[SECURITY] Fedora 24 Update: ansible-2.3.0.0-3.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-c2129c77ca
2017-04-29 17:48:34.994910
--------------------------------------------------------------------------------
Name : ansible
Product : Fedora 24
Version : 2.3.0.0
Release : 3.fc24
URL : http://ansible.com
Summary : SSH-based configuration management, deployment, and task execution system
Description :
Ansible is a radically simple model-driven configuration management,
multi-node deployment, and remote task execution system. Ansible works
over SSH and does not require any software or daemons to be installed
on remote nodes. Extension modules can be written in any language and
are transferred to managed machines automatically.
--------------------------------------------------------------------------------
Update Information:
Backport fix for https://github.com/ansible/ansible/issues/22572 ---- Many
bugfixes and improvements. See
https://github.com/ansible/ansible/blob/stable-2.3/CHANGELOG.md for full list of
changes. rst and html docs have been split out into a ansible-docs subpackage.
Includes fix for CVE-2017-7466
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1441355 - CVE-2017-7466 ansible: Arbitrary code execution on control node (incomplete fix for CVE-2016-9587) [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1441355
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade ansible' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
7 years
Fedora 24 Update: perl-Tree-Simple-1.31-1.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-88b770fb66
2017-04-29 17:48:34.994716
--------------------------------------------------------------------------------
Name : perl-Tree-Simple
Product : Fedora 24
Version : 1.31
Release : 1.fc24
URL : http://search.cpan.org/dist/Tree-Simple/
Summary : Tree::Simple Perl module
Description :
A simple tree object.
--------------------------------------------------------------------------------
Update Information:
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade perl-Tree-Simple' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
7 years
Fedora 24 Update: ncrack-0.5-2.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-90e5f6f871
2017-04-29 17:48:34.994548
--------------------------------------------------------------------------------
Name : ncrack
Product : Fedora 24
Version : 0.5
Release : 2.fc24
URL : http://nmap.org/ncrack/
Summary : High-speed network auth cracking tool
Description :
Ncrack is a high-speed network authentication cracking tool. It was
built to help companies secure their networks by proactively testing
all their hosts and networking devices for poor passwords. Security
professionals also rely on Ncrack when auditing their clients. Ncrack
was designed using a modular approach, a command-line syntax similar to
Nmap and a dynamic engine that can adapt its behaviour based on network
feedback. It allows for rapid, yet reliable large-scale auditing of
multiple hosts.
--------------------------------------------------------------------------------
Update Information:
Update to the latest version of ncrack. Fix the buid for fc26 (related to switch
to compat version of openssl).
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1423982 - ncrack: FTBFS in rawhide
https://bugzilla.redhat.com/show_bug.cgi?id=1423982
[ 2 ] Bug #1332115 - New ncrack release available
https://bugzilla.redhat.com/show_bug.cgi?id=1332115
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade ncrack' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
7 years
Fedora 24 Update: fail2ban-0.9.6-4.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-44cc991a04
2017-04-29 17:48:34.994402
--------------------------------------------------------------------------------
Name : fail2ban
Product : Fedora 24
Version : 0.9.6
Release : 4.fc24
URL : http://fail2ban.sourceforge.net/
Summary : Daemon to ban hosts that cause multiple authentication errors
Description :
Fail2Ban scans log files and bans IP addresses that makes too many password
failures. It updates firewall rules to reject the IP address. These rules can
be defined by the user. Fail2Ban can read multiple log files such as sshd or
Apache web server ones.
Fail2Ban is able to reduce the rate of incorrect authentications attempts
however it cannot eliminate the risk that weak authentication presents.
Configure services to use only two factor or public/private authentication
mechanisms if you really want to protect services.
This is a meta-package that will install the default configuration. Other
sub-packages are available to install support for other actions and
configurations.
--------------------------------------------------------------------------------
Update Information:
Properly handle /run/fail2ban
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1442368 - fail2ban is missing /var/run/fail2ban after installation and refuses to start
https://bugzilla.redhat.com/show_bug.cgi?id=1442368
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade fail2ban' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
7 years
[SECURITY] Fedora 24 Update: yara-3.5.0-7.fc24
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-9941306740
2017-04-29 17:48:34.993853
--------------------------------------------------------------------------------
Name : yara
Product : Fedora 24
Version : 3.5.0
Release : 7.fc24
URL : http://VirusTotal.github.io/yara/
Summary : Pattern matching Swiss knife for malware researchers
Description :
YARA is a tool aimed at (but not limited to) helping malware researchers to
identify and classify malware samples. With YARA you can create descriptions
of malware families (or whatever you want to describe) based on textual or
binary patterns. Each description, a.k.a rule, consists of a set of strings
and a Boolean expression which determine its logic.
