Home Tags Perl

Tag: Perl

BrandPost: How to Use On-Box Python Scripts for Cisco Devices

As a junior network engineer at a university I wrote a lot of management scripts in Perl.  I had scripts to do things such as check switchport configurations and upgrade switch code.

Times have changed a lot since then.

The universityrsquo;s web server now runs in the cloud, rather than on my personal workstation, and Python hasnbsp;surpassednbsp;Perl  as the scripting language du jour. Network automation now has a major focus with Python as an extremely important tool.Today Irsquo;m going to show you how to use Python scripts hosted on the box and integrated into IOS.

This is far more powerful than my earlier-career scripts, and I have some simple examples for PCI compliance, Dynamic DNS ACL updates, and configuration validation.To read this article in full or to leave a comment, please click here

Go language soars to new heights in popularity

Go, Googlersquo;s open source, concurrency-friendly programming language, has soared to new heights with developers, cracking the top 10 in the Tiobe index of language popularity for the first time.With an all-time high rating of 2.363 percent, Go ranks as the 10th most popular programming language in this monthrsquo;s index, ahead of languages such as Perl, Swift, Ruby, and Visual Basic.

The Tiobe Programming Community index assesses language popularity using a formula based on frequency of searches for the languages in popular search engines such as Google, Bing, Baidu, and Wikipedia.[ Also on InfoWorld: Tap the power of Google's Go language. | The best Go language IDEs and editors. | Keep up with hot topics in programming with InfoWorld's App Dev Report newsletter. ]Tiobe called Gorsquo;s latest rise an important landmark and pondered what was next. “Is Go really able to join the big stars in the programming language world and leave languages such as JavaScript and Python behind? We will see.” The language was ranked in 55thnbsp;place in the index a year ago.

Gorsquo;s previous high score was a 2.325 percent rating in January, when it placed 13th.To read this article in full or to leave a comment, please click here

Perl devs solve ancient Riddle: ‘What’s a vuln we caught from...

BACKRONYM also fixed, so pull the patch The Perl 5 database interface maintainers have issued an important patch for DBDmdash;MySQL: in some configurations it wasn't enforcing encryption.…

The best Go language IDEs and editors

Google’s Go language was recently chosen as Tiobe’s programming language of 2016, based on its rapid growth in popularity over the year, more than twice that of runners-up Dart and Perl.

Tiobe’s language index is based on the “number of skilled engineers worldwide, courses, and third-party vendors,” using the results of multiple search engines.To read this article in full or to leave a comment, please click here(Insider Story)

What is the point of learning C?

Take a look at the Tiobe Programming Community Index -- an indicator of the popularity of programming languages -- and you'll see that Google's Go and, to a lesser extent, Dart and Perl are trending up.

The venerable C, however, is a language whose ...

How to succeed in online investigations and digital forensics

Maltego, the tool best known for deep data mining and link analysis, has helped law enforcement, intelligence agencies and others in security-related work since it was released in 2008.

To benefit from using Maltego, come to SAS 2017 for intensive Digital Intelligence Gathering training from the experts who created the tool from scratch: there won’t be any questions that they can’t answer.

RHBA-2017:0072-1: freeradius bug fix update

Updated freeradius packages that fix one bug are now available for Red HatEnterprise Linux 7. FreeRADIUS is a high-performance and highly configurable free RemoteAuthentication Dial In User Service (RADIUS) server, designed to allowcentralized authentication and authorization for a network.This update fixes the following bug:* Previously, the FreeRADIUS server exported symbols that were conflicting withsymbols defined in the libltdl library. When the FreeRADIUS server tried to opena connection to the MSSQL server using the rlm_sql_odbc interface and UnixODBCwas configured to use the FreeTDS library, the connection failed with thefollowing error message:"undefined symbol: get_vtable"This update renames the conflicting symbols. As a result, connections to MSSQLservers no longer fail in the described situation. (BZ#1394787)Users of freeradius are advised to upgrade to these updated packages, which fixthis bug. Red Hat Enterprise Linux Server (v. 7) SRPMS: freeradius-3.0.4-7.el7_3.src.rpm     MD5: 5e96632852397a55278fe7ad2409a29fSHA-256: 59509a3a66c6f70128580d87a3bf62c2f0d6d0ab85091993db83577756c2e27b   PPC: freeradius-3.0.4-7.el7_3.ppc64.rpm     MD5: aaa2f1fe524aef8201e3772c173e2a34SHA-256: 0b688cafd42eeaa14d54e1e7f9546645d544ee475e9daadd1e02712abeeebcc0 freeradius-debuginfo-3.0.4-7.el7_3.ppc.rpm     MD5: af8723c15c2bfdacd412806d4ed706dcSHA-256: 858a8955723f9166bbeeda8612a57c56bdb7f8ab7634b37a434436ce50b3176b freeradius-debuginfo-3.0.4-7.el7_3.ppc64.rpm     MD5: ccbbe1acbcc2f8d6ed89e1163a794e9bSHA-256: 51c4b41197d27cebb8d1ba4f37e4786ba7230eca75cbac931339646213e4cfc1 freeradius-devel-3.0.4-7.el7_3.ppc.rpm     MD5: 5711896014d5f0c4e3d4e3401efef6d3SHA-256: 4a1d7c00c22fca5e4b9e3d1e6c6d45792665729be9092b97384ca2215123864e freeradius-devel-3.0.4-7.el7_3.ppc64.rpm     MD5: b34c5265db6b567b8afb1cd48f03f64aSHA-256: e73f1521821ba950dd37cf2770486d332f7559207d3085b8b2d607d27d8592eb freeradius-doc-3.0.4-7.el7_3.ppc64.rpm     MD5: 3f37c3cdbb151bbc7dc67ab48d61e1a4SHA-256: 42c405e19145b88da6463a637b319abbbb29a6e1ec28044f7358a068d1371119 freeradius-krb5-3.0.4-7.el7_3.ppc64.rpm     MD5: eec5c37d9a0ce12b10bbb2f05e9df053SHA-256: 924feb65d3def899c43fb9e87eeb88d56bee385cf7c4dd4dbd7a4f5ddcd28a3b freeradius-ldap-3.0.4-7.el7_3.ppc64.rpm     MD5: 665c19ec33d00d18ee8b687c7a6dea4eSHA-256: cc745bc192933d19251695b3d2256f9e429852306ed95ad4937121bca2d2571e freeradius-mysql-3.0.4-7.el7_3.ppc64.rpm     MD5: 9b2d94a819845f7bd16886e7bc0bf8ccSHA-256: ccb9084b9946b7f0d8cadeb206c8badeae04ac95dfcffd2058ee1ece636c337c freeradius-perl-3.0.4-7.el7_3.ppc64.rpm     MD5: 2b0026f1992724a1377c724df6c120d5SHA-256: 9451a7592fa6c72e56a1996e682fe30b4d075eed3eb573f865313af961ab25e9 freeradius-postgresql-3.0.4-7.el7_3.ppc64.rpm     MD5: 9c91489ddc979db2c0e40b243785fc1eSHA-256: 22587e4769f76e26e6cca92216cb2d6459dfd82c90b916dcbe2b89764f7bee1e freeradius-python-3.0.4-7.el7_3.ppc64.rpm     MD5: 8c027857f0dbe9bdcaabbb6de55e46b5SHA-256: 7f6c1699bb3db9a8fb9a44abf400949513444590a44ba338e9325c1000f7ad6f freeradius-sqlite-3.0.4-7.el7_3.ppc64.rpm     MD5: 73effd27c782ceaf261899457e274c6cSHA-256: 474a9099296e5bf94c27fb964daa30508d9f76c94155d47c1c3870d7e364a3d9 freeradius-unixODBC-3.0.4-7.el7_3.ppc64.rpm     MD5: f0877c023811b0f7fcc9a546445e70e3SHA-256: 701b77c5ec0e64fa197be7d20c011ef79a6bad990c2fb6fb09aa99a70b341124 freeradius-utils-3.0.4-7.el7_3.ppc64.rpm     MD5: 094f5cc85a92eaa7bac692a3e1fd0217SHA-256: c5ea975b4cc148c42d9ae3b00c0caa006afd3eab0f43a0813246401860240776   PPC64LE: freeradius-3.0.4-7.el7_3.ppc64le.rpm     MD5: 5e0b1aa1289ffd43554db6275836c90bSHA-256: 07488616dfb9a8264cfc987103540d2dd5dfcc4abef53a2dc0f23c7e8f639bed freeradius-debuginfo-3.0.4-7.el7_3.ppc64le.rpm     MD5: 7e8a996e8d2efdd7c8383a3609c9da14SHA-256: b6652380de08e05cb23871b6c196e6aaf5758f0e6a03569f7d21b9cc0a930158 freeradius-devel-3.0.4-7.el7_3.ppc64le.rpm     MD5: f2bde27a58cb26df2a3564570e7f9d72SHA-256: 9d5ec51588136c246ac1bbd59786a0b08f906f37db5dcab0e699feeb5b1f662c freeradius-doc-3.0.4-7.el7_3.ppc64le.rpm     MD5: 5ee5af5e721f4413b181f8bfec827f55SHA-256: 11355cb8f27d55198bb1ca9428464696d538ab0cb0c1e6d51e8fe3d49fbe1b13 freeradius-krb5-3.0.4-7.el7_3.ppc64le.rpm     MD5: 7dd0647b8e3ed9eefd25e0df23db3d0eSHA-256: 9d5f61c648cc9b03dbfefa812a7154e2f85977e02400a45a0701dcb5811691ea freeradius-ldap-3.0.4-7.el7_3.ppc64le.rpm     MD5: 5df80476f533797412b8ef8eac7fe692SHA-256: 84e2443b283cdbffdbe4235cab0c1ae92c9764381db43d010805954e3c2c780a freeradius-mysql-3.0.4-7.el7_3.ppc64le.rpm     MD5: 56b856e3e0e8094641ed6897b11ed69cSHA-256: 86b7b33b399241b27023ff7c202b47fb50aa11b29169b7196d90341dcab0582e freeradius-perl-3.0.4-7.el7_3.ppc64le.rpm     MD5: 435d2f14683a8f51aecc804915fd9942SHA-256: 9bb3cac21d49fb7c715debd28159db6cb7ea1007b1f1f6772586f05f4593c541 freeradius-postgresql-3.0.4-7.el7_3.ppc64le.rpm     MD5: a71ffb8ed42f59e433a2082431f2fe4aSHA-256: 2deebc15e1bf41f9e6cd8da602d167992078e7276dc6a57deca23e15310f57f3 freeradius-python-3.0.4-7.el7_3.ppc64le.rpm     MD5: 089e0d939a2c6ff7599cd8e40b312fd2SHA-256: bf87ab72234ed742862c845adf378c03b35457cc6cdfaafb8451b1aa42cd0a96 freeradius-sqlite-3.0.4-7.el7_3.ppc64le.rpm     MD5: 59276f0ebe8cec373522d9b8872a6ca5SHA-256: 48ad2db3a6fb377ea34fd1b134038e55ebe2bab56103d552fa9844d43ae57bf5 freeradius-unixODBC-3.0.4-7.el7_3.ppc64le.rpm     MD5: f341c876508f64042ff9362a8677bd7bSHA-256: 67279b74e6698fcc2c5fa374c376fbfc2d11481a4bf6c989980fb4d7f98cea3f freeradius-utils-3.0.4-7.el7_3.ppc64le.rpm     MD5: 02d68a6b80678a76c9bcc57605be1e92SHA-256: e7df4369f9d61f3070299cb38581633084f9cc4e5ad4bd6974693443c0177892   s390x: freeradius-3.0.4-7.el7_3.s390x.rpm     MD5: 52bae7512435f85815620a39b6a23d0cSHA-256: c7ac534e0457ab9a36d1caff3c087868c3d4fd342c21ca434ce8665108fca58d freeradius-debuginfo-3.0.4-7.el7_3.s390.rpm     MD5: dc5025ddebe7a513846b3e0462f8603cSHA-256: e5474d9dde2ab8477c154b5399dc78d9aaaf4585b5a6d2938a0d2ae2b9a93fe1 freeradius-debuginfo-3.0.4-7.el7_3.s390x.rpm     MD5: 53e7b991142eab1a164767974d75caf3SHA-256: 1997c44040831b5b284f218ae485264ed52c822f86b07ca087028d6757514b48 freeradius-devel-3.0.4-7.el7_3.s390.rpm     MD5: fe3fbd2d654bfc1b128e68a06f069553SHA-256: 0db215de1770b8208649656b01983cb0d1521907b791a3e85bd5ea4383f37303 freeradius-devel-3.0.4-7.el7_3.s390x.rpm     MD5: 25698d6d169d6f82be0c8aa190efbfa2SHA-256: f58348d68c3203f84c6f6e85f68568d8081cb7a227eac2dc110436ded1cf1d7f freeradius-doc-3.0.4-7.el7_3.s390x.rpm     MD5: 39997fd4ccfde71b7717f18c41903697SHA-256: 2a8d8c80d4bb858276abf3cbf1af0995d34103c4d18cf8f55a7b80fe35badb06 freeradius-krb5-3.0.4-7.el7_3.s390x.rpm     MD5: ff536e3183408bc8a4ca37bd778ea3e4SHA-256: 5074472cdce0cfaedfaf24e5cea1ec565c1aadc693cca11ff10ac2b02c8e7469 freeradius-ldap-3.0.4-7.el7_3.s390x.rpm     MD5: 0f3aef5fb8d1ec941df5e6e18fcf6b57SHA-256: 3e03e2fbddfba25cc8432dbb363756aa513f749f1366786e92b495e92571896d freeradius-mysql-3.0.4-7.el7_3.s390x.rpm     MD5: 257cf4050b4681014e9ad1ede2c87d34SHA-256: f4e068f6e8df09d9d531cf814c82dedd661d1bea447c78d97f48260566eaeb90 freeradius-perl-3.0.4-7.el7_3.s390x.rpm     MD5: 28f0f21be0e8bed2047899eefaff1775SHA-256: d03d3ec074f3babe3c7f3763330a8879e170b8b0b596c9302932a8bf53d8aab4 freeradius-postgresql-3.0.4-7.el7_3.s390x.rpm     MD5: 065ad49d500e22359039caf24bc018ceSHA-256: cc1e6be66254c7fee8856510b0ca3a3b95f05ac008298b6acabf7b9e93cc9210 freeradius-python-3.0.4-7.el7_3.s390x.rpm     MD5: 69f69efd265f4f43f2015262f9516f26SHA-256: b6cc0eb3ff8674e0b01834641bb70fb5daa11878f5088e0e3691a7d361a83fba freeradius-sqlite-3.0.4-7.el7_3.s390x.rpm     MD5: db9ce18d2a37b07f2882d5ac8a2c588eSHA-256: dd731a73e9374a74d8ff687ec9b97e2ae7da3240da11d061a8b0f3cb0a9a0b99 freeradius-unixODBC-3.0.4-7.el7_3.s390x.rpm     MD5: 4f1f259eebf9416466e1475cccb489e3SHA-256: f8b779092fab55a4998e9f5d2b3770794e0a1802eff155f70f390e769a30d57a freeradius-utils-3.0.4-7.el7_3.s390x.rpm     MD5: 0a592741e5dde60ae6af76025702f4a8SHA-256: 188580afdbde07c0ed96dce567469265839cb40aeccb765e7bf33368d06c8be2   x86_64: freeradius-3.0.4-7.el7_3.x86_64.rpm     MD5: 324cd05f4175873056337301f5db3f3cSHA-256: 927a28600dfae5f3e469397e86c4cb1d07f8aff07c61485e723c865a1ba3d28a freeradius-debuginfo-3.0.4-7.el7_3.i686.rpm     MD5: 793281bdb20ce03387f32d67064467f8SHA-256: 91b7bb6fa4db6a526999075cefa33e6ec926f250ac9018dffe31322711bb513b freeradius-debuginfo-3.0.4-7.el7_3.x86_64.rpm     MD5: b066afb30956a2d756d1dada28987ca3SHA-256: c27eecb51018235c2953922d92b74fe179b564d69ac724a0af1914250b04475f freeradius-devel-3.0.4-7.el7_3.i686.rpm     MD5: 5b287335d4ffd19370f94de6e46c5c08SHA-256: 6f1113ce0bdd687ce87b031a53f7a51323ee88ccd9d0fe4fa60607143b1506b8 freeradius-devel-3.0.4-7.el7_3.x86_64.rpm     MD5: a012dea189d9cd4a934af530ba72cebeSHA-256: 62bf24ca618b1570c4a542260beb765cf831a8710d913b4cfee1b23b294862db freeradius-doc-3.0.4-7.el7_3.x86_64.rpm     MD5: 7de564b3f0a1c0746459b0d76f4c8196SHA-256: 8c46cbf09bf6a8c7c259c7a671018b40e8fee8fc72fe179dce3d6230666b7695 freeradius-krb5-3.0.4-7.el7_3.x86_64.rpm     MD5: 02b8e1aba5226b78631f8a25eab07594SHA-256: 5a380b1b428df3e9be595910d134026ccfc521d0983477ee3c1d2f9cae60aaa9 freeradius-ldap-3.0.4-7.el7_3.x86_64.rpm     MD5: 4bf09d747577ce1dda88437b17c086eeSHA-256: 8da7c2c2f7406a0cf23a396a50b29af8793d3055681017158fa290ae24280761 freeradius-mysql-3.0.4-7.el7_3.x86_64.rpm     MD5: caf7093d2d0709de3ec9f21a4858b114SHA-256: 7617d687aa3d7b57bf0fc5ad713783431568366de91c7ca7047b2c633d0305ef freeradius-perl-3.0.4-7.el7_3.x86_64.rpm     MD5: 0fd95f2575032c3583b225234ef06b1cSHA-256: 57fe0f68e18003307aa6ea14ec31175e3d71ed98f74e827d6a8569ce73816b01 freeradius-postgresql-3.0.4-7.el7_3.x86_64.rpm     MD5: 7ae05ec955cc1e33ac1b413250eafe15SHA-256: d60bce13100991ada442e837354a4991d7f37d4490f196a786057d6247ceaca2 freeradius-python-3.0.4-7.el7_3.x86_64.rpm     MD5: d65447e7d8d2b01847e10ecb89410dc1SHA-256: bbc0a3e3311b6799c952ae5161724af957025a0e15cdf815d16e104f24092c79 freeradius-sqlite-3.0.4-7.el7_3.x86_64.rpm     MD5: 3cbec77f072cc1b2217fd3a90e80a073SHA-256: 95250b415e278dbd7e4dd180d3139d188ac5ce5701f8fd4a28b2ba0ae381b7af freeradius-unixODBC-3.0.4-7.el7_3.x86_64.rpm     MD5: f35bb9c0457b1e07a55445c2c8f0a664SHA-256: ba5f154ce7cafd8e4074e644c73d27e2c669504bb394bcb38e490458dcc4789f freeradius-utils-3.0.4-7.el7_3.x86_64.rpm     MD5: a92a44d1daa697c379a8964dfd593983SHA-256: 945e3cdd8d9ed66857f7982c2a58a627ff607e0c4f4c926a316fcef6395f5074   Red Hat Enterprise Linux Server TUS (v. 7.3) SRPMS: freeradius-3.0.4-7.el7_3.src.rpm     MD5: 5e96632852397a55278fe7ad2409a29fSHA-256: 59509a3a66c6f70128580d87a3bf62c2f0d6d0ab85091993db83577756c2e27b   x86_64: freeradius-3.0.4-7.el7_3.x86_64.rpm     MD5: 324cd05f4175873056337301f5db3f3cSHA-256: 927a28600dfae5f3e469397e86c4cb1d07f8aff07c61485e723c865a1ba3d28a freeradius-debuginfo-3.0.4-7.el7_3.i686.rpm     MD5: 793281bdb20ce03387f32d67064467f8SHA-256: 91b7bb6fa4db6a526999075cefa33e6ec926f250ac9018dffe31322711bb513b freeradius-debuginfo-3.0.4-7.el7_3.x86_64.rpm     MD5: b066afb30956a2d756d1dada28987ca3SHA-256: c27eecb51018235c2953922d92b74fe179b564d69ac724a0af1914250b04475f freeradius-devel-3.0.4-7.el7_3.i686.rpm     MD5: 5b287335d4ffd19370f94de6e46c5c08SHA-256: 6f1113ce0bdd687ce87b031a53f7a51323ee88ccd9d0fe4fa60607143b1506b8 freeradius-devel-3.0.4-7.el7_3.x86_64.rpm     MD5: a012dea189d9cd4a934af530ba72cebeSHA-256: 62bf24ca618b1570c4a542260beb765cf831a8710d913b4cfee1b23b294862db freeradius-doc-3.0.4-7.el7_3.x86_64.rpm     MD5: 7de564b3f0a1c0746459b0d76f4c8196SHA-256: 8c46cbf09bf6a8c7c259c7a671018b40e8fee8fc72fe179dce3d6230666b7695 freeradius-krb5-3.0.4-7.el7_3.x86_64.rpm     MD5: 02b8e1aba5226b78631f8a25eab07594SHA-256: 5a380b1b428df3e9be595910d134026ccfc521d0983477ee3c1d2f9cae60aaa9 freeradius-ldap-3.0.4-7.el7_3.x86_64.rpm     MD5: 4bf09d747577ce1dda88437b17c086eeSHA-256: 8da7c2c2f7406a0cf23a396a50b29af8793d3055681017158fa290ae24280761 freeradius-mysql-3.0.4-7.el7_3.x86_64.rpm     MD5: caf7093d2d0709de3ec9f21a4858b114SHA-256: 7617d687aa3d7b57bf0fc5ad713783431568366de91c7ca7047b2c633d0305ef freeradius-perl-3.0.4-7.el7_3.x86_64.rpm     MD5: 0fd95f2575032c3583b225234ef06b1cSHA-256: 57fe0f68e18003307aa6ea14ec31175e3d71ed98f74e827d6a8569ce73816b01 freeradius-postgresql-3.0.4-7.el7_3.x86_64.rpm     MD5: 7ae05ec955cc1e33ac1b413250eafe15SHA-256: d60bce13100991ada442e837354a4991d7f37d4490f196a786057d6247ceaca2 freeradius-python-3.0.4-7.el7_3.x86_64.rpm     MD5: d65447e7d8d2b01847e10ecb89410dc1SHA-256: bbc0a3e3311b6799c952ae5161724af957025a0e15cdf815d16e104f24092c79 freeradius-sqlite-3.0.4-7.el7_3.x86_64.rpm     MD5: 3cbec77f072cc1b2217fd3a90e80a073SHA-256: 95250b415e278dbd7e4dd180d3139d188ac5ce5701f8fd4a28b2ba0ae381b7af freeradius-unixODBC-3.0.4-7.el7_3.x86_64.rpm     MD5: f35bb9c0457b1e07a55445c2c8f0a664SHA-256: ba5f154ce7cafd8e4074e644c73d27e2c669504bb394bcb38e490458dcc4789f freeradius-utils-3.0.4-7.el7_3.x86_64.rpm     MD5: a92a44d1daa697c379a8964dfd593983SHA-256: 945e3cdd8d9ed66857f7982c2a58a627ff607e0c4f4c926a316fcef6395f5074   Red Hat Enterprise Linux Workstation (v. 7) SRPMS: freeradius-3.0.4-7.el7_3.src.rpm     MD5: 5e96632852397a55278fe7ad2409a29fSHA-256: 59509a3a66c6f70128580d87a3bf62c2f0d6d0ab85091993db83577756c2e27b   x86_64: freeradius-3.0.4-7.el7_3.x86_64.rpm     MD5: 324cd05f4175873056337301f5db3f3cSHA-256: 927a28600dfae5f3e469397e86c4cb1d07f8aff07c61485e723c865a1ba3d28a freeradius-debuginfo-3.0.4-7.el7_3.i686.rpm     MD5: 793281bdb20ce03387f32d67064467f8SHA-256: 91b7bb6fa4db6a526999075cefa33e6ec926f250ac9018dffe31322711bb513b freeradius-debuginfo-3.0.4-7.el7_3.x86_64.rpm     MD5: b066afb30956a2d756d1dada28987ca3SHA-256: c27eecb51018235c2953922d92b74fe179b564d69ac724a0af1914250b04475f freeradius-devel-3.0.4-7.el7_3.i686.rpm     MD5: 5b287335d4ffd19370f94de6e46c5c08SHA-256: 6f1113ce0bdd687ce87b031a53f7a51323ee88ccd9d0fe4fa60607143b1506b8 freeradius-devel-3.0.4-7.el7_3.x86_64.rpm     MD5: a012dea189d9cd4a934af530ba72cebeSHA-256: 62bf24ca618b1570c4a542260beb765cf831a8710d913b4cfee1b23b294862db freeradius-doc-3.0.4-7.el7_3.x86_64.rpm     MD5: 7de564b3f0a1c0746459b0d76f4c8196SHA-256: 8c46cbf09bf6a8c7c259c7a671018b40e8fee8fc72fe179dce3d6230666b7695 freeradius-krb5-3.0.4-7.el7_3.x86_64.rpm     MD5: 02b8e1aba5226b78631f8a25eab07594SHA-256: 5a380b1b428df3e9be595910d134026ccfc521d0983477ee3c1d2f9cae60aaa9 freeradius-ldap-3.0.4-7.el7_3.x86_64.rpm     MD5: 4bf09d747577ce1dda88437b17c086eeSHA-256: 8da7c2c2f7406a0cf23a396a50b29af8793d3055681017158fa290ae24280761 freeradius-mysql-3.0.4-7.el7_3.x86_64.rpm     MD5: caf7093d2d0709de3ec9f21a4858b114SHA-256: 7617d687aa3d7b57bf0fc5ad713783431568366de91c7ca7047b2c633d0305ef freeradius-perl-3.0.4-7.el7_3.x86_64.rpm     MD5: 0fd95f2575032c3583b225234ef06b1cSHA-256: 57fe0f68e18003307aa6ea14ec31175e3d71ed98f74e827d6a8569ce73816b01 freeradius-postgresql-3.0.4-7.el7_3.x86_64.rpm     MD5: 7ae05ec955cc1e33ac1b413250eafe15SHA-256: d60bce13100991ada442e837354a4991d7f37d4490f196a786057d6247ceaca2 freeradius-python-3.0.4-7.el7_3.x86_64.rpm     MD5: d65447e7d8d2b01847e10ecb89410dc1SHA-256: bbc0a3e3311b6799c952ae5161724af957025a0e15cdf815d16e104f24092c79 freeradius-sqlite-3.0.4-7.el7_3.x86_64.rpm     MD5: 3cbec77f072cc1b2217fd3a90e80a073SHA-256: 95250b415e278dbd7e4dd180d3139d188ac5ce5701f8fd4a28b2ba0ae381b7af freeradius-unixODBC-3.0.4-7.el7_3.x86_64.rpm     MD5: f35bb9c0457b1e07a55445c2c8f0a664SHA-256: ba5f154ce7cafd8e4074e644c73d27e2c669504bb394bcb38e490458dcc4789f freeradius-utils-3.0.4-7.el7_3.x86_64.rpm     MD5: a92a44d1daa697c379a8964dfd593983SHA-256: 945e3cdd8d9ed66857f7982c2a58a627ff607e0c4f4c926a316fcef6395f5074   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

Security! experts! slam! Yahoo! management! for! using! old! crypto!

Suits should have done more to protect users, rather than user numbers ANALYSIS Fallen web giant Yahoo! has been branded negligent for failing to tackle the prodigious challenge of upgrading its MD5 password security before some one billion accounts were stolen. The security-battered organisation revealed today that attackers had stolen more than a billion accounts in August 2013 in history's biggest breach. Hackers stole names, addresses, phone numbers, and MD5 hashed passwords in a coup for social engineers who could use the information to compromise the very identity of users. That eye-watering news followed the company's September admission that 500 million accounts had been stolen in seperate attacks by alleged state-sponsored hackers in 2014, an incident that came two years after staff became first aware of the hack. Yahoo! has since replaced its MD5 hashing with the far superior bcrypt, moving from the world's worst password protection mechanism to the best. Yet it is little comfort for those who use legitimate personal details when signing up to Yahoo!'s service, including scores of American subscribers to major cable and DSL telcos including AT&T which use Yahoo! for its default email services, along with Kiwi carrier Spark which ditched the service in September. It is not known if the MD5 hashes were salted, since Yahoo! did not mention the critical additive in its statement.

Doing so would mitigate much risks from using MD5, says Jeffrey Goldberg, security guru at AgileBits, makers of the 1Password credential vault. "What is most important is whether the hashes, be they MD5, SHA1, or SHA256, are salted," Goldberg says. "There is absolutely no excuse to use unsalted hashes." But that the Purple Palace was even using the algorithm has drawn steep criticism from established security boffins. "The MD5 hashing algorithm has been considered not just insecure, but broken, for two decades," says Ty Miller, director of Sydney-based security firm Threat Intelligence, noting that MD5 collision vulnerabilities were found in 1996 with practical attacks developed in 2005. "I consider it negligent of an organisation such as Yahoo!, which has an obligation to protect the private data of over one billion users, to be using such an outdated and ineffective control to protect the passwords of its customers." The gossamer thin algorithm is a joke in security circles. Rainbow table databases serve as directories that transform hashes into cleartext passwords, and the internet is now littered with free and paid services that can reveal logins within seconds. Image: Kenneth White David Taylor, principal security consultant with Perth-based Asterisk Information Security, offered a similar opinion: "Yes, it would be pretty poor form on their part [to be] still using MD5 for hashing in 2013," he says. "There has been numerous issues reported for MD5 dating back to the mid 2000s." Board director with the lauded Open Web Application Security Project (OWASP) Andrew van der Stock, also chief technology officer at Threat Intelligence, is an advocate of baking security into the development process and sees shortcomings in Yahoo!'s security models. "This breach clearly shows that Yahoo!'s previous approach to security was less than ideal, and it's obvious that the Paranoids (Yahoo!'s security team) were unable to move the needle sufficiently with management to upgrade password hashing from an outdated and insecure algorithm to something more modern and acceptable," he says. "That it (MD5) is still commonly found in many of the worst breaches is an indication that the continued use of MD5 is correlated with other poor security practices." The breach comes at a notably poor time for Yahoo!: The company will soon be acquired by Verizon, possibly at a damaged-goods discount, and is conducting a security recruitment drive in Australia in a bid to attract local security talent, van der Stock says. "We all understand that without a complete revamp of senior management support for security and alignment with customer desires for privacy and security of their data, there is no point in taking on a position at Yahoo!," he says. Take this with a pinch of salt Administrators were salting password hashes in the 1980s, but many still fail to apply the complexity additive today.

The cryptography measure introduces random data into one-way functions preventing the use of rainbow tables by ensuring identical passwords have unique hashes. Goldberg points to the 2012 breach at LinkedIn to demonstrate the importance of salting, something the security boffin wrote about at the time. "LinkedIn had used SHA1, an improvement over MD5 in general, but it really didn’t matter that it was SHA1 instead of MD5," Goldberg tells The Register. "What mattered is that it was not salted.
I argued in 2012 that it was irresponsible for LinkedIn to have used unsalted hashes, and so that certainly applies to Yahoo! using unsalted hashes in 2013, if indeed, their hashes were unsalted." Put simply, a bland salt-free password earns the "contempt" of Goldberg and his kin, while the use of slow hashes like bcrypt, PBKDF2, or the upcoming Argon2 wins their praise. Attackers can guess salted passwords, whereas bcrypt and friends slow the rate at which those guesses can be made. "With a simple cryptographic hash function [like] SHA256, MD5, etcetera, an attacker might be able to make 10 million guesses per second on a single hash.

But with the 'slow hashing' functions, that might be reduced to a few tens of thousands of guesses per second," he says. The decreased rate gives users a window to change their passwords; yet even that may not have helped Yahoo! "But after four years, the details of the hashing scheme don’t really matter.

Any guessable password will have been guessed by now," he says. Not easy Yahoo!, like so many other companies offering free technology services, wants to attract the highest possible number of subscribers and has been criticised for perceived attempts to kneecap fleeing users. That mindset may have dissuaded the company from more efficiently jettisoning MD5 hashing for passwords prior to the 2013 pillaging. "The only practical way to speed up the conversion process (to bcrypt) is to force a password reset, maybe across the board, but more likely on a web property by web property basis," says noted cryptologist and director of the Open Crypto Audit Project's Kenneth White. "And therein lies the problem: there is often a very real tension between the business to be able to claim the highest user count, versus the reality that a years-old email reminds millions of people to log in to an account they had long ago forgotten." Using Yahoo! to find Yahoo! MD5 hashes, here revealing 'Password1'.
Image: Ty Miller. An email shipped to users asking them to log in so their passwords may be upgraded from MD5 hashing to bcrypt risks a "virtually overnight mass exodus of users" and a social media complaint storm that sends more rats from the burning Palace, he says. Bcrypt is the powerful hashing function designed to slow decryption attempts while minimising legitimate use performance overheads, and is favoured, along with PBKDF2 (Miller prefers the latter with hashes bearing 100,000 iterations), by each of the security boffins The Register has spoken to for this story, and many more in the broader security community including OWASP . Yet migrating to the top notch function is not as simple as just "switching to bcrypt", White says. A bootstrapping process can be followed, but it requires users to log in for bcrypt or PBKDF2 to be called and saved to a new column. Moreover, White says Yahoo! is a patchwork of web properties bearing decades-old Perl, PHP, and C code and so cannot be compared to the ease of upgrading a purpose-built modern web app. "Consider the legacy managed business mail systems," White says. "The myriad e-commerce shopping cart apps, ad accounts, to say nothing of Flickr, Yahoo! IM, and the hundreds of millions of webmail users who hadn't logged in for years, and you begin to see the scope of the engineering challenge." Van der Stock, acknowledging his outsider's position, reckons Yahoo! should immediately deploy two factor verification for all of its services, and again reset passwords, noting that the use of mere usernames and passwords puts users at "serious risk" and that leaving accounts exposed would be a "serious breach of trust". yahoo pic.twitter.com/LSxdm1wNdx December 15, 2016 Yahoo! could take a leaf from Microsoft's Xbox Live endeavours and deploy similar authentication smarts, if it has not already done so. "… I would strongly recommend some sort of real time authentication intelligence around compromised accounts, so that the authentication system itself assigns a risk score to logins to ensure that unusual patterns of abuse, such as brute force attacks, logging in from a distant country, or popping out of multiple IPs is blocked or alerted to the user for further action." Burning questions remain, not least how it took the technology giant three years to disclose that such a massive share of its accounts have been breached. "It's baffling why it's taken so long to fully scope and disclose the extent of their breach," White says. ® Sponsored: Want to know more about PAM? Visit The Register's hub

RHSA-2016:2802-1: Important: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 6.2 AdvancedUpdate Support, Red Hat Enterprise Linux 6.4 Advanced Update Support, Red HatEnterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.5 TelcoExtended Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support,Red Hat Enterprise Linux 6.6 Telco Extended Update Support, and Red HatEnterprise Linux 6.7 Extended Update Support.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) andTransport Layer Security (TLS) protocols, as well as a full-strengthgeneral-purpose cryptography library.Security Fix(es):* A memory leak flaw was found in the way OpenSSL handled TLS status requestextension data during session renegotiation.

A remote attacker could cause a TLSserver using OpenSSL to consume an excessive amount of memory and, possibly,exit unexpectedly after exhausting all available memory, if it enabled OCSPstapling support. (CVE-2016-6304)Red Hat would like to thank the OpenSSL project for reporting this issue.Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the originalreporter. Red Hat Enterprise Linux Server AUS (v. 6.2) SRPMS: openssl-1.0.0-20.el6_2.9.src.rpm     MD5: 678db7d7dd2c4dcaa0a732a778643d6eSHA-256: 802262a26e568ca280dd9680652cdb8717396a3e26c91eeaf69582d0e101847d   x86_64: openssl-1.0.0-20.el6_2.9.i686.rpm     MD5: a730658fdb06fc3148fb201f7d4f2218SHA-256: e2972aee87e81b7c58cafeae4f40a315af5cdd6d7cedb3b988e8869a77a1b22f openssl-1.0.0-20.el6_2.9.x86_64.rpm     MD5: ecbe7d773f891c73b64272804b80215eSHA-256: 7a7e8f76a1fa470d700cfac625689800a115c1f7c2b83b23629d3276604514b1 openssl-debuginfo-1.0.0-20.el6_2.9.i686.rpm     MD5: b3f0b2cdbaf0fc81cfe2c099792a88cdSHA-256: 8eac3fa85e5887749b1d06076e5b40a632df6a5d068aeafd2edaa32574b28478 openssl-debuginfo-1.0.0-20.el6_2.9.x86_64.rpm     MD5: 1e183471a3527699430632a0c210cf91SHA-256: 445eecf53f78a137a506574603013b08a999b86cf378a7a9655def8536065da2 openssl-devel-1.0.0-20.el6_2.9.i686.rpm     MD5: 26b8d8aa050491a6f14e94be027405f1SHA-256: c175b3464a418246595a7f3070178377faf95780385026e8fb7f9930d94f8fde openssl-devel-1.0.0-20.el6_2.9.x86_64.rpm     MD5: 1cb03b2a7f80b584e7d7d338d38e9b69SHA-256: 9c90af6fcefce7f4d42be5f58ce38ca4a7ca0dbac7c84c6388ad6346a53c47b0 openssl-perl-1.0.0-20.el6_2.9.x86_64.rpm     MD5: d13ab64f99e5ab8a5887e948c8ba2e6bSHA-256: fe003f156e1dda7a24b034c2bc2f1ccd368609df22bb12d96371087c08ac82ec openssl-static-1.0.0-20.el6_2.9.x86_64.rpm     MD5: ffad7a0711a15a344b42bc1fc6df66a5SHA-256: 33a93a2352c9114ab91c118050ee9d76be2a5748570f6f8f20ebb8f6b74c1547   Red Hat Enterprise Linux Server AUS (v. 6.4) SRPMS: openssl-1.0.0-27.el6_4.6.src.rpm     MD5: a31d6a7363a323d6d6cd3b2b86d8e3b7SHA-256: 544f6cbb9702b2cc940a63bc4f5e4815dedeb6b0bb9fb0b460da8593f719f249   x86_64: openssl-1.0.0-27.el6_4.6.i686.rpm     MD5: 1eed7aacfca90f99fc22a8f0616b7a3eSHA-256: baba8346a7e35f68bb571cff1e69dadc09665303aebbdb28da03b6ad2db34efb openssl-1.0.0-27.el6_4.6.x86_64.rpm     MD5: a2dd16a44e38c681138519d99e82abebSHA-256: 601031a0711fb2f591ad0cbc22bb236687f1f270296269dfa4100c7e7abe07fd openssl-debuginfo-1.0.0-27.el6_4.6.i686.rpm     MD5: 52d4b73b26921cecded0b5eb49295b85SHA-256: 2c66121cb6d5d93d7d407ae4f9101a7d708b93940ea8b9d2ef3049925d2ef41b openssl-debuginfo-1.0.0-27.el6_4.6.x86_64.rpm     MD5: cf962176014fbcfac9fe611ffc9204d7SHA-256: 2802864bf25f34cbe8eb9bd442d1b0b8944ae48ad2f2eb1863eb76d2f9826f28 openssl-devel-1.0.0-27.el6_4.6.i686.rpm     MD5: bce39dd7b66222f5aa048aeb55d95038SHA-256: 9c69da3f1e06676b7e893a47e1aafeda436e6e645713a43b953874cbee686d2f openssl-devel-1.0.0-27.el6_4.6.x86_64.rpm     MD5: 219df41ce6653efba18c31bf19c6159cSHA-256: 96040b82037ca1d80f2757a59fa3a2e1189caa11c5dcc3e6eb90964ed6615cb4 openssl-perl-1.0.0-27.el6_4.6.x86_64.rpm     MD5: 2312173a2cd99700dd37af87f28607a1SHA-256: 8cb1bc37241a68550dcbbbf6f3c5f642f5747941d54cd58420263dc477a99d2b openssl-static-1.0.0-27.el6_4.6.x86_64.rpm     MD5: debebf325d388f14d7e4e5e5aed51424SHA-256: c032bdd91bf082810e3e1055ad8e82d7d92fb76cbeea793a6655bc161b7a0b20   Red Hat Enterprise Linux Server AUS (v. 6.5) SRPMS: openssl-1.0.1e-16.el6_5.17.src.rpm     MD5: 5ac58715fa3acc201bfbbf9a815e00f6SHA-256: 15a580360f7ffa8fe9d0016342e14e02d87d4b0539b53289b2ec64f306507737   x86_64: openssl-1.0.1e-16.el6_5.17.i686.rpm     MD5: da3de0115faed9ec745cc09b0a741345SHA-256: 9864089c87d87ca41eecc1dcd38eee99717b09f5d6c846d253d9f3a52c6b354a openssl-1.0.1e-16.el6_5.17.x86_64.rpm     MD5: dd0b349d5565f02b9af39fb17c138806SHA-256: 340745effdd83effe7eb1984ae8e8d09d227daa53db132e8dae1b8e499e4b0eb openssl-debuginfo-1.0.1e-16.el6_5.17.i686.rpm     MD5: f11a92be85d4aa1d23028e678898d43bSHA-256: 60644b64ef5ba9cdb3402f03cc434b5b2ea4d85c5d4d32cd19d2cbd4ca21aafa openssl-debuginfo-1.0.1e-16.el6_5.17.x86_64.rpm     MD5: de2bb10419348c499ff0955dfc687ffaSHA-256: 3f66efe726b4eea71cebe2092af5a0773113a8f7e8f91be83b75dc12886c2f12 openssl-devel-1.0.1e-16.el6_5.17.i686.rpm     MD5: 1cacc5dd456079b99d3a875e079bcfc8SHA-256: 7a7291a9058caad5df7c7dc9fb62612dbc4789281236f3868e7c774b44ba772a openssl-devel-1.0.1e-16.el6_5.17.x86_64.rpm     MD5: 34739629b756a888943e1c0e493ea4e4SHA-256: 634c600ada6775c86a5267b582a95a217edb7b84297f5db70203ea4b8dd67eb9 openssl-perl-1.0.1e-16.el6_5.17.x86_64.rpm     MD5: 48e9c87355d20a6de39c9a884b80b62fSHA-256: abb5d288d401308ab477aa50facc17124233c63d4bb693f95fc5e424e3a0230e openssl-static-1.0.1e-16.el6_5.17.x86_64.rpm     MD5: 1cabfe4d64643d0a221fed979f209129SHA-256: f52f764cf6435fff35ec8c17fffb5685b6e57c9cfa8eb2235c11b89dfba8f926   Red Hat Enterprise Linux Server EUS (v. 6.7.z) SRPMS: openssl-1.0.1e-42.el6_7.6.src.rpm     MD5: 07ce97b5305e7659d4162d1c16d82131SHA-256: 212e2a96caf1698cf7fc0237d7c16074b13d105c791256b94d0dab9698b6bc28   IA-32: openssl-1.0.1e-42.el6_7.6.i686.rpm     MD5: 2d850e7fb5f534d05e1f9bdd521b60e5SHA-256: f0b4a62fd13063cf99834a2288465d96427d8de97bda125cf5ef797b471f8b0a openssl-debuginfo-1.0.1e-42.el6_7.6.i686.rpm     MD5: 68eb1904283608de2220307d4fd7e496SHA-256: e225c8183e6e4d50c727245882610e2a2b1564c28d432cc130ca096198afbb3c openssl-devel-1.0.1e-42.el6_7.6.i686.rpm     MD5: e17d833d9ad11e8a012b5e9a965d5db5SHA-256: 0215c8d9d0c317c612f3261872558cd6ff0da13e239c4ff5896f907fcd5064cc openssl-perl-1.0.1e-42.el6_7.6.i686.rpm     MD5: 36f81f537ca51c70bc6143559ef099c5SHA-256: 9cf86e465f0558e641fca393fa6a685ab72864c03f34caf807478c904dbafa14 openssl-static-1.0.1e-42.el6_7.6.i686.rpm     MD5: e48d0416cef97c8a46e5210942afd8bcSHA-256: 43cf82fd605f1091f5a89e021f49e6bdd29bdd63972a3b190faecc7437ce502d   PPC: openssl-1.0.1e-42.el6_7.6.ppc.rpm     MD5: 94bcde30fa845895a9c9034f1d8a9f4fSHA-256: 493c2374648acf21f4b8cba285425656297e3c527b26d1cf89577a2fa3aae4c6 openssl-1.0.1e-42.el6_7.6.ppc64.rpm     MD5: 818946d8d93e8108008b7ab8a31c1d6bSHA-256: f501ef06d9b628d13c3b78fada647e490e06f309c6093e72dc4ce5d40af86165 openssl-debuginfo-1.0.1e-42.el6_7.6.ppc.rpm     MD5: 114cfd8655d09ad4b019b1753988ed0aSHA-256: a8074ad5a140c41a41d7d2b4289418c59694fdd050ee6cc68a554527fefb7439 openssl-debuginfo-1.0.1e-42.el6_7.6.ppc64.rpm     MD5: a93a53db1b4f1d355aff4ae9cd671bf7SHA-256: 3e54f30f40346f962233ae365e0c339e49324da4f487f6863f4767952c235671 openssl-devel-1.0.1e-42.el6_7.6.ppc.rpm     MD5: b6a8687edf10f458fda128828a986371SHA-256: 5a3f688e979ea361e5a3cfb4ce36c7f1cd63b86a4d0c7cbbd8d00de1379a104b openssl-devel-1.0.1e-42.el6_7.6.ppc64.rpm     MD5: ec8c7064b06d0adb5f86b24e973cf45dSHA-256: 598f464c0891147622ea9b00d8d84d8513ac53a1f1f9a3c99468a68dc73467e4 openssl-perl-1.0.1e-42.el6_7.6.ppc64.rpm     MD5: d39e8b062d3a04404473c8b1b36f7ed8SHA-256: 5858a178f4e8c35c9e4b7bc8bd4685d60b5dd38b6a8d0f5e8fcb28dc934994e5 openssl-static-1.0.1e-42.el6_7.6.ppc64.rpm     MD5: d262d5ef30f00f5e9189b53eee433c1dSHA-256: 2480b54187f61f0a4425c73d519fb662d703b9e5b50a13e6377da41de549af30   s390x: openssl-1.0.1e-42.el6_7.6.s390.rpm     MD5: 9a4509252069bf9060a747a42e426d8cSHA-256: e8e20846787b5edc60ca53b9f97795fda2aaca677eb7d2d98aee3ed287b93d2f openssl-1.0.1e-42.el6_7.6.s390x.rpm     MD5: f71f70909bb665f51e417e42b61ef877SHA-256: 9551ff1a71e2900434fc3ce7a47775c9137aa8284d6872cd32a67c1e15774c01 openssl-debuginfo-1.0.1e-42.el6_7.6.s390.rpm     MD5: b97586ad6482539e6df0c8fea77284a5SHA-256: dfe1226730560b3af6a70cd8f1f9ccb1105dd0cf678f7e8127d549242abc082c openssl-debuginfo-1.0.1e-42.el6_7.6.s390x.rpm     MD5: 8d502bd0b86e00d4f23c82afe7cafb94SHA-256: 0eb08bb81f826cadae97ebfcbde564ee56561b2c6c43d504f63335dee9050679 openssl-devel-1.0.1e-42.el6_7.6.s390.rpm     MD5: 4150e836ad7f94894684d9753080a181SHA-256: 3d98fb0dda48a64bb6757e3331fec7e5bbc65680b503df169f1089f2fd196702 openssl-devel-1.0.1e-42.el6_7.6.s390x.rpm     MD5: 37fecbfb17f31b8adea2d960117671d5SHA-256: 79065e19ddf490fe0533446af42915e66e1644f41472b4635dbe508dcfbaf4c9 openssl-perl-1.0.1e-42.el6_7.6.s390x.rpm     MD5: aac3bedc311301938bbfbee0267a38bcSHA-256: 0c8ae68aa72fcbfc174e6ea364a0923c35e61c94b68026828fefcf0f28ef09c3 openssl-static-1.0.1e-42.el6_7.6.s390x.rpm     MD5: 8f6c78cd1bd5ce68bd84b8f74de5dc47SHA-256: 613730ac20110d721ed8518015bb61e0d5d0e75ca0112bdc8444bc6dca130759   x86_64: openssl-1.0.1e-42.el6_7.6.i686.rpm     MD5: 2d850e7fb5f534d05e1f9bdd521b60e5SHA-256: f0b4a62fd13063cf99834a2288465d96427d8de97bda125cf5ef797b471f8b0a openssl-1.0.1e-42.el6_7.6.x86_64.rpm     MD5: 9dfe30dcbf8cbc742fb2f1568a320814SHA-256: f54cc08bc502563a9a48bdb532d65c7ade3f867a4be2f4ce2cf438764af58292 openssl-debuginfo-1.0.1e-42.el6_7.6.i686.rpm     MD5: 68eb1904283608de2220307d4fd7e496SHA-256: e225c8183e6e4d50c727245882610e2a2b1564c28d432cc130ca096198afbb3c openssl-debuginfo-1.0.1e-42.el6_7.6.x86_64.rpm     MD5: de98ab289a3aa1df54815ba4512e8f5eSHA-256: 28e6292f764b38c42cd9dab8a98a445d46f7bef7de94d85e7d9aa0550eba937a openssl-devel-1.0.1e-42.el6_7.6.i686.rpm     MD5: e17d833d9ad11e8a012b5e9a965d5db5SHA-256: 0215c8d9d0c317c612f3261872558cd6ff0da13e239c4ff5896f907fcd5064cc openssl-devel-1.0.1e-42.el6_7.6.x86_64.rpm     MD5: 83e88397f1da07e20cb92144b5ecb783SHA-256: 42d008f28ae13d4e1811672ea2a5b77bb87d7bb53f06e296e1d96ba1564d3d15 openssl-perl-1.0.1e-42.el6_7.6.x86_64.rpm     MD5: 146a8a64862a157f6e954dbf1f48a3a8SHA-256: 70558d1c059dd9001e142c689f6b734328db9ed22a5f8967a05a0ec69e877a22 openssl-static-1.0.1e-42.el6_7.6.x86_64.rpm     MD5: 127c31812e733703993cd9b271cad932SHA-256: de82b2a347d095e09f3abdc086a241c8e560c817c40dba2725064bf85768fbc4   Red Hat Enterprise Linux Server TUS (v. 6.5) SRPMS: openssl-1.0.1e-16.el6_5.17.src.rpm     MD5: 5ac58715fa3acc201bfbbf9a815e00f6SHA-256: 15a580360f7ffa8fe9d0016342e14e02d87d4b0539b53289b2ec64f306507737   x86_64: openssl-1.0.1e-16.el6_5.17.i686.rpm     MD5: da3de0115faed9ec745cc09b0a741345SHA-256: 9864089c87d87ca41eecc1dcd38eee99717b09f5d6c846d253d9f3a52c6b354a openssl-1.0.1e-16.el6_5.17.x86_64.rpm     MD5: dd0b349d5565f02b9af39fb17c138806SHA-256: 340745effdd83effe7eb1984ae8e8d09d227daa53db132e8dae1b8e499e4b0eb openssl-debuginfo-1.0.1e-16.el6_5.17.i686.rpm     MD5: f11a92be85d4aa1d23028e678898d43bSHA-256: 60644b64ef5ba9cdb3402f03cc434b5b2ea4d85c5d4d32cd19d2cbd4ca21aafa openssl-debuginfo-1.0.1e-16.el6_5.17.x86_64.rpm     MD5: de2bb10419348c499ff0955dfc687ffaSHA-256: 3f66efe726b4eea71cebe2092af5a0773113a8f7e8f91be83b75dc12886c2f12 openssl-devel-1.0.1e-16.el6_5.17.i686.rpm     MD5: 1cacc5dd456079b99d3a875e079bcfc8SHA-256: 7a7291a9058caad5df7c7dc9fb62612dbc4789281236f3868e7c774b44ba772a openssl-devel-1.0.1e-16.el6_5.17.x86_64.rpm     MD5: 34739629b756a888943e1c0e493ea4e4SHA-256: 634c600ada6775c86a5267b582a95a217edb7b84297f5db70203ea4b8dd67eb9 openssl-perl-1.0.1e-16.el6_5.17.x86_64.rpm     MD5: 48e9c87355d20a6de39c9a884b80b62fSHA-256: abb5d288d401308ab477aa50facc17124233c63d4bb693f95fc5e424e3a0230e openssl-static-1.0.1e-16.el6_5.17.x86_64.rpm     MD5: 1cabfe4d64643d0a221fed979f209129SHA-256: f52f764cf6435fff35ec8c17fffb5685b6e57c9cfa8eb2235c11b89dfba8f926   Red Hat Enterprise Linux Server TUS (v. 6.6) SRPMS: openssl-1.0.1e-30.el6_6.13.src.rpm     MD5: 38dececcfb75ac52da2a72f17bb9661eSHA-256: d8761c3fe41190614eea8c1b5ae644c4a22eb6e68e60bd1a605b8c3d6d90337f   x86_64: openssl-1.0.1e-30.el6_6.13.i686.rpm     MD5: 8859f2839c16d4230e432a5257459bd6SHA-256: d0b7efd479b4d8687f11f4918eb56c2f89f23147e842662d8fa7c8e93f04df81 openssl-1.0.1e-30.el6_6.13.x86_64.rpm     MD5: 9150eaceabd0c059edc9f8c1217a17c3SHA-256: d8762b2951728c697acbf15d75d8765947b40553ccbe627e75b1735aca4fd18a openssl-debuginfo-1.0.1e-30.el6_6.13.i686.rpm     MD5: a426f6f0b7fd346aa183d5661ea6793aSHA-256: 16f51845dc05eb7a9c964e42cbfd7a158fe465c92edd335977ef94d56147badb openssl-debuginfo-1.0.1e-30.el6_6.13.x86_64.rpm     MD5: 521ccd1d7d80eaa5f6a16106fbfe6d7fSHA-256: 4daddf87dd85e0c6237e623cb6d18bc932646c754e23e1976f0c6713fa76e367 openssl-devel-1.0.1e-30.el6_6.13.i686.rpm     MD5: 06958bfdf9a50af710e43d71d7c48562SHA-256: 516ed3f5d52e218d11ed28113c8f0bec46cc0ba0328a98a3f0df20c7b77d9cbd openssl-devel-1.0.1e-30.el6_6.13.x86_64.rpm     MD5: c98a4d9d2f67bd7620799afe5c1b81c6SHA-256: 0fe271b6e90a2edf720a680bce5a95001c5691331278e35dd2b814663071be0d openssl-perl-1.0.1e-30.el6_6.13.x86_64.rpm     MD5: 9a21ef88e31dc1295b3a9f83fc009d4fSHA-256: 07cdde29869342623d2af74affcec8f13b3f829b6d4bdbd330cb14d86ebe50ce openssl-static-1.0.1e-30.el6_6.13.x86_64.rpm     MD5: f6cbe50b60223456f98f789b8de4acb1SHA-256: 9d926dba715cdcd676c8917992ab11d4c9d9997aa815fdf8941b90b4652f94dc   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

RHBA-2016:2081-1: ntp bug fix update

Updated ntp packages that fix one bug are now available for Red Hat EnterpriseLinux 6.5 Advanced Update Support. The Network Time Protocol (NTP) is used to synchronize a computer's time withanother referenced time source.

This package includes the ntpd daemon whichcontinuously adjusts system time and utilities used to query and configure thentpd daemon.This update fixes the following bug:* Previously, when the ntpd daemon was configured with the "-x" option to adjustthe system clock slowly instead of changing the time instantaneously, the systemclock was incorrectly changed instantaneously when a leap second occurred.
Incertain applications, this could lead to a variety of system clock relatedproblems, such as incorrect event sorting or triggering.

To fix this bug, ntpdnow adjusts for the leap second slowly over a long interval, which prevents thedescribed problems. (BZ#1381600)Users of ntp are advised to upgrade to these updated packages, which fix thisbug. Before applying this update, make sure all previously released errata relevantto your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat Enterprise Linux Server AUS (v. 6.5) SRPMS: ntp-4.2.6p5-2.el6_5.2.src.rpm     MD5: d26ed124a6fd84aac6b516da8185b408SHA-256: c7c0018e35670f903fb6a0ad71e8a0d3620ba31c5ba0fc44b2d3a9b1e05a1c7a   x86_64: ntp-4.2.6p5-2.el6_5.2.x86_64.rpm     MD5: d2e33785c47867ce5a55f81d1623cb61SHA-256: 891d4474b9e319e1c8575b4e72035d658eb92370496e3fa1799f9e0fe5d6e918 ntp-debuginfo-4.2.6p5-2.el6_5.2.x86_64.rpm     MD5: 619e0c6ba4e910b6b776f53e2b7e2937SHA-256: efd6ce810704d8281feea8391c4f5cde43c052614ba2b9ba2904dd27f81dff91 ntp-doc-4.2.6p5-2.el6_5.2.noarch.rpm     MD5: e8d3dd235ee450ae92e0b4dbbf255c59SHA-256: 586cba5ddbf9b6ea3b7047a918ede9ff6a56ad23af17ba34c871bf85705d1585 ntp-perl-4.2.6p5-2.el6_5.2.x86_64.rpm     MD5: 5c59ace11158673a193e029d8221bd88SHA-256: 531b962cdbf2bea25dce3d10a4071e5722025b805c123f97791717426d6ce857 ntpdate-4.2.6p5-2.el6_5.2.x86_64.rpm     MD5: 958cdc4d7bfb9e1bfb3d34c5e314393bSHA-256: 4008c3fa8cecc16252b26c5ecb9ccf833dd42456acbd0a5762e0f8b6a9fa90bb   (The unlinked packages above are only available from the Red Hat Network) 1381600 - ntpd -x steps clock on leap second These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:

RHSA-2016:2073-1: Important: openssl security update

An update for openssl is now available for Red Hat Enterprise Linux 6.7 ExtendedUpdate Support.Red Hat Product Security has rated this update as having a security impact ofImportant.

A Common Vulnerability Scoring System (CVSS) base score, which givesa detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) andTransport Layer Security (TLS) protocols, as well as a full-strengthgeneral-purpose cryptography library.Security Fix(es):* A flaw was found in the way OpenSSL encoded certain ASN.1 data structures.

Anattacker could use this flaw to create a specially crafted certificate which,when verified or re-encoded by OpenSSL, could cause it to crash, or executearbitrary code using the permissions of the user running an application compiledagainst the OpenSSL library. (CVE-2016-2108)* Two integer overflow flaws, leading to buffer overflows, were found in the waythe EVP_EncodeUpdate() and EVP_EncryptUpdate() functions of OpenSSL parsed verylarge amounts of input data.

A remote attacker could use these flaws to crash anapplication using OpenSSL or, possibly, execute arbitrary code with thepermissions of the user running that application. (CVE-2016-2105, CVE-2016-2106)* It was discovered that OpenSSL leaked timing information when decryptingTLS/SSL and DTLS protocol encrypted records when the connection used the AES CBCcipher suite and the server supported AES-NI.

A remote attacker could possiblyuse this flaw to retrieve plain text from encrypted packets by using a TLS/SSLor DTLS server as a padding oracle. (CVE-2016-2107)* Several flaws were found in the way BIO_*printf functions were implemented inOpenSSL.

Applications which passed large amounts of untrusted data through thesefunctions could crash or potentially execute code with the permissions of theuser running such an application. (CVE-2016-0799, CVE-2016-2842)* A denial of service flaw was found in the way OpenSSL parsed certainASN.1-encoded data from BIO (OpenSSL's I/O abstraction) inputs.

An applicationusing OpenSSL that accepts untrusted ASN.1 BIO input could be forced to allocatean excessive amount of data. (CVE-2016-2109)Red Hat would like to thank the OpenSSL project for reporting CVE-2016-2108,CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, and CVE-2016-0799.Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Böck, and DavidBenjamin (Google) as the original reporters of CVE-2016-2108; Guido Vranken asthe original reporter of CVE-2016-2842, CVE-2016-2105, CVE-2016-2106, andCVE-2016-0799; and Juraj Somorovsky as the original reporter of CVE-2016-2107. For details on how to apply this update, which includes the changes described inthis advisory, refer to:https://access.redhat.com/articles/11258For the update to take effect, all services linked to the OpenSSL library mustbe restarted, or the system rebooted.Red Hat Enterprise Linux Server EUS (v. 6.7.z) SRPMS: openssl-1.0.1e-42.el6_7.5.src.rpm     MD5: 808b585b4187578b53d016624dc79da0SHA-256: e33f45dc75eefcad482aa713a5ec3f0cee83f38f194cd7556f36a4d178480a2c   IA-32: openssl-1.0.1e-42.el6_7.5.i686.rpm     MD5: 21579d2ac312c85e41bfaef3f5415c22SHA-256: 63e48e423226c883de90593cb8e59c858d48220de1ea31f9d67b6cafd3436a73 openssl-debuginfo-1.0.1e-42.el6_7.5.i686.rpm     MD5: 676d21489252d459503ac25b57070907SHA-256: 58762bee1d33a1331a2dcc483bc5b7f594748d46a53908e8e9871c0222df1747 openssl-devel-1.0.1e-42.el6_7.5.i686.rpm     MD5: fc844473e0d330f30c0cfb88bf787dd0SHA-256: b83d8ca7aca242e30c4aace64f27f19eda1393135256eefe0147d58c458a3069 openssl-perl-1.0.1e-42.el6_7.5.i686.rpm     MD5: fcae62c5af4f881950f2f200d14e4dd8SHA-256: 6ce53f4157afbf3c7e6998c1b5cafa2154e54b437a9834cb3737ac9b497a36e1 openssl-static-1.0.1e-42.el6_7.5.i686.rpm     MD5: 33c843d59c6184c9a3612c39f98b5785SHA-256: f73dd7d146f301687bb75292d98aff63f29ca52e50bcac69bfb81b0585e2785f   PPC: openssl-1.0.1e-42.el6_7.5.ppc.rpm     MD5: 7cf9f81f18e9513cf1fe64e7bb33b61fSHA-256: 22741c8de5de710adf566993daac53a02367fbd6098380f4ce5f74eca24873b0 openssl-1.0.1e-42.el6_7.5.ppc64.rpm     MD5: 7f9b161559f07d601337ba5c089f58f3SHA-256: 6ea58950e5b6a775d132bbb218b2b6b747658b8bab9788f05e92cdfcee96ba8f openssl-debuginfo-1.0.1e-42.el6_7.5.ppc.rpm     MD5: 434620e6eff6c7a1759ec0513c8280a8SHA-256: 55015ec5a98f38441c2921edf789da14239cca674547a6fedaf7fe8984fb0d81 openssl-debuginfo-1.0.1e-42.el6_7.5.ppc64.rpm     MD5: a5defabb08799810d935377f7433aa93SHA-256: cb37ec839ea6bda905fb1f3ef0615c640a7c6c8ff5f22d07ce2f164b4f71a025 openssl-devel-1.0.1e-42.el6_7.5.ppc.rpm     MD5: 8cb7bbc52e378ce38f8c401e5c6284eaSHA-256: f06c3832920c086df7ef1c6ef87a6137b3644486484fb22438cd7ef270b2c71d openssl-devel-1.0.1e-42.el6_7.5.ppc64.rpm     MD5: 1784c9589265c2c4b24768260f870a60SHA-256: d71888e97d397d29c913b7ad17483279a1af9109d7f5876c9a85e759fbb84b88 openssl-perl-1.0.1e-42.el6_7.5.ppc64.rpm     MD5: 3da9f5bbf9ae33bdad9dbfa85c5f9572SHA-256: 35739470ca0b02c076b4d55f6b864d773668e67d2c5bf2e7d9a708f320610e9b openssl-static-1.0.1e-42.el6_7.5.ppc64.rpm     MD5: cb6a96ae40f64e2af7a145773e9ee02cSHA-256: 11e3e866f579e641be1ac9120b010c398e9bfebfe0aac1d26e14e3e861c399f6   s390x: openssl-1.0.1e-42.el6_7.5.s390.rpm     MD5: 9e882af414d9523c01da85d464d50af0SHA-256: 50c8c5cd64e72a8459553beed4dffe3fc564203824c5fc64d1f9d2aa1d8fee05 openssl-1.0.1e-42.el6_7.5.s390x.rpm     MD5: b58c35692c5d36a6f3bd85c886352991SHA-256: a67ff7592297e8bcb28f6d3b2b20d5aae256bf33f466a587aac5d693dcd5755d openssl-debuginfo-1.0.1e-42.el6_7.5.s390.rpm     MD5: 46f7ff2e882aa2a91e4b148e7e5055f7SHA-256: 249f5b02580eb3c009b854225ad8b821d058785c189186502976a347fcf956e6 openssl-debuginfo-1.0.1e-42.el6_7.5.s390x.rpm     MD5: 9a1a7624e5cc8a6fc92bc85be8dac443SHA-256: 19cbe27a1d2a5b86866b660a93c8ec38151b88ecc653231bfa556af7ff6228cb openssl-devel-1.0.1e-42.el6_7.5.s390.rpm     MD5: e0eb00b0d229cd055b388ed96c76447cSHA-256: 113bf5ab2de457a71d2c8b0960553677562d92a0427a647dbb9037bf14656b0e openssl-devel-1.0.1e-42.el6_7.5.s390x.rpm     MD5: c7ba6b5878f3d6dbacfee6abb7f72e50SHA-256: 4e87879e27924c303db690f4fb2d48c3a2e78143c5a2091a644fe76a7cb33189 openssl-perl-1.0.1e-42.el6_7.5.s390x.rpm     MD5: c9d4e49bd5aa41c507af4308d8b7f25eSHA-256: 89a943afdb385785bef11a05ac17accf688c69555d527cc070a20ec0754e670e openssl-static-1.0.1e-42.el6_7.5.s390x.rpm     MD5: 05fdd32e33253976e81dbad1e76fac09SHA-256: 242faa58b512c13bb5c30a4abd9058e6051758ded923019795800fd7a73bc80c   x86_64: openssl-1.0.1e-42.el6_7.5.i686.rpm     MD5: 21579d2ac312c85e41bfaef3f5415c22SHA-256: 63e48e423226c883de90593cb8e59c858d48220de1ea31f9d67b6cafd3436a73 openssl-1.0.1e-42.el6_7.5.x86_64.rpm     MD5: 165c782875707fb1736822f2b127d0dbSHA-256: 75f214edc3107de2462ee82a2b790ee1a3f8c8c4922340d89f771233e3eb6ea6 openssl-debuginfo-1.0.1e-42.el6_7.5.i686.rpm     MD5: 676d21489252d459503ac25b57070907SHA-256: 58762bee1d33a1331a2dcc483bc5b7f594748d46a53908e8e9871c0222df1747 openssl-debuginfo-1.0.1e-42.el6_7.5.x86_64.rpm     MD5: 6fadcd4088a390d726d3685a5afabc3cSHA-256: 1491ca7530461ccb82aab3a443652f20a2ef48b18fc7f426124491603da7b48b openssl-devel-1.0.1e-42.el6_7.5.i686.rpm     MD5: fc844473e0d330f30c0cfb88bf787dd0SHA-256: b83d8ca7aca242e30c4aace64f27f19eda1393135256eefe0147d58c458a3069 openssl-devel-1.0.1e-42.el6_7.5.x86_64.rpm     MD5: 9447f2e521f9b328c52dd1b7820c26d0SHA-256: 15946bb4bda18fa516d8b2a9c9695087b31022f9b99a80bf9fa6ca49cfdd84de openssl-perl-1.0.1e-42.el6_7.5.x86_64.rpm     MD5: 5c421903cab35c54ff29059098f38e85SHA-256: 497b8dcc8e74f5563a7779f2b09a25f2a63b65e7cece3f3d77df278a5b4f94a5 openssl-static-1.0.1e-42.el6_7.5.x86_64.rpm     MD5: db9752d6f5c22c0844ab9eab17baad9fSHA-256: 74f423f4371d78a4f7d2e089e4bebb2cb6a15c0e31aa647fbdc43028f8851d25   (The unlinked packages above are only available from the Red Hat Network) 1312219 - CVE-2016-0799 OpenSSL: Fix memory issues in BIO_*printf functions1314757 - CVE-2016-2842 openssl: doapr_outch function does not verify that certain memory allocation succeeds1330101 - CVE-2016-2109 openssl: ASN.1 BIO handling of large amounts of data1331402 - CVE-2016-2108 openssl: Memory corruption in the ASN.1 encoder1331426 - CVE-2016-2107 openssl: Padding oracle in AES-NI CBC MAC check1331441 - CVE-2016-2105 openssl: EVP_EncodeUpdate overflow1331536 - CVE-2016-2106 openssl: EVP_EncryptUpdate overflow These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: