Thread: [Cucumber-linux-security] linux (security update is available) (Page 2)
A general purpose desktop and server Linux distribution.
Brought to you by:
z5t1
Menu
▾
▴
cucumber-linux-security
|
From: Scott C. <sc...@cu...> - 2018-04-26 00:47:24
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Wed Apr 25 16:14:27 EDT 2018 base/linux upgraded from 4.9.95 to 4.9.96 to fix at least two security vulnerabilities: CVE-2018-1108 and CVE-2018-1092. For more information see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1108 https://security.cucumberlinux.com/security/details.php?id=373 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1092 https://security.cucumberlinux.com/security/details.php?id=374 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.96 kernel/linux-source upgraded from 4.9.95 to 4.9.96 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-373 [CVE-2018-1108] (https://security.cucumberlinux.com/security/details.php?id=373) * CLD-374 [CVE-2018-1092] (https://security.cucumberlinux.com/security/details.php?id=374) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-05-03 18:46:41
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Wed May 2 20:20:58 EDT 2018 base/linux upgraded from 4.9.97 to 4.9.98 to fix CVE-2018-1093, a security vulnerability which allowed a privileged attacker to cause a denial of service (crash) by mounting a specially crafted ext4 filesystem. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.98 https://security.cucumberlinux.com/security/details.php?id=381 kernel/linux-source upgraded from 4.9.97 to 4.9.98 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-381 [CVE-2018-1093] (https://security.cucumberlinux.com/security/details.php?id=381) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-05-15 01:01:42
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Mon May 14 18:08:17 EDT 2018 base/linux rebuilt (build 2) to enable the retpoline mitigation against the Spectre v2 security vulnerability (CVE-2017-5715). Starting with this build, the kernel-gcc package is now required to build the linux package. It is necessary to use the newer kernel-gcc (GCC v7.3.0) instead of the standard Cucumber Linux 1.1 gcc (GCC v5.3.0) because this mitigation requires the kernel to be compiled with a retpoline aware compiler, which GCC 5.3.0 is not but GCC 7.3.0 is. For more information see: https://security.cucumberlinux.com/security/details.php?id=202 https://www.mail-archive.com/lfs...@li.../msg04844.html * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-202 [CVE-2017-5715] (https://security.cucumberlinux.com/security/details.php?id=202) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-05-17 01:47:02
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Wed May 16 19:08:30 EDT 2018 base/linux upgraded from 4.9.99 to 4.9.100. This release introduces many new mitigations for the Spectre v1 vulnerability (CVE-2017-5753). For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.100 https://security.cucumberlinux.com/security/details.php?id=201 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753 kernel/linux-source upgraded from 4.9.99 to 4.9.100 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-05-21 18:10:46
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Mon May 21 11:22:36 EDT 2018 base/linux upgraded from 4.9.100 to 4.9.101 to fix (among other other things) CVE-2018-1120, a security vulnerability that allowed for an attack to block process inspection by several common tools (such as ps) by blocking read access to /proc/PID/cmdline. For more information see: http://www.openwall.com/lists/oss-security/2018/05/17/1 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.101 kernel/linux-source upgraded from 4.9.100 to 4.9.101 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-401 [CVE-2018-1120] (https://security.cucumberlinux.com/security/details.php?id=401) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-05-23 03:27:20
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Tue May 22 18:45:35 EDT 2018 base/linux upgraded from 4.9.101 to 4.9.102 to enable the ability mitigate against Spectre Variant 4 (CVE-2018-3639) when Intel releases the microcode update. This update DOES NOT PATCH THE VULNERABILITY; rather, it enables it to be patched with a microcode update. Mitigating against this vulnerability will require using both an updated kernel and updated CPU microcode. This is a hardware vulnerability in Intel's x86 architecture (both the i686 and x86_64 variants) that allows for for an attacker to learn the contents of memory that is not supposed to be accessible to him. Intel has stated that this vulnerability "may allow unauthorized disclosure of information to an attacker with local user access," which means it likely does. For more information see: https://security.cucumberlinux.com/security/details.php?id=411 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.102 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html https://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf kernel/linux-source upgraded from 4.9.101 to 4.9.102 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-411 [CVE-2018-3639] (https://security.cucumberlinux.com/security/details.php?id=411) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-05-30 21:28:38
