13.6 C
London
Tuesday, September 26, 2017
Home Tags Daemon

Tag: Daemon

Patch available for high priority issue affecting the Linux init daemon systemd.
I’m no world-class hacker/penetration tester, but I’ve been able to break into any organization I’ve been (legally) hired to do so in an hour or less, except for one place that took me three hours.

That was on my second engagement with the customer after it had implemented many of the protections I had recommended during my first visit.Hackers and pen testers typically have areas of specialization.
Some hack point-of-sale terminals, some hack web servers, some hack databases, and some specialize in social engineering. My own area has been focusing on computer security defense appliances—followed by hijacking elevated service/daemon accounts once I was in.

This combination allowed me to break into about 75 percent of my targets.
Sure, there were many other weaknesses, but this one was so prevalent I always went after it first.To read this article in full or to leave a comment, please click here
Following recent research that showed many printer models are vulnerable to attacks, a hacker decided to prove the point and forced thousands of publicly exposed printers to spew out rogue messages.The messages included ASCII art depicting robots an...
An update for bind97 is now available for Red Hat Enterprise Linux 5.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. The Berkeley Internet Name Domain (BIND) is an implementation of the Domain NameSystem (DNS) protocols.

BIND includes a DNS server (named); a resolver library(routines for applications to use when interfacing with DNS); and tools forverifying that the DNS server is operating correctly.Security Fix(es):* A denial of service flaw was found in the way BIND handled a query responsecontaining inconsistent DNSSEC information.

