[Dovecot-news] v2.2.33.2 released

https://dovecot.org/releases/2.2/dovecot-2.2.33.2.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.2.33.2.tar.gz.sig

One more patch release with some fixes:

– doveadm: Fix crash in proxying (or dsync replication) if remote is
running older than v2.2.33
– auth: Fix memory leak in %{ldap_dn}
– dict-sql: Fix data types to work correctly with Cassandra

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

Ubuntu 17.10 (Artful Aardvark) released

Q29kZW5hbWVkICJBcnRmdWwgQWFyZHZhcmsiLCBVYnVudHUgMTcuMTAgY29udGludWVzIFVidW50
dSdzIHByb3VkCnRyYWRpdGlvbiBvZiBpbnRlZ3JhdGluZyB0aGUgbGF0ZXN0IGFuZCBncmVhdGVz
dCBvcGVuIHNvdXJjZSB0ZWNobm9sb2d5CmludG8gYSBoaWdoLXF1YWxpdHksIGVhc3ktdG8tdXNl
IExpbnV4IGRpc3RyaWJ1dGlvbi4gIEFzIGFsd2F5cywgdGhlCnRlYW0gaGFzIGJlZW4gaGFyZCBh
dCB3b3JrIHRocm91Z2ggdGhpcyBjeWNsZSwgaW50cm9kdWNpbmcgbmV3IGZlYXR1cmVzCmFuZCBm
aXhpbmcgYnVncy4KClVuZGVyIHRoZSBob29kLCB0aGVyZSBoYXZlIGJlZW4gdXBkYXRlcyB0byBt
YW55IGNvcmUgcGFja2FnZXMsIGluY2x1ZGluZwphIG5ldyA0LjEzLWJhc2VkIGtlcm5lbCwgZ2xp
YmMgMi4yNiwgZ2NjIDcuMiwgYW5kIG11Y2ggbW9yZS4KClVidW50dSBEZXNrdG9wIGhhcyBoYWQg
YSBtYWpvciBvdmVyaGF1bCwgd2l0aCB0aGUgc3dpdGNoIGZyb20gVW5pdHkgYXMKb3VyIGRlZmF1
bHQgZGVza3RvcCB0byBHTk9NRTMgYW5kIGdub21lLXNoZWxsLiAgQWxvbmcgd2l0aCB0aGF0LCB0
aGVyZQphcmUgdGhlIHVzdWFsIGluY3JlbWVudGFsIGltcHJvdmVtZW50cywgd2l0aCBuZXdlciB2
ZXJzaW9ucyBvZiBHVEsgYW5kClF0LCBhbmQgdXBkYXRlcyB0byBtYWpvciBwYWNrYWdlcyBsaWtl
IEZpcmVmb3ggYW5kIExpYnJlT2ZmaWNlLgoKVWJ1bnR1IFNlcnZlciAxNy4xMCBpbmNsdWRlcyB0
aGUgUGlrZSByZWxlYXNlIG9mIE9wZW5TdGFjaywgYWxvbmdzaWRlCmRlcGxveW1lbnQgYW5kIG1h
bmFnZW1lbnQgdG9vbHMgdGhhdCBzYXZlIGRldm9wcyB0ZWFtcyB0aW1lIHdoZW4KZGVwbG95aW5n
IGRpc3RyaWJ1dGVkIGFwcGxpY2F0aW9ucyAtIHdoZXRoZXIgb24gcHJpdmF0ZSBjbG91ZHMsIHB1
YmxpYwpjbG91ZHMsIHg4NiwgQVJNLCBvciBQT1dFUiBzZXJ2ZXJzLCB6IFN5c3RlbSBtYWluZnJh
bWVzLCBvciBvbiBkZXZlbG9wZXIKbGFwdG9wcy4gIFNldmVyYWwga2V5IHNlcnZlciB0ZWNobm9s
b2dpZXMsIGZyb20gTUFBUyB0byBqdWp1LCBoYXZlIGJlZW4KdXBkYXRlZCB0byBuZXcgdXBzdHJl
YW0gdmVyc2lvbnMgd2l0aCBhIHZhcmlldHkgb2YgbmV3IGZlYXR1cmVzLgoKVGhlIG5ld2VzdCBL
dWJ1bnR1LCBMdWJ1bnR1LCBVYnVudHUgQnVkZ2llLCBVYnVudHUgS3lsaW4sIFVidW50dSBNQVRF
LApVYnVudHUgU3R1ZGlvLCBhbmQgWHVidW50dSBhcmUgYWxzbyBiZWluZyByZWxlYXNlZCB0b2Rh
eS4gIE1vcmUgZGV0YWlscwpjYW4gYmUgZm91bmQgZm9yIHRoZXNlIGF0IHRoZWlyIGluZGl2aWR1
YWwgcmVsZWFzZSBub3RlczoKCiAgIGh0dHBzOi8vd2lraS51YnVudHUuY29tL0FydGZ1bEFhcmR2
YXJrL1JlbGVhc2VOb3RlcyNPZmZpY2lhbF9mbGF2b3VycwoKTWFpbnRlbmFuY2UgdXBkYXRlcyB3
aWxsIGJlIHByb3ZpZGVkIGZvciA5IG1vbnRocyBmb3IgYWxsIGZsYXZvdXJzCnJlbGVhc2luZyB3
aXRoIDE3LjEwLgoKVG8gZ2V0IFVidW50dSAxNy4xMAotLS0tLS0tLS0tLS0tLS0tLS0tCgpJbiBv
cmRlciB0byBkb3dubG9hZCBVYnVudHUgMTcuMTAsIHZpc2l0OgoKICAgaHR0cDovL3d3dy51YnVu
dHUuY29tL2Rvd25sb2FkCgpVc2VycyBvZiBVYnVudHUgMTcuMDQgd2lsbCBiZSBvZmZlcmVkIGFu
IGF1dG9tYXRpYyB1cGdyYWRlIHRvIDE3LjEwLiBGb3IKZnVydGhlciBpbmZvcm1hdGlvbiBhYm91
dCB1cGdyYWRpbmcsIHNlZToKCiAgIGh0dHA6Ly93d3cudWJ1bnR1LmNvbS9kb3dubG9hZC9kZXNr
dG9wL3VwZ3JhZGUKCkFzIGFsd2F5cywgdXBncmFkZXMgdG8gdGhlIGxhdGVzdCB2ZXJzaW9uIG9m
IFVidW50dSBhcmUgZW50aXJlbHkgZnJlZSAKb2YgY2hhcmdlLgoKV2UgcmVjb21tZW5kIHRoYXQg
YWxsIHVzZXJzIHJlYWQgdGhlIHJlbGVhc2Ugbm90ZXMsIHdoaWNoIGRvY3VtZW50CmNhdmVhdHMs
IHdvcmthcm91bmRzIGZvciBrbm93biBpc3N1ZXMsIGFzIHdlbGwgYXMgbW9yZSBpbi1kZXB0aCBu
b3RlcyAKb24gdGhlIHJlbGVhc2UgaXRzZWxmLiBUaGV5IGFyZSBhdmFpbGFibGUgYXQ6CgogICBo
dHRwOi8vd2lraS51YnVudHUuY29tL0FydGZ1bEFhcmR2YXJrL1JlbGVhc2VOb3RlcwoKRmluZCBv
dXQgd2hhdCdzIG5ldyBpbiB0aGlzIHJlbGVhc2Ugd2l0aCBhIGdyYXBoaWNhbCBvdmVydmlldzoK
CiAgIGh0dHA6Ly93d3cudWJ1bnR1LmNvbS9kZXNrdG9wCiAgIGh0dHA6Ly93d3cudWJ1bnR1LmNv
bS9kZXNrdG9wL2ZlYXR1cmVzCgpJZiB5b3UgaGF2ZSBhIHF1ZXN0aW9uLCBvciBpZiB5b3UgdGhp
bmsgeW91IG1heSBoYXZlIGZvdW5kIGEgYnVnCmJ1dCBhcmVuJ3Qgc3VyZSwgeW91IGNhbiB0cnkg
YXNraW5nIGluIGFueSBvZiB0aGUgZm9sbG93aW5nIHBsYWNlczoKCiAgICN1YnVudHUgb24gaXJj
LmZyZWVub2RlLm5ldAogICBodHRwOi8vbGlzdHMudWJ1bnR1LmNvbS9tYWlsbWFuL2xpc3RpbmZv
L3VidW50dS11c2VycwogICBodHRwOi8vd3d3LnVidW50dWZvcnVtcy5vcmcKICAgaHR0cDovL2Fz
a3VidW50dS5jb20KCgpIZWxwIFNoYXBlIFVidW50dQotLS0tLS0tLS0tLS0tLS0tLQoKSWYgeW91
IHdvdWxkIGxpa2UgdG8gaGVscCBzaGFwZSBVYnVudHUsIHRha2UgYSBsb29rIGF0IHRoZSBsaXN0
Cm9mIHdheXMgeW91IGNhbiBwYXJ0aWNpcGF0ZSBhdDoKCiAgIGh0dHA6Ly9jb21tdW5pdHkudWJ1
bnR1LmNvbS9jb250cmlidXRlCgoKQWJvdXQgVWJ1bnR1Ci0tLS0tLS0tLS0tLQoKVWJ1bnR1IGlz
IGEgZnVsbC1mZWF0dXJlZCBMaW51eCBkaXN0cmlidXRpb24gZm9yIGRlc2t0b3BzLCBsYXB0b3Bz
LApuZXRib29rcyBhbmQgc2VydmVycywgd2l0aCBhIGZhc3QgYW5kIGVhc3kgaW5zdGFsbGF0aW9u
IGFuZCByZWd1bGFyCnJlbGVhc2VzLiBBIHRpZ2h0bHktaW50ZWdyYXRlZCBzZWxlY3Rpb24gb2Yg
ZXhjZWxsZW50IGFwcGxpY2F0aW9ucwppcyBpbmNsdWRlZCwgYW5kIGFuIGluY3JlZGlibGUgdmFy
aWV0eSBvZiBhZGQtb24gc29mdHdhcmUgaXMganVzdCBhCmZldyBjbGlja3MgYXdheS4KClByb2Zl
c3Npb25hbCBzZXJ2aWNlcyBpbmNsdWRpbmcgc3VwcG9ydCBhcmUgYXZhaWxhYmxlIGZyb20gQ2Fu
b25pY2FsCmFuZCBodW5kcmVkcyBvZiBvdGhlciBjb21wYW5pZXMgYXJvdW5kIHRoZSB3b3JsZC4g
IEZvciBtb3JlIGluZm9ybWF0aW9uCmFib3V0IHN1cHBvcnQsIHZpc2l0OgoKICAgaHR0cDovL3d3
dy51YnVudHUuY29tL3N1cHBvcnQKCgpNb3JlIEluZm9ybWF0aW9uCi0tLS0tLS0tLS0tLS0tLS0K
CllvdSBjYW4gbGVhcm4gbW9yZSBhYm91dCBVYnVudHUgYW5kIGFib3V0IHRoaXMgcmVsZWFzZSBv
biBvdXIKd2Vic2l0ZSBsaXN0ZWQgYmVsb3c6CgogICBodHRwOi8vd3d3LnVidW50dS5jb20KClRv
IHNpZ24gdXAgZm9yIGZ1dHVyZSBVYnVudHUgYW5ub3VuY2VtZW50cywgcGxlYXNlIHN1YnNjcmli
ZSB0bwpVYnVudHUncyB2ZXJ5IGxvdyB2b2x1bWUgYW5ub3VuY2VtZW50IGxpc3QgYXQ6CgogICBo
dHRwOi8vbGlzdHMudWJ1bnR1LmNvbS9tYWlsbWFuL2xpc3RpbmZvL3VidW50dS1hbm5vdW5jZQoK
Ck9uIGJlaGFsZiBvZiB0aGUgVWJ1bnR1IFJlbGVhc2UgVGVhbSwKCkFkYW0gQ29ucmFkCgotLSAK
dWJ1bnR1LWFubm91bmNlIG1haWxpbmcgbGlzdAp1YnVudHUtYW5ub3VuY2VAbGlzdHMudWJ1bnR1
LmNvbQpNb2RpZnkgc2V0dGluZ3Mgb3IgdW5zdWJzY3JpYmUgYXQ6IGh0dHBzOi8vbGlzdHMudWJ1
bnR1LmNvbS9tYWlsbWFuL2xpc3RpbmZvL3VidW50dS1hbm5vdW5jZQo=

FreeBSD Security Advisory FreeBSD-SA-17:07.wpa [REVISED]

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-17:07.wpa Security Advisory
The FreeBSD Project

Topic: WPA2 protocol vulnerability

Category: contrib
Module: wpa
Announced: 2017-10-16
Credits: Mathy Vanhoef
Affects: All supported versions of FreeBSD.
Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)
2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)
2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)
2017-10-19 03:18:22 UTC (stable/10, 10.4-STABLE)
2017-10-19 03:20:17 UTC (releng/10.4, 10.4-RELEASE-p1)
2017-10-19 03:19:42 UTC (releng/10.3, 10.3-RELEASE-p22)
CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit .

0. Revision history

v1.0 2017-10-17 Initial release.
v1.1 2017-10-19 Add patches for 10.x releases.

I. Background

Wi-Fi Protected Access II (WPA2) is a security protocol developed by the
Wi-Fi Alliance to secure wireless computer networks.

hostapd and wpa_supplicant are implementations of user space daemon for
access points and wireless client that implements the WPA2 protocol.

II. Problem Description

A vulnerability was found in how a number of implementations can be
triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by
replaying a specific frame that is used to manage the keys.

III. Impact

Such reinstallation of the encryption key can result in two different
types of vulnerabilities: disabling replay protection and significantly
reducing the security of encryption to the point of allowing frames to
be decrypted or some parts of the keys to be determined by an attacker
depending on which cipher is used.

IV. Workaround

An updated version of wpa_supplicant is available in the FreeBSD Ports
Collection. Install version 2.6_2 or later of the
security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf
to use the new binary:

wpa_supplicant_program=”/usr/local/sbin/wpa_supplicant”

and restart networking.

An updated version of hostapd is available in the FreeBSD Ports
Collection. Install version 2.6_1 or later of the net/hostapd port/pkg.
Once installed, update /etc/rc.conf to use the new binary:

hostapd_program=”/usr/local/sbin/hostapd”

and restart hostapd.

V. Solution

Perform one of the following:

1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

Restart the Wi-Fi network interfaces/hostapd or reboot the system.

2) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

Restart the Wi-Fi network interfaces/hostapd or reboot the system.

3) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
# gpg –verify wpa-11.patch.asc

[FreeBSD 10.3-RELEASE, 10.4-RELEASE, and 10-STABLE]
# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch
# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-10.patch.asc
# gpg –verify wpa-10.patch.asc

b) Apply the patch. Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in .

Restart the applicable daemons, or reboot the system.

VI. Correction details

The following list contains the correction revision numbers for each
affected branch.

Branch/path Revision
– ————————————————————————-
stable/11/ r324697
releng/11.0/ r324698
releng/11.1/ r324699
stable/10/ r324739
releng/10.3/ r324740
releng/10.4/ r324741
– ————————————————————————-

To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:

# svn diff -cNNNNNN –summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

VII. References

The latest revision of this advisory is available at

—–BEGIN PGP SIGNATURE—–

iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnoGpNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
auc7WBAAm27w+fujv5sJsRxauUMopTVtRh5utwbDuoHTP+L+RCWmQfVBmueNQ0gf
uJzMNxBIkbtY9LvyukpRsH3iD7mh26c0pd9rxxkkr4F96C9B5+W0amxJF1gdm54/
F/50FpY+lo7cNs5tiBjypPrg8UOBBI/1G4XR7130XC0HjaTwt1ngZ0oQUWUMSsIp
gN5ZfPul81WPWd1NqF+vyObcJhwq/Y1uoexoO27o7GQCFZoL3enZy8c4f1xqMlVM
4HHkTgNGac6E0aW+ArH4J0DFFAOJXPqF8rdt+9XINfoBbtliIyOixJ4oh1n6eAR0
VpBWZKFNyXSlUKIvDGa+LDhxgL1jJXV0ABSyKlUOijdmr3bbbiQE9MW/MNv2AFTd
OAFQ0QQtm9KCWp5JLh+FPIb/kR2l7MOUP+yz4zFcJpdGtl9tDLyPN8vRTq60bY8O
y7tBcf/SMqkd/AIFdchL4zrOguKnRARydIlwTarp8wtAQI3MKSsa1B0wgsDtlL6K
xfdjnwWMKvKKlNOW16e1WXXO0n/ucHV4njBE+bGPro3jLgXP2/WFZpIGAR3I4xrr
SdD4AxSNiR9f3bL7LRfMIbugJAylWNSlTLWUOVUv0/ONh85LqbcCj13NI230B64K
ETx2QOZgKnCs2oDNiw4aQHb7kvi2w94Iw/R1sAPkkxYJWO3reyE=
=h/5q
—–END PGP SIGNATURE—–
_______________________________________________
freebsd-security-notifications@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications
To unsubscribe, send any mail to “freebsd-security-notifications-unsubscribe@freebsd.org”

FreeBSD Security Advisory FreeBSD-SA-17:07.wpa

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

=============================================================================
FreeBSD-SA-17:07.wpa Security Advisory
The FreeBSD Project

Topic: WPA2 protocol vulnerability

Category: contrib
Module: wpa
Announced: 2017-10-16
Credits: Mathy Vanhoef
Affects: All supported versions of FreeBSD.
Corrected: 2017-10-17 17:30:18 UTC (stable/11, 11.1-STABLE)
2017-10-17 17:57:18 UTC (releng/11.1, 11.1-RELEASE-p2)
2017-10-17 17:56:03 UTC (releng/11.0, 11.0-RELEASE-p13)
CVE Name: CVE-2017-13077, CVE-2017-13078, CVE-2017-13079,
CVE-2017-13080, CVE-2017-13081, CVE-2017-13082,
CVE-2017-13086, CVE-2017-13087, CVE-2017-13088

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit .

I. Background

Wi-Fi Protected Access II (WPA2) is a security protocol developed by the
Wi-Fi Alliance to secure wireless computer networks.

hostapd and wpa_supplicant are implementations of user space daemon for
access points and wireless client that implements the WPA2 protocol.

II. Problem Description

A vulnerability was found in how a number of implementations can be
triggered to reconfigure WPA/WPA2/RSN keys (TK, GTK, or IGTK) by
replaying a specific frame that is used to manage the keys.

III. Impact

Such reinstallation of the encryption key can result in two different
types of vulnerabilities: disabling replay protection and significantly
reducing the security of encryption to the point of allowing frames to
be decrypted or some parts of the keys to be determined by an attacker
depending on which cipher is used.

IV. Workaround

An updated version of wpa_supplicant is available in the FreeBSD Ports
Collection. Install version 2.6_2 or later of the
security/wpa_supplicant port/pkg. Once installed, update /etc/rc.conf
to use the new binary:

wpa_supplicant_program=”/usr/local/sbin/wpa_supplicant”

and restart networking.

An updated version of hostapd is available in the FreeBSD Ports
Collection. Install version 2.6_1 or later of the net/hostapd port/pkg.
Once installed, update /etc/rc.conf to use the new binary:

hostapd_program=”/usr/local/sbin/hostapd”

and restart hostapd.

V. Solution

Patches are currently available for stable/11, releng/11.0, and
releng/11.1. Patches for stable/10, releng/10.3, and releng/10.4 are
still being evaluated.