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Wed May 30 17:03:56 EDT 2018 base/linux upgraded from 4.9.103 to 4.9.104 to fix CVE-2018-6412 and further mitigate against Spectre variant 1 (CVE-2017-5753). For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.104 https://security.cucumberlinux.com/security/details.php?id=201 https://security.cucumberlinux.com/security/details.php?id=419 kernel/linux-source upgraded from 4.9.103 to 4.9.104 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-419 [CVE-2018-6412] (https://security.cucumberlinux.com/security/details.php?id=419) * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-06-16 22:41:52
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Sat Jun 16 10:20:31 EDT 2018 base/linux upgraded from 4.9.108 to 4.9.109 to fix two security vulnerabilities. The first (CVE-2018-3665) is an information disclosure that allows a process to infer data using the Lazy FP restore feature of Intel processors. The second (CVE-2018-10853) was a vulnerability in the KVM virtualization mechanism that allowed the guest userspace to write to the guest kernel, due to missing privilege level checks. For more information see: https://security.cucumberlinux.com/security/details.php?id=432 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3665 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00145.html https://security.cucumberlinux.com/security/details.php?id=433 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10853 kernel/linux-source upgraded from 4.9.108 to 4.9.109 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-432 [CVE-2018-3665] (https://security.cucumberlinux.com/security/details.php?id=432) * CLD-433 [CVE-2018-10853] (https://security.cucumberlinux.com/security/details.php?id=433) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-06-27 04:37:04
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Tue Jun 26 20:20:31 EDT 2018 base/linux upgraded from 4.9.109 to 4.9.110 to fix CVE-2018-1118, a security vulnerability that could possibly allow for local, unprivileged users to read some sections of kernel memory. For more information see: https://security.cucumberlinux.com/security/details.php?id=445 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1118 kernel/linux-source upgraded from 4.9.109 to 4.9.110 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-445 [CVE-2018-1118] (https://security.cucumberlinux.com/security/details.php?id=445) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-07-12 16:05:33
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Thu Jul 12 11:10:59 EDT 2018 base/linux upgraded from 4.9.111 to 4.9.112 to fix several security vulnerabilities related to handling ext4 filesystems: CVE-2018-10882, CVE-2018-10881, CVE-2018-10877, CVE-2018-10876 and CVE-2018-10883. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.112 https://security.cucumberlinux.com/security/details.php?id=476 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10882 https://security.cucumberlinux.com/security/details.php?id=477 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10881 https://security.cucumberlinux.com/security/details.php?id=478 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10877 https://security.cucumberlinux.com/security/details.php?id=479 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10876 https://security.cucumberlinux.com/security/details.php?id=480 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10883 kernel/linux-source upgraded from 4.9.111 to 4.9.112 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-476 [CVE-2018-10882] (https://security.cucumberlinux.com/security/details.php?id=476) * CLD-477 [CVE-2018-10881] (https://security.cucumberlinux.com/security/details.php?id=477) * CLD-478 [CVE-2018-10877] (https://security.cucumberlinux.com/security/details.php?id=478) * CLD-479 [CVE-2018-10876] (https://security.cucumberlinux.com/security/details.php?id=479) * CLD-480 [CVE-2018-10883] (https://security.cucumberlinux.com/security/details.php?id=480) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-07-23 17:20:53
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Mon Jul 23 12:58:16 EDT 2018 base/linux upgraded from 4.9.113 to 4.9.114 to further mitigate against Spectre variants 1 and 2 (CVE-2017-5753 and CVE-2017-5715 respecitvely). For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.114 kernel/linux-source upgraded from 4.9.113 to 4.9.114 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) * CLD-202 [CVE-2017-5715] (https://security.cucumberlinux.com/security/details.php?id=202) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-07-27 18:09:02
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Fri Jul 27 10:23:41 EDT 2018 base/linux upgraded from 4.9.114 to 4.9.115 to remove a Spectre v1 (CVE-2017-5753) exploitation channel. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.115 kernel/linux-source upgraded from 4.9.114 to 4.9.115 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-08-09 18:57:23
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Thu Aug 9 10:02:41 EDT 2018 base/linux upgraded from 4.9.117 to 4.9.119. This update fixes a potential Spectre v1 (CVE-2017-5753) weakness in socketcall. It also contains various other bug fixes, some of which may be security fixes. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.118 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.119 https://security.cucumberlinux.com/security/details.php?id=201 kernel/linux-source upgraded from 4,9.117 to 4.9.119 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-08-16 18:35:05
