CHG000000006261Issue a new release of krb5-fermi-addons for both SLF5 and SLF6 with the following minor changes: - include new release of k5push updated by Bonnie King (also merge changes from Marc Mengel) - replace new-portal-ticket script with a "stub" since (a) not really needed for its original purpose and (b) the original used telnet which is no longer really used on any SLF systems by default (mostly superseded by SSH for most users) Scientific Linux FermiScientific Linux Fermi 5krb5-fermi-addons-1.3-1.slf5.i386.rpm95c251d63bf861b8eb2f70f07de66c9c22514872SLBA-2015:0669-1Scientific Linux FermiScientific Linux Fermi 5crash-5.1.8-3.el5_11.i386.rpmad435e724d307901dafe6e2c30c853b9869d9b91crash-devel-5.1.8-3.el5_11.i386.rpm69275a86b8c956c617be03cd7f2f6237a22f402cSLBA-2015:0925-1The nss packages have been upgraded to upstream version 3.18.0, and the nspr packages have been upgraded to upstream version 4.10.8. The upgraded versions provide a number of bug fixes and enhancements over the previous versions. Notably, these upgrades allow users to upgrade to Mozilla Firefox 38 Extended Support Release.Scientific Linux FermiScientific Linux Fermi 5nss-3.18.0-6.el5_11.i386.rpm59cc5b4e5daa4701c43f784a59f618370baba6a7nss-devel-3.18.0-6.el5_11.i386.rpma7c78aaca29e670108edf9871834d537877625aenspr-4.10.8-1.el5_11.i386.rpme1a7a87251cde16af12a4eadafc866d9031a18b2nspr-devel-4.10.8-1.el5_11.i386.rpm084a05c58069f6d27da99ce2df47b3d974d591b1nss-pkcs11-devel-3.18.0-6.el5_11.i386.rpmd86fb6b67a89467adbd13a259e499797f4317671nss-tools-3.18.0-6.el5_11.i386.rpm0182889cb4599698cd7960b118bb7933f495aadfSLBA-2015:1126-1This update adds the following enhancement: * Morocco will suspend Daylight Saving Time (DST) from 2015-06-14 03:00 through 2015-07-19 02:00, not 2015-06-13 and 2015-07-18 as predicted. The tzdata packages have been adjusted to reflect this change.Scientific Linux FermiScientific Linux Fermi 5tzdata-2015e-1.el5.i386.rpmc166c780503f7cb36a9438b7e4ae17f37f3f29fatzdata-java-2015e-1.el5.i386.rpme1b639769b35f61b0f37d8a9c6da41faf0e71aa2SLBA-2016:1266-1This update fixes the following bugs: * In 2015, Egypt did not observe Daylight Savings Time (DST). However, in 2016, Egypt observes DST from July 7 at 24:00 to October 27 at 24:00. As a consequence of this change, the tzdata package had incorrect data regarding DST in Egypt in 2016. This has been fixed, and tzdata now has the correct data.Scientific Linux FermiScientific Linux Fermi 5tzdata-java-2016e-1.el5.i386.rpm7e80376feb0e983411b8ec537da15a77887f4b87tzdata-2016e-1.el5.i386.rpmd658ad8ed9423926aff0f2667d35b68173a31fdeSLBA-2016:2096-1This update fixes the following bug: * This update fixes the daylight saving time (DST) date for Palestine. The correct date and time is October 29, 2016 at 01:00.Scientific Linux FermiScientific Linux Fermi 5tzdata-java-2016h-1.el5.i386.rpm43b449a72d7fd00e0c27eab184ceebb017bfe8e8tzdata-2016h-1.el5.i386.rpma865d409f4cd5dbaa3e6fb8b296e7802b4ebdb36SLBA-2016:2660-1The tzdata packages have been updated as follows: * A new time zone Asia/Famagusta has been created, which is a UTC+03 year round time zone. As of 2016-10-30, Cyprus split into two time zones. Northern Cyprus is now in the Asia/Famagusta time zone. * The Pacific/Tongatapu time zone will reintroduce Daylight Saving Time (DST) on 2016-11-06. * The Antarctica/Casey time zone has changed from UTC+08 to UTC+11 on 2016-10-22.Scientific Linux FermiScientific Linux Fermi 5tzdata-2016i-1.el5.i386.rpm006e51b95cba6295867cd99f7f53cefceb74c290tzdata-java-2016i-1.el5.i386.rpmd83cb4efd7f9e11984c4190a3450be1413785657SLEA-2014:1299-1Scientific Linux FermitrueScientific Linux Fermi 5firefox-31.1.0-6.el5.i386.rpm7b26a1a2bb725e49b9eaadd9792fa365622a7cb7SLEA-2014:1733-1This update adds an enhancement containing all changes implemented in tzdata-2014i, which includes the following changes that affect future time stamps: * Pacific/Fiji will observe DST from November 02, 2014, 2 a.m. to January 18, 2015, 3 a.m. * A new zone, Pacific/Bougainville, has been added for the part of Papua New Guinea that plans to switch from UTC+10 to UTC+11 on December 28, 2014, at 2 a.m.Scientific Linux FermiScientific Linux Fermi 5tzdata-java-2014i-1.el5.i386.rpmc447970bd79e17b0921cd8f5df68e02d16bfd8f1tzdata-2014i-1.el5.i386.rpm1dea7c564f7c22265b6ed753c9d0775168ddf1baSLEA-2015:0141-1* Time reckoned by Earth's rotation drifts away from atomic time because of irregularities in the Earth's rate of rotation. For this reason, on 30 June 2015 at precisely 23:59:59, a leap second will be inserted (23:59:60), which will be followed by 00:00:00 the next day.Scientific Linux FermiScientific Linux Fermi 5tzdata-java-2015a-1.el5.i386.rpmfa3e37ceeea9ef9d73c4d53106e6693dca3198b8tzdata-2015a-1.el5.i386.rpm3828389e62dfb8fbeeaad242ec1837ef3a079d5fSLEA-2015:0717-1This update adds the following enhancements: * With this update, several changes have been made to the scheduling of Daylight Saving Time (DST) in the tzdata packages: - Mongolia will start observing DST again this year, from the last Saturday in March at 02:00 to the last Saturday in September at 00:00. - Palestine will start DST on March 28, not March 27. - The fall 2014 transition has been corrected from September 26 to October 24.Scientific Linux FermiScientific Linux Fermi 5tzdata-2015b-1.el5.i386.rpmd99281645e523b7b827abe434814cf785fffb8fetzdata-java-2015b-1.el5.i386.rpme674324b1206115edb6e78e3658000a48090498bSLEA-2015:0913-1This update adds the following enhancement: * Egypt will not observe daylight saving time (DST) in 2015. Potential suspension of the daylight saving system in Egypt for the following years is under consideration.Scientific Linux FermiScientific Linux Fermi 5tzdata-java-2015d-1.el5.i386.rpmc8ef5b30cc92906846c80576ef0751e35b0c2490tzdata-2015d-1.el5.i386.rpmf91b2ea3146ddcac6d292084a985f04ef3f7f67cSLEA-2015:1863-1The tzdata packages have been upgraded to upstream version 2015g, which provides a number of enhancements over the previous version. Namely: * Turkey's 2015 fall-back transition is scheduled for November 8, not October 25. * Norfolk moves from +1130 to +1100 on October 4, 2015 at 02:00 local time. * Fiji's 2016 fall-back transition is scheduled for January 17, not January 24. * Fort Nelson, British Columbia will not fall back on November 1, 2015. Also, British Colombia has effectively been on MST (-0700) since it advanced its clocks on March 8, 2015.Scientific Linux FermiScientific Linux Fermi 5tzdata-2015g-1.el5.i386.rpmcbcbfce9b8c0acbe8e0d38adf50aa9945bf897ebtzdata-java-2015g-1.el5.i386.rpm83714515e03e02b0cb702afafc4ab5aa61fa01b2SLEA-2016:0154-1The tzdata packages have been upgraded to upstream version 2016a, which provides a number of bug fixes and enhancements over the previous version, notably: * Prior to this update, an incorrect assumption was made about the daylight saving time (DST) in the America/Cayman time zone this year, which was reflected in the code. The mentioned time zone will not have DST this year. To the previous change has been reverted. * The Asia/Chita time zone switches from +0800 to +0900 on 2016-03-27 at 02:00. This change has been implemented. * The DST predictions for the Asia/Tehran time zone for the year 2038 and later are now March 21 00:00 to September 21 00:00. This premise has been implemented. This update also fixes the following bug: * Starting from 2027, the Java timezone generation tool would incorrectly calculate the Africa/Casablanca time transitions. This bug has been fixed, and the tool will calculate these transitions correctly. In addition, this update adds the following enhancement: * At present, in Scientific Linux 6, the /etc/localtime file is not preserved across package updates even when it is a symbolic link. This tzdata version contains preparatory work to support preserving /etc/localtime across package upgrades if it is a symbolic link. Currently, this change is inactive, and the time zone must still be configured through /etc/sysconfig/clock. The change will be supported by a future glibc update.Scientific Linux FermiScientific Linux Fermi 5tzdata-2016a-1.el5.i386.rpm008eba1dc9e1bb82b8b1d29642acfa7d835b2ca8tzdata-java-2016a-1.el5.i386.rpm769b753a0cb3886fe5e825c3ea97b516cad497cfSLEA-2016:0463-1The tzdata packages have been upgraded to upstream version 2016b, which provides a number of enhancements over the previous version, notably: * This update introduces a number of new time zones for several regions in the Russian Federation, which will switch time on 2016-03-27 at 02:00 local time: - The Europe/Astrakhan time zone for Astrakhan Oblast, which will switch from UTC +03 to +04. - The Europe/Ulyanovsk time zone for Ulyanovsk Oblast, which will likely switch from UTC +03 to +04. - The Asia/Barnaul time zone for Altai Krai and Altai Republic, which will likely switch from UTC +06 to +07. * This update takes into account that the Asia/Sakhalin time zone will switch from UTC +10 to +11 on 2016-03-27 at 02:00 local time. * This update takes into account that Haiti will not observe the Daylight Saving Time (DST) in 2016. * This update takes into account that Palestine's spring-forward transition will happen on 2016-03-26 at 01:00 local time, not 00:00.Scientific Linux FermiScientific Linux Fermi 5tzdata-2016b-1.el5.i386.rpmbafad86e9e9a83d19407e5c50ef41c05fcc1e6cdtzdata-java-2016b-1.el5.i386.rpm1131bb33a5f0893956da772dd4a12725f1c0e65dSLEA-2016:0517-1This update adds the following enhancement: * This update takes into account that Azerbaijan will no longer observe Daylight Saving Time (DST), and that Chile changes from permanent DST to seasonal DST.Scientific Linux FermiScientific Linux Fermi 5tzdata-java-2016c-1.el5.i386.rpm7b33c7a7b79e37ca3c36be3bc7208dcdaebc9211tzdata-2016c-1.el5.i386.rpm0fe2feb975ef516be49e14e1e14ebccd392c76d7SLEA-2016:0683-1This update adds the following enhancements: * Asia/Magadan will switch from UTC+10 to UTC+11 on April 24, 2016 at 02:00. * America/Caracas will switch from UTC-0430 to UTC-04 on May 01, 2016 at 02:30. * New zone Asia/Tomsk, split off from Asia/Novosibirsk. It covers Tomsk Oblast, Russia, which will switch from UTC+06 to UTC+07 on May 29, 2016 at 02:00.Scientific Linux FermiScientific Linux Fermi 5tzdata-2016d-1.el5.i386.rpm163ef353a0cc926c124fd1208b03d9777752b614tzdata-java-2016d-1.el5.i386.rpme42446fe85cd7bc085591240cb5b8507924cc009SLEA-2016:1388-1Prior to this update, the data files provided by the tzdata package reflected the Egyptian government's plan to transition to daylight saving time (DST) on July 7, but the Egyptian government canceled the planned transition. This update provides tzdata data files that reflect the change of plans, and will thus provide correct time zone information. This update also includes a time zone transition for Asia/Novosibirsk from +06 to +07 on 2016-07-24 at 02:00.Scientific Linux FermiScientific Linux Fermi 5tzdata-java-2016f-1.el5.i386.rpm7ee38a2da982b9655108dbb05c4bb767f4ec0024tzdata-2016f-1.el5.i386.rpm796ad67e881d5d25f819814b1f77497d417274bcSLEA-2016:1982-1The tzdata packages have been upgraded to upstream version 2016g, which provides a number of enhancements over the previous version, notably: * This update takes into account that Turkey will not transition out of the DST (+03) time zone on 2016-10-30. * A new leap second will be added on 2016-12-31 23:59:60 UTC, as specified in the IERS Bulletin C 52.Scientific Linux FermiScientific Linux Fermi 5tzdata-2016g-2.el5.i386.rpm37f57b7c531d2ffdf8306d1a962c69522fc83f2atzdata-java-2016g-2.el5.i386.rpm83f27a7c67b59bc0ffae32a50b95ea18e7f8524dSLEA-2016:2832-1The tzdata packages have been updated as follows: * The Saratov region of Russia will transition from UTC+03 to UTC+04 on 2016-12-04, resulting in a new time zone Europe/Saratov.Scientific Linux FermiScientific Linux Fermi 5tzdata-java-2016j-1.el5.i386.rpm429988f7eacdeafaed0bb924c1f5e64f4f39c6f3tzdata-2016j-1.el5.i386.rpm107e5b5f00f2da6741a3679d0f2691802813fb4dSLSA-2014:1255-1A buffer overflow was found in the KADM5 administration server (kadmind) when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. (CVE-2014-4345) After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 5krb5-libs-1.6.1-80.el5.slf5.i386.rpmd1b8779a73b989a87bfa17d0264a78d30163655ekrb5-workstation-1.6.1-80.el5.slf5.i386.rpm8fc652c5b1b30cbfbc48aecc7852d525bde7d1edkrb5-server-ldap-1.6.1-80.el5.slf5.i386.rpmc3d56956970c51e6b5ba6868b65e90fbde58cce3krb5-libs-1.6.1-80.el5_11.i386.rpm964d7af1888530ed0895e5903e74550784f88789krb5-devel-1.6.1-80.el5.slf5.i386.rpm988d1a6f5a58824ac530b722d90c7457623d7269krb5-server-ldap-1.6.1-80.el5_11.i386.rpma9d5892f5f9b460ea173f0ee6479110ef2f37f30krb5-devel-1.6.1-80.el5_11.i386.rpme64a3acd558a89afef9cebf50374cd2f6d64e547krb5-server-1.6.1-80.el5.slf5.i386.rpm8272b9182745db1a6112cc1e215b77b3186e53fckrb5-workstation-1.6.1-80.el5_11.i386.rpm46520b6b03b2a02d8bf1e903013cad4b1e4ca04ckrb5-server-1.6.1-80.el5_11.i386.rpmfe5be8e7058445f7e497215a831ba5c5f314e25eSLSA-2014:1293-1A flaw was found in the way Bash evaluated certain specially crafted environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. (CVE-2014-6271) For additional information on the CVE-2014-6271 flaw, refer to https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/criticalScientific Linux FermiScientific Linux Fermi 5bash-3.2-33.el5.1.i386.rpm54a03f6e15936f0adcac5bdc4c0430d82b0c4d9aSLSA-2014:1306-1It was found that the fix for CVE-2014-6271 was incomplete, and Bash still allowed certain characters to be injected into other environments via specially crafted environment variables. An attacker could potentially use this flaw to override or bypass environment restrictions to execute shell commands. Certain services and applications allow remote unauthenticated attackers to provide environment variables, allowing them to exploit this issue. (CVE-2014-7169) Applications which directly create bash functions as environment variables need to be made aware of changes to the way names are handled by this update. Note: Docker users are advised to use "yum update" within their containers, and to commit the resulting changes. For additional information on CVE-2014-6271 and CVE-2014-7169, refer to https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/importantScientific Linux FermiScientific Linux Fermi 5bash-3.2-33.el5_11.4.i386.rpm6dd653c39770fb7d8475f4d50b556f74de8c06d8SLSA-2014:1307-1A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. (CVE-2014-1568) After installing this update, applications using NSS must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5nss-devel-3.16.1-4.el5_11.i386.rpm747837872e8acb774017073f5aa73687e6befa3cnss-pkcs11-devel-3.16.1-4.el5_11.i386.rpme0de25006c45a24c520856720436a0ea3453233enss-tools-3.16.1-4.el5_11.i386.rpm1215bba8d72d4170dea8e9bffeadce333c8f4be7nss-3.16.1-4.el5_11.i386.rpm645b6a6aa50bfb2be80f65fbac507f7f91183d99SLSA-2014:1326-1It was found that the fix for CVE-2012-1571 was incomplete; the File Information (fileinfo) extension did not correctly parse certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. (CVE-2014-3587) A NULL pointer dereference flaw was found in the gdImageCreateFromXpm() function of PHP's gd extension. A remote attacker could use this flaw to crash a PHP application using gd via a specially crafted X PixMap (XPM) file. (CVE-2014-2497) Multiple buffer over-read flaws were found in the php_parserr() function of PHP. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application used the dns_get_record() function to perform a DNS query. (CVE-2014-3597) Two use-after-free flaws were found in the way PHP handled certain Standard PHP Library (SPL) Iterators and ArrayIterators. A malicious script author could possibly use either of these flaws to disclose certain portions of server memory. (CVE-2014-4670, CVE-2014-4698) The CVE-2014-3597 issue was discovered by David Kutlek of the Red Hat BaseOS QE. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 5php53-imap-5.3.3-24.el5.i386.rpm7b2ec89500a77ca960ba2cc290169e8a10fb2c50php53-devel-5.3.3-24.el5.i386.rpm0663fd2752794908a714b024d97e0bf5f23f5239php53-xml-5.3.3-24.el5.i386.rpmc3544460746fcb1fb780652a2bcd8946dbb49304php53-process-5.3.3-24.el5.i386.rpm24fc46a60a204bfa7f0215c2a82ff4e0a67981e5php53-mysql-5.3.3-24.el5.i386.rpm42ef5d5de7af6c3e34000f3cc1d5c445b91f1175php53-pspell-5.3.3-24.el5.i386.rpm674fe7789d9fec7fcf08e912e2013b2ab97de140php53-cli-5.3.3-24.el5.i386.rpm7708d48910703bff26790c31661940e8c5df3ee8php53-5.3.3-24.el5.i386.rpme72b70ca5975f8720265e868a7d40a930ad852eephp53-bcmath-5.3.3-24.el5.i386.rpma6b28ed03fb7f09a2908278f002c10772fe986ffphp53-snmp-5.3.3-24.el5.i386.rpm10f704f36ba55f7695ce41554e7d4c05b20763efphp53-gd-5.3.3-24.el5.i386.rpm6d5ea1893c9a3e4cb6d4cd35b8bbb562e710716fphp53-soap-5.3.3-24.el5.i386.rpmb23463b3b298e68fa59f33dda3419ebcbc391d32php53-intl-5.3.3-24.el5.i386.rpmdb07f57b1a614f823bfe196aecb71d4bfa9a4f35php53-ldap-5.3.3-24.el5.i386.rpmd7b9884bf2a7cb5caefe75070a6b3e274c4f2367php53-dba-5.3.3-24.el5.i386.rpm35100750b52cd1415879854bf4900d4d4aea71ebphp53-mbstring-5.3.3-24.el5.i386.rpmf5d2d7a427e73bc1b501c4e14040aaf940326f36php53-pgsql-5.3.3-24.el5.i386.rpm9ff7d8bb9f1b0007135bb8321bd60d0955f4f4bfphp53-common-5.3.3-24.el5.i386.rpm80ed419c05eddd2e6fe7f018f1960de660b7601ephp53-xmlrpc-5.3.3-24.el5.i386.rpm36b5c764fb32adb05b382ba0755714a153decbeaphp53-odbc-5.3.3-24.el5.i386.rpm66868bf3b8133112fa3c2d943d4447a8dc75febdphp53-pdo-5.3.3-24.el5.i386.rpm42393d9f69fd9c893f8f89224f77072b725fca77SLSA-2014:1633-1Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-6519) It was discovered that the StAX XML parser in the JAXP component in OpenJDK performed expansion of external parameter entities even when external entity substitution was disabled. A remote attacker could use this flaw to perform XML eXternal Entity (XXE) attack against applications using the StAX parser to parse untrusted XML documents. (CVE-2014-6517) It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source. (CVE-2014-6512) It was discovered that the TLS/SSL implementation in the JSSE component in OpenJDK failed to properly verify the server identity during the renegotiation following session resumption, making it possible for malicious TLS/SSL servers to perform a Triple Handshake attack against clients using JSSE and client certificate authentication. (CVE-2014-6457) It was discovered that the CipherInputStream class implementation in OpenJDK did not properly handle certain exceptions. This could possibly allow an attacker to affect the integrity of an encrypted stream handled by this class. (CVE-2014-6558) This update also fixes the following bug: * The TLS/SSL implementation in OpenJDK previously failed to handle Diffie-Hellman (DH) keys with more than 1024 bits. This caused client applications using JSSE to fail to establish TLS/SSL connections to servers using larger DH keys during the connection handshake. This update adds support for DH keys with size up to 2048 bits. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.7.0-openjdk-javadoc-1.7.0.71-2.5.3.1.el5_11.i386.rpm9e8dd253a2af0fd6f96e230d63fa1eab363cd6d3java-1.7.0-openjdk-devel-1.7.0.71-2.5.3.1.el5_11.i386.rpm7da9e492221d4cd24e552b7c0b836bcb171ae108java-1.7.0-openjdk-1.7.0.71-2.5.3.1.el5_11.i386.rpm85bb1aede7217d9642b8a0226425b5b3c772e032java-1.7.0-openjdk-src-1.7.0.71-2.5.3.1.el5_11.i386.rpm85036c7c12e59c6bf00691c40872991a1a75c82bjava-1.7.0-openjdk-demo-1.7.0.71-2.5.3.1.el5_11.i386.rpm893e0a50b6e61a606d1ad61d8f72bdd330dfb4b4SLSA-2014:1634-1Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-6519) It was discovered that the StAX XML parser in the JAXP component in OpenJDK performed expansion of external parameter entities even when external entity substitution was disabled. A remote attacker could use this flaw to perform XML eXternal Entity (XXE) attack against applications using the StAX parser to parse untrusted XML documents. (CVE-2014-6517) It was discovered that the DatagramSocket implementation in OpenJDK failed to perform source address checks for packets received on a connected socket. A remote attacker could use this flaw to have their packets processed as if they were received from the expected source. (CVE-2014-6512) It was discovered that the TLS/SSL implementation in the JSSE component in OpenJDK failed to properly verify the server identity during the renegotiation following session resumption, making it possible for malicious TLS/SSL servers to perform a Triple Handshake attack against clients using JSSE and client certificate authentication. (CVE-2014-6457) It was discovered that the CipherInputStream class implementation in OpenJDK did not properly handle certain exceptions. This could possibly allow an attacker to affect the integrity of an encrypted stream handled by this class. (CVE-2014-6558) This update also fixes the following bug: * The TLS/SSL implementation in OpenJDK previously failed to handle Diffie-Hellman (DH) keys with more than 1024 bits. This caused client applications using JSSE to fail to establish TLS/SSL connections to servers using larger DH keys during the connection handshake. This update adds support for DH keys with size up to 2048 bits. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.6.0-openjdk-src-1.6.0.33-1.13.5.0.el5_11.i386.rpmdcda0f728ef7cb9f60157a075b7db87eab0fea41java-1.6.0-openjdk-1.6.0.33-1.13.5.0.el5_11.i386.rpm56ef097b2b77ab0212d0acadd4423634e216d636java-1.6.0-openjdk-devel-1.6.0.33-1.13.5.0.el5_11.i386.rpmdd44c562bf9611beb1f4b3025cdaebe1b7f5e5f3java-1.6.0-openjdk-demo-1.6.0.33-1.13.5.0.el5_11.i386.rpm7c7fc2fd4df9b2b55f8c82c8118b9541332a161djava-1.6.0-openjdk-javadoc-1.6.0.33-1.13.5.0.el5_11.i386.rpmc83d4ff685649f5fe7ae8707fc541536f29c721fSLSA-2014:1635-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1574, CVE-2014-1578, CVE-2014-1581, CVE-2014-1576, CVE-2014-1577) A flaw was found in the Alarm API, which allows applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass cross-origin restrictions. (CVE-2014-1583) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-31.2.0-3.el5_11.i386.rpm171b9cc0066958a0692d5c9d55823495aefd67fdSLSA-2014:1647-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1574, CVE-2014-1578, CVE-2014-1581, CVE-2014-1577) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-31.2.0-2.el5_11.i386.rpm5e9fc92f7e417347a8ad0f2d818b171ae00ace2fSLSA-2014:1653-1This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see Upstream's Knowledgebase article at https://access.redhat.com/articles/1232123 For the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.moderateScientific Linux FermitrueScientific Linux Fermi 5openssl-devel-0.9.8e-31.el5_11.i386.rpm860ce589037069ad456bb44badca8a8e657de465openssl-perl-0.9.8e-31.el5_11.i386.rpma8ab37d156cd903de2987b2eafcc9a9743e7c9ffopenssl-0.9.8e-31.el5_11.i686.rpma08805f40a8588a6b70e8da550f7bbeb703e000dopenssl-0.9.8e-31.el5_11.i386.rpm69d845607d9077beb6efce68b817ce7b1cfe424dSLSA-2014:1671-1A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon. (CVE-2014-3634) After installing the update, the rsyslog service will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 5rsyslog5-gssapi-5.8.12-5.el5_11.i386.rpm52d7d3786a4f0c43c0094173b98082997235d3bersyslog5-mysql-5.8.12-5.el5_11.i386.rpm2ee309dadb65cc3e90885aa22f2fc84ce034d528rsyslog5-5.8.12-5.el5_11.i386.rpmce241a7510536ee3c249b87ce6b6d1454777920frsyslog5-pgsql-5.8.12-5.el5_11.i386.rpmbcc0fc4f4a916af5bc3a1a835fd2d9f5ec240dbbrsyslog5-snmp-5.8.12-5.el5_11.i386.rpm0778d2006737df33451302da361fa86a786c15b9rsyslog5-gnutls-5.8.12-5.el5_11.i386.rpmd7be833620f3ee7d08f4abfabb4baab8044cb4c4SLSA-2014:1677-1Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark. (CVE-2014-6429, CVE-2014-6430, CVE-2014-6431, CVE-2014-6432) Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. (CVE-2014-6421, CVE-2014-6422, CVE-2014-6423, CVE-2014-6425, CVE-2014-6428) All running instances of Wireshark must be restarted for the update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 5wireshark-1.0.15-7.el5_11.i386.rpm83e7ff76723795454ea2e4a1c551954e4e8a11dbwireshark-gnome-1.0.15-7.el5_11.i386.rpm6aba865ca0af9fc806c3fb77aec9470f31ee8c35SLSA-2014:1768-1A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670) An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669) An out-of-bounds read flaw was found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file. (CVE-2014-3710) An out of bounds read flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-3668) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5php53-mysql-5.3.3-26.el5_11.i386.rpm357859a5ab7ecc335d08ee6c23c77e675dbba21cphp53-common-5.3.3-26.el5_11.i386.rpme3de049c6a9ee242be63fbaab14edc9d0321b63aphp53-intl-5.3.3-26.el5_11.i386.rpmbbcf3e68fccfc88c2ab7320079c02b117754a2a0php53-pspell-5.3.3-26.el5_11.i386.rpm31e88582348f2cefd0d263c35d181a3b72b4840fphp53-soap-5.3.3-26.el5_11.i386.rpmb3b0849fdba8b8534582b3191dd4fb0e84224a15php53-dba-5.3.3-26.el5_11.i386.rpm8a7e2c057868ab79019e4486a1b6f1e4055312f0php53-snmp-5.3.3-26.el5_11.i386.rpm02169d0df1613c7ebe0a789322fb726177eb855aphp53-imap-5.3.3-26.el5_11.i386.rpmea7755e5948b62b6e2c581f38b834d87dfc4736dphp53-pdo-5.3.3-26.el5_11.i386.rpm4e2a3dc6d3b164e631e8a39b9ce45a888986a46cphp53-xml-5.3.3-26.el5_11.i386.rpma1c2969edba6f0b44625fc5f9d2a24e2629de735php53-cli-5.3.3-26.el5_11.i386.rpmf863f7a7633b0c6406b8ef95229014897b644ddcphp53-gd-5.3.3-26.el5_11.i386.rpm437274a2f3a0b8518bca30503044ed4aaabac133php53-pgsql-5.3.3-26.el5_11.i386.rpm1d3e8989a192d090479aba9d844511263d2a269fphp53-xmlrpc-5.3.3-26.el5_11.i386.rpm5547d0a8c2a6425fb2148bf268eea7c44246d3e6php53-devel-5.3.3-26.el5_11.i386.rpm278ec03edbe5387fa52b2ccf2399c47c7953ba90php53-process-5.3.3-26.el5_11.i386.rpm14c5d592b7bb0bf790a13514581196daedc09f12php53-bcmath-5.3.3-26.el5_11.i386.rpm3bbb8b79dc31019eb722c2e499f065fff118fa18php53-odbc-5.3.3-26.el5_11.i386.rpmb7a0375ca3b694aedd396382ae6eb23a26517952php53-mbstring-5.3.3-26.el5_11.i386.rpmaebaf9bc6da590a298fef2c912da693825ada373php53-ldap-5.3.3-26.el5_11.i386.rpm3e657c2d7cc94b7c0d0b795fc8e07e3063de41a3php53-5.3.3-26.el5_11.i386.rpmfb36bd16585c54d2e18166ccf1520f46eef52373SLSA-2014:1824-1A buffer overflow flaw was found in the Exif extension. A specially crafted JPEG or TIFF file could cause a PHP application using the exif_thumbnail() function to crash or, possibly, execute arbitrary code with the privileges of the user running that PHP application. (CVE-2014-3670) A stack-based buffer overflow flaw was found in the way the xmlrpc extension parsed dates in the ISO 8601 format. A specially crafted XML-RPC request or response could possibly cause a PHP application to crash. (CVE-2014-8626) An integer overflow flaw was found in the way custom objects were unserialized. Specially crafted input processed by the unserialize() function could cause a PHP application to crash. (CVE-2014-3669) After installing the updated packages, the httpd daemon must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5php-cli-5.1.6-45.el5_11.i386.rpmaa2e14a939786c71c438079982bcb17afedf3b43php-bcmath-5.1.6-45.el5_11.i386.rpm925bbce01f74b3b41e93f905d8353f99caed8f7dphp-imap-5.1.6-45.el5_11.i386.rpm5a2905b0624caea89d1af7b6fbd8d746226b0119php-pdo-5.1.6-45.el5_11.i386.rpm29674b5301aeb852f6b759e7bc7dd782583ef0bdphp-ldap-5.1.6-45.el5_11.i386.rpmb652ec7723f0240ce59e0cf3fd5193e5fda333acphp-odbc-5.1.6-45.el5_11.i386.rpm201bde400c416af9d67a7750eded345246b9b81aphp-pgsql-5.1.6-45.el5_11.i386.rpmc75c9fa6c1cb2047ab07661b470e3490bd84e406php-dba-5.1.6-45.el5_11.i386.rpm30663551bd6a9284a05bc649d457f412230a1849php-5.1.6-45.el5_11.i386.rpmbf78a44bba87e41447335fad28013c3027039e1bphp-mysql-5.1.6-45.el5_11.i386.rpm2a4deeaef0aaf78999118bfe846bf96278c3c337php-gd-5.1.6-45.el5_11.i386.rpmc7c3bb7b6ba6f627f824fefc0b7dfc49891ebddaphp-soap-5.1.6-45.el5_11.i386.rpm3d51805251c0a659c45bb052b294516a0c147b59php-mbstring-5.1.6-45.el5_11.i386.rpm5638420754feaed475dbaf04ed53116a1da7b396php-snmp-5.1.6-45.el5_11.i386.rpm369290ed679929c57638a9f90e2c05e3e2f7772aphp-common-5.1.6-45.el5_11.i386.rpmda113618556937172de8938475b3dcdb2219ba59php-ncurses-5.1.6-45.el5_11.i386.rpm30f1635e7bd39027a6e53d0e363bb55bf3b9335bphp-xml-5.1.6-45.el5_11.i386.rpm85ab6b2a65a509cb3aea03c89cc1ec6be27d5f65php-devel-5.1.6-45.el5_11.i386.rpm58529c03573f1a483aac5e58ab37e159068e0deephp-xmlrpc-5.1.6-45.el5_11.i386.rpm1e30a842189ba30f38fb1621807bb161e6c9c2bfSLSA-2014:1859-1This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page. (CVE-2014-2494, CVE-2014-4207, CVE-2014-4243, CVE-2014-4258, CVE-2014-4260, CVE-2014-4287, CVE-2014-4274, CVE-2014-6463, CVE-2014-6464, CVE-2014-6469, CVE-2014-6484, CVE-2014-6505, CVE-2014-6507, CVE-2014-6520, CVE-2014-6530, CVE-2014-6551, CVE-2014-6555, CVE-2014-6559) After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5mysql55-mysql-libs-5.5.40-2.el5.i386.rpma83c58cb2b0af82ff11c887a9fc856686df5efa6mysql55-mysql-bench-5.5.40-2.el5.i386.rpme33a35000421481c8504fc6f6cff059140afb747mysql55-mysql-5.5.40-2.el5.i386.rpmca4982866cf85bd5b8d94a49adae27d289778a0dmysql55-mysql-devel-5.5.40-2.el5.i386.rpm354c40854e5cf119c1aba7337988485e81102feamysql55-mysql-server-5.5.40-2.el5.i386.rpm56566dbed9500af4e8f590ede82d35f50a3d51ecmysql55-mysql-test-5.5.40-2.el5.i386.rpmebecad4215664389617bb3bb085992a3e734842bSLSA-2014:1885-1A denial of service flaw was found in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior. (CVE-2014-3660) The desktop must be restarted (log out, then log back in) for this update to take effect.moderateScientific Linux FermitruetrueScientific Linux Fermi 5libxml2-devel-2.6.26-2.1.25.el5_11.i386.rpm038113bba7c25ae05d12395fa54445aa467ae4e7libxml2-python-2.6.26-2.1.25.el5_11.i386.rpm6be14d8c3a598f17d854defc66566667b171a365libxml2-2.6.26-2.1.25.el5_11.i386.rpm6f5850ecf6f65f79631523a62c61803e2028071cSLSA-2014:1893-1A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2014-0209) Multiple out-of-bounds write flaws were found in the way libXfont parsed replies received from an X.org font server. A malicious X.org server could cause an X client to crash or, possibly, execute arbitrary code with the privileges of the X.Org server. (CVE-2014-0210, CVE-2014-0211) All running X.Org server instances must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5libXfont-devel-1.2.2-1.0.6.el5_11.i386.rpm43f8c0c08a49a87902721d0db2da2fddba16ac0flibXfont-1.2.2-1.0.6.el5_11.i386.rpm4d40f01f0c29210651a1ca541a216e9364b6689cSLSA-2014:1919-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1587, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593) A flaw was found in the Alarm API, which could allow applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass the same-origin policy. (CVE-2014-1594) This update disables SSL 3.0 support by default in Firefox. Details on how to re-enable SSL 3.0 support are available at: After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-31.3.0-4.el5_11.i386.rpmada725d5ad3f60b688b0f63828587e0ce7db43e6SLSA-2014:1924-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1587, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593) A flaw was found in the Alarm API, which could allow applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass the same-origin policy. (CVE-2014-1594) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. This update disables SSL 3.0 support by default in Thunderbird. Details on how to re-enable SSL 3.0 support are available at: After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-31.3.0-1.el5_11.i386.rpm0166631e2800214dd683d78cd1271f5bd27f2bb6SLSA-2014:1948-1This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. The nss, nss-util, and nss-softokn packages have been upgraded to upstream version 3.16.2.3, which provides a number of bug fixes and enhancements over the previous version, and adds the support for Mozilla Firefox 31.3. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5nss-pkcs11-devel-3.16.2.3-1.el5_11.i386.rpmfc8942081e86cde75810ff6b429f9d022c73a64enss-devel-3.16.2.3-1.el5_11.i386.rpmdc9eca927b5dd97442289a9dcc08cf7782d9923bnss-tools-3.16.2.3-1.el5_11.i386.rpme37a80410ad0d2ff118b05757faced39764e31eenss-3.16.2.3-1.el5_11.i386.rpm994a209914a99bb11a61f115cf900290de541956SLSA-2014:1959-1* It was found that the permission checks performed by the Linux kernel when a netlink message was received were not sufficient. A local, unprivileged user could potentially bypass these restrictions by passing a netlink socket as stdout or stderr to a more privileged process and altering the output of this process. (CVE-2014-0181, Moderate) This update also fixes the following bugs: * Previously, the kernel did not successfully deliver multicast packets when the multicast querier was disabled. Consequently, the corosync utility terminated unexpectedly and the affected storage node did not join its intended cluster. With this update, multicast packets are delivered properly when the multicast querier is disabled, and corosync handles the node as expected. * Previously, the kernel wrote the metadata contained in all system information blocks on a single page of the /proc/sysinfo file. However, when the machine configuration was very extensive and the data did not fit on a single page, the system overwrote random memory regions, which in turn caused data corruption when reading the /proc/sysconf file. With this update, /proc/sysinfo automatically allocates a larger buffer if the data output does not fit the current buffer, which prevents the data corruption. * Prior to this update, the it_real_fn() function did not, in certain cases, successfully acquire the SIGLOCK signal when the do_setitimer() function used the ITIMER_REAL timer. As a consequence, the current process entered an endless loop and became unresponsive. This update fixes the bug and it_real_fn() no longer causes the kernel to become unresponsive. The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 5kernel-module-drbd-2.6.18-400.1.1.el5-8.3.7-1.sl5.i686.rpm782c92df6968e11ec46f258fa6fff0665503fbbfkernel-module-ipw3945-2.6.18-400.el5PAE-1.2.0-2.sl5.i686.rpm24d21a9c0f4e6454f7b311eff32f3344e72134bdkernel-devel-2.6.18-400.el5.i686.rpm69fdf6ba8c168a383e77b98096bddf99833de4edkernel-module-drbd-2.6.18-400.el5xen-8.3.7-1.sl5.i686.rpmc9f021a319344120f118e9121fe5b0e4ba88cc00kernel-module-openafs-2.6.18-400.el5PAE-1.4.15-85.sl5.i686.rpmed7b5f69637c593b1cf798852aeb27188d99808ckernel-module-openafs-2.6.18-400.el5xen-1.4.15-85.sl5.i686.rpm592804e9b8b7f31d47f6387973355101466ae6b8kernel-module-drbd-2.6.18-400.1.1.el5PAE-8.3.7-1.sl5.i686.rpm31997daef017ef192a68c657e6ea79a26f36390akernel-debug-2.6.18-400.el5.i686.rpmeaecbea1f7f0a508ab2c65112a7cf414d2393a57kernel-xen-2.6.18-400.el5.i686.rpmfdecf0fd06678d4c12bb611e8638f9067b5d4595kernel-module-aufs-2.6.18-400.el5xen-0.20090202.cvs-6.sl5.i686.rpm26b53d0cd809ae6948c0f2fa8aeed8594d338237kernel-doc-2.6.18-400.el5.noarch.rpm882f70101325d60c497e2d8ad5c9135b84f73301kernel-module-xfs-2.6.18-400.el5xen-0.4-2.sl5.i686.rpm9c4cb62345807c42ac928bfef96ffeabdd40eef6kernel-module-xfs-2.6.18-400.el5PAE-0.4-2.sl5.i686.rpm2e8a9d648dedc18ca3d838aedb798b5b19acf7b0kernel-xen-devel-2.6.18-400.el5.i686.rpm1f7cacfb833d0a04cc7df2d3292df49ae726477ckernel-headers-2.6.18-400.el5.i386.rpm383c9b313382072fe2340392f215a7860fa2c7cckernel-PAE-devel-2.6.18-400.el5.i686.rpmb292a59a18f3fee6c48f367fa1ee78d77e1d5312kernel-module-ipw3945-2.6.18-400.el5-1.2.0-2.sl5.i686.rpm63c363ac9ea280a53ea3733f84a079dc13f5652dkernel-PAE-2.6.18-400.el5.i686.rpm873cd0e0f37f749deb1a30e6e5401488e8a1c6dekernel-module-ipw3945-2.6.18-400.el5xen-1.2.0-2.sl5.i686.rpm35bd5ec6bb5256ba97d9d40b75875c5043fb852ekernel-module-openafs-2.6.18-400.el5-1.4.15-85.sl5.i686.rpm86393d291822972d83031aa370dddad1a5f3f03ckernel-module-xfs-2.6.18-400.el5-0.4-2.sl5.i686.rpm5ff11a6ce930fc4c97fbca4bacd000b001534c8ekernel-debug-devel-2.6.18-400.el5.i686.rpm82268bb96efadfb0052114b59f4182090bd59775kernel-2.6.18-400.el5.i686.rpm6b7eb21bb629c6e6c1e8812b9e3235390b8a4b3ckernel-module-aufs-2.6.18-400.el5PAE-0.20090202.cvs-6.sl5.i686.rpm4fb0a03b8a5645b5ff36bb6fad13394198f3f16dkernel-module-drbd-2.6.18-400.el5-8.3.7-1.sl5.i686.rpmcf4e2ba667235b97ab3cd8eeae509b18ca3c1e8bkernel-module-aufs-2.6.18-400.el5-0.20090202.cvs-6.sl5.i686.rpm30cb4f0a4a977e896c71b9dfdb2053bb3086696dSLSA-2014:1974-1It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and extracts commands from it. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation. (CVE-2013-6435) All running applications linked against the RPM library must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5rpm-4.4.2.3-36.el5_11.i386.rpm6b65d49189c036f9177660ae3958beb2595271b0rpm-devel-4.4.2.3-36.el5_11.i386.rpme8e3623a1164b074aad4ea105bdff96fd5496ederpm-build-4.4.2.3-36.el5_11.i386.rpmc04c7a7fb3f4e46d12b45f28a7ad88c2b692927brpm-python-4.4.2.3-36.el5_11.i386.rpm3bf665ea52f3a62b6b7da159a3595fc703d61f18rpm-apidocs-4.4.2.3-36.el5_11.i386.rpma581eeaba7530665ec4bc594c4ed1fe32caaa9f3rpm-libs-4.4.2.3-36.el5_11.i386.rpm91b8e222f468135036c232e2510b53edbb2f0443popt-1.10.2.3-36.el5_11.i386.rpm9afb665472c78c939b4fb4a616f30594784f365fSLSA-2014:1982-1Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. (CVE-2014-8092, CVE-2014-8093, CVE-2014-8098) It was found that the X.Org server did not properly handle SUN-DES-1 (Secure RPC) authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request. (CVE-2014-8091) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server, or leak memory contents to the client. (CVE-2014-8097) Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server. (CVE-2014-8095, CVE-2014-8096, CVE-2014-8099, CVE-2014-8100, CVE-2014-8101, CVE-2014-8102)importantScientific Linux FermiScientific Linux Fermi 5xorg-x11-server-Xnest-1.1.1-48.107.el5_11.i386.rpm5364b15450a1466970b97f84608858923edfc848xorg-x11-server-Xvnc-source-1.1.1-48.107.el5_11.i386.rpm7b207c2e96712a44875523320f9f7c3bfb1d0672xorg-x11-server-sdk-1.1.1-48.107.el5_11.i386.rpm78278a3d73e5bcdb4d4894f09ec87055772ffb3cxorg-x11-server-Xorg-1.1.1-48.107.el5_11.i386.rpm95e1aa3784cc3e49d49b6f9f58b70e4b23cba0c2xorg-x11-server-Xdmx-1.1.1-48.107.el5_11.i386.rpmadf217c9ee2614ae9f387c4e1148ac2361d9f744xorg-x11-server-Xvfb-1.1.1-48.107.el5_11.i386.rpmc5ebcb6ea212d819a64db414f9e8e3a456e02809xorg-x11-server-Xephyr-1.1.1-48.107.el5_11.i386.rpma6476e4d7c665bb6f9c51bb1cc10cde41d65665cSLSA-2014:1984-1A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5bind-9.3.6-25.P1.el5_11.2.i386.rpm37ef4224132b9775cc2571b68645246862e927f2bind-libs-9.3.6-25.P1.el5_11.2.i386.rpma579c90de2e1681f4bec884fb9fcca6e04527c09bind-devel-9.3.6-25.P1.el5_11.2.i386.rpm42c60b3ccfe3985fc2344c600a44da3a9d731304bind-sdb-9.3.6-25.P1.el5_11.2.i386.rpm5ecbd25995953daaf570e3a9d42ce82d20532093caching-nameserver-9.3.6-25.P1.el5_11.2.i386.rpmdcc5a63fa8a65d910ceed43bf0b1a0906cf02d61bind-chroot-9.3.6-25.P1.el5_11.2.i386.rpm96b8c56d43189190fa367046f1f148f9b78307c6bind-libbind-devel-9.3.6-25.P1.el5_11.2.i386.rpmb3944e0574850508751fcd522d0623f1fae9e7a7bind-utils-9.3.6-25.P1.el5_11.2.i386.rpm7528cb5916bb524fca5c99f703e37ec867eeb0f5SLSA-2014:1985-1A denial of service flaw was found in the way BIND followed DNS delegations. A remote attacker could use a specially crafted zone containing a large number of referrals which, when looked up and processed, would cause named to use excessive amounts of memory or crash. (CVE-2014-8500) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5bind97-utils-9.7.0-21.P2.el5_11.1.i386.rpm5d7dd2a11e3218aafacaba26186db04f05f87d8abind97-chroot-9.7.0-21.P2.el5_11.1.i386.rpm6dcf7e1a238c21b2ae21a2d13796767d49400353bind97-9.7.0-21.P2.el5_11.1.i386.rpma4cc8490464819705e2faf77e030897c20be9d23bind97-devel-9.7.0-21.P2.el5_11.1.i386.rpm256f7e3bf4ca58bbde8cc69bc6771406da635b12bind97-libs-9.7.0-21.P2.el5_11.1.i386.rpmb955dc836559b3f0c159917590f95c9567f084e7SLSA-2014:2008-1* A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS (stack segment) fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system. (CVE-2014-9322, Important) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5kernel-module-aufs-2.6.18-400.1.1.el5PAE-0.20090202.cvs-6.sl5.i686.rpme4423b405b197abdf4bee1a16284ac208580adf6kernel-headers-2.6.18-400.1.1.el5.i386.rpm63936ba07cb1c4d7dc7f5f9b03d70c16480b830dkernel-PAE-devel-2.6.18-400.1.1.el5.i686.rpmd024d28a04aafc99daa8af7c7885efbef444a48akernel-xen-2.6.18-400.1.1.el5.i686.rpm5d5697a2c5b57f59915eaaeb371f48903cd84d14kernel-module-xfs-2.6.18-400.1.1.el5xen-0.4-2.sl5.i686.rpm89d1ee7774e5f83dcd27b552bb681b2a708d640dkernel-module-ipw3945-2.6.18-400.1.1.el5xen-1.2.0-2.sl5.i686.rpm7747c2dfdf82dc3d002739d74c475f1fcec90b8dkernel-debug-2.6.18-400.1.1.el5.i686.rpmfa4596fcaae8234697b63dd435117566a39f1940kernel-module-ipw3945-2.6.18-400.1.1.el5-1.2.0-2.sl5.i686.rpm652dd6048a9fcdabd93269d25e11e971f2a3067ckernel-module-ipw3945-2.6.18-400.1.1.el5PAE-1.2.0-2.sl5.i686.rpm84859d8ae5a7a5e26c42cb92b12ca2656f25d1ebkernel-2.6.18-400.1.1.el5.i686.rpm1ca2e3be7165fa0cbdcb738c6a6798471f58b0c3kernel-debug-devel-2.6.18-400.1.1.el5.i686.rpm3a7f4a14f2d083ee105c55ce350aaa53d7f95387kernel-module-drbd-2.6.18-400.1.1.el5xen-8.3.7-1.sl5.i686.rpm3608e2d1e6c06363e4582547994c149ebaf795a5kernel-PAE-2.6.18-400.1.1.el5.i686.rpm6751863bde3d5fbc26804f95c24f7f4e910ef09dkernel-module-aufs-2.6.18-400.1.1.el5-0.20090202.cvs-6.sl5.i686.rpm13798bf6342747bfe85c9bf45e82c7ed4b811633kernel-doc-2.6.18-400.1.1.el5.noarch.rpm96857d888b158feb0b71d5b63469be07a2f5a1b4kernel-module-openafs-2.6.18-400.1.1.el5PAE-1.4.15-85.sl5.i686.rpm99b3a99fabf01957ceb3c08a22c0f33270c3ba52kernel-devel-2.6.18-400.1.1.el5.i686.rpm62fe13a363faa57a4ad1dcd42d791ec98127ad15kernel-module-xfs-2.6.18-400.1.1.el5PAE-0.4-2.sl5.i686.rpmbc41002313ef03cd4cd8fcc312cc06524cbfd269kernel-module-aufs-2.6.18-400.1.1.el5xen-0.20090202.cvs-6.sl5.i686.rpm28d039aa03ecb96a5e3fd9c70a1957c8f08b4375kernel-module-openafs-2.6.18-400.1.1.el5-1.4.15-85.sl5.i686.rpm10f1ea81668eed8f495b32a4e8033f5dc3daa821kernel-module-openafs-2.6.18-400.1.1.el5xen-1.4.15-85.sl5.i686.rpm109aeebda63874f4b1adf105441736b58027fb55kernel-xen-devel-2.6.18-400.1.1.el5.i686.rpm6a435d525eb5b5fd22dafc5ce3ed6ddce9439b2ckernel-module-xfs-2.6.18-400.1.1.el5-0.4-2.sl5.i686.rpm123914d4f7aa465c2fc8ac9e8e29b554541c1be0SLSA-2014:2025-1Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non- default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit. (CVE-2014-9295) It was found that ntpd automatically generated weak keys for its internal use if no ntpdc request authentication key was specified in the ntp.conf configuration file. A remote attacker able to match the configured IP restrictions could guess the generated key, and possibly use it to send ntpdc query or configuration requests. (CVE-2014-9293) It was found that ntp-keygen used a weak method for generating MD5 keys. This could possibly allow an attacker to guess generated MD5 keys that could then be used to spoof an NTP client or server. Note: it is recommended to regenerate any MD5 keys that had explicitly been generated with ntp-keygen; the default installation does not contain such keys). (CVE-2014-9294) After installing the update, the ntpd daemon will restart automatically.importantScientific Linux FermiScientific Linux Fermi 5ntp-4.2.2p1-18.el5_11.i386.rpm9692caefe9a0286fc2f5207f8976def29447758dSLSA-2015:0046-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639, CVE-2014-8641) It was found that the Beacon interface implementation in Firefox did not follow the Cross-Origin Resource Sharing (CORS) specification. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638) This update also fixes the following bug: * The default dictionary for Firefox's spell checker is now correctly set to the system's locale language. After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-31.4.0-1.el5_11.i386.rpm4b420d3c707ebfbdcc04f96eac4c1e71c1d9320cSLSA-2015:0047-1Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-8634, CVE-2014-8639) It was found that the Beacon interface implementation in Thunderbird did not follow the Cross-Origin Resource Sharing (CORS) specification. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (XSRF) attack. (CVE-2014-8638) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-31.4.0-1.el5_11.i386.rpm465ee82e4f68b64989751f7abec54256ffd71dd9SLSA-2015:0068-1A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the- middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) The CVE-2015-0383 issue was discovered by Red Hat. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.7.0-openjdk-devel-1.7.0.75-2.5.4.0.el5_11.i386.rpm88e7c29468021e6b8d7d97cc69c7769af0e68eb9java-1.7.0-openjdk-1.7.0.75-2.5.4.0.el5_11.i386.rpmaf78df3c1536f3bf6111e2a72cf832a2e93b36e1java-1.7.0-openjdk-javadoc-1.7.0.75-2.5.4.0.el5_11.i386.rpm04223cf4a50950d9ef58f27dfc7a6a2ef03fa1e3java-1.7.0-openjdk-demo-1.7.0.75-2.5.4.0.el5_11.i386.rpm79d8db16ef916c21e62218731fc3d20b60f3a167java-1.7.0-openjdk-src-1.7.0.75-2.5.4.0.el5_11.i386.rpm1f37848116204ca6a237d1eb13ffd8947e7b4d16SLSA-2015:0085-1A flaw was found in the way the Hotspot component in OpenJDK verified bytecode from the class files. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. (CVE-2014-6601) Multiple improper permission check issues were discovered in the JAX-WS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-0412, CVE-2015-0408) A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0395) A flaw was found in the way the DER (Distinguished Encoding Rules) decoder in the Security component in OpenJDK handled negative length values. A specially crafted, DER-encoded input could cause a Java application to enter an infinite loop when decoded. (CVE-2015-0410) A flaw was found in the way the SSL 3.0 protocol handled padding bytes when decrypting messages that were encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw could possibly allow a man-in-the- middle (MITM) attacker to decrypt portions of the cipher text using a padding oracle attack. (CVE-2014-3566) It was discovered that the SSL/TLS implementation in the JSSE component in OpenJDK failed to properly check whether the ChangeCipherSpec was received during the SSL/TLS connection handshake. An MITM attacker could possibly use this flaw to force a connection to be established without encryption being enabled. (CVE-2014-6593) An information leak flaw was found in the Swing component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0407) A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. (CVE-2014-6587) Multiple boundary check flaws were found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory. (CVE-2014-6585, CVE-2014-6591) Multiple insecure temporary file use issues were found in the way the Hotspot component in OpenJDK created performance statistics and error log files. A local attacker could possibly make a victim using OpenJDK overwrite arbitrary files using a symlink attack. (CVE-2015-0383) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.6.0-openjdk-1.6.0.34-1.13.6.1.el5_11.i386.rpmf2e948950344f2c802d1da4739ca532e45d115ddjava-1.6.0-openjdk-demo-1.6.0.34-1.13.6.1.el5_11.i386.rpm5cb0f91ff98a63b109fb9c988d0673679643f3a5java-1.6.0-openjdk-src-1.6.0.34-1.13.6.1.el5_11.i386.rpmce9c2b227c28e008ab294ae9ef7bb6bebbfa8ac6java-1.6.0-openjdk-javadoc-1.6.0.34-1.13.6.1.el5_11.i386.rpm2673cf6e5ad93d3e702cd9e472de17cf462da0bejava-1.6.0-openjdk-devel-1.6.0.34-1.13.6.1.el5_11.i386.rpm0141560c81c5462434cbd3fad39d0755bc124c5bSLSA-2015:0090-1A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application. (CVE-2015-0235)criticalScientific Linux FermiScientific Linux Fermi 5glibc-utils-2.5-123.el5_11.1.i386.rpma30d12d9f6dab7a9595f8a604dfb542ded6f83d5glibc-headers-2.5-123.el5_11.1.i386.rpmeb9687625a2f718f10aadddc49c44ccf72b34f34glibc-2.5-123.el5_11.1.i686.rpm4479549a93458503cd78f620c6f9399054649d06glibc-devel-2.5-123.el5_11.1.i386.rpm4722d89e2d5ae8c32e3647843c7225ab74597b95glibc-common-2.5-123.el5_11.1.i386.rpm0466825ef07249f41c2d797ebe961a11f84097adnscd-2.5-123.el5_11.1.i386.rpm138cc1d6c2dac36227ac451ba21ace55f7a23bc6glibc-2.5-123.el5_11.1.i386.rpm7d338c9eae27bd2f6bd2588fb767654ac70fbe98SLSA-2015:0164-1* A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system. (CVE-2014-7822, Moderate) This update also fixes the following bugs: * Previously, hot-unplugging of a virtio-blk device could in some cases lead to a kernel panic, for example during in-flight I/O requests. This update fixes race condition in the hot-unplug code in the virtio_blk.ko module. As a result, hot unplugging of the virtio-blk device no longer causes the guest kernel oops when there are in-flight I/O requests. * Before this update, due to a bug in the error-handling path, a corrupted metadata block could be used as a valid block. With this update, the error handling path has been fixed and more checks have been added to verify the metadata block. Now, when a corrupted metadata block is encountered, it is properly marked as corrupted and handled accordingly. * Previously, an incorrectly initialized variable resulted in a random value being stored in the variable that holds the number of default ACLs, and is sent in the SET_PATH_INFO data structure. Consequently, the setfacl command could, under certain circumstances, fail with an "Invalid argument" error. With this update, the variable is correctly initialized to zero, thus fixing the bug. The system must be rebooted for this update to take effect.moderateScientific Linux FermitrueScientific Linux Fermi 5kernel-PAE-devel-2.6.18-402.el5.i686.rpm983fe9a1892949464ae50ec6edb0bc6c99253912kernel-2.6.18-402.el5.i686.rpm762317688963826a4443209d09fbd8b043b53c4fkernel-module-ipw3945-2.6.18-402.el5xen-1.2.0-2.sl5.i686.rpm833f009f4163de0e6c4f7799a9e9d30c2064e86ekernel-module-drbd-2.6.18-402.el5-8.3.7-1.sl5.i686.rpm9524d3b8e2eef6ef6440cb6506475b906629499ckernel-debug-2.6.18-402.el5.i686.rpmbff5b7cd8a8506bfe4cb8bf92c05aac21b9702e1kernel-module-aufs-2.6.18-402.el5-0.20090202.cvs-6.sl5.i686.rpm963d6920619528592432d209a2eadb573954c57fkernel-module-xfs-2.6.18-402.el5-0.4-2.sl5.i686.rpm9f7ca2318200f5f9396a4f5e8b4ec80478326cd4kernel-module-drbd-2.6.18-402.el5PAE-8.3.7-1.sl5.i686.rpm8b85ce5441007312acffc12443aa14243cb36ebbkernel-module-ipw3945-2.6.18-402.el5PAE-1.2.0-2.sl5.i686.rpm694c404d5f2d3f3a2587ff2dbeb44d222a5fac8bkernel-module-xfs-2.6.18-402.el5xen-0.4-2.sl5.i686.rpm195470ef1a7281de16bcecd438c68c51dc2d7c30kernel-module-aufs-2.6.18-402.el5xen-0.20090202.cvs-6.sl5.i686.rpm5c4ed85763ac28fc6710a1f5865369660c72357akernel-module-openafs-2.6.18-402.el5xen-1.4.15-85.sl5.i686.rpm50582a745b60b874182a189612c08d7cf5adeacbkernel-xen-devel-2.6.18-402.el5.i686.rpm20c695804ecdd8cdbb028e148b2032236b2e1243kernel-PAE-2.6.18-402.el5.i686.rpm9b2850a46e3552ba4d65f757e8c304776691e554kernel-module-openafs-2.6.18-402.el5-1.4.15-85.sl5.i686.rpm7433f28b9841068de08a91aa44a67651f1b96611kernel-doc-2.6.18-402.el5.noarch.rpme3b761dc715a59e8d792fba6068498dbd9cb5ef6kernel-module-drbd-2.6.18-402.el5xen-8.3.7-1.sl5.i686.rpm28b521c5712fce64f07005213bf11c6361649036kernel-debug-devel-2.6.18-402.el5.i686.rpm42f34b2b48549d860113a74857916f622f587fa0kernel-headers-2.6.18-402.el5.i386.rpm067e2023e568009dde8da4ca17abb173197a9a35kernel-module-openafs-2.6.18-402.el5PAE-1.4.15-85.sl5.i686.rpmf9bd2a12c4e31f3cd99a7aec9d1c26f65d0a3ed2kernel-devel-2.6.18-402.el5.i686.rpmf21d0b7043c44a22da7a905489a0a6f63a5992e5kernel-module-ipw3945-2.6.18-402.el5-1.2.0-2.sl5.i686.rpm92ddffa5d75f0be604881e1ddd120af8ebf9e5b4kernel-module-aufs-2.6.18-402.el5PAE-0.20090202.cvs-6.sl5.i686.rpm6251fae97a26c96e946ff38d12819ae9e2f2ce25kernel-xen-2.6.18-402.el5.i686.rpmea026e02445b79ae8bcfa14b994bcdeb70b3c7f7kernel-module-xfs-2.6.18-402.el5PAE-0.4-2.sl5.i686.rpm5350df46e6bb793422c42d1768562985c34b65b7SLSA-2015:0249-1An uninitialized pointer use flaw was found in the Samba daemon (smbd). A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd (by default, the root user). (CVE-2015-0240) After installing this update, the smb service will be restarted automatically.criticalScientific Linux FermiScientific Linux Fermi 5samba3x-3.6.23-9.el5_11.i386.rpmf5a84d2cbcf45b982bac21f7a7796b35b91363fcsamba3x-doc-3.6.23-9.el5_11.i386.rpm565b52bde9b57c48f22b77313868ee2a7011dc83samba3x-swat-3.6.23-9.el5_11.i386.rpmdb00727792bf6940c6da35e47bdbb7c5568d7808samba3x-winbind-3.6.23-9.el5_11.i386.rpmc96375a6191d18eda0b127c3d44cb44c288e4ce2samba3x-common-3.6.23-9.el5_11.i386.rpm6c6cc3099e703aa9cddcfdc04f64d17f42caa930samba3x-domainjoin-gui-3.6.23-9.el5_11.i386.rpma48e382246d5d4c906fc60c09d8d5914314f79bdsamba3x-client-3.6.23-9.el5_11.i386.rpmd4c7f67df0e6babb996821870b8f30c9f858cf20samba3x-winbind-devel-3.6.23-9.el5_11.i386.rpm22427be0a8dc64c8a7302ea8edaa351ae952cf97SLSA-2015:0265-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-0836, CVE-2015-0831, CVE-2015-0827) An information leak flaw was found in the way Firefox implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file. (CVE-2015-0822) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-31.5.0-1.el5_11.i386.rpm2dbd00de8281c5038f38bfb04390ac57d27054b6SLSA-2015:0266-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-0836, CVE-2015-0831, CVE-2015-0827) An information leak flaw was found in the way Thunderbird implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file. (CVE-2015-0822) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-31.5.0-1.el5_11.i386.rpm57f1c906e636975125815cf8e86ab1fcd006698dSLSA-2015:0718-1Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-0817, CVE-2015-0818) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-31.5.3-1.el5_11.i386.rpm6d5858de8cb8aa8fe54dbb6016b0b6a2afddc3d0SLSA-2015:0729-1It was found that setroubleshoot did not sanitize file names supplied in a shell command look-up for RPMs associated with access violation reports. An attacker could use this flaw to escalate their privileges on the system by supplying a specially crafted file to the underlying shell command. (CVE-2015-1815)importantScientific Linux FermiScientific Linux Fermi 5setroubleshoot-2.0.5-7.el5_11.noarch.rpm2ef4dee87d98b21cee7e4cb8be32f3176aec5dc9setroubleshoot-server-2.0.5-7.el5_11.noarch.rpm4c0f496d7613c43a686e27447aef40bd16b581c2SLSA-2015:0766-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-0813, CVE-2015-0815, CVE-2015-0801) A flaw was found in the way documents were loaded via resource URLs in, for example, Mozilla's PDF.js PDF file viewer. An attacker could use this flaw to bypass certain restrictions and under certain conditions even execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-0816) A flaw was found in the Beacon interface implementation in Firefox. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (CSRF) attack. (CVE-2015-0807) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-31.6.0-2.el5_11.i386.rpmd64a4326aae24dc147f74ae6de2735d7932e146eSLSA-2015:0771-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-0813, CVE-2015-0815, CVE-2015-0801) A flaw was found in the way documents were loaded via resource URLs. An attacker could use this flaw to bypass certain restrictions and under certain conditions even execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-0816) A flaw was found in the Beacon interface implementation in Thunderbird. A web page containing malicious content could allow a remote attacker to conduct a Cross-Site Request Forgery (CSRF) attack. (CVE-2015-0807) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-31.6.0-1.el5_11.i386.rpm80d84a8568f822f4fc1d446b422fd01c13012dadSLSA-2015:0783-1* It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-8159, Important) * An insufficient bound checking flaw was found in the Xen hypervisor's implementation of acceleration support for the "REP MOVS" instructions. A privileged HVM guest user could potentially use this flaw to crash the host. (CVE-2014-8867, Important) This update also fixes the following bugs: * Under memory pressure, cached data was previously flushed to the backing server using the PID of the thread responsible for flushing the data in the Server Message Block (SMB) headers instead of the PID of the thread which actually wrote the data. As a consequence, when a file was locked by the writing thread prior to writing, the server considered writes by the thread flushing the pagecache as being a separate process from writing to a locked file, and thus rejected the writes. In addition, the data to be written was discarded. This update ensures that the correct PID is sent to the server, and data corruption is avoided when data is being written from a client under memory pressure. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5kernel-module-openafs-2.6.18-404.el5PAE-1.4.15-85.sl5.i686.rpm7cce126f399fc42484bd54c947984351cc01245dkernel-doc-2.6.18-404.el5.noarch.rpm5e2de59704b076ec9174224b7d96981b9f9b9a00kernel-module-drbd-2.6.18-404.el5xen-8.3.7-1.sl5.i686.rpmaff1bf8579a8667ba3220e7fdeb39a408b96b960kernel-PAE-devel-2.6.18-404.el5.i686.rpm60b8a8ec31ef4d47b875256e45238466cb262b55kernel-PAE-2.6.18-404.el5.i686.rpm59e486253b762b9ddef28a3d6a704acd2491b50ekernel-module-openafs-2.6.18-404.el5xen-1.4.15-86.sl5.i686.rpm45d63b3cd6ffc878a4b1a5c4e6824aeccfa22d88kernel-module-aufs-2.6.18-404.el5PAE-0.20090202.cvs-6.sl5.i686.rpm7c078dbf200c0ae8907d86f8b89d53b12c9b3b80kernel-module-aufs-2.6.18-404.el5-0.20090202.cvs-6.sl5.i686.rpm3c16b7934abfc79731e2f855623d39dbee1a1220kernel-module-ipw3945-2.6.18-404.el5xen-1.2.0-2.sl5.i686.rpme471234213ab71989557c8566f3b864704156dc0kernel-module-ipw3945-2.6.18-404.el5-1.2.0-2.sl5.i686.rpmc33814dc5eec7f28033a8485387248fb7e3d965bkernel-headers-2.6.18-404.el5.i386.rpm3e2c63faeaec6e972e65d922f1a3e21d03717075kernel-2.6.18-404.el5.i686.rpma5e0ce3acd972122ed6daa085f3696fa73db464ckernel-module-drbd-2.6.18-404.el5PAE-8.3.7-1.sl5.i686.rpm6f6575c743c832f3c4c9fb5ba2b9ebbdf2a4a0b7kernel-module-ipw3945-2.6.18-404.el5PAE-1.2.0-2.sl5.i686.rpm1fbad2acd06a0b44b3d6c920c0f5588f153b1a3fkernel-module-aufs-2.6.18-404.el5xen-0.20090202.cvs-6.sl5.i686.rpm5bad621c7778cf009daf22a76fb849b36a378454kernel-xen-devel-2.6.18-404.el5.i686.rpm47dae3bb6ddfac04eb47870f49800d78e73b4be5kernel-module-xfs-2.6.18-404.el5PAE-0.4-2.sl5.i686.rpmc93b08fb6c02997ee416a605436ea9091ef25e19kernel-module-drbd-2.6.18-404.el5-8.3.7-1.sl5.i686.rpm9520bf13111177f11d3b2dc1ef9a54a59aa08089kernel-devel-2.6.18-404.el5.i686.rpm084584c8707cd44879022f50c3da4e5b87a3fca9kernel-module-xfs-2.6.18-404.el5xen-0.4-2.sl5.i686.rpm3bfa87ee0bec4cab006d2295bef8a5e30ec192c6kernel-module-openafs-2.6.18-404.el5PAE-1.4.15-86.sl5.i686.rpm4a417fc4bbe4c3472262856f97bc5ed081e3fef0kernel-module-openafs-2.6.18-404.el5-1.4.15-85.sl5.i686.rpma60993a2c6bb8372677aa0675934389ae3c5728ekernel-module-xfs-2.6.18-404.el5-0.4-2.sl5.i686.rpm55fce464e9025d54bfb86382cd2181e7d2a0eaabkernel-debug-2.6.18-404.el5.i686.rpmf571b76b0f62aad14953640dc017fff0b3b825ackernel-xen-2.6.18-404.el5.i686.rpm4d90cc405f510e426cd03db15ed643c3fad979f1kernel-debug-devel-2.6.18-404.el5.i686.rpm03f01cc3f253f598d747660854e199a2cd443f6dkernel-module-openafs-2.6.18-404.el5-1.4.15-86.sl5.i686.rpmfcacd56836ef1d0cbed3212ec76c7c3734e46e56kernel-module-openafs-2.6.18-404.el5xen-1.4.15-85.sl5.i686.rpm89416db64c67bcb139000e65413818ac1d508b24SLSA-2015:0800-1It was discovered that OpenSSL would accept ephemeral RSA keys when using non-export RSA cipher suites. A malicious server could make a TLS/SSL client using OpenSSL use a weaker key exchange method. (CVE-2015-0204) An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker able to make an application using OpenSSL decode a specially crafted Base64-encoded input (such as a PEM file) could use this flaw to cause the application to crash. Note: this flaw is not exploitable via the TLS/SSL protocol because the data being transferred is not Base64-encoded. (CVE-2015-0292) A denial of service flaw was found in the way OpenSSL handled SSLv2 handshake messages. A remote attacker could use this flaw to cause a TLS/SSL server using OpenSSL to exit on a failed assertion if it had both the SSLv2 protocol and EXPORT-grade cipher suites enabled. (CVE-2015-0293) Multiple flaws were found in the way OpenSSL parsed X.509 certificates. An attacker could use these flaws to modify an X.509 certificate to produce a certificate with a different fingerprint without invalidating its signature, and possibly bypass fingerprint-based blacklisting in applications. (CVE-2014-8275) An out-of-bounds write flaw was found in the way OpenSSL reused certain ASN.1 structures. A remote attacker could possibly use a specially crafted ASN.1 structure that, when parsed by an application, would cause that application to crash. (CVE-2015-0287) A NULL pointer dereference flaw was found in OpenSSL's X.509 certificate handling implementation. A specially crafted X.509 certificate could cause an application using OpenSSL to crash if the application attempted to convert the certificate to a certificate request. (CVE-2015-0288) A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. An attacker able to make an application using OpenSSL verify, decrypt, or parse a specially crafted PKCS#7 input could cause that application to crash. TLS/SSL clients and servers using OpenSSL were not affected by this flaw. (CVE-2015-0289) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitrueScientific Linux Fermi 5openssl-0.9.8e-33.el5_11.i686.rpm53ff4468848f5eb2c1ac24a16e6d82b0a6c8667aopenssl-0.9.8e-33.el5_11.i386.rpma03b56ec1e78ef9003f0ea3c2963297226a4f67copenssl-perl-0.9.8e-33.el5_11.i386.rpm79d2a6853038c54f1814405f0c69430cce8b1f05openssl-devel-0.9.8e-33.el5_11.i386.rpm2efa56063f94a9f140e889ce13ae2f07ab6cc09aSLSA-2015:0807-1An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.7.0-openjdk-src-1.7.0.79-2.5.5.2.el5_11.i386.rpm1320bc829f9409b587438e5adc063d2f7e49e114java-1.7.0-openjdk-demo-1.7.0.79-2.5.5.2.el5_11.i386.rpm32577134ee9d1c6ecb1ce2de3bc007dbe37cba89java-1.7.0-openjdk-javadoc-1.7.0.79-2.5.5.2.el5_11.i386.rpmc0d5ee220370891e9d723021164021f4eadb85d1java-1.7.0-openjdk-1.7.0.79-2.5.5.2.el5_11.i386.rpm1f615b996db727a83de4625f18a5c2059bb4f7c5java-1.7.0-openjdk-devel-1.7.0.79-2.5.5.2.el5_11.i386.rpma0442bbb2a35c78bc806951a4c6a002f9ad71f85SLSA-2015:0808-1An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2015-0469) A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. (CVE-2015-0460) A flaw was found in the way the JSSE component in OpenJDK parsed X.509 certificate options. A specially crafted certificate could cause JSSE to raise an exception, possibly causing an application using JSSE to exit unexpectedly. (CVE-2015-0488) A flaw was discovered in the Beans component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-0477) A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. (CVE-2005-1080, CVE-2015-0480) It was found that the RSA implementation in the JCE component in OpenJDK did not follow recommended practices for implementing RSA signatures. (CVE-2015-0478) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.6.0-openjdk-devel-1.6.0.35-1.13.7.1.el5_11.i386.rpm9c904e35b9c2159264887d562ab933ec6b47828djava-1.6.0-openjdk-1.6.0.35-1.13.7.1.el5_11.i386.rpm59704070986ef52d1f36d9d3f473c63a184d0258java-1.6.0-openjdk-demo-1.6.0.35-1.13.7.1.el5_11.i386.rpm50b079fb19a3a1f956f6710039b3e02aa0d8ba9ejava-1.6.0-openjdk-javadoc-1.6.0.35-1.13.7.1.el5_11.i386.rpmfa93385c95d9e3b6b5121f7ebdeb3132f5f089a7java-1.6.0-openjdk-src-1.6.0.35-1.13.7.1.el5_11.i386.rpm3136a9652cb3178be6a0791945f74b4c1ed651daSLSA-2015:0988-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-2708, CVE-2015-0797, CVE-2015-2710, CVE-2015-2713) A heap-based buffer overflow flaw was found in the way Firefox processed compressed XML data. An attacker could create specially crafted compressed XML content that, when processed by Firefox, could cause it to crash or execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-2716) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-38.0-4.el5_11.i386.rpmff2e0723ae8d0386a37c173bc732cb3972ba5ea8SLSA-2015:1002-1An out-of-bounds memory access flaw was found in the way QEMU's virtual Floppy Disk Controller (FDC) handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileges of the host's QEMU process corresponding to the guest. (CVE-2015-3456) After installing the updated packages, all running fully-virtualized guests must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5xen-3.0.3-146.el5_11.i386.rpm3ded105f71b07447ca56507d5f487cde7ec66f3exen-devel-3.0.3-146.el5_11.i386.rpm5b6ac00e66586295bcf6dabefea403fe1f1bfedbxen-libs-3.0.3-146.el5_11.i386.rpmc6a4e959597f57b34d0e49c14e228872de32cf0cSLSA-2015:1012-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-2708, CVE-2015-2710, CVE-2015-2713) A heap-based buffer overflow flaw was found in the way Thunderbird processed compressed XML data. An attacker could create specially crafted compressed XML content that, when processed by Thunderbird, could cause it to crash or execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-2716) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-31.7.0-1.el5_11.i386.rpm0915291f170f7a1226585c5ee68600a5554a243bSLSA-2015:1042-1* It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2015-1805, Important) This update fixes the following bugs: * Due to a bug in the lpfc_device_reset_handler() function, a scsi command timeout could lead to a system crash. With this update, lpfc_device_reset_handler recovers storage without crashing. * Due to the code decrementing the reclaim_in_progress counter without having incremented it first, severe spinlock contention occurred in the shrink_zone() function even though the vm.max_reclaims_in_progress feature was set to 1. This update provides a patch fixing the underlying source code, and spinlock contention no longer occurs in this scenario. * A TCP socket using SACK that had a retransmission but recovered from it, failed to reset the retransmission timestamp. As a consequence, on certain connections, if a packet had to be re-transmitted, the retrans_stamp variable was only cleared when the next acked packet was received. This could lead to an early abortion of the TCP connection if this next packet also got lost. With this update, the socket clears retrans_stamp when the recovery is completed, thus fixing the bug. * Previously, the signal delivery paths did not clear the TS_USEDFPU flag, which could cause problems in the switch_to() function and lead to floating-point unit (FPU) corruption. With this update, TS_USEDFPU is cleared as expected, and FPU is no longer under threat of corruption. * A race condition in the exit_sem() function previously caused the semaphore undo list corruption. As a consequence, a kernel crash could occur. The corruption in the semaphore undo list has been fixed, and the kernel no longer crashes in this situation. * Previously, when running the "virsh blockresize [Device] [Newsize]" command to resize the disk, the new size was not reflected in a Scientific Linux 5 Virtual Machine (VM). With this update, the new size is now reflected online immediately in a Scientific Linux 5 VM so it is no longer necessary to reboot the VM to see the new disk size. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5kernel-module-xfs-2.6.18-406.el5PAE-0.4-2.sl5.i686.rpm46920eab3d4f5cfc1f961959a92c9a9ed9dcd175kernel-module-xfs-2.6.18-406.el5xen-0.4-2.sl5.i686.rpm94bdcf873ec183cd831894855b1451583772b660kernel-module-openafs-2.6.18-406.el5-1.4.15-85.sl5.i686.rpm0f2d95540e79d3c1d815c87ab305d141bc0ce944kernel-module-openafs-2.6.18-406.el5xen-1.4.15-86.sl5.i686.rpm445fd1231f964b72a3f0142e15005071c1ea647ekernel-module-aufs-2.6.18-406.el5-0.20090202.cvs-6.sl5.i686.rpmdba60f95a6a1980995a0cf9291532f66e8df44d9kernel-module-ipw3945-2.6.18-406.el5-1.2.0-2.sl5.i686.rpmaab9af0edbca6bfcb1d708ef8350865a5e8dec58kernel-module-aufs-2.6.18-406.el5PAE-0.20090202.cvs-6.sl5.i686.rpme2097de4c9a0149f623cef21295b163e49bb0b4ckernel-2.6.18-406.el5.i686.rpm29e1e98f89150e5d194200ca538239626f1c18a4kernel-module-openafs-2.6.18-406.el5PAE-1.4.15-86.sl5.i686.rpma8e5ee3051ea3f7750a59578db3b8e2bd3558b69kernel-PAE-2.6.18-406.el5.i686.rpm1ee84da62ccdbb17b0972d64fc0b877502709d53kernel-module-openafs-2.6.18-406.el5-1.4.15-86.sl5.i686.rpm6dc6cd0dd3d6dc9e7cbff8802789fb57f4ea2377kernel-module-xfs-2.6.18-406.el5-0.4-2.sl5.i686.rpmded40bc247d9dee5242092b53568e90cd3950d53kernel-module-openafs-2.6.18-406.el5PAE-1.4.15-85.sl5.i686.rpm80e2bcc9265728ebb1fa3430a98396e552cf027akernel-PAE-devel-2.6.18-406.el5.i686.rpm08f13ec283e5bd80a816085a74cf74641b10fb44kernel-xen-2.6.18-406.el5.i686.rpmdfb02b1376682cad795858ebe6b1312b9ac42290kernel-headers-2.6.18-406.el5.i386.rpmef223ee9078cda185fbd3a4716cccee937ba4a85kernel-doc-2.6.18-406.el5.noarch.rpm5751271bec42b1e7730c3171e5142cf31e4e1f8ekernel-module-aufs-2.6.18-406.el5xen-0.20090202.cvs-6.sl5.i686.rpma49e91a2df33a27c5730ca8928c5088a2192bda4kernel-debug-2.6.18-406.el5.i686.rpmc4e11c5cd32d850547081a06d084c0fcca7d023ekernel-module-ipw3945-2.6.18-406.el5xen-1.2.0-2.sl5.i686.rpm1a94c26e39332f18eecee4574fbad13c3ce42d6ekernel-module-openafs-2.6.18-406.el5xen-1.4.15-85.sl5.i686.rpmda1e953f103e93398bb1704c14d6897aeb9960d2kernel-devel-2.6.18-406.el5.i686.rpm11e8bce4b6b3902c1fcf2a488ab5ffde7d3557a6kernel-xen-devel-2.6.18-406.el5.i686.rpm00f4cc3bcb5be07ab6e71d52387e7b2a4905d591kernel-module-ipw3945-2.6.18-406.el5PAE-1.2.0-2.sl5.i686.rpmd368d6a144b69f304610f238e3a85a9137232a57kernel-debug-devel-2.6.18-406.el5.i686.rpmc7875520382154da4952a121be4395b29d5fedd3SLSA-2015:1197-1An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List (CRL) could possibly cause a TLS/SSL server or client using OpenSSL to crash. (CVE-2015-1789) A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash. (CVE-2015-1790) A flaw was found in the way the TLS protocol composes the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them to decrypt all traffic. (CVE-2015-4000) Note: This update forces the TLS/SSL client implementation in OpenSSL to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits. For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitrueScientific Linux Fermi 5openssl-devel-0.9.8e-36.el5_11.i386.rpm28ecbc62a93896cb4b8c4447f822a8ef28bb9649openssl-0.9.8e-36.el5_11.i386.rpm5fbe88c4a3b7471f7499ee82d08861e7cd9f86cbopenssl-perl-0.9.8e-36.el5_11.i386.rpm5e10fdd62b79872ec57aacf15e55b6e7a213bfb3openssl-0.9.8e-36.el5_11.i686.rpmc00af5531e6317cef5ef08b6cb119b2340ecb195SLSA-2015:1207-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-2724, CVE-2015-2725, CVE-2015-2722, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2731, CVE-2015-2733, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740) It was found that Firefox skipped key-pinning checks when handling an error that could be overridden by the user (for example an expired certificate error). This flaw allowed a user to override a pinned certificate, which is an action the user should not be able to perform. (CVE-2015-2741) A flaw was discovered in Mozilla's PDF.js PDF file viewer. When combined with another vulnerability, it could allow execution of arbitrary code with the privileges of the user running Firefox. (CVE-2015-2743) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-38.1.0-1.el5_11.i386.rpm519a4d359cbf6b45ec8d86de87e1b5eb65cfda99SLSA-2015:1230-1Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol (OCSP) responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid. (CVE-2015-4748) It was discovered that the JCE component in OpenJDK failed to use constant time comparisons in multiple cases. An attacker could possibly use these flaws to disclose sensitive information by measuring the time used to perform operations using these non-constant time comparisons. (CVE-2015-2601) A flaw was found in the RC4 encryption algorithm. When using certain keys for RC4 encryption, an attacker could obtain portions of the plain text from the cipher text without the knowledge of the encryption key. (CVE-2015-2808) A flaw was found in the way the TLS protocol composed the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. (CVE-2015-4000) It was discovered that the JNDI component in OpenJDK did not handle DNS resolutions correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution. (CVE-2015-4749) Multiple information leak flaws were found in the JMX and 2D components in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-2621, CVE-2015-2632) A flaw was found in the way the JSSE component in OpenJDK performed X.509 certificate identity verification when establishing a TLS/SSL connection to a host identified by an IP address. In certain cases, the certificate was accepted as valid if it was issued for a host name to which the IP address resolves rather than for the IP address. (CVE-2015-2625) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.3.el5_11.i386.rpm330fc1523eab325163269ee528c6d45366c8f8a0java-1.7.0-openjdk-javadoc-1.7.0.85-2.6.1.3.el5_11.i386.rpm728c4bb4e72f2be14bc1d9c08f36a777e6dd515djava-1.7.0-openjdk-demo-1.7.0.85-2.6.1.3.el5_11.i386.rpm02505417f7d601f290faca787f59b45340326629java-1.7.0-openjdk-1.7.0.85-2.6.1.3.el5_11.i386.rpm7354c5aa64d463ce1877757627bb58a847d9d68ejava-1.7.0-openjdk-src-1.7.0.85-2.6.1.3.el5_11.i386.rpmf2f89a5f9ed30b4c10aa0f84eb6a33c744d79eefSLSA-2015:1455-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-2724, CVE-2015-2725, CVE-2015-2731, CVE-2015-2734, CVE-2015-2735, CVE-2015-2736, CVE-2015-2737, CVE-2015-2738, CVE-2015-2739, CVE-2015-2740) It was found that Thunderbird skipped key-pinning checks when handling an error that could be overridden by the user (for example an expired certificate error). This flaw allowed a user to override a pinned certificate, which is an action the user should not be able to perform. (CVE-2015-2741) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-31.8.0-1.el5_11.i386.rpmcdd057a959e6b070f4ba5bfa0743a1c0e1adf131SLSA-2015:1514-1A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named (functioning as an authoritative DNS server or a DNS resolver) exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2015-5477) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5bind-sdb-9.3.6-25.P1.el5_11.3.i386.rpmf0409ef02ee9af5bada65439505289d7df6986e9bind-devel-9.3.6-25.P1.el5_11.3.i386.rpm83ec2ed0dbc9356ad674ef9f4ace17addca40908bind-chroot-9.3.6-25.P1.el5_11.3.i386.rpmb343c20953742e10159f8d200f8452fd1570e8e5bind-9.3.6-25.P1.el5_11.3.i386.rpma8e61482e25375ec96ac4216f26eaee5f2728f7bbind-libbind-devel-9.3.6-25.P1.el5_11.3.i386.rpm4aa17cebb83dd10fe2b9f41909fac11b5af5dbeebind-libs-9.3.6-25.P1.el5_11.3.i386.rpm2abd626041ecb5bf717a5eb374994d0b902d4c88caching-nameserver-9.3.6-25.P1.el5_11.3.i386.rpmd36585ea98b9ee38ab1bc47e7ddeb9c7a44f072ebind-utils-9.3.6-25.P1.el5_11.3.i386.rpmf1ed9b54654817feb8dfd009587eb6d72304dd9bSLSA-2015:1515-1A flaw was found in the way BIND handled requests for TKEY DNS resource records. A remote attacker could use this flaw to make named (functioning as an authoritative DNS server or a DNS resolver) exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2015-5477) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5bind97-libs-9.7.0-21.P2.el5_11.2.i386.rpm84bf7d1d864db580dc5bbb90fea2b5407e442d25bind97-devel-9.7.0-21.P2.el5_11.2.i386.rpm5addda86d2ee30ee93e1cce88e5f88ef071269e5bind97-chroot-9.7.0-21.P2.el5_11.2.i386.rpmb1e312a45378082a6f9e8b3383f5e6183a281e4cbind97-utils-9.7.0-21.P2.el5_11.2.i386.rpm00370e3ee4ce1b10ecb3384ec207e802d5612e09bind97-9.7.0-21.P2.el5_11.2.i386.rpmdfd90b61509683df0063397766b97bdadfdc57a8SLSA-2015:1526-1Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol (OCSP) responses. An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X.509 certificate to be interpreted as valid. (CVE-2015-4748) It was discovered that the JCE component in OpenJDK failed to use constant time comparisons in multiple cases. An attacker could possibly use these flaws to disclose sensitive information by measuring the time used to perform operations using these non-constant time comparisons. (CVE-2015-2601) A flaw was found in the RC4 encryption algorithm. When using certain keys for RC4 encryption, an attacker could obtain portions of the plain text from the cipher text without the knowledge of the encryption key. (CVE-2015-2808) A flaw was found in the way the TLS protocol composed the Diffie-Hellman (DH) key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them to decrypt all traffic. (CVE-2015-4000) It was discovered that the JNDI component in OpenJDK did not handle DNS resolutions correctly. An attacker able to trigger such DNS errors could cause a Java application using JNDI to consume memory and CPU time, and possibly block further DNS resolution. (CVE-2015-4749) Multiple information leak flaws were found in the JMX and 2D components in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2015-2621, CVE-2015-2632) A flaw was found in the way the JSSE component in OpenJDK performed X.509 certificate identity verification when establishing a TLS/SSL connection to a host identified by an IP address. In certain cases, the certificate was accepted as valid if it was issued for a host name to which the IP address resolves rather than for the IP address. (CVE-2015-2625) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.6.0-openjdk-src-1.6.0.36-1.13.8.1.el5_11.i386.rpmc98d8ce4b40f0fcfa220fcb46e91f3231ccc800fjava-1.6.0-openjdk-devel-1.6.0.36-1.13.8.1.el5_11.i386.rpm4e01de94ede6b1af6f91d11c04ec85330055090ejava-1.6.0-openjdk-1.6.0.36-1.13.8.1.el5_11.i386.rpmda5e22d4a2dad4f42780cadd6b87d79e0e09ffd4java-1.6.0-openjdk-demo-1.6.0.36-1.13.8.1.el5_11.i386.rpm06b8a2c5ba5ba22c16125eca7f2edf049d98ea9djava-1.6.0-openjdk-javadoc-1.6.0.36-1.13.8.1.el5_11.i386.rpm7ac3699db3d7dd9ec82acec683d909bc5289a442SLSA-2015:1581-1A flaw was discovered in Mozilla Firefox that could be used to violate the same-origin policy and inject web script into a non-privileged part of the built-in PDF file viewer (PDF.js). An attacker could create a malicious web page that, when viewed by a victim, could steal arbitrary files (including private SSH keys, the /etc/passwd file, and other potentially sensitive files) from the system running Firefox. (CVE-2015-4495) After installing the update, Firefox must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5firefox-38.1.1-1.el5_11.i386.rpmb3593d204f38d38d22e636bda7a528a928a48d7fSLSA-2015:1586-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-4473, CVE-2015-4475, CVE-2015-4478, CVE-2015-4479, CVE-2015-4480, CVE-2015-4493, CVE-2015-4484, CVE-2015-4491, CVE-2015-4485, CVE-2015-4486, CVE-2015-4487, CVE-2015-4488, CVE-2015-4489, CVE-2015-4492) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-38.2.0-4.el5_11.i386.rpmeb435a602599e3b2fabbecca476c05e67991efdeSLSA-2015:1627-1An invalid free flaw was found in glibc's getaddrinfo() function when used with the AI_IDN flag. A remote attacker able to make an application call this function could use this flaw to execute arbitrary code with the permissions of the user running the application. Note that this flaw only affected applications using glibc compiled with libidn support. (CVE-2013-7424)moderateScientific Linux FermiScientific Linux Fermi 5nscd-2.5-123.el5_11.3.i386.rpm6e6717b603d72ccf025ccbabac97848b025d797fglibc-2.5-123.el5_11.3.i386.rpmb2cb4cb0500413654cc8cff0834b4beddd8e48b9glibc-2.5-123.el5_11.3.i686.rpmea16f455b7bfb59c64e5fac0dc981e5f4102b4faglibc-devel-2.5-123.el5_11.3.i386.rpm0f5a75716fdb49c7e78675e24e18d1b6b02a027fglibc-common-2.5-123.el5_11.3.i386.rpm27a70cb7b4dca6a368bfd6dc0cf1349a126ed654glibc-utils-2.5-123.el5_11.3.i386.rpm57ae55589acb2ed4def575c7f1fd00dd6178c54aglibc-headers-2.5-123.el5_11.3.i386.rpmae45be089c82ca635fb7fe2b7ced09400300a911SLSA-2015:1628-1This update fixes several vulnerabilities in the MySQL database server. (CVE-2014-6568, CVE-2015-0374, CVE-2015-0381, CVE-2015-0382, CVE-2015-0391, CVE-2015-0411, CVE-2015-0432, CVE-2015-0433, CVE-2015-0441, CVE-2015-0499, CVE-2015-0501, CVE-2015-0505, CVE-2015-2568, CVE-2015-2571, CVE-2015-2573, CVE-2015-2582, CVE-2015-2620, CVE-2015-2643, CVE-2015-2648, CVE-2015-4737, CVE-2015-4752, CVE-2015-4757) After installing this update, the MySQL server daemon (mysqld) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 5mysql55-mysql-devel-5.5.45-1.el5.i386.rpm9859d16de6c6166643319324e7b69afd0c2a058emysql55-mysql-5.5.45-1.el5.i386.rpm33fe4c0b32a53d3a2a69d6c5599cd3dcc4bd9cfemysql55-mysql-server-5.5.45-1.el5.i386.rpma82e5551d174f2aa579a790b0172a4f90f5aaa9emysql55-mysql-bench-5.5.45-1.el5.i386.rpm047aac751e5138e7a29677bd62e36e3fb11c6f4cmysql55-mysql-libs-5.5.45-1.el5.i386.rpmcc4b0cd98ba7448815242576c73e1d0edbb9d40cmysql55-mysql-test-5.5.45-1.el5.i386.rpm8f63956ad635e7cd62793a56201e94b7fcf7569aSLSA-2015:1664-1It was found that NSS permitted skipping of the ServerKeyExchange packet during a handshake involving ECDHE (Elliptic Curve Diffie-Hellman key Exchange). A remote attacker could use this flaw to bypass the forward- secrecy of a TLS/SSL connection. (CVE-2015-2721) A flaw was found in the way NSS verified certain ECDSA (Elliptic Curve Digital Signature Algorithm) signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks. (CVE-2015-2730) The nss packages have been upgraded to upstream version 3.19.1, which provides a number of bug fixes and enhancements over the previous version.moderateScientific Linux FermiScientific Linux Fermi 5nss-devel-3.19.1-1.el5_11.i386.rpma1729add6abba89226535b53b89263307a22df97nss-3.19.1-1.el5_11.i386.rpm26ca1b0197357ff40ef78986ba538b970ec2e14enss-tools-3.19.1-1.el5_11.i386.rpmed039cbdd36ccf436108511d6c1fe57354c7503anss-pkcs11-devel-3.19.1-1.el5_11.i386.rpmb3f7d44ac1ebc7d0ce5ebc907653eaeb382ec72dSLSA-2015:1682-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-4473, CVE-2015-4491, CVE-2015-4487, CVE-2015-4488, CVE-2015-4489) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message because JavaScript is disabled by default for mail messages. However, they could be exploited in other ways in Thunderbird (for example, by viewing the full remote content of an RSS feed). After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-38.2.0-4.el5_11.i386.rpm46ba4991576107bc31dfa576673a5addec5c7b9bSLSA-2015:1693-1A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-4497) A flaw was found in the way Firefox handled installation of add-ons. An attacker could use this flaw to bypass the add-on installation prompt, and trick the user inso installing an add-on from a malicious source. (CVE-2015-4498) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-38.2.1-1.el5_11.i386.rpm974bf34f50671d3f714f77a94f2e26c4c8e480a3SLSA-2015:1706-1A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query (for example, a query requiring a response from a zone containing a deliberately malformed key) that would cause named functioning as a validating resolver to crash. (CVE-2015-5722) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5bind-devel-9.3.6-25.P1.el5_11.4.i386.rpmb47ca3b31f2634b2cbb47be238f0bc2513cb8c17bind-chroot-9.3.6-25.P1.el5_11.4.i386.rpm951916485812c5b29cf9f4da36c254fe1da3f615bind-utils-9.3.6-25.P1.el5_11.4.i386.rpmb07bef2e3ae113d1605acfe02ee92539a6fd96a8bind-libbind-devel-9.3.6-25.P1.el5_11.4.i386.rpm9040d2b4f2da28c7c1cc15c0359982adf0a06a1fcaching-nameserver-9.3.6-25.P1.el5_11.4.i386.rpm6c0336fb33592ab2f0013e959c3767c45998b997bind-libs-9.3.6-25.P1.el5_11.4.i386.rpmf52f247e3dddf895e76a1fd34622c4ee0876c404bind-9.3.6-25.P1.el5_11.4.i386.rpmaabfea901a77dce6fb80d13e8e732984e69c1599bind-sdb-9.3.6-25.P1.el5_11.4.i386.rpm1a1cb6e693345db8e86362913d5098a430b780b5SLSA-2015:1707-1A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query (for example, a query requiring a response from a zone containing a deliberately malformed key) that would cause named functioning as a validating resolver to crash. (CVE-2015-5722) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5bind97-chroot-9.7.0-21.P2.el5_11.3.i386.rpmbbd54568eb09597ff655f8a762b826bc1140228ebind97-9.7.0-21.P2.el5_11.3.i386.rpm6e6ce17eed3d0ceb4cc85bfc551de56204b3b8a7bind97-devel-9.7.0-21.P2.el5_11.3.i386.rpm473be47dbea90d957337b10403474c43b3daf920bind97-utils-9.7.0-21.P2.el5_11.3.i386.rpm9890b032ccf98034d399c1bbd82d3ebdba0d32cbbind97-libs-9.7.0-21.P2.el5_11.3.i386.rpm6d3f3ff07ad08af5ee19bee9ba1cc6c6adb3f343SLSA-2015:1834-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-4500, CVE-2015-4509, CVE-2015-4510) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-38.3.0-2.el5_11.i386.rpm79e41d576ff036c28fd2b946b95af0e724cf2111SLSA-2015:1840-1A flaw was found in the way the OpenLDAP server daemon (slapd) parsed certain Basic Encoding Rules (BER) data. A remote attacker could use this flaw to crash slapd via a specially crafted packet. (CVE-2015-6908)importantScientific Linux FermiScientific Linux Fermi 5openldap-devel-2.3.43-29.el5_11.i386.rpme2cc3b38293946be627c8f71fd880330a83f5913openldap-2.3.43-29.el5_11.i386.rpmfaefbf2d40b06db1a21f61474b51aa46f38db72dopenldap-servers-2.3.43-29.el5_11.i386.rpm60464d788822770647da3d9ef6e4fc00597e35abopenldap-servers-overlays-2.3.43-29.el5_11.i386.rpm49e24d7f25acf800d20731b14ac6d3d3ab73fb58openldap-servers-sql-2.3.43-29.el5_11.i386.rpm2daba11806a7c2f4b59868d5248a314eca673095openldap-clients-2.3.43-29.el5_11.i386.rpm1d253563e1e009b7c73c8f0f3e925367ce2733c8compat-openldap-2.3.43_2.2.29-29.el5_11.i386.rpm2fdfd05cb2185d7466693b59fa01d3654aa364a7SLSA-2015:1852-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-4500, CVE-2015-4509, CVE-2015-4517, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180) Two information leak flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to disclose sensitive information or, in certain cases, crash. (CVE-2015-4519, CVE-2015-4520) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message because JavaScript is disabled by default for mail messages. However, they could be exploited in other ways in Thunderbird (for example, by viewing the full remote content of an RSS feed). After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-38.3.0-1.el5_11.i386.rpm2dd7e094e30e0d7da7467b2abf026add406c8e38SLSA-2015:1921-1Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883, CVE-2015-4860, CVE-2015-4805, CVE-2015-4844) Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed. (CVE-2015-4803, CVE-2015-4893, CVE-2015-4911) It was discovered that the Security component in OpenJDK failed to properly check if a certificate satisfied all defined constraints. In certain cases, this could cause a Java application to accept an X.509 certificate which does not meet requirements of the defined policy. (CVE-2015-4872) Multiple flaws were found in the Libraries, 2D, CORBA, JAXP, JGSS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4806, CVE-2015-4840, CVE-2015-4882, CVE-2015-4842, CVE-2015-4734, CVE-2015-4903) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.7.0-openjdk-javadoc-1.7.0.91-2.6.2.1.el5_11.i386.rpm48f8f8e6e295fb746493e834f0a167d9085b97edjava-1.7.0-openjdk-demo-1.7.0.91-2.6.2.1.el5_11.i386.rpmf7464109a4d89b0fe9c11e9f1c9658b5e45c6d04java-1.7.0-openjdk-src-1.7.0.91-2.6.2.1.el5_11.i386.rpma087ad78a74be2c4f2c2e8790e785d873269a171java-1.7.0-openjdk-devel-1.7.0.91-2.6.2.1.el5_11.i386.rpm9b34a1bbc97eb7ac89451e5a6392d0c99a98b405java-1.7.0-openjdk-1.7.0.91-2.6.2.1.el5_11.i386.rpm750fd2f14ff93fb6c35d91e715905aaa7add82f2SLSA-2015:1980-1A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. (CVE-2015-7181, CVE-2015-7182) A heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library. (CVE-2015-7183)criticalScientific Linux FermiScientific Linux Fermi 5nss-3.19.1-2.el5_11.i386.rpmdd734b2e3fff8c85657475344d91fb412afa3068nspr-4.10.8-2.el5_11.i386.rpmcd56b2cc7b83db55f5c390522a64624a88810eednspr-devel-4.10.8-2.el5_11.i386.rpm1e1f2919683582013178ab7364a055a6df823d14nss-devel-3.19.1-2.el5_11.i386.rpm274fa8c3dc3b544ed1b5154ea431ae3dddbd22d9nss-pkcs11-devel-3.19.1-2.el5_11.i386.rpm9a4057c6be3c9d5227029a9cf43658b8c029889fnss-tools-3.19.1-2.el5_11.i386.rpm5ea51d97be2c8cd469fa315d26cd064e44cf0b76SLSA-2015:1982-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-4513, CVE-2015-7189, CVE-2015-7194, CVE-2015-7196, CVE-2015-7198, CVE-2015-7197) A same-origin policy bypass flaw was found in the way Firefox handled certain cross-origin resource sharing (CORS) requests. A web page containing malicious content could cause Firefox to disclose sensitive information. (CVE-2015-7193) A same-origin policy bypass flaw was found in the way Firefox handled URLs containing IP addresses with white-space characters. This could lead to cross-site scripting attacks. (CVE-2015-7188) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-38.4.0-1.el5_11.i386.rpm8076757381e9b8bbeaae30eb543e9ad0732371d2SLSA-2015:2065-1A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance (denial of service) or potentially execute arbitrary code on the host. (CVE-2015-5279) After installing the updated packages, all running fully-virtualized guests must be restarted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5xen-3.0.3-147.el5_11.i386.rpmf34048c321049c925555686beb3169c160938602xen-libs-3.0.3-147.el5_11.i386.rpm54ee5bc39db8e469ab997800db0027e64d6d1e1fxen-devel-3.0.3-147.el5_11.i386.rpme04075bdb4f6124deadd13eda6790e0440956b1cSLSA-2015:2086-1Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2015-4835, CVE-2015-4881, CVE-2015-4843, CVE-2015-4883, CVE-2015-4860, CVE-2015-4805, CVE-2015-4844) Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed. (CVE-2015-4803, CVE-2015-4893, CVE-2015-4911) It was discovered that the Security component in OpenJDK failed to properly check if a certificate satisfied all defined constraints. In certain cases, this could cause a Java application to accept an X.509 certificate which does not meet requirements of the defined policy. (CVE-2015-4872) Multiple flaws were found in the