Monitoring Janvier 2016

monitoring@federez.net

6 participants
35 discussions

par monit＠baldrick.crans.org

Does not exist Service ssh Date: Sun, 24 Jan 2016 12:17:20 Action: restart Host: baldrick.crans.org Description: process is not running Monit, unique employÃ© de federez,

9 années, 3 mois

apt-listchanges: news for hexagon.federez.net

par root＠hexagon.federez.net

ca-certificates (20141019+deb8u1) stable; urgency=medium Update Mozilla certificate authority bundle to version 2.6. The following certificate authorities were added (+): + "CA WoSign ECC Root" + "Certification Authority of WoSign G2" + "Certinomis - Root CA" + "CFCA EV ROOT" + "COMODO RSA Certification Authority" + "Entrust Root Certification Authority - EC1" + "Entrust Root Certification Authority - G2" + "GlobalSign ECC Root CA - R4" + "GlobalSign ECC Root CA - R5" + "IdenTrust Commercial Root CA 1" + "IdenTrust Public Sector Root CA 1" + "OISTE WISeKey Global Root GB CA" + "S-TRUST Universal Root CA" + "Staat der Nederlanden EV Root CA" + "Staat der Nederlanden Root CA - G3" + "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5" + "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6" + "USERTrust ECC Certification Authority" + "USERTrust RSA Certification Authority" The following certificate authorities were removed (-): - "A-Trust-nQual-03" - "America Online Root Certification Authority 1" - "America Online Root Certification Authority 2" - "Buypass Class 3 CA 1" - "ComSign Secured CA" - "Digital Signature Trust Co. Global CA 1" - "Digital Signature Trust Co. Global CA 3" - "E-Guven Kok Elektronik Sertifika Hizmet Saglayicisi" - "GTE CyberTrust Global Root" - "SG TRUST SERVICES RACINE" - "TC TrustCenter Class 2 CA II" - "TC TrustCenter Universal CA I" - "Thawte Premium Server CA" - "Thawte Server CA" - "TURKTRUST Certificate Services Provider Root 1" - "TURKTRUST Certificate Services Provider Root 2" - "UTN DATACorp SGC Root CA" - "Verisign Class 4 Public Primary Certification Authority - G3" -- Michael Shuler <michael(a)pbandjelly.org> Mon, 14 Dec 2015 20:46:50 -0600

9 années, 3 mois

apt-listchanges: news for baldrick

par root＠baldrick.crans.org

9 années, 3 mois

65 Debian package update(s) for hexagon.federez.net

par root＠hexagon.federez.net

apticron report [Sun, 24 Jan 2016 09:48:22 +0100] ======================================================================== apticron has detected that some packages need upgrading on: hexagon.federez.net [ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ] The following packages are currently pending an upgrade: apache2 2.4.10-10+deb8u4 apache2.2-bin 2.4.10-10+deb8u4 apache2.2-common 2.4.10-10+deb8u4 apache2-bin 2.4.10-10+deb8u4 apache2-data 2.4.10-10+deb8u4 apache2-mpm-prefork 2.4.10-10+deb8u4 apache2-utils 2.4.10-10+deb8u4 apt 1.0.9.8.2 apt-dater-host 1.0.0-2+deb8u1 apt-utils 1.0.9.8.2 augeas-lenses 1.2.0-0.2+deb8u1 base-files 8+deb8u3 ca-certificates 20141019+deb8u1 file 1:5.22+15-2+deb8u1 ldap-utils 2.4.40+dfsg-1+deb8u2 libapache2-mod-php5 5.6.17+dfsg-0+deb8u1 libapt-inst1.5 1.0.9.8.2 libapt-pkg4.12 1.0.9.8.2 libaugeas0 1.2.0-0.2+deb8u1 libc6 2.19-18+deb8u2 libc6-dev 2.19-18+deb8u2 libc-bin 2.19-18+deb8u2 libc-dev-bin 2.19-18+deb8u2 libldap-2.4-2 2.4.40+dfsg-1+deb8u2 libldap2-dev 2.4.40+dfsg-1+deb8u2 libmagic1 1:5.22+15-2+deb8u1 libpam0g 1.1.8-3.1+deb8u1 libpam-modules 1.1.8-3.1+deb8u1 libpam-modules-bin 1.1.8-3.1+deb8u1 libpam-runtime 1.1.8-3.1+deb8u1 libpam-systemd 215-17+deb8u3 libpcre3 2:8.35-3.3+deb8u2 libperl5.20 5.20.2-3+deb8u3 libssh-4 0.6.3-4+deb8u1 libsystemd0 215-17+deb8u3 libudev1 215-17+deb8u3 locales 2.19-18+deb8u2 login 1:4.2-3+deb8u1 mdadm 3.3.2-5+deb8u1 monit 1:5.9-1+deb8u1 multiarch-support 2.19-18+deb8u2 nscd 2.19-18+deb8u2 passwd 1:4.2-3+deb8u1 perl 5.20.2-3+deb8u3 perl-base 5.20.2-3+deb8u3 perl-modules 5.20.2-3+deb8u3 php5 5.6.17+dfsg-0+deb8u1 php5-cli 5.6.17+dfsg-0+deb8u1 php5-common 5.6.17+dfsg-0+deb8u1 php5-curl 5.6.17+dfsg-0+deb8u1 php5-enchant 5.6.17+dfsg-0+deb8u1 php5-gd 5.6.17+dfsg-0+deb8u1 php5-intl 5.6.17+dfsg-0+deb8u1 php5-ldap 5.6.17+dfsg-0+deb8u1 php5-mcrypt 5.6.17+dfsg-0+deb8u1 php5-mysql 5.6.17+dfsg-0+deb8u1 php5-pgsql 5.6.17+dfsg-0+deb8u1 php5-readline 5.6.17+dfsg-0+deb8u1 php5-sqlite 5.6.17+dfsg-0+deb8u1 php-pear 5.6.17+dfsg-0+deb8u1 rsyslog 8.4.2-1+deb8u2 slapd 2.4.40+dfsg-1+deb8u2 systemd 215-17+deb8u3 systemd-sysv 215-17+deb8u3 udev 215-17+deb8u3 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Nouveautés pour ca-certificates --- ca-certificates (20141019+deb8u1) stable; urgency=medium Update Mozilla certificate authority bundle to version 2.6. The following certificate authorities were added (+): + "CA WoSign ECC Root" + "Certification Authority of WoSign G2" + "Certinomis - Root CA" + "CFCA EV ROOT" + "COMODO RSA Certification Authority" + "Entrust Root Certification Authority - EC1" + "Entrust Root Certification Authority - G2" + "GlobalSign ECC Root CA - R4" + "GlobalSign ECC Root CA - R5" + "IdenTrust Commercial Root CA 1" + "IdenTrust Public Sector Root CA 1" + "OISTE WISeKey Global Root GB CA" + "S-TRUST Universal Root CA" + "Staat der Nederlanden EV Root CA" + "Staat der Nederlanden Root CA - G3" + "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5" + "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6" + "USERTrust ECC Certification Authority" + "USERTrust RSA Certification Authority" The following certificate authorities were removed (-): - "A-Trust-nQual-03" - "America Online Root Certification Authority 1" - "America Online Root Certification Authority 2" - "Buypass Class 3 CA 1" - "ComSign Secured CA" - "Digital Signature Trust Co. Global CA 1" - "Digital Signature Trust Co. Global CA 3" - "E-Guven Kok Elektronik Sertifika Hizmet Saglayicisi" - "GTE CyberTrust Global Root" - "SG TRUST SERVICES RACINE" - "TC TrustCenter Class 2 CA II" - "TC TrustCenter Universal CA I" - "Thawte Premium Server CA" - "Thawte Server CA" - "TURKTRUST Certificate Services Provider Root 1" - "TURKTRUST Certificate Services Provider Root 2" - "UTN DATACorp SGC Root CA" - "Verisign Class 4 Public Primary Certification Authority - G3" -- Michael Shuler <michael(a)pbandjelly.org> Mon, 14 Dec 2015 20:46:50 -0600 --- Modifications pour php5 (libapache2-mod-php5 php5 php5-cli php5-common php5-curl php5-enchant php5-gd php5-intl php5-ldap php5-mcrypt php5-mysql php5-pgsql php5-readline php5-sqlite php-pear) --- php5 (5.6.17+dfsg-0+deb8u1) jessie; urgency=high * Imported Upstream version 5.6.17+dfsg - Core: . Fixed bug #66909 (configure fails utf8_to_mutf7 test). . Fixed bug #70958 (Invalid opcode while using ::class as trait method parameter default value). . Fixed bug #70957 (self::class can not be resolved with reflection for abstract class). . Fixed bug #70944 (try{ } finally{} can create infinite chains of exceptions). . Fixed bug #61751 (SAPI build problem on AIX: Undefined symbol: php_register_internal_extensions). - FPM: . Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). - GD: . Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index Out of Bounds). - Mysqlnd: . Fixed bug #68077 (LOAD DATA LOCAL INFILE / open_basedir restriction). - SOAP: . Fixed bug #70900 (SoapClient systematic out of memory error). - Standard: . Fixed bug #70960 (ReflectionFunction for array_unique returns wrong number of parameters). - PDO_Firebird: . Fixed bug #60052 (Integer returned as a 64bit integer on X64_86). - WDDX: . Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization). . Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion Vulnerability). - XMLRPC: . Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()). * Rebase patches on top of 5.6.17+dfsg release * Make phar command versioned and use update-alternatives for 'phar' name to allow coinstallation with src:php7.0 packages -- Ondřej Surý <ondrej(a)debian.org> Fri, 08 Jan 2016 09:01:13 +0100 php5 (5.6.16+dfsg-0+deb8u1) jessie-security; urgency=medium * Imported Upstream version 5.6.16+dfsg - Core: . Fixed bug #70828 (php-fpm 5.6 with opcache crashes when referencing a non-existent constant). . Fixed bug #70748 (Segfault in ini_lex () at Zend/zend_ini_scanner.l). - Mysqlnd: . Fixed bug #68344 (MySQLi does not provide way to disable peer certificate validation) by introducing MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT connection flag. - PDO_DBlib: . Fixed bug #69757 (Segmentation fault on nextRowset). - SOAP: . Fixed bug #70875 (Segmentation fault if wsdl has no targetNamespace attribute). - SPL: . Fixed bug #70852 (Segfault getting NULL offset of an ArrayObject). * Rebase patches on top of 5.6.16 release -- Ondřej Surý <ondrej(a)debian.org> Tue, 22 Dec 2015 16:06:49 +0100 php5 (5.6.15+dfsg-0+deb8u1) jessie-security; urgency=high * Imported Upstream version 5.6.15+dfsg - Core: . Fixed bug #70681 (Segfault when binding $this of internal instance method to null). . Fixed bug #70685 (Segfault for getClosure() internal method rebind with invalid $this). - Date: . Fixed bug #70619 (DateTimeImmutable segfault). - Mcrypt: . Fixed bug #70625 (mcrypt_encrypt() won't return data when no IV was specified under RC4). - Mysqlnd: . Fixed bug #70384 (mysqli_real_query():Unknown type 245 sent by the server). . Fixed bug #70572 segfault in mysqlnd_connect. - Opcache: . Fixed bug #70632 (Third one of segfault in gc_remove_from_buffer). . Fixed bug #70631 (Another Segfault in gc_remove_from_buffer()). . Fixed bug #70601 (Segfault in gc_remove_from_buffer()). . Fixed compatibility with Windows 10 (see also bug #70652). * Rebase patches on top of 5.6.15+dfsg -- Ondřej Surý <ondrej(a)debian.org> Tue, 17 Nov 2015 08:41:42 +0100 --- Modifications pour apache2 (apache2 apache2.2-bin apache2.2-common apache2-bin apache2-data apache2-mpm-prefork apache2-utils) --- apache2 (2.4.10-10+deb8u4) jessie; urgency=medium * Add versioned replaces/breaks for libapache2-mod-macro to apache2, for the config files in /etc. Closes: #806326 * Fix split-logfile to work with current perl. Closes: #803472 * Fix tests on deferred mpm switch. Add special casing for mpm_itk, which is not an mpm anymore, despite the name. Closes: #789914 Closes: #791902 * Fix