BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Notice about a new vulnerability

Subject: [Discuss] Notice about a new vulnerability
From: shawn at ll.mit.edu (O'Shea, Shawn - 0665 - MITLL)
Date: Fri, 7 Aug 2015 13:01:15 +0000
In-reply-to: <CAAbKA3UzsA=mf-i+veEaZXc8PaN=GHOLg6vac9cVjsbH_pd0qQ@mail.gmail.com>
References: <55C3F537.3000402@horne.net> <CAAbKA3UzsA=mf-i+veEaZXc8PaN=GHOLg6vac9cVjsbH_pd0qQ@mail.gmail.com>

According to Red Hat?s site (unauthenticated), RHEL is unaffected as they never back ported the vulnerable code. Fedora has an alert and updated packages.

Red Hat: https://access.redhat.com/security/cve/CVE-2015-3290
Fedora: https://lwn.net/Articles/653734/

-Shawn

On Aug 6, 2015, at 9:46 PM, Bill Ricker <bill.n1vux at gmail.com> wrote:

> On Thu, Aug 6, 2015 at 8:00 PM, Bill Horne <bill at horne.net> wrote:
> 
>> This is from a tweet I got from Dan Goodin, in which he asks "Anyone know
>> if any upstream stable Linux kernels have patched CVE-2015-3290 yet? It
>> looks serious."
>> 
> 
> ?Looks like it's in Debian Testing/Unstable and also Jessie(Security) patch
> stream.
> So yeah, it's Stable.
> 
> https://www.debian.org/security/2015/dsa-3313
> https://security-tracker.debian.org/tracker/CVE-2015-3290 ?
> ?https://security-tracker.debian.org/tracker/CVE-2015-3291
> ?https://security-tracker.debian.org/tracker/CVE-2015-5157
> 
> ?Ubuntu Security has pushed out for  14.04 LTS :
> http://www.ubuntu.com/usn/usn-2700-1/
> and 12.04 LTS http://www.ubuntu.com/usn/usn-2701-1/
> ?
> AFAIK ?Red Hat requires log-in to see what they've patched ?...
> 
> 
> -- 
> Bill Ricker
> bill.n1vux at gmail.com
> https://www.linkedin.com/in/n1vux
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss

Follow-Ups:
- [Discuss] Notice about a new vulnerability
  - From: gaf at blu.org (Jerry Feldman)

References:
- [Discuss] Notice about a new vulnerability
  - From: bill at horne.net (Bill Horne)
- [Discuss] Notice about a new vulnerability
  - From: bill.n1vux at gmail.com (Bill Ricker)

Prev by Date: [Discuss] Notice about a new vulnerability
Next by Date: [Discuss] Replacing AD with Samba4
Previous by thread: [Discuss] Notice about a new vulnerability
Next by thread: [Discuss] Notice about a new vulnerability
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.