LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

September 2019

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS September 2019

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: EXT: Re: [SCIENTIFIC-LINUX-USERS] Security ERRATA Moderate: cockpit on SL7.x x86_64
From:	"Peed, Andrew (GE Healthcare)" <[log in to unmask]>
Reply To:	Peed, Andrew (GE Healthcare)
Date:	Tue, 3 Sep 2019 21:23:16 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (68 lines)

Yeah, I see what you mean. 



Next question -- I saw Farhan's email about fastbugs being made available in the 7x repository. We pull fastbugs from 7.6/updates/fastbugs; when I reposync'ed with your 7.6 repos, I got the sources for these fastbug fixes from 7.6/SRPMS, but not the associated fastbug binary packages themselves from 7.6/updates/fastbugs. Does this mean that I can expect to see these fastbug binaries turn up in 7.6/updates/fastbugs at some point, or is something screwy going on?



Thanks,



-- Andy





-----Original Message-----

From: Pat Riehecky <[log in to unmask]> 

Sent: Tuesday, September 3, 2019 2:27 PM

To: Peed, Andrew (GE Healthcare) <[log in to unmask]>; [log in to unmask]

Subject: EXT: Re: [SCIENTIFIC-LINUX-USERS] Security ERRATA Moderate: cockpit on SL7.x x86_64



I believe that SL7 is currently in sync with what RH publishes.  The cockpit packages are a bit of a mess in what they produce and if they go into extras, base, or neither....



Pat



On 9/3/19 2:17 PM, Peed, Andrew (GE Healthcare) wrote:

> I notice that cockpit-selinux, cockpit-packagekit, and cockpit-tests were not included in this update. Will those packages be rebuilt so that they stay in sync?

>

> Thanks,

> -- Andy

>

> -----Original Message-----

> From: [log in to unmask] 

> <[log in to unmask]> On Behalf Of Farhan 

> Ahmed

> Sent: Wednesday, March 13, 2019 12:38 PM

> To: [log in to unmask]

> Subject: EXT: Security ERRATA Moderate: cockpit on SL7.x x86_64

>

> Synopsis: Moderate: cockpit security update

> Advisory ID:       SLSA-2019:0482-1

> Issue Date:        2019-03-13

> CVE Numbers:       CVE-2019-3804

> --

>

> Security Fix(es):

>

> * cockpit: Crash when parsing invalid base64 headers (CVE-2019-3804)

> --

>

> SL7

>    x86_64

>      cockpit-173.2-1.el7.x86_64.rpm

>      cockpit-bridge-173.2-1.el7.x86_64.rpm

>      cockpit-debuginfo-173.2-1.el7.i686.rpm

>      cockpit-debuginfo-173.2-1.el7.x86_64.rpm

>      cockpit-ws-173.2-1.el7.i686.rpm

>      cockpit-ws-173.2-1.el7.x86_64.rpm

>      cockpit-doc-173.2-1.el7.x86_64.rpm

>      cockpit-173.2-1.el7.src.rpm

>    noarch

>      cockpit-system-173.2-1.el7.noarch.rpm

>      cockpit-machines-ovirt-173.2-1.el7.noarch.rpm

>

> - Scientific Linux Development Team



--

Pat Riehecky



Fermi National Accelerator Laboratory

http://www.fnal.gov

https://urldefense.proofpoint.com/v2/url?u=http-3A__www.scientificlinux.org&d=DwIGaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=nMXz4qgc_-GP4LUVoNfsAnZwsT_IUai4rY8kGhjbS7k&s=-qSDvWIiHFrdfmdf0hJ2A9xl2KJM3lG10vEJ_GLb-tE&e=

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV