centos | 20 Dec 13:00 2014

CentOS-announce Digest, Vol 118, Issue 13

Send CentOS-announce mailing list submissions to
	centos-announce@...

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
	centos-announce-request@...

You can reach the person managing the list at
	centos-announce-owner@...

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."

Today's Topics:

   1. CESA-2014:2023 Moderate CentOS 7 glibc Security	Update
      (Johnny Hughes)
   2. CESA-2014:2024 Important CentOS 7 ntp Security	Update
      (Johnny Hughes)
   3. CESA-2014:2025 Important CentOS 5 ntp Security	Update
      (Johnny Hughes)
   4. CESA-2014:2024 Important CentOS 6 ntp Security	Update
      (Johnny Hughes)

----------------------------------------------------------------------

Message: 1
Date: Fri, 19 Dec 2014 12:43:11 +0000
From: Johnny Hughes <johnny@...>
(Continue reading)

Igor Furlan | 20 Dec 09:30 2014
Picon

no access to certain WEB sites using CentOS 6.5

HW:
Lenovo T520 laptop with MS WIN 7
        OR
dedicated PC (DELL GX 280)

SW:
CentOS 6.5 (64-bit)  installed using VMware Player on MS WIN 7 host
CASE A)  -- BRIDGED networking selected
CASE B)  -- NAT networking
              OR
CentOS 6.5 i(32-bit) nstalled on real HW (DELL OptiPlex GX 280)

___issue____  at hand:

The default Firefox ESR browser (17.0.10) does not find many web pages.
regardless of the system (virtual - bridged or NAT  OR real HW)

For example:
https://www.google.com/  works
When I enter into search field string 'opera browser'
https://www.google.com/search?q=opera+browser&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:unofficial&client=firefox-a

I do get a lot of results back. So far so good.

Then I click on the first searched  link http://www.opera.com/
I get back

Server not found
          Firefox can't find the server at www.opera.com

(Continue reading)

listmail | 20 Dec 03:42 2014

NTP Vulnerability?

I just saw this:

https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01

which includes this:
" A remote attacker can send a carefully crafted packet that can overflow a
stack buffer and potentially allow malicious code to be executed with the
privilege level of the ntpd process. All NTP4 releases before 4.2.8 are
vulnerable."

"This vulnerability is resolved with NTP-stable4.2.8 on December 19, 2014."

I guess no one has had time to respond yet. Wonder if I should shut down my
external NTP services as a precaution?

--Bill
Peter | 19 Dec 20:41 2014

Re: WARNING: No module xenblk found for kernel

On 12/20/2014 07:02 AM, Dave Stevens wrote:
> $ rpm -q kernel kernel-xen
> kernel-2.6.18-371.11.1.el5
> kernel-2.6.18-371.12.1.el5
> kernel-2.6.18-398.el5
> kernel-2.6.18-400.el5
> kernel-2.6.18-400.1.1.el5
> kernel-xen-2.6.18-371.11.1.el5
> kernel-xen-2.6.18-371.12.1.el5
> kernel-xen-2.6.18-398.el5
> kernel-xen-2.6.18-400.el5
> kernel-xen-2.6.18-400.1.1.el5

It is as I suspected, you've been installing both kernel and kernel-sen
the entire time.

paste the contents of /etc/grub.conf and then I can give you a proper
answer about what to do.

Peter
centos | 19 Dec 13:00 2014

CentOS-announce Digest, Vol 118, Issue 12

Send CentOS-announce mailing list submissions to
	centos-announce@...

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
	centos-announce-request@...

You can reach the person managing the list at
	centos-announce-owner@...

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."

Today's Topics:

   1. CESA-2014:2008 Important CentOS 5 kernel Security	Update
      (Johnny Hughes)
   2. CEBA-2014:2015 CentOS 6 cpufrequtils FASTTRACK	BugFix Update
      (Johnny Hughes)
   3. CEBA-2014:2014  CentOS 7 golang BugFix Update (Johnny Hughes)
   4. CESA-2014:2010 Important CentOS 7 kernel Security	Update
      (Johnny Hughes)
   5. CEBA-2014:2018 CentOS 6 java-1.7.0-openjdk BugFix	Update
      (Johnny Hughes)
   6. CESA-2014:2021 Important CentOS 6 jasper Security	Update
      (Johnny Hughes)
   7. CESA-2014:2021 Important CentOS 7 jasper Security	Update
      (Johnny Hughes)

(Continue reading)

Peter | 19 Dec 04:21 2014

Re: WARNING: No module xenblk found for kernel

On 12/19/2014 03:52 PM, Dave Stevens wrote:
> what you say makes sense, but leaves me with two problems - what to do
> and how did this happen?