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Thu Aug 16 13:52:49 EDT 2018 base/linux upgraded from 4.9.119 to 4.9.120 to fix CVE-2018-3620, a security vulnerability in the Spectre family. This vulnerability allowed for information disclosure via a cache side channel attack. This vulnerability has been mitigated by conditionally flushing the cache during VM context changes. For more information see: https://www.intel.com/content/www/us/en/architecture-and-technology/l1tf.html https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.120 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3620 https://security.cucumberlinux.com/security/details.php?id=520 kernel/linux-source upgraded from 4.9.119 to 4.9.120 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-520 [CVE-2018-3620] (https://security.cucumberlinux.com/security/details.php?id=520) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-08-24 16:47:28
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Fri Aug 24 11:27:00 EDT 2018 base/linux upgraded from 4.9.123 to 4.9.124 to mitigate a couple of potential spectre v1 exploits. This update also contains various other bug and security fixes. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.124 https://security.cucumberlinux.com/security/details.php?id=201 kernel/linux-source upgraded from 4.9.123 to 4.9.124 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-09-15 17:49:46
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ at Sep 15 13:26:38 EDT 2018 base/linux upgraded from 4.9.126 to 4.9.127. This update includes further mitigations against the L1TF family of vulnerabilities. This update also fixed two other security vulnerabilities: CVE-2018-6554 which allowed for a userspace application to exhaust memory resources by repeatedly binding a socket and CVE-2018-6555 which caused a use after free in the hashbin list. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.127 https://security.cucumberlinux.com/security/details.php?id=557 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6554 https://security.cucumberlinux.com/security/details.php?id=558 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6555 kernel/linux-source upgraded from 4.9.126 to 4.9.127 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-557 [CVE-2018-6554] (https://security.cucumberlinux.com/security/details.php?id=557) * CLD-558 [CVE-2018-6555] (https://security.cucumberlinux.com/security/details.php?id=558) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-09-29 17:54:11
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Sat Sep 29 11:50:40 EDT 2018 base/linux upgraded from 4.9.128 to 4.9.130 to further mitigate against Spectre v1 (CVE-2017-5753) and fix CVE-2018-14633, a stack based buffer overflow that may have led to a denial of service (kernel panic) or escalation of privileges. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.130 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.129 https://security.cucumberlinux.com/security/details.php?id=201 https://security.cucumberlinux.com/security/details.php?id=567 kernel/linux-source upgraded from 4.9.128 to 4.9.130 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-567 [CVE-2018-14633] (https://security.cucumberlinux.com/security/details.php?id=567) * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-10-08 17:54:14
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Mon Oct 8 10:16:24 EDT 2018 base/linux upgraded from 4.9.130 to 4.9.131 to fix two security vulnerabilities: CVE-2018-7755, which allowed for an attacker to circumvent kernel security protections such as KASLR; and CVE-2018-10880, which allowed for an attacker to cause a denial of service (system crash) via an out of bounds stack write in the ext4 filesystem code. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.131 https://security.cucumberlinux.com/security/details.php?id=572 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7755 https://security.cucumberlinux.com/security/details.php?id=573 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10880 kernel/linux-source upgraded from 4.9.130 to 4.9.131 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-572 [CVE-2018-7755] (https://security.cucumberlinux.com/security/details.php?id=572) * CLD-573 [CVE-2018-10880] (https://security.cucumberlinux.com/security/details.php?id=573) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-11-13 23:57:29
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Tue Nov 13 17:54:55 EST 2018 base/linux upgraded from 4.9.135 to 4.9.137. This update contains additional mitigations for the Spectre v1 vulnerability (CVE-2017-5753) and other security fixes. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.136 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.137 https://security.cucumberlinux.com/security/details.php?id=201 kernel/linux-source upgraded from 4.9.135 to 4.9.137 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-11-28 21:01:29
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.0 * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Wed Nov 28 14:08:49 EST 2018 base/linux upgraded from 4.9.137 to 4.9.141. This update incorporates several upstream bug fixes and further addresses both the Spectre v1 (CVE-2017-5753) vulnerabilities. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.138 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.139 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.140 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.141 https://security.cucumberlinux.com/security/details.php?id=201 kernel/linux-source upgraded from 4.9.137 to 4.9.141 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-12-09 03:54:37
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Sat Dec 8 13:54:17 EST 2018 base/linux upgraded from 4.9.142 to 4.9.144. This update fixes two security vulnerabilities in the Linux kernel's CEPHX_V2 implementation and contains many other bug fixes. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.144 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.143 https://security.cucumberlinux.com/security/details.php?id=634 https://security.cucumberlinux.com/security/details.php?id=635 kernel/linux-source upgraded from 4.9.142 to 4.9.144 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-634 [CVE-2018-1129] (https://security.cucumberlinux.com/security/details.php?id=634) * CLD-635 [CVE-2018-1128] (https://security.cucumberlinux.com/security/details.php?id=635) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-12-20 17:19:22
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Tue Dec 18 14:12:16 EST 2018 base/linux upgraded from 4.9.144 to 4.9.146 to fix CVE-2018-14625, a security vulnerability which may have allowed for an attacker inside of a guest virtual machine to have uncontrolled read access to kernel memory. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.146 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.145 https://security.cucumberlinux.com/security/details.php?id=637 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14625 kernel/linux-source upgraded from 4.9.144 to 4.9.146 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-637 [CVE-2018-14625] (https://security.cucumberlinux.com/security/details.php?id=637) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2018-12-26 21:26:26
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Wed Dec 26 15:52:08 EST 2018 base/linux upgraded from 4.9.146 to 4.9.147 to fix a Spectre v1 (CVE-2017-5753) vulnerability in lookup_ioctx. For more information see: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.147 https://security.cucumberlinux.com/security/details.php?id=201 kernel/linux-source upgraded from 4.9.146 to 4.9.147 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2019-01-04 20:21:33
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Fri Jan 4 14:23:14 EST 2019 base/linux upgraded from 4.9.147 to 4.9.148. This update an upstream update that contains additional mitigations for the Spectre v1 vulnerability (CVE-2017-5753). Also fixes CVE-2018-19985, an out of bounds read security vulnerability in hso_probe. For more information see: https://security.cucumberlinux.com/security/details.php?id=201 https://security.cucumberlinux.com/security/details.php?id=648 kernel/linux-source upgraded from 4.9.147 to 4.9.148 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-648 [CVE-2018-19985] (https://security.cucumberlinux.com/security/details.php?id=648) * CLD-201 [CVE-2017-5753] (https://security.cucumberlinux.com/security/details.php?id=201) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
|
From: Scott C. <sc...@cu...> - 2019-05-09 16:18:46
Attachments:
signature.asc
|
Update Information A security update is available for linux for the following versions of Cucumber Linux: * 1.1 Here are the details from the Cucumber 1.1 changelog: +----------------+ Thu May 9 11:32:38 EDT 2019 base/linux upgraded from 4.9.170 to 4.9.174. This update fixes CVE-2019-3882 and contains several other bug fixes and security improvements. For more information see: https://security.cucumberlinux.com/security/details.php?id=698 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3882 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.174 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.173 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.172 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.171 kernel/linux-source upgraded from 4.9.170 to 4.9.174 * SECURITY FIX * +----------------+ ------------------------------------------------------------------------ CLD and CVE Information This update is associated with the following Cucumber Linux Deficiency (CLD) and CVE numbers: * CLD-698 [CVE-2019-3882] (https://security.cucumberlinux.com/security/details.php?id=698) More information about these CLDs can be found at their respective pages on the Cucumber Linux Security Advisory Tracker (these are the URLs in parenthesis above). ------------------------------------------------------------------------ Installing the Update The updated package can be installed via Pickle by running the following commands (as root): # pickle --update # pickle Make sure linux is selected on the update list, and then select Ok. Pickle will then install the updated package. If you prefer to download the updated package manually, it can be found on the mirror at http://mirror.cucumberlinux.com/cucumber/. ------------------------------------------------------------------------ The Cucumber Linux Security Team cuc...@li... <mailto:cuc...@li...> https://www.cucumberlinux.com/security.php |
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X