Fedora EPEL 7 Update: NetworkManager-strongswan-1.4.3-2.el7
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-06162324c0
2018-11-01 16:40:10.905392
--------------------------------------------------------------------------------
Name : NetworkManager-strongswan
Product : Fedora EPEL 7
Version : 1.4.3
Release : 2.el7
URL : https://www.strongswan.org/
Summary : NetworkManager strongSwan IPSec VPN plug-in
Description :
This package contains software for integrating the strongSwan IPSec VPN
with NetworkManager.
--------------------------------------------------------------------------------
Update Information:
Update to version 1.4.3.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update NetworkManager-strongswan' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 5 months
[SECURITY] Fedora EPEL 6 Update: clamav-0.100.2-1.el6
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2018-791c4cceb9
2018-11-01 14:00:21.394759
--------------------------------------------------------------------------------
Name : clamav
Product : Fedora EPEL 6
Version : 0.100.2
Release : 1.el6
URL : https://www.clamav.net/
Summary : Anti-virus software
Description :
Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of
this software is the integration with mail servers (attachment scanning).
The package provides a flexible and scalable multi-threaded daemon, a
command line scanner, and a tool for automatic updating via Internet.
The programs are based on a shared library distributed with the Clam
AntiVirus package, which you can use with your own software. Most
importantly, the virus database is kept up to date
--------------------------------------------------------------------------------
Update Information:
ClamAV 0.100.2 ============== Fixes for the following ClamAV vulnerabilities:
* CVE-2018-15378: * Vulnerability in ClamAV's MEW unpacking feature that
could allow an unauthenticated, remote attacker to cause a denial-of-service
(DoS) condition on an affected device. * Reported by Secunia Research at
Flexera. * Fix for a two-byte buffer over-read bug in ClamAV's PDF parsing
code. * Reported by Alex Gaynor. * Fixes for the following
vulnerabilities in bundled third-party libraries: * CVE-2018-14680: * An
issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not
reject blank CHM filenames. * CVE-2018-14681: * An issue was discovered
in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ
file header extensions could cause a one- or two-byte overwrite. *
CVE-2018-14682: * An issue was discovered in mspack/chmd.c in libmspack
before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM
decompression. Additionally, 0.100.2 reverted 0.100.1's patch for
CVE-2018-14679, and applied libmspack's version of the fix in its place Other
changes: * Some users have reported freshclam signature update failures as a
result of a delay between the time the new signature database content is
announced and the time that the content-delivery-network has the content
available for download. To mitigate these errors, this patch release includes
some modifications to freshclam to make it more lenient, and to reduce the time
that freshclam will ignore a mirror when it detects an issue. * On-Access
"Extra Scanning," an opt-in minor feature of OnAccess scanning on Linux systems,
has been disabled due to a known issue with resource cleanup
OnAccessExtraScanning will be re-enabled in a future release when the issue is
resolved. In the mean-time, users who enabled the feature in clamd.conf will see
a warning informing them that the feature is not active. For details, click
here.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1635922 - clamav-0.100.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1635922
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update clamav' at the command line.
For more information, refer to "YUM", available at
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7\
/html/System_Administrators_Guide/ch-yum.html
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
5 years, 5 months