A remote attacker could use thisflaw to make named exit unexpectedly with an assertion failure via a speciallycrafted DNS response. (CVE-2016-9147)Red Hat would like to thank ISC for reporting this issue. For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258After installing the update, the BIND daemon (named) will be restartedautomatically.RHEL Desktop Workstation (v. 5 client) SRPMS: bind97-9.7.0-21.P2.el5_11.10.src.rpm     MD5: 775235c19dfed27ecc3a87fcf4c40bfeSHA-256: 2b16142fd887435ca267a8d94357c11193af9d8cf6930b24901759b1bc93e783   IA-32: bind97-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: d161503b1eb11a3b37235dc344616e51SHA-256: bd154f2d6aeda14322634dc1bd1c99b15ff594ff870cbdcbb55ca6b0ef0f4d1a bind97-chroot-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: 9af3f5d76022263cc5800b23bc048f15SHA-256: b32478f126dd5c40666d83dab756c0ff8c90eacfa48416ad623f2f676619d09f bind97-debuginfo-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: ec280c1b10a72260fc27227f9565905bSHA-256: 1454839372f144b27555a8fb931886c386766262601f1cad6e852b8f22010f8c bind97-devel-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: 8763e501a1b0ab618e6f6d3919a9e273SHA-256: 8419b598282aecc1d70b96c0d49eb6063524eccab51ca304d8b10417e82f8cb4 bind97-libs-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: f95e8fa0928e9d57204152a97ec01295SHA-256: 9db3a2904ae4636e5f035529737efecb6f63f3ca62b2f2e90115c1c78e48936a bind97-utils-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: 0b24182f88268c8b2efe5cda8160395dSHA-256: a8938654bc64386bfeb3d9e0ac777b6259881ef03c80cac73a914d1c9f2f9fce   x86_64: bind97-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: ef27ef4f7cc6d7f086d49a492846b956SHA-256: 98dc796069d5aabb624ffe2d1a2a45d639cc6051397adc05c7af9a32fde5a7b0 bind97-chroot-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: 5bc9d2cb8f487f35a5498c657d2dbcadSHA-256: 27f1d2b557dac6e1a299a35fed36213ff4d4334fd692964856058917b96d0a20 bind97-debuginfo-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: ec280c1b10a72260fc27227f9565905bSHA-256: 1454839372f144b27555a8fb931886c386766262601f1cad6e852b8f22010f8c bind97-debuginfo-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: 18777663795b1cdeea79be42597afaa0SHA-256: 61ccdfeba11bf279c3e0cf5848efddf3e68fb20473d1142532071a2cce484423 bind97-devel-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: 8763e501a1b0ab618e6f6d3919a9e273SHA-256: 8419b598282aecc1d70b96c0d49eb6063524eccab51ca304d8b10417e82f8cb4 bind97-devel-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: 44145df6812d167f606fe103d8206ccaSHA-256: 10a5f680dc4f28539dd603129ce10122844080fedc1e5347ec2a39ab9e804577 bind97-libs-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: f95e8fa0928e9d57204152a97ec01295SHA-256: 9db3a2904ae4636e5f035529737efecb6f63f3ca62b2f2e90115c1c78e48936a bind97-libs-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: c03f73dcaf116f13f69dd5665f60bc76SHA-256: c245aa94dde45616a8b07424c17c3329dbb6d16e384b2675926dc51546965e1e bind97-utils-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: fcc62373eddcb27a6bad4f72c36fa0f1SHA-256: 7703f33bf6aebcc6413e2797429859ea74791ca764206f24deccaeb1b6802935   Red Hat Enterprise Linux (v. 5 server) SRPMS: bind97-9.7.0-21.P2.el5_11.10.src.rpm     MD5: 775235c19dfed27ecc3a87fcf4c40bfeSHA-256: 2b16142fd887435ca267a8d94357c11193af9d8cf6930b24901759b1bc93e783   IA-32: bind97-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: d161503b1eb11a3b37235dc344616e51SHA-256: bd154f2d6aeda14322634dc1bd1c99b15ff594ff870cbdcbb55ca6b0ef0f4d1a bind97-chroot-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: 9af3f5d76022263cc5800b23bc048f15SHA-256: b32478f126dd5c40666d83dab756c0ff8c90eacfa48416ad623f2f676619d09f bind97-debuginfo-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: ec280c1b10a72260fc27227f9565905bSHA-256: 1454839372f144b27555a8fb931886c386766262601f1cad6e852b8f22010f8c bind97-devel-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: 8763e501a1b0ab618e6f6d3919a9e273SHA-256: 8419b598282aecc1d70b96c0d49eb6063524eccab51ca304d8b10417e82f8cb4 bind97-libs-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: f95e8fa0928e9d57204152a97ec01295SHA-256: 9db3a2904ae4636e5f035529737efecb6f63f3ca62b2f2e90115c1c78e48936a bind97-utils-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: 0b24182f88268c8b2efe5cda8160395dSHA-256: a8938654bc64386bfeb3d9e0ac777b6259881ef03c80cac73a914d1c9f2f9fce   IA-64: bind97-9.7.0-21.P2.el5_11.10.ia64.rpm     MD5: 660bca5c1321b488cbf4779c1c2f11e0SHA-256: 25fc1af1d36945d2a66bc7d6679aff650fde3aec2c510986a6146be7eac0b19c bind97-chroot-9.7.0-21.P2.el5_11.10.ia64.rpm     MD5: 1d9d1d0b4ae278914b7d05f42a95f2bcSHA-256: 321d12a4bd0e94c1860ef3fe2cfc1901b74774f116d5f7a51e7b7a99e17ffe22 bind97-debuginfo-9.7.0-21.P2.el5_11.10.ia64.rpm     MD5: 52a34d4250ffac94eff0c705068857b0SHA-256: 55dfbf9e07267587a83eaa475c8832ed95b23dc34fd299c1f25af212fd8af2cc bind97-devel-9.7.0-21.P2.el5_11.10.ia64.rpm     MD5: ee27e13925fecd1ac8969f7763fe4bfaSHA-256: 8d8fb997d805b76a48ac9dc2163e3b8416b60b6d4c4c6d745939daadb404d58f bind97-libs-9.7.0-21.P2.el5_11.10.ia64.rpm     MD5: 0f2a9f5685f634fd9f967547040b515dSHA-256: be436a3cffa3ef9a68c7839acc4dda510f24761878d91b483be2115b8846b0a3 bind97-utils-9.7.0-21.P2.el5_11.10.ia64.rpm     MD5: def465fbbaaf8cacb1db0b7e4221809dSHA-256: 26122f16acda45688bfdcb7549040c8b6e27ffe2c65982995b83809161409f0a   PPC: bind97-9.7.0-21.P2.el5_11.10.ppc.rpm     MD5: 082939f4054671c734996f707c7695bfSHA-256: be87c2d9ead10483e43b6c9da98d32be4ddae3f14997a2184e330990b171f333 bind97-chroot-9.7.0-21.P2.el5_11.10.ppc.rpm     MD5: 142640e509a66036fb58ff542e46efcdSHA-256: 45edf52af0598425ef54664086dd707db2eea15d47afa28fea2b7aa6f0321083 bind97-debuginfo-9.7.0-21.P2.el5_11.10.ppc.rpm     MD5: 09f0807a0daab96bd8805da486496c7eSHA-256: aff7692b448499961de5cbf0eea8a6fb81c34fde4597eec296072330220e68a7 bind97-debuginfo-9.7.0-21.P2.el5_11.10.ppc64.rpm     MD5: aa39af59ff4fe29755ace86405cf8b22SHA-256: 6376430483939d7ad0db97a8a1156d9c72064d594a600c21d4f88eebc1d33b89 bind97-devel-9.7.0-21.P2.el5_11.10.ppc.rpm     MD5: 922776595b8f3a185ac2fa84f57479adSHA-256: 109f6f0f16fb15662d8907304b0877582b9fe45591b4dcb150ae457b596c89d5 bind97-devel-9.7.0-21.P2.el5_11.10.ppc64.rpm     MD5: c76035178e0e7782f043b237ee9e97fbSHA-256: 510c1baab39761e1a1a88970387070de44b76d5af1acaf2fdd9016f243c83023 bind97-libs-9.7.0-21.P2.el5_11.10.ppc.rpm     MD5: 664487d135c3e28acd7e467c6899a81aSHA-256: f8d918fc48bfb0130a9ad55f108f97b4cae0ca86e5b1b6d094736b5c52374d52 bind97-libs-9.7.0-21.P2.el5_11.10.ppc64.rpm     MD5: 1cee232acc08b8adac880fddafc065dcSHA-256: d99d84935331b95576165bc1d31078374bcfa95f486527761008225abb50fc84 bind97-utils-9.7.0-21.P2.el5_11.10.ppc.rpm     MD5: fbf61dca6a7e2e5291ede6d47382c81cSHA-256: 26df5b626946642c8c3b921de452caf17f8571e8606144f7571aed1fc6fb0f06   s390x: bind97-9.7.0-21.P2.el5_11.10.s390x.rpm     MD5: 78343defc4958ff5a2167fc8f933e293SHA-256: b5704420b946672b7e7e06918437b47011328b7fa892981aebbc1ce47cb91e75 bind97-chroot-9.7.0-21.P2.el5_11.10.s390x.rpm     MD5: 60cb9028bd05ff76e46c48850a48ff07SHA-256: 4a70e173e10ed269ba164840c01469038b031458a0fa4e30fe4b9cc5f4e3676f bind97-debuginfo-9.7.0-21.P2.el5_11.10.s390.rpm     MD5: 779688bb0d3095c8c477a1c4d424a478SHA-256: 72bf17e09c333da1a9a74f6e2c83c49c4507b0fffdb03ddcc3e671fce5f907ee bind97-debuginfo-9.7.0-21.P2.el5_11.10.s390x.rpm     MD5: 2b164a982967937a35dad1e1dce02466SHA-256: 3c5814053c62cad73796906d52da1c944373ad843433bf9a241c9051bb1542db bind97-devel-9.7.0-21.P2.el5_11.10.s390.rpm     MD5: 205e2013ba29261e7eaccd3b49ea2ccdSHA-256: 753c912b2aa982a999a26ff1aac596b4ecf95eb86ac3270e463fd74ab98b7bed bind97-devel-9.7.0-21.P2.el5_11.10.s390x.rpm     MD5: c332673444a1ba7a8cb963df6f549aa9SHA-256: ad58c39179557f248bec55d0f491d174b5903a2405c6ba01d18e471bf93b89e7 bind97-libs-9.7.0-21.P2.el5_11.10.s390.rpm     MD5: 6118de1c9e958a60e0322f43a9afa753SHA-256: afd0ae8e5827b456eb283574dc7b58d0db8dd2ecaa22b5ace7ada254ff4ed426 bind97-libs-9.7.0-21.P2.el5_11.10.s390x.rpm     MD5: 5d2692ac5824ee9c6c493c2d3ff11e61SHA-256: 5455ee4ceee38603de5d610309e86289c1729216d16c225528aca5a42ac731bd bind97-utils-9.7.0-21.P2.el5_11.10.s390x.rpm     MD5: c8778e549bd96a890234bc47ad7dbcadSHA-256: 83c8e2eaf5af241fb6e1526b433d460f124dded2f6b5d2d26e7552bea8cf0b44   x86_64: bind97-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: ef27ef4f7cc6d7f086d49a492846b956SHA-256: 98dc796069d5aabb624ffe2d1a2a45d639cc6051397adc05c7af9a32fde5a7b0 bind97-chroot-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: 5bc9d2cb8f487f35a5498c657d2dbcadSHA-256: 27f1d2b557dac6e1a299a35fed36213ff4d4334fd692964856058917b96d0a20 bind97-debuginfo-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: ec280c1b10a72260fc27227f9565905bSHA-256: 1454839372f144b27555a8fb931886c386766262601f1cad6e852b8f22010f8c bind97-debuginfo-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: 18777663795b1cdeea79be42597afaa0SHA-256: 61ccdfeba11bf279c3e0cf5848efddf3e68fb20473d1142532071a2cce484423 bind97-devel-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: 8763e501a1b0ab618e6f6d3919a9e273SHA-256: 8419b598282aecc1d70b96c0d49eb6063524eccab51ca304d8b10417e82f8cb4 bind97-devel-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: 44145df6812d167f606fe103d8206ccaSHA-256: 10a5f680dc4f28539dd603129ce10122844080fedc1e5347ec2a39ab9e804577 bind97-libs-9.7.0-21.P2.el5_11.10.i386.rpm     MD5: f95e8fa0928e9d57204152a97ec01295SHA-256: 9db3a2904ae4636e5f035529737efecb6f63f3ca62b2f2e90115c1c78e48936a bind97-libs-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: c03f73dcaf116f13f69dd5665f60bc76SHA-256: c245aa94dde45616a8b07424c17c3329dbb6d16e384b2675926dc51546965e1e bind97-utils-9.7.0-21.P2.el5_11.10.x86_64.rpm     MD5: fcc62373eddcb27a6bad4f72c36fa0f1SHA-256: 7703f33bf6aebcc6413e2797429859ea74791ca764206f24deccaeb1b6802935   (The unlinked packages above are only available from the Red Hat Network) 1411367 - CVE-2016-9147 bind: assertion failure while handling a query response containing inconsistent DNSSEC information These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
2017-01 Security Bulletin: Junos: Denial of Service vulnerability in RPD (CVE-2017-2302)Product Affected:This issue can affect any product or platform running Junos OS. Problem: On Junos OS devices where the BGP add-path feature is enabled with 'send' ...
2017-01 Security Bulletin: Junos: RPD crash while processing RIP advertisements (CVE-2017-2303)Product Affected:This issue can affect any product or platform running Junos OS where RIP is enabled. Problem: Certain RIP advertisements received by the rou...
2017-01 Security Bulletin: Junos: SRX Series denial of service vulnerability in flowd due to crafted multicast packets (CVE-2017-2300)Product Affected:This issue affects any SRX Series Services Gateway chassis cluster Problem:The flowd daemon on the primary node of an SRX Series chassis cluster may crash and restart when attempting to synchronize a multicast session created via crafted multicast packets.  Upon the flowd crash, data plane redundancy groups will fail over to the secondary node in the chassis cluster while flowd on the primary node restarts.This issue only occurs in chassis cluster configurations that process transit multicast traffic.  Transit multicast traffic is processed on an SRX services gateway by enabling PIM in normal Flow Mode, or via security policies permitting transit multicast traffic in L2/Transparent Mode.Juniper SIRT is not aware of any malicious exploitation of this vulnerability.No other Juniper Networks products or platforms are affected by this issue.This issue has been assigned CVE-2017-2300. Solution:The following software releases have been updated to resolve this specific issue: Junos OS 12.1X46-D65, 12.3X48-D40, 15.1X49-D60, and all subsequent releases.This issue is being tracked as PR 1188853 and is visible on the Customer Support website.KB16765 - "In which releases are vulnerabilities fixed?" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies. Workaround:Disallow transit multicast traffic, or isolate/disable the secondary node of the chassis cluster until an upgrade can be performed. For SRXs running in Transparent Mode, any security policies permitting transit multicast traffic should be disabled (default policy is deny-all). For SRXs running in normal Flow Mode, transit multicast traffic can also be stopped by disabling PIM protocol. Implementation:How to obtain fixed software:Security vulnerabilities in Junos are fixed in the next available Maintenance Release of each supported Junos version.
In some cases, a Maintenance Release is not planned to be available in an appropriate time-frame.

For these cases, Service Releases are made available in order to be more timely.
Security Advisory and Security Notices will indicate which Maintenance and Service Releases contain fixes for the issues described. Upon request to JTAC, customers will be provided download instructions for a Service Release.

Although Juniper does not provide formal Release Note documentation for a Service Release, a list of "PRs fixed" can be provided on request.Modification History: 2017-01-11: Initial publication2017-01-18: Devices with security policies permitting transit multicast traffic in Transparent Mode are also vulnerable Related Links:CVSS Score:6.5 (CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Risk Level:Medium Risk Assessment:Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories."
EnlargeTechno Fishy reader comments 26 Share this story When Mike Tigas first created the Onion Browser app for iOS in 2012, he never expected it to become popular. He was working as a newsroom Web developer at The Spokesman-Review in Spokane, Washington, at the time, and wanted a Tor browser app for himself and his colleagues.

Expecting little interest, he then put Onion Browser on the Apple App Store at just $0.99/£0.69, the lowest non-zero price that Apple allows. Fast forward to 2016, and Tigas found himself living in New York City, working as a developer and investigative journalist at ProPublica, while earning upwards of $2,000 a month from the app—and worrying that charging for it was keeping anonymous browsing out of the hands of people who needed it. So a few weeks ago, he made the app free.
Since then, its popularity has exploded, with thousands of downloads recorded every day.

The results of the recent US presidential election might have had something to do with this decision, and its impressive results, Tigas told Ars. "Given recent events, many believe it's more important than ever to exercise and support freedom of speech, privacy rights, and digital security," he wrote in a blog post. "I think now is as good a time as ever to make Onion Browser more accessible to everyone." Global concerns also influenced his decision. "Iran is not technically a country where you can get an iPhone, but on the grey market you can," he told Ars. "People over there can't get apps you have to pay for, because you have to have a credit card that Apple actually accepts," he added, noting that economic sanctions forbid Apple from selling to Iranian iOS users. Onion Browser is the official Tor Project-endorsed Web browser for iOS.

But it lacks some of the features available for Tor Browser (Linux, MacOS, Windows) and OrFox (Android), due to technical roadblocks peculiar to iOS. Onion Browser for iOS. In order to gain control over the browser's network settings, and route web traffic over Tor, Tigas has to use the older WebKit API (UIWebView) instead of the newer version (WKWebView).

The newer version uses the device's system settings for network and proxy settings and cannot be modified by an app. Onion Browser settings The two biggest challenges Tor developers on iOS face, as Tigas outlined in this blog post on the Tor Project website, are Apple's requirement that all browsers use the iOS WebKit rendering engine, and the inability to run Tor as a system-wide service or daemon on iOS. Developers have found workarounds to both problems, and iOS users can soon expect to see a new, improved Onion Browser, as well as a Tor VPN that routes all device traffic over Tor—probably in the first quarter of 2017. Not quite as secure Unlike the Tor or OrFox, Onion Browser is not based on the Firefox Gecko rendering engine.

This is good—Onion Browser is not vulnerable to Firefox exploits—but also bad, because code cannot be reused. A further challenge, Tigas said, is that Apple’s WebKit APIs "don’t allow a lot of control over the rendering and execution of Web pages, making a Tor Browser-style security slider very difficult to implement." Many of iOS's multimedia features don't use the browser's network stack, making it difficult to ensure the native video player does not leak traffic outside of Tor. "Onion Browser tries to provide some functionality to block JavaScript and multimedia, but these features aren’t yet as robust as on other platforms," Tigas wrote. Moreover, it doesn't support tabbed browsing, and the UX is pretty basic, but Tigas is working on a rewrite based on Endless. "It adds a lot of important features over the existing Onion Browser,” he said, “like a nicer user-interface with tabbed browsing, HTTPS Everywhere, and HSTS Preloading.

There’s a new version of Onion Browser in the works that’s based on Endless that will hopefully enter beta testing this month." Welcome to the sandbox The biggest challenge to getting Tor working seamlessly on iOS, though, is the inability to run Tor as a system-wide service or daemon, something which is trivial to accomplish with most other operating systems, but unavailable to iOS app developers.

To prevent misbehaving apps from getting up to their usual mischief, Apple sandboxes apps from each other, and from the underlying OS.

This means you can't install Tor on iOS, let it run in the background, and route all your device traffic over Tor. “In iOS the moment you leave an app, the app goes to sleep,” Tigas told Ars. “With Tor Browser Bundle or OrBot on Android, other apps can use the Tor in Tor Browser Bundle, other apps can use OrBot's connection on Android.” In fact, to get Onion Browser to work, he has to compile Tor into the app itself—as does any other iOS app developer who wishes to offer a Tor connection.

But that's about to change, thanks to iCepa. A Tor VPN for iOS Enlarge / OrBot, the official Tor routing service for Android. iCepa—from the Latin cepa for onion, and pronounced i-KAY-puh—is a Tor VPN for iOS currently under development that will enable iOS users to route all their traffic over Tor. "A lot of us had the idea simultaneously after Apple released iOS 9, which added some APIs that allowed you to talk to network traffic," iCepa developer Conrad Kramer told Ars. "It was intended for companies like OpenVPN or Cisco to build their own VPN solutions for iOS, but we realised we could build a version of Tor using this API." "It's similar to how OrBot works," he added, "which also uses a VPN approach." Apple-imposed memory limits had prevented Kramer from finishing work on iCepa until recently.

The memory limit for packet-tunnel extensions, he explained, was 5MB—and Tor needs around 10MB to run. Kramer said he was able to continue development work on a jailbroken iOS 9 device, but with little motivation since a jailbroken solution would not scale.

An encounter with Apple engineers at the WWDC conference gave him the chance to lobby Apple engineers to raise the limit—which they did, in iOS 10, to 15MB, more than enough to get a Tor VPN working in iOS. Kramer told Ars he had just gotten iCepa working on his test device in mid-December, and plans to share the working code in a private alpha with other Tor developers before the end of the year. He hopes to release iCepa to the public through the App Store at the end of the first quarter of 2017. "The timeline is still uncertain," he emphasised, "but I do want to get it out as soon as possible.” Paying for Tor development Since making Onion Browser free in early December, Tigas says the number of downloads has jumped from around 3,000 paid downloads per month to thousands per day. He is at peace with his decision, though, convinced he has done the right thing, but worries about the loss of income. "[The extra money] helped keep me doing investigative journalism by day," he told Ars. "If I can get to even 15 percent of where it was before, I would be really happy and amazed.
I think I have like five people on Patreon right now." Tigas has received some financial support from the Guardian Project to continue work on Onion Browser, but, he says, the money does not come close to replacing the income lost from the App Store. “I'm still a little terrified that I've made this change,” he wrote in his blog post, “but I'm happy this day has come—and judging from the responses I've already received, so have many of you.

Thanks for your support.” J.M. Porup is a freelance cybersecurity reporter who lives in Toronto. When he dies his epitaph will simply read "assume breach." You can find him on Twitter at @toholdaquill. This post originated on Ars Technica UK
Attention: RHN Hosted will reach the end of its service life on July 31, 2017.Customers will be required to migrate existing systems to Red Hat Subscription Management prior to this date.Learn more here Details An updated openvswitch package that fixes multiple bugs is now available. Open vSwitch provides standard network bridging functions andsupport for the OpenFlow protocol for remote per-flow control oftraffic.Bugs fixed in these updated packages include:* Do not wake up when there is no db connection (#1397504)* Use instant sending instead of queue (#1397481)* DPDK vhost: workaround stale vring base (#1397196)* Do not restart the service after a package upgrade (#1397045)* Fixed to not require SSSE3 if DPDK is not used (#1397048)* Applied the systemd backports (#1397049)* Fixed missing close calls for tnl ports (#1397050) Solution Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258 Updated packages Red Hat Virtualization ( v.4 for RHEL 7) SRPMS: openvswitch-2.5.0-22.git20160727.el7fdp.src.rpm     MD5: dec02656d4e107cafea152a2206c4aa5SHA-256: d7913545abcc2f0102a42467376d3530894730f5d22aa2c8b5b72582364e094f   x86_64: openvswitch-2.5.0-22.git20160727.el7fdp.x86_64.rpm     MD5: 26b4b86cbac2f8cd4d0afc4952b1a173SHA-256: 5bf8e3e1f1609c89baa10deb1a6de1df2ef03d5e8c7204f3133d676bf3d02034 openvswitch-devel-2.5.0-22.git20160727.el7fdp.x86_64.rpm     MD5: c1d458d0173bde202fa5edcfb6085df4SHA-256: a7c354bb99fbf51587f1c751ec400eeca328fe9812e231fd4db3643d0b625432 openvswitch-test-2.5.0-22.git20160727.el7fdp.noarch.rpm     MD5: a3b45a1d3453c76d20d2f61651a8abeaSHA-256: 4376df2ffdaf5428349794f9e47a216fa6f53faca9741b2d32f781d9c81d054f python-openvswitch-2.5.0-22.git20160727.el7fdp.noarch.rpm     MD5: 081ef358ea78d23a1f4fa05749a1933bSHA-256: ec9e8d713bfd00fba83655de348c63417c2f85c53984196e2fe93f612d4bf00e   (The unlinked packages above are only available from the Red Hat Network) Bugs fixed (see bugzilla for more information) 1397045 - [fdProd] yum update of openvswitch 2.5 from 2.4 causes restart of openvswitch service that can disrupt network connectivity1397048 - [fdProd] OVS fails if SSSE3 is not supported1397049 - [fdProd] [OVS] systemd ordering of OVS service causes hang during restart when there is NFS mount over OVS1397050 - [fdProd] OvS rtnetlink race condition1397196 - [fdProd] OVS daemon crashed when guests running pktgen over OVS-dpdk bond1397481 - [fdProd] latency regression1397504 - [fdProd] ovs-vswitchd takes 100% CPU time These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
Red Hat OpenShift Enterprise release 2.2.11 is now available with updatedpackages that fix several bugs and add various enhancements. OpenShift Enterprise by Red Hat is the company's cloud computingPlatform-as-a-Service (PaaS) solution designed for on-premise orprivate cloud deployments.This update fixes the following bugs:* The routing daemon (RD) can now be configured with multiple F5 BIG-IP hosts.During F5 configurations, the RD tries to connect to the first configured host.If it fails, it retries each successive host until it connects to a host orexhausts its host list.

The RD now correctly sends a NACK response to ActiveMQwhen operations fail.

ActiveMQ redelivers the message, causing the RD to retry.The RD's communication with ActiveMQ, logging of errors, and handling of errorresponses from F5 BIG-IP improved.

This enables the RD to continue operationwith the F5 BIG-IP cluster even if the RD loses contact with the cluster,improving the RD's behavior when multiple instances are run in a clusteredconfiguration.

The RD is more resilient against losing contact with individualF5 BIG-IP hosts in a cluster of F5 BIG-IP hosts and functions better when run ina clustered configuration.

The RD elicits fewer error responses from F5 BIG-IPand provides better logs, making error diagnosis easier. (BZ#1227472)* Users can now allow the provided database connection helper functions mysql(),psql(), and mongo() to be overwritten.

This allows users to overwrite the helperfunctions to easily connect to external databases. Users can now define mysql(),psql(), and mongo() functions in their $OPENSHIFT_DATA_DIR/.bash_profile, whichcan be used within an SSH connection to a gear. (BZ#1258033)* HAProxy cookies were inconsistently named. Requests to an HA application werenot always being routed to the correct gear.

This fix changes the cookie naminglogic so that the cookie name reflects which back-end gear is handling therequest.

As a result, all back-end HAProxy gears should now return the samecookie name and the requests should be properly routed to the correct back-endgear. (BZ#1377433)* EWS Tomcat 7 can now be configured on nodes to use either EWS 2 or EWS 3channels, allowing an administrator an option of what EWS version the EWS 2cartridge deploys.

This option was enabled to allow administrators to takeadvantage of the EWS 3 lifecycle and security or bug updates that it receivescompared to the maintenance lifecycle that EWS 2 is currently receiving.Administrators have options or can mix and match EWS versions (with nodeprofiles) on what Tomcat version is installed when an EWS 2 cartridge iscreated. (BZ#1394328)* The new version of PIP (7.1.0) no longer accepted insecure (HTTP) mirrors.Also, PIP attempted to create and then write files into the .cache directory,which users do not have permission to create post-installation.

As a result,Python dependencies failed to be installed.The default PyPi mirror URL is now updated to use a secure connection (HTTPS).The directory .cache is created during installation in advance so it can be usedlater by PIP. With this fix, Python dependencies can be fetched from the PyPimirror and installed properly. (BZ#1401120)* When using a gear's UUID in the logical volume name, a grep in the oo-acceptnode caused oo-accept-node to fail.

The grep was fixed with this update. Usingthe gear UUID in the logical volume name no longer causes oo-accept-node tofail. (BZ#1401124)* Previously, moving a gear with many aliases reloaded Apache for each alias.The excess aliases caused the gear move to timeout and fail. With this fix, agear move will now update Apache once with an array of of aliases instead ofupdating after each alias. (BZ#1401132)* Previously, node-proxy did not specify to use cipher order, so the order didnot matter when using a custom cipher order.

This fix makes the node-proxy honorthe cipher order.

