[CentOS] CentOS-announce Digest, Vol 99, Issue 5
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org
You can reach the person managing the list at
centos-announce-ow...@centos.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."
Today's Topics:
1. CESA-2013:0807 Low CentOS 5 hypervkvpd Update (Johnny Hughes)
2. CEEA-2013:0810 CentOS 6 libselinux Update (Johnny Hughes)
3. CEBA-2013:0811 CentOS 6 gdb Update (Johnny Hughes)
4. CESA-2013:0815 CentOS 5 httpd Update (Johnny Hughes)
5. CESA-2013:0815 Moderate CentOS 6 httpd Update (Johnny Hughes)
6. CESA-2013:0815 Moderate CentOS 6 httpd Update (Johnny Hughes)
--
Message: 1
Date: Fri, 10 May 2013 01:17:50 +
From: Johnny Hughes
Subject: [CentOS-announce] CESA-2013:0807 Low CentOS 5 hypervkvpd
Update
To: centos-annou...@centos.org
Message-ID: <20130510011750.ga2...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Security Advisory 2013:0807 Low
Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0807.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
1ad59e8b24b9d93d4268c7f539e7dfd0490aa8b3f17f1d13e2176d987f43367c
hypervkvpd-0-0.7.el5_9.3.i686.rpm
x86_64:
2c03636fb553c4ee620daf1a3dd9ad55d9ef6b43a51a527e4b8c1d93e30ff6ca
hypervkvpd-0-0.7.el5_9.3.x86_64.rpm
Source:
f73527c365b082ff78480bf9a5e47c240937dc77d9465fc62237c95baffc5ede
hypervkvpd-0-0.7.el5_9.3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
--
Message: 2
Date: Mon, 13 May 2013 13:07:45 +
From: Johnny Hughes
Subject: [CentOS-announce] CEEA-2013:0810 CentOS 6 libselinux Update
To: centos-annou...@centos.org
Message-ID: <20130513130745.ga32...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Enhancement Advisory 2013:0810
Upstream details at : https://rhn.redhat.com/errata/RHEA-2013-0810.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
0e74ed33164db1e2442b52b34476a744b29927338db56dab619ee99e1736b75f
libselinux-2.0.94-5.3.el6_4.1.i686.rpm
a053b1c4242c0c0f45618c2ed0fefb9b2c61b6e6648455e24d96641d0ecd4ddf
libselinux-devel-2.0.94-5.3.el6_4.1.i686.rpm
41d78f2ca86971e01c37f7be8183c3fc4f5c4b9fe78fa60211f2b66c41717299
libselinux-python-2.0.94-5.3.el6_4.1.i686.rpm
e3815d181c42848bb36136167ed98f4ce0b35e83b0a0b9cabd98558ba2921c55
libselinux-ruby-2.0.94-5.3.el6_4.1.i686.rpm
1ee75a449b641b9cc70382d7d5f85d65f76c54e178ec3fec3b16cfbd51c48638
libselinux-static-2.0.94-5.3.el6_4.1.i686.rpm
ebc9944c58f29ee1a61592a002a39f6b021851baa2594aeb4f98407cfdb90f4e
libselinux-utils-2.0.94-5.3.el6_4.1.i686.rpm
x86_64:
0e74ed33164db1e2442b52b34476a744b29927338db56dab619ee99e1736b75f
libselinux-2.0.94-5.3.el6_4.1.i686.rpm
b1d2ca2c6d32b92d4bddeaf55f8618d423bead94752d05e27e1f2b22d6ac7949
libselinux-2.0.94-5.3.el6_4.1.x86_64.rpm
a053b1c4242c0c0f45618c2ed0fefb9b2c61b6e6648455e24d96641d0ecd4ddf
libselinux-devel-2.0.94-5.3.el6_4.1.i686.rpm
cb9a04d45678a3da6ca9edde4b8db40fd72b38b9d0ba176339a9b58efc261e70
libselinux-devel-2.0.94-5.3.el6_4.1.x86_64.rpm
8c3d0a04532bb764de964412a75df90d2a7fa4d644538175db2da4509e43bba8
libselinux-python-2.0.94-5.3.el6_4.1.x86_64.rpm
a150c42fba192559c5f8f11e37f3aa81d7d8dbcff0f7d31d16c5848aa14aad5f
libselinux-ruby-2.0.94-5.3.el6_4.1.x86_64.rpm
dec253a557be691ddc5c89dd89584285f8cf1f819a7ebb5fe90c6866bec8bd1a
libselinux-static-2.0.94-5.3.el6_4.1.x86_64.rpm
1fb417ec5e62f62788b95af385b381740f621ab029f3b34aa8b7f61972c24faf
libselinux-utils-2.0.94-5.3.el6_4.1.x86_64.rpm
Source:
5837a760295de897517ab752b51379a732049fa2c5febcb54ea7a9f0fa6837bd
libselinux-2.0.94-5.3.el6_4.1.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
--
Message: 3
Date: Mon, 13 May 2013 13:08:27 +
From: Johnny Hughes
Subject: [CentOS-announce] CEBA-2013:0811 CentOS 6 gdb Update
To: centos-annou...@centos.org
Message-ID: <20130513130827.ga32...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Bugfix Advisory 2013:0811
Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0811.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
53521009739567a1520d41c87541c92f335196475f5137bccbde271d38bca38a
gdb-7.2-60.el6_4.1.i686.rpm
8ac9e5729e7605c717239d0e48eec47b41b6c7c2f50c8f83457db45ab85e48ac
gdb-gdbs
[CentOS] Local Privilege Escalation
Hi - Looking at https://news.ycombinator.com/item?id=5703758 I have just tried this on a fully patched 6.4 box and it seems vulnerable - Do other see the same? thanks ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Local Privilege Escalation
Yep, works also on my centos 6.4 box. -- Eero 2013/5/14 Tom Brown > > Hi - Looking at > > https://news.ycombinator.com/item?id=5703758 > > I have just tried this on a fully patched 6.4 box and it seems vulnerable - > > Do other see the same? > > thanks > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Local Privilege Escalation
Did anyone try 6.x other than 6.4 what I mean? I don't have the server to try right now. Banyan He Blog: http://www.rootong.com Email: ban...@rootong.com On 5/14/13 9:52 AM, Eero Volotinen wrote: > Yep, works also on my centos 6.4 box. > > -- > Eero > > > 2013/5/14 Tom Brown > >> Hi - Looking at >> >> https://news.ycombinator.com/item?id=5703758 >> >> I have just tried this on a fully patched 6.4 box and it seems vulnerable - >> >> Do other see the same? >> >> thanks >> ___ >> CentOS mailing list >> CentOS@centos.org >> http://lists.centos.org/mailman/listinfo/centos >> > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Local Privilege Escalation
On Tue, May 14, 2013 at 9:24 AM, Tom Brown wrote: > > Hi - Looking at > > https://news.ycombinator.com/item?id=5703758 > > I have just tried this on a fully patched 6.4 box and it seems vulnerable - > > Do other see the same? Yes. Reported earlier in this forum thread (with additional info): http://www.centos.org/modules/newbb/viewtopic.php?topic_id=42827&forum=59 Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Local Privilege Escalation
Is this 6.4 only or does it work on 5.9 also? 14.5.2013 19.25 "Tom Brown" kirjoitti: > > Hi - Looking at > > https://news.ycombinator.com/item?id=5703758 > > I have just tried this on a fully patched 6.4 box and it seems vulnerable - > > Do other see the same? > > thanks > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Local Privilege Escalation
On 05/14/2013 10:07 AM, Eero Volotinen wrote: > Is this 6.4 only or does it work on 5.9 also? According to: https://bugzilla.redhat.com/show_bug.cgi?id=962792 "Statement: This issue does not affect the kernel packages as shipped with Red Hat Enterprise Linux 5 because we did not backport upstream commit b0a873eb that introduced this issue. This issue does affect the kernel packages as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. We are working on updated packages to correct this issue in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 and will release them once they have been completed and tested." -Greg > 14.5.2013 19.25 "Tom Brown" kirjoitti: > >> Hi - Looking at >> >> https://news.ycombinator.com/item?id=5703758 >> >> I have just tried this on a fully patched 6.4 box and it seems vulnerable - >> >> Do other see the same? >> >> thanks >> ___ >> CentOS mailing list >> CentOS@centos.org >> http://lists.centos.org/mailman/listinfo/centos >> > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What is the recommended method to obtain Pan 0.136+ (with SSL) for Centos 6?
On 05/09/2013 01:31 PM, Rock wrote: I'm really no good at compiling unless all I have to do is issue the make command. So, maybe I'll have to hold off on compiling Pan 0.136 with stunnel... I was able to take the source RPM mentioned earlier and update it to build 0.139. The result has some quirks I was not used to, like "remembering" the last newsgroup I used, but it does work OK, including SSL. You can find the specfile I used at: http://pastebin.com/deUZpESH My build was under CentOS 6 (6.3 to be precise) 64-bit, I haven't tried any others. You will have to download the pan sources, but that shouldn't be too hard. Use rpmbuild (rpmbuild -bb pan.spec) and it should create a usable RPM, assuming you have the prerequisites installed. If not, rpmbuild will tell you what you need to install. No warranty is expressed or implied, no assurance of usability is provided, etc. Like any open-source project, if you break it you own both pieces. All I know is that it works for me. YMMV! -- Jay Leafey - jay.lea...@mindless.com Memphis, TN ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Local Privilege Escalation
On Tue, May 14, 2013 at 9:56 AM, Akemi Yagi wrote: > On Tue, May 14, 2013 at 9:24 AM, Tom Brown wrote: >> >> Hi - Looking at >> >> https://news.ycombinator.com/item?id=5703758 >> >> I have just tried this on a fully patched 6.4 box and it seems vulnerable - >> >> Do other see the same? > > Yes. Reported earlier in this forum thread (with additional info): > > http://www.centos.org/modules/newbb/viewtopic.php?topic_id=42827&forum=59 Announced in that thread: CentOSPlus *test* kernel with the patch is now available from: http://people.centos.org/toracat/kernel/6/plus/perfbugfix/x86_64/ It was confirmed to work. Only the 64-bit kernel is provided because the 32-bit kernel is not affected. NOTE: This is _not_ an official release by CentOS. The distro kernel with the patch may be released later. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Bit Torrent Application
Hey All, Can someone suggest a bit torrent application for CentOS 6.4 along with the name of the repo where it resides. Add/Remove Software, and several google attempts, have come up empty. -- _ °v° /(_)\ ^ ^ Mark LaPierre Registered Linux user No #267004 https://linuxcounter.net/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Local Privilege Escalation
On 05/14/2013 02:38 PM, Akemi Yagi wrote: > On Tue, May 14, 2013 at 9:56 AM, Akemi Yagi wrote: >> On Tue, May 14, 2013 at 9:24 AM, Tom Brown wrote: >>> Hi - Looking at >>> >>> https://news.ycombinator.com/item?id=5703758 >>> >>> I have just tried this on a fully patched 6.4 box and it seems vulnerable - >>> >>> Do other see the same? >> Yes. Reported earlier in this forum thread (with additional info): >> >> http://www.centos.org/modules/newbb/viewtopic.php?topic_id=42827&forum=59 > Announced in that thread: > > CentOSPlus *test* kernel with the patch is now available from: > > http://people.centos.org/toracat/kernel/6/plus/perfbugfix/x86_64/ > > It was confirmed to work. Only the 64-bit kernel is provided because > the 32-bit kernel is not affected. > > NOTE: This is _not_ an official release by CentOS. The distro kernel > with the patch may be released later. Here is the most recent distro kernel with just the patch linked from the RH Bugzilla. This fixed the issue on our test platforms: http://people.centos.org/hughesjr/c6kernel/2.6.32-358.6.1.el6.cve20132094/ Note: This is signed by the centos-6 test key and it is provided as a best effort option to mitigate the above security issue while waiting for an upstream solution. It is not an official CentOS package and needs to be fully tested for fitness by each user before used in production. Thanks, Johnny Hughes signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bit Torrent Application
On Tuesday 14 May 2013, Mark LaPierre wrote: > Can someone suggest a bit torrent application for CentOS 6.4 along > with the name of the repo where it resides. [root@poontang ~]# yum search bittorrent ctorrent-1.3.4-14.dnh3.3.2.el6.x86_64 : Command line BitTorrent client for unix-like environments aria2-1.14.1-1.el6.rf.x86_64 : Download utility with BitTorrent and Metalink support ktorrent-3.3.4-1.el6.x86_64 : A BitTorrent program rtorrent-0.8.6-4.el6.x86_64 : BitTorrent client based on libtorrent transmission-2.13-1.el6.x86_64 : A lightweight GTK+ BitTorrent client I use Vuze, https://www.vuze.com/ -- Yves Bellefeuille Mekaro en Otavo, Kanado, 18-20 majo 2013: http://mekaro.ca/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bit Torrent Application
On 05/14/2013 07:20 PM, Yves Bellefeuille wrote: > On Tuesday 14 May 2013, Mark LaPierre wrote: > >> Can someone suggest a bit torrent application for CentOS 6.4 along >> with the name of the repo where it resides. > > [root@poontang ~]# yum search bittorrent > > ctorrent-1.3.4-14.dnh3.3.2.el6.x86_64 : Command line BitTorrent client > for unix-like environments > > aria2-1.14.1-1.el6.rf.x86_64 : Download utility with BitTorrent and > Metalink support > > ktorrent-3.3.4-1.el6.x86_64 : A BitTorrent program > > rtorrent-0.8.6-4.el6.x86_64 : BitTorrent client based on libtorrent > > transmission-2.13-1.el6.x86_64 : A lightweight GTK+ BitTorrent client > > I use Vuze, https://www.vuze.com/ > [root@mushroom ~]# yum search bittorrent Loaded plugins: fastestmirror, protectbase, refresh-packagekit, security Loading mirror speeds from cached hostfile * base: mirror.dattobackup.com * contrib: mirror.ash.fastserv.com * elrepo: mirror.symnds.com * extras: mirror.linux.duke.edu * updates: mirror.ash.fastserv.com 0 packages excluded due to repository protections Warning: No matches found for: bittorrent No Matches found [root@mushroom ~]# I like the looks of transmission-2.13-1.el6. Perhaps I need a repo name? -- _ °v° /(_)\ ^ ^ Mark LaPierre Registered Linux user No #267004 https://linuxcounter.net/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bit Torrent Application
On Tuesday 14 May 2013, Mark LaPierre wrote: > I like the looks of transmission-2.13-1.el6. Perhaps I need a repo > name? [root@poontang ~]# yum info transmission Available Packages Name: transmission Arch: x86_64 Version : 2.13 Release : 1.el6 Size: 12 k Repo: epel Summary : A lightweight GTK+ BitTorrent client URL : http://www.transmissionbt.com/ License : MIT and GPLv2 Description : Transmission is a free, lightweight BitTorrent client. It features : a simple, intuitive interface on top on an efficient, : cross-platform back-end. -- Yves Bellefeuille Mekaro en Otavo, Kanado, 18-20 majo 2013: http://mekaro.ca/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bit Torrent Application(SOLVED)
On 05/14/2013 07:30 PM, Yves Bellefeuille wrote: > On Tuesday 14 May 2013, Mark LaPierre wrote: > >> I like the looks of transmission-2.13-1.el6. Perhaps I need a repo >> name? > > [root@poontang ~]# yum info transmission > Available Packages > Name: transmission > Arch: x86_64 > Version : 2.13 > Release : 1.el6 > Size: 12 k > Repo: epel > Summary : A lightweight GTK+ BitTorrent client > URL : http://www.transmissionbt.com/ > License : MIT and GPLv2 > Description : Transmission is a free, lightweight BitTorrent client. It > features > : a simple, intuitive interface on top on an efficient, > : cross-platform back-end. > Thank you. Installation complete. [root@mushroom ~]# yum --enablerepo=epel install transmission -- _ °v° /(_)\ ^ ^ Mark LaPierre Registered Linux user No #267004 https://linuxcounter.net/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