--------------------------------------------------------------------------------
Update Information:
Security fix CVE-2016-10210 CVE-2016-10211 CVE-2017-5923 CVE-2017-5924
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1440738 - CVE-2017-8294 CVE-2017-5924 CVE-2017-5923 CVE-2016-10210 CVE-2016-10211 yara: Multiple security issues
https://bugzilla.redhat.com/show_bug.cgi?id=1440738
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade yara' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
7 years
Fedora 25 Update: kexec-tools-2.0.13-7.fc25.3
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-9ec72b6b2b
2017-04-28 19:59:31.371099
--------------------------------------------------------------------------------
Name : kexec-tools
Product : Fedora 25
Version : 2.0.13
Release : 7.fc25.3
URL : None
Summary : The kexec/kdump userspace component
Description :
kexec-tools provides /sbin/kexec binary that facilitates a new
kernel to boot using the kernel's kexec feature either on a
normal or a panic reboot. This package contains the /sbin/kexec
binary and ancillary utilities that together form the userspace
component of the kernel's kexec feature.
--------------------------------------------------------------------------------
Update Information:
This build fixes kdump kernel boot failure caused by kernel kaslr by adding
nokaslr to kdump kernel boot cmdline params for x86_64.
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade kexec-tools' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
7 years
Fedora 25 Update: nodejs-emojione-2.2.7-3.fc25
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-f030165dc0
2017-04-28 19:59:31.371041
--------------------------------------------------------------------------------
Name : nodejs-emojione
Product : Fedora 25
Version : 2.2.7
Release : 3.fc25
URL : http://www.emojione.com
Summary : EmojiOne is a complete set of emojis designed for the web
Description :
EmojiOne is a complete set of emojis designed for the web. It includes
libraries to easily convert unicode characters to shortnames (:smile:)
and shortnames to our custom emoji images. PNG and SVG formats provided
for the emoji images.
--------------------------------------------------------------------------------
Update Information:
package.js* are now moved from base package to json package.
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade nodejs-emojione' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
7 years
Fedora 25 Update: mate-icon-theme-1.16.2-1.fc25
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-a53d36cc38
2017-04-28 19:59:31.370985
--------------------------------------------------------------------------------
Name : mate-icon-theme
Product : Fedora 25
Version : 1.16.2
Release : 1.fc25
URL : http://mate-desktop.org
Summary : Icon theme for MATE Desktop
Description :
Icon theme for MATE Desktop
--------------------------------------------------------------------------------
Update Information:
- update to new upstream release - fix some broken flags
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade mate-icon-theme' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
7 years
[SECURITY] Fedora 25 Update: community-mysql-5.7.18-2.fc25
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-fe6e14dcf9
2017-04-28 19:59:31.370922
--------------------------------------------------------------------------------
Name : community-mysql
Product : Fedora 25
Version : 5.7.18
Release : 2.fc25
URL : http://www.mysql.com
Summary : MySQL client programs and shared libraries
Description :
MySQL is a multi-user, multi-threaded SQL database server. MySQL is a
client/server implementation consisting of a server daemon (mysqld)
and many different client programs and libraries. The base package
contains the standard MySQL client programs and generic MySQL files.
--------------------------------------------------------------------------------
Update Information:
Update to 5.7.18 CVEs fixed by this update can be found here:
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1414386 - CVE-2017-3265 community-mysql: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1414386
[ 2 ] Bug #1443407 - CVE-2017-3308 CVE-2017-3309 CVE-2017-3450 CVE-2017-3453 CVE-2017-3456 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3599 community-mysql: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1443407
[ 3 ] Bug #1441001 - community-mysql-5.7.18 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1441001
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade community-mysql' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
7 years
Fedora 25 Update: squidGuard-1.4-28.fc25
by updates@fedoraproject.org
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2017-2cacf8847a
2017-04-28 19:59:31.370860
--------------------------------------------------------------------------------
Name : squidGuard
Product : Fedora 25
Version : 1.4
Release : 28.fc25
URL : http://www.squidguard.org/
Summary : Filter, redirector and access controller plugin for squid
Description :
squidGuard can be used to
- limit the web access for some users to a list of accepted/well known
web servers and/or URLs only.
- block access to some listed or blacklisted web servers and/or URLs
for some users.
- block access to URLs matching a list of regular expressions or words
for some users.
- enforce the use of domainnames/prohibit the use of IP address in
URLs.
- redirect blocked URLs to an "intelligent" CGI based info page.
- redirect unregistered user to a registration form.
- redirect popular downloads like Netscape, MSIE etc. to local copies.
- redirect banners to an empty GIF.
- have different access rules based on time of day, day of the week,
date etc.
- have different rules for different user groups.
- and much more..
Neither squidGuard nor Squid can be used to
- filter/censor/edit text inside documents
- filter/censor/edit embeded scripting languages like JavaScript or
VBscript inside HTML
--------------------------------------------------------------------------------
Update Information:
Maintenance changes only: - Helper protocol patch (bug #1443273, bug #1418267)
- Fix logrotate configuration (bug #1394601) - Fix typo in transparent-
proxying.service
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1443273 - squidGuard does not work with current squid in F25 (and probably other versions)
https://bugzilla.redhat.com/show_bug.cgi?id=1443273
[ 2 ] Bug #1418267 - UPGRADE WARNING from squid "url rewriter responded with garbage"
https://bugzilla.redhat.com/show_bug.cgi?id=1418267
[ 3 ] Bug #1394601 - squidGuard logrotate config uses wildcard incorrectly
https://bugzilla.redhat.com/show_bug.cgi?id=1394601
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade squidGuard' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
7 years