بعد التاكد من سلامة التحديثات للاباتشي والسي بانل

[maneghost]

حان الان الوقت للتحديث وينصح الجميع بالتحديث
بعد التاكد من كفائة عملة وانه لا يتسبب في مشاكل مع السيرفر
التحديث كما يلي

1. Kernel Upgrade
=============
The issues that is resolved in this upgrade are as follows:

* a flaw in the IPv6 implementation that allowed a local user to cause a
denial of service (infinite loop and crash) (CVE-2005-2973, important)

* a flaw in the bridge implementation that allowed a remote user to cause
forwarding of spoofed packets via poisoning of the forwarding
table with already dropped frames (CVE-2005-3272, moderate)

* a flaw in the atm module that allowed a local user to cause a denial of
service (panic) via certain socket calls (CVE-2005-3359, important)

* a flaw in the NFS client implementation that allowed a local user to cause
a denial of service (panic) via O_DIRECT writes (CVE-2006-0555,
important)

* a difference in "sysretq" operation of EM64T (as opposed to Opteron)
processors that allowed a local user to cause a denial of service
(crash) upon return from certain system calls (CVE-2006-0741 and
CVE-2006-0744, important)

* a flaw in the keyring implementation that allowed a local user to cause a
denial of service (OOPS) (CVE-2006-1522, important)

* a flaw in IP routing implementation that allowed a local user to cause a
denial of service (panic) via a request for a route for a multicast IP
(CVE-2006-1525, important)

* a flaw in the SCTP-netfilter implementation that allowed a remote user to
cause a denial of service (infinite loop) (CVE-2006-1527, important)

* a flaw in the sg driver that allowed a local user to cause a denial of
service (crash) via a dio transfer to memory mapped (mmap) IO space
(CVE-2006-1528, important)

* a flaw in the threading implementation that allowed a local user to cause
a denial of service (panic) (CVE-2006-1855, important)

* two missing LSM hooks that allowed a local user to bypass the LSM by using
readv() or writev() (CVE-2006-1856, moderate)

* a flaw in the virtual memory implementation that allowed local user to
cause a denial of service (panic) by using the lsof command
(CVE-2006-1862, important)

* a directory traversal vulnerability in smbfs that allowed a local user to
escape chroot restrictions for an SMB-mounted filesystem via "..\\"
sequences (CVE-2006-1864, moderate)

* a flaw in the ECNE chunk handling of SCTP that allowed a remote user to
cause a denial of service (panic) (CVE-2006-2271, moderate)

* a flaw in the handling of COOKIE_ECHO and HEARTBEAT control chunks of SCTP
that allowed a remote user to cause a denial of service (panic)
(CVE-2006-2272, moderate)

* a flaw in the handling of DATA fragments of SCTP that allowed a remote
user to cause a denial of service (infinite recursion and crash)
(CVE-2006-2274, moderate)


2. Apache Upgrade to 1.3.36
=====================
The upgrades mainly fixes several bugs and a security update.

Details of the changes as follows:

Changes with Apache 1.3.36

* Reverted SVN rev #396294 due to unwanted regression. The new feature
introduced in 1.3.35 (Allow usage of the "Include" configuration directive
within previously "Include"d files) has been removed in the meantime.
(http://svn.apache.org/viewcvs?rev=396294&view=rev)

* SECURITY: CVE-2005-3352 (cve.mitre.org) mod_imap: Escape untrusted referer
header before outputting in HTML to avoid potential cross-site scripting.
Change also made to ap_escape_html so we escape quotes.

* core: Allow usage of the "Include" configuration directive within
previously "Include"d files.

* HTML-escape the Expect error message. Not classed as security as an
attacker has no way to influence the Expect header a victim will send to a
target site.

* mod_cgi: Remove block on OPTIONS method so that scripts can respond to
OPTIONS directly rather than via server default.


3. Eaccelerator Upgrade to 0.9.5b2
==========================
This release mainly contains support for PHP 5.1 and some small bugfixes
that got implemented along the way. This version fully passes the PHP 5.1
test suite.

Other changes include:
* The shared memory functions, session handler and content cache are
disabled by default now. They are only used by a small amount of users and
they could allow local users to fill up the memory, if they aren't secured
properly.
* The old web control panel and the disassembler have been removed from the
code. They have been replaced with a set of php functions that allow the
same functionality to be implemented in a PHP script. The control.php and
the dasm.php files are such scripts.
* A lot of bugfixes which bring the software closer to full PHP 5.1 support.


تحياتي للجميع

[Eng/ Ahmed]

ماشاء الله يا مبدع .. لاو أروع :nice:

تحياتي ،
أحمد

[MANTEK]

طيب ايش هي اوامر التحديث المظمون