8.7 C
London
Wednesday, September 20, 2017
Home Tags PostgreSQL

Tag: postgreSQL

JavaScript Object Notation is a schema-less, text-based representation of structured data that is based on key-value pairs and ordered lists.

Although JSON is derived from JavaScript, it is supported either natively or through libraries in most major programming languages. JSON is commonly, but not exclusively, used to exchange information between web clients and web servers. Over the last 15 years, JSON has become ubiquitous on the web.

Today it is the format of choice for almost every publicly available web service, and it is frequently used for private web services as well.[ 9 lies programmers tell themselves. | 9 bad programming habits we secretly love. ]The popularity of JSON has also resulted in native JSON support by many databases. Relational databases like PostgreSQL and MySQL now ship with native support for storing and querying JSON data. NoSQL databases like MongoDB and Neo4j also support JSON, though MongoDB uses a slightly modified, binary version of JSON behind the scenes.To read this article in full or to leave a comment, please click here
Open source projects, companies and business models have been with us for more than two decades now.

There are business success stories around Linux, Hadoop, PostgreSQL, Apache Camel, and others that deliver fully open source products.While the build environments and parameters may or may not be available to build the same certified binaries, the source code is available for users to pick up and use on their own if they so choose.Enterprise IT may go on their own either for initial deployments if total-cost-of-ownership analysis is not favorable for the product subscription or to migrate to in the case if dissatisfied with vendor quality and/or service.

This is the so-called “.org challengerdquo; to open source companies to deliver enough ongoing value to counter the self-support urge of customers and potential customers.To read this article in full or to leave a comment, please click here
DBAs: strap on your patching boots.