Perform one of the following:

1) Upgrade your vulnerable system to a supported FreeBSD stable or
release / security branch (releng) dated after the correction date.

Restart the Wi-Fi network interfaces/hostapd or reboot the system.

2) To update your vulnerable system via a binary patch:

Systems running a RELEASE version of FreeBSD on the i386 or amd64
platforms can be updated via the freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install

Restart the Wi-Fi network interfaces/hostapd or reboot the system.

3) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

[FreeBSD 11.0-RELEASE, 11.1-RELEASE, and 11-STABLE]
# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch
# fetch https://security.FreeBSD.org/patches/SA-17:07/wpa-11.patch.asc
# gpg –verify wpa-11.patch.asc

b) Apply the patch. Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in .

Restart the applicable daemons, or reboot the system.

VI. Correction details

The following list contains the correction revision numbers for each
affected branch.

Branch/path Revision
– ————————————————————————-
stable/11/ r324697
releng/11.0/ r324698
releng/11.1/ r324699
– ————————————————————————-

To see which files were modified by a particular revision, run the
following command, replacing NNNNNN with the revision number, on a
machine with Subversion installed:

# svn diff -cNNNNNN –summarize svn://svn.freebsd.org/base

Or visit the following URL, replacing NNNNNN with the revision number:

VII. References

The latest revision of this advisory is available at

—–BEGIN PGP SIGNATURE—–

iQKTBAEBCgB9FiEEHPf/b631yp++G4yy7Wfs1l3PaucFAlnmRUZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDFD
RjdGRjZGQURGNUNBOUZCRTFCOENCMkVENjdFQ0Q2NURDRjZBRTcACgkQ7Wfs1l3P
aueKcxAAwObogcEZAgGioU4uZvk9kKIpmG/NwvUjcZ0viFhePowKnh6/UoFDd+13
NsjriznPNKbXPch2Gp3Zwgd/hff10vlvr69QOFXnI3/Y8b+thxkl1kCAxC0xkfEl
eQBzjllMrjtrSgfKtoWInxnZLIrghuJAg4Jvvz+uWd3VTggM0pQgLUuhR/a8lWHd
3HBj5//sOhmVW2OFYC5dskYAn6TqyHtlMP9AT32h6QEyEzJeNWMlToELxy6OK59j
MYaS0vclz7QT+4SATvcl8RCmxmYfyWxEtFhDmPNz4mfQ915AxTjGFv7KbjTZtunl
k3niR3O8F450xduw5Yj9Mz3YdZ4ZYmvHbDgQLsMNwAmtQvXSteXUUBVNVAg9PsjR
4kxlEFsStWh6CtJVKYUvKDThnHrWYLiVUh6o/FtRm5fx2ws/gcj7H9csr8mQ0pkO
zm9jVOgMe7pqI7gygOfb61Rjz6PnLgVQcnP2LoC9pB21O5Q/Q2rv9d6XN3mQ6CQ2
+mUEZ5M7TWyd6gFrP2Eu6srec1nT1NjVjzyyupgusiQve3xV0wacG0jwgy7+VXE8
Ls2a/SObVDZkvFhOYMrLVui33l7f/vgT0KImyO2fkaWjbDcEyVcm1f+A7K+hqwp8
2O/Eh+NVSG0GIbt9pro0BxsZhMb/V4WmWV+4WnLKPwCQZ9fimKA=
=aNWn
—–END PGP SIGNATURE—–
_______________________________________________
freebsd-security-notifications@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications
To unsubscribe, send any mail to “freebsd-security-notifications-unsubscribe@freebsd.org”

[CentOS-announce] Release for CentOS AltArch 7 (1708) on i386 Architecture

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
–===============0204176667952959124==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol=”application/pgp-signature”;
boundary=”dftXnUq7QNctbQsO6If48jdmQNcnLQuRm”

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
–dftXnUq7QNctbQsO6If48jdmQNcnLQuRm
Content-Type: multipart/mixed; boundary=”qk3WwAv817xgbl4FkfjW1SlbXAN8dcUHV”;
protected-headers=”v1″
From: Johnny Hughes
To: CentOS-Announce
Message-ID:
Subject: Release for CentOS AltArch 7 (1708) on i386 Architecture

–qk3WwAv817xgbl4FkfjW1SlbXAN8dcUHV
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US

This is the release announcement for the i386 (Intel 32-bit)
Architecture based on the source code released for CentOS-7 (1708).=C2=A0=
It
includes all packages that build on x86 32-bit processors.

The release notes for the normal CentOS-7 apply:

https://wiki.centos.org/Manuals/ReleaseNotes/CentOS7

with the following notes that are specific to i386:

https://wiki.centos.org/SpecialInterestGroup/AltArch/i386

If you already have a previous version of CentOS-7 i386 installed, just
running ‘yum update’ will get you the latest packages installed.

ISOs can be downloaded from:

http://mirror.centos.org/altarch/7/isos/i386/

Here are the SHA256SUMS for the ISOs:

CentOS-7-i386-DVD-1708.iso:
36df0a7d687e058ec11708ccace7981fe2faf1040d4efd796a4ffab67863eace

CentOS-7-i386-Everything-1708.iso
e118987646ca5e916a1cdc89e916ea64bd06e1c09564721a13ad90b0caffd4b2

CentOS-7-i386-LiveGNOME-1708.iso:
e97c5475e5a45539a213970d13231c3da85927c8d5f34f7fc187fd37cdfe72aa

CentOS-7-i386-LiveKDE-1708.iso:
7c2130993783c089453d6f55aea2431c9c7617be922e2b206bcef03580c521f7

CentOS-7-i386-Minimal-1708.iso:
8e73904c870f93ca3b553048a0092b1fc0ddebd2d8990e0f7b13a22d70eb725e

CentOS-7-i386-NetInstall-1708.iso:
5fd4075b841e8500826408ef95352ed1d2868b2ebe2cdcf66cd505a51a6c8484

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D

Bug reports and feedback about specific packages should be filed at
https://bugs.centos.org/ against the relevant package name, for project
CentOS Linux 7, in the same manner as you would for x86_64. However, do
mention the architecture as applicable.

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D

Johnny Hughes
Twitter:=C2=A0 @JohnnyCentOS
Freenode IRC:=C2=A0 hughesjr

–qk3WwAv817xgbl4FkfjW1SlbXAN8dcUHV–

–dftXnUq7QNctbQsO6If48jdmQNcnLQuRm
Content-Type: application/pgp-signature; name=”signature.asc”
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename=”signature.asc”

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.22 (GNU/Linux)

iEYEARECAAYFAlnf04wACgkQTKkMgmrBY7NUagCfQfNCR9JogC0VN6yi95NLqEkt
c00An3GU7NDC7bg7StxgHkwoYBMK77Ws
=jcD7
—–END PGP SIGNATURE—–

–dftXnUq7QNctbQsO6If48jdmQNcnLQuRm–

–===============0204176667952959124==
Content-Type: text/plain; charset=”us-ascii”
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

–===============0204176667952959124==–

[Dovecot-news] v2.2.33.1 released

https://dovecot.org/releases/2.2/dovecot-2.2.33.1.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.2.33.1.tar.gz.sig

Oops, one a bit too bad bug was left in the release, so fixing it here.

– dovecot-lda was logging to stderr instead of to the log file.

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

[Dovecot-news] Released Pigeonhole v0.4.21 for Dovecot v2.2.33.1.

Hello Dovecot users,

Here’s the definitive 0.4.21 release. There were no changes since the
release candidate.

Changelog v0.4.21:

* redirect action: Always set the X-Sieve-Redirected-From header to
sieve_user_email if configured. Before, it would use the envelope
recipient instead if available, which makes no sense if the primary
e-mail address is available.
+ vacation extension: Allow ignoring the envelope sender while composing
the “To:” header for the reply. Normally, the “To:” header is composed
from the address found in the “Sender”, “Resent-From” or “From”
headers that is equal to the envelope sender. If none is then found,
the bare envelope sender is used. This change adds a new setting
“sieve_vacation_to_header_ignore_envelope”. With this setting enabled,
the “To:” header is always composed from those headers in the source
message. The new setting thus allows ignoring the envelope, which is
useful e.g. when SRS is used.
+ vacation extension: Compose the “To:” header from the full sender
address found in the first “Sender:”, “From:” or “Resent-From:”
header. Before, it would create a “To:” header without a phrase part.
The new behavior is nicer, since the reply will be addressed to the
sender by name if possible.
– LDA Sieve plugin: Fixed sequential execution of LDAP-based scripts. A
missing LDAP-based script could cause the script sequence to exit
earlier.
– sieve-filter: Removed the (now) duplicate utf8 to mutf7 mailbox name
conversion. This caused problems with mailbox names containing UTF-8
characters. The Dovecot API was changed years ago, but apparently
sieve-filter was never updated.

The release is available as follows:

https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.21.tar.gz
https://pigeonhole.dovecot.org/releases/2.2/dovecot-2.2-pigeonhole-0.4.21.tar.gz.sig

Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
more information. Have fun testing this release and don’t hesitate to
notify me when there are any problems.

Regards,


Stephan Bosch
stephan@rename-it.nl

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

[Dovecot-news] v2.2.33 released

https://dovecot.org/releases/2.2/dovecot-2.2.33.tar.gz
https://dovecot.org/releases/2.2/dovecot-2.2.33.tar.gz.sig

We’re getting close to the last v2.2.x releases. Hopefully we’ll have the first v2.3 beta releases out soon.