You never mentioned if this is for a dom0 or domu, if it's a domu is it
a pv or hvm domain and does it use pvgrub, pygrub or does it boot
directly to a kernel on the dom0?

Also paste the output of this command from the affected domain:
rpm -q kernel kernel-xen

Peter
Dave Stevens | 18 Dec 20:11 2014

WARNING: No module xenblk found for kernel

ran routine updates on the lernel this morning and got this:

WARNING: No module xenblk found for kernel 2.6.18-400.1.1.el5,  
continuing anyway

The only references I can find are a year or so old. Anyone able to  
comment? or refer me? Have not rebooted.

uname -a
Linux bulkley.bvserver.ca 2.6.18-400.el5xen #1 SMP Thu Dec 4 13:29:23  
EST 2014 x86_64 x86_64 x86_64 GNU/Linux

Thanks,

Dave

--

-- 
"As long as politics is the shadow cast on society by big business,
the attenuation of the shadow will not change the substance."

-- John Dewey
James B. Byrne | 18 Dec 15:17 2014
Picon

Re: CentOS 6 - httpd 2.2.29


On Thu, December 18, 2014 00:31, Jake Shipton wrote:
>
> Hi Alex,
>
> In this situation 2.2.29 actually does offer an advantage over CentOS
> version 2.2.15.
>
> The version provided by CentOS does not support Forward Secrecy for SSL
> or TLS 1.2.
>
> Version 2.2.24+ of upstream Apache includes patches which enable both
> Forward Secrecy and TLS 1.2.
>
> Now that C6's OpenSSL can also support both TLS 1.2, and Forward
> Secrecy, upgrading Apache slightly to be able to use both of those is a
> very viable option.
>
> Although, in my case I cheat, I compile my own 2.2.29 RPM and then apply
> any missing patches and new security patches from RHEL sources myself to
> get the best of both worlds.
>

CentOS-6.6
<---
rpm -qi httpd
Name        : httpd                        Relocations: (not relocatable)
Version     : 2.2.15                            Vendor: CentOS
Release     : 39.el6.centos                 Build Date: Thu 16 Oct 2014
10:49:26  EDT
(Continue reading)

Andreas Benzler | 18 Dec 14:10 2014
Picon

X11 console

Hello Guys…

I need to revert the X11 graphical server to Console 7.
and  enable VT1 as normal text as it was on the old distr..

Sincerely

AndyBe

_______________________________________________
CentOS mailing list
CentOS <at> centos.org
http://lists.centos.org/mailman/listinfo/centos
centos | 18 Dec 13:00 2014

CentOS-announce Digest, Vol 118, Issue 11

Send CentOS-announce mailing list submissions to
	centos-announce@...

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
	centos-announce-request@...

You can reach the person managing the list at
	centos-announce-owner@...

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."

Today's Topics:

   1. CESA-2014:1997 Important CentOS 6 kernel Security	Update
      (Johnny Hughes)
   2. CEBA-2014:2004  CentOS 6 rsyslog BugFix Update (Johnny Hughes)
   3. CEBA-2014:2002  CentOS 6 stunnel BugFix Update (Johnny Hughes)
   4. CEBA-2014:2001 CentOS 6 openjpeg FASTTRACK BugFix	Update
      (Johnny Hughes)

----------------------------------------------------------------------

Message: 1
Date: Wed, 17 Dec 2014 12:13:22 +0000
From: Johnny Hughes <johnny@...>
To: centos-announce@...
Subject: [CentOS-announce] CESA-2014:1997 Important CentOS 6 kernel
(Continue reading)

Bill Maltby (C4B | 17 Dec 23:38 2014
Picon

I can't see some of my onwn e-mails ...

I sometimes receive e-mails I post to this list, like I did the bug I
reported about X problems, but other times not, like my first post about
that before I reported the bug. That one appeared in gmane, but
Evolution never picked it up.

And today I've not seen either of my posts but I know it got there
because I did see a reply to my post about the flash plugin and it had a
snippet of my post init.

I've looked at all the seetings I can think of and nothing struck me as
suppressing my own.

I use gmail and ISTR a discussion recently about some issues with that.

Anyone got a clue(bat) for me?

Thanks,
Bill

Gmane