secondary-init-script to not source the main init script with 'set -e'. Closes: #803177 -- Stefan Fritsch <sf(a)debian.org> Sat, 28 Nov 2015 15:02:23 +0100 --- Modifications pour apt (apt apt-utils libapt-inst1.5 libapt-pkg4.12) --- apt (1.0.9.8.2) jessie; urgency=medium [ David Kalnischkies ] * hide first pdiff merge failure debug message (Closes: 793444) * mark again deps of pkgs in APT::Never-MarkAuto-Sections as manual. Thanks to Raphaël Hertzog and Adam Conrad for detailed reports and initial patches (Closes: 793360) (LP: 1479207) [ Julian Andres Klode ] * Do not parse Status fields from remote sources [ Michael Vogt ] * Use xgettext --no-location in make update-pot -- Julian Andres Klode <jak(a)debian.org> Tue, 15 Sep 2015 16:48:35 +0200 --- Modifications pour augeas (augeas-lenses libaugeas0) --- augeas (1.2.0-0.2+deb8u1) jessie-proposed-updates; urgency=medium * Non-maintainer upload. [ Yann Soubeyrand ] * Httpd lense: - Allow EOL comments after section tags (thanks Dominic Cleal from Red Hat for reporting the patch) (Closes: #802665) - Include /etc/apache2/conf-available directory (Closes: #764699) [ Mattia Rizzolo ] * debian/patches/0003-Httpd-Allow-eol-comments-after-section-tags.patch: + Rewrite DEP-3 header. -- Yann Soubeyrand <yann-externe.soubeyrand(a)edf.fr> Thu, 17 Dec 2015 11:31:48 +0100 --- Modifications pour ca-certificates --- ca-certificates (20141019+deb8u1) stable; urgency=medium * mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate authority bundle to version 2.6. Closes: #806239 The following certificate authorities were added (+): + "CA WoSign ECC Root" + "Certification Authority of WoSign G2" + "Certinomis - Root CA" + "CFCA EV ROOT" + "COMODO RSA Certification Authority" + "Entrust Root Certification Authority - EC1" + "Entrust Root Certification Authority - G2" + "GlobalSign ECC Root CA - R4" + "GlobalSign ECC Root CA - R5" + "IdenTrust Commercial Root CA 1" + "IdenTrust Public Sector Root CA 1" + "OISTE WISeKey Global Root GB CA" + "S-TRUST Universal Root CA" + "Staat der Nederlanden EV Root CA" + "Staat der Nederlanden Root CA - G3" + "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5" + "TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H6" + "USERTrust ECC Certification Authority" + "USERTrust RSA Certification Authority" The following certificate authorities were removed (-): - "A-Trust-nQual-03" - "America Online Root Certification Authority 1" - "America Online Root Certification Authority 2" - "Buypass Class 3 CA 1" - "ComSign Secured CA" - "Digital Signature Trust Co. Global CA 1" - "Digital Signature Trust Co. Global CA 3" - "E-Guven Kok Elektronik Sertifika Hizmet Saglayicisi" - "GTE CyberTrust Global Root" - "SG TRUST SERVICES RACINE" - "TC TrustCenter Class 2 CA II" - "TC TrustCenter Universal CA I" - "Thawte Premium Server CA" - "Thawte Server CA" - "TURKTRUST Certificate Services Provider Root 1" - "TURKTRUST Certificate Services Provider Root 2" - "UTN DATACorp SGC Root CA" - "Verisign Class 4 Public Primary Certification Authority - G3" -- Michael Shuler <michael(a)pbandjelly.org> Mon, 14 Dec 2015 20:46:50 -0600 --- Modifications pour file (file libmagic1) --- file (1:5.22+15-2+deb8u1) stable; urgency=medium * Fix handling of file's --parameter option. Closes: #798410 - The file program segfaults after processing the --parameter parameter. [commit FILE5_24-22-g27b4e34] - Any --parameter values have no effect if used with --files-from. [commit FILE5_24-23-g4ddb783] -- Christoph Biedl <debian.axhn(a)manchmal.in-ulm.de> Sun, 13 Sep 2015 18:27:47 +0200 --- Modifications pour glibc (libc6 libc6-dev libc-bin libc-dev-bin locales multiarch-support nscd) --- glibc (2.19-18+deb8u2) stable; urgency=medium [ Aurelien Jarno ] * Update from upstream stable branch: - Fix getaddrinfo sometimes returning uninitialized data with nscd. Closes: #798515. - Fix data corruption while reading the NSS files database (CVE-2015-5277). Closes: #799966. - Fix buffer overflow (read past end of buffer) in internal_fnmatch. - Fix _IO_wstr_overflow integer overflow. - Fix unexpected closing of nss_files databases after lookups, causing denial of service (CVE-2014-8121). Closes: #779587. - Fix NSCD netgroup cache. Closes: #800523. * patches/any/cvs-ld_pointer_guard.diff: new patch from upstream to unconditionally disable LD_POINTER_GUARD. Closes: #798316, #801691. * patches/any/cvs-mangle-tls_dtor_list.diff: new patch from upstream to mangle function pointers in tls_dtor_list. Closes: #802256. * patches/any/cvs-strxfrm-buffer-overflows.diff: new patch from upstream to fix memory allocations issues that can lead to buffer overflows on the stack. Closes: #803927. [ Henrique de Moraes Holschuh ] * Replace patches/amd64/local-blacklist-on-TSX-Haswell.diff by local-blacklist-for-Intel-TSX.diff also blacklisting some Broadwell models. Closes: #800574. -- Aurelien Jarno <aurel32(a)debian.org> Mon, 28 Dec 2015 21:39:40 +0100 --- Modifications pour libssh (libssh-4) --- libssh (0.6.3-4+deb8u1) jessie; urgency=medium * Non-maintainer upload. * debian/patches: - Add 0002_CVE-2015-3146.patch Fix "null pointer dereference due to a logical error in the handling of a SSH_MSG_NEWKEYS and KEXDH_REPLY packets" (Closes: #784404, CVE-2015-3146) -- Christopher Knadle <Chris.Knadle(a)coredump.us> Mon, 23 Nov 2015 08:43:19 -0500 --- Modifications pour mdadm --- mdadm (3.3.2-5+deb8u1) jessie; urgency=medium * Non-maintainer upload. * disable-incremental-assembly.patch: incremental assembly prevents booting in degraded mode (Closes: #784070) -- Yann Soubeyrand <yann-externe.soubeyrand(a)edf.fr> Mon, 23 Nov 2015 17:22:27 +0100 --- Modifications pour monit --- monit (1:5.9-1+deb8u1) jessie; urgency=medium * Fix umask-related regression between 5.8.1 and 5.9 (Closes: #796989) -- Sergey B Kirpichev <skirpichev(a)gmail.com> Sat, 12 Sep 2015 11:34:20 +0300 --- Modifications pour openldap (ldap-utils libldap-2.4-2 libldap2-dev slapd) --- openldap (2.4.40+dfsg-1+deb8u2) jessie; urgency=medium * debian/patches/ITS8003-fix-off-by-one-in-LDIF-length.patch: Import upstream patch to fix a crash when adding a large attribute value with the auditlog overlay enabled. (Closes: #806909) -- Ryan Tandy <ryan(a)nardis.ca> Sat, 12 Dec 2015 16:11:38 -0800 --- Modifications pour pam (libpam0g libpam-modules libpam-modules-bin libpam-runtime) --- pam (1.1.8-3.1+deb8u1) jessie; urgency=medium * Non-maintainer upload. * Fix CVE-2015-3238: DoS/user enumeration due to blocking pipe in pam_unix module (Closes: #789986) -- Tianon Gravi <tianon(a)debian.org> Wed, 06 Jan 2016 17:25:53 -0800 --- Modifications pour pcre3 (libpcre3) --- pcre3 (2:8.35-3.3+deb8u2) jessie; urgency=medium * Non-maintainer upload. * Add additional CVE references and bug closer to previous changelog. CVE-2015-2327 fix was included in the previous 2:8.35-3.3+deb8u1 upload. CVE-2015-8384 different issue than CVE-2015-3210 but fixed with same commit. CVE-2015-8388 different issue than CVE-2015-5073 but fixed with same commit. Add bug closer to bugs in the BTS retrospectively. * Add 0001-Fix-compile-time-loop-for-recursive-reference-within.patch. CVE-2015-2328: Stack-based buffer overflow in compile_regex(). * Add 794589-information-disclosure.patch. CVE-2015-8382: Fix "pcre_exec does not fill offsets for certain regexps" leading to information disclosure. (Closes: #794589) * Add 0001-Fix-buffer-overflow-for-repeated-conditional-when-re.patch. CVE-2015-8383: Buffer overflow caused by repeated conditional group. * Add 0001-Fix-named-forward-reference-to-duplicate-group-numbe.patch. CVE-2015-8385: Buffer overflow caused by forward reference by name to certain group. * Add 0001-Fix-buffer-overflow-for-lookbehind-within-mutually-r.patch. CVE-2015-8386: Buffer overflow caused by lookbehind assertion. * Add 0001-Add-integer-overflow-check-to-n-code.patch. CVE-2015-8387: Integer overflow in subroutine calls. * Add 0001-Fix-overflow-when-ovector-has-size-1.patch. CVE-2015-8380: Heap-based buffer overflow in pcre_exec. (Closes: #806467) * Add 0001-Fix-infinite-recursion-in-the-JIT-compiler-when-cert.patch. CVE-2015-8389: Infinite recursion in JIT compiler when processing certain patterns. * Add 0001-Fix-bug-for-classes-containing-sequences.patch. CVE-2015-8390: Reading from uninitialized memory when processing certain patterns. * Add 0001-Fix-run-for-ever-bug-for-deeply-nested-sequences.patch. CVE-2015-8391: Some pathological patterns causes pcre_compile() to run for a very long time. * Add 0001-Fix-buffer-overflow-for-named-references-in-situatio.patch. CVE-2015-8392: Buffer overflow caused by certain patterns with duplicated named groups. * Add 0001-Make-pcregrep-q-override-l-and-c-for-compatibility-w.patch. CVE-2015-8393: Information leak when running pcgrep -q on crafted binary. * Add 0001-Add-missing-integer-overflow-checks.patch. CVE-2015-8394: Integer overflow caused by missing check for certain conditions. * Add 0001-Hack-in-yet-other-patch-for-a-bug-in-size-computatio.patch. CVE-2015-8381: Heap Overflow in compile_regex(). CVE-2015-8395: Buffer overflow caused by certain references. (Closes: #796762) -- Salvatore Bonaccorso <carnil(a)debian.org> Tue, 29 Dec 2015 09:19:11 +0100 pcre3 (2:8.35-3.3+deb8u1) jessie; urgency=medium * CVE-2015-2325 CVE-2015-2326 CVE-2015-2327 CVE-2015-3210 CVE-2015-5073 CVE-2015-8384 CVE-2015-8388 (Closes: #781795, #783285, #787433, #790000) -- Moritz Muehlenhoff <jmm(a)debian.org> Sun, 16 Aug 2015 11:37:39 +0000 --- Modifications pour perl (libperl5.20 perl perl-base perl-modules) --- perl (5.20.2-3+deb8u3) jessie; urgency=medium * Backport Encode::Unicode BOM fix from Encode-2.77. (Closes: #798727) + break+replace libencode-perl (<< 2.63-1+deb8u1) accordingly -- Dominic Hargreaves <dom(a)earth.li> Mon, 11 Jan 2016 23:06:58 +0000 --- Modifications pour rsyslog --- rsyslog (8.4.2-1+deb8u2) jessie; urgency=medium * Fix crash in imfile module when using inotify mode. Patch cherry-picked from upstream Git. (Closes: #770998) * Prevent a segfault in dynafile creation. Patch cherry-picked from upstream Git. (Closes: #807908) -- Michael Biebl <biebl(a)debian.org> Mon, 14 Dec 2015 13:34:01 +0100 --- Modifications pour shadow (login passwd) --- shadow (1:4.2-3+deb8u1) jessie; urgency=medium * Non-maintainer upload. * Fix error handling in busy user detection. (Closes: #778287) -- Bastian Blank <bastian.blank(a)credativ.de> Wed, 18 Nov 2015 08:07:09 +0000 --- Modifications pour systemd (libpam-systemd libsystemd0 libudev1 systemd systemd-sysv udev) --- systemd (215-17+deb8u3) stable; urgency=medium * Fix namespace breakage due to incorrect path sorting. (Closes: #787758) * Don't timeout after 90 seconds when no password was entered for cryptsetup devices. (Closes: #802897) * Only set the kernel's timezone when the RTC runs in local time. Otherwise, every daylight saving time change or time zone change by travelling will make the time jump, and the local time might jump backwards which creates unsolvable problems with file timestamps. (Closes: #759319) * Fix incorrect handling of comma separator in systemd-delta. (Closes: #793477) * Make DHCP broadcast behaviour configurable in systemd-networkd via RequestBroadcast=. This is a backport from upstream which doesn't change the default setting. (Closes: #797894) -- Michael Biebl <biebl(a)debian.org> Mon, 16 Nov 2015 18:08:32 +0100 --- Modifications pour apt-dater-host --- apt-dater-host (1.0.0-2+deb8u1) stable; urgency=low * Add patch 01-jessie-kernel-detection to fix Linux Kernel status detection with newer Jessie images. Thanks to Robert Bihlmeyer. Closes: #794630 -- Patrick Matthäi <pmatthaei(a)debian.org> Mon, 12 Oct 2015 15:45:00 +0200 --- Modifications pour base-files --- base-files (8+deb8u3) stable; urgency=low * Changed /etc/debian_version to 8.3, for Debian 8.3 point release. * os-release: Drop trailing slash in SUPPORT_URL variable, as the URL is not supposed to have it. Closes: #781809, #800791. -- Santiago Vila <sanvila(a)debian.org> Wed, 06 Jan 2016 16:11:48 +0100 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on hexagon.federez.net -- apticron