Libraries, CORBA, JAXP, JGSS, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4806, CVE-2015-4882, CVE-2015-4842, CVE-2015-4734, CVE-2015-4903) All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.6.0-openjdk-devel-1.6.0.37-1.13.9.4.el5_11.i386.rpmd1d576363524d5c8a397d214cff7959b4315f505java-1.6.0-openjdk-javadoc-1.6.0.37-1.13.9.4.el5_11.i386.rpmac4d799e494106366a313c28b1edd9f0be90ac10java-1.6.0-openjdk-src-1.6.0.37-1.13.9.4.el5_11.i386.rpm22507b2ee97e12b360e2eb82573a59c6a0b44d28java-1.6.0-openjdk-demo-1.6.0.37-1.13.9.4.el5_11.i386.rpmd088735655c5f61c586408ed612084d4ea6fe505java-1.6.0-openjdk-1.6.0.37-1.13.9.4.el5_11.i386.rpme8aba57da33201e8fe9ae083247717413868e66cSLSA-2015:2519-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-4513, CVE-2015-7189, CVE-2015-7197, CVE-2015-7198, CVE-2015-7199, CVE-2015-7200) A same-origin policy bypass flaw was found in the way Thunderbird handled certain cross-origin resource sharing (CORS) requests. A web page containing malicious content could cause Thunderbird to disclose sensitive information. (CVE-2015-7193) Note: All of the above issues cannot be exploited by a specially crafted HTML mail message because JavaScript is disabled by default for mail messages. However, they could be exploited in other ways in Thunderbird (for example, by viewing the full remote content of an RSS feed). After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-38.4.0-1.el5_11.i386.rpmf39fd7710048a669bb0a2c5a31bbba72d9a16242SLSA-2015:2616-1A memory leak vulnerability was found in the way OpenSSL parsed PKCS#7 and CMS data. A remote attacker could use this flaw to cause an application that parses PKCS#7 or CMS data from untrusted sources to use an excessive amount of memory and possibly crash. (CVE-2015-3195) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.moderateScientific Linux FermitrueScientific Linux Fermi 5openssl-0.9.8e-37.el5_11.i686.rpm6f4eac8f59b1fcc15144e8003180762a17634c05openssl-devel-0.9.8e-37.el5_11.i386.rpm35aaaad1dbf1c306ad9b5de9c353bddb1ee543a2openssl-perl-0.9.8e-37.el5_11.i386.rpm8eacc0f78ad0b2f6e5ab336553cf053b91f861c5openssl-0.9.8e-37.el5_11.i386.rpm29996b83b41ef38e5398a5ac12265ef0995e85ffSLSA-2015:2656-1A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server to crash. (CVE-2015-8000) Note: This issue affects authoritative servers as well as recursive servers, however authoritative servers are at limited risk if they perform authentication when making recursive queries to resolve addresses for servers listed in NS RRSETs. After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5bind-libs-9.3.6-25.P1.el5_11.5.i386.rpmf1979f3cb395c57ec997ba1a37d91bf40649cb4bbind-chroot-9.3.6-25.P1.el5_11.5.i386.rpm320db9313455852e664aa8dde149a321c17fa994bind-9.3.6-25.P1.el5_11.5.i386.rpmb93e2c22437290cb6485c16965e373d0dbd1dc51bind-sdb-9.3.6-25.P1.el5_11.5.i386.rpm18eef89018cf7a744e97e8efb2c64042a8be30e9caching-nameserver-9.3.6-25.P1.el5_11.5.i386.rpm36954668cca0544dabddcef718d06176fa21f1aebind-devel-9.3.6-25.P1.el5_11.5.i386.rpm47e6fe1350b1154fcbb58ccad78038b98668ee87bind-libbind-devel-9.3.6-25.P1.el5_11.5.i386.rpmbebbd6b83a598aac6d7ee6161caa6be01895791fbind-utils-9.3.6-25.P1.el5_11.5.i386.rpmad46c93787865a9515603051ea533c623a2e557aSLSA-2015:2657-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2015-7201, CVE-2015-7205, CVE-2015-7210, CVE-2015-7212, CVE-2015-7213, CVE-2015-7222) A flaw was found in the way Firefox handled content using the 'data:' and 'view-source:' URIs. An attacker could use this flaw to bypass the same- origin policy and read data from cross-site URLs and local files. (CVE-2015-7214) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-38.5.0-2.el5_11.i386.rpm16e12acad5d2b556dbfe7e7a060f134132b5fa1cSLSA-2015:2658-1A denial of service flaw was found in the way BIND processed certain records with malformed class attributes. A remote attacker could use this flaw to send a query to request a cached record with a malformed class attribute that would cause named functioning as an authoritative or recursive server to crash. (CVE-2015-8000) Note: This issue affects authoritative servers as well as recursive servers, however authoritative servers are at limited risk if they perform authentication when making recursive queries to resolve addresses for servers listed in NS RRSETs. After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5bind97-chroot-9.7.0-21.P2.el5_11.4.i386.rpm27e22a8af5598a7e880d8d27c4f4a845025c99f9bind97-9.7.0-21.P2.el5_11.4.i386.rpm397af007024172368b95e457801fe50fd22374f5bind97-utils-9.7.0-21.P2.el5_11.4.i386.rpm8b55d89ddc7156c0ddf458289374e6910ef51454bind97-libs-9.7.0-21.P2.el5_11.4.i386.rpm033088a02cec86db9a9158cf760c17088e5fdb82bind97-devel-9.7.0-21.P2.el5_11.4.i386.rpm5167593edfe64cf78c794189603a8ff8ebfe9e57SLSA-2015:2671-1It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons- collections library. (CVE-2015-7501) With this update, deserialization of certain classes in the commons- collections library is no longer allowed. Applications that require those classes to be deserialized can use the system property "org.apache.commons.collections.enableUnsafeSerialization" to re-enable their deserialization. In the interim, the quickest way to resolve this specific deserialization vulnerability is to remove the vulnerable class files (InvokerTransformer, InstantiateFactory, and InstantiateTransformer) in all commons-collections jar files. Any manual changes should be tested to avoid unforseen complications. All running applications using the commons-collections library must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5jakarta-commons-collections-testframework-javadoc-3.2-2jpp.4.i386.rpme9e588e131df685d5486fa8dbebaed578f1dde13jakarta-commons-collections-testframework-3.2-2jpp.4.i386.rpm353ae63df3dba2800349265c8a810762ba74900djakarta-commons-collections-tomcat5-3.2-2jpp.4.i386.rpmc15360932879412e9b5236a43f7d00a9f792e214jakarta-commons-collections-3.2-2jpp.4.i386.rpm973d8478a33c6e26101b44e90092ff9fac5bcfa0jakarta-commons-collections-javadoc-3.2-2jpp.4.i386.rpmea435fc90518a9bdb7ea7f3272f7fc85ec2ff3bfSLSA-2016:0001-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2015-7201, CVE-2015-7205, CVE-2015-7212, CVE-2015-7213) A flaw was found in the way Thunderbird handled content using the 'data:' and 'view-source:' URIs. An attacker could use this flaw to bypass the same-origin policy and read data from cross-site URLs and local files. (CVE-2015-7214) After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-38.5.0-1.el5_11.i386.rpmd53670923a383e25fcfdb46d955cc7d59a2c016aSLSA-2016:0045-1* Two flaws were found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use these flaws to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality. (CVE-2015-5364, CVE-2015-5366, Important) The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5kernel-headers-2.6.18-408.el5.i386.rpme73814b859ae2af834261b5680ef09ad8114a2f8kernel-PAE-devel-2.6.18-408.el5.i686.rpm6a8d934c8a9623886aece15d209621d47ca95b95kernel-2.6.18-408.el5.i686.rpm57bebb344a5a9b236f42124000589fd78c33daaakernel-doc-2.6.18-408.el5.noarch.rpmee704d4382b96377df452de416d643131c417669kernel-debug-2.6.18-408.el5.i686.rpm50d090b48289ba77cc6fad366d236086fc18b50ckernel-debug-devel-2.6.18-408.el5.i686.rpm34590cddb4bd9c675d59cec6cc4da69adf58dca1kernel-xen-devel-2.6.18-408.el5.i686.rpm50953c7f06ba6cbef2fe6b7ba1acb41f59561ff9kernel-PAE-2.6.18-408.el5.i686.rpm2a0ee53358388ead556d4b55f09af02418b58636kernel-xen-2.6.18-408.el5.i686.rpma032f1dc626335b3c602a5c9fa62e31cd08ad0f6kernel-devel-2.6.18-408.el5.i686.rpma6fa617015e19888b3fffc0b4a781622cf1e79b3SLSA-2016:0054-1An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2016-0483) An integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2016-0494) It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory. (CVE-2016-0466) A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client. (CVE-2015-7575) Multiple flaws were discovered in the Libraries, Networking, and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2015-4871, CVE-2016-0402, CVE-2016-0448) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.7.0-openjdk-1.7.0.95-2.6.4.1.el5_11.i386.rpm90f88d31a8371863e03955eebaf7824784f5c631java-1.7.0-openjdk-src-1.7.0.95-2.6.4.1.el5_11.i386.rpm4c2312c155cf396999a89931d1e9de144238293fjava-1.7.0-openjdk-demo-1.7.0.95-2.6.4.1.el5_11.i386.rpmaddc971e13f71804da33540e2303f65f54738fb9java-1.7.0-openjdk-javadoc-1.7.0.95-2.6.4.1.el5_11.i386.rpmd8a1cd1f2b4ccab01f3439989619a74fe08b61f4java-1.7.0-openjdk-devel-1.7.0.95-2.6.4.1.el5_11.i386.rpmd83d35e63f9a1d8e3c400fdbda8ab86260eae206SLSA-2016:0067-1An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions. (CVE-2016-0483) An integer signedness issue was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions. (CVE-2016-0494) It was discovered that the JAXP component in OpenJDK did not properly enforce the totalEntitySizeLimit limit. An attacker able to make a Java application process a specially crafted XML file could use this flaw to make the application consume an excessive amount of memory. (CVE-2016-0466) Multiple flaws were discovered in the Networking and JMX components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2016-0402, CVE-2016-0448) Note: This update also disallows the use of the MD5 hash algorithm in the certification path processing. The use of MD5 can be re-enabled by removing MD5 from the jdk.certpath.disabledAlgorithms security property defined in the java.security file. All running instances of OpenJDK Java must be restarted for the update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5java-1.6.0-openjdk-demo-1.6.0.38-1.13.10.0.el5_11.i386.rpm3c3e553e5911c80defd335f84722c429bc55b290java-1.6.0-openjdk-src-1.6.0.38-1.13.10.0.el5_11.i386.rpm820f0d46d986dc30d439b95d7ccc2bbd5e2af5ccjava-1.6.0-openjdk-devel-1.6.0.38-1.13.10.0.el5_11.i386.rpma7c244443c0dfefd37126fb6c5356ea9b0a4cfc3java-1.6.0-openjdk-1.6.0.38-1.13.10.0.el5_11.i386.rpma9dc616a167ea08cec829d30aa0b5e116c26902djava-1.6.0-openjdk-javadoc-1.6.0.38-1.13.10.0.el5_11.i386.rpm27c06ac6765c79058b67a297537a031df79d09a8SLSA-2016:0071-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1930, CVE-2016-1935) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-38.6.0-1.el5_11.i386.rpm37a823f81bce50fa15adc8013b265065f34c2606SLSA-2016:0073-1A denial of service flaw was found in the way BIND processed certain malformed Address Prefix List (APL) records. A remote, authenticated attacker could use this flaw to cause named to crash. (CVE-2015-8704) After installing the update, the BIND daemon (named) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 5bind-libbind-devel-9.3.6-25.P1.el5_11.6.i386.rpm085be36db708de4d962fe9594617c1f582c34610bind-utils-9.3.6-25.P1.el5_11.6.i386.rpmf12490898c2b28340e311293c3317934133069e5caching-nameserver-9.3.6-25.P1.el5_11.6.i386.rpm2626a4990ea45622cb96283466acdc3fec4f3f8fbind-9.3.6-25.P1.el5_11.6.i386.rpmb328cfe06a05efa4eedacf5e607a0c6875f99d03bind-devel-9.3.6-25.P1.el5_11.6.i386.rpm61ed3980a83426d5e890ffeaf5148c6558410c58bind-sdb-9.3.6-25.P1.el5_11.6.i386.rpmddef10dc463c703a7a7b3ffcebba9d7c5b3871a0bind-libs-9.3.6-25.P1.el5_11.6.i386.rpmc62457076ccd4491e4d7b48c654917d0497f3005bind-chroot-9.3.6-25.P1.el5_11.6.i386.rpmf43cf6890a018f2eae7243ee3811b78b0f4258f1SLSA-2016:0074-1A denial of service flaw was found in the way BIND processed certain malformed Address Prefix List (APL) records. A remote, authenticated attacker could use this flaw to cause named to crash. (CVE-2015-8704) After installing the update, the BIND daemon (named) will be restarted automatically.moderateScientific Linux FermiScientific Linux Fermi 5bind97-devel-9.7.0-21.P2.el5_11.5.i386.rpm6005ed75813dd7561286cac6d20c556cbeb9d609bind97-9.7.0-21.P2.el5_11.5.i386.rpmb49fd681021056969c07f1fe69ed70d1e8e113d2bind97-libs-9.7.0-21.P2.el5_11.5.i386.rpm71e1799802df3a865150d76e4fd41f31122d2c45bind97-chroot-9.7.0-21.P2.el5_11.5.i386.rpm2a6bac1a8b0b25ac535745920323d552d03dd64cbind97-utils-9.7.0-21.P2.el5_11.5.i386.rpm6d7aeb9403012217ef242db34a325d8676c5792eSLSA-2016:0197-1Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1521, CVE-2016-1522, CVE-2016-1523) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-38.6.1-1.el5_11.i386.rpmc5b5e8d2da5c079ef5deb27e220afd80048e2fcaSLSA-2016:0258-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-1930, CVE-2016-1935) After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-38.6.0-1.el5_11.i386.rpm6c6ba2a711a8d262dc864230fbda2a276022e593SLSA-2016:0302-1A padding oracle flaw was found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker can potentially use this flaw to decrypt RSA-encrypted cipher text from a connection using a newer SSL/TLS protocol version, allowing them to decrypt such connections. This cross-protocol attack is publicly referred to as DROWN. (CVE-2016-0800) A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. (CVE-2015-3197) An integer overflow flaw, leading to a NULL pointer dereference or a heap- based memory corruption, was found in the way some BIGNUM functions of OpenSSL were implemented. Applications that use these functions with large untrusted input could crash or, potentially, execute arbitrary code. (CVE-2016-0797) For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.importantScientific Linux FermitrueScientific Linux Fermi 5openssl-devel-0.9.8e-39.el5_11.i386.rpmde59d51cbe7b8a5c4c8f8e5daa6e6738daa83c5dopenssl-0.9.8e-39.el5_11.i686.rpm0391159dde59ae4cfd645059158fa9a8fc541522openssl-perl-0.9.8e-39.el5_11.i386.rpmebc3bb84eb38561c6ec97481b7956a3c8d7480a2openssl-0.9.8e-39.el5_11.i386.rpm997ad242b99b2d47952567df774c5c16f7ab8ef1SLSA-2016:0371-1A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. (CVE-2016-1950) For the update to take effect, all applications linked to the nss library must be restarted, or the system rebooted.criticalScientific Linux FermitrueScientific Linux Fermi 5nss-pkcs11-devel-3.19.1-4.el5_11.i386.rpme9503df32a6d392166eddbd691eaed391d29e5b6nss-tools-3.19.1-4.el5_11.i386.rpm79c32dcf700fca68caa055361b504cf7f2fd30f1nss-devel-3.19.1-4.el5_11.i386.rpm8cbe44f80e381ab067b2ec072bfc14df2112e0f8nss-3.19.1-4.el5_11.i386.rpm3cc238236ea3690a4a821abb88aea8bb9414e355SLSA-2016:0373-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1958, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1973, CVE-2016-1974, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966) Multiple security flaws were found in the graphite2 font library shipped with Firefox. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802) After installing the update, Firefox must be restarted for the changes to take effect.criticalScientific Linux FermitrueScientific Linux Fermi 5firefox-38.7.0-1.el5_11.i386.rpm5b1508ec1db1fdb10b88affc049eb679b6c8212cSLSA-2016:0450-1* An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system. (CVE-2013-2596, Important) * It was found that the Xen hypervisor x86 CPU emulator implementation did not correctly handle certain instructions with segment overrides, potentially resulting in a memory corruption. A malicious guest user could use this flaw to read arbitrary data relating to other guests, cause a denial of service on the host, or potentially escalate their privileges on the host. (CVE-2015-2151, Important) This update also fixes the following bugs: * Previously, the CPU power of a CPU group could be zero. As a consequence, a kernel panic occurred at "find_busiest_group+570" with do_divide_error. The provided patch ensures that the division is only performed if the CPU power is not zero, and the aforementioned panic no longer occurs. * Prior to this update, a bug occurred when performing an online resize of an ext4 file system which had been previously converted from ext3. As a consequence, the kernel crashed. The provided patch fixes online resizing for such file systems by limiting the blockgroup search loop for non- extent files, and the mentioned kernel crash no longer occurs. The system must be rebooted for this update to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5kernel-devel-2.6.18-409.el5.i686.rpm81aa9dbc8cff6dc27bcff750d67fd33f567a150bkernel-xen-2.6.18-409.el5.i686.rpm298886590428d41745321e515f01a0ff63c2fc6ekernel-debug-2.6.18-409.el5.i686.rpmc149af114bb5bf9bee115f68cb915fe85f3fa22ekernel-headers-2.6.18-409.el5.i386.rpma606870b4246c3a8bac01c488557ab8d74cd2a65kernel-doc-2.6.18-409.el5.noarch.rpme5d87ce281e04e8e4e4471c796992c9b47a6f398kernel-2.6.18-409.el5.i686.rpmc301a182c1487e314a37cbce8c1a1037ce0231aakernel-PAE-devel-2.6.18-409.el5.i686.rpm721cf97176584dd5e974e505022df4ae5802c19dkernel-PAE-2.6.18-409.el5.i686.rpmc8bc510333aa5dacf2dd079bc8f2a11303e0ce76kernel-debug-devel-2.6.18-409.el5.i686.rpm9a997bc028ff99d11430121e7a3f1e5fd8256584kernel-xen-devel-2.6.18-409.el5.i686.rpmf0e29d7e165efac6d152aeae0c22887dafa3ac88SLSA-2016:0458-1A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash. (CVE-2016-1286) A denial of service flaw was found in the way BIND processed certain control channel input. A remote attacker able to send a malformed packet to the control channel could use this flaw to cause named to crash. (CVE-2016-1285) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5bind97-utils-9.7.0-21.P2.el5_11.6.i386.rpmccce5175a93ebeeb7b9933d49f169e3bd640b22cbind97-9.7.0-21.P2.el5_11.6.i386.rpm721dfab75b902fa22c0545ff5336ee143d32b6b6bind97-libs-9.7.0-21.P2.el5_11.6.i386.rpmea1326985373382d04a80dd6f72a910fb27d38bdbind97-devel-9.7.0-21.P2.el5_11.6.i386.rpme55019aea759e302c164a938b2aff3c370a98a27bind97-chroot-9.7.0-21.P2.el5_11.6.i386.rpmfe5f3f20c46914fd19512fcaa2c176a65724bb3dSLSA-2016:0459-1A denial of service flaw was found in the way BIND parsed signature records for DNAME records. By sending a specially crafted query, a remote attacker could use this flaw to cause named to crash. (CVE-2016-1286) A denial of service flaw was found in the way BIND processed certain control channel input. A remote attacker able to send a malformed packet to the control channel could use this flaw to cause named to crash. (CVE-2016-1285) After installing the update, the BIND daemon (named) will be restarted automatically.importantScientific Linux FermiScientific Linux Fermi 5bind-libs-9.3.6-25.P1.el5_11.8.i386.rpmd23a34e9b1c172af08dea3c97599153baf2ce37abind-chroot-9.3.6-25.P1.el5_11.8.i386.rpmf258c3ddc0563b9bd1475f90482ad36bd5aa6ff4bind-9.3.6-25.P1.el5_11.8.i386.rpm85483df661ee01646765297490a4dfed21647c35bind-libbind-devel-9.3.6-25.P1.el5_11.8.i386.rpm522fcea630facdbb904d98dca8a1b11568024f50bind-devel-9.3.6-25.P1.el5_11.8.i386.rpm823677baca4cd37980f04f36b1c99793b6385056caching-nameserver-9.3.6-25.P1.el5_11.8.i386.rpmf6845c5a061f7b7795ffa57501227beef19750bebind-sdb-9.3.6-25.P1.el5_11.8.i386.rpmebde1fc4d63f135bb1c5fd16e0262b8373889335bind-utils-9.3.6-25.P1.el5_11.8.i386.rpmb85e02712119a8edde757ba6801b102d1e6be9f4SLSA-2016:0460-1Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-1952, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1974, CVE-2016-1964, CVE-2016-1966) Multiple security flaws were found in the graphite2 font library shipped with Thunderbird. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802) After installing the update, Thunderbird must be restarted for the changes to take effect.importantScientific Linux FermitrueScientific Linux Fermi 5thunderbird-38.7.0-1.el5_11.i386.rpmeb72b920779df6a068114beb425559ce9094e219SLSA-2016:0512-1Security Fix(es): * An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. (CVE-2016-0636)importantScientific Linux FermiScientific Linux Fermi 5java-1.7.0-openjdk-devel-1.7.0.99-2.6.5.0.el5_11.i386.rpm861754815521d0833b5b33ff9ddeec197abee810java-1.7.0-openjdk-src-1.7.0.99-2.6.5.0.el5_11.i386.rpm3a0bc915050d54de97d4844fbb0465eead68b3d9java-1.7.0-openjdk-demo-1.7.0.99-2.6.5.0.el5_11.i386.rpmf1b53c7a075c2458c60bc65cdd323ddc7c74cd3djava-1.7.0-openjdk-javadoc-1.7.0.99-2.6.5.0.el5_11.i386.rpm04a4cd14d07f1755143f27c188570a3d77464776java-1.7.0-openjdk-1.7.0.99-2.6.5.0.el5_11.i386.rpm57eb3c5cc59a04cde87a6eeded85a18bcdfbfd2aSLSA-2016:0613-1Security Fix(es): * Multiple flaws were found in Samba's DCE/RPC protocol implementation. A remote, authenticated attacker could use these flaws to cause a denial of service against the Samba server (high CPU load or a crash) or, possibly, execute arbitrary code with the permissions of the user running Samba (root). This flaw could also be used to downgrade a secure DCE/RPC connection by a man-in-the-middle attacker taking control of an Active Directory (AD) object and compromising the security of a Samba Active Directory Domain Controller (DC). (CVE-2015-5370) Note: While Samba packages as shipped in Scientific Linux do not support running Samba as an AD DC, this flaw applies to all roles Samba implements. * A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database. (CVE-2016-2118) * Several flaws were found in Samba's implementation of NTLMSSP authentication. An unauthenticated, man-in-the-middle attacker could use this flaw to clear the encryption and integrity flags of a connection, causing data to be transmitted in plain text. The attacker could also force the client or server into sending data in plain text even if encryption was explicitly requested for that connection. (CVE-2016-2110) * It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine. (CVE-2016-2111) * It was found that Samba's LDAP implementation did not enforce integrity protection for LDAP connections. A man-in-the-middle attacker could use this flaw to downgrade LDAP connections to use no integrity protection, allowing them to hijack such connections. (CVE-2016-2112) * It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client. (CVE-2016-2115)criticalScientific Linux FermiScientific Linux Fermi 5samba3x-common-3.6.23-12.el5_11.i386.rpm4cb875a9e641ba5aad740b84d81589e22fc173a6samba3x-domainjoin-gui-3.6.23-12.el5_11.i386.rpmdebfda24d70cb206c2efe194a7a2937dfa9f5f77samba3x-client-3.6.23-12.el5_11.i386.rpm99817317d0d816ac4a82392f51ba78428bb3d8e2samba3x-3.6.23-12.el5_11.i386.rpma9f3fccc70b416d81f3a67713f3dca9926812d77samba3x-winbind-devel-3.6.23-12.el5_11.i386.rpm57900a4deb381b4a0b8eb06c8ea1ca6fe47ad4bdsamba3x-swat-3.6.23-12.el5_11.i386.rpm8619a965414cbe1f7ce48a12dffc289d18df5b10samba3x-winbind-3.6.23-12.el5_11.i386.rpm251f80ef69b13a4e399f6cd872ebfff9541ccd7asamba3x-doc-3.6.23-12.el5_11.i386.rpm98668d2374972f5353c3feaae6e0b94648de6aa0SLSA-2016:0621-1Security Fix(es): * A protocol flaw, publicly referred to as Badlock, was found in the Security Account Manager Remote Protocol (MS-SAMR) and the Local Security Authority (Domain Policy) Remote Protocol (MS-LSAD). Any authenticated DCE/RPC connection that a client initiates against a server could be used by a man-in-the-middle attacker to impersonate the authenticated user against the SAMR or LSA service on the server. As a result, the attacker would be able to get read/write access to the Security Account Manager database, and use this to reveal all passwords or any other potentially sensitive information in that database. (CVE-2016-2118) * Several flaws were found in Samba's implementation of NTLMSSP authentication. An unauthenticated, man-in-the-middle attacker could use this flaw to clear the encryption and integrity flags of a connection, causing data to be transmitted in plain text. The attacker could also force the client or server into sending data in plain text even if encryption was explicitly requested for that connection. (CVE-2016-2110) * It was discovered that Samba configured as a Domain Controller would establish a secure communication channel with a machine using a spoofed computer name. A remote attacker able to observe network traffic could use this flaw to obtain session-related information about the spoofed machine. (CVE-2016-2111) * It was found that Samba's LDAP implementation did not enforce integrity protection for LDAP connections. A man-in-the-middle attacker could use this flaw to downgrade LDAP connections to use no integrity protection, allowing them to hijack such connections. (CVE-2016-2112) * It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client. (CVE-2016-2115)importantScientific Linux FermiScientific Linux Fermi 5libsmbclient-devel-3.0.33-3.41.el5_11.i386.rpmb94cdbcef4b314d51c0fe5980963a2eac58f3bddsamba-common-3.0.33-3.41.el5_11.i386.rpm2d210f5711de945c58ecc51ffe8104cf9689a8f0samba-swat-3.0.33-3.41.el5_11.i386.rpmf77e5598844aa2a2e80f8aba9694ad0b606e50c0samba-client-3.0.33-3.41.el5_11.i386.rpm0d43f36ba6f774e091958d393f875b70addc12c8libsmbclient-3.0.33-3.41.el5_11.i386.rpmd6460501907411d26884faf8f2a0b32cafed7e61samba-3.0.33-3.41.el5_11.i386.rpm3390f6846298eae85a0ff2be84b7ede940afdd89SLSA-2016:0676-1Security Fix(es): * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)criticalScientific Linux FermiScientific Linux Fermi 5java-1.7.0-openjdk-javadoc-1.7.0.101-2.6.6.1.el5_11.i386.rpm5cb6f32f944c1e6afdf4784687636493470eea2cjava-1.7.0-openjdk-src-1.7.0.101-2.6.6.1.el5_11.i386.rpmf4aad8a21099202a4f6619bd77e0149ec9cd6048java-1.7.0-openjdk-demo-1.7.0.101-2.6.6.1.el5_11.i386.rpm81fe5377ca19662440829864223e07e35db8f0aejava-1.7.0-openjdk-1.7.0.101-2.6.6.1.el5_11.i386.rpm2ec8c84d26dc8a70ebefe23b8a609ccdeaf1c3e7java-1.7.0-openjdk-devel-1.7.0.101-2.6.6.1.el5_11.i386.rpm9fedccd336ca28782f1c33bb6d07104a679f9ebeSLSA-2016:0684-1The following packages have been upgraded to a newer upstream version: nss 3.21.0, nspr 4.11.0. Security Fix(es): * A use-after-free flaw was found in the way NSS handled DHE (Diffie- Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application. (CVE-2016-1978) * A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys. An attacker could use this flaw to create a specially crafted DER encoded certificate which, when parsed by an application compiled against the NSS library, could cause that application to crash, or execute arbitrary code using the permissions of the user running the application. (CVE-2016-1979)moderateScientific Linux FermiScientific Linux Fermi 5nspr-devel-4.11.0-1.el5_11.i386.rpm819a9e8fc52216f447f885864917fb66d3bf10b9nss-3.21.0-6.el5_11.i386.rpm2fa27924a12d86e02c06d2a77cd80f5e4b982202nss-tools-3.21.0-6.el5_11.i386.rpm529abb836f9f2131fecf09fe391bb6dc0aa4fa41nss-pkcs11-devel-3.21.0-6.el5_11.i386.rpmffdf488e2d5951db2bac16fc48e7326deb0869e0nss-devel-3.21.0-6.el5_11.i386.rpm06526a09a19e653c4530684094b2b8263160854fnspr-4.11.0-1.el5_11.i386.rpm6244dfb651659617b8c7dc616449bc2e49d1290dSLSA-2016:0695-1This update upgrades Firefox to version 45.1.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-2805, CVE-2016-2806, CVE-2016-2807, CVE-2016-2808, CVE-2016-2814)criticalScientific Linux FermiScientific Linux Fermi 5firefox-45.1.0-1.el5_11.i386.rpmc9e3eca0d13f734f19122e571b158b3209fabd29SLSA-2016:0723-1Security Fix(es): * Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-0686, CVE-2016-0687) * It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. (CVE-2016-3427) * It was discovered that the JAXP component in OpenJDK failed to properly handle Unicode surrogate pairs used as part of the XML attribute values. Specially crafted XML input could cause a Java application to use an excessive amount of memory when parsed. (CVE-2016-3425) * It was discovered that the Security component in OpenJDK failed to check the digest algorithm strength when generating DSA signatures. The use of a digest weaker than the key strength could lead to the generation of signatures that were weaker than expected. (CVE-2016-0695)criticalScientific Linux FermiScientific Linux Fermi 5java-1.6.0-openjdk-javadoc-1.6.0.39-1.13.11.0.el5_11.i386.rpm8519a3fb5dc7b11f36305416e053d80c182192d6java-1.6.0-openjdk-src-1.6.0.39-1.13.11.0.el5_11.i386.rpmf8ee7182eb4628e171d008775e4af9d1e1974c53java-1.6.0-openjdk-demo-1.6.0.39-1.13.11.0.el5_11.i386.rpm622709c99f34df46d47b238c6053cf5085884972java-1.6.0-openjdk-devel-1.6.0.39-1.13.11.0.el5_11.i386.rpm965061f3136c4e542708b1b6c82ce260b85b8486java-1.6.0-openjdk-1.6.0.39-1.13.11.0.el5_11.i386.rpm5f2fd01deffc0d86d877f60d50ca0725d08a0729SLSA-2016:1041-1This update upgrades Thunderbird to version 38.8.0. Security Fix(es): * Two flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-2805, CVE-2016-2807)importantScientific Linux FermiScientific Linux Fermi 5thunderbird-38.8.0-1.el5_11.i386.rpmcfc17f5f93bbe5d91a03cfb30f4d9adbf570a618SLSA-2016:1137-1Security Fix(es): * A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library. (CVE-2016-2108)importantScientific Linux FermiScientific Linux Fermi 5openssl-devel-0.9.8e-40.el5_11.i386.rpm4644ecc188d2891666bf5de3acaf921ef7ad3c4fopenssl-perl-0.9.8e-40.el5_11.i386.rpm621e5e812f93ebcbe31be0ba56f5461aac61ad16openssl-0.9.8e-40.el5_11.i686.rpmbffd76552548f80a979e7dd6abeb9bb34b9df688openssl-0.9.8e-40.el5_11.i386.rpm22d576d347464560bb031d6e0ff4ed95886dd468SLSA-2016:1217-1This update upgrades Firefox to version 45.2.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2828, CVE-2016-2831)criticalScientific Linux FermiScientific Linux Fermi 5firefox-45.2.0-1.el5_11.i386.rpmecc968da1ac34bf88f38e2b3440579326590f05eSLSA-2016:1392-1This update upgrades Thunderbird to version 45.2.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-2818)importantScientific Linux FermiScientific Linux Fermi 5thunderbird-45.2-1.el5_11.i386.rpmac6713d5b61a3a64748ad133f41f7e3594b962a1SLSA-2016:1421-1Security Fix(es): * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5387) Note: After this update, httpd will no longer pass the value of the Proxy request header to scripts via the HTTP_PROXY environment variable.importantScientific Linux FermiScientific Linux Fermi 5httpd-2.2.3-92.sl5.i386.rpmf3e0a4e26c024b1b08918d7099066902b2cbf3b8httpd-manual-2.2.3-92.sl5.i386.rpmf6047da3e351b9e172f76ccaaa29c1bdbdb57b97httpd-devel-2.2.3-92.sl5.i386.rpm48e10a5b20fed91327641a95e501811de2f880e0mod_ssl-2.2.3-92.sl5.i386.rpmf0833ab0a9ab97c1a74b970b1dd14a84c66a20f8SLSA-2016:1504-1Security Fix(es): * Multiple flaws were discovered in the Hotspot and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2016-3606, CVE-2016-3598, CVE-2016-3610) * Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed. (CVE-2016-3500, CVE-2016-3508) * Multiple flaws were found in the CORBA and Hotsport components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2016-3458, CVE-2016-3550)importantScientific Linux FermiScientific Linux Fermi 5java-1.7.0-openjdk-src-1.7.0.111-2.6.7.1.el5_11.i386.rpm86683c994fe2f21ff3bef2302a90c8a9a913cb6fjava-1.7.0-openjdk-devel-1.7.0.111-2.6.7.1.el5_11.i386.rpm19b4f64396e71eeb5be2ec99440e32d01a1bb64ajava-1.7.0-openjdk-1.7.0.111-2.6.7.1.el5_11.i386.rpm64ec510c3111ed355626b81bdca9fe9fb49898bajava-1.7.0-openjdk-javadoc-1.7.0.111-2.6.7.1.el5_11.i386.rpmd4daf2f663b8f6dbfa365366f3365f3dd592c173java-1.7.0-openjdk-demo-1.7.0.111-2.6.7.1.el5_11.i386.rpm162be998f5fb4b41b9aaa423a3e164497619a15eSLSA-2016:1551-1This update upgrades Firefox to version 45.3.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-2836, CVE-2016-5258, CVE-2016-5259, CVE-2016-5252, CVE-2016-5263, CVE-2016-2830, CVE-2016-2838, CVE-2016-5254, CVE-2016-5262, CVE-2016-5264, CVE-2016-5265, CVE-2016-2837)criticalScientific Linux FermiScientific Linux Fermi 5firefox-45.3.0-1.el5_11.i386.rpmeca4dd3a482720462960c2d1bf5e7058342951a0SLSA-2016:1776-1Security Fix(es): * An insufficient bytecode verification flaw was discovered in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to completely bypass Java sandbox restrictions. (CVE-2016-3606) * Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed. (CVE-2016-3500, CVE-2016-3508) * Multiple flaws were found in the CORBA and Hotsport components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2016-3458, CVE-2016-3550)importantScientific Linux FermiScientific Linux Fermi 5java-1.6.0-openjdk-devel-1.6.0.40-1.13.12.4.el5_11.i386.rpme5be1a166d0f797e430b56cbeb4016ad5e12179djava-1.6.0-openjdk-src-1.6.0.40-1.13.12.4.el5_11.i386.rpma575589044cbdd5ef9ad1746edba3e9a41737048java-1.6.0-openjdk-1.6.0.40-1.13.12.4.el5_11.i386.rpmce4740e8349873a8aa7dba9f04df619cfe8f36cajava-1.6.0-openjdk-javadoc-1.6.0.40-1.13.12.4.el5_11.i386.rpm56e0ce5492dd47b2d1a4336cbf78e9f301c209cbjava-1.6.0-openjdk-demo-1.6.0.40-1.13.12.4.el5_11.i386.rpm07f5e2eca98704da7cabbe917a8ad1662e5f9131SLSA-2016:1809-1This update upgrades Thunderbird to version 45.3.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-2836)importantScientific Linux FermiScientific Linux Fermi 5thunderbird-45.3.0-1.el5_11.i386.rpm29cd15b81fc7426493cf63de8fefabcc59696f8bSLSA-2016:1912-1This update upgrades Firefox to version 45.4.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-5257, CVE-2016-5278, CVE-2016-5270, CVE-2016-5272, CVE-2016-5274, CVE-2016-5276, CVE-2016-5277, CVE-2016-5280, CVE-2016-5281, CVE-2016-5284, CVE-2016-5250, CVE-2016-5261)criticalScientific Linux FermiScientific Linux Fermi 5firefox-45.4.0-1.el5_11.i386.rpm14e33b8cc20638d308693bec55d4a1312ab438f9SLSA-2016:1944-1Security Fix(es): * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776)importantScientific Linux FermiScientific Linux Fermi 5bind-utils-9.3.6-25.P1.el5_11.9.i386.rpm57a7a6124fe153950e999cd7d55bebebf0a627b0caching-nameserver-9.3.6-25.P1.el5_11.9.i386.rpm96f6121ad9aea5c64c6a2d5f70da21ef30771a4cbind-libbind-devel-9.3.6-25.P1.el5_11.9.i386.rpmb6014a2821ef8d6b22c8fd364a9b7b282c502420bind-chroot-9.3.6-25.P1.el5_11.9.i386.rpm98ab141f324542d79b8e5a0c95f1b4153d5fc3afbind-9.3.6-25.P1.el5_11.9.i386.rpmbcac2d0b050f32bffe7ac621ab49ae3c09191af9bind-libs-9.3.6-25.P1.el5_11.9.i386.rpm191923249ef0905496227a0eaf5c04a42cdf8cb2bind-devel-9.3.6-25.P1.el5_11.9.i386.rpma42a14908ab58108bceec73c5f7abcfd01c42f50bind-sdb-9.3.6-25.P1.el5_11.9.i386.rpm73b8a42ce3bb515a3f7b22828c6561ed99741184SLSA-2016:1945-1Security Fix(es): * A denial of service flaw was found in the way BIND constructed a response to a query that met certain criteria. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet. (CVE-2016-2776)importantScientific Linux FermiScientific Linux Fermi 5bind97-libs-9.7.0-21.P2.el5_11.7.i386.rpm8531fc523e2a27e0c5e6d6a6f24e6213a9d36c0ebind97-chroot-9.7.0-21.P2.el5_11.7.i386.rpm39ea3bf7d12fd967d8f99b4fb59386dc5b278d97bind97-9.7.0-21.P2.el5_11.7.i386.rpm63c0b570929b47afc9ce6db3f5fc1f7bc02375e6bind97-devel-9.7.0-21.P2.el5_11.7.i386.rpmc6b7fcba4b614c29c339eb392dc4268d19531589bind97-utils-9.7.0-21.P2.el5_11.7.i386.rpmdd07918a42e1e8d52495ba7784dbc18a17f5897dSLSA-2016:1985-1This update upgrades Thunderbird to version 45.4.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-5257)importantScientific Linux FermiScientific Linux Fermi 5thunderbird-45.4.0-1.el5_11.i386.rpm4bcfca50fc126bd45ee13ca3bcae4dda802b49ddSLSA-2016:2093-1Security Fix(es): * A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet. (CVE-2016-2848)importantScientific Linux FermiScientific Linux Fermi 5bind-devel-9.3.6-25.P1.el5_11.10.i386.rpmb0e96a20093a4ba77984ff2b870b89b6aac3c38ebind-9.3.6-25.P1.el5_11.10.i386.rpma5a868637107ff485148a6cb572a591744aa732dbind-chroot-9.3.6-25.P1.el5_11.10.i386.rpmdd3655631419804af5a7cf8fe86e64c48a32b75fbind-libs-9.3.6-25.P1.el5_11.10.i386.rpme28255d42ef324504aeb0b4651bf9d6b4296b078bind-libbind-devel-9.3.6-25.P1.el5_11.10.i386.rpm62ecbc4389ae08fdd2b34bf376daec0b27f62e83bind-sdb-9.3.6-25.P1.el5_11.10.i386.rpm515022f5f20c0b0b55ddaa43e3c2a7a58281b390caching-nameserver-9.3.6-25.P1.el5_11.10.i386.rpmf74796e2519b8da56da1a56db83ad212fdb204cabind-utils-9.3.6-25.P1.el5_11.10.i386.rpm27c174fc2a3da2e337034b109218e5f2d3ddf524SLSA-2016:2094-1Security Fix(es): * A denial of service flaw was found in the way BIND handled packets with malformed options. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS packet. (CVE-2016-2848)importantScientific Linux FermiScientific Linux Fermi 5bind97-9.7.0-21.P2.el5_11.8.i386.rpm3ea36f55147ad75793e9eb0f96db197d8084b6bebind97-libs-9.7.0-21.P2.el5_11.8.i386.rpmd229c52adbfbbe3f03bb7b410d7773d01bbf4623bind97-devel-9.7.0-21.P2.el5_11.8.i386.rpmc22093d458266f0b92cb26b4b05e396aeaf1bcf7bind97-chroot-9.7.0-21.P2.el5_11.8.i386.rpm99ada0e06451bfdf23b1af97e23598dac9adf03fbind97-utils-9.7.0-21.P2.el5_11.8.i386.rpm719fe662c698ec766770201e2345b61b86d78860SLSA-2016:2124-1Security Fix(es): * A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. (CVE-2016-5195, Important) * It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system. (CVE-2016-1583, Important) Bug Fix(es): * In some cases, a kernel crash or file system corruption occurred when running journal mode 'ordered'. The kernel crash was caused by a null pointer dereference due to a race condition between two journal functions. The file system corruption occurred due to a race condition between the do_get_write_access() function and buffer writeout. This update fixes both race conditions. As a result, neither the kernel crash, nor the file system corruption now occur. * Prior to this update, some Global File System 2 (GFS2) files had incorrect time stamp values due to two problems with handling time stamps of such files. The first problem concerned the atime time stamp, which ended up with an arbitrary value ahead of the actual value, when a GFS2 file was accessed. The second problem was related to the mtime and ctime time stamp updates, which got lost when a GFS2 file was written to from one node and read from or written to from another node. With this update, a set of patches has been applied that fix these problems. As a result, the time stamps of GFS2 files are now handled correctly.importantScientific Linux FermiScientific Linux Fermi 5kernel-debug-devel-2.6.18-416.el5.i686.rpm0afe2761b0f2ec81a8067a70b9e298edb631e923kernel-PAE-2.6.18-416.el5.i686.rpmb3a13ab8aa87f95ff914f85800895c443c9f6621kernel-debug-2.6.18-416.el5.i686.rpm90f815a18b9056d848ad6fa770cf941365a4076bkernel-PAE-devel-2.6.18-416.el5.i686.rpmc1c0e6386572068414f3469e7403b2bc5b5b700fkernel-xen-2.6.18-416.el5.i686.rpm1b341fd722886a612c0d5d625b3160ad171ea4bfkernel-2.6.18-416.el5.i686.rpm9f14648e63cd9731c3e64bba1e5fba662637c919kernel-devel-2.6.18-416.el5.i686.rpmd65fc4b5a9da4fea5fead3b4b7845adeffc12080kernel-xen-devel-2.6.18-416.el5.i686.rpm50263f8c34e9ccfd3bd0e5d23748a040810f0aa9kernel-headers-2.6.18-416.el5.i386.rpme86b92f94a5bd5262192a9f26b5c592dd4264d13kernel-doc-2.6.18-416.el5.noarch.rpm4d5cb9957cd65311db8b9a89d0189282f3b2b674SLSA-2016:2141-1Security Fix(es): * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864)importantScientific Linux FermiScientific Linux Fermi 5bind-libs-9.3.6-25.P1.el5_11.11.i386.rpm9af280acc53161508bbc275101c35ec7af3c7a8cbind-libbind-devel-9.3.6-25.P1.el5_11.11.i386.rpm7bdc7be6afc964df7b10dc80839bbc1095cb3833bind-9.3.6-25.P1.el5_11.11.i386.rpmc249c27de95538a8e368e363a810c58535ceea16bind-devel-9.3.6-25.P1.el5_11.11.i386.rpmf58900f0b28b4c9d9a858690a07b35f06bc35bd5bind-utils-9.3.6-25.P1.el5_11.11.i386.rpmb443b08aef202617afa9d28656cb49887a24e68fbind-sdb-9.3.6-25.P1.el5_11.11.i386.rpm76bb5ddb64f4cee8950a5dbd5e26b52d20345a25bind-chroot-9.3.6-25.P1.el5_11.11.i386.rpm8a3138b639bc15ff504576fbbd310efd92e352a8caching-nameserver-9.3.6-25.P1.el5_11.11.i386.rpm9e7fb24e767630f7705a64953d8373f06f49542eSLSA-2016:2142-1Security Fix(es): * A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-8864)importantScientific Linux FermiScientific Linux Fermi 5bind97-utils-9.7.0-21.P2.el5_11.9.i386.rpmc58747a12f5aae262730e02f6ef13719afcc8552bind97-chroot-9.7.0-21.P2.el5_11.9.i386.rpmad387fb2823ed6535cbd7052b135f8fdd767caf6bind97-9.7.0-21.P2.el5_11.9.i386.rpm77aab87e83c51abd687ae21729aaa0f68efb1d16bind97-devel-9.7.0-21.P2.el5_11.9.i386.rpm03d61e6a93c14e873dc3edd047c41de462e708e7bind97-libs-9.7.0-21.P2.el5_11.9.i386.rpmd1f85c858a90e8931a5fa9e27cd2603c486caa51SLSA-2016:2658-1Security Fix(es): * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. (CVE-2016-5582) * It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP requests to the JDWP port of the debugged application. (CVE-2016-5573) * It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2016-5542) Note: After this update, MD2 hash algorithm and RSA keys with less than 1024 bits are no longer allowed to be used for Jar integrity verification by default. MD5 hash algorithm is expected to be disabled by default in the future updates. A newly introduced security property jdk.jar.disabledAlgorithms can be used to control the set of disabled algorithms. * A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554) * A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597) Note: After this update, Basic HTTP proxy authentication can no longer be used when tunneling HTTPS connection through an HTTP proxy. Newly introduced system properties jdk.http.auth.proxying.disabledSchemes and jdk.http.auth.tunneling.disabledSchemes can be used to control which authentication schemes can be requested by an HTTP proxy when proxying HTTP and HTTPS connections respectively.importantScientific Linux FermiScientific Linux Fermi 5java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el5_11.i386.rpmd82a22bd22f486e16d2f70d83c9ff49f656f3a52java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el5_11.i386.rpm2b3ddffc3f15682b5f1792f2c770bb2d4257eec8java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el5_11.i386.rpmf10b36b622888d3fc6881a0a6f622e0a3d6f94e9java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.i386.rpm42cbfb65d5d42b41ad8c37c9ae38905874941cc0java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el5_11.i386.rpm5aeddf4c82dea0748b79b99fee3871ce1b6e8f2bSLSA-2016:2779-1The nss-util packages provide utilities for use with the Network Security Services (NSS) libraries. The following packages have been upgraded to a newer upstream version: nss (3.12.3), nss-util (3.12.3). Security Fix(es): * Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network. A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the permission of the user running the application. (CVE-2016-2834) * A NULL pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash a TLS/SSL server using NSS. (CVE-2016-5285) * It was found that Diffie Hellman Client key exchange handling in NSS was vulnerable to small subgroup confinement attack. An attacker could use this flaw to recover private keys by confining the client DH key to small subgroup of the desired group. (CVE-2016-8635)moderateScientific Linux FermiScientific Linux Fermi 5nss-devel-3.21.3-2.el5_11.i386.rpmdd8193efed843cfcaa13b6dd7ce90fd359e6b8e3nss-pkcs11-devel-3.21.3-2.el5_11.i386.rpm43b3a9a18e79346a285dba82819f388ca0662cd3nss-tools-3.21.3-2.el5_11.i386.rpm5e899f1623cbfc69193ceddaddc39b99e87591c8nss-3.21.3-2.el5_11.i386.rpm8cad52f27b32073c52873b61db354abed8f76d1dSLSA-2016:2780-1This update upgrades Firefox to version 45.5.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-5296, CVE-2016-5297, CVE-2016-9066, CVE-2016-5291, CVE-2016-5290) * A flaw was found in the way Add-on update process was handled by Firefox. A Man-in-the-Middle attacker could use this flaw to install a malicious signed add-on update. (CVE-2016-9064)criticalScientific Linux FermiScientific Linux Fermi 5firefox-45.5.0-1.el5_11.i386.rpm620c8d8f5244e84357193377f56bb9cf17bf7883SLSA-2016:2825-1This update upgrades Thunderbird to version 45.5.0 Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-5290)importantScientific Linux FermiScientific Linux Fermi 5thunderbird-45.5.0-1.el5_11.i386.rpma3326c883c30c930f650e092cc1ba007779b8728SLSA-2016:2843-1This update upgrades Firefox to version 45.5.1 ESR. Security Fix(es): * A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-9079)criticalScientific Linux FermiScientific Linux Fermi 5firefox-45.5.1-1.el5_11.i386.rpm3cfbc7aad5dc8c6ce4a55445aac3cf54ddceda7eSLSA-2016:2850-1This update upgrades Thunderbird to version 45.5.1. Security Fix(es): * A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-9079)importantScientific Linux FermiScientific Linux Fermi 5thunderbird-45.5.1-1.el5_11.i386.rpm0bde7133525f5102d5787bf86ea73a236316dd03SLSA-2016:2946-1This update upgrades Firefox to version 45.6.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2016-9893, CVE-2016-9899, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9904, CVE-2016-9905)criticalScientific Linux FermiScientific Linux Fermi 5firefox-45.6.0-1.el5_11.i386.rpm6ee7872fa1dadde411544f967324ccf234d2ba25SLSA-2016:2962-1Security Fix(es): * A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) Bug Fix(es): * Previously, guest virtual machines (VMs) on a Hyper-V server cluster got in some cases rebooted during the graceful node failover test, because the host kept sending heartbeat packets independently of guests responding to them. This update fixes the bug by properly responding to all the heartbeat messages in the queue, even if they are pending. As a result, guest VMs no longer get rebooted under the described circumstances.importantScientific Linux FermiScientific Linux Fermi 5kernel-xen-2.6.18-417.el5.i686.rpme16f825d184f4e86f4e9914583243537f0c7e468kernel-debug-2.6.18-417.el5.i686.rpm74482b27c658f0e324b365b4e5abd8ea592a918bkernel-doc-2.6.18-417.el5.noarch.rpm696dbedd600e765b9b4eb3b185ad9e2741ce0763kernel-2.6.18-417.el5.i686.rpmc310196222200116558610885636ef9881094e88kernel-xen-devel-2.6.18-417.el5.i686.rpm5507b060567e79f8fab7c54a80d5a08c70e74b33kernel-PAE-devel-2.6.18-417.el5.i686.rpm1de6f3531a6a446f50bf06103eaac7c40bed5eb9kernel-debug-devel-2.6.18-417.el5.i686.rpmb56c6abb08cc48dce09bdb0cdf707c3d607bb771kernel-PAE-2.6.18-417.el5.i686.rpme4ad0c45745af1f84f17e84b75fa3a9d2e088d8dkernel-devel-2.6.18-417.el5.i686.rpmf79226f4f4cd8bcc9b853c98950d9e870e8e0de6kernel-headers-2.6.18-417.el5.i386.rpmb40a3bc25c50bca51409555a881b76654dfc3aaaSLSA-2016:2963-1Security Fix(es): * An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bit address parameter. A privileged guest user/process could use this flaw to potentially escalate their privileges on a host. (CVE-2016-9637)importantScientific Linux FermiScientific Linux Fermi 5xen-3.0.3-148.el5_11.i386.rpm8c001a16abb098b64b3e75ba112f1eabe7745f78xen-devel-3.0.3-148.el5_11.i386.rpm438642673f508e15481ce39bfd49731bf99b4343xen-libs-3.0.3-148.el5_11.i386.rpme803e3cf50a176b912d0e2290fb08d75bcf044aaSLSA-2016:2973-1This update upgrades Thunderbird to version 45.6.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2016-9893, CVE-2016-9899, CVE-2016-9895, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9905)importantScientific Linux FermiScientific Linux Fermi 5thunderbird-45.6.0-1.el5_11.i386.rpm2b720805b676ce8b2dd804db02fd1726d0f83f08SLSA-2017:0061-1Security Fix(es): * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. (CVE-2016-5582) * It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP requests to the JDWP port of the debugged application. (CVE-2016-5573) * It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2016-5542) Note: After this update, MD2 hash algorithm and RSA keys with less than 1024 bits are no longer allowed to be used for Jar integrity verification by default. MD5 hash algorithm is expected to be disabled by default in the future updates. A newly introduced security property jdk.jar.disabledAlgorithms can be used to control the set of disabled algorithms. * A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554) * A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597) Note: After this update, Basic HTTP proxy authentication can no longer be used when tunneling HTTPS connection through an HTTP proxy. Newly introduced system properties jdk.http.auth.proxying.disabledSchemes and jdk.http.auth.tunneling.disabledSchemes can be used to control which authentication schemes can be requested by an HTTP proxy when proxying HTTP and HTTPS connections respectively.importantScientific Linux FermiScientific Linux Fermi 5java-1.6.0-openjdk-devel-1.6.0.41-1.13.13.1.el5_11.i386.rpmdb07b6776ea106122fa8222a4ae62f3981fa2ff8java-1.6.0-openjdk-javadoc-1.6.0.41-1.13.13.1.el5_11.i386.rpmf8422487db96f967f1c721b633e260bee5f95994java-1.6.0-openjdk-demo-1.6.0.41-1.13.13.1.el5_11.i386.rpm810d8e878aa3aba501b98d9df74db565cfc3050bjava-1.6.0-openjdk-src-1.6.0.41-1.13.13.1.el5_11.i386.rpm3fa1f2068d9702253ecbc1d7d26eb3ef864e6c55java-1.6.0-openjdk-1.6.0.41-1.13.13.1.el5_11.i386.rpm1b38c0aa270754be3d3fc30f1841b36d657453a3SLSA-2017:0063-1Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9147)importantScientific Linux FermiScientific Linux Fermi 5bind-chroot-9.3.6-25.P1.el5_11.12.i386.rpm53a36271d44ecf69adede14afa3cb0ef1b7c3c83caching-nameserver-9.3.6-25.P1.el5_11.12.i386.rpmba1744a925e7a8feb3fb4dfcb28afdf708e8d876bind-libbind-devel-9.3.6-25.P1.el5_11.12.i386.rpm36998c700d75a1c1ec065c6b94efca1c8af6cb0fbind-devel-9.3.6-25.P1.el5_11.12.i386.rpm68f3d7c80063d60930bc84985ebaabb595cf3d3ebind-libs-9.3.6-25.P1.el5_11.12.i386.rpma24640c7cde85f56a71e92b8b32c67c1d8d4b399bind-sdb-9.3.6-25.P1.el5_11.12.i386.rpm9e4e2c36324909897268a2fbc062f1a90037a5a7bind-utils-9.3.6-25.P1.el5_11.12.i386.rpmc82eba31534afc25731a64f731f58ee1fe038edabind-9.3.6-25.P1.el5_11.12.i386.rpmcf2dd6d0a920e0fabfbe59c9914605979464a417SLSA-2017:0064-1Security Fix(es): * A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response. (CVE-2016-9147)importantScientific Linux FermiScientific Linux Fermi 5bind97-utils-9.7.0-21.P2.el5_11.10.i386.rpm92aa209d1ca17028ebc10d1406ba16eb212f9b53bind97-devel-9.7.0-21.P2.el5_11.10.i386.rpm9f4b505122c67b13ef698b7226560e595b02daddbind97-libs-9.7.0-21.P2.el5_11.10.i386.rpmfc4bf087b2c2a11656bf5b87406154d797ca7c4cbind97-chroot-9.7.0-21.P2.el5_11.10.i386.rpm68985fca8ac38cd84239da6a042f1cca1c09a312bind97-9.7.0-21.P2.el5_11.10.i386.rpmee46967af575870d2b777ba06829b2851293cdb3SLSA-2017:0190-1This update upgrades Firefox to version 45.7.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5386, CVE-2017-5390, CVE-2017-5396)criticalScientific Linux FermiScientific Linux Fermi 5firefox-45.7.0-2.el5_11.i386.rpme97d3f2d824dbce85be2791ef9daa967fb84a2d4firefox-45.7.0-1.el5_11.i386.rpm61428ce5f7c66f61fc5ed3f6d7b8cdfe8ec2cfa9SLSA-2017:0238-1This update upgrades Thunderbird to version 45.7.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5390, CVE-2017-5396)importantScientific Linux FermiScientific Linux Fermi 5thunderbird-45.7.0-1.el5_11.i386.rpm73c70668d75f90392c018cfe4def8b7ec19be144SLSA-2017:0269-1Security Fix(es): * It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. (CVE-2017-3241) This issue was addressed by introducing whitelists of classes that can be deserialized by RMI registry or DCG. These whitelists can be customized using the newly introduced sun.rmi.registry.registryFilter and sun.rmi.transport.dgcFilter security properties. * Multiple flaws were discovered in the Libraries and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. (CVE-2017-3272, CVE-2017-3289) * A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel. (CVE-2016-5548) * It was discovered that the Libraries component of OpenJDK accepted ECSDA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools. (CVE-2016-5546) * It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory. (CVE-2017-3253) * It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory. (CVE-2016-5547) * It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN. (CVE-2017-3252) * It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL. (CVE-2016-5552) * Multiple flaws were found in the Networking components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions. (CVE-2017-3261, CVE-2017-3231) * A flaw was found in the way the DES/3DES cipher was used as part of the TLS/SSL protocol. A man-in-the-middle attacker could use this flaw to recover some plaintext data by capturing large amounts of encrypted traffic between TLS/SSL server and client if the communication used a DES/3DES based ciphersuite. (CVE-2016-2183) This update mitigates the CVE-2016-2183 issue by adding 3DES cipher suites to the list of legacy algorithms (defined using the jdk.tls.legacyAlgorithms security property) so they are only used if connecting TLS/SSL client and server do not share any other non-legacy cipher suite.criticalScientific Linux FermiScientific Linux Fermi 5java-1.7.0-openjdk-src-1.7.0.131-2.6.9.0.el5_11.i386.rpmb63c6b6a8fbc0e6c20fe759fbc112b874e9f8d59java-1.7.0-openjdk-1.7.0.131-2.6.9.0.el5_11.i386.rpmd84512a76a4a8ed7b02e25d12c9ec01b2a4d227djava-1.7.0-openjdk-devel-1.7.0.131-2.6.9.0.el5_11.i386.rpm86895893245768aa539ce32384ba7cb5558b12d0java-1.7.0-openjdk-javadoc-1.7.0.131-2.6.9.0.el5_11.i386.rpm3071f13708d62ebd39c1e8ff0447fd25e1a11a58java-1.7.0-openjdk-demo-1.7.0.131-2.6.9.0.el5_11.i386.rpm45c86a2f5e829c636de22ce50b3662521ad48ee0SLSA-2017:0323-1Security Fix(es): * A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important) * It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the system. (CVE-2017-2634, Moderate) Important: This update disables the DCCP kernel module at load time by using the kernel module blacklist method. The module is disabled in an attempt to reduce further exposure to additional issues.importantScientific Linux FermiScientific Linux Fermi 5kernel-PAE-2.6.18-419.el5.i686.rpmf29c119499b3c6a2aba593e34c1ac77a86dce635kernel-PAE-devel-2.6.18-419.el5.i686.rpm108dc5c56471e5593fbe61bca4f5e2c9e5d900bdkernel-xen-devel-2.6.18-419.el5.i686.rpmf982482b796b8145bbefd3a92355f3ee167bcca4kernel-2.6.18-419.el5.i686.rpm1e6c3035b8d8960bbf71b1d0859c121d8e276a54kernel-debug-2.6.18-419.el5.i686.rpmd651731e0dee165249599e1543aecb4c2390741bkernel-doc-2.6.18-419.el5.noarch.rpmc7d3549148b35a7a3a15ad50608843e8e09f6188kernel-debug-devel-2.6.18-419.el5.i686.rpm95f3d2e69d8e51fd4b1620e727f2d36b9939c5dfkernel-headers-2.6.18-419.el5.i386.rpmf75b885bea0c08db78b9cda73f3d6cd280ae1451kernel-xen-2.6.18-419.el5.i686.rpme227a08f260b6b3e276e65a80e3312d55b8da0a2kernel-devel-2.6.18-419.el5.i686.rpm3862e49150858a5f43be0336490eff891727c9ceSLSA-2017:0459-1This update upgrades Firefox to version 45.8.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5407, CVE-2017-5408, CVE-2017-5410, CVE-2017-5405)criticalScientific Linux FermiScientific Linux Fermi 5firefox-45.8.0-2.el5_11.i386.rpme972225ba7089716c5b0a25fbea4f31bd76d1610