Custom cipher orders will now take the cipher order in accountwhen choosing a cipher. (BZ#1401133)All OpenShift Enterprise 2 users are advised to upgrade to these updatedpackages. Red Hat OpenShift Enterprise 2 SRPMS: openshift-enterprise-upgrade-2.2.11-1.el6op.src.rpm     MD5: 7ec16aed5fc59ed2890c39c512535506SHA-256: 684678600d7a39ada09613e3e8f2131ff1c0302d9e3041a187cebf76675ecaaa openshift-origin-cartridge-haproxy-1.31.7.1-1.el6op.src.rpm     MD5: a1f1449b05688c5a980633d6c7d944f3SHA-256: 2929f1d04ea76635016830e108b098bbada8b45efc7bb53c73eb445ab77c830a openshift-origin-cartridge-python-1.34.4.1-1.el6op.src.rpm     MD5: 3dcfe8900468bbf667affe2bf00a696eSHA-256: 4d29292623e415e1d5775a3f7e097d7f6a6c315d66c2a29b68e806788180ce2d openshift-origin-msg-node-mcollective-1.30.3.1-1.el6op.src.rpm     MD5: d997b5a2ad85f8d336f207978d7bd6a3SHA-256: 8894b0fdc2fb0a033626bbbd4e1ccb2eaeb3b3b8f9fb6b3d6c3904077f3d1d0c openshift-origin-node-proxy-1.26.4.1-1.el6op.src.rpm     MD5: 0a9ef5709ecdb7a38e2fb62c5be21a3dSHA-256: 5be7a48d2364bc0448f88d6a63a5be81270902695d674466c3a36d8fc5c6062c openshift-origin-node-util-1.38.8.1-1.el6op.src.rpm     MD5: de83fb1a8228c3965286c5ec20162e32SHA-256: 832c41d74199362210989ef8c73b6e463f9116d23e3b934107f6135106e9e5a5 rubygem-openshift-origin-frontend-apache-mod-rewrite-0.8.2.1-1.el6op.src.rpm     MD5: 16a356b09fa38aeb1c0dd6077b9170c6SHA-256: c6fcb52c44e805b4a2d3bd52845d3aae477a15cc9b3eadea8db4d92cff6b9cb8 rubygem-openshift-origin-frontend-apache-vhost-0.13.3.1-1.el6op.src.rpm     MD5: e8dd00e793be08b117ac994405b260b4SHA-256: 09b5e3a38406ed813841204b7247faa840cdf9e5bc031b1acf4ae4e6ddf3ebb1 rubygem-openshift-origin-frontend-haproxy-sni-proxy-0.5.3.1-1.el6op.src.rpm     MD5: 84be2c2e546dcf2d5e1c00f482347865SHA-256: d8e741d5123a3b4702c431f61e2e4f19415268f15536c8aeb4d4148a113f0fda rubygem-openshift-origin-frontend-nodejs-websocket-0.4.2.1-1.el6op.src.rpm     MD5: 78a15fbefa3e00fe25cd350b59195172SHA-256: 9e414c68803f45a0ec50a0a7f700bb80c168401ca3038310c45f624e33eb6354 rubygem-openshift-origin-node-1.38.7.1-1.el6op.src.rpm     MD5: 21ef886a44b03c688d48846fed34b974SHA-256: aeddbeafb1f58d2b2349ad5fa97fe3f5188bf5b905e0938aa3169bfe0746fdde rubygem-openshift-origin-routing-daemon-0.26.7.4-1.el6op.src.rpm     MD5: 1744e26a273c397078b83ea4946f7836SHA-256: c039f8d023321d8eed0c09b123b171f27c866860705d45aa05b85f82faedf346   x86_64: openshift-enterprise-release-2.2.11-1.el6op.noarch.rpm     MD5: 2014a606a47b5e5491341a1381f83ccfSHA-256: c211f0dd8c3efba9d8f2840a7e418f2096dbfbb47f13a8ec7cf7929e38e6162f openshift-enterprise-upgrade-broker-2.2.11-1.el6op.noarch.rpm     MD5: 74e50b025859ef9d22efaea0771d1dfaSHA-256: e9fac95a23aa696dfb4c1e4cc8cf33d5cabfb0d9ea4a7f29925936635b6f6078 openshift-enterprise-upgrade-node-2.2.11-1.el6op.noarch.rpm     MD5: 43b23128a6f8508f872f199f11e99844SHA-256: 2182ab628c84f5bdcc4fff537aadd260894787a2c2a47d2501912b7190b8ea4d openshift-enterprise-yum-validator-2.2.11-1.el6op.noarch.rpm     MD5: af77a0545ff330278c6cd6b02671695aSHA-256: b867d00bda0f52d6ba6a98a74f4303c0df9b4b74405e0487131fb3180ec2150e openshift-origin-cartridge-haproxy-1.31.7.1-1.el6op.noarch.rpm     MD5: 749c76f4c105f7ad2b8b4599c393eb39SHA-256: 51eccf1effbf4e287e5d7d22432c5c17e94ee5b03a082e40a38811a29fffb34f openshift-origin-cartridge-python-1.34.4.1-1.el6op.noarch.rpm     MD5: 5a2b1bc49dc51b6e1d27418dcbdebe92SHA-256: d1d081769812ca7ff3a109144639e5f0fdfa6879354959e1a4907b21316565d1 openshift-origin-msg-node-mcollective-1.30.3.1-1.el6op.noarch.rpm     MD5: 4f7a36fe214d0ff3c73b03f420455451SHA-256: 3571f7067485b72a67d8de2d6f22ddc06bb8e09128047011cb1c54084eb9e6d4 openshift-origin-node-proxy-1.26.4.1-1.el6op.noarch.rpm     MD5: f422b78254bc9e061281b769b6257905SHA-256: 2d0fe749cbedb32b5feaa5c871bf38c6cad7f27a90cea0f8466f774974781166 openshift-origin-node-util-1.38.8.1-1.el6op.noarch.rpm     MD5: 8a4247c0b621b63656b4fdbfaf48f9e7SHA-256: ab960e297a55df5a662793af11e6b540ebab93df6c3edb32610597afbecaacc8 rubygem-openshift-origin-frontend-apache-mod-rewrite-0.8.2.1-1.el6op.noarch.rpm     MD5: 95210c17c2f0cc126b6b0756f6ca3fc3SHA-256: 22362fee3fa68b4ad59ed0a883948d5561d425b67a3396438e408c6df3bbab56 rubygem-openshift-origin-frontend-apache-vhost-0.13.3.1-1.el6op.noarch.rpm     MD5: 59411dfa22500844ee7c995cbb3e855dSHA-256: 307fc8948cbbad0548562b7dfd01c7cc976346f9974c30f63801a6ae5925f540 rubygem-openshift-origin-frontend-haproxy-sni-proxy-0.5.3.1-1.el6op.noarch.rpm     MD5: 19897e4896ccdf8f527eeef81334dd86SHA-256: 2139ed1ff65db053d722c9a61c0490d5a1e3457bc05b7a746bb1e398c60786cb rubygem-openshift-origin-frontend-nodejs-websocket-0.4.2.1-1.el6op.noarch.rpm     MD5: a1d083fdbe96c3a50a44317d43f16f2aSHA-256: adad2d5496b14a6310eb947e4d07eecc2f892a4c8a6223473718ad006bcc761b rubygem-openshift-origin-node-1.38.7.1-1.el6op.noarch.rpm     MD5: f0863b65b63e9e85f9cfc3eef3029980SHA-256: 3e1c1250766b63670687ff4ae1e8327229e82b738057bb22758544a24cdc3fc2 rubygem-openshift-origin-routing-daemon-0.26.7.4-1.el6op.noarch.rpm     MD5: 1a08ee809815b4c0e231a98deec953d0SHA-256: be88d6d1f339675e91ca18087c9af6825afbb26f9abc2570188fb715c83fe57c   (The unlinked packages above are only available from the Red Hat Network) 1258033 - Allow the override of pre-defined function for database connections1377433 - haproxy configuration in HA gears sets inconsistent cookie values, breaking session affinity1394328 - [RFE] EWS 2 cartridge should be able to use EWS 3 binaries.1401120 - pip permission error prevents installing on python-2.7 cartridge1401124 - oo-accept-node reports missing quota if filesystem name contains gear uuid1401132 - Moving gears with many aliases causes excessive number of apache reloads These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
An update for kernel is now available for Red Hat Enterprise Linux 7.1 ExtendedUpdate Support.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operatingsystem.Security Fix(es):* A flaw was found in the way the Linux kernel's networking subsystem handledoffloaded packets with multiple layers of encapsulation in the GRO (GenericReceive Offload) code path.

