Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    The wraps are off AMD's first round of Ryzen CPUs: the Ryzen 7 1800X, the Ryzen 7 1700X, and the Ryzen 7 1700. Check out these chips' specs, pricing, and availability info in AMD's first official Ryzen release. Read more: http://techreport.com/news/31471/amd-eight-core-16-thread-chips-lead-the-ryzen-charge -- To unsubscribe from: TR-News, just follow this link: http://node1.techreport.com/cgi-bin/dada/mail.cgi/u/trnews/reviewnews// Click this link, or copy and paste the address into your browser.
  2. news
    The wait for AMD Ryzen is finally over! You can now officially go out and pre-order one of three AMD Ryzen 7 processors, which is being touted as the fastest 8-core processor on the market today. Article Title: AMD Ryzen Pre-Orders Start Today – 8-Cores For $329 ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/amd-ryzen-pre-orders-start-today_191572 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =
  3. news
    SUSE Security Update: Security update for php7 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0534-1 Rating: important References: #1008026 #1019547 #1019550 #1019568 #1019570 #1022219 #1022255 #1022257 #1022260 #1022262 #1022263 #1022264 #1022265 Cross-References: CVE-2016-10158 CVE-2016-10159 CVE-2016-10160 CVE-2016-10161 CVE-2016-10162 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-7478 CVE-2016-7479 CVE-2016-7480 CVE-2016-9138 CVE-2017-5340 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Module for Web Scripting 12 ______________________________________________________________________________ An update that fixes 13 vulnerabilities is now available. Description: This update for php7 fixes the following security issues: - CVE-2016-7480: The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP did not verify that a key is an object, which allowed remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. (bsc#1019568) - CVE-2017-5340: Zend/zend_hash.c in PHP mishandled certain cases that require large array allocations, which allowed remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory access, and use of arbitrary destructor function pointers) via crafted serialized data. (bsc#1019570) - CVE-2016-7479: In all versions of PHP 7, during the unserialization process, resizing the 'properties' hash table of a serialized object may have lead to use-after-free. A remote attacker may exploit this bug to gain arbitrary code execution. (bsc#1019547) - CVE-2016-7478: Zend/zend_exceptions.c in PHP allowed remote attackers to cause a denial of service (infinite loop) via a crafted Exception object in serialized data, a related issue to CVE-2015-8876. (bsc#1019550) - CVE-2016-10159: Integer overflow in the phar_parse_pharfile function in ext/phar/phar.c in PHP allowed remote attackers to cause a denial of service (memory consumption or application crash) via a truncated manifest entry in a PHAR archive. (bsc#1022255) - CVE-2016-10160: Off-by-one error in the phar_parse_pharfile function in ext/phar/phar.c in PHP allowed remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PHAR archive with an alias mismatch. (bsc#1022257) - CVE-2016-10161: The object_common1 function in ext/standard/var_unserializer.c in PHP allowed remote attackers to cause a denial of service (buffer over-read and application crash) via crafted serialized data that is mishandled in a finish_nested_data call. (bsc#1022260) - CVE-2016-10162: The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7 allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call. (bsc#1022262) - CVE-2016-10166: A potential unsigned underflow in gd interpolation functions could lead to memory corruption in the PHP gd module (bsc#1022263) - CVE-2016-10167: A denial of service problem in gdImageCreateFromGd2Ctx() could lead to php out of memory even on small files. (bsc#1022264) - CVE-2016-10168: A signed integer overflow in the gd module could lead to memory corruption (bsc#1022265) - CVE-2016-9138: PHP mishandled property modification during __wakeup processing, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data, as demonstrated by Exception::__toString with DateInterval::__wakeup. (bsc#1008026) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-277=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-277=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2017-277=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): php7-debuginfo-7.0.7-35.1 php7-debugsource-7.0.7-35.1 php7-devel-7.0.7-35.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): php7-debuginfo-7.0.7-35.1 php7-debugsource-7.0.7-35.1 php7-devel-7.0.7-35.1 - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): apache2-mod_php7-7.0.7-35.1 apache2-mod_php7-debuginfo-7.0.7-35.1 php7-7.0.7-35.1 php7-bcmath-7.0.7-35.1 php7-bcmath-debuginfo-7.0.7-35.1 php7-bz2-7.0.7-35.1 php7-bz2-debuginfo-7.0.7-35.1 php7-calendar-7.0.7-35.1 php7-calendar-debuginfo-7.0.7-35.1 php7-ctype-7.0.7-35.1 php7-ctype-debuginfo-7.0.7-35.1 php7-curl-7.0.7-35.1 php7-curl-debuginfo-7.0.7-35.1 php7-dba-7.0.7-35.1 php7-dba-debuginfo-7.0.7-35.1 php7-debuginfo-7.0.7-35.1 php7-debugsource-7.0.7-35.1 php7-dom-7.0.7-35.1 php7-dom-debuginfo-7.0.7-35.1 php7-enchant-7.0.7-35.1 php7-enchant-debuginfo-7.0.7-35.1 php7-exif-7.0.7-35.1 php7-exif-debuginfo-7.0.7-35.1 php7-fastcgi-7.0.7-35.1 php7-fastcgi-debuginfo-7.0.7-35.1 php7-fileinfo-7.0.7-35.1 php7-fileinfo-debuginfo-7.0.7-35.1 php7-fpm-7.0.7-35.1 php7-fpm-debuginfo-7.0.7-35.1 php7-ftp-7.0.7-35.1 php7-ftp-debuginfo-7.0.7-35.1 php7-gd-7.0.7-35.1 php7-gd-debuginfo-7.0.7-35.1 php7-gettext-7.0.7-35.1 php7-gettext-debuginfo-7.0.7-35.1 php7-gmp-7.0.7-35.1 php7-gmp-debuginfo-7.0.7-35.1 php7-iconv-7.0.7-35.1 php7-iconv-debuginfo-7.0.7-35.1 php7-imap-7.0.7-35.1 php7-imap-debuginfo-7.0.7-35.1 php7-intl-7.0.7-35.1 php7-intl-debuginfo-7.0.7-35.1 php7-json-7.0.7-35.1 php7-json-debuginfo-7.0.7-35.1 php7-ldap-7.0.7-35.1 php7-ldap-debuginfo-7.0.7-35.1 php7-mbstring-7.0.7-35.1 php7-mbstring-debuginfo-7.0.7-35.1 php7-mcrypt-7.0.7-35.1 php7-mcrypt-debuginfo-7.0.7-35.1 php7-mysql-7.0.7-35.1 php7-mysql-debuginfo-7.0.7-35.1 php7-odbc-7.0.7-35.1 php7-odbc-debuginfo-7.0.7-35.1 php7-opcache-7.0.7-35.1 php7-opcache-debuginfo-7.0.7-35.1 php7-openssl-7.0.7-35.1 php7-openssl-debuginfo-7.0.7-35.1 php7-pcntl-7.0.7-35.1 php7-pcntl-debuginfo-7.0.7-35.1 php7-pdo-7.0.7-35.1 php7-pdo-debuginfo-7.0.7-35.1 php7-pgsql-7.0.7-35.1 php7-pgsql-debuginfo-7.0.7-35.1 php7-phar-7.0.7-35.1 php7-phar-debuginfo-7.0.7-35.1 php7-posix-7.0.7-35.1 php7-posix-debuginfo-7.0.7-35.1 php7-pspell-7.0.7-35.1 php7-pspell-debuginfo-7.0.7-35.1 php7-shmop-7.0.7-35.1 php7-shmop-debuginfo-7.0.7-35.1 php7-snmp-7.0.7-35.1 php7-snmp-debuginfo-7.0.7-35.1 php7-soap-7.0.7-35.1 php7-soap-debuginfo-7.0.7-35.1 php7-sockets-7.0.7-35.1 php7-sockets-debuginfo-7.0.7-35.1 php7-sqlite-7.0.7-35.1 php7-sqlite-debuginfo-7.0.7-35.1 php7-sysvmsg-7.0.7-35.1 php7-sysvmsg-debuginfo-7.0.7-35.1 php7-sysvsem-7.0.7-35.1 php7-sysvsem-debuginfo-7.0.7-35.1 php7-sysvshm-7.0.7-35.1 php7-sysvshm-debuginfo-7.0.7-35.1 php7-tokenizer-7.0.7-35.1 php7-tokenizer-debuginfo-7.0.7-35.1 php7-wddx-7.0.7-35.1 php7-wddx-debuginfo-7.0.7-35.1 php7-xmlreader-7.0.7-35.1 php7-xmlreader-debuginfo-7.0.7-35.1 php7-xmlrpc-7.0.7-35.1 php7-xmlrpc-debuginfo-7.0.7-35.1 php7-xmlwriter-7.0.7-35.1 php7-xmlwriter-debuginfo-7.0.7-35.1 php7-xsl-7.0.7-35.1 php7-xsl-debuginfo-7.0.7-35.1 php7-zip-7.0.7-35.1 php7-zip-debuginfo-7.0.7-35.1 php7-zlib-7.0.7-35.1 php7-zlib-debuginfo-7.0.7-35.1 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): php7-pear-7.0.7-35.1 php7-pear-Archive_Tar-7.0.7-35.1 References: https://www.suse.com/security/cve/CVE-2016-10158.html https://www.suse.com/security/cve/CVE-2016-10159.html https://www.suse.com/security/cve/CVE-2016-10160.html https://www.suse.com/security/cve/CVE-2016-10161.html https://www.suse.com/security/cve/CVE-2016-10162.html https://www.suse.com/security/cve/CVE-2016-10166.html https://www.suse.com/security/cve/CVE-2016-10167.html https://www.suse.com/security/cve/CVE-2016-10168.html https://www.suse.com/security/cve/CVE-2016-7478.html https://www.suse.com/security/cve/CVE-2016-7479.html https://www.suse.com/security/cve/CVE-2016-7480.html https://www.suse.com/security/cve/CVE-2016-9138.html https://www.suse.com/security/cve/CVE-2017-5340.html https://bugzilla.suse.com/1008026 https://bugzilla.suse.com/1019547 https://bugzilla.suse.com/1019550 https://bugzilla.suse.com/1019568 https://bugzilla.suse.com/1019570 https://bugzilla.suse.com/1022219 https://bugzilla.suse.com/1022255 https://bugzilla.suse.com/1022257 https://bugzilla.suse.com/1022260 https://bugzilla.suse.com/1022262 https://bugzilla.suse.com/1022263 https://bugzilla.suse.com/1022264 https://bugzilla.suse.com/1022265 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  4. news

    HP Spectre x360 Review

    news posted a topic in Upcoming News

    ** TECHSPOT ------------------------------------------------------------ ** HP Spectre x360 Review ------------------------------------------------------------ ** http://www.techspot.com/review/1331-hp-spectre-x360/ ------------------------------------------------------------ At the top of HP's laptop line-up is the Spectre x360, a convertible 2-in-1 notebook that has recently been upgraded to Kaby Lake. For this latest model HP has also unleashed a design overhaul that makes the Spectre x360 thinner, lighter and more portable than before. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA
  5. news
    http://benchmarkreviews.us10.list-manage1.com/track/click?u=9a2f239b17114c9008e3dfda9&id=189a152b0e&e=8138df6da5 ** Benchmark Reviews Presents: ------------------------------------------------------------ TITLE: Phanteks Eclipse P400S Tempered Glass Case Review (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=2821437490&e=8138df6da5) QUOTE: About a year ago, we reviewed the Phanteks Eclipse P400S case, an outstanding budget oriented computer case built for both beginners and enthusiasts. With the release of the Eclipse P400S Tempered Glass Edition, it shares many of the essential features carried over from its predecessor. Users can now game in style with a tempered glass side panel along with an RGB LED strip included in the box. The Eclipse P400 series comes in many different varieties. Benchmark Reviews will be taking a look at the Eclipse P400S Tempered Glass Special Edition in red and black, so let’s go over an overview in the next section. LINK: http://benchmarkreviews.us10.list-manage1.com/track/click?u=9a2f239b17114c9008e3dfda9&id=a78551ff78&e=8138df6da5 IMAGE: http://benchmarkreviews.us10.list-manage2.com/track/click?u=9a2f239b17114c9008e3dfda9&id=819cc551c7&e=8138df6da5 ============================================================
  6. news
    Hi everybody, It has been a very long time since previous release, but we are proud today to announce the latest 3.4 version of FileManager-Actions. FileManager-Actions is the new name of (now obsoleted) Nautilus-Actions. Thanks to Wolfgang Ulbrich, FileManager-Actions now also supports Caja-Actions from Mate Desktop. What is it ? FileManager-Actions is a file-manager extension whose principal function is to allow the user to add arbitrary actions to the file manager context menus. These actions may be organized in menus and submenus, exported and shared with other desktop environments. FileManager-Actions supports both Nautilus and Caja file-managers. What is new in this release ? All support to Gtk 2 has been removed. Minimal required versions are now: - Gtk 3.4 - GLib 2.32. See NEWS [1] and ChangeLog [2][3] for all details. FileManager-Actions 3.4 is available for download at http://www.nautilus-actions.org/downloads/ http://download.gnome.org/sources/filemanager-actions/3.4/ ftp://ftp.trychlos.org/pub/tarballs/filemanager-actions/ sha1sum: a7e8cf46287f357ebfb2c2c658232a21d4bf5f91 md5sum: 0f17e29b5b9dc39746ee51dd5a6a0cda Home page is here: http://www.nautilus-actions.org Bug reports are always welcome at https://bugzilla.gnome.org/enter_bug.cgi?product=filemanager-actions (coming soon). All discussions relative to FileManager-Actions can be posted to
  7. news
    TITLE: Azio MK Retro Review ( -at -) Vortez CONTENT: Some may not be familiar with AZIO Corp, a young manufacturer keen on injecting innovation and fun into your peripherals through cutting edge design. One look at the MK Retro, you can understand that they are certainly looking to make alternative products available. The MK Retro is a typewriter inspired mechanical keyboard, featuring large, chrome rimmed key-caps, and clicky switches with the intention of taking typists back to the golden era of industry in the 21st Century. LINK: https://www.vortez.net/review.php?id=1267 ---------------------------------------------------------------------------- -------------------- Please post this news item in your news section. Thank you.
  8. news
    Review: G.Skill TridentZ RGB DDR4 (3600 MHz) memory review We test the all new RGB series TridentZ DDR4 memory from G.Skill. It's fast at 3600 MHz, it's cool and runs XMP 2.0 memory profiles on Intel platforms as well. Join us as we review not just some of the fastest clocked bars of memory, its among the most cool looking ones as well. Read the full review here <http://www.guru3d.com/articles-pages/g-skill-tridentz-rgb-ddr4-memory-review,1.html>'>http://www.guru3d.com/articles-pages/g-skill-tridentz-rgb-ddr4-memory-review,1.html> . URL: http://www.guru3d.com/articles-pages/g-skill-tridentz-rgb-ddr4-memory-review,1.html <http://www.guru3d.com/articles-pages/g-skill-tridentz-rgb-ddr4-memory-review,1.html> --
  9. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: MSI GeForce GTX 1060 Armor OC 6 GB Link: https://www.techpowerup.com/reviews/MSI/GTX_1060_Armor Brief: MSI's GeForce GTX 1060 Armor OC is a custom GTX 1060 variant that's optimized to not break the bank but still offer features like idle-fan-stop, low noise and good temperatures. The card uses the exact same PCB as the more expensive Gaming X, at lower clocks though.
  10. news
    Welcome to the Ubuntu Weekly Newsletter, Issue 499 for the week February 13 - 19, 2017. == Links to UWN == * Wiki page: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Issue499 == In This Issue == * Ubuntu 16.04.2 LTS Released * Ubuntu Stats * LoCo Events * Dustin Kirkland: Kubernetes InstallFest at ContainerWorld -- Feb 21, 2017! * Simos Xenitellis: Summary of ( -at -) DellCarePRO Ubuntu Basics Webinar (Feb 2017) * Valorie Zimmerman: Folding, origami, and Folding ( -at -) Home * Simon Raffeiner: Setting up an "All-Snap" Ubuntu Core image in a QEMU/KVM virtual machine * Ubuntu Cloud News * Canonical News * In The Blogosphere * Featured Audio and Video * Weekly Ubuntu Development Team Meetings * Upcoming Meetings and Events * Updates and Security for 12.04, 14.04, 16.04, and 16.10 * And much more! == General Community News == === Ubuntu 16.04.2 LTS Released === Adam Conrad, on behalf of the Ubuntu Release Team, announces the release of Ubuntu 16.04.2 LTS for desktop, server and cloud platforms. Key features of this release include security updates, bug fixes, and increased stability. This release is also available for all major flavor distributions. https://lists.ubuntu.com/archives/ubuntu-announce/2017-February/000216.html This point release was also covered by other sites, including: * Ubuntu 16.04.2 LTS Point Release Arrives With Linux Kernel 4.8 And Improved Hardware Support - https://fossbytes.com/ubuntu-16-04-2-lts-release-features-download-link/ * Ubuntu 16.04.2 LTS Officially Released with Linux Kernel 4.8 from Ubuntu 16.10 - http://news.softpedia.com/news/ubuntu-16-04-2-lts-officially-released-with-linux-kernel-4-8-from-ubuntu-16-10-512758.shtml * Ubuntu 16.04.2 LTS Released; Ubuntu 17.04 In Feature Freeze - http://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-16.04.2-Released * Ubuntu 16.04.2 LTS Released, Available to Download Now - http://www.omgubuntu.co.uk/2017/02/download-ubuntu-16-04-2-lts === Welcome New Members and Developers === Naeil Zoueidi, on behalf of the Ubuntu Membership Board, announces the latest Ubuntu Member. * Pavlos Kairis (https://wiki.ubuntu.com/PavlosKairis | https://launchpad.net/~kairis) https://lists.ubuntu.com/archives/ubuntu-news-team/2017-February/002625.html == Ubuntu Stats == === Bug Stats === * Open (129015) +150 over last week * Critical (417) -6 over last week * Unconfirmed (64201) +108 over last week As always, the Bug Squad needs more help. If you want to get started, please see https://wiki.ubuntu.com/BugSquad === Ask Ubuntu Top 5 Questions this week === ==== Most Active Questions ==== * Is it possible to run Ubuntu Server 16.04 alongside Windows 10 Pro? http://askubuntu.com/questions/883627/is-it-possible-to-run-ubuntu-server-16-04-alongside-windows-10-pro * Old kernel with Ubuntu 16.04.2 update http://askubuntu.com/questions/882896/old-kernel-with-ubuntu-16-04-2-update * I want to change the host name - is it enough to edit the /etc/hosts file? [closed] http://askubuntu.com/questions/882929/i-want-to-change-the-host-name-is-it-enough-to-edit-the-etc-hosts-file * Can I make Unity Hot Corners run custom commands? http://askubuntu.com/questions/884718/can-i-make-unity-hot-corners-run-custom-commands * How to recover `/usr/lib/jvm` in Ubuntu? http://askubuntu.com/questions/884672/how-to-recover-usr-lib-jvm-in-ubuntu ==== Top Voted New Questions ==== * Old kernel with Ubuntu 16.04.2 update http://askubuntu.com/questions/882896/ * Can I make Unity Hot Corners run custom commands? http://askubuntu.com/questions/884718/ * I want to change the host name - is it enough to edit the /etc/hosts file? http://askubuntu.com/questions/882929/ * How to recover `/usr/lib/jvm` in Ubuntu? http://askubuntu.com/questions/884672/ * What is the correct way to keep home directory on USB stick? http://askubuntu.com/questions/883253/ Ask (and answer!) questions at http://askubuntu.com == LoCo Events == The following LoCo team events are currently scheduled in the next two weeks: * Sierra Vista Ubuntu Hour, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3488-sierra-vista-ubuntu-hour/ * Tempe Ubuntu Hour, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3489-tempe-ubuntu-hour/ * SCALE 15X and UbuCon Summit, Ubuntu California: http://loco.ubuntu.com/events/ubuntu-california/3499-scale-15x-and-ubucon-summit/ * Tempe Ubuntu Hour, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3491-tempe-ubuntu-hour/ * AZLOCO Install-fest/Linux Workshop, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3492-azloco-install-fest/linux-workshop/ Looking beyond the next two weeks? Visit the LoCo Team Portal to browse upcoming events around the world: http://loco.ubuntu.com/events/ == The Planet == === Dustin Kirkland: Kubernetes InstallFest at ContainerWorld -- Feb 21, 2017! === Dustin Kirkland writes that Canonical devs have been busy fine-tuning Kubernetes, Docker and LXD for Ubuntu. Only two provided commands are needed to have a minimal Kubernetes run on a Ubuntu 16.04 Dustin writes that he'll be in Santa Clara this week and on Tuesday February 21, 2017 is giving a Kubernetes installfest workshop where all those attending will get to run a Kubernetes cluster on a public cloud, or their own Ubuntu laptop or VM. On Wednesday Dustin is giving a talk entitled "Using the Right Container Technology for the Job", and if unable to attend you can catch up with a 30-minute podcast with David Daly (link provided). http://blog.dustinkirkland.com/2017/02/kubernetes-installfest-at.html === Simos Xenitellis: Summary of ( -at -) DellCarePRO Ubuntu Basics Webinar (Feb 2017) === Simos Xenitellis provides a link to the webinar from ( -at -) DellCarePRO titled Ubuntu Basic Webinar. Along with the aforementioned link, he also includes a series of screen captures taking you through the Webinar. https://blog.simos.info/dell-ubuntu-basics-webinar/ === Valorie Zimmerman: Folding, origami, and Folding ( -at -) Home === Valorie Zimmerman tells us briefly about joining the Ubuntu Folding ( -at -) Home team. She explains why she found participation valuable and provides links to both the Ubuntu team and the broader project for those interested in learning more. http://linuxgrandma.blogspot.com/2017/02/folding-origami-and-foldinghome.html === Simon Raffeiner: Setting up an "All-Snap" Ubuntu Core image in a QEMU/KVM virtual machine === Simon Raffeiner provides instructions for setting up an "all-snap" Ubuntu Core image in a virtual machine using Ubuntu Core 16 that can be accessed via SSH. http://www.lieberbiber.de/2017/02/17/setting-up-an-all-snap-ubuntu-core-image-in-a-qemukvm-virtual-machine/ == Ubuntu Cloud News == * Network management with LXD (2.3+) - https://insights.ubuntu.com/2017/02/14/network-management-with-lxd-2-3/ * The Nextcloud Box at MWC - https://insights.ubuntu.com/2017/02/14/the-nextcloud-box-at-mwc/ * GPUs & Kubernetes for Deep Learning - Part 1/3 - https://insights.ubuntu.com/2017/02/15/gpus-kubernetes-for-deep-learning%E2%80%8A-%E2%80%8Apart-13/ * Deploying Kubernetes on Bare Metal - https://insights.ubuntu.com/2017/02/15/deploying-kubernetes-on-bare-metal/ == Canonical News == * Lime Microsystems and Canonical announce LimeNET crowdfunding - https://insights.ubuntu.com/2017/02/16/lime-microsystems-and-canonical-announce-limenet-crowdfunding/ * MWC17: The Future of Wireless Networks - https://insights.ubuntu.com/2017/02/17/mwc17-the-future-of-wireless-networks/ * Snapcraft 2.27 has been released - https://insights.ubuntu.com/2017/02/17/snapcraft-2-27-has-been-released/ == In The Blogosphere == === GPD Pocket: This Tiny Laptop Fits In Your Pocket, Runs Ubuntu Linux And Windows 10 === Adarsh Verma for Fossbytes writes about the GPD Pocket, a pocket size laptop that runs Ubuntu. The laptop was fundraised via Indiegogo, and "hit its $200,000 funding target on Indiegogo within hours of launch." He highlights the specifications and provides link where you can purchase them. https://fossbytes.com/gpd-pocket-crazy-laptop-fits-pocket-runs-ubuntu-windows-10/ === This Microsoft Surface Killer Costs $369 and Can Also Run Ubuntu === Bogdan Popa from Softpedia writes about the Chuwi Hi13, an alternative to Microsoft's 2-in-1 Surface, but running Ubuntu. He writes, "presented at CES earlier this year, the Chuwi Hi13 will be launched on February 20 and will be available for pre-order the same day, coming with a price that really makes it an intriguing product for those looking for a 2-in-1 running Windows 10." http://news.softpedia.com/news/this-microsoft-surface-killer-costs-369-and-can-also-run-ubuntu-512961.shtml === Ubuntu 17.04 (Zesty Zapus) Has Entered Feature Freeze, Beta Lands on February 23 === Marius Nestor from Softpedia writes about Ubuntu 17.04 (codenamed Zesty Zapus) entering the feature freeze stage of its development cycle. He writes, "...February 16 marks both the Feature Freeze and Debian Import Freeze stages of development for Ubuntu 17.04, which means that application developers are no longer allowed to push new features to the upcoming operating systems, but only bugfix releases of their packages that address critical bugs." http://news.softpedia.com/news/ubuntu-17-04-zesty-zapus-has-entered-feature-freeze-beta-lands-february-23-513023.shtml === 6 Reasons Why I Love Using KDE Connect on Ubuntu === Joey Sneddon from OMG! Ubuntu! presents reasons he enjoys using KDE Connect on Ubuntu. He highlights six main features of KDE Connect that have been useful to him. http://www.omgubuntu.co.uk/2017/02/easy-way-connect-android-to-ubuntu-pc === Snap URL Support Is Coming to Ubuntu Software ===
  11. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Tesoro Gram Spectrum RGB Keyboard Link: https://www.techpowerup.com/reviews/Tesoro/Gram_Spectrum Brief: Another keyboard and another brand new mechanical switch, the Tesoro Gram Spectrum RGB Keyboard promises to deliver an optimized keystroke, fast response and accurate actuation - all while being low profile. Available in both white and black, it should be a perfect addition to any setup.
  12. news
    Visit Hardware Asylum - http://www.hardwareasylum.com body { margin: 0px; padding: 10px; text-align: left; background-color: #FFF; } #header { vertical-align: top; height: 80px; } #footer { font-family: arial, Helvetica, sans-serif; font-size: 10px; color: #000; margin-top: 5px; padding: 3px; } .titletext { font-family: Arial, Helvetica, sans-serif; font-size: 18px; font-weight: bold; color: #852222; } .subtitletext { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; color: #9E9E9E; } .bodytext { font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #000000; } .smalltext { font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #9E9E9E; } b { font-weight: bold; } i { font-style: italic; } a { color: #C00; } Hello Everyone,Sometimes you need big sound and with the Katana it will slash the competition using its sweet kung-fu moves of audio artistry.Or something like that.Subject: Creative Sound BlasterX Katana Multi-channel Gaming Soundbar Review ( -at -) Hardware AsylumURL: http://www.hardwareasylum.com/reviews/sound/creative_katanaQuote: It is hard to point out any single reason you might need a dedicated gaming sound bar but the Creative Sound BlasterX Katana will help you find one. The Katana is a fantastic sound bar providing clear nuanced sound from a small package which can easily handle my most demanding music and gaming needs.A news posting would be so KawaiiThanksDennis Garciahttp://www.hardwareasylum.com To no longer receive these types of emails please send a copy of this message to us at support ( -at -) hardwareasylum.com and we'll remove you from the list. Copyright © Hardware Asylum 1999-2013 All rights reserved
  13. news
    <http://www.eteknix.com> Seagate IronWolf Pro 10TB NAS HDD Review Seagate launched the Guardian series of drives last year and we've already seen both the IronWolf 10TB and the SkyHawk 10TB drives perform awesome in our reviews. Today it is time to take a look at the IronWolf Pro 10TB drive which is the latest entry in this family <http://www.seagate.com/www-content/product-content/ironwolf/files/ironwolf-pro-ds1914-3-1701gb.pdf>  of large-capacity storage drives. The drives that we previously tested were aimed at-home-use and now we are stepping up to the small and medium businesses with this new Pro drives. URL - http://www.eteknix.com/seagate-ironwolf-pro-10tb-nas-hdd-review/ --
  14. news
    Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* ADATA SU800 256GB SSD ( -at -) LanOC Reviews <https://lanoc.org/review/storage/7448-adata-su800-256gb-ssd> *DESCRIPTION:* Last year ADATA introduced their SU800 as part of a complete line of 3D NAND based SSDs. It is their mid-ranged model with the SU900 being their highest end SATA based SSD but comes in at a price point that Is budget friendly as well. The SU800 is also the first 3D NAND SSD on the market from a company that doesn’t make their own NAND. So today I’m going to take a look inside the drive and see what it’s all about and also test its performance to see how it compares to other SATA based drives. Is this the SATA SSD for your next build? The price is right and they have the capacities, but let’s find out. *ARTICLE URL:* https://lanoc.org/review/storage/7448-adata-su800-256gb-ssd *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/adata_su800/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/adata_su800/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>
  15. news
    SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0523-1 Rating: important References: #1025258 Cross-References: CVE-2017-2982 CVE-2017-2985 CVE-2017-2986 CVE-2017-2987 CVE-2017-2988 CVE-2017-2990 CVE-2017-2991 CVE-2017-2992 CVE-2017-2993 CVE-2017-2994 CVE-2017-2995 CVE-2017-2996 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 12 vulnerabilities is now available. Description: The Adobe flash-player was updated to 24.0.0.221 to fix the following issues: Security update to 24.0.0.221 (bsc#1025258), fixing the following vulnerabilities advised under APSB17-04: * type confusion vulnerability that could lead to code execution (CVE-2017-2995). * integer overflow vulnerability that could lead to code execution (CVE-2017-2987). * use-after-free vulnerabilities that could lead to code execution (CVE-2017-2982, CVE-2017-2985, CVE-2017-2993, CVE-2017-2994). * heap buffer overflow vulnerabilities that could lead to code execution (CVE-2017- 2984, CVE-2017-2986, CVE-2017-2992). * memory corruption vulnerabilities that could lead to code execution (CVE-2017-2988, CVE-2017-2990, CVE-2017-2991, CVE-2017-2996). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-268=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-268=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): flash-player-24.0.0.221-158.1 flash-player-gnome-24.0.0.221-158.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): flash-player-24.0.0.221-158.1 flash-player-gnome-24.0.0.221-158.1 References: https://www.suse.com/security/cve/CVE-2017-2982.html https://www.suse.com/security/cve/CVE-2017-2985.html https://www.suse.com/security/cve/CVE-2017-2986.html https://www.suse.com/security/cve/CVE-2017-2987.html https://www.suse.com/security/cve/CVE-2017-2988.html https://www.suse.com/security/cve/CVE-2017-2990.html https://www.suse.com/security/cve/CVE-2017-2991.html https://www.suse.com/security/cve/CVE-2017-2992.html https://www.suse.com/security/cve/CVE-2017-2993.html https://www.suse.com/security/cve/CVE-2017-2994.html https://www.suse.com/security/cve/CVE-2017-2995.html https://www.suse.com/security/cve/CVE-2017-2996.html https://bugzilla.suse.com/1025258 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  16. news
    SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0517-1 Rating: important References: #1020048 #1024938 Cross-References: CVE-2017-5970 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: The SUSE Linux Enterprise 12 SP1 kernel was updated to fix the following two issues: - CVE-2017-5970: Remote attackers could have potentially caused a denial of service by sending bad IP options on a socket (bsc#1024938) - Fix a regression in MD RAID1 which could have caused wrong data to be read (bsc#1020048) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-267=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-267=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-267=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-267=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-267=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-267=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): kernel-default-debuginfo-3.12.69-60.64.32.1 kernel-default-debugsource-3.12.69-60.64.32.1 kernel-default-extra-3.12.69-60.64.32.1 kernel-default-extra-debuginfo-3.12.69-60.64.32.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): kernel-obs-build-3.12.69-60.64.32.1 kernel-obs-build-debugsource-3.12.69-60.64.32.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): kernel-docs-3.12.69-60.64.32.3 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): kernel-default-3.12.69-60.64.32.1 kernel-default-base-3.12.69-60.64.32.1 kernel-default-base-debuginfo-3.12.69-60.64.32.1 kernel-default-debuginfo-3.12.69-60.64.32.1 kernel-default-debugsource-3.12.69-60.64.32.1 kernel-default-devel-3.12.69-60.64.32.1 kernel-syms-3.12.69-60.64.32.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): kernel-devel-3.12.69-60.64.32.1 kernel-macros-3.12.69-60.64.32.1 kernel-source-3.12.69-60.64.32.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): kernel-xen-3.12.69-60.64.32.1 kernel-xen-base-3.12.69-60.64.32.1 kernel-xen-base-debuginfo-3.12.69-60.64.32.1 kernel-xen-debuginfo-3.12.69-60.64.32.1 kernel-xen-debugsource-3.12.69-60.64.32.1 kernel-xen-devel-3.12.69-60.64.32.1 - SUSE Linux Enterprise Server 12-SP1 (s390x): kernel-default-man-3.12.69-60.64.32.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.69-60.64.32.1 kernel-ec2-debuginfo-3.12.69-60.64.32.1 kernel-ec2-debugsource-3.12.69-60.64.32.1 kernel-ec2-devel-3.12.69-60.64.32.1 kernel-ec2-extra-3.12.69-60.64.32.1 kernel-ec2-extra-debuginfo-3.12.69-60.64.32.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_69-60_64_32-default-1-2.1 kgraft-patch-3_12_69-60_64_32-xen-1-2.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): kernel-devel-3.12.69-60.64.32.1 kernel-macros-3.12.69-60.64.32.1 kernel-source-3.12.69-60.64.32.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): kernel-default-3.12.69-60.64.32.1 kernel-default-debuginfo-3.12.69-60.64.32.1 kernel-default-debugsource-3.12.69-60.64.32.1 kernel-default-devel-3.12.69-60.64.32.1 kernel-default-extra-3.12.69-60.64.32.1 kernel-default-extra-debuginfo-3.12.69-60.64.32.1 kernel-syms-3.12.69-60.64.32.1 kernel-xen-3.12.69-60.64.32.1 kernel-xen-debuginfo-3.12.69-60.64.32.1 kernel-xen-debugsource-3.12.69-60.64.32.1 kernel-xen-devel-3.12.69-60.64.32.1 References: https://www.suse.com/security/cve/CVE-2017-5970.html https://bugzilla.suse.com/1020048 https://bugzilla.suse.com/1024938 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  17. news
    Cherry MX Board 6.0 Keyboard Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/cherry-mx-board-6-0-keyboard-review/ Image URL: http://www.thinkcomputers.org/reviews/cherry_mx_6/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/cherry_mx_6/small.jpg Quote: "Cherry is a name by now you are probably very familiar with. They are the makers of the mechanical key switches that are in many of the best gaming keyboards out there. If you didn’t know they also make their own keyboards. The MX Board 6.0 actually still remains their flagship gaming keyboard even though it has been out for a couple years now. Their mechanical switches are known for their amazing quality, so we are really excited to see what a 100% Cherry-made keyboard can do. Let’s take a look at the MX Board 6.0 and see what it is all about!"
  18. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openssl security update Advisory ID: RHSA-2017:0286-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0286.html Issue date: 2017-02-20 CVE Names: CVE-2016-8610 CVE-2017-3731 ===================================================================== 1. Summary: An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library. Security Fix(es): * An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite. (CVE-2017-3731) * A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections form other clients. (CVE-2016-8610) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. 5. Bugs fixed (https://bugzilla.redhat.com/): 1384743 - CVE-2016-8610 SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS 1416852 - CVE-2017-3731 openssl: Truncated packet could crash via OOB read 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: openssl-1.0.1e-48.el6_8.4.src.rpm i386: openssl-1.0.1e-48.el6_8.4.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm x86_64: openssl-1.0.1e-48.el6_8.4.i686.rpm openssl-1.0.1e-48.el6_8.4.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-devel-1.0.1e-48.el6_8.4.i686.rpm openssl-perl-1.0.1e-48.el6_8.4.i686.rpm openssl-static-1.0.1e-48.el6_8.4.i686.rpm x86_64: openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.4.i686.rpm openssl-devel-1.0.1e-48.el6_8.4.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.4.x86_64.rpm openssl-static-1.0.1e-48.el6_8.4.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: openssl-1.0.1e-48.el6_8.4.src.rpm x86_64: openssl-1.0.1e-48.el6_8.4.i686.rpm openssl-1.0.1e-48.el6_8.4.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.4.i686.rpm openssl-devel-1.0.1e-48.el6_8.4.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.4.x86_64.rpm openssl-static-1.0.1e-48.el6_8.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: openssl-1.0.1e-48.el6_8.4.src.rpm i386: openssl-1.0.1e-48.el6_8.4.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-devel-1.0.1e-48.el6_8.4.i686.rpm ppc64: openssl-1.0.1e-48.el6_8.4.ppc.rpm openssl-1.0.1e-48.el6_8.4.ppc64.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.ppc.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.ppc64.rpm openssl-devel-1.0.1e-48.el6_8.4.ppc.rpm openssl-devel-1.0.1e-48.el6_8.4.ppc64.rpm s390x: openssl-1.0.1e-48.el6_8.4.s390.rpm openssl-1.0.1e-48.el6_8.4.s390x.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.s390.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.s390x.rpm openssl-devel-1.0.1e-48.el6_8.4.s390.rpm openssl-devel-1.0.1e-48.el6_8.4.s390x.rpm x86_64: openssl-1.0.1e-48.el6_8.4.i686.rpm openssl-1.0.1e-48.el6_8.4.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.4.i686.rpm openssl-devel-1.0.1e-48.el6_8.4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-perl-1.0.1e-48.el6_8.4.i686.rpm openssl-static-1.0.1e-48.el6_8.4.i686.rpm ppc64: openssl-debuginfo-1.0.1e-48.el6_8.4.ppc64.rpm openssl-perl-1.0.1e-48.el6_8.4.ppc64.rpm openssl-static-1.0.1e-48.el6_8.4.ppc64.rpm s390x: openssl-debuginfo-1.0.1e-48.el6_8.4.s390x.rpm openssl-perl-1.0.1e-48.el6_8.4.s390x.rpm openssl-static-1.0.1e-48.el6_8.4.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-48.el6_8.4.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.4.x86_64.rpm openssl-static-1.0.1e-48.el6_8.4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: openssl-1.0.1e-48.el6_8.4.src.rpm i386: openssl-1.0.1e-48.el6_8.4.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-devel-1.0.1e-48.el6_8.4.i686.rpm x86_64: openssl-1.0.1e-48.el6_8.4.i686.rpm openssl-1.0.1e-48.el6_8.4.x86_64.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-debuginfo-1.0.1e-48.el6_8.4.x86_64.rpm openssl-devel-1.0.1e-48.el6_8.4.i686.rpm openssl-devel-1.0.1e-48.el6_8.4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: openssl-debuginfo-1.0.1e-48.el6_8.4.i686.rpm openssl-perl-1.0.1e-48.el6_8.4.i686.rpm openssl-static-1.0.1e-48.el6_8.4.i686.rpm x86_64: openssl-debuginfo-1.0.1e-48.el6_8.4.x86_64.rpm openssl-perl-1.0.1e-48.el6_8.4.x86_64.rpm openssl-static-1.0.1e-48.el6_8.4.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: openssl-1.0.1e-60.el7_3.1.src.rpm x86_64: openssl-1.0.1e-60.el7_3.1.x86_64.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.i686.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.x86_64.rpm openssl-libs-1.0.1e-60.el7_3.1.i686.rpm openssl-libs-1.0.1e-60.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-60.el7_3.1.i686.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.x86_64.rpm openssl-devel-1.0.1e-60.el7_3.1.i686.rpm openssl-devel-1.0.1e-60.el7_3.1.x86_64.rpm openssl-perl-1.0.1e-60.el7_3.1.x86_64.rpm openssl-static-1.0.1e-60.el7_3.1.i686.rpm openssl-static-1.0.1e-60.el7_3.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: openssl-1.0.1e-60.el7_3.1.src.rpm x86_64: openssl-1.0.1e-60.el7_3.1.x86_64.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.i686.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.x86_64.rpm openssl-libs-1.0.1e-60.el7_3.1.i686.rpm openssl-libs-1.0.1e-60.el7_3.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-60.el7_3.1.i686.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.x86_64.rpm openssl-devel-1.0.1e-60.el7_3.1.i686.rpm openssl-devel-1.0.1e-60.el7_3.1.x86_64.rpm openssl-perl-1.0.1e-60.el7_3.1.x86_64.rpm openssl-static-1.0.1e-60.el7_3.1.i686.rpm openssl-static-1.0.1e-60.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: openssl-1.0.1e-60.el7_3.1.src.rpm aarch64: openssl-1.0.1e-60.el7_3.1.aarch64.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.aarch64.rpm openssl-devel-1.0.1e-60.el7_3.1.aarch64.rpm openssl-libs-1.0.1e-60.el7_3.1.aarch64.rpm ppc64: openssl-1.0.1e-60.el7_3.1.ppc64.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.ppc.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.ppc64.rpm openssl-devel-1.0.1e-60.el7_3.1.ppc.rpm openssl-devel-1.0.1e-60.el7_3.1.ppc64.rpm openssl-libs-1.0.1e-60.el7_3.1.ppc.rpm openssl-libs-1.0.1e-60.el7_3.1.ppc64.rpm ppc64le: openssl-1.0.1e-60.el7_3.1.ppc64le.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.ppc64le.rpm openssl-devel-1.0.1e-60.el7_3.1.ppc64le.rpm openssl-libs-1.0.1e-60.el7_3.1.ppc64le.rpm s390x: openssl-1.0.1e-60.el7_3.1.s390x.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.s390.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.s390x.rpm openssl-devel-1.0.1e-60.el7_3.1.s390.rpm openssl-devel-1.0.1e-60.el7_3.1.s390x.rpm openssl-libs-1.0.1e-60.el7_3.1.s390.rpm openssl-libs-1.0.1e-60.el7_3.1.s390x.rpm x86_64: openssl-1.0.1e-60.el7_3.1.x86_64.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.i686.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.x86_64.rpm openssl-devel-1.0.1e-60.el7_3.1.i686.rpm openssl-devel-1.0.1e-60.el7_3.1.x86_64.rpm openssl-libs-1.0.1e-60.el7_3.1.i686.rpm openssl-libs-1.0.1e-60.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: openssl-debuginfo-1.0.1e-60.el7_3.1.aarch64.rpm openssl-perl-1.0.1e-60.el7_3.1.aarch64.rpm openssl-static-1.0.1e-60.el7_3.1.aarch64.rpm ppc64: openssl-debuginfo-1.0.1e-60.el7_3.1.ppc.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.ppc64.rpm openssl-perl-1.0.1e-60.el7_3.1.ppc64.rpm openssl-static-1.0.1e-60.el7_3.1.ppc.rpm openssl-static-1.0.1e-60.el7_3.1.ppc64.rpm ppc64le: openssl-debuginfo-1.0.1e-60.el7_3.1.ppc64le.rpm openssl-perl-1.0.1e-60.el7_3.1.ppc64le.rpm openssl-static-1.0.1e-60.el7_3.1.ppc64le.rpm s390x: openssl-debuginfo-1.0.1e-60.el7_3.1.s390.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.s390x.rpm openssl-perl-1.0.1e-60.el7_3.1.s390x.rpm openssl-static-1.0.1e-60.el7_3.1.s390.rpm openssl-static-1.0.1e-60.el7_3.1.s390x.rpm x86_64: openssl-debuginfo-1.0.1e-60.el7_3.1.i686.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.x86_64.rpm openssl-perl-1.0.1e-60.el7_3.1.x86_64.rpm openssl-static-1.0.1e-60.el7_3.1.i686.rpm openssl-static-1.0.1e-60.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: openssl-1.0.1e-60.el7_3.1.src.rpm x86_64: openssl-1.0.1e-60.el7_3.1.x86_64.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.i686.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.x86_64.rpm openssl-devel-1.0.1e-60.el7_3.1.i686.rpm openssl-devel-1.0.1e-60.el7_3.1.x86_64.rpm openssl-libs-1.0.1e-60.el7_3.1.i686.rpm openssl-libs-1.0.1e-60.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: openssl-debuginfo-1.0.1e-60.el7_3.1.i686.rpm openssl-debuginfo-1.0.1e-60.el7_3.1.x86_64.rpm openssl-perl-1.0.1e-60.el7_3.1.x86_64.rpm openssl-static-1.0.1e-60.el7_3.1.i686.rpm openssl-static-1.0.1e-60.el7_3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8610 https://access.redhat.com/security/cve/CVE-2017-3731 https://access.redhat.com/security/updates/classification/#moderate https://www.openssl.org/news/secadv/20170126.txt 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYqs1TXlSAg2UNWIIRAt7bAJ0ZCDFTFcNP3/qrBxA46aRJQAvxkACaA9Ak 1zK4rWazcUYTZw5zQhD4SXA= =I+Z7 -----END PGP SIGNATURE----- --
  19. news
    ASUS ZenBook 3 (UX390UA) Ultrabook Review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=03366d8d0a&e=872093acb5 http://www.kitguru.net ASUS ZenBook 3 (UX390UA) Ultrabook Review Hot on the heels of our Dell XPS 13 review, today we are looking at the brand-new ASUS ZenBook 3. What has really caught my eye about the ZenBook 3 is its physical dimensions – it measures just 11.9mm thick, while it weighs a mere 910g. With Kaby Lake hardware inside, as well as the promise of a crisp 1080p display and Harman Kardon speakers, could this be our new ultrabook of choice? Read the review here: http://www.kitguru.net/lifestyle/mobile/notebook/dominic-moass/asus-zenbook-3-ux390ua-ultrabook-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=03366d8d0a&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  20. news
    ASUS ZenBook 3 (UX390UA) Ultrabook Review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=03366d8d0a&e=872093acb5 http://www.kitguru.net ASUS ZenBook 3 (UX390UA) Ultrabook Review Hot on the heels of our Dell XPS 13 review, today we are looking at the brand-new ASUS ZenBook 3. What has really caught my eye about the ZenBook 3 is its physical dimensions – it measures just 11.9mm thick, while it weighs a mere 910g. With Kaby Lake hardware inside, as well as the promise of a crisp 1080p display and Harman Kardon speakers, could this be our new ultrabook of choice? Read the review here: http://www.kitguru.net/lifestyle/mobile/notebook/dominic-moass/asus-zenbook-3-ux390ua-ultrabook-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=03366d8d0a&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  21. news
  22. news
  23. news
    The price for a full SCALE pass, including all sessions, free events and expo exhibits, goes up to $90 on Wednesday, February 22. If you’ve been putting off registering, now is the time. https://register.socallinuxexpo.org/reg6?utm_source=phplist160&utm_medium=email&utm_content=text&utm_campaign=Last+Chance+Before+SCALE+Prices+Go+Up Our room blocks at the Sheraton are now SOLD OUT. There are other hotels in the area that may have space available, but we encourage you to shop around on travel sites for the best deal. Hilton Pasadena - Walking distance to Pasadena Convention Center dusitD2 Hotel Constance Pasadena - Offers a hotel shuttle. Courtyard by Marriott Old Pasadena - Short drive from Pasadena Convention Center Vagabond Inn Executive Pasadena Westin Pasadena GreenTree Pasadena Inn http://www.socallinuxexpo.org/scale/15x/hotel-information?utm_source=phplist160&utm_medium=email&utm_content=text&utm_campaign=Last+Chance+Before+SCALE+Prices+Go+Up Please don’t forget our special events: Linux Professional Institute will be holding exams on Saturday and Sunday for levels Linux Essentials through LPIC-3. Open Source Legal Training on Friday, March 3. Topics include licensing, compliance, patents and copyright. CLE credits available. Separate registration required. SCALE: The Next Generation. An event built around tomorrow’s Open Source leaders. The Ubuntu community event – UbuCon Summit – returns on March 2 and 3. PostgreSQL ( -at -) SCALE, DevOps Day LA, Cyber Security CTF and more. https://www.socallinuxexpo.org/scale/15x/events?utm_source=phplist160&utm_medium=email&utm_content=text&utm_campaign=Last+Chance+Before+SCALE+Prices+Go+Up --
  24. news
    openSUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0513-1 Rating: important References: #1020905 Cross-References: CVE-2016-2183 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3259 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes 15 vulnerabilities is now available. Description: This update for java-1_7_0-openjdk fixes the following issues: - Oracle Critical Patch Update of January 2017 to OpenJDK 7u131 (bsc#1020905): * Security Fixes - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution - S8156804, CVE-2017-3241: Better constraint checking - S8158406: Limited Parameter Processing - S8158997: JNDI Protocols Switch - S8159507: RuntimeVisibleAnnotation validation - S8161218: Better bytecode loading - S8161743, CVE-2017-3252: Provide proper login context - S8162577: Standardize logging levels - S8162973: Better component components - S8164143, CVE-2017-3260: Improve components for menu items - S8164147, CVE-2017-3261: Improve streaming socket output - S8165071, CVE-2016-2183: Expand TLS support - S8165344, CVE-2017-3272: Update concurrency support - S8166988, CVE-2017-3253: Improve image processing performance - S8167104, CVE-2017-3289: Additional class construction refinements - S8167223, CVE-2016-5552: URL handling improvements - S8168705, CVE-2016-5547: Better ObjectIdentifier validation - S8168714, CVE-2016-5546: Tighten ECDSA validation - S8168728, CVE-2016-5548: DSA signing improvments - S8168724, CVE-2016-5549: ECDSA signing improvments - S6253144: Long narrowing conversion should describe the algorithm used and implied "risks" - S6328537: Improve javadocs for Socket class by adding references to SocketOptions - S6978886: javadoc shows stacktrace after print error resulting from disk full - S6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory - S6996372: synchronizing handshaking hash - S7027045: (doc) java/awt/Window.java has several typos in javadoc - S7054969: Null-check-in-finally pattern in java/security documentation - S7072353: JNDI libraries do not build with javac -Xlint:all -Werror - S7075563: Broken link in "javax.swing.SwingWorker" - S7077672: jdk8_tl nightly fail in step-2 build on 8/10/11 - S7088502: Security libraries don't build with javac -Werror - S7092447: Clarify the default locale used in each locale sensitive operation - S7093640: Enable client-side TLS 1.2 by default - S7103570: AtomicIntegerFieldUpdater does not work when SecurityManager is installed - S7117360: Warnings in java.util.concurrent.atomic package - S7117465: Warning cleanup for IMF classes - S7187144: JavaDoc for ScriptEngineFactory.getProgram() contains an error - S8000418: javadoc should used a standard "generated by javadoc" string - S8000666: javadoc should write directly to Writer instead of composing strings - S8000673: remove dead code from HtmlWriter and subtypes - S8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK - S8001669: javadoc internal DocletAbortException should set cause when appropriate - S8008949: javadoc stopped copying doc-files - S8011402: Move blacklisting certificate logic from hard code to data - S8011547: Update XML Signature implementation to Apache Santuario 1.5.4 - S8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo - S8016217: More javadoc warnings - S8017325: Cleanup of the javadoc tag in java.security.cert - S8017326: Cleanup of the javadoc tag in java.security.spec - S8019772: Fix doclint issues in javax.crypto and javax.security subpackages - S8020557: javadoc cleanup in javax.security - S8020688: Broken links in documentation at http://docs.oracle.com/javase/6/docs/api/index. - S8021108: Clean up doclint warnings and errors in java.text package - S8021417: Fix doclint issues in java.util.concurrent - S8021833: javadoc cleanup in java.net - S8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails - S8022175: Fix doclint warnings in javax.print - S8022406: Fix doclint issues in java.beans - S8022746: List of spelling errors in API doc - S8024779: [macosx] SwingNode crashes on exit - S8025085: [javadoc] some errors in javax/swing - S8025218: [javadoc] some errors in java/awt classes - S8025249: [javadoc] fix some javadoc errors in javax/swing/ - S8025409: Fix javadoc comments errors and warning reported by doclint report - S8026021: more fix of javadoc errors and warnings reported by doclint, see the description - S8037099: [macosx] Remove all references to GC from native OBJ-C code - S8038184: XMLSignature throws StringIndexOutOfBound[censored]ception if ID attribute value is empty String - S8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits - S8049244: XML Signature performance issue caused by unbuffered signature data - S8049432: New tests for TLS property jdk.tls.client.protocols - S8050893: (smartcardio) Invert reset argument in tests in sun/security/smartcardio - S8059212: Modify regression tests so that they do not just fail if no cardreader found - S8068279: (typo in the spec) javax.script.ScriptEngineFactory.getLanguageName - S8068491: Update the protocol for references of docs.oracle.com to HTTPS. - S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be updated for JDK-8061210 - S8076369: Introduce the jdk.tls.client.protocols system property for JDK 7u - S8139565: Restrict certificates with DSA keys less than 1024 bits - S8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions - S8140587: Atomic*FieldUpdaters should use Class.isInstance instead of direct class check - S8143959: Certificates requiring blacklisting - S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks - S8148516: Improve the default strength of EC in JDK - S8149029: Secure validation of XML based digital signature always enabled when checking wrapping attacks - S8151893: Add security property to configure XML Signature secure validation mode - S8155760: Implement Serialization Filtering - S8156802: Better constraint checking - S8161228: URL objects with custom protocol handlers have port changed after deserializing - S8161571: Verifying ECDSA signatures permits trailing bytes - S8163304: jarsigner -verbose -verify should print the algorithms used to sign the jar - S8164908: ReflectionFactory support for IIOP and custom serialization - S8165230: RMIConnection addNotificationListeners failing with specific inputs - S8166393: disabledAlgorithms property should not be strictly parsed - S8166591: [macos 10.12] Trackpad scrolling of text on OS X 10.12 Sierra is very fast (Trackpad, Retina only) - S8166739: Improve extensibility of ObjectInputFilter information passed to the filter - S8166875: (tz) Support tzdata2016g - S8166878: Connection reset during TLS handshake - S8167356: Follow up fix for jdk8 backport of 8164143. Changes for CMenuComponent.m were missed - S8167459: Add debug output for indicating if a chosen ciphersuite was legacy - S8167472: Chrome interop regression with JDK-8148516 - S8167591: Add MD5 to signed JAR restrictions - S8168861: AnchorCertificates uses hardcoded password for cacerts keystore - S8168993: JDK8u121 L10n resource file update - S8169191: (tz) Support tzdata2016i - S8169688: Backout (remove) MD5 from jdk.jar.disabledAlgorithms for January CPU - S8169911: Enhanced tests for jarsigner -verbose -verify after JDK-8163304 - S8170131: Certificates not being blocked by jdk.tls.disabledAlgorithms property - S8170268: 8u121 L10n resource file update - msgdrop 20 - S8173622: Backport of 7180907 is incomplete - S8173849: Fix use of java.util.Base64 in test cases - S8173854: [TEST] Update DHEKeySizing test case following 8076328 & 8081760 - CVE-2017-3259 Vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. * Backports - S7102489, PR3316, RH1390708: RFE: cleanup jlong typedef on __APPLE__and _LLP64 systems. - S8000351, PR3316, RH1390708: Tenuring threshold should be unsigned - S8153711, PR3315, RH1284948: [REDO] GlobalRefs never deleted when processing invokeMethod command - S8170888, PR3316, RH1390708: [linux] support for cgroup memory limits in container (ie Docker) environments * Bug fixes - PR3318: Replace 'infinality' with 'improved font rendering' (--enable-improved-font-rendering) - PR3318: Fix compatibility with vanilla Fontconfig - PR3318: Fix glyph y advance - PR3318: Always round glyph advance in 26.6 space - PR3318: Simplify glyph advance handling - PR3324: Fix NSS_LIBDIR substitution in make_generic_profile.sh broken by PR1989 * AArch64 port - S8165673, PR3320: AArch64: Fix JNI floating point argument handling This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-278=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-278=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): java-1_7_0-openjdk-1.7.0.131-40.1 java-1_7_0-openjdk-accessibility-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-demo-1.7.0.131-40.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-devel-1.7.0.131-40.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-headless-1.7.0.131-40.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-src-1.7.0.131-40.1 - openSUSE Leap 42.2 (noarch): java-1_7_0-openjdk-javadoc-1.7.0.131-40.1 - openSUSE Leap 42.1 (i586 x86_64): java-1_7_0-openjdk-1.7.0.131-40.1 java-1_7_0-openjdk-accessibility-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-demo-1.7.0.131-40.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-devel-1.7.0.131-40.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-headless-1.7.0.131-40.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-src-1.7.0.131-40.1 - openSUSE Leap 42.1 (noarch): java-1_7_0-openjdk-javadoc-1.7.0.131-40.1 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-5546.html https://www.suse.com/security/cve/CVE-2016-5547.html https://www.suse.com/security/cve/CVE-2016-5548.html https://www.suse.com/security/cve/CVE-2016-5549.html https://www.suse.com/security/cve/CVE-2016-5552.html https://www.suse.com/security/cve/CVE-2017-3231.html https://www.suse.com/security/cve/CVE-2017-3241.html https://www.suse.com/security/cve/CVE-2017-3252.html https://www.suse.com/security/cve/CVE-2017-3253.html https://www.suse.com/security/cve/CVE-2017-3259.html https://www.suse.com/security/cve/CVE-2017-3260.html https://www.suse.com/security/cve/CVE-2017-3261.html https://www.suse.com/security/cve/CVE-2017-3272.html https://www.suse.com/security/cve/CVE-2017-3289.html https://bugzilla.suse.com/1020905 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  25. news
    openSUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0513-1 Rating: important References: #1020905 Cross-References: CVE-2016-2183 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3259 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes 15 vulnerabilities is now available. Description: This update for java-1_7_0-openjdk fixes the following issues: - Oracle Critical Patch Update of January 2017 to OpenJDK 7u131 (bsc#1020905): * Security Fixes - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution - S8156804, CVE-2017-3241: Better constraint checking - S8158406: Limited Parameter Processing - S8158997: JNDI Protocols Switch - S8159507: RuntimeVisibleAnnotation validation - S8161218: Better bytecode loading - S8161743, CVE-2017-3252: Provide proper login context - S8162577: Standardize logging levels - S8162973: Better component components - S8164143, CVE-2017-3260: Improve components for menu items - S8164147, CVE-2017-3261: Improve streaming socket output - S8165071, CVE-2016-2183: Expand TLS support - S8165344, CVE-2017-3272: Update concurrency support - S8166988, CVE-2017-3253: Improve image processing performance - S8167104, CVE-2017-3289: Additional class construction refinements - S8167223, CVE-2016-5552: URL handling improvements - S8168705, CVE-2016-5547: Better ObjectIdentifier validation - S8168714, CVE-2016-5546: Tighten ECDSA validation - S8168728, CVE-2016-5548: DSA signing improvments - S8168724, CVE-2016-5549: ECDSA signing improvments - S6253144: Long narrowing conversion should describe the algorithm used and implied "risks" - S6328537: Improve javadocs for Socket class by adding references to SocketOptions - S6978886: javadoc shows stacktrace after print error resulting from disk full - S6995421: Eliminate the static dependency to sun.security.ec.ECKeyFactory - S6996372: synchronizing handshaking hash - S7027045: (doc) java/awt/Window.java has several typos in javadoc - S7054969: Null-check-in-finally pattern in java/security documentation - S7072353: JNDI libraries do not build with javac -Xlint:all -Werror - S7075563: Broken link in "javax.swing.SwingWorker" - S7077672: jdk8_tl nightly fail in step-2 build on 8/10/11 - S7088502: Security libraries don't build with javac -Werror - S7092447: Clarify the default locale used in each locale sensitive operation - S7093640: Enable client-side TLS 1.2 by default - S7103570: AtomicIntegerFieldUpdater does not work when SecurityManager is installed - S7117360: Warnings in java.util.concurrent.atomic package - S7117465: Warning cleanup for IMF classes - S7187144: JavaDoc for ScriptEngineFactory.getProgram() contains an error - S8000418: javadoc should used a standard "generated by javadoc" string - S8000666: javadoc should write directly to Writer instead of composing strings - S8000673: remove dead code from HtmlWriter and subtypes - S8000970: break out auxiliary classes that will prevent multi-core compilation of the JDK - S8001669: javadoc internal DocletAbortException should set cause when appropriate - S8008949: javadoc stopped copying doc-files - S8011402: Move blacklisting certificate logic from hard code to data - S8011547: Update XML Signature implementation to Apache Santuario 1.5.4 - S8012288: XML DSig API allows wrong tag names and extra elements in SignedInfo - S8016217: More javadoc warnings - S8017325: Cleanup of the javadoc tag in java.security.cert - S8017326: Cleanup of the javadoc tag in java.security.spec - S8019772: Fix doclint issues in javax.crypto and javax.security subpackages - S8020557: javadoc cleanup in javax.security - S8020688: Broken links in documentation at http://docs.oracle.com/javase/6/docs/api/index. - S8021108: Clean up doclint warnings and errors in java.text package - S8021417: Fix doclint issues in java.util.concurrent - S8021833: javadoc cleanup in java.net - S8022120: JCK test api/javax_xml/crypto/dsig/TransformService/index_ParamMethods fails - S8022175: Fix doclint warnings in javax.print - S8022406: Fix doclint issues in java.beans - S8022746: List of spelling errors in API doc - S8024779: [macosx] SwingNode crashes on exit - S8025085: [javadoc] some errors in javax/swing - S8025218: [javadoc] some errors in java/awt classes - S8025249: [javadoc] fix some javadoc errors in javax/swing/ - S8025409: Fix javadoc comments errors and warning reported by doclint report - S8026021: more fix of javadoc errors and warnings reported by doclint, see the description - S8037099: [macosx] Remove all references to GC from native OBJ-C code - S8038184: XMLSignature throws StringIndexOutOfBound[censored]ception if ID attribute value is empty String - S8038349: Signing XML with DSA throws Exception when key is larger than 1024 bits - S8049244: XML Signature performance issue caused by unbuffered signature data - S8049432: New tests for TLS property jdk.tls.client.protocols - S8050893: (smartcardio) Invert reset argument in tests in sun/security/smartcardio - S8059212: Modify regression tests so that they do not just fail if no cardreader found - S8068279: (typo in the spec) javax.script.ScriptEngineFactory.getLanguageName - S8068491: Update the protocol for references of docs.oracle.com to HTTPS. - S8069038: javax/net/ssl/TLS/TLSClientPropertyTest.java needs to be updated for JDK-8061210 - S8076369: Introduce the jdk.tls.client.protocols system property for JDK 7u - S8139565: Restrict certificates with DSA keys less than 1024 bits - S8140422: Add mechanism to allow non default root CAs to be not subject to algorithm restrictions - S8140587: Atomic*FieldUpdaters should use Class.isInstance instead of direct class check - S8143959: Certificates requiring blacklisting - S8145984: [macosx] sun.lwawt.macosx.CAccessible leaks - S8148516: Improve the default strength of EC in JDK - S8149029: Secure validation of XML based digital signature always enabled when checking wrapping attacks - S8151893: Add security property to configure XML Signature secure validation mode - S8155760: Implement Serialization Filtering - S8156802: Better constraint checking - S8161228: URL objects with custom protocol handlers have port changed after deserializing - S8161571: Verifying ECDSA signatures permits trailing bytes - S8163304: jarsigner -verbose -verify should print the algorithms used to sign the jar - S8164908: ReflectionFactory support for IIOP and custom serialization - S8165230: RMIConnection addNotificationListeners failing with specific inputs - S8166393: disabledAlgorithms property should not be strictly parsed - S8166591: [macos 10.12] Trackpad scrolling of text on OS X 10.12 Sierra is very fast (Trackpad, Retina only) - S8166739: Improve extensibility of ObjectInputFilter information passed to the filter - S8166875: (tz) Support tzdata2016g - S8166878: Connection reset during TLS handshake - S8167356: Follow up fix for jdk8 backport of 8164143. Changes for CMenuComponent.m were missed - S8167459: Add debug output for indicating if a chosen ciphersuite was legacy - S8167472: Chrome interop regression with JDK-8148516 - S8167591: Add MD5 to signed JAR restrictions - S8168861: AnchorCertificates uses hardcoded password for cacerts keystore - S8168993: JDK8u121 L10n resource file update - S8169191: (tz) Support tzdata2016i - S8169688: Backout (remove) MD5 from jdk.jar.disabledAlgorithms for January CPU - S8169911: Enhanced tests for jarsigner -verbose -verify after JDK-8163304 - S8170131: Certificates not being blocked by jdk.tls.disabledAlgorithms property - S8170268: 8u121 L10n resource file update - msgdrop 20 - S8173622: Backport of 7180907 is incomplete - S8173849: Fix use of java.util.Base64 in test cases - S8173854: [TEST] Update DHEKeySizing test case following 8076328 & 8081760 - CVE-2017-3259 Vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. * Backports - S7102489, PR3316, RH1390708: RFE: cleanup jlong typedef on __APPLE__and _LLP64 systems. - S8000351, PR3316, RH1390708: Tenuring threshold should be unsigned - S8153711, PR3315, RH1284948: [REDO] GlobalRefs never deleted when processing invokeMethod command - S8170888, PR3316, RH1390708: [linux] support for cgroup memory limits in container (ie Docker) environments * Bug fixes - PR3318: Replace 'infinality' with 'improved font rendering' (--enable-improved-font-rendering) - PR3318: Fix compatibility with vanilla Fontconfig - PR3318: Fix glyph y advance - PR3318: Always round glyph advance in 26.6 space - PR3318: Simplify glyph advance handling - PR3324: Fix NSS_LIBDIR substitution in make_generic_profile.sh broken by PR1989 * AArch64 port - S8165673, PR3320: AArch64: Fix JNI floating point argument handling This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-278=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-278=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): java-1_7_0-openjdk-1.7.0.131-40.1 java-1_7_0-openjdk-accessibility-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-demo-1.7.0.131-40.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-devel-1.7.0.131-40.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-headless-1.7.0.131-40.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-src-1.7.0.131-40.1 - openSUSE Leap 42.2 (noarch): java-1_7_0-openjdk-javadoc-1.7.0.131-40.1 - openSUSE Leap 42.1 (i586 x86_64): java-1_7_0-openjdk-1.7.0.131-40.1 java-1_7_0-openjdk-accessibility-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-1.7.0.131-40.1 java-1_7_0-openjdk-bootstrap-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-debugsource-1.7.0.131-40.1 java-1_7_0-openjdk-demo-1.7.0.131-40.1 java-1_7_0-openjdk-demo-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-devel-1.7.0.131-40.1 java-1_7_0-openjdk-devel-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-headless-1.7.0.131-40.1 java-1_7_0-openjdk-headless-debuginfo-1.7.0.131-40.1 java-1_7_0-openjdk-src-1.7.0.131-40.1 - openSUSE Leap 42.1 (noarch): java-1_7_0-openjdk-javadoc-1.7.0.131-40.1 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-5546.html https://www.suse.com/security/cve/CVE-2016-5547.html https://www.suse.com/security/cve/CVE-2016-5548.html https://www.suse.com/security/cve/CVE-2016-5549.html https://www.suse.com/security/cve/CVE-2016-5552.html https://www.suse.com/security/cve/CVE-2017-3231.html https://www.suse.com/security/cve/CVE-2017-3241.html https://www.suse.com/security/cve/CVE-2017-3252.html https://www.suse.com/security/cve/CVE-2017-3253.html https://www.suse.com/security/cve/CVE-2017-3259.html https://www.suse.com/security/cve/CVE-2017-3260.html https://www.suse.com/security/cve/CVE-2017-3261.html https://www.suse.com/security/cve/CVE-2017-3272.html https://www.suse.com/security/cve/CVE-2017-3289.html https://bugzilla.suse.com/1020905 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
×