13.6 C
London
Tuesday, September 26, 2017
Home Tags Encapsulation

Tag: Encapsulation

"You know, sometimes life isn't fair."
It will be easier to migrate code to the planned Java 9 release, due in late July, if the committee that managed Java approves a proposal just made by Oracle to better accommodate modularity, the key new feature in Java 9. Oracle made the proposal after getting strong opposition to its modularization plans from the Java communityIn a proposal floated Thursday, Mark Reinhold, Oraclersquo;s chief Java architect, said strong encapsulation of JDK-internal APIs has caused worries that code that works on JDK 8 will not work on JDK 9 and that no advance warning of this was given in JDK 8. “To help the entire ecosystem migrate to the modular Java platform at a more relaxed pace, I hereby propose to allow illegal reflective access from code on the class path by default in JDK 9, and to disallow it in a future release,” he said.To read this article in full or to leave a comment, please click here
An update for kernel is now available for Red Hat Enterprise Linux 7.1 ExtendedUpdate Support.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. The kernel packages contain the Linux kernel, the core of any Linux operatingsystem.Security Fix(es):* A flaw was found in the way the Linux kernel's networking subsystem handledoffloaded packets with multiple layers of encapsulation in the GRO (GenericReceive Offload) code path.

A remote attacker could use this flaw to triggerunbounded recursion in the kernel that could lead to stack corruption, resultingin a system crash. (CVE-2016-8666, Important)Bug Fix(es):* When a virtual machine (VM) with PCI-Passthrough interfaces was recreated, theoperating system rebooted.

This update fixes the race condition between theeventfd daemon and the virqfd daemon.

As a result, the operating system nolonger reboots in the described situation. (BZ#1391609) Red Hat Enterprise Linux HPC Node EUS (v. 7.1) SRPMS: kernel-3.10.0-229.46.1.el7.src.rpm     MD5: eb82f6173c40ac0931cff636dafcb802SHA-256: c50bbb8e3c5a6fb9c5cc2addf5f73efe34074a9c72592222aa634fa2fb28642d   x86_64: kernel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: eebaaa2903a6edc607f79bb959876ceaSHA-256: 36998ebae77cd1a7ecf7c82b28014470ba1c3d6890d649b240e943c2e9f3524c kernel-abi-whitelists-3.10.0-229.46.1.el7.noarch.rpm     MD5: b021a7f60694e790f53889c26d66ee2fSHA-256: e9ffadcadbfc50e8ca59233b839551c376e7242b7d3d2d225ecad6af989a9d73 kernel-debug-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 064931e3210c43f677a957def3c2635dSHA-256: 9470f05eca80842e04cb9a1ccec84862eddc841cf2307bbd6e16d93e3ac323fd kernel-debug-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 53de79a51c771512c82ed14aa47615d3SHA-256: 158c1caa2eea775d7cf28e579c996b51256e10d1d8f3a2a51673a83f6953a765 kernel-debug-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 4fddb0d7bc6e4e9bc1a7b5e920ef8ea8SHA-256: 727edcd7180e6339ee21604f994b50c6f27ccd6bfc84eb095c2365803bdafd22 kernel-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 84282992fe1a451e08db45a556c6055cSHA-256: 48e931f8354bd380a0cfee7030bf80cc8eed9735b5f839217ae5625ab162fefe kernel-debuginfo-common-x86_64-3.10.0-229.46.1.el7.x86_64.rpm     MD5: ded3a586b5b9e7d056124f06c386bd9cSHA-256: 48cba79219ead6676acdcc0c39aebd409071f1e95632ba5609c306ff0f945394 kernel-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 2b834a06236b5636d6dc6d36315d24baSHA-256: e0e97b797ac4353a237890a66dc16c8204fdfdb16f8bc7ce06cb9fa44cfb2169 kernel-doc-3.10.0-229.46.1.el7.noarch.rpm     MD5: 28fbfc640bcc6ad37f4eb28cc9994932SHA-256: e74cac20d96212a918e508123fe2f8017014cf51a8d7c2b2fb5e377cfa38779f kernel-headers-3.10.0-229.46.1.el7.x86_64.rpm     MD5: ea5eef5f3f3314d43171b7617e4e4d91SHA-256: 818e170959b3fad5572201696215455136b2bc16d10e9e664a366b6f1da232ec kernel-tools-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 28b80fc4ba9454988c67dd3862f4fb26SHA-256: 450a7cb073958de92e15a16da9938c67d23cb07bf87e1504853b34a094653cc0 kernel-tools-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 7489f88e631b3f3975def4f139c3b126SHA-256: 275829d4abdcbfc2ac0bfe94b8f8fea1034df48db998f1f0937e2cc2360103d3 kernel-tools-libs-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 376aa16aca1b6751e5cccef0d522dc52SHA-256: 64d3e575775e8cdcd83d64432b3f2c0b7777d2cac9b69f4d61fa86cbcf4ca0cc kernel-tools-libs-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 5fc1f87a1d07a162a481fd20a1b089e8SHA-256: b77f3ed2d4e904a640cb9295b21235301af6ce02fec997f1b5442e04a250b6f8 perf-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 518860373a95034a54f6a961004e6bebSHA-256: db9e113efa1def58d3dbe94acaa0d4abb5ec37d9dc93a8b8ac65beaed6e43f77 perf-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 69d0bf7cfdf0af85538347d8825609e7SHA-256: a03c27e43505478a23d67d05f07b7154d7321c198fb99e2ec2b869287ffb7bda python-perf-3.10.0-229.46.1.el7.x86_64.rpm     MD5: e6cf38e46b76af2386c2494043026168SHA-256: db082c13a128545dcc5bdccf5f59d98229b3e4c508905524f51e7a56eb417204 python-perf-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: e0950880e3da2c88fcff83c82770dc65SHA-256: 4d9d982edd9c6baaf77921f1544e491a925d683695f18b6e49f7f460ba4b06ac   Red Hat Enterprise Linux Server EUS (v. 7.1) SRPMS: kernel-3.10.0-229.46.1.ael7b.src.rpm     MD5: fabb20a1cd6ff6ebed2820aa69a0b30dSHA-256: 83d614bff184e37623505dd71aa72a67f62ffe7679a68ec2d801d011541c31c5 kernel-3.10.0-229.46.1.el7.src.rpm     MD5: eb82f6173c40ac0931cff636dafcb802SHA-256: c50bbb8e3c5a6fb9c5cc2addf5f73efe34074a9c72592222aa634fa2fb28642d   PPC: kernel-3.10.0-229.46.1.el7.ppc64.rpm     MD5: da18e1976819de9dd6d12c4cb207a59cSHA-256: e20fa1061253dcb48c167e75df1c3408d2f7aa8fe04922506d93a61c9d49e23b kernel-abi-whitelists-3.10.0-229.46.1.el7.noarch.rpm     MD5: b021a7f60694e790f53889c26d66ee2fSHA-256: e9ffadcadbfc50e8ca59233b839551c376e7242b7d3d2d225ecad6af989a9d73 kernel-bootwrapper-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 34d97378ef658a463af828cc6382a2f4SHA-256: 3d1fd78e9d437c5da1de3f9402608650c3ee0968e0dccd61b8e293c190a042c2 kernel-debug-3.10.0-229.46.1.el7.ppc64.rpm     MD5: ccde9fc8cb62f1216201a56113d655adSHA-256: 947df012692b0a8a9b61b77642cd870152332f54705cbbbcbb37d503c037dbba kernel-debug-debuginfo-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 5d07f6b87f071ec73858b9b5a06b8870SHA-256: 37865f75b31d21536b3601e48f3c31d13091f596787a13c5459e6b6606c769c9 kernel-debug-devel-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 9540ecdff1a3faf016bc7d0f79af69aaSHA-256: 7d1be84f7a4510682b60fa0793620ecb9f9ad1a56b2ff11498f242f470a0f91b kernel-debuginfo-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 81fbf4feb97818aa41ed0c0ad51f3e16SHA-256: c9b3ef4424cc53c99c74bcd0f5d31c3db1a3a789831bc0a98761e850349a088d kernel-debuginfo-common-ppc64-3.10.0-229.46.1.el7.ppc64.rpm     MD5: be27dfd34d19791179c35dacd1fc2fedSHA-256: a772e8d3e4504cbce06d7fb2b4267ceb389d97f56288835527c58c5242994582 kernel-devel-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 0ac7e30b62a1fbc700c45aab1c243d42SHA-256: 583cdd0a7fed0920f3424912efd9f1824daa561a2b29ef7f6a730bccc95585ad kernel-doc-3.10.0-229.46.1.el7.noarch.rpm     MD5: 28fbfc640bcc6ad37f4eb28cc9994932SHA-256: e74cac20d96212a918e508123fe2f8017014cf51a8d7c2b2fb5e377cfa38779f kernel-headers-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 04f0f2e38f8c8effe5afa1ced6d1b11eSHA-256: d3a494482629ff565fdec0f941f9ac097b35c34f10219c299a37edc46c77c26f kernel-tools-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 831110555db66e45d6e130f20b8dd12fSHA-256: 9922f623942f6573a4b4ce21943e36cd69fc03050632b914affe696e0d09dcbc kernel-tools-debuginfo-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 3420915e02dde303d6a43ef49d74e458SHA-256: a04e99b051004a4350dddf86d79091286eaec2f36a8e17aad905e51e37c1ee32 kernel-tools-libs-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 818817395d7425da7b1f5240b05e9ca2SHA-256: 88ea9f46b06a1638a27f6f218357dbbd3548c9a74e5f5e30bdf3812990d0e8ca kernel-tools-libs-devel-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 36b9e015ad58d13b94ef383c7b724f41SHA-256: 9f245789e4647e57185372ac626b4439f486375463289e222a9d458e3fd0f6d8 perf-3.10.0-229.46.1.el7.ppc64.rpm     MD5: de6416978439f98928ebc40e6412321eSHA-256: 9ad35d56bf54a934324ae214f62f5e21a358f5d43612bc2e56cdd781859b00fe perf-debuginfo-3.10.0-229.46.1.el7.ppc64.rpm     MD5: a4d144f0be0f7f778f6e70113e37b86aSHA-256: 350c6f1ffa00f12905a2c41c6b363bec5a8b1ec69d47e2e5a582eda9e97eca20 python-perf-3.10.0-229.46.1.el7.ppc64.rpm     MD5: f58d7b1992fcf760dbe2934b82758f93SHA-256: e44a4e4ff4b7e35d3c2b34de87bf6669cc97f75ee2d1133c672645aac8145f6b python-perf-debuginfo-3.10.0-229.46.1.el7.ppc64.rpm     MD5: 9ac167078dc2f6c1ad18cc37ec50e41dSHA-256: 9937a98afe7a2eb0b10e2218781a3b9e6429147815338f947a5d69628673bdcc   PPC64LE: kernel-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: cde478f0f36304e7ccf63f685dff8fbfSHA-256: 59fee8700b4abf362f5ca667c7a5ab71d5b26f3fb6550f9b17822a8dd4a9db4e kernel-abi-whitelists-3.10.0-229.46.1.ael7b.noarch.rpm     MD5: 1533592451a944a91aea562896fca34bSHA-256: 2c859d7e2c11147dfa8f480812ba5aa25c0811ec2fb882b8ba58c72cca504afe kernel-bootwrapper-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: e51f39de097aa16a5056e477f040a230SHA-256: 15751dbb76d403bd726f1bf00a4257663b27594bb4e35b70ed8a2de289a39c71 kernel-debug-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: f23782a77d64fa20fe88a0db333b123eSHA-256: 417215866a0cf1df6fd094c6db87a3af39d76c1da13b52ad515941f5905238a0 kernel-debug-debuginfo-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 0b66d029cce08401861206efcb1e803eSHA-256: bb4f09f57239bd3b9e42e2c246b051fa6327140ec36aa461c459a25ca8bbd7fb kernel-debug-devel-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 9b93b697e666b4dd4eeef04c224e9dceSHA-256: 83fd903533528fae425e9b43ce48ca3face63d3e62468bd788c9110fb0766844 kernel-debuginfo-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 24522bd6d8554bd1b37b221fe5397259SHA-256: 5b3aaf914f6dd7a4e59ead97c5e523c86da6e82d890f8e7160e6ce8a447c5d1a kernel-debuginfo-common-ppc64le-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 9b5f7c3ccb670a21e93031feb511da89SHA-256: 0d0f0d68804f24cbd8ffc5c184c172869e8ffe9b2d06b8da996e4698b7d9ec0e kernel-devel-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: e32ee85d952fa5285c1d071786ee35adSHA-256: e36bb7f0284437c6c1ac222f0e3a1ac38ea255649ba6929f9948a33ef438f5c2 kernel-doc-3.10.0-229.46.1.ael7b.noarch.rpm     MD5: f3bd5433161dc37d5fa614679b982e0aSHA-256: 1c350f9a09481427ab1c18341e940420c6639b4a9c8ff888e21fcb04d43a8562 kernel-headers-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 0d844aac4143afc2f43ed1d9df580249SHA-256: 21d0b037289d66c1f9b8bed59d0250029ed17c88bb0ce434b01d57b244725fc7 kernel-tools-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: db92c86c36d2ed3a5c15dfa934d8c1a4SHA-256: 9f2adc0b7e530f38de745d92e7857db14337dc5847a968a346277653f9548685 kernel-tools-debuginfo-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 2dedbe49f733ceb38a12014660760489SHA-256: 5d0cf26aaf93c3da39c24ff424bfddcfc04a9ef57e20f49d3aa88232f03fda32 kernel-tools-libs-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: ec74fd5749b26414d40b46900c72ef39SHA-256: ce264c44bb877c833daf5de6c6106c58ed5f2514e4ff9f1a18aee410a6ba9075 kernel-tools-libs-devel-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: bae8db250ae6b3487d364fcd0912abd8SHA-256: 46df013ad2d5d263515e5d7d177416f01a47cccaba8f1dea03e3454e7ab28d94 perf-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 152fc4053661576c44108b09da7c4f2aSHA-256: dd54cb918c413f358548fa903e6d5215508a83c0ea1dcf52b45df641d6bb61db perf-debuginfo-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: c73687fa8e266c11f009402a70400d77SHA-256: 27ef6d40b8fb6f298394103077e26b2f94be02d5d681bc14e48babb99644b5f6 python-perf-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 69c3fe1afcef50878da92f7f6aad9933SHA-256: 127b4a32b708425379e324708e23f5aa9633c16b75809db4e957bf08b1c77653 python-perf-debuginfo-3.10.0-229.46.1.ael7b.ppc64le.rpm     MD5: 2f8e1002c8f8338564dab80011a7886eSHA-256: 81dd5eeb4729e2e24b1ff8bfecd3a496db5d684c8302397c6b1187371d2561e4   s390x: kernel-3.10.0-229.46.1.el7.s390x.rpm     MD5: ce50a002f557452bb6dd98a629ee642aSHA-256: bd3b706c04864bbfaa91e40c8fa30973f899eecd80f4d16b562bba1c5bc0ea75 kernel-abi-whitelists-3.10.0-229.46.1.el7.noarch.rpm     MD5: b021a7f60694e790f53889c26d66ee2fSHA-256: e9ffadcadbfc50e8ca59233b839551c376e7242b7d3d2d225ecad6af989a9d73 kernel-debug-3.10.0-229.46.1.el7.s390x.rpm     MD5: 3ec6df2d965f4cdfb016fba12a37fa12SHA-256: ec3653b53fd7f530a7ff8ac1b467e728c219751736c4dbdc2a9ea5587dc36de3 kernel-debug-debuginfo-3.10.0-229.46.1.el7.s390x.rpm     MD5: 41cc6d17e7a7a9467c600174f8bd05e9SHA-256: b7555b59606ead40847d0bede85bec425739106568c26089c5d83f06fc0ef50c kernel-debug-devel-3.10.0-229.46.1.el7.s390x.rpm     MD5: 6914c4e04222dd864bc99ca20fdb9db4SHA-256: 1d0d46cac3bb0f4370964927e8aa1235bee26076a20a0670416efb80525afaaa kernel-debuginfo-3.10.0-229.46.1.el7.s390x.rpm     MD5: 1678a4c4f9f5519f441795af55661aeaSHA-256: 9461aaeb5795cd9858c0a1a4ec28aa657ad06bef85a713de3196727c2964d871 kernel-debuginfo-common-s390x-3.10.0-229.46.1.el7.s390x.rpm     MD5: ff68b1a312e0ea561b90b4c532932ee9SHA-256: 72484652e588881303b667cf3abf612fd6392a06055eb59ed80e830df6a66b16 kernel-devel-3.10.0-229.46.1.el7.s390x.rpm     MD5: ae1515ccff45c9fb664677467129b564SHA-256: a6b2edeaeb88da5cdbcc4ec64dfad39a567b9d723e726a4f50855342368d0862 kernel-doc-3.10.0-229.46.1.el7.noarch.rpm     MD5: 28fbfc640bcc6ad37f4eb28cc9994932SHA-256: e74cac20d96212a918e508123fe2f8017014cf51a8d7c2b2fb5e377cfa38779f kernel-headers-3.10.0-229.46.1.el7.s390x.rpm     MD5: 087b2f05dd436bbf5c4701236d0cbaebSHA-256: ff1abbef6660467a48365b2e622c4f4896879acbdb353b38fe93a06c793ae605 kernel-kdump-3.10.0-229.46.1.el7.s390x.rpm     MD5: a0af5f9ea66119d86335db7dc97f2f05SHA-256: e66c01d05dd7e92e77a6e8b665ead85c694117d220145a9e4510b0c36869c879 kernel-kdump-debuginfo-3.10.0-229.46.1.el7.s390x.rpm     MD5: eed36dab73520c9d62883d02ce82a0cdSHA-256: 56b6db05cd64a4a5ef6f9c13045bd600f69299c5c64f3ef721eacb75e5fa01b3 kernel-kdump-devel-3.10.0-229.46.1.el7.s390x.rpm     MD5: e44ad20da9a038c56a67b1cc9193c340SHA-256: c66dd94fa1adc5e083054b10c6ef15edc2f65474c29f5e4a9f2bb768d3ed201e perf-3.10.0-229.46.1.el7.s390x.rpm     MD5: 1a1d7503eab84c311e53702b11c1d626SHA-256: 950e1500e42b8845f9e1e27d2285a31c7ed815beac7b6feddcd72dc16472eaf6 perf-debuginfo-3.10.0-229.46.1.el7.s390x.rpm     MD5: 933fbed1fdfff99601e979e8c6ff4a99SHA-256: cd1577ba5316450273883345f15849a438ee18713f4b310be199c0bc59ff440b python-perf-3.10.0-229.46.1.el7.s390x.rpm     MD5: d169ec523ad86378dd0a1de9ee6415f1SHA-256: e5e8a3eecebb6297f84282b3b92bfcc90d3f3d6694a9a6ae9e3b994371ef1028 python-perf-debuginfo-3.10.0-229.46.1.el7.s390x.rpm     MD5: b95d947b472519f84ef5a014d1180584SHA-256: d7f0bde57a455bb524002f203c45851cc3d05e826b9cdb54dfea41f61d554968   x86_64: kernel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: eebaaa2903a6edc607f79bb959876ceaSHA-256: 36998ebae77cd1a7ecf7c82b28014470ba1c3d6890d649b240e943c2e9f3524c kernel-abi-whitelists-3.10.0-229.46.1.el7.noarch.rpm     MD5: b021a7f60694e790f53889c26d66ee2fSHA-256: e9ffadcadbfc50e8ca59233b839551c376e7242b7d3d2d225ecad6af989a9d73 kernel-debug-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 064931e3210c43f677a957def3c2635dSHA-256: 9470f05eca80842e04cb9a1ccec84862eddc841cf2307bbd6e16d93e3ac323fd kernel-debug-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 53de79a51c771512c82ed14aa47615d3SHA-256: 158c1caa2eea775d7cf28e579c996b51256e10d1d8f3a2a51673a83f6953a765 kernel-debug-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 4fddb0d7bc6e4e9bc1a7b5e920ef8ea8SHA-256: 727edcd7180e6339ee21604f994b50c6f27ccd6bfc84eb095c2365803bdafd22 kernel-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 84282992fe1a451e08db45a556c6055cSHA-256: 48e931f8354bd380a0cfee7030bf80cc8eed9735b5f839217ae5625ab162fefe kernel-debuginfo-common-x86_64-3.10.0-229.46.1.el7.x86_64.rpm     MD5: ded3a586b5b9e7d056124f06c386bd9cSHA-256: 48cba79219ead6676acdcc0c39aebd409071f1e95632ba5609c306ff0f945394 kernel-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 2b834a06236b5636d6dc6d36315d24baSHA-256: e0e97b797ac4353a237890a66dc16c8204fdfdb16f8bc7ce06cb9fa44cfb2169 kernel-doc-3.10.0-229.46.1.el7.noarch.rpm     MD5: 28fbfc640bcc6ad37f4eb28cc9994932SHA-256: e74cac20d96212a918e508123fe2f8017014cf51a8d7c2b2fb5e377cfa38779f kernel-headers-3.10.0-229.46.1.el7.x86_64.rpm     MD5: ea5eef5f3f3314d43171b7617e4e4d91SHA-256: 818e170959b3fad5572201696215455136b2bc16d10e9e664a366b6f1da232ec kernel-tools-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 28b80fc4ba9454988c67dd3862f4fb26SHA-256: 450a7cb073958de92e15a16da9938c67d23cb07bf87e1504853b34a094653cc0 kernel-tools-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 7489f88e631b3f3975def4f139c3b126SHA-256: 275829d4abdcbfc2ac0bfe94b8f8fea1034df48db998f1f0937e2cc2360103d3 kernel-tools-libs-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 376aa16aca1b6751e5cccef0d522dc52SHA-256: 64d3e575775e8cdcd83d64432b3f2c0b7777d2cac9b69f4d61fa86cbcf4ca0cc kernel-tools-libs-devel-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 5fc1f87a1d07a162a481fd20a1b089e8SHA-256: b77f3ed2d4e904a640cb9295b21235301af6ce02fec997f1b5442e04a250b6f8 perf-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 518860373a95034a54f6a961004e6bebSHA-256: db9e113efa1def58d3dbe94acaa0d4abb5ec37d9dc93a8b8ac65beaed6e43f77 perf-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: 69d0bf7cfdf0af85538347d8825609e7SHA-256: a03c27e43505478a23d67d05f07b7154d7321c198fb99e2ec2b869287ffb7bda python-perf-3.10.0-229.46.1.el7.x86_64.rpm     MD5: e6cf38e46b76af2386c2494043026168SHA-256: db082c13a128545dcc5bdccf5f59d98229b3e4c508905524f51e7a56eb417204 python-perf-debuginfo-3.10.0-229.46.1.el7.x86_64.rpm     MD5: e0950880e3da2c88fcff83c82770dc65SHA-256: 4d9d982edd9c6baaf77921f1544e491a925d683695f18b6e49f7f460ba4b06ac   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
More bots.

Thanks, Internet of Things.reader comments 29 Share this story Mirai—the malware responsible for creating a massive "botnet" of hacked Internet-connected cameras, digital video recorders, and other devices that interrupted Internet services for many last week—is still in action, according to data from the network security company Arbor Networks.

An ever-shifting army of about 500,000 compromised Internet of Things (IoT) devices is still being controlled by Mirai, based on Arbor's tracking of the malware's communications.

And multiple command-and-control networks are still directing those devices to attack websites and service providers across the Internet.

But as previously predicted, new and improved versions of the Mirai malware—based on the openly-published source code Mirai's alleged author posted on September 30—are now appearing in the " and wreaking additional havoc. In a blog post, Roland Dobbins, Principal Engineer on Arbor's ASERT Team, noted that "relatively high concentrations of Mirai nodes have been observed in China, Hong Kong, Macau, Vietnam, Taiwan, South Korea, Thailand, Indonesia, Brazil, and Spain." Devices that are vulnerable to Mirai takeover, he noted, "are typically listening for inbound telnet access on TCP [port] 23 and TCP [port] 2323," and compromised devices communicate via "a remote-control backdoor" that is also present in Mirai, "accessible via TCP/103." Mirai botnets constantly scan the entire Internet for vulnerable devices, so even when a device is rebooted or reset, it can be compromised all over again within 10 minutes. Dobbins also noted that "multiple threat actor groups are actively working to expand and improve" the attacks that were coded into Mirai, and that "some alterations in the DDoS attack capabilities of at least one Mirai-derived botnet have been observed in the wild." In a Skype call with Ars, Dobbins said, "It's a minor enhancement to one of the existing [Mirai] attacks." He couldn't give detail about the enhancements, but he added that "multiple groups are working to enhance and customize Mirai." The original Mirai code is capable of a variety of attacks against DNS services and websites, in addition to more generic network "flood" attacks based on the TCP, UDP, and Generic Routing Encapsulation protocols. Mirai accounted for most of the attack on Dyn's DNS service on October 21, and was part of earlier attacks on security reporter Brian Krebs' site and on French cloud provider OVH.

Those attacks measured over 600 gigabits per second and over 1.5 terabits per second at their peaks, respectively. While the total volume of traffic thrown at Dyn hasn’t yet been publicly released, Level 3 Communications chief security officer Dale Drew said in a Twitter conversation that the numbers had been shared with major network operators.

Drew told Ars in a separate conversation that "tens of millions" of distinct devices were involved in the Dyn DoS attack, and that some of them were clearly not Mirai-infected devices; not all of the devices were necessarily active at the same time. Dobbins wrote that the "potential collateral impact of DDoS attacks launched by the Mirai botnet can be highly significant." The outbound traffic from hacked devices—including attacks against intended targets and scanning for other vulnerable devices—could crimp the network bandwidth of even major broadband ISPs, causing outages for customers. Given the wide availability of the code, it's fairly certain that even more Mirai variants will emerge—and make their presence felt as the holidays approach.

Criminal botnet operators will likely use Mirai's success as a way to extract blackmail payments from online retailers and banks with threats of interfering with online shopping.
Stopping (or at least reducing) those attacks will require network operators to work to identify vulnerable or hacked devices themselves and block the command-and-control traffic to them.
Enlarge / We're also mad you're connected to the Internet, toaster et al.Disney reader comments 25 Share this story Welcome to the Internet of Evil Things.

The attack that disrupted much of the Internet on October 21 is still being teased apart by investigators, but evidence thus far points to multiple "botnets" of Internet-connected gadgets being responsible for blocking access to the Domain Name Service (DNS) infrastructure at DNS provider Dyn. Most of these botnets—coordinated armies of compromised devices that sent malicious network traffic to their targets—were controlled by Mirai, a self-spreading malware for Internet of Things (IoT) devices. But other systems not matching the signature of Mirai were also involved in the coordinated attack on Dyn. "We believe that there might be one or more additional botnets involved in these attacks," Dale Drew, CSO of Level 3 Communications, told Ars. "This could mean that they are 'renting' several different botnets to launch an attack against a specific victim, in which multiple other sites have been impacted." The motive may have been blackmail, since the attacker sought a payout by Dyn to stop.

But Drew warned that the huge disruption caused by the attack "could result in large copycat attacks, and [a] higher [number of] victim payouts [so] as to not be impacted in the same way.
It could also be a signal that the bad guy is using multiple botnets in order to better avoid detection since they are not orchestrating the attack from a single botnet source." Mirai has played smaller roles in previous attacks.
It factored into last month’s extended distributed denial of service (DDoS) attack on the website of information security reporter Brian Krebs and an even larger DDoS against the French cloud provider OVH. Mirai clearly was the star of the attack on Dyn, apparently controlling multiple groups of bots. But even in the midst of the Dyn attack, some of the Mirai-infected devices were being used to attack another target—the infrastructure of a gaming company, according to Allison Nixon, the director of security research at security company Flashpoint. That idea matches up with what others who had some insight into the attack have told Ars confidentially—that it was also pointed at Sony’s PlayStation Network, which uses Dyn as a name service provider. For now, it's not clear that the attacks on Dyn and the PlayStation Network were connected.

And with a criminal investigation underway, a Dyn spokesperson declined to confirm or deny that Sony was also a target. "We are continuing to work closely with the law enforcement community to determine the root cause of the events that occurred during the DDoS attacks last Friday," Adam Coughlin, Dyn’s director of corporate communications, told Ars. "Since this is an ongoing investigation, we cannot speculate on these events." Regardless of the reasons behind it, the attack on Dyn further demonstrates the potential disruptive power of the millions of poorly protected IoT devices.

These items can be easily turned into a platform for attacking anything from individual websites to core parts of the Internet's infrastructure.

And Mirai has demonstrated that it doesn't take "zero-day" bugs to make it happen; attackers only need poorly implemented security on devices that can't be easily fixed. From tiny cameras, mighty botnets grow Mirai is hardly the first IoT botnet to make headlines.
In December 2014, LizardSquad's "stresser" service—built on compromised home Wi-Fi routers—announced that it was ready for business with Christmas attacks on the PlayStation Network and Microsoft's Xbox Live service. (The service was eventually hacked itself.) And while Mirai played a supporting role in the 620-gigabit per second attack on Krebs on Security and the 1.5 terabit-per-second attack on OVH, those attacks also leveraged Bashlight, another (larger at the time) IoT botnet.

By the time it was over, more than 30,000 Internet-connected surveillance cameras and DVRs were involved in the OVH attack.
It lasted for over a week. There are a few things that make Mirai stand out from previous IoT botnets.

First and foremost, its code has been published openly on the Internet. On September 30, in the wake of the attacks on OVH and Krebs, someone claiming to be the malware's author published the botnet and command and control (C&C) server code on Hacker Forums.
Suddenly, anyone could access step-by-step instructions for its configuration and use. The post to Hacker Forums that started it all. On the plus side, the published source code gives researchers a great deal of insight into how Mirai operates. On the downside, however, it makes it possible for anyone who can compile the code and has access to Internet-connected servers to build their own botnet.

This opportunity provides more ambitious botnet builders a proven platform to improve upon. The simplicity of Mirai's C&C structure makes scaling it up relatively simple. "One of the things we noticed during the Dyn attack was that the C&C domain would change its address," Nixon explained. "That way, the C&C network could segment its botnet." By simply changing a DNS entry, the attacker could use the same domain to create and operate multiple separate botnets simultaneously. When a Mirai bot is created, it sends a request to the Domain Name Service for the "A" address of a domain configured by its creator. Once it has the Internet address associated with that "A" address, it locks onto that IP address. "When one C&C server fills up, [the botnet operator] can just change the IP address associated with that 'A' name," Nixon explained. New bots will connect to the new address while older bots continue to communicate with the previously labeled server. While this scheme can cause problems with resiliency of the botnet—if a C&C server gets identified and its traffic is shut down, the bots fail—it's not a big problem for the botnet long-term.

The botnet can easily be re-established from another server by simply re-discovering vulnerable devices. Checking for open doors Still, the worst thing about Mirai is that it leverages the horrible security decisions made by a handful of manufacturers of Internet-connected devices.

And despite growing public alarm, these IoT devices and their shortcomings will likely persist on the Internet for years.

A majority of the devices compromised by Mirai connect to the Internet via firmware from one company: the Chinese electronics supplier XiongMai Technologies.

The attack led XiongMai to issue a recall for some of its products sold in the US, Fortune reports. The reason XiongMai's firmware is such an easy target for Mirai is that it includes a setup interface that is essentially a hard-coded "backdoor"—an unchangeable administrative username and password, common across entire lines of devices. While the user can set their own credentials, the default credentials are hard-coded into the firmware. Mirai simply uses a hard-coded library of default usernames and passwords to log in to the devices it discovers.

This is the equivalent of walking through a parking lot, checking for unlocked car doors, and finding the keys sitting on the driver’s seat.

These devices included Panasonic printers, SNC and ZTE routers, and dozens of network-connected cameras and digital video recorders.
Some of these passwords were simply factory-set defaults, but others were permanent—meaning they could not be changed by their owners. Some of the passwords hard-coded into Mirai. Types of attacks programmed into Mirai's bots. To be compromised by Mirai, a device also had to be on a network with very weak firewall configurations (or no firewall at all).

An analysis of the botnet's code by Ars revealed that Mirai uses Telnet and SSH—the channels used to connect to a system remotely and log in to a text command prompt—to compromise and control devices. While home routers generally can be configured to block connections from outside the local network from Telnet and SSH, these connections are often left open by default. In a statement issued on October 24, a XiongMai spokesperson wrote, "XiongMai closed the Telnet port on related products before April 2015.

Therefore, for the product in April 2015 after, the hacker is simply no way to use the port to attack, and for products produced before April 2015, XiongMai has provided a firmware upgrade, [and] if [users are] really worried about the risk, it can be solved by upgrading." The spokesperson claimed that even if the patch was not applied, there would be no harm to the device by hacking attempts. Using Telnet or HTTP traffic—which is unencrypted—makes it relatively easy to catch Mirai botnet traffic with deep packet inspection.

Flashpoint had visibility into one of the botnets attacking Dyn, Nixon said, and while others had described the attack on Dyn as coming in two or three waves, "it was more like every once in a while, I would see another line of attack instructions coming in.
I had seen something like 20 or 30 lines of commands." Mirai is loaded with a variety of configurable attacks, executed in response to those command lines: Two types of UDP (User Datagram Protocol) flood attacks intended to overwhelm a target with raw network traffic (one "generic" attack with various payload options and another "plain" attack "optimized for speed") A UDP attack tailored for taking down Valve game servers by overwhelming them with queries for game connections TCP (Transmission Control Protocol) attacks based on successive SYN (synchronize) or ACK (acknowledge) floods—attacks that use TCP's "three way handshake" against the target by fooling its network interface into dedicating resources to spoofed connections GRE (Generic Routing Encapsulation) attacks that use the Cisco-designed tunneling protocol to get Internet Protocol (IP) and Ethernet packet floods past hardware used to block DDoS attacks "Proxy knockback connection," apparently for going after Minecraft servers An HTTP Layer 7 flood attack focused specifically on taking down Web servers Also in the mix is a "DNS Water Torture" attack—a UDP-based attack designed specifically to target domain name servers.
It creates DNS requests targeting a specific domain, adding random strings of text to it formatted at subdomains.
It also randomly selects the path for those requests to take, selecting from four different public DNS providers (including Google’s public DNS).

The random string—which is used as the name of a subdomain or host in a lookup request sent to the DNS server—forced the DNS service pinged to send a request to Dyn, and it forced Dyn’s servers to do a fresh look-up for each.

The requests, laundered through legitimate DNS services, looked like legitimate pass-along requests and were less easily screened out. The tale of the traffic Level 3's Drew provided Ars with a record of observed traffic as part of the DDoS against Dyn.

The first plot shows the attack traffic last Friday "compared to a typical day for this same IP space," Drew explained.

The vast majority of the attacks were largely SYN flood attacks against DYN's DNS and the "DNS Water Torture" prefix label attack, according to Level 3's data. Level 3 traffic plot showing traffic to Dyn's segment of Internet address space on October 21 (in blue) vs. a normal day (in red). A chart showing periods when the attacks against Dyn were coming largely from non-Mirai botnets. "There are two distinct attack waves," Drew said. "The first begins at 1110 to ~1310 UTC and the second (even bigger attack) begins around 1550 and goes hard for about an hour, then dropping significantly in volume.

As can be seen, there were a few smaller attacks in between the two major waves, but each was short-lived.

This is important because it shows that the bad guy is using multiple botnet networks to launch his attack." Eventually, the server that Flashpoint was monitoring began to have connectivity issues.

Then, it "may have died a serious death," Nixon noted. "It was having intermittent issues late in the day," said Zach Wikholm, a security developer at Flashpoint. "And at some point, we couldn’t get to it any more.
It died at different times for different places." That may have been indicative of network owners blocking the communications of the C&C servers once they were identified. The new normal Mirai's creator may have simply released the code because he or she had already moved on to another, better alternative. Using the screen name “Anna-senpai," the alleged author complained that because Internet service providers began shutting down traffic on protocols used to spread the malware after the attack on the Krebs site, it was getting harder to build massive armies of bots. “With Mirai, I usually pull max 380k bots from Telnet alone,” the author wrote in the post to Hacker Forums. “However, after the Kreb DDoS, ISPs been slowly shutting down and cleaning up their act.

Today, [the] max pull is about 300k bots and dropping.” After the Dyn attack, more network providers are bound to take measures to block the sort of traffic associated with Mirai.

But it will likely be years before devices vulnerable to Mirai are either properly protected from attack or removed from service.

And while consumer device manufacturers have become generally more serious about IoT security, there are still a vast number of devices on the Internet that are configured with default or permanent passwords—passwords that another botnet developer could easily add to a targeted library. Now that the potential of Mirai has been demonstrated, plenty of people will be ready to try.

And just as many are eager to take credit. Wikileaks urged its "supporters to stop taking down the US internet," saying they had "proved point".

And someone calling themselves the "New World Hackers" claimed responsibility on Twitter for the attack, posting: Just having a little fun.

Annual power test!#NwHackers — New World Hackers (@NewWorldHacking) October 21, 2016 And then they announced their "retirement", saying that they were done with DDoS attacks, adding "PS Wikileaks is a good friend."
Internet of Amazingly Insecure Tat? That's the one The huge distributed denial of service (DDoS) attack which wiped security journalist Brian Krebs' website from the internet came from a million-device-strong Internet of Things botnet. "Attack appears to include numerous IoT devices, including security cameras.
Still itemizing them," an Akamai spokesman told El Reg by email. The attack "included substantial shaped traffic (traffic directly controlled by that botnet operator), rather than merely reflected, amplified unshaped traffic," he added. Krebs' website was taken down at his request after it had been receiving up to 620Gbps of malicious traffic. He thinks he was targeted because he is currently researching DDoS gangs. Two people were recently arrested in connection with recent DDoS attacks, which may have been one outcome of Krebs' sleuthing, as he notes here. DDoS mitigation firm Akamai, which had Krebs as a pro bono customer, struggled to cope with the volume of incoming requests and gave him two hours' notice of being kicked off their system. The journalist – who said "I don't fault them [Akamai] at all" – asked his hosting provider to redirect his website to 127.0.0.1 to sinkhole all the malicious traffic, a move which KO'd his website, too. Google later stepped in to provide DDoS mitigation through its Project Shield service, meaning Krebs' website is back up again. Krebs said, on his blog, that the sort of DDoS mitigation protection Akamai gave him (until deciding not to) would cost between $150,000 and $200,000 per annum. “Preliminary analysis of the attack traffic suggests that perhaps the biggest chunk of the attack came in the form of traffic designed to look like it was generic routing encapsulation (GRE) data packets, a communication protocol used to establish a direct, point-to-point connection between network nodes,” he added. A story by Network World quoted Dave Lewis, Akamai's “global security advocate” as saying: “It’s possible they are faking it or it’s possible it’s a camera that was doing these attacks.” ®
Junos OS has been put through the ringer since that nasty backdoor scandal Juniper has fired off fixes for eight security vulnerabilities. The company has been running Junos OS through the security mill since late last year, when its now-notorious backdoor hit the headlines. Junos OS systems running either generic routing encapsulation (GRE) or IP-in-IP (IPIP) tunnels are vulnerable to a kernel crash triggered by a crafted ICMP packet. The resulting denial of service attack, CVE-2016-1277, is rated high, and present in a bunch of Junos OS revisions – three in the version 12.1 series, 13.3R9, three version 14 flavours, three version 15 flavours, and all subsequent to 15.1X49-D40.

Absent the patch, users can filter out untrusted ICMP traffic. The second Junos OS fix is restricted to version 13.1 or 14.1 platforms running VPLS: in CVE-2016-1275 the company describes an mbuf leak if an attacker floods IPv6 MAC addresses over VPLS instances. In its CVE-2016-1279 advisory Juniper says the J-Web config interface has an information leak that could give unauthenticated remote users admin access to the system. Juniper has also rolled out a fix to a FreeBSD libc issue (CVE-2009-1436); and another for a kernel crash bug on 64-bit Junos OS systems (CVE-2016-1263). Bear up, we're nearly done. In CVE-2016-1278, an upgrade to some SRX series devices can be crashed, leaving the administration interface at root. “Using the 'request system software' command with the 'partition' option on an SRX Series device upgrading to Junos OS 12.1X46 can leave the system in a state where root CLI login is allowed without a password due to the system reverting to a 'safe mode' authentication triggered by the failed upgrade.” The relevant Junos OS release has been patched. Finally, there's CVE-2016-1276, a DoS-able bug in high-end SRX devices running application layer gateway function. ® Sponsored: 2016 Cyberthreat defense report