A remote attacker could use this flaw to triggerunbounded recursion in the kernel that could lead to stack corruption, resultingin a system crash. (CVE-2016-8666, Important)Bug Fix(es):* When a virtual machine (VM) with PCI-Passthrough interfaces was recreated, theoperating system rebooted.

This update fixes the race condition between theeventfd daemon and the virqfd daemon.

As a result, the operating system nolonger reboots in the described situation. (BZ#1391609) Red Hat Enterprise Linux HPC Node EUS (v. 7.1) SRPMS: kernel-3.10.0-229.46.1.el7.src.rpm     MD5: eb82f6173c40ac0931cff636dafcb802SHA-256: c50bbb8e3c5a6fb9c5cc2addf5f73efe34074a9c72592222aa634fa2fb28642d   x86_64: kernel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: eebaaa2903a6edc607f79bb959876ceaSHA-256: 36998ebae77cd1a7ecf7c82b28014470ba1c3d6890d649b240e943c2e9f3524c kernel-abi-whitelists-3.10.0-229.46.1.el7.noarch.rpm     MD5: b021a7f60694e790f53889c26d66ee2fSHA-256: e9ffadcadbfc50e8ca59233b839551c376e7242b7d3d2d225ecad6af989a9d73 kernel-debug-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 064931e3210c43f677a957def3c2635dSHA-256: 9470f05eca80842e04cb9a1ccec84862eddc841cf2307bbd6e16d93e3ac323fd kernel-debug-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 53de79a51c771512c82ed14aa47615d3SHA-256: 158c1caa2eea775d7cf28e579c996b51256e10d1d8f3a2a51673a83f6953a765 kernel-debug-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 4fddb0d7bc6e4e9bc1a7b5e920ef8ea8SHA-256: 727edcd7180e6339ee21604f994b50c6f27ccd6bfc84eb095c2365803bdafd22 kernel-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 84282992fe1a451e08db45a556c6055cSHA-256: 48e931f8354bd380a0cfee7030bf80cc8eed9735b5f839217ae5625ab162fefe kernel-debuginfo-common-x86_64-3.10.0-229.46.1.el7.x86_64.rpm     MD5: ded3a586b5b9e7d056124f06c386bd9cSHA-256: 48cba79219ead6676acdcc0c39aebd409071f1e95632ba5609c306ff0f945394 kernel-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 2b834a06236b5636d6dc6d36315d24baSHA-256: e0e97b797ac4353a237890a66dc16c8204fdfdb16f8bc7ce06cb9fa44cfb2169 kernel-doc-3.10.0-229.46.1.el7.noarch.rpm     MD5: 28fbfc640bcc6ad37f4eb28cc9994932SHA-256: e74cac20d96212a918e508123fe2f8017014cf51a8d7c2b2fb5e377cfa38779f kernel-headers-3.10.0-229.46.1.el7.x86_64.rpm     MD5: ea5eef5f3f3314d43171b7617e4e4d91SHA-256: 818e170959b3fad5572201696215455136b2bc16d10e9e664a366b6f1da232ec kernel-tools-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 28b80fc4ba9454988c67dd3862f4fb26SHA-256: 450a7cb073958de92e15a16da9938c67d23cb07bf87e1504853b34a094653cc0 kernel-tools-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 7489f88e631b3f3975def4f139c3b126SHA-256: 275829d4abdcbfc2ac0bfe94b8f8fea1034df48db998f1f0937e2cc2360103d3 kernel-tools-libs-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 376aa16aca1b6751e5cccef0d522dc52SHA-256: 64d3e575775e8cdcd83d64432b3f2c0b7777d2cac9b69f4d61fa86cbcf4ca0cc kernel-tools-libs-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 5fc1f87a1d07a162a481fd20a1b089e8SHA-256: b77f3ed2d4e904a640cb9295b21235301af6ce02fec997f1b5442e04a250b6f8 perf-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 518860373a95034a54f6a961004e6bebSHA-256: db9e113efa1def58d3dbe94acaa0d4abb5ec37d9dc93a8b8ac65beaed6e43f77 perf-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 69d0bf7cfdf0af85538347d8825609e7SHA-256: a03c27e43505478a23d67d05f07b7154d7321c198fb99e2ec2b869287ffb7bda python-perf-3.10.0-229.46.1.el7.x86_64.rpm     MD5: e6cf38e46b76af2386c2494043026168SHA-256: db082c13a128545dcc5bdccf5f59d98229b3e4c508905524f51e7a56eb417204 python-perf-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: e0950880e3da2c88fcff83c82770dc65SHA-256: 4d9d982edd9c6baaf77921f1544e491a925d683695f18b6e49f7f460ba4b06ac   Red Hat Enterprise Linux Server EUS (v. 7.1) SRPMS: kernel-3.10.0-229.46.1.ael7b.src.rpm     MD5: fabb20a1cd6ff6ebed2820aa69a0b30dSHA-256: 83d614bff184e37623505dd71aa72a67f62ffe7679a68ec2d801d011541c31c5 kernel-3.10.0-229.46.1.el7.src.rpm     MD5: eb82f6173c40ac0931cff636dafcb802SHA-256: c50bbb8e3c5a6fb9c5cc2addf5f73efe34074a9c72592222aa634fa2fb28642d   PPC: kernel-3.10.0-229.46.1.el7.ppc64.rpm     MD5: da18e1976819de9dd6d12c4cb207a59cSHA-256: e20fa1061253dcb48c167e75df1c3408d2f7aa8fe04922506d93a61c9d49e23b kernel-abi-whitelists-3.10.0-229.46.1.el7.noarch.rpm     MD5: b021a7f60694e790f53889c26d66ee2fSHA-256: e9ffadcadbfc50e8ca59233b839551c376e7242b7d3d2d225ecad6af989a9d73 kernel-bootwrapper-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 34d97378ef658a463af828cc6382a2f4SHA-256: 3d1fd78e9d437c5da1de3f9402608650c3ee0968e0dccd61b8e293c190a042c2 kernel-debug-3.10.0-229.46.1.el7.ppc64.rpm     MD5: ccde9fc8cb62f1216201a56113d655adSHA-256: 947df012692b0a8a9b61b77642cd870152332f54705cbbbcbb37d503c037dbba kernel-debug-debuginfo-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 5d07f6b87f071ec73858b9b5a06b8870SHA-256: 37865f75b31d21536b3601e48f3c31d13091f596787a13c5459e6b6606c769c9 kernel-debug-devel-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 9540ecdff1a3faf016bc7d0f79af69aaSHA-256: 7d1be84f7a4510682b60fa0793620ecb9f9ad1a56b2ff11498f242f470a0f91b kernel-debuginfo-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 81fbf4feb97818aa41ed0c0ad51f3e16SHA-256: c9b3ef4424cc53c99c74bcd0f5d31c3db1a3a789831bc0a98761e850349a088d kernel-debuginfo-common-ppc64-3.10.0-229.46.1.el7.ppc64.rpm     MD5: be27dfd34d19791179c35dacd1fc2fedSHA-256: a772e8d3e4504cbce06d7fb2b4267ceb389d97f56288835527c58c5242994582 kernel-devel-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 0ac7e30b62a1fbc700c45aab1c243d42SHA-256: 583cdd0a7fed0920f3424912efd9f1824daa561a2b29ef7f6a730bccc95585ad kernel-doc-3.10.0-229.46.1.el7.noarch.rpm     MD5: 28fbfc640bcc6ad37f4eb28cc9994932SHA-256: e74cac20d96212a918e508123fe2f8017014cf51a8d7c2b2fb5e377cfa38779f kernel-headers-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 04f0f2e38f8c8effe5afa1ced6d1b11eSHA-256: d3a494482629ff565fdec0f941f9ac097b35c34f10219c299a37edc46c77c26f kernel-tools-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 831110555db66e45d6e130f20b8dd12fSHA-256: 9922f623942f6573a4b4ce21943e36cd69fc03050632b914affe696e0d09dcbc kernel-tools-debuginfo-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 3420915e02dde303d6a43ef49d74e458SHA-256: a04e99b051004a4350dddf86d79091286eaec2f36a8e17aad905e51e37c1ee32 kernel-tools-libs-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 818817395d7425da7b1f5240b05e9ca2SHA-256: 88ea9f46b06a1638a27f6f218357dbbd3548c9a74e5f5e30bdf3812990d0e8ca kernel-tools-libs-devel-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 36b9e015ad58d13b94ef383c7b724f41SHA-256: 9f245789e4647e57185372ac626b4439f486375463289e222a9d458e3fd0f6d8 perf-3.10.0-229.46.1.el7.ppc64.rpm     MD5: de6416978439f98928ebc40e6412321eSHA-256: 9ad35d56bf54a934324ae214f62f5e21a358f5d43612bc2e56cdd781859b00fe perf-debuginfo-3.10.0-229.46.1.el7.ppc64.rpm     MD5: a4d144f0be0f7f778f6e70113e37b86aSHA-256: 350c6f1ffa00f12905a2c41c6b363bec5a8b1ec69d47e2e5a582eda9e97eca20 python-perf-3.10.0-229.46.1.el7.ppc64.rpm     MD5: f58d7b1992fcf760dbe2934b82758f93SHA-256: e44a4e4ff4b7e35d3c2b34de87bf6669cc97f75ee2d1133c672645aac8145f6b python-perf-debuginfo-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 9ac167078dc2f6c1ad18cc37ec50e41dSHA-256: 9937a98afe7a2eb0b10e2218781a3b9e6429147815338f947a5d69628673bdcc   PPC64LE: kernel-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: cde478f0f36304e7ccf63f685dff8fbfSHA-256: 59fee8700b4abf362f5ca667c7a5ab71d5b26f3fb6550f9b17822a8dd4a9db4e kernel-abi-whitelists-3.10.0-229.46.1.ael7b.noarch.rpm     MD5: 1533592451a944a91aea562896fca34bSHA-256: 2c859d7e2c11147dfa8f480812ba5aa25c0811ec2fb882b8ba58c72cca504afe kernel-bootwrapper-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: e51f39de097aa16a5056e477f040a230SHA-256: 15751dbb76d403bd726f1bf00a4257663b27594bb4e35b70ed8a2de289a39c71 kernel-debug-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: f23782a77d64fa20fe88a0db333b123eSHA-256: 417215866a0cf1df6fd094c6db87a3af39d76c1da13b52ad515941f5905238a0 kernel-debug-debuginfo-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 0b66d029cce08401861206efcb1e803eSHA-256: bb4f09f57239bd3b9e42e2c246b051fa6327140ec36aa461c459a25ca8bbd7fb kernel-debug-devel-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 9b93b697e666b4dd4eeef04c224e9dceSHA-256: 83fd903533528fae425e9b43ce48ca3face63d3e62468bd788c9110fb0766844 kernel-debuginfo-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 24522bd6d8554bd1b37b221fe5397259SHA-256: 5b3aaf914f6dd7a4e59ead97c5e523c86da6e82d890f8e7160e6ce8a447c5d1a kernel-debuginfo-common-ppc64le-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 9b5f7c3ccb670a21e93031feb511da89SHA-256: 0d0f0d68804f24cbd8ffc5c184c172869e8ffe9b2d06b8da996e4698b7d9ec0e kernel-devel-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: e32ee85d952fa5285c1d071786ee35adSHA-256: e36bb7f0284437c6c1ac222f0e3a1ac38ea255649ba6929f9948a33ef438f5c2 kernel-doc-3.10.0-229.46.1.ael7b.noarch.rpm     MD5: f3bd5433161dc37d5fa614679b982e0aSHA-256: 1c350f9a09481427ab1c18341e940420c6639b4a9c8ff888e21fcb04d43a8562 kernel-headers-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 0d844aac4143afc2f43ed1d9df580249SHA-256: 21d0b037289d66c1f9b8bed59d0250029ed17c88bb0ce434b01d57b244725fc7 kernel-tools-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: db92c86c36d2ed3a5c15dfa934d8c1a4SHA-256: 9f2adc0b7e530f38de745d92e7857db14337dc5847a968a346277653f9548685 kernel-tools-debuginfo-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 2dedbe49f733ceb38a12014660760489SHA-256: 5d0cf26aaf93c3da39c24ff424bfddcfc04a9ef57e20f49d3aa88232f03fda32 kernel-tools-libs-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: ec74fd5749b26414d40b46900c72ef39SHA-256: ce264c44bb877c833daf5de6c6106c58ed5f2514e4ff9f1a18aee410a6ba9075 kernel-tools-libs-devel-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: bae8db250ae6b3487d364fcd0912abd8SHA-256: 46df013ad2d5d263515e5d7d177416f01a47cccaba8f1dea03e3454e7ab28d94 perf-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 152fc4053661576c44108b09da7c4f2aSHA-256: dd54cb918c413f358548fa903e6d5215508a83c0ea1dcf52b45df641d6bb61db perf-debuginfo-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: c73687fa8e266c11f009402a70400d77SHA-256: 27ef6d40b8fb6f298394103077e26b2f94be02d5d681bc14e48babb99644b5f6 python-perf-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 69c3fe1afcef50878da92f7f6aad9933SHA-256: 127b4a32b708425379e324708e23f5aa9633c16b75809db4e957bf08b1c77653 python-perf-debuginfo-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 2f8e1002c8f8338564dab80011a7886eSHA-256: 81dd5eeb4729e2e24b1ff8bfecd3a496db5d684c8302397c6b1187371d2561e4   s390x: kernel-3.10.0-229.46.1.el7.s390x.rpm     MD5: ce50a002f557452bb6dd98a629ee642aSHA-256: bd3b706c04864bbfaa91e40c8fa30973f899eecd80f4d16b562bba1c5bc0ea75 kernel-abi-whitelists-3.10.0-229.46.1.el7.noarch.rpm     MD5: b021a7f60694e790f53889c26d66ee2fSHA-256: e9ffadcadbfc50e8ca59233b839551c376e7242b7d3d2d225ecad6af989a9d73 kernel-debug-3.10.0-229.46.1.el7.s390x.rpm     MD5: 3ec6df2d965f4cdfb016fba12a37fa12SHA-256: ec3653b53fd7f530a7ff8ac1b467e728c219751736c4dbdc2a9ea5587dc36de3 kernel-debug-debuginfo-3.10.0-229.46.1.el7.s390x.rpm     MD5: 41cc6d17e7a7a9467c600174f8bd05e9SHA-256: b7555b59606ead40847d0bede85bec425739106568c26089c5d83f06fc0ef50c kernel-debug-devel-3.10.0-229.46.1.el7.s390x.rpm     MD5: 6914c4e04222dd864bc99ca20fdb9db4SHA-256: 1d0d46cac3bb0f4370964927e8aa1235bee26076a20a0670416efb80525afaaa kernel-debuginfo-3.10.0-229.46.1.el7.s390x.rpm     MD5: 1678a4c4f9f5519f441795af55661aeaSHA-256: 9461aaeb5795cd9858c0a1a4ec28aa657ad06bef85a713de3196727c2964d871 kernel-debuginfo-common-s390x-3.10.0-229.46.1.el7.s390x.rpm     MD5: ff68b1a312e0ea561b90b4c532932ee9SHA-256: 72484652e588881303b667cf3abf612fd6392a06055eb59ed80e830df6a66b16 kernel-devel-3.10.0-229.46.1.el7.s390x.rpm     MD5: ae1515ccff45c9fb664677467129b564SHA-256: a6b2edeaeb88da5cdbcc4ec64dfad39a567b9d723e726a4f50855342368d0862 kernel-doc-3.10.0-229.46.1.el7.noarch.rpm     MD5: 28fbfc640bcc6ad37f4eb28cc9994932SHA-256: e74cac20d96212a918e508123fe2f8017014cf51a8d7c2b2fb5e377cfa38779f kernel-headers-3.10.0-229.46.1.el7.s390x.rpm     MD5: 087b2f05dd436bbf5c4701236d0cbaebSHA-256: ff1abbef6660467a48365b2e622c4f4896879acbdb353b38fe93a06c793ae605 kernel-kdump-3.10.0-229.46.1.el7.s390x.rpm     MD5: a0af5f9ea66119d86335db7dc97f2f05SHA-256: e66c01d05dd7e92e77a6e8b665ead85c694117d220145a9e4510b0c36869c879 kernel-kdump-debuginfo-3.10.0-229.46.1.el7.s390x.rpm     MD5: eed36dab73520c9d62883d02ce82a0cdSHA-256: 56b6db05cd64a4a5ef6f9c13045bd600f69299c5c64f3ef721eacb75e5fa01b3 kernel-kdump-devel-3.10.0-229.46.1.el7.s390x.rpm     MD5: e44ad20da9a038c56a67b1cc9193c340SHA-256: c66dd94fa1adc5e083054b10c6ef15edc2f65474c29f5e4a9f2bb768d3ed201e perf-3.10.0-229.46.1.el7.s390x.rpm     MD5: 1a1d7503eab84c311e53702b11c1d626SHA-256: 950e1500e42b8845f9e1e27d2285a31c7ed815beac7b6feddcd72dc16472eaf6 perf-debuginfo-3.10.0-229.46.1.el7.s390x.rpm     MD5: 933fbed1fdfff99601e979e8c6ff4a99SHA-256: cd1577ba5316450273883345f15849a438ee18713f4b310be199c0bc59ff440b python-perf-3.10.0-229.46.1.el7.s390x.rpm     MD5: d169ec523ad86378dd0a1de9ee6415f1SHA-256: e5e8a3eecebb6297f84282b3b92bfcc90d3f3d6694a9a6ae9e3b994371ef1028 python-perf-debuginfo-3.10.0-229.46.1.el7.s390x.rpm     MD5: b95d947b472519f84ef5a014d1180584SHA-256: d7f0bde57a455bb524002f203c45851cc3d05e826b9cdb54dfea41f61d554968   x86_64: kernel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: eebaaa2903a6edc607f79bb959876ceaSHA-256: 36998ebae77cd1a7ecf7c82b28014470ba1c3d6890d649b240e943c2e9f3524c kernel-abi-whitelists-3.10.0-229.46.1.el7.noarch.rpm     MD5: b021a7f60694e790f53889c26d66ee2fSHA-256: e9ffadcadbfc50e8ca59233b839551c376e7242b7d3d2d225ecad6af989a9d73 kernel-debug-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 064931e3210c43f677a957def3c2635dSHA-256: 9470f05eca80842e04cb9a1ccec84862eddc841cf2307bbd6e16d93e3ac323fd kernel-debug-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 53de79a51c771512c82ed14aa47615d3SHA-256: 158c1caa2eea775d7cf28e579c996b51256e10d1d8f3a2a51673a83f6953a765 kernel-debug-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 4fddb0d7bc6e4e9bc1a7b5e920ef8ea8SHA-256: 727edcd7180e6339ee21604f994b50c6f27ccd6bfc84eb095c2365803bdafd22 kernel-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 84282992fe1a451e08db45a556c6055cSHA-256: 48e931f8354bd380a0cfee7030bf80cc8eed9735b5f839217ae5625ab162fefe kernel-debuginfo-common-x86_64-3.10.0-229.46.1.el7.x86_64.rpm     MD5: ded3a586b5b9e7d056124f06c386bd9cSHA-256: 48cba79219ead6676acdcc0c39aebd409071f1e95632ba5609c306ff0f945394 kernel-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 2b834a06236b5636d6dc6d36315d24baSHA-256: e0e97b797ac4353a237890a66dc16c8204fdfdb16f8bc7ce06cb9fa44cfb2169 kernel-doc-3.10.0-229.46.1.el7.noarch.rpm     MD5: 28fbfc640bcc6ad37f4eb28cc9994932SHA-256: e74cac20d96212a918e508123fe2f8017014cf51a8d7c2b2fb5e377cfa38779f kernel-headers-3.10.0-229.46.1.el7.x86_64.rpm     MD5: ea5eef5f3f3314d43171b7617e4e4d91SHA-256: 818e170959b3fad5572201696215455136b2bc16d10e9e664a366b6f1da232ec kernel-tools-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 28b80fc4ba9454988c67dd3862f4fb26SHA-256: 450a7cb073958de92e15a16da9938c67d23cb07bf87e1504853b34a094653cc0 kernel-tools-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 7489f88e631b3f3975def4f139c3b126SHA-256: 275829d4abdcbfc2ac0bfe94b8f8fea1034df48db998f1f0937e2cc2360103d3 kernel-tools-libs-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 376aa16aca1b6751e5cccef0d522dc52SHA-256: 64d3e575775e8cdcd83d64432b3f2c0b7777d2cac9b69f4d61fa86cbcf4ca0cc kernel-tools-libs-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 5fc1f87a1d07a162a481fd20a1b089e8SHA-256: b77f3ed2d4e904a640cb9295b21235301af6ce02fec997f1b5442e04a250b6f8 perf-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 518860373a95034a54f6a961004e6bebSHA-256: db9e113efa1def58d3dbe94acaa0d4abb5ec37d9dc93a8b8ac65beaed6e43f77 perf-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 69d0bf7cfdf0af85538347d8825609e7SHA-256: a03c27e43505478a23d67d05f07b7154d7321c198fb99e2ec2b869287ffb7bda python-perf-3.10.0-229.46.1.el7.x86_64.rpm     MD5: e6cf38e46b76af2386c2494043026168SHA-256: db082c13a128545dcc5bdccf5f59d98229b3e4c508905524f51e7a56eb417204 python-perf-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: e0950880e3da2c88fcff83c82770dc65SHA-256: 4d9d982edd9c6baaf77921f1544e491a925d683695f18b6e49f7f460ba4b06ac   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
Dismissed hacker calls US Govt buddy to nix exposed database A Pentagon subcontractor has exposed the names, locations, Social Security Numbers, and salaries of Military Special Operations Command (SOCOM) healthcare professionals. The 11Gb cleartext and openly accessible database also included names and locations of at least two Special Forces analysts with Top Secret government clearance. It exposed pay scales, living quarters, and residences of psychologists and other SOCOM healthcare workers. MacKeeper researcher Chris Vickery found the breach, reporting it to Protomac Healthcare Solutions. He says the company has fixed the exposure, but did not initially appear to take his disclosure seriously. "It is not presently known why an unprotected remote synchronization (rsync) service was active at an IP address tied to Potomac," Vickery says. "I do know that when I called one of the company’s CEOs to report the exposure, he did not seem to take me seriously. "It shouldn’t take over an hour to contact your IT guy and kill an rsync daemon." . The files were taken down 30 minutes after Vickery called a US Government department contact informing them of the exposure at Protomac Healthcare Solutions. "It’s not hard to imagine a Hollywood plotline in which a situation like this results in someone being kidnapped or blackmailed for information," he says. "Let’s hope that I was the only outsider to come across this gem." The breach also included financial and accounting information on Protomac Healthcare Solutions. ® Sponsored: Customer Identity and Access Management