Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0407-1 Rating: important References: #1003813 #1005666 #1007197 #1008557 #1008567 #1008831 #1008833 #1008876 #1008979 #1009062 #1009969 #1010040 #1010213 #1010294 #1010475 #1010478 #1010501 #1010502 #1010507 #1010612 #1010711 #1010716 #1011685 #1012060 #1012422 #1012754 #1012917 #1012985 #1013001 #1013038 #1013479 #1013531 #1013533 #1013540 #1013604 #1014410 #1014746 #1016713 #1016725 #1016961 #1017164 #1017170 #1017410 #1017710 #1018100 #1019032 #1019148 #1019260 #1019300 #1019783 #1019851 #1020214 #1020602 #1021258 #856380 #857394 #858727 #921338 #921778 #922052 #922056 #923036 #923037 #924381 #938963 #972993 #980560 #981709 #983087 #983348 #984194 #984419 #985850 #987192 #987576 #990384 #991273 #993739 #997807 #999101 Cross-References: CVE-2015-8962 CVE-2015-8963 CVE-2015-8964 CVE-2016-10088 CVE-2016-7910 CVE-2016-7911 CVE-2016-7913 CVE-2016-7914 CVE-2016-8399 CVE-2016-8632 CVE-2016-8633 CVE-2016-8645 CVE-2016-8655 CVE-2016-9083 CVE-2016-9084 CVE-2016-9555 CVE-2016-9576 CVE-2016-9756 CVE-2016-9793 CVE-2016-9794 CVE-2016-9806 CVE-2017-2583 CVE-2017-2584 CVE-2017-5551 Affected Products: SUSE Linux Enterprise Real Time Extension 12-SP1 ______________________________________________________________________________ An update that solves 24 vulnerabilities and has 56 fixes is now available. Description: The SUSE Linux Enterprise 12 rt-kernel was updated to 3.12.69 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-8962: Fixed a double free vulnerability in the SCSI subsystem that allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) (bnc#1010501). - CVE-2015-8963: Fixed a race condition in kernel/events/core.c that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1010502). - CVE-2015-8964: Fixed a bug in the tty_set_termios_ldisc function that allowed local users to obtain sensitive information from kernel memory (bnc#1010507). - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) (bnc#1017710). - CVE-2016-7910: Fixed a use-after-free vulnerability in the block subsystem that allowed local users to gain privileges (bnc#1010716). - CVE-2016-7911: Fixed a race condition in the get_task_ioprio function that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1010711). - CVE-2016-7913: Fixed a bug in the xc2028_set_config function that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1010478). - CVE-2016-7914: The assoc_array_insert_into_terminal_node function did not check whether a slot is a leaf, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) (bnc#1010475). - CVE-2016-8399: Fixed a bug in the kernel networking subsystem that could have enabled a local malicious application to execute arbitrary code within the context of the kernel. (bnc#1014746). - CVE-2016-8632: The net subsystem did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) (bnc#1008831). - CVE-2016-8633: The firewire subsystem allowed remote attackers to execute arbitrary code via crafted fragmented packets in certain unusual hardware configurations (bnc#1008833). - CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb truncation, which allowed local users to cause a denial of service (system crash) (bnc#1009969). - CVE-2016-8655: Fixed a race condition in the network subsystem that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1012754). - CVE-2016-9083: The PCI subsystem local users to bypass integer overflow checks and cause a denial of service (memory corruption) or have unspecified other impact (bnc#1007197). - CVE-2016-9084: The PCI subsystem misused the kzalloc() function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact (bnc#1007197). - CVE-2016-9555: Fixed a bug in the network subsystem that allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). - CVE-2016-9576: The block subsystem did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) (bnc#1013604). - CVE-2016-9756: The kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory (bnc#1013038). - CVE-2016-9793: The net subsystem mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact (bnc#1013531). - CVE-2016-9794: Fixed a race condition in the ALSA subsystem that allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1013533). - CVE-2016-9806: Fixed a race condition in the netlink_dump() function which could have allowed local users to cause a denial of service (double free) or possibly have unspecified other impact (bnc#1013540). - CVE-2017-2583: kvm: x86: fixed emulation of "MOV SS, null selector" (bsc#1020602). - CVE-2017-2584: arch: x86: kvm: fixed a bug that could have allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) (bnc#1019851). - CVE-2017-5551: tmpfs: Fixed a bug that could have allowed users to set setgid bits on files they don't down. (bsc#1021258, CVE-2017-5551). The following non-security bugs were fixed: - 8250_pci: Fix potential use-after-free in error path (bsc#1013001). - block_dev: do not test bdev->bd_contains when it is not stable (bsc#1008557). - bna: Add synchronization for tx ring (bsc#993739). - bnx2i/bnx2fc : fix randconfig error in next-20140909 (bsc#922052 bsc#922056). - bnx2x: Correct ringparam estimate when DOWN (bsc#1020214). - bnx2x: fix lockdep splat (bsc#922052 bsc#922056). - btrfs: Ensure proper sector alignment for btrfs_free_reserved_data_space (bsc#1005666). - btrfs: Export and move leaf/subtree qgroup helpers to qgroup.c (bsc#983087). - btrfs: Revert "do not delay inode ref updates during log replay" (bsc#987192). - btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl (bsc#1018100). - btrfs: do not delay inode ref updates during log replay (bsc#987192). - btrfs: fix incremental send failure caused by balance (bsc#985850). - btrfs: fix relocation incorrectly dropping data references (bsc#990384). - btrfs: increment ctx->pos for every emitted or skipped dirent in readdir (bsc#981709). - btrfs: qgroup: Fix qgroup data leaking by using subtree tracing (bsc#983087). - btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709). - btrfs: send, do not bug on inconsistent snapshots (bsc#985850). - cpufreq: intel_pstate: Fix divide by zero on Knights Landing (KNL) (bsc#1008876). - cpuset: fix sched_load_balance that was accidentally broken in a previous update (bsc#1010294). - ext4: fix data exposure after a crash (bsc#1012985). - fs/dcache: move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (bsc#984194). - fuse: do not use iocb after it may have been freed (bsc#1012985). - hpilo: Add support for iLO5 (bsc#999101). - ib/core: Avoid unsigned int overflow in sg_alloc_table (bsc#924381 bsc#921338). - ib/mlx5: Fix FW version diaplay in sysfs (bnc#923036). - ib/mlx5: Fix entries check in mlx5_ib_resize_cq (bnc#858727). - ib/mlx5: Fix entries checks in mlx5_ib_create_cq (bnc#858727). - ib/mlx5: Remove per-MR pas and dma pointers (bnc#923036). - ibmveth: calculate gso_segs for large packets (bsc#1019148). - ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148). - ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148). - ibmveth: set correct gso_size and gso_type (bsc#1019148). - igb: Fix oops caused by missing queue pairing (bnc#857394). - ipmi_si: create hardware-independent softdep for ipmi_devintf (bsc#1009062). - ipr: Enable SIS pipe commands for SIS-32 devices (bsc#1016961). - ipv4: Fix ip_queue_xmit to pass sk into ip_local_out_sk (bsc#938963). - kabi: protect __sk_mem_reclaim (kabi). - kabi: protect struct perf_event_context (kabi). - kabi: reintroduce sk_filter (kabi). - kernel: remove broken memory detection sanity check (bnc#1008567, LTC#148072). - kgr: ignore zombie tasks during the patching (bnc#1008979). - kgraft/iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612). - kgraft/xen: Do not block kGraft in xenbus kthread (bsc#1017410). - net/mlx5: Avoid passing dma address 0 to firmware (bnc#858727). - net/mlx5: Fix typo in mlx5_query_port_pvlc (bnc#923036). - net/mlx5e: Do not modify CQ before it was created (bnc#923036). - net/mlx5e: Do not try to modify CQ moderation if it is not supported (bnc#923036). - net/mlx5e: Fix MLX5E_100BASE_T define (bnc#923036). - net/mlx5e: Remove wrong poll CQ optimization (bnc#923036). - netback: correct array index (bsc#983348). - nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410). - nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410). - nfsv4: Fix "NFS Lock reclaim failed" errors (bsc#1014410). - ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783). - posix_acl: Fixup acl reference leak and missing conversions in ext3, gfs2, jfs, hfsplus. - powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813). - proc: avoid including "mountproto=" with no protocol in /proc/mounts (bsc#1019260). - raid1: ignore discard error (bsc#1017164). - reiserfs: fix race in prealloc discard (bsc#987576). - rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422) - rpm/kernel-spec-macros: Fix the check if there is no rebuild counter (bsc#1012060) - rpm/kernel-spec-macros: Ignore too high rebuild counter (bsc#1012060) - serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013001). - sfc: clear napi_hash state when copying channels (bsc#923037). - sfc: fix potential stack corruption from running past stat bitmask (bsc#923037). - sfc: on MC reset, clear PIO buffer linkage in TXQs (bnc#856380). - sunrpc: Enforce an upper limit on the number of cached credentials (bsc#1012917). - sunrpc: Fix reconnection timeouts (bsc#1014410). - sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410). - target: Make EXTENDED_COPY 0xe4 failure return COPY TARGET DEVICE NOT REACHABLE (bsc#991273). - target: add XCOPY target/segment desc sense codes (bsc#991273). - target: bounds check XCOPY segment descriptor list (bsc#991273). - target: bounds check XCOPY total descriptor list length (bsc#991273). - target: check XCOPY segment descriptor CSCD IDs (bsc#1017170). - target: check for XCOPY parameter truncation (bsc#991273). - target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273). - target: simplify XCOPY wwn->se_dev lookup helper (bsc#991273). - target: support XCOPY requests without parameters (bsc#991273). - target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273). - target: use XCOPY segment descriptor CSCD IDs (bsc#1017170). - tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#921778). - tty: Prevent ldisc drivers from re-using stale tty fields (bnc#1010507). - x86/apic: Order irq_enter/exit() calls correctly vs. ack_APIC_irq() (bsc#1013479). - xen/ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to it (bsc#984419). - xenbus: correctly signal errors from xenstored_local_init() (luckily none so far). - xfs: allow lazy sb counter sync during filesystem freeze sequence (bsc#980560). - xfs: refactor xlog_recover_process_data() (bsc#1019300). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 12-SP1: zypper in -t patch SUSE-SLE-RT-12-SP1-2017-202=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time Extension 12-SP1 (noarch): kernel-devel-rt-3.12.69-60.30.1 kernel-source-rt-3.12.69-60.30.1 - SUSE Linux Enterprise Real Time Extension 12-SP1 (x86_64): kernel-compute-3.12.69-60.30.1 kernel-compute-base-3.12.69-60.30.1 kernel-compute-base-debuginfo-3.12.69-60.30.1 kernel-compute-debuginfo-3.12.69-60.30.1 kernel-compute-debugsource-3.12.69-60.30.1 kernel-compute-devel-3.12.69-60.30.1 kernel-compute_debug-debuginfo-3.12.69-60.30.1 kernel-compute_debug-debugsource-3.12.69-60.30.1 kernel-compute_debug-devel-3.12.69-60.30.1 kernel-compute_debug-devel-debuginfo-3.12.69-60.30.1 kernel-rt-3.12.69-60.30.1 kernel-rt-base-3.12.69-60.30.1 kernel-rt-base-debuginfo-3.12.69-60.30.1 kernel-rt-debuginfo-3.12.69-60.30.1 kernel-rt-debugsource-3.12.69-60.30.1 kernel-rt-devel-3.12.69-60.30.1 kernel-rt_debug-debuginfo-3.12.69-60.30.1 kernel-rt_debug-debugsource-3.12.69-60.30.1 kernel-rt_debug-devel-3.12.69-60.30.1 kernel-rt_debug-devel-debuginfo-3.12.69-60.30.1 kernel-syms-rt-3.12.69-60.30.1 References: https://www.suse.com/security/cve/CVE-2015-8962.html https://www.suse.com/security/cve/CVE-2015-8963.html https://www.suse.com/security/cve/CVE-2015-8964.html https://www.suse.com/security/cve/CVE-2016-10088.html https://www.suse.com/security/cve/CVE-2016-7910.html https://www.suse.com/security/cve/CVE-2016-7911.html https://www.suse.com/security/cve/CVE-2016-7913.html https://www.suse.com/security/cve/CVE-2016-7914.html https://www.suse.com/security/cve/CVE-2016-8399.html https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-8633.html https://www.suse.com/security/cve/CVE-2016-8645.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9083.html https://www.suse.com/security/cve/CVE-2016-9084.html https://www.suse.com/security/cve/CVE-2016-9555.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9756.html https://www.suse.com/security/cve/CVE-2016-9793.html https://www.suse.com/security/cve/CVE-2016-9794.html https://www.suse.com/security/cve/CVE-2016-9806.html https://www.suse.com/security/cve/CVE-2017-2583.html https://www.suse.com/security/cve/CVE-2017-2584.html https://www.suse.com/security/cve/CVE-2017-5551.html https://bugzilla.suse.com/1003813 https://bugzilla.suse.com/1005666 https://bugzilla.suse.com/1007197 https://bugzilla.suse.com/1008557 https://bugzilla.suse.com/1008567 https://bugzilla.suse.com/1008831 https://bugzilla.suse.com/1008833 https://bugzilla.suse.com/1008876 https://bugzilla.suse.com/1008979 https://bugzilla.suse.com/1009062 https://bugzilla.suse.com/1009969 https://bugzilla.suse.com/1010040 https://bugzilla.suse.com/1010213 https://bugzilla.suse.com/1010294 https://bugzilla.suse.com/1010475 https://bugzilla.suse.com/1010478 https://bugzilla.suse.com/1010501 https://bugzilla.suse.com/1010502 https://bugzilla.suse.com/1010507 https://bugzilla.suse.com/1010612 https://bugzilla.suse.com/1010711 https://bugzilla.suse.com/1010716 https://bugzilla.suse.com/1011685 https://bugzilla.suse.com/1012060 https://bugzilla.suse.com/1012422 https://bugzilla.suse.com/1012754 https://bugzilla.suse.com/1012917 https://bugzilla.suse.com/1012985 https://bugzilla.suse.com/1013001 https://bugzilla.suse.com/1013038 https://bugzilla.suse.com/1013479 https://bugzilla.suse.com/1013531 https://bugzilla.suse.com/1013533 https://bugzilla.suse.com/1013540 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014410 https://bugzilla.suse.com/1014746 https://bugzilla.suse.com/1016713 https://bugzilla.suse.com/1016725 https://bugzilla.suse.com/1016961 https://bugzilla.suse.com/1017164 https://bugzilla.suse.com/1017170 https://bugzilla.suse.com/1017410 https://bugzilla.suse.com/1017710 https://bugzilla.suse.com/1018100 https://bugzilla.suse.com/1019032 https://bugzilla.suse.com/1019148 https://bugzilla.suse.com/1019260 https://bugzilla.suse.com/1019300 https://bugzilla.suse.com/1019783 https://bugzilla.suse.com/1019851 https://bugzilla.suse.com/1020214 https://bugzilla.suse.com/1020602 https://bugzilla.suse.com/1021258 https://bugzilla.suse.com/856380 https://bugzilla.suse.com/857394 https://bugzilla.suse.com/858727 https://bugzilla.suse.com/921338 https://bugzilla.suse.com/921778 https://bugzilla.suse.com/922052 https://bugzilla.suse.com/922056 https://bugzilla.suse.com/923036 https://bugzilla.suse.com/923037 https://bugzilla.suse.com/924381 https://bugzilla.suse.com/938963 https://bugzilla.suse.com/972993 https://bugzilla.suse.com/980560 https://bugzilla.suse.com/981709 https://bugzilla.suse.com/983087 https://bugzilla.suse.com/983348 https://bugzilla.suse.com/984194 https://bugzilla.suse.com/984419 https://bugzilla.suse.com/985850 https://bugzilla.suse.com/987192 https://bugzilla.suse.com/987576 https://bugzilla.suse.com/990384 https://bugzilla.suse.com/991273 https://bugzilla.suse.com/993739 https://bugzilla.suse.com/997807 https://bugzilla.suse.com/999101 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  2. news
    SUSE Security Update: Security update for spice ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0392-1 Rating: important References: #1023078 #1023079 Cross-References: CVE-2016-9577 CVE-2016-9578 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This security update for spice fixes the following issues: CVE-2016-9577: A buffer overflow in the spice server could have potentially been used by unauthenticated attackers to execute arbitrary code. (bsc#1023078) CVE-2016-9578: Unauthenticated attackers could have caused a denial of service via a crafted message. (bsc#1023079) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-200=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-200=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-200=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (x86_64): libspice-server-devel-0.12.7-8.1 spice-debugsource-0.12.7-8.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libspice-server1-0.12.7-8.1 libspice-server1-debuginfo-0.12.7-8.1 spice-debugsource-0.12.7-8.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libspice-server1-0.12.7-8.1 libspice-server1-debuginfo-0.12.7-8.1 spice-debugsource-0.12.7-8.1 References: https://www.suse.com/security/cve/CVE-2016-9577.html https://www.suse.com/security/cve/CVE-2016-9578.html https://bugzilla.suse.com/1023078 https://bugzilla.suse.com/1023079 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  3. news
    SUSE Security Update: Security update for spice ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0393-1 Rating: important References: #1023078 #1023079 Cross-References: CVE-2016-9577 CVE-2016-9578 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This security update for spice fixes the following issues: CVE-2016-9577: A buffer overflow in the spice server could have potentially been used by unauthenticated attackers to execute arbitrary code. (bsc#1023078) CVE-2016-9578: Unauthenticated attackers could have caused a denial of service via a crafted message. (bsc#1023079) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-199=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-199=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): libspice-server1-0.12.4-8.12.1 libspice-server1-debuginfo-0.12.4-8.12.1 spice-debugsource-0.12.4-8.12.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): libspice-server1-0.12.4-8.12.1 libspice-server1-debuginfo-0.12.4-8.12.1 spice-debugsource-0.12.4-8.12.1 References: https://www.suse.com/security/cve/CVE-2016-9577.html https://www.suse.com/security/cve/CVE-2016-9578.html https://bugzilla.suse.com/1023078 https://bugzilla.suse.com/1023079 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  4. news
    SUSE Security Update: Security update for spice ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0396-1 Rating: important References: #1023078 #1023079 Cross-References: CVE-2016-9577 CVE-2016-9578 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This security update for spice fixes the following issues: CVE-2016-9577: A buffer overflow in the spice server could have potentially been used by unauthenticated attackers to execute arbitrary code. (bsc#1023078) CVE-2016-9578: Unauthenticated attackers could have caused a denial of service via a crafted message. (bsc#1023079) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-spice-12970=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-spice-12970=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-spice-12970=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): libspice-server-devel-0.12.4-8.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): libspice-server1-0.12.4-8.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): spice-debuginfo-0.12.4-8.1 spice-debugsource-0.12.4-8.1 References: https://www.suse.com/security/cve/CVE-2016-9577.html https://www.suse.com/security/cve/CVE-2016-9578.html https://bugzilla.suse.com/1023078 https://bugzilla.suse.com/1023079 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  5. news
    In Win 805 Infinity Case Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/in-win-805-infinity-case-review/ Image URL: http://www.thinkcomputers.org/reviews/inwin_805i/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/inwin_805i/small.jpg Quote: "In Win’s 805 was already a great case with its aluminum design, tempered glass side panels, and elegant look. In Win was not done with the 805 however, they wanted to add something very unique to it. That something came in the form of an infinity mirror on the front of the case teamed with a RGB LED strip and a second RGB strip for you to install in the case itself. This addition really made this case unique and something that will definitely catch some attention at your next LAN event or when someone walks in your room. So today we are checking out In Win’s 805 Infinity Mid Tower and we’ll let you know just how awesome the infinity mirror is and if this case is worth using for your next build!"
  6. news
    SUSE Security Update: Security update for spice ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0400-1 Rating: important References: #1023078 #1023079 Cross-References: CVE-2016-9577 CVE-2016-9578 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This security update for spice fixes the following issues: CVE-2016-9577: A buffer overflow in the spice server could have potentially been used by unauthenticated attackers to execute arbitrary code. (bsc#1023078) CVE-2016-9578: Unauthenticated attackers could have caused a denial of service via a crafted message. (bsc#1023079) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-198=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-198=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-198=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (x86_64): libspice-server-devel-0.12.5-7.1 spice-debugsource-0.12.5-7.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): libspice-server1-0.12.5-7.1 libspice-server1-debuginfo-0.12.5-7.1 spice-debugsource-0.12.5-7.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libspice-server1-0.12.5-7.1 libspice-server1-debuginfo-0.12.5-7.1 spice-debugsource-0.12.5-7.1 References: https://www.suse.com/security/cve/CVE-2016-9577.html https://www.suse.com/security/cve/CVE-2016-9578.html https://bugzilla.suse.com/1023078 https://bugzilla.suse.com/1023079 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  7. news
    Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* Antlion Audio ModMic 5 ( -at -) LanOC Reviews <https://lanoc.org/review/audio/7439-antlion-audio-modmic-5> *DESCRIPTION:* Last June I took a look at the ModMic from Antlion Audio and was impressed with its overall performance and how it opened up new options for quality audio for gamers. I had a few issues with it, but overall it came out with a recommended award. Well in December they introduced their new ModMic 5 and I’ve been playing around with it. Today I’m going to run through what it's all about and see if the new design is an improvement on the already popular design. *ARTICLE URL:* https://lanoc.org/review/audio/7439-antlion-audio-modmic-5 *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/antlion_audio_modmic5/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/antlion_audio_modmic5/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>
  8. news
    Fnatic, a team of professional video game players, has been creating their own own line of gaming gear that allows eSports fans at home to use gaming products that was developed by pro players. Today we are going to take a look at the Fnatic Clutch G1 Gaming Mouse that the group developed with the Pixart optical sensor, Omron switches, RGB LED illumination for 16.8M color options, Soft Touch finish and a 2m non-tangle cord that features fabric for reduced cord drag. Will it live up to the standards and conditions of a professional gaming mouse? Read on and we will find out. Article Title: Fnatic Clutch G1 Gaming Mouse Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/fnatic-clutch-g1-gaming-mouse-review_190845 Happy Monday and how about them Pats last night! Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =
  9. news
    Dear visitors, dear colleagues Title: Motherboard Charts: 24 Models tested - ASUS Maximus IX Hero ( -at -) ocaholic Text: Meanwhile you can find benchmark values of 24 recent Z270 and Z170 motherboards in our comparison tables. We do not comment the benchmark values. The idea and also the goal is to present to you a market overview which helps you choose the right motherboard simply based on facts in the form of numbers.  Link: https://www.ocaholic.ch/modules/smartsection/item.php?itemid=1655&ASUSMaximusIXHero Image: https://ocaholic.ch/uploads/extgallery/public-photo/thumb/thumb_ASUSMaximusIXHero_010_1_cafac.jpg If you have interesting articles yourself we would also like to publish
  10. news
    ASRock Z270 Extreme4 Motherboard Review ------------------------------------------------------------ http://us2.campaign-archive1.com/?u=bfb2b902b5fb045ad6f841f98&id=cfba6eb3ef&e=872093acb5 http://www.kitguru.net ASRock Z270 Extreme4 Motherboard Review Motherboard manufacturers have produced a comprehensive range of products for Intel’s latest-generation Z270 chipset, spanning a wide spectrum of prices. Yet it’s the mid-range Intel motherboards, like ASRock’s new Z270 Extreme4, that consumers typically end up buying. The Z270 Extreme4 is, on paper specification, a true all-rounder; a competitive price, plentiful connectivity options and a varied feature set, but can it keep up with its competition? Read the review here: http://www.kitguru.net/components/motherboard/ryan-martin/asrock-z270-extreme4-motherboard-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend2.com/forward?u=bfb2b902b5fb045ad6f841f98&id=cfba6eb3ef&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  11. news
    -------- SILVERSTONE KUBLAI KL07 COMPUTER CASE REVIEW ( -at -) APH NETWORKS --------- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: SilverStone Kublai KL07 Computer Case Review ( -at -) APH Networks * Description: If you are looking for a quiet and simple chassis, the SilverStone Kublai KL07 might just be the one you are looking for. * Link: http://aphnetworks.com/reviews/silverstone-kublai-kl07 * Image: http://aphnetworks.com/review/silverstone-kublai-kl07/013.jpg Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5
  12. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ntp security update Advisory ID: RHSA-2017:0252-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0252.html Issue date: 2017-02-06 CVE Names: CVE-2016-7426 CVE-2016-7429 CVE-2016-7433 CVE-2016-9310 CVE-2016-9311 ===================================================================== 1. Summary: An update for ntp is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The Network Time Protocol (NTP) is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix(es): * It was found that when ntp is configured with rate limiting for all associations the limits are also applied to responses received from its configured sources. A remote attacker who knows the sources can cause a denial of service by preventing ntpd from accepting valid responses from its sources. (CVE-2016-7426) * A flaw was found in the control mode functionality of ntpd. A remote attacker could send a crafted control mode packet which could lead to information disclosure or result in DDoS amplification attacks. (CVE-2016-9310) * A flaw was found in the way ntpd implemented the trap service. A remote attacker could send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service. (CVE-2016-9311) * A flaw was found in the way ntpd running on a host with multiple network interfaces handled certain server responses. A remote attacker could use this flaw which would cause ntpd to not synchronize with the source. (CVE-2016-7429) * A flaw was found in the way ntpd calculated the root delay. A remote attacker could send a specially-crafted spoofed packet to cause denial of service or in some special cases even crash. (CVE-2016-7433) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the ntpd daemon will restart automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1397319 - CVE-2016-9310 ntp: Mode 6 unauthenticated trap information disclosure and DDoS vector 1397341 - CVE-2016-7429 ntp: Attack on interface selection 1397345 - CVE-2016-7426 ntp: Client rate limiting and server responses 1397347 - CVE-2016-7433 ntp: Broken initial sync calculations regression 1398350 - CVE-2016-9311 ntp: Null pointer dereference when trap service is enabled 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ntp-4.2.6p5-10.el6_8.2.src.rpm i386: ntp-4.2.6p5-10.el6_8.2.i686.rpm ntp-debuginfo-4.2.6p5-10.el6_8.2.i686.rpm ntpdate-4.2.6p5-10.el6_8.2.i686.rpm x86_64: ntp-4.2.6p5-10.el6_8.2.x86_64.rpm ntp-debuginfo-4.2.6p5-10.el6_8.2.x86_64.rpm ntpdate-4.2.6p5-10.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-10.el6_8.2.i686.rpm ntp-perl-4.2.6p5-10.el6_8.2.i686.rpm noarch: ntp-doc-4.2.6p5-10.el6_8.2.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-10.el6_8.2.x86_64.rpm ntp-perl-4.2.6p5-10.el6_8.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ntp-4.2.6p5-10.el6_8.2.src.rpm x86_64: ntp-4.2.6p5-10.el6_8.2.x86_64.rpm ntp-debuginfo-4.2.6p5-10.el6_8.2.x86_64.rpm ntpdate-4.2.6p5-10.el6_8.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): noarch: ntp-doc-4.2.6p5-10.el6_8.2.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-10.el6_8.2.x86_64.rpm ntp-perl-4.2.6p5-10.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ntp-4.2.6p5-10.el6_8.2.src.rpm i386: ntp-4.2.6p5-10.el6_8.2.i686.rpm ntp-debuginfo-4.2.6p5-10.el6_8.2.i686.rpm ntpdate-4.2.6p5-10.el6_8.2.i686.rpm ppc64: ntp-4.2.6p5-10.el6_8.2.ppc64.rpm ntp-debuginfo-4.2.6p5-10.el6_8.2.ppc64.rpm ntpdate-4.2.6p5-10.el6_8.2.ppc64.rpm s390x: ntp-4.2.6p5-10.el6_8.2.s390x.rpm ntp-debuginfo-4.2.6p5-10.el6_8.2.s390x.rpm ntpdate-4.2.6p5-10.el6_8.2.s390x.rpm x86_64: ntp-4.2.6p5-10.el6_8.2.x86_64.rpm ntp-debuginfo-4.2.6p5-10.el6_8.2.x86_64.rpm ntpdate-4.2.6p5-10.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-10.el6_8.2.i686.rpm ntp-perl-4.2.6p5-10.el6_8.2.i686.rpm noarch: ntp-doc-4.2.6p5-10.el6_8.2.noarch.rpm ppc64: ntp-debuginfo-4.2.6p5-10.el6_8.2.ppc64.rpm ntp-perl-4.2.6p5-10.el6_8.2.ppc64.rpm s390x: ntp-debuginfo-4.2.6p5-10.el6_8.2.s390x.rpm ntp-perl-4.2.6p5-10.el6_8.2.s390x.rpm x86_64: ntp-debuginfo-4.2.6p5-10.el6_8.2.x86_64.rpm ntp-perl-4.2.6p5-10.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ntp-4.2.6p5-10.el6_8.2.src.rpm i386: ntp-4.2.6p5-10.el6_8.2.i686.rpm ntp-debuginfo-4.2.6p5-10.el6_8.2.i686.rpm ntpdate-4.2.6p5-10.el6_8.2.i686.rpm x86_64: ntp-4.2.6p5-10.el6_8.2.x86_64.rpm ntp-debuginfo-4.2.6p5-10.el6_8.2.x86_64.rpm ntpdate-4.2.6p5-10.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: ntp-debuginfo-4.2.6p5-10.el6_8.2.i686.rpm ntp-perl-4.2.6p5-10.el6_8.2.i686.rpm noarch: ntp-doc-4.2.6p5-10.el6_8.2.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-10.el6_8.2.x86_64.rpm ntp-perl-4.2.6p5-10.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: ntp-4.2.6p5-25.el7_3.1.src.rpm x86_64: ntp-4.2.6p5-25.el7_3.1.x86_64.rpm ntp-debuginfo-4.2.6p5-25.el7_3.1.x86_64.rpm ntpdate-4.2.6p5-25.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: ntp-doc-4.2.6p5-25.el7_3.1.noarch.rpm ntp-perl-4.2.6p5-25.el7_3.1.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-25.el7_3.1.x86_64.rpm sntp-4.2.6p5-25.el7_3.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: ntp-4.2.6p5-25.el7_3.1.src.rpm x86_64: ntp-4.2.6p5-25.el7_3.1.x86_64.rpm ntp-debuginfo-4.2.6p5-25.el7_3.1.x86_64.rpm ntpdate-4.2.6p5-25.el7_3.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: ntp-doc-4.2.6p5-25.el7_3.1.noarch.rpm ntp-perl-4.2.6p5-25.el7_3.1.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-25.el7_3.1.x86_64.rpm sntp-4.2.6p5-25.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: ntp-4.2.6p5-25.el7_3.1.src.rpm aarch64: ntp-4.2.6p5-25.el7_3.1.aarch64.rpm ntp-debuginfo-4.2.6p5-25.el7_3.1.aarch64.rpm ntpdate-4.2.6p5-25.el7_3.1.aarch64.rpm ppc64: ntp-4.2.6p5-25.el7_3.1.ppc64.rpm ntp-debuginfo-4.2.6p5-25.el7_3.1.ppc64.rpm ntpdate-4.2.6p5-25.el7_3.1.ppc64.rpm ppc64le: ntp-4.2.6p5-25.el7_3.1.ppc64le.rpm ntp-debuginfo-4.2.6p5-25.el7_3.1.ppc64le.rpm ntpdate-4.2.6p5-25.el7_3.1.ppc64le.rpm s390x: ntp-4.2.6p5-25.el7_3.1.s390x.rpm ntp-debuginfo-4.2.6p5-25.el7_3.1.s390x.rpm ntpdate-4.2.6p5-25.el7_3.1.s390x.rpm x86_64: ntp-4.2.6p5-25.el7_3.1.x86_64.rpm ntp-debuginfo-4.2.6p5-25.el7_3.1.x86_64.rpm ntpdate-4.2.6p5-25.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: ntp-debuginfo-4.2.6p5-25.el7_3.1.aarch64.rpm sntp-4.2.6p5-25.el7_3.1.aarch64.rpm noarch: ntp-doc-4.2.6p5-25.el7_3.1.noarch.rpm ntp-perl-4.2.6p5-25.el7_3.1.noarch.rpm ppc64: ntp-debuginfo-4.2.6p5-25.el7_3.1.ppc64.rpm sntp-4.2.6p5-25.el7_3.1.ppc64.rpm ppc64le: ntp-debuginfo-4.2.6p5-25.el7_3.1.ppc64le.rpm sntp-4.2.6p5-25.el7_3.1.ppc64le.rpm s390x: ntp-debuginfo-4.2.6p5-25.el7_3.1.s390x.rpm sntp-4.2.6p5-25.el7_3.1.s390x.rpm x86_64: ntp-debuginfo-4.2.6p5-25.el7_3.1.x86_64.rpm sntp-4.2.6p5-25.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: ntp-4.2.6p5-25.el7_3.1.src.rpm x86_64: ntp-4.2.6p5-25.el7_3.1.x86_64.rpm ntp-debuginfo-4.2.6p5-25.el7_3.1.x86_64.rpm ntpdate-4.2.6p5-25.el7_3.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: ntp-doc-4.2.6p5-25.el7_3.1.noarch.rpm ntp-perl-4.2.6p5-25.el7_3.1.noarch.rpm x86_64: ntp-debuginfo-4.2.6p5-25.el7_3.1.x86_64.rpm sntp-4.2.6p5-25.el7_3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-7426 https://access.redhat.com/security/cve/CVE-2016-7429 https://access.redhat.com/security/cve/CVE-2016-7433 https://access.redhat.com/security/cve/CVE-2016-9310 https://access.redhat.com/security/cve/CVE-2016-9311 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYmBasXlSAg2UNWIIRAtaKAKCm2dAxAx1w4jCUz0puJyIXXpuaeQCgtbPU QI1oAu3rHY96U/5WIC/xF4g= =qaRk -----END PGP SIGNATURE----- --
  13. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: spice-server security update Advisory ID: RHSA-2017:0253-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0253.html Issue date: 2017-02-06 CVE Names: CVE-2016-9577 CVE-2016-9578 ===================================================================== 1. Summary: An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - x86_64 Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64 3. Description: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Security Fix(es): * A vulnerability was discovered in spice in the server's protocol handling. An authenticated attacker could send crafted messages to the spice server causing a heap overflow leading to a crash or possible code execution. (CVE-2016-9577) * A vulnerability was discovered in spice in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. (CVE-2016-9578) These issues were discovered by Frediano Ziglio (Red Hat). 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All applications using SPICE (most notably all QEMU-KVM instances using the SPICE console) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1399566 - CVE-2016-9578 spice: Remote DoS via crafted message 1401603 - CVE-2016-9577 spice: Buffer overflow in main_channel_alloc_msg_rcv_buf when reading large messages 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9577 https://access.redhat.com/security/cve/CVE-2016-9578 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYmAJUXlSAg2UNWIIRAlUAAJ4l5sd4XzgYDEY7jYdsY9tPY24T0QCgnbvA 0CuIfprnS5cvz7i6BMXDM5E= =x6n1 -----END PGP SIGNATURE----- --
  14. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: spice-server security update Advisory ID: RHSA-2017:0253-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0253.html Issue date: 2017-02-06 CVE Names: CVE-2016-9577 CVE-2016-9578 ===================================================================== 1. Summary: An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - x86_64 Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64 3. Description: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Security Fix(es): * A vulnerability was discovered in spice in the server's protocol handling. An authenticated attacker could send crafted messages to the spice server causing a heap overflow leading to a crash or possible code execution. (CVE-2016-9577) * A vulnerability was discovered in spice in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. (CVE-2016-9578) These issues were discovered by Frediano Ziglio (Red Hat). 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All applications using SPICE (most notably all QEMU-KVM instances using the SPICE console) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1399566 - CVE-2016-9578 spice: Remote DoS via crafted message 1401603 - CVE-2016-9577 spice: Buffer overflow in main_channel_alloc_msg_rcv_buf when reading large messages 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9577 https://access.redhat.com/security/cve/CVE-2016-9578 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYmAJUXlSAg2UNWIIRAlUAAJ4l5sd4XzgYDEY7jYdsY9tPY24T0QCgnbvA 0CuIfprnS5cvz7i6BMXDM5E= =x6n1 -----END PGP SIGNATURE----- --
  15. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: spice-server security update Advisory ID: RHSA-2017:0253-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0253.html Issue date: 2017-02-06 CVE Names: CVE-2016-9577 CVE-2016-9578 ===================================================================== 1. Summary: An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - x86_64 Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64 3. Description: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine (KVM) hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Security Fix(es): * A vulnerability was discovered in spice in the server's protocol handling. An authenticated attacker could send crafted messages to the spice server causing a heap overflow leading to a crash or possible code execution. (CVE-2016-9577) * A vulnerability was discovered in spice in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. (CVE-2016-9578) These issues were discovered by Frediano Ziglio (Red Hat). 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All applications using SPICE (most notably all QEMU-KVM instances using the SPICE console) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1399566 - CVE-2016-9578 spice: Remote DoS via crafted message 1401603 - CVE-2016-9577 spice: Buffer overflow in main_channel_alloc_msg_rcv_buf when reading large messages 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: spice-server-0.12.4-13.el6_8.2.src.rpm x86_64: spice-server-0.12.4-13.el6_8.2.x86_64.rpm spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): x86_64: spice-server-debuginfo-0.12.4-13.el6_8.2.x86_64.rpm spice-server-devel-0.12.4-13.el6_8.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9577 https://access.redhat.com/security/cve/CVE-2016-9578 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYmAJUXlSAg2UNWIIRAlUAAJ4l5sd4XzgYDEY7jYdsY9tPY24T0QCgnbvA 0CuIfprnS5cvz7i6BMXDM5E= =x6n1 -----END PGP SIGNATURE----- --
  16. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: spice security update Advisory ID: RHSA-2017:0254-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0254.html Issue date: 2017-02-06 CVE Names: CVE-2016-9577 CVE-2016-9578 ===================================================================== 1. Summary: An update for spice is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The Simple Protocol for Independent Computing Environments (SPICE) is a remote display system built for virtual environments which allows the user to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. Security Fix(es): * A vulnerability was discovered in spice in the server's protocol handling. An authenticated attacker could send crafted messages to the spice server causing a heap overflow leading to a crash or possible code execution. (CVE-2016-9577) * A vulnerability was discovered in spice in the server's protocol handling. An attacker able to connect to the spice server could send crafted messages which would cause the process to crash. (CVE-2016-9578) These issues were discovered by Frediano Ziglio (Red Hat). 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All applications using SPICE (most notably all QEMU-KVM instances using the SPICE console) must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1399566 - CVE-2016-9578 spice: Remote DoS via crafted message 1401603 - CVE-2016-9577 spice: Buffer overflow in main_channel_alloc_msg_rcv_buf when reading large messages 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: spice-0.12.4-20.el7_3.src.rpm x86_64: spice-debuginfo-0.12.4-20.el7_3.x86_64.rpm spice-server-0.12.4-20.el7_3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: spice-debuginfo-0.12.4-20.el7_3.x86_64.rpm spice-server-devel-0.12.4-20.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: spice-0.12.4-20.el7_3.src.rpm x86_64: spice-debuginfo-0.12.4-20.el7_3.x86_64.rpm spice-server-0.12.4-20.el7_3.x86_64.rpm spice-server-devel-0.12.4-20.el7_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: spice-0.12.4-20.el7_3.src.rpm x86_64: spice-debuginfo-0.12.4-20.el7_3.x86_64.rpm spice-server-0.12.4-20.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): x86_64: spice-debuginfo-0.12.4-20.el7_3.x86_64.rpm spice-server-devel-0.12.4-20.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: spice-0.12.4-20.el7_3.src.rpm x86_64: spice-debuginfo-0.12.4-20.el7_3.x86_64.rpm spice-server-0.12.4-20.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: spice-debuginfo-0.12.4-20.el7_3.x86_64.rpm spice-server-devel-0.12.4-20.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9577 https://access.redhat.com/security/cve/CVE-2016-9578 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYmAJYXlSAg2UNWIIRAouvAKDEsDCpWxlCGhB2EEiZUCy9gJI+tACcCYOZ 20Jg0NYBs1m9+s/BoVL4RN4= =QJe6 -----END PGP SIGNATURE----- --
  17. news

    Moto Z Battery Beast

    news posted a topic in Upcoming News

    ** TECHSPOT ------------------------------------------------------------ ** Moto Z Battery Beast: Mod Delivers Best in Class Smartphone Battery Life ------------------------------------------------------------ ** http://www.techspot.com/article/1315-moto-z-mod-battery-beast/ ------------------------------------------------------------ Suffering from battery anxiety sucks, so I recently went on a crusade to find the flagship smartphone with the best battery life. Like most phones the Moto Z's battery is non-removable, but you can magnetically attach a battery mod to the rear of the device that provides a significant stamina boost. Moto Mods are simple and sleek. The results are great, too. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA
  18. news
    With Scale 15x less than a month away, final touches are being made to the schedule including Sunday’s keynote. Karen Sandler will deliver “In the Scheme of Things, How Important is Software Freedom?†Karen brings an impeccable set of credentials to Scale and currently serves as Executive Director for the Software Freedom Conservancy. Please note a schedule change: Bad Voltage will be live at an after-Scale reception on Friday. UpSCALE is moving to Saturday at 8 P.M. Want a chance to present at UpSCALE yourself? Our call for lightning talks is open through February 12th. Don’t miss these rapid-fire and entertaining sessions. Please stay tuned for additional surprise announcements. Open Source Legal Training. Do you use or write open-source software in your organization? Invite your organization's legal department to join us a full day workshop to get up to speed on free and open-source software legal topics. Check back to check in. Our preferred hotels have been filling up fast. If you’ve not booked a room yet, don’t give up. We will post some alternatives soon. --
  19. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3781-1 security ( -at -) debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 05, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : svgsalamander CVE ID : CVE-2017-5617 Luc Lynx discovered that SVG Salamander, a SVG engine for Java was susceptible to server side request forgery. For the stable distribution (jessie), this problem has been fixed in version 0~svn95-1+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 1.1.1+dfsg-2. We recommend that you upgrade your svgsalamander packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
  20. news
    Title: QNAP TurboNAS TS-1635-8G 16-bay 10GbE NAS Server Review ( -at -) NikKTech Description: It lacks an HDMI output and its Annapurna AL-514 Quad-Core CPU may not be the top of its class but thanks to its 16 SATA 6Gb/s bays, two built-in SFP+ 10GbE ports and 8GB of DDR3L RAM the TurboNAS TS-1635-8G has everything it needs to be at the center of your office network. Article Link: http://www.nikktech.com/main/articles/peripherals/network/nas-servers/7436-q nap-turbonas-ts-1635-8g-16-bay-nas-server-review Image Link: http://www.nikktech.com/main/images/pics/reviews/qnap/ts_1635/qnap_ts_1635a. jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas
  21. news
    openSUSE Security Update: Security update for gnutls ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0386-1 Rating: important References: #1005879 #1018832 #999646 Cross-References: CVE-2016-7444 CVE-2016-8610 CVE-2017-5335 CVE-2017-5336 CVE-2017-5337 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for gnutls fixes the following security issues: - GnuTLS could have crashed when processing maliciously crafted OpenPGP certificates (GNUTLS-SA-2017-2, bsc#1018832, CVE-2017-5335, CVE-2017-5337, CVE-2017-5336) - GnuTLS could have falsely accepted certificates when using OCSP (GNUTLS-SA-2016-3, bsc#999646, CVE-2016-7444) - GnuTLS could have suffered from 100% CPU load DoS attacks by using SSL alert packets during the handshake (bsc#1005879, CVE-2016-8610) This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-207=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-207=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): gnutls-3.2.15-9.1 gnutls-debuginfo-3.2.15-9.1 gnutls-debugsource-3.2.15-9.1 libgnutls-devel-3.2.15-9.1 libgnutls-openssl-devel-3.2.15-9.1 libgnutls-openssl27-3.2.15-9.1 libgnutls-openssl27-debuginfo-3.2.15-9.1 libgnutls28-3.2.15-9.1 libgnutls28-debuginfo-3.2.15-9.1 libgnutlsxx-devel-3.2.15-9.1 libgnutlsxx28-3.2.15-9.1 libgnutlsxx28-debuginfo-3.2.15-9.1 - openSUSE Leap 42.2 (x86_64): libgnutls-devel-32bit-3.2.15-9.1 libgnutls28-32bit-3.2.15-9.1 libgnutls28-debuginfo-32bit-3.2.15-9.1 - openSUSE Leap 42.1 (i586 x86_64): gnutls-3.2.15-8.1 gnutls-debuginfo-3.2.15-8.1 gnutls-debugsource-3.2.15-8.1 libgnutls-devel-3.2.15-8.1 libgnutls-openssl-devel-3.2.15-8.1 libgnutls-openssl27-3.2.15-8.1 libgnutls-openssl27-debuginfo-3.2.15-8.1 libgnutls28-3.2.15-8.1 libgnutls28-debuginfo-3.2.15-8.1 libgnutlsxx-devel-3.2.15-8.1 libgnutlsxx28-3.2.15-8.1 libgnutlsxx28-debuginfo-3.2.15-8.1 - openSUSE Leap 42.1 (x86_64): libgnutls-devel-32bit-3.2.15-8.1 libgnutls28-32bit-3.2.15-8.1 libgnutls28-debuginfo-32bit-3.2.15-8.1 References: https://www.suse.com/security/cve/CVE-2016-7444.html https://www.suse.com/security/cve/CVE-2016-8610.html https://www.suse.com/security/cve/CVE-2017-5335.html https://www.suse.com/security/cve/CVE-2017-5336.html https://www.suse.com/security/cve/CVE-2017-5337.html https://bugzilla.suse.com/1005879 https://bugzilla.suse.com/1018832 https://bugzilla.suse.