Every DB in your clusters needs work PostgreSQL has released three security patches for versions 9.6.4, 9.5.8, 9.4.13, 9.3.18, and 9.2.22.…
There's also a nifty new browser-based admin shell.
The next major release of the PostgreSQL open source database system, version 10, aims to satisfy the SQL faithful.Over the last few years, conventional databases have rolled in more features inspired by or borrowed outright from NoSQL. PostgreSQL a...
Updated freeradius packages that fix one bug are now available for Red HatEnterprise Linux 7. FreeRADIUS is a high-performance and highly configurable free RemoteAuthentication Dial In User Service (RADIUS) server, designed to allowcentralized authentication and authorization for a network.This update fixes the following bug:* Previously, the FreeRADIUS server exported symbols that were conflicting withsymbols defined in the libltdl library. When the FreeRADIUS server tried to opena connection to the MSSQL server using the rlm_sql_odbc interface and UnixODBCwas configured to use the FreeTDS library, the connection failed with thefollowing error message:"undefined symbol: get_vtable"This update renames the conflicting symbols. As a result, connections to MSSQLservers no longer fail in the described situation. (BZ#1394787)Users of freeradius are advised to upgrade to these updated packages, which fixthis bug. Red Hat Enterprise Linux Server (v. 7) SRPMS: freeradius-3.0.4-7.el7_3.src.rpm     MD5: 5e96632852397a55278fe7ad2409a29fSHA-256: 59509a3a66c6f70128580d87a3bf62c2f0d6d0ab85091993db83577756c2e27b   PPC: freeradius-3.0.4-7.el7_3.ppc64.rpm     MD5: aaa2f1fe524aef8201e3772c173e2a34SHA-256: 0b688cafd42eeaa14d54e1e7f9546645d544ee475e9daadd1e02712abeeebcc0 freeradius-debuginfo-3.0.4-7.el7_3.ppc.rpm     MD5: af8723c15c2bfdacd412806d4ed706dcSHA-256: 858a8955723f9166bbeeda8612a57c56bdb7f8ab7634b37a434436ce50b3176b freeradius-debuginfo-3.0.4-7.el7_3.ppc64.rpm     MD5: ccbbe1acbcc2f8d6ed89e1163a794e9bSHA-256: 51c4b41197d27cebb8d1ba4f37e4786ba7230eca75cbac931339646213e4cfc1 freeradius-devel-3.0.4-7.el7_3.ppc.rpm     MD5: 5711896014d5f0c4e3d4e3401efef6d3SHA-256: 4a1d7c00c22fca5e4b9e3d1e6c6d45792665729be9092b97384ca2215123864e freeradius-devel-3.0.4-7.el7_3.ppc64.rpm     MD5: b34c5265db6b567b8afb1cd48f03f64aSHA-256: e73f1521821ba950dd37cf2770486d332f7559207d3085b8b2d607d27d8592eb freeradius-doc-3.0.4-7.el7_3.ppc64.rpm     MD5: 3f37c3cdbb151bbc7dc67ab48d61e1a4SHA-256: 42c405e19145b88da6463a637b319abbbb29a6e1ec28044f7358a068d1371119 freeradius-krb5-3.0.4-7.el7_3.ppc64.rpm     MD5: eec5c37d9a0ce12b10bbb2f05e9df053SHA-256: 924feb65d3def899c43fb9e87eeb88d56bee385cf7c4dd4dbd7a4f5ddcd28a3b freeradius-ldap-3.0.4-7.el7_3.ppc64.rpm     MD5: 665c19ec33d00d18ee8b687c7a6dea4eSHA-256: cc745bc192933d19251695b3d2256f9e429852306ed95ad4937121bca2d2571e freeradius-mysql-3.0.4-7.el7_3.ppc64.rpm     MD5: 9b2d94a819845f7bd16886e7bc0bf8ccSHA-256: ccb9084b9946b7f0d8cadeb206c8badeae04ac95dfcffd2058ee1ece636c337c freeradius-perl-3.0.4-7.el7_3.ppc64.rpm     MD5: 2b0026f1992724a1377c724df6c120d5SHA-256: 9451a7592fa6c72e56a1996e682fe30b4d075eed3eb573f865313af961ab25e9 freeradius-postgresql-3.0.4-7.el7_3.ppc64.rpm     MD5: 9c91489ddc979db2c0e40b243785fc1eSHA-256: 22587e4769f76e26e6cca92216cb2d6459dfd82c90b916dcbe2b89764f7bee1e freeradius-python-3.0.4-7.el7_3.ppc64.rpm     MD5: 8c027857f0dbe9bdcaabbb6de55e46b5SHA-256: 7f6c1699bb3db9a8fb9a44abf400949513444590a44ba338e9325c1000f7ad6f freeradius-sqlite-3.0.4-7.el7_3.ppc64.rpm     MD5: 73effd27c782ceaf261899457e274c6cSHA-256: 474a9099296e5bf94c27fb964daa30508d9f76c94155d47c1c3870d7e364a3d9 freeradius-unixODBC-3.0.4-7.el7_3.ppc64.rpm     MD5: f0877c023811b0f7fcc9a546445e70e3SHA-256: 701b77c5ec0e64fa197be7d20c011ef79a6bad990c2fb6fb09aa99a70b341124 freeradius-utils-3.0.4-7.el7_3.ppc64.rpm     MD5: 094f5cc85a92eaa7bac692a3e1fd0217SHA-256: c5ea975b4cc148c42d9ae3b00c0caa006afd3eab0f43a0813246401860240776   PPC64LE: freeradius-3.0.4-7.el7_3.ppc64le.rpm     MD5: 5e0b1aa1289ffd43554db6275836c90bSHA-256: 07488616dfb9a8264cfc987103540d2dd5dfcc4abef53a2dc0f23c7e8f639bed freeradius-debuginfo-3.0.4-7.el7_3.ppc64le.rpm     MD5: 7e8a996e8d2efdd7c8383a3609c9da14SHA-256: b6652380de08e05cb23871b6c196e6aaf5758f0e6a03569f7d21b9cc0a930158 freeradius-devel-3.0.4-7.el7_3.ppc64le.rpm     MD5: f2bde27a58cb26df2a3564570e7f9d72SHA-256: 9d5ec51588136c246ac1bbd59786a0b08f906f37db5dcab0e699feeb5b1f662c freeradius-doc-3.0.4-7.el7_3.ppc64le.rpm     MD5: 5ee5af5e721f4413b181f8bfec827f55SHA-256: 11355cb8f27d55198bb1ca9428464696d538ab0cb0c1e6d51e8fe3d49fbe1b13 freeradius-krb5-3.0.4-7.el7_3.ppc64le.rpm     MD5: 7dd0647b8e3ed9eefd25e0df23db3d0eSHA-256: 9d5f61c648cc9b03dbfefa812a7154e2f85977e02400a45a0701dcb5811691ea freeradius-ldap-3.0.4-7.el7_3.ppc64le.rpm     MD5: 5df80476f533797412b8ef8eac7fe692SHA-256: 84e2443b283cdbffdbe4235cab0c1ae92c9764381db43d010805954e3c2c780a freeradius-mysql-3.0.4-7.el7_3.ppc64le.rpm     MD5: 56b856e3e0e8094641ed6897b11ed69cSHA-256: 86b7b33b399241b27023ff7c202b47fb50aa11b29169b7196d90341dcab0582e freeradius-perl-3.0.4-7.el7_3.ppc64le.rpm     MD5: 435d2f14683a8f51aecc804915fd9942SHA-256: 9bb3cac21d49fb7c715debd28159db6cb7ea1007b1f1f6772586f05f4593c541 freeradius-postgresql-3.0.4-7.el7_3.ppc64le.rpm     MD5: a71ffb8ed42f59e433a2082431f2fe4aSHA-256: 2deebc15e1bf41f9e6cd8da602d167992078e7276dc6a57deca23e15310f57f3 freeradius-python-3.0.4-7.el7_3.ppc64le.rpm     MD5: 089e0d939a2c6ff7599cd8e40b312fd2SHA-256: bf87ab72234ed742862c845adf378c03b35457cc6cdfaafb8451b1aa42cd0a96 freeradius-sqlite-3.0.4-7.el7_3.ppc64le.rpm     MD5: 59276f0ebe8cec373522d9b8872a6ca5SHA-256: 48ad2db3a6fb377ea34fd1b134038e55ebe2bab56103d552fa9844d43ae57bf5 freeradius-unixODBC-3.0.4-7.el7_3.ppc64le.rpm     MD5: f341c876508f64042ff9362a8677bd7bSHA-256: 67279b74e6698fcc2c5fa374c376fbfc2d11481a4bf6c989980fb4d7f98cea3f freeradius-utils-3.0.4-7.el7_3.ppc64le.rpm     MD5: 02d68a6b80678a76c9bcc57605be1e92SHA-256: e7df4369f9d61f3070299cb38581633084f9cc4e5ad4bd6974693443c0177892   s390x: freeradius-3.0.4-7.el7_3.s390x.rpm     MD5: 52bae7512435f85815620a39b6a23d0cSHA-256: c7ac534e0457ab9a36d1caff3c087868c3d4fd342c21ca434ce8665108fca58d freeradius-debuginfo-3.0.4-7.el7_3.s390.rpm     MD5: dc5025ddebe7a513846b3e0462f8603cSHA-256: e5474d9dde2ab8477c154b5399dc78d9aaaf4585b5a6d2938a0d2ae2b9a93fe1 freeradius-debuginfo-3.0.4-7.el7_3.s390x.rpm     MD5: 53e7b991142eab1a164767974d75caf3SHA-256: 1997c44040831b5b284f218ae485264ed52c822f86b07ca087028d6757514b48 freeradius-devel-3.0.4-7.el7_3.s390.rpm     MD5: fe3fbd2d654bfc1b128e68a06f069553SHA-256: 0db215de1770b8208649656b01983cb0d1521907b791a3e85bd5ea4383f37303 freeradius-devel-3.0.4-7.el7_3.s390x.rpm     MD5: 25698d6d169d6f82be0c8aa190efbfa2SHA-256: f58348d68c3203f84c6f6e85f68568d8081cb7a227eac2dc110436ded1cf1d7f freeradius-doc-3.0.4-7.el7_3.s390x.rpm     MD5: 39997fd4ccfde71b7717f18c41903697SHA-256: 2a8d8c80d4bb858276abf3cbf1af0995d34103c4d18cf8f55a7b80fe35badb06 freeradius-krb5-3.0.4-7.el7_3.s390x.rpm     MD5: ff536e3183408bc8a4ca37bd778ea3e4SHA-256: 5074472cdce0cfaedfaf24e5cea1ec565c1aadc693cca11ff10ac2b02c8e7469 freeradius-ldap-3.0.4-7.el7_3.s390x.rpm     MD5: 0f3aef5fb8d1ec941df5e6e18fcf6b57SHA-256: 3e03e2fbddfba25cc8432dbb363756aa513f749f1366786e92b495e92571896d freeradius-mysql-3.0.4-7.el7_3.s390x.rpm     MD5: 257cf4050b4681014e9ad1ede2c87d34SHA-256: f4e068f6e8df09d9d531cf814c82dedd661d1bea447c78d97f48260566eaeb90 freeradius-perl-3.0.4-7.el7_3.s390x.rpm     MD5: 28f0f21be0e8bed2047899eefaff1775SHA-256: d03d3ec074f3babe3c7f3763330a8879e170b8b0b596c9302932a8bf53d8aab4 freeradius-postgresql-3.0.4-7.el7_3.s390x.rpm     MD5: 065ad49d500e22359039caf24bc018ceSHA-256: cc1e6be66254c7fee8856510b0ca3a3b95f05ac008298b6acabf7b9e93cc9210 freeradius-python-3.0.4-7.el7_3.s390x.rpm     MD5: 69f69efd265f4f43f2015262f9516f26SHA-256: b6cc0eb3ff8674e0b01834641bb70fb5daa11878f5088e0e3691a7d361a83fba freeradius-sqlite-3.0.4-7.el7_3.s390x.rpm     MD5: db9ce18d2a37b07f2882d5ac8a2c588eSHA-256: dd731a73e9374a74d8ff687ec9b97e2ae7da3240da11d061a8b0f3cb0a9a0b99 freeradius-unixODBC-3.0.4-7.el7_3.s390x.rpm     MD5: 4f1f259eebf9416466e1475cccb489e3SHA-256: f8b779092fab55a4998e9f5d2b3770794e0a1802eff155f70f390e769a30d57a freeradius-utils-3.0.4-7.el7_3.s390x.rpm     MD5: 0a592741e5dde60ae6af76025702f4a8SHA-256: 188580afdbde07c0ed96dce567469265839cb40aeccb765e7bf33368d06c8be2   x86_64: freeradius-3.0.4-7.el7_3.x86_64.rpm     MD5: 324cd05f4175873056337301f5db3f3cSHA-256: 927a28600dfae5f3e469397e86c4cb1d07f8aff07c61485e723c865a1ba3d28a freeradius-debuginfo-3.0.4-7.el7_3.i686.rpm     MD5: 793281bdb20ce03387f32d67064467f8SHA-256: 91b7bb6fa4db6a526999075cefa33e6ec926f250ac9018dffe31322711bb513b freeradius-debuginfo-3.0.4-7.el7_3.x86_64.rpm     MD5: b066afb30956a2d756d1dada28987ca3SHA-256: c27eecb51018235c2953922d92b74fe179b564d69ac724a0af1914250b04475f freeradius-devel-3.0.4-7.el7_3.i686.rpm     MD5: 5b287335d4ffd19370f94de6e46c5c08SHA-256: 6f1113ce0bdd687ce87b031a53f7a51323ee88ccd9d0fe4fa60607143b1506b8 freeradius-devel-3.0.4-7.el7_3.x86_64.rpm     MD5: a012dea189d9cd4a934af530ba72cebeSHA-256: 62bf24ca618b1570c4a542260beb765cf831a8710d913b4cfee1b23b294862db freeradius-doc-3.0.4-7.el7_3.x86_64.rpm     MD5: 7de564b3f0a1c0746459b0d76f4c8196SHA-256: 8c46cbf09bf6a8c7c259c7a671018b40e8fee8fc72fe179dce3d6230666b7695 freeradius-krb5-3.0.4-7.el7_3.x86_64.rpm     MD5: 02b8e1aba5226b78631f8a25eab07594SHA-256: 5a380b1b428df3e9be595910d134026ccfc521d0983477ee3c1d2f9cae60aaa9 freeradius-ldap-3.0.4-7.el7_3.x86_64.rpm     MD5: 4bf09d747577ce1dda88437b17c086eeSHA-256: 8da7c2c2f7406a0cf23a396a50b29af8793d3055681017158fa290ae24280761 freeradius-mysql-3.0.4-7.el7_3.x86_64.rpm     MD5: caf7093d2d0709de3ec9f21a4858b114SHA-256: 7617d687aa3d7b57bf0fc5ad713783431568366de91c7ca7047b2c633d0305ef freeradius-perl-3.0.4-7.el7_3.x86_64.rpm     MD5: 0fd95f2575032c3583b225234ef06b1cSHA-256: 57fe0f68e18003307aa6ea14ec31175e3d71ed98f74e827d6a8569ce73816b01 freeradius-postgresql-3.0.4-7.el7_3.x86_64.rpm     MD5: 7ae05ec955cc1e33ac1b413250eafe15SHA-256: d60bce13100991ada442e837354a4991d7f37d4490f196a786057d6247ceaca2 freeradius-python-3.0.4-7.el7_3.x86_64.rpm     MD5: d65447e7d8d2b01847e10ecb89410dc1SHA-256: bbc0a3e3311b6799c952ae5161724af957025a0e15cdf815d16e104f24092c79 freeradius-sqlite-3.0.4-7.el7_3.x86_64.rpm     MD5: 3cbec77f072cc1b2217fd3a90e80a073SHA-256: 95250b415e278dbd7e4dd180d3139d188ac5ce5701f8fd4a28b2ba0ae381b7af freeradius-unixODBC-3.0.4-7.el7_3.x86_64.rpm     MD5: f35bb9c0457b1e07a55445c2c8f0a664SHA-256: ba5f154ce7cafd8e4074e644c73d27e2c669504bb394bcb38e490458dcc4789f freeradius-utils-3.0.4-7.el7_3.x86_64.rpm     MD5: a92a44d1daa697c379a8964dfd593983SHA-256: 945e3cdd8d9ed66857f7982c2a58a627ff607e0c4f4c926a316fcef6395f5074   Red Hat Enterprise Linux Server TUS (v. 7.3) SRPMS: freeradius-3.0.4-7.el7_3.src.rpm     MD5: 5e96632852397a55278fe7ad2409a29fSHA-256: 59509a3a66c6f70128580d87a3bf62c2f0d6d0ab85091993db83577756c2e27b   x86_64: freeradius-3.0.4-7.el7_3.x86_64.rpm     MD5: 324cd05f4175873056337301f5db3f3cSHA-256: 927a28600dfae5f3e469397e86c4cb1d07f8aff07c61485e723c865a1ba3d28a freeradius-debuginfo-3.0.4-7.el7_3.i686.rpm     MD5: 793281bdb20ce03387f32d67064467f8SHA-256: 91b7bb6fa4db6a526999075cefa33e6ec926f250ac9018dffe31322711bb513b freeradius-debuginfo-3.0.4-7.el7_3.x86_64.rpm     MD5: b066afb30956a2d756d1dada28987ca3SHA-256: c27eecb51018235c2953922d92b74fe179b564d69ac724a0af1914250b04475f freeradius-devel-3.0.4-7.el7_3.i686.rpm     MD5: 5b287335d4ffd19370f94de6e46c5c08SHA-256: 6f1113ce0bdd687ce87b031a53f7a51323ee88ccd9d0fe4fa60607143b1506b8 freeradius-devel-3.0.4-7.el7_3.x86_64.rpm     MD5: a012dea189d9cd4a934af530ba72cebeSHA-256: 62bf24ca618b1570c4a542260beb765cf831a8710d913b4cfee1b23b294862db freeradius-doc-3.0.4-7.el7_3.x86_64.rpm     MD5: 7de564b3f0a1c0746459b0d76f4c8196SHA-256: 8c46cbf09bf6a8c7c259c7a671018b40e8fee8fc72fe179dce3d6230666b7695 freeradius-krb5-3.0.4-7.el7_3.x86_64.rpm     MD5: 02b8e1aba5226b78631f8a25eab07594SHA-256: 5a380b1b428df3e9be595910d134026ccfc521d0983477ee3c1d2f9cae60aaa9 freeradius-ldap-3.0.4-7.el7_3.x86_64.rpm     MD5: 4bf09d747577ce1dda88437b17c086eeSHA-256: 8da7c2c2f7406a0cf23a396a50b29af8793d3055681017158fa290ae24280761 freeradius-mysql-3.0.4-7.el7_3.x86_64.rpm     MD5: caf7093d2d0709de3ec9f21a4858b114SHA-256: 7617d687aa3d7b57bf0fc5ad713783431568366de91c7ca7047b2c633d0305ef freeradius-perl-3.0.4-7.el7_3.x86_64.rpm     MD5: 0fd95f2575032c3583b225234ef06b1cSHA-256: 57fe0f68e18003307aa6ea14ec31175e3d71ed98f74e827d6a8569ce73816b01 freeradius-postgresql-3.0.4-7.el7_3.x86_64.rpm     MD5: 7ae05ec955cc1e33ac1b413250eafe15SHA-256: d60bce13100991ada442e837354a4991d7f37d4490f196a786057d6247ceaca2 freeradius-python-3.0.4-7.el7_3.x86_64.rpm     MD5: d65447e7d8d2b01847e10ecb89410dc1SHA-256: bbc0a3e3311b6799c952ae5161724af957025a0e15cdf815d16e104f24092c79 freeradius-sqlite-3.0.4-7.el7_3.x86_64.rpm     MD5: 3cbec77f072cc1b2217fd3a90e80a073SHA-256: 95250b415e278dbd7e4dd180d3139d188ac5ce5701f8fd4a28b2ba0ae381b7af freeradius-unixODBC-3.0.4-7.el7_3.x86_64.rpm     MD5: f35bb9c0457b1e07a55445c2c8f0a664SHA-256: ba5f154ce7cafd8e4074e644c73d27e2c669504bb394bcb38e490458dcc4789f freeradius-utils-3.0.4-7.el7_3.x86_64.rpm     MD5: a92a44d1daa697c379a8964dfd593983SHA-256: 945e3cdd8d9ed66857f7982c2a58a627ff607e0c4f4c926a316fcef6395f5074   Red Hat Enterprise Linux Workstation (v. 7) SRPMS: freeradius-3.0.4-7.el7_3.src.rpm     MD5: 5e96632852397a55278fe7ad2409a29fSHA-256: 59509a3a66c6f70128580d87a3bf62c2f0d6d0ab85091993db83577756c2e27b   x86_64: freeradius-3.0.4-7.el7_3.x86_64.rpm     MD5: 324cd05f4175873056337301f5db3f3cSHA-256: 927a28600dfae5f3e469397e86c4cb1d07f8aff07c61485e723c865a1ba3d28a freeradius-debuginfo-3.0.4-7.el7_3.i686.rpm     MD5: 793281bdb20ce03387f32d67064467f8SHA-256: 91b7bb6fa4db6a526999075cefa33e6ec926f250ac9018dffe31322711bb513b freeradius-debuginfo-3.0.4-7.el7_3.x86_64.rpm     MD5: b066afb30956a2d756d1dada28987ca3SHA-256: c27eecb51018235c2953922d92b74fe179b564d69ac724a0af1914250b04475f freeradius-devel-3.0.4-7.el7_3.i686.rpm     MD5: 5b287335d4ffd19370f94de6e46c5c08SHA-256: 6f1113ce0bdd687ce87b031a53f7a51323ee88ccd9d0fe4fa60607143b1506b8 freeradius-devel-3.0.4-7.el7_3.x86_64.rpm     MD5: a012dea189d9cd4a934af530ba72cebeSHA-256: 62bf24ca618b1570c4a542260beb765cf831a8710d913b4cfee1b23b294862db freeradius-doc-3.0.4-7.el7_3.x86_64.rpm     MD5: 7de564b3f0a1c0746459b0d76f4c8196SHA-256: 8c46cbf09bf6a8c7c259c7a671018b40e8fee8fc72fe179dce3d6230666b7695 freeradius-krb5-3.0.4-7.el7_3.x86_64.rpm     MD5: 02b8e1aba5226b78631f8a25eab07594SHA-256: 5a380b1b428df3e9be595910d134026ccfc521d0983477ee3c1d2f9cae60aaa9 freeradius-ldap-3.0.4-7.el7_3.x86_64.rpm     MD5: 4bf09d747577ce1dda88437b17c086eeSHA-256: 8da7c2c2f7406a0cf23a396a50b29af8793d3055681017158fa290ae24280761 freeradius-mysql-3.0.4-7.el7_3.x86_64.rpm     MD5: caf7093d2d0709de3ec9f21a4858b114SHA-256: 7617d687aa3d7b57bf0fc5ad713783431568366de91c7ca7047b2c633d0305ef freeradius-perl-3.0.4-7.el7_3.x86_64.rpm     MD5: 0fd95f2575032c3583b225234ef06b1cSHA-256: 57fe0f68e18003307aa6ea14ec31175e3d71ed98f74e827d6a8569ce73816b01 freeradius-postgresql-3.0.4-7.el7_3.x86_64.rpm     MD5: 7ae05ec955cc1e33ac1b413250eafe15SHA-256: d60bce13100991ada442e837354a4991d7f37d4490f196a786057d6247ceaca2 freeradius-python-3.0.4-7.el7_3.x86_64.rpm     MD5: d65447e7d8d2b01847e10ecb89410dc1SHA-256: bbc0a3e3311b6799c952ae5161724af957025a0e15cdf815d16e104f24092c79 freeradius-sqlite-3.0.4-7.el7_3.x86_64.rpm     MD5: 3cbec77f072cc1b2217fd3a90e80a073SHA-256: 95250b415e278dbd7e4dd180d3139d188ac5ce5701f8fd4a28b2ba0ae381b7af freeradius-unixODBC-3.0.4-7.el7_3.x86_64.rpm     MD5: f35bb9c0457b1e07a55445c2c8f0a664SHA-256: ba5f154ce7cafd8e4074e644c73d27e2c669504bb394bcb38e490458dcc4789f freeradius-utils-3.0.4-7.el7_3.x86_64.rpm     MD5: a92a44d1daa697c379a8964dfd593983SHA-256: 945e3cdd8d9ed66857f7982c2a58a627ff607e0c4f4c926a316fcef6395f5074   (The unlinked packages above are only available from the Red Hat Network) These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
CVE CVSS base score Summary CVE-2015-5600 6.5 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices withi...
Stop right now and make sure you've configured it correctly The rise in ransomware attacks on MongoDB installations prompted the database maker last week to issue advice on how to avoid being victimized. As of Sunday, security researcher and Microsoft developer Niall Merrigan identified more than 27,000 MongoDB databases seized by ransomware.

By Tuesday afternoon Pacific Time, an online spreadsheet maintained by Merrigan and fellow security researcher Victor Gevers listed 32,643 victims. The attacks involve hackers who copy data from insecure databases, delete the original, and ask for a ransom of a few hundred dollars worth of Bitcoin to return the stolen data back to the owner. MongoDB, like other NoSQL databases, has suffered from security shortcomings for years.

Trustwave called out MongoDB in 2013.
Security researcher John Matherly did so again in 2015. Where MySQL, PostgreSQL, and other relational databases tend to default to local installation and some form of authorization, MongoDB databases are exposed to the internet by default, and don't require credentials immediately by default. MongoDB's post explains "how to avoid a malicious attack that ransoms your data," but it does so by directing database users to take responsibility for configuring the software securely. Veracode CTO Chris Wysopal in a Twitter post argues that software should be secure as soon as it is installed. "Why isn't the MongoDB security checklist the default?" he said. "Software with insecure default configuration is broken." Infosec bod Gevers, in an interview conducted through Twitter direct messages, said he has criticized MongoDB in the past but insisted that the database owner has to take responsibility for software configuration.
It is, he said, "the responsibility of the owner to use it right." Gevers said he believed the growth in poorly configured MongoDB installations was a reflection of time-to-market pressures. "People are happy to follow a tutorial to install a server, but have no idea what they are doing," he said. He also laid some blame on DevOps automation, which makes it trivial to spin up remote servers without necessarily securing them properly. The security researcher advises following MongoDB's security recommendations, or at the very least blocking port 27017 on your firewall or configuring MongoDB to listen only to 127.0.0.1 in /etc/mongodb.conf, and then restarting the database. A spokesperson for New York City-headquartered MongoDB, in an email interview, insisted that MongoDB is not less secure than relational databases like MySQL and PostgresSQL, and pointed to the company's list of security best practices. "MongoDB has the robust security capabilities that one would expect from a modern database," the spokesperson said. "It is the nature of database software that administrators can switch certain options on and off.

This is not specific to MongoDB, and it is important for the way many applications may be developed." Citing the importance of being open-source software, the spokesperson stressed that the company is committed to the community and its contributions. "Being open-source also means that anyone can download the product and deploy it however they want," the spokesperson added. "Ultimately, database security comes down to two things: well made software and responsible use.

For example, with MongoDB Atlas, our production-ready managed database as a service, access control is enabled by default. Users of MongoDB Cloud Manager or Ops Manager can enable alerts to detect if their deployment is internet exposed." ® Sponsored: Want to know more about Privileged Access Management? Visit The Register's hub
Podcast Idol winners rap about Apple, Google DeepMind and more Podcast This week our Podcast Idols Peter Smallbone and Melissa Gurney join Greg and Ed to talk Black Friday, auto shopping, Android encryption and the big AWS show. The details… (0:00) Peter and Melissa assimilate into the podcast (1:35) Raving and Black Friday (8:58) Car shopping and retiring Big Data (17:20) Limitations of Android encryption (26:44) Google DeepMind invades the NHS (34:02) DNA testing kits: Finding out you’re from Azerbaijan (40:36) Sneak peek into AWS re:Invent: PostgreSQL (44:44) Private Cloud mentions at AWS re:Invent? Listen with the Reg player below, or download here. Speaking in Tech: Episode Podcast Subscriber Links Subscribe through iTunesSubscribe through GoogleSubscribe through Stitcher Feed URL for other podcast tools - Juice, Zune, et cetera: http://nekkidtech.libsyn.com/rss Sponsored: Customer Identity and Access Management
Updated spacewalk-backend, spacewalk-java, spacewalk-utils, satellite-schema andspacewalk-schema packages that fix several bugs and add various enhancements arenow available for Red Hat Satellite 5.7. Red Hat Satellite is a systems management tool for Linux-based infrastructure.It allows for provisioning, remote management, and monitoring of multiple Linuxdeployments with a single centralized tool.This update fixes the following bugs:* Prior to this update, uploading a kickstart-profile generated by anaconda onRed Hat Enterprise Linux 6 resulted in a warning message, "This kickstartprofile uses a different type of encryption by default than the root password iscurrently using. You must reset the root password to encrypt it with the newmethod." Satellite now understands sha512-hashed passwords, and the warning nolonger appears. (BZ#1122422)* Prior to this update, the "Inactive Systems" page sorted 'Last Checked In'alphabetically instead of using time order.

This has been fixed and the sort nowbehaves correctly. (BZ#1124809)* Prior to this update, the performance characteristics ofspacewalk-clone-by-date on a Satellite using a PostgreSQL database graduallydeteriorated over time, before suddenly resetting back to more acceptablelevels.

This update adds several tuning-hints to the rhnChannelPackage tablethat allows the PostgreSQL query-analyzer to keep up with rapid changes to thattable, allowing the tool's performance to remain at a consistent acceptablelevel. (BZ#1297610)* Prior to this update, spacewalk-clone-by-date sometimes got stuck in arecursion dependency-checking loop until it failed.

This bug fixes the rootcause of the problem. (BZ#1331023)* Prior to this update, attempting to modify a kickstart URL using thekickstart.profile.setAdvancedOptions command would be ignored.

This has beenfixed. (BZ#1356173)* In a previous erratum, changes were introduced in an attempt to boost thetool's performance.

The performance gain was minor at best, and the changessometimes resulted in incomplete package-lists being copied to the clonedchannel.

This change has been reverted. (BZ#1367915)* In a previous erratum, spacewalk-clone-by-date was modified to allow it tocopy only specific RPMs when required for dependency-resolution, instead ofrequiring the cloning of the entire erratum that delivered those RPMs.

This ledto a variety of subtle dependency-resolution failures in cloned channels.

Thischange has been reverted. (BZ#1369185)* This update enhances the output of spacewalk-clone-by-date to include asummary of any errata cloned for dependency resolution, as well as cleaning upand clarifying the log output sent to /var/log/errata-clone.log. (BZ#1369888)* With this update, a user's timezone and browser locale have been added to thedata gathered by spacewalk-debug as an aid to problem determination.(BZ#1372721)* With this update, a variety of typos and grammar mistakes were fixed in thespacewalk-clone-by-date manual page. (BZ#1382272)Users of Red Hat Satellite are advised to upgrade to these updated packages,which fix these bugs and add these enhancements. Application of this errata involves updating the database schema.For general instructions on the database schema upgrade, consult the followingdocument first: https://access.redhat.com/site/articles/273633Before applying this update, make sure all previously-released errata relevantto your system have been applied.

To apply this erratum, take the followingsteps:* Shut down Red Hat Satellite by running the following command as root:rhn-satellite stop* Backup the database.

For embedded or managed database variants, please consultRed Hat Satellite 5.6 documentation.

For an external database, consult yourdatabase administrator.* Upgrade the errata packages.

Details on how to apply this update are availableat https://access.redhat.com/site/articles/11258* Update the database schema using the spacewalk-schema-upgrade command.

To doso, run as root:spacewalk-schema-upgradeThis process will update your database schema to the latest version.

Thespacewalk-schema-upgrade command will inform you about the results of theupgrade and exact locations of schema upgrade log files.* Restart Red Hat Satellite by running the following as root:rhn-satellite startRed Hat Satellite (v. 5.7 for RHEL 6) SRPMS: satellite-schema-5.7.0.25-1.el6sat.src.rpm     MD5: b0381dd499766b3d9a3d6420fc908d43SHA-256: 112ddf078f2debd07456134a0431a3027a589d0a5db965899bdd39a230fb58f5 spacewalk-backend-2.3.3-45.el6sat.src.rpm     MD5: 0c8b2a36309054fbdea10e747ab9ee80SHA-256: e87ed0c79a0421088da4ad1e6e9df451973f451d0d5aaff869ffe6369075363d spacewalk-java-2.3.8-155.el6sat.src.rpm     MD5: 0ef5309988fb8a61ecc776905c9e5ec9SHA-256: 09e0fc3725ad58db8070d45a124ff6720f2a2b0d989b5d9ba5218871ff298dd7 spacewalk-schema-2.3.2-28.el6sat.src.rpm     MD5: 965accbb8875d27bd564446fdfc7848eSHA-256: 86c3778773c1c837a8031ce46c9a0fff3aec3f1df3565448d77ac151915b82d5 spacewalk-utils-2.3.2-30.el6sat.src.rpm     MD5: 9527454e4048b93891e18a34f1c08295SHA-256: d577ce273935612c4484cd407fc56948c9c333e16afc26d6044b0acea7480170   s390x: satellite-schema-5.7.0.25-1.el6sat.noarch.rpm     MD5: dae96d9782dd52c68fc6fafa36f8a3d1SHA-256: 925579f67cb3da094b90abe1d5c8c1686b6f2c37a0a54c5156f7c69266c97420 spacewalk-backend-2.3.3-45.el6sat.noarch.rpm     MD5: 6b3323b90ff4259f9ee37a64b328cb3bSHA-256: 93b0813ad537b9549299a88599354836203c98ec1060a620584886d9d4043868 spacewalk-backend-app-2.3.3-45.el6sat.noarch.rpm     MD5: 087900b59a2e9e71e497f9eba042f9f1SHA-256: 03857a7ff99cce9b378d05be502dbe2c9fe7d8b66f46629cf4649b715f4dfc36 spacewalk-backend-applet-2.3.3-45.el6sat.noarch.rpm     MD5: 920ffb98b8036ff7e9d4d73bfd2ec62aSHA-256: 233462073bf69053762ef3d18329ab014b09674268b3ab70ff403949e6603e18 spacewalk-backend-config-files-2.3.3-45.el6sat.noarch.rpm     MD5: d5cfa9a9f4744805f1c3e71ea2cbb2e7SHA-256: 72b6b3f32a598b9bbd3ab8aef586b918b93baf8c1c6875ee242e62b63a7aa476 spacewalk-backend-config-files-common-2.3.3-45.el6sat.noarch.rpm     MD5: b8e439b1ce9e9fb10e2f0e16639a5afeSHA-256: fd19cf6ccdc05e17e7c74892f1fc6e7e1ab5bef56563616e9cbac3553cb0ad29 spacewalk-backend-config-files-tool-2.3.3-45.el6sat.noarch.rpm     MD5: e78833c25a8cf814ff87ca6b0bfa74ffSHA-256: 7e2000de3c6f005c7d2fb38258a15683194cf3683617c9a61acf81333ac8dddd spacewalk-backend-iss-2.3.3-45.el6sat.noarch.rpm     MD5: 2d1b2e2c0af0bc5b5669f399f8adc35bSHA-256: a453251637deba736f7bec99aa408478318d2c419047ca5c16c0a2258a643bb8 spacewalk-backend-iss-export-2.3.3-45.el6sat.noarch.rpm     MD5: e2dbf1d54c5c90d8e265a9676238e08dSHA-256: 49e1be5e330e8f0f53de789b3a7d277dc4c3faf36284a2d415bc847a36176348 spacewalk-backend-libs-2.3.3-45.el6sat.noarch.rpm     MD5: 7e2ffd98453a73717438f1f1851a6e86SHA-256: 8fa6fba9d50d52822a3e600ed1014422ae743a6ce48a78aa1ea9446d7d6cb9bc spacewalk-backend-package-push-server-2.3.3-45.el6sat.noarch.rpm     MD5: 9271889f2ed9dc2e6ec610e3a160ac89SHA-256: a2bf4d94cb82e068436bbff84a50dcd2f38af1b2d9f118b68e179c51f989ad59 spacewalk-backend-server-2.3.3-45.el6sat.noarch.rpm     MD5: cb4ba5c4f450aa9d49771e661b763f62SHA-256: 5d625a335fc4bf2c5d83141f21b75a46758908c6790d4042e6369eea3b88a3fb spacewalk-backend-sql-2.3.3-45.el6sat.noarch.rpm     MD5: 1426251c860819050343eee6f2a6f89cSHA-256: d0250318b31dec97ed502ebcc08fb32d8bffa1df9cf1896001cf8865ac8b9637 spacewalk-backend-sql-oracle-2.3.3-45.el6sat.noarch.rpm     MD5: 73183df02a2da47cfa9bb54019cf48d1SHA-256: 3bfd887221397b06acd520cefdf0ec73d2c9a977fd89a1a69ab0f0d5ec56e26c spacewalk-backend-sql-postgresql-2.3.3-45.el6sat.noarch.rpm     MD5: 39674cd0345394a34866b42fe56ecfe1SHA-256: 9c06c911dcc7367057cf4e3e6522985704396ca57523a8ec99c2e1b1afe81e15 spacewalk-backend-tools-2.3.3-45.el6sat.noarch.rpm     MD5: 099a8dd355be136099568c7d3981a60bSHA-256: 6d0eb7081c157ea86d76516666d17193caf44d980a8f5f0ae9dec59d9eb15c91 spacewalk-backend-xml-export-libs-2.3.3-45.el6sat.noarch.rpm     MD5: 6884fc7440210f33b5201e2610f08024SHA-256: fba1412c5f72e3a962d0d9960557c57e1ea4f19ac5d0217920b3f506f0fc4d66 spacewalk-backend-xmlrpc-2.3.3-45.el6sat.noarch.rpm     MD5: fb6905715ca39c95ea77dbb489f61827SHA-256: 4dcf326ac6134bc93a25274510562c62922705f20d70f3372b2be8703aef9ad7 spacewalk-java-2.3.8-155.el6sat.noarch.rpm     MD5: 74eef689118481f5165e6c7e5ea55084SHA-256: e7c88e3cfb76abbb9847a222f250149944e3a3323566d8e7d350dd52ef34a895 spacewalk-java-config-2.3.8-155.el6sat.noarch.rpm     MD5: 6e969960578860e407be656b53248129SHA-256: d9a82721d091f3c2808a7a75072489b868fa72c4717401202aefb3784980cd56 spacewalk-java-lib-2.3.8-155.el6sat.noarch.rpm     MD5: 852cd539cebb425aec40f49e3a4d3273SHA-256: 8981930f89eda9c2d914b83a78ae517b2e410807ef97e0e18ec5dca085f16bce spacewalk-java-oracle-2.3.8-155.el6sat.noarch.rpm     MD5: 6e5567868e84bfd153ed5617da3539afSHA-256: 9de3d7547485e67110b42d5f264ab9109a4a7b56dcd5a6ff533e2f93edb4baf1 spacewalk-java-postgresql-2.3.8-155.el6sat.noarch.rpm     MD5: b4bc80f77987ae593b70cb953c149496SHA-256: f21567f3de05fb50a6e40fb63e2b7c1faa2e203d2a5401525f0b0ea623536fad spacewalk-schema-2.3.2-28.el6sat.noarch.rpm     MD5: 02120c992241155983650738662b6bdfSHA-256: 9572659e5eb7cdac47312c7bf7c7c512c9ee1794204a2db268f21563ba423ddf spacewalk-taskomatic-2.3.8-155.el6sat.noarch.rpm     MD5: 60c7437c7eafe6beb7952c746da41307SHA-256: ae0fdcd2dc8602f0ffd7f18279ec0c83c3b3f7a38b6451ce6363db49bdbfa0f0 spacewalk-utils-2.3.2-30.el6sat.noarch.rpm     MD5: 6ddcd952df856c730913e4869c85b14fSHA-256: 25cf9344d38ee7991a850cc414690977073a874dc05c956f588617f480158ea0   x86_64: satellite-schema-5.7.0.25-1.el6sat.noarch.rpm     MD5: dae96d9782dd52c68fc6fafa36f8a3d1SHA-256: 925579f67cb3da094b90abe1d5c8c1686b6f2c37a0a54c5156f7c69266c97420 spacewalk-backend-2.3.3-45.el6sat.noarch.rpm     MD5: 6b3323b90ff4259f9ee37a64b328cb3bSHA-256: 93b0813ad537b9549299a88599354836203c98ec1060a620584886d9d4043868 spacewalk-backend-app-2.3.3-45.el6sat.noarch.rpm     MD5: 087900b59a2e9e71e497f9eba042f9f1SHA-256: 03857a7ff99cce9b378d05be502dbe2c9fe7d8b66f46629cf4649b715f4dfc36 spacewalk-backend-applet-2.3.3-45.el6sat.noarch.rpm     MD5: 920ffb98b8036ff7e9d4d73bfd2ec62aSHA-256: 233462073bf69053762ef3d18329ab014b09674268b3ab70ff403949e6603e18 spacewalk-backend-config-files-2.3.3-45.el6sat.noarch.rpm     MD5: d5cfa9a9f4744805f1c3e71ea2cbb2e7SHA-256: 72b6b3f32a598b9bbd3ab8aef586b918b93baf8c1c6875ee242e62b63a7aa476 spacewalk-backend-config-files-common-2.3.3-45.el6sat.noarch.rpm     MD5: b8e439b1ce9e9fb10e2f0e16639a5afeSHA-256: fd19cf6ccdc05e17e7c74892f1fc6e7e1ab5bef56563616e9cbac3553cb0ad29 spacewalk-backend-config-files-tool-2.3.3-45.el6sat.noarch.rpm     MD5: e78833c25a8cf814ff87ca6b0bfa74ffSHA-256: 7e2000de3c6f005c7d2fb38258a15683194cf3683617c9a61acf81333ac8dddd spacewalk-backend-iss-2.3.3-45.el6sat.noarch.rpm     MD5: 2d1b2e2c0af0bc5b5669f399f8adc35bSHA-256: a453251637deba736f7bec99aa408478318d2c419047ca5c16c0a2258a643bb8 spacewalk-backend-iss-export-2.3.3-45.el6sat.noarch.rpm     MD5: e2dbf1d54c5c90d8e265a9676238e08dSHA-256: 49e1be5e330e8f0f53de789b3a7d277dc4c3faf36284a2d415bc847a36176348 spacewalk-backend-libs-2.3.3-45.el6sat.noarch.rpm     MD5: 7e2ffd98453a73717438f1f1851a6e86SHA-256: 8fa6fba9d50d52822a3e600ed1014422ae743a6ce48a78aa1ea9446d7d6cb9bc spacewalk-backend-package-push-server-2.3.3-45.el6sat.noarch.rpm     MD5: 9271889f2ed9dc2e6ec610e3a160ac89SHA-256: a2bf4d94cb82e068436bbff84a50dcd2f38af1b2d9f118b68e179c51f989ad59 spacewalk-backend-server-2.3.3-45.el6sat.noarch.rpm     MD5: cb4ba5c4f450aa9d49771e661b763f62SHA-256: 5d625a335fc4bf2c5d83141f21b75a46758908c6790d4042e6369eea3b88a3fb spacewalk-backend-sql-2.3.3-45.el6sat.noarch.rpm     MD5: 1426251c860819050343eee6f2a6f89cSHA-256: d0250318b31dec97ed502ebcc08fb32d8bffa1df9cf1896001cf8865ac8b9637 spacewalk-backend-sql-oracle-2.3.3-45.el6sat.noarch.rpm     MD5: 73183df02a2da47cfa9bb54019cf48d1SHA-256: 3bfd887221397b06acd520cefdf0ec73d2c9a977fd89a1a69ab0f0d5ec56e26c spacewalk-backend-sql-postgresql-2.3.3-45.el6sat.noarch.rpm     MD5: 39674cd0345394a34866b42fe56ecfe1SHA-256: 9c06c911dcc7367057cf4e3e6522985704396ca57523a8ec99c2e1b1afe81e15 spacewalk-backend-tools-2.3.3-45.el6sat.noarch.rpm     MD5: 099a8dd355be136099568c7d3981a60bSHA-256: 6d0eb7081c157ea86d76516666d17193caf44d980a8f5f0ae9dec59d9eb15c91 spacewalk-backend-xml-export-libs-2.3.3-45.el6sat.noarch.rpm     MD5: 6884fc7440210f33b5201e2610f08024SHA-256: fba1412c5f72e3a962d0d9960557c57e1ea4f19ac5d0217920b3f506f0fc4d66 spacewalk-backend-xmlrpc-2.3.3-45.el6sat.noarch.rpm     MD5: fb6905715ca39c95ea77dbb489f61827SHA-256: 4dcf326ac6134bc93a25274510562c62922705f20d70f3372b2be8703aef9ad7 spacewalk-java-2.3.8-155.el6sat.noarch.rpm     MD5: 74eef689118481f5165e6c7e5ea55084SHA-256: e7c88e3cfb76abbb9847a222f250149944e3a3323566d8e7d350dd52ef34a895 spacewalk-java-config-2.3.8-155.el6sat.noarch.rpm     MD5: 6e969960578860e407be656b53248129SHA-256: d9a82721d091f3c2808a7a75072489b868fa72c4717401202aefb3784980cd56 spacewalk-java-lib-2.3.8-155.el6sat.noarch.rpm     MD5: 852cd539cebb425aec40f49e3a4d3273SHA-256: 8981930f89eda9c2d914b83a78ae517b2e410807ef97e0e18ec5dca085f16bce spacewalk-java-oracle-2.3.8-155.el6sat.noarch.rpm     MD5: 6e5567868e84bfd153ed5617da3539afSHA-256: 9de3d7547485e67110b42d5f264ab9109a4a7b56dcd5a6ff533e2f93edb4baf1 spacewalk-java-postgresql-2.3.8-155.el6sat.noarch.rpm     MD5: b4bc80f77987ae593b70cb953c149496SHA-256: f21567f3de05fb50a6e40fb63e2b7c1faa2e203d2a5401525f0b0ea623536fad spacewalk-schema-2.3.2-28.el6sat.noarch.rpm     MD5: 02120c992241155983650738662b6bdfSHA-256: 9572659e5eb7cdac47312c7bf7c7c512c9ee1794204a2db268f21563ba423ddf spacewalk-taskomatic-2.3.8-155.el6sat.noarch.rpm     MD5: 60c7437c7eafe6beb7952c746da41307SHA-256: ae0fdcd2dc8602f0ffd7f18279ec0c83c3b3f7a38b6451ce6363db49bdbfa0f0 spacewalk-utils-2.3.2-30.el6sat.noarch.rpm     MD5: 6ddcd952df856c730913e4869c85b14fSHA-256: 25cf9344d38ee7991a850cc414690977073a874dc05c956f588617f480158ea0   (The unlinked packages above are only available from the Red Hat Network) 1356173 - kickstart.profile.set_advanced_options does not update kickstart file1367915 - spacewalk-clone-by-date may not clone all packages correctly1369185 - spacewalk-clone-by-date *must* clone errata when needed for dependency resolution1369888 - Recent clone-by-date logging changes incomplete1372721 - collect users timezone and browser locale options to spacewalk-debug1382272 - Typo in spacewalk-clone-by-date man page These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
Updated cfme packages that fix bugs and add various enhancementsare now available for Red Hat CloudForms 4.1.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section. Red Hat CloudForms Management Engine delivers the insight, control,and automation needed to address the challenges of managing virtualenvironments. CloudForms Management Engine is built on Ruby on Rails,a model-view-controller (MVC) framework for web applicationdevelopment. Action Pack implements the controller and the viewcomponents.* An input validation flaw was found in the way CloudForms regularexpressions were passed to the expression engine via the JSON API and theweb-based UI. A user with the ability to view collections and filter themcould use this flaw to execute arbitrary shell commands on the host withthe privileges of the CloudForms process. (CVE-2016-7040)This issue was discovered by Tim Wade (Red Hat).Additional Changes:This update fixes bugs and adds various enhancements.Documentation for these changes is available in the Release Notes linkedto in the References section.All CFME users are advised to upgrade to these updated packages, whichcorrect these issues and add these enhancements. Before applying this update, make sure all previously released erratarelevant to your system have been applied.For details on how to apply this update, refer to:https://access.redhat.com/articles/11258Red Hat CloudForms 4.1 SRPMS: cfme-5.6.2.1-1.el7cf.src.rpm     MD5: 89572e8486cea08263785597bdfbc0afSHA-256: bc44d158abc61656e0cb91a60f27f960d3bc133f8a2878b68b6e97e797ea22d8 cfme-appliance-5.6.2.1-1.el7cf.src.rpm     MD5: b3c5ba11bfce7b5bb880637ae958dbebSHA-256: aeb5b894d50215e58099d3e9077bfe929a613344be4372f9cd590a98e5db724c cfme-gemset-5.6.2.1-1.el7cf.src.rpm     MD5: 294f0ba500b938ed7a9e6a7854276022SHA-256: d31a74dd4512d28b19f878d0089cb6b5205eb38b0f7a91e0eaeb08efaa0f5432 rh-ruby22-rubygem-nokogiri-1.6.8-1.el7cf.src.rpm     MD5: 987d269d305ce6b5b0707c773bfbfde4SHA-256: 359c25623c2ac3c8a1a3b67237f7b234b6b585e1f6393ce9512b7438d1d3704f rh-ruby22-rubygem-pkg-config-1.1.7-1.el7cf.src.rpm     MD5: 4ccc899d9fc7566fb87b483d324138a2SHA-256: c7185f33d1479f4ca2c7828b3dad2787b6051f8cf7d91127ec889bed8c20abb8 rh-ruby22-rubygem-thin-1.7.0-1.el7cf.src.rpm     MD5: c2b632982f988492d7b2a60c4f2115e8SHA-256: 3c49e958de179d6f6a970601a34e5c8a4b1c048398221eb2911b438feec68333   x86_64: cfme-5.6.2.1-1.el7cf.x86_64.rpm     MD5: f44a16be40b53bfd0ddc30c7efd9a3f0SHA-256: 184a87fe0a7115bae4ba47602d568d64a60d45ca5997b5b4499f26d5faf3feaf cfme-appliance-5.6.2.1-1.el7cf.x86_64.rpm     MD5: 41796182ab044650036fb67ce9024dd0SHA-256: a9df3744fb333988ee6020dbe8c899ebb09a8da4e312dc0c51bc9e4d67559de3 cfme-gemset-5.6.2.1-1.el7cf.x86_64.rpm     MD5: a9ad53e5d7c51a425e9dbb1689472178SHA-256: 449d34f8aae1cd858bf360f5e7ad14c6e48971a6d89fcea499deeab4b3e0c6be rh-ruby22-rubygem-nokogiri-1.6.8-1.el7cf.x86_64.rpm     MD5: 70a302fcc119d189f2c6008b64416ed1SHA-256: d1b263246254921445b4fe514d16d4b0b33b4d2f6044a09d21aefd11c3266cd8 rh-ruby22-rubygem-pkg-config-1.1.7-1.el7cf.noarch.rpm     MD5: f71dc8b43f55ebb00fc7e1ed0e48e21aSHA-256: 288a31b71ad41c60c68b97249ad5e32f220eb501a39babb2751446c92614cf8f rh-ruby22-rubygem-pkg-config-doc-1.1.7-1.el7cf.noarch.rpm     MD5: 1b9db3e37bf119a93fc00163833df3f8SHA-256: 1f69fe30fcf771f39aff88cb7c782b45e4ff711cd7c86fe80997e8f70979a556 rh-ruby22-rubygem-thin-1.7.0-1.el7cf.x86_64.rpm     MD5: ec0b655f82936ad2b579772b07e10188SHA-256: 60dd1b5a87bd59e6f2d8901d5304a6735cdec35062f8ebb76ea273b6f800a4c0   (The unlinked packages above are only available from the Red Hat Network) 1337552 - Common datastore across multiple vcenter causes inventory confusion for provisions1337577 - service requests don't show dynamic drop down selections1343517 - When using external auth and removing a user from all groups the user's groups are not updated and he is still able to log-in to CFME Web-UI1343717 - Openstack cloud provider - when using Keystone v3 domain for registration we need to ignore the projects that the user doesn't have access to1343719 - Provisioning from RHEVM 3.6 template loses template boot sequence1346953 - [RFE] Unable to set number_of_vms in non-generic service catalog items1346989 - [RFE] Keystone domains support1346990 - VM refreshes are failing but the message status from each of the EmsRefresh.refresh commands shows 'ok' in error1347278 - [RFE] - lifecycle button missing from cloud images1347330 - [ja_JP] Translations are missing in 'Compute'-'Clouds' menu and its sub menus1347692 - [ja_JP] Translation issues on cloud intelligence->chargeback->assignments page.1348631 - CPU Right Size recommendations only take into account CPU sockets, not cores per socket1348637 - [ja_JP] Translation issues observed on cloud intelligence->Reports->reports page.1348644 - [ja_JP] Translation issues on Services -> Requests page1348648 - [ja_JP] Translations are missing in Compute-Services menu1348649 - [ALL LANG] All contents are unlocalized under Control->Log.1349059 - [ja_JP] Translations are either misplaced or missing on Settings->Configuration->Settings1349423 - Dynamic Dropdown list of AWS instance Type for AWS GovCloud seems to be returning instance types that are not supported by AWS GovCloud1351332 - [RFE] [SDN] - No providers tags relations displayed in Tolopogy1352016 - Missing policy button on some of the Network Manager Relationship pages1353291 - String interpolations must not be present in toolbar definitions1354503 - OSP refresh fails with Policy doesn't allow os_compute_api:os-availability-zone:detail to be performed.1357865 - RHEV VM Reconfigure: Set memory to a size smaller than guaranteed memory fail1358323 - In Networks menu should all names in plural1361175 - Error when canceling orchestration stack retirement form1361176 - [RFE] Chargeback of containers based on tags1361178 - Cannot Cancel Smart State Analysis of Container that is not completing -1361693 - Advanced search in workloads expression element "Registry" hides select bar for element type1362227 - Clicking on Reset button while editing a provider throws error message in UI for firefox browser1362627 - [RFE] Allow reporting relationship between OpenShift pods and the image they run1362631 - Maintain uniformity in dropdown values in japanese locale1362634 - Package/Application icon in CloudForms looks like Apple AppStore logo1362704 - Stack : Link " ManageIQ/Providers/Cloud Manager/Orchestration Stacks" shows "Page does not exists"1363753 - SSUI : All languages are not shown in SSUI login dropdown1363754 - [RFE] 'LDAP Group Look Up' string needs to changed to 'External auth Group Look Up' when auth mode is set to external(httpd)1363891 - Datastores: " ActionController::RoutingError " when clicking on reload button1364222 - Accessing the tags method of an MiqAeServiceLan object results in a NoMethodError exception1364501 - Customer reporting growth of sessions table to an enormous size and postgresql logs don't indicate any auto-vacuum activity is happening1366358 - SSUI: logo not displayed on login screen1366596 - Container SSA results are aggregated instead of updated1366597 - unable to tag datastores via rest api or UI1366598 - Failed container scanning job does not timeout1366599 - Image List shows "Unknown image source" for images1368165 - Start date for report schedule is set to tomorrow1368167 - Service provisioning messages overlapped in self service ui1368168 - Editing RHEVM has default API Port 5000 in UI even though no port was set when creaing1368170 - GCE instance was retired, but was not power off1369583 - [Configuration management Jobs] - Wrong title of downloaded files1370196 - LDAP group lookup fails with json UTF conversion errors1370198 - Cloud tenant and AZ from overcloud show up in undercloud relationships1370202 - page doesn't exist after session timeout on provider timeline page1370208 - Unable to authenticate to RHEV provider after migration from cfme-5.4.4.2 (3.2) to cfme-5.6.0.13 (4.1)1370209 - Request to restore diagnostic functionality critical to support (ie, current appliance settings) removed in the CFME 4.11370211 - Azure: undefined method `downcase'1370216 - Azure provider fails EMS refresh1370309 - missing rights to show AWS security groups caused null1370310 - add support for secondary fixed IP addresses for AWS ENI interfaces1370476 - No html Id's defined for the bootstrap switches in manage quota form1370478 - "unexpected token at ..." error when validating Tower which returns internal server error 5001370480 - Incorrect name is used for default Azure provider during discovery1370481 - Catalog item becomes corrupt after removing template it was using1370488 - Changing default instance_name in custom button from "Automation" to "Request"1370568 - METHOD:: does not accept a full path to a method1370569 - VMware folder support showing more than just folders1370574 - Errno::ETIMEDOUT: Connection timed out on Azure at gallery.azure.com1370575 - Region description doesn't change1370586 - Multi-rate chargeback report can not be queued.1371174 - After adding generic/orchestration catalog item infinispinner and 502 error(appliance crashed)1371267 - Unable to get to Topology link in breadcrumb trail on Network Manager entities page1371268 - [RFE] Add Global filters for RHEV block datastores1371269 - C&U collection tab can sometimes be blank1371270 - Cloud network manager availability zones back button redirects me to cloud provider1371272 - unable to use {nil => "<default>"} with self provisioning when selecting dialog_tenant_name1371311 - [Ansible Tower] Provider cannot be removed when selected from accordion tree1371640 - [RFE] Create AWS EC2 appliance1371666 - [ja_JP, zh_CN] Need to translate the title and tool-tips on Control -> Log page.1371668 - [ja_JP, zh_CN] Need to translate drop-down config. menu options on Compute -> Containers -> Providers1371669 - [ja_JP, zh_CN] Need to translate menu options under configuration on Networks -> providers.1371670 - [ja_JP, zh_CN] Need to translate drop-down options and some strings on Optimize -> Planning page.1371671 - [ja_JP, zh_CN] Need to translate strings on Automate -> Requests page1371979 - Error:undefined method `size' for nil:NilClass when clicked on cloud provider after deleting network manager1371980 - Automation Method Error When Accessing 'host'/'hosts' From a Switch1371981 - Type Template/VM filter under VMs is useless1372413 - UI: Inconsistent behavior when adding duplicate provider; infra provider X configuration manager1372775 - Refresh Configuration Management Provider does not work when selected from the explorer tree1372801 - Add ability to swap the default threaded puma web server for thin1374377 - [RFE] Reporting on OpenShift Custom Labels1374420 - multiple ip address for the same network_port_id for openStack provider1374423 - Select button options " By Infrastructure providers" and "All VMs" should be renamed1374450 - Compliance check history isn't shown if compliance policy is unconditional1374695 - Multi-tenancy - tenant name not renamed in Set group ownership dropdown menu1374696 - Adding rhevm infrastrcture provider and filling in bad IP bad user/pass error1374815 - Error on Azure Cloud Discovery: wrong number of arguments1375205 - SSUI displays "null" for azure resource group or fails if <new resource group> is selected1375311 - validate_request for cloud does not include support for flavors1375326 - Providers quick search should have searched string in brackets next to the title like all other pages1375330 - Azure provisioning missing pre and post methods.1375343 - Upgrade azure-armrest to 0.2.9.1376010 - Amazon Image details doesn't open1376130 - Utilization tree remembers selected node1376132 - :cold_sweat: Don't include AvailabilityMixin into Object, that's really bad1376137 - Fix report scheduler timer_types1376138 - Change column type of cpu_cores_used_cost in reports to currency1376139 - Fixed port_scan.rb file and related changes1376140 - Memoize image_path helper in build_tags_tree1376141 - Add single select false to guest access pair options on EC21376143 - Move _('locale_name') to Vmdb::FastGettextHelper1376144 - ChargebackContainerProject - Filter project by tag1376146 - Discrepancy in objects count in Containers Overview following Provider overview1376147 - Re-check Authentication button for Providers in the GTL view1376150 - Fix the toolbar button tooltip for Providers in GTL view1376151 - Container Chargeback report: Rate Range by Project1376153 - Update x1.32xlarge to enhanced and clustered networking.1376154 - Replace corrupted PNGs1376155 - cap&u dont puke when _debug1376157 - SSUI : language : Shopping cart validation message needs to switch language when one is selected1376158 - Update gettext catalogs from Zanata1376159 - Use Rails version 5.0.0.1 or higher1376160 - Relationships filter_by_resource_type scope1376161 - Azure - Enhanced C&U support1376162 - Azure cache1376163 - Move join region logic into a rake task1376164 - recent version of draper gem1376165 - Changing default instance_name in custom button from "Automation" to "Request"1376167 - Reworked building VMware nested datacenter folders in factory girl1376168 - Fix Caching Issues for MiqDiskCache Module1376169 - Show provider status color by bearer type authentication on container topology1376170 - Multi endpoints dialog message1376171 - Update required ovirt_metrics version1376172 - BAT Handling in Checkpoint Disks Issues1376173 - With the updated net-ldap 0.14.0, Net::LDAP:LdapError is no longer used.1376174 - Make connection_configuration respect the default authentication type1376175 - ArVirtual - Ownership uses virtual attributes / delegates1376176 - Modify Azure Runner to use existing EMS1376177 - Take 2: Speed up "VMs & Instances in My LDAP Group" filter in /vm_or_template/explorer1376178 - Allow more than one iso datastore per type of EMS1376513 - Unexpected error when clicked on service request1376520 - service template provision tasks failing in check provision method1376528 - [RHV 4.0] Provision VM ends up with "Validating New Vm" endless retries1376557 - Clicking Automate triggers an error.1376574 - Azure Enterprise Agreement subscriptions not catching events1377416 - Unknown Error while refreshing Azure1377420 - [ja_JP, zh_CN] User login credentials verification fail message is not localized These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
Brazilian cybercriminals are notorious for their ability to develop banking trojans but now they have started to focus their efforts in new areas, including ransomware. We discovered a new variant of a Brazilian-made ransomware, Trojan-Ransom.Win32.Xpan, that is being used to infect local companies and hospitals, directly affecting innocent people, encrypting their files using the extension “.___xratteamLucked” and asking to pay the ransom. The Kaspersky Anti-Ransom team decrypted the Xpan Trojan, allowing them to rescue the files of a Hospital in Brazil that had fallen victim to this Ransomware family. Actually, this is not the first ransomware to come out of Brazil.
In the past, we investigated TorLocker and its flawed encryption, which was created and negotiated worldwide by a Brazilian cybercriminal. We also saw a lot of copycats use HiddenTear in local attacks.

Trojan Ransom Xpan was created by an organized gang, which used targeted attacks via RDP that abused weak passwords and wrong implementations. In this post, we’ll explain this new Ransomware family and how Brazilian coders are creating new ransomware from scratch. The group behind the attack The group identifies itself as “TeamXRat“and “CorporacaoXRat“.(Translating from Portuguese to English as “CorporationXRat”) Their first ransom trojan consisted of using a simple XOR based encryption, described by some victims here (most of the victims are from Brazil).

The new version of Xpan Ransomware shows that the cybercriminals behind it have improved the code to make it more complex, also switching the encryption scheme. The ransom texts used by the group are written in Portuguese from Brazil.

The messages do not inform how much the victim has to pay to retrieve their files, nor the payment method required (which is usually Bitcoins).
Instead, they instruct the victim to send an email to one of the anonymous email services Mail2Tor or Email.tg.

For example, corporacaoxrat@mail2tor.com, xRatTeam@mail2tor.com and xratteam@email.tg providing the public key used by the ransomware to encrypt the files. Older versions of this ransomware also used e-mail accounts from another Email service – Protonmail, such as corporacaoxrat@protonmail.com, currently deactivated. When the victim gets in touch with the group, they start to negotiate the ransom payment.

All communication is in Portuguese and they request 1 btc (about 603 USD) to decrypt the files.

The group also claims that the payment is a “donation” arguing that “they exploited flaws in your system and carried out the attack in order to make sure you increase your security”.

Finally, the cybercriminals also offer to decrypt one file for free: “For me only the ‘donation’ is important. Not your files.
If your files are important to you, I advise you to make the donation; otherwise, you’ll lose all your files”
Xpan, how it works The sample is UPX packed. Once executed it checks the default language of the infected system set in the following registry key: HKLM\SYSTEM\CONTROLSET001\CONTROL\NLS\LOCALE In addition, it’s able to query local time and obtain the computer name from the registry using several commands like net.exe, sc.exe, and taskkill.exe.
Interestingly, it also deletes any Proxy setting defined in the system, located in: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONEMAP. Since the targets are companies and corporations, the group might use proxies blocking access to certain Web resources.
It is highly probable that this technique is used to “set victim’s free” while emailing the attackers or accessing BTC resources online. After completing its execution, the ransomware displays the following image in the affected system: “All your files were encrypted using a RSA 2048 bits encryption” The sample is written in C++ and uses STL, being built as a console application.

During the lenght of its execution, it logs all its actions to the console, only to clear it once the encryption process has finished. The operation of this malware is ‘guided’ by the configuration data block stored inside the body of the Trojan: Decrypted configuration block The configuration contains the following details: Drive letters which will be processed; Blacklisted substrings: the files whose path contain any of these strings will not be encrypted; Ransomware text message for the victim; Extension of the encrypted files (in this case, .____xratteamLucked); Name of the file with ransom notes; Console commands to be executed prior to the process of file encryption; Console commands to be executed after the encryption; A public RSA-2048 key in the MSBLOB format. Part of the pseudocode of the main procedure From Xorist to Xpan A previous ransomware sample that was believed to be part of the TeamXRat ransomware campaign used a simple encryption algorithm known as TEA (or Tiny Encryption Algorithm).

After comparing this original version (dubbed Xorist) against this new Xpan variant, we could observe that now they are using an AES-256 encryption scheme. Xorist ransomware TEA constant Xpan ransomware now has evolved to use AES-256 encryption Xorist Xpan Will automatically start when user is logged in.
It uses the following registry key for persistence: SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run No persistence used. Tiny Encryption Algorithm AES-256 ASM, MS Linker C++, MinGW compiler Includes a list of files that are to be encrypted. Will encrypt everything except .exe and .dll files and files with blacklisted substrings in the path. The developers have clearly shifted their development procedures in the Xpan malware.
It’s typical for cybercriminals to evolve their techniques once a decryption method has been found for their ransomware, or that specific variant is widely detected. List of file extensions that Xorist ransomware will search and encrypt File Encryption The trojan uses the implementation of cryptographic algorithms provided by MS CryptoAPI.

The files are encrypted by AES-256 in CBC mode. There are 2 known versions of this trojan that can be distinguished by their extensions.

The 1st one uses “___xratteamLucked” (3 ‘_’ symbols) and the second one – “____xratteamLucked” (4 ‘_’ symbols). These 2 versions employ different techniques to encrypt the files, which we will describe in more detail. Version 1 (3 ‘_’ symbols in the extension) The trojan generates a single 255-symbol password for all files.

This password is encrypted by RSA-2048 and put into the ransom note (concatenated with the public key).

Then the trojan produces a 256-bit key from this password using the API CryptDeriveKey; this key will be used to encrypt all files. When processing each file, the malware adds the string ‘NMoreira’ to the beginning of the original file and encrypts the file content by 245-byte blocks using the AES-256 algorithm in CBC mode.

Each block is additionally XOR’ed with a random byte which is stored before the padding of the corresponding block. Version 2 (4 ‘_’ symbols in the extension) For each file, the trojan generates a new 255-symbol password, encrypts this password by RSA-2048 and puts this data into the beginning of each encrypted file.

Then, the trojan produces a 256-bit key from this password using the API CryptDeriveKey, and uses this key to encrypt the original file content (AES-256 CBC). File search and encryption is carried out by multiple threads, each thread processes its disk. Ransomware in action: console output inform the files encrypted After encryption is completed, the malware will change the wallpaper in the desktop and display this file, with the ransom note: The ransom note, in Portuguese Before encrypting the data in the affected system, the ransomware executes the following commands, aiming to stop popular database services, to be sure that database files will be encrypted as well, so they cause a greater damage to the victim: echo Iniciando pre comandos echo Parando Firbirdsc config FirebirdServerDefaultInstance start=disabledtaskkill /IM fb_inet_server.exe /Fnet stop FirebirdServerDefaultInstance echo parando SQL SERVE taskkill /IM sqlservr.exe /Fsc config MSSQLSERVER start=disabledsc config MSSQL$SQLEXPRESS start=disablednet stop MSSQLSERVERnet stop MSSQL$SQLEXPRESS echo parando poostgreetaskkill /IM pg_ctl.exe /Fsc config postgresql-9.0 start=disablednet stop postgresql-9.0 After the execution, the ransomware deletes itself from the system, to remove the original infector: @echo off  goto Delete  :WaitAndDelete  @timeout 5  :Delete  @del “path\sample_name.exe”  if exist “path\sample_name.exe”  goto WaitAndDelete  @del %0 After the encryption has finished, the trojan modifies the registry to add a custom handler for the action of double-clicking on any of the encrypted files.

As a result, when the victim clicks on a file with the extension “.____xratteamLucked“, the command stored in the registry is executed, and this command shows the ransom notes in a new window using msg.exe (a standard utility which is a part of Windows distribution). Windows Registry modified by the ransom How they attack Most of the attacks performed by TeamXRat are performed manually, installing the ransomware in the hacked server.

To achieve that, they perform RDP (Remote Desktop Protocol) brute force attacks.

Connecting remote desktop servers directly to the Internet is not recommended and brute forcing them is nothing new; but without the proper controls in place to prevent or at least detect and respond to compromised machines, brute force RDP attacks are still relevant and something that cybercriminals enjoy. Once the server is compromised, the attacker manually disables the Antivirus product installed on the server and proceeds with the infection itself. We are also aware that vulnerabilities such as MS15-067 and MS15-030 in the RDP protocol, which allow remote code execution if an attacker sends a specially crafted sequence of packets to a targeted system, can be used by cybercriminals if a server is not patched and exposed to attacks. As we saw in the recent xDedic research, vulnerable servers with exposed RDP connections are very valuable assets in the hands of cybercriminals. Not surprisingly, Brazil was the country with the most compromised servers being offered in the underground market to any cybercriminal. xDedic: compromised Brazilian RDP servers were available in the underground market Decryption: we can help! If the victim pays the ransom, the cybercriminals will send this tool to decrypt the files: Decryption tool sent by the bad guy after payment But the good news is that the Kaspersky Anti-Ransom team was able to break the encryption used by the Xpan Trojan.

This effort made possible the decryption of files belonging to a Hospital in Brazil, which was hit by this Ransomware family. If you’re a victim of this new Ransomware family and need help to decrypt your files, please DON’T PAY the ransom.
Instead, contact us via support. Conclusion As we can see, Brazilian bad guys are now diversifying their “business” with new ransomware families developed from scratch, abandoning older versions that used XOR encryption and adopting new, more robust encryption algorithms.

This is a clear signal that they have started to explore new schemes with new targets and newer types of attacks. As we forecasted in the beginning of this year, we expect ransomware attacks to gain ground on banking trojans and to transition into other platforms. Ransomware has two advantages over traditional banking threats: direct monetization using an anonymous payment system (usually Bitcoin), and relatively low cost per victim.

Certainly, this is very attractive to Brazilian crooks, well-known for their banking trojans development.

Brazilian law enforcement is very good at catching criminals (although they are not always convicted and imprisoned) by “following the money”, something that we know it’s not entirely possible for Bitcoin payments. We detect this new threat asTrojan-Ransom.Win32.Xpan.a and PDM:Trojan.Win32.Generic. We’ll keep an eye out or new variants, which surely will appear from same or other threat actors. MD5 reference: 34260178f9e3b2e769accdee56dac793