* doveadm director commands wait for the changes to be visible in the
whole ring before they return. This is especially useful in testing.
* Environments listed in import_environment setting are now set or
preserved when executing standalone commands (e.g. doveadm)

+ doveadm proxy: Support proxying logs. Previously the logs were
visible only in the backend’s logs.
+ Added %{if}, see https://wiki2.dovecot.org/Variables#Conditionals
+ Added a new notify_status plugin, which can be used to update dict
with current status of a mailbox when it changes. See
https://wiki2.dovecot.org/Plugins/NotifyStatus
+ Mailbox list index can be disabled for a namespace by appending
“:LISTINDEX=” to location setting.
+ dsync/imapc: Added dsync_hashed_headers setting to specify which
headers are used to match emails.
+ pop3-migration: Add pop3_migration_ignore_extra_uidls=yes to ignore
mails that are visible in POP3 but not IMAP. This could happen if
new mails were delivered during the migration run.
+ pop3-migration: Further improvements to help with Zimbra
+ pop3-migration: Cache POP3 UIDLs in imapc’s dovecot.index.cache
if indexes are enabled. These are used to optimize incremental syncs.
+ cassandra, dict-sql: Use prepared statements if protocol version>3.
+ auth: Added %{ldap_dn} variable for passdb/userdb ldap
– acl: The “create” (k) permission in global acl-file was sometimes
ignored, allowing users to create mailboxes when they shouldn’t have.
– sdbox: Mails were always opened when expunging, unless
mail_attachment_fs was explicitly set to empty.
– lmtp/doveadm proxy: hostip passdb field was ignored, which caused
unnecessary DNS lookups if host field wasn’t an IP
– lmtp proxy: Fix crash when receiving unexpected reply in RCPT TO
– quota_clone: Update also when quota is unlimited (broken in v2.2.31)
– mbox, zlib: Fix assert-crash when accessing compressed mbox
– doveadm director kick -f parameter didn’t work
– doveadm director flush resulted flushing all hosts, if
wasn’t an IP address.
– director: Various fixes to handling backend/director changes at
abnormal times, especially while ring was unsynced. These could have
resulted in crashes, non-optimal behavior or ignoring some of the
changes.
– director: Use less CPU in imap-login processes when moving/kicking
many users.
– lmtp: Session IDs were duplicated/confusing with multiple RCPT TOs
when lmtp_rcpt_check_quota=yes
– doveadm sync -1 fails when local mailboxes exist that do not exist
remotely. This commonly happened when lazy_expunge mailbox was
autocreated when incremental sync expunged mails.
– pop3: rawlog_dir setting didn’t work

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

[Dovecot-news] Released Pigeonhole v0.4.21.rc1 for Dovecot v2.2.33.rc1.

Hello Dovecot users,

Here is the Pigeonhole hole release candidate that goes with the Dovecot
release candidate. Nothing really special going on, just a few changes
and fixes that accumulated over the last few months.

Changelog v0.4.21:

* redirect action: Always set the X-Sieve-Redirected-From header to
sieve_user_email if configured. Before, it would use the envelope
recipient instead if available, which makes no sense if the primary
e-mail address is available.
+ vacation extension: Allow ignoring the envelope sender while composing
the “To:” header for the reply. Normally, the “To:” header is composed
from the address found in the “Sender”, “Resent-From” or “From”
headers that is equal to the envelope sender. If none is then found,
the bare envelope sender is used. This change adds a new setting
“sieve_vacation_to_header_ignore_envelope”. With this setting enabled,
the “To:” header is always composed from those headers in the source
message. The new setting thus allows ignoring the envelope, which is
useful e.g. when SRS is used.
+ vacation extension: Compose the “To:” header from the full sender
address found in the first “Sender:”, “From:” or “Resent-From:”
header. Before, it would create a “To:” header without a phrase part.
The new behavior is nicer, since the reply will be addressed to the
sender by name if possible.
– LDA Sieve plugin: Fixed sequential execution of LDAP-based scripts. A
missing LDAP-based script could cause the script sequence to exit
earlier.
– sieve-filter: Removed the (now) duplicate utf8 to mutf7 mailbox name
conversion. This caused problems with mailbox names containing UTF-8
characters. The Dovecot API was changed years ago, but apparently
sieve-filter was never updated.

The release is available as follows:

http://pigeonhole.dovecot.org/releases/2.2/rc/dovecot-2.2-pigeonhole-0.4.21.rc1.tar.gz
http://pigeonhole.dovecot.org/releases/2.2/rc/dovecot-2.2-pigeonhole-0.4.21.rc1.tar.gz.sig

Refer to http://pigeonhole.dovecot.org and the Dovecot v2.x wiki for
more information. Have fun testing this release candidate and don’t
hesitate to notify me when there are any problems.

Regards,


Stephan Bosch
stephan@rename-it.nl

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

[Dovecot-news] v2.2.33 release candidate released

https://dovecot.org/releases/2.2/rc/dovecot-2.2.33.rc1.tar.gz
https://dovecot.org/releases/2.2/rc/dovecot-2.2.33.rc1.tar.gz.sig

There are a couple more small changes still coming, but this should be very close to the final release. I’m especially interested in hearing if there are any problems with doveadm log proxying or with director. We’ve improved our automated director tests quite a lot now, and fixed some rarely occurring bugs.

* doveadm director commands wait for the changes to be visible in the
whole ring before they return. This is especially useful in testing.
* Environments listed in import_environment setting are now set or
preserved when executing standalone commands (e.g. doveadm)

+ doveadm proxy: Support proxying logs. Previously the logs were
visible only in the backend’s logs.
+ Added %{if}, see https://wiki2.dovecot.org/Variables#Conditionals
+ Added a new notify_status plugin, which can be used to update dict
with current status of a mailbox when it changes. See
https://wiki2.dovecot.org/Plugins/NotifyStatus
+ Mailbox list index can be disabled for a namespace by appending
“:LISTINDEX=” to location setting.
+ dsync/imapc: Added dsync_hashed_headers setting to specify which
headers are used to match emails.
+ pop3-migration: Add pop3_migration_ignore_extra_uidls=yes to ignore
mails that are visible in POP3 but not IMAP. This could happen if
new mails were delivered during the migration run.
+ pop3-migration: Further improvements to help with Zimbra
+ pop3-migration: Cache POP3 UIDLs in imapc’s dovecot.index.cache
if indexes are enabled. These are used to optimize incremental syncs.
+ cassandra, dict-sql: Use prepared statements if protocol version>3.
– sdbox: Mails were always opened when expunging, unless
mail_attachment_fs was explicitly set to empty.
– lmtp/doveadm proxy: hostip passdb field was ignored, which caused
unnecessary DNS lookups if host field wasn’t an IP
– lmtp proxy: Fix crash when receiving unexpected reply in RCPT TO
– quota_clone: Update also when quota is unlimited (broken in v2.2.31)
– mbox, zlib: Fix assert-crash when accessing compressed mbox
– doveadm director kick -f parameter didn’t work
– doveadm director flush resulted flushing all hosts, if
wasn’t an IP address.
– director: Various fixes to handling backend/director changes at
abnormal times, especially while ring was unsynced. These could have
resulted in crashes, non-optimal behavior or ignoring some of the
changes.
– director: Use less CPU in imap-login processes when moving/kicking
many users.
– lmtp: Session IDs were duplicated/confusing with multiple RCPT TOs
when lmtp_rcpt_check_quota=yes
– doveadm sync -1 fails when local mailboxes exist that do not exist
remotely. This commonly happened when lazy_expunge mailbox was
autocreated when incremental sync expunged mails.

_______________________________________________
Dovecot-news mailing list
Dovecot-news@dovecot.org
https://dovecot.org/mailman/listinfo/dovecot-news

Ubuntu 17.10 (Artful Aardvark) Final Beta released

VGhlIFVidW50dSB0ZWFtIGlzIHBsZWFzZWQgdG8gYW5ub3VuY2UgdGhlIGZpbmFsIGJldGEgcmVs
ZWFzZSBvZiB0aGUKVWJ1bnR1IDE3LjEwIERlc2t0b3AsIFNlcnZlciwgYW5kIENsb3VkIHByb2R1
Y3RzLgoKQ29kZW5hbWVkICJBcnRmdWwgQWFyZHZhcmsiLCAxNy4xMCBjb250aW51ZXMgVWJ1bnR1
J3MgcHJvdWQgdHJhZGl0aW9uCm9mIGludGVncmF0aW5nIHRoZSBsYXRlc3QgYW5kIGdyZWF0ZXN0
IG9wZW4gc291cmNlIHRlY2hub2xvZ2llcyBpbnRvIGEKaGlnaC1xdWFsaXR5LCBlYXN5LXRvLXVz
ZSBMaW51eCBkaXN0cmlidXRpb24uICBUaGUgdGVhbSBoYXMgYmVlbiBoYXJkCmF0IHdvcmsgdGhy
b3VnaCB0aGlzIGN5Y2xlLCBpbnRyb2R1Y2luZyBuZXcgZmVhdHVyZXMgYW5kIGZpeGluZyBidWdz
LgoKVGhpcyBiZXRhIHJlbGVhc2UgaW5jbHVkZXMgaW1hZ2VzIGZyb20gbm90IG9ubHkgdGhlIFVi
dW50dSBEZXNrdG9wLApTZXJ2ZXIsIGFuZCBDbG91ZCBwcm9kdWN0cywgYnV0IGFsc28gdGhlIEt1
YnVudHUsIEx1YnVudHUsIFVidW50dQpCdWRnaWUsIFVidW50dUt5bGluLCBVYnVudHUgTUFURSwg
VWJ1bnR1IFN0dWRpbywgYW5kIFh1YnVudHUgZmxhdm91cnMuCgpUaGUgYmV0YSBpbWFnZXMgYXJl
IGtub3duIHRvIGJlIHJlYXNvbmFibHkgZnJlZSBvZiBzaG93c3RvcHBlciBDRApidWlsZCBvciBp
bnN0YWxsZXIgYnVncywgd2hpbGUgcmVwcmVzZW50aW5nIGEgdmVyeSByZWNlbnQgc25hcHNob3Qg
b2YKMTcuMTAgdGhhdCBzaG91bGQgYmUgcmVwcmVzZW50YXRpdmUgb2YgdGhlIGZlYXR1cmVzIGlu
dGVuZGVkIHRvIHNoaXAKd2l0aCB0aGUgZmluYWwgcmVsZWFzZSBleHBlY3RlZCBvbiBPY3RvYmVy
IDE5dGgsIDIwMTcuICBXaXRoIHRoYXQKYmVpbmcgc2FpZCwgcmVtZW1iZXIgd2UgYXJlIHN0aWxs
IGluIGFjdGl2ZSBkZXZlbG9wbWVudCBzbyBiZSBzdXJlIHRvCmZhbWlsaWFyaXplIHdpdGggdGhl
IGN1cnJlbnRseSBrbm93biBpc3N1ZXMgYXMgbGlzdGVkIG9uIHRoZSBvZmZpY2lhbApyZWxlYXNl
IG5vdGVzIHBhZ2UuCgpVYnVudHUsIFVidW50dSBTZXJ2ZXIsIENsb3VkIEltYWdlczoKICBBcnRm
dWwgRmluYWwgQmV0YSBpbmNsdWRlcyB1cGRhdGVkIHZlcnNpb25zIG9mIG1vc3Qgb2Ygb3VyIGNv
cmUgc2V0CiAgb2YgcGFja2FnZXMsIGluY2x1ZGluZyBhIGN1cnJlbnQgNC4xMyBrZXJuZWwsIGFu
ZCBtdWNoIG1vcmUuCgogIFRvIHVwZ3JhZGUgdG8gVWJ1bnR1IDE3LjEwIEZpbmFsIEJldGEgZnJv
bSBVYnVudHUgMTcuMDQsIGZvbGxvdyB0aGVzZQogIGluc3RydWN0aW9uczoKCiAgaHR0cHM6Ly9o
ZWxwLnVidW50dS5jb20vY29tbXVuaXR5L0FydGZ1bFVwZ3JhZGVzCgogIFRoZSBVYnVudHUgMTcu
MTAgRmluYWwgQmV0YSBpbWFnZXMgY2FuIGJlIGRvd25sb2FkZWQgYXQ6CgogIGh0dHA6Ly9yZWxl
YXNlcy51YnVudHUuY29tLzE3LjEwLyAoVWJ1bnR1IGFuZCBVYnVudHUgU2VydmVyIG9uIHg4NikK
CiAgQWRkaXRpb25hbCBpbWFnZXMgY2FuIGJlIGZvdW5kIGF0IHRoZSBmb2xsb3dpbmcgbGlua3M6
CgogIGh0dHA6Ly9jbG91ZC1pbWFnZXMudWJ1bnR1LmNvbS9kYWlseS9zZXJ2ZXIvYXJ0ZnVsL2N1
cnJlbnQvIChDbG91ZCBJbWFnZXMpCiAgaHR0cDovL2NkaW1hZ2UudWJ1bnR1LmNvbS9yZWxlYXNl
cy8xNy4xMC9iZXRhLTIvIChOb24teDg2IFNlcnZlcikKICBodHRwOi8vY2RpbWFnZS51YnVudHUu
Y29tL25ldGJvb3QvMTcuMTAvIChOZXRib290KQoKICBBcyBmaXhlcyB3aWxsIGJlIGluY2x1ZGVk
IGluIG5ldyBpbWFnZXMgYmV0d2VlbiBub3cgYW5kIHJlbGVhc2UsIGFueQogIGRhaWx5IGNsb3Vk
IGltYWdlIGZyb20gdG9kYXkgb3IgbGF0ZXIgKGkuZS4gYSBzZXJpYWwgb2YgMjAxNzA5MjYgb3IK
ICBoaWdoZXIpIHNob3VsZCBiZSBjb25zaWRlcmVkIGEgYmV0YSBpbWFnZS4gIEJ1Z3MgZm91bmQg
c2hvdWxkIGJlIGZpbGVkCiAgYWdhaW5zdCB0aGUgYXBwcm9wcmlhdGUgcGFja2FnZXMgb3IsIGZh
aWxpbmcgdGhhdCwgdGhlIGNsb3VkLWltYWdlcwogIHByb2plY3QgaW4gTGF1bmNocGFkLgoKICBU
aGUgZnVsbCByZWxlYXNlIG5vdGVzIGZvciBVYnVudHUgMTcuMTAgRmluYWwgQmV0YSBjYW4gYmUg
Zm91bmQgYXQ6CgogIGh0dHBzOi8vd2lraS51YnVudHUuY29tL0FydGZ1bEFhcmR2YXJrL1JlbGVh
c2VOb3RlcwoKS3VidW50dToKICBLdWJ1bnR1IGlzIHRoZSBLREUgYmFzZWQgZmxhdm91ciBvZiBV
YnVudHUuIEl0IHVzZXMgdGhlIFBsYXNtYSBkZXNrdG9wCiAgYW5kIGluY2x1ZGVzIGEgd2lkZSBz
ZWxlY3Rpb24gb2YgdG9vbHMgZnJvbSB0aGUgS0RFIHByb2plY3QuCgogIFRoZSBGaW5hbCBCZXRh
IGltYWdlcyBjYW4gYmUgZG93bmxvYWRlZCBhdDoKICBodHRwOi8vY2RpbWFnZS51YnVudHUuY29t
L2t1YnVudHUvcmVsZWFzZXMvMTcuMTAvYmV0YS0yLwoKICBNb3JlIGluZm9ybWF0aW9uIG9uIEt1
YnVudHUgRmluYWwgQmV0YSBjYW4gYmUgZm91bmQgaGVyZToKICBodHRwczovL3dpa2kudWJ1bnR1
LmNvbS9BcnRmdWxBYXJkdmFyay9CZXRhMi9LdWJ1bnR1CgpMdWJ1bnR1OgogIEx1YnVudHUgaXMg
YSBmbGF2b3Igb2YgVWJ1bnR1IHRoYXQgdGFyZ2V0cyB0byBiZSBsaWdodGVyLCBsZXNzCiAgcmVz
b3VyY2UgaHVuZ3J5IGFuZCBtb3JlIGVuZXJneS1lZmZpY2llbnQgYnkgdXNpbmcgbGlnaHR3ZWln
aHQKICBhcHBsaWNhdGlvbnMgYW5kIExYREUsIFRoZSBMaWdodHdlaWdodCBYMTEgRGVza3RvcCBF
bnZpcm9ubWVudCwKICBhcyBpdHMgZGVmYXVsdCBHVUkuCgogIFRoZSBGaW5hbCBCZXRhIGltYWdl
cyBjYW4gYmUgZG93bmxvYWRlZCBhdDoKICBodHRwOi8vY2RpbWFnZS51YnVudHUuY29tL2x1YnVu
dHUvcmVsZWFzZXMvMTcuMTAvYmV0YS0yLwoKICBNb3JlIGluZm9ybWF0aW9uIG9uIEx1YnVudHUg
RmluYWwgQmV0YSBjYW4gYmUgZm91bmQgaGVyZToKICBodHRwczovL3dpa2kudWJ1bnR1LmNvbS9B
cnRmdWxBYXJkdmFyay9CZXRhMi9MdWJ1bnR1CgogIEFsc28gaW4gdGhpcyBtaWxlc3RvbmUgaXMg
THVidW50dSBOZXh0LCBhbiBleHBlcmltZW50YWwgZmxhdm9yIG9mCiAgVWJ1bnR1IGJhc2VkIG9u
IExYUXQgYW5kIGZvY3VzZWQgb24gcHJvdmlkaW5nIGEgbW9kZXJuLCBsaWdodHdlaWdodCwKICBR
dC1iYXNlZCBkaXN0cmlidXRpb24uCgogIFRoZSBMdWJ1bnR1IE5leHQgMTcuMTAgRmluYWwgQmV0
YSBpbWFnZXMgY2FuIGJlIGRvd25sb2FkZWQgZnJvbToKICBodHRwOi8vY2RpbWFnZS51YnVudHUu
Y29tL2x1YnVudHUtbmV4dC9yZWxlYXNlcy8xNy4xMC9iZXRhLTIvCgogIE1vcmUgaW5mb3JtYXRp
b24gYWJvdXQgTHVidW50dSBOZXh0IDE3LjEwIEFscGhhIDEgY2FuIGJlIGZvdW5kIGhlcmU6CiAg
aHR0cHM6Ly93aWtpLnVidW50dS5jb20vQXJ0ZnVsQWFyZHZhcmsvQmV0YTIvTHVidW50dU5leHQK
ClVidW50dSBCdWRnaWU6CiAgVWJ1bnR1IEJ1ZGdpZSBpcyBjb21tdW5pdHkgZGV2ZWxvcGVkIGRl
c2t0b3AsIGludGVncmF0aW5nIEJ1ZGdpZQogIERlc2t0b3AgRW52aXJvbm1lbnQgd2l0aCBVYnVu
dHUgYXQgaXRzIGNvcmUuCgogIFRoZSBGaW5hbCBCZXRhIGltYWdlcyBjYW4gYmUgZG93bmxvYWRl
ZCBhdDoKICBodHRwOi8vY2RpbWFnZS51YnVudHUuY29tL3VidW50dS1idWRnaWUvcmVsZWFzZXMv
MTcuMTAvYmV0YS0yLwoKICBNb3JlIGluZm9ybWF0aW9uIG9uIFVidW50dSBCdWRnaWUgRmluYWwg
QmV0YSBjYW4gYmUgZm91bmQgaGVyZToKICBodHRwczovL3VidW50dWJ1ZGdpZS5vcmcvYmxvZy8y
MDE3LzA5LzI1LzE3LTEwLXJlbGVhc2Utbm90ZXMKClVidW50dUt5bGluOgogIFVidW50dUt5bGlu
IGlzIGEgZmxhdm9yIG9mIFVidW50dSB0aGF0IGlzIG1vcmUgc3VpdGFibGUgZm9yIENoaW5lc2UK
ICB1c2Vycy4KCiAgVGhlIEZpbmFsIEJldGEgaW1hZ2VzIGNhbiBiZSBkb3dubG9hZGVkIGF0Ogog
IGh0dHA6Ly9jZGltYWdlLnVidW50dS5jb20vdWJ1bnR1a3lsaW4vcmVsZWFzZXMvMTcuMTAvYmV0
YS0yLwoKICBNb3JlIGluZm9ybWF0aW9uIG9uIFVidW50dUt5bGluIEZpbmFsIEJldGEgY2FuIGJl
IGZvdW5kIGhlcmU6CiAgaHR0cHM6Ly93aWtpLnVidW50dS5jb20vQXJ0ZnVsQWFyZHZhcmsvUmVs
ZWFzZU5vdGVzL1VidW50dUt5bGluCgpVYnVudHUgTUFURToKICBVYnVudHUgTUFURSBpcyBhIGZs
YXZvciBvZiBVYnVudHUgZmVhdHVyaW5nIHRoZSBNQVRFIGRlc2t0b3AKICBlbnZpcm9ubWVudC4K
CiAgVGhlIEZpbmFsIEJldGEgaW1hZ2VzIGNhbiBiZSBkb3dubG9hZGVkIGF0OgogIGh0dHA6Ly9j
ZGltYWdlLnVidW50dS5jb20vdWJ1bnR1LW1hdGUvcmVsZWFzZXMvMTcuMTAvYmV0YS0yLwoKICBN
b3JlIGluZm9ybWF0aW9uIG9uIFVidW50dU1BVEUgRmluYWwgQmV0YSBjYW4gYmUgZm91bmQgaGVy
ZToKICBodHRwczovL3VidW50dS1tYXRlLm9yZy9ibG9nL3VidW50dS1tYXRlLWFydGZ1bC1iZXRh
Mi8KClVidW50dSBTdHVkaW86CiAgVWJ1bnR1IFN0dWRpbyBpcyBhIGZsYXZvciBvZiBVYnVudHUg
dGhhdCBwcm92aWRlcyBhIGZ1bGwgcmFuZ2Ugb2YKICBtdWx0aW1lZGlhIGNvbnRlbnQgY3JlYXRp
b24gYXBwbGljYXRpb25zIGZvciBlYWNoIGtleSB3b3JrZmxvd3M6CiAgYXVkaW8sIGdyYXBoaWNz
LCB2aWRlbywgcGhvdG9ncmFwaHkgYW5kIHB1Ymxpc2hpbmcuCgogIFRoZSBGaW5hbCBCZXRhIGlt
YWdlcyBjYW4gYmUgZG93bmxvYWRlZCBhdDoKICBodHRwOi8vY2RpbWFnZS51YnVudHUuY29tL3Vi
dW50dXN0dWRpby9yZWxlYXNlcy8xNy4xMC9iZXRhLTIvCgogIE1vcmUgaW5mb3JtYXRpb24gYWJv
dXQgVWJ1bnR1IFN0dWRpbyBGaW5hbCBCZXRhIGNhbiBiZSBmb3VuZCBoZXJlOgogIGh0dHBzOi8v
d2lraS51YnVudHUuY29tL0FydGZ1bEFhcmR2YXJrL0JldGEyL1VidW50dVN0dWRpbwoKWHVidW50
dToKICBYdWJ1bnR1IGlzIGEgZmxhdm9yIG9mIFVidW50dSB0aGF0IGNvbWVzIHdpdGggWGZjZSwg
d2hpY2ggaXMgYSBzdGFibGUsCiAgbGlnaHQgYW5kIGNvbmZpZ3VyYWJsZSBkZXNrdG9wIGVudmly
b25tZW50LgoKICBUaGUgRmluYWwgQmV0YSBpbWFnZXMgY2FuIGJlIGRvd25sb2FkZWQgYXQ6CiAg
aHR0cDovL2NkaW1hZ2UudWJ1bnR1LmNvbS94dWJ1bnR1L3JlbGVhc2VzLzE3LjEwL2JldGEtMi8K
CiAgTW9yZSBpbm9ybWF0aW9uIGFib3V0IFh1YnVudHUgRmluYWwgQmV0YSBjYW4gYmUgZm91bmQg
aGVyZToKICBodHRwOi8vd2lraS54dWJ1bnR1Lm9yZy9yZWxlYXNlcy8xNy4xMC9yZWxlYXNlLW5v
dGVzCgpSZWd1bGFyIGRhaWx5IGltYWdlcyBmb3IgVWJ1bnR1LCBhbmQgYWxsIGZsYXZvdXJzLCBj
YW4gYmUgZm91bmQgYXQ6CiAgaHR0cDovL2NkaW1hZ2UudWJ1bnR1LmNvbQoKVWJ1bnR1IGlzIGEg
ZnVsbC1mZWF0dXJlZCBMaW51eCBkaXN0cmlidXRpb24gZm9yIGNsaWVudHMsIHNlcnZlcnMgYW5k
CmNsb3Vkcywgd2l0aCBhIGZhc3QgYW5kIGVhc3kgaW5zdGFsbGF0aW9uIGFuZCByZWd1bGFyIHJl
bGVhc2VzLiAgQQp0aWdodGx5LWludGVncmF0ZWQgc2VsZWN0aW9uIG9mIGV4Y2VsbGVudCBhcHBs
aWNhdGlvbnMgaXMgaW5jbHVkZWQsCmFuZCBhbiBpbmNyZWRpYmxlIHZhcmlldHkgb2YgYWRkLW9u
IHNvZnR3YXJlIGlzIGp1c3QgYSBmZXcgY2xpY2tzCmF3YXkuCgpQcm9mZXNzaW9uYWwgdGVjaG5p
Y2FsIHN1cHBvcnQgaXMgYXZhaWxhYmxlIGZyb20gQ2Fub25pY2FsIExpbWl0ZWQgYW5kCmh1bmRy
ZWRzIG9mIG90aGVyIGNvbXBhbmllcyBhcm91bmQgdGhlIHdvcmxkLiAgRm9yIG1vcmUgaW5mb3Jt
YXRpb24KYWJvdXQgc3VwcG9ydCwgdmlzaXQgaHR0cDovL3d3dy51YnVudHUuY29tL3N1cHBvcnQK
CklmIHlvdSB3b3VsZCBsaWtlIHRvIGhlbHAgc2hhcGUgVWJ1bnR1LCB0YWtlIGEgbG9vayBhdCB0
aGUgbGlzdCBvZgp3YXlzIHlvdSBjYW4gcGFydGljaXBhdGUgYXQ6Cmh0dHA6Ly93d3cudWJ1bnR1
LmNvbS9jb21tdW5pdHkvcGFydGljaXBhdGUKCllvdXIgY29tbWVudHMsIGJ1ZyByZXBvcnRzLCBw
YXRjaGVzIGFuZCBzdWdnZXN0aW9ucyByZWFsbHkgaGVscCB1cyB0bwppbXByb3ZlIHRoaXMgYW5k
IGZ1dHVyZSByZWxlYXNlcyBvZiBVYnVudHUuICAgSW5zdHJ1Y3Rpb25zIGNhbiBiZQpmb3VuZCBh
dDogaHR0cHM6Ly9oZWxwLnVidW50dS5jb20vY29tbXVuaXR5L1JlcG9ydGluZ0J1Z3MKCllvdSBj
YW4gZmluZCBvdXQgbW9yZSBhYm91dCBVYnVudHUgYW5kIGFib3V0IHRoaXMgYmV0YSByZWxlYXNl
IG9uIG91cgp3ZWJzaXRlLCBJUkMgY2hhbm5lbCBhbmQgd2lraS4KClRvIHNpZ24gdXAgZm9yIGZ1
dHVyZSBVYnVudHUgYW5ub3VuY2VtZW50cywgcGxlYXNlIHN1YnNjcmliZSB0bwpVYnVudHUncyB2
ZXJ5IGxvdyB2b2x1bWUgYW5ub3VuY2VtZW50IGxpc3QgYXQ6CgogIGh0dHA6Ly9saXN0cy51YnVu
dHUuY29tL21haWxtYW4vbGlzdGluZm8vdWJ1bnR1LWFubm91bmNlCgpPbiBiZWhhbGYgb2YgdGhl
IFVidW50dSBSZWxlYXNlIFRlYW0sCgotLSAKxYF1a2FzeiAnc2lsMjEwMCcgWmVtY3phawogRm91
bmRhdGlvbnMgVGVhbQogbHVrYXN6LnplbWN6YWtAY2Fub25pY2FsLmNvbQogd3d3LmNhbm9uaWNh
bC5jb20KCi0tIAp1YnVudHUtYW5ub3VuY2UgbWFpbGluZyBsaXN0CnVidW50dS1hbm5vdW5jZUBs
aXN0cy51YnVudHUuY29tCk1vZGlmeSBzZXR0aW5ncyBvciB1bnN1YnNjcmliZSBhdDogaHR0cHM6
Ly9saXN0cy51YnVudHUuY29tL21haWxtYW4vbGlzdGluZm8vdWJ1bnR1LWFubm91bmNlCg==

[CentOS-announce] New CentOS Atomic Host with OverlayFS Storage

The CentOS Atomic SIG has released an updated version
(https://wiki.centos.org/SpecialInterestGroup/Atomic/Download) of
CentOS Atomic Host (7.1708), a lean operating system designed to run
Docker containers, built from standard CentOS 7 RPMs, and tracking the
component versions included in Red Hat Enterprise Linux Atomic Host.

This release, which is based on the RHEL 7.4 source code
(https://seven.centos.org/2017/08/centos-linux-7-1708-based-on-rhel-7-4-source-code/),
includes an updated kernel that supports overlayfs container storage,
among other enhancements.

CentOS Atomic Host includes these core component versions:

* atomic-1.18.1-3.1.git0705b1b.el7.x86_64
* cloud-init-0.7.9-9.el7.centos.2.x86_64
* docker-1.12.6-48.git0fdc778.el7.centos.x86_64
* etcd-3.1.9-2.el7.x86_64
* flannel-0.7.1-2.el7.x86_64
* kernel-3.10.0-693.2.2.el7.x86_64
* kubernetes-node-1.5.2-0.7.git269f928.el7.x86_64
* ostree-2017.7-1.el7.x86_64
* rpm-ostree-client-2017.6-6.atomic.el7.x86_64

## OverlayFS Storage

In previous releases of CentOS Atomic Host, SELinux had to be in
permissive or disabled mode for OverlayFS storage to work. Now you can
run the OverlayFS file system with SELinux in enforcing mode. CentOS
Atomic Host still defaults to devicemapper storage, but you can switch
to OverlayFS using the following commands:

$ systemctl stop docker
$ atomic storage reset
# Reallocate space to the root VG – tweak how much to your liking
$ lvm lvextend -r -l +50%FREE atomicos/root
$ atomic storage modify –driver overlay2
$ systemctl start docker

For more information on storage management options, see the upstream
RHEL documentation
(https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux_atomic_host/7/html-single/managing_containers/#overlay_graph_driver).

## Containerized Master

CentOS Atomic Host ships without the kubernetes-master package built
into the image. For information on how to run these kubernetes
components as system containers, consult the CentOS wiki
(https://wiki.centos.org/SpecialInterestGroup/Atomic/Download).

If you prefer to run Kubernetes from installed rpms, you can layer the
master components onto your Atomic Host image using rpm-ostree package
layering with the command: atomic host install kubernetes-master -r.

## Download CentOS Atomic Host

CentOS Atomic Host is available as a VirtualBox or libvirt-formatted
Vagrant box, or as an installable ISO, qcow2 or Amazon Machine image.
For links to media, see the CentOS wiki
(https://wiki.centos.org/SpecialInterestGroup/Atomic/Download).

## Upgrading

If you’re running a previous version of CentOS Atomic Host, you can
upgrade to the current image by running the following command:

$ sudo atomic host upgrade

## Release Cycle

The CentOS Atomic Host image follows the upstream Red Hat Enterprise
Linux Atomic Host cadence. After sources are released, they’re rebuilt
and included in new images. After the images are tested by the SIG and
deemed ready, we announce them.

## Getting Involved

CentOS Atomic Host is produced by the CentOS Atomic SIG
(http://wiki.centos.org/SpecialInterestGroup/Atomic), based on
upstream work from Project Atomic (http://www.projectatomic.io/). If
you’d like to work on testing images, help with packaging,
documentation — join us!

The SIG meets every two weeks on Tuesday at 04:00 UTC in
#centos-devel, and on the alternating weeks, meets as part of the
Project Atomic community meeting at 16:00 UTC on Monday in the #atomic
channel. You’ll often find us in #atomic and/or #centos-devel if you
have questions. You can also join the atomic-devel
(https://lists.projectatomic.io/mailman/listinfo/atomic-devel) mailing
list if you’d like to discuss the direction of Project Atomic, its
components, or have other questions.

## Getting Help

If you run into any problems with the images or components, feel free
to ask on the centos-devel
(http://lists.centos.org/mailman/listinfo/centos-devel) mailing list.

Have questions about using Atomic? See the atomic
(https://lists.projectatomic.io/mailman/listinfo/atomic) mailing list
or find us in the #atomic channel on Freenode.
_______________________________________________
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

[Security-announce] Updated VMSA-2017-0015.2 – VMware ESXi, vCenter Server, Fusion & Workstation updates resolve multiple security vulnerabilities

–===============1845581788974842030==
Content-Language: en-US
Content-Type: multipart/alternative;
boundary=”_000_DM2PR0501MB100219690EEC4C905368F849B9600DM2PR0501MB1002_”

–_000_DM2PR0501MB100219690EEC4C905368F849B9600DM2PR0501MB1002_
Content-Type: text/plain; charset=”iso-8859-1″
Content-Transfer-Encoding: quoted-printable

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

– ———————————————————————–

VMware Security Advisory

Advisory ID: VMSA-2017-0015.2
Severity: Critical
Synopsis: VMware ESXi, vCenter Server, Fusion & Workstation updates
resolve multiple security vulnerabilities
Issue date: 2017-09-14
Updated on: 2017-09-18
CVE number: CVE-2017-4924, CVE-2017-4925, CVE-2017-4926

1. Summary

VMware ESXi, vCenter Server, Fusion and Workstation updates resolve
multiple security vulnerabilities.

2. Relevant Products

VMware ESXi (ESXi)
VMware vCenter Server
VMware Fusion Pro / Fusion (Fusion)
VMware Workstation Pro / Player (Workstation)

3. Problem Description

a. Out-of-bounds write vulnerability in SVGA

VMware ESXi, Workstation & Fusion contain an out-of-bounds write
vulnerability in SVGA device. This issue may allow a guest to
execute code on the host.

VMware would like to thank Nico Golde and Ralf-Philipp Weinmann of
Comsecuris UG (haftungsbeschraenkt) working with ZDI for reporting
this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the identifier CVE-2017-4924 to this issue.

Column 5 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/ Mitigation
Product Version on Severity Apply patch Workaround
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=
=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
ESXi 6.5 ESXi Critical ESXi650-201707101-SG None
ESXi 6.0 ESXi N/A Not affected N/A
ESXi 5.5 ESXi N/A Not affected N/A
Workstation 12.x Any Critical 12.5.7 None
Fusion 8.x OS X Critical 8.5.8 None

b. Guest RPC NULL pointer dereference vulnerability

VMware ESXi, Workstation & Fusion contain a NULL pointer dereference
vulnerability. This issue occurs when handling guest RPC requests.
Successful exploitation of this issue may allow attackers with
normal user privileges to crash their VMs.

VMware would like to thank Zhang Haitao for reporting this issue
to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the identifier CVE-2017-4925 to this issue.

Column 5 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/ Mitigation
Product Version on Severity Apply patch Workaround
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=
=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
ESXi 6.5 ESXi Moderate ESXi650-201707101-SG None
ESXi 6.0 ESXi Moderate ESXi600-201706101-SG None
ESXi 5.5 ESXi Moderate ESXi550-201709101-SG None
Workstation 12.x Any Moderate 12.5.3 None
Fusion 8.x OS X Moderate 8.5.4 None

c. Stored XSS in H5 Client

vCenter Server H5 Client contains a vulnerability that may allow for
stored cross-site scripting (XSS). An attacker with VC user
privileges can inject malicious java-scripts which will get executed
when other VC users access the page.

VMware would like to thank Thomas Ornetzeder for reporting this
issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the identifier CVE-2017-4926 to this issue.

Column 5 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.

VMware Product Running Replace with/ Mitigation
Product Version on Severity Apply patch Workaround
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=
=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
vCenter Server 6.5 Any Moderate 6.5 U1 None
vCenter Server 6.0 Any N/A Not affected N/A
vCenter Server 5.5 Any N/A Not affected N/A

4. Solution

Please review the patch/release notes for your product and
version and verify the checksum of your downloaded file.

ESXi 6.5
————-
Downloads:
https://www.vmware.com/patchmgr/findPatch.portal
Documentation:
http://kb.vmware.com/kb/2149933

ESXi 6.0
————-
Downloads:
https://www.vmware.com/patchmgr/findPatch.portal
Documentation:
http://kb.vmware.com/kb/2149960

ESXi 5.5
————
Downloads:
https://www.vmware.com/patchmgr/findPatch.portal
Documentation:
http://kb.vmware.com/kb/2150876

VMware vCenter Server 6.5 U1
Downloads:
https://my.vmware.com/web/vmware/details?downloadGroup=3DVC65U1
&productId=3D614&rPId=3D17343
Documentation:
https://docs.vmware.com/en/VMware-vSphere/index.html

VMware Workstation Pro 12.5.7
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation
https://www.vmware.com/support/pubs/ws_pubs.html

VMware Workstation Player 12.5.7
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer
https://www.vmware.com/support/pubs/player_pubs.html

VMware Workstation Pro 12.5.3
Downloads and Documentation:
https://www.vmware.com/go/downloadworkstation
https://www.vmware.com/support/pubs/ws_pubs.html

VMware Workstation Player 12.5.3
Downloads and Documentation:
https://www.vmware.com/go/downloadplayer
https://www.vmware.com/support/pubs/player_pubs.html

VMware Fusion Pro / Fusion 8.5.8
Downloads and Documentation
https://www.vmware.com/go/downloadfusion
https://www.vmware.com/support/pubs/fusion_pubs.html

VMware Fusion Pro / Fusion 8.5.4
Downloads and Documentation
https://www.vmware.com/go/downloadfusion
https://www.vmware.com/support/pubs/fusion_pubs.html

5. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4925
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4926

– ————————————————————————

6. Change log

2017-09-14 VMSA-2017-0015
Initial security advisory in conjunction with the release of VMware
ESXi 5.5 patches on 2017-09-14

2017-09-15 VMSA-2017-0015.1 Corrected the underlying component
affected from SVGA driver to device.

2017-09-18 VMSA-2017-0015.2 Updated the security advisory to reflect
the correct platform for the XSS issue 3(c).

– ————————————————————————
7. Contact

E-mail list for product security notifications and announcements:
http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce

This Security Advisory is posted to the following lists:

security-announce@lists.vmware.com
bugtraq@securityfocus.com
fulldisclosure@seclists.org

E-mail: security@vmware.com
PGP key at: https://kb.vmware.com/kb/1055

VMware Security Advisories
http://www.vmware.com/security/advisories

VMware Security Response Policy
https://www.vmware.com/support/policies/security_response.html

VMware Lifecycle Support Phases
https://www.vmware.com/support/policies/lifecycle.html

VMware Security & Compliance Blog
https://blogs.vmware.com/security

Twitter

Copyright 2017 VMware Inc. All rights reserved.

—–BEGIN PGP SIGNATURE—–
Version: Encryption Desktop 10.4.1 (Build 490)
Charset: utf-8

wj8DBQFZwKbaDEcm8Vbi9kMRArZ4AJ4x3UZXWhnMjiM6bWm3+AbVOWL1/gCeME1g
Zm6b0n/dE8r06O+chFE3E9k=3D
=3DNJvM
—–END PGP SIGNATURE—–

–_000_DM2PR0501MB100219690EEC4C905368F849B9600DM2PR0501MB1002_
Content-Type: text/html; charset=”iso-8859-1″
Content-Transfer-Encoding: quoted-printable

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

– ———————————————————————–

            &nb=
sp;            =
      VMware Security Advisory

Advisory ID: VMSA-2017-0015.2
Severity:    Critical
Synopsis:    VMware ESXi, vCenter Server, Fusion & Works=
tation updates
             re=
solve multiple security vulnerabilities
Issue date:  2017-09-14
Updated on:  2017-09-18
CVE number:  CVE-2017-4924, CVE-2017-4925, CVE-2017-4926

1. Summary

   VMware ESXi, vCenter Server, Fusion and Workstation updates re=
solve
   multiple security vulnerabilities.
   
2. Relevant Products
    
   VMware ESXi (ESXi)      
   VMware vCenter Server
   VMware Fusion Pro / Fusion (Fusion)   
   VMware Workstation Pro / Player (Workstation)

3. Problem Description

   a. Out-of-bounds write vulnerability in SVGA
   
   VMware ESXi, Workstation & Fusion contain an out-of-bounds=
write
   vulnerability in SVGA device. This issue may allow a guest to =

   execute code on the host.
   
   VMware would like to thank Nico Golde and Ralf-Philipp Weinman=
n of
   Comsecuris UG (haftungsbeschraenkt) working with ZDI for repor=
ting
   this issue to us.
   
   The Common Vulnerabilities and Exposures project (cve.mitre.or=
g) has
   assigned the identifier CVE-2017-4924 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware      Product Running &nbs=
p;         Replace with/ &nbsp=
;     Mitigation
   Product     Version on   &n=
bsp;  Severity  Apply patch      &n=
bsp;  Workaround
   =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=
=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D  =3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D       =3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D
      ESXi      6.5 =
    ESXi   Critical ESXi650-201707101-SG &nbs=
p; None
      ESXi      6.0 =
    ESXi    N/A     =
  Not affected          N=
/A
      ESXi      5.5 =
    ESXi    N/A     =
  Not affected          N=
/A
   Workstation  12.x    Any   =
Critical    12.5.7      &nbsp=
;       None
     Fusion     8.x  &nbs=
p;  OS X   Critical    8.5.8  &nbsp=
;            None &n=
bsp;

   b. Guest RPC NULL pointer dereference vulnerability  
   
   VMware ESXi, Workstation & Fusion contain a NULL pointer d=
ereference
   vulnerability. This issue occurs when handling guest RPC reque=
sts.
   Successful exploitation of this issue may allow attackers with=

   normal user privileges to crash their VMs.
   
   VMware would like to thank Zhang Haitao for reporting this iss=
ue
   to us.
   
   The Common Vulnerabilities and Exposures project (cve.mitre.or=
g) has
   assigned the identifier CVE-2017-4925 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.

   VMware      Product Running &nbs=
p;        Replace with/  &nbsp=
;     Mitigation
   Product     Version on   &n=
bsp;  Severity Apply patch       &n=
bsp;  Workaround
   =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=
=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D        =3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D
      ESXi      6.5 =
    ESXi   Moderate ESXi650-201707101-SG &nbs=
p; None
      ESXi      6.0 =
    ESXi   Moderate ESXi600-201706101-SG &nbs=
p; None
      ESXi      5.5 =
    ESXi   Moderate ESXi550-201709101-SG &nbs=
p; None
   Workstation  12.x    Any   =
Moderate    12.5.3      &nbsp=
;       None
     Fusion     8.x  &nbs=
p;  OS X   Moderate     8.5.4 &nbsp=
;            None
   
   c. Stored XSS in H5 Client
   
   vCenter Server H5 Client contains a vulnerability that may all=
ow for
   stored cross-site scripting (XSS). An attacker with VC user
   privileges can inject malicious java-scripts which will get ex=
ecuted
   when other VC users access the page.
   
   VMware would like to thank Thomas Ornetzeder for reporting thi=
s
   issue to us.
   
   The Common Vulnerabilities and Exposures project (cve.mitre.or=
g) has
   assigned the identifier CVE-2017-4926 to this issue.

   Column 5 of the following table lists the action required to
   remediate the vulnerability in each release, if a solution is
   available.
   
   VMware          P=
roduct Running           =
Replace with/   Mitigation
   Product         Versio=
n on      Severity  Apply patch  &n=
bsp;  Workaround
   =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D  =3D=3D=3D=3D=
=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D  =3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D   =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
   vCenter Server   6.5     Any&nbs=
p;   Moderate     6.5 U1   &nb=
sp;     None
   vCenter Server   6.0     Any&nbs=
p;    N/A      Not affected &n=
bsp;    N/A
   vCenter Server   5.5     Any&nbs=
p;    N/A      Not affected &n=
bsp;    N/A
   
4. Solution

   Please review the patch/release notes for your product and
   version and verify the checksum of your downloaded file.
   
   ESXi 6.5  
   ————-
   Downloads:  
   https://www.vmware.com/patchmgr/findPatch.portal  &n=
bsp;  
   Documentation:  
   http://kb.vmware.com/kb/2149933
   
   ESXi 6.0  
   ————-
   Downloads:  
   https://www.vmware.com/patchmgr/findPatch.portal  &n=
bsp;  
   Documentation:  
   http://kb.vmware.com/kb/2149960  
   
   ESXi 5.5
   ————
   Downloads:  
   https://www.vmware.com/patchmgr/findPatch.portal  &n=
bsp;  
   Documentation:  
   http://kb.vmware.com/kb/2150876
   
   VMware vCenter Server 6.5 U1
   Downloads:
   https://my.vmware.com/web/vmware/details?downloadGroup=3DVC65U=
1
   &productId=3D614&rPId=3D17343
   Documentation:
   https://docs.vmware.com/en/VMware-vSphere/index.html
   
   VMware Workstation Pro 12.5.7
   Downloads and Documentation:  
   https://www.vmware.com/go/downloadworkstation  
   https://www.vmware.com/support/pubs/ws_pubs.html  
    
   VMware Workstation Player 12.5.7  
   Downloads and Documentation:  
   https://www.vmware.com/go/downloadplayer  
   https://www.vmware.com/support/pubs/player_pubs.html
   
   VMware Workstation Pro 12.5.3  
   Downloads and Documentation:
   https://www.vmware.com/go/downloadworkstation
   https://www.vmware.com/support/pubs/ws_pubs.html   
 
   VMware Workstation Player 12.5.3    
   Downloads and Documentation:  
   https://www.vmware.com/go/downloadplayer
   https://www.vmware.com/support/pubs/player_pubs.html
   
   VMware Fusion Pro / Fusion 8.5.8
   Downloads and Documentation
   https://www.vmware.com/go/downloadfusion
   https://www.vmware.com/support/pubs/fusion_pubs.html
   
   VMware Fusion Pro / Fusion 8.5.4
   Downloads and Documentation
   https://www.vmware.com/go/downloadfusion
   https://www.vmware.com/support/pubs/fusion_pubs.html
   
   
5. References

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4924
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4925
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-4926
      
– ————————————————————————

6. Change log

   2017-09-14 VMSA-2017-0015
   Initial security advisory in conjunction with the release of V=
Mware
   ESXi 5.5 patches on 2017-09-14
   
   2017-09-15 VMSA-2017-0015.1 Corrected the underlying component=

   affected from SVGA driver to device.
   
   2017-09-18 VMSA-2017-0015.2 Updated the security advisory to r=
eflect
   the correct platform for the XSS issue 3(c).

– ————————————————————————
7. Contact

   E-mail list for product security notifications and announcemen=
ts:
   http://lists.vmware.com/cgi-bin/mailman/listinfo/security-anno=
unce

   This Security Advisory is posted to the following lists:
   
     security-announce@lists.vmware.com
     bugtraq@securityfocus.com
     fulldisclosure@seclists.org

   E-mail: security@vmware.com
   PGP key at: https://kb.vmware.com/kb/1055

   VMware Security Advisories
   http://www.vmware.com/security/advisories

   VMware Security Response Policy
   https://www.vmware.com/support/policies/security_response.html=

   VMware Lifecycle Support Phases
   https://www.vmware.com/support/policies/lifecycle.html
   
   VMware Security & Compliance Blog
   https://blogs.vmware.com/security

   Twitter
   https://twitter.com/VMwareSRC

   Copyright 2017 VMware Inc.  All rights reserved.

—–BEGIN PGP SIGNATURE—–
Version: Encryption Desktop 10.4.1 (Build 490)
Charset: utf-8

wj8DBQFZwKbaDEcm8Vbi9kMRArZ4AJ4x3UZXWhnMjiM6bWm3+AbVOWL1/gCeME1g
Zm6b0n/dE8r06O+chFE3E9k=3D
=3DNJvM
—–END PGP SIGNATURE—–

–_000_DM2PR0501MB100219690EEC4C905368F849B9600DM2PR0501MB1002_–

–===============1845581788974842030==
Content-Type: text/plain; charset=”us-ascii”
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
Security-announce mailing list
Security-announce@lists.vmware.com
https://lists.vmware.com/mailman/listinfo/security-announce

–===============1845581788974842030==–