based on the Lato font. This enhancement update adds the google-crosextra-caladea-fonts package to Scientific Linux 6. All users who require google-crosextra-caladea-fonts are advised to install this new package.Scientific Linux FermiScientific Linux Fermi 6google-crosextra-caladea-fonts-1.002-0.3.20130214.el6.1.noarch.rpma6035c81792d1a5c5fbe9c78543be7c9f3fdc666c1a02b6a5eb72958afbc32beSLEA-2014:1434-1The google-crosextra-carlito-fonts package provides the Carlito font family. Carlito is metric-compatible with Calibri font. Carlito comes in regular, bold, italic, and bold italic faces. The family covers Latin- Greek-Cyrillic (not a complete set, though) with about 2,000 glyphs. It has the same character coverage as Calibri. This font is sans-serif typeface family based on Lato. This enhancement update adds the google-crosextra-carlito-fonts package to Scientific Linux 6. All users who require google-crosextra-carlito-fonts are advised to install this new package.Scientific Linux FermiScientific Linux Fermi 6google-crosextra-carlito-fonts-1.103-0.1.20130920.el6.1.noarch.rpmc21724bf7bb470656bcc91a7c6cb36fe943c200d30c94f56116d9653547163b5SLEA-2014:1501-1The libestr packages contain the string handling essentials library used by the Rsyslog daemon, and is required by the rsyslog7 package. This enhancement update adds the libestr packages to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6libestr-0.1.9-2.el6.i686.rpm074cd07206f6923a8c3921fd33c40a3b58416740b998fa59f2dc851f53621558libestr-devel-0.1.9-2.el6.i686.rpme2d3e227ea7e160eeb235f312157b969912115d72e5ff7e2754a7cd49b2bd927SLEA-2014:1514-1The mod_auth_mellon packages provide the mod_auth_mellon module that is an authentication service implementing the Security Assertion Markup Language (SAML) federation protocol version 2.0. It grants access based on the attributes received in assertions generated by an IDP server. The lasso packages provide the Lasso library that implements the Liberty Alliance Single Sign On standards, including the SAML and SAML2 specifications. It allows handling of the whole life-cycle of SAML-based federations, and provides bindings for multiple languages. The xmlsec1 packages provide XML Security Library, a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards "XML Digital Signature" and "XML Encryption". This enhancement update adds the xmlsec1, lasso, and mod_auth_mellon packages to Scientific Linux 6 in order to provide SAML Service Provider support in the Apache HTTP server.Scientific Linux FermiScientific Linux Fermi 6xmlsec1-nss-devel-1.2.20-4.el6.i686.rpm2f15ef81667cf852ee15813883d09354af7e9c2513d35d64cf1cc3e04845b4b4xmlsec1-1.2.20-4.el6.i686.rpm834bfdb2411ed3ccfcf6aef5d6db771eb9999c451ee8cc1207c4f586ba8e3f15lasso-python-2.4.0-5.el6.i686.rpm941fe9c0a0cbdb582afcf34f72850f6e4558c526f57001abc906fad61b9d153fxmlsec1-gcrypt-1.2.20-4.el6.i686.rpm3bbeca27d36e4c3d73da790dd4d6f34b36dc2b7ba6764aa1fbf626465a8749e9xmlsec1-gcrypt-devel-1.2.20-4.el6.i686.rpm127f13fad840cc802dbe575a43330dc830742111013241f17e68d2e83ee31333xmlsec1-gnutls-1.2.20-4.el6.i686.rpmff12aadb6787aa024fede6a9b7ce37c10cbe35a9463dfd0c0ac61afc03282f19xmlsec1-devel-1.2.20-4.el6.i686.rpmb3a40e2c872e207c43d39f8c1655bcbfbd419e9a51999da009620d07f990988axmlsec1-openssl-devel-1.2.20-4.el6.i686.rpmbcf2a25efcc0e1c571600baecce3d437f983987e636f8cd82ae1f8bedc6a9b54xmlsec1-nss-1.2.20-4.el6.i686.rpm259753ba0a38fdd7f85c0041d904fd85eeff3d21962a16b0e9018c79009813fdxmlsec1-openssl-1.2.20-4.el6.i686.rpm00e11d21d781b705e381773aaaaaa2781159bcd12949a5e1fee7bcdaed867ac9lasso-devel-2.4.0-5.el6.i686.rpm9b4d042cfa3fa315e02d76b5c20d94c30f829857a2e0e39bb1cf6f3443e91fcclasso-2.4.0-5.el6.i686.rpmfba5a4ed20cabc38febf83493688e9b7ec07da75a79c1c3d6377d67dab530723xmlsec1-gnutls-devel-1.2.20-4.el6.i686.rpm8744a3bc77f1a30c87e764901d6098cfe15b615e616f968b46d573e9603ec15bSLEA-2014:1530-1JSON-C implements a reference counting object model that allows users to easily construct JavaScript Object Notation (JSON) objects in C, output them as JSON formatted strings and parse JSON formatted strings back into the C representation of JSON objects. This enhancement update adds the json-c packages to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6json-c-doc-0.11-11.el6.noarch.rpmc43908ad5b7a495c3cb64a5f0df4d6570e37df132df079946acc6337d401067bjson-c-devel-0.11-11.el6.i686.rpm5e988cde52f3f336d7068ff3e0716f724e89781ceb18f65ff5458b1721e255cbjson-c-0.11-11.el6.i686.rpm3b2011d6a1592a6624e3f1a769a6d4402d8626530da1a3f67cd68c03a8dcbaf6SLEA-2014:1673-1YAML is a data serialization format designed for human readability and interaction with scripting languages. PyYAML is a YAML parser and emitter for Python. This enhancement update adds the PyYAML packages to Scientific Linux 6 to resolve an upgrade dependency problem with libyaml.Scientific Linux FermiScientific Linux Fermi 6PyYAML-3.10-3.1.el6.i686.rpmf455c34b82dd311b43427873851087aca7ec98124348b41f132f27a607e7c62eSLEA-2015:0141-1* Time reckoned by Earth's rotation drifts away from atomic time because of irregularities in the Earth's rate of rotation. For this reason, on 30 June 2015 at precisely 23:59:59, a leap second will be inserted (23:59:60), which will be followed by 00:00:00 the next day.Scientific Linux FermiScientific Linux Fermi 6tzdata-2015a-1.el6.noarch.rpmbc6099b0b187aa37ef92ecaf0ba9828061d3db2bb26e36d544c3b436cbf2428atzdata-java-2015a-1.el6.noarch.rpm5419f538519617cb58a4540a31c74b39a756811eec93e1635c4dadaabb3438ffSLEA-2015:0717-1This update adds the following enhancements: * With this update, several changes have been made to the scheduling of Daylight Saving Time (DST) in the tzdata packages: - Mongolia will start observing DST again this year, from the last Saturday in March at 02:00 to the last Saturday in September at 00:00. - Palestine will start DST on March 28, not March 27. - The fall 2014 transition has been corrected from September 26 to October 24.Scientific Linux FermiScientific Linux Fermi 6tzdata-2015b-1.el6.noarch.rpme9e4b26ca2f93db349664b7d52d360ec774ca260c589236b56c83bc62693e275tzdata-java-2015b-1.el6.noarch.rpm22757909ebe7ac306e01680275d941b85c7ffc4281bb3284b7269fd396754730SLEA-2015:0855-1This update adds the following enhancements: * Egypt will start observing Daylight Saving Time (DST) at 24:00 on the last Thursday in April instead of 00:00 on the last Friday in April. In 2015, the transition will therefore take place on Thursday, April 30 at 24:00. Similar changes apply to years 2026, 2037, 2043, and subsequent years in which April 30 falls on a Thursday.Scientific Linux FermiScientific Linux Fermi 6tzdata-2015c-2.el6.noarch.rpmabc6fe5f8539cbb3f85602d1d20b118e6afc840ec83ea9eae202828a73b55b77tzdata-java-2015c-2.el6.noarch.rpm7d5a2105c6568553a0f6d0949f09ef30f87fd451d23403bde7b23590545e8e97SLEA-2015:0913-1This update adds the following enhancement: * Egypt will not observe daylight saving time (DST) in 2015. Potential suspension of the daylight saving system in Egypt for the following years is under consideration.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2015d-1.el6.noarch.rpmdd500c12f353504c1d2b2666b4231b738025136ac0d353e3e457a6981623a16ftzdata-2015d-1.el6.noarch.rpm55eeec584e0fd8fc1c55f0a5d172167effda68b837c8773ff93066b63cec158dSLEA-2015:1302-1The elfutils packages have been upgraded to upstream version 0.161, which provides a number of bug fixes and enhancements over the previous version. The most notable new features are: * The eu-stack utility supports showing inlined frames and it is now able to produce backtraces even for processes that might have some of their on- disk libraries updated or deleted. * Improved DWZ compressed DWARF multi-file support with new functions, "dwarf_getalt" and "dwarf_setalt", has been introduced. * Support for ARM 64-bit architecture and Scientific Linux for POWER, little endian has been added. * The libdw library now supports LZMA-compressed (.ko.xz) kernel modules. * Support for ".debug_macro" has been added; new functions has been introduced: "dwarf_getmacros_off", "dwarf_macro_getsrcfiles", "dwarf_macro_getparamcnt", and "dwarf_macro_param". * New GNU extensions to the DWARF format are now recognized. * New functions have been added to the libdw library: "dwarf_peel_type", "dwarf_cu_getdwarf", "dwarf_cu_die", "dwelf_elf_gnu_debuglink", "dwelf_dwarf_gnu_debugaltlink", "dwelf_elf_gnu_build_id".Scientific Linux FermiScientific Linux Fermi 6elfutils-libelf-devel-static-0.161-3.el6.i686.rpmbedfb8fea5f371ac248424a4d8f785dc77be8f44bdefa79a7db19b0c256c4272elfutils-libs-0.161-3.el6.i686.rpm0b851fcd6c65ed78d601e818d27f22505c3950756ce7bc3e0f70028d85c5d949elfutils-libelf-0.161-3.el6.i686.rpm68189d3c40de550e24593956a2d9ede39d3803b00a56314a8399ea962b36d8b2elfutils-0.161-3.el6.i686.rpm5177d049088e7eca8f8257de0b709dd2f6d93beadfe6927a9a36a620504974d2elfutils-devel-static-0.161-3.el6.i686.rpm2b4fcb2f9782ec97ac6e48fd2a6ee701b62b0f3456d5bfe4ba8d2a3a1ce2469belfutils-devel-0.161-3.el6.i686.rpm8bf9bc4f121cadeb9563b5f7cb61664f65f1ff8b22a9841ba46619d7a80f4785elfutils-libelf-devel-0.161-3.el6.i686.rpm682a3779677aedf54cb60ee9f46747a0ecd34508ec2669ee4b560ab06af586faSLEA-2015:1418-1The python-requests package contains a library designed to make HTTP requests easy for developers. This enhancement update adds the python-requests package and its dependencies to Scientific Linux 6. The following packages are now available from the base channels in Red Hat Network: python-requests, python-chardet, python-urllib3, python-six, python-backports, and python- backports-ssl_match_hostname.Scientific Linux FermiScientific Linux Fermi 6python-backports-1.0-5.el6.i686.rpm9d5e42e5f3d6bdac6e1790562d365a3b87bc7db435710db2701d5dcfcd108ef8python-chardet-2.2.1-1.el6.noarch.rpme61aed0525cfb5a85559bb96c894a3246deff72a0e88539fc82f2e6743a88540python-backports-ssl_match_hostname-3.4.0.2-2.el6.noarch.rpm4812a54059a968073f282743c48e2662e007e0f11e2e129eab88b62e7a6ef549python-six-1.9.0-2.el6.noarch.rpm408be05e77a6a777b0a95509900bd05beb9ae03a8369a6ddd0ad4da8de1c5972python-urllib3-1.10.2-1.el6.noarch.rpmf17d31e9a61a0259095d1128748113362d88800396281cf052b29b8a262caf20SLEA-2015:1420-1The clufter packages contain a tool for transforming and analyzing cluster configuration formats. Notably, clufter can be used to assist with migration from an older stack configuration to a newer one that leverages Pacemaker. The packages can be used either as a separate command-line tool or as a Python library. This enhancement update adds the clufter packages to Scientific Linux 6.Scientific Linux FermiScientific Linux Fermi 6clufter-lib-ccs-0.11.2-1.el6.noarch.rpm272f790d0d5e00ec509299c15526d1a1aaf7fa52ea0e928d7adc577fb93c6bf6clufter-lib-general-0.11.2-1.el6.noarch.rpmbe3eace04a8aa87a281f0cfe2f900baee8e68c8dd05552ee8fafdeca4113e6faclufter-cli-0.11.2-1.el6.noarch.rpm222280ed3396d2525cf739891638cb183c3fe547c17396406e0e699539c02e13python-clufter-0.11.2-1.el6.i686.rpm26deb9d07a72883a268ccf53d68936ba434a55a2e1e48b8766408a0b8ccaf0b3clufter-lib-pcs-0.11.2-1.el6.noarch.rpm9fd13d621a2d38a4b3cc705ebe9ed280e94f1e8b5dc6f51c92a7ea75eab55fe9SLEA-2016:0154-1The tzdata packages have been upgraded to upstream version 2016a, which provides a number of bug fixes and enhancements over the previous version, notably: * Prior to this update, an incorrect assumption was made about the daylight saving time (DST) in the America/Cayman time zone this year, which was reflected in the code. The mentioned time zone will not have DST this year. To the previous change has been reverted. * The Asia/Chita time zone switches from +0800 to +0900 on 2016-03-27 at 02:00. This change has been implemented. * The DST predictions for the Asia/Tehran time zone for the year 2038 and later are now March 21 00:00 to September 21 00:00. This premise has been implemented. This update also fixes the following bug: * Starting from 2027, the Java timezone generation tool would incorrectly calculate the Africa/Casablanca time transitions. This bug has been fixed, and the tool will calculate these transitions correctly. In addition, this update adds the following enhancement: * At present, in Scientific Linux 6, the /etc/localtime file is not preserved across package updates even when it is a symbolic link. This tzdata version contains preparatory work to support preserving /etc/localtime across package upgrades if it is a symbolic link. Currently, this change is inactive, and the time zone must still be configured through /etc/sysconfig/clock. The change will be supported by a future glibc update.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2016a-2.el6.noarch.rpmbba8d1909e232f74c9cad62d92cb6568455e4a9d045cd4bec3f6ec346eeb2b9atzdata-2016a-2.el6.noarch.rpme1d39ca6635d12b5aff96c9a3bb54e77e498925f25448ad99d75fae7c93d4b46SLEA-2016:0463-1The tzdata packages have been upgraded to upstream version 2016b, which provides a number of enhancements over the previous version, notably: * This update introduces a number of new time zones for several regions in the Russian Federation, which will switch time on 2016-03-27 at 02:00 local time: - The Europe/Astrakhan time zone for Astrakhan Oblast, which will switch from UTC +03 to +04. - The Europe/Ulyanovsk time zone for Ulyanovsk Oblast, which will likely switch from UTC +03 to +04. - The Asia/Barnaul time zone for Altai Krai and Altai Republic, which will likely switch from UTC +06 to +07. * This update takes into account that the Asia/Sakhalin time zone will switch from UTC +10 to +11 on 2016-03-27 at 02:00 local time. * This update takes into account that Haiti will not observe the Daylight Saving Time (DST) in 2016. * This update takes into account that Palestine's spring-forward transition will happen on 2016-03-26 at 01:00 local time, not 00:00.Scientific Linux FermiScientific Linux Fermi 6tzdata-2016b-1.el6.noarch.rpm26296b31c8b0e451708f41b9a3e362571c26063ce3a57633f8d9e150f85c46c3tzdata-java-2016b-1.el6.noarch.rpm4abf62bca3d1ebc962b35ca1a598646cce860847193eda4a2007458d072567b4SLEA-2016:0517-1This update adds the following enhancement: * This update takes into account that Azerbaijan will no longer observe Daylight Saving Time (DST), and that Chile changes from permanent DST to seasonal DST.Scientific Linux FermiScientific Linux Fermi 6tzdata-2016c-1.el6.noarch.rpm39d9fd02578d12c1313cda546d1e6c41265b4aa9c28307f85c57c11aaf9af9cbtzdata-java-2016c-1.el6.noarch.rpm6d4520750b9862f77c975a3211c1ba52ea2e5c8aa3dc7361aa5ab629231c8f80SLEA-2016:0635-1This update introduces changes to the SELinux Samba policy that are required to make the smbcontrol utility from Samba version 4.2 work correctly. This update should be installed after installing updated samba packages from SLSA-2016:0618 (SL 7.1 EUS) or updated samba4 packages from SLSA-2016:0612 (SL 6) or SLSA-2016:0620 (SL 6.2, 6.4, and 6.5 AUS; SL 6.6 EUS).Scientific Linux FermiScientific Linux Fermi 6selinux-policy-doc-3.7.19-279.el6_7.9.noarch.rpm327b96686ea5f77a5954cf86a60bdba540bac1d8be5b6e0821bc83f5e73aef62selinux-policy-3.7.19-279.el6_7.9.noarch.rpm622539abb6ce9b7c0eb86c7d53fb1799a6ca98324aa0dc427f3bc672503c56efselinux-policy-minimum-3.7.19-279.el6_7.9.noarch.rpm6bfee119272be3f929c40071c5ec08076bcf60de42a8de02a628863698f0aed1selinux-policy-mls-3.7.19-279.el6_7.9.noarch.rpme3af18e6ba7162eb95d256a791ee02707f1d733461aa4caf97378a9e96bf9189selinux-policy-targeted-3.7.19-279.el6_7.9.noarch.rpm21be5699b0c9781135ce664ec567e6e3cf9cb3f5bdf4b3f1c49091ee48dff4d9SLEA-2016:0683-1This update adds the following enhancements: * Asia/Magadan will switch from UTC+10 to UTC+11 on April 24, 2016 at 02:00. * America/Caracas will switch from UTC-0430 to UTC-04 on May 01, 2016 at 02:30. * New zone Asia/Tomsk, split off from Asia/Novosibirsk. It covers Tomsk Oblast, Russia, which will switch from UTC+06 to UTC+07 on May 29, 2016 at 02:00.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2016d-1.el6.noarch.rpmb72e66822289ec86634a58254c10abbf736bd689dfa8d4a55f3ec82ff9469230tzdata-2016d-1.el6.noarch.rpm3a7d2866fe4e8248ab873f448c080c24a6b72883797e54dd1e772acbd9f53e49SLEA-2016:0812-1Mesa provides a 3D graphics API that is compatible with Open Graphics Library (OpenGL). It also provides hardware-accelerated drivers for many popular graphics chips.Scientific Linux FermiScientific Linux Fermi 6libdrm-devel-2.4.65-2.el6.i686.rpm1148dc0813a83ac46909b98b22ab780628e2ada944aa769c7e7515e3eaa11a34glx-utils-11.0.7-4.el6.i686.rpm7c6d8d7dbe1dbbbe1ea65a3102dc05182dfdc46613186c4171a24e4a18ad878bmesa-libOSMesa-11.0.7-4.el6.i686.rpmaa9e24ac6893c70cfd04323daaae225def45ada0f050ab74045ffe679db7ace0mesa-dri-filesystem-11.0.7-4.el6.i686.rpmf4c49e4e3f28664485d921575be3e48697807c8f33be99b5428b34ef57f34100mesa-libGL-11.0.7-4.el6.i686.rpm15dc9a4a8b66c187c723a49df2bb82827f5db5e949962ab83ed3dd95113e80a9mesa-libEGL-devel-11.0.7-4.el6.i686.rpm8a74ac52ddb93b4b5ed97d30a3b9894de230b2dbd61c8ed0d036807b89711c74mesa-libxatracker-11.0.7-4.el6.i686.rpm70d8a52ed86afe2d61a968536425227fa51c5f3d7d41e946fa311a79b3e73309mesa-libEGL-11.0.7-4.el6.i686.rpm953f58e9b628f0bc46ac7870557f65d9217066680c298ac181060687d4b516d5mesa-private-llvm-devel-3.6.2-1.el6.i686.rpm4e36f3e61d42b21d019d99a90c870196f1ba26cc49f2505ec6e9f53fa9ce0e40mesa-libgbm-devel-11.0.7-4.el6.i686.rpma97374b3d10655f6717a8775c43acf5623a37716fd3b4a552c5a4e4259067d08mesa-demos-11.0.7-4.el6.i686.rpm67fdba0194f7b8419d1e27468fde765800df6ce5bc513b160c0986c266a49081libdrm-2.4.65-2.el6.i686.rpmb743e8450c88b270fbba3511486c873722199d4142d196195afd96417c4cc16emesa-libGLU-devel-11.0.7-4.el6.i686.rpm0ecee5f18793088f9ce6321e11c8f3c6a7939f7e0766c52e95548f280f739ee6mesa-libGLU-11.0.7-4.el6.i686.rpm26b3f41dd43f0cf64823dc225a42375f7018755f9a7d8620490b7bce31416f4amesa-dri-drivers-11.0.7-4.el6.i686.rpmc3f6de4cc46d99051366f1010e9ed561c914084eb28e2e67b657d1d744d08a8bmesa-private-llvm-3.6.2-1.el6.i686.rpm0d9e98a0430aa7a9767186725d58cdb802159a3eda631fc919167ee963005cdemesa-libGL-devel-11.0.7-4.el6.i686.rpmca23018c4cb38d518ad8602c202909c19b6aa04802e9ad4ccf44fdc0aa36ae1fmesa-libxatracker-devel-11.0.7-4.el6.i686.rpm9c5adf09981c315f0d85d711956eaf7ebbeae1b7bfe09e119e50c3f6b89fc6e4mesa-libgbm-11.0.7-4.el6.i686.rpm683cab64e80872b1dbcf73fec8deb0012e313ea8f554090f87640460424916aamesa-libOSMesa-devel-11.0.7-4.el6.i686.rpm914cbee17d4554b5361c52dda775405909c52cc961959c4f2c3ad311fcf8fb2dSLEA-2016:0839-1The python-urlgrabber package provides a high-level cross-protocol url- grabber for the Python programming language. The url-grabber allows Python scripts to fetch data using the HTTP and FTP protocols, as well as from a local file system.Scientific Linux FermiScientific Linux Fermi 6python-urlgrabber-3.9.1-11.el6.noarch.rpm4d05a440e1ca6282252428478bedffed01637d8c0e918734c817aae27ac9dab0SLEA-2016:0871-1The libevdev packages contain a library to wrap kernel evdev devices and provide a proper API to interact with those devices.Scientific Linux FermiScientific Linux Fermi 6libevdev-utils-1.4.5-2.el6.i686.rpm2f50b9ca168e0b339f818bfe1d80ee1a84009e9ea6f3618fad017d7edbc071f1libevdev-devel-1.4.5-2.el6.i686.rpmeb07f6a9e0e3b0e8191f7462ce10218d03c3380706a68d568a5e9d6d64367906libevdev-1.4.5-2.el6.i686.rpmfd97fabaddebacd5760e7459f731528d0c67345d9e8b6017062e2cb3032fcf4bSLEA-2016:0879-1The ldns packages contain a library with the aim to simplify DNS programming in C. All low-level DNS/DNSSEC operations are supported. A higher level API has been defined which allows a programmer to, for instance, create or sign packets.Scientific Linux FermiScientific Linux Fermi 6ldns-doc-1.6.16-7.el6.2.noarch.rpm0424b3b5d6649620d3fcda1eeab394b58af1cf2933637246ace4781aa1f41de9ldns-1.6.16-7.el6.2.i686.rpmfc1e2c0cb9c8c065f142af15b87a199b3cec252993d2c74dffa8c606bd557d25ldns-devel-1.6.16-7.el6.2.i686.rpm6337f4541d1cf4cb0ea63b653e1eb4989e5fecff1e8aa2c0a196822e70664715ldns-python-1.6.16-7.el6.2.i686.rpm6130d309cb08dc3138414df64de5424de83039e7f96a18d43b1f2d3b3f7bfaf6SLEA-2016:1388-1Prior to this update, the data files provided by the tzdata package reflected the Egyptian government's plan to transition to daylight saving time (DST) on July 7, but the Egyptian government canceled the planned transition. This update provides tzdata data files that reflect the change of plans, and will thus provide correct time zone information. This update also includes a time zone transition for Asia/Novosibirsk from +06 to +07 on 2016-07-24 at 02:00.Scientific Linux FermiScientific Linux Fermi 6tzdata-2016f-1.el6.noarch.rpm1dcd62e1849aaa713a6810fd035249ee87bbce7699b999c7cd3c191a623160fatzdata-java-2016f-1.el6.noarch.rpm90bafdab03dd8bfc164b11cdab3460f3f871e41ccc991d08e489d1c43048eb06SLEA-2016:1982-1The tzdata packages have been upgraded to upstream version 2016g, which provides a number of enhancements over the previous version, notably: * This update takes into account that Turkey will not transition out of the DST (+03) time zone on 2016-10-30. * A new leap second will be added on 2016-12-31 23:59:60 UTC, as specified in the IERS Bulletin C 52.Scientific Linux FermiScientific Linux Fermi 6tzdata-java-2016g-2.el6.noarch.rpmf05a0748d6094749a630ee15fb572c95f69131b501c01d55aa2f247778b0899atzdata-2016g-2.el6.noarch.rpmbe4a9bed9b24b583eaa5f179d6d2670f34c52244837220e77990c3d9aca354a0SLEA-2016:2832-1The tzdata packages have been updated as follows: * The Saratov region of Russia will transition from UTC+03 to UTC+04 on 2016-12-04, resulting in a new time zone Europe/Saratov.Scientific Linux FermiScientific Linux Fermi 6tzdata-2016j-1.el6.noarch.rpm19166b1b76c7f8f8fe6270bc8f4c1cc2240448a3a12f174c5f8b9c2810bf814ctzdata-java-2016j-1.el6.noarch.rpmaae05e4f273d56b65a995ee9b66f365e8d131e51137efb4444c2a3bb8368c55fSLEA-2017:0671-1Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications.Scientific Linux FermiScientific Linux Fermi 6nspr-4.13.1-1.el6.i686.rpm31ad93d87ec3d49c3aa20d7e249e6f98da687e2be9d77897411065ebb8b29b42nspr-devel-4.13.1-1.el6.i686.rpmf4f309881bfa4c15f55c075b10b0d60f6f082d5c22d2cde509933553ee3e93cbSLEA-2017:0890-1The nss-util and nss packages have been upgraded to upstream version 3.28.3, which provides a number of bug fixes and enhancements over the previous version.Scientific Linux FermiScientific Linux Fermi 6nss-sysinit-3.28.3-3.el6_9.i686.rpm9a5a85ceea1504001f1c259b66f85da82242fb54fa68a13ef4be8fc692b60bc9nss-pkcs11-devel-3.28.3-3.el6_9.i686.rpm8697078f567eaa7fc24ca4ceeb358539f0e7f4aa8b677907c8280596d7468b72nss-util-devel-3.28.3-1.el6_9.i686.rpm14d4aa8a9db94e6f7e6d602ca7035bcdc0af923dfdae46ed5ede9c30802f277bnss-tools-3.28.3-3.el6_9.i686.rpma3b687efc9ed489015d3a3f5bdbe60553327f59fb2621cd6e539bb0d649d2aabnss-devel-3.28.3-3.el6_9.i686.rpmae63529e5db2fa9582131bbbb98bc449442e2786a033b39266cab1c9eec334a4nss-3.28.3-3.el6_9.i686.rpm7cc5549f4579ec949595a04218a940b1a374e06b548b560adad9a037f3ae00f5nss-util-3.28.3-1.el6_9.i686.rpm960d21d2f16a920a6a6e211873eb94ea1c1f92daf866d3b750b5bf7fcd17f972SLEA-2017:3052-1* Sudan will switch from UTC+03 to UTC+02 on November 1, 2017. * Tonga will no longer use DST (Daylight Saving Time). This change takes effect on November 5, 2017. * Fiji ends DST on January 14, 2018 instead of January 21, 2018. * Namibia, on September 3, 2017 will switch from UTC+01 with DST to UTC+02 around the year. This change takes effect on April 1, 2018. * On March 11, 2018, the Turks and Caicos Islands will change from UTC-04 to UTC-05 with US DST starting on March 11, 2018. Effective change date is November 4, 2018. * tzdata now includes two text versions of the time zone data: the "tzdata.zi" and "leapseconds" files.Scientific Linux FermiScientific Linux Fermi 6tzdata-2017c-1.el6.noarch.rpmc42f3d1defe0ae10931a797df80bbdd7d6973b4b48b586117c7880e683154835tzdata-java-2017c-1.el6.noarch.rpm70d1973c6bed76f1fd8c34e8202bace484f5934e816ff4f9754ceb9936e5ce72SLEA-2018:0232-1* Brazil's Daylight Saving Time (DST) will start on the first Sunday in November. * Support has been added for the "-t" option for the zic utility. This enables the user to put the configuration link in the specified file instead of the standard location.Scientific Linux FermiScientific Linux Fermi 6tzdata-2018c-1.el6.noarch.rpm1c881e691d7705bc094334b7863df3425281ef8fca91f469635a060f05aca5c0tzdata-java-2018c-1.el6.noarch.rpm9de078f2470d37c30f16a4285dc0b5edd1bb5ee3e78ce13131170778cffe62f3SLEA-2018:1580-1Scientific Linux FermiScientific Linux Fermi 6microcode_ctl-1.17-25.6.el6_9.i686.rpm3554b2c167a3a377cafa48f09e73d1a0c7a2f30d58ebabce3111e5c50f66ed56SLEA-2018:1865-1Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries.Scientific Linux FermiScientific Linux Fermi 6nspr-4.19.0-1.el6.i686.rpm60d40c88c7221813bcec0ceca5f8a07d850f933940c14cd19502685d7b583dc2nss-sysinit-3.36.0-8.el6.i686.rpm8bf4e30693f410c9046b518ef1fc9dbc04f4937dc08aabc762aefde7333c09ffnss-3.36.0-8.el6.i686.rpm4a1bc97a7418714dc51bbf0684a5f1b1c6f3a27af7e3c1475d8f0b4c43991606nss-tools-3.36.0-8.el6.i686.rpm977af4e279c8caf88aa64dde5fb48df951034fc08fdc52f5a391da87acf597bcnss-pkcs11-devel-3.36.0-8.el6.i686.rpmee086e9969f44c0e2e751191bfe182ff9da745839d4138f82861392531017a7dnss-util-3.36.0-1.el6.i686.rpmca0a5ca9aed228b393ee1d2e5fd89c0f40e76f196c210d211cd900c675837d18nss-util-devel-3.36.0-1.el6.i686.rpm3974f0df1ad1e11b76134500efea0088dc5b0287a143b0fbf76cf0865005fb83nss-devel-3.36.0-8.el6.i686.rpme7e436d23ae1ecd3e63654c4cdcae3bf954f4ffc11caa84686d0272d3846012enspr-devel-4.19.0-1.el6.i686.rpm656406402782c64b31d0d4cd33831a0d4d74ae74e5fcc664116482de27402dddSLEA-2019:1212-1This update adds the following enhancement: * The Intel CPU microcode has been updated to the latest upstream version to mitigate CVE-2018-12126, CVE-2018-12126, CVE-2018-12126, and CVE-2019-11091.Scientific Linux FermiScientific Linux Fermi 6microcode_ctl-1.17-33.11.el6_10.i686.rpmcd817b19a6cfba4dcbe70b6a4628847ba3283d18b772001bb59a8efa1a28ac1eSLEA-2019:3280-1The nss, nss-softokn and nss-util packages have been upgraded to upstream versions 3.44, and the nspr packages have been upgraded to upstream version 4.21. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Notably, these upgrades allow users to upgrade to Mozilla Firefox 68 Extended Support Release.Scientific Linux FermiScientific Linux Fermi 6nss-devel-3.44.0-7.el6_10.i686.rpmf5cc0e653315b63ed8f33b022a23930206be9436d42ad2a4c3afe9bcc5bfe820nspr-4.21.0-1.el6_10.i686.rpm3ec55d700846f9f7e59f2203aed75413c3393a4518541e28d30eae1594d03b98nss-sysinit-3.44.0-7.el6_10.i686.rpmaf080881b84bb309f2007c6ac395e24a1a27f8e8dac4a2a1a05c12881ba322d0nss-softokn-3.44.0-5.el6_10.i686.rpm5f346059c0b817e31dd71c56b780c8c08f6d501a5bf6c5177eb8b72d91b7c83anss-softokn-freebl-3.44.0-5.el6_10.i686.rpm3ef47aa10369ef5e10b78e6e4d6871c8992140b3876acf2e67fda9822f68b021nss-3.44.0-7.el6_10.i686.rpm7cbd70bef055e0a871668e47ae1776c67a1a03bd86da3ff2ed88c5186e374539nss-softokn-freebl-devel-3.44.0-5.el6_10.i686.rpm9a5978576dc18065ac5080ce9c925d5ca9cca66e2d67e068daf38cbf70a4eaadnss-util-devel-3.44.0-1.el6_10.i686.rpm63024af655b77fc6ac02b9548d5808451204a6226a1c702118ed8dcf1ce701a6nss-softokn-devel-3.44.0-5.el6_10.i686.rpm7cd6baf9f77fe0889bd3df37ba0b69d1a8098718c9adda2cf6ab1d95f721602cnss-pkcs11-devel-3.44.0-7.el6_10.i686.rpmc9ec26643fab67c23805dacaeceab64d9677edd959e2876ca109ec12a6265ec7nspr-devel-4.21.0-1.el6_10.i686.rpm371c05559f0ebb77332c15478ef85f3febc3ab84a5cf77f08f1f3a6325985f33nss-util-3.44.0-1.el6_10.i686.rpm609f04ec4a2525a0d8d9a07b2ee809fea3ca69c1fc8344e4edf085c4eba37769nss-tools-3.44.0-7.el6_10.i686.rpm437c2a3d09adf393d984540d955d1c4f586548d7c31eec94f149dcc2284dee21SLF6.2:yum-autoupdate:securityThis update resolves an issue with the usage of tempfiles.lowScientific Linux FermiScientific Linux Fermi 6yum-autoupdate-2-6.3.slf.noarch.rpm56b456091ee89ed1253721a2b221a184a4d2d7c450604e4fcc5216efa639b37aSLF6.2:zz_local_dns_cacheYet another check on nscd, this really shouldn't start it unless you want it Standardized the trigger interface a bit further Updated grep checks, thanks Steve TimmScientific Linux FermiScientific Linux Fermi 6zz_local_dns_cache-3-1.noarch.rpmb35af750481febda15196f39040eba217ab932469ee4518fff0d1c4a9c7febcbSLF6.3:zz_fermi_sshd_configadded UsePAM=yes to settings, this should resolve a problem with aklog not running when expected.Scientific Linux FermiScientific Linux Fermi 6zz_fermi_sshd_config-5.3-3.2.noarch.rpmb2eea7723e3adc2b5ba0499dd021c39871f126b21d80337db57eff0321f98872SLF6.3:zz_local_dns_cacheFixed an error relating to NSCD grep checks Added extra check for NSCD avalibility Better management of /etc/resolv.conf changes, specific excludes are now used rather than known includes.Scientific Linux FermiScientific Linux Fermi 6zz_local_dns_cache-3-1.2.noarch.rpm7391ee18c95b733c0bd349f8b3c895e83f403e421785273dc49ffe8bbab42a90SLF6.3:zz_local_dns_cache:fixNow correctly preserves config values when updating certain configs.Scientific Linux FermiScientific Linux Fermi 6zz_local_dns_cache-3-1.3.1.noarch.rpmf5efe10292e8c0f36875ff7381abcc28fe6a8373658b3d9f522e0fa8ed4fcedbSLF6.5:ocsinventory-fermi- On SLF 6 some systems now use a name other than ethx for ethernet - On Dell systems in particular em1 is used - Symptom of this was no "NETWORKS" entry sent to serverScientific Linux FermiScientific Linux Fermi 6ocsinventory-fermi-0.9.9-17.noarch.rpmeef48610268f621d75ed894f3026f777013fccd25a63a9932dc6ac09db420505SLSA-2011:0506-1A directory traversal flaw was found in the way rdesktop shared a local path with a remote server. If a user connects to a malicious server with rdesktop, the server could use this flaw to cause rdesktop to read and write to arbitrary, local files accessible to the user running rdesktop. (CVE-2011-1595)moderateScientific Linux FermiScientific Linux Fermi 6rdesktop-1.6.0-8.el6_0.1.i686.rpm6547cfb4091c5ec826ae0ba5371d6d48524cfc1992e2869b2fc52f8e60013fc3SLSA-2011:0507-1It was discovered that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching. (CVE-2011-0419) Applications using the apr library, such as httpd, must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6apr-devel-1.3.9-3.el6_0.1.i686.rpmef5ad4390d53541be6fd0a9b60260817317e291a018cf6b8e1195da14253c505apr-1.3.9-3.el6_0.1.i686.rpmdaf11910f9a242cb4698fd4f5612a30c7333536109f2e8132b17f12653fc357fSLSA-2011:0836-1This update fixes the following security issues: * An integer underflow flaw, leading to a buffer overflow, was found in the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation. This could allow a remote attacker to cause a denial of service. (CVE-2011-1770, Important) * Missing sanity checks were found in setup_arg_pages() in the Linux kernel. When making the size of the argument and environment area on the stack very large, it could trigger a BUG_ON(), resulting in a local denial of service. (CVE-2010-3858, Moderate) * A missing validation check was found in the bcm_release() and raw_release() functions in the Linux kernel's Controller Area Network (CAN) implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2011-1598, CVE-2011-1748, Moderate) * The fix provided in SLSA-2011:0542 introduced a regression in the cifs_close() function in the Linux kernel's Common Internet File System (CIFS) implementation. A local, unprivileged user with write access to a CIFS file system could use this flaw to cause a denial of service. (CVE-2011-1771, Moderate) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-devel-2.6.32-131.2.1.el6.i686.rpm6e8217b3370c765f9350f7155cbc365dfc03ab83fca70b1556d37ea1ce2b200bkernel-firmware-2.6.32-131.2.1.el6.noarch.rpmd6b01653b69d7389dc37fb2004c72fdf4655c565991afc623ea012d5a7fd18cbkernel-doc-2.6.32-131.2.1.el6.noarch.rpm10a0172fc21347ae0014be98e06ef1261f691a05400839d9b23c4c33a0881a02kernel-debug-2.6.32-131.2.1.el6.i686.rpm64b24680a06ca4ddcc2354dee89de4789f5e3cfc6cdbfdf22f097b7a3b332b74perf-2.6.32-131.2.1.el6.i686.rpmeb91b8068f67b16a3efe888e79cfa562348b23721f47b07a2126376df7e22620kernel-headers-2.6.32-131.2.1.el6.i686.rpm488ad7727e6a43be534d3c8f4ec75b837f9671d55772411b73f9c3f47102ebc2kernel-devel-2.6.32-131.2.1.el6.i686.rpm22330325aaabc6d31bf63e2257c574502ff547e89a3e81d66514dc697aa07095kernel-2.6.32-131.2.1.el6.i686.rpm3a9addfee9405808410f62dc6bb48d3f77445f3e0a26bc6f6895595be0e05b44SLSA-2011:0839-1A heap-based buffer overflow flaw was found in the GIMP's Paint Shop Pro (PSP) image file plug-in. An attacker could create a specially-crafted PSP image file that, when opened, could cause the PSP plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2010-4543) A stack-based buffer overflow flaw was found in the GIMP's Lightning, Sphere Designer, and Gfig image filters. An attacker could create a specially-crafted Lightning, Sphere Designer, or Gfig filter configuration file that, when opened, could cause the relevant plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2010-4540, CVE-2010-4541, CVE-2010-4542) The GIMP must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6gimp-2.6.9-4.el6_1.1.i686.rpmdd83b9f83fe5d44eface4e0d12f2d9148009d81b5c947141d562f59e439d4cffgimp-libs-2.6.9-4.el6_1.1.i686.rpm48958c903744b5dae02ed207a6d3d7c6c7742e4d57a47f1c7234bd731dce303dgimp-devel-tools-2.6.9-4.el6_1.1.i686.rpmc2d1c5a05e8e2b74ea3fb04345ef57b466114030d8bce20567acab1b5b0dcd19gimp-devel-2.6.9-4.el6_1.1.i686.rpmcd284ba50bfc4c93d84351bf1c0e1f18ea8aa37ee32e6f92baa097cc5b34dc16gimp-help-browser-2.6.9-4.el6_1.1.i686.rpm2c196b7963251f9787af07d1e4f19babdc5c4bc9c4a255d28a6002cb693d8995SLSA-2011:0842-1Two divide-by-zero flaws were found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use these flaws to crash the system. Additionally, a privileged user (root, or a member of the stapdev group) could trigger these flaws when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled. (CVE-2011-1769, CVE-2011-1781)moderateScientific Linux FermiScientific Linux Fermi 6systemtap-client-1.4-6.el6_1.1.i686.rpmfab4da34170dcd647cbada9fa30faddfc713debff9c6c530cfa7dc424c192794systemtap-grapher-1.4-6.el6_1.1.i686.rpm1c23920c4ee88001ba0e6f97aa57385d1aaf782bdbdeef35377d8fdc14c49658systemtap-server-1.4-6.el6_1.1.i686.rpm9682e21ccb69bdd01b7fa23afc6c41d924f436bab5109058ea7a149c559b8933systemtap-initscript-1.4-6.el6_1.1.i686.rpm20d2fa41cddb4b6af99e62f281d128e31b35d6e1271736b60dea4bdef842f7bbsystemtap-runtime-1.4-6.el6_1.1.i686.rpm960791a404a9f6444403c4e334501b6b41847ad050e4d789b3260cc4ec8f5cafsystemtap-testsuite-1.4-6.el6_1.1.i686.rpm762728e1077b1235637c6bb83a5df977eb875e2a37b4a9712f39d73d37d1aa5fsystemtap-sdt-devel-1.4-6.el6_1.1.i686.rpm25ab019af26b72d85830ff50615429de0b7acf6a3bf6de079156ca7f5732417dsystemtap-1.4-6.el6_1.1.i686.rpme332ee163cf0d361e8d11f98ecce98ea3a2a3207d69757742672088e75fb6d71SLSA-2011:0843-1A heap-based buffer over-read flaw was found in the way Postfix performed SASL handlers management for SMTP sessions, when Cyrus SASL authentication was enabled. A remote attacker could use this flaw to cause the Postfix smtpd server to crash via a specially-crafted SASL authentication request. The smtpd process was automatically restarted by the postfix master process after the time configured with service_throttle_time elapsed. (CVE-2011-1720) Note: Cyrus SASL authentication for Postfix is not enabled by default. After installing this update, the postfix service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6postfix-perl-scripts-2.6.6-2.2.el6_1.i686.rpm8e21a7ce9cd3e9d82d0723ebef190d5badc051e6dee98ccd561060b73237b54cpostfix-2.6.6-2.2.el6_1.i686.rpm003cb11df12a72cab4bd0bc16aa3838cd9cf3da2b54071ae2a3fcdac1628564bSLSA-2011:0844-1The fix for CVE-2011-0419 (released via SLSA-2011:0507) introduced an infinite loop flaw in the apr_fnmatch() function when the APR_FNM_PATHNAME matching flag was used. A remote attacker could possibly use this flaw to cause a denial of service on an application using the apr_fnmatch() function. (CVE-2011-1928) Note: This problem affected httpd configurations using the "Location" directive with wildcard URLs. The denial of service could have been triggered during normal operation; it did not specifically require a malicious HTTP request. This update also addresses additional problems introduced by the rewrite of the apr_fnmatch() function, which was necessary to address the CVE-2011-0419 flaw. Applications using the apr library, such as httpd, must be restarted for this update to take effect.lowScientific Linux FermitrueScientific Linux Fermi 6apr-1.3.9-3.el6_1.2.i686.rpm2da76996bcc200dda8ba640bc4c6585c353ff7ff1487eeb511bb0f2c825ccae6apr-devel-1.3.9-3.el6_1.2.i686.rpm071152c2173e8218ef1001f4480dd0298d1a955f657ff8a3f393b50a46a9baefSLSA-2011:0845-1An off-by-one flaw was found in the way BIND processed negative responses with large resource record sets (RRSets). An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use this flaw to cause named to exit with an assertion failure. (CVE-2011-1910) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-libs-9.7.3-2.el6_1.P1.1.i686.rpmc160639a533728b152f268dd2bd1413bea39285e411d4d240c4483135c77ff8cbind-utils-9.7.3-2.el6_1.P1.1.i686.rpmf08085395006c00c1ee238004e3d8893cd39f4545251ab9cee7ebbe9cebadea0bind-devel-9.7.3-2.el6_1.P1.1.i686.rpmae7f1a24704ec54defe23f542250901c5feb2513e37a4e10bcc164dd4e1b528bbind-sdb-9.7.3-2.el6_1.P1.1.i686.rpm0e8a5052fb1b2da446a52f03d1dc25ad18ca1226e3dc556992a5761cbed9a6c3bind-chroot-9.7.3-2.el6_1.P1.1.i686.rpm3759e84a347bf629c5e06f92ca2e887f16be5a331c14042448bc063392efd0b9bind-9.7.3-2.el6_1.P1.1.i686.rpm5588fb7a0543a09503f98bfb4876081ddd801357be76528dbbf1a0d27c189f66SLSA-2011:0856-1Integer overflow flaws were found in the way Java2D parsed JPEG images and user-supplied fonts. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted applet or application. (CVE-2011-0862) It was found that the MediaTracker implementation created Component instances with unnecessary access privileges. A remote attacker could use this flaw to elevate their privileges by utilizing an untrusted applet or application that uses Swing. (CVE-2011-0871) A flaw was found in the HotSpot component in OpenJDK. Certain bytecode instructions confused the memory management within the Java Virtual Machine (JVM), resulting in an applet or application crashing. (CVE-2011-0864) An information leak flaw was found in the NetworkInterface class. An untrusted applet or application could use this flaw to access information about available network interfaces that should only be available to privileged code. (CVE-2011-0867) An incorrect float-to-long conversion, leading to an overflow, was found in the way certain objects (such as images and text) were transformed in Java2D. A remote attacker could use this flaw to crash an untrusted applet or application that uses Java2D. (CVE-2011-0868) It was found that untrusted applets and applications could misuse a SOAP connection to incorrectly set global HTTP proxy settings instead of setting them in a local scope. This flaw could be used to intercept HTTP requests. (CVE-2011-0869) A flaw was found in the way signed objects were deserialized. If trusted and untrusted code were running in the same Java Virtual Machine (JVM), and both were deserializing the same signed object, the untrusted code could modify said object by using this flaw to bypass the validation checks on signed objects. (CVE-2011-0865) All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-javadoc-1.6.0.0-1.39.1.9.8.el6_1.i686.rpmd02848996417c0301f2f20005ca6f65940c7f6bc879b50142d773c30032abdf1java-1.6.0-openjdk-1.6.0.0-1.39.1.9.8.el6_1.i686.rpmc4c4b3a2289235b033a59c25a44586af56d80f6831dd23f1ed4ea2ad357f937ejava-1.6.0-openjdk-src-1.6.0.0-1.39.1.9.8.el6_1.i686.rpm1754f8b57a3641b180e1903f064e3bb16b5ac5a63469714cf7c5015dd26ba2b8java-1.6.0-openjdk-devel-1.6.0.0-1.39.1.9.8.el6_1.i686.rpmfc75d256ed59e52708a9ec7116e349c984508c0c304cf6677e62b2a8d7236c3ejava-1.6.0-openjdk-demo-1.6.0.0-1.39.1.9.8.el6_1.i686.rpmd98480756f6b3851020b387228bea6aec703a83eb8cbea4d9791b8379421f605SLSA-2011:0858-1A flaw was found in the way the Apache Xerces2 Java Parser processed the SYSTEM identifier in DTDs. A remote attacker could provide a specially-crafted XML file, which once parsed by an application using the Apache Xerces2 Java Parser, would lead to a denial of service (application hang due to excessive CPU use). (CVE-2009-2625) Applications using the Apache Xerces2 Java Parser must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6xerces-j2-javadoc-apis-2.7.1-12.6.el6_0.i686.rpm893a2119d010b7ac3de3883c77507c563c608812f3a104b6b9a74fb2049a8520xerces-j2-demo-2.7.1-12.6.el6_0.i686.rpmf14bf15a6b23b6228ebb2ec97635b2adbac4acb9a84d23291d17a50143829636xerces-j2-javadoc-impl-2.7.1-12.6.el6_0.i686.rpmdb3f16c0caba56a2ba69040c1d540f7eea7b598f474255c05142d2dddd077320xerces-j2-javadoc-other-2.7.1-12.6.el6_0.i686.rpm35239776b07c4490a20d420aec1af956a298401b11bfcf2d1aeeb492c614bee0xerces-j2-scripts-2.7.1-12.6.el6_0.i686.rpmd4493a6d1954a7ff9cdecb7853c4933e26054fd3b4a0df616bfe11fbc17c44c7xerces-j2-javadoc-xni-2.7.1-12.6.el6_0.i686.rpmd901de5353d07193d25776d1ad1bf985ee23a8bea3628d81d8cb4facbdc732e9xerces-j2-2.7.1-12.6.el6_0.i686.rpm7fc841a2f28d30414c5eccc2ced1d5ed45ef4de261eaba1995655349bc33ca5aSLSA-2011:0859-1It was discovered that cyrus-imapd did not flush the received commands buffer after switching to TLS encryption for IMAP, LMTP, NNTP, and POP3 sessions. A man-in-the-middle attacker could use this flaw to inject protocol commands into a victim's TLS session initialization messages. This could lead to those commands being processed by cyrus-imapd, potentially allowing the attacker to steal the victim's mail or authentication credentials. (CVE-2011-1926) After installing the update, cyrus-imapd will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6cyrus-imapd-utils-2.3.16-6.el6_1.2.i686.rpm801ae43c23ad1f2ea50e6ba22086baaed7fac0dcbbad4b51a6ed40c60e486076cyrus-imapd-devel-2.3.16-6.el6_1.2.i686.rpmde6d76d8bdf71cd898f582c8c367841a21543ed1f46a726dac9bc2610ba2bbb6cyrus-imapd-2.3.16-6.el6_1.2.i686.rpm95ac3991bed45709510201e5825ff8ee30c4bd99ba3914e043ca9dba96324526SLSA-2011:0862-1An infinite loop flaw was found in the way the mod_dav_svn module processed certain data sets. If the SVNPathAuthz directive was set to "short_circuit", and path-based access control for files and directories was enabled, a malicious, remote user could use this flaw to cause the httpd process serving the request to consume an excessive amount of system memory. (CVE-2011-1783) A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed requests submitted against the URL of a baselined resource. A malicious, remote user could use this flaw to cause the httpd process serving the request to crash. (CVE-2011-1752) An information disclosure flaw was found in the way the mod_dav_svn module processed certain URLs when path-based access control for files and directories was enabled. A malicious, remote user could possibly use this flaw to access certain files in a repository that would otherwise not be accessible to them. Note: This vulnerability cannot be triggered if the SVNPathAuthz directive is set to "short_circuit". (CVE-2011-1921) After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6mod_dav_svn-1.6.11-2.el6_1.4.i686.rpm4008653af27d04f4afa0b82dde52ece6a7d1a926b5af0e069506ebdb6db7a625subversion-javahl-1.6.11-2.el6_1.4.i686.rpm19929529d48cdef54090e650f4a2f0621a7b4c42624c44a7898a1d8d911df66csubversion-1.6.11-2.el6_1.4.i686.rpm447f46b3e4ccb3caca8ea1c0a2bde45c08369ae48d14ab27886568920329c40asubversion-devel-1.6.11-2.el6_1.4.i686.rpm80d13ddbf2b3688eee3d12efbfe41390bf3b82fd4c37ba1be1c4adc4b7d33f2bsubversion-ruby-1.6.11-2.el6_1.4.i686.rpm405621e11364e9c4227544b627ee9b415123a93ac21d8b23151b5b5394fa9ea4subversion-svn2cl-1.6.11-2.el6_1.4.noarch.rpm06cbffa31b761130020ca825ee40609c0f1de1c06d31776cd53579542b02677fsubversion-gnome-1.6.11-2.el6_1.4.i686.rpmab95e2cb4e89ffc7218f58661a07a787e8d006b311cd7bc00fb524de813a17c9subversion-perl-1.6.11-2.el6_1.4.i686.rpm4e68363fd2b2b1d87c0712d7b9e76b29954e44b9bd41c1c1b26a368cb3c65551subversion-kde-1.6.11-2.el6_1.4.i686.rpm094da5ee7b0e8501da6c9da193facf8624649cbfaa951b0e75dbf8e119cf8b42SLSA-2011:0871-1It was discovered that vncviewer could prompt for and send authentication credentials to a remote server without first properly validating the server's X.509 certificate. As vncviewer did not indicate that the certificate was bad or missing, a man-in-the-middle attacker could use this flaw to trick a vncviewer client into connecting to a spoofed VNC server, allowing the attacker to obtain the client's credentials. (CVE-2011-1775)moderateScientific Linux FermiScientific Linux Fermi 6tigervnc-server-1.0.90-0.15.20110314svn4359.el6_1.1.i686.rpm19601be85c556d623298876ecb4fa0e3939524f313e1ca895bbecbf5f73a9c6ctigervnc-server-applet-1.0.90-0.15.20110314svn4359.el6_1.1.noarch.rpm0c253c011a73670d23bf080ee759ffaac83880a1446388434b03431490dff887tigervnc-1.0.90-0.15.20110314svn4359.el6_1.1.i686.rpm5a5c1bce87efd9be848a8493c35c951a4b01b58c001c75f57dcec7e42c259242tigervnc-server-module-1.0.90-0.15.20110314svn4359.el6_1.1.i686.rpmf5e5ebad6db9810acaf31317240f0ff2310488f7e7e303d31bb6201d6be533bfSLSA-2011:0885-1A flaw was found in the way Firefox handled malformed JPEG images. A website containing a malicious JPEG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2377) Multiple dangling pointer flaws were found in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) An integer overflow flaw was found in the way Firefox handled JavaScript Array objects. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2371) A use-after-free flaw was found in the way Firefox handled malformed JavaScript. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2373) It was found that Firefox could treat two separate cookies as interchangeable if both were for the same domain name but one of those domain names had a trailing "." character. This violates the same-origin policy and could possibly lead to data being leaked to the wrong domain. (CVE-2011-2362) This update also fixes the following bug: * With previous versions of Firefox on Scientific Linux 5, the "background- repeat" CSS (Cascading Style Sheets) property did not work (such images were not displayed and repeated as expected). After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-1.9.2.18-2.el6_1.i686.rpm971cb7bb6de5d15d78440581888a26b596f73da652fa72a0356cbd468859c362firefox-3.6.18-1.el6_1.i686.rpmf7cb95e12395acce4b9911fa7d4ff6ec9317f0bea02a13229215b3a48be4ebeaxulrunner-devel-1.9.2.18-2.el6_1.i686.rpm748444acd009f845029d7705a2bd6574ffb3375c1cf22825b2b7243f40b6a316SLSA-2011:0886-1A flaw was found in the way Thunderbird handled malformed JPEG images. An HTML mail message containing a malicious JPEG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2377) Multiple dangling pointer flaws were found in Thunderbird. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363) Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376) It was found that Thunderbird could treat two separate cookies (for web content) as interchangeable if both were for the same domain name but one of those domain names had a trailing "." character. This violates the same-origin policy and could possibly lead to data being leaked to the wrong domain. (CVE-2011-2362) All running instances of Thunderbird must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-3.1.11-2.el6_1.i686.rpm32ad2e9047bb0773483437a338f686adb92c5fc0e6e382574d2684d223c7afafSLSA-2011:0910-1A flaw was found in the way large amounts of memory were allocated on 64-bit systems when using the BigDecimal class. A context-dependent attacker could use this flaw to cause memory corruption, causing a Ruby application that uses the BigDecimal class to crash or, possibly, execute arbitrary code. This issue did not affect 32-bit systems. (CVE-2011-0188) A race condition flaw was found in the remove system entries method in the FileUtils module. If a local user ran a Ruby script that uses this method, a local attacker could use this flaw to delete arbitrary files and directories accessible to that user via a symbolic link attack. (CVE-2011-1004) A flaw was found in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2011-1005)moderateScientific Linux FermiScientific Linux Fermi 6ruby-tcltk-1.8.7.299-7.el6_1.1.i686.rpme59cbed6ae0c765aa1ec51f146dcaef7bfc207d0bdaaa047d3d2120a4ab2e22cruby-irb-1.8.7.299-7.el6_1.1.i686.rpm3c07ce4e6f6a69b65afc69e20cfbbe7a29aaac01f4c6981abe27cf3cc7ed2bd2ruby-1.8.7.299-7.el6_1.1.i686.rpm3f877842761524a5788362012273376ca3b1b737bbf0b8c5b2d972c33d00ab9bruby-static-1.8.7.299-7.el6_1.1.i686.rpmdcd91a6ca6a48db3541270680e55935204bd48f69c8b1b4b2e664575266eb28bruby-docs-1.8.7.299-7.el6_1.1.i686.rpm7114aa2393dd63ac8721741eb08efbcfbec1599c86703645e685008120c86c1druby-devel-1.8.7.299-7.el6_1.1.i686.rpm4dc6e84e84012b9ba7313d72f8e268553952313f8a17eb71c6db52c02b9e5dabruby-ri-1.8.7.299-7.el6_1.1.i686.rpmd3306a33e83ef7563fdbbb54cc7cfd07f17bae113e2b9eb2be9fc8ec6c2db437ruby-libs-1.8.7.299-7.el6_1.1.i686.rpmf892342b46abf3a3bc9b184e102333d09668d56d754dad06fc99f65443741e06ruby-rdoc-1.8.7.299-7.el6_1.1.i686.rpm38765789f30d92b05d014f073372cf02c0fb808a3bc75d1c355e712d7bad8118SLSA-2011:0918-1It was found that cURL always performed credential delegation when authenticating with GSSAPI. A rogue server could use this flaw to obtain the client's credentials and impersonate that client to other servers that are using GSSAPI. (CVE-2011-2192) All running applications using libcurl must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6curl-7.19.7-26.el6_1.1.i686.rpm0711b3a09a6cab14266cdac7acb5875bb49fee972fcfb703e36f4d5ba6057025libcurl-devel-7.19.7-26.el6_1.1.i686.rpm366ad636f831d29c7f51cf29e092816cdffc0c7bd25e1e9a5b7e3ab9f0aa7524libcurl-7.19.7-26.el6_1.1.i686.rpm731e36fc2fbd4d3d1fc4f498327fb9bcb6598132ad41e0de056af11b811da77fSLSA-2011:0920-1It was found that gssftp, a Kerberos-aware FTP server, did not properly drop privileges. A remote FTP user could use this flaw to gain unauthorized read or write access to files that are owned by the root group. (CVE-2011-1526)importantScientific Linux FermiScientific Linux Fermi 6krb5-appl-servers-1.0.1-2.el6_1.1.i686.rpma0364b6e85761d025432ffaec83953e75041ab030a50759a4f6a585d319a5dbckrb5-appl-clients-1.0.1-2.el6_1.1.i686.rpm2d1abbf87cf37a69e46cd473a748f86a605fc99131c657e1537dd78809a4cfc0SLSA-2011:0926-1A flaw was discovered in the way BIND handled certain DNS requests. A remote attacker could use this flaw to send a specially-crafted DNS request packet to BIND, causing it to exit unexpectedly due to a failed assertion. (CVE-2011-2464) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-utils-9.7.3-2.el6_1.P3.2.i686.rpm1c562cb23647a1e69bf315c580d8a1c33ef65f4177bbdf1392368010cb5bdeefbind-sdb-9.7.3-2.el6_1.P3.2.i686.rpmbb6a1c57d37a7e6b72b6320f6b15605ee82c836534cb2830a088bdbfd43b4048bind-libs-9.7.3-2.el6_1.P3.2.i686.rpm09dc3deb6b4c11d7450894de151570e3d1865ffa7fbe62944071fda7a92fad0dbind-devel-9.7.3-2.el6_1.P3.2.i686.rpmf0ad50957df3b66aa5f94535204e047a289426531d64de4cb8acd0a4914a214fbind-9.7.3-2.el6_1.P3.2.i686.rpm14ffdad4f26c0017c182bf93ce222edc6ee7b5d95d64f706edc9f7ae6375b066bind-chroot-9.7.3-2.el6_1.P3.2.i686.rpm8456bc8e91007f59f9fe975c6570ef8b18e8e1e959ace20e6148b6972dc527e2SLSA-2011:0928-1This update fixes the following security issues: * It was found that the receive hook in the ipip_init() function in the ipip module, and in the ipgre_init() function in the ip_gre module, could be called before network namespaces setup is complete. If packets were received at the time the ipip or ip_gre module was still being loaded into the kernel, it could cause a denial of service. (CVE-2011-1767, CVE-2011-1768, Moderate) * It was found that an mmap() call with the MAP_PRIVATE flag on "/dev/zero" would create transparent hugepages and trigger a certain robustness check. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2011-2479, Moderate) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-headers-2.6.32-131.6.1.el6.i686.rpm5de035f76f275184a7f5bb05e93e2303336798c426efddd25e6898893f05ffe9kernel-2.6.32-131.6.1.el6.i686.rpme58477fba1340a7e10d14da9c90616f61970c6604dd6e2bec2b0d7f6c1e4ff01kernel-debug-2.6.32-131.6.1.el6.i686.rpm30f5b0f91f0cbdb300c760c7828d8569f283c375033096e75702cd03b2fdc636kernel-debug-devel-2.6.32-131.6.1.el6.i686.rpm6c3c44f88938ba04f041a8deaa4d15c3b6568d846a63cfa194e84f125099fbf6kernel-devel-2.6.32-131.6.1.el6.i686.rpmad9bdd3abe7ad6f73dfc23f027f53a5fc49e3c38182d8fb2d0968cef38d9f52fperf-2.6.32-131.6.1.el6.i686.rpm1be1076c7d54482b086468905e945cb17309fdcc5e12c7eceeb6f506370997dckernel-firmware-2.6.32-131.6.1.el6.noarch.rpmcd2d526b19e805bceb3636ba8d98b27eb04a9e910385f00a2573200a9bad761akernel-doc-2.6.32-131.6.1.el6.noarch.rpm876c6fd775c270331bd223f6007530ff1d4a872242d6bd5c8c037dfee0458584SLSA-2011:0930-1It was found that NetworkManager did not properly enforce PolicyKit settings controlling the permissions to configure wireless network sharing. A local, unprivileged user could use this flaw to bypass intended PolicyKit restrictions, allowing them to enable wireless network sharing. (CVE-2011-2176) Running instances of NetworkManager must be restarted ("service NetworkManager restart") for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6NetworkManager-0.8.1-9.el6_1.1.i686.rpm5c1af14261a34762ca9f4e7db6a64acfe1ce4be7f3049f299028d8aeb2803b2bNetworkManager-devel-0.8.1-9.el6_1.1.i686.rpmf2f37a178ab8b85b03d162a3f30cfd1c4c3caa5bd20e5f221589bbd5da0a0f25NetworkManager-glib-0.8.1-9.el6_1.1.i686.rpma267bcfc4f993c5b6b1b29368641e76bf0213af59b71090171722c70e54b5c1aNetworkManager-glib-devel-0.8.1-9.el6_1.1.i686.rpm183e70fdc48d0300df477bf1ef19686af12b713d9d3de6f8acad7f4963d30ff6NetworkManager-gnome-0.8.1-9.el6_1.1.i686.rpm0a0f73cde2db3a101e4e7463e71ab11e6dbca5fc2fd823a23281e6de2622771aSLSA-2011:0953-1It was found that system-config-firewall used the Python pickle module in an insecure way when sending data (via D-Bus) to the privileged back-end mechanism. A local user authorized to configure firewall rules using system- config-firewall could use this flaw to execute arbitrary code with root privileges, by sending a specially-crafted serialized object. (CVE-2011-2520) This erratum updates system-config-firewall to use JSON (JavaScript Object Notation) for data exchange, instead of pickle. Therefore, an updated version of system-config-printer that uses this new communication data format is also provided in this erratum. Running instances of system-config-firewall must be restarted before the utility will be able to communicate with its updated back-end.moderateScientific Linux FermitrueScientific Linux Fermi 6system-config-firewall-1.2.27-3.el6_1.3.noarch.rpmd087b2df007eb06e225542936ce55877c0b78c455656069c82ec24eb3fde5852system-config-printer-1.1.16-17.el6_1.2.i686.rpmdf9bb544c912cc87707804801727a20af825593cc81f2e89bc3a2c19113b19dcsystem-config-firewall-base-1.2.27-3.el6_1.3.noarch.rpmf7e1a997c24e5558b96bb55a7745a48da2615567c10f7b88bb187303094136a2system-config-printer-libs-1.1.16-17.el6_1.2.i686.rpm6b738f559927ad1c15d956f77b6d88c498916236e8d8d3a9d0e368772afa6845system-config-firewall-tui-1.2.27-3.el6_1.3.noarch.rpm9e7949a0f3560059a0c07a182b7688e06510565e98bc9a8eb486b01965b4d631system-config-printer-udev-1.1.16-17.el6_1.2.i686.rpm9d48f6f68b1126fefb9cdb59b8d683cc4e1d23f27300f9f015ab759796165b59SLSA-2011:0959-1A flaw was found in the way Mutt verified SSL certificates. When a server presented an SSL certificate chain, Mutt could ignore a server hostname check failure. A remote attacker able to get a certificate from a trusted Certificate Authority could use this flaw to trick Mutt into accepting a certificate issued for a different hostname, and perform man-in-the-middle attacks against Mutt's SSL connections. (CVE-2011-1429) All running instances of Mutt must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6mutt-1.5.20-2.20091214hg736b6a.el6_1.1.i686.rpm4dfa139090d9c1f5e29eb509bae885239125062259d5ffce35ad7c82cbf02b1bSLSA-2011:1083-1Multiple flaws were found in the way fusermount handled the mounting and unmounting of directories when symbolic links were present. A local user in the fuse group could use these flaws to unmount file systems, which they would otherwise not be able to unmount and that were not mounted using FUSE, via a symbolic link attack. (CVE-2010-3879, CVE-2011-0541, CVE-2011-0542, CVE-2011-0543) Note: The util-linux-ng SLBA-2011:0699 update must also be installed to fully correct the above flaws.moderateScientific Linux FermiScientific Linux Fermi 6fuse-devel-2.8.3-3.el6_1.i686.rpma22744f1ac4bbe4866ee374f8bda6093fb2894c9ea56d8d08844104acb0733c5fuse-libs-2.8.3-3.el6_1.i686.rpmb399661a79f73b56a43a56d37be73df4c5150236afbe91cc509a70bfd7a4c1b8fuse-2.8.3-3.el6_1.i686.rpm611661549dbdc56097dd71ebb072479937a2c752fee7e8850055ac061fa61863SLSA-2011:1084-1An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the libsndfile library processed certain Ensoniq PARIS Audio Format (PAF) audio files. An attacker could create a specially-crafted PAF file that, when opened, could cause an application using libsndfile to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-2696) All running applications using libsndfile must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libsndfile-1.0.20-3.el6_1.1.i686.rpmfdfc6e8166e71df1e47d901cfb8b7d8db6a6c5e0778c129c2198d32059d96b8alibsndfile-devel-1.0.20-3.el6_1.1.i686.rpm1ee2ddfee04a934cd9e3d07ae0fcc5c32d3507fee105f223a71b7f3171559504SLSA-2011:1085-1A flaw was found in the way the FreeType font rendering engine processed certain PostScript Type 1 fonts. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0226) The X server must be restarted (log out, then log back in) for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6freetype-devel-2.3.11-6.el6_1.6.i686.rpm08417bea5f3630b3b8eec848b275509de31bde1f0a4cdadceae85359249d8fc2freetype-2.3.11-6.el6_1.6.i686.rpmb18d10824ec993d0a3d926143f407a5db851e7524bceada6fc2264c4b1c59f28freetype-demos-2.3.11-6.el6_1.6.i686.rpmd38fed68fbbad50f15f00156783700f110714d8f3691adda7b71b1b7a9bcafd4SLSA-2011:1088-1It was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing ("staprun -u"). A local user who is a member of the stapusr group could use this flaw to bypass intended module-loading restrictions, allowing them to escalate their privileges by loading an arbitrary, unsigned module. (CVE-2011-2502) A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. (CVE-2011-2503)moderateScientific Linux FermiScientific Linux Fermi 6systemtap-client-1.4-6.el6_1.2.i686.rpm11cdbe13f525d1f871d12781307a8b3ae1df61e55a2d15825e123617cbe872e8systemtap-sdt-devel-1.4-6.el6_1.2.i686.rpm32bceb94a944be8a6f84ec9f094e76a23b8fd2cb041e51dc302e02583f44cedfsystemtap-grapher-1.4-6.el6_1.2.i686.rpmded4baa1a975ad36a5e4fdd4102552a03b53b998cd5909d7bf87c42ae5f285b7systemtap-server-1.4-6.el6_1.2.i686.rpm7bae4c36d8764f6c77e95ecd8e3b165d533fd0e33859111819461528b38c8709systemtap-runtime-1.4-6.el6_1.2.i686.rpm8291b58443d9b859f7f02039165e746de2927fb7993f30356220d8f7f0e487e8systemtap-initscript-1.4-6.el6_1.2.i686.rpmbefa86c5a1822ed7ad6afbaea740e6f43eccc455edd7fbce5a00ea0600f6abddsystemtap-1.4-6.el6_1.2.i686.rpmaabad0888bfbf039df57e5101e5a6e3ee8f8b2ed9302343a5f3b6d39751e32cesystemtap-testsuite-1.4-6.el6_1.2.i686.rpma75958d58016642e6e865275fc016708fdc8d07add47b34092b811c8f08ee5c6SLSA-2011:1100-1A flaw was discovered in the JNLP (Java Network Launching Protocol) implementation in IcedTea-Web. An unsigned Java Web Start application could use this flaw to manipulate the content of a Security Warning dialog box, to trick a user into granting the application unintended access permissions to local files. (CVE-2011-2514) An information disclosure flaw was discovered in the JNLP implementation in IcedTea-Web. An unsigned Java Web Start application or Java applet could use this flaw to determine the path to the cache directory used to store downloaded Java class and archive files, and therefore determine the user's login name. (CVE-2011-2513)moderateScientific Linux FermiScientific Linux Fermi 6icedtea-web-javadoc-1.0.4-2.el6_1.i686.rpmff6d0e94ff0fd20c16e70e863a69450c09ade6a27e2aa4948355079e38760225icedtea-web-1.0.4-2.el6_1.i686.rpm58d28b14b58f979ff91b925c15c82bc23c6ee9c233ef14975c410961965431d4SLSA-2011:1102-1A directory traversal flaw was found in libsoup's SoupServer. If an application used SoupServer to implement an HTTP service, a remote attacker who is able to connect to that service could use this flaw to access any local files accessible to that application via a specially-crafted request. (CVE-2011-2524) All running applications using libsoup's SoupServer must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libsoup-2.28.2-1.el6_1.1.i686.rpmce2293ffac1312a26dc71a2b8e92350aab213425c85b1c8f437b3722436bbd64libsoup-devel-2.28.2-1.el6_1.1.i686.rpm1eb19bdf980be88b0fbf6b5e4d7ba7384107ff0a9f1212bfe9ff725f647cda08SLSA-2011:1105-1A buffer overflow flaw was found in the way libpng processed certain PNG image files. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-2690) Note: The application behavior required to exploit CVE-2011-2690 is rarely used. No application shipped with Scientific Linux behaves this way, for example. An out-of-bounds memory read flaw was found in the way libpng processed certain PNG image files. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash. (CVE-2011-2501) An uninitialized memory read issue was found in the way libpng processed certain PNG images that use the Physical Scale (sCAL) extension. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash. (CVE-2011-2692) 2.46 to correct these issues. All running applications using libpng must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libpng-1.2.46-1.el6_1.i686.rpmd930be3667593db7479576e47d6b2e195e097b154b0b5ba654a80b05c795a18clibpng-devel-1.2.46-1.el6_1.i686.rpm0b25afcbbaf9f0f906dd1513f1cada4f157a18a6b5b81ba772212f4c9fa8f598libpng-static-1.2.46-1.el6_1.i686.rpm96d4b3fde775510304f850f714ada21b16b74c591db445cf13c758e568cc9e02SLSA-2011:1110-1An input sanitization flaw was found in the foomatic-rip print filter. An attacker could submit a print job with the username, title, or job options set to appear as a command line option that caused the filter to use a specified PostScript printer description (PPD) file, rather than the administrator-set one. This could lead to arbitrary code execution with the privileges of the "lp" user. (CVE-2011-2964)moderateScientific Linux FermiScientific Linux Fermi 6foomatic-4.0.4-1.el6_1.1.i686.rpm97aaf34bf2ab711922d9ceab61901c8045dbbacdc8aea5ac339dad9add20ea34SLSA-2011:1132-1A denial of service flaw was found in the way the D-Bus library handled endianness conversion when receiving messages. A local user could use this flaw to send a specially-crafted message to dbus-daemon or to a service using the bus, such as Avahi or NetworkManager, possibly causing the daemon to exit or the service to disconnect from the bus. (CVE-2011-2200) For the update to take effect, all running instances of dbus-daemon and all running applications using the libdbus library must be restarted, or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6dbus-libs-1.2.24-5.el6_1.i686.rpm89678349737679f3d385e913a1536ba529ceb8a74f44dad5c2af0c9b2a463bebdbus-devel-1.2.24-5.el6_1.i686.rpmb816067c26cbb20b1727300824a1bcfc9f3f0f725ec711ab58eba2c498df3a47dbus-doc-1.2.24-5.el6_1.noarch.rpm933be8bbe0985a0a244fb1434728a415f803693529f3e6832d50ee2bd4ce2d2bdbus-1.2.24-5.el6_1.i686.rpm88f0688ea615f1cde467786e52c3315afeb60f1580d1e105a215e6207db468bcdbus-x11-1.2.24-5.el6_1.i686.rpmf8eb47264087103e862810d9c3bf60becef212633de68118ea881554a937ab61SLSA-2011:1154-1A buffer overflow flaw was found in the way the libXfont library, used by the X.Org server, handled malformed font files compressed using UNIX compress. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2011-2895) All running X.Org server instances must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libXfont-1.4.1-2.el6_1.i686.rpm27e1d27c58c16d1e5a8e5b5c8774075227c934efc03d0a9588b4acf1e4c7c2f4libXfont-devel-1.4.1-2.el6_1.i686.rpmfc0f8a50bfa4d5397c7116e5ae52ce6b8cf7f1b64d30f167c407534b9c410a2bSLSA-2011:1160-1Two denial of service flaws were found in the way the dhcpd daemon handled certain incomplete request packets. A remote attacker could use these flaws to crash dhcpd via a specially-crafted request. (CVE-2011-2748, CVE-2011-2749) After installing this update, all DHCP servers will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6dhcp-4.1.1-19.P1.el6_1.1.i686.rpm4e52194201d92e5316e0c6b0473f2abdf8a7d984208c9ef91b97bb4ea1c5b84adhcp-devel-4.1.1-19.P1.el6_1.1.i686.rpm966da51ecd7ae8ff3e3076955ed6f5904ee6515a2f6d8363e683f4a2827f9114dhclient-4.1.1-19.P1.el6_1.1.i686.rpm61858edf005fb5a4409be251aa6131f741ee7988e825fc2da7370aa95ca23e90SLSA-2011:1164-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2982) A dangling pointer flaw was found in the Firefox Scalable Vector Graphics (SVG) text manipulation routine. A web page containing a malicious SVG image could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-0084) A dangling pointer flaw was found in the way Firefox handled a certain Document Object Model (DOM) element. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2378) A flaw was found in the event management code in Firefox. A website containing malicious JavaScript could cause Firefox to execute that JavaScript with the privileges of the user running Firefox. (CVE-2011-2981) A flaw was found in the way Firefox handled malformed JavaScript. A web page containing malicious JavaScript could cause Firefox to access already freed memory, causing Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2983) It was found that a malicious web page could execute arbitrary code with the privileges of the user running Firefox if the user dropped a tab onto the malicious web page. (CVE-2011-2984) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-3.6.20-2.el6_1.i686.rpm144e2c254e3658648175d93a48cf09becd82e587eff7566512865f9b82a7c20dxulrunner-devel-1.9.2.20-2.el6_1.i686.rpm49eab3cc695c5b5a02fbf971e125357b9a0b3aa0eaeab3e59fcdd0da0a5a2828xulrunner-1.9.2.20-2.el6_1.i686.rpm476f00051ca8fd7247fa25559bc5b5c138c36e0d3dbefe02cbe5a1a918b63c81SLSA-2011:1166-1Several flaws were found in the processing of malformed HTML content. Malicious HTML content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2982) A dangling pointer flaw was found in the Thunderbird Scalable Vector Graphics (SVG) text manipulation routine. An HTML mail message containing a malicious SVG image could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-0084) A dangling pointer flaw was found in the way Thunderbird handled a certain Document Object Model (DOM) element. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2378) All running instances of Thunderbird must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-3.1.12-1.el6_1.i686.rpm311b021db8adb8b0c3f71a16280a3e34a21c01407b06046eeb5da95fcd11962bSLSA-2011:1187-1A denial of service flaw was found in the way Dovecot handled NULL characters in certain header names. A mail message with specially-crafted headers could cause the Dovecot child process handling the target user's connection to crash, blocking them from downloading the message successfully and possibly leading to the corruption of their mailbox. (CVE-2011-1929) After installing the updated packages, the dovecot service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6dovecot-devel-2.0.9-2.el6_1.1.i686.rpm9a829f660a7065851bd761a2f0b64e11d529238730667d38faac6aa24a8d60acdovecot-pigeonhole-2.0.9-2.el6_1.1.i686.rpm23ce85f51838aff9fb602c2fe9065912f03d5b236bf5f7555dc788d0000fac19dovecot-2.0.9-2.el6_1.1.i686.rpma8e21d88c994fd8cb4a8e44632d130abc6f76b57e02635878baa6aae10865082dovecot-mysql-2.0.9-2.el6_1.1.i686.rpme891fd301c3209fcf41b2edbbca309dcb035e7d9ad4ae0d3274435685547b028dovecot-pgsql-2.0.9-2.el6_1.1.i686.rpmf3a32be892efb0a220b4b764aa5589bd326abe8c5a95c4dfc2c9174fed8305e9SLSA-2011:1189-1* Using PCI passthrough without interrupt remapping support allowed KVM guests to generate MSI interrupts and thus potentially inject traps. A privileged guest user could use this flaw to crash the host or possibly escalate their privileges on the host. The fix for this issue can prevent PCI passthrough working and guests starting. (CVE-2011-1898, Important) * Flaw in the client-side NLM implementation could allow a local, unprivileged user to cause a denial of service. (CVE-2011-2491, Important) * Integer underflow in the Bluetooth implementation could allow a remote attacker to cause a denial of service or escalate their privileges by sending a specially-crafted request to a target system via Bluetooth. (CVE-2011-2497, Important) * Buffer overflows in the netlink-based wireless configuration interface implementation could allow a local user, who has the CAP_NET_ADMIN capability, to cause a denial of service or escalate their privileges on systems that have an active wireless interface. (CVE-2011-2517, Important) * Flaw in the way the maximum file offset was handled for ext4 file systems could allow a local, unprivileged user to cause a denial of service. (CVE-2011-2695, Important) * Flaw allowed napi_reuse_skb() to be called on VLAN packets. An attacker on the local network could use this flaw to send crafted packets to a target, possibly causing a denial of service. (CVE-2011-1576, Moderate) * Integer signedness error in next_pidmap() could allow a local, unprivileged user to cause a denial of service. (CVE-2011-1593, Moderate) * Race condition in the memory merging support (KSM) could allow a local, unprivileged user to cause a denial of service. KSM is off by default, but on systems running VDSM, or on KVM hosts, it is likely turned on by the ksm/ksmtuned services. (CVE-2011-2183, Moderate) * Flaw in inet_diag_bc_audit() could allow a local, unprivileged user to cause a denial of service. (CVE-2011-2213, Moderate) * Flaw in the way space was allocated in the Global File System 2 (GFS2) implementation. If the file system was almost full, and a local, unprivileged user made an fallocate() request, it could result in a denial of service. Setting quotas to prevent users from using all available disk space would prevent exploitation of this flaw. (CVE-2011-2689, Moderate) * Local, unprivileged users could send signals via the sigqueueinfo system call, with si_code set to SI_TKILL and with spoofed process and user IDs, to other processes. This flaw does not allow existing permission checks to be bypassed; signals can only be sent if your privileges allow you to already do so. (CVE-2011-1182, Low) * Heap overflow in the EFI GUID Partition Table (GPT) implementation could allow a local attacker to cause a denial of service by mounting a disk containing crafted partition tables. (CVE-2011-1776, Low) * Structure padding in two structures in the Bluetooth implementation was not initialized properly before being copied to user-space, possibly allowing local, unprivileged users to leak kernel stack memory to user-space. (CVE-2011-2492, Low) * /proc/[PID]/io is world-readable by default. Previously, these files could be read without any further restrictions. A local, unprivileged user could read these files, belonging to other, possibly privileged processes to gather confidential information, such as the length of a password used in a process. (CVE-2011-2495, Low)importantScientific Linux FermitrueScientific Linux Fermi 6kernel-firmware-2.6.32-131.12.1.el6.noarch.rpmc041e10ad59e035883c51ebf7c3ccab70e5b64a36d02c4ff79e13700d75edba8kernel-debug-2.6.32-131.12.1.el6.i686.rpme413b9daae9c2432323b3b26794492df45862089bd6cbc6c4f372494f62ef09ckernel-headers-2.6.32-131.12.1.el6.i686.rpm183e898dcd6b241346b836bb5dd77e6c51be072e4e94c67b0a1af35cc076d3c4kernel-2.6.32-131.12.1.el6.i686.rpmd0c5f88cff255cd5d7cd53bf1d3cde773bd60b8bca884c3468024c9adf69ad4akernel-doc-2.6.32-131.12.1.el6.noarch.rpm0afb68fb3252d5e47eb5a82cb48a9a2c2aefdfb5ec2de5b9a310cca29bdfe39fperf-2.6.32-131.12.1.el6.i686.rpmdf66c3402fca405bc738048233b9ba9b1880b7b2480cb0443aea5622994dcd13kernel-devel-2.6.32-131.12.1.el6.i686.rpm9f8b4b0a7673cfe7b2fbc3f516eefaf42a9ffa52ee07bf4fcce4321b6fb2fa16kernel-debug-devel-2.6.32-131.12.1.el6.i686.rpmf0a6bb5765eaa3cc9f46e4c098b458e4483f8664499db1301e95bb73d383a238SLSA-2011:1197-1An integer overflow flaw was found in libvirtd's RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by calling virDomainGetVcpus() with specially-crafted parameters, causing libvirtd to crash. (CVE-2011-2511) This update also fixes the following bugs: * Previously, when the "virsh vol-create-from" command was run on an LVM (Logical Volume Manager) storage pool, performance of the command was very low and the operation consumed an excessive amount of time. This bug has been fixed in the virStorageVolCreateXMLFrom() function, and the performance problem of the command no longer occurs. * Due to a regression, libvirt used undocumented command line options, instead of the recommended ones. Consequently, the qemu-img utility used an invalid argument while creating an encrypted volume, and the process eventually failed. With this update, the bug in the backing format of the storage back end has been fixed, and encrypted volumes can now be created as expected. * Due to a bug in the qemuAuditDisk() function, hot unplug failures were never audited, and a hot unplug success was audited as a failure. This bug has been fixed, and auditing of disk hot unplug operations now works as expected. * Previously, when a debug process was being activated, the act of preparing a debug message ended up with dereferencing a UUID (universally unique identifier) prior to the NULL argument check. Consequently, an API running the debug process sometimes terminated with a segmentation fault. With this update, a patch has been provided to address this issue, and the crashes no longer occur in the described scenario. * The libvirt library uses the "boot=on" option to mark which disk is bootable but it only uses that option if Qemu advertises its support. The qemu-kvm utility in Scientific Linux 6.1 removed support for that option and libvirt could not use it. As a consequence, when an IDE disk was added as the second storage with a virtio disk being set up as the first one by default, the operating system tried to boot from the IDE disk rather than the virtio disk and either failed to boot with the "No bootable disk" error message returned, or the system booted whatever operating system was on the IDE disk. With this update, the boot configuration is translated into bootindex, which provides control over which device is used for booting a guest operating system, thus fixing this bug. After installing the updated packages, libvirtd must be restarted ("service libvirtd restart") for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libvirt-client-0.8.7-18.el6_1.1.i686.rpmb22c0d7d044025237a49228e2223f892a393ecc481820532bc4437f427bf2b7alibvirt-0.8.7-18.el6_1.1.i686.rpmc695fb9e8c8be30cdaddb2fa977cf3a3239442f313928f48021ee8a4ff46cce7libvirt-devel-0.8.7-18.el6_1.1.i686.rpm1dd6dd421f2a7a2abe59b1bc1ae8717b7d66565e0cbb284edec3a8beec865baelibvirt-python-0.8.7-18.el6_1.1.i686.rpmef00c69b6437239873cb95a5bd858d09443b9fe35303c75c1133845e9ee17bdeSLSA-2011:1221-1A cross-site scripting (XSS) flaw was found in the password change page of the Samba Web Administration Tool (SWAT). If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's SWAT session. (CVE-2011-2694) It was found that SWAT web pages did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who was logged into the SWAT interface, into visiting a specially-crafted URL, the attacker could perform Samba configuration changes with the privileges of the logged in user. (CVE-2011-2522) It was found that the fix for CVE-2010-0547, provided in the cifs-utils package included in the GA release of Scientific Linux 6, was incomplete. The mount.cifs tool did not properly handle share or directory names containing a newline character, allowing a local attacker to corrupt the mtab (mounted file systems table) file via a specially-crafted CIFS share mount request, if mount.cifs had the setuid bit set. (CVE-2011-2724) It was found that the mount.cifs tool did not handle certain errors correctly when updating the mtab file. If mount.cifs had the setuid bit set, a local attacker could corrupt the mtab file by setting a small file size limit before running mount.cifs. (CVE-2011-1678) Note: mount.cifs from the cifs-utils package distributed by Scientific Linux does not have the setuid bit set. We recommend that administrators do not manually set the setuid bit for mount.cifs. This update also fixes the following bug: * If plain text passwords were used ("encrypt passwords = no" in "/etc/samba/smb.conf"), Samba clients running the Windows XP or Windows Server 2003 operating system may not have been able to access Samba shares after installing the Microsoft Security Bulletin MS11-043. This update corrects this issue, allowing such clients to use plain text passwords to access Samba shares. After installing this update, the smb service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6samba-common-3.5.6-86.el6_1.4.i686.rpm7e139f3de1c5b481732e1f6464f2013cc95923ce101a6ff3b1d8580e0a5f258esamba-doc-3.5.6-86.el6_1.4.i686.rpm0dfe4a08c8991fd056fe290cd77577ea00776c7c5c72b465a544434c26bce1a0cifs-utils-4.8.1-2.el6_1.2.i686.rpm2fb0d4bf396f148e72ddbd3c03b455b26e71e63eccd3e196912a049bd53959c3samba-3.5.6-86.el6_1.4.i686.rpm6306fba5339edd8745bb1f8e124a278d1e9b8239673b671e238d279308e834a0samba-winbind-clients-3.5.6-86.el6_1.4.i686.rpmea0b0638c258d175636c0bb646bbe26b1ced5aa9d0951c97f7afc6a5c83a33b2samba-domainjoin-gui-3.5.6-86.el6_1.4.i686.rpma82f35a605a8da49935675f77f5d452c8a0ec9a3b539d0202f3c5fed3284838fsamba-swat-3.5.6-86.el6_1.4.i686.rpm32d0d342a363b73910752e58381a3a375f321089607df15be4df3f03e514e778samba-winbind-krb5-locator-3.5.6-86.el6_1.4.i686.rpm55dd068199e64d3da940760014cbf9fde1d9f60c0ec6c9b1ca36a12df002573csamba-winbind-devel-3.5.6-86.el6_1.4.i686.rpm797d4a6dabd00da98af69087db0c058fc5ca6b3ae37109ddb77ab68c0fc72cb1libsmbclient-3.5.6-86.el6_1.4.i686.rpm3a7c6ef772bab5a639b4a5bec9582494079c327039566f77647638233ca4a1fesamba-winbind-3.5.6-86.el6_1.4.i686.rpm449f1cad58b3e32c84a55a24081b1680c6baec6881c6254d64d4c749235b3b99samba-client-3.5.6-86.el6_1.4.i686.rpma036b6a293e0d2f57a36f44fea9d9be639b9033bf516599d9170dcf10f0cde35libsmbclient-devel-3.5.6-86.el6_1.4.i686.rpmb98d50c3dd3694e862c26e6fd0b0a03ccdbfdca10520820f57aae27882419fe0SLSA-2011:1241-1The setuid mount.ecryptfs_private utility allows users to mount an eCryptfs file system. This utility can only be run by users in the "ecryptfs" group. A race condition flaw was found in the way mount.ecryptfs_private checked the permissions of a requested mount point when mounting an encrypted file system. A local attacker could possibly use this flaw to escalate their privileges by mounting over an arbitrary directory. (CVE-2011-1831) A race condition flaw in umount.ecryptfs_private could allow a local attacker to unmount an arbitrary file system. (CVE-2011-1832) It was found that mount.ecryptfs_private did not handle certain errors correctly when updating the mtab (mounted file systems table) file, allowing a local attacker to corrupt the mtab file and possibly unmount an arbitrary file system. (CVE-2011-1834) An insecure temporary file use flaw was found in the ecryptfs-setup-private script. A local attacker could use this script to insert their own key that will subsequently be used by a new user, possibly giving the attacker access to the user's encrypted data if existing file permissions allow access. (CVE-2011-1835) A race condition flaw in mount.ecryptfs_private could allow a local attacker to overwrite arbitrary files. (CVE-2011-1837) A race condition flaw in the way temporary files were accessed in mount.ecryptfs_private could allow a malicious, local user to make arbitrary modifications to the mtab file. (CVE-2011-3145) A race condition flaw was found in the way mount.ecryptfs_private checked the permissions of the directory to mount. A local attacker could use this flaw to mount (and then access) a directory they would otherwise not have access to. Note: The fix for this issue is incomplete until a kernel-space change is made. Future Scientific Linux 5 and 6 kernel updates will correct this issue. (CVE-2011-1833)moderateScientific Linux FermiScientific Linux Fermi 6ecryptfs-utils-82-6.el6_1.3.i686.rpm527d502672ec2ae40c83746032a02926c67ef0f0c0641f27e5b0e656ca977037ecryptfs-utils-python-82-6.el6_1.3.i686.rpm23462b1b7cb8568225f05cc342b87ae8b741ed3c88fc1121412c0fce04dc4932ecryptfs-utils-devel-82-6.el6_1.3.i686.rpm3c87c358bd378d36347929942adcd42ffcff5824522ae872b079462984ec212aSLSA-2011:1242-1It was found that a Certificate Authority (CA) issued a fraudulent HTTPS certificate. This update renders any HTTPS certificates signed by that CA as untrusted, except for a select few. The now untrusted certificates that were issued before July 1, 2011 can be manually re-enabled and used again at your own risk in Firefox; however, affected certificates issued after this date cannot be re-enabled or used. After installing the update, Firefox must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6xulrunner-1.9.2.20-3.el6_1.i686.rpmea40609a2b173f62e150dbce0b9fb79d5fa7ba936bbd0c4ff4f14afd27dec114xulrunner-devel-1.9.2.20-3.el6_1.i686.rpm47f7697c0280f29de32776477db49cdc98376e20d2e6f0e2d310ddbb59747dccSLSA-2011:1243-1It was found that a Certificate Authority (CA) issued a fraudulent HTTPS certificate. This update renders any HTTPS certificates signed by that CA as untrusted, except for a select few. The now untrusted certificates that were issued before July 1, 2011 can be manually re-enabled and used again at your own risk in Thunderbird; however, affected certificates issued after this date cannot be re-enabled or used. All running instances of Thunderbird must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-3.1.12-2.el6_1.i686.rpme9892ac80079f96913678a7521bed554db3e8cfd30f9640876564618bf26863bSLSA-2011:1245-1A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. (CVE-2011-3192) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6httpd-devel-2.2.15-9.sl6.2.i686.rpm1d78559e442bb109844992ec5140a13c6d4123ab3bea52cf39834f6d0167d38fmod_ssl-2.2.15-9.sl6.2.i686.rpm6a13789a154b66dba6fe94a0a897d94b83c97e9b66d6d5726a7ade77c6581311httpd-2.2.15-9.sl6.2.i686.rpm387dc95c226f4fadfc28d3e00cfcfcdba2693fc514300f17b7dd2db651d81902httpd-manual-2.2.15-9.sl6.2.noarch.rpm2dc968e721e0a69727621b1da92e5a41d47150d6def1f194329039b5b8d3c838httpd-tools-2.2.15-9.sl6.2.i686.rpmbf341f19814c5f8d4caa663e04703f76a3a8e60364720778f52e699067d98200SLSA-2011:1247-1A two byte buffer overflow flaw was found in the rsyslog daemon's parseLegacySyslogMsg function. An attacker able to submit log messages to rsyslogd could use this flaw to crash the daemon. (CVE-2011-3200) After installing this update, the rsyslog daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6rsyslog-4.6.2-3.el6_1.2.i686.rpm2f663eb95fc02d122510d021c6e30a21072cf2562149ace85e9f032c4e938b3brsyslog-gssapi-4.6.2-3.el6_1.2.i686.rpm028df5d4494ddb588f3d9e1d9e7a1bf58ba9d3d85d5892252c3d7980abd637b5rsyslog-mysql-4.6.2-3.el6_1.2.i686.rpm1e51d5550e88c21f714a6de870af39a197469a0ba84a3eb68135903fcd8180bdrsyslog-pgsql-4.6.2-3.el6_1.2.i686.rpm31d80d5862b62ab7f9c58f947a411e525accff97c07444f47185aca89aa47121rsyslog-relp-4.6.2-3.el6_1.2.i686.rpm662ff426410feac8d6a60400d632d0c572499ac4a4bf24b1354074b8fd8ded24rsyslog-gnutls-4.6.2-3.el6_1.2.i686.rpm05db1ecccc02f232eac86a1db60ef82394cf5ba02ac3f3032330c6a6e512bf97SLSA-2011:1248-1It was found that a Certificate Authority (CA) issued fraudulent HTTPS certificates. This update removes that CA's root certificate from the ca- certificates package, rendering any HTTPS certificates signed by that CA as untrusted. After installing the update, all applications using the ca-certificates package must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6ca-certificates-2010.63-3.el6_1.5.noarch.rpmac86496624a1a15df16ae357950b34a8a7f8999d9944405a549fc9cf08ebf594SLSA-2011:1267-1The SLSA-2011:1243 Thunderbird update rendered HTTPS certificates signed by a certain Certificate Authority (CA) as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted. All running instances of Thunderbird must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-3.1.14-1.el6_1.i686.rpmcf8728e356dd1a3af662512a227f7b553ae6af22ccabe8efe657e1a6310cd576SLSA-2011:1268-1The SLSA-2011:1242 Firefox update rendered HTTPS certificates signed by a certain Certificate Authority (CA) as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted. 6.22. After installing the update, Firefox must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6xulrunner-devel-1.9.2.22-1.el6_1.i686.rpme5184cdffa9db2fd99e47d6e5940f0ea42b2a2d55894106bfa932436c89f7a84xulrunner-1.9.2.22-1.el6_1.i686.rpmc10ffa473fcac9aa3fce46493377aa280fc24ff75d2a07346d1b34e6a2562397firefox-3.6.22-1.el6_1.i686.rpm9a213ca7001ac95769c54843cfbd37f911ca3312d66219bba74982d90e805ceeSLSA-2011:1282-1Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. It was found that a Certificate Authority (CA) issued fraudulent HTTPS certificates. This update renders any HTTPS certificates signed by that CA as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and code signing. Note: This fix only applies to applications using the NSS Builtin Object Token. It does not render the certificates untrusted for applications that use the NSS library, but do not use the NSS Builtin Object Token. These updated packages upgrade NSS to version 3.12.10 on Scientific Linux 4 and 5. As well, they upgrade NSPR to version 4.8.8 on Scientific Linux 4 and 5, as required by the NSS update. The packages for Scientific Linux 6 include a backported patch. After installing the update, applications using NSS and NSPR must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6nss-tools-3.12.9-12.el6_1.i686.rpmf6feda3370d2b3e550e014a843cd65c299ed44921b64b98a6df534c3db94ff19nss-3.12.9-12.el6_1.i686.rpm2e9e1725e1654f773f21dfe4f2a8d0362092709e24239ed54857fa5a923ee0b8nss-sysinit-3.12.9-12.el6_1.i686.rpm107612a8dddc031c5cfc499e9ddee242afeab21f52c221f440747b0d53d929canss-devel-3.12.9-12.el6_1.i686.rpm0bb13b9dfabb13f3b4b197595efeee5c716670a012a4a186933fdf77e7d422fanss-pkcs11-devel-3.12.9-12.el6_1.i686.rpm83869a8967364b9b819b8fd9378ef5c2eb3d4abf35533820b16514bf00146e97SLSA-2011:1289-1A flaw was found in the way librsvg2 parsed certain SVG files. An attacker could create a specially-crafted SVG file that, when opened, would cause applications that use librsvg2 (such as Eye of GNOME) to crash or, potentially, execute arbitrary code. (CVE-2011-3146) All running applications that use librsvg2 must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6librsvg2-devel-2.26.0-5.el6_1.1.i686.rpm8c996e7e4a865ed4fdac0c508fb3574010b2729819a2f51b6b252c3962d269a1librsvg2-2.26.0-5.el6_1.1.i686.rpm6200062d06c11a67f3412fb8becc93567002ff9a974aefab099626e8724147d1SLSA-2011:1293-1A buffer overflow flaw was found in the way Squid parsed replies from remote Gopher servers. A remote user allowed to send Gopher requests to a Squid proxy could possibly use this flaw to cause the squid child process to crash or execute arbitrary code with the privileges of the squid user, by making Squid perform a request to an attacker-controlled Gopher server. (CVE-2011-3205) After installing this update, the squid service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6squid-3.1.10-1.el6_1.1.i686.rpm4ff1acf2412b9f4a982c3783e543bb2d0a2e725d9c7b74e0cc57545043945731SLSA-2011:1317-1A buffer overflow flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to crash the nntpd child process or, possibly, execute arbitrary code with the privileges of the cyrus user. (CVE-2011-3208) After installing the update, cyrus-imapd will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6cyrus-imapd-devel-2.3.16-6.el6_1.3.i686.rpm464f3720a9d92671dec1facac3617638f1b4af9266485bdbd1402e952fe3396bcyrus-imapd-2.3.16-6.el6_1.3.i686.rpm1961bca66b88bea090c21dc9d70bb070849c66a5eab236f027ce16c0c3c387b1cyrus-imapd-utils-2.3.16-6.el6_1.3.i686.rpm95c9f897576efd17b9dcbff91034b39e49805d5e3cb988fa19dc2c59fc4fb14fSLSA-2011:1323-1A buffer overflow flaw was found in the harfbuzz module in Qt. If a user loaded a specially-crafted font file with an application linked against Qt, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3193) A buffer overflow flaw was found in the way Qt handled certain gray-scale image files. If a user loaded a specially-crafted gray-scale image file with an application linked against Qt, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3194) All running applications linked against Qt libraries must be restarted for this update to take effect.moderateScientific Linux FermitruetrueScientific Linux Fermi 6qt-x11-4.6.2-17.el6_1.1.i686.rpmb421e40540c46e1249dc22ccaf0b1fe4f082f922860e27da6452357783066938qt-4.6.2-17.el6_1.1.i686.rpmd077cf556a991d1355b045b6cbd676c68017cf56dce4b50a453db9dcf1acde81qt-mysql-4.6.2-17.el6_1.1.i686.rpmda208ee82ee469b6349378e43d200857820031c5c2261c190f0c7a823af24925qt-postgresql-4.6.2-17.el6_1.1.i686.rpm77f36f6dd8ab3737e65f2344f8661b6cfe9282403bcba49172a1c1ff0fe00fe1phonon-backend-gstreamer-4.6.2-17.el6_1.1.i686.rpma2707b8c72e82608c4e52df586042eaa4aafd817e65d4bbf9e5bc200b21d334dqt-odbc-4.6.2-17.el6_1.1.i686.rpmab64b247832b7ce3ef2cceca1b369bef0e92c01c28269a9fccb299ab4df5967cqt-devel-4.6.2-17.el6_1.1.i686.rpm8f12d45e4173955309f6cc7ce7960c00c9e6fe0a95b344fed363f18bde921c9dqt-doc-4.6.2-17.el6_1.1.noarch.rpm000b672a76cb3bb400611bab8d8e12b0591d316004d26cb588747289a17e1eaeqt-examples-4.6.2-17.el6_1.1.i686.rpm71ba3da7c6fca9f1b9fa22e4467877c93f468667e829da844d095966782b6632qt-demos-4.6.2-17.el6_1.1.i686.rpm34063459ce8ed5050fce242d2f1cbb10ff07575f0b26088047f9803bc36a5e63qt-sqlite-4.6.2-17.el6_1.1.i686.rpm5fff6989df01e95a7a718f191b874243162819adec2107c31a29fa89aaadcf90SLSA-2011:1338-1An input sanitization flaw was found in the way the ifcfg-rh NetworkManager plug-in escaped network connection names containing special characters. If PolicyKit was configured to allow local, unprivileged users to create and save new network connections, they could create a connection with a specially- crafted name, leading to the escalation of their privileges. Note: By default, PolicyKit prevents unprivileged users from creating and saving network connections. (CVE-2011-3364) Running instances of NetworkManager must be restarted ("service NetworkManager restart") for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6NetworkManager-glib-0.8.1-9.el6_1.3.i686.rpm4d6bf6e66fd007b4ee1f2459938c6e0aeed08558d6174b258074684049b0054fNetworkManager-devel-0.8.1-9.el6_1.3.i686.rpm3d2058f797785b58c51f9180db30a5e53667904766696b5b843a2602c2d7f081NetworkManager-glib-devel-0.8.1-9.el6_1.3.i686.rpm3dc7127829f0b4928a5aec5a20613a25099bf30a6b57b15c46f9b999ee5546c0NetworkManager-0.8.1-9.el6_1.3.i686.rpmba9704d83b5cef1c038af0e1b6d8f77a1b76342268398e79d974b92bbedbf105NetworkManager-gnome-0.8.1-9.el6_1.3.i686.rpma6aa672596c4d789511f8690a9d41a9af41de4a69acf257d3e730eb2de5ea443SLSA-2011:1341-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2995) A flaw was found in the way Firefox processed the "Enter" keypress event. A malicious web page could present a download dialog while the key is pressed, activating the default "Open" action. A remote attacker could exploit this vulnerability by causing the browser to open malicious web content. (CVE-2011-2372) A flaw was found in the way Firefox handled Location headers in redirect responses. Two copies of this header with different values could be a symptom of a CRLF injection attack against a vulnerable server. Firefox now treats two copies of the Location, Content-Length, or Content-Disposition header as an error condition. (CVE-2011-3000) A flaw was found in the way Firefox handled frame objects with certain names. An attacker could use this flaw to cause a plug-in to grant its content access to another site or the local file system, violating the same-origin policy. (CVE-2011-2999) An integer underflow flaw was found in the way Firefox handled large JavaScript regular expressions. A web page containing malicious JavaScript could cause Firefox to access already freed memory, causing Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-2998) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-1.9.2.23-1.el6_1.1.i686.rpmf3f254e0d2997e3cf9db092f435ec6a5ceb9578baeae4b21ae0c1b17af107ea7firefox-3.6.23-2.el6_1.i686.rpm8358976af6a8962cd609001f72248e2d9654acecf7eaeac2460f16060e9646ddxulrunner-devel-1.9.2.23-1.el6_1.1.i686.rpm672ca16a169b4e176c5396b8190205163af45ed2825e0c43456950469220367cSLSA-2011:1342-1Several flaws were found in the processing of malformed HTML content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2995) A flaw was found in the way Thunderbird processed the "Enter" keypress event. A malicious HTML mail message could present a download dialog while the key is pressed, activating the default "Open" action. A remote attacker could exploit this vulnerability by causing the mail client to open malicious web content. (CVE-2011-2372) A flaw was found in the way Thunderbird handled Location headers in redirect responses. Two copies of this header with different values could be a symptom of a CRLF injection attack against a vulnerable server. Thunderbird now treats two copies of the Location, Content-Length, or Content-Disposition header as an error condition. (CVE-2011-3000) A flaw was found in the way Thunderbird handled frame objects with certain names. An attacker could use this flaw to cause a plug-in to grant its content access to another site or the local file system, violating the same-origin policy. (CVE-2011-2999) An integer underflow flaw was found in the way Thunderbird handled large JavaScript regular expressions. An HTML mail message containing malicious JavaScript could cause Thunderbird to access already freed memory, causing Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-2998) All running instances of Thunderbird must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-3.1.15-1.el6_1.i686.rpm93560a06bd7a1d7666cda0975eb5ecab54e52e516a2bc65922cd0a15ca990790SLSA-2011:1349-1Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. (CVE-2011-3378) All running applications linked against the RPM library must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6rpm-libs-4.8.0-16.el6_1.1.i686.rpm3fb6422fdf233d5f2c7d6e91f90fea43f9a3bb2006d60eab9dee7749f46999a8rpm-devel-4.8.0-16.el6_1.1.i686.rpme54eb4008674f1db6f51c28b85b5fa2f605351da02231842b1962312653a183frpm-python-4.8.0-16.el6_1.1.i686.rpmb30e3ea44655c42fee6c7a4066373acef539b65d90eb8c1e831d6cd4e2995b2arpm-4.8.0-16.el6_1.1.i686.rpm20a66198a92dc157c410a0f80788f93b67729ac7c92e4506ac8b38a3ef759a2crpm-cron-4.8.0-16.el6_1.1.noarch.rpmb39d5ec2afef458e00f33225b78337a0cc321a45c4a3785b2b303b5afc40a4f1rpm-apidocs-4.8.0-16.el6_1.1.noarch.rpmdf4bfb2871be57e21872f9f7e679f95827527663d547d77debdcf8f6e538b7bfrpm-build-4.8.0-16.el6_1.1.i686.rpmb4991a3a2492ea280b05c917aafeecabf7a9103051e2b7fef04839644620b1c2SLSA-2011:1350-1This update fixes the following security issues: * Flaws in the AGPGART driver implementation when handling certain IOCTL commands could allow a local user to cause a denial of service or escalate their privileges. (CVE-2011-1745, CVE-2011-2022, Important) * An integer overflow flaw in agp_allocate_memory() could allow a local user to cause a denial of service or escalate their privileges. (CVE-2011-1746, Important) * A race condition flaw was found in the Linux kernel's eCryptfs implementation. A local attacker could use the mount.ecryptfs_private utility to mount (and then access) a directory they would otherwise not have access to. Note: To correct this issue, the SLSA-2011:1241 ecryptfs-utils update, which provides the user-space part of the fix, must also be installed. (CVE-2011-1833, Moderate) * A denial of service flaw was found in the way the taskstats subsystem handled the registration of process exit handlers. A local, unprivileged user could register an unlimited amount of these handlers, leading to excessive CPU time and memory use. (CVE-2011-2484, Moderate) * A flaw was found in the way mapping expansions were handled. A local, unprivileged user could use this flaw to cause a wrapping condition, triggering a denial of service. (CVE-2011-2496, Moderate) * A flaw was found in the Linux kernel's Performance Events implementation. It could falsely lead the NMI (Non-Maskable Interrupt) Watchdog to detect a lockup and panic the system. A local, unprivileged user could use this flaw to cause a denial of service (kernel panic) using the perf tool. (CVE-2011-2521, Moderate) * A flaw in skb_gro_header_slow() in the Linux kernel could lead to GRO (Generic Receive Offload) fields being left in an inconsistent state. An attacker on the local network could use this flaw to trigger a denial of service. GRO is enabled by default in all network drivers that support it. (CVE-2011-2723, Moderate) * A flaw was found in the way the Linux kernel's Performance Events implementation handled PERF_COUNT_SW_CPU_CLOCK counter overflow. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2011-2918, Moderate) * A flaw was found in the Linux kernel's Trusted Platform Module (TPM) implementation. A local, unprivileged user could use this flaw to leak information to user-space. (CVE-2011-1160, Low) * Flaws were found in the tpacket_rcv() and packet_recvmsg() functions in the Linux kernel. A local, unprivileged user could use these flaws to leak information to user-space. (CVE-2011-2898, Low) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-headers-2.6.32-131.17.1.el6.i686.rpmec250c6346dc773cff35671d3f7ee75b5e90864b25ff801ea7587ad6db1a794ekernel-firmware-2.6.32-131.17.1.el6.noarch.rpmaeccc8a41798b2cefe5c2ea0d92a2e53c292f77274ea33c62e86dc1b63182752kernel-debug-2.6.32-131.17.1.el6.i686.rpm80bfe0ebb2fb4a540270b843f0eea3da0fdcdea296af7a076331a31c4629d1f8perf-2.6.32-131.17.1.el6.i686.rpm4967a7c7730c41d248d148f0b3121626ab76628a66cd9e1bb42f60b464796d06kernel-2.6.32-131.17.1.el6.i686.rpm97dc66f1ebfbe8336bd89c29da089f05328e2a06bcfa155f8a8296c7c34d4476kernel-devel-2.6.32-131.17.1.el6.i686.rpmf895cbaedc17fc08d3b317353a248a96828e9cfdbb909f7d600c4c702757061dkernel-debug-devel-2.6.32-131.17.1.el6.i686.rpm25001a6c0c20523e624dad5fb8557df3adcc2ccda51bc95d11fda82bd63dca2akernel-doc-2.6.32-131.17.1.el6.noarch.rpm4c16610ec28762bf1ff1d451869d02631dff1cdeb4ea00500349b4a89296d2baSLSA-2011:1356-1A NULL pointer dereference flaw was found in the way Openswan's pluto IKE daemon handled certain error conditions. A remote, unauthenticated attacker could send a specially-crafted IKE packet that would crash the pluto daemon. (CVE-2011-3380) After installing this update, the ipsec service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6openswan-doc-2.6.32-4.el6_1.2.i686.rpm4d733d2c2ba99bfd4ee8ea18349bd7aaa15d4c2860b98f1bfe62f61e61666c0dopenswan-2.6.32-4.el6_1.2.i686.rpm774eeada6fafde421ed2fe52f283dc2e5ef3aa2668bd38dd2fb2a944549f8b18SLSA-2011:1359-1Multiple input sanitization flaws were found in the X.Org GLX (OpenGL extension to the X Window System) extension. A malicious, authorized client could use these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2010-4818) An input sanitization flaw was found in the X.Org Render extension. A malicious, authorized client could use this flaw to leak arbitrary memory from the X.Org server process, or possibly crash the X.Org server. (CVE-2010-4819) All running X.Org server instances must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6xorg-x11-server-Xephyr-1.7.7-29.el6_1.2.i686.rpm2806497d9cd75fcf915aab9b5419f70f52167e8da1d37847780a96f728a5c394xorg-x11-server-source-1.7.7-29.el6_1.2.noarch.rpm556a28d8675743fb7183014c891d998772ef9aba4e19ec8ab5dca6eadc46a02axorg-x11-server-Xnest-1.7.7-29.el6_1.2.i686.rpm0e70430786d51990fc08d94082df739e860e8810faa7d9eeeaca295e92b83fe6xorg-x11-server-Xdmx-1.7.7-29.el6_1.2.i686.rpmaf7c6cc8ba21eab2319a0a34a416f0e895c58bbda6483ef6fe41fdb10abe83baxorg-x11-server-devel-1.7.7-29.el6_1.2.i686.rpm22644388a39b8efcf0594a1d480fb8edc0d08bb148ed2339cae3f7d3b7fd3e4axorg-x11-server-Xorg-1.7.7-29.el6_1.2.i686.rpm054935ed9351f3a392cdd0ff8a48245f3a28bb85869ac6fcb2779b0e8de481cdxorg-x11-server-Xvfb-1.7.7-29.el6_1.2.i686.rpm3f64beeb052d1dd4708c3e876a5ccbd75abe3d831c9acaa140d11577363eff2axorg-x11-server-common-1.7.7-29.el6_1.2.i686.rpm6af7ea153f2129959e920941153f5928e49e31459a6fc3b6a24422068fc39c54SLSA-2011:1364-1An input sanitization flaw was found in the KSSL (KDE SSL Wrapper) API. An attacker could supply a specially-crafted SSL certificate (for example, via a web page) to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid. (CVE-2011-3365) This update also adds the following enhancement: * kdelibs provided its own set of trusted Certificate Authority (CA) certificates. This update makes kdelibs use the system set from the ca- certificates package, instead of its own copy. The desktop must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kdelibs-common-4.3.4-11.el6_1.4.i686.rpmc61c0ffe9f39645eca98f398e8e12045325427f1073fbe4984d584cf00ebdcf4kdelibs-apidocs-4.3.4-11.el6_1.4.noarch.rpmb712d15bb31a148f6ce71e282b01755fb60184e5eb00db6a6ff42ec34f39c847kdelibs-4.3.4-11.el6_1.4.i686.rpma10488f76c2ebb5bdc792aeade08a553ea35ec6087f1c96a7e96fec058680eafkdelibs-devel-4.3.4-11.el6_1.4.i686.rpmff43713e91c79e76f4bb2cd3e1e9b0b44571b3782cd9d40caba91f3ad2e010b1SLSA-2011:1377-1A signedness issue was found in the way the crypt() function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483) Note: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to applications that store user passwords, hashed with Blowfish using the PostgreSQL crypt() function, in a back-end PostgreSQL database. Unsafe processing can be re-enabled for specific passwords (allowing affected users to log in) by changing their hash prefix to "$2x$". For Scientific Linux 6, the updated postgresql packages upgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release.html For Scientific Linux 4 and 5, the updated postgresql packages contain a backported patch. If the postgresql service is running, it will be automatically restarted after installing this update.moderateScientific Linux FermiScientific Linux Fermi 6postgresql-plpython-8.4.9-1.el6_1.1.i686.rpm3e64fb6680521c0f358166fb79ee3165316a4a6b4e10dea9d1722c8e42f2a245postgresql-devel-8.4.9-1.el6_1.1.i686.rpmfb1b731b34e2adf2ebb96c781f8d7882f49c42837b9f6cad0f9e0432bc9a0c10postgresql-docs-8.4.9-1.el6_1.1.i686.rpmad1c3f91ca6df4c674dc3d4734fa673f188a20b6de8866c8dc33bb3eb0657fd0postgresql-8.4.9-1.el6_1.1.i686.rpm21e81f43739204e85c02e9979f7d8e165c78f73d14df5bcb8e36b259f423b025postgresql-plperl-8.4.9-1.el6_1.1.i686.rpme71477096da22d623a25f71d01624f8ec69b1d9dbae68fd5eae6c3e10400d67dpostgresql-libs-8.4.9-1.el6_1.1.i686.rpme0237b3e2840342ceb82ce9f334b5431b51f582b32039e1f47953f9630dc3aa1postgresql-pltcl-8.4.9-1.el6_1.1.i686.rpm922123fe0884a959ab9ad9db9c8330930aeed2c8748b2e5b282d2ee4d9694279postgresql-test-8.4.9-1.el6_1.1.i686.rpmc1b7fc9a7ead1196cd948c28493fa1cab2df2dea7aa574462431d32c4fc7a588postgresql-server-8.4.9-1.el6_1.1.i686.rpmac624d479fc1b019f506d77c20743621bff3744708fe3695fa25a0dd3c61de91postgresql-contrib-8.4.9-1.el6_1.1.i686.rpm362ebfee74209314ebd22a5720acf7920fbb70a3bbcde6b58843c1d63469e716SLSA-2011:1380-1A flaw was found in the Java RMI (Remote Method Invocation) registry implementation. A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry. (CVE-2011-3556) A flaw was found in the Java RMI registry implementation. A remote RMI client could use this flaw to execute code on the RMI server with unrestricted privileges. (CVE-2011-3557) A flaw was found in the IIOP (Internet Inter-Orb Protocol) deserialization code. An untrusted Java application or applet running in a sandbox could use this flaw to bypass sandbox restrictions by deserializing specially-crafted input. (CVE-2011-3521) It was found that the Java ScriptingEngine did not properly restrict the privileges of sandboxed applications. An untrusted Java application or applet running in a sandbox could use this flaw to bypass sandbox restrictions. (CVE-2011-3544) A flaw was found in the AWTKeyStroke implementation. An untrusted Java application or applet running in a sandbox could use this flaw to bypass sandbox restrictions. (CVE-2011-3548) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the Java2D code used to perform transformations of graphic shapes and images. An untrusted Java application or applet running in a sandbox could use this flaw to bypass sandbox restrictions. (CVE-2011-3551) An insufficient error checking flaw was found in the unpacker for JAR files in pack200 format. A specially-crafted JAR file could use this flaw to crash the Java Virtual Machine (JVM) or, possibly, execute arbitrary code with JVM privileges. (CVE-2011-3554) It was found that HttpsURLConnection did not perform SecurityManager checks in the setSSLSocketFactory method. An untrusted Java application or applet running in a sandbox could use this flaw to bypass connection restrictions defined in the policy. (CVE-2011-3560) A flaw was found in the way the SSL 3 and TLS 1.0 protocols used block ciphers in cipher-block chaining (CBC) mode. An attacker able to perform a chosen plain text attack against a connection mixing trusted and untrusted data could use this flaw to recover portions of the trusted data sent over the connection. (CVE-2011-3389) Note: This update mitigates the CVE-2011-3389 issue by splitting the first application data record byte to a separate SSL/TLS protocol record. This mitigation may cause compatibility issues with some SSL/TLS implementations and can be disabled using the jsse.enableCBCProtection boolean property. This can be done on the command line by appending the flag "-Djsse.enableCBCProtection=false" to the java command. An information leak flaw was found in the InputStream.skip implementation. An untrusted Java application or applet could possibly use this flaw to obtain bytes skipped by other threads. (CVE-2011-3547) A flaw was found in the Java HotSpot virtual machine. An untrusted Java application or applet could use this flaw to disclose portions of the VM memory, or cause it to crash. (CVE-2011-3558) The Java API for XML Web Services (JAX-WS) implementation in OpenJDK was configured to include the stack trace in error messages sent to clients. A remote client could possibly use this flaw to obtain sensitive information. (CVE-2011-3553) It was found that Java applications running with SecurityManager restrictions were allowed to use too many UDP sockets by default. If multiple instances of a malicious application were started at the same time, they could exhaust all available UDP sockets on the system. (CVE-2011-3552) This erratum also upgrades the OpenJDK package to IcedTea6 1.9.10. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-src-1.6.0.0-1.40.1.9.10.el6_1.i686.rpmc86f6138aca556796de74775b948425b65c5d2b2785c5ef498d95bcc1d6fd00ejava-1.6.0-openjdk-devel-1.6.0.0-1.40.1.9.10.el6_1.i686.rpmf297c204aaf3fc94ffb09f3be31cf69026a843380a92b8e8b023414f95533acfjava-1.6.0-openjdk-javadoc-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm4fd9e0488911bea4a1ce2f0ddc7522719242a0919e144c6515d9661a13024655java-1.6.0-openjdk-demo-1.6.0.0-1.40.1.9.10.el6_1.i686.rpm6a575eb3daff383e3213868fa2f53a90e56a0d7248e30b7b0a3ccb245462ef70java-1.6.0-openjdk-1.6.0.0-1.40.1.9.10.el6_1.i686.rpmc3d4cb0dd70016c363aa70f7ff2c4271892fe60f0ed09beb14a8c7767c2414d0SLSA-2011:1385-1The kdelibs and kdelibs3 packages provide libraries for the K Desktop Environment (KDE). An input sanitization flaw was found in the KSSL (KDE SSL Wrapper) API. An attacker could supply a specially-crafted SSL certificate (for example, via a web page) to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid. (CVE-2011-3365) The desktop must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kdelibs3-apidocs-3.5.10-24.el6_1.1.noarch.rpm86124db964f5ed5c21418b984cade648e446167a444ff7f1f36797b86f672b1dkdelibs3-devel-3.5.10-24.el6_1.1.i686.rpmaa764969d98cbf7684f40ae0d3edc0732a9be58c98ecc4c43de36ee2cbfccbbekdelibs3-3.5.10-24.el6_1.1.i686.rpm4fe1321d6765723283d055946ec55307081a5eee23c9aa7b60404538f9ff926cSLSA-2011:1391-1It was discovered that the Apache HTTP Server did not properly validate the request URI for proxied requests. In certain configurations, if a reverse proxy used the ProxyPassMatch directive, or if it used the RewriteRule directive with the proxy flag, a remote attacker could make the proxy connect to an arbitrary server, possibly disclosing sensitive information from internal web servers not directly accessible to the attacker. (CVE-2011-3368) It was discovered that mod_proxy_ajp incorrectly returned an "Internal Server Error" response when processing certain malformed HTTP requests, which caused the back-end server to be marked as failed in configurations where mod_proxy was used in load balancer mode. A remote attacker could cause mod_proxy to not send requests to back-end AJP (Apache JServ Protocol) servers for the retry timeout period or until all back-end servers were marked as failed. (CVE-2011-3348) This update also fixes the following bug: * The fix for CVE-2011-3192 provided by the SLSA-2011:1245 update introduced regressions in the way httpd handled certain Range HTTP header values. This update corrects those regressions. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6httpd-tools-2.2.15-9.sl6.3.i686.rpm94591d630c7d8d6e2444a6f671e15978e1a8ef8f15c2e6ced77834ee0e0991d6mod_ssl-2.2.15-9.sl6.3.i686.rpm4e8723768cf4ff73dc110547ddae3ed0e9dcb3ee9759b59bfb136383d6496c62httpd-2.2.15-9.sl6.3.i686.rpm51f6149c8f3de23901b06ea83d7287439e4869a44d2b004fd2ffafad81cff47fhttpd-manual-2.2.15-9.sl6.3.noarch.rpmac32a98766e49031c1c3908020dde1342141dd80bfb236d98baa4008e6c3ae33httpd-devel-2.2.15-9.sl6.3.i686.rpma85fc9f89c9ea5eacdfb1a2a5a16136af7140d4dd21f67a7976e68dd963378d7SLSA-2011:1402-1Multiple input validation flaws were found in the way FreeType processed bitmap font files. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3256) Note: These issues only affected the FreeType 2 font engine. The X server must be restarted (log out, then log back in) for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6freetype-devel-2.3.11-6.el6_1.7.i686.rpm87b246b4cef6e9e82b4ad53807fbab1ea5064165af672ba4cdee62211a3b2bc5freetype-demos-2.3.11-6.el6_1.7.i686.rpm32022a27f830bdc0c7f80759631f9a4c0944b016bde3077a2050b237be499c57freetype-2.3.11-6.el6_1.7.i686.rpma4028c74b30003be8f22513d6b6be00446045387bd305a990b82e38af37f2bacSLSA-2011:1409-1An uninitialized variable use flaw was found in OpenSSL. This flaw could cause an application using the OpenSSL Certificate Revocation List (CRL) checking functionality to incorrectly accept a CRL that has a nextUpdate date in the past. (CVE-2011-3207) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6openssl-devel-1.0.0-10.el6_1.5.i686.rpm401b3f24145b8fd872588969263c4169bea071b9b3d8110a772a00720ed6f23dopenssl-static-1.0.0-10.el6_1.5.i686.rpm08d14cbc0f55a1e0e6680a946ae46d8523c650fe12db562680498c55b3f4af3aopenssl-perl-1.0.0-10.el6_1.5.i686.rpm3218f0f861ed5debf37e95906065a33d827dc79dc609effd2ac0fa66cd6a410eopenssl-1.0.0-10.el6_1.5.i686.rpm82eb801f795cac72a386c1631d594f8fa6dbfa164c4f08e2cfcf35a8f7db03a6SLSA-2011:1422-1A use-after-free flaw was found in the way Openswan's pluto IKE daemon used cryptographic helpers. A remote, authenticated attacker could send a specially- crafted IKE packet that would crash the pluto daemon. This issue only affected SMP (symmetric multiprocessing) systems that have the cryptographic helpers enabled. The helpers are disabled by default on Scientific Linux 5, but enabled by default on Scientific Linux 6. (CVE-2011-4073) After installing this update, the ipsec service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6openswan-doc-2.6.32-4.el6_1.4.i686.rpm1ddb056f031b1b5cc5fd4455c6feef9de4b800e0ec740092d147871063b47435openswan-2.6.32-4.el6_1.4.i686.rpm8a76e1e5c400b175c00b722b003f1afb7ed0a5f4f120b1f95e4be81366a6761aSLSA-2011:1423-1A signedness issue was found in the way the PHP crypt() function handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483) Note: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to PHP applications that hash passwords with Blowfish using the PHP crypt() function. Refer to the upstream "CRYPT_BLOWFISH security fix details" document for details. An insufficient input validation flaw, leading to a buffer over-read, was found in the PHP exif extension. A specially-crafted image file could cause the PHP interpreter to crash when a PHP script tries to extract Exchangeable image file format (Exif) metadata from the image file. (CVE-2011-0708) An integer overflow flaw was found in the PHP calendar extension. A remote attacker able to make a PHP script call SdnToJulian() with a large value could cause the PHP interpreter to crash. (CVE-2011-1466) Multiple memory leak flaws were found in the PHP OpenSSL extension. A remote attacker able to make a PHP script use openssl_encrypt() or openssl_decrypt() repeatedly could cause the PHP interpreter to use an excessive amount of memory. (CVE-2011-1468) A use-after-free flaw was found in the PHP substr_replace() function. If a PHP script used the same variable as multiple function arguments, a remote attacker could possibly use this to crash the PHP interpreter or, possibly, execute arbitrary code. (CVE-2011-1148) A bug in the PHP Streams component caused the PHP interpreter to crash if an FTP wrapper connection was made through an HTTP proxy. A remote attacker could possibly trigger this issue if a PHP script accepted an untrusted URL to connect to. (CVE-2011-1469) An integer signedness issue was found in the PHP zip extension. An attacker could use a specially-crafted ZIP archive to cause the PHP interpreter to use an excessive amount of CPU time until the script execution time limit is reached. (CVE-2011-1471) A stack-based buffer overflow flaw was found in the way the PHP socket extension handled long AF_UNIX socket addresses. An attacker able to make a PHP script connect to a long AF_UNIX socket address could use this flaw to crash the PHP interpreter. (CVE-2011-1938) An off-by-one flaw was found in PHP. If an attacker uploaded a file with a specially-crafted file name it could cause a PHP script to attempt to write a file to the root (/) directory. By default, PHP runs as the "apache" user, preventing it from writing to the root directory. (CVE-2011-2202) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6php-dba-5.3.3-3.el6_1.3.i686.rpmcf4c79446a3a362a76707fabd034aab0e39b2d30b58c42d042cba124b28d24b5php-5.3.3-3.el6_1.3.i686.rpmc3096dfe3a2f1e5fa2169e9961a3712856b29b7a467abdb175dfc2bef2acadd8php-pspell-5.3.3-3.el6_1.3.i686.rpmfbb4b67991d70ada72d498ac702bf01310470503e1a436446b0379e05c76c124php-common-5.3.3-3.el6_1.3.i686.rpm240429deaf77047f5126895acd430b37894813a52bd8e8263ccaf0ab07cc1cd1php-snmp-5.3.3-3.el6_1.3.i686.rpm8b4948ab2fe7570e07509c4610e3da85444e9dbd1a8e5abba3088df5a96f3097php-pgsql-5.3.3-3.el6_1.3.i686.rpma54032ceec5aa77508846888813f3ba88348cfc4dc33cb88e9a961e40fd2064ephp-gd-5.3.3-3.el6_1.3.i686.rpm41fbdc0c486df5d024146dc1d01bde3a882fd931939db72fa5b357ad8f851098php-ldap-5.3.3-3.el6_1.3.i686.rpm9a46b27806a82f57a7a480c07c62ce2bf4cc6ba64089ada0aa6e8bde97a0da40php-odbc-5.3.3-3.el6_1.3.i686.rpme8ab06513f93079139953bf079cc610fb9e43d246692aef81ae697bd700695b4php-embedded-5.3.3-3.el6_1.3.i686.rpm85d95780eb8a4b8f6a6e28d8d9187d5bb9ad4e269e2abdd22a8670e02a7720b8php-pdo-5.3.3-3.el6_1.3.i686.rpmbd5ec933cc917f84cd17f86fbf84d593e1a73c980fe90b4040c2b61c896e77f2php-zts-5.3.3-3.el6_1.3.i686.rpm9f3a317221076862446687b8a0ee77a60c4a7d8349c4134b3aad7345e8720f7aphp-soap-5.3.3-3.el6_1.3.i686.rpmd85ab7ef1372f169350b0d17599d9b51c01b70a939f90b330fdb8661f335b2a2php-tidy-5.3.3-3.el6_1.3.i686.rpmea0d88393069c8304111bcc8d26f20b5f570a08d355a956010517978b8a7e678php-enchant-5.3.3-3.el6_1.3.i686.rpm08dae19e706a651dbe200392661a6c31520d285c891556a5b7819e254a116b12php-imap-5.3.3-3.el6_1.3.i686.rpm225f878dd9016e4821041c04a4ab9961c64bac3d9886bb37ed092d1a1ff2966fphp-cli-5.3.3-3.el6_1.3.i686.rpm48e39cbf72c4172bbcd1726349681b44d21d8488ece31f104d082539500b0e9fphp-xmlrpc-5.3.3-3.el6_1.3.i686.rpm7c680a75bead51880d8aaf694bb00d445a6174b7bdf583302dc9bdd54231fd74php-intl-5.3.3-3.el6_1.3.i686.rpm79d5bc7948d1dbe2c7ea5c967a153f7a6d04edcba04c4b4e54f6a148d55b88d0php-recode-5.3.3-3.el6_1.3.i686.rpmde3317e13b57ffd63a2c42e27a1354285cf269aaa446ad64db36160f8dc378e5php-mysql-5.3.3-3.el6_1.3.i686.rpmf6ccb2537f078aa7708ad2d4ff39cf5b484fbbceda686fd340fe1e11b8d6d57aphp-mbstring-5.3.3-3.el6_1.3.i686.rpm944a3f2dd081b76d3611c4d750b48654a592e0f6ae1278b64f745b11bea0f64fphp-devel-5.3.3-3.el6_1.3.i686.rpmbd1ba8b00ac036adbcd92c6c34d752b192225a49986c04940fbc7a922ecdd475php-bcmath-5.3.3-3.el6_1.3.i686.rpm7a8a5f1719870b384609ef1af5b20b1ba619c4e5ff54c614f600250e7f3bc817php-xml-5.3.3-3.el6_1.3.i686.rpm677b1c727ca174e9985c811f0d9520638e997e268b587491668e2555b8eb89e9php-process-5.3.3-3.el6_1.3.i686.rpm8133d92557ea02bd373d46ae755418f849296e02043bbb3a8f930711fce93d97SLSA-2011:1424-1A heap-based buffer overflow flaw was found in the way Perl decoded Unicode strings. An attacker could create a malicious Unicode string that, when decoded by a Perl program, would cause the program to crash or, potentially, execute arbitrary code with the permissions of the user running the program. (CVE-2011-2939) It was found that the "new" constructor of the Digest module used its argument as part of the string expression passed to the eval() function. An attacker could possibly use this flaw to execute arbitrary Perl code with the privileges of a Perl program that uses untrusted input as an argument to the constructor. (CVE-2011-3597) All running Perl programs must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6perl-IPC-Cmd-0.56-119.el6_1.1.i686.rpm90e2b8027225aaa381a3023e9d0732077028e9e4131c16251386ef90a0e230d5perl-5.10.1-119.el6_1.1.i686.rpmdaf6cc71830d9b50dff0259370319b4b1c1e4e58cdde60cb2dabd67c17c8d38dperl-Pod-Simple-3.13-119.el6_1.1.i686.rpm2438a8bb6e493f443163a8ab09ae2fc27d8ff8a59500d6c2094f684e367983b7perl-devel-5.10.1-119.el6_1.1.i686.rpm473a86157005925a9e87521ffb2a7ab117d8c47c29d18d36eae19d2845ebfd28perl-libs-5.10.1-119.el6_1.1.i686.rpm124d76c49164f9c258c0e98380728117efce370d7f289aefec60500373f2d78aperl-Module-Loaded-0.02-119.el6_1.1.i686.rpmee9d96ad3dff72f22467800efcd3e3eb5362a7f2cf285ffc184381a67a27cdf8perl-Compress-Zlib-2.020-119.el6_1.1.i686.rpmcf36f4a1a00e1987f76314f2af875fad519cffe0c604e1eae3f0ddb9b554aafeperl-Digest-SHA-5.47-119.el6_1.1.i686.rpm9ee11360e968cc7300813f8cf2d82fe3381c24c9337966e901e22e92ef804cd5perl-CPAN-1.9402-119.el6_1.1.i686.rpm15de9e113b9fa06d609f628570e85842d6bbd6f805462955f6caa6e72e17b642perl-ExtUtils-CBuilder-0.27-119.el6_1.1.i686.rpmd371ff3aa0feb4f9276a73403e6d43df616283e5f9f5e13e5fc7fad3876c7372perl-IO-Compress-Zlib-2.020-119.el6_1.1.i686.rpm9c3ba05e3107290f9e0db6c341a8a4b65c151ba78f12a16e53a67d3c41ce80b5perl-Module-Build-0.3500-119.el6_1.1.i686.rpm17d2d6d8a45c7e9d51d9051f7d559dfba6bddc7b7deceefd7bc976a39c70bb08perl-Package-Constants-0.02-119.el6_1.1.i686.rpme7570c1df5f4598213e87cf1da4ed7f6bb61fa1200f166881b08f405d698da9cperl-Compress-Raw-Zlib-2.023-119.el6_1.1.i686.rpma1418b007fe54fb86a55311d16067e32f61ccf18ed9fb915307197d6989069d9perl-Module-Load-0.16-119.el6_1.1.i686.rpm00d509e6d5bc6b6a61f0c6ce9fdccc0d5dcbd6899b283f97465407ef31023569perl-IO-Compress-Base-2.020-119.el6_1.1.i686.rpmf30592a393e1d5c0243095976fc64034261f489e601a27827aed72310035d484perl-Log-Message-0.02-119.el6_1.1.i686.rpmf526f6fd05bfd9b955d98a4000f348b2cb02c689d9b1f68f223ad507b2007305perl-parent-0.221-119.el6_1.1.i686.rpmb4e898cd98677ae40f2784f1c0d811bd81d0c68e264bae95daa1b4d08863c2b6perl-ExtUtils-Embed-1.28-119.el6_1.1.i686.rpm2c33043ad304b770841d03317875db77bc96b7d2679156dcf6bc6a79c9d65876perl-Term-UI-0.20-119.el6_1.1.i686.rpm56de7d0123fef234b9b81c14aad63a76a64e7be4923335237ea8e4a7ac58448dperl-Time-Piece-1.15-119.el6_1.1.i686.rpm0beceab00310f3c590fd47bcb55ed519707c1b4c7352064bb5e640a80cff44ecperl-Module-Load-Conditional-0.30-119.el6_1.1.i686.rpme9b46ae4c9e0cc68cca61691d1b7b8f8d37f24e3b552a2eab382febcbd7f2f41perl-core-5.10.1-119.el6_1.1.i686.rpmcf1ee7c93d41628693b561ce9bb3ef50c49505730cd10057c5b518805b1807d8perl-Module-CoreList-2.18-119.el6_1.1.i686.rpm3dc433b15076be6ca11f898bc8e9c3c8e02ae81bac28c690991f47ef537676e4perl-CPANPLUS-0.88-119.el6_1.1.i686.rpm4d52fec62e0e9b911f65261298d65c017e58f769ad27881de46f70ab78cde1acperl-File-Fetch-0.26-119.el6_1.1.i686.rpmfb0c1bda6886be2a6e10fc03d0ce2fe2531617a2b8102ea6dca2b8cee6b88bffperl-Log-Message-Simple-0.04-119.el6_1.1.i686.rpmc1e38df92d3a671432d3baa2d4e8719b90b79dbdb633ca8fe2270dbf9316bd77perl-Module-Pluggable-3.90-119.el6_1.1.i686.rpmf991b800d8e4071635ed370f55b28d0a2f8f59fddf615b5ea1442a7fe9124333perl-Test-Simple-0.92-119.el6_1.1.i686.rpm1b98f17eb8e373293c3c230f20ef0e4577b42a4bf45ff920d25683ec526c7a6bperl-suidperl-5.10.1-119.el6_1.1.i686.rpm03f6b23cf7dcbe139b788f6d6be0e3fd81fc59b105249453f540104b15ede070perl-Params-Check-0.26-119.el6_1.1.i686.rpm84ecde2f6b3c38c638fe13beac13f8deb80511bc94ecf0f907377468b6d8d6beperl-Pod-Escapes-1.04-119.el6_1.1.i686.rpm686b23559f7d3fe2c19a9626b514faa08d9831de66dee6d8597b1e8daf9e43e2perl-Locale-Maketext-Simple-0.18-119.el6_1.1.i686.rpme633cb8885f375e245b4619712e430b6529a50030a74c2a6c4faa85b33e1421cperl-Time-HiRes-1.9721-119.el6_1.1.i686.rpm060a628516148ddd5bb47d4ba300c961638a87873f4abcfb3df0ac69072c33f2perl-ExtUtils-ParseXS-2.2003.0-119.el6_1.1.i686.rpmb752adeb36eae135f35a0625138b815d22275dfc337a5834bb4550070e64fb45perl-ExtUtils-MakeMaker-6.55-119.el6_1.1.i686.rpm1a89e130775a8785a336c071388d3151ce57f327f298e1c50ef68e9819e13e05perl-Archive-Extract-0.38-119.el6_1.1.i686.rpma098c9eb75dcd0971671bd7c0de4d09b55e6eb87d7bf678f5b36a9414090c2a8perl-version-0.77-119.el6_1.1.i686.rpm278e47129dd1dd290f1e73cec0db4f438f9b5b0a0c2957ebce8818f9d03fbef7perl-Archive-Tar-1.58-119.el6_1.1.i686.rpm502c98d603bf4b94a2a2662236211dcc18d16e88ba56fa7fb2b665b1c46b4ad1perl-Object-Accessor-0.34-119.el6_1.1.i686.rpmc40be3d5ce37f84e805cfe525dde4557a79c978934ae794153277a5a8b3b1961perl-CGI-3.51-119.el6_1.1.i686.rpme69dafeb6e8eb6db99255bb905e3e82ec93c89722521dc6db32d17c71cc78c89perl-Parse-CPAN-Meta-1.40-119.el6_1.1.i686.rpm9090d6edb75bcc81c4e65bf383e79b5afd7f8c9af17c2a944407b5965a48c553perl-Test-Harness-3.17-119.el6_1.1.i686.rpm144141c284d8adeaab6392c86ffda02df407e3674e7cf28c71cf531410078b80perl-IO-Zlib-1.09-119.el6_1.1.i686.rpma6dff5e3a511f5b4773b2c728fb03a0b926a55113f45bf0dbe4778d4c3545ee4SLSA-2011:1437-1A flaw was found in the way Firefox handled certain add-ons. A web page containing malicious content could cause an add-on to grant itself full browser privileges, which could lead to arbitrary code execution with the privileges of the user running Firefox. (CVE-2011-3647) A cross-site scripting (XSS) flaw was found in the way Firefox handled certain multibyte character sets. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2011-3648) A flaw was found in the way Firefox handled large JavaScript scripts. A web page containing malicious JavaScript could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-3650) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-1.9.2.24-2.el6_1.1.i686.rpm59eaf6fb03aba9f2d16442251e68403ca0340a94e3cb19dffc6e5fb2b9f261c4xulrunner-devel-1.9.2.24-2.el6_1.1.i686.rpm628dde3ec6a8c85014541604c115750b2b94945f5a0da9ebe084a44477862c2bfirefox-3.6.24-3.el6_1.i686.rpm20c670c49ab88a6b72f81aeedca0ce3e89c665ec32e7cbf988293da001ff4fd2SLSA-2011:1439-1A flaw was found in the way Thunderbird handled certain add-ons. Malicious, remote content could cause an add-on to elevate its privileges, which could lead to arbitrary code execution with the privileges of the user running Thunderbird. (CVE-2011-3647) A cross-site scripting (XSS) flaw was found in the way Thunderbird handled certain multibyte character sets. Malicious, remote content could cause Thunderbird to run JavaScript code with the permissions of different remote content. (CVE-2011-3648) A flaw was found in the way Thunderbird handled large JavaScript scripts. Malicious, remote content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-3650) All running instances of Thunderbird must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-3.1.16-2.el6_1.i686.rpmfb78a7928c4cbdc746348a995f774bebad32416b877c3eacf743a21c19784db4SLSA-2011:1441-1A flaw was found in the same-origin policy implementation in the IcedTea-Web browser plug-in. A malicious Java applet could use this flaw to open network connections to hosts other than the originating host, violating the same-origin policy. (CVE-2011-3377) IcedTea-Web to version 1.0.6 to correct this issue. Web browsers using the IcedTea-Web browser plug-in must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6icedtea-web-1.0.6-1.el6_1.i686.rpm79507e9828ae8ba4202962e760311e0ae27235339ff7dcaa6274f6a79966c0f6icedtea-web-javadoc-1.0.6-1.el6_1.i686.rpmbb896c97e8e9d2624215b1258fda36012424dbaacd148be924a57dc68cf9412aSLSA-2011:1444-1It was found that the Malaysia-based Digicert Sdn. Bhd. subordinate Certificate Authority (CA) issued HTTPS certificates with weak keys. This update renders any HTTPS certificates signed by that CA as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and code signing. Note: Digicert Sdn. Bhd. is not the same company as found at digicert.com. Note: This fix only applies to applications using the NSS Builtin Object Token. It does not render the certificates untrusted for applications that use the NSS library, but do not use the NSS Builtin Object Token. This update also fixes the following bug on Scientific Linux 5: * When using mod_nss with the Apache HTTP Server, a bug in NSS on Scientific Linux 5 resulted in file descriptors leaking each time the Apache HTTP Server was restarted with the "service httpd reload" command. This could have prevented the Apache HTTP Server from functioning properly if all available file descriptors were consumed. For Scientific Linux 6, these updated packages upgrade NSS to version 3.12.10. As well, they upgrade NSPR (Netscape Portable Runtime) to version 4.8.8 and nss-util to version 3.12.10 on Scientific Linux 6, as required by the NSS update. After installing the update, applications using NSS must be restarted for the changes to take effect. In addition, on Scientific Linux 6, applications using NSPR and nss-util must also be restarted.importantScientific Linux FermitrueScientific Linux Fermi 6nss-pkcs11-devel-3.12.10-2.el6_1.i686.rpmed26c7c2d4c213d0e66c9d3400d6d92b16a5dcaf6414e0752502d8c51e758024nspr-devel-4.8.8-1.el6_1.i686.rpm4c3948bfd909a90d779db6d4c4d95be3c8006a568caec05a1d94dea928b7a210nss-devel-3.12.10-2.el6_1.i686.rpm364dfa615644b0c853f1c18198ecc8de8e89c5d57a7471e32e9d55a0b9659d6dnspr-4.8.8-1.el6_1.i686.rpm8f43cfb4fb59652431fbccd79adc1030d8b9bcb4769ee55cd1ed87c1a98d7665nss-sysinit-3.12.10-2.el6_1.i686.rpme781c46282dc9add28087127b9c5c082fe8f6d2507b965f3fa5f68d3b7f41acfnss-util-3.12.10-1.el6_1.i686.rpme45b23edab9067d29ae2594fe31a9d781bfd69a3bb45b95f053f9a028b3bc820nss-util-devel-3.12.10-1.el6_1.i686.rpm801396e79c90ffbbf8f7350df4b36af428d12802caa9c6217e55588c4aed3a8bnss-tools-3.12.10-2.el6_1.i686.rpme3fdaf199ccce2915d15fdc22058ffd6ecac8233a01ef4878a7c24b9bb9711f0nss-3.12.10-2.el6_1.i686.rpma6c59c87823ca25509c6867508f958f9c435664226bc41dbe390c86cecd0b727SLSA-2011:1455-1Multiple input validation flaws were found in the way FreeType processed CID- keyed fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3439) Note: These issues only affected the FreeType 2 font engine. The X server must be restarted (log out, then log back in) for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6freetype-devel-2.3.11-6.el6_1.8.i686.rpm96035915b3b5bd5d7ce7f1a9f052caf0fbfc5ad0f5226bc32413c3f6c9f13b3dfreetype-2.3.11-6.el6_1.8.i686.rpmfe9d59259ad586a4752927b47471a039508e812a7d6c829c1c1db024c4e1048dfreetype-demos-2.3.11-6.el6_1.8.i686.rpm3778f35e91d481f39ac177a590468324a02871e74a5aa2fbf31b8c47f4a431aeSLSA-2011:1458-1A flaw was discovered in the way BIND handled certain DNS queries, which caused it to cache an invalid record. A remote attacker could use this flaw to send repeated queries for this invalid record, causing the resolvers to exit unexpectedly due to a failed assertion. (CVE-2011-4313) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-sdb-9.7.3-2.el6_1.P3.3.i686.rpme5eaffd7afbf841a2ab11c0df79776d9f717681af3b062bf0109f824b9cdba78bind-chroot-9.7.3-2.el6_1.P3.3.i686.rpmc72cf2ff40784e87b35d77b031a8b4cfdaca528851ecdbd74b01440811898b95bind-9.7.3-2.el6_1.P3.3.i686.rpm9d0236dcb263ff91b35b746fbd7a158ad9c8b885a536a29b1187400ea4299d91bind-libs-9.7.3-2.el6_1.P3.3.i686.rpmcafaae7914ed477b4bc12ddfdd8cc5dce96d538305f461f7a49d112c9b17f7cbbind-utils-9.7.3-2.el6_1.P3.3.i686.rpm7395b1de61ef5406cb0b3d7ae5c0e8250534dece361ec88242d66a1856d9a1d5bind-devel-9.7.3-2.el6_1.P3.3.i686.rpm954938b67c6849677661f2538e1747ea4be4c08cb45af24a3054c8664c059d68SLSA-2011:1465-1This update fixes the following security issues: * IPv6 fragment identification value generation could allow a remote attacker to disrupt a target system's networking, preventing legitimate users from accessing its services. (CVE-2011-2699, Important) * A signedness issue was found in the Linux kernel's CIFS (Common Internet File System) implementation. A malicious CIFS server could send a specially-crafted response to a directory read request that would result in a denial of service or privilege escalation on a system that has a CIFS share mounted. (CVE-2011-3191, Important) * A flaw was found in the way the Linux kernel handled fragmented IPv6 UDP datagrams over the bridge with UDP Fragmentation Offload (UFO) functionality on. A remote attacker could use this flaw to cause a denial of service. (CVE-2011-4326, Important) * The way IPv4 and IPv6 protocol sequence numbers and fragment IDs were generated could allow a man-in-the-middle attacker to inject packets and possibly hijack connections. Protocol sequence numbers and fragment IDs are now more random. (CVE-2011-3188, Moderate) * A buffer overflow flaw was found in the Linux kernel's FUSE (Filesystem in Userspace) implementation. A local user in the fuse group who has access to mount a FUSE file system could use this flaw to cause a denial of service. (CVE-2011-3353, Moderate) * A flaw was found in the b43 driver in the Linux kernel. If a system had an active wireless interface that uses the b43 driver, an attacker able to send a specially-crafted frame to that interface could cause a denial of service. (CVE-2011-3359, Moderate) * A flaw was found in the way CIFS shares with DFS referrals at their root were handled. An attacker on the local network who is able to deploy a malicious CIFS server could create a CIFS network share that, when mounted, would cause the client system to crash. (CVE-2011-3363, Moderate) * A flaw was found in the way the Linux kernel handled VLAN 0 frames with the priority tag set. When using certain network drivers, an attacker on the local network could use this flaw to cause a denial of service. (CVE-2011-3593, Moderate) * A flaw in the way memory containing security-related data was handled in tpm_read() could allow a local, unprivileged user to read the results of a previously run TPM command. (CVE-2011-1162, Low) * A heap overflow flaw was found in the Linux kernel's EFI GUID Partition Table (GPT) implementation. A local attacker could use this flaw to cause a denial of service by mounting a disk that contains specially-crafted partition tables. (CVE-2011-1577, Low) * The I/O statistics from the taskstats subsystem could be read without any restrictions. A local, unprivileged user could use this flaw to gather confidential information, such as the length of a password used in a process. (CVE-2011-2494, Low) * It was found that the perf tool, a part of the Linux kernel's Performance Events implementation, could load its configuration file from the current working directory. If a local user with access to the perf tool were tricked into running perf in a directory that contains a specially-crafted configuration file, it could cause perf to overwrite arbitrary files and directories accessible to that user. (CVE-2011-2905, Low)importantScientific Linux FermitrueScientific Linux Fermi 6kernel-2.6.32-131.21.1.el6.i686.rpmee883c465bd24241b92b9065ac78bff558b1338e495f596233b3eec43eb67778kernel-headers-2.6.32-131.21.1.el6.i686.rpm750654415e6a98e532b5c8d3f8fdd1ed5a23ed8e4604efe7c94e2d233f57c497perf-2.6.32-131.21.1.el6.i686.rpm0608e5da5c36a8fddaba7840c566d532cc0d50bbe01445e80ac4bc234dcbe93dkernel-debug-2.6.32-131.21.1.el6.i686.rpm3f49c8a9f53f6f375d5d0412d315c9517fe9955e6caada70585c04d9fad390d5kernel-doc-2.6.32-131.21.1.el6.noarch.rpme7241fc4926a3c7a238daa93696db1622071075bfab0f69811528ad0bfee6dd8kernel-firmware-2.6.32-131.21.1.el6.noarch.rpmff0255a3b46d94a50acde195b2c10bbd57df2027caadf88b58a5557e1b225d73kernel-devel-2.6.32-131.21.1.el6.i686.rpm4821506cdf3fa4697603b715a8a2ac5521703d5698f997d2284c638627c7ae48kernel-debug-devel-2.6.32-131.21.1.el6.i686.rpm8d3bc6b0c0ca6e3a31d8b3d6dd8b5d67ee7711af7a8ed7fce8a0d175063fa833SLSA-2011:1507-1Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-1777, CVE-2011-1778) All running applications using libarchive must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libarchive-devel-2.8.3-3.el6_1.i686.rpm9d44379903b51a66680809905f1ddee5e5e839874a8f9c7fd2a4e4fda2d84c52libarchive-2.8.3-3.el6_1.i686.rpma7ce63fafa8d08d9bbdb769fdba7d4d3fb455aeda0752ed9844d1afdaf0330b9SLSA-2011:1508-1An authentication bypass flaw was found in the cyrus-imapd NNTP server, nntpd. A remote user able to use the nntpd service could use this flaw to read or post newsgroup messages on an NNTP server configured to require user authentication, without providing valid authentication credentials. (CVE-2011-3372) A NULL pointer dereference flaw was found in the cyrus-imapd IMAP server, imapd. A remote attacker could send a specially-crafted mail message to a victim that would possibly prevent them from accessing their mail normally, if they were using an IMAP client that relies on the server threading IMAP feature. (CVE-2011-3481) After installing the update, cyrus-imapd will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6cyrus-imapd-2.3.16-6.el6_1.4.i686.rpm935c41f16d0b44b351745288402ae244b74c7cf9c2a33b82cb2a1551b6f7b52acyrus-imapd-utils-2.3.16-6.el6_1.4.i686.rpm5d6b9c5384d7208a851f0c08de18d741e3502859c85198bca3cdd4619ddeb92dcyrus-imapd-devel-2.3.16-6.el6_1.4.i686.rpm947a85671930c7c587b5793aff5a05b69fc3c04b4f05461859aa259bb09e669aSLSA-2011:1526-3A flaw was found in the way the ldd utility identified dynamically linked libraries. If an attacker could trick a user into running ldd on a malicious binary, it could result in arbitrary code execution with the privileges of the user running ldd. (CVE-2009-5064) It was found that the glibc addmntent() function, used by various mount helper utilities, did not handle certain errors correctly when updating the mtab (mounted file systems table) file. If such utilities had the setuid bit set, a local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1089)lowScientific Linux FermiScientific Linux Fermi 6glibc-headers-2.12-1.47.el6.i686.rpmf454bc0c025527af3049eda95d1eac326cd27b5fc650c44e51344f52d338dfb1glibc-2.12-1.47.el6.i686.rpm9bfc19fa8efb21db38f2ffb696e4aa78db952cccce3072afdc6acacbf8a0fbd3nscd-2.12-1.47.el6.i686.rpm2615c48510b54f39d63e9435558e20f9eb8ba204ba9e29ccdf1affaedde11f64glibc-devel-2.12-1.47.el6.i686.rpm901d1ccb4c46714e9d9f1315fbf56b5a15003cb524a5a41521e63708cc41407dglibc-common-2.12-1.47.el6.i686.rpm62ed8e32e8ebb6531c0d388f18dacd7a81589c6fb9281421aa45c05848e51d1fglibc-static-2.12-1.47.el6.i686.rpm4fdb9d5d5bce14ef8a10a19931bea03d08b9750ff065dfe94eb3c1d88b1aa725glibc-utils-2.12-1.47.el6.i686.rpmdf57c3aa951db6b99d7fc8489c814d73bf77f2d3519b611aab2e0e932cb11cfeSLSA-2011:1530-3This update fixes the following security issues: * The proc file system could allow a local, unprivileged user to obtain sensitive information or possibly cause integrity issues. (CVE-2011-1020, Moderate) * Non-member VLAN (virtual LAN) packet handling for interfaces in promiscuous mode and also using the be2net driver could allow an attacker on the local network to cause a denial of service. (CVE-2011-3347, Moderate) * A flaw was found in the Linux kernel in the way splitting two extents in ext4_ext_convert_to_initialized() worked. A local, unprivileged user with access to mount and unmount ext4 file systems could use this flaw to cause a denial of service. (CVE-2011-3638, Moderate) * A NULL pointer dereference flaw was found in the way the Linux kernel's key management facility handled user-defined key types. A local, unprivileged user could use the keyctl utility to cause a denial of service. (CVE-2011-4110, Moderate) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-2.6.32-220.el6.i686.rpmd6d33be89c61236367882c8001d634676a09a81dfe0af290172e7d5a0f290d0bkernel-devel-2.6.32-220.el6.i686.rpm23ffd423dba110a6b5e0d97d3b8422705fdc02573c023032c6dd1b2e5b5926a1kernel-firmware-2.6.32-220.el6.noarch.rpm6f6736f3645c3d5ef38606e1a544da182bfa1270c2ab6d86f99e052df9902745python-perf-2.6.32-220.el6.i686.rpmf5d14eae102af3b30144b6cc28ba66f87cb329417a96912ce3ef01928fdcecdfkernel-doc-2.6.32-220.el6.noarch.rpm7bb9bb0792666be28c68d34123a5a6107abc43eba523c22cb65d892de0081b74kernel-headers-2.6.32-220.el6.i686.rpm7165259897977f66ac86da003ed52347fd52f11a131c393ffaf4816fca978ce0perf-2.6.32-220.el6.i686.rpm180664e6af5bcc4b6382eaa437c46482aef3b9bf1b89699c6fc366ba600a3923kernel-debug-2.6.32-220.el6.i686.rpm57b6ac83dc9eaaa9e085234673a130a02bb0159c9a11470c734c033e25fbee80kernel-debug-devel-2.6.32-220.el6.i686.rpm2e8ed23658360deb0b7dad4ab95de48c01d18c9ed477f0c6a2df9e37866e107cSLSA-2011:1532-3Kdump used the SSH (Secure Shell) "StrictHostKeyChecking=no" option when dumping to SSH targets, causing the target kdump server's SSH host key not to be checked. This could make it easier for a man-in-the-middle attacker on the local network to impersonate the kdump SSH target server and possibly gain access to sensitive information in the vmcore dumps. (CVE-2011-3588) mkdumprd created initrd files with world-readable permissions. A local user could possibly use this flaw to gain access to sensitive information, such as the private SSH key used to authenticate to a remote server when kdump was configured to dump to an SSH target. (CVE-2011-3589) mkdumprd included unneeded sensitive files (such as all files from the "/root/.ssh/" directory and the host's private SSH keys) in the resulting initrd. This could lead to an information leak when initrd files were previously created with world-readable permissions. Note: With this update, only the SSH client configuration, known hosts files, and the SSH key configured via the newly introduced sshkey option in "/etc/kdump.conf" are included in the initrd. The default is the key generated when running the "service kdump propagate" command, "/root/.ssh/kdump_id_rsa". (CVE-2011-3590)moderateScientific Linux FermiScientific Linux Fermi 6kexec-tools-2.0.0-209.el6.i686.rpmb961da476483cc1a47175ea9fd51b08f21397e3090fa3d3c58281edfa0dcd214SLSA-2011:1533-4A Cross-Site Request Forgery (CSRF) flaw was found in IPA. If a remote attacker could trick a user, who was logged into the management web interface, into visiting a specially-crafted URL, the attacker could perform IPA configuration changes with the privileges of the logged in user. (CVE-2011-3636) Due to the changes required to fix CVE-2011-3636, client tools will need to be updated for client systems to communicate with updated IPA servers. New client systems will need to have the updated ipa-client package installed to be enrolled. Already enrolled client systems will need to have the updated certmonger package installed to be able to renew their system certificate. Note that system certificates are valid for two years by default. Updated ipa-client and certmonger packages for Scientific Linux 6 were released as part of Scientific Linux 6.2. Future updates will provide updated packages for Scientific Linux 5.moderateScientific Linux FermiScientific Linux Fermi 6ipa-admintools-2.1.3-9.el6.i686.rpma4c42d12a2e1289f60e9be74c96fada65eae0c00e40d5cda1dc464c9a4d22ce2ipa-client-2.1.3-9.el6.i686.rpmc214beb392878cf87da53b14e8d0a3743ad4c35dcb1ec0cf78731e783e1138c8ipa-server-selinux-2.1.3-9.el6.i686.rpmf5b22ea3ac24340275143dd540d8511796e06ef9b45d8b84ef995255abd9f94bipa-python-2.1.3-9.el6.i686.rpm465b9db5b259b37874bdf812148dbe5c9ba34107e43e9e1acffb458ca982e4b0ipa-server-2.1.3-9.el6.i686.rpm0fe18e1ebd19a791575bbf8ba5ea2282cd1e7f18045db2495f6ec643dcd8e6d3SLSA-2011:1534-3A flaw was found in the way nfs-utils performed IP based authentication of mount requests. In configurations where a directory was exported to a group of systems using a DNS wildcard or NIS (Network Information Service) netgroup, an attacker could possibly gain access to other directories exported to a specific host or subnet, bypassing intended access restrictions. (CVE-2011-2500) It was found that the mount.nfs tool did not handle certain errors correctly when updating the mtab (mounted file systems table) file. A local attacker could use this flaw to corrupt the mtab file. (CVE-2011-1749) After installing this update, the nfs service will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6nfs-utils-1.2.3-15.el6.i686.rpme60822e552a55d80e6579fc0ff5a1d52dbdecd30d1404a9277b179db69ed170cSLSA-2011:1536-3The sosreport utility incorrectly included Certificate-based RHN private entitlement keys in the resulting archive of debugging information. An attacker able to access the archive could use the keys to access RHN content available to the host. This issue did not affect users of Scientific Linux. (CVE-2011-4083)lowScientific Linux FermiScientific Linux Fermi 6sos-2.2-17.el6.noarch.rpmfe5f13426ffe9c065ec9b0d7d299586aa094172fb41c7e65f3f438a1afa47cf3SLSA-2011:1580-3It was discovered that certain resource agent scripts set the LD_LIBRARY_PATH environment variable to an insecure value containing empty path elements. A local user able to trick a user running those scripts to run them while working from an attacker-writable directory could use this flaw to escalate their privileges via a specially-crafted dynamic library. (CVE-2010-3389) This update also fixes the following bugs: * When using the Sybase database and the ASEHAagent resource in the cluster.conf file, it was not possible to run more than one ASEHAagent per Sybase installation. Consequently, a second ASEHA (Sybase Adaptive Server Enterprise (ASE) with the High Availability Option) agent could not be run. This bug has been fixed and it is now possible to use two ASEHA agents using the same Sybase installation. * The s/lang scripts, which implement internal functionality for the rgmanager package, while the central_processing option is in use, were included in the wrong package. Now, the rgmanager and resource-agents packages require each other for installation to prevent problems when they are used separately. * Previously, the oracledb.sh script was using the "shutdown abort" command as the first attempt to shut down a database. With this update, oracledb.sh first attempts a graceful shutdown via the "shutdown immediate" command before forcing the shutdown. * Previously, when setting up a service on a cluster with a shared IP resource and an Apache resource, the generated httpd.conf file contained a bug in the line describing the shared IP address (the "Listen" line). Now, the Apache resource agent generates the "Listen" line properly. * If a high-availability (HA) cluster service was defined with an Apache resource and was named with two words, such as "kickstart httpd", the service never started because it could not find a directory with the space character in its name escaped. Now, Apache resources work properly if a name contains a space as described above. * When inheritance was used in the cluster.conf file, a bug in the /usr/share/cluster/nfsclient.sh file prevented it from monitoring NFS exports properly. Consequently, monitoring of NFS exports to NFS clients resulted in an endless loop. This bug has been fixed and the monitoring now works as expected. * Previously, the postgres-8 resource agent did not detect when a PostgreSQL server failed to start. This bug has been fixed and postgres-8 now works as expected in the described scenario. * When using the Pacemaker resource manager, the fs.sh resource agent reported an error condition, if called with the "monitor" parameter and the referenced device did not exist. Consequently, the error condition prevented the resource from being started. Now, fs.sh returns the proper response code in the described scenario, thus fixing this bug. * Previously, numerous RGManager resource agents returned incorrect response codes when coupled with the Pacemaker resource manager. Now, the agents have been updated to work with Pacemaker properly. This update also adds the following enhancement: * With this update, when the network is removed from a node using the netfs.sh resource agent, it now recovers faster than previously. As well, this update upgrades the resource-agents package to upstream version 3.9.2, which provides a number of bug fixes and enhancements over the previous version.lowScientific Linux FermiScientific Linux Fermi 6resource-agents-3.9.2-7.el6.i686.rpma964f70ed8f63c51edc17dc1842f597ea4b3c139352516bde9daf09b95e2a13cSLSA-2011:1581-3It was found that Ruby did not reinitialize the PRNG (pseudorandom number generator) after forking a child process. This could eventually lead to the PRNG returning the same result twice. An attacker keeping track of the values returned by one child process could use this flaw to predict the values the PRNG would return in other child processes (as long as the parent process persisted). (CVE-2011-3009) A flaw was found in the Ruby SecureRandom module. When using the SecureRandom.random_bytes class, the PRNG state was not modified after forking a child process. This could eventually lead to SecureRandom.random_bytes returning the same string more than once. An attacker keeping track of the strings returned by one child process could use this flaw to predict the strings SecureRandom.random_bytes would return in other child processes (as long as the parent process persisted). (CVE-2011-2705) This update also fixes the following bugs: * The ruby package has been upgraded to upstream point release 1.8.7-p352, which provides a number of bug fixes over the previous version. * The MD5 message-digest algorithm is not a FIPS-approved algorithm. Consequently, when a Ruby script attempted to calculate an MD5 checksum in FIPS mode, the interpreter terminated unexpectedly. This bug has been fixed and an exception is now raised in the described scenario. * Due to inappropriately handled line continuations in the mkconfig.rb source file, an attempt to build the ruby package resulted in unexpected termination. An upstream patch has been applied to address this issue and the ruby package can now be built properly. * When the 32-bit ruby-libs library was installed on a 64-bit machine, the mkmf library failed to load various modules necessary for building Ruby-related packages. This bug has been fixed and mkmf now works properly in the described scenario. * Previously, the load paths for scripts and binary modules were duplicated on the i386 architecture. Consequently, an ActiveSupport test failed. With this update, the load paths are no longer stored in duplicates on the i386 architecture. This update also adds the following enhancement: * With this update, SystemTap probes have been added to the ruby package.lowScientific Linux FermiScientific Linux Fermi 6ruby-static-1.8.7.352-3.el6.i686.rpm7994f4bf09b1085c59e4d7250564c051c331991d481fb80390503c155c879dc0ruby-ri-1.8.7.352-3.el6.i686.rpm93ace950418092eace56c52fd4e2001e96cc5c693078b37fd96b265f44a96f97ruby-rdoc-1.8.7.352-3.el6.i686.rpm97069822e06c9be5a3dca4f72b37c1230bdfc821ba3ec94d34b306a755753e3bruby-tcltk-1.8.7.352-3.el6.i686.rpm880f0a2b4b9713e1c4d7803edd16aaf777a7cb8a78eebb1b40627b779723226bruby-libs-1.8.7.352-3.el6.i686.rpm5a0bdd6620cbb7b7e865ac544ee7e8ce0a000fd74597a190572c9cc3517904b8ruby-docs-1.8.7.352-3.el6.i686.rpm0c6cc3f5e94372c2813119c877df8ebdf3294ff4ca55ad8290047d2b9bc9c9aaruby-devel-1.8.7.352-3.el6.i686.rpm2116132ab53f510a0e8083a4541ccad76570699bf996e37e31fba90e230f4846ruby-1.8.7.352-3.el6.i686.rpmbb9e1617dae2f2efd6dbe03f4f461db03865037a2a826eaf3d1d63c8f1cafb35ruby-irb-1.8.7.352-3.el6.i686.rpm8d8b588939642ba0914ece1afe04e7611aa2a480b0c990ae172558ebddcc287bSLSA-2011:1635-3A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the "lp" user. (CVE-2011-2896) These updated cups packages also provide fixes for the following bugs: * Previously CUPS was not correctly handling the language setting LANG=en_US.ASCII. As a consequence lpadmin, lpstat and lpinfo binaries were not displaying any output when the LANG=en_US.ASCII environment variable was used. As a result of this update the problem is fixed and the expected output is now displayed. * Previously the scheduler did not check for empty values of several configuration directives. As a consequence it was possible for the CUPS daemon (cupsd) to crash when a configuration file contained certain empty values. With this update the problem is fixed and cupsd no longer crashes when reading such a configuration file. * Previously when printing to a raw print queue, when using certain printer models, CUPS was incorrectly sending SNMP queries. As a consequence there was a noticeable 4-second delay between queueing the job and the start of printing. With this update the problem is fixed and CUPS no longer tries to collect SNMP supply and status information for raw print queues. * Previously when using the BrowsePoll directive it could happen that the CUPS printer polling daemon (cups-polld) began polling before the network interfaces were set up after a system boot. CUPS was then caching the failed hostname lookup. As a consequence no printers were found and the error, "Host name lookup failure", was logged. With this update the code that re-initializes the resolver after failure in cups-polld is fixed and as a result CUPS will obtain the correct network settings to use in printer discovery. * The MaxJobs directive controls the maximum number of print jobs that are kept in memory. Previously, once the number of jobs reached the limit, the CUPS system failed to automatically purge the data file associated with the oldest completed job from the system in order to make room for a new print job. This bug has been fixed, and the jobs beyond the set limit are now properly purged. * The cups init script (/etc/rc.d/init.d/cups) uses the daemon function (from /etc/rc.d/init.d/functions) to start the cups process, but previously it did not source a configuration file from the /etc/sysconfig/ directory. As a consequence, it was difficult to cleanly set the nice level or cgroup for the cups daemon by setting the NICELEVEL or CGROUP_DAEMON variables. With this update, the init script is fixed. After installing this update, the cupsd daemon will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6cups-1.4.2-44.el6.i686.rpmaec27e696d603ebd0a36d101b46c367e00156270b204056ea9b663fecc4a4dafcups-php-1.4.2-44.el6.i686.rpm17c9cbe49d7c76f27590013edd08ce8334121b3f3a3a94000d87a392df68eb67cups-lpd-1.4.2-44.el6.i686.rpm6bafaf4e5325794bc55d47001a8c700d971d892de0ba3a59c5300ca30337466dcups-devel-1.4.2-44.el6.i686.rpm85b16fb28caf9b89c3f4c9b650474f0568982be800148f4a9023c5c082926d2ccups-libs-1.4.2-44.el6.i686.rpmc96222cc751c3fc2517eb10fd8327f406d622343f2d179f63b347ff12679b43cSLSA-2011:1691-3Multiple flaws were found in the way the mount and umount commands performed mtab (mounted file systems table) file updates. A local, unprivileged user allowed to mount or unmount file systems could use these flaws to corrupt the mtab file and create a stale lock file, preventing other users from mounting and unmounting file systems. (CVE-2011-1675, CVE-2011-1677) This update also fixes the following bugs: * Due to a hard coded limit of 128 devices, an attempt to run the "blkid -c" command on more than 128 devices caused blkid to terminate unexpectedly. This update increases the maximum number of devices to 8192 so that blkid no longer crashes in this scenario. * Previously, the "swapon -a" command did not detect device-mapper devices that were already in use. This update corrects the swapon utility to detect such devices as expected. * Prior to this update, the presence of an invalid line in the /etc/fstab file could cause the umount utility to terminate unexpectedly with a segmentation fault. This update applies a patch that corrects this error so that umount now correctly reports invalid lines and no longer crashes. * Previously, an attempt to use the wipefs utility on a partitioned device caused the utility to terminate unexpectedly with an error. This update adapts wipefs to only display a warning message in this situation. * When providing information on interprocess communication (IPC) facilities, the ipcs utility could previously display a process owner as a negative number if the user's UID was too large. This update adapts the underlying source code to make sure the UID values are now displayed correctly. * In the installation scriptlets, the uuidd package uses the chkconfig utility to enable and disable the uuidd service. Previously, this package did not depend on the chkconfig package, which could lead to errors during installation if chkconfig was not installed. This update adds chkconfig to the list of dependencies so that such errors no longer occur. * The previous version of the /etc/udev/rules.d/60-raw.rules file contained a statement that both this file and raw devices are deprecated. This is no longer true and the Scientific Linux kernel supports this functionality. With this update, the aforementioned file no longer contains this incorrect statement. * Previously, an attempt to use the cfdisk utility to read the default Scientific Linux 6 partition layout failed with an error. This update corrects this error and the cfdisk utility can now read the default partition layout as expected. * The previous version of the tailf(1) manual page incorrectly stated that users can use the "--lines=NUMBER" command line option to limit the number of displayed lines. However, the tailf utility does not allow the use of the equals sign (=) between the option and its argument. This update corrects this error. * The fstab(5) manual page has been updated to clarify that empty lines in the /etc/fstab configuration file are ignored. As well, this update adds the following enhancements: * A new fstrim utility has been added to the package. This utility allows the root user to discard unused blocks on a mounted file system. * The login utility has been updated to provide support for failed login attempts that are reported by PAM. * The lsblk utility has been updated to provide additional information about the topology and status of block devices. * The agetty utility has been updated to pass the hostname to the login utility.lowScientific Linux FermiScientific Linux Fermi 6libuuid-devel-2.17.2-12.4.el6.i686.rpm4bd2ce64dbd24654070f6cd3d4cfda1944d52eba55ec9a60dc25f78cb93c1af5util-linux-ng-2.17.2-12.4.el6.i686.rpm667e141fa5afe8bedc475c18a79bb6c4eafab12a1c89ac2ea77715a4c1cc345flibuuid-2.17.2-12.4.el6.i686.rpm793fbe31ba0a3a842a72f8b74a26dde05fe15586ef891be976a25c5010296667uuidd-2.17.2-12.4.el6.i686.rpm21a66810c00e98370d98c13cb0d72fc9842b1c5df87448218a30ef79822d97e3libblkid-2.17.2-12.4.el6.i686.rpmd95db9c893b7a7405b382e3bae67529f612022212a9836c3a926f913c393f95dlibblkid-devel-2.17.2-12.4.el6.i686.rpmf1095c929d7c7e24d67aee6452575b823eb75573c65cb711c1b6cfbb82b52d94SLSA-2011:1694-3It was found that capsh did not change into the new root when using the "-- chroot" option. An application started via the "capsh --chroot" command could use this flaw to escape the chroot restrictions. (CVE-2011-4099) This update also fixes the following bug: * Previously, the libcap packages did not contain the capsh(1) manual page. With this update, the capsh(1) manual page is included.lowScientific Linux FermiScientific Linux Fermi 6libcap-devel-2.16-5.5.el6.i686.rpmf6372b2e996fa4e22aa06ae840d26dbf429171ed750a35a1aa94db721bd2ae51libcap-2.16-5.5.el6.i686.rpm9e89f738f6072d6e15d7e1b2d7764aa4da87c800848c1747a9b168483ca31a21SLSA-2011:1741-3It was found that the "pear" command created temporary files in an insecure way when installing packages. A malicious, local user could use this flaw to conduct a symbolic link attack, allowing them to overwrite the contents of arbitrary files accessible to the victim running the "pear install" command. (CVE-2011-1072) This update also fixes the following bugs: * The php-pear package has been upgraded to version 1.9.4, which provides a number of bug fixes over the previous version. * Prior to this update, php-pear created a cache in the "/var/cache/php-pear/" directory when attempting to list all packages. As a consequence, php-pear failed to create or update the cache file as a regular user without sufficient file permissions and could not list all packages. With this update, php-pear no longer fails if writing to the cache directory is not permitted. Now, all packages are listed as expected.lowScientific Linux FermiScientific Linux Fermi 6php-pear-1.9.4-4.el6.noarch.rpmeb6d9021c522478c70658b49170b5239c6c9aea9b2194979f48e19847f387311SLSA-2011:1749-3An off-by-one error, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XML files. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0216) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially-crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash or, possibly, execute arbitrary code. (CVE-2011-1944) Multiple flaws were found in the way libxml2 parsed certain XPath expressions. If an attacker were able to supply a specially-crafted XML file to an application using libxml2, as well as an XPath expression for that application to run against the crafted file, it could cause the application to crash. (CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, CVE-2011-2834) Note: Scientific Linux does not ship any applications that use libxml2 in a way that would allow the CVE-2011-1944, CVE-2010-4008, CVE-2010-4494, CVE-2011-2821, and CVE-2011-2834 flaws to be exploited; however, third-party applications may allow XPath expressions to be passed which could trigger these flaws. This update also fixes the following bugs: * A number of patches have been applied to harden the XPath processing code in libxml2, such as fixing memory leaks, rounding errors, XPath numbers evaluations, and a potential error in encoding conversion. The desktop must be restarted (log out, then log back in) for this update to take effect.lowScientific Linux FermitrueScientific Linux Fermi 6libxml2-2.7.6-4.el6.i686.rpm4c7de4f21cfb49f6658cabaa7b27476801824dd6d45ec8e16678058a9391c06alibxml2-python-2.7.6-4.el6.i686.rpm133f8e5bbc9b7a8b4e8c550390bb68a157c18171f483d5687c7e946d6bffb243libxml2-devel-2.7.6-4.el6.i686.rpm1564749d7070d32344986ce54be14d49ef281be3d87aa27210073f22a7c7af8elibxml2-static-2.7.6-4.el6.i686.rpmdc186158042e01cb14cac8a5611ebead7972062a0ad033d12debe43515102e7bSLSA-2011:1780-1APR (Apache Portable Runtime) as mentioned in the CVE-2011-3190 and CVE-2011-2526 descriptions does not refer to APR provided by the apr packages. It refers to the implementation of APR provided by the Tomcat Native library, which provides support for using APR with Tomcat. This library is not shipped with Scientific Linux 6. This update includes fixes for users who have elected to use APR with Tomcat by taking the Tomcat Native library from a different product. Multiple flaws were found in the way Tomcat handled HTTP DIGEST authentication. These flaws weakened the Tomcat HTTP DIGEST authentication implementation, subjecting it to some of the weaknesses of HTTP BASIC authentication, for example, allowing remote attackers to perform session replay attacks. (CVE-2011-1184) A flaw was found in the way the Coyote (org.apache.coyote.ajp.AjpProcessor) and APR (org.apache.coyote.ajp.AjpAprProcessor) Tomcat AJP (Apache JServ Protocol) connectors processed certain POST requests. An attacker could send a specially- crafted request that would cause the connector to treat the message body as a new request. This allows arbitrary AJP messages to be injected, possibly allowing an attacker to bypass a web application's authentication checks and gain access to information they would otherwise be unable to access. The JK (org.apache.jk.server.JkCoyoteHandler) connector is used by default when the APR libraries are not present. The JK connector is not affected by this flaw. (CVE-2011-3190) A flaw was found in the Tomcat MemoryUserDatabase. If a runtime exception occurred when creating a new user with a JMX client, that user's password was logged to Tomcat log files. Note: By default, only administrators have access to such log files. (CVE-2011-2204) A flaw was found in the way Tomcat handled sendfile request attributes when using the HTTP APR or NIO (Non-Blocking I/O) connector. A malicious web application running on a Tomcat instance could use this flaw to bypass security manager restrictions and gain access to files it would otherwise be unable to access, or possibly terminate the Java Virtual Machine (JVM). The HTTP blocking IO (BIO) connector, which is not vulnerable to this issue, is used by default in Scientific Linux 6. (CVE-2011-2526) This update also fixes the following bug: * Previously, in certain cases, if "LANG=fr_FR" or "LANG=fr_FR.UTF-8" was set as an environment variable or in "/etc/sysconfig/tomcat6" on 64-bit PowerPC systems, Tomcat may have failed to start correctly. With this update, Tomcat works as expected when LANG is set to "fr_FR" or "fr_FR.UTF-8". Tomcat must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6tomcat6-servlet-2.5-api-6.0.24-35.el6_1.noarch.rpm216d45c2fb220e559a826c69514aa44710308a79d7c430dbf18a6eea72a8fc81tomcat6-admin-webapps-6.0.24-35.el6_1.noarch.rpm8c84995e22ea0112d9dd161129f1a64dfbbb5f0810d965ae879d7887021afd9ctomcat6-webapps-6.0.24-35.el6_1.noarch.rpmf14407f655249372d5faf9a45a84c973df5d750c63b7dfa06a3d34ded2b369e7tomcat6-el-2.1-api-6.0.24-35.el6_1.noarch.rpm0201d3694c4c0f9bbe37ca24aa86a2857c2354c1beac002e4189e1359966ffedtomcat6-javadoc-6.0.24-35.el6_1.noarch.rpmebd2985cb2b3d0c8f52828ec8ab0eabf73c6747217eb31b867faece6c6ab50d7tomcat6-jsp-2.1-api-6.0.24-35.el6_1.noarch.rpm2ff7261b69a4c3af9fddc3d9b68ca47e264268ea8e4c775ce76066636693a8b0tomcat6-6.0.24-35.el6_1.noarch.rpm9f6dafcb71511d652dd5115ce7c44496b506ac645204bace99a7537154c94911tomcat6-docs-webapp-6.0.24-35.el6_1.noarch.rpm3d374f339699c9b655d359d261ee5719e6dc2a3e86eb56e2e0b65693006f0f63tomcat6-lib-6.0.24-35.el6_1.noarch.rpm93742fad7335a1fa79ee2a696f6108596265e00baa394c7ea925468d44271b49SLSA-2011:1790-1A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed certain TGS (Ticket-granting Server) requests. A remote, authenticated attacker could use this flaw to crash the KDC via a specially- crafted TGS request. (CVE-2011-1530) After installing the updated packages, the krb5kdc daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6krb5-libs-1.9-22.el6_2.1.i686.rpm34cbff8b19c91cac42d907808a9d6cd33993bc77f6e045256470211bbb48438bkrb5-workstation-1.9-22.el6_2.1.i686.rpm900d023d8a6815c7b3508a2c705dd2f24ea7aaba1a796da6f7987e0b73e2c976krb5-server-ldap-1.9-22.el6_2.1.i686.rpmcdffe14d93c332e5bde396350c8f54588030e67dd03e22451a47ac8282524a36krb5-pkinit-openssl-1.9-22.el6_2.1.i686.rpm127c29f675c9f684a25f807cbab20f7180dee86256a2f74c4cf4b03bbdb72f2dkrb5-devel-1.9-22.el6_2.1.i686.rpmc9d87aa328e6e3942264357bd27b165b73b88042ff4dce390dcdc76e4f83dea8krb5-server-1.9-22.el6_2.1.i686.rpmd219c21b4f1aaf933e7346f556aeb9d32733e61d0222dd41cdc7bb2015d66e3aSLSA-2011:1791-1An input validation flaw was found in the way Squid calculated the total number of resource records in the answer section of multiple name server responses. An attacker could use this flaw to cause Squid to crash. (CVE-2011-4096) After installing this update, the squid service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6squid-3.1.10-1.el6_2.1.i686.rpm30eb6e96eda8580fd25f569ded0b49b1e95390d2fbdf76c3912af5c42d88cbe3SLSA-2011:1807-1Two heap-based buffer overflow flaws were found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer (such as Nautilus) to crash or, potentially, execute arbitrary code. (CVE-2011-4516, CVE-2011-4517) All applications using the JasPer libraries (such as Nautilus) must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6jasper-1.900.1-15.el6_1.1.i686.rpmb557d531eab9fe73c9ad6700dafd6d1455d98c1a4be72d82a2fd3d601aae0077jasper-utils-1.900.1-15.el6_1.1.i686.rpm7cab642c7b2f1a9c15a6439b424b844341ee134964bbca04f44bb5566d5f9740jasper-devel-1.900.1-15.el6_1.1.i686.rpm6180b2a56d72a09f641777815ca6e0d987a8d7b068c226cf3a4ff449a700647fjasper-libs-1.900.1-15.el6_1.1.i686.rpma81423f931ef61358512bff49688955316e30cab33ed42e0fab63edf27a6c17bSLSA-2011:1814-1It was discovered that the IPMI event daemon (ipmievd) created its process ID (PID) file with world-writable permissions. A local user could use this flaw to make the ipmievd init script kill an arbitrary process when the ipmievd daemon is stopped or restarted. (CVE-2011-4339) After installing this update, the IPMI event daemon (ipmievd) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6ipmitool-1.8.11-12.el6_2.1.i686.rpm32f78dfa5820fbdb574dc13b50501b6caa44112677a1924915f42ae6db7a7e82SLSA-2011:1815-1A stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially-crafted locale representation was opened in an application linked against ICU, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-4599) All applications linked against ICU must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libicu-4.2.1-9.1.el6_2.i686.rpmd620638c7ee539caca39b62788412607d209379bcd47608789f2c9c3b6f08e34icu-4.2.1-9.1.el6_2.i686.rpm041b2c006de372d67ae4176294953e2f2b82aedd8e27f3e481284e09a2689708libicu-doc-4.2.1-9.1.el6_2.noarch.rpm203f1ce67046c834dfe1993fc50e8eab8331ab5bf90262fd0cad9471f5a5a938libicu-devel-4.2.1-9.1.el6_2.i686.rpm692f91f69f745c3bccbc06bfc4b45f753a6cc153cac507dfe16f0045174ec54dSLSA-2011:1819-1A denial of service flaw was found in the way the dhcpd daemon handled DHCP request packets when regular expression matching was used in "/etc/dhcp/dhcpd.conf". A remote attacker could use this flaw to crash dhcpd. (CVE-2011-4539) After installing this update, all DHCP servers will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6dhcp-4.1.1-25.P1.el6_2.1.i686.rpm10aae51148a6753ed1d72605549b48175edfa994a4a8082aaab9f29262f66721dhcp-common-4.1.1-25.P1.el6_2.1.i686.rpmdb07eb416863dd42bd70b117e18e81dd9e66d4af100c242aa6d8b9bf5b5e0f1bdhclient-4.1.1-25.P1.el6_2.1.i686.rpm8fa2ac60da7995c50a09e49cd38b4d018af4ad098d0ea8b7897999ecb4204b82dhcp-devel-4.1.1-25.P1.el6_2.1.i686.rpmb2389037ed72f5d50ce2d133daa4727f0be20448d23ec9fba705fbc38ab8837aSLSA-2011:1821-1An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime (OSCAR) protocol plug-in in Pidgin, used by the AOL ICQ and AIM instant messaging systems, escaped certain UTF-8 characters. A remote attacker could use this flaw to crash Pidgin via a specially-crafted OSCAR message. (CVE-2011-4601) Multiple NULL pointer dereference flaws were found in the Jingle extension of the Extensible Messaging and Presence Protocol (XMPP) protocol plug-in in Pidgin. A remote attacker could use these flaws to crash Pidgin via a specially-crafted Jingle multimedia message. (CVE-2011-4602) Pidgin must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6pidgin-2.7.9-3.el6.2.i686.rpm0e220483c17207394ef81259c2ab0579731e8ae741da10bd6d4a20d097ec728bpidgin-devel-2.7.9-3.el6.2.i686.rpm4511a13a237b33cd1ae29fd3b7b56c1c476c644e1215a1285c18aa36df68ea42libpurple-2.7.9-3.el6.2.i686.rpm78636cc526e52d47e3d9bc5ae7c21b8447e59fb0c842389cb841b5fa6fbd4455finch-2.7.9-3.el6.2.i686.rpm7f76d4aa132d119a5fd7293e84b7d8065ec91cc7dbdff953dfc3d74f7b076511libpurple-perl-2.7.9-3.el6.2.i686.rpmad95b02cfa65296ad23c5ee929eaca4ce7aeadb4cb22c3450c25e1e19d3bb8dfpidgin-docs-2.7.9-3.el6.2.i686.rpmd43218201e1fc968ae0ea0b50892023238b8c915a0287ab5d522d415a8fd7cd3libpurple-tcl-2.7.9-3.el6.2.i686.rpm172f8cc30511611301fdfe3b2e682d4ea5977729dad8af5781f262a1b11a6784libpurple-devel-2.7.9-3.el6.2.i686.rpmeaa278b5880a3f735657c106c7e2920ecf12391f28d2a13e35cfd3abf315f9dcpidgin-perl-2.7.9-3.el6.2.i686.rpma3d6ce10d945085fafaabe6d6f7e31cc320789f003a8df02fb848ef07bd094ddfinch-devel-2.7.9-3.el6.2.i686.rpmcf4fc9d9b587e3cb724a08e462fbd65e33efe504ad705bf4ec0f5b91a19b6841SLSA-2011:1849-1Security fix: * Using the SG_IO IOCTL to issue SCSI requests to partitions or LVM volumes resulted in the requests being passed to the underlying block device. If a privileged user only had access to a single partition or LVM volume, they could use this flaw to bypass those restrictions and gain read and write access (and be able to issue other SCSI commands) to the entire block device. In KVM (Kernel-based Virtual Machine) environments using raw format virtio disks backed by a partition or LVM volume, a privileged guest user could bypass intended restrictions and issue read and write requests (and other SCSI commands) on the host, and possibly access the data of other guests that reside on the same underlying block device. Partition-based and LVM-based storage pools are not used by default. (CVE-2011-4127, Important) Bug fixes: * Previously, idle load balancer kick requests from other CPUs could be serviced without first receiving an inter-processor interrupt (IPI). This could have led to a deadlock. * This update fixes a performance regression that may have caused processes (including KVM guests) to hang for a number of seconds. * When md_raid1_unplug_device() was called while holding a spinlock, under certain device failure conditions, it was possible for the lock to be requested again, deeper in the call chain, causing a deadlock. Now, md_raid1_unplug_device() is no longer called while holding a spinlock. * In hpet_next_event(), an interrupt could have occurred between the read and write of the HPET (High Performance Event Timer) and the value of HPET_COUNTER was then beyond that being written to the comparator (HPET_Tn_CMP). Consequently, the timers were overdue for up to several minutes. Now, a comparison is performed between the value of the counter and the comparator in the HPET code. If the counter is beyond the comparator, the "-ETIME" error code is returned. * Index allocation in the virtio-blk module was based on a monotonically increasing variable "index". Consequently, released indexes were not reused and after a period of time, no new were available. Now, virtio-blk uses the ida API to allocate indexes. * A bug related to Context Caching existed in the Intel IOMMU support module. On some newer Intel systems, the Context Cache mode has changed from previous hardware versions, potentially exposing a Context coherency race. The bug was exposed when performing a series of hot plug and unplug operations of a Virtual Function network device which was immediately configured into the network stack, i.e., successfully performed dynamic host configuration protocol (DHCP). When the coherency race occurred, the assigned device would not work properly in the guest virtual machine. With this update, the Context coherency is corrected and the race and potentially resulting device assignment failure no longer occurs. * The align_va_addr kernel parameter was ignored if secondary CPUs were initialized. This happened because the parameter settings were overridden during the initialization of secondary CPUs. Also, the align_va_addr parameter documentation contained incorrect parameter arguments. With this update, the underlying code has been modified to prevent the overriding and the documentation has been updated. This update also removes the unused code introduced by the patch for BZ#739456. * Dell systems based on a future Intel processor with graphics acceleration required the selection of the install system with basic video driver installation option. This update removes this requirement.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-headers-2.6.32-220.2.1.el6.i686.rpm71d2f1ff99a3ba85eadb33d92c770241a55eb3037493c0e457af229a6d2ee7cdkernel-firmware-2.6.32-220.2.1.el6.noarch.rpme2134c78612f19c51f8529604a00959a7c116a57dcebfd2ba25f5d15bd682b9akernel-devel-2.6.32-220.2.1.el6.i686.rpmf4d04314f29a342f0f420b83795b2d4910780d7965bb0b6d06d0df32d7772baepython-perf-2.6.32-220.2.1.el6.i686.rpm6969a0debd67dd58f6889dfd98afb9b5a82ce9333798485d70bda20f80346c0bperf-2.6.32-220.2.1.el6.i686.rpm2cadd319c9994df70b5e6ddcac794435fc002e3a3da911967c9b4481feee6ed5kernel-doc-2.6.32-220.2.1.el6.noarch.rpm4e89817b00f261ed2244a4e68bde861fafde62a5203321d51da9aca7defeac6ckernel-2.6.32-220.2.1.el6.i686.rpm8d46ab96a8d68c5715af59f23bf8fb75296e18b7883e34c389a48f068db0a0dckernel-debug-devel-2.6.32-220.2.1.el6.i686.rpma31c6f32219de02ace02123d117cc545a801d683b701594470a94595d360181fkernel-debug-2.6.32-220.2.1.el6.i686.rpm6ee47fb35c8361b7bb66c94e962a717cbeb266d66a25d2747f63cbad00a0aaa9SLSA-2011:1852-2A buffer overflow flaw was found in the MIT krb5 telnet daemon (telnetd). A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. (CVE-2011-4862) Note that the krb5 telnet daemon is not enabled by default in any version of Scientific Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package. For users who have installed the krb5-appl-servers package, have enabled the krb5 telnet daemon, and have it accessible remotely, this update should be applied immediately.criticalScientific Linux FermiScientific Linux Fermi 6krb5-appl-clients-1.0.1-7.el6_2.i686.rpmfda2b697a1c987ff2174a46b8b56235236f57c057e9a26407d3b3a05ae414f47krb5-appl-servers-1.0.1-7.el6_2.i686.rpm7482056e4b72c25033e982a202243970f64194892dcd1b16ee4f03164ea4a84cSLSA-2012:0018-1A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3919) An out-of-bounds memory read flaw was found in libxml2. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash. (CVE-2011-3905) The desktop must be restarted (log out, then log back in) for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libxml2-static-2.7.6-4.el6_2.1.i686.rpm55d08a2f17c706a62d86fad5df8cb68a3cf403235c1f38455480013c5f8cd912libxml2-2.7.6-4.el6_2.1.i686.rpm33ec17415e65c78f3bbba40114425595361aadb1631f15a88f0ca70228808a30libxml2-devel-2.7.6-4.el6_2.1.i686.rpm9d9198f34166f848026313de9685b0272eef5f51ac04eeabe04cfbcaf8302622libxml2-python-2.7.6-4.el6_2.1.i686.rpm85d701ed7c647680a9d76bcc2195c9897b92c2b8e13dfddd101b86432f20621eSLSA-2012:0019-1It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash value, a large amount of CPU time would be consumed. This flaw has been mitigated by adding a new configuration directive, max_input_vars, that limits the maximum number of parameters processed per request. By default, max_input_vars is set to 1000. (CVE-2011-4885) An integer overflow flaw was found in the PHP exif extension. On 32-bit systems, a specially-crafted image file could cause the PHP interpreter to crash or disclose portions of its memory when a PHP script tries to extract Exchangeable image file format (Exif) metadata from the image file. (CVE-2011-4566) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6php-5.3.3-3.el6_2.5.i686.rpm4d24ccfe9c1476b8136dfea6049a7b262e9a4c662d3908dccbbba507f0b3facephp-soap-5.3.3-3.el6_2.5.i686.rpm700ed1fd58d476ba792b895755a4adc2f86c0acb746176d373861d3f9801dafcphp-xml-5.3.3-3.el6_2.5.i686.rpm60c156e5e8c0cec9ba9824ca3208c6b60a464f8326e6c79dfa7fffa3da573eefphp-dba-5.3.3-3.el6_2.5.i686.rpm110c98d8c1b9cc06c314ab969a43a76eac87552ccf5b4b86b41e5d314daa59e7php-gd-5.3.3-3.el6_2.5.i686.rpm53006ad3857d33fa7bae321a5c5f71f2e1b64b161f91be3912fd0a9ddf296748php-imap-5.3.3-3.el6_2.5.i686.rpm20a4ab314b8041bd4bd16ea69e885c76af1baa4af6f1d05a454bd9fe01b556cbphp-bcmath-5.3.3-3.el6_2.5.i686.rpm4454c3352dd807dc973b9a1eafd5b1083dbb2c7afa138564d751da80dcb87c1cphp-intl-5.3.3-3.el6_2.5.i686.rpm4cfb92cde2e76b381951e27d900138fbf95007f7eb642e528c759bfc556f12a2php-snmp-5.3.3-3.el6_2.5.i686.rpmfabcc870d0dc38f74b0a8a0d837a1a4f1390e143f38d71d0bc736b9fea0bbd05php-pgsql-5.3.3-3.el6_2.5.i686.rpm9dce02b257bc77d24400d6400748ca26f9aa156397b737fe5cf3ccff52b0864cphp-embedded-5.3.3-3.el6_2.5.i686.rpmc75fbc37c2f9126213e6d77b901e40e4b3427bca8931868c499c161ca05bf63aphp-odbc-5.3.3-3.el6_2.5.i686.rpm1cd6dd371f79007a914be41da7bc1549013697f57f60a636c4a52c67287a2f9aphp-enchant-5.3.3-3.el6_2.5.i686.rpm9ab68c332b40fd17c17dc21aa92f63213a7e5549bb6ad5ea6acb6ba8e350ed57php-tidy-5.3.3-3.el6_2.5.i686.rpm5a35d4808fe6c0d0531b4911f5f43dadd6f03536e6a03866bcd127a2cf4b8024php-process-5.3.3-3.el6_2.5.i686.rpm0d90a1e2afdd3d5a02233e7232c5cdac1851ab6fd3a817ddcab487f24956d020php-cli-5.3.3-3.el6_2.5.i686.rpmd994abc4f1a2bdab8f206ebfa5e90083b718a8ab75e8c42aceee3f2235c43298php-xmlrpc-5.3.3-3.el6_2.5.i686.rpm8ab004453a7c6fea0996760a0650e16a3b843059c4ae58142c869f60e6938cd9php-pspell-5.3.3-3.el6_2.5.i686.rpm6a2397324211b4a67802f02bfbd430a88e9a3ccf81db682568bc478f523b7452php-common-5.3.3-3.el6_2.5.i686.rpm964ec1b305360b76e1381f0fe9c27d54fcc8f4f1ce21cf076040a6d96a9ffc34php-mysql-5.3.3-3.el6_2.5.i686.rpm5966e3e989e845b7e036caa2ac1a8e8c6fde033e87ed3ddcdcf841e575722e86php-mbstring-5.3.3-3.el6_2.5.i686.rpmb871cab548e20951535d794ed2e430baf150ea18e72a848b0c3298198228c3f3php-ldap-5.3.3-3.el6_2.5.i686.rpm7f52aeb6d7f40c816038139f98f74b11a61db03dd4f0e113128d2c18ce2d4111php-recode-5.3.3-3.el6_2.5.i686.rpm5c9c24a179983b1639fd1ae076d1a35ee0395a9cfd0cb32de4ed1bf8fe595268php-devel-5.3.3-3.el6_2.5.i686.rpmb05d4a4e028cdb66478664791d9a1a013a8916a7f325c0b68b2dbd0309c0458aphp-pdo-5.3.3-3.el6_2.5.i686.rpm5c9243982362505a02373718a6d879da88915d462abdf2ee7f772cc521968393php-zts-5.3.3-3.el6_2.5.i686.rpmd542951331dfa030bc9cdada3e4005da632b5c46114f96077f8a3d7e40e3614eSLSA-2012:0052-1This update fixes the following security issue: (CVE-2012-0056, Important) This update fixes the following bugs: * The SLSA-2011:1849 kernel update introduced a bug in the Linux kernel scheduler, causing a "WARNING: at kernel/sched.c:5915 thread_return" message and a call trace to be logged. This message was harmless, and was not due to any system malfunctions or adverse behavior. With this update, the WARN_ON_ONCE() call in the scheduler that caused this harmless message has been removed. * The SLSA-2011:1530 kernel update introduced a regression in the way the Linux kernel maps ELF headers for kernel modules into kernel memory. If a third-party kernel module is compiled on a Scientific Linux system with a kernel prior to SLSA-2011:1530, then loading that module on a system with SLSA-2011:1530 kernel would result in corruption of one byte in the memory reserved for the module. In some cases, this could prevent the module from functioning correctly. * On some SMP systems the tsc may erroneously be marked as unstable during early system boot or while the system is under heavy load. A "Clocksource tsc unstable" message was logged when this occurred. As a result the system would switch to the slower access, but higher precision HPET clock. The "tsc=reliable" kernel parameter is supposed to avoid this problem by indicating that the system has a known good clock, however, the parameter only affected run time checks. A fix has been put in to avoid the boot time checks so that the TSC remains as the clock for the duration of system runtime. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-2.6.32-220.4.1.el6.i686.rpmd22c8f44ba53f902d73c1a3d82d00c17c7d965d0603a87d1cc94d1cce97ad3f9kernel-headers-2.6.32-220.4.1.el6.i686.rpm7e596eb223faf2f5960e69c0258d29b53e3a0b8dddd2a8ebc779c7e45881a1eckernel-doc-2.6.32-220.4.1.el6.noarch.rpm83e795b417a0acb34a6e6274173cad7e292f2dd5edfb05a195ff3c757b764c16kernel-2.6.32-220.4.1.el6.i686.rpm98a6ebe177e28cd6c6980d091d139b5234eb040a3bfd8d43cca2ff1e5a026b0dkernel-devel-2.6.32-220.4.1.el6.i686.rpmde872830c311d969e1fe7dce400a985e0530b18ffcc1cbc7e5c41c24e2e2475akernel-debug-devel-2.6.32-220.4.1.el6.i686.rpm8124104281aebc79a8dbac8ffc3098d80891c83f1c3d85c1b293a1c3c345d090kernel-firmware-2.6.32-220.4.1.el6.noarch.rpme2577d55894a202b395df60d5d399c7033636b69e8b6529fba63888a68763e92python-perf-2.6.32-220.4.1.el6.i686.rpma5589cccdfcb97b1414103299c81ebe278bfc3b0e5c4cf90b18fe7aa72c9a437perf-2.6.32-220.4.1.el6.i686.rpm0eed15dd10cab86cb338b059ef58d5498261e0da15eeb2dcf8b1ec7659f3d62dSLSA-2012:0058-1An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5029) A denial of service flaw was found in the remote procedure call (RPC) implementation in glibc. A remote attacker able to open a large number of connections to an RPC service that is using the RPC implementation from glibc, could use this flaw to make that service use an excessive amount of CPU time. (CVE-2011-4609) This update also fixes the following bugs: * glibc had incorrect information for numeric separators and groupings for specific French, Spanish, and German locales. Therefore, applications utilizing glibc's locale support printed numbers with the wrong separators and groupings when those locales were in use. With this update, the separator and grouping information has been fixed. * The SLBA-2011:1179 glibc update introduced a regression, causing glibc to incorrectly parse groups with more than 126 members, resulting in applications such as "id" failing to list all the groups a particular user was a member of. With this update, group parsing has been fixed. * glibc incorrectly allocated too much memory due to a race condition within its own malloc routines. This could cause a multi-threaded application to allocate more memory than was expected. With this update, the race condition has been fixed, and malloc's behavior is now consistent with the documentation regarding the MALLOC_ARENA_TEST and MALLOC_ARENA_MAX environment variables.moderateScientific Linux FermiScientific Linux Fermi 6glibc-headers-2.12-1.47.el6_2.5.i686.rpm254b9cb21790c7c3c015cad6db659997fe69622f2b3dca933cdb6aa4b5a76f58nscd-2.12-1.47.el6_2.5.i686.rpmf6224991338e08c8541063c0d459d0146ebf9c4a3fd945212079d468577dd8bbglibc-devel-2.12-1.47.el6_2.5.i686.rpm5fa5a1d8f91b469fe4f513e9d74e4eb6ac000ea9df3a7ee733b64be6040e6805glibc-utils-2.12-1.47.el6_2.5.i686.rpm149467169a44d7c9fc510349f19d6a2172089a31a80202e9d5eaf981d872bd83glibc-static-2.12-1.47.el6_2.5.i686.rpmae279c407e419789c7c837b03bcc273eadf489570c8fe941eccad100d47049b2glibc-common-2.12-1.47.el6_2.5.i686.rpm3dd2ac72ab6d50f89d2a239349b68c9d044bb87a61dbe434ae7b189ec71b43e5glibc-2.12-1.47.el6_2.5.i686.rpm39a2fff006aa28a653660fcac59f4a500696ec0ddb3ffddfb86243e845284526SLSA-2012:0059-1It was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS server as a padding oracle. (CVE-2011-4108) An information leak flaw was found in the SSL 3.0 protocol implementation in OpenSSL. Incorrect initialization of SSL record padding bytes could cause an SSL client or server to send a limited amount of possibly sensitive data to its SSL peer via the encrypted connection. (CVE-2011-4576) A denial of service flaw was found in the RFC 3779 implementation in OpenSSL. A remote attacker could use this flaw to make an application using OpenSSL exit unexpectedly by providing a specially-crafted X.509 certificate that has malformed RFC 3779 extension data. (CVE-2011-4577) It was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2011-4619) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6openssl-static-1.0.0-20.el6_2.1.i686.rpmb6a84a88afddd14080b9e3b69eed95a9eb4eee8af1003d646e4e6b3c13bbfc6bopenssl-1.0.0-20.el6_2.1.i686.rpmad5686e21c6f6bca42688672ba3d5051f318cfd33526b02c98af8f93bcb0627eopenssl-devel-1.0.0-20.el6_2.1.i686.rpmb7889dfdfae60a858cc3ed94fab2354fabc5d11851e1b9b8eba11cca6bc1ef48openssl-perl-1.0.0-20.el6_2.1.i686.rpm40a45c291edcd6349f54e70879c0356015ccafa5c088896af27fb051f5f0402dSLSA-2012:0062-1Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics (AFM) files. If a specially-crafted font file was opened by an application linked against t1lib, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2010-2642, CVE-2011-0433) An invalid pointer dereference flaw was found in t1lib. A specially-crafted font file could, when opened, cause an application linked against t1lib to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-0764) A use-after-free flaw was found in t1lib. A specially-crafted font file could, when opened, cause an application linked against t1lib to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-1553) An off-by-one flaw was found in t1lib. A specially-crafted font file could, when opened, cause an application linked against t1lib to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-1554) An out-of-bounds memory read flaw was found in t1lib. A specially-crafted font file could, when opened, cause an application linked against t1lib to crash. (CVE-2011-1552) All applications linked against t1lib must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6t1lib-static-5.1.2-6.el6_2.1.i686.rpm33c50001ffcd21558336fcdc4a7b7318e49ca041d9e2e83962557764027b8e2ct1lib-devel-5.1.2-6.el6_2.1.i686.rpm669b873540f6d0c5b64d07d0d8f6b495a05c8829ce2c271ad0060146d33fdc3dt1lib-5.1.2-6.el6_2.1.i686.rpm2a66b2530f6a7deb5b721858b33e636279d5e263c9b8e0511669188fdcbf2afat1lib-apps-5.1.2-6.el6_2.1.i686.rpm42cb15c82ea52f728a5b64c4327e7deb662631759f2f3530005d80497c7f6819SLSA-2012:0069-1A denial of service flaw was found in the implementation of associative arrays (hashes) in Ruby. An attacker able to supply a large number of inputs to a Ruby application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2011-4815)moderateScientific Linux FermiScientific Linux Fermi 6ruby-devel-1.8.7.352-4.el6_2.i686.rpme65dbf1edf1c9016a247d7fa5d064e66554de1063a00655d720df0c67e4975a4ruby-static-1.8.7.352-4.el6_2.i686.rpm1ba57003a850a8d176a8ab4d96bfbc061676ca89b452c219d5f891ea4548065bruby-irb-1.8.7.352-4.el6_2.i686.rpmbcfb80f2ceb2d130d88b851566b7c0737fc70447425f7e3da7f1fe8a699ea3feruby-tcltk-1.8.7.352-4.el6_2.i686.rpm7cb9bc66d7cdf1573b8fac7031c1c004952ae76b7d777e89d0f2d11e95acec61ruby-docs-1.8.7.352-4.el6_2.i686.rpm62f37b857664f05a4e83002b6c9a2ca19071e317234fb341107d6eb92d2d7d2druby-rdoc-1.8.7.352-4.el6_2.i686.rpm236b2c1174ba40254c52cae135dd62e231eb40f77f1706b1034c6cbe8958f480ruby-libs-1.8.7.352-4.el6_2.i686.rpma9e9f1e3dc023e400d7cf02464dfa7d2a130768dbbb001b1e690bbda5deb899fruby-ri-1.8.7.352-4.el6_2.i686.rpmad4a3b81f004c74623e5b2f969025c6f912876a6eec3ee1ddcfc2133c9821af4ruby-1.8.7.352-4.el6_2.i686.rpm0f5c1ffc8fe568c3158f9ad5aad17cb6e45fab6ef7d355d0aba670e0e1825379SLSA-2012:0079-1A use-after-free flaw was found in the way Firefox removed nsDOMAttribute child nodes. In certain circumstances, due to the premature notification of AttributeChildRemoved, a malicious script could possibly use this flaw to cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-3659) Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0442) A flaw was found in the way Firefox parsed Ogg Vorbis media files. A web page containing a malicious Ogg Vorbis media file could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0444) A flaw was found in the way Firefox parsed certain Scalable Vector Graphics (SVG) image files that contained eXtensible Style Sheet Language Transformations (XSLT). A web page containing a malicious SVG image file could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0449) The same-origin policy in Firefox treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information (such as a client's IP and user e-mail address, or httpOnly cookies) that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets. (CVE-2011-3670) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-devel-1.9.2.26-1.el6_2.i686.rpmd91a40dede42ab429b75586377b683aab29262131a4e7fdbadf20577de16da2cfirefox-3.6.26-1.el6_2.i686.rpm7b95b761361f07ca64fa1740468bc2a7dd7a16f13ab03cb0c73e08d9deda0a2fxulrunner-1.9.2.26-1.el6_2.i686.rpm720305e26d21fc83cab8eb2da4d8d3094b6b446edd7ace4938c6f5132d73491fSLSA-2012:0080-1A use-after-free flaw was found in the way Thunderbird removed nsDOMAttribute child nodes. In certain circumstances, due to the premature notification of AttributeChildRemoved, a malicious script could possibly use this flaw to cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-3659) Several flaws were found in the processing of malformed content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0442) A flaw was found in the way Thunderbird parsed certain Scalable Vector Graphics (SVG) image files that contained eXtensible Style Sheet Language Transformations (XSLT). An HTML mail message containing a malicious SVG image file could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0449) The same-origin policy in Thunderbird treated http://example.com and http://[example.com] as interchangeable. A malicious script could possibly use this flaw to gain access to sensitive information (such as a client's IP and user e-mail address, or httpOnly cookies) that may be included in HTTP proxy error replies, generated in response to invalid URLs using square brackets. (CVE-2011-3670) Note: The CVE-2011-3659 and CVE-2011-3670 issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. It could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-3.1.18-1.el6_2.i686.rpma2a7bc55934e75325a6220ba0d01d130f6ee9247ef8335a6811a22bbf0b2b400SLSA-2012:0093-1It was discovered that the fix for CVE-2011-4885 (released via SLSA-2012:0071, SLSA-2012:0033, and SLSA-2012:0019 for php packages in Scientific Linux 4, 5, and 6 respectively) introduced an uninitialized memory use flaw. A remote attacker could send a specially-crafted HTTP request to cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2012-0830) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6php-recode-5.3.3-3.el6_2.6.i686.rpm90150d98f89f2bf325f8e7a6d7d5818dff0d40b73ed0f0946ae17068ead242d7php-tidy-5.3.3-3.el6_2.6.i686.rpm3e5682005dcdb5c34ddcd793ed7b19e49492ed6b631cb638909f194223e1721dphp-pspell-5.3.3-3.el6_2.6.i686.rpmb22f0736a86789f4d78cd2330c660789bf984f2166e18c407959f11c480c2ad1php-odbc-5.3.3-3.el6_2.6.i686.rpm8b0568ac297c7ec212329b72f41961b8c9d1fd2a71d039bd8021900f928a7c89php-enchant-5.3.3-3.el6_2.6.i686.rpmb47bf2862ee1327dc5d1fad410dfc90573f42a3a0065085fed9628fe455c3c6bphp-pdo-5.3.3-3.el6_2.6.i686.rpm8a7904819370703578726901b05316676986cf6d5c9097c3803124dea4bf0402php-mbstring-5.3.3-3.el6_2.6.i686.rpme5d517fc1aebc8d4026bb55c1c9c7af4acc5d512cbf8a682df0e59eb4f6e7467php-cli-5.3.3-3.el6_2.6.i686.rpmb6606e7d668ce60e0ca574312c064af3c8c459b19afeb41cabb728e295209335php-dba-5.3.3-3.el6_2.6.i686.rpmb085d3319626ae22fb2fe6771d97571f0ef0e816ca4dcf42365c4ac35c5f464ephp-embedded-5.3.3-3.el6_2.6.i686.rpmd1660916ec63634c82f4fa1aed79a175db50174ec40bde808a87de12bb4120c1php-intl-5.3.3-3.el6_2.6.i686.rpmad946bc1421a33a06553f9266e8ee101dff4ad3a410da4602e27da87dedf9d88php-ldap-5.3.3-3.el6_2.6.i686.rpm75b0a22ac4083c960907a35a8451723c9af6abd90298ba6546729a04a52003d4php-mysql-5.3.3-3.el6_2.6.i686.rpm95bb2010eb1a5855456f7fd769961faa907474796cc298526a75ece5ee0a1ac5php-xml-5.3.3-3.el6_2.6.i686.rpm9ea4c999a96f7d2c3429b769420c26b72c2c8ba1140d388d0dbd51fcae10a105php-process-5.3.3-3.el6_2.6.i686.rpm71058a52caa7b68013579272a4f2a02f83d1888f0af85e71a81af22fedb87d1ephp-imap-5.3.3-3.el6_2.6.i686.rpmb533da4cb939d593f4aa0fcbae33675fd9d456b4d9e916dd079624b0578c1c09php-bcmath-5.3.3-3.el6_2.6.i686.rpm3be92d99033dec675eb91f7dfdebf5dcba8022040ff42b7f70854e45465b8c05php-gd-5.3.3-3.el6_2.6.i686.rpm58dab43b6b168d36d504ffd323ab124b01ce62d6b9ef5107888464aba3b2fb38php-snmp-5.3.3-3.el6_2.6.i686.rpmde7c4b827ee4d877133210b7ffc44f8c92a4cf8f48344e5ca7abb0cd211233a6php-common-5.3.3-3.el6_2.6.i686.rpmf5e68319540426009da7b59e31ce8f02f69f7ffcf447492625fde2dbda38e6d1php-xmlrpc-5.3.3-3.el6_2.6.i686.rpmb4682d9b270ee8a7dcbe65a2224435f94a736c4730efc58569583379bec045bfphp-pgsql-5.3.3-3.el6_2.6.i686.rpme74d2a2940f2f489555de48d67f044f97554e2ba3cf35969cdf8d89f8921229fphp-5.3.3-3.el6_2.6.i686.rpm7d0fc9fe132ac2cda5bf5081b949ef044d80e1d51278b909beef5babec70ad99php-soap-5.3.3-3.el6_2.6.i686.rpm185a8ae0a8e3e199756fcb4cd10f9f8acda26e5c1979bd5b0b7d52124c861699php-zts-5.3.3-3.el6_2.6.i686.rpm7c9b7c483f409316f20be675786b6314025120c6d5cb9f6febf2eae0cf87109fphp-devel-5.3.3-3.el6_2.6.i686.rpm4d83c1d4a3fd634590993f72ba5a6e6047038a7a37721d731b64100c4318a02aSLSA-2012:0095-1An integer overflow flaw was found in Ghostscript's TrueType bytecode interpreter. An attacker could create a specially-crafted PostScript or PDF file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2009-3743) It was found that Ghostscript always tried to read Ghostscript system initialization files from the current working directory before checking other directories, even if a search path that did not contain the current working directory was specified with the "-I" option, or the "-P-" option was used (to prevent the current working directory being searched first). If a user ran Ghostscript in an attacker-controlled directory containing a system initialization file, it could cause Ghostscript to execute arbitrary PostScript code. (CVE-2010-2055) Ghostscript included the current working directory in its library search path by default. If a user ran Ghostscript without the "-P-" option in an attacker- controlled directory containing a specially-crafted PostScript library file, it could cause Ghostscript to execute arbitrary PostScript code. With this update, Ghostscript no longer searches the current working directory for library files by default. (CVE-2010-4820) Note: The fix for CVE-2010-4820 could possibly break existing configurations. To use the previous, vulnerable behavior, run Ghostscript with the "-P" option (to always search the current working directory first). A flaw was found in the way Ghostscript interpreted PostScript Type 1 and PostScript Type 2 font files. An attacker could create a specially-crafted PostScript Type 1 or PostScript Type 2 font file that, when interpreted, could cause Ghostscript to crash or, potentially, execute arbitrary code. (CVE-2010-4054)moderateScientific Linux FermiScientific Linux Fermi 6ghostscript-gtk-8.70-11.el6_2.6.i686.rpm213b5df4a20e4c796afff12360de88e9d3fb47518d61ef0febe943c3c3b45a78ghostscript-8.70-11.el6_2.6.i686.rpm771714fd83aa6ce6281c07d3d5e69de7da6bcfc64856e0f5825733637dd020bfghostscript-doc-8.70-11.el6_2.6.i686.rpm6e0b5fb4a9570fa3f33ca2e05e602e23e4d9e79e6e89e3adf7fcb657e679c9dcghostscript-devel-8.70-11.el6_2.6.i686.rpme165ca5d55b2eb4c8a04e8c6a2d8eb56246439db7851845a8f85f4bc7ecdf37fSLSA-2012:0105-1(CVE-2011-2262, CVE-2012-0075, CVE-2012-0087, CVE-2012-0101, CVE-2012-0102, CVE-2012-0112, CVE-2012-0113, CVE-2012-0114, CVE-2012-0115, CVE-2012-0116, CVE-2012-0118, CVE-2012-0119, CVE-2012-0120, CVE-2012-0484, CVE-2012-0485, CVE-2012-0490, CVE-2012-0492) These updated packages upgrade MySQL to version 5.1.61. Refer to the MySQL release notes for a full list of changes: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-x.html After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6mysql-5.1.61-1.el6_2.1.i686.rpma20769fdc148c13b71ace767c60e57fc8c84b84c397de18acc5c1100bc1bc3b8mysql-devel-5.1.61-1.el6_2.1.i686.rpm86460db26911fd0501bbb3fbdb0cd8c55b45890b0f748d7ffdf04d147cf7b604mysql-bench-5.1.61-1.el6_2.1.i686.rpm4c50652ac5e342fc9fd6f04dc05ef1e153731ebe3f4cd26e7b4fa398fef30954mysql-server-5.1.61-1.el6_2.1.i686.rpmd3bcf8b0184271dc537148705d11633f78f9e8cba6b82e77ae13a90d7c0f8e49mysql-embedded-5.1.61-1.el6_2.1.i686.rpmb3a255848a98fcd7dcb09b462e25141e96b731771ae2651be20704efb11c875dmysql-libs-5.1.61-1.el6_2.1.i686.rpm133ef0ce8fd7ae719de319cf4d85c7d57496c1ad92d47914c4aa41ae4e71823dmysql-embedded-devel-5.1.61-1.el6_2.1.i686.rpm68f14382fe05e8e2cf6b13df871a83228130478d9f3cd0282fcf6853183bc8d8mysql-test-5.1.61-1.el6_2.1.i686.rpmfe889f838a7d61cdca3adeaf3e736add6148b720234febd5c2f3ee51356ef994SLSA-2012:0128-1It was discovered that the fix for CVE-2011-3368 (released via SLSA-2011:1391) did not completely address the problem. An attacker could bypass the fix and make a reverse proxy connect to an arbitrary server not directly accessible to the attacker by sending an HTTP version 0.9 request, or by using a specially- crafted URI. (CVE-2011-3639, CVE-2011-4317) The httpd server included the full HTTP header line in the default error page generated when receiving an excessively long or malformed header. Malicious JavaScript running in the server's domain context could use this flaw to gain access to httpOnly cookies. (CVE-2012-0053) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way httpd performed substitutions in regular expressions. An attacker able to set certain httpd settings, such as a user permitted to override the httpd configuration for a specific directory using a ".htaccess" file, could use this flaw to crash the httpd child process or, possibly, execute arbitrary code with the privileges of the "apache" user. (CVE-2011-3607) A flaw was found in the way httpd handled child process status information. A malicious program running with httpd child process privileges (such as a PHP or CGI script) could use this flaw to cause the parent httpd process to crash during httpd service shutdown. (CVE-2012-0031) After installing the updated packages, the httpd daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6httpd-2.2.15-15.sl6.1.i686.rpm6aff3943b91c39453360774bc956c4cecffdb4ad6e1428b937af88d357d2fb0ahttpd-devel-2.2.15-15.sl6.1.i686.rpme98322c78b42da5b403227500c944741015ab0b4fe92d6e7d66108bff8674cd8httpd-manual-2.2.15-15.sl6.1.noarch.rpmb6734017465959f671bdbdc7f27e16c6842a00b77138e7d06d310e323c191f2chttpd-tools-2.2.15-15.sl6.1.i686.rpm055b1b4fff0ea2d50b3edd9214c767bb81faa89727565904bf53d7ca8932e0c7mod_ssl-2.2.15-15.sl6.1.i686.rpm21e5072a38afa25a889dfb40db1d6bf491a92a301aaf5759c90b3eda46185173SLSA-2012:0135-1It was discovered that Java2D did not properly check graphics rendering objects before passing them to the native renderer. Malicious input, or an untrusted Java application or applet could use this flaw to crash the Java Virtual Machine (JVM), or bypass Java sandbox restrictions. (CVE-2012-0497) It was discovered that the exception thrown on deserialization failure did not always contain a proper identification of the cause of the failure. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2012-0505) The AtomicReferenceArray class implementation did not properly check if the array was of the expected Object[] type. A malicious Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2011-3571) It was discovered that the use of TimeZone.setDefault() was not restricted by the SecurityManager, allowing an untrusted Java application or applet to set a new default time zone, and hence bypass Java sandbox restrictions. (CVE-2012-0503) The HttpServer class did not limit the number of headers read from HTTP requests. A remote attacker could use this flaw to make an application using HttpServer use an excessive amount of CPU time via a specially-crafted request. This update introduces a header count limit controlled using the sun.net.httpserver.maxReqHeaders property. The default value is 200. (CVE-2011-5035) The Java Sound component did not properly check buffer boundaries. Malicious input, or an untrusted Java application or applet could use this flaw to cause the Java Virtual Machine (JVM) to crash or disclose a portion of its memory. (CVE-2011-3563) A flaw was found in the AWT KeyboardFocusManager that could allow an untrusted Java application or applet to acquire keyboard focus and possibly steal sensitive information. (CVE-2012-0502) It was discovered that the CORBA (Common Object Request Broker Architecture) implementation in Java did not properly protect repository identifiers on certain CORBA objects. This could have been used to modify immutable object data. (CVE-2012-0506) An off-by-one flaw, causing a stack overflow, was found in the unpacker for ZIP files. A specially-crafted ZIP archive could cause the Java Virtual Machine (JVM) to crash when opened. (CVE-2012-0501) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.10.6. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-devel-1.6.0.0-1.43.1.10.6.el6_2.i686.rpme2906025ca8a1652082f8b816039da27d33cd63e9002d0d5fd1a370bb8a690a6java-1.6.0-openjdk-javadoc-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm9ca1f4621cde10cca656218f4daa88fad42debcd6208c675cc2c0cd2bdcb6f70java-1.6.0-openjdk-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm63c2d44ea317b4b4d9f91eea23bd0dbcd2e8f81f586245e14f603a01f6bb3ab9java-1.6.0-openjdk-demo-1.6.0.0-1.43.1.10.6.el6_2.i686.rpme262e1268785a44d747da0f7efe9f95a131d6d866518d9f661047b65fe178897java-1.6.0-openjdk-src-1.6.0.0-1.43.1.10.6.el6_2.i686.rpm53d6778339a90c1d846b39c2d57dd60fd7f2690285838b70152ad51d58810897SLSA-2012:0136-1A heap-based buffer overflow flaw was found in the way the libvorbis library parsed Ogg Vorbis media files. If a specially-crafted Ogg Vorbis media file was opened by an application using libvorbis, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-0444) The desktop must be restarted (log out, then log back in) for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libvorbis-devel-1.2.3-4.el6_2.1.i686.rpm3fbcd3b6185d9fd5b496e79ddd7d687010c176cfc9d459a31c83cd42ccef97d9libvorbis-1.2.3-4.el6_2.1.i686.rpm4d14ae667481b775e4f5325866afd4f36b4b114333b729746fbd1fb30a3ba762libvorbis-devel-docs-1.2.3-4.el6_2.1.noarch.rpm00e3a13e8505fed4967ed510ed05a5645a82fd61cdf60db7afcc9677fb6c48e3SLSA-2012:0137-1TeX Live embeds a copy of t1lib. The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code: Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics (AFM) files. If a specially-crafted font file was opened by a TeX Live utility, it could cause the utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility. (CVE-2010-2642, CVE-2011-0433) An invalid pointer dereference flaw was found in t1lib. A specially-crafted font file could, when opened, cause a TeX Live utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility. (CVE-2011-0764) A use-after-free flaw was found in t1lib. A specially-crafted font file could, when opened, cause a TeX Live utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility. (CVE-2011-1553) An off-by-one flaw was found in t1lib. A specially-crafted font file could, when opened, cause a TeX Live utility to crash or, potentially, execute arbitrary code with the privileges of the user running the utility. (CVE-2011-1554) An out-of-bounds memory read flaw was found in t1lib. A specially-crafted font file could, when opened, cause a TeX Live utility to crash. (CVE-2011-1552)moderateScientific Linux FermiScientific Linux Fermi 6kpathsea-devel-2007-57.el6_2.i686.rpm1f911c55b83e78d07e084b3829e59add25174ac5118caa2f1d1c1f26fc884e5ctexlive-xetex-2007-57.el6_2.i686.rpmbe1391dba208e5bd35119543f89618a0ba78dced6e5a3cedc15c15314fa85b87texlive-afm-2007-57.el6_2.i686.rpmfde6946a30ebf135c7981e9b306b0890afc9dd8ad8679a484ac83d884f8bc703texlive-utils-2007-57.el6_2.i686.rpm4dc1f0f91a8cf92a1e0c8670f4662da4d272c464977479b5df675597353684fctexlive-dviutils-2007-57.el6_2.i686.rpm4e8886ca4ad90e92c8c130a2c400b732b267bec8d667ab0fd256bd6cc9c28aa8kpathsea-2007-57.el6_2.i686.rpm710843c373d6412cc95aebe88bfe5274a6c67d9c056510cfd91a0789b77823e3texlive-2007-57.el6_2.i686.rpm02ee97c81394f8da845e457772dd49e99d6a014e30f06db445c604024aba060amendexk-2.6e-57.el6_2.i686.rpm32df4a512730e1db6cc7439ae391fa54867cdfe21796faa0670fd51c5b7076detexlive-latex-2007-57.el6_2.i686.rpm33f0d4619433bcee798ee9cc2b3a40eac6a5e92b4fffecb7b8054c1d708be19ftexlive-context-2007-57.el6_2.i686.rpm4b55be12c612a78b3676469049d23f0a7d8ff0deb36b517d0f8768c3f50ca50ftexlive-dvips-2007-57.el6_2.i686.rpmf1c19f10d9a2b732eaca47fe69fc6b34f2365e3bdabbd15dd000edb9143636f3texlive-east-asian-2007-57.el6_2.i686.rpm58ec8129de329d52a2b02c11b227fd22d3a476a7d29409230837ae77bead6392SLSA-2012:0140-1A heap-based buffer overflow flaw was found in the way Thunderbird handled PNG (Portable Network Graphics) images. An HTML mail message or remote content containing a specially-crafted PNG image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-3026) After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-3.1.18-2.el6_2.i686.rpmedc1e801683a19882c9cb1b43e8454ce51a14911cbcc21f4a4d5f7b12d02f797SLSA-2012:0143-1A heap-based buffer overflow flaw was found in the way XULRunner handled PNG (Portable Network Graphics) images. A web page containing a malicious PNG image could cause an application linked against XULRunner (such as Firefox) to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3026) After installing the update, applications using XULRunner must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-1.9.2.26-2.el6_2.i686.rpmc20727b1da66785c7bc5ea977ff34fcfb9d47750ed697605459868e9d1325d0exulrunner-devel-1.9.2.26-2.el6_2.i686.rpm0e69bb85f0cbbb4594ca2a1dd9f0a41731b068ffface6aa1adcf80ef60fbed37SLSA-2012:0317-1A heap-based buffer overflow flaw was found in libpng. An attacker could create a specially-crafted PNG image that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3026) All running applications using libpng or libpng10 must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libpng-static-1.2.46-2.el6_2.i686.rpm7cad54cd16e96d257c876ab02ee15bfe93efed577a7bbbe27491677a8ab63c8elibpng-devel-1.2.46-2.el6_2.i686.rpm1d4bb7f8e8ca11ecaa20eae81420c8fca0f09a634d5ccd909a78a6c4790c5adelibpng-1.2.46-2.el6_2.i686.rpm7c0238888909fd63a1a1fff2cd9e45e428481dab5d266339aa5f2ce718d3328eSLSA-2012:0321-1A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. (CVE-2012-0804)moderateScientific Linux FermiScientific Linux Fermi 6cvs-1.11.23-11.el6_2.1.i686.rpmfc0d2593c87486c133f0e8fefa9fc292305a60c9318f71277c99f1f5cc0018a7SLSA-2012:0324-1It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially-crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0841) The desktop must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libxml2-python-2.7.6-4.el6_2.4.i686.rpma42d8624849a8a7dcb545f0909490f6de5debf2e662ded05a07e3894470186a9libxml2-static-2.7.6-4.el6_2.4.i686.rpmf339735992c10476199dd47668eb77bbe518d7a614e28d590dd55fd1b6c2522flibxml2-devel-2.7.6-4.el6_2.4.i686.rpm9570d5a41852df3dbb9fe72645081f248390172eb55506ed18a083fc33f86496libxml2-2.7.6-4.el6_2.4.i686.rpmbed8f7aa4e41cec8677b26ba051997d11b1ee575488c39c852795abc3324ebb8SLSA-2012:0350-1This update fixes the following security issues: * A buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk. (CVE-2011-4077, Moderate) * Flaws in ghash_update() and ghash_final() could allow a local, unprivileged user to cause a denial of service. (CVE-2011-4081, Moderate) * A flaw was found in the Linux kernel's Journaling Block Device (JBD). A local, unprivileged user could use this flaw to crash the system by mounting a specially-crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate) * It was found that the kvm_vm_ioctl_assign_device() function in the KVM (Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if the user requesting device assignment was privileged or not. A local, unprivileged user on the host could assign unused PCI devices, or even devices that were in use and whose resources were not properly claimed by the respective drivers, which could result in the host crashing. (CVE-2011-4347, Moderate) * Two flaws were found in the way the Linux kernel's __sys_sendmsg() function, when invoked via the sendmmsg() system call, accessed user-space memory. A local, unprivileged user could use these flaws to cause a denial of service. (CVE-2011-4594, Moderate) * The SLSA-2011:1530 kernel update introduced an integer overflow flaw in the Linux kernel. On PowerPC systems, a local, unprivileged user could use this flaw to cause a denial of service. (CVE-2011-4611, Moderate) * A flaw was found in the way the KVM subsystem of a Linux kernel handled PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was no virtual interrupt controller set up. A local, unprivileged user on the host could force this situation to occur, resulting in the host crashing. (CVE-2011-4622, Moderate) * A flaw was found in the way the Linux kernel's XFS file system implementation handled on-disk Access Control Lists (ACLs). A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk. (CVE-2012-0038, Moderate) * A flaw was found in the way the Linux kernel's KVM hypervisor implementation emulated the syscall instruction for 32-bit guests. An unprivileged guest user could trigger this flaw to crash the guest. (CVE-2012-0045, Moderate) * A divide-by-zero flaw was found in the Linux kernel's igmp_heard_query() function. An attacker able to send certain IGMP (Internet Group Management Protocol) packets to a target system could use this flaw to cause a denial of service. (CVE-2012-0207, Moderate) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-firmware-2.6.32-220.7.1.el6.noarch.rpmaee9a9f1612c83a4781020776adedb94c0dd2117e59238494a53864fa8a8cac3kernel-debug-2.6.32-220.7.1.el6.i686.rpm7b183b21cea11833702d2574a16f299c8368e2b450159c121c056b5d66918229kernel-debug-devel-2.6.32-220.7.1.el6.i686.rpm3110bddda2dbfae509d38b08750f6acb15086be6356b8deca764d1058aaff710kernel-2.6.32-220.7.1.el6.i686.rpm4a8280249b6141aac4ef944f85264e7843fbbee45a4cb682ac676883112cac86kernel-headers-2.6.32-220.7.1.el6.i686.rpm8518861d680b151cc57d04114ead2d0ed3f60197cd49b5bf986e9dc61684095ekernel-doc-2.6.32-220.7.1.el6.noarch.rpm0171053791268f5e86dd141846e3b14d09468a0e78294af7dc02ecce4a171f52perf-2.6.32-220.7.1.el6.i686.rpmdef7aa3cc1d32f5ca77f318f94d346d0d1fb9a908549e418aa4d337fd04bbf0dpython-perf-2.6.32-220.7.1.el6.i686.rpm53cedbd8f584eccf26ae12dba4c00e08a06f26598605211f40ccc8edebce7c27kernel-devel-2.6.32-220.7.1.el6.i686.rpmf21ad8c8044ed21fbcf7ddf2c1a11bd330e9eac2ff12cc4da9c4bd25ef35b66fSLSA-2012:0369-1It was discovered that SQLAlchemy did not sanitize values for the limit and offset keywords for SQL select statements. If an application using SQLAlchemy accepted values for these keywords, and did not filter or sanitize them before passing them to SQLAlchemy, it could allow an attacker to perform an SQL injection attack against the application. (CVE-2012-0805) All running applications using SQLAlchemy must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6python-sqlalchemy-0.5.5-3.el6_2.noarch.rpm843cab62d3ce1e1e6de65449fb8dc9bc7c02b454c664c9516d94b0beb7be5fccSLSA-2012:0376-1An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or, potentially, read arbitrary kernel memory. Additionally, a privileged user (root, or a member of the stapdev group) could trigger this flaw when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled. (CVE-2012-0875)moderateScientific Linux FermiScientific Linux Fermi 6systemtap-grapher-1.6-5.el6_2.i686.rpmd9eb6e8fdcd9f2f38a854a6ab6badaaad529a203ac6674c656e6cee5a9643642systemtap-initscript-1.6-5.el6_2.i686.rpm53bbc602f5f198a98f15a85fa9e46ad3b2e0e03e622bdd335caece978f1a4cc1systemtap-sdt-devel-1.6-5.el6_2.i686.rpm6c6993cfe7db03369a1a7b78aa0bc0d61135bd01c7f60cb4e4dec679d8aa772esystemtap-server-1.6-5.el6_2.i686.rpm79d148448d431912a2ba7a607f0739f51a564e23f9c3e036f557299283dbd850systemtap-runtime-1.6-5.el6_2.i686.rpm04186b092f3e1b1df611d9c40ba47d4417dd9ca5651bac7913cc203d42c4f9e1systemtap-1.6-5.el6_2.i686.rpm31ba57f2651b0eb902eabc9b9e2b18e6e2eead7d04e977e549486a7b67bd4356systemtap-testsuite-1.6-5.el6_2.i686.rpm53a014c335747c8dea98c11f16574249fc25ddc41c71bda410106ae3bffef931SLSA-2012:0387-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0461, CVE-2012-0462, CVE-2012-0464) Two flaws were found in the way Firefox parsed certain Scalable Vector Graphics (SVG) image files. A web page containing a malicious SVG image file could cause an information leak, or cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0456, CVE-2012-0457) A flaw could allow a malicious site to bypass intended restrictions, possibly leading to a cross-site scripting (XSS) attack if a user were tricked into dropping a "javascript:" link onto a frame. (CVE-2012-0455) It was found that the home page could be set to a "javascript:" link. If a user were tricked into setting such a home page by dragging a link to the home button, it could cause Firefox to repeatedly crash, eventually leading to arbitrary code execution with the privileges of the user running Firefox. (CVE-2012-0458) A flaw was found in the way Firefox parsed certain web content containing "cssText". A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0459) It was found that by using the DOM fullscreen API, untrusted content could bypass the mozRequestFullscreen security protections. A web page containing malicious web content could exploit this API flaw to cause user interface spoofing. (CVE-2012-0460) A flaw was found in the way Firefox handled pages with multiple Content Security Policy (CSP) headers. This could lead to a cross-site scripting attack if used in conjunction with a website that has a header injection flaw. (CVE-2012-0451) This update also fixes the following bugs: * When using the Traditional Chinese locale (zh-TW), a segmentation fault sometimes occurred when closing Firefox. * Inputting any text in the Web Console (Tools -> Web Developer -> Web Console) caused Firefox to crash. * The java-1.6.0-ibm-plugin and java-1.6.0-sun-plugin packages require the "/usr/lib/mozilla/plugins/" directory on 32-bit systems, and the "/usr/lib64/mozilla/plugins/" directory on 64-bit systems. These directories are created by the xulrunner package; however, they were missing from the xulrunner package provided by the SLEA-2012:0327 update. Therefore, upgrading to SLEA-2012:0327 removed those directories, causing dependency errors when attempting to install the java-1.6.0-ibm-plugin or java-1.6.0-sun-plugin package. With this update, xulrunner once again creates the plugins directory. This issue did not affect users of Scientific Linux 6. After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-10.0.3-1.el6_2.i686.rpmd753f387b45a3dee991fb2eb77f98e3936e416745adb158705491f810de3d7b6xulrunner-devel-10.0.3-1.el6_2.i686.rpm6e60c6cbdbab530d2c55f13ea3e0603afd94573188dab9b8a8cd9a995fa9e3e8xulrunner-10.0.3-1.el6_2.i686.rpm8f6ac23ab66e92a979e086638cc1017494e3c82c60bf87626bfb8539d36feccfSLSA-2012:0388-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0461, CVE-2012-0462, CVE-2012-0464) Two flaws were found in the way Thunderbird parsed certain Scalable Vector Graphics (SVG) image files. An HTML mail message containing a malicious SVG image file could cause an information leak, or cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0456, CVE-2012-0457) A flaw could allow malicious content to bypass intended restrictions, possibly leading to a cross-site scripting (XSS) attack if a user were tricked into dropping a "javascript:" link onto a frame. (CVE-2012-0455) It was found that the home page could be set to a "javascript:" link. If a user were tricked into setting such a home page by dragging a link to the home button, it could cause Firefox to repeatedly crash, eventually leading to arbitrary code execution with the privileges of the user running Firefox. A similar flaw was found and fixed in Thunderbird. (CVE-2012-0458) A flaw was found in the way Thunderbird parsed certain, remote content containing "cssText". Malicious, remote content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0459) It was found that by using the DOM fullscreen API, untrusted content could bypass the mozRequestFullscreen security protections. Malicious content could exploit this API flaw to cause user interface spoofing. (CVE-2012-0460) A flaw was found in the way Thunderbird handled content with multiple Content Security Policy (CSP) headers. This could lead to a cross-site scripting attack if used in conjunction with a website that has a header injection flaw. (CVE-2012-0451) Note: All issues except CVE-2012-0456 and CVE-2012-0457 cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. It could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-10.0.3-1.el6_2.i686.rpmfa1f56ea1a2fec4ecd3ddfdcbf8fa32b704e5c47b4b960c66647fe881c6dd7d5SLSA-2012:0393-1An integer overflow flaw was found in the implementation of the printf functions family. This could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort. (CVE-2012-0864) This update also fixes the following bugs: * Previously, the dynamic loader generated an incorrect ordering for initialization according to the ELF specification. This could result in incorrect ordering of DSO constructors and destructors. With this update, dependency resolution has been fixed. * Previously, locking of the main malloc arena was incorrect in the retry path. This could result in a deadlock if an sbrk request failed. With this update, locking of the main arena in the retry path has been fixed. This issue was exposed by a bug fix provided in the SLSA-2012:0058 update. * Calling memcpy with overlapping arguments on certain processors would generate unexpected results. While such code is a clear violation of ANSI/ISO standards, this update restores prior memcpy behavior.moderateScientific Linux FermiScientific Linux Fermi 6glibc-headers-2.12-1.47.el6_2.9.i686.rpmfd7525d5c6ffee327d3629b05ad6c39939cb72e38504599fcd92847e4be81851glibc-utils-2.12-1.47.el6_2.9.i686.rpm4473f065133e16f2213402cfe27875673c446670932c12f8562e5cabdb7919dfglibc-static-2.12-1.47.el6_2.9.i686.rpmbe29d52b2a988784c54f69b49c96d70773f6a6db87ac9519dc073984037a2f7cglibc-common-2.12-1.47.el6_2.9.i686.rpme9cfed7ce3cf27a8d9ec7245cb963924b62c1ed5e15c6ac0f5b6893a4a6a12b3glibc-2.12-1.47.el6_2.9.i686.rpm2b50cefadf1dc95c0d44774356e8bb55bac3f7ce0337a22fe3f29026f554055cnscd-2.12-1.47.el6_2.9.i686.rpm30e1ede792377d7762c443af06405e4c399c145ac004243460c8ce98a16fc234glibc-devel-2.12-1.47.el6_2.9.i686.rpme1dd769d83a2015626db5628352c20c798024343eb5e05c818239a8a41a43f40SLSA-2012:0407-1A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially- crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3045) For Scientific Linux 5, they contain a backported patch. For Scientific Linux 6, they upgrade libpng to version 1.2.48. All running applications using libpng must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libpng-static-1.2.48-1.el6_2.i686.rpm7429012ed882c85d6bda08e29d9bdea601a0a4dc368504189d850ece1a3b5ce6libpng-1.2.48-1.el6_2.i686.rpmf07049e1584d411ae1d9b2556ea475da54ed5a0576e17d065dce130a46c1b2e8libpng-devel-1.2.48-1.el6_2.i686.rpm9d8a5b863f2b1df90811098ecde6279eb146fea651b1a591e9f246da08b4f3edSLSA-2012:0410-1An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-0037) All running applications linked against Raptor must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6raptor-devel-1.4.18-5.el6_2.1.i686.rpm5bcb18a3eac071b87ec5a6c518ae2eebbffc226decc6afedebb1c1f01ca06fe1raptor-1.4.18-5.el6_2.1.i686.rpm5f91ef07c0593721e5b5d00903494340c2ac13d585eeb35766149e25a55da69dSLSA-2012:0426-1A NULL pointer dereference flaw was found in the way OpenSSL parsed Secure/Multipurpose Internet Mail Extensions (S/MIME) messages. An attacker could use this flaw to crash an application that uses OpenSSL to decrypt or verify S/MIME messages. (CVE-2012-1165) A flaw was found in the PKCS#7 and Cryptographic Message Syntax (CMS) implementations in OpenSSL. An attacker could possibly use this flaw to perform a Bleichenbacher attack to decrypt an encrypted CMS, PKCS#7, or S/MIME message by sending a large number of chosen ciphertext messages to a service using OpenSSL and measuring error response times. (CVE-2012-0884) This update also fixes a regression caused by the fix for CVE-2011-4619, released via SLSA-2012:0060 and SLSA-2012:0059, which caused Server Gated Cryptography (SGC) handshakes to fail. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6openssl-1.0.0-20.el6_2.3.i686.rpma1a7306c4c854b6ba3add6f853781a889889626e388640b7b250108ac53d249copenssl-devel-1.0.0-20.el6_2.3.i686.rpm17bb819c47c6993ce9735e291993eab959229dae9a7a3de6190638fdcf6d8084openssl-perl-1.0.0-20.el6_2.3.i686.rpmb1302e9a5500824aeca8d32de42eff1b881540ecd737ea5e2c203c0daa23c7a9openssl-static-1.0.0-20.el6_2.3.i686.rpm49c01ed45a0b5dd4c04f88c3906579cc53c30fa8207c59df6ad28d887c779fcaSLSA-2012:0427-1A flaw was found in the way libtasn1 decoded DER data. An attacker could create carefully-crafted DER encoded input (such as an X.509 certificate) that, when parsed by an application that uses libtasn1 (such as applications using GnuTLS), could cause the application to crash. (CVE-2012-1569) For the update to take effect, all applications linked to the libtasn1 library must be restarted, or the system rebooted.importantScientific Linux FermitruetrueScientific Linux Fermi 6libtasn1-2.3-3.el6_2.1.i686.rpm618e7e45a738eb285b72b68c1bc5fe2a8285427215122b144a829f527708b854libtasn1-tools-2.3-3.el6_2.1.i686.rpm3fed53df99e238fdda0fcd926132042c26327465a375c6bfc28912295a501d27libtasn1-devel-2.3-3.el6_2.1.i686.rpmc073e3f7faa955abf67ec7410e9f292eab232e6051f57e74dd2115d9ca4dc684SLSA-2012:0429-1A flaw was found in the way GnuTLS decrypted malformed TLS records. This could cause a TLS/SSL client or server to crash when processing a specially-crafted TLS record from a remote TLS/SSL connection peer. (CVE-2012-1573) A boundary error was found in the gnutls_session_get_data() function. A malicious TLS/SSL server could use this flaw to crash a TLS/SSL client or, possibly, execute arbitrary code as the client, if the client passed a fixed- sized buffer to gnutls_session_get_data() before checking the real size of the session data provided by the server. (CVE-2011-4128) For the update to take effect, all applications linked to the GnuTLS library must be restarted, or the system rebooted.importantScientific Linux FermitruetrueScientific Linux Fermi 6gnutls-2.8.5-4.el6_2.2.i686.rpm234996a1490ff69aec2e62bc2f6a3e3fa04df1d6cb97007fdfebaef1b5d0f465gnutls-utils-2.8.5-4.el6_2.2.i686.rpm162f9b2c13fd77310e86ebe9409da12146a72a1695f5822464fe49ad21039b02gnutls-devel-2.8.5-4.el6_2.2.i686.rpm2ddb4003f942b1027b73355d3ac09646261919cadb50eb1fad48ba35b38f7dc6gnutls-guile-2.8.5-4.el6_2.2.i686.rpm12fdb49da622f284ab69c617983703fa27ba901ec28245911f56d77caeefa56eSLSA-2012:0451-1Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library (such as the rpm command line tool, or the yum and up2date package managers) to crash or, potentially, execute arbitrary code. (CVE-2012-0060, CVE-2012-0061, CVE-2012-0815) All running applications linked against the RPM library must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6rpm-apidocs-4.8.0-19.el6_2.1.noarch.rpmae161a565dc06d4683f2807a0d0f60a7468d4fec5928869b2212a9588c10336arpm-cron-4.8.0-19.el6_2.1.noarch.rpmad78583dd5904879a797f7424757a6a954678486b23273443dd196467efd2b08rpm-libs-4.8.0-19.el6_2.1.i686.rpm80bcdf57432a09cd2b0053db23b63deca25674e5b7c4e7fc250ebf0b8ba66d85rpm-4.8.0-19.el6_2.1.i686.rpmc55de270d14c21179bbc03d547a5b3c28a01bd2c41621e521a4a379629e31860rpm-build-4.8.0-19.el6_2.1.i686.rpm7e08dec59a33ca0786a49cef7d7c7f76667504166347cf613d8800c1a5f47bcerpm-devel-4.8.0-19.el6_2.1.i686.rpmceb989a24cd4ad89dcd6e37569f89e91c24d9af939ca01335861641b4729dab0rpm-python-4.8.0-19.el6_2.1.i686.rpm7243739228821a9a4c9083adbd3162e5665be5619a0e0108d0bd28023957c006SLSA-2012:0465-1A flaw in the Samba suite's Perl-based DCE/RPC IDL (PIDL) compiler, used to generate code to handle RPC calls, resulted in multiple buffer overflows in Samba. A remote, unauthenticated attacker could send a specially-crafted RPC request that would cause the Samba daemon (smbd) to crash or, possibly, execute arbitrary code with the privileges of the root user. (CVE-2012-1182) After installing this update, the smb service will be restarted automatically.criticalScientific Linux FermiScientific Linux Fermi 6samba-winbind-devel-3.5.10-115.el6_2.i686.rpm0de52cbf5d5a7628fe37768333443a99759536807f709ef734f315d08f8f0a81samba-winbind-3.5.10-115.el6_2.i686.rpme1a967f374da2587ef1589bb92bf6ba18c0c46e523d8633341cef8a581edbe8fsamba-common-3.5.10-115.el6_2.i686.rpm5dd26e0af17e01f4aa0498141d42143bef3e62beba0dfe4a399be189c6abc9cesamba-3.5.10-115.el6_2.i686.rpm6656670f30404f838d7ca8afc1d6876622360239563ac582e304b728b02f4cdesamba-swat-3.5.10-115.el6_2.i686.rpm416d18ae24b1a4702a1d1590e48f81f9bddd13496109764dcbbcfeb31b2f0c84samba-domainjoin-gui-3.5.10-115.el6_2.i686.rpme4e7a45be18bbb4f6ea7b9503e05c40b51d07a53a9b3fbea14c8d5e7aff4b580samba-winbind-clients-3.5.10-115.el6_2.i686.rpm2ae378029e758938b7c87a58f55646fc934269539c4963b7627197e0787d328fsamba-winbind-krb5-locator-3.5.10-115.el6_2.i686.rpm3d9b8b4fe9680a6ea16c17eb449ae75c9648d0b26ee3bc0af50f0119dfe47fc8samba-client-3.5.10-115.el6_2.i686.rpm61e15f21941c8100c3c58cfe6ef9cd279837e57f1d1a50a4b130ab9b6fa7cfc6libsmbclient-3.5.10-115.el6_2.i686.rpmed50d4d95f5a3e1429785afae6cdb5cefb420bd6c4254c066171775c0227bc4bsamba-doc-3.5.10-115.el6_2.i686.rpm2a264f3837edfab5169744a985ec53900ccd4525d48f9a2194190c1008cf48dflibsmbclient-devel-3.5.10-115.el6_2.i686.rpm1544f911a9b40e4b9fb5e59e62fe0aaa77e874a6911380f4cb30acdea11a1c51SLSA-2012:0467-1Multiple flaws were found in the way FreeType handled TrueType Font (TTF), Glyph Bitmap Distribution Format (BDF), Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-1134, CVE-2012-1136, CVE-2012-1142, CVE-2012-1144) Multiple flaws were found in the way FreeType handled fonts in various formats. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash. (CVE-2012-1126, CVE-2012-1127, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1137, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141, CVE-2012-1143) The X server must be restarted (log out, then log back in) for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6freetype-devel-2.3.11-6.el6_2.9.i686.rpmf625417648d28ccdb750d519bf0b5a30207b72286e60fe071c5b755bfa977aa1freetype-2.3.11-6.el6_2.9.i686.rpm2e0a1332b3c75592a7f3a52165dda34c6d36dc773c7bd7a1ce1b00bab1c7cd59freetype-demos-2.3.11-6.el6_2.9.i686.rpm2f466b56d10bf1d268cc94c8a365fbe47eda96ea52d7ca53c9c8fea90195fe99SLSA-2012:0468-1Two integer overflow flaws, leading to heap-based buffer overflows, were found in the way libtiff attempted to allocate space for a tile in a TIFF image file. An attacker could use these flaws to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2012-1173) All running applications linked against libtiff must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libtiff-devel-3.9.4-5.el6_2.i686.rpm9ecad4aad1aff5bc7dc31609f5a7b6492e91572ad260ded159ada3d6ee1a6840libtiff-3.9.4-5.el6_2.i686.rpmff22971348f4f1f2ab2a3a363b7e9efaedd5e401d2badd138d749eb93c8da4d4libtiff-static-3.9.4-5.el6_2.i686.rpmfa398e017aa3ac5497df79de1ec331cd1524ea26ff54cd07897bc5f8df5d1437SLSA-2012:0475-1It was found that the Java hashCode() method implementation was susceptible to predictable hash collisions. A remote attacker could use this flaw to cause Tomcat to use an excessive amount of CPU time by sending an HTTP request with a large number of parameters whose names map to the same hash value. This update introduces a limit on the number of parameters processed per request to mitigate this issue. The default limit is 512 for parameters and 128 for headers. These defaults can be changed by setting the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties. (CVE-2011-4858) It was found that Tomcat did not handle large numbers of parameters and large parameter values efficiently. A remote attacker could make Tomcat use an excessive amount of CPU time by sending an HTTP request containing a large number of parameters or large parameter values. This update introduces limits on the number of parameters and headers processed per request to address this issue. Refer to the CVE-2011-4858 description for information about the org.apache.tomcat.util.http.Parameters.MAX_COUNT and org.apache.tomcat.util.http.MimeHeaders.MAX_COUNT system properties. (CVE-2012-0022) Tomcat must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6tomcat6-webapps-6.0.24-36.el6_2.noarch.rpm807b3d0a445458e888ff906c3b03eee4b50c11323aa77206348ce1d84c81803ftomcat6-lib-6.0.24-36.el6_2.noarch.rpm247b3ef0c18e4839a25c3013aea6f03055eb009197c4c04ee08a858331cc4d34tomcat6-6.0.24-36.el6_2.noarch.rpm5daedc8b4fbf151669a58b0db6c876ea61fba35cda12ba9665e473f0fb88f295tomcat6-javadoc-6.0.24-36.el6_2.noarch.rpm82aeaa5580371e9820bd790682b6c45087e16d29ca41cde68a20a6ffbc976877tomcat6-docs-webapp-6.0.24-36.el6_2.noarch.rpmdabae7999b3513c945861eba6c7ef087b75fa483d9545b9ddd224777350adfaftomcat6-jsp-2.1-api-6.0.24-36.el6_2.noarch.rpm512f763aac700a54c922d7ad57f516c0ae0a6a1fdeb1b62114e224b37b6ce07ctomcat6-admin-webapps-6.0.24-36.el6_2.noarch.rpm14fb485a71f593cccd18477212b0cce91f2cec2058566d68800bccd19a541bf6tomcat6-servlet-2.5-api-6.0.24-36.el6_2.noarch.rpm20dc2bc9ecdb4a348461d8e774f3fa63bacfd4bbce7ec4a4c3623d1e5105fe4atomcat6-el-2.1-api-6.0.24-36.el6_2.noarch.rpma9730128844afdded3b3f07fa7702ac89a28ac070b62b666ebf9c32f2d8c7898SLSA-2012:0481-1This update fixes the following security issues: * Numerous reference count leaks were found in the Linux kernel's block layer I/O context handling implementation. This could allow a local, unprivileged user to cause a denial of service. (CVE-2012-0879, Moderate) * A flaw was found in the Linux kernel's cifs_lookup() implementation. POSIX open during lookup should only be supported for regular files. When non-regular files (for example, a named (FIFO) pipe or other special files) are opened on lookup, it could cause a denial of service. (CVE-2012-1090, Moderate) * It was found that the Linux kernel's register set (regset) common infrastructure implementation did not check if the required get and set handlers were initialized. A local, unprivileged user could use this flaw to cause a denial of service by performing a register set operation with a ptrace() PTRACE_SETREGSET or PTRACE_GETREGSET request. (CVE-2012-1097, Moderate) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-doc-2.6.32-220.13.1.el6.noarch.rpm8bd9cde49ade6e7118126346d8786f123eb37b668d5290ece976637a54372ae1python-perf-2.6.32-220.13.1.el6.i686.rpm31c7fa3a20481ae64ce89f908644e1e1e3d9aa725f25cd3c5b7667575237dd70kernel-firmware-2.6.32-220.13.1.el6.noarch.rpm2e603848d906c40109a24e75545e5f6c0a67319e2ec3d2e428197576e043e62bkernel-debug-devel-2.6.32-220.13.1.el6.i686.rpm8861deb749fd9892bf7055178c3629ca430d95ddf787a588a6f45fc5d7023b7ekernel-debug-2.6.32-220.13.1.el6.i686.rpm85303959c12671d42dc8ccde0dee1a09f2958507ad15d0fb0675ea82791012e9perf-2.6.32-220.13.1.el6.i686.rpm5e033cacb965b2cdd318943bd1cfad0c4d08a5d274f3d39c48ac2b2982f0e086kernel-devel-2.6.32-220.13.1.el6.i686.rpm00d8c2e59cc10199bc9644c56685e6c6af6bd9182e8d44e7841a957697a3223ckernel-2.6.32-220.13.1.el6.i686.rpm68313a27a8734e96c4fa66734e300765ffb9c976305c2b9e903a54ecbd0b11efkernel-headers-2.6.32-220.13.1.el6.i686.rpm246184ac35106e028fedaec052fa40d9fb489b5c0824c42b4e93f76438dfb10eSLSA-2012:0509-1Several flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2011-1590, CVE-2011-4102, CVE-2012-1595) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2011-1143, CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175, CVE-2011-2597, CVE-2011-2698, CVE-2012-0041, CVE-2012-0042, CVE-2012-0067, CVE-2012-0066) All running instances of Wireshark must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6wireshark-devel-1.2.15-2.el6_2.1.i686.rpm5c1239d81991f0e3f1fe7243fa3ece9fbac384f7cd10b4685996e2dfb3e59622wireshark-gnome-1.2.15-2.el6_2.1.i686.rpm9cbf15bdf0ae32a6c86cd0b24871b0c0922a1ce17324efea389bdb0c3e71b33ewireshark-1.2.15-2.el6_2.1.i686.rpm821f4f98c015844d1ac65690ae399451e3cac2d85259d6f00be933f413629620SLSA-2012:0515-1A flaw was found in Sanitiser for OpenType (OTS), used by Firefox to help prevent potential exploits in malformed OpenType fonts. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-3062) A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0467, CVE-2012-0468, CVE-2012-0469) A web page containing a malicious Scalable Vector Graphics (SVG) image file could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0470) A flaw was found in the way Firefox used its embedded Cairo library to render certain fonts. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0472) A flaw was found in the way Firefox rendered certain images using WebGL. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-0478) A cross-site scripting (XSS) flaw was found in the way Firefox handled certain multibyte character sets. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-0471) A flaw was found in the way Firefox rendered certain graphics using WebGL. A web page containing malicious content could cause Firefox to crash. (CVE-2012-0473) A flaw in Firefox allowed the address bar to display a different website than the one the user was visiting. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site, or allowing scripts to be loaded from the attacker's site, possibly leading to cross-site scripting (XSS) attacks. (CVE-2012-0474) A flaw was found in the way Firefox decoded the ISO-2022-KR and ISO-2022-CN character sets. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-0477) A flaw was found in the way Firefox handled RSS and Atom feeds. Invalid RSS or Atom content loaded over HTTPS caused Firefox to display the address of said content in the location bar, but not the content in the main window. The previous content continued to be displayed. An attacker could use this flaw to perform phishing attacks, or trick users into thinking they are visiting the site reported by the location bar, when the page is actually content controlled by an attacker. (CVE-2012-0479)criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-devel-10.0.4-1.el6_2.i686.rpm5144a079c0d3f1e221bc96de94e50bf797342bc3c8a843786c19a79d323d767ffirefox-10.0.4-1.el6_2.i686.rpm86a2700b8472f4c863d88de7aa6913e895cbd6334de544196189bcce63ae3772xulrunner-10.0.4-1.el6_2.i686.rpm5a3363b8044d8e9442515adebaea551e57e07aa453b9b57d4c1675ddff910e86SLSA-2012:0516-1A flaw was found in Sanitiser for OpenType (OTS), used by Thunderbird to help prevent potential exploits in malformed OpenType fonts. Malicious content could cause Thunderbird to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-3062) Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0467, CVE-2012-0468, CVE-2012-0469) Content containing a malicious Scalable Vector Graphics (SVG) image file could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0470) A flaw was found in the way Thunderbird used its embedded Cairo library to render certain fonts. Malicious content could cause Thunderbird to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0472) A flaw was found in the way Thunderbird rendered certain images using WebGL. Malicious content could cause Thunderbird to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-0478) A cross-site scripting (XSS) flaw was found in the way Thunderbird handled certain multibyte character sets. Malicious content could cause Thunderbird to run JavaScript code with the permissions of different content. (CVE-2012-0471) A flaw was found in the way Thunderbird rendered certain graphics using WebGL. Malicious content could cause Thunderbird to crash. (CVE-2012-0473) A flaw in the built-in feed reader in Thunderbird allowed the Website field to display the address of different content than the content the user was visiting. An attacker could use this flaw to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site, or allowing scripts to be loaded from the attacker's site, possibly leading to cross-site scripting (XSS) attacks. (CVE-2012-0474) A flaw was found in the way Thunderbird decoded the ISO-2022-KR and ISO-2022-CN character sets. Malicious content could cause Thunderbird to run JavaScript code with the permissions of different content. (CVE-2012-0477) A flaw was found in the way the built-in feed reader in Thunderbird handled RSS and Atom feeds. Invalid RSS or Atom content loaded over HTTPS caused Thunderbird to display the address of said content, but not the content. The previous content continued to be displayed. An attacker could use this flaw to perform phishing attacks, or trick users into thinking they are visiting the site reported by the Website field, when the page is actually content controlled by an attacker. (CVE-2012-0479) Note: All issues except CVE-2012-0470, CVE-2012-0472, and CVE-2011-3062 cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. It could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-10.0.4-1.el6_2.i686.rpmd5e4e84009bda3d8602d307e6e2cba9d0b2f787211357c91203aa30681984f3aSLSA-2012:0518-1Multiple numeric conversion errors, leading to a buffer overflow, were found in the way OpenSSL parsed ASN.1 (Abstract Syntax Notation One) data from BIO (OpenSSL's I/O abstraction) inputs. Specially-crafted DER (Distinguished Encoding Rules) encoded data read from a file or other BIO input could cause an application using the OpenSSL library to crash or, potentially, execute arbitrary code. (CVE-2012-2110) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.importantScientific Linux FermitruetrueScientific Linux Fermi 6openssl098e-0.9.8e-17.el6_2.2.i686.rpmfe881efdb6a1b57d87db95646a764516f18a98fe9af76ff067acd1d5f9fd58ffopenssl-1.0.0-20.el6_2.4.i686.rpm4d5c12646443cafa7d49facd7a8591a6f5ee27b9951344bc7731968c341257aeopenssl-perl-1.0.0-20.el6_2.4.i686.rpm44bc9d4a42e4e6a7b463ec2f57e3282a9d16e2beea3da4d04ed3f39fd48ddb63openssl-static-1.0.0-20.el6_2.4.i686.rpm0d270d854353fe2fd8c1446c98951be8bad1054318ed673c1add868d7375a8d7openssl-devel-1.0.0-20.el6_2.4.i686.rpm7992a4f12106d24c6e8dfc289a5f63bd3a76a074a7eb520fe8faa780aa04ef85SLSA-2012:0523-1A heap-based buffer overflow flaw was found in the way libpng processed tEXt chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3048) For Scientific Linux 5, they contain a backported patch. For Scientific Linux 6, they upgrade libpng to version 1.2.49. All running applications using libpng must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libpng-devel-1.2.49-1.el6_2.i686.rpmeae45b8a3a7ab44d6fd5385b5d53e9a61869646165df714c4d192ecf0fde3730libpng-1.2.49-1.el6_2.i686.rpm57ab1c285659df15a9708f6003688f1e8dbb6ab07241a3dc348f8c537a779341libpng-static-1.2.49-1.el6_2.i686.rpm2051bcb95d3ffe930f7111b9169ed8b5c56cf90893a5e761e5c3c91a4cff3056SLSA-2012:0533-1A flaw was found in the way Samba handled certain Local Security Authority (LSA) Remote Procedure Calls (RPC). An authenticated user could use this flaw to issue an RPC call that would modify the privileges database on the Samba server, allowing them to steal the ownership of files and directories that are being shared by the Samba server, and create, delete, and modify user accounts, as well as other Samba server administration tasks. (CVE-2012-2111) After installing this update, the smb service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6samba-doc-3.5.10-116.el6_2.i686.rpm598004aa7a93c29d0c073c9a38fc18e51a4b51097dc23483ff5ad56eb66c8764samba-winbind-clients-3.5.10-116.el6_2.i686.rpmcbbeb84a70d6745a4b217cd99bfe2429a6ca94a63b232a0413d3991a68a014c8samba-domainjoin-gui-3.5.10-116.el6_2.i686.rpm455706dcbea050fc078106930ae8843429411c268d4c91819213a88528cb19e8samba-winbind-krb5-locator-3.5.10-116.el6_2.i686.rpme7f0736acda47869ad8c302e44ff0183d3c451ab92375cdc95fb06befc57cf9bsamba-common-3.5.10-116.el6_2.i686.rpm7aa0f8e613ed19f28e3d5fa9402eb735d9b6940e07620207240d01afaf2e97delibsmbclient-3.5.10-116.el6_2.i686.rpmbe7fa4d7dcc64b8dd07f204cf4d0cf4969414d0b4fcff0a317e7c114828b52c5samba-client-3.5.10-116.el6_2.i686.rpm5f564542ad5997729d3863abef43e3aa944a947ea0baa7a8d1b3d1c6dbe1372fsamba-winbind-devel-3.5.10-116.el6_2.i686.rpmbe6763da300c859a0bb0b469260500fd9fe674b100d27c88ce0a2d15ee4c9feesamba-3.5.10-116.el6_2.i686.rpm4c3b6849fb73fd1e8994591e29717b15e5bfe399e5cc59eaeb2ab1efab80d020libsmbclient-devel-3.5.10-116.el6_2.i686.rpmc290c7541698274202bba51b11ce239c2b413a5f701c2779d44596fb1670f048samba-winbind-3.5.10-116.el6_2.i686.rpm6046da60bb79826dc218577f981732816dcc7d37cc4597438cc57f6270ca923dsamba-swat-3.5.10-116.el6_2.i686.rpm198ba794ce05d0e6cf4f12584b5ca27f4b52fddb0f2da8c4ea79d2a7ccb44bbaSLSA-2012:0544-1A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format (Exif) metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code. (CVE-2012-0247) A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop. (CVE-2012-0248) It was found that ImageMagick utilities tried to load ImageMagick configuration files from the current working directory. If a user ran an ImageMagick utility in an attacker-controlled directory containing a specially-crafted ImageMagick configuration file, it could cause the utility to execute arbitrary code. (CVE-2010-4167) An integer overflow flaw was found in the way ImageMagick processed certain Exif tags with a large components count. An attacker could create a specially- crafted image file that, when opened by a victim, could cause ImageMagick to access invalid memory and crash. (CVE-2012-0259) A denial of service flaw was found in the way ImageMagick decoded certain JPEG images. A remote attacker could provide a JPEG image with specially-crafted sequences of RST0 up to RST7 restart markers (used to indicate the input stream to be corrupted), which once processed by ImageMagick, would cause it to consume excessive amounts of memory and CPU time. (CVE-2012-0260) An out-of-bounds buffer read flaw was found in the way ImageMagick processed certain TIFF image files. A remote attacker could provide a TIFF image with a specially-crafted Exif IFD value (the set of tags for recording Exif-specific attribute information), which once opened by ImageMagick, would cause it to crash. (CVE-2012-1798) All running instances of ImageMagick must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6ImageMagick-perl-6.5.4.7-6.el6_2.i686.rpm9d885d717372e8ad3022bc553aa4eaafd9c9ffa56ad6b99cd0f402ecbcd93cbfImageMagick-c++-6.5.4.7-6.el6_2.i686.rpm3ce7ecf2adf9b03544e38a6cee1f877d79677ae01403a69d250c174b8cb8acbdImageMagick-doc-6.5.4.7-6.el6_2.i686.rpm139a24b419a137a6bac095f181b671dfc664144c5806e08d51b1989cea972597ImageMagick-devel-6.5.4.7-6.el6_2.i686.rpm9dca89055d7808c85ade67b5ec1a00f978e8caba40b2dcbb1078351b8a7da264ImageMagick-c++-devel-6.5.4.7-6.el6_2.i686.rpmba489c49ea184883b483798e126b771a9e6c0811df1c1706359e7a1246ffb9f2ImageMagick-6.5.4.7-6.el6_2.i686.rpm498cf9d1069a88d4b312fa4f465ef992b93f6f08c7a3681bef59a9f2661a242cSLSA-2012:0546-1A flaw was found in the way the php-cgi executable processed command line arguments when running in CGI mode. A remote attacker could send a specially- crafted request to a PHP script that would result in the query string being parsed by php-cgi as command line options and arguments. This could lead to the disclosure of the script's source code or arbitrary code execution with the privileges of the PHP interpreter. (CVE-2012-1823) We are aware that a public exploit for this issue is available that allows remote code execution in affected PHP CGI configurations. This flaw does not affect the default configuration in Scientific Linux 5 and 6 using the PHP module for Apache httpd to handle PHP scripts. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6php-tidy-5.3.3-3.el6_2.8.i686.rpm757670a4f86594903a0e1f7338bcc687028a43d7104910e5b40e2e8f6aec6ad6php-snmp-5.3.3-3.el6_2.8.i686.rpm8920ec9bad519a59031848446374cda0f6cde5e7aa4a2d90ad6fc32be0401379php-enchant-5.3.3-3.el6_2.8.i686.rpm92a421145b2f0bbd5113861f5552b929d597a24736f3daa1ab6f760daccb3887php-xmlrpc-5.3.3-3.el6_2.8.i686.rpmb7398c6eb732684d333917702867e66307fd93ef2f37326aacd69281a77edc45php-odbc-5.3.3-3.el6_2.8.i686.rpm7301aa879e84825c12799cc3abf530d840b43747226957ab36b71a742404ac4dphp-intl-5.3.3-3.el6_2.8.i686.rpm032f44acfb0db09f48b32a34a900e5cbfb695dd0cb791493940d7f50ded65e02php-pdo-5.3.3-3.el6_2.8.i686.rpme35b93f84d45574485d83a5600bc8824d9b9f07040ecf4506ab89dd246bc67a0php-mysql-5.3.3-3.el6_2.8.i686.rpmfbaaced8fe8c4ecff4cc69add010dff5a451c1be612dc36e16034cb943ec56f6php-5.3.3-3.el6_2.8.i686.rpm737506c4853c956535a60ff5f331a4c434e0afd96964e6fe9e11380cc84bcb2ephp-process-5.3.3-3.el6_2.8.i686.rpm25b68d9e351ad5466909dc24627159efb64a2c4cbba522c4c6d301c7d4310f93php-xml-5.3.3-3.el6_2.8.i686.rpm8cd1eba4337495ddd9ffc6791f122456a50538bdb61ac04d8dce1dd8fb8ec957php-devel-5.3.3-3.el6_2.8.i686.rpm5257d2796a69b855b1c37bc5a872030945461ca5a099738dfd75060a2adda883php-bcmath-5.3.3-3.el6_2.8.i686.rpm843d5516d434807ebd0ac71d3c5621bc71496a212b5ce83dff7e74b9e3fcc60ephp-imap-5.3.3-3.el6_2.8.i686.rpm7db3ae786c5de777862cc79a83ae1f371458bf9470219c7f1cc37285a6cedd52php-recode-5.3.3-3.el6_2.8.i686.rpmad959a1f0bb91f042d0f03bb4c0b5cfa67336eb20968c030b921d90247dfc36cphp-soap-5.3.3-3.el6_2.8.i686.rpmcf7a93abba88cb9933ac26f32c573e1f4cc8bd23705f2aaabaa75268d1965c69php-embedded-5.3.3-3.el6_2.8.i686.rpma5589002f2126d7cd6673e99f247b9f637fe28d246312ad63b55946c3e98c5dephp-common-5.3.3-3.el6_2.8.i686.rpm72acc4fce131358efd3f9f6bbfffb89e173d7c7a115f2d865d46f30e3734135fphp-gd-5.3.3-3.el6_2.8.i686.rpmaefff72a5293d0a4e834b601bdbbc855dfa30da68ef2e6cd66afe50135198e53php-ldap-5.3.3-3.el6_2.8.i686.rpm55ea24cd67006fca7451ff90592e7ab8e1390d24d9d22c1296fce292ae56c238php-pspell-5.3.3-3.el6_2.8.i686.rpm5a215fd7354e22b0bfac11e65478b3cbbdf59a30cf93ac61828194d2656c3242php-dba-5.3.3-3.el6_2.8.i686.rpm0088c30c49246b7d2eb7e6e4a56465816dd2597d8b108ae92410b3473423b3e2php-cli-5.3.3-3.el6_2.8.i686.rpm70fe8328d21e876f4ea11a8e15af526b44699d884fae4b56841ebafb92ebf4c2php-zts-5.3.3-3.el6_2.8.i686.rpm7b3e340f3a9b27c1e6c62484307160eaead290db2b38bbab08dd7d981a477f7dphp-pgsql-5.3.3-3.el6_2.8.i686.rpmd76fd295c2fd9190e6a7bb6c4c7ec286f7309b82d28f3ebec83da34307a5a94dphp-mbstring-5.3.3-3.el6_2.8.i686.rpmf153a0d7e9ddc28f3fa1b6c74dd64f1e1ee584735acee163f8b6cb0317111a6aSLSA-2012:0571-1This update fixes the following security issues: * A flaw was found in the way the Linux kernel's journal_unmap_buffer() function handled buffer head states. On systems that have an ext4 file system with a journal mounted, a local, unprivileged user could use this flaw to cause a denial of service. (CVE-2011-4086, Moderate) * A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled. Calling this ioctl when at least one virtual CPU (VCPU) already existed could lead to a NULL pointer dereference later when the VCPU is scheduled to run. A local, unprivileged user on a KVM host could use this flaw to crash the host. (CVE-2012-1601, Moderate) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-devel-2.6.32-220.17.1.el6.i686.rpm139569b58d55f938ad5c272633ee399a130df377dcc36b08ed15c8379c405813kernel-firmware-2.6.32-220.17.1.el6.noarch.rpmd1c713f29910c38b274acdbc1a371dc538fcb0f0474d68b3c4d5e7f0af39e635perf-2.6.32-220.17.1.el6.i686.rpmbb716459b7e8ead4c12c851792823768bb379375ac7ab0c2ea6d0c2d87f4b5a0kernel-2.6.32-220.17.1.el6.i686.rpm050b98efe4be7110c912809471f6241ead84c30b0972efcb8d89771561922233kernel-devel-2.6.32-220.17.1.el6.i686.rpmcba955481cef5a7cf4a75915d58468659b9e036a50f65402b93d16a02c53c71cpython-perf-2.6.32-220.17.1.el6.i686.rpm8ef3fd71812a9800121460f25f7a594957138d828eb3d615880b0f0e4c1629ffkernel-debug-2.6.32-220.17.1.el6.i686.rpmb09ff390463ac9a0f8ea17b3142c561dc4ec13253cbe00d9657fc469b0a13b94kernel-headers-2.6.32-220.17.1.el6.i686.rpm876b0f69524262d5e50aaf78b42a37ff8c3c1101e4e483438e931b3a3834f3d7kernel-doc-2.6.32-220.17.1.el6.noarch.rpm49b3d502c9bf227f2bd3e9f7c49e4c9e2c3d35a1297798469749488ede1c9cacSLSA-2012:0678-1The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by an SQL command. This SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation. (CVE-2012-0868) When configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name. (CVE-2012-0867) CREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing. (CVE-2012-0866) These updated packages upgrade PostgreSQL to version 8.4.11, which fixes these issues as well as several data-corruption issues and lesser non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release.html If the postgresql service is running, it will be automatically restarted after installing this update.moderateScientific Linux FermiScientific Linux Fermi 6postgresql-docs-8.4.11-1.el6_2.i686.rpm21cc75b1e1bcaac991ac499fb8293c12370a405638787c94a13a375043ec8945postgresql-plpython-8.4.11-1.el6_2.i686.rpm5315e25eb0b794104af768200d6207e54bbb44b26d1b3365671d2c5878c84552postgresql-libs-8.4.11-1.el6_2.i686.rpmf93347d2e10de18e85397691feed89a9614098e0ad2874145138caecfaa10b68postgresql-8.4.11-1.el6_2.i686.rpmb961cfaff161cfd1e3528af27d6e2059038fe77afa368834932dc13fd4bf1770postgresql-devel-8.4.11-1.el6_2.i686.rpm88788c06755962a3ae5bd11e80d0d5effd6b64674c1f5764458ee24fd185f692postgresql-test-8.4.11-1.el6_2.i686.rpm411ded25bc98f97bafe45348d5eebf0baccf36e6c3c9eb248eb34aa9ac5022d1postgresql-contrib-8.4.11-1.el6_2.i686.rpma2bd247066cf68e6be9439075c13191600881c95e70845dde9e7484449521b92postgresql-plperl-8.4.11-1.el6_2.i686.rpm89acd54a2027793ce201ef77a9cf5d614eca928e3a2e6e745fdb68e869762d4apostgresql-pltcl-8.4.11-1.el6_2.i686.rpmce3af8558cd6a288d45f95025a6e0dba0fa8dd7212c621d35be2e348f4ed2335postgresql-server-8.4.11-1.el6_2.i686.rpm9135f4d7ed5b12cda4fc0a376c35373fd6ccdfc7df4fae54eab0c62d51de8b7eSLSA-2012:0683-1A flaw was found in the way bind-dyndb-ldap handled LDAP query errors. If a remote attacker were able to send DNS queries to a named server that is configured to use bind-dyndb-ldap, they could trigger such an error with a DNS query leveraging bind-dyndb-ldap's insufficient escaping of the LDAP base DN (distinguished name). This would result in an invalid LDAP query that named would retry in a loop, preventing it from responding to other DNS queries. With this update, bind-dyndb-ldap only attempts to retry one time when an LDAP search returns an unexpected error. (CVE-2012-2134) For the update to take effect, the named service must be restarted.importantScientific Linux FermitrueScientific Linux Fermi 6bind-dyndb-ldap-0.2.0-7.el6_2.1.i686.rpm0c3f480ed9e5cc757b8363f3c3231ecd012c603d7a447fb893813aa8a93313eeSLSA-2012:0699-1An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled DTLS (Datagram Transport Layer Security) application data record lengths when using a block cipher in CBC (cipher-block chaining) mode. A malicious DTLS client or server could use this flaw to crash its DTLS connection peer. (CVE-2012-2333) On Scientific Linux 6, this update also fixes an uninitialized variable use bug, introduced by the fix for CVE-2012-0884 (released via SLSA-2012:0426). This bug could possibly cause an attempt to create an encrypted message in the CMS (Cryptographic Message Syntax) format to fail. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6openssl-devel-1.0.0-20.el6_2.5.i686.rpmc9e5af2d55347e059bfaacc289ff901e444d44e02f874ffe0d5f09d18eb7c63eopenssl-perl-1.0.0-20.el6_2.5.i686.rpm1b3c7cc62cd51f301b8496559c5f36838b51ffb72e82c6bab26bf325232a5981openssl-static-1.0.0-20.el6_2.5.i686.rpm8cd33f84a30f6d6100c8134b9e7b66c3ffe79a586518b3707fcaef9256b9de1bopenssl-1.0.0-20.el6_2.5.i686.rpm9c999b0ce2083e0e43cffa33d53a50ec7af9aeae3ae637cfd5068d07ef2b6de5SLSA-2012:0705-1An integer overflow flaw, leading to a buffer overflow, was found in the way OpenOffice.org processed an invalid Escher graphics records length in Microsoft Office PowerPoint documents. An attacker could provide a specially-crafted Microsoft Office PowerPoint document that, when opened, would cause OpenOffice.org to crash or, potentially, execute arbitrary code with the privileges of the user running OpenOffice.org. (CVE-2012-2334) Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the JPEG, PNG, and BMP image file reader implementations in OpenOffice.org. An attacker could provide a specially-crafted JPEG, PNG, or BMP image file that, when opened in an OpenOffice.org application, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-1149) Upstream acknowledges Sven Jacobi as the original reporter of CVE-2012-2334, and Tielei Wang via Secunia SVCRP as the original reporter of CVE-2012-1149. All running instances of OpenOffice.org applications must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6autocorr-nl-3.2.1-19.6.el6_2.7.noarch.rpm69df0ad811dd0539a8dbe936bebe6cf4490c2953670bf0853b39b290cc46319eopenoffice.org-langpack-ca_ES-3.2.1-19.6.el6_2.7.i686.rpm175390b72cfc3535b56156b20ccb262585b5c1e7c9a68984f81fd023d53e7a63openoffice.org-ogltrans-3.2.1-19.6.el6_2.7.i686.rpmb7709e7beb5b77891fd57e08c9b9f374a2a44afea8621483314f13771a40183eopenoffice.org-devel-3.2.1-19.6.el6_2.7.i686.rpm89ad3058509efe07cd52f7c7fd3a082c1840c3528e73e2fb1df572f894141a59openoffice.org-langpack-it-3.2.1-19.6.el6_2.7.i686.rpm84fb8b117aea42ad47c5afb32b4c39c1e8d73e4674f709125d4b2f1f24aad524openoffice.org-langpack-nr_ZA-3.2.1-19.6.el6_2.7.i686.rpm44753c32de74ae968fd37f965f94099512462238a7a3d020510e81db963815f3openoffice.org-langpack-pl_PL-3.2.1-19.6.el6_2.7.i686.rpm8a210959b6e28258c7c6f24db272faec9c6683c5bb72f044f397ac439e8c2753openoffice.org-xsltfilter-3.2.1-19.6.el6_2.7.i686.rpmbb7b0f7bf1ca1a5aaf778112baba0e6bead9dd64465e35770b7b3030755b08e6openoffice.org-headless-3.2.1-19.6.el6_2.7.i686.rpm1efddb809e684f863f03f424359312b8210ea8ffb4cbb8d1d8c7028a23b503eaopenoffice.org-langpack-bg_BG-3.2.1-19.6.el6_2.7.i686.rpmdc1b7bf9f05574be15a3f7b5083bb491349b73ea1a8fc99d65087f8b7fcdd19fopenoffice.org-langpack-kn_IN-3.2.1-19.6.el6_2.7.i686.rpmf94d6c03caa05430bd7b770849e0a540506c5ef76ec52d57b102a814daec1d80openoffice.org-core-3.2.1-19.6.el6_2.7.i686.rpm4aac96ed62b4c0260de7e0eae11c2eefa92c8e8dc754a9a26164501ddcf10806openoffice.org-writer-core-3.2.1-19.6.el6_2.7.i686.rpmc6dbdbb8d54f92bd85d9baf9bae0178430eef2a6a251619fdcbacebe1001f64fautocorr-cs-3.2.1-19.6.el6_2.7.noarch.rpmb5efad14f69b35981e1eba0603bb590f1125d464ec221c9cc1657e3789115b73openoffice.org-sdk-doc-3.2.1-19.6.el6_2.7.i686.rpm79ebcfe2220cf7af70cf433e0b3e6885449cf8a7916d97947200fb47e00c0d7aopenoffice.org-langpack-es-3.2.1-19.6.el6_2.7.i686.rpmdbf5c6870b09b81d129a3d57d6a701cbe636a23c33b6525ce27f06ab0be290d9openoffice.org-brand-3.2.1-19.6.el6_2.7.i686.rpm1e1a356f75bf6e19275d5f5857957c35db624af0a456fb267365a94f78fc266cautocorr-lb-3.2.1-19.6.el6_2.7.noarch.rpm4c3f5e8e6976d2f7c57542a1573d09bbc3282cf065ed83c610ff726a11e87f62openoffice.org-langpack-ts_ZA-3.2.1-19.6.el6_2.7.i686.rpm0b8180a29da358e7c692b8aa3dbe47ab490ef5b209ed6d593c05303e00d4898eopenoffice.org-langpack-zh_TW-3.2.1-19.6.el6_2.7.i686.rpm447bb5b1587e91bf8a08ce4e3165107feafdbbe84c8ae53cee13f2860c7e383bopenoffice.org-draw-core-3.2.1-19.6.el6_2.7.i686.rpm1300d8566140cbe068090b25dad1131ff88eeb2508e0dc77c863d359247a5e55openoffice.org-langpack-ro-3.2.1-19.6.el6_2.7.i686.rpm9603d92a27ad7c635aa660a5a57c6adc43980811810b4363840a504dec99ca13openoffice.org-langpack-pt_PT-3.2.1-19.6.el6_2.7.i686.rpm0d1ca6e5049540552cc4dcca6658230bb1df5f5200a6aead93561b65ec81cfdeopenoffice.org-langpack-pa-3.2.1-19.6.el6_2.7.i686.rpm23542548d19a5557c2d05f0a3362c7e063544bb430031dbfb21bb92dcff455abautocorr-da-3.2.1-19.6.el6_2.7.noarch.rpm3cf6e3dc4ca3e93433ca476b01d9461ebe054ea08bce8ec2912c2d09ffd38799openoffice.org-langpack-lt_LT-3.2.1-19.6.el6_2.7.i686.rpm22ca145dc80fe99a6dbdec9ed7e80514bb2c544b90a77e627677316c9b6df26bopenoffice.org-math-core-3.2.1-19.6.el6_2.7.i686.rpmff4c748734f203de030db59940b4fa600b6c7bbe447a4b1f103312cccecea91eopenoffice.org-writer-3.2.1-19.6.el6_2.7.i686.rpm69faed3167ebb1d9863d6b2f2a213e324917c1e7ee2f170996a17ef2fef5adf6openoffice.org-langpack-eu_ES-3.2.1-19.6.el6_2.7.i686.rpmb1aa50d3cce24ca90177c7ba54e71170e54e5cec3f629c0c12119e0489ce4b10autocorr-sk-3.2.1-19.6.el6_2.7.noarch.rpm3b969568c0c3e0ff8557e2ce729e1c02b5e8c1d1eed46d8e6ba8ef0f80db4309autocorr-fr-3.2.1-19.6.el6_2.7.noarch.rpm96b26d3a2908f3186faede9f8e742179806a08f06dc329d38438594bc7671ff2openoffice.org-langpack-ta_IN-3.2.1-19.6.el6_2.7.i686.rpm67d54f7ce5540e1dd0ee9ff9ccd2eaa9d09fba54904c761c8b02b0c896b69ef9openoffice.org-langpack-te_IN-3.2.1-19.6.el6_2.7.i686.rpm1cad917e3319f2e028857aeacc14aaa941a7b5a7c2139ad34ac943c27eeafd57autocorr-ga-3.2.1-19.6.el6_2.7.noarch.rpm758d4b4eb27c9894fc98f4a1ca9390e322d468b4ce13a898d9846b741dadb6ddautocorr-lt-3.2.1-19.6.el6_2.7.noarch.rpm8615c19127a2aa8870b16e72cf441567a67d27d533936b3d073d6367f8854caaopenoffice.org-langpack-el_GR-3.2.1-19.6.el6_2.7.i686.rpm707189633d2c2c8ee07668c94ee6ef20edd959976caa37ac7c51b7e51f91d4b6openoffice.org-langpack-ml_IN-3.2.1-19.6.el6_2.7.i686.rpm196c4bec9a04e6fbdc58cbc3d20ed1486285fb09d2a38e1ab8efd4572c9504c8openoffice.org-presenter-screen-3.2.1-19.6.el6_2.7.i686.rpm57cf8388a79cde643a40dff52bdc8b4e62a73539100d74c18ceba635de90d217autocorr-tr-3.2.1-19.6.el6_2.7.noarch.rpm879413fdea03564f2ce9a130fef4345544d0eb13354ef742e84fc8f8cb3d46dbopenoffice.org-base-3.2.1-19.6.el6_2.7.i686.rpm2b831148ad09a1f8d0e8f1e997c58513d34566ab5d7f7609fe24eabc9d66c1ddopenoffice.org-langpack-en-3.2.1-19.6.el6_2.7.i686.rpmbee833946b9e6a447ff55fe0fc85771a646d9d2f2e76441cc62692fb6f3c36e8autocorr-pt-3.2.1-19.6.el6_2.7.noarch.rpm1c12a044bbd12248112a660e79d886eb91205a192c86d3d56e4bdde1f628a4a2openoffice.org-langpack-ru-3.2.1-19.6.el6_2.7.i686.rpm33de4660981fbde2d54de5d1cae6b7a9790190024e87bb64a53dac2b5d5466e4openoffice.org-langpack-nso_ZA-3.2.1-19.6.el6_2.7.i686.rpm014489d0b7db9055349ecc8e4153a8be2863aeda8f5dd1f8d00bd5290fbdb6a6broffice.org-brand-3.2.1-19.6.el6_2.7.i686.rpm597da55e41d0d03b26c69c015b15fe50da82d3db5700bf429a26a3c417200e3eopenoffice.org-calc-core-3.2.1-19.6.el6_2.7.i686.rpm3c87208fa1a0c7e05b5c1e64facd0de8131989e1e5ad617d0f2b811bc922f25copenoffice.org-langpack-cs_CZ-3.2.1-19.6.el6_2.7.i686.rpm0421da06b6632f41b56aa0b2d42f1e6ed423ff3476f51eea040dd63cc8c06f7fautocorr-zh-3.2.1-19.6.el6_2.7.noarch.rpme20ebfa3b38da776910bfa94378620574a0d5bc49224b2d24fdce36ad5b13746openoffice.org-langpack-ar-3.2.1-19.6.el6_2.7.i686.rpm5f7122171d87bd480bc779874cfa19a108cdd3d795a276c52ac43a5eb62fd192openoffice.org-langpack-nl-3.2.1-19.6.el6_2.7.i686.rpm8f9210d44857f52c487afbd1e609433009107d8a019de22f3b08bc743c887843openoffice.org-langpack-ms_MY-3.2.1-19.6.el6_2.7.i686.rpm4f28dcdccdbefc235b9e162012214bb5dee7fc660e9b80ff7c749a03645f0363openoffice.org-langpack-gu_IN-3.2.1-19.6.el6_2.7.i686.rpm2fad6014b31683928116fb1a7977a28c54bc609e9e2fa070feaee4c988372b40openoffice.org-langpack-nn_NO-3.2.1-19.6.el6_2.7.i686.rpm299dd0c44768480be9ae291718d341b77f01c15cda7ed2650835b34e65a734e9openoffice.org-langpack-sl_SI-3.2.1-19.6.el6_2.7.i686.rpm6a27e5aa63435d9d355044f66e5425888174a537d758f183defd62597416e7b3openoffice.org-langpack-fr-3.2.1-19.6.el6_2.7.i686.rpm3f68c07e541f7a900fd4b096f7364876d11a0a8665ea78150f474a572dac7725broffice.org-base-3.2.1-19.6.el6_2.7.i686.rpm011f04f715ebc02a6f6de2e405426e561f9361d14727b4a24e56405e1126a65cautocorr-fa-3.2.1-19.6.el6_2.7.noarch.rpmfe0833d90a89afb1f70d123e46e48ae13f0a4187fdfcb92a082d91ba21d643c2openoffice.org-langpack-de-3.2.1-19.6.el6_2.7.i686.rpmb041b1dc43a907c075b666f3412f246e98e822aa649d74b818091c58114cbe52openoffice.org-calc-3.2.1-19.6.el6_2.7.i686.rpmc3092f40d4c5d6fd18c4c43ce878119b8c6d8e54aa0fe28f74d2fb1439f43508openoffice.org-langpack-gl_ES-3.2.1-19.6.el6_2.7.i686.rpmcf889f74f0a7bb8f5761c5d829484d4540845f7e3fd2ac2a8c82b74956d18a9bopenoffice.org-langpack-sv-3.2.1-19.6.el6_2.7.i686.rpm145468f9ce2ff4b24ffaaaa221ba9ed317c2af646570efc688d2bb1ba5a0efacautocorr-eu-3.2.1-19.6.el6_2.7.noarch.rpmcc101cabb23a6ffc2fb86b528d406502c07f39683b8e4dc1d82cfcfdaab960c3openoffice.org-langpack-hi_IN-3.2.1-19.6.el6_2.7.i686.rpm41cee505f4b5967b54224f45d7e29154e85098db8a01779201446906e8501d14autocorr-ru-3.2.1-19.6.el6_2.7.noarch.rpmf6b9557a36bc23e3418fef92e87a910bf18dd215f2f918e984d112793c31e97eopenoffice.org-langpack-st_ZA-3.2.1-19.6.el6_2.7.i686.rpmc0672f7d820f6063d2ca1f3fff2d49b8bf2ed9da907589816c36eb38159c3eceopenoffice.org-langpack-ve_ZA-3.2.1-19.6.el6_2.7.i686.rpm891f563e79ef31e05a7474ce88c96fa6d29584cc00e98908cfd2c7ca0057804bautocorr-it-3.2.1-19.6.el6_2.7.noarch.rpm387624b016e1f18685bf75022c09534145930527c740b1d329d02430f15a239aautocorr-bg-3.2.1-19.6.el6_2.7.noarch.rpm921e60af2814dacfb4ad8e58e4a0731a5f0c85e29577b8c2f9791b181d262944openoffice.org-pdfimport-3.2.1-19.6.el6_2.7.i686.rpm9238f4bf99de275c8481232456d45d77c334d246bc107c9edb54d5a026b85a5dopenoffice.org-presentation-minimizer-3.2.1-19.6.el6_2.7.i686.rpm5c3e7630eab51bd75f88483a84ebcf2e508d161e5f8efd89e56b88a3e5c149f3openoffice.org-graphicfilter-3.2.1-19.6.el6_2.7.i686.rpm52bba920ad0320b25d2503a17e50a9f3446dfea3de0ae4df184228908251008dopenoffice.org-langpack-cy_GB-3.2.1-19.6.el6_2.7.i686.rpmae62648f71dd3b38d61455f0949c1ea632fe1677871c73f93c313a92c895168ebroffice.org-math-3.2.1-19.6.el6_2.7.i686.rpmd11b2f3b2e4f382f843282a7ce7a07729b8d77a2d6f2c2504e62493ba6078e23broffice.org-writer-3.2.1-19.6.el6_2.7.i686.rpm49a15f7e6c1e5fbe50dc0099f696451a34a185d6af283bb980e1223d90b11384openoffice.org-langpack-fi_FI-3.2.1-19.6.el6_2.7.i686.rpmda811171980d0a8b0294b01139d9017092f5ad552029d8692a78c6c621f20e50openoffice.org-langpack-sk_SK-3.2.1-19.6.el6_2.7.i686.rpmf55990f545a1958b50c7b5e47c29860e14d7280ccf46a9f9412ffec4d53b16a7openoffice.org-langpack-hu_HU-3.2.1-19.6.el6_2.7.i686.rpmf02184924f3c3ebc26fafd2ddc76902a86f7d4f47a259a67e13b879eebe80b75openoffice.org-ure-3.2.1-19.6.el6_2.7.i686.rpm5671654d89ee825a106cd3a0ee4f13161d5b13447da717e778f19e54235088d9autocorr-ja-3.2.1-19.6.el6_2.7.noarch.rpm930824fc5081f9aadd16c4f8e6e374c73f70f466bd90c8f38a1106adc2c04b59autocorr-es-3.2.1-19.6.el6_2.7.noarch.rpm92318ec369ba88a488db6a1f9a280dedb266c2f6542b8178a56decb1451e7dfaopenoffice.org-langpack-mai_IN-3.2.1-19.6.el6_2.7.i686.rpmdf7286f70d0f1467b0a6ff8781cf703e91886e82f923778a4bbe4268cdf4681fopenoffice.org-bsh-3.2.1-19.6.el6_2.7.i686.rpm066b2047325e786b9ebd81f5fc54e23140a5bec60b90fe04e38a346adcdfb050openoffice.org-impress-core-3.2.1-19.6.el6_2.7.i686.rpm809a9e7d75862ff42012717006b47e0a9f87330f5426d6fdb50e007d55ed036eopenoffice.org-draw-3.2.1-19.6.el6_2.7.i686.rpmf9c2ee2d75831d2e57df8594b09b503971aa5b9a5f6a3053ae57563e7d2b89ceopenoffice.org-langpack-tn_ZA-3.2.1-19.6.el6_2.7.i686.rpm0e33417221d0cd86712442a460c5d19b8e48f04042fc329b9f4cb0e633ada11aopenoffice.org-base-core-3.2.1-19.6.el6_2.7.i686.rpm409a852cbb1477cea998e7064b47c99260681c72f721292048d93a22cf2a2de0broffice.org-calc-3.2.1-19.6.el6_2.7.i686.rpme7f9d5f32a8cc878ab045fb442b17bbbc692e49027f324176a270ecec3923728openoffice.org-javafilter-3.2.1-19.6.el6_2.7.i686.rpm9022c44ad713dd6f668cb21bfedd0f328f6aa60b4798f6ae9985a4a80ecf84f1openoffice.org-langpack-ko_KR-3.2.1-19.6.el6_2.7.i686.rpmfc81179e6f60ecd8d3e6d76a79b2bcd2ab002f576c1629a16f90d346d653081eautocorr-hu-3.2.1-19.6.el6_2.7.noarch.rpmb0f39402ee6e9a60258eee54816cb077789b07fd07b499489c7cd37144d3b420openoffice.org-opensymbol-fonts-3.2.1-19.6.el6_2.7.noarch.rpmd5e1f3bc1c58a4dbe3fe72e14eaac2a074a582cd7c0e1497bbbeba4bf45f4b8fautocorr-mn-3.2.1-19.6.el6_2.7.noarch.rpm8f66afdb462aec5d332f18f078b132f9a69abb9b59a6fbd0cb9846c5dacce8d0broffice.org-draw-3.2.1-19.6.el6_2.7.i686.rpmea1d380ceac0543a8b8b9d5de05ab2f827c6e450d5662cf1ec6c245c6a323bdfopenoffice.org-langpack-uk-3.2.1-19.6.el6_2.7.i686.rpm9882f03dfef5885dd1903cfe543bfaba8cd8dbf3413bb0f37aeca01802020c40openoffice.org-langpack-sr-3.2.1-19.6.el6_2.7.i686.rpm2156d51ab9a9b9fc955c4a16df43c26c82126f4df79c8cfe6e41211fc115e184openoffice.org-langpack-zu_ZA-3.2.1-19.6.el6_2.7.i686.rpmf73f1c9bc679226ede4d1f55e7f64e2a8f18848365196e905e4cc2e197109341openoffice.org-langpack-et_EE-3.2.1-19.6.el6_2.7.i686.rpm4b81a9636a20398bd2db94a7512b5499e9bebdb2d640a83bec4c9446e7000803openoffice.org-langpack-as_IN-3.2.1-19.6.el6_2.7.i686.rpm1b43e85bc3f2b31cdde333b2c93b0952e8bd030b2bebf3b357066cd2cb8d1524openoffice.org-langpack-zh_CN-3.2.1-19.6.el6_2.7.i686.rpm8a206f701118dbfadd2522539f49328ef0b3bbdd75cbb9e383e4271fb5378eeaopenoffice.org-langpack-nb_NO-3.2.1-19.6.el6_2.7.i686.rpm9489d7e6c439e9993d517e6def304f1c9e75b5f94ed6635799e296a83639fde0openoffice.org-rhino-3.2.1-19.6.el6_2.7.i686.rpme792bf47c02b7205c3289a0fb1a197521bfc2c2f62c29d6623c0cdaf77426df8openoffice.org-report-builder-3.2.1-19.6.el6_2.7.i686.rpmb36509f5ea619b2cb42d3921765324914773786de394f98cde52536f9ea60a4copenoffice.org-langpack-dz-3.2.1-19.6.el6_2.7.i686.rpm897489e5c07c5879444f87487c0feefef663e66a5d90c4952265f857fc90370aopenoffice.org-pyuno-3.2.1-19.6.el6_2.7.i686.rpm13d17b091b0c083a24cd25eb8469297753a3408d2844aa8bc8a2c672ab5111ceopenoffice.org-langpack-hr_HR-3.2.1-19.6.el6_2.7.i686.rpm7af7cc8b220a81b11a77955af2e97e980a25d1050274a1e92e488e67499a93c6openoffice.org-wiki-publisher-3.2.1-19.6.el6_2.7.i686.rpm707ede281417c86d31cfc18fd90080d31bc5871abae31024f93623fa4e0c9e71autocorr-af-3.2.1-19.6.el6_2.7.noarch.rpme545b84f0b5e23f858328b394285f5a3554efd11a73d3622afa3ec4c63ce05a5autocorr-fi-3.2.1-19.6.el6_2.7.noarch.rpmbe9ad56bb9d84959e4ffd219987e6348be8cc121178ccee835594d2041ccb779autocorr-en-3.2.1-19.6.el6_2.7.noarch.rpmc7e28b20f4a99f1a9dca8db207b7ecc529a908763f4de7e07e83adbe68a4be4dopenoffice.org-impress-3.2.1-19.6.el6_2.7.i686.rpm5e1c8c42b864610e9e0af140da6fe7b0759f22c0e7f0d4fa9dc029f4e208334aopenoffice.org-langpack-ga_IE-3.2.1-19.6.el6_2.7.i686.rpm417c514167a4468aea166c3cbd267e9aad27596fc28dd8462dd4638e3d7e6177autocorr-vi-3.2.1-19.6.el6_2.7.noarch.rpm9d024e042e1e8b53b6f3ed7533415cae55948986a9f1e39a1c37e3921e4b3369openoffice.org-langpack-xh_ZA-3.2.1-19.6.el6_2.7.i686.rpm0ccb65dd4e9584d1fbb8ea679532ab1b6fa5afac25b62be94a9786fdf77f03e5openoffice.org-langpack-da_DK-3.2.1-19.6.el6_2.7.i686.rpm4adeaa57e2e1168291dfa2e74248ecfc445bb5bf72b6777e65d24aa6a76b18e4openoffice.org-langpack-he_IL-3.2.1-19.6.el6_2.7.i686.rpm2bbf956c9c0ebd63c5809491b5c50b9089cf9978a1c43f700c480fab73f8816aopenoffice.org-langpack-mr_IN-3.2.1-19.6.el6_2.7.i686.rpmde4a5cda48f2fb09e3d2ffcc9c63d138582b0eb250862e58e2c9ab3b10d58373openoffice.org-sdk-3.2.1-19.6.el6_2.7.i686.rpm17dfe53926952375feb75dfd793c71e23d71bc31a2abf2b2658ac2c1f4e27abaopenoffice.org-langpack-ja_JP-3.2.1-19.6.el6_2.7.i686.rpm78881fb93418f0be2f0033c85432185e2b18d446ce1919be781514fd6020eb56openoffice.org-langpack-ur-3.2.1-19.6.el6_2.7.i686.rpm150e56a0847d48b9dcb5912910698633f3b0969ea347210ec610907f8d60a146openoffice.org-langpack-tr_TR-3.2.1-19.6.el6_2.7.i686.rpm50ffebda0a1d49dc2d3247aeb9e0d1827c2c93ba429aa2fd22702584176772a7openoffice.org-langpack-af_ZA-3.2.1-19.6.el6_2.7.i686.rpmc66e0e2af4437cbbf7598249846d85d084673996349fc49b495d1d7d598c4208openoffice.org-emailmerge-3.2.1-19.6.el6_2.7.i686.rpm5df1989a7e46ea98ef26673195b6b46ea91e53b0d0e9d0d5379d9c290e1bf2f4openoffice.org-langpack-bn-3.2.1-19.6.el6_2.7.i686.rpm70a0037c5dc9c559464c78f3633d145efb5ca888fe8a2c70f81ee35f52942c05autocorr-sv-3.2.1-19.6.el6_2.7.noarch.rpm1fb4b803b7ef486d38f6ee85b26487847dfbc4c6b508d821a7595042c4254786autocorr-de-3.2.1-19.6.el6_2.7.noarch.rpme847d51e614176347a8df65e21ed7482fd7bc8211d7a654316212c9c519b0cc9autocorr-pl-3.2.1-19.6.el6_2.7.noarch.rpm55fe61ee8ca4c45497fbfa516c2ba7973ce7594538d66919032817d7e631eaa8openoffice.org-langpack-ss_ZA-3.2.1-19.6.el6_2.7.i686.rpm3d7048c7a6ffd5ac0d05e12e8f47fd1a93c25376d88ca4639af510eef49c83dcopenoffice.org-langpack-th_TH-3.2.1-19.6.el6_2.7.i686.rpmf2ec555bfdf039944d0e1916ee3a91b2b36439f53761419634fe8275f1b5feebopenoffice.org-langpack-pt_BR-3.2.1-19.6.el6_2.7.i686.rpm56ac2fb1db3b8f4aaf149710cb0436bdf8ec7eac4ef1e55aaa4cfa501211978fopenoffice.org-testtools-3.2.1-19.6.el6_2.7.i686.rpm212ab15efebef87b92b242894f6bf5bc70c4390761a9195852285ae908e51c43autocorr-sl-3.2.1-19.6.el6_2.7.noarch.rpm2292a85f35144156cc3151eebcbca16831ca28eeb8293ede890b1d293664e6c7autocorr-ko-3.2.1-19.6.el6_2.7.noarch.rpmffb910e0b3534eac96b61e10dd57f74b876627d4814a958abc5a9d691b1059ebbroffice.org-impress-3.2.1-19.6.el6_2.7.i686.rpm9182fc3615b200cbb709c1caba82ab51cc3df44a24a90fcbe7d886a3d4fa6221openoffice.org-langpack-or_IN-3.2.1-19.6.el6_2.7.i686.rpmf932a9717ad453ef220cff3be2f1855e58ffd9445743484800217b7c2b2cfd7fopenoffice.org-math-3.2.1-19.6.el6_2.7.i686.rpm4051691b950fa53c9d499eeab59729651396454ea9a7d0967a1ad63c160ad28dSLSA-2012:0710-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2011-3101, CVE-2012-1937, CVE-2012-1938, CVE-2012-1939, CVE-2012-1940, CVE-2012-1941, CVE-2012-1946, CVE-2012-1947) Note: CVE-2011-3101 only affected users of certain NVIDIA display drivers with graphics cards that have hardware acceleration enabled. It was found that the Content Security Policy (CSP) implementation in Firefox no longer blocked Firefox inline event handlers. A remote attacker could use this flaw to possibly bypass a web application's intended restrictions, if that application relied on CSP to protect against flaws such as cross-site scripting (XSS). (CVE-2012-1944) If a web server hosted HTML files that are stored on a Microsoft Windows share, or a Samba share, loading such files with Firefox could result in Windows shortcut files (.lnk) in the same share also being loaded. An attacker could use this flaw to view the contents of local files and directories on the victim's system. This issue also affected users opening HTML files from Microsoft Windows shares, or Samba shares, that are mounted on their systems. (CVE-2012-1945) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-10.0.5-1.el6_2.i686.rpm0016d1cda6e1cc1ad370982f40458dc2316dd47dace38f0b0fe51247b5cbc9b9firefox-10.0.5-1.el6_2.i686.rpm62920ba1073f97fb9051a5896ad89462e494576e76b79838be2bbccc4e619ec8xulrunner-devel-10.0.5-1.el6_2.i686.rpm3f90e1c5f0338bd5c93d5b9750c455de725b3aef7794d944e8decf923425d5a7SLSA-2012:0715-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2011-3101, CVE-2012-1937, CVE-2012-1938, CVE-2012-1939, CVE-2012-1940, CVE-2012-1941, CVE-2012-1946, CVE-2012-1947) Note: CVE-2011-3101 only affected users of certain NVIDIA display drivers with graphics cards that have hardware acceleration enabled. It was found that the Content Security Policy (CSP) implementation in Thunderbird no longer blocked Thunderbird inline event handlers. Malicious content could possibly bypass intended restrictions if that content relied on CSP to protect against flaws such as cross-site scripting (XSS). (CVE-2012-1944) If a web server hosted content that is stored on a Microsoft Windows share, or a Samba share, loading such content with Thunderbird could result in Windows shortcut files (.lnk) in the same share also being loaded. An attacker could use this flaw to view the contents of local files and directories on the victim's system. This issue also affected users opening content from Microsoft Windows shares, or Samba shares, that are mounted on their systems. (CVE-2012-1945) Note: None of the issues in this advisory can be exploited by a specially- crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-10.0.5-2.el6_2.i686.rpm0484118b09c682776ee3f75d088cddce088e88e1ed5b207ea5efce586c4bd554SLSA-2012:0716-1A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially-crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory. (CVE-2012-1667) A flaw was found in the way BIND handled the updating of cached name server (NS) resource records. A malicious owner of a DNS domain could use this flaw to keep the domain resolvable by the BIND server even after the delegation was removed from the parent DNS zone. With this update, BIND limits the time-to- live of the replacement record to that of the time-to-live of the record being replaced. (CVE-2012-1033) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-libs-9.7.3-8.P3.el6_2.3.i686.rpme8fc196e8cd422b061c5a15fcc06331cd55c1c07918d00f82df4692a89a67ca6bind-devel-9.7.3-8.P3.el6_2.3.i686.rpmd5048859de77897d4dd1a509d0f5cbdd8e7881821817e90639f1244a102890a4bind-sdb-9.7.3-8.P3.el6_2.3.i686.rpmd2114e18a7a806478b474f3b8f347fc8a17f00560d609ff927c48e407f174121bind-9.7.3-8.P3.el6_2.3.i686.rpm3b282f8528d0a5c127bfd48e0f9c8dd555048df6bd0d02cd96029409f372ea0fbind-utils-9.7.3-8.P3.el6_2.3.i686.rpm5e39d2c3b0c38556922eae4d7fc06f4cbe482734f6f6de4620ec775f086d2b8bbind-chroot-9.7.3-8.P3.el6_2.3.i686.rpm85149bc88bd840f48e6bed7c3d7a418dd2aa72129714486d25fdad081d15112cSLSA-2012:0729-1Multiple flaws were discovered in the CORBA (Common Object Request Broker Architecture) implementation in Java. A malicious Java application or applet could use these flaws to bypass Java sandbox restrictions or modify immutable object data. (CVE-2012-1711, CVE-2012-1719) It was discovered that the SynthLookAndFeel class from Swing did not properly prevent access to certain UI elements from outside the current application context. A malicious Java application or applet could use this flaw to crash the Java Virtual Machine, or bypass Java sandbox restrictions. (CVE-2012-1716) Multiple flaws were discovered in the font manager's layout lookup implementation. A specially-crafted font file could cause the Java Virtual Machine to crash or, possibly, execute arbitrary code with the privileges of the user running the virtual machine. (CVE-2012-1713) Multiple flaws were found in the way the Java HotSpot Virtual Machine verified the bytecode of the class file to be executed. A specially-crafted Java application or applet could use these flaws to crash the Java Virtual Machine, or bypass Java sandbox restrictions. (CVE-2012-1723, CVE-2012-1725) It was discovered that the Java XML parser did not properly handle certain XML documents. An attacker able to make a Java application parse a specially- crafted XML file could use this flaw to make the XML parser enter an infinite loop. (CVE-2012-1724) It was discovered that the Java security classes did not properly handle Certificate Revocation Lists (CRL). CRL containing entries with duplicate certificate serial numbers could have been ignored. (CVE-2012-1718) It was discovered that various classes of the Java Runtime library could create temporary files with insecure permissions. A local attacker could use this flaw to gain access to the content of such temporary files. (CVE-2012-1717) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.11.3. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-src-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm04321e882c50c9f0940a5f30ffe9ccd0dbe630de4b07fba15a020d0ca9411ec7java-1.6.0-openjdk-devel-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm759536c5a1d40f79e375065dff82989eb3f7f7cd7e08410bfde26ea12592c0a2java-1.6.0-openjdk-javadoc-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm063d258f1a37020807052665cd35f43184453e30135f2159fd4254e7a9c6b0c7java-1.6.0-openjdk-demo-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm9608d07a4494e2d15be8e8470af77fdb281332ed119707f6f3ea55c3e39921e4java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.el6_2.i686.rpm87616c2f0723c22eb7f62520e8c06789a53e5de113553b0e2525ea3ec3f4807cSLSA-2012:0731-1A denial of service flaw was found in the implementation of hash arrays in Expat. An attacker could use this flaw to make an application using Expat consume an excessive amount of CPU time by providing a specially-crafted XML file that triggers multiple hash function collisions. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-0876) A memory leak flaw was found in Expat. If an XML file processed by an application linked against Expat triggered a memory re-allocation failure, Expat failed to free the previously allocated memory. This could cause the application to exit unexpectedly or crash when all available memory is exhausted. (CVE-2012-1148) After installing the updated packages, applications using the Expat library must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6expat-devel-2.0.1-11.el6_2.i686.rpmf28a8d7047fc52c5e485e1c306fc297f90b2a99423f7954e316a046209189444expat-2.0.1-11.el6_2.i686.rpm50552e7bd12ba25748d3e61d221dc312ff53117d6a9e4a69f9b23f82c88d5518SLSA-2012:0743-1This update fixes the following security issues: * A local, unprivileged user could use an integer overflow flaw in drm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their privileges. (CVE-2012-0044, Important) * A buffer overflow flaw was found in the macvtap device driver, used for creating a bridged network between the guest and the host in KVM (Kernel-based Virtual Machine) environments. A privileged guest user in a KVM guest could use this flaw to crash the host. Note: This issue only affected hosts that have the vhost_net module loaded with the experimental_zcopytx module option enabled (it is not enabled by default), and that also have macvtap configured for at least one guest. (CVE-2012-2119, Important) * When a set user ID (setuid) application is executed, certain personality flags for controlling the application's behavior are cleared (that is, a privileged application will not be affected by those flags). It was found that those flags were not cleared if the application was made privileged via file system capabilities. A local, unprivileged user could use this flaw to change the behavior of such applications, allowing them to bypass intended restrictions. Note that for default installations, no application shipped by Scientific Linux is made privileged via file system capabilities. (CVE-2012-2123, Important) * It was found that the data_len parameter of the sock_alloc_send_pskb() function in the Linux kernel's networking implementation was not validated before use. A privileged guest user in a KVM guest could use this flaw to crash the host or, possibly, escalate their privileges on the host. (CVE-2012-2136, Important) * A buffer overflow flaw was found in the setup_routing_entry() function in the KVM subsystem of the Linux kernel in the way the Message Signaled Interrupts (MSI) routing entry was handled. A local, unprivileged user could use this flaw to cause a denial of service or, possibly, escalate their privileges. (CVE-2012-2137, Important) * A race condition was found in the Linux kernel's memory management subsystem in the way pmd_none_or_clear_bad(), when called with mmap_sem in read mode, and Transparent Huge Pages (THP) page faults interacted. A privileged user in a KVM guest with the ballooning functionality enabled could potentially use this flaw to crash the host. A local, unprivileged user could use this flaw to crash the system. (CVE-2012-1179, Moderate) * A flaw was found in the way device memory was handled during guest device removal. Upon successful device removal, memory used by the device was not properly unmapped from the corresponding IOMMU or properly released from the kernel, leading to a memory leak. A malicious user on a KVM host who has the ability to assign a device to a guest could use this flaw to crash the host. (CVE-2012-2121, Moderate) * A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2372, Moderate) * A race condition was found in the Linux kernel's memory management subsystem in the way pmd_populate() and pte_offset_map_lock() interacted on 32-bit x86 systems with more than 4GB of RAM. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2373, Moderate) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-2.6.32-220.23.1.el6.i686.rpmc451ffe0f2939326edb61e9ab498804c3e39a18ad77fb11ed50a3d962d295c25kernel-debug-devel-2.6.32-220.23.1.el6.i686.rpmad0ef16163a35ff4d7e792d3032fd1e7c95f622f9ea201ce24ca389c2ef676c2kernel-firmware-2.6.32-220.23.1.el6.noarch.rpm81fff3409db92501cbe25a422401652a8772141e458efe295d5a386b63450e75perf-2.6.32-220.23.1.el6.i686.rpmdb7359e85281e4272415735151d292f270ee569b65389c95236e7341071006adkernel-doc-2.6.32-220.23.1.el6.noarch.rpm94befba72276c48bdbd49c0a8db07f41639e21a1c4f38274ee9529e3e36ea051kernel-2.6.32-220.23.1.el6.i686.rpm6106a90801739273f0003cd805a9dec7d95046974bace611fa54489fdc1209cdpython-perf-2.6.32-220.23.1.el6.i686.rpmae6b94d272beade01274f5f1b0a6e97b5a560742f17630dca91fef4596519a63kernel-devel-2.6.32-220.23.1.el6.i686.rpma7bb67c9d1851e3a29bc89125d1019cb733aa53f4de42f22c09d4c5c253fa100kernel-headers-2.6.32-220.23.1.el6.i686.rpmf45b430266d3dc6039134891054e25916e7d63bcdbe13c21143b45187fdf28b0SLSA-2012:0744-1A denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions. (CVE-2012-1150) Note: The hash randomization is not enabled by default as it may break applications that incorrectly depend on dictionary ordering. To enable the protection, the new "PYTHONHASHSEED" environment variable or the Python interpreter's "-R" command line option can be used. Refer to the python(1) manual page for details. The SLSA-2012:0731 expat erratum must be installed with this update, which adds hash randomization to the Expat library used by the Python pyexpat module. A flaw was found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely. A remote attacker could use this flaw to cause excessive CPU consumption on a server using SimpleXMLRPCServer. (CVE-2012-0845) A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially-crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers). (CVE-2011-4940) A race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories. (CVE-2011-4944)moderateScientific Linux FermiScientific Linux Fermi 6python-tools-2.6.6-29.el6_2.2.i686.rpmdf1c85d4a706b1bf207e57f4ee3318d79a44b95fb63840c9f6853bb0cde59d51python-2.6.6-29.el6_2.2.i686.rpm1ec3ce54e52f6ad2fb68cd157c06c43bf53c5c69dc3f45532b3d0bbbd2d3e323tkinter-2.6.6-29.el6_2.2.i686.rpm13becd9343e80943056551a215068beb302154a525a5590cb8a1705eca453b24python-libs-2.6.6-29.el6_2.2.i686.rpmbb8205d8bdcb3ae428df3b7c54ef8da825eaa55fd062b29f6b07a06042f3e8eapython-test-2.6.6-29.el6_2.2.i686.rpm92a1dbe6411289681f282069e62a42c0d4a8ee2df96ea1643b4203fc290d8d79python-devel-2.6.6-29.el6_2.2.i686.rpm3bbe2a38cbbcc2bc2b4a1965a3bbe5ddc8810b682ac3d3077faefe7b7aa02a3cSLSA-2012:0748-5Bus and device IDs were ignored when attempting to attach multiple USB devices with identical vendor or product IDs to a guest. This could result in the wrong device being attached to a guest, giving that guest root access to the device. (CVE-2012-2693) After installing the updated packages, libvirtd must be restarted ("service libvirtd restart") for this update to take effect.lowScientific Linux FermitrueScientific Linux Fermi 6libvirt-devel-0.9.10-21.el6.i686.rpmebf6aa43481b42b843ca2f2b79a49f0884b8c5ebf18c6bc22f0904da236ac64clibvirt-python-0.9.10-21.el6.i686.rpm5ba622c24c029c06edc2da0605ffa2f8ceb9aad8e09323717160d5a56908a358libvirt-client-0.9.10-21.el6.i686.rpmeecf94756e9c3cbbb87579ea325e2b2fc454ef077d29be570d2db0f4861dec87libvirt-0.9.10-21.el6.i686.rpm5037346611b9b3105d9c87d8af8c11a77ad78f7b912e82c5184952499e451e1flibvirt-lock-sanlock-0.9.10-21.el6.i686.rpmb1995cd9f776a3cec10a77765dd3fec98bd3f9ba0836083fad5bc77b46242505SLSA-2012:0796-4A numeric truncation error, leading to a heap-based buffer overflow, was found in the way the rsyslog imfile module processed text files containing long lines. An attacker could use this flaw to crash the rsyslogd daemon or, possibly, execute arbitrary code with the privileges of rsyslogd, if they are able to cause a long line to be written to a log file that rsyslogd monitors with imfile. The imfile module is not enabled by default. (CVE-2011-4623) Bug fixes: * Several variables were incorrectly deinitialized with Transport Layer Security (TLS) transport and keys in PKCS#8 format. The rsyslogd daemon aborted with a segmentation fault when keys in this format were provided. Now, the variables are correctly deinitialized. * Previously, the imgssapi plug-in initialization was incomplete. As a result, the rsyslogd daemon aborted when configured to provide a GSSAPI listener. Now, the plug-in is correctly initialized. * The fully qualified domain name (FQDN) for the localhost used in messages was the first alias found. This did not always produce the expected result on multihomed hosts. With this update, the algorithm uses the alias that corresponds to the hostname. * The gtls module leaked a file descriptor every time it was loaded due to an error in the GnuTLS library. No new files or network connections could be opened when the limit for the file descriptor count was reached. This update modifies the gtls module so that it is not unloaded during the process lifetime. * rsyslog could not override the hostname to set an alternative hostname for locally generated messages. Now, the local hostname can be overridden. * The rsyslogd init script did not pass the lock file path to the 'status' action. As a result, the lock file was ignored and a wrong exit code was returned. This update modifies the init script to pass the lock file to the 'status' action. Now, the correct exit code is returned. * Data could be incorrectly deinitialized when rsyslogd was supplied with malformed spool files. The rsyslogd daemon could be aborted with a segmentation fault. This update modifies the underlying code to correctly deinitialize the data. * Previously, deinitialization of non-existent data could, in certain error cases, occur. As a result, rsyslogd could abort with a segmentation fault when rsyslog was configured to use a disk assisted queue without specifying a spool file. With this update, the error cases are handled gracefully. * The manual page wrongly stated that the '-d' option to turn on debugging caused the daemon to run in the foreground, which was misleading as the current behavior is to run in the background. Now, the manual page reflects the correct behavior. * rsyslog attempted to write debugging messages to standard output even when run in the background. This resulted in the debugging information being written to some other output. This was corrected and the debug messages are no longer written to standard output when run in the background. * The string buffer to hold the distinguished name (DN) of a certificate was too small. DNs with more than 128 characters were not displayed. This update enlarges the buffer to process longer DNs. Enhancements: * Support for rate limiting and multi-line message capability. Now, rsyslogd can limit the number of messages it accepts through a UNIX socket. * The addition of the "/etc/rsyslog.d/" configuration directory to supply syslog configuration files. 8.10 and correct these issues and add these enhancements. After installing this update, the rsyslog daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6rsyslog-relp-5.8.10-2.el6.i686.rpm159a70ebc2ee9b7a0b05e6186edb5a2fe048d89865acb5c0506c81b901da048frsyslog-pgsql-5.8.10-2.el6.i686.rpm3adee8764d2e7319c990d05a0c51504739428f80325852976328af6005e7d363rsyslog-mysql-5.8.10-2.el6.i686.rpm1aaf1bc97f14f7a14f49b2a000fea976e776fc09f38fda4d3f67ffdc002b71a0rsyslog-gssapi-5.8.10-2.el6.i686.rpm77b1bbcc794384275ed346f3ba008bd69aae9e2ab55e7e4a15adceb4badb07e2rsyslog-snmp-5.8.10-2.el6.i686.rpmee25a133fda6b23fb000a52e8708b1c10cd08fdd19dcaec824b4c74084b2a823rsyslog-gnutls-5.8.10-2.el6.i686.rpm91584426d0dd8c8b9cf6828b76eac745021405cd037d588ef69c762e0c291b57rsyslog-5.8.10-2.el6.i686.rpm456b9b00902d05f24eb04ca45df9957080b703825b1a6fa57c4b4e2167a5ab75SLSA-2012:0810-4A buffer underflow flaw was found in the way the uncompress utility of BusyBox expanded certain archive files compressed using Lempel-Ziv compression. If a user were tricked into expanding a specially-crafted archive file with uncompress, it could cause BusyBox to crash or, potentially, execute arbitrary code with the privileges of the user running BusyBox. (CVE-2006-1168) The BusyBox DHCP client, udhcpc, did not sufficiently sanitize certain options provided in DHCP server replies, such as the client hostname. A malicious DHCP server could send such an option with a specially-crafted value to a DHCP client. If this option's value was saved on the client system, and then later insecurely evaluated by a process that assumes the option is trusted, it could lead to arbitrary code execution with the privileges of that process. Note: udhcpc is not used on Scientific Linux by default, and no DHCP client script is provided with the busybox packages. (CVE-2011-2716) This update also fixes the following bugs: * Prior to this update, the "findfs" command did not recognize Btrfs partitions. As a consequence, an error message could occur when dumping a core file. This update adds support for recognizing such partitions so the problem no longer occurs. * If the "grep" command was used with the "-F" and "-i" options at the same time, the "-i" option was ignored. As a consequence, the "grep -iF" command incorrectly performed a case-sensitive search instead of an insensitive search. A patch has been applied to ensure that the combination of the "-F" and "-i" options works as expected. * Prior to this update, the msh shell did not support the "set -o pipefail" command. This update adds support for this command. * Previously, the msh shell could terminate unexpectedly with a segmentation fault when attempting to execute an empty command as a result of variable substitution (for example msh -c '$nonexistent_variable'). With this update, msh has been modified to correctly interpret such commands and no longer crashes in this scenario. * Previously, the msh shell incorrectly executed empty loops. As a consequence, msh never exited such a loop even if the loop condition was false, which could cause scripts using the loop to become unresponsive. With this update, msh has been modified to execute and exit empty loops correctly, so that hangs no longer occur.lowScientific Linux FermiScientific Linux Fermi 6busybox-1.15.1-15.el6.i686.rpm8786bf48b814a02b1aacd9eaedfd1e50f8e487e588a9b2ea386b60d1edd4a870busybox-petitboot-1.15.1-15.el6.i686.rpm7b2a2f83a946055f1e42bd3b785e4daeac7c3a43b016a4407d8c71f63996c81bSLSA-2012:0811-4A cross-site scripting (XSS) flaw was found in the "apc.php" script, which provides a detailed analysis of the internal workings of APC and is shipped as part of the APC extension documentation. A remote attacker could possibly use this flaw to conduct a cross-site scripting attack. (CVE-2010-3294) Note: The administrative script is not deployed upon package installation. It must manually be copied to the web root (the default is "/var/www/html/", for example). In addition, the php-pecl-apc packages have been upgraded to upstream version 3.1.9, which provides a number of bug fixes and enhancements over the previous version. If the "apc.php" script was previously deployed in the web root, it must manually be re-deployed to replace the vulnerable version to resolve this issue.lowScientific Linux FermiScientific Linux Fermi 6php-pecl-apc-devel-3.1.9-2.el6.i686.rpmc3a906a5263d6198f8d59a8c3c4b33d5ecb58c1ad946e90f87c8ec5cc2aec7e9php-pecl-apc-3.1.9-2.el6.i686.rpm482a5a9ea019f980455c40f5618651c83940a0cfe4f01401c88c88e843d605c2SLSA-2012:0813-4A flaw was found in the way the 389 Directory Server daemon (ns-slapd) handled access control instructions (ACIs) using certificate groups. If an LDAP user that had a certificate group defined attempted to bind to the directory server, it would cause ns-slapd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2012-0833) 389-ds-base packages, which resolve these issues and add these enhancements. After installing this update, the 389 server service will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6389-ds-base-libs-1.2.10.2-15.el6.i686.rpme0c8cdd82b796497ecad8de449593e8386ffabf912e0a0cc2c0139c4549947b3389-ds-base-devel-1.2.10.2-15.el6.i686.rpm84bac7e1ef0ff7a689e3974ff781b77be121ef2796a99d7b0cbc5e82c5acbb47389-ds-base-1.2.10.2-15.el6.i686.rpm868755e450d6f905f37a115ebcbedb24e76678be826ddd152bec7568635bb38cSLSA-2012:0841-4The btparser utility is a backtrace parser and analyzer library, which works with backtraces produced by the GNU Project Debugger. It can parse a text file with a backtrace to a tree of C structures, allowing to analyze the threads and frames of the backtrace and process them. The python-meh package provides a python library for handling exceptions. If the C handler plug-in in ABRT was enabled (the abrt-addon-ccpp package installed and the abrt-ccpp service running), and the sysctl fs.suid_dumpable option was set to "2" (it is "0" by default), core dumps of set user ID (setuid) programs were created with insecure group ID permissions. This could allow local, unprivileged users to obtain sensitive information from the core dump files of setuid processes they would otherwise not be able to access. (CVE-2012-1106) ABRT did not allow users to easily search the collected crash information for sensitive data prior to submitting it. This could lead to users unintentionally exposing sensitive information via the submitted crash reports. This update adds functionality to search across all the collected data. (CVE-2011-4088)lowScientific Linux FermiScientific Linux Fermi 6abrt-tui-2.0.8-6.el6.i686.rpm0e2fe95aad4f893ec79c39fc33a210d881723e8608218d1049149418ea773b88libreport-plugin-mailx-2.0.9-5.el6.i686.rpme0339b46dc978f188f0e551cfda905676fa459a18eaf50de3f882934edea61f8abrt-cli-2.0.8-6.el6.i686.rpm2ea6ffd0f2564a370942cd413ec41fbce3743582c5b1a3a2c7ecf1023b774127libreport-cli-2.0.9-5.el6.i686.rpm4c41ea5147cde9b02ddbb22ad2e6d8b81f2150b2084a0f1f1db6b4e8648eed6epython-meh-0.12.1-3.el6.noarch.rpm4d8dba429a93790bd5fbef4635a5e267f97d527936d6ce59f1a1c47b85afa9a4libreport-plugin-bugzilla-2.0.9-5.el6.i686.rpm1ab52714e96009d6a4d485bce12353bb3c9302c9f77ee99894aefaefbb266eb9abrt-libs-2.0.8-6.el6.i686.rpm600faf1b1f5880fb1d8df17aa8c404a1fdb1d2646244aabe9111a28e56dadd4flibreport-plugin-rhtsupport-2.0.9-5.el6.i686.rpmaac634a50fce2a44db5ef9aafb64ef2f510b5c5999063b3a33d3a583b443692ebtparser-devel-0.16-3.el6.i686.rpm0aff5c296be66ae97c378f3c0c080f0a68d0c67794cd9c7d513c969cab4eddd2btparser-python-0.16-3.el6.i686.rpm2b5bc059bbef5c038bcead6cf48d3bc24597b8838532bd909fd0bdb0b8952010btparser-0.16-3.el6.i686.rpm3edaab490401ba156a363efd4899ba0b41acd01a0158de0a638cdc30c854fafflibreport-plugin-kerneloops-2.0.9-5.el6.i686.rpm7955b4e82cc8c77fd760e1df3927134d2def12ad697d91394a8637a7f8b7bb9dlibreport-gtk-devel-2.0.9-5.el6.i686.rpm1e9cc0071c1e751046af32a3689a35d52e586f7fc2549e685beb1fa405222f0babrt-gui-2.0.8-6.el6.i686.rpm4fcba3d98e5af31856193fdc42caec1870635a088b1fa19efafcb5f6aee03ff7abrt-addon-ccpp-2.0.8-6.el6.i686.rpm0d339d85af1493b2f0ce0f4141fc3cbe5fe7f9ac4c9394c7e427ccbe4866ba5flibreport-devel-2.0.9-5.el6.i686.rpm8cb0d678262048b7d3f1a9e03952673f34090303c71d388a2c3d318d64813326libreport-python-2.0.9-5.el6.i686.rpm98d81f3a0c19a904d876484aab4dcbe3bdb652d0d387796e0f02651b0df08059libreport-plugin-reportuploader-2.0.9-5.el6.i686.rpmc5704838983dba63592333650e047480a0654f32704e8137940392adf6d8309babrt-addon-vmcore-2.0.8-6.el6.i686.rpm745201b8e5f8818f1945b9fa18dd88bd7045af2f584762becd756fa83c48def9abrt-addon-kerneloops-2.0.8-6.el6.i686.rpm7fd306ad0a19a0cccde7bf24e227f807da40865632517076abe08d6df949880blibreport-plugin-logger-2.0.9-5.el6.i686.rpm5e9725a4f94c69c53d1c5e2d4d6a2d761d058b87cf2d09e926c8b3f6778a8897abrt-desktop-2.0.8-6.el6.i686.rpm0a59129302f732e7d4df1698865bf372500456ea64d14e7bb4fc6d710a69b634libreport-2.0.9-5.el6.i686.rpmcfb889c02ebf8c29a53096bca166dbe83b79c2ad2338bcb8b6159d21a48d8aa7abrt-addon-python-2.0.8-6.el6.i686.rpm0737fefcb9e7d6a875600d4edc7a618690a89cbe932f0c4c85e3c8d95d6667e4abrt-2.0.8-6.el6.i686.rpm6294074d600d98d56b92b488d32d7ff41da6750a7762b422f64f98fbc838ac59libreport-newt-2.0.9-5.el6.i686.rpmbf7af6beacc3518c39a70387b12d33af1c1b2e33dd0f011e3991037548552f51libreport-gtk-2.0.9-5.el6.i686.rpm3a264ecc07fbee4e015058e8d0442af007586d78ef0192ad833e6e1c16ccc501abrt-devel-2.0.8-6.el6.i686.rpm3186a42ae571c9af28d46e17352b37a3c4d6ba9786795c1b5300136166b56c13SLSA-2012:0874-4A flaw was found in the way MySQL processed HANDLER READ NEXT statements after deleting a record. A remote, authenticated attacker could use this flaw to provide such requests, causing mysqld to crash. This issue only caused a temporary denial of service, as mysqld was automatically restarted after the crash. (CVE-2012-2102) This update also adds the following enhancement: After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6mysql-embedded-devel-5.1.61-4.el6.i686.rpm75b901ada04d79318bd28421db303f5bd4d0160a37391c4d741a48404a4e9da8mysql-libs-5.1.61-4.el6.i686.rpmcd11520744f499e7656b0bb2914250f69f63d8a8845dfe30e560ebc18de8e0aamysql-embedded-5.1.61-4.el6.i686.rpmf87f6735fe481022bd5b2db587ae15ff52cc16a71803e8daf3c160087e355de2mysql-bench-5.1.61-4.el6.i686.rpm8c63044fec79381fd514f3f4715b55012d57334aa8b34e68b2c7cfda6f518970mysql-test-5.1.61-4.el6.i686.rpmd8a4adff3af3db54e0abfc72b54a7cb12bf178d445b5fb64be95287f004673f1mysql-server-5.1.61-4.el6.i686.rpmaf6f4c1b6b19702010b457d8c0053eba428ff453c953b2d3ab2b59cae332da9bmysql-devel-5.1.61-4.el6.i686.rpm2ecf4bfd3a7a0e863961dfbc1e29169bde06cda4e571b399f726d66857b8b627mysql-5.1.61-4.el6.i686.rpma31a46a9ea1f3c87f3ffd7256cdfd72e9d3b057e59bd5691d437d6cb9f975375SLSA-2012:0876-4An array index error, leading to an out-of-bounds buffer read flaw, was found in the way the net-snmp agent looked up entries in the extension table. A remote attacker with read privileges to a Management Information Base (MIB) subtree handled by the "extend" directive (in "/etc/snmp/snmpd.conf") could use this flaw to crash snmpd via a crafted SNMP GET request. (CVE-2012-2141) After installing the update, the snmpd and snmptrapd daemons will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6net-snmp-utils-5.5-41.el6.i686.rpm650b08580bfbdd6ebc5a71274d2d6c305922fc8803491e07fc0c5eb7f0428993net-snmp-perl-5.5-41.el6.i686.rpm97b3c55af3401aadb70d7ee3f477984afaabe46d2f324166a88035ec7b3de554net-snmp-libs-5.5-41.el6.i686.rpm3aba9a1cf062bf06ec9683aadfd471872c0d4910afc9a7a041f45c897571647dnet-snmp-5.5-41.el6.i686.rpm994717e2eed0d9d2e48237faf46778d7ff3195aabc566f068e2c44d2c1f46318net-snmp-devel-5.5-41.el6.i686.rpmb6648177f7118a7b5219eca8009856cc0a927a1a8506ec8e8e2615ba6a8c31b1net-snmp-python-5.5-41.el6.i686.rpm2f7ff26ed8039d223c8455b2716a88c370263d62fc5d34d9cd0e8725967c0117SLSA-2012:0880-4A buffer overflow flaw was found in the harfbuzz module in Qt. If a user loaded a specially-crafted font file with an application linked against Qt, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3922) A flaw was found in the way Qt handled X.509 certificates with IP address wildcards. An attacker able to obtain a certificate with a Common Name containing an IP wildcard could possibly use this flaw to impersonate an SSL server to client applications that are using Qt. This update also introduces more strict handling for hostname wildcard certificates by disallowing the wildcard character to match more than one hostname component. (CVE-2010-5076) This update also fixes the following bugs: * The Phonon API allowed premature freeing of the media object. Consequently, GStreamer could terminate unexpectedly as it failed to access the released media object. This update modifies the underlying Phonon API code and the problem no longer occurs. * Previously, Qt could output the "Unrecognized OpenGL version" error and fall back to OpenGL-version-1 compatibility mode. This happened because Qt failed to recognize the version of OpenGL installed on the system if the system was using a version of OpenGL released later than the Qt version in use. This update adds the code for recognition of OpenGL versions to Qt and if the OpenGL version is unknown, Qt assumes that the last-known version of OpenGL is available. * Previously Qt included a compiled-in list of trusted CA (Certificate Authority) certificates, that could have been used if Qt failed to open a system's ca-bundle.crt file. With this update, Qt no longer includes compiled- in CA certificates and only uses the system bundle. All running applications linked against Qt libraries must be restarted for this update to take effect.moderateScientific Linux FermitruetrueScientific Linux Fermi 6qt-examples-4.6.2-24.el6.i686.rpm0d91ce804c887b77d8be611f29a84cfabd4067b9661f014db425fdb7d761821cqt-4.6.2-24.el6.i686.rpm0fa5540feb77159b847022f819a82ea9d8c98e65878ce7e6a1406ccf1a691635qt-sqlite-4.6.2-24.el6.i686.rpm09f6beb00446b930c6a039f1ccf9dc969fa5a33ceda4437f55eda41b5d7e5f30qt-demos-4.6.2-24.el6.i686.rpm48b4e58707043e4fc24f9c72c76b866009233f644e611a857085dbafa20f567cqt-devel-4.6.2-24.el6.i686.rpme2215d2d42a319dd05f4f4f9beb357373103ccbdecca02d77049c7010ec91386qt-doc-4.6.2-24.el6.noarch.rpmf2be9ac7026d7c0e03b7ccdacc3989ccb0a93382a3cc7b15e3184edc621e8bc0qt-odbc-4.6.2-24.el6.i686.rpma099e94ae2b2f844fc50b11d040cef23f1874ea57b46d18899c7adfa17526d60qt-mysql-4.6.2-24.el6.i686.rpm967171a1ba9651eb2851b0f70ccb6eac4cfab5de3ff1cf18b5780d5b79903c41qt-postgresql-4.6.2-24.el6.i686.rpm8b19b9ff7178cba5fad3ce3fd5e60ffb0590a6259fb21baeb4eff5a8234476beqt-x11-4.6.2-24.el6.i686.rpm906e173794b41381ab278d9974eb037fc901865d92dd5fa93f4d4230e6fbf1d3phonon-backend-gstreamer-4.6.2-24.el6.i686.rpma4270e637321e611688c330eeea17ad0d2f038fce3964651d8f0606b8064bb7eSLSA-2012:0884-4A denial of service flaw was found in the OpenSSH GSSAPI authentication implementation. A remote, authenticated user could use this flaw to make the OpenSSH server daemon (sshd) use an excessive amount of memory, leading to a denial of service. GSSAPI authentication is enabled by default ("GSSAPIAuthentication yes" in "/etc/ssh/sshd_config"). (CVE-2011-5000) These updated openssh packages also provide fixes for the following bugs: * SSH X11 forwarding failed if IPv6 was enabled and the parameter X11UseLocalhost was set to "no". Consequently, users could not set X forwarding. This update fixes sshd and ssh to correctly bind the port for the IPv6 protocol. As a result, X11 forwarding now works as expected with IPv6. * The sshd daemon was killed by the OOM killer when running a stress test. Consequently, a user could not log in. With this update, the sshd daemon sets its oom_adj value to -17. As a result, sshd is not chosen by OOM killer and users are able to log in to solve problems with memory. * If the SSH server is configured with a banner that contains a backslash character, then the client will escape it with another "\" character, so it prints double backslashes. An upstream patch has been applied to correct the problem and the SSH banner is now correctly displayed. In addition, these updated openssh packages provide the following enhancements: * Previously, SSH allowed multiple ways of authentication of which only one was required for a successful login. SSH can now be set up to require multiple ways of authentication. For example, logging in to an SSH-enabled machine requires both a passphrase and a public key to be entered. The RequiredAuthentications1 and RequiredAuthentications2 options can be configured in the /etc/ssh/sshd_config file to specify authentications that are required for a successful login. For example, to set key and password authentication for SSH version 2, type: echo "RequiredAuthentications2 publickey,password" >> /etc/ssh/sshd_config For more information on the aforementioned /etc/ssh/sshd_config options, refer to the sshd_config man page. * Previously, OpenSSH could use the Advanced Encryption Standard New Instructions (AES-NI) instruction set only with the AES Cipher-block chaining (CBC) cipher. This update adds support for Counter (CTR) mode encryption in OpenSSH so the AES-NI instruction set can now be used efficiently also with the AES CTR cipher. * Prior to this update, an unprivileged slave sshd process was run as the sshd_t context during privilege separation (privsep). sshd_t is the SELinux context used for running the sshd daemon. Given that the unprivileged slave process is run under the user's UID, it is fitting to run this process under the user's SELinux context instead of the privileged sshd_t context. With this update, the unprivileged slave process is now run as the user's context instead of the sshd_t context in accordance with the principle of privilege separation. The unprivileged process, which might be potentially more sensitive to security threats, is now run under the user's SELinux context. After installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6openssh-askpass-5.3p1-81.el6.i686.rpm2224f79dae2eb980b8ba2bb87c8b9526dcd94da2af7913c3a84b994c405b81eaopenssh-server-5.3p1-81.el6.i686.rpmcfc5610ab2f9614d9e7ac0ca26dd22157cdb58042e4c4b7a67dfb84c99484dbcopenssh-5.3p1-81.el6.i686.rpm1304b001a2eb9e7abb291b37b25b365aa16f2f2a3c270e4da11ade2c596f0a6fpam_ssh_agent_auth-0.9-81.el6.i686.rpmd242b3b8a8635d33e13e24384c7fd3323f1b03740c77bfab14bd40dc1cc0ddc3openssh-ldap-5.3p1-81.el6.i686.rpma8957c7d430741d68b1989f2c7fb5e6e27151970cdf6956747fd80141f30546eopenssh-clients-5.3p1-81.el6.i686.rpm33c86e8783aa8f41a8a2f37228638f36d80e3fbc1e3d32965f96ca98b9d3610cSLSA-2012:0899-4A denial of service flaw was found in the way the OpenLDAP server daemon (slapd) processed certain search queries requesting only attributes and no values. In certain configurations, a remote attacker could issue a specially- crafted LDAP search query that, when processed by slapd, would cause slapd to crash due to an assertion failure. (CVE-2012-1164) After installing this update, the OpenLDAP daemons will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6openldap-servers-sql-2.4.23-26.el6.i686.rpm5cd2d689c765728a9cc761a346ea3d1b97faa74f1c1cb60c25274af013f2f76bopenldap-2.4.23-26.el6.i686.rpmf535e5a0798e0951edda38f371cff55c1318da320e6d427aeced5d661a8c0cfaopenldap-devel-2.4.23-26.el6.i686.rpmef2b3d70f43691862e15e488f12c1657e1546d1089283a8641fc21e148225adfopenldap-clients-2.4.23-26.el6.i686.rpm4326fce4376ab4c5d778ccc4a7ed26280dd53a3ec8d869203bf24f5eeee08ecfopenldap-servers-2.4.23-26.el6.i686.rpm0161d4f9593468cea06d4ac6a35368ecd6c8b5d589864661942925289006f68bSLSA-2012:0902-4A file existence disclosure flaw was found in mount.cifs. If the tool was installed with the setuid bit set, a local attacker could use this flaw to determine the existence of files or directories in directories not accessible to the attacker. (CVE-2012-1586) Note: mount.cifs from the cifs-utils package distributed by Scientific Linux does not have the setuid bit set. We recommend that administrators do not manually set the setuid bit for mount.cifs. This update also fixes the following bugs: * The cifs.mount(8) manual page was previously missing documentation for several mount options. With this update, the missing entries have been added to the manual page. * Previously, the mount.cifs utility did not properly update the "/etc/mtab" system information file when remounting an existing CIFS mount. Consequently, mount.cifs created a duplicate entry of the existing mount entry. This update adds the del_mtab() function to cifs.mount, which ensures that the old mount entry is removed from "/etc/mtab" before adding the updated mount entry. * The mount.cifs utility did not properly convert user and group names to numeric UIDs and GIDs. Therefore, when the "uid", "gid" or "cruid" mount options were specified with user or group names, CIFS shares were mounted with default values. This caused shares to be inaccessible to the intended users because UID and GID is set to "0" by default. With this update, user and group names are properly converted so that CIFS shares are now mounted with specified user and group ownership as expected. * The cifs.upcall utility did not respect the "domain_realm" section in the "krb5.conf" file and worked only with the default domain. Consequently, an attempt to mount a CIFS share from a different than the default domain failed with the following error message: mount error(126): Required key not available This update modifies the underlying code so that cifs.upcall handles multiple Kerberos domains correctly and CIFS shares can now be mounted as expected in a multi-domain environment. In addition, this update adds the following enhancements: * The cifs.upcall utility previously always used the "/etc/krb5.conf" file regardless of whether the user had specified a custom Kerberos configuration file. This update adds the "--krb5conf" option to cifs.upcall allowing the administrator to specify an alternate krb5.conf file. For more information on this option, refer to the cifs.upcall(8) manual page. * The cifs.upcall utility did not optimally determine the correct service principal name (SPN) used for Kerberos authentication, which occasionally caused krb5 authentication to fail when mounting a server's unqualified domain name. This update improves cifs.upcall so that the method used to determine the SPN is now more versatile. * This update adds the "backupuid" and "backupgid" mount options to the mount.cifs utility. When specified, these options grant a user or a group the right to access files with the backup intent. For more information on these options, refer to the mount.cifs(8) manual page.lowScientific Linux FermiScientific Linux Fermi 6cifs-utils-4.8.1-10.el6.i686.rpm33fec517774af505e7a8b6271864adb73d4239db79d0e355dec7640f2423695fSLSA-2012:0939-4A flaw was found in the way the X.Org server handled lock files. A local user with access to the system console could use this flaw to determine the existence of a file in a directory not accessible to the user, via a symbolic link attack. (CVE-2011-4028) A race condition was found in the way the X.Org server managed temporary lock files. A local attacker could use this flaw to perform a symbolic link attack, allowing them to make an arbitrary file world readable, leading to the disclosure of sensitive information. (CVE-2011-4029) This update also fixes the following bugs: * Prior to this update, the KDE Display Manager (KDM) could pass invalid 24bpp pixmap formats to the X server. As a consequence, the X server could unexpectedly abort. This update modifies the underlying code to pass the correct formats. * Prior to this update, absolute input devices, like the stylus of a graphic tablet, could become unresponsive in the right-most or bottom-most screen if the X server was configured as a multi-screen setup through multiple "Device" sections in the xorg.conf file. This update changes the screen crossing behavior so that absolute devices are always mapped across all screens. * Prior to this update, the misleading message "Session active, not inhibited, screen idle. If you see this test, your display server is broken and you should notify your distributor." could be displayed after resuming the system or re- enabling the display, and included a URL to an external web page. This update removes this message. * Prior to this update, the erroneous input handling code of the Xephyr server disabled screens on a screen crossing event. The focus was only on the screen where the mouse was located and only this screen was updated when the Xephyr nested X server was configured in a multi-screen setup. This update removes this code and Xephyr now correctly updates screens in multi-screen setups. * Prior to this update, raw events did not contain relative axis values. As a consequence, clients which relied on relative values for functioning did not behave as expected. This update sets the values to the original driver values instead of the already transformed values. Now, raw events contain relative axis values as expected. All running X.Org server instances must be restarted for this update to take effect.lowScientific Linux FermitrueScientific Linux Fermi 6xorg-x11-server-devel-1.10.6-1.sl6.i686.rpmfbf3b91aa4ed284f9199df36bf6cce51f98e8faefe5537250a1c10746fcfe039xorg-x11-server-Xephyr-1.10.6-1.sl6.i686.rpma5f0cd542d8d425232b7bf57eb7e4bd75b7d0eea0a45b29890d2b1c66ba0f62bxorg-x11-server-Xdmx-1.10.6-1.sl6.i686.rpmd06237880d1a5e72d61c6391ab6f017b42a890e6a2210b5953737985d1074861xorg-x11-server-source-1.10.6-1.sl6.noarch.rpm9908fef627b8e747b905a59caede26e5247c5e4cc56baaf9999469135b419fb4xorg-x11-server-Xnest-1.10.6-1.sl6.i686.rpm23100cd12a74dabaa23efe4f2cb8abb17b48d0ef67c06721322759c3e6f42b44xorg-x11-server-Xvfb-1.10.6-1.sl6.i686.rpmc75ac4b12b621fbdcdcd54fb54a4465160d4f307dca68048191db135e13f4464xorg-x11-server-common-1.10.6-1.sl6.i686.rpma9b392d56f0ded2c833361d868a7c170b6fbaeae447fd3ea9e682490df7e8471xorg-x11-server-Xorg-1.10.6-1.sl6.i686.rpm76b25385c3a14c32bcce593d8ead91efc88cb26699d99008c5d049c3ab94b1b9SLSA-2012:0958-4The sosreport utility collected the Kickstart configuration file ("/root /anaconda-ks.cfg"), but did not remove the root user's password from it before adding the file to the resulting archive of debugging information. An attacker able to access the archive could possibly use this flaw to obtain the root user's password. "/root/anaconda-ks.cfg" usually only contains a hash of the password, not the plain text password. (CVE-2012-2664) Note: This issue affected all installations, not only systems installed via Kickstart. A "/root/anaconda-ks.cfg" file is created by all installation types.lowScientific Linux FermiScientific Linux Fermi 6sos-2.2-29.el6.noarch.rpm68580d0c57472dd8de1d74bd5eef6877d84836b50ee1126f2de3b6c14cc5b31aSLSA-2012:0973-4It was found that a Certificate Authority (CA) issued a subordinate CA certificate to its customer, that could be used to issue certificates for any name. This update renders the subordinate CA certificate as untrusted. Note: This fix only applies to applications using the NSS Builtin Object Token. It does not render the certificates untrusted for applications that use the NSS library, but do not use the NSS Builtin Object Token. The nspr package has been upgraded to upstream version 4.9, which provides a number of bug fixes and enhancements over the previous version. The nss-util package has been upgraded to upstream version 3.13.3, which provides a number of bug fixes and enhancements over the previous version. The nss package has been upgraded to upstream version 3.13.3, which provides numerous bug fixes and enhancements over the previous version. In particular, SSL 2.0 is now disabled by default, support for SHA-224 has been added, PORT_ErrorToString and PORT_ErrorToName now return the error message and symbolic name of an NSS error code, and NSS_GetVersion now returns the NSS version string. These updated nss, nss-util, and nspr packages also provide fixes for the following bugs: * A PEM module internal function did not clean up memory when detecting a non- existent file name. Consequently, memory leaks in client code occurred. The code has been improved to deallocate such temporary objects and as a result the reported memory leakage is gone. * Recent changes to NSS re-introduced a problem where applications could not use multiple SSL client certificates in the same process. Therefore, any attempt to run commands that worked with multiple SSL client certificates, such as the "yum repolist" command, resulted in a re-negotiation handshake failure. With this update, a revised patch correcting this problem has been applied to NSS, and using multiple SSL client certificates in the same process is now possible again. * The PEM module did not fully initialize newly constructed objects with function pointers set to NULL. Consequently, a segmentation violation in libcurl was sometimes experienced while accessing a package repository. With this update, the code has been changed to fully initialize newly allocated objects. As a result, updates can now be installed without problems. * A lack-of-robustness flaw caused the administration server for RH Directory Server to terminate unexpectedly because the mod_nss module made nss calls before initializing nss as per the documented API. With this update, nss protects itself against being called before it has been properly initialized by the caller. * Compilation errors occurred with some compilers when compiling code against NSS 3.13.1. The following error message was displayed: pkcs11n.h:365:26: warning: "__GNUC_MINOR" is not defined An upstream patch has been applied to improve the code and the problem no longer occurs. * Unexpected terminations were reported in the messaging daemon (qpidd) included in MRG after a recent update to nss. This occurred because qpidd made nss calls before initializing nss. These updated packages prevent qpidd and other affected processes that call nss without initializing as mandated by the API from crashing. After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6nss-tools-3.13.3-6.el6.i686.rpmbf1ef73633f638879f981f471473bbdf544760830011afebd8a8d273b01de40bnss-util-devel-3.13.3-2.el6.i686.rpm60fcdb756329f190c57a6c7ae4d65462e91e5bf641e4aa071f86734d7036500fnss-util-3.13.3-2.el6.i686.rpmbeea4e08dbed0c62853ac6acb6d9a4dce30a87afee26bf1e2982c090d658089fnspr-devel-4.9-1.el6.i686.rpma02267658957c288a2e8ffb403baf2a9edd5b9bd4c287a414913f85320eb4f30nspr-4.9-1.el6.i686.rpm50b20dfd5fc26f99a9a88cf4b89cf52f6aeef35e64b1f7345f819e2fd4cb5fa5nss-sysinit-3.13.3-6.el6.i686.rpm44b336a3b3219df5328d4b5ce47bb27ff0ae8304dc65b64e056e03d89333e508nss-devel-3.13.3-6.el6.i686.rpmb19f2c1d37a048dda90effbf10cf352cec29e8af4d43581d0c9956e00a2ba073nss-pkcs11-devel-3.13.3-6.el6.i686.rpm255b5fd1507c60e31e6263ff37947f7ca3129fc9bbaee775ca5dc2be041818a8nss-3.13.3-6.el6.i686.rpm5aa77e584034b85957c79a4e5435f4c8a6e2954863e497dbc79d574cda96ce8aSLSA-2012:0987-4It was found that the Java HashMap implementation was susceptible to predictable hash collisions. SBLIM uses HashMap when parsing XML inputs. A specially-crafted CIM-XML message from a WBEM (Web-Based Enterprise Management) server could cause a SBLIM client to use an excessive amount of CPU. Randomization has been added to help avoid collisions. (CVE-2012-2328)lowScientific Linux FermiScientific Linux Fermi 6sblim-cim-client2-javadoc-2.1.3-2.el6.noarch.rpm58ae73c58f2f218da96aaa2707cd067b385fcf397c6ff4c2842b408fc7e24ec1sblim-cim-client2-manual-2.1.3-2.el6.noarch.rpmf04914bac585bd169668bda04707dd649118786ca948c9ef73ec497a6f9ee470sblim-cim-client2-2.1.3-2.el6.noarch.rpmde24aed2cfc7adc2e599c2731302ff15821657a8fce5ca2a7495b3dbc7665824SLSA-2012:0997-1A flaw was found in the way 389 Directory Server handled password changes. If an LDAP user has changed their password, and the directory server has not been restarted since that change, an attacker able to bind to the directory server could obtain the plain text version of that user's password via the "unhashed#user#password" attribute. (CVE-2012-2678) It was found that when the password for an LDAP user was changed, and audit logging was enabled (it is disabled by default), the new password was written to the audit log in plain text form. This update introduces a new configuration parameter, "nsslapd-auditlog-logging-hide-unhashed-pw", which when set to "on" (the default option), prevents 389 Directory Server from writing plain text passwords to the audit log. This option can be configured in "/etc/dirsrv/slapd-[ID]/dse.ldif". (CVE-2012-2746) After installing this update, the 389 server service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6389-ds-base-libs-1.2.10.2-18.el6_3.i686.rpm69edea30e650ede5ff4abbfb313d1352a108490087a01a23bbee7370104f5972389-ds-base-1.2.10.2-18.el6_3.i686.rpm41f06f983778b18377a856cfba345d3e1eab87601448e59d8af524511ad9874a389-ds-base-devel-1.2.10.2-18.el6_3.i686.rpm495b37ff837896bebbf3755ec2a020af0e477c18ca81eaa9cad851feaaefff17SLSA-2012:1037-1A flaw was found in the way the crypt() password hashing function from the optional PostgreSQL pgcrypto contrib module performed password transformation when used with the DES algorithm. If the password string to be hashed contained the 0x80 byte value, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. This made brute-force guessing more efficient as the whole password was not required to gain access to protected resources. (CVE-2012-2143) Note: With this update, the rest of the string is properly included in the DES hash; therefore, any previously stored password values that are affected by this issue will no longer match. In such cases, it will be necessary for those stored password hashes to be updated. A denial of service flaw was found in the way the PostgreSQL server performed a user privileges check when applying SECURITY DEFINER or SET attributes to a procedural language's (such as PL/Perl or PL/Python) call handler function. A non-superuser database owner could use this flaw to cause the PostgreSQL server to crash due to infinite recursion. (CVE-2012-2655) Upstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of the CVE-2012-2143 issue. These updated packages upgrade PostgreSQL to version 8.4.12, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release.html If the postgresql service is running, it will be automatically restarted after installing this update.moderateScientific Linux FermiScientific Linux Fermi 6postgresql-plperl-8.4.12-1.el6_2.i686.rpm356041889f046a4e01322f31bb0fab6a88f306c668ee5f771fd9a606fa3d63ffpostgresql-libs-8.4.12-1.el6_2.i686.rpmee08d9e6fc29ce6f0c45e92071592107a4721f50b95356c2083c9c6cece0bc44postgresql-docs-8.4.12-1.el6_2.i686.rpm88ceb6fb315112172b8662c5c3eab6dc92fb9353271d98a5522abdbfc10ff24cpostgresql-8.4.12-1.el6_2.i686.rpmff2d1cc3f5da6baed9ebd9b46458ab9593d1b7f02f46309d1e027a2af1f8d8d1postgresql-test-8.4.12-1.el6_2.i686.rpmaae9a06766909742fd33771f33d6493be08ddc26d6e1fb059c430c3d9802f37apostgresql-plpython-8.4.12-1.el6_2.i686.rpm22c083cf5d9c53408b9e67e25da3560b151d41dfb1ec4c59acf3b197a57b5f4fpostgresql-contrib-8.4.12-1.el6_2.i686.rpm4584951df504c067737a450b9009a4e532d0b624fb2710b554460787f1bd8e74postgresql-devel-8.4.12-1.el6_2.i686.rpm7761c010e4de3e4715e8d89f23482f498894b145ed8da8096d84dec0a1849e0epostgresql-pltcl-8.4.12-1.el6_2.i686.rpmeb871dd9e629f650b0cf80859d9ff4bbb12ca55882a132d997c9357c02835c92postgresql-server-8.4.12-1.el6_2.i686.rpmf352c30732cba0561c8a9b242163fdceebc3c5d5fc44eef022d6dcdf19966c0dSLSA-2012:1046-1It was discovered that the PHP XSL extension did not restrict the file writing capability of libxslt. A remote attacker could use this flaw to create or overwrite an arbitrary file that is writable by the user running PHP, if a PHP script processed untrusted eXtensible Style Sheet Language Transformations (XSLT) content. (CVE-2012-0057) Note: This update disables file writing by default. A new PHP configuration directive, "xsl.security_prefs", can be used to enable file writing in XSLT. A flaw was found in the way PHP validated file names in file upload requests. A remote attacker could possibly use this flaw to bypass the sanitization of the uploaded file names, and cause a PHP script to store the uploaded file in an unexpected directory, by using a directory traversal attack. (CVE-2012-1172) Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the PHP phar extension processed certain fields of tar archive files. A remote attacker could provide a specially-crafted tar archive file that, when processed by a PHP application using the phar extension, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running PHP. (CVE-2012-2386) A format string flaw was found in the way the PHP phar extension processed certain PHAR files. A remote attacker could provide a specially-crafted PHAR file, which once processed in a PHP application using the phar extension, could lead to information disclosure and possibly arbitrary code execution via a crafted phar:// URI. (CVE-2010-2950) A flaw was found in the DES algorithm implementation in the crypt() password hashing function in PHP. If the password string to be hashed contained certain characters, the remainder of the string was ignored when calculating the hash, significantly reducing the password strength. (CVE-2012-2143) Note: With this update, passwords are no longer truncated when performing DES hashing. Therefore, new hashes of the affected passwords will not match stored hashes generated using vulnerable PHP versions, and will need to be updated. It was discovered that the fix for CVE-2012-1823, released via SLSA-2012:0546, did not properly filter all php-cgi command line arguments. A specially-crafted request to a PHP script could cause the PHP interpreter to execute the script in a loop, or output usage information that triggers an Internal Server Error. (CVE-2012-2336) A memory leak flaw was found in the PHP strtotime() function call. A remote attacker could possibly use this flaw to cause excessive memory consumption by triggering many strtotime() function calls. (CVE-2012-0789) A NULL pointer dereference flaw was found in the PHP tidy_diagnose() function. A remote attacker could use specially-crafted input to crash an application that uses tidy::diagnose. (CVE-2012-0781) It was found that PHP did not check the zend_strndup() function's return value in certain cases. A remote attacker could possibly use this flaw to crash a PHP application. (CVE-2011-4153) Upstream acknowledges Rubin Xu and Joseph Bonneau as the original reporters of CVE-2012-2143. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6php-mysql-5.3.3-14.el6_3.i686.rpm356588d7208f7b5b50f971a412578e8efac223dcc01dff224672655cdf4d3279php-gd-5.3.3-14.el6_3.i686.rpmd61800594a2c485d826e38ce18b40776eeecb73369be26e41f3be794cf0e6178php-pgsql-5.3.3-14.el6_3.i686.rpm6732355f6ee416ec686a29a0d9dc2301263e54ad45c83426d5faf452adb91d8bphp-snmp-5.3.3-14.el6_3.i686.rpmb160e40428343a626b6ac62f2bfc25cf7fa70777a6d493e19cf13ed938ecda05php-dba-5.3.3-14.el6_3.i686.rpmdc6e7d5c5745b40098830343274ac68e2775a906bba3939ce05d6da3d5b66d6aphp-intl-5.3.3-14.el6_3.i686.rpm99b9083075d83705ddb74de4327ed897a4f76142fff9513a12226bd9ea0a881dphp-bcmath-5.3.3-14.el6_3.i686.rpm1b35c8354158052abc7165bfe333f8ea968f4def238fcb7bc6b5becda91c1b2aphp-xmlrpc-5.3.3-14.el6_3.i686.rpmbbb54a26ada4c1d23ff06342590f937e465296e6060714a8f203c7b7575b0eadphp-xml-5.3.3-14.el6_3.i686.rpm5f4eb6e865984ae852f4516c6c4890411a4e55c93b63df2f624922129fa36243php-pspell-5.3.3-14.el6_3.i686.rpm79e11a51ff1b54e25e55f4033010b3a25b93427bdde9b1584690a0c4013398f2php-enchant-5.3.3-14.el6_3.i686.rpm56f4b31ea0a47b985393c5e06793946fd3c2b2256e2f73c601d6b1edf29fc2a3php-tidy-5.3.3-14.el6_3.i686.rpm8a0f49d327f073dd43d75c10bd876698642d084410eb140da9ce85c9ffdba11fphp-common-5.3.3-14.el6_3.i686.rpm6c06328a372c5f113afc3c2f5191ef3d7e98c00544748b8395ab6f392a5d8798php-zts-5.3.3-14.el6_3.i686.rpma7250aa297153d341716aed594fcf7d3f0786047b8c7065cfb3f186931fab044php-odbc-5.3.3-14.el6_3.i686.rpmd1d10ba4973fe4bcf33c9b3947f91b698ba8a49ca7a2bc7e221e1a5bee48b541php-5.3.3-14.el6_3.i686.rpmf9e65e7fe53fe92e2ec2b263cb8fb5d0e12c3d0a26b67621c332faf020be1df6php-devel-5.3.3-14.el6_3.i686.rpmb9ed4700183f94ada8aae57907e7e2c8fd9545c2d7eb52410847195194c54f07php-cli-5.3.3-14.el6_3.i686.rpmfc6cd91185a6210d44413189a0d0a7a5d48e7dc99fee2ff2509e0ffc2151f7a9php-soap-5.3.3-14.el6_3.i686.rpma7c69d6c76410e6988184065bc59e67b10cf1e79a646afdb2a03ad1c039b142dphp-recode-5.3.3-14.el6_3.i686.rpm224c3393617b5d17564dca7ed525e2cad4a0b0709524ca27aac8314b66d494bbphp-imap-5.3.3-14.el6_3.i686.rpm6b53310d54f91a9b3ab2a73e9b6870198b9d6cbdc378d48cb383379250355f81php-pdo-5.3.3-14.el6_3.i686.rpmfbb9d4d6aedb3da277cc510f235cea09d89f0e7cbdfdc9785e810fdd402eb23ephp-mbstring-5.3.3-14.el6_3.i686.rpm8d6c5f0a41e9a9bbed71c19ce7ebc5adeb699a6a1cc07aa9e5901b20611f575aphp-embedded-5.3.3-14.el6_3.i686.rpm6228a9930aa1f4681c5a88459bd59954f7cfdd0afd577816a3ee4a609ecbd20bphp-process-5.3.3-14.el6_3.i686.rpm57c4b38c17d09108540f78ccefed013e3a86d22b87e1d72e79f9bf60f8aea2b0php-ldap-5.3.3-14.el6_3.i686.rpm40903741104d9883792a15ad6ff721e4d0f31fa51e5ab78402e1d4ff485745eaSLSA-2012:1054-1libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2012-2088) Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the tiff2pdf tool. An attacker could use these flaws to create a specially-crafted TIFF file that would cause tiff2pdf to crash or, possibly, execute arbitrary code. (CVE-2012-2113) All running applications linked against libtiff must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libtiff-devel-3.9.4-6.el6_3.i686.rpm01e1f8b206d47978640770331aca76cbf8941d5ee435f76612698abfa47eb3e7libtiff-3.9.4-6.el6_3.i686.rpm5af03473709cff1b1132340ce70e97545ff8ec1f848c7620a3f805e3aec830f6libtiff-static-3.9.4-6.el6_3.i686.rpma285514724549ab6368d39ea72703298f5b818cd540cf7203f733996dee0d3b9SLSA-2012:1064-1This update fixes the following security issues: * A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash. (CVE-2012-2744, Important) * A flaw was found in the way the Linux kernel's key management facility handled replacement session keyrings on process forks. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2745, Moderate) This update also fixes the following bugs: * Previously introduced firmware files required for new Realtek chipsets contained an invalid prefix ("rtl_nic_") in the file names, for example "/lib/firmware/rtl_nic/rtl_nic_rtl8168d-1.fw". This update corrects these file names. For example, the aforementioned file is now correctly named "/lib/firmware/rtl_nic/rtl8168d-1.fw". * This update blacklists the ADMA428M revision of the 2GB ATA Flash Disk device. This is due to data corruption occurring on the said device when the Ultra-DMA 66 transfer mode is used. When the "libata.force=5:pio0,6:pio0" kernel parameter is set, the aforementioned device works as expected. * On Scientific Linux 6, mounting an NFS export from a server running Windows Server 2012 Release Candidate returned the NFS4ERR_MINOR_VERS_MISMATCH error because Windows Server 2012 Release Candidate supports NFSv4.1 only. Scientific Linux 6 did not properly handle the returned error and did not fall back to using NFSv3, which caused the mount operation to fail. With this update, when the NFS4ERR_MINOR_VERS_MISMATCH error is returned, the mount operation properly falls back to using NFSv3 and no longer fails. * On ext4 file systems, when fallocate() failed to allocate blocks due to the ENOSPC condition (no space left on device) for a file larger than 4 GB, the size of the file became corrupted and, consequently, caused file system corruption. This was due to a missing cast operator in the "ext4_fallocate()" function. With this update, the underlying source code has been modified to address this issue, and file system corruption no longer occurs. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-2.6.32-279.1.1.el6.i686.rpm02d5f397dd31a4ceafb5dbe44994541566dbc7d9ca5509129e1d7d3b5dece343kernel-firmware-2.6.32-279.1.1.el6.noarch.rpmba0ab14c3814f414b74e89c05c88bac22e305bfca9ab0f19f2c5a0b0857a3fb4kernel-debug-devel-2.6.32-279.1.1.el6.i686.rpmc345a7415c304d368d8778beef264a40c645f37735c64f8d73f83f92773ef989kernel-headers-2.6.32-279.1.1.el6.i686.rpm099efda1f997f5453934765499b38822b4b33f2242ab0566ef8ccf67d57bfcf9kernel-doc-2.6.32-279.1.1.el6.noarch.rpm6c928e68323130ff2800794bd38a5e0e139626a9cc9a4b917d153e9939d3f3cepython-perf-2.6.32-279.1.1.el6.i686.rpmfc09a15837bf40e2c1d6e8b63b006f76649c5ed798e74e74446724ef9c9ec9ffperf-2.6.32-279.1.1.el6.i686.rpm94f1d50ece419d3c9367f1669d17cffe587fb87518aabe383c083f89f88abad9kernel-debug-2.6.32-279.1.1.el6.i686.rpm5af0aaefe5b5657aa925dafa07372a348662a0bc47aba5f61f462329b035e4d4kernel-devel-2.6.32-279.1.1.el6.i686.rpm018ee320332a48db3d0111b3c0d7ca16e3bc3430c25190f5ad7b010cdd8ce72dSLSA-2012:1068-1An input validation flaw, leading to a heap-based buffer overflow, was found in the way OpenJPEG handled the tile number and size in an image tile header. A remote attacker could provide a specially-crafted image file that, when decoded using an application linked against OpenJPEG, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-3358) OpenJPEG allocated insufficient memory when encoding JPEG 2000 files from input images that have certain color depths. A remote attacker could provide a specially-crafted image file that, when opened in an application linked against OpenJPEG (such as image_to_j2k), would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2009-5030) All running applications using OpenJPEG must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6openjpeg-libs-1.3-8.el6_3.i686.rpm4b20517828df4013d2b294582a9711240a60533104b2881ef279d4388abbdc8eopenjpeg-1.3-8.el6_3.i686.rpmf0a91542292ec95555c45c8fd10fd8e6c65d552e3e205bf394c707c77e92ddcfopenjpeg-devel-1.3-8.el6_3.i686.rpm63e3d4819c270771524772b8cc52279e3014419bddfbd04cb3cdb34bb133491dSLSA-2012:1081-1A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run commands with sudo on specific hosts, could use this flaw to bypass intended restrictions and run those commands on hosts not matched by any of the network specifications. (CVE-2012-2337)moderateScientific Linux FermiScientific Linux Fermi 6sudo-1.7.4p5-12.el6_3.i686.rpme6c6dc03219c29599113578f6fda7745eee0415d96ff427ec3d4aa0efe867edcSLSA-2012:1088-1A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967) A malicious web page could bypass same-compartment security wrappers (SCSW) and execute arbitrary code with chrome privileges. (CVE-2012-1959) A flaw in the context menu functionality in Firefox could allow a malicious website to bypass intended restrictions and allow a cross-site scripting attack. (CVE-2012-1966) A page different to that in the address bar could be displayed when dragging and dropping to the address bar, possibly making it easier for a malicious site or user to perform a phishing attack. (CVE-2012-1950) A flaw in the way Firefox called history.forward and history.back could allow an attacker to conceal a malicious URL, possibly tricking a user into believing they are viewing a trusted site. (CVE-2012-1955) A flaw in a parser utility class used by Firefox to parse feeds (such as RSS) could allow an attacker to execute arbitrary JavaScript with the privileges of the user running Firefox. This issue could have affected other browser components or add-ons that assume the class returns sanitized input. (CVE-2012-1957) A flaw in the way Firefox handled X-Frame-Options headers could allow a malicious website to perform a clickjacking attack. (CVE-2012-1961) A flaw in the way Content Security Policy (CSP) reports were generated by Firefox could allow a malicious web page to steal a victim's OAuth 2.0 access tokens and OpenID credentials. (CVE-2012-1963) A flaw in the way Firefox handled certificate warnings could allow a man-in- the-middle attacker to create a crafted warning, possibly tricking a user into accepting an arbitrary certificate as trusted. (CVE-2012-1964) A flaw in the way Firefox handled feed:javascript URLs could allow output filtering to be bypassed, possibly leading to a cross-site scripting attack. (CVE-2012-1965) The nss update SLBA-2012:0337 for Scientific Linux 5 and 6 introduced a mitigation for the CVE-2011-3389 flaw. For compatibility reasons, it remains disabled by default in the nss packages. This update makes Firefox enable the mitigation by default. It can be disabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before launching Firefox. After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-devel-10.0.6-1.el6_3.i686.rpmb691da6dbe9110f6a4185fdd543db0c592948e7d524bc8f252389d03d428d13fxulrunner-10.0.6-1.el6_3.i686.rpm5b37e8f99170181c9858203aab6f94719edf5699042c24e1919227b551f31180firefox-10.0.6-1.el6_3.i686.rpmc9f4854f34dd968a5fd8ebf81d7b743a56613d81e9aa0288bddd6d08f0e372caSLSA-2012:1089-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-1948, CVE-2012-1951, CVE-2012-1952, CVE-2012-1953, CVE-2012-1954, CVE-2012-1958, CVE-2012-1962, CVE-2012-1967) Malicious content could bypass same-compartment security wrappers (SCSW) and execute arbitrary code with chrome privileges. (CVE-2012-1959) A flaw in the way Thunderbird called history.forward and history.back could allow an attacker to conceal a malicious URL, possibly tricking a user into believing they are viewing trusted content. (CVE-2012-1955) A flaw in a parser utility class used by Thunderbird to parse feeds (such as RSS) could allow an attacker to execute arbitrary JavaScript with the privileges of the user running Thunderbird. This issue could have affected other Thunderbird components or add-ons that assume the class returns sanitized input. (CVE-2012-1957) A flaw in the way Thunderbird handled X-Frame-Options headers could allow malicious content to perform a clickjacking attack. (CVE-2012-1961) A flaw in the way Content Security Policy (CSP) reports were generated by Thunderbird could allow malicious content to steal a victim's OAuth 2.0 access tokens and OpenID credentials. (CVE-2012-1963) A flaw in the way Thunderbird handled certificate warnings could allow a man- in-the-middle attacker to create a crafted warning, possibly tricking a user into accepting an arbitrary certificate as trusted. (CVE-2012-1964) The nss update SLBA-2012:0337 for Scientific Linux 5 and 6 introduced a mitigation for the CVE-2011-3389 flaw. For compatibility reasons, it remains disabled by default in the nss packages. This update makes Thunderbird enable the mitigation by default. It can be disabled by setting the NSS_SSL_CBC_RANDOM_IV environment variable to 0 before launching Thunderbird. Note: None of the issues in this advisory can be exploited by a specially- crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-10.0.6-1.el6_3.i686.rpme3d7344883cd4bd85ae645c82293b1ceba6bcfa8254619c597c009d6f9acea44SLSA-2012:1091-1A flaw was found in the way the ASN.1 (Abstract Syntax Notation One) decoder in NSS handled zero length items. This flaw could cause the decoder to incorrectly skip or replace certain items with a default value, or could cause an application to crash if, for example, it received a specially-crafted OCSP (Online Certificate Status Protocol) response. (CVE-2012-0441) The nspr package has been upgraded to upstream version 4.9.1, which provides a number of bug fixes and enhancements over the previous version. The nss-util package has been upgraded to upstream version 3.13.5, which provides a number of bug fixes and enhancements over the previous version. The nss package has been upgraded to upstream version 3.13.5, which provides a number of bug fixes and enhancements over the previous version. After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6nspr-devel-4.9.1-2.el6_3.i686.rpmf6a56591673278d8003528a874d4a59c17cf64c080afc1ec3351b49c422a98c0nss-sysinit-3.13.5-1.el6_3.i686.rpm6ecefb14a67677f96a107957444c5bae0ff64ab2324b277dce33ac3f36a34121nss-util-devel-3.13.5-1.el6_3.i686.rpmb5a1784090898fe9e0746afa1cd541db2aff3d4240ebad0973496d852fc51970nss-pkcs11-devel-3.13.5-1.el6_3.i686.rpm5c5702611f47eda13960e8f33be52c5088cc364aba38987d044b85f580d081c8nss-3.13.5-1.el6_3.i686.rpmb05ca71af8c846e8eccfc2fc47224fef19ec2aa1a2e4324f10e65e742033791fnss-util-3.13.5-1.el6_3.i686.rpm96a567f6f9625b3ac5a7738ab8deaecdde1adf51bdffa275a5ee98b1bb83d712nspr-4.9.1-2.el6_3.i686.rpm91b7b58364daf3288e87db3dd0180bf2d9848267a39c571e92e696bcf5655b46nss-tools-3.13.5-1.el6_3.i686.rpmdb969c37f3e87f6011085689eb5bd3806020e472ff1c1184a417f9382d5c29abnss-devel-3.13.5-1.el6_3.i686.rpm537ccf16df8a9de145eb89e502559a412c714e2d1c54a9f7c0412aca51f83145SLSA-2012:1098-1Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort. (CVE-2012-3404, CVE-2012-3405, CVE-2012-3406) This update also fixes the following bug: * A programming error caused an internal array of nameservers to be only partially initialized when the /etc/resolv.conf file contained IPv6 nameservers. Depending on the contents of a nearby structure, this could cause certain applications to terminate unexpectedly with a segmentation fault. The programming error has been fixed, which restores proper behavior with IPv6 nameservers listed in the /etc/resolv.conf file.moderateScientific Linux FermiScientific Linux Fermi 6glibc-headers-2.12-1.80.el6_3.3.i686.rpm1aa73a6a5c17f11ae1dfb4f27769279bea3a93eb017bd7568bd5f7e2dc730335glibc-devel-2.12-1.80.el6_3.3.i686.rpm34d1fe682bbafe6136fc98b18a71e9921af543ce84d1b0e5a1e2d7516a812a92glibc-common-2.12-1.80.el6_3.3.i686.rpmab518c2abb8e2e0328b50d0f051eafc21f34e94cece1dd3303909b87fbceaa56glibc-2.12-1.80.el6_3.3.i686.rpmace244c4509281f8d252a89cdd3f66901b25c5b28b780e305ec69edb5c70fba3nscd-2.12-1.80.el6_3.3.i686.rpmbee0df4d6690c17e0a061686ffb10d2cb245df82bc3ace8f84e3d147332122c2glibc-utils-2.12-1.80.el6_3.3.i686.rpm793f4b4356cf5d338cbfa21a39030cf1099a580b4caff5d6d0a7148282afdc92glibc-static-2.12-1.80.el6_3.3.i686.rpm6be38b1149d2ab9b320e75964b77d1054f3213fbb74062637008d78c67a5a5bdSLSA-2012:1102-1A flaw was found in the way the Pidgin MSN protocol plug-in processed text that was not encoded in UTF-8. A remote attacker could use this flaw to crash Pidgin by sending a specially-crafted MSN message. (CVE-2012-1178) An input validation flaw was found in the way the Pidgin MSN protocol plug-in handled MSN notification messages. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending a specially-crafted MSN notification message. (CVE-2012-2318) A buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A remote attacker could use this flaw to crash Pidgin by sending a MXit message containing specially-crafted emoticon tags. (CVE-2012-3374) Pidgin must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libpurple-devel-2.7.9-5.el6.2.i686.rpm9b3b814b1cf0c31fb036dc2555ee51f973d0db3b08eaa16da3996ce7da03b0bdlibpurple-2.7.9-5.el6.2.i686.rpm6de18cb733a44ac5b36337de84159328bd6cea0b6ad89cfb4584a78307c04928libpurple-perl-2.7.9-5.el6.2.i686.rpma4e481cac1d445624a5ee2409593864fd2ab89176d185f698f71f87a1d710041libpurple-tcl-2.7.9-5.el6.2.i686.rpm902741c828f7a3ca93f54f39aaa1398332e010431559e818145d4afcf3bef12bpidgin-devel-2.7.9-5.el6.2.i686.rpm9a9c14164be784e076ffcc5a1f9bb65e31a9204491433dcceef44fe46565c057pidgin-docs-2.7.9-5.el6.2.i686.rpmcb71f49eff20dc93d53773fc8ccded83785cec3275e00cb639917ac6ce9610a0finch-2.7.9-5.el6.2.i686.rpmd5987f40fb24f624660e471a81d6c3ae9367fd654b8344ef8360ba35a4e90d17pidgin-2.7.9-5.el6.2.i686.rpm42a01006805630d8d2478764b0886f96182b71e2261f637eceda4da32b510c6ffinch-devel-2.7.9-5.el6.2.i686.rpmd122c5eb8a48f9747c362a85d79bb0b1c565f22a70d1e22f8965bd5efb74d546pidgin-perl-2.7.9-5.el6.2.i686.rpm1fecb92d184d5494442456b753abc775d89e0c8374066b78f56cc4726ff30c37SLSA-2012:1116-1Two format string flaws were found in perl-DBD-Pg. A specially-crafted database warning or error message from a server could cause an application using perl- DBD-Pg to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-1151) Applications using perl-DBD-Pg must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6perl-DBD-Pg-2.15.1-4.el6_3.i686.rpma59605d842c872d3f6996fe77e263bbfe91b9e3b2f953aaecf56183579092297SLSA-2012:1123-1An uninitialized data structure use flaw was found in BIND when DNSSEC validation was enabled. A remote attacker able to send a large number of queries to a DNSSEC validating BIND resolver could use this flaw to cause it to exit unexpectedly with an assertion failure. (CVE-2012-3817) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-utils-9.8.2-0.10.rc1.el6_3.2.i686.rpm21352c4cb49985a592ee2c0cb41cc38ace853a63569344df2ab765411632b020bind-chroot-9.8.2-0.10.rc1.el6_3.2.i686.rpmc4cc20a66976ccc0a6136a12a2bea2d649387d63f361322665e62c395a799ce0bind-devel-9.8.2-0.10.rc1.el6_3.2.i686.rpmf96bca8242e80801e7c2cedae109d9dab6343f5a744ad0c03a99aece30d4d7b5bind-9.8.2-0.10.rc1.el6_3.2.i686.rpmbfb94e90ffa282b47c469a11f5963507fc6020979e5dfc226668b8eaab4f3c6dbind-sdb-9.8.2-0.10.rc1.el6_3.2.i686.rpm314f9a8c2064720e43481a53cf37af6460d326ddca8ae33e875984a62546b332bind-libs-9.8.2-0.10.rc1.el6_3.2.i686.rpm2d0c9e73c167c67536def8b9057321410a7e4220dedba14d0de66ab0309a9f3cSLSA-2012:1131-1An uninitialized pointer use flaw was found in the way the MIT Kerberos KDC handled initial authentication requests (AS-REQ). A remote, unauthenticated attacker could use this flaw to crash the KDC via a specially-crafted AS-REQ request. (CVE-2012-1015) A NULL pointer dereference flaw was found in the MIT Kerberos administration daemon, kadmind. A Kerberos administrator who has the "create" privilege could use this flaw to crash kadmind. (CVE-2012-1013) After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6krb5-libs-1.9-33.el6_3.2.i686.rpmf5096ccc7111337f24ac9ab24322e88b1378f59c0ab9866e5cd0c9464affa110krb5-server-ldap-1.9-33.el6_3.2.i686.rpmb47f842a973766b7cd00fabea5c894e7f8b40a2f4c709cb003214b93b7a9c79akrb5-pkinit-openssl-1.9-33.el6_3.2.i686.rpmb67a85b097cf87dddf83900900e3e01216d607bda7ef3e9440be1e2f9eb867b0krb5-devel-1.9-33.el6_3.2.i686.rpm82ff686653c98731a0c5b7daa54b61c9a103d557a7089ac369f3c1850f93b399krb5-workstation-1.9-33.el6_3.2.i686.rpm34787e18ac82633855a96889a6a1d03244fc8c84367cbef9c5076e8354527a79krb5-server-1.9-33.el6_3.2.i686.rpmc065c8bc4e5c64baf1f3718c9ba7326b40cd6fbe4533d15a04e74bc170e52517SLSA-2012:1132-1An uninitialized pointer use flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could possibly cause a web browser using the IcedTea-Web plug-in to crash, disclose a portion of its memory, or execute arbitrary code. (CVE-2012-3422) It was discovered that the IcedTea-Web plug-in incorrectly assumed all strings received from the browser were NUL terminated. When using the plug-in with a web browser that does not NUL terminate strings, visiting a web page containing a Java applet could possibly cause the browser to crash, disclose a portion of its memory, or execute arbitrary code. (CVE-2012-3423) This erratum also upgrades IcedTea-Web to version 1.2.1. Web browsers using the IcedTea-Web browser plug-in must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6icedtea-web-1.2.1-1.el6_3.i686.rpma2930873b78d23e695aec3228fdbef13dc3e08c5d0dccb262133e2b7189fd3a3icedtea-web-javadoc-1.2.1-1.el6_3.i686.rpm16e01f8fb8ffdf7bea0f06336305088f94218abcda17ede694bbbcf01e0d567aSLSA-2012:1135-1Multiple heap-based buffer overflow flaws were found in the way LibreOffice processed encryption information in the manifest files of OpenDocument Format files. An attacker could provide a specially-crafted OpenDocument Format file that, when opened in a LibreOffice application, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2665) Upstream acknowledges Timo Warns as the original reporter of these issues. All running instances of LibreOffice applications must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libreoffice-langpack-bn-3.4.5.2-16.1.el6_3.i686.rpm8b94659406555dcba64572c63dba2bb020e526c06faefce127c52839c8cfbb0blibreoffice-langpack-uk-3.4.5.2-16.1.el6_3.i686.rpm75458dfd5e54ad84db758c3f6b13c26da87a88775f9c646d3743c194b41b27balibreoffice-ogltrans-3.4.5.2-16.1.el6_3.i686.rpmb572338a21103aa1739797322708a615dbbdaa1bdea027590f1d1ca44def0816autocorr-lb-3.4.5.2-16.1.el6_3.noarch.rpm8268565f6e9f66edff2e9792c4f265228bdf8d26c051cba318c267a7d82abe0dlibreoffice-langpack-en-3.4.5.2-16.1.el6_3.i686.rpmb7f96eb9d4a1037825f47b3eb281694e81c9b97810b1b59dab8c4a0eb84db16dautocorr-fi-3.4.5.2-16.1.el6_3.noarch.rpm8f1124fbdcd41e5b3f263be6ed69aebafbf600f929310dfc37d3ae23be3a4a22libreoffice-testtools-3.4.5.2-16.1.el6_3.i686.rpm215686e520b050b306a9027b046fe72b662e0b16c299ad4db6c2f7d8c7653bd6autocorr-fa-3.4.5.2-16.1.el6_3.noarch.rpm5102072006f0f228d9d2c20bf9811f813bfb1a540fd49294a58474d2d8bcd5dclibreoffice-sdk-3.4.5.2-16.1.el6_3.i686.rpm3ebd8f245b6fa19c76044daee0eabf414f79b5a95946756d1dff1852fffdabafautocorr-pt-3.4.5.2-16.1.el6_3.noarch.rpm8ba74d1005a4b80b8050f9a9ae7c21b3393a687b2849c04d119e802ebea8003elibreoffice-impress-3.4.5.2-16.1.el6_3.i686.rpm626e538ce83038fa1bf216aafd52fc8c5fde762ee5a7924c599e5bd87c0f976blibreoffice-langpack-ss-3.4.5.2-16.1.el6_3.i686.rpm45c940268dab206364728644975b5608c91648dcba76c2feff04f6784bdf434dlibreoffice-langpack-bg-3.4.5.2-16.1.el6_3.i686.rpm7f9f491967ef92d7291772f0581dd06fafb96f10a00c03763087e4e85d6eda89libreoffice-langpack-gu-3.4.5.2-16.1.el6_3.i686.rpm86fc000356ff707ecb9de0c23bfab422d4081e7762dd905c6de1f826750ea2e1libreoffice-report-builder-3.4.5.2-16.1.el6_3.i686.rpmd736d7ef08ab9012ee09bcc7372853772e3acc494ff2535ac65384ef698bedfeautocorr-sr-3.4.5.2-16.1.el6_3.noarch.rpmeaa1166e5cdd42340227f155447e3ca5f28a6b768d6c25f0aa15680bd438c824libreoffice-langpack-af-3.4.5.2-16.1.el6_3.i686.rpm2568268e5230f72892956bb99fa7e0923f81e6d48c2a0cb9bdb08e53d8a04711libreoffice-langpack-pl-3.4.5.2-16.1.el6_3.i686.rpm23d48c1f3cf082d819dba15ed4d7088af3742cc169fc5d65846006afaf5e4a07libreoffice-langpack-ro-3.4.5.2-16.1.el6_3.i686.rpm89a19f6950f32fac1f70d68c3e9fd648ed6a6152acf5d65e7732ead1597eba5flibreoffice-langpack-ms-3.4.5.2-16.1.el6_3.i686.rpmf006da2d1ce1a4affe6ada00f643c38a23aa4078e7794241f2352714ae4f5deelibreoffice-langpack-ja-3.4.5.2-16.1.el6_3.i686.rpmc1f69f31362ee688b26ed070b84bed308da5a4ac71e04f4723d7bc3bafc26474libreoffice-langpack-gl-3.4.5.2-16.1.el6_3.i686.rpmb7dad70bf808b1f69dd8bc1cf4240e0ae54b43aff70f89bb5d57116881a217a0libreoffice-langpack-tn-3.4.5.2-16.1.el6_3.i686.rpma92064a02dcfdb6dbaaf3fb8648ab9b3d90eb4428fbad225fd4b7fa01a2c35c4libreoffice-langpack-nso-3.4.5.2-16.1.el6_3.i686.rpmaa4e39d9edaa7b5224d8714718fe9129edfb09f8844dcd4f62cda5d90f97fa9bautocorr-af-3.4.5.2-16.1.el6_3.noarch.rpm382c413f0fd8b0321201f220b4f68990e59df302bab37c991a253f991856ae07autocorr-fr-3.4.5.2-16.1.el6_3.noarch.rpmec6f7e110e0c5693738407a3f7284704c5902f6848ba8621a7a118c91340259fautocorr-bg-3.4.5.2-16.1.el6_3.noarch.rpmaeab2b015df960d256667a3f558d21eee96843795b49b4ab21747e1397fd581clibreoffice-langpack-he-3.4.5.2-16.1.el6_3.i686.rpmfed36d4d1bc1e39ddb98120626ec991b6be7ed7e5044e15db34bf39512d56cfclibreoffice-draw-3.4.5.2-16.1.el6_3.i686.rpm2ef11ab2ca15ce119084e56665ca035d617a10b5978d8a9675cc3380fc21a28dlibreoffice-sdk-doc-3.4.5.2-16.1.el6_3.i686.rpme47e96853705409fb6367a52b6a4d03797c9fde78c9a13de3b198acdb7eb264flibreoffice-javafilter-3.4.5.2-16.1.el6_3.i686.rpmf8bdfb958a91886ee2c977bfcccc85ee3722c12492dadfc4b1d5296276c1d00fautocorr-mn-3.4.5.2-16.1.el6_3.noarch.rpmbb63458d6f2fb8e4be8d42d0793158da8d0300d4df69f2c390855c0c1ff2ae57libreoffice-langpack-nr-3.4.5.2-16.1.el6_3.i686.rpm7acded446c933e25af9553812304452d0efbdc96bc186f8501f2f78f4d92d365libreoffice-writer-3.4.5.2-16.1.el6_3.i686.rpm34706d4cbbcb9af0b43a56392a08b3f9d7fee3e9896837335120c68f09c5ea35libreoffice-langpack-cy-3.4.5.2-16.1.el6_3.i686.rpmcd382ac832c594c5f0b20354924b1f3085566c42959269643c3b1e6db484f782autocorr-nl-3.4.5.2-16.1.el6_3.noarch.rpmb0576abe70d27d40e2cc78c6d773ff78681d8934bb5b31a2fad305148ab8cf24libreoffice-langpack-zh-Hant-3.4.5.2-16.1.el6_3.i686.rpme61a284e6aff6dfbd1ed913244036a4a493830781b38ab4cd491de44cc56b73fautocorr-en-3.4.5.2-16.1.el6_3.noarch.rpm65580b6636049214a4b8fc8c28a157e5bb62e920a9e344c581467e5051584103libreoffice-langpack-dz-3.4.5.2-16.1.el6_3.i686.rpmb352cd0e31b47218ca713f6a2710bc0f006586b700509edcb3172df1621e214blibreoffice-langpack-ru-3.4.5.2-16.1.el6_3.i686.rpm67fbeded854740a384e6895df267329c590fdbfba98306825cc64a4a88de264dlibreoffice-pdfimport-3.4.5.2-16.1.el6_3.i686.rpm542af06fc7d00aebc0be476afe270fc155ef1d276fb06482361a1e484c8624d6libreoffice-wiki-publisher-3.4.5.2-16.1.el6_3.i686.rpm05469ba79d7f3a809fe16a2356c9a48571281dd97081c2030cf5f7dcacc5515cautocorr-hr-3.4.5.2-16.1.el6_3.noarch.rpm3b46d93203744eb2fc72bded63000c52def46728ad1ae61a4871232fba240052libreoffice-langpack-hr-3.4.5.2-16.1.el6_3.i686.rpmfe1505d8cbf7e0b123da6314c0c5c367ca55910f12abc3d4976c893ecc3f365blibreoffice-langpack-hu-3.4.5.2-16.1.el6_3.i686.rpm3e5b0f7c4d7a86a096f47bdd7e02ff652a6e20b36603bfe2b2dd225a19fd29c2autocorr-es-3.4.5.2-16.1.el6_3.noarch.rpm7665381169fe16e248b255d84be198f7e48edb19adb46a59e6077dcb1b72a9b9libreoffice-langpack-hi-3.4.5.2-16.1.el6_3.i686.rpm364294f3944ae6f39f8ab849ec5d090e999b1e04e75099f995f8d068f5d61d7blibreoffice-langpack-sk-3.4.5.2-16.1.el6_3.i686.rpm8dc9e971b34b4802282037f9f21422eaa040d1c762b0f540dfcc2a9a3d8a6400autocorr-cs-3.4.5.2-16.1.el6_3.noarch.rpmd9cde5326facad63adaac3e18bfabda120b404f6501647cd0f0e59496f1291fcautocorr-ja-3.4.5.2-16.1.el6_3.noarch.rpm8dc26dd9e6324cba72083e08363125ecbc64dc49c1ab4de64e70e7a841503aeblibreoffice-langpack-ve-3.4.5.2-16.1.el6_3.i686.rpm17b348d6969c49eb185b15bb78d6bcafa6eecc7e9400fc97e5dd2c1530d45815autocorr-it-3.4.5.2-16.1.el6_3.noarch.rpm2f6772ea9638c61608359402b61991d1dc638666a614e67cf4c895f0c4a5bce6autocorr-da-3.4.5.2-16.1.el6_3.noarch.rpm5ec87f4f4a350de61ded8c4b04182260747848c07bc5b521a25c50600cdfaa95libreoffice-langpack-kn-3.4.5.2-16.1.el6_3.i686.rpma22d52727de67465955f439d4f783f55248dbdd2f3e24001fa2e8c5bd30a56e7autocorr-ko-3.4.5.2-16.1.el6_3.noarch.rpm3d65352111182ab6cc93ba9569b156fab2e543225268d19fb2476a1d9f696700libreoffice-langpack-ta-3.4.5.2-16.1.el6_3.i686.rpme3f5ebe202466d58a00e64f81fa1adf8d91577d3f53269fb652c2ce06774082clibreoffice-langpack-xh-3.4.5.2-16.1.el6_3.i686.rpmb4ce5ffaa4888792dc9ef6a78d08d0e11a986d22c8381dd26f311c17584278e6libreoffice-langpack-et-3.4.5.2-16.1.el6_3.i686.rpm98561f634fd20279f5f0356823e4df629a5194ff2bb8f67af852ec7aaa73c380libreoffice-langpack-nn-3.4.5.2-16.1.el6_3.i686.rpmbeb2b5e80c899006fbd3db2bca48bc931ba9c274a2eef4ea544ba225ef7cc2c3libreoffice-langpack-de-3.4.5.2-16.1.el6_3.i686.rpmabafad353d1f39bd79a7a7a3a1a170d1fd5916b348ecd5f829a8ec1abc27cecdlibreoffice-langpack-ts-3.4.5.2-16.1.el6_3.i686.rpm9074fcde979e9bdcf79fcb5f88432554bd7fe69f5f062ce434c4d95b426a3a51libreoffice-langpack-mai-3.4.5.2-16.1.el6_3.i686.rpm5590ca1bc6ce9ca51121159897cf38c6d9ba93f3bb8ea123a9b6721ceda8a8f4libreoffice-headless-3.4.5.2-16.1.el6_3.i686.rpm22cae954f271bffdb3cf8cd61d40a7c44dabd4514e9e2ac94a817fbb278add04libreoffice-langpack-or-3.4.5.2-16.1.el6_3.i686.rpm5eb33d4e2451aec1e1bda57daac5ccd0a5409508263afa76c9b5425a97789ea9libreoffice-langpack-st-3.4.5.2-16.1.el6_3.i686.rpm4abefe0885e8aa551f7d2353b779e5524f49c95c090865850ca776cfa01e9e7alibreoffice-langpack-es-3.4.5.2-16.1.el6_3.i686.rpm1def26bb39108095a4020fe453a22a44363d13f5bbcb17757cc14da8932438aflibreoffice-langpack-eu-3.4.5.2-16.1.el6_3.i686.rpm0a95f63e18059449f0c954819c14ca5dfdf804fbfda76746da1825704b91cc32libreoffice-langpack-ga-3.4.5.2-16.1.el6_3.i686.rpm17972a0fef5cfda1986d5d182bfba8b41b4cc1cbb27f346b274208d1045d3f42libreoffice-langpack-ar-3.4.5.2-16.1.el6_3.i686.rpmb56fca5d229350051432290312532960a7e708020ae955cf339171a6580ca49dautocorr-de-3.4.5.2-16.1.el6_3.noarch.rpm113c1bbeac703a63c4d79f563017b9595532710eccb50c57a3d0f9abf949659bautocorr-sk-3.4.5.2-16.1.el6_3.noarch.rpm092aa38a4ead4be4391b9a86bc25002597b53f9f4b1e5fdb1a4a87a5bf745567libreoffice-graphicfilter-3.4.5.2-16.1.el6_3.i686.rpmaa29af97831de24681c6c08ef3536e0cb89f055d339fc3ad923c912b63044ca4libreoffice-langpack-fi-3.4.5.2-16.1.el6_3.i686.rpm0c59af6a9b484585a7b7d78bb483920c90b6b4d0c1ce385964f431641dce6df9autocorr-vi-3.4.5.2-16.1.el6_3.noarch.rpmc2a8d1ed342551ea65221beebfab7bc9e2d2365c31470f9a1abf917d998ed744libreoffice-gdb-debug-support-3.4.5.2-16.1.el6_3.i686.rpm4f8ba0182e08939a479efde25205dbf284cc367ee01b750748f17654ea5f8bdelibreoffice-langpack-ca-3.4.5.2-16.1.el6_3.i686.rpmad5001f9492e8ea3c91a8a71ba3147fb1140ac6043965a5724ef2e6d2cbce29eautocorr-eu-3.4.5.2-16.1.el6_3.noarch.rpm0ef3e40d6dd31116467944da4836f18a87e3af6f916404d83315c636097688b7libreoffice-pyuno-3.4.5.2-16.1.el6_3.i686.rpmc858ea1933984c30278947d3c7005d54d34e93b483b4e98ca15824f2004e85aeautocorr-zh-3.4.5.2-16.1.el6_3.noarch.rpm4969b1c3273ffdf38bd0013c6e4dbff6aa579061ab0636c5cdd05fd0a88f2a89autocorr-ga-3.4.5.2-16.1.el6_3.noarch.rpm9531fc68f2e7b51c9fdbe5caf13b0c26ab14857f827013eb3b05b6b19c10506flibreoffice-presenter-screen-3.4.5.2-16.1.el6_3.i686.rpm060b63bce9de6c11e35ef34a97e667acd034cc94c4583c91846ce9ddeffce70alibreoffice-calc-3.4.5.2-16.1.el6_3.i686.rpmc321b2fa79fd6c79e7c373afcadd15a0aba1c341a2a49bde9d8ab69b1e090daclibreoffice-langpack-sv-3.4.5.2-16.1.el6_3.i686.rpm241af11cf9316c2e9660ab0658c3bf817861213c770a6fd4f3df0b08eaf28cd2autocorr-lt-3.4.5.2-16.1.el6_3.noarch.rpm5fa43e2c98f6d97602f0447b0ad89f6087dd40ed2f358fb12a3575c817acc0d3libreoffice-langpack-cs-3.4.5.2-16.1.el6_3.i686.rpm174329b7f1fa971694008a7d9e72cc605826f1d5cd68c7901252a840222e555alibreoffice-langpack-nb-3.4.5.2-16.1.el6_3.i686.rpm3789d152cb70c3ccc9ad0bc162ffca1edb14e0e207ecf6b0aa5b17325ae7367clibreoffice-langpack-fr-3.4.5.2-16.1.el6_3.i686.rpm4e18f960c40df3f01cc40169e5eee507ffa6aca00d000a977d9829d54ee3c9d7autocorr-tr-3.4.5.2-16.1.el6_3.noarch.rpm2963f70994b057bc4072d2cdfeafd73fb7f60e0055ea1fffc846dc4d0ec8035fautocorr-ru-3.4.5.2-16.1.el6_3.noarch.rpmd81249d67d195fad027c76af6eb281d6a7a73294133c7e635564f970c0ec8a01libreoffice-langpack-nl-3.4.5.2-16.1.el6_3.i686.rpmf502ad5cfb15b5bed78bf5eb853c1639bf53e18be5a34bd47d80cd7d65b9b333libreoffice-langpack-ko-3.4.5.2-16.1.el6_3.i686.rpm4d2a5817fdbd926f4897a51d79b35954f4b5ea0ce1d00309d1fb6b64c4d38a8clibreoffice-langpack-mr-3.4.5.2-16.1.el6_3.i686.rpm2412efebe6d8369887b49cb716cc4c40354a70ccb1873067f09672bb4168ba4flibreoffice-core-3.4.5.2-16.1.el6_3.i686.rpm7f5c94fe232a624199baa8eb39d27a5ff3752c2725001197de3b44389d4ec3dblibreoffice-langpack-zu-3.4.5.2-16.1.el6_3.i686.rpm4dc7f8757672005810237300c4692f7926585e88e7992373def447814bd3c888libreoffice-langpack-lt-3.4.5.2-16.1.el6_3.i686.rpm6b63d85542334b1f441c9a3bc2834ab6081fd31ef403d06f9365f428085b635clibreoffice-ure-3.4.5.2-16.1.el6_3.i686.rpm47ee2caa553a272cae656d44c0ab8f0f21517fb860b103b72ab3841595fb0caalibreoffice-langpack-pa-3.4.5.2-16.1.el6_3.i686.rpm0ae7947b5cd6deb891367c2cd1e91315f8a22be711fb95c18d185763507b1409libreoffice-emailmerge-3.4.5.2-16.1.el6_3.i686.rpmd36a31da4418916538ff8788d07f89a0ca6da6035f299f48271bbc657abb796flibreoffice-presentation-minimizer-3.4.5.2-16.1.el6_3.i686.rpmf6fe4c7a0fb86a18ba40458bd1e15a7b1003eeaff83fa1d582151304d046219elibreoffice-langpack-zh-Hans-3.4.5.2-16.1.el6_3.i686.rpme731edacd1b73d9bfd659d8c5b383e4e245fded93ab72e61a52a8472bd6ef76clibreoffice-langpack-ml-3.4.5.2-16.1.el6_3.i686.rpm5ca596b0a1e4c4a7633e053e813c41585a4ec9d0510f40cb401b4de08e9261d9libreoffice-xsltfilter-3.4.5.2-16.1.el6_3.i686.rpmc400ae0ce84c9e4fd24bd619f9883c669705f5d6687cc671005cf46f84595fe9libreoffice-langpack-sr-3.4.5.2-16.1.el6_3.i686.rpm43a46fc97b57de2d72aef357ff73b5d50929e5a0c21f614b754458c77823fc55libreoffice-langpack-ur-3.4.5.2-16.1.el6_3.i686.rpm1d13fb313c394041a5cded7eb3fa762f3ad90e7ad3407eff370962a97170797clibreoffice-langpack-as-3.4.5.2-16.1.el6_3.i686.rpma2e00d2361b9afc20f12f958a8f7bb0cceb080d7b56f75edae5e2d72748b4812libreoffice-langpack-te-3.4.5.2-16.1.el6_3.i686.rpmdd76da6267dd956fb2c0538265656e76284bd671bd9e8f4901a928aca5c1ce4clibreoffice-math-3.4.5.2-16.1.el6_3.i686.rpm65af65596723a678688904b275c584859cceb0fed087ae7fec0f0fed0e6abadelibreoffice-langpack-el-3.4.5.2-16.1.el6_3.i686.rpmcee6be0bdc1ceec2d283463b13c69ee799dfe23c3bdae13b061878bb171fe39blibreoffice-langpack-da-3.4.5.2-16.1.el6_3.i686.rpm770eb826f751c4d51f06c23001d6281130709aa722b4fa6ba1074003412c4c30libreoffice-3.4.5.2-16.1.el6_3.i686.rpm0257b217d7f4f4c38c25f61f8893f27cad41635a7fc08ce1fd3a062f69d44544libreoffice-langpack-pt-PT-3.4.5.2-16.1.el6_3.i686.rpm5771caf25efb0511b7fcc63fd2484fcfcb23c665c7ccad7c127ef5d6e488bb44libreoffice-langpack-th-3.4.5.2-16.1.el6_3.i686.rpmcedc742f098d2703cede53969fefc0b1cfb5fcbdf70db36fc2b85918a34e837bautocorr-pl-3.4.5.2-16.1.el6_3.noarch.rpmebee0e64c02bf2dd11a98988344fbaa734b7629045681255474c7c5f82c7d5a1libreoffice-opensymbol-fonts-3.4.5.2-16.1.el6_3.noarch.rpm3f8a0e1cde5b4120feca4fabbb9df396d50bfa7f350cc451ac8f68160bfcbd22libreoffice-langpack-it-3.4.5.2-16.1.el6_3.i686.rpm7d62e2e991169a74243d7e54ddbe003228cfabd036042d7fd965654c46cdd170autocorr-sl-3.4.5.2-16.1.el6_3.noarch.rpm1f853be3b86b56f342b4484d45804a7714761b397ff5c5bc7232408f9c9b2f3eautocorr-hu-3.4.5.2-16.1.el6_3.noarch.rpm3fcd8ed200553fbbafc4f737fc5f5d3717a08d44aaba07e9afce4d6764c9c1e5autocorr-sv-3.4.5.2-16.1.el6_3.noarch.rpmfb82937990f43d9b320716fe0c1e7fff34eb661b7c7dc014180778fc231c1d3clibreoffice-rhino-3.4.5.2-16.1.el6_3.i686.rpm1f8dcf80ff5af0c4b643d558947d7417620cf350b56825445b83fbc0599ba76alibreoffice-langpack-tr-3.4.5.2-16.1.el6_3.i686.rpm824846494f824876633a38deeee01c2da3ce3c06c9373753df716e06aa390f79libreoffice-langpack-pt-BR-3.4.5.2-16.1.el6_3.i686.rpm7af759f3647c19b49c58061dc8d00ccab70cbaa3f0239a072a840a1e839f232blibreoffice-bsh-3.4.5.2-16.1.el6_3.i686.rpm0fa2fb975ff1c1bf84590f13a1bb4d370bd032816c37d9ee6a370e04f71a1fb8libreoffice-langpack-sl-3.4.5.2-16.1.el6_3.i686.rpm3385182df8be1b9495915267b516a5a0fdfdd85a10225f94514c22e2569cf894libreoffice-base-3.4.5.2-16.1.el6_3.i686.rpm464ec4e7c3e5052186892b117abf2934f07b343c08e8783e7e38d71d25e6b66eSLSA-2012:1139-1A flaw was found in the way bind-dyndb-ldap performed the escaping of names from DNS requests for use in LDAP queries. A remote attacker able to send DNS queries to a named server that is configured to use bind-dyndb-ldap could use this flaw to cause named to exit unexpectedly with an assertion failure. (CVE-2012-3429) For the update to take effect, the named service must be restarted.importantScientific Linux FermitrueScientific Linux Fermi 6bind-dyndb-ldap-1.1.0-0.9.b1.el6_3.1.i686.rpm56cceb9ee3761968939e8838062271fe066bea6c7fea8eb6231877bb8a1697a7SLSA-2012:1141-1A denial of service flaw was found in the way the dhcpd daemon handled zero- length client identifiers. A remote attacker could use this flaw to send a specially-crafted request to dhcpd, possibly causing it to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2012-3571) Two memory leak flaws were found in the dhcpd daemon. A remote attacker could use these flaws to cause dhcpd to exhaust all available memory by sending a large number of DHCP requests. (CVE-2012-3954) Upstream acknowledges Markus Hietava of the Codenomicon CROSS project as the original reporter of CVE-2012-3571, and Glen Eustace of Massey University, New Zealand, as the original reporter of CVE-2012-3954. After installing this update, all DHCP servers will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6dhclient-4.1.1-31.P1.el6_3.1.i686.rpm64764cefeb6df7a869430501bdfc102eed5b4e824100e15f0ce76a138e3e42b2dhcp-devel-4.1.1-31.P1.el6_3.1.i686.rpm64af94a721bc68589801e52ba7e95302d8267c0298dfee281e1511ef141a06d6dhcp-common-4.1.1-31.P1.el6_3.1.i686.rpm57d1f58dd808e3208b4942def60241240f234d5dad20043cb6d5440db71c8b08dhcp-4.1.1-31.P1.el6_3.1.i686.rpm3a3d112784b62eea92fd1d539ba1bac1d32d3dd86c00470ace88835473917777SLSA-2012:1151-1It was found that the OpenLDAP server daemon ignored olcTLSCipherSuite settings. This resulted in the default cipher suite always being used, which could lead to weaker than expected ciphers being accepted during Transport Layer Security (TLS) negotiation with OpenLDAP clients. (CVE-2012-2668) This update also fixes the following bug: * When the smbk5pwd overlay was enabled in an OpenLDAP server, and a user changed their password, the Microsoft NT LAN Manager (NTLM) and Microsoft LAN Manager (LM) hashes were not computed correctly. This led to the sambaLMPassword and sambaNTPassword attributes being updated with incorrect values, preventing the user logging in using a Windows-based client or a Samba client. With this update, the smbk5pwd overlay is linked against OpenSSL. As such, the NTLM and LM hashes are computed correctly, and password changes work as expected when using smbk5pwd. After installing this update, the OpenLDAP daemons will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6openldap-clients-2.4.23-26.el6_3.2.i686.rpm61794fbba125f9cbd5b7871e701784351997d511ecf666b4b765974ead1e50b7openldap-2.4.23-26.el6_3.2.i686.rpm564df0f57b19ced51223a7d6b1061111c1a788cadfeea467fa90b14693110cefopenldap-servers-2.4.23-26.el6_3.2.i686.rpm4c3d19da094245ec92ac2d669b8ecb3224568b63892dd75cf294dbd8d2fd432eopenldap-servers-sql-2.4.23-26.el6_3.2.i686.rpm3cdd556a69ce905fd11151c9228cda5edb4afa9dde06cbd591c444637502c6deopenldap-devel-2.4.23-26.el6_3.2.i686.rpm61cb43f85418a389b46bf93b668b533cab9d1ccf94194caf1b49d25a362584d4SLSA-2012:1156-1This update fixes the following security issues: * An integer overflow flaw was found in the i915_gem_execbuffer2() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. (CVE-2012-2383, Moderate) * A missing initialization flaw was found in the sco_sock_getsockopt_old() function in the Linux kernel's Bluetooth implementation. A local, unprivileged user could use this flaw to cause an information leak. (CVE-2011-1078, Low) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-devel-2.6.32-279.5.1.el6.i686.rpme5281858035dacef8308ac6e7e871c672fcba48aa0e3e66635f1afb340ac4da9kernel-debug-devel-2.6.32-279.5.1.el6.i686.rpmb0dccc21a8ae99154c8020ef59802c93ee8c11f522fb0d657ec069441becd66ckernel-doc-2.6.32-279.5.1.el6.noarch.rpm99df01fe79f3ddb144e10cc83ae26a95270d610e505962e763f53924047fbe6bkernel-headers-2.6.32-279.5.1.el6.i686.rpm72745b968c01baa7f79783def2e92a2f5813fb97e4092a31fee9a0632023a7bcpython-perf-2.6.32-279.5.1.el6.i686.rpmbaefc31831045a339ef0b4810f2bbea819565261660f784dd84a2ac643d7bb16perf-2.6.32-279.5.1.el6.i686.rpm4d7b602689f9e8df9cd92a25df25303d9904d48c0825f28a51350cee19ac78e7kernel-firmware-2.6.32-279.5.1.el6.noarch.rpm0c22f5cad5f24646382e142a0b5efcd528b5d43b3036f2a166d58cdcd78e43fdkernel-debug-2.6.32-279.5.1.el6.i686.rpm54fdb0ee810a3b7c8dea2ab4ff9d81f0617576ce030bbc482aaea370847f84fdkernel-2.6.32-279.5.1.el6.i686.rpmb7d8547e10874140cd98b853591791a58e89a1e93e0595d4b9d00edbfe727658SLSA-2012:1180-1An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's GIF image format plug-in. An attacker could create a specially- crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3481) A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch (LZW) decompression algorithm implementation used by the GIMP's GIF image format plug-in. An attacker could create a specially-crafted GIF image file that, when opened, could cause the GIF plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2011-2896) A heap-based buffer overflow flaw was found in the GIMP's KiSS CEL file format plug-in. An attacker could create a specially-crafted KiSS palette file that, when opened, could cause the CEL plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-3403) The GIMP must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6gimp-2.6.9-4.el6_3.3.i686.rpm3642c9b54993e83dc275d4f39ed2d9029ced224ef2ec2e419657b93ab1da751cgimp-devel-2.6.9-4.el6_3.3.i686.rpm4958ea3dd6165ab41b952ca61eae559d32b21b421e9c5c7eeb6b0b7c4cc45014gimp-libs-2.6.9-4.el6_3.3.i686.rpm697ae6263c5524060c0060e3561ff94d523b4f21ad3aebecf34abd09af22f5a7gimp-devel-tools-2.6.9-4.el6_3.3.i686.rpm9b9c18b07bca5fe67e53702ac24e328c399f1b9763514ca29daa812334ee8fd4gimp-help-browser-2.6.9-4.el6_3.3.i686.rpm853dc239b379e181645d2468eb53431d56e9fb5089b60bbb800dceb36efd6ad9SLSA-2012:1202-1A flaw was found in libvirtd's RPC call handling. An attacker able to establish a read-only connection to libvirtd could trigger this flaw with a specially- crafted RPC command that has the number of parameters set to 0, causing libvirtd to access invalid memory and crash. (CVE-2012-3445) This update also fixes the following bugs: * Previously, repeatedly migrating a guest between two machines while using the tunnelled migration could cause the libvirt daemon to lock up unexpectedly. The bug in the code for locking remote drivers has been fixed and repeated tunnelled migrations of domains now work as expected. * Previously, when certain system locales were used by the system, libvirt could issue incorrect commands to the hypervisor. This bug has been fixed and the libvirt library and daemon are no longer affected by the choice of the user locale. After installing the updated packages, libvirtd will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6libvirt-python-0.9.10-21.el6_3.4.i686.rpm3799a1ef44c5419ec1bbd6035b74fef7062eee103a3ff6b596577ae443807474libvirt-client-0.9.10-21.el6_3.4.i686.rpma994df04beff018e1ecb7642873e7b9a49a2711ca64143a354bfacc728189087libvirt-0.9.10-21.el6_3.4.i686.rpm71d021b907118ecccebfa8a77008b78eb71c2b12ec84b4e635d95ae5b18bc578libvirt-devel-0.9.10-21.el6_3.4.i686.rpm3352134758190efd499c1f3c743213a4a85a9b40c5ca4d8c812001bec8c43e36SLSA-2012:1206-1It was discovered that paster did not drop supplementary group privileges when started by the root user. Running "paster serve" as root to start a Python web application that will run as a non-root user and group resulted in that application running with root group privileges. This could possibly allow a remote attacker to gain access to files that should not be accessible to the application. (CVE-2012-0878) All running paster instances configured to drop privileges must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6python-paste-script-1.7.3-5.el6_3.noarch.rpmf363e8339225318d92ae45edf4e5abc4cd2621307fc60107dff94a46ecadfbfdSLSA-2012:1208-1Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc's functions for converting a string to a numeric representation (strtod(), strtof(), and strtold()). If an application used such a function on attacker controlled input, it could cause the application to crash or, potentially, execute arbitrary code. (CVE-2012-3480)moderateScientific Linux FermiScientific Linux Fermi 6glibc-2.12-1.80.el6_3.5.i686.rpm06c6e8a9379f44528532c9f4e8c6d4d25a9a08e299662f2ecaa7baed6e04bfacglibc-utils-2.12-1.80.el6_3.5.i686.rpm2283ee962783ec3c41d9b954a08588164c49ee864e9a8406c500a4f5c2236769glibc-devel-2.12-1.80.el6_3.5.i686.rpm1c704aff3ce0a71aad851e4b9deffc877fb5165c8eb0eba840cdb5779f4d0a2dglibc-common-2.12-1.80.el6_3.5.i686.rpmbf49ba73fc37e6341711b6eca69bcffad25644d41630969b6bd91cfae0f6f95cglibc-static-2.12-1.80.el6_3.5.i686.rpm17a10fcdfc62d0246b71e96092a74b68b519ccc59ce505ac7dc8813e32018eebnscd-2.12-1.80.el6_3.5.i686.rpmc02bab790005ec5115d9162448c8bd7b432aca8a8ffe558ddf30cc1e57bfd61aglibc-headers-2.12-1.80.el6_3.5.i686.rpm6a9a54965c6fba51ac78d3a5952f0df5f603272fdbb092c7c63d5aec8a4ab183SLSA-2012:1210-1A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-1970, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964) A web page containing a malicious Scalable Vector Graphics (SVG) image file could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-3969, CVE-2012-3970) Two flaws were found in the way Firefox rendered certain images using WebGL. A web page containing malicious content could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-3967, CVE-2012-3968) A flaw was found in the way Firefox decoded embedded bitmap images in Icon Format (ICO) files. A web page containing a malicious ICO file could cause Firefox to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-3966) A flaw was found in the way the "eval" command was handled by the Firefox Web Console. Running "eval" in the Web Console while viewing a web page containing malicious content could possibly cause Firefox to execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-3980) An out-of-bounds memory read flaw was found in the way Firefox used the format- number feature of XSLT (Extensible Stylesheet Language Transformations). A web page containing malicious content could possibly cause an information leak, or cause Firefox to crash. (CVE-2012-3972) It was found that the SSL certificate information for a previously visited site could be displayed in the address bar while the main window displayed a new page. This could lead to phishing attacks as attackers could use this flaw to trick users into believing they are viewing a trusted site. (CVE-2012-3976) A flaw was found in the location object implementation in Firefox. Malicious content could use this flaw to possibly allow restricted content to be loaded. (CVE-2012-3978) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-10.0.7-1.el6_3.i686.rpm4672f54657dda22af2987ee7bba08ef0d840a4b5b683509d433483b40a3b85aexulrunner-10.0.7-1.el6_3.i686.rpmcec8b531f9a8444b38203f62a209020bec7c83f406fa7b4cbb6f9f15615985b2xulrunner-devel-10.0.7-1.el6_3.i686.rpmb37aa5295987816cad420188785bd129486126194f7dfa4eb626c628ea27cd7eSLSA-2012:1211-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-1970, CVE-2012-1972, CVE-2012-1973, CVE-2012-1974, CVE-2012-1975, CVE-2012-1976, CVE-2012-3956, CVE-2012-3957, CVE-2012-3958, CVE-2012-3959, CVE-2012-3960, CVE-2012-3961, CVE-2012-3962, CVE-2012-3963, CVE-2012-3964) Content containing a malicious Scalable Vector Graphics (SVG) image file could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-3969, CVE-2012-3970) Two flaws were found in the way Thunderbird rendered certain images using WebGL. Malicious content could cause Thunderbird to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-3967, CVE-2012-3968) A flaw was found in the way Thunderbird decoded embedded bitmap images in Icon Format (ICO) files. Content containing a malicious ICO file could cause Thunderbird to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-3966) A flaw was found in the way the "eval" command was handled by the Thunderbird Error Console. Running "eval" in the Error Console while viewing malicious content could possibly cause Thunderbird to execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-3980) An out-of-bounds memory read flaw was found in the way Thunderbird used the format-number feature of XSLT (Extensible Stylesheet Language Transformations). Malicious content could possibly cause an information leak, or cause Thunderbird to crash. (CVE-2012-3972) A flaw was found in the location object implementation in Thunderbird. Malicious content could use this flaw to possibly allow restricted content to be loaded. (CVE-2012-3978) Note: All issues except CVE-2012-3969 and CVE-2012-3970 cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-10.0.7-1.el6_3.i686.rpmd59633ce8199c5d0fa7138e9ae81a9ecaa70bda63db64ebcf9b8100e63aa93b1SLSA-2012:1221-1It was discovered that the Beans component in OpenJDK did not perform permission checks properly. An untrusted Java application or applet could use this flaw to use classes from restricted packages, allowing it to bypass Java sandbox restrictions. (CVE-2012-1682) A hardening fix was applied to the AWT component in OpenJDK, removing functionality from the restricted SunToolkit class that was used in combination with other flaws to bypass Java sandbox restrictions. (CVE-2012-0547) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.11.4. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-src-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm17c4c8d62b54569eef16773c9a68052befaa430ee47fa15895d24b8dcbc0c120java-1.6.0-openjdk-javadoc-1.6.0.0-1.49.1.11.4.el6_3.i686.rpm77387cc293cea3e6328b4d766c5526e831d51010fbafe9ff0ac9f829ecfb593djava-1.6.0-openjdk-1.6.0.0-1.49.1.11.4.el6_3.i686.rpmad898570835969017bead645f2b9154983607ef039e3055c65bdfab3b90129eejava-1.6.0-openjdk-devel-1.6.0.0-1.49.1.11.4.el6_3.i686.rpma1fdef6f0537fe0510df80b52213453a4728f406c12931df02bb13a8c2b8a2efjava-1.6.0-openjdk-demo-1.6.0.0-1.49.1.11.4.el6_3.i686.rpmf48369a0ed550445b97958ba7842e70ca1f6f72ee32ba9791b6a4b8212738b44SLSA-2012:1223-1Multiple improper permission check issues were discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-4681, CVE-2012-1682, CVE-2012-3136) A hardening fix was applied to the AWT component in OpenJDK, removing functionality from the restricted SunToolkit class that was used in combination with other flaws to bypass Java sandbox restrictions. (CVE-2012-0547) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.5-2.2.1.el6_3.3.i686.rpm3dd57b3f51b556141bd4bdc485dd7645efe8b12f6b626118f84c3141365f96b8java-1.7.0-openjdk-demo-1.7.0.5-2.2.1.el6_3.3.i686.rpm0a97fbe54a4c0c56abf6b214dc36cdcb8fe1d3234fec14c3990d73de660d5065java-1.7.0-openjdk-javadoc-1.7.0.5-2.2.1.el6_3.3.noarch.rpmddceec659969a7445c29006ba62b134280dced7cc75824964c5f5fd4b8308677java-1.7.0-openjdk-1.7.0.5-2.2.1.el6_3.3.i686.rpmc9f70613c6cddf6f6eb266bf90cf3b019cc2ab3612b0e8babd5db4e0b6e8b601java-1.7.0-openjdk-src-1.7.0.5-2.2.1.el6_3.3.i686.rpm0fd56f23faef2814bf8643824d6d631d1c1ac7cccf20c3c53494fc18b29d567cSLSA-2012:1255-1Multiple flaws were found in the way libexif processed Exif tags. An attacker could create a specially-crafted image file that, when opened in an application linked against libexif, could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841) All running applications linked against libexif must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libexif-devel-0.6.21-5.el6_3.i686.rpm1b00d884458e192531ea46d643db74f8d71a66e56856fe2ddd9f6cedc07bb942libexif-0.6.21-5.el6_3.i686.rpm45fd457577897e5d6e94d5a3f556836dfb84d324a8cf5ef3d30dbead954c4148SLSA-2012:1256-1An integer overflow flaw, leading to a heap-based buffer overflow, was found in Ghostscript's International Color Consortium Format library (icclib). An attacker could create a specially-crafted PostScript or PDF file with embedded images that would cause Ghostscript to crash or, potentially, execute arbitrary code with the privileges of the user running Ghostscript. (CVE-2012-4405)moderateScientific Linux FermiScientific Linux Fermi 6ghostscript-doc-8.70-14.el6_3.1.i686.rpm29db29431d0ffaafcbc02b34a16037fb10f63692015f4d584a4be6110602f235ghostscript-8.70-14.el6_3.1.i686.rpm341a5b6e95f43b410353af12f253ae819e8c3b3af6acbe553f5cf3663a109e3cghostscript-devel-8.70-14.el6_3.1.i686.rpmcd94df22593e53bd858205dd1eb2401696c62cc9b5623faef18b62e5bb2f4a47ghostscript-gtk-8.70-14.el6_3.1.i686.rpm8ecdfa138f3d36398679b275eece7ef2fcaeaaf75d3c8293b94b653557b4e932SLSA-2012:1259-1A heap-based buffer overflow flaw was found in the way the bgpd daemon processed malformed Extended Communities path attributes. An attacker could send a specially-crafted BGP message, causing bgpd on a target system to crash or, possibly, execute arbitrary code with the privileges of the user running bgpd. The UPDATE message would have to arrive from an explicitly configured BGP peer, but could have originated elsewhere in the BGP network. (CVE-2011-3327) A stack-based buffer overflow flaw was found in the way the ospf6d daemon processed malformed Link State Update packets. An OSPF router could use this flaw to crash ospf6d on an adjacent router. (CVE-2011-3323) A flaw was found in the way the ospf6d daemon processed malformed link state advertisements. An OSPF neighbor could use this flaw to crash ospf6d on a target system. (CVE-2011-3324) A flaw was found in the way the ospfd daemon processed malformed Hello packets. An OSPF neighbor could use this flaw to crash ospfd on a target system. (CVE-2011-3325) A flaw was found in the way the ospfd daemon processed malformed link state advertisements. An OSPF router in the autonomous system could use this flaw to crash ospfd on a target system. (CVE-2011-3326) An assertion failure was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to cause ospfd on an adjacent router to abort. (CVE-2012-0249) A buffer overflow flaw was found in the way the ospfd daemon processed certain Link State Update packets. An OSPF router could use this flaw to crash ospfd on an adjacent router. (CVE-2012-0250) Two flaws were found in the way the bgpd daemon processed certain BGP OPEN messages. A configured BGP peer could cause bgpd on a target system to abort via a specially-crafted BGP OPEN message. (CVE-2012-0255, CVE-2012-1820) After installing the updated packages, the bgpd, ospfd, and ospf6d daemons will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6quagga-0.99.15-7.el6_3.2.i686.rpmc0cbdcaa4049765f00ca1545ffea31f04592e1e82f18d1404db9f51b369560c3quagga-devel-0.99.15-7.el6_3.2.i686.rpmd8c80170c4baa66f6f6274d55fb808a7f8b281a41bcff6c374fcd1a9a28ea603quagga-contrib-0.99.15-7.el6_3.2.i686.rpma8d10d3748943aa142ae5f7054002a12989dd2a5270f8bae338016f62aef9c81SLSA-2012:1261-1It was discovered that the D-Bus library honored environment settings even when running with elevated privileges. A local attacker could possibly use this flaw to escalate their privileges, by setting specific environment variables before running a setuid or setgid application linked against the D-Bus library (libdbus). (CVE-2012-3524) Note: With this update, libdbus ignores environment variables when used by setuid or setgid applications. The environment is not ignored when an application gains privileges via file system capabilities; however, no application shipped in Scientific Linux 6 gains privileges via file system capabilities. For the update to take effect, all running instances of dbus-daemon and all running applications using the libdbus library must be restarted, or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6dbus-x11-1.2.24-7.el6_3.i686.rpmc374032ff43ae0f9e6c84e9241c8b5754fc1e4619029d8e5b1776dde0dfb79f2dbus-doc-1.2.24-7.el6_3.noarch.rpmd4d52b4d6ea8fb26eff6a31e363e00e820e236c7cf989403aa71ca481d494fd8dbus-libs-1.2.24-7.el6_3.i686.rpmc4b44ce915520a245e0f2d0157052f8a8340536aa1d435bfa18fc53bf9481d99dbus-devel-1.2.24-7.el6_3.i686.rpm65fe46bd3daa6c440e62d23d055ed61312f58c00a63d903eea8ab6c9cba2fe55dbus-1.2.24-7.el6_3.i686.rpmdd87c3fc435713261e768220a268e0f2a2fa3e8c7085a999e1c54f36d942f325SLSA-2012:1263-1It was found that the optional PostgreSQL xml2 contrib module allowed local files and remote URLs to be read and written to with the privileges of the database server when parsing Extensible Stylesheet Language Transformations (XSLT). An unprivileged database user could use this flaw to read and write to local files (such as the database's configuration files) and remote URLs they would otherwise not have access to by issuing a specially-crafted SQL query. (CVE-2012-3488) It was found that the "xml" data type allowed local files and remote URLs to be read with the privileges of the database server to resolve DTD and entity references in the provided XML. An unprivileged database user could use this flaw to read local files they would otherwise not have access to by issuing a specially-crafted SQL query. Note that the full contents of the files were not returned, but portions could be displayed to the user via error messages. (CVE-2012-3489) These updated packages upgrade PostgreSQL to version 8.4.13. Refer to the PostgreSQL Release Notes for a list of changes: http://www.postgresql.org/docs/8.4/static/release-8-4-13.html If the postgresql service is running, it will be automatically restarted after installing this update.moderateScientific Linux FermiScientific Linux Fermi 6postgresql-test-8.4.13-1.el6_3.i686.rpmd861b6bf66d904dba070e5a8d613f6aea3d3bd1000578735c49ec56fcaae5e98postgresql-contrib-8.4.13-1.el6_3.i686.rpmeb07f7a944eb3a673bb7468b9fef0edde8acdc4e402ddf0554090dc13f1b7649postgresql-pltcl-8.4.13-1.el6_3.i686.rpm74b0e5a36ac8ec97bf55219d4de6a595bf8a25235c207e2802ef2a9af3a6863apostgresql-docs-8.4.13-1.el6_3.i686.rpm1d8ddfaee837366051dd6338f555960bafb6f88c466e2dd828fdbc3cef4ce20dpostgresql-8.4.13-1.el6_3.i686.rpm206ca8508b775e1217cd9e4086d6ec317763cfc1c6ad7032fd813189c44a6257postgresql-server-8.4.13-1.el6_3.i686.rpmcdab4ccd578a5a2e39231bad78ffcfc3ac9c30a2d8f995fc8901c386d097442dpostgresql-plpython-8.4.13-1.el6_3.i686.rpme4994beb83a2b06d23dc2c02e33f5cd5b40ea2df812dc74e4704252e22c9fdacpostgresql-plperl-8.4.13-1.el6_3.i686.rpm5607d112f3055e39646f7db93b9f7216a3a666e0719a9aaa0ed271802927cae4postgresql-devel-8.4.13-1.el6_3.i686.rpm91fc0c7ae1c832260c88c22d5ef8039ea0376899a9fbf461b7f936f01bbe157epostgresql-libs-8.4.13-1.el6_3.i686.rpm367c20e68cf593b5cfe168dc8fc914e7386bff30e3130fd9699591828189fb8aSLSA-2012:1265-1A heap-based buffer overflow flaw was found in the way libxslt applied templates to nodes selected by certain namespaces. An attacker could use this flaw to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2871) Several denial of service flaws were found in libxslt. An attacker could use these flaws to create a malicious XSL file that, when used by an application linked against libxslt to perform an XSL transformation, could cause the application to crash. (CVE-2012-2825, CVE-2012-2870, CVE-2011-3970) An information leak could occur if an application using libxslt processed an untrusted XPath expression, or used a malicious XSL file to perform an XSL transformation. If combined with other flaws, this leak could possibly help an attacker bypass intended memory corruption protections. (CVE-2011-1202) All running applications linked against libxslt must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libxslt-1.1.26-2.el6_3.1.i686.rpm3c3c7d1208b63111115178a3c8d3b5c6ea5b80ace164f641c3aeb0ba249bf0bflibxslt-devel-1.1.26-2.el6_3.1.i686.rpm006187cc28bae8fde5d71ca4413c8aeeb57661c3b014d47d98f545ffd425d5dflibxslt-python-1.1.26-2.el6_3.1.i686.rpm0550a6422d39ccd82927010238b9bd10e1748f9675f67cd319fd67ee23a80cb2SLSA-2012:1268-1A flaw was found in the way BIND handled resource records with a large RDATA value. A malicious owner of a DNS domain could use this flaw to create specially-crafted DNS resource records, that would cause a recursive resolver or secondary server to exit unexpectedly with an assertion failure. (CVE-2012-4244) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-9.8.2-0.10.rc1.el6_3.3.i686.rpm1fdaec75fcf00109b6363c47a366fd70a21f66837a3e5ecfae780ca44329be91bind-utils-9.8.2-0.10.rc1.el6_3.3.i686.rpm646fd9bd3050edf0aa61119dfe20f0b8a1235b37c24e281ac49e4daffcf27936bind-libs-9.8.2-0.10.rc1.el6_3.3.i686.rpm13f66403b6312f57e757dde9c210fce3c52bbe3d2fce6561ae68c9f2b96cc7b1bind-devel-9.8.2-0.10.rc1.el6_3.3.i686.rpm553f948530a5ab472d9bb750ecff657f6c57501dd2bae11ded3f6c4ca50c031cbind-chroot-9.8.2-0.10.rc1.el6_3.3.i686.rpm05bba5bbcd6c1755cb6ec72163a91fd5af337bdd4026fdcdd524758cea60fb51bind-sdb-9.8.2-0.10.rc1.el6_3.3.i686.rpm64473bc4703859b3b924b1beb154d61c806fb7e5f6339b1b851ff243a8abf32aSLSA-2012:1269-1It was discovered that the Qpid daemon (qpidd) did not allow the number of connections from clients to be restricted. A malicious client could use this flaw to open an excessive amount of connections, preventing other legitimate clients from establishing a connection to qpidd. (CVE-2012-2145) To address CVE-2012-2145, new qpidd configuration options were introduced: max- negotiate-time defines the time during which initial protocol negotiation must succeed, connection-limit-per-user and connection-limit-per-ip can be used to limit the number of connections per user and client host IP. Refer to the qpidd manual page for additional details.moderateScientific Linux FermiScientific Linux Fermi 6qpid-tools-0.14-6.el6_3.noarch.rpm039a0d4e803e35da6239945da7467975c47a9db025e836a49261f563d613d7eaqpid-cpp-server-devel-0.14-22.el6_3.i686.rpm519b8a580d46822498f9eb0fa94ba0c0f0dc1787cf991fd63679b7d13a228f2dqpid-cpp-server-0.14-22.el6_3.i686.rpm52f0a0e2a9c1b37032182892cb1c87087dcd71c98af2bb3bc459f7878c8e7e77qpid-cpp-client-devel-0.14-22.el6_3.i686.rpm37e91e1048e688dedebdb8076cb2df09fcfd358873e9d5b2a5da3320781d792aqpid-cpp-client-ssl-0.14-22.el6_3.i686.rpm85c704f54dc276538713040674b93fd87a2549bc65de676cf8c38f5d56fe463fqpid-cpp-client-0.14-22.el6_3.i686.rpm5aa3c4cf996bd9aa4f985bf69c8278fc77c7c47ed1558cd2237e2b9a4aabb474python-qpid-0.14-11.el6_3.noarch.rpm1a2f23c53dd76fc2be5a50fe409d4c7e842c041c24fc3caa4e639f1e6bdc26c7rh-qpid-cpp-tests-0.14-22.el6_3.i686.rpmdc00efd9d755662674131ec624c0aaef6ac9bb6c190459f1a1b649929e14cd30qpid-qmf-0.14-14.el6_3.i686.rpm87061e12e4747db7a44518cda6efd8511461d2551d4e79665052cab97fd7fd9aqpid-cpp-client-rdma-0.14-22.el6_3.i686.rpmd432bd2a9c53a515cde9e391cfbca98bdb7c3a60c1680b3677df719229e824d9qpid-cpp-server-cluster-0.14-22.el6_3.i686.rpm7a2736b6dd6d5a9cc356003bcdc2e11082d3825328367f053ef7b3d07c7565a8qpid-cpp-server-xml-0.14-22.el6_3.i686.rpm7cafd45bdc9485b696daa1bafb2db368c2b029c0f02f5ea93a5eca0960427cfaqpid-cpp-client-devel-docs-0.14-22.el6_3.noarch.rpmafe0ff9e48c549d5ba35d292619f706e2d64851560efaf72ed15a61e0a0ee7deqpid-cpp-server-rdma-0.14-22.el6_3.i686.rpm4598504280d51d9cb86a1a3926c2c61232711dbbd0c4304460bf0885e6c995fcqpid-qmf-devel-0.14-14.el6_3.i686.rpm1a49694d5caa281365de36139bc8a9aceb670c2259c9d4320f1b2433b1b9940fqpid-cpp-server-ssl-0.14-22.el6_3.i686.rpme9b7b973e695f5d50a9b685fca65a44d5cd96ed0fcbe07f2fe04d039932065edpython-qpid-qmf-0.14-14.el6_3.i686.rpm02175cdf48d7263b37a3ad6ee5fa22edae17f00d21877999c235e725d679e0d4qpid-cpp-server-store-0.14-22.el6_3.i686.rpmca7670375a10e7108a7d2ae0c2a3d947f0126db4bd2eabe9bc908f7d70546e8bruby-qpid-qmf-0.14-14.el6_3.i686.rpme18704d3b5522b9d96114013718c2c9be38a647f76ac5b8dc8df0927c1b44189SLSA-2012:1283-1It was found that OpenJPEG failed to sanity-check an image header field before using it. A remote attacker could provide a specially-crafted image file that could cause an application linked against OpenJPEG to crash or, possibly, execute arbitrary code. (CVE-2012-3535) All running applications using OpenJPEG must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6openjpeg-devel-1.3-9.el6_3.i686.rpmeeb01c49913aea1ad45e4ab6f42c865cb736f12c99c55cf3dcdd6f06c9b84c11openjpeg-libs-1.3-9.el6_3.i686.rpmce9e0c4a2175c8e88f568e1ea34770e9deea0c622892eecec8e7555f575ebd55openjpeg-1.3-9.el6_3.i686.rpmb67b9a70ada197a57e802ac9742ea6b62cf451b5492adb7dd12614bb42ed3f2fSLSA-2012:1284-1It was discovered that the spice-gtk setuid helper application, spice-client- glib-usb-acl-helper, did not clear the environment variables read by the libraries it uses. A local attacker could possibly use this flaw to escalate their privileges by setting specific environment variables before running the helper application. (CVE-2012-4425)moderateScientific Linux FermiScientific Linux Fermi 6spice-gtk-python-0.11-11.el6_3.1.i686.rpm834a290a8ec1903015b9335320c56ca0ac58973eb1945848c2310e2ed8f22cccspice-gtk-tools-0.11-11.el6_3.1.i686.rpm203ac8da41878a7f87ea87da9349a7d152aacc82e56ab24804e7cbe18aa58d1bspice-gtk-0.11-11.el6_3.1.i686.rpma94b9a3fd221ab651774a19f1bc10a10eab03e8717f599a230be6823de625bf0spice-glib-0.11-11.el6_3.1.i686.rpm32b7257ca6df42aeccbc2f35607aa1bb2b52dc3d306019d35b897dc80dd858e0spice-gtk-devel-0.11-11.el6_3.1.i686.rpm4405faa2364476587f2f6a3f4889b06b12feb2d357e0b861370d36a4c5a72b61spice-glib-devel-0.11-11.el6_3.1.i686.rpme7c38da2b053ac86ec4b92c2ec4937ca6a9f35f81bb20abc3187c438e93a833eSLSA-2012:1288-1Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way libxml2 handled documents that enable entity expansion. A remote attacker could provide a large, specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2807) A one byte buffer overflow was found in the way libxml2 evaluated certain parts of XML Pointer Language (XPointer) expressions. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2011-3102) The desktop must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libxml2-devel-2.7.6-8.el6_3.3.i686.rpme3a9649e2574ad36f7c22f584603a7279d01488f708a7bea2cd792e3aa5fce78libxml2-static-2.7.6-8.el6_3.3.i686.rpm383ed12544880c9f571a03eb4be8f9dc8bd88b6e482e2458733ce1d5588d384dlibxml2-2.7.6-8.el6_3.3.i686.rpm4fc2d9414eeb31836aa74166e314c4b63f808b84b711a3a9f3e0b3a96055cc4blibxml2-python-2.7.6-8.el6_3.3.i686.rpm81574ad26dbe2fd61d6ebfba08cb8552a6e54f48e1f93974292052b4642d9639SLSA-2012:1304-1This update fixes the following security issues: * An integer overflow flaw was found in the i915_gem_do_execbuffer() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. (CVE-2012-2384, Moderate) * A memory leak flaw was found in the way the Linux kernel's memory subsystem handled resource clean up in the mmap() failure path when the MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-2390, Moderate) * A race condition was found in the way access to inet->opt ip_options was synchronized in the Linux kernel's TCP/IP protocol suite implementation. Depending on the network facing applications running on the system, a remote attacker could possibly trigger this flaw to cause a denial of service. A local, unprivileged user could use this flaw to cause a denial of service regardless of the applications the system runs. (CVE-2012-3552, Moderate) * A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). (CVE-2012-2313, Low) * A flaw was found in the way the msg_namelen variable in the rds_recvmsg() function of the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation was initialized. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6python-perf-2.6.32-279.9.1.el6.i686.rpma6ce3345c3538d040405383715b9ff49bcbb2274f9ffa1fc982ee90ecbeff1f6kernel-devel-2.6.32-279.9.1.el6.i686.rpm4dc92dbd4616ae1902e0f6e7596eeb5c1cb31127c3ad8cfc79098b12bd058f28kernel-doc-2.6.32-279.9.1.el6.noarch.rpm94997be7cb739652b3a728057523f55b35cf900b74359ead7999ba5d9efa8413kernel-2.6.32-279.9.1.el6.i686.rpmaab8cea3d71415f0bd8d028bab93cdb5be869154ed2dc2f76641a54f0f3ac5ddkernel-firmware-2.6.32-279.9.1.el6.noarch.rpm916d5c1005730f559d8f3103f779585a80ddaba560468100620abfcaf30c97bdkernel-debug-2.6.32-279.9.1.el6.i686.rpm11ace9864c8b34077e9dc2608ce8c07d02f31b388d1ba0652981e753394ff0f2kernel-debug-devel-2.6.32-279.9.1.el6.i686.rpma74d63db0054db919d7573c2c30e29dcce4daaa130a1b400f248c25bdd42d7c7kernel-headers-2.6.32-279.9.1.el6.i686.rpm1a9657b6f42f9db09d4bb787cdf2b56373caea6a24b8f6d4459335c99a9a6449perf-2.6.32-279.9.1.el6.i686.rpme65feb46fc289db77330a2cbe58d32056f2ba05425892bfc0b5c5fbcc12d4270SLSA-2012:1326-1A buffer overflow flaw was discovered in the way radiusd handled the expiration date field in X.509 client certificates. A remote attacker could possibly use this flaw to crash radiusd if it were configured to use the certificate or TLS tunnelled authentication methods (such as EAP-TLS, EAP-TTLS, and PEAP). (CVE-2012-3547) After installing the update, radiusd will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6freeradius-krb5-2.1.12-4.el6_3.i686.rpm362a331fd2836ba6145e1a320ce6471c8071662c2f26f299333f1adbf692cbbbfreeradius-unixODBC-2.1.12-4.el6_3.i686.rpm5c52e5be439d1b407901cd539c95baf15f9ae2e880424337c1ea0ba60f4a77cafreeradius-python-2.1.12-4.el6_3.i686.rpm9eb0cdfa101ff692172b900766b6269bc6dbf355697c358fa595a66456e46bfefreeradius-postgresql-2.1.12-4.el6_3.i686.rpm5b5c3265e4d26234bb461ab4980af0f795976607f229f661db6a1378b54b6d2cfreeradius-perl-2.1.12-4.el6_3.i686.rpm746e8e1f33432a7e93b6dc3ddfebbbc343183480cf113d7353447839f760a9cafreeradius-utils-2.1.12-4.el6_3.i686.rpmb418ce72f24ec4904f0d35cbda02a57cdf85b19536573a4babae0d67e0e09f1efreeradius-mysql-2.1.12-4.el6_3.i686.rpm1555a9855cf71a2051b38b5dc64caa25ae1022d4d347c35ddedf1e63dc8ee16dfreeradius-2.1.12-4.el6_3.i686.rpmd16a8cc315c680c4bf7cd69ac0a05f7897c0b48b36090ff12e8e12c1e76964c5freeradius-ldap-2.1.12-4.el6_3.i686.rpmfad2d7821e347d43a0bc05bdf9832692dd331cf61bc28bf38a145436300d9bd3SLSA-2012:1350-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188) Two flaws in Firefox could allow a malicious website to bypass intended restrictions, possibly leading to information disclosure, or Firefox executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991) Multiple flaws were found in the location object implementation in Firefox. Malicious content could be used to perform cross-site scripting attacks, script injection, or spoofing attacks. (CVE-2012-1956, CVE-2012-3992, CVE-2012-3994) Two flaws were found in the way Chrome Object Wrappers were implemented. Malicious content could be used to perform cross-site scripting attacks or cause Firefox to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184) This update also fixes the following bug: * In certain environments, storing personal Firefox configuration files (~/.mozilla/) on an NFS share, such as when your home directory is on a NFS share, led to Firefox functioning incorrectly, for example, navigation buttons not working as expected, and bookmarks not saving. This update adds a new configuration option, storage.nfs_filesystem, that can be used to resolve this issue. If you experience this issue: 1) Start Firefox. 2) Type "about:config" (without quotes) into the URL bar and press the Enter key. 3) If prompted with "This might void your warranty!", click the "I'll be careful, I promise!" button. 4) Right-click in the Preference Name list. In the menu that opens, select New -> Boolean. 5) Type "storage.nfs_filesystem" (without quotes) for the preference name and then click the OK button. 6) Select "true" for the boolean value and then press the OK button. After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-10.0.8-1.el6_3.i686.rpm7322ff547b5a8eae0120d49be14f7af7c53e6f4df32c2afe1c047fbec9443b70xulrunner-devel-10.0.8-1.el6_3.i686.rpmf2470fbf53ec7fb171fe8d3003c3b3d3f41ab5276a07b5f236c15b854999dadbxulrunner-10.0.8-1.el6_3.i686.rpmaf7ae1d2f8e26bd120473b23e7c8c11249431f0d7c59a434ead7403c54bc9886SLSA-2012:1351-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-3982, CVE-2012-3988, CVE-2012-3990, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188) Two flaws in Thunderbird could allow malicious content to bypass intended restrictions, possibly leading to information disclosure, or Thunderbird executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution. (CVE-2012-3986, CVE-2012-3991) Multiple flaws were found in the location object implementation in Thunderbird. Malicious content could be used to perform cross-site scripting attacks, script injection, or spoofing attacks. (CVE-2012-1956, CVE-2012-3992, CVE-2012-3994) Two flaws were found in the way Chrome Object Wrappers were implemented. Malicious content could be used to perform cross-site scripting attacks or cause Thunderbird to execute arbitrary code. (CVE-2012-3993, CVE-2012-4184) Note: None of the issues in this advisory can be exploited by a specially- crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-10.0.8-1.el6_3.i686.rpme6d3587d2d69193fbcc3d07095a50abeec4995547c07f641a576aada3af21d4cSLSA-2012:1359-1A flaw was found in libvirtd's RPC call handling. An attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd by sending an RPC message that has an event as the RPC number, or an RPC number that falls into a gap in the RPC dispatch table. (CVE-2012-4423) This update also fixes the following bugs: * When the host_uuid option was present in the libvirtd.conf file, the augeas libvirt lens was unable to parse the file. This bug has been fixed and the augeas libvirt lens now parses libvirtd.conf as expected in the described scenario. * Disk hot plug is a two-part action: the qemuMonitorAddDrive() call is followed by the qemuMonitorAddDevice() call. When the first part succeeded but the second one failed, libvirt failed to roll back the first part and the device remained in use even though the disk hot plug failed. With this update, the rollback for the drive addition is properly performed in the described scenario and disk hot plug now works as expected. * When a virtual machine was started with an image chain using block devices and a block rebase operation was issued, the operation failed on completion in the blockJobAbort() function. This update relabels and configures cgroups for the backing files and the rebase operation now succeeds. After installing the updated packages, libvirtd will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6libvirt-python-0.9.10-21.el6_3.5.i686.rpm23000455d9e643adfe3dc9aee7227bea1b68d2d68e63cdcd94405afd6752d90alibvirt-devel-0.9.10-21.el6_3.5.i686.rpm495f4508a8a4b94e9f0fb6761d29b687b190ea0f5c059ab06ec5f8af6d4d3f97libvirt-0.9.10-21.el6_3.5.i686.rpmf9e73ee9e6221e6d80ead9b8d94ff9282c2c0bc72ae0b1a73100a333ee3a92dalibvirt-client-0.9.10-21.el6_3.5.i686.rpm0d51c617ae0e3d9e0a2f527e186e040799234d63f2be30fe75b5a7438421089dSLSA-2012:1361-1A flaw was found in the way XULRunner handled security wrappers. A web page containing malicious content could possibly cause an application linked against XULRunner (such as Mozilla Firefox) to execute arbitrary code with the privileges of the user running the application. (CVE-2012-4193) After installing the update, applications using XULRunner must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-devel-10.0.8-2.el6_3.i686.rpm20376f146b8237c707bf2b11204b717106a742a512f8824c5a79d9d477350706xulrunner-10.0.8-2.el6_3.i686.rpm813e428947b04cebabed0c8b8e7c957660b6958fe83c8861dbf20f3ba89bba97SLSA-2012:1362-1A flaw was found in the way Thunderbird handled security wrappers. Malicious content could cause Thunderbird to execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4193) Note: This issue cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. It could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-10.0.8-2.el6_3.i686.rpm32117ae6d4e2501cc4d849199703ea13d13335e73523aedf11c6274333a0f397SLSA-2012:1363-1A flaw was found in the way BIND handled certain combinations of resource records. A remote attacker could use this flaw to cause a recursive resolver, or an authoritative server in certain configurations, to lockup. (CVE-2012-5166) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-libs-9.8.2-0.10.rc1.el6_3.5.i686.rpmf60f07b644fb657f2b176bb1f4960b6965e5bf687a4fbea2338ce2d26c008167bind-sdb-9.8.2-0.10.rc1.el6_3.5.i686.rpm3c3042f67b081b8280af975b1bcddfa2424173e7f9f38ebea8d4651cd2f3b1d9bind-chroot-9.8.2-0.10.rc1.el6_3.5.i686.rpm0301cb90a3669727b98a65cdad92ff737a30ec43c9c5e5055fdee32e29390908bind-devel-9.8.2-0.10.rc1.el6_3.5.i686.rpm959f1de9ea2bd3b4d17af1d134b633e64efb0df07de7e07d75f84a1a0fa6f9c5bind-utils-9.8.2-0.10.rc1.el6_3.5.i686.rpmf29112d315f8e07384ed67941bc80b419223bfc95ff03388cae6d1e533521bc9bind-9.8.2-0.10.rc1.el6_3.5.i686.rpm18289dfe77cd0285341f6c660543bbe3b91b87b15eb490be380f5ca1a036f445SLSA-2012:1366-1This update fixes the following security issue: * A flaw was found in the way socket buffers (skb) requiring TSO (TCP segment offloading) were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service. (CVE-2012-3412, Important) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-headers-2.6.32-279.11.1.el6.i686.rpm8e8b3ee1d7ebbd1a3b99d9cb60407cdbc29ffefc95d3a83018463cb2f01db512kernel-2.6.32-279.11.1.el6.i686.rpm64e19ddc65cf886c44fa4221f9ba5ed22e20bfa537266d223b4deeaccf843da5kernel-devel-2.6.32-279.11.1.el6.i686.rpmb6d731e1e9c44cea9dbd2023aabe6fe28b6e135b79f375d62f75b217ba082242python-perf-2.6.32-279.11.1.el6.i686.rpm034e96b346247e4458da4e959b9c81d51280510d7348f89efe6dfc0cd3139465kernel-debug-2.6.32-279.11.1.el6.i686.rpm99dbda1256d515577b3f4cdad87aefe80774362c1f6de3a81b5c79580d80064bkernel-debug-devel-2.6.32-279.11.1.el6.i686.rpm1ce9a580992237f296d3cc9c6d28a62d1c17e9a2a15e30f91c3a1fd31167867fkernel-doc-2.6.32-279.11.1.el6.noarch.rpm372850a9717a0e75bd5aa91470725f85bdcd6d3b8b0eefe3ea0af0d8d71576d7kernel-firmware-2.6.32-279.11.1.el6.noarch.rpmb99e33e48a7f18df36fc6f032d30deb24414d1c7fd637a6f1453591ab2f12038perf-2.6.32-279.11.1.el6.i686.rpm73dc23639176eb9f574afc0a2bcade650facf8140401c49c8e73c68ffa36b0e4SLSA-2012:1384-1Multiple improper permission check issues were discovered in the Beans, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-5086, CVE-2012-5084, CVE-2012-5089) Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071, CVE-2012-5069, CVE-2012-5073, CVE-2012-5072) It was discovered that java.util.ServiceLoader could create an instance of an incompatible class while performing provider lookup. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2012-5079) It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS implementation did not properly handle handshake records containing an overly large data length value. An unauthenticated, remote attacker could possibly use this flaw to cause an SSL/TLS server to terminate with an exception. (CVE-2012-5081) It was discovered that the JMX component in OpenJDK could perform certain actions in an insecure manner. An untrusted Java application or applet could possibly use this flaw to disclose sensitive information. (CVE-2012-5075) A bug in the Java HotSpot Virtual Machine optimization code could cause it to not perform array initialization in certain cases. An untrusted Java application or applet could use this flaw to disclose portions of the virtual machine's memory. (CVE-2012-4416) It was discovered that the SecureRandom class did not properly protect against the creation of multiple seeders. An untrusted Java application or applet could possibly use this flaw to disclose sensitive information. (CVE-2012-5077) It was discovered that the java.io.FilePermission class exposed the hash code of the canonicalized path name. An untrusted Java application or applet could possibly use this flaw to determine certain system paths, such as the current working directory. (CVE-2012-3216) This update disables Gopher protocol support in the java.net package by default. Gopher support can be enabled by setting the newly introduced property, "jdk.net.registerGopherProtocol", to true. (CVE-2012-5085) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.11.5. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-src-1.6.0.0-1.50.1.11.5.el6_3.i686.rpm7ef3b9db81a8f9a5117d758fb50cf8b84cab660853738ed6497b9c1470147849java-1.6.0-openjdk-devel-1.6.0.0-1.50.1.11.5.el6_3.i686.rpm8617583337ef1dc82fc0caff0b27a8b674557bcfda803f65f9458a537b218c6ejava-1.6.0-openjdk-javadoc-1.6.0.0-1.50.1.11.5.el6_3.i686.rpm9518cb003b464e5eb2e8e70610482d5ac6dd67537e6f13c4a5baa8bdc051edfbjava-1.6.0-openjdk-demo-1.6.0.0-1.50.1.11.5.el6_3.i686.rpme845a551b350a6a93750278f4421d023fc95004f83c7be78bb744f6aae48c500java-1.6.0-openjdk-1.6.0.0-1.50.1.11.5.el6_3.i686.rpm962793961189799a60d77482091762c84ee4f6d9ddf2ce3c007fea62c1f20498SLSA-2012:1386-1Multiple improper permission check issues were discovered in the Beans, Libraries, Swing, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-5086, CVE-2012-5087, CVE-2012-5088, CVE-2012-5084, CVE-2012-5089) The default Java security properties configuration did not restrict access to certain com.sun.org.glassfish packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. This update lists those packages as restricted. (CVE-2012-5076, CVE-2012-5074) Multiple improper permission check issues were discovered in the Scripting, JMX, Concurrency, Libraries, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2012-5068, CVE-2012-5071, CVE-2012-5069, CVE-2012-5073, CVE-2012-5072) It was discovered that java.util.ServiceLoader could create an instance of an incompatible class while performing provider lookup. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2012-5079) It was discovered that the Java Secure Socket Extension (JSSE) SSL/TLS implementation did not properly handle handshake records containing an overly large data length value. An unauthenticated, remote attacker could possibly use this flaw to cause an SSL/TLS server to terminate with an exception. (CVE-2012-5081) It was discovered that the JMX component in OpenJDK could perform certain actions in an insecure manner. An untrusted Java application or applet could possibly use these flaws to disclose sensitive information. (CVE-2012-5070, CVE-2012-5075) A bug in the Java HotSpot Virtual Machine optimization code could cause it to not perform array initialization in certain cases. An untrusted Java application or applet could use this flaw to disclose portions of the virtual machine's memory. (CVE-2012-4416) It was discovered that the SecureRandom class did not properly protect against the creation of multiple seeders. An untrusted Java application or applet could possibly use this flaw to disclose sensitive information. (CVE-2012-5077) It was discovered that the java.io.FilePermission class exposed the hash code of the canonicalized path name. An untrusted Java application or applet could possibly use this flaw to determine certain system paths, such as the current working directory. (CVE-2012-3216) This update disables Gopher protocol support in the java.net package by default. Gopher support can be enabled by setting the newly introduced property, "jdk.net.registerGopherProtocol", to true. (CVE-2012-5085) This erratum also upgrades the OpenJDK package to IcedTea7 2.3.3. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.3.el6_3.1.noarch.rpmf3dbb0a2347fd1fd698c78e53d3d591e8d5ec3e6f1537091dd74c9494f8ffa9djava-1.7.0-openjdk-demo-1.7.0.9-2.3.3.el6_3.1.i686.rpm37e7196c38317371cedd69fb7c2cddfb93b9652d7d8fd89f5d33fb71ab673bd9java-1.7.0-openjdk-devel-1.7.0.9-2.3.3.el6_3.1.i686.rpmb994c2ddc0d26f9e45b00fb17ccd2dae5a95c20ee4f7d38cb18ce8b950bc9988java-1.7.0-openjdk-1.7.0.9-2.3.3.el6_3.1.i686.rpm77e5dbbd293958545ad80c6612ef515fff1572574b831aa1224418f1be655ee7java-1.7.0-openjdk-src-1.7.0.9-2.3.3.el6_3.1.i686.rpm9fc7a1918ffadf20f54895441cf55afb38726cd78b85c9640da91c983e2ccff5SLSA-2012:1416-1A heap-based buffer overflow flaw was found in the way the CSS (Cascading Style Sheets) parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs (such as Konqueror) to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-4512) A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory. (CVE-2012-4513) The desktop must be restarted (log out, then log back in) for this update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6kdelibs-4.3.4-14.el6_3.2.i686.rpm7fa4b2ac8098db335b0d06b797475a193f99661c47f64bc6189bce78a197d0c9kdelibs-devel-4.3.4-14.el6_3.2.i686.rpm7b73806458c51436a9dbf11f4cd918d6c6c37afa5fe488422c46ddec95aad5c9kdelibs-apidocs-4.3.4-14.el6_3.2.noarch.rpm51f472526f0c62998672f9bfef36d18ed96ef1c883e3751783975474cdf17ec6kdelibs-common-4.3.4-14.el6_3.2.i686.rpm09b99db1193a5d703d5ba633136419133f83c72ecbdfbeae376349f57afebf92SLSA-2012:1418-1A heap-based buffer overflow flaw was found in the way the CSS (Cascading Style Sheets) parser in kdelibs parsed the location of the source for font faces. A web page containing malicious content could cause an application using kdelibs (such as Konqueror) to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-4512) A heap-based buffer over-read flaw was found in the way kdelibs calculated canvas dimensions for large images. A web page containing malicious content could cause an application using kdelibs to crash or disclose portions of its memory. (CVE-2012-4513) The desktop must be restarted (log out, then log back in) for this update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6kdelibs-common-4.3.4-19.el6.i686.rpm9a161c3ab76452e6ad7e8aa5f55e97b99e5b475c456c8bc8bc5e8269b5b19560kdelibs-4.3.4-19.el6.i686.rpmd48c2a0b252c464ac78cf03eaa4db11f8876ef6dd97f925e05139ee3a1501b4akdelibs-devel-4.3.4-19.el6.i686.rpm3535dbd54a9c695b0232ff76aa5067eb676673a85f0b2ea824c290830739cc54kdelibs-apidocs-4.3.4-19.el6.noarch.rpmcde03c4e0ce1624e722e36873584a5f4743512f47fca4469930549a791d5d2b3SLSA-2012:1426-1This update fixes the following security issues: * A use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-2133, Moderate) * A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2012-3511, Moderate) * It was found that when running a 32-bit binary that uses a large number of shared libraries, one of the libraries would always be loaded at a predictable address in memory. An attacker could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2012-1568, Low) * Buffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2012-3400, Low) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-2.6.32-279.14.1.el6.i686.rpm7ce4cf8b24c72f36651f35b5cce88d4a1efce5edf147397df656a03a0ba33ea1kernel-debug-devel-2.6.32-279.14.1.el6.i686.rpm8142c10335dfba62f26d10c86239b79e12e6c4e52388efed35ad8f4ee03e3ca6kernel-headers-2.6.32-279.14.1.el6.i686.rpmd9350695e6f8e346d8a99d6ec3a09c3c6e678f348b943f46b00acf26972868e1perf-2.6.32-279.14.1.el6.i686.rpm4f3e7c220b011d3a552bc0f7f5fc302e28c417df3a17c71553b4288baf627075kernel-debug-2.6.32-279.14.1.el6.i686.rpm11dcffd35d0986dcb6d12b462a0003f9810cbd8566fb9d5f8ed066ca86840a34kernel-doc-2.6.32-279.14.1.el6.noarch.rpm4b6cdbdeed8d2a6f32a7959ba67202acfa75673db32983c6f9eb2599389c9868kernel-firmware-2.6.32-279.14.1.el6.noarch.rpmdeaec639dd638e07a946c38531a6019528ed50ac6de7697d08d7b30d523fe1e0python-perf-2.6.32-279.14.1.el6.i686.rpm9b4694f83f595bf38e2c93b5b30077cdfbf6c3e5bfd111ab7ae1445f13f9bd13kernel-devel-2.6.32-279.14.1.el6.i686.rpm9e9c7b836e6a5507175012501063b3aaf787423304838b6dbd9653cc636d38caSLSA-2012:1434-1A buffer overflow flaw was found in the IcedTea-Web plug-in. Visiting a malicious web page could cause a web browser using the IcedTea-Web plug-in to crash or, possibly, execute arbitrary code. (CVE-2012-4540) This erratum also upgrades IcedTea-Web to version 1.2.2. Web browsers using the IcedTea-Web browser plug-in must be restarted for this update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6icedtea-web-1.2.2-1.el6_3.i686.rpm56eead5c1119f7ac84d36f241ae1cfc69058a38a69a67d8229745fe747e1ef6dicedtea-web-javadoc-1.2.2-1.el6_3.i686.rpm0143d058c344749043ab13eb56e03f5d4039aaba3728d05a12372c44a5c61f7dSLSA-2012:1455-1An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the gegl utility processed .ppm (Portable Pixel Map) image files. An attacker could create a specially-crafted .ppm file that, when opened in gegl, would cause gegl to crash or, potentially, execute arbitrary code. (CVE-2012-4433)moderateScientific Linux FermiScientific Linux Fermi 6gegl-0.1.2-4.el6_3.i686.rpm1dd5f519754e72414f5de0eeb59b85848c814ef5c97d06848c95ab1d86fadd82gegl-devel-0.1.2-4.el6_3.i686.rpm47e853b554f94edae9a667cfdd7dfa53ed77f121ea419323758e54e24418bd8cSLSA-2012:1459-1It was not possible for plug-ins wrapped by nspluginwrapper to discover whether the browser was running in Private Browsing mode. This flaw could lead to plug- ins wrapped by nspluginwrapper using normal mode while they were expected to run in Private Browsing mode. (CVE-2011-2486) This update also fixes the following bug: * When using the Adobe Reader web browser plug-in provided by the acroread- plugin package on a 64-bit system, opening Portable Document Format (PDF) files in Firefox could cause the plug-in to crash and a black window to be displayed where the PDF should be. Firefox had to be restarted to resolve the issue. This update implements a workaround in nspluginwrapper to automatically handle the plug-in crash, so that users no longer have to keep restarting Firefox. 4.4, and correct these issues. After installing the update, Firefox must be restarted for the changes to take effect.lowScientific Linux FermitrueScientific Linux Fermi 6nspluginwrapper-1.4.4-1.el6_3.i686.rpm37ae237d7728befeb22afb42e8f4b6c687790fa8270ed35d94c4d4a5a27669e3SLSA-2012:1461-1A buffer overflow flaw was found in the way libproxy handled the downloading of proxy auto-configuration (PAC) files. A malicious server hosting a PAC file or a man-in-the-middle attacker could use this flaw to cause an application using libproxy to crash or, possibly, execute arbitrary code, if the proxy settings obtained by libproxy (from the environment or the desktop environment settings) instructed the use of a PAC proxy configuration. (CVE-2012-4505) All applications using libproxy must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libproxy-0.3.0-3.el6_3.i686.rpm0c4937a3c471edd19d4f09a64465807129c22cea5f7e5d0d5441f669c73f6cf3libproxy-gnome-0.3.0-3.el6_3.i686.rpm5c9a70135f1498f4f54e0f944e9305654e5d6118dd6f8b0eedffd35475206d37libproxy-python-0.3.0-3.el6_3.i686.rpm026a0c24ae0325470a31699489d3f1ea029f7a383105c6be5d331beb27b27a04libproxy-bin-0.3.0-3.el6_3.i686.rpm75b5a152682fc57055728ce5f070e78ee59279527cc02996e3b85e51707e6f64libproxy-devel-0.3.0-3.el6_3.i686.rpm8a73788a424c7b1197d570b7009fe808b1091910f0f439e08a550633dbbb813blibproxy-kde-0.3.0-3.el6_3.i686.rpmabf25985aca3bc5a819af4e197666238db179a01a32f715f392d0e5a8c958516libproxy-webkit-0.3.0-3.el6_3.i686.rpma4c53539ba54128a75babb88db6ec261c92e473cb481dbd0a77ef46efa38127elibproxy-mozjs-0.3.0-3.el6_3.i686.rpm07979589260843054286fc87b63a14d0de431f508cc5736308f635682897e77aSLSA-2012:1462-1(CVE-2012-1688, CVE-2012-1690, CVE-2012-1703, CVE-2012-2749, CVE-2012-0540, CVE-2012-1689, CVE-2012-1734, CVE-2012-3163, CVE-2012-3158, CVE-2012-3177, CVE-2012-3166, CVE-2012-3173, CVE-2012-3150, CVE-2012-3180, CVE-2012-3167, CVE-2012-3197, CVE-2012-3160) After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6mysql-test-5.1.66-1.el6_3.i686.rpmb2a825f34759b671c9aaed5de37224ecaa69f0d6e4e41c77c8fe5b42456c3ca5mysql-bench-5.1.66-1.el6_3.i686.rpm0fba90a972637085a4fdf904f5a73aa806300ee408be7350e8b00def6689ca0cmysql-libs-5.1.66-1.el6_3.i686.rpmf882e861a663fec61e8a91cdd74d1d5ecea2d24b15623b66d1156590975fa2ffmysql-embedded-5.1.66-1.el6_3.i686.rpm811df756ef5d7ce38bd53053a77a4b1554f9a98dff0897640026e4e8a33c2f18mysql-embedded-devel-5.1.66-1.el6_3.i686.rpm56bd21bcdbef1e393513ba01383823564c33feaf93777ba7edb65cb553bce498mysql-5.1.66-1.el6_3.i686.rpmd54502f0107ae4bb39f427f699a6d70f3a5bcc702794ac1d22bf8d919266dcddmysql-devel-5.1.66-1.el6_3.i686.rpm7c362d11c5498fd31dfd6f0500794f888cac20b6188ea4c5459d2432ec147167mysql-server-5.1.66-1.el6_3.i686.rpmf985bd60971deafa01b45173394b834a98690cbe27fcaabae5ce551e5fef1ee1SLSA-2012:1482-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Firefox handled GIF (Graphics Interchange Format) images. A web page containing a malicious GIF image could cause Firefox to crash or, possibly, execute arbitrary code with the privileges of the user running Firefox. (CVE-2012-4202) A flaw was found in the way the Style Inspector tool in Firefox handled certain Cascading Style Sheets (CSS). Running the tool (Tools -> Web Developer -> Inspect) on malicious CSS could result in the execution of HTML and CSS content with chrome privileges. (CVE-2012-4210) A flaw was found in the way Firefox decoded the HZ-GB-2312 character encoding. A web page containing malicious content could cause Firefox to run JavaScript code with the permissions of a different website. (CVE-2012-4207) A flaw was found in the location object implementation in Firefox. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Firefox. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-10.0.11-1.el6_3.i686.rpmaf2297d7605b7f94f224ba9083adecf794b09527fa20251f6cebba78fba1b493xulrunner-devel-10.0.11-1.el6_3.i686.rpm97d7f51289ac4819a44e761206a98ec562618818da0eb4af9d06dad52ad2a035xulrunner-10.0.11-1.el6_3.i686.rpm019e735a132bde4d0eb2e05a35f2b5fb6a4fd1075f3cb1ac5e6599d4051d4b4eSLSA-2012:1483-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5839, CVE-2012-5840, CVE-2012-5842) A buffer overflow flaw was found in the way Thunderbird handled GIF (Graphics Interchange Format) images. Content containing a malicious GIF image could cause Thunderbird to crash or, possibly, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2012-4202) A flaw was found in the way Thunderbird decoded the HZ-GB-2312 character encoding. Malicious content could cause Thunderbird to run JavaScript code with the permissions of different content. (CVE-2012-4207) A flaw was found in the location object implementation in Thunderbird. Malicious content could possibly use this flaw to allow restricted content to be loaded by plug-ins. (CVE-2012-4209) A flaw was found in the way cross-origin wrappers were implemented. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-5841) A flaw was found in the evalInSandbox implementation in Thunderbird. Malicious content could use this flaw to perform cross-site scripting attacks. (CVE-2012-4201) Note: All issues except CVE-2012-4202 cannot be exploited by a specially- crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-10.0.11-1.el6_3.i686.rpm2c4b94f495dfd9d1b6876f56723b811a0d5e33c47744bc2c2ad15eccf2acb03bSLSA-2012:1512-1A heap-based buffer underflow flaw was found in the way libxml2 decoded certain entities. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5134) The desktop must be restarted (log out, then log back in) for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libxml2-2.7.6-8.el6_3.4.i686.rpmdb2899a1ac5c75c0bbcfa546973a908d46ccd3a8891388c0f99e96093434b2f0libxml2-devel-2.7.6-8.el6_3.4.i686.rpma8af93b3a8f814655d9d1022bddfdebedc553b6945cb750dbe1e33983472bb52libxml2-python-2.7.6-8.el6_3.4.i686.rpm574c6aee865f2567a741bbd50beee93f58bc11e9fca47a8d11530fd806782a06libxml2-static-2.7.6-8.el6_3.4.i686.rpm939d3891a3a9b27fb8768f8e03b43a4425dab2e3a87678267234f9450e423dfcSLSA-2012:1549-1A flaw was found in the DNS64 implementation in BIND. If a remote attacker sent a specially-crafted query to a named server, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default. (CVE-2012-5688) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-devel-9.8.2-0.10.rc1.el6_3.6.i686.rpm9f37655b435ab004131d6782c37aa7262b5c5a1c39c142d109cf43d1c71a81c8bind-9.8.2-0.10.rc1.el6_3.6.i686.rpmcb6d6efeec0680da9d494951425bbbfdb25cda52da8c3fb4c2311522d32d1ceebind-sdb-9.8.2-0.10.rc1.el6_3.6.i686.rpm172e285809cb168f9c19c7966604c313d6820909e61529b9fe4f0aef1bb8ac84bind-chroot-9.8.2-0.10.rc1.el6_3.6.i686.rpmb9bf33c0ae1a93ffd14cfacd86fc591936b2edf97bd0c826bf77d3b3aef034e4bind-libs-9.8.2-0.10.rc1.el6_3.6.i686.rpmfe67892e8fb10c728e12c69d24dd2f65d93c18c6ce1079e6ec7e15347ec407edbind-utils-9.8.2-0.10.rc1.el6_3.6.i686.rpmf024b1055ef8eda208916b9221fe7beb6d001d1b5ad7a19793e456c610c83fbeSLSA-2012:1551-1A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. (CVE-2012-5611) After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6mysql-libs-5.1.66-2.el6_3.i686.rpm6b53b8ed15bcd3189ba33c512379dabf5f6b28d3c7d42e42cd624110a6212922mysql-server-5.1.66-2.el6_3.i686.rpm81a293a1f455dcb812cabcec199bcbdfe143858091aff770241406579658f119mysql-embedded-devel-5.1.66-2.el6_3.i686.rpm2fae447e6bd795f8c249f7c7a65eff4a20d77bb0b845dcccd104cee9c5dbd4b8mysql-5.1.66-2.el6_3.i686.rpm81aa79befe99d3ed3edf6a41e02b8e56ac315ae26eb3a70e4626171d70dfcdccmysql-bench-5.1.66-2.el6_3.i686.rpm84c552e59e8610a8a1a562099586efc3e55794aa38185997834dc82204fbd663mysql-devel-5.1.66-2.el6_3.i686.rpmde1fae3d6c61b14ec6ed2fb425513618b08daf1f4c204b18333e6c2b48ad37f8mysql-test-5.1.66-2.el6_3.i686.rpm28bf3f7953df13ad173472278bd24f602015f0974fe0149a8ec120186de2a7famysql-embedded-5.1.66-2.el6_3.i686.rpm31053e3b79f7ac1b4c934ff73167a67f2bc392cf21965444438b2d41601ba177SLSA-2012:1580-1This update fixes the following security issues: * It was found that the SLSA-2012:0862 update did not correctly fix the CVE-2011-4131 issue. A malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client. (CVE-2012-2375, Moderate) * A divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the TCP Illinois congestion control algorithm were in use (the sysctl net.ipv4.tcp_congestion_control variable set to "illinois"), a local, unprivileged user could trigger this flaw and cause a denial of service. (CVE-2012-4565, Moderate) * A NULL pointer dereference flaw was found in the way a new node's hot added memory was propagated to other nodes' zonelists. By utilizing this newly added memory from one of the remaining nodes, a local, unprivileged user could use this flaw to cause a denial of service. (CVE-2012-5517, Moderate) * It was found that the initial release of Scientific Linux 6 did not correctly fix the CVE-2009-4307 issue, a divide-by-zero flaw in the ext4 file system code. A local, unprivileged user with the ability to mount an ext4 file system could use this flaw to cause a denial of service. (CVE-2012-2100, Low) * A flaw was found in the way the Linux kernel's IPv6 implementation handled overlapping, fragmented IPv6 packets. A remote attacker could potentially use this flaw to bypass protection mechanisms (such as a firewall or intrusion detection system (IDS)) when sending network packets to a target system. (CVE-2012-4444, Low) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6perf-2.6.32-279.19.1.el6.i686.rpmea2cd72a1c264eb3a59c9b42160cf2d30e62b97ac18d247bc5b4e7d3b08b4a87kernel-debug-devel-2.6.32-279.19.1.el6.i686.rpm532e463eb4d7ca85082c7396838076f7959a8fcacb431608d2284021aa2ff40akernel-doc-2.6.32-279.19.1.el6.noarch.rpm4ab6a661f6d51d58e05200da49ed4d7a40a6b5727e833f6d02c25d360690429bkernel-2.6.32-279.19.1.el6.i686.rpmbde5236ceb62e9260c1e1795296aea245caf533da29da9349ecc65d7d2e9c944kernel-firmware-2.6.32-279.19.1.el6.noarch.rpm4c661f761ca97e682239bdba86e5fd97f6f91ad8400174643f2611fdd23e3a03kernel-devel-2.6.32-279.19.1.el6.i686.rpmb97e02166af312e3943d8a9d7e1a34d83f6d4116a459be2458692601cb8b7ac6python-perf-2.6.32-279.19.1.el6.i686.rpmecef7d5a97ca616971966641880f80219243122df782feabaee3a854e15a9293kernel-headers-2.6.32-279.19.1.el6.i686.rpme0b633fb61cd2606549f95c7bd2b9621030c3f08037598ce310b93b525306ee0kernel-debug-2.6.32-279.19.1.el6.i686.rpm66d65992ed967a616fc20ed03e857f379d5e0bc1696d90d9b85d38e13692cb36SLSA-2012:1590-1A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF images using the Pixar Log Format encoding. An attacker could create a specially-crafted TIFF file that, when opened, could cause an application using libtiff to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-4447) A stack-based buffer overflow flaw was found in the way libtiff handled DOTRANGE tags. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. (CVE-2012-5581) A heap-based buffer overflow flaw was found in the tiff2pdf tool. An attacker could use this flaw to create a specially-crafted TIFF file that would cause tiff2pdf to crash or, possibly, execute arbitrary code. (CVE-2012-3401) A missing return value check flaw, leading to a heap-based buffer overflow, was found in the ppm2tiff tool. An attacker could use this flaw to create a specially-crafted PPM (Portable Pixel Map) file that would cause ppm2tiff to crash or, possibly, execute arbitrary code. (CVE-2012-4564) All running applications linked against libtiff must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libtiff-static-3.9.4-9.el6_3.i686.rpm12acebfb03c045b6d22e79ec62d4b8b1baa6335ee1a9151438d7a4a49baa1b78libtiff-devel-3.9.4-9.el6_3.i686.rpm020ddedbca6bb6f7b610f70a0a832db7cd355fb8929928055def9eeb1962ec43libtiff-3.9.4-9.el6_3.i686.rpm5d6ceb8dbb42ec9d7f47bfc1cad25749a48c7ed4f5d8547f7154c9d7d3895af8SLSA-2013:0144-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0744, CVE-2013-0746, CVE-2013-0750, CVE-2013-0753, CVE-2013-0754, CVE-2013-0762, CVE-2013-0766, CVE-2013-0767, CVE-2013-0769) A flaw was found in the way Chrome Object Wrappers were implemented. Malicious content could be used to cause Firefox to execute arbitrary code via plug-ins installed in Firefox. (CVE-2013-0758) A flaw in the way Firefox displayed URL values in the address bar could allow a malicious site or user to perform a phishing attack. (CVE-2013-0759) An information disclosure flaw was found in the way certain JavaScript functions were implemented in Firefox. An attacker could use this flaw to bypass Address Space Layout Randomization (ASLR) and other security restrictions. (CVE-2013-0748) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-10.0.12-1.el6_3.i686.rpm9f11d57b8da6d82d930d71fc7d6929b1c5580219eafa46266eb8b299d61d5e83xulrunner-devel-10.0.12-1.el6_3.i686.rpm86e62f77633b45bea5530dd34557bdd46373368988fdc95252893d0065bdaf5bxulrunner-10.0.12-1.el6_3.i686.rpm2ae646887e73f6333c807a2e34511fa180d7f7f8cc50e3e9319f21f23d79db35SLSA-2013:0145-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-0744, CVE-2013-0746, CVE-2013-0750, CVE-2013-0753, CVE-2013-0754, CVE-2013-0762, CVE-2013-0766, CVE-2013-0767, CVE-2013-0769) A flaw was found in the way Chrome Object Wrappers were implemented. Malicious content could be used to cause Thunderbird to execute arbitrary code via plug- ins installed in Thunderbird. (CVE-2013-0758) A flaw in the way Thunderbird displayed URL values could allow malicious content or a user to perform a phishing attack. (CVE-2013-0759) An information disclosure flaw was found in the way certain JavaScript functions were implemented in Thunderbird. An attacker could use this flaw to bypass Address Space Layout Randomization (ASLR) and other security restrictions. (CVE-2013-0748) Note: All issues except CVE-2013-0744, CVE-2013-0753, and CVE-2013-0754 cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-10.0.12-3.el6_3.i686.rpme984c2621d7f8b6eea1eed85c1cc2ab5418807bfa703fc71539d9e454c5c7a8dSLSA-2013:0165-1Two improper permission check issues were discovered in the reflection API in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2012-3174, CVE-2013-0422) This erratum also upgrades the OpenJDK package to IcedTea7 2.3.4. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-1.7.0.9-2.3.4.1.el6_3.i686.rpm2d4997e1772154a24514846932da6cb94b3648271c624dc079117cfe966044fbjava-1.7.0-openjdk-javadoc-1.7.0.9-2.3.4.1.el6_3.noarch.rpm73709012ed4d3b0d06ce5f466ceff9dbe1738f9215073bb91da2b538ecc1740ajava-1.7.0-openjdk-devel-1.7.0.9-2.3.4.1.el6_3.i686.rpme70a782da70aa1970d5fa94e3dc3baa465a742f437e15e493b69a5c3f3e8fd19java-1.7.0-openjdk-demo-1.7.0.9-2.3.4.1.el6_3.i686.rpmc14b62b8d303bec65273bb00f95c21a31656ce70197d585813ed770478699d1ajava-1.7.0-openjdk-src-1.7.0.9-2.3.4.1.el6_3.i686.rpmbb9fc2312c86b46bc1b9af37b68b5d8096a04d8cc3ec72e82d227e3eee09498fSLSA-2013:0169-1It was found that Vino transmitted all clipboard activity on the system running Vino to all clients connected to port 5900, even those who had not authenticated. A remote attacker who is able to access port 5900 on a system running Vino could use this flaw to read clipboard data without authenticating. (CVE-2012-4429) Two out-of-bounds memory read flaws were found in the way Vino processed client framebuffer requests in certain encodings. An authenticated client could use these flaws to send a specially-crafted request to Vino, causing it to crash. (CVE-2011-0904, CVE-2011-0905) In certain circumstances, the vino-preferences dialog box incorrectly indicated that Vino was only accessible from the local network. This could confuse a user into believing connections from external networks are not allowed (even when they are allowed). With this update, vino-preferences no longer displays connectivity and reachable information. (CVE-2011-1164) There was no warning that Universal Plug and Play (UPnP) was used to open ports on a user's network router when the "Configure network automatically to accept connections" option was enabled (it is disabled by default) in the Vino preferences. This update changes the option's description to avoid the risk of a UPnP router configuration change without the user's consent. (CVE-2011-1165) The GNOME session must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6vino-2.28.1-8.el6_3.i686.rpme0b5a21274979581cda5f7d5f96a6eb777ef337011196936b60b5ac59c14acf3SLSA-2013:0188-1A weakness was found in the way IPA clients communicated with IPA servers when initially attempting to join IPA domains. As there was no secure way to provide the IPA server's Certificate Authority (CA) certificate to the client during a join, the IPA client enrollment process was susceptible to man-in-the-middle attacks. This flaw could allow an attacker to obtain access to the IPA server using the credentials provided by an IPA client, including administrative access to the entire domain if the join was performed using an administrator's credentials. (CVE-2012-5484) Note: This weakness was only exposed during the initial client join to the realm, because the IPA client did not yet have the CA certificate of the server. Once an IPA client has joined the realm and has obtained the CA certificate of the IPA server, all further communication is secure. If a client were using the OTP (one-time password) method to join to the realm, an attacker could only obtain unprivileged access to the server (enough to only join the realm). This update must be installed on both the IPA client and IPA server. When this update has been applied to the client but not the server, ipa-client-install, in unattended mode, will fail if you do not have the correct CA certificate locally, noting that you must use the "--force" option to insecurely obtain the certificate. In interactive mode, the certificate will try to be obtained securely from LDAP. If this fails, you will be prompted to insecurely download the certificate via HTTP. In the same situation when using OTP, LDAP will not be queried and you will be prompted to insecurely download the certificate via HTTP. After installing the update, changes in LDAP are handled by ipa-ldap-updater automatically and are effective immediately.importantScientific Linux FermiScientific Linux Fermi 6ipa-server-2.2.0-17.el6_3.1.i686.rpma6ed1dc49472cd13322e5d564aecef293fcec98268ae0367cad72f1ba3bdc6c6ipa-admintools-2.2.0-17.el6_3.1.i686.rpm414958beeecb12604ede70d57ee946bfd3972cf1591576f50a065a43e3c19fa7ipa-client-2.2.0-17.el6_3.1.i686.rpm8e2fdedb1841ada6166ac852611249cad6788e53d21b7fce3286470a4592332eipa-server-selinux-2.2.0-17.el6_3.1.i686.rpm75c159697e0ba2211ac3c2399cb79205205ad5b4e87afe9fb6dd5710899b87d2ipa-python-2.2.0-17.el6_3.1.i686.rpmee88ac07b6d84964e1c5eaba0e38eac2174e7c57e8743d7faf3b6dfd4b09e714SLSA-2013:0199-1A flaw was found in the way libvirtd handled connection cleanup (when a connection was being closed) under certain error conditions. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, execute arbitrary code with the privileges of the root user. (CVE-2013-0170) After installing the updated packages, libvirtd will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6libvirt-python-0.9.10-21.el6_3.8.i686.rpm257a98558c66eee6d990fe94a8b4406a1437b2b238fc7b7f4e173b89153324d5libvirt-client-0.9.10-21.el6_3.8.i686.rpm18cf8fbce78436c0b61465f0d941356f9b8151453eb961fa4bac310afa19bcaclibvirt-0.9.10-21.el6_3.8.i686.rpm3f59885f4d4b58d34e7f03b3741b3f87e92a7e9246283311147a9bdba47235d7libvirt-devel-0.9.10-21.el6_3.8.i686.rpma79bcb9b0b84a0a2a800da8bf36949aea8aa9c0dd82a340ec2ff9539ff9e3444SLSA-2013:0213-1It was found that a Certificate Authority (CA) mis-issued two intermediate certificates to customers. These certificates could be used to launch man-in- the-middle attacks. This update renders those certificates as untrusted. This covers all uses of the certificates, including SSL, S/MIME, and code signing. Note: This fix only applies to applications using the NSS Builtin Object Token. It does not render the certificates untrusted for applications that use the NSS library, but do not use the NSS Builtin Object Token. In addition, the nss package has been upgraded to upstream version 3.13.6, the nss-util package has been upgraded to upstream version 3.13.6, and the nspr package has been upgraded to upstream version 4.9.2. These updates provide a number of bug fixes and enhancements over the previous versions. After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6nspr-4.9.2-0.el6_3.1.i686.rpm8a8eb0c8f1220e064663fe83d2549b964975f28bbb628ad11cb4e0a3fcd5a404nss-3.13.6-2.el6_3.i686.rpma3e2f01f9e25d55344b7c9a93a3920f2eccd1af0c3b8646e6e21f2436a6f5680nspr-devel-4.9.2-0.el6_3.1.i686.rpm27799a306395799736e542f3d4f1fd02d5e6fdabde323a2539731a98c6166fd8nss-sysinit-3.13.6-2.el6_3.i686.rpm757a4d2106a12e19c13ebced528abb2ba686587d6e43e1191a106a04610dab41nss-pkcs11-devel-3.13.6-2.el6_3.i686.rpmee833dc14a8cb07dfebf36d581ec1fad19eb9b89bc0e3839fe6f499b8a87e892nss-devel-3.13.6-2.el6_3.i686.rpm6d9f6769dd5607753e1951da3c17acda3c32951b6ec92b73db647083e03c3a20nss-util-3.13.6-1.el6_3.i686.rpmb8ccb0da9f8035cee99646a81fb84a5ec88c6ecf34798763ff2eb3ef357e9e41nss-tools-3.13.6-2.el6_3.i686.rpm3369eb11f3e71edea3c7f64cf50235eb1362edae61bb3af31e80f9c6bd7c7a51nss-util-devel-3.13.6-1.el6_3.i686.rpm56e3efa50502b4f90ecd36c4eadbd730771556ca14275e9d2ea0655979d4d812SLSA-2013:0215-1It was found that the /usr/libexec/abrt-action-install-debuginfo-to-abrt-cache tool did not sufficiently sanitize its environment variables. This could lead to Python modules being loaded and run from non-standard directories (such as /tmp/). A local attacker could use this flaw to escalate their privileges to that of the abrt user. (CVE-2012-5659) A race condition was found in the way ABRT handled the directories used to store information about crashes. A local attacker with the privileges of the abrt user could use this flaw to perform a symbolic link attack, possibly allowing them to escalate their privileges to root. (CVE-2012-5660)importantScientific Linux FermiScientific Linux Fermi 6abrt-addon-vmcore-2.0.8-6.el6_3.2.i686.rpm270f2d3f578948f38ed2b2211b64b5169e01b9d67c28177d4c7eafb0a44eb8e3abrt-libs-2.0.8-6.el6_3.2.i686.rpmb76a7d401bcc5257c1c9008f7e2a7be6aaa6437e634765d16e1c54f668978747abrt-addon-kerneloops-2.0.8-6.el6_3.2.i686.rpmfcb5e2a57a135aa4465ab753bd4f0eeb0cbcb21e40866d7341cebb302940e9c4abrt-gui-2.0.8-6.el6_3.2.i686.rpm652078c110424f6823e7a9c51c7865a6889a523b2c611fcfc9b39b22fd341a22libreport-2.0.9-5.el6_3.2.i686.rpm667be34c9c1c0250c20bd1c66c0dbcaebdf639beae032bf09402931c1f7c1c68libreport-plugin-rhtsupport-2.0.9-5.el6_3.2.i686.rpm35a8305423106fd47e40bd0ffa95d8209ab91acaf4872f34744595fb74b6948eabrt-2.0.8-6.el6_3.2.i686.rpmf8865c54b415b573c03ff2a910462cef1e2c2cbb20149b66415670c6c2231b12abrt-tui-2.0.8-6.el6_3.2.i686.rpm903f7c02f5382dbc4d3051ed7c36c71a3b595644b25c5e70b8604f9d6a0e8ae6libreport-cli-2.0.9-5.el6_3.2.i686.rpm542309d7cb7f1f10bf31f869ae762a4628e18f057888733ec66ffc0b708e3c82libreport-newt-2.0.9-5.el6_3.2.i686.rpme7ec7242905cd4d9f9a2ef522c3725c8c4fdad0d297fd828288eafdabbc10abelibreport-plugin-kerneloops-2.0.9-5.el6_3.2.i686.rpmd6c04c0a0caf0a877d27a2c7f3a5a28d186665f4bca44d7549a11238cbaf55d3abrt-addon-ccpp-2.0.8-6.el6_3.2.i686.rpm2676da862e9c5b10295a5909fb1c01c23cfb5a0610ee96d933e996eedaab5935abrt-desktop-2.0.8-6.el6_3.2.i686.rpm750c2b34e159c8fc261154a78622bc582837decb1ab9ec890ce5ab4a3d5e92eflibreport-plugin-mailx-2.0.9-5.el6_3.2.i686.rpm45082a89aa70ac8624df80150ba50eb6ffc55317b5c4e7ab4d0c6b03f5c57516abrt-cli-2.0.8-6.el6_3.2.i686.rpm010522445d4590518df5823fd17c9efba9216135b22cab5b45280b3197bde9c7abrt-addon-python-2.0.8-6.el6_3.2.i686.rpm8e9d79282b7f7515087b78f58c84412417c56575b68847699355c61db6ed8e47libreport-plugin-bugzilla-2.0.9-5.el6_3.2.i686.rpm418056628c070c8e1ced5d4843e6ad1d00d837bcacb2eaa91cf2beec3661e1celibreport-plugin-logger-2.0.9-5.el6_3.2.i686.rpm50a6bae3c80879f37b29bf5ba78e56a2da682fc9c40fa958348dba04d198d635libreport-plugin-reportuploader-2.0.9-5.el6_3.2.i686.rpm2a5e83f61002721f1c7c93efc72277ddb2cc843654b6c0f16daaaf2c2ab185ealibreport-devel-2.0.9-5.el6_3.2.i686.rpma5d588cb936c5e6569ea03320e26c1829eec1a1144c97c37feda0d9befbe150alibreport-python-2.0.9-5.el6_3.2.i686.rpm8af33e95233bb39e7ad53154482cdccd7299a124500e1f7f5c1873617f839133abrt-devel-2.0.8-6.el6_3.2.i686.rpm58c0ae4819a534c3445cfcd50907df6cc62e9b2d56dfe8ab3b4ea0eccdc71150libreport-gtk-devel-2.0.9-5.el6_3.2.i686.rpm72d4effe522d2f23e7df9308827b881b5a8bbe376c8fd7dd90de69d52aa51b45libreport-gtk-2.0.9-5.el6_3.2.i686.rpm881da2e7db682ef8cebf6725ce5e9461ad57c39d47f58cb5f7a5b7807b1abc65SLSA-2013:0216-1A flaw was found in the way the FreeType font rendering engine processed certain Glyph Bitmap Distribution Format (BDF) fonts. If a user loaded a specially-crafted font file with an application linked against FreeType, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5669) The X server must be restarted (log out, then log back in) for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6freetype-demos-2.3.11-14.el6_3.1.i686.rpmc77e26d20735b7b4b00cef7d48f98d0fa6bc293b9d467e4396f16018f153f0abfreetype-devel-2.3.11-14.el6_3.1.i686.rpm166d552fa656b957cdf73f5f033022c34c7c80c61c7382678c75e8b64865a04efreetype-2.3.11-14.el6_3.1.i686.rpm9cfc4096039705998f5b27a746717c907f856d55f8ef62fb44d626b6f403be93SLSA-2013:0218-1A flaw was found in the way the host's qemu-kvm qxl driver and the guest's X.Org qxl driver interacted when a SPICE connection terminated. A user able to initiate a SPICE connection to a guest could use this flaw to make the guest temporarily unavailable or, potentially (if the sysctl kernel.softlockup_panic variable was set to "1" in the guest), crash the guest. (CVE-2013-0241) All running X.Org server instances using the qxl driver must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6xorg-x11-drv-qxl-0.0.14-14.el6_3.i686.rpm202a6706869dd17531e05b1767e49877a1b330c57e2ef36024cdc0556493d282SLSA-2013:0219-1(CVE-2012-0572, CVE-2012-0574, CVE-2012-1702, CVE-2012-1705, CVE-2013-0375, CVE-2013-0383, CVE-2013-0384, CVE-2013-0385, CVE-2013-0389) After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6mysql-embedded-devel-5.1.67-1.el6_3.i686.rpmdce544efbf1ba097de59c5c518a5934f85cbc7e9cd3636f85ff54192e6fbc81dmysql-devel-5.1.67-1.el6_3.i686.rpm2e09b1b1384e07217ebbd8271d1a057b1654abba0038f10620c80b807937b1a2mysql-bench-5.1.67-1.el6_3.i686.rpm464e7f5c5db38c98907383831e343d72aec49cbf815e2cbeefb1937d519039c6mysql-test-5.1.67-1.el6_3.i686.rpmf5ff7f01377f881142d9a33ce6c82d9f0358d7aab72d890f51b7a0931ef46737mysql-embedded-5.1.67-1.el6_3.i686.rpm19c317d07d44de06ef19f30d218f2622f1f080b1f2441298353054f1be54649bmysql-server-5.1.67-1.el6_3.i686.rpme11d0c7ce8dfd3829b22db8c5f419cce61fd72b569b4ab2cecb525979fd2700dmysql-libs-5.1.67-1.el6_3.i686.rpme1249322ee4d88497c8489aecf6944e6ebc467df66d6387b4c342d8b36b2f60fmysql-5.1.67-1.el6_3.i686.rpm5ec0812894b068fa23d7adbf00c37e19418e8bb3cc23aaea0105a84fff781caaSLSA-2013:0223-1This update fixes the following security issues: * It was found that a deadlock could occur in the Out of Memory (OOM) killer. A process could trigger this deadlock by consuming a large amount of memory, and then causing request_module() to be called. A local, unprivileged user could use this flaw to cause a denial of service (excessive memory consumption). (CVE-2012-4398, Moderate) * A flaw was found in the way the KVM (Kernel-based Virtual Machine) subsystem handled guests attempting to run with the X86_CR4_OSXSAVE CPU feature flag set. On hosts without the XSAVE CPU feature, a local, unprivileged user could use this flaw to crash the host system. (The "grep --color xsave /proc/cpuinfo" command can be used to verify if your system has the XSAVE CPU feature.) (CVE-2012-4461, Moderate) * A memory disclosure flaw was found in the way the load_script() function in the binfmt_script binary format handler handled excessive recursions. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space by executing specially-crafted scripts. (CVE-2012-4530, Low) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-headers-2.6.32-279.22.1.el6.i686.rpma01bdf0471fb452de01eca03f0b93763a80e0914a87ad57f0d793938553035f9kernel-devel-2.6.32-279.22.1.el6.i686.rpm2068cf97df2d90b0700f31b19b2b9e490d46ae5161a257aa16a1256f10d14a59python-perf-2.6.32-279.22.1.el6.i686.rpmbd0260887e88fdb7ebc9881d543bcdea91affa8d6d2921d0b9359e5137b0f0e3kernel-2.6.32-279.22.1.el6.i686.rpm8568eac89d147bcd0561cffdb7b2f43598a76062d4fcc2c8244adc81e266668akernel-doc-2.6.32-279.22.1.el6.noarch.rpm38332bc16ffddeff17dc54971aedc28acf6ece5bcbcc6302a70f01673b480942kernel-debug-devel-2.6.32-279.22.1.el6.i686.rpm7fd43bcef44e12fdb2a659f7fe9f5253a7526e2dbc0ebac45282431533085348perf-2.6.32-279.22.1.el6.i686.rpm90525f1857cbaa9ec570cfe3568650b3b21a0440b380e93935603eaff8247d1dkernel-debug-2.6.32-279.22.1.el6.i686.rpm73174a81dd2d209cb402904192473c8c0d1961109b68beab614913570052b4bakernel-firmware-2.6.32-279.22.1.el6.noarch.rpm8620c56cd4a45c0e32790f5d292a19657ddc111226a59add395d15a5d93753e4SLSA-2013:0245-1Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-0442, CVE-2013-0445, CVE-2013-0441, CVE-2013-1475, CVE-2013-1476, CVE-2013-0429, CVE-2013-0450, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428) Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially-crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges. (CVE-2013-1478, CVE-2013-1480) A flaw was found in the AWT component's clipboard handling code. An untrusted Java application or applet could use this flaw to access clipboard data, bypassing Java sandbox restrictions. (CVE-2013-0432) The default Java security properties configuration did not restrict access to certain com.sun.xml.internal packages. An untrusted Java application or applet could use this flaw to access information, bypassing certain Java sandbox restrictions. This update lists the whole package as restricted. (CVE-2013-0435) Multiple improper permission check issues were discovered in the Libraries, Networking, and JAXP components. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2013-0427, CVE-2013-0433, CVE-2013-0434) It was discovered that the RMI component's CGIHandler class used user inputs in error messages without any sanitization. An attacker could use this flaw to perform a cross-site scripting (XSS) attack. (CVE-2013-0424) It was discovered that the SSL/TLS implementation in the JSSE component did not properly enforce handshake message ordering, allowing an unlimited number of handshake restarts. A remote attacker could use this flaw to make an SSL/TLS server using JSSE consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2013-0440) It was discovered that the JSSE component did not properly validate Diffie- Hellman public keys. An SSL/TLS client could possibly use this flaw to perform a small subgroup attack. (CVE-2013-0443) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.11.6. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-1.6.0.0-1.54.1.11.6.el6_3.i686.rpm811abd95fefa49aceffa09c04619823e4ffea136058986ddcb2b50955bb6e806java-1.6.0-openjdk-demo-1.6.0.0-1.54.1.11.6.el6_3.i686.rpm8a31db77521aa4bb8a28c1fe0ffc2f101eee51c93971474dabff5b89d8dc8b8ejava-1.6.0-openjdk-src-1.6.0.0-1.54.1.11.6.el6_3.i686.rpm646c413257168d95a68e6538e3aab55f3fee9d3648b598cb58b5d425578b64a0java-1.6.0-openjdk-devel-1.6.0.0-1.54.1.11.6.el6_3.i686.rpmfa15d38e50be3ef519a263c5c92a2c9ea0dbe11d52462c636c87f2d657cb7c44java-1.6.0-openjdk-javadoc-1.6.0.0-1.54.1.11.6.el6_3.i686.rpmec3adbac17e8ed97f4e3acf9469aec64339bbf5e0091a047770a152bbfe8020fSLSA-2013:0247-1Multiple improper permission check issues were discovered in the AWT, CORBA, JMX, Libraries, and Beans components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-0442, CVE-2013-0445, CVE-2013-0441, CVE-2013-1475, CVE-2013-1476, CVE-2013-0429, CVE-2013-0450, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-0444) Multiple flaws were found in the way image parsers in the 2D and AWT components handled image raster parameters. A specially-crafted image could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges. (CVE-2013-1478, CVE-2013-1480) A flaw was found in the AWT component's clipboard handling code. An untrusted Java application or applet could use this flaw to access clipboard data, bypassing Java sandbox restrictions. (CVE-2013-0432) The default Java security properties configuration did not restrict access to certain com.sun.xml.internal packages. An untrusted Java application or applet could use this flaw to access information, bypassing certain Java sandbox restrictions. This update lists the whole package as restricted. (CVE-2013-0435) Multiple improper permission check issues were discovered in the JMX, Libraries, Networking, and JAXP components. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2013-0431, CVE-2013-0427, CVE-2013-0433, CVE-2013-0434) It was discovered that the RMI component's CGIHandler class used user inputs in error messages without any sanitization. An attacker could use this flaw to perform a cross-site scripting (XSS) attack. (CVE-2013-0424) It was discovered that the SSL/TLS implementation in the JSSE component did not properly enforce handshake message ordering, allowing an unlimited number of handshake restarts. A remote attacker could use this flaw to make an SSL/TLS server using JSSE consume an excessive amount of CPU by continuously restarting the handshake. (CVE-2013-0440) It was discovered that the JSSE component did not properly validate Diffie- Hellman public keys. An SSL/TLS client could possibly use this flaw to perform a small subgroup attack. (CVE-2013-0443) This erratum also upgrades the OpenJDK package to IcedTea7 2.3.5. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-demo-1.7.0.9-2.3.5.3.el6_3.i686.rpmcbd6ba03bc91e63c54ed8c98d95523728440166af4cb49e614d27831c707288ajava-1.7.0-openjdk-devel-1.7.0.9-2.3.5.3.el6_3.i686.rpm97c688e2d6b70dad6180bfdd7b375446a86719f63c8d082fcd05c701e5b61116java-1.7.0-openjdk-1.7.0.9-2.3.5.3.el6_3.i686.rpmbd6620e89e02204d979f6d0db1481a686e895efc6322e62ad05dd723dfe47fadjava-1.7.0-openjdk-src-1.7.0.9-2.3.5.3.el6_3.i686.rpmfda010df27d6fedbda937ff27e75c25cf3908de21fc6a848547b4a80cd9ba839java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.5.3.el6_3.noarch.rpm2a5a1aec9f88767a88c25606000ac92b739894bffdf4537287bb18af22a9d14bSLSA-2013:0250-1It was found that ELinks performed client credentials delegation during the client-to-server GSS security mechanisms negotiation. A rogue server could use this flaw to obtain the client's credentials and impersonate that client to other servers that are using GSSAPI. (CVE-2012-4545)moderateScientific Linux FermiScientific Linux Fermi 6elinks-0.12-0.21.pre5.el6_3.i686.rpm801fe4561f68f06c6cabe924192db3e9f04ae99ff939db13a04ef6155530ce00SLSA-2013:0269-1Apache Axis did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5784) Applications using Apache Axis must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6axis-1.2.1-7.3.el6_3.noarch.rpm3cba1019ea6be41ab290089b0f3a8250970795be0d16737be189c3d550d2af8baxis-javadoc-1.2.1-7.3.el6_3.noarch.rpm40a67069e6e1cec94d58ec87b22cbc1da31da0af468f3f3cc8548037728db0bdaxis-manual-1.2.1-7.3.el6_3.noarch.rpm11d121ba7d5700535eaad9482bf21e2d98a4ed68b7d59527f6ab2bdb0ea84197SLSA-2013:0270-1The Jakarta Commons HttpClient component did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the- middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name. (CVE-2012-5783) Applications using the Jakarta Commons HttpClient component must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6jakarta-commons-httpclient-3.1-0.7.el6_3.i686.rpm0f040e11950c096f00426b4815e950d8e6427ceeaa3f1e7dc052786c00a732f4jakarta-commons-httpclient-demo-3.1-0.7.el6_3.i686.rpm7b7d2f488876f47553ea2070b225b5110dbe4acb4f3980492d834c19a2e0b0f0jakarta-commons-httpclient-manual-3.1-0.7.el6_3.i686.rpm0670b18d930973f49c3c80a01f8d7f548d8952c1ecf9386a7fda4f82583a16a8jakarta-commons-httpclient-javadoc-3.1-0.7.el6_3.i686.rpmf1f9866ecaa3aa49c72ef10a5ad5a9729611fc2d913b5346f3cfd4c368eb1985SLSA-2013:0271-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0775, CVE-2013-0780, CVE-2013-0782, CVE-2013-0783) It was found that, after canceling a proxy server's authentication prompt, the address bar continued to show the requested site's address. An attacker could use this flaw to conduct phishing attacks by tricking a user into believing they are viewing a trusted site. (CVE-2013-0776) Note that due to a Kerberos credentials change, the following configuration steps may be required when using Firefox 17.0.3 ESR with the Enterprise Identity Management (IPA) web interface: Important: Firefox 17 is not completely backwards-compatible with all Mozilla add-ons and Firefox plug-ins that worked with Firefox 10.0. Firefox 17 checks compatibility on first-launch, and, depending on the individual configuration and the installed add-ons and plug-ins, may disable said Add-ons and plug-ins, or attempt to check for updates and upgrade them. Add-ons and plug-ins may have to be manually updated. After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6libproxy-kde-0.3.0-4.el6_3.i686.rpm643a6a35d3f3d57ae86c3265c6d475a784652b30be7a5afb9acc5d08ae7b9b83libproxy-mozjs-0.3.0-4.el6_3.i686.rpm271b5b99d924b275bf72bf4325b39d4e15c270057779b5a9e26fb3f23f3d9d54libproxy-0.3.0-4.el6_3.i686.rpma58762d1cd9baad7dbde8c497d6c0557d9fde0bc6b5dbc3ce7293938966140d9libproxy-gnome-0.3.0-4.el6_3.i686.rpm8da3fbb3b86400a87ab09e4365cbcbd72a1a02783e4e5f1b7a90a1947b473e5alibproxy-webkit-0.3.0-4.el6_3.i686.rpm3e0e68a345105ec6915530049b02e15d40974b4fdc75e3e261c1f9b7af6292dbxulrunner-17.0.3-1.el6_3.i686.rpm23a6025509e0088c19903297c92ea00ee27540ca76f868a053f55a64f9270578firefox-17.0.3-1.el6_3.i686.rpm324a4c3e6294858a2b1161cc874680147db43dcaf4e7ad5a1f864313d8e6ef3elibproxy-bin-0.3.0-4.el6_3.i686.rpm764037800e30407215c8ffaa9088336f3820fc7eafabbb82127cf222b675212blibproxy-python-0.3.0-4.el6_3.i686.rpmd764158d08278185e598fc3849783d68f83d6cde44a90fa9b357dd9a05daa694yelp-2.28.1-17.el6_3.i686.rpm4e7e9502104261e8228b8a0cf09d1f436045d2e95a5aa8f543cc5f2eac941234xulrunner-devel-17.0.3-1.el6_3.i686.rpmfa39799950c6984c759f26b3bd3ab4d7d9f19e0652f9b2f48d114b0da6f501e9libproxy-devel-0.3.0-4.el6_3.i686.rpmb8a5d9d9205f9d024751da541b05d30f167991bb6bb618656498e0f17751c9f2SLSA-2013:0272-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-0775, CVE-2013-0780, CVE-2013-0782, CVE-2013-0783) It was found that, after canceling a proxy server's authentication prompt, the address bar continued to show the requested site's address. An attacker could use this flaw to conduct phishing attacks by tricking a user into believing they are viewing trusted content. (CVE-2013-0776) Note: All issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. Important: This erratum upgrades Thunderbird to version 17.0.3 ESR. Thunderbird 17 is not completely backwards-compatible with all Mozilla add-ons and Thunderbird plug-ins that worked with Thunderbird 10.0. Thunderbird 17 checks compatibility on first-launch, and, depending on the individual configuration and the installed add-ons and plug-ins, may disable said Add-ons and plug-ins, or attempt to check for updates and upgrade them. Add-ons and plug-ins may have to be manually updated. After installing the update, Thunderbird must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6thunderbird-17.0.3-1.el6_3.i686.rpm385fa4383ce73329542fff0755f8ae259b14d40185828ef054b942ee326cfab3SLSA-2013:0273-1An improper permission check issue was discovered in the JMX component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2013-1486) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) Note: If the web browser plug-in provided by the icedtea-web package was installed, CVE-2013-1486 could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea6 1.11.8. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-javadoc-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm48e8290ef1054da73a1110e6af14afab663f0bc6727c150eab0c9cc262f9d91ejava-1.6.0-openjdk-1.6.0.0-1.56.1.11.8.el6_3.i686.rpmb6f1ca7bc664ade5fac85283506ddb7ae0c77fcedc610c702a36c8324bc405b7java-1.6.0-openjdk-devel-1.6.0.0-1.56.1.11.8.el6_3.i686.rpmace6d126914870d6410a2a2784d77a5cd8e7774e7bdf9ee7bbac14e6a119f004java-1.6.0-openjdk-src-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm0c135cca36cf556d31189c191c57c9475d23f34fe029d727ede8e4b6055d8f73java-1.6.0-openjdk-demo-1.6.0.0-1.56.1.11.8.el6_3.i686.rpm62026b09448b3565383e854620a9e7e2829087c6dc9abc5cbd4710c410653efaSLSA-2013:0275-1Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-1486, CVE-2013-1484) An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2013-1485) It was discovered that OpenJDK leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-0169) This erratum also upgrades the OpenJDK package to IcedTea7 2.3.7. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-demo-1.7.0.9-2.3.7.1.el6_3.i686.rpmb1cb2c89af30208a705768d51c0e4e163416b21d82a3504be1814b57c80aadb8java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.7.1.el6_3.noarch.rpmb404ec6583d56e5efc90cd0ab766e7248435229ceb44443024af2b5587153ad5java-1.7.0-openjdk-devel-1.7.0.9-2.3.7.1.el6_3.i686.rpm5235fea0c394cdb82de3c019b3612aa82f2910bf53478340d90130216c896027java-1.7.0-openjdk-1.7.0.9-2.3.7.1.el6_3.i686.rpmf04f34ec2b79a2b70484b7bd6f0053cc920012155e6a59d81695c050c7f677f5java-1.7.0-openjdk-src-1.7.0.9-2.3.7.1.el6_3.i686.rpmffabd7dca1d34b60ebabf877f62f74f923f943fa6e86c3448f26aa2185040c30SLSA-2013:0276-2It was discovered that libvirt made certain invalid assumptions about dnsmasq's command line options when setting up DNS masquerading for virtual machines, resulting in dnsmasq incorrectly processing network packets from network interfaces that were intended to be prohibited. This update includes the changes necessary to call dnsmasq with a new command line option, which was introduced to dnsmasq via SLSA-2013:0277. (CVE-2012-3411) In order for libvirt to be able to make use of the new command line option (--bind-dynamic), updated dnsmasq packages need to be installed. Refer to SLSA-2013:0277 for additional information. After installing the updated packages, libvirtd must be restarted ("service libvirtd restart") for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libvirt-client-0.10.2-18.el6.i686.rpmff68b2de17c1fe9913e18f80d2f5f144f2d307d6d7d82a8b8247cc1d741653c9libvirt-devel-0.10.2-18.el6.i686.rpmec8a9dc6e4089685ea4fb68b45bf81e3aa16f9032c937059994f32f8fe3c80fblibvirt-0.10.2-18.el6.i686.rpm3d5020b713e82612dd6069ae0ab456441925e90a1cb8487b3388968b821befd8libvirt-python-0.10.2-18.el6.i686.rpm5ead33ad267bf445b998b3b401318dc01a317dbe2261ef86e3cecc8dc8330971SLSA-2013:0277-2It was discovered that dnsmasq, when used in combination with certain libvirtd configurations, could incorrectly process network packets from network interfaces that were intended to be prohibited. A remote, unauthenticated attacker could exploit this flaw to cause a denial of service via DNS amplification attacks. (CVE-2012-3411) In order to fully address this issue, libvirt package users are advised to install updated libvirt packages. Refer to SLSA-2013:0276 for additional information. This update also fixes the following bug: * Due to a regression, the lease change script was disabled. Consequently, the "dhcp-script" option in the /etc/dnsmasq.conf configuration file did not work. This update corrects the problem and the "dhcp-script" option now works as expected. This update also adds the following enhancements: * Prior to this update, dnsmasq did not validate that the tftp directory given actually existed and was a directory. Consequently, configuration errors were not immediately reported on startup. This update improves the code to validate the tftp root directory option. As a result, fault finding is simplified especially when dnsmasq is called by external processes such as libvirt. * The dnsmasq init script used an incorrect Process Identifier (PID) in the "stop", "restart", and "condrestart" commands. Consequently, if there were some dnsmasq instances running besides the system one started by the init script, then repeated calling of "service dnsmasq" with "stop" or "restart" would kill all running dnsmasq instances, including ones not started with the init script. The dnsmasq init script code has been corrected to obtain the correct PID when calling the "stop", "restart", and "condrestart" commands. As a result, if there are dnsmasq instances running in addition to the system one started by the init script, then by calling "service dnsmasq" with "stop" or "restart" only the system one is stopped or restarted. * When two or more dnsmasq processes were running with DHCP enabled on one interface, DHCP RELEASE packets were sometimes lost. Consequently, when two or more dnsmasq processes were running with DHCP enabled on one interface, releasing IP addresses sometimes failed. This update sets the SO_BINDTODEVICE socket option on DHCP sockets if running dnsmasq with DHCP enabled on one interface. As a result, when two or more dnsmasq processes are running with DHCP enabled on one interface, they can release IP addresses as expected.moderateScientific Linux FermiScientific Linux Fermi 6dnsmasq-utils-2.48-13.el6.i686.rpm2e47ed5ac0e48699e2483ad9925f1d1c50153383b4c22b75d3edacc1e83b23ecdnsmasq-2.48-13.el6.i686.rpm5347182b99e66f5ec8f52bc689eb611c340b40dfef81904ed233239da5523a25SLSA-2013:0496-2This update fixes the following security issues: * A race condition was found in the way asynchronous I/O and fallocate() interacted when using the ext4 file system. A local, unprivileged user could use this flaw to expose random data from an extent whose data blocks have not yet been written, and thus contain data from a deleted file. (CVE-2012-4508, Important) * A flaw was found in the way the vhost kernel module handled descriptors that spanned multiple regions. A privileged guest user in a KVM guest could use this flaw to crash the host or, potentially, escalate their privileges on the host. (CVE-2013-0311, Important) * It was found that the default SCSI command filter does not accommodate commands that overlap across device classes. A privileged guest user could potentially use this flaw to write arbitrary data to a LUN that is passed- through as read-only. (CVE-2012-4542, Moderate) * A flaw was found in the way the xen_failsafe_callback() function in the Linux kernel handled the failed iret (interrupt return) instruction notification from the Xen hypervisor. An unprivileged user in a 32-bit para-virtualized guest could use this flaw to crash the guest. (CVE-2013-0190, Moderate) * A flaw was found in the way pmd_present() interacted with PROT_NONE memory ranges when transparent hugepages were in use. A local, unprivileged user could use this flaw to crash the system. (CVE-2013-0309, Moderate) * A flaw was found in the way CIPSO (Common IP Security Option) IP options were validated when set from user mode. A local user able to set CIPSO IP options on the socket could use this flaw to crash the system. (CVE-2013-0310, Moderate) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-headers-2.6.32-358.el6.i686.rpmba7662923b115c2d8e05f2cb5fe1e33eca1bb0e369b3f90751bfc5c924cba9c6python-perf-2.6.32-358.el6.i686.rpm68114b3fc657219259b03eec40a07a771a3eb0c7d07352322bba698e1787eebfkernel-devel-2.6.32-358.el6.i686.rpmce7404fc8a781d8079f8342abeb00ebd047bb58cf8628a15d5d06dbda5ef30cdkernel-debug-2.6.32-358.el6.i686.rpmddb0a9ce5ed24686331505cead2df317b3d9ac5c11a4a141910be1e032fc15e7kernel-2.6.32-358.el6.i686.rpm569fa1478376a606a8c7eafd666f9ed98c7f28ec5ae3b0839b72b34a2ce6c3efkernel-doc-2.6.32-358.el6.noarch.rpmf6a084faa184ad6cb7f580a8babbf721f56746e49ee3f1f98a468586c443204ekernel-debug-devel-2.6.32-358.el6.i686.rpmf5f447ad0cd1649a500bb3f2e446bc807ad0d9265f24410cfd0e25c735897231kernel-firmware-2.6.32-358.el6.noarch.rpm58c2e4c5ec9564b6cd99cd8836ed9ac55cc7c6cc7bd1be74575bd1937bbf0a50perf-2.6.32-358.el6.i686.rpm20cbf4b7244b3aec32364c3ad88c10f93fbb300c756e6df625a20d8a35170e82SLSA-2013:0499-2When xinetd services are configured with the "TCPMUX" or "TCPMUXPLUS" type, and the tcpmux-server service is enabled, those services are accessible via port 1. It was found that enabling the tcpmux-server service (it is disabled by default) allowed every xinetd service, including those that are not configured with the "TCPMUX" or "TCPMUXPLUS" type, to be accessible via port 1. This could allow a remote attacker to bypass intended firewall restrictions. (CVE-2012-0862) This update also fixes the following bugs: * Prior to this update, a file descriptor array in the service.c source file was not handled as expected. As a consequence, some of the descriptors remained open when xinetd was under heavy load. Additionally, the system log was filled with a large number of messages that took up a lot of disk space over time. This update modifies the xinetd code to handle the file descriptors correctly and messages no longer fill the system log. * Prior to this update, services were disabled permanently when their CPS limit was reached. As a consequence, a failed bind operation could occur when xinetd attempted to restart the service. This update adds additional logic that attempts to restart the service. Now, the service is only disabled if xinetd cannot restart the service after 30 attempts.lowScientific Linux FermiScientific Linux Fermi 6xinetd-2.3.14-38.el6.i686.rpmc5eb66f48e2fe4ad84823d8e976724d67604bdb943cf799f46c1695a43382639SLSA-2013:0500-2Several temporary file handling flaws were found in HPLIP. A local attacker could use these flaws to perform a symbolic link attack, overwriting arbitrary files accessible to a process using HPLIP. (CVE-2013-0200, CVE-2011-2722) The hplip packages have been upgraded to upstream version 3.12.4, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * Previously, the hpijs package required the obsolete cupsddk-drivers package, which was provided by the cups package. Under certain circumstances, this dependency caused hpijs installation to fail. This bug has been fixed and hpijs no longer requires cupsddk-drivers. * The configuration of the Scanner Access Now Easy (SANE) back end is located in the /etc/sane.d/dll.d/ directory, however, the hp-check utility checked only the /etc/sane.d/dll.conf file. Consequently, hp-check checked for correct installation, but incorrectly reported a problem with the way the SANE back end was installed. With this update, hp-check properly checks for installation problems in both locations as expected.lowScientific Linux FermiScientific Linux Fermi 6hplip-common-3.12.4-4.el6.i686.rpmadf76396de48573b0eefd9f1e525040a2a689c149ab57cedad90c49f14e04137hplip-libs-3.12.4-4.el6.i686.rpme968db58caec000dd087b50ed1de030ed8945fddf44ad8e33a90865308d9afc5libsane-hpaio-3.12.4-4.el6.i686.rpm2c35f8e76e912882ff533d6239e73127693b707b9b27d41391d18c435aa9ab7ehplip-gui-3.12.4-4.el6.i686.rpmc1a5149bdd2450b7544be26f1100c269beb80bbeaae1c130ebb282253f219043hplip-3.12.4-4.el6.i686.rpmfc8b07dade30f848635d5379c1381987df4a352b53bcde5fc15b1f34842cfbdahpijs-3.12.4-4.el6.i686.rpmc399cf928a5c36d5e954775a9d655ed0d65819a61474674038abdf008f141a00SLSA-2013:0502-2The Core X11 clients packages provide the xorg-x11-utils, xorg-x11-server- utils, and xorg-x11-apps clients that ship with the X Window System. It was found that the x11perfcomp utility included the current working directory in its PATH environment variable. Running x11perfcomp in an attacker- controlled directory would cause arbitrary code execution with the privileges of the user running x11perfcomp. (CVE-2011-2504) Also with this update, the xorg-x11-utils and xorg-x11-server-utils packages have been upgraded to upstream version 7.5, and the xorg-x11-apps package to upstream version 7.6, which provides a number of bug fixes and enhancements over the previous versions.lowScientific Linux FermiScientific Linux Fermi 6xorg-x11-server-utils-7.5-13.el6.i686.rpm66be10f3e68735c769bd4221aca8a4ef7ac529770a05513858b68107ecfaeb61xorg-x11-apps-7.6-6.el6.i686.rpmbe61c0af16bc588a2bd8b7c46f79b93d5867ba2813117eae0c4c19c8afa10c5exorg-x11-utils-7.5-6.el6.i686.rpm773dcee7f838d55474c61cd2d2530ad91bc13cdaec075bca4065c5b5424a9519SLSA-2013:0503-3A flaw was found in the way 389 Directory Server enforced ACLs after performing an LDAP modify relative distinguished name (modrdn) operation. After modrdn was used to move part of a tree, the ACLs defined on the moved (Distinguished Name) were not properly enforced until the server was restarted. This could allow LDAP users to access information that should be restricted by the defined ACLs. (CVE-2012-4450) After installing this update, the 389 server service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6389-ds-base-devel-1.2.11.15-11.el6.i686.rpm574a94a338b1e4db1d42006dee2c63773f62e1382636df054c0a2b0ee9a03a31389-ds-base-libs-1.2.11.15-11.el6.i686.rpm1f987788d78be908b71cdc35d3c58afa140441146f44ef002d8a35ff8d1cae72389-ds-base-1.2.11.15-11.el6.i686.rpmb54b340b901954c544e945163c56bbd307c4a7796ef0cfeb7502321a38af8eabSLSA-2013:0504-2A flaw was found in the way the dhcpd daemon handled the expiration time of IPv6 leases. If dhcpd's configuration was changed to reduce the default IPv6 lease time, lease renewal requests for previously assigned leases could cause dhcpd to crash. (CVE-2012-3955) This update also fixes the following bugs: * Prior to this update, the DHCP server discovered only the first IP address of a network interface if the network interface had more than one configured IP address. As a consequence, the DHCP server failed to restart if the server was configured to serve only a subnet of the following IP addresses. This update modifies network interface addresses discovery code to find all addresses of a network interface. The DHCP server can also serve subnets of other addresses. * Prior to this update, the dhclient rewrote the /etc/resolv.conf file with backup data after it was stopped even when the PEERDNS flag was set to "no" before shut down if the configuration file was changed while the dhclient ran with PEERDNS=yes. This update removes the backing up and restoring functions for this configuration file from the dhclient-script. Now, the dhclient no longer rewrites the /etc/resolv.conf file when stopped. After installing this update, all DHCP servers will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6dhcp-common-4.1.1-34.P1.el6.i686.rpm1eb24dc995a94961664291704022b55d1abd46ea85005f4b902943fd6d4f2970dhclient-4.1.1-34.P1.el6.i686.rpmaca1b5b5845bd5c29403d467623032bb1aa6ee95da2d7de55c597578883a1eb8dhcp-devel-4.1.1-34.P1.el6.i686.rpm346525d1c44691a6e38037e663d22458291526cc96f6e8e4553821aae4a37742dhcp-4.1.1-34.P1.el6.i686.rpm12b6dfe838acefde71743e7fdca1828813acb9b8d9799a349b4f16b8bec76ca1SLSA-2013:0505-2A denial of service flaw was found in the way the Squid Cache Manager processed certain requests. A remote attacker who is able to access the Cache Manager CGI could use this flaw to cause Squid to consume an excessive amount of memory. (CVE-2012-5643) This update also fixes the following bugs: * Due to a bug in the ConnStateData::noteMoreBodySpaceAvailable() function, child processes of Squid terminated upon encountering a failed assertion. An upstream patch has been provided and Squid child processes no longer terminate. * Due to an upstream patch, which renamed the HTTP header controlling persistent connections from "Proxy-Connection" to "Connection", the NTLM pass- through authentication does not work, thus preventing login. This update adds the new "http10" option to the squid.conf file, which can be used to enable the change in the patch. This option is set to "off" by default. When set to "on", the NTLM pass-through authentication works properly, thus allowing login attempts to succeed. * When the IPv6 protocol was disabled and Squid tried to handle an HTTP GET request containing an IPv6 address, the Squid child process terminated due to signal 6. This bug has been fixed and such requests are now handled as expected. * The old "stale if hit" logic did not account for cases where the stored stale response became fresh due to a successful re-validation with the origin server. Consequently, incorrect warning messages were returned. Now, Squid no longer marks elements as stale in the described scenario. * When squid packages were installed before samba-winbind, the wbpriv group did not include Squid. Consequently, NTLM authentication calls failed. Now, Squid correctly adds itself into the wbpriv group if samba-winbind is installed before Squid, thus fixing this bug. * In FIPS mode, Squid was using private MD5 hash functions for user authentication and network access. As MD5 is incompatible with FIPS mode, Squid could fail to start. This update limits the use of the private MD5 functions to local disk file hash identifiers, thus allowing Squid to work in FIPS mode. * Under high system load, the squid process could terminate unexpectedly with a segmentation fault during reboot. This update provides better memory handling during reboot, thus fixing this bug. * Squid incorrectly set the timeout limit for client HTTP connections with the value for server-side connections, which is much higher, thus creating unnecessary delays. With this update, Squid uses a proper value for the client timeout limit. * Squid did not properly release allocated memory when generating error page contents, which caused memory leaks. Consequently, the Squid proxy server consumed a lot of memory within a short time period. This update fixes this memory leak. * Squid did not pass the ident value to a URL rewriter that was configured using the "url_rewrite_program" directive. Consequently, the URL rewriter received the dash character ("?") as the user value instead of the correct user name. Now, the URL rewriter receives the correct user name in the described scenario. * Squid, used as a transparent proxy, can only handle the HTTP protocol. Previously, it was possible to define a URL in which the access protocol contained the asterisk character (*) or an unknown protocol namespace URI. Consequently, an "Invalid URL" error message was logged to access.log during reload. This update ensures that "http://" is always used in transparent proxy URLs, and the error message is no longer logged in this scenario. After installing this update, the squid service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6squid-3.1.10-16.el6.i686.rpm871240f3197b9fe0ae3bf20de3f95a8280ea07015e5df409bebcd8199b703bc7SLSA-2013:0506-2A flaw was found in the Samba suite's Perl-based DCE/RPC IDL (PIDL) compiler, used to generate code to handle RPC calls. This could result in code generated by the PIDL compiler to not sufficiently protect against buffer overflows. (CVE-2012-1182) The samba4 packages have been upgraded to upstream version 4.0.0, which provides a number of bug fixes and enhancements over the previous version. In particular, improved interoperability with Active Directory (AD) domains. SSSD now uses the libndr-krb5pac library to parse the Privilege Attribute Certificate (PAC) issued by an AD Key Distribution Center (KDC). The Cross Realm Kerberos Trust functionality provided by Identity Management, which relies on the capabilities of the samba4 client library, is included as a Technology Preview. This functionality and server libraries, is included as a Technology Preview. This functionality uses the libndr-nbt library to prepare Connection-less Lightweight Directory Access Protocol (CLDAP) messages. Additionally, various improvements have been made to the Local Security Authority (LSA) and Net Logon services to allow verification of trust from a Windows system. Because the Cross Realm Kerberos Trust functionality is considered a Technology Preview, selected samba4 components are considered to be a Technology Preview. This update also fixes the following bug: * Prior to this update, if the Active Directory (AD) server was rebooted, Winbind sometimes failed to reconnect when requested by "wbinfo -n" or "wbinfo -s" commands. Consequently, looking up users using the wbinfo tool failed. This update applies upstream patches to fix this problem and now looking up a Security Identifier (SID) for a username, or a username for a given SID, works as expected after a domain controller is rebooted. Warning: If you upgrade from Scientific Linux 6.3 to Scientific Linux 6.4 and you have Samba in use, you should make sure that you uninstall the package named "samba4" to avoid conflicts during the upgrade.moderateScientific Linux FermiScientific Linux Fermi 6samba4-test-4.0.0-55.el6.rc4.i686.rpm695aa9350665b9a20b7d35b4c27d1b4c1cc836ff586385ef361e2874868a4bd2samba4-winbind-krb5-locator-4.0.0-55.el6.rc4.i686.rpm870a2727bc78a0ee9d65802deb1a1fe246a2c7bd9e0f9c8c69cb9a97a1490b79samba4-libs-4.0.0-55.el6.rc4.i686.rpmf32b513d20578b9c3ccc23a99287b727d46678608605ebec5cd0a0f81efa541asamba4-python-4.0.0-55.el6.rc4.i686.rpmfc96cd336fc8393b5e9ba2b9633dc3aa7e119362fec984d4ff59d15d30f56b47samba4-winbind-4.0.0-55.el6.rc4.i686.rpm97d0f065c9ee8098208422de8705eeb6da818d87419a943a4a1b87484a71cc1esamba4-common-4.0.0-55.el6.rc4.i686.rpm3a8a33c89342552551f26ee3b80e9503fd27f6966ac135d192bf2853db2b460fsamba4-client-4.0.0-55.el6.rc4.i686.rpm71a0bc605606de25edc4c17824b2bf8c109fd70c242e69b09d89bd5a71970e65samba4-winbind-clients-4.0.0-55.el6.rc4.i686.rpm69e81bdb232cad1d8ffc93bffb50bb10db6f183df4ceebf173459f0232891860samba4-dc-libs-4.0.0-55.el6.rc4.i686.rpm89f431e0685a463580867b017d65d7d7644eff1c8346dae9a73d457157023f21samba4-devel-4.0.0-55.el6.rc4.i686.rpm43e0b3530bf4f4e748189e5807baa2e3f7fd1d4383812a256ce8565ace8efb2bsamba4-swat-4.0.0-55.el6.rc4.i686.rpmd6b0d68477dec1679fdaf71b7e97522d1a370752096726abd0721ad4a1db3097samba4-pidl-4.0.0-55.el6.rc4.i686.rpmc2b1a705179535a240ce3f597d60a7c02a3b8de5675741f7a2b0a156362a0bd6samba4-4.0.0-55.el6.rc4.i686.rpmcc6c07894799e0f0aa02f77bd0d223cf4b3e5aef152dcd9db8dfd81bd07ef81csamba4-dc-4.0.0-55.el6.rc4.i686.rpmfd855f1b2457180ef4a2e41a244e8b017f7b6f1939857142cdc32fe014781411SLSA-2013:0508-2A race condition was found in the way SSSD copied and removed user home directories. A local attacker who is able to write into the home directory of a different user who is being removed could use this flaw to perform symbolic link attacks, possibly allowing them to modify and delete arbitrary files with the privileges of the root user. (CVE-2013-0219) Multiple out-of-bounds memory read flaws were found in the way the autofs and SSH service responders parsed certain SSSD packets. An attacker could spend a specially-crafted packet that, when processed by the autofs or SSH service responders, would cause SSSD to crash. This issue only caused a temporary denial of service, as SSSD was automatically restarted by the monitor process after the crash. (CVE-2013-0220)lowScientific Linux FermiScientific Linux Fermi 6libsss_sudo-1.9.2-82.el6.i686.rpmd3cce1aa8c3e6241908530b77e33246be10ed3b89ccea25e758c56d5bf386860libsss_idmap-1.9.2-82.el6.i686.rpmb8b58cbf9f5e87ef42613f01e3304f00fe831089709a7ced7e08c6aa61041e4clibsss_idmap-devel-1.9.2-82.el6.i686.rpm35ce40b8f001265eed247d4dbb3cfe332c8bc6fe091ced7884a29d2191950e01libipa_hbac-python-1.9.2-82.el6.i686.rpm0b9cb15dbeba5dc618f79bb9e999d0bcc7184af4b2354981744a694700f3f628libipa_hbac-1.9.2-82.el6.i686.rpm962f6d69f1b6178bbdec6d7f03cbf672501f053e33ccc08860d7b1c46f24e93clibipa_hbac-devel-1.9.2-82.el6.i686.rpm00a44f9fbe35dc58d9b0f8cf812e117d466cb00ccd1f2c7451c321f2a199896bsssd-1.9.2-82.el6.i686.rpmfa7ea3ec558aafb9ef57a82bcdb2738a6a29f069cff8c69f8fd9e4162df324c8sssd-client-1.9.2-82.el6.i686.rpm5129762a117417f120d04d86779210a463f9769fc8bf72dbfb6c21a43ca33b83libsss_autofs-1.9.2-82.el6.i686.rpm727530e38b001fb39b5dc224b8e6f47798cc2e0c59ecec96f4a38db447d621b9sssd-tools-1.9.2-82.el6.i686.rpm07dfdd8199a7edb9e3c7669cf8819f336aa321ecd20b5954366ee94b79fd1ff6libsss_sudo-devel-1.9.2-82.el6.i686.rpme5f44f3467a43209b6a9981645487149bb10f495054eeea460090d0f66915f8fSLSA-2013:0509-2A denial of service flaw was found in the way ibacm managed reference counts for multicast connections. An attacker could send specially-crafted multicast packets that would cause the ibacm daemon to crash. (CVE-2012-4517) It was found that the ibacm daemon created some files with world-writable permissions. A local attacker could use this flaw to overwrite the contents of the ibacm.log or ibacm.port file, allowing them to mask certain actions from the log or cause ibacm to run on a non-default port. (CVE-2012-4518) The InfiniBand/iWARP/RDMA stack components have been upgraded to more recent upstream versions. This update also fixes the following bugs: * Previously, the "ibnodes -h" command did not show a proper usage message. With this update the problem is fixed and "ibnodes -h" now shows the correct usage message. * Previously, the ibv_devinfo utility erroneously showed iWARP cxgb3 hardware's physical state as invalid even when the device was working. For iWARP hardware, the phys_state field has no meaning. This update patches the utility to not print out anything for this field when the hardware is iWARP hardware. * Prior to the release of Scientific Linux 6.3, the kernel created the InfiniBand device files in the wrong place and a udev rules file was used to force the devices to be created in the proper place. With the update to 6.3, the kernel was fixed to create the InfiniBand device files in the proper place, and so the udev rules file was removed as no longer being necessary. However, a bug in the kernel device creation meant that, although the devices were now being created in the right place, they had incorrect permissions. Consequently, when users attempted to run an RDMA application as a non-root user, the application failed to get the necessary permissions to use the RDMA device and the application terminated. This update puts a new udev rules file in place. It no longer attempts to create the InfiniBand devices since they already exist, but it does correct the device permissions on the files. * Previously, using the "perfquery -C" command with a host name caused the perfquery utility to become unresponsive. The list of controllers to process was never cleared and the process looped infinitely on a single controller. A patch has been applied to make sure that in the case where the user passes in the -C option, the controller list is cleared out once that controller has been processed. As a result, perfquery now works as expected in the scenario described. * The OpenSM init script did not handle the case where there were no configuration files under "/etc/rdma/opensm.conf.*". With this update, the script as been patched and the InfiniBand Subnet Manager, OpenSM, now starts as expected in the scenario described. This update also adds the following enhancement: * This update provides an updated mlx4_ib Mellanox driver which includes Single Root I/O Virtualization (SR-IOV) support.lowScientific Linux FermiScientific Linux Fermi 6libibverbs-devel-static-1.1.6-5.el6.i686.rpm439ed80f35a059a01a576240b04bafb751fad89a9f73263333767c3307473a42libibverbs-1.1.6-5.el6.i686.rpm59c87fd51c0448b533f7845fe89a2ed53d3a73722acf3c6e7f9b2c73d7073112libmlx4-1.0.4-1.el6.i686.rpm7d7043d390ed4c0770bc60b9e3cb4bf7c02449656f210fd49c147d31c61f7855opensm-libs-3.3.15-1.el6.i686.rpm34cf288d717cf80bc1e1b50b5d1145d18c0f30b3d37de7fdac12d7570942c83eibutils-libs-1.5.7-7.el6.i686.rpmbd436cda2b5250f07cbf09888d79a17120da6e2268c0ece50fd80d5de71f6b52libmlx4-static-1.0.4-1.el6.i686.rpm51ac1007f15fa226c88000066ee20dec77551a27e2e035f2aec030eb4986d747opensm-3.3.15-1.el6.i686.rpma6e4d7d1e8b544bf9c51e94499b307e1ccbb6bde8fb355668e313d38652480f5librdmacm-1.0.17-0.git4b5c1aa.el6.i686.rpmd743826b3b7d50236c382fb8d2d52710019149d8a52564bdc4a0815b8a42765flibrdmacm-utils-1.0.17-0.git4b5c1aa.el6.i686.rpm2d624f50eaeb5f211d0a3fed0be72b24cec3e6ace3ac5a4cdb74a92f85a74797libibverbs-devel-1.1.6-5.el6.i686.rpm1207454a2ead1fd403936464681babad0d15f54316a7056decd7aefb2fc21eb1librdmacm-static-1.0.17-0.git4b5c1aa.el6.i686.rpmebe6db4efecd4a5d2a68069ee759d6d22b6067462a54c9a37327fc5826a58b19libibumad-static-1.3.8-1.el6.i686.rpm48ba7411179c3eb37f918b339fef706d94f54c4d6d6fca79fdd598491d94cac9libibumad-devel-1.3.8-1.el6.i686.rpma69b07b4d60cd66aaf3b1aa7bc2895eb35db3831ceaba86bf55f2b2939f8c5fbibutils-1.5.7-7.el6.i686.rpm9475c5b6262c04b1cd80162b91b3be7fed15f146e7682388d86cbf19385c0b8dinfiniband-diags-devel-static-1.5.12-5.el6.i686.rpmfbc29a7d84ce5ef246175cbffc2d2a2d320664a7b8d0a1cb016d01d2647366a8ibacm-devel-1.0.8-0.git7a3adb7.el6.i686.rpmf8633f70cf99cbbceae3ac7889d0f6a5a5d81f1f5a8be11d46acb897675af9e1libibmad-static-1.3.9-1.el6.i686.rpmc9a53a3e5d4225554347812d02e87eea1812a626fc4013df7fa7313b71b0d6e1infiniband-diags-1.5.12-5.el6.i686.rpma795e1f3f5892150b3503d2f5b6e5f65893a895f48c06d56e7d9662872c7b55alibibverbs-utils-1.1.6-5.el6.i686.rpm832a8bf2e928be8675f9e581b5007dc4f9481f5f2a05deea38ce43819ed0786cinfiniband-diags-devel-1.5.12-5.el6.i686.rpm9716c0ea96b2f5e65dc6a21cf5ce0f4d8f237ee8dc09e03b2b2740a2623b9673libibumad-1.3.8-1.el6.i686.rpmeda6fd3b2a3ccbcf5294afcba3080b470a337189e2142a8a8f967a34953eb61aibutils-devel-1.5.7-7.el6.i686.rpmd077c41bfd6ec26d2ace83394034c07d522c17ffa0b0755f78b70bc3d6368380opensm-devel-3.3.15-1.el6.i686.rpm574b9d4b96941310fb442d66fe38ca697ff80d84ad47c14c5534aeacae2b9939libibmad-1.3.9-1.el6.i686.rpm5342ed3574e1776bf49f62df4f75da43ea4c7bd0e5a636371326a304560990dalibrdmacm-devel-1.0.17-0.git4b5c1aa.el6.i686.rpmd4873a7db32013e2ce3125c472ff2a66a12ea850964ca77ef41d3061824bf201ibacm-1.0.8-0.git7a3adb7.el6.i686.rpm32130f7789ce84f5f60f3664850627dd27ad0bdc134f30b4d71d7bda7666e58fopensm-static-3.3.15-1.el6.i686.rpmd894c5ac44eb6e36f00a66e39db3802601c6cb9e1e9acbe5d970ead7aa72c6e0libibmad-devel-1.3.9-1.el6.i686.rpmf52bd0d3eb245857ee5e3adbea0d1bed45041ac53750ca4b23f5884e8ec03302ibsim-0.5-7.el6.i686.rpm966708a964559031eccccfb7b80931bd73afa70dc88864f4e2624345ff60b0e2rdma-3.6-1.el6.noarch.rpme7ffffbbcbcdb428de84bd04cd5a6f1031d6c510fb26120f583cc0e6761ef460SLSA-2013:0511-2Note: The Certificate Authority component provided by this advisory cannot be used as a standalone server. It is installed and operates as a part of Identity Management (the IPA component) in Scientific Linux. Multiple cross-site scripting flaws were discovered in Certificate System. An attacker could use these flaws to perform a cross-site scripting (XSS) attack against victims using Certificate System's web interface. (CVE-2012-4543) This update also fixes the following bugs: * Previously, due to incorrect conversion of large integers while generating a new serial number, some of the most significant bits in the serial number were truncated. Consequently, the serial number generated for certificates was sometimes smaller than expected and this incorrect conversion in turn led to a collision if a certificate with the smaller number already existed in the database. This update removes the incorrect integer conversion so that no serial numbers are truncated. As a result, the installation wizard proceeds as expected. * The certificate authority used a different profile for issuing the audit certificate than it used for renewing it. The issuing profile was for two years, and the renewal was for six months. They should both be for two years. This update sets the default and constraint parameters in the caSignedLogCert.cfg audit certificate renewal profile to two years. This update also adds the following enhancements: * IPA (Identity, Policy and Audit) now provides an improved way to determine that PKI is up and ready to service requests. Checking the service status was not sufficient. This update creates a mechanism for clients to determine that the PKI subsystem is up using the getStatus() function to query the cs.startup_state in CS.cfg. * This update increases the default root CA validity period from eight years to twenty years.moderateScientific Linux FermiScientific Linux Fermi 6pki-java-tools-9.0.3-30.el6.noarch.rpm15c4c1aa5fa8c218d037b2093ffd5dfd2cf75f657e8d3683303b05ddc7257a4fpki-selinux-9.0.3-30.el6.noarch.rpmad5f0e602ae631216b3c56513515a6958c858e54c164500cbfddf852c3581f84pki-ca-9.0.3-30.el6.noarch.rpm79d1415a7cc0f2042f97b4f12c4fb4c30b41f9ffeb6d03382f35968faa26f9a9pki-silent-9.0.3-30.el6.noarch.rpmd9efc299cd4b960082db8b7aaaa9cd23926dc44ef51cbb143e2b7184a1ab1989pki-symkey-9.0.3-30.el6.i686.rpm8f98a1d5a32d55a75e6cbc550806f560687765e4886aa59e72bde363e4ad4c9cpki-java-tools-javadoc-9.0.3-30.el6.noarch.rpm5ea6dbfb35a0c891046f2c8a091951311d8604ed06e1851db275d9d5bcb92975pki-util-javadoc-9.0.3-30.el6.noarch.rpmcb8d47a4904910082c1ade512acaee2a9c0cfec8fb1c4fcf2a9ee3254f81c544pki-common-javadoc-9.0.3-30.el6.noarch.rpm94d734a537923fd59e3a3bc44ec776f174ed933cbbbd430a44644c973e7b2238pki-common-9.0.3-30.el6.noarch.rpm1f2e443b6a12a7800a09077e30422aec5745c5f4915750a9f36035433a461d71pki-util-9.0.3-30.el6.noarch.rpm307942ac76573f29170b83ca822c62cf4c789220803a8d90e3fc582bf92514c5pki-native-tools-9.0.3-30.el6.i686.rpmc73160099e36ed87bbe074f2a8f75f3968fd7246678bf5461523410eb2342814pki-setup-9.0.3-30.el6.noarch.rpm9e91d0845c0a60eaeb53d0ed5748a63b766e4d4262deebbb46a2158dc7a4353eSLSA-2013:0512-2An input sanitization flaw was found in the mod_negotiation Apache HTTP Server module. A remote attacker able to upload or create files with arbitrary names in a directory that has the MultiViews options enabled, could use this flaw to conduct cross-site scripting attacks against users visiting the site. (CVE-2008-0455, CVE-2012-2687) It was discovered that mod_proxy_ajp, when used in configurations with mod_proxy in load balancer mode, would mark a back-end server as failed when request processing timed out, even when a previous AJP (Apache JServ Protocol) CPing request was responded to by the back-end. A remote attacker able to make a back-end use an excessive amount of time to process a request could cause mod_proxy to not send requests to back-end AJP servers for the retry timeout period or until all back-end servers were marked as failed. (CVE-2012-4557) After installing the updated packages, the httpd daemon will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6httpd-devel-2.2.15-26.sl6.i686.rpm8681ac747ad125a005a6efc44c5013cb1d3ad4ba04bee40af5003d821b506ebehttpd-tools-2.2.15-26.sl6.i686.rpm21995459c004ed0a028d7655906e4a86590f93e70b6643d69e83a913fae1413chttpd-manual-2.2.15-26.sl6.noarch.rpm635e12a9c2821f8e9f7b58e1660789cb7f8bdf25df002c9ad13ae63df1fa8efamod_ssl-2.2.15-26.sl6.i686.rpmbb4aef6e78834b1638d82499d3e832751249a222c52c443688fccad9320371d6httpd-2.2.15-26.sl6.i686.rpmaff2734c5cff36c790a453e0f3e72b5d6cfa4c5d69f5557aa2b29b24c07209edSLSA-2013:0514-2It was found that PHP did not check for carriage returns in HTTP headers, allowing intended HTTP response splitting protections to be bypassed. Depending on the web browser the victim is using, a remote attacker could use this flaw to perform HTTP response splitting attacks. (CVE-2011-1398) An integer signedness issue, leading to a heap-based buffer underflow, was found in the PHP scandir() function. If a remote attacker could upload an excessively large number of files to a directory the scandir() function runs on, it could cause the PHP interpreter to crash or, possibly, execute arbitrary code. (CVE-2012-2688) It was found that PHP did not correctly handle the magic_quotes_gpc configuration directive. This could result in magic_quotes_gpc input escaping not being applied in all cases, possibly making it easier for a remote attacker to perform SQL injection attacks. (CVE-2012-0831) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6php-mysql-5.3.3-22.el6.i686.rpm19c5701c849e63635ce4ee3ee12fe3ac5fd46a7e201576a9e3ece969cd4e6782php-dba-5.3.3-22.el6.i686.rpm7485348c42aa616cc0dfd68153393f1b6bad9810fa899ddc18a657830a39f1ddphp-mbstring-5.3.3-22.el6.i686.rpma70d895b006868fa4827c4844325108f28edb2e59bc3632309985ca91baf5366php-xmlrpc-5.3.3-22.el6.i686.rpm900efdff7b0a5c2c6ff3f3856d6dd51737d84e814016b9c5f24a7694a837db80php-ldap-5.3.3-22.el6.i686.rpm6e7dbccc533fccd4e318d5a8eb5074988aa1f3cacac5a8d4872e89ba9ae89c74php-pgsql-5.3.3-22.el6.i686.rpm7924ced92918abde94d88a38c6fa1d37ea5420429819b566b59dc6d74d445256php-recode-5.3.3-22.el6.i686.rpm85ef5d1125df2ccc4e4c5b610b162b385bd0fb60b330eee8620826a3a40d13b2php-intl-5.3.3-22.el6.i686.rpm64459e79b4564b96f3d0c935eb798803c2fa74e22f4dca53d263529f62a927c9php-zts-5.3.3-22.el6.i686.rpm088d4703949be57e7a5f8e788755c0acec248b2030a9badbf601c83404090611php-embedded-5.3.3-22.el6.i686.rpmbea61f973319ae436002c71a589a7fb175b4206008acf0b6b91bc71286e8d4a0php-enchant-5.3.3-22.el6.i686.rpma21d46752737fda27e29bac3f442fdd995ff5121586b8fa50430754fbb60f113php-odbc-5.3.3-22.el6.i686.rpm16c62b6f0119edd982c3a46304cb6cc194ece1696258cd549e69b15cc03738d3php-pdo-5.3.3-22.el6.i686.rpm5e62f08eed91585a0be4368e39392991d091eb2f419d04939847bb156112226bphp-common-5.3.3-22.el6.i686.rpmf464571632ed6222a3767ab9002ec2d0bbb85da37930f8096ecb215b816a5634php-xml-5.3.3-22.el6.i686.rpm02b37c3c4fd5ea6f05a78c0de8be830119c6b271d92eb964eb20630e3c9796baphp-bcmath-5.3.3-22.el6.i686.rpmd4c05803e32ebee23c3420a4ba82548a9c74fced6ec00764b790350043338524php-devel-5.3.3-22.el6.i686.rpmc50c21b533eba4b3a94ab7d5f913df5b4c75b0b899aebd3ea4837e5e0137e0c3php-pspell-5.3.3-22.el6.i686.rpm23e6a56adbd431c9897a31a3ffe809dd357819dd3fd3cd44e062bf127ee7519bphp-imap-5.3.3-22.el6.i686.rpmdb24830f3c99944c37b933022d0b96ad990e8daa778b4bfdf09e9046331095b4php-cli-5.3.3-22.el6.i686.rpmb4b3ee72f1283d1f3c0f64f332e10552d48e78019385b804a04e547830f2947ephp-fpm-5.3.3-22.el6.i686.rpm13b38939f00dde4538aa5e37b9525589ad107bd0bb172ce803350bba35a8c9bdphp-tidy-5.3.3-22.el6.i686.rpm8e42b6dc9c32d8171bb5acd93e266c8078f94703cac8ccdac59c181ca198f29cphp-snmp-5.3.3-22.el6.i686.rpm47a0f3fc832684711dc9895f8437666fff0b63d234ecf16fb942c5e0da87aa32php-gd-5.3.3-22.el6.i686.rpmadf42d8cac42ab0c4c33ff6bfa17ce7ec776b482fc2e489a4b52d9bbcbcd95e9php-5.3.3-22.el6.i686.rpm0646ff2c218da2496af61fc4506cb5e9ed108f3d9ec1dfe328d77c47c54f3bcephp-soap-5.3.3-22.el6.i686.rpm8942b2d5021239d96058db75470a5f213890a9d1e338387b21d5d8d7ffd920e9php-process-5.3.3-22.el6.i686.rpm47889fb279e23a9cd909c1e803a5f168e5694bdfe002b1d213f05742199df8c0SLSA-2013:0515-2A flaw was found in the Samba suite's Perl-based DCE/RPC IDL (PIDL) compiler. As OpenChange uses code generated by PIDL, this could have resulted in buffer overflows in the way OpenChange handles RPC calls. With this update, the code has been generated with an updated version of PIDL to correct this issue. (CVE-2012-1182) The openchange packages have been upgraded to upstream version 1.0, which provides a number of bug fixes and enhancements over the previous version, including support for the rebased samba4 packages and several API changes. This update also fixes the following bugs: * When the user tried to modify a meeting with one required attendee and himself as the organizer, a segmentation fault occurred in the memcpy() function. Consequently, the evolution-data-server application terminated unexpectedly with a segmentation fault. This bug has been fixed and evolution- data-server no longer crashes in the described scenario. * Prior to this update, OpenChange 1.0 was unable to send messages with a large message body or with extensive attachment. This was caused by minor issues in OpenChange's exchange.idl definitions. This bug has been fixed and OpenChange now sends extensive messages without complications.moderateScientific Linux FermiScientific Linux Fermi 6openchange-devel-1.0-4.el6.i686.rpm3747ca7c826f40c98e200c59c9a27d268232ab681387e3e2eaa8c8d5a8ef082bopenchange-1.0-4.el6.i686.rpmf52d89c7d16d7b05a93a6f3e90069c9cc5f159e9d7e00f8157ef1552a374efc2evolution-mapi-devel-0.28.3-12.el6.i686.rpmcc064e0e62848834933312900c21d645fb387b1f64ddf35c4e673352e9e090caevolution-mapi-0.28.3-12.el6.i686.rpmaad34b838cc3237654201402b9c74bc267dd07d749fb0d00bd80eb637dcf9235openchange-devel-docs-1.0-4.el6.i686.rpm659bdb17d0b0a7a721fb1700583000b8a42cfef51e2737c1f47109205eba4a0dopenchange-client-1.0-4.el6.i686.rpm4d27891333a15d1735eca1199109138dc60c949eccc1872ffd7af3df57eee6aaSLSA-2013:0516-2The way Evolution handled mailto URLs allowed any file to be attached to the new message. This could lead to information disclosure if the user did not notice the attached file before sending the message. With this update, mailto URLs cannot be used to attach certain files, such as hidden files or files in hidden directories, files in the /etc/ directory, or files specified using a path containing "..". (CVE-2011-3201) This update also fixes the following bugs: * Creating a contact list with contact names encoded in UTF-8 caused these names to be displayed in the contact list editor in the ASCII encoding instead of UTF-8. This bug has been fixed and the contact list editor now displays the names in the correct format. * Due to a bug in the evolution-alarm-notify process, calendar appointment alarms did not appear in some types of calendars. The underlying source code has been modified and calendar notifications work as expected. * An attempt to print a calendar month view as a PDF file caused Evolution to terminate unexpectedly. This update applies a patch to fix this bug and Evolution no longer crashes in this situation. All running instances of Evolution must be restarted for this update to take effect.lowScientific Linux FermitrueScientific Linux Fermi 6evolution-help-2.28.3-30.el6.noarch.rpm808081d5ed46567775bbc1a74a31070ba31adb9e15b46bbfc1ca31edd0f62c1cevolution-conduits-2.28.3-30.el6.i686.rpm91c5bd262127b853bfbbd6f047ef6527697c3191bdabc124f668fd0c684192d1evolution-2.28.3-30.el6.i686.rpma8c6e2d6fbe1cb3476fa3f5ad81e8f9f31c90c3ab7be317f72fdf61da6bbdab9evolution-devel-2.28.3-30.el6.i686.rpm41c69bd92efb82afead9af4886602423daefdd5cc3079e01402e7a68641f8369evolution-pst-2.28.3-30.el6.i686.rpmc9d42d59b4df7d8fbc576628166e3a59b32d12f9d003530f06af8081a0b2fda2evolution-spamassassin-2.28.3-30.el6.i686.rpm2c5c547ce8b44062a94675a90f368ba8f6b020295756423e281fffc3502fe66aevolution-perl-2.28.3-30.el6.i686.rpm203f766068802373be14b7b6cf1bddc24beb1bf736a593e4046bbcac2067a3c9SLSA-2013:0517-2An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to. (CVE-2013-0157)lowScientific Linux FermiScientific Linux Fermi 6libuuid-devel-2.17.2-12.9.el6.i686.rpm05a8e0705ee9edc102d2a09934961db5551b4bd7de797118e266a798fe5b193blibuuid-2.17.2-12.9.el6.i686.rpm4d7e6677d16657b56a42d32feb534d2aef249f6daf1e2761175778600b400386uuidd-2.17.2-12.9.el6.i686.rpm7347a2880be5f1f85b65d9e03afe7c53b739ef466b633e84c391e926757e4f9alibblkid-devel-2.17.2-12.9.el6.i686.rpm47aed47dde0ea58f6534d5b0e45033b6addd72c5259b235ac9a52376e48a143blibblkid-2.17.2-12.9.el6.i686.rpm5446e48821d935b78d893b7d5322639e2863c64b041778745ce3522734ad5e02util-linux-ng-2.17.2-12.9.el6.i686.rpm3f80e57f731459bb03ca65e3e07c7d2914ac415f7d937d853106a72ecbb8ca2aSLSA-2013:0519-2Due to the way the pam_ssh_agent_auth PAM module was built in Scientific Linux 6, the glibc's error() function was called rather than the intended error() function in pam_ssh_agent_auth to report errors. As these two functions expect different arguments, it was possible for an attacker to cause an application using pam_ssh_agent_auth to crash, disclose portions of its memory or, potentially, execute arbitrary code. (CVE-2012-5536) Note that the pam_ssh_agent_auth module is not used in Scientific Linux 6 by default. This update also fixes the following bugs: * All possible options for the new RequiredAuthentications directive were not documented in the sshd_config man page. This update improves the man page to document all the possible options. * When stopping one instance of the SSH daemon (sshd), the sshd init script (/etc/rc.d/init.d/sshd) stopped all sshd processes regardless of the PID of the processes. This update improves the init script so that it only kills processes with the relevant PID. As a result, the init script now works more reliably in a multi-instance environment. * Due to a regression, the ssh-copy-id command returned an exit status code of zero even if there was an error in copying the key to a remote host. With this update, a patch has been applied and ssh-copy-id now returns a non-zero exit code if there is an error in copying the SSH certificate to a remote host. * When SELinux was disabled on the system, no on-disk policy was installed, a user account was used for a connection, and no "~/.ssh" configuration was present in that user's home directory, the SSH client terminated unexpectedly with a segmentation fault when attempting to connect to another system. A patch has been provided to address this issue and the crashes no longer occur in the described scenario. * The "HOWTO" document /usr/share/doc/openssh-ldap-5.3p1/HOWTO.ldap-keys incorrectly documented the use of the AuthorizedKeysCommand directive. This update corrects the document. This update also adds the following enhancements: * When attempting to enable SSH for use with a Common Access Card (CAC), the ssh-agent utility read all the certificates in the card even though only the ID certificate was needed. Consequently, if a user entered their PIN incorrectly, then the CAC was locked, as a match for the PIN was attempted against all three certificates. With this update, ssh-add does not try the same PIN for every certificate if the PIN fails for the first one. As a result, the CAC will not be disabled if a user enters their PIN incorrectly. * This update adds a "netcat mode" to SSH. The "ssh -W host:port ..." command connects standard input and output (stdio) on a client to a single port on a server. As a result, SSH can be used to route connections via intermediate servers. * Due to a bug, arguments for the RequiredAuthentications2 directive were not stored in a Match block. Consequently, parsing of the config file was not in accordance with the man sshd_config documentation. This update fixes the bug and users can now use the required authentication feature to specify a list of authentication methods as expected according to the man page. After installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6pam_ssh_agent_auth-0.9.3-84.1.el6.i686.rpm89e2e5aa52ac8f2411e27a0ddf2f4146484474a791cd5727469bbc2c706dd3e2openssh-ldap-5.3p1-84.1.el6.i686.rpm51dc338bd7bab124d2a793ae7a7bcaac47930ff689c6e8a127db0e86054f62ddopenssh-clients-5.3p1-84.1.el6.i686.rpmad0013a54b790fe68d747e91a2fdae071f07f0d7d3aaa0a2262383aff29b5332openssh-askpass-5.3p1-84.1.el6.i686.rpm979bac7d5627bdcb3bc8ac7455140eef4c44bfda823b49daf3a6c3ba793ff542openssh-5.3p1-84.1.el6.i686.rpmeb90dd1f924ed63489e1c47e16e5b7c2f8e8089914aec1dd2515846815c38350openssh-server-5.3p1-84.1.el6.i686.rpm8ad1363114dac3723aa8bf0f0f2a6fe1b6d9d44e885e1e3a370b91b00dfb5c24SLSA-2013:0520-2Two flaws were found in the way some settings were enforced by the script-login functionality of Dovecot. A remote, authenticated user could use these flaws to bypass intended access restrictions or conduct a directory traversal attack by leveraging login scripts. (CVE-2011-2166, CVE-2011-2167) A flaw was found in the way Dovecot performed remote server identity verification, when it was configured to proxy IMAP and POP3 connections to remote hosts using TLS/SSL protocols. A remote attacker could use this flaw to conduct man-in-the-middle attacks using an X.509 certificate issued by a trusted Certificate Authority (for a different name). (CVE-2011-4318) This update also fixes the following bug: * When a new user first accessed their IMAP inbox, Dovecot was, under some circumstances, unable to change the group ownership of the inbox directory in the user's Maildir location to match that of the user's mail spool (/var/mail/$USER). This correctly generated an "Internal error occurred" message. However, with a subsequent attempt to access the inbox, Dovecot saw that the directory already existed and proceeded with its operation, leaving the directory with incorrectly set permissions. This update corrects the underlying permissions setting error. When a new user now accesses their inbox for the first time, and it is not possible to set group ownership, Dovecot removes the created directory and generates an error message instead of keeping the directory with incorrect group ownership. After installing the updated packages, the dovecot service will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6dovecot-pgsql-2.0.9-5.el6.i686.rpmb2ab945e74664f32d761b8c8ec37149561ec3bcefc878979d1c1b51403f3e020dovecot-devel-2.0.9-5.el6.i686.rpm1eaaf3740902370f0f551eb965251fe06cdc238d57a7fe029ba52ae62d3b8a84dovecot-pigeonhole-2.0.9-5.el6.i686.rpm0ce8aa6de6ecf3d0e37cf74cab6aeb1dcc23250d83f5261754ca8cc2dab0c4dcdovecot-mysql-2.0.9-5.el6.i686.rpm604b9327bb19dcf6c06cc405c354861a725ce541b2c971596148c9b0ba1e6ff2dovecot-2.0.9-5.el6.i686.rpmdb2413a1109c13189d14233986636b465017f65770094f1d3ff51974f1d63669SLSA-2013:0521-2A stack-based buffer overflow flaw was found in the way the pam_env module parsed users' "~/.pam_environment" files. If an application's PAM configuration contained "user_readenv=1" (this is not the default), a local attacker could use this flaw to crash the application or, possibly, escalate their privileges. (CVE-2011-3148) A denial of service flaw was found in the way the pam_env module expanded certain environment variables. If an application's PAM configuration contained "user_readenv=1" (this is not the default), a local attacker could use this flaw to cause the application to enter an infinite loop. (CVE-2011-3149)moderateScientific Linux FermiScientific Linux Fermi 6pam-1.1.1-13.el6.i686.rpmeefb5c05f2b49506d351584ab38dade3bf9c8e7354b23de8e987334633c76f30pam-devel-1.1.1-13.el6.i686.rpmd2783f7f32b845533abefa29e71091f365d857263b6a1c08e81b5f37c6f5ff47SLSA-2013:0522-2GDB tried to auto-load certain files (such as GDB scripts, Python scripts, and a thread debugging library) from the current working directory when debugging programs. This could result in the execution of arbitrary code with the user's privileges when GDB was run in a directory that has untrusted content. (CVE-2011-4355) With this update, GDB no longer auto-loads files from the current directory and only trusts certain system directories by default. The list of trusted directories can be viewed and modified using the "show auto-load safe-path" and "set auto-load safe-path" GDB commands. Refer to the GDB manual for further information. This update also fixes the following bugs: * When a struct member was at an offset greater than 256 MB, the resulting bit position within the struct overflowed and caused an invalid memory access by GDB. With this update, the code has been modified to ensure that GDB can access such positions. * When a thread list of the core file became corrupted, GDB did not print this list but displayed the "Cannot find new threads: generic error" error message instead. With this update, GDB has been modified and it now prints the thread list of the core file as expected. * GDB did not properly handle debugging of multiple binaries with the same build ID. This update modifies GDB to use symbolic links created for particular binaries so that debugging of binaries that share a build ID now proceeds as expected. Debugging of live programs and core files is now more user-friendly.moderateScientific Linux FermiScientific Linux Fermi 6gdb-7.2-60.el6.i686.rpm7e0d8916c3d6fcfeb0e1b9eb8b5cbd7e59ea9b971271a10459847256f23fd144gdb-gdbserver-7.2-60.el6.i686.rpm7cc68973993749a0fd9f2bd567ad0c5b7c43c313d6590fd5de923da66fb904e2SLSA-2013:0523-2An integer overflow, leading to an array index error, was found in the way the CCID driver processed a smart card's serial number. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the PC/SC Lite pcscd daemon (root, by default), by inserting a specially-crafted smart card. (CVE-2010-4530) This update also fixes the following bug: * Previously, CCID only recognized smart cards with 5V power supply. With this update, CCID also supports smart cards with different power supply.lowScientific Linux FermiScientific Linux Fermi 6ccid-1.3.9-6.el6.i686.rpm25e353260cab7e69a5f968dda82b3867da648f30ad90946e543b46a5610720b1SLSA-2013:0525-2A stack-based buffer overflow flaw was found in the way pcsc-lite decoded certain attribute values of Answer-to-Reset (ATR) messages. A local attacker could use this flaw to execute arbitrary code with the privileges of the user running the pcscd daemon (root, by default), by inserting a specially-crafted smart card. (CVE-2010-4531) This update also fixes the following bugs: * Due to an error in the init script, the chkconfig utility did not automatically place the pcscd init script after the start of the HAL daemon. Consequently, the pcscd service did not start automatically at boot time. With this update, the pcscd init script has been changed to explicitly start only after HAL is up, thus fixing this bug. * Because the chkconfig settings and the startup files in the /etc/rc.d/ directory were not changed during the update described in the SLBA-2012:0990 advisory, the user had to update the chkconfig settings manually to fix the problem. Now, the chkconfig settings and the startup files in the /etc/rc.d/ directory are automatically updated as expected. * Previously, the SCardGetAttrib() function did not work properly and always returned the "SCARD_E_INSUFFICIENT_BUFFER" error regardless of the actual buffer size. This update applies a patch to fix this bug and the SCardGetAttrib() function now works as expected. After installing this update, the pcscd daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6pcsc-lite-1.5.2-11.el6.i686.rpm5e31f9565de7c539024b61ea367298e49a0a9712f0e9393cdb4d527be8f53d91pcsc-lite-doc-1.5.2-11.el6.i686.rpm313edec65bc11074732d065f7e72889ada8c4538bfb2c7907dad91feb9784a08pcsc-lite-libs-1.5.2-11.el6.i686.rpmb62cef23d467dacaaebb48b3c08e30663bdf5d6fd57c122132997160a2c022c3pcsc-lite-devel-1.5.2-11.el6.i686.rpm24766bc003a20b91b9a562522dbe65588f8d179bbf787a1ed0bb38d8317b101fSLSA-2013:0526-2It was found that the distcheck rule in Automake-generated Makefiles made a directory world-writable when preparing source archives. If a malicious, local user could access this directory, they could execute arbitrary code with the privileges of the user running "make distcheck". (CVE-2012-3386)lowScientific Linux FermiScientific Linux Fermi 6automake-1.11.1-4.el6.noarch.rpm3db332c80a2e701acc6aa93bf39fe7886164237ed701424259eaee77588d83a7SLSA-2013:0528-2It was found that the current default configuration of IPA servers did not publish correct CRLs (Certificate Revocation Lists). The default configuration specifies that every replica is to generate its own CRL; however, this can result in inconsistencies in the CRL contents provided to clients from different Identity Management replicas. More specifically, if a certificate is revoked on one Identity Management replica, it will not show up on another Identity Management replica. (CVE-2012-4546)lowScientific Linux FermiScientific Linux Fermi 6ipa-server-trust-ad-3.0.0-25.el6.i686.rpmd582e8d7afbad887963c5d276356a16516446dbe87de8dbd58bff17041f9e616ipa-admintools-3.0.0-25.el6.i686.rpm636f8a9c280f6939c5b9079ec0485a75393f49faf5c3f58bac2baeff1cdce345ipa-python-3.0.0-25.el6.i686.rpm3ad5c80549ace12d87087f8af55991d2db5f74a170d2faff9e1a71d677664142ipa-server-selinux-3.0.0-25.el6.i686.rpmb168429bda9e6410d7eed09581ae406b14fc7af3c2219e450501ccd85172faf0ipa-client-3.0.0-25.el6.i686.rpm21f515958de89c593e71a6177d1a403080a1103d8dd804c422cf799d0f86f001ipa-server-3.0.0-25.el6.i686.rpm151842fd729924a62483bca33498a8a5b1f7ba2e0fd9fd083e143a9a4625e9c4SLSA-2013:0550-1A flaw was found in the DNS64 implementation in BIND when using Response Policy Zones (RPZ). If a remote attacker sent a specially-crafted query to a named server that is using RPZ rewrite rules, named could exit unexpectedly with an assertion failure. Note that DNS64 support is not enabled by default. (CVE-2012-5689) This update also adds the following enhancement: * Previously, it was impossible to configure the the maximum number of responses sent per second to one client. This allowed remote attackers to conduct traffic amplification attacks using DNS queries with spoofed source IP addresses. With this update, it is possible to use the new "rate-limit" configuration option in named.conf and configure the maximum number of queries which the server responds to. Refer to the BIND documentation for more details about the "rate-limit" option. After installing the update, the BIND daemon (named) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6bind-9.8.2-0.17.rc1.el6.3.i686.rpm6a387b40a4858f98fc708c0e89c4bece57e229f20cde767fe5cedc3666383916bind-libs-9.8.2-0.17.rc1.el6.3.i686.rpm0b9024a5d1e1c1c6522526621e6a4d0c8b1218c778112fd18b4af510939b223cbind-utils-9.8.2-0.17.rc1.el6.3.i686.rpmd377a87604f7d94bbc1f1e221985c55691753034a2816fd1962ec95eab3df9c1bind-sdb-9.8.2-0.17.rc1.el6.3.i686.rpm796d2cbaa6c4bf90944405b16fe8de9bf77a9a0cda9355c7f7dca2e22292fa70bind-devel-9.8.2-0.17.rc1.el6.3.i686.rpmb715041730d045e344752ec41ae3daa0f8b3167ab2f30a9d227e7c827aab04d9bind-chroot-9.8.2-0.17.rc1.el6.3.i686.rpm7fc7eafa4f2bd44944e1e07faf77ac7ab770628677dbbdefb6b3369fbff5bf04SLSA-2013:0567-1This update fixes the following security issue: * A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-0871, Important) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-headers-2.6.32-358.0.1.el6.i686.rpm1e0046f244de919dca3cc76823ffaa830f62a9251b865539d1ff65db1ded8c2akernel-2.6.32-358.0.1.el6.i686.rpm35366df98077e081eec156133821908341c6fc875af1e2713ce76183fb3ce6a5kernel-debug-devel-2.6.32-358.0.1.el6.i686.rpm3e01f9319731bb9068be78f4abe4e62b819c18231022301591c05685eb9d8310python-perf-2.6.32-358.0.1.el6.i686.rpm6cd5c6bbbaaad8a9d51f1414caa410686a6e3e15cbab5225669dc318371c7ff2kernel-debug-2.6.32-358.0.1.el6.i686.rpm8c3090187d040ac11c45a53b54c160ad7a56b5b9a05fd5555f031945f06eb243kernel-doc-2.6.32-358.0.1.el6.noarch.rpm948bb09d58b5ac6c9bb5786d7c0c401b990f7561cf76dd5a090e9308ed6d8c8dkernel-firmware-2.6.32-358.0.1.el6.noarch.rpme70f52eaad6a4dbbe5c36015431ce1590b1037c39a5ed3d3120eb7e3340d62cckernel-devel-2.6.32-358.0.1.el6.i686.rpm9fc21411826da62321a5bc8dbdea2d26f6aa51fe37ef496bce0ef0a3716c1868perf-2.6.32-358.0.1.el6.i686.rpme5660e66b6d96c18bf9ecb8688cdbfda1a5cc9add82758358426f37e0ba76ddaSLSA-2013:0568-1A flaw was found in the way dbus-glib filtered the message sender (message source subject) when the "NameOwnerChanged" signal was received. This could trick a system service using dbus-glib (such as fprintd) into believing a signal was sent from a privileged process, when it was not. A local attacker could use this flaw to escalate their privileges. (CVE-2013-0292) All running applications linked against dbus-glib, such as fprintd and NetworkManager, must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6dbus-glib-0.86-6.el6_4.i686.rpm67467e945ecef2a9837dc8a6a740d75672d9359f7655cbec82ba780ed4fe533cdbus-glib-devel-0.86-6.el6_4.i686.rpmb0f9acd259548650f8aa2bcc9bcf68f909885bcc3cadc7eecaf4ece200ab3114SLSA-2013:0580-1It was discovered that CUPS administrative users (members of the SystemGroups groups) who are permitted to perform CUPS configuration changes via the CUPS web interface could manipulate the CUPS configuration to gain unintended privileges. Such users could read or write arbitrary files with the privileges of the CUPS daemon, possibly allowing them to run arbitrary code with root privileges. (CVE-2012-5519) After installing this update, the ability to change certain CUPS configuration directives remotely will be disabled by default. The newly introduced ConfigurationChangeRestriction directive can be used to enable the changing of the restricted directives remotely. Refer to Red Hat Bugzilla bug 875898 for more details and the list of restricted directives. After installing this update, the cupsd daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6cups-1.4.2-50.el6_4.4.i686.rpmb271019d771df79492dcf13918e1bf021df811ec35b83e79eb37ccfb83a085a7cups-lpd-1.4.2-50.el6_4.4.i686.rpma764633ae043beb271d7ff2b2be17ed90f59dd8f32bdafd770278c787ac96713cups-php-1.4.2-50.el6_4.4.i686.rpmee50dfd5e5bf6c821cc1699796013a590309d8748e5eae3a6047f3cb2aa291f2cups-devel-1.4.2-50.el6_4.4.i686.rpm3ea19ac9308f30c3d9979725f054b167953d345d0dfac8f485bbe45f7d1a508fcups-libs-1.4.2-50.el6_4.4.i686.rpm54c73788bbb106cc538ea5daed2d4d7c7377fb769ee834bebbaac8566b7570ccSLSA-2013:0581-1A denial of service flaw was found in the way libxml2 performed string substitutions when entity values for entity references replacement was enabled. A remote attacker could provide a specially-crafted XML file that, when processed by an application linked against libxml2, would lead to excessive CPU consumption. (CVE-2013-0338) The desktop must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libxml2-python-2.7.6-12.el6_4.1.i686.rpm83e7492b71d36675a0fb6fbcf159cf25283b138ecb8d77710d3a349d7e2fec92libxml2-devel-2.7.6-12.el6_4.1.i686.rpmf70a23f2df00a383333f6bfc604348410d159153ab01c8290c5a105f2392f4a7libxml2-static-2.7.6-12.el6_4.1.i686.rpm53560a8efe7db41f75392f49f5de4bfd3c67b9f5d00b9bad6137945a291c56bclibxml2-2.7.6-12.el6_4.1.i686.rpm9da347f10f5f7af2e9b3d8d5fd1346f15f26b001d5db13b04b008a14f33fcd21SLSA-2013:0587-1It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-0169) A NULL pointer dereference flaw was found in the OCSP response verification in OpenSSL. A malicious OCSP server could use this flaw to crash applications performing OCSP verification by sending a specially- crafted response. (CVE-2013-0166) It was discovered that the TLS/SSL protocol could leak information about plain text when optional compression was used. An attacker able to control part of the plain text sent over an encrypted TLS/SSL connection could possibly use this flaw to recover other portions of the plain text. (CVE-2012-4929) Note: This update disables zlib compression, which was previously enabled in OpenSSL by default. Applications using OpenSSL now need to explicitly enable zlib compression to use it. It was found that OpenSSL read certain environment variables even when used by a privileged (setuid or setgid) application. A local attacker could use this flaw to escalate their privileges. No application shipped with Scientific Linux 5 and 6 was affected by this problem. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6openssl-perl-1.0.0-27.el6_4.2.i686.rpme492ab32640612f57e60b3fb05521089b065d981110f2d527f258b9f694b6e68openssl-static-1.0.0-27.el6_4.2.i686.rpm6f6b498aa36a9595793b65e4eccae34062a5b2adb179c1f827d368e86cff1084openssl-1.0.0-27.el6_4.2.i686.rpme6fb6fcfecf25309022f6bec86cf7f086020e00209a39bccd8c37d1c3e49c907openssl-devel-1.0.0-27.el6_4.2.i686.rpma358d536c140932c07775da1166975fa6864cf8111ba6a59490baac0410b5353SLSA-2013:0588-1It was discovered that GnuTLS leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle. (CVE-2013-1619) For the update to take effect, all applications linked to the GnuTLS library must be restarted, or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6gnutls-2.8.5-10.el6_4.1.i686.rpm18629428f49a339e82dcd692aede4c89044362df8af231c2b1ef2e2d34c9d3bagnutls-guile-2.8.5-10.el6_4.1.i686.rpm8b1bc460153c54fcb0bc6750484a2fed121c913b70139c23cd6d220135c03faagnutls-utils-2.8.5-10.el6_4.1.i686.rpm2f0425b8dc6ceb7435ee2d28300af3e5dc4fad95581e17b524be765ca2740a7egnutls-devel-2.8.5-10.el6_4.1.i686.rpmdd4ac4ea6026f3a8e689b86845a1cec5d4baa49fd2fa6d58695237e3a95411bbSLSA-2013:0589-1It was discovered that Git's git-imap-send command, a tool to send a collection of patches from standard input (stdin) to an IMAP folder, did not properly perform SSL X.509 v3 certificate validation on the IMAP server's certificate, as it did not ensure that the server's hostname matched the one provided in the CN field of the server's certificate. A rogue server could use this flaw to conduct man-in-the-middle attacks, possibly leading to the disclosure of sensitive information. (CVE-2013-0308)moderateScientific Linux FermiScientific Linux Fermi 6emacs-git-1.7.1-3.el6_4.1.noarch.rpm2e5a1a99b78ae152b12f870e36d44dbdcb74b1e3e519d7f229ba17098e653fcdgitweb-1.7.1-3.el6_4.1.noarch.rpm270531c8f07e324f77f212bde1ce627499d305afb7597b38d62a648083a2a9degit-daemon-1.7.1-3.el6_4.1.i686.rpm137d0dca89e330efa5ba8024e4337f2ddce2f8cfeae0775c4d47a8a28fa2c8a1emacs-git-el-1.7.1-3.el6_4.1.noarch.rpm6e1b86332dbea669ea8d752df5bd110ab49887c1c5f918963373d003334a3277git-svn-1.7.1-3.el6_4.1.noarch.rpm8f51b386c5d7a39e59a3b9081e50bb69729f51eab1fb84123c53f7b35738c5c1git-email-1.7.1-3.el6_4.1.noarch.rpm7a7fb5e27504365ee2d6dc4fc34f41e26d68bb5287f2879e32bf9086ba12c585git-gui-1.7.1-3.el6_4.1.noarch.rpm108c7ef7a53fb136a50ba9e69761759a94df2b56d9673d18b3b365ded715a7b6perl-Git-1.7.1-3.el6_4.1.noarch.rpm4ae9f3189fca80558965daf6d1523fc265c1226798f7490cd2a4970af398b7b7gitk-1.7.1-3.el6_4.1.noarch.rpm8540336ead675098fce326cba9760f21121f0cf15d7f9808bc6f8de3d80781b8git-1.7.1-3.el6_4.1.i686.rpm0d2c480bc26798c842bec6b7f9d92a8ddc0cff518a67c90132652fd13d89a16agit-cvs-1.7.1-3.el6_4.1.noarch.rpmc78ac010bd8f2b2ba5543310eb4fde454d7bd3676480ae1d999f908f1c66b18bgit-all-1.7.1-3.el6_4.1.noarch.rpm67802b95384ca94c18d7125643fc3881de4121c9e53bbdade0cafc927bcb9464SLSA-2013:0590-1An array index error, leading to a stack-based buffer overflow flaw, was found in the way nss-pam-ldapd managed open file descriptors. An attacker able to make a process have a large number of open file descriptors and perform name lookups could use this flaw to cause the process to crash or, potentially, execute arbitrary code with the privileges of the user running the process. (CVE-2013-0288)importantScientific Linux FermiScientific Linux Fermi 6nss-pam-ldapd-0.7.5-18.1.el6_4.i686.rpm38152aae80d0cecbe14bffee82c77090180395ff0b05741a0cc2fe7bd72c878aSLSA-2013:0602-1An integer overflow flaw was found in the way the 2D component handled certain sample model instances. A specially-crafted sample model instance could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with virtual machine privileges. (CVE-2013-0809) It was discovered that the 2D component did not properly reject certain malformed images. Specially-crafted raster parameters could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with virtual machine privileges. (CVE-2013-1493) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea7 2.3.8. Refer to the NEWS file, linked to in the References, for further information. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-src-1.7.0.9-2.3.8.0.el6_4.i686.rpm5db4b634648a81b055677ecfba20474d04f29d67345786469915cd35d59fa089java-1.7.0-openjdk-javadoc-1.7.0.9-2.3.8.0.el6_4.noarch.rpm17bde1d190a3b7204a71bd766d2a4415eeb1893cbbc662388f8533f4ed1cf958java-1.7.0-openjdk-1.7.0.9-2.3.8.0.el6_4.i686.rpme2a210ba7cbd3878602e6293d860ed31bb0a8652ad87532fef3c0c5b8abfe135java-1.7.0-openjdk-devel-1.7.0.9-2.3.8.0.el6_4.i686.rpm488df2a65dbcf8b0eb227ffbef829d762b21103831ea15f42b65c554f6c9e949java-1.7.0-openjdk-demo-1.7.0.9-2.3.8.0.el6_4.i686.rpmc07d39fea492a897a337e5995fb0a726e1e529a224238198b62c770b9f189195SLSA-2013:0605-1An integer overflow flaw was found in the way the 2D component handled certain sample model instances. A specially-crafted sample model instance could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with virtual machine privileges. (CVE-2013-0809) It was discovered that the 2D component did not properly reject certain malformed images. Specially-crafted raster parameters could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with virtual machine privileges. (CVE-2013-1493) Note: If your system has not yet been upgraded to Scientific Linux 6.4 and the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. Thus, this update has been rated as having critical security impact as a one time exception. The icedtea-web package as provided with Scientific Linux 6.4 uses OpenJDK 7 instead. This erratum also upgrades the OpenJDK package to IcedTea6 1.11.9. Refer to the NEWS file, linked to in the References, for further information. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-javadoc-1.6.0.0-1.57.1.11.9.el6_4.i686.rpm868bdec18d2c973d8888b512d386c34e3a488dd2783c86750924f0dba3042eb9java-1.6.0-openjdk-demo-1.6.0.0-1.57.1.11.9.el6_4.i686.rpmd58fbbe06d5b7145ea09d0f6b492629bdc990a794d98296b270bd8b344348ee6java-1.6.0-openjdk-1.6.0.0-1.57.1.11.9.el6_4.i686.rpm0c567b64cfb0526475e2dfbe42cad1ee3516880872f1877310da063278356acajava-1.6.0-openjdk-src-1.6.0.0-1.57.1.11.9.el6_4.i686.rpmc16c0fa8654c982430b5b938dda02dd0a267ae17a928f44e018c02f79337f1acjava-1.6.0-openjdk-devel-1.6.0.0-1.57.1.11.9.el6_4.i686.rpm2036f591572fa71e6e086d30db39ab23287c2c30f140b8cf9b5cff091cd31f45SLSA-2013:0609-1A flaw was found in the way QEMU-KVM emulated the e1000 network interface card when the host was configured to accept jumbo network frames, and a guest using the e1000 emulated driver was not. A remote attacker could use this flaw to crash the guest or, potentially, execute arbitrary code with root privileges in the guest. (CVE-2012-6075) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.355.el6_4.2.i686.rpm0d6589cc86f4ab5bbc8e37713cfcbf9868d564486665fd3fc50dd0b6787aaa99SLSA-2013:0612-1It was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially-crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821) It was found that the SLSA-2011:0910 update did not correctly fix the CVE-2011-1005 issue, a flaw in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2012-4481) The CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.moderateScientific Linux FermiScientific Linux Fermi 6ruby-devel-1.8.7.352-10.el6_4.i686.rpm809a18bbacae289ef0fe15458e7efe8f0f5ab76c92fe2db59da02d029cbd3fa7ruby-irb-1.8.7.352-10.el6_4.i686.rpm209a741ac65e95964f87a7cb1ca039b23491e74ea52a7086259cdd1b3b9a9993ruby-docs-1.8.7.352-10.el6_4.i686.rpmff6d3c07f0d84f82c25b20f2e0b119400edb014c94bc883b6263002268c152c8ruby-ri-1.8.7.352-10.el6_4.i686.rpmbc13e2d936c43196d42d81af1095785c80893397ce7db9eb6cf0912e7f7c5823ruby-libs-1.8.7.352-10.el6_4.i686.rpm99383fd58588bd7b5042517478368edaf425e079b4c20763bbb27fc19410f2f1ruby-rdoc-1.8.7.352-10.el6_4.i686.rpm0034e1e1fd60d1a28bbfe91316b726fe35d679c41fbbe56b3dc3cee55177f456ruby-static-1.8.7.352-10.el6_4.i686.rpm85b68cb1d99b0d7b7abeafc7d2d67f14ec87a303f649af6e1c7786a32037cb76ruby-tcltk-1.8.7.352-10.el6_4.i686.rpm37dde306732b74c59ab9109cc4f996ddbc5ecd19317d9e03380fabfe61c8662bruby-1.8.7.352-10.el6_4.i686.rpm193cc4d6aae9ba93d21440852f6d9db6c6c08147cc85428b01115456c8cf3c70SLSA-2013:0614-1A flaw was found in the way XULRunner handled malformed web content. A web page containing malicious content could cause an application linked against XULRunner (such as Mozilla Firefox) to crash or execute arbitrary code with the privileges of the user running the application. (CVE-2013-0787) After installing the update, applications using XULRunner must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-devel-17.0.3-2.el6_4.i686.rpm8b780782a7813e2a16c32c3594559bf6805de0ccd7781beb218922ecbac3c6d4xulrunner-17.0.3-2.el6_4.i686.rpm4aaa2abbf30cbf86c8cc457341c4a38d4f22ee196ca6c04910af5c07caabfe68SLSA-2013:0623-1It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate() (such as the Single-Sign-On valve), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session. (CVE-2012-3546) A flaw was found in the way Tomcat handled sendfile operations when using the HTTP NIO (Non-Blocking I/O) connector and HTTPS. A remote attacker could use this flaw to cause a denial of service (infinite loop). The HTTP blocking IO (BIO) connector, which is not vulnerable to this issue, is used by default in Scientific Linux 6. (CVE-2012-4534) Multiple weaknesses were found in the Tomcat DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. (CVE-2012-5885, CVE-2012-5886, CVE-2012-5887) Tomcat must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6tomcat6-javadoc-6.0.24-52.el6_4.noarch.rpm33c303bfe16782343dd023dc3c644daee73ec94cc27b6021b91b33d6339a3a48tomcat6-docs-webapp-6.0.24-52.el6_4.noarch.rpmfd400e93e1e9ca0e608b1137bb8dac456596b47b76d710ca0406c4335f680301tomcat6-servlet-2.5-api-6.0.24-52.el6_4.noarch.rpmdf9050b051d5011381de1d432b91269d4bb308b25033c7475edfbb9cda109e68tomcat6-lib-6.0.24-52.el6_4.noarch.rpm6944d0c5e72c9d2b5ea499d05e3a76018d9ad038ca3aff5cd15f0c3e273fac5atomcat6-webapps-6.0.24-52.el6_4.noarch.rpm29f849e34b7b978fd6366eb56dd94791a27b2dd3e6d0da99b0e3db669f0f63c6tomcat6-el-2.1-api-6.0.24-52.el6_4.noarch.rpmf8515f67675ed392d24a7f131ab2da74ab5f827fc9c7139b24be5508df6942d4tomcat6-admin-webapps-6.0.24-52.el6_4.noarch.rpmbd306ef91587fc0756f8f1b178903d8cf437b4c37fbd54e28ee6d7e2098bf76etomcat6-jsp-2.1-api-6.0.24-52.el6_4.noarch.rpme57dfec16009dac9ea42e6e9bc84021131acee3e5428ed227866bdf116e82972tomcat6-6.0.24-52.el6_4.noarch.rpm16e86e0b32e061a520ed96a539bd9378769e331e14f04a45cd2caafb4bcb6f24SLSA-2013:0627-1A flaw was found in the processing of malformed content. Malicious content could cause Thunderbird to crash or execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-0787) Note: This issue cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. It could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-17.0.3-2.el6_4.i686.rpm55b3ca2bf6ccde0219e23047c3b748e571d71abdae0190643cb3bea8e7637e6bSLSA-2013:0628-1A flaw was found in the way LDAPv3 control data was handled by 389 Directory Server. If a malicious user were able to bind to the directory (even anonymously) and send an LDAP request containing crafted LDAPv3 control data, they could cause the server to crash, denying service to the directory. (CVE-2013-0312) The CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat. This update also fixes the following bugs: * After an upgrade from Scientific Linux 6.3 to version 6.4, the upgrade script did not update the schema file for the PamConfig object class. Consequently, new features for PAM such as configuration of multiple instances and pamFilter attribute could not be used because of the schema violation. With this update, the upgrade script updates the schema file for the PamConfig object class and new features function properly. * Previously, the valgrind test suite reported recurring memory leaks in the modify_update_last_modified_attr() function. The size of the leaks averaged between 60-80 bytes per modify call. In environments where modify operations were frequent, this caused significant problems. Now, memory leaks no longer occur in the modify_update_last_modified_attr() function. * The Directory Server (DS) failed when multi-valued attributes were replaced. The problem occurred when replication was enabled, while the server executing the modification was configured as a single master and there was at least one replication agreement. Consequently, the modification requests were refused by the master server, which returned a code 20 "Type or value exists" error message. These requests were replacements of multi-valued attributes, and the error only occurred when one of the new values matched one of the current values of the attribute, but had a different letter case. Now, modification requests function properly and no longer return code 20 errors. * The DNA (distributed numeric assignment) plug-in, under certain conditions, could log error messages with the "DB_LOCK_DEADLOCK" error code when attempting to create an entry with a uidNumber attribute. Now, DNA handles this case properly and errors no longer occur during attempts to create entries with uidNumber attributes. * Posix Winsync plugin was calling an internal modify function which was not necessary. The internal modify call failed and logged an error message "slapi_modify_internal_set_pb: NULL parameter" which was not clear. This patch stops calling the internal modify function if it is not necessary and the cryptic error message is not observed. * Previously, under certain conditions, the dse.ldif file had 0 bytes after a server termination or when the machine was powered off. Consequently, after the system was brought up, a DS or IdM system could be unable to restart, leading to production server outages. Now, the server mechanism by which the dse.ldif is written is more robust, and tries all available backup dse.ldif files, and outages no longer occur. * Due to an incorrect interpretation of an error code, a directory server considered an invalid chaining configuration setting as the disk full error and shut down unexpectedly. Now, a more appropriate error code is in use and the server no longer shuts down from invalid chaining configuration settings. * While trying to remove a tombstone entry, the ns-slapd daemon terminated unexpectedly with a segmentation fault. With this update, removal of tombstone entries no longer causes crashes. After installing this update, the 389 server service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6389-ds-base-devel-1.2.11.15-12.el6_4.i686.rpm1257332d54e1c2cbe2186b2c35b3bc551460280797b7339f16e8017aacabacef389-ds-base-libs-1.2.11.15-12.el6_4.i686.rpmdfb15eef577469b66b4bcc83a21405fd1504079e2fa5074f89b1589b0fb49631389-ds-base-1.2.11.15-12.el6_4.i686.rpm0a1ce55060e40891b3837c14cefdb65136450b60d2bfcde3baedd44fdd2723fbSLSA-2013:0630-1This update fixes the following security issues: * A flaw was found in the way the xen_iret() function in the Linux kernel used the DS (the CPU's Data Segment) register. A local, unprivileged user in a 32-bit, para-virtualized Xen hypervisor guest could use this flaw to crash the guest or, potentially, escalate their privileges. (CVE-2013-0228, Important) * A flaw was found in the way file permission checks for the "/dev/cpu/[x]/msr" files were performed in restricted root environments (for example, when using a capability-based security model). A local user with the ability to write to these files could use this flaw to escalate their privileges to kernel level, for example, by writing to the SYSENTER_EIP_MSR register. (CVE-2013-0268, Important) The CVE-2013-0228 issue was discovered by Andrew Jones of Red Hat. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-firmware-2.6.32-358.2.1.el6.noarch.rpmbb58dc3452410c3de57fc088617243921c7f7372f5dde358d4413095485b035bkernel-2.6.32-358.2.1.el6.i686.rpmf22d9bc50f961cb0f88bf8284627274083376fb333740f343692abed46b8e9a0kernel-headers-2.6.32-358.2.1.el6.i686.rpmb3a8fab42dba4238b715346ae847fc03140095e190c6c6041adf578dc6183320perf-2.6.32-358.2.1.el6.i686.rpm702a608b51ede794629e0d7099e55f719ca4d233290c6bda5a53df295836ae32kernel-debug-devel-2.6.32-358.2.1.el6.i686.rpm29a91dfb5b212e10739f5b0b3f5d04280f856c62d8670950b8df8fc67cad3cd2kernel-debug-2.6.32-358.2.1.el6.i686.rpmd56a2b9fc35ba4fbbe0a2958561c17aa109c463aa604d4b6de4aa3cdff4279c2kernel-devel-2.6.32-358.2.1.el6.i686.rpmf65b47932f7ef12dcabe759ffd6d97c8a06672eda42009bc78119defd27b962epython-perf-2.6.32-358.2.1.el6.i686.rpmf90e3ee420947bd55adb91962512c3a5612373c45f01f5a7ed480216d270efa1kernel-doc-2.6.32-358.2.1.el6.noarch.rpma31213ba9cd0826eac8d4d091036c80e217dac9b5fa34687d7a5bd922fc5eb73SLSA-2013:0646-1A stack-based buffer overflow flaw was found in the Pidgin MXit protocol plug-in. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending a specially-crafted HTTP request. (CVE-2013-0272) A buffer overflow flaw was found in the Pidgin Sametime protocol plug-in. A malicious server or a remote attacker could use this flaw to crash Pidgin by sending a specially-crafted username. (CVE-2013-0273) A buffer overflow flaw was found in the way Pidgin processed certain UPnP responses. A remote attacker could send a specially-crafted UPnP response that, when processed, would crash Pidgin. (CVE-2013-0274) Pidgin must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6pidgin-docs-2.7.9-10.el6_4.1.i686.rpmb8d0b9f26e74e067411a8632febf3af6da32b6b9013386fbdd567b69e69ec798libpurple-tcl-2.7.9-10.el6_4.1.i686.rpm38f3a9fef6ca32e41bd1ec92a9b5c6092ed01ed6568e941758b9198fe05ee429libpurple-perl-2.7.9-10.el6_4.1.i686.rpmad27f79999dd23bb8c061d81719ff35f43185a18a23d9220177c15d4d81f5995finch-2.7.9-10.el6_4.1.i686.rpm0ee1c9a75ec7179b12f5a43ee6d218245c0abba0900d5fbe2d706b15eef05763pidgin-2.7.9-10.el6_4.1.i686.rpmd859ac038524da3c5a99280097ae100a12d842ae75803ce5e2d427ad33f2623clibpurple-2.7.9-10.el6_4.1.i686.rpm92f8f9504d6922c7b882bbd631ebd7b203aae22ea543dd880ac27286506820f9finch-devel-2.7.9-10.el6_4.1.i686.rpmf6822f717876ad99931489ba7ff300857552313e4fc75126837db4903ba76cfepidgin-devel-2.7.9-10.el6_4.1.i686.rpmd168e99d7cb32a26425dbd0bcdf16465ea8be8d73f3be862b534d9a6079ff1f2pidgin-perl-2.7.9-10.el6_4.1.i686.rpm271bc770b42468c38e9b1c673c86d49bd55db4651175cb65cc4aaf94490709f9libpurple-devel-2.7.9-10.el6_4.1.i686.rpm33acc1b86476072f76856a4a8415bcc3e296826c4f9cb6ef89022e93b0583875SLSA-2013:0656-1When a client attempts to use PKINIT to obtain credentials from the KDC, the client can specify, using an issuer and serial number, which of the KDC's possibly-many certificates the client has in its possession, as a hint to the KDC that it should use the corresponding key to sign its response. If that specification was malformed, the KDC could attempt to dereference a NULL pointer and crash. (CVE-2013-1415) When a client attempts to use PKINIT to obtain credentials from the KDC, the client will typically format its request to conform to the specification published in RFC 4556. For interoperability reasons, clients and servers also provide support for an older, draft version of that specification. If a client formatted its request to conform to this older version of the specification, with a non-default key agreement option, it could cause the KDC to attempt to dereference a NULL pointer and crash. (CVE-2012-1016) After installing the updated packages, the krb5kdc daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6krb5-pkinit-openssl-1.10.3-10.el6_4.1.i686.rpm2cb06f6be7d870ae5aebe953133b0fffaa669be3b6bb77159848d342dba87f26krb5-libs-1.10.3-10.el6_4.1.i686.rpm29a6f52830fa8e61b31f19adb1c9b82cedf8c7ab00002b68bb989178e005bb12krb5-server-ldap-1.10.3-10.el6_4.1.i686.rpmb52829b830bf5b644c98def6771ea78cb250a020aa7f8f34604f9cb12600a835krb5-workstation-1.10.3-10.el6_4.1.i686.rpm89bc65e358c0681336521c0bb94fd21e6f4aade00e2869269b3f2d589fe5cfeekrb5-server-1.10.3-10.el6_4.1.i686.rpmd7682031a626921f0f2fd5f9f45379f75a9cfba71fb874e381b98f975ae2aa1dkrb5-devel-1.10.3-10.el6_4.1.i686.rpm5a770e87dae8851dabb7151806164354e625828757addbbf6d8787eac730cfcbSLSA-2013:0663-1When SSSD was configured as a Microsoft Active Directory client by using the new Active Directory provider (introduced in SLSA-2013:0508), the Simple Access Provider ("access_provider = simple" in "/etc/sssd/sssd.conf") did not handle access control correctly. If any groups were specified with the "simple_deny_groups" option (in sssd.conf), all users were permitted access. (CVE-2013-0287) The CVE-2013-0287 issue was discovered by Kaushik Banerjee of Red Hat. This update also fixes the following bugs: * If a group contained a member whose Distinguished Name (DN) pointed out of any of the configured search bases, the search request that was processing this particular group never ran to completion. To the user, this bug manifested as a long timeout between requesting the group data and receiving the result. A patch has been provided to address this bug and SSSD now processes group search requests without delays. * The pwd_expiration_warning should have been set for seven days, but instead it was set to zero for Kerberos. This incorrect zero setting returned the "always display warning if the server sends one" error message and users experienced problems in environments like IPA or Active Directory. Currently, the value setting for Kerberos is modified and this issue no longer occurs.moderateScientific Linux FermiScientific Linux Fermi 6sssd-1.9.2-82.4.el6_4.i686.rpm74feee9f2dd35e3ffe8231be66f8b2f6ccb9e2e98745e046449c01134317bddcsssd-tools-1.9.2-82.4.el6_4.i686.rpm6c68a4a0aaa9fd1e10774b2c5384895f72411f69e01226daa805d30664222f53libsss_sudo-1.9.2-82.4.el6_4.i686.rpma956926f76f605694a8294b96a5ff6ceae56940f219772a8d232e32b0c7c83aelibsss_idmap-1.9.2-82.4.el6_4.i686.rpmbdea00071b05f191c40a051681aaa2ae134387bc2430c185af3538e419e76d1clibsss_autofs-1.9.2-82.4.el6_4.i686.rpm0b7ea160bdcd48639cf8a06b406a3bd34e27bf49c595858426542f9f1b743cfflibipa_hbac-1.9.2-82.4.el6_4.i686.rpm21c27439c0e40dcf31129f0f5a5ffa653541d026b33ddc14479631a24aea611alibipa_hbac-devel-1.9.2-82.4.el6_4.i686.rpmb4d28a1c1dc0f5b79b12bdf5121185e4ae59ae9a38f7c2725b970817c0d368d9libipa_hbac-python-1.9.2-82.4.el6_4.i686.rpm891a8c3a1eb64d5dd8843520a4bd03894af54285005390768532480031120eb9sssd-client-1.9.2-82.4.el6_4.i686.rpm59b0ec266d837b338b80cdcf1e3db51e2f17eef2a40060a8d4c4af5b07d7657flibsss_idmap-devel-1.9.2-82.4.el6_4.i686.rpmb62dfe58b2728f90573641604fa1e59fce67cdfd467e7e3ea5a014aa2474d4calibsss_sudo-devel-1.9.2-82.4.el6_4.i686.rpm250c96e3d1dec8a1cd30d6b030a9455043bceadfe7663f73ef460d358943f0d9SLSA-2013:0668-1A flaw was found in the way the ordered_malloc() routine in Boost sanitized the 'next_size' and 'max_size' parameters when allocating memory. If an application used the Boost C++ libraries for memory allocation, and performed memory allocation based on user-supplied input, an attacker could use this flaw to crash the application or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-2677)moderateScientific Linux FermiScientific Linux Fermi 6boost-date-time-1.41.0-15.el6_4.i686.rpm5684c7b5ccc79aee4f907d92d187436d8f2f81c67db46e6e56b2bd965973122dboost-python-1.41.0-15.el6_4.i686.rpm82a799c84391135c335c96eec52d306d0d25517096e7fd69928e7f5a329d2de0boost-doc-1.41.0-15.el6_4.i686.rpmf1d5e25eac34bb007312e76d06cca57be27d669ef8e4878233d79d54b71f47f4boost-iostreams-1.41.0-15.el6_4.i686.rpmd1174a1419de17bdc02e3e7093c36981acfb0054cbd081dfabd3a39082007f20boost-thread-1.41.0-15.el6_4.i686.rpm0ec3602423f5561990bf68e907996987ac94d1978cc1d2fdbc2e92a1b3637314boost-signals-1.41.0-15.el6_4.i686.rpm5028f8b2d5b4e31b71bb12e1e9098bd0c60fd8fdbda6e6ee8d0e2501b9c94556boost-math-1.41.0-15.el6_4.i686.rpm361303a0663acf4ed0853a7c42cfcad3cb5cb536e8c9efeb38b79eac7d826dceboost-wave-1.41.0-15.el6_4.i686.rpmee8845edb4a147333cf34d022575b1a907c0f54370b0462a4f8d9082eef975e0boost-mpich2-devel-1.41.0-15.el6_4.i686.rpm0d15dce80ddefbb2723ff3c746c80f246245cf209bff55f527f82ab1953fbf31boost-openmpi-1.41.0-15.el6_4.i686.rpm28932a0423580fab43d0c6e8d75a91d0011d89e543fbf87fbcbbb60da334109aboost-graph-1.41.0-15.el6_4.i686.rpm0858584d3ac8b1ef226456dbf8d6e61ff656e9cf5dd90179c6dddf0fea1f3698boost-1.41.0-15.el6_4.i686.rpmaa210b5b80d2546b1c4cb90219528a9e092c44859185751337d4ba1ff865330aboost-mpich2-python-1.41.0-15.el6_4.i686.rpmb8d63199f7cbb22602f9fcedd72a5c486665e611392df457e7de632c1b5a335eboost-system-1.41.0-15.el6_4.i686.rpm6fe2ebc4423afffc1d1b64ccd97f04d0d3cda6e452591723f3870b1ef6514e84boost-serialization-1.41.0-15.el6_4.i686.rpmf2c4d9d77b6660d2278f0cbca5ee4e362d3aa5a4a1506c5805c1785edf892ee3boost-mpich2-1.41.0-15.el6_4.i686.rpm64cd1c47979ff8bdda6defdcb0e8d0a0ebdb4204f0bea387f4015dedb1081708boost-static-1.41.0-15.el6_4.i686.rpmef8b6cb4a5d5f937a1526dbf723496adff11aee6235a5dc62a91be999b17539dboost-graph-mpich2-1.41.0-15.el6_4.i686.rpm23bf8605b238ec51e576ff84fe695d2b3e924eb42ec40355dc45797dc5f9bec2boost-devel-1.41.0-15.el6_4.i686.rpm32f82437f58f12e20a6efe7c16b8f920607bd185a080428ac3d03d666ca4168cboost-test-1.41.0-15.el6_4.i686.rpm6d66ee1d28417645538e471b9a727625f5fc030a0a59bd95e7eb60e6b4c73308boost-graph-openmpi-1.41.0-15.el6_4.i686.rpmab875da1ef55047bb0363514905ec303ce82fe803c466ef9d15f8880886f110eboost-filesystem-1.41.0-15.el6_4.i686.rpmbddadd1a1ec9560fefca19abe8aa6ff35a4b24b478ce5630c46f8ae7bcc96440boost-program-options-1.41.0-15.el6_4.i686.rpm108917c93fc3f612f77a91ceb2c4286afc6ecd7e533e5a4a72f8645c084ed865boost-openmpi-devel-1.41.0-15.el6_4.i686.rpm4e34e040ec4c5b6800383b216259c01078d7bb4241a53a591bbfc52c213d9ff4boost-openmpi-python-1.41.0-15.el6_4.i686.rpma1fa2daa00e8b2bc5d5d874984aa28f737526547fdb4a118f3aafe803769a638boost-regex-1.41.0-15.el6_4.i686.rpm4ee38733896815633c2e979543d3c27f0738bd473327747c0ca6c477a2847013SLSA-2013:0669-1It was discovered that the QSharedMemory class implementation of the Qt toolkit created shared memory segments with insecure permissions. A local attacker could use this flaw to read or alter the contents of a particular shared memory segment, possibly leading to their ability to obtain sensitive information or influence the behavior of a process that is using the shared memory segment. (CVE-2013-0254) All running applications linked against Qt libraries must be restarted for this update to take effect.moderateScientific Linux FermitruetrueScientific Linux Fermi 6qt-demos-4.6.2-26.el6_4.i686.rpm33d792fd19991477df79e713e4700f68cfa124fe75b8fee3ecfbecfc8ea7e5e8qt-sqlite-4.6.2-26.el6_4.i686.rpm71852ccaefd8838558a66dd851d8ffa54fc812b292f4deb8461786aa032355bbphonon-backend-gstreamer-4.6.2-26.el6_4.i686.rpm8f12a18e817d5ee0f2c547db310920e62225d29ef428be3418527c2b73b8ca05qt-devel-4.6.2-26.el6_4.i686.rpm632654a4fdf6a91f22e3dee3a6dcb3c5457e9ff25c2130dcb50dbcaf7742cfb2qt-x11-4.6.2-26.el6_4.i686.rpmb8f20709577467c07fa9321e470f9490ece209f9df3dbaae4f3e726631e1b940qt-mysql-4.6.2-26.el6_4.i686.rpmbe261274e7f136e2ddcb1b5cd189903c252c9d79bf75d59dbd7e786d14364442qt-postgresql-4.6.2-26.el6_4.i686.rpm9827546a334fbe6fdcbe4f0e5b7a54134d961d74731148217e85b0fbbeb9dd95qt-doc-4.6.2-26.el6_4.noarch.rpm13d82ac4fa016cb028b80de208f9f3396e08a8ae7b2dda0037d9e96f967a55e5qt-examples-4.6.2-26.el6_4.i686.rpm425c734895d8a161abdb0720a7715b5b24b57eec3b4c567e13f8335bf7796db6qt-odbc-4.6.2-26.el6_4.i686.rpm0df8473a479ac4252c1fed5cd4c12990a43b2434a73a95a6f280c719d6f663ceqt-4.6.2-26.el6_4.i686.rpmfdc5c4ac67890b41ac188059acc5a7a08784343581909d065c3561e62021dccbSLSA-2013:0685-1A heap overflow flaw was found in Perl. If a Perl application allowed user input to control the count argument of the string repeat operator, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2012-5195) A denial of service flaw was found in the way Perl's rehashing code implementation, responsible for recalculation of hash keys and redistribution of hash content, handled certain input. If an attacker supplied specially-crafted input to be used as hash keys by a Perl application, it could cause excessive memory consumption. (CVE-2013-1667) It was found that the Perl CGI module, used to handle Common Gateway Interface requests and responses, incorrectly sanitized the values for Set-Cookie and P3P headers. If a Perl application using the CGI module reused cookies values and accepted untrusted input from web browsers, a remote attacker could use this flaw to alter member items of the cookie or add new items. (CVE-2012-5526) It was found that the Perl Locale::Maketext module, used to localize Perl applications, did not properly handle backslashes or fully-qualified method names. An attacker could possibly use this flaw to execute arbitrary Perl code with the privileges of a Perl application that uses untrusted Locale::Maketext templates. (CVE-2012-6329) All running Perl programs must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6perl-CPAN-1.9402-130.el6_4.i686.rpm01dc9349e2667619ed889d757e11d19574fe3e142196577639759d78d8b1895eperl-Digest-SHA-5.47-130.el6_4.i686.rpma0822f88b6ededb8a11431da128b589ced0b18a0ebd76e12712dff9a5556261bperl-Term-UI-0.20-130.el6_4.i686.rpmf202d924b628a9def3c3c0183dcd5f56e747355e37a2593a822b7b7fa735f016perl-core-5.10.1-130.el6_4.i686.rpmaa7fe69d107c625e11cf61846f59639b95bf791b4fc1eb8aa2b7dd11679fef37perl-Module-Load-0.16-130.el6_4.i686.rpm0a3281fcc84e9d606c33922aeca9b7828f82ac685c8744c22e9fc8644db4413bperl-Test-Harness-3.17-130.el6_4.i686.rpm9e263926f75837bd31c61d3c474d3b8162514e9f6432d9c5f308d6774fd3d76cperl-5.10.1-130.el6_4.i686.rpmaef9cecba4fb6c69cc438473cae003a9efea40fda568245539e306318334f46cperl-IO-Compress-Zlib-2.020-130.el6_4.i686.rpm2148117e8fe359aebb49a4b81a7f0467101497da326062fab1127979ede570feperl-Package-Constants-0.02-130.el6_4.i686.rpm03bcd8365f550aabd4f61a4e16cb3675bea24bf1a68cd5818ddd1295f08875eeperl-IO-Zlib-1.09-130.el6_4.i686.rpm45a6062ddab6b3f563b841249b42c76da42f11c9380d70fca7db468516b03d1cperl-Module-Load-Conditional-0.30-130.el6_4.i686.rpmafcd917a88d5bac40659076868961b0606f311abbd9cccd1b53e1d148bf96245perl-IPC-Cmd-0.56-130.el6_4.i686.rpm8a757439a3445ba452d87f576ebfa379f9e5162ca92cc76411d0192b164b035eperl-version-0.77-130.el6_4.i686.rpm4391a2d7a7692e333de7a5ec367b1e25f27de2553eff66ab4edb7f6774506bb1perl-Test-Simple-0.92-130.el6_4.i686.rpm31cd697330700ff57d58d7b58bf4ac697009837d2ff02355ea922c0367d8f67bperl-Object-Accessor-0.34-130.el6_4.i686.rpm9ec7fe0e082742545e357fa9c0360e626d6786e27d79c6871146fb495408f3fcperl-Compress-Raw-Zlib-2.020-130.el6_4.i686.rpm4e47344c2a3453d419d1d683f363fcc7e5e6bc9fbcb134dc0a252c4aeecc55ecperl-Pod-Escapes-1.04-130.el6_4.i686.rpmf367eebbb925d5cb16b9e88092cf51050ea5497abdad2e072106b2d180ec9f1eperl-Module-Build-0.3500-130.el6_4.i686.rpm709a2a1c7f709f0580a98a92a3c1f2ed6315c45574c383c1b9ff7b10adaf30fdperl-devel-5.10.1-130.el6_4.i686.rpm9338aa54601dff3cdd41a82d03c4be1605e3a7aa165de96d537d3c69ba651c26perl-parent-0.221-130.el6_4.i686.rpm8af88c135223330d04eaa6b0cca6ce4464115fc01345727f2fe2c058768d1873perl-ExtUtils-ParseXS-2.2003.0-130.el6_4.i686.rpmfb4b09f889d8a8019a126c941ccead0af51ccaf43fd1b70199e983204abf50d8perl-Log-Message-Simple-0.04-130.el6_4.i686.rpmabc68047369a25f662c5bb26cf55c8dc590556f0ca3b919034322c1ec8527313perl-Module-Loaded-0.02-130.el6_4.i686.rpm7871bf09c76d1876a6518d905fccd3b5a3cf8471b32452ffa9be47b89e0ed69aperl-ExtUtils-Embed-1.28-130.el6_4.i686.rpm29deaa84e11bac97b5ba3ac3faf614d2ed5055f9126349e41ea625bc831c9c22perl-CPANPLUS-0.88-130.el6_4.i686.rpm15a65efd94bdf117f4ea438622b1af341867e56a8637cc08d4be0374475713b7perl-Time-Piece-1.15-130.el6_4.i686.rpm3e670a73da636558a05eaabfce515068a9f43a6b239679a08dd6d02c4b7630c0perl-CGI-3.51-130.el6_4.i686.rpm24b844fa949b64922cc2c6fd9791c72487efb6f867e0c6b85bd62e8b7159d5cfperl-Compress-Zlib-2.020-130.el6_4.i686.rpmb9dbbf62bc40d5b3c583507aa61df9f328a566d8ce9da40846bd08114ece87b5perl-Params-Check-0.26-130.el6_4.i686.rpmf617860f5f1e6466066b99539e417247683ac9e84bb1d85bde68a884998b40d8perl-File-Fetch-0.26-130.el6_4.i686.rpmda9b3101c358a57f033ac78f1ce6a01e2ef4913431203800e40fceb78fac11daperl-IO-Compress-Base-2.020-130.el6_4.i686.rpm823707a7a2754d7eafc6025c9f85d1c6d20a6818b99c405d51fe96e9f37f2612perl-Log-Message-0.02-130.el6_4.i686.rpmef81020c329c184cb1fa15f1f8a9016ac81c59748d17828e8df9d7c343ea093fperl-ExtUtils-MakeMaker-6.55-130.el6_4.i686.rpm38e94dd4ee4145915ecc26978943fb93400530c2a63e4788305474e4c4367806perl-ExtUtils-CBuilder-0.27-130.el6_4.i686.rpm05ee5041ec2f8ad66706c40dbf258e629331b7710618c3dfba44464172a3ff38perl-Archive-Tar-1.58-130.el6_4.i686.rpma4d27a61386fa9f2e82d12555d6181ab7153b2792be8a5c84aed71f9f69a3629perl-Parse-CPAN-Meta-1.40-130.el6_4.i686.rpm11e599a7684b7160cf4d84986e1bc0d6423401864d8db048efc12bbea9b2d14bperl-IO-Compress-Bzip2-2.020-130.el6_4.i686.rpmeb4fd1b1fcebc81bd94c4188ebefd4bdb0c282d043c1ff014389bda60c5c33e2perl-Module-Pluggable-3.90-130.el6_4.i686.rpm21e84f8e6fb50023a2879d22865d914031d725771e7acce0a4c58dcd9f95b864perl-libs-5.10.1-130.el6_4.i686.rpmdc6144f7333b886c370436fc6d3c8142b2a46b0f78a91f0156f4db8515a3c1ddperl-Archive-Extract-0.38-130.el6_4.i686.rpm4aeac0657e9a27498b843e8eef3175aa2d9130f0c7f1ce7f2ea4c55c8211ccabperl-Pod-Simple-3.13-130.el6_4.i686.rpm15493190351f0701427a3283e46461d78e31c9403c66b0ad5a43b98801505f11perl-Compress-Raw-Bzip2-2.020-130.el6_4.i686.rpm6ef7b080d4eb08fa7c62e46bf665aa9e8506535a505b1c9484b300de95df4e71perl-Time-HiRes-1.9721-130.el6_4.i686.rpmbe89397612507e4c40e33e7ca7ae83d5a03926852f6ef6d91b74f7b454dc89f6perl-suidperl-5.10.1-130.el6_4.i686.rpmb86608fcdbeea96fd5829bc4429d11ecbb939661d2ebbfe4695a3ab4928fda49perl-Locale-Maketext-Simple-0.18-130.el6_4.i686.rpm0b8daa68f1aa96cca761d76826de7098e000def254547c0ffa91c0d5e34f180aperl-Module-CoreList-2.18-130.el6_4.i686.rpmb837842d6ce68be54caab93f09922f2576493eda8b5f6df44674e87b826a2a92SLSA-2013:0687-1An integer overflow flaw was discovered in one of pixman's manipulation routines. If a remote attacker could trick an application using pixman into performing a certain manipulation, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-1591) All applications using pixman must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6pixman-devel-0.26.2-5.el6_4.i686.rpm6a6674ebd263974a6d948f8af36f1c4afcba8d7a3c04dc83926cd6e555342f4cpixman-0.26.2-5.el6_4.i686.rpm4ec7223b409676e55084ac0c7ef1a4e3bfbd960a0614a3640eb48847d23ce9bcSLSA-2013:0689-1A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. (CVE-2013-2266) Note: This update disables the syntax checking of NAPTR (Naming Authority Pointer) resource records. This update also fixes the following bug: * Previously, rebuilding the bind-dyndb-ldap source RPM failed with a "/usr/include/dns/view.h:76:21: error: dns/rrl.h: No such file or directory" error. After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-9.8.2-0.17.rc1.el6_4.4.i686.rpm0c3ea01197e273a267a13e0fd654f932f965606a476c056998eca2ddd7f1eaf4bind-sdb-9.8.2-0.17.rc1.el6_4.4.i686.rpmd1bda89c27f26a44c7a7ce9ec92dbd025429bd249dd5e7699e10bfd6f989bea9bind-devel-9.8.2-0.17.rc1.el6_4.4.i686.rpm2af7e43a7626f69bed3c28bd84669c77d6609ceb5b00b8f32f72a223fe40698ebind-chroot-9.8.2-0.17.rc1.el6_4.4.i686.rpmba8c3f0bc1fe2bd5f7b9dee83b5d693dd81e63356fe7126fdad491f41e15036cbind-libs-9.8.2-0.17.rc1.el6_4.4.i686.rpmed0e63fad42c225c33177fba1e7a7999f3885382257b1feea92d7ce8c06aa71dbind-utils-9.8.2-0.17.rc1.el6_4.4.i686.rpm2428f246271b25ecd617c17119568878aa12927ac651dbbaecfd23561d6500e0SLSA-2013:0696-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0788) A flaw was found in the way Same Origin Wrappers were implemented in Firefox. A malicious site could use this flaw to bypass the same-origin policy and execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0795) A flaw was found in the embedded WebGL library in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Note: This issue only affected systems using the Intel Mesa graphics drivers. (CVE-2013-0796) An out-of-bounds write flaw was found in the embedded Cairo library in Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0800) A flaw was found in the way Firefox handled the JavaScript history functions. A malicious site could cause a web page to be displayed that has a baseURI pointing to a different site, allowing cross-site scripting (XSS) and phishing attacks. (CVE-2013-0793) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-17.0.5-1.el6_4.i686.rpmaa4973728cb60a71293afb0664262d4fb5c64f13a6453dcc799bc183322860acfirefox-17.0.5-1.el6_4.i686.rpmc57156a3f09600923266b42e6fc51f59e8ce94557c98415d192f231f0b912127xulrunner-devel-17.0.5-1.el6_4.i686.rpm139b52ab33ce43e241570e746e9f49a7f15d6983fe1128745e14017d39fd97b8SLSA-2013:0697-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-0788) A flaw was found in the way Same Origin Wrappers were implemented in Thunderbird. Malicious content could use this flaw to bypass the same- origin policy and execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-0795) A flaw was found in the embedded WebGL library in Thunderbird. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Note: This issue only affected systems using the Intel Mesa graphics drivers. (CVE-2013-0796) An out-of-bounds write flaw was found in the embedded Cairo library in Thunderbird. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-0800) A flaw was found in the way Thunderbird handled the JavaScript history functions. Malicious content could cause a page to be displayed that has a baseURI pointing to a different site, allowing cross-site scripting (XSS) and phishing attacks. (CVE-2013-0793) Note: All issues except CVE-2013-0800 cannot be exploited by a specially- crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-17.0.5-1.el6_4.i686.rpm6128ec13ed2a586f26ec3900bd5e0c5e97e78804579c607736bdfe2be9ca7d7eSLSA-2013:0714-1An integer conversion issue was found in stunnel when using Microsoft NT LAN Manager (NTLM) authentication with the HTTP CONNECT tunneling method. With this configuration, and using stunnel in SSL client mode on a 64-bit system, an attacker could possibly execute arbitrary code with the privileges of the stunnel process via a man-in-the-middle attack or by tricking a user into using a malicious proxy. (CVE-2013-1762)moderateScientific Linux FermiScientific Linux Fermi 6stunnel-4.29-3.el6_4.i686.rpm79386f3466ed889bc22f0e9078bb5f3d86604e6f72b7616cc56872f759366662SLSA-2013:0737-1A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled PROPFIND requests on activity URLs. A remote attacker could use this flaw to cause the httpd process serving the request to crash. (CVE-2013-1849) A flaw was found in the way the mod_dav_svn module handled large numbers of properties (such as those set with the "svn propset" command). A malicious, remote user could use this flaw to cause the httpd process serving the request to consume an excessive amount of system memory. (CVE-2013-1845) Two NULL pointer dereference flaws were found in the way the mod_dav_svn module handled LOCK requests on certain types of URLs. A malicious, remote user could use these flaws to cause the httpd process serving the request to crash. (CVE-2013-1846, CVE-2013-1847) Note: The CVE-2013-1849, CVE-2013-1846, and CVE-2013-1847 issues only caused a temporary denial of service, as the Apache HTTP Server started a new process to replace the crashed child process. When using prefork MPM, the crash only affected the attacker. When using worker (threaded) MPM, the connections of other users may have been interrupted. After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6mod_dav_svn-1.6.11-9.el6_4.i686.rpm1767b2e771e613d9ddac04296c6e89596cda982344437f179be4e0f35ed319casubversion-kde-1.6.11-9.el6_4.i686.rpm8356355320fdc98d798b9046fac5b6432ccf1943a329f9fe08c5d216c3e8bc98subversion-devel-1.6.11-9.el6_4.i686.rpm127fa18e94c85cc18b44be7a0942d84c7c8d5a8268050f4013273f6f29f320ebsubversion-1.6.11-9.el6_4.i686.rpmc4c07e945599011972f9a544f4b6babe721759176410f6fd96da76013094104dsubversion-gnome-1.6.11-9.el6_4.i686.rpm69d3ea21c80517f16a38491d7b0b769d9d9d1f6f736988bd6ef032c836242c7bsubversion-perl-1.6.11-9.el6_4.i686.rpm1f282e973888881333b12b68d386493da58354de9221df271a557cc59aaeddbbsubversion-ruby-1.6.11-9.el6_4.i686.rpm2d3a200c2afbe022249a7d5f066db35a65380bbaced4d1a039f0f4f305a1cd30subversion-javahl-1.6.11-9.el6_4.i686.rpma145589aae5927e776c03f01dcd272badbe1965ffbda7465cd75ff54783f8c02subversion-svn2cl-1.6.11-9.el6_4.noarch.rpmf19dedc907848922777f06344aa2dccb787f45f67ddb13c59a8be47a94b51320SLSA-2013:0742-1It was found that the 389 Directory Server did not properly restrict access to entries when the "nsslapd-allow-anonymous-access" configuration setting was set to "rootdse". An anonymous user could connect to the LDAP database and, if the search scope is set to BASE, obtain access to information outside of the rootDSE. (CVE-2013-1897) This update also fixes the following bugs: * Previously, the schema-reload plug-in was not thread-safe. Consequently, executing the schema-reload.pl script under heavy load could have caused the ns-slapd process to terminate unexpectedly with a segmentation fault. Currently, the schema-reload plug-in is re-designed so that it is thread- safe, and the schema-reload.pl script can be executed along with other LDAP operations. * An out of scope problem for a local variable, in some cases, caused the modrdn operation to terminate unexpectedly with a segmentation fault. This update declares the local variable at the proper place of the function so it does not go out of scope, and the modrdn operation no longer crashes. * A task manually constructed an exact value to be removed from the configuration if the "replica-force-cleaning" option was used. Consequently, the task configuration was not cleaned up, and every time the server was restarted, the task behaved in the described manner. This update searches the configuration for the exact value to delete, instead of manually building the value, and the task does not restart when the server is restarted. * Previously, a NULL pointer dereference could have occurred when attempting to get effective rights on an entry that did not exist, leading to an unexpected termination due to a segmentation fault. This update checks for NULL entry pointers and returns the appropriate error. Now, attempts to get effective rights on an entry that does not exist no longer causes crashes, and the server returns the appropriate error message. * A problem in the lock timing in the DNA plug-in caused a deadlock if the DNA operation was executed with other plug-ins. This update moves the release timing of the problematic lock, and the DNA plug-in does not cause the deadlock. After installing this update, the 389 server service will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6389-ds-base-1.2.11.15-14.el6_4.i686.rpmf23892146551b794bde67bb4ea23c2c2479ffdca09ff4c8f9883a0f73575d5fa389-ds-base-devel-1.2.11.15-14.el6_4.i686.rpmde7805b0969127aabc4ec61335aa43dbfb1ca1f82fcd80cae5a8432ef2d6b338389-ds-base-libs-1.2.11.15-14.el6_4.i686.rpmb0a2b93f5603bcfa0793976f3dc684d50bb45aab4df658641fbab87903537738SLSA-2013:0744-1* An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the Intel i915 driver in the Linux kernel handled the allocation of the buffer used for relocation copies. A local user with console access could use this flaw to cause a denial of service or escalate their privileges. (CVE-2013-0913, Important) * A buffer overflow flaw was found in the way UTF-8 characters were converted to UTF-16 in the utf8s_to_utf16s() function of the Linux kernel's FAT file system implementation. A local user able to mount a FAT file system with the "utf8=1" option could use this flaw to crash the system or, potentially, to escalate their privileges. (CVE-2013-1773, Important) * A flaw was found in the way KVM handled guest time updates when the buffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register (MSR) crossed a page boundary. A privileged guest user could use this flaw to crash the host or, potentially, escalate their privileges, allowing them to execute arbitrary code at the host kernel level. (CVE-2013-1796, Important) * A potential use-after-free flaw was found in the way KVM handled guest time updates when the GPA (guest physical address) the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register (MSR) fell into a movable or removable memory region of the hosting user-space process (by default, QEMU-KVM) on the host. If that memory region is deregistered from KVM using KVM_SET_USER_MEMORY_REGION and the allocated virtual memory reused, a privileged guest user could potentially use this flaw to escalate their privileges on the host. (CVE-2013-1797, Important) * A flaw was found in the way KVM emulated IOAPIC (I/O Advanced Programmable Interrupt Controller). A missing validation check in the ioapic_read_indirect() function could allow a privileged guest user to crash the host, or read a substantial portion of host kernel memory. (CVE-2013-1798, Important) * A race condition in install_user_keyrings(), leading to a NULL pointer dereference, was found in the key management facility. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2013-1792, Moderate) * A NULL pointer dereference in the XFRM implementation could allow a local user who has the CAP_NET_ADMIN capability to cause a denial of service. (CVE-2013-1826, Moderate) * A NULL pointer dereference in the Datagram Congestion Control Protocol (DCCP) implementation could allow a local user to cause a denial of service. (CVE-2013-1827, Moderate) * Information leak flaws in the XFRM implementation could allow a local user who has the CAP_NET_ADMIN capability to leak kernel stack memory to user-space. (CVE-2012-6537, Low) * Two information leak flaws in the Asynchronous Transfer Mode (ATM) subsystem could allow a local, unprivileged user to leak kernel stack memory to user-space. (CVE-2012-6546, Low) * An information leak was found in the TUN/TAP device driver in the networking implementation. A local user with access to a TUN/TAP virtual interface could use this flaw to leak kernel stack memory to user-space. (CVE-2012-6547, Low) * An information leak in the Bluetooth implementation could allow a local user who has the CAP_NET_ADMIN capability to leak kernel stack memory to user-space. (CVE-2013-0349, Low) * A use-after-free flaw was found in the tmpfs implementation. A local user able to mount and unmount a tmpfs file system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1767, Low) * A NULL pointer dereference was found in the Linux kernel's USB Inside Out Edgeport Serial Driver implementation. An attacker with physical access to a system could use this flaw to cause a denial of service. (CVE-2013-1774, Low)importantScientific Linux FermitrueScientific Linux Fermi 6kernel-firmware-2.6.32-358.6.1.el6.noarch.rpm5cacb2d47311b31644e6be74d195c87e402539cd763bef68b8ca168713bc998ekernel-doc-2.6.32-358.6.1.el6.noarch.rpm77955766da0f5532c093e205393e79df6eeaaa0d1d698f1109a7d294ac2b0e9bkernel-debug-2.6.32-358.6.1.el6.i686.rpm44ab4f780aca2260555264ff7838237a6661140c937e7ad2f6b9f6ed1cce1c22perf-2.6.32-358.6.1.el6.i686.rpm5aa26bed35807402cd4619a8aa701fd2230504ddecc37880987e6b3a6931fc07kernel-2.6.32-358.6.1.el6.i686.rpmbe3b5d9147ed6a0f4fe4b3166aeef13fa44e28d12575146d071c8ec9329d1fe0kernel-debug-devel-2.6.32-358.6.1.el6.i686.rpm6041beffdf32a774e48a82132860f7a628e6c977e62d88e462c7b0993dd2965dkernel-devel-2.6.32-358.6.1.el6.i686.rpm57705a49b0561ee0f33edb01013db2c3563009cc1ae90d70e75c9c96d6bac17fpython-perf-2.6.32-358.6.1.el6.i686.rpm270856a554b2a4230ed81be02a16ebd133c023e565520f37024bb29a50f7c63ekernel-headers-2.6.32-358.6.1.el6.i686.rpmd8ff79f441ce9e9c3dad20389b131dda32b964f0e4ebd13d5b54833f8243b22aSLSA-2013:0748-1A NULL pointer dereference flaw was found in the way the MIT Kerberos KDC processed certain TGS (Ticket-granting Server) requests. A remote, authenticated attacker could use this flaw to crash the KDC via a specially-crafted TGS request. (CVE-2013-1416) After installing the updated packages, the krb5kdc daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6krb5-pkinit-openssl-1.10.3-10.el6_4.2.i686.rpm74d9880a0007fa0dd0f663f447671d4494d10c4f307681ba48d604730fcbdfa4krb5-libs-1.10.3-10.el6_4.2.i686.rpm01402ad8e98274442c6693393332bb30cc73dc68f6d4988f650afa64ec71bf2fkrb5-server-ldap-1.10.3-10.el6_4.2.i686.rpme329fd29a65b37920cc309c2e075f638ba156d56a829b2a749b08ebe6816e0aakrb5-workstation-1.10.3-10.el6_4.2.i686.rpm2ad051c7e39cce22b1c7d3d1d1f11e52e4d3acca6cc6dd5dd015fee7871aaa66krb5-server-1.10.3-10.el6_4.2.i686.rpmc2d86be3dc9982c610d54a7ad8fcaacbba1895a02abc92528ae1d26e742b84cakrb5-devel-1.10.3-10.el6_4.2.i686.rpm53a6e47f751a73c012cb905fe45e30d4c32516932442cfa656247a73e2b7cb49SLSA-2013:0751-1Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384) Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-1558, CVE-2013-2422, CVE-2013-2436, CVE-2013-1518, CVE-2013-1557) The previous default value of the java.rmi.server.useCodebaseOnly property permitted the RMI implementation to automatically load classes from remotely specified locations. An attacker able to connect to an application using RMI could use this flaw to make the application execute arbitrary code. (CVE-2013-1537) Note: The fix for CVE-2013-1537 changes the default value of the property to true, restricting class loading to the local CLASSPATH and locations specified in the java.rmi.server.codebase property. The 2D component did not properly process certain images. An untrusted Java application or applet could possibly use this flaw to trigger Java Virtual Machine memory corruption. (CVE-2013-2420) It was discovered that the Hotspot component did not properly handle certain intrinsic frames, and did not correctly perform access checks and MethodHandle lookups. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-2431, CVE-2013-2421, CVE-2013-2423) It was discovered that JPEGImageReader and JPEGImageWriter in the ImageIO component did not protect against modification of their state while performing certain native code operations. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-2429, CVE-2013-2430) The JDBC driver manager could incorrectly call the toString() method in JDBC drivers, and the ConcurrentHashMap class could incorrectly call the defaultReadObject() method. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2013-1488, CVE-2013-2426) The sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2013-0401) Flaws were discovered in the Network component's InetAddress serialization, and the 2D component's font handling. An untrusted Java application or applet could possibly use these flaws to crash the Java Virtual Machine. (CVE-2013-2417, CVE-2013-2419) The MBeanInstantiator class implementation in the OpenJDK JMX component did not properly check class access before creating new instances. An untrusted Java application or applet could use this flaw to create instances of non-public classes. (CVE-2013-2424) It was discovered that JAX-WS could possibly create temporary files with insecure permissions. A local attacker could use this flaw to access temporary files created by an application using JAX-WS. (CVE-2013-2415) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. This erratum also upgrades the OpenJDK package to IcedTea7 2.3.9. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-javadoc-1.7.0.19-2.3.9.1.el6_4.noarch.rpma74f8ebf287cfeaf87109a79bdfbaeae61349e62b1c6d886dabfb146d0bc0845java-1.7.0-openjdk-devel-1.7.0.19-2.3.9.1.el6_4.i686.rpm8b8c31ed675c0f40b2ca284431de0a08db19046f58afd61cc96785522e783f2ejava-1.7.0-openjdk-1.7.0.19-2.3.9.1.el6_4.i686.rpmb87d8a007f8736c47cf450b0226820ed9c5881dac304c14fa324b70fe0f57f3bjava-1.7.0-openjdk-src-1.7.0.19-2.3.9.1.el6_4.i686.rpm8290060b18b9ff9220e718006c2cb380f98518953aac14ebb0d0088dc5952ff7java-1.7.0-openjdk-demo-1.7.0.19-2.3.9.1.el6_4.i686.rpm14a28073262910df1e779aa4d07b9c0c4ca841b51ae8c3194a2be8fc4f90e410SLSA-2013:0753-1It was discovered that the IcedTea-Web plug-in incorrectly used the same class loader instance for applets with the same value of the codebase attribute, even when they originated from different domains. A malicious applet could use this flaw to gain information about and possibly manipulate applets from different domains currently running in the browser. (CVE-2013-1926) The IcedTea-Web plug-in did not properly check the format of the downloaded Java Archive (JAR) files. This could cause the plug-in to execute code hidden in a file in a different format, possibly allowing attackers to execute code in the context of web sites that allow uploads of specific file types, known as a GIFAR attack. (CVE-2013-1927) This erratum also upgrades IcedTea-Web to version 1.2.3. Web browsers using the IcedTea-Web browser plug-in must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6icedtea-web-javadoc-1.2.3-2.el6_4.i686.rpm817345071fb1848039ab7674a2694789f1780abadaa49942cd1bab85b9e7dfa7icedtea-web-1.2.3-2.el6_4.i686.rpm16cc5715e9c56592c341d0afdfde9849741594e9a3587311eb48a9f328f4bb00SLSA-2013:0770-1Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-1569, CVE-2013-2383, CVE-2013-2384) Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-1558, CVE-2013-2422, CVE-2013-1518, CVE-2013-1557) The previous default value of the java.rmi.server.useCodebaseOnly property permitted the RMI implementation to automatically load classes from remotely specified locations. An attacker able to connect to an application using RMI could use this flaw to make the application execute arbitrary code. (CVE-2013-1537) Note: The fix for CVE-2013-1537 changes the default value of the property to true, restricting class loading to the local CLASSPATH and locations specified in the java.rmi.server.codebase property. Refer to Red Hat Bugzilla bug 952387 for additional details. The 2D component did not properly process certain images. An untrusted Java application or applet could possibly use this flaw to trigger Java Virtual Machine memory corruption. (CVE-2013-2420) It was discovered that the Hotspot component did not properly handle certain intrinsic frames, and did not correctly perform MethodHandle lookups. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-2431, CVE-2013-2421) It was discovered that JPEGImageReader and JPEGImageWriter in the ImageIO component did not protect against modification of their state while performing certain native code operations. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-2429, CVE-2013-2430) The JDBC driver manager could incorrectly call the toString() method in JDBC drivers, and the ConcurrentHashMap class could incorrectly call the defaultReadObject() method. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2013-1488, CVE-2013-2426) The sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2013-0401) Flaws were discovered in the Network component's InetAddress serialization, and the 2D component's font handling. An untrusted Java application or applet could possibly use these flaws to crash the Java Virtual Machine. (CVE-2013-2417, CVE-2013-2419) The MBeanInstantiator class implementation in the OpenJDK JMX component did not properly check class access before creating new instances. An untrusted Java application or applet could use this flaw to create instances of non-public classes. (CVE-2013-2424) It was discovered that JAX-WS could possibly create temporary files with insecure permissions. A local attacker could use this flaw to access temporary files created by an application using JAX-WS. (CVE-2013-2415) This erratum also upgrades the OpenJDK package to IcedTea6 1.11.10. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-javadoc-1.6.0.0-1.61.1.11.11.el6_4.i686.rpma97f58f0f54e97d2de5c966ac47cf6e7a5533bbdacbd3b091064c3a4f8f4efc6java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.el6_4.i686.rpmb9f2d8fb77782e57418e96f776f7cdbb26eeba8c9c296dca6c7e4233130cc3a5java-1.6.0-openjdk-demo-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm8bf87fe729bd77f48b26cc9fe612675330c7fe4a84501c7ee74c2ecbb3cf370djava-1.6.0-openjdk-devel-1.6.0.0-1.61.1.11.11.el6_4.i686.rpme717036d9de8ed74df983b4d4f152393d236b44bb814107503b6d83367682a75java-1.6.0-openjdk-src-1.6.0.0-1.61.1.11.11.el6_4.i686.rpm7edbeae2ceb61a2b712ce9f92212b3f9d255f6ce717b010a10f4e8881fa46de4SLSA-2013:0771-1A flaw was found in the way libcurl matched domains associated with cookies. This could lead to cURL or an application linked against libcurl sending the wrong cookie if only part of the domain name matched the domain associated with the cookie, disclosing the cookie to unrelated hosts. (CVE-2013-1944) All running applications using libcurl must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libcurl-7.19.7-36.el6_4.i686.rpm12c9915f17ec8c894163047f4af300f49adca3373bad65cb539afa21dfcf9609libcurl-devel-7.19.7-36.el6_4.i686.rpm8bcd5b6b30796e3a30c75317bb75610716dc47382248f18051c2031b9d759c5fcurl-7.19.7-36.el6_4.i686.rpme59d2af29088d55d834ad9535d96f85718aa00a53ae05a25a2595f0b4ff900c3SLSA-2013:0772-1This update fixes several vulnerabilities in the MySQL database server. (CVE-2012-5614, CVE-2013-1506, CVE-2013-1521, CVE-2013-1531, CVE-2013-1532, CVE-2013-1544, CVE-2013-1548, CVE-2013-1552, CVE-2013-1555, CVE-2013-2375, CVE-2013-2378, CVE-2013-2389, CVE-2013-2391, CVE-2013-2392) These updated packages upgrade MySQL to version 5.1.69. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6mysql-bench-5.1.69-1.el6_4.i686.rpmaad9cea6c5007eda7aec2f44336d488290f4a50110326bad4606ea064a5df742mysql-libs-5.1.69-1.el6_4.i686.rpm226872b0339483aea8c60139fc3ecfac7081d99580183e53e75c537f01097a0dmysql-embedded-5.1.69-1.el6_4.i686.rpmf3f9a094a3d3d3121dec035c95ff725940b3004383405d982f64db6ca61b9c38mysql-test-5.1.69-1.el6_4.i686.rpmd29dbae492ce91352b2b655bad1607988e57b5da7ed5f23dbf8f6d2f71756622mysql-embedded-devel-5.1.69-1.el6_4.i686.rpm8e79cf40f929c7bb50a164ae1a8113c1423a1a8970309ec3faaa318e1aa88cdemysql-devel-5.1.69-1.el6_4.i686.rpm7c9a6b2845667b2693e8a81ce96a0144510bd6a222cdb3ec5ac8f8248ad1417dmysql-server-5.1.69-1.el6_4.i686.rpm5aea0ef591b5f48f4e54971b09e3c1bccbcd768b369b68858e373ecfecd0870bmysql-5.1.69-1.el6_4.i686.rpm0796c4f9ce8a5e3e5d4847cd80d6f1a965a3e5fbb6a42945b37e02afc1cb8501SLSA-2013:0815-1Cross-site scripting (XSS) flaws were found in the mod_proxy_balancer module's manager web interface. If a remote attacker could trick a user, who was logged into the manager web interface, into visiting a specially- crafted URL, it would lead to arbitrary web script execution in the context of the user's manager interface session. (CVE-2012-4558) It was found that mod_rewrite did not filter terminal escape sequences from its log file. If mod_rewrite was configured with the RewriteLog directive, a remote attacker could use specially-crafted HTTP requests to inject terminal escape sequences into the mod_rewrite log file. If a victim viewed the log file with a terminal emulator, it could result in arbitrary command execution with the privileges of that user. (CVE-2013-1862) Cross-site scripting (XSS) flaws were found in the mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp modules. An attacker could possibly use these flaws to perform XSS attacks if they were able to make the victim's browser generate an HTTP request with a specially-crafted Host header. (CVE-2012-3499) After installing the updated packages, the httpd daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6mod_ssl-2.2.15-28.sl6.i686.rpm7fbd4dbf82b895b2fe1423cb6a4768aae337f7bbe650d3966780c017c377df02httpd-tools-2.2.15-28.sl6.i686.rpme8db4b77ff89f36a364d7be4b43d9cc136a9e710c78118edf24d9d96b26a6526httpd-manual-2.2.15-28.sl6.noarch.rpm0ebe69014d4c6d260577d68367c77a4e84ca77ee4b16f009950c5b189f5c78bfhttpd-devel-2.2.15-28.sl6.i686.rpm6f31f0883628a5fd2b8c8f2672ea9d883cc48d07737805f44fff2046aa98060fhttpd-2.2.15-28.sl6.i686.rpmc6b761ac33babff0c76a30d3c5c912930db4efcb505ce3c5cf126bef6c0f3321SLSA-2013:0820-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-0801, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681) A flaw was found in the way Firefox handled Content Level Constructors. A malicious site could use this flaw to perform cross-site scripting (XSS) attacks. (CVE-2013-1670) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-devel-17.0.6-2.el6_4.i686.rpm54c0baa3cafef4635d15e22a46ed51f92dbbf04a6610dbdcb77c1f8ddbace8c2xulrunner-17.0.6-2.el6_4.i686.rpmbb2b05d69e4ec78b3f1ab455e1308d8b59a8e5d575e2c5f34aa8f669ec10b5e3firefox-17.0.6-1.el6_4.i686.rpm280ee21e2be8ce2d077221fe7a6d428f98f7804b140f99e9ef57a335bde99c9bSLSA-2013:0821-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-0801, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681) A flaw was found in the way Thunderbird handled Content Level Constructors. Malicious content could use this flaw to perform cross-site scripting (XSS) attacks. (CVE-2013-1670) Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-17.0.6-2.el6_4.i686.rpm2e6fbaac02e7d47a9ec1715396ea01475ed8c2dc03c0dd832f8e6ca76a94ad0dSLSA-2013:0827-1A buffer overflow flaw was found in Openswan. If Opportunistic Encryption were enabled ("oe=yes" in "/etc/ipsec.conf") and an RSA key configured, an attacker able to cause a system to perform a DNS lookup for an attacker- controlled domain containing malicious records (such as by sending an email that triggers a DKIM or SPF DNS record lookup) could cause Openswan's pluto IKE daemon to crash or, potentially, execute arbitrary code with root privileges. With "oe=yes" but no RSA key configured, the issue can only be triggered by attackers on the local network who can control the reverse DNS entry of the target system. Opportunistic Encryption is disabled by default. (CVE-2013-2053) After installing this update, the ipsec service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6openswan-doc-2.6.32-20.el6_4.i686.rpmeab3ff93ded6c9aa3ae88574a37acd30d125d45bc49a95580379532305eed17dopenswan-2.6.32-20.el6_4.i686.rpm763ed6fd4fd7ee8360be6ce13d5318010378c505e31de7cb1bd165a12c42bb09SLSA-2013:0830-1This update fixes the following security issue: * It was found that the Scientific Linux 6.1 kernel update (SLSA-2011:0542) introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-2094, Important) A public exploit that affects Scientific Linux 6 is available. Refer to Red Hat Knowledge Solution 373743 for further information and mitigation instructions for users who are unable to immediately apply this update. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-2.6.32-358.6.2.el6.i686.rpmb46eaa0d81c4c9da022ef85d44f6b81ea57def12405ad3028ce48340e568a12bperf-2.6.32-358.6.2.el6.i686.rpm096e998a57dab41eecf82f6884244bb1a14cfb3df37d0c183ce9b74cb083d788kernel-debug-devel-2.6.32-358.6.2.el6.i686.rpm966e6c6c084bb2ce0c8a16765cf8e25fef7fc0a2958a05f5626726e108269919python-perf-2.6.32-358.6.2.el6.i686.rpm2d7d91a110a91ed4c527e727fd4a491c5544a455d871776c69dcf5d8e283b32dkernel-doc-2.6.32-358.6.2.el6.noarch.rpmc515582454163cdb3cc94d6b75ef07cc57cbf01f61348778db4a74127889e8a3kernel-2.6.32-358.6.2.el6.i686.rpm590b432cc613fc058a0b0caa0a995b0a52b38176497dd3ca574e4c79fe16daaekernel-headers-2.6.32-358.6.2.el6.i686.rpmcfaa100858e4288ca2a9510cca192b671ca58c2d8eb1fb526c25c1ada4e1d098kernel-firmware-2.6.32-358.6.2.el6.noarch.rpmccfe63d982bf30e0cfe548d5d79772df7e01dd89100f62f8de92677b4b591a52kernel-devel-2.6.32-358.6.2.el6.i686.rpm445da69613f385de6c2a26e6af7315ecb046d3c71adb1315cab0cb6723258ac9SLSA-2013:0831-1It was found that libvirtd leaked file descriptors when listing all volumes for a particular pool. A remote attacker able to establish a read- only connection to libvirtd could use this flaw to cause libvirtd to consume all available file descriptors, preventing other users from using libvirtd services (such as starting a new guest) until libvirtd is restarted. (CVE-2013-1962) This update also fixes the following bugs: * Previously, libvirt made control group (cgroup) requests on files that it should not have. With older kernels, such nonsensical cgroup requests were ignored; however, newer kernels are stricter, resulting in libvirt logging spurious warnings and failures to the libvirtd and audit logs. The audit log failures displayed by the ausearch tool were similar to the following: root [date] - failed cgroup allow path rw /dev/kqemu With this update, libvirt no longer attempts the nonsensical cgroup actions, leaving only valid attempts in the libvirtd and audit logs (making it easier to search for real cases of failure). * Previously, libvirt used the wrong variable when constructing audit messages. This led to invalid audit messages, causing ausearch to format certain entries as having "path=(null)" instead of the correct path. This could prevent ausearch from locating events related to cgroup device ACL modifications for guests managed by libvirt. With this update, the audit messages are generated correctly, preventing loss of audit coverage. After installing the updated packages, libvirtd will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6libvirt-devel-0.10.2-18.el6_4.5.i686.rpmbfa98922fde193ce5bf681314c18ccf68056b9de949d99353479a5023c6eb7fdlibvirt-0.10.2-18.el6_4.5.i686.rpmb1d979dcf15a6b09da3b98b3c5d753858fabb8f1410b6c2ce6cacd053938e52flibvirt-client-0.10.2-18.el6_4.5.i686.rpm011384e2ad69b0479639b555ccc397d16b6c8bb17b858850a51e3351891fcc2blibvirt-python-0.10.2-18.el6_4.5.i686.rpmaded9ead0c4884a12daec3cfded90ca61310c81350252f0ac5858db5accd738bSLSA-2013:0868-1A buffer overflow flaw was found in the way HAProxy handled pipelined HTTP requests. A remote attacker could send pipelined HTTP requests that would cause HAProxy to crash or, potentially, execute arbitrary code with the privileges of the user running HAProxy. This issue only affected systems using all of the following combined configuration options: HTTP keep alive enabled, HTTP keywords in TCP inspection rules, and request appending rules. (CVE-2013-1912)moderateScientific Linux FermiScientific Linux Fermi 6haproxy-1.4.22-4.el6_4.i686.rpmd2672f08bde1fade1ea2c51c382b3fe061dc5cabde6489e53a02795b5f6f8633SLSA-2013:0869-1A flaw was found in the way the tomcat6 init script handled the tomcat6-initd.log log file. A malicious web application deployed on Tomcat could use this flaw to perform a symbolic link attack to change the ownership of an arbitrary system file to that of the tomcat user, allowing them to escalate their privileges to root. (CVE-2013-1976) Note: With this update, tomcat6-initd.log has been moved from /var/log/tomcat6/ to the /var/log/ directory. It was found that the SLSA-2013:0623 update did not correctly fix CVE-2012-5887, a weakness in the Tomcat DIGEST authentication implementation. A remote attacker could use this flaw to perform replay attacks in some circumstances. Additionally, this problem also prevented users from being able to authenticate using DIGEST authentication. (CVE-2013-2051) Tomcat must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6tomcat6-webapps-6.0.24-55.el6_4.noarch.rpm358e81e47e6db47b94eee9ff31e46384bb83e02ae0ed0414c2447f59781c0a70tomcat6-6.0.24-55.el6_4.noarch.rpm889a8369f685bedff6a4ef6648e9cd6bed515d399abffdfa80b84fd8e404c74atomcat6-admin-webapps-6.0.24-55.el6_4.noarch.rpm1de6d81467acc6b95b2788fa43aac1083e233e4ade8e41d8e7bac0e0c41d4ba6tomcat6-el-2.1-api-6.0.24-55.el6_4.noarch.rpmcab74d2a6938fee4a62682cf648c9a98c935cadf6faf665b9f8cbd8b82f81826tomcat6-javadoc-6.0.24-55.el6_4.noarch.rpm32f9ee179b30032c5a7e3eeec596f2866473879d0b1317c70460982b18b9ba32tomcat6-docs-webapp-6.0.24-55.el6_4.noarch.rpm136cc6aff023f229620ce5b9773e7bff800c94c3ea9d33ba266d45b3093df137tomcat6-lib-6.0.24-55.el6_4.noarch.rpmaf84f4716ae3d03e110563fd7999b69829e2a0fdb005bb89514b269d07c83883tomcat6-servlet-2.5-api-6.0.24-55.el6_4.noarch.rpm850d436a8314f63162798a9099c3825cc31abc585533e17088cd95c2616b8d4atomcat6-jsp-2.1-api-6.0.24-55.el6_4.noarch.rpmeb701f31f783d373407019dd5d93217b4de5dbbb22aad17375ab610aa0a46aa3SLSA-2013:0883-1It was discovered that the fix for the CVE-2013-1619 issue released via SLSA-2013:0588 introduced a regression in the way GnuTLS decrypted TLS/SSL encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to crash a server or client application that uses GnuTLS. (CVE-2013-2116) For the update to take effect, all applications linked to the GnuTLS library must be restarted.importantScientific Linux FermitrueScientific Linux Fermi 6gnutls-2.8.5-10.el6_4.2.i686.rpm473ba1327f7d86fa7d0b5c495bb0bafceecd22e560073b20631a413945961166gnutls-guile-2.8.5-10.el6_4.2.i686.rpmc1f06ff3948f774ce641c798a7b01f99e452c4bac6f7f68b14575d6df28571d4gnutls-devel-2.8.5-10.el6_4.2.i686.rpm24f0b252238a89ef850e02040237656fec01f7b2e3c861659202dc5658ab859fgnutls-utils-2.8.5-10.el6_4.2.i686.rpm95a055539b1a2e3ff1f76f91e62eb83f757450e829fb14f5953254a3a663cf9eSLSA-2013:0884-1A flaw was found in the way libtirpc decoded RPC requests. A specially- crafted RPC request could cause libtirpc to attempt to free a buffer provided by an application using the library, even when the buffer was not dynamically allocated. This could cause an application using libtirpc, such as rpcbind, to crash. (CVE-2013-1950) All running applications using libtirpc must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libtirpc-devel-0.2.1-6.el6_4.i686.rpmfa09d8680272fca09d8652b06092e2ba2d6172aa676b1af28c371d919bf9c02elibtirpc-0.2.1-6.el6_4.i686.rpm10226794e2d4798a413ded2cc54ae192449518c120dbf12f7cd7397230946761SLSA-2013:0896-1It was found that QEMU Guest Agent (the "qemu-ga" service) created certain files with world-writable permissions when run in daemon mode (the default mode). An unprivileged guest user could use this flaw to consume all free space on the partition containing the qemu-ga log file, or modify the contents of the log. When a UNIX domain socket transport was explicitly configured to be used (not the default), an unprivileged guest user could potentially use this flaw to escalate their privileges in the guest. This update requires manual action. Refer below for details. (CVE-2013-2007) This update does not change the permissions of the existing log file or the UNIX domain socket. For these to be changed, stop the qemu-ga service, and then manually remove all "group" and "other" permissions on the affected files, or remove the files. Note that after installing this update, files created by the guest-file- open QEMU Monitor Protocol (QMP) command will still continue to be created with world-writable permissions for backwards compatibility. This update also fixes the following bugs: * Previously, due to integer overflow in code calculations, the qemu-kvm utility was reporting incorrect memory size on QMP events when using the virtio balloon driver with more than 4 GB of memory. This update fixes the overflow in the code and qemu-kvm works as expected in the described scenario. * When the set_link flag is set to "off" to change the status of a network card, the status is changed to "down" on the respective guest. Previously, with certain network cards, when such a guest was restarted, the status of the network card was unexpectedly reset to "up", even though the network was unavailable. A patch has been provided to address this bug and the link status change is now preserved across restarts for all network cards. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.355.el6_4.5.i686.rpmb7847322ac9d928eb8c63c369df0d446d72251fba339aed7bee50739c180d4ceSLSA-2013:0897-1An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs (Mozilla Firefox does this), an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2013-1872) It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2013-1993) All running applications linked against Mesa must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6mesa-libGL-9.0-0.8.el6_4.3.i686.rpm261ae9fd24ff5eab5644b81e4673f605dcdd7f977108fd89f3291a8dccd3f6cfmesa-demos-9.0-0.8.el6_4.3.i686.rpm69d0e5e1f651e266c227f9b36699e8bf27ac2091c5a688836ed08104ef7d1209mesa-libOSMesa-devel-9.0-0.8.el6_4.3.i686.rpm7c556ab6dc18096edd51031521a3d5770a43f8c18188b4eae7e6feb44f1603feglx-utils-9.0-0.8.el6_4.3.i686.rpmf98fd0f23bf860270f118abd5894bad56ad4f1183d8cfe6fb96ddef9740a2a25mesa-libOSMesa-9.0-0.8.el6_4.3.i686.rpm22f0b778124897c858f31c5d5ddd18338666c0c9aa629ab461b37829cdfb5308mesa-libGL-devel-9.0-0.8.el6_4.3.i686.rpme2387cc550139e839b1219f3164ba55633021630612a6f0d92cc2c480efed63cmesa-dri-drivers-9.0-0.8.el6_4.3.i686.rpm6a75488d2758240985b3c7bb60fac5d2164ba947d0b15041c19b42f2ec0f142cmesa-libGLU-9.0-0.8.el6_4.3.i686.rpmae3bdc9720219d160e35a4580b63f1f74be9b3d92736351f7e27fabe5a1e237cmesa-dri-filesystem-9.0-0.8.el6_4.3.i686.rpm879dd7760fdaaa1dbeb57d269c054504f7ebb851ebf3f6b1e72a9c3722c2c0e5mesa-libGLU-devel-9.0-0.8.el6_4.3.i686.rpm9143d459ed0c61b305809f69ca00c1bd70246fe7e194700b1f92533cf77ea059SLSA-2013:0911-1This update fixes the following security issues: * A flaw was found in the way KVM (Kernel-based Virtual Machine) initialized a guest's registered pv_eoi (paravirtualized end-of-interrupt) indication flag when entering the guest. An unprivileged guest user could potentially use this flaw to crash the host. (CVE-2013-1935, Important) * A missing sanity check was found in the kvm_set_memory_region() function in KVM, allowing a user-space process to register memory regions pointing to the kernel address space. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2013-1943, Important) * A double free flaw was found in the Linux kernel's Virtual Ethernet Tunnel driver (veth). A remote attacker could possibly use this flaw to crash a target system. (CVE-2013-2017, Moderate) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-2.6.32-358.11.1.el6.i686.rpm7d1f6b61b754fea58b9df703df94666238a77447224fa7e47875bae2e8c82ff9kernel-2.6.32-358.11.1.el6.i686.rpme3444c185bf10a3b3b99f37943515bca1ac3868a68752205586caae8275edc44kernel-debug-devel-2.6.32-358.11.1.el6.i686.rpm802f92aa697d0f1631801aded5c27dcffd7aa78e35253138e1fe2b70e0340c32kernel-headers-2.6.32-358.11.1.el6.i686.rpm667af9a0c73e916792ff1f5fa237cd46974a5ca03fe3ba98504899f8c72c63b5kernel-devel-2.6.32-358.11.1.el6.i686.rpmdd07db871f93dcd2da5933069bb8dfb6f5e08b4af79ae36dc6aa216568a6f570perf-2.6.32-358.11.1.el6.i686.rpme20fd0d7b35e4d52f54419b5751da4820cb683760593e4e2086e73a1ff813b12kernel-firmware-2.6.32-358.11.1.el6.noarch.rpmca52f61d865ed102748d52d85a48c1ab00e5b360912c00ac36e39cb59b7f7718kernel-doc-2.6.32-358.11.1.el6.noarch.rpm5e9f5d36fcc17dfb606d2c415b105099338e52a271a2d5c5f777df81113c2758python-perf-2.6.32-358.11.1.el6.i686.rpm4e13b21bc34db8330aa92b6821ebc55a4cebd93e9bf8274f6a9b885167bda517SLSA-2013:0942-1It was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server, causing the services to keep replying packets to each other, consuming network bandwidth and CPU. (CVE-2002-2443) After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6krb5-devel-1.10.3-10.el6_4.3.i686.rpm6b94a6b94813131ae3e24971b348df0d252b8c4c4fa4c7979340dbfdb5cbe804krb5-workstation-1.10.3-10.el6_4.3.i686.rpm2fbf226242d4523144b578378fef0d0ffdb553010d3f24592e4da9a03aff64a2krb5-libs-1.10.3-10.el6_4.3.i686.rpmf3288faba8924d196f870168603948d43680de48352b80ecad8ac1463413cec8krb5-pkinit-openssl-1.10.3-10.el6_4.3.i686.rpm3cae8a1f405772a2db4979f853ce1abbec19baf8951bf1bf37af982891ddb1e1krb5-server-ldap-1.10.3-10.el6_4.3.i686.rpm025df18d7b17de5ffba680bcef8acce75e1bb79a1291e97a1f70b479a1fb06a4krb5-server-1.10.3-10.el6_4.3.i686.rpm766c1d8d82762509082796961cdbfc7b820f52fb84f50afb3097e88d8d8aab99SLSA-2013:0957-1Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469) Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application. (CVE-2013-2459) Multiple improper permission check issues were discovered in the Sound, JDBC, Libraries, JMX, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-2448, CVE-2013-2454, CVE-2013-2458, CVE-2013-2457, CVE-2013-2453, CVE-2013-2460) Multiple flaws in the Serialization, Networking, Libraries and CORBA components can be exploited by an untrusted Java application or applet to gain access to potentially sensitive information. (CVE-2013-2456, CVE-2013-2447, CVE-2013-2455, CVE-2013-2452, CVE-2013-2443, CVE-2013-2446) It was discovered that the Hotspot component did not properly handle out- of-memory errors. An untrusted Java application or applet could possibly use these flaws to terminate the Java Virtual Machine. (CVE-2013-2445) It was discovered that the AWT component did not properly manage certain resources and that the ObjectStreamClass of the Serialization component did not properly handle circular references. An untrusted Java application or applet could possibly use these flaws to cause a denial of service. (CVE-2013-2444, CVE-2013-2450) It was discovered that the Libraries component contained certain errors related to XML security and the class loader. A remote attacker could possibly exploit these flaws to bypass intended security mechanisms or disclose potentially sensitive information and cause a denial of service. (CVE-2013-2407, CVE-2013-2461) It was discovered that JConsole did not properly inform the user when establishing an SSL connection failed. An attacker could exploit this flaw to gain access to potentially sensitive information. (CVE-2013-2412) It was discovered that GnomeFileTypeDetector did not check for read permissions when accessing files. An untrusted Java application or applet could possibly use this flaw to disclose potentially sensitive information. (CVE-2013-2449) It was found that documentation generated by Javadoc was vulnerable to a frame injection attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web content being displayed next to the documentation. This could be used to perform a phishing attack by providing frame content that spoofed a login form on the site hosting the vulnerable documentation. (CVE-2013-1571) It was discovered that the 2D component created shared memory segments with insecure permissions. A local attacker could use this flaw to read or write to the shared memory segment. (CVE-2013-1500) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. After installing this update, users of icedtea-web must install SLBA-2013:0959 for icedtea-web to continue functioning. This erratum also upgrades the OpenJDK package to IcedTea7 2.3.10.criticalScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm15101c9c9e706ba72f18f0de7966846cd6f64c16f0c84f42b062ebca587549f8java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpmd15506fdd7476c60e2ad7c995729324cce413f4cad5e8637cebbc11aa18113bfjava-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm1110e5c5fbc22818f6801bb1fb14408172e051937bd61c8f3f695bcb3281b1b5java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpmc4be3f94d4f447efecfc8c54ab1a19c7e3c26e9043bd45ef2cd85a0f64fb6a64java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpmfd91ed2bfe49cc1b2cf91a3b0a7b2b7e1828f18874528992afdd0ec2455080bbSLSA-2013:0964-1A session fixation flaw was found in the Tomcat FormAuthenticator module. During a narrow window of time, if a remote attacker sent requests while a user was logging in, it could possibly result in the attacker's requests being processed as if they were sent by the user. (CVE-2013-2067) Tomcat must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6tomcat6-docs-webapp-6.0.24-57.el6_4.noarch.rpmebfa1cef054be1ba898b0cf311ec923b2e674f5375da19be9b476a6f037f884dtomcat6-servlet-2.5-api-6.0.24-57.el6_4.noarch.rpm905666a9be881c138d4f579636931fffc8d4f5bbd2697cc4c57d61c68161615etomcat6-jsp-2.1-api-6.0.24-57.el6_4.noarch.rpmbd513ecbe7ec2227189f1c4c892f22871aabcf651744981d0ed6aecc9317796atomcat6-el-2.1-api-6.0.24-57.el6_4.noarch.rpmd7c6c7de791686f4e892acddc9408d93aec162e634e36332ddda30f40e7d6c7atomcat6-javadoc-6.0.24-57.el6_4.noarch.rpme3b70e40b953a815f18285b1b6d8bb3d6f19a3dd0f9c8b9e4da3086cd35f37ddtomcat6-admin-webapps-6.0.24-57.el6_4.noarch.rpm83a827289c5c3ba3328d19a527f04413b762834426c4782f480954b9aa9dc5d5tomcat6-6.0.24-57.el6_4.noarch.rpm1d07accbe31c1ec3ab228ada0c20d52a6467b4527e551c8afa3138f02a67ea9btomcat6-lib-6.0.24-57.el6_4.noarch.rpm9cf97ad37e562a262a896ed71fce88698025f582ec413137459d65303f6f5415tomcat6-webapps-6.0.24-57.el6_4.noarch.rpmc8fc1fda5f0d51fa688dc264a252742b6d996fd99bbf8917b23da55a584a640aSLSA-2013:0981-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-1682, CVE-2013-1684, CVE-2013-1685, CVE-2013-1686, CVE-2013-1687, CVE-2013-1690) It was found that Firefox allowed data to be sent in the body of XMLHttpRequest (XHR) HEAD requests. In some cases this could allow attackers to conduct Cross-Site Request Forgery (CSRF) attacks. (CVE-2013-1692) Timing differences in the way Firefox processed SVG image files could allow an attacker to read data across domains, potentially leading to information disclosure. (CVE-2013-1693) Two flaws were found in the way Firefox implemented some of its internal structures (called wrappers). An attacker could use these flaws to bypass some restrictions placed on them. This could lead to unexpected behavior or a potentially exploitable crash. (CVE-2013-1694, CVE-2013-1697) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-17.0.7-1.el6_4.i686.rpmb2444699b065dbadb5e20aa4b1cb3b7cf5777de00aef8b63b7306d96b17bc529firefox-17.0.7-1.el6_4.i686.rpmdc853f7aaefeb41804b99fb1fafe1b3c6e56d747f19b5ec886987309377bcc3dxulrunner-devel-17.0.7-1.el6_4.i686.rpmd0e11ef2949aabb9719773562c9b2f563b2328d0224bd3f55a5a74f03dd9f9f5SLSA-2013:0982-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-1682, CVE-2013-1684, CVE-2013-1685, CVE-2013-1686, CVE-2013-1687, CVE-2013-1690) It was found that Thunderbird allowed data to be sent in the body of XMLHttpRequest (XHR) HEAD requests. In some cases this could allow attackers to conduct Cross-Site Request Forgery (CSRF) attacks. (CVE-2013-1692) Timing differences in the way Thunderbird processed SVG image files could allow an attacker to read data across domains, potentially leading to information disclosure. (CVE-2013-1693) Two flaws were found in the way Thunderbird implemented some of its internal structures (called wrappers). An attacker could use these flaws to bypass some restrictions placed on them. This could lead to unexpected behavior or a potentially exploitable crash. (CVE-2013-1694, CVE-2013-1697) Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-17.0.7-1.el6_4.i686.rpmc8f2bdc26c2715f955d54a112a6bf2624372778bf343a4d68006b1cab390e300SLSA-2013:0983-1A heap-based buffer overflow flaw was found in the way libcurl unescaped URLs. A remote attacker could provide a specially-crafted URL that, when processed by an application using libcurl that handles untrusted URLs, would possibly cause it to crash or, potentially, execute arbitrary code. (CVE-2013-2174) All running applications using libcurl must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6curl-7.19.7-37.el6_4.i686.rpme11dc5cf119146cdbde7e577f6cb43b7343b00080d595315e4e0e665d7080498libcurl-devel-7.19.7-37.el6_4.i686.rpmf87d842187159d30aa756105141fff3ed9e34e9e0e2ae7717f69822556d31c11libcurl-7.19.7-37.el6_4.i686.rpme6918049b141b8fbf1cb74201c215476595c81d2ecb15230e6a789f87271dd3aSLSA-2013:1014-1Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469) Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application. (CVE-2013-2459) Multiple improper permission check issues were discovered in the Sound and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-2448, CVE-2013-2457, CVE-2013-2453) Multiple flaws in the Serialization, Networking, Libraries and CORBA components can be exploited by an untrusted Java application or applet to gain access to potentially sensitive information. (CVE-2013-2456, CVE-2013-2447, CVE-2013-2455, CVE-2013-2452, CVE-2013-2443, CVE-2013-2446) It was discovered that the Hotspot component did not properly handle out- of-memory errors. An untrusted Java application or applet could possibly use these flaws to terminate the Java Virtual Machine. (CVE-2013-2445) It was discovered that the AWT component did not properly manage certain resources and that the ObjectStreamClass of the Serialization component did not properly handle circular references. An untrusted Java application or applet could possibly use these flaws to cause a denial of service. (CVE-2013-2444, CVE-2013-2450) It was discovered that the Libraries component contained certain errors related to XML security and the class loader. A remote attacker could possibly exploit these flaws to bypass intended security mechanisms or disclose potentially sensitive information and cause a denial of service. (CVE-2013-2407, CVE-2013-2461) It was discovered that JConsole did not properly inform the user when establishing an SSL connection failed. An attacker could exploit this flaw to gain access to potentially sensitive information. (CVE-2013-2412) It was found that documentation generated by Javadoc was vulnerable to a frame injection attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web content being displayed next to the documentation. This could be used to perform a phishing attack by providing frame content that spoofed a login form on the site hosting the vulnerable documentation. (CVE-2013-1571) It was discovered that the 2D component created shared memory segments with insecure permissions. A local attacker could use this flaw to read or write to the shared memory segment. (CVE-2013-1500) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-1.6.0.0-1.62.1.11.11.90.el6_4.i686.rpm6ba349a7e6c64fb745df9a3b4026cedc8ff46e42e69b45b07702f5d4669f82c7java-1.6.0-openjdk-src-1.6.0.0-1.62.1.11.11.90.el6_4.i686.rpm7e83454c6e6e0f1eb47d5b05ae18435646881dbbf68f77997b276e0ff3f5d2cajava-1.6.0-openjdk-devel-1.6.0.0-1.62.1.11.11.90.el6_4.i686.rpmeff524e16886b60e0e79e5fcd535e5f167e314af98b8a92d22bc71501c692996java-1.6.0-openjdk-javadoc-1.6.0.0-1.62.1.11.11.90.el6_4.i686.rpme652f8538ef9d8735e58e3c2b00386182a45834a57409d4799038aba0e9013e4java-1.6.0-openjdk-demo-1.6.0.0-1.62.1.11.11.90.el6_4.i686.rpm4b932e3ed0def7fad500fcd109a952ff1dcea9da1df9817d6c77c074d95ed49cSLSA-2013:1049-1A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially- crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-4113) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6php-imap-5.3.3-23.el6_4.i686.rpm1dd984ce955aea04520fabf0db2c745e17e31706f1a63f921e480b3051d1423ephp-tidy-5.3.3-23.el6_4.i686.rpm1e985d52d878b9212bb267ce7c771bfa38faf89a78d33633ad80a8e6205398ecphp-snmp-5.3.3-23.el6_4.i686.rpm2d1ef5dcbfbae03059b7777745789c8575c2746dfc5b64e398b7f89ded70fcf9php-ldap-5.3.3-23.el6_4.i686.rpmf4b44b6c9df4a161e44cdf69ce14973afece90669d6f09252f09764263b7f748php-dba-5.3.3-23.el6_4.i686.rpm9940cc66726d869e1aa23c2263f72abda43aaa5de93939294f462bf778208e81php-mysql-5.3.3-23.el6_4.i686.rpm431710af88a7d0611b34ad80565e25f0a2844313bee18859f57a19c41c460224php-fpm-5.3.3-23.el6_4.i686.rpm1b59f109f6aa181af8c6063503a3bd5de828834c4ba57b60d0f19f72de6f1672php-cli-5.3.3-23.el6_4.i686.rpmf0214663280ae7b0c0ede8c5366b7c58aaaf14167e2379863280365077d405e3php-embedded-5.3.3-23.el6_4.i686.rpm2e420cefb7914f0123da6e4a75329e3f37f0ebb1feb81c01eff849992d117d75php-odbc-5.3.3-23.el6_4.i686.rpmb20946194d85f741c266b0ea88bae5031089580a30216022188d134d65fd9b83php-mbstring-5.3.3-23.el6_4.i686.rpm6806a7d63fe1be942df4e382807ca2f8ea3f39b9c5a347b1cf826e7796363474php-5.3.3-23.el6_4.i686.rpm0720c0372fd4c0fe7fa57dd6cdbf14180505c7f78e67d8279521157b6d196d6cphp-recode-5.3.3-23.el6_4.i686.rpm5fb2e4f5a325857c4e97c415c507647b4c41d9da30cb629dc8770eb267fb0d09php-zts-5.3.3-23.el6_4.i686.rpm1c7bea721a1d56bb669f3da7d94bac22dbf5c63f46cfefe50e4067d80433d3f0php-soap-5.3.3-23.el6_4.i686.rpmd736b9dd28effd812716451838cd22ed3b234a609a360d6d2e7ea85138be480fphp-process-5.3.3-23.el6_4.i686.rpm80a9242e89e101f823139cf4a2ab345c4a594b31ddfcaa2c45a8947dbf1306e9php-xmlrpc-5.3.3-23.el6_4.i686.rpm0445b84c409d78e14d55a66a7b6f0d4fcadd8cd10ee2fc20305abea906b5ce43php-common-5.3.3-23.el6_4.i686.rpm7fe97546846a5d59afbbaccf3433340707aa453c00ce22786c89f3e7c52e1bc7php-pdo-5.3.3-23.el6_4.i686.rpm84743cde18246820cae2b895b4046269b5aba4891f2dfeda114920311d5022c7php-gd-5.3.3-23.el6_4.i686.rpm71019fd321f42c662a97e4458bb31d6890f96f3c5ad519677c2918d142f2e4c0php-intl-5.3.3-23.el6_4.i686.rpm4ba26922fbfc9d76a7ca9682330c204e6b4f2ca5fe7dab9d39b4a2b61c26579aphp-pspell-5.3.3-23.el6_4.i686.rpm99c7c60812e0b379cd1ba5dfe187b3b38bed374057acd237c93d1a6faab55eddphp-xml-5.3.3-23.el6_4.i686.rpmb67f8281863c1233e007a7a1c3b033c5c1ca92326fd52dde16cd7195a8e94e95php-bcmath-5.3.3-23.el6_4.i686.rpm07f7596b2ab408e70370c3517be558648bdd478344eb367f752714367b4332ebphp-enchant-5.3.3-23.el6_4.i686.rpm4ceda57975502aadf1e433403e8a56061ea37adfcc759eca65b7f6abdae7ce64php-devel-5.3.3-23.el6_4.i686.rpmbb6f4b9f92fbe2eef860f5f97b777ef2be8996f9524ef8a28292f2393e30971fphp-pgsql-5.3.3-23.el6_4.i686.rpm88fa221e7e9168b494b514050b6c5a3df8198b4939875798e3cb6736b9d36200SLSA-2013:1051-1This update fixes the following security issues: * A flaw was found in the tcp_read_sock() function in the Linux kernel's IPv4 TCP/IP protocol suite implementation in the way socket buffers (skb) were handled. A local, unprivileged user could trigger this issue via a call to splice(), leading to a denial of service. (CVE-2013-2128, Moderate) * Information leak flaws in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user-space. (CVE-2012-6548, CVE-2013-2634, CVE-2013-2635, CVE-2013-3222, CVE-2013-3224, CVE-2013-3225, Low) * An information leak was found in the Linux kernel's POSIX signals implementation. A local, unprivileged user could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2013-0914, Low) * A format string flaw was found in the ext3_msg() function in the Linux kernel's ext3 file system implementation. A local user who is able to mount an ext3 file system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1848, Low) * A format string flaw was found in the b43_do_request_fw() function in the Linux kernel's b43 driver implementation. A local user who is able to specify the "fwpostfix" b43 module parameter could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-2852, Low) * A NULL pointer dereference flaw was found in the Linux kernel's ftrace and function tracer implementations. A local user who has the CAP_SYS_ADMIN capability could use this flaw to cause a denial of service. (CVE-2013-3301, Low) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-2.6.32-358.14.1.el6.i686.rpm0c5be565dbd3aee2f909b504068ab40deca275d923bba2a82480ce02d49169c8python-perf-2.6.32-358.14.1.el6.i686.rpm30abb5b72fa8cf6bdcb2d5d08bdc40d7aa05bd0cb5f28af5ae2e98590c3bef9akernel-devel-2.6.32-358.14.1.el6.i686.rpm8bdc8045737445ceb06d9dfdedf9886feece578ffb656e5f0f25d7f32ba36019kernel-headers-2.6.32-358.14.1.el6.i686.rpm389302113c915204deda8e3ca582ebec31b16c95920ae5be3819ae90ae6978a1perf-2.6.32-358.14.1.el6.i686.rpm72b25cce1907bf098948543c70913472e8a44a9eae0bde12d8c19986f7186d6bkernel-debug-devel-2.6.32-358.14.1.el6.i686.rpmd91243ceb765b758f8c213db035d3a44434c311a247ab2e423587c5c10e5c92dkernel-firmware-2.6.32-358.14.1.el6.noarch.rpm1664959de097553b400bec56a7090b4572319b145df3a13b6c620e4efabd4d66kernel-doc-2.6.32-358.14.1.el6.noarch.rpm02058113639b7496a6625a59d03206b9bd1bdb1596e5b6c9069e7f2c07d9decbkernel-2.6.32-358.14.1.el6.i686.rpm26541158e1b27d7f0ae7d2f662b74c12320c0ae6e941f74c179130faf506c22aSLSA-2013:1090-1A flaw was found in Ruby's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to obtain a carefully-crafted certificate signed by an authority that the client trusts. (CVE-2013-4073)moderateScientific Linux FermiScientific Linux Fermi 6ruby-docs-1.8.7.352-12.el6_4.i686.rpm8f67897c0bd6448a6cbe9bfaad075c89408db8691f03f6a7f545efef47ed0b54ruby-devel-1.8.7.352-12.el6_4.i686.rpm554b717fd5f0e4d5664b8bcbb46b055584745a9d7d5b39d2b70947cf9c92427bruby-libs-1.8.7.352-12.el6_4.i686.rpma90e262d3e52fee3654dd420a8f0b5f7b7aa3cbd4a0bfe96b5669caf45dea616ruby-rdoc-1.8.7.352-12.el6_4.i686.rpmf449ae158e6193ac066c0ae4965b23040c5e53fd1a0c172ba1a2f6edad6ba733ruby-ri-1.8.7.352-12.el6_4.i686.rpm99184e04a1f3b894078571d6740fcbe0ae5bc8633167334f139e7932e091e5d5ruby-1.8.7.352-12.el6_4.i686.rpm325537aa31803157391b45a3d69fb45957fbf595c97a1f2acc66555b90e19f5cruby-tcltk-1.8.7.352-12.el6_4.i686.rpm67d3256694ed66ddefad8709019c3c9b0549f3dccb74abba7b4e946a3cd48d30ruby-static-1.8.7.352-12.el6_4.i686.rpmcd03028be98336bd876415a01019a87c0c547623296d7d6961372e12e270e0efruby-irb-1.8.7.352-12.el6_4.i686.rpm0ac95eb539848151ba628d9bb3e3f76d90446644711c5b221e38920620642ba6SLSA-2013:1100-1An unquoted search path flaw was found in the way the QEMU Guest Agent service installation was performed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges. (CVE-2013-2231) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.355.el6_4.6.i686.rpmd8648e809280ead8588bb943aa95032dae6fde6393e69badc06ff21b21c9c5adSLSA-2013:1114-1A denial of service flaw was found in BIND. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to crash when rejecting the malformed query. (CVE-2013-4854) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-devel-9.8.2-0.17.rc1.el6_4.5.i686.rpm2407d27ef8c9d62d38abe0102d664af7dfbd86a7d3134371d01c7d64519e5c2bbind-9.8.2-0.17.rc1.el6_4.5.i686.rpmb8e78b3c2be4a70ef038f73eb3312e7c3c7316747d5189ab96ddcb1393cfdc5ebind-utils-9.8.2-0.17.rc1.el6_4.5.i686.rpm1a546dd1b2574475267107bb83097b1b97d5a134d1bbda96c41be6c982d5d11abind-libs-9.8.2-0.17.rc1.el6_4.5.i686.rpm2521a76809861f0c4a721ca1b1f89670b076105885de2c9e1bde430b02088dcbbind-sdb-9.8.2-0.17.rc1.el6_4.5.i686.rpm0154c4f08f6758b5a31a73531daeb51b4aee82d1bd01b71c4f253cff2ad2347cbind-chroot-9.8.2-0.17.rc1.el6_4.5.i686.rpm39685c4d6ed87fd43c56152dedca0670f23e4c4a33e30dc7fec606c159f75abcSLSA-2013:1119-1It was discovered that the 389 Directory Server did not honor defined attribute access controls when evaluating search filter expressions. A remote attacker (with permission to query the Directory Server) could use this flaw to determine the values of restricted attributes via a series of search queries with filter conditions that used restricted attributes. (CVE-2013-2219) This update also fixes the following bugs: * Previously, the disk monitoring feature did not function properly. If logging functionality was set to critical and logging was disabled, rotated logs would be deleted. If the attribute "nsslapd-errorlog-level" was explicitly set to any value, even zero, the disk monitoring feature would not stop the Directory Server when it was supposed to. This update corrects the disk monitoring feature settings, and it no longer malfunctions in the described scenarios. * Previously, setting the "nsslapd-disk-monitoring-threshold" attribute via ldapmodify to a large value worked as expected; however, a bug in ldapsearch caused such values for the option to be displayed as negative values. This update corrects the bug in ldapsearch and correct values are now displayed. * If logging functionality was not set to critical, then the mount point for the logs directory was incorrectly skipped during the disk space check. After installing this update, the 389 server service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6389-ds-base-libs-1.2.11.15-20.el6_4.i686.rpmbb5fece45cd6c9c15b7dee628bed32405a74376f9764c5343ab644a1141dd95a389-ds-base-devel-1.2.11.15-20.el6_4.i686.rpm67068fb7e493b53ca95598da42632c7a5350dc60663e6da8fb94e4b5237e284b389-ds-base-1.2.11.15-20.el6_4.i686.rpmec2c974a4c32f71ea1184b79a0f90515ed013b55a021a4bbac03714f3d0efea7SLSA-2013:1120-1A flaw was found in the way HAProxy handled requests when the proxy's configuration ("/etc/haproxy/haproxy.cfg") had certain rules that use the hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy instances that use the affected configuration. (CVE-2013-2175)moderateScientific Linux FermiScientific Linux Fermi 6haproxy-1.4.22-5.el6_4.i686.rpmb53cf329d16c06a5d158df114944f0649685a2d2b0fe9c290c9729784f71154cSLSA-2013:1140-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-1701) A flaw was found in the way Firefox generated Certificate Request Message Format (CRMF) requests. An attacker could use this flaw to perform cross- site scripting (XSS) attacks or execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-1710) A flaw was found in the way Firefox handled the interaction between frames and browser history. An attacker could use this flaw to trick Firefox into treating malicious content as if it came from the browser history, allowing for XSS attacks. (CVE-2013-1709) It was found that the same-origin policy could be bypassed due to the way Uniform Resource Identifiers (URI) were checked in JavaScript. An attacker could use this flaw to perform XSS attacks, or install malicious add-ons from third-party pages. (CVE-2013-1713) It was found that web workers could bypass the same-origin policy. An attacker could use this flaw to perform XSS attacks. (CVE-2013-1714) It was found that, in certain circumstances, Firefox incorrectly handled Java applets. If a user launched an untrusted Java applet via Firefox, the applet could use this flaw to obtain read-only access to files on the user's local system. (CVE-2013-1717) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-devel-17.0.8-3.el6_4.i686.rpm6e0fa2cb1b711b7e14577b367e5b115913a62617dd1dc29cb6ac50ae8aebb860firefox-17.0.8-1.el6_4.i686.rpma9284b9c1b6b2aa89bd479fee05b4edbe4372763880936bd40903bfca3b41a1dxulrunner-17.0.8-3.el6_4.i686.rpm66dd8483d729ff761b5b894c04fadedfd3c5be58483e25d1f11f8fb12097b38dSLSA-2013:1142-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-1701) A flaw was found in the way Thunderbird generated Certificate Request Message Format (CRMF) requests. An attacker could use this flaw to perform cross-site scripting (XSS) attacks or execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-1710) A flaw was found in the way Thunderbird handled the interaction between frames and browser history. An attacker could use this flaw to trick Thunderbird into treating malicious content as if it came from the browser history, allowing for XSS attacks. (CVE-2013-1709) It was found that the same-origin policy could be bypassed due to the way Uniform Resource Identifiers (URI) were checked in JavaScript. An attacker could use this flaw to perform XSS attacks, or install malicious add-ons from third-party pages. (CVE-2013-1713) It was found that web workers could bypass the same-origin policy. An attacker could use this flaw to perform XSS attacks. (CVE-2013-1714) It was found that, in certain circumstances, Thunderbird incorrectly handled Java applets. If a user launched an untrusted Java applet via Thunderbird, the applet could use this flaw to obtain read-only access to files on the user's local system. (CVE-2013-1717) Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-17.0.8-5.el6_4.i686.rpm97ef0937ecae51b3f43c5c7549d55f64d1e1edfcc3a43addfba0db156d1b70adSLSA-2013:1144-1It was discovered that NSS leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2013-1620) An out-of-bounds memory read flaw was found in the way NSS decoded certain certificates. If an application using NSS decoded a malformed certificate, it could cause the application to crash. (CVE-2013-0791) This update also fixes the following bugs: * The SLBA-2013:0445 update (which upgraded NSS to version 3.14) prevented the use of certificates that have an MD5 signature. This caused problems in certain environments. With this update, certificates that have an MD5 signature are once again allowed. To prevent the use of certificates that have an MD5 signature, set the "NSS_HASH_ALG_SUPPORT" environment variable to "-MD5". * Previously, the sechash.h header file was missing, preventing certain source RPMs (such as firefox and xulrunner) from building. * A memory leak in the nssutil_ReadSecmodDB() function has been fixed. In addition, the nss package has been upgraded to upstream version 3.14.3, the nss-util package has been upgraded to upstream version 3.14.3, the nss-softokn package has been upgraded to upstream version 3.14.3, and the nspr package has been upgraded to upstream version 4.9.5. These updates provide a number of bug fixes and enhancements over the previous versions. After installing this update, applications using NSS, NSPR, nss-util, or nss-softokn must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6nss-softokn-3.14.3-3.el6_4.i686.rpm7eb4ee856bad7bd8e6f4e448f451dbe4929241c64d5196632fc6c6c25ea8d7b2nss-3.14.3-4.el6_4.i686.rpm6d06c37efdf9d420421a9cacc760055f4ad6ccbf19123eb2c716326dee7aab60nss-devel-3.14.3-4.el6_4.i686.rpm79ee71c9ce4b293e42aa8d83f85ca0be1e923b4cd9d882b2713923f32bcdc6acnss-softokn-devel-3.14.3-3.el6_4.i686.rpm808fb6054934353a6d6b022c8f2273c45ccc16b74f1989500cbd42075911f61cnss-sysinit-3.14.3-4.el6_4.i686.rpm9720b19c8d965d7e24947ab84f7e68042c675fc420494a20b19fbacc2cf91aebnss-softokn-freebl-devel-3.14.3-3.el6_4.i686.rpm041b44bf7d4d5e91ba9fa47559eaf0df7030f38d86cec4ecdca6e3d2234d0a6anss-util-devel-3.14.3-3.el6_4.i686.rpm805fa19df6193546ac76914ed42ab8688fa48fc90f6b83f5186dd368aea1a510nss-pkcs11-devel-3.14.3-4.el6_4.i686.rpm847fe6290bda1db52a0a1cb7cbb91b317f190bb004858b780fe04bf3e141534enss-softokn-freebl-3.14.3-3.el6_4.i686.rpmd5ba717a39988cf2b09cabf834250688e02e62752006075fe246d4570b6c2657nspr-4.9.5-2.el6_4.i686.rpm2e8ba1801b88533626f1143a19e7c3b67105aeb1225b70165897268e955e1cffnss-tools-3.14.3-4.el6_4.i686.rpm4539602d38f9c37dafea4c8bceda1d7e23b9ea580165789ab64f6533bde4df7bnspr-devel-4.9.5-2.el6_4.i686.rpm234209ca03f3ed035d2da87d9e68edfce55543cb6bb38f3861674358d0745a58nss-util-3.14.3-3.el6_4.i686.rpm314fde9e6c02a7f32baaae0ac51768590fa367a18247432a58da4e81feb66a71SLSA-2013:1156-1A flaw was found in the way the mod_dav module of the Apache HTTP Server handled merge requests. An attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash. (CVE-2013-1896) After installing the updated packages, the httpd daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6httpd-2.2.15-29.sl6.i686.rpmbdb558bc9f102b7e3d41d4ca28e917b3230e8665509de7b71165f6fcb6f27e61httpd-manual-2.2.15-29.sl6.noarch.rpm233122c4dd2958c9c9bbe431caa96cc6e7ab974809708981473435ff15616975httpd-tools-2.2.15-29.sl6.i686.rpm03e0114f183a29263ecd4b0029f6df499de05f8758ff8bb1b983a40c473846e4httpd-devel-2.2.15-29.sl6.i686.rpme48c2a016a41df7489a5936806b3736a5cea4382748322fddc388ff65d8d5437mod_ssl-2.2.15-29.sl6.i686.rpmc36277fd2b6de0dc0e21735c73326d90829a7a77a123e61245c2c5f349ec2765SLSA-2013:1173-1This update fixes the following security issues: * A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash. (CVE-2013-2206, Important) * It was found that the fix for CVE-2012-3552 released via SLSA-2012:1304 introduced an invalid free flaw in the Linux kernel's TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to corrupt kernel memory via crafted sendmsg() calls, allowing them to cause a denial of service or, potentially, escalate their privileges on the system. (CVE-2013-2224, Important) * A flaw was found in the Linux kernel's Performance Events implementation. On systems with certain Intel processors, a local, unprivileged user could use this flaw to cause a denial of service by leveraging the perf subsystem to write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1 model-specific registers. (CVE-2013-2146, Moderate) * An invalid pointer dereference flaw was found in the Linux kernel's TCP/IP protocol suite implementation. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system by using sendmsg() with an IPv6 socket connected to an IPv4 destination. (CVE-2013-2232, Moderate) * Information leak flaws in the Linux kernel's Bluetooth implementation could allow a local, unprivileged user to leak kernel memory to user- space. (CVE-2012-6544, Low) * An information leak flaw in the Linux kernel could allow a privileged, local user to leak kernel memory to user-space. (CVE-2013-2237, Low) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6perf-2.6.32-358.18.1.el6.i686.rpm271ad8bac5c2f277a260b89c1cd1cab8fdae501079d7566f342f16f64da12157kernel-2.6.32-358.18.1.el6.i686.rpmfdd38b856915e3896c08d60831f189ae898c48a3a6989288c142f29206538961kernel-doc-2.6.32-358.18.1.el6.noarch.rpm1e8975d11b16222b4c21f92aa5df52be55260077014a893a51708c0d2c6e449bkernel-debug-2.6.32-358.18.1.el6.i686.rpm351c0724501913245d167ff79069d229b0516497e7040a443af138b94e6b3ccekernel-firmware-2.6.32-358.18.1.el6.noarch.rpmadc3834fc9e542ba546b2cbe5c9249895a9a7dfedb16ac4a854915359a849853kernel-headers-2.6.32-358.18.1.el6.i686.rpmc5fab163506016d1af0b5a61b819d9e217a002f019e0f619247f1b6bea3a77e3kernel-debug-devel-2.6.32-358.18.1.el6.i686.rpmbbfeb0fd182440c290765eec35e215afdd059dabbe497bcb25aa9556760b3b77python-perf-2.6.32-358.18.1.el6.i686.rpm34c83a03e5a723193b2e687f0f4dff5dc3b00b7aeac5b9c7cc05dd3eb061ffd8kernel-devel-2.6.32-358.18.1.el6.i686.rpm10155f889c82e114cbd60e01eace00e85da26d2be2f59891ef2f5aaab87ecdb4SLSA-2013:1182-1It was discovered that the 389 Directory Server did not properly handle the receipt of certain MOD operations with a bogus Distinguished Name (DN). A remote, unauthenticated attacker could use this flaw to cause the 389 Directory Server to crash. (CVE-2013-4283) After installing this update, the 389 server service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6389-ds-base-1.2.11.15-22.el6_4.i686.rpmfcb0e574b24d3909f50215b1f7ccbaf19892c3fbe7bd6d7d05ab8e402191a42c389-ds-base-libs-1.2.11.15-22.el6_4.i686.rpm903c77bf07d4c1859c701f9d8e646bdd8631fa0ae397d1ca05eb6dd2754a4c38389-ds-base-devel-1.2.11.15-22.el6_4.i686.rpm7c2ae12b5000dcf86e7ac0e1f6951904c83a9535ead16caea1be5dda14df98d7SLSA-2013:1268-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-1718, CVE-2013-1722, CVE-2013-1725, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, CVE-2013-1736) A flaw was found in the way Firefox handled certain DOM JavaScript objects. An attacker could use this flaw to make JavaScript client or add- on code make incorrect, security sensitive decisions. (CVE-2013-1737) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6xulrunner-devel-17.0.9-1.el6_4.i686.rpmc9dc49c8ea33ffba201ee8eda9b9329852eed80ded1b8004ad39c251202c8dc7firefox-17.0.9-1.el6_4.i686.rpm1d019cb2e5f279802d991bd0badc0457f968d6d3ce237df5e2b31bd70e0176d8xulrunner-17.0.9-1.el6_4.i686.rpm4e0dc03c7d175dbeded20d51a7f24fe7ef0ec678c5d4b58ea6f01c0a15ad66f4SLSA-2013:1269-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-1718, CVE-2013-1722, CVE-2013-1725, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, CVE-2013-1736) A flaw was found in the way Thunderbird handled certain DOM JavaScript objects. An attacker could use this flaw to make JavaScript client or add- on code make incorrect, security sensitive decisions. (CVE-2013-1737) Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-17.0.9-1.el6_4.i686.rpm7278f4e47e02fec5fcc9ab6c929b532dd5ddb3a30e230bdd059410754e85fd6bSLSA-2013:1270-1A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges. (CVE-2013-4288) Note: Applications that invoke pkcheck with the --process option need to be modified to use the pid,pid-start-time,uid argument for that option, to allow pkcheck to check process authorization correctly. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6polkit-docs-0.96-5.el6_4.i686.rpm417d37cc962ee9dbe419fca1346a6c25ab45129c3fd8e493f7a16bfa372372d8polkit-devel-0.96-5.el6_4.i686.rpm48fd5690f33a7f5b3473825c1400546ed6dc3afbc976b125192c8a5de57003e5polkit-desktop-policy-0.96-5.el6_4.noarch.rpm98c8c7eed2c98fe1bc6a69a5fd8f58bf71c6a74b360dfb7720d65b69b05c0931polkit-0.96-5.el6_4.i686.rpme9455568af5aac65b26cc34e4fe37aff819653a51f10964203133ad6de27445cSLSA-2013:1272-1libvirt invokes the PolicyKit pkcheck utility to handle authorization. A race condition was found in the way libvirt used this utility, allowing a local user to bypass intended PolicyKit authorizations or execute arbitrary commands with root privileges. (CVE-2013-4311) Note: With this update, libvirt has been rebuilt to communicate with PolicyKit via a different API that is not vulnerable to the race condition. The polkit SLSA-2013:1270 advisory must also be installed to fix the CVE-2013-4311 issue. An invalid free flaw was found in libvirtd's remoteDispatchDomainMemoryStats function. An attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd. (CVE-2013-4296) This update also fixes the following bugs: * Prior to this update, the libvirtd daemon leaked memory in the virCgroupMoveTask() function. A fix has been provided which prevents libvirtd from incorrect management of memory allocations. * Previously, the libvirtd daemon was accessing one byte before the array in the virCgroupGetValueStr() function. This bug has been fixed and libvirtd now stays within the array bounds. * When migrating, libvirtd leaked the migration URI (Uniform Resource Identifier) on destination. A patch has been provided to fix this bug and the migration URI is now freed correctly. * Updating a network interface using virDomainUpdateDeviceFlags API failed when a boot order was set for that interface. The update failed even if the boot order was set in the provided device XML. The virDomainUpdateDeviceFlags API has been fixed to correctly parse the boot order specification from the provided device XML and updating network interfaces with boot orders now works as expected. After installing the updated packages, libvirtd will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6libvirt-devel-0.10.2-18.el6_4.14.i686.rpm0a05921784b4a1310bda20900510fcdcd6c5c70860f6a75620fbb50de7274a50libvirt-python-0.10.2-18.el6_4.14.i686.rpmb77d71bc64b81d211f1ad27f64187a84e383ae811a0dfef6bab69b022b1f5977libvirt-0.10.2-18.el6_4.14.i686.rpm82d494ffcf829fc943cf9daeefd15624ec80c52acdf7131fdc94604a11c48456libvirt-client-0.10.2-18.el6_4.14.i686.rpmea1d17adf49bfe00ccce8857d8245271594d9c0a34f41e01c3c4b2bcd8b063c6SLSA-2013:1273-1spice-gtk communicated with PolicyKit for authorization via an API that is vulnerable to a race condition. This could lead to intended PolicyKit authorizations being bypassed. This update modifies spice-gtk to communicate with PolicyKit via a different API that is not vulnerable to the race condition. (CVE-2013-4324)importantScientific Linux FermiScientific Linux Fermi 6spice-gtk-tools-0.14-7.el6_4.3.i686.rpmaebed0bc3f726b0652192aa717ba828fcf420aba8b0bdc999635605229709dc8spice-glib-0.14-7.el6_4.3.i686.rpme46d0dc9742339eb1562bea3190958f90ea12ab7d9cc54bc7c5c3a4b3c929669spice-gtk-python-0.14-7.el6_4.3.i686.rpm0f3a090ebe85001f4e57c2ff7cd2b1cfcdf7c89e66545320cc3bb26a7b4a4b49spice-gtk-devel-0.14-7.el6_4.3.i686.rpm1b5a7743f4eb7ce0e5136aed4a0eaab13771e4fda6a97e71b5d16ce1f0726c9dspice-glib-devel-0.14-7.el6_4.3.i686.rpm2a011cc43addf69891f9c0a0180e5a9e8582694c134306cda76fa358dbd2f6e8spice-gtk-0.14-7.el6_4.3.i686.rpmf11215a89627afc1f1ae74bc9f4d82be8afe4faf14f72b2717340c00bc5a3339SLSA-2013:1274-1HPLIP communicated with PolicyKit for authorization via a D-Bus API that is vulnerable to a race condition. This could lead to intended PolicyKit authorizations being bypassed. This update modifies HPLIP to communicate with PolicyKit via a different API that is not vulnerable to the race condition. (CVE-2013-4325)importantScientific Linux FermiScientific Linux Fermi 6hplip-gui-3.12.4-4.el6_4.1.i686.rpmaaa04e0153fed53cb8af4cb7f44db90bb0329576ee3d8f5023b8a5d8d42b280ehplip-libs-3.12.4-4.el6_4.1.i686.rpm5bf6dcb82e6b8a8151caa390cf3a62618fb606537f978046cc0558f4a9b7da21libsane-hpaio-3.12.4-4.el6_4.1.i686.rpmce264125b4a7474dab6fda665f836a5b3c646ebf1218df18f68fba9d7718a64dhplip-3.12.4-4.el6_4.1.i686.rpmc6051783bd80a4e1fde9d6d20da8de700e7796a8874059ad1797e8a9250e4f17hpijs-3.12.4-4.el6_4.1.i686.rpm28c421a3d85d0a73eee53803b6df96440aa8fb0ecf2ed0550511b6ce6500d3b3hplip-common-3.12.4-4.el6_4.1.i686.rpm0dfb5e3b15056f373f0c3fdd25b1c64b3fd131ebf8d795e84931af76d3326ba2SLSA-2013:1282-1It was found that RealtimeKit communicated with PolicyKit for authorization using a D-Bus API that is vulnerable to a race condition. This could have led to intended PolicyKit authorizations being bypassed. This update modifies RealtimeKit to communicate with PolicyKit via a different API that is not vulnerable to the race condition. (CVE-2013-4326)importantScientific Linux FermiScientific Linux Fermi 6rtkit-0.5-2.el6_4.i686.rpmbc05319319adce25a5969549b2a174ac488353d5b99b6a343d43299378ea3bd5SLSA-2013:1409-1It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitrary code with the privileges of the root user. (CVE-2013-4342)moderateScientific Linux FermiScientific Linux Fermi 6xinetd-2.3.14-39.el6_4.i686.rpmf49a1c048a149dc61826e6db2629b7ad3d774e33c207420c5b388160889c98ecSLSA-2013:1418-1Two heap-based buffer overflow flaws were found in the way libtar handled certain archives. If a user were tricked into expanding a specially- crafted archive, it could cause the libtar executable or an application using libtar to crash or, potentially, execute arbitrary code. (CVE-2013-4397) Note: This issue only affected 32-bit builds of libtar.moderateScientific Linux FermiScientific Linux Fermi 6libtar-devel-1.2.11-17.el6_4.1.i686.rpm5f8b39c0a2405ab4ec2fea3f696125208da556574e27d82b81c72f5341317000libtar-1.2.11-17.el6_4.1.i686.rpm3ed9aa545a34f239ed12f8af9c0c8e3ca011b2d4acf081d034ef8893c0c6d44fSLSA-2013:1426-1A use-after-free flaw was found in the way the X.Org server handled ImageText requests. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2013-4396) Users of proprietary drivers may need to reinstall the driver after applying this update. Some users have reported the inability to load X without reloading the nVidia or the ATI drivers. You can use 'yum reinstall' to easily reload drivers packaged in RPM format. RPMs for many common drivers can be found at the ELRepo Project. You can easily add the ELRepo Project's repository to your system with 'yum install yum-conf-elrepo' on SL 6 systems. Any issues with ELRepo packages should be directed to their mailing lists. After installing the update, X must be restarted for the changes to take full effect.importantScientific Linux FermitrueScientific Linux Fermi 6xorg-x11-server-Xorg-1.13.0-11.1.sl6.2.i686.rpm67cac026cfd683f91f12cb25135cd3f515149fb8910126fbb1a21d38786095e5xorg-x11-server-Xdmx-1.13.0-11.1.sl6.2.i686.rpmd52efc75c78243f2a3c12e4c78afe4dc1fab6c2dc3c0e6cd0181246e60313c5axorg-x11-server-Xvfb-1.13.0-11.1.sl6.2.i686.rpm8d4c0bed8394345e1baf5ada0510202f766f3fb13de9981835c439484b92be2cxorg-x11-server-common-1.13.0-11.1.sl6.2.i686.rpm4bc065a7ec2ba15b621ae8a83a10ed1039a435366f714bb18a684e6a439550f1xorg-x11-server-Xephyr-1.13.0-11.1.sl6.2.i686.rpm5efec46c85d7eb29cb5b810ea3f07fc02a587a09b68e865612dfa1fce3dbc39fxorg-x11-server-devel-1.13.0-11.1.sl6.2.i686.rpm0abd7d88f228b186c1cbb852ea5b0a5e15ca240bfece394ffe4e1c06c34218d5xorg-x11-server-source-1.13.0-11.1.sl6.2.noarch.rpm398e90d6c4d406eb7ad0acdd30a634dca5ab19906315901e0da3f35ab33a5509xorg-x11-server-Xnest-1.13.0-11.1.sl6.2.i686.rpm58b55cd0ff7256247353caca02870b520bc2d45a28a29de0fe9f069ac3cde4daSLSA-2013:1436-1* A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2013-4162, Moderate) * An information leak flaw was found in the way Linux kernel's device mapper subsystem, under certain conditions, interpreted data written to snapshot block devices. An attacker could use this flaw to read data from disk blocks in free space, which are normally inaccessible. (CVE-2013-4299, Moderate) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-devel-2.6.32-358.23.2.el6.i686.rpm87df61b800991a9de4da76f87eb50365decbb55eb5d615f2ad7c9ecf97619b22python-perf-2.6.32-358.23.2.el6.i686.rpm9252b26ff34c264bdcb7cee6ae0afa3f1a45a90b776602b5e989e0bccdd279cdkernel-2.6.32-358.23.2.el6.i686.rpmf27d5816575f58a34a16d6c5d71b98e15a42022d557e1a3b55eb6539600a20d8kernel-doc-2.6.32-358.23.2.el6.noarch.rpmf749a2b79323e5557d2d60a65a02e0f6e73a22c893f05ddfd594f8ee3a886bb9kernel-headers-2.6.32-358.23.2.el6.i686.rpm0dfbdc44cb351dad76955d0c50efd458b600dea245251aa7fb59de0284595144kernel-firmware-2.6.32-358.23.2.el6.noarch.rpm75b0edce918f81283f14d2dd58fe7469ffb3065ddd2c5c4525b715b239004591kernel-debug-devel-2.6.32-358.23.2.el6.i686.rpm7344491c2acc9b1b2a87b063d2aabbc8d18a64f8a3e371fecb534f0e05d3cb33kernel-debug-2.6.32-358.23.2.el6.i686.rpmb66f06b5a6532dd856857e51ff4322ac1286b2ce852f5f89f6f23e15fbedf5f8perf-2.6.32-358.23.2.el6.i686.rpm455d6062c3011853d4385501fed594ac93a8ce3856e73ea83bd88d3b2c8600b3SLSA-2013:1441-1It was found that RubyGems did not verify SSL connections. This could lead to man-in-the-middle attacks. (CVE-2012-2126) It was found that, when using RubyGems, the connection could be redirected from HTTPS to HTTP. This could lead to a user believing they are installing a gem via HTTPS, when the connection may have been silently downgraded to HTTP. (CVE-2012-2125) It was discovered that the rubygems API validated version strings using an unsafe regular expression. An application making use of this API to process a version string from an untrusted source could be vulnerable to a denial of service attack through CPU exhaustion. (CVE-2013-4287)moderateScientific Linux FermiScientific Linux Fermi 6rubygems-1.3.7-4.el6_4.noarch.rpm75021e551d8ba29205035cae2132e0d63a75c03acb857dc61f43d588efc7a86cSLSA-2013:1451-1Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine. (CVE-2013-5782) The class loader did not properly check the package access for non-public proxy classes. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2013-5830) Multiple improper permission check issues were discovered in the 2D, CORBA, JNDI, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-5829, CVE-2013-5814, CVE-2013-5817, CVE-2013-5842, CVE-2013-5850, CVE-2013-5838) Multiple input checking flaws were discovered in the JPEG image reading and writing code in the 2D component. An untrusted Java application or applet could use these flaws to corrupt the Java Virtual Machine memory and bypass Java sandbox restrictions. (CVE-2013-5809) The FEATURE_SECURE_PROCESSING setting was not properly honored by the javax.xml.transform package transformers. A remote attacker could use this flaw to supply a crafted XML that would be processed without the intended security restrictions. (CVE-2013-5802) Multiple errors were discovered in the way the JAXP and Security components processes XML inputs. A remote attacker could create a crafted XML that would cause a Java application to use an excessive amount of CPU and memory when processed. (CVE-2013-5825, CVE-2013-4002, CVE-2013-5823) Multiple improper permission check issues were discovered in the Libraries, Swing, JAX-WS, JAXP, JGSS, AWT, Beans, and Scripting components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2013-3829, CVE-2013-5840, CVE-2013-5774, CVE-2013-5783, CVE-2013-5820, CVE-2013-5851, CVE-2013-5800, CVE-2013-5849, CVE-2013-5790, CVE-2013-5784) It was discovered that the 2D component image library did not properly check bounds when performing image conversions. An untrusted Java application or applet could use this flaw to disclose portions of the Java Virtual Machine memory. (CVE-2013-5778) Multiple input sanitization flaws were discovered in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting attacks. (CVE-2013-5804, CVE-2013-5797) Various OpenJDK classes that represent cryptographic keys could leak private key information by including sensitive data in strings returned by toString() methods. These flaws could possibly lead to an unexpected exposure of sensitive key data. (CVE-2013-5780) The Java Heap Analysis Tool (jhat) failed to properly escape all data added into the HTML pages it generated. Crafted content in the memory of a Java program analyzed using jhat could possibly be used to conduct cross- site scripting attacks. (CVE-2013-5772) The Kerberos implementation in OpenJDK did not properly parse KDC responses. A malformed packet could cause a Java application using JGSS to exit. (CVE-2013-5803) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.45-2.4.3.2.el6_4.i686.rpmb6aaf0c3603f9deda328a97174c551659c3f91777775c4e39bf2bac31cace1d7java-1.7.0-openjdk-demo-1.7.0.45-2.4.3.2.el6_4.i686.rpm303d86aa77fffecbbb7c8e9d6b0d016e6e4b8e49bf0c72cfea1723fab0d2f2bejava-1.7.0-openjdk-javadoc-1.7.0.45-2.4.3.2.el6_4.noarch.rpmc1d244be81028d3f3b73b75eb2fa4111e774e96b514eceb7e3489b8068047c56java-1.7.0-openjdk-1.7.0.45-2.4.3.2.el6_4.i686.rpmb56843d0a93413225dfec712d4c8e29e37a936e0620ce65c355fc8e742d47e34java-1.7.0-openjdk-src-1.7.0.45-2.4.3.2.el6_4.i686.rpm90a74911aa124c86c7a7dd7c433990ac2c3b0ad016620b096285c2a5effaa567SLSA-2013:1452-1A denial of service flaw was found in the way Vino handled certain authenticated requests from clients that were in the deferred state. A remote attacker could use this flaw to make the vino-server process enter an infinite loop when processing those incoming requests. (CVE-2013-5745) The GNOME session must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6vino-2.28.1-9.el6_4.i686.rpm846952e79bacedf3ede1f61a278fcc9b043ea5fbe037259402c4d31b8cd5f74fSLSA-2013:1457-1It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload cache side-channel attack on the RSA secret exponent. An attacker able to execute a process on the logical CPU that shared the L3 cache with the GnuPG process (such as a different local user or a user of a KVM guest running on the same host with the kernel same-page merging functionality enabled) could possibly use this flaw to obtain portions of the RSA secret key. (CVE-2013-4242)moderateScientific Linux FermiScientific Linux Fermi 6libgcrypt-devel-1.4.5-11.el6_4.i686.rpm11e2eba8d55051cdb44ac9b1743766761fab08bd46a899826360104dd953d322libgcrypt-1.4.5-11.el6_4.i686.rpm7f209c1b9b1bac11cf5ab20db57356121d91ce8ebfdc95a04c29532be2ae9666SLSA-2013:1459-1A denial of service flaw was found in the way GnuPG parsed certain compressed OpenPGP packets. An attacker could use this flaw to send specially crafted input data to GnuPG, making GnuPG enter an infinite loop when parsing data. (CVE-2013-4402) It was found that importing a corrupted public key into a GnuPG keyring database corrupted that keyring. An attacker could use this flaw to trick a local user into importing a specially crafted public key into their keyring database, causing the keyring to be corrupted and preventing its further use. (CVE-2012-6085) It was found that GnuPG did not properly interpret the key flags in a PGP key packet. GPG could accept a key for uses not indicated by its holder. (CVE-2013-4351)moderateScientific Linux FermiScientific Linux Fermi 6gnupg2-smime-2.0.14-6.el6_4.i686.rpm45993254bb356209d4812bb2bb527d9dd79540bd25cd96b0f7289fadb1a15475gnupg2-2.0.14-6.el6_4.i686.rpm2daaac37a407617b27d7a7e8c03fa99c8be7de322ff03924d36f2298263184e0SLSA-2013:1475-1An array index error, leading to a heap-based out-of-bounds buffer read flaw, was found in the way PostgreSQL performed certain error processing using enumeration types. An unprivileged database user could issue a specially crafted SQL query that, when processed by the server component of the PostgreSQL service, would lead to a denial of service (daemon crash) or disclosure of certain portions of server memory. (CVE-2013-0255) A flaw was found in the way the pgcrypto contrib module of PostgreSQL (re)initialized its internal random number generator. This could lead to random numbers with less bits of entropy being used by certain pgcrypto functions, possibly allowing an attacker to conduct other attacks. (CVE-2013-1900) These updated packages upgrade PostgreSQL to version 8.4.18, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release-8-4-18.html After installing this update, it is advisable to rebuild, using the REINDEX command, Generalized Search Tree (GiST) indexes that meet one or more of the following conditions: - - GiST indexes on box, polygon, circle, or point columns - - GiST indexes for variable-width data types, that is text, bytea, bit, and numeric - - GiST multi-column indexes If the postgresql service is running, it will be automatically restarted after installing this update.moderateScientific Linux FermiScientific Linux Fermi 6postgresql-pltcl-8.4.18-1.el6_4.i686.rpm0961e6156d6e9bb9fd9f6a72bb98af52173e8e00a4daaf3fc549346dad37c67epostgresql-8.4.18-1.el6_4.i686.rpm08ad32bfe811d6de8b025eb395bd01da13adf5b0da3a397401dc0b612d5570a2postgresql-devel-8.4.18-1.el6_4.i686.rpm1d1c8c5b3d22b03ccb1e61c21f57eac67e908f3d3994db249618d37abc89a9a0postgresql-test-8.4.18-1.el6_4.i686.rpm553d86c141d25b9b3d93cc7453166c880091cadca9f764132a76b16f0eb57ae1postgresql-docs-8.4.18-1.el6_4.i686.rpmdbd9c533756e46e7ffd20ccf0c87c520d68df60ad508c098b129ffc5d847ea3epostgresql-contrib-8.4.18-1.el6_4.i686.rpmf7e158ca355c5c883772b9ff0f6ac5bf4c911e467e0342a513c5e10c490821d1postgresql-plperl-8.4.18-1.el6_4.i686.rpmcac69bf93c134127485b6edd3550ec76d2febe3da81db545699a04dd7507e964postgresql-libs-8.4.18-1.el6_4.i686.rpm24053e45f33cb27a13fefd75328eef78902175669fd555b19202ddc837ae380bpostgresql-plpython-8.4.18-1.el6_4.i686.rpm86dd72819737cbea6ec33f1af23a0d29f94ac74078d277cd6382f5b01039f198postgresql-server-8.4.18-1.el6_4.i686.rpm419219783c3b9aee8fa7d0c8909dd1ebd38a176978596f3d090fc8d3deb2abf8SLSA-2013:1476-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to terminate unexpectedly or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-5590, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602) It was found that the Firefox JavaScript engine incorrectly allocated memory for certain functions. An attacker could combine this flaw with other vulnerabilities to execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-5595) A flaw was found in the way Firefox handled certain Extensible Stylesheet Language Transformations (XSLT) files. An attacker could combine this flaw with other vulnerabilities to execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-5604) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-17.0.10-1.el6_4.i686.rpmc26b71d522b1bb27f273f6b48ea57bb903e254f8666a4900cda01f296ba477b5xulrunner-devel-17.0.10-1.el6_4.i686.rpm8222ab8efcbc7124ca11dd2d5c2d4612395a03901c8ff44d049f50699107d269xulrunner-17.0.10-1.el6_4.i686.rpm4556f2c59270e089f8adbe7658630636bee5cd5abc8dd43f085ac07949a836d9SLSA-2013:1480-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-5590, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602) It was found that the Thunderbird JavaScript engine incorrectly allocated memory for certain functions. An attacker could combine this flaw with other vulnerabilities to execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-5595) A flaw was found in the way Thunderbird handled certain Extensible Stylesheet Language Transformations (XSLT) files. An attacker could combine this flaw with other vulnerabilities to execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-5604) Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-17.0.10-1.el6_4.i686.rpma835c50c554806d8ac8005391b22451e307c0225600ad3d54dfa023a04932228SLSA-2013:1500-1It was discovered that gc's implementation of the malloc() and calloc() routines did not properly perform parameter sanitization when allocating memory. If an application using gc did not implement application-level validity checks for the malloc() and calloc() routines, a remote attacker could provide specially crafted application-specific input, which, when processed by the application, could lead to an application crash or, potentially, arbitrary code execution with the privileges of the user running the application. (CVE-2012-2673) Applications using gc must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6gc-devel-7.1-12.el6_4.i686.rpm5cc3fe7504019145e555eb0ca8a7c0e732543c04dd1f57b0a0f9ceefb9985395gc-7.1-12.el6_4.i686.rpm2a89c0438c561cf0371ac04d0d6b24e8c3868c976325b9d37889a708a9d823c4SLSA-2013:1505-1Multiple input checking flaws were found in the 2D component native image parsing code. A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine. (CVE-2013-5782) The class loader did not properly check the package access for non-public proxy classes. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2013-5830) Multiple improper permission check issues were discovered in the 2D, CORBA, JNDI, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-5829, CVE-2013-5814, CVE-2013-5817, CVE-2013-5842, CVE-2013-5850) Multiple input checking flaws were discovered in the JPEG image reading and writing code in the 2D component. An untrusted Java application or applet could use these flaws to corrupt the Java Virtual Machine memory and bypass Java sandbox restrictions. (CVE-2013-5809) The FEATURE_SECURE_PROCESSING setting was not properly honored by the javax.xml.transform package transformers. A remote attacker could use this flaw to supply a crafted XML that would be processed without the intended security restrictions. (CVE-2013-5802) Multiple errors were discovered in the way the JAXP and Security components processes XML inputs. A remote attacker could create a crafted XML that would cause a Java application to use an excessive amount of CPU and memory when processed. (CVE-2013-5825, CVE-2013-4002, CVE-2013-5823) Multiple improper permission check issues were discovered in the Libraries, Swing, JAX-WS, JGSS, AWT, Beans, and Scripting components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2013-3829, CVE-2013-5840, CVE-2013-5774, CVE-2013-5783, CVE-2013-5820, CVE-2013-5849, CVE-2013-5790, CVE-2013-5784) It was discovered that the 2D component image library did not properly check bounds when performing image conversions. An untrusted Java application or applet could use this flaw to disclose portions of the Java Virtual Machine memory. (CVE-2013-5778) Multiple input sanitization flaws were discovered in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting attacks. (CVE-2013-5804, CVE-2013-5797) Various OpenJDK classes that represent cryptographic keys could leak private key information by including sensitive data in strings returned by toString() methods. These flaws could possibly lead to an unexpected exposure of sensitive key data. (CVE-2013-5780) The Java Heap Analysis Tool (jhat) failed to properly escape all data added into the HTML pages it generated. Crafted content in the memory of a Java program analyzed using jhat could possibly be used to conduct cross- site scripting attacks. (CVE-2013-5772) The Kerberos implementation in OpenJDK did not properly parse KDC responses. A malformed packet could cause a Java application using JGSS to exit. (CVE-2013-5803) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-demo-1.6.0.0-1.65.1.11.14.el6_4.i686.rpmd282c232951a467d8ba3e0224ac58543d9049aeee892a3862f8d52c383602e92java-1.6.0-openjdk-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm875d0af6d0e83086e9b68e22bcb67b0e197c3287f62b666e117546c7efaf27e9java-1.6.0-openjdk-devel-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm10989c2713078d12687c8419e212d5525d4b135fdd84188f0bffd703d90ca1a4java-1.6.0-openjdk-javadoc-1.6.0.0-1.65.1.11.14.el6_4.i686.rpm6a88ab342df14686d4ffcfddab81888fd8a07fd79ea52705467e90808d6aef11java-1.6.0-openjdk-src-1.6.0.0-1.65.1.11.14.el6_4.i686.rpmc1ca029ba3355c6bfa68413dd5162dce41e27aee063e28a597ce337430fac017SLSA-2013:1537-2Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user (for example, an application running as root that is updating files in a directory owned by a non-root service user) could have been tricked into overwriting arbitrary files or leaking information via a symbolic link or mount point attack. (CVE-2012-0786, CVE-2012-0787) The augeas package has been upgraded to upstream version 1.0.0, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * Previously, when single quotes were used in an XML attribute, Augeas was unable to parse the file with the XML lens. An upstream patch has been provided ensuring that single quotes are handled as valid characters and parsing no longer fails. * Prior to this update, Augeas was unable to set up the "require_ssl_reuse" option in the vsftpd.conf file. The updated patch fixes the vsftpd lens to properly recognize this option, thus fixing this bug. * Previously, the XML lens did not support non-Unix line endings. Consequently, Augeas was unable to load any files containing such line endings. The XML lens has been fixed to handle files with CRLF line endings, thus fixing this bug. * Previously, Augeas was unable to parse modprobe.conf files with spaces around "=" characters in option directives. The modprobe lens has been updated and parsing no longer fails.lowScientific Linux FermiScientific Linux Fermi 6augeas-1.0.0-5.el6.i686.rpm132dad208ea0ed5fe7fd7550e096f6e669f91135a375cff885be307a9350f628augeas-libs-1.0.0-5.el6.i686.rpmb3488e1dd4caf0d512a1b1e08896737e673cc4c2beb7271e818789cbc8b2fc81augeas-devel-1.0.0-5.el6.i686.rpm0c3e66f06c12f70620ab04ffb15545388c44aa9c0df30b9897a2092e686e67e2SLSA-2013:1540-2A flaw was found in the way Evolution selected GnuPG public keys when encrypting emails. This could result in emails being encrypted with public keys other than the one belonging to the intended recipient. (CVE-2013-4166) The Evolution packages have been upgraded to upstream version 2.32.3, which provides a number of bug fixes and enhancements over the previous version. These changes include implementation of Gnome XDG Config Folders, and support for Exchange Web Services (EWS) protocol to connect to Microsoft Exchange servers. EWS support has been added as a part of the evolution-exchange packages. The gtkhtml3 packages have been upgraded to upstream version 2.32.2, which provides a number of bug fixes and enhancements over the previous version. The libgdata packages have been upgraded to upstream version 0.6.4, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bug: * The Exchange Calendar could not fetch the "Free" and "Busy" information for meeting attendees when using Microsoft Exchange 2010 servers, and this information thus could not be displayed. This happened because Microsoft Exchange 2010 servers use more strict rules for "Free" and "Busy" information fetching. With this update, the respective code in the openchange packages has been modified so the "Free" and "Busy" information fetching now complies with the fetching rules on Microsoft Exchange 2010 servers. The "Free" and "Busy" information can now be displayed as expected in the Exchange Calendar. All running instances of Evolution must be restarted for this update to take effect.lowScientific Linux FermitrueScientific Linux Fermi 6totem-mozplugin-2.28.6-4.el6.i686.rpm9e39c1a2faf197bb534426df7d74102289a3d589d84561dde097d0f9c0971e6apidgin-2.7.9-11.el6.i686.rpm68c6a7a41db24e5f68016c21b2e598264c07557135a2350a3932e3ec9f34181acontrol-center-filesystem-2.28.1-39.el6.i686.rpm162d5f271f80d1f0861fd61d3415e8dcc4df52129d1b81c0c56b5c64ae442be3planner-devel-0.14.4-10.el6.i686.rpm877cae2eb2100e361b6f11ab0ef7b8183ed841779d6c1af7117d3c501c5ab200gnome-python2-totem-2.28.0-5.el6.i686.rpm02919affe830a932081a41c8dccade4d4b5a8650b532b648253ba65f502ad480evolution-data-server-2.32.3-18.el6.i686.rpmacd41e23d5baeb09eddd89e04c8e8e92ed3921731217227e8a842a8785ab66c8libgdata-devel-0.6.4-2.el6.i686.rpm9aaa095d87336be56544c873301d2cb8eb0b5d674b8a69e9c7e2049d79f4a263gnome-python2-evolution-2.28.0-5.el6.i686.rpm76ec84af0fe8d64ef32a7ccb859fa12797bf0dfa183689119a574aed557f9220totem-upnp-2.28.6-4.el6.i686.rpmdbff852335d42641634060410f35791fd77c6e20831a6f0b9d47b0eba875d349evolution-spamassassin-2.32.3-30.el6.i686.rpm04621b7b20c26c1088a8f1bb412637dc286060c325aa413c997b1d882db3f666finch-2.7.9-11.el6.i686.rpm089ff3febab2152718255bdd9534b9a9a95a4cbc6ea9a3d99ab3ae929d00ef7dcontrol-center-devel-2.28.1-39.el6.i686.rpm744eb3a49ca7a36ba0ee39f25fc8702ca320c17ba56cb854eb52b6188bc171e5libgdata-0.6.4-2.el6.i686.rpm1a9670389246a490251768aac40eb53a0382eba469d1039a43d954bffa06dd2flibpurple-tcl-2.7.9-11.el6.i686.rpma001f73b49e1cdd27f1fa441d90ec6932ada8b1c5e147e87acaa089af42e6775evolution-mapi-devel-0.32.2-12.el6.i686.rpm5688f3fab575f73023f717ba7b52bd824f4e6d9233a37003fa4be97f42cf1d4eopenchange-1.0-6.el6.i686.rpm98dbabd6a34b1a3cb564613a6e60bc39228676ebfcdc2cf7d8d30c779553adaaopenchange-client-1.0-6.el6.i686.rpm754aad7f299d9fa0c23891a6edb91a93fba0652200f6372d53f5330bc5b1bac3evolution-data-server-doc-2.32.3-18.el6.noarch.rpma36ecdd3fceb912f82789a490ee0835718ad114eb65210c57eb8dce1bba476f4ekiga-3.2.6-4.el6.i686.rpm4b3b6099b66d4a4f9bfe81ef09e976e948d20d05774661c6d691b43793b2c5baevolution-perl-2.32.3-30.el6.i686.rpme47395debac5429af4f88075063ebae83eebb19ec29299117ea4359404a863c2control-center-extra-2.28.1-39.el6.i686.rpm7ac128b7b44d605ac9a687ac1efc9010ac13a6f61434f3ebb8e22c1db52db478gnome-panel-devel-2.30.2-15.el6.i686.rpmbeeeff38708ce09b067a72d6af57da1cba8ecd760fa68bc9edba4c2b17a14198nautilus-sendto-2.28.2-4.el6.i686.rpmd470443fa237d70fec4ff514c3358b90861c56856581dfd05ca59411e6892fb8gnome-python2-bugbuddy-2.28.0-5.el6.i686.rpmff67288299c3d92670a5fec2d804fd33715b0996fb93b478db8f835bf6412245nautilus-sendto-devel-2.28.2-4.el6.i686.rpmda245344dda1df784725a2b5f8145dbf43fdfdbed97d9523eccf040c5865895cevolution-2.32.3-30.el6.i686.rpm05bad3e025e255f7bd01f34be433e4bebc2b953a00e2adfab4e5f9564cf0dcfaevolution-data-server-devel-2.32.3-18.el6.i686.rpmcbd0fb92b7fa6367897169792b943735b8b8aee8b827acc9929a958b9fc9b67flibpurple-devel-2.7.9-11.el6.i686.rpmd7ccd81ad99bd11a899d8e9bc068d7e2bc2968cab47a2cba9fdf87634d347a09totem-youtube-2.28.6-4.el6.i686.rpm2d2861e68e011a64b90e6499e1701a93f9e3ef1f46da5d5a103ae75f7b5dedb5totem-nautilus-2.28.6-4.el6.i686.rpm6fc22725709bf635a2546272d03a11accd3681f8735a98ceb9247de4e8220075planner-0.14.4-10.el6.i686.rpmd8c9538aec977698e69d726bff51c60405db8a9cfed37742594d235f7b25f8efopenchange-devel-docs-1.0-6.el6.i686.rpm4d9c0e95180bfd08346706198ed87a601addcf14da5d1caa339965af53216482planner-eds-0.14.4-10.el6.i686.rpmcb5a5035042d1aa7f44c19047612fc4ed5d4b0e136870cc5602cc65ef34d7b43gnome-python2-evince-2.28.0-5.el6.i686.rpm07812ec10162e66f9eaec87528b99fa9b2e458a261ef46fd1e4884b21fec476dgnome-python2-gnomekeyring-2.28.0-5.el6.i686.rpm3215a84500219ca68a093e91571ea476d4a10d7250e249255baf53fd76527310gnome-panel-libs-2.30.2-15.el6.i686.rpm62ef4a145bc5246a1d0a76911e362d348e742da024e4622a37a304074ffee66fpidgin-devel-2.7.9-11.el6.i686.rpm07a84d0fe167763319d2221630993ee95a50dcacd36ea5a2df385b0c0b887828control-center-2.28.1-39.el6.i686.rpm3f7e082e3ddb7027d5c61a0563f540cfedc0dcca5b9c2eafedbc69a90d5f4935gnome-python2-applet-2.28.0-5.el6.i686.rpm533921aa217893ae2cf1f601d2945efb43ae94dd2dc2a53deff6463057166afdgnome-python2-brasero-2.28.0-5.el6.i686.rpmaf944791698431d2bba87c4e9fad1e9c2cb3aff5a77947092a996200d368cea9gnome-python2-rsvg-2.28.0-5.el6.i686.rpmc8713f84617b3b52f47895f589bb3fffcb720e103fa1d836e230914776a6f7b1totem-2.28.6-4.el6.i686.rpm89641b711f33eb8bac6fe0748d98f34d0012550be1052770abac75802a1cdbf9evolution-help-2.32.3-30.el6.noarch.rpmcbfae2b206112156d75c4629f25887463140b2e243b2408c1336910c7eda96a7evolution-pst-2.32.3-30.el6.i686.rpm4ce3a948be0125a8743caae1692f6b52debef203d345e10e3d0a622e73aaae83gnome-python2-libgtop2-2.28.0-5.el6.i686.rpmd1ad018ab07c647974886b7e7fc6b7004e942ea9bef5d7e8749d513e91c6baf2totem-jamendo-2.28.6-4.el6.i686.rpmcde10d4852c8fd0ff00aafa746f072b648171574ea0e765338beb94a7f103a4fevolution-devel-docs-2.32.3-30.el6.noarch.rpmdf9169873a32daca6725502c8c23317d376a96579e2245ecc5fd3447dcc17490libpurple-perl-2.7.9-11.el6.i686.rpm7e1aa02a3848ca49b1922e0d13c76993b5ade7bde91ebe32c6cbc31cbf3b42eeopenchange-devel-1.0-6.el6.i686.rpm206e7cb20c6148214abe49232388e3a555b4763b191401eca398308538d9f3b2gnome-python2-gnomeprint-2.28.0-5.el6.i686.rpm7706a9336673a5825e4ba5203f1ae4f55619bfb04bb2cd8bfa488b5417f7078epidgin-perl-2.7.9-11.el6.i686.rpm3de912112ced0239bb32a02683e664f79fff9a130f73cdc395289c2e76365264gnome-python2-gnomedesktop-2.28.0-5.el6.i686.rpm09a41420202a1a5a3a8eec435414827086b61e17a48d395916ba8cfcf90f9823evolution-exchange-2.32.3-16.el6.i686.rpm768b30062c87e41ba613c2b26cb079240a6a4e2e3286a4a300b2658353399390gnome-python2-metacity-2.28.0-5.el6.i686.rpm242d983907f4a0fa1b1d4c23b518c9dff337e78f1950e7dbe6117830950e8c05gnome-python2-desktop-2.28.0-5.el6.i686.rpmda1abcb93edff91cfac30e21fce1f5412f78ff50158c5348fd0ada8455f43496pidgin-docs-2.7.9-11.el6.i686.rpm5bcb86f8c05ddd9843aa89cf0bdaa4b4d7000c5bdf1ff11d2112d65a5c55d985totem-devel-2.28.6-4.el6.i686.rpmc3b067f2602e544823ca0cd4b93fa020107eb26ab18f99a837e5593058f61d57libpurple-2.7.9-11.el6.i686.rpmec7d22d40f389d72345d028359e722f02993018917475025ae49714358a0718fgnome-python2-gtksourceview-2.28.0-5.el6.i686.rpma70039a7363128d46ed0b596b32057e86d32ce556ca8e34cbac11301521e58ebgtkhtml3-3.32.2-2.el6.i686.rpm47caf118078d03674ee40fdb2f411e7ec433a8c4aff767fb562936d82d6b3c6bgnome-python2-libwnck-2.28.0-5.el6.i686.rpm71a9b6a7d886935132a0900e30efc74b67bea551f5f05a9c61e96a2d0fec69e3gtkhtml3-devel-3.32.2-2.el6.i686.rpmb4f71a342b1dcefc9cb3b7cc1789c4f9498d68132d1d8409bf1071eb442e26c2evolution-mapi-0.32.2-12.el6.i686.rpm19ade8039bdc39ea538cc3675207bfbe5931de346028bb5c9c30636bf98efdaeevolution-devel-2.32.3-30.el6.i686.rpm57058022a737c2c1006da1797e47ea58abe94c4755c939e033b84d4a83767f48finch-devel-2.7.9-11.el6.i686.rpmc42e8459f858940ed92d28e037165ff2457d50462d924d400c12b2ff831907d5cheese-2.28.1-8.el6.i686.rpm335b51aae221f03e3f62a51b1af482d451f03002742f809f54ca5fc25b4d97c3gnome-panel-2.30.2-15.el6.i686.rpmac22a28c8cbdd435d5bb3bcda560882f6d84b5a39b2f67117a2874a5e439456fSLSA-2013:1542-2It was discovered that the Samba Web Administration Tool (SWAT) did not protect against being opened in a web page frame. A remote attacker could possibly use this flaw to conduct a clickjacking attack against SWAT users or users with an active SWAT session. (CVE-2013-0213) A flaw was found in the Cross-Site Request Forgery (CSRF) protection mechanism implemented in SWAT. An attacker with the knowledge of a victim's password could use this flaw to bypass CSRF protections and conduct a CSRF attack against the victim SWAT user. (CVE-2013-0214) An integer overflow flaw was found in the way Samba handled an Extended Attribute (EA) list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. (CVE-2013-4124) Note: This issue did not affect the default configuration of the Samba server. After installing this update, the smb service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6samba-common-3.6.9-164.el6.i686.rpmac16a0b57a0b2854ead99af8b8623781ff68bd3522a4441cae5bfa65006270a3samba-winbind-3.6.9-164.el6.i686.rpm3a1649f06275b91a3710994079f078e1846cfed096093ec779f672f648e528afsamba-winbind-devel-3.6.9-164.el6.i686.rpmadffe4737217fef7905c1dae70d7f2be1123a514112f67d52651ea34e27027ecsamba-domainjoin-gui-3.6.9-164.el6.i686.rpmea0def6fbda36b5770e39b25d522287f6ce8aa82fa3714e232ac0a620e60b11bsamba-doc-3.6.9-164.el6.i686.rpm306085e04783161b4dc8f947aab47d15311874f92b96d7b83632d0d77758d267samba-3.6.9-164.el6.i686.rpm16f377ac2ea0bb29926a27a0a7588614eb3737bdb59f27d21a8dcca1aca514ecsamba-client-3.6.9-164.el6.i686.rpm375b17e059b372389edfd7907a287c8e64d4a72ee9af9e59fc65e90cd1203896libsmbclient-3.6.9-164.el6.i686.rpm28101079320efb0be114bd6af458e452629dcc0b371a257fab800e17c65c41a4libsmbclient-devel-3.6.9-164.el6.i686.rpm766c147893e2136711133b9a53451c6adb61e99b6a7dedd7b962f166958440a2samba-winbind-clients-3.6.9-164.el6.i686.rpm791608559e50d5fc8c101fb33e06154b2f10c073b8b7fb1d56dbb2e0d8ba6cb6samba-swat-3.6.9-164.el6.i686.rpm38e58548f1172d8095f1724a42658d2acadb4f39fd712834cfd58235bc7d5b56samba-winbind-krb5-locator-3.6.9-164.el6.i686.rpm8d4f898cbaa2a4b3d74d482c8264828887c5468d8c733a47f31cad1043cc3185SLSA-2013:1543-2An integer overflow flaw was found in the way Samba handled an Extended Attribute (EA) list provided by a client. A malicious client could send a specially crafted EA list that triggered an overflow, causing the server to loop and reprocess the list using an excessive amount of memory. (CVE-2013-4124) Note: This issue did not affect the default configuration of the Samba server. This update fixes the following bugs: * When Samba was installed in the build root directory, the RPM target might not have existed. Consequently, the find-debuginfo.sh script did not create symbolic links for the libwbclient.so.debug module associated with the target. With this update, the paths to the symbolic links are relative so that the symbolic links are now created correctly. * Previously, the samba4 packages were missing a dependency for the libreplace.so module which could lead to installation failures. With this update, the missing dependency has been added to the dependency list of the samba4 packages and installation now proceeds as expected.moderateScientific Linux FermiScientific Linux Fermi 6samba4-swat-4.0.0-58.el6.rc4.i686.rpm3c00847ed55d7f9bfc3a6fe8da49082ba2b30cb28189033905b5150f97369449samba4-test-4.0.0-58.el6.rc4.i686.rpmbaed05ca6cd4025004015554c81f2c81c6fd35d48d360d184849490b722bdbb5samba4-dc-libs-4.0.0-58.el6.rc4.i686.rpm74e46ae24b4ad691ff4f64acfa8055326d184d484191246f9430dca93372a84dsamba4-pidl-4.0.0-58.el6.rc4.i686.rpm963046be135369a498b952d5337f50433fdde2000db26a6cb8b5412134f4fbd2samba4-4.0.0-58.el6.rc4.i686.rpm8bd6f32d99dcdee0209aa5e3ff98332f573239ceb6239ec43e3958ab54b1960bsamba4-winbind-clients-4.0.0-58.el6.rc4.i686.rpmf0efa2ceb040cb8946d54b0f2437d910d34c20aad9ae90808209d1ff4b88726bsamba4-devel-4.0.0-58.el6.rc4.i686.rpmc6b77b740292a46df25a1d02572bb6ced9e8cabdc77e312dad0834f6efb0ac98samba4-python-4.0.0-58.el6.rc4.i686.rpmde441e3656cd564cd104c2d00b468edf24a8e7c7e92de5013da795154331cd15samba4-client-4.0.0-58.el6.rc4.i686.rpm7481b18a216becb686ff13b556553f0e8bc472fce1ced3dc2c38d52b22b1c14bsamba4-common-4.0.0-58.el6.rc4.i686.rpm4f5278b9fedfa42cbc17fbaee91560ac6a5743c259d66fb07e98b5c8ff589100samba4-winbind-4.0.0-58.el6.rc4.i686.rpm49f261a207a4011eaa83c580972f67d0dedbd8d9e31d4d8ab54058a9cbf2523asamba4-dc-4.0.0-58.el6.rc4.i686.rpme0ae80eb101777a7061b04183d3b8e912314b4b4246966f52d610c6752f75427samba4-winbind-krb5-locator-4.0.0-58.el6.rc4.i686.rpmd2230a89f6cd1ea551ad47bdb3e1976f63ac775084fc46cf25d5e363d0232894samba4-libs-4.0.0-58.el6.rc4.i686.rpm32118e33ebd6d75c4ebf88b14977c271a9af84963e59b3915bffa50bc194faceSLSA-2013:1553-2A buffer overflow flaw was found in the way QEMU processed the SCSI "REPORT LUNS" command when more than 256 LUNs were specified for a single SCSI target. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4344) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.415.el6.i686.rpm9c04c2ac86da5bf7c270c3ab92f38e84dfc1f0b459cee935cfc03294564be6e3SLSA-2013:1569-2Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2013-3559, CVE-2013-4083) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2012-2392, CVE-2012-3825, CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-5595, CVE-2012-5597, CVE-2012-5598, CVE-2012-5599, CVE-2012-5600, CVE-2012-6056, CVE-2012-6059, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062, CVE-2013-3557, CVE-2013-3561, CVE-2013-4081, CVE-2013-4927, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935, CVE-2013-4936, CVE-2013-5721) The wireshark packages have been upgraded to upstream version 1.8.10, which provides a number of bug fixes and enhancements over the previous versions. For more information on the bugs fixed, enhancements included, and supported protocols introduced, refer to the Wireshark Release Notes. This update also fixes the following bugs: * Previously, Wireshark did not parse the RECLAIM-COMPLETE opcode when inspecting traffic generated by NFSv4.1. A patch has been provided to enable the parsing of the RECLAIM_COMPLETE opcode, and Wireshark is now able to properly dissect and handle NFSv4.1 traffic. * Prior to this update, frame arrival times in a text file were reported one hour ahead from the timestamps in the packet capture file. This resulted in various failures being reported by the dfilter-test.py test suite. To fix this bug, frame arrival timestamps have been shifted by one hour, thus fixing this bug. * The "tshark -D" command returned output to STDERR instead of STDOUT, which could break scripts that are parsing the "tshark -D" output. This bug has been fixed, and the "tshark -D" command now writes output data to a correct standard stream. * Due to an array overrun, Wireshark could experience undefined program behavior or could unexpectedly terminate. With this update, proper array handling ensures Wireshark no longer crashes in the described scenario. * Previously, the dftest and randpkt command line utilities lacked manual pages. This update adds proper manual pages for both utilities. In addition, this update adds the following enhancements: * With this update, Wireshark is able to properly dissect and handle InfiniBand and GlusterFS traffic. All running instances of Wireshark must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6wireshark-1.8.10-4.el6.i686.rpm0321e358c0a24c47f41ae4bdb5929de7bfec7ea3a68e5b69d39ff0317f6be8a8wireshark-gnome-1.8.10-4.el6.i686.rpm0c588cc06c59811355574fa67718dd3557d72a41a5465a10eda8ed8f872a7cf8wireshark-devel-1.8.10-4.el6.i686.rpm5082fae1376aab58794d82791e44254d0478f4e7d74916a8e2361409345c5b3fSLSA-2013:1582-2A flaw was found in the way the Python SSL module handled X.509 certificate fields that contain a NULL byte. An attacker could potentially exploit this flaw to conduct man-in-the-middle attacks to spoof SSL servers. Note that to exploit this issue, an attacker would need to obtain a carefully crafted certificate signed by an authority that the client trusts. (CVE-2013-4238)moderateScientific Linux FermiScientific Linux Fermi 6tkinter-2.6.6-51.el6.i686.rpmd465d196a8fb2cea69280725a2c08a17e2862af757e6f9811e17deb3ddefba76python-2.6.6-51.el6.i686.rpme22dc417125a3b6e8bd97d8f6cc50e93361ae99694ad5cad30e7f46a5112be66python-devel-2.6.6-51.el6.i686.rpme085b80731635e3d8b3ef702c64c19d3699623cca5da7e4b7afefc1f5ef1f5ffpython-tools-2.6.6-51.el6.i686.rpmc76a9ae5c18a7bbfff17651ffb0d6a8f6960e7796e687ff2c5a7b075fdd87cd2python-test-2.6.6-51.el6.i686.rpm0d4134b2a64291c4b303f9a881b4082a9285131c873788a5fa5a2e5e4194b8f6python-libs-2.6.6-51.el6.i686.rpm89e86d5896492a1366605960225174c0577dac1a1ceb404406d69787c3098eafSLSA-2013:1591-2The default OpenSSH configuration made it easy for remote attackers to exhaust unauthorized connection slots and prevent other users from being able to log in to a system. This flaw has been addressed by enabling random early connection drops by setting MaxStartups to 10:30:100 by default. For more information, refer to the sshd_config(5) man page. (CVE-2010-5107)lowScientific Linux FermiScientific Linux Fermi 6openssh-askpass-5.3p1-94.el6.i686.rpm3b7a7d08704eddadd2fa22128f8beac6a48bf0769bb9b30b0235e76883bdb1ecopenssh-ldap-5.3p1-94.el6.i686.rpm76c4fe1c7b95dfb055664b1d6cdc56815b4b69fb15d419eb061fd555cfc53ca8pam_ssh_agent_auth-0.9.3-94.el6.i686.rpm1cae430d80d26fff40a412153e60b6f39462c5937485870fa416c937e99266e8openssh-server-5.3p1-94.el6.i686.rpmb15fc26eab135e2e167a6f0c32b69f78de8c2a80cdbd57bc9a1c87f2f73377dbopenssh-clients-5.3p1-94.el6.i686.rpm86cead640b1171486a41acc89c7b89794f56b1234e2de208d42088baba00ce01openssh-5.3p1-94.el6.i686.rpm8719d3a212491ae577991c9c7ced87484842a362f8f7401fa969c3e90fb8966bSLSA-2013:1603-2A flaw was found in the way the luci service was initialized. If a system administrator started the luci service from a directory that was writable to by a local user, that user could use this flaw to execute arbitrary code as the root or luci user. (CVE-2013-4482) A flaw was found in the way luci generated its configuration file. The file was created as world readable for a short period of time, allowing a local user to gain access to the authentication secrets stored in the configuration file. (CVE-2013-4481) After installing this update, the luci service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6luci-0.26.0-48.el6.i686.rpm43cfb164d9d818e3d2d2501ad4fff985bf7bf8a5cd1c536c0d72a621d6c9b33aSLSA-2013:1605-2Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in glibc's memory allocator functions (pvalloc, valloc, and memalign). If an application used such a function, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2013-4332) A flaw was found in the regular expression matching routines that process multibyte character input. If an application utilized the glibc regular expression matching mechanism, an attacker could provide specially-crafted input that, when processed, would cause the application to crash. (CVE-2013-0242) It was found that getaddrinfo() did not limit the amount of stack memory used during name resolution. An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash. (CVE-2013-1914) Among other changes, this update includes an important fix for the following bug: * Due to a defect in the initial release of the getaddrinfo() system call in Scientific Linux 6.0, AF_INET and AF_INET6 queries resolved from the /etc/hosts file returned queried names as canonical names. This incorrect behavior is, however, still considered to be the expected behavior. As a result of a recent change in getaddrinfo(), AF_INET6 queries started resolving the canonical names correctly. However, this behavior was unexpected by applications that relied on queries resolved from the /etc/hosts file, and these applications could thus fail to operate properly. This update applies a fix ensuring that AF_INET6 queries resolved from /etc/hosts always return the queried name as canonical. Note that DNS lookups are resolved properly and always return the correct canonical names. A proper fix to AF_INET6 queries resolution from /etc/hosts may be applied in future releases; for now, due to a lack of standard, Red Hat suggests the first entry in the /etc/hosts file, that applies for the IP address being resolved, to be considered the canonical entry.moderateScientific Linux FermiScientific Linux Fermi 6nscd-2.12-1.132.el6.i686.rpm67d324281b042d1e37d36135e6e0178e5c4b9c659f1b9a7cfb1222ab4bb7767aglibc-common-2.12-1.132.el6.i686.rpme2af3131133774934b968cd63c36c8c2707d60f3bade824593ca003ef9c91678glibc-static-2.12-1.132.el6.i686.rpm5c07fcf385ca143a976d48ba6a411009946d02cac348f3ae132140f6901df4f3glibc-devel-2.12-1.132.el6.i686.rpmb2e35fc766420577233a5b9b03b822361103996b91a9e51384a73ada800f790fglibc-headers-2.12-1.132.el6.i686.rpm2f985556d365aeeadbca214ea47fbd16d5a72c3fecde44d019efedca3af2e664glibc-2.12-1.132.el6.i686.rpmf694e5b479b775d8f4c44392f7af8d95aab1fa97acf5a5c2496d633142c46cd2glibc-utils-2.12-1.132.el6.i686.rpmee69a9e3966a7d8392e582a1d3a5747f5fe521f06e028aff6c95e13915cf272bSLSA-2013:1615-2It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2006-7243) A flaw was found in PHP's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. If an attacker was able to get a carefully crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate to conduct man-in-the-middle attacks to spoof SSL servers. (CVE-2013-4248) It was found that the PHP SOAP parser allowed the expansion of external XML entities during SOAP message parsing. A remote attacker could possibly use this flaw to read arbitrary files that are accessible to a PHP application using a SOAP extension. (CVE-2013-1643) This update fixes the following bugs: * Previously, when the allow_call_time_pass_reference setting was disabled, a virtual host on the Apache server could terminate with a segmentation fault when attempting to process certain PHP content. This bug has been fixed and virtual hosts no longer crash when allow_call_time_pass_reference is off. * Prior to this update, if an error occurred during the operation of the fclose(), file_put_contents(), or copy() function, the function did not report it. This could have led to data loss. With this update, the aforementioned functions have been modified to properly report any errors. * The internal buffer for the SQLSTATE error code can store maximum of 5 characters. Previously, when certain calls exceeded this limit, a buffer overflow occurred. With this update, messages longer than 5 characters are automatically replaced with the default "HY000" string, thus preventing the overflow. In addition, this update adds the following enhancement: * This update adds the following rpm macros to the php package: %__php, %php_inidir, %php_incldir. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6php-snmp-5.3.3-26.el6.i686.rpm0b3a1079774ee78760ee3242fcec7be3584278441eae11f79ab367e28a8729baphp-5.3.3-26.el6.i686.rpmfd1be9af6c8f6cc27336da3a7673a643a99043d71bed04db71aaac61e4338bb8php-ldap-5.3.3-26.el6.i686.rpm4d008bbb683beb3acc3668376d092e742bd49357c4864aee5991dca17379ae4ephp-mbstring-5.3.3-26.el6.i686.rpmfd0f44506a336178da52bb7a1a05945113f4883bd6ada718e03b99a31b4074a5php-process-5.3.3-26.el6.i686.rpmc427771276d302aa02246b542b3c164ac9b5772b75fc8964fabcb7d1db05e236php-embedded-5.3.3-26.el6.i686.rpm63ae79e7f56127cd9e331b8048ef5582ea53b06f9568ac94fd37849a43e43e44php-zts-5.3.3-26.el6.i686.rpm8fe7dabee559929793a73d5d4f9940ecefcc7bbb424807f38a48bd52ad7a8742php-dba-5.3.3-26.el6.i686.rpmeb007859137e242e53cc96181ed33900113cab5d3d5ddd09f0ecaed4247812f8php-pgsql-5.3.3-26.el6.i686.rpme8e3975a68c98e855f99548e5fd5a52166c42a5fbbdb9cb74466abec501dd98cphp-cli-5.3.3-26.el6.i686.rpmf3875e18e198afa636d09e6eec37ca47316ac05cd20426c4717f138ae7eb3e0bphp-fpm-5.3.3-26.el6.i686.rpmf58207dfba931e2c0b4773314987a7a9bbe70da4c13ee5c5c623cf9498ebb8bfphp-soap-5.3.3-26.el6.i686.rpm22483b8f008976e402571e07fe14e6a5f3609c0f709ab9dee9252573cd839100php-xml-5.3.3-26.el6.i686.rpm041a73a155e712a63d2ac405e3cb894ef366ed131812d5c0eaf34c966311a76fphp-devel-5.3.3-26.el6.i686.rpm9287ebeee692ad2f5fcba840fbade992f5f183c66c174e5c437af2d5c2e8bf0bphp-gd-5.3.3-26.el6.i686.rpm0558fada056d8598a024aec21944f7e5d0064853a7728534d3de30ca9a971e10php-bcmath-5.3.3-26.el6.i686.rpmbe8f79f3488a5818686af43f0e937ec512c54653bb524944e78521966cb54d00php-imap-5.3.3-26.el6.i686.rpm2b3a79a7f438c29e69eac3548c1268868d16fae07463d8761a718555eff68d2fphp-tidy-5.3.3-26.el6.i686.rpm6ca527ffb3eff126dbf8981cf601cc484c40b7df5cda00ad08762dcfc5511b70php-common-5.3.3-26.el6.i686.rpm7c7f30d05f40adb1078399f2fcf9f74841da7fe7e90411361eef709b63c1d592php-odbc-5.3.3-26.el6.i686.rpma0067a92b178bee4efcba97e88c6d51804cd81ac7a22e04c6f452036d6d43b4aphp-pdo-5.3.3-26.el6.i686.rpm2ab330f2991791a90d4f262fe7629236c5d8eef6d352cdcbc18bffb6fc63c7ccphp-xmlrpc-5.3.3-26.el6.i686.rpm2d46c15cc364c27773b9cb9042404b372afaa883b50c281791f1954850ad775cphp-mysql-5.3.3-26.el6.i686.rpma8b51ea3689357d2d14c125367ac015cc77905610a2382fb0d6e62039d88cadephp-enchant-5.3.3-26.el6.i686.rpmf3102b4f9afb5ba14b1f95a5d5a9c23692558e1c45ab28f3d4ce4580523d9267php-intl-5.3.3-26.el6.i686.rpm708f7a4e5b121b92535159e26c31368861e3f2c467e2986c15843bdda7807cdephp-pspell-5.3.3-26.el6.i686.rpm99b10140a18229adf68065f2e35d582e86a68a2052cf6d73850467a17accfdcaphp-recode-5.3.3-26.el6.i686.rpm9908aec1a192648eff1d2cd020e272925ea6bcc283d7e4e68fdb77220d90b317SLSA-2013:1620-2A flaw was found in the way the X.org X11 server registered new hot plugged devices. If a local user switched to a different session and plugged in a new device, input from that device could become available in the previous session, possibly leading to information disclosure. (CVE-2013-1940) This update also fixes the following bugs: * A previous upstream patch modified the Xephyr X server to be resizeable, however, it did not enable the resize functionality by default. As a consequence, X sandboxes were not resizeable on Scientific Linux 6.4 and later. This update enables the resize functionality by default so that X sandboxes can now be resized as expected. * In Scientific Linux 6, the X Security extension (XC-SECURITY) has been disabled and replaced by X Access Control Extension (XACE). However, XACE does not yet include functionality that was previously available in XC- SECURITY. With this update, XC-SECURITY is enabled in the xorg-x11-server spec file on Scientific Linux 6. * Upstream code changes to extension initialization accidentally disabled the GLX extension in Xvfb (the X virtual frame buffer), rendering headless 3D applications not functional. An upstream patch to this problem has been backported so the GLX extension is enabled again, and applications relying on this extension work as expected.lowScientific Linux FermiScientific Linux Fermi 6xorg-x11-server-devel-1.13.0-23.sl6.i686.rpm52af9e6d4ebd26c3dacb02c9c7634d72f8ae007c3826dfebf3219d462a0f4facxorg-x11-server-Xephyr-1.13.0-23.sl6.i686.rpm163a6bac8ad93fe40800718f56e4d675bee1bf603b7d1038bfaeca44c16a13e9xorg-x11-server-common-1.13.0-23.sl6.i686.rpm21fa86f83a51793e522c106e9a6f03cdfe5c17dffe7de7d39de26b50c4667a9dxorg-x11-server-Xvfb-1.13.0-23.sl6.i686.rpm6543df6eaadc83f56292c76ec64d90bdc048471a677fad25411d704e101092ffxorg-x11-server-source-1.13.0-23.sl6.noarch.rpm984acbbd7d5bd489293d63caf07fe0135662e934fede782312c09f618a281666xorg-x11-server-Xorg-1.13.0-23.sl6.i686.rpm60aaebe106d649cad30bb9386793765b2c7c06ce8122a10b16d57692d9eb750axorg-x11-server-Xdmx-1.13.0-23.sl6.i686.rpm752dfc660f905d5ab09f38fb235987b8ba989e81a1c4e383291d4cde958ca98bxorg-x11-server-Xnest-1.13.0-23.sl6.i686.rpm2e55209a4409914590884010ed12303bd74e0326cc1742a98e54847f2a064c8fSLSA-2013:1635-2A denial of service flaw was found in the way Pacemaker performed authentication and processing of remote connections in certain circumstances. When Pacemaker was configured to allow remote Cluster Information Base (CIB) configuration or resource management, a remote attacker could use this flaw to cause Pacemaker to block indefinitely (preventing it from serving other requests). (CVE-2013-0281) Note: The default Pacemaker configuration in Scientific Linux 6 has the remote CIB management functionality disabled. The pacemaker package has been upgraded to upstream version 1.1.10, which provides a number of bug fixes and enhancements over the previous version: * Pacemaker no longer assumes unknown cman nodes are safely stopped. * The core dump file now converts all exit codes into positive 'errno' values. * Pacemaker ensures a return to a stable state after too many fencing failures, and initiates a shutdown if a node claimed to be fenced is still active. * The crm_error tool adds the ability to list and print error symbols. * The crm_resource command allows individual resources to be reprobed, and implements the "--ban" option for moving resources away from nodes. The " --clear" option has replaced the "--unmove" option. Also, crm_resource now supports OCF tracing when using the "--force" option. * The IPC mechanism restores the ability for members of the haclient group to connect to the cluster. * The Policy Engine daemon allows active nodes in the current membership to be fenced without quorum. * Policy Engine now suppresses meaningless IDs when displaying anonymous clone status, supports maintenance mode for a single node, and correctly handles the recovered resources before they are operated on. * XML configuration files are now checked for non-printing characters and replaced with their octal equivalent when exporting XML text. Also, a more reliable buffer allocation strategy has been implemented to prevent lockups. Additional bug fixes: * The "crm_resource --move" command was designed for atomic resources and could not handle resources on clones, masters, or slaves present on multiple nodes. Consequently, crm_resource could not obtain enough information to move a resource and did not perform any action. The "--ban" and "--clear" options have been added to allow the administrator to instruct the cluster unambiguously. Clone, master, and slave resources can now be navigated within the cluster as expected. * The hacluster user account did not have a user identification (UID) or group identification (GID) number reserved on the system. Thus, UID and GID values were picked randomly during the installation process. The UID and GID number 189 was reserved for hacluster and is now used consistently for all installations. * Certain clusters used node host names that did not match the output of the "uname -n" command. Thus, the default node name used by the crm_standby and crm_failcount commands was incorrect and caused the cluster to ignore the update by the administrator. The crm_node command is now used instead of the uname utility in helper scripts. As a result, the cluster behaves as expected. * Due to incorrect return code handling, internal recovery logic of the crm_mon utility was not executed when a configuration updated failed to apply, leading to an assertion failure. Return codes are now checked correctly, and the recovery of an expected error state is now handled transparently. * cman's automatic unfencing feature failed when combined with Pacemaker. Support for automated unfencing in Pacemaker has been added, and the unwanted behavior no longer occurs.lowScientific Linux FermiScientific Linux Fermi 6pacemaker-remote-1.1.10-14.el6.i686.rpm4a092a848d7a03115aef7389a80bffd402ae5314b982d7c212ce6e79670d5e68pacemaker-cts-1.1.10-14.el6.i686.rpm67c4d03aeb8460e2eb0dc70c7d3a6900bb72cc630b187987f70d8a3d95aa32bapacemaker-1.1.10-14.el6.i686.rpm16301ca47589f187b5e66154ccf147ae4768c8c209ae1115a20f286383c2458cpacemaker-doc-1.1.10-14.el6.i686.rpm4f238d0f724fcadb4ee8732e20d6bc22651b8d118d2823b5823a9a0e2d88b696pacemaker-cluster-libs-1.1.10-14.el6.i686.rpm56cf382af2b43eb21a1510e365b56c57747f9161321579bd32c4c14148608144pacemaker-cli-1.1.10-14.el6.i686.rpm8b543cf76421697d3da56a239c3edfe30b746990c15a108adfd5e919bde2678apacemaker-libs-devel-1.1.10-14.el6.i686.rpm75588c319663c806bca821a9ffc89c825f38bcbbd9e8ada98644cfb55de72f92pacemaker-libs-1.1.10-14.el6.i686.rpmd595e9c116abf2ed469d47209e47ac3ab368d9799ec66dc66bdb06f1997ee576SLSA-2013:1645-2This update fixes the following security issues: * A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload (UFO) feature was enabled. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-4387, Important) * A flaw was found in the way the Linux kernel handled the creation of temporary IPv6 addresses. If the IPv6 privacy extension was enabled (/proc/sys/net/ipv6/conf/eth0/use_tempaddr set to '2'), an attacker on the local network could disable IPv6 temporary address generation, leading to a potential information disclosure. (CVE-2013-0343, Moderate) * A flaw was found in the way the Linux kernel handled HID (Human Interface Device) reports with an out-of-bounds Report ID. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-2888, Moderate) * An off-by-one flaw was found in the way the ANSI CPRNG implementation in the Linux kernel processed non-block size aligned requests. This could lead to random numbers being generated with less bits of entropy than expected when ANSI CPRNG was used. (CVE-2013-4345, Moderate) * It was found that the fix for CVE-2012-2375 released via SLSA-2012:1580 accidentally removed a check for small-sized result buffers. A local, unprivileged user with access to an NFSv4 mount with ACL support could use this flaw to crash the system or, potentially, escalate their privileges on the system . (CVE-2013-4591, Moderate) * A flaw was found in the way IOMMU memory mappings were handled when moving memory slots. A malicious user on a KVM host who has the ability to assign a device to a guest could use this flaw to crash the host. (CVE-2013-4592, Moderate) * Heap-based buffer overflow flaws were found in the way the Zeroplus and Pantherlord/GreenAsia game controllers handled HID reports. An attacker with physical access to the system could use these flaws to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-2889, CVE-2013-2892, Moderate) * Two information leak flaws were found in the logical link control (LLC) implementation in the Linux kernel. A local, unprivileged user could use these flaws to leak kernel stack memory to user space. (CVE-2012-6542, CVE-2013-3231, Low) * A heap-based buffer overflow in the way the tg3 Ethernet driver parsed the vital product data (VPD) of devices could allow an attacker with physical access to a system to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1929, Low) * Information leak flaws in the Linux kernel could allow a privileged, local user to leak kernel memory to user space. (CVE-2012-6545, CVE-2013-1928, CVE-2013-2164, CVE-2013-2234, Low) * A format string flaw was found in the Linux kernel's block layer. A privileged, local user could potentially use this flaw to escalate their privileges to kernel level (ring0). (CVE-2013-2851, Low) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-2.6.32-431.el6.i686.rpmc4dde10d47ffef3c5897c8fb38c41e59a31ca87d81474414f01378b977e5201fkernel-debug-2.6.32-431.el6.i686.rpm4fe0c47d66364d3748fefc3581e75c40fd27e062846a4f050c94617570697db0kernel-abi-whitelists-2.6.32-431.el6.noarch.rpme706b9c72f3411bb75d835a53b70788166fef651599f72910587c511a8825333kernel-debug-devel-2.6.32-431.el6.i686.rpmfbbc3b1b0417fe054152235b522eba8e8af930217ff0eb718c9a1a597fd66600kernel-headers-2.6.32-431.el6.i686.rpmd4ce82a82e9cea5f3e88cb22eeb123a65982047fde1dc3fa194de66f9634e32eperf-2.6.32-431.el6.i686.rpm445b6143a2cfcad706b08da3b1bd58a01ffb2e4937c065be8d34591008f8be9akernel-doc-2.6.32-431.el6.noarch.rpm0279f4f4d81e889b5a0b5d8b810682700e77e2a69a50c98ddf64b80cb6922571kernel-devel-2.6.32-431.el6.i686.rpm18900fbb0a1daaffbcb7fc23e5c214c913171bf38abe73a6bc11204aaefc7489kernel-firmware-2.6.32-431.el6.noarch.rpm2ea7fbaf99e09c934585536964f0a09d95d4db5ae8a9ad9566ce940858a5258dpython-perf-2.6.32-431.el6.i686.rpm5a825ef6bcad26b8a23f535b6f4d7a3ab36b62cee27ea9d8dc8894b249a4475dSLSA-2013:1652-2It was discovered that the sort, uniq, and join utilities did not properly restrict the use of the alloca() function. An attacker could use this flaw to crash those utilities by providing long input strings. (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223)lowScientific Linux FermiScientific Linux Fermi 6coreutils-8.4-31.el6.i686.rpm18ec5f77f5b3c886e4e8f4f3a7c20cf5b7fc27cf034a95b6d863d21964a2d17bcoreutils-libs-8.4-31.el6.i686.rpm539db56e5f5d6b60dc22314f9164362d9deaaf057ff20e6cf112235e091f9d8fSLSA-2013:1661-2A flaw was found in the way ibutils handled temporary files. A local attacker could use this flaw to cause arbitrary files to be overwritten as the root user via a symbolic link attack. (CVE-2013-2561) It was discovered that librdmacm used a static port to connect to the ib_acm service. A local attacker able to run a specially crafted ib_acm service on that port could use this flaw to provide incorrect address resolution information to librmdacm applications. (CVE-2012-4516) This advisory updates the following packages to the latest upstream releases, providing a number of bug fixes and enhancements over the previous versions: Several bugs have been fixed in the openmpi, mpitests, ibutils, and infinipath-psm packages. The most notable changes in these updated packages from the RDMA stack are the following: * Multiple bugs in the Message Passing Interface (MPI) test packages were resolved, allowing more of the mpitest applications to pass on the underlying MPI implementations. * The libmlx4 package now includes dracut module files to ensure that any necessary custom configuration of mlx4 port types is included in the initramfs dracut builds. * Multiple test programs in the perftest and qperf packages now work properly over RoCE interfaces, or when specifying the use of rdmacm queue pairs. * The mstflint package has been updated to the latest upstream version, which is now capable of burning firmware on newly released Mellanox Connect-IB hardware. * A compatibility problem between the openmpi and infinipath-psm packages has been resolved with new builds of these packages.moderateScientific Linux FermiScientific Linux Fermi 6libibverbs-devel-1.1.7-1.el6.i686.rpm0f8b28c548f1031793183c21a54481a3cca62c2aac4a4224a508d9858380b2a8perftest-2.0-2.el6.i686.rpma8fab9234142f777c9318cf365c78b2f6e82a005f12d31fb7c918804c9156227mpitests-openmpi-3.2-9.el6.i686.rpmbe246cb6e9921f607748a658871586289a4891068db201563622425aeeebd46brdma-3.10-3.el6.noarch.rpm5608c71790e7f06430242daa6597054639589ba8bc96857faf166a606946cd38ibutils-devel-1.5.7-8.el6.i686.rpm48e02bb73a1315601250ded921c1129c9092f366d34592cea24af842cf1c25e2librdmacm-utils-1.0.17-1.el6.i686.rpm7210f5ccee073479550d69dd9ef1a1115a4276a8a3a7d883b99d2c17f71b37baopenmpi-devel-1.5.4-2.el6.i686.rpm457e189e3649e31712959e1612601c96f13890c3becce39a4caa5ccd479cc4e1librdmacm-static-1.0.17-1.el6.i686.rpm010c3b11c3d797c8c36949d37a06b68131437ff3f8a378b50b73b4a0a845b913qperf-0.4.9-1.el6.i686.rpm618da28fdc14d98edc6b32241f8332c2a50c953f958d4dd4b6f4ba2da3d21711libibverbs-utils-1.1.7-1.el6.i686.rpmad1624f95ec31d9bb06f3e718bb2d9fb407d15d45de756ca0fb65637a8c528c1libibverbs-devel-static-1.1.7-1.el6.i686.rpm28be0dafabaef47ca0d1c83951be9a8f1e3b7b21b365a5e39e332de1f51ceb57ibutils-libs-1.5.7-8.el6.i686.rpmdbd817d5d68a8d5c403f7ffe61bdf053470495f13ab550b3bd3cb93eff073facmstflint-3.0-0.6.g6961daa.1.el6.i686.rpm020c64833b5d9a6633eede260747442fcd8e346fef5569736fbed9e681dd4a28librdmacm-devel-1.0.17-1.el6.i686.rpm80562c5ea3e4a8cdd977ba251ddc3e22d637b9f87ddcbd2d592e438561831835libibverbs-1.1.7-1.el6.i686.rpm4c53263f50a79c0a632f1e5376c553264467e3af6962560a1fc263c588abfec4mpitests-mvapich-3.2-9.el6.i686.rpm946375984540dbcc921709a6b9a4212b19d0f918ddebc80fbb85b3c58ab8521clibrdmacm-1.0.17-1.el6.i686.rpm8b0f4544d9ffd0f6f6aafdeb961de4ae4f918b803569cbf2f11bc910a2fd3668libmlx4-static-1.0.5-4.el6.1.i686.rpma0290c59d461decf6ef887e70a9a5c8b7c7f4c296e90f829e842f438354f28d8mpitests-mvapich2-3.2-9.el6.i686.rpmc91d245bbae95418a36e3cb19d248f57b01c22babef9f1b4830efaa6d3805fb3ibutils-1.5.7-8.el6.i686.rpm1ef00e5a6965450161b0ad52618dec1ee2baedd0fa880ce2b8855ec924c78d85openmpi-1.5.4-2.el6.i686.rpmccc261943bcff6082bc8d3b8d7e87ce2c304693dfa70e43625449948b08922cclibmlx4-1.0.5-4.el6.1.i686.rpm14b40e06dcfc1c27dc9c917aadf74e87b7222afa9b31409183132fc37d80b530SLSA-2013:1674-2It was discovered that dracut created initramfs images as world readable. A local user could possibly use this flaw to obtain sensitive information from these files, such as iSCSI authentication passwords, encrypted root file system crypttab passwords, or other information. (CVE-2012-4453)moderateScientific Linux FermiScientific Linux Fermi 6dracut-004-336.el6.noarch.rpm211f502a9c9a302e23f05fb6fe185a0e2a8fb73991bed93afcd0d0d3510f7132dracut-kernel-004-336.el6.noarch.rpmade9acf8e3326b2acb0f7dbfc6746e7997157cca8d9f4b75ce28f9d8a83feb46dracut-generic-004-336.el6.noarch.rpm43c75b9512e92157173aee3d027f4935ed500593e1d6c626f9fa00543d51d701dracut-fips-aesni-004-336.el6.noarch.rpm4b50bde114ee1ceb0e6203ebde9195dfa165c5fde2419d2e4eaae04f344b42b6dracut-caps-004-336.el6.noarch.rpm160df09873e6a1d640c32c580adbc3905e1fd8ce28f79c949d6f154ce4913701dracut-fips-004-336.el6.noarch.rpm1a32606f442bdb7401097f2dea0df272700af51724a684b6d53cfdb53c9c9c85dracut-network-004-336.el6.noarch.rpmfff6557b90fe0de2dedf9f835307902a2a81622ec082b1fc262b736a342354a2dracut-tools-004-336.el6.noarch.rpm1129cccdf62f2a7313b898e80ea0f21514e53116c16ac2d4bd6be144ef7e3119SLSA-2013:1701-2A flaw was found in the way sudo handled time stamp files. An attacker able to run code as a local user and with the ability to control the system clock could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password. (CVE-2013-1775) It was found that sudo did not properly validate the controlling terminal device when the tty_tickets option was enabled in the /etc/sudoers file. An attacker able to run code as a local user could possibly gain additional privileges by running commands that the victim user was allowed to run via sudo, without knowing the victim's password. (CVE-2013-2776, CVE-2013-2777) This update also fixes the following bugs: * Previously, sudo did not support netgroup filtering for sources from the System Security Services Daemon (SSSD). Consequently, SSSD rules were applied to all users even when they did not belong to the specified netgroup. With this update, netgroup filtering for SSSD sources has been implemented. As a result, rules with a netgroup specification are applied only to users that are part of the netgroup. * When the sudo utility set up the environment in which it ran a command, it reset the value of the RLIMIT_NPROC resource limit to the parent's value of this limit if both the soft (current) and hard (maximum) values of RLIMIT_NPROC were not limited. An upstream patch has been provided to address this bug and RLIMIT_NPROC can now be set to "unlimited". * Due to the refactoring of the sudo code by upstream, the SUDO_USER variable that stores the name of the user running the sudo command was not logged to the /var/log/secure file as before. Consequently, user name "root" was always recorded instead of the real user name. With this update, the previous behavior of sudo has been restored. As a result, the expected user name is now written to /var/log/secure. * Due to an error in a loop condition in sudo's rule listing code, a buffer overflow could have occurred in certain cases. This condition has been fixed and the buffer overflow no longer occurs. In addition, this update adds the following enhancements: * With this update, sudo has been modified to send debug messages about netgroup matching to the debug log. These messages should provide better understanding of how sudo matches netgroup database records with values from the running system and what the values are exactly. * With this update, sudo has been modified to accept the ipa_hostname value from the /etc/sssd/sssd.conf configuration file when matching netgroups.lowScientific Linux FermiScientific Linux Fermi 6sudo-1.8.6p3-12.el6.i686.rpmd54a40b7bd16bf0d4c79c0072c8de19a8b16cd05c57670216dfd821e61be6225sudo-devel-1.8.6p3-12.el6.i686.rpm3c8a8efec9fbe58e8e0fe7351225801aad46897298280276c66a69ed4ef74a4fSLSA-2013:1732-2It was found that the mdev BusyBox utility could create certain directories within /dev with world-writable permissions. A local unprivileged user could use this flaw to manipulate portions of the /dev directory tree. (CVE-2013-1813) This update also fixes the following bugs: * Previously, due to a too eager string size optimization on the IBM System z architecture, the "wc" BusyBox command failed after processing standard input with the following error: wc: : No such file or directory This bug was fixed by disabling the string size optimization and the "wc" command works properly on IBM System z architectures. * Prior to this update, the "mknod" command was unable to create device nodes with a major or minor number larger than 255. Consequently, the kdump utility failed to handle such a device. The underlying source code has been modified, and it is now possible to use the "mknod" command to create device nodes with a major or minor number larger than 255. * If a network installation from an NFS server was selected, the "mount" command used the UDP protocol by default. If only TCP mounts were supported by the server, this led to a failure of the mount command. As a result, Anaconda could not continue with the installation. This bug is now fixed and NFS mount operations default to the TCP protocol.lowScientific Linux FermiScientific Linux Fermi 6busybox-petitboot-1.15.1-20.el6.i686.rpm1e4489d60acfdddc0d77d56ebd6d091dcb4ff53048cb1858f71c7501f3dca7c3busybox-1.15.1-20.el6.i686.rpmd11487436e476aa5db2c7776d01383c690a49b4e7de2b0c561e007e9874ce83aSLSA-2013:1752-1It was discovered that the 389 Directory Server did not properly handle certain Get Effective Rights (GER) search queries when the attribute list, which is a part of the query, included several names using the '@' character. An attacker able to submit search queries to the 389 Directory Server could cause it to crash. (CVE-2013-4485) After installing this update, the 389 server service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6389-ds-base-libs-1.2.11.15-30.el6_5.i686.rpmb8db8663d002536a15dbbe7e96abdddca83761a7ac18581bd6842892aeb2e31a389-ds-base-devel-1.2.11.15-30.el6_5.i686.rpm146d263e9b06af0f4994250e57a942f0ba94f4b996cecc8798170ff56e2870c8389-ds-base-1.2.11.15-30.el6_5.i686.rpma1199e233770193c8d90e17e26916bc0d05a065e2c4b52e28ef795e0298b1f5aSLSA-2013:1764-1A buffer overflow flaw was found in the way Ruby parsed floating point numbers from their text representation. If an application using Ruby accepted untrusted input strings and converted them to floating point numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application. (CVE-2013-4164)criticalScientific Linux FermiScientific Linux Fermi 6ruby-libs-1.8.7.352-13.el6.i686.rpmda3ef964f8df3e5658118dda6b8d7ea9b41b673b021d1df320fe16ac6268766bruby-tcltk-1.8.7.352-13.el6.i686.rpmac4039cf7944fd16645a4009b8c18de6cc585aa30b1a66ab5cea76d7478af166ruby-ri-1.8.7.352-13.el6.i686.rpm590291967c7673039a77b45bddba8154bfb6cf55e5283a7be645f168b0bf3981ruby-irb-1.8.7.352-13.el6.i686.rpm0d38a80153d4800d815225bee99a2f5b5013a29c7b816cb2c910de9adf808043ruby-rdoc-1.8.7.352-13.el6.i686.rpm1681fc594a04730fccc7cd1744327ebf47499cf61b356065b919dcc0a9221f67ruby-1.8.7.352-13.el6.i686.rpm3c771a8fc5d4afb2786fabb4804b7e41303394aa3bf63ad1b0c053a589b2589eruby-static-1.8.7.352-13.el6.i686.rpm075e78ee0ad0e2267c3b6caadc5150f1a03c395d8a292d6f25010478875a4c66ruby-devel-1.8.7.352-13.el6.i686.rpm3ea6790c80a8c8de8c55ae7711b546663a3adf417e800bce6ebe4e1fdf3a376druby-docs-1.8.7.352-13.el6.i686.rpm8b0bba51e53b02f13f2e78f2b8035542ffaf06cabf06205061d3727d4a2a0431SLSA-2013:1778-1A stack-based buffer overflow flaw, a heap-based buffer overflow, and an integer overflow flaw were found in the way GIMP loaded certain X Window System (XWD) image dump files. A remote attacker could provide a specially crafted XWD image file that, when processed, would cause the XWD plug-in to crash or, potentially, execute arbitrary code with the privileges of the user running the GIMP. (CVE-2012-5576, CVE-2013-1913, CVE-2013-1978) The GIMP must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6gimp-help-browser-2.6.9-6.el6_5.i686.rpmae79243fdb27ee66a857f30b88358844fe54115f666c889748c90c6394535a48gimp-devel-2.6.9-6.el6_5.i686.rpm9598ad03013a52a71fb0d29331f4e927d4aadf6321a1abd731c4e3a9b724e87egimp-libs-2.6.9-6.el6_5.i686.rpm20cf22907fe1cedd00cf4f4b8e8edc7f3e5bedf99a549d8fee01399117c9fa60gimp-2.6.9-6.el6_5.i686.rpm460a0cce794a743a896ac54e2e0457907a79054da32a5af98c60b6b09de30153gimp-devel-tools-2.6.9-6.el6_5.i686.rpm3d12385426958ea2afed4960796506ac9822f3a8dcb257c9db3e9f1f97408ac5SLSA-2013:1779-1A flaw was found in the way mod_nss handled the NSSVerifyClient setting for the per-directory context. When configured to not require a client certificate for the initial connection and only require it for a specific directory, mod_nss failed to enforce this requirement and allowed a client to access the directory when no valid client certificate was provided. (CVE-2013-4566) The httpd service must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6mod_nss-1.0.8-19.el6_5.i686.rpm6ab314a1c3e459cd744e8e31f7a35a8b6076af1ce7ba4a8c52ce6177e31f5fe4SLSA-2013:1801-1* A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled sending of certain UDP packets over sockets that used the UDP_CORK option when the UDP Fragmentation Offload (UFO) feature was enabled on the output device. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges on the system. (CVE-2013-4470, Important) * A divide-by-zero flaw was found in the apic_get_tmcct() function in KVM's Local Advanced Programmable Interrupt Controller (LAPIC) implementation. A privileged guest user could use this flaw to crash the host. (CVE-2013-6367, Important) * A memory corruption flaw was discovered in the way KVM handled virtual APIC accesses that crossed a page boundary. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-6368, Important) * An information leak flaw in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user space. (CVE-2013-2141, Low) This update also fixes several bugs and adds two enhancements. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6perf-2.6.32-431.1.2.el6.i686.rpm116e63c89bc0d94691d82590b186547f88223a06a93127b79ef15bb86ba92f67kernel-debug-2.6.32-431.1.2.el6.i686.rpma500bf729c0f461ea50b8fd27fa1c88b7195890ce9ac7298ba546d3487eba9c9kernel-debug-devel-2.6.32-431.1.2.el6.i686.rpm8b460dc667b24c3f256d714dbf64dfb6670458845c1b6141619a4cc981564a15kernel-abi-whitelists-2.6.32-431.1.2.el6.noarch.rpm5327f84d598f803eed6186b82710bfe1fe3de5ff9282df77cb2def49ba1bf900kernel-2.6.32-431.1.2.el6.i686.rpm02602b148e741bed7a672b948217f2f5be4fdcdb652054e16e2d1ad39ed17f06kernel-firmware-2.6.32-431.1.2.el6.noarch.rpmb2a5c26da9eabef4433b8060f1c68d9aba5494b1595777cff077bfce94586553kernel-devel-2.6.32-431.1.2.el6.i686.rpm2d7b3f430c5ad2e0b973ff90b86a93459b23a35fc2426ce9a93195d2a52a11bckernel-headers-2.6.32-431.1.2.el6.i686.rpm104e8e837a75ce3436275b4fe0b4590a901b297df2f1a1e428b2bbbe56e13318python-perf-2.6.32-431.1.2.el6.i686.rpm67e1f4d2396a47757ef86613242877a30afd2118989cf99fa39557b8316c5278kernel-doc-2.6.32-431.1.2.el6.noarch.rpma8fbc30d95ef2755714d2e6182c28fd7825fd3f477b35cddc29768aa5d8153d1SLSA-2013:1803-1An uninitialized memory read issue was found in the way libjpeg-turbo decoded images with missing Start Of Scan (SOS) JPEG markers or Define Huffman Table (DHT) JPEG markers. A remote attacker could create a specially crafted JPEG image that, when decoded, could possibly lead to a disclosure of potentially sensitive information. (CVE-2013-6629, CVE-2013-6630)moderateScientific Linux FermiScientific Linux Fermi 6libjpeg-turbo-1.2.1-3.el6_5.i686.rpmf113e84dc072be22bdae2be21b504c6623ce36be4c777f5fd6ff9bba354e2efdlibjpeg-turbo-devel-1.2.1-3.el6_5.i686.rpm6000fe3a5c9c60a1edeb39bb30a566bfc2a75be7c354b2843971387dc20765a5libjpeg-turbo-static-1.2.1-3.el6_5.i686.rpm6fc51e84376ce09ccdd3bad3274d0362a439f3e31d05af4c97103ce24c2eb072SLSA-2013:1805-1A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges. (CVE-2013-4408) After installing this update, the smb service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6samba4-dc-libs-4.0.0-60.el6_5.rc4.i686.rpma7e0105791aa76f06e985c3f43f9db71a58e156549de417ac08821653d80457csamba4-libs-4.0.0-60.el6_5.rc4.i686.rpmcf45190a104b9dbd07abbfccf88381ab5fc0e2c95dc91d971cab2492b8fc2c0asamba4-dc-4.0.0-60.el6_5.rc4.i686.rpmc3a1a30f0eb778afd4124d901617e55f715039cf10ef0713a0c0e81cd62f1339samba4-client-4.0.0-60.el6_5.rc4.i686.rpma36bb09e0aed3f52556af229d5d173bd73328aa4c881665bd7a23651209bf98bsamba4-4.0.0-60.el6_5.rc4.i686.rpm5fe0417a355d7da4d6859dd9d25be1d16d10a2ec4cbd7bcfe4224b699a2a36dbsamba4-test-4.0.0-60.el6_5.rc4.i686.rpm7f6eac7dfb849f9c2bb1cdbd5a5797fced1402d050d75422b7c3ab4cb5f7747asamba4-common-4.0.0-60.el6_5.rc4.i686.rpmd9e4eed91d1c21764b156217ca83c05aa9866149989ac9a38bf33a543321cc2fsamba4-devel-4.0.0-60.el6_5.rc4.i686.rpm705676f13de0106126fe201c453a5ff7685956ed47d5644bc52bc138f415220esamba4-winbind-krb5-locator-4.0.0-60.el6_5.rc4.i686.rpm136833c3b71142612432392af70deac5863bc787a47686168757cb6b6cac5effsamba4-winbind-clients-4.0.0-60.el6_5.rc4.i686.rpm1fb9184e1fa05a4ecc01dac5346b1804109bd44b6013db3b120e488dd63996a6samba4-python-4.0.0-60.el6_5.rc4.i686.rpm38460c316faddf59f5e65d4a1fb97ea174bea67e7a972da858c58b5321bcf0d3samba4-pidl-4.0.0-60.el6_5.rc4.i686.rpm12597c4255fc178523ff00533c0e8545779534104ad6a801a4dc165faf5e62a3samba4-winbind-4.0.0-60.el6_5.rc4.i686.rpm653fdab8b067b78cb65dedb12834f119d81a122b709ee3b0691f6f6ff61cbc87samba4-swat-4.0.0-60.el6_5.rc4.i686.rpm36a51f43dd897ae524e9f03abe972d36a1b29e9c1de42cddcecd35a7fabbf78bSLSA-2013:1806-1A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges. (CVE-2013-4408) A flaw was found in the way Samba performed ACL checks on alternate file and directory data streams. An attacker able to access a CIFS share with alternate stream support enabled could access alternate data streams regardless of the underlying file or directory ACL permissions. (CVE-2013-4475) After installing this update, the smb service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6samba-client-3.6.9-167.el6_5.i686.rpm80e3deb1385bbd877ee176d0eaa941011a4a68e95ccf50231433af7f761153ccsamba-swat-3.6.9-167.el6_5.i686.rpm6a30d1044adc7836c7723777a7db77b08f1e6c97eb4efeba8036102827e34a13samba-doc-3.6.9-167.el6_5.i686.rpm13efc7245bf0dfb9f4879ceca6004d1342f6ff2429d88414a2da61256b1f9f97samba-domainjoin-gui-3.6.9-167.el6_5.i686.rpmb3ab0b4ab7ddaf851f106ef5cf22779bc2f0ed89784c7c08e5db599394bb5a9dlibsmbclient-3.6.9-167.el6_5.i686.rpm71275b160d5745cac3ab9de2a1faaac03fce63128b04c72c4c5ce2a13aca5fe9samba-3.6.9-167.el6_5.i686.rpm16ec5219c1c1c1f97bdb29c73658591b21aadc3831f034e605eec74fb6fe78e5samba-winbind-devel-3.6.9-167.el6_5.i686.rpm5d653af465e50c1e4ef00d7dbceb68ede29ae4ccab702ec6b8e6872d570bf2efsamba-winbind-clients-3.6.9-167.el6_5.i686.rpmc1fef84708c7128c6b642c0f8b36ee4a78a584cbd1a2c877e89e6a7fe2496da4samba-common-3.6.9-167.el6_5.i686.rpm2e4251b145882212c1bbd990a6b30b0462986f27bba59f96b23f8b6d4471e492libsmbclient-devel-3.6.9-167.el6_5.i686.rpm6f1be68276278f9bbcf2c5ae02719e1d06a58cf7fbc16dcfbab52ac032861557samba-winbind-krb5-locator-3.6.9-167.el6_5.i686.rpma70bbf421462503c0276a2eb762bb23778560e5871cc078481c79ef6d23ae2c2samba-winbind-3.6.9-167.el6_5.i686.rpm56a5edd5457dce8a8dada334ac34dc5fab31b21e0f6d328b1d2f9e47a1055dbaSLSA-2013:1812-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to terminate unexpectedly or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-5609, CVE-2013-5616, CVE-2013-5618, CVE-2013-6671, CVE-2013-5613) A flaw was found in the way Firefox rendered web content with missing character encoding information. An attacker could use this flaw to possibly bypass same-origin inheritance and perform cross-site scripting (XSS) attacks. (CVE-2013-5612) It was found that certain malicious web content could bypass restrictions applied by sandboxed iframes. An attacker could combine this flaw with other vulnerabilities to execute arbitrary code with the privileges of the user running Firefox. (CVE-2013-5614) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-24.2.0-1.el6_5.i686.rpm3ffbba2e46b290627559f62b541c60e808539afded6e4c552da8eeedb1a59e29SLSA-2013:1813-1A memory corruption flaw was found in the way the openssl_x509_parse() function of the PHP openssl extension parsed X.509 certificates. A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the aforementioned function, causing the application to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the user running the PHP interpreter. (CVE-2013-6420) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6php-common-5.3.3-27.el6_5.i686.rpm5ef400f4b83f25d21037beb24ac8bdcffe3e886ed662ee7d1573338c835b9722php-mbstring-5.3.3-27.el6_5.i686.rpme1b546a12b6a5a5e685c1d64f0aed3fa3f176a120ffa4a4e158ce988deb82f4fphp-odbc-5.3.3-27.el6_5.i686.rpm9ec701eee81357eac0de824b9e9eb39d6f98eb0488776224d2b87cd3438f5c98php-zts-5.3.3-27.el6_5.i686.rpmb6a065674a4f9736363e0ba97bd090b3d61ec30866916218cb03c370a22758e1php-enchant-5.3.3-27.el6_5.i686.rpm7da601c485e6fcb31e02e212b66e573e04a29f3dc47df956a1faf8fbac0f25a1php-imap-5.3.3-27.el6_5.i686.rpm8ccdc602733dd529c637b995aaca3f6786e7dde306f2c1dfd486e817cbaa8646php-snmp-5.3.3-27.el6_5.i686.rpm6940f3f3ead41b779436a2a37d02692cbe3f71516235a88b54198f68e936c797php-5.3.3-27.el6_5.i686.rpm34e4ea6b7f64971dc1ccce7a5b1db40234209f63c21cc00fbfeb7379372080efphp-fpm-5.3.3-27.el6_5.i686.rpmaacef9e64556fd431b8fab64dba98e15b473036fc4d35df0d9ece3609e4ba2c2php-bcmath-5.3.3-27.el6_5.i686.rpm95bfe959dab0de42f79bd8261a523f98b9da5106effef82eda2950660b680933php-pdo-5.3.3-27.el6_5.i686.rpm9bccb61d843fb033de1a548060033ad68bb09d39934601c0e07d1caa01080f5dphp-dba-5.3.3-27.el6_5.i686.rpma8bcf1c4958779a96a8dfc22424fd4e1d39d7fbfa16d40eb2863042c34480e3dphp-gd-5.3.3-27.el6_5.i686.rpm62976640a5d17f4734498e944633c50e41bba2b03363e762bda39f1d28359d50php-pspell-5.3.3-27.el6_5.i686.rpm6bc128cbf474b7d87d237ffa104072cd3af6e1f07d548780b9a34d1480de4c02php-tidy-5.3.3-27.el6_5.i686.rpm0bcd9c25095bf2342e8fd638045fc6c754603306c34007625a1891c9f312ce59php-xml-5.3.3-27.el6_5.i686.rpm998073b43328c3a88fc285979f52be9da3d808ea16a8da6d74e512d928c97406php-cli-5.3.3-27.el6_5.i686.rpme4141edf50e82faa6979ed4d0a80db34190519096c7a71e0cd3680988676f4e2php-intl-5.3.3-27.el6_5.i686.rpm1070b27a28a7f3fe2002af3aef3b0deb13543e647b47982361b69406f24e0285php-embedded-5.3.3-27.el6_5.i686.rpmac74cce8ad82d16b587d4bf8d5df0dd7e8e848e0bf23f036f3e65e9febab1a6ephp-pgsql-5.3.3-27.el6_5.i686.rpm421ee72e2ff35bc59555fb35421d54500947987a5723087ce6d6faa18dd32e35php-devel-5.3.3-27.el6_5.i686.rpm8f89ad575761c7fc178ae05ba91c176e2f4057a90f4d0b156f5403367b95a70aphp-xmlrpc-5.3.3-27.el6_5.i686.rpmc3a23a43e791a709173198629d02ab7d52f63aa359f4962f3b2589b6d0d5bc46php-recode-5.3.3-27.el6_5.i686.rpm120ab5ea3b19f4b4c700abf760e8ef26d3192ad6f74af0e8bf2502b1500df7a9php-mysql-5.3.3-27.el6_5.i686.rpm52ed5c513b4567a575fd7e7f4498ed2825443768d2bd5f17978f46a8e13bca58php-ldap-5.3.3-27.el6_5.i686.rpmba4b0d162cb75bb81aecba8d96462d515ce99a38fb9867cdbb0fdb06182aa7b0php-process-5.3.3-27.el6_5.i686.rpmd08f3643262174ba8af13c9301a7ac726c9a1c52bee020fab19b7a50247cfdc2php-soap-5.3.3-27.el6_5.i686.rpm0e36d233d888a4179ceab8a45cccae3b0a329e5fd87de80a558cfc2189ad917bSLSA-2013:1823-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-5609, CVE-2013-5616, CVE-2013-5618, CVE-2013-6671, CVE-2013-5613) A flaw was found in the way Thunderbird rendered web content with missing character encoding information. An attacker could use this flaw to possibly bypass same-origin inheritance and perform cross site-scripting (XSS) attacks. (CVE-2013-5612) It was found that certain malicious web content could bypass restrictions applied by sandboxed iframes. An attacker could combine this flaw with other vulnerabilities to execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2013-5614) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-24.2.0-1.el6_5.i686.rpm08ef68ff7c08dbb3f08634adfca5500207f2aab58b818f908c0c34acd1b3e024SLSA-2013:1829-1A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 released via SLSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741, CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606) After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6nss-util-devel-3.15.3-1.el6_5.i686.rpmdb72c681bea8ded4ca9b096700929a8f20943702fe3e4cf3a7651c97cbbce61fnspr-devel-4.10.2-1.el6_5.i686.rpm163106f66941948ede39898cd252266a486c66b085eceee45954a4d0c5f28cecnss-sysinit-3.15.3-2.el6_5.i686.rpm34a1f7b1aebf729a873cbaa52461a4513ec26e82b441ad4a0ae04923265aafb2nss-pkcs11-devel-3.15.3-2.el6_5.i686.rpm74b2169cbfb658aee98064e3c2c8adb8635fb5d9c5a6bfa487559d579ef92facnss-util-3.15.3-1.el6_5.i686.rpmd999dfb3b076e0d0b8f14c1ccd01ef3ac8f8607d676d5380848bc3998e85784fnss-tools-3.15.3-2.el6_5.i686.rpmee299bdc34422241a0eea88bec3dd1e5fdad6828920c29553fed5d24bced5624nss-devel-3.15.3-2.el6_5.i686.rpme772566445a0f1f98d39eb0e9ad960d5e90e88295f2c1e446154bafed4f45334nspr-4.10.2-1.el6_5.i686.rpm6223f571f556f2c8fc09239561c635d3b5e31704882996d22bdf683d1736b652nss-3.15.3-2.el6_5.i686.rpm57e02044fa19ebd45ff650fc3a6a7153ad236b308f6c883059b5d0581bb85516SLSA-2013:1850-1Multiple heap-based buffer overflow flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6045, CVE-2013-6054) Multiple denial of service flaws were found in OpenJPEG. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash (CVE-2013-1447, CVE-2013-6052) All running applications using OpenJPEG must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6openjpeg-libs-1.3-10.el6_5.i686.rpm9a0097a750a415b30be1251c59b8e97f404f25334aa1fef2c0c6bfe91c601145openjpeg-devel-1.3-10.el6_5.i686.rpm931e3ba2e84dc9f7d8f4f66d948ddef0a42c584e05ee851e7a118b37c9b5174copenjpeg-1.3-10.el6_5.i686.rpm4d3951c2118584e60490ed9d23e1063400eaa23da43c10aea658d1f862b2d1cbSLSA-2013:1861-1It was found that a subordinate Certificate Authority (CA) mis-issued an intermediate certificate, which could be used to conduct man-in-the-middle attacks. This update renders that particular intermediate certificate as untrusted. Note: This fix only applies to applications using the NSS Builtin Object Token. It does not render the certificates untrusted for applications that use the NSS library, but do not use the NSS Builtin Object Token. After installing the update, applications using NSS must be restarted for the changes to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6nss-3.15.3-3.el6_5.i686.rpm0e8d1708bbb65de22bf953f0fcd40484913f92e208d5d19554dadc73b1cee24cnss-devel-3.15.3-3.el6_5.i686.rpm23fbf45900e87a2b9d2090cd15172699455b35a706aca563c5d252cdedf55d5dnss-sysinit-3.15.3-3.el6_5.i686.rpm018d62f4ac75fef348552476618e497f071b7d94442ab29e0aecf8b6aacec4bbnss-pkcs11-devel-3.15.3-3.el6_5.i686.rpmd130fdf19ef1d6a1ffea64e732ebfb4dd50c4d576296b46d1e37dfe8e1bdf633nss-tools-3.15.3-3.el6_5.i686.rpmb27ca3a01f37f1d834e50a50d37e3c531f8abe5ce8d9fab82e2ec5e972941ef1SLSA-2013:1866-1It was found that a subordinate Certificate Authority (CA) mis-issued an intermediate certificate, which could be used to conduct man-in-the-middle attacks. This update renders that particular intermediate certificate as untrusted. After installing the update, all applications using the ca-certificates package must be restarted for the changes to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6ca-certificates-2013.1.95-65.1.el6_5.noarch.rpm8179c30dfc5ab29f6a16b4ef4eeec3c9f8bf85d2ccb32305dc83ade95b3fa0d7SLSA-2013:1868-1An integer overflow, which led to a heap-based buffer overflow, was found in the way X.Org server handled trapezoids. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2013-6424)importantScientific Linux FermiScientific Linux Fermi 6xorg-x11-server-common-1.13.0-23.1.sl6.i686.rpmd5f3ab8805e4beaf438b697accbc92c2710c182574dc518f6e940cfdb5f2f409xorg-x11-server-Xephyr-1.13.0-23.1.sl6.i686.rpm570818ab5643d87404d097f1333ed01d227c0a4cdce467c627bf7296e855a22exorg-x11-server-Xvfb-1.13.0-23.1.sl6.i686.rpm308433f8bdf95b6029fca985ea8b70201f2f57edf62448e9763a65462d46c041xorg-x11-server-source-1.13.0-23.1.sl6.noarch.rpm08352eb5283a87d96c59366431c014bb6340749e466c44d1d473ceebd2e42b95xorg-x11-server-devel-1.13.0-23.1.sl6.i686.rpm61548060d92f60b8f61de312be14c9c7b2c7c3ef981a1a8c87f102a13e6e13fexorg-x11-server-Xdmx-1.13.0-23.1.sl6.i686.rpm14b01e0d74099aebaa60f9312c60c97cd8ed9cc8818455bda68626d0d8c451baxorg-x11-server-Xorg-1.13.0-23.1.sl6.i686.rpma7bedc8b3700814fc48a0d6f899367366428bfdbe6e0583c45e2eb1eef7288dfxorg-x11-server-Xnest-1.13.0-23.1.sl6.i686.rpm2976d5b1905b19eabd09f79190b33eef9f254ef563b63a1e791967aee14d7967SLSA-2013:1869-1An integer overflow, which led to a heap-based buffer overflow, was found in the way pixman handled trapezoids. If a remote attacker could trick an application using pixman into rendering a trapezoid shape with specially crafted coordinates, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-6425) All applications using pixman must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6pixman-0.26.2-5.1.el6_5.i686.rpme168f3e8da9365938aadc182d5a980a7268d86ae7f15f5bb73d2abc9f59df4abpixman-devel-0.26.2-5.1.el6_5.i686.rpm6f97acbdc1744a6897dfc60b5c655609007286467fca1974b5f9abaeb2671bb5SLSA-2014:0015-1A flaw was found in the way OpenSSL determined which hashing algorithm to use when TLS protocol version 1.2 was enabled. This could possibly cause OpenSSL to use an incorrect hashing algorithm, leading to a crash of an application using the library. (CVE-2013-6449) It was discovered that the Datagram Transport Layer Security (DTLS) protocol implementation in OpenSSL did not properly maintain encryption and digest contexts during renegotiation. A lost or discarded renegotiation handshake packet could cause a DTLS client or server using OpenSSL to crash. (CVE-2013-6450) A NULL pointer dereference flaw was found in the way OpenSSL handled TLS/SSL protocol handshake packets. A specially crafted handshake packet could cause a TLS/SSL client using OpenSSL to crash. (CVE-2013-4353) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.importantScientific Linux FermitruetrueScientific Linux Fermi 6openssl-perl-1.0.1e-16.el6_5.4.i686.rpmc676db7e60f773753930d283cee7ce24537d7579c3792a3de067bc82c804ce6copenssl-static-1.0.1e-16.el6_5.4.i686.rpm9bbea29888d36ffbaf13b8bf7ec0bb7df776ed2679d412ce267bf921a4ecec0bopenssl-devel-1.0.1e-16.el6_5.4.i686.rpmee2aee057103bb84e0f940e533bcae48247c25b60e0d5e5bb52ba21a462ef6b8openssl-1.0.1e-16.el6_5.4.i686.rpmf86efaef713121854592574cb49461e598f663ba19dd5b91aa7864069904367bSLSA-2014:0018-1A stack-based buffer overflow flaw was found in the way the libXfont library parsed Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2013-6462) All running X.Org server instances must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libXfont-devel-1.4.5-3.el6_5.i686.rpme88cf92ebaf45fe9453932093617af5f5ed7b48be5c096cd6b342418047311b1libXfont-1.4.5-3.el6_5.i686.rpme4813d495e5c572817c8969d8e76024a43bb5d31add88312f72595dbb5ba157cSLSA-2014:0026-1An input validation flaw was discovered in the font layout engine in the 2D component. A specially crafted font file could trigger Java Virtual Machine memory corruption when processed. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2013-5907) Multiple improper permission check issues were discovered in the CORBA, JNDI, and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0428, CVE-2014-0422, CVE-2013-5893) Multiple improper permission check issues were discovered in the Serviceability, Security, CORBA, JAAS, JAXP, and Networking components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-0373, CVE-2013-5878, CVE-2013-5910, CVE-2013-5896, CVE-2013-5884, CVE-2014-0416, CVE-2014-0376, CVE-2014-0368) It was discovered that the Beans component did not restrict processing of XML external entities. This flaw could cause a Java application using Beans to leak sensitive information, or affect application availability. (CVE-2014-0423) It was discovered that the JSSE component could leak timing information during the TLS/SSL handshake. This could possibly lead to disclosure of information about the used encryption keys. (CVE-2014-0411) Note: The java-1.7.0-openjdk package shipped with Scientific Linux 6.5 via SLBA-2013:1611 replaced "java7" with "java" in the provides list. This update re-adds "java7" to the provides list to maintain backwards compatibility with releases prior to Scientific Linux 6.5. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-javadoc-1.7.0.51-2.4.4.1.el6_5.noarch.rpmdd3b77bd6dbf8f63650d13a260a9f011bf924d06e90f5ce94ae687cf88ee97c2java-1.7.0-openjdk-demo-1.7.0.51-2.4.4.1.el6_5.i686.rpm4eb4dec0f5583b36a3c5dc088dbf77f63ea97ae93971d671e2514746c1faabecjava-1.7.0-openjdk-src-1.7.0.51-2.4.4.1.el6_5.i686.rpm650cb3c49fdc1b2d18b3ed6e9e8bf07c6bd23f5b4b68953fac51888d137f465djava-1.7.0-openjdk-devel-1.7.0.51-2.4.4.1.el6_5.i686.rpm19540ca9473c9153eca40a52320dcad4853765859450ce1e41b9bffb5f4ea709java-1.7.0-openjdk-1.7.0.51-2.4.4.1.el6_5.i686.rpmdc25c4aa1a1ff7cf96d8b3bf07e394f66e149fa4b95592b3a5c97140e1f4470fSLSA-2014:0043-1A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash. (CVE-2014-0591) After installing the update, the BIND daemon (named) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6bind-utils-9.8.2-0.23.rc1.el6_5.1.i686.rpm947720bac7c4930f86887f1330cb7038fec00184f3bff637f937645be81e46b4bind-devel-9.8.2-0.23.rc1.el6_5.1.i686.rpm2677609b0a7f4dc129e2013d6f6f3b79b580332690740bd15dde8a0f54874ef5bind-chroot-9.8.2-0.23.rc1.el6_5.1.i686.rpmd8ad8d0d71fbe321efe07b757a638df1eff75c0435dd26d910b06d8092f2cee4bind-libs-9.8.2-0.23.rc1.el6_5.1.i686.rpm67cd5ccc9f4cefa3ae488cd882e2911f63c20c9590e2b0d9853fe39357106c9abind-9.8.2-0.23.rc1.el6_5.1.i686.rpma91c92f8c0dfa9dc401bda6b13fb6bc4484c99aa352a2c763d7744a2d7feb48abind-sdb-9.8.2-0.23.rc1.el6_5.1.i686.rpm864d62e90f7a1330cc55942e2d0e3ce49baa4467ff5a4c682cc6533c14e11062SLSA-2014:0044-1A flaw was found in the way Augeas handled certain umask settings when creating new configuration files. This flaw could result in configuration files being created as world writable, allowing unprivileged local users to modify their content. (CVE-2013-6412) All running applications using augeas must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6augeas-devel-1.0.0-5.el6_5.1.i686.rpmb58787fbdeecb2003ed4f7e4427523bead19fdb545bce43c60b7c555f035f04caugeas-libs-1.0.0-5.el6_5.1.i686.rpm2348685563f9868ac83c8dfc74227155620d05c8adab584b52c497f88ab75567augeas-1.0.0-5.el6_5.1.i686.rpm91456293b5f0f7f3e286dc26467d15fa4ac9aaaa3490eaac9bd7d41ca8cc5137SLSA-2014:0097-1An input validation flaw was discovered in the font layout engine in the 2D component. A specially crafted font file could trigger a Java Virtual Machine memory corruption when processed. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2013-5907) Multiple improper permission check issues were discovered in the CORBA and JNDI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0428, CVE-2014-0422) Multiple improper permission check issues were discovered in the Serviceability, Security, CORBA, JAAS, JAXP, and Networking components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-0373, CVE-2013-5878, CVE-2013-5910, CVE-2013-5896, CVE-2013-5884, CVE-2014-0416, CVE-2014-0376, CVE-2014-0368) It was discovered that the Beans component did not restrict processing of XML external entities. This flaw could cause a Java application using Beans to leak sensitive information, or affect application availability. (CVE-2014-0423) It was discovered that the JSSE component could leak timing information during the TLS/SSL handshake. This could possibly lead to a disclosure of information about the used encryption keys. (CVE-2014-0411) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-javadoc-1.6.0.0-3.1.13.1.el6_5.i686.rpm0949dad28576677a651a499776a595237a5d720a6604ee5e47d17122e3994611java-1.6.0-openjdk-src-1.6.0.0-3.1.13.1.el6_5.i686.rpm0fcdd0407ed874f45e893b4e13473f09b703699a4923545985a058df23d781a7java-1.6.0-openjdk-devel-1.6.0.0-3.1.13.1.el6_5.i686.rpmc01a260bae723c419793dcd365cc40415ff174a2ae1299277ffc5c572aad1c49java-1.6.0-openjdk-demo-1.6.0.0-3.1.13.1.el6_5.i686.rpmcccaac577346ba04aa35cf3c226581f1fe9cad84f748f933ea9d30b3e3f9c1cejava-1.6.0-openjdk-1.6.0.0-3.1.13.1.el6_5.i686.rpm147a05558fab0025044501bf2a766a3c9a4fb696891169088fd3c12d0b0b93b9SLSA-2014:0103-1A use-after-free flaw was found in the way several libvirt block APIs handled domain jobs. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, execute arbitrary code with the privileges of the libvirtd process (usually root). (CVE-2013-6458) A race condition was found in the way libvirtd handled keepalive initialization requests when the connection was closed prior to establishing connection credentials. An attacker able to establish a read- only connection to libvirtd could use this flaw to crash libvirtd, resulting in a denial of service. (CVE-2014-1447) This update also fixes the following bug: * A race condition was possible between a thread starting a virtual machine with a guest agent configured (regular start-up or while migrating) and a thread that was killing the VM process (or the process crashing). The race could cause the monitor object to be freed by the thread that killed the VM process, which was later accessed by the thread that was attempting to start the VM, resulting in a crash. This issue was fixed by checking the state of the VM after the attempted connection to the guest agent; if the VM in the meantime exited, no other operations are attempted. After installing the updated packages, libvirtd will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6libvirt-0.10.2-29.el6_5.3.i686.rpm916f81394d610ef7f112681c1e80cd3efaea6bafd8a5295e406617343c800498libvirt-client-0.10.2-29.el6_5.3.i686.rpmc1b2efda97b7ffb157f677675b5472c4e8de35c1355eaaf032c112ac5d2149b7libvirt-devel-0.10.2-29.el6_5.3.i686.rpmbfa539ce3595fafc13638e76344421fd5dd28cef8f6ae0564ea96ae21e424698libvirt-python-0.10.2-29.el6_5.3.i686.rpm22ccc8023a0ad534d70142f7a21e95563d65d301410656266d25a0ec14215db3SLSA-2014:0126-1A denial of service flaw was found in the way the OpenLDAP server daemon (slapd) performed reference counting when using the rwm (rewrite/remap) overlay. A remote attacker able to query the OpenLDAP server could use this flaw to crash the server by immediately unbinding from the server after sending a search request. (CVE-2013-4449) This update also fixes the following bug: * Previously, OpenLDAP did not properly handle a number of simultaneous updates. As a consequence, sending a number of parallel update requests to the server could cause a deadlock. With this update, a superfluous locking mechanism causing the deadlock has been removed, thus fixing the bug.moderateScientific Linux FermiScientific Linux Fermi 6openldap-2.4.23-34.el6_5.1.i686.rpmbf25ba5cc1566b2ce0246b98753b8bee2f91ca47f1559274ccd1b52f41503e5copenldap-devel-2.4.23-34.el6_5.1.i686.rpm5da983d9257a989d7ee2bdc7cb0e0ddf4ae5d02a3164f8c7c3f8833b9cca3b9aopenldap-servers-2.4.23-34.el6_5.1.i686.rpmb2ad4886e86169b7c912bb4e9870529593788c02ad0d4440567928661f0930e6openldap-servers-sql-2.4.23-34.el6_5.1.i686.rpm0ff51359a279b6f7c7cf19efc6ffe688d8e292c9def85daa6a70eef7eb75a01aopenldap-clients-2.4.23-34.el6_5.1.i686.rpm729b263ad0b19aeaafcfb89ebbcb0edd9fa1f2aea0d035b368f1b83c87115770SLSA-2014:0127-1An XML External Entity expansion flaw was found in the way librsvg2 processed SVG files. If a user were to open a malicious SVG file, a remote attacker could possibly obtain a copy of the local resources that the user had access to. (CVE-2013-1881) All running applications that use librsvg2 must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6librsvg2-devel-2.26.0-6.el6_5.2.i686.rpm695b4e46fc7e324948131434f72da0f9eaa391fcae9b8708b3bdb0a47b545822librsvg2-2.26.0-6.el6_5.2.i686.rpmc85cf2065e8f344853ea72cf6f59e9ff52d2712f930c29b00bbc5120513cf8c2SLSA-2014:0127-2This update fixes the gtk+ regression introduced in SLSA-2014:0127-1 (see upstream bug 924414). We are publishing this alert for completeness.moderateScientific Linux FermiScientific Linux Fermi 6librsvg2-2.26.0-6.el6_5.3.i686.rpm1f47dee4ba4f1dcc7bef339c124c191ae890a4dc81bab645af91a3d70fc48691librsvg2-devel-2.26.0-6.el6_5.3.i686.rpm9014d6b0b2afc6989ef28a0bff516e535fe18712be67ff6c5ee4ba978bb3b9beSLSA-2014:0132-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1477, CVE-2014-1482, CVE-2014-1486) A flaw was found in the way Firefox handled error messages related to web workers. An attacker could use this flaw to bypass the same-origin policy, which could lead to cross-site scripting (XSS) attacks, or could potentially be used to gather authentication tokens and other data from third-party websites. (CVE-2014-1487) A flaw was found in the implementation of System Only Wrappers (SOW). An attacker could use this flaw to crash Firefox. When combined with other vulnerabilities, this flaw could have additional security implications. (CVE-2014-1479) It was found that the Firefox JavaScript engine incorrectly handled window objects. A remote attacker could use this flaw to bypass certain security checks and possibly execute arbitrary code. (CVE-2014-1481) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-24.3.0-2.el6_5.i686.rpm2fc5c2e6f34cfc34ed2e9501b7ab6cafb1689451bf1b7da8f7e7db744db37be6SLSA-2014:0133-1Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1477, CVE-2014-1482, CVE-2014-1486) A flaw was found in the way Thunderbird handled error messages related to web workers. An attacker could use this flaw to bypass the same-origin policy, which could lead to cross-site scripting (XSS) attacks, or could potentially be used to gather authentication tokens and other data from third-party websites. (CVE-2014-1487) A flaw was found in the implementation of System Only Wrappers (SOW). An attacker could use this flaw to crash Thunderbird. When combined with other vulnerabilities, this flaw could have additional security implications. (CVE-2014-1479) It was found that the Thunderbird JavaScript engine incorrectly handled window objects. A remote attacker could use this flaw to bypass certain security checks and possibly execute arbitrary code. (CVE-2014-1481) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-24.3.0-2.el6_5.i686.rpmd151f815f490b8c4747f50d19ef079b6f0dee53476c499f032903b32b7f711abSLSA-2014:0139-1A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. (CVE-2013-6485) Multiple heap-based buffer overflow flaws were found in several protocol plug-ins in Pidgin (Gadu-Gadu, MXit, SIMPLE). A malicious server could send a specially crafted message, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. (CVE-2013-6487, CVE-2013-6489, CVE-2013-6490) Multiple denial of service flaws were found in several protocol plug-ins in Pidgin (Yahoo!, XMPP, MSN, stun, IRC). A remote attacker could use these flaws to crash Pidgin by sending a specially crafted message. (CVE-2012-6152, CVE-2013-6477, CVE-2013-6481, CVE-2013-6482, CVE-2013-6484, CVE-2014-0020) It was found that the Pidgin XMPP protocol plug-in did not verify the origin of "iq" replies. A remote attacker could use this flaw to spoof an "iq" reply, which could lead to injection of fake data or cause Pidgin to crash via a NULL pointer dereference. (CVE-2013-6483) A flaw was found in the way Pidgin parsed certain HTTP response headers. A remote attacker could use this flaw to crash Pidgin via a specially crafted HTTP response header. (CVE-2013-6479) It was found that Pidgin crashed when a mouse pointer was hovered over a long URL. A remote attacker could use this flaw to crash Pidgin by sending a message containing a long URL string. (CVE-2013-6478) Pidgin must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libpurple-perl-2.7.9-27.el6.i686.rpmfa372c24b52c2d93b19b22ebe2cc920254b1d1a613957b078b9f01c998ada42cpidgin-2.7.9-27.el6.i686.rpmc865dc48684ac40dfb63723423b6c280f91d695a2fbb0f761b17881a273d6899libpurple-2.7.9-27.el6.i686.rpmcbca88c9f018d20b3f4aea43833e524b8d3d07eeeca5d31c41cacf25e8da0e19finch-2.7.9-27.el6.i686.rpm000a6b1a85ccba2c8b01d8dcdb81c2d6fe0d21881a19d92aa417081ec776a4d2finch-devel-2.7.9-27.el6.i686.rpma49a9794832d43ed5912386d56c314607f205d8393df4e6a243cc47e7b37b5b9pidgin-perl-2.7.9-27.el6.i686.rpm6c89943131a1d58312d16529c43dcb4640656ab6e7413e76d677e4e4547383cfpidgin-docs-2.7.9-27.el6.i686.rpm1b62c2ca5a20284d3cdffaa9df2da67312c2ad75f49c9e033214daf2143a5ceblibpurple-tcl-2.7.9-27.el6.i686.rpm25a1f7c2fc9baf067fb7bbae609e1206e6cbe8bba8e78d8290253606b25c135fpidgin-devel-2.7.9-27.el6.i686.rpm7c53e22b11aa5658190148ba4c96edb9335e7d1798c207fe69641c0916b139f6libpurple-devel-2.7.9-27.el6.i686.rpm0cc68e37f81df494e3030c0fe52cdcb6c23dcb57fc6d56f83397d69d26585b4fSLSA-2014:0151-1It was discovered that wget used a file name provided by the server when saving a downloaded file. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on the client. (CVE-2010-2252) Note: With this update, wget always uses the last component of the original URL as the name for the downloaded file. Previous behavior of using the server provided name or the last component of the redirected URL when creating files can be re-enabled by using the '--trust-server-names' command line option, or by setting 'trust_server_names=on' in the wget start-up file. This update also fixes the following bugs: * Prior to this update, the wget package did not recognize HTTPS SSL certificates with alternative names (subjectAltName) specified in the certificate as valid. As a consequence, running the wget command failed with a certificate error. This update fixes wget to recognize such certificates as valid.lowScientific Linux FermiScientific Linux Fermi 6wget-1.12-1.11.el6_5.i686.rpm162dd469ebc4391c0631c03a54a4177e952dda2d1f1e75ecbe3e1e3fcfd1ad2bSLSA-2014:0159-1* A buffer overflow flaw was found in the way the qeth_snmp_command() function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2013-6381, Important) * A flaw was found in the way the get_dumpable() function return value was interpreted in the ptrace subsystem of the Linux kernel. When 'fs.suid_dumpable' was set to 2, a local, unprivileged local user could use this flaw to bypass intended ptrace restrictions and obtain potentially sensitive information. (CVE-2013-2929, Low) * It was found that certain protocol handlers in the Linux kernel's networking implementation could set the addr_len value without initializing the associated data structure. A local, unprivileged user could use this flaw to leak kernel stack memory to user space using the recvmsg, recvfrom, and recvmmsg system calls (CVE-2013-7263, CVE-2013-7265, Low). The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-firmware-2.6.32-431.5.1.el6.noarch.rpmeeb746957cbe95e751699f1ceeaf4bda41a01e8dfea23f4c84a2fae752ac8feekernel-headers-2.6.32-431.5.1.el6.i686.rpmcd55ed65dcf03608ae86a41641c876a634431c8f5f7dc7ef478bbc89935b23b8kernel-doc-2.6.32-431.5.1.el6.noarch.rpmb003e341aa658b69e677201bc0a52e3a206b52197af7aa69a9a18bf8159fd60dkernel-debug-2.6.32-431.5.1.el6.i686.rpm5772d7240fb11dcc1206c76e34f2b0b529a7260c7c2e57d6cb962d6229489b46kernel-devel-2.6.32-431.5.1.el6.i686.rpm3fea599ec537fe3f94cf159bff599e71dbf39874c585567e8ea451e9f9043dd4python-perf-2.6.32-431.5.1.el6.i686.rpmf2c936e29121efcc04bc331810d6c8638409162400da1dd88131e0af6f41b8edkernel-abi-whitelists-2.6.32-431.5.1.el6.noarch.rpme90e0673c7b432271ec9a38a93a430603b03afc585b93a274bd8dabf3cac201ckernel-2.6.32-431.5.1.el6.i686.rpmab0a54b02df597813888345f6d225d0fb38fa795e891233541f1ef2c22aad09ekernel-debug-devel-2.6.32-431.5.1.el6.i686.rpm5af74b110044c35a04416388ed91b5c466f47babe68390c3b954bb820c427df4perf-2.6.32-431.5.1.el6.i686.rpma9da6925364a0551d0c466dc01b1b9edc8e2e727884f1073c490bfce584b3c54SLSA-2014:0164-1(CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437, CVE-2013-5908) A buffer overflow flaw was found in the way the MySQL command line client tool (mysql) processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql client, the server could use this flaw to crash the mysql client or, potentially, execute arbitrary code as the user running the mysql client. (CVE-2014-0001) This update also fixes the following bug: * Prior to this update, MySQL did not check whether a MySQL socket was actually being used by any process before starting the mysqld service. If a particular mysqld service did not exit cleanly while a socket was being used by a process, this socket was considered to be still in use during the next start-up of this service, which resulted in a failure to start the service up. With this update, if a socket exists but is not used by any process, it is ignored during the mysqld service start-up. After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6mysql-devel-5.1.73-3.el6_5.i686.rpmcca4158f8c1c0ff4498e840bbf1d548ffd63ea8754ff61bf1ee5ea5434263acemysql-server-5.1.73-3.el6_5.i686.rpm1a8b90dad9710f3dca1812be9f8b27f47ecf068d67eefded9d505334362425d8mysql-test-5.1.73-3.el6_5.i686.rpmc06f24bc22affa28a018944da0b2c44925306b66a0d288c5c8b6302d62229c6bmysql-5.1.73-3.el6_5.i686.rpm4a41eb4a386d00eac89eea30e3960ade3122439850be934db544041ad1f38588mysql-bench-5.1.73-3.el6_5.i686.rpm89ec4dff48c18f55c8ff17a1864f0d1c9161a8d34a0fe2bfe0de80f2a3931f60mysql-libs-5.1.73-3.el6_5.i686.rpm101e89782ecddf43ed5ca4ce0093a0b629780727e7c28e118fac26ed303f7750mysql-embedded-devel-5.1.73-3.el6_5.i686.rpm30de830d3882314ff4dee9acb98b46a713e6371edaafacbf521357ed5089192fmysql-embedded-5.1.73-3.el6_5.i686.rpmf7477391da7ec2de17df305306fad87f411ff842b3d709ecc62a515cdcfc56edSLSA-2014:0175-1It was discovered that the Piranha Configuration Tool did not properly restrict access to its web pages. A remote attacker able to connect to the Piranha Configuration Tool web server port could use this flaw to read or modify the LVS configuration without providing valid administrative credentials. (CVE-2013-6492) This update also fixes the following bug: * When the lvsd service attempted to start, the sem_timedwait() function received the interrupted function call (EINTR) error and exited, causing the lvsd service to fail to start. With this update, EINTR errors are correctly ignored during the start-up of the lvsd service.importantScientific Linux FermiScientific Linux Fermi 6piranha-0.8.6-4.el6_5.2.i686.rpme7cf947435e0fca42b0e2ff57e1c629d4f2e4f3176a4931bbf76693c96d389cdSLSA-2014:0185-1A NULL pointer dereference flaw was discovered in the way Openswan's IKE daemon processed IKEv2 payloads. A remote attacker could send specially crafted IKEv2 payloads that, when processed, would lead to a denial of service (daemon crash), possibly causing existing VPN connections to be dropped. (CVE-2013-6466)moderateScientific Linux FermiScientific Linux Fermi 6openswan-doc-2.6.32-27.2.el6_5.i686.rpm8a3b332a0e04d4836599960d82d1c4c68c11c8e985cf9d842d300fd3315e681bopenswan-2.6.32-27.2.el6_5.i686.rpm261baa9aa83fcda01d23da12c44ec3f3ee50c00f5a3d5815031f999921fc58b0SLSA-2014:0211-1Multiple stack-based buffer overflow flaws were found in the date/time implementation of PostgreSQL. An authenticated database user could provide a specially crafted date/time value that, when processed, could cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0063) Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in various type input functions in PostgreSQL. An authenticated database user could possibly use these flaws to crash PostgreSQL or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0064) Multiple potential buffer overflow flaws were found in PostgreSQL. An authenticated database user could possibly use these flaws to crash PostgreSQL or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2014-0065) It was found that granting an SQL role to a database user in a PostgreSQL database without specifying the "ADMIN" option allowed the grantee to remove other users from their granted role. An authenticated database user could use this flaw to remove a user from an SQL role which they were granted access to. (CVE-2014-0060) A flaw was found in the validator functions provided by PostgreSQL's procedural languages (PLs). An authenticated database user could possibly use this flaw to escalate their privileges. (CVE-2014-0061) A race condition was found in the way the CREATE INDEX command performed multiple independent lookups of a table that had to be indexed. An authenticated database user could possibly use this flaw to escalate their privileges. (CVE-2014-0062) It was found that the chkpass extension of PostgreSQL did not check the return value of the crypt() function. An authenticated database user could possibly use this flaw to crash PostgreSQL via a null pointer dereference. (CVE-2014-0066) These updated packages upgrade PostgreSQL to version 8.4.20, which fixes these issues as well as several non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes: http://www.postgresql.org/docs/8.4/static/release-8-4-19.html http://www.postgresql.org/docs/8.4/static/release-8-4-20.html If the postgresql service is running, it will be automatically restarted after installing this update.importantScientific Linux FermiScientific Linux Fermi 6postgresql-plpython-8.4.20-1.el6_5.i686.rpm7248fe2b5babcdb62656680b0ce21a8f5d7991e5e08abeda701212a77172b5acpostgresql-8.4.20-1.el6_5.i686.rpm10bfacfea457c8d42793ed9daa62d3ba2dd405518aab0c787f3aa67ebb7f5d6bpostgresql-server-8.4.20-1.el6_5.i686.rpm724a3ac14258d08e4329ad8f983fea0f4f88abaa72a7b8f7103c993b80a8b3d5postgresql-devel-8.4.20-1.el6_5.i686.rpm372c928132d745c595bc24f1e0082011f2f998b06c6861b420ba43f9ccd62324postgresql-libs-8.4.20-1.el6_5.i686.rpmbfb2db59f55563313990d939afc2170ead385b2fb9b7457285f36cda55d0765dpostgresql-test-8.4.20-1.el6_5.i686.rpme16ab60712d8f1eb19ba30afd7eb0e1ab10cb25770778c42c2bd1d0521870477postgresql-docs-8.4.20-1.el6_5.i686.rpm6314944d2b5bbe1fdcff3d88be8488755b722c75bbc8c397fd0908c07c2e0df2postgresql-plperl-8.4.20-1.el6_5.i686.rpm1aab75a4f26c3da1f71fd4e65168e579f6dd51803d4cc0e6d088d2eea0494858postgresql-contrib-8.4.20-1.el6_5.i686.rpm3e1d1801e6efcf85f938953e73ae1e475869d20886320961b2253bef5fda47afpostgresql-pltcl-8.4.20-1.el6_5.i686.rpmb40aded480d356cd9f839ef37c37e59ea6879d61d34b9e0a839c96ac0c8a5472SLSA-2014:0222-1A heap-based buffer overflow and a use-after-free flaw were found in the tiff2pdf tool. An attacker could use these flaws to create a specially crafted TIFF file that would cause tiff2pdf to crash or, possibly, execute arbitrary code. (CVE-2013-1960, CVE-2013-4232) Multiple buffer overflow flaws were found in the gif2tiff tool. An attacker could use these flaws to create a specially crafted GIF file that could cause gif2tiff to crash or, possibly, execute arbitrary code. (CVE-2013-4231, CVE-2013-4243, CVE-2013-4244) A flaw was found in the way libtiff handled OJPEG-encoded TIFF images. An attacker could use this flaw to create a specially crafted TIFF file that would cause an application using libtiff to crash. (CVE-2010-2596) Multiple buffer overflow flaws were found in the tiff2pdf tool. An attacker could use these flaws to create a specially crafted TIFF file that would cause tiff2pdf to crash. (CVE-2013-1961) All running applications linked against libtiff must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libtiff-static-3.9.4-10.el6_5.i686.rpm2a970e05474528d2a3a29359b232bf8a1b633346cb4ec5e285efa9f11aa79c12libtiff-devel-3.9.4-10.el6_5.i686.rpmbe9aae8ccf45be1b29c4cf6aa51e1a44a3e2c9a852b9ae1eb4785c4176b24229libtiff-3.9.4-10.el6_5.i686.rpm55a9428742b4fbe2cc98db0e8a576a07de267a527b25bdd1bd2e60af7e8b2eadSLSA-2014:0246-1It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker. (CVE-2014-0092) For the update to take effect, all applications linked to the GnuTLS library must be restarted.importantScientific Linux FermitrueScientific Linux Fermi 6gnutls-guile-2.8.5-13.el6_5.i686.rpm01d0d772e832da6af0dfa496319ff1b369433c4a62b642f0a8335420e3bb440cgnutls-2.8.5-13.el6_5.i686.rpm2769d76ebe114b51f05390d144e92be8f7b100263faa45165543c9d1ad6cc237gnutls-devel-2.8.5-13.el6_5.i686.rpma7f9e1c99e2290bb48bdcb227ae565a888d5c42846784770409f33b2bc41ee79gnutls-utils-2.8.5-13.el6_5.i686.rpmbb87b25d29b93c4dbcfaad35b807cf3382dfb52b93aae336647c08e1db7103fbSLSA-2014:0255-1A flaw was found in the way the mod_dav_svn module handled OPTIONS requests. A remote attacker with read access to an SVN repository served via HTTP could use this flaw to cause the httpd process that handled such a request to crash. (CVE-2014-0032) A flaw was found in the way Subversion handled file names with newline characters when the FSFS repository format was used. An attacker with commit access to an SVN repository could corrupt a revision by committing a specially crafted file. (CVE-2013-1968) A flaw was found in the way the svnserve tool of Subversion handled remote client network connections. An attacker with read access to an SVN repository served via svnserve could use this flaw to cause the svnserve daemon to exit, leading to a denial of service. (CVE-2013-2112) After installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol.moderateScientific Linux FermiScientific Linux Fermi 6subversion-javahl-1.6.11-10.el6_5.i686.rpm0926d5d10626b6c9a1e7e73c5ff79df646f02a7b90bc0afce67c213b031f523bsubversion-kde-1.6.11-10.el6_5.i686.rpmb764dffb8da52fc5152ec9d5f0d494cb8558159f345d333c3f9a736a36d42263subversion-devel-1.6.11-10.el6_5.i686.rpm9ab59e9178200ce679704e48ab7f9ed17c63f4bf2f886723c219d236ab14932asubversion-1.6.11-10.el6_5.i686.rpm33e00b00e2ee9105eccc06649f3481e9665bb8710e647d46e223f5b124fa8906subversion-gnome-1.6.11-10.el6_5.i686.rpm021efb183ae08dd8be8133f3f65ab955230b88023307d06de1fd9c521842226bsubversion-svn2cl-1.6.11-10.el6_5.noarch.rpm3a774b64b1ba544cf4e5e036eb8ffa0020737257664d5682e23ef5aacd4db0c0subversion-ruby-1.6.11-10.el6_5.i686.rpm8339ae65a5e3d087eb653d2234406bc963228a7b2083dc24d529e3690431ad44subversion-perl-1.6.11-10.el6_5.i686.rpme54a8556b61022c48123618b875f760f59c258e64c62076d2c4820896911ec3dmod_dav_svn-1.6.11-10.el6_5.i686.rpm4b70a2103c61aeb1502d37a335c7144d779b335d0c3a95c47df6a464f62a5184SLSA-2014:0292-1It was discovered that the 389 Directory Server did not properly handle certain SASL-based authentication mechanisms. A user able to authenticate to the directory using these SASL mechanisms could connect as any other directory user, including the administrative Directory Manager account. This could allow them to modify configuration values, as well as read and write any data the directory holds. (CVE-2014-0132) After installing this update, the 389 server service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6389-ds-base-libs-1.2.11.15-32.el6_5.i686.rpm030b193d924ab2f7a05bc96b98e696e92c042bc268711f7bada33156a83835cb389-ds-base-devel-1.2.11.15-32.el6_5.i686.rpmc1934e6695a0bf69b189b245326cd06d2c2320ce3e316716d48e72e36b89020d389-ds-base-1.2.11.15-32.el6_5.i686.rpm45e96a7992da803b970b5ced349c0c574b57658219cf67ed83425761c8a8e2fcSLSA-2014:0293-1A stack-based buffer overflow flaw was found in the way udisks handled files with long path names. A malicious, local user could use this flaw to create a specially crafted directory structure that, when processed by the udisks daemon, could lead to arbitrary code execution with the privileges of the udisks daemon (root). (CVE-2014-0004)importantScientific Linux FermiScientific Linux Fermi 6udisks-1.0.1-7.el6_5.i686.rpm1e531c3fa6831e057510e13411d07eb43d87ad92dc179223ed53e3d0a13e6376udisks-devel-1.0.1-7.el6_5.i686.rpm2e6ca4f82393fceeecfcd7e6b43f023869e0afd8a1ae54e4366f4a826bc8beb0udisks-devel-docs-1.0.1-7.el6_5.noarch.rpmdb2c9987624f55dd3da1a727d8f6e3f880c79b43288d66ce9c9ea30a936dbdfeSLSA-2014:0304-1A heap-based buffer overflow flaw was found in the way mutt processed certain email headers. A remote attacker could use this flaw to send an email with specially crafted headers that, when processed, could cause mutt to crash or, potentially, execute arbitrary code with the permissions of the user running mutt. (CVE-2014-0467) All running instances of mutt must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6mutt-1.5.20-4.20091214hg736b6a.el6_5.i686.rpmcb8bd631878a6afc92c170b459a9a468245087c68046fdc4ca3933637ecd0cedSLSA-2014:0310-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Firefox processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Firefox to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Firefox rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1509) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-24.4.0-1.el6_5.i686.rpmbe78eba45e3b52be9409634e3db94666ef7eb917ffedeae13588e7b32d32a292SLSA-2014:0316-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Thunderbird to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Thunderbird rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1509) Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-24.4.0-1.el6_5.i686.rpm6d8aec4cad701e9bc95ee994b42ca94ed0a1cf67e0173272b3a24aea165ee12dSLSA-2014:0321-1A buffer overflow flaw was found in the way the decode_icmp_msg() function in the ICMP-MIB implementation processed Internet Control Message Protocol (ICMP) message statistics reported in the /proc/net/snmp file. A remote attacker could send a message for each ICMP message type, which could potentially cause the snmpd service to crash when processing the /proc/net/snmp file. (CVE-2014-2284) This update also fixes the following bug: * The snmpd service parses the /proc/diskstats file to track disk usage statistics for UCD-DISKIO-MIB::diskIOTable. On systems with a large number of block devices, /proc/diskstats may be large in size and parsing it can take a non-trivial amount of CPU time. With this update, Net-SNMP introduces a new option, 'diskio', in the /etc/snmp/snmpd.conf file, which can be used to explicitly specify devices that should be monitored. Only these whitelisted devices are then reported in UCD-DISKIO- MIB::diskIOTable, thus speeding up snmpd on systems with numerous block devices. After installing this update, the snmpd service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6net-snmp-devel-5.5-49.el6_5.1.i686.rpmcbd1752a5f6b9638f393bf8a72fa33c04a1a01175b1ec894adbaa266298db31enet-snmp-python-5.5-49.el6_5.1.i686.rpm7222136dbea161dab5aa43ba5c62c1111f8528f284e4ad20c9dc6e1d75f80b5anet-snmp-libs-5.5-49.el6_5.1.i686.rpmac60397d80c7d30a628bf5e264a26c2ec1b6b01eeb7f0117601b5b45b8f1702dnet-snmp-perl-5.5-49.el6_5.1.i686.rpmc528fcfce1966db17d4f411c43c9cdfbff3607c5c6ffd0257046498f2c6b55efnet-snmp-5.5-49.el6_5.1.i686.rpm1aa5a9ebbd68c14a1187faca3b1dda22f0caa0f6f526ac1e0518f6ce757fc693net-snmp-utils-5.5-49.el6_5.1.i686.rpm5f59a96b8dcb9d65a8b5715f290ea56b22296f03618fcd98f5a6f5d0d1e17cd2SLSA-2014:0328-1* A flaw was found in the way the get_rx_bufs() function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc() function. A privileged guest user could use this flaw to crash the host. (CVE-2014-0055, Important) * A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on the system. (CVE-2014-0101, Important) * A flaw was found in the way the Linux kernel's CIFS implementation handled uncached write operations with specially crafted iovec structures. An unprivileged local user with access to a CIFS share could use this flaw to crash the system, leak kernel memory, or, potentially, escalate their privileges on the system. Note: the default cache settings for CIFS mounts on Scientific Linux 6 prohibit a successful exploitation of this issue. (CVE-2014-0069, Moderate) * A heap-based buffer overflow flaw was found in the Linux kernel's cdc- wdm driver, used for USB CDC WCM device management. An attacker with physical access to a system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1860, Low) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-431.11.2.el6.noarch.rpm3c7e48c68935aef50bfd5d5fa7fecdcfc0dc10745af70a6041b2c0bef2f9cc89kernel-debug-2.6.32-431.11.2.el6.i686.rpm4068541c5009f0913041ce2ebe4a7652b77cd9ffc2b1b9b0e708c21e78d4c3e6perf-2.6.32-431.11.2.el6.i686.rpm0b5b8be1db5cb1c3f2268b282530be9cb526c01283d2c579d2c49962e945c4d8kernel-headers-2.6.32-431.11.2.el6.i686.rpm1c165a8a9c1fb133df3420ef857e37d85a9ac0d4a3c783570a81e8a53e1a46c7python-perf-2.6.32-431.11.2.el6.i686.rpm06f791d43a35d935713a7eb5d9071a8857a9b12cf978535ef3e6018288c5e055kernel-devel-2.6.32-431.11.2.el6.i686.rpm6105e5eaceaefe1bae8ec14ee9398e773eea9bb3f445370c3a49ce189d307a5fkernel-firmware-2.6.32-431.11.2.el6.noarch.rpmca9281b3d515c7e5dae87be651b06fc3a4f4fe65de3dc6e60d000809b844a2abkernel-debug-devel-2.6.32-431.11.2.el6.i686.rpmcbf40e90a6061080ce0ef468e1ce4f7645f3417caef2003c321675f958514236kernel-doc-2.6.32-431.11.2.el6.noarch.rpm659889aeaea8cf2acee8f425d047ca63bf1f9fe47ce6978451c37e2a884620f6kernel-2.6.32-431.11.2.el6.i686.rpm26f5cd740232b4f3c8b61af06382d62a4bb016798c4482740695cf67f5c50721SLSA-2014:0330-1It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote attacker could use this flaw to perform password guessing attacks on Samba user accounts. Note: this flaw only affected Samba when deployed as a Primary Domain Controller. (CVE-2013-4496) A flaw was found in the way the pam_winbind module handled configurations that specified a non-existent group as required. An authenticated user could possibly use this flaw to gain access to a service using pam_winbind in its PAM configuration when group restriction was intended for access to the service. (CVE-2012-6150) After installing this update, the smb service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6samba-domainjoin-gui-3.6.9-168.el6_5.i686.rpm65335e184c247070f742d7a4192bb60cbb084992922fceb802b2bd5ebf699e21samba-winbind-3.6.9-168.el6_5.i686.rpm60907dcee9a323d2b75c17af3a4c2510681d3ca9d196020d5fea41a5530e787esamba-client-3.6.9-168.el6_5.i686.rpm76bbd6705875f10a1e795cfb662d12504a5e7c5bcd2862fe6b6a76b7c9b62129samba-common-3.6.9-168.el6_5.i686.rpmaa2821b565984a03dd32126f2a1d3c4be2f9fe5f3cdbd010c11f4c8340c9275clibsmbclient-3.6.9-168.el6_5.i686.rpm6a303db4ffeaff9842b3bceed4cb27fb1449dd01ab72c796885006e8220eccaasamba-3.6.9-168.el6_5.i686.rpmfe0ab4d2ea72c026425e93cb406fd379b3662ca72630bb9397a18d8685383027samba-winbind-krb5-locator-3.6.9-168.el6_5.i686.rpmd4453f478dc32074d3c599c7770fd6e79cd1be1a2e747f2aab77b2476cae2c76libsmbclient-devel-3.6.9-168.el6_5.i686.rpm1abcda541df909f996cd6eeb271a0497369b8c4f59cb2595cd59fd6ecb51f88csamba-doc-3.6.9-168.el6_5.i686.rpmc6d0e5c68406809865352a0eb371c2cb73a288d0639d23f9055e9e9c121056b9samba-winbind-devel-3.6.9-168.el6_5.i686.rpm7fd5cbbf06ad6c73b3ba1896c02c95c93c6e90723646317bd30dccebe3122fe0samba-swat-3.6.9-168.el6_5.i686.rpm347c9dae53b4c3eac2df6a8a59448b1483a393adc652865141506c5f0649176csamba-winbind-clients-3.6.9-168.el6_5.i686.rpm58c9991b27302915642d6fa26f98194f1931bae8297dca3c5793abf08fb9345bSLSA-2014:0342-1Two flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2014-2281, CVE-2014-2299) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6339, CVE-2013-6340, CVE-2014-2283, CVE-2013-7112, CVE-2013-7114) All running instances of Wireshark must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6wireshark-gnome-1.8.10-7.el6_5.i686.rpmd99a2a6320df064832a02f254eb1e3b21fc34833a966392a0634452b780a358awireshark-1.8.10-7.el6_5.i686.rpm2dbb4527195b1b1b190799ccb6050d4c3c99f59ac099b9f2e65bd267ff8b3f47wireshark-devel-1.8.10-7.el6_5.i686.rpmbda85f8b2cd15e7f31dacf09293d75f354993a6ef7f6361b4b9e87bd3e5a804eSLSA-2014:0348-1It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations (XSLT) content to be processed by an application using Xalan-Java could use this flaw to bypass the intended constraints of the secure processing feature. Depending on the components available in the classpath, this could lead to arbitrary remote code execution in the context of the application server running the application that uses Xalan- Java. (CVE-2014-0107)importantScientific Linux FermiScientific Linux Fermi 6xalan-j2-demo-2.7.0-9.9.el6_5.noarch.rpm991b76fcf972c93377439d01023ff231f58203fb620707faf99eb7a3fd2a7e3cxalan-j2-manual-2.7.0-9.9.el6_5.noarch.rpmd79f6085962939c24d9b16bb5dc0a2bc066cf04e4c1c82310d7e5f37600551b0xalan-j2-javadoc-2.7.0-9.9.el6_5.noarch.rpmd3147f2646320c4005fe9cbc91c4930f441b45201e3d147efdda56a788f01fb4xalan-j2-2.7.0-9.9.el6_5.noarch.rpm16b6a952f29585d4c0324ebde6bf9e578f37f6e531d2212bcb792ae63fd65f58xalan-j2-xsltc-2.7.0-9.9.el6_5.noarch.rpmf8440257d1fa7ec32b9aacf638fd1b9fec0dc09d86c1630a243d48ae75f4ba85SLSA-2014:0370-1It was found that the mod_dav module did not correctly strip leading white space from certain elements in a parsed XML. In certain httpd configurations that use the mod_dav module (for example when using the mod_dav_svn module), a remote attacker could send a specially crafted DAV request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. (CVE-2013-6438) A buffer over-read flaw was found in the httpd mod_log_config module. In configurations where cookie logging is enabled (on Scientific Linux it is disabled by default), a remote attacker could use this flaw to crash the httpd child process via an HTTP request with a malformed cookie header. (CVE-2014-0098) After installing the updated packages, the httpd daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6httpd-2.2.15-30.sl6.i686.rpma7bee8f158458fc35f7ee2bd5f4d8fdf52baf9c143f9ec497b11960f9c0c52b7httpd-devel-2.2.15-30.sl6.i686.rpm21a2fe3eb9983b13e1417ce91a9863ef581eddcc0147bdab69ea61aec482f11ahttpd-manual-2.2.15-30.sl6.noarch.rpm230102c405d273db69436427b9db9d7bcaf11ea0506763cb7e679295fb4f3e5amod_ssl-2.2.15-30.sl6.i686.rpmb33ce0b7a1a3da120f28c42a75db23e7e87a5f102fa48e04c522aab44b2d71c4httpd-tools-2.2.15-30.sl6.i686.rpm00cbd1520a25ab88d14a8572b884d620f9b9867cf14851f7e475b3db1ca6683dSLSA-2014:0376-1An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys. (CVE-2014-0160) For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.importantScientific Linux FermitruetrueScientific Linux Fermi 6openssl-1.0.1e-16.el6_5.7.i686.rpmf32b128f16f15d7ef76bf89ff96a9616055d919c7c19045fbea0f5b62469ffb2openssl-perl-1.0.1e-16.el6_5.7.i686.rpm4863a67799b32a75dfc875bc3f183067471f3f7787c1742f366e62e3c3c25423openssl-devel-1.0.1e-16.el6_5.7.i686.rpm5cb72550008552f60733e1a54e39ee4e4d5a1279aff4507d22ce8cd86f770a6copenssl-static-1.0.1e-16.el6_5.7.i686.rpmc424a08150bb9e6e7937507d5bec93c581c1d243b307f9706b775f3c40f7e70fSLSA-2014:0383-1It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote attacker could use this flaw to perform password guessing attacks on Samba user accounts. Note: this flaw only affected Samba when deployed as a Primary Domain Controller. (CVE-2013-4496) A flaw was found in Samba's "smbcacls" command, which is used to set or get ACLs on SMB file shares. Certain command line options of this command would incorrectly remove an ACL previously applied on a file or a directory, leaving the file or directory without the intended ACL. (CVE-2013-6442) A flaw was found in the way the pam_winbind module handled configurations that specified a non-existent group as required. An authenticated user could possibly use this flaw to gain access to a service using pam_winbind in its PAM configuration when group restriction was intended for access to the service. (CVE-2012-6150) After installing this update, the smb service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6samba4-swat-4.0.0-61.el6_5.rc4.i686.rpmfccb14b125ab9d080d67d44467f1f487494a2c3cb883b6097aab7f4b662efc3bsamba4-devel-4.0.0-61.el6_5.rc4.i686.rpm2d3522cce5f55daccafc1355a4bad34e5e4abe921f032f86f1cbae3f117f6400samba4-winbind-krb5-locator-4.0.0-61.el6_5.rc4.i686.rpm33eb3ef92afdfd2da996fc6090c659e986d4f2e8aae7fd008f1c2194a6d905d1samba4-winbind-4.0.0-61.el6_5.rc4.i686.rpm5af8b3588fc0f52576bdff674955c7deb10ffd0915abcfb71f41f6ccc57d5222samba4-dc-libs-4.0.0-61.el6_5.rc4.i686.rpm63492c508a0445d7f40882eec9259957c729cbbaa0042692572b2c095a0a86f0samba4-test-4.0.0-61.el6_5.rc4.i686.rpmb927917702d1b1ddeda2c2f7e63bf6c66f2a4ce9b8f2f762dde89da6a04f0a7esamba4-pidl-4.0.0-61.el6_5.rc4.i686.rpm80a6175b290c839ccd4f141aeb806f681a6a728b314d460495a11f91770be659samba4-client-4.0.0-61.el6_5.rc4.i686.rpmb3acbe49350b76e74a139a7bde83982cfe9e620a3631ce098d65a80a6d26addbsamba4-dc-4.0.0-61.el6_5.rc4.i686.rpm2cd97ea169bb5478603ea4a6ee86598b55b7395edac7c30681821abac922060fsamba4-libs-4.0.0-61.el6_5.rc4.i686.rpmfe7174c2aa90fb54c7f341dba27a4063fd1e64e7212d7acd3ad28f8fdcfa52c6samba4-python-4.0.0-61.el6_5.rc4.i686.rpm09bdbbee19dccdae11f35ff87b238b836fb169c4371fcb33429c1730fb498399samba4-common-4.0.0-61.el6_5.rc4.i686.rpm78ef38de5a6a754a47af1ad2a6fff1bb9394e9ca5d85481a3fde25f529da5ba6samba4-winbind-clients-4.0.0-61.el6_5.rc4.i686.rpm33d74ebb7305c9b353e7fff93bf174a2275407cc47dc5da83cd0091687817bc5samba4-4.0.0-61.el6_5.rc4.i686.rpm63080cd0a0e446e43442ca43db9ffb8b7d51a8f482abd86de480850b9ef66d2fSLSA-2014:0406-1An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429) Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0455, CVE-2014-0461) Multiple improper permission check issues were discovered in the AWT, JAX- WS, JAXB, Libraries, Security, Sound, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-2402, CVE-2014-0446, CVE-2014-2413, CVE-2014-0454, CVE-2014-2427, CVE-2014-0459) Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460) It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403) It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453) It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398) An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-1.7.0.55-2.4.7.1.el6_5.i686.rpm1102ff2ab0c98d690ad0c0b5b283831c2b13d763c15e3fd03bbbc6e29a3d26c2java-1.7.0-openjdk-src-1.7.0.55-2.4.7.1.el6_5.i686.rpmde1dfb76e45ecac3d2aa9812d560597b1fa6172fb0d3d7ea566f95f28a119ab1java-1.7.0-openjdk-demo-1.7.0.55-2.4.7.1.el6_5.i686.rpm9a5957a65880aca8f979d61965dbba93dcdd200dc9be4f58b575fb49beda616bjava-1.7.0-openjdk-javadoc-1.7.0.55-2.4.7.1.el6_5.noarch.rpmd4e0087e5a7617143d10c0be4f7a079658e083b8ee62149601b3401592114908java-1.7.0-openjdk-devel-1.7.0.55-2.4.7.1.el6_5.i686.rpm2d4dfa28a5e7c0741efa3ed9a5c94b522daa6aa75f4a044cd662d25b2d9bfcdfSLSA-2014:0408-1An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. (CVE-2014-0429) Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. (CVE-2014-0456, CVE-2014-2397, CVE-2014-2421) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-0457, CVE-2014-0461) Multiple improper permission check issues were discovered in the AWT, JAX- WS, JAXB, Libraries, and Sound components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-2412, CVE-2014-0451, CVE-2014-0458, CVE-2014-2423, CVE-2014-0452, CVE-2014-2414, CVE-2014-0446, CVE-2014-2427) Multiple flaws were identified in the Java Naming and Directory Interface (JNDI) DNS client. These flaws could make it easier for a remote attacker to perform DNS spoofing attacks. (CVE-2014-0460) It was discovered that the JAXP component did not properly prevent access to arbitrary files when a SecurityManager was present. This flaw could cause a Java application using JAXP to leak sensitive information, or affect application availability. (CVE-2014-2403) It was discovered that the Security component in OpenJDK could leak some timing information when performing PKCS#1 unpadding. This could possibly lead to the disclosure of some information that was meant to be protected by encryption. (CVE-2014-0453) It was discovered that the fix for CVE-2013-5797 did not properly resolve input sanitization flaws in javadoc. When javadoc documentation was generated from an untrusted Java source code and hosted on a domain not controlled by the code author, these issues could make it easier to perform cross-site scripting (XSS) attacks. (CVE-2014-2398) An insecure temporary file use flaw was found in the way the unpack200 utility created log files. A local attacker could possibly use this flaw to perform a symbolic link attack and overwrite arbitrary files with the privileges of the user running unpack200. (CVE-2014-1876) This update also fixes the following bug: * The OpenJDK update to IcedTea version 1.13 introduced a regression related to the handling of the jdk_version_info variable. This variable was not properly zeroed out before being passed to the Java Virtual Machine, resulting in a memory leak in the java.lang.ref.Finalizer class. This update fixes this issue, and memory leaks no longer occur. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-javadoc-1.6.0.0-5.1.13.3.el6_5.i686.rpm03ed42bc77fe02079f6c22380a7ec9b73a1e94b4f6685015138d4afb901d5123java-1.6.0-openjdk-demo-1.6.0.0-5.1.13.3.el6_5.i686.rpmc0e11e8408062863c10dbf25b9d5baf8fe9e62223b656f9297dab3afb757e0e8java-1.6.0-openjdk-1.6.0.0-5.1.13.3.el6_5.i686.rpmf3d709b2b6d277493d29b211c617df8a7684ae98569c73241d0ae59d93fce91bjava-1.6.0-openjdk-devel-1.6.0.0-5.1.13.3.el6_5.i686.rpm6ff5fe7c1f6f955f30ab6ae42aae76a6d476d5684634f0d254aff0511a025d41java-1.6.0-openjdk-src-1.6.0.0-5.1.13.3.el6_5.i686.rpm687a899ece64bf563f6c8852a7b0494bc822474871a07f3f87f858b24cb9c2c4SLSA-2014:0420-1Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0147) A buffer overflow flaw was found in the way the virtio_net_handle_mac() function of QEMU processed guest requests to update the table of MAC addresses. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0150) A divide-by-zero flaw was found in the seek_to_sector() function of the parallels block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0142) A NULL pointer dereference flaw was found in the QCOW2 block driver in QEMU. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0146) It was found that the block driver for Hyper-V VHDX images did not correctly calculate BAT (Block Allocation Table) entries due to a missing bounds check. An attacker able to modify a disk image file loaded by a guest could use this flaw to crash the guest. (CVE-2014-0148) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.415.el6_5.8.i686.rpm9eadefd231c85ea225b331137e05eaa619923fa4db05a1d954770abf2138a5acSLSA-2014:0429-1It was found that when Tomcat processed a series of HTTP requests in which at least one request contained either multiple content-length headers, or one content-length header with a chunked transfer-encoding header, Tomcat would incorrectly handle the request. A remote attacker could use this flaw to poison a web cache, perform cross-site scripting (XSS) attacks, or obtain sensitive information from other requests. (CVE-2013-4286) It was discovered that the fix for CVE-2012-3544 did not properly resolve a denial of service flaw in the way Tomcat processed chunk extensions and trailing headers in chunked requests. A remote attacker could use this flaw to send an excessively long request that, when processed by Tomcat, could consume network bandwidth, CPU, and memory on the Tomcat server. Note that chunked transfer encoding is enabled by default. (CVE-2013-4322) A denial of service flaw was found in the way Apache Commons FileUpload handled small-sized buffers used by MultipartStream. A remote attacker could use this flaw to create a malformed Content-Type header for a multipart request, causing JBoss Web to enter an infinite loop when processing such an incoming request. (CVE-2014-0050) Tomcat must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6tomcat6-javadoc-6.0.24-64.el6_5.noarch.rpmb8cd720d070ad55e69da71f61106fde8d49a693cf700f35bdcfe9851df3200b4tomcat6-el-2.1-api-6.0.24-64.el6_5.noarch.rpma3dee69bd078e35b7be538cb243d8348b3f78d2e19d21b3509e71928fbc824aatomcat6-6.0.24-64.el6_5.noarch.rpm33d5c89576fc8be236f5674b46525e88dfea2ae81698143ea9ed6a819af7405atomcat6-jsp-2.1-api-6.0.24-64.el6_5.noarch.rpm53a49899541ed7d50ce5fd8682c5125ccb203bbe39ba4397f789d1c0b80a2a72tomcat6-docs-webapp-6.0.24-64.el6_5.noarch.rpm364f1aa13e9759628f0dc825b426b1c704b1586ed4883d5cfb85e80140527365tomcat6-admin-webapps-6.0.24-64.el6_5.noarch.rpm80e5c5be43c987a823ad7d9d0eb49a81b4051d0489647d6b7664c03efa217393tomcat6-lib-6.0.24-64.el6_5.noarch.rpm4d4165dbfc60bda00bf428c2b7d202343091313ab2ee9959568aebeddbdfb314tomcat6-servlet-2.5-api-6.0.24-64.el6_5.noarch.rpm6bbfbf6ee08c88b1a52388f439badb146199ca622b5fed6977b10036de4cd917tomcat6-webapps-6.0.24-64.el6_5.noarch.rpmba9def21369894f2922f97c7e1c5ef02af937bb47b7599911f74918fcf60e379SLSA-2014:0448-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Firefox resolved hosts in certain circumstances. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Firefox decoded JPEG images. Loading a web page containing a specially crafted JPEG image could cause Firefox to crash. (CVE-2014-1523) A flaw was found in the way Firefox handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-24.5.0-1.el6_5.i686.rpmfa027daf7e33b8158486ac38dc2b82605a9b52b42040b92eab7bd575bcbaceeaSLSA-2014:0449-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Thunderbird decoded JPEG images. Loading an email or a web page containing a specially crafted JPEG image could cause Thunderbird to crash. (CVE-2014-1523) A flaw was found in the way Thunderbird handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross- site scripting (XSS) attacks. (CVE-2014-1530) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-24.5.0-1.el6_5.i686.rpm07107e49f156940f2edf16f798e67532763276b9a8d0c084a8a50834253d6a8fSLSA-2014:0475-1* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important) * A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions. (CVE-2013-6383, Moderate) * A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6perf-2.6.32-431.17.1.el6.i686.rpm225b5ff6dae6546669b463bd5901ecf51d69ada795f1edd703e233b3d1f84fe6kernel-doc-2.6.32-431.17.1.el6.noarch.rpm8053628a4723f25c306d35271f510c92841d4a728ce0adc9ba155db772443595kernel-devel-2.6.32-431.17.1.el6.i686.rpm04e14602338a5ef2e910119ce10bdb772d8a531e4af5f239dc7e6b0b276beb43kernel-2.6.32-431.17.1.el6.i686.rpm39acc500ba2d5f0892199ca42a9492101755b324be38c79523165047db2c4d67kernel-abi-whitelists-2.6.32-431.17.1.el6.noarch.rpm4a23c9ef53f85141717725dc41b3054b17ea4d2826ecf58a4cf23f31917092c9kernel-debug-2.6.32-431.17.1.el6.i686.rpmc0956b4321d263094fda5d348fa09c4ca2cf4131e8a8b3c044999c34117a374akernel-firmware-2.6.32-431.17.1.el6.noarch.rpme781c970a1cbe8a7affa92d5d39d409b37c76d3b1a1edbd0d358b646f65d59dekernel-debug-devel-2.6.32-431.17.1.el6.i686.rpme3a8e1372fc6820bd0b6074bfac1b6f5c9449a6f797d92408d4feb57052e4fd5kernel-headers-2.6.32-431.17.1.el6.i686.rpm254048eecc51de03054bb6ff103c05d411da792cff3148b2c4d310a448ce520epython-perf-2.6.32-431.17.1.el6.i686.rpm9277da9a9f78a1c44c694434d2bc7f15053959ef55d4a6989bb2d1cbc9656e6fSLSA-2014:0513-1It was discovered that libxml2 loaded external parameter entities even when entity substitution was disabled. A remote attacker able to provide a specially crafted XML file to an application linked against libxml2 could use this flaw to conduct XML External Entity (XXE) attacks, possibly resulting in a denial of service or an information leak on the system. (CVE-2014-0191) An out-of-bounds read flaw was found in the way libxml2 detected the end of an XML file. A remote attacker could provide a specially crafted XML file that, when processed by an application linked against libxml2, could cause the application to crash. (CVE-2013-2877) The desktop must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libxml2-devel-2.7.6-14.el6_5.1.i686.rpmd3699021c5a93ac827ac8a400f00ab69a918be89ac6a0816657ea8aa6235023elibxml2-static-2.7.6-14.el6_5.1.i686.rpmdd5d5752e32c697271510c8166fe5ffebd40b0eb84a5ffe8490fc6315ca605c5libxml2-python-2.7.6-14.el6_5.1.i686.rpm4323faff1d65be05f979e756a1e71eafafd1b364098ab3a27e0c2cafef649d8blibxml2-2.7.6-14.el6_5.1.i686.rpma9312711c46f77a2a8b2f36b3c61c32d49f8187aadd2e36661aee5ab5dee2b22SLSA-2014:0560-1It was found that libvirt passes the XML_PARSE_NOENT flag when parsing XML documents using the libxml2 library, in which case all XML entities in the parsed documents are expanded. A user able to force libvirtd to parse an XML document with an entity pointing to a special file that blocks on read access could use this flaw to cause libvirtd to hang indefinitely, resulting in a denial of service on the system. (CVE-2014-0179) This update also fixes the following bugs: * When hot unplugging a virtual CPU (vCPU), libvirt kept a pointer to already freed memory if the vCPU was pinned to a host CPU. Consequently, when reading the CPU pinning information, libvirt terminated unexpectedly due to an attempt to access this memory. This update ensures that libvirt releases the pointer to the previously allocated memory when a vCPU is being hot unplugged, and it no longer crashes in this situation. * Previously, libvirt passed an incorrect argument to the "tc" command when setting quality of service (QoS) on a network interface controller (NIC). As a consequence, QoS was applied only to IP traffic. With this update, libvirt constructs the "tc" command correctly so that QoS is applied to all traffic as expected. * When using the sanlock daemon for managing access to shared storage, libvirt expected all QEMU domains to be registered with sanlock. However, if a QEMU domain was started prior to enabling sanlock, the domain was not registered with sanlock. Consequently, migration of a virtual machine (VM) from such a QEMU domain failed with a libvirt error. With this update, libvirt verifies whether a QEMU domain process is registered with sanlock before it starts working with the domain, ensuring that migration of virtual machines works as expected. After installing the updated packages, libvirtd will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6libvirt-python-0.10.2-29.el6_5.8.i686.rpm5d8965c1a9ac8bf9c5fae1cfb7f6d223a5e5f451567c6964d4a4ca05a754151clibvirt-devel-0.10.2-29.el6_5.8.i686.rpm8276494e5c8d3b4091d372fac0740b0fd24631d6a9d4c27d0f63861b6d40d235libvirt-0.10.2-29.el6_5.8.i686.rpm8abd22bccefb1f5c0d9545a82a629db81c158c5ba208fecadc1c4bdaf5ed59aflibvirt-client-0.10.2-29.el6_5.8.i686.rpm6bc8bb99a78432b2d3ba3d4687f2c57e84a3da39dd1beafd75a30e8d1dda5d5aSLSA-2014:0561-1It was found that libcurl could incorrectly reuse existing connections for requests that should have used different or no authentication credentials, when using one of the following protocols: HTTP(S) with NTLM authentication, LDAP(S), SCP, or SFTP. If an application using the libcurl library connected to a remote server with certain authentication credentials, this flaw could cause other requests to use those same credentials. (CVE-2014-0015, CVE-2014-0138) This update also fixes the following bugs: * Previously, the libcurl library was closing a network socket without first terminating the SSL connection using the socket. This resulted in a write after close and consequent leakage of memory dynamically allocated by the SSL library. An upstream patch has been applied on libcurl to fix this bug. As a result, the write after close no longer happens, and the SSL library no longer leaks memory. * Previously, the libcurl library did not implement a non-blocking SSL handshake, which negatively affected performance of applications based on libcurl's multi API. To fix this bug, the non-blocking SSL handshake has been implemented by libcurl. With this update, libcurl's multi API immediately returns the control back to the application whenever it cannot read/write data from/to the underlying network socket. * Previously, the curl package could not be rebuilt from sources due to an expired cookie in the upstream test-suite, which runs during the build. An upstream patch has been applied to postpone the expiration date of the cookie, which makes it possible to rebuild the package from sources again. * Previously, the libcurl library attempted to authenticate using Kerberos whenever such an authentication method was offered by the server. This caused problems when the server offered multiple authentication methods and Kerberos was not the selected one. An upstream patch has been applied on libcurl to fix this bug. Now libcurl no longer uses Kerberos authentication if another authentication method is selected. All running applications that use libcurl have to be restarted for this update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6curl-7.19.7-37.el6_5.3.i686.rpm14ac4994b135436b3b353f7be24d93ff85dd66816bba09f879359d42b5efa5b3libcurl-devel-7.19.7-37.el6_5.3.i686.rpm44862121515bc693c9ca0191c435c7057e95f95b490c8179e8215879d9335015libcurl-7.19.7-37.el6_5.3.i686.rpmdc957d6224db6369e3e20fa2518cb32b11be16928ce3d0bcd14e428e5bc70a75SLSA-2014:0595-1A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code. (CVE-2014-3466) For the update to take effect, all applications linked to the GnuTLS library must be restarted.importantScientific Linux FermitrueScientific Linux Fermi 6gnutls-guile-2.8.5-14.el6_5.i686.rpm17957e7ff4880dffb0d5e12b8abe6c3d70604445cdee06d294a3edb171c3afc7gnutls-2.8.5-14.el6_5.i686.rpmc8e66e3ca20687b2729d7ce2e0ff9ec9b7fa24290a42494780795fd65ea54c20gnutls-utils-2.8.5-14.el6_5.i686.rpm946417e9b9bddc18c1f98f1099255f9ffb84e3e390db2d38dc8c47d3c4bbc4f2gnutls-devel-2.8.5-14.el6_5.i686.rpme880ab64036c76552e65cb3df43ce0455db4d464fb99dbd9788fe06461e8f032SLSA-2014:0596-1It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. (CVE-2014-3468) Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash. (CVE-2014-3467) Multiple NULL pointer dereference flaws were found in libtasn1's asn1_read_value() function. Specially crafted ASN.1 input could cause an application using libtasn1 to crash, if the application used the aforementioned function in a certain way. (CVE-2014-3469) For the update to take effect, all applications linked to the libtasn1 library must be restarted.moderateScientific Linux FermitrueScientific Linux Fermi 6libtasn1-2.3-6.el6_5.i686.rpm05e186c692e884e40545aa1c85fb742f78557622253f0bb80fe330b2db4942a2libtasn1-devel-2.3-6.el6_5.i686.rpma5d502d5d4c423cefed9bdec312bb21fe11473bc5f8a0e59c2b61488c239b897libtasn1-tools-2.3-6.el6_5.i686.rpm385e9a7aba4a011ce94dd60bf1d2f3812db0a2b5401ff56e1d1da90b6831e6b7SLSA-2014:0597-1A denial of service flaw was found in the way Squid processed certain HTTPS requests when the SSL Bump feature was enabled. A remote attacker could send specially crafted requests that could cause Squid to crash. (CVE-2014-0128) After installing this update, the squid service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6squid-3.1.10-20.el6_5.3.i686.rpm29ede8cad6646303fa62c5281efa54565d2f48de429e51fc86a0383bdf91c68cSLSA-2014:0625-1It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: A buffer overflow flaw was found in the way OpenSSL handled invalid DTLS packet fragments. A remote attacker could possibly use this flaw to execute arbitrary code on a DTLS client or server. (CVE-2014-0195) Multiple flaws were found in the way OpenSSL handled read and write buffers when the SSL_MODE_RELEASE_BUFFERS mode was enabled. A TLS/SSL client or server using OpenSSL could crash or unexpectedly drop connections when processing certain SSL traffic. (CVE-2010-5298, CVE-2014-0198) A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests. A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. (CVE-2014-0221) A NULL pointer dereference flaw was found in the way OpenSSL performed anonymous Elliptic Curve Diffie Hellman (ECDH) key exchange. A specially crafted handshake packet could cause a TLS/SSL client that has the anonymous ECDH cipher suite enabled to crash. (CVE-2014-3470) For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.importantScientific Linux FermitruetrueScientific Linux Fermi 6openssl-perl-1.0.1e-16.el6_5.14.i686.rpm4405c086cbc7ce18434c07b8ca60126d8e502c5538d6b3de6752b3aea030d009openssl-1.0.1e-16.el6_5.14.i686.rpma786be99649c7039b400904b3136594e15f57c4040e95fff6408eadf53326c10openssl-devel-1.0.1e-16.el6_5.14.i686.rpmc877b23acaefc6b65eaeefc8205f9010f16b34c2c1fe4edebff779ab066ea93bopenssl-static-1.0.1e-16.el6_5.14.i686.rpm4c65d947a71b888cddc81fdc909d11a360148785b8e0d096a28179e5d8a21365SLSA-2014:0626-1It was found that OpenSSL clients and servers could be forced, via a specially crafted handshake packet, to use weak keying material for communication. A man-in-the-middle attacker could use this flaw to decrypt and modify traffic between a client and a server. (CVE-2014-0224) Note: In order to exploit this flaw, both the server and the client must be using a vulnerable version of OpenSSL; the server must be using OpenSSL version 1.0.1 and above, and the client must be using any version of OpenSSL. For more information about this flaw, refer to: For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.importantScientific Linux FermitruetrueScientific Linux Fermi 6openssl098e-0.9.8e-18.el6_5.2.i686.rpm128c5c050a215b4d89ea5ae5bb9aa9623c659788c3239e603baeb6cbb02b7102SLSA-2014:0741-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-24.6.0-1.el6_5.i686.rpmf4e153ffcab048913d75dd5ff6cd255e132d22ac04e452c6b9a15b8e9e7da329SLSA-2014:0742-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-24.6.0-1.el6_5.i686.rpm0587b53985582885dace187c4ef7f50700bb28fe3b21761fe3394e7df27d2215SLSA-2014:0743-1Multiple buffer overflow, input validation, and out-of-bounds write flaws were found in the way the virtio, virtio-net, virtio-scsi, and usb drivers of QEMU handled state loading after migration. A user able to alter the savevm data (either on the disk or over the wire during migration) could use either of these flaws to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2013-4148, CVE-2013-4151, CVE-2013-4535, CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0182, CVE-2014-3461) An out-of-bounds memory access flaw was found in the way QEMU's IDE device driver handled the execution of SMART EXECUTE OFFLINE commands. A privileged guest user could use this flaw to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-2894) This update also fixes the following bugs: * Previously, under certain circumstances, libvirt failed to start guests which used a non-zero PCI domain and SR-IOV Virtual Functions (VFs), and returned the following error message: Can't assign device inside non-zero PCI segment as this KVM module doesn't support it. This update fixes this issue and guests using the aforementioned configuration no longer fail to start. * Due to an incorrect initialization of the cpus_sts bitmap, which holds the enablement status of a vCPU, libvirt could fail to start a guest with an unusual vCPU topology (for example, a guest with three cores and two sockets). With this update, the initialization of cpus_sts has been corrected, and libvirt no longer fails to start the aforementioned guests. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.415.el6_5.10.i686.rpm0cef96f9c52f2edba2daafa9583eacfe550ed3e27a73a043307875d83a8a89f2SLSA-2014:0747-1It was discovered that Jinja2 did not properly handle bytecode cache files stored in the system's temporary directory. A local attacker could use this flaw to alter the output of an application using Jinja2 and FileSystemBytecodeCache, and potentially execute arbitrary code with the privileges of that application. (CVE-2014-1402) For the update to take effect, all applications using python-jinja2 must be restarted.moderateScientific Linux FermiScientific Linux Fermi 6python-jinja2-2.2.1-2.el6_5.i686.rpm4aa6524f12fa283694f201bcece8859870352c32b784d5035a69a75339243054SLSA-2014:0771-1* A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-3153, Important) * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important) * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low) Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system. * It was discovered that the proc_ns_follow_link() function did not properly return the LAST_BIND value in the last pathname component as is expected for procfs symbolic links, which could lead to excessive freeing of memory and consequent slab corruption. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-0203, Moderate) * A flaw was found in the way the Linux kernel handled exceptions when user-space applications attempted to use the linkage stack. On IBM S/390 systems, a local, unprivileged user could use this flaw to crash the system. (CVE-2014-2039, Moderate) * An invalid pointer dereference flaw was found in the Marvell 8xxx Libertas WLAN (libertas) driver in the Linux kernel. A local user able to write to a file that is provided by the libertas driver and located on the debug file system (debugfs) could use this flaw to crash the system. Note: The debugfs file system must be mounted locally to exploit this issue. It is not mounted by default. (CVE-2013-6378, Low) * A denial of service flaw was discovered in the way the Linux kernel's SELinux implementation handled files with an empty SELinux security context. A local user who has the CAP_MAC_ADMIN capability could use this flaw to crash the system. (CVE-2014-1874, Low) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-431.20.3.el6.noarch.rpm6eaaf81288cbbb7caa9900b425e03dd70d2d981a8ba5a045e0097bcf9374bc45kernel-doc-2.6.32-431.20.3.el6.noarch.rpm80ff88a1383ed7cbfc95b3f8bda5b21085392d8afe1cf0e1dd2d39b0cbbb2d5fkernel-debug-devel-2.6.32-431.20.3.el6.i686.rpm32c07b7e022b21e065acdcf5567ae810ed2d22a1c14b82bcdc47a12a29302e48kernel-devel-2.6.32-431.20.3.el6.i686.rpm6c5db64267ae35d16baf3618f6fc257fca101889333806bc1887241176d06335kernel-debug-2.6.32-431.20.3.el6.i686.rpmcb4b2ee5c011ef005b3adf612848705734be8f4637a59aae80063531cb42bb17kernel-firmware-2.6.32-431.20.3.el6.noarch.rpmf19da92c87bcb00e5d85c74183141696912a075f5a8fce8d667f777730726a51perf-2.6.32-431.20.3.el6.i686.rpmb2b1c4dce72e2a3f976bb71597063b834470eae1f48946804ea31cc4e6633e9ekernel-2.6.32-431.20.3.el6.i686.rpm285b4edb892bd58496fb08fee7244e6fde6e9baf8888728aa926e6fea17aa270kernel-headers-2.6.32-431.20.3.el6.i686.rpm480f94ec58eb0598c8af8ab7459d669ae4d0487f8b7e624a41ac0354c505999fpython-perf-2.6.32-431.20.3.el6.i686.rpmb2d910328e3d629a223441bdfdaa81ba906910fd716be25e4c9b028a039855d8SLSA-2014:0788-1It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. (CVE-2014-0240) Note: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation. It was discovered that mod_wsgi could leak memory of a hosted web application via the "Content-Type" header. A remote attacker could possibly use this flaw to disclose limited portions of the web application's memory. (CVE-2014-0242)importantScientific Linux FermiScientific Linux Fermi 6mod_wsgi-3.2-6.el6_5.i686.rpma184ea1cb94165d16bb7b3d24d3c59737cd7ce846c08f05e49940f062f7e14ccSLSA-2014:0790-1It was discovered that Dovecot did not properly discard connections trapped in the SSL/TLS handshake phase. A remote attacker could use this flaw to cause a denial of service on an IMAP/POP3 server by exhausting the pool of available connections and preventing further, legitimate connections to the IMAP/POP3 server to be made. (CVE-2014-3430) After installing the updated packages, the dovecot service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6dovecot-2.0.9-7.el6_5.1.i686.rpm3b698c33be8b86646a86c91cc1450409ebdd1886bf2108d19a27b263d308c497dovecot-pgsql-2.0.9-7.el6_5.1.i686.rpm20f3fad9ca26e2c01561a02aade15ffbced3bb6a28236a07f2142a823698e2f9dovecot-devel-2.0.9-7.el6_5.1.i686.rpm07bbb9a87400da36acacd5664b1cf36496a3d2bba3cf9e5b7c935a79645be80edovecot-pigeonhole-2.0.9-7.el6_5.1.i686.rpm79518a097a5d546cb3a71c5994db2535b7771ccdec1067bc9b02cd1ee7c216badovecot-mysql-2.0.9-7.el6_5.1.i686.rpm2b1c69bc3a85a01a6e908128ce8d3e4916904f030eaacb1382eda347fcb90bbeSLSA-2014:0861-2An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted.moderateScientific Linux FermitrueScientific Linux Fermi 6lzo-minilzo-2.03-3.1.el6_5.1.i686.rpmcfc896350b3684d0f7fb8055710ca330bb08738e0a03baaed1ab2c17501a4119lzo-2.03-3.1.el6_5.1.i686.rpm8c1b3b8cca875d8d68b47b6532766b842ee315238f8afd4cba807a9dca9d3727lzo-devel-2.03-3.1.el6_5.1.i686.rpm491be99a4c2b87f0057c587b313870c9a0ba11d41dcd172eed534a3966e5b3a0SLSA-2014:0865-1It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. (CVE-2014-0075) It was found that Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a Tomcat server located behind a reverse proxy that processed the content length header correctly. (CVE-2014-0099) It was found that the org.apache.catalina.servlets.DefaultServlet implementation in Apache Tomcat allowed the definition of XML External Entities (XXEs) in provided XSLTs. A malicious application could use this to circumvent intended security restrictions to disclose sensitive information. (CVE-2014-0096) This update also fixes the following bugs: * The patch that resolved the CVE-2014-0050 issue contained redundant code. This update removes the redundant code. * The patch that resolved the CVE-2013-4322 issue contained an invalid check that triggered a java.io.EOFException while reading trailer headers for chunked requests. This update fixes the check and the aforementioned exception is no longer triggered in the described scenario. Tomcat must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6tomcat6-javadoc-6.0.24-72.el6_5.noarch.rpm5f6390658c869ee03ad952255b8d56364734bf61b965174b22a186ca886c0d9ftomcat6-6.0.24-72.el6_5.noarch.rpm8f5ff77ef4b361f6253a38eb58a11e6ca571f8d78d458546dc0b53dc3cf896d7tomcat6-webapps-6.0.24-72.el6_5.noarch.rpm1550570bea7cb0c8fa872c430c244ae3dc024e94a88a94dd508c3bc0f526f597tomcat6-servlet-2.5-api-6.0.24-72.el6_5.noarch.rpm1bd6017d91e8bdb06f585cb6dc460eeeeed029418e829d61a8e346f0848d9a2ctomcat6-jsp-2.1-api-6.0.24-72.el6_5.noarch.rpm278e810aee0bc45a65371e3494cacef7da7ddc84c3acf45474c08c175f4e335btomcat6-docs-webapp-6.0.24-72.el6_5.noarch.rpme1bd9b4c8f6c9908b95c24985b9e962b3ac5458c538803eca3f152e43d4c3baftomcat6-el-2.1-api-6.0.24-72.el6_5.noarch.rpm280fa6432b025f5d0ba737e71e2337fefff83eb08b0fe56695a3ba597bb55b3etomcat6-lib-6.0.24-72.el6_5.noarch.rpme664b93fec85f77642f36e5997f2e125909ed574de1044ec52e511efc6f93f07tomcat6-admin-webapps-6.0.24-72.el6_5.noarch.rpmbc7433743b6cbf8ff8de3f03fb031385410d1d0bbb9d7100f11f1059dc8ecf96SLSA-2014:0866-1A denial of service flaw was found in the way the sys_recvfile() function of nmbd, the NetBIOS message block daemon, processed non-blocking sockets. An attacker could send a specially crafted packet that, when processed, would cause nmbd to enter an infinite loop and consume an excessive amount of CPU time. (CVE-2014-0244) It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to crash. (CVE-2014-3493) After installing this update, the smb service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6samba-common-3.6.9-169.el6_5.i686.rpm91a1970a2e9b65b816617abe1285ed9a8f2db9b379f1c572da6a2959c31d8c11samba-3.6.9-169.el6_5.i686.rpm6043e29955176dff4cfae639e37dd8ae79b36edb87b455a4fc372db9f932ea44libsmbclient-devel-3.6.9-169.el6_5.i686.rpm9f08e859ec369275381ddff3184f93224b4058db3829b84380db980834cf8607samba-doc-3.6.9-169.el6_5.i686.rpmaa9a5a58a5db3be4475f9527a7486f2f6f57d17ebf5a3615fde81f0b2aedcf9fsamba-swat-3.6.9-169.el6_5.i686.rpmd769a21870a326c6cd774b34ac18e8cf7c42e2f24fef76bf43d898a7d4b6550flibsmbclient-3.6.9-169.el6_5.i686.rpm055ff355f30c6ca4be78a5d51c0602c9f25f0cd7cb5f0d508022d8de1d63091csamba-winbind-3.6.9-169.el6_5.i686.rpm52fa59ee45806fb378ab707bbef49f33b5a3f7599e4cd41fe731fd6d472224bfsamba-winbind-krb5-locator-3.6.9-169.el6_5.i686.rpmfe2742e29ac7fd90bc3f604244947d3d57c4147da1fbcfaf556484f657acf1desamba-winbind-clients-3.6.9-169.el6_5.i686.rpm6bdf03abbe3dec46fad64f7d61015dd79c9e71ca5c6dc094bc31c29b0cc80618samba-winbind-devel-3.6.9-169.el6_5.i686.rpm15b2c818816d2556446b08e4f7b2f9b1f95698ac406d8c3ae2ff45b12245d9d8samba-client-3.6.9-169.el6_5.i686.rpma7377730f004d45ee9927d2ab0e54212abfbf237d79c184ff79b63342b4f998csamba-domainjoin-gui-3.6.9-169.el6_5.i686.rpm5164c4e886a17e6e2244317eaa129c56cefbf70125f136b770097cf98c98d777SLSA-2014:0889-1It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-4216, CVE-2014-4219) A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. (CVE-2014-2490) Multiple improper permission check issues were discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2014-4223, CVE-2014-4262, CVE-2014-2483) Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-4209, CVE-2014-4218, CVE-2014-4221, CVE-2014-4252, CVE-2014-4266) It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. (CVE-2014-4244) The Diffie-Hellman (DH) key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. (CVE-2014-4263) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.65-2.5.1.2.el6_5.i686.rpm032a736028b31f0985a1f21089bce7f535e14c2c7058b9f987613c9f9d1d30f8java-1.7.0-openjdk-javadoc-1.7.0.65-2.5.1.2.el6_5.noarch.rpmcb007c75c16d40e121590be4822ff698176138e1bbf34271fcf322fd9d52e4b2java-1.7.0-openjdk-demo-1.7.0.65-2.5.1.2.el6_5.i686.rpmee85cc78dc2c46f985f9040c9cce72245d1609bc96daa2d531b071b7399ef19ejava-1.7.0-openjdk-src-1.7.0.65-2.5.1.2.el6_5.i686.rpm021281c07dab174339d6ecf79d62cb4bf7af03cf3280fd71cb7e4bc0b85e9517java-1.7.0-openjdk-1.7.0.65-2.5.1.2.el6_5.i686.rpm3187324611c46e2eabc47d4045cd296ad0891f139100cab8a78a3b0879f6401aSLSA-2014:0907-1It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-4216, CVE-2014-4219) A format string flaw was discovered in the Hotspot component event logger in OpenJDK. An untrusted Java application or applet could use this flaw to crash the Java Virtual Machine or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. (CVE-2014-2490) An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2014-4262) Multiple flaws were discovered in the JMX, Libraries, Security, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-4209, CVE-2014-4218, CVE-2014-4252, CVE-2014-4266) It was discovered that the RSA algorithm in the Security component in OpenJDK did not sufficiently perform blinding while performing operations that were using private keys. An attacker able to measure timing differences of those operations could possibly leak information about the used keys. (CVE-2014-4244) The Diffie-Hellman (DH) key exchange algorithm implementation in the Security component in OpenJDK failed to validate public DH parameters properly. This could cause OpenJDK to accept and use weak parameters, allowing an attacker to recover the negotiated key. (CVE-2014-4263) This update also fixes the following bug: * Prior to this update, an application accessing an unsynchronized HashMap could potentially enter an infinite loop and consume an excessive amount of CPU resources. This update resolves this issue. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-devel-1.6.0.0-6.1.13.4.el6_5.i686.rpma7a9cb970863343043587536960abf6982509dcd24970d472272c59db4d867a7java-1.6.0-openjdk-demo-1.6.0.0-6.1.13.4.el6_5.i686.rpmca79e3d728c948707a17e45ff17fa0d2a3d332f0d790307bfa9cf843222cba37java-1.6.0-openjdk-1.6.0.0-6.1.13.4.el6_5.i686.rpmba2bdef6fc7c5872d3bbb982ce5bb2efce973ff196720a67662db4669113f930java-1.6.0-openjdk-javadoc-1.6.0.0-6.1.13.4.el6_5.i686.rpmf6c9531574109c38f76879852780bcd67dde1fa3d845cac7287d4f897361e79ajava-1.6.0-openjdk-src-1.6.0.0-6.1.13.4.el6_5.i686.rpm07ac7b3453e49ac2fcb3bd79d47bfb8d759482fef0480d98d861f9e1212f15e7SLSA-2014:0915-1A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) After installing this update, applications using NSS must be restarted for this update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6nss-tools-3.14.3-6.el6_4.i686.rpm1478ecfd55e70830754a7b635774882d815c725519e7e551585a60eeb260c208nss-3.14.3-6.el6_4.i686.rpm7d576eba4382258467f45015dd8ee91116b62796bdec557cf73ae35c47cea993nss-sysinit-3.14.3-6.el6_4.i686.rpma1d83973891d8974cb77da0ecbd6628c4ac73861093aeb4383f733b2ed96099anss-devel-3.14.3-6.el6_4.i686.rpmd30c7ef32de1544d840820881815ab2bfd68d0e5e9d455fb2af7b0543572c607nss-pkcs11-devel-3.14.3-6.el6_4.i686.rpm2e1d952f4018c44cdced3330ade621c1e6e235c6d4953e6e240631ab760c0974SLSA-2014:0917-1A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. (CVE-2013-1740) A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1490) It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version of Firefox. (CVE-2014-1545) It was found that the implementation of Internationalizing Domain Names in Applications (IDNA) hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid. (CVE-2014-1492) In addition, the nss package has been upgraded to upstream version 3.16.1, and the nspr package has been upgraded to upstream version 4.10.6. These updated packages provide a number of bug fixes and enhancements over the previous versions. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.criticalScientific Linux FermiScientific Linux Fermi 6nss-util-3.16.1-1.el6_5.i686.rpmcf8d1fd6b5ffb67232fd0e3c6655dc4fbe5d5ab13fba9dfe9452bdea3231812enss-pkcs11-devel-3.16.1-4.el6_5.i686.rpm5926c27c4770804d1f91962da32e0e7a52496412a5a2aa6b74e66ac5296c4135nss-devel-3.16.1-4.el6_5.i686.rpm68e1d518d1d3eaf6aa5c3fc9ff5cb2164e6330a28d13b1369f3001f8de46b6a8nspr-devel-4.10.6-1.el6_5.i686.rpm59b980d040ca0d2de279d03fde4bb63f0b164ed9d193ff838d8cfa7ebdd921efnspr-4.10.6-1.el6_5.i686.rpm183a1081ca67ef6d7225d9c370603510b6c8ac5b4b25a63933386cc9f0ea98b0nss-sysinit-3.16.1-4.el6_5.i686.rpmd8a1f75d39ca947da9cf61e8bf2510dbd094c8650f0ee170afbdbb81a9bdf0ecnss-3.16.1-4.el6_5.i686.rpm2a69352255d3b9013f4e1b46f1848bb797a24dbc89ea69ddbb9dc2f14426b3a5nss-util-devel-3.16.1-1.el6_5.i686.rpmba5b57eb81252f4924b864383e9cceda03bbd947d0c70dda484dee8a67d24f76nss-tools-3.16.1-4.el6_5.i686.rpm95ea2473bbd9dae4fd11a40b8effac4882235f760924bcbe11daaf08aedbce28SLSA-2014:0918-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-24.7.0-1.el6_5.i686.rpmc454c9caa51a4dff8db20b723489bd53a84bdf17231270c42240ae175b4d0015SLSA-2014:0919-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-24.7.0-1.el6_5.i686.rpm8ea1a4558768574c08489b57aab6bda98286155edf91ee235ea5e3a02ab3756cSLSA-2014:0920-1A race condition flaw, leading to heap-based buffer overflows, was found in the mod_status httpd module. A remote attacker able to access a status page served by mod_status on a server using a threaded Multi-Processing Module (MPM) could send a specially crafted request that would cause the httpd child process to crash or, possibly, allow the attacker to execute arbitrary code with the privileges of the "apache" user. (CVE-2014-0226) A denial of service flaw was found in the way httpd's mod_deflate module handled request body decompression (configured via the "DEFLATE" input filter). A remote attacker able to send a request whose body would be decompressed could use this flaw to consume an excessive amount of system memory and CPU on the target system. (CVE-2014-0118) A denial of service flaw was found in the way httpd's mod_cgid module executed CGI scripts that did not read data from the standard input. A remote attacker could submit a specially crafted request that would cause the httpd child process to hang indefinitely. (CVE-2014-0231) After installing the updated packages, the httpd daemon will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6httpd-2.2.15-31.sl6.i686.rpm3a9df039f6a0e8f95175f1af55a6e9fdab7253d64be10cd518814c7ae06fa841httpd-devel-2.2.15-31.sl6.i686.rpm95efe10844d38007f74a739fa355864a06231b23594d207e4c6beb7f650c2fdbhttpd-tools-2.2.15-31.sl6.i686.rpm56b347ce1bd9569bad4b9b3cbff924e5a6c220623946f9f6b9366800323c06damod_ssl-2.2.15-31.sl6.i686.rpmde767dd7d0e23fa1afe9fa867aea0b51f04de0f255f451dd5e5bff549e888a01httpd-manual-2.2.15-31.sl6.noarch.rpm1eb2b40b9a812a54cd96a69a3db612b8f4d72dbff123d5a0ea83aaf5925b5173SLSA-2014:0924-1* It was found that the Linux kernel's ptrace subsystem allowed a traced process' instruction pointer to be set to a non-canonical memory address without forcing the non-sysret code path when returning to user space. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4699, Important) Note: The CVE-2014-4699 issue only affected systems using an Intel CPU. * A flaw was found in the way the pppol2tp_setsockopt() and pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP implementation handled requests with a non-SOL_PPPOL2TP socket option level. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-4943, Important) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-2.6.32-431.20.5.el6.i686.rpm3cc7a4ee3bc526308582b11a8bfdeb8fb063540c7f71b8d19d339bf803d7ee4fkernel-abi-whitelists-2.6.32-431.20.5.el6.noarch.rpm545d6b6692fa0bcb777a8f3b12dccb475c4c9efe0d931a5e85250f7ddcebf0f9kernel-debug-devel-2.6.32-431.20.5.el6.i686.rpm0e2b9048100454990dba6a60749217e9e1c4fa3e36fb1e89629baff34884ba5dkernel-2.6.32-431.20.5.el6.i686.rpm588cf1c00ae748878576a4c3166caacdab0c2b3eb0b5ce09d23284fc87def518kernel-firmware-2.6.32-431.20.5.el6.noarch.rpm6deba6c25992cc1116d84c20517304fd6fec03359b7fa9c9deb465e229bf9f32kernel-headers-2.6.32-431.20.5.el6.i686.rpmb3842763f4dad2f52fb2fdc1af849962f6ee31fd995471732175c2b50840978fperf-2.6.32-431.20.5.el6.i686.rpma28273bed2c4d8dc1c6876c12334030cdbceacdee01f0fe9f63e9d8b22c083bdkernel-doc-2.6.32-431.20.5.el6.noarch.rpmf3a673ce25ac1ea999246904aff7aee94aea4caefc92c44f42f7ab5a281d53c0kernel-devel-2.6.32-431.20.5.el6.i686.rpm0309fee67656cbd2aeb658071d8bc6405eb64beb65adba0ff8638b5aaa2a5f89python-perf-2.6.32-431.20.5.el6.i686.rpm307c3d2b5395bae35cb0baa48f9625a30ea8f3a7af4c464a42752c62ecca1b8eSLSA-2014:0981-1* A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2851, Important) * A NULL pointer dereference flaw was found in the way the futex_wait_requeue_pi() function of the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to crash the system. (CVE-2012-6647, Moderate) * A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate) * It was found that a remote attacker could use a race condition flaw in the ath_tx_aggr_sleep() function to crash the system by creating large network traffic on the system's Atheros 9k wireless network adapter. (CVE-2014-2672, Moderate) * A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate) * A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake- up code paths. A remote attacker could use this flaw to crash the system. (CVE-2014-2706, Moderate) * An out-of-bounds memory access flaw was found in the Netlink Attribute extension of the Berkeley Packet Filter (BPF) interpreter functionality in the Linux kernel's networking implementation. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space via a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145, Moderate) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-431.23.3.el6.noarch.rpm5271e3bd5b4c01a05399454409a2301ae2d89c96c048cd44793f083d359164c4python-perf-2.6.32-431.23.3.el6.i686.rpmca7357464440c4497f8dbf7e3b31af9a4781ff8679bb10aa56a683f4d7a5232ekernel-devel-2.6.32-431.23.3.el6.i686.rpm2ee7b68b6241a96247b801e661bc4607cdc2d127f3492c32ced3cb052489e66ckernel-doc-2.6.32-431.23.3.el6.noarch.rpma6c954ada6cea37b929a9a060e35b3acd264aefcdbf2a0ddbd0a3c746b70bdfakernel-debug-2.6.32-431.23.3.el6.i686.rpme53298a2ef31764250cdb1783a001618b8b1322e48dfd73f182c2e89002b36eckernel-headers-2.6.32-431.23.3.el6.i686.rpmc44c36d871db31c595fe4f8981d516f588453bb5dd9f9ecd4f6c6b9a567375f9perf-2.6.32-431.23.3.el6.i686.rpm1198e5827172b73f78e96bc06bbbf9dd258c512b7e35567bb08e4b4cd1ffb821kernel-debug-devel-2.6.32-431.23.3.el6.i686.rpm1de0293e1d810edbd5d3b612246005f03b198071b5f4e00326c905aa98383ceakernel-firmware-2.6.32-431.23.3.el6.noarch.rpmd3252102b7f95df0afc0c9b19044a03a45ba0feedba61daf0d3526ebf082f710kernel-2.6.32-431.23.3.el6.i686.rpmfb4e272f591ce3e35d10ad2eda1d0f80fe93aa33dc680ab3abfad031110bd547SLSA-2014:1009-1A heap-based buffer overflow flaw was found in Samba's NetBIOS message block daemon (nmbd). An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, could possibly lead to arbitrary code execution with root privileges. (CVE-2014-3560) After installing this update, the smb service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6samba4-devel-4.0.0-63.el6_5.rc4.i686.rpm2b3d747a5902ccdf839f99cbabfe09ea9a1c50eefa2a2b0966ebce47daf87c11samba4-4.0.0-63.el6_5.rc4.i686.rpm81dde127bd3676c40980101468a93ea8858efc18e031872668186fe00259acb8samba4-client-4.0.0-63.el6_5.rc4.i686.rpmf1b81db19d993c6b8406cf94d2058d675529dfd5ba2ff7c7bbde018ba8012b4csamba4-dc-libs-4.0.0-63.el6_5.rc4.i686.rpm4979b2ada6bcb659e926c6f2bc11e2a5d03382732e8cb589a82ddc396f228789samba4-common-4.0.0-63.el6_5.rc4.i686.rpmdec508e802cf128ce49a2f7f02d22048df538c66b34074a7cf119445ae7982e3samba4-winbind-4.0.0-63.el6_5.rc4.i686.rpm8e4156170b703756f4d47267b54055743cf72b792bf9bae60e92e1db0599c7besamba4-swat-4.0.0-63.el6_5.rc4.i686.rpmb98a726d1cde75e434b9f6d00e10bcfc28d874fa6269130f1c11b5f69cc79417samba4-winbind-clients-4.0.0-63.el6_5.rc4.i686.rpm7b5dd279036f3911ab247ee764cb9735f1a972000bc126cc103937db8c1f884asamba4-winbind-krb5-locator-4.0.0-63.el6_5.rc4.i686.rpmb96dafd9125b86961afe67acb0ca1f40403785e34e98d011766d5008dde12019samba4-libs-4.0.0-63.el6_5.rc4.i686.rpm1e6c058798830d4f51479ce631c3580a32b1d0db800f9d7358e2a6829e5b4deasamba4-python-4.0.0-63.el6_5.rc4.i686.rpm442f148cfd088dcace9129a64fb0317d2a03895de7db3f529a7fae42b77c8515samba4-dc-4.0.0-63.el6_5.rc4.i686.rpm4c0d28933a3ea7939fff324ed14fa46a60d5073a0a8f0e151f398767f4215d6esamba4-pidl-4.0.0-63.el6_5.rc4.i686.rpm708f2824eded997b500e1e340039b636eaf54594aaaab94153ea7a15523f382fsamba4-test-4.0.0-63.el6_5.rc4.i686.rpm144553cd2fa58ca1a5a9c024df685b41e8d767296ab79fab0abc0bb817d6240eSLSA-2014:1012-1Multiple denial of service flaws were found in the way the File Information (fileinfo) extension parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash a PHP application using fileinfo via a specially crafted CDF file. (CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2012-1571) Two denial of service flaws were found in the way the File Information (fileinfo) extension handled indirect and search rules. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to crash or consume an excessive amount of CPU. (CVE-2014-1943, CVE-2014-2270) A heap-based buffer overflow flaw was found in the way PHP parsed DNS TXT records. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application used the dns_get_record() function to perform a DNS query. (CVE-2014-4049) A type confusion issue was found in PHP's phpinfo() function. A malicious script author could possibly use this flaw to disclose certain portions of server memory. (CVE-2014-4721) A buffer over-read flaw was found in the way the DateInterval class parsed interval specifications. An attacker able to make a PHP application parse a specially crafted specification using DateInterval could possibly cause the PHP interpreter to crash. (CVE-2013-6712) A type confusion issue was found in the SPL ArrayObject and SPLObjectStorage classes' unserialize() method. A remote attacker able to submit specially crafted input to a PHP application, which would then unserialize this input using one of the aforementioned methods, could use this flaw to execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3515)moderateScientific Linux FermiScientific Linux Fermi 6php-intl-5.3.3-27.el6_5.1.i686.rpm09f751525967d304e80011548983329f53183935c2392a9aebd2660f39211773php-imap-5.3.3-27.el6_5.1.i686.rpmbe7a129a6a3a9ed741ace1ed937750cc3719b17553c05ac2dd304101ca96b3c5php-bcmath-5.3.3-27.el6_5.1.i686.rpmdb368d8f5761a16aca557613422ed6cd0c69036df645596bb9342bb57fa4a8a7php-snmp-5.3.3-27.el6_5.1.i686.rpmb01f575798b8d693f8664d20fcd6e62c8a803e04fc3815ad55393904b98731b6php-mbstring-5.3.3-27.el6_5.1.i686.rpm14b493effd9afff57b15830081ce205ad913f125968f63dc606669335f6c8e13php-common-5.3.3-27.el6_5.1.i686.rpm47092d7f2add079c9fa6dcacbf9505df245f167743dfe40dd5f3fd74221c3924php-pspell-5.3.3-27.el6_5.1.i686.rpmb4f2fe57505bb4f8b13ce10e8ce0205cdcba472563d9305acf8a9cae5d2bbf87php-soap-5.3.3-27.el6_5.1.i686.rpmfa2f10b8c384e352fdef9f9ee91fcc40e555a5b45a46aaa80d0b621c9658c188php-odbc-5.3.3-27.el6_5.1.i686.rpmaf400aac03c4849ef28ad7a7a6a7d7c6f90f3bc99a3d192000573afacc63f71ephp-ldap-5.3.3-27.el6_5.1.i686.rpmbaa12d23321572fc49040a4ffc240a7205e99e658780893cc78286a17ed7d54ephp-pgsql-5.3.3-27.el6_5.1.i686.rpm6c75fe772b0ee09ca9ca5ff99d432574bdb886090039a43ccdf37fd58c6422ffphp-tidy-5.3.3-27.el6_5.1.i686.rpm040a2bd337907b7239e495fffcb7e3caccf9b18fbf631b4344399fae17f41db3php-cli-5.3.3-27.el6_5.1.i686.rpm076c322005ef1df3ec9b4b3e1fd643489b1c0855067606d4c3b5e7143dcabd0fphp-fpm-5.3.3-27.el6_5.1.i686.rpma321dc2b641e396c69947fc4aba7a6c88a2091acabdf69ffe40359c6c334c050php-xmlrpc-5.3.3-27.el6_5.1.i686.rpm19ad25e5f38a08f01942892219504a9ca440715743c713a17f355d8d8992dd14php-gd-5.3.3-27.el6_5.1.i686.rpmbc952b511bd526ebda6e5a2bb3a21ea281ca009c5f5132f81d12c53dc48a4779php-recode-5.3.3-27.el6_5.1.i686.rpmf9a5a82ba084563cf866deb5c154a3f8ec79c2383c7d7910c186e7bc60d891efphp-mysql-5.3.3-27.el6_5.1.i686.rpm67a17fec75b214e8da2fcfb12ea95f47fec60a6c3d279260cdb3b3ae23b73d4cphp-dba-5.3.3-27.el6_5.1.i686.rpmbdffab36e7441a151c9314133df33ea27b9fe82f161cde375b8a7d70c6e5bb75php-embedded-5.3.3-27.el6_5.1.i686.rpm0f704de44f200b0a39a1f2a12aa1e84e0775015f8a09b62b2bd74d077db0d151php-zts-5.3.3-27.el6_5.1.i686.rpm9de2f6b1747089101d1e3a9ac870de3061fc13125f5ef9e688860526f9ee7208php-pdo-5.3.3-27.el6_5.1.i686.rpm990e6b75cd28573575c7382130e6b3b6de5218715bb4ae2fd6aff116d9fa1a14php-devel-5.3.3-27.el6_5.1.i686.rpmaf16fd8ca84c05fdcbb0840bc30a64c976eb32b8d1aa8bf70f1a7a10da329b26php-5.3.3-27.el6_5.1.i686.rpm3ca67e556c5d5e22d29f908a18a73f7bcd604889b0f12c46ec7df5971291d2eephp-enchant-5.3.3-27.el6_5.1.i686.rpm3fe420053a8ef0df82b7c6715cb48e57b922c31d606f8adf8ade50a0382c0a64php-xml-5.3.3-27.el6_5.1.i686.rpm246225ad3f61d288856da5da3ed5f20c9c4f76983b635828f29ad09de4c315e3php-process-5.3.3-27.el6_5.1.i686.rpme84bcf75585a0ec90d4d8367500abbdf28d1516bdbb4171b8a44d9cb530c67c2SLSA-2014:1031-1It was found that when replication was enabled for each attribute in 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging was enabled. A remote attacker could use this flaw to disclose potentially sensitive information. (CVE-2014-3562) After installing this update, the 389 server service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6389-ds-base-1.2.11.15-34.el6_5.i686.rpmd289e6fdc1aa787b251a07d6d6d5ee8d1ac65e5cdc5abed7e1477d247ed67236389-ds-base-libs-1.2.11.15-34.el6_5.i686.rpm875585384de4076770f40184d9d80f526c903cd75e5b63dce1e8f94e58de8ec9389-ds-base-devel-1.2.11.15-34.el6_5.i686.rpm987e203b6e4e9c4426bc957500e1b0d5280da64061a82f6b09399dff422e1653SLSA-2014:1038-1It was found that several application-provided XML files, such as web.xml, content.xml, *.tld, *.tagx, and *.jspx, resolved external entities, permitting XML External Entity (XXE) attacks. An attacker able to deploy malicious applications to Tomcat could use this flaw to circumvent security restrictions set by the JSM, and gain access to sensitive information on the system. Note that this flaw only affected deployments in which Tomcat is running applications from untrusted sources, such as in a shared hosting environment. (CVE-2013-4590) It was found that, in certain circumstances, it was possible for a malicious web application to replace the XML parsers used by Apache Tomcat to process XSLTs for the default servlet, JSP documents, tag library descriptors (TLDs), and tag plug-in configuration files. The injected XML parser(s) could then bypass the limits imposed on XML external entities and/or gain access to the XML files processed for other web applications deployed on the same Apache Tomcat instance. (CVE-2014-0119) Tomcat must be restarted for this update to take effect.lowScientific Linux FermitrueScientific Linux Fermi 6tomcat6-docs-webapp-6.0.24-78.el6_5.noarch.rpm584abc862c8145c8f69a92e971f5f7cd78913e48c2a0f149fbe680c05fb82b7dtomcat6-admin-webapps-6.0.24-78.el6_5.noarch.rpm00b3514c26801be6e409db816fdf9fd5db63aaa07fb8ba29f0f34f4d5bb6f9dftomcat6-lib-6.0.24-78.el6_5.noarch.rpm813db1e92efa237085c664a2ee09daf6ed22edbc0e35836b26ca20da848bad72tomcat6-el-2.1-api-6.0.24-78.el6_5.noarch.rpm1f5cf26b55c86fa731363b0f94e2ffae605d333018cf0dec9d6e6978672fadbctomcat6-jsp-2.1-api-6.0.24-78.el6_5.noarch.rpm83aad06c79e3aaa5f004a0a5a7c2f5bdc0618c6e7676b4faf73ef6faa44a57aetomcat6-webapps-6.0.24-78.el6_5.noarch.rpm5c2ae2ace79d5eaa92cd96a41f4487e4d617ec7f57fada8c49715ee8f84a9948tomcat6-servlet-2.5-api-6.0.24-78.el6_5.noarch.rpmf051d6bd08ba05c4e9cd82fc2329d7f89420798c1c141d64b4b720198a90cde0tomcat6-6.0.24-78.el6_5.noarch.rpm807f4f025836d9da7b79de79b01944c5a367b10c80061333d44d6d1c3bf47f7dtomcat6-javadoc-6.0.24-78.el6_5.noarch.rpm9da5af286fdcb5b4b96d5f8e713324bc07748503eb463daa7ec0bd6e2aa134c6SLSA-2014:1052-1A race condition was found in the way OpenSSL handled ServerHello messages with an included Supported EC Point Format extension. A malicious server could possibly use this flaw to cause a multi-threaded TLS/SSL client using OpenSSL to write into freed memory, causing the client to crash or execute arbitrary code. (CVE-2014-3509) It was discovered that the OBJ_obj2txt() function could fail to properly NUL-terminate its output. This could possibly cause an application using OpenSSL functions to format fields of X.509 certificates to disclose portions of its memory. (CVE-2014-3508) A flaw was found in the way OpenSSL handled fragmented handshake packets. A man-in-the-middle attacker could use this flaw to force a TLS/SSL server using OpenSSL to use TLS 1.0, even if both the client and the server supported newer protocol versions. (CVE-2014-3511) Multiple flaws were discovered in the way OpenSSL handled DTLS packets. A remote attacker could use these flaws to cause a DTLS server or client using OpenSSL to crash or use excessive amounts of memory. (CVE-2014-3505, CVE-2014-3506, CVE-2014-3507) A NULL pointer dereference flaw was found in the way OpenSSL performed a handshake when using the anonymous Diffie-Hellman (DH) key exchange. A malicious server could cause a DTLS client using OpenSSL to crash if that client had anonymous DH cipher suites enabled. (CVE-2014-3510) For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6openssl-perl-1.0.1e-16.el6_5.15.i686.rpm9fbf286aac85315fe1c335165a0487619f6dceb06443e7c8fdb3e9329e79bf18openssl-static-1.0.1e-16.el6_5.15.i686.rpm8dd7fc2622e884d51dcbee40ec492d7324087218335bc98a88bdb66f24f6a11bopenssl-1.0.1e-16.el6_5.15.i686.rpm9ccd46499bccb0e18c29830c3d6cce02338cc85e8e9450974aeeaed4320efe59openssl-devel-1.0.1e-16.el6_5.15.i686.rpm9bf665914e252adf6b2dcd1055d8c5acc1d7d2badf413b73c865fd2156d11243SLSA-2014:1075-1Two integer overflow flaws were found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use either of these flaws to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0222, CVE-2014-0223) This update also fixes the following bugs: * In certain scenarios, when performing live incremental migration, the disk size could be expanded considerably due to the transfer of unallocated sectors past the end of the base image. With this update, the bdrv_is_allocated() function has been fixed to no longer return "True" for unallocated sectors, and the disk size no longer changes after performing live incremental migration. * This update enables ioeventfd in virtio-scsi-pci. This allows QEMU to process I/O requests outside of the vCPU thread, reducing the latency of submitting requests and improving single task throughput. * Prior to this update, vendor-specific SCSI commands issued from a KVM guest did not reach the target device due to QEMU considering such commands as invalid. This update fixes this bug by properly propagating vendor-specific SCSI commands to the target device. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.415.el6_5.14.i686.rpm9e7ae22e327c2dfccd3d800c84966d8eafebf01c0671b0efbfcf994c166bb77fSLSA-2014:1110-1An off-by-one heap-based buffer overflow flaw was found in glibc's internal __gconv_translit_find() function. An attacker able to make an application call the iconv_open() function with a specially crafted argument could possibly use this flaw to execute arbitrary code with the privileges of that application. (CVE-2014-5119) A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value (for example, specified in an LC_* environment variable) could possibly use this flaw to execute arbitrary code with the privileges of that application. (CVE-2014-0475)importantScientific Linux FermiScientific Linux Fermi 6glibc-utils-2.12-1.132.el6_5.4.i686.rpm4e58f34cf515423cb85297a82a9f745c3927ca8486c09422f5233add2f2b42c7glibc-headers-2.12-1.132.el6_5.4.i686.rpmabed2faecdf03eae54349f0f61a2336a3c251d1c9248b22cf7f2ffc9b99eeb0cnscd-2.12-1.132.el6_5.4.i686.rpm9b28ff13592c59ac9b13b165ff2a3f74790cc3944167015f10b8f3510ceac8d7glibc-2.12-1.132.el6_5.4.i686.rpm0f7271a3f97927fdfd08b6e46164a1b72da91e618cf1772244647ce0680d625dglibc-common-2.12-1.132.el6_5.4.i686.rpm28e3e447759873ec31567cfc4d8a572d4054b9541382184f4af35c77d03cac57glibc-devel-2.12-1.132.el6_5.4.i686.rpm55b0ff5374712bb2f1c09cc005c8d50bd0cb6dc1029e31d6d64b7ee75c0bfeedglibc-static-2.12-1.132.el6_5.4.i686.rpm8e92287542d3ec02d217e1abf72c817856ff241eb9db54f817f073835776a05dSLSA-2014:1144-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1562, CVE-2014-1567) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-24.8.0-1.el6_5.i686.rpmbf4de3c1525cb1d0f8dcf942ef0476c3f75976e1276ee0d0586813e8b93ae3caSLSA-2014:1145-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1562, CVE-2014-1567) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-24.8.0-1.el6_5.i686.rpm547069a84e3f231a3d5988abceaf20662b721271538cd615bcc9f79adad31293SLSA-2014:1148-1A flaw was found in the way Squid handled malformed HTTP Range headers. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2014-3609) A buffer overflow flaw was found in Squid's DNS lookup module. A remote attacker able to send HTTP requests to the Squid proxy could use this flaw to crash Squid. (CVE-2013-4115) After installing this update, the squid service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6squid-3.1.10-22.el6_5.i686.rpm2d9b6e98bf2f080e9d2b6cc228899d203a5d8c75e3eaa3f9f706ae0170f7ba41SLSA-2014:1166-1It was discovered that the HTTPClient incorrectly extracted host name from an X.509 certificate subject's Common Name (CN) field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2014-3577)importantScientific Linux FermiScientific Linux Fermi 6jakarta-commons-httpclient-3.1-0.9.el6_5.i686.rpm84fb850a6f925c5a205d4af0fe45eb071efe80be073bcb57df5d2781969572cejakarta-commons-httpclient-demo-3.1-0.9.el6_5.i686.rpmba1b30fe61099cfd65f9e7e8006576e785d13d9f01be4965314da6b5b7114881jakarta-commons-httpclient-manual-3.1-0.9.el6_5.i686.rpmfb5fc765e4cd71d328599b42885aa816956536a1876a9a13a535a949b98f4581jakarta-commons-httpclient-javadoc-3.1-0.9.el6_5.i686.rpmf4e15e99fda072b580510cebfba91d994d20c9370e5333c358bede418dceb672SLSA-2014:1167-1* A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futex_wait(). A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could lead to a use-after-free flaw, resulting in a system crash or, potentially, privilege escalation. (CVE-2014-0205, Important) * A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an interface. (CVE-2014-3535, Important) * An out-of-bounds memory access flaw was found in the Linux kernel's system call auditing implementation. On a system with existing audit rules defined, a local, unprivileged user could use this flaw to leak kernel memory to user space or, potentially, crash the system. (CVE-2014-3917, Moderate) * An integer underflow flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation processed certain COOKIE_ECHO packets. By sending a specially crafted SCTP packet, a remote attacker could use this flaw to prevent legitimate connections to a particular SCTP server socket to be made. (CVE-2014-4667, Moderate) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-devel-2.6.32-431.29.2.el6.i686.rpmb22d1151f42c60cd6eba604b4f33883e64ee379559fcddc748a14a6aa981d541kernel-2.6.32-431.29.2.el6.i686.rpm0ec160fac4101070ef57512a708f14946f3583bf748679b8e9ae1ae1fb40d54fkernel-firmware-2.6.32-431.29.2.el6.noarch.rpm7572331dee0b953f5476628d69a019b061b9380472edc47ae74bce12876148dckernel-abi-whitelists-2.6.32-431.29.2.el6.noarch.rpm6cf937f6c97f7225d07a3c2958b6c8438be40789b1a820d5a45b30840a01a6afkernel-debug-2.6.32-431.29.2.el6.i686.rpm8ca593297888f75079a8f31940061c0144dee8384f2a74451a55982b762ced9ekernel-doc-2.6.32-431.29.2.el6.noarch.rpmed307192f9b1c8296bb47a11fb0c47fa8be924da6f9c2ba520dda24e2d4ceee6perf-2.6.32-431.29.2.el6.i686.rpm29280d8c4590f8d8fb00afdc4ade80f6caff927fc28a658512d41065d5a4cefepython-perf-2.6.32-431.29.2.el6.i686.rpm787828bc9e131fb5cb2cb2f3aee046443ec0bf7978e1075c71e745c7a4fd2d79kernel-debug-devel-2.6.32-431.29.2.el6.i686.rpm2f417b8320641a92d9b0132d4e9d64519932cc6ab100af899385c3d96d7bdaedkernel-headers-2.6.32-431.29.2.el6.i686.rpm0340ffacf972bd021f6060f3ce7f311cf998a7c3253830f8ff00c339a481c114SLSA-2014:1172-1A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send an email with specially crafted headers that, when processed by formail, could cause procmail to crash or, possibly, execute arbitrary code as the user running formail. (CVE-2014-3618)importantScientific Linux FermiScientific Linux Fermi 6procmail-3.22-25.1.el6_5.1.i686.rpm40bef9eb1ccd231f74999174355150dffc8e8b5038268e92180448f14f77a253SLSA-2014:1193-1It was discovered that Axis incorrectly extracted the host name from an X.509 certificate subject's Common Name (CN) field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. (CVE-2014-3596) Applications using Apache Axis must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6axis-1.2.1-7.5.el6_5.noarch.rpm5b034090a6211329504ef24d4fc2ee069b86463c3f0b348c80d1b7e277f301acaxis-javadoc-1.2.1-7.5.el6_5.noarch.rpmd5c134ea53139cac221419833042d9f73dab213e7597d66415186e1c73a441a3axis-manual-1.2.1-7.5.el6_5.noarch.rpm87b5d52c17e2c2d212d2f891568acc5cf6ed119fb76f5496f118ffcd23718b72SLSA-2014:1293-1A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. (CVE-2014-6271) For additional information on the CVE-2014-6271 flaw, refer to https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/criticalScientific Linux FermiScientific Linux Fermi 6bash-doc-4.1.2-15.el6_5.1.i686.rpm3b076358605633f406e799a7fe89a7e9b6529c8ed589c3f6072977be1e80c3d5bash-4.1.2-15.el6_5.1.i686.rpm5ef088868528772dcc7c8bed5aac544c89f59ce57f32c7b876df1770adefac6aSLSA-2014:1306-1It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. (CVE-2014-7169) Applications which directly create bash functions as environment variables need to be made aware of changes to the way names are handled by this update. Note: Docker users are advised to use "yum update" within their containers, and to commit the resulting changes. For additional information on CVE-2014-6271 and CVE-2014-7169, refer to https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/importantScientific Linux FermiScientific Linux Fermi 6bash-4.1.2-15.el6_5.2.i686.rpmfad27bcc82da0ce1cac919afcea9623d6260b422b4b2eec55b9a7b18fa0e7265bash-doc-4.1.2-15.el6_5.2.i686.rpm94338654ef69ab17baed6deb1e23c9d5d488ac0e99b9f916c0fcc6a73baffce8SLSA-2014:1307-1A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. (CVE-2014-1568) After installing this update, applications using NSS must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6nss-pkcs11-devel-3.16.1-7.el6_5.i686.rpmbada320c0a27feeb974fa48e52ae2eefc39d78de64005beee817808e46698132nss-util-3.16.1-2.el6_5.i686.rpma7f3851e4276ea330c7b3ee1b33bee3d26622ef640ef990b5fee414c66170b85nss-softokn-freebl-devel-3.14.3-12.el6_5.i686.rpm7815b1c0d8e530d7a580e39bc764173e9ce1f03f7dc02b36db40a2f712eb225fnss-tools-3.16.1-7.el6_5.i686.rpme0fd34dda78563174633f6909e5a7e5eafbf6cd05f0bc9a5d255e61a53ff23e3nss-softokn-devel-3.14.3-12.el6_5.i686.rpmbc2225f25dea89094a5b401c9241761ee55b9363ca2e2990676aec02ad1f2362nss-softokn-3.14.3-12.el6_5.i686.rpm033b8798950835edf69251b0b1b96bea2039a87c09573b57c0f342921f91c3b5nss-util-devel-3.16.1-2.el6_5.i686.rpmc95785c3bd190f739fa7addd3f74f7fcbe30f624f3a1924d526bbf8aeff90567nss-devel-3.16.1-7.el6_5.i686.rpm708c8a75b2035af5cd203e202cce85ec39c200ad6c91201e9d8c15ff9a2d2ab9nss-softokn-freebl-3.14.3-12.el6_5.i686.rpm7def50c5fcab8d354c1ac40c58b0d545dfff3cdfd63d8eba9be72ed3852b8871nss-3.16.1-7.el6_5.i686.rpmddabce679d2486a9348a2e4acf513a375dcf84a8a4db70cb450cbe01f35c10ednss-sysinit-3.16.1-7.el6_5.i686.rpm7b7f425e34cd358cc332f3a93af39748785bccc1cd759f4c73a73e3ff6130628SLSA-2014:1319-1A resource consumption issue was found in the way Xerces-J handled XML declarations. A remote attacker could use an XML document with a specially crafted declaration using a long pseudo-attribute name that, when parsed by an application using Xerces-J, would cause that application to use an excessive amount of CPU. (CVE-2013-4002) Applications using the Xerces-J must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6xerces-j2-javadoc-impl-2.7.1-12.7.el6_5.i686.rpmb6b16bce1906cc14cb092edd8a08fa600d20d6a42120ca7a356553334ec7c24axerces-j2-javadoc-xni-2.7.1-12.7.el6_5.i686.rpmdadb09a29490f1e01363fdbca63d3164438e1351798a682fbab26e00b7ea10e2xerces-j2-2.7.1-12.7.el6_5.i686.rpm2341bc56ddbb8dd218ac2102e8ae1d14e07240e41437b82c7c46dc0ba595ebddxerces-j2-demo-2.7.1-12.7.el6_5.i686.rpma5b908ac57a73752ef01d0c4024dfc3ce1a33fc0bdd312952022aa55bd168e41xerces-j2-javadoc-other-2.7.1-12.7.el6_5.i686.rpm20a5acb5c85ae559036b84274323ef0822b46c884812c76bea6789fc3c32cadexerces-j2-javadoc-apis-2.7.1-12.7.el6_5.i686.rpmf8781c8d6029de14eb89e80f7fd1a140d3bdcd9f97c870f6537ddd17afa06da6xerces-j2-scripts-2.7.1-12.7.el6_5.i686.rpm65c1399cb2f4c80ef1f4195d5d081131ddd8d8a9d9d1407c8617a58e08ca685cSLSA-2014:1326-1It was found that the fix for CVE-2012-1571 was incomplete; the File Information (fileinfo) extension did not correctly parse certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. (CVE-2014-3587) A NULL pointer dereference flaw was found in the gdImageCreateFromXpm() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application using gd via a specially crafted X PixMap (XPM) file. (CVE-2014-2497) Multiple buffer over-read flaws were found in the php_parserr() function of PHP. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application used the dns_get_record() function to perform a DNS query. (CVE-2014-3597) Two use-after-free flaws were found in the way PHP handled certain Standard PHP Library (SPL) Iterators and ArrayIterators. A malicious script author could possibly use either of these flaws to disclose certain portions of server memory. (CVE-2014-4670, CVE-2014-4698) The CVE-2014-3597 issue was discovered by David Kutlek of the Red Hat BaseOS QE. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6php-mysql-5.3.3-27.el6_5.2.i686.rpm8268d06b40666c8345b73aeafbedc3519b378a962df94e1578e0e58a22b365dfphp-embedded-5.3.3-27.el6_5.2.i686.rpme5e24c662f6dfd4ac23038adcfe7e9baf0755d13def09c213eb9f5fee373f03fphp-recode-5.3.3-27.el6_5.2.i686.rpma4c5ce550af3bf9f552ee22361917728bf6a2fc22d66f1f60a4f9dba6949b459php-soap-5.3.3-27.el6_5.2.i686.rpmbe97ca99bc73ebdfae67a2de1f8870925e3a98b5af94d181fbf5e043b2f57b57php-imap-5.3.3-27.el6_5.2.i686.rpm859f2c13854d9d5fd2443a55ba4d099ede4fe61f4dc59bd3efa0fb7a79da7161php-fpm-5.3.3-27.el6_5.2.i686.rpmb130eb2f8764066071857c8589a71e41fe9d209b3bf499f2fdc876b88aead670php-common-5.3.3-27.el6_5.2.i686.rpm281ba04d8af504f992da4af34501b9d370e1f25f8438dda9d1dd58e1c2fbcd8dphp-mbstring-5.3.3-27.el6_5.2.i686.rpm53500b3dabad55f51f6b41133390d2480022038e8db270fd32aed6063aa23e1ephp-odbc-5.3.3-27.el6_5.2.i686.rpmfe071bdfc665c64198451da472f472d8193f0ae2ff9f924dc07f4603b78dff31php-5.3.3-27.el6_5.2.i686.rpm79edf8070d15f20836d3dd3b04d53cfaa3d1a4095a2b75cf37e4ea4a943e69b0php-gd-5.3.3-27.el6_5.2.i686.rpm0d5f7cd06f7efb1de8a69609c796dc808ae67de8bbb06facf5fe99a7c47c16d5php-bcmath-5.3.3-27.el6_5.2.i686.rpm9fa829c95458b63b7cd727565be9a07b2e9fb92f93070e5ec32e52842effcc2ephp-xml-5.3.3-27.el6_5.2.i686.rpm0cb3aec7529c96bbca07f4baee34209a8e2340650c92b0a8ace5bc68d16c76e9php-process-5.3.3-27.el6_5.2.i686.rpm98b25c7920254ec8dfb002b9a498abeccb4aaee14f3babe85864aa415857d129php-zts-5.3.3-27.el6_5.2.i686.rpm7dc5ff35f2cb720554a73ba2fd507c90f0773c56bdcee78ea30be4125c9fc1b9php-pspell-5.3.3-27.el6_5.2.i686.rpma63508a98daac6163fba7f0e34eed5df5f4c675621095b0350168bdba204e831php-pgsql-5.3.3-27.el6_5.2.i686.rpm76cdeb50a72ae7c8b3876535323b761b48f91b712582d9bd935c3c2ee924242cphp-enchant-5.3.3-27.el6_5.2.i686.rpmca9f35ff78d2ca98b02f4eff59e60fbfdb90a6b2eb7891956be38448c99a892cphp-snmp-5.3.3-27.el6_5.2.i686.rpmea1bdbd777e96807a0efb6b5b569dfd227a376e46e71070be5d763e5c83936e5php-cli-5.3.3-27.el6_5.2.i686.rpm3446b149b87c2539443f25a8ee63a3ec71f025a80b60b69b5cedc25d14354774php-intl-5.3.3-27.el6_5.2.i686.rpm96327167c9064b499652a1f486724cbafcb255b8863ce9867e0e8345f27e35f5php-pdo-5.3.3-27.el6_5.2.i686.rpm33e645282bce6fe31977544a01efd6ca9f4c46ce065ef54830408b57df4cea9dphp-tidy-5.3.3-27.el6_5.2.i686.rpm12f665caecead720dba53e5707ab71ff640d69dac093675bffad69cf4d0cb443php-dba-5.3.3-27.el6_5.2.i686.rpmd36440216532e40b29c24b079425a791ead3d27d691485e7767a5f2a9244491bphp-ldap-5.3.3-27.el6_5.2.i686.rpm07efa3203c30de516d3a27ab9f3821b98e237f96142d4822c8679f31b0d0cb59php-devel-5.3.3-27.el6_5.2.i686.rpmc70100b52b49cc85f58579b97caf81bb9abd6ce461a9215ecdd35fd4b98c4394php-xmlrpc-5.3.3-27.el6_5.2.i686.rpm7cda71be4a03d3ef415bec5927391dc7a3be266bec7f360838a2563bb98aab81SLSA-2014:1388-2A cross-site scripting (XSS) flaw was found in the CUPS web interface. An attacker could use this flaw to perform a cross-site scripting attack against users of the CUPS web interface. (CVE-2014-2856) It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system. (CVE-2014-3537, CVE-2014-5029, CVE-2014-5030, CVE-2014-5031) After installing this update, the cupsd daemon will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6cups-lpd-1.4.2-67.el6.i686.rpma3fae2b585f8e083afd12fdbbe2586e64c23c98f4caded9e5dc44abecdff2a1bcups-devel-1.4.2-67.el6.i686.rpm9439ed631ca424ba0bd603c07aeac56235365116e048b1bb3c41e892a038c6cbcups-libs-1.4.2-67.el6.i686.rpm10ec218c0c0eb8fe2c1594d8a153b23350bbc949b4f43508f2125d0c712e3fa7cups-1.4.2-67.el6.i686.rpm35d5659ce7a6c6d86063a1e03e7f6496944db2ea2fc9dc96a896ee66848b638dcups-php-1.4.2-67.el6.i686.rpm18e014fbd2a922200e3ba8b25581ca2df0411ab7d39dd928ea5ff9280b6c28ecSLSA-2014:1389-2It was found that if a KDC served multiple realms, certain requests could cause the setup_server_realm() function to dereference a NULL pointer. A remote, unauthenticated attacker could use this flaw to crash the KDC using a specially crafted request. (CVE-2013-1418, CVE-2013-6800) A NULL pointer dereference flaw was found in the MIT Kerberos SPNEGO acceptor for continuation tokens. A remote, unauthenticated attacker could use this flaw to crash a GSSAPI-enabled server application. (CVE-2014-4344) A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) Two buffer over-read flaws were found in the way MIT Kerberos handled certain requests. A remote, unauthenticated attacker who is able to inject packets into a client or server application's GSSAPI session could use either of these flaws to crash the application. (CVE-2014-4341, CVE-2014-4342) A double-free flaw was found in the MIT Kerberos SPNEGO initiators. An attacker able to spoof packets to appear as though they are from an GSSAPI acceptor could use this flaw to crash a client application that uses MIT Kerberos. (CVE-2014-4343)moderateScientific Linux FermiScientific Linux Fermi 6krb5-workstation-1.10.3-33.el6.i686.rpme150d0c7cefa2b5036e9a1db520120ff41e8d1d592d7f821bda92ecd9e1f5060krb5-pkinit-openssl-1.10.3-33.el6.i686.rpm8643053e26170844892da282734db49afaac1ab2fefb728091ae91a243d27d3bkrb5-libs-1.10.3-33.el6.i686.rpm8d17c7296edaa2c28ce004a48b56c71166d283749ff9fbba0966c79777240dd2krb5-devel-1.10.3-33.el6.i686.rpm0aaaf3bf175e4fc6c58dcdd36ea88951e0bfbc1814f42049621f1cfd469868c6krb5-server-ldap-1.10.3-33.el6.i686.rpm702d99d44e003c3c93acaa9dd11c1da30d78b0462bcb518b3a304bef43cdccd8krb5-server-1.10.3-33.el6.i686.rpm9b64f15dc827037667677d4173dc0e2d378b1c366c25966144571476b5024723SLSA-2014:1390-2It was discovered that luci used eval() on inputs containing strings from the cluster configuration file when generating its web pages. An attacker with privileges to create or edit the cluster configuration could use this flaw to execute arbitrary code as the luci user on a host running luci. (CVE-2014-3593)moderateScientific Linux FermiScientific Linux Fermi 6luci-0.26.0-63.el6.i686.rpmcf30b2475d8bd6ea9e680b1d80fc54d91c12a5771f9240cd98f53c8b9ecb01c6SLSA-2014:1391-2An out-of-bounds write flaw was found in the way the glibc's readdir_r() function handled file system entries longer than the NAME_MAX character constant. A remote attacker could provide a specially crafted NTFS or CIFS file system that, when processed by an application using readdir_r(), would cause that application to crash or, potentially, allow the attacker to execute arbitrary code with the privileges of the user running the application. (CVE-2013-4237) It was found that getaddrinfo() did not limit the amount of stack memory used during name resolution. An attacker able to make an application resolve an attacker-controlled hostname or IP address could possibly cause the application to exhaust all stack memory and crash. (CVE-2013-4458)moderateScientific Linux FermiScientific Linux Fermi 6glibc-common-2.12-1.149.el6.i686.rpmf1bc65874a894d14f7868fcd9aeea86ab5121134561108c678eccce28b88b5d8glibc-devel-2.12-1.149.el6.i686.rpmd4cbe7f514546bfeeefd9fe24de93eca1ed8a948fbc1a006d25055166ca5cc21nscd-2.12-1.149.el6.i686.rpm94009110d93a0c7b15d7832904a0ffec63b355321896acfd15b3a18e793e8852glibc-static-2.12-1.149.el6.i686.rpm3a32eb471fc1e95234f6ab140c8cba22ef2309dee8b73927b262a588abb6d077glibc-2.12-1.149.el6.i686.rpm12e85d1fef6831349a99a036c40150082f8f6f77eebaccf4458dd7b15421792aglibc-utils-2.12-1.149.el6.i686.rpm003c9c33d702a0c7eee3b08d288363a4e053d1b439103ed604a8940f695a0c87glibc-headers-2.12-1.149.el6.i686.rpmacd615b235cb758c029687eb8b22f5bdeab28d1efa3255df930b307a23f12655SLSA-2014:1392-1* A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. (CVE-2014-5077, Important) * An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system. (CVE-2013-2596, Important) * A flaw was found in the way the ipc_rcu_putref() function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory (OOM) condition and, potentially, crash the system. (CVE-2013-4483, Moderate) * It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process. (CVE-2014-0181, Moderate) * It was found that the try_to_unmap_cluster() function in the Linux kernel's Memory Managment subsystem did not properly handle page locking in certain cases, which could potentially trigger the BUG_ON() macro in the mlock_vma_page() function. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-3122, Moderate) * A flaw was found in the way the Linux kernel's kvm_iommu_map_pages() function handled IOMMU mapping failures. A privileged user in a guest with an assigned host device could use this flaw to crash the host. (CVE-2014-3601, Moderate) * Multiple use-after-free flaws were found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use either of these flaws to crash the system. (CVE-2014-4653, CVE-2014-4654, CVE-2014-4655, Moderate) * A flaw was found in the way the Linux kernel's VFS subsystem handled reference counting when performing unmount operations on symbolic links. A local, unprivileged user could use this flaw to exhaust all available memory on the system or, potentially, trigger a use-after-free error, resulting in a system crash or privilege escalation. (CVE-2014-5045, Moderate) * An integer overflow flaw was found in the way the lzo1x_decompress_safe() function of the Linux kernel's LZO implementation processed Literal Runs. A local attacker could, in extremely rare cases, use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-4608, Low) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-firmware-2.6.32-504.el6.noarch.rpmc4d95bb3fd62a71932b35ac3739ece8585abd979fea0137046f0269a6fbbe5a2kernel-debug-devel-2.6.32-504.el6.i686.rpmb098b3a9670b6edec390104235914871c9936dd6f1a8e020cd44a38ad7e05bcakernel-doc-2.6.32-504.el6.noarch.rpmfed5713b6de19febaa1e1575ea1823e79f4da8420dbef0c3e347b4973b723747python-perf-2.6.32-504.el6.i686.rpm236b30ed1f3a4be85e6c07d5450af1028158e90ffe836d7a50af3a4bf9b65097kernel-devel-2.6.32-504.el6.i686.rpm958b67994c353482586f263a031770ae49141eb1c4040124516bf3df2ad13f54kernel-debug-2.6.32-504.el6.i686.rpm50d5fe66f559f003b896aa23ea3978b9d5d7ef136fda5e69c54fec2d037b7bc5kernel-abi-whitelists-2.6.32-504.el6.noarch.rpmf1dc90780fa17952d577af61a732aba9719320efe61c5f6262806c62e5d6d8eakernel-headers-2.6.32-504.el6.i686.rpm85dfe2eb8b12a12c6e35dba53ddb24b14807c4d20992036ab0a529e7e2be50c7kernel-2.6.32-504.el6.i686.rpmea5be5d5d717d767d0d3378bc0e4ba8bdf04db10813d8d34a72b05fba3bc9625perf-2.6.32-504.el6.i686.rpm05c5d70172286b0b684f9a0468b58e5cd64cdccb1143bfffc46066b221cac4beSLSA-2014:1436-2Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an X11 server via a malicious X11 client could use either of these flaws to potentially escalate their privileges on the system. (CVE-2013-1981, CVE-2013-1982, CVE-2013-1983, CVE-2013-1984, CVE-2013-1985, CVE-2013-1986, CVE-2013-1987, CVE-2013-1988, CVE-2013-1989, CVE-2013-1990, CVE-2013-1991, CVE-2013-2003, CVE-2013-2062, CVE-2013-2064) Multiple array index errors, leading to heap-based buffer out-of-bounds write flaws, were found in the way various X11 client libraries handled data returned from an X11 server. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-1997, CVE-2013-1998, CVE-2013-1999, CVE-2013-2000, CVE-2013-2001, CVE-2013-2002, CVE-2013-2066) A buffer overflow flaw was found in the way the XListInputDevices() function of X.Org X11's libXi runtime library handled signed numbers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-1995) A flaw was found in the way the X.Org X11 libXt runtime library used uninitialized pointers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client. (CVE-2013-2005) Two stack-based buffer overflow flaws were found in the way libX11, the Core X11 protocol client library, processed certain user-specified files. A malicious X11 server could possibly use this flaw to crash an X11 client via a specially crafted file. (CVE-2013-2004) The xkeyboard-config package has been upgraded to upstream version 2.11, which provides a number of bug fixes and enhancements over the previous version. This update also fixes the following bugs: * Previously, updating the mesa-libGL package did not update the libX11 package, although it was listed as a dependency of mesa-libGL. This bug has been fixed and updating mesa-libGL now updates all dependent packages as expected. * Previously, closing a customer application could occasionally cause the X Server to terminate unexpectedly. After this update, the X Server no longer hangs when a user closes a customer application. NOTE: 3rd party drivers, such as ATI and nVidia may need to be updated for the new API.moderateScientific Linux FermiScientific Linux Fermi 6libdmx-1.1.3-3.el6.i686.rpmd7ffd81eb6c930f23f00e15cabb75432bd6de9effad473153ab4f789b85e31fdlibXinerama-devel-1.1.3-2.1.el6.i686.rpmf19f3534cdd30b006df444c13e155500e180f7faa9904c4434a9e4bc9ab91902libXxf86dga-devel-1.1.4-2.1.el6.i686.rpmf517347b0815d3e8e5c736d6de27cf6eb823f281bc4581cda7cfc23ea93a10d9xkeyboard-config-devel-2.11-1.el6.noarch.rpm6c624af2427bb308600fc00dcc96594ea36154e7096271f3e676a09f63cbc4a1libxcb-1.9.1-2.el6.i686.rpm8f34491284704a2e92a4c9a03c8064f667f2273f6d578d5bd85a73e87a0bb967xcb-proto-1.8-3.el6.noarch.rpmb3986c55f809d8f21f17b73cecdddb676c1e95011795a9c7650a92943feeefb7libX11-devel-1.6.0-2.2.el6.i686.rpm40918e2c315d147ea1c2358606a81e540751c03aecf0b2ec216e9b6071661831libXinerama-1.1.3-2.1.el6.i686.rpm7654a9b45821264780afab35df09bfdfdf8f1169127f8315d189879f7c19b36alibXv-devel-1.0.9-2.1.el6.i686.rpmb9c75b145273068381e95e5300b29a98bdb7274088f104d9d9a384c966485d34libXext-1.3.2-2.1.el6.i686.rpme13fda0d2202257c78034eea6b85c92dcf16d6074ffa919ba9ebafaf062b2c4flibXi-devel-1.7.2-2.2.el6.i686.rpm9da9307f7e5c37f8ff82684029ace807c266c9ef8222bf21f523bec1509f7587libXp-devel-1.0.2-2.1.el6.i686.rpme67a70a3939483fd0c2f2c61f652e9dddd0409e2de2ced54081832496bf766c5libX11-1.6.0-2.2.el6.i686.rpmade4f0cffc2a501efcdf2c974808903a52666aff537e45e70eac87881a96a8aelibxcb-devel-1.9.1-2.el6.i686.rpm39680a46dd0668059b362c5a1e9f543d901b85f5ac24d8dcf5cfa7a2e0321e30libXxf86vm-devel-1.1.3-2.1.el6.i686.rpmadd7c072d31e017bbb31d67823abbae85b54ac508fd9ca5bbbbf1dd3dfef956alibXrandr-devel-1.4.1-2.1.el6.i686.rpmf4b0cc8bae7bd2b251d51cb49e4da5fb6eae702506f27ca8169a7636a4dec81dlibXxf86vm-1.1.3-2.1.el6.i686.rpmf2bb040adfd22f4a966e789b2f3fdd81d9f970ce6bf1e90205d9bced81d2c0aflibXtst-1.2.2-2.1.el6.i686.rpmeee54a177992e9a0036bcd2ebbbea71d1a1e80671bd1899ad7f9bd667739588elibX11-common-1.6.0-2.2.el6.noarch.rpmbc8839d38babae24b3d669b68a6d962f30547d2ab19374a3ba5161d08b1f03aaxorg-x11-xtrans-devel-1.3.4-1.el6.noarch.rpma68ea4968ecd4d1032bd8469cb2944f06a2e34f5791b5da1c5d1ffe33814f148xkeyboard-config-2.11-1.el6.noarch.rpm3945dd17fcb99d796a5c6ac95b048ef6ed2f07fb70c43dae981ecbafae87c68flibXcursor-1.1.14-2.1.el6.i686.rpm07591c6b43dcb6ee1cdb6de40ce41fe1ff43bc3add466b9f53b92860d7469676libXv-1.0.9-2.1.el6.i686.rpmb6722c145e6973a10e401c1e2ebd6319ebb1ccd490cfca64c6cd0d3ce11a6829libXrender-devel-0.9.8-2.1.el6.i686.rpme6142ecaa2f78ee9fae519d9ce900a93256d34ef067a7adf8b82edae45a21270libXtst-devel-1.2.2-2.1.el6.i686.rpm50889cb30a83d840be4eae5d9ab86cdd47b37777ff2547f77809ce9a0a7d465exorg-x11-proto-devel-7.7-9.el6.noarch.rpmf93854722c981d8f625000557e69c8d4c35a4102a8d372e1469ed425d4600a3clibdmx-devel-1.1.3-3.el6.i686.rpm07e49d14fa10f43c430afae227599937ea2ac22ed388eab2915b65c4a2fdc582libXext-devel-1.3.2-2.1.el6.i686.rpm88d79219593e26751e5397f9f44fbe7896a80f1dd5d69f2dfce701efd60c44d3libXfixes-5.0.1-2.1.el6.i686.rpm0ab6ce8010c7bbd610f1496dc55330e8de871b1b60f10c5904fd948b2712d20flibXxf86dga-1.1.4-2.1.el6.i686.rpmf2945ce0c9b7080904d4b5860b6572821459971c5c596dcea5352fc72df08803libXcursor-devel-1.1.14-2.1.el6.i686.rpm2d644a63e6b4181bbe424870d2920229013e453c14bc76b8b4678ee3efe271c7libXres-devel-1.0.7-2.1.el6.i686.rpmbdadcc880c6ed3dd629760fcb901f4b10608ff2416737ef80393039f4fd7d47flibXres-1.0.7-2.1.el6.i686.rpm29133eccf51699c10c69c4b9de80180976f0b6c7ade6699cfb339290338e0965libXp-1.0.2-2.1.el6.i686.rpm5ba7674943071233560c4351f2b833fef9332e5908e88725f2d0252dad4fbfcelibXt-1.1.4-6.1.el6.i686.rpm5a09b9d13c7294529e5964ae2f55a282cacfc93096c6f1c80dc3e2954f0dd6f4libxcb-python-1.9.1-2.el6.i686.rpmc863de4471c2b4e66f1343fde65b270c7e593b6bc4932171807a6227c6e983c0libXvMC-1.0.8-2.1.el6.i686.rpm64dd9b34fd2cb8d3c1859f74c7ad56bff024674e6f4316eefcc54924fd3b7190libxcb-doc-1.9.1-2.el6.noarch.rpm40a262c1af15cd7cbf428790fe36d925fa7d8afa52e6ec2bc96cdca002d1bc26libXrandr-1.4.1-2.1.el6.i686.rpmb5b632cc24fe9e33d00ab6a34d4a78276086448a02d93823601d7fb63c83579blibXvMC-devel-1.0.8-2.1.el6.i686.rpm41203899bcb3c7142bcc8e83970d727619d971236fa6e16d582ccc04bbf13cbalibXrender-0.9.8-2.1.el6.i686.rpm91f8e5e3e6be0f978063fff0c8d27f1e07e8813e48010691e95eee4af12039delibXi-1.7.2-2.2.el6.i686.rpmb33ca6ca59302e949ab3d417bd5cdacce8659da70f77382a50638a66b618cc60libXt-devel-1.1.4-6.1.el6.i686.rpm414d24da346f6d93914b00888b0eaec75bd249c2cabc0fa52d3867e7e0919f03libXfixes-devel-5.0.1-2.1.el6.i686.rpm2a60b721597759208690814d752240031ee04147bb33986da9479b6dd77a8905SLSA-2014:1507-2A flaw was found in the way tcsd, the daemon that manages Trusted Computing resources, processed incoming TCP packets. A remote attacker could send a specially crafted TCP packet that, when processed by tcsd, could cause the daemon to crash. Note that by default tcsd accepts requests on localhost only. (CVE-2012-0698) The trousers package has been upgraded to upstream version 0.3.13, which provides a number of bug fixes and enhancements over the previous version, including corrected internal symbol names to avoid collisions with other applications, fixed memory leaks, added IPv6 support, fixed buffer handling in tcsd, as well as changed the license to BSD.lowScientific Linux FermiScientific Linux Fermi 6trousers-devel-0.3.13-2.el6.i686.rpm59383753281bc86170b05dbd98133d4c0a665174de3023da671393527003e46ftrousers-static-0.3.13-2.el6.i686.rpm6efb671346be5b6fc421b18c6da82f8372e8ce9767665f1c4539b83a3d01d8d5trousers-0.3.13-2.el6.i686.rpmafd4eec2a3e638489e1c7266efce55e471141b91f5d89d7127dafac4f3969cb1SLSA-2014:1552-2It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record. (CVE-2014-2653) It was found that OpenSSH did not properly handle certain AcceptEnv parameter values with wildcard characters. A remote attacker could use this flaw to bypass intended environment variable restrictions. (CVE-2014-2532) This update also fixes the following bugs: * Based on the SP800-131A information security standard, the generation of a digital signature using the Digital Signature Algorithm (DSA) with the key size of 1024 bits and RSA with the key size of less than 2048 bits is disallowed after the year 2013. After this update, ssh-keygen no longer generates keys with less than 2048 bits in FIPS mode. However, the sshd service accepts keys of size 1024 bits as well as larger keys for compatibility reasons. * Previously, the openssh utility incorrectly set the oom_adj value to -17 for all of its children processes. This behavior was incorrect because the children processes were supposed to have this value set to 0. This update applies a patch to fix this bug and oom_adj is now properly set to 0 for all children processes as expected. * Previously, if the sshd service failed to verify the checksum of an installed FIPS module using the fipscheck library, the information about this failure was only provided at the standard error output of sshd. As a consequence, the user could not notice this message and be uninformed when a system had not been properly configured for FIPS mode. To fix this bug, this behavior has been changed and sshd now sends such messages via the syslog service. * When keys provided by the pkcs11 library were removed from the ssh agent using the "ssh-add -e" command, the user was prompted to enter a PIN. With this update, a patch has been applied to allow the user to remove the keys provided by pkcs11 without the PIN. In addition, this update adds the following enhancements: * With this update, ControlPersist has been added to OpenSSH. The option in conjunction with the ControlMaster configuration directive specifies that the master connection remains open in the background after the initial client connection has been closed. * When the sshd daemon is configured to force the internal SFTP session, and the user attempts to use a connection other than SFTP, the appropriate message is logged to the /var/log/secure file. * Support for Elliptic Curve Cryptography modes for key exchange (ECDH) and host user keys (ECDSA) as specified by RFC5656 has been added to the openssh packages. However, they are not enabled by default and the user has to enable them manually.moderateScientific Linux FermiScientific Linux Fermi 6openssh-clients-5.3p1-104.el6.i686.rpmfbf240c2b7fa5078bc4eadb3b528a511b43bd2d97054f5409801d48a2d9077d9openssh-5.3p1-104.el6.i686.rpm28799b715267edf218db57818b2aca9b28abc09caab0ac3c106dccdcf1277e4dopenssh-askpass-5.3p1-104.el6.i686.rpm7e703f3dc4b1cbc044c39b43e3d5baa8a07bae15bee67f4e15d83bbadd39754bopenssh-ldap-5.3p1-104.el6.i686.rpm82364f0740f0b1fef9c9c06bd801483a6e4014f8e8b94c817a54ca684f1f13c0pam_ssh_agent_auth-0.9.3-104.el6.i686.rpmc185a135d7cef085defeac298761e88ee9173d0d399595a1827087cb78eeeac3openssh-server-5.3p1-104.el6.i686.rpm36f08d890ebbd10163bacbcbb5baaa359947475da0f6ef041a1b73236586d527SLSA-2014:1606-2Multiple denial of service flaws were found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use either of these flaws to crash file, or an application using file, via a specially crafted CDF file. (CVE-2014-0237, CVE-2014-0238, CVE-2014-3479, CVE-2014-3480, CVE-2012-1571) Two denial of service flaws were found in the way file handled indirect and search rules. A remote attacker could use either of these flaws to cause file, or an application using file, to crash or consume an excessive amount of CPU. (CVE-2014-1943, CVE-2014-2270) This update also fixes the following bugs: * Previously, the output of the "file" command contained redundant white spaces. With this update, the new STRING_TRIM flag has been introduced to remove the unnecessary white spaces. * Due to a bug, the "file" command could incorrectly identify an XML document as a LaTex document. The underlying source code has been modified to fix this bug and the command now works as expected. * Previously, the "file" command could not recognize .JPG files and incorrectly labeled them as "Minix filesystem". This bug has been fixed and the command now properly detects .JPG files. * Under certain circumstances, the "file" command incorrectly detected NETpbm files as "x86 boot sector". This update applies a patch to fix this bug and the command now detects NETpbm files as expected. * Previously, the "file" command incorrectly identified ASCII text files as a .PIC image file. With this update, a patch has been provided to address this bug and the command now correctly recognizes ASCII text files. * On 32-bit PowerPC systems, the "from" field was missing from the output of the "file" command. The underlying source code has been modified to fix this bug and "file" output now contains the "from" field as expected. * The "file" command incorrectly detected text files as "RRDTool DB version ool - Round Robin Database Tool". This update applies a patch to fix this bug and the command now correctly detects text files. * Previously, the "file" command supported only version 1 and 2 of the QCOW format. As a consequence, file was unable to detect a "qcow2 compat=1.1" file created on Scientific Linux 7. With this update, support for QCOW version 3 has been added so that the command now detects such files as expected.moderateScientific Linux FermiScientific Linux Fermi 6python-magic-5.04-21.el6.i686.rpmd1a3a4d4bcab9e2a245afdc4eac7fcc624e6b3d85ed621ad8a71f5dbb84efc47file-static-5.04-21.el6.i686.rpm7abe25a50c2d752e9109cd4d53cf82710dc967459287efd73113eb9b9f7f43cdfile-5.04-21.el6.i686.rpm742d0bd14f5cfefce79f0566d89e0f08723a86c8d65aa9634aeca4e3250435f4file-libs-5.04-21.el6.i686.rpm4d06797cbbcf25e64a5ce41b6fc19f2bd62ce9b5dc11c886a49061cd60b76533file-devel-5.04-21.el6.i686.rpmb922f16275bffe0448d59f3089045b382c0606e88f40b3e60da391328d26ee45SLSA-2014:1620-1Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-6519) It was discovered that the StAX XML parser in the JAXP component in OpenJDK performed expansion of external parameter entities even when external entity substitution was disabled. A remote attacker could use this flaw to perform XML eXternal Entity (XXE) attack against applications using the StAX parser to parse untrusted XML documents. (CVE-2014-6517) It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source. (CVE-2014-6512) It was discovered that the TLS/SSL implementation in the JSSE component in OpenJDK failed to properly verify the server identity during the renegotiation following session resumption, making it possible for malicious TLS/SSL servers to perform a Triple Handshake attack against clients using JSSE and client certificate authentication. (CVE-2014-6457) It was discovered that the CipherInputStream class implementation in OpenJDK did not properly handle certain exceptions. This could possibly allow an attacker to affect the integrity of an encrypted stream handled by this class. (CVE-2014-6558) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. This update also fixes the following bug: * The TLS/SSL implementation in OpenJDK previously failed to handle Diffie-Hellman (DH) keys with more than 1024 bits. This caused client applications using JSSE to fail to establish TLS/SSL connections to servers using larger DH keys during the connection handshake. This update adds support for DH keys with size up to 2048 bits. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.71-2.5.3.1.el6.i686.rpm7c9a23d9a770a3bfb40582a4c90f03b810b6adc1807fd84323f31e1df874a967java-1.7.0-openjdk-demo-1.7.0.71-2.5.3.1.el6.i686.rpmd66de93ce280320a0786d3f7c4a6a265cc1397151da4bd85cf12efb0e59070a6java-1.7.0-openjdk-src-1.7.0.71-2.5.3.1.el6.i686.rpmf59ebce49a76baf9f697dff88592116688f9a6d703dd3dcaaf42cb7411287075java-1.7.0-openjdk-1.7.0.71-2.5.3.1.el6.i686.rpmf8091c3b2e72a365fffe79a74ec7e7b45d034d3996e111d9bc061d755d3ecdd8java-1.7.0-openjdk-javadoc-1.7.0.71-2.5.3.1.el6.noarch.rpm17778c2d582e11217583b523b3e29c7800d79fa65804502861785ece1e87404fSLSA-2014:1634-1Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-6519) It was discovered that the StAX XML parser in the JAXP component in OpenJDK performed expansion of external parameter entities even when external entity substitution was disabled. A remote attacker could use this flaw to perform XML eXternal Entity (XXE) attack against applications using the StAX parser to parse untrusted XML documents. (CVE-2014-6517) It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source. (CVE-2014-6512) It was discovered that the TLS/SSL implementation in the JSSE component in OpenJDK failed to properly verify the server identity during the renegotiation following session resumption, making it possible for malicious TLS/SSL servers to perform a Triple Handshake attack against clients using JSSE and client certificate authentication. (CVE-2014-6457) It was discovered that the CipherInputStream class implementation in OpenJDK did not properly handle certain exceptions. This could possibly allow an attacker to affect the integrity of an encrypted stream handled by this class. (CVE-2014-6558) This update also fixes the following bug: * The TLS/SSL implementation in OpenJDK previously failed to handle Diffie-Hellman (DH) keys with more than 1024 bits. This caused client applications using JSSE to fail to establish TLS/SSL connections to servers using larger DH keys during the connection handshake. This update adds support for DH keys with size up to 2048 bits. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-1.6.0.33-1.13.5.0.el6_6.i686.rpm4e4be4298a4ec53656cc08855e17d9a253d4cc5d3fb85c9d5b832310a55365c6java-1.6.0-openjdk-devel-1.6.0.33-1.13.5.0.el6_6.i686.rpma9bbb5a884c6c853438943443a0aeef82e8add2600f35a7ba0ce63a1d04bba57java-1.6.0-openjdk-javadoc-1.6.0.33-1.13.5.0.el6_6.i686.rpm181bf7b236028653b24b570f7aaa380479828b6b219db27e6cbb38137e1f1c3djava-1.6.0-openjdk-src-1.6.0.33-1.13.5.0.el6_6.i686.rpm04d0dbb32fa1183aba9c4bab9323f6fd296413cc023d88f9369eb63b6571e65bjava-1.6.0-openjdk-demo-1.6.0.33-1.13.5.0.el6_6.i686.rpm9837c0c0aaa1f3816c92137c2dd9d7dc394c141b955d18e7c59ffbcf3dc3fae7SLSA-2014:1635-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1574, CVE-2014-1578, CVE-2014-1581, CVE-2014-1576, CVE-2014-1577) A flaw was found in the Alarm API, which allows applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass cross-origin restrictions. (CVE-2014-1583) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-31.2.0-3.el6_6.i686.rpmc3fce09f760cef63846c130540693c367363242fc6e3857d6c131e7751faa82eSLSA-2014:1636-1It was discovered that the Libraries component in OpenJDK failed to properly handle ZIP archives that contain entries with a NUL byte used in the file names. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2014-6562) Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-6519) It was discovered that the StAX XML parser in the JAXP component in OpenJDK performed expansion of external parameter entities even when external entity substitution was disabled. A remote attacker could use this flaw to perform XML eXternal Entity (XXE) attack against applications using the StAX parser to parse untrusted XML documents. (CVE-2014-6517) It was discovered that the Hotspot component in OpenJDK failed to properly handle malformed Shared Archive files. A local attacker able to modify a Shared Archive file used by a virtual machine of a different user could possibly use this flaw to escalate their privileges. (CVE-2014-6468) It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source. (CVE-2014-6512) It was discovered that the TLS/SSL implementation in the JSSE component in OpenJDK failed to properly verify the server identity during the renegotiation following session resumption, making it possible for malicious TLS/SSL servers to perform a Triple Handshake attack against clients using JSSE and client certificate authentication. (CVE-2014-6457) It was discovered that the CipherInputStream class implementation in OpenJDK did not properly handle certain exceptions. This could possibly allow an attacker to affect the integrity of an encrypted stream handled by this class. (CVE-2014-6558) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.8.0-openjdk-devel-1.8.0.25-1.b17.el6.i686.rpm6e662cc0798c15c6f15e1d858df756df068d5699a1be87a482376154572073f8java-1.8.0-openjdk-headless-1.8.0.25-1.b17.el6.i686.rpm84b54db0a607627d1e1bca95db9895fb184a80ea3539ad1ce5e279657d7fc702java-1.8.0-openjdk-src-1.8.0.25-1.b17.el6.i686.rpm4f2463df5b267ae33ac773911c914323f8241ccd3adf9935c5e36a4ec0571ec3java-1.8.0-openjdk-1.8.0.25-1.b17.el6.i686.rpmf7b1a99070f0cadcf9c6a5869f9d7b522460e7406a618c99f9e582d7efdc1525java-1.8.0-openjdk-demo-1.8.0.25-1.b17.el6.i686.rpm35deb25c79f8a2e2c21a343864df4d05d40a6ecd4a8b09b99a030e55b10d5fa5java-1.8.0-openjdk-javadoc-1.8.0.25-1.b17.el6.noarch.rpmff064457500f8713a25f1d14c450e0d3cfa3870a2a484cf769865183e63c3a4eSLSA-2014:1647-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1574, CVE-2014-1578, CVE-2014-1581, CVE-2014-1577) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-31.2.0-3.el6_6.i686.rpmfa6dbdafefe30c2f1e0d9d7a369bda9bd275eeed979944b42cbde4dd10399461SLSA-2014:1652-1This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see Upstream's Knowledgebase article at https://access.redhat.com/articles/1232123 A memory leak flaw was found in the way OpenSSL parsed the DTLS Secure Real-time Transport Protocol (SRTP) extension data. A remote attacker could send multiple specially crafted handshake messages to exhaust all available memory of an SSL/TLS or DTLS server. (CVE-2014-3513) A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server. (CVE-2014-3567) CVE-2014-3566 issue and correct the CVE-2014-3513 and CVE-2014-3567 issues. For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.importantScientific Linux FermitruetrueScientific Linux Fermi 6openssl-perl-1.0.1e-30.el6_6.2.i686.rpm383884219b87fc285689726a62aee0e04200a41d9a9b098f4467b44fcc481100openssl-1.0.1e-30.el6_6.2.i686.rpm8ce23a0e212a63a0885e9c10595cee8b96018c87fafe6ff387b57af30c0dc86copenssl-static-1.0.1e-30.el6_6.2.i686.rpm38f384f86b5c370551ba0d00d0c815f3b4dd24cacbdb43098ad3a343ea25650copenssl-devel-1.0.1e-30.el6_6.2.i686.rpm44b84b61661a0e0b9e8833abbc7400ae48ee39399fa22ed98447e16f778b9ce5SLSA-2014:1655-1A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (CVE-2014-3660) The desktop must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libxml2-devel-2.7.6-17.el6_6.1.i686.rpm3ae4440616ebaeb636a49548cba9395784ea13cdcd289f4b6fcda69d39f237c2libxml2-static-2.7.6-17.el6_6.1.i686.rpme8a7b9207b8ac7a454efaea2f53c15ba2905178b7f9267ff37caad3b960dd48elibxml2-python-2.7.6-17.el6_6.1.i686.rpmed2a2c82f4403346bf44c1cc10d1bc29bb0c44c08e9b4506ded5121947f606cdlibxml2-2.7.6-17.el6_6.1.i686.rpm5472325afc6cb5a1f11ac353af30aa590ebd295d54e3afffd95c0dd71e01667aSLSA-2014:1671-1A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon. (CVE-2014-3634) After installing the update, the rsyslog service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6rsyslog-5.8.10-9.el6_6.i686.rpmc4037b87e13580c5abddd35281a995189a04fb8f13bfdb9a2d4d10fe06cc3c5drsyslog-gssapi-5.8.10-9.el6_6.i686.rpm81ead02838476ef7eac8d8e7497774b7fb1ee38ce5873759d86f8aa7fbd3f189rsyslog-pgsql-5.8.10-9.el6_6.i686.rpm9f1010f626692463500fd5888af7070a9b85be42a5b0fec01560669a2be4f326rsyslog-snmp-5.8.10-9.el6_6.i686.rpmeb0958d3d7837d18bc1e430f85f65860cf0a2354234c5491185005fbc201dfafrsyslog-gnutls-5.8.10-9.el6_6.i686.rpm0e6dce79550a2ac8468103c5b450d0639bd40e0a2480967f037e90bb52e33d35rsyslog-relp-5.8.10-9.el6_6.i686.rpmf413ac680d5d719e2fce29e3e532846ff314f199a678dbd8cc0e2a6fb8dd0a58rsyslog-mysql-5.8.10-9.el6_6.i686.rpmf979a797f67f737a475c8df02fccc35ead17aa40249632bc45f594afc2348eb3SLSA-2014:1676-1Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2014-6429, CVE-2014-6430, CVE-2014-6431, CVE-2014-6432) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-6421, CVE-2014-6422, CVE-2014-6423, CVE-2014-6424, CVE-2014-6425, CVE-2014-6426, CVE-2014-6427, CVE-2014-6428) All running instances of Wireshark must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6wireshark-devel-1.8.10-8.el6_6.i686.rpm45da8b4b5759aa16eea703c2553a4380794ae0d8aacaccb726d752bd6de7f22bwireshark-gnome-1.8.10-8.el6_6.i686.rpm9e0586968d532e56e15b17b0b8930407d2035fb78d2e1f6c3a47a037e4bd10b4wireshark-1.8.10-8.el6_6.i686.rpm53c45800bb0b2d3a0ce3332eb79d3f6e834de9748d1ba81387dcb068611b82ffSLSA-2014:1764-1A flaw was found in the way Wget handled symbolic links. A malicious FTP server could allow Wget running in the mirror mode (using the '-m' command line option) to write an arbitrary file to a location writable to by the user running Wget, possibly leading to code execution. (CVE-2014-4877) Note: This update changes the default value of the --retr-symlinks option. The file symbolic links are now traversed by default and pointed-to files are retrieved rather than creating a symbolic link locally.moderateScientific Linux FermiScientific Linux Fermi 6wget-1.12-5.el6_6.1.i686.rpm7c866439f1df0704a66dcc4d15a3d144b131d8e14373b38fed74c711931dc0b7SLSA-2014:1767-1A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670) An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669) An out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file. (CVE-2014-3710) An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668) The CVE-2014-3710 issue was discovered by Francisco Alonso of Red Hat Product Security. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6php-5.3.3-40.el6_6.i686.rpmdaef2b3fbced943de264dd49bfab33f3308d7c4db152ff9119510fbf3063341dphp-tidy-5.3.3-40.el6_6.i686.rpm9fabf97c9bedc370121509d78d9d7ccd075abdaa97262db2973461e581dcc2ffphp-pspell-5.3.3-40.el6_6.i686.rpm285c4c0dc6ceba3083eb90adcd9a71b0a1914757ce0ec9678bb1502e1748d717php-common-5.3.3-40.el6_6.i686.rpm35559e112f865ae130aada654bd0ef2ff01cc8f9be783db7a00fe0caf02cb39cphp-zts-5.3.3-40.el6_6.i686.rpm57845d44027cb836ebf14ff35e8fc453a65d05c8d4be38ccfe080cb70338c2e7php-gd-5.3.3-40.el6_6.i686.rpm9f5b3553c0ceb927061be13d7d27ff7047505a019be0735393cc7f4417741155php-mbstring-5.3.3-40.el6_6.i686.rpmba9b6a2d2205b5c49461f6596bbd9dfc5426c56a243904f4729785f123ac9a1aphp-pgsql-5.3.3-40.el6_6.i686.rpmaa767136317d24c74cfb7ccf540622e11006a185dbd822b0d43a46dc1100d9a2php-mysql-5.3.3-40.el6_6.i686.rpm9763619d05ae3dafe8f57315c376cf2785fc5c74eb19df568689490843240bd1php-odbc-5.3.3-40.el6_6.i686.rpmcf9993e8ad8542af5564eb8ec08cce79b22b2bab94296d7bd7bc1deea49676b1php-xmlrpc-5.3.3-40.el6_6.i686.rpm6c1f9d5e38ba320310ed5b16accfde188710d51ebd97ea6e26ffd23d304b0d63php-recode-5.3.3-40.el6_6.i686.rpm0bd2e25ff493ea500acad897e96b1ac81335d0e1b960ef773650141edc16154cphp-intl-5.3.3-40.el6_6.i686.rpm4e0e5a28ea5148e7c5a9ae843fd806ea7435e76bc3c0d46abcf526c6a51a6243php-embedded-5.3.3-40.el6_6.i686.rpm247a3433ac02ffd37faf1d6c475f51236c978045e7478cec69613b44f78b4114php-xml-5.3.3-40.el6_6.i686.rpmb3375063b6bfc9655763a3a18ff522566278389fcf232b1c71713a7c969d9c69php-soap-5.3.3-40.el6_6.i686.rpmd4019af9024320e3aa1451e8dbd266c7e201a3ad63db7037af249013ad6b04edphp-enchant-5.3.3-40.el6_6.i686.rpm4e377a373067cdf0ec2be2d97ce836345447aeeff570f2127d3037326b9b8012php-fpm-5.3.3-40.el6_6.i686.rpmf8d04dafbde6c33c27adc504897e651ee7aaf4584b38943cee9488b952371306php-devel-5.3.3-40.el6_6.i686.rpm11d26dad51a26df0acdd85493b05a624dd5d598a8ae0f0b62d50fa404e53f6b4php-dba-5.3.3-40.el6_6.i686.rpmf24d7a6fb38812456e10626b7335a6b93f999a418162de43266ecb7bf3c43be2php-imap-5.3.3-40.el6_6.i686.rpm93c04203a61d4d147d80b60fe128aeab54ab9820c52d12e70bc6ff2081d319adphp-pdo-5.3.3-40.el6_6.i686.rpm1a13dce2d4dafafccd7dd501cd4aa0822ac4910c15bb0d2f3f49026bbba4e83ephp-cli-5.3.3-40.el6_6.i686.rpmb7a4a5c4dcdd8027fd712426cced975d6741dca894df9e47d9a7db5c9bdc163dphp-snmp-5.3.3-40.el6_6.i686.rpm800bd07e410c9736f7807bf3e57620e757767c75d95a8efa971f546ff2a4b33bphp-ldap-5.3.3-40.el6_6.i686.rpm7b7f75e2220e05660d2d477c7d0ae07b906adb4f7a7d5dea6c79be8cd0b4fae8php-process-5.3.3-40.el6_6.i686.rpm2948791de3b684d1d3336f98760fec7183360aa2a8f70bd76c8b0447b8831300php-bcmath-5.3.3-40.el6_6.i686.rpm4d033d2d459aa08e9b1955e1ab185403d0527ad289ae741958a8a5a105c15debSLSA-2014:1803-1An information disclosure flaw was found in mod_auth_mellon's session handling that could lead to sessions overlapping in memory. A remote attacker could potentially use this flaw to obtain data from another user's session. (CVE-2014-8566) It was found that uninitialized data could be read when processing a user's logout request. By attempting to log out, a user could possibly cause the Apache HTTP Server to crash. (CVE-2014-8567)importantScientific Linux FermiScientific Linux Fermi 6mod_auth_mellon-0.8.0-3.el6_6.i686.rpmb71b918a4c586897c24e420b418e2682467b704de81d45a846c395575e48303bSLSA-2014:1826-1An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way screen sizes were handled by LibVNCServer. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code in the client. (CVE-2014-6051) A NULL pointer dereference flaw was found in LibVNCServer's framebuffer setup. A malicious VNC server could use this flaw to cause a VNC client to crash. (CVE-2014-6052) A NULL pointer dereference flaw was found in the way LibVNCServer handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specially crafted ClientCutText message from a VNC client. (CVE-2014-6053) A divide-by-zero flaw was found in the way LibVNCServer handled the scaling factor when it was set to "0". A remote attacker could use this flaw to crash the VNC server using a malicious VNC client. (CVE-2014-6054) Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client. (CVE-2014-6055) All running applications linked against libvncserver must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libvncserver-0.9.7-7.el6_6.1.i686.rpm6154ee3666453bff2f92f85462ed09cf73ae6fc775c46f102fcc7b9aead1ca6clibvncserver-devel-0.9.7-7.el6_6.1.i686.rpmf6ba45ffd689e265e636842cbe9181c7645c5a696f4388f89936abfc43b5084fSLSA-2014:1843-1NOTE users of CVMFS: this kernel contains a bug within the FUSE filesystem which makes this kernel unsuitable for use on CVMFS servers. * A race condition flaw was found in the way the Linux kernel's KVM subsystem handled PIT (Programmable Interval Timer) emulation. A guest user who has access to the PIT I/O ports could use this flaw to crash the host. (CVE-2014-3611, Important) * A memory corruption flaw was found in the way the USB ConnectTech WhiteHEAT serial driver processed completion commands sent via USB Request Blocks buffers. An attacker with physical access to the system could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-3185, Moderate) * It was found that the Linux kernel's KVM subsystem did not handle the VM exits gracefully for the invept (Invalidate Translations Derived from EPT) and invvpid (Invalidate Translations Based on VPID) instructions. On hosts with an Intel processor and invept/invppid VM exit support, an unprivileged guest user could use these instructions to crash the guest. (CVE-2014-3645, CVE-2014-3646, Moderate) This update also fixes the following bugs: * This update fixes several race conditions between PCI error recovery callbacks and potential calls of the ifup and ifdown commands in the tg3 driver. When triggered, these race conditions could cause a kernel crash. * Previously, GFS2 failed to unmount a sub-mounted GFS2 file system if its parent was also a GFS2 file system. This problem has been fixed by adding the appropriate d_op->d_hash() routine call for the last component of the mount point path in the path name lookup mechanism code (namei). * Due to previous changes in the virtio-net driver, a Scientific Linux 6.6 guest was unable to boot with the "mgr_rxbuf=off" option specified. This was caused by providing the page_to_skb() function with an incorrect packet length in the driver's Rx path. This problem has been fixed and the guest in the described scenario can now boot successfully. * When using one of the newer IPSec Authentication Header (AH) algorithms with Openswan, a kernel panic could occur. This happened because the maximum truncated ICV length was too small. To fix this problem, the MAX_AH_AUTH_LEN parameter has been set to 64. * A bug in the IPMI driver caused the kernel to panic when an IPMI interface was removed using the hotmod script. The IPMI driver has been fixed to properly clean the relevant data when removing an IPMI interface. * Due to a bug in the IPMI driver, the kernel could panic when adding an IPMI interface that was previously removed using the hotmod script. This update fixes this bug by ensuring that the relevant shadow structure is initialized at the right time. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-devel-2.6.32-504.1.3.el6.i686.rpm0f0b7a41277f663d550fda399888c0852ac62cca19a9386b6c750a1a9286e657kernel-2.6.32-504.1.3.el6.i686.rpm303898b05ae85c4017f4905a33ec1fd32f2422e16d6721ba2d45794e3d16376bkernel-debug-devel-2.6.32-504.1.3.el6.i686.rpm9d23a2684427512a4c150c1501140949803b5def2ee631ee5b5be4b1dbd2d5a0python-perf-2.6.32-504.1.3.el6.i686.rpmf4f4d71f36b7e86a7f233b3b28baf12aed7dae4b163a93fb029080879117e965kernel-headers-2.6.32-504.1.3.el6.i686.rpmffc1044227b6233dbb7b5a42955172b6086146dc91303f414dc393de33faad27kernel-doc-2.6.32-504.1.3.el6.noarch.rpm6a4a77a9e9b652d63ac2479f3a0ca51b7a2c124f813f75c62fb9c423f0090e6fkernel-debug-2.6.32-504.1.3.el6.i686.rpm4a376e51e1f63e1996e018cd6204844bd69c6a96e71cc35ecb8947f0c4299ac3kernel-firmware-2.6.32-504.1.3.el6.noarch.rpm871421f443ea3f8aeac031cf40c0ce4a549764433db74f975b73ff02aae5ff2dperf-2.6.32-504.1.3.el6.i686.rpm77f58ccfd025f6219e9d51e86be0fa581b8ec88f4046ee4f46e92e6c50370724kernel-abi-whitelists-2.6.32-504.1.3.el6.noarch.rpmb1cf71ecc885cac4f605b0f8981f39eb43b41dd8ec07a32075b1c1c19f825c3bSLSA-2014:1870-1A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2014-0209) Multiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211) All running X.Org server instances must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libXfont-devel-1.4.5-4.el6_6.i686.rpm4c75f547da3f2d96a163c88c100cac14e7987523834fee75ca010b115df56fc5libXfont-1.4.5-4.el6_6.i686.rpm5fceb6557b2a73aee299a5b81ace5df3f676dfa234a7f21ea79bf6cdafaf0047SLSA-2014:1873-1An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non- persistent (live) disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process. (CVE-2014-3633) A denial of service flaw was found in the way libvirt's virConnectListAllDomains() function computed the number of used domains. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to make any domain operations within libvirt unresponsive. (CVE-2014-3657) It was found that when the VIR_DOMAIN_XML_MIGRATABLE flag was used, the QEMU driver implementation of the virDomainGetXMLDesc() function could bypass the restrictions of the VIR_DOMAIN_XML_SECURE flag. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to leak certain limited information from the domain XML data. (CVE-2014-7823) This update also fixes the following bug: When dumping migratable XML configuration of a domain, libvirt removes some automatically added devices for compatibility with older libvirt releases. If such XML is passed to libvirt as a domain XML that should be used during migration, libvirt checks this XML for compatibility with the internally stored configuration of the domain. However, prior to this update, these checks failed because of devices that were missing (the same devices libvirt removed). As a consequence, migration with user-supplied migratable XML failed. Since this feature is used by OpenStack, migrating QEMU/KVM domains with OpenStack always failed. With this update, before checking domain configurations for compatibility, libvirt transforms both user-supplied and internal configuration into a migratable form (automatically added devices are removed) and checks those instead. Thus, no matter whether the user-supplied configuration was generated as migratable or not, libvirt does not err about missing devices, and migration succeeds as expected. After installing the updated packages, libvirtd will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6libvirt-0.10.2-46.el6_6.2.i686.rpm7aaec8cab9b90dccc170d8c90abf598e9ea0db022dc11c7189539c30400a0bdelibvirt-client-0.10.2-46.el6_6.2.i686.rpm7ce72bfb9c20f4a52cf4c03d94402c506b983cecb9df49c6702c2c26390a454dlibvirt-python-0.10.2-46.el6_6.2.i686.rpmb26fbc382df28d25202bd4515e84e74ab65910a6894905b4ac9c1ca3b8433d77libvirt-devel-0.10.2-46.el6_6.2.i686.rpm44198444cbebee514b3097ea6f2774b3feba31f0be67e399902425ce42f4ed58SLSA-2014:1911-1Multiple denial of service flaws were found in the way the Ruby REXML XML parser performed expansion of parameter entities. A specially crafted XML document could cause REXML to use an excessive amount of CPU and memory. (CVE-2014-8080, CVE-2014-8090) All running instances of Ruby need to be restarted for this update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6ruby-libs-1.8.7.374-3.el6_6.i686.rpm9a7bec6a636165015c366ba22942161f1c0dec62f165d3684b21235056955b48ruby-ri-1.8.7.374-3.el6_6.i686.rpma7c3576ae51ae5dfc4e3da4dfb8d760e8fcd678e891770e9d4efbab9dbcf5724ruby-devel-1.8.7.374-3.el6_6.i686.rpm63db0542a471bc6ef305918d74440118de7142c4622b9d365386d837fa64b9d9ruby-irb-1.8.7.374-3.el6_6.i686.rpm039aad07a70db3175f8ad8769d9f39d7bec96b684dc3e06d06b80d4a61b9a21eruby-docs-1.8.7.374-3.el6_6.i686.rpm712fbe94d8d690a8cd682a89151ba7ba3a4991f030057acda928926e7169670bruby-static-1.8.7.374-3.el6_6.i686.rpm08071197917e89b42fc7bfada5102a790c72ba19678b427a69f05b333ac61123ruby-tcltk-1.8.7.374-3.el6_6.i686.rpm64a7bae362333be2682abd4cd4dbc3bd0bfd9942bdef96ffe0a3f157adca8dd8ruby-1.8.7.374-3.el6_6.i686.rpmdf76995299adb57fdfc20e38b12a1f8cc3b83df61fa6ace2764e8dd22392d0d8ruby-rdoc-1.8.7.374-3.el6_6.i686.rpm7db1128657709d835da48c987840d7f7e163846db8829189e4190ade22dac8deSLSA-2014:1919-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1587, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593) A flaw was found in the Alarm API, which could allow applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass the same-origin policy. (CVE-2014-1594) This update disables SSL 3.0 support by default in Firefox. Details on how to re-enable SSL 3.0 support are available at: After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-31.3.0-3.el6_6.i686.rpm8c71fe96f034de76b752a618a5b85f69406c21892b00e252361bf426b6df0c39SLSA-2014:1924-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1587, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593) A flaw was found in the Alarm API, which could allow applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass the same-origin policy. (CVE-2014-1594) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. This update disables SSL 3.0 support by default in Thunderbird. Details on how to re-enable SSL 3.0 support are available at: After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-31.3.0-1.el6_6.i686.rpm41fdab6197b8d15d0b2eee578bab39f677589da9ee5d127affe54e2c97e6373dSLSA-2014:1948-1This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. The nss, nss-util, and nss-softokn packages have been upgraded to upstream version 3.16.2.3, which provides a number of bug fixes and enhancements over the previous version, and adds the support for Mozilla Firefox 31.3. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6nss-devel-3.16.2.3-3.el6_6.i686.rpm26cdaad8d64b920111c9726341fa9aa106d803ec4e2ab321b813dd1824848c52nss-sysinit-3.16.2.3-3.el6_6.i686.rpm5cdd4ec0609a78d39497696edbac10f62857ddcff3203280b37b36da7d0101d9nss-3.16.2.3-3.el6_6.i686.rpme480c75f5aa91b8f489675d302d48913a6ffd084fe8d963aa13069b810c83ae1nss-pkcs11-devel-3.16.2.3-3.el6_6.i686.rpm29b8b9adcd2bd5a18026f1d0009002a9d8366363a7996f8c2a516a55418224ecnss-util-devel-3.16.2.3-2.el6_6.i686.rpm181a894552340d08574c27a075e5e6d5195f5cd44c5ef375f5f2a382cb2af035nss-tools-3.16.2.3-3.el6_6.i686.rpma9771dea2fd4af1756af5deeb2de0b48aad80322b93a4293286cb417524f2a3anss-util-3.16.2.3-2.el6_6.i686.rpma684f38d61c04db23e6d9dd256d8be8c0c011d6fdf685660588159c32c1efabfSLSA-2014:1974-1It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and extracts commands from it. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation. (CVE-2013-6435) All running applications linked against the RPM library must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6rpm-cron-4.8.0-38.el6_6.noarch.rpm5e1dc2cd974dd4fd9daeb994576dcfe6850125374e4418944ba481c9d6620d08rpm-apidocs-4.8.0-38.el6_6.noarch.rpm74477f05a5804b1264021aa045a0fdb98edaa12260fa88e945582e1626e45df5rpm-build-4.8.0-38.el6_6.i686.rpmbd7be0c92893b3a48af1fe31af970674aa49b6df65eeb39cf0459d32bb3015f4rpm-4.8.0-38.el6_6.i686.rpme1e094c03825e5eb183f505ba3f6edb83c5f907de5419b807f3dac192ed0053brpm-devel-4.8.0-38.el6_6.i686.rpmc54189a71c369b97554c580c4e538ba28ec57ad5b7733b0ccda506f36ed27c13rpm-libs-4.8.0-38.el6_6.i686.rpm09ce4dd39b287a39a739a616dc35719006c4bd7e831ad70a20b8ef2179569e54rpm-python-4.8.0-38.el6_6.i686.rpmd3b3fc86787c4223c092cc8bdeb67122219ee2ddf98892e4629be280d9ccfbd7SLSA-2014:1983-1Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2014-8092, CVE-2014-8093, CVE-2014-8098) It was found that the X.Org server did not properly handle SUN-DES-1 (Secure RPC) authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request. (CVE-2014-8091) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server, or leak memory contents to the client. (CVE-2014-8097) An integer overflow flaw was found in the way the X.Org server calculated memory requirements for certain DRI2 extension requests. A malicious, authenticated client could use this flaw to crash the X.Org server. (CVE-2014-8094) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server. (CVE-2014-8095, CVE-2014-8096, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102, CVE-2014-8103)importantScientific Linux FermiScientific Linux Fermi 6xorg-x11-server-Xorg-1.15.0-25.sl6.i686.rpm004aeb09564b3e1c1ec51e458e83e28d238afa229fbfc1e4fc9e569a0c8e01a5xorg-x11-server-source-1.15.0-25.sl6.noarch.rpmdca18a630de35696bfb22c4486c8c475cfdbf5e38a96c4a2d493f7d93e30017bxorg-x11-server-Xnest-1.15.0-25.sl6.i686.rpm1920345f048291ac4f14b6f799331c75aeaa1850d19d244e4569bec6e7d60843xorg-x11-server-Xdmx-1.15.0-25.sl6.i686.rpmc7e8cac4b5ac53c026c0033477d4b4bade9f1d078b4e3b58409a632e9f5f351dxorg-x11-server-Xvfb-1.15.0-25.sl6.i686.rpm2cb10d8006f7368846780f80b72b9d710d60845b80bd314e6e8ebf4e38a95f52xorg-x11-server-devel-1.15.0-25.sl6.i686.rpm2bb754480a03b808575fef671115c0867f52dd0a2adf307b766db9c88922568dxorg-x11-server-common-1.15.0-25.sl6.i686.rpm9864811812119f6cf7d15804285ce27c305f6ea23db405d8ada5ab2b0db25256xorg-x11-server-Xephyr-1.15.0-25.sl6.i686.rpmbfd62237714ebdf4c8469c0e289cecbbb4ec4779a08ac4e774debdd58257b823SLSA-2014:1984-1A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-9.8.2-0.30.rc1.el6_6.1.i686.rpm09a4c8389c2f9deeb6302eab0d7055d43dd1701555f5b2f5d6df43890bbd15dbbind-sdb-9.8.2-0.30.rc1.el6_6.1.i686.rpm17342444177859a84efa095301697d439f2a678d1b5c01a3076e1b973d3766e3bind-devel-9.8.2-0.30.rc1.el6_6.1.i686.rpmab287e364f39d08195e471b6fc272eb6334ecc72b29a01cbd04ad8923462f1bfbind-chroot-9.8.2-0.30.rc1.el6_6.1.i686.rpmf9f816b187b53d9e45214a15ac377b18e64dbd31bae230c0d0eb3d2829cddfffbind-libs-9.8.2-0.30.rc1.el6_6.1.i686.rpm130b21424e93083be8f2fc772fc5ab92c26b851565ab2ac2a177ec29b7168119bind-utils-9.8.2-0.30.rc1.el6_6.1.i686.rpmdbb6b52e68d7a5c7cccc1915253760d5450237273a2a263ad8f4b66113e71e1fSLSA-2014:1997-1* A flaw was found in the way the Linux kernel's SCTP implementation handled malformed or duplicate Address Configuration Change Chunks (ASCONF). A remote attacker could use either of these flaws to crash the system. (CVE-2014-3673, CVE-2014-3687, Important) * A flaw was found in the way the Linux kernel's SCTP implementation handled the association's output queue. A remote attacker could send specially crafted packets that would cause the system to use an excessive amount of memory, leading to a denial of service. (CVE-2014-3688, Important) * A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's UDF file system implementation processed indirect ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the system. (CVE-2014-6410, Low) * It was found that the Linux kernel's networking implementation did not correctly handle the setting of the keepalive socket option on raw sockets. A local user able to create a raw socket could use this flaw to crash the system. (CVE-2012-6657, Low) * It was found that the parse_rock_ridge_inode_internal() function of the Linux kernel's ISOFS implementation did not correctly check relocated directories when processing Rock Ridge child link (CL) tags. An attacker with physical access to the system could use a specially crafted ISO image to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-5471, CVE-2014-5472, Low) Bug fixes: * This update fixes a race condition issue between the sock_queue_err_skb function and sk_forward_alloc handling in the socket error queue (MSG_ERRQUEUE), which could occasionally cause the kernel, for example when using PTP, to incorrectly track allocated memory for the error queue, in which case a traceback would occur in the system log. * The zcrypt device driver did not detect certain crypto cards and the related domains for crypto adapters on System z and s390x architectures. Consequently, it was not possible to run the system on new crypto hardware. This update enables toleration mode for such devices so that the system can make use of newer crypto hardware. * After mounting and unmounting an XFS file system several times consecutively, the umount command occasionally became unresponsive. This was caused by the xlog_cil_force_lsn() function that was not waiting for completion as expected. With this update, xlog_cil_force_lsn() has been modified to correctly wait for completion, thus fixing this bug. * When using the ixgbe adapter with disabled LRO and the tx-usec or rs- usec variables set to 0, transmit interrupts could not be set lower than the default of 8 buffered tx frames. Consequently, a delay of TCP transfer occurred. The restriction of a minimum of 8 buffered frames has been removed, and the TCP delay no longer occurs. * The offb driver has been updated for the QEMU standard VGA adapter, fixing an incorrect displaying of colors issue. * Under certain circumstances, when a discovered MTU expired, the IPv6 connection became unavailable for a short period of time. This bug has been fixed, and the connection now works as expected. * A low throughput occurred when using the dm-thin driver to write to unprovisioned or shared chunks for a thin pool with the chunk size bigger than the max_sectors_kb variable. * Large write workloads on thin LVs could cause the iozone and smallfile utilities to terminate unexpectedly.importantScientific Linux FermitrueScientific Linux Fermi 6python-perf-2.6.32-504.3.3.el6.i686.rpm13f780d83f5dbdae2b13f4d314776e4dd4b1e8c88f92a440c7d8dfbe5e871d54kernel-debug-devel-2.6.32-504.3.3.el6.i686.rpm6a58828c3c20c4f9d2617b1af087692431497c1a04e74482beba4e0d5d6c234akernel-2.6.32-504.3.3.el6.i686.rpmf9ab077d7eb25f3dfe0b714f8e574feea75529b6ee3603d301c769324aae0ce0kernel-abi-whitelists-2.6.32-504.3.3.el6.noarch.rpmce7b570f40259b3a8175b9b8b109da8a5c2c2456466c70b6220415ba57f1b51ckernel-headers-2.6.32-504.3.3.el6.i686.rpmfe896e1edb5a79177b40f2b2a419eb5917c2415ba4cf74906afe827701366f03kernel-devel-2.6.32-504.3.3.el6.i686.rpm3f9f15496a493c644a237aecfead65af88254f074738e4f23d6750674d260d3ekernel-firmware-2.6.32-504.3.3.el6.noarch.rpme0b927ec5a0f5d8f25959caa6b28bf3bad28d30d694ef4b1a833f2a54429ee61kernel-debug-2.6.32-504.3.3.el6.i686.rpm69701487e380dab6a47f625be5bf29dd03898d907000b44a5178ffc0e71dde33kernel-doc-2.6.32-504.3.3.el6.noarch.rpm131d9d7e5ce49b84e75091e3472624f2aad83892cc70de9d8572c36454b7ab09perf-2.6.32-504.3.3.el6.i686.rpmb629b2d97c8b772ba8aeb1e81c081f3ccbb632f0c0a767f1b862a5b2db5c2916SLSA-2014:1999-1A flaw was found in the way mailx handled the parsing of email addresses. A syntactically valid email address could allow a local attacker to cause mailx to execute arbitrary shell commands through shell meta-characters and the direct command execution functionality. (CVE-2004-2771, CVE-2014-7844) Note: Applications using mailx to send email to addresses obtained from untrusted sources will still remain vulnerable to other attacks if they accept email addresses which start with "-" (so that they can be confused with mailx options). To counteract this issue, this update also introduces the "--" option, which will treat the remaining command line arguments as email addresses.moderateScientific Linux FermiScientific Linux Fermi 6mailx-12.4-8.el6_6.i686.rpm33c865cff7fe32e3204cc0903a1e7200a602696a71022c5aec7495d47d41d7a2SLSA-2014:2021-1Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) All applications using the JasPer libraries must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6jasper-1.900.1-16.el6_6.2.i686.rpmbef56ab4552e36bb31076cb3ec44c41ea292694a56619bfda445cbce44f9b0c4jasper-devel-1.900.1-16.el6_6.2.i686.rpm40cb7c376f1616e38c083ddd0c51b16f78ca7ea2b1f2036d264b18d64a7d05f1jasper-libs-1.900.1-16.el6_6.2.i686.rpmbf8072102d363d7f123158fd8cf7cfee448a5c3b62ae5498997288b3a6f92b99jasper-utils-1.900.1-16.el6_6.2.i686.rpm307ea34abecea67e624bd329843339a7dccfc32b1baaec8748f5641af89d739fSLSA-2014:2024-1Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non- default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit. (CVE-2014-9295) It was found that ntpd automatically generated weak keys for its internal use if no ntpdc request authentication key was specified in the ntp.conf configuration file. A remote attacker able to match the configured IP restrictions could guess the generated key, and possibly use it to send ntpdc query or configuration requests. (CVE-2014-9293) It was found that ntp-keygen used a weak method for generating MD5 keys. This could possibly allow an attacker to guess generated MD5 keys that could then be used to spoof an NTP client or server. Note: it is recommended to regenerate any MD5 keys that had explicitly been generated with ntp-keygen; the default installation does not contain such keys). (CVE-2014-9294) A missing return statement in the receive() function could potentially allow a remote attacker to bypass NTP's authentication mechanism. (CVE-2014-9296) After installing the update, the ntpd daemon will restart automatically.importantScientific Linux FermiScientific Linux Fermi 6ntp-doc-4.2.6p5-2.el6_6.noarch.rpmd473e04f9c42c6c54063606f93733f1824262176148fbe30cf81f4e192b9d26entp-4.2.6p5-2.el6_6.i686.rpm211cdc9f16781ff55354e7b39efc3bab736102704d439f1a0408a7ee4136af36ntp-perl-4.2.6p5-2.el6_6.i686.rpm1512d056958ebbacade08b4a3c7d46fd8c8cffcafb093d521016c28cf8987402ntpdate-4.2.6p5-2.el6_6.i686.rpmb9dd5d2ad0d0574e5fa0c89a4a8f3066b0cfef5adfd87c510cfbe1e4075a6728SLSA-2015:0016-1An out-of-bounds read flaw was found in the way glibc's iconv() function converted certain encoded data to UTF-8. An attacker able to make an application call the iconv() function with a specially crafted argument could use this flaw to crash that application. (CVE-2014-6040) It was found that the wordexp() function would perform command substitution even when the WRDE_NOCMD flag was specified. An attacker able to provide specially crafted input to an application using the wordexp() function, and not sanitizing the input correctly, could potentially use this flaw to execute arbitrary commands with the credentials of the user running that application. (CVE-2014-7817) This update also fixes the following bugs: * Previously, when an address lookup using the getaddrinfo() function for the AF_UNSPEC value was performed on a defective DNS server, the server in some cases responded with a valid response for the A record, but a referral response for the AAAA record, which resulted in a lookup failure. A prior update was implemented for getaddrinfo() to return the valid response, but it contained a typographical error, due to which the lookup could under some circumstances still fail. This error has been corrected and getaddrinfo() now returns a valid response in the described circumstances. * An error in the dlopen() library function previously caused recursive calls to dlopen() to terminate unexpectedly or to abort with a library assertion. This error has been fixed and recursive calls to dlopen() no longer crash or abort.moderateScientific Linux FermiScientific Linux Fermi 6glibc-utils-2.12-1.149.el6_6.4.i686.rpm49c4b30348be5a736ce979db24f563822e4cb00ad906d120f6f8815dbd12d9b8glibc-devel-2.12-1.149.el6_6.4.i686.rpm3310e6358138ef9a9b23e21752ed0659d47e4af069c318604b090ab6040d4bd8glibc-common-2.12-1.149.el6_6.4.i686.rpmed23513c7024bb2099f227c3d1a6f920e1fb452de002657c79f53505e655934bglibc-2.12-1.149.el6_6.4.i686.rpm7ac6c822ac1c6ad766fb25732e2563393390992ce4f4cb20c08b4e8bf7f1cc92glibc-static-2.12-1.149.el6_6.4.i686.rpm3b12d165ba0a2d810118c2874e6cec10fb34c17b3bff17a2ee71bdae4629dc08nscd-2.12-1.149.el6_6.4.i686.rpmfe9644fe206ea84c374c2ec26f350905df04d9ce6fb69f2729e1ed83fce7d4a4glibc-headers-2.12-1.149.el6_6.4.i686.rpmdb5bad9b879040fa048a3f8e64080d71b30647bbe62eed78f815dbf163cdbf14SLSA-2015:0046-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641) It was found that the Beacon interface implementation in Firefox did not follow the Cross-Origin Resource Sharing (CORS) specification. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638) This update also fixes the following bug: * The default dictionary for Firefox's spell checker is now correctly set to the system's locale language. After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-31.4.0-1.el6_6.i686.rpm051a23ba6d9137cad1fd960bead07b1c66cce082436d41a89a06c01891368cb2SLSA-2015:0047-1Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639) It was found that the Beacon interface implementation in Thunderbird did not follow the Cross-Origin Resource Sharing (CORS) specification. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-31.4.0-1.el6_6.i686.rpmc2070247350f290b8d8632d11bb4fa27c05da8d0f16700893921e204b261b266SLSA-2015:0066-1A NULL pointer dereference flaw was found in the DTLS implementation of OpenSSL. A remote attacker could send a specially crafted DTLS message, which would cause an OpenSSL server to crash. (CVE-2014-3571) A memory leak flaw was found in the way the dtls1_buffer_record() function of OpenSSL parsed certain DTLS messages. A remote attacker could send multiple specially crafted DTLS messages to exhaust all available memory of a DTLS server. (CVE-2015-0206) It was found that OpenSSL's BigNumber Squaring implementation could produce incorrect results under certain special conditions. This flaw could possibly affect certain OpenSSL library functionality, such as RSA blinding. Note that this issue occurred rarely and with a low probability, and there is currently no known way of exploiting it. (CVE-2014-3570) It was discovered that OpenSSL would perform an ECDH key exchange with a non-ephemeral key even when the ephemeral ECDH cipher suite was selected. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method than the one requested by the user. (CVE-2014-3572) It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method. (CVE-2015-0204) Multiple flaws were found in the way OpenSSL parsed X.509 certificates. An attacker could use these flaws to modify an X.509 certificate to produce a certificate with a different fingerprint without invalidating its signature, and possibly bypass fingerprint-based blacklisting in applications. (CVE-2014-8275) It was found that an OpenSSL server would, under certain conditions, accept Diffie-Hellman client certificates without the use of a private key. An attacker could use a user's client certificate to authenticate as that user, without needing the private key. (CVE-2015-0205) For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6openssl-perl-1.0.1e-30.el6_6.5.i686.rpm07d1f3b3ce74ff6096cd43eef149257158787f95a4fd864e0404252d9354dd27openssl-static-1.0.1e-30.el6_6.5.i686.rpm3a40ddac8e203beb02a43b3e33cde988379668179c9836516eb055e0131df9c1openssl-devel-1.0.1e-30.el6_6.5.i686.rpm604112f17978673c96039848991883dfae8f58994f9bb73358c672fd44279252openssl-1.0.1e-30.el6_6.5.i686.rpm5ed11676d6f001e4796976f0d8c7823cdc44519d12e15ae1983d60283b45a4caSLSA-2015:0067-1A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the- middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el6_6.i686.rpm8eb69d15c1082645cc929a1c0158ecc7682ad31698c9f34f912856dbe72eca33java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.el6_6.noarch.rpmd11c9889ac162a717f59e29e0de3570d35f7231d872db7ba80c71f91da154f7cjava-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el6_6.i686.rpm8ace64f26fcf4c5be2e7c37a214f3af58ed39860f14646a962fa1193d3cf38d9java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el6_6.i686.rpmb72c30a26ec3ceb060117d9432dae03652556ece71196e65aa688b7a984c3562java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el6_6.i686.rpm89a4610605428cdb15be5bf8577c835beabd5d61b11fb6ae4c457e0dbc22e920SLSA-2015:0069-1Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. (CVE-2014-6601, CVE-2015-0437) Multiple improper permission check issues were discovered in the JAX-WS, Libraries, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2014-6549, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the- middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.8.0-openjdk-javadoc-1.8.0.31-1.b13.el6_6.noarch.rpmb58ef371e95772727d7ff92ad5432a9a32201d1368b5616b638a7c3aa68bd658java-1.8.0-openjdk-headless-1.8.0.31-1.b13.el6_6.i686.rpm375033710f6d3565010d70573dedd3e78eeb4ea26a80a4093c25a1c05fd9119cjava-1.8.0-openjdk-demo-1.8.0.31-1.b13.el6_6.i686.rpm561f71c19aa8ab882d1c3727dfbe6b0de3d0f62e61f2a6d6d780a0f46dbeb4a2java-1.8.0-openjdk-src-1.8.0.31-1.b13.el6_6.i686.rpmff7d6031389ad9ff5b309f9303a97c321425b6039ed63895fd88761a056f239ajava-1.8.0-openjdk-1.8.0.31-1.b13.el6_6.i686.rpm8fbeaff99e780fd04c1fb3d5901fa09d7ebe89a80292849955730381ba9f9801java-1.8.0-openjdk-devel-1.8.0.31-1.b13.el6_6.i686.rpm0ab379b82fe5d971e0b108bf07d60f9f23864bad088094aa3faedc366579a5f3SLSA-2015:0074-1An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8157) An unrestricted stack memory use flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8158) All applications using the JasPer libraries must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6jasper-devel-1.900.1-16.el6_6.3.i686.rpm6533deb5149a074ccd853f21c5191bce7abe63fca1436c4437be2c7c4c5198e9jasper-libs-1.900.1-16.el6_6.3.i686.rpma627742200d52b7ccc1afe653f6a48a4d6460f1f0f8d07a4f70a598db935ac3ajasper-1.900.1-16.el6_6.3.i686.rpm492905c878b043f6213c12b50164e4a2ce2be8847bf1ee28b3f39c5fdaf74bb2jasper-utils-1.900.1-16.el6_6.3.i686.rpm2011df24fa74eadbf74432e148b6ad2d7a6f0010e7b0bd65caf1198a1276e25cSLSA-2015:0085-1A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the- middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-1.6.0.34-1.13.6.1.el6_6.i686.rpm5956a2ebb8a26e0eb3e716f213029dce1633538db70151943b5db1b42134d995java-1.6.0-openjdk-demo-1.6.0.34-1.13.6.1.el6_6.i686.rpmcba517c086952308e3301acb6aff07f84363bca609a30c01d3caa76148b2eb8bjava-1.6.0-openjdk-devel-1.6.0.34-1.13.6.1.el6_6.i686.rpm34e12cf9b8b56d0d04be30984b9cd0f6eabf7b23f04f1014bc24fd11c01caf43java-1.6.0-openjdk-src-1.6.0.34-1.13.6.1.el6_6.i686.rpm7a1a5335dae112adac53243e1af64a29aec6bdd3e97a5fb445f7ddc97263e049java-1.6.0-openjdk-javadoc-1.6.0.34-1.13.6.1.el6_6.i686.rpmbaca56c98a3f3e80463fa547303f243b5e7554d52ef1514ee68827119250f09aSLSA-2015:0087-1* A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change (ASCONF). A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system. (CVE-2014-7841, Important) * An integer overflow flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system. (CVE-2014-4656, Moderate) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-2.6.32-504.8.1.el6.i686.rpmd5bf4edd331bd2c66930d5e4d3e21313bac6d2ede8cb7fbbf99648bc69980ca2kernel-abi-whitelists-2.6.32-504.8.1.el6.noarch.rpm2987cfe7cb1f97c53c19d829597a9fb02a7b6227567ff5e021383892e98b80b9perf-2.6.32-504.8.1.el6.i686.rpmf4523850bdcabad6c2d0a6f7ede09308e8928a9fbd4be0193a1bbb3a87a3d25ckernel-firmware-2.6.32-504.8.1.el6.noarch.rpma10859de762ed5edd3e1b70e6a9341ada5f764b225b1742d48a3d5a3796aeb6fkernel-debug-2.6.32-504.8.1.el6.i686.rpma84707373bce540d90c01f15ebfcc67eac7ac85474ac3f0242a1a8eb60f54c77kernel-headers-2.6.32-504.8.1.el6.i686.rpm68aed205d1b417157b7edb6a96522b9bb9b3eec186b2fb9e4ea21e2ff168c6ddkernel-debug-devel-2.6.32-504.8.1.el6.i686.rpm3c6cd9d1b7d3552b0838ac0c928ba272b0d5cd0ec21b5ba6cfba66433370f387kernel-doc-2.6.32-504.8.1.el6.noarch.rpm3173d1b57a7beaac602e358933d8a47545194c1e330c67a15b8679f6836452f7kernel-devel-2.6.32-504.8.1.el6.i686.rpm009216bf163fab69f25a4928d337e3969f9e43bf16042141a0e4b03a31db474apython-perf-2.6.32-504.8.1.el6.i686.rpmf3423e08481f5103b272562ee66e3a9f38e46c43c17b84ae0438ffeafb4257e7SLSA-2015:0092-1A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application. (CVE-2015-0235)criticalScientific Linux FermiScientific Linux Fermi 6glibc-2.12-1.149.el6_6.5.i686.rpm6d1b0adf445a9b59a0cba270c7ea45f0fcd75f964ef53f5df0a920af27b4eb39glibc-utils-2.12-1.149.el6_6.5.i686.rpm79825ab6738f77383331475cbfa45e378b73e86657f58d7cf9573ed9f4cae954glibc-devel-2.12-1.149.el6_6.5.i686.rpmc64028def3e2bcd74c30c1ac3262d9181b02a3258206cb98445ea04d1cba1676glibc-common-2.12-1.149.el6_6.5.i686.rpmf942ee7a0556b26e9a1978600a38a210c3335a855688d0cd2a21965024cb6fbaglibc-static-2.12-1.149.el6_6.5.i686.rpm0c60c4e93efc1644698bc2a915f4bec11c2151ab0b0040e1585f4e56ad04df21nscd-2.12-1.149.el6_6.5.i686.rpm1e12c77ee4bab83038e84673fd4bbc800512fea24010d29c81a5939a46483886glibc-headers-2.12-1.149.el6_6.5.i686.rpmba6c46170644b35b89afc39defba1a90ae4a0b0e4abaf094baaf6bb919bf3f48SLSA-2015:0100-1An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. (CVE-2014-9130) All running applications linked against the libyaml library must be restarted for this update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6libyaml-0.1.3-4.el6_6.i686.rpm72537ca04002ff4c1c23c624fb9d5da3070129e2db0976660ed2f4ef04261f8blibyaml-devel-0.1.3-4.el6_6.i686.rpmb942ef400ca4636a8017b78af2bbd81b61c54215965624458addf80c42830c71SLSA-2015:0165-1A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled REPORT requests. A remote, unauthenticated attacker could use a specially crafted REPORT request to crash mod_dav_svn. (CVE-2014-3580) It was discovered that Subversion clients retrieved cached authentication credentials using the MD5 hash of the server realm string without also checking the server's URL. A malicious server able to provide a realm that triggers an MD5 collision could possibly use this flaw to obtain the credentials for a different realm. (CVE-2014-3528) After installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol.moderateScientific Linux FermiScientific Linux Fermi 6subversion-kde-1.6.11-12.el6_6.i686.rpmfaca374c8f263afeefcb29e6945680531b357f303b501b7c001a987ecc50e67csubversion-gnome-1.6.11-12.el6_6.i686.rpmcb318d439eeef86b36600bd28d606476eac1e7f8c4acb6aa803f201c1c2c5528subversion-1.6.11-12.el6_6.i686.rpm5a403186543a6e2d4f1512842a78c8534505a6de2d220c8b4cce5af48c4a3cccsubversion-svn2cl-1.6.11-12.el6_6.noarch.rpm6af0fd0681882004fc8073da02948675fc777880dfbb6cbef93aac8d7acbd04emod_dav_svn-1.6.11-12.el6_6.i686.rpm6774de4433103b84a699267ba872073f2aab3b22e8e5932deadbdcc079736e5csubversion-javahl-1.6.11-12.el6_6.i686.rpmd98dfd58ef8f5729f137d913442af7c916f3a01a9746c01ffe6d871a4bf8012dsubversion-devel-1.6.11-12.el6_6.i686.rpm3056c79d283ada43a91ca238e7133a7b1dfe6b0afa72844011bc40a2aafe35a7subversion-ruby-1.6.11-12.el6_6.i686.rpmcef4634db96fd16ef522c9248fb227d8d0c3666b7ae72dc07c7eb9fb0fef7031subversion-perl-1.6.11-12.el6_6.i686.rpm66c356774dd18aec7d280f2ef3d7b8cb2fc98b4748106b9c6f8b41f6d6a39bf5SLSA-2015:0250-1An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). (CVE-2015-0240) After installing this update, the smb service will be restarted automatically.criticalScientific Linux FermiScientific Linux Fermi 6samba4-test-4.0.0-66.el6_6.rc4.i686.rpmeb6af01365a4d0af006c30efcc5f7ce05bd2b0ca0d17cd453edd50bd0f593fc2samba4-devel-4.0.0-66.el6_6.rc4.i686.rpm7657e7e8ee331ef35db6dfbb7294c370669995979b74a4bbb595279d691abf21samba4-libs-4.0.0-66.el6_6.rc4.i686.rpm2a5f79b71b68761d8ef3f95e171fec8ab37d4e06ccf91f80ca349afb6ef63575samba4-winbind-krb5-locator-4.0.0-66.el6_6.rc4.i686.rpmc4e82182b353d4caa9885ebba9e35985ed827bfe02cda3d44937441e4b2edfddsamba4-swat-4.0.0-66.el6_6.rc4.i686.rpmc8e47886f2da7f18359f51298f96ffa5b52d997c272d0544b249da19c3b54c45samba4-dc-libs-4.0.0-66.el6_6.rc4.i686.rpm05c450ec820a3878996070134872216c33dd9a47b23c31734d2ff0562a7de2edsamba4-dc-4.0.0-66.el6_6.rc4.i686.rpm41db3045d2033b2fdf0326cab008d1e9f4762245f326f394cc9cd04fe71992b9samba4-common-4.0.0-66.el6_6.rc4.i686.rpma1ea565616b4540e8eba17f0724f838bd82cff07f6a113ef2b01e52f45e54ebesamba4-winbind-clients-4.0.0-66.el6_6.rc4.i686.rpm27c6c318b9fc53c9b20797e378a0df89d53bd185debe13142a630439e6f34861samba4-4.0.0-66.el6_6.rc4.i686.rpm169bcc71faf392edd41acb01014ee90f66beeeb5fc6bc36ba8e2832088370007samba4-winbind-4.0.0-66.el6_6.rc4.i686.rpmc75614c54a39cc6be83a3e152425b22e9e34fa4ed6f84f60bf7751754db305c7samba4-pidl-4.0.0-66.el6_6.rc4.i686.rpm0f38a12548e551185491af658b766d482ba60cb5f7419b22ada077e5ab635136samba4-python-4.0.0-66.el6_6.rc4.i686.rpmd2e78a4ab4ac6570f3798878fa5d71c73404ba7c87fd964d7aaf61872971e298samba4-client-4.0.0-66.el6_6.rc4.i686.rpme4dae450246c67089bd1a596ce1d91074d87b142c4e8f0741505bace9667a102SLSA-2015:0251-1An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). (CVE-2015-0240) After installing this update, the smb service will be restarted automatically.criticalScientific Linux FermiScientific Linux Fermi 6samba-domainjoin-gui-3.6.23-14.el6_6.i686.rpm927115dbbc02fa3f1490de3cc3dae85d5e99412a943a4d0cf2a30fb8bbe82f3esamba-winbind-devel-3.6.23-14.el6_6.i686.rpm497d1b1f83e7ef1788d8e93117732f7e40ade6547ade384b1e70a78d1eb47ee0samba-client-3.6.23-14.el6_6.i686.rpmd735803addbd04b20e88f68f331b7203189309d6f9e4dbc38b83302c1a52dcddsamba-common-3.6.23-14.el6_6.i686.rpmbb8a332ca31bdfb263966b1a7f0ed11b08c444775eba410263d805dccf051b99samba-swat-3.6.23-14.el6_6.i686.rpm625280186e5b1996ea7492cb72b4bbc931aac2262e3ac2c8caaa386082ba983esamba-winbind-clients-3.6.23-14.el6_6.i686.rpma50dff2b7b430513cb20160f8104cf79c6697cc3b73314e913728937a9104e68libsmbclient-devel-3.6.23-14.el6_6.i686.rpmba7a2f58e304688eb6fea51c6f35fdd5015e191d7f834c050356951adabb36d4samba-doc-3.6.23-14.el6_6.i686.rpm2a77f9b11fc5e6127bbd7906b1e5ac0ac4ceb75d5624be56b5f5b693aebddd8esamba-winbind-krb5-locator-3.6.23-14.el6_6.i686.rpmbdb978d208283bfd3cbe88bfec99ad5d88da1d30d62e54178fc7418ac29d059dlibsmbclient-3.6.23-14.el6_6.i686.rpm7da8fe0bd9c789c3e3bd31fdb1ce5d448e5fa6020d6795ad062d557e972ce83esamba-3.6.23-14.el6_6.i686.rpmd88695e5dc9a3ce527b2852e8fff6663bf5782e5b96d41051a250833cf9dda69samba-winbind-3.6.23-14.el6_6.i686.rpmdb3128d260cd8bbe225d7ceae15e92ac6a352d8e1231db401deba3105d10236dSLSA-2015:0265-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-0836, CVE-2015-0831, CVE-2015-0827) An information leak flaw was found in the way Firefox implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file. (CVE-2015-0822) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-31.5.0-1.el6_6.i686.rpmc642feb8c3a24bdb363c8fb6480f1cc895d91129ac81b1d5e74f4ce88d8a3e8bSLSA-2015:0266-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-0836, CVE-2015-0831, CVE-2015-0827) An information leak flaw was found in the way Thunderbird implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file. (CVE-2015-0822) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-31.5.0-1.el6_6.i686.rpm3c8d94a945c46df8b7afbedd2a51911e43db41541451873121fbec8f6b737dadSLSA-2015:0628-1An information disclosure flaw was found in the way the 389 Directory Server stored information in the Changelog that is exposed via the 'cn=changelog' LDAP sub-tree. An unauthenticated user could in certain cases use this flaw to read data from the Changelog, which could include sensitive information such as plain-text passwords. (CVE-2014-8105) This update also fixes the following bugs: * In multi-master replication (MMR), deleting a single-valued attribute of a Directory Server (DS) entry was previously in some cases not correctly replicated. Consequently, the entry state in the replica systems did not reflect the intended changes. This bug has been fixed and the removal of a single-valued attribute is now properly replicated. * Prior to this update, the Directory Server (DS) always checked the ACI syntax. As a consequence, removing an ACI failed with a syntax error. With this update, the ACI check is stopped when the ACI is going to be removed, and the removal thus works as expected. In addition, this update adds the following enhancement: * The buffer size limit for the 389-ds-base application has been increased to 2MB in order to match the buffer size limit of Simple Authentication and Security Layer (SASL) and Basic Encoding Rules (BER). After installing this update, the 389 server service will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6389-ds-base-devel-1.2.11.15-50.el6_6.i686.rpma02d0d369d3d9610c55c50989377fad50ba36edfbf8423d3c814e30b7ad91224389-ds-base-libs-1.2.11.15-50.el6_6.i686.rpm71569a0bb2394a7e6fc98559cfd174cfd3d6e40de9c4891c35a601f2035d7af0389-ds-base-1.2.11.15-50.el6_6.i686.rpm226c6dc4721bc5e1daa65cc7631bbf68d7df4cec36063048fa9bdb56abc54799SLSA-2015:0672-1A flaw was found in the way BIND handled trust anchor management. A remote attacker could use this flaw to cause the BIND daemon (named) to crash under certain conditions. (CVE-2015-1349) After installing the update, the BIND daemon (named) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6bind-utils-9.8.2-0.30.rc1.el6_6.2.i686.rpm8f909fa9a95cd53a217652f120c2918292b5aee60b19144738298e535f11e539bind-9.8.2-0.30.rc1.el6_6.2.i686.rpm147d4dd9157e1ed4c25a39b55a8aa09c0705c2b68bc096aa0020e2715eb4fbc1bind-devel-9.8.2-0.30.rc1.el6_6.2.i686.rpmafcf3be1677e45c9e73f7ef6db6f1177d79d8a2ceb7ce73b8131c452612e0020bind-libs-9.8.2-0.30.rc1.el6_6.2.i686.rpm9ab75081e495c88805dcffb8aaa9e8d610dc3ad02e4c0d179ce833d83b9faedfbind-sdb-9.8.2-0.30.rc1.el6_6.2.i686.rpm868dd7e9ecfbca36f8a790fc833f1dd531bcf377fb4d6ed6fb73bd3eaaffc5efbind-chroot-9.8.2-0.30.rc1.el6_6.2.i686.rpm93d218d518008b85197f3faf85b5b4d68e6a5120a999b3623c2995581d73b887SLSA-2015:0674-1* It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate) * A flaw was found in the way the Linux kernel's netfilter subsystem handled generic protocol tracking. As demonstrated in the Stream Control Transmission Protocol (SCTP) case, a remote attacker could use this flaw to bypass intended iptables rule restrictions when the associated connection tracking module was not loaded on the system. (CVE-2014-8160, Moderate) * It was found that the fix for CVE-2014-3601 was incomplete: the Linux kernel's kvm_iommu_map_pages() function still handled IOMMU mapping failures incorrectly. A privileged user in a guest with an assigned host device could use this flaw to crash the host. (CVE-2014-8369, Moderate) Bug fixes: * The maximum amount of entries in the IPv6 route table (net.ipv6.route.max_size) was 4096, and every route towards this maximum size limit was counted. Communication to more systems was impossible when the limit was exceeded. Now, only cached routes are counted, which guarantees that the kernel does not run out of memory, but the user can now install as many routes as the memory allows until the kernel indicates it can no longer handle the amount of memory and returns an error message. In addition, the default "net.ipv6.route.max_size" value has been increased to 16384 for performance improvement reasons. * When the user attempted to scan for an FCOE-served Logical Unit Number (LUN), after an initial LUN scan, a kernel panic occurred in bnx2fc_init_task. System scanning for LUNs is now stable after LUNs have been added. * Under certain conditions, such as when attempting to scan the network for LUNs, a race condition in the bnx2fc driver could trigger a kernel panic in bnx2fc_init_task. A patch fixing a locking issue that caused the race condition has been applied, and scanning the network for LUNs no longer leads to a kernel panic. * Previously, it was not possible to boot the kernel on Xen hypervisor in PVHVM mode if more than 32 vCPUs were specified in the guest configuration. Support for more than 32 vCPUs has been added, and the kernel now boots successfully in the described situation. * When the NVMe driver allocated a namespace queue, it indicated that it was a request-based driver when it was actually a block I/O-based driver. Consequently, when NVMe driver was loaded along with a request-based dm device, the system could terminate unexpectedly or become unresponsive when attempting to access data. The NVMe driver no longer sets the QUEUE_FLAG_STACKABLE bit when allocating a namespace queue and device- mapper no longer perceives NVMe driver as request-based; system hangs or crashes no longer occur. * If a user attempted to apply an NVRAM firmware update when running the tg3 module provided with Scientific Linux 6.6 kernels, the update could fail. As a consequence, the Network Interface Card (NIC) could stay in an unusable state and this could prevent the entire system from booting. The tg3 module has been updated to correctly apply firmware updates. * Support for key sizes of 256 and 192 bits has been added to AES-NI.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-2.6.32-504.12.2.el6.i686.rpmdf6fbe2bbb5e9979ba97e0eb768ef6f02d45d6fee7f95f1aa6768d256d254a26kernel-devel-2.6.32-504.12.2.el6.i686.rpmf25f2f29a94f1ed04ab734a6c07442f552d32077fc9dd6f13d9f0c867aead38akernel-doc-2.6.32-504.12.2.el6.noarch.rpm89e9201d9fd563745d5a1c2c6a595ad3f71864e5e14ae3522e3128e18a047b3ekernel-headers-2.6.32-504.12.2.el6.i686.rpma7b79b38811ead12547911a393db81f371ac1f3abca07cd8ea05f40f290fda0fperf-2.6.32-504.12.2.el6.i686.rpmdfcbd3a73671dbeab17e468bc0b7bc2510e66d5dc542a37d1d831ee13b94aa8ekernel-debug-devel-2.6.32-504.12.2.el6.i686.rpm1072fa3f70b8b93dacaf9d65ed429f75eaad524201b12183b13523425c6d7855kernel-2.6.32-504.12.2.el6.i686.rpm48a1acf7fb3966f3ee76c078daf61d4425f1180ebcd1e27a6c7ec31cf55538eekernel-firmware-2.6.32-504.12.2.el6.noarch.rpm10a3d7e9226681c69acd84a19babb27a158ac2004669d1718640feed3ea99833python-perf-2.6.32-504.12.2.el6.i686.rpmf371c0bf525ac50661b8a286e8ba78f48f4c7e0200379155b9399051968c81dekernel-abi-whitelists-2.6.32-504.12.2.el6.noarch.rpm13dcc472e5b7b6751560aa63a281bd90112003c7f25080c8b10fb79ea04b2726SLSA-2015:0696-1Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handled Mac fonts. If a specially crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2014-9673, CVE-2014-9674) Multiple flaws were found in the way FreeType handled fonts in various formats. If a specially crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, possibly, disclose a portion of the application memory. (CVE-2014-9657, CVE-2014-9658, CVE-2014-9660, CVE-2014-9661, CVE-2014-9663, CVE-2014-9664, CVE-2014-9667, CVE-2014-9669, CVE-2014-9670, CVE-2014-9671, CVE-2014-9675) The X server must be restarted (log out, then log back in) for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6freetype-demos-2.3.11-15.el6_6.1.i686.rpme96fc3c37e45a167cfc68bc55e199a2dae1623d3936556d66fa545fed70bd2b7freetype-devel-2.3.11-15.el6_6.1.i686.rpme026cb152e3a75d6a93d7a353b22a2b28fdb4d80cd9d838f7b6922b9db2d0cdffreetype-2.3.11-15.el6_6.1.i686.rpmb893a95345276be00c550496f4dc4f31da8a771f183cef822685961e07b3bc7aSLSA-2015:0700-1A buffer overflow was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash or, possibly, execute arbitrary code when the archive was tested with unzip's '-t' option. (CVE-2014-9636) A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. (CVE-2014-8139) An integer underflow flaw, leading to a buffer overflow, was found in the way unzip uncompressed certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option. (CVE-2014-8140) A buffer overflow flaw was found in the way unzip handled Zip64 files. A specially crafted Zip archive could possibly cause unzip to crash when the archive was uncompressed. (CVE-2014-8141)moderateScientific Linux FermiScientific Linux Fermi 6unzip-6.0-2.el6_6.i686.rpm1244c8254aba5fb49f6f70228cae65bfedd540c2143fd004dee74af03207d7fcSLSA-2015:0715-1An invalid pointer use flaw was found in OpenSSL's ASN1_TYPE_cmp() function. A remote attacker could crash a TLS/SSL client or server using OpenSSL via a specially crafted X.509 certificate when the attacker- supplied certificate was verified by the application. (CVE-2015-0286) An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292) A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293) A use-after-free flaw was found in the way OpenSSL imported malformed Elliptic Curve private keys. A specially crafted key file could cause an application using OpenSSL to crash when imported. (CVE-2015-0209) An out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287) A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288) A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitruetrueScientific Linux Fermi 6openssl-1.0.1e-30.el6_6.7.i686.rpm174e78a35300f1d74673217d23472155a29234b8d54c8e5cf4714a3a9582304bopenssl-static-1.0.1e-30.el6_6.7.i686.rpm5d6771cc56d799d6dec346264ff5314482da8411d1f650f15c83cafc8198f8e8openssl-devel-1.0.1e-30.el6_6.7.i686.rpmdea50e15ab277617b76bb0c3ef94ff296617cb1f4cfb9f9d984d0c0401d8f389openssl-perl-1.0.1e-30.el6_6.7.i686.rpm63aa0ebf13024996760754566c0ffcfde27080fd1a01006970e44e83f3a2f358SLSA-2015:0718-1Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-0817, CVE-2015-0818) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-31.5.3-1.el6_6.i686.rpm0e51f7666bc088529dd9140873ff942f19b6ae97ac267b7996c84ecb53ba59dcSLSA-2015:0729-1It was found that setroubleshoot did not sanitize file names supplied in a shell command look-up for RPMs associated with access violation reports. An attacker could use this flaw to escalate their privileges on the system by supplying a specially crafted file to the underlying shell command. (CVE-2015-1815)importantScientific Linux FermiScientific Linux Fermi 6setroubleshoot-3.0.47-6.el6_6.1.i686.rpm263026b97fd4ce3b0031b17b4becfcef43d2902229b17774f437298f9f8d6d54setroubleshoot-server-3.0.47-6.el6_6.1.i686.rpm206e7a571d3418634c030047390bfd0e832fa5abfa63353b99582c101c7d6c1dsetroubleshoot-doc-3.0.47-6.el6_6.1.i686.rpm2f95c801ab3112004acb1a157372a7da070da53cadb5465b4e5d27ec5756d2f8SLSA-2015:0750-1An information leak flaw was found in the way the PostgreSQL database server handled certain error messages. An authenticated database user could possibly obtain the results of a query they did not have privileges to execute by observing the constraint violation error messages produced when the query was executed. (CVE-2014-8161) A buffer overflow flaw was found in the way PostgreSQL handled certain numeric formatting. An authenticated database user could use a specially crafted timestamp formatting template to cause PostgreSQL to crash or, under certain conditions, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2015-0241) A stack-buffer overflow flaw was found in PostgreSQL's pgcrypto module. An authenticated database user could use this flaw to cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. (CVE-2015-0243) A flaw was found in the way PostgreSQL handled certain errors that were generated during protocol synchronization. An authenticated database user could use this flaw to inject queries into an existing connection. (CVE-2015-0244) If the postgresql service is running, it will be automatically restarted after installing this update.moderateScientific Linux FermiScientific Linux Fermi 6postgresql-devel-8.4.20-2.el6_6.i686.rpm2ddf76a70f02829d66ac6c20ccb6f5cc467eb6ffa444072ee49b82f708a96c6apostgresql-contrib-8.4.20-2.el6_6.i686.rpme998a4f61d9deb0b2f3cc8461554bdc59fa79d50edbca7d0af2c88d7eb0ac8dfpostgresql-pltcl-8.4.20-2.el6_6.i686.rpmfcfbf3e94e7faf18762760cd88f5acca8395f90726e1e4bf82738bab161abc37postgresql-plperl-8.4.20-2.el6_6.i686.rpmf140a1842418aca8ba5b8bce842718f6d59b7f2ee90d61b4f0803092b8595fc0postgresql-8.4.20-2.el6_6.i686.rpm1ea8d37eb091382d79399c29475d7fad22b34de3825eeae3688fbc896c324388postgresql-plpython-8.4.20-2.el6_6.i686.rpmb69e0ea97572fcc51939d7e211a235aecde79c1aa2d318bdf7b5da004231620epostgresql-server-8.4.20-2.el6_6.i686.rpm39b26da50df48cc3afcd7d068f0d8c2a09174cf723cd56b7c26b9a93f964e93epostgresql-docs-8.4.20-2.el6_6.i686.rpm0f5fc3979a3fc30f5e321d4ed4c67b966dae69e2c632438b54f8823793b47a36postgresql-libs-8.4.20-2.el6_6.i686.rpmcc98bba5613abc50112ae60720a308f5446995d30e904635fdfb4438dca5eb41postgresql-test-8.4.20-2.el6_6.i686.rpmef723be59b66f431496aec0c211aeff626443d473daa07a26f74d258e5c3feb6SLSA-2015:0766-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-0813, CVE-2015-0815, CVE-2015-0801) A flaw was found in the way documents were loaded via resource URLs in, for example, Mozilla's PDF.js PDF file viewer. An attacker could use this flaw to bypass certain restrictions and under certain conditions even execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-0816) A flaw was found in the Beacon interface implementation in Firefox. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (CSRF) attack. (CVE-2015-0807) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-31.6.0-2.el6_6.i686.rpm8f7ce53f20c60bb899177d3e4eae092d6ac61cb5678ed4c4a949a249ce6fc4cfSLSA-2015:0767-1A buffer overflow flaw was found in the way flac decoded FLAC audio files. An attacker could create a specially crafted FLAC audio file that could cause an application using the flac library to crash or execute arbitrary code when the file was read. (CVE-2014-9028) A buffer over-read flaw was found in the way flac processed certain ID3v2 metadata. An attacker could create a specially crafted FLAC audio file that could cause an application using the flac library to crash when the file was read. (CVE-2014-8962) After installing the update, all applications linked against the flac library must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6flac-1.2.1-7.el6_6.i686.rpmd58b1290db42d8ec9e236f5f5f2973b1e33b8183895dc9272c31d042cb07cc05flac-devel-1.2.1-7.el6_6.i686.rpmaabda9cad5e4b4e93e7456dda1a8d605b618c47372404e9c7b5965b780a9ae31SLSA-2015:0771-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-0813, CVE-2015-0815, CVE-2015-0801) A flaw was found in the way documents were loaded via resource URLs. An attacker could use this flaw to bypass certain restrictions and under certain conditions even execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-0816) A flaw was found in the Beacon interface implementation in Thunderbird. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (CSRF) attack. (CVE-2015-0807) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-31.6.0-1.el6_6.i686.rpma1bac62936369e89a2dce0b1c80a3d04c5c91fa3137c2b8a3a375c7464462ef6SLSA-2015:0794-1The following security issues are fixed with this release: A use-after-free flaw was found in the way the MIT Kerberos libgssapi_krb5 library processed valid context deletion tokens. An attacker able to make an application using the GSS-API library (libgssapi) could call the gss_process_context_token() function and use this flaw to crash that application. (CVE-2014-5352) If kadmind were used with an LDAP back end for the KDC database, a remote, authenticated attacker who has the permissions to set the password policy could crash kadmind by attempting to use a named ticket policy object as a password policy for a principal. (CVE-2014-5353) It was found that the krb5_read_message() function of MIT Kerberos did not correctly sanitize input, and could create invalid krb5_data objects. A remote, unauthenticated attacker could use this flaw to crash a Kerberos child process via a specially crafted request. (CVE-2014-5355) A double-free flaw was found in the way MIT Kerberos handled invalid External Data Representation (XDR) data. An authenticated user could use this flaw to crash the MIT Kerberos administration server (kadmind), or other applications using Kerberos libraries, via specially crafted XDR packets. (CVE-2014-9421) It was found that the MIT Kerberos administration server (kadmind) incorrectly accepted certain authentication requests for two-component server principal names. A remote attacker able to acquire a key with a particularly named principal (such as "kad/x") could use this flaw to impersonate any user to kadmind, and perform administrative actions as that user. (CVE-2014-9422)moderateScientific Linux FermiScientific Linux Fermi 6krb5-devel-1.10.3-37.el6_6.i686.rpm47141ffb54261754db57236e00bcdae6d85efd4df74edc1b3d13f1235a2bf78akrb5-server-1.10.3-37.el6_6.i686.rpm2b5176f10d9915cf5d5c30bc0a1644c51b162ec35fbab34321d4597703ac1fabkrb5-libs-1.10.3-37.el6_6.i686.rpmc0248cdd5fe73a36aead69a05c21db9811897d2d42fc2ace0dc8dbe72036489ekrb5-server-ldap-1.10.3-37.el6_6.i686.rpm4985653f38c04915d4b4ff87d3b62da3c3158d40b3bce702448d7082d92c1313krb5-workstation-1.10.3-37.el6_6.i686.rpma42ff88f1422bd423a009e379da87a5a443a00e61f4ce6f666910ddacc6e1dd4krb5-pkinit-openssl-1.10.3-37.el6_6.i686.rpmcd30789fec49b268d860ff531fe0c77fa31896c8688b14d9d88af01c3564829cSLSA-2015:0797-1A buffer over-read flaw was found in the way the X.Org server handled XkbGetGeometry requests. A malicious, authorized client could use this flaw to disclose portions of the X.Org server memory, or cause the X.Org server to crash using a specially crafted XkbGetGeometry request. (CVE-2015-0255)moderateScientific Linux FermiScientific Linux Fermi 6xorg-x11-server-source-1.15.0-26.sl6.noarch.rpm13bedaa35b471610cc3d2d7435e873007c6774aa07e1aaf278327078f4078b99xorg-x11-server-Xorg-1.15.0-26.sl6.i686.rpm4a1e5eca5ac4fd2b514b5e6e0c72e0cb755e2d076a09b8132c4c22ee3abc7b4axorg-x11-server-Xdmx-1.15.0-26.sl6.i686.rpm99d61d59dd0b7f29396ddd77b4652e61fe9ae0f9fb815c64413b3ce86428c38cxorg-x11-server-devel-1.15.0-26.sl6.i686.rpm650f9da0e9239255bfec2253e5175250cf139547ec688f9ee977dc9bb8f608fexorg-x11-server-Xnest-1.15.0-26.sl6.i686.rpm1476d61938a0d64583d99942a4dcd41f7f738959693cbd317739e843097edc84xorg-x11-server-Xephyr-1.15.0-26.sl6.i686.rpm59a18f1138fdb1a5fe24c7dd83593cb89c0696619dc0dbd14a1ca51fb2f90b6cxorg-x11-server-common-1.15.0-26.sl6.i686.rpm3f857ace29f51ef45f4b4590668406c162066fb96790881252aeb2dc05991712xorg-x11-server-Xvfb-1.15.0-26.sl6.i686.rpm598777e5f9a0d99469a0f1519f4b4e507914ea5aae199f21e12bb7e0f85f7826SLSA-2015:0806-1An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.79-2.5.5.1.el6_6.i686.rpm36752ac2f01b11bce42066958250627ff7ca18a4bd25d8fb1390deb603d7179fjava-1.7.0-openjdk-javadoc-1.7.0.79-2.5.5.1.el6_6.noarch.rpm25ee63c46246a392493117a627fc57c0b2df61af818e0bad80187e2c8e3c9b7fjava-1.7.0-openjdk-demo-1.7.0.79-2.5.5.1.el6_6.i686.rpmd56a4aec1aa2c8185d5a0668f3a4a5a495bcfe37d9bce6d9c866188b567fc9f4java-1.7.0-openjdk-1.7.0.79-2.5.5.1.el6_6.i686.rpmaa69d54bfcf3d5d942a227eade9d9ce7cc92beddc8e1d6d61dce7557940d97ddjava-1.7.0-openjdk-src-1.7.0.79-2.5.5.1.el6_6.i686.rpm56429d5dded62013c17d7667558322adf8e11c1ca8d35952e73c2be3d9ebb6d1SLSA-2015:0808-1An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-src-1.6.0.35-1.13.7.1.el6_6.i686.rpm387c14d6d821889942d78a79a361e9ecb615b454d1ca987740eaaedeff21a244java-1.6.0-openjdk-javadoc-1.6.0.35-1.13.7.1.el6_6.i686.rpm080fc4b593cb66b0e996adb8b7f7667950b81a6f8a1d8fc81dee732dbb83b841java-1.6.0-openjdk-1.6.0.35-1.13.7.1.el6_6.i686.rpmd0c7ca23be19c54b5593817380c5c0ddb3b9727f35bc5a14da5febf55b775bd6java-1.6.0-openjdk-demo-1.6.0.35-1.13.7.1.el6_6.i686.rpm57f71a30de1dfc1eb94af74204632dcbc9e2a87d84ad5c95431fd80525773ce5java-1.6.0-openjdk-devel-1.6.0.35-1.13.7.1.el6_6.i686.rpm6192c4e8eed7805404a9d97bf6a7f5fd5866c7a42382635c6d5e10e2a1c8c35dSLSA-2015:0809-1An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) Multiple flaws were discovered in the Beans and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-0477, CVE-2015-0470) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.8.0-openjdk-javadoc-1.8.0.45-28.b13.el6_6.noarch.rpm53a7abd3e334f6c37dfb68a5c8b8c1dab1d268b7e964e29097af02d876db6ee9java-1.8.0-openjdk-devel-1.8.0.45-28.b13.el6_6.i686.rpm28395ebf3b89be57591c5b851546ba64da121d81cbe2e5e4a6a22f369f8f0379java-1.8.0-openjdk-demo-1.8.0.45-28.b13.el6_6.i686.rpm9a5364d04bcc8c98dd4475d092150b2ac851522fd6d9126bad4616fe8151f9f5java-1.8.0-openjdk-1.8.0.45-28.b13.el6_6.i686.rpma2b0655f5fa918fa8bdecbe98de9fad22487f43f9f111e52a37d5bf4a7ddbe50java-1.8.0-openjdk-headless-1.8.0.45-28.b13.el6_6.i686.rpm2651086a3898f0d1f0ef9e78fddb842fb347e71af3e772b588721c74603c87d0java-1.8.0-openjdk-src-1.8.0.45-28.b13.el6_6.i686.rpmd8ffc76cf7a2addf8b7e87737d3b8f91252a82822c5eb67f6901283d110d685cSLSA-2015:0863-1A buffer overflow flaw was found in the way glibc's gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application. (CVE-2015-1781) It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data. (CVE-2013-7423) This update also fixes the following bug: * Previously, the nscd daemon did not properly reload modified data when the user edited monitored nscd configuration files. As a consequence, nscd returned stale data to system processes. This update adds a system of inotify-based monitoring and stat-based backup monitoring for nscd configuration files. As a result, nscd now detects changes to its configuration files and reloads the data properly, which prevents it from returning stale data.moderateScientific Linux FermiScientific Linux Fermi 6glibc-2.12-1.149.el6_6.7.i686.rpm0140d4a427ef1081ac9ab91a612843dca742dc5802d86f108ef69b8ed10630f3glibc-utils-2.12-1.149.el6_6.7.i686.rpma99ae51e9eca3c8afe08caef22bae83c58302e9fd98da8e58debcd075b1c0e12glibc-static-2.12-1.149.el6_6.7.i686.rpm8007e1bcd5d58119bae994203046ecacc51c7b092aa7814b323c0e57950530canscd-2.12-1.149.el6_6.7.i686.rpm2965d2d5a17507a47e83f488cebafe9ed491f6d8a90d14fe3f3bc386445da5a0glibc-headers-2.12-1.149.el6_6.7.i686.rpm411a49db39fc4159c9b003ceff85c87be733685c96371904d28f0c5c3a40c405glibc-devel-2.12-1.149.el6_6.7.i686.rpme94b5c3e4461499b2fa595f89a9db0ea82382fae878e25b454a7de33b87524dcglibc-common-2.12-1.149.el6_6.7.i686.rpm8ca69ab0f8e53f02d4fe46f8d788d7d5834b493fe5a40336f78e5f1e7d629271SLSA-2015:0864-1* A flaw was found in the way seunshare, a utility for running executables under a different security context, used the capng_lock functionality of the libcap-ng library. The subsequent invocation of suid root binaries that relied on the fact that the setuid() system call, among others, also sets the saved set-user-ID when dropping the binaries' process privileges, could allow a local, unprivileged user to potentially escalate their privileges on the system. Note: the fix for this issue is the kernel part of the overall fix, and introduces the PR_SET_NO_NEW_PRIVS functionality and the related SELinux exec transitions support. (CVE-2014-3215, Important) * A use-after-free flaw was found in the way the Linux kernel's SCTP implementation handled authentication key reference counting during INIT collisions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-1421, Important) * It was found that the Linux kernel's KVM implementation did not ensure that the host CR4 control register value remained unchanged across VM entries on the same virtual CPU. A local, unprivileged user could use this flaw to cause a denial of service on the system. (CVE-2014-3690, Moderate) * An out-of-bounds memory access flaw was found in the syscall tracing functionality of the Linux kernel's perf subsystem. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-7825, Moderate) * An out-of-bounds memory access flaw was found in the syscall tracing functionality of the Linux kernel's ftrace subsystem. On a system with ftrace syscall tracing enabled, a local, unprivileged user could use this flaw to crash the system, or escalate their privileges. (CVE-2014-7826, Moderate) * It was found that the Linux kernel memory resource controller's (memcg) handling of OOM (out of memory) conditions could lead to deadlocks. An attacker able to continuously spawn new processes within a single memory- constrained cgroup during an OOM event could use this flaw to lock up the system. (CVE-2014-8171, Moderate) * A race condition flaw was found in the way the Linux kernel keys management subsystem performed key garbage collection. A local attacker could attempt accessing a key while it was being garbage collected, which would cause the system to crash. (CVE-2014-9529, Moderate) * A stack-based buffer overflow flaw was found in the TechnoTrend/Hauppauge DEC USB device driver. A local user with write access to the corresponding device could use this flaw to crash the kernel or, potentially, elevate their privileges on the system. (CVE-2014-8884, Low) * An information leak flaw was found in the way the Linux kernel's ISO9660 file system implementation accessed data on an ISO9660 image with RockRidge Extension Reference (ER) records. An attacker with physical access to the system could use this flaw to disclose up to 255 bytes of kernel memory. (CVE-2014-9584, Low) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-doc-2.6.32-504.16.2.el6.noarch.rpm1e4955677ef6ff83e6a1eb9a9fe502935876c081a04c7333ac7f0e829c5913c5kernel-debug-2.6.32-504.16.2.el6.i686.rpmb4574adfc496c8f37610d9bc283bbe3de5b0c6fbe4be68fa19c51511abbce251perf-2.6.32-504.16.2.el6.i686.rpm4f24472e82ad659e7efaf86d648831265deb1b2a65f999bef517ee7f8f0eb297kernel-headers-2.6.32-504.16.2.el6.i686.rpmc3ea7aeca47b3bfc87c4bdb78a4638aec19eb077e93bc90ebf1de0883fa24e10kernel-firmware-2.6.32-504.16.2.el6.noarch.rpmaead4e486e866e5515b3628df455e82e82243c035aeaf80951987b9cd0981536python-perf-2.6.32-504.16.2.el6.i686.rpm7c410ac60076c8089458f222de12201811de59f0b5925adc42622fc779de2e16kernel-devel-2.6.32-504.16.2.el6.i686.rpm8ce5a1c1f2bc79de99e0f1d24b2ec384adbb9265e51bb4d709bea109be8666eckernel-debug-devel-2.6.32-504.16.2.el6.i686.rpm0b78f1476617eb9ee51196e04e6455ae45745d35bb300fea6cf0f6a77a1f15ebkernel-abi-whitelists-2.6.32-504.16.2.el6.noarch.rpmbe588d39d244cb7db4d3f2f6a4885c27113820fd27bd8afa5c2c36dbfc89fee3kernel-2.6.32-504.16.2.el6.i686.rpmec771c3daa89551c8463dab1b3d38491ea4fc620e18ac7ae5b078fa53dab7fdfSLSA-2015:0867-1It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM- allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. (CVE-2014-8106) This update also fixes the following bug: * Previously, the effective downtime during the last phase of a live migration would sometimes be much higher than the maximum downtime specified by 'migration_downtime' in vdsm.conf. This problem has been corrected. The value of 'migration_downtime' is now honored and the migration is aborted if the downtime cannot be achieved. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.448.el6_6.2.i686.rpmc34005dd0c23a68028ea911d1af0cbe41aaf68346ec5cf84059abeba192e7db1SLSA-2015:0988-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710, CVE-2015-2713) A heap-based buffer overflow flaw was found in the way Firefox processed compressed XML data. An attacker could create specially crafted compressed XML content that, when processed by Firefox, could cause it to crash or execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-2716) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-38.0-4.el6_6.i686.rpm6eec84d593784cc3e187cd4e72ecbb36b625d0b1a6a3d61911e0aa781ebb066aSLSA-2015:0990-1It was found that the pcs daemon did not sign cookies containing session data that were sent to clients connecting via the pcsd web UI. A remote attacker could use this flaw to forge cookies and bypass authorization checks, possibly gaining elevated privileges in the pcsd web UI. Note: the pcsd web UI is not enabled by default. (CVE-2015-1848) This update also fixes the following bug: * When the IPv6 protocol was disabled on a system, starting the pcsd daemon on this system previously failed. This update adds the ability for pcsd to fall back to IPv4 when IPv6 is not available. As a result, pcsd starts properly and uses IPv4 if IPv6 is disabled. After installing the updated packages, the pcsd daemon will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6pcs-0.9.123-9.el6_6.2.i686.rpmc2093f20f95e034f89ee94b4f36e5bed9673ddd55f30b9e5364108374ce592a9SLSA-2015:0991-1It was discovered that the ChunkedInputFilter in Tomcat did not fail subsequent attempts to read input after malformed chunked encoding was detected. A remote attacker could possibly use this flaw to make Tomcat process part of the request body as new request, or cause a denial of service. (CVE-2014-0227) This update also fixes the following bug: * Before this update, the tomcat6 init script did not try to kill the tomcat process if an attempt to stop it was unsuccessful, which would prevent tomcat from restarting properly. The init script was modified to correct this issue. Tomcat must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6tomcat6-servlet-2.5-api-6.0.24-83.el6_6.i686.rpm8dafd7fe55b3de663f3881b7b8bd996d001e16092549ee4fbd191a6b6bb95431tomcat6-jsp-2.1-api-6.0.24-83.el6_6.i686.rpm36543a7ad8d4de1653facb9d7f2605de811b5041a5bf89c4ff7eac39afc68a17tomcat6-javadoc-6.0.24-83.el6_6.i686.rpmc91a867d161b1d99ca7d5d3f69636666a358da14d0beed104a6d60fe54addc43tomcat6-docs-webapp-6.0.24-83.el6_6.i686.rpm0e630d4d48289d60480f50b2e9587e981f013b84930364e130634a8dae85423etomcat6-admin-webapps-6.0.24-83.el6_6.i686.rpm444d1dafca391aa5a91f671a068c7885768c05094837c24302be9b3612c10a8btomcat6-el-2.1-api-6.0.24-83.el6_6.i686.rpm0fd29eb3d21d2da0522c091f1b41db685fb30db03495d6a6ccfe8b19e7c800f3tomcat6-lib-6.0.24-83.el6_6.i686.rpma15ca18dda9a69589dc122183aa490d4ac1c2eb9ae58a575fe7d7baab420fd89tomcat6-webapps-6.0.24-83.el6_6.i686.rpmde31d0fef8d5c74e872df94bf2c31941c1253572f14dbb7bb5778d31dce67cb1tomcat6-6.0.24-83.el6_6.i686.rpm4e130beca11abf5460b4c49af5ec0901017de0a0920edf5bebb615e745b38449SLSA-2015:0998-1An out-of-bounds memory access flaw was found in the way QEMU's virtual Floppy Disk Controller (FDC) handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileges of the host's QEMU process corresponding to the guest. (CVE-2015-3456) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.448.el6_6.3.i686.rpm8bd9720304a1e82d075a6b9453fc50e6f41c3e5adf19a135e81c1f38a42e6171SLSA-2015:1012-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-2708, CVE-2015-2710, CVE-2015-2713) A heap-based buffer overflow flaw was found in the way Thunderbird processed compressed XML data. An attacker could create specially crafted compressed XML content that, when processed by Thunderbird, could cause it to crash or execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-2716) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-31.7.0-1.el6_6.i686.rpm00fe71fb997d6fc7bdaf5a8c9584e945a798329dc8c346c90c190d684ce74c4aSLSA-2015:1072-1A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000) Note: This update forces the TLS/SSL client implementation in OpenSSL to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitrueScientific Linux Fermi 6openssl-devel-1.0.1e-30.el6_6.9.i686.rpmc05a3eba0f7bd223486a2c7c5ddd52ecddc2e663d052c1387cdb9fe994bb3e61openssl-1.0.1e-30.el6_6.9.i686.rpmcb3fdb85a5f46aaa22698ed7dad64e0f0f0052f95ea0f890b0964f84a475dda6openssl-perl-1.0.1e-30.el6_6.9.i686.rpmde311fef2327f377cf1256f454dabb530ed1e3c7419995136548370f57d7ad9eopenssl-static-1.0.1e-30.el6_6.9.i686.rpm394c860d3018a376fcfb46514df3cd7caf5ac0b23036bc475cc276aab52ac3f1SLSA-2015:1081-1* It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-1805, Important) * A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a connection with an active AES-GCM mode IPSec security association. (CVE-2015-3331, Important) * An information leak flaw was found in the way the Linux kernel changed certain segment registers and thread-local storage (TLS) during a context switch. A local, unprivileged user could use this flaw to leak the user space TLS base address of an arbitrary process. (CVE-2014-9419, Low) * It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries (CE). An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service. (CVE-2014-9420, Low) * An information leak flaw was found in the way the Linux kernel's Virtual Dynamic Shared Object (vDSO) implementation performed address randomization. A local, unprivileged user could use this flaw to leak kernel memory addresses to user-space. (CVE-2014-9585, Low) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-devel-2.6.32-504.23.4.el6.i686.rpm2604b84b750ba4932d652614097a8d847c39c0d7ffad8851c53d683d92c8a365kernel-firmware-2.6.32-504.23.4.el6.noarch.rpmb519100fb7d35e4f158feace7771c3b29682d59cafb0571db02e6524dd7e31f2kernel-doc-2.6.32-504.23.4.el6.noarch.rpm4e1b92421ace1ff6d521245f09ead807a0b56fadd3fef125da1749e4c05623b9kernel-2.6.32-504.23.4.el6.i686.rpm10e46de40598e4da4ca8cef4955fe7ff199db7f341abb86f320d17db61f323dfkernel-abi-whitelists-2.6.32-504.23.4.el6.noarch.rpm1712a8aebbd4a086f316aaabfd4cafa3a614a47a192e9f1fbe5c795742c3fee8kernel-headers-2.6.32-504.23.4.el6.i686.rpm0f624951933e51512365b3c8eaeb104ef8794ae450da1f05295153851b67c694python-perf-2.6.32-504.23.4.el6.i686.rpm50e31e1d6ac38df333cdb981125894877a5ce833cedec27d3a4660b0064ffdc7kernel-devel-2.6.32-504.23.4.el6.i686.rpm3975836d08de9e1797e5ff4b35d92c1db591cdff85161b31bd3b6e92807e593akernel-debug-2.6.32-504.23.4.el6.i686.rpmfb58c5899265197b2d396262c36e0abb1728f59388f276ae35c817cd860209efperf-2.6.32-504.23.4.el6.i686.rpmc17ac490cfc56c6ef7640c773871a0b7af2cae5de35c8dd8ee1a61e8121553dcSLSA-2015:1087-1A flaw was found in the way QEMU's AMD PCnet Ethernet emulation handled multi-TMD packets with a length above 4096 bytes. A privileged guest user in a guest with an AMD PCNet ethernet card enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the hosting QEMU process. (CVE-2015-3209) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.448.el6_6.4.i686.rpm9416d8d2d4d33ec9a506a358f81e16cb8592750362bfe11433458e7a1bd8dc15SLSA-2015:1115-1An invalid free flaw was found in the way OpenSSL handled certain DTLS handshake messages. A malicious DTLS client or server could cause a DTLS server or client using OpenSSL to crash or, potentially, execute arbitrary code. (CVE-2014-8176) A flaw was found in the way the OpenSSL packages shipped with Scientific Linux 6 and 7 performed locking in the ssleay_rand_bytes() function. This issue could possibly cause a multi-threaded application using OpenSSL to perform an out-of-bounds read and crash. (CVE-2015-3216) An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789) A race condition was found in the session handling code of OpenSSL. This issue could possibly cause a multi-threaded TLS/SSL client using OpenSSL to double free session ticket data and crash. (CVE-2015-1791) A flaw was found in the way OpenSSL handled Cryptographic Message Syntax (CMS) messages. A CMS message with an unknown hash function identifier could cause an application using OpenSSL to enter an infinite loop. (CVE-2015-1792) A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitrueScientific Linux Fermi 6openssl-static-1.0.1e-30.el6_6.11.i686.rpm05ada54c8b6836b9d7a419064c18f8dec87c81a1f418dadec2d902203d170ab1openssl-1.0.1e-30.el6_6.11.i686.rpm79ea371cf3fb540927a212741c57356a61305d8e59c1e8f5d79ac869f6a9fa59openssl-devel-1.0.1e-30.el6_6.11.i686.rpmc7e88cbed4bd8d9d744b1a230fb53927f725fe458c47300ed1c97a978894816bopenssl-perl-1.0.1e-30.el6_6.11.i686.rpm8b47112dcfd613b1f2289147f29d168b8695ec4ec259d880c7722186dcef6182SLSA-2015:1123-1A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker can submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged operations, allowing a replacement configuration file to be uploaded which in turn allows the attacker to run arbitrary code in the CUPS server (CVE-2015-1158) A cross-site scripting flaw was found in the cups web templating engine. An attacker could use this flaw to bypass the default configuration settings that bind the CUPS scheduler to the 'localhost' or loopback interface. (CVE-2015-1159) An integer overflow leading to a heap-based buffer overflow was found in the way cups handled compressed raster image files. An attacker could create a specially-crafted image file, which when passed via the cups Raster filter, could cause the cups filter to crash. (CVE-2014-9679) After installing this update, the cupsd daemon will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6cups-libs-1.4.2-67.el6_6.1.i686.rpmcaf8af73b36f918f36d95bb94fe0ce9bec022cba76ff46e9670fb2db85a58351cups-devel-1.4.2-67.el6_6.1.i686.rpm0ca1f7611044a84277358e1cb361fcb6e895f87a55b0da8d132c47c3ee85563fcups-lpd-1.4.2-67.el6_6.1.i686.rpmd385c22acb8d4acbdd3bdddb2754377d04090621c57e8b5932c6cd215b5d7b8acups-1.4.2-67.el6_6.1.i686.rpm9ad2523ee45b7afacc75f6b1575284d82e7763fb4ec2e94393ce19221fb2d9f0cups-php-1.4.2-67.el6_6.1.i686.rpme7618f5e94a22d116d1373205afdd273324d6fc8bf2831a5938b2630f155dcb9SLSA-2015:1185-1A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000) Note: This update forces the TLS/SSL client implementation in NSS to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits. The nss and nss-util packages have been upgraded to upstream versions 3.19.1. The upgraded versions provide a number of bug fixes and enhancements over the previous versions.moderateScientific Linux FermiScientific Linux Fermi 6nss-tools-3.19.1-3.el6_6.i686.rpm83c049173f85b1fe8aaad7e5800dcf792af1f437db7b705817973c8eddcd7052nss-devel-3.19.1-3.el6_6.i686.rpmbd583ae8aa9bc787496c4a6b6dcd2654bbef9530969d5e633c9496bd59886095nss-3.19.1-3.el6_6.i686.rpm04d2fddf39cd3b8958969b1edd3ce28b9cfd9abd88b7fe76464f36fc57d71e5bnss-util-3.19.1-1.el6_6.i686.rpm539838e9b74a9149cb6475015421ae916f18fed30d34ed28a2b3109887d210e6nss-sysinit-3.19.1-3.el6_6.i686.rpm48773ad236e8c13f90b214729d19fb589928f1d7011cc7311dcda9fc6ff821abnss-pkcs11-devel-3.19.1-3.el6_6.i686.rpm346f876474e09b0aacb99befca569046d5b0cb0d4a888fcac4517fadb1a41e54nss-util-devel-3.19.1-1.el6_6.i686.rpm2d8ea11b0ed18097fce52423bde89276cd1e796aee1f644dabf5a0167e5c65caSLSA-2015:1194-1A double-free flaw was found in the connection handling. An unauthenticated attacker could exploit this flaw to crash the PostgreSQL back end by disconnecting at approximately the same time as the authentication time out is triggered. (CVE-2015-3165) It was discovered that PostgreSQL did not properly check the return values of certain standard library functions. If the system is in a state that would cause the standard library functions to fail, for example memory exhaustion, an authenticated user could exploit this flaw to disclose partial memory contents or cause the GSSAPI authentication to use an incorrect keytab file. (CVE-2015-3166) It was discovered that the pgcrypto module could return different error messages when decrypting certain data with an incorrect key. This can help an authenticated user to launch a possible cryptographic attack, although no suitable attack is currently known. (CVE-2015-3167) If the postgresql service is running, it will be automatically restarted after installing this update.moderateScientific Linux FermiScientific Linux Fermi 6postgresql-plperl-8.4.20-3.el6_6.i686.rpm531b33598f733557f27a146381e400eb0e611209ea4242c8ff034ccfbefdc345postgresql-contrib-8.4.20-3.el6_6.i686.rpm8fad80653cc3316c56ca0233061dca7b7506d51d7005b66a9b0c668d66c7a4b0postgresql-libs-8.4.20-3.el6_6.i686.rpmb81b9b4a6e1cbccdef5955be1393bd99581f0d13bc9e01f8a2ec5b8927af46c5postgresql-server-8.4.20-3.el6_6.i686.rpma54d8d424732da75cd3a859a4f70fada0b2451a1202b22049729ef8ff87d9025postgresql-plpython-8.4.20-3.el6_6.i686.rpm73a665ebb3f391839c49c969414594e993fd6871db40e864906639d88986bc27postgresql-test-8.4.20-3.el6_6.i686.rpm9f830803b8a3969ba4e6b5668612b9d32711255a87dfb9670b03378dd9273942postgresql-devel-8.4.20-3.el6_6.i686.rpma91b49958203322be978fb5b7199daa63cfa725c177cbb4cbd92a7bdb37c3bbfpostgresql-docs-8.4.20-3.el6_6.i686.rpmab0d959e827d6018414f0bc3520b34d64f902cd119eca936d2214a57207e6c27postgresql-8.4.20-3.el6_6.i686.rpm2fb3296110ac1eb6826497019d183a9f6efc4b41280dafb6a134041aa2e0393fpostgresql-pltcl-8.4.20-3.el6_6.i686.rpm7f9c4a37a095eeb08d0e98d157c9af6a60f903a68947fee45d5f71c923663df3SLSA-2015:1207-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-2724, CVE-2015-2725, CVE-2015-2722, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2731, CVE-2015-2733, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740) It was found that Firefox skipped key-pinning checks when handling an error that could be overridden by the user (for example an expired certificate error). This flaw allowed a user to override a pinned certificate, which is an action the user should not be able to perform. (CVE-2015-2741) A flaw was discovered in Mozilla's PDF.js PDF file viewer. When combined with another vulnerability, it could allow execution of arbitrary code with the privileges of the user running Firefox. (CVE-2015-2743) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-38.1.0-1.el6_6.i686.rpm8c06f4309d683d25b341ffbdf70411bf6896bf463eeed138f4b6abe3f22b2258SLSA-2015:1210-1It was found that ABRT was vulnerable to multiple race condition and symbolic link flaws. A local attacker could use these flaws to potentially escalate their privileges on the system. (CVE-2015-3315) It was discovered that the kernel-invoked coredump processor provided by ABRT wrote core dumps to files owned by other system users. This could result in information disclosure if an application crashed while its current directory was a directory writable to by other users (such as /tmp). (CVE-2015-3142) It was discovered that the default event handling scripts installed by ABRT did not handle symbolic links correctly. A local attacker with write access to an ABRT problem directory could use this flaw to escalate their privileges. (CVE-2015-1869) It was found that the ABRT event scripts created a user-readable copy of an sosreport file in ABRT problem directories, and included excerpts of /var/log/messages selected by the user-controlled process name, leading to an information disclosure. (CVE-2015-1870) It was discovered that, when moving problem reports between certain directories, abrt-handle-upload did not verify that the new problem directory had appropriate permissions and did not contain symbolic links. An attacker able to create a crafted problem report could use this flaw to expose other parts of ABRT, or to overwrite arbitrary files on the system. (CVE-2015-3147) It was discovered that the abrt-action-install-debuginfo-to-abrt-cache helper program did not properly filter the process environment before invoking abrt-action-install-debuginfo. A local attacker could use this flaw to escalate their privileges on the system. (CVE-2015-3159)moderateScientific Linux FermiScientific Linux Fermi 6libreport-plugin-kerneloops-2.0.9-21.el6_6.1.i686.rpm3d154af60124bd09af6f362090f7effa14c7f768e72c9f559338b19ca3db0bf0libreport-python-2.0.9-21.el6_6.1.i686.rpm49248f29bbf5b81444eda3057544400667da52f38be03f6c0878c152abd17651libreport-plugin-mailx-2.0.9-21.el6_6.1.i686.rpme3e81d207abcf9459ded3cf5dd245e632bd731f7e836c6abd9200134a14d0f19libreport-plugin-rhtsupport-2.0.9-21.el6_6.1.i686.rpm39e1cce545592e22d80d99f3a89cbc62c4726bf16cb7983fe0d69ea8c77bd2a9abrt-addon-vmcore-2.0.8-26.sl6.1.i686.rpmcddb71ba84afe5e1b3cacdf92adc135916b9dcfa586aa22eb78d5c046c89e25elibreport-gtk-devel-2.0.9-21.el6_6.1.i686.rpm69ec0245a77d42edba83bddcfb7756db00240c1268fe03afc8dbc93318e5f665libreport-plugin-bugzilla-2.0.9-21.el6_6.1.i686.rpm0feeeac5147244b86ac24d1629df51cb1ea441795570d1c5164d039a4548357babrt-cli-2.0.8-26.sl6.1.i686.rpm0c32997bb41b3b6b2533fd2ad23b36fce5dca6901a68375b9f5795df40fa1be3libreport-plugin-logger-2.0.9-21.el6_6.1.i686.rpmd08decbd949d3553ded02bc8d100e568b40ecbfda25f7f051f435236f94f43c3abrt-desktop-2.0.8-26.sl6.1.i686.rpmf5be7691396c8b07bde3a497921a1576918bfdaff327401d626083a3fc48543dlibreport-devel-2.0.9-21.el6_6.1.i686.rpmda708f15704679cf26f9e501e2a100f72f0079489780ca50f27096e3e73a83e1abrt-addon-ccpp-2.0.8-26.sl6.1.i686.rpmb512968e65deafa491c99014d220f06777e7957e106071789fa916402347fac8abrt-python-2.0.8-26.sl6.1.noarch.rpm7145a3ab38659a025ed955c069fd7becb3161504c2c6a4c5ce58565b35afbd60abrt-gui-2.0.8-26.sl6.1.i686.rpmb6aaf26152fd6c352bab8dc3dde2f6c70cffda037dbe76a2d8dff12442c45c28libreport-2.0.9-21.el6_6.1.i686.rpm79e660935238dbd4f8f5624e2eb58c06c245751e70416d8cab01328e877f42a2abrt-libs-2.0.8-26.sl6.1.i686.rpm0ac556a06b39d73d1a8763170cbcbb46c88acf2d75507a1384548b275828a06dabrt-addon-kerneloops-2.0.8-26.sl6.1.i686.rpm1eaa52e70cf336e9a44e8e8c1961504d8f4960991d11fbfdf52c88aa56022bdeabrt-2.0.8-26.sl6.1.i686.rpm59596cb2964c4c2977ca8378b1ef06dddf498578b8e21f47fa26c94d390c02f2abrt-console-notification-2.0.8-26.sl6.1.i686.rpm5d5ead680815f5bf2647dd42f17589f0dd2ff642803d8023a2d9a848c0fd49d9libreport-cli-2.0.9-21.el6_6.1.i686.rpmd466346c749c29e552520d03e0f56cbcd0a2be81a149e7159c9c7f47d165c2e1abrt-devel-2.0.8-26.sl6.1.i686.rpm012382b97a1df56b20e7a81e399c745d379148f6b1bd1eb17e9855f1208e5acdlibreport-gtk-2.0.9-21.el6_6.1.i686.rpm3aae79194aeaa6528637e028072bf83043791e3e21bd62d6bbbad79fd367a692libreport-compat-2.0.9-21.el6_6.1.i686.rpm1f8ddf4fd26770688c3b972b8f3d2acbac25ac89fc1dfb1ddfe302964055c31aabrt-addon-python-2.0.8-26.sl6.1.i686.rpmb7d4ade2a46b75a44be27c74f2f31886240ac2cefd2a213d7de03e64a921fe27libreport-newt-2.0.9-21.el6_6.1.i686.rpm7c806d18208044558734223faf7b37e35d62feea9212b85f92dab9694e52e9a1libreport-plugin-reportuploader-2.0.9-21.el6_6.1.i686.rpm7e03567efaaa949522584c4baaf499da89774a20fac189236c8dc8eb7210a023libreport-filesystem-2.0.9-21.el6_6.1.i686.rpmd39fd67aa12796de75c17ffc33beaca7d43343bb5f55b62eaab287b1cbe43b21abrt-tui-2.0.8-26.sl6.1.i686.rpmb3aa9d0ffba80a6254a58bf22c3399d8f5fb4089f2b670ab9e14f18dbd49919fSLSA-2015:1218-1A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. (CVE-2015-4024) An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_read_data() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2015-0232) An integer overflow flaw leading to a heap-based buffer overflow was found in the way PHP's FTP extension parsed file listing FTP server responses. A malicious FTP server could use this flaw to cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-4022) Multiple flaws were discovered in the way PHP performed object unserialization. Specially crafted input processed by the unserialize() function could cause a PHP application to crash or, possibly, execute arbitrary code. (CVE-2015-0273, CVE-2015-2787, CVE-2015-4147, CVE-2015-4148, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602, CVE-2015-4603) It was found that certain PHP functions did not properly handle file names containing a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2015-4026, CVE-2015-3411, CVE-2015-3412, CVE-2015-4598) Multiple flaws were found in the way the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. (CVE-2015-2301, CVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021) A heap buffer overflow flaw was found in the enchant_broker_request_dict() function of PHP's enchant extension. An attacker able to make a PHP application enchant dictionaries could possibly cause it to crash. (CVE-2014-9705) A buffer over-read flaw was found in the GD library used by the PHP gd extension. A specially crafted GIF file could cause a PHP application using the imagecreatefromgif() function to crash. (CVE-2014-9709) A double free flaw was found in zend_ts_hash_graceful_destroy() function in the PHP ZTS module. This flaw could possibly cause a PHP application to crash. (CVE-2014-9425) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6php-pspell-5.3.3-46.el6_6.i686.rpm4484e1c8adc49bab1010ff2e88a8c5b7836032e4f888cf09e3ea709b8de8cfdfphp-tidy-5.3.3-46.el6_6.i686.rpm9d9424147ab36e53abd1382000253bc9e11b5fa44a46ebea7a02aba71c62cf06php-gd-5.3.3-46.el6_6.i686.rpm7c71f00d49e8d640e35bce62947750cc14d98d87693f189600fe4c77840f9164php-devel-5.3.3-46.el6_6.i686.rpm5f861b3ebc6e25ee5c78e20f61bad55fff480608f0583bd6d9c599439d8f8295php-mbstring-5.3.3-46.el6_6.i686.rpm16a0feabdcceb264e5fd3b29f3c6e8af295ece5fb6b54bccb97a670e8fe2bf6cphp-odbc-5.3.3-46.el6_6.i686.rpm7ce6b6e63ea41e98c12708f390f762d9b02e2b968254f28a24ab05e13eba064dphp-soap-5.3.3-46.el6_6.i686.rpma655f3664c19ad7c121d1d340329a9a4a8744907a1bb982825d6ea629f1655b3php-5.3.3-46.el6_6.i686.rpm48cb6b1d0c279531c2267c60f20f59d3b27329790e69170f8aad672429260efcphp-mysql-5.3.3-46.el6_6.i686.rpmb9c916011fbea902e95db889ce8c8b97102cef9f7bc4d0c4eb49b694f1ca884aphp-recode-5.3.3-46.el6_6.i686.rpmfb6eebcfcc72eb2162488600f16cf56926c9d2f8adb95674609dd74ec57eb515php-common-5.3.3-46.el6_6.i686.rpm217378d32f4c197ec2580f30aea3841b00dcc7171e0e3f056d528f532302917bphp-fpm-5.3.3-46.el6_6.i686.rpmefe4cac7204e179150abd7a2cfd20abad9c09f9b6720057d301289d265bf66fbphp-intl-5.3.3-46.el6_6.i686.rpm0be03a2ced8400e3d9638ab9b51deb17ec88e435059957bee1457b5ec5e6f9dbphp-xml-5.3.3-46.el6_6.i686.rpm268e050ac696f3be3e67e694ca87225582b386bf4444c91e3ad2ecdb17a41a64php-process-5.3.3-46.el6_6.i686.rpm06d652185080713cd6d5ddd608fc6f6737cdb48ee3d0f0ca29fb202ca3ffc6faphp-enchant-5.3.3-46.el6_6.i686.rpm5dc02282e3ec05f7e7b38fd8c33129ed9aa2a8dd3f953fd1455924dbeab4b9fcphp-bcmath-5.3.3-46.el6_6.i686.rpm2b972c446ce00a153eb72ca38a5a0b6cd968c6ba36ce83b331a321bc899c82fephp-xmlrpc-5.3.3-46.el6_6.i686.rpm1bbfa631982a416f76694d28e91d261655c827ba6fe9b06f6ac4a745aab332bcphp-zts-5.3.3-46.el6_6.i686.rpm0dba37fb0e3b7cbc85a1f532f8054b8bc38c63ea4e6de86912061b113bd51c2dphp-pdo-5.3.3-46.el6_6.i686.rpm05417dc95ffe5d0e0bc40b7807415bb9d398003f62ee2ccb0e80929526417599php-ldap-5.3.3-46.el6_6.i686.rpmabd87c44091c0101c06389942d39504b597b795adeb5699054fff5cbd5196bb1php-dba-5.3.3-46.el6_6.i686.rpmc0a71d1d70c229f0fef49762fb1cb882d5ffb4986397abea08934604cdc43a7fphp-cli-5.3.3-46.el6_6.i686.rpm5f7e2d6d55691dd299859e888a796c9294b67aba40641d7ef2615e338b0ca771php-snmp-5.3.3-46.el6_6.i686.rpm7932667fdac9d7242963596a9664c95db8ff6d99f67b0178475f393ba8de889aphp-embedded-5.3.3-46.el6_6.i686.rpm285e855a3c3809cef51a3266893d1f0a1bfab9052ab6193704daf8faa2966400php-imap-5.3.3-46.el6_6.i686.rpmee0541deae7f9f3a6258c97ddf8ec65071f10b3fdf85ff12688cfda36fb040bbphp-pgsql-5.3.3-46.el6_6.i686.rpm584042f32d69207f5c11e56fe999e269ed59e0599aaec0444126b7490806047fSLSA-2015:1221-1* A NULL pointer dereference flaw was found in the way the Linux kernel's virtual console implementation handled reference counting when accessing pseudo-terminal device files (/dev/pts/*). A local, unprivileged attacker could use this flaw to crash the system. (CVE-2011-5321, Moderate) * It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system. (CVE-2015-3636, Moderate) * An integer overflow flaw was found in the way the Linux kernel randomized the stack for processes on certain 64-bit architecture systems, such as x86-64, causing the stack entropy to be reduced by four. (CVE-2015-1593, Low) * A flaw was found in the way the Linux kernel's 32-bit emulation implementation handled forking or closing of a task with an 'int80' entry. A local user could potentially use this flaw to escalate their privileges on the system. (CVE-2015-2830, Low) * It was found that the Linux kernel's TCP/IP protocol suite implementation for IPv6 allowed the Hop Limit value to be set to a smaller value than the default one. An attacker on a local network could use this flaw to prevent systems on that network from sending or receiving network packets. (CVE-2015-2922, Low) For information on the most significant of these changes, users are directed to the following article on the Red Hat Customer Portal: The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-firmware-2.6.32-504.30.3.el6.noarch.rpm1025c2a1778bb2e465f5d3515a57df4318fe8444d5c8987e00a4ea3db726e294kernel-debug-devel-2.6.32-504.30.3.el6.i686.rpma381f86272045739d4175848feba1d504b66618008c8ca6b677cea3c8c33b358python-perf-2.6.32-504.30.3.el6.i686.rpm69f0cbe31a43b292de5d1308ba951ebd6a6b6f947026bc5fcf66855693a44f03kernel-abi-whitelists-2.6.32-504.30.3.el6.noarch.rpm2fbc0e577ca7e3acd2cf9da773ed8619f0b7d9ce019fd05c923a8ed08cc32de2kernel-debug-2.6.32-504.30.3.el6.i686.rpm23aa5e31de24549f2368802f803c1eec525dd83afb3caaed861e6ecb823000c0kernel-doc-2.6.32-504.30.3.el6.noarch.rpm52000138698656f96957b532e60605f158672fa09a052d36564eea213deaf71dkernel-devel-2.6.32-504.30.3.el6.i686.rpme560c2064177f386ae11d6a7be4aa112e34a066b86fb535bcc135e7861f51965kernel-2.6.32-504.30.3.el6.i686.rpm47d360513255c312c34b0abbd8fb42bb840d30cbca1a95d09a1271f1601c5a05kernel-headers-2.6.32-504.30.3.el6.i686.rpm4e425d9340fee968361a240f454dd02b64ab37d533f401755f4abb1d0ad1cfc6perf-2.6.32-504.30.3.el6.i686.rpmc3ac92d883eda61df62732d56f5e45c9e19d226410593eb56919b0af45b4ddd5SLSA-2015:1228-1Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol (OCSP) responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid. (CVE-2015-4748) It was discovered that the JCE component in OpenJDK failed to use constant time comparisons in multiple cases. An attacker could possibly use these flaws to disclose sensitive information by measuring the time used to perform operations using these non-constant time comparisons. (CVE-2015-2601) It was discovered that the GCM (Galois Counter Mode) implementation in the Security component of OpenJDK failed to properly perform a null check. This could cause the Java Virtual Machine to crash when an application performed encryption using a block cipher in the GCM mode. (CVE-2015-2659) A flaw was found in the RC4 encryption algorithm. When using certain keys for RC4 encryption, an attacker could obtain portions of the plain text from the cipher text without the knowledge of the encryption key. (CVE-2015-2808) A flaw was found in the way the TLS protocol composed the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000) It was discovered that the JNDI component in OpenJDK did not handle DNS resolutions correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution. (CVE-2015-4749) Multiple information leak flaws were found in the JMX and 2D components in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-2621, CVE-2015-2632) A flaw was found in the way the JSSE component in OpenJDK performed X.509 certificate identity verification when establishing a TLS/SSL connection to a host identified by an IP address. In certain cases, the certificate was accepted as valid if it was issued for a host name to which the IP address resolves rather than for the IP address. (CVE-2015-2625) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. Note: This issue was originally fixed as CVE-2015-0383, but the fix was regressed in the SLSA-2015:0809 advisory. (CVE-2015-3149) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.8.0-openjdk-devel-1.8.0.51-0.b16.el6_6.i686.rpm69a556cf35d091a63f9cb3ba2b578acf7b212cd57ff92926c605b5501261ecd8java-1.8.0-openjdk-javadoc-1.8.0.51-0.b16.el6_6.noarch.rpmb4855e053d1a7998adaeb48b80985f8fda773ad177c0be7744b6c9ca0d52b00fjava-1.8.0-openjdk-1.8.0.51-0.b16.el6_6.i686.rpm3847db4ef87e9316c35c0bdfd19539edcd3efeaa1e7d1356d258be14510d8cdbjava-1.8.0-openjdk-demo-1.8.0.51-0.b16.el6_6.i686.rpm89495b5f81aab8c5e4521644cf2fe67910bf4c3be5896b37f7c17e4ef82ddcddjava-1.8.0-openjdk-src-1.8.0.51-0.b16.el6_6.i686.rpm5fe95fd131c4165fd09ee24df483f4d0ab98b4240c2be1937c90f7f20f65f55djava-1.8.0-openjdk-headless-1.8.0.51-0.b16.el6_6.i686.rpmbb3107cd3a4719271e86a49328f81e6cf0a254fe6734642dd620b8201253fbd2SLSA-2015:1229-1Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol (OCSP) responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid. (CVE-2015-4748) It was discovered that the JCE component in OpenJDK failed to use constant time comparisons in multiple cases. An attacker could possibly use these flaws to disclose sensitive information by measuring the time used to perform operations using these non-constant time comparisons. (CVE-2015-2601) A flaw was found in the RC4 encryption algorithm. When using certain keys for RC4 encryption, an attacker could obtain portions of the plain text from the cipher text without the knowledge of the encryption key. (CVE-2015-2808) A flaw was found in the way the TLS protocol composed the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000) It was discovered that the JNDI component in OpenJDK did not handle DNS resolutions correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution. (CVE-2015-4749) Multiple information leak flaws were found in the JMX and 2D components in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-2621, CVE-2015-2632) A flaw was found in the way the JSSE component in OpenJDK performed X.509 certificate identity verification when establishing a TLS/SSL connection to a host identified by an IP address. In certain cases, the certificate was accepted as valid if it was issued for a host name to which the IP address resolves rather than for the IP address. (CVE-2015-2625) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el6_6.i686.rpm13112fca42b1d492daa41f983b6914d67eda6fad8e800bcbc84e6a98c963dce0java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el6_6.i686.rpmd330870750788db2a21c64e2872e0ceadc2e6dc691a5de97540698a549c3f90ejava-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el6_6.noarch.rpm2e7b16400391123e3f8cb84d8c79a0cb4c5c0c1d1946024caa5b998b771ae482java-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el6_6.i686.rpm36981bbae561bc7c89ee397f5ed58e0f7e4fefc8611aab64f9bdac436801d9c0java-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el6_6.i686.rpmfcc7ddfa51255dfa46ffcd4817ce84456779cc169779b526ba8d86975a622108SLSA-2015:1249-2A flaw was found in the way httpd handled HTTP Trailer headers when processing requests using chunked encoding. A malicious client could use Trailer headers to set additional HTTP headers after header processing was performed by other modules. This could, for example, lead to a bypass of header restrictions defined with mod_headers. (CVE-2013-5704) This update also fixes the following bugs: * The order of mod_proxy workers was not checked when httpd configuration was reloaded. When mod_proxy workers were removed, added, or their order was changed, their parameters and scores could become mixed. The order of mod_proxy workers has been made internally consistent during configuration reload. * The local host certificate created during firstboot contained CA extensions, which caused the httpd service to return warning messages. This has been addressed by local host certificates being generated with the "-extensions v3_req" option. * The default mod_ssl configuration no longer enables support for SSL cipher suites using the single DES, IDEA, or SEED encryption algorithms. * The apachectl script did not take into account the HTTPD_LANG variable set in the /etc/sysconfig/httpd file during graceful restarts. Consequently, httpd did not use a changed value of HTTPD_LANG when the daemon was restarted gracefully. The script has been fixed to handle the HTTPD_LANG variable correctly. * The mod_deflate module failed to check the original file size while extracting files larger than 4 GB, making it impossible to extract large files. Now, mod_deflate checks the original file size properly according to RFC1952, and it is able to decompress files larger than 4 GB. * The httpd service did not check configuration before restart. When a configuration contained an error, an attempt to restart httpd gracefully failed. Now, httpd checks configuration before restart and if the configuration is in an inconsistent state, an error message is printed, httpd is not stopped and a restart is not performed. * The SSL_CLIENT_VERIFY environment variable was incorrectly handled when the "SSLVerifyClient optional_no_ca" and "SSLSessionCache" options were used. When an SSL session was resumed, the SSL_CLIENT_VERIFY value was set to "SUCCESS" instead of the previously set "GENEROUS". SSL_CLIENT_VERIFY is now correctly set to GENEROUS in this scenario. * The ab utility did not correctly handle situations when an SSL connection was closed after some data had already been read. As a consequence, ab did not work correctly with SSL servers and printed "SSL read failed" error messages. With this update, ab works as expected with HTTPS servers. * When a client presented a revoked certificate, log entries were created only at the debug level. The log level of messages regarding a revoked certificate has been increased to INFO, and administrators are now properly informed of this situation. In addition, this update adds the following enhancement: * A mod_proxy worker can now be set into drain mode (N) using the balancer-manager web interface or using the httpd configuration file. A worker in drain mode accepts only existing sticky sessions destined for itself and ignores all other requests. The worker waits until all clients currently connected to this worker complete their work before the worker is stopped. As a result, drain mode enables to perform maintenance on a worker without affecting clients. After installing the updated packages, the httpd service will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6httpd-manual-2.2.15-45.sl6.noarch.rpmae78a81057cb627ab15f2a3801230b1a9d2f31f12e438c99b76720c771c3d2a4mod_ssl-2.2.15-45.sl6.i686.rpm59a4304150efe1870f2342a7ad4a0c59ea62965f9c309403cab2d22a842bfc8bhttpd-tools-2.2.15-45.sl6.i686.rpmc933901d5127d6811b22eac55fe90dfb7c701c064a6c38aadabdf50daeae64d6httpd-devel-2.2.15-45.sl6.i686.rpmc17652ea03088d6eb1a8fc1291fe060acf121f8151193cd7eede6d5d5b864396httpd-2.2.15-45.sl6.i686.rpmcf3b1ebc08c7c46244eef7a159f89e2239db90671b0121a2b2fcf67860b590c6SLSA-2015:1254-2It was found that the libcurl library did not correctly handle partial literal IP addresses when parsing received HTTP cookies. An attacker able to trick a user into connecting to a malicious server could use this flaw to set the user's cookie to a crafted domain, making other cookie-related issues easier to exploit. (CVE-2014-3613) A flaw was found in the way the libcurl library performed the duplication of connection handles. If an application set the CURLOPT_COPYPOSTFIELDS option for a handle, using the handle's duplicate could cause the application to crash or disclose a portion of its memory. (CVE-2014-3707) It was discovered that the libcurl library failed to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to inject additional headers to the request or construct additional requests. (CVE-2014-8150) It was discovered that libcurl implemented aspects of the NTLM and Negotatiate authentication incorrectly. If an application uses libcurl and the affected mechanisms in a specifc way, certain requests to a previously NTLM-authenticated server could appears as sent by the wrong authenticated user. Additionally, the initial set of credentials for HTTP Negotiate- authenticated requests could be reused in subsequent requests, although a different set of credentials was specified. (CVE-2015-3143, CVE-2015-3148) Bug fixes: * An out-of-protocol fallback to SSL version 3.0 (SSLv3.0) was available with libcurl. Attackers could abuse the fallback to force downgrade of the SSL version. The fallback has been removed from libcurl. Users requiring this functionality can explicitly enable SSLv3.0 through the libcurl API. * A single upload transfer through the FILE protocol opened the destination file twice. If the inotify kernel subsystem monitored the file, two events were produced unnecessarily. The file is now opened only once per upload. * Utilities using libcurl for SCP/SFTP transfers could terminate unexpectedly when the system was running in FIPS mode. * Using the "--retry" option with the curl utility could cause curl to terminate unexpectedly with a segmentation fault. Now, adding "--retry" no longer causes curl to crash. * The "curl --trace-time" command did not use the correct local time when printing timestamps. Now, "curl --trace-time" works as expected. * The valgrind utility could report dynamically allocated memory leaks on curl exit. Now, curl performs a global shutdown of the NetScape Portable Runtime (NSPR) library on exit, and valgrind no longer reports the memory leaks. * Previously, libcurl returned an incorrect value of the CURLINFO_HEADER_SIZE field when a proxy server appended its own headers to the HTTP response. Now, the returned value is valid. Enhancements: * The "--tlsv1.0", "--tlsv1.1", and "--tlsv1.2" options are available for specifying the minor version of the TLS protocol to be negotiated by NSS. The "--tlsv1" option now negotiates the highest version of the TLS protocol supported by both the client and the server. * It is now possible to explicitly enable or disable the ECC and the new AES cipher suites to be used for TLS.moderateScientific Linux FermiScientific Linux Fermi 6libcurl-7.19.7-46.el6.i686.rpmd5306e6451591548768b722f626d2d2b2c95f5cf1c098074f747b287b0bdc193libcurl-devel-7.19.7-46.el6.i686.rpm02a451f9ddd8225454bbceda310cd72a9dc566478b0c1c5ee8038eedf93bcb34curl-7.19.7-46.el6.i686.rpm787acfc69b4b9b2c7a97720102272bd8a67d816328e0db0a10d2d0073df19e26SLSA-2015:1272-1* A flaw was found in the way Linux kernel's Transparent Huge Pages (THP) implementation handled non-huge page migration. A local, unprivileged user could use this flaw to crash the kernel by migrating transparent hugepages. (CVE-2014-3940, Moderate) * A buffer overflow flaw was found in the way the Linux kernel's eCryptfs implementation decoded encrypted file names. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-9683, Moderate) * A race condition flaw was found between the chown and execve system calls. When changing the owner of a setuid user binary to root, the race condition could momentarily make the binary setuid root. A local, unprivileged user could potentially use this flaw to escalate their privileges on the system. (CVE-2015-3339, Moderate) * Multiple out-of-bounds write flaws were found in the way the Cherry Cymotion keyboard driver, KYE/Genius device drivers, Logitech device drivers, Monterey Genius KB29E keyboard driver, Petalynx Maxter remote control driver, and Sunplus wireless desktop driver handled HID reports with an invalid report descriptor size. An attacker with physical access to the system could use either of these flaws to write data past an allocated memory buffer. (CVE-2014-3184, Low) * An information leak flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled access of the user control's state. A local, privileged user could use this flaw to leak kernel memory to user space. (CVE-2014-4652, Low) * It was found that the espfix functionality could be bypassed by installing a 16-bit RW data segment into GDT instead of LDT (which espfix checks), and using that segment on the stack. A local, unprivileged user could potentially use this flaw to leak kernel stack addresses. (CVE-2014-8133, Low) * An information leak flaw was found in the Linux kernel's IEEE 802.11 wireless networking implementation. When software encryption was used, a remote attacker could use this flaw to leak up to 8 bytes of plaintext. (CVE-2014-8709, Low) * It was found that the Linux kernel KVM subsystem's sysenter instruction emulation was not sufficient. An unprivileged guest user could use this flaw to escalate their privileges by tricking the hypervisor to emulate a SYSENTER instruction in 16-bit mode, if the guest OS did not initialize the SYSENTER model-specific registers (MSRs). Note: Certified guest operating systems for Scientific Linux with KVM do initialize the SYSENTER MSRs and are thus not vulnerable to this issue when running on a KVM hypervisor. (CVE-2015-0239, Low) The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-2.6.32-573.el6.i686.rpm69f8623d41c76b85446a45c35da90bae87c1fd807c820ec7ad5bcee1a3c9895ckernel-doc-2.6.32-573.el6.noarch.rpm386679ee44419508b1c79257dad0e9d4a77fdd0ce25a0763268dc585a90a21c1kernel-debug-devel-2.6.32-573.el6.i686.rpm0943ccc0b263e71907e57500b9b64f129d5ba5fa067d192d6ab030509ca24f15kmod-openafs-1.6.13-1.SL67.el6.noarch.rpmeb7f968464bf25fc22af45d5ceacfacffe68e502f436d5a192adcc3a80edb61akernel-headers-2.6.32-573.el6.i686.rpm4c9c91c323bd2b1e0d68bdba7bb0ccfa7f795bea08b60b986e2181e79304596epython-perf-2.6.32-573.el6.i686.rpm10b2a3b66f0c5cb2ec256b561df8e7c4f66b65066f026e0101ab72ab40526fcfperf-2.6.32-573.el6.i686.rpm880afa21f689cd4b53ee5a391bde9e388be0bb02a2d8154e9539d4abfe836babkernel-2.6.32-573.el6.i686.rpm3278eb5a8bb9695a9d8de3ea04dc71a0bdfaa541dc37e22d6de752c849ebf33fkernel-firmware-2.6.32-573.el6.noarch.rpm1143c5d12a208861ca48aa6a65095f5a8db7b29c6372468f3502efd82fbac834kernel-devel-2.6.32-573.el6.i686.rpm0125cc711ed405d347bb42b2515558d76d8fddec27e626440b2430f08e034924kmod-openafs-573-1.6.13-215.sl6.573.i686.rpm9a007d5fe787ce2e5395f89020e01913b4172f7fe7481721d287e052b1d19ff1kernel-abi-whitelists-2.6.32-573.el6.noarch.rpm9fedf9ebe0b9c06cc96ec9a90f469c1adba01c3303d1b04d0dce3d7edfd68326SLSA-2015:1287-1A stack-based buffer overflow was found in the way the FreeRADIUS rlm_pap module handled long password hashes. An attacker able to make radiusd process a malformed password hash could cause the daemon to crash. (CVE-2014-2015) The freeradius packages have been upgraded to upstream version 2.2.6, which provides a number of bug fixes and enhancements over the previous version, including: * The number of dictionaries have been updated. * This update implements several Extensible Authentication Protocol (EAP) improvements. * A number of new expansions have been added, including: %{randstr:...}, %{hex:...}, %{sha1:...}, %{base64:...}, %{tobase64:...}, and %{base64tohex:...}. * Hexadecimal numbers (0x...) are now supported in %{expr:...} expansions. * This update adds operator support to the rlm_python module. * The Dynamic Host Configuration Protocol (DHCP) and DHCP relay code have been finalized. * This update adds the rlm_cache module to cache arbitrary attributes. This update also fixes the following bugs: * The /var/log/radius/radutmp file was configured to rotate at one-month intervals, even though this was unnecessary. This update removes /var/log/radius/radutmp from the installed logrotate utility configuration in the /etc/logrotate.d/radiusd file, and /var/log/radius/radutmp is no longer rotated. * The radiusd service could not write the output file created by the raddebug utility. The raddebug utility now sets appropriate ownership to the output file, allowing radiusd to write the output. * After starting raddebug using the "raddebug -t 0" command, raddebug exited immediately. A typo in the special case comparison has been fixed, and raddebug now runs for 11.5 days in this situation. * MS-CHAP authentication failed when the User-Name and MS-CHAP-User-Name attributes used different encodings, even when the user provided correct credentials. Now, MS-CHAP authentication properly handles mismatching character encodings. Authentication with correct credentials no longer fails in this situation. * Automatically generated default certificates used the SHA-1 algorithm message digest, which is considered insecure. The default certificates now use the more secure SHA-256 algorithm message digest. * During the Online Certificate Status Protocol (OCSP) validation, radiusd terminated unexpectedly with a segmentation fault after attempting to access the next update field that was not provided by the OCSP responder. Now, radiusd does not crash in this situation and instead continues to complete the OCSP validation. * Prior to this update, radiusd failed to work with some of the more recent MikroTIK attributes, because the installed directory.mikrotik file did not include them. This update adds MikroTIK attributes with IDs up to 22 to dictionary.mikrotik, and radiusd now works as expected with these attributes. After installing this update, the radiusd service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6freeradius-unixODBC-2.2.6-4.el6.i686.rpm9ff2693f0d961fcd599d034563fa4a6c485a4494f999c80ab69afdfe6c1a2a97freeradius-ldap-2.2.6-4.el6.i686.rpm48927f318bdc8f55852400a23ee597504456b58f8e4c9e936d3bd011abeab346freeradius-krb5-2.2.6-4.el6.i686.rpmade626647c85392b94ed79b1f385191dc6a1136b36ab889dafe7b95ff888d878freeradius-mysql-2.2.6-4.el6.i686.rpm1f5b66f15e3775c6ab00c085019e0ea277cd308119d3d77f5569cbb05553779efreeradius-utils-2.2.6-4.el6.i686.rpma27e959a9b0640f97e781cb68f93cee10727424053b0ae5d0ce26422800492eafreeradius-perl-2.2.6-4.el6.i686.rpmf1efb0858e12dd2f2b8333316975b4cf452df66ce5f38f160a9fd30feb3da7a3freeradius-python-2.2.6-4.el6.i686.rpmad1fe51964520daa15cc1eb19d867ff66387299bacc18bb4b9c15c213e79f8bbfreeradius-2.2.6-4.el6.i686.rpm35429a998c6af11f020d8bf9b8b28db686db3d8240e1d01856104e8b6343a309freeradius-postgresql-2.2.6-4.el6.i686.rpmf6621a180646869a9407c9c9decff218fa0f292f15bb6772b2f7339a7a33a5d8SLSA-2015:1330-1It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer. (CVE-2014-1912) It was discovered that multiple Python standard library modules implementing network protocols (such as httplib or smtplib) failed to restrict the sizes of server responses. A malicious server could cause a client using one of the affected modules to consume an excessive amount of memory. (CVE-2013-1752) It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose the source code of the scripts in the cgi-bin directory. (CVE-2014-4650) An integer overflow flaw was found in the way the buffer() function handled its offset and size arguments. An attacker able to control these arguments could use this flaw to disclose portions of the application memory or cause it to crash. (CVE-2014-7185)moderateScientific Linux FermiScientific Linux Fermi 6python-devel-2.6.6-64.el6.i686.rpm64d37cdba06e67990513c1e359240e059468a98b3331ae58b3528d3ce8979e67python-libs-2.6.6-64.el6.i686.rpm745f78f84494ab138dd80b6e04330a916e049c83db53a43ed1184fbeca01aa45python-test-2.6.6-64.el6.i686.rpm0349248a06e1f151d5a60280a407986d089dd1a98624c9eb262675e5a816cc75python-tools-2.6.6-64.el6.i686.rpm30429d14347a6accdfe9f01d0a39ede651b3835c2dedff776ab93579cb03d4f8tkinter-2.6.6-64.el6.i686.rpmcfbe28a649753f77735c5a81a00027400e574992243f4fd3adf7e438c24ac134python-2.6.6-64.el6.i686.rpme9c12ee26184aaf927d015d1a23c4c5cbfa1a38d639d4fc321331db7deb7756bSLSA-2015:1344-1It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system. (CVE-2014-8169) Note: This issue has been fixed by adding the "AUTOFS_" prefix to the affected environment variables so that they are not used to subvert the system. A configuration option ("force_standard_program_map_env") to override this prefix and to use the environment variables without the prefix has been added. In addition, warnings have been added to the manual page and to the installed configuration file. Now, by default the standard variables of the program map are provided only with the prefix added to its name. Bug fixes: * If the "ls *" command was executed before a valid mount, the autofs program failed on further mount attempts inside the mount point, whether the mount point was valid or not. While attempting to mount, the "ls *" command of the root directory of an indirect mount was executed, which led to an attempt to mount "*", causing it to be added to the negative map entry cache. This bug has been fixed by checking for and not adding "*" while updating the negative map entry cache. * The autofs program by design did not mount host map entries that were duplicate exports in an NFS server export list. The duplicate entries in a multi-mount map entry were recognized as a syntax error and autofs refused to perform mounts when the duplicate entries occurred. Now, autofs has been changed to continue mounting the last seen instance of the duplicate entry rather than fail, and to report the problem in the log files to alert the system administrator. * The autofs program did not recognize the yp map type in the master map. This was caused by another change in the master map parser to fix a problem with detecting the map format associated with mapping the type in the master map. The change led to an incorrect length for the type comparison of yp maps that resulted in a match operation failure. This bug has been fixed by correcting the length which is used for the comparison. * The autofs program did not update the export list of the Sun-format maps of the network shares exported from an NFS server. This happened due to a change of the Sun-format map parser leading to the hosts map update to stop working on the map re-read operation. The bug has been now fixed by selectively preventing this type of update only for the Sun-formatted maps. The updates of the export list on the Sun-format maps are now visible and refreshing of the export list is no longer supported for the Sun-formatted hosts map. * Within changes made for adding of the Sun-format maps, an incorrect check was added that caused a segmentation fault in the Sun-format map parser in certain circumstances. This has been now fixed by analyzing the intent of the incorrect check and changing it in order to properly identify the conditions without causing a fault. * A bug in the autofs program map lookup module caused an incorrect map format type comparison. The incorrect comparison affected the Sun-format program maps where it led to the unused macro definitions. The bug in the comparison has been fixed so that the macro definitions are not present for the Sun-format program maps.moderateScientific Linux FermiScientific Linux Fermi 6autofs-5.0.5-113.el6.i686.rpm63d2a4eadeefd93a35bf6495451298ccc088970439a0a6f8d63e79e546cb89c5SLSA-2015:1347-1Multiple cross-site scripting flaws were discovered in the Red Hat Certificate System Agent and End Entity pages. An attacker could use these flaws to perform a cross-site scripting (XSS) attack against victims using the Certificate System's web interface. (CVE-2012-2662) This update also fixes the following bugs: * Previously, pki-core required the SSL version 3 (SSLv3) protocol ranges to communicate with the 389-ds-base packages. However, recent changes to 389-ds-base disabled the default use of SSLv3 and enforced using protocol ranges supported by secure protocols, such as the TLS protocol. As a consequence, the CA failed to install during an Identity Management (IdM) server installation. This update adds TLS-related parameters to the server.xml file of the CA to fix this problem, and running the ipa-server- install command now installs the CA as expected. * Previously, the ipa-server-install script failed when attempting to configure a stand-alone CA on systems with OpenJDK version 1.8.0 installed. The pki-core build and runtime dependencies have been modified to use OpenJDK version 1.7.0 during the stand-alone CA configuration. As a result, ipa-server-install no longer fails in this situation. * Creating a Scientific Linux 7 replica from a Scientific Linux 6 replica running the CA service sometimes failed in IdM deployments where the initial Scientific Linux 6 CA master had been removed. This could cause problems in some situations, such as when migrating from Scientific Linux 6 to Scientific Linux 7. The bug occurred due to a problem in a previous version of IdM where the subsystem user, created during the initial CA server installation, was removed together with the initial master. This update adds the restore-subsystem-user.py script that restores the subsystem user in the described situation, thus enabling administrators to create a Scientific Linux 7 replica in this scenario. * Several Java import statements specify wildcard arguments. However, due to the use of wildcard arguments in the import statements of the source code contained in the Scientific Linux 6 maintenance branch, a name space collision created the potential for an incorrect class to be utilized. As a consequence, the Token Processing System (TPS) rebuild test failed with an error message. This update addresses the bug by supplying the fully named class in all of the affected areas, and the TPS rebuild test no longer fails. * Previously, pki-core failed to build with the rebased version of the CMake build system during the TPS rebuild test. The pki-core build files have been updated to comply with the rebased version of CMake. As a result, pki-core builds successfully in the described scenario.moderateScientific Linux FermiScientific Linux Fermi 6pki-silent-9.0.3-43.el6.noarch.rpma046c828ae6dc55df01fda568cafab7507c0cf4ad03ba5068c2aaaa55258ad12pki-setup-9.0.3-43.el6.noarch.rpma1ecdc611a08d743208cd37fef1dd28d1f1263abb13211a1b95ad1597436d07apki-selinux-9.0.3-43.el6.noarch.rpmea9418f2fd4929fef6af758b575bdc0267269f8f89e8d413b79486f1d4125cfcpki-ca-9.0.3-43.el6.noarch.rpmafb97af0a9db794df594112f06a9ed34f9904ef526517b9fcf8b4b85d5363a1apki-symkey-9.0.3-43.el6.i686.rpma9b8d6dc23e35e10887f4a610e0e98fcc2c4d8d949ddcb8d21f2d707f2b81c2bpki-java-tools-javadoc-9.0.3-43.el6.noarch.rpmbdb91b12cf0f3d4c5a9dcea2fbea88f19877d1d95dcee2b8a51d1a0e68c3de6dpki-util-javadoc-9.0.3-43.el6.noarch.rpm87de3240280bda9f36eff1166016ce360221f5092e16d343d36e00b8f053a5fdpki-util-9.0.3-43.el6.noarch.rpm775771b302ee3153deb67493d1d3fe38eb48efc7715f5fbcfdccbd11c7a1aad3pki-common-9.0.3-43.el6.noarch.rpm923cf685a2465c25f097bb1bf923af3462e3cd1de63116f55cad7dd8e86c2878pki-native-tools-9.0.3-43.el6.i686.rpmfec32863a438d3e57481100701525e53c26759125f6d1d7a66ae51370cba884bpki-java-tools-9.0.3-43.el6.noarch.rpmb8ac4aad4d5f8191a363aca3367a4ce1cc617363068c146aeae236c517d684a7pki-common-javadoc-9.0.3-43.el6.noarch.rpm3abaceb56db91919c093ae88f4c26e41bcea1cbad347238076aae1a400bdf9d4SLSA-2015:1385-1A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash. (CVE-2014-3565) This update also fixes the following bugs: * The HOST-RESOURCES-MIB::hrSystemProcesses object was not implemented because parts of the HOST-RESOURCES-MIB module were rewritten in an earlier version of net-snmp. Consequently, HOST-RESOURCES- MIB::hrSystemProcesses did not provide information on the number of currently loaded or running processes. With this update, HOST-RESOURCES- MIB::hrSystemProcesses has been implemented, and the net-snmp daemon reports as expected. * The Net-SNMP agent daemon, snmpd, reloaded the system ARP table every 60 seconds. As a consequence, snmpd could cause a short CPU usage spike on busy systems with a large APR table. With this update, snmpd does not reload the full ARP table periodically, but monitors the table changes using a netlink socket. * Previously, snmpd used an invalid pointer to the current time when periodically checking certain conditions specified by the "monitor" option in the /etc/snmpd/snmpd.conf file. Consequently, snmpd terminated unexpectedly on start with a segmentation fault if a certain entry with the "monitor" option was used. Now, snmpd initializes the correct pointer to the current time, and snmpd no longer crashes on start. * Previously, snmpd expected 8-bit network interface indices when processing HOST-RESOURCES-MIB::hrDeviceTable. If an interface index of a local network interface was larger than 30,000 items, snmpd could terminate unexpectedly due to accessing invalid memory. Now, processing of all network sizes is enabled, and snmpd no longer crashes in the described situation. * The snmpdtrapd service incorrectly checked for errors when forwarding a trap with a RequestID value of 0, and logged "Forward failed" even though the trap was successfully forwarded. This update fixes snmptrapd checks and the aforementioned message is now logged only when appropriate. * Previously, snmpd ignored the value of the "storageUseNFS" option in the /etc/snmpd/snmpd.conf file. As a consequence, NFS drivers were shown as "Network Disks", even though "storageUseNFS" was set to "2" to report them as "Fixed Disks" in HOST-RESOURCES-MIB::hrStorageTable. With this update, snmpd takes the "storageUseNFS" option value into account, and "Fixed Disks" NFS drives are reported correctly. * Previously, the Net-SNMP python binding used an incorrect size (8 bytes instead of 4) for variables of IPADDRESS type. Consequently, applications that were using Net-SNMP Python bindings could send malformed SNMP messages. With this update, the bindings now use 4 bytes for variables with IPADRESS type, and only valid SNMP messages are sent. * Previously, the snmpd service did not cut values in HOST-RESOURCES- MIB::hrStorageTable to signed 32-bit integers, as required by SNMP standards, and provided the values as unsigned integers. As a consequence, the HOST-RESOURCES-MIB::hrStorageTable implementation did not conform to RFC 2790. The values are now cut to 32-bit signed integers, and snmpd is therefore standard compliant.moderateScientific Linux FermiScientific Linux Fermi 6net-snmp-utils-5.5-54.el6.i686.rpm159c8b5ebc7da032820636b42d8a49a1f4dbdc117cf68ecb163f04b82f4f09f9net-snmp-libs-5.5-54.el6.i686.rpmeef856b6a7304ff55f8459a7671bb3303e3c9c38150af601b4abbc1fb5cddb2fnet-snmp-devel-5.5-54.el6.i686.rpm961fd16ce9943645271130baeee80b7872747a55f7053c8a75f6b0c026f6b95bnet-snmp-5.5-54.el6.i686.rpm1830d04ec442b84d83a286c8d104fcfee0db93ba22b603d66958fd856e2895cenet-snmp-perl-5.5-54.el6.i686.rpm44bfa06b740f1813d009e9b103d4327538ee62c719dc28dda1619e009fd78b2enet-snmp-python-5.5-54.el6.i686.rpm506d23b7868f1fe68d94f02069233fdfe086071aea1790efe022d90550c8287eSLSA-2015:1409-1It was discovered that sudo did not perform any checks of the TZ environment variable value. If sudo was configured to preserve the TZ environment variable, a local user with privileges to execute commands via sudo could possibly use this flaw to achieve system state changes not permitted by the configured commands. (CVE-2014-9680) Note: The default sudoers configuration in Scientific Linux 6 removes the TZ variable from the environment in which commands run by sudo are executed. This update also fixes the following bugs: * Previously, the sudo utility child processes could sometimes become unresponsive because they ignored the SIGPIPE signal. With this update, SIGPIPE handler is properly restored in the function that reads passwords from the user, and the child processes no longer ignore SIGPIPE. As a result, sudo child processes do not hang in this situation. * Prior to this update, the order in which sudo rules were processed did not honor the user-defined sudoOrder attribute. Consequently, sudo rules were processed in an undefined order even when the user defined the order in sudoOrder. The implementation of SSSD support in sudo has been modified to sort the rules according to the sudoOrder value, and sudo rules are now sorted in the order defined by the user in sudoOrder. * Previously, sudo became unresponsive after the user issued a command when a sudoers source was mentioned multiple times in the /etc/nsswitch.conf file. The problem occurred when nsswitch.conf contained, for example, the "sudoers: files sss sss" entry. The sudoers source processing code has been fixed to correctly handle multiple instances of the same sudoers source. As a result, sudo no longer hangs when a sudoers source is mentioned multiple times in /etc/nsswitch.conf. In addition, this update adds the following enhancement: * The sudo utility now supports I/O logs compressed using the zlib library. With this update, sudo can generate zlib compressed I/O logs and also process zlib compressed I/O logs generated by other versions of sudo with zlib support.moderateScientific Linux FermiScientific Linux Fermi 6sudo-1.8.6p3-19.el6.i686.rpm30661fb92dc00887f8f4be208b993a54e53c75b3ad38685034bbebbe58f60b67sudo-devel-1.8.6p3-19.el6.i686.rpmb318fe2229695b340005fcdcb7e43feaa253f173c33ed2cc1936ba631703916eSLSA-2015:1417-1It was found that mailman did not sanitize the list name before passing it to certain MTAs. A local attacker could use this flaw to execute arbitrary code as the user running mailman. (CVE-2015-2775) It was found that mailman stored private email messages in a world- readable directory. A local user could use this flaw to read private mailing list archives. (CVE-2002-0389) This update also fixes the following bugs: * Previously, it was impossible to configure Mailman in a way that Domain- based Message Authentication, Reporting & Conformance (DMARC) would recognize Sender alignment for Domain Key Identified Mail (DKIM) signatures. Consequently, Mailman list subscribers that belonged to a mail server with a "reject" policy for DMARC, such as yahoo.com or AOL.com, were unable to receive Mailman forwarded messages from senders residing in any domain that provided DKIM signatures. With this update, domains with a "reject" DMARC policy are recognized correctly, and Mailman list administrators are able to configure the way these messages are handled. As a result, after a proper configuration, subscribers now correctly receive Mailman forwarded messages in this scenario. * Mailman used a console encoding when generating a subject for a "welcome email" when new mailing lists were created by the "newlist" command. Consequently, when the console encoding did not match the encoding used by Mailman for that particular language, characters in the "welcome email" could be displayed incorrectly. Mailman has been fixed to use the correct encoding, and characters in the "welcome email" are now displayed properly. * The "rmlist" command used a hardcoded path to list data based on the VAR_PREFIX configuration variable. As a consequence, when the list was created outside of VAR_PREFIX, it was impossible to remove it using the "rmlist" command. With this update, the "rmlist" command uses the correct LIST_DATA_DIR value instead of VAR_PREFIX, and it is now possible to remove the list in described situation. * Due to an incompatibility between Python and Mailman in Scientific Linux 6, when moderators were approving a moderated message to a mailing list and checked the "Preserve messages for the site administrator" checkbox, Mailman failed to approve the message and returned an error. This incompatibility has been fixed, and Mailman now approves messages as expected in this scenario. * When Mailman was set to not archive a list but the archive was not set to private, attachments sent to that list were placed in a public archive. Consequently, users of Mailman web interface could list private attachments because httpd configuration of public archive directory allows listing all files in the archive directory. The httpd configuration of Mailman has been fixed to not allow listing of private archive directory, and users of Mailman web interface are no longer able to list private attachments.moderateScientific Linux FermiScientific Linux Fermi 6mailman-2.1.12-25.el6.i686.rpm205c0e5756ac2619a210416e8b8f2afcba118f356b51aaa0c1b4f5e977030051SLSA-2015:1419-1A denial of service flaw was found in the way the libxml2 library parsed certain XML files. An attacker could provide a specially crafted XML file that, when parsed by an application using libxml2, could cause that application to use an excessive amount of memory. (CVE-2015-1819) This update also fixes the following bug: This update fixes an error that occurred when running a test case for the serialization of HTML documents. The desktop must be restarted (log out, then log back in) for this update to take effect.lowScientific Linux FermitruetrueScientific Linux Fermi 6libxml2-devel-2.7.6-20.el6.i686.rpm58c5391cc34b0bbe4e619c1c4316db36ceba044abffd3efadc6c11d35d631772libxml2-static-2.7.6-20.el6.i686.rpm7100e367dae0083dbe2ad3ff434ae9100ff8613b6db0afe2c291b73f97c30753libxml2-2.7.6-20.el6.i686.rpmd76ff1af7773e58cbab7de599c971a351c9a14cd462998bdac71b90022789972libxml2-python-2.7.6-20.el6.i686.rpm42d275f6ae5a4a956b6b80c447540fcd27984e7829d10b7c3dcc02a6fb8bd553SLSA-2015:1424-1A flaw was found in the way pacemaker, a cluster resource manager, evaluated added nodes in certain situations. A user with read-only access could potentially assign any other existing roles to themselves and then add privileges to other users as well. (CVE-2015-1867) This update also fixes the following bugs: * Due to a race condition, nodes that gracefully shut down occasionally had difficulty rejoining the cluster. As a consequence, nodes could come online and be shut down again immediately by the cluster. This bug has been fixed, and the "shutdown" attribute is now cleared properly. * Prior to this update, the pacemaker utility caused an unexpected termination of the attrd daemon after a system update to Scientific Linux 6.6. The bug has been fixed so that attrd no longer crashes when pacemaker starts. * Previously, the access control list (ACL) of the pacemaker utility allowed a role assignment to the Cluster Information Base (CIB) with a read-only permission. With this update, ACL is enforced and can no longer be bypassed by the user without the write permission, thus fixing this bug. * Prior to this update, the ClusterMon (crm_mon) utility did not trigger an external agent script with the "-E" parameter to monitor the Cluster Information Base (CIB) when the pacemaker utility was used. A patch has been provided to fix this bug, and crm_mon now calls the agent script when the "-E" parameter is used.moderateScientific Linux FermiScientific Linux Fermi 6pacemaker-remote-1.1.12-8.el6.i686.rpm03b12000c2f725542eb16262e8abc92b4cd7a74ad6a08ece91379734183875a9pacemaker-cli-1.1.12-8.el6.i686.rpm1f32a483618af00fb43b0863060defcd2beddb5195c3f9b31023da2b9405110epacemaker-1.1.12-8.el6.i686.rpm63f460d917dd22b58fe80422e7a6409d0e110a73494e2f9dc09c6f12595d6040pacemaker-libs-devel-1.1.12-8.el6.i686.rpm02261e77f8aee5af0914e5cc5ad7b8db45d273ad6a516630917033a49b13f535pacemaker-libs-1.1.12-8.el6.i686.rpmfe4623768ae0e98816c7d3b6170ecf79a3546fbbbb182760477d0813348940fapacemaker-doc-1.1.12-8.el6.i686.rpm778fee02ce7836929f2655072c9d94d136e3e86a1430b7fd2bc623ed55bcbb9bpacemaker-cts-1.1.12-8.el6.i686.rpmca3be732595d2f757746f3d1c8ba170a80f21abbc8a06a0ce60d65fa6c70ac14pacemaker-cluster-libs-1.1.12-8.el6.i686.rpm5a71080a59444aa8572c64c16ff0a70c75e979c9d30e41e49bb0bfd04d2d38f9SLSA-2015:1439-1An integer underflow flaw, leading to a buffer over-read, was found in the way wpa_supplicant handled WMM Action frames. A specially crafted frame could possibly allow an attacker within Wi-Fi radio range to cause wpa_supplicant to crash. (CVE-2015-4142) This update includes the following enhancement: * Prior to this update, wpa_supplicant did not provide a way to require the host name to be listed in an X.509 certificate's Common Name or Subject Alternative Name, and only allowed host name suffix or subject substring checks. This update introduces a new configuration directive, 'domain_match', which adds a full host name check. After installing this update, the wpa_supplicant service will be restarted automatically.lowScientific Linux FermiScientific Linux Fermi 6wpa_supplicant-0.7.3-6.el6.i686.rpmdc362f56128f2d44592178cf80dc7ec8cce64bb2993d0864a2e429ec02a70fcfSLSA-2015:1447-1An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way grep parsed large lines of data. An attacker able to trick a user into running grep on a specially crafted data file could use this flaw to crash grep or, potentially, execute arbitrary code with the privileges of the user running grep. (CVE-2012-5667) A heap-based buffer overflow flaw was found in the way grep processed certain pattern and text combinations. An attacker able to trick a user into running grep on specially crafted input could use this flaw to crash grep or, potentially, read from uninitialized memory. (CVE-2015-1345) The grep packages have been upgraded to upstream version 2.20, which provides a number of bug fixes and enhancements over the previous version. Notably, the speed of various operations has been improved significantly. Now, the recursive grep utility uses the fts function of the gnulib library for directory traversal, so that it can handle much larger directories without reporting the "File name too long" error message, and it can operate faster when dealing with large directory hierarchies. This update also fixes the following bugs: * Prior to this update, the \w and \W symbols were inconsistently matched to the [:alnum:] character class. Consequently, regular expressions that used \w and \W in some cases had incorrect results. An upstream patch which fixes the matching problem has been applied, and \w is now matched to the [_[:alnum:]] character and \W to the [^_[:alnum:]] character consistently. * Previously, the "--fixed-regexp" command-line option was not included in the grep(1) manual page. Consequently, the manual page was inconsistent with the built-in help of the grep utility. To fix this bug, grep(1) has been updated to include a note informing the user that "--fixed-regexp" is an obsolete option. Now, the built-in help and manual page are consistent regarding the "--fixed-regexp" option. * Previously, the Perl Compatible Regular Expression (PCRE) library did not work correctly when matching non-UTF-8 text in UTF-8 mode. Consequently, an error message about invalid UTF-8 byte sequence characters was returned. To fix this bug, patches from upstream have been applied to the PCRE library and the grep utility. As a result, PCRE now skips non-UTF-8 characters as non-matching text without returning any error message.lowScientific Linux FermiScientific Linux Fermi 6grep-2.20-3.el6.i686.rpm7e2df42b48b0691e66984d4abdc31bd2e866720f188cc21bcf05d1c61bd540dfSLSA-2015:1455-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-2724, CVE-2015-2725, CVE-2015-2731, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740) It was found that Thunderbird skipped key-pinning checks when handling an error that could be overridden by the user (for example an expired certificate error). This flaw allowed a user to override a pinned certificate, which is an action the user should not be able to perform. (CVE-2015-2741) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-31.8.0-1.el6_6.i686.rpm7f3567df1f22c35055f604de3f691d019e69f2e7ebba2f634a2b2696800ff3d4SLSA-2015:1457-1It was found that GnuTLS did not check activation and expiration dates of CA certificates. This could cause an application using GnuTLS to incorrectly accept a certificate as valid when its issuing CA is already expired. (CVE-2014-8155) It was found that GnuTLS did not verify whether a hashing algorithm listed in a signature matched the hashing algorithm listed in the certificate. An attacker could create a certificate that used a different hashing algorithm than it claimed, possibly causing GnuTLS to use an insecure, disallowed hashing algorithm during certificate verification. (CVE-2015-0282) It was discovered that GnuTLS did not check if all sections of X.509 certificates indicate the same signature algorithm. This flaw, in combination with a different flaw, could possibly lead to a bypass of the certificate signature check. (CVE-2015-0294) This update also fixes the following bug: * Previously, under certain circumstances, the certtool utility could generate X.509 certificates which contained a negative modulus. Consequently, such certificates could have interoperation problems with the software using them. The bug has been fixed, and certtool no longer generates X.509 certificates containing a negative modulus.moderateScientific Linux FermiScientific Linux Fermi 6gnutls-utils-2.8.5-18.el6.i686.rpmc8804a867dbf908be9aaca75fe78dcfb9583c2b084bb475041390591d1446448gnutls-devel-2.8.5-18.el6.i686.rpma5b42bb46c9fedcef0e3788e1e7651760ae7b255a326d3f3f06f3c0ee8b5a17fgnutls-2.8.5-18.el6.i686.rpm5f59cdb9f2c36716a76b882bd4d3e4a4d982e89223ff36cb0751e0d2be88bb00gnutls-guile-2.8.5-18.el6.i686.rpm3ac598b30594ffd838bd0d25e12bba1f0f9e48989589b034dd2fc5ae8533a589SLSA-2015:1458-1A flaw was found in the way the LibreOffice HWP (Hangul Word Processor) file filter processed certain HWP documents. An attacker able to trick a user into opening a specially crafted HWP document could possibly use this flaw to execute arbitrary code with the privileges of the user opening that document. (CVE-2015-1774) The libreoffice packages have been upgraded to upstream version 4.2.8.2, which provides a number of bug fixes and enhancements over the previous version, including: * OpenXML interoperability has been improved. * This update adds additional statistics functions to the Calc application, thus improving interoperability with Microsoft Excel and its "Analysis ToolPak" add-in. * Various performance improvements have been implemented in Calc. * This update adds new import filters for importing files from the Appple Keynote and Abiword applications. * The export filter for the MathML markup language has been improved. * This update adds a new start screen that includes thumbnails of recently opened documents. * A visual clue is now displayed in the Slide Sorter window for slides with transitions or animations. * This update improves trend lines in charts. * LibreOffice now supports BCP 47 language tags.moderateScientific Linux FermiScientific Linux Fermi 6libreoffice-langpack-zh-Hant-4.2.8.2-11.el6.i686.rpmae4ef65e4bac1ebc6efbc391057bc5569f921848d528c5daafdd5b89d7ba9744libreoffice-langpack-el-4.2.8.2-11.el6.i686.rpm93843635359855dfd7bdea262c97ad43797eda7bf03507b0d060d37e42276eb7libreoffice-langpack-mr-4.2.8.2-11.el6.i686.rpm2306c52d3d2064e329214e89c2afede6d21d14e404cd2e35d736e9bc1e726a55libreoffice-langpack-ar-4.2.8.2-11.el6.i686.rpm889862e454052e18dfe933fea2328dfd32a77a04aa5f18f9bcee2027ce3d9e0blibreoffice-langpack-hi-4.2.8.2-11.el6.i686.rpmf8492669af58a4ca1e1e55518236fefc45aa3507ff5e4e05f0df20dee9a8a357libreoffice-langpack-ml-4.2.8.2-11.el6.i686.rpm9bd99800283e5d0919440d153998bfd2929e11c5e66bb94ad3b5865f1ebe81fdlibreoffice-xsltfilter-4.2.8.2-11.el6.i686.rpmc65461d2692f31e3443b333e344f3b407ed46849fa4f1334b3cecc9f00dbc53blibreoffice-sdk-4.2.8.2-11.el6.i686.rpmcb8758a49de611b06a14f9f0bd8fe25ed6e9b0013ade7a9d115ec2ee4d50b25alibreoffice-glade-4.2.8.2-11.el6.i686.rpm4b120b803c95af7e90f22702c1a1bfc1c677c238c3dc1b9c5fd887ac6e5a06e0libreoffice-langpack-hu-4.2.8.2-11.el6.i686.rpm3d1d8ca8f56c29ced606bf2319402d5a90a79f47bbf3474bfb904202b907aba7libreoffice-wiki-publisher-4.2.8.2-11.el6.i686.rpm147a2891f724c783177b38ea8b4859e7089e296f9a56a865ebd62ac12b9ba05blibreoffice-langpack-pt-BR-4.2.8.2-11.el6.i686.rpm16b438f9e3779d69937e3a539de200a36b06c16a03e47171a5c7c28d1b61f100libreoffice-langpack-af-4.2.8.2-11.el6.i686.rpm795b605555301636666922635c1349e479e6204d1a83522c1adb519807dc268flibreoffice-4.2.8.2-11.el6.i686.rpm2f0471ed46a2fce00a19788b77045ede4c3c80d698f50ce1e5411c84fcdb4bfelibreoffice-langpack-as-4.2.8.2-11.el6.i686.rpm6c7e0eb8603b0296266e9a9ad3493f8794de5948c0a49b245862e7de174f65c2libreoffice-langpack-gu-4.2.8.2-11.el6.i686.rpm6fe331aa8a6436ac9bfd3ef06edc1a965c86b5579d8cbbb99a9720b21cb67fb3libreoffice-pdfimport-4.2.8.2-11.el6.i686.rpm797f68f35c2c8f050b1456721cd1594c8dfa7c0e8f645e3020f4d8cb536879cblibreoffice-langpack-it-4.2.8.2-11.el6.i686.rpmd21a0dffa103eab4c6f63ebef90d4bf1f2fc1d4b495194f8edde52ca270b848dlibreoffice-graphicfilter-4.2.8.2-11.el6.i686.rpmfd2f0507a8f91a21097459673601c74154d9f846973e56f2d2639982976d332dautocorr-hu-4.2.8.2-11.el6.noarch.rpm4c296c7c44fd1023d06bb05ad1c184ca5b8b9ad8b47a583ea8397c22a1368a1bautocorr-de-4.2.8.2-11.el6.noarch.rpm290e486263e6770f6dad09f9fea7e2ea463ca624a74e44e39b9483ae607d45falibreoffice-langpack-tr-4.2.8.2-11.el6.i686.rpmfbb9650fe8f465264dfc7e80988fb414b69adabc0d70f0ff9d4b1609057bf6e7libreoffice-langpack-sv-4.2.8.2-11.el6.i686.rpm170888057d112a50dfd5c737b2b86e4a3f5fe87a07075e269cb7b07eac450d75libreoffice-ure-4.2.8.2-11.el6.i686.rpmcb18af0483fce5848890745603c1d3f76fa35b188a91a2db3d39715afc0f115elibreoffice-sdk-doc-4.2.8.2-11.el6.i686.rpm647cb8602e92a238dfb0e57432443cecc2f3100b40ae195823476906437c9b77libreoffice-langpack-ko-4.2.8.2-11.el6.i686.rpmc8b31a75c28f9fe796f3ed6d09af5382786c54376c5f0ce15e248ea2c2cca547libreoffice-langpack-tn-4.2.8.2-11.el6.i686.rpm9141621da775994ab562c2309d407b58127d7ab1cbd2e5d50ba9caad7a215037autocorr-ja-4.2.8.2-11.el6.noarch.rpm9cec30dac1cfece7df1dc570697ffa30bb004d545fb9476d30d95d76ba5fccb7libreoffice-langpack-kn-4.2.8.2-11.el6.i686.rpmaea75cf4f9c4386fc0e01c0492457fd86589bbd009660774b393c1ff54c4920alibreoffice-core-4.2.8.2-11.el6.i686.rpm257c1cc7392c2841dccfd50f64f049afa5379f15f9232e6db24401dee5bbcec8libreoffice-gdb-debug-support-4.2.8.2-11.el6.i686.rpmb341d41acc86cc7f8309f3a7733ee90e3a9c228d34230c84a5481d7bc4d85eealibreoffice-langpack-xh-4.2.8.2-11.el6.i686.rpm77b37e74d1c82cb5e996d252ef175fd86c978996b894327a72c7b6c711c3d905libreoffice-langpack-de-4.2.8.2-11.el6.i686.rpmc5b1854b649834bcf67f65f8c95e27009ce44b8bf59575c0d1f537645a406e7dlibreoffice-math-4.2.8.2-11.el6.i686.rpme9c07da634cd4714e6909871a03148ac726ceac6a8418756c32809b90b06e32clibreoffice-nlpsolver-4.2.8.2-11.el6.i686.rpma5ecf2854ae44eb157102bc02730617588708380b80cd0f3f04f883c40bee67clibreoffice-headless-4.2.8.2-11.el6.i686.rpmd2138270dce1f1a039709b33db92d0ac4e99b2c22d9963d37a32ddce9faa069dlibreoffice-langpack-nl-4.2.8.2-11.el6.i686.rpm5db29ab01835cf1947aa6e38767695bb314465e580b42a7f17b585ef04087876autocorr-lt-4.2.8.2-11.el6.noarch.rpmc5c5450ce5be3712f3c384fcf32464e4d0ea1262c4ccb28b8f03407a827c241elibreoffice-langpack-ts-4.2.8.2-11.el6.i686.rpma824056893ce7a7a6e7a90b52e0f2e774fd92f6d0e47252d6c4667921eebd30blibreoffice-langpack-ru-4.2.8.2-11.el6.i686.rpm02fbd70eeb5413f7c949a9316422e963aeb555c01db923fec9d2589128ee280fautocorr-en-4.2.8.2-11.el6.noarch.rpm373a696a9b3f5b532cec99bb863aaf241e8b1c929d74626699c8abb0f96fd886autocorr-sr-4.2.8.2-11.el6.noarch.rpmd05544af9a1896fba9d69cd4a41d842275b9728a459ea372e6a4df62f957b763autocorr-es-4.2.8.2-11.el6.noarch.rpm811e062e22aa4f421ed1a30083f5f9c3db0e7b4839de31a52a195bfe9a7757e7libreoffice-langpack-fi-4.2.8.2-11.el6.i686.rpm404b6de93f3785376cc3bd68f53decac5014c89dbb960730a6f2d7fd0c29b777libreoffice-langpack-ja-4.2.8.2-11.el6.i686.rpmce108ccccca5408cc4d82101e54379a38c4e7ed17284f9728cf5113efd56aae6autocorr-pt-4.2.8.2-11.el6.noarch.rpm1d79ce2b5ae8527acd1845be5329cbf1c9ce48890c31c453a24df06353c27d3blibreoffice-langpack-mai-4.2.8.2-11.el6.i686.rpmec3e83e8a2efd67e77f44059804dd1a417cd6ddd430ae5b9cccb48ccaf2c71c7libreoffice-bsh-4.2.8.2-11.el6.i686.rpmf2095b6a85f3678d96b8838c32b0556eda6c3b2334b3a7ce2845fa0804d5709blibreoffice-langpack-lt-4.2.8.2-11.el6.i686.rpm0d8ad26e2c74e61bd4eb99d62684c7f315e541500d91519b6efce35cd281f9adlibreoffice-langpack-pt-PT-4.2.8.2-11.el6.i686.rpm355a0d89f0a9ae5c2ccd5ea6f5783d47cdaa2d144945b4556abeefed727c4d50autocorr-bg-4.2.8.2-11.el6.noarch.rpma92ea91b282655195456c6703c4edcdccefd2430d90d7bfc839b2aaa2919003bautocorr-it-4.2.8.2-11.el6.noarch.rpm1be4a69d26fc758fa8b8da25151ab674a683d97a50fab6ba2cf63d55e9437569autocorr-ga-4.2.8.2-11.el6.noarch.rpmbd98c57bbeb635b5ede8ccf83c19aaeb7c4691e8116aa4b640a6bb85222e8c00autocorr-nl-4.2.8.2-11.el6.noarch.rpm7e98850e15174dd406c39a60a6092dc14a57ce4d60594f913d33e7b25c6cbb29autocorr-fi-4.2.8.2-11.el6.noarch.rpm0c28cffee93ab8b0b26ce7c91ba6b3ced00f785c8d490c9efd00e7a062a019c5libreoffice-langpack-th-4.2.8.2-11.el6.i686.rpm67a5c6a1f329a7e5adbcb87172b2b25fba6369c22000c9ba5c6a6b29df48aa78libreoffice-langpack-ur-4.2.8.2-11.el6.i686.rpmbbe7770dd9693734c756538ed3e819189b0ba44db08004577a6c1f81c6ace083libreoffice-langpack-ca-4.2.8.2-11.el6.i686.rpm871a5aa09488449a2d9c9e57a439b6299e4ed9dc552f3549c2fd39e2b6fd9812libreoffice-langpack-ta-4.2.8.2-11.el6.i686.rpm8e55faafe47f69ad001bbef9fb1f933dab9c0d9673792b0ef1a5dce73df1f633libreoffice-opensymbol-fonts-4.2.8.2-11.el6.noarch.rpm70a8e6ff3e2ea6a30421e11b1e8041b8eabeecdebd1c59eeddba51059a05279aautocorr-fr-4.2.8.2-11.el6.noarch.rpm1d69ee2ce6b78d5d6330933acc515e171c4fe9632e07c13316ca9f8eb34fe9c4libreoffice-langpack-pa-4.2.8.2-11.el6.i686.rpma0639ad4ee7389dcc3bb3218d7e31e4facdd4eaff0480d49c530f7a8ee99312dlibreoffice-writer-4.2.8.2-11.el6.i686.rpmd22a3bf30cf93aff21302f851b651c122f3fa583131d174d6be3debccb086378libreoffice-langpack-da-4.2.8.2-11.el6.i686.rpmc2c3a4856e8b761f2d3d93e0639efab17fe80189a7bea84eab758b60030200f9libreoffice-rhino-4.2.8.2-11.el6.i686.rpm97615c91dd954d15b0e6f343520f9f51d658690e03d57f247f2505163965e989autocorr-mn-4.2.8.2-11.el6.noarch.rpm8af88061a9cf47501de062a4231ab0c3ac68fdaed700a958acdd8aa90e563e9dlibreoffice-langpack-es-4.2.8.2-11.el6.i686.rpmc524d63b3111ab0bf01437d73375504410d5e475c7109d50305087c3e1ee52cblibreoffice-langpack-pl-4.2.8.2-11.el6.i686.rpm23ff6080874bbb0df195c836588a2e2a843d52d40f4a5d647c7fb6384419015blibreoffice-langpack-ms-4.2.8.2-11.el6.i686.rpmffa94017f85698358182b0080bb7693dc3d70b81238cddf54e7638e679ba5053autocorr-af-4.2.8.2-11.el6.noarch.rpm6a74299bc678f4e9f93b4eaeaad3289438786031de78ea6209d0984e4fc3a267autocorr-zh-4.2.8.2-11.el6.noarch.rpm2ea6dc9df5ebc83c9abdbfed6904133ecbefaed6393ec8c9f2de4336d6c8b198libreoffice-calc-4.2.8.2-11.el6.i686.rpmca730d9c786702b8e912b33a16fd24920d5b449e977e092a4982db57efc73a1fautocorr-hr-4.2.8.2-11.el6.noarch.rpm856813d35c09a09dd7e78d20d9294f5f6985908ec958d6632b01a72d4d3347a8libreoffice-filters-4.2.8.2-11.el6.i686.rpm479776d806594f49bb8f1cb7f6b1bc4819aa85bd4433a3c3ba770a051dffd792libreoffice-langpack-zh-Hans-4.2.8.2-11.el6.i686.rpm6c614ab87321d2eb4edc07546c5a0fa4cdedf972e474604cb48f27c9c3688723libreoffice-langpack-sr-4.2.8.2-11.el6.i686.rpm95d1cc8b6d08755df89c5b33a3676877fa9cf0f103d7999b0d9b7f0a9d17b47alibreoffice-ogltrans-4.2.8.2-11.el6.i686.rpmb446038be26301c207597cb20addb7efc72b59c920f21ddbbf0a368747add140libreoffice-langpack-en-4.2.8.2-11.el6.i686.rpm7a2b8724d9bb5ebb2b6990610c418590de09132d5b5bfdb3543433cf0d1a28balibreoffice-langpack-ss-4.2.8.2-11.el6.i686.rpm1e6d27c49f5054cf9af0182994dc434180160fe7ad965df876f9868663dc0b05libreoffice-langpack-et-4.2.8.2-11.el6.i686.rpma6620394915d19fd9c5c6235d67979df843c81c84350aee455bed0cc135a1ca3libreoffice-langpack-ve-4.2.8.2-11.el6.i686.rpmc6c9527b85f96c74a4decb90d1504f61796491794fe6618ae89e1e7c541ca7e5libreoffice-langpack-gl-4.2.8.2-11.el6.i686.rpm87afb627397000fc8b9f0fa3611c4965e63e5705b89687684964da38e9dbc267libreoffice-langpack-zu-4.2.8.2-11.el6.i686.rpm643b5799e637389ec0c6556a9d7afac47979e282a5f3f804c9551a13a1dcbd56autocorr-ro-4.2.8.2-11.el6.noarch.rpm6589c777f4fda07f55d68153128e601bf48c240762bddc29c21987f8a919018eautocorr-da-4.2.8.2-11.el6.noarch.rpmc5ffc12468db3f6523e43e6bb304cf8edc9d541b0bc8450e206ab0de7a3c1ca2libreoffice-draw-4.2.8.2-11.el6.i686.rpm50a24aa34ee08390121c8baf92c8b5615df7b197a1ed7dc23b255a51ac926429libreoffice-emailmerge-4.2.8.2-11.el6.i686.rpmf648311a1b520045524dea081eb3369d83c5595020716efeb6dd284cd3cf144alibreoffice-pyuno-4.2.8.2-11.el6.i686.rpma0782b7da6c4593aaed7127ace0d91a4814646dd28204755d2689ae6893120ddlibreoffice-langpack-uk-4.2.8.2-11.el6.i686.rpm3cc371f86817d1246bbe68115c633b16e50ba2c9b24af8a80f53d69a545a8738libreoffice-impress-4.2.8.2-11.el6.i686.rpm86c0090b6514077e558ea5ac9e266ecc8aca090aba23c0b2b5f613f6696e5572autocorr-ko-4.2.8.2-11.el6.noarch.rpm0a49a74d9cd0bdbd06c2c56e2500800f964297c9fa401e2a209b2954ce6ac096autocorr-ru-4.2.8.2-11.el6.noarch.rpm245bcd21a9fa122add2d1c18207c2e5b92e1055f221719d9e6e1140ba0fc9fbflibreoffice-langpack-nb-4.2.8.2-11.el6.i686.rpma40ef05111c90cc7ce96e193cd61f19d3ae0dceb7fd657f09791f50b250a9682autocorr-cs-4.2.8.2-11.el6.noarch.rpmdf3b9fbc9001da5c4fbee1b5e8c652954c8be5d7d7ceab25dd698c025dfdd210autocorr-vi-4.2.8.2-11.el6.noarch.rpmdd2dcd37e870aae103d955d23713935cf59d4d8b31d8b72b1a1f7908ea2bc08eautocorr-sv-4.2.8.2-11.el6.noarch.rpm35c6dc9cfba458d522730d82007293e12dc81aca8218856c5dd7c510e7b06957libreoffice-langpack-hr-4.2.8.2-11.el6.i686.rpm046eb3d3194a8d074ced44e68fe164067babec7ada6519f64a013ae042b5bc0blibreoffice-langpack-cy-4.2.8.2-11.el6.i686.rpme5d903006e53aaca555e11e42bbf85487c743ef6cf08e50940c3147978c5f206libreoffice-langpack-ro-4.2.8.2-11.el6.i686.rpm15956325a60e7b0e01625a311800165b97053ee5d2be52f54b94f36f0e29ec69libreoffice-langpack-nso-4.2.8.2-11.el6.i686.rpmf8b55d3aa7f02b6a8011022fb08afd27e883172551fad1c2547f921aa099afaflibreoffice-langpack-sk-4.2.8.2-11.el6.i686.rpm321d456abf89862c4a509cb56591f3a6d171f3a45b2c47b25610fdf6b992ba34libreoffice-langpack-or-4.2.8.2-11.el6.i686.rpm556e6b5cdcbf960023c452c6e195fb23f88ae51df4a8982dfb467dc0ef04648elibreoffice-langpack-bg-4.2.8.2-11.el6.i686.rpm6cbfcd8b904058ccdfbe44a9bc198b67db1159dd385b56e13fb546a78fc097ablibreoffice-langpack-dz-4.2.8.2-11.el6.i686.rpm54d20cf9ab81ff3456b56b76cde63d424e1942f5aa01efa302ce5652ee19f876autocorr-pl-4.2.8.2-11.el6.noarch.rpm2a460da3f5b56156044f768f5be1528f63412a393478f7bba727a58fbe0ed393libreoffice-langpack-ga-4.2.8.2-11.el6.i686.rpm6f3b928f23d92bf230aa738ecd6156b3a17eb0ba166e00a62d0852e1bd566a18libreoffice-langpack-bn-4.2.8.2-11.el6.i686.rpmad1e07bf07cedd13e9b836f8c03352fa40468d21b42331e560167a8593251823libreoffice-langpack-te-4.2.8.2-11.el6.i686.rpmfb3b420ef04092097a7469f603630203b3c87b1e161c9ebc9a59acfecbd3ff22libreoffice-langpack-nn-4.2.8.2-11.el6.i686.rpmaab91c6f6b23d627c34d9a6d577cab7da4e267072bd2d83533c461c549539a8elibreoffice-langpack-fr-4.2.8.2-11.el6.i686.rpm4f291bd952709bd4c467a41c4f6115df6a4be55d82a63780db665bcbc9bf91bbautocorr-is-4.2.8.2-11.el6.noarch.rpm9fe6e569511f028e28302cc1926ec4f76adf0ac627df64611338d30535f711cdautocorr-sl-4.2.8.2-11.el6.noarch.rpm917de0d45620f3a9d8ddaa6ef23a15cf32a162ac64ed84c6ab8a3aabe8533558libreoffice-langpack-nr-4.2.8.2-11.el6.i686.rpmb101b99ca620af539f0f5a5ef5edc1dc8c3640273e0cc6c11267b24944e08699libreoffice-langpack-sl-4.2.8.2-11.el6.i686.rpm2480a73a2d15a5d6d250063f9526da6ca2ab554a60f419d719bfaa471d1223a6autocorr-ca-4.2.8.2-11.el6.noarch.rpmb03b798d8eb6622083ce3982f2f6acab8ae5245304d9442b211f2ac109ed24c6libreoffice-langpack-eu-4.2.8.2-11.el6.i686.rpm2a7be88206bb5f0235b2a4d12cc237fc470c1ae4245915d5c377f6c271dd9fedlibreoffice-langpack-he-4.2.8.2-11.el6.i686.rpm7b406b479e9e58d71201c7046bf67394578a6ca8d96b1b8177bfd09c4d573e7alibreoffice-langpack-st-4.2.8.2-11.el6.i686.rpm8756c7095a0da1dfd1dd55147fd2287af53314421fe1b54b61f4a16d42f22327libreoffice-librelogo-4.2.8.2-11.el6.i686.rpm4b657bf0ecee0b230e8436f4f1d509c753ae9b7d1af503024497bdedeebceb53libreoffice-langpack-cs-4.2.8.2-11.el6.i686.rpmc7d7eeb3aa98743837d9c4356c5b47ac4aafd6f0912e9862050fc2305e3c1ca5autocorr-tr-4.2.8.2-11.el6.noarch.rpm6c509b22ab8f12889963bee720b1459429126e21867a7a05cfac8d278524b6f7autocorr-lb-4.2.8.2-11.el6.noarch.rpm12271be8ea87a62f772b8ee16c8e3a7634d2156ff893b81e5d77ff13fa4f7762autocorr-sk-4.2.8.2-11.el6.noarch.rpme26319d060dff149b2e900719a4b3d534ed8ce38ae0ba1cf88272aa7ca0a4820autocorr-fa-4.2.8.2-11.el6.noarch.rpmf3b5d1316e00d4eafd0391f4634b5966631a86cba83cb81135d54160fbb5eeeflibreoffice-base-4.2.8.2-11.el6.i686.rpm68e177f664b821e2f83589a987390056074486b5b520d77457f92bebddabdcadSLSA-2015:1459-1It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses. (CVE-2014-9298) A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers. (CVE-2015-1799) A flaw was found in the way the ntp-keygen utility generated MD5 symmetric keys on big-endian systems. An attacker could possibly use this flaw to guess generated MD5 keys, which could then be used to spoof an NTP client or server. (CVE-2015-3405) A stack-based buffer overflow was found in the way the NTP autokey protocol was implemented. When an NTP client decrypted a secret received from an NTP server, it could cause that client to crash. (CVE-2014-9297) It was found that ntpd did not check whether a Message Authentication Code (MAC) was present in a received packet when ntpd was configured to use symmetric cryptographic keys. A man-in-the-middle attacker could use this flaw to send crafted packets that would be accepted by a client or a peer without the attacker knowing the symmetric key. (CVE-2015-1798) Bug fixes: * The ntpd daemon truncated symmetric keys specified in the key file to 20 bytes. As a consequence, it was impossible to configure NTP authentication to work with peers that use longer keys. The maximum length of keys has now been changed to 32 bytes. * The ntp-keygen utility used the exponent of 3 when generating RSA keys, and generating RSA keys failed when FIPS mode was enabled. ntp-keygen has been modified to use the exponent of 65537, and generating keys in FIPS mode now works as expected. * The ntpd daemon included a root delay when calculating its root dispersion. Consequently, the NTP server reported larger root dispersion than it should have and clients could reject the source when its distance reached the maximum synchronization distance (1.5 seconds by default). Calculation of root dispersion has been fixed, the root dispersion is now reported correctly, and clients no longer reject the server due to a large synchronization distance. * The ntpd daemon dropped incoming NTP packets if their source port was lower than 123 (the NTP port). Clients behind Network Address Translation (NAT) were unable to synchronize with the server if their source port was translated to ports below 123. With this update, ntpd no longer checks the source port number. Enhancements: * This update introduces configurable access of memory segments used for Shared Memory Driver (SHM) reference clocks. Previously, only the first two memory segments were created with owner-only access, allowing just two SHM reference clocks to be used securely on a system. Now, the owner-only access to SHM is configurable with the "mode" option, and it is therefore possible to use more SHM reference clocks securely. * Support for nanosecond resolution has been added to the SHM reference clock. Prior to this update, when a Precision Time Protocol (PTP) hardware clock was used as a time source to synchronize the system clock (for example, with the timemaster service from the linuxptp package), the accuracy of the synchronization was limited due to the microsecond resolution of the SHM protocol. The nanosecond extension in the SHM protocol now enables sub-microsecond synchronization of the system clock.moderateScientific Linux FermiScientific Linux Fermi 6ntp-doc-4.2.6p5-5.el6.noarch.rpm92c420d92841d229a1809da97debcd3d3a139aa5f769af3d4bfd3858bc114a64ntp-4.2.6p5-5.el6.i686.rpm2a65be6d5770a5857e6f2d9e282a9b8acb76a5f5b35d5aa45e4fdadc44e7740entpdate-4.2.6p5-5.el6.i686.rpm24e528f032e2b02262d3e5c10710d8ebc26409425ea4ca9e44a717c8ce8f17bdntp-perl-4.2.6p5-5.el6.i686.rpm8e7bccf811743f122da8110d5d227c88e6a82e4342a696b46e9d4c180c81380fSLSA-2015:1460-1Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-8714, CVE-2014-8712, CVE-2014-8713, CVE-2014-8711, CVE-2014-8710, CVE-2015-0562, CVE-2015-0564, CVE-2015-2189, CVE-2015-2191) This update also fixes the following bugs: * Previously, the Wireshark tool did not support Advanced Encryption Standard Galois/Counter Mode (AES-GCM) cryptographic algorithm. As a consequence, AES-GCM was not decrypted. Support for AES-GCM has been added to Wireshark, and AES-GCM is now correctly decrypted. * Previously, when installing the system using the kickstart method, a dependency on the shadow-utils packages was missing from the wireshark packages, which could cause the installation to fail with a "bad scriptlet" error message. With this update, shadow-utils are listed as required in the wireshark packages spec file, and kickstart installation no longer fails. * Prior to this update, the Wireshark tool could not decode types of elliptic curves in Datagram Transport Layer Security (DTLS) Client Hello. Consequently, Wireshark incorrectly displayed elliptic curves types as data. A patch has been applied to address this bug, and Wireshark now decodes elliptic curves types properly. * Previously, a dependency on the gtk2 packages was missing from the wireshark packages. As a consequence, the Wireshark tool failed to start under certain circumstances due to an unresolved symbol, "gtk_combo_box_text_new_with_entry", which was added in gtk version 2.24. With this update, a dependency on gtk2 has been added, and Wireshark now always starts as expected. In addition, this update adds the following enhancements: * With this update, the Wireshark tool supports process substitution, which feeds the output of a process (or processes) into the standard input of another process using the "<(command_list)" syntax. When using process substitution with large files as input, Wireshark failed to decode such input. * Wireshark has been enhanced to enable capturing packets with nanosecond time stamp precision, which allows better analysis of recorded network traffic. All running instances of Wireshark must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6wireshark-gnome-1.8.10-17.el6.i686.rpmd8d0a9ae77b8baa7b1fefb21ccfcbbbc97424dde99ddcae519619f78f46ecc3cwireshark-devel-1.8.10-17.el6.i686.rpmdcca16926cb85c78b3930d54968446de861277f513b45db22d092a8a400d5642wireshark-1.8.10-17.el6.i686.rpm03e265a72c5de1147f6c0787dd2fd02b0566261aceb0054becae480ee18eb4e5SLSA-2015:1462-1Note: The IdM version provided by this update no longer uses jQuery. Bug fixes: * The ipa-server-install, ipa-replica-install, and ipa-client-install utilities are not supported on machines running in FIPS-140 mode. Previously, IdM did not warn users about this. Now, IdM does not allow running the utilities in FIPS-140 mode, and displays an explanatory message. * If an Active Directory (AD) server was specified or discovered automatically when running the ipa-client-install utility, the utility produced a traceback instead of informing the user that an IdM server is expected in this situation. Now, ipa-client-install detects the AD server and fails with an explanatory message. * When IdM servers were configured to require the TLS protocol version 1.1 (TLSv1.1) or later in the httpd server, the ipa utility failed. With this update, running ipa works as expected with TLSv1.1 or later. * In certain high-load environments, the Kerberos authentication step of the IdM client installer can fail. Previously, the entire client installation failed in this situation. This update modifies ipa-client- install to prefer the TCP protocol over the UDP protocol and to retry the authentication attempt in case of failure. * If ipa-client-install updated or created the /etc/nsswitch.conf file, the sudo utility could terminate unexpectedly with a segmentation fault. Now, ipa-client-install puts a new line character at the end of nsswitch.conf if it modifies the last line of the file, fixing this bug. * The ipa-client-automount utility failed with the "UNWILLING_TO_PERFORM" LDAP error when the nsslapd-minssf Red Hat Directory Server configuration parameter was set to "1". This update modifies ipa-client-automount to use encrypted connection for LDAP searches by default, and the utility now finishes successfully even with nsslapd-minssf specified. * If installing an IdM server failed after the Certificate Authority (CA) installation, the "ipa-server-install --uninstall" command did not perform a proper cleanup. After the user issued "ipa-server-install --uninstall" and then attempted to install the server again, the installation failed. Now, "ipa-server-install --uninstall" removes the CA-related files in the described situation, and ipa-server-install no longer fails with the mentioned error message. * Running ipa-client-install added the "sss" entry to the sudoers line in nsswitch.conf even if "sss" was already configured and the entry was present in the file. Duplicate "sss" then caused sudo to become unresponsive. Now, ipa-client-install no longer adds "sss" if it is already present in nsswitch.conf. * After running ipa-client-install, it was not possible to log in using SSH under certain circumstances. Now, ipa-client-install no longer corrupts the sshd_config file, and the sshd service can start as expected, and logging in using SSH works in the described situation. * An incorrect definition of the dc attribute in the /usr/share/ipa/05rfc2247.ldif file caused bogus error messages to be returned during migration. The attribute has been fixed, but the bug persists if the copy-schema-to-ca.py script was run on Scientific Linux 6.6 prior to running it on Scientific Linux 6.7. To work around this problem, manually copy /usr/share/ipa/schema/05rfc2247.ldif to /etc/dirsrv /slapd-PKI-IPA/schema/ and restart IdM.moderateScientific Linux FermiScientific Linux Fermi 6ipa-server-3.0.0-47.el6.i686.rpmd17a49b8c9c1a7b93b921e9a883f43b317e71eb4645ab57550586caac41ecbc5ipa-admintools-3.0.0-47.el6.i686.rpm63f732fb0eb88cd32d1cfd7721d7970919cafffcbf25635f874cd886b337f205ipa-python-3.0.0-47.el6.i686.rpmcbdbdd4e85841acffe4ec059afeab3eedbfc61b55036cae9687038a30352d081ipa-server-trust-ad-3.0.0-47.el6.i686.rpmbd17e5508f6a244b82f1a399ec52309b5753fde43cbf2392cb9d726196df81b7ipa-server-selinux-3.0.0-47.el6.i686.rpmba6bce9d7c3e78d600aaf6c7a39d3e73d857d5286711c00de6899c1ab34bc52cipa-client-3.0.0-47.el6.i686.rpm35779e6fbe758f0cc100735cc2819e0e3ef7ec76eb811ae33dbcb797356dbb59SLSA-2015:1471-1A flaw was found in the way BIND performed DNSSEC validation. An attacker able to make BIND (functioning as a DNS resolver with DNSSEC validation enabled) resolve a name in an attacker-controlled domain could cause named to exit unexpectedly with an assertion failure. (CVE-2015-4620) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-chroot-9.8.2-0.37.rc1.el6_7.1.i686.rpmb2cf12033b068720d15d9e4c7abfb71140d18a426cd03a5a34888ecf23a0fc8dbind-sdb-9.8.2-0.37.rc1.el6_7.1.i686.rpm6bbee33dd085feea625713a3d054540fbea0860cc1a905b0be5a280e7bf0e988bind-utils-9.8.2-0.37.rc1.el6_7.1.i686.rpma41e889a58c82e63df1133d0f661abed05e2c758c1b35500f0a6ec6caa881dbabind-libs-9.8.2-0.37.rc1.el6_7.1.i686.rpmc91ac19f6ae46ceab137c8682dcdb6fcb30af2b0b774e556bb87296babb6d795bind-9.8.2-0.37.rc1.el6_7.1.i686.rpm295febc4e5ef34790af7722ec89d1e6a5af9da5cd446846868d9cb930fbf0509bind-devel-9.8.2-0.37.rc1.el6_7.1.i686.rpme3fcaa2d365264f30f6c11972cadf58db0aae40bc4d83568e31e94c1849f6a36SLSA-2015:1482-1Two flaws were found in the way the libuser library handled the /etc/passwd file. A local attacker could use an application compiled against libuser (for example, userhelper) to manipulate the /etc/passwd file, which could result in a denial of service or possibly allow the attacker to escalate their privileges to root. (CVE-2015-3245, CVE-2015-3246)importantScientific Linux FermiScientific Linux Fermi 6libuser-devel-0.56.13-8.el6_7.i686.rpm396d7c1e88fbbde67fdb51da92aa5f073b4b684341c1985a583f459d4d74aaaclibuser-python-0.56.13-8.el6_7.i686.rpm647925b09604d9b3358268b4a63bfbba726834d4a80702d8bca32b51fa46df01libuser-0.56.13-8.el6_7.i686.rpm9f48b004098e617510e0b1de10df67f61106388ab810ec5fc230717159c65818SLSA-2015:1513-1A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named (functioning as an authoritative DNS server or a DNS resolver) exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2015-5477) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-libs-9.8.2-0.37.rc1.el6_7.2.i686.rpm23b6d24ba5e508df74ded38bd71606fc2c89349ea64913da722f5ae814488c77bind-chroot-9.8.2-0.37.rc1.el6_7.2.i686.rpm5dc11cc46b53cfd5428cdc0981ff9a162b9b92f99ed41c9a4f38307ae3a1a33fbind-utils-9.8.2-0.37.rc1.el6_7.2.i686.rpm5b6d80deebdc2513465905f25130853ea30f2f6d15380b4dd1bdd46859d2f83bbind-9.8.2-0.37.rc1.el6_7.2.i686.rpm3f956a2b503adf22710ee08cc6ccaa203ee0d78e6c7ab777e0d7145354fcff17bind-devel-9.8.2-0.37.rc1.el6_7.2.i686.rpm2c78eda06f3f11997551a1496c8cf1ce6a42a1d849bf63864e425283379ed69cbind-sdb-9.8.2-0.37.rc1.el6_7.2.i686.rpm44fdb18dd4a3ced07d44f3fed8c91b9a3f3dc4d8f3a1eb358fb66b4339d558faSLSA-2015:1526-1Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol (OCSP) responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid. (CVE-2015-4748) It was discovered that the JCE component in OpenJDK failed to use constant time comparisons in multiple cases. An attacker could possibly use these flaws to disclose sensitive information by measuring the time used to perform operations using these non-constant time comparisons. (CVE-2015-2601) A flaw was found in the RC4 encryption algorithm. When using certain keys for RC4 encryption, an attacker could obtain portions of the plain text from the cipher text without the knowledge of the encryption key. (CVE-2015-2808) A flaw was found in the way the TLS protocol composed the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them to decrypt all traffic. (CVE-2015-4000) It was discovered that the JNDI component in OpenJDK did not handle DNS resolutions correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution. (CVE-2015-4749) Multiple information leak flaws were found in the JMX and 2D components in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-2621, CVE-2015-2632) A flaw was found in the way the JSSE component in OpenJDK performed X.509 certificate identity verification when establishing a TLS/SSL connection to a host identified by an IP address. In certain cases, the certificate was accepted as valid if it was issued for a host name to which the IP address resolves rather than for the IP address. (CVE-2015-2625) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-demo-1.6.0.36-1.13.8.1.el6_7.i686.rpm1b223f5fc3a2a94cffdaea399b5c4b5797c2713a19dce9fe1623fb8556c58359java-1.6.0-openjdk-devel-1.6.0.36-1.13.8.1.el6_7.i686.rpm6d9f7b78ef4b80443229ceade0d7a652c1a7e1a687aa12cd16bcafc9e3fe3241java-1.6.0-openjdk-src-1.6.0.36-1.13.8.1.el6_7.i686.rpm8201841634ccc6c320868cab8b2b862ad2b6e0f00fc5682e0f7e3b040ab9fd7fjava-1.6.0-openjdk-1.6.0.36-1.13.8.1.el6_7.i686.rpm32f9dc88de5410aaecfcaa9dd854ef37b7b304ee53565f697dd148cd4173b5a3java-1.6.0-openjdk-javadoc-1.6.0.36-1.13.8.1.el6_7.i686.rpmd1c619cd95afaa023b4c6d69e35b6b76841d4d295951337b138024a4b6c41e67SLSA-2015:1581-1A flaw was discovered in Mozilla Firefox that could be used to violate the same-origin policy and inject web script into a non-privileged part of the built-in PDF file viewer (PDF.js). An attacker could create a malicious web page that, when viewed by a victim, could steal arbitrary files (including private SSH keys, the /etc/passwd file, and other potentially sensitive files) from the system running Firefox. (CVE-2015-4495) After installing the update, Firefox must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6firefox-38.1.1-1.el6_7.i686.rpm82d1fdace438c6d140af17a8f87bbc3ab9ded8aa0c9cffa872c73709c4fab1d1SLSA-2015:1586-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-4473, CVE-2015-4475, CVE-2015-4478, CVE-2015-4479, CVE-2015-4480, CVE-2015-4493, CVE-2015-4484, CVE-2015-4491, CVE-2015-4485, CVE-2015-4486, CVE-2015-4487, CVE-2015-4488, CVE-2015-4489, CVE-2015-4492) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-38.2.0-4.el6_7.i686.rpm48fdbdf8e4d14df086d299390ed8b63a1dd9fb70e0cb2bbe42289e4c4a1b61acSLSA-2015:1623-1Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. (CVE-2015-5364, CVE-2015-5366, Important) This update also fixes the following bugs: * When removing a directory, and a reference was held to that directory by a reference to a negative child dentry, the directory dentry was previously not killed. In addition, once the negative child dentry was killed, an unlinked and unused dentry was present in the cache. As a consequence, deadlock could be caused by forcing the dentry eviction while the file system in question was frozen. With this update, all unused dentries are unhashed and evicted just after a successful directory removal, which avoids the deadlock, and the system no longer hangs in the aforementioned scenario. * Due to the broken s_umount lock ordering, a race condition occurred when an unlinked file was closed and the sync (or syncfs) utility was run at the same time. As a consequence, deadlock occurred on a frozen file system between sync and a process trying to unfreeze the file system. With this update, sync (or syncfs) is skipped on a frozen file system, and deadlock no longer occurs in the aforementioned situation. * Previously, in the scenario when a file was opened by file handle (fhandle) with its dentry not present in dcache ("cold dcache") and then making use of the unlink() and close() functions, the inode was not freed upon the close() system call. As a consequence, the iput() final was delayed indefinitely. A patch has been provided to fix this bug, and the inode is now freed as expected. * Due to a corrupted Executable and Linkable Format (ELF) header in the /proc/vmcore file, the kdump utility failed to provide any information. The underlying source code has been patched, and kdump now provides debuging information for kernel crashes as intended. * Previously, running the multipath request queue caused regressions in cases where paths failed regularly under I/O load. This regression manifested as I/O stalls that exceeded 300 seconds. This update reverts the changes aimed to reduce running the multipath request queue resulting in I/O stalls completing in a timely manner. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-2.6.32-573.3.1.el6.i686.rpm8a37064c7debce410243130f12dc8e9422d7020f9ac7d6d9f84ce73e13092823perf-2.6.32-573.3.1.el6.i686.rpm6fbc10a2b001b1f2d9a66e8387bcb092327906684dbd8263926bd2adf41f980ekernel-headers-2.6.32-573.3.1.el6.i686.rpmae55b5f88761a136203cdc042e561e9813c63b0df5a0f57d3add7506c8d5d6dekernel-doc-2.6.32-573.3.1.el6.noarch.rpm94055d578420fd899d7bb813a69496015a2c0189a31842569ab7402708efeb33kernel-2.6.32-573.3.1.el6.i686.rpm9195ee555192445c70ba969a9e195b2b0be5e8b4b396a1c6737392d9c2c21892python-perf-2.6.32-573.3.1.el6.i686.rpm51f71fab3d2ff8d5a0f263730264c0241af332a99984c1e7d95d671e44a66242kernel-firmware-2.6.32-573.3.1.el6.noarch.rpm0f53c136b1cfae20234794b2e6b2ec9f9f1fa4246669e842eed2d13f24ca7ff0kernel-debug-devel-2.6.32-573.3.1.el6.i686.rpm17c9d7de04ab333f3c3b4410d3363d91a386740d8beba17c60c2febfbe2cf9cckernel-abi-whitelists-2.6.32-573.3.1.el6.noarch.rpmd75e2f8afe1966ebe8b9ff35f2de4576d041a02259d0281ec114a187b27a5640kernel-devel-2.6.32-573.3.1.el6.i686.rpm69a840c5700bf07eb148821421b774767bd4d4557b9050bfe1ab518a70f0199cSLSA-2015:1633-1An assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server (both svnserve and httpd with the mod_dav_svn module) to crash. (CVE-2015-0248) It was found that the mod_dav_svn module did not properly validate the svn:author property of certain requests. An attacker able to create new revisions could use this flaw to spoof the svn:author property. (CVE-2015-0251) It was found that when an SVN server (both svnserve and httpd with the mod_dav_svn module) searched the history of a file or a directory, it would disclose its location in the repository if that file or directory was not readable (for example, if it had been moved). (CVE-2015-3187) After installing the updated packages, for the update to take effect, you must restart the httpd daemon, if you are using mod_dav_svn, and the svnserve daemon, if you are serving Subversion repositories via the svn:// protocol.moderateScientific Linux FermiScientific Linux Fermi 6subversion-gnome-1.6.11-15.el6_7.i686.rpmfaadcaa10a13ce7b8a4fc38c43f1c7ff8dbe3f0ff21b6185447ed0d3faf2efaasubversion-devel-1.6.11-15.el6_7.i686.rpm94e2fa44fe5d531a9d4a94069202fdf65bb5433fd34b6df065332ad88f031e84subversion-ruby-1.6.11-15.el6_7.i686.rpmf68693cfdd7bf241b8e4c468ff65a5837fcf1bbeeb43879b1b4145140e60076dmod_dav_svn-1.6.11-15.el6_7.i686.rpm5208fdc5fc8cc0129b7865ab323d56d9acca12a09c52c1c7ad35eef8a3d3321asubversion-javahl-1.6.11-15.el6_7.i686.rpm94c5d919dd8ff6a62a733b98e2ce9c047b167c07d92882a80906c0fede604fc1subversion-kde-1.6.11-15.el6_7.i686.rpm05081f17470327038d5a8be20af6455c743ccb344e4daf6045db24c0db6549e4subversion-1.6.11-15.el6_7.i686.rpm4eabf58461a19f464e6b546535a882b40ba42585e04fa88f67a964032e2d7f2csubversion-perl-1.6.11-15.el6_7.i686.rpm131ae904d82887363912a7e1b6328eac85db8126acf7e5536a453d4eb019412csubversion-svn2cl-1.6.11-15.el6_7.noarch.rpmbf6c67ea20a40fed4d4cc42e3c9425b988094887041d04d182af8520b673e4ecSLSA-2015:1634-1It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3416)moderateScientific Linux FermiScientific Linux Fermi 6sqlite-tcl-3.6.20-1.el6_7.2.i686.rpm1254fa0012dd0b4ed13dffcda8f2b6b6ff8dd910280915d64ac14d404b9605d4sqlite-doc-3.6.20-1.el6_7.2.i686.rpmfcd2b06f46a0f9676d3fae2aa07805d42d97276bda9483ed023436ff7ac11cb4sqlite-3.6.20-1.el6_7.2.i686.rpmb7ef1c45963f5fe8845e58cec3b3510e56524f056e7e39e43a6d949106839b2dsqlite-devel-3.6.20-1.el6_7.2.i686.rpm8379d4e61eaf37c06505ece543cb7ef01ddebd386f3d93ecb9ac27b0ff0bfbedlemon-3.6.20-1.el6_7.2.i686.rpm06ed945dcf3f1b5200b929399f4c3ba00a6e99ed07ca887d8c6bb12485a391aaSLSA-2015:1636-1It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd. (CVE-2015-5621)moderateScientific Linux FermiScientific Linux Fermi 6net-snmp-devel-5.5-54.el6_7.1.i686.rpm65851eadb0c449d4ba8576fc6a3b0dc194cfa84548d856a619fbe72818845a8anet-snmp-5.5-54.el6_7.1.i686.rpmff9af3b970d3c1185d2cc549822eac974abe04c26b3f39e01901e760412cbf9enet-snmp-perl-5.5-54.el6_7.1.i686.rpm29caa09298bfe4ae03f0cef304a47d9e0889246b0c8ac3a0c00a66316fec20a0net-snmp-python-5.5-54.el6_7.1.i686.rpm9ad093076a4d2972bc5133c94e2d437203dd228b35aba251d54bb3e4c674909enet-snmp-libs-5.5-54.el6_7.1.i686.rpmde85cf7186b6bf46b6eb5b4b9645ca0a64b4afe6fa0d749842cc8709ecb28e05net-snmp-utils-5.5-54.el6_7.1.i686.rpm19c243e8aaacf13db7518fc8c39f0c84ab59ff7e0999f5244861c8889d8685f0SLSA-2015:1640-1It was discovered that the _unix_run_helper_binary() function of PAM's unix_pam module could write to a blocking pipe, possibly causing the function to become unresponsive. An attacker able to supply large passwords to the unix_pam module could use this flaw to enumerate valid user accounts, or cause a denial of service on the system. (CVE-2015-3238)moderateScientific Linux FermiScientific Linux Fermi 6pam-1.1.1-20.el6_7.1.i686.rpmd1621b55e1e8e9d42f2331b521cb4efa2120ed41db2cb89632b091c7b3878036pam-devel-1.1.1-20.el6_7.1.i686.rpm1e137fbc41346a6c72269cebe67940b36b1bbdf81329e9ab222807f7e0f4f7d1SLSA-2015:1668-1Multiple flaws were found in the way httpd parsed HTTP requests and responses using chunked transfer encoding. A remote attacker could use these flaws to create a specially crafted request, which httpd would decode differently from an HTTP proxy software in front of it, possibly leading to HTTP request smuggling attacks. (CVE-2015-3183) After installing the updated packages, the httpd service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6httpd-tools-2.2.15-47.sl6.i686.rpm7c425b90c695ad3c920aa9493714b5b955ababbcd37a2dde0c45cb67c96ed456httpd-manual-2.2.15-47.sl6.noarch.rpm18db703d8732e0e731ca18a752b62768a70410426cdf075d0a5806ba7e02a69dhttpd-2.2.15-47.sl6.i686.rpm6d97763d7afa042ec41cf6b2fe08ad01c172a2926fa4fefcdbad4602e921fe0chttpd-devel-2.2.15-47.sl6.i686.rpmaaac898d26cc97615d43d3d28b7b32f8d1f7f377ef03bdf6f93e68a10e45382cmod_ssl-2.2.15-47.sl6.i686.rpm54960ad97179a7b42618d6d77f7fbbf8def47d1c43111482d4b47ee0997e41a8SLSA-2015:1682-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-4473, CVE-2015-4491, CVE-2015-4487, CVE-2015-4488, CVE-2015-4489) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message because JavaScript is disabled by default for mail messages. However, they could be exploited in other ways in Thunderbird (for example, by viewing the full remote content of an RSS feed). After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-38.2.0-4.el6_7.i686.rpm3ba8607f911a1842cec09434be578375acf33592077569a2abd525d4ea02859eSLSA-2015:1693-1A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-4497) A flaw was found in the way Firefox handled installation of add-ons. An attacker could use this flaw to bypass the add-on installation prompt, and trick the user inso installing an add-on from a malicious source. (CVE-2015-4498) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-38.2.1-1.el6_7.i686.rpma836363f257f09014d32234f687732a4c0f9e654036597302e3d89d34074b627SLSA-2015:1694-1An integer overflow, leading to a heap-based buffer overflow, was found in the way gdk-pixbuf, an image loading library for GNOME, scaled certain bitmap format images. An attacker could use a specially crafted BMP image file that, when processed by an application compiled against the gdk- pixbuf library, would cause that application to crash or execute arbitrary code with the permissions of the user running the application. (CVE-2015-4491)moderateScientific Linux FermiScientific Linux Fermi 6gdk-pixbuf2-devel-2.24.1-6.el6_7.i686.rpmb81de2e03e8c4620acde593ae42f5e73eb970a4aae8e229f80e3b17580295fd5gdk-pixbuf2-2.24.1-6.el6_7.i686.rpm1189d54bcf65fb05f5854c6b9743c56db70605c403201ea9bd1e6c7062e9914aSLSA-2015:1695-1It was found that the Java Standard Tag Library (JSTL) allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on the host system and, potentially, allowing arbitrary code execution. (CVE-2015-0254) Note: additional configuration may be required: This version uses JAXP’s FEATURE_SECURE_PROCESSING to restrict XML processing. Depending on the Java runtime version in use. Java8: External entity access is automatically disabled if a SecurityManager is active. Java7: JAXP properties may need to be used to disable external access. See http://docs.oracle.com/javase/tutorial/jaxp/properties/properties.html Java6 and earlier: A new system property org.apache.taglibs.standard.xml.accessExternalEntity may be used to specify the protocols that can be used to access external entities. This defaults to “all” if no SecurityManager is present and to “” (thereby disabling access) if a SecurityManager is detected.importantScientific Linux FermiScientific Linux Fermi 6jakarta-taglibs-standard-1.1.1-11.7.el6_7.noarch.rpm616756046fea79357db5b9ba7e6a051150d4ee156efe210276201ee5c7eb0655jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7.noarch.rpm2223007eea20c9e2aac11d95dfee25fd5a103878f6b3d7131ea271922ed4c8d8SLSA-2015:1699-1A flaw was found in the way NSS verified certain ECDSA (Elliptic Curve Digital Signature Algorithm) signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks. (CVE-2015-2730)moderateScientific Linux FermiScientific Linux Fermi 6nss-softokn-devel-3.14.3-23.el6_7.i686.rpm5bad8326dbacdc0e00c4598fed0472660a16616085ade853ab7966a7b3e02144nss-softokn-freebl-3.14.3-23.el6_7.i686.rpm4708139ddf6d3afb16125be2f6720086b662b2c8b99dda1f838be724d95dcaeanss-softokn-3.14.3-23.el6_7.i686.rpmedba8e85df8c9badc0f106b54aa56f0b9ad5bf260900a0aacd20546150eb9a40nss-softokn-freebl-devel-3.14.3-23.el6_7.i686.rpmfdc3eb7a853448f5eaac64424577997a1a4b3bd1553a15020292e51fd21fdfe3SLSA-2015:1700-1A command injection flaw was found in the pcsd web UI. An attacker able to trick a victim that was logged in to the pcsd web UI into visiting a specially crafted URL could use this flaw to execute arbitrary code with root privileges on the server hosting the web UI. (CVE-2015-5190) A race condition was found in the way the pcsd web UI backend performed authorization of user requests. An attacker could use this flaw to send a request that would be evaluated as originating from a different user, potentially allowing the attacker to perform actions with permissions of a more privileged user. (CVE-2015-5189)importantScientific Linux FermiScientific Linux Fermi 6pcs-0.9.139-9.el6_7.1.i686.rpm4e426081b3325c56230959cc1b72bf895a3fbe1d3275993592f602e1816efbabSLSA-2015:1705-1A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query (for example, a query requiring a response from a zone containing a deliberately malformed key) that would cause named functioning as a validating resolver to crash. (CVE-2015-5722) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-chroot-9.8.2-0.37.rc1.el6_7.4.i686.rpmcf79517a7486d50cb5f628b838144dbadb6a6ef152325e2f072ba1ea4f4a65c3bind-libs-9.8.2-0.37.rc1.el6_7.4.i686.rpmba412205dd4629e97172ed1ab51459411be4933c4f99d5b4842a4621b6d6ab1ebind-9.8.2-0.37.rc1.el6_7.4.i686.rpme0b958da8c61376a3898d78b691e05b1749350a124a359cc4bb36f1c24de8a28bind-devel-9.8.2-0.37.rc1.el6_7.4.i686.rpm060e2b7fd6ffc15cd25d09e3320b10338509a878f76ae1c89ca6dc81dcfa1810bind-utils-9.8.2-0.37.rc1.el6_7.4.i686.rpm33138f696325225dff3bdb129c63bd259f61e5d9911ab2f9fa934487ac250016bind-sdb-9.8.2-0.37.rc1.el6_7.4.i686.rpm514e0c9742ae328edfa40005be986554903b26cc2bb7fcdeec0a5b84dfdc24aaSLSA-2015:1708-1An integer overflow flaw was found in the way libXfont processed certain Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. (CVE-2015-1802) An integer truncation flaw was discovered in the way libXfont processed certain Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with the privileges of the X.Org server. (CVE-2015-1804) A NULL pointer dereference flaw was discovered in the way libXfont processed certain Glyph Bitmap Distribution Format (BDF) fonts. A malicious, local user could use this flaw to crash the X.Org server. (CVE-2015-1803)importantScientific Linux FermiScientific Linux Fermi 6libXfont-devel-1.4.5-5.el6_7.i686.rpm935ad069f19cbedcf487a8364025bd3a5fd5f2858cb676668bd496883dfb3699libXfont-1.4.5-5.el6_7.i686.rpmea16a0f758e29ce196048ab0327551c67d7aa517391a6db4063e35020e645893SLSA-2015:1741-1An implementation error related to the memory management of request and responses was found within HAProxy's buffer_slow_realign() function. An unauthenticated remote attacker could possibly use this flaw to leak certain memory buffer contents from a past request or session. (CVE-2015-3281)importantScientific Linux FermiScientific Linux Fermi 6haproxy-1.5.4-2.el6_7.1.i686.rpmaaebfd5f95846cc8099c9e179ed2acddf77aaa65ed6d05221d8d06f4aaa2ede5SLSA-2015:1833-1An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory. (CVE-2015-5165) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.moderateScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.479.el6_7.1.i686.rpm28da1c500350b92c48f15eb162ddeb17ee8620e5b24ce198f7cb956ee2728bfdSLSA-2015:1834-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-4500, CVE-2015-4509, CVE-2015-4510) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-38.3.0-2.el6_7.i686.rpm48e3de1a511f02c837038dc9526e4c56629253f4c0a6d0c93b09fbba45539735SLSA-2015:1840-1A flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain Basic Encoding Rules (BER) data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. (CVE-2015-6908)importantScientific Linux FermiScientific Linux Fermi 6openldap-2.4.40-6.el6_7.i686.rpm60dfd2a88c9f903ef9e55ba4b14ba0d50bd78a633c3cb09fd7b179286ec7ef74openldap-servers-sql-2.4.40-6.el6_7.i686.rpm3212b90ae2f9cc26e7257bf6cd262deac0762e5e62e3ba86af648b96c4e02bffopenldap-devel-2.4.40-6.el6_7.i686.rpm334c4e10a7f8386124a37f0ab3fa55879a79216d5217b0fe5c7f552e94ba4e07openldap-clients-2.4.40-6.el6_7.i686.rpm5fdbd44a8ce3f54c6ba5aadf946f5e71d7fa9de8adee037f070cf4dae1cdef4bopenldap-servers-2.4.40-6.el6_7.i686.rpm2f05bf4d69841ceac3336d3319f26e55d4c0d9e3d95120754e5f32b2010dac94SLSA-2015:1852-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-4500, CVE-2015-4509, CVE-2015-4517, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180) Two information leak flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to disclose sensitive information or, in certain cases, crash. (CVE-2015-4519, CVE-2015-4520) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message because JavaScript is disabled by default for mail messages. However, they could be exploited in other ways in Thunderbird (for example, by viewing the full remote content of an RSS feed). After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-38.3.0-1.el6_7.i686.rpm34afe582de57ced978cd27fefc038d8854a433b6bc58c1e4eb3f9269aaac2852SLSA-2015:1917-1It was discovered that libwmf did not correctly process certain WMF (Windows Metafiles) with embedded BMP images. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly use this flaw to execute arbitrary code with the privileges of the user running the application. (CVE-2015-0848, CVE-2015-4588) It was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash or execute arbitrary code with the privileges of the user running the application. (CVE-2015-4696) It was discovered that libwmf did not properly process certain WMF files. By tricking a victim into opening a specially crafted WMF file in an application using libwmf, a remote attacker could possibly exploit this flaw to cause a crash. (CVE-2015-4695) After installing the update, all applications using libwmf must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6libwmf-devel-0.2.8.4-25.el6_7.i686.rpmc4dba2f81a41b70f008faf529729ad8851f85a8cc6bb06579131123762189379libwmf-lite-0.2.8.4-25.el6_7.i686.rpmaabf8d04324a9ac5fd2f0e75a2628c23cdd6b1a750eef94c00048810f1ae4c30libwmf-0.2.8.4-25.el6_7.i686.rpm91e100060d6c7cb92dded33d39c9dd4787c5943dd59287a42cafae1214ab8c67SLSA-2015:1919-1Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883, CVE-2015-4860, CVE-2015-4805, CVE-2015-4844) Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed. (CVE-2015-4803, CVE-2015-4893, CVE-2015-4911) A flaw was found in the way the Libraries component in OpenJDK handled certificate revocation lists (CRL). In certain cases, CRL checking code could fail to report a revoked certificate, causing the application to accept it as trusted. (CVE-2015-4868) It was discovered that the Security component in OpenJDK failed to properly check if a certificate satisfied all defined constraints. In certain cases, this could cause a Java application to accept an X.509 certificate which does not meet requirements of the defined policy. (CVE-2015-4872) Multiple flaws were found in the Libraries, 2D, CORBA, JAXP, JGSS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4806, CVE-2015-4840, CVE-2015-4882, CVE-2015-4842, CVE-2015-4734, CVE-2015-4903) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.8.0-openjdk-demo-1.8.0.65-0.b17.el6_7.i686.rpm60d29ffec71f90ce515799f5def7489812b5ce14d148dca53075459379e9f36bjava-1.8.0-openjdk-devel-1.8.0.65-0.b17.el6_7.i686.rpm6fdae3eab753b9f5fcacfec78ec8471061d6882ed8c5462bae81671fb1362104java-1.8.0-openjdk-headless-debug-1.8.0.65-0.b17.el6_7.i686.rpmb9288b97e9d6e7622f53dc173ebbeaba7ae006b69493000c3c1a7fdaffb3075ejava-1.8.0-openjdk-headless-1.8.0.65-0.b17.el6_7.i686.rpm3bfcd6e418341ee9850831db4c779ce981da28d47506f2c22f4095a5a810650fjava-1.8.0-openjdk-demo-debug-1.8.0.65-0.b17.el6_7.i686.rpm32ad653c96ce74f47974a59031745d023480d0bf754622df3171b6016c59bf28java-1.8.0-openjdk-src-debug-1.8.0.65-0.b17.el6_7.i686.rpmec3ef22e1735932c3cdf3078d25ac622dd8c4024a5978a69594c4642985ef7c0java-1.8.0-openjdk-devel-debug-1.8.0.65-0.b17.el6_7.i686.rpm7bcd69e9c2ba5b731dd69bd5adb152832104b7cd4e87b2469bcd3d42dfece05ejava-1.8.0-openjdk-1.8.0.65-0.b17.el6_7.i686.rpm2879b4a1978a21f0ab50a2a62b90d3c3f4ba49db8d0519452a88b520779d613bjava-1.8.0-openjdk-javadoc-debug-1.8.0.65-0.b17.el6_7.noarch.rpm2e32cefc74b512c73be259b19132c6813d203a05ce46e80edb6140d37c06184ajava-1.8.0-openjdk-src-1.8.0.65-0.b17.el6_7.i686.rpm59f333e682d29e25d91633040dc8dd4b404894466ba8d5320e559b23f4b8a570java-1.8.0-openjdk-javadoc-1.8.0.65-0.b17.el6_7.noarch.rpm9339a660eb9009e22c3dfccfeda888e8d003210a63f673d8f6421dd6e14c598ajava-1.8.0-openjdk-debug-1.8.0.65-0.b17.el6_7.i686.rpm053d5f66afd27466a0830c8b9d2a27648e976dc07921174b92e7ff4eda22c131SLSA-2015:1920-1Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883, CVE-2015-4860, CVE-2015-4805, CVE-2015-4844) Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed. (CVE-2015-4803, CVE-2015-4893, CVE-2015-4911) It was discovered that the Security component in OpenJDK failed to properly check if a certificate satisfied all defined constraints. In certain cases, this could cause a Java application to accept an X.509 certificate which does not meet requirements of the defined policy. (CVE-2015-4872) Multiple flaws were found in the Libraries, 2D, CORBA, JAXP, JGSS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4806, CVE-2015-4840, CVE-2015-4882, CVE-2015-4842, CVE-2015-4734, CVE-2015-4903) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-demo-1.7.0.91-2.6.2.2.el6_7.i686.rpmdadcc87391840c7a4a8b7260a0b2f80d2b5a4d45621e4212f2d39074d0348fecjava-1.7.0-openjdk-1.7.0.91-2.6.2.2.el6_7.i686.rpm56ca41f63ca1006aebd25985ed1e85c1086d1100f82e9338b870130451e9da0cjava-1.7.0-openjdk-javadoc-1.7.0.91-2.6.2.2.el6_7.noarch.rpm1f97a870919146bb9c758922b20528d790247d77eeaf7e3a2d49f781ef2f0e74java-1.7.0-openjdk-devel-1.7.0.91-2.6.2.2.el6_7.i686.rpmb6fa4c9a99b1939e5b25c1edb99c4a053c349ebb35eb174f0e500f91da491615java-1.7.0-openjdk-src-1.7.0.91-2.6.2.2.el6_7.i686.rpm0dae0d67ccabcc03b8ad6c75b24333bcdb9e204154f78fc339efda4298837ef5SLSA-2015:1924-1A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance (denial of service) or potentially execute arbitrary code on the host. (CVE-2015-5279) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.479.el6_7.2.i686.rpmb24a149db75da3a4f092b01e9f598dddce731a3fad09f1c8c5ed6118caed3f62SLSA-2015:1930-1It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and effectively disable synchronization with the server. (CVE-2015-7704) It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. A man-in-the-middle attacker able to intercept NTP traffic between a connecting client and an NTP server could use this flaw to force that client to make multiple steps larger than the panic threshold, effectively changing the time to an arbitrary value. (CVE-2015-5300) After installing the update, the ntpd daemon will restart automatically.importantScientific Linux FermiScientific Linux Fermi 6ntpdate-4.2.6p5-5.el6_7.2.i686.rpmc2cec6a52cc7ecaa96ca52ed83c7120ea726d64bdfa1f3a3537218e7f9e4978dntp-doc-4.2.6p5-5.el6_7.2.noarch.rpm66cd4ea82ff2d86259855109a2bb43c0d23ca8f630ecdd48c251ed869d7c634entp-perl-4.2.6p5-5.el6_7.2.i686.rpmdea726ba8f9b8332a42231379ad210eea526e72b2b8cb1cb1877490bef82b6c4ntp-4.2.6p5-5.el6_7.2.i686.rpm5c5f26cfea2127255089e8f10735002045c02b044470f57cec9d72b7a46d9fb8SLSA-2015:1981-1A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182) A heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183) Note: Applications using NSPR's PL_ARENA_ALLOCATE, PR_ARENA_ALLOCATE, PL_ARENA_GROW, or PR_ARENA_GROW macros need to be rebuild against the fixed nspr packages to completely resolve the CVE-2015-7183 issue. This erratum includes nss and nss-utils packages rebuilt against the fixed nspr version.criticalScientific Linux FermiScientific Linux Fermi 6nss-tools-3.19.1-5.el6_7.i686.rpme5682788eebf1b3e12bb92830edffe7ef6058ec2941c5e89fa41c32101041aa4nss-3.19.1-5.el6_7.i686.rpma01fc67fe6ac145ad4e9114e4bee299c490c8b27bdcd03a55c3e4f17ea77cd20nss-util-devel-3.19.1-2.el6_7.i686.rpmaecafb877ddb9748b18a014f86e13a8a7d960ffbdf0d1a489e9c6d6e8c059884nss-util-3.19.1-2.el6_7.i686.rpm9c7944f88c35c7eb10efe5341c4aa6e53d1440aa52d8346f31033f4446c6d795nspr-4.10.8-2.el6_7.i686.rpm54537ff7d07641fbd16514fe1c1b8e590918d01c7123c4ac48c3cd1e257e9e1enss-pkcs11-devel-3.19.1-5.el6_7.i686.rpmf6d95487c691c5632d09f3230d72a1779b02d0035d3ff84b12ea85230ab96738nss-devel-3.19.1-5.el6_7.i686.rpm7a1381bf5106d668800756454046c787122b6972b129557a3cb8e4b6e3f20f95nss-sysinit-3.19.1-5.el6_7.i686.rpmb3e23ce5f0285beedc2b756754ced50c620b38d0359110c291b2551c26014871nspr-devel-4.10.8-2.el6_7.i686.rpm90b3c35f27b4f4b8f9b7a5ade6b9579714c4f14311b38fc189ba017654817a94SLSA-2015:1982-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-4513, CVE-2015-7189, CVE-2015-7194, CVE-2015-7196, CVE-2015-7198, CVE-2015-7197) A same-origin policy bypass flaw was found in the way Firefox handled certain cross-origin resource sharing (CORS) requests. A web page containing malicious content could cause Firefox to disclose sensitive information. (CVE-2015-7193) A same-origin policy bypass flaw was found in the way Firefox handled URLs containing IP addresses with white-space characters. This could lead to cross-site scripting attacks. (CVE-2015-7188) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-38.4.0-1.el6_7.i686.rpm872c5a26a9641179ec22171d191c606b055de6cbd9d2ecd4049cc948eb7fc64cSLSA-2015:2019-1It was found that SSSD's Privilege Attribute Certificate (PAC) responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon application configured to authenticate using the PAC responder plug-in. (CVE-2015-5292) This update also fixes the following bugs: * Previously, SSSD did not correctly handle sudo rules that applied to groups with names containing special characters, such as the "(" opening parenthesis sign. Consequently, SSSD skipped such sudo rules. The internal sysdb search has been modified to escape special characters when searching for objects to which sudo rules apply. As a result, SSSD applies the described sudo rules as expected. * Prior to this update, SSSD did not correctly handle group names containing special Lightweight Directory Access Protocol (LDAP) characters, such as the "(" or ")" parenthesis signs. When a group name contained one or more such characters, the internal cache cleanup operation failed with an I/O error. With this update, LDAP special characters in the Distinguished Name (DN) of a cache entry are escaped before the cleanup operation starts. As a result, the cleanup operation completes successfully in the described situation. * Applications performing Kerberos authentication previously increased the memory footprint of the Kerberos plug-in that parses the Privilege Attribute Certificate (PAC) information. The plug-in has been updated to free the memory it allocates, thus fixing this bug. * Previously, when malformed POSIX attributes were defined in an Active Directory (AD) LDAP server, SSSD unexpectedly switched to offline mode. This update relaxes certain checks for AD POSIX attribute validity. As a result, SSSD now works as expected even when malformed POSIX attributes are present in AD and no longer enters offline mode in the described situation. After installing the update, the sssd service will be restarted automatically. Additionally, all running applications using the PAC responder plug-in must be restarted for the changes to take effect.lowScientific Linux FermitrueScientific Linux Fermi 6libsss_idmap-1.12.4-47.el6_7.4.i686.rpmfa6118c519abdc987bbda91701a6f128554492ebd8273409ad87e32553d58f06sssd-tools-1.12.4-47.el6_7.4.i686.rpm4353f65c6ee20c84570a7432a3ff7b0534a2e9983c6bcc06a4bb18f75aad7e46libsss_simpleifp-devel-1.12.4-47.el6_7.4.i686.rpmbd9e14d4fc3df0110af8039a1542212cd11f1480b09cc3daf8215d809d065b6csssd-common-pac-1.12.4-47.el6_7.4.i686.rpme13da109862f4399879f0b34bc99b5fa102304b76fc736fec915667bd6a326eesssd-ad-1.12.4-47.el6_7.4.i686.rpm909b9e5bd69c88513b92040991d5b5f622f927d6a140ced1dc357f576682ccadlibipa_hbac-devel-1.12.4-47.el6_7.4.i686.rpm555a93797c152ba2d9fb1201bd9c48c6facaa9642390ad8c81b5d39a5aff5125sssd-ldap-1.12.4-47.el6_7.4.i686.rpmb44b88c36947cb48d89d2a21c784627bcadf0882b957bb6d35ec7ad6ef0f40c6libsss_nss_idmap-python-1.12.4-47.el6_7.4.i686.rpm21d009fce78d2a7756b0e90dcbbbde871cefd43b097479935dcb352eac010a1alibsss_simpleifp-1.12.4-47.el6_7.4.i686.rpmbdae24e57ec6d2f6e3742c29cfbf94ccbae5ad8e8acc8afee87f56b8170ec81esssd-krb5-common-1.12.4-47.el6_7.4.i686.rpmd30e485f09318500988922c6c931f684509eafe4c161c1bfe320673d376ac485sssd-dbus-1.12.4-47.el6_7.4.i686.rpmbba4c3f327972c5df34d175c156c814bdaadd22d25ec54aa421ea8359863367asssd-1.12.4-47.el6_7.4.i686.rpmf1a98ec213c02eef16a2ce7be99faa462b542ff66591a75e5206c3d52eda7a0bsssd-client-1.12.4-47.el6_7.4.i686.rpm3a18cc1a1d0077e6451eeede31d840c6735796a92ea6c68ea06835d61b08ae0elibsss_nss_idmap-devel-1.12.4-47.el6_7.4.i686.rpm1f49f6a6256493bdcd009e67277b4a62d99167c77f6ba2dfc44078cccc174cd6libsss_idmap-devel-1.12.4-47.el6_7.4.i686.rpm3ade79c469ff096b32ee847713dbd025fc0dfaba66df18768baf270c6a40d0e1libipa_hbac-python-1.12.4-47.el6_7.4.i686.rpm171e25c270bbb6112a18012279302cd64e268a83a061a2b4b4921396de0ec1f7libsss_nss_idmap-1.12.4-47.el6_7.4.i686.rpm3bbaa1de01ce497ba44e6008a764901610740b27808ee10c3181fa5ba6b6bc23python-sssdconfig-1.12.4-47.el6_7.4.noarch.rpm0e57dab5f269000696500d52f72867b79dabc2dd8291d8279cbb218cf861c94esssd-krb5-1.12.4-47.el6_7.4.i686.rpm5a9394f3de783bab38dda44eb98dc09a766fc3c3df7002b7154554b29bbe5398sssd-common-1.12.4-47.el6_7.4.i686.rpmef1b48eee5a780e7b0f659a3fac6f9136c44e66a2576c04f97f31a7f803bc2c5sssd-proxy-1.12.4-47.el6_7.4.i686.rpm290791abe4b02f2d80dd4c32630d412df25f714792012fa5b0e9bb7bbd14ec62libipa_hbac-1.12.4-47.el6_7.4.i686.rpmdb4339a6bd7e0549570f85333690eb589ea00193d5158566d9572898e5375543sssd-ipa-1.12.4-47.el6_7.4.i686.rpm5c34325316a1ac3b0692926fe1ec351c8f8a82676ac6892264aa86982ea7edd6SLSA-2015:2081-1A memory leak error was discovered in the crypt() function of the pgCrypto extension. An authenticated attacker could possibly use this flaw to disclose a limited amount of the server memory. (CVE-2015-5288) If the postgresql service is running, it will be automatically restarted after installing this update.moderateScientific Linux FermiScientific Linux Fermi 6postgresql-libs-8.4.20-4.el6_7.i686.rpm33d30d53f7aecbfcacc1e3d43e1b74665617f065e5829958cbbf521bde3322a4postgresql-docs-8.4.20-4.el6_7.i686.rpmd4f29bbc17b7b1c02afecc8e8684888a298d648653060465e87c83b164d63685postgresql-test-8.4.20-4.el6_7.i686.rpm732106a9ba614f26c2ce1f0716377a044fd112537ff671d2ec9d56d094e7a78dpostgresql-pltcl-8.4.20-4.el6_7.i686.rpmf55d24ee799b72c5f4acd55e29c089bdc64e520527e7ffd8fa003ca32d4be381postgresql-contrib-8.4.20-4.el6_7.i686.rpmc753bb84b141ec9ca888c37145e75f71668c26f2bd80d1bf1aaad7c05767788cpostgresql-plpython-8.4.20-4.el6_7.i686.rpm35223aac1b6acfdd98b25630967b57e6fba7bd753e7b579800caa90b4fc53065postgresql-devel-8.4.20-4.el6_7.i686.rpm03eb94f415612cde81a7c0dd476b170d18abf68e5e41a78825b51e1fdb132471postgresql-8.4.20-4.el6_7.i686.rpm24150af71835d0b2d05a025c93487d624ed20d6446cf8ffe5d574b987552e9f0postgresql-plperl-8.4.20-4.el6_7.i686.rpm038cc0651dedefd74250f0bf18c5198a28878e609fe699d3a8cf0bb52f797ed5postgresql-server-8.4.20-4.el6_7.i686.rpmc24fe82a5f1052abd648bac43eae03411783cd5ac5d0ba52f1c7a885a3a6c558SLSA-2015:2086-1Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883, CVE-2015-4860, CVE-2015-4805, CVE-2015-4844) Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed. (CVE-2015-4803, CVE-2015-4893, CVE-2015-4911) It was discovered that the Security component in OpenJDK failed to properly check if a certificate satisfied all defined constraints. In certain cases, this could cause a Java application to accept an X.509 certificate which does not meet requirements of the defined policy. (CVE-2015-4872) Multiple flaws were found in the Libraries, CORBA, JAXP, JGSS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4806, CVE-2015-4882, CVE-2015-4842, CVE-2015-4734, CVE-2015-4903) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-src-1.6.0.37-1.13.9.4.el6_7.i686.rpm31fef60cde1ab3712bc24576dc7ca93b1ec9c807e9eeb479db40495e0f7a4808java-1.6.0-openjdk-javadoc-1.6.0.37-1.13.9.4.el6_7.i686.rpm97fbb827f29ebb3b4e30ce37b4572f427855308a27ccf298f9b9d919f9b738b1java-1.6.0-openjdk-devel-1.6.0.37-1.13.9.4.el6_7.i686.rpm1d6e10ad9e7ac173104742f5454e51643b76627cb461c36c1524ffa08841cb7cjava-1.6.0-openjdk-1.6.0.37-1.13.9.4.el6_7.i686.rpm471305c7845a029645883148dc00fcdf0c84f70cd82ee1cee0b08f592ce294dejava-1.6.0-openjdk-demo-1.6.0.37-1.13.9.4.el6_7.i686.rpma1f01f1596bd5c4fb264dbd5a2885dc668e23c07b830ec0bd567f60caba176f2SLSA-2015:2504-1It was found that ABRT may have exposed unintended information to Red Hat Bugzilla during crash reporting. A bug in the libreport library caused changes made by a user in files included in a crash report to be discarded. As a result, Bugzilla attachments may contain data that was not intended to be made public, including host names, IP addresses, or command line options. (CVE-2015-5302) This flaw did not affect default installations of ABRT on Scientific Linux as they do not post data to Red Hat Bugzilla.moderateScientific Linux FermiScientific Linux Fermi 6libreport-plugin-logger-2.0.9-25.el6_7.i686.rpmaded2f59f2f243a61834e25754f313cfab3b856d4c860ec5a691455c93686220libreport-plugin-reportuploader-2.0.9-25.el6_7.i686.rpmb90cf89f238622cda4dd921644342c2659760565f505b68c998bc6b924bc37a2libreport-plugin-mailx-2.0.9-25.el6_7.i686.rpm2e221fb9bdeda6eb4d1f3691269b88e87f52e09c60b11c0729cc5531c242421blibreport-devel-2.0.9-25.el6_7.i686.rpma74be01ce00b6c5025075ba87933f938bbeb2db838f51a6b3882353bce72ba49libreport-newt-2.0.9-25.el6_7.i686.rpm16160a0c74656eed86788c4d9273bb910e1008aa593f35d269de5849cf3a661clibreport-gtk-2.0.9-25.el6_7.i686.rpm9413848196a8322dada57ecdc41abf96d3082a039289c1a3bed051a56423f4f7libreport-python-2.0.9-25.el6_7.i686.rpm59cf6c4247e599dc3932fd1282de8ebb645f06b34afbb4efc459263a919fdd1dlibreport-plugin-ureport-2.0.9-25.el6_7.i686.rpm67629b285f662ad29f10564dc230749b1fcb6a3b334950177a8a883b01ceaa81libreport-plugin-kerneloops-2.0.9-25.el6_7.i686.rpm4fbaf7e6e4150d86822fdc778ae3eb410150a72956a620a6fc6b94669e3f2cb3libreport-gtk-devel-2.0.9-25.el6_7.i686.rpm2e3dffe9766526fc0a7e8dad43f103b02145363268e9f5781dcdf21da8cbe935libreport-plugin-rhtsupport-2.0.9-25.el6_7.i686.rpmfd4ba4046ac65c4e0c7fc33787a97e08bfd83f2db7c3b1ded34b887a9da2c81flibreport-compat-2.0.9-25.el6_7.i686.rpma7fdc4748f3bdc0cee7ea779b58f978f8661508a6291be81fb9fe2958bb9fbc2libreport-filesystem-2.0.9-25.el6_7.i686.rpm7a74d210a34ffd36036e2bdde6b5a95486674e2341265a33c0a7a8251020e542libreport-cli-2.0.9-25.el6_7.i686.rpm8b011981948e899d2f293ba13926cd93a4d488e594999bb931d64e5b6a13b840libreport-plugin-bugzilla-2.0.9-25.el6_7.i686.rpma9a3603ce42e7a3644ddeb699e436d9e489345b5acb8ad28f1eca34255f8dbbblibreport-2.0.9-25.el6_7.i686.rpm03b9262325e61d9abe8750e6d48c67986f91d8140ed6489f4cfc424a5add38a4SLSA-2015:2519-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-4513, CVE-2015-7189, CVE-2015-7197, CVE-2015-7198, CVE-2015-7199, CVE-2015-7200) A same-origin policy bypass flaw was found in the way Thunderbird handled certain cross-origin resource sharing (CORS) requests. A web page containing malicious content could cause Thunderbird to disclose sensitive information. (CVE-2015-7193) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message because JavaScript is disabled by default for mail messages. However, they could be exploited in other ways in Thunderbird (for example, by viewing the full remote content of an RSS feed). After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-38.4.0-1.el6_7.i686.rpmad6e85bb2c54cfa24ad295cf04a9f223c494d70157b8d191fa4325dd849d8687SLSA-2015:2521-1It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons- collections library. (CVE-2015-7501) With this update, deserialization of certain classes in the commons- collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property "org.apache.commons.collections.enableUnsafeSerialization" to re-enable their deserialization. In the interim, the quickest way to resolve this specific deserialization vulnerability is to remove the vulnerable class files (InvokerTransformer, InstantiateFactory, and InstantiateTransformer) in all commons-collections jar files. Any manual changes should be tested to avoid unforseen complications. All running applications using the commons-collections library must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6jakarta-commons-collections-3.2.1-3.5.el6_7.noarch.rpm5fb947ea6da65104c417d10fb5e45e9bf18847adcfab8d08dc418cb246b1eb08jakarta-commons-collections-testframework-3.2.1-3.5.el6_7.noarch.rpm2fa06f5e9b751cb77077fcdc048ee4f9b729fb854338c6783706ccd6769c992bjakarta-commons-collections-testframework-javadoc-3.2.1-3.5.el6_7.noarch.rpm2e4efc06d6c8d8b09615da15a592974c2ba766769478ac4480efecabce1084ebjakarta-commons-collections-tomcat5-3.2.1-3.5.el6_7.noarch.rpmeb4a978b10e6906c10c064d8c7a989c4cba38c2f1001823659b4b1c0e3224b63jakarta-commons-collections-javadoc-3.2.1-3.5.el6_7.noarch.rpme49d28348fbe4332f2e7db80fcc50c59d45a0c44b5e47da67c0da5a05243fc49SLSA-2015:2549-1Several denial of service flaws were found in libxml2, a library providing support for reading, modifying, and writing XML and HTML files. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to use an excessive amount of CPU, leak potentially sensitive information, or in certain cases crash the application. (CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500 CVE-2015-7941, CVE-2015-7942, CVE-2015-8241, CVE-2015-8242, CVE-2015-8317, BZ#1213957, BZ#1281955) The desktop must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitruetrueScientific Linux Fermi 6libxml2-python-2.7.6-20.el6_7.1.i686.rpmd754321f58c5b827fced434d7dd0dcf398a15d5b71540b698a84c0ad7a26cfbflibxml2-static-2.7.6-20.el6_7.1.i686.rpm087312c9ec65dd53f011274c593f2eac55df2e89ee7aed23b22869a58c876c1blibxml2-devel-2.7.6-20.el6_7.1.i686.rpmd86a6c87efd711dc3eba75616300adf4c370a336f90463a636861e617a6d80e0libxml2-2.7.6-20.el6_7.1.i686.rpm373c803309596f13709373660f446fdeeacb897546210a2371ea94ad139e5c6bSLSA-2015:2594-1It was discovered that the png_get_PLTE() and png_set_PLTE() functions of libpng did not correctly calculate the maximum palette sizes for bit depths of less than 8. In case an application tried to use these functions in combination with properly calculated palette sizes, this could lead to a buffer overflow or out-of-bounds reads. An attacker could exploit this to cause a crash or potentially execute arbitrary code by tricking an unsuspecting user into processing a specially crafted PNG image. However, the exact impact is dependent on the application using the library. (CVE-2015-8126, CVE-2015-8472) An array-indexing error was discovered in the png_convert_to_rfc1123() function of libpng. An attacker could possibly use this flaw to cause an out-of-bounds read by tricking an unsuspecting user into processing a specially crafted PNG image. (CVE-2015-7981) This will go into the autoyum area tomorrow.moderateScientific Linux FermiScientific Linux Fermi 6libpng-1.2.49-2.el6_7.i686.rpm5fbbfa564e70243903ce88629be9faf834c205e72ebf8c65505a4c9c492dc744libpng-static-1.2.49-2.el6_7.i686.rpm13361f244a0fdd4211494e7622963c8b2e5084ea61cbba58c12b4a7ac171f070libpng-devel-1.2.49-2.el6_7.i686.rpmc23ff52e73275dc9be07d998a028bca6effe2f81437601376170a35c4b3964c5SLSA-2015:2617-1A NULL pointer derefernce flaw was found in the way OpenSSL verified signatures using the RSA PSS algorithm. A remote attacked could possibly use this flaw to crash a TLS/SSL client using OpenSSL, or a TLS/SSL server using OpenSSL if it enabled client authentication. (CVE-2015-3194) A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) A race condition flaw, leading to a double free, was found in the way OpenSSL handled pre-shared key (PSK) identify hints. A remote attacker could use this flaw to crash a multi-threaded SSL/TLS client using OpenSSL. (CVE-2015-3196) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitrueScientific Linux Fermi 6openssl-devel-1.0.1e-42.el6_7.1.i686.rpm67b5f00e0fc6680d2c17dd6b197d337e8039d944e4c1755f153eb00cc6ae9739openssl-static-1.0.1e-42.el6_7.1.i686.rpm15081d168cdb20f9d75154670153ae05aa847544170d06469ee429f252327ab9openssl-1.0.1e-42.el6_7.1.i686.rpmb4b08905dbe38efd4014324728804f008cb36d5b1af190db03245b9b5dce6088openssl-perl-1.0.1e-42.el6_7.1.i686.rpm8ee9879db5f41bf6c089ccb613331664beb1376708336d90db4433dd638f523eSLSA-2015:2619-1It was discovered that LibreOffice did not properly restrict automatic link updates. By tricking a victim into opening specially crafted documents, an attacker could possibly use this flaw to disclose contents of files accessible by the victim. (CVE-2015-4551) An integer underflow flaw leading to a heap-based buffer overflow when parsing PrinterSetup data was discovered. By tricking a user into opening a specially crafted document, an attacker could possibly exploit this flaw to execute arbitrary code with the privileges of the user opening the file. (CVE-2015-5212) An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way LibreOffice processed certain Microsoft Word .doc files. By tricking a user into opening a specially crafted Microsoft Word .doc document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file. (CVE-2015-5213) It was discovered that LibreOffice did not properly sanity check bookmark indexes. By tricking a user into opening a specially crafted document, an attacker could possibly use this flaw to execute arbitrary code with the privileges of the user opening the file. (CVE-2015-5214)moderateScientific Linux FermiScientific Linux Fermi 6libreoffice-langpack-nso-4.2.8.2-11.el6_7.1.i686.rpm111bf1bdae5fd03ab78d5c87ff408ddca3dc795b9e9eb5614571d50778ff8b58libreoffice-nlpsolver-4.2.8.2-11.el6_7.1.i686.rpm47066a2cce7690ddc6b9db2fa64e0f501595bba893122506a9c92d68f2e59f7flibreoffice-langpack-eu-4.2.8.2-11.el6_7.1.i686.rpm8c2912cf39a212fd6805e062a5d24380011464a46ebd930d9780173c11419e83autocorr-zh-4.2.8.2-11.el6_7.1.noarch.rpmde4d3a2b8b9b54cdf6c01e17bf736674438d7523ef41a2b4e67627b5c0641232autocorr-lb-4.2.8.2-11.el6_7.1.noarch.rpmdc32e395ade8effa2ce2b04adfe32ec5b7e0e69274d1877a624e4f4f9901d026libreoffice-langpack-or-4.2.8.2-11.el6_7.1.i686.rpm79a20628d799cf78e8b0491dbcd7f62f4785095a133f4177d7238d61d3f6cbfalibreoffice-langpack-it-4.2.8.2-11.el6_7.1.i686.rpm9f6855167c3ce5b5c55d1fce88bfb2581d316f2af441ed4e93c2f4f6932d5608autocorr-hr-4.2.8.2-11.el6_7.1.noarch.rpmf3dc08b30c1c4bdffd9ffd4500dd6d6700b88329827a059e35df7dcf4cee8a4flibreoffice-langpack-lt-4.2.8.2-11.el6_7.1.i686.rpmaf1d127df246a31129014a5d4a1a3e7bf962049c13d2299c3b278b6a0f0a55a5autocorr-fi-4.2.8.2-11.el6_7.1.noarch.rpm5d06eb4b93897620a6214b35099729e21c5680c3ff7f8625fe0238e29b6bd497libreoffice-draw-4.2.8.2-11.el6_7.1.i686.rpm8021b1e9559439532cd22e5e645409c0154bd2fc4403b83ea2c5daf316384a2alibreoffice-writer-4.2.8.2-11.el6_7.1.i686.rpmddd32c33882ef82dd13a5b4550a5a934fc5cfb630288347ea15decf67278411blibreoffice-calc-4.2.8.2-11.el6_7.1.i686.rpmc91f772a9310c63ee4b3563c419445aa745f2c107ad4c91fa6fc2eb47d55c756libreoffice-wiki-publisher-4.2.8.2-11.el6_7.1.i686.rpm2867fced4462bbd059ddfdcfcc8cbc56c5b839c3299a0c23c563ec917ba8a39flibreoffice-impress-4.2.8.2-11.el6_7.1.i686.rpm3fcbae18b389ae5f043550e51d0a9c24005c01dd9aea3808ec0a4dd571562144libreoffice-pyuno-4.2.8.2-11.el6_7.1.i686.rpmc2aa46392ec3b225831758e0a1c40721938758c79a1da4a7193336ee53e3e913autocorr-ko-4.2.8.2-11.el6_7.1.noarch.rpma04da8532cc9cb77c72037a6e783cdc9aba618169125cfc3641ada37481c860dlibreoffice-langpack-as-4.2.8.2-11.el6_7.1.i686.rpm44c4dde9a6707d8ea8925e78c0e986a826cbb22e4d10a7627c23fe313928dca1libreoffice-emailmerge-4.2.8.2-11.el6_7.1.i686.rpme8b6a729aa3b34497c10a4f6e2d8ddb8db02396f8edd73e396e00dd9e6d6e728autocorr-nl-4.2.8.2-11.el6_7.1.noarch.rpm6fd7d8b6cfe52419b2ae30ab84deaad67bee8064d51a97c26c21beefed5e453flibreoffice-langpack-zh-Hant-4.2.8.2-11.el6_7.1.i686.rpm798659fbf26d306c7999954837fb36596eb0481bced782f4425260971fc68407libreoffice-langpack-sr-4.2.8.2-11.el6_7.1.i686.rpmad8d8906be351ee011fb42a8440951c43efb43f626e9b5d02948dad26c4dfebflibreoffice-langpack-xh-4.2.8.2-11.el6_7.1.i686.rpm0b48b396886e72b132f66a187a7e9cdcd544886f7fe2d91e9baec105df18d187autocorr-hu-4.2.8.2-11.el6_7.1.noarch.rpm223a681ce59b6e859d8fc982812a054fde73b7bf0450d9f88b7d387e86f118f0libreoffice-langpack-ss-4.2.8.2-11.el6_7.1.i686.rpm29640cdf3a29eedc32d794ca9bc339e42ff4c5551d43e4eddfa104b4c1b322d8autocorr-en-4.2.8.2-11.el6_7.1.noarch.rpm1243b1b7c355931a41bf8d2813c68e65e718091b2b5b1914767d2eb1ed5f9c41libreoffice-glade-4.2.8.2-11.el6_7.1.i686.rpm198d2a311237a2ae4d50e7a7f0ab80a5755ae7cf9ce4005fa6eb4cf24e00682clibreoffice-langpack-pt-BR-4.2.8.2-11.el6_7.1.i686.rpma38336de1bc6bfa910e058f59a5f3e64458e16ed11216d5a4cfb05f8f5defc84libreoffice-ogltrans-4.2.8.2-11.el6_7.1.i686.rpm9b7316c30f665a1d753f62b0732e685258a07dbf15527608c873e38e133b2091libreoffice-langpack-th-4.2.8.2-11.el6_7.1.i686.rpm460a03ad3438037b8229b194da3538849d2986ace2bd5a412db31be2c6ad1ebdautocorr-de-4.2.8.2-11.el6_7.1.noarch.rpmff8e877fdec567260555b388f0b071a85695ceaf792d007df6fe984f042c5741libreoffice-langpack-te-4.2.8.2-11.el6_7.1.i686.rpm7afa01767607c69aa091f9c6548177c583be3b51dbf069215cbca1a903b3436clibreoffice-ure-4.2.8.2-11.el6_7.1.i686.rpmd3cde476f870c0d01768daad3244ac91797a17e7df09eb437269f01b5057d9falibreoffice-langpack-es-4.2.8.2-11.el6_7.1.i686.rpme5660c1ef67a8de2cd3f311eeb8403f6cf8d09faab4305110fcc8d438d6c6b49libreoffice-rhino-4.2.8.2-11.el6_7.1.i686.rpm7dff346c8c0782ebb0fc180f2b4a972a56f3f22adfb969f8bdaefb4735c24f27libreoffice-langpack-nr-4.2.8.2-11.el6_7.1.i686.rpm8023cb9a8f1e4684c33c2ac5d59d7a0a068d2860162e2547cdcdecf6cf42dee4autocorr-af-4.2.8.2-11.el6_7.1.noarch.rpm7bdaa934878e8f59706be8b817993499fc79d90a2ad7eca67253038ae69fc56alibreoffice-langpack-cs-4.2.8.2-11.el6_7.1.i686.rpmcf7e11062e914af1420159e874e02efb38dd60695b1d54108c5c02b18065e008libreoffice-langpack-ml-4.2.8.2-11.el6_7.1.i686.rpm85172074c25c8a494d386b2b454001dcf9a1cd8fe88e3cab5219596cb142cec9libreoffice-langpack-mr-4.2.8.2-11.el6_7.1.i686.rpma905bf6af0aff6ae341ae7f274ca0393b47b080e877c039639c28f8c289f6894libreoffice-librelogo-4.2.8.2-11.el6_7.1.i686.rpmfdf6c50fd56c3ffdd55e8bbef7edab608584c9e02471e1fb92863f3abd8c3b7blibreoffice-langpack-sk-4.2.8.2-11.el6_7.1.i686.rpm0d7970ccc88c754341e5311a4cebff3d41a5d671d6d16f832b61cd67496748d3autocorr-ru-4.2.8.2-11.el6_7.1.noarch.rpmd0b093d5e97fcce03d71d98915fbbe40ebb6b8e6cad3ebe52b55f1d855705269autocorr-vi-4.2.8.2-11.el6_7.1.noarch.rpm7376a122fbf92bfba336da13db9cd886da6a3d408da6da8bed5ffe9266bbfec5libreoffice-langpack-bn-4.2.8.2-11.el6_7.1.i686.rpm0d3401d4704fd5e5834a7f99bcb16eed6ce5c5499b49102c3db2dc5cad71ac78autocorr-tr-4.2.8.2-11.el6_7.1.noarch.rpmf764f60c55a7c81e3fe73feeaec20a533715476af7a90503d852551be9ee18e2libreoffice-filters-4.2.8.2-11.el6_7.1.i686.rpmd2119cf0df46e8758af1efff49340edf3cc5cd8f8488019df0f91c064f362e79libreoffice-langpack-gl-4.2.8.2-11.el6_7.1.i686.rpmb57eb69cdf5666a676634e66d623a2e67651168e6360f67c1ce64c460aa9c9b0libreoffice-langpack-st-4.2.8.2-11.el6_7.1.i686.rpmd4527d4e16bd3ade3d18bd03b660adf2b3be9c771ccda6d4f7f01c5f058b7122libreoffice-langpack-ms-4.2.8.2-11.el6_7.1.i686.rpmc341ca3e4870d16fceb7e21580efdd5ce622ad57c30c76e8c0345c9879c30b0clibreoffice-langpack-hr-4.2.8.2-11.el6_7.1.i686.rpm02c2afbb16c1d6b46d8314ce19458c0267c121beb1b19bc2e4d3693c4fb6db67libreoffice-langpack-fi-4.2.8.2-11.el6_7.1.i686.rpm4982cdf1b98ca47d37319d813468171cc8848a6144d2fd9d03078f7e01ab73a2libreoffice-langpack-et-4.2.8.2-11.el6_7.1.i686.rpm6de67c2282c280ed12f6e00de2640fa47d305b3e45c20b759e0e46b96939a91dautocorr-sv-4.2.8.2-11.el6_7.1.noarch.rpm5ffc9a94f77ee7a3946dfd7c2bcfe7fe675b8322e0427212248070259ce6a98dlibreoffice-langpack-ro-4.2.8.2-11.el6_7.1.i686.rpm8c02ae475b15183180d25dfb0f27329ff53723a929de052a0af29de7e1615a30libreoffice-langpack-zu-4.2.8.2-11.el6_7.1.i686.rpmfff30a6fb1b4e676b46808d8567009a5e566878f6302f54907b9753a53e175ccautocorr-bg-4.2.8.2-11.el6_7.1.noarch.rpmdc80e1b10cb9bda7e64496229215735c98043918f1b94e2eb7d811a368f73c15autocorr-fr-4.2.8.2-11.el6_7.1.noarch.rpm65cdb7d75e42a56dadf7c700ab70c4ad7b3d3379c60ea9c18c677c6b3851e1e7libreoffice-langpack-dz-4.2.8.2-11.el6_7.1.i686.rpm05626322a0e72929c52f6a289846cd23246231df946767fb518d967594369d33libreoffice-langpack-pt-PT-4.2.8.2-11.el6_7.1.i686.rpm8a5fcd9bbd005a632ff32581ea2c36d34407093a9ca76ddddf3a02b55a5ca3a9libreoffice-gdb-debug-support-4.2.8.2-11.el6_7.1.i686.rpm3218a9d13d7f147c81543a0ef4bb1c1bfe8005f7e9a6e26973c3c2d0de7b2043libreoffice-langpack-nb-4.2.8.2-11.el6_7.1.i686.rpm2f0dbaafd6ae35d35453057dca81a5c62008cd6e12fe864a9cc898bdf1874efflibreoffice-langpack-af-4.2.8.2-11.el6_7.1.i686.rpm9240c3903f472a7a3ae184ccfbd8816fccabaae34ab5ae89968e4fd9f9899882autocorr-pl-4.2.8.2-11.el6_7.1.noarch.rpm2bcca06d2c3bfb73d0bdd01c6450e12945e0709966d203d6b719ddca6279df44libreoffice-graphicfilter-4.2.8.2-11.el6_7.1.i686.rpmef4c1803db99da5a3d044ac002d34b252b285598be535360913decfe607c232alibreoffice-langpack-fr-4.2.8.2-11.el6_7.1.i686.rpm4444871512a4f874c35937fff76ec1c4eeb0827e40c9128bb155c0b3c72cf246autocorr-fa-4.2.8.2-11.el6_7.1.noarch.rpmeef929cfee75678238997d0c8e50dab42bc6d9505fa26a337f2860fb8dff4d87libreoffice-langpack-mai-4.2.8.2-11.el6_7.1.i686.rpm4b8dc7c722a9cb8940801076ac25e85b34e63b629b1eaa2549bd7b1eb9867802autocorr-sl-4.2.8.2-11.el6_7.1.noarch.rpm7ec9443999de4cb52e55de8cdf6fc3b503877d69640b60951839a6a9107ffa41autocorr-ga-4.2.8.2-11.el6_7.1.noarch.rpmb0f0e0595d0054f4777981dc65153640593dfa4070dc354bd20e5bd4a7fe1bb3libreoffice-core-4.2.8.2-11.el6_7.1.i686.rpm6b79b3a241a906477316b1e4c3eb9d211b8edf64f6bb30c34e8c6bdef2537f09libreoffice-langpack-tn-4.2.8.2-11.el6_7.1.i686.rpm5ec49c63a7c6ae82784e47a6caf817d4012bca3cf636fa41b86bc88f48b8444alibreoffice-langpack-el-4.2.8.2-11.el6_7.1.i686.rpm63326dea27becc139fda15a6c96740e8078e0817ad4079991a9b1ff31030eb39libreoffice-langpack-ur-4.2.8.2-11.el6_7.1.i686.rpm6dae0c95e59eee798d2fd54538e594b4bf76f0e977edc4fcfaef63df9d2d1863libreoffice-langpack-zh-Hans-4.2.8.2-11.el6_7.1.i686.rpmfa14c9c6bc46326e21fa0fc333dad30362b7654e99fe4ec7bdc16617815e6f63libreoffice-langpack-ta-4.2.8.2-11.el6_7.1.i686.rpmb9b0d0db32ab6b073a89398bf88896a5664c68a6988a5c4ff8bf9b5071babb4cautocorr-cs-4.2.8.2-11.el6_7.1.noarch.rpm43deb0f9284cf9bb2afc55bdbcb2b972b9bf243810e46f66fd36c62661572f5eautocorr-ja-4.2.8.2-11.el6_7.1.noarch.rpmd59a386c8032335eda477ab1ab4521308a2762b30bec8044b7f034181413d915autocorr-pt-4.2.8.2-11.el6_7.1.noarch.rpm12584140ef1dd6f31823d63f48265d8c0985cd90389de990b55dafbd2df6df64libreoffice-langpack-kn-4.2.8.2-11.el6_7.1.i686.rpm6f4e454d48b10224371d90599a2b015b7abb4a7a31231132abf84667e8178a79libreoffice-langpack-ga-4.2.8.2-11.el6_7.1.i686.rpmf4068aaa21db7fb3cf54de0a5def6db8a39941cd0164694b18444dc3237103baautocorr-lt-4.2.8.2-11.el6_7.1.noarch.rpm21da45baa307a9896e47a1287e436fe0409afde1d768de1fab7ece0fce4e5abblibreoffice-langpack-en-4.2.8.2-11.el6_7.1.i686.rpm5c71f5423367ecff7d98362a87bc622b905480bc1f628d56ae4e323a3c94c04dlibreoffice-langpack-pl-4.2.8.2-11.el6_7.1.i686.rpm75d076dd38342ebb3d7b02a49012284458071fbc1155441062fa8cdc4dba5351libreoffice-langpack-sv-4.2.8.2-11.el6_7.1.i686.rpmfc66d4e4b45b74a4158b850c41669ddd50ca49879de6f2dcd85d2d97a9d63c85libreoffice-langpack-ko-4.2.8.2-11.el6_7.1.i686.rpm61eedbe130889a064e99a0d91096cb6c7daba0e46137d9d16108b25bfcedb221autocorr-da-4.2.8.2-11.el6_7.1.noarch.rpma89d1d379159c9edec17019af81485c290552320c4f30057b615c266d5a56625autocorr-es-4.2.8.2-11.el6_7.1.noarch.rpm9860fe9b1f0401e91c6af1c3db042d6cda7500a72fb50e6fcb2240878b0cb255libreoffice-langpack-cy-4.2.8.2-11.el6_7.1.i686.rpm30a664c58f289bf438955c195e3f4262644565049018f0dca62ac08d7767015dlibreoffice-langpack-ar-4.2.8.2-11.el6_7.1.i686.rpm5a5a29cb4f5d9ac17ef4919ac8627c4ac4a1b966fb89c92a052fa1e9e94b79f3libreoffice-pdfimport-4.2.8.2-11.el6_7.1.i686.rpm0213dd14b99a6dd68999cc21a70ed32c87f6d7f0655e297f3f6eb4e456afc232autocorr-sr-4.2.8.2-11.el6_7.1.noarch.rpm191c8c3b682b69ee24f5fa9eed6df21737135e3b3b361583b0976eb8d880fa69libreoffice-langpack-bg-4.2.8.2-11.el6_7.1.i686.rpm838ef435715b41e6552d8cc327ee85f1086cde93eb9a9ed42e76a8480b460c8dlibreoffice-math-4.2.8.2-11.el6_7.1.i686.rpmb7c8e897324c94546fd84413d50525f0fbc29fc0b3023ab55b0a6ea53db502felibreoffice-sdk-4.2.8.2-11.el6_7.1.i686.rpm5ce65f08c54a25261baef51a51489079e8ef66812e6b6f62de95ff27439d24cdlibreoffice-sdk-doc-4.2.8.2-11.el6_7.1.i686.rpm21f7db50db52a2d6482680e386da0b00f15bcee5f3c6aa889efc010765fd8145libreoffice-langpack-ve-4.2.8.2-11.el6_7.1.i686.rpmce0ca1105d6a1d1a7502d01ba7e5ddc6b4c26dd373fb3320f05e14efbf20821flibreoffice-langpack-da-4.2.8.2-11.el6_7.1.i686.rpm9e16fbd9c1afeb8ce0faf9410ca640d372d7c8c171e32763c7a280e0062a5236autocorr-ca-4.2.8.2-11.el6_7.1.noarch.rpm2e9b321435d412b53b3e6e837a1315bcf27275f0b282d4b524d0e3fb5cf3fcd0libreoffice-langpack-gu-4.2.8.2-11.el6_7.1.i686.rpmaaafe2088b31e708648aac20d3c62c25f6c02e6ca0986c5b1a0e11a2601f0fdalibreoffice-langpack-ru-4.2.8.2-11.el6_7.1.i686.rpm1944101662e4b15939ede974be874aafbf3715524729ef6973314e2c4c6a450flibreoffice-opensymbol-fonts-4.2.8.2-11.el6_7.1.noarch.rpmb141de5189fa7573646cbb08dc65d561b1beafe0edd68e5badf12a9e15e15802libreoffice-langpack-nl-4.2.8.2-11.el6_7.1.i686.rpmc686d38d3229b9809b37cc6e7a943278cc1354ed9d9034128a7afc3a0a6c9589libreoffice-headless-4.2.8.2-11.el6_7.1.i686.rpm77942c9c63f2a69f3b2887779471eec71da4494429e9e0a14a1c5c4e4fe3db6eautocorr-is-4.2.8.2-11.el6_7.1.noarch.rpma139d3ebeaea06447047a2d3252de30c9731086caea63d61719bf350a0fb781blibreoffice-xsltfilter-4.2.8.2-11.el6_7.1.i686.rpmcf7d238915e26a234a84b963133da02aa24e26b191f85dbbe9d4e6be9190c78clibreoffice-langpack-nn-4.2.8.2-11.el6_7.1.i686.rpm3598e8b37bac90e41a869bb3cab9ef2735b41fce8cf5bc248daed708e9491bc6libreoffice-langpack-he-4.2.8.2-11.el6_7.1.i686.rpmb7904f1a01b8ceae10bedb7659b2343152a7001eda2d47822ae36125d5a41b9alibreoffice-langpack-de-4.2.8.2-11.el6_7.1.i686.rpm948ec6209f2c5a074663c068bd4d5b71b3d5570ba1841201ea7092929a2cd623libreoffice-langpack-pa-4.2.8.2-11.el6_7.1.i686.rpmbc63fd1bcd54e195ed1775bacb52c396fcaa9e8ffc020fcff4c234a42513c46flibreoffice-langpack-ja-4.2.8.2-11.el6_7.1.i686.rpm360b529b1685bd43291557e4d4f51ae435a3ffd4d98af384566f8a804eca7476libreoffice-langpack-ca-4.2.8.2-11.el6_7.1.i686.rpm91c1513ebb3ef3ac41d7c38325334f26d9ba92c0b5c8a16c360525c0a1476a6dlibreoffice-langpack-sl-4.2.8.2-11.el6_7.1.i686.rpm53e8b91f9c233f80df678ee5c09c91c2a8d9756138a57a46304cd239e95b1cfblibreoffice-base-4.2.8.2-11.el6_7.1.i686.rpme515e361d418ddb439b18590a518a0540ccc1205852241f3b28ebd43d43e7afelibreoffice-langpack-tr-4.2.8.2-11.el6_7.1.i686.rpmfe8ed764ef70b5ab30a7ed23ec9596f151731e473ff731166b419c848b9db86clibreoffice-bsh-4.2.8.2-11.el6_7.1.i686.rpm5225450c152090b8215993f146f31db340bd71c89e84bad9e6a4891bf4639203libreoffice-langpack-ts-4.2.8.2-11.el6_7.1.i686.rpm2c5b3d2144fe6f9fe0e9449e4246b355348cbbbf2ba4e2afc11f55ce0fa6ec3clibreoffice-4.2.8.2-11.el6_7.1.i686.rpm487243b158c2e3cfaecbbedbdd6ebb5c46aa9c98c6a54b6675c459baac01d8a1autocorr-mn-4.2.8.2-11.el6_7.1.noarch.rpmb8c52bd7f4090b5d812c34c5826fcb69fc98dca91f2a6bae42787ffe4e4f20cclibreoffice-langpack-hi-4.2.8.2-11.el6_7.1.i686.rpm1829b77396b34a17901973de38b77ae9eec74b93f3372392f1e00eacb731ef15autocorr-it-4.2.8.2-11.el6_7.1.noarch.rpm652ef3676aed9c1a0bb953841d75a48859e233865c609df39145446b4ef940c4autocorr-sk-4.2.8.2-11.el6_7.1.noarch.rpm015cf1d95087ce97353f6360fa9c29f79dd82cf477bd704fa5f26ecfd398efc1autocorr-ro-4.2.8.2-11.el6_7.1.noarch.rpm929d9295a7e94717d04c8aaa7d2ca2d82dc81b52c8f8c3861d32705db362d932libreoffice-langpack-uk-4.2.8.2-11.el6_7.1.i686.rpmeacdc27d5306e1fa4ba63e8469c24912a6ebf3e536b198090be3123e85619fc9libreoffice-langpack-hu-4.2.8.2-11.el6_7.1.i686.rpmeba668f9fd934358fbfd95afca5a6dc8ded54a8f11fb476f4fabce8bd1828c66SLSA-2015:2636-1* A flaw was found in the way the Linux kernel's file system implementation handled rename operations in which the source was inside and the destination was outside of a bind mount. A privileged user inside a container could use this flaw to escape the bind mount and, potentially, escalate their privileges on the system. (CVE-2015-2925, Important) * It was found that the x86 ISA (Instruction Set Architecture) is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way (sequential) delivering of benign exceptions such as #AC (alignment check exception) and #DB (debug exception) is handled. A privileged user inside a guest could use these flaws to create denial of service conditions on the host kernel. (CVE-2015-5307, CVE-2015-8104, Important) * A race condition flaw was found in the way the Linux kernel's IPC subsystem initialized certain fields in an IPC object structure that were later used for permission checking before inserting the object into a globally visible list. A local, unprivileged user could potentially use this flaw to elevate their privileges on the system. (CVE-2015-7613, Important) * It was found that the Linux kernel's keys subsystem did not correctly garbage collect uninstantiated keyrings. A local attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-7872, Important) This update also fixes the following bugs: * Previously, Human Interface Device (HID) ran a report on an unaligned buffer, which could cause a page fault interrupt and an oops when the end of the report was read. This update fixes this bug by padding the end of the report with extra bytes, so the reading of the report never crosses a page boundary. As a result, a page fault and subsequent oops no longer occur. * The NFS client was previously failing to detect a directory loop for some NFS server directory structures. This failure could cause NFS inodes to remain referenced after attempting to unmount the file system, leading to a kernel crash. Loop checks have been added to VFS, which effectively prevents this problem from occurring. * Due to a race whereby the nfs_wb_pages_cancel() and nfs_commit_release_pages() calls both removed a request from the nfs_inode struct type, the kernel panicked with negative nfs_inode.npages count. The provided upstream patch performs the required serialization by holding the inode i_lock over the check of PagePrivate and locking the request, thus preventing the race and kernel panic from occurring. * Due to incorrect URB_ISO_ASAP semantics, playing an audio file using a USB sound card could previously fail for some hardware configurations. This update fixes the bug, and playing audio from a USB sound card now works as expected. * Inside hugetlb, region data structures were protected by a combination of a memory map semaphore and a single hugetlb instance mutex. However, a page-fault scalability improvement backported to the kernel on previous releases removed the single hugetlb instance mutex and introduced a new mutex table, making the locking combination insufficient, leading to possible race windows that could cause corruption and undefined behavior. This update fixes the problem by introducing a required spinlock to the region tracking functions for proper serialization. The problem only affects software using huge pages through hugetlb interface. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-firmware-2.6.32-573.12.1.el6.noarch.rpmeeacc4ff05945f3d5137d417c03a313bf77fe659e0c70389fea14e47341fef7ekernel-devel-2.6.32-573.12.1.el6.i686.rpm471baa4e5a21ec9dd3d3db87101659f8d908ea744542235923f066e54e8fff1cpython-perf-2.6.32-573.12.1.el6.i686.rpm8bd56fef2fd7a8ccf15dd94ec89b72b32394976174c705db34f5963e156bf5afkernel-headers-2.6.32-573.12.1.el6.i686.rpm2a6e711bc4d2508213e12730469f2cfabcfec5466cb931dfc93211654fe0771dperf-2.6.32-573.12.1.el6.i686.rpm241a19ea51f4257f697ba2aacd8e6a5543363c0b8d60f4954f45689e26451506kernel-debug-2.6.32-573.12.1.el6.i686.rpmec10f4a7f6eb82a0bd744b2d9886ccf54f9a0e3dd0b37981bc84dfa2b1e2d6c8kernel-doc-2.6.32-573.12.1.el6.noarch.rpmb13f65ca8763bb35c1a60aff3c16a2133a83748ac722f2accdefb5fe8c3bad2dkernel-abi-whitelists-2.6.32-573.12.1.el6.noarch.rpm0dd28907c3304f1c4f99ef8f81ea249cbb95069808954301dee4515046ccf222kernel-debug-devel-2.6.32-573.12.1.el6.i686.rpm8802d1aab8ebf5ab472b27372467643d4302bebd937596019f8895548bbbd76akernel-2.6.32-573.12.1.el6.i686.rpm8d0c3eddbb0fa62edc22458a6fef31ee4aff9a4b22bf997c7ce4455035d381e1SLSA-2015:2655-1A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server to crash. (CVE-2015-8000) Note: This issue affects authoritative servers as well as recursive servers, however authoritative servers are at limited risk if they perform authentication when making recursive queries to resolve addresses for servers listed in NS RRSETs. After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-9.8.2-0.37.rc1.el6_7.5.i686.rpm0c41fb32b9f9a5edd08ca586b3f713cd9d7c5ebd3d4078f8b4d31ebecdb93d88bind-devel-9.8.2-0.37.rc1.el6_7.5.i686.rpm1e95d14f04f66c5edf8c004c03169e8a6dbfecab2723ef2a96773181a8f21b73bind-sdb-9.8.2-0.37.rc1.el6_7.5.i686.rpm77b341cdcbe84bd835854d09ccebc7d46addafceea231d0b522fc98fb47bcb58bind-libs-9.8.2-0.37.rc1.el6_7.5.i686.rpm3fdea44c33476215c1186b519600a83082950c0a7959d0eb493d6c14506a415ebind-chroot-9.8.2-0.37.rc1.el6_7.5.i686.rpm3f3234102dc2ade2517a63b98ab9f266ca0487f4c0123c3207b5c83a17071235bind-utils-9.8.2-0.37.rc1.el6_7.5.i686.rpm3499a1b716daa9f064def979e59754c04246dfe4c9c9ee256af46204e7211625SLSA-2015:2657-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-7201, CVE-2015-7205, CVE-2015-7210, CVE-2015-7212, CVE-2015-7213, CVE-2015-7222) A flaw was found in the way Firefox handled content using the 'data:' and 'view-source:' URIs. An attacker could use this flaw to bypass the same- origin policy and read data from cross-site URLs and local files. (CVE-2015-7214) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-38.5.0-2.el6_7.i686.rpm8b3c90d31e4313ae86f3dbbdc21b7214e5c7a1aa87671052ca130f988765fedcSLSA-2015:2694-1A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC- Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user (with the CAP_SYS_RAWIO capability) inside a guest could use this flaw to crash the host QEMU process (resulting in denial of service) or, potentially, execute arbitrary code with privileges of the host QEMU process. (CVE-2015-7504) A buffer overflow flaw was found in the way QEMU's AMD PC-Net II emulation validated certain received packets from a remote host in non-loopback mode. A remote, unprivileged attacker could potentially use this flaw to execute arbitrary code on the host with the privileges of the QEMU process. Note that to exploit this flaw, the guest network interface must have a large MTU limit. (CVE-2015-7512) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.479.el6_7.3.i686.rpme6bf6f808e0f34cc385317e26bde9e9b9542632ab76d8510c36468db0a31988cSLSA-2016:0001-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-7201, CVE-2015-7205, CVE-2015-7212, CVE-2015-7213) A flaw was found in the way Thunderbird handled content using the 'data:' and 'view-source:' URIs. An attacker could use this flaw to bypass the same-origin policy and read data from cross-site URLs and local files. (CVE-2015-7214) After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-38.5.0-1.el6_7.i686.rpm1d82db1a4a23c7c3579e89c922829ceeda979cac0a9408677b5f01a6252b5353SLSA-2016:0005-1A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP connections was discovered in rpcbind. A remote attacker could possibly exploit this flaw to crash the rpcbind service by performing a series of UDP and TCP calls. (CVE-2015-7236) If the rpcbind service is running, it will be automatically restarted after installing this update.moderateScientific Linux FermiScientific Linux Fermi 6rpcbind-0.2.0-11.el6_7.i686.rpm0631dfb3061c71e25a34d8e706fc4aa2a56ead9f397825ad47479a33ffcb6912SLSA-2016:0007-1A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575) For the update to take effect, all services linked to the NSS library must be restarted, or the system rebooted.moderateScientific Linux FermitrueScientific Linux Fermi 6nss-devel-3.19.1-8.el6_7.i686.rpmbba9318f45bb7a116e9cd5d807c883914e788a7fa8686011da7f6ad361b7bf22nss-sysinit-3.19.1-8.el6_7.i686.rpmeb59b172da9e2e746a29f777de04b11f4304b81fcb205995247841b427756864nss-tools-3.19.1-8.el6_7.i686.rpm4fbea2bae45166f484e932d5e08b9f14dc833bb7510837b8e1c21e9c4d05127anss-3.19.1-8.el6_7.i686.rpmdf1b720196bfd38befc97ce2d63484557a02394829b3ed89daa5e1d8474c1deanss-pkcs11-devel-3.19.1-8.el6_7.i686.rpm281c82e96fedf37e04b93c03a8d0803e4a6962494a5bc9b6669cfa96aadfa068SLSA-2016:0008-1A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitrueScientific Linux Fermi 6openssl-1.0.1e-42.el6_7.2.i686.rpmdafce543c33dc27142b132b85cf31eb2be698559f64a2c490b5d17219cf888c2openssl-devel-1.0.1e-42.el6_7.2.i686.rpme1e6bf93611b37a6633658908a884f0d0a54145928c866543b5bf9754cef931fopenssl-static-1.0.1e-42.el6_7.2.i686.rpm175cb41cab76f352d2da9d9006275059d6dcbe52547687563cb8d67ca5bae0c8openssl-perl-1.0.1e-42.el6_7.2.i686.rpm67a332654c68681fa9d9cc7503a8bb13cc93d84734857556eea6d5877b6d60b2SLSA-2016:0009-1A denial of service flaw was found in the ldb_wildcard_compare() function of libldb. A remote attacker could send a specially crafted packet that, when processed by an application using libldb (for example the AD LDAP server in Samba), would cause that application to consume an excessive amount of memory and crash. (CVE-2015-3223) A memory-read flaw was found in the way the libldb library processed LDB DN records with a null byte. An authenticated, remote attacker could use this flaw to read heap-memory pages from the server. (CVE-2015-5330)moderateScientific Linux FermiScientific Linux Fermi 6ldb-tools-1.1.13-3.el6_7.1.i686.rpmd4fe97fa879c55b1488eb98990754bc30bacb45c27a4f01b84374917ac00e5f5libldb-devel-1.1.13-3.el6_7.1.i686.rpm0e99e9c30540f8e386555da338f5dc70422723d8c04e37606ee9b41812d77be1pyldb-1.1.13-3.el6_7.1.i686.rpm7a336ff11245a9c3b2aee5385cf22e2da2442800ee663c1ca8c7cc5ad279c42alibldb-1.1.13-3.el6_7.1.i686.rpm021e97eedf82747d7531748525707588a8ba698de61cc0994cc5325a48c6412cpyldb-devel-1.1.13-3.el6_7.1.i686.rpm1942788a083fdd0849c385d402fda70b2ca65daa6113f32d2f01a7d5dec74a6fSLSA-2016:0010-2A denial of service flaw was found in the LDAP server provided by the AD DC in the Samba process daemon. A remote attacker could exploit this flaw by sending a specially crafted packet, which could cause the server to consume an excessive amount of memory and crash. (CVE-2015-7540) Multiple buffer over-read flaws were found in the way Samba handled malformed inputs in certain encodings. An authenticated, remote attacker could possibly use these flaws to disclose portions of the server memory. (CVE-2015-5330) A man-in-the-middle vulnerability was found in the way "connection signing" was implemented by Samba. A remote attacker could use this flaw to downgrade an existing Samba client connection and force the use of plain text. (CVE-2015-5296) A missing access control flaw was found in Samba. A remote, authenticated attacker could use this flaw to view the current snapshot on a Samba share, despite not having DIRECTORY_LIST access rights. (CVE-2015-5299) An access flaw was found in the way Samba verified symbolic links when creating new files on a Samba share. A remote attacker could exploit this flaw to gain access to files outside of Samba's share path. (CVE-2015-5252) After installing this update, the smb service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6samba4-dc-4.0.0-67.el6_7.rc4.i686.rpm5e542c50db9d8de690c3d58baf286bd4fe7a27d8a62c4292089d6eaa44684790samba4-client-4.0.0-67.el6_7.rc4.i686.rpm1f7286a1868aad462a0655870a291fa1edec7a36e90452e8de04adcfc41bc043samba4-common-4.0.0-67.el6_7.rc4.i686.rpm8f3f4d698574a59ce794c9c14c9a3013b39bd11963e83872b87b5b8a7c53c9aasamba4-swat-4.0.0-67.el6_7.rc4.i686.rpm6faed5d27bb9d7beafb46407a1e911d0ab0975a255a7004014a989614a922c00samba4-winbind-clients-4.0.0-67.el6_7.rc4.i686.rpme2daaabddc5cc4db9c0026004ca8e336c49fa6827e9b3cc0f8685f5c237130cesamba4-libs-4.0.0-67.el6_7.rc4.i686.rpmc9d69cdbeab7cd4198d28d0199f727f26f622d865861541720d4540c94327cd0samba4-winbind-4.0.0-67.el6_7.rc4.i686.rpm7b5b522b79cfab5c525d9322910496907c99280a5628cd3ece408028707ba8b0samba4-winbind-krb5-locator-4.0.0-67.el6_7.rc4.i686.rpm3b91149e7ecf17c91c0defc59c00440ab49207d900e67d50d1993e3fcd57bb68samba4-test-4.0.0-67.el6_7.rc4.i686.rpme809d16efa41b351bc4eb3233b36e4a0f63203568ad527d6714129678c15558esamba4-pidl-4.0.0-67.el6_7.rc4.i686.rpmcd3eee7436285a6d43b92badbe473c8fcf94e9eb5ee330db8ede86a6f2c3c719samba4-python-4.0.0-67.el6_7.rc4.i686.rpmaa813ed75489eba90b0c4f595402fd570a9a7be7ce4e747d6eb72467c6bfbc06samba4-dc-libs-4.0.0-67.el6_7.rc4.i686.rpmc907576b8a0f887c185c5c236d4e3c965c79e99c4fbe2e572af0aa20c15d11a6samba4-4.0.0-67.el6_7.rc4.i686.rpm6908ffd0fd0045f8cc5a5eb5d5f34bc431c549912fbe410dfe0cdeaf7dcc289bsamba4-devel-4.0.0-67.el6_7.rc4.i686.rpm198ed7af83c82352899df23461ed81df4163746d1f6eb89ee04ab995b6cf2e63SLSA-2016:0011-1A man-in-the-middle vulnerability was found in the way "connection signing" was implemented by Samba. A remote attacker could use this flaw to downgrade an existing Samba client connection and force the use of plain text. (CVE-2015-5296) A missing access control flaw was found in Samba. A remote, authenticated attacker could use this flaw to view the current snapshot on a Samba share, despite not having DIRECTORY_LIST access rights. (CVE-2015-5299) An access flaw was found in the way Samba verified symbolic links when creating new files on a Samba share. A remote attacker could exploit this flaw to gain access to files outside of Samba's share path. (CVE-2015-5252) After installing this update, the smb service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6samba-common-3.6.23-24.el6_7.i686.rpm38a23f85bfb5523f0713cb5a1c4bb3f2e228440b2c77e7c467c64db1913830e2samba-3.6.23-24.el6_7.i686.rpm9e1a4a704ac6602fc9230f4a7f6abd42d87ed8c8c90ee524e1856b14aeae2b7bsamba-doc-3.6.23-24.el6_7.i686.rpm639067963f3fb377fdb61c95446abf9b179a7a7c5bc514f4816be2ba9a30ddd8libsmbclient-devel-3.6.23-24.el6_7.i686.rpmc515d7974bec80ea7d8c279994b1535f9d1071ae91775ddf310cc147dcc7ee36samba-winbind-krb5-locator-3.6.23-24.el6_7.i686.rpm0a5cf1b62f7d53219c52fc7888829b732291e10f408150514aee2f52eac957f2samba-swat-3.6.23-24.el6_7.i686.rpm77bca153824bacd372aefa26b00e2b16e2e509cf00cf9883655e1ace9c4a0161libsmbclient-3.6.23-24.el6_7.i686.rpmcc90458f0b10823729f153c51b08dc62c33d9d50dff97c472d38c3f1a2a2012bsamba-winbind-3.6.23-24.el6_7.i686.rpmb080d94672e9e34d5c7666042db60b6889301b2eeb6cc56d4886c46263e5c1b0samba-winbind-clients-3.6.23-24.el6_7.i686.rpm888e3c520a86ea523fd2b927ca288b6b6d209d7800c9ebf6f81dca2c14167967samba-client-3.6.23-24.el6_7.i686.rpmec397f83af81e62f9ce6802b6eeb3c9e45c901c57294b00327a47d1e0e4cbce7samba-domainjoin-gui-3.6.23-24.el6_7.i686.rpm87c8fb14cc12a2f5a03a2c27766ec2c2437c642ddad0afc4abc7ea1ec79ffecesamba-winbind-devel-3.6.23-24.el6_7.i686.rpm81e7c61a520764ec678168d4a9f04b382c23abbfaf79409f00f2047b57cf6940SLSA-2016:0012-1A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575) For the update to take effect, all applications linked to the GnuTLS library must be restarted.moderateScientific Linux FermitrueScientific Linux Fermi 6gnutls-guile-2.8.5-19.el6_7.i686.rpm6b531da5e540a007fff1efb9e93688c558c6c76375253937b1481f59f187b115gnutls-2.8.5-19.el6_7.i686.rpm9a6467a0e55463080d8489a7d916f62889f57d09e8f5d7a786f04903f0a513afgnutls-devel-2.8.5-19.el6_7.i686.rpme333f5b5295895c36e015f0203cbacca684efa597e4359c4a88ffcea04f4e48dgnutls-utils-2.8.5-19.el6_7.i686.rpme2645d86e7eb44f5398094890ad88b9435848cfbc69928b6eb4a17c039e42cefSLSA-2016:0050-1An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2016-0483) An integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2016-0494) It was discovered that the password-based encryption (PBE) implementation in the Libraries component in OpenJDK used an incorrect key length. This could, in certain cases, lead to generation of keys that were weaker than expected. (CVE-2016-0475) It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory. (CVE-2016-0466) A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575) Multiple flaws were discovered in the Networking and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.8.0-openjdk-demo-1.8.0.71-1.b15.el6_7.i686.rpm90660e8bc2138c1df081214cba2d25e7c55d99b934e8efa960941fb244ae7d6ajava-1.8.0-openjdk-devel-debug-1.8.0.71-1.b15.el6_7.i686.rpm5e2406178d65110da7ff2cd0c307931bb6dd8eccb7ba14c9863359845a59b40djava-1.8.0-openjdk-javadoc-1.8.0.71-1.b15.el6_7.noarch.rpm74a8deba339bea07386e2e61bdd11f097fe6c5367bd3ffb7e12925248cf78769java-1.8.0-openjdk-headless-1.8.0.71-1.b15.el6_7.i686.rpm85e9db2368b4fab5d212363220f4a3fe8fd4b4e78be56856956a321bb58463bbjava-1.8.0-openjdk-src-debug-1.8.0.71-1.b15.el6_7.i686.rpma51d95f0b58abd377c62112ee0d795b25853d5c05405570a892fad1764c72e53java-1.8.0-openjdk-devel-1.8.0.71-1.b15.el6_7.i686.rpm34d59e8f08f4dbdcf65e6d6d5edc0664708b207ff0f0b0c119897262731c9db3java-1.8.0-openjdk-javadoc-debug-1.8.0.71-1.b15.el6_7.noarch.rpm7c600142cc1205d7364ea788deba03ea0e32bc59d389124d81a860f028eb8909java-1.8.0-openjdk-1.8.0.71-1.b15.el6_7.i686.rpm6ef1ba94ba6915485f70c9fddf3f4f48af05b82e9520d31f727c586cb3cadc76java-1.8.0-openjdk-src-1.8.0.71-1.b15.el6_7.i686.rpm5383af77ec49a13cf064d599f7aa03a5db480ebed9dcddf9012107eb7fa1c8bajava-1.8.0-openjdk-demo-debug-1.8.0.71-1.b15.el6_7.i686.rpm2edba7cad8687978e90212340ebaeeaa84e069795cf072b6e0ea9a6a8e95001cjava-1.8.0-openjdk-debug-1.8.0.71-1.b15.el6_7.i686.rpm067c3f6afc937b621a32d650715d61f0240391b4155b8264e9d2e5007b8f9ba7java-1.8.0-openjdk-headless-debug-1.8.0.71-1.b15.el6_7.i686.rpm9c749b9bf220e5d13f0e1e3fc55141a786db3830eb64a59309e3839ed6e1eda4SLSA-2016:0053-1An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2016-0483) An integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2016-0494) It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory. (CVE-2016-0466) A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575) Multiple flaws were discovered in the Libraries, Networking, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4871, CVE-2016-0402, CVE-2016-0448) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All running instances of OpenJDK Java must be restarted for the update to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6java-1.7.0-openjdk-demo-1.7.0.95-2.6.4.0.el6_7.i686.rpm5bad36c308541ae73bb624ccd7e5dd93c57b28885a7edb893bf56b5e6e96f814java-1.7.0-openjdk-1.7.0.95-2.6.4.0.el6_7.i686.rpmcabc5ca83cc7be56977993d499578e697e0638e2730e6ea239b01faa5506eddbjava-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.0.el6_7.noarch.rpmb92229e59b53b81a0c10d5650e353f60ce3166cb16c883951b6d606c90797e3cjava-1.7.0-openjdk-devel-1.7.0.95-2.6.4.0.el6_7.i686.rpm203005f1e7d5201a28109d818b2cc1cb64e843c9b7f8c2c93a8cd913fe9a8e56java-1.7.0-openjdk-src-1.7.0.95-2.6.4.0.el6_7.i686.rpm7cc08ab5f9eae911e06e02534e67eda83824dbe32df4d2f16abd962c8102050cSLSA-2016:0063-1It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to modify the time on the client. (CVE-2015-8138) After installing the update, the ntpd daemon will restart automatically.importantScientific Linux FermiScientific Linux Fermi 6ntp-doc-4.2.6p5-5.el6_7.4.noarch.rpmfb28023239809c722a2baaa7d6d6d10f1bda9fbf30e0721c877fb32dcc14d8b0ntp-perl-4.2.6p5-5.el6_7.4.i686.rpm2eb0aecaaf664433cdc02da5cab87d9c9b7cecf314da9a88dfb06a6cbd508f05ntpdate-4.2.6p5-5.el6_7.4.i686.rpm9ce6a631fc59817f59fd4f5b257151f44fa0705e2491834fe2273ea6ec011db4ntp-4.2.6p5-5.el6_7.4.i686.rpm0b34160b7ed6f84ba42abcab411bd2f089d041ac4b24a217f73ab93a75dc0a07SLSA-2016:0067-1An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2016-0483) An integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2016-0494) It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory. (CVE-2016-0466) Multiple flaws were discovered in the Networking and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6java-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el6_7.i686.rpmb1a9ab0680ef2314a203e8a1db00175a1192edac3a18684a3d506beb1c5df0a4java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el6_7.i686.rpm6156062dfa160f6c3c47db6d109f9d147d0105f9e61df522c686dd20d58eb557java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el6_7.i686.rpm4ec2bee0a5d151edbd106d77a94a06b615d360c35409c79be3a94a208901ce75java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el6_7.i686.rpma3db74f68a1087d8c2ad599ae224a690a929184121118944a2a8fed01d57c1f1java-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el6_7.i686.rpmf6c8e467874700db37018eb943d04255ccf10b21317acaea433c53ebaa7fb207SLSA-2016:0071-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1930, CVE-2016-1935) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-38.6.0-1.el6_7.i686.rpmcdbb7c8110933e6029aee930a93511e57f674a4e676c5ae1204083a3ba0ed81bSLSA-2016:0073-1A denial of service flaw was found in the way BIND processed certain malformed Address Prefix List (APL) records. A remote, authenticated attacker could use this flaw to cause named to crash. (CVE-2015-8704) After installing the update, the BIND daemon (named) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6bind-devel-9.8.2-0.37.rc1.el6_7.6.i686.rpm2375ad5e29a45db76bc2cae6353cc28f814255fd626f3d3059178d9a997cd231bind-chroot-9.8.2-0.37.rc1.el6_7.6.i686.rpm23d3c0cfcd0e38672687f49abd4e218bb79735ec2aa4f7ab15d1ecd31eb66e0bbind-utils-9.8.2-0.37.rc1.el6_7.6.i686.rpmb9301e1ba11a502183389f6de845c3dc4701b1f67f2361d9dadefb1521f7c17ebind-sdb-9.8.2-0.37.rc1.el6_7.6.i686.rpmd79f3aae871f123200aa8cd2f58a69454fdfdc13829119a639841232ab686fedbind-libs-9.8.2-0.37.rc1.el6_7.6.i686.rpmfca9f739e450a78d410010a24758298a438aa023b78671ef2ba9f90cce876b21bind-9.8.2-0.37.rc1.el6_7.6.i686.rpmadc84dd3df65f3d37e60630bdaa898cbf284c2c37d925fc0df27ab2e3043ae19SLSA-2016:0082-1An out-of-bounds read/write flaw was discovered in the way QEMU's Firmware Configuration device emulation processed certain firmware configurations. A privileged (CAP_SYS_RAWIO) guest user could use this flaw to crash the QEMU process instance or, potentially, execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-1714) After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.479.el6_7.4.i686.rpmb45dab44c957534793b0f47a21c61ed45916c7565b49585e044ab39967853a8fSLSA-2016:0152-1An insecure temporary file use flaw was found in the way sos created certain sosreport files. A local attacker could possibly use this flaw to perform a symbolic link attack to reveal the contents of sosreport files, or in some cases modify arbitrary files and escalate their privileges on the system. (CVE-2015-7529) This update also fixes the following bug: * Previously, when the hpasm plug-in ran the "hpasmcli" command in a Python Popen constructor or a system pipeline, the command would hang and eventually time out after 300 seconds. Sos was forced to wait for the time out to finish, unnecessarily prolonging its run time. With this update, the timeout of the "hpasmcli" command has been set to 0, eliminating the delay and speeding up sos completion time.moderateScientific Linux FermiScientific Linux Fermi 6sos-3.2-28.el6_7.2.noarch.rpm6ceb01e839e4c8c50eded153e9dc9b3f780bc034aa0a8220d9b880ff11bb5518SLSA-2016:0175-1A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module. (CVE-2015-7547) This update also fixes the following bugs: * The dynamic loader has been enhanced to allow the loading of more shared libraries that make use of static thread local storage. While static thread local storage is the fastest access mechanism it may also prevent the shared library from being loaded at all since the static storage space is a limited and shared process-global resource. Applications which would previously fail with "dlopen: cannot load any more object with static TLS" should now start up correctly. * A bug in the POSIX realtime support would cause asynchronous I/O or certain timer API calls to fail and return errors in the presence of large thread-local storage data that exceeded PTHREAD_STACK_MIN in size (generally 16 KiB). The bug in librt has been corrected and the impacted APIs no longer return errors when large thread-local storage data is present in the application.criticalScientific Linux FermiScientific Linux Fermi 6nscd-2.12-1.166.el6_7.7.i686.rpm416c0da42ad9684921a5e4823e36fcb556b2d8211e6e70ae34ac9f887c54ae57glibc-common-2.12-1.166.el6_7.7.i686.rpm8d8adaedbf60facec25fd12db65b77a4b6f3e52c46be6bcf2110a6a9df4f7067glibc-devel-2.12-1.166.el6_7.7.i686.rpm0458034ba5664e53a5cc137f57e560703917782b7856e8d08b71e0b8bb142ee7glibc-utils-2.12-1.166.el6_7.7.i686.rpmd939a9a7108c80dff35b56cf635e5a8859293588bc45a6bb54eaeeceed204722glibc-headers-2.12-1.166.el6_7.7.i686.rpm7a559a51cb2b8d1ee02158ac27224680f202fe13c3bf4e134f13abc0cc2ad3e8glibc-2.12-1.166.el6_7.7.i686.rpmc016e9e823937d38c70d2fec46be2fb77950583507f25d24c61207290f3d93c7glibc-static-2.12-1.166.el6_7.7.i686.rpm60f9605ec867ad83c4cf4d106e0214139a089be71f1d80470a9181e901bfae31SLSA-2016:0197-1Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1521, CVE-2016-1522, CVE-2016-1523) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-38.6.1-1.el6_7.i686.rpm08499f74a2ff6f72526f7d5d6fb399cfcd74b6ae8ecb7dd24fb7f9e92b4427b8SLSA-2016:0258-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-1930, CVE-2016-1935) After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-38.6.0-1.el6_7.i686.rpm3ea748ec596f94da1531f88a6ef702df075bac79a07ce02188c7c563328c56b3SLSA-2016:0301-1A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN. (CVE-2016-0800) A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. (CVE-2015-3197) A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing decryption, could use this flaw to recover RSA private keys. (CVE-2016-0702) A double-free flaw was found in the way OpenSSL parsed certain malformed DSA (Digital Signature Algorithm) private keys. An attacker could create specially crafted DSA private keys that, when processed by an application compiled against OpenSSL, could cause the application to crash. (CVE-2016-0705) An integer overflow flaw, leading to a NULL pointer dereference or a heap- based memory corruption, was found in the way some BIGNUM functions of OpenSSL were implemented. Applications that use these functions with large untrusted input could crash or, potentially, execute arbitrary code. (CVE-2016-0797) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.importantScientific Linux FermitrueScientific Linux Fermi 6openssl-perl-1.0.1e-42.el6_7.4.i686.rpmdce30ce24d106af4879db87e999ea13fdcb7af601992b4835815e330cb2d85e7openssl-devel-1.0.1e-42.el6_7.4.i686.rpm68b67d5ed61781084b847adcd653935cd8bfabb3e7caa7fd945a7d04e4bfd09eopenssl-static-1.0.1e-42.el6_7.4.i686.rpme51ef1a0e204ff10d536dd3081e7a05f0ff0e737d4534db78873c79f0bf4ac18openssl-1.0.1e-42.el6_7.4.i686.rpmf3dd6b0fc32dd1fc1075f84be5390ef56abaecbe03a80721e3cb461861fc7c1cSLSA-2016:0347-1An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. (CVE-2016-0773) If the postgresql service is running, it will be automatically restarted after installing this update.importantScientific Linux FermiScientific Linux Fermi 6postgresql-test-8.4.20-5.el6_7.i686.rpmadb0c7e3b5a06cb76f615a70cf51d7817730119aab7527f7e08b085f5d0e2586postgresql-contrib-8.4.20-5.el6_7.i686.rpmceb7be4b92960c7c39cd85a705358a631f974b24a81f95b77034eccea4b3d755postgresql-docs-8.4.20-5.el6_7.i686.rpmc45875f523cc8250658dfc6c603b6a30f7afed08a3dec476c5cb2db4e3b072dbpostgresql-server-8.4.20-5.el6_7.i686.rpm25221c2c5cbafd7526f0ec8b47f984a0da7ac96ade6e57252729894d496c1fabpostgresql-8.4.20-5.el6_7.i686.rpm76b35686f312ec379bd927a46e81499d45bea3ebd8e2536aab64cee18ecf29e1postgresql-plperl-8.4.20-5.el6_7.i686.rpm3a38726d356a03b1d71cfde94d9a4dd7b279ae852bd6f32f86ed88f312371f45postgresql-plpython-8.4.20-5.el6_7.i686.rpm4fc33c2d94e5405f8706848293a132601298df7a4e704fd064b5a12e8dca276dpostgresql-devel-8.4.20-5.el6_7.i686.rpm4bc89d744066c2f740d57ecc84bdf94ec53b52c1a416fd39ac500d7cc56d196epostgresql-pltcl-8.4.20-5.el6_7.i686.rpmd33f71412646c78d160ab73e4ee812ae65b1eec325dc32acfc30abc25b0f2fa1postgresql-libs-8.4.20-5.el6_7.i686.rpmf0cef825696ceeab86b72770a1620f844df466725270f1f48e1211aa27f5c179SLSA-2016:0370-1A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2016-1950) For the update to take effect, all applications linked to the nss and nss- util library must be restarted, or the system rebooted.criticalScientific Linux FermitrueScientific Linux Fermi 6nss-util-devel-3.19.1-5.el6_7.i686.rpm793facf8d76e4c860c54623245460bfaa4ae4b94d1beffb764bf7bab6fa0c80fnss-util-3.19.1-5.el6_7.i686.rpmc5fed11c021179f5a60c7fbcc474ca21391e4119d1efc66efaada27649b18688SLSA-2016:0372-1A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN. (CVE-2016-0800) It was discovered that the SSLv2 servers using OpenSSL accepted SSLv2 connection handshakes that indicated non-zero clear key length for non- export cipher suites. An attacker could use this flaw to decrypt recorded SSLv2 sessions with the server by using it as a decryption oracle.(CVE-2016-0703) It was discovered that the SSLv2 protocol implementation in OpenSSL did not properly implement the Bleichenbacher protection for export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a Bleichenbacher oracle. (CVE-2016-0704) Note: The CVE-2016-0703 and CVE-2016-0704 issues could allow for more efficient exploitation of the CVE-2016-0800 issue via the DROWN attack. A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293) A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. (CVE-2015-3197) For the update to take effect, all services linked to the openssl098e library must be restarted, or the system rebooted.importantScientific Linux FermitrueScientific Linux Fermi 6openssl098e-0.9.8e-20.el6_7.1.i686.rpm9c0bc92f32991f6494aa03cf194dc827c0f48b4d05bbe2b67402b5a987528ea8SLSA-2016:0373-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966) Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 6firefox-38.7.0-1.el6_7.i686.rpm4219a8f74bdb9affde36177d47fe8b5ba65ebd6bb3295bfeed71837799220050SLSA-2016:0428-1A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters. (CVE-2016-0787) After installing these updated packages, all running applications using libssh2 must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6libssh2-1.4.2-2.el6_7.1.i686.rpm8c29d766c6f1cdae10f5262e4614b99d8f6cbb5a9e25dcf49075b57373dc0ea3libssh2-devel-1.4.2-2.el6_7.1.i686.rpm5e884b34406e42eb7cd1483951ec2699a723b93fb4eac7fcf5b13052ef9d0faelibssh2-docs-1.4.2-2.el6_7.1.i686.rpm4b943b7972d231d433c0dcc808c7626eb7dbf575cb5c1510640101d147227ca8SLSA-2016:0448-1A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) After installing this update, the smb service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6samba-winbind-clients-3.6.23-25.el6_7.i686.rpm8d4142a5de060c32f3e0e3194e0a7819a9fe6fade7e45a342769048ed647e6fcsamba-client-3.6.23-25.el6_7.i686.rpm88fc84ccd9228db497cbb722cb14eb99c0b2d255ab3349443f81c239cf7fabaesamba-winbind-3.6.23-25.el6_7.i686.rpm298d6b8ed1ace122516b13762c64f8065baa998817708c8067d1e38665caab14samba-domainjoin-gui-3.6.23-25.el6_7.i686.rpm11ad25d6b077b0dae834e11414cd966ddc59c00e05f6a4c9b329e3be4f8fc68esamba-winbind-devel-3.6.23-25.el6_7.i686.rpmbdf95a1909537ee91992baa0fb13aef0a24b29f3af609f3e440890d3137a5253samba-winbind-krb5-locator-3.6.23-25.el6_7.i686.rpmc5e3e9d6383fc502ad0f53d0e32927386d4ab5bb706b2823e7cf15454a381597libsmbclient-devel-3.6.23-25.el6_7.i686.rpm8c3e0104715acff04c0f69ecea25f068effb7bef1a21e264827181a0ec5e49f3samba-3.6.23-25.el6_7.i686.rpmb973735a8f9f358f8d2c3c2b1d04fa92dd5274af46603618d7aa299ad9c1f389samba-common-3.6.23-25.el6_7.i686.rpmf4053298ea66c3d2f36c86d95d3f06c855ff5fe9d6aa0b76eb8b28cd36fbc6dclibsmbclient-3.6.23-25.el6_7.i686.rpm970f0d0fb5f6c4c54ee91c52ec26ba4f87c64d07749992ad06cd8155d0fb9b3asamba-swat-3.6.23-25.el6_7.i686.rpm525c89fc0a541fb28d133cf882a771c86782256defa4d5e5becc305c11809779samba-doc-3.6.23-25.el6_7.i686.rpm9cf895534b6e74d07e26d38ea47e008806a1bbc3e775e4ce76cc40d02449c05cSLSA-2016:0449-1A flaw was found in the way Samba handled ACLs on symbolic links. An authenticated user could use this flaw to gain access to an arbitrary file or directory by overwriting its ACL. (CVE-2015-7560) After installing this update, the smb service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6samba4-devel-4.0.0-68.el6_7.rc4.i686.rpm6028d92f9d96e306d79c8829315cb3caccfd3f8ed651ecb4096a9d2bb3bfdb6dsamba4-libs-4.0.0-68.el6_7.rc4.i686.rpma8e56be02c9359031c42fb848bdcca2b32ed75d1efd83dbb4e58c90eab2993b7samba4-dc-4.0.0-68.el6_7.rc4.i686.rpm5c347f321f8430f94f3dd1377446bcd9f5f9cc4aecb32d0a93f427bea97d247asamba4-winbind-clients-4.0.0-68.el6_7.rc4.i686.rpm0dda5a77cd88316b4dd4efbd26224228f29355712d7297a2f54d3c847d952673samba4-common-4.0.0-68.el6_7.rc4.i686.rpm7df4395f686a0c7e87d0ad895616c03dbeff4e4256257443170dc1c18d960db7samba4-4.0.0-68.el6_7.rc4.i686.rpmd6c665a0b05dce38022e759293e4cd465b83e0feee20deb1cf042cb7d3c747dbsamba4-dc-libs-4.0.0-68.el6_7.rc4.i686.rpmf739e744c0944cc4a2b53ae92c7a3f2082d231519f48b982e36607f1434201dfsamba4-winbind-4.0.0-68.el6_7.rc4.i686.rpm3eebf74b9bd00bccecbdb30adb5a2e8671cf461a57d8c25222c727359bf84e87samba4-python-4.0.0-68.el6_7.rc4.i686.rpm1f2694d7b60243a447ae8fb52e0949bf47d23b2fe3685230d2dc5aa701127199samba4-swat-4.0.0-68.el6_7.rc4.i686.rpmef4bb23c246bf1f5cc7f42ff3d67955bfe505d07992ff42d792d9d9eb1eb5a60samba4-pidl-4.0.0-68.el6_7.rc4.i686.rpmbb2a0150524e11808ae428420f82709f2c42a07606e553037cf3c4e8ebf53cb1samba4-client-4.0.0-68.el6_7.rc4.i686.rpm7f109282a89b3a8afe97c841add6f63fa20b72c805d1e0b826abdf4c03e55423samba4-test-4.0.0-68.el6_7.rc4.i686.rpm693e7523b73324d8b67253c46b188bcda341be721ac6015dc23e77d4e753c499samba4-winbind-krb5-locator-4.0.0-68.el6_7.rc4.i686.rpmcf4b213a054cacc726e85b3f9e15efdaffb671771b789759ec0bf50abe2fb2dbSLSA-2016:0459-1A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash. (CVE-2016-1286) A denial of service flaw was found in the way BIND processed certain control channel input. A remote attacker able to send a malformed packet to the control channel could use this flaw to cause named to crash. (CVE-2016-1285) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 6bind-devel-9.8.2-0.37.rc1.el6_7.7.i686.rpmd4571732d261920246991286773ff23489ffd7deb4415370ed5f59c1e2c30749bind-9.8.2-0.37.rc1.el6_7.7.i686.rpma4a25719c5faacfc94e488f6faa590334b012e87372f9f03c82930d40b08d26ebind-libs-9.8.2-0.37.rc1.el6_7.7.i686.rpm292432aca91d21d89b4143d563f198513d353b4575d0010fa69e874ae65ead86bind-utils-9.8.2-0.37.rc1.el6_7.7.i686.rpm6461c96bc55b69e3eb224a5d88863b28b16687d5722fb34a1127b7f358e18619bind-sdb-9.8.2-0.37.rc1.el6_7.7.i686.rpmc016b77c2b46824f032435cf206a0885b0f6efe9fdce0f0295746f51c7a32baebind-chroot-9.8.2-0.37.rc1.el6_7.7.i686.rpm7b2424663bf21e41c9aab277b97e18ec90fc681138e2e217d745316cea0f0334SLSA-2016:0460-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966) Multiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802) After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6thunderbird-38.7.0-1.el6_7.i686.rpm32f22d538315c6b0f43280739971374c8f492e32e57a45b0872397c519567de5SLSA-2016:0466-1It was discovered that the OpenSSH server did not sanitize data received in requests to enable X11 forwarding. An authenticated client with restricted SSH access could possibly use this flaw to bypass intended restrictions. (CVE-2016-3115) It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to perform password guessing attacks. (CVE-2015-5600) After installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6openssh-server-5.3p1-114.el6_7.i686.rpmdbe015acd734ab12b6676a94e25b253bd97c872fe886269ef2f627d8e0f847ccpam_ssh_agent_auth-0.9.3-114.el6_7.i686.rpm6173661609bd815ecda5f77e339fac4eb2966db8e0608a551c27829a17442ffaopenssh-clients-5.3p1-114.el6_7.i686.rpm922d417f75af9437ce8e38b7fa265c91e89fd0f78676f53f25c29ca1ebcd33cdopenssh-ldap-5.3p1-114.el6_7.i686.rpm90bac756f900b6a1044e02973f393accfa09af209fa979ad667fa04b6106614bopenssh-askpass-5.3p1-114.el6_7.i686.rpmdb9bfdb02243189ed22480374d6d6e8eb89f758abe1dc2a88fdbfd40c5c1433aopenssh-5.3p1-114.el6_7.i686.rpm252fadf9d817fb2c1e55d9d78a0c8a0f5091188b59025043038955785f82530bSLSA-2016:0491-1It was discovered that the unhtmlify() function of foomatic-rip did not correctly calculate buffer sizes, possibly leading to a heap-based memory corruption. A malicious attacker could exploit this flaw to cause foomatic-rip to crash or, possibly, execute arbitrary code. (CVE-2010-5325) It was discovered that foomatic-rip failed to remove all shell special characters from inputs used to construct command lines for external programs run by the filter. An attacker could possibly use this flaw to execute arbitrary commands. (CVE-2015-8327, CVE-2015-8560)moderateScientific Linux FermiScientific Linux Fermi 6foomatic-4.0.4-5.el6_7.i686.rpmb8720d9c81122f98b936d7f7d660f9adbf3b5f45661a732b7d2a43c9d72ff855SLSA-2016:0492-1It was found that the expression language resolver evaluated expressions within a privileged code section. A malicious web application could use this flaw to bypass security manager protections. (CVE-2014-7810) This update also fixes the following bug: * Previously, using a New I/O (NIO) connector in the Apache Tomcat 6 servlet resulted in a large memory leak. An upstream patch has been applied to fix this bug, and the memory leak no longer occurs. Tomcat must be restarted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6tomcat6-el-2.1-api-6.0.24-94.el6_7.i686.rpm7cff0d6dcdd25e863000ad4aa75445da0d0d3861bef0d4cb0199543a0965eb35tomcat6-jsp-2.1-api-6.0.24-94.el6_7.i686.rpmb60cd7daf90020dd1a35ed433ec89059e3d216a5d346a6a708679bbcfb00cd1ctomcat6-docs-webapp-6.0.24-94.el6_7.i686.rpmb19b2f9a61dd4307b3c3f78bfcaa920cd23d9110c398c72027239626757c959btomcat6-6.0.24-94.el6_7.i686.rpmfe7ad699b928137b1f28ed810114e3a3e87c70ac2ba81a8c493633cc2a3e8b47tomcat6-lib-6.0.24-94.el6_7.i686.rpm95b0a118859bbfc12544ad6156211f9b5b1de6d8c3bb4e475b9930ccd65c07f9tomcat6-servlet-2.5-api-6.0.24-94.el6_7.i686.rpmfdb384bb252b6148bfec7927fe256e33316799382918d8fc861b92ee53047d7btomcat6-admin-webapps-6.0.24-94.el6_7.i686.rpm27c45868f4388f2376dec499e1140f81cebc4770eacf1e0ee4ff526f645e7838tomcat6-javadoc-6.0.24-94.el6_7.i686.rpm15d78d48704383a1d058a042bb5ad0e0f0ef41982a40f26ec178e73485e47efetomcat6-webapps-6.0.24-94.el6_7.i686.rpmc2aeeb52bc853872308bb53191ef86c320992efed6b31e2842edfd4e1857d32eSLSA-2016:0493-1A memory leak flaw was found in the krb5_unparse_name() function of the MIT Kerberos kadmind service. An authenticated attacker could repeatedly send specially crafted requests to the server, which could cause the server to consume large amounts of memory resources, ultimately leading to a denial of service due to memory exhaustion. (CVE-2015-8631) An out-of-bounds read flaw was found in the kadmind service of MIT Kerberos. An authenticated attacker could send a maliciously crafted message to force kadmind to read beyond the end of allocated memory, and write the memory contents to the KDC database if the attacker has write permission, leading to information disclosure. (CVE-2015-8629) After installing the updated packages, running Kerberos services (krb5kdc, kadmin, and kprop) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 6krb5-pkinit-openssl-1.10.3-42z1.el6_7.i686.rpm3052cbe41bb3c8de4fbb1593dc86253e8aaf76a9f52f700249df0b22f06fdd49krb5-libs-1.10.3-42z1.el6_7.i686.rpm0a79c4119d976945609c183d720c1707590f96cca998ee72a593a05c14716876krb5-server-1.10.3-42z1.el6_7.i686.rpmd5d7cbad4c1ae9dfd3cc481aa4e04fd60e01f6fafa2b8663dca4f2c8f0484625krb5-server-ldap-1.10.3-42z1.el6_7.i686.rpmf23768a13145abadf89f357e16beb9825748501759a7d5750b963a588000ff9bkrb5-workstation-1.10.3-42z1.el6_7.i686.rpma0812d99b3ea523ff4fc82325177a0eaecd6fc2c26081bc13fc6bfe23d6bae88krb5-devel-1.10.3-42z1.el6_7.i686.rpmb41cb960faa9b5b45ce2db1aff3e9ccadbd7a2e76be41d3f98831fb9e939b629SLSA-2016:0494-1* It was found that the fix for CVE-2015-1805 incorrectly kept buffer offset and buffer length in sync on a failed atomic read, potentially resulting in a pipe buffer state corruption. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space. (CVE-2016-0774, Moderate) This update also fixes the following bugs: * In the anon_vma structure, the degree counts number of child anon_vmas and of VMAs which points to this anon_vma. Failure to decrement the parent's degree in the unlink_anon_vma() function, when its list was empty, previously triggered a BUG_ON() assertion. The provided patch makes sure the anon_vma degree is always decremented when the VMA list is empty, thus fixing this bug. * When running Internet Protocol Security (IPSEC) on external storage encrypted with LUKS under a substantial load on the system, data corruptions could previously occur. A set of upstream patches has been provided, and data corruption is no longer reported in this situation. * Due to prematurely decremented calc_load_task, the calculated load average was off by up to the number of CPUs in the machine. As a consequence, job scheduling worked improperly causing a drop in the system performance. This update keeps the delta of the CPU going into NO_HZ idle separately, and folds the pending idle delta into the global active count while correctly aging the averages for the idle-duration when leaving NO_HZ mode. Now, job scheduling works correctly, ensuring balanced CPU load. * Due to a regression in the Scientific Linux 6.7 kernel, the cgroup OOM notifier accessed a cgroup-specific internal data structure without a proper locking protection, which led to a kernel panic. This update adjusts the cgroup OOM notifier to lock internal data properly, thus fixing the bug. * GFS2 had a rare timing window that sometimes caused it to reference an uninitialized variable. Consequently, a kernel panic occurred. The code has been changed to reference the correct value during this timing window, and the kernel no longer panics. * Due to a race condition whereby a cache operation could be submitted after a cache object was killed, the kernel occasionally crashed on systems running the cachefilesd service. The provided patch prevents the race condition by adding serialization in the code that makes the object unavailable. As a result, all subsequent operations targetted on the object are rejected and the kernel no longer crashes in this scenario. This update also adds this enhancement: * The lpfc driver has been updated to version 11.0.0.4. The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-573.22.1.el6.noarch.rpm865b4652edb4e25fa20be45f5cd2931beab2991b91e5adb440a568983f7f6266kernel-2.6.32-573.22.1.el6.i686.rpm362070236af91bc29b984752ba34bf2a77a16b61c73491ca29f9ed659e8be9b3perf-2.6.32-573.22.1.el6.i686.rpm3234f9aa5d38924009217a52fae2708ea051d4fca4687ab9eedcdd579dba432dkernel-doc-2.6.32-573.22.1.el6.noarch.rpm11f6b75405495ed2258051d9d11a1ef48d3182d0b46115839cc22882e7648ca5kernel-debug-2.6.32-573.22.1.el6.i686.rpmd8f0c654f497ac62d17c83aa61d3b579bc165f5f6cb85fd73ba3f94f1b3311cakernel-debug-devel-2.6.32-573.22.1.el6.i686.rpm0b0f177ab84cfc545a9b46b7c815e02313213c2fdeddf496456e993f0c4f4810python-perf-2.6.32-573.22.1.el6.i686.rpm4a7208c322d26746d81d7de511625e36bbae8e0cea29f886a76bc7153aa81664kernel-devel-2.6.32-573.22.1.el6.i686.rpm4dcb8a6486654cf52ad3d3cda8d0a6ce3d504053b2d5e3bf76022c55ef7fb3dfkernel-firmware-2.6.32-573.22.1.el6.noarch.rpm1e17f297eece1f9c293dfd02e8dca6cd3485354f8fca675448f550c74ca07d83kernel-headers-2.6.32-573.22.1.el6.i686.rpm69db8e223fc4c91212af07e38568579bcbfb1d6ab524bbc9d5e2a9d3ced34700SLSA-2016:0496-1An integer truncation flaw and an integer overflow flaw, both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a Git client or server to crash or, possibly, execute arbitrary code. (CVE-2016-2315, CVE-2016-2324)importantScientific Linux FermiScientific Linux Fermi 6emacs-git-el-1.7.1-4.el6_7.1.noarch.rpm8b23b40754fbdfb4cebd38e3bd696c5c39f65879814768a3058a3d5711bfee7dgit-svn-1.7.1-4.el6_7.1.noarch.rpm17042bcbc95db1ab43c93fd042ab5ecdd2f0450984b9eb73417ff725dfcf7688git-email-1.7.1-4.el6_7.1.noarch.rpm25fad0978331fb1899505014ac031cda2425574887c13affd7b8c0e7b318cac9git-all-1.7.1-4.el6_7.1.noarch.rpmf68b08935aa1c391cdb17597fd11199471383bdf6ad2b9ae96f3589529a62050git-1.7.1-4.el6_7.1.i686.rpm135e78e3fe16cd7b203062014ee5d20aeaff0474f4937001d367d35963515a04perl-Git-1.7.1-4.el6_7.1.noarch.rpme113b089c2aa87ebd601dd69d61f6fe3b084d02588254beb6eb4f852fd31b6d3gitweb-1.7.1-4.el6_7.1.noarch.rpm697bd280ecfa7752d0b91b5f675a90762b605be45cdc18c56e7b7fdad9917417git-daemon-1.7.1-4.el6_7.1.i686.rpm38213e378697facd629891357a1120fe5608d8413d4997803568aefec95f2d21git-cvs-1.7.1-4.el6_7.1.noarch.rpmb535e8e8cfc94767a1311b87255ec69137bb773e581af25ae2b5cf985ea75b6cgit-gui-1.7.1-4.el6_7.1.noarch.rpm9d1dc58b40b9f1f15376cf5f3a2c6365d14ce32c4ef15d247c982dc8ea42c203gitk-1.7.1-4.el6_7.1.noarch.rpm7b1a4abfb2e2582d9247b50d49bf21d84f534beb138c2c6d01acfe975eabfe97emacs-git-1.7.1-4.el6_7.1.noarch.rpm98189c49bd2e933e3c283a488d54982fc5d600538539434c073c2af64c4f8e1bSLSA-2016:0511-1Security Fix(es): * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636)criticalScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-javadoc-1.7.0.99-2.6.5.0.el6_7.noarch.rpm795f8fbd634d99376e14a78b88d9300dc906e9cd531dafd8125e8dcc0b852985java-1.7.0-openjdk-src-1.7.0.99-2.6.5.0.el6_7.i686.rpm08606567b454f70a9559344d06d6a37d0d6c0e8403d2380f73185727d4cb34cbjava-1.7.0-openjdk-devel-1.7.0.99-2.6.5.0.el6_7.i686.rpm65508e6168e1a3e775746a3f40e8d65dfb90cf78b6449e765fd66026138c780bjava-1.7.0-openjdk-demo-1.7.0.99-2.6.5.0.el6_7.i686.rpmd1fe5a436347ed12476d85faad8551d1d5dbc03260c5c1720fed7bf0102e6ebcjava-1.7.0-openjdk-1.7.0.99-2.6.5.0.el6_7.i686.rpm312ad54a46a8ff979af4a857688aba74555dae60442f293a9dfcecfc8183a71cSLSA-2016:0514-1Security Fix(es): * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636)importantScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-javadoc-1.8.0.77-0.b03.el6_7.noarch.rpmf468cc9cacca99a7a825a4c1b4feab7e7b140ced4370ea5ece4142b05bea9dc1java-1.8.0-openjdk-devel-1.8.0.77-0.b03.el6_7.i686.rpmbb0fb6b65e86a8eea733ef54cecf14a3b8258d3939506dc97c5433a9103ff14bjava-1.8.0-openjdk-headless-1.8.0.77-0.b03.el6_7.i686.rpm5dce416fabaa5f4913f854792acc46623bbe6b2103d7f55885e83dbc6cc2fe88java-1.8.0-openjdk-src-debug-1.8.0.77-0.b03.el6_7.i686.rpm3159662ab21cf56a83aa95ded36947b6d889ee986bb7fa9210f8deb9ea1e1ecejava-1.8.0-openjdk-demo-debug-1.8.0.77-0.b03.el6_7.i686.rpmf6f9c0ce8fa07f126006f28d0d6f943ef439de05984975e7f50e5d78e20f412ajava-1.8.0-openjdk-devel-debug-1.8.0.77-0.b03.el6_7.i686.rpm7a6c93b59b8ebc652a2990f1c2817a84dbd88977c087e430e7f31629a1b3b186java-1.8.0-openjdk-src-1.8.0.77-0.b03.el6_7.i686.rpm03754eaa3e8a92da868b05401e66b7676af065bd55f3fb354dbba6c549581e86java-1.8.0-openjdk-1.8.0.77-0.b03.el6_7.i686.rpmd9963026966d0207d8252da3ba9453de29d828805a0889717011c717b2136388java-1.8.0-openjdk-headless-debug-1.8.0.77-0.b03.el6_7.i686.rpm0b7a67b397ff308b95f0e6a55f6dc8dd3d616e0c7afc6f3f37dfb7fa20dc33adjava-1.8.0-openjdk-debug-1.8.0.77-0.b03.el6_7.i686.rpm9b39db177250c282e1af0f0ad0da7eb6584d5913d2db620dc30621980c344c1djava-1.8.0-openjdk-demo-1.8.0.77-0.b03.el6_7.i686.rpm2fa349f60d55d837855df76e2690b0fe130a66e6a54d013f4d6ed29576306d16java-1.8.0-openjdk-javadoc-debug-1.8.0.77-0.b03.el6_7.noarch.rpm93dfd2c18654529bf93f8d71f8ce8e24e75c7a507bb5142a42d5366d582d3e5cSLSA-2016:0591-1The following packages have been upgraded to a newer upstream version: nss 3.21.0, nss-util 3.21.0, nspr 4.11.0. Security Fix(es): * A use-after-free flaw was found in the way NSS handled DHE (Diffie- Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application. (CVE-2016-1978) * A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause that application to crash, or execute arbitrary code using the permissions of the user running the application. (CVE-2016-1979)moderateScientific Linux FermiScientific Linux Fermi 6nss-pkcs11-devel-3.21.0-0.3.el6_7.i686.rpm57618524405d87c19d15b907331ebaf74de51d525730566c54419617bb072b8anss-util-devel-3.21.0-0.3.el6_7.i686.rpm3bf24da8b8b4a7efe874d61a53021f5f875a6e5f9c033ce6af8835cc6a8d7681nss-tools-3.21.0-0.3.el6_7.i686.rpm682205f12b18f8161c89939babaaa50040f6002a1d832edcc307688f03437cf8nss-devel-3.21.0-0.3.el6_7.i686.rpmbeffbcee5247aeacf7ef0761c0d19f58217ff23da12d69cc70b31762edb3d510nss-sysinit-3.21.0-0.3.el6_7.i686.rpma70dee66793b4024d7471f4f7d9dd1294af362b49d40da0720dff85cc83c05aenspr-devel-4.11.0-0.1.el6_7.i686.rpmc2ed3824cffca55fe9a287df48581493e1ad8fc3d446a8811f0ce1babac6fd8bnss-3.21.0-0.3.el6_7.i686.rpm6aefdc0d3469fa501a3626ec0c6af17192bc3d49335710c469d366829cb83e96nss-util-3.21.0-0.3.el6_7.i686.rpma8ecb9184a2e23d5ceaa5d5645f27103dd3a2f394b5e0b7709223f4507e03bf0nspr-4.11.0-0.1.el6_7.i686.rpmc5e676aa70286dc249c9056c7b89c291b3a2e425893b43c10ce1085677231bf6SLSA-2016:0611-1Security Fix(es): * Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server (high CPU load or a crash) or, possibly, execute arbitrary code with the permissions of the user running Samba (root). This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory (AD) object and compromising the security of a Samba Active Directory Domain Controller (DC). (CVE-2015-5370) Note: While Samba packages as shipped in Scientific Linux do not support running Samba as an AD DC, this flaw applies to all roles Samba implements. * A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database. (CVE-2016-2118) * It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine. (CVE-2016-2111) * It was found that Samba's LDAP implementation did not enforce integrity protection for LDAP connections. A man-in-the-middle attacker could use this flaw to downgrade LDAP connections to use no integrity protection, allowing them to hijack such connections. (CVE-2016-2112) * It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client. (CVE-2016-2115)criticalScientific Linux FermiScientific Linux Fermi 6samba-domainjoin-gui-3.6.23-30.el6_7.i686.rpmfdb30246e5cc455eb0f3dd68125f3086f43c2a974101db349ee0c5cbefc17ba1samba-client-3.6.23-30.el6_7.i686.rpm1ac68e0fba505ce71f5320965662f4a0b7d78b7a492d12afdea0e34b5c7ab7d5libsmbclient-3.6.23-30.el6_7.i686.rpmbbaa32e640e6d08a2adf14bb4b3e819f42eeb67c34223c5a5b8916147d43958fsamba-winbind-devel-3.6.23-30.el6_7.i686.rpmbd454c4f0665b22ca96d25fffbb430723047b5bf9939b956c28f2bd4aa0849f9samba-winbind-clients-3.6.23-30.el6_7.i686.rpmc82f4d7ce431407409c57456d6aa1e63479d39ae8847de0ce93787267f31541csamba-winbind-krb5-locator-3.6.23-30.el6_7.i686.rpmf94cb2710263862570ee876756a51bbd18906bbbfae17b50b9135a9f7f511a5dsamba-swat-3.6.23-30.el6_7.i686.rpm67e9f038dcfb22dc27ecea8be50711476aa73fcc02a73f89a47109287a2f3f2asamba-3.6.23-30.el6_7.i686.rpm4df69b702f2c8ba215339fff4e1fd5217a7c57cfc9cef562e82fd59a0eeb9c4blibsmbclient-devel-3.6.23-30.el6_7.i686.rpm63ca85fa5693210f4a9c178cf6b3f8b4dd6a6a1b6ecad36edfc71412edab4d17samba-common-3.6.23-30.el6_7.i686.rpmcbce38f57e98d41d502583daddba671949dd48955125589f03b4d11bc1e09fbdsamba-winbind-3.6.23-30.el6_7.i686.rpmcff3d9aa81c6030df34c83fd6f283958662fb96df4d5a294b4d3f2ccc1822a32samba-doc-3.6.23-30.el6_7.i686.rpm494eb9bf37cad27d4e1a9c5b2617c9c96cd1c2390d7848c04c486c9defff40afSLSA-2016:0612-1Security Fix(es): * Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server (high CPU load or a crash) or, possibly, execute arbitrary code with the permissions of the user running Samba (root). This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory (AD) object and compromising the security of a Samba Active Directory Domain Controller (DC). (CVE-2015-5370) Note: While Samba packages as shipped in Scientific Linux do not support running Samba as an AD DC, this flaw applies to all roles Samba implements. * A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database. (CVE-2016-2118) * Several flaws were found in Samba's implementation of NTLMSSP authentication. An unauthenticated, man-in-the-middle attacker could use this flaw to clear the encryption and integrity flags of a connection, causing data to be transmitted in plain text. The attacker could also force the client or server into sending data in plain text even if encryption was explicitly requested for that connection. (CVE-2016-2110) * It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine. (CVE-2016-2111) * It was found that Samba's LDAP implementation did not enforce integrity protection for LDAP connections. A man-in-the-middle attacker could use this flaw to downgrade LDAP connections to use no integrity protection, allowing them to hijack such connections. (CVE-2016-2112) * It was found that Samba did not validate SSL/TLS certificates in certain connections. A man-in-the-middle attacker could use this flaw to spoof a Samba server using a specially crafted SSL/TLS certificate. (CVE-2016-2113) * It was discovered that Samba did not enforce Server Message Block (SMB) signing for clients using the SMB1 protocol. A man-in-the-middle attacker could use this flaw to modify traffic between a client and a server. (CVE-2016-2114) * It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client. (CVE-2016-2115)criticalScientific Linux FermiScientific Linux Fermi 6libtdb-1.3.8-1.el6_7.i686.rpmd3f3209d31befdbc8923db13e156c505abc197836303c1215bab65afb009ef80samba4-pidl-4.2.10-6.el6_7.i686.rpm6ebcd1fd5ce8930ee48bbb30f7451c1e72a4899a3e13626749ad2e1a661a039cpytalloc-2.1.5-1.el6_7.i686.rpm359be533d578e3b6fbc83a8cb1075635738f699b55deb44e11704dedbe6ad62elibtalloc-2.1.5-1.el6_7.i686.rpm5d3212cddad3aa31a6735f512b034e19949e994e50749b78e5b2532efba1073epyldb-1.1.25-2.el6_7.i686.rpm9a366d2cc008382846158377382bbdfa6c292266a6adc1dcf580286142c31186ipa-client-3.0.0-47.el6_7.2.i686.rpm0c188fee921240bb89c0b727fd6aedd51461d2f66a29c7be6750762032123819python-tevent-0.9.26-2.el6_7.i686.rpmf02a98487a64e5e17d098150c1a33e7e0b4e8963a8b802ba5fc1a6e2f0a58b61ipa-server-3.0.0-47.el6_7.2.i686.rpm5923491cc843c3155c0cc3b5dc37f59cdd8d91ccf0d75e9d1f7a18d7b4a57924ipa-server-selinux-3.0.0-47.el6_7.2.i686.rpm8eb1286adeb82393f62e0f511b05fd50cdf42e71f0043007a729a569d7f91315libtalloc-devel-2.1.5-1.el6_7.i686.rpmc26bdc47dd05cd5c48118f6d3d2d8720c8081a6d8faabca35ba6e10acf00123bpytalloc-devel-2.1.5-1.el6_7.i686.rpm52ec583935488141c79bd57e9f678251e3bd0f0e42bc6f9b401ace0c737854celibldb-1.1.25-2.el6_7.i686.rpm00ffad3e228a5e9e337716ffef80468b03db443c6830e152f694317de66905b1samba4-devel-4.2.10-6.el6_7.i686.rpm915252dafc74e9088130272ddeff0b70386b39c68594c0a88819f50dcf868b6alibtdb-devel-1.3.8-1.el6_7.i686.rpm05ca599ced4a6106bf22f25ae7dfd219e7d7e1d8b4442aba8e050d3900481896openchange-client-1.0-7.el6_7.i686.rpme3ed4d21d3ad67c6ac09970e7a8674ff9128e0437035776fd20d46e8a39835c0samba4-4.2.10-6.el6_7.i686.rpma66896b0a4e8deb48dc0e717c70f307c629c0c60f1ab0df7d8b375c8ddc6e790samba4-client-4.2.10-6.el6_7.i686.rpm030284a71ae7785902201216c6ee40775508a47a6f304078f3c85e51f2d3aa52libtevent-devel-0.9.26-2.el6_7.i686.rpmcba1255522f5bda8d567f1bf1a4fa6c62246b4d541a800a0abacd48d3db29f98samba4-winbind-clients-4.2.10-6.el6_7.i686.rpm7a78acc059270cf7a05c90e92d5d7889f5ad59879ed8c55216dfd318f6466f63pyldb-devel-1.1.25-2.el6_7.i686.rpmf68c63fa099a11ed77344ecaae2b34017bc47e75b959696f8c10e9bcb092e287openchange-1.0-7.el6_7.i686.rpm7e714183646097b515918e96f80b6f94e193a1f8c21e9aec7e15f6190f623050samba4-common-4.2.10-6.el6_7.i686.rpm8572a556238388fa201a5c97ca3ddc3c03d12801c8c138d61c2cd1e918163f64samba4-libs-4.2.10-6.el6_7.i686.rpm1e6f4d4952a0553b4a5282cffd20607340fc8c83ad73b92e9ae9af27b804d0bepython-tdb-1.3.8-1.el6_7.i686.rpm76d7fd7f131de6c49e52d1e1939f7c85181fd59f72092c3aebd336748060755eldb-tools-1.1.25-2.el6_7.i686.rpm028731e08e6de2e51279a0e588aa6ad07137a15d0ca4be3de44c45e31d725e3dipa-server-trust-ad-3.0.0-47.el6_7.2.i686.rpmef94d7ea68dfa26279085701b59be96be9338b87a1a02e470de47ec7437ce5a2ipa-admintools-3.0.0-47.el6_7.2.i686.rpm18568d20ec932c59d6a8629f9ca322a270e3ced5fbe4e85659a8395570ba418eipa-python-3.0.0-47.el6_7.2.i686.rpm079e3e3a442b318bc84ca834563e888a20605c5477464862b3d6d72056ca6fdbsamba4-dc-libs-4.2.10-6.el6_7.i686.rpm0bfbaf1ba888e9b138ef5120dac972df14d3bd03f6b8d007233605bfdcb129a8libtevent-0.9.26-2.el6_7.i686.rpm65931d5cbc43af912199617d27f35883b09105ac2826f3f0b12fb3e86e62bb42samba4-test-4.2.10-6.el6_7.i686.rpmbf223469df379bb85acfe2282dfe1155367ea8727c242126c53527f056929d59samba4-winbind-4.2.10-6.el6_7.i686.rpm1d2eaf547949768afd1d362d0776fe102536af430951246f04235a5ca8f91072samba4-dc-4.2.10-6.el6_7.i686.rpmc4264ed93284e6e629ee5fb477b1d549b0fab4fb14e22d805b78d62e8ec8ed78tdb-tools-1.3.8-1.el6_7.i686.rpmccf137656fc98ca7bec0b5cd9bab9aac3ade520ffc7989a8d7d7c89f7d92d18clibldb-devel-1.1.25-2.el6_7.i686.rpme84bb62900bc3005a44fa30ffc8f830529fcd156ef7b461091fddd46a541e052samba4-python-4.2.10-6.el6_7.i686.rpmd8235a914e87eda62e9e69f7a4e612b7a66febe82088f0206a8d1ee427dc8e6bsamba4-winbind-krb5-locator-4.2.10-6.el6_7.i686.rpm0e5a8daf0a66de48ced2fbab95525ffbb48c3c47523539a9fad5d72386a8ec4bopenchange-devel-docs-1.0-7.el6_7.i686.rpmbc0e427075a2785a79143a065506e5e9b4e51fbca6b8c146ad7e432a46968927openchange-devel-1.0-7.el6_7.i686.rpm00dc6661e9bcea85f34e4c8d57c81bd08bc5669a3884763dddc2f8c5f0867053SLSA-2016:0651-1Security Fix(es): * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the GCM (Galois/Counter Mode) implementation in the JCE component in OpenJDK used a non-constant time comparison when comparing GCM authentication tags. A remote attacker could possibly use this flaw to determine the value of the authentication tag. (CVE-2016-3426) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)criticalScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-devel-debug-1.8.0.91-0.b14.el6_7.i686.rpma1db30a9fd902ae54a69f64bd3f026e65db998dcd52b2545c0f705c8b2de4140java-1.8.0-openjdk-headless-1.8.0.91-0.b14.el6_7.i686.rpm1ba12c69b72e2490fb412134742bd480d170e9165460cbe657516e47432b06e4java-1.8.0-openjdk-devel-1.8.0.91-0.b14.el6_7.i686.rpm3538baab837e79bb7ff79fbdbf4e12e66b2994ae527bbaa1749174e376a283fbjava-1.8.0-openjdk-demo-debug-1.8.0.91-0.b14.el6_7.i686.rpmb8ef384508f1f7d19012b5afb3325ee3da73f77f84822f9ff6b280a04be23e96java-1.8.0-openjdk-javadoc-1.8.0.91-0.b14.el6_7.noarch.rpm2c6875600a769ad90121dcf95de82c89430a398f1e08a44585d3632f53e503abjava-1.8.0-openjdk-debug-1.8.0.91-0.b14.el6_7.i686.rpmfcb421528e09d3ad5aba2f1d0bbe061fa33c93e725a509c968eeaebe2d6b7fa8java-1.8.0-openjdk-headless-debug-1.8.0.91-0.b14.el6_7.i686.rpmd2bbc16f831b4937dad4f0081a5ea6dbdb9dfff26b14798cd0ebf2b102fa5179java-1.8.0-openjdk-javadoc-debug-1.8.0.91-0.b14.el6_7.noarch.rpm6256f012e24451b0d27969518191fe170f8b7c291ab9c72b22d37f3b3f484024java-1.8.0-openjdk-demo-1.8.0.91-0.b14.el6_7.i686.rpm605ab4dc9be36bf4a055c0cd257684ac5d34b8235a201f8d910208485ff56384java-1.8.0-openjdk-1.8.0.91-0.b14.el6_7.i686.rpmbf18a00debdf7b779f23a902ea59f4f9faf7dff5b546a223aa2a84141c1a4fc2java-1.8.0-openjdk-src-debug-1.8.0.91-0.b14.el6_7.i686.rpm43d20e77386c0a6570cf3ebec6dcff1fff9f280938c238ea253a7e427bb0a846java-1.8.0-openjdk-src-1.8.0.91-0.b14.el6_7.i686.rpmb60839944d7f7c6fb24caeecf201b27f6c626a47b1b517100dadd8090ac1d1c7SLSA-2016:0675-1Security Fix(es): * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.criticalScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-1.7.0.101-2.6.6.1.el6_7.i686.rpmfe9408db1c397f5a633cb93528f24b3cadeead82c4b6d5aaa8106e674971b30djava-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el6_7.i686.rpma417074a66e3fd1cb7ae3c4bce5362205f37fa3f7e311fcb8357f13b5069e351java-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el6_7.i686.rpmc33059dac2b0fe01872e963d66e465181a82b8add7756683925d7572471e1a13java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el6_7.i686.rpm2d99792cbb58e064e94fe1cbf0103ca69ba916c5adef500e5d4064eaaa2c63b3java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el6_7.noarch.rpm3030c2513883d0cd33a7362b2acd90698987e4f1e3bd4ee604dad51ea97f0bd5SLSA-2016:0695-1This update upgrades Firefox to version 45.1.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-2805, CVE-2016-2806, CVE-2016-2807, CVE-2016-2808, CVE-2016-2814)criticalScientific Linux FermiScientific Linux Fermi 6firefox-45.1.0-1.el6_7.i686.rpmf8d450d7c4917ad6cbcb888e8e6f2fa18f84ebcf30bb4960a04453daa34abe39SLSA-2016:0715-1Security Fix(es): * A flaw was found in the way the Linux kernel handled IRET faults during the processing of NMIs. An unprivileged, local user could use this flaw to crash the system or, potentially (although highly unlikely), escalate their privileges on the system. (CVE-2015-5157, Moderate) * A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service. (CVE-2015-8767, Moderate) Bug Fix(es): * When the nvme driver held the queue lock for too long, for example during DMA mapping, a lockup occurred leading to nvme hard-lockup panic. This update fixes the underlying source code, and nvme now works as expected. * Due to a regression, a Unix domain datagram socket could come to a deadlock when sending a datagram to itself. The provided patch adds another "sk" check to the unix_dgram_sendmsg() function, and the aforementioned deadlock no longer occurs. * Previously, writing a large file using direct I/O in 16 MB chunks sometimes caused a pathological allocation pattern where 16 MB chunks of large free extent were allocated to a file in reversed order. The provided patch avoids the backward allocation, and writing a large file using direct I/O now proceeds successfully. * MD RAID1 devices that repeatedly became hot removed and re-added could become mismatched due to a race condition. This caused them to return stale data, leading to data corruption. The provided set of patches fixes this bug, and hot removals and re-additions of md devices now work as expected. * A couple of previous fixes caused a deadlock on the "rq" lock leading to a kernel panic on CPU 0. The provided set of patches reverts the relevant commits, thus preventing the panic from occurring. Enhancement(s): * VLAN support has been updated to integrate some of the latest upstream features. This update also makes sure that Null pointer crashes related to VLAN support in bonding mode no longer occur and that tag stripping and insertion work as expected. * This update adds additional model numbers for Broadwell to perf.moderateScientific Linux FermiScientific Linux Fermi 6kernel-firmware-2.6.32-573.26.1.el6.noarch.rpm22ed88a9528d6619ff427e44025f54f3cefa607286ea0f30046d0f78c094f2e8kernel-debug-devel-2.6.32-573.26.1.el6.i686.rpmc4c5c9f3f2453e04c135bd5cbc4c20edf774cbaf9e652b3eba30881f3a9c5954kernel-2.6.32-573.26.1.el6.i686.rpm56c23c736d472d2702abacd3288f52c6b28af739a71475e7db27ae5c52aa6a26kernel-headers-2.6.32-573.26.1.el6.i686.rpmd88c6b926edfe1ca4db9db1800b6c89625f8789d381663ae220fd2c8d1df3d48perf-2.6.32-573.26.1.el6.i686.rpma0f647c7a86637f61eaa8fc7b90cc062786c3a9bf86980a5516663bab89735edkernel-abi-whitelists-2.6.32-573.26.1.el6.noarch.rpm266f276fd52e800e319b724bf54bd08100f060c3c7ed5bd5400512ed791ed487python-perf-2.6.32-573.26.1.el6.i686.rpmc1703bbf6d2e6769a71315edb9d6eb26b7f7f93f9d2acc59c47658cc861d02b2kernel-devel-2.6.32-573.26.1.el6.i686.rpm59b3c50fa9795171ac34f81a8758829caffb23b3d8a9765ce8b3ed1d9e900db1kernel-doc-2.6.32-573.26.1.el6.noarch.rpmeb7c9b79a5e3331173609b64e8bea7d405f1496af6fde30bc6eca2452de3b13fkernel-debug-2.6.32-573.26.1.el6.i686.rpm8ebef6d9e7984617a0868046fe06c8ad528c431f014357ca5d79a983f7b1d719SLSA-2016:0723-1Security Fix(es): * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)criticalScientific Linux FermiScientific Linux Fermi 6java-1.6.0-openjdk-src-1.6.0.39-1.13.11.0.el6_7.i686.rpm1847acff60f2c2d82260d9b94415f446b2ce849d0bbb619fc090bd4e004a05c4java-1.6.0-openjdk-devel-1.6.0.39-1.13.11.0.el6_7.i686.rpm6ba3c203f6c859edd7371b4666ccb36d49a643263137eef99e015218af132115java-1.6.0-openjdk-javadoc-1.6.0.39-1.13.11.0.el6_7.i686.rpm7a92bfa1cecd0ff8ea10dea8556e3f39a5c301ef765487adc024d8802225e238java-1.6.0-openjdk-demo-1.6.0.39-1.13.11.0.el6_7.i686.rpm8135fd8809b84dfcdfe5b17fc3412f3728c5f337f99e074b991d1ecbae3dc2c2java-1.6.0-openjdk-1.6.0.39-1.13.11.0.el6_7.i686.rpm35a00b208d979a9d47fa97111943c4b385916ef450386ed1480257354e25fec3SLSA-2016:0726-1Security Fix(es): * It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. (CVE-2016-3714) * It was discovered that certain ImageMagick coders and pseudo-protocols did not properly prevent security sensitive operations when processing specially crafted images. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would allow the attacker to delete, move, or disclose the contents of arbitrary files. (CVE-2016-3715, CVE-2016-3716, CVE-2016-3717) * A server-side request forgery flaw was discovered in the way ImageMagick processed certain images. A remote attacker could exploit this flaw to mislead an application using ImageMagick or an unsuspecting user using the ImageMagick utilities into, for example, performing HTTP(S) requests or opening FTP sessions via specially crafted images. (CVE-2016-3718) Note: This update contains an updated /etc/ImageMagick/policy.xml file that disables the EPHEMERAL, HTTPS, HTTP, URL, FTP, MVG, MSL, TEXT, and LABEL coders. If you experience any problems after the update, it may be necessary to manually adjust the policy.xml file to match your requirements. Please take additional precautions to ensure that your applications using the ImageMagick library do not process malicious or untrusted files before doing so.importantScientific Linux FermiScientific Linux Fermi 6ImageMagick-perl-6.7.2.7-4.el6_7.i686.rpm422b3b43619a0d11e175a480afa100bea9fd3c2531bec3b64f8f970092dbbfb7ImageMagick-c++-6.7.2.7-4.el6_7.i686.rpm5af428c3dbe877f96d348356eb7c4ff10bb65aa13abaf5797edf863a405c7756ImageMagick-doc-6.7.2.7-4.el6_7.i686.rpme9de80e78320f159951cb7edd20e56ac040a2feb97637a4062ef3506b672eb5bImageMagick-devel-6.7.2.7-4.el6_7.i686.rpm5ffaff95316b02fcef2214d164fc7800f44c515cf0d29905bd971fe842d59889ImageMagick-c++-devel-6.7.2.7-4.el6_7.i686.rpmd13129b1fc0687793a7ac0a9fcb8925ff02c0194f5e37eccfc0f67d723fb4e66ImageMagick-6.7.2.7-4.el6_7.i686.rpm792065677c547d92342932a5d6bc21902aca5e889370871e7e410c7fd1ad99dcSLSA-2016:0741-1Security Fix(es): * It was found that the OpenSSH client did not properly enforce the ForwardX11Timeout setting. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested. (CVE-2015-5352) * A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process using a different flaw could use this flaw to authenticate as other users. (CVE-2015-6563) * A use-after-free flaw was found in OpenSSH. An attacker able to fully compromise a non-privileged pre-authentication process using a different flaw could possibly cause sshd to crash or execute arbitrary code with root privileges. (CVE-2015-6564) * An access flaw was discovered in OpenSSH; the OpenSSH client did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested. (CVE-2016-1908)moderateScientific Linux FermiScientific Linux Fermi 6openssh-debuginfo-5.3p1-117.el6.i686.rpme2af5a22184e466792e447928a90972bdaeee86dbafd9c50417d33b9e9403c47openssh-server-5.3p1-117.el6.i686.rpm2941c7191149632947825d6936211c810157ff5a62f34a37c53b5722f06069f0openssh-5.3p1-117.el6.src.rpm0b2eb90d41525d4e7b44aaa49274e699d32d8a210f033a8f9aa2163d2e1ef620openssh-clients-5.3p1-117.el6.i686.rpme46d1873127f9725abf4457ad0de08af1e5ea8be601f8659a81cfd8d1d91e1b5pam_ssh_agent_auth-0.9.3-117.el6.i686.rpm76529803eb6646bd794efee2a39f73f4024fa3d1e41c1d6f54c79bc2b054fe7bopenssh-ldap-5.3p1-117.el6.i686.rpm04a18740375d53a49101ffdf10a04d6fbf3f3a9c9957b607136d44ffa30c599fopenssh-askpass-5.3p1-117.el6.i686.rpm7e6ea41127be8d134a547215fad58f75b23eca3658885f13736f65035b297708openssh-5.3p1-117.el6.i686.rpma0083697225a9e83aa246e142097e6d2e4115a08ef6b37fee03d8c99592ceb24SLSA-2016:0760-1Security Fix(es): * Multiple flaws were found in the file regular expression rules for detecting various files. A remote attacker could use these flaws to cause file to consume an excessive amount of CPU. (CVE-2014-3538) * A denial of service flaw was found in the way file parsed certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash file via a specially crafted CDF file. (CVE-2014-3587) * Multiple flaws were found in the way file parsed Executable and Linkable Format (ELF) files. A remote attacker could use these flaws to cause file to crash, disclose portions of its memory, or consume an excessive amount of system resources. (CVE-2014-3710, CVE-2014-8116, CVE-2014-8117, CVE-2014-9620, CVE-2014-9653)moderateScientific Linux FermiScientific Linux Fermi 6file-5.04-30.el6.i686.rpm9f372a788a1bf03b7755d98c83f82834a44537b726a61b15436b4957f360ae06file-static-5.04-30.el6.i686.rpm9ce564bc11105bf8a14289b9b1841b7fdee4e9181e69636146810e4b9e12c66afile-devel-5.04-30.el6.i686.rpm8d7e30adc6b50822c0dee87f14204d2b7593457c076a506fe61db4259cb80c93python-magic-5.04-30.el6.i686.rpm9af524de00ae806ec39842b46cf51eda7c33c39ed743b8dd433440e080adf144file-libs-5.04-30.el6.i686.rpma7a4c50e8cdeed5f18678fa8bba77aabb2c61228a220de13b45e10422866f8d3SLSA-2016:0778-1The following packages have been upgraded to a newer upstream version: icedtea-web (1.6.2). Security Fix(es): * It was discovered that IcedTea-Web did not properly sanitize applet URLs when storing applet trust settings. A malicious web page could use this flaw to inject trust-settings configuration, and cause applets to be executed without user approval. (CVE-2015-5234) * It was discovered that IcedTea-Web did not properly determine an applet's origin when asking the user if the applet should be run. A malicious page could use this flaw to cause IcedTea-Web to execute the applet without user approval, or confuse the user into approving applet execution based on an incorrectly indicated applet origin. (CVE-2015-5235)moderateScientific Linux FermiScientific Linux Fermi 6icedtea-web-javadoc-1.6.2-1.el6.noarch.rpm11a8bea0827180653c4f4106665513d8f2a44e4ee700dfd1ea2cab75acbdde10icedtea-web-1.6.2-1.el6.i686.rpm4e88bafd655f85b74fa390594244b1041e549d56f3a149651faed5ad4b25e803SLSA-2016:0780-1Security Fix(es): * It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a specially crafted NTP packet to crash ntpd. (CVE-2015-7691, CVE-2015-7692, CVE-2015-7702) * A memory leak flaw was found in ntpd's CRYPTO_ASSOC. If ntpd was configured to use autokey authentication, an attacker could send packets to ntpd that would, after several days of ongoing attack, cause it to run out of memory. (CVE-2015-7701) * An off-by-one flaw, leading to a buffer overflow, was found in cookedprint functionality of ntpq. A specially crafted NTP packet could potentially cause ntpq to crash. (CVE-2015-7852) * A NULL pointer dereference flaw was found in the way ntpd processed 'ntpdc reslist' commands that queried restriction lists with a large amount of entries. A remote attacker could potentially use this flaw to crash ntpd. (CVE-2015-7977) * A stack-based buffer overflow flaw was found in the way ntpd processed 'ntpdc reslist' commands that queried restriction lists with a large amount of entries. A remote attacker could use this flaw to crash ntpd. (CVE-2015-7978) * It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands. (CVE-2015-5194) * It was found that ntpd would exit with a segmentation fault when a statistics type that was not enabled during compilation (e.g. timingstats) was referenced by the statistics or filegen configuration command. (CVE-2015-5195) * It was discovered that the sntp utility could become unresponsive due to being caught in an infinite loop when processing a crafted NTP packet. (CVE-2015-5219) * It was found that NTP's :config command could be used to set the pidfile and driftfile paths without any restrictions. A remote attacker could use this flaw to overwrite a file on the file system with a file containing the pid of the ntpd process (immediately) or the current estimated drift of the system clock (in hourly intervals). (CVE-2015-7703) The CVE-2015-5219 and CVE-2015-7703 issues were discovered by Miroslav Lichvr (Red Hat).moderateScientific Linux FermiScientific Linux Fermi 6ntpdate-4.2.6p5-10.el6.i686.rpma5aae7233ef7446a83e771ba753eaa133f8feab262b441ceba7246cbcea65efdntp-doc-4.2.6p5-10.el6.noarch.rpm9e8ab0e77ea5db65ea8080dec8cb5c85d04987e5efe39975d1e52b89b1bf41e9ntp-4.2.6p5-10.el6.i686.rpmbd25b4ba38c07bc89dc1e3d803c032f86240cae9c66aaff1a5414733caf36a3bntp-perl-4.2.6p5-10.el6.i686.rpmde8236d517aa163d83c7e7d07c4ef7ff9bf1ad93347a19520ece8ee1097f00efSLSA-2016:0855-1Security Fix(es): * It was found that reporting emulation failures to user space could lead to either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of service. In the case of a local denial of service, an attacker must have access to the MMIO area or be able to access an I/O port. Please note that on certain systems, HPET is mapped to userspace as part of vdso (vvar) and thus an unprivileged user may generate MMIO transactions (and enter the emulator) this way. (CVE-2010-5313, CVE-2014-7842, Moderate) * It was found that the Linux kernel did not properly account file descriptors passed over the unix socket against the process limit. A local user could use this flaw to exhaust all available memory on the system. (CVE-2013-4312, Moderate) * A buffer overflow flaw was found in the way the Linux kernel's virtio- net subsystem handled certain fraglists when the GRO (Generic Receive Offload) functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system. (CVE-2015-5156, Moderate) * It was found that the Linux kernel's IPv6 network stack did not properly validate the value of the MTU variable when it was set. A remote attacker could potentially use this flaw to disrupt a target system's networking (packet loss) by setting an invalid MTU value, for example, via a NetworkManager daemon that is processing router advertisement packets running on the target system. (CVE-2015-8215, Moderate) * A NULL pointer dereference flaw was found in the way the Linux kernel's network subsystem handled socket creation with an invalid protocol identifier. A local user could use this flaw to crash the system. (CVE-2015-8543, Moderate) * It was found that the espfix functionality does not work for 32-bit KVM paravirtualized guests. A local, unprivileged guest user could potentially use this flaw to leak kernel stack addresses. (CVE-2014-8134, Low) * A flaw was found in the way the Linux kernel's ext4 file system driver handled non-journal file systems with an orphan list. An attacker with physical access to the system could use this flaw to crash the system or, although unlikely, escalate their privileges on the system. (CVE-2015-7509, Low) * A NULL pointer dereference flaw was found in the way the Linux kernel's ext4 file system driver handled certain corrupted file system images. An attacker with physical access to the system could use this flaw to crash the system. (CVE-2015-8324, Low) Notes: * Problems have been reported with this kernel and VirtualBox. More info is available in the notes for the VirtualBox ticket here: https://www.virtualbox.org/ticket/14866moderateScientific Linux FermiScientific Linux Fermi 6kernel-doc-2.6.32-642.el6.noarch.rpmd945a3ecc43d58b4b404495a939af9dee48015aa9bb7a184afaba9920e76d6b3kernel-debug-2.6.32-642.el6.i686.rpm57964062b63baf2b8d7a48579f1457ca7e501b47174276de6db3a5dbecac9684kernel-2.6.32-642.el6.i686.rpm643509378178c707bab18bb3c832824fe1c774f3ae4958b4224f4e1a21e2c114kernel-abi-whitelists-2.6.32-642.el6.noarch.rpm656f377656e4f9a9c0c3f8bc18a92879a591027bae6a50641f8eb920dd959714kernel-devel-2.6.32-642.el6.i686.rpm131b2e0c90b84c873ceb6103613862e6c069d1662440e46c77fa0f4964a136b7kernel-headers-2.6.32-642.el6.i686.rpm0a10a57dad100a100e3603a009c9171d0405b6fe0d0b0e7f6017b43f4a0d2513perf-2.6.32-642.el6.i686.rpm4cdbc2070401592c8e72c57f1e037023757f4ace3549d55b873da26b69450829kernel-firmware-2.6.32-642.el6.noarch.rpmc748d770c969e1215262d23134f791f63747d52369a3d9c53ee5b086102e6817kmod-openafs-1.6.17-1.SL68.el6.noarch.rpm69f3d457b22fa2265dba6a44f0964d350490ff872024be3141b0e3d07204efb2kernel-debug-devel-2.6.32-642.el6.i686.rpm05f503173a5609313d2b23ea3f8e4b1bf4a5adf72482742137aba7b572e9eff5python-perf-2.6.32-642.el6.i686.rpm2ceb32a7fbdc266126e40962f2f590793aadc2b9ac00b591749879da2a5be9ddSLSA-2016:0996-1Security Fix(es): * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2108) * Two integer overflow flaws, leading to buffer overflows, were found in the way the EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL parsed very large amounts of input data. A remote attacker could use these flaws to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. (CVE-2016-2105, CVE-2016-2106) * It was discovered that OpenSSL leaked timing information when decrypting TLS/SSL and DTLS protocol encrypted records when the connection used the AES CBC cipher suite and the server supported AES-NI. A remote attacker could possibly use this flaw to retrieve plain text from encrypted packets by using a TLS/SSL or DTLS server as a padding oracle. (CVE-2016-2107) * Several flaws were found in the way BIO_*printf functions were implemented in OpenSSL. Applications which passed large amounts of untrusted data through these functions could crash or potentially execute code with the permissions of the user running such an application. (CVE-2016-0799, CVE-2016-2842) * A denial of service flaw was found in the way OpenSSL parsed certain ASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs. An application using OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocate an excessive amount of data. (CVE-2016-2109)importantScientific Linux FermiScientific Linux Fermi 6openssl-static-1.0.1e-48.sl6_8.1.i686.rpm8ea994d473029cdb0edf56a702d5fd3d89969daddce40759157807c2940f9c56openssl-devel-1.0.1e-48.sl6_8.1.i686.rpm0b8373ee180c20829d98c13981477acce6bba9ade728e7978e56abf3316a7085openssl-1.0.1e-48.el6_8.1.i686.rpm48192dd8c69b530522da04e582c5738fb59023e8a13958190286c7ad7ddbe87aopenssl-perl-1.0.1e-48.el6_8.1.i686.rpm21ee984a511119ded1a9bd9b485839143451d83800df6c5babc56c35d201b905openssl-devel-1.0.1e-48.el6_8.1.i686.rpm7ecba0da895cb2359ce4e64e29487dd84c131f375ffcfbea43c6b8eaff058f4copenssl-static-1.0.1e-48.el6_8.1.i686.rpm36ae16de5d7144fc1a0928991cf01b300a2fe291311c40f162e5477439ae0ebeopenssl-1.0.1e-48.sl6_8.1.i686.rpmacb86da32f6476efff4ed21e65dc9b934062562b6e588c34008faff2f0fff0ebopenssl-perl-1.0.1e-48.sl6_8.1.i686.rpm77210b51991e4f258e3ca4f0082e1cba33510d2c6366c9f4fc796aa44d66f4e2SLSA-2016:0997-1Security Fix(es): * An out-of-bounds read/write access flaw was found in the way QEMU's VGA emulation with VESA BIOS Extensions (VBE) support performed read/write operations via I/O port methods. A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process. (CVE-2016-3710)importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.491.el6_8.1.i686.rpm6c6c7f949294f03caf00f1b07ec7e7609468b40efab94bcf56d448ecb7286660SLSA-2016:1041-1This update upgrades Thunderbird to version 38.8.0. Security Fix(es): * Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-2805, CVE-2016-2807)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-38.8.0-2.el6_8.i686.rpm00398d48bad9cfe812e2beb9c215045f4a4674acd9c951f4c15692798beb5476SLSA-2016:1138-1Security Fix(es): * A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility is used, a remote attacker could possibly use this flaw to execute arbitrary code. (CVE-2016-4051) * Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack memory, or possibly execute arbitrary code as the user running Squid. (CVE-2016-4052, CVE-2016-4053, CVE-2016-4054) * An input validation flaw was found in Squid's mime_get_header_field() function, which is used to search for headers within HTTP requests. An attacker could send an HTTP request from the client side with specially crafted header Host header that bypasses same-origin security protections, causing Squid operating as interception or reverse-proxy to contact the wrong origin server. It could also be used for cache poisoning for client not following RFC 7230. (CVE-2016-4554) * An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack. (CVE-2016-4556)moderateScientific Linux FermiScientific Linux Fermi 6squid-3.1.23-16.el6_8.4.i686.rpmae4cab9449bfb1f60ac2c85444b6431cf81807a3c341359aa6269814ea750448SLSA-2016:1140-1Security Fix(es): * A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility is used, a remote attacker could possibly use this flaw to execute arbitrary code. (CVE-2016-4051) * Buffer overflow and input validation flaws were found in the way Squid processed ESI responses. If Squid was used as a reverse proxy, or for TLS/HTTPS interception, a remote attacker able to control ESI components on an HTTP server could use these flaws to crash Squid, disclose parts of the stack memory, or possibly execute arbitrary code as the user running Squid. (CVE-2016-4052, CVE-2016-4053, CVE-2016-4054) * An input validation flaw was found in the way Squid handled intercepted HTTP Request messages. An attacker could use this flaw to bypass the protection against issues related to CVE-2009-0801, and perform cache poisoning attacks on Squid. (CVE-2016-4553) * An input validation flaw was found in Squid's mime_get_header_field() function, which is used to search for headers within HTTP requests. An attacker could send an HTTP request from the client side with specially crafted header Host header that bypasses same-origin security protections, causing Squid operating as interception or reverse-proxy to contact the wrong origin server. It could also be used for cache poisoning for client not following RFC 7230. (CVE-2016-4554) * A NULL pointer dereference flaw was found in the way Squid processes ESI responses. If Squid was used as a reverse proxy or for TLS/HTTPS interception, a malicious server could use this flaw to crash the Squid worker process. (CVE-2016-4555) * An incorrect reference counting flaw was found in the way Squid processes ESI responses. If Squid is configured as reverse-proxy, for TLS/HTTPS interception, an attacker controlling a server accessed by Squid, could crash the squid worker, causing a Denial of Service attack. (CVE-2016-4556)moderateScientific Linux FermiScientific Linux Fermi 6squid34-3.4.14-9.el6_8.3.i686.rpmb2a5bfa7ab5b262452b57ecbbe20e710a55827dc858f49c4c4091781a0fea7b6SLSA-2016:1141-1Security Fix(es): * It was found that when NTP was configured in broadcast mode, a remote attacker could broadcast packets with bad authentication to all clients. The clients, upon receiving the malformed packets, would break the association with the broadcast server, causing them to become out of sync over a longer period of time. (CVE-2015-7979) * A denial of service flaw was found in the way NTP handled preemptable client associations. A remote attacker could send several crypto NAK packets to a victim client, each with a spoofed source address of an existing associated peer, preventing that client from synchronizing its time. (CVE-2016-1547) * It was found that an ntpd client could be forced to change from basic client/server mode to the interleaved symmetric mode. A remote attacker could use a spoofed packet that, when processed by an ntpd client, would cause that client to reject all future legitimate server responses, effectively disabling time synchronization on that client. (CVE-2016-1548) * A flaw was found in the way NTP's libntp performed message authentication. An attacker able to observe the timing of the comparison function used in packet authentication could potentially use this flaw to recover the message digest. (CVE-2016-1550) * An out-of-bounds access flaw was found in the way ntpd processed certain packets. An authenticated attacker could use a crafted packet to create a peer association with hmode of 7 and larger, which could potentially (although highly unlikely) cause ntpd to crash. (CVE-2016-2518) The CVE-2016-1548 issue was discovered by Miroslav Lichvar (Red Hat).moderateScientific Linux FermiScientific Linux Fermi 6ntp-doc-4.2.6p5-10.el6.1.noarch.rpm6865880083ffa40c7e5a6c0af3328ffcf072d1e36a86868c38e0c7cb71cb545bntp-4.2.6p5-10.el6.1.i686.rpmc971f44178e04fa2ad1cdffecce07e98b523a63d975aabef2b96ca3b37a99d47ntp-perl-4.2.6p5-10.el6.1.i686.rpmfb00048c55a0179fdae1cd8ba8b05636d4209e84b465e1b07d50604be47e885cntpdate-4.2.6p5-10.el6.1.i686.rpm4b1e51d63fbd7402a5dfdf30459baa74fa014eaab5bafcd2aa23c8af012cc087SLSA-2016:1217-1This update upgrades Firefox to version 45.2.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2828, CVE-2016-2831)criticalScientific Linux FermiScientific Linux Fermi 6firefox-45.2.0-1.el6_8.i686.rpm5181e4204b7f713975e3b48b22543365f007736a9249b17443d398ded41a3e64SLSA-2016:1237-1Security Fix(es): * It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. (CVE-2016-5118) * It was discovered that ImageMagick did not properly sanitize certain input before passing it to the gnuplot delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application. (CVE-2016-5239) * Multiple flaws have been discovered in ImageMagick. A remote attacker could, for example, create specially crafted images that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would result in a memory corruption and, potentially, execution of arbitrary code, a denial of service, or an application crash. (CVE-2015-8896, CVE-2015-8895, CVE-2016-5240, CVE-2015-8897, CVE-2015-8898)importantScientific Linux FermiScientific Linux Fermi 6ImageMagick-devel-6.7.2.7-5.el6_8.i686.rpm25a240ccb0f4c74b76b89b43b95946b2cfad66de03a4b096ae8de6fdfc1d152eImageMagick-doc-6.7.2.7-5.el6_8.i686.rpm6ca60bbcdf45de122a9fb7179c93d92d706d62654babb7b983c1eba061b23ffdImageMagick-6.7.2.7-5.el6_8.i686.rpm4379f7ae86b38847700d998ccb9d2e23ce53d213e4f3db402c9f05e678722c10ImageMagick-perl-6.7.2.7-5.el6_8.i686.rpm686f3e033be0c3bd752b0ab0571f97870cc83c064ecae71bbdba44fbbfaccc9eImageMagick-c++-6.7.2.7-5.el6_8.i686.rpmef5817ecb24cb843bbbd223308c8649ba12d7fb0c79b7f6c7af76d491c8ea445ImageMagick-c++-devel-6.7.2.7-5.el6_8.i686.rpm36843db7b6d799f0cb5a96a3797df90c0892f74795a1f5cc33e1a7e26985722fSLSA-2016:1267-1The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials. Security Fix(es): * Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with root privileges. (CVE-2016-4445, CVE-2016-4989) * Shell command injection flaws were found in the way the setroubleshoot allow_execmod and allow_execstack plugins executed external commands. A local attacker able to trigger an execmod or execstack SELinux denial could use these flaws to execute arbitrary code with root privileges. (CVE-2016-4444, CVE-2016-4446) The CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik (Red Hat) and the CVE-2016-4445 and CVE-2016-4989 issues were discovered by Red Hat Product Security.importantScientific Linux FermiScientific Linux Fermi 6setroubleshoot-doc-3.0.47-12.el6_8.i686.rpma3319080088b71d7b8ff1f71605ce65dffc8d8a0d7fc3e55a4472bc59179e0bbsetroubleshoot-3.0.47-12.el6_8.i686.rpm72543f470f0e0e4c95a8e123050b8868fe12b72db03ba2569148496e61b82c37setroubleshoot-server-3.0.47-12.el6_8.i686.rpm52904654f273231db0ad996bd6ad1998287dd2caf1b5346c3a78d1d7726e835asetroubleshoot-plugins-3.0.40-3.1.el6_8.noarch.rpmcbdbcc5b7288b27f9d0f5af1c02147c80bf024bf94e5633996be4d3f1162b5e6SLSA-2016:1292-1Security Fix(es): A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application. (CVE-2016-1834, CVE-2016-1840) Multiple denial of service flaws were found in libxml2. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, could cause that application to crash. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449)importantScientific Linux FermiScientific Linux Fermi 6libxml2-2.7.6-21.el6_8.1.i686.rpm6dd3f49101b77e722d3a9467414a73423ed45b2c4a9e8948edf2db872c5395c7libxml2-python-2.7.6-21.el6_8.1.i686.rpmdce8b87f07e7e81f58b6837805b74d041f1035075de29ab5cf0fc7a6ccf42f28libxml2-static-2.7.6-21.el6_8.1.i686.rpm27abe57c00d6b0818c0f006ff79bd9747e47101f4ef89b16d04a5cbba107f8a9libxml2-devel-2.7.6-21.el6_8.1.i686.rpm6790c4313f8495dbf94713982866e072234eb919fe6e9f5b22641d767c0f7675SLSA-2016:1392-1This update upgrades Thunderbird to version 45.2.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-2818)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-45.2-1.el6_8.i686.rpm68b4e906ab97dc36a8cde567d3cdac8f509f53793f3cb342f03c415b5d13c430SLSA-2016:1406-1Security Fix: * A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system. (CVE-2016-4565, Important) This update also fixes the following bugs: * When providing some services and using the Integrated Services Digital Network (ISDN), the system could terminate unexpectedly due to the call of the tty_ldisc_flush() function. The provided patch removes this call and the system no longer hangs in the described scenario. * An update to the Scientific Linux 6 kernel added calls of two functions provided by the ipv6.ko kernel module, which added a dependency on that module. On systems where ipv6.ko was prevented from being loaded, the nfsd.ko and lockd.ko modules were unable to be loaded. Consequently, it was not possible to run an NFS server or to mount NFS file systems as a client. The underlying source code has been fixed by adding the symbol_get() function, which determines if nfsd.ko and lock.ko are loaded into memory and calls them through function pointers, not directly. As a result, the aforementioned kernel modules are allowed to be loaded even if ipv6.ko is not, and the NFS mount works as expected. * After upgrading the kernel, CPU load average increased compared to the prior kernel version due to the modification of the scheduler. The provided patch set reverts the calculation algorithm of this load average to the the previous version thus resulting in relatively lower values under the same system load. Updated dracut packages have also been included to satisfy dependencies.importantScientific Linux FermiScientific Linux Fermi 6perf-2.6.32-642.3.1.el6.i686.rpmbdec1f8d5d11a1a90d4d948c0e419d8b308552a9468cf62e1084447f5b1939cekernel-devel-2.6.32-642.3.1.el6.i686.rpmdbeed3b5d31d457b3a370df5705561427efcbdf256ee8ff8b872bfd3a922d4cfkernel-abi-whitelists-2.6.32-642.3.1.el6.noarch.rpmdca4966e034b8413994cc1eb86adda66a0ca5c9a87beaba245942b7a5feb632ekernel-debug-devel-2.6.32-642.3.1.el6.i686.rpm084d6cc35c03ffd3f8aabe41c05a0a5d27b1f390e05c42765fab3eaedeb761a5kernel-doc-2.6.32-642.3.1.el6.noarch.rpmf125a8dd16852a9d251e80de642b80dd9407a85850df5fa645591cd432c668f7kernel-debug-2.6.32-642.3.1.el6.i686.rpm0743ad8ade9c9cd8fd18c47b486a20d4ec94d69ffe64831b657311c2b9938670kernel-firmware-2.6.32-642.3.1.el6.noarch.rpmffa3eea0324bbbf03aa50500e6347abdbb478a4baa558892d34691e14bde4bf6kernel-2.6.32-642.3.1.el6.i686.rpmc9914d1e61ff7d6b50ae8d87171f1f87c4219b11882d1470e83168392dc6ad36kernel-headers-2.6.32-642.3.1.el6.i686.rpm3d5f5376e34b2be2b24b8bd501f36eea5d6da22b9015ad0f53e6184be62694a0python-perf-2.6.32-642.3.1.el6.i686.rpm7b7b0be2fb969ba401e22a420407524b431b865a759f2f4f7a694126ad95d759SLSA-2016:1421-1Security Fix(es): * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5387) Note: After this update, httpd will no longer pass the value of the Proxy request header to scripts via the HTTP_PROXY environment variable.importantScientific Linux FermiScientific Linux Fermi 6httpd-devel-2.2.15-54.sl6.i686.rpm6eefc715b2077d07d769c3a5b8c944bb024b05ad5bd6b37a1eca67b496a9ceb8httpd-manual-2.2.15-54.sl6.noarch.rpmd492472e8cbafcea13d63554152f84304c241f7f5768e641322285863f55f41ehttpd-tools-2.2.15-54.sl6.i686.rpm087cfcb4fbcec197561bdbd66482594a58074f3d4f542713f2fc5250420b3be0httpd-2.2.15-54.sl6.i686.rpm0e327f038ac31cb42fde037f3aaa9e76ecf5d30c9e599a770d4ad522f6f43bcbmod_ssl-2.2.15-54.sl6.i686.rpm7185004ee5340e4ffe5f0e5318b3e0f6b1f20d51862bcc1b9bc2b6cb66f0ab16SLSA-2016:1458-1Security Fix(es): * Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-3606, CVE-2016-3587, CVE-2016-3598, CVE-2016-3610) * Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed. (CVE-2016-3500, CVE-2016-3508) * Multiple flaws were found in the CORBA and Hotsport components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2016-3458, CVE-2016-3550) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.criticalScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-src-1.8.0.101-3.b13.el6_8.i686.rpmf41887f042639683ef2bdb5943795095d2989df2021bbf75f6af4ad61f234877java-1.8.0-openjdk-javadoc-1.8.0.101-3.b13.el6_8.noarch.rpm2d729363cc783d1de062aee0dfec759fe589169a96ae700e8e9f16db45049342java-1.8.0-openjdk-devel-debug-1.8.0.101-3.b13.el6_8.i686.rpmf270e545f9fcbc2d56afb1f974674e2a55c1608249943b16288fcc7c85440844java-1.8.0-openjdk-1.8.0.101-3.b13.el6_8.i686.rpm9d1f64999d19e5e4ce39ee656f67a045a1732fa0bb868d53054ac31288888d15java-1.8.0-openjdk-demo-1.8.0.101-3.b13.el6_8.i686.rpmaf05db5c4a0cc684a664dd3c6f232fdaf3b36795fde211de33071ad2a37c27dbjava-1.8.0-openjdk-demo-debug-1.8.0.101-3.b13.el6_8.i686.rpm982708c2a9928d84cdbb1bf72e2f2298dccbe99de5e24a624b782d43dac13ac9java-1.8.0-openjdk-headless-1.8.0.101-3.b13.el6_8.i686.rpmedffa6259a2d8ea05acd8dcc74d11368a2c36c0ee752dd0f763304d0a78f48aajava-1.8.0-openjdk-devel-1.8.0.101-3.b13.el6_8.i686.rpmaa46c0ad7601ebf89816d3c7f10c59344677f03e40eab15019c227dd37a46dbfjava-1.8.0-openjdk-debug-1.8.0.101-3.b13.el6_8.i686.rpmae0ec969e10cd4e3ca634a6086dd032c6366e0f9f63e4c177429c00a1ddfff41java-1.8.0-openjdk-javadoc-debug-1.8.0.101-3.b13.el6_8.noarch.rpm40d50ca9ce65d96a924f6b8f3cdfce060be3230e35dcea3c4bf59e35ed1c91a8java-1.8.0-openjdk-src-debug-1.8.0.101-3.b13.el6_8.i686.rpm7bdd7cd109db6cc3eec2dd92b3fa6aac830dfa78113cc8671c5148eeae5b16efjava-1.8.0-openjdk-headless-debug-1.8.0.101-3.b13.el6_8.i686.rpm8aa5ac8859242939267c1064ebd7ec59b3de81d9ca4b68c562be4906eccf4237SLSA-2016:1487-1Security Fix(es): * A flaw was found in the way Samba initiated signed DCE/RPC connections. A man-in-the-middle attacker could use this flaw to downgrade the connection to not use signing and therefore impersonate the server. (CVE-2016-2119)moderateScientific Linux FermiScientific Linux Fermi 6samba4-test-4.2.10-7.el6_8.i686.rpm47c5a22a122b850f4e6d8fc8a7b56422efd7415e1acd27b56c3dd59ea9ec81e3samba4-common-4.2.10-7.el6_8.i686.rpm9fe23b7818634e526664c651991eefdb117c6eb473e55c2f0b18a0f97ba06fa8samba4-pidl-4.2.10-7.el6_8.i686.rpmc5645c55363ece55ad5f282b1acdc06668f19eb546fb3ed81a52be82b6058643samba4-client-4.2.10-7.el6_8.i686.rpm1441cba29f7c7a56b35610c1e93a265ae4b754695e3d6b4b86891ee4f24deac4samba4-winbind-krb5-locator-4.2.10-7.el6_8.i686.rpm28455f2a14bc3d303b08f0ed659c294ece4713977c6d25c9b4d75123ffb7f700samba4-python-4.2.10-7.el6_8.i686.rpmf090c27e0fb3053048ec8d32bde87ec85ccd99bf992d7bc8807719da256ea2e6samba4-4.2.10-7.el6_8.i686.rpm357e73be6a14905c7a0a00938d14c15f24448ed9fc17ecd0a0ab0bd47b95a6d1samba4-devel-4.2.10-7.el6_8.i686.rpm8f93f605c9d9c46e09c065f029cfcd24a5a97ceb198e15742bb16ab86227e257samba4-libs-4.2.10-7.el6_8.i686.rpm94d63d565ce8f0e5939b7a367822ff8cd541c0056eb7d591085761e2bc1e282fsamba4-dc-4.2.10-7.el6_8.i686.rpm58f89013671392f9694d33aed833f771c95aab7eea7635716169bad34f8dc118samba4-winbind-clients-4.2.10-7.el6_8.i686.rpmd04b58a37a59495b85ef78990756a676849366dd6e5b842a0308008356780b09samba4-winbind-4.2.10-7.el6_8.i686.rpm0d7dd864af2dab0976b7287bc7c901e934ad721f5cce068c2b14db63bd00ba3csamba4-dc-libs-4.2.10-7.el6_8.i686.rpm6e537b83c0df2055eb34561d60c3148336e90e070448b3d85aa50a0f4c273a7fSLSA-2016:1504-1Security Fix(es): * Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-3606, CVE-2016-3598, CVE-2016-3610) * Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed. (CVE-2016-3500, CVE-2016-3508) * Multiple flaws were found in the CORBA and Hotsport components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2016-3458, CVE-2016-3550)importantScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-src-1.7.0.111-2.6.7.2.el6_8.i686.rpm7ced403bd12bd2c9dc33eb243120d3c90dd617a6663f23b0b7cc9bead8983014java-1.7.0-openjdk-1.7.0.111-2.6.7.2.el6_8.i686.rpmd9424ebc38831f913d44a706e76a94a3662064fd4261d3558900da471e6feec6java-1.7.0-openjdk-demo-1.7.0.111-2.6.7.2.el6_8.i686.rpmf342970d534eacc76b38a54612507651fb38a242af3557e2f78df7f6b7d9795fjava-1.7.0-openjdk-devel-1.7.0.111-2.6.7.2.el6_8.i686.rpm6ed5d20373a0500f70e1fc4f14788a7b28b696b2b2f4205704de9f43f377e555java-1.7.0-openjdk-javadoc-1.7.0.111-2.6.7.2.el6_8.noarch.rpmfbcadfaa7ceac5cfdc4677a48acbfa6323e7f13b971e3bf9277116356f89f9c8SLSA-2016:1547-1Security Fix(es): * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. (CVE-2014-9655, CVE-2015-1547, CVE-2015-8784, CVE-2015-8683, CVE-2015-8665, CVE-2015-8781, CVE-2015-8782, CVE-2015-8783, CVE-2016-3990, CVE-2016-5320) * Multiple flaws have been discovered in various libtiff tools (bmp2tiff, pal2rgb, thumbnail, tiff2bw, tiff2pdf, tiffcrop, tiffdither, tiffsplit, tiff2rgba). By tricking a user into processing a specially crafted file, a remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code with the privileges of the user running the libtiff tool. (CVE-2014-8127, CVE-2014-8129, CVE-2014-8130, CVE-2014-9330, CVE-2015-7554, CVE-2015-8668, CVE-2016-3632, CVE-2016-3945, CVE-2016-3991)importantScientific Linux FermiScientific Linux Fermi 6libtiff-static-3.9.4-18.el6_8.i686.rpm5843697df06363f43b3a2849597232e80bfb0c10aaa079554e5df01283aa9555libtiff-devel-3.9.4-18.el6_8.i686.rpmfeaaad3dd9c26fa03808af2816cd013d1486274a7c55f5f93874d0a92ed2e2a1libtiff-3.9.4-18.el6_8.i686.rpm2e9b30db0c8d728e746675c1bc9f5aee3519a80778e20e4865a0cd5d2ee61184SLSA-2016:1551-1This update upgrades Firefox to version 45.3.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-2836, CVE-2016-5258, CVE-2016-5259, CVE-2016-5252, CVE-2016-5263, CVE-2016-2830, CVE-2016-2838, CVE-2016-5254, CVE-2016-5262, CVE-2016-5264, CVE-2016-5265, CVE-2016-2837)criticalScientific Linux FermiScientific Linux Fermi 6firefox-45.3.0-1.el6_8.i686.rpmf47a01caf0cef34eb5d2a6edb31f9d86906d52b8deb3b4f5cc79cbcd503da5b1SLSA-2016:1573-1Security Fix(es): * It was found that the fix for CVE-2016-4051 released via SLSA-2016:1138 did not properly prevent the stack overflow in the munge_other_line() function. A remote attacker could send specially crafted data to the Squid proxy, which would exploit the cachemgr CGI utility, possibly triggering execution of arbitrary code. (CVE-2016-5408)moderateScientific Linux FermiScientific Linux Fermi 6squid-3.1.23-16.el6_8.6.i686.rpm3d1a09d6d316bcfbc99be3ac76c58cd3aa7de6b4eadaf2ff143cf61748720a7cSLSA-2016:1585-1Security Fix(es): * Quick emulator(Qemu) built with the virtio framework is vulnerable to an unbounded memory allocation issue. It was found that a malicious guest user could submit more requests than the virtqueue size permits. Processing a request allocates a VirtQueueElement and therefore causes unbounded memory allocation on the host controlled by the guest. (CVE-2016-5403)moderateScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.491.el6_8.3.i686.rpm2c6e04cccc18b909135553d07873cc45672e78b77fb580b6617fe0a39e3bcd8eSLSA-2016:1609-1Security Fix(es): * It was discovered that PHP did not properly protect against the HTTP_PROXY variable name clash. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a PHP script to an attacker- controlled proxy via a malicious HTTP request. (CVE-2016-5385)moderateScientific Linux FermiScientific Linux Fermi 6php-mbstring-5.3.3-48.el6_8.i686.rpm8890973d2ab307285ca53575ee5a917a95b730de4d7fabc962489495069a85b3php-devel-5.3.3-48.el6_8.i686.rpmee90c3a41a7ebc3d29efd98cd58aa2b17915bccbd56c25fa1b7d1e4f2d1f1c55php-pgsql-5.3.3-48.el6_8.i686.rpm57c9ad6072697eac16c2238976f0bad59808bd992739fab2cdcf9c583f7dfd8fphp-ldap-5.3.3-48.el6_8.i686.rpme9492bc097c2372e27c61454854ad617951a835c62e149f5b5427d290020dd0dphp-soap-5.3.3-48.el6_8.i686.rpmf7117ff3d697e6e264d5dee54f5b8fb020d39c4a13285e477903e9070637f1b4php-common-5.3.3-48.el6_8.i686.rpm83b86bbfc3bad4c41cd56c5d561c3c315b3fc5bd748924cb3298ff2132e52a8aphp-intl-5.3.3-48.el6_8.i686.rpm4ac973fa5a81da2c327458df149989eca6ace33a6f1dea65bab6ea935b670eccphp-cli-5.3.3-48.el6_8.i686.rpmac2f26ea9d569bff719c8f2b1df1d9e45556e9410f7c2f742afc6eaa4ccd8e4bphp-snmp-5.3.3-48.el6_8.i686.rpmc375307e8b4ca7563d495cc619ada1fc975beb8171ae53bc12eacdd914567825php-tidy-5.3.3-48.el6_8.i686.rpme17c33f460ce6a6072cb301ec6e73425519b0ff19269bb8f9220368f29ee2f03php-dba-5.3.3-48.el6_8.i686.rpm6aeeb0781261a4b94960eef22511e6902d10962fd685b6a018bdfbe850e1022aphp-pspell-5.3.3-48.el6_8.i686.rpm8de23ca7e9ae422cc6f9c3e04e666b7f757341ed8db79c508775e7c5f9c6dd0aphp-embedded-5.3.3-48.el6_8.i686.rpm2972d5d56f933c01c8c6c7a5af0d82de4961163d396aaf0268efa2a794106f86php-process-5.3.3-48.el6_8.i686.rpmabb9ed77eb5c0e2fb351f7c6af9959e4830cea8ef966abccc5974fabae35d4dfphp-fpm-5.3.3-48.el6_8.i686.rpm0ff0fd84e4565fa7c2b8781f185449f7b966ce2fa0606f6df08c56b8f0419a59php-mysql-5.3.3-48.el6_8.i686.rpm4e151390277923b62cea491e0876d7dfc603eceda400735e663fecaf9e854ee8php-pdo-5.3.3-48.el6_8.i686.rpmea974630d34f57ba77c058fdcf9c9268f37a02aa3ad1944ffef0d1a861c1b094php-odbc-5.3.3-48.el6_8.i686.rpm4e735d4d75754129667ab08dcc6ae0291c58f490ee385ba732c403f057bbb45aphp-5.3.3-48.el6_8.i686.rpmea6c7ace4f1c063af1607e596a1d3add121733f5ced1dcab5e9d2f5900bdc787php-gd-5.3.3-48.el6_8.i686.rpm0b2b9fa76c5b91c9a4b01005b1a5253f2e6b6ecc0ac04eab3a538e267da0770ephp-bcmath-5.3.3-48.el6_8.i686.rpm6095374e42633284ddee0e187e4190fecba4b6ecf1cb02cf8b39e0e831bf6c73php-xmlrpc-5.3.3-48.el6_8.i686.rpm10d1fd5f049cf3109343de8481e3406ecfefc0de50e2456757b0169b08d554f9php-xml-5.3.3-48.el6_8.i686.rpm847600b4a1c4a339ef687fc3cf44a04d19edae6f5c3863749e075514368d65d3php-enchant-5.3.3-48.el6_8.i686.rpmfd9b1fa97c084e1753f6431d72194d5b19f1394cd3729cab613a54258d12f325php-recode-5.3.3-48.el6_8.i686.rpmf42c1d74712c0dad7275dc2507d565bbeeab0c9b16a43f0815b59dec37bf8bb3php-zts-5.3.3-48.el6_8.i686.rpm1a9fd4bb3c0cdb649ecdeb7f08e37c5f9c23da70e3cdc8d826b35e25cfed6d27php-imap-5.3.3-48.el6_8.i686.rpmbad39ba931560704cbcf6096abcc355776a64f5cfa31614ac10c48568dc2ea49SLSA-2016:1626-1Security Fix(es): * It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-1000110) * It was found that Python's smtplib library did not return an exception when StartTLS failed to be established in the SMTP.starttls() function. A man in the middle attacker could strip out the STARTTLS command without generating an exception on the Python SMTP client application, preventing the establishment of the TLS layer. (CVE-2016-0772) * It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. (CVE-2016-5699)moderateScientific Linux FermiScientific Linux Fermi 6tkinter-2.6.6-66.el6_8.i686.rpmb771f9ad57037460edb6a26b014b32f99837e48defb64aa464b1d0ed974ad3cbpython-devel-2.6.6-66.el6_8.i686.rpmdb53ba9713fe8b4160b294fe1171d1baacbe7f1c0e1a106d1a0ee61aafb4e260python-libs-2.6.6-66.el6_8.i686.rpmf58e00d14e841ebe3e0d6393b89466688314924c05f731e2b3e9fba5714737bdpython-tools-2.6.6-66.el6_8.i686.rpm487c022104df6889bb28eb2f414b7cedaa372a8e92242130645a63bd1bc40f95python-test-2.6.6-66.el6_8.i686.rpmb95dff68afdbc1ba2247df434025ef8e9333307ba5b63f60121ce151a7a3d017python-2.6.6-66.el6_8.i686.rpm60083273ddcb6e3f7c93666d0b460551516d1577e1e544352be5c11adff98a93SLSA-2016:1664-1Security Fix(es): It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the changes by probing packets. An off-path attacker could use this flaw to either terminate TCP connection and/or inject payload into non-secured TCP connection between two endpoints on the network. (CVE-2016-5696, Important) Bug Fix(es): * When loading the Direct Rendering Manager (DRM) kernel module, the kernel panicked if DRM was previously unloaded. The kernel panic was caused by a memory leak of the ID Resolver (IDR2). With this update, IDR2 is loaded during kernel boot, and the kernel panic no longer occurs in the described scenario. * When more than one process attempted to use the "configfs" directory entry at the same time, a kernel panic in some cases occurred. With this update, a race condition between a directory entry and a lookup operation has been fixed. As a result, the kernel no longer panics in the described scenario. * When shutting down the system by running the halt -p command, a kernel panic occurred due to a conflict between the kernel offlining CPUs and the sched command, which used the sched group and the sched domain data without first checking the data. The underlying source code has been fixed by adding a check to avoid the conflict. As a result, the described scenario no longer results in a kernel panic. * In some cases, running the ipmitool command caused a kernel panic due to a race condition in the ipmi message handler. This update fixes the race condition, and the kernel panic no longer occurs in the described scenario. * Previously, multiple Very Secure FTP daemon (vsftpd) processes on a directory with a large number of files led to a high contention rate on each inode's spinlock, which caused excessive CPU usage. With this update, a spinlock to protect a single memory-to-memory copy has been removed from the ext4_getattr() function. As a result, system CPU usage has been reduced and is no longer excessive in the described situation. * When the gfs2_grow utility is used to extend Global File System 2 (GFS2), the next block allocation causes the GFS2 kernel module to re-read its resource group index. If multiple processes in the GFS2 module raced to do the same thing, one process sometimes overwrote a valid object pointer with an invalid pointer, which caused either a kernel panic or a file system corruption. This update ensures that the resource group object pointer is not overwritten. As a result, neither kernel panic nor file system corruption occur in the described scenario. * Previously, the SCSI Remote Protocol over InfiniBand (IB-SRP) was disabled due to a bug in the srp_queue() function. As a consequence, an attempt to enable the Remote Direct Memory Access (RDMA) at boot caused the kernel to crash. With this update, srp_queue() has been fixed, and the system now boots as expected when RDMA is enabled. Enhancement(s): * This update optimizes the efficiency of the Transmission Control Protocol (TCP) when the peer is using a window under 537 bytes in size. As a result, devices that use maximum segment size (MSS) of 536 bytes or fewer will experience improved network performance.importantScientific Linux FermiScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-642.4.2.el6.noarch.rpm9bd107c0a1d08f0d470bbbf877036c6ee3973b9e4895be018b26701aa1e4523dkernel-debug-2.6.32-642.4.2.el6.i686.rpmd112c3869645ddf60318b6bcef68a3c4e41b0182df8b8289d335153e28601c68kernel-devel-2.6.32-642.4.2.el6.i686.rpm0dcbfa7739a693b8df0712cd32b281d4f95316d2846b03c2c0e30685c836dd14kernel-2.6.32-642.4.2.el6.i686.rpm14c56007918c1d187465986c0b655ad4bfa99b82510069babc8cb1fe3ce2b6e0kernel-debug-devel-2.6.32-642.4.2.el6.i686.rpm499566c537b3dfdcf38a608f8beb90c76ef6754e7067e06098aba09e48b56bcekernel-headers-2.6.32-642.4.2.el6.i686.rpm4b1e9d489e97433a3352580d297bb1131503d0dcee096d7238b2a5ba84a7e9aekernel-firmware-2.6.32-642.4.2.el6.noarch.rpm798e799de5c1244d69e47ad0c03b00cfce85bc28c002dd5713e7fc43d310d5d8perf-2.6.32-642.4.2.el6.i686.rpm7af6267bf36de8ec6dcefad28df7fc363980c02127f0319748e39671f93147c4python-perf-2.6.32-642.4.2.el6.i686.rpmfe1c0e98644ab462504121d84c194b856487ea64498d63fc91d4b5962e3123c2kernel-doc-2.6.32-642.4.2.el6.noarch.rpm5bd3788c57ba50371a9fe27df4ada8d3352c468949108df8b90817395c43fa43SLSA-2016:1776-1Security Fix(es): * An insufficient bytecode verification flaw was discovered in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to completely bypass Java sandbox restrictions. (CVE-2016-3606) * Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed. (CVE-2016-3500, CVE-2016-3508) * Multiple flaws were found in the CORBA and Hotsport components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2016-3458, CVE-2016-3550)importantScientific Linux FermiScientific Linux Fermi 6java-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.6.el6_8.i686.rpm4e35cfbbc1de94198e39471a53fb5f4f4dbf73e0074dbefde2f0e2d6d9e5326cjava-1.6.0-openjdk-src-1.6.0.40-1.13.12.6.el6_8.i686.rpm61ddb8dbc015813e98c1d3a7fd5bd7e3e142fd0f1cd14e55594c8feae1dff819java-1.6.0-openjdk-demo-1.6.0.40-1.13.12.6.el6_8.i686.rpm240a249dd5309d9812531fd2bffbdaa11e7a5e33118b11c01600af3fa1802324java-1.6.0-openjdk-1.6.0.40-1.13.12.6.el6_8.i686.rpm1cb86e60c918777994768791c539b86b06b39cc4dc460c5f226420c6cc18b9cajava-1.6.0-openjdk-devel-1.6.0.40-1.13.12.6.el6_8.i686.rpm8cdf2a0a1798e5f330dddc21efce2ed11485954dd57a0058ec73e3372f598375SLSA-2016:1797-1Security Fix(es): * An insufficient permission check issue was found in the way IPA server treats certificate revocation requests. An attacker logged in with the 'retrieve certificate' permission enabled could use this flaw to revoke certificates, possibly triggering a denial of service attack. (CVE-2016-5404)moderateScientific Linux FermiScientific Linux Fermi 6ipa-admintools-3.0.0-50.el6_8.2.i686.rpmb159a17230f9c9445276a2033216677de4cb6b91805ab200258d62dc6507b7dfipa-server-selinux-3.0.0-50.el6_8.2.i686.rpm268f9c27b9329ce0412320686c72c097f7e7e7c406f475ea24d8f1572e09de8cipa-server-trust-ad-3.0.0-50.el6_8.2.i686.rpmb63efee6bd541a523eac8f67f8f47c5e7254754b7078141246e6a464e22f5283ipa-client-3.0.0-50.el6_8.2.i686.rpma6e579152f4776a0c5ffceb42141b7868054e9bb707288d607c596c08f358b9dipa-python-3.0.0-50.el6_8.2.i686.rpm0ed6eb7863a8d8d685c34ffbf7fd842406eb7ad9a600a8a65182a7f904ca43ddipa-server-3.0.0-50.el6_8.2.i686.rpmd9bc36d3984dc86d5ba2b75648d9f4e9cfc0a95e2bce103711465aeeac6879f3SLSA-2016:1809-1This update upgrades Thunderbird to version 45.3.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-2836)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-45.3.0-1.el6_8.i686.rpm617772df8aa11ba7c37f41d9e4d22ce02879cbe070135c9a706037a80d4fd2b4SLSA-2016:1850-1Security Fix(es): * A flaw was found in the way libarchive handled hardlink archive entries of non-zero size. Combined with flaws in libarchive's file system sandboxing, this issue could cause an application using libarchive to overwrite arbitrary files with arbitrary data from the archive. (CVE-2016-5418) * Multiple out-of-bounds read flaws were found in libarchive. Specially crafted AR or MTREE files could cause the application to read data out of bounds, potentially disclosing a small amount of application memory, or causing an application crash. (CVE-2015-8920, CVE-2015-8921) * A denial of service vulnerability was found in libarchive's handling of GZIP streams. A crafted GZIP file could cause libarchive to allocate an excessive amount of memory, eventually leading to a crash. (CVE-2016-7166) * A denial of service vulnerability was found in libarchive. A specially crafted CPIO archive containing a symbolic link to a large target path could cause memory allocation to fail, causing an application using libarchive that attempted to view or extract such archive to crash. (CVE-2016-4809) * Multiple instances of undefined behavior due to arithmetic overflow were found in libarchive. Specially crafted Compress streams or ISO9660 volumes could potentially cause the application to fail to read the archive, or to crash. (CVE-2015-8932, CVE-2016-5844)importantScientific Linux FermiScientific Linux Fermi 6libarchive-2.8.3-7.el6_8.i686.rpm0d098393bca197c17b24812e720f46a9c3c6861bd527aeda349a494b81a79696libarchive-devel-2.8.3-7.el6_8.i686.rpm79e98076171fa574efed22a6553519e7cf086778aad8502aaec25d4749c7b9f0SLSA-2016:1912-1This update upgrades Firefox to version 45.4.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-5257, CVE-2016-5278, CVE-2016-5270, CVE-2016-5272, CVE-2016-5274, CVE-2016-5276, CVE-2016-5277, CVE-2016-5280, CVE-2016-5281, CVE-2016-5284, CVE-2016-5250, CVE-2016-5261)criticalScientific Linux FermiScientific Linux Fermi 6firefox-45.4.0-1.el6_8.i686.rpmf707ad6cd7b09b48ff4b1919f7f9f4fd2859cb371c283450b2cf4f010fbb7f86SLSA-2016:1940-1Security Fix(es): * A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304) * It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. A local attacker could possibly use this flaw to obtain a private DSA key belonging to another user or service running on the same system. (CVE-2016-2178) * It was discovered that the Datagram TLS (DTLS) implementation could fail to release memory in certain cases. A malicious DTLS client could cause a DTLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory. (CVE-2016-2179) * A flaw was found in the Datagram TLS (DTLS) replay protection implementation in OpenSSL. A remote attacker could possibly use this flaw to make a DTLS server using OpenSSL to reject further packets sent from a DTLS client over an established DTLS connection. (CVE-2016-2181) * An out of bounds write flaw was discovered in the OpenSSL BN_bn2dec() function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code. (CVE-2016-2182) * A flaw was found in the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183) This update mitigates the CVE-2016-2183 issue by lowering priority of DES cipher suites so they are not preferred over cipher suites using AES. For compatibility reasons, DES cipher suites remain enabled by default and included in the set of cipher suites identified by the HIGH cipher string. Future updates may move them to MEDIUM or not enable them by default. * An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets. (CVE-2016-6302) * Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2016-2177) * An out of bounds read flaw was found in the way OpenSSL formatted Public Key Infrastructure Time-Stamp Protocol data for printing. An attacker could possibly cause an application using OpenSSL to crash if it printed time stamp data from the attacker. (CVE-2016-2180) * Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL. (CVE-2016-6306)importantScientific Linux FermiScientific Linux Fermi 6openssl-perl-1.0.1e-48.sl6_8.3.i686.rpm024f8567380466cc8f5733a91c28ed3c63fecff997e12dda189a247db4897e4aopenssl-devel-1.0.1e-48.sl6_8.3.i686.rpm12bfc2005f0a2d121cbb7b8c085162a1ef4625b1d534086977a2a83b5d7b11b7openssl-static-1.0.1e-48.sl6_8.3.i686.rpm49bc3576826fe7b6cb94639630882b03af11711af1875163cf4be7a0ec6b6faaopenssl-1.0.1e-48.sl6_8.3.i686.rpm438ea01961b7a4b259c08197b49cdadf0502350f87947a7c3ae91531a073eb10SLSA-2016:1944-1Security Fix(es): * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776)importantScientific Linux FermiScientific Linux Fermi 6bind-sdb-9.8.2-0.47.rc1.el6_8.1.i686.rpm285eba34713bdc3902589fb03f418ec731c4694bf9ec3a57541460d7cd77c855bind-9.8.2-0.47.rc1.el6_8.1.i686.rpmd62699d494a09897b16f1cc164a39d0ec6e08656e251cb234bddb2382aa69384bind-libs-9.8.2-0.47.rc1.el6_8.1.i686.rpm7ed4f220bb74da3d02a6235937e4627cd5c1a8a35d31705b3565f3beb7918c61bind-devel-9.8.2-0.47.rc1.el6_8.1.i686.rpm225ecf461de670e36346a49df85bcd152a4f758c0860a663b3b0571c2f7518c6bind-chroot-9.8.2-0.47.rc1.el6_8.1.i686.rpmcc8443e64fcc4588ccbd58080f9fe4c6a9a5ef9802f7e0c72bbe93d6d79157aabind-utils-9.8.2-0.47.rc1.el6_8.1.i686.rpm1b8cce235700c80dbc390588aeb71fd70116b4ade28c6f1bda40b7fada665847SLSA-2016:1978-1Security Fix(es): * It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-1000111) Note: After this update, python-twisted-web will no longer pass the value of the Proxy request header to scripts via the HTTP_PROXY environment variable.importantScientific Linux FermiScientific Linux Fermi 6python-twisted-web-8.2.0-5.el6_8.i686.rpm3a314d9cec9018e91fc1548bdd6773115686ac2dd7b66902f69d7f5248c50da7SLSA-2016:1985-1This update upgrades Thunderbird to version 45.4.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-5257)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-45.4.0-1.el6_8.i686.rpm20bc30789daae8d02c1b3ba3e383fd9eba4f51911909f5a6306cb8dfbdee46aaSLSA-2016:2006-1Security Fix(es): * A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. (CVE-2016-4470, Important) * A heap-based buffer overflow vulnerability was found in the Linux kernel's hiddev driver. This flaw could allow a local attacker to corrupt kernel memory, possible privilege escalation or crashing the system. (CVE-2016-5829, Moderate) The CVE-2016-4470 issue was discovered by David Howells (Red Hat Inc.). Bug Fix(es): * Previously, when two NFS shares with different security settings were mounted, the I/O operations to the kerberos-authenticated mount caused the RPC_CRED_KEY_EXPIRE_SOON parameter to be set, but the parameter was not unset when performing the I/O operations on the sec=sys mount. Consequently, writes to both NFS shares had the same parameters, regardless of their security settings. This update fixes this problem by moving the NO_CRKEY_TIMEOUT parameter to the auth->au_flags field. As a result, NFS shares with different security settings are now handled as expected. * In some circumstances, resetting a Fibre Channel over Ethernet (FCoE) interface could lead to a kernel panic, due to invalid information extracted from the FCoE header. This update adds santiy checking to the cpu number extracted from the FCoE header. This ensures that subsequent operations address a valid cpu, and eliminates the kernel panic. * Prior to this update, the following problems occurred with the way GSF2 transitioned files and directories from the "unlinked" state to the "free" state: The numbers reported for the df and the du commands in some cases got out of sync, which caused blocks in the file system to appear missing. The blocks were not actually missing, but they were left in the "unlinked" state. In some circumstances, GFS2 referenced a cluster lock that was already deleted, which led to a kernel panic. If an object was deleted and its space reused as a different object, GFS2 sometimes deleted the existing one, which caused file system corruption. With this update, the transition from "unlinked" to "free" state has been fixed. As a result, none of these three problems occur anymore. * Previously, the GFS2 file system in some cases became unresponsive due to lock dependency problems between inodes and the cluster lock. This occurred most frequently on nearly full file systems where files and directories were being deleted and recreated at the same block location at the same time. With this update, a set of patches has been applied to fix these lock dependencies. As a result, GFS2 no longer hangs in the described circumstances. * When used with controllers that do not support DCMD- MR_DCMD_PD_LIST_QUERY, the megaraid_sas driver can go into infinite error reporting loop of error reporting messages. This could cause difficulties with finding other important log messages, or even it could cause the disk to overflow. This bug has been fixed by ignoring the DCMD MR_DCMD_PD_LIST_QUERY query for controllers which do not support it and sending the DCMD SUCCESS status to the AEN functions. As a result, the error messages no longer appear when there is a change in the status of one of the arrays.importantScientific Linux FermiScientific Linux Fermi 6kernel-2.6.32-642.6.1.el6.i686.rpm81cb5bce1e9db2f9a0e4ccfaa8d8b231366be95b7b6930e889fa360b254380bakernel-headers-2.6.32-642.6.1.el6.i686.rpm72f955819006afce3936323f4fd9b74b49523bdd3b5f309c580662af8e544767kernel-debug-2.6.32-642.6.1.el6.i686.rpm6c0bc20f08a69907a4ff21c0320f7b491dead625b3622ff09cdf86e227b1b0cckernel-firmware-2.6.32-642.6.1.el6.noarch.rpm554c8eb06816819f41d4c7ee41693b7f08379b5a4af468baf6a1d51739fad8ffkernel-abi-whitelists-2.6.32-642.6.1.el6.noarch.rpmbc0a55ed3f6af22af1e644fda84f6aa298f5984928f22348146b4b27631847f1kernel-devel-2.6.32-642.6.1.el6.i686.rpmd822ee4bf970bd44c0e29f939fd6a5fd7b80e44db861d183803f35a498968c71perf-2.6.32-642.6.1.el6.i686.rpmc8db830b3b7602804ee478e83cbb3a4b31f897ab3043c041ae210cd51c7d7d42kernel-debug-devel-2.6.32-642.6.1.el6.i686.rpm48523547abb5a9b8e55db041c790a29ab2b6014bfea21bdbb3b1031bbec476b0python-perf-2.6.32-642.6.1.el6.i686.rpm02437bdbded9c2115638e683f14a8d57611695a57f73bd3d3a843c41bc7b373ckernel-doc-2.6.32-642.6.1.el6.noarch.rpm60345739d4b03b5e21e9983e5c4566fb802bcbb10709b82391778defd5b48ebaSLSA-2016:2045-1Security Fix(es): * It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat could use this flaw to escalate their privileges. (CVE-2016-6325) * It was found that several Tomcat session persistence mechanisms could allow a remote, authenticated user to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that placed a crafted object in a session. (CVE-2016-0714) * It was discovered that tomcat used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5388) * A directory traversal flaw was found in Tomcat's RequestUtil.java. A remote, authenticated user could use this flaw to bypass intended SecurityManager restrictions and list a parent directory via a '/..' in a pathname used by a web application in a getResource, getResourceAsStream, or getResourcePaths call, as demonstrated by the $CATALINA_BASE/webapps directory. (CVE-2015-5174) * It was found that Tomcat could reveal the presence of a directory even when that directory was protected by a security constraint. A user could make a request to a directory via a URL not ending with a slash and, depending on whether Tomcat redirected that request, could confirm whether that directory existed. (CVE-2015-5345) * It was found that Tomcat allowed the StatusManagerServlet to be loaded by a web application when a security manager was configured. This allowed a web application to list all deployed web applications and expose sensitive information such as session IDs. (CVE-2016-0706) Bug Fix(es): * Due to a bug in the tomcat6 spec file, the catalina.out file's md5sum, size, and mtime attributes were compared to the file's attributes at installation time. Because these attributes change after the service is started, the "rpm -V" command previously failed. With this update, the attributes mentioned above are ignored in the RPM verification and the catalina.out file now passes the verification check.importantScientific Linux FermiScientific Linux Fermi 6tomcat6-webapps-6.0.24-98.el6_8.noarch.rpm2997ced8ecf9d7e179911e00ed63ba64cab978d9ee428cede4ebdb3a0b648fectomcat6-admin-webapps-6.0.24-98.el6_8.noarch.rpm8f6175283b9801d4ff2a5fa9024f8ff9f5867a1362dd0ffcbc64b1147e97ffcatomcat6-lib-6.0.24-98.el6_8.noarch.rpm480bb7f17c104c0eb270c574ab00dc29b74e42aa21143061ac1fc44ef114c74ctomcat6-servlet-2.5-api-6.0.24-98.el6_8.noarch.rpm4f56c066c7ff970800d26305f6842d982d47ed8ba49d1533a00689ef2ba6e93btomcat6-javadoc-6.0.24-98.el6_8.noarch.rpmebde1556a415a96f7913183c895633d0512fb84c48a57f625ea9240f9c6f000etomcat6-6.0.24-98.el6_8.noarch.rpm688d83a1790d5dd61551d505365acd8bd212c7203f691916a0bbecce9418bec2tomcat6-el-2.1-api-6.0.24-98.el6_8.noarch.rpmca084b61bfb27573109c778cbe7c0d67ffa37681062bccde65e6b97cf0cbb089tomcat6-jsp-2.1-api-6.0.24-98.el6_8.noarch.rpmb12e3c125c38385f2095c9fbbf121c4e2bbc25e1034da9d221d48526c2aef61ftomcat6-docs-webapp-6.0.24-98.el6_8.noarch.rpmb8965f0d81de61aaa637505eb75d6f8c506adbb422519ccb097e460172147364SLSA-2016:2079-1Security Fix(es): * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. (CVE-2016-5582) * It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP requests to the JDWP port of the debugged application. (CVE-2016-5573) * It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2016-5542) Note: After this update, MD2 hash algorithm and RSA keys with less than 1024 bits are no longer allowed to be used for Jar integrity verification by default. MD5 hash algorithm is expected to be disabled by default in the future updates. A newly introduced security property jdk.jar.disabledAlgorithms can be used to control the set of disabled algorithms. * A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554) * A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597) Note: After this update, Basic HTTP proxy authentication can no longer be used when tunneling HTTPS connection through an HTTP proxy. Newly introduced system properties jdk.http.auth.proxying.disabledSchemes and jdk.http.auth.tunneling.disabledSchemes can be used to control which authentication schemes can be requested by an HTTP proxy when proxying HTTP and HTTPS connections respectively. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.criticalScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-src-1.8.0.111-0.b15.el6_8.i686.rpm9ed79e406e8266c554673ce7166370ad8340da1c538ae53cef7272ada8ccc796java-1.8.0-openjdk-src-debug-1.8.0.111-0.b15.el6_8.i686.rpm7b122ec825702cc0157baeec21cbf72502fce72f0accfe34df3952bed82fc634java-1.8.0-openjdk-demo-debug-1.8.0.111-0.b15.el6_8.i686.rpm1e123ed731a1ff19fc554ae3dc06b836a3d7b1ec59b6ec631c47366e013691d6java-1.8.0-openjdk-demo-1.8.0.111-0.b15.el6_8.i686.rpm17714d5f6fcb41eb16aaaaadf8d1735d9f136e44e0922ac257990299daf307e4java-1.8.0-openjdk-devel-debug-1.8.0.111-0.b15.el6_8.i686.rpm384d00b319ab09c3d332184f4fc4faaa69afa30e1092d16b75f22db402d539c1java-1.8.0-openjdk-1.8.0.111-0.b15.el6_8.i686.rpm50a10f378f336f88be201c3b4c937c67b4aa451193ceb515cbd98246a4f5c604java-1.8.0-openjdk-devel-1.8.0.111-0.b15.el6_8.i686.rpmca8dde73d80ddff88e29f954d362184d85881ebb77d332a56589637db240de01java-1.8.0-openjdk-headless-1.8.0.111-0.b15.el6_8.i686.rpm33914826259614da1919649db48a8820819ca702f0403279dae2288db71c6163java-1.8.0-openjdk-javadoc-1.8.0.111-0.b15.el6_8.noarch.rpmdcb22f1e1a35c38c16b833e15a8c155935fcd31f73cdd1cfc09ee27bc02da6cejava-1.8.0-openjdk-javadoc-debug-1.8.0.111-0.b15.el6_8.noarch.rpm9a4f8ece9b39a3adb58337235fe9bbe5f7e92129e9ca852fe448716c209396efjava-1.8.0-openjdk-debug-1.8.0.111-0.b15.el6_8.i686.rpm6088bb59e776a3dd5a065534d6567475cce702d7c9ff9b359f495ddb59242d8djava-1.8.0-openjdk-headless-debug-1.8.0.111-0.b15.el6_8.i686.rpmf696024cd0fbf1f58b2dc67077359cf63f127aafbc50fc8d097421dd1d46e9e3SLSA-2016:2093-1Security Fix(es): * A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet. (CVE-2016-2848)importantScientific Linux FermiScientific Linux Fermi 6bind-chroot-9.8.2-0.47.rc1.el6_8.2.i686.rpm4ecfd6f14f0ae79699ef25c5acdd7faa9f226326087e5aeab986050fc76b107cbind-sdb-9.8.2-0.47.rc1.el6_8.2.i686.rpmdf21751ae1142e5827d9cd3f9493e5fdce7130e0d37f123b8409752307b9463fbind-9.8.2-0.47.rc1.el6_8.2.i686.rpm9700a38597fcd508f63d442df2379e4b3ab7e22a49f113344388e9a6102eb72ebind-devel-9.8.2-0.47.rc1.el6_8.2.i686.rpm0f9820c649ad42856935e7809f29c15456e3ed23974869a2c471d19bcbf48dc3bind-utils-9.8.2-0.47.rc1.el6_8.2.i686.rpm8ce3538bc85ee86038b1edfe56771f91de4cd694a1f081aa6a2204e620476f8bbind-libs-9.8.2-0.47.rc1.el6_8.2.i686.rpmab5ad2ae3cb0e498be09870850b99d17bbd0e48c28179a9d4962950c340a998dSLSA-2016:2105-1Security Fix(es): * A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (CVE-2016-5195, Important)importantScientific Linux FermiScientific Linux Fermi 6kernel-debug-2.6.32-642.6.2.el6.i686.rpmbdbf93a76bbd757aa573cb74dde2d25b966757a6ea23b33db8b135b0e5a7b7bbpython-perf-2.6.32-642.6.2.el6.i686.rpm7dfc7ff446749e0988565ca7eb96f93573db42a5ab211177df3bc5a807200eaakernel-abi-whitelists-2.6.32-642.6.2.el6.noarch.rpmf1f5d6c9d24f5bcb0e2f53f43bee4a4a48d7853b3b8fbff64397b3ee3f2a9250kernel-devel-2.6.32-642.6.2.el6.i686.rpm9e492f722bec6324d34af87b337b36ab195bc0dd8017a36b1534ba5de76f2babkernel-headers-2.6.32-642.6.2.el6.i686.rpmc39dface2319ec0c7c51010d96bbeec91b446c7c21c01d1426bd5542a558104ckernel-2.6.32-642.6.2.el6.i686.rpm1659b394c72c08c443192cd8953b615f733bf853cf8c5a32b9e5ae0a449e479ckernel-debug-devel-2.6.32-642.6.2.el6.i686.rpm012c019b0cca4d48802ecb2d3d06d61b1499337b8771e33c699faf1c8e99d4f8perf-2.6.32-642.6.2.el6.i686.rpmb734e9ec893dce984bad1f9f6b6515bdbbb55266088c8f262236c289360e2b64kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm4a0ebcc73c7cc2e0778d20d8dc081a4e69a93db18a832c370a1c7d5fb1574f08kernel-doc-2.6.32-642.6.2.el6.noarch.rpm68fd844e19f6d08fa7359df4004d2eae4ce32eff51204c2460bfb79faa40dc53SLSA-2016:2141-1Security Fix(es): * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864)importantScientific Linux FermiScientific Linux Fermi 6bind-utils-9.8.2-0.47.rc1.el6_8.3.i686.rpm5d6571fbc313a2d8e6d090b99e3929e96de445be9aac146d648ffbbf45dd32bebind-9.8.2-0.47.rc1.el6_8.3.i686.rpm3daaffba30b54b745d667c38577af9a07c125bbe549b58c81e6c2da673c23f9ebind-sdb-9.8.2-0.47.rc1.el6_8.3.i686.rpm549d41a01215e49a029ee633393c86b2c1a2b77a7442f0105fb8e22e51f797c0bind-chroot-9.8.2-0.47.rc1.el6_8.3.i686.rpm0fe2c2a6f39c29746612499feb43f45c9113dd159372a982b6f544aea7b864a7bind-libs-9.8.2-0.47.rc1.el6_8.3.i686.rpmc0cb49d05cb02886ce5c3395c4b1ac3974436c7ab5153db297c0bfa11d245512bind-devel-9.8.2-0.47.rc1.el6_8.3.i686.rpmf57713b59fcc082c4abbc2393da452610e58ef1413a25701fbb9c8ee89847bf8SLSA-2016:2658-1Security Fix(es): * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. (CVE-2016-5582) * It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP requests to the JDWP port of the debugged application. (CVE-2016-5573) * It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2016-5542) Note: After this update, MD2 hash algorithm and RSA keys with less than 1024 bits are no longer allowed to be used for Jar integrity verification by default. MD5 hash algorithm is expected to be disabled by default in the future updates. A newly introduced security property jdk.jar.disabledAlgorithms can be used to control the set of disabled algorithms. * A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554) * A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597) Note: After this update, Basic HTTP proxy authentication can no longer be used when tunneling HTTPS connection through an HTTP proxy. Newly introduced system properties jdk.http.auth.proxying.disabledSchemes and jdk.http.auth.tunneling.disabledSchemes can be used to control which authentication schemes can be requested by an HTTP proxy when proxying HTTP and HTTPS connections respectively.importantScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.i686.rpmfb5e39b8b6559d21900cc258427b50ccbecc6a7fc7bd0bb6eeb9798178034facjava-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm506a38abfa34a5070a2014a09236e699a6812c1586c6a1b819a708a8bb573b82java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.i686.rpm917e0e0879cca3565132b02bfd8821a38c9ebc8e3639f96c080e8da951d34902java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.i686.rpm8050af534d1f41964d8687da5dcd7c8f4baa155256f2cd545f6035c05705e659java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.i686.rpm478624d26041f94872977a20769ea877f9ee161218fc472950506fa9deced520SLSA-2016:2674-1Security Fix(es): * A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number Generator). An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes. (CVE-2016-6313)moderateScientific Linux FermiScientific Linux Fermi 6libgcrypt-devel-1.4.5-12.el6_8.i686.rpm04234acdc46b31bf7c556d0d525a578e00c1c7f0190a67d46b6923ceb53b49felibgcrypt-1.4.5-12.el6_8.i686.rpm7b45e6ed65eefc24a22f1b1175b86116aeb8c6cfac6a151808dcd41946367412SLSA-2016:2675-1Security Fix(es): * An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine. (CVE-2016-7035)importantScientific Linux FermiScientific Linux Fermi 6pacemaker-libs-devel-1.1.14-8.el6_8.2.i686.rpmdb9ece9300fcbb5a2f140aa3f2c6449b02b5f89f60b3601ffdda3f68503a9b4fpacemaker-cli-1.1.14-8.el6_8.2.i686.rpm9cdd424dedcedf29811de496dc495a8c4185059ca7f541fe6488e2956202e3cbpacemaker-libs-1.1.14-8.el6_8.2.i686.rpm3534bf6774c4036e30df663f051c36fbf3f1136427a529ada0a78b01f3ee7f8bpacemaker-1.1.14-8.el6_8.2.i686.rpm5f8d6b13737b83b220ed0885e2f5ae835bd9e80fbfab37f0aef2eacdd837d07apacemaker-cts-1.1.14-8.el6_8.2.i686.rpm3ba6161047fb551fe499fc07cc4bb5b6dafae31c9ebcdefd5d60618f417997f5pacemaker-doc-1.1.14-8.el6_8.2.i686.rpm22d23cf39803c7b8d8be6283c454a20b1dd542a82f72305f382eb424844f1eaapacemaker-remote-1.1.14-8.el6_8.2.i686.rpm554262049de3e8af32dae8d32b3a95755dc5c03686d5d37deef26c3952eba409pacemaker-cluster-libs-1.1.14-8.el6_8.2.i686.rpma147916934130fb129b9c0ce3cb158cd0bddd6505fc81cc8e9b5bb24bdf18d38SLSA-2016:2702-1Security Fix(es): * It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context of the parent shell, escaping the sandbox. (CVE-2016-7545)importantScientific Linux FermiScientific Linux Fermi 6policycoreutils-2.0.83-30.1.el6_8.i686.rpm656c4e9540005e48a08b92dc8aefd0d5ef0e11e592dc2322f46a50f0700b9117policycoreutils-gui-2.0.83-30.1.el6_8.i686.rpm438b8a1bdbf8156e5f1d171970645f68b89bf8a13212a73ec5df571763b098acpolicycoreutils-sandbox-2.0.83-30.1.el6_8.i686.rpm82a1dae8d873e7fc31add33c25dc71fec2744d1c41c697e8aa7b449001838707policycoreutils-newrole-2.0.83-30.1.el6_8.i686.rpm33e1e4bf2b7acd51be6cb1a418c2c827cc3e261dffdec2336d1ef099ec359397policycoreutils-python-2.0.83-30.1.el6_8.i686.rpm1a2a9f1398df129e58ff5bee7ac000b055c607dbcdcd4d2edea6df8054868a72SLSA-2016:2765-1Security Fix(es): * It was found that 389 Directory Server was vulnerable to a flaw in which the default ACI (Access Control Instructions) could be read by an anonymous user. This could lead to leakage of sensitive information. (CVE-2016-5416) * An information disclosure flaw was found in 389 Directory Server. A user with no access to objects in certain LDAP sub-tree could send LDAP ADD operations with a specific object name. The error message returned to the user was different based on whether the target object existed or not. (CVE-2016-4992) * It was found that 389 Directory Server was vulnerable to a remote password disclosure via timing attack. A remote attacker could possibly use this flaw to retrieve directory server password after many tries. (CVE-2016-5405) Bug Fix(es): * Previously, a bug in the changelog iterator buffer caused it to point to an incorrect position when reloading the buffer. This caused replication to skip parts of the changelog, and consequently some changes were not replicated. This bug has been fixed, and replication data loss due to an incorrectly reloaded changelog buffer no longer occurs. * Previously, if internal modifications were generated on a consumer (for example by the Account Policy plug-in) and additional changes to the same attributes were received from replication, a bug caused Directory Server to accumulate state information on the consumer. The bug has been fixed by making sure that replace operations are only applied if they are newer than existing attribute deletion change sequence numbers (CSNs), and state information no longer accumulates in this situation. Enhancement(s): * In a multi-master replication environment where multiple masters receive updates at the same time, it was previously possible for a single master to obtain exclusive access to a replica and hold it for a very long time due to problems such as a slow network connection. During this time, other masters were blocked from accessing the same replica, which considerably slowed down the replication process. This update adds a new configuration attribute, "nsds5ReplicaReleaseTimeout", which can be used to specify a timeout in seconds. After the specified timeout period passes, the master releases the replica, allowing other masters to access it and send their updates.moderateScientific Linux FermiScientific Linux Fermi 6389-ds-base-1.2.11.15-84.el6_8.i686.rpm12705bd40ce2a244da26cbd545b265c1ad9bc66653348f0dd8e1d51696ade63d389-ds-base-libs-1.2.11.15-84.el6_8.i686.rpmd1bfb6fb92159b23a1c78501fe09b9c7d0de119252a07abf94adcbf1e9ef993c389-ds-base-devel-1.2.11.15-84.el6_8.i686.rpm999bc7238fdfe1a537b5cd7b5cf2bd8dbc315086c3a910e222b8899ab49d86c5SLSA-2016:2766-1Security Fix(es): * It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system. (CVE-2016-1583, Important) * It was reported that on s390x, the fork of a process with four page table levels will cause memory corruption with a variety of symptoms. All processes are created with three level page table and a limit of 4TB for the address space. If the parent process has four page table levels with a limit of 8PB, the function that duplicates the address space will try to copy memory areas outside of the address space limit for the child process. (CVE-2016-2143, Moderate) Bug Fix(es): * Use of a multi-threaded workload with high memory mappings sometiems caused a kernel panic, due to a race condition between the context switch and the pagetable upgrade. This update fixes the switch_mm() by using the complete asce parameter instead of the asce_bits parameter. As a result, the kernel no longer panics in the described scenario. * When iptables created the Transmission Control Protocol (TCP) reset packet, a kernel crash could occur due to uninitialized pointer to the TCP header within the Socket Buffer (SKB). This update fixes the transport header pointer in TCP reset for both IPv4 and IPv6, and the kernel no longer crashes in the described situation. * Previously, when the Enhanced Error Handling (EEH) mechanism did not block the PCI configuration space access and an error was detected, a kernel panic occurred. This update fixes EEH to fix this problem. As a result, the kernel no longer panics in the described scenario. * When the lockd service failed to start up completely, the notifier blocks were in some cases registered on a notification chain multiple times, which caused the occurrence of a circular list on the notification chain. Consequently, a soft lock-up or a kernel oops occurred. With this update, the notifier blocks are unregistered if lockd fails to start up completely, and the soft lock-ups or the kernel oopses no longer occur under the described circumstances. * When the Fibre Channel over Ethernet (FCoE) was configured, the FCoE MaxFrameSize parameter was incorrectly restricted to 1452. With this update, the NETIF_F_ALL_FCOE symbol is no longer ignored, which fixes this bug. MaxFrameSize is now restricted to 2112, which is the correct value. * When the fnic driver was installed on Cisco UCS Blade Server, the discs were under certain circumstances put into the offline state with the following error message: "Medium access timeout failure. Offlining disk!". This update fixes fnic to set the Small Computer System Interface (SCSI) status as DID_ABORT after a successful abort operation. As a result, the discs are no longer put into the offlined state in the described situation.importantScientific Linux FermiScientific Linux Fermi 6kernel-devel-2.6.32-642.11.1.el6.i686.rpm086afc5eea1c72977a5c9688846e56e032a245ef548eee5682ec58e42382672fpython-perf-2.6.32-642.11.1.el6.i686.rpm1e8ac870e7e682be48627774488b62ac17903e92431d34b5be2a66f569c54704kernel-abi-whitelists-2.6.32-642.11.1.el6.noarch.rpm0adbeecb285985374e30fdbf84cc4342c144074d1ea2896e63893936606fc453kernel-debug-devel-2.6.32-642.11.1.el6.i686.rpm4bd2050751ec90f557a44a4f3bfe6cac045d71a9eb1ab3ab002974daf5f71e02kernel-headers-2.6.32-642.11.1.el6.i686.rpm5322ea33c3814b5f8b74de629c39402d7edd4fbcd8afd06bc6bd9b86d30fb6e0kernel-debug-2.6.32-642.11.1.el6.i686.rpm15b2eab19e28554903c5ebf0483f699d2b4baa1d80f17c5f1a87cccd9e615b16kernel-2.6.32-642.11.1.el6.i686.rpmc854acb00bba948c6b58fabd63b40e4d9cdebca7e1dad8fcf364d6dfcb3ccc54kernel-doc-2.6.32-642.11.1.el6.noarch.rpm89fd2720630b715c741f382a1cad5d2c70624964a5b3788d128f5d707ff1a828perf-2.6.32-642.11.1.el6.i686.rpmed5afc65ec5430bd7b2576898f02cc120e50be9d6cb5f48a7b0ecee9f8b41cc8kernel-firmware-2.6.32-642.11.1.el6.noarch.rpm0f020bdf0a662a63f2f51a5a237dd15898902d682c9f8041c96f4bc19bf2f73dSLSA-2016:2779-1The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.12.3), nss-util (3.12.3). Security Fix(es): * Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the permission of the user running the application. (CVE-2016-2834) * A NULL pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash a TLS/SSL server using NSS. (CVE-2016-5285) * It was found that Diffie Hellman Client key exchange handling in NSS was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group. (CVE-2016-8635)moderateScientific Linux FermiScientific Linux Fermi 6nss-tools-3.21.3-2.el6_8.i686.rpmcac97e1eb09634d45830eca50ceec7090520fc602033d5c9713f8de38edac1f7nss-util-3.21.3-1.el6_8.i686.rpm33141bcfa11b5652bd974126dc816958c77b3c0729b089fd58d97e85fb0bfdd8nss-3.21.3-2.el6_8.i686.rpmd26027f7e0f9dd771640120c2ffce75692f3aebe65256e7a9f4d6d59613fd2f9nss-devel-3.21.3-2.el6_8.i686.rpmaaf32f62f91d2d057a56b2d373b1863a6679bc5a2d4d13a8451ab08316d123afnss-pkcs11-devel-3.21.3-2.el6_8.i686.rpm98904ced1e2ea2fe4ad60d28b6f2b190ea0dea0f0a553ca53f6522a9a646c814nss-sysinit-3.21.3-2.el6_8.i686.rpm8b6ab67e04c0f4496ed608f1dba297c5d9babfa95d0ec3d6ba89010fc9dc6433nss-util-devel-3.21.3-1.el6_8.i686.rpm07fc5f0159fbaef3550eceb3e720611e2d117bcf6a00b1ed84b65f83b9c22b57SLSA-2016:2780-1This update upgrades Firefox to version 45.5.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-5291, CVE-2016-5290) * A flaw was found in the way Add-on update process was handled by Firefox. A Man-in-the-Middle attacker could use this flaw to install a malicious signed add-on update. (CVE-2016-9064)criticalScientific Linux FermiScientific Linux Fermi 6firefox-45.5.0-1.el6_8.i686.rpm930a35ffaaaa27fafb95dce4e7e45cf1991fd6dbaaf20e544a7ca825b28b23bcSLSA-2016:2820-1Security Fix(es): * Two integer overflow flaws, leading to heap-based buffer overflows, were found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, execute arbitrary code. (CVE-2016-8704, CVE-2016-8705)importantScientific Linux FermiScientific Linux Fermi 6memcached-devel-1.4.4-3.el6_8.1.i686.rpm7fac4bb44e8640626fc40daae583b353d4dd159b4a74174cd62345accb3e8c5ememcached-1.4.4-3.el6_8.1.i686.rpm797c644e19f3b6724154cd95af268222527597075c6edbe676b28b1b09c51069SLSA-2016:2824-1Security Fix(es): * An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application. (CVE-2016-0718)moderateScientific Linux FermiScientific Linux Fermi 6expat-2.0.1-13.el6_8.i686.rpm3615b8cb6c8d315466be6f524ff5308b3b20b9ab3475f16087bed07ac7aa139bexpat-devel-2.0.1-13.el6_8.i686.rpma6cb13a30fe68020f09d00adc104892c1f5aa1a76a07af92aaf556dccc230aabSLSA-2016:2825-1This update upgrades Thunderbird to version 45.5.0 Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-5290)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-45.5.0-1.el6_8.i686.rpmd6ccfda2db8c994d851962517b8a6611f73e09e709997e543cf0d995399c9070SLSA-2016:2843-1This update upgrades Firefox to version 45.5.1 ESR. Security Fix(es): * A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-9079)criticalScientific Linux FermiScientific Linux Fermi 6firefox-45.5.1-1.el6_8.i686.rpmf03e0653b482f295c95cd751b4a9d85e82e1309ee4125daf3b537ba3f514efc6SLSA-2016:2850-1This update upgrades Thunderbird to version 45.5.1. Security Fix(es): * A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-9079)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-45.5.1-1.el6_8.i686.rpmacaf4c7a1400c06229a53d269561448ea6d2dfb83aee0e69598f02ec39e7145cSLSA-2016:2872-1Security Fix(es): * It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system(), popen(), or wordexp() C library functions with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could use these flaws to execute arbitrary commands with elevated privileges. (CVE-2016-7032, CVE-2016-7076) These issues were discovered by Florian Weimer (Red Hat).moderateScientific Linux FermiScientific Linux Fermi 6sudo-1.8.6p3-25.el6_8.i686.rpm74d8823f93294a15a8f027fbd523ffb98178759e0de63c51ef275e13d5306d17sudo-devel-1.8.6p3-25.el6_8.i686.rpmae50a8f2eca5f15dfc46c08a656d8fc35e28d83e19170844bd05bcf9c86eb35bSLSA-2016:2946-1This update upgrades Firefox to version 45.6.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-9893, CVE-2016-9899, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9904, CVE-2016-9905)criticalScientific Linux FermiScientific Linux Fermi 6firefox-45.6.0-1.el6_8.i686.rpmd64b021574d5adef0dea64203737609c4fab8d120e67e33ec17c4c880f41258fSLSA-2016:2972-1Security Fix(es): * A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim. (CVE-2016-1248)moderateScientific Linux FermiScientific Linux Fermi 6vim-filesystem-7.4.629-5.el6_8.1.i686.rpme01d77af9d4dabf2614d2b714bf9960238d05829389b5c3950ff1a32822be52evim-enhanced-7.4.629-5.el6_8.1.i686.rpme4f3084dea7cbbd485752a811010a84efaf18c71911df30de565a1a6d73ff27evim-common-7.4.629-5.el6_8.1.i686.rpm6e7cffb3d91803e4793300512dc92e8da5706bc7ff2e0adf8c10fa3f5daba448vim-minimal-7.4.629-5.el6_8.1.i686.rpmf0c499b9f3aefb371111285490b3460e39a529943190bc98292566e4a8967c59vim-X11-7.4.629-5.el6_8.1.i686.rpm7020f1c9645e91e68ed308e4dca84bed020cea2f53c384787368e28abb30fb88SLSA-2016:2973-1This update upgrades Thunderbird to version 45.6.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-9893, CVE-2016-9899, CVE-2016-9895, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9905)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-45.6.0-1.el6_8.i686.rpm49849319bb028ed2e3f3500a25d3ce7ff3e8ef87ebee3874a46d41c685f1bcaaSLSA-2016:2974-1Security Fix(es): * An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9445) * A memory corruption flaw was found in GStreamer's Nintendo NSF music file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9447) Note: This updates removes the vulnerable Nintendo NSF plug-in.importantScientific Linux FermiScientific Linux Fermi 6gstreamer-plugins-bad-free-devel-0.10.19-5.el6_8.i686.rpmc0033ff162bee6c56ab075d94081b70d8b0bbab385400b1258758b0ca618fd86gstreamer-plugins-bad-free-devel-docs-0.10.19-5.el6_8.i686.rpm257505a39182642ae509ad7fbbc3b91c13719e6747d82e23c7eb035f8c98acc1gstreamer-plugins-bad-free-extras-0.10.19-5.el6_8.i686.rpmb65cb71d3aa7b9651be42750d675f2b7d80075ae4891b0976277c023a8a324e0gstreamer-plugins-bad-free-0.10.19-5.el6_8.i686.rpmfc2bf51e98dee113c79514423f4406cad455ce94ced094b0f3669809a5773ec2SLSA-2016:2975-1Security Fix(es): * Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application. (CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9808) * An invalid memory read access flaw was found in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash. (CVE-2016-9807) Note: This updates removes the vulnerable FLC/FLI/FLX plug-in.importantScientific Linux FermiScientific Linux Fermi 6gstreamer-plugins-good-0.10.23-4.el6_8.i686.rpm8bc4dedf738fc2398e740a11d420863167b67e436f616ae7eeb79047b94bf19dgstreamer-plugins-good-devel-0.10.23-4.el6_8.i686.rpm33844c31d90cfcf245f0abf778b9d84ba7a5fc666075c46cf0903eab0280dbcfSLSA-2017:0014-1Security Fix(es): * It was found that the ghostscript functions getenv, filenameforall and .libfile did not honor the -dSAFER option, usually used when processing untrusted documents, leading to information disclosure. A specially crafted postscript document could read environment variable, list directory and retrieve file content respectively, from the target. (CVE-2013-5653, CVE-2016-7977) * It was found that the ghostscript function .initialize_dsc_parser did not validate its parameter before using it, allowing a type confusion flaw. A specially crafted postscript document could cause a crash code execution in the context of the gs process. (CVE-2016-7979) * It was found that ghostscript did not sufficiently check the validity of parameters given to the .sethalftone5 function. A specially crafted postscript document could cause a crash, or execute arbitrary code in the context of the gs process. (CVE-2016-8602)moderateScientific Linux FermiScientific Linux Fermi 6ghostscript-gtk-8.70-21.el6_8.1.i686.rpmf8a22e9045481d82e23ed402abbbdbef2640acc5f04543b61f54c7d2c14085b8ghostscript-devel-8.70-21.el6_8.1.i686.rpma579cf7eb48b385dd1a0452b986086958d69c0c46973c1e41b02d8963c25d34bghostscript-8.70-21.el6_8.1.i686.rpmba7ab42de9bd6463b1cb8ff35d0211533ce9c0618b2699cce0b4b5d0544ac452ghostscript-doc-8.70-21.el6_8.1.i686.rpmdb56d4095dbf263e0b0e7ee4e7bccb99ed2ef0f8be3f4ef379dd2daecc2bf225SLSA-2017:0036-1Security Fix(es): * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) * An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate) * A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate) Bug Fix(es): * When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. * When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots. * From Scientific Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. * When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status. * When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel's 'vga=' parameter in the /boot/grub/grub.conf file. This update adds the 'nomodeset' parameter, which can be set in the /boot/grub/grub.conf file. The 'nomodeset' parameter allows the users to prevent the vmwgfx driver from loading. As a result, the setting of the 'vga=' parameter works as expected, in case that vmwgfx does not load. * When Scientific Linux 6.8 was booted on SMBIOS 3.0 based systems, Desktop Management Interface (DMI) information, which is referenced by several applications, such as NEC server's memory RAS utility, was missing entries in the sysfs virtual file system. This update fixes the underlying source code, and sysfs now shows the DMI information as expected. * Previously, bonding mode active backup and the propagation of the media access control (MAC) address to a VLAN interface did not work in Scientific Linux 6.8, when the fail_over_mac bonding parameter was set to fail_over_mac=active. With this update, the underlying source code has been fixed so that the VLANs continue inheriting the MAC address of the active physical interface until the VLAN MAC address is explicitly set to any value. As a result, IPv6 EUI64 addresses for the VLAN can reflect any changes to the MAC address of the physical interface, and Duplicate Address Detection (DAD) behaves as expected.importantScientific Linux FermiScientific Linux Fermi 6kernel-2.6.32-642.13.1.el6.i686.rpm5e5a572ca58b6b929be9fafeb252b68cbea094a6d4aeeed591283bc526d65595kernel-abi-whitelists-2.6.32-642.13.1.el6.noarch.rpmc171521ea01dd684e221c09c9805e1e5c82b3e6b9bc3e66bdbba918c42c9c19bkernel-devel-2.6.32-642.13.1.el6.i686.rpm5498c1b22584270eb5a565e01c09b8571f17fba3cb1638b42450299d6cbdaac9python-perf-2.6.32-642.13.1.el6.i686.rpmcd3b8c6907ba23f82fe8a59445a4f4ceca8cc4203e2370cefe285d3490b0d8b5kernel-debug-devel-2.6.32-642.13.1.el6.i686.rpm8b69f6c581df75030f040af001898b16380e127590214a8b6c55e18302e3e1f3perf-2.6.32-642.13.1.el6.i686.rpmb15b6810b5ddc987363adac432e96d44959811d1268836d25b704264b097d60ckernel-doc-2.6.32-642.13.1.el6.noarch.rpm9eec6c2154ee118fcd279dedd57c085b93496b2d11f1f213817579045a4a937akernel-debug-2.6.32-642.13.1.el6.i686.rpmf23f8c973be1613a8ab0431d4fa797197e03b41eb31080d308fba4248fdd8997kernel-headers-2.6.32-642.13.1.el6.i686.rpm94712b4092fa6be444b4df15c944630903863ca328df8b3bc56ca17c74a244f2kernel-firmware-2.6.32-642.13.1.el6.noarch.rpmbf1ee812e5e093dfbc8426baa67d9a6451ebb7a8466076a74fd3b87cb185a6a4SLSA-2017:0061-1Security Fix(es): * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. (CVE-2016-5582) * It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP requests to the JDWP port of the debugged application. (CVE-2016-5573) * It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2016-5542) Note: After this update, MD2 hash algorithm and RSA keys with less than 1024 bits are no longer allowed to be used for Jar integrity verification by default. MD5 hash algorithm is expected to be disabled by default in the future updates. A newly introduced security property jdk.jar.disabledAlgorithms can be used to control the set of disabled algorithms. * A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554) * A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597) Note: After this update, Basic HTTP proxy authentication can no longer be used when tunneling HTTPS connection through an HTTP proxy. Newly introduced system properties jdk.http.auth.proxying.disabledSchemes and jdk.http.auth.tunneling.disabledSchemes can be used to control which authentication schemes can be requested by an HTTP proxy when proxying HTTP and HTTPS connections respectively.importantScientific Linux FermiScientific Linux Fermi 6java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el6_8.i686.rpm0c46a4ea05b607acc03d503ed39132785e77e3614611d7c286b30c925b765e1cjava-1.6.0-openjdk-1.6.0.41-1.13.13.1.el6_8.i686.rpmf0d08c12422ab8e81a46a6ef7006422fddfd7dc0f7a34230c9c3305ea491851ejava-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el6_8.i686.rpm839bd6b13076530228c2892b28a763710acb289f84d8f84dc5c013388f7bb25bjava-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el6_8.i686.rpm550bdac16b9246e99a5e35d8a9a67b1fc2d32b1c1142e5eb9aa115869c13b6d1java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el6_8.i686.rpm075dc0b490c664ae9f2e4bf0eeb2d8acf15626898a2f021c0fe01870651e4472SLSA-2017:0063-1Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9147)importantScientific Linux FermiScientific Linux Fermi 6bind-sdb-9.8.2-0.47.rc1.el6_8.4.i686.rpmc81d86299734e605eee151725396fdbede67748b03e265da198d7cd6e6b21656bind-chroot-9.8.2-0.47.rc1.el6_8.4.i686.rpmcb40a8d9fb3f9e17d35ca03c8a48cb87ebf2d1572041427d21ae6624f4a18efcbind-devel-9.8.2-0.47.rc1.el6_8.4.i686.rpma79f1ca81e1ea9fcc5c8958ccbf0d806d7d93365bd6885a74f2ba16294c26c71bind-utils-9.8.2-0.47.rc1.el6_8.4.i686.rpm0972ea6f3259afdbe82a1fa2612ed483563351ffc804229b01365daa11c30983bind-9.8.2-0.47.rc1.el6_8.4.i686.rpm5eb9e99b3fb16fe2b31ff20646dd0dd3af1dfc3edae3f27f62cfd0d54bd1439cbind-libs-9.8.2-0.47.rc1.el6_8.4.i686.rpm9a27a3db4d42258757d79b06c6cfb01d28026e29d6d6e726df4877500547f2b4SLSA-2017:0180-1Security Fix(es): * It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-3241) This issue was addressed by introducing whitelists of classes that can be deserialized by RMI registry or DCG. These whitelists can be customized using the newly introduced sun.rmi.registry.registryFilter and sun.rmi.transport.dgcFilter security properties. * Multiple flaws were discovered in the Libraries and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-3272, CVE-2017-3289) * A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2016-5548) * It was discovered that the Libraries component of OpenJDK accepted ECSDA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools. (CVE-2016-5546) * It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory. (CVE-2017-3253) * It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory. (CVE-2016-5547) * It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN. (CVE-2017-3252) * It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL. (CVE-2016-5552) * Multiple flaws were found in the Networking components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-3261, CVE-2017-3231) * A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183) This update mitigates the CVE-2016-2183 issue by adding 3DES cipher suites to the list of legacy algorithms (defined using the jdk.tls.legacyAlgorithms security property) so they are only used if connecting TLS/SSL client and server do not share any other non-legacy cipher suite. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.criticalScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-debug-1.8.0.121-0.b13.el6_8.i686.rpmab91bbd72096de9ff9c1ae292c8f1c47fcb32a5bca75c423f2b8644b4500d835java-1.8.0-openjdk-headless-debug-1.8.0.121-0.b13.el6_8.i686.rpm39c1c9e0f9dccdcaec08d2822a59a5488fb07769345209b09e85e27963acfbfejava-1.8.0-openjdk-devel-debug-1.8.0.121-0.b13.el6_8.i686.rpm46eaed39d06863f9b32dec425dd52c0681355239c1e42f7f56c1154c28ef15dejava-1.8.0-openjdk-demo-1.8.0.121-0.b13.el6_8.i686.rpmff434104ef76c1dbae3ec62364ab37e6d91494156cb8ce1eb4b013573c06292bjava-1.8.0-openjdk-devel-1.8.0.121-0.b13.el6_8.i686.rpmdaf38411bb56e2c6c484a21fbd08274de470afca2de856c81adc747135999f4djava-1.8.0-openjdk-1.8.0.121-0.b13.el6_8.i686.rpm4ba00a9c1a7199faa6d9e40f67bd21cb0c1e12748541055d1096c83310a365dbjava-1.8.0-openjdk-javadoc-1.8.0.121-0.b13.el6_8.noarch.rpm74fe19d2464fd21fda7d5477235c2c7576a05bcff7a7c3ff9b410691de5cfe3cjava-1.8.0-openjdk-demo-debug-1.8.0.121-0.b13.el6_8.i686.rpm117b64d3c47e0a59516de70460fd1e12b1052628c2bd36ab03cc0911e0ec4240java-1.8.0-openjdk-src-1.8.0.121-0.b13.el6_8.i686.rpm06f61193f675ce03df7168f1838b7405d4e988e50586b9fc39fff895ebadad16java-1.8.0-openjdk-headless-1.8.0.121-0.b13.el6_8.i686.rpmcfe6b619c7ab4a236fd974ca6c357f0a80d7b4e7dabbf58b9329a8f5796f3071java-1.8.0-openjdk-src-debug-1.8.0.121-0.b13.el6_8.i686.rpmf73dbacf03e5feac91bf87ec8d4de66418adfc3566b2c92ed781ba0531d180fejava-1.8.0-openjdk-javadoc-debug-1.8.0.121-0.b13.el6_8.noarch.rpmc1138e7ae5a141f57bf2e1ca48ab14f8f0852b2cc2c1cfe0ea1750258007637eSLSA-2017:0183-1Security Fix(es): * It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections. (CVE-2016-10002)moderateScientific Linux FermiScientific Linux Fermi 6squid34-3.4.14-9.el6_8.4.i686.rpm7e52b9bf9f4148697697dc047a6cece38ece8c0a20ba2bce2b734204b2199030SLSA-2017:0184-1Security Fix(es): * It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) * A race condition was found in the way MySQL performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user. (CVE-2016-6663, CVE-2016-5616)importantScientific Linux FermiScientific Linux Fermi 6mysql-libs-5.1.73-8.el6_8.i686.rpm3ae7749281395d87188923fc17a9e66871548f14f417203703dd07a0cd271a0bmysql-devel-5.1.73-8.el6_8.i686.rpm28a0929bdeec6c520eea383e9dc8f398a5572945528cee989287189b384f49a9mysql-server-5.1.73-8.el6_8.i686.rpme4e0a7c025c9cf50dac523c2efca50a63c2e9177ff515a6a81f6bbd0899653b3mysql-bench-5.1.73-8.el6_8.i686.rpm724a34065729bd48c2b62eac6d6d110f64df06891172cebd8136f1e8e706975amysql-embedded-5.1.73-8.el6_8.i686.rpm4254ef63aa37c4bfafff6c7a6f29b98271bc4a26a57191f8de0ec40caed2e725mysql-embedded-devel-5.1.73-8.el6_8.i686.rpm0ad1113c3e52b67a7f3fd05b3d7209c1f77b4a1bb6d35789bfe3d3dbe05577d0mysql-test-5.1.73-8.el6_8.i686.rpm7e2e84a4b77347db31b016d4c96c34c5e5a3224391953e58a985b39bc07efe12mysql-5.1.73-8.el6_8.i686.rpm4238037acbbe6e7b0d751fde2a3841b4d9f1112067e25dbcf2bb1ab7a691345dSLSA-2017:0190-1This update upgrades Firefox to version 45.7.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5386, CVE-2017-5390, CVE-2017-5396)criticalScientific Linux FermiScientific Linux Fermi 6firefox-45.7.0-2.el6_8.i686.rpm13a5085b51a25f77ac34922ad8cc37c6183bdc09d1e69b845541a096d604a843firefox-45.7.0-1.el6_8.i686.rpmc40e3121e4607e09acc8bba4aa3146a742297335cb2ef0d281fcf4937aa04b71SLSA-2017:0225-1Security Fix(es): * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. (CVE-2016-9533, CVE-2016-9534, CVE-2016-9535) * Multiple flaws have been discovered in various libtiff tools (tiff2pdf, tiffcrop, tiffcp, bmp2tiff). By tricking a user into processing a specially crafted file, a remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code with the privileges of the user running the libtiff tool. (CVE-2015-8870, CVE-2016-5652, CVE-2016-9540, CVE-2016-9537, CVE-2016-9536)moderateScientific Linux FermiScientific Linux Fermi 6libtiff-static-3.9.4-21.el6_8.i686.rpm23b56ab2d0385235f6bdfddfd5fa963dfb7ea3bc9bb76327b7d8ab192074ea90libtiff-3.9.4-21.el6_8.i686.rpm33d18b53a5c280266dba99dd5c4dfe8f83c919dcf987c7bd332f2241c5354921libtiff-devel-3.9.4-21.el6_8.i686.rpmbb284ebfc72c3b084d881df484aec2e5e1f41e908b29c2f08cec66489ba12220SLSA-2017:0238-1This update upgrades Thunderbird to version 45.7.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5390, CVE-2017-5396)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-45.7.0-1.el6_8.i686.rpmc69958889fdfc5037c41cb529ba5ca356491983df949879a69a35e13220998e2SLSA-2017:0252-1Security Fix(es): * It was found that when ntp is configured with rate limiting for all associations the limits are also applied to responses received from its configured sources. A remote attacker who knows the sources can cause a denial of service by preventing ntpd from accepting valid responses from its sources. (CVE-2016-7426) * A flaw was found in the control mode functionality of ntpd. A remote attacker could send a crafted control mode packet which could lead to information disclosure or result in DDoS amplification attacks. (CVE-2016-9310) * A flaw was found in the way ntpd implemented the trap service. A remote attacker could send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service. (CVE-2016-9311) * A flaw was found in the way ntpd running on a host with multiple network interfaces handled certain server responses. A remote attacker could use this flaw which would cause ntpd to not synchronize with the source. (CVE-2016-7429) * A flaw was found in the way ntpd calculated the root delay. A remote attacker could send a specially-crafted spoofed packet to cause denial of service or in some special cases even crash. (CVE-2016-7433)moderateScientific Linux FermiScientific Linux Fermi 6ntp-perl-4.2.6p5-10.el6_8.2.i686.rpmcbe67fd0ea0204b440e69015b96a907b27bd27b814dca2bb4a78e73d496bb9efntp-doc-4.2.6p5-10.el6_8.2.noarch.rpmefe173af8e9ca6f18d31e7258f7d3632c16d68a10755e8e03d0fb3c19f594553ntpdate-4.2.6p5-10.el6_8.2.i686.rpm464c55d3edc7ae75cae8aa953592fb154983ab25f2d1f37ee41aee94216d94a9ntp-4.2.6p5-10.el6_8.2.i686.rpm9d6246ba71688a56f6f0599f5a6ba141666a6776e2129e494040d304edf6bf59SLSA-2017:0269-1Security Fix(es): * It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-3241) This issue was addressed by introducing whitelists of classes that can be deserialized by RMI registry or DCG. These whitelists can be customized using the newly introduced sun.rmi.registry.registryFilter and sun.rmi.transport.dgcFilter security properties. * Multiple flaws were discovered in the Libraries and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-3272, CVE-2017-3289) * A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2016-5548) * It was discovered that the Libraries component of OpenJDK accepted ECSDA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools. (CVE-2016-5546) * It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory. (CVE-2017-3253) * It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory. (CVE-2016-5547) * It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN. (CVE-2017-3252) * It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL. (CVE-2016-5552) * Multiple flaws were found in the Networking components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-3261, CVE-2017-3231) * A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183) This update mitigates the CVE-2016-2183 issue by adding 3DES cipher suites to the list of legacy algorithms (defined using the jdk.tls.legacyAlgorithms security property) so they are only used if connecting TLS/SSL client and server do not share any other non-legacy cipher suite.criticalScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-demo-1.7.0.131-2.6.9.0.el6_8.i686.rpm03721a8b88a1242607de0db47b63cf18e07d56a8cf04e397c6b7ccf1142f146ejava-1.7.0-openjdk-javadoc-1.7.0.131-2.6.9.0.el6_8.noarch.rpmcec52da5b4651e98942f333978cc8e2adf6706b747e796c6a442642658caa563java-1.7.0-openjdk-1.7.0.131-2.6.9.0.el6_8.i686.rpm75b03f968163bed9281c10c90f7f6052ccb2b5e741b2ddb083173be1bcd9735ejava-1.7.0-openjdk-src-1.7.0.131-2.6.9.0.el6_8.i686.rpma845fbadfc671146d55fdd1c2bad94fbaf2a2580ca15fa5bec340897c93d66aajava-1.7.0-openjdk-devel-1.7.0.131-2.6.9.0.el6_8.i686.rpm48af5f15f07c5cd481e568bda5cfc4b7eab2c8a109eab01f5cfb4dddcfe46d86SLSA-2017:0286-1Security Fix(es): * An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite. (CVE-2017-3731) * A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections form other clients. (CVE-2016-8610)moderateScientific Linux FermiScientific Linux Fermi 6openssl-perl-1.0.1e-48.sl6_8.4.i686.rpmdbc4c9379011732e5b48142a2286c9fba6d6e5568c1555f8ce9c5752064a622fopenssl-static-1.0.1e-48.sl6_8.4.i686.rpm126ff63fe22243f97751c15cc21b49a34a41d8074961d54d208dff9200ada09dopenssl-devel-1.0.1e-48.sl6_8.4.i686.rpm6b20c4cb87c930ca05a0fdd8830a5df4c45f86f25baf25143a804a5f9f40bbcbopenssl-1.0.1e-48.sl6_8.4.i686.rpme12f8db124e6f308c5cdbf2af112999317a6789d82c3a04f6d46fea56b7b6f25openssl-1.0.1e-48.el6_8.4.i686.rpm3cb71a00f3b543c77c6e32ae43f09f77a6ec1a9035af3b25f81f2e9d1baac0c7openssl-devel-1.0.1e-48.el6_8.4.i686.rpmeb2e349ba79aa7252233dfbaffe89865dcfc4b88c1e7fe65f157be77ce030da5openssl-static-1.0.1e-48.el6_8.4.i686.rpm7d3cabe49d0e56086a0c82cbc8884bb1abc9ae0e035bdf303b79bb3457bd21bfopenssl-perl-1.0.1e-48.el6_8.4.i686.rpm8286b7b4492285175f64972280bd65365cbc4cecf3fc4a586592cd8869426b49SLSA-2017:0293-1Security Fix(es): * A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important)importantScientific Linux FermiScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-642.13.2.el6.noarch.rpm6e7dc601051e6b4e615e8475cfe4a0423612c2999e4387b8d6cb9d90bf8cca95kernel-firmware-2.6.32-642.13.2.el6.noarch.rpm46dba8452717d1b061f24f66bb13b68e1b70b1c575810c0b3938adaf0d0b765bkernel-debug-2.6.32-642.13.2.el6.i686.rpm58beb89656803adc5aab7843cb14250442ee14df0bb9f2fd765a0fe8c0d0c7f3python-perf-2.6.32-642.13.2.el6.i686.rpmf3556648fcc2fd5472bd5cd50f6c4f6b5055d1f3246b3b4df45cb15edaf42c2dkernel-devel-2.6.32-642.13.2.el6.i686.rpmf0c86fc888e18ab2d321aaac0526a2757cd1bd9ed8da1c46cc4e17eb95ddd9c9kernel-headers-2.6.32-642.13.2.el6.i686.rpm4e5f264c80f36c05a6e572a57e87bfd795ac5b6d8c3fee836c2860cf9971050ekernel-2.6.32-642.13.2.el6.i686.rpm36b44018a5fcc41c3a51082909fe7bf4fb7a2500607117c9e4985c55c0fe6e51perf-2.6.32-642.13.2.el6.i686.rpme43099e327106cc78a2bd0fb595ad8c9b5122f59517095fe90d70a9910487775kernel-doc-2.6.32-642.13.2.el6.noarch.rpm4c4c832078f635becb5dc2d09f6970ac567226b1e8bb9060e9eedda24bc4e9ackernel-debug-devel-2.6.32-642.13.2.el6.i686.rpm2d61d4b48c47e8a139d556e23acaf968fc7c9da1184062d2ba55a94aa61e90a1SLSA-2017:0307-1Security Fix(es): * When creating audit records for parameters to executed children processes, an attacker can convince the Linux kernel audit subsystem can create corrupt records which may allow an attacker to misrepresent or evade logging of executing commands. (CVE-2016-6136, Moderate) * A flaw was found in the Linux kernel's implementation of the SCTP protocol. A remote attacker could trigger an out-of-bounds read with an offset of up to 64kB potentially causing the system to crash. (CVE-2016-9555, Moderate) Bug Fix(es): * The qlnic driver previously attempted to fetch pending transmission descriptors before all writes were complete, which lead to firmware hangs. With this update, the qlcnic driver has been fixed to complete all writes before the hardware fetches any pending transmission descriptors. As a result, the firmware no longer hangs with the qlcnic driver. * Previously, when a NFS share was mounted, the file-system (FS) cache was incorrectly enabled even when the "-o fsc" option was not used in the mount command. Consequently, the cachefilesd service stored files in the NFS share even when not instructed to by the user. With this update, NFS does not use the FS cache if not instructed by the "-o fsc" option. As a result, NFS no longer enables caching if the "-o fsc" option is not used. * Previously, an NFS client and NFS server got into a NFS4 protocol loop involving a WRITE action and a NFS4ERR_EXPIRED response when the current_fileid counter got to the wraparound point by overflowing the value of 32 bits. This update fixes the NFS server to handle the current_fileid wraparound. As a result, the described NFS4 protocol loop no longer occurs. * Previously, certain configurations of the Hewlett Packard Smart Array (HPSA) devices caused hardware to be set offline incorrectly when the HPSA driver was expected to wait for existing I/O operations to complete. Consequently, a kernel panic occurred. This update prevents the described problem. As a result, the kernel panic no longer occurs. * Previously, memory corruption by copying data into the wrong memory locations sometimes occurred, because the __copy_tofrom_user() function was returning incorrect values. This update fixes the __copy_tofrom_user() function so that it no longer returns larger values than the number of bytes it was asked to copy. As a result, memory corruption no longer occurs in he described scenario. * Previously, guest virtual machines (VMs) on a Hyper-V server cluster got in some cases rebooted during the graceful node failover test, because the host kept sending heartbeat packets independently of guests responding to them. This update fixes the bug by properly responding to all the heartbeat messages in the queue, even if they are pending. As a result, guest VMs no longer get rebooted under the described circumstances. * When the "punching hole" feature of the fallocate utility was used on an ext4 file system inode with extent depth of 1, the extent tree of the inode sometimes became corrupted. With this update, the underlying source code has been fixed, and extent tree corruption no longer occurs in the described situation.moderateScientific Linux FermiScientific Linux Fermi 6kernel-debug-devel-2.6.32-642.15.1.el6.i686.rpm89aca47288e7d6f37aafb9bdc583b11f82eabe1a3d490ab8bc255f20b3a34ba3perf-2.6.32-642.15.1.el6.i686.rpmc4ad9d7104868640038ecbfa4b5b16c231569d843b6113fbb17e350ad8835786kernel-doc-2.6.32-642.15.1.el6.noarch.rpm78485a3ef75c1070d0d9a3c3586359679bb62c923b0d2e6636224e1cc9bb4e4bkernel-devel-2.6.32-642.15.1.el6.i686.rpmb6f6c57b235677ac414aa18baf4ebdd042bd6c7e390d0d2942f2cbbadecafae7kernel-2.6.32-642.15.1.el6.i686.rpm6217f06c3d343fc77a4e612ec80eab56b5f468a69b45b78fb9b6b070e971d3d3kernel-firmware-2.6.32-642.15.1.el6.noarch.rpmea7a83c7ad39c16c1778763d04ec50f47b625db07bb32549755d6356c6be723fpython-perf-2.6.32-642.15.1.el6.i686.rpm56738d529a4af6ab25d587483a8b23d4eb66297985f06ce1061459c2f60e7806kernel-abi-whitelists-2.6.32-642.15.1.el6.noarch.rpmd8772a5a713ccd8ccf66504653e2693f9be9aa993b2c89aa1ea7c9090e27ba0ckernel-headers-2.6.32-642.15.1.el6.i686.rpm6ec6bdf1cb5d91994a8dd2e3be4c087e6091962c5aef9be0dc86025e8f1ce71ekernel-debug-2.6.32-642.15.1.el6.i686.rpm87a2b20c97daff759aadabeabf00b88bbeaf5ca09f5eb76db4a6a128624facd2SLSA-2017:0309-1Security Fix(es): * Quick emulator (Qemu) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the Qemu process resulting in DoS or potentially execute arbitrary code on the host with privileges of Qemu process on the host. (CVE-2017-2615) * An out-of-bounds read-access flaw was found in the QEMU emulator built with IP checksum routines. The flaw could occur when computing a TCP/UDP packet's checksum, because a QEMU function used the packet's payload length without checking against the data buffer's size. A user inside a guest could use this flaw to crash the QEMU process (denial of service). (CVE-2016-2857) This update also fixes the following bug: * Previously, rebooting a guest virtual machine more than 128 times in a short period of time caused the guest to shut down instead of rebooting, because the virtqueue was not cleaned properly. This update ensures that the virtqueue is cleaned more reliably, which prevents the described problem from occurring. After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.491.el6_8.6.i686.rpmacc9fbc36068b516f27a8048d5d42f07643faa71220ca89d09933d8b8bb13c6fSLSA-2017:0352-1Security Fix(es): * Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. (CVE-2017-2620)importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.491.el6_8.7.i686.rpm9e730ddb638ffb509b2a2f9bf025896eb97367defe11643a3fe67004c9b29315SLSA-2017:0459-1This update upgrades Firefox to version 45.8.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5407, CVE-2017-5408, CVE-2017-5410, CVE-2017-5405)criticalScientific Linux FermiScientific Linux Fermi 6firefox-45.8.0-2.el6_8.i686.rpm3ad7d36bab185466f081fa6bf23a5dfd65dda49d4b79e0acbf9ee88dd6e08ff1SLSA-2017:0498-1This update upgrades Thunderbird to version 45.8.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5407, CVE-2017-5408, CVE-2017-5410, CVE-2017-5405)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-45.8.0-1.el6_8.i686.rpm1c4351115d082070ee00c424184a587295db88e0ae3e5fca73b10dcecb097830SLSA-2017:0527-1Security Fix(es): * It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other then their own. (CVE-2016-6816) Note: This fix causes Tomcat to respond with an HTTP 400 Bad Request error when request contains characters that are not permitted by the HTTP specification to appear not encoded, even though they were previously accepted. The newly introduced system property tomcat.util.http.parser.HttpParser.requestTargetAllow can be used to configure Tomcat to accept curly braces ({ and }) and the pipe symbol (|) in not encoded form, as these are often used in URLs without being properly encoded. * A bug was discovered in the error handling of the send file code for the NIO HTTP connector. This led to the current Processor object being added to the Processor cache multiple times allowing information leakage between requests including, and not limited to, session ID and the response body. (CVE-2016-8745)moderateScientific Linux FermiScientific Linux Fermi 6tomcat6-admin-webapps-6.0.24-105.el6_8.noarch.rpm5b1e9173f10acc133e4b2423a69dae930825e7ce85fdae97d86dcc9e1820fa26tomcat6-servlet-2.5-api-6.0.24-105.el6_8.noarch.rpme377d5e4a3074598c9687e30471c4ef45312d40d5ed8b494a562c8b59e7e6c3dtomcat6-javadoc-6.0.24-105.el6_8.noarch.rpmea8016853a7d1a78e745768c32ec8750afa8ece6463756abe5c320ea25e72358tomcat6-6.0.24-105.el6_8.noarch.rpma1e705a5ee7246db14182cbceeefea237e7d09d626ff7fb9ce5709eeeafe7440tomcat6-docs-webapp-6.0.24-105.el6_8.noarch.rpm83bf6794daa975bd0300c84411c602d6ede6046cb50bd74ca913934c81c0c3a4tomcat6-lib-6.0.24-105.el6_8.noarch.rpm2280198b9fd68113650bcdf121632458836d8c63a4a95266322908b424efef88tomcat6-jsp-2.1-api-6.0.24-105.el6_8.noarch.rpmd9c68e6aa964d99eb100026f27c342d9773a1b1927aff08aee291d38cd0d2a06tomcat6-el-2.1-api-6.0.24-105.el6_8.noarch.rpm8e35a1f4b7cd8ca05549622fe14522ebdd0be5ced4405d39f2d44d0bcd3af74btomcat6-webapps-6.0.24-105.el6_8.noarch.rpmcc1ea43866eb7afe17d93428824316ab8093463ad18c185042dafc16ac1a9a00SLSA-2017:0559-1Security Fix(es): * Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163) * A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or, potentially, arbitrary code execution. (CVE-2016-9675)moderateScientific Linux FermiScientific Linux Fermi 6openjpeg-devel-1.3-16.el6_8.i686.rpm4f3a1a2e2df881c6bc043fa6972b2b4de259a2aab0ed9daef968a936362018b0openjpeg-1.3-16.el6_8.i686.rpmcaa8e3a13e4c6ab0079376c26d76479d1661fbfe45af47e097175392c893eecaopenjpeg-libs-1.3-16.el6_8.i686.rpm4441a6964c015cac4c9a4bdecdd962dafaec44be84769df2bffaeb8aa78bfb44SLSA-2017:0565-1Security Fix(es): * An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak. (CVE-2015-8869)moderateScientific Linux FermiScientific Linux Fermi 6ocaml-docs-3.11.2-5.el6.i686.rpm7b847641b92d2ec74f48d477f7181aa2d8aed3680c3609a8d8942934b3759d13ocaml-labltk-3.11.2-5.el6.i686.rpm7528f896f01294f5b2f4ea79e0149cf9e85018ec80a321542ae8e9b49d0724bbocaml-ocamldoc-3.11.2-5.el6.i686.rpmc9bcf3993a3cc8de4ac2590d25300bedd771e9be67a2bb711d7682ac74a7c615ocaml-camlp4-3.11.2-5.el6.i686.rpm639c205e2bc621826d781ae9eb7e3f7e08cecac9aeffa46f6649697cca3d8930ocaml-3.11.2-5.el6.i686.rpm0e30d70117755ba7f14c364d7dde9d0dda315064501cde60e516102533b18674ocaml-emacs-3.11.2-5.el6.i686.rpm1e874cc29f7c0a787015ea2d78965c0ef4240ef13096fbd19f75368569ca6274ocaml-x11-3.11.2-5.el6.i686.rpm244b6bbd3b2df082cf7173cb64950815b4261c3cea86ba679882344b59560806ocaml-runtime-3.11.2-5.el6.i686.rpmf6d9ad4159f9c57ea56429d66fe01947d1ca8f0491810d8db0c28d08c1d0898bocaml-camlp4-devel-3.11.2-5.el6.i686.rpmda48a898e242736acaca10bb5852ab2b45ae45785412926e8d53478c5e6f4f9docaml-source-3.11.2-5.el6.i686.rpme841e0b53e2e020fd40daf5c9f18b0ac1ca6d35d3244b1d65c15591b708e3a06ocaml-labltk-devel-3.11.2-5.el6.i686.rpm3800a804af0f57446953e11743d40670c035fb3c0d8dd233dc4c7959a37a48c5SLSA-2017:0574-1The following packages have been upgraded to a later upstream version: gnutls (2.12.23). Security Fix(es): * A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections form other clients. (CVE-2016-8610) * Multiple flaws were found in the way gnutls processed OpenPGP certificates. An attacker could create specially crafted OpenPGP certificates which, when parsed by gnutls, would cause it to crash. (CVE-2017-5335, CVE-2017-5336, CVE-2017-5337)moderateScientific Linux FermiScientific Linux Fermi 6gnutls-utils-2.12.23-21.el6.i686.rpm328ebfe5c82fed638bae3dfe9bc14d7ff56ef781d3997af5ec1c9a86524c2828gnutls-guile-2.12.23-21.el6.i686.rpme2f7bb53da9778cb790fae9dd22a7a4357f2ae344f475aa4e32aa861ee0e1e55gnutls-2.12.23-21.el6.i686.rpmf9b79851ccdbb61f7279a79ea398de57be9129ad14645802717cecb233c3a2d1gnutls-devel-2.12.23-21.el6.i686.rpm58ad8689a956cffd92e6ecbf798190a140fe9d66a473bb1d08251f949fc17778SLSA-2017:0621-1Security Fix(es): * An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance. (CVE-2016-3712)moderateScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.503.el6.i686.rpm2f744c8b536667568001cb7e5b09f2c0c5d4d501a76614b4e1fa856740ba5ca1SLSA-2017:0630-1Security Fix(es): * A denial of service flaw was found in the TigerVNC's Xvnc server. A remote unauthenticated attacker could use this flaw to make Xvnc crash by terminating the TLS handshake process early. (CVE-2016-10207) * A buffer overflow flaw, leading to memory corruption, was found in TigerVNC viewer. A remote malicious VNC server could use this flaw to crash the client vncviewer process resulting in denial of service. (CVE-2017-5581)moderateScientific Linux FermiScientific Linux Fermi 6tigervnc-server-applet-1.1.0-24.el6.noarch.rpmc205bf42bb39388fde4e9bd15f777a9b805804c84da095fe21d437ec9227f8b8tigervnc-server-1.1.0-24.el6.i686.rpm4c632dbbb7ad58affa07b5472ef46160406c724d4c5c3e3e7b4707b1a14c2f88tigervnc-1.1.0-24.el6.i686.rpm867ca7ad23a528532129ba49f07d0c063f2d9ffb255e73b34f5096208294de55tigervnc-server-module-1.1.0-24.el6.i686.rpmf3200eb0df734248354d309960c0cc9def18353bedbdcc6724669daf94dcf13aSLSA-2017:0631-1Security Fix(es): * Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2013-4075)moderateScientific Linux FermiScientific Linux Fermi 6wireshark-gnome-1.8.10-25.el6.i686.rpm6738bab7f0d6e55f6219030fe9676eddd6d69d031d073f5bbe59e42152331781wireshark-1.8.10-25.el6.i686.rpm27962e02447cecd1532d96cf8f7877ea48e145a841fa42eb74883d68425ebe20wireshark-devel-1.8.10-25.el6.i686.rpme31eed6cf9ab619d37a461785ece2bc469151944bd163e22ba7be7ad33376310SLSA-2017:0641-1Security Fix(es): * It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pam_env PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary code as root. (CVE-2015-8325)moderateScientific Linux FermiScientific Linux Fermi 6openssh-ldap-5.3p1-122.el6.i686.rpm69d0302651e86fa0a9f8180ff167b1217306aeda4324bfcf45891a7f696a5275openssh-5.3p1-122.el6.i686.rpma7c57014d7bb3c2946f68115cd5d600e399d07a16834e0213abae071eadf4166openssh-askpass-5.3p1-122.el6.i686.rpm36e786684c409d8a56b4ed123e9ac7d3d2b009af54ff36a699fac6467902b2eeopenssh-clients-5.3p1-122.el6.i686.rpm1898260f76433e9ddd0eb19b819b30ba29394f2585be93d98f38b0e81482e594openssh-server-5.3p1-122.el6.i686.rpm222b97a6a9ac4c3837bcd3a059da913d5157fc10100377439d900a71026daeeapam_ssh_agent_auth-0.9.3-122.el6.i686.rpm543cde734e09fc76a49702474e0708778a7272ff7047b94ed32817eefc474d45SLSA-2017:0654-1Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616)moderateScientific Linux FermiScientific Linux Fermi 6coreutils-libs-8.4-46.el6.i686.rpm4d370da3b34cbef77ef1096ab82a3b46e31885ad6920f3ab6eb6137e6d70f6b2coreutils-8.4-46.el6.i686.rpmd02470ea831ef14ba5ce44fe48060e0d63acb8b86b4a4cb6b3728b3a5a3e0741SLSA-2017:0662-1Security Fix(es): * It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) * A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126)moderateScientific Linux FermiScientific Linux Fermi 6samba-client-3.6.23-41.el6.i686.rpm640519fdaf6ca4311e0ba563ceff2f5b74285ed3b2c553e974446079177ded46libsmbclient-3.6.23-41.el6.i686.rpm4a0002aa8a816a6c268a074466461530b88929e2488cdbc8022a585330f8de59samba-winbind-3.6.23-41.el6.i686.rpm6c16995e2c9043a36e1aee158c36fadc1d90ec46f094637eeb8d54d57f0f02b5samba-swat-3.6.23-41.el6.i686.rpm70a6a3787f85f0e846795bcbfa863adcec9c3b6c7e2042c90449c345d7795e60samba-doc-3.6.23-41.el6.i686.rpm487c39be2cc89854757c4d8e8cc44fb02203571ee610638bf8c392853c8dc63alibsmbclient-devel-3.6.23-41.el6.i686.rpma5368298e5623b69446a5746cfc72a8ec904db29682b022c5e8739fa90945c0dsamba-winbind-devel-3.6.23-41.el6.i686.rpmd9fc9a47a5ba98b9b5622f85cb787b1c6c2cf9db7d8c798bfb5f61c01e311730samba-common-3.6.23-41.el6.i686.rpmb449d5c1a6a393e880e39c5634aad6690ecdaa567c864203c3f5a7d974ababa7samba-3.6.23-41.el6.i686.rpm23ba28ab4a0ec52f5c3dd8ab8c4359a2213dae91291b59e4e98dab4764b126d9samba-winbind-krb5-locator-3.6.23-41.el6.i686.rpm573e40e35a021c7dc2f04fe3d25362799bb8895c9326c646554cc43ff5103d0dsamba-domainjoin-gui-3.6.23-41.el6.i686.rpm44afc054533ea3d34651ab07f9d48b6fc753ab2ee5833a25f1a29691368ba8a4samba-winbind-clients-3.6.23-41.el6.i686.rpm746097bac4bb6d4c1b8b2a310d4a47631cdaf29be1bf6c959dbd65c589d0e11cSLSA-2017:0680-1Security Fix(es): * A stack overflow vulnerability was found in nan* functions that could cause applications, which process long strings with the nan function, to crash or, potentially, execute arbitrary code. (CVE-2014-9761) * It was found that out-of-range time values passed to the strftime() function could result in an out-of-bounds memory access. This could lead to application crash or, potentially, information disclosure. (CVE-2015-8776) * An integer overflow vulnerability was found in hcreate() and hcreate_r() functions which could result in an out-of-bounds memory access. This could lead to application crash or, potentially, arbitrary code execution. (CVE-2015-8778) * A stack based buffer overflow vulnerability was found in the catopen() function. An excessively long string passed to the function could cause it to crash or, potentially, execute arbitrary code. (CVE-2015-8779)moderateScientific Linux FermitrueScientific Linux Fermi 6glibc-utils-2.12-1.209.el6.i686.rpme501bd487e34eeca513943f4145f3023c9e0cf7dc5093127b8b366dd2d482ac4glibc-common-2.12-1.209.el6.i686.rpm9fbed42b3d6ea3cf837d8c9e56ea18c305edef29a282e9b0f53f32e22bd728a4glibc-2.12-1.209.el6.i686.rpm19ee5487de898c28918b5c2f782361ae7241736c8d98303510008c956ea0fe68glibc-devel-2.12-1.209.el6.i686.rpme7b5e0b047ce56d4ca7a8b6e208df8e68a07a5663c543b3178ac6138559783bfglibc-static-2.12-1.209.el6.i686.rpmdcd5c6984fa68879783e0c99970ace2b6054cfec8f300d65aeee865799ee4ecbnscd-2.12-1.209.el6.i686.rpm0fc19e61ca6a68a0c751c32cd5603a87f35c3c8974fbe08fc070e33133c40f4cglibc-headers-2.12-1.209.el6.i686.rpmc19eab8393235c906c1d6fbbbc36397f6d697850a543a35a1034fd70fa225dbcSLSA-2017:0698-1Security Fix(es): * It was found that subscription-manager set weak permissions on files in /var/lib/rhsm/, causing an information disclosure. A local, unprivileged user could use this flaw to access sensitive data that could potentially be used in a social engineering attack. (CVE-2016-4455)moderateScientific Linux FermiScientific Linux Fermi 6python-rhsm-certificates-1.18.6-1.el6.i686.rpme9d6a27ca0ff4d1dd058f0bf686541603c3e19cd85ad88489b1a740ab715a041python-rhsm-1.18.6-1.el6.i686.rpm157562c573de4057f9d210ad42d9737235ebad1969a51f1b5e962541a672ec7csubscription-manager-gui-1.18.10-1.el6.i686.rpm648cb810e8d275d5ded2171a2c88e300d928d9efef75246b311a1c9512e79a5dsubscription-manager-1.18.10-1.el6.i686.rpm87f921dc8e59c49b08498b9cd24a3b3b9a277cee332833ce04b72b1f57c895fasubscription-manager-plugin-container-1.18.10-1.el6.i686.rpm2933ef7a8a9c4d67e711f74c697f610fde44bf2ffb6f204a32bc188148ee1704SLSA-2017:0725-1Security Fix(es): * An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use this flaw to execute arbitrary commands on the DHCP client machines running bash under specific circumstances. (CVE-2016-0634) * An arbitrary command injection flaw was found in the way bash processed the SHELLOPTS and PS4 environment variables. A local, authenticated attacker could use this flaw to exploit poorly written setuid programs to elevate their privileges under certain circumstances. (CVE-2016-7543) * A denial of service flaw was found in the way bash handled popd commands. A poorly written shell script could cause bash to crash resulting in a local denial of service limited to a specific bash session. (CVE-2016-9401)moderateScientific Linux FermiScientific Linux Fermi 6bash-doc-4.1.2-48.el6.i686.rpm414a15d494ff4f0a6ca87ddbdb0ec5c5e56962c44517ef56cb4bbae89857505cbash-4.1.2-48.el6.i686.rpm35791567cb83abb698cac172846ead35b1c3eca874bbf1caf854220b24c53dbcSLSA-2017:0744-1Security Fix(es): * It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users. (CVE-2016-2125) * A flaw was found in the way Samba handled PAC (Privilege Attribute Certificate) checksums. A remote, authenticated attacker could use this flaw to crash the winbindd process. (CVE-2016-2126)moderateScientific Linux FermiScientific Linux Fermi 6samba4-winbind-clients-4.2.10-9.el6.i686.rpm56d353b605d28b58756cf1221e58c97730fbd5bfec1b71cfc7eda20253f40cfdsamba4-dc-libs-4.2.10-9.el6.i686.rpm7fc8c7e7800dd565ee624011ce352e214eb9aca703eabac050b7bd70c3053752samba4-dc-4.2.10-9.el6.i686.rpm7c6fb61b2ef28a533a8ba6d34c06fcce6f2e650bdd8f18027c4c9cd9e9707997samba4-common-4.2.10-9.el6.i686.rpm1bd6789ac1255fdd06a7ffceca7e167b3f9360bc79edab93b54fd8b60a5d6d70samba4-4.2.10-9.el6.i686.rpm400484748fb46dab7402233f8e4ee20fe4c5c1f5a53f8be8b247662b1ca0ed33samba4-client-4.2.10-9.el6.i686.rpm54e2eda75a5ca6c05fa6b860f2ce7ea117d7bae05e2cf6c887cf727c13a7b659samba4-test-4.2.10-9.el6.i686.rpm6487ddf1de421475b3394d1523e628487f0145f4678bef9b37805ed3be9287b2samba4-python-4.2.10-9.el6.i686.rpmdc3513277d1bf9fb82c084d5053d9c892f5abf5bb0af06c74c32929e8b45dc20samba4-pidl-4.2.10-9.el6.i686.rpmae3083d151282cdb4050b047659b14b32e485679a1efcf450ed02343b1f10703samba4-libs-4.2.10-9.el6.i686.rpm6bdf4bf3c5769b398982ed545ad310561be402548642f0a55a85dd4b08e7dc36samba4-winbind-krb5-locator-4.2.10-9.el6.i686.rpm270b1ef71787722604218e6f8eae8daf9b6ffa928f31a32b4b738eff748d4911samba4-winbind-4.2.10-9.el6.i686.rpm4549e45c977f78de6090aaea73e9b2f85ca49c7b764923fd90b22e697b03359asamba4-devel-4.2.10-9.el6.i686.rpmda5544b83c1e1276544ed0d0962f6e586920e8afec67820a955b80324feea760SLSA-2017:0794-1Security Fix(es): * A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker could use this flaw to crash the zebra daemon resulting in denial of service. (CVE-2016-1245) * A stack-based buffer overflow flaw was found in the way the Quagga BGP routing daemon (bgpd) handled Labeled-VPN SAFI routes data. A remote attacker could use this flaw to crash the bgpd daemon resulting in denial of service. (CVE-2016-2342) * A denial of service flaw was found in the Quagga BGP routing daemon (bgpd). Under certain circumstances, a remote attacker could send a crafted packet to crash the bgpd daemon resulting in denial of service. (CVE-2016-4049) * A denial of service flaw affecting various daemons in Quagga was found. A remote attacker could use this flaw to cause the various Quagga daemons, which expose their telnet interface, to crash. (CVE-2017-5495) * A stack-based buffer overflow flaw was found in the way the Quagga OSPFD daemon handled LSA (link-state advertisement) packets. A remote attacker could use this flaw to crash the ospfd daemon resulting in denial of service. (CVE-2013-2236)moderateScientific Linux FermiScientific Linux Fermi 6quagga-devel-0.99.15-14.el6.i686.rpma701c3d18347bfc83ddad14e2bebe8851e487940d7ed01dd29876209fa3b2b65quagga-0.99.15-14.el6.i686.rpm0a521b41c957aa47565dabd92e9357314aac6367b870f6ab126b2ec03d33a8c4quagga-contrib-0.99.15-14.el6.i686.rpma55c4d701a5e6116c3527c47c36fd607deeee70946929875d6d01a3219aa5ae6SLSA-2017:0817-1Security Fix(es): * It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow (in scenarios in which actual fragmentation of packets is not needed) and could subsequently perform any type of a fragmentation- based attack against legacy IPv6 nodes that do not implement RFC6946. (CVE-2016-10142, Moderate) * A flaw was discovered in the way the Linux kernel dealt with paging structures. When the kernel invalidated a paging structure that was not in use locally, it could, in principle, race against another CPU that is switching to a process that uses the paging structure in question. A local user could use a thread running with a stale cached virtual->physical translation to potentially escalate their privileges if the translation in question were writable and the physical page got reused for something critical (for example, a page table). (CVE-2016-2069, Moderate) * A race condition flaw was found in the ioctl_send_fib() function in the Linux kernel's aacraid implementation. A local attacker could use this flaw to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value. (CVE-2016-6480, Moderate) * It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks. (CVE-2016-7042, Moderate) * It was found that when file permissions were modified via chmod and the user modifying them was not in the owning group or capable of CAP_FSETID, the setgid bit would be cleared. Setting a POSIX ACL via setxattr sets the file permissions as well as the new ACL, but doesn't clear the setgid bit in a similar way. This could allow a local user to gain group privileges via certain setgid applications. (CVE-2016-7097, Moderate) * A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). (CVE-2016-8399, Moderate) * It was found that the blk_rq_map_user_iov() function in the Linux kernel's block device implementation did not properly restrict the type of iterator, which could allow a local attacker to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging write access to a /dev/sg device. (CVE-2016-9576, CVE-2016-10088, Moderate) * A flaw was found in the USB-MIDI Linux kernel driver: a double-free error could be triggered for the 'umidi' object. An attacker with physical access to the system could use this flaw to escalate their privileges. (CVE-2016-2384, Low)moderateScientific Linux FermitrueScientific Linux Fermi 6python-perf-2.6.32-696.el6.i686.rpm37cc9a8888d1bcbdf0a212a3e1772e08d131b5ad1845658e2d3d6701649090dbkernel-devel-2.6.32-696.el6.i686.rpmc65fa6da96ce34002bd8abb3a101770194a62a0a25a38c1555cb4f0d6189bb71kmod-openafs-1.6.20-1.SL69.sl6.noarch.rpm992d75a446ba1607f4c3c150da54734fdfd64ba16f3ef628e65ca949388786bckernel-firmware-2.6.32-696.el6.noarch.rpm0c6698e1d158e5a5fc4bb241e1f330c8167ecff0ddddf6cd67d4f9e8c526f4aekernel-debug-2.6.32-696.el6.i686.rpm6ec4375dfd12088b471cbea7b3c471c2a830dc2d59523ef84712df163b442a25kernel-headers-2.6.32-696.el6.i686.rpm3bec0ffb5267680541fdcabd94007d578e3764fb86af66c9e20c5a992b3409e7kernel-2.6.32-696.el6.i686.rpm3bd3801394406af4f4f0ca5a2a0e2479959263db55a82f0d93bcf24097f4b8d2kernel-debug-devel-2.6.32-696.el6.i686.rpm25a8e77adb41b97b7239edc9eec0d389a081cc3615710d7489a1649c27734e2ckernel-doc-2.6.32-696.el6.noarch.rpmfb228f439e308f22fe95bb40c8040aa48aa10b1e9beab156632186a49bd5ab01perf-2.6.32-696.el6.i686.rpm2875143edd973cd32ffc6afd2c536c6e064d2993a3199d53525c8b6b16b22e8ckernel-abi-whitelists-2.6.32-696.el6.noarch.rpm373fc25e40b0055243999fdc6accdcee6af21e033ba3fa8a2d898d300a535185kmod-openafs-696-1.6.20-256.sl6.696.i686.rpm55eb788a0f93586611d5c0bf89d981553c58fc28bc9c5e726fa4960e797308d8SLSA-2017:0847-1Security Fix(es): * It was found that the fix for CVE-2015-3148 in curl was incomplete. An application using libcurl with HTTP Negotiate authentication could incorrectly re-use credentials for subsequent requests to the same server. (CVE-2017-2628)moderateScientific Linux FermiScientific Linux Fermi 6libcurl-7.19.7-53.el6_9.i686.rpm5bbc01fe12b11dcaff88c84555839fa0d8ced7475befb2ef0645fe82c53d72falibcurl-devel-7.19.7-53.el6_9.i686.rpmb723bd289740d91c37ead4ad92e9ee01d201e59e0d10944afff717028d913729curl-7.19.7-53.el6_9.i686.rpm77a51eda3454ff13064b7b3dfb8a69243f4715f25d5e06c2f37d20a66a2d4016SLSA-2017:0892-1Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A flaw was found in the Linux kernel's implementation of seq_file where a local attacker could manipulate memory in the put() function pointer. This could lead to memory corruption and possible privileged escalation. (CVE-2016-7910, Moderate) Bug Fix(es): * Previously, Chelsio firmware included an incorrectly-formatted firmware bin file. As a consequence, the firmware could not be flashed. This update provides a firmware bin file that is formatted correctly. As a result, Chelsio firmware can now be flashed successfully. * When multiple simultaneous processes attempted to read from the /proc/stat file, spinlock overhead was generated on Non-Uniform Memory Access (NUMA) systems. Consequently, a large amount of CPU was consumed. With this update, the underlying source code has been fixed to avoid taking spinlock when the interrupt line does not exist. As a result, the spinlock overhead is now generated less often, and multiple simultaneous processes can now read /proc/stat without consuming a large amount of CPU.importantScientific Linux FermiScientific Linux Fermi 6kernel-headers-2.6.32-696.1.1.el6.i686.rpmebf56a961846da998ea9ab41ce2e5ac8a21afc1fcf7e0568eca2c4bea9fd8deckernel-debug-2.6.32-696.1.1.el6.i686.rpm430256c44e7f29b115fb55215208bfaa276b2e8c46cc58d5853a9118b8814c63kernel-devel-2.6.32-696.1.1.el6.i686.rpmc621c70a1a0469b2304dacda0e292cb174168e93d9ee8a8209189ab1db33acaapython-perf-2.6.32-696.1.1.el6.i686.rpm03b31fb49eb99083f2db50652bc03c3da8c7537bd21461a0543d77ee99ba00f7kernel-firmware-2.6.32-696.1.1.el6.noarch.rpm99251ff0907542bd7fd8bf2bd89548df6ab158d06b2591dc834cdf5c3146fc01kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm152b8060c254955fe8c240f1050ac698518e1f35a10c3532f226aae117dcedbakernel-2.6.32-696.1.1.el6.i686.rpmdc614ed4e5bd19aa33593fd4228fd8564801a4f2a6290cc2496f36d1715687c4kernel-doc-2.6.32-696.1.1.el6.noarch.rpm260f9ad642f08d9100a572a96305a661ca619add94c6c9ef3e8141460f185366perf-2.6.32-696.1.1.el6.i686.rpmee78b5bf93bcc3e32bcd66471bc99711844f5e094c94b28b7466b262e240cef3kernel-abi-whitelists-2.6.32-696.1.1.el6.noarch.rpm05d7b53bb95ca3ad750e6d569f27a6531b3e50979592ab0f0f9c6e15bf0921ccSLSA-2017:0893-1Security Fix(es): * An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. (CVE-2017-2668) Bug Fix(es): * Previously, the "deref" plug-in failed to dereference attributes that use distinguished name (DN) syntax, such as "uniqueMember". With this patch, the "deref" plug-in can dereference such attributes and additionally "Name and Optional UID" syntax. As a result, the "deref" plug-in now supports any syntax.importantScientific Linux FermiScientific Linux Fermi 6389-ds-base-1.2.11.15-91.el6_9.i686.rpm5b153df07313fe1eaf9d03571aa31e7a82dc8f1539f25206144a497d575d87dc389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm472cc03be66eccdccc246531706b5b3c02dd4c4358294f1b0fed36f63055a7d1389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpmb3fd82a5f4c54bf59adfbe3d51349111e872806340e2bfbdb27b76e40e55cd0fSLSA-2017:0979-1Security Fix(es): * It was found that LibreOffice disclosed contents of a file specified in an embedded object's preview. An attacker could potentially use this flaw to expose details of a system running LibreOffice as an online service via a crafted document. (CVE-2017-3157)moderateScientific Linux FermiScientific Linux Fermi 6libreoffice-langpack-uk-4.3.7.2-2.el6_9.1.i686.rpmf4b6b1cee6aff631d80a5858b047e6da5af5615740120899f30e1a54af2c241blibreoffice-langpack-hi-4.3.7.2-2.el6_9.1.i686.rpm8d598eeb756f0cbd541a87182f48312bf1a9a86c588c9b357a5dc7cfb826f543libreoffice-langpack-ta-4.3.7.2-2.el6_9.1.i686.rpm5b3997e43304af0ae2db21737aab8943e63a6cef4a086c96ae73d4825b048455libreoffice-langpack-zu-4.3.7.2-2.el6_9.1.i686.rpm64a9328646fc65ca7c109015c56402b4cad85e94a5155ab4ad3ffe41075bcdc4libreoffice-langpack-ro-4.3.7.2-2.el6_9.1.i686.rpm8d302f6f7073651770c31101bff8dbc9af60cac089993625f8baa83160d011faautocorr-ro-4.3.7.2-2.el6_9.1.noarch.rpm069b7f785f4fff02f70970193e0a2c9c7e09c4f5131b09d83d3786a22dcb0edblibreoffice-nlpsolver-4.3.7.2-2.el6_9.1.i686.rpm57f63c99fcf1ca5e580bdc92c3e0d0c013a82c8e0f8c4905ed52177205a96d86libreoffice-ure-4.3.7.2-2.el6_9.1.i686.rpm1284b459af30f725a9793f0ae806dab3c7bad8d6f973007fb61c9c9234f6085clibreoffice-langpack-it-4.3.7.2-2.el6_9.1.i686.rpm5983f9da296f0adddd723fc74c3986e43eefeb3d1d9399d81bf2f4798d422a85libreoffice-langpack-tr-4.3.7.2-2.el6_9.1.i686.rpmaa7ae29f9e3112b125db205de4cb5920c1a4efb4c386caf412d9d061a0bc41fclibreoffice-math-4.3.7.2-2.el6_9.1.i686.rpm0a14c47250b37d44745d3833de898febc0ba0e379696bf27d2c94ab887eae87clibreoffice-4.3.7.2-2.el6_9.1.i686.rpm9377f2a8df84a8ddd65463a0c5de96793912c22704da6307901e6b95ee3874d0libreoffice-base-4.3.7.2-2.el6_9.1.i686.rpm506acad8976565e077046af2e7d2889598ffc2531fbfb6b5890937f83c41ba3cautocorr-bg-4.3.7.2-2.el6_9.1.noarch.rpm64033fac639e2edd9b6c8e1a7e63c369cb1fff881df021472fe1c13b8aece486autocorr-cs-4.3.7.2-2.el6_9.1.noarch.rpm2154934563d2380e3b827a156f8621ae84f697ea4f4a757b0c2aaf812367c3baautocorr-hu-4.3.7.2-2.el6_9.1.noarch.rpm531b3b4aa2a290b9566d22f51164807b7f4362fccb4bcb2bf8e561c1044e16d5libreoffice-emailmerge-4.3.7.2-2.el6_9.1.i686.rpmdf0792c572cbaef75aad281b1fa620567774cd8676ffd42e968a25b798451c73autocorr-sk-4.3.7.2-2.el6_9.1.noarch.rpmce7974e9a0c5ec4f4d10ae2a20493c42945c6d2517bb07e3058c530fff3e923clibreoffice-langpack-mr-4.3.7.2-2.el6_9.1.i686.rpmec998a0873d2d3a3f8377794c1d90f85ab28700b6093f2d83e693af233839cdblibreoffice-langpack-nr-4.3.7.2-2.el6_9.1.i686.rpm106270a7da6420b6735d7715f8457b598e2ca95481d07e17051392b8aa12117blibreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.1.i686.rpme2a9ad44ff88c751a53e50bbc8c63f8ba0d0031bd16ba9a63e52513e224a5a34libreoffice-langpack-ja-4.3.7.2-2.el6_9.1.i686.rpm21fcf2d902eac9db1658f2a845121a8374cc4ffa72c90b901cb11ef7cc37bea4libreoffice-langpack-sl-4.3.7.2-2.el6_9.1.i686.rpmbe0fb4aca9a70dffd834beb3182142efae61a9fc1859a06a603ee81765c74b41libreoffice-langpack-cs-4.3.7.2-2.el6_9.1.i686.rpm111b8373fde085efebfe58ced1fc2d66f26dd3240ad8fcf6ca067176a71cb72flibreoffice-langpack-te-4.3.7.2-2.el6_9.1.i686.rpm6cf4d4f32ae6e6761aacbee8edfc1644cb8797970156e9ae44772eddd0cb9663libreoffice-gdb-debug-support-4.3.7.2-2.el6_9.1.i686.rpm7b3afd43e8fb2ee32149e9c20afd31b989e127434cb0ede1290c4e82ff40bd27libreoffice-calc-4.3.7.2-2.el6_9.1.i686.rpm3f3bff1d76250aebcc4f424919bcf61952e4bcc80ffdd47e5145995a096c4ae1libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.1.i686.rpmee122225c9bcf75103e6d66aa377713b2b1309a61dd006962699d93c2800bb78libreoffice-langpack-es-4.3.7.2-2.el6_9.1.i686.rpm6749e90b47ef0dbc14f68f6b42c0225e133b0eced195f38dd368c9e6bd316130libreoffice-langpack-gl-4.3.7.2-2.el6_9.1.i686.rpm6ec6bdc9853be5ebb431c94f5d63087048b16509165d7dfc4d1b3018010a77calibreoffice-pdfimport-4.3.7.2-2.el6_9.1.i686.rpm48e19d4098f58617021ee86ed7a647924b9dc13d815a4af3299090415c350cf1libreoffice-langpack-nso-4.3.7.2-2.el6_9.1.i686.rpmc062fb74be32a4f63c712791373bdb489c9782bddc3042f4f85170da4497a679autocorr-sv-4.3.7.2-2.el6_9.1.noarch.rpm4f05489a659db751a27aa5e9a06896326f9afd04779148d969a414fa665d9ecalibreoffice-langpack-pl-4.3.7.2-2.el6_9.1.i686.rpm26183eb84140f030add069aaae4e805e3546163489b2064dce82a860427d82a5libreoffice-glade-4.3.7.2-2.el6_9.1.i686.rpm9a80c906e2cd1e8f7ae5471346e70a27b5ca52f4818d4d22a7b3ee9dacb82cfflibreoffice-langpack-ga-4.3.7.2-2.el6_9.1.i686.rpm5c6f8413684576890bc98fff3a73b6d21b86d5b41ee2b35ef821128339a26c31libreoffice-langpack-eu-4.3.7.2-2.el6_9.1.i686.rpm810a03b3ea1bd53d2bba51bd46689a557d2f83c2fa08307db41fa8b8472606cfautocorr-is-4.3.7.2-2.el6_9.1.noarch.rpm50b80dd7b0ef8b80e7b38d43dbe3240544911af61475098f7e40abd02938dc7eautocorr-fi-4.3.7.2-2.el6_9.1.noarch.rpm5b11a0f1cb83bde880b62e187dbdfdddc9ec5f0a23f6c4352ee0abefe139a3d8libreoffice-langpack-fr-4.3.7.2-2.el6_9.1.i686.rpm5df27ce6fd66be699756b3039e2d7eb65f2e16408425f6833aeaddd858d00786libreoffice-langpack-st-4.3.7.2-2.el6_9.1.i686.rpmea97f02ce661ea25819712058dfd30c42daedb86eb30cc1c4cabbad825f78d03libreoffice-rhino-4.3.7.2-2.el6_9.1.i686.rpme38b5bbf23ad2176517dcc6a0c3ab7a874519244afd4881999f92a7e49062329libreoffice-langpack-ve-4.3.7.2-2.el6_9.1.i686.rpm889ba5638ad258e9d5ab55e7d9c451e6a52810369b6ce5e895ab854d7a802851libreoffice-langpack-de-4.3.7.2-2.el6_9.1.i686.rpm22ac22ffe71df390855a52b3cd2d80372039efd456e923495445f567ee660a4clibreoffice-langpack-ms-4.3.7.2-2.el6_9.1.i686.rpmc3be62d8426d3d79671c97576597ccba66bf1283edc5642589549826e3f3b243libreoffice-opensymbol-fonts-4.3.7.2-2.el6_9.1.noarch.rpm1191cc77a91c3df807a36005a7952c3118e995532ad8c13c3bdf9a657bf6c29blibreoffice-langpack-ko-4.3.7.2-2.el6_9.1.i686.rpmab563e813d17c535475338a13249a1e7b782d0bee93b40500e9288e6aaaddcb5autocorr-ja-4.3.7.2-2.el6_9.1.noarch.rpm5a67147b4e9dc4b93db0dbc20d581665ec9afa6c55ea51791afe6746fc4340edlibreoffice-langpack-nl-4.3.7.2-2.el6_9.1.i686.rpm8470e50801dc9ba0a209f5cd7182c1c2764b69f1bfed3483107ee22e0bb710f0autocorr-pl-4.3.7.2-2.el6_9.1.noarch.rpmad322e797da44d9709da666b83e2f2ef764584bb76843a9b34b483c874245ae5libreoffice-langpack-el-4.3.7.2-2.el6_9.1.i686.rpm1f8ad3c7e05155b677963bfeaf63ee76218197ff2897190d059906f7753ea9edlibreoffice-langpack-sk-4.3.7.2-2.el6_9.1.i686.rpm3e9b2d48820ea7a025e61347111abf62cbf6d3b0d8e91019e43243d5a8bc5d02libreoffice-langpack-ts-4.3.7.2-2.el6_9.1.i686.rpm4564a01f7b8d1894c931e0ef2955ba73c48397594f9d154ab2dec58022d6fba4libreoffice-officebean-4.3.7.2-2.el6_9.1.i686.rpmead8d7682bcfb18d03b7251236afe54c0c964492d479f5c96444ffb5c47a1d95libreoffice-langpack-ml-4.3.7.2-2.el6_9.1.i686.rpme4e611cb58c411d76270264bfcbfd6552f8657500867f1383bc663e0ef47ea7flibreoffice-langpack-kn-4.3.7.2-2.el6_9.1.i686.rpmf6d8b0e34788696ca7fcde2561f8055f7455775e0e92539e4b6fdfd4c006ab20libreoffice-xsltfilter-4.3.7.2-2.el6_9.1.i686.rpm44663b9f70ea6f77da6eaa811f300ab51ee818fae08eef4603949cc12a7a2049libreoffice-langpack-dz-4.3.7.2-2.el6_9.1.i686.rpm29754b09cfa04fdda6c6b4d720123b0a7048b363d33a891ecfab21b563564e50libreoffice-langpack-en-4.3.7.2-2.el6_9.1.i686.rpm97cc9544f72273ecccedf2605a6dc2a70e0345964ca8231d2c6afe17a9cff32bautocorr-it-4.3.7.2-2.el6_9.1.noarch.rpm95d95a26541b13ff8d4de01cde064a01164e5d6265fcd4e1e5122db096f95235libreoffice-draw-4.3.7.2-2.el6_9.1.i686.rpmec95e2ad8d67a5379dc3a19717d7807ed9a31a5c15498d2ad70f3264dcded3b5libreoffice-langpack-nb-4.3.7.2-2.el6_9.1.i686.rpm29f89de220ce22ff4c05c3489e7a548449ff8bc8519bfe402d22acb87844e0bblibreoffice-langpack-he-4.3.7.2-2.el6_9.1.i686.rpm4f68b571f6559763b3c1585463b3da983d0c47586ccf35467ef755a13cb8ea80libreoffice-core-4.3.7.2-2.el6_9.1.i686.rpm4a65c3bc1c624c899f7d9500aefe352c0208a661b6ea7936208b3ea468a75478libreoffice-langpack-th-4.3.7.2-2.el6_9.1.i686.rpm87d45f2d0f80a5d7b90f2b5327b8139a22f289e444828a2b27220fad75f43fc3autocorr-ca-4.3.7.2-2.el6_9.1.noarch.rpmdf1032de82277a7a7101dc0d05ea1b97ec12bfd6b2d00652616a8036813401dclibreoffice-langpack-da-4.3.7.2-2.el6_9.1.i686.rpmd06c03f7d157e1ed60de245b132ec378c643514dca5391575d57226353d55b5fautocorr-pt-4.3.7.2-2.el6_9.1.noarch.rpm9b89a93a9d29b3701a96029d9193124271ca8bdaf1804d178daa5e96e329317elibreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.1.i686.rpmff6c7d4c9d5548932cecbe13f23d04ba578dee91606b2e96d1f84c7c3c900852libreoffice-langpack-mai-4.3.7.2-2.el6_9.1.i686.rpm8e1806ca0061348db2b7ed1b37fc86c011864ad0da2580941b7183931f1ec3cbautocorr-nl-4.3.7.2-2.el6_9.1.noarch.rpmd403e2cfdabfee3bc9c450bd3267c749cc020137a87b04cf69fb9f3fdecc98c1libreoffice-filters-4.3.7.2-2.el6_9.1.i686.rpmec5bfaf6aafe709e89451e8bb88d6095e4706c0c0538344be71203b559a36ebclibreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.1.i686.rpm8963fd9f41cb62f119b31e361ed023cec73482e7dab4cb24aee7a143908dc6f0libreoffice-langpack-sv-4.3.7.2-2.el6_9.1.i686.rpm0009470cadd8d22fbe1c987995282c5d801ed4f4c4055fc239180a5b31557e9clibreoffice-langpack-gu-4.3.7.2-2.el6_9.1.i686.rpmf6e1a18fb10b7f8a2a8cf6bc61fe75af7c82e2c549780f828943a39154df6f5elibreoffice-langpack-cy-4.3.7.2-2.el6_9.1.i686.rpm75b47e0786a13523c8769b40a92e9fd9d04fe60cf6f94b3dd43908f68706e2f0autocorr-lb-4.3.7.2-2.el6_9.1.noarch.rpm6018a4afe121ba4d9ea2e037a3e9d0de4f9589c371e4aee331e28ab1d5a34ed9libreoffice-langpack-ar-4.3.7.2-2.el6_9.1.i686.rpme243a34f6f2161bfd9b25568f27476951e429db9a7b7f4f5362c93806bd9b2f0libreoffice-langpack-ca-4.3.7.2-2.el6_9.1.i686.rpm3eb28393aa22bf34c799fa59d19c0cf0d3aa055952f57518910cbc6765a8a0b8autocorr-da-4.3.7.2-2.el6_9.1.noarch.rpmfab318f93e0d14c5edbd33794e164d8c096cc181e914da77a15133b430fbb897libreoffice-langpack-et-4.3.7.2-2.el6_9.1.i686.rpm8ba11180c040b91f173febf2b6161c470499f713fd80ff7bced79dbf493408eblibreoffice-langpack-ru-4.3.7.2-2.el6_9.1.i686.rpm43eed43736f55d5ddf07827a6a740dc35aea9d4d8f8d8a8b95f3600971d3f231libreoffice-langpack-sr-4.3.7.2-2.el6_9.1.i686.rpm7ba12e4bd6be2a18772e408d4d13fdd9e1ac82ef53c56728d7670ae88b7f62calibreoffice-langpack-hu-4.3.7.2-2.el6_9.1.i686.rpmb3fe4dcd5eb26538971160e0cf33d5ca3de2ba6cd230e0967061bcb2e3ae3d70libreoffice-langpack-ur-4.3.7.2-2.el6_9.1.i686.rpmfa67fea17f5de8d483f6ba19df48216c322a02ca335b560c487c476e97c154bdautocorr-tr-4.3.7.2-2.el6_9.1.noarch.rpmce60697f8aaece914e0964d8254f1cfa0f9e6e7c39d0f5a65f5e31c9fbe11e07libreoffice-pyuno-4.3.7.2-2.el6_9.1.i686.rpmf15ff2a6655d397442023863302a525424f7a830e338ffe7433e01cbbcdfdc7aautocorr-sl-4.3.7.2-2.el6_9.1.noarch.rpm110df20e48f93c1eb7ee281e397c7318dac41bb9b473c4c36fe792af57844fd5libreoffice-langpack-tn-4.3.7.2-2.el6_9.1.i686.rpm787b7159afe2db92cff82bf4f0a379045f196063ef897ca86ee5f76c82ee4960autocorr-zh-4.3.7.2-2.el6_9.1.noarch.rpmb4e0ae19e5f630e77f41d06b2681c7475fadfb8fd100b6d36f55b4f17e95f8f3libreoffice-sdk-doc-4.3.7.2-2.el6_9.1.i686.rpmf6099fddf1ec8d1786e4aa2ec670f93d7518f342d7023c1510aa6b648f6029cblibreoffice-langpack-or-4.3.7.2-2.el6_9.1.i686.rpmf38709696b74c1e9a75fe76e43eefb2934dbe38e95d8ebc1db1abc90e6321154libreoffice-langpack-xh-4.3.7.2-2.el6_9.1.i686.rpm59bac6a9c6fe77c5b41422a9af522c9876d905da81fe477c43a88cb3f3c72a13libreoffice-langpack-hr-4.3.7.2-2.el6_9.1.i686.rpmb80c3dbe83eccc5524940aefbce38ad1059e45c25732f1363e1492a13a27ef3clibreoffice-wiki-publisher-4.3.7.2-2.el6_9.1.i686.rpm46735614d89ed654e29d3696e3fe26c25128a97f4958fac2775ecdf25d68cbf2autocorr-vi-4.3.7.2-2.el6_9.1.noarch.rpm3cfbf3b3afe292e05482014e9fc6b0f58da4f19389a6e9e1f78d58d8876149ealibreoffice-langpack-pa-4.3.7.2-2.el6_9.1.i686.rpma2a56141d757d0bc2f0ab1659564ac8099845919db93210202aff5f39e394ff1autocorr-ga-4.3.7.2-2.el6_9.1.noarch.rpm2826ca3d0def0e03bda200f522eb61eec278b0ae1ab41c08c1c79f8cce9c6d70libreoffice-langpack-fi-4.3.7.2-2.el6_9.1.i686.rpm47752445b5ce6fffd2d54a9b3b89c4f5b9044870c6b83e957bfcca951cbbc5d2libreoffice-langpack-lt-4.3.7.2-2.el6_9.1.i686.rpmf82f926b1159de08d3ffd50fb3a235800b94f9326b510f8307bdb58a52afd1d9autocorr-de-4.3.7.2-2.el6_9.1.noarch.rpmd1abca34872ddcfe0084e55d8a3f7a6c4d7ab0878660c13d431e7b79cda60e5blibreoffice-ogltrans-4.3.7.2-2.el6_9.1.i686.rpmcf3d643475013177fe8f8a50d8728792b1d388f6b607b17eaebebcf5220fa7d7libreoffice-librelogo-4.3.7.2-2.el6_9.1.i686.rpmb963c58f4f347410ebd16c157208a3e2b3f18c840dfddc55f32c1b20d16eba5dautocorr-fa-4.3.7.2-2.el6_9.1.noarch.rpm0a1d3714cc91b7fd173dce175de1764c20777f40366f98fd21da67ade7e7b2b5autocorr-mn-4.3.7.2-2.el6_9.1.noarch.rpm9a10d7f1895eca409cd71ad0d0dbf8d841e86742804bd76d9fbe838d228fe850autocorr-ru-4.3.7.2-2.el6_9.1.noarch.rpmb49204e083a263ce3d1305c37d2fef050949010ac2cd81c47333a91bd375d659autocorr-en-4.3.7.2-2.el6_9.1.noarch.rpm75a7cd41c017f985b53a1b017955003d50aaa289b431cf8a017ce8e1c5ec441eautocorr-af-4.3.7.2-2.el6_9.1.noarch.rpm1c2f4cb40ca90b5c5a70d20b2b6d6c61b0daa9e0c7b9e9de4a59e1843e71b1cclibreoffice-bsh-4.3.7.2-2.el6_9.1.i686.rpm831e9b18a7a65f37281dd3ed927fff65240e1a3d4c76a08237cd94c022023af5libreoffice-langpack-as-4.3.7.2-2.el6_9.1.i686.rpm89c8a06dc022745eab2a76f29427272193aca72f78c943a608cd6506ec2ef9f3libreoffice-langpack-bn-4.3.7.2-2.el6_9.1.i686.rpm4d902e97a51c8e4be2eaf927724856129c52bc87c25f959d024f6504ae80e7f6libreoffice-headless-4.3.7.2-2.el6_9.1.i686.rpm3a9aa3d3c76550b319e5d9e51697b8063717c15dd7debfe9d3abb12e700d7d74libreoffice-langpack-bg-4.3.7.2-2.el6_9.1.i686.rpm35e6aad0390d3ba1ce60f8caedb9b5ce91ba067de6a0ba3909ed92e08d572c86autocorr-lt-4.3.7.2-2.el6_9.1.noarch.rpmefda3860a2142487504c79780d1654a0fe9bd3a3ffadfbe3cc381423930bb825libreoffice-writer-4.3.7.2-2.el6_9.1.i686.rpme32fb280c5ae23d052c461a533ce9d3d89371efb9798cca7378fe0b643331e81autocorr-ko-4.3.7.2-2.el6_9.1.noarch.rpm9e235e3d7432cac5f596e789f12a399a0c5ad997c235e0a87aff692118c8aa29libreoffice-sdk-4.3.7.2-2.el6_9.1.i686.rpmb86e6ad376234b895910d3f2a764e8302eb4506c3113773e727f4f527df7320cautocorr-sr-4.3.7.2-2.el6_9.1.noarch.rpm398180ec0adc988cbe0d8151add86acd6c29c8a6db379ef56e20599b72f93164libreoffice-graphicfilter-4.3.7.2-2.el6_9.1.i686.rpm0df36ad3c998e237371ef76b63e18d071eb3842339d5b43df7f7894b1be5bcaeautocorr-es-4.3.7.2-2.el6_9.1.noarch.rpmad834f03e60d4aa6661daa0f2fc8e7b0de0e6de454712189d687f7ec08f8605dlibreoffice-langpack-af-4.3.7.2-2.el6_9.1.i686.rpmd19d7a3ea59106cb0de76167c421c1d5ef84b5c6e3e75ea47865de5faf8a9742libreoffice-impress-4.3.7.2-2.el6_9.1.i686.rpmc389d05be65ae587bcdfb95391960ce02833cc9918e328368c84b7c8011e9343autocorr-fr-4.3.7.2-2.el6_9.1.noarch.rpma880ddb5e3a6293a08744d314f0bfea84d7cff371733b75b26003139b89f4961libreoffice-langpack-ss-4.3.7.2-2.el6_9.1.i686.rpm131259f4da9cc13b87efbb59bd57a1c2af375785146d376d1921a7e7f7f51ef8autocorr-hr-4.3.7.2-2.el6_9.1.noarch.rpm3f2e3896b81581e93ab5df96850e9546c3a4021f047f079ff61d40503fc0575dlibreoffice-langpack-nn-4.3.7.2-2.el6_9.1.i686.rpme30a4f6d6087a713aa2441d68e379280bf37de03eafb165d7530b0a7501a8114SLSA-2017:1100-1The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.28.4), nss-util (3.28.4). Security Fix(es): * An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2017-5461)criticalScientific Linux FermiScientific Linux Fermi 6nss-pkcs11-devel-3.28.4-1.el6_9.i686.rpm61935696953f1d5b878e854c59245ded87a1bb771c82814cd6b617124c9c7641nss-util-devel-3.28.4-1.el6_9.i686.rpmd2bdde78314d6652a0966773abf7703510bb2f9d4efa53b2b91387d73c61347enss-sysinit-3.28.4-1.el6_9.i686.rpmc8ff4e583b62edc1ae770a1dc6b963cad8c0a38c02f83b5b232e62cabb0c55b0nss-3.28.4-1.el6_9.i686.rpm341424f107605e2efa56ea377f9da8108ae2db0ab0832e49c85ffc8568c9d84fnss-util-3.28.4-1.el6_9.i686.rpm03323817a4f703171f29d59953383e72e2347a8efdb81079716033b48f2a46dbnss-tools-3.28.4-1.el6_9.i686.rpm3869746474095c202e68aa8f8e593aa144ab2e37620ffc6d313e9c8e3e3ceee5nss-devel-3.28.4-1.el6_9.i686.rpm162d85a3cba111cacafb841c6c71583a0e5c191ef3737455bbe74252f607b210SLSA-2017:1104-1This update upgrades Firefox to version 52.1.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-5429, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5449, CVE-2017-5459, CVE-2017-5460, CVE-2017-5464, CVE-2017-5465, CVE-2017-5469)criticalScientific Linux FermiScientific Linux Fermi 6firefox-52.1.0-2.el6_9.i686.rpm49e7f0ff9785650d857af6d3a14a5975a41fcfaf412be3badebe9c7ee3d717b8SLSA-2017:1105-1Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2017-3137) * A denial of service flaw was found in the way BIND handled query requests when using DNS64 with "break-dnssec yes" option. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3136)importantScientific Linux FermiScientific Linux Fermi 6bind-libs-9.8.2-0.62.rc1.el6_9.1.i686.rpm86e74bc8ea7ac4c4263bd4acaa823a3c3534eab4b69b09f6ff26a10c0d615473bind-sdb-9.8.2-0.62.rc1.el6_9.1.i686.rpm1621c0fa9e4e577fb13ebcdaf0d5e7e1a5fb300de044a59041d4bb3c5e6ed2e6bind-utils-9.8.2-0.62.rc1.el6_9.1.i686.rpm53982eb9292e15bfebfdc8aebf171ace192e033807b863d096c4312679192174bind-9.8.2-0.62.rc1.el6_9.1.i686.rpm52bb000e478933684d71a7df3fcb7ed3b01d615b9c74e1327c413db346d920a6bind-devel-9.8.2-0.62.rc1.el6_9.1.i686.rpm94cded554f19814271e13b43b5bfe065537432243caba3ea5635fc07c67c32d4bind-chroot-9.8.2-0.62.rc1.el6_9.1.i686.rpmc71ebb0e4ff130425534918ef31ec2d070a7fc7a43e3162d1aa24e5535912d6dSLSA-2017:1109-1Security Fix(es): * An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges. (CVE-2017-3511) * It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory. (CVE-2017-3526) * It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user. (CVE-2017-3509) Note: This update adds support for the "jdk.ntlm.cache" system property which, when set to false, prevents caching of NTLM connections and authentications and hence prevents this issue. However, caching remains enabled by default. * It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2017-3539) Note: This updates extends the fix for CVE-2016-5542 released as part of the SLSA-2016:2079 erratum to no longer allow the MD5 hash algorithm during the Jar integrity verification by adding it to the jdk.jar.disabledAlgorithms security property. * Newline injection flaws were discovered in FTP and SMTP client implementations in the Networking component in OpenJDK. A remote attacker could possibly use these flaws to manipulate FTP or SMTP connections established by a Java application. (CVE-2017-3533, CVE-2017-3544) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.moderateScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpmce541104c6e4a6030f161c2d0ed33e3ff9ab496b53bd53cb24a2b42d1197a437java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.i686.rpm5df9c297e23cc2a465306ad053274f9d5806f164806fdb19805273c423df7033java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.i686.rpm8b3822aa200da0a4e1a83a59cc9ee1dbfe625e76561d8bebdba7670f02530ad3java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.i686.rpm1fde1b4287ed70209bd7581404b92c9616e294e2acb81b1eea09b2183b6efac9java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm6792d0d9d325b69638e6f32bc56b5c0ba832df1026f52cb848665d423c566ff9java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.i686.rpm3d702b0e8a51cedfe93fb93ca33f288027dba99c97c200dbc29cc7b300b3dbc5java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.i686.rpm073e7c44133489586c6a4ba76c66ab5f46f1da4398213adb06d89b5d9666ed05java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.i686.rpmfba0a20c7de9529338be08d2aee126a38beed097201eef779b11dfe7f938fad2java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.i686.rpm467b4d64e1a2c9dbe9e953988d37935e0afb4c4d115515bae294bc6357b4e7f7java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.i686.rpma6d6bc6b9b25c5c3956e2eba20864fa01e593fcd63f2f04db5fde9538054147bjava-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.i686.rpmf30ccd6770b2474262bde472a2b429e07ca9fc9efb79832b7abc21d626d2c8b5java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.i686.rpm3af5575655df5104e7e603e04c6a91ef54d5f95a357e9c88124bf21ecefa26c0SLSA-2017:1201-1This update upgrades Thunderbird to version 52.1.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-5429, CVE-2017-5433, CVE-2017-5435, CVE-2017-5436, CVE-2017-5459, CVE-2017-5466, CVE-2017-5432, CVE-2017-5434, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5446, CVE-2017-5447, CVE-2017-5454, CVE-2017-5460, CVE-2017-5464, CVE-2017-5465, CVE-2017-5469, CVE-2016-10195, CVE-2016-10196, CVE-2017-5445, CVE-2017-5449, CVE-2017-5451, CVE-2017-5467, CVE-2016-10197)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-52.1.0-1.el6_9.i686.rpme51f525dca181e2d55be185e6dcdc04edb25571c48729d735176f1ebd62ed223SLSA-2017:1202-1Security Fix(es): * A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2017-3139) Note: This issue affected only the BIND versions as shipped with EL6.importantScientific Linux FermiScientific Linux Fermi 6bind-libs-9.8.2-0.62.rc1.el6_9.2.i686.rpma7ac26544dd1521f8ac8d263f72c4b50a630399195e924bd86a0b4aed772c76cbind-sdb-9.8.2-0.62.rc1.el6_9.2.i686.rpm9448963233b2f0351977de28b59fd7505db3b083f147483c2210633969d6f140bind-9.8.2-0.62.rc1.el6_9.2.i686.rpm7f6febd2f4ddfc0969f91faba176c82c28f1186e9b461e71112cdbbed65bfa54bind-devel-9.8.2-0.62.rc1.el6_9.2.i686.rpm28d60a8c90201a5af60ef07d087ca36b50a201ddcaedbc9d8a2124c1adbec37dbind-chroot-9.8.2-0.62.rc1.el6_9.2.i686.rpm205e358a4de03bde0c673ee0db5b0b923d7357333f6ab3a5b16235464c45e72abind-utils-9.8.2-0.62.rc1.el6_9.2.i686.rpmec4967a1a2055178c878ddf42fc6d2bc3495a2cecc0dca61421ddd1ac7357fa1SLSA-2017:1204-1Security Fix(es): * An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges. (CVE-2017-3511) * It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory. (CVE-2017-3526) * It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user. (CVE-2017-3509) Note: This update adds support for the "jdk.ntlm.cache" system property which, when set to false, prevents caching of NTLM connections and authentications and hence prevents this issue. However, caching remains enabled by default. * It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2017-3539) Note: This updates extends the fix for CVE-2016-5542 released as part of the SLSA-2016:2658 erratum to no longer allow the MD5 hash algorithm during the Jar integrity verification by adding it to the jdk.jar.disabledAlgorithms security property. * Newline injection flaws were discovered in FTP and SMTP client implementations in the Networking component in OpenJDK. A remote attacker could possibly use these flaws to manipulate FTP or SMTP connections established by a Java application. (CVE-2017-3533, CVE-2017-3544)moderateScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el6_9.i686.rpm01b494851673e415901f52fd8ab1fb640172874b5ef9796c2f84d09620962c0ejava-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el6_9.i686.rpm4fe521cd9af0c0f23c2dab0ee0342053917b78c69ce5b669506d1f44b3b9f8f7java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.i686.rpm65da98b6e133da9df3e7a279032cc6ccc7308919822d637b30be8861783d1f6fjava-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el6_9.noarch.rpma93ef7cabb7ebfbce94b8018fadf4524e08de64d9b6ef3026e1d25e9f3b7a3b5java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el6_9.i686.rpmbcbb50cf5f8b8152b9a49c8644fae8dc2426d9c9710b34ee466f662fb88f54d8SLSA-2017:1206-1Security Fix(es): * A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-9603) * An out-of-bounds r/w access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data via various bitblt functions. A privileged user inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. (CVE-2017-7980) * An out-of-bounds memory access issue was found in QEMU's VNC display driver support. The vulnerability could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user/process inside a guest could use this flaw to crash the QEMU process, resulting in a denial of service. (CVE-2017-2633) * An out-of-bounds access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data using bitblt functions (for example, cirrus_bitblt_rop_fwd_transp_). A privileged user inside a guest could use this flaw to crash the QEMU process, resulting in denial of service. (CVE-2017-7718)importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.503.el6_9.3.i686.rpmdbe6f0b10e1c1a64cc5495c31598db49adf5f480627d3918af3516bf40bc25f6SLSA-2017:1208-1Security Fix(es): Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591) Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. (CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251)importantScientific Linux FermiScientific Linux Fermi 6jasper-utils-1.900.1-21.el6_9.i686.rpma903b19e73d265815d3a4826bf903c1ab86c73cf2d3492f86cff5491d63511d0jasper-1.900.1-21.el6_9.i686.rpmdd61590de97cdb910f7a797a86db00ebb675ec8ad927dcbcf5231d3d71e44266jasper-libs-1.900.1-21.el6_9.i686.rpmc0ee5699ea0363145c3c19a02b99d78b065e0d56a6089038977efc3b78d4d1bdjasper-devel-1.900.1-21.el6_9.i686.rpm65b167d8fc691b4a23358e74b4293733a7f713e6f490eb964281358ee83b21a7SLSA-2017:1230-1Security Fix(es): * It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection. (CVE-2017-8291)importantScientific Linux FermiScientific Linux Fermi 6ghostscript-gtk-8.70-23.el6_9.2.i686.rpm68e50d81c6845d573e8fcdb7703d263d20028ad06a725a09058855aa282ca54eghostscript-devel-8.70-23.el6_9.2.i686.rpm76c92134d302df9ecbb0d6b39a6d465823ddafbc64c785d4563eb4ded2a5e95aghostscript-8.70-23.el6_9.2.i686.rpmedd23ed3c5c3160501c57a020fb028d50e6d96c10a9e6e99708696d5cd263edcghostscript-doc-8.70-23.el6_9.2.i686.rpmdc6c15627a769c6e2e93d6df3a762eeace7a09bbb4c2ce21e4bcbc0c39f05de0SLSA-2017:1267-1Security Fix(es): * It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer. (CVE-2017-8779)importantScientific Linux FermiScientific Linux Fermi 6rpcbind-0.2.0-13.el6_9.i686.rpm70e6b9b92e071be36508fe9d6b12786659dfaeb6e5a9f424d65ea93fb7331345SLSA-2017:1268-1Security Fix(es): * It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow without bound, eventually causing it to be terminated by the OOM killer. (CVE-2017-8779)importantScientific Linux FermiScientific Linux Fermi 6libtirpc-0.2.1-13.el6_9.i686.rpm673b0dd782da045e1e013bd47f73ad01f66d95aca5118e470dff63ea35c28311libtirpc-devel-0.2.1-13.el6_9.i686.rpm4da519285cdc69064862f451b80aad849653f092b821989e379548946bf293cdSLSA-2017:1270-1Security Fix(es): * A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root. (CVE-2017-7494)importantScientific Linux FermiScientific Linux Fermi 6samba-client-3.6.23-43.el6_9.i686.rpm5f1c7b3309eb348ec162beebd081ee2d9a324e48359bd43dffd1bc0ca795afa2libsmbclient-devel-3.6.23-43.el6_9.i686.rpm86e6d69a152889610144d8448772078da53bc421e15367aa3c36898f59b07fb7libsmbclient-3.6.23-43.el6_9.i686.rpm36045e2dd5b21702320d4b72e9f0af22ac29c5680250d06c54f192bd486f468esamba-doc-3.6.23-43.el6_9.i686.rpm799a44613aadd686dac2295234e740c26f536c5ea0af7a09c04cde91dbe78587samba-winbind-devel-3.6.23-43.el6_9.i686.rpm0c90057193778be53e1312e38c9dae2a58b52be4cd9431bd07c728e398d24901samba-winbind-clients-3.6.23-43.el6_9.i686.rpmd6511ed0b340ebf232c3281794612d3a49aa910654be491cc3a1f78d5953be08samba-winbind-3.6.23-43.el6_9.i686.rpm902dfd69d4ed34e7ce1ac6792185b3ec104b5a780af9879b2b03ca822599014bsamba-swat-3.6.23-43.el6_9.i686.rpm4bb61c3b8c5f8501a041c52b2f37f2903ca1655ac2cf50d2e2875d6fbfc8a84dsamba-domainjoin-gui-3.6.23-43.el6_9.i686.rpm35970965591e16829e0d70968acf8c375edc8e37f72fa9a17e18197940e7d4eesamba-common-3.6.23-43.el6_9.i686.rpm90aa765cb2dace8f239e9c44f1bab699480c37fcf63e55075c41687d8a8b4ccfsamba-3.6.23-43.el6_9.i686.rpm030f60620d9cfffa7f67aaad4b10656e36e7e80c46c03225754293116f5c71adsamba-winbind-krb5-locator-3.6.23-43.el6_9.i686.rpm9ef6e90fab6e0acfb66f675af09d6d592ae616afb3fe5cb037624aa0ccb5c141SLSA-2017:1271-1Security Fix(es): * A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root. (CVE-2017-7494)importantScientific Linux FermiScientific Linux Fermi 6samba4-4.2.10-10.el6_9.i686.rpm4377f5b38b8ee0ce57a0398b93817caf3c189de5496bf8bf66a4e83154c3702dsamba4-winbind-krb5-locator-4.2.10-10.el6_9.i686.rpmf6692c9b49ab7dc4fdb35a9186e5d636f07b50e6771ddf45ae929baf849143cbsamba4-test-4.2.10-10.el6_9.i686.rpm547be4dbd9a88b14efc668f51cce4792a466f2d2b1deb6aa3945b134c79af9f5samba4-python-4.2.10-10.el6_9.i686.rpmcf5c118683bd37173249e25f6308d57368d14270a079d1e616ac1da4c68b184esamba4-winbind-clients-4.2.10-10.el6_9.i686.rpmc159c1e5f3b38bd23530c4d18f0e69cf14eb3902b2e0a8ccdc25c2e8fdf8cf88samba4-pidl-4.2.10-10.el6_9.i686.rpm289a67f01af74975178be8aebcfff6ed84826282d1d35f1fed8b60950e4bd5d4samba4-libs-4.2.10-10.el6_9.i686.rpmb3e1b3dbb59837b5b576ae5286774e08dd18b93d160af26169b1f9f07380c5a8samba4-common-4.2.10-10.el6_9.i686.rpmf72de9dcdebf7f341c953114812c64f482140f24d0791a4ab612eee9141c6041samba4-devel-4.2.10-10.el6_9.i686.rpm55f529511e95ec0a9f7887358ddff78f7ba458c5f042eba316f1e466af776622samba4-client-4.2.10-10.el6_9.i686.rpm736535562d2104424b55a462b3bc7fd0405a0ee9031a67a30b99274485156a13samba4-dc-libs-4.2.10-10.el6_9.i686.rpm81e932f704735fe11d4cd17a84dbbe820851c94877d7ca2efa4d1918a5b57df6samba4-dc-4.2.10-10.el6_9.i686.rpm25186df70658c9a4b3080ee0bd3ea5875ca35ab9c12791765a8e317e81363138samba4-winbind-4.2.10-10.el6_9.i686.rpm94fa068a46a57bfaeed754d8e5d3091bf1dde189998ca1504d819cf536c6a96cSLSA-2017:1364-1Security Fix(es): * A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. (CVE-2017-7502) Bug Fix(es): * The Network Security Services (NSS) code and Certificate Authority (CA) list have been updated to meet the recommendations as published with the latest Mozilla Firefox Extended Support Release (ESR). The updated CA list improves compatibility with the certificates that are used in the Internet Public Key Infrastructure (PKI). To avoid certificate validation refusals, consider installing the updated CA list on June 12, 2017.importantScientific Linux FermiScientific Linux Fermi 6nss-sysinit-3.28.4-3.el6_9.i686.rpm76888f7d23a7ac5398d73c3cebd65d294d2390e671e4fb10312f206506df2268nss-tools-3.28.4-3.el6_9.i686.rpm9f00aaa32d5c5205f713ce27b1b04b9dc069bb4b533a0ac65fcbff0415305424nss-devel-3.28.4-3.el6_9.i686.rpmb1866c36523619b7f0b6e2d01029b4102c185368fa29fcd9bf9fb5adab41956dnss-pkcs11-devel-3.28.4-3.el6_9.i686.rpm7e7b4c5e7627985d759cda289ab28108389fb43545d4192b9aaf41a3b282e939nss-3.28.4-3.el6_9.i686.rpm940c84198fcb3cb475c933f37cde222d15063ac62f6d07ae2755573b1bc52a5aSLSA-2017:1372-1Security Fix(es): * A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality can allow a remote attacker to force the kernel to enter a condition in which it can loop indefinitely. (CVE-2017-6214, Moderate) Bug Fix(es): * When executing certain Hadoop jobs, a kernel panic occasionally occurred on multiple nodes of a cluster. This update fixes the kernel scheduler, and the kernel panic no longer occurs under the described circumstances. * Previously, memory leak of the struct cred data structure and related data structures occasionally occurred. Consequently, system performance was suboptimal with the symptoms of high I/O operations wait and small amount of free memory. This update fixes the reference counter of the struct slab cache to no longer cause imbalance between the calls to the get_cred() function and the put_cred() function. As a result, the memory leak no longer occurs under the described circumstances. * Previously, the be2net driver could not detect the link status properly on IBM Power Systems. Consequently, the link status was always reported as disconnected. With this update, be2net has been fixed, and the Network Interface Cards (NICs) now report the link status correctly. * Previously, the RFF_ID and RFT_ID commands in the lpfc driver were issued in an incorrect order. Consequently, users were not able to access Logical Unit Numbers (LUNs). With this update, lpfc has been fixed to issue RFT_ID before RFF_ID, which is the correct order. As a result, users can now access LUNs as expected. * Previously, the kdump mechanism was trying to get the lock by the vmalloc_sync_all() function during a kernel panic. Consequently, a deadlock occurred, and the crashkernel did not boot. This update fixes the vmalloc_sync_all() function to avoid synchronizing the vmalloc area on the crashing CPU. As a result, the crashkernel parameter now boots as expected, and the kernel dump is collected successfully under the described circumstances.moderateScientific Linux FermiScientific Linux Fermi 6kernel-devel-2.6.32-696.3.1.el6.i686.rpmfe84d543a616fd0806d5d472ff0039dd2ed4176e762b2a2ff30b8247bda06ccckernel-debug-devel-2.6.32-696.3.1.el6.i686.rpmacf128c56cf7a31c4fb9e4369501f3ebc1400e5332b0dbf6df235da8cf7bd4bfkernel-debug-2.6.32-696.3.1.el6.i686.rpmfa84aa1f9500eb9cbc0c4b1326e6f9b68e92a87583bda4967ed7ac3de6b7eaeckernel-abi-whitelists-2.6.32-696.3.1.el6.noarch.rpm683a058363b16779571de85ae065c7c60f5af8624324c1a70bb0f7fccd5f7852perf-2.6.32-696.3.1.el6.i686.rpm0c58648a8a10e85b96efb380fbb48356421746c501d12933f6a6bbba66f6a3c5kernel-doc-2.6.32-696.3.1.el6.noarch.rpm794b66a512de1cad923e8b0e7a37c67dd111a401da93a3f6b7ececed26226e15python-perf-2.6.32-696.3.1.el6.i686.rpm93c05ff0788783842c48718c347c2f740083eea31e549beee0b25b148c69a5e8kernel-headers-2.6.32-696.3.1.el6.i686.rpmb31a0adb99cd1f7386a71d491e52bbf7ee0001d45947619b9a43431ab0caf803kernel-2.6.32-696.3.1.el6.i686.rpm81cf763912419bc537bde6e030286f8fdca922e9501729fecba33dd2e74935bdkernel-firmware-2.6.32-696.3.1.el6.noarch.rpmf54db38dee3a387fb1dd12286c3ef1d803d4b04c3aabb8ed933dc8c1cc3bb536SLSA-2017:1382-1Security Fix(es): * A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. (CVE-2017-1000367)importantScientific Linux FermiScientific Linux Fermi 6sudo-1.8.6p3-28.el6_9.i686.rpm63fd474919aec0ebe90d6fe3a7614ab4d4ee72b1a098334faeb657b7811155a6sudo-devel-1.8.6p3-28.el6_9.i686.rpmd2c6c906d65f024de1d046ca8d7b74bc53dc6db16dd1975bf30eaeb67c08df46SLSA-2017:1440-1This update upgrades Firefox to version 52.2.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7751, CVE-2017-7756, CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE-2017-7778, CVE-2017-7750, CVE-2017-7752, CVE-2017-7754, CVE-2017-7757, CVE-2017-7758, CVE-2017-7764)criticalScientific Linux FermiScientific Linux Fermi 6firefox-52.2.0-1.el6_9.i686.rpmabe4597ec5e1d5972051d961c2278f4ca0ace5bd506fe20ab21dcdf7057b080cSLSA-2017:1480-1Security Fix(es): * A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is glibc-side mitigation which blocks processing of LD_LIBRARY_PATH for programs running in secure-execution mode and reduces the number of allocations performed by the processing of LD_AUDIT, LD_PRELOAD, and LD_HWCAP_MASK, making successful exploitation of this issue more difficult. (CVE-2017-1000366)importantScientific Linux FermiScientific Linux Fermi 6glibc-utils-2.12-1.209.el6_9.2.i686.rpme91fb65fd6727f8136f7861131fb6fb81cf03aedf355b2de11e8503a047def41glibc-2.12-1.209.el6_9.2.i686.rpm2879a6d162ef5ee2ad14c6d2efd95e7bc52cecb037f2d5f49d9f20f61fdd3868glibc-static-2.12-1.209.el6_9.2.i686.rpm5600e76f459cbe3e393ae7a2c65ec1ca71135b4668f2f6245c45d1bf36987c85nscd-2.12-1.209.el6_9.2.i686.rpm8634c1b443b0338539739640f68b82b9d4b0214243df26dd1ec3f1710a02646bglibc-devel-2.12-1.209.el6_9.2.i686.rpm649668f2da4e931cc2faedfe0d2ec69dc6ce7ff4c752f74e794f97a8de066bbbglibc-headers-2.12-1.209.el6_9.2.i686.rpm86ade572b37d736164b78a465b9e574692d5d7f963d3e426eef19f6491a303a7glibc-common-2.12-1.209.el6_9.2.i686.rpmfef03c1d3efa043ec082f122500ca97247e2f52538a3ab4526bb09c012c31d73SLSA-2017:1486-1Security Fix(es): * A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult. (CVE-2017-1000364, Important)importantScientific Linux FermiScientific Linux Fermi 6kernel-doc-2.6.32-696.3.2.el6.noarch.rpmd4278db0a1770006bc79d268bec9eb12a67cde174c4956eb8bd1966f5dee59e0python-perf-2.6.32-696.3.2.el6.i686.rpm52f93969bc508fd66cad9ae297f7c00783956a9817ee5dcf7faf1c60ff738575kernel-2.6.32-696.3.2.el6.i686.rpm83228c8e226bd83a03c7048e1cbbc3e4ae166f2a409a37aa2e05a9262f4caecbkernel-abi-whitelists-2.6.32-696.3.2.el6.noarch.rpm3567a866bc5265483c14065a7f3d0b67dff9989351f1040f3c2ac4ed752324fdkernel-devel-2.6.32-696.3.2.el6.i686.rpmde6249215883c63f2847d57767cf2e33ebb132d75d77dc6c6751b2b7014b48ceperf-2.6.32-696.3.2.el6.i686.rpm19012e0f3c828df4c239592fb10f6d27089d9e5527bde6e39275b9dde06fb81ekernel-headers-2.6.32-696.3.2.el6.i686.rpma158e40a7c61184be95127decd7d2752ddfc5f91e896d3e32feb01d2ccc2061akernel-debug-devel-2.6.32-696.3.2.el6.i686.rpmc1ad349d10953758e9718cffacad19c3653ce42f0aaa8e0dc6b18c612d63a51ckernel-firmware-2.6.32-696.3.2.el6.noarch.rpmdfc8a64b1f5db453560506f2fc67d398d837cd5b8c46c9faaeb3d2762547ff6bkernel-debug-2.6.32-696.3.2.el6.i686.rpm609a6e40c21537c78beaf24c019c30d918fcddc87bff1d215d8cab0cae2a87e5SLSA-2017:1561-1This update upgrades Thunderbird to version 52.2.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7750, CVE-2017-7751, CVE-2017-7756, CVE-2017-7771, CVE-2017-7772, CVE-2017-7773, CVE-2017-7774, CVE-2017-7775, CVE-2017-7776, CVE-2017-7777, CVE-2017-7778, CVE-2017-7752, CVE-2017-7754, CVE-2017-7757, CVE-2017-7758, CVE-2017-7764)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-52.2.0-1.el6_9.i686.rpmbf32d2955720ddebbfaafac0afd13950376a6cef28f3ca73d9656ab59c375bebSLSA-2017:1574-1Security Fix(es): * It was found that the original fix for CVE-2017-1000367 was incomplete. A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. (CVE-2017-1000368)moderateScientific Linux FermiScientific Linux Fermi 6sudo-1.8.6p3-29.el6_9.i686.rpmda1448c6fbc12662216dcef1fe10419a28f4d6efa05b6fe27702ab8160659763sudo-devel-1.8.6p3-29.el6_9.i686.rpmefe6b03ba8feb43d659f2d2941094ee653b38a0014e0342c0e23f95a26c55594SLSA-2017:1576-1Security Fix(es): * A flaw was found in the way "hg serve --stdio" command in Mercurial handled command-line options. A remote, authenticated attacker could use this flaw to execute arbitrary code on the Mercurial server by using specially crafted command-line options. (CVE-2017-9462)importantScientific Linux FermiScientific Linux Fermi 6mercurial-hgk-1.4-5.el6_9.i686.rpm885aa88d2c50a1c88031ed44bfd65788d5bf578032a8d9901508d3c735b758ecmercurial-1.4-5.el6_9.i686.rpm2bbe3999bc75c583f7ead09c59cf15dd53857ed9de842156fa3d88cc3e3afd86emacs-mercurial-el-1.4-5.el6_9.i686.rpm4d37415b35a3a54e006422454b1a089aeb821813c85671268d92e1d9f14b2d52emacs-mercurial-1.4-5.el6_9.i686.rpm7b17558627c71c7bba9990f00f3ef11036845a51dcc01e15db7583a747611449SLSA-2017:1679-1Security Fix(es): * A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG(0) signature for a dynamic update request. (CVE-2017-3143) * A flaw was found in the way BIND handled TSIG authentication of AXFR requests. A remote attacker, able to communicate with an authoritative BIND server, could use this flaw to view the entire contents of a zone by sending a specially constructed request packet. (CVE-2017-3142) Bug Fix(es): * ICANN is planning to perform a Root Zone DNSSEC Key Signing Key (KSK) rollover during October 2017. Maintaining an up-to-date KSK, by adding the new root zone KSK, is essential for ensuring that validating DNS resolvers continue to function following the rollover.importantScientific Linux FermiScientific Linux Fermi 6bind-libs-9.8.2-0.62.rc1.el6_9.4.i686.rpm2454c0d0285180ad8ca8372e62b55b07481136101654fda9188eeee5f0ec8873bind-sdb-9.8.2-0.62.rc1.el6_9.4.i686.rpmb41b7081a7726a0a97ed2c40f3aad22efad75a72c1866d876ec5eaf848e586cabind-9.8.2-0.62.rc1.el6_9.4.i686.rpmffb4a6d0e0565b8f7cd8814e1ccabd457e2cec1b242969d8ce65d9ee7ebc19f0bind-utils-9.8.2-0.62.rc1.el6_9.4.i686.rpmc26832e4d213b7e436064cb52d627d02569c609ebd2c9a3b5fd7702fb4c2d88abind-chroot-9.8.2-0.62.rc1.el6_9.4.i686.rpm65d0109e8e2f6710bde6477b284bf549457a5214fba9ad2e8a308f844948229fbind-devel-9.8.2-0.62.rc1.el6_9.4.i686.rpm82626875853d1935405e18ae07d07485c4c79eb7697f58bd76ecf02246e30e42SLSA-2017:1721-1Security Fix(es): * It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743) Note: The fix for the CVE-2016-8743 issue causes httpd to return "400 Bad Request" error to HTTP clients which do not strictly follow HTTP protocol specification. A newly introduced configuration directive "HttpProtocolOptions Unsafe" can be used to re-enable the old less strict parsing. However, such setting also re-introduces the CVE-2016-8743 issue. Bug Fix(es): * Previously, httpd was unable to correctly check a boundary of an array, and in rare cases it attempted to access an element of an array that was out of bounds. Consequently, httpd terminated unexpectedly with a segmentation fault at proxy_util.c. With this update, bounds checking has been fixed, and httpd no longer crashes.moderateScientific Linux FermiScientific Linux Fermi 6httpd-manual-2.2.15-60.sl6.4.noarch.rpm7b92fb6e1e3f4c3c243d028da0aa8412d23b4dfcadc2c3ce6dc8b2aa328ff0dfhttpd-devel-2.2.15-60.sl6.4.i686.rpm03fa344fe3f011171803b6c899275a6f4e6b232b8dd4a78f346361a34ce90651httpd-2.2.15-60.sl6.4.i686.rpmae1bedb870abf3ba91f78c4175cbc3d9cc112cd49c02aa69c155b2b51697be7emod_ssl-2.2.15-60.sl6.4.i686.rpm3e1116894f8fee4c847c536cbe25668dc4b0d19f25e5af091c32352970aba046httpd-tools-2.2.15-60.sl6.4.i686.rpmeb74e0283ea84d04ebf76976e6e5c6359fea49c91157a53ba870fb8b091f18f0SLSA-2017:1723-1Security Fix(es): * The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important) Bug Fix(es): * If several file operations were started after a mounted NFS share had got idle and its Transmission Control Protocol (TCP) connection had therefore been terminated, these operations could cause multiple TCP SYN packets coming from the NFS client instead of one. With this update, the reconnection logic has been fixed, and only one TCP SYN packet is now sent in the described situation. * When the ixgbe driver was loaded for a backplane-connected network card, a kernel panic could occur, because the ops.setup_fc function pointer was used before the initialization. With this update, ops.setup_fc is initialized earlier. As a result, ixgbe no longer panics on load. * When setting an Access Control List (ACL) with 190 and more Access Control Entries (ACEs) on a NFSv4 directory, a kernel crash could previously occur. This update fixes the nfs4_getfacl() function, and the kernel no longer crashes under the described circumstances. * When upgrading to kernel with the fix for stack guard flaw, a crash could occur in Java Virtual Machine (JVM) environments, which attempted to implement their own stack guard page. With this update, the underlying source code has been fixed to consider the PROT_NONE mapping as a part of the stack, and the crash in JVM no longer occurs under the described circumstances. * When a program receives IPv6 packets using the raw socket, the ioctl(FIONREAD) and ioctl(SIOCINQ) functions can incorrectly return zero waiting bytes. This update fixes the ip6_input_finish() function to check the raw payload size properly. As a result, the ioctl() function now returns bytes waiting in the raw socket correctly. * Previously, listing a directory on a non-standard XFS filesystem (with non-default multi-fsb directory blocks) could lead to a soft lock up due to array index overrun in the xfs_dir2_leaf_readbuf() function. This update fixes xfs_dir2_leaf_readbuf(), and the soft lock up no longer occurs under the described circumstances. * Previously, aborts from the array after the Storage Area Network (SAN) fabric back-pressure led to premature reuse of still valid sequence with the same OX_ID. Consequently, an error message and data corruption could occur. This update fixes the libfc driver to isolate the timed out OX_IDs, thus fixing this bug. * Previously, a kernel panic occurred when the mcelog daemon executed a huge page memory offline. This update fixes the HugeTLB feature of the Linux kernel to check for the Page Table Entry (PTE) NULL pointer in the page_check_address() function. As a result, the kernel panic no longer occurs under the described circumstances.importantScientific Linux FermiScientific Linux Fermi 6kernel-2.6.32-696.6.3.el6.i686.rpme61899506074a752c7f248dcc4e015d1129596196d769bd02ccee3139136e77dkernel-doc-2.6.32-696.6.3.el6.noarch.rpm019f193d68652c61bc6b27688c42ea3351e25697123e80177f92d53d6205bb88python-perf-2.6.32-696.6.3.el6.i686.rpm9774db9a591f3b072fe0c9c5817c3e6ad5a205f7694756964c3352e1b910fbcbkernel-abi-whitelists-2.6.32-696.6.3.el6.noarch.rpm59740baee481bd15f0d3a56065838dee04694822d164aeacb8e941b2070ce96dkernel-devel-2.6.32-696.6.3.el6.i686.rpmfe233b043e42caa79d41e3589cd41788f030632487639b7429bb0ab7d3038620kernel-headers-2.6.32-696.6.3.el6.i686.rpmc54ab158e5643850b2a19f2ecd8eb54be9a763226f54a12cdf88cbf63d49b376kernel-debug-devel-2.6.32-696.6.3.el6.i686.rpme365b975854fa172e36c48af77f3f1b1fb6bbcf67672b304b9d2b828fb1767f2perf-2.6.32-696.6.3.el6.i686.rpmea3885a7a617df7d58f1cd69ff32b91cfaa4d266f31e78fd28e0a52c5e38b7e6kernel-firmware-2.6.32-696.6.3.el6.noarch.rpm9b8bfe574c3d0ab35c79b62c1f70699b0e98d3e99f57bc15527ca8007bdae1dfkernel-debug-2.6.32-696.6.3.el6.i686.rpmcf061b4b97c869bc0f13d11fce7866d4ef2b083131028bc778aad39e161eb30bSLSA-2017:1759-1Security Fix(es): * An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attributes in request packets. A remote attacker could use this flaw to crash the FreeRADIUS server or to execute arbitrary code in the context of the FreeRADIUS server process by sending a specially crafted request packet. (CVE-2017-10979) * An out-of-bounds read and write flaw was found in the way FreeRADIUS server handled RADIUS packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a specially crafted RADIUS packet. (CVE-2017-10978) * Multiple memory leak flaws were found in the way FreeRADIUS server handled decoding of DHCP packets. A remote attacker could use these flaws to cause the FreeRADIUS server to consume an increasing amount of memory resources over time, possibly leading to a crash due to memory exhaustion, by sending specially crafted DHCP packets. (CVE-2017-10980, CVE-2017-10981) * Multiple out-of-bounds read flaws were found in the way FreeRADIUS server handled decoding of DHCP packets. A remote attacker could use these flaws to crash the FreeRADIUS server by sending a specially crafted DHCP request. (CVE-2017-10982, CVE-2017-10983)importantScientific Linux FermiScientific Linux Fermi 6freeradius-mysql-2.2.6-7.el6_9.i686.rpme5352a6a8736a87b9b6bd796749ffee083a9242500a2a2210678611d0057b521freeradius-krb5-2.2.6-7.el6_9.i686.rpmb909674e2c1d8c1ca636b4561e4c714c29191bbc31147a7af8d0c54bac2c9675freeradius-unixODBC-2.2.6-7.el6_9.i686.rpm4eb75ca5cbc241714e910607ad3ba57262dc6320c2d7f553678f00dc3a21d2cafreeradius-postgresql-2.2.6-7.el6_9.i686.rpm819d6d569ae175f15a218f0c22503c021c8588d01f5ad74c0aea26e9bfd3cc1cfreeradius-python-2.2.6-7.el6_9.i686.rpm407888fe6c67554ad0962e24fdf9a55bbad19bcd7e7afd1e1bb186dd76e175dafreeradius-utils-2.2.6-7.el6_9.i686.rpm9253defed9b20c2786ea4f90948204744059b15e15bde64a078e1d431cbee886freeradius-perl-2.2.6-7.el6_9.i686.rpm1ed319fee60103013eb655d20696747ab16d17b18018bd67b7fa7817e3fa3db2freeradius-ldap-2.2.6-7.el6_9.i686.rpm9db1fa384493446e7ef6af217f7b949b6b116ddef4ac2c276ad8b9d38ab2df76freeradius-2.2.6-7.el6_9.i686.rpm7732bc91aaaf11471ed954c0737113b93d7ef355fbc71ca4326048b69c94a653SLSA-2017:1789-1Security Fix(es): * It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) * Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10111, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) * It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) * It was discovered that the Nashorn JavaScript engine in the Scripting component of OpenJDK could allow scripts to access Java APIs even when access to Java APIs was disabled. An untrusted JavaScript executed by Nashorn could use this flaw to bypass intended restrictions. (CVE-2017-10078) * It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198) * A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) * A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) * It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) * Multiple flaws were found in the Hotspot and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-10081, CVE-2017-10193) * It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.criticalScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-headless-1.8.0.141-2.b16.el6_9.i686.rpm5e85bf7ba0ca9166e68c1801de726a6a70d9ff6a2b3fe28d8fd2f1fe251ee823java-1.8.0-openjdk-src-1.8.0.141-2.b16.el6_9.i686.rpm786505669be18bfd313d5b1a74dea521bcabe4c4fbcdc44ebff44a3666702601java-1.8.0-openjdk-1.8.0.141-2.b16.el6_9.i686.rpmb088af38fa3f68a6a3fa048891d8716a8f5a34ec29526ee5ccb782474e90ac58java-1.8.0-openjdk-devel-debug-1.8.0.141-2.b16.el6_9.i686.rpm26a5786482b63bcb228185d77ce59413917ca13410094f3cc56a882d9d911261java-1.8.0-openjdk-demo-debug-1.8.0.141-2.b16.el6_9.i686.rpmdaf9fc45b2d445e05f9c5ec9517151478cf4dbf07b9c70b06f6d5f5bacc20becjava-1.8.0-openjdk-javadoc-debug-1.8.0.141-2.b16.el6_9.noarch.rpm794ba7f05c7b6d58f930c97c5b28eaba76d889e7492726ce452fbc77fbcac6efjava-1.8.0-openjdk-demo-1.8.0.141-2.b16.el6_9.i686.rpme3687536e4fb80e82f43cd0c112741360fa30506a41634b3e75c99f6496f81cajava-1.8.0-openjdk-src-debug-1.8.0.141-2.b16.el6_9.i686.rpmce6beeff1a28c052e2d69553ba203d6da52f0cfaca9276cde3bbec0d774a1f80java-1.8.0-openjdk-javadoc-1.8.0.141-2.b16.el6_9.noarch.rpmf5276bae78af56c2eadfde442ab3f5f2859aac229815e8e7c507b381517a8eacjava-1.8.0-openjdk-debug-1.8.0.141-2.b16.el6_9.i686.rpm1173ecc14be7e918c001f7b1862b85a1d52d0c165792043d486c2fd152475025java-1.8.0-openjdk-headless-debug-1.8.0.141-2.b16.el6_9.i686.rpme5a9d4f35b616f8e7373b30898e4851e589d3025d2915c3e78b83680d5ee4b18java-1.8.0-openjdk-devel-1.8.0.141-2.b16.el6_9.i686.rpmdb2bf017b1b932002949939d83f36fe814eeb13c2feb1c01122c974a17ff9a30SLSA-2017:2424-1Security Fix(es): * It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-10102) * Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10107, CVE-2017-10096, CVE-2017-10101, CVE-2017-10089, CVE-2017-10090, CVE-2017-10087, CVE-2017-10110, CVE-2017-10074, CVE-2017-10067) * It was discovered that the LDAPCertStore class in the Security component of OpenJDK followed LDAP referrals to arbitrary URLs. A specially crafted LDAP referral URL could cause LDAPCertStore to communicate with non-LDAP servers. (CVE-2017-10116) * It was discovered that the wsdlimport tool in the JAX-WS component of OpenJDK did not use secure XML parser settings when parsing WSDL XML documents. A specially crafted WSDL document could cause wsdlimport to use an excessive amount of CPU and memory, open connections to other hosts, or leak information. (CVE-2017-10243) * A covert timing channel flaw was found in the DSA implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application generate DSA signatures on demand could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2017-10115) * A covert timing channel flaw was found in the PKCS#8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS#8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel. (CVE-2017-10135) * It was discovered that the BasicAttribute and CodeSource classes in OpenJDK did not limit the amount of memory allocated when creating object instances from a serialized form. A specially crafted serialized input stream could cause Java to consume an excessive amount of memory. (CVE-2017-10108, CVE-2017-10109) * A flaw was found in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10081) * It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory. (CVE-2017-10053)criticalScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-demo-1.7.0.151-2.6.11.0.el6_9.i686.rpmac82aa057cec00b6e1b6a17ef8c73c551581425d8f4efa0fae9a4285b95e6dbdjava-1.7.0-openjdk-javadoc-1.7.0.151-2.6.11.0.el6_9.noarch.rpmd4d32441041b1eac71510bd2b9ad86ca681654ff613c2adfac682744786f4f18java-1.7.0-openjdk-devel-1.7.0.151-2.6.11.0.el6_9.i686.rpm84a31728426441081d0c3b85746d99311e76dd96a8dece58e88fc552fc2cd89djava-1.7.0-openjdk-src-1.7.0.151-2.6.11.0.el6_9.i686.rpm7e0a8460601daa5b35073e96bcbff3cf77af456be802543bbfaa7de8ebfa7818java-1.7.0-openjdk-1.7.0.151-2.6.11.0.el6_9.i686.rpm254aa72830114eb329985c9a47c92eb8cebdbbac1c27e18fefc7a44029e805d2SLSA-2017:2456-1This update upgrades Firefox to version 52.3.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-7779, CVE-2017-7798, CVE-2017-7800, CVE-2017-7801, CVE-2017-7753, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787, CVE-2017-7792, CVE-2017-7802, CVE-2017-7807, CVE-2017-7809, CVE-2017-7791, CVE-2017-7803)criticalScientific Linux FermiScientific Linux Fermi 6firefox-52.3.0-3.el6_9.i686.rpm08a111757cf923ec9a076cb91eddfa426e65197f4c7dc5878906ae04c2231008SLSA-2017:2478-1Security Fix(es): * It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788) * It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167) * A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169) * A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)importantScientific Linux FermiScientific Linux Fermi 6httpd-tools-2.2.15-60.sl6.5.i686.rpm5cdb65835dac3b685bd8c687ae9522cee454e21d9c646de5fbabf56bb64a3282httpd-devel-2.2.15-60.sl6.5.i686.rpm137c1093c87f3de665495ed007f85252257201e99dc9ebb20f62c3f0ae11cc51mod_ssl-2.2.15-60.sl6.5.i686.rpm811cf2254cc49e3bccee085cfd681d4c6bf6ffc5fff1021122c5f546b6ddb776httpd-2.2.15-60.sl6.5.i686.rpm40e6718daf1f000809a290586fb10a1e4018ac125d7fe957533d60aaf2f7dbd4httpd-manual-2.2.15-60.sl6.5.noarch.rpmd03ca4fc6e03e40ea424387af2958d6ad01ef200f9436a9b5477c955c2caebc0SLSA-2017:2485-1Security Fix(es): * A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "clone" action on a malicious repository or a legitimate repository containing a malicious commit. (CVE-2017-1000117)importantScientific Linux FermiScientific Linux Fermi 6gitweb-1.7.1-9.el6_9.noarch.rpm156ee25ee26379f29336ae5169ac2eb6325953c7c644daaac89be7995925059cgitk-1.7.1-9.el6_9.noarch.rpm0816ee686d718b9a5c815cb3c562d16912734e395cdcfb1bc3cc05bfa30f065dperl-Git-1.7.1-9.el6_9.noarch.rpmafced2cc89763349fe540271abef9c11c526e6816c379c684dfbedec70a334f5git-svn-1.7.1-9.el6_9.noarch.rpm0ba3f49eabcf16e124bdec19b0744826068ef26b4f28fab8725551ed564c0745git-cvs-1.7.1-9.el6_9.noarch.rpm7d523d7dae6efd912fbe112c2fb6c626db4c7de003e8385b2fcee10b64927288git-gui-1.7.1-9.el6_9.noarch.rpmff376cf7dc5f042c35046d308767d7454f2e146741eb7a5e1c4add5600ffc1f3git-email-1.7.1-9.el6_9.noarch.rpm2f44f1162208c93efa13ca52caef5d27a33d3b5b022b02500983ed475831fa52git-1.7.1-9.el6_9.i686.rpm5d434593fee1e7074f853a9a48f0d2d2a1b9c7a534b7ef27bd19343d97c9b6c9emacs-git-el-1.7.1-9.el6_9.noarch.rpmd353cea62b28beb6d3cf2a1510b11c0d5be2c2f36a3cc42b7c1d7af8608a7caeemacs-git-1.7.1-9.el6_9.noarch.rpm6d0468a0928c6487bc078044232e1371c9c049b8e52ea992dce3f8c53a494528git-all-1.7.1-9.el6_9.noarch.rpmf57299c2664c0f172ac8c60ab6bb031f94aa4f0182a8597b997090fa5478ae4fgit-daemon-1.7.1-9.el6_9.i686.rpm80f136c28a3520bc453459829023c4ff1767dc031b25d87aaa38803f613d3730SLSA-2017:2534-1This update upgrades Thunderbird to version 52.3.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7779, CVE-2017-7800, CVE-2017-7801, CVE-2017-7753, CVE-2017-7784, CVE-2017-7785, CVE-2017-7786, CVE-2017-7787, CVE-2017-7792, CVE-2017-7802, CVE-2017-7807, CVE-2017-7809, CVE-2017-7791, CVE-2017-7803)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-52.3.0-1.el6_9.i686.rpm1230539aba7166f60387175a58074520b8cbc4c2ec1a73d7b2af819fb606c66eSLSA-2017:2550-1Security Fix(es): * An integer overflow leading to heap-based buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler (such as Evince) to crash, or potentially execute arbitrary code when opened. (CVE-2017-9776)moderateScientific Linux FermiScientific Linux Fermi 6poppler-qt4-devel-0.12.4-12.el6_9.i686.rpm484d59e0a9c448def0bf3855c845ceaa5c77b2c7b59cf1892305c3b6109124fbpoppler-qt4-0.12.4-12.el6_9.i686.rpmd2a4ffc5c89465dbe868e7f5965bdc62db441cd9ad7fa4afd058e6fbff0517a0poppler-devel-0.12.4-12.el6_9.i686.rpm4f4a0fad120358511b53a193d59ef9050645f3385e283e2fbbac621a583c263apoppler-0.12.4-12.el6_9.i686.rpm668c1d99c9731bc89b25f720a9047dc476e4e631606ffca9a6ca674fa39d5c04poppler-utils-0.12.4-12.el6_9.i686.rpm3ba65c017cb6a6befa3c550b0edea9ce3d2ba5085deae9f6eb5b5c73ac71ae16poppler-qt-devel-0.12.4-12.el6_9.i686.rpm6d4ac572510baa6b3efdb9f38e402da73bcfb84dfca4f68f4f6c1468d68b53bepoppler-glib-devel-0.12.4-12.el6_9.i686.rpm4b4ef472476fe5217c4fba49a60863914da0574aa881af681c89dec67002e371poppler-qt-0.12.4-12.el6_9.i686.rpm769553248ebd397368a8fe20322e95eac43403518c389abf8578b958dfc0bb64poppler-glib-0.12.4-12.el6_9.i686.rpm9957e273c5f421fd6b765380af4f7bd4a657f8765365ed5acfcf7b87e67f1ca9SLSA-2017:2563-1Security Fix(es): * A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses. (CVE-2016-6210)moderateScientific Linux FermiScientific Linux Fermi 6openssh-5.3p1-123.el6_9.i686.rpm97f740105110feb2ce73b673f21c9317bbf4369cdf53b1a03d779d331608968fopenssh-ldap-5.3p1-123.el6_9.i686.rpmd68c23b33bba1319b979fabc1e863ca1762d681b6b9d0c7328e74ba8dbfcd6b9openssh-server-5.3p1-123.el6_9.i686.rpmda74fcb0fb1a37d77cd93cd4fd4523ed08a472fec06f48fab2102d1da3a18bfbopenssh-askpass-5.3p1-123.el6_9.i686.rpm9ebe578b10b675e75207ad8b7e4c294056c2b5b768257d9c0bbe4631ba168cffopenssh-clients-5.3p1-123.el6_9.i686.rpm157503a3564f8126bd3e0c24d2b9cf73bee3036259ab43438fe381e969b22701pam_ssh_agent_auth-0.9.3-123.el6_9.i686.rpm0d3b4f07827f28ab885f94552df147e81a91bf37a07e4c2068b95146c1df6cf9SLSA-2017:2681-1Security Fix(es): * A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel (CONFIG_CC_STACKPROTECTOR=y, which is enabled on all architectures other than s390x and ppc64[le]), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to crash the system. Due to the nature of the stack protection feature, code execution cannot be fully ruled out, although we believe it is unlikely. On systems without the stack protection feature (ppc64[le]; the Bluetooth modules are not built on s390x), an unauthenticated attacker able to initiate a connection to a system via Bluetooth could use this flaw to remotely execute arbitrary code on the system with ring 0 (kernel) privileges. (CVE-2017-1000251, Important)importantScientific Linux FermiScientific Linux Fermi 6python-perf-2.6.32-696.10.2.el6.i686.rpm310c93583392178b29690b57f509eb72de985bba541ff3fd1c2f8a870e7cd7d7kernel-devel-2.6.32-696.10.2.el6.i686.rpm1be0b4c2e9a21722cc20487273fc1aae31fc91ee61dc937e10331ad870c7a8c2kernel-2.6.32-696.10.2.el6.i686.rpm0d6f59688f8a59a9082ccf442bb13d26e4174d2fbb71087be71c8ba8ed16f124kernel-doc-2.6.32-696.10.2.el6.noarch.rpm8ba9a17c87744ab3b5edd58b5a827b280655e1feb60f0c3eaf8298dc9774515dkernel-debug-2.6.32-696.10.2.el6.i686.rpm0334fd8d4a5e2194e8542500107633a44cf3fb846b648d0e1932ce3bc69a8811kernel-firmware-2.6.32-696.10.2.el6.noarch.rpm9594c4e6cc6c4d4945adf98516408763aac60dc405d8544f3b426cc0b9e7980eperf-2.6.32-696.10.2.el6.i686.rpma2b37dc278ec53a27459d79db674ceedaaf9132abbdd5cda6ef29ae4129204c6kernel-abi-whitelists-2.6.32-696.10.2.el6.noarch.rpm611b9a684051af5e4cced48c671c88d2ea4df4a2470bfe2731e16436ef5c15bekernel-debug-devel-2.6.32-696.10.2.el6.i686.rpmb1270330476a39f015b90ca3f9766c5e06bf84385f307974f19d9c9dd4ac2bf1kernel-headers-2.6.32-696.10.2.el6.i686.rpm330def9aaa3f2fdc79200893a87e6494e95af4b16f3877eb565b1588b65e195aSLSA-2017:2685-1Security Fix(es): * An information-disclosure flaw was found in the bluetoothd implementation of the Service Discovery Protocol (SDP). A specially crafted Bluetooth device could, without prior pairing or user interaction, retrieve portions of the bluetoothd process memory, including potentially sensitive information such as Bluetooth encryption keys. (CVE-2017-1000250)moderateScientific Linux FermiScientific Linux Fermi 6bluez-alsa-4.66-2.el6_9.i686.rpm9ee76fcc7239a5ddbeb04c312ea0febb1c66bfac89fb041ffe87b481f3218f18bluez-4.66-2.el6_9.i686.rpm909d120dfb230e23e74720b37b7e0786b3da539b1ae6bf1f43f2ef2448d23562bluez-libs-devel-4.66-2.el6_9.i686.rpma4b907bab21cfb79ecba7c5c8bb54eaf57d5e16a4672f7ca36124e724bdc26c8bluez-libs-4.66-2.el6_9.i686.rpm7bcac087a22a9f93c8768c7001d23a15381831c3d2e61a666180f537f1294c46bluez-compat-4.66-2.el6_9.i686.rpm6ddf5d6b45d6bcda88c2085a8fd5e4b12a55bcd077e804068f5060fa3d58286abluez-cups-4.66-2.el6_9.i686.rpm891f22ff79778ef0256fbea6828723f19a6ca176cbff1b613e7c2039ed8b1bb3bluez-gstreamer-4.66-2.el6_9.i686.rpm40c417ebb3ee9e5367e06a606d0cad2ae5135297b04085d0916bd87964d3dfaeSLSA-2017:2789-1Security Fix(es): * A race condition was found in samba server. A malicious samba client could use this flaw to access files and directories in areas of the server file system not exported under the share definitions. (CVE-2017-2619) * It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man- in-the-middle attack and retrieve information in plain-text. (CVE-2017-12150) * An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. (CVE-2017-12163)moderateScientific Linux FermiScientific Linux Fermi 6libsmbclient-3.6.23-45.el6_9.i686.rpm9317c294344b61baeb5c01ab76b2c758ac63d957965a9734f31e72dad4c30fd9samba-doc-3.6.23-45.el6_9.i686.rpmf03a0861f9e57f4b218997f007df391d044d82fecb0f52a99fe96233bfad4469samba-winbind-krb5-locator-3.6.23-45.el6_9.i686.rpma0ca3180a494bfd3894fb1e5c05b94111548e1612c655ef92d5ae1f072534811samba-common-3.6.23-45.el6_9.i686.rpm7246b1ba5729bc259b17e6a40cf5341ff442ab140bfa0944caa209fa77ef09a6libsmbclient-devel-3.6.23-45.el6_9.i686.rpmec930cec2f3b8b4eecda96b461ac66c07f9104bb93695d286c7f493cf1b87ca6samba-client-3.6.23-45.el6_9.i686.rpm4a22a89ef6d238e2ff32cfc2e34935a60c2f0ed18721bb5b2c5fbaa8010e399asamba-winbind-3.6.23-45.el6_9.i686.rpmaa2f1afd91ae79daa4d971a7a0ea091afe8d4d18be0ce381418fc2e203c69e80samba-winbind-devel-3.6.23-45.el6_9.i686.rpmdcbb0d8e0b1d6c3615aefd477c766189799bfe3739777c3b310c281d8c54d4absamba-swat-3.6.23-45.el6_9.i686.rpm04ead7acd140e04a79218b23401db3fc43d438832eeb1301be6806bec32a0fb2samba-domainjoin-gui-3.6.23-45.el6_9.i686.rpmf837492c8088d888733568aceaf21dcce9a3cb6a101afaeae2dd33b70f93c3cbsamba-3.6.23-45.el6_9.i686.rpm0f55a6b2db254448466cd080f7b848382fe141f81b2081db2f827ea235aa5603samba-winbind-clients-3.6.23-45.el6_9.i686.rpm3598f4b0b89b863899ad5b262022f60cdd811fe7dbb6c44400c1c8ef4362caf7SLSA-2017:2791-1Security Fix(es): * It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man- in-the-middle attack and retrieve information in plain-text. (CVE-2017-12150) * An information leak flaw was found in the way SMB1 protocol was implemented by Samba. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. (CVE-2017-12163)moderateScientific Linux FermiScientific Linux Fermi 6samba4-winbind-4.2.10-11.el6_9.i686.rpm792f6b96c354501a6e3ec848c168e09dea5632c802f8b24d2226eff1b95174fasamba4-dc-libs-4.2.10-11.el6_9.i686.rpm47544d853bda1a5d07a50c5dc23fc2d1885876873de354dde6a2c105f0d4b9efsamba4-libs-4.2.10-11.el6_9.i686.rpma86ae50964615e5720d9d81d7501101d5ae011426d8cc6a42be3cd08b8b31d42samba4-winbind-krb5-locator-4.2.10-11.el6_9.i686.rpm09339fba1bc0c657c53340c13d41f89a9bea2c4441845ce02cb1112a2f7a5b48samba4-4.2.10-11.el6_9.i686.rpm7dca37e56e76be867d36556e9f1685c27387843c4d4ae21043ddc15f601c9748samba4-devel-4.2.10-11.el6_9.i686.rpmf464721f4dbd5beb629686ec6eb0a89edb4ce6571ad7cd7bd1c07a4cb84cd1fcsamba4-common-4.2.10-11.el6_9.i686.rpmdcf7a8ca7d903ef975ef77ff27e3376b44a0fb1a0b8094dff3d0f6ff65c80a0fsamba4-client-4.2.10-11.el6_9.i686.rpm99c6eef0a9e81fae45080c36abada09a4e8c88787f51bc9112ab9e9fe59332ccsamba4-winbind-clients-4.2.10-11.el6_9.i686.rpm8a272c871fd49308e4946a4f0597bf2fe2a6b417fdd46b7ed0f0daf9a6b8b3c9samba4-python-4.2.10-11.el6_9.i686.rpme1aefeff220131130b3ddf77159d55166aad1b3cf3356b11718c07d1a73e9bccsamba4-dc-4.2.10-11.el6_9.i686.rpm520a1b7a9276ffdc0ece64d226d19d97bc7a2005c649cb2a1414217aa5530e8bsamba4-pidl-4.2.10-11.el6_9.i686.rpm01eed4dbb199e8b5b85e2d99f8e2b8f0dc3228ccd9a8c311242a9270eeb465aesamba4-test-4.2.10-11.el6_9.i686.rpm700721f6c6536473239d3ce98aaec683de49342b22e589e28981050ae88bec51SLSA-2017:2795-1Security Fix(es): * A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)importantScientific Linux FermiScientific Linux Fermi 6kernel-2.6.32-696.10.3.el6.i686.rpmbcbebde20e3cd9f56d8fc221d05ca95ab416cdb4b5e7336b2567f129c286cb08kernel-doc-2.6.32-696.10.3.el6.noarch.rpm60886710a0f0435284b4c641f536b5d8cc3600966355a67c88c7ddeb594c814fkernel-debug-2.6.32-696.10.3.el6.i686.rpmb36823c2494abf2750fe2d73daecb6840c057028acc5b381bf172755a898b8aakernel-firmware-2.6.32-696.10.3.el6.noarch.rpma371ac93bb7655a3a4772cf1b19c4c83a10c261516039d28d008b0383871ca49kernel-devel-2.6.32-696.10.3.el6.i686.rpmaf1886e5b6b67a3970abcf5c34466e19ebed1f00a0fbe1664f1078a32196599epython-perf-2.6.32-696.10.3.el6.i686.rpm5fe32859f8c934bebb020b757d8ced77540c5df159a855b3e9c65af26b83b79dkernel-headers-2.6.32-696.10.3.el6.i686.rpm32df2d4f38370551805bdb6f17c448f1f645656ad1a67baf3691db7b323c9322kernel-debug-devel-2.6.32-696.10.3.el6.i686.rpmca92d408a34683677e2f8ce7ec4639179a7786098705ad809aa090854516c9cdperf-2.6.32-696.10.3.el6.i686.rpmd4c9a873deaa5c6f0262731ee566d58de8eb289b8f5bedd71e32f99c5dd277b8kernel-abi-whitelists-2.6.32-696.10.3.el6.noarch.rpme34a595d77f857d0a722d324b850c209f41491244a41def1408ae4866dea6db4SLSA-2017:2831-1This update upgrades Firefox to version 52.4.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-7810, CVE-2017-7793, CVE-2017-7818, CVE-2017-7819, CVE-2017-7824, CVE-2017-7814, CVE-2017-7823)criticalScientific Linux FermiScientific Linux Fermi 6firefox-52.4.0-1.el6_9.i686.rpm6c8fe24f282e69deb493b438a7825f73e523c9b4ad8a0ba39a1efc7d60702065SLSA-2017:2832-1Security Fix(es): * A use-after-free flaw was found in the TLS 1.2 implementation in the NSS library when client authentication was used. A malicious client could use this flaw to cause an application compiled against NSS to crash or, potentially, execute arbitrary code with the permission of the user running the application. (CVE-2017-7805)importantScientific Linux FermiScientific Linux Fermi 6nss-devel-3.28.4-4.el6_9.i686.rpm953584e75a9b917aa31170dd53aee2f08fdcf6e780ed443943db8c923eb4fe9enss-sysinit-3.28.4-4.el6_9.i686.rpm383490d0bc5c623aa7b85ef1aa9f432e20df7ee37b1fa2cce47613a5d1b70545nss-3.28.4-4.el6_9.i686.rpme2fa4797d2e8604936ee0cd028f74d80384fbbd2c33e1655aa39110c70fb212cnss-tools-3.28.4-4.el6_9.i686.rpm402a5886cc49ae448d07dbb3dce6c45cde9747ca5af67490554e6cace239292enss-pkcs11-devel-3.28.4-4.el6_9.i686.rpm42e593d054692a06568abb413b86d6fa3fa686520cd215efc4cc820bcbcf1df6SLSA-2017:2838-1Security Fix(es): * A heap buffer overflow was found in dnsmasq in the code responsible for building DNS replies. An attacker could send crafted DNS packets to dnsmasq which would cause it to crash or, potentially, execute arbitrary code. (CVE-2017-14491)criticalScientific Linux FermiScientific Linux Fermi 6dnsmasq-utils-2.48-18.el6_9.i686.rpm7b79cb62536f33ba8c1c0538f5fca9439cd0d6e6758086defa15d908e17f4721dnsmasq-2.48-18.el6_9.i686.rpm510bf5fdfa62c1ca987cd49006031323c0051405a0e3714d2d427ecdaa27e737SLSA-2017:2860-1Security Fix(es): * It was found that authenticating to a PostgreSQL database account with an empty password was possible despite libpq's refusal to send an empty password. A remote attacker could potentially use this flaw to gain access to database accounts with empty passwords. (CVE-2017-7546)moderateScientific Linux FermiScientific Linux Fermi 6postgresql-test-8.4.20-8.el6_9.i686.rpm7037f608e89ede67910223ff9a1a43fdd6bea1c23a85edc5ea1644867a07d3c8postgresql-server-8.4.20-8.el6_9.i686.rpm35ec5c94580f563ed211657c0d217ec51fc6b30052b3cc557795f0922fb496e4postgresql-plperl-8.4.20-8.el6_9.i686.rpm5f322b4ab7300122da0b968b3f5307bb6f0442aa232072ead416cde9c844cd05postgresql-8.4.20-8.el6_9.i686.rpmbeef0ce70fa1450cdf658ec058a1b0393cde05b98729ae5b0d81abc528c85317postgresql-pltcl-8.4.20-8.el6_9.i686.rpmd2ba63a0b0622e52af2c65c24edb3bdc94fa2056bd35ddaa740e07b8081f062cpostgresql-plpython-8.4.20-8.el6_9.i686.rpme375acfc3a727cfc253024acdb69625c0ef2c13a785da1f52588fd40e3e627d5postgresql-docs-8.4.20-8.el6_9.i686.rpm093440380929590937e2be4de84c0e25142a8702845df4d96ad58dfe71332d0epostgresql-libs-8.4.20-8.el6_9.i686.rpmd3f2be0ffc5a570cc7a08eea2c18edc89b8864bda4721d4ad4cba9db1322d6b7postgresql-devel-8.4.20-8.el6_9.i686.rpm1cf596c4e3319289c9aed8a47cbe224ed4e14450fbbd2ccdcef6f64e45d292b6postgresql-contrib-8.4.20-8.el6_9.i686.rpm59cc67b59ae950a36a24f19ad1909936561e327f195accb7fb9c5f82cd655dc4SLSA-2017:2863-1Security Fix(es): * Kernel memory corruption due to a buffer overflow was found in brcmf_cfg80211_mgmt_tx() function in Linux kernels from v3.9-rc1 to v4.13-rc1. The vulnerability can be triggered by sending a crafted NL80211_CMD_FRAME packet via netlink. This flaw is unlikely to be triggered remotely as certain userspace code is needed for this. An unprivileged local user could use this flaw to induce kernel memory corruption on the system, leading to a crash. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is unlikely. (CVE-2017-7541, Moderate) Bug Fix(es): * Previously, removal of a rport during ISCSI target scanning could cause a kernel panic. This was happening because addition of STARGET_REMOVE to the rport state introduced a race condition to the SCSI code. This update adds the STARGET_CREATED_REMOVE state as a possible state of the rport and appropriate handling of that state, thus fixing the bug. As a result, the kernel panic no longer occurs under the described circumstances. * Previously, GFS2 contained multiple bugs where the wrong inode was assigned to GFS2 cluster-wide locks (glocks), or the assigned inode was cleared incorrectly. Consequently, kernel panic could occur when using GFS2. With this update, GFS2 has been fixed, and the kernel no longer panics due to those bugs. * Previously, VMs with memory larger than 64GB running on Hyper-V with Windows Server hosts reported potential memory size of 4TB and more, but could not use more than 64GB. This was happening because the Memory Type Range Register (MTRR) for memory above 64GB was omitted. With this update, the /proc/mtrr file has been fixed to show correct base/size if they are more than 44 bit wide. As a result, the whole size of memory is now available as expected under the described circumstances.moderateScientific Linux FermiScientific Linux Fermi 6perf-2.6.32-696.13.2.el6.i686.rpmae3d0fe22e96a9a579f02dc00d443d593257cb944904f990d1fe0e68bf3b33cakernel-debug-2.6.32-696.13.2.el6.i686.rpm5d8d17ce82607f7cfdcf1aaf6378b192a80545fa55022c37cca662cc55a2ecf2kernel-doc-2.6.32-696.13.2.el6.noarch.rpm50a672a034c33c8f2c70b5260c034c684df6e9138f0caf37d12ee517f654b001kernel-debug-devel-2.6.32-696.13.2.el6.i686.rpmf668a3121357d0228fb667495ce7618c2a204a9703856b81e55c6334519226cfkernel-devel-2.6.32-696.13.2.el6.i686.rpm7929bb46d8153ee44c519f5f995e62fd838ee497a7829af60efbaefac912ce2cpython-perf-2.6.32-696.13.2.el6.i686.rpm5c7b96132b3b991a79e41708a694b995bedc25f339b15b65f0491c6381c48518kernel-abi-whitelists-2.6.32-696.13.2.el6.noarch.rpmc94591d676e929fac6d314ff61c2c90146696b40ab75ba3ecd230d798daaa2f3kernel-2.6.32-696.13.2.el6.i686.rpm9ebb5ae6f28ed3ab5752a60214296dcf69c677c392baab7ff1b6959337711de2kernel-headers-2.6.32-696.13.2.el6.i686.rpma99a9b667f63c1546194acb98666c6ca6a364b42acd73917be2b21b34c77c5b3kernel-firmware-2.6.32-696.13.2.el6.noarch.rpm4aafa206050bfcd23af7a4e16e482a52c2e87dd3720204d08e8d1fd75e3d37f7SLSA-2017:2885-1This update upgrades Thunderbird to version 52.4.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7810, CVE-2017-7793, CVE-2017-7818, CVE-2017-7819, CVE-2017-7824, CVE-2017-7814, CVE-2017-7823)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-52.4.0-2.el6_9.i686.rpmd10b549dad59571673d0e59e7afe68090e7f986636268ba78977470a8ac09f92SLSA-2017:2911-1Security Fix(es): * A new exploitation technique called key reinstallation attacks (KRACK) affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13087)importantScientific Linux FermiScientific Linux Fermi 6wpa_supplicant-0.7.3-9.el6_9.2.i686.rpm34880e862ab92cb9806c408c37343ec818af6780f46d0f0bff6c959e579dd2e3SLSA-2017:2972-1Security Fix(es): * A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798) * A regression was found in the Scientific Linux 6.9 version of httpd, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource. (CVE-2017-12171)moderateScientific Linux FermiScientific Linux Fermi 6httpd-devel-2.2.15-60.sl6.6.i686.rpma941364a85c9e9019cd612d4a201a9673ffc1102d71195db9cb7c4a22db27654httpd-tools-2.2.15-60.sl6.6.i686.rpmee0022c666f4648a60e84ab846debacb9cfebb4aec4e93e2c23263ed9c8caf9ehttpd-2.2.15-60.sl6.6.i686.rpma18a00e17af52e08bf8da96872337d3927d0662ea8b20f3246976e9a9f9a57ccmod_ssl-2.2.15-60.sl6.6.i686.rpme9221783af9d79298e80c8548d8aec60e493799bc5eaba6511f1bc1a57b7139bhttpd-manual-2.2.15-60.sl6.6.noarch.rpmf6a98b36d518261d39834d10f98d2d9b8c712ddeab2254d101807779104914a7SLSA-2017:2998-1Security Fix(es): * Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10285, CVE-2017-10346) * It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the- middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients. (CVE-2017-10388) * It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store. (CVE-2017-10356) * A flaw was found in the Smart Card IO component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2017-10274) * It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server. (CVE-2017-10355) * It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request. (CVE-2017-10295) * It was discovered that multiple classes in the JAXP, Serialization, Libraries, and JAX-WS components of OpenJDK did not limit the amount of memory allocated when creating object instances from the serialized form. A specially-crafted input could cause a Java application to use an excessive amount of memory when deserialized. (CVE-2017-10349, CVE-2017-10357, CVE-2017-10347, CVE-2017-10281, CVE-2017-10345, CVE-2017-10348, CVE-2017-10350) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.criticalScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-headless-1.8.0.151-1.b12.el6_9.i686.rpmb36b3f65a059ddcc38b446de7c51039c2fd49ccc51252ca7bffb45f4f2cc92c2java-1.8.0-openjdk-devel-debug-1.8.0.151-1.b12.el6_9.i686.rpma43ac61be5fb3aa41870592d1227dc70b2f64097dc2d95d1c79ee68fb9bc2765java-1.8.0-openjdk-src-1.8.0.151-1.b12.el6_9.i686.rpm86ff55cd4b9308f86d5f47e80bc5ee9d7dcb07f387bc9fcb926dc3a4a5398adejava-1.8.0-openjdk-javadoc-debug-1.8.0.151-1.b12.el6_9.noarch.rpmcded3938597dd71d3b8447cd66192496c952a91d12b8422daa5973a25c69f5ccjava-1.8.0-openjdk-demo-1.8.0.151-1.b12.el6_9.i686.rpm6be117ded0f561f1a29e6676900daa47e6b640f98c0712280bbb1087424762adjava-1.8.0-openjdk-javadoc-1.8.0.151-1.b12.el6_9.noarch.rpm8db9cf01a9cf2b418d088b04ea6a5077a3be113b7cd1c4e77e6caf34c5e599e1java-1.8.0-openjdk-demo-debug-1.8.0.151-1.b12.el6_9.i686.rpm60b9e207adcc91eb88fc588dc5af376efdc5d7bf8faf4a23d0d0ec3ae1b9f110java-1.8.0-openjdk-devel-1.8.0.151-1.b12.el6_9.i686.rpm1fb857fd974d60a0d7c2cfd9b83ab6fd8b78fbe0ded03050b0a58a23f91aa0c9java-1.8.0-openjdk-debug-1.8.0.151-1.b12.el6_9.i686.rpm904cb03cdbcd05038aa7437cbfa2807af7fd00c2150db9460d81e602e31bf412java-1.8.0-openjdk-headless-debug-1.8.0.151-1.b12.el6_9.i686.rpma599262687aa327621cbcec8874d9c15b384d9b3c3678d846bd43dacbcf9dfdfjava-1.8.0-openjdk-src-debug-1.8.0.151-1.b12.el6_9.i686.rpm7c840173d3ad9c8a3684e34c79d1a8c7d331a61f8cb27199c35c22f68aa342ccjava-1.8.0-openjdk-1.8.0.151-1.b12.el6_9.i686.rpmff24600f03a627ec25fa8b9df6673940390bd403dbc2204265a5492f581465beSLSA-2017:3071-1Security Fix(es): * Two vulnerabilities were discovered in the NTP server's parsing of configuration directives. A remote, authenticated attacker could cause ntpd to crash by sending a crafted message. (CVE-2017-6463, CVE-2017-6464) * A vulnerability was found in NTP, in the parsing of packets from the /dev/datum device. A malicious device could send crafted messages, causing ntpd to crash. (CVE-2017-6462)moderateScientific Linux FermiScientific Linux Fermi 6ntp-perl-4.2.6p5-12.el6_9.1.i686.rpm3d079faf9dd6adf901120946a9dbdb2aafbee290e51bfcd27a3fbc9044ca0bd6ntp-doc-4.2.6p5-12.el6_9.1.noarch.rpmc25d5ae9eb12cd8f5903eab7de6b201d70035b4343ddeaf5c3c6575899d780e9ntp-4.2.6p5-12.el6_9.1.i686.rpmab6bf26fec4bf1c0c88cdd89d8ae6899f50330b3a5e418f51fb99b36837d31d9ntpdate-4.2.6p5-12.el6_9.1.i686.rpm1a3f56f3bc02580ecd664ef6a87f1cb9616bc5df3bc45d3f675df6bf090ea381SLSA-2017:3080-1Security Fix(es): * A vulnerability was discovered in Tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647) * A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664) * Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)importantScientific Linux FermiScientific Linux Fermi 6tomcat6-el-2.1-api-6.0.24-111.el6_9.noarch.rpma242e04823176bb9a30a1932b0e9aa0f534faf13bdb9155fe66f2deebd27d227tomcat6-javadoc-6.0.24-111.el6_9.noarch.rpmd92cd24c3791076fe5d4220d3db6eec296de2fb0501e9935c0b672fc535bf7fctomcat6-lib-6.0.24-111.el6_9.noarch.rpm70df8a6bfa699bce9f5d0c0c61a70e9e862ffdca4465ecdb0da239bc54c43fa7tomcat6-docs-webapp-6.0.24-111.el6_9.noarch.rpm4801abedcb8a8aead259080473f95ce08a49dda6b960c1a66deeb17b7ad1c243tomcat6-servlet-2.5-api-6.0.24-111.el6_9.noarch.rpm4a24723c75d4f6e6db258de8fd76ed277395ed575fe955f6145da0f295a03dddtomcat6-webapps-6.0.24-111.el6_9.noarch.rpm9ebf33fcc9990522d5a4d32dbaa116cedbac8b40c04d01ff2922e9fd23e95750tomcat6-6.0.24-111.el6_9.noarch.rpmc26fdc8896543d7817670148450f37c6cfc3c25908a29dd8a794a38b423f7ae2tomcat6-admin-webapps-6.0.24-111.el6_9.noarch.rpm8708517cbfe8ee1077fb7ac81870a410274b8d6e94b4369a230186ec5255fcd2tomcat6-jsp-2.1-api-6.0.24-111.el6_9.noarch.rpm2cb699feacba802bd8b22e797994513874296ea630c508ce2efc3f3284641404SLSA-2017:3200-1Security Fix(es): * A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system. (CVE-2017-1000111, Important) * An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ip_ufo_append_data() when building an UFO packet with MSG_MORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privileges. (CVE-2017-1000112, Important) * A divide-by-zero vulnerability was found in the __tcp_select_window function in the Linux kernel. This can result in a kernel panic causing a local denial of service. (CVE-2017-14106, Moderate) Bug Fix(es): * When the operating system was booted with RHEV/oVirt, and the eh_deadline sysfs parameter was set to 10s, the Storage Area Network (SAN) issues caused eh_deadline to trigger with no handler. Consequently, a kernel panic occurred. This update fixes the lpfc driver, thus preventing the kernel panic under described circumstances. * When an NFS server returned the NFS4ERR_BAD_SEQID error to an OPEN request, the open-owner was removed from the state_owners rbtree. Consequently, NFS4 client infinite loop that required a reboot to recover occurred. This update changes NFS4ERR_BAD_SEQID handling to leave the open-owner in the state_owners rbtree by updating the create_time parameter so that it looks like a new open-owner. As a result, an NFS4 client is now able to recover without falling into the infinite recovery loop after receiving NFS4ERR_BAD_SEQID. * If an NFS client attempted to mount NFSv3 shares from an NFS server exported directly to the client's IP address, and this NFS client had already mounted other shares that originated from the same server but were exported to the subnetwork which this client was part of, the auth.unix.ip cache expiration was not handled correctly. Consequently, the client received the 'stale file handle' errors when trying to mount the share. This update fixes handling of the cache expiration, and the NFSv3 shares now mount as expected without producing the 'stale file handle' errors. * When running a script that raised the tx ring count to its maximum value supported by the Solarflare Network Interface Controller (NIC) driver, the EF10 family NICs allowed the settings exceeding the hardware's capability. Consequently, the Solarflare hardware became unusable with Scientific Linux 6. This update fixes the sfc driver, so that the tx ring can have maximum 2048 entries for all EF10 NICs. As a result, the Solarflare hardware no longer becomes unusable.importantScientific Linux FermiScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-696.16.1.el6.noarch.rpm0af4b1ab5e56d14bd8d74131ac1e4a6014b577980ae7741af5f70544354792f0perf-2.6.32-696.16.1.el6.i686.rpm93d77ae9f63cc95fe167ae8a988596c22bbfb38ba1b2e3c13fa906b7c00f03e7kernel-headers-2.6.32-696.16.1.el6.i686.rpmdce0cec4a195aed8aa28b2b4ea36a103892a56f50dc4dce79dde5a332a6ac6ackernel-firmware-2.6.32-696.16.1.el6.noarch.rpm282cf7cf8d7501c367bda3adc1a4e44b35848ed17c9c1eb2eff1a63c946a13aakernel-doc-2.6.32-696.16.1.el6.noarch.rpm1f4f2c2a62a42d515e7ae0255c3f9a2a7d44a1751f93a4f93aacbd57c80eead0kernel-debug-2.6.32-696.16.1.el6.i686.rpm428a8a0073cf8dee843acf7221b8ab394fb0271a0db20fdcfed145932e72e6fckernel-devel-2.6.32-696.16.1.el6.i686.rpm7396cf8b5969ad0c26e3a1f63c9236944a3ece2fd710a54c6305fdb9fd0f258bpython-perf-2.6.32-696.16.1.el6.i686.rpm9d71a943c3413fe194ac41a7520920b7f16e27f8fc5e4a4c98faf193f8f76baakernel-debug-devel-2.6.32-696.16.1.el6.i686.rpm12fce8b6da30a42427117e9b2cc36160cfba0ac2fcbc7b2744bac9dc5e33f81bkernel-2.6.32-696.16.1.el6.i686.rpmd587327842ada0f551a72b2d6eb8d3b446e14d71a45402cedfaade2d5b20e9acSLSA-2017:3247-1This update upgrades Firefox to version 52.5.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-7826, CVE-2017-7828, CVE-2017-7830)criticalScientific Linux FermiScientific Linux Fermi 6firefox-52.5.0-1.el6_9.i686.rpm0f6f5df535b0a99473466e27223d8e6acd0cb38be4b7ca5d5dea7230168438e9SLSA-2017:3270-1Security Fix(es): * An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)importantScientific Linux FermiScientific Linux Fermi 6apr-devel-1.3.9-5.el6_9.1.i686.rpma9c97028a603580d611bb9017851234fc3fe7e13f205dba3ec79b1360004c6f4apr-1.3.9-5.el6_9.1.i686.rpmac520e8990617bfb66ac8eeb6d0eb4def426d90f5d722b7e61ef811083775d29SLSA-2017:3278-1Security Fix(es): * A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash or execute arbitrary code. (CVE-2017-14746) * A memory disclosure flaw was found in samba. An attacker could retrieve parts of server memory, which could contain potentially sensitive data, by sending specially-crafted requests to the samba server. (CVE-2017-15275)importantScientific Linux FermiScientific Linux Fermi 6samba4-winbind-clients-4.2.10-12.el6_9.i686.rpm680e6f8b6a1a957341b46a999a9c4a04c0dcdbb488742fab27ce41c45a98d33csamba4-libs-4.2.10-12.el6_9.i686.rpm2526af8ea832eeec6c716025da9a2ae18c73d7c09e6ab3315676837486f372a7samba4-dc-4.2.10-12.el6_9.i686.rpm906e2cbaf54f583d3f8699b0d18ebf4943891ce46ee65e4307df3200b122ba84samba4-dc-libs-4.2.10-12.el6_9.i686.rpmac35cc446098f2927f4b27509194df763b942f73cd69dad0e50b80eafc640789samba4-winbind-krb5-locator-4.2.10-12.el6_9.i686.rpm9e0af30e8320585779022ce02b1a2055f1d9c1ef9fdae39e47117d58ec245dc3samba4-devel-4.2.10-12.el6_9.i686.rpmf0fb00e5f6b9dbdc54216975b000d378cf1e75d98212e0790a03b915c8899c1esamba4-pidl-4.2.10-12.el6_9.i686.rpm90b3353e3d49890ed70976909ba6b105bba414ed1314d2d370b0e6fadd4de1c0samba4-client-4.2.10-12.el6_9.i686.rpm7d51901809263de4969d753bc2ab55eba639b2a1ff62942265c5810b93cb6bc1samba4-common-4.2.10-12.el6_9.i686.rpme0761a78eea036b5722da561c902eb013869861487495bd04bc57eedaf1cfdebsamba4-4.2.10-12.el6_9.i686.rpmf7a7156987f43988bd9b8c6009e9ef2676de5ab28aa9ab111ce61388480eefa8samba4-python-4.2.10-12.el6_9.i686.rpm2cd6a76fab2374c662a71bf53f1e75d2ae16013c3660aec3e154b62dd209c22esamba4-test-4.2.10-12.el6_9.i686.rpm5ba8098ebe1c760245f0011d48c0d7631f2ccd14757927519ed228059b026958samba4-winbind-4.2.10-12.el6_9.i686.rpm1e79e159b915bbe2344bf8bc779edadcfc0364ffd579e67531203a79ae0ceb85SLSA-2017:3372-1This update upgrades Thunderbird to version 52.5.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7826, CVE-2017-7828, CVE-2017-7830)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-52.5.0-1.el6_9.i686.rpm09984b81911042bbd30b68be77fd4027bbea11f63de42f818939607eabfbbc93SLSA-2017:3382-1This update upgrades Firefox to version 52.5.1 ESR. Security Fix(es): * A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared when exiting and would persist across multiple sessions. A malicious website could exploit the flaw to bypass private-browsing protections and uniquely fingerprint visitors. (CVE-2017-7843)importantScientific Linux FermiScientific Linux Fermi 6firefox-52.5.1-1.el6_9.i686.rpm9e71dc27fea2298deb8b2d4d285f2221def7abf3772c7c3993da937037251d5dSLSA-2017:3392-1Security Fix(es): * Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-10285, CVE-2017-10346) * It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the- middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients. (CVE-2017-10388) * It was discovered that the Security component of OpenJDK generated weak password-based encryption keys used to protect private keys stored in key stores. This made it easier to perform password guessing attacks to decrypt stored keys if an attacker could gain access to a key store. (CVE-2017-10356) * Multiple flaws were found in the Smart Card IO and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-10274, CVE-2017-10193) * It was found that the FtpClient implementation in the Networking component of OpenJDK did not set connect and read timeouts by default. A malicious FTP server or a man-in-the-middle attacker could use this flaw to block execution of a Java application connecting to an FTP server. (CVE-2017-10355) * It was found that the HttpURLConnection and HttpsURLConnection classes in the Networking component of OpenJDK failed to check for newline characters embedded in URLs. An attacker able to make a Java application perform an HTTP request using an attacker provided URL could possibly inject additional headers into the request. (CVE-2017-10295) * It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using one of the disabled algorithms. (CVE-2017-10198) * It was discovered that multiple classes in the JAXP, Serialization, Libraries, and JAX-WS components of OpenJDK did not limit the amount of memory allocated when creating object instances from the serialized form. A specially-crafted input could cause a Java application to use an excessive amount of memory when deserialized. (CVE-2017-10349, CVE-2017-10357, CVE-2017-10347, CVE-2017-10281, CVE-2017-10345, CVE-2017-10348, CVE-2017-10350) Bug Fix(es): * Previously, OpenJDK could not handle situations when the kernel blocked on a read even when polling the socket indicated that a read is possible. As a consequence, OpenJDK could hang indefinitely. With this update, OpenJDK polls with a timeout and performs a non-blocking read on success, and it no longer hangs in these situations.importantScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.161-2.6.12.0.el6_9.i686.rpm096e4e15785da91b48383f4350114509ac6094243d952c71a9070a60ae945624java-1.7.0-openjdk-javadoc-1.7.0.161-2.6.12.0.el6_9.noarch.rpm0546099399c7a1e7f1a31e39884d901b09a424aa4cfe1c778714a9e6e527e7b2java-1.7.0-openjdk-demo-1.7.0.161-2.6.12.0.el6_9.i686.rpmd499e30193daec1933b6b6cc60f849c0f1a70f5603b90ecb4ee54fd37ec804b5java-1.7.0-openjdk-src-1.7.0.161-2.6.12.0.el6_9.i686.rpm515ac72a5bde1be2d109f2c59e6d3bdd49bec5913df546dd682960a3f8a6c6d7java-1.7.0-openjdk-1.7.0.161-2.6.12.0.el6_9.i686.rpmdc2ab82e067e0d1f47ceeeec7087aaa6ae3f03ed8f25dcc83eaf2e4cfacc0f74SLSA-2018:0008-1Security Fix(es): An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty. The performance impact of these patches may vary considerably based on workload and hardware configuration. In this update mitigations for x86-64 architecture are provided. Variant CVE-2017-5753 triggers the speculative execution by performing a bounds-check bypass. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall boundary and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5753, Important) Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715, Important) Variant CVE-2017-5754 relies on the fact that, on impacted microprocessors, during speculative execution of instruction permission faults, exception generation triggered by a faulting access is suppressed until the retirement of the whole instruction block. In a combination with the fact that memory accesses may populate the cache even when the block is being dropped and never committed (executed), an unprivileged local attacker could use this flaw to read privileged (kernel space) memory by conducting targeted cache side-channel attacks. (CVE-2017-5754, Important) Note: CVE-2017-5754 affects Intel x86-64 microprocessors. AMD x86-64 microprocessors are not affected by this issue.importantScientific Linux FermiScientific Linux Fermi 6kernel-devel-2.6.32-696.18.7.el6.i686.rpmd7f2d87a4f9490c74d02fd22a201a7793153c2423ef45c7d50d87e06cc9bdf05python-perf-2.6.32-696.18.7.el6.i686.rpmee42762154dbfa0c7f671597f8a2ece3cb3d60fc8c3d593606813a0141638bb3kernel-debug-devel-2.6.32-696.18.7.el6.i686.rpm960a36ac27e122c13b8571ad7752ffd6b830592219f1a2826155c1c8aac26f78kernel-doc-2.6.32-696.18.7.el6.noarch.rpm38165086edde4ebb7d2022909e3e4173c327f9870a69e788cb3e5cb54e6c2068kernel-abi-whitelists-2.6.32-696.18.7.el6.noarch.rpmea8f54717c1b946365f59c6c7dd52181bd0e9ec7328e4cb2a75454053e7c4d19kernel-debug-2.6.32-696.18.7.el6.i686.rpmf29d01a23e80e581aa493933bffcb80e8c1dce98db5ffd9e608ff3e1f399fed8kernel-firmware-2.6.32-696.18.7.el6.noarch.rpmf6a846095d12822036604909ee078ed1de46aa50ce5038e93335a868b331cc4aperf-2.6.32-696.18.7.el6.i686.rpm4775b7008ce9a920b0c17d7508cd6ef33f9f7b3f101838c8a12dd9c3b089cb0akernel-headers-2.6.32-696.18.7.el6.i686.rpme0f49a9c45e2820d6100ff031004034f2d8138ebc14ef8ba65aabde7e3197fe8kernel-2.6.32-696.18.7.el6.i686.rpm194101d24d5184c71d4ea92ec7a90060012c99ee08e032a0917f9087e577b552SLSA-2018:0013-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715) Note: This is the microcode counterpart of the CVE-2017-5715 kernel mitigation.importantScientific Linux FermiScientific Linux Fermi 6microcode_ctl-1.17-25.2.el6_9.i686.rpmc4e884c935aa0e32ce622d763ee4493aeb114fcc28294005dc399f1e291096a2SLSA-2018:0024-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715) Note: This is the qemu-kvm side of the CVE-2017-5715 mitigation.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.503.el6_9.4.i686.rpmb5752f2118969b6e0a7ec8d9ce50c734b8540c9016035ba0249d9297e8d451ffSLSA-2018:0030-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimization). There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Variant CVE-2017-5715 triggers the speculative execution by utilizing branch target injection. It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory accesses may cause allocation into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to cross the syscall and guest/host boundaries and read privileged memory by conducting targeted cache side-channel attacks. (CVE-2017-5715) Note: This is the libvirt side of the CVE-2017-5715 mitigation.importantScientific Linux FermiScientific Linux Fermi 6libvirt-devel-0.10.2-62.el6_9.1.i686.rpm2c8093d006167a5a5603b0a421cd0c04fdac1f373a41396a829e1af085e95805libvirt-client-0.10.2-62.el6_9.1.i686.rpm0c214f9dc23f74366e7b81ec6a83481470a248fd63856b733fb3683515a4406blibvirt-python-0.10.2-62.el6_9.1.i686.rpm6e518479c26939c853c2820c72f1b45dadc08304413990e0e2cc9f83e118c590libvirt-0.10.2-62.el6_9.1.i686.rpmd9ddc6cf4c8bca41b9848026a68de52e4d2c698471b11de40e3476c69d13f0c3SLSA-2018:0061-1This update upgrades Thunderbird to version 52.5.2. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-7846, CVE-2017-7847, CVE-2017-7848, CVE-2017-7829)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-52.5.2-1.el6_9.i686.rpm81a1683292f9130eccb61da1b850d152f4721307a59264b91bba0bae3fc0ef4bSLSA-2018:0093-1This update supersedes the previous microcode update provided with the CVE-2017-5715 (Spectre) CPU branch injection vulnerability mitigation. Further testing has uncovered problems with the microcode provided along with the Spectre mitigation that could lead to system instabilities. As a result, this microcode update reverts to the last known good microcode version dated before 03 January 2018. You should contact your hardware provider for the latest microcode updates. IMPORTANT: If you are using Intel Skylake-, Broadwell-, and Haswell-based platforms, obtain and install updated microcode from your hardware vendor immediately. The "Spectre" mitigation requires both an updated kernel and updated microcode from your hardware vendor.importantScientific Linux FermiScientific Linux Fermi 6microcode_ctl-1.17-25.4.el6_9.i686.rpm36e24646eacef60e0cd5cd9ae50d417b189f9be72ccd460d46b07ab6037eaba4SLSA-2018:0095-1Security Fix(es): * Multiple flaws were found in the Hotspot and AWT components of OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2018-2582, CVE-2018-2641) * It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633) * The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634) * It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637) * It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588) * It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599) * It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602) * It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603) * It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618) * It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. (CVE-2018-2629) * It was discovered that multiple classes in the Libraries, AWT, and JNDI components of OpenJDK did not sufficiently validate input when creating object instances from the serialized form. A specially-crafted input could cause a Java application to create objects with an inconsistent state or use an excessive amount of memory when deserialized. (CVE-2018-2663, CVE-2018-2677, CVE-2018-2678) * It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. (CVE-2018-2579) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.importantScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-devel-1.8.0.161-3.b14.el6_9.i686.rpm27859694f8a022017ea7a2ff46e3627d4baefe3bd1137582df8faa725b3a7c2bjava-1.8.0-openjdk-demo-debug-1.8.0.161-3.b14.el6_9.i686.rpme88c47edfef8392972976cff41332c0dc0221e8e9c0e7e2c8689c5876509e157java-1.8.0-openjdk-headless-debug-1.8.0.161-3.b14.el6_9.i686.rpmc87b152efa4ffde04a04d47dbbbc4f267c3d4de0af4b68b39c5a7ddbe9a8e02bjava-1.8.0-openjdk-debug-1.8.0.161-3.b14.el6_9.i686.rpmb2418fa8d02f22732f268dcad8f117693ad772ed25a80fe579c850cdc599b10fjava-1.8.0-openjdk-javadoc-1.8.0.161-3.b14.el6_9.noarch.rpmfcd6546b6a231dc626409c62df1f3ae0c9342ae9429f77162e7feb191b5f445cjava-1.8.0-openjdk-1.8.0.161-3.b14.el6_9.i686.rpm75c27a4325c23f932d5e1e55897728832784acc7d104a49c8af6acaa4a674216java-1.8.0-openjdk-src-debug-1.8.0.161-3.b14.el6_9.i686.rpm21ec2d326a01cbde6595ec5d50a7c82a4d4138921763c4e2ab0f485c3bc214c8java-1.8.0-openjdk-devel-debug-1.8.0.161-3.b14.el6_9.i686.rpmed6378e0750aadd21b412960a55a6ffeba0a1a06120e4a2e5c4b67f56e9156bbjava-1.8.0-openjdk-demo-1.8.0.161-3.b14.el6_9.i686.rpm057ee2984904346d3b0f14c954073804deb8bb8b691bfd996cb071aaa45ae8ccjava-1.8.0-openjdk-javadoc-debug-1.8.0.161-3.b14.el6_9.noarch.rpmc9a147b638abf5482928cb63bd2951ea59ba835e9952131bb37687043e9741f2java-1.8.0-openjdk-src-1.8.0.161-3.b14.el6_9.i686.rpm37fd1eb7be07bf0d24295020522776258efb907ddb13a2880110ad7803ba7057java-1.8.0-openjdk-headless-1.8.0.161-3.b14.el6_9.i686.rpmc75f4aa55d43fba2afa110813555520918a30d64cac2ad10d6e2fe8a0a9334f7SLSA-2018:0101-1Security Fix(es): * A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion failure via a specially crafted DNS request. (CVE-2017-3145)importantScientific Linux FermiScientific Linux Fermi 6bind-utils-9.8.2-0.62.rc1.el6_9.5.i686.rpm34b995e52f4dba4c7f03d1a602516a43a4c9c2569820d9978da7b93fe6e65032bind-libs-9.8.2-0.62.rc1.el6_9.5.i686.rpmb7adb73279c3161ea0cbcfbeb610fc17f115f56026c35c0768f68a0598cec7a0bind-9.8.2-0.62.rc1.el6_9.5.i686.rpm84b019fa6d67619886ef9aa506612fa03f97782aea65fad4fa796606be83880abind-devel-9.8.2-0.62.rc1.el6_9.5.i686.rpm9058d8aee3ab3f6558003d95fdb7fb54591e32e45845d816e4564714c3991457bind-chroot-9.8.2-0.62.rc1.el6_9.5.i686.rpm459e4d3d453be09c97ff2c5cb0fb0360279501d90b1d3cc2216f4f83138360bcbind-sdb-9.8.2-0.62.rc1.el6_9.5.i686.rpm39f0ee9b476aa256feecb250b8a16f12e56f45a41c13ef6ac46874f44b9f4949SLSA-2018:0122-1This update upgrades Firefox to version 52.6.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2018-5089, CVE-2018-5091, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5117) * To mitigate timing-based side-channel attacks similar to "Spectre" and "Meltdown", the resolution of performance.now() has been reduced from 5s to 20s.criticalScientific Linux FermiScientific Linux Fermi 6firefox-52.6.0-1.el6_9.i686.rpm5eaee715e80a9dd15bc26733071cca07e4eb56786c5ddc7853c3f33f6ed536ddSLSA-2018:0169-1Security Fix(es): * An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges (of CAP_NET_RAW) to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function. (CVE-2017-7542, Moderate) * The IPv6 fragmentation implementation in the Linux kernel does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely. (CVE-2017-9074, Moderate) * A use-after-free flaw was found in the Netlink functionality of the Linux kernel networking subsystem. Due to the insufficient cleanup in the mq_notify function, a local attacker could potentially use this flaw to escalate their privileges on the system. (CVE-2017-11176, Moderate) Bug Fix(es): * Previously, the default timeout and retry settings in the VMBus driver were insufficient in some cases, for example when a Hyper-V host was under a significant load. Consequently, in Windows Server 2016, Hyper-V Server 2016, and Windows Azure Platform, when running a Scientific Linux Guest on the Hyper-V hypervisor, the guest failed to boot or booted with certain Hyper-V devices missing. This update alters the timeout and retry settings in VMBus, and Scientific Linux guests now boot as expected under the described conditions. * Previously, an incorrect external declaration in the be2iscsi driver caused a kernel panic when using the systool utility. With this update, the external declaration in be2iscsi has been fixed, and the kernel no longer panics when using systool. * Under high usage of the NFSD file system and memory pressure, if many tasks in the Linux kernel attempted to obtain the global spinlock to clean the Duplicate Reply Cache (DRC), these tasks stayed in an active wait in the nfsd_reply_cache_shrink() function for up to 99% of time. Consequently, a high load average occurred. This update fixes the bug by separating the DRC in several parts, each with an independent spinlock. As a result, the load and CPU utilization is no longer excessive under the described circumstances. * When attempting to attach multiple SCSI devices simultaneously, Scientific Linux 6.9 on IBM z Systems sometimes became unresponsive. This update fixes the zfcp device driver, and attaching multiple SCSI devices simultaneously now works as expected in the described scenario. * On IBM z Systems, the tiqdio_call_inq_handlers() function in the Linux kernel incorrectly cleared the device state change indicator (DSCI) for the af_iucv devices using the HiperSockets transport with multiple input queues. Consequently, queue stalls on such devices occasionally occurred. With this update, tiqdio_call_inq_handlers() has been fixed to clear the DSCI only once, prior to scanning the queues. As a result, queue stalls for af_iucv devices using the HiperSockets transport no longer occur under the described circumstances. * Previously, small data chunks caused the Stream Control Transmission Protocol (SCTP) to account the receiver_window (rwnd) values incorrectly when recovering from a "zero-window situation". As a consequence, window updates were not sent to the peer, and an artificial growth of rwnd could lead to packet drops. This update properly accounts such small data chunks and ignores the rwnd pressure values when reopening a window. As a result, window updates are now sent, and the announced rwnd reflects better the real state of the receive buffer.importantScientific Linux FermiScientific Linux Fermi 6kernel-firmware-2.6.32-696.20.1.el6.noarch.rpm98ebd887b572ae5f9cb3c3ce9459836e59fbacde6bfa2cc21ea0c874c00dce7akernel-debug-devel-2.6.32-696.20.1.el6.i686.rpmd7a56b2c86d150d20d3d149e0311bd675585062a572a8290c2ed9e8eae3966f2kernel-2.6.32-696.20.1.el6.i686.rpm003748bf35aa1261a50f35edf033d05e8e7d450f1ef6f1a93532a6b75b25cc30kernel-debug-2.6.32-696.20.1.el6.i686.rpm9b4107477ee0a108dbf7d4d8d870fbcc96ab46d1d9a1f431fce4bcf382e5124akernel-doc-2.6.32-696.20.1.el6.noarch.rpm98dcda697b4a49fa6e429456dc1f7cb4d66e4e9afeb255dda140d714073163dcpython-perf-2.6.32-696.20.1.el6.i686.rpm07868a190ce61bb67b0327b89aa50fd6bdc9d53b3a50deb72838a6133fdd9d86kernel-devel-2.6.32-696.20.1.el6.i686.rpm4bc39747ce7326d5a9ebbc3247b372931df564f309f62a38136f2d9cf35a9cc4kernel-headers-2.6.32-696.20.1.el6.i686.rpm6fc7b8e330840a3db69edb72f7b61a44729b8eadc2a69b51ce98a9b2993f92eakernel-abi-whitelists-2.6.32-696.20.1.el6.noarch.rpmebae57cf0e3745f917ff6c403181cd9f995ff43e0a46e4a8f70a1e000f2ad87aperf-2.6.32-696.20.1.el6.i686.rpm32ec81a576201cf8dc1dae15c78c8ef3f481705328cf4c2279f7b3bd517318acSLSA-2018:0262-1This update upgrades Thunderbird to version 52.6.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2018-5089, CVE-2018-5095, CVE-2018-5096, CVE-2018-5097, CVE-2018-5098, CVE-2018-5099, CVE-2018-5102, CVE-2018-5103, CVE-2018-5104, CVE-2018-5117)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-52.6.0-1.el6_9.i686.rpmf9e9aae80c7fb6cd47b748f41ab7abb977a7d9769af227175b99dd821716afd4SLSA-2018:0349-1Security Fix(es): * A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2018-2641) * It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data. (CVE-2018-2633) * The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application. (CVE-2018-2634) * It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions. (CVE-2018-2637) * It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class. (CVE-2018-2588) * It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries. (CVE-2018-2599) * It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file. (CVE-2018-2602) * It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input. (CVE-2018-2603) * It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret. (CVE-2018-2618) * It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context. (CVE-2018-2629) * It was discovered that multiple classes in the Libraries, AWT, and JNDI components of OpenJDK did not sufficiently validate input when creating object instances from the serialized form. A specially-crafted input could cause a Java application to create objects with an inconsistent state or use an excessive amount of memory when deserialized. (CVE-2018-2663, CVE-2018-2677, CVE-2018-2678) * It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out. (CVE-2018-2579)importantScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.171-2.6.13.0.el6_9.i686.rpmda10a92d2fbc9cb7be9a2b512ccd7ffe65b06dc374cf655b875bf97d6553848fjava-1.7.0-openjdk-javadoc-1.7.0.171-2.6.13.0.el6_9.noarch.rpm5c27343a2890e6dec0a67673878033699d26c2463f0b0cc8012219c70256ff31java-1.7.0-openjdk-demo-1.7.0.171-2.6.13.0.el6_9.i686.rpm1d1b9c824c4a90d2cd43ef463b0692a65f2217e0b97c006b17a410cd23c09b6ejava-1.7.0-openjdk-src-1.7.0.171-2.6.13.0.el6_9.i686.rpm98862eff8089afd21f8157e3688e4a5ebf8766219fdc2411822c3b1943848ddajava-1.7.0-openjdk-1.7.0.171-2.6.13.0.el6_9.i686.rpm082c1725e06a33b796b3491229e2681c0802d8151f3dd9dc203889f61f3ec6bdSLSA-2018:0469-1Security Fix(es): * dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server (CVE-2018-5732) * dhcp: Reference count overflow in dhcpd allows denial of service (CVE-2018-5733)importantScientific Linux FermiScientific Linux Fermi 6dhcp-devel-4.1.1-53.P1.el6_9.3.i686.rpm3a3ad35eef197bdb31d2155b6ed114088448c6e7ce63b6ef40124c2e1b81fbeadhcp-4.1.1-53.P1.el6_9.3.i686.rpm14b09f54c25fb18176f8c158be844fd62a0bef429e90fe3d8056c1f9ef31c207dhcp-common-4.1.1-53.P1.el6_9.3.i686.rpmf449e29bc84958ee062ad17201c93cfbb65308420a775d6b0806986fac0f7935dhclient-4.1.1-53.P1.el6_9.3.i686.rpm0fc62ec04cf0442e22344f8cf17f1393cc82b154b0b435349420a573e4b4aaffSLSA-2018:0504-1Security Fix(es): * mailman: Cross-site scripting (XSS) vulnerability in web UI (CVE-2018-5950)moderateScientific Linux FermiScientific Linux Fermi 6mailman-2.1.12-26.el6_9.3.i686.rpm6e4fdcb3aae07ec349978aeb14f8931720e94d0243a67cccf5d1ed1aeca93b80SLSA-2018:0512-1Security Fix(es): * hw: cpu: speculative execution branch target injection (s390-only) (CVE-2017-5715, Important) * hw: cpu: speculative execution bounds-check bypass (s390 and powerpc) (CVE-2017-5753, Important) * hw: cpu: speculative execution permission faults handling (powerpc-only) (CVE-2017-5754) Bug Fixes: * If a fibre channel (FC) switch was powered down and then powered on again, the SCSI device driver stopped permanently the SCSI device's request queue. Consequently, the FC port login failed, leaving the port state as "Bypassed" instead of "Online", and users had to reboot the operating system. This update fixes the driver to avoid the permanent stop of the request queue. As a result, SCSI device now continues working as expected after power cycling the FC switch. * Previously, on final close or unlink of a file, the find_get_pages() function in the memory management sometimes found no pages even if there were some pages left to save. Consequently, a kernel crash occurred when attempting to enter the unlink() function. This update fixes the find_get_pages() function in the memory management code to not return 0 too early. As a result, the kernel no longer crashes due to this behavior. * Using IPsec connections under a heavy load could previously lead to a network performance degradation, especially when using the aesni-intel module. This update fixes the issue by making the cryptd queue length configurable so that it can be increased to prevent an overflow and packet drop. As a result, using IPsec under a heavy load no longer reduces network performance. * Previously, a deadlock in the bnx2fc driver caused all adapters to block and the SCSI error handler to become unresponsive. As a result, data transferring through the adapter was sometimes blocked. This update fixes bnx2fc, and data transferring through the adapter is no longer blocked due to this behavior. * If an NFSv3 client mounted a subdirectory of an exported file system, a directory entry to the mount hosting the export was incorrectly held even after clearing the cache. Consequently, attempts to unmount the subdirectory with the umount command failed with the EBUSY error. With this update, the underlying source code has been fixed, and the unmount operation now succeeds as expected in the described situation. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 6kernel-doc-2.6.32-696.23.1.el6.noarch.rpma83b458e5aab21dc60e2b8d864343aa78eb60f7eedb1325a08c932ca825e6a1ckernel-debug-devel-2.6.32-696.23.1.el6.i686.rpmfde2f0cc19ac1cccfcdf15aad251c519b0e25ad3fb1b138bd5c02da24dad8452kernel-2.6.32-696.23.1.el6.i686.rpmdd6f942e00ca94c8a233958e21291eda816da61276647a4e16be211189572f9ekernel-debug-2.6.32-696.23.1.el6.i686.rpmbf6cc82eb435a6439922c5e830bcdf5d3a6f70626fda5d331341498734c033e1kernel-abi-whitelists-2.6.32-696.23.1.el6.noarch.rpm37b3ae0497a465b631ccd3984a2a3e9cc798728ed94591faddb5a2a5154e75a3kernel-firmware-2.6.32-696.23.1.el6.noarch.rpm3b84545e6af8f07a12faf5f1655d90f9a92ffc91184849d0401a8eb586c216c3kernel-devel-2.6.32-696.23.1.el6.i686.rpm0c0fb702a7aa076b07014626a71d7fb25e4977146081ac7ddae71f723a3b363epython-perf-2.6.32-696.23.1.el6.i686.rpm1a3a88fabfaa560cb4f2dd4c577fb1bb57971fa7dc12f4652ec4cfa5341f7f4ckernel-headers-2.6.32-696.23.1.el6.i686.rpm90e50b1c3f80f8dcd4bacc9c964157f86dd07df92f07248606b8a6597098abd1perf-2.6.32-696.23.1.el6.i686.rpm7c6f20eb7aa0a50f6069554e26d94830aa233a0569ee4ece6baaf8e46bb22b20SLSA-2018:0515-1Security Fix(es): * 389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c (CVE-2018-1054) * 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c (CVE-2017-15135)importantScientific Linux FermiScientific Linux Fermi 6389-ds-base-1.2.11.15-94.el6_9.i686.rpma4ee6fe7c44e8bac7c779832663d6383946f2ca4625d1487e145bbcf04b14def389-ds-base-libs-1.2.11.15-94.el6_9.i686.rpme821576eb92d2d0421b1ce1d07a901ee4eab4f2b13b8c79da6b288eb2d70d686389-ds-base-devel-1.2.11.15-94.el6_9.i686.rpma870a25f0129f999de2c4038ff747b36272bcc38273ec4adf33f55f189b2c4c7SLSA-2018:0516-1Security Fix(es): * Qemu: cirrus: OOB access issue in mode4and5 write functions (CVE-2017-15289)moderateScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.503.el6_9.5.i686.rpm20bdddfd1aff77ca536a9ef0e76a9c485d9b794f4677097996481a47d3be1581SLSA-2018:0517-1Security Fix(es): * libreoffice: Remote arbitrary file disclosure vulnerability via WEBSERVICE formula (CVE-2018-6871)moderateScientific Linux FermiScientific Linux Fermi 6libreoffice-headless-4.3.7.2-2.el6_9.2.i686.rpmb9e1c7644ab7882b251063cced0cc0de4dd50e1e14acd262918acd2577bf671clibreoffice-langpack-ml-4.3.7.2-2.el6_9.2.i686.rpmcf12113da45a81098858af30ffb8e80d3802557774b0aa1f91177feb4d998e44libreoffice-xsltfilter-4.3.7.2-2.el6_9.2.i686.rpm7ebf077f1d96f0e9b9416ed6f8674a02ec6d3748f9e8ece13f88dbab58b477fflibreoffice-langpack-ga-4.3.7.2-2.el6_9.2.i686.rpmaf15f34516482826e0109fbffd9895eccfd303e5c411dade2b8a6fdfd2c2c1d5libreoffice-langpack-gu-4.3.7.2-2.el6_9.2.i686.rpmfe6cd2ee01eff4e43d0755ee39fa2250336467fa1b06c4b49918ef215fb88ae0libreoffice-math-4.3.7.2-2.el6_9.2.i686.rpmed502679f347fc93b1d6f5c1cf52be67e8d6a176281de76275a5ddc959a9421alibreoffice-langpack-ar-4.3.7.2-2.el6_9.2.i686.rpm206b8f7ed71769391c2e2535ca3767d38c9432cbc1f6e6e206b6a81b3914deaflibreoffice-langpack-nr-4.3.7.2-2.el6_9.2.i686.rpmd558c2645f4c241ce95aded9e72f6ba604edcb53c3c60656bd47c4de8f510510libreoffice-ogltrans-4.3.7.2-2.el6_9.2.i686.rpma0ec5181d3d9826b9ff648297bb736d11d0f5723586f7150600beb6df4f5493blibreoffice-langpack-hr-4.3.7.2-2.el6_9.2.i686.rpm386ae18cc457056345e36119871b9b55e41cdd2b49ba75f7f4da276e4828b297libreoffice-langpack-es-4.3.7.2-2.el6_9.2.i686.rpmb5d838eca3e8474bfe51b673d9de68fe3b5e559070d5efa8f05cdc1566844727autocorr-da-4.3.7.2-2.el6_9.2.noarch.rpmf28eddacdd774794afabc519000d144813a26dbf2c369060b74dab097e3c0a23libreoffice-langpack-kn-4.3.7.2-2.el6_9.2.i686.rpm20df4e3bbe3478ad782ce79fb596808fb21af72a5d87ea537d59cc3a26d50ff1libreoffice-langpack-el-4.3.7.2-2.el6_9.2.i686.rpm40e65c5e3d5182f493dfe86560feb11f53042dd0ea731c2c329f875d5a24af6alibreoffice-langpack-th-4.3.7.2-2.el6_9.2.i686.rpm4a1119a3720221cdf06a181f6c7798e3f2a27243695d395df1b1b33e91db7d95libreoffice-langpack-ca-4.3.7.2-2.el6_9.2.i686.rpm663bf89328b71f5796b5c912442077bfd52f795fee3eee279c9355b97b0e5bdelibreoffice-langpack-fr-4.3.7.2-2.el6_9.2.i686.rpm3d2636b9b787cdb08563dae304adad61361b0ccddd9101bfcee4edf2e372387fautocorr-zh-4.3.7.2-2.el6_9.2.noarch.rpmfa2d9941d28e6cb34e5a0bb598e8d641c6e9671a9e7d3b1080c29d487590dd45autocorr-en-4.3.7.2-2.el6_9.2.noarch.rpm5e8b3d4c8c4ecbb091b52384ef443c157d01b80375355017f98945af1a17cb1blibreoffice-langpack-ja-4.3.7.2-2.el6_9.2.i686.rpm256145229df59b80f51ed907f2072c4f8bec6d9fd8b30638ac3d001e156544a8libreoffice-filters-4.3.7.2-2.el6_9.2.i686.rpm4f64458f063eaa30a43ca5332a20d93d68058ee5267dd68de1ce31d9502ef80blibreoffice-calc-4.3.7.2-2.el6_9.2.i686.rpm995292e114e786dc17f78f1ec49085f215c34a5c99a062ad366f0e66e1a543e4libreoffice-opensymbol-fonts-4.3.7.2-2.el6_9.2.noarch.rpm02e0a9c46fa554aa4ef70ee9575008af88152c8fb9726eb6eafa92e44240bc34autocorr-ja-4.3.7.2-2.el6_9.2.noarch.rpmc5f940e92cb5cf5bd6a95aa33ae30984916d2d28d58ce1b26850c66bd400d4c5autocorr-ca-4.3.7.2-2.el6_9.2.noarch.rpm8a1e8d9bbd091699026e11ec9549b5d1c0a12c5d158c78e095c7092165c2436aautocorr-hr-4.3.7.2-2.el6_9.2.noarch.rpm966c01897c9f59773e12e949df00f6931e4fc1c322f57ab0f0db43321168304cautocorr-pt-4.3.7.2-2.el6_9.2.noarch.rpm0edb19bf9e8fb5c204fb417db185de2e01d6a8bdef07976cd612407d81b3564elibreoffice-langpack-or-4.3.7.2-2.el6_9.2.i686.rpm67b1cda9ba58b696a41d98476fe0efdb9a4f243a8039c41aeffaa722dd030d6dlibreoffice-emailmerge-4.3.7.2-2.el6_9.2.i686.rpmc7f53d3f56d86c332efa49058ab2908569eb9e09c0565a97ebf79c6c5a1477f2libreoffice-langpack-zu-4.3.7.2-2.el6_9.2.i686.rpmfcaf645bcb19a826797c3e7dad5c1f9a56cb37bf59a123ea2cb15d9c4fce3d11autocorr-sk-4.3.7.2-2.el6_9.2.noarch.rpm2435c49dfacae726996d7cb99ae65ae58ca2a9799aa669fddd105c89d36af4a1autocorr-fa-4.3.7.2-2.el6_9.2.noarch.rpm0866460539d922b1b78168ab2fc3ce40a44fbb2740445811017741cdc41828c4autocorr-es-4.3.7.2-2.el6_9.2.noarch.rpm2cd0b0ffebe54ad00994e75d4119d006d2418fa103466b460a53888867764573libreoffice-langpack-en-4.3.7.2-2.el6_9.2.i686.rpm8bc1b29f6258524e117fbd8032b92548ef95f6a20910d76c42f976c02b8f9c3flibreoffice-gdb-debug-support-4.3.7.2-2.el6_9.2.i686.rpmbfb1bc193f33dd22c13450c5e948a53560880519420198b9c326ae1112c49248libreoffice-officebean-4.3.7.2-2.el6_9.2.i686.rpm1527277c4b281aeff0ea531fd576c171c0e085ec82916566ec1b5d51bbd1193clibreoffice-langpack-cy-4.3.7.2-2.el6_9.2.i686.rpm2ab06f8b8dc18515478dec8bbda31857e7d2371fd2fb35c38ebbe0b87c150945libreoffice-sdk-doc-4.3.7.2-2.el6_9.2.i686.rpm4c4bbfc748337f316051c4fc9f98d89d5f6e79667cc9038fb1feacf3546a1d28libreoffice-langpack-ss-4.3.7.2-2.el6_9.2.i686.rpm6dedcc049d7ab49dc482600fdf7813f4312123568ec3f7d730c50973f909059clibreoffice-langpack-hu-4.3.7.2-2.el6_9.2.i686.rpm867545533250dda3e51ecf38aff73b0cfe82a6e2401e38d96da0ed96278d3774libreoffice-langpack-ve-4.3.7.2-2.el6_9.2.i686.rpm1fb11db85766bb4271d25d3613288fa2e57548cad3aee024ea6d63e17d80d7d6libreoffice-langpack-ts-4.3.7.2-2.el6_9.2.i686.rpm08a38b5e38e8074c57895e9976624de909d01a7c38d60d82660f05aa345b68c7libreoffice-langpack-ro-4.3.7.2-2.el6_9.2.i686.rpm2aa12189700ba359310dd5f8f6b76d34c67ef2fac2412cee4c066066acec1c9eautocorr-mn-4.3.7.2-2.el6_9.2.noarch.rpm1e89ce10c05e0ef3bf34984e0b1a8b6848a586f91c0df2b185f36165c348ea66autocorr-ga-4.3.7.2-2.el6_9.2.noarch.rpm93b019125f117ab97b371211177f4c9cb9b8344abfff5f3fe79b5a2ae9987fb0autocorr-af-4.3.7.2-2.el6_9.2.noarch.rpm1779f02445472502c8dd0aba04c1f045c6fef5bbad42a191811ec0d059e5def4libreoffice-langpack-nso-4.3.7.2-2.el6_9.2.i686.rpm337e7012cc44f58eca846f9ed56d7a26dfe88909b527a7d93f31b611c10367abautocorr-tr-4.3.7.2-2.el6_9.2.noarch.rpmce0648ee5cb5156b6ed08d63fa1bce12e41c667db9e718e25b7300b17f9ac8eblibreoffice-langpack-af-4.3.7.2-2.el6_9.2.i686.rpmbe68a6967b609c2c0cc519895ec74de2437986812d2b67bc18c6d7945f77825dlibreoffice-glade-4.3.7.2-2.el6_9.2.i686.rpm44011b279e699f7af2551db2ea402f935fd5154aac0679709051bbd9384919fflibreoffice-graphicfilter-4.3.7.2-2.el6_9.2.i686.rpm46a5f06fb2e2f1878d810761d6469e4da9c0fa1f263dfb55dd3a8d64b60bcbd5libreoffice-langpack-zh-Hans-4.3.7.2-2.el6_9.2.i686.rpm40905b4946f8a76a961556641f7eb9c38b0d6a90ba2958f0b71273c98363d3baautocorr-ro-4.3.7.2-2.el6_9.2.noarch.rpm3ec716faa7e738d98a9317ec32c9d6b5825dee13f4072918cb18f3b3f39b7596libreoffice-langpack-tn-4.3.7.2-2.el6_9.2.i686.rpm3c24754393a733d92b5b9c2c29ac275b0359f70cabe093ef39f694b144a5b89dlibreoffice-langpack-et-4.3.7.2-2.el6_9.2.i686.rpmefb2a028ca75efd09fd2f598dc181aed42bfa971b7aa40b11b5278c8c0e68ffeautocorr-de-4.3.7.2-2.el6_9.2.noarch.rpm8bbe98676251c1133100612384b5379108ceec52e64f0080f116baafbeb70d79libreoffice-langpack-sl-4.3.7.2-2.el6_9.2.i686.rpm537ad5628d85f12dccde04be1d8fc3dbc2ee4a5b6365b322c9f6e373446fcd09libreoffice-langpack-ur-4.3.7.2-2.el6_9.2.i686.rpm92e34418623ee3b932af8349cd6995cbfe7a226b0f9fa22fc08544a93dc8aaa1libreoffice-langpack-ru-4.3.7.2-2.el6_9.2.i686.rpm6feb68c157a9cda83fc4cb9cf145acde9453a1e517792d566cf04b9da87fb562autocorr-sv-4.3.7.2-2.el6_9.2.noarch.rpm00e3eb4af210f5cc15bac4cdea98b586180608f10d9cfd7fb31fab14360f8cdfautocorr-fi-4.3.7.2-2.el6_9.2.noarch.rpm5c77988f644c65ccabc585552a5bce739a7e2e4d878231eda221f6682added82libreoffice-langpack-nb-4.3.7.2-2.el6_9.2.i686.rpmc96b8fbcd54999bf971ad19a0175caca74c6cc5cda65f36e3011ca2b12f5cdb8libreoffice-librelogo-4.3.7.2-2.el6_9.2.i686.rpm50ec8b64eefc3a31b994a61199263d2f5cf464e3286a3afd821c6512e7a173e8libreoffice-writer-4.3.7.2-2.el6_9.2.i686.rpm166cc31dea09562aa58f2cd9bade5b01581f4a745713a4ca81cc1fe11026007blibreoffice-rhino-4.3.7.2-2.el6_9.2.i686.rpm27229dfe50b61e52369126619e9b5309f971a58735be93bebb5bd548910039f8autocorr-cs-4.3.7.2-2.el6_9.2.noarch.rpm899318dab871b62869f0545ad4b623e7705c4d5050bdd936ba67e3c7f623c01elibreoffice-langpack-bg-4.3.7.2-2.el6_9.2.i686.rpmb432e5f12ca47b09b965e77a0dd4618f98635d48aedf38af78bc58ef5ec5d287libreoffice-langpack-ms-4.3.7.2-2.el6_9.2.i686.rpm913b48ea5b67d4020722cbc1a15ca628f07ec0cf8de7c4c9f86a894a4bc017daautocorr-nl-4.3.7.2-2.el6_9.2.noarch.rpmb9cd37beae376871174296dfca9fa1e5fdd1a27eef92357e6e2092fb919c1a2elibreoffice-langpack-lt-4.3.7.2-2.el6_9.2.i686.rpm5d67a010dc0c8467774164842917cf48ec04f68997229a1d811a75b8cfd5d5f8libreoffice-langpack-st-4.3.7.2-2.el6_9.2.i686.rpm210e1117a7ed27153c1b3c5fc3b8a544195a9e438b48cd2685146afefcae79a6libreoffice-langpack-pt-BR-4.3.7.2-2.el6_9.2.i686.rpm25516d99278610e61c1a292e1e850c3fb85b8661404e0e5e29892e079cdc3de5libreoffice-langpack-tr-4.3.7.2-2.el6_9.2.i686.rpm3d029dfed5456e47e5cda5918bfa51a563973c5d12121814e62d83577e6ed0fcautocorr-hu-4.3.7.2-2.el6_9.2.noarch.rpmfc3459db7defd86d9b3746aff76c5d03fd74202c732b0b9e4803bfa43e24f1edlibreoffice-ure-4.3.7.2-2.el6_9.2.i686.rpmeb6c1debdbc128c175689862271f6888527eb5592d944fad5173f3f9e2eedd0elibreoffice-langpack-da-4.3.7.2-2.el6_9.2.i686.rpm6d310df7505e6b473bfd5f7ddb875b81583a51847a72ebbd039d214662aee654autocorr-pl-4.3.7.2-2.el6_9.2.noarch.rpm87e5ca390955a352a38f4987a80419577ad6cbda41a434daf836093b0e70e7bclibreoffice-langpack-sv-4.3.7.2-2.el6_9.2.i686.rpma219d42842185d2a6ef76170afaea3706ca3c4cb36ca6410ea8e442348e0d47blibreoffice-langpack-mai-4.3.7.2-2.el6_9.2.i686.rpmbd83268090ed4685e400075b2917cf455ed417776a8ebff76a9ff53a748ced6alibreoffice-langpack-xh-4.3.7.2-2.el6_9.2.i686.rpma222365ccc0fe78627b9c5bbf9e22ce8efdf050381bb3513e65981b62de69278autocorr-ko-4.3.7.2-2.el6_9.2.noarch.rpmcdf61029bbdcca5094c5edcf105d5904e606e05c0d7acccd29b1e79da9714561libreoffice-langpack-te-4.3.7.2-2.el6_9.2.i686.rpm0f6313bfe366cceae2e895036f4ffaf9b38c67462451e8685336670cfe96529cautocorr-lt-4.3.7.2-2.el6_9.2.noarch.rpmca4a92227919a5711fff6b6db4a1d378d5fe7582e37fb945c4bfe65ab712b8e8autocorr-bg-4.3.7.2-2.el6_9.2.noarch.rpm92db82a8e8c950155b8571cbc7ebd26d0348972eaf7f4725b366201ad89d304blibreoffice-langpack-pt-PT-4.3.7.2-2.el6_9.2.i686.rpmfb023f05d767327b53cc0314a49fdf6eddd97456750c7d800c500f18e4a5d6f8libreoffice-langpack-nn-4.3.7.2-2.el6_9.2.i686.rpm2ee73aab71ea96dd7469b26ae2be1df128cbff6a6eb4e6b09c184403d583ffe1libreoffice-langpack-pl-4.3.7.2-2.el6_9.2.i686.rpmbd3beeccc300e5bf3488f2818757bd78fcf75e5f592e9e997f49a74045c20a93libreoffice-sdk-4.3.7.2-2.el6_9.2.i686.rpmccbdff46c569c37a30646367a23b3556d3558f5a3238796af321811d9397dff6libreoffice-langpack-zh-Hant-4.3.7.2-2.el6_9.2.i686.rpme8891f4ae8007bf30027f047e0b39a0329d1ca9c54765cae983baeec4efe1467libreoffice-langpack-uk-4.3.7.2-2.el6_9.2.i686.rpm1ce4c32e1d4d09758950ed3f13786b3d9d9189197993af685dae554529cca0bdlibreoffice-langpack-sk-4.3.7.2-2.el6_9.2.i686.rpm35dfeb61ea676c766938d08a5a30ac11b23eb4ab2ac91cf7fcc47db94ca00e70libreoffice-langpack-ko-4.3.7.2-2.el6_9.2.i686.rpma3844b10204cbfa130abfa09fd489306bf07b6adfc011af134676aa5315c29cdlibreoffice-langpack-bn-4.3.7.2-2.el6_9.2.i686.rpma7d88246ecb9a38f792abd67dcaef6e8ed54d1b1abb87d5635ed1d8ca535c4aflibreoffice-langpack-sr-4.3.7.2-2.el6_9.2.i686.rpm601e0f4ec36d9556916c1e59e7b1e795a3371263d6d1d35471caacd8a9c0676elibreoffice-langpack-hi-4.3.7.2-2.el6_9.2.i686.rpm744fb93aacdf219e978ea0947242b64295f7225408d7489a5f10f07d44823c28libreoffice-base-4.3.7.2-2.el6_9.2.i686.rpmb1916d10e76b2031614dbef19548fd340623fcbce3befe3306dffb694d069899autocorr-is-4.3.7.2-2.el6_9.2.noarch.rpm771a4ce81d0cc1cd9c098e7cb4c9a19982f305d75a9032ad6c8dafe0cae08ee7libreoffice-core-4.3.7.2-2.el6_9.2.i686.rpmc5b8722f8eee0eacd8500041f7ca01b4854511b529134f4082fdeac2906eff36libreoffice-impress-4.3.7.2-2.el6_9.2.i686.rpm529382e8fd8607245e88a4011e5b69da5617e43b6c13943caa1e18bbeff6bba6libreoffice-pyuno-4.3.7.2-2.el6_9.2.i686.rpmc7ad50f549a2460a9ba7518b505205ad6feff63d457fae779d8434298dc06766libreoffice-langpack-nl-4.3.7.2-2.el6_9.2.i686.rpmeac140e8cf22500d24c8411b822c663ffc55547d0b44c70053acb928dfb993e4autocorr-vi-4.3.7.2-2.el6_9.2.noarch.rpme61e6e0bfa61c1660b319ba2cad568580874ecd1fd205cc7b4d9e4d36c0a539dautocorr-ru-4.3.7.2-2.el6_9.2.noarch.rpm5a9268a8d11cc4fab8c7354cbc0f259fbff7a7e4a54049d09d514d41c62e0f48libreoffice-langpack-gl-4.3.7.2-2.el6_9.2.i686.rpm471016054ba88d6cd28c3541a17aaecfb5e9c3894eb58777b769c4ad6ec4e0c5libreoffice-4.3.7.2-2.el6_9.2.i686.rpm92733745b32615067d8474bf2bf0b1c82096768b0e9cfe1d886b9899f2665afflibreoffice-langpack-eu-4.3.7.2-2.el6_9.2.i686.rpma6e9c0eed8317aa17f91e01cda9c7b2ef2656ee05ef2754c705afa21b90cc050libreoffice-langpack-it-4.3.7.2-2.el6_9.2.i686.rpmb1a51df76346478fa2ef61a6f9d0a17b5c5c7dd36ab412946409b80cbc3cbc68autocorr-lb-4.3.7.2-2.el6_9.2.noarch.rpme882fabad6bd7f861272db588eca579f183d33a4168c74d2f47543b7a3662462autocorr-it-4.3.7.2-2.el6_9.2.noarch.rpm9f3ec06d354e14d8a2abc5c9f701257791d90e2a2c87728d3fb103b46f937e00libreoffice-langpack-mr-4.3.7.2-2.el6_9.2.i686.rpm25f3229607abcd9c98b676a9c5df6f2958f8f21315e5a66451435847c1c187cclibreoffice-langpack-cs-4.3.7.2-2.el6_9.2.i686.rpmc11aef4980a4827b42fd979f7e0d991ee4bb623a97980e3b3414644fb5909d36libreoffice-langpack-pa-4.3.7.2-2.el6_9.2.i686.rpm32ec33602fbe8442368cad3ff75bd5c4692cc339fc98b7a17baf8dbc3ccd5748libreoffice-langpack-dz-4.3.7.2-2.el6_9.2.i686.rpm024fa7aa51d32cff79e50a1c06c62f1b77dc16a717e8b5ef24aa692b8bcda95aautocorr-fr-4.3.7.2-2.el6_9.2.noarch.rpm5b3338887a92651835381ae29f0f3b6bd7d4ddd97c73ff91ed8be0e1e7aeb975libreoffice-langpack-as-4.3.7.2-2.el6_9.2.i686.rpma4962286cc9249773d62763531aae47e39ee59dcb0d8a9bc58e691262ce20375libreoffice-langpack-fi-4.3.7.2-2.el6_9.2.i686.rpm94139008223f4cf1661e7a42f9792c86ae3ea37db9b09c9ae407c4bfcbacf99dlibreoffice-pdfimport-4.3.7.2-2.el6_9.2.i686.rpmc0e9189960ac7a312c15443b53a93394135073a003273925818c8cef413af2delibreoffice-wiki-publisher-4.3.7.2-2.el6_9.2.i686.rpm9b92ca94fc82bfd809aa0a90469f467ff827e4eff01a7775f15cfe8d168d791blibreoffice-langpack-he-4.3.7.2-2.el6_9.2.i686.rpm1d10e373f54838f93bcab4ece038948bb060e4d5c6beaca95efd74c0a6c574a0autocorr-sr-4.3.7.2-2.el6_9.2.noarch.rpm9f7dfca069fb4910d291bcef31817de150c33c4411319bead5a0109bb65ee31flibreoffice-langpack-de-4.3.7.2-2.el6_9.2.i686.rpm12bccd3f93a6baeb209c7eb58eb7b9691c219083c17450b3317a246a5ee0bcd7libreoffice-bsh-4.3.7.2-2.el6_9.2.i686.rpmb0c27db0a357f92b6197acd0ea7fb93a1a88d1d95d930229295282c74d96985blibreoffice-langpack-ta-4.3.7.2-2.el6_9.2.i686.rpm29d3bdc6b7bfcf1c71c198e280e849adbbfdeccb870569098930ad209a397286libreoffice-draw-4.3.7.2-2.el6_9.2.i686.rpm0950ab181379d509c224df47845f534faae321025e8962a5b2efa2467d1b1703libreoffice-nlpsolver-4.3.7.2-2.el6_9.2.i686.rpm089c653403b238d36ee1b88710592f2752a5a550fd4b54f391068eca4fe7b8e8autocorr-sl-4.3.7.2-2.el6_9.2.noarch.rpm3212c04e361fa5ea8766337dfecae30c980db089b83ff8a30b0ffc2472fa01d8SLSA-2018:0526-1This update upgrades Firefox to version 52.7.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5125) * Mozilla: Buffer overflow manipulating SVG animatedPathSegList (MFSA 2018-07) (CVE-2018-5127) * Mozilla: Out-of-bounds write with malformed IPC messages (MFSA 2018-07) (CVE-2018-5129) * Mozilla: Mismatched RTP payload type can trigger memory corruption (MFSA 2018-07) (CVE-2018-5130) * Mozilla: Fetch API improperly returns cached copies of no-store/no-cache resources (MFSA 2018-07) (CVE-2018-5131) * Mozilla: Integer overflow during Unicode conversion (MFSA 2018-07) (CVE-2018-5144) * Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5145)criticalScientific Linux FermiScientific Linux Fermi 6firefox-52.7.0-1.el6_9.i686.rpm4201d53f3c1a865a056ce4dafaea019acf711a771912664fb02ea4a350fddc60SLSA-2018:0549-1This update upgrades Firefox to version 52.7.2 ESR. Security Fix(es): * Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146)criticalScientific Linux FermiScientific Linux Fermi 6firefox-52.7.2-1.el6_9.i686.rpmfc5b3d8818d9055493251c433d07946942e3c7cd9ad2b604ed70172833bf7864SLSA-2018:0647-1This update upgrades Thunderbird to version 52.7.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5125) * Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07) (CVE-2018-5145) * Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146) * Mozilla: Buffer overflow manipulating SVG animatedPathSegList (MFSA 2018-07) (CVE-2018-5127) * Mozilla: Out-of-bounds write with malformed IPC messages (MFSA 2018-07) (CVE-2018-5129) * Mozilla: Integer overflow during Unicode conversion (MFSA 2018-07) (CVE-2018-5144)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-52.7.0-1.el6_9.i686.rpm8b76948facdf4acf79815fe8e793b02f3b0f4a50d8b3d87393934a29006de5d4SLSA-2018:0649-1Security Fix(es): * Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08) (CVE-2018-5146)importantScientific Linux FermiScientific Linux Fermi 6libvorbis-1.2.3-5.el6_9.1.i686.rpm6bae94f8d08ae08fb3da67090ee61204e786c79ef6ea6425e22425ea31b424c6libvorbis-devel-docs-1.2.3-5.el6_9.1.noarch.rpme933d99a851c5f2e5b684c348d8c6d9936c3cf4bcb0a6b8feefaaafe2746e2a1libvorbis-devel-1.2.3-5.el6_9.1.i686.rpm800568f1205d4d9954c1b2fe6abf010836dc4482cd691dcf59da2c756bcb5664SLSA-2018:1098-1This update upgrades Firefox to version 52.7.3 ESR. Security Fix(es): * firefox: Use-after-free in compositor potentially allows code execution (CVE-2018-5148)importantScientific Linux FermiScientific Linux Fermi 6firefox-52.7.3-1.el6_9.i686.rpma09fca73677c6fe4c2b12be583ba6c92c7dba6a04d0ddf55b82d8247731509a9SLSA-2018:1124-1Security Fix(es): * python-paramiko: Authentication bypass in transport.py (CVE-2018-7750)criticalScientific Linux FermiScientific Linux Fermi 6python-paramiko-1.7.5-4.el6_9.noarch.rpm12b0d3f739598adc24cc4c8f3da4a5cd0e86de68fd66c22507a500a789df4690SLSA-2018:1188-1Security Fix(es): * OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass (Hotspot, 8192025) (CVE-2018-2814) * OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997) (CVE-2018-2794) * OpenJDK: insufficient consistency checks in deserialization of multiple classes (Security, 8189977) (CVE-2018-2795) * OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981) (CVE-2018-2796) * OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985) (CVE-2018-2797) * OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989) (CVE-2018-2798) * OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993) (CVE-2018-2799) * OpenJDK: RMI HTTP transport enabled by default (RMI, 8193833) (CVE-2018-2800) * OpenJDK: unbounded memory allocation during deserialization in StubIORImpl (Serialization, 8192757) (CVE-2018-2815) * OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969) (CVE-2018-2790) Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website.criticalScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-src-debug-1.8.0.171-3.b10.el6_9.i686.rpm8997e2d6bcd67e7480c80db3fb6dd24f6753e5616004ae591709988ae1455b60java-1.8.0-openjdk-devel-debug-1.8.0.171-3.b10.el6_9.i686.rpm1d23011ca87122cc6a54cf1f299bcc82d653a9ecce163b88314844050e92af3ejava-1.8.0-openjdk-headless-debug-1.8.0.171-3.b10.el6_9.i686.rpm7714ba4d195eee065a4bf38c87b4f4c6f56e293ba3f59d146ad14ed3cfad160ajava-1.8.0-openjdk-headless-1.8.0.171-3.b10.el6_9.i686.rpmbf24fe03ad69b7d5b2ec943aaa0b2dd63433d80ef1ad708f31a20896f97d56f0java-1.8.0-openjdk-src-1.8.0.171-3.b10.el6_9.i686.rpm33c9182a0f11af141d8a0f75e087754d9f2736fb702970ecc4b38c00093e2086java-1.8.0-openjdk-1.8.0.171-3.b10.el6_9.i686.rpmf2ae7769e64035a501ea0814d5bc505ed076230c3fca3a8a03e5140acb16b58fjava-1.8.0-openjdk-demo-1.8.0.171-3.b10.el6_9.i686.rpm1e7d80ba45b7f095600c18c1213b212ed6b8c1505646236b8aff7ffe1dccee22java-1.8.0-openjdk-demo-debug-1.8.0.171-3.b10.el6_9.i686.rpmbaa4f738535049c5bda5ed7f69d347157d20f9b3bd219ba4ccdf67b5c12c4dfejava-1.8.0-openjdk-javadoc-1.8.0.171-3.b10.el6_9.noarch.rpm24b3f44d102792a3d5e5da9911924e5260175376124f67e6a2824271e01159d6java-1.8.0-openjdk-devel-1.8.0.171-3.b10.el6_9.i686.rpm957979891f83331f8c5b77d46406ea656c1dc4f058b812c0c4aa45612df6d111java-1.8.0-openjdk-javadoc-debug-1.8.0.171-3.b10.el6_9.noarch.rpm26836c5f40cf4d75552ded8f602f0e3da735ae21c0ad6c31536f9f28d921cfbdjava-1.8.0-openjdk-debug-1.8.0.171-3.b10.el6_9.i686.rpm80042ae7cceef019b44a388104d0fa9a04f97ad83f5f2dafdb7c72df7e574818SLSA-2018:1199-1Patch should be installed because it is a common way of upgrading applications. Security Fix(es): * patch: Malicious patch files cause ed to execute arbitrary commands (CVE-2018-1000156)importantScientific Linux FermiScientific Linux Fermi 6patch-2.6-8.el6_9.i686.rpmdd96b7cd4823a5c8a9c6f9ffcfaa003bb3f1dec7d2cc9881cfcc2cf1017c83d2SLSA-2018:1225-1Security Fix(es): * librelp: Stack-based buffer overflow in relpTcpChkPeerName function in src/tcp.c (CVE-2018-1000140)criticalScientific Linux FermiScientific Linux Fermi 6librelp-devel-1.2.7-3.el6_9.1.i686.rpm9acda4ddbc02530ecfbc5e7a779fbf429b2fd0ea3ae728f8a85561e2d3fcff12librelp-1.2.7-3.el6_9.1.i686.rpmf010f33f7c239107289afc57ba1a727114df6ac8f0fcf11136ef9a0de49b19afSLSA-2018:1270-1Security Fix(es): * OpenJDK: incorrect handling of Reference clones can lead to sandbox bypass (Hotspot, 8192025) (CVE-2018-2814) * OpenJDK: unrestricted deserialization of data from JCEKS key stores (Security, 8189997) (CVE-2018-2794) * OpenJDK: insufficient consistency checks in deserialization of multiple classes (Security, 8189977) (CVE-2018-2795) * OpenJDK: unbounded memory allocation during deserialization in PriorityBlockingQueue (Concurrency, 8189981) (CVE-2018-2796) * OpenJDK: unbounded memory allocation during deserialization in TabularDataSupport (JMX, 8189985) (CVE-2018-2797) * OpenJDK: unbounded memory allocation during deserialization in Container (AWT, 8189989) (CVE-2018-2798) * OpenJDK: unbounded memory allocation during deserialization in NamedNodeMapImpl (JAXP, 8189993) (CVE-2018-2799) * OpenJDK: RMI HTTP transport enabled by default (RMI, 8193833) (CVE-2018-2800) * OpenJDK: unbounded memory allocation during deserialization in StubIORImpl (Serialization, 8192757) (CVE-2018-2815) * OpenJDK: incorrect merging of sections in the JAR manifest (Security, 8189969) (CVE-2018-2790)importantScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-src-1.7.0.181-2.6.14.1.el6_9.i686.rpmdad7428b6958bb1289c031fb3828397237ceed86fd0537968bfd85be3e28d62djava-1.7.0-openjdk-demo-1.7.0.181-2.6.14.1.el6_9.i686.rpmbf8c85e168297d4e560f38243f7dcbda527964e6d7f45af4d9f49e0e225dc78fjava-1.7.0-openjdk-devel-1.7.0.181-2.6.14.1.el6_9.i686.rpm8ef53cdedae667bb6112b15e841e5e74c7ea86024a1e8e65e205a6ff949da1fejava-1.7.0-openjdk-1.7.0.181-2.6.14.1.el6_9.i686.rpmf25a3b20a16e987256351ad9e4f4f99377ac3dd71c912453c76d2df8a3b0bc21java-1.7.0-openjdk-javadoc-1.7.0.181-2.6.14.1.el6_9.noarch.rpma6fc3f473c1ba129b72cb00bfcd1763fe1ffa88a14cc68f030a8d1ab3bed5684SLSA-2018:1319-1Security Fix(es): * hw: cpu: speculative execution permission faults handling (CVE-2017-5754) * Kernel: error in exception handling leads to DoS (CVE-2018-8897) * kernel: nfsd: Incorrect handling of long RPC replies (CVE-2017-7645) * kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824) * kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation (CVE-2017-13166) * kernel: netfilter: use-after-free in tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c (CVE-2017-18017) * kernel: Stack information leak in the EFS element (CVE-2017-1000410)importantScientific Linux FermiScientific Linux Fermi 6kernel-2.6.32-696.28.1.el6.i686.rpm30d71112b4eb7a6c813ce087362f526eda0a3295d8fe103837d3dc088cd91163kernel-doc-2.6.32-696.28.1.el6.noarch.rpm003c50cde22c363878d37d01366349a19d4acaa164be8a6d1146db6716312965kernel-headers-2.6.32-696.28.1.el6.i686.rpmd9279d0a9284211245e08b0fe093754b2bae853045452f16eaa5cd7b5ffc82abkernel-debug-devel-2.6.32-696.28.1.el6.i686.rpmd114698c004b569573741b86e6ce507f9d102383d71e35e05aa201411455aa74kernel-abi-whitelists-2.6.32-696.28.1.el6.noarch.rpmb87cc02e2060ed38c25bc43969183e3a1280510a55bff57d9adaa9847a7f426cperf-2.6.32-696.28.1.el6.i686.rpmfb75b65a47c7a16a3b48b261c8cd092830b31f288c42585a536a93af758eaa2ekernel-firmware-2.6.32-696.28.1.el6.noarch.rpm9fc57ca05209098a97c89b731751d8cd2b1bce16397550c932bb3d07b222611ckernel-debug-2.6.32-696.28.1.el6.i686.rpm5b1c07170408cca4108c4f1b5c560c01107783073a28e5093971c603a1ff94c1kernel-devel-2.6.32-696.28.1.el6.i686.rpm7b8d2e7acedb2a26cf856de4b3ee5f8667a9f612dc1303f16b4818c40623cc80python-perf-2.6.32-696.28.1.el6.i686.rpm96e5c58547aca557c9fe504dad53393053736805941251f105bb46b729950789SLSA-2018:1364-1Security Fix(es): * 389-ds-base: ns-slapd crash via large filter value in ldapsearch (CVE-2018-1089)importantScientific Linux FermiScientific Linux Fermi 6389-ds-base-1.2.11.15-95.el6_9.i686.rpm97e5b1c37f5b08531284e9cbf285c626ff7cc5599fd2bcf3815fd3770377e3b2389-ds-base-devel-1.2.11.15-95.el6_9.i686.rpmc0cd6119beb9aa7e9846a5f34a021707f6eecd94ac7ce4416658e08c443e973d389-ds-base-libs-1.2.11.15-95.el6_9.i686.rpm8ba998d1ded9611278827da587eee7aa6bd26f943998ff7a476cc32d4b50980cSLSA-2018:1414-1This update upgrades Firefox to version 52.8.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150) * Mozilla: Backport critical security fixes in Skia (CVE-2018-5183) * Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154) * Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155) * Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files (CVE-2018-5157) * Mozilla: Malicious PDF can inject JavaScript into PDF Viewer (CVE-2018-5158) * Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159) * Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168) * Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178)criticalScientific Linux FermiScientific Linux Fermi 6firefox-52.8.0-1.el6_9.i686.rpmb75131c0c26b4e995d2c4784f009bdb10e98f74fa1ccdfcfcd2d191f10b54e0cSLSA-2018:1454-1Security Fix(es): * A command injection flaw was found in the NetworkManager integration script included in the DHCP client packages in Scientific Linux. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. (CVE-2018-1111)criticalScientific Linux FermiScientific Linux Fermi 6dhcp-common-4.1.1-53.P1.el6_9.4.i686.rpm190ad80c60d389f65643dc062c1f4812090a41203a432394d9510740fc5323e6dhcp-4.1.1-53.P1.el6_9.4.i686.rpm584aa328f63d171ec6906ce870dae48df4b036b476a1467433a3a495da6d1076dhclient-4.1.1-53.P1.el6_9.4.i686.rpm1c1ebdbc5cce13282e030a5ba4941522ae10de8d3ee6d047b4f2d92a887c82a0dhcp-devel-4.1.1-53.P1.el6_9.4.i686.rpm10a54c59ebfe3895bc787bb77829e875a0cbfab53bd61f118f6793b0a17e6f7cSLSA-2018:1647-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Note: This is the OpenJDK side of the CVE-2018-3639 mitigation.importantScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.181-2.6.14.8.el6_9.i686.rpmb4a3a2c5803388d24bcf1dd446538ae952d9c412ff9dee5bcde3d6d301c384b6java-1.7.0-openjdk-javadoc-1.7.0.181-2.6.14.8.el6_9.noarch.rpmd618206ce0642907785f6d04977208dfc0ddf89ce50e08f2a1dc8d4171de651ajava-1.7.0-openjdk-demo-1.7.0.181-2.6.14.8.el6_9.i686.rpm1dc582f7817231e97d8a2e393f011597ffa33203e9f10fe90c409f87e3201720java-1.7.0-openjdk-src-1.7.0.181-2.6.14.8.el6_9.i686.rpmfea07046db1f3df49578f67e9785046989e3a1379e811e887145378ddf1aafd0java-1.7.0-openjdk-1.7.0.181-2.6.14.8.el6_9.i686.rpm32a05c8941b5fe9cb3f9e1dd5b557ee77fd4156ff05fa135f001f721e23ca7a6SLSA-2018:1650-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Note: This is the OpenJDK side of the CVE-2018-3639 mitigation.importantScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-javadoc-debug-1.8.0.171-8.b10.el6_9.noarch.rpmd1c6cccbc93d9665b0cb82acfea1a3a0ac6bc07365e5332b63b89bc1aea35113java-1.8.0-openjdk-src-debug-1.8.0.171-8.b10.el6_9.i686.rpmc28568244620d84a61e570afb6def39f0071f389bac3d8d5d4571377b9fb080cjava-1.8.0-openjdk-devel-1.8.0.171-8.b10.el6_9.i686.rpm0ac136cf9569a2decb49cba52882c5074876ce80a8bc4bc2347a25d685b28865java-1.8.0-openjdk-headless-debug-1.8.0.171-8.b10.el6_9.i686.rpm5484f0db8c19c5121c104ff3bf506cf55da92d568efe12e974a7d22065f9492bjava-1.8.0-openjdk-devel-debug-1.8.0.171-8.b10.el6_9.i686.rpm72bec5e7a69d42637f62aaf8dfa31da9856b0c8a79f523059b1716a29d8b8999java-1.8.0-openjdk-debug-1.8.0.171-8.b10.el6_9.i686.rpm319b3022fc9ffedce416f8300be65d90aea948552db81c48c1509b5757253cb5java-1.8.0-openjdk-javadoc-1.8.0.171-8.b10.el6_9.noarch.rpmb4635c1643c713287a9f1402e2a49489414ac01cb9114f8395e5636e9709499ajava-1.8.0-openjdk-demo-1.8.0.171-8.b10.el6_9.i686.rpm79bfa61eddd8de803fb82d60de4a926f340224b936c8cae45f43716228852e3ajava-1.8.0-openjdk-demo-debug-1.8.0.171-8.b10.el6_9.i686.rpm6afc4361d8d34ad8199eb6a743add68d28d3a7ce287175babb3e29764f20255ajava-1.8.0-openjdk-headless-1.8.0.171-8.b10.el6_9.i686.rpm8b81d2a5640a3055d8e97492d902b67e2625c45f505e3ae9cb0b94df93c63dc4java-1.8.0-openjdk-src-1.8.0.171-8.b10.el6_9.i686.rpm2f3951a1d7ac58e98c66752d269c81e4e8f70f2ca4b4a019fc28fc8aeb0d0469java-1.8.0-openjdk-1.8.0.171-8.b10.el6_9.i686.rpme577073c1777c451f4a525cca618b323253c3c74b25b5622f7fa5fefe4586e4aSLSA-2018:1651-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software side of the mitigation for this hardware issue. To be fully functional, up-to-date CPU microcode applied on the system is required. In this update mitigations for x86 (both 32 and 64 bit) architecture are provided. Bug Fix(es): * Previously, an erroneous code in the x86 kexec system call path caused a memory corruption. As a consequence, the system became unresponsive with the following kernel stack trace: 'WARNING: CPU: 13 PID: 36409 at lib/list_debug.c:59 __list_del_entry+0xa1/0xd0 list_del corruption. prev->next should be ffffdd03fddeeca0, but was (null)' This update ensures that the code does not corrupt memory. As a result, the operating system no longer hangs.importantScientific Linux FermiScientific Linux Fermi 6kernel-firmware-2.6.32-696.30.1.el6.noarch.rpme1e041051fd43c93d0ceea9d42b32ddf16016f7062b6c34bf7fa497780a0e92fkernel-doc-2.6.32-696.30.1.el6.noarch.rpm035109327ad79de0d63188a9f5fedd072e2901be667e75c609240155bea334dekernel-debug-devel-2.6.32-696.30.1.el6.i686.rpm8d8fdb858b3f4cc2c9c580aa96a24eef82a4bfa77716468148791e3286256812kernel-debug-2.6.32-696.30.1.el6.i686.rpm02902d29c2093126a2ce17b644ea33ea1edd9ac1cd4fdd898bb57436f066643bkernel-headers-2.6.32-696.30.1.el6.i686.rpm58d08d1fafacee4ccfdfc4b46b1a0357900c3065db11d1fc2d565089003d156akernel-devel-2.6.32-696.30.1.el6.i686.rpm9cdcb4750a9f7d838b14659a4273352d1829e678af481df7d5062b3c8089001apython-perf-2.6.32-696.30.1.el6.i686.rpm618ba4f7c7c0745c55f3c878eb80685f049ce7cb302ef22f61f70b7e5fa95b29kernel-abi-whitelists-2.6.32-696.30.1.el6.noarch.rpm03931ad87cd7a18b1f355ea0b9865a6e6aa9f0a98756a15e95965ae86f2c07c9perf-2.6.32-696.30.1.el6.i686.rpmd7f3a91e470e693b6fa325d6c53be00f0fa4b3d567eae75e620c8a5a8a758464kernel-2.6.32-696.30.1.el6.i686.rpm131426da8f5986dcc22ff44ceefb9d6a931bfe68fee4a5cb90e75516d9440f97SLSA-2018:1660-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Note: This is the qemu-kvm side of the CVE-2018-3639 mitigation.importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.503.el6_9.6.i686.rpm9bb92ac1c368d7c2836d07f9e8c6718942e7fcd4886d23b3eb9cc72c90607290SLSA-2018:1669-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Note: This is the libvirt side of the CVE-2018-3639 mitigation.importantScientific Linux FermiScientific Linux Fermi 6libvirt-python-0.10.2-62.el6_9.2.i686.rpm3acfaf532845b0271e6a32b8569909f21b8f3c103c5c1715bf38313f309cb7f0libvirt-client-0.10.2-62.el6_9.2.i686.rpm1c16b142cefa444632757eb3c83d9a1e0b58e0ecf0e25c85a8537c15afb040b4libvirt-0.10.2-62.el6_9.2.i686.rpm4dc835d3b744ec618c883f3356c99bc0b7bc6b4ba96080b137851ab1ab3690c6libvirt-devel-0.10.2-62.el6_9.2.i686.rpm383835676f08a1c3f7027d2e9f0e353724670baf70e920c34255ad9e48d94b3dSLSA-2018:1726-1This update upgrades Thunderbird to version 52.8.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 (CVE-2018-5150) * Mozilla: Backport critical security fixes in Skia (CVE-2018-5183) * Mozilla: Use-after-free with SVG animations and clip paths (CVE-2018-5154) * Mozilla: Use-after-free with SVG animations and text paths (CVE-2018-5155) * Mozilla: Integer overflow and out-of-bounds write in Skia (CVE-2018-5159) * Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack (CVE-2018-5184) * Mozilla: Hang via malformed headers (CVE-2018-5161) * Mozilla: Encrypted mail leaks plaintext through src attribute (CVE-2018-5162) * Mozilla: Lightweight themes can be installed without user interaction (CVE-2018-5168) * Mozilla: Filename spoofing for external attachments (CVE-2018-5170) * Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension (CVE-2018-5178) * Mozilla: Leaking plaintext through HTML forms (CVE-2018-5185)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-52.8.0-2.el6_9.i686.rpm6735b2df606f06dcc95f199bd597208328567fb8c705ff257fee89b09a16a5c0SLSA-2018:1777-1Security Fix(es): * procps-ng, procps: Integer overflows leading to heap overflow in file2strvec (CVE-2018-1124) * procps-ng, procps: incorrect integer size in proc/alloc.* leading to truncation / integer overflow issues (CVE-2018-1126)importantScientific Linux FermiScientific Linux Fermi 6procps-3.2.8-45.el6_9.3.i686.rpmb88c8138f44cf91edff2d1ea09b2f5de6bb73694d607ab3b84ca12b4ff0dc710procps-devel-3.2.8-45.el6_9.3.i686.rpm309227022a473b7ab01f647a7375eca48fe7e92650193b3cff540830cd652242SLSA-2018:1779-1Security Fix(es): * xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag (CVE-2016-5003)importantScientific Linux FermiScientific Linux Fermi 6xmlrpc3-javadoc-3.0-4.17.el6_9.noarch.rpm92394cf322f88556706316499fe137f282aa67a31252745d600d6eaae6413dfexmlrpc3-client-devel-3.0-4.17.el6_9.noarch.rpmfad43ed14d17c02069b65e51ce40fdbaf6ce4333cb659542d48f6a0b67f71cb9xmlrpc3-server-3.0-4.17.el6_9.noarch.rpm7134f5d218f3ee8468fd3224ec373172c78cf0051fb15b32329d7b25650066f0xmlrpc3-client-3.0-4.17.el6_9.noarch.rpm78813af9513e91f82e540b35f15d85ddd266daf6b9a02a0d5656d3c8d5984fcaxmlrpc3-common-3.0-4.17.el6_9.noarch.rpm5ab2504dae5743662d03fdb824cf5947aca23424a667951b1e0236eb7f1c3777xmlrpc3-common-devel-3.0-4.17.el6_9.noarch.rpma6a4631645e71b66da9d849fbe454a721fbb1cee550b624158b3c3ecdfac58a5xmlrpc3-server-devel-3.0-4.17.el6_9.noarch.rpmeb836512ef5a81cc550d7e8642663c429e7e049c06af9b6d7f4cfd7c2e8b7aeaSLSA-2018:1854-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, PowerPC) * kernel: net/packet: overflow in check for priv area size (CVE-2017-7308) * kernel: AIO interface didn't use rw_verify_area() for checking mandatory locking on files and size of access (CVE-2012-6701) * kernel: AIO write triggers integer overflow in some protocols (CVE-2015-8830) * kernel: Null pointer dereference via keyctl (CVE-2016-8650) * kernel: ping socket / AF_LLC connect() sin_family race (CVE-2017-2671) * kernel: Race condition between multiple sys_perf_event_open() calls (CVE-2017-6001) * kernel: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c (CVE-2017-7616) * kernel: mm subsystem does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism (CVE-2017-7889) * kernel: Double free in the inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c (CVE-2017-8890) * kernel: net: sctp_v6_create_accept_sk function mishandles inheritance (CVE-2017-9075) * kernel: net: IPv6 DCCP implementation mishandles inheritance (CVE-2017-9076) * kernel: net: tcp_v6_syn_recv_sock function mishandles inheritance (CVE-2017-9077) * kernel: memory leak when merging buffers in SCSI IO vectors (CVE-2017-12190) * kernel: vfs: BUG in truncate_inode_pages_range() and fuse client (CVE-2017-15121) * kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service (CVE-2017-18203) * kernel: a null pointer dereference in net/dccp/output.c:dccp_write_xmit() leads to a system crash (CVE-2018-1130) * kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service (CVE-2018-5803)importantScientific Linux FermitrueScientific Linux Fermi 6kernel-debug-2.6.32-754.el6.i686.rpmb10dfeee3ffb87c191933375a29156630a1d21f5d5a77f5c8f1a1f041c97ded0perf-2.6.32-754.el6.i686.rpm58b1835a94afee8270b09901fcbcad8e14179a06d6610667b0e7d5b45fb72ecakernel-abi-whitelists-2.6.32-754.el6.noarch.rpmd17fc0ef81add36966c5ad1a52e1ac12d36f7779b6df5d691cc0a59a61415abekernel-firmware-2.6.32-754.el6.noarch.rpm7a17694fb784fd788cd409fd6cd60db8997f9977b902d1262403f61b797a7250kernel-debug-devel-2.6.32-754.el6.i686.rpmb6a454d1ace13f3472144a435b0cd76cdfe9e4724138cbef947085af70b77003python-perf-2.6.32-754.el6.i686.rpm06a42127f7a2eb8bed4cf884d8c794475005a5d9a35e3134de4d40fcc74a8d71kernel-headers-2.6.32-754.el6.i686.rpm13bc72f185ea22ce1d4d8a09c6d88154177801414afe2b015cb9e2ed47eb9a51kernel-2.6.32-754.el6.i686.rpm74bd3f08227282ab9dc1efb02b7ac2c2fcec8fe98f1f6a2b24717e041e4bf115kernel-doc-2.6.32-754.el6.noarch.rpmbcab6f050c1497c8639cff2e9864bcb1fb473d29ce480038cc4c713ee447b8b3kernel-devel-2.6.32-754.el6.i686.rpm035bc1d58f1d86ab2cc500d654c629b0e1a52846aa738cae3815b0992c30be4bSLSA-2018:1860-1Security Fix(es): * samba: Null pointer indirection in printer server process (CVE-2018-1050)lowScientific Linux FermiScientific Linux Fermi 6samba-swat-3.6.23-51.el6.i686.rpm86a2efb1930a333e909d399edef4958c937309c96c845178220e504c11159ba9libsmbclient-devel-3.6.23-51.el6.i686.rpmce2339c8bdb1b8d766c28a20286859134d906dbd8c337ede594227f78c5fc624libsmbclient-3.6.23-51.el6.i686.rpm67c3f47bb100258ea8f95f5e2d10aeb2e2debab02712eeaa5835835a580a8b14samba-winbind-clients-3.6.23-51.el6.i686.rpmdfdb41aede3e4d11b49ccf2ab720152da659e2f3c4c077230466a4729decf721samba-3.6.23-51.el6.i686.rpmea8654bd0ce8f574a8feebe8bd87d15e12acc8cdf83be27a754eee1ff2a78e0csamba-domainjoin-gui-3.6.23-51.el6.i686.rpm89515fe65fee034431dacc71aa642c113ba33744d4a94173d0f4d30f0b336fd4samba-winbind-krb5-locator-3.6.23-51.el6.i686.rpm17a88a60356c8cc93f7317f651c5906a4226a0a7f28b9628209fcfe9afaf4e4fsamba-doc-3.6.23-51.el6.i686.rpm144b9c35a095df88e9512782f886547f11b34be3806c3059c2d2705f38bedbc7samba-common-3.6.23-51.el6.i686.rpmd69ce3ed23a672d751699e73b4f6d41a0f062771a5622a5eee8bd989f7d20359samba-client-3.6.23-51.el6.i686.rpmb99c6ed4536833654ce55343d751356be19d9e36f5276eae2d787e8b77cd9eb1samba-winbind-devel-3.6.23-51.el6.i686.rpme6bc473335acd0f7504939501ea8ee12219cc3114291da2dad44db70b03b663csamba-winbind-3.6.23-51.el6.i686.rpmfdcb254527cceefc97990cadc9c0465a9034fb35bb553495829c78989401a9a1SLSA-2018:1877-1The ding-libs packages contain a set of libraries used by the System Security Services Daemon (SSSD) as well as other projects, and provide functions to manipulate file system path names (libpath_utils), a hash table to manage storage and access time properties (libdhash), a data type to collect data in a hierarchical structure (libcollection), a dynamically growing, reference-counted array (libref_array), and a library to process configuration files in initialization format (INI) into a library collection data structure (libini_config). Security Fix(es): * sssd: unsanitized input when searching in local cache database (CVE-2017-12173)moderateScientific Linux FermiScientific Linux Fermi 6sssd-krb5-common-1.13.3-60.el6.i686.rpm8eef220e5f768ca5959d10f17b0c5ab362f38210b0366883d1b17fca0be8d26fsssd-dbus-1.13.3-60.el6.i686.rpm2c072dc328c85264ff4222a22fcf427fb636314fd0f4c706590ce36904285d8dlibref_array-0.1.4-13.el6.i686.rpmd71021432eb17e2ef574e7cb0590d839d20d79087658c114dbf8b7067cffa2b1python-sssdconfig-1.13.3-60.el6.noarch.rpm79638968776b02d9dc79e64fb23da603d9bdc4c868d8f8d658c60d74d5171d36libini_config-1.1.0-13.el6.i686.rpm01cef74903ff483de6c4500b261f04a95713f0c0d2bfa1bc22703ba6c76c272esssd-krb5-1.13.3-60.el6.i686.rpmfee2a9479045f2b8d89d298330ec6f0881b4b0a6787cf91fd03761ab097799e1libsss_idmap-1.13.3-60.el6.i686.rpmcdc10f09e6f423127d9488075ff911ba1b5003d9df1e8f7a642220697257edf0sssd-ipa-1.13.3-60.el6.i686.rpmcdb9b24677bf4b9a0dd73e30750c0f356ee30d758e2b83339ece2d55d9bb148alibcollection-0.6.2-13.el6.i686.rpmf08224d5daa0b4954a4859f875943889a12ce17510efd1106b452c3198a1cf2asssd-common-1.13.3-60.el6.i686.rpmb8eb00d6d2943e6fca6c9d1c5c280c2e2f187d877e602329e0aabdea3e7c4228sssd-proxy-1.13.3-60.el6.i686.rpme0d1c18f6f1e11eb1fa32dcf6469c8a531766a1379a1028fa8d533bf7198c187sssd-common-pac-1.13.3-60.el6.i686.rpm62e09549f3f58c830438f37d41676c1072c969763262eaf6073608262b45925clibipa_hbac-1.13.3-60.el6.i686.rpmb2ea9419477416c827a1455ddf43b38cfc856557241fe08e740f1831b3cdf329libsss_nss_idmap-1.13.3-60.el6.i686.rpmc5f12552619f7f16738987ea98eec9f98950df9efbe6f3e1ef36638c647b6965libini_config-devel-1.1.0-13.el6.i686.rpm768cab28447cc0e6b09607f85bb9d3ec386b76cd70112a4a3df10495c8922323sssd-ad-1.13.3-60.el6.i686.rpm4c0a2f6973b35b8560edcc10acc7967ec8dcbe1ac1975ae7e35a5ababed8e96flibsss_nss_idmap-devel-1.13.3-60.el6.i686.rpm7f4e769c220302573f0da9d326735ed8442241035778e4f776191d782f9f2a31python-libipa_hbac-1.13.3-60.el6.i686.rpm2b5dcfc16fcf0a7568fba46dfb37dfef96f31edee0670acbd893dee1cfc9be72python-sss-1.13.3-60.el6.i686.rpmf719d8931e6cee9d9ef976756cc0fadf8187eed4749e76fa9e72a91e12af502dpython-libsss_nss_idmap-1.13.3-60.el6.i686.rpmd706547a04477c8f78e2ae7cabc4e0ae82d5c1f564d680ce7a3d36c3c65cec52python-sss-murmur-1.13.3-60.el6.i686.rpm23c56c7516ee04f749da931f160120738baa52cbd271b31372882fdd1bc41327sssd-ldap-1.13.3-60.el6.i686.rpmbe5c001594692b64d23750ef8b8a3d93bc8ffa4b8d8c3e1ed76746203b482600sssd-tools-1.13.3-60.el6.i686.rpm1bcd8cb7160a7350542687548fec6b3028121feb39596a2a3a6ef0fd94efe35flibcollection-devel-0.6.2-13.el6.i686.rpm50d721a6318f8d3f60d56700a2a7166d1ac3e3b96500ab77c09f3acc61fddec0libsss_simpleifp-devel-1.13.3-60.el6.i686.rpm3606b9513e98189a575f0635e749688b1b558b9a475802531b359514c993442blibbasicobjects-devel-0.1.1-13.el6.i686.rpm5ebd0accaaac4bdb4152afb870fadac8d4f9c9f1a9bd7cffb5b9e0ff15903596libpath_utils-0.2.1-13.el6.i686.rpm72b48cfdcda7f1099ec1cc389bc25de0b447180d842933ead9c26fc0a9b45f92libdhash-devel-0.4.3-13.el6.i686.rpmaf8bc0fad701bbf1c52b18aaabe7cb47ded7d5fb465b7a00921f15480b287413libbasicobjects-0.1.1-13.el6.i686.rpmfee246e907116b83200a9581793848a9fbfd868413c345e03bc491bd8dc7a060libipa_hbac-devel-1.13.3-60.el6.i686.rpme7addd4a7e53765d1a51539fc7cd2d74ab19a36567a892b16f1fcf86db60f701libsss_idmap-devel-1.13.3-60.el6.i686.rpmf5228b6ebacd741b0a3332e5342172611ebd46e86a40463548de537c6235919esssd-1.13.3-60.el6.i686.rpm413006d68816da9dec1990641ab0d894273dc771b4a0af755aa6742cf4d9fa7blibpath_utils-devel-0.2.1-13.el6.i686.rpm4f1f22ca45e0cb670ff892f0404086918ffea02ccc4624b95845ed226af56d50libdhash-0.4.3-13.el6.i686.rpmede915479152cf110a58d829c14cb9b91d3c575fedaba1bdbb9e5879ce17401blibref_array-devel-0.1.4-13.el6.i686.rpm5aef64408024aee64de86cf459f7a6b18b054f90140844252116e5655fadb7e8libsss_simpleifp-1.13.3-60.el6.i686.rpmcd147312cd12904812e7bb40c1bbaf80efecb403675a55728b4b0a76171cfc26sssd-client-1.13.3-60.el6.i686.rpmeff75ce817bc89f6867bc1a1f74e401a15b3bc9702b72e890ce9544d116df78fSLSA-2018:1879-1Security Fix(es): * glibc: Buffer overflow in glob with GLOB_TILDE (CVE-2017-15670) * glibc: Buffer overflow during unescaping of user names with the ~ operator (CVE-2017-15804)moderateScientific Linux FermitrueScientific Linux Fermi 6glibc-2.12-1.212.el6.i686.rpmb3a917a07554eeecfdba21b178d1065641520d2344fe959531764f4dd7c6b212glibc-static-2.12-1.212.el6.i686.rpm8ff061c5b0f08f533149e6b5865b3e4c757937bb2ca452cd5a442e1ff8ea746cglibc-utils-2.12-1.212.el6.i686.rpm1f015301e7fa8a744a8a65239287ceb0466083adedbf8da12936da63341eae1dglibc-headers-2.12-1.212.el6.i686.rpm5944467e1b2048b2929ec5ef4f3c7993d2172d3285568ce0b884000a4fcfb4b7glibc-common-2.12-1.212.el6.i686.rpm4e546935f424e433dd76ad1db46429b16fbf74381a0389de10f5c03c4107cde4nscd-2.12-1.212.el6.i686.rpm5a1aa01da3094a2054c728bf5a8031c158af12a1e85f3e0e63b879f0968a887dglibc-devel-2.12-1.212.el6.i686.rpmddce190c61321dd829b9ebd171d1c1da4ac0302162de96c44853ca793b48aaa7SLSA-2018:1883-1Security Fix(es): * samba: Null pointer indirection in printer server process (CVE-2018-1050)lowScientific Linux FermiScientific Linux Fermi 6samba4-python-4.2.10-15.el6.i686.rpm3184e47503ebfc8a81ab8b60e1b7cd370f4c6842a1e5553c882ede697102906esamba4-dc-libs-4.2.10-15.el6.i686.rpma58b90e133886d65d148ea48fd2e1f60de4b9b36c83b848861274eef7cad29desamba4-4.2.10-15.el6.i686.rpm624a5c0c37038663930e52eb24cf51f2f7f1ad013280899a82937c864f9abfe8samba4-test-4.2.10-15.el6.i686.rpme6d92264185bfc73b483abd367b8343fd947a22692d52d03722bb144f196722fsamba4-common-4.2.10-15.el6.i686.rpmd1fa4072b11f4f568f59c3a43ad3eeba500a314bffede9a495e460f3b8a7bbeasamba4-winbind-clients-4.2.10-15.el6.i686.rpm99a7e730fffb472e6b428a010c6a92be65ea0572fa503bd3fb198fe691e5fdc8samba4-libs-4.2.10-15.el6.i686.rpm81f50fd64506025092260bca0785cbf2557977bd2b446d0f5868fb6916a0c73bsamba4-winbind-krb5-locator-4.2.10-15.el6.i686.rpmf9ecc52a17c105417cb8c41e45fb585a8bf3d1888c9a11cfb626485e4ecc2b2dsamba4-devel-4.2.10-15.el6.i686.rpmc53586437fd10c052ca45f3affe76266e6cedc218c8d769322184087de1fa8e5samba4-pidl-4.2.10-15.el6.i686.rpma78e311688ca714442488ee751f1c294fefd1c35aec4744136bfd6f03853137fsamba4-client-4.2.10-15.el6.i686.rpm73df029d8cada60ab50a55c578a926dd1ee3731c2e1494df02d0d4582df369afsamba4-dc-4.2.10-15.el6.i686.rpmb274f0773ba96eb1a9815093f3b7c911644a13f994afa3ed3483be3b99e75128samba4-winbind-4.2.10-15.el6.i686.rpmddadbe3759556a8b187edf3b71009b0ac312abc96f07fe3e0182cdd589d325c7SLSA-2018:1927-1Security Fix(es): * pcs: Debug parameter removal bypass, allowing information disclosure (CVE-2018-1086)moderateScientific Linux FermiScientific Linux Fermi 6pcs-0.9.155-3.el6.i686.rpmfc6fec09c87819ec6215d90a92fe5958bb39fdddf038cc25c98e3145228f545aSLSA-2018:1929-1Security Fix(es): * libvirt: Resource exhaustion via qemuMonitorIORead() method (CVE-2018-5748) * libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent (CVE-2018-1064)lowScientific Linux FermiScientific Linux Fermi 6libvirt-0.10.2-64.el6.i686.rpm38374c6e826f0499bf9f979349733133fcc4d73821eec8b326244a97c87eea4elibvirt-devel-0.10.2-64.el6.i686.rpm267f287954964264c2736ab4d4b8a78f812c05af4b3cfe3ca374f230bb0e225clibvirt-client-0.10.2-64.el6.i686.rpm49866f2a628c34692feb0d8a43aad8ccb92aa31fdc5b296ffabc73e4afe3e63alibvirt-python-0.10.2-64.el6.i686.rpm3c627eb84744d57e9028021db5eaee4d2777f3a6c15a097792cf66a7ea3293e0SLSA-2018:1932-1Security Fix(es): * zsh: Stack-based buffer overflow in gen_matches_files() at compctl.c (CVE-2018-1083) * zsh: buffer overflow when scanning very long directory paths for symbolic links (CVE-2014-10072) * zsh: buffer overrun in symlinks (CVE-2017-18206) * zsh: buffer overflow in utils.c:checkmailpath() can lead to local arbitrary code execution (CVE-2018-1100)moderateScientific Linux FermiScientific Linux Fermi 6zsh-4.3.11-8.el6.i686.rpmd8943ef934e6dca3e57cd3d4d9f60a64f99e47471ef0ec06ab05b5efb4b36e9azsh-html-4.3.11-8.el6.i686.rpm3363c7ea898b4fe67673c9274e213e4f56dbd74c56d059066905a7fec92b52d6SLSA-2018:2112-1This update upgrades Firefox to version 60.1.0 ESR. Many older firefox extensions must be updated to work with this new release. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 (CVE-2018-5188) * Mozilla: Buffer overflow using computed size of canvas element (CVE-2018-12359) * Mozilla: Use-after-free using focus() (CVE-2018-12360) * Mozilla: Media recorder segmentation fault when track type is changed during capture (CVE-2018-5156) * Skia: Heap buffer overflow rasterizing paths in SVG (CVE-2018-6126) * Mozilla: Integer overflow in SSSE3 scaler (CVE-2018-12362) * Mozilla: Use-after-free when appending DOM nodes (CVE-2018-12363) * Mozilla: CSRF attacks through 307 redirects and NPAPI plugins (CVE-2018-12364) * Mozilla: address bar username and password spoofing in reader mode (CVE-2017-7762) * Mozilla: Compromised IPC child process can list local filenames (CVE-2018-12365) * Mozilla: Invalid data handling during QCMS transformations (CVE-2018-12366)criticalScientific Linux FermiScientific Linux Fermi 6sl-indexhtml-6-10.sl6.noarch.rpm0f82668f4f3c98b676cee0160a8cc705afac62e804119a22f492639b351ae5e3firefox-60.1.0-5.el6.i686.rpm52352fe1da4c80f585189ac6340a75ddc8cda3cb01ccc5767690c8d1f93604c4SLSA-2018:2162-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639) Note: This is the qemu-kvm side of the CVE-2018-3639 mitigation. * QEMU: cirrus: OOB access when updating VGA display (CVE-2018-7858) * QEMU: vga: OOB read access during display update (CVE-2017-13672) * Qemu: Out-of-bounds read in vga_draw_text routine (CVE-2018-5683)importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.506.el6_10.1.i686.rpm7964eb4bc31a5a964a0865ace3f55d057945ca7432838fbf5302781b5504e147SLSA-2018:2164-1Security Fix(es): * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load & Store instructions (a commonly used performance optimization). It relies on the presence of a precisely-defined instruction sequence in the privileged code as well as the fact that memory read from address to which a recent memory write has occurred may see an older value and subsequently cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to read privileged memory by conducting targeted cache side-channel attacks. (CVE-2018-3639, x86 AMD) * kernel: Use-after-free vulnerability in mm/mempolicy.c:do_get_mempolicy function allows local denial of service or other unspecified impact (CVE-2018-10675) * Kernel: FPU state information leakage via lazy FPU restore (CVE-2018-3665) * kernel: error in exception handling leads to DoS (CVE-2018-8897 regression) (CVE-2018-10872) Bug Fix(es): * Previously, microcode updates on 32 and 64-bit AMD and Intel architectures were not synchronized. As a consequence, it was not possible to apply the microcode updates. This fix adds the synchronization to the microcode updates so that processors of the stated architectures receive updates at the same time. As a result, microcode updates are now synchronized.importantScientific Linux FermiScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-754.2.1.el6.noarch.rpmfdc54d149663e61aca9ddf3d71cc911c62f56856622efa647788d5344231de07perf-2.6.32-754.2.1.el6.i686.rpmfcb15fe4a498200f975029fd8890401061aa1cfbcc292b4c73e245736aa3b5b3kernel-headers-2.6.32-754.2.1.el6.i686.rpm6b7edbf8da19506399d69b2e7a1b6196be4bb11c609ff8bc58492078d9967ecekernel-debug-devel-2.6.32-754.2.1.el6.i686.rpm821b5d489d85af46b0385712904182a1012cdf892b079e77767c5c74150ea5adkernel-debug-2.6.32-754.2.1.el6.i686.rpm81fe8fc900be414caced241043c4ce8d4cf1283c8242f1e6618d0ab3de7d3251python-perf-2.6.32-754.2.1.el6.i686.rpma4d5ba0e43ca9db7ba6b85392788f473f0cd6285855f242decdd6a1879dfb464kernel-doc-2.6.32-754.2.1.el6.noarch.rpme29f995b78509d2d04f34728442ebb8c7ba9dc1f6a99b3c35086f2039082b75fkernel-devel-2.6.32-754.2.1.el6.i686.rpm6716fc6808e45137792c2a474c1fe304ba76b547665424e379c3eb92ced7871fkernel-2.6.32-754.2.1.el6.i686.rpmeaa748ffd16a65c4cd945ab45f6aa09e06244b3315a5114655e2c4c8eebf956bkernel-firmware-2.6.32-754.2.1.el6.noarch.rpm6f98f13f8960365ad13a81c46a408d7c40089e966c557c0ee8261ca2b27356e5SLSA-2018:2180-1Security Fix(es): * gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification (CVE-2018-12020)importantScientific Linux FermiScientific Linux Fermi 6gnupg2-2.0.14-9.el6_10.i686.rpmab713e68d1dc5bbed95843f8bdf414a31e3cfda4a706111f9efe93481b3219eagnupg2-smime-2.0.14-9.el6_10.i686.rpm65e9884996d2de4808ea5b85b1b2ed17361e2785ab11e9ae942581a6ec47d9d3SLSA-2018:2241-1Security Fix(es): * OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547) (CVE-2018-2952)moderateScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-demo-debug-1.8.0.181-3.b13.el6_10.i686.rpm7fc6d4e5df0de3d13a2d056b5d6481395b638b6cf9845a4b5dc78297ce2175bdjava-1.8.0-openjdk-javadoc-debug-1.8.0.181-3.b13.el6_10.noarch.rpm2691bd4f9a84b729590e87d8b2c30540cefefd7b7e41908a4abb1b2c9b2a5702java-1.8.0-openjdk-demo-1.8.0.181-3.b13.el6_10.i686.rpm3278a4573468a458a41401274b652b0816e571f87278e0169188ee31a8bde442java-1.8.0-openjdk-src-debug-1.8.0.181-3.b13.el6_10.i686.rpm049fe05cf6a232aeaabbf54732387da4e01c3842ff8ef60171e66b6fd554d042java-1.8.0-openjdk-debug-1.8.0.181-3.b13.el6_10.i686.rpma4db9ad2b549d666e8b03203b045f26021bce14f810f576e3d0a33d54c37e68bjava-1.8.0-openjdk-devel-debug-1.8.0.181-3.b13.el6_10.i686.rpm2012625afc27f05fce42afdfadaea8bb52e63d771fe618b4c4832e1ed2451bbejava-1.8.0-openjdk-headless-debug-1.8.0.181-3.b13.el6_10.i686.rpmfabba38e04fcf91464f296f4cdcee7cbf3fd1b81f1617f4a5ed565b27fa97841java-1.8.0-openjdk-1.8.0.181-3.b13.el6_10.i686.rpm6ad4b5b151ab7deccd5f67055b1f5ebe9c8f772b1aa99bd8ae06321c9808b734java-1.8.0-openjdk-headless-1.8.0.181-3.b13.el6_10.i686.rpm4c81cbd3d0adc142d29177b338ce13d7c597c6048f8c9bbb8b1d15e70f46ad0bjava-1.8.0-openjdk-devel-1.8.0.181-3.b13.el6_10.i686.rpm0298968352e5180b9ada35c7a1b8f806ca82f37cd8015f5b08c71f55ff09afb5java-1.8.0-openjdk-src-1.8.0.181-3.b13.el6_10.i686.rpmc2472e98bca1e3653fa7d128b1961e30282e3d5974e4288e153c1ecb2b64e13ejava-1.8.0-openjdk-javadoc-1.8.0.181-3.b13.el6_10.noarch.rpm62b560057b715e4ce12cf994734a899432bbc8cfc32a1f9f015c2c7777c38ad9SLSA-2018:2251-1This update upgrades Thunderbird to version 52.9.1. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 (CVE-2018-5188) * Mozilla: Buffer overflow using computed size of canvas element (CVE-2018-12359) * Mozilla: Use-after-free using focus() (CVE-2018-12360) * Mozilla: Integer overflow in SSSE3 scaler (CVE-2018-12362) * Mozilla: Use-after-free when appending DOM nodes (CVE-2018-12363) * Mozilla: CSRF attacks through 307 redirects and NPAPI plugins (CVE-2018-12364) * thunderbird: S/MIME and PGP decryption oracles can be built with HTML emails (CVE-2018-12372) * thunderbird: S/MIME plaintext can be leaked through HTML reply/forward (CVE-2018-12373) * Mozilla: Compromised IPC child process can list local filenames (CVE-2018-12365) * Mozilla: Invalid data handling during QCMS transformations (CVE-2018-12366) * thunderbird: Using form to exfiltrate encrypted mail part by pressing enter in form field (CVE-2018-12374)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-52.9.1-1.el6.i686.rpm9ff70a180e4178d9348d8abb9970e953c9cf4ff53773fcc4a7215c455765e8d5SLSA-2018:2283-1Security Fix(es): * OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547) (CVE-2018-2952)moderateScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.191-2.6.15.4.el6_10.i686.rpmf347fdf19cef4e14dceaaad0360d7fbca6e6db33e80efd529c14c2a1cc93be85java-1.7.0-openjdk-javadoc-1.7.0.191-2.6.15.4.el6_10.noarch.rpm1413de66858fffd7be69dd4f496177c1ee21b8875cc20df1bcf3a99c75a5c83ajava-1.7.0-openjdk-1.7.0.191-2.6.15.4.el6_10.i686.rpm4ff5d2e4d1290c3d8f66304dea20240712363cf0842b7795d54c90294db11f61java-1.7.0-openjdk-demo-1.7.0.191-2.6.15.4.el6_10.i686.rpm48f5af48c5381630e09350b844f7336d20f4e3a60902b99142a66280ef5495b7java-1.7.0-openjdk-src-1.7.0.191-2.6.15.4.el6_10.i686.rpm5efb45dd9343b65f2b96b3ec56a2036898d6b4328fd38884a1443d1a044cf4ccSLSA-2018:2284-1Security Fix(es): * yum-utils: reposync: improper path validation may lead to directory traversal (CVE-2018-10897)importantScientific Linux FermiScientific Linux Fermi 6yum-plugin-show-leaves-1.1.30-42.el6_10.noarch.rpm4d6e9b1612c1a8a46b4024fdcd055cd17c3f6b727989bdaadac1a36a3c877845yum-plugin-rpm-warm-cache-1.1.30-42.el6_10.noarch.rpm204c3746eeb040ef109e09b076d07100c42f458a7297faed226effda8e9b441fyum-plugin-tmprepo-1.1.30-42.el6_10.noarch.rpme99f7e126faa01a980cada21f07895e5bd5d33784469e6fe9cd34bbd9cd932e3yum-plugin-verify-1.1.30-42.el6_10.noarch.rpm3594f07f96de23e75358d99dbed6b8ca651c3a2b17e263b177713874665ca69ayum-utils-1.1.30-42.el6_10.noarch.rpm18964c5dd295e7517a568d1ace3e4b04e9ce7fbb6edff47875a516137ed1017fyum-plugin-post-transaction-actions-1.1.30-42.el6_10.noarch.rpm0021690dfd14c3f7467073e75a1f3a819e7096facd6e31d52bfc3745e91461fdyum-plugin-list-data-1.1.30-42.el6_10.noarch.rpmadc02f3944c0b94cd4d6aae3317cb6bc768e57377b127c3e925946c1e4e8025dyum-plugin-fastestmirror-1.1.30-42.el6_10.noarch.rpm6035740076674b34195a8a0b8541cf3d6a8d05bd3f3b091cbe5558d753c6041dyum-plugin-aliases-1.1.30-42.el6_10.noarch.rpm23c0431eb9c10d6232b1a1d403ef164c46e86591565c6d0bc69f07178dccb3f4yum-plugin-ovl-1.1.30-42.el6_10.noarch.rpm945e680bb51d2c9613a3fa5917bc23de86a5185b24ca1d192440577f7244aa0eyum-plugin-tsflags-1.1.30-42.el6_10.noarch.rpmd88ad93aa065d7d0801b05d47667a6480a02b8150babb245d2d81276aeea1bf1yum-plugin-local-1.1.30-42.el6_10.noarch.rpm5438236b802e01a19009fc09e8fca032e8c18fbabfd5ec531e95f844360fc301yum-plugin-remove-with-leaves-1.1.30-42.el6_10.noarch.rpm8445db17196626778735605a35ad2feaead7a76acef3f5d118bae40fde566dceyum-plugin-fs-snapshot-1.1.30-42.el6_10.noarch.rpmca64823750caeae7b80c25c339523a3cea8884fadb895d717888be1ef731bde9yum-NetworkManager-dispatcher-1.1.30-42.el6_10.noarch.rpmab14ca9d1d021286724d0690feb09a42d10824510d27e1c3b9956189739b8f37yum-plugin-security-1.1.30-42.el6_10.noarch.rpm536069961e8b456087d562ee5cd1ce95b948bd2194e8e27ee9b41a109941eb60yum-plugin-protectbase-1.1.30-42.el6_10.noarch.rpm840a8471f6157337b1eb3d5263f5c4723b189f56cdac886d5077775ba2b1dc76yum-plugin-auto-update-debug-info-1.1.30-42.el6_10.noarch.rpm461825b165262e31b7ac3cc738089bdf3b722fbea899e1350232cebb4fbea934yum-plugin-priorities-1.1.30-42.el6_10.noarch.rpm837d4a10ca94d64886123262f0b7f7d434ea42119c1203b2df0f8067ac0b81d6yum-plugin-ps-1.1.30-42.el6_10.noarch.rpm384f6815b3d7299017f9fcf07a7a6a96ffb18e66d414385548fc808342e0a472yum-plugin-changelog-1.1.30-42.el6_10.noarch.rpm88bdf6618ba1041b898fafd1a92a23dada85a1f912e211ac81f9ea983f2281f7yum-plugin-versionlock-1.1.30-42.el6_10.noarch.rpmd5c89381cb35629175ca08ae3d9967109f67d8ace618a63da20448aef577245eyum-updateonboot-1.1.30-42.el6_10.noarch.rpm744439503c7cdd6fabcba5c8b3659c211493fcdc37200d43a378eeb7da68511ayum-plugin-upgrade-helper-1.1.30-42.el6_10.noarch.rpm14eb4dcd3bfe045e929c6a10d1540acc1857b5c1bed834079683d13d021770c5yum-plugin-merge-conf-1.1.30-42.el6_10.noarch.rpm7df9ba9a494a6fe20519be5845cbd5d60d05276737171caaa1a95a92a50a360cyum-plugin-filter-data-1.1.30-42.el6_10.noarch.rpm20b47fc4d9cde1c35fdd3555b7cd4737fa865e9ad0f4edeb53a391c083c31f39yum-plugin-keys-1.1.30-42.el6_10.noarch.rpm76b09d70a6e94ca3d894d2f8c4c97eee95fe118df28fd9a5f9d0598c593ddb9dSLSA-2018:2308-1Security Fix(es): * openslp: Heap memory corruption in slpd/slpd_process.c allows denial of service or potentially code execution (CVE-2017-17833)importantScientific Linux FermiScientific Linux Fermi 6openslp-server-2.0.0-3.el6.i686.rpm930886e865d07615b0934dfe523e129c08910633616040c77b3060b82cd3dd57openslp-2.0.0-3.el6.i686.rpm1e9cc6032c5455e42fb331cee2d74c8c458b74194292f926bb5baf6173c15181openslp-devel-2.0.0-3.el6.i686.rpmcad2281b0054d0180d87e9187643325f0bd1bc8e5695dbb1281f25c01049dea2SLSA-2018:2390-1Security Fix(es): * Modern operating systems implement virtualization of physical memory to efficiently use available system resources and provide inter-domain protection through access control and isolation. The L1TF issue was found in the way the x86 microprocessor designs have implemented speculative execution of instructions (a commonly used performance optimisation) in combination with handling of page-faults caused by terminated virtual to physical address resolving process. As a result, an unprivileged attacker could use this flaw to read privileged memory of the kernel or other processes and/or cross guest/host boundaries to read host memory by conducting targeted cache side-channel attacks. (CVE-2018-3620, CVE-2018-3646) * An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions past bounds check. The flaw relies on the presence of a precisely-defined instruction sequence in the privileged code and the fact that memory writes occur to an address which depends on the untrusted value. Such writes cause an update into the microprocessor's data cache even for speculatively executed instructions that never actually commit (retire). As a result, an unprivileged attacker could use this flaw to influence speculative execution and/or read privileged memory by conducting targeted cache side- channel attacks. (CVE-2018-3693) * kernel: kvm: vmx: host GDT limit corruption (CVE-2018-10901) * kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation (CVE-2017-0861) * kernel: Use-after-free in snd_seq_ioctl_create_port() (CVE-2017-15265) * kernel: race condition in snd_seq_write() may lead to UAF or OOB-access (CVE-2018-7566) * kernel: Race condition in sound system can lead to denial of service (CVE-2018-1000004) Bug Fix(es): * The Least recently used (LRU) operations are batched by caching pages in per-cpu page vectors to prevent contention of the heavily used lru_lock spinlock. The page vectors can hold even the compound pages. Previously, the page vectors were cleared only if they were full. Subsequently, the amount of memory held in page vectors, which is not reclaimable, was sometimes too high. Consequently the page reclamation started the Out of Memory (OOM) killing processes. With this update, the underlying source code has been fixed to clear LRU page vectors each time when a compound page is added to them. As a result, OOM killing processes due to high amounts of memory held in page vectors no longer occur.importantScientific Linux FermiScientific Linux Fermi 6kernel-devel-2.6.32-754.3.5.el6.i686.rpmdf01c079bde8ad24c52c5f41b45355f8748f6cfb094867989cf915d806baf94fkernel-doc-2.6.32-754.3.5.el6.noarch.rpm2d1d37b8b04c2b61f0c281324a1443f485fb142c57e294571ba002db7dc579e2perf-2.6.32-754.3.5.el6.i686.rpm9a7a4ae39c32a707adeb0dba678febcc60b8dff5087aab7808cfd64a90903f81python-perf-2.6.32-754.3.5.el6.i686.rpm2a719bd9a8ce0886a9bb592323184abcda5b34168e6bbe65c598f586022bdcdfkernel-firmware-2.6.32-754.3.5.el6.noarch.rpmea0a5bf9299f4878da671349438e1e1bcc90eeb8e49a93994345b5e7a9add988kernel-debug-2.6.32-754.3.5.el6.i686.rpmc9f5b2b43d56725ddc8fb30fa2cd0d464a1fa9c9bd17f19a96bb26196f12a9e9kernel-abi-whitelists-2.6.32-754.3.5.el6.noarch.rpm3caaa45863cdd17ad054c15fe8bd32c7b1dae1a82bb3f7c7e95ec8ebc61b5e07kernel-debug-devel-2.6.32-754.3.5.el6.i686.rpm2645c0d03833a757032aaed00226b95613411d8e48bfb9ec0b169afde88e85e3kernel-2.6.32-754.3.5.el6.i686.rpm153895861d841ce1f6c1b08a31b88f320da6b124f7d282581a9c5662f61cf2a3kernel-headers-2.6.32-754.3.5.el6.i686.rpm821dd9df396184d8032980b2a33f6fdb8d69d4e46b6ebffde72e1e9679b9eb3fSLSA-2018:2526-1Security Fix(es): * mutt: Remote code injection vulnerability to an IMAP mailbox (CVE-2018-14354) * mutt: Remote Code Execution via backquote characters (CVE-2018-14357) * mutt: POP body caching path traversal vulnerability (CVE-2018-14362)importantScientific Linux FermiScientific Linux Fermi 6mutt-1.5.20-9.20091214hg736b6a.el6.i686.rpmb76f67314c3c2c9196470fce18312aa92c67ebfd27c901659808e637fb8f2d1aSLSA-2018:2571-1Security Fix(es): * bind: processing of certain records when "deny-answer-aliases" is in use may trigger an assert leading to a denial of service (CVE-2018-5740)importantScientific Linux FermiScientific Linux Fermi 6bind-sdb-9.8.2-0.68.rc1.el6_10.1.i686.rpm10bf6ccb00491852190c58295c9dc305d51b3558a6e4f1585aaa855827907fe4bind-chroot-9.8.2-0.68.rc1.el6_10.1.i686.rpm9838e53ccf22c9e2b3b076e727e7ec4778155d7aa39e86b9fc79dc4a55ba4882bind-libs-9.8.2-0.68.rc1.el6_10.1.i686.rpm20c898d58c1d3548fe3fc6e1401e5d3ed4354f0cbf1f8870afd6320fa8764562bind-devel-9.8.2-0.68.rc1.el6_10.1.i686.rpm8ce80c47c82c6fce7ca1492c1d901606ed4384cfc5a4e446e86ab5d2c4a60c55bind-utils-9.8.2-0.68.rc1.el6_10.1.i686.rpm9d11b9ff6aea9a31f5118a4d9e22904c3f5026b1a19b4853bb080a5f1c3a7ecbbind-9.8.2-0.68.rc1.el6_10.1.i686.rpmf1d9c5871f7d44dc5ce5253be2fa4c9b2d60fc14b1b9f48e6386d573baba3f3eSLSA-2018:2693-1This update upgrades Firefox to version 60.2.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2 (CVE-2018-12376) * Mozilla: Use-after-free in driver timers (CVE-2018-12377) * Mozilla: Use-after-free in IndexedDB (CVE-2018-12378) * Mozilla: Proxy bypass using automount and autofs (CVE-2017-16541) * Mozilla: Out-of-bounds write with malicious MAR file (CVE-2018-12379)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.2.0-1.el6.i686.rpmfc7e928e9c453e79c09e798b2caac48e04658f30ce9e92dbf677d37f223b5b1fSLSA-2018:2732-1The spice-gtk packages provide a GIMP Toolkit (GTK+) widget for Simple Protocol for Independent Computing Environments (SPICE) clients. Both Virtual Machine Manager and Virtual Machine Viewer can make use of this widget to access virtual machines using the SPICE protocol. Security Fix(es): * spice: Missing check in demarshal.py:write_validate_array_item() allows for buffer overflow and denial of service (CVE-2018-10873) This issue was discovered by Frediano Ziglio (Red Hat).importantScientific Linux FermiScientific Linux Fermi 6spice-gtk-python-0.26-8.el6_10.1.i686.rpmfb9458c880bb1ff5049d72dfc26ab3e9f939ffa6d9eac264272a11e6ccc57f87spice-gtk-0.26-8.el6_10.1.i686.rpmf498ddff72f578e1f08d7f17a2920c61e628788b155890025e873091d083dbc4spice-glib-0.26-8.el6_10.1.i686.rpm11d26abf0cf2fb5589e1ee5a6a30d906ddfb559245e27792ac88a0f2852f7b7cspice-glib-devel-0.26-8.el6_10.1.i686.rpmd4c82853d9281db4f2e00e222c7ca23abe1d6f6ddee41ebc8b7280fa40ec3f10spice-gtk-tools-0.26-8.el6_10.1.i686.rpm7cd694edfa1e25ee8adfead3b9b27d0a46db74d379c7e045a27219c2fb76d1efspice-gtk-devel-0.26-8.el6_10.1.i686.rpm25694d9d13130b79f690f404deb9fdcedf976d0fea0735640398901b93ad8055SLSA-2018:2737-1Security Fix(es): * mod_perl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess (CVE-2011-2767)importantScientific Linux FermiScientific Linux Fermi 6mod_perl-devel-2.0.4-12.el6_10.i686.rpm998c1f690955ed5f658eff6d8d2da9c4b49b1684ca58a4096641a1bd30c920e7mod_perl-2.0.4-12.el6_10.i686.rpmb334f26ff0aac0d01ce66ce90e5b0a1636db50305012b734231e8878e4aef81bSLSA-2018:2834-1This update upgrades Firefox to version 60.2.1 ESR. Security Fix(es): * Mozilla: Crash in TransportSecurityInfo due to cached data (CVE-2018-12385) * Mozilla: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords (CVE-2018-12383)moderateScientific Linux FermiScientific Linux Fermi 6firefox-60.2.1-1.el6.i686.rpm5a70c501ef2c715ba42dfd476980bd937d8ed361b3bf82350ec58c9dae40c048SLSA-2018:2846-1Security Fix(es): * A flaw named FragmentSmack was found in the way the Linux kernel handled reassembly of fragmented IPv4 and IPv6 packets. A remote attacker could use this flaw to trigger time and calculation expensive fragment reassembly algorithm by sending specially crafted packets which could lead to a CPU saturation and hence a denial of service on the system. (CVE-2018-5391) * kernel: Integer overflow in Linux's create_elf_tables function (CVE-2018-14634)importantScientific Linux FermiScientific Linux Fermi 6kernel-2.6.32-754.6.3.el6.i686.rpm88acfa93e0371f194ad57716941e182af516c64d080639e8d3016fc3b4b98698kernel-doc-2.6.32-754.6.3.el6.noarch.rpm182217b470b386612c394ee7b2a7a50a8431b8d552728b89ad0ae1bcd7d7d2e2python-perf-2.6.32-754.6.3.el6.i686.rpm51a8dcbb87b40291b673491b23450c083842b035c5b5c10de12596a657d61ad5kernel-headers-2.6.32-754.6.3.el6.i686.rpm4ee79d035b77fdb76acb748837aeec3d33c0484a1ba91834ea234c932cae5339kernel-devel-2.6.32-754.6.3.el6.i686.rpma1159d9d6ae77eae110c907c34f5dc25f97cb4c2599097ab4e6020db0857359ckernel-abi-whitelists-2.6.32-754.6.3.el6.noarch.rpm5587939ade25cd387c7990abf181594c3f39b44be7e296cb0ec1a216d2b7ae6aperf-2.6.32-754.6.3.el6.i686.rpm74e3ce08137d5db72126bbea58e357459d166d77d9748665eaef0f351ede28abkernel-firmware-2.6.32-754.6.3.el6.noarch.rpme05690d00b11e3e32c33a30a04d257becd8c0c616f57233eb27840f3ae8b02fbkernel-debug-devel-2.6.32-754.6.3.el6.i686.rpm112065ba5c38cd113c9e5bbadccb95de839b11f00317bfa78039cb2bbc088c62kernel-debug-2.6.32-754.6.3.el6.i686.rpm7ca5bcfdbad86e7d5db92258ef0b51d4bb42ea2a93fa2ccaaa2cc30433f9ced8SLSA-2018:2881-1This update upgrades Firefox to version 60.2.2 ESR. Security Fix(es): * Mozilla: type confusion in JavaScript (CVE-2018-12386) * Mozilla: stack out-of-bounds read in Array.prototype.push (CVE-2018-12387)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.2.2-1.el6.i686.rpm1411366e742c9d32691a57851fac7eae3416623c65060256b2215f43fb56eb78SLSA-2018:2898-1Security Fix(es): * nss: ServerHello.random is all zeros when handling a v2-compatible ClientHello (CVE-2018-12384)moderateScientific Linux FermiScientific Linux Fermi 6nss-pkcs11-devel-3.36.0-9.el6_10.i686.rpm3955ebf933c501f7a77618de261c00ee4bff49630be140505a1914ab5cd7f869nss-3.36.0-9.el6_10.i686.rpm7653e2279deb2dca7db6a62952c1008fc94f45b10823b0f4f645c6b986e62d97nss-sysinit-3.36.0-9.el6_10.i686.rpm815ebece774b416cc306cb60fadc77b659a0925658e1cc2ce47b4e5927b8be02nss-tools-3.36.0-9.el6_10.i686.rpm908e36daccc04e1b280bc0f9532156d97d10ef7bb960731fc8a1ded586c1168enss-devel-3.36.0-9.el6_10.i686.rpm8a0df9c1531aeccfb5512a9380b92512e4d267f4af0f49e87015027b9b928758SLSA-2018:2943-1Security Fix(es): * OpenJDK: Improper field access checks (Hotspot, 8199226) (CVE-2018-3169) * OpenJDK: Unrestricted access to scripting engine (Scripting, 8202936) (CVE-2018-3183) * OpenJDK: Incomplete enforcement of the trustURLCodebase restriction (JNDI, 8199177) (CVE-2018-3149) * OpenJDK: Incorrect handling of unsigned attributes in singed Jar manifests (Security, 8194534) (CVE-2018-3136) * OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902) (CVE-2018-3139) * OpenJDK: Missing endpoint identification algorithm check during TLS session resumption (JSSE, 8202613) (CVE-2018-3180) * OpenJDK: Infinite loop in RIFF format reader (Sound, 8205361) (CVE-2018-3214)criticalScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-src-debug-1.8.0.191.b12-0.el6_10.i686.rpmefaf7715e0821de3511b7777b82a510b53a47ec331c37afe9ff86792372cc965java-1.8.0-openjdk-devel-1.8.0.191.b12-0.el6_10.i686.rpm597aa889fdddfe2c48d01fd0f2d0673c0b1224bffca90f1fa2a1b5d5630b6e62java-1.8.0-openjdk-demo-1.8.0.191.b12-0.el6_10.i686.rpm2d84dc79bfd28b6f891ac917457778101c44d7ba0c4f4d0abba57c9c2cee3f46java-1.8.0-openjdk-headless-debug-1.8.0.191.b12-0.el6_10.i686.rpm82026be6474351351fbb766636e9e068fa31c3815c5b12b4a957e9db8cdd30f1java-1.8.0-openjdk-headless-1.8.0.191.b12-0.el6_10.i686.rpmad37e112d8b13d34470ecf32c7767bb3ff36e53952b228a88197df953dfd52ffjava-1.8.0-openjdk-javadoc-1.8.0.191.b12-0.el6_10.noarch.rpm566d959d6cee7821f83f70b8c39d850d2dc7ebfd76093a0e00ce142ad8e84f30java-1.8.0-openjdk-devel-debug-1.8.0.191.b12-0.el6_10.i686.rpmff6c8c1a9dba4acb70bf25b42d15c7a36615e19c9b867fb8689a2cd7af5328ebjava-1.8.0-openjdk-debug-1.8.0.191.b12-0.el6_10.i686.rpm0d6efd201b1b74dd80ec7393d353dd36823de9e624c16c43810ea96b432352f9java-1.8.0-openjdk-demo-debug-1.8.0.191.b12-0.el6_10.i686.rpmf66a41193d7e4a48db2475e56fce460aa886efc1fa199ba10c6cd871d6fa4cb1java-1.8.0-openjdk-javadoc-debug-1.8.0.191.b12-0.el6_10.noarch.rpm2ae2e357f0531a5499a250c905ef5de7f8094c0ead035a35554848a7ba03369ejava-1.8.0-openjdk-1.8.0.191.b12-0.el6_10.i686.rpmd960a3879055fc526d2aa2d6c41dba5e825a7cc4f719220124f110cdf87ea423java-1.8.0-openjdk-src-1.8.0.191.b12-0.el6_10.i686.rpm14190693fc0ab42521366bee15e3e7de4f70d5fefdafd1f409a1a0de8a3b1738SLSA-2018:3006-1This update upgrades Firefox to version 60.3.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 (CVE-2018-12390) * Mozilla: Crash with nested event loops (CVE-2018-12392) * Mozilla: Integer overflow during Unicode conversion while loading JavaScript (CVE-2018-12393) * Mozilla: WebExtension bypass of domain restrictions through header rewriting (CVE-2018-12395) * Mozilla: WebExtension content scripts can execute in disallowed contexts (CVE-2018-12396) * Mozilla: WebExtension local file permission check bypass (CVE-2018-12397) * Mozilla: Memory safety bugs fixed in Firefox ESR 60.3 (CVE-2018-12389)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.3.0-1.el6.i686.rpmede778eb071ce9650c5042c641e0759b5d32660591eb490b128a86fe88ee6db8SLSA-2018:3403-1This update upgrades Thunderbird to version 60.2.1. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2 (CVE-2018-12376) * Mozilla: Use-after-free in driver timers (CVE-2018-12377) * Mozilla: Use-after-free in IndexedDB (CVE-2018-12378) * Mozilla: Proxy bypass using automount and autofs (CVE-2017-16541) * Mozilla: Out-of-bounds write with malicious MAR file (CVE-2018-12379) * Mozilla: Crash in TransportSecurityInfo due to cached data (CVE-2018-12385) * Mozilla: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords (CVE-2018-12383) Note: All of the above issues cannot be exploited in Thunderbird by a specially crafted HTML mail, as JavaScript is disabled for mail messages and cannot be enabled. They could be exploited another way in Thunderbird, for example, when viewing the remote content of an RSS feed.importantScientific Linux FermiScientific Linux Fermi 6thunderbird-60.2.1-5.el6.i686.rpm8aec597938c0b09a15aefb9276d545ad78529d53e14491607d4d3ca2f548da4aSLSA-2018:3406-1Security Fix(es): * python-paramiko: Authentication bypass in auth_handler.py (CVE-2018-1000805)criticalScientific Linux FermiScientific Linux Fermi 6python-paramiko-1.7.5-5.el6_10.noarch.rpm2e9f7c86a90e9f28294513a3fd9189703ff0597aa1014af580528606a2938f30SLSA-2018:3409-1Security Fix(es): * OpenJDK: Improper field access checks (Hotspot, 8199226) (CVE-2018-3169) * OpenJDK: Incomplete enforcement of the trustURLCodebase restriction (JNDI, 8199177) (CVE-2018-3149) * OpenJDK: Incorrect handling of unsigned attributes in signed Jar manifests (Security, 8194534) (CVE-2018-3136) * OpenJDK: Leak of sensitive header data via HTTP redirect (Networking, 8196902) (CVE-2018-3139) * OpenJDK: Missing endpoint identification algorithm check during TLS session resumption (JSSE, 8202613) (CVE-2018-3180) * OpenJDK: Infinite loop in RIFF format reader (Sound, 8205361) (CVE-2018-3214)importantScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-src-1.7.0.201-2.6.16.0.el6_10.i686.rpm2023cae8abc619369126ae22052a08f967c630f8056b492b8a34d9f2951c8cffjava-1.7.0-openjdk-devel-1.7.0.201-2.6.16.0.el6_10.i686.rpm1e46c05eab97512f40f138c296c916db29e0f0071b56d2693c76a8f6e1eca80djava-1.7.0-openjdk-javadoc-1.7.0.201-2.6.16.0.el6_10.noarch.rpm3a7a1024d765008366cde1ecbd58089d9d79f3bbe478ee161bf79d239f7f0cd4java-1.7.0-openjdk-demo-1.7.0.201-2.6.16.0.el6_10.i686.rpmc4a07d817a7d4b11154163d727267be47760ceede25d0c995aa9a7adc4e6c1c7java-1.7.0-openjdk-1.7.0.201-2.6.16.0.el6_10.i686.rpm82348ed91dc5f19783a498db48562486c3277492e2dc36d673c8a2da054ab146SLSA-2018:3531-1This update upgrades Thunderbird to version 60.3.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3 (CVE-2018-12390) * Mozilla: Crash with nested event loops (CVE-2018-12392) * Mozilla: Integer overflow during Unicode conversion while loading JavaScript (CVE-2018-12393) * Mozilla: Memory safety bugs fixed in Firefox ESR 60.3 (CVE-2018-12389)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-60.3.0-1.el6.i686.rpm2af08ab2baf1d50c7b58c959a2707d6b5b065095221f6d14e82dc29b77e54a6eSLSA-2018:3760-1Security Fix(es): * It was discovered that the ghostscript /invalidaccess checks fail under certain conditions. An attacker could possibly exploit this to bypass the - -dSAFER protection and, for example, execute arbitrary shell commands via a specially crafted PostScript document. (CVE-2018-16509)importantScientific Linux FermiScientific Linux Fermi 6ghostscript-devel-8.70-24.el6_10.2.i686.rpme6d50f05d18c2768306b1daa02c4639bff52828e0954b9b359d92e8aa0771390ghostscript-doc-8.70-24.el6_10.2.i686.rpmd6623d1e910f45b12d6902219879510e051c9660047ec6cff202617c0b3f249bghostscript-8.70-24.el6_10.2.i686.rpm19129067bd969ead4890e0d7385f09a971b91ca103df9f06c6250cfe105a0347ghostscript-gtk-8.70-24.el6_10.2.i686.rpm134e29149791bc6fb66574cdc78f2d63e2ecbc3fe9eee0eb2cc6d946809485deSLSA-2018:3831-1This update upgrades Firefox to version 60.4.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 (CVE-2018-12405) * Mozilla: Memory corruption in Angle (CVE-2018-17466) * Mozilla: Use-after-free with select element (CVE-2018-18492) * Mozilla: Buffer overflow in accelerated 2D canvas with Skia (CVE-2018-18493) * Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs (CVE-2018-18494) * Mozilla: Integer overflow when calculating buffer sizes for images (CVE-2018-18498)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.4.0-1.el6.i686.rpm7e6a8856fa03774af2ede19dbb0e0e2ca404150ac76ce5cfec37b42bd0131003SLSA-2018:3854-1Security Fix(es): * ntp: Stack-based buffer overflow in ntpq and ntpdc allows denial of service or code execution (CVE-2018-12327)lowScientific Linux FermiScientific Linux Fermi 6ntpdate-4.2.6p5-15.el6_10.i686.rpmbc587e7aa78df780bfa5b22db3f9d7cca44f32a0c69ff2f85888c74c8d41e769ntp-4.2.6p5-15.el6_10.i686.rpmd37d700d7f1fff5e1300f7b946324ae7754e5dd5909464cc89b9958e839b08e1ntp-doc-4.2.6p5-15.el6_10.noarch.rpmc82ee0772e881ec69ac19e51fb9e2360f223af9f4237a25309f13eed8ffae94dntp-perl-4.2.6p5-15.el6_10.i686.rpmba40c03eac5d98f0ab17d80289204015e238f6adaea1da94c1eb8b3d39afeba5SLSA-2019:0159-1This update upgrades Thunderbird to version 60.4.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4 (CVE-2018-12405) * chromium-browser, firefox: Memory corruption in Angle (CVE-2018-17466) * Mozilla: Use-after-free with select element (CVE-2018-18492) * Mozilla: Buffer overflow in accelerated 2D canvas with Skia (CVE-2018-18493) * Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs (CVE-2018-18494) * Mozilla: Integer overflow when calculating buffer sizes for images (CVE-2018-18498)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-60.4.0-1.el6.i686.rpmb7ad2f390828354c97a2d2d17fcb4cc5043ebf4639f48bd6764a5783502b9a43SLSA-2019:0218-1This update upgrades Firefox to version 60.5.0 ESR. Security Fix(es): * Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500) * Mozilla: Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5 (CVE-2018-18501) * Mozilla: Privilege escalation through IPC channel messages (CVE-2018-18505)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.5.0-2.el6.i686.rpmc249145e8254b9f684b3ad1c923e23d371deb91ce64390a5a4a8a73a997c30e6SLSA-2019:0269-1This update upgrades Thunderbird to version 60.5.0. Security Fix(es): * Mozilla: Use-after-free parsing HTML5 stream (CVE-2018-18500) * Mozilla: Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5 (CVE-2018-18501) * Mozilla: Privilege escalation through IPC channel messages (CVE-2018-18505) * libical: Multiple use-after-free vulnerabilities (CVE-2016-5824)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-60.5.0-1.el6_10.i686.rpm7d9fc59db28172c2a1a0d7ca5349ab4889280b7ff13af392a17da772ad6e24f4SLSA-2019:0373-1This update upgrades Firefox to version 60.5.1 ESR. Security Fix(es): * chromium-browser, mozilla: Use after free in Skia (CVE-2018-18356) * mozilla: Integer overflow in Skia (CVE-2019-5785)importantScientific Linux FermiScientific Linux Fermi 6firefox-60.5.1-1.el6_10.i686.rpm8bfd2157ce8a1ab01f51be795ec16e763cf09b3b56142705e67cf0ddd0a01d9cSLSA-2019:0415-1Security Fix(es): * kernel: MIDI driver race condition leads to a double-free (CVE-2018-10902) Bug Fix(es): * Previously backported upstream patch caused a change in the behavior of page fault handler. As a consequence, applications compiled through GNU Compiler Collection (GCC) version 4.4.7 sometimes generated stack access exceeding the 64K limit. Running such applications subsequently triggered a segmentation fault. With this update, the 64k limit check in the page fault handler has been removed. As a result, running the affected applications no longer triggers the segmentation fault in the described scenario. Note that removing the limit check does not impact the integrity of the kernel itself.importantScientific Linux FermiScientific Linux Fermi 6kernel-debug-2.6.32-754.11.1.el6.i686.rpmeb63e3cc4cd66e54c180428585458c372ac247eb03e09541d12c78ec19f81bdfkernel-abi-whitelists-2.6.32-754.11.1.el6.noarch.rpm6da6a9ef8b3191e30759860513dca99e2fc644f59c9afd6027e603e4aa905583perf-2.6.32-754.11.1.el6.i686.rpm29dc90e7e071a624e7cd1ef43735c6e34b95887e29393b26cd872d3316f9cd9fkernel-doc-2.6.32-754.11.1.el6.noarch.rpmd9cd89b5755552488aa295527afcdfafb0f25d456b87a9200463a95bb864aa91kernel-devel-2.6.32-754.11.1.el6.i686.rpmf28e1d1e55d2b0ceb47689df0730f6118c65b9e29394e8a2976f80bfeebb6338kernel-headers-2.6.32-754.11.1.el6.i686.rpm57740db1a992a228a929a27f0dca0c7ce3d6979c2783b5ad681c55feb738cbe8kernel-debug-devel-2.6.32-754.11.1.el6.i686.rpmda396184e8a0aedfc08fe4f9243afaea08ad5f54c1660dee3a073b6492166704python-perf-2.6.32-754.11.1.el6.i686.rpmdd5e479a997b99cf4bd7a0a529c0a30647c0ddffb4ca262ec4813b5411aaedcekernel-2.6.32-754.11.1.el6.i686.rpm25506f3d6fe7b7ddeadee6e2d819f2d73e6bbe46ca2c638e87073719aeccc664kernel-firmware-2.6.32-754.11.1.el6.noarch.rpm80afe0e5dbe79721c10b46ba211e4b4738b6af7cbe3834fff0f9ab456f91d044SLSA-2019:0416-1Security Fix(es): * OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422)moderateScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-demo-debug-1.8.0.201.b09-1.el6_10.i686.rpma9a7477383d76ad09c090bbc8466f74832993ac3de518f5adb11f82e13a04348java-1.8.0-openjdk-devel-debug-1.8.0.201.b09-1.el6_10.i686.rpm72f9a9a48e0716b5b45b279e0eabe99e480f064cf6a31a63e0f7107cb5f9fda6java-1.8.0-openjdk-javadoc-1.8.0.201.b09-1.el6_10.noarch.rpmb8a63a9bfb16fdf95ea239b84718079685034acb094344208834a3920928c079java-1.8.0-openjdk-headless-1.8.0.201.b09-1.el6_10.i686.rpmeffba4f2e783adb9ea01cb3905a9c27927d11337b86acefda346fc697ef18936java-1.8.0-openjdk-src-debug-1.8.0.201.b09-1.el6_10.i686.rpm4914ad0080e56778664b012107451e6c3f3830791073ee4d9b239a7236b57143java-1.8.0-openjdk-javadoc-debug-1.8.0.201.b09-1.el6_10.noarch.rpm686fe9f40b9b7974ae00e73a7f9a08dcb962961d815734f2567ccf87889d0018java-1.8.0-openjdk-src-1.8.0.201.b09-1.el6_10.i686.rpm2a9cac425f68d951b17a56d9ea9bf9cc718b9f9f864f51d1b00ceea86132be13java-1.8.0-openjdk-headless-debug-1.8.0.201.b09-1.el6_10.i686.rpm9c76abb89a3863d4faa65c06f42cafdc7d3f6fcdb86451890bf452bc9a40ca69java-1.8.0-openjdk-1.8.0.201.b09-1.el6_10.i686.rpm6f7232080a975cc500633d4c6ea9c7c388fd56270190a9fca05f9d741579e93bjava-1.8.0-openjdk-devel-1.8.0.201.b09-1.el6_10.i686.rpmd78834b06e5b1486eb894d0e284a2263038e686810c1d8e22e5f109b6bd302d5java-1.8.0-openjdk-demo-1.8.0.201.b09-1.el6_10.i686.rpm4da90a03f97d920766257b1c83ab2a37bc733435294edee44a12c735c7c3ae28java-1.8.0-openjdk-debug-1.8.0.201.b09-1.el6_10.i686.rpmd672da50aee63b45d677a7829bc42b3950feccf17722d93567f0234e4426e9ecSLSA-2019:0420-1Security Fix(es): * polkit: Temporary auth hijacking via PID reuse and non-atomic fork (CVE-2019-6133)importantScientific Linux FermiScientific Linux Fermi 6polkit-devel-0.96-11.el6_10.1.i686.rpmed349855c2dc321bc9394ddfa3a5ddfeb4d32ec04c6cbcd0f0e7e8eae36575e7polkit-0.96-11.el6_10.1.i686.rpm569f6e45bd66cc5d945a5dca4b8fcfff70032e44c7a937a416fe38d2778e7141polkit-desktop-policy-0.96-11.el6_10.1.noarch.rpm509556641a226de36aa3bd79158e79e8e14588a42a5c568566c0b959785fb2d4polkit-docs-0.96-11.el6_10.1.i686.rpme1bd35af79bcdbb4a99ca5495255fbd38190daf6754cb4b771899e410c3842c8SLSA-2019:0462-1Security Fix(es): * OpenJDK: memory disclosure in FileChannelImpl (Libraries, 8206290) (CVE-2019-2422)moderateScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-1.7.0.211-2.6.17.1.el6_10.i686.rpm613354b149b68e9aa5cfe4b84163c02d27f0412e86f0305b6369b7ef3eed74aajava-1.7.0-openjdk-devel-1.7.0.211-2.6.17.1.el6_10.i686.rpm44b13aec0af6fc44e7fc8e98b705592165c7327f821714ceb19e8cbe68012f19java-1.7.0-openjdk-src-1.7.0.211-2.6.17.1.el6_10.i686.rpm4f27be557451956eb552fb98706203f7f2d83aaa65077758aa030bb5900d7febjava-1.7.0-openjdk-javadoc-1.7.0.211-2.6.17.1.el6_10.noarch.rpm0d7fc07ee894fd26c35ae8e74cc26708df8cf01a326b86efd7806193b8a60f67java-1.7.0-openjdk-demo-1.7.0.211-2.6.17.1.el6_10.i686.rpm0c37435953b36a7859ec2f38e034c2708730bd19a18007ba2bd04e4798596dc8SLSA-2019:0623-1This update upgrades Firefox to version 60.6.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788) * Mozilla: Use-after-free when removing in-use DOM elements (CVE-2019-9790) * Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey (CVE-2019-9791) * Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script (CVE-2019-9792) * Mozilla: Improper bounds checks when Spectre mitigations are disabled (CVE-2019-9793) * Mozilla: Type-confusion in IonMonkey JIT compiler (CVE-2019-9795) * Mozilla: Use-after-free with SMIL animation controller (CVE-2019-9796) * Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied (CVE-2018-18506)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.6.0-3.el6_10.i686.rpm6e7308e77335ae44c84d98147143d202fbfcffadbfa662aed531acf62f0f4db3SLSA-2019:0672-1This update upgrades Firefox to version 60.6.1 ESR. Security Fix(es): * Mozilla: IonMonkey MArraySlice has incorrect alias information (CVE-2019-9810) * Mozilla: Ionmonkey type confusion with __proto__ mutations (CVE-2019-9813)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.6.1-1.el6_10.i686.rpm34a5d43d2f9fd082108b1f6e5494390bae27763b4bf1d27300d81a43265e5736SLSA-2019:0680-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6 (CVE-2019-9788) * Mozilla: Use-after-free when removing in-use DOM elements (CVE-2019-9790) * Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey (CVE-2019-9791) * Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script (CVE-2019-9792) * Mozilla: IonMonkey MArraySlice has incorrect alias information (CVE-2019-9810) * Mozilla: Ionmonkey type confusion with __proto__ mutations (CVE-2019-9813) * Mozilla: Improper bounds checks when Spectre mitigations are disabled (CVE-2019-9793) * Mozilla: Type-confusion in IonMonkey JIT compiler (CVE-2019-9795) * Mozilla: Use-after-free with SMIL animation controller (CVE-2019-9796) * Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied (CVE-2018-18506)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-60.6.1-1.el6_10.i686.rpm953972d870394e5149ca8a39e4d09b097f62a3b32c3f79eb196320061e925d23SLSA-2019:0711-1Security Fix(es): * openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473)lowScientific Linux FermiScientific Linux Fermi 6pam_ssh_agent_auth-0.9.3-124.el6_10.i686.rpmc5a4a171ed4c435001e686aa8986e8d9609c60c7e898524a2431e16b735a730dopenssh-5.3p1-124.el6_10.i686.rpmd8dba83443b4ee665dcf85dbe5d05568ac3f6aa448017ccac834a6a7c7f152d0openssh-askpass-5.3p1-124.el6_10.i686.rpmd2e12b7b43ea7f6f990f8b78cb1fd23fbb8b220c68ebd617fc9b2b191576f40copenssh-ldap-5.3p1-124.el6_10.i686.rpmc708206b081f1b3916fa432b951d5e06c6c5731c94f57330fd4ac0620cacf2caopenssh-clients-5.3p1-124.el6_10.i686.rpma55495d6c00cf449108441be51f1415892a817c0b53a909da543a634e6d79d49openssh-server-5.3p1-124.el6_10.i686.rpmb48d7d7bcbf1b91d4936846776ea0e064b8685103a0c595fa08e561dc00504e3SLSA-2019:0717-1Security Fix(es): * kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members (CVE-2018-13405)importantScientific Linux FermiScientific Linux Fermi 6kernel-debug-2.6.32-754.12.1.el6.i686.rpm729005bff510f516777cd403d1c2e6bd47c2a8d81528ea5d939d2e65c32ec649kernel-debug-devel-2.6.32-754.12.1.el6.i686.rpm32dc06f0f09f8fc2ff4f92063a276c883c01d83a5b68f04c168d129cc9c82b0dkernel-headers-2.6.32-754.12.1.el6.i686.rpm31cef48ffa3fec6e9b5ac51d540fe609b8c3a5e4f59487e201eb486f810415e2kernel-firmware-2.6.32-754.12.1.el6.noarch.rpmee86cd43a1dd0122b2e726d8fe7f004c17c33156993e7fbfdc95e5ab8c231ae5kernel-doc-2.6.32-754.12.1.el6.noarch.rpma06acfb19b7f582876446695b744f6f1921ef89a21033acd79d355a5bb3dfb63perf-2.6.32-754.12.1.el6.i686.rpmb78b97e83988e3e3d7d16c6e9018c7f020219d883288e599d8d9fb36a6f6149akernel-2.6.32-754.12.1.el6.i686.rpm57de82fde0224756dafa2f514069f616e5fb7e103513f88697ecc33f533044ebpython-perf-2.6.32-754.12.1.el6.i686.rpmf77f55fd2782dd240dd4fa082698f58d6cb0dbf0179fc4b4d3752dd0f5527e60kernel-devel-2.6.32-754.12.1.el6.i686.rpm00d46d8f37325bb1e5404b431b6900ea0aba79271a9e83027bbca4c68374c425kernel-abi-whitelists-2.6.32-754.12.1.el6.noarch.rpmdc23144ede380cce63aac7b9a4e1d2d003a6a4461db292ec0e27b80cec4ea6f4SLSA-2019:0774-1Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) (CVE-2019-2684) Bug Fix(es): * assert failure in coalesce.cpp: attempted to spill a non-spillable itemimportantScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-demo-1.8.0.212.b04-0.el6_10.i686.rpm1b0408e9c4c2c179f71622d939235acefed4efc280007708f98d8fede9a3cda5java-1.8.0-openjdk-src-1.8.0.212.b04-0.el6_10.i686.rpm04592ce61b4d667a7d937915af9ab04f4cd4ac1c07c0c12d334ae5f521f095d5java-1.8.0-openjdk-debug-1.8.0.212.b04-0.el6_10.i686.rpmff3f57c38cdfa99a6f5250e0bc204f54bdb7eb3f13ee3f0e5d3a9f208efdeee0java-1.8.0-openjdk-devel-debug-1.8.0.212.b04-0.el6_10.i686.rpm887a20657bf7b75edb423b9272b0f7f8e11839f9a1d938dcb0d5c4e33c027a85java-1.8.0-openjdk-javadoc-1.8.0.212.b04-0.el6_10.noarch.rpmb9e34add24aa6012a59e8fa5445fc73fb62574efe902c3f2be44db65af51e39djava-1.8.0-openjdk-headless-1.8.0.212.b04-0.el6_10.i686.rpme2c455f18289c7bb1bdadd4c14ed8a8cd732c7111169a0c2ccc7d38d9c04a4e8java-1.8.0-openjdk-src-debug-1.8.0.212.b04-0.el6_10.i686.rpmbb61da9e2afced3e1ce384f1c7d5bf266051ce0f2deb5fa9e17d6894e8a16e37java-1.8.0-openjdk-javadoc-debug-1.8.0.212.b04-0.el6_10.noarch.rpmce2c81654331538cd7001842aebb8e0511f3ba871ed7ed27f3e4533510f652ebjava-1.8.0-openjdk-devel-1.8.0.212.b04-0.el6_10.i686.rpmc8f1c52c412115cba9eacb38445f22e10a25107a96c04bf85377d95a4c8a9347java-1.8.0-openjdk-headless-debug-1.8.0.212.b04-0.el6_10.i686.rpm301a8eacb6c2db51ac90354cbe4535ab9f69715acf93a7dd414dc2fbcadfeab3java-1.8.0-openjdk-1.8.0.212.b04-0.el6_10.i686.rpm23ff2c4076e5012c65e1b342a4dbab9cf0b337cb3f7023f6ed723a4979f6f76djava-1.8.0-openjdk-demo-debug-1.8.0.212.b04-0.el6_10.i686.rpmc1fd6528591bac578a94b60ec49fbd9025a9955c0667cea8b806c49deea358d2SLSA-2019:0790-1Security Fix(es): * OpenJDK: Font layout engine out of bounds access setCurrGlyphID() (2D, 8219022) (CVE-2019-2698) * OpenJDK: Slow conversion of BigDecimal to long (Libraries, 8211936) (CVE-2019-2602) * OpenJDK: Incorrect skeleton selection in RMI registry server-side dispatch handling (RMI, 8218453) (CVE-2019-2684)importantScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-javadoc-1.7.0.221-2.6.18.0.el6_10.noarch.rpmf1a9617fd9bfb764a9f48d351d70fe472c97c42d4bca1f9708466c2fc5302605java-1.7.0-openjdk-1.7.0.221-2.6.18.0.el6_10.i686.rpma3a08f8835de724760d09325ca15e3dbe22935b5a798c5a50675d17cb5e251d7java-1.7.0-openjdk-src-1.7.0.221-2.6.18.0.el6_10.i686.rpm1b1a87d44481db1a881e66e46409a250883ab49e3a95fcfba94c55448794f776java-1.7.0-openjdk-devel-1.7.0.221-2.6.18.0.el6_10.i686.rpm1701547f1fa59ba1095077383400fb76932e4e7171a52c89f0d64509c0269664java-1.7.0-openjdk-demo-1.7.0.221-2.6.18.0.el6_10.i686.rpmc5bee6fe0823b638b5482764099d1d77e930ead6fbb1a042c7c5efda44db9c8eSLSA-2019:1169-1Security Fix(es): * A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130) * Modern Intel microprocessors implement hardware-level micro- optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126) * Microprocessors use a load port subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPUs pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2018-12127) * Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11091) Bug Fix(es): * aio O_DIRECT writes to non-page-aligned file locations on ext4 can result in the overlapped portion of the page containing zeros * Tolerate new s390x crypto hardware for migrationimportantScientific Linux FermitrueScientific Linux Fermi 6kernel-firmware-2.6.32-754.14.2.el6.noarch.rpm95f00d7149fadae050b00249aea12b631ec171ca2c0cc8bff24a315623a627b7kernel-doc-2.6.32-754.14.2.el6.noarch.rpm9195910ccd4222d609c3ba9b0408915876688f2649237f41161c9824a7484f72kernel-abi-whitelists-2.6.32-754.14.2.el6.noarch.rpm0bcc855f096a25fd1e07c9e070496a15965acc391856870436dc4d3c8d525960kernel-devel-2.6.32-754.14.2.el6.i686.rpm5609e5b3b5e22961a9e52c0a8d48282d84b4eb44b5c4d673404be438b87d1f1bpython-perf-2.6.32-754.14.2.el6.i686.rpm88398736335d20652c2af134e3c181b0d764f246c810ee1919796b333cb90998perf-2.6.32-754.14.2.el6.i686.rpmf35130477fd4406fcf226e89304de0954d1106b825eb1beb8b6ad4a93c00d98ckernel-debug-devel-2.6.32-754.14.2.el6.i686.rpm30029142d7213320a92ccf28d348669ded539d9a5e361c9ac95f4c8ab9f029f7kernel-debug-2.6.32-754.14.2.el6.i686.rpmcf1cf7ef98ffe519c9bbd2e37004a7d147fa7ee12f88f7e747be682a94d061cekernel-headers-2.6.32-754.14.2.el6.i686.rpm8b61f10871e91d7390655f1926dff845665fee45a8d0df23e6d26e4e6ee2db6akernel-2.6.32-754.14.2.el6.i686.rpmd5e78dddcd7abae8b30676c6f8295dbc3f5284243e4277727ac82715fa9525e8SLSA-2019:1180-1Security Fix(es): * A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130) * Modern Intel microprocessors implement hardware-level micro- optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126) * Microprocessors use a load port subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPUs pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2018-12127) * Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11091)importantScientific Linux FermiScientific Linux Fermi 6libvirt-devel-0.10.2-64.el6_10.1.i686.rpm52a0b76a3c42f4f89feb1774130ba9c24c1b2586d708e52f6e93c9b7544c8415libvirt-0.10.2-64.el6_10.1.i686.rpm34b79cd26626f3e461dc6c4b08b7202210ae939825000d6e948aa267bd7d9f2elibvirt-client-0.10.2-64.el6_10.1.i686.rpm2db665f301963c18e699bf6de58d71d46d9b58615941f95892aaffd80705d476libvirt-python-0.10.2-64.el6_10.1.i686.rpm1b4d46a1290302b3bfc3122abb47bf406192f4304a82bfc3ad5fcc92b95690b4SLSA-2019:1181-1Security Fix(es): * A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130) * Modern Intel microprocessors implement hardware-level micro- optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126) * Microprocessors use a load port subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPUs pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2018-12127) * Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. (CVE-2019-11091)importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.506.el6_10.3.i686.rpm57c128bd1b79e07752fbc5f94bbdfb5e0dc713c867abc2831569e0cf5e838aa6SLSA-2019:1267-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 (CVE-2019-9800) * Mozilla: Cross-origin theft of images with createImageBitmap (CVE-2019-9797) * Mozilla: Type confusion with object groups and UnboxedObjects (CVE-2019-9816) * Mozilla: Stealing of cross-domain images using canvas (CVE-2019-9817) * Mozilla: Compartment mismatch with fetch API (CVE-2019-9819) * Mozilla: Use-after-free of ChromeEventHandler by DocShell (CVE-2019-9820) * Mozilla: Use-after-free in XMLHttpRequest (CVE-2019-11691) * Mozilla: Use-after-free removing listeners in the event listener manager (CVE-2019-11692) * Mozilla: Buffer overflow in WebGL bufferdata on Linux (CVE-2019-11693) * mozilla: Cross-origin theft of images with ImageBitmapRenderingContext (CVE-2018-18511) * chromium-browser: Out of bounds read in Skia (CVE-2019-5798) * Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks (CVE-2019-11698) * libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.7.0-1.el6_10.i686.rpmf9b6070513611a29f87cbaee4f54f91eb13ca6ed35c086d2896078e056b46c0cSLSA-2019:1310-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7 (CVE-2019-9800) * Mozilla: Cross-origin theft of images with createImageBitmap (CVE-2019-9797) * Mozilla: Stealing of cross-domain images using canvas (CVE-2019-9817) * Mozilla: Compartment mismatch with fetch API (CVE-2019-9819) * Mozilla: Use-after-free of ChromeEventHandler by DocShell (CVE-2019-9820) * Mozilla: Use-after-free in XMLHttpRequest (CVE-2019-11691) * Mozilla: Use-after-free removing listeners in the event listener manager (CVE-2019-11692) * Mozilla: Buffer overflow in WebGL bufferdata on Linux (CVE-2019-11693) * mozilla: Cross-origin theft of images with ImageBitmapRenderingContext (CVE-2018-18511) * chromium-browser: Out of bounds read in Skia (CVE-2019-5798) * Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks (CVE-2019-11698) * libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-60.7.0-1.el6_10.i686.rpm9cb51ee1aa6e8d33d5673030813a1a2c0121cfef9f46a58b3f52da36d38991edSLSA-2019:1467-1Security Fix(es): * python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636)importantScientific Linux FermiScientific Linux Fermi 6python-test-2.6.6-68.el6_10.i686.rpmc4ad9f1f7b9fbd4964cdc3e02a6c44742e13bcb8e34c882a5b9c0a6c0fbdd31bpython-tools-2.6.6-68.el6_10.i686.rpmd5d6ed66f5e38435a798004235bc066793cb6d43a8496382f6adf0f9763c0ca8python-2.6.6-68.el6_10.i686.rpm2d4f74517c2184a4b67e00d75c93c273542f429a4658807dfec57f69c94cc6e3python-libs-2.6.6-68.el6_10.i686.rpm31002791d54f57f740486204cb5198c111cb893ba0b7745a995e32c48f59619fpython-devel-2.6.6-68.el6_10.i686.rpm72c2b019f40d91a9280ca52c10eac6fc8b2b6fd040e8e1c1b453f6bccccd530ctkinter-2.6.6-68.el6_10.i686.rpm719ce1438f433b68579f87f10c6915cf939f7108d6d627daa9a6192c1681ab7fSLSA-2019:1488-1Security Fix(es): * An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS). (CVE-2019-11477) * kernel: Double free in lib/idr.c (CVE-2019-3896) * Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service (CVE-2019-11478) * Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service (CVE-2019-11479) Bug Fix(es): * MDS mitigations not enabled on Intel Skylake CPUs * kernel does not disable SMT with mds=full,nosmt * md_clear flag missing from /proc/cpuinfoimportantScientific Linux FermiScientific Linux Fermi 6kernel-doc-2.6.32-754.15.3.el6.noarch.rpmebc1974ea07e5755fbff09deae0fe3511b2e96901867d6021b82e0570b3ca9a6kernel-abi-whitelists-2.6.32-754.15.3.el6.noarch.rpma6bd088a6af90b68ba2988cb9577c87fd8f3c8e70587cff1a947bd9cb463c346perf-2.6.32-754.15.3.el6.i686.rpmaf054ea9d64b3b00c7a35623a02e951a9728b2d9bb737645dd9377c1e4c7fc63kernel-debug-2.6.32-754.15.3.el6.i686.rpmdadf38121cdc4fa9a3489d3d76f2a40fc48860f3d86aa90e1dd49d2ae359757fkernel-2.6.32-754.15.3.el6.i686.rpm863d24ed6b451558984cf14b45a66e8439819f7818e9602508427a81fc082e38kernel-devel-2.6.32-754.15.3.el6.i686.rpm42ea1110ed43a94692e36c117cb598b23f116b990ec6250e7e802097135ab5f1python-perf-2.6.32-754.15.3.el6.i686.rpmf2da8fd66b5caeaed63d349a6176a786a7977133d95c8cc1291b040df30ef875kernel-headers-2.6.32-754.15.3.el6.i686.rpm81de310adf30f19bc6d5fd8e314a875e77e40cc49bd2822918ab7a66bf1abf52kernel-firmware-2.6.32-754.15.3.el6.noarch.rpm6881f3ef3f48f6dfea8966f8b9c718ae4977ad23147944724c96415ba17ac068kernel-debug-devel-2.6.32-754.15.3.el6.i686.rpmc2784c078288ec70c7e7c53b7e95b49e439fe6ab903231d09a223d345ed381c9SLSA-2019:1492-1Security Fix(es): * bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743)importantScientific Linux FermiScientific Linux Fermi 6bind-9.8.2-0.68.rc1.el6_10.3.i686.rpm833b9203744ae02487069fa0649a456afd5479af1f017f7bfed0b58c0a597804bind-sdb-9.8.2-0.68.rc1.el6_10.3.i686.rpmf5a58b71102f2753ed25149fc02a9c6a7b7387187eaa72678533f0c620cc8fe2bind-devel-9.8.2-0.68.rc1.el6_10.3.i686.rpm81e8d339af4aee612849cbe1a162857657db5094cbfd905e339d3b621f835caabind-utils-9.8.2-0.68.rc1.el6_10.3.i686.rpm2cf114459dbaed866608e20d5b24bd64a3a6066c6fc4df7a4bad2a0592ee4198bind-libs-9.8.2-0.68.rc1.el6_10.3.i686.rpmb2bc7d8dd364662b9c9ec772603791be17092ecb3bcbbba8dd4d3088a967c928bind-chroot-9.8.2-0.68.rc1.el6_10.3.i686.rpmebcfa1760d953ae5b07da9a0e14a25c2d2982c2640e9793a1113b11148342b2bSLSA-2019:1578-1Security Fix(es): * libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161) * libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166) * libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167) * libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168)moderateScientific Linux FermiScientific Linux Fermi 6libvirt-client-0.10.2-64.el6_10.2.i686.rpm615765410c7a433b2bcca369eb4185b0bcbca4778ab1cf17badd1437f92f329elibvirt-0.10.2-64.el6_10.2.i686.rpm4ae6f6b1427086b6e395279dc843779132799cedb047585a4048ec2250a97c88libvirt-devel-0.10.2-64.el6_10.2.i686.rpm7bae2df5101efc072b5dbe4af4e4f92796e251ca6be203da6416bedddab07232libvirt-python-0.10.2-64.el6_10.2.i686.rpm2284db6c51fec1aba765a7063a2040104e8131130b795db6ed0b64e2eba51732SLSA-2019:1604-1Security Fix(es): * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.7.2-1.el6_10.i686.rpm5762907e1106ae6354abc19222c247d1aedf8819e1e65e692af50549da91050aSLSA-2019:1624-1Security Fix(es): * Mozilla: Type confusion in Array.pop (CVE-2019-11707) * thunderbird: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c (CVE-2019-11705) * Mozilla: Sandbox escape using Prompt:Open (CVE-2019-11708) * thunderbird: Heap buffer over read in icalparser.c parser_get_next_char (CVE-2019-11703) * thunderbird: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c (CVE-2019-11704) * thunderbird: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c (CVE-2019-11706)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-60.7.2-2.el6_10.i686.rpmac3af04e22e919de7d6e00c1d98b762aaa1172b051bad624465fb574976e1ad5SLSA-2019:1650-1Security Fix(es): * QEMU: Slirp: information leakage in tcp_emu() due to uninitialized stack variables (CVE-2019-9824)lowScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.506.el6_10.4.i686.rpm844de9309808e3fd28aee7df13f2ffe027fec6bd6fdf832db62224d9382ab036SLSA-2019:1652-1Security Fix(es): * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863)importantScientific Linux FermiScientific Linux Fermi 6libssh2-docs-1.4.2-3.el6_10.1.i686.rpm13b07846b877191a0bb18a81357594dcec0756249652645efb33e36cee8ed706libssh2-devel-1.4.2-3.el6_10.1.i686.rpmc24fbf4975007cbc746bf3617fff9ef4f142f50a62f7b4d47da518835c79a1aelibssh2-1.4.2-3.el6_10.1.i686.rpm237279527bd8da3b53a126e327aa5491f29e1ac8b0cd8f6ac37bbc1017ae4b63SLSA-2019:1726-1Security Fix(es): * dbus: DBusServer DBUS_COOKIE_SHA1 authentication bypass (CVE-2019-12749)importantScientific Linux FermiScientific Linux Fermi 6dbus-1.2.24-11.el6_10.i686.rpmfe27d006724f2e6f6fa6db571fbc1456c3e372010bb60e96eabb60d54922df6ddbus-doc-1.2.24-11.el6_10.noarch.rpm7e9688be22663b7e530f0c2a1771ee68259e26b3844abb638b7b01cd0b9bf396dbus-libs-1.2.24-11.el6_10.i686.rpm27c22a404a473302373f7dcc4da626e06c39ca936278d9812a20631eb9e7048adbus-x11-1.2.24-11.el6_10.i686.rpma8637eb4b1a230f931296568cdaa81fd21debae20792a2c821d7ef164633e3dadbus-devel-1.2.24-11.el6_10.i686.rpmbb36e8baa228989d49c3fda19d44307151a34cbf14fedca4db2b0f266411a95fSLSA-2019:1765-1This update upgrades Firefox to version 60.8.0 ESR. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 (CVE-2019-11709) * Mozilla: Sandbox escape via installation of malicious language pack (CVE-2019-9811) * Mozilla: Script injection within domain through inner window reuse (CVE-2019-11711) * Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (CVE-2019-11712) * Mozilla: Use-after-free with HTTP/2 cached stream (CVE-2019-11713) * Mozilla: HTML parsing error can contribute to content XSS (CVE-2019-11715) * Mozilla: Caret character improperly escaped in origins (CVE-2019-11717) * Mozilla: Same-origin policy treats all files in a directory as having the same-origin (CVE-2019-11730)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.8.0-1.el6_10.i686.rpm2ab292bd861025002d2e6cf98cc65bec3154d5654cc07b18be7f005d43d6a3acSLSA-2019:1774-1Security Fix(es): * vim/neovim: ':source!' command allows arbitrary command execution via modelines (CVE-2019-12735)importantScientific Linux FermiScientific Linux Fermi 6vim-X11-7.4.629-5.el6_10.2.i686.rpm4ee1b687e857680f646d7e3226edada678cf8f14813eaa310d9e9c0dbc77e3f2vim-enhanced-7.4.629-5.el6_10.2.i686.rpm6558adcd98049f02fd5f779bf8b88789053fb6c3c184ca831a349d84505ad594vim-minimal-7.4.629-5.el6_10.2.i686.rpm8787c09e59cf09600e5fbe74670bb67f69bcaa37b299d024d7a13ebdf141d5ccvim-common-7.4.629-5.el6_10.2.i686.rpmc907b4ae52e8e5a6ae795de4e6588e173b2e537708117c00b40f1693a7ba2cbdvim-filesystem-7.4.629-5.el6_10.2.i686.rpm77d00d9a7676dd1307a49e2e349e3a52d83e371046824760d6754018fe58529dSLSA-2019:1777-1This update upgrades Thunderbird to version 60.8.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8 (CVE-2019-11709) * Mozilla: Sandbox escape via installation of malicious language pack (CVE-2019-9811) * Mozilla: Script injection within domain through inner window reuse (CVE-2019-11711) * Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects (CVE-2019-11712) * Mozilla: Use-after-free with HTTP/2 cached stream (CVE-2019-11713) * Mozilla: HTML parsing error can contribute to content XSS (CVE-2019-11715) * Mozilla: Caret character improperly escaped in origins (CVE-2019-11717) * Mozilla: Same-origin policy treats all files in a directory as having the same-origin (CVE-2019-11730)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-60.8.0-1.el6_10.i686.rpm39b18d2d214ff6523c311647a0bb19f6b561397a76594229b991bc3e7f0e3f9cSLSA-2019:1811-1Security Fix(es): * OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) (CVE-2019-2745) * OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762) * OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769) * OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816) * OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511) (CVE-2019-2842) * OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786)moderateScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-src-1.8.0.222.b10-0.el6_10.i686.rpm14d535dfc362e018a61f0930629b3ff67d2d7ddade2fd34b5785d503df3cdd30java-1.8.0-openjdk-src-debug-1.8.0.222.b10-0.el6_10.i686.rpm5bfccdc4544cc13d01dec213505fa468f9fc085d717770fdefb1559cc3b1279djava-1.8.0-openjdk-devel-debug-1.8.0.222.b10-0.el6_10.i686.rpm4c4391b51db4987d83787eebe464d3136c477db7bf1f32412dc3a1293372e628java-1.8.0-openjdk-headless-1.8.0.222.b10-0.el6_10.i686.rpm6a53d989ad01f56c77a9be31427289868164482a9cbcefd0ec5934f1da86027ajava-1.8.0-openjdk-javadoc-debug-1.8.0.222.b10-0.el6_10.noarch.rpm7fcf1eab81210329d4ec323669b49cbb86320a0315e6fe9f00846ac538081cd2java-1.8.0-openjdk-1.8.0.222.b10-0.el6_10.i686.rpm8feda1829202c84b91c6591f97fa4e58cce69b8f4fa92e21b2b4e52318cd942ejava-1.8.0-openjdk-devel-1.8.0.222.b10-0.el6_10.i686.rpmd960a2f0da30118157de0f98b3bd0b83bf1edb7e3b63fc781fea67e0301b0470java-1.8.0-openjdk-javadoc-1.8.0.222.b10-0.el6_10.noarch.rpmfedb7e6431bb0d13c67dfc05556ad81b3a96f3df5baa7ee90f2cd87b474e042djava-1.8.0-openjdk-debug-1.8.0.222.b10-0.el6_10.i686.rpm8d28cf2d20ca5380e083529a1c8cdd2d8d7486537303835de59d7ba12efe3f74java-1.8.0-openjdk-demo-debug-1.8.0.222.b10-0.el6_10.i686.rpm6552dac4588c66183c10d44d4a6cb295be0ff52dc774118b4416b4e216efec40java-1.8.0-openjdk-headless-debug-1.8.0.222.b10-0.el6_10.i686.rpmae8542b128a63974c4c8329cfca1f7de4c42f87e32e06fb016a9e74095ff7e24java-1.8.0-openjdk-demo-1.8.0.222.b10-0.el6_10.i686.rpm9fa34cdf6fb9e5cd25aaad6d8609e07030e947b3b46fb524d6eb163a2a53e206SLSA-2019:1840-1Security Fix(es): * OpenJDK: Side-channel attack risks in Elliptic Curve (EC) cryptography (Security, 8208698) (CVE-2019-2745) * OpenJDK: Insufficient checks of suppressed exceptions in deserialization (Utilities, 8212328) (CVE-2019-2762) * OpenJDK: Unbounded memory allocation during deserialization in Collections (Utilities, 8213432) (CVE-2019-2769) * OpenJDK: Missing URL format validation (Networking, 8221518) (CVE-2019-2816) * OpenJDK: Missing array bounds check in crypto providers (JCE, 8223511) (CVE-2019-2842) * OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381) (CVE-2019-2786)moderateScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-src-1.7.0.231-2.6.19.1.el6_10.i686.rpm59565f0a4868c52f39609ba1fb68eb1656bfa1f8c4c4a98efc069439b129a27cjava-1.7.0-openjdk-devel-1.7.0.231-2.6.19.1.el6_10.i686.rpm981a285c171ffaea4c02506d98175dfa93fd1fe7f3be30e3e15bcfca7890f9cejava-1.7.0-openjdk-demo-1.7.0.231-2.6.19.1.el6_10.i686.rpmf4ba1538b17e259fd1e0a4d9c89ad82cccde3c7943382bd24534f2fbbb0f2a3ejava-1.7.0-openjdk-1.7.0.231-2.6.19.1.el6_10.i686.rpmec8d8b808e972348e4f9a59030333e30cbe6ee8db4fe0e56f26347fe2556060ejava-1.7.0-openjdk-javadoc-1.7.0.231-2.6.19.1.el6_10.noarch.rpm1deac5b3b6d3b2b55bdcb848981c61d8f4196eb01b23fdb2de3e5ee47e7a10f5SLSA-2019:2471-1Security Fix(es): * openssl: 0-byte record padding oracle (CVE-2019-1559) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE moderateScientific Linux FermiScientific Linux Fermi 6openssl-1.0.1e-58.el6_10.i686.rpmf72d77100dd96a17ebac2a4f1c9dfebe87ddb6058c9c53ec5e0159a7563c0039openssl-static-1.0.1e-58.el6_10.i686.rpmf08d1b56a1609b65e9635dc374c4d1b426a411555b179423876ca079b47f157eopenssl-perl-1.0.1e-58.el6_10.i686.rpm32aea464a4560d5094a1ef28707b8ca45f375a3c2fa947f66238f21234a8d8dfopenssl-devel-1.0.1e-58.el6_10.i686.rpmd96d5fd130f2ef9e60e1959f2913cf9c1b77059ff37edd1b17afb10ad4ca1a7aSLSA-2019:2473-1Security Fix(es): * Kernel: page cache side channel attacks (CVE-2019-5489) * kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service (CVE-2017-17805) * kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks (CVE-2018-17972) * kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * OOPS with Null Pointer exception in v4l2_ctrl_query_menu when second arg of function is NULL * Another SL 6 hang in congestion_wait() * kernel crash after running user space script * SL-6.10: Don't report the use of retpoline on Skylake as vulnerable * Bad pagetable: 000f “*pdpt = 0000000000000000 *pde = 0000000000000000” SL 6 32bit * fs/binfmt_misc.c: do not allow offset overflow [6.10.z] * Wrong spectre backport causing linux headers to break compilation of 3rd party packagesimportantScientific Linux FermiScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-754.18.2.el6.noarch.rpm40f7bc1add242616107d74280208eb47229e5b1cff19a8501290290d24201872kernel-firmware-2.6.32-754.18.2.el6.noarch.rpmb4249a50dc5aff45878a137f33c62879f22ff8466f84d3efe29106adb5725164python-perf-2.6.32-754.17.1.el6.i686.rpm56cd31f09a45cfc294fa717d701ed8caba46dfa3934348b232a4754bbe43024akernel-headers-2.6.32-754.18.2.el6.i686.rpm2b5b386b69a82aba9edb489fcbc9e3194719838fbf68f7225b7703a3df12e282kernel-2.6.32-754.18.2.el6.i686.rpmf027b508571aac5428f5d6241160d8293de7c9771d933ac155feafbbb45c6efakernel-debug-devel-2.6.32-754.18.2.el6.i686.rpmf76919575011397b851f03fb1e220b0ff25da5766707255f5c7de9fcacfb2f80kernel-debug-2.6.32-754.18.2.el6.i686.rpm36f1c6dcec10857ef981b0125855dc8a1a8f145f5b1bc38ee1270600d8112c1akernel-doc-2.6.32-754.18.2.el6.noarch.rpm8c87207a6731978c78d7cb69b184947d8e529594b3a2992a7c1569e930693d04perf-2.6.32-754.18.2.el6.i686.rpm6b5c776f334a1c64c2130c80c2f0d8657649cb19aafa728b237b1ad5771b3de3kernel-devel-2.6.32-754.18.2.el6.i686.rpme8bb0777b6ebbf3ea4e75ba9e90a881f78bd44163f6246243b1a27898bf7412fpython-perf-2.6.32-754.18.2.el6.i686.rpm6b1d5e88e100440d48100a870e78e23025e1d44d0d8f32090b669c66fbd298a0SLSA-2019:2694-1Security Fix(es): * Mozilla: Sandbox escape through Firefox Sync (CVE-2019-9812) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * firefox: stored passwords in 'Saved Logins' can be copied without master password entry (CVE-2019-11733) * Mozilla: Cross-origin access to unload event attributes (CVE-2019-11743)criticalScientific Linux FermiScientific Linux Fermi 6firefox-60.9.0-1.el6_10.i686.rpm18b7756ef97146864408131e251fc019c3d636f163f0a6abd317d9e5ae088605SLSA-2019:2736-1Security Fix(es): * kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568) * kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS (CVE-2019-11810) Bug Fix(es): * fragmented packets timing out * Backport TCP follow-up for small buffersimportantScientific Linux FermiScientific Linux Fermi 6kernel-firmware-2.6.32-754.22.1.el6.noarch.rpmdbdc8a9cb94f0610c942238f40ca385f25a2c6ef786bb3ca740f3f334275739fkernel-doc-2.6.32-754.22.1.el6.noarch.rpmf6e8d330c588d48a1aea904943f917501bdad44202571e24def6df88cdde299ckernel-devel-2.6.32-754.22.1.el6.i686.rpmc37959c09ffe66d3f12f5a62a247c27c09c839f69246ad2f2caa773bd9e72ff7python-perf-2.6.32-754.22.1.el6.i686.rpm539ee3c08ebc1f4d2e72f2f87a5e47733e6474cbe992ced071fbcb1673929382kernel-debug-devel-2.6.32-754.22.1.el6.i686.rpm2ed5c02faaf280d97208fb8a5782976c9969eff337539a58d8ddf2da02107724perf-2.6.32-754.22.1.el6.i686.rpmb32fb02d145b3aee02c3cda9504ebc7dfc09f402f64a7c84d5c71fe44ae334d8kernel-headers-2.6.32-754.22.1.el6.i686.rpm3a841eb5009e084651a6a8d9407ed60047190cb26a6c81beae60f60e8a23167ckernel-2.6.32-754.22.1.el6.i686.rpm2f223785d70a1b72ba1598f2b34eb5d045ed79dfb380585fc5aa9666be9acdf9kernel-abi-whitelists-2.6.32-754.22.1.el6.noarch.rpm28a86a186d10f19e5545509ced59f132c75fc6e984ce77dcd7737d129d6b6264kernel-debug-2.6.32-754.22.1.el6.i686.rpm997d5cfa08e5dca2291079783fa2e32c00265a178989bea14da1395ca8615e87SLSA-2019:2807-1This update upgrades Thunderbird to version 60.9.0. Security Fix(es): * Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message (CVE-2019-11739) * Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, and Firefox ESR 60.9 (CVE-2019-11740) * Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images (CVE-2019-11742) * Mozilla: XSS by breaking out of title and textarea elements using innerHTML (CVE-2019-11744) * Mozilla: Use-after-free while manipulating video (CVE-2019-11746) * Mozilla: Use-after-free while extracting a key value in IndexedDB (CVE-2019-11752) * Mozilla: Cross-origin access to unload event attributes (CVE-2019-11743)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-60.9.0-1.el6_10.i686.rpmbb2288bb57d83f968dc3fb13a99801f177fb32e97960b0b139b8d1cf1684afd6SLSA-2019:2863-1Security Fix(es): * A buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host. (CVE-2019-14835)importantScientific Linux FermiScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-754.23.1.el6.noarch.rpm30b641fcb0fac4e7afafe495efa54ce97cf00e08a8d20f4282d627cb4778bef3python-perf-2.6.32-754.23.1.el6.i686.rpm3e65c68a341849689c80c6829d9f3ae7cf335f24efe701f60c2c71115b7d11e3kernel-devel-2.6.32-754.23.1.el6.i686.rpm6b3f74d8fc41d4919249a54a0fbd4c5578a9ec3f8a07971ed5dd38f13a545e69kernel-2.6.32-754.23.1.el6.i686.rpm19cfc0bea5f926ceea4ce3d65c6b2528eb973d96a435209fa63af38fab19337fkernel-doc-2.6.32-754.23.1.el6.noarch.rpmfc5f56359a8e3dc1ed19f769803abccf8a3545537655b039d66bdf0bc1223dd4kernel-debug-2.6.32-754.23.1.el6.i686.rpm40401b857b09521489a885c6ab69c3d217014d290974a22aa04ce3641284aa22kernel-debug-devel-2.6.32-754.23.1.el6.i686.rpm287692bea8f530aa95d329c4c8c2e3f2ec62a408fa9ece7df2137e89d1bc7ad9perf-2.6.32-754.23.1.el6.i686.rpme14d73ace33d346d2a46927e1e45084f7084b609399e33deff7695fffe42438dkernel-headers-2.6.32-754.23.1.el6.i686.rpmeb965586179b5bc3771dc25587b96063e0a38ba9ea45e03c9db089c57cc838a7kernel-firmware-2.6.32-754.23.1.el6.noarch.rpmdbc6d52137509ae28af877af780e07dce4b2cc4d9f370bece38af6e7fb4fea54SLSA-2019:2885-1* dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes (CVE-2019-11500)importantScientific Linux FermiScientific Linux Fermi 6dovecot-pgsql-2.0.9-22.el6_10.1.i686.rpmf233fa50db9dfdc999738c695c3179b8ece95b46abedbf23ca15b39ab657714edovecot-pigeonhole-2.0.9-22.el6_10.1.i686.rpm26a62b652999aa2e24e612bacf0ec819266fb36d1cb4e4f364724c2758af9c6ddovecot-devel-2.0.9-22.el6_10.1.i686.rpm340529dd18a0b2501de3b28273844ae10209573221d6a383334fdca4fdb8efa9dovecot-mysql-2.0.9-22.el6_10.1.i686.rpm2eb5bc20770fb58ebbec94b4ba765a01ff4761e5175a07718462500dbb3d83fedovecot-2.0.9-22.el6_10.1.i686.rpme181d5a3a17fdd37c0911bf8495ded4c46b035c7459ac38fdc2c7041c83fea23SLSA-2019:2892-1Security Fix(es): * QEMU: slirp: heap buffer overflow while reassembling fragmented datagrams (CVE-2018-11806) * QEMU: slirp: heap buffer overflow in tcp_emu() (CVE-2019-6778) * QEMU: ne2000: integer overflow leads to buffer overflow issue (CVE-2018-10839) * QEMU: pcnet: integer overflow leads to buffer overflow (CVE-2018-17962) * QEMU: qxl: null pointer dereference while releasing spice resources (CVE-2019-12155)importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.506.el6_10.5.i686.rpmf38b921cc09b9e2e8e64fbfddbd88dc631b6248e0715e338d984de571be1f8b8SLSA-2019:3136-1Security Fix(es): * OpenJDK: Improper handling of Kerberos proxy credentials (Kerberos, 8220302) (CVE-2019-2949) * OpenJDK: Unexpected exception thrown during regular expression processing in Nashorn (Scripting, 8223518) (CVE-2019-2975) * OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892) (CVE-2019-2978) * OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298) (CVE-2019-2989) * OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573) (CVE-2019-2945) * OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690) (CVE-2019-2962) * OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684) (CVE-2019-2964) * OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505) (CVE-2019-2973) * OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532) (CVE-2019-2981) * OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915) (CVE-2019-2983) * OpenJDK: Missing glyph bitmap image dimension check in FreetypeFontScaler (2D, 8225286) (CVE-2019-2987) * OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292) (CVE-2019-2988) * OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597) (CVE-2019-2992) * OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765) (CVE-2019-2999)importantScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-javadoc-debug-1.8.0.232.b09-1.el6_10.noarch.rpmc8fdb685e302cef81cc332755ca32e0b51f62b01a23cae319b773fc4117fec52java-1.8.0-openjdk-1.8.0.232.b09-1.el6_10.i686.rpm2007cad8efe37311e983ee987dd861b47d2934b278a4f3b0f13b3cf0871c71f6java-1.8.0-openjdk-headless-1.8.0.232.b09-1.el6_10.i686.rpmb531763c1de2719a8c83559ba8e58382a58467500598b692c776305e105669ddjava-1.8.0-openjdk-src-debug-1.8.0.232.b09-1.el6_10.i686.rpm5b4b7394028a61809f0049a75e1f6b97840baa255e226fb4986a44c6269ff4bajava-1.8.0-openjdk-devel-1.8.0.232.b09-1.el6_10.i686.rpm737c8caec905172aeba999cdf551472f3225288715856d14dd218ce81504ef8ajava-1.8.0-openjdk-debug-1.8.0.232.b09-1.el6_10.i686.rpm3924ec110310bb56cbbe0b3544e942ae476ddfc769175bdc3a3ce578f5a94633java-1.8.0-openjdk-devel-debug-1.8.0.232.b09-1.el6_10.i686.rpm045a099afba1e44eb6d42c6dbb98455b692ea72c4fd79a4dd34847013c5df0f1java-1.8.0-openjdk-src-1.8.0.232.b09-1.el6_10.i686.rpm84bb568fe0166e35f5ff2713eddea867b1b640a077d5c21707f02504f8908a11java-1.8.0-openjdk-headless-debug-1.8.0.232.b09-1.el6_10.i686.rpmacf6e02aa153a0d701688d54dc3af6e194f7d6c3e71354d3653cee08243221b5java-1.8.0-openjdk-demo-debug-1.8.0.232.b09-1.el6_10.i686.rpm59fa924b04cc05ff9b171eb76d2ffb636026a81077a996d5e40a16597695092ejava-1.8.0-openjdk-demo-1.8.0.232.b09-1.el6_10.i686.rpm0f82488406606cf9f6bc40b8f8c82e538dac5e971b7cd8e72fa81c39cc70657bjava-1.8.0-openjdk-javadoc-1.8.0.232.b09-1.el6_10.noarch.rpm980bf7a6a1d786f686158f80532419d0bfbc7bfa4f1a441c956f96ae81670d31SLSA-2019:3158-1Security Fix(es): * OpenJDK: Incorrect handling of nested jar: URLs in Jar URL handler (Networking, 8223892) (CVE-2019-2978) * OpenJDK: Incorrect handling of HTTP proxy responses in HttpURLConnection (Networking, 8225298) (CVE-2019-2989) * OpenJDK: Missing restrictions on use of custom SocketImpl (Networking, 8218573) (CVE-2019-2945) * OpenJDK: NULL pointer dereference in DrawGlyphList (2D, 8222690) (CVE-2019-2962) * OpenJDK: Unexpected exception thrown by Pattern processing crafted regular expression (Concurrency, 8222684) (CVE-2019-2964) * OpenJDK: Unexpected exception thrown by XPathParser processing crafted XPath expression (JAXP, 8223505) (CVE-2019-2973) * OpenJDK: Unexpected exception thrown by XPath processing crafted XPath expression (JAXP, 8224532) (CVE-2019-2981) * OpenJDK: Unexpected exception thrown during Font object deserialization (Serialization, 8224915) (CVE-2019-2983) * OpenJDK: Missing glyph bitmap image dimension check in FreetypeFontScaler (2D, 8225286) (CVE-2019-2987) * OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292) (CVE-2019-2988) * OpenJDK: Excessive memory allocation in CMap when reading TrueType font (2D, 8225597) (CVE-2019-2992) * OpenJDK: Insufficient filtering of HTML event attributes in Javadoc (Javadoc, 8226765) (CVE-2019-2999)moderateScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-1.7.0.241-2.6.20.0.el6_10.i686.rpmfe3953771bb0aa20098466f301e2f93b8a811c0081f959790f8249ef1c5bdf86java-1.7.0-openjdk-devel-1.7.0.241-2.6.20.0.el6_10.i686.rpmfd8e3b0d507c4db699df40b2a35324bd1bf627ed5e1c0d07ec049e26b1a92835java-1.7.0-openjdk-src-1.7.0.241-2.6.20.0.el6_10.i686.rpmea26a1e526355d46ec29e4531670dac4142555a92ea4443f6b55b9baa120afebjava-1.7.0-openjdk-demo-1.7.0.241-2.6.20.0.el6_10.i686.rpm895d609e7c10ec7303795c5a56847dcb3d1817848b95929d8841131a2564be1bjava-1.7.0-openjdk-javadoc-1.7.0.241-2.6.20.0.el6_10.noarch.rpmf11b5f289c40d212ad78b789e0c87076e9f30223cbe579418314a29139678cbbSLSA-2019:3281-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763)criticalScientific Linux FermiScientific Linux Fermi 6firefox-68.2.0-4.el6_10.i686.rpme2732af72e80e34ad78f7ff963c9f33d9ecccb956047d7fdeaa722cdb62360a7SLSA-2019:3287-1Security Fix(es): * php: underflow in env_path_info in fpm_main.c (CVE-2019-11043)criticalScientific Linux FermiScientific Linux Fermi 6php-embedded-5.3.3-50.el6_10.i686.rpm97f159d70745845e4c6c3576ec01225659f2369325d2dad82a9bc3463e47a401php-dba-5.3.3-50.el6_10.i686.rpm5497d597961e9ffe0189ef4ea376375fddcf1faeb93d5016e7f0020c844e5772php-imap-5.3.3-50.el6_10.i686.rpmf69cc1420b3ef56fb516db4dd5462df0d28f43cfe1cae692ed40ed770fbbbfbephp-enchant-5.3.3-50.el6_10.i686.rpm0f3efc2649cbe76bf8001a7a71496968e9cc8360396608210ab7cd8e84bc9ae0php-common-5.3.3-50.el6_10.i686.rpm6855813b28c2f4f67e152b6963d12c3473a46af27702031a335b838c812ea9c1php-bcmath-5.3.3-50.el6_10.i686.rpmbb4071d5dab61a65f9d70565d418c510f555978d26b0bc41efd5536cfac70240php-xmlrpc-5.3.3-50.el6_10.i686.rpm4bca393de2619333b9179251d3d22078c230ef0a2c1eb080f3b451f29ebc2ad0php-xml-5.3.3-50.el6_10.i686.rpme5b343a8932d7783aaaa018f06763c786b304843eb824dbadffaf7a4725822faphp-gd-5.3.3-50.el6_10.i686.rpme1fc16f1dc3046858966d6f860e39769044305ade0fd872859324baff229adfephp-tidy-5.3.3-50.el6_10.i686.rpm4519aa2d5f887a5b8b22ae1248ada8ab2de79062ab37e0f455e03849453f5655php-5.3.3-50.el6_10.i686.rpme26147a6c3f5c8879d7da765b4ce1b581f53ed5b002f320a0e6fecaf87d0ebfephp-recode-5.3.3-50.el6_10.i686.rpm049cbd575404dbcc69a1a99aeb288dde4d0e815ddf26f082ad28127f4cf2131aphp-cli-5.3.3-50.el6_10.i686.rpm4e857b05c31ea8da31257ac297cb4b8ce839c825f00f5d5afbd7b25b3398b97aphp-zts-5.3.3-50.el6_10.i686.rpm522c13c3f915a8eb9c7a52a27915785f2674c570444f1eebc21e8904d9b07f05php-devel-5.3.3-50.el6_10.i686.rpmc57284d61dba58928ddeacb0bc8932eddf042a5690d44323156bf67e1ff65994php-pgsql-5.3.3-50.el6_10.i686.rpm54fbf61bb3ec5a6214ee3364362ad66faf3970840d739fe877873eaaa385453ephp-snmp-5.3.3-50.el6_10.i686.rpm15baa8b30eec5a2264a8032fcfad750cf0af1421b0b5f285b83fec421a682936php-mbstring-5.3.3-50.el6_10.i686.rpm3ff158e5eebe84e07e9c045c1d2869363a20e3a64dff9768ddeff71c0656eee3php-intl-5.3.3-50.el6_10.i686.rpmd8fefd6aa5d98a5c5f4524d1c84a7fe154732ca02b5f7a9eae28b9135a8e6b97php-ldap-5.3.3-50.el6_10.i686.rpmb86a2fea6a4e91c5657d75ede597b493b207c0d16796f9ccb51823265d9bb619php-mysql-5.3.3-50.el6_10.i686.rpm3e5587b702c4258b7314dcf81b92f293651ec8e442eb92da09438ad49fb3d7caphp-soap-5.3.3-50.el6_10.i686.rpm68f63d8d2ee6f18e8d309740813261bee597225ef5f79965bdce9cbc54d1404aphp-odbc-5.3.3-50.el6_10.i686.rpm0c2240dc7012473b8fbaefe21d8b63407aaf0a20b05baaa22754d362055f2e62php-process-5.3.3-50.el6_10.i686.rpmaabaf393322ce50bf06b017eba34b27d16db1d718d481197176c057b6532d637php-pspell-5.3.3-50.el6_10.i686.rpmbc7435a0491e8fdda3eae35d68feb7b71239e42f205b79fadd6e103d889a7e1cphp-pdo-5.3.3-50.el6_10.i686.rpm90ff9b29ee8ebdd2c19f0bdd0aa6b6b0202f86d7dbf9c6aae2317e9c0a059a0aphp-fpm-5.3.3-50.el6_10.i686.rpmc80f5dcb5a5e835c221c0fe5038859bc787a83d5cf382fc156ea9048ab764b67SLSA-2019:3755-1Security Fix(es): * sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword (CVE-2019-14287)importantScientific Linux FermiScientific Linux Fermi 6sudo-1.8.6p3-29.el6_10.2.i686.rpm03d0ead992d7d3888f84954eedc486818b58ecbb3e17cd1a466a6b776c8c78fasudo-devel-1.8.6p3-29.el6_10.2.i686.rpm62da827b90ab1c0cc3b28c1fa1eec0bd36c01c9491ee871e3d95a5317995e18aSLSA-2019:3756-1This update upgrades Thunderbird to version 68.2.0. Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 (CVE-2019-11764) * Mozilla: Use-after-free when creating index updates in IndexedDB (CVE-2019-11757) * Mozilla: Potentially exploitable crash due to 360 Total Security (CVE-2019-11758) * Mozilla: Stack buffer overflow in HKDF output (CVE-2019-11759) * Mozilla: Stack buffer overflow in WebRTC networking (CVE-2019-11760) * Mozilla: Unintended access to a privileged JSONView object (CVE-2019-11761) * Mozilla: document.domain-based origin isolation has same-origin-property violation (CVE-2019-11762) * Mozilla: Incorrect HTML parsing results in XSS bypass technique (CVE-2019-11763) * expat: heap-based buffer over-read via crafted XML input (CVE-2019-15903)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-68.2.0-2.el6_10.i686.rpm0126ff4bb78e62e5eb5abc89cd8ec1104e94d6f5fc113cd47a3196e21b0f2f2bSLSA-2019:3836-1Security Fix(es): * hw: Machine Check Error on Page Size Change (IFU) (CVE-2018-12207) * hw: TSX Transaction Asynchronous Abort (TAA) (CVE-2019-11135) * Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900) * hw: Intel GPU Denial Of Service while accessing MMIO in lower power state (CVE-2019-0154) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * [Intel 6.10 Bug] With mWait/C-states disabled, HT on, ibrs enabled, performance impact observed on user space benchmark * kernel-2.6.32-573.60.2.el6 hangs/resets during boot in efi_enter_virtual_mode() on Xeon v2 E7-2870 * Slab leak: skbuff_head_cache slab object still allocated after mcast processes are stopped and "fragments dropped after timeout" errors are shownimportantScientific Linux FermiScientific Linux Fermi 6perf-2.6.32-754.24.2.el6.i686.rpmd398e9e0a5a0ece4be5500a7b9a1a8117590a490d0dfa09e4cb49e93b9ad979dkernel-2.6.32-754.24.2.el6.i686.rpm84a4098356783063b4c1fdc13a22574e27c917917f9fd7e4ad8c5223bcaefa7dkernel-abi-whitelists-2.6.32-754.24.2.el6.noarch.rpme93510bebf7ae8913e1e229ca397f89a99a334264c845106e2b3d91da5ca8275kernel-debug-devel-2.6.32-754.24.2.el6.i686.rpm0bf43100e7d596cc3977f8255e7deef06fd111310c234fe499fcdeb40a63a296kernel-firmware-2.6.32-754.24.2.el6.noarch.rpmeb0de1c5f5022dd369e4811d21203ec45af3e4f10fc031e66f3ec7a12556d466kernel-headers-2.6.32-754.24.2.el6.i686.rpmccb0956c7548198e34b4f14109d29b70bcbd6956ded52beb6341096d7833e9fekernel-debug-2.6.32-754.24.2.el6.i686.rpm5daa4fd19c389666b1c8712b7125a14696c4d71ccd7cff5cb086c2f5c52c2c88kernel-devel-2.6.32-754.24.2.el6.i686.rpma9bd60a9fcda6ae3eabc4c462a9a995c4262ef423cbd7ad4cca4723d9446c5d8python-perf-2.6.32-754.24.2.el6.i686.rpm831d1f2b3bbc49da24896b83f2c8be871e31ad399690515649d3c16815f05e93kernel-doc-2.6.32-754.24.2.el6.noarch.rpmaed7222ef4ac7cb673f27d39609ce38a716e3c5201ffc13c08119e771c07de57SLSA-2019:3878-1Security Fix(es): * hw: Intel GPU blitter manipulation can allow for arbitrary kernel memory write (CVE-2019-0155) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE importantScientific Linux FermiScientific Linux Fermi 6kernel-headers-2.6.32-754.24.3.el6.i686.rpm853f12cb57924e4a606ebbc024f5fd8be1be5d3d068ad41ae825d3c0d297258dkernel-debug-devel-2.6.32-754.24.3.el6.i686.rpm9aacbb5fabfee0e958cb74301576437f9251a53f553b5e6fc620331f2f8a474bkernel-firmware-2.6.32-754.24.3.el6.noarch.rpme548f8e9f393db3e2dd773ecd7670b4654fbc4008a41becdec8876c133399eb9perf-2.6.32-754.24.3.el6.i686.rpm6e74088f514c07c9417cd0342c264b8799698700dbfa0f7d050f8cda63679b5dkernel-debug-2.6.32-754.24.3.el6.i686.rpmb80cd6b04a2e5214ff6800f558ffccb47a9f897aecae5c980a5f2e539df5e77ekernel-abi-whitelists-2.6.32-754.24.3.el6.noarch.rpmed779305e6cd7a26cd34b413e9b5b4cbec4fba94750a4a358167acfc6741c4e3kernel-doc-2.6.32-754.24.3.el6.noarch.rpma86ec05a26576ff8c05d31335f8fcefbe0b42b7c93257472082a8466aff77643kernel-2.6.32-754.24.3.el6.i686.rpm6d2338214a3e374e3de75ac45fbe327af9ac600c06cfe74ea875f97834849e43kernel-devel-2.6.32-754.24.3.el6.i686.rpm8995eef581a61a563725bbfbe7f870cb4473dc296a4dcd6eca5c3b628ed6b4ffpython-perf-2.6.32-754.24.3.el6.i686.rpmf6027a0bd9b90bad4ce934d4379de0c310127f78e47338abadaca48792aecb4fSLSA-2019:4108-1Security Fix(es): * Mozilla: Use-after-free in worker destruction (CVE-2019-17008) * Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 (CVE-2019-17012) * Mozilla: Buffer overflow in plain text serializer (CVE-2019-17005) * Mozilla: Use-after-free when performing device orientation checks (CVE-2019-17010) * Mozilla: Use-after-free when retrieving a document in antitracking (CVE-2019-17011)criticalScientific Linux FermiScientific Linux Fermi 6firefox-68.3.0-1.el6_10.i686.rpm7feaa86c2116e03b1ff4f4fc7235405d8eaf1779d2ef6f508b6468785f23bdfbSLSA-2019:4152-1Security Fix(es): * nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate (CVE-2019-11745)importantScientific Linux FermiScientific Linux Fermi 6nss-softokn-freebl-devel-3.44.0-6.el6_10.i686.rpm9fbf5c0a6e9c9cbc4f659846e88b70d70a4a73f63f16219baeb4659ff1cf98ddnss-softokn-freebl-3.44.0-6.el6_10.i686.rpm70b6a495b8b23ee84cd4b9edf0b604356763656b1bcd51c6d3da401b2c880e2dnss-softokn-devel-3.44.0-6.el6_10.i686.rpmf8e5626d1adbe04d2fdccf2581069434143452419c0079e25dc683f314fbf267nss-softokn-3.44.0-6.el6_10.i686.rpm5e0e936804b3227ebd8b2d9b32ee55a2ea10c21e7d5fed428fd5e237c95f5e51SLSA-2019:4205-1This update upgrades Thunderbird to version 68.3.0. Security Fix(es): * Mozilla: Use-after-free in worker destruction (CVE-2019-17008) * Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3 (CVE-2019-17012) * Mozilla: Buffer overflow in plain text serializer (CVE-2019-17005) * Mozilla: Use-after-free when performing device orientation checks (CVE-2019-17010) * Mozilla: Use-after-free when retrieving a document in antitracking (CVE-2019-17011)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-68.3.0-3.el6_10.i686.rpm30bc8e5a09522ea8c29e705689241a95b497f4923aa03ba06d7dc5e443bad8cfSLSA-2019:4254-1Security Fix(es): * freetype: a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c leading to information disclosure (CVE-2015-9381) * freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read (CVE-2015-9382)moderateScientific Linux FermiScientific Linux Fermi 6freetype-devel-2.3.11-19.el6_10.i686.rpm6d7fd44af78ce088694751c24e283bdd9341945079d176925056be232849226dfreetype-2.3.11-19.el6_10.i686.rpm77703831c5562ac717a917552eea79e91f347d95dcb199859225515c94320c97freetype-demos-2.3.11-19.el6_10.i686.rpmeb6b87edd988f7e1e7944864bdebb0113abc49f23995fb9d30ab29a16213daa9SLSA-2019:4256-1Security Fix(es): * Kernel: KVM: OOB memory access via mmio ring buffer (CVE-2019-14821) Bug Fix(es): * KEYS: prevent creating a different user's keyrings SL-6.10 * BUG: unable to handle kernel NULL pointer dereference at (null) * long I/O stalls with bnx2fc from not masking off scope bits of retry delay valueimportantScientific Linux FermiScientific Linux Fermi 6kernel-firmware-2.6.32-754.25.1.el6.noarch.rpm34667f86a2fc275ba9f36d8f885840b5cff80bceeaaad217cb7768aff40cc203kernel-debug-devel-2.6.32-754.25.1.el6.i686.rpm67e02e07f25c5f91e034b860e440fe9f99e19538caca3aa5f8dd6c37f9385c4fkernel-debug-2.6.32-754.25.1.el6.i686.rpm91fb0467752bdd59047431042dc9d1a0d732808a939bdc302005c54584fe6735python-perf-2.6.32-754.25.1.el6.i686.rpm36cb1206a16125b73675a7454981018c3e922686dd8d6fb05bb6d448c932f268kernel-devel-2.6.32-754.25.1.el6.i686.rpma2155801e7880a454a33b8117bbfcb725faa1085afd2d69cce81af74bb5102e0kernel-headers-2.6.32-754.25.1.el6.i686.rpm98f56c2064a15344857ed2d5ef910c0c12cf1d2d7817eb56d46c79f3b1d8fc88perf-2.6.32-754.25.1.el6.i686.rpm74a6eb4410147039c129b1254ffd0b34a343a0c2cf622c0e28c6c2c6ad5e1f88kernel-abi-whitelists-2.6.32-754.25.1.el6.noarch.rpm780620108cc86ba9634200fdc2155ffa65ed82cd0979795eeec0f4370ef73075kernel-doc-2.6.32-754.25.1.el6.noarch.rpm615fa351cd7986dafec501b533bc5891316d70d4728170b16447a59de9c8631dkernel-2.6.32-754.25.1.el6.i686.rpm2b75cf68c1736e2445f4d5c1b6bedbcde378803430354fa01e51f8177f695281SLSA-2020:0086-1This update upgrades Firefox to version 68.4.1 ESR. Security Fix(es): * Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement (CVE-2019-17026) * Mozilla: Bypass of @namespace CSS sanitization during pasting (CVE-2019-17016) * Mozilla: Type Confusion in XPCVariant.cpp (CVE-2019-17017) * Mozilla: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 (CVE-2019-17024) * Mozilla: CSS sanitization does not escape HTML tags (CVE-2019-17022)criticalScientific Linux FermiScientific Linux Fermi 6firefox-68.4.1-1.el6_10.i686.rpmb8ffce2947a42087edb763eb295b2ce65cb83ee7bf1da62113cebef59aa510a7SLSA-2020:0123-1Security Fix(es): * Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement (CVE-2019-17026) * Mozilla: Bypass of @namespace CSS sanitization during pasting (CVE-2019-17016) * Mozilla: Type Confusion in XPCVariant.cpp (CVE-2019-17017) * Mozilla: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4 (CVE-2019-17024) * Mozilla: CSS sanitization does not escape HTML tags (CVE-2019-17022)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-68.4.1-2.el6_10.i686.rpmd753f03d812a2ecad2a1581e886186b9ae14fe92451e50f5a9c442b4688941eeSLSA-2020:0157-1Security Fix(es): * OpenJDK: Use of unsafe RSA-MD5 checkum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) * OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604) * OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590) * OpenJDK: Incorrect isBuiltinStreamHandler causing URL normalization issues (Networking, 8228548) (CVE-2020-2593) * OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654) * OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583) * OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) (CVE-2020-2659)importantScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-demo-debug-1.8.0.242.b07-1.el6_10.i686.rpm8de54400d69d703ffa5486f599c56e57e96021c5abf7ee865ea6d8ecf93e4b8cjava-1.8.0-openjdk-headless-debug-1.8.0.242.b07-1.el6_10.i686.rpmb537b5ccf4643e75f3d98b25f4933b4bd3ed2e3e4127f929beb29058c349f046java-1.8.0-openjdk-headless-1.8.0.242.b07-1.el6_10.i686.rpm01965804c7b98cd2ef1da1d25d62cf590137794c2e84f04883b77f301a3a7a07java-1.8.0-openjdk-devel-debug-1.8.0.242.b07-1.el6_10.i686.rpm3ff14db3c1af7a9213b921c1b75d5bfdfceb59fa198a6063615a9898c58d48b8java-1.8.0-openjdk-debug-1.8.0.242.b07-1.el6_10.i686.rpm08ccbe02f249367e84bfe9d4670bc8e6dca28446d6e455c8e2fd2f7b611f8073java-1.8.0-openjdk-demo-1.8.0.242.b07-1.el6_10.i686.rpmd3d6ec7097fee68e007e8118ca862b8275d00f9f25b2f9c9700942a6dcaac065java-1.8.0-openjdk-devel-1.8.0.242.b07-1.el6_10.i686.rpm658061bda1165b972c47063508e925a76da7fc4e301a0c0fa7251ae44d0bf327java-1.8.0-openjdk-javadoc-1.8.0.242.b07-1.el6_10.noarch.rpm9cdd1d70e628db2c241753201cffeca47340f741c0548dc678a830bc7e322567java-1.8.0-openjdk-src-1.8.0.242.b07-1.el6_10.i686.rpm126fcfd3811c68f4f53cbb53ec28abbec9aaa73ba6660dbc2369480d9d39b808java-1.8.0-openjdk-src-debug-1.8.0.242.b07-1.el6_10.i686.rpmf6b8bdb8cc22b0d423d0aed4f7273b40496d1f4cad348991acd4095ee8adac4fjava-1.8.0-openjdk-javadoc-debug-1.8.0.242.b07-1.el6_10.noarch.rpmf25b6db5c691786c378a77fb790b1546af5f9434a0533fdeeb637f0a8145ca6djava-1.8.0-openjdk-1.8.0.242.b07-1.el6_10.i686.rpm40131a4374ebdc03084c87a5a7a87f681e9be5761a7eecb7f330f35a6a8dae37SLSA-2020:0197-1Security Fix(es): * python-reportlab: code injection in colors.py allows attacker to execute code (CVE-2019-17626)importantScientific Linux FermiScientific Linux Fermi 6python-reportlab-2.3-3.el6_10.1.i686.rpm9122feaeca3ea41fc476988f2e06fa37d3ecf2663355f449b3622530fdc9c523python-reportlab-docs-2.3-3.el6_10.1.noarch.rpm6b3401b4a3265d0b2f86f0291bce38f1e05d99e2349774429f829346cf0345abSLSA-2020:0199-1Security Fix(es): * openslp: Heap-based buffer overflow in ProcessSrvRqst() in slpd_process.c leading to remote code execution (CVE-2019-5544)criticalScientific Linux FermiScientific Linux Fermi 6openslp-server-2.0.0-4.el6_10.i686.rpm8a87d636e46ac0a24aee8535d355e431832995b26aa2d19a2e798e6c0b0963e1openslp-devel-2.0.0-4.el6_10.i686.rpm1f3373a88c9ebe30aee90f957eb32c43d230b47ba1baf50a0b4879b603f69081openslp-2.0.0-4.el6_10.i686.rpm5b52a1b6835e7c3b194075334dc126747b0bbcaff2bbcc0e64f6ec97180312a6SLSA-2020:0316-1Security Fix(es): * git: arbitrary code execution via .gitmodules (CVE-2018-17456)importantScientific Linux FermiScientific Linux Fermi 6git-svn-1.7.1-10.el6_10.noarch.rpm0f507a011aad8db7cff3e86620b31781d5e519481e518437a185f766dade76ccgit-email-1.7.1-10.el6_10.noarch.rpm98bf71aa3ea11db0b4e173676775aca8fe26029da4b73fd9180d38be2827cb23git-gui-1.7.1-10.el6_10.noarch.rpma2d8cc8bb16834ee5002b88443b5546f636beb65b8c5d1a2fb024aa065b875b4gitk-1.7.1-10.el6_10.noarch.rpm4e820bf7c778b4bdebc67ac640a42ebc6fd2a4a06f29e06082f20a5404a1a415gitweb-1.7.1-10.el6_10.noarch.rpmb7cdad0226d27a3422b16c2ba5d6ad38a1d41456fd9f278a5404966ed0edc0a0git-daemon-1.7.1-10.el6_10.i686.rpm12f436992543d6daa2834ec7fd4f5a5a6d5670a044b86960f785ee787e311d2eperl-Git-1.7.1-10.el6_10.noarch.rpm31d03187fdeb8ade325bcf18677794a75d3b3962b7c5c7fc77e7a0c4baf3ee14git-1.7.1-10.el6_10.i686.rpm160ed2dd5170d07ddabf6a7fd7f06b74f4861a02c3565c06f1958fcca8c0b0d4git-cvs-1.7.1-10.el6_10.noarch.rpmb8e082a5c273a8340ff1d8ae92ab732a755e57da3cbd67e9d0d998a5a96f8e24emacs-git-el-1.7.1-10.el6_10.noarch.rpmb34c2c7022314573cdc713354dbb516b14e24e3617c991ad8a5567d30179edd7emacs-git-1.7.1-10.el6_10.noarch.rpma3f91a6e8abb6649c176ad4654abf2433136ece32a762652ed98d733474ff2abgit-all-1.7.1-10.el6_10.noarch.rpm3c2d43ecd8da11d50260f94bb334b0dc44d9457a30eed7ef6901791baa78b61eSLSA-2020:0471-1Security Fix(es): * spice-client: Insufficient encoding checks for LZ can cause different integer/buffer overflows (CVE-2018-10893)moderateScientific Linux FermiScientific Linux Fermi 6spice-gtk-0.26-8.el6_10.2.i686.rpm150c7a4f9da15facdab9c1cec879d56d74c010d9cb4713d7384dd80ce67cae68spice-gtk-python-0.26-8.el6_10.2.i686.rpm41995586fdd7f09661104a460cd80deafa480d335401d47b24530a2e27daebd4spice-glib-devel-0.26-8.el6_10.2.i686.rpmbe2af02ed6b1bd65b96666c9ff2e356e655ecb3be7f1a89837013186a370d7ffspice-gtk-tools-0.26-8.el6_10.2.i686.rpm3aeb03bafdd3b566bdd3c29532488329a0541798d84256fad1fdff18324d7497spice-gtk-devel-0.26-8.el6_10.2.i686.rpm2ff61cf3350e2df213116e84bb0e2027a0d5547e37a29ef3f72deb1f28cb5965spice-glib-0.26-8.el6_10.2.i686.rpmabdb8e54d36de48d4c70945da85a0e5e7c78eb37962b9429c8c73dca13b7a5d4SLSA-2020:0515-1Security Fix(es): * ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection (CVE-2019-14868)importantScientific Linux FermiScientific Linux Fermi 6ksh-20120801-38.el6_10.i686.rpm4573de948933989e13edd23b1db3a1037e13589ababdf9ba59688d91ac18c32dSLSA-2020:0521-1Security Fix(es): * Mozilla: Missing bounds check on shared memory read in the parent process (CVE-2020-6796) * Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 (CVE-2020-6800)importantScientific Linux FermiScientific Linux Fermi 6firefox-68.5.0-2.el6_10.i686.rpmeaa61eaccc640698a594708a192d899872c14fa31adef4cf6198d32e4c5abe0eSLSA-2020:0574-1Security Fix(es): Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5 (CVE-2020-6800) Mozilla: Out-of-bounds read when processing certain email messages (CVE-2020-6793) Mozilla: Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords (CVE-2020-6794) Mozilla: Crash processing S/MIME messages with multiple signatures (CVE-2020-6795) Mozilla: Incorrect parsing of template tag could result in JavaScript injection (CVE-2020-6798) Mozilla: Message ID calculation was based on uninitialized data (CVE-2020-6792)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-68.5.0-1.el6_10.i686.rpmc0926310db6c871dada50f39e93fdb3fdc6ba4fdd76b43f00ae8a021004c505aSLSA-2020:0631-1Security Fix(es): * ppp: Buffer overflow in the eap_request and eap_response functions in eap.c (CVE-2020-8597)importantScientific Linux FermiScientific Linux Fermi 6ppp-2.4.5-11.el6_10.i686.rpm593502a484e86b62efebc73778ad61e9c99e8109dd6278395a56a266765465a9ppp-devel-2.4.5-11.el6_10.i686.rpmdbc8ac92000ed47d7c0e9f18cbf663640035f286226fa060f5e1411ed83e09bbSLSA-2020:0632-1Security Fix(es): * OpenJDK: Use of unsafe RSA-MD5 checksum in Kerberos TGS (Security, 8229951) (CVE-2020-2601) * OpenJDK: Serialization filter changes via jdk.serialFilter property modification (Serialization, 8231422) (CVE-2020-2604) * OpenJDK: Improper checks of SASL message properties in GssKrb5Base (Security, 8226352) (CVE-2020-2590) * OpenJDK: Incorrect isBuiltinStreamHandler check causing URL normalization issues (Networking, 8228548) (CVE-2020-2593) * OpenJDK: Excessive memory usage in OID processing in X.509 certificate parsing (Libraries, 8234037) (CVE-2020-2654) * OpenJDK: Incorrect exception processing during deserialization in BeanContextSupport (Serialization, 8224909) (CVE-2020-2583) * OpenJDK: Incomplete enforcement of maxDatagramSockets limit in DatagramChannelImpl (Networking, 8231795) (CVE-2020-2659)importantScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-1.7.0.251-2.6.21.0.el6_10.i686.rpm53c8ed344688680d5689a0ed27e8ae8b53f552d169d5e648fdd78d75a95263a4java-1.7.0-openjdk-demo-1.7.0.251-2.6.21.0.el6_10.i686.rpmaf419a2c02991a045c55337485f140f6d2142a3a150f195eb808d238eb0e70ffjava-1.7.0-openjdk-devel-1.7.0.251-2.6.21.0.el6_10.i686.rpm62615675de16c7aa87e357a5dca9d83db0dfdd9173e6a1a9ff15416dbd9a124fjava-1.7.0-openjdk-src-1.7.0.251-2.6.21.0.el6_10.i686.rpm95ce07c10622460032e590743934c04718a190bf58afa5efb48e28cee90fad78java-1.7.0-openjdk-javadoc-1.7.0.251-2.6.21.0.el6_10.noarch.rpma4fa4151a35710d667b1c09c3d00684f8d3c200b74e9075cfd08ddd15585e850SLSA-2020:0702-1Security Fix(es): * xerces-c: XML parser contains a use-after-free error triggered during the scanning of external DTDs (CVE-2018-1311)importantScientific Linux FermiScientific Linux Fermi 6xerces-c-devel-3.0.1-21.el6_10.i686.rpm299f5f4e4944cbd1b4b31bcf4287d85c7f4567477a07fbd7f7b4d7fa14959817xerces-c-doc-3.0.1-21.el6_10.noarch.rpmd992f681dce12e5cc47b634455037596ff101ad2eebc66d459708ce5ac4679e9xerces-c-3.0.1-21.el6_10.i686.rpmfe04f8540a3ed07b20d7c440a04b6cc71552b361b765125e13c7945342d22903SLSA-2020:0726-1Security Fix(es): * sudo: Stack based buffer overflow when pwfeedback is enabled (CVE-2019-18634)importantScientific Linux FermiScientific Linux Fermi 6sudo-devel-1.8.6p3-29.el6_10.3.i686.rpm37a0c40da8624c01ccbcc4844414f61276b85999256950bce83258c049606f2csudo-1.8.6p3-29.el6_10.3.i686.rpmd9b8368cc70fb32e27bd4d83f623991b0e3b2ef9be414623845491eee7ef7c9bSLSA-2020:0775-1Security Fix(es): * QEMU: slirp: heap buffer overflow during packet reassembly (CVE-2019-14378) * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) * QEMU: Slirp: use-after-free during packet reassembly (CVE-2019-15890)importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.506.el6_10.6.i686.rpm24f9e154a7b992a61e9d8054c08c1eaea48a23516d1e9a7f01d6378dba6a43c5SLSA-2020:0790-1Security Fix(es): * kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless /wext-sme.c (CVE-2019-17133) * kernel: unprivileged users able to create RAW sockets in AF_ISDN network protocol. (CVE-2019-17055) Bug Fix(es): * LACP bond does not function because bonding driver sees slave speed & duplex as Unknown * ixgbevf guess causes excessive interrupts in hypervisor due to get link settingsimportantScientific Linux FermiScientific Linux Fermi 6kernel-debug-devel-2.6.32-754.28.1.el6.i686.rpm7baeb69b0cce2467013a56c324072bf0d9511b897f882d4425c899cb70348d83kernel-debug-2.6.32-754.28.1.el6.i686.rpm08068b6652dfe516d1c0e9f006a7af1e0aa7b81e0f56d885ddcfbf3a0421c8ebkernel-doc-2.6.32-754.28.1.el6.noarch.rpmbd7fcc9e693f1122eb8f6474f3ec7117e8d1ef0610ae4d429284353c2742db1dkernel-devel-2.6.32-754.28.1.el6.i686.rpm83709e36a7d614ec5b27f6c328387c1a77c962ca082feece7f562db7f155f449kernel-2.6.32-754.28.1.el6.i686.rpm4a14d589f161cd8023fe9f048f52634e67613d3fd6c81fe5b808e15f07ca7000kernel-abi-whitelists-2.6.32-754.28.1.el6.noarch.rpmb49136d71faf2a416f07485e49c4a72e816c2b0c7f5a5a0c2f7b5bd8e9dc0ec8python-perf-2.6.32-754.28.1.el6.i686.rpm8d487df6ef77663826c2305db8f521ab815661c945ac2883378cfd9e248e71b6perf-2.6.32-754.28.1.el6.i686.rpmca3cce7406dff45b5e2043d3744e24e4eec4da774a3de6d412f7e1cc87fa80c0kernel-headers-2.6.32-754.28.1.el6.i686.rpm85c6fd176653526c0fe98d43e7a9106bca7757516af069c6cc14ac2e5821c537kernel-firmware-2.6.32-754.28.1.el6.noarch.rpm5a96c1d62011f5cc7044a4079ab4c4d4b805bf97094eebdc7075e330079dbda2SLSA-2020:0816-1This update upgrades Firefox to version 68.6.0 ESR. Security Fix(es): * Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) * Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) * Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 (CVE-2020-6814) * Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) * Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website- controlled data, potentially leading to command injection (CVE-2020-6811) * Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission (CVE-2020-6812)importantScientific Linux FermiScientific Linux Fermi 6firefox-68.6.0-1.el6_10.i686.rpm42e3aa25d642495bf090dea0eb1deed36d4d7f308b62a6078d755ce3ebdb3b51SLSA-2020:0892-1Security Fix(es): * zsh: insecure dropping of privileges when unsetting PRIVILEGED option (CVE-2019-20044)importantScientific Linux FermiScientific Linux Fermi 6zsh-html-4.3.11-11.el6_10.i686.rpm27365cb9a38fbd29d9bbb9fa6a220807ec6686d05f041386a95c96ab3ef14300zsh-4.3.11-11.el6_10.i686.rpmcbd3998d7afe51c1548e9ed32d6309f6bf03710eb4b60c28b47defc45b449ed4SLSA-2020:0896-1Security Fix(es): * ICU: Integer overflow in UnicodeString::doAppend() (CVE-2020-10531)importantScientific Linux FermiScientific Linux Fermi 6icu-4.2.1-15.el6_10.i686.rpmaae26cc6d13bfb6fd5d555802987184f416ef7f6105bcc171d172f74271cf745libicu-devel-4.2.1-15.el6_10.i686.rpm04b271467d8f55f0a0dd1dd8140c1339c5cf90defa0d44599d795095deac8b04libicu-doc-4.2.1-15.el6_10.noarch.rpmeb4363fa5c07c028aa3ef1c29c7b7b76c301338ea9ca9ce73eb140cceef386e0libicu-4.2.1-15.el6_10.i686.rpm9f6dd5d39417b489153c66e23c5aa4fc33766f5c6346715033feb549ce1bead0SLSA-2020:0898-1Security Fix(es): * python-pillow: improperly restricted operations on memory buffer in libImaging/PcxDecode.c (CVE-2020-5312)importantScientific Linux FermiScientific Linux Fermi 6python-imaging-sane-1.1.6-20.el6_10.i686.rpm3f8e340ed49d98234b5f13477618a82cd0a23680c6f33f6a8333f2da6eaac276python-imaging-1.1.6-20.el6_10.i686.rpm73e0cf03c2fbf49793359a691b7399597a2a926da67aed07a9418fb52d76bb50python-imaging-devel-1.1.6-20.el6_10.i686.rpm6a20bc6a2e92a182be18ddbb8a79fc2d53c829b4f8f1a0e92966386e2f23cdffpython-imaging-tk-1.1.6-20.el6_10.i686.rpm50bc40dfab966b96c518021d9b6b4465f6859706cc5efbdace17b3450167ed8cSLSA-2020:0912-1Security Fix(es): * tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability (CVE-2020-1938)importantScientific Linux FermiScientific Linux Fermi 6tomcat6-6.0.24-114.el6_10.noarch.rpme67c6d4b8ff53161a4042eaf73db125e581793fef161651e13cb59988f1fc6dctomcat6-admin-webapps-6.0.24-114.el6_10.noarch.rpma05f1b783d85bc1f7f64e7bb59d7b43698f9bb368d31e16d36a3ee271d83fdaetomcat6-el-2.1-api-6.0.24-114.el6_10.noarch.rpm400c301bcb75cf7b39b7016f5e023c30efe45e3d25aa61236c63533edb733aaetomcat6-javadoc-6.0.24-114.el6_10.noarch.rpm5c1707db16c145ceb07eafe23966b012b420510d57599dd01709a2fb947c721btomcat6-webapps-6.0.24-114.el6_10.noarch.rpm4ce45e27aa33def8fbf9e9e7d2c6e87562ae1abbabd962b0130a07c4da5e3003tomcat6-jsp-2.1-api-6.0.24-114.el6_10.noarch.rpm26ce9c8aac1c86685dab7592ae4c24959f039e902114d6de2378052e97eb31e2tomcat6-docs-webapp-6.0.24-114.el6_10.noarch.rpm7bc43c2a6010849c4a713e025c2ffe605601df8cd3f5af5027c978b8da6c7c6ftomcat6-servlet-2.5-api-6.0.24-114.el6_10.noarch.rpmbe3c60a3ba52795cf7a62ce5fb4a7ac8dc9f1dd2254b1af2dba4681bfd1fa6bbtomcat6-lib-6.0.24-114.el6_10.noarch.rpme5f8748e8b5e9f488f39dc02b6fdcec0a2aaa655942fbb70bf83e2cc128fbaf5SLSA-2020:0914-1Security Fix(es): * Mozilla: Use-after-free when removing data about origins (CVE-2020-6805) * Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion (CVE-2020-6806) * Mozilla: Use-after-free in cubeb during stream destruction (CVE-2020-6807) * Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6 (CVE-2020-6814) * Mozilla: Out of bounds reads in sctp_load_addresses_from_init (CVE-2019-20503) * Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection (CVE-2020-6811) * Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission (CVE-2020-6812)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-68.6.0-1.el6_10.i686.rpm5dc51156f7cfde9e7b4011ad5ac0b886f4bdff0babd05ad96c87e034146aafafSLSA-2020:1331-1Security Fix(es): * ipmitool: Buffer overflow in read_fru_area_section function in lib/ipmi_fru.c (CVE-2020-5208)importantScientific Linux FermiScientific Linux Fermi 6ipmitool-1.8.15-3.el6_10.i686.rpmea1a33b9fa4c4c2aa724528aa35e92fabc4bd6e4c186b0677cc4ba9f2c7f83b9SLSA-2020:1335-1Security Fix(es): * telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code (CVE-2020-10188)importantScientific Linux FermiScientific Linux Fermi 6telnet-server-0.17-49.el6_10.i686.rpmd9cf7ab6b1b894a04bf4373cbb36aabf9df1884a5f4ad43940e15ce050ae43c7telnet-0.17-49.el6_10.i686.rpmbbd2194e19354b9a029e5ddd1fb360555ee95a050eb9aa981ebcd1a246765e55SLSA-2020:1339-1Security Fix(es): * Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) * Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820)criticalScientific Linux FermiScientific Linux Fermi 6firefox-68.6.1-1.el6_10.i686.rpm8ff4339baa2182e770b13ac184fd96c9931a1224cf68a4e9ed922a18184f0cedSLSA-2020:1349-1Security Fix(es): * telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code (CVE-2020-10188)importantScientific Linux FermiScientific Linux Fermi 6krb5-appl-clients-1.0.1-10.el6_10.i686.rpm1fcad7779c1fb41ea66bfdbe9efbd46f3e7b0c37674102358736a22c37c933bbkrb5-appl-servers-1.0.1-10.el6_10.i686.rpm6110f465790a6b096d571a3497a2984b45b83f99bd91e881a594f6bdfe71cc07SLSA-2020:1403-1Security Fix(es): * QEMU: Slirp: potential OOB access due to unsafe snprintf() usages Bug Fix(es): * QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-6]importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.506.el6_10.7.i686.rpm2c8d289e255beae0113cb13787b128b1b083189c718b369d269c0fc696074b02SLSA-2020:1429-1Security Fix(es): * Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) * Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) * Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822)importantScientific Linux FermiScientific Linux Fermi 6firefox-68.7.0-2.el6_10.i686.rpmad728bcd2c4f76fcf472c16c6a85db811b9c7f71628cc434bd804e0100a5de05SLSA-2020:1488-1Security Fix(es): * Mozilla: Use-after-free while running the nsDocShell destructor (CVE-2020-6819) * Mozilla: Use-after-free when handling a ReadableStream (CVE-2020-6820) * Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method (CVE-2020-6821) * Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7 (CVE-2020-6825) * Mozilla: Out of bounds write in GMPDecodeData when processing large images (CVE-2020-6822)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-68.7.0-1.el6_10.i686.rpm983056da56ace25744770efbca29f16a2969af82b7ea88a13288c835d054f965SLSA-2020:1506-1Security Fix(es): * OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) * OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) * OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) * OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) * OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) * OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) * OpenJDK: Misplaced regular expression syntax error check in RegExpScanner (Scripting, 8223898) (CVE-2020-2754) * OpenJDK: Incorrect handling of empty string nodes in regular expression Parser (Scripting, 8223904) (CVE-2020-2755) * OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) * OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)importantScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-headless-1.8.0.252.b09-2.el6_10.i686.rpm0b5a6f4e19fce4cdd9fc10d9d83a0a8170b87507e29474187ee0fb530acdcc75java-1.8.0-openjdk-src-debug-1.8.0.252.b09-2.el6_10.i686.rpm3b7737a0afdd2eb7d3e8b352c03d09b887631f835f8f1c79dff29e72241c5b41java-1.8.0-openjdk-javadoc-debug-1.8.0.252.b09-2.el6_10.noarch.rpme19975268da987ac48575702799aead59f14f335ced187695be30aaec2cc5abbjava-1.8.0-openjdk-demo-debug-1.8.0.252.b09-2.el6_10.i686.rpm143ba3d79fc10d85bee00cf4bab529cfde435cd0f56b7f7f8525797ca88a5c01java-1.8.0-openjdk-demo-1.8.0.252.b09-2.el6_10.i686.rpmf682886302c8b4ac9abef5894ce93f3db480f6966065fc6d178f8cb773e2c741java-1.8.0-openjdk-devel-debug-1.8.0.252.b09-2.el6_10.i686.rpm0814bfe44d825a9c24f15971f33d9443edfb248b8f1df1c6cf2795b78107f441java-1.8.0-openjdk-debug-1.8.0.252.b09-2.el6_10.i686.rpmd7d1b71531d39de5ac508b165da20c45a3d2a32beffa28079deeb0174358fbe7java-1.8.0-openjdk-devel-1.8.0.252.b09-2.el6_10.i686.rpm53be25fd0626e72c50e7d16bc3c8fffa707b559ad08260427dd702e250b27866java-1.8.0-openjdk-1.8.0.252.b09-2.el6_10.i686.rpmf32e6265854ef86415f1f2802fbdae64e922f7e44813549058b49f5654ac3f06java-1.8.0-openjdk-javadoc-1.8.0.252.b09-2.el6_10.noarch.rpm135085ccb7581891eea423fd6ef4d02cbc030b48e790aa48781d56271a8434acjava-1.8.0-openjdk-headless-debug-1.8.0.252.b09-2.el6_10.i686.rpm6b7dbf93fe3989884843244c5ccce890faf6e787495e707476dbfbe92f800d2ajava-1.8.0-openjdk-src-1.8.0.252.b09-2.el6_10.i686.rpm007dc853d73cfa9f6b8b388473b8f019d8f5a65182b8d977f1714e5cffc09079SLSA-2020:1508-1Security Fix(es): * OpenJDK: Incorrect bounds checks in NIO Buffers (Libraries, 8234841) (CVE-2020-2803) * OpenJDK: Incorrect type checks in MethodType.readObject() (Libraries, 8235274) (CVE-2020-2805) * OpenJDK: Unexpected exceptions raised by DOMKeyInfoFactory and DOMXMLSignatureFactory (Security, 8231415) (CVE-2020-2773) * OpenJDK: Re-use of single TLS session for new connections (JSSE, 8234408) (CVE-2020-2781) * OpenJDK: CRLF injection into HTTP headers in HttpServer (Lightweight HTTP Server, 8234825) (CVE-2020-2800) * OpenJDK: Regular expression DoS in Scanner (Concurrency, 8236201) (CVE-2020-2830) * OpenJDK: Incorrect handling of references to uninitialized class descriptors during deserialization (Serialization, 8224541) (CVE-2020-2756) * OpenJDK: Uncaught InstantiationError exception in ObjectStreamClass (Serialization, 8224549) (CVE-2020-2757)importantScientific Linux FermiScientific Linux Fermi 6java-1.7.0-openjdk-devel-1.7.0.261-2.6.22.1.el6_10.i686.rpm9354144a59e73c1737c53da9984f4cb8de09cffe0a281755f5d0abd878755f52java-1.7.0-openjdk-1.7.0.261-2.6.22.1.el6_10.i686.rpm9444c4f88cb0815d03f46b1f0cd647ba9fb929dce24a951e81e0c8394cac7732java-1.7.0-openjdk-src-1.7.0.261-2.6.22.1.el6_10.i686.rpm3ef2a31eca98086606607b07e38759d8f64f6d287732f2cbcbd9e7f7384fb974java-1.7.0-openjdk-javadoc-1.7.0.261-2.6.22.1.el6_10.noarch.rpm5b9f02ba2ad600fb3499389613ac77dc9176a41a7d9876768a59ed01fed443b1java-1.7.0-openjdk-demo-1.7.0.261-2.6.22.1.el6_10.i686.rpm97a630c706bb2d5d37e48a5300cc7ea735ecd4ca10c517602a7ef5240233607aSLSA-2020:1524-1Security Fix(es): * kernel: rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666) * kernel: offset2lib allows for the stack guard page to be jumped over (CVE-2017-1000371)importantScientific Linux FermiScientific Linux Fermi 6python-perf-2.6.32-754.29.1.el6.i686.rpm413496762d84e9e429bede93968364b92ee9b4bca6d111d98a85eaded65b1c2bkernel-firmware-2.6.32-754.29.1.el6.noarch.rpmbd4c2ee33949073a2178159e42b89a1c8c00fa0a4138d734a972ef527ce91efdkernel-debug-devel-2.6.32-754.29.1.el6.i686.rpm6ba2d8062dfb47aa9fa2910f7981ef19987838a6c1a77143594b1c32a3909028kernel-debug-2.6.32-754.29.1.el6.i686.rpmae0e41c4b86dc18df50f93ffeca0b88c2f8b6c6df9103c5e66842e393adee431kernel-doc-2.6.32-754.29.1.el6.noarch.rpm2defbde25423ad053033684cde92f7e36331c7358e7cef50faaa60613aaccd70kernel-abi-whitelists-2.6.32-754.29.1.el6.noarch.rpm21415c036c175c1ff223d933f78794efdd9bd62777ea5b32533bbe853dfb1a39kernel-2.6.32-754.29.1.el6.i686.rpm70ddda91e0472a57452373b939be1c927fed72949f2c66d12bd29f87a4478b57kernel-headers-2.6.32-754.29.1.el6.i686.rpm2f794473871c2879d843c87283b748bead779813301d60791db9c82224a8f22fperf-2.6.32-754.29.1.el6.i686.rpm7bfa51c01cdb3ad26e14b287d4fe65382637d0fb1771f76fdd7cad9cad73775ekernel-devel-2.6.32-754.29.1.el6.i686.rpm68bf2d7f23c8247d12053cb0ba3a604c3f1da61782a949c86f16eaa9f09fa301SLSA-2020:1962-1Security Fix(es): * python-twisted: HTTP request smuggling when presented with two Content-Length headers (CVE-2020-10108)importantScientific Linux FermiScientific Linux Fermi 6python-twisted-web-8.2.0-6.el6_10.i686.rpmc94f94f4682e6795108539c2136e9c9345b548430d531bd51e98f96d02a41a91SLSA-2020:2036-1Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * Mozilla: Buffer overflow in SCTP chunk input validation (CVE-2020-6831) * Mozilla: Arbitrary local file access with 'Copy as cURL' (CVE-2020-12392)criticalScientific Linux FermiScientific Linux Fermi 6firefox-68.8.0-1.el6_10.i686.rpmff969ec40b02b9b409cc49bc985aa45bcd464c72e5edee8463141ea0a97840b4SLSA-2020:2049-1Security Fix(es): * Mozilla: Use-after-free during worker shutdown (CVE-2020-12387) * Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8 (CVE-2020-12395) * usrsctp: Buffer overflow in AUTH chunk input validation (CVE-2020-6831) * Mozilla: Arbitrary local file access with 'Copy as cURL' (CVE-2020-12392) * Mozilla: Sender Email Address Spoofing using encoded Unicode characters (CVE-2020-12397)criticalScientific Linux FermiScientific Linux Fermi 6thunderbird-68.8.0-1.el6_10.i686.rpm276f363d8ddc3552bf135342ffb2a4acd400cbc1e452e3b7edeffc0fd6a115f5SLSA-2020:2103-1Security Fix(es): * Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711)importantScientific Linux FermiScientific Linux Fermi 6kernel-doc-2.6.32-754.29.2.el6.noarch.rpmd5fc2eaa74a1164e87e0e4c89749626e01abb315781aa3723eef54d091cb717akernel-headers-2.6.32-754.29.2.el6.i686.rpm39ff3280d089ed98fa29b703636fcafa6851111551884f67357130ce5b031979kernel-debug-2.6.32-754.29.2.el6.i686.rpmbd5c7284198005e6178785ebe8b45dd48f98d1bc66396e372267fce4932dd4b9kernel-2.6.32-754.29.2.el6.i686.rpmf06547b178b03475305bc2fc7c408c453e3255beee2269d1ee20e5781f91103fkernel-debug-devel-2.6.32-754.29.2.el6.i686.rpmc0253bd506d0754a0b06020c65c1c748b60f2bc25dfa40928e2d35b216dd414ckernel-abi-whitelists-2.6.32-754.29.2.el6.noarch.rpm0420598dca0abb270d088895439416fa07f685d4099807ee1b9683a815c292d6kernel-devel-2.6.32-754.29.2.el6.i686.rpm0186f1f6ec9a68ceea53d9c0cb87448d77586a38bc28e68d78780dbb40657393perf-2.6.32-754.29.2.el6.i686.rpm6abd7deef9c75e8656dd20b20e2f6a49b570019356373297a5e2c432a0156f76python-perf-2.6.32-754.29.2.el6.i686.rpm2c71e1625a87a8fcd1811394761018a9473965e54ac173069a5452369bdb8463kernel-firmware-2.6.32-754.29.2.el6.noarch.rpmc115cfac5d1f31547e415ce6299dd8df41c6a3343d6b1f45ed870a4098f1ecdbSLSA-2020:2378-1Security Fix(es): * Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion with NativeTypes (CVE-2020-12406) * Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 (CVE-2020-12410)importantScientific Linux FermiScientific Linux Fermi 6firefox-68.9.0-1.el6_10.i686.rpmc8492bbae72bdea59eb209ed09fdce0979d34a4510a76da61befda5fda11146dSLSA-2020:2383-1Security Fix(es): * bind: BIND does not sufficiently limit the number of fetches performed when processing referrals (CVE-2020-8616) * bind: A logic error in code which checks TSIG validity can be used to trigger an assertion failure in tsig.c (CVE-2020-8617)importantScientific Linux FermiScientific Linux Fermi 6bind-sdb-9.8.2-0.68.rc1.el6_10.7.i686.rpm33102af0b5d55c548c380db640ec25d946b1223b2664359ce3c79097a0e72afcbind-chroot-9.8.2-0.68.rc1.el6_10.7.i686.rpm3f451e02ce43fab493a31c19d9f8f58c2e60a51c2db95f0f58053802da466542bind-9.8.2-0.68.rc1.el6_10.7.i686.rpmd9d6739f85bca6845a30b2c7e44f01b263fd260afc49f1b8982289bd4ceb0d84bind-devel-9.8.2-0.68.rc1.el6_10.7.i686.rpmbd5e29847f28c681d00071493941add2c30d9ae99f4eb0469a22b89ee6873acfbind-libs-9.8.2-0.68.rc1.el6_10.7.i686.rpm0260edc1e0c226c49f66583e3ca503f3c3976233210f54ae8139bbae52fe23afbind-utils-9.8.2-0.68.rc1.el6_10.7.i686.rpmc216753fb645a6b4eb5fd42fc9149adf6dc53196f4db99cd3841d7a291da4dc8SLSA-2020:2406-1Security Fix(es): * freerdp: Out-of-bounds write in crypto_rsa_common in libfreerdp/crypto/crypto.c (CVE-2020-13398)importantScientific Linux FermiScientific Linux Fermi 6freerdp-libs-1.0.2-7.el6_10.i686.rpma5baa62e16352b5b2ecd546ee16daf3567c42ef094f83f7f466cc12fd2a8c4f9freerdp-devel-1.0.2-7.el6_10.i686.rpmeacfd27013b2bfdf41cd621abf469ac0aef2df7ad612db6da69bc6132b652730freerdp-1.0.2-7.el6_10.i686.rpm41b4e9d74d9563db5d64206664f105ff94cf79b306af69806f4901ced9094df2freerdp-plugins-1.0.2-7.el6_10.i686.rpm3eb480de66ea0e120ca561b2e5e65bbfc17ba3c4530c4101c4cdb7c07bafe763SLSA-2020:2430-1Security Fix(es): * kernel: NULL pointer dereference due to KEYCTL_READ on negative key (CVE-2017-12192)moderateScientific Linux FermiScientific Linux Fermi 6kernel-headers-2.6.32-754.30.2.el6.i686.rpm510a771f66e3c05cc7c14c62a0d53bfe7fe76fe67241d7f6346d404ba9a42ea1kernel-abi-whitelists-2.6.32-754.30.2.el6.noarch.rpm730770d4ce0c67828244447ebc39d11243b6bfe40ddcd34224ab246ca84833d5kernel-2.6.32-754.30.2.el6.i686.rpm8f4b6a6357d346680675a4f6e6580535c51a7fb0856b7a92b30721446a3641a0kernel-debug-devel-2.6.32-754.30.2.el6.i686.rpmf7c3d857729cb095d06af86f69412a2744053ad84aa50859ddfd0aa2abac566dkernel-debug-2.6.32-754.30.2.el6.i686.rpm8be551c1fdc7d72df1c913333bdafadbf828cf46b612be5fcce28ad1d6ed7e42kernel-doc-2.6.32-754.30.2.el6.noarch.rpm176c75f8d19c75db7f1c00844acd6777c12c2b16caa608896f6a369cdd48a785perf-2.6.32-754.30.2.el6.i686.rpm16abaaed6779670b58522418db86108054da83a2b277028afa70096bcadb8a8ekernel-firmware-2.6.32-754.30.2.el6.noarch.rpm8a9d803a8bf4395aa75086a462f5a2f75457ae2c2bd2c4bc07a40a3e648defb9kernel-devel-2.6.32-754.30.2.el6.i686.rpm70c11214d3fd258dba85940511880b10273c71f053a0dfe5cbeec9660ea6858bpython-perf-2.6.32-754.30.2.el6.i686.rpm915ec613738fd37809f534d16ff60e6b3c631edf14c52b2161bf24d740f30b93SLSA-2020:2433-1Security Fix(es): * hw: Special Register Buffer Data Sampling (SRBDS) (CVE-2020-0543) * hw: L1D Cache Eviction Sampling (CVE-2020-0549) * hw: Vector Register Data Sampling (CVE-2020-0548)moderateScientific Linux FermiScientific Linux Fermi 6microcode_ctl-1.17-33.26.el6_10.i686.rpm2f47f6520509729b2db205f2bb9fb27da378323b451bd97a7892a28c19ce73a2SLSA-2020:2516-1Security Fix(es): * libexif: several buffer over-reads in EXIF MakerNote handling can lead to information disclosure and DoS (CVE-2020-13112)moderateScientific Linux FermiScientific Linux Fermi 6libexif-devel-0.6.21-6.el6_10.i686.rpm9879765aaf062b70cd05712af8a56585fe8b7183b876064046e3b52a00fb039blibexif-0.6.21-6.el6_10.i686.rpmace0d218fe2af9d4388e16cd74e56407fc84d7449c4734e5083f896cec0965a3SLSA-2020:2529-1* tomcat: deserialization flaw in session persistence storage leading to RCE (CVE-2020-9484)importantScientific Linux FermiScientific Linux Fermi 6tomcat6-admin-webapps-6.0.24-115.el6_10.noarch.rpmab7257bf316de7c76f7c6f94963b25b7249b67eab8917d60658271ad54656af8tomcat6-webapps-6.0.24-115.el6_10.noarch.rpmc91a7a99212042e51aa337f876498052253ab3e7c8b92122d9f4bf8e3e78dbedtomcat6-6.0.24-115.el6_10.noarch.rpmf1b3b894b412ff6b21743ec297617202a22eef5f2b1ef6e897d14e2d17e73306tomcat6-docs-webapp-6.0.24-115.el6_10.noarch.rpm1266db8f8dc17028c4ecf3a1e1ca909316d16467f2707a4d011c3a593f8ec9ddtomcat6-jsp-2.1-api-6.0.24-115.el6_10.noarch.rpmbefc720145865fd7c2c8212e17ff455424fa5deb7121938b6aaec3cdbc744dfctomcat6-javadoc-6.0.24-115.el6_10.noarch.rpm6125b1df82d8470a1194b539578bab6a5b579b82d48b292677120b3b04a791e6tomcat6-lib-6.0.24-115.el6_10.noarch.rpmd6c3b2b895ffbcb24ce3002b1f7ada3852ef24da299fc828750bc1eb1b930991tomcat6-servlet-2.5-api-6.0.24-115.el6_10.noarch.rpmd8c8a740ba3cc36e91a74d7bbae6901df18ebe696ea3bbbeab47b0b0b4571e7etomcat6-el-2.1-api-6.0.24-115.el6_10.noarch.rpm5ba010b035d1372221917d23a762d5138648fb2669b799bc0806d7f2102bbcf2SLSA-2020:2613-1Security Fix(es): * Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage (CVE-2020-12398) * Mozilla: Use-after-free in SharedWorkerService (CVE-2020-12405) * Mozilla: JavaScript Type confusion with NativeTypes (CVE-2020-12406) * Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9 (CVE-2020-12410)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-68.9.0-1.el6_10.i686.rpm2c9535e4c563fe491472ccb4ba4be8e3ab7ce8363295b2d31a98855b1efb6072SLSA-2020:2640-1Security Fix(es): * unbound: amplification of an incoming query into a large number of queries directed to a target (CVE-2020-12662) * unbound: infinite loop via malformed DNS answers received from upstream servers (CVE-2020-12663)importantScientific Linux FermiScientific Linux Fermi 6unbound-devel-1.4.20-29.el6_10.1.i686.rpm1640c1c683df3635ae36acb42b5f14ecca4de9afafc02d2fc8ae56eec77367bfunbound-1.4.20-29.el6_10.1.i686.rpmf58b96e6e3a3b79f5507a0e2950b8f940d8bc780522e16e01d246c3064105f24unbound-libs-1.4.20-29.el6_10.1.i686.rpm0be3da9d7576e4670c2a6779820fd9516c14d0be004c979b19adedae8eddead0unbound-python-1.4.20-29.el6_10.1.i686.rpm24ed8af56ac67370ba105e9d738d0ecc654fa687460e129adfdf21af68f24218SLSA-2020:2824-1Security Fix(es): * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) * Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419) * Mozilla: Use-After-Free when trying to connect to a STUN server (CVE-2020-12420) * Mozilla: Add-On updates did not respect the same certificate trust rules as software updates (CVE-2020-12421)importantScientific Linux FermiScientific Linux Fermi 6firefox-68.10.0-1.el6_10.i686.rpm1804805bd0e916dcf89e3589374aaf5d1f06020b57373970e2ad0e3f3f01c681SLSA-2020:2933-1Security Fix(es): * kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)moderateScientific Linux FermiScientific Linux Fermi 6kernel-firmware-2.6.32-754.31.1.el6.noarch.rpm7d3a2a63f1a3e7bbc67de2f0ca9c68e7c3daaf0640e4835f9b060961a70b9095kernel-doc-2.6.32-754.31.1.el6.noarch.rpm6917b2ed40d0db1bd3b8c8df73aac89cfcaf899404b5a011eac2f809b50955f1kernel-debug-2.6.32-754.31.1.el6.i686.rpmf1fdf52d20afa0c1975918b11d7bf81bb8ae8dc65ef2f18996fc105a9ca2b7a0kernel-abi-whitelists-2.6.32-754.31.1.el6.noarch.rpm5a01513018c63477b395dfd3b566e36cb970039217f71703d35d01a9f49ef009kernel-debug-devel-2.6.32-754.31.1.el6.i686.rpm423a5bcbfe1c0407b211abc3598b2c387670f59a3379a7710c824a55ca920132python-perf-2.6.32-754.31.1.el6.i686.rpm183e7851ef5b87f579efe40162ee0a4de545f7585f3a1c1cb99a11a1f8059a89kernel-headers-2.6.32-754.31.1.el6.i686.rpm07bf93535171ce1064739a31be94c259a07a774e7188990b2d310473347b39b0kernel-devel-2.6.32-754.31.1.el6.i686.rpm44fe16721dc2c278aed128eac2073a1b4808b5bbd3f4a979b8815e5062f3b22fkernel-2.6.32-754.31.1.el6.i686.rpmc89fb86d08d16b8ab4ab3a93e10be14fa1b5d551073d3bf1306ce14ba73f21a3perf-2.6.32-754.31.1.el6.i686.rpm5e1bc4279f3d3cc73d560fbf4c8a6384991468480c9bcc92a282a54bcceb1445SLSA-2020:2966-1Security Fix(es): * Mozilla: Information disclosure due to manipulated URL object (CVE-2020-12418) * Mozilla: Use-after-free in nsGlobalWindowInner (CVE-2020-12419) * Mozilla: Use-After-Free when trying to connect to a STUN server (CVE-2020-12420) * Mozilla: Add-On updates did not respect the same certificate trust rules as software updates (CVE-2020-12421)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-68.10.0-1.el6_10.i686.rpmbced70b3e467495f91a0f3d97128ced58d3af61b150ed08cd787a8112aadba81SLSA-2020:2985-1Security Fix(es): * OpenJDK: Bypass of boundary checks in nio.Buffer via concurrent access (Libraries, 8238920) (CVE-2020-14583) * OpenJDK: Incomplete bounds checks in Affine Transformations (2D, 8240119) (CVE-2020-14593) * OpenJDK: Incorrect handling of access control context in ForkJoinPool (Libraries, 8237117) (CVE-2020-14556) * OpenJDK: Unexpected exception raised by DerInputStream (Libraries, 8237731) (CVE-2020-14578) * OpenJDK: Unexpected exception raised by DerValue.equals() (Libraries, 8237736) (CVE-2020-14579) * OpenJDK: XML validation manipulation due to incomplete application of the use-grammar-pool-only feature (JAXP, 8242136) (CVE-2020-14621) * OpenJDK: HostnameChecker does not ensure X.509 certificate names are in normalized form (JSSE, 8237592) (CVE-2020-14577)importantScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-headless-debug-1.8.0.262.b10-0.el6_10.i686.rpm0020cd1b9d979b42953c8462d6d8e1c317c6f735d5fb9cc1fb2248f72d0ab745java-1.8.0-openjdk-src-debug-1.8.0.262.b10-0.el6_10.i686.rpm838184c878241e601e86fcf53e2f5adbb6cf6a52534d5baeaed5dfcd26cbb589java-1.8.0-openjdk-devel-1.8.0.262.b10-0.el6_10.i686.rpm0e82ed94cb3557e38ab98cef3091102d05a4e15ec280bc6ca30eddf27c0e3cdbjava-1.8.0-openjdk-javadoc-debug-1.8.0.262.b10-0.el6_10.noarch.rpmd9add926a08b73c1a5202a99eacc399216cdeb39d52b5e2941285902e6bf4d58java-1.8.0-openjdk-headless-1.8.0.262.b10-0.el6_10.i686.rpm1c7205be5c8b27dbce0cdfc9d5bc7504c96344c6b9b332f48b01f4b77759dc4ejava-1.8.0-openjdk-devel-debug-1.8.0.262.b10-0.el6_10.i686.rpm8d31850fbd38536174b747f0a73da165b3522e2488643d627f1d2ce614db7272java-1.8.0-openjdk-src-1.8.0.262.b10-0.el6_10.i686.rpmc9b679cc63593d86fbef9ee570e77cac7587d249b4bd1513554f20d53d6586cejava-1.8.0-openjdk-1.8.0.262.b10-0.el6_10.i686.rpm37343f2f5374544fde41c18a3fc67e5c5c37e2cf6091ed5ad88591920b9b12e8java-1.8.0-openjdk-debug-1.8.0.262.b10-0.el6_10.i686.rpm5207a1282a0dc55be458421408bf0cb7c40f2a5f51593a4a9f676a0371d3b869java-1.8.0-openjdk-demo-debug-1.8.0.262.b10-0.el6_10.i686.rpm24edab90a5bc79a21656be1aadba722c8c00e819deb08e1469950879bb2f6027java-1.8.0-openjdk-demo-1.8.0.262.b10-0.el6_10.i686.rpmec82aae1ff72c99a759104dd639d1d7f7839b8274f458240dff7707ac3b10cfbjava-1.8.0-openjdk-javadoc-1.8.0.262.b10-0.el6_10.noarch.rpmf4bd52580595be5fb5245aed4860b1346bb6cb78963f1e7c4c0d896254c1b831SLSA-2020:3233-1Security Fix(es): * chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652) * Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)importantScientific Linux FermiScientific Linux Fermi 6firefox-68.11.0-1.el6_10.i686.rpm17c09a311a7b229d3d205f635e6753b17d6da51e0fbc2f99264d5ca290d65323SLSA-2020:3284-1Security Fix(es): * postgresql-jdbc: XML external entity (XXE) vulnerability in PgSQLXML (CVE-2020-13692)importantScientific Linux FermiScientific Linux Fermi 6postgresql-jdbc-8.4.704-4.el6_10.noarch.rpm518995d76313e361af8511350b1dec10e78068f1851d168b4a8cda7456f71a39SLSA-2020:3345-1Security Fix(es): * chromium-browser: Use after free in ANGLE (CVE-2020-6463) * chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514) * Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652) * Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-68.11.0-1.el6_10.i686.rpm3ab0f800b68a46147163fa9338f92b1b6d143eb92ec672778cc34a29cc1de347SLSA-2020:3548-1Security Fix(es): * kernel: Null pointer dereference in search_keyring (CVE-2017-2647) * kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c (CVE-2019-14896)importantScientific Linux FermitrueScientific Linux Fermi 6kernel-doc-2.6.32-754.33.1.el6.noarch.rpm89b9afcd74bc9bf1d0602ab37023b48695e0cea186a4612afb5a0697fd92cafakernel-firmware-2.6.32-754.33.1.el6.noarch.rpmd760d7286eca3b52ddd6765fe10afa6d88eceeb4dc85f1ce020cae7e7cc040f3kernel-debug-devel-2.6.32-754.33.1.el6.i686.rpm52c94b1c7ab0197a72bef089969a663154c26bf7cd3c9f2ec945e1fd3b1e4a8apython-perf-2.6.32-754.33.1.el6.i686.rpm8d6cac4851344ae489f38a5a25fe15bcfc31f8bbb1b5ee84b6c5f4716d1a1fa5kernel-abi-whitelists-2.6.32-754.33.1.el6.noarch.rpm1c10f523013b858e8d2e5f087378a56c7f0794fd8d15df97649e51fc2e31fd1bkernel-devel-2.6.32-754.33.1.el6.i686.rpma8acd52591cfc2ad9e27086dab39253e12fe351b334a71969d7fc6ea895dab04kernel-2.6.32-754.33.1.el6.i686.rpmc9148fc1cc132e8300184b3466de3fc3500a022528f57f6238124344ec8622f8kernel-headers-2.6.32-754.33.1.el6.i686.rpma1a4ad2948aa054aa6fad6f798175bf118c73b49431b1560bc846020d71474c4kernel-debug-2.6.32-754.33.1.el6.i686.rpm9174a036b6abf890361d5c2b2092b29e39ab7b54da0ca7de49fa3a846a2a1699perf-2.6.32-754.33.1.el6.i686.rpm584c5b03bacd4f06762c6cd37e7762bf23661b95307d62ec9775fed3671fd97aSLSA-2020:3558-1Security Fix(es): * Mozilla: Attacker-induced prompt for extension installation (CVE-2020-15664) * Mozilla: Use-After-Free when aborting an operation (CVE-2020-15669)importantScientific Linux FermiScientific Linux Fermi 6firefox-68.12.0-1.el6_10.i686.rpm023f3bb22b3cfba3d49d8262c6c3f3da0bfa7d1900c684eee1b0a343a568bfa2SLSA-2020:3643-1Security Fix(es): * Mozilla: Attacker-induced prompt for extension installation (CVE-2020-15664) * Mozilla: Use-After-Free when aborting an operation (CVE-2020-15669)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-68.12.0-1.el6_10.i686.rpmfc8c1299420df9d20c220963de6dccba892777a75547c809f314a26993108e0fSLSA-2020:3835-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 (CVE-2020-15673) * Mozilla: XSS when pasting attacker-controlled data into a contenteditable element (CVE-2020-15676) * Mozilla: Download origin spoofing via redirect (CVE-2020-15677) * Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario (CVE-2020-15678)importantScientific Linux FermiScientific Linux Fermi 6firefox-78.3.0-1.el6_10.i686.rpm9aa64152a903a27623425043682949073834c68188e5a2f177ad87cbafbc645cSLSA-2020:4056-1Security Fix(es): * QEMU: usb: out-of-bounds r/w access issue while processing usb packets (CVE-2020-14364)importantScientific Linux FermiScientific Linux Fermi 6qemu-guest-agent-0.12.1.2-2.506.el6_10.8.i686.rpmcc2bed3761dddc19d959d87792bdffb2ec2b2aaa4a62050cafa6a8741bc5534bSLSA-2020:4158-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3 (CVE-2020-15673) * Mozilla: XSS when pasting attacker-controlled data into a contenteditable element (CVE-2020-15676) * Mozilla: Download origin spoofing via redirect (CVE-2020-15677) * Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario (CVE-2020-15678)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-78.3.1-1.el6_10.i686.rpm253b05f073eee8471a5935e4cf64b850d9e8bcbf32c6435d75b9c3135a513f9aSLSA-2020:4182-1Security Fix(es): * kernel: Count overflow in FUSE request leading to use-after-free issues. (CVE-2019-11487)importantScientific Linux FermiScientific Linux Fermi 6kernel-abi-whitelists-2.6.32-754.35.1.el6.noarch.rpm100e6fd09800c19d354b45d101ee8acf435ff3747dd55fa7c540336e22fa2856kernel-2.6.32-754.35.1.el6.i686.rpme8df5b48ea18d798557b895a936a35d29dc2fe5ba2c9880194fb09d5e52f77b0kernel-doc-2.6.32-754.35.1.el6.noarch.rpm3d2c718136637743613cca4a746e3a2db77f754e1fb8641560311ed6a1bb0e00kernel-debug-2.6.32-754.35.1.el6.i686.rpmb4d7f1a164aba2b9933ea65ea970b2db5373dc55d33655634b79c16000217ae7kernel-devel-2.6.32-754.35.1.el6.i686.rpm16787ab91ba82e6fb8c62504067e4bc9a046d2ec8643e50059a734e0066af336python-perf-2.6.32-754.35.1.el6.i686.rpm27bfe458d147e4639c2049df8aad599780ef431ce5bca334393db49aef5ce0a7kernel-headers-2.6.32-754.35.1.el6.i686.rpmd2a44ac5b894962711bfab05af04598316ecbffbf65ce1256154432786d90ac5kernel-debug-devel-2.6.32-754.35.1.el6.i686.rpm82911fc16c01b77d9ab57dbbaaacdc21489aa6c96bd204fa4138779315283f16perf-2.6.32-754.35.1.el6.i686.rpm3d5446d78ae1a488458ab00aa5b6f5772520a55c2e11b0a27680cd69bbe2bb14kernel-firmware-2.6.32-754.35.1.el6.noarch.rpm261ebda42bb7b07feafe9a41c9cd6496388092ad274663bda175b38075a9778bSLSA-2020:4183-1Security Fix(es): * bind: truncated TSIG response can lead to an assertion failure (CVE-2020-8622)moderateScientific Linux FermiScientific Linux Fermi 6bind-devel-9.8.2-0.68.rc1.el6_10.8.i686.rpmf1d6c007de19e2138ddc190f7280255aec51331651f0077a2cb14883a9aaa193bind-utils-9.8.2-0.68.rc1.el6_10.8.i686.rpm6055789e22872ce53f2b88dca2039ebc83ef9b946335325847327b6848d2fb02bind-libs-9.8.2-0.68.rc1.el6_10.8.i686.rpm96e44f398115d84ccab20b597896f01bf83641a97ab85850348fb9c9882d8066bind-9.8.2-0.68.rc1.el6_10.8.i686.rpme78947b1dd48dacca07c5ac21d174e3568d3d1a27144fdd20f3aac9ae7ed951ebind-sdb-9.8.2-0.68.rc1.el6_10.8.i686.rpm3ab39050adf36857b15e65e472340815a178065508d1a6f5e504430f50b12985bind-chroot-9.8.2-0.68.rc1.el6_10.8.i686.rpmf57896e9974f7f9abaee4c4a8fe479edb434c8b6fa79e0eb75f2b2d6c0353edcSLSA-2020:4330-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683) * chromium-browser: Use after free in WebRTC (CVE-2020-15969)importantScientific Linux FermiScientific Linux Fermi 6firefox-78.4.0-2.el6_10.i686.rpm2ba2f4ee0d42c5c8f1f5814a9c6a21354292c95a1abf09b4ae6c91018cf49e0eSLSA-2020:4348-1Security Fix(es): * OpenJDK: Credentials sent over unencrypted LDAP connection (JNDI, 8237990) (CVE-2020-14781) * OpenJDK: Certificate blacklist bypass via alternate certificate encodings (Libraries, 8237995) (CVE-2020-14782) * OpenJDK: Integer overflow leading to out-of-bounds access (Hotspot, 8241114) (CVE-2020-14792) * OpenJDK: Incomplete check for invalid characters in URI to path conversion (Libraries, 8242685) (CVE-2020-14797) * OpenJDK: Race condition in NIO Buffer boundary checks (Libraries, 8244136) (CVE-2020-14803) * OpenJDK: High memory usage during deserialization of Proxy class with many interfaces (Serialization, 8236862) (CVE-2020-14779) * OpenJDK: Missing permission check in path to URI conversion (Libraries, 8242680) (CVE-2020-14796)moderateScientific Linux FermiScientific Linux Fermi 6java-1.8.0-openjdk-devel-1.8.0.272.b10-0.el6_10.i686.rpm96acc9d0abbb13e238ed3f0460dfac535a85ec9d961fc98c10a6c95cdc642ba6java-1.8.0-openjdk-javadoc-1.8.0.272.b10-0.el6_10.noarch.rpm3d848e9ca71e703304c558bb4843f6ac892c281d382699a33caf822871bc80a8java-1.8.0-openjdk-src-debug-1.8.0.272.b10-0.el6_10.i686.rpmb7fcffad62eea1cc9657f96830811bac76d0e06576b58d37dbdf0b28f9eb03dbjava-1.8.0-openjdk-demo-debug-1.8.0.272.b10-0.el6_10.i686.rpm8c99ae391cd937e1c063bddfcc5d910d5c9f8b6cd8be2f6fd18d5f97ce528ee1java-1.8.0-openjdk-headless-debug-1.8.0.272.b10-0.el6_10.i686.rpme1c4ad048405e160b29f472339b4a40eb50ad7edff8f5eb11a36e91d0155d834java-1.8.0-openjdk-debug-1.8.0.272.b10-0.el6_10.i686.rpm3e0f240d762b8848a767b68df2a5bf02b148a8222374021e332a970684de5d4bjava-1.8.0-openjdk-demo-1.8.0.272.b10-0.el6_10.i686.rpmbba8f56fed90539a23b5a413d4f8a52fd475e51d395437b94e22154a0d730dcejava-1.8.0-openjdk-devel-debug-1.8.0.272.b10-0.el6_10.i686.rpm7868832e53708921fabd2a3f5bfb0e40e33bb5b1a485011f55beb340c90d28d1java-1.8.0-openjdk-1.8.0.272.b10-0.el6_10.i686.rpm1fbb2d15316d9c7a1ef0e75726fefb7c074cb53d3a7fb3c3d5a0d2b140746648java-1.8.0-openjdk-javadoc-debug-1.8.0.272.b10-0.el6_10.noarch.rpmf80967b523dace32996e65a5aac40e1cfa2b2996f4f251493975e53c4f9620dbjava-1.8.0-openjdk-src-1.8.0.272.b10-0.el6_10.i686.rpmc04171219d66a2291b8ca4666839a124299977d337ef92daffb2cb5dc38c40ebjava-1.8.0-openjdk-headless-1.8.0.272.b10-0.el6_10.i686.rpm80f7d43c37ad3653f3550a583438162053432cace64b28e7b0b8281f3056e7e5SLSA-2020:4946-1importantScientific Linux FermiScientific Linux Fermi 6libX11-devel-1.6.4-4.el6_10.i686.rpm68f1dfbc7ea52eaaa0793c63f6f2488bab061f0e21af1c8cd8f88ad67b030d5elibX11-common-1.6.4-4.el6_10.noarch.rpmcc943401aa5342763c1624d94045f07d846bcf5ed5f93b752144769100b82d9dlibX11-1.6.4-4.el6_10.i686.rpmf7b2e35a4af10b8d9346697dba79dda970f079c7a77ce54198f3596db2926259SLSA-2020:4947-1Security Fix(es): * Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4 (CVE-2020-15683) * chromium-browser: Use after free in WebRTC (CVE-2020-15969)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-78.4.0-1.el6_10.i686.rpmb3bcfcbfbae87c3e35b9a3cb52cbf6886d567dc2168c3da16a6a730bfcd09be4SLSA-2020:4953-1Security Fix(es): * xorg-x11-server: Out-of-bounds access in XkbSetNames function (CVE-2020-14345) * xorg-x11-server: Integer underflow in the X input extension protocol (CVE-2020-14346) * xorg-x11-server: XkbSelectEvents integer underflow privilege escalation vulnerability (CVE-2020-14361) * xorg-x11-server: XRecordRegisterClients integer underflow privilege escalation vulnerability (CVE-2020-14362)importantScientific Linux FermiScientific Linux Fermi 6xorg-x11-server-common-1.17.4-18.sl6_10.i686.rpm8b94bbb9c9981e11716bb78fe5249345ec38440119ed87390e1edaa0d3975d55xorg-x11-server-devel-1.17.4-18.sl6_10.i686.rpm810b8bcc70516214184521857befce4baf6d3535e51e230b9c86140cd81517f7xorg-x11-server-source-1.17.4-18.sl6_10.noarch.rpm15077b6f04e8b424e017e80f2ec3e2a25ae54c3cf3de956181a6a66326b0af21xorg-x11-server-Xnest-1.17.4-18.sl6_10.i686.rpma312654461fe22a47c0e5b50eefd2b56b495b7a3031518ff7bf9d0ce0bed9957xorg-x11-server-Xephyr-1.17.4-18.sl6_10.i686.rpm624c3b62896112a07ed4036f05394392d4be75cb6c699abe1887783e7d14559axorg-x11-server-Xorg-1.17.4-18.sl6_10.i686.rpmea32ffe1a2dd143f1d68f8c64536d9d8a0eb064e704abd11bdc7c26fc73a9325xorg-x11-server-Xdmx-1.17.4-18.sl6_10.i686.rpmd5207cb787e7ce08d08fabc664eb2ab9acb8cf38c29b8b560c01e2f74d9e7b0cxorg-x11-server-Xvfb-1.17.4-18.sl6_10.i686.rpmf4431c410eaeb5d9ac2ea2786d1768b6e15b4f287cef9b4265b017f1a867d76aSLSA-2020:5084-1Security Fix(es): * hw: Vector Register Leakage-Active (CVE-2020-8696) * hw: Fast forward store predictor (CVE-2020-8698)moderateScientific Linux FermiScientific Linux Fermi 6microcode_ctl-1.17-33.31.el6_10.i686.rpma51bcc846e579faa86cbdc292e5a17f7d35632294b015f4fe151bd08ffe7d819SLSA-2020:5104-1Security Fix(es): * Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950)criticalScientific Linux FermiScientific Linux Fermi 6firefox-78.4.1-1.el6_10.i686.rpmd7a694205e09cdeb988f2f1dda108aa3093beb84ee59a0f4561893f0fba1d5cdSLSA-2020:5129-1Security Fix(es): * net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution (CVE-2020-15862)importantScientific Linux FermiScientific Linux Fermi 6net-snmp-libs-5.5-60.el6_10.2.i686.rpmc0c3aad58e11ebd52cd0a15fe50b7096ba65f974ce4c1210c4eeeb8816f9cdd5net-snmp-5.5-60.el6_10.2.i686.rpmb0a6b185d46fc86ea9a0695fcf16f69761759e48e4a1dd20c53617f6f9496eb4net-snmp-perl-5.5-60.el6_10.2.i686.rpm78325e85f40ab64bd0dadbc492e7f10fc8b8a4f7259825976bfd305e1ead81acnet-snmp-python-5.5-60.el6_10.2.i686.rpm750c0fbab335a796dc1f774a2ab43f7bc0c60a07a9b1185727fc4f59a7907930net-snmp-devel-5.5-60.el6_10.2.i686.rpm963c5bce27f67b465c2db63793d574a1902c50438dc012fcf8fa1ba803b4e02anet-snmp-utils-5.5-60.el6_10.2.i686.rpmda403aaf1340ce50542256f9eb994c6fdff436e0c5011d4e23ba1b1a19dfefd3SLSA-2020:5164-1This update upgrades Thunderbird to version 78.4.3. Security Fix(es): * Mozilla: Write side effects in MCallGetProperty opcode not accounted for (CVE-2020-26950)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-78.4.3-1.el6_10.i686.rpmb4e05ca3c0a93aa6a41ca5b53619289362f9bf4a3d840b061867f5c803397a3aSLSA-2020:5238-1This update upgrades Thunderbird to version 78.5.0. Security Fix(es): * Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code (CVE-2020-26951) * Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 (CVE-2020-26968) * Mozilla: Variable time processing of cross-origin images during drawImage calls (CVE-2020-16012) * Mozilla: Fullscreen could be enabled without displaying the security UI (CVE-2020-26953) * Mozilla: XSS through paste (manual and clipboard API) (CVE-2020-26956) * Mozilla: Requests intercepted through ServiceWorkers lacked MIME type restrictions (CVE-2020-26958) * Mozilla: Use-after-free in WebRequestService (CVE-2020-26959) * Mozilla: Potential use-after-free in uses of nsTArray (CVE-2020-26960) * Mozilla: DoH did not filter IPv4 mapped IP Addresses (CVE-2020-26961) * Mozilla: Software keyboards may have remembered typed passwords (CVE-2020-26965)importantScientific Linux FermiScientific Linux Fermi 6thunderbird-78.5.0-1.el6_10.i686.rpm06e84507399c79309a7cd092f4a6883075dae537a3764e1de1de3fc81a0c0950SLSA-2020:5257-1This update upgrades Firefox to version 78.5.0 ESR. Security Fix(es): * Mozilla: Parsing mismatches could confuse and bypass security sanitizer for chrome privileged code (CVE-2020-26951) * Mozilla: Memory safety bugs fixed in Firefox 83 and Firefox ESR 78.5 (CVE-2020-26968) * Mozilla: Variable time processing of cross-origin images during drawImage calls (CVE-2020-16012) * Mozilla: Fullscreen could be enabled without displaying the security UI (CVE-2020-26953) * Mozilla: XSS through paste (manual and clipboard API) (CVE-2020-26956) * Mozilla: Requests intercepted through ServiceWorkers lacked MIME type restrictions (CVE-2020-26958) * Mozilla: Use-after-free in WebRequestService (CVE-2020-26959) * Mozilla: Potential use-after-free in uses of nsTArray (CVE-2020-26960) * Mozilla: DoH did not filter IPv4 mapped IP Addresses (CVE-2020-26961) * Mozilla: Software keyboards may have remembered typed passwords (CVE-2020-26965)importantScientific Linux FermiScientific Linux Fermi 6firefox-78.5.0-1.el6_10.i686.rpm1360465ffe212a59eec9eaaac5f0a255aa23eef3f5743794bc49bfb8683ad898sl6.4:openafs:securityOpenAFS uses Kerberos tickets to secure network traffic. For historical reasons, it has only supported the DES encryption algorithm to encrypt these tickets. The weakness of DES's 56 bit KEY space has long been known, however it has recently become possible TOUSE that weakness TO cheaply (around $100) AND rapidly (approximately 23 hours) compromise a service's long term key. An attacker must first obtain a ticket for the cell. They may then use a brute force attack to compromise the cell's private service KEY. once an attacker has gained access TO the service KEY, they canUSE this to impersonate ANY USER within the cell, including the super USER, giving them access TO ALL administrative capabilities AS well AS ALL USER data. recovering the service KEY FROM a des encrypted ticket IS an issue FOR ANY kerberos service still using des ( AND especially so FOR realms which still have des keys ON their ticket granting ticket). (cve-2013-4134) the -encrypt OPTION TO the 'vos' volume management command should cause it TO encrypt ALL data BETWEEN client AND server. however, IN versions OF openafs later than 1.6.0, it has no effect, AND data IS transmitted WITH integrity protection only. IN ALL versions OF openafs, vos -encrypt has no effect WHEN combined WITH the -localauth OPTION. (cve-2013-4135)criticalScientific Linux FermiScientific Linux Fermi 6openafs-authlibs-devel-1.6.5-145.sl6.i686.rpm34d666680f60f69a5e99cdd7751687dd558274d8e8262694be6b073c404659fdopenafs-authlibs-1.6.5-145.sl6.i686.rpm408eeb3b0cda39fc97a2240bb523c58c693f371ecea62d40ba612bd96def2080openafs-compat-1.6.5-145.sl6.i686.rpm76a759df2fe3a6db6d82632f2fa632652e620ffa5b16242afca4381e7791996bopenafs-devel-1.6.5-145.sl6.i686.rpm4a3e568da112bac166a4635c01ec009d54e0d88987c114d5bcefcb6115a898dbkmod-openafs-358-1.6.5-145.sl6.358.i686.rpm67c99e5ee39c45e4c15635fd73cb10f8f20e90b4da5c9625e1c0761a05a418a5openafs-1.6.5-145.sl6.i686.rpm46061eb61dd87bfe4d00438f51c7d2dacf09bb7fe0d563df080d7233c985c8bcopenafs-server-1.6.5-145.sl6.i686.rpmde10da52a3553ba57a555277ac0bf56d66e76be9ffb5bcb650ef4d4a0dfb8102openafs-kernel-source-1.6.5-145.sl6.i686.rpm93d28711df8af285c0dece9830ba42d44a7421fea30e1f4b6bb9dd144fb49624openafs-module-tools-1.6.5-145.sl6.i686.rpm90c191962b4e4a698d3fd3a1182ebefff3155141fdbcc96533292ab70b7c9b77openafs-plumbing-tools-1.6.5-145.sl6.i686.rpm468d57717f038509cf25909c90925673688618ee7b21469f9241d4bac5ced3d6openafs-client-1.6.5-145.sl6.i686.rpmffa5f7852c0d2654384d8cce20d3bfa859bbaf15de61273d409d606593596f14openafs-krb5-1.6.5-145.sl6.i686.rpm1b28780531f1033395c1e3f559730100fca1636ebbffb471f795d7c2746bd552openafs-kpasswd-1.6.5-145.sl6.i686.rpm5f36991bf26a4167d05c6f089c17235f999687c2d6ffda58887e80600617673d