LISTSERV - SCIENTIFIC-LINUX-DEVEL Archives

SCIENTIFIC-LINUX-DEVEL Archives

May 2016

SCIENTIFIC-LINUX-DEVEL@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-DEVEL Home
	SCIENTIFIC-LINUX-DEVEL May 2016

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Condense Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Sender:	Mailing list for Scientific Linux developers worldwide <[log in to unmask]>
Date:	Fri, 20 May 2016 16:00:29 -0500
Reply-To:	Connie Sieh <[log in to unmask]>
Message-ID:	<[log in to unmask]>
Subject:	Security ERRATA SL6 i386/x86_64 in testing
From:	Connie Sieh <[log in to unmask]>
Content-Type:	text/plain; format=flowed; charset="US-ASCII"
In-Reply-To:	<[log in to unmask]>
MIME-Version:	1.0
Comments:	To: [log in to unmask] cc: [log in to unmask]
Parts/Attachments:	text/plain (76 lines)

The following security errata are now located in "sl-testing".  These 
errata were released after/during the release of RHEL 6.8 .  We require 
extra testing for these errata.   Please test.

   yum --enablerepo=sl-testing list
   yum --enablerepo=sl-testing update <package>

file-5.04-30.el6
icedtea-web-1.6.2-1.el6
kernel-2.6.32-642.el6
ntp-4.2.6p5-10.el6
openssh-5.3p1-118.1.el6_8.1
openssl-1.0.1e-48.el6_8.1
qemu-kvm-0.12.1.2-2.491.el6_8.1
thunderbird-38.8.0-2.el6_8

On Fri, 20 May 2016, Connie Sieh wrote:

> Will push all of the "security errata" that have been published since RHEL
> 6.8 was released for SL 6 soon.
>
> --
>
> Connie J. Sieh
> Computing Services Specialist III
>
> Fermi National Accelerator Laboratory
> 630 840 8531 office
>
> http://www.fnal.gov
> [log in to unmask]
>
> On Fri, 20 May 2016, Andrew C Aitchison wrote:
>
>> I see that RedHat also released this for RHEL6
>> (although the release number suggests it took extra work).
>>
>> Is there an estimate of when thunderbird 38.8 will be available for SL6 ?
>>
>> Thanks.
>>
>> On Tue, 17 May 2016, Connie Sieh wrote:
>>
>>> Synopsis:          Important: thunderbird security update
>>> Advisory ID:       SLSA-2016:1041-1
>>> Issue Date:        2016-05-12
>>> CVE Numbers:       CVE-2016-2805
>>>                   CVE-2016-2807
>>> --
>>>
>>> This update upgrades Thunderbird to version 38.8.0.
>>>
>>> Security Fix(es):
>>>
>>> * Two flaws were found in the processing of malformed web content. A web
>>> page containing malicious content could cause Thunderbird to crash or,
>>> potentially, execute arbitrary code with the privileges of the user
>>> running Thunderbird. (CVE-2016-2805, CVE-2016-2807)
>>> --
>>>
>>> SL5
>>>  x86_64
>>>    thunderbird-38.8.0-1.el5_11.x86_64.rpm
>>>    thunderbird-debuginfo-38.8.0-1.el5_11.x86_64.rpm
>>>  i386
>>>    thunderbird-38.8.0-1.el5_11.i386.rpm
>>>    thunderbird-debuginfo-38.8.0-1.el5_11.i386.rpm
>>> SL7
>>>  x86_64
>>>    thunderbird-38.8.0-1.el7_2.x86_64.rpm
>>>    thunderbird-debuginfo-38.8.0-1.el7_2.x86_64.rpm
>>>
>>> - Scientific Linux Development Team
>>
>

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV