Skip to Content.
Sympa Menu

perfsonar-announce - Re: [perfsonar-user] Fwd: [CentOS-announce] CESA-2014:1997 Important CentOS 6 kernel Security Update

Subject: perfSONAR Announcements

List archive

Re: [perfsonar-user] Fwd: [CentOS-announce] CESA-2014:1997 Important CentOS 6 kernel Security Update


Chronological Thread 
  • From: Michael Johnson <>
  • To:
  • Cc: , perfsonar-announce <>
  • Subject: Re: [perfsonar-user] Fwd: [CentOS-announce] CESA-2014:1997 Important CentOS 6 kernel Security Update
  • Date: Tue, 23 Dec 2014 15:35:48 -0500

All,

New web100 kernel packages are now available for netinstall users of the
perfSONAR-PS toolkit. You may run 'yum update' to grab the new kernel. You
should restart your host after the upgrade completes. Full details on this
particular patch can be found in the previous email.

Note this is just a kernel upgrade and the other perfSONAR-PS packages have
NOT been updated. As we often do with incremental kernel updates, we will
not be providing a new LiveCD for this particular update. Please let us know
if you have any questions or issues.

Thank you,
The perfSONAR Team

On Wed, Dec 17, 2014 at 10:40:39AM -0500, Jason Zurawski wrote:
Greetings;

See below for an announcement from CentOS regarding a new Red Hat CVE and
kernel package, additional info can be found at this link:

https://rhn.redhat.com/errata/RHSA-2014-1997.html

Our read of the CVE does not find any issue of concern specific to the
toolkit software. There are mentions of local user privilege escalation
attacks, and very slight risks to DOS in some scenarios.

For those using a non-LiveCD system running ‘yum update’ by hand, or those
that have enabled the automated update service, will see a new kernel come
in. Rebooting will cause this kernel to be loaded, thus breaking access to
the NDT and NPAD tools for the time being.

If you are in doubt about the security of the system, feel free to review the
CVE and upgrade to the latest version as local policy dictates. We are in
the process of building and testing a new kernel, and will alert you when we
have our web100 patched version available.

Thank you for your patience and Happy Festivus;
The perfSONAR Team

Begin forwarded message:

Date: December 17, 2014 at 7:13:22 AM EST
From: Johnny Hughes
<>
To:

Subject: [CentOS-announce] CESA-2014:1997 Important CentOS 6 kernel Security
Update
Reply-To:



CentOS Errata and Security Advisory 2014:1997 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-1997.html

The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )

i386:
a9c3a1a1f00cfe2f8dec2aa9d8955c3fc88175d63fd7e546d8fd31022a5e3fd5
kernel-2.6.32-504.3.3.el6.i686.rpm
7505fcd1f225f075c69d8e298bc1ef7e7e1a7c4133692ea2a360761cdc4552a0
kernel-abi-whitelists-2.6.32-504.3.3.el6.noarch.rpm
2da4c4dcc91e2aede356279458564d29161c0a42d870cf639aff2b8ce6a6fb82
kernel-debug-2.6.32-504.3.3.el6.i686.rpm
25c35628d6915f8eeb38453449d7dcceb18fb903bb353301da7d81a571b13fbd
kernel-debug-devel-2.6.32-504.3.3.el6.i686.rpm
15b731d59bbc6f48f11443979eda4753b7ffccbb5f461287dd6858457d783c00
kernel-devel-2.6.32-504.3.3.el6.i686.rpm
e95e10ce7f23bac3c9e14a0df2518e56b87a40b87bb23d521f3f824b5201695a
kernel-doc-2.6.32-504.3.3.el6.noarch.rpm
98ffea48c454380812ec91b4a5a7c6bf5c7f6b0bdb5b11859f9255dd7831a5ab
kernel-firmware-2.6.32-504.3.3.el6.noarch.rpm
a1b715401fb7669f8d5cdddc7318ae6c86561ad13c27987aa2054c4213d6cbc5
kernel-headers-2.6.32-504.3.3.el6.i686.rpm
ef4e90ed08f81abb52225b0be637297feffa263a5d406b1f8ef246ecff4cdf37
perf-2.6.32-504.3.3.el6.i686.rpm
0b6820042c174f63e74c549075656dbf3ff8fd94a7473cb6e8c030db86ead1ff
python-perf-2.6.32-504.3.3.el6.i686.rpm

x86_64:
d401fbae56420ac87bab4be1eef55f1e0cdc59c4e6ac086e7c389af9ee95507c
kernel-2.6.32-504.3.3.el6.x86_64.rpm
7505fcd1f225f075c69d8e298bc1ef7e7e1a7c4133692ea2a360761cdc4552a0
kernel-abi-whitelists-2.6.32-504.3.3.el6.noarch.rpm
3617b229c27488a475760cba8948e6f6d6f37c68a87cfcc2aad1323504989f21
kernel-debug-2.6.32-504.3.3.el6.x86_64.rpm
2daedae3ddffe8ba907191a3097f1b204ba10d0bb41e87eada8d69cc76be341b
kernel-debug-devel-2.6.32-504.3.3.el6.x86_64.rpm
83546df48340c60758a3f6747c0e7ce8854da00804feda480b748a28c257b739
kernel-devel-2.6.32-504.3.3.el6.x86_64.rpm
e95e10ce7f23bac3c9e14a0df2518e56b87a40b87bb23d521f3f824b5201695a
kernel-doc-2.6.32-504.3.3.el6.noarch.rpm
98ffea48c454380812ec91b4a5a7c6bf5c7f6b0bdb5b11859f9255dd7831a5ab
kernel-firmware-2.6.32-504.3.3.el6.noarch.rpm
f85806c0fa62c0592d06b1599b05c3eacf03b0bc18b39e8a42239c478cfe836b
kernel-headers-2.6.32-504.3.3.el6.x86_64.rpm
14c596cdd5075970ed25e1b3c8f583ad9cdf1d0cb9cfa2583f702cec3fe8f93f
perf-2.6.32-504.3.3.el6.x86_64.rpm
4cd783cd4f6c0cbd2e87bbb33b7c19d5721cd4b6cb160f69a807194d35fa1e36
python-perf-2.6.32-504.3.3.el6.x86_64.rpm

Source:
2de29e651647a79e10adeb2c1ad8c454330743bd51c6fb0553f0520add652c05
kernel-2.6.32-504.3.3.el6.src.rpm



--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr,
#

_______________________________________________
CentOS-announce mailing list

http://lists.centos.org/mailman/listinfo/centos-announce

--
Michael Johnson
GlobalNOC Software Engineering
Indiana University

812-856-2771

Attachment: pgpYwQ4VD6vUF.pgp
Description: PGP signature




Archive powered by MHonArc 2.6.16.

Top of Page