9 années, 3 mois

Cron <root@hexagon> /root/scripts/renew_letsencrypt_certificates.sh

par root＠hexagon.federez.net

Stopping Apache... Renewing federez.net with letsencrypt-auto... Updating letsencrypt and virtual environment dependencies...... Requesting root privileges to run with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt certonly --config /etc/letsencrypt/cli.ini -d hexagon.federez.net -d federez.net -d www.federez.net -d lists.federez.net -d archives.federez.net -d journees.federez.net -d ldap.federez.net -d webldap.federez.net -d wiki.federez.net -d munin.federez.net -d ftp.federez.net -d mail.federez.net -d smtp.federez.net -d oc.federez.net -d roundcube.federez.net -d autoconfig.federez.net -d webmail.federez.net -d calendrier.federez.net -d compta.federez.net -t IMPORTANT NOTES: - If you like Let's Encrypt, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le Starting Apache... INFO: No certificate renewed, will not restart services.

9 années, 3 mois

Cron <root@baldrick> /root/scripts/renew_letsencrypt_certificates.sh

par root＠baldrick.crans.org

Stopping Apache... Renewing federez.net with letsencrypt-auto... Updating letsencrypt and virtual environment dependencies...... Requesting root privileges to run with virtualenv: /root/.local/share/letsencrypt/bin/letsencrypt certonly --config /etc/letsencrypt/cli.ini -d baldrick.federez.net -d forge.federez.net -d gitlab.federez.net -d task.federez.net -d todo.federez.net -d phabricator.federez.net -t IMPORTANT NOTES: - If you like Let's Encrypt, please consider supporting our work by: Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate Donating to EFF: https://eff.org/donate-le Starting Apache... INFO: No certificate renewed, will not restart services.

9 années, 3 mois

1 Debian package update(s) for baldrick.crans.org

par root＠baldrick.crans.org

apticron report [Fri, 22 Jan 2016 20:44:11 +0100] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ] [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ] The following packages are currently pending an upgrade: libfuse2 2.9.3-15+deb8u2 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour fuse (libfuse2) --- fuse (2.9.3-15+deb8u2) jessie-security; urgency=high * Fix permissions on cuse character device to be accessible by root only. -- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Wed, 20 Jan 2016 19:58:39 +0100 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron

9 années, 3 mois

1 Debian package update(s) for hexagon.federez.net

par root＠hexagon.federez.net

apticron report [Fri, 22 Jan 2016 09:48:20 +0100] ======================================================================== apticron has detected that some packages need upgrading on: hexagon.federez.net [ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ] The following packages are currently pending an upgrade: libfuse2 2.9.3-15+deb8u2 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour fuse (libfuse2) --- fuse (2.9.3-15+deb8u2) jessie-security; urgency=high * Fix permissions on cuse character device to be accessible by root only. -- Laszlo Boszormenyi (GCS) <gcs(a)debian.org> Wed, 20 Jan 2016 19:58:39 +0100 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on hexagon.federez.net -- apticron

9 années, 3 mois

16 Debian package update(s) for hexagon.federez.net

par root＠hexagon.federez.net

apticron report [Wed, 20 Jan 2016 09:48:21 +0100] ======================================================================== apticron has detected that some packages need upgrading on: hexagon.federez.net [ 5.39.82.35 2001:41d0:8:9423::1 5.39.82.35 2001:41d0:8:9423::1 ] The following packages are currently pending an upgrade: bind9 1:9.9.5.dfsg-9+deb8u5 bind9-host 1:9.9.5.dfsg-9+deb8u5 bind9utils 1:9.9.5.dfsg-9+deb8u5 dnsutils 1:9.9.5.dfsg-9+deb8u5 libbind9-90 1:9.9.5.dfsg-9+deb8u5 libdns100 1:9.9.5.dfsg-9+deb8u5 libdns-export100 1:9.9.5.dfsg-9+deb8u5 libirs-export91 1:9.9.5.dfsg-9+deb8u5 libisc95 1:9.9.5.dfsg-9+deb8u5 libisccc90 1:9.9.5.dfsg-9+deb8u5 libisccfg90 1:9.9.5.dfsg-9+deb8u5 libisccfg-export90 1:9.9.5.dfsg-9+deb8u5 libisc-export95 1:9.9.5.dfsg-9+deb8u5 liblwres90 1:9.9.5.dfsg-9+deb8u5 linux-image-3.16.0-4-amd64 3.16.7-ckt20-1+deb8u3 linux-libc-dev 3.16.7-ckt20-1+deb8u3 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour bind9 (bind9 bind9-host bind9utils dnsutils libbind9-90 libdns100 libdns-export100 libirs-export91 libisc95 libisccc90 libisccfg90 libisccfg-export90 libisc-export95 liblwres90) --- bind9 (1:9.9.5.dfsg-9+deb8u5) jessie-security; urgency=high * Non-maintainer upload by the Security Team. * CVE-2015-8704: Specific APL data could trigger an INSIST in apl_42.c. A buffer size check used to guard against overflow could cause named to exit with an INSIST failure In apl_42.c. -- Salvatore Bonaccorso <carnil(a)debian.org> Sat, 16 Jan 2016 10:51:37 +0100 --- Modifications pour linux (linux-image-3.16.0-4-amd64 linux-libc-dev) --- linux (3.16.7-ckt20-1+deb8u3) jessie-security; urgency=high [ Ben Hutchings ] * usb: serial: visor: fix crash on detecting device without write_urbs (CVE-2015-7566) * sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (CVE-2015-8767) * tty: Fix unsafe ldisc reference via ioctl(TIOCGETD) (CVE-2016-0723) [ Salvatore Bonaccorso ] * unix: properly account for FDs passed over unix sockets (CVE-2013-4312) * KEYS: Fix keyring ref leak in join_session_keyring() (CVE-2016-0728) -- Salvatore Bonaccorso <carnil(a)debian.org> Sun, 17 Jan 2016 20:07:28 +0100 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on hexagon.federez.net -- apticron

9 années, 3 mois

2 Debian package update(s) for baldrick.crans.org

par root＠baldrick.crans.org

apticron report [Tue, 19 Jan 2016 20:44:29 +0100] ======================================================================== apticron has detected that some packages need upgrading on: baldrick.crans.org [ 138.231.142.239 2a01:240:fe3d:4:62:61ff:fe6c:6401 138.231.142.239 ] [ 2a01:240:fe3d:4:62:61ff:fe6c:6401 ] The following packages are currently pending an upgrade: linux-image-3.16.0-4-amd64 3.16.7-ckt20-1+deb8u3 linux-libc-dev 3.16.7-ckt20-1+deb8u3 ======================================================================== Package Details: Lecture des fichiers de modifications (« changelog »)... --- Modifications pour linux (linux-image-3.16.0-4-amd64 linux-libc-dev) --- linux (3.16.7-ckt20-1+deb8u3) jessie-security; urgency=high [ Ben Hutchings ] * usb: serial: visor: fix crash on detecting device without write_urbs (CVE-2015-7566) * sctp: Prevent soft lockup when sctp_accept() is called during a timeout event (CVE-2015-8767) * tty: Fix unsafe ldisc reference via ioctl(TIOCGETD) (CVE-2016-0723) [ Salvatore Bonaccorso ] * unix: properly account for FDs passed over unix sockets (CVE-2013-4312) * KEYS: Fix keyring ref leak in join_session_keyring() (CVE-2016-0728) -- Salvatore Bonaccorso <carnil(a)debian.org> Sun, 17 Jan 2016 20:07:28 +0100 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on baldrick.crans.org -- apticron

9 années, 3 mois

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

Monitoring Janvier 2016