Date:         Wed, 10 Oct 2007 16:00:15 -0500
Reply-To:     Connie Sieh 
Sender:       Security Errata for Scientific Linux
              
From:         Connie Sieh 
Subject:      FASTBUGS for SL50 x86_64 now available
Comments: To: scientific 

These are available from


-Connie Sieh

-----------------------------------------------------------------------
cluster-cim-0.9.2-6.el5.x86_64.rpm
cluster-snmp-0.9.2-6.el5.x86_64.rpm
cman-2.0.64-1.0.1.el5.x86_64.rpm
cman-debuginfo-2.0.64-1.el5.x86_64.rpm
cman-devel-2.0.64-1.0.1.el5.i386.rpm
cman-devel-2.0.64-1.0.1.el5.x86_64.rpm
conman-0.1.9.2-8.el5.x86_64.rpm
cracklib-2.8.9-3.3.i386.rpm
cracklib-2.8.9-3.3.x86_64.rpm
cracklib-dicts-2.8.9-3.3.x86_64.rpm
enscript-1.6.4-4.1.el5.x86_64.rpm
fetchmail-6.3.6-1.1.el5.x86_64.rpm
finch-2.0.2-3.el5.x86_64.rpm
finch-devel-2.0.2-3.el5.x86_64.rpm
fonts-chinese-3.02-9.9.el5.noarch.rpm
gfs-utils-0.1.11-3.el5.x86_64.rpm
hardlink-1.0-1.27.x86_64.rpm
libpurple-2.0.2-3.el5.x86_64.rpm
libpurple-devel-2.0.2-3.el5.x86_64.rpm
libpurple-perl-2.0.2-3.el5.x86_64.rpm
libpurple-tcl-2.0.2-3.el5.x86_64.rpm
luci-0.9.2-6.el5.x86_64.rpm
man-pages-2.39-10.el5.noarch.rpm
man-pages-ja-20060815-5.noarch.rpm
mc-4.6.1a-35.el5.x86_64.rpm
meanwhile-1.0.2-5.el5.x86_64.rpm
meanwhile-devel-1.0.2-5.el5.x86_64.rpm
meanwhile-doc-1.0.2-5.el5.x86_64.rpm
mod_auth_kerb-5.1-3.el5.x86_64.rpm
mod_authz_ldap-0.26-8.el5.x86_64.rpm
modcluster-0.9.2-6.el5.x86_64.rpm
nspr-4.6.5-1.0.1.el5.i386.rpm
nspr-4.6.5-1.0.1.el5.x86_64.rpm
nspr-devel-4.6.5-1.0.1.el5.i386.rpm
nspr-devel-4.6.5-1.0.1.el5.x86_64.rpm
perl-TimeDate-1.16-5.el5.noarch.rpm
pidgin-2.0.2-3.el5.x86_64.rpm
pidgin-devel-2.0.2-3.el5.x86_64.rpm
pidgin-perl-2.0.2-3.el5.x86_64.rpm
prelink-0.3.9-2.1.x86_64.rpm
redhat-rpm-config-8.0.45-17.0.1.el5.noarch.rpm
rgmanager-2.0.24-1.el5.x86_64.rpm
rhpxl-0.41.1-1.el5.x86_64.rpm
ricci-0.9.2-6.el5.x86_64.rpm
sos-1.5-1.el5.noarch.rpm
sysreport-1.4.3-12.el5.noarch.rpm
system-config-cluster-1.0.39-1.0.1.noarch.rpm
system-config-kdump-1.0.10-1.el5.noarch.rpm
tzdata-2007h-1.el5.noarch.rpm
xterm-215-5.el5.x86_64.rpm
yum-rhn-plugin-0.4.3-2.el5.noarch.rpm
Date:         Thu, 18 Oct 2007 16:40:48 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA for  on SL5.x i386/x86_64
Comments: To: scientific-linux-errata@fnal.gov

Synopsis:	Important: hplip security update
Issue date:	2007-10-11
CVE Names:	CVE-2007-5208

Kees Cook discovered a flaw in the way the hplip hpssd daemon handled user
input. A local attacker could send a specially crafted request to the hpssd
daemon, possibly allowing them to run arbitrary commands as the root user.
(CVE-2007-5208).
On Scientific Linux 5, the SELinux targeted policy for hpssd which is enabled 
by default, blocks the ability to exploit this issue to run arbitrary code.

SL 5.x

   SRPMS:
hpijs-1.6.7-4.1.el5.3.src.rpm
   i386:
hpijs-1.6.7-4.1.el5.3.i386.rpm
hplip-1.6.7-4.1.el5.3.i386.rpm
libsane-hpaio-1.6.7-4.1.el5.3.i386.rpm
   x86_64:
hpijs-1.6.7-4.1.el5.3.x86_64.rpm
hplip-1.6.7-4.1.el5.3.x86_64.rpm
libsane-hpaio-1.6.7-4.1.el5.3.x86_64.rpm

-Connie Sieh
-Troy Dawson

SciLinux: CVE-2007-5208 SL5.x i386/x86_64

Important: hplip security update

Summary

Date:         Wed, 10 Oct 2007 16:00:15 -0500Reply-To:     Connie Sieh Sender:       Security Errata for Scientific Linux              From:         Connie Sieh Subject:      FASTBUGS for SL50 x86_64 now availableComments: To: scientific These are available from-Connie Sieh-----------------------------------------------------------------------cluster-cim-0.9.2-6.el5.x86_64.rpmcluster-snmp-0.9.2-6.el5.x86_64.rpmcman-2.0.64-1.0.1.el5.x86_64.rpmcman-debuginfo-2.0.64-1.el5.x86_64.rpmcman-devel-2.0.64-1.0.1.el5.i386.rpmcman-devel-2.0.64-1.0.1.el5.x86_64.rpmconman-0.1.9.2-8.el5.x86_64.rpmcracklib-2.8.9-3.3.i386.rpmcracklib-2.8.9-3.3.x86_64.rpmcracklib-dicts-2.8.9-3.3.x86_64.rpmenscript-1.6.4-4.1.el5.x86_64.rpmfetchmail-6.3.6-1.1.el5.x86_64.rpmfinch-2.0.2-3.el5.x86_64.rpmfinch-devel-2.0.2-3.el5.x86_64.rpmfonts-chinese-3.02-9.9.el5.noarch.rpmgfs-utils-0.1.11-3.el5.x86_64.rpmhardlink-1.0-1.27.x86_64.rpmlibpurple-2.0.2-3.el5.x86_64.rpmlibpurple-devel-2.0.2-3.el5.x86_64.rpmlibpurple-perl-2.0.2-3.el5.x86_64.rpmlibpurple-tcl-2.0.2-3.el5.x86_64.rpmluci-0.9.2-6.el5.x86_64.rpmman-pages-2.39-10.el5.noarch.rpmman-pages-ja-20060815-5.noarch.rpmmc-4.6.1a-35.el5.x86_64.rpmmeanwhile-1.0.2-5.el5.x86_64.rpmmeanwhile-devel-1.0.2-5.el5.x86_64.rpmmeanwhile-doc-1.0.2-5.el5.x86_64.rpmmod_auth_kerb-5.1-3.el5.x86_64.rpmmod_authz_ldap-0.26-8.el5.x86_64.rpmmodcluster-0.9.2-6.el5.x86_64.rpmnspr-4.6.5-1.0.1.el5.i386.rpmnspr-4.6.5-1.0.1.el5.x86_64.rpmnspr-devel-4.6.5-1.0.1.el5.i386.rpmnspr-devel-4.6.5-1.0.1.el5.x86_64.rpmperl-TimeDate-1.16-5.el5.noarch.rpmpidgin-2.0.2-3.el5.x86_64.rpmpidgin-devel-2.0.2-3.el5.x86_64.rpmpidgin-perl-2.0.2-3.el5.x86_64.rpmprelink-0.3.9-2.1.x86_64.rpmredhat-rpm-config-8.0.45-17.0.1.el5.noarch.rpmrgmanager-2.0.24-1.el5.x86_64.rpmrhpxl-0.41.1-1.el5.x86_64.rpmricci-0.9.2-6.el5.x86_64.rpmsos-1.5-1.el5.noarch.rpmsysreport-1.4.3-12.el5.noarch.rpmsystem-config-cluster-1.0.39-1.0.1.noarch.rpmsystem-config-kdump-1.0.10-1.el5.noarch.rpmtzdata-2007h-1.el5.noarch.rpmxterm-215-5.el5.x86_64.rpmyum-rhn-plugin-0.4.3-2.el5.noarch.rpmDate:         Thu, 18 Oct 2007 16:40:48 -0500Reply-To:     Troy Dawson Sender:       Security Errata for Scientific Linux              From:         Troy Dawson Subject:      Security ERRATA for  on SL5.x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis:	Important: hplip security updateIssue date:	2007-10-11CVE Names:	CVE-2007-5208Kees Cook discovered a flaw in the way the hplip hpssd daemon handled userinput. A local attacker could send a specially crafted request to the hpssddaemon, possibly allowing them to run arbitrary commands as the root user.(CVE-2007-5208).On Scientific Linux 5, the SELinux targeted policy for hpssd which is enabled by default, blocks the ability to exploit this issue to run arbitrary code.SL 5.x   SRPMS:hpijs-1.6.7-4.1.el5.3.src.rpm   i386:hpijs-1.6.7-4.1.el5.3.i386.rpmhplip-1.6.7-4.1.el5.3.i386.rpmlibsane-hpaio-1.6.7-4.1.el5.3.i386.rpm   x86_64:hpijs-1.6.7-4.1.el5.3.x86_64.rpmhplip-1.6.7-4.1.el5.3.x86_64.rpmlibsane-hpaio-1.6.7-4.1.el5.3.x86_64.rpm-Connie Sieh-Troy Dawson



Security Fixes

Severity

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved