Open SourceUpgrading the Linux kernel 3.0.69, 3.4.36 and 3.8.3 with vulnerabilities  fixes. Update ClamAV 0.97.7 and Puppet 3.1.1/2.7.21/2.6.18 with security fixes. Release of Wine 1.5.26.

Upgrading the Linux kernel 3.0.69, 3.4.36 and 3.8.3

Presented next corrective releases kernel Linux: 3.0.69 (patch 21) 03/04/36 (40 patches) and 3.8.3 (105 patches). As usual, in the announcement of new versions emphasizes mandatory update.

In release 3.8.3 fixed yesterday announced a vulnerability in the implementation of the namespace for non-privileged users, which allows local users to get the right root. In addition to plug the leak of information through the crypto API and fixed vulnerability (CVE-2013-1792) in the implementation keyctl, local users to cause a kernel crash. Of subsystems, which are included in non-security changes, you can note a large portion of patches in the subsystems USB, ALSA, dm (device-mapper) and drm/i915, as well as single patch in xen, kvm, efi, vfs, Btrfs, Ext4, mfd, md/raid1, md/raid10, e1000e, mac80211, CIFS, drm / radeon, ath9k, NFS.

Update ClamAV 0.97.7 and Puppet 3.1.1/2.7.21/2.6.18

Went corrective release free anti-virus package ClamAV 0.97.7 which says eight changes related bug fixes. Some of the errors are corrected with the participation of Google Security Team and are positioned as potential uyavzimosti. Participants of Red Hat Security Response Team have criticized the practice of concealing vulnerabilities in ClamAV, on logs changes to which it is impossible to understand what kind of corrections associated with the elimination of security problems.

You can also celebrate the release of updates for the centralized management server configuration Puppet (3.1.1, 2.7.21, 2.6.18). The new releases of Puppet eliminated a series of five critical vulnerabilities. Four vulnerabilities (cve-2013-1640, cve-2013-1653, cve-2013-1655, cve-2013-2274) could lead to malicious code execution on the server or agent, including and without the need for authorization. One vulnerability (cve-2013-1652) allows access to arbitrary external directories.

Release of Wine 1.5.26

Released a new open source implementation of the experimental release Win32 API – Wine 1.5.26. Since the release of version 1.5.25 was closed 49 bug reports. Among the most important changes were noted:

  • Dropped support platform SPARC;
  • In the driver to work with Mac OS X adds support for OpenGL, clipboard and drag & drop;
  • Improved cache URL-addresses;
  • Fixed some errors in the support binaries architecture ARM;
  • Fixed problems when running games: NFS3, Propellerheads reason 4, Gordian Knot, Entropia Universe, Wing Commander 3 Kilrathi, Priority: Survive, JumpGate: The Reconstruction Initiative, Starcraft 2, Might and Magic Heroes, Railworks March 2013 Trainsimulator, Bunch of Heroes, Magic: The Gathering Online Wide Beta, Drakensang, Disciples: Sacred Lands, Total Annihilation: Kindoms;
  • Been established to multiple applications: Windows Media Player 9, msvideo, 3DMark 2000/2001SE, Houdini 12.x, Delphi, Enterprise Architect 10, AudioSurf;
  • Updated translations;
  • Many bug fixes.

Main links to news: