RHEA-2016:0464-1: new packages: kmod-i40e
RHEA-2016:0464-1: new packages: kmod-i40e Red Hat Enterprise Linux: New kmod-i40e packages are now available for Red Hat Enterprise Linux 7. Source: RHEA-2016:0464-1: new packages: kmod-i40e
SECURITY
RHEA-2016:0463-1: tzdata enhancement update
RHEA-2016:0463-1: tzdata enhancement update Red Hat Enterprise Linux: Updated tzdata packages that add various enhancements are now available for Red Hat Enterprise Linux 4 Extended Life Cycle Support, Red Hat Enterprise Linux 5.6 Long Life, Red Hat Enterprise Linux 5.9 Advanced Update Support, Red Hat Enterprise Linux 5.11, Red Hat Enterprise Linux 6.2 Advanced Update Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Extended Update Support, Red Hat Enterprise Linux 6.7, Red Hat Enterprise Linux 7.1 Extended Update Support, Red Hat Enterprise Linux 7.1 Little Endian Extended Update Support, and Red Hat Enterprise Linux 7.2. Source: RHEA-2016:0463-1: tzdata enhancement update
Microsoft Bounty Programs Announce Expansion – Bounty for Microsoft OneDrive
Microsoft Bounty Programs Announce Expansion – Bounty for Microsoft OneDrive At Microsoft, we continue to add new properties to our security bug bounty programs to help keep our customer’s secure. Today, I’m pleased to announce the addition of Microsoft OneDrive to the Microsoft Online Services Bug Bounty Program. This addition further incentivizes security researchers to report service vulnerabilities to Microsoft. As part of the Microsoft Online Services Bug Bounty Program, the payouts will range from $500 – $15,000 USD. Join us at the Microsoft Booth at CanSecWest 2016 in Vancouver, Canada to learn more about Microsoft OneDrive and the bounty programs. You can find the updated terms here. Send your submissions to [email protected]. Happy Hunting, Jason Shirk Source: Microsoft Bounty Programs Announce Expansion – Bounty for Microsoft OneDrive
USN-2935-3: PAM regression
USN-2935-3: PAM regression Ubuntu Security Notice USN-2935-3 17th March, 2016 pam regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary USN-2935-1 introduced a regression in PAM. Software description pam – Pluggable Authentication Modules Details USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packagingchange that prevented upgrades in certain multiarch environments. USN-2935-2intended to fix the problem but was incomplete for Ubuntu 12.04 LTS. Thisupdate fixes the problem in Ubuntu 12.04 LTS. We apologize for the inconvenience. Original advisory details: It was discovered that the PAM pam_userdb module incorrectly used a case-insensitive method when comparing hashed passwords. A local attacker could possibly use this issue to make brute force attacks easier. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7041) Sebastian Krahmer discovered that the PAM pam_timestamp module incorrectly performed filtering. [ more… ]
RHBA-2016:0461-1: Satellite 5.7 bug fix update
RHBA-2016:0461-1: Satellite 5.7 bug fix update RHN Satellite and Proxy: Updated cobbler and spacewalk-java packages that fix several bugs are now available for Red Hat Satellite 5.7. Source: RHBA-2016:0461-1: Satellite 5.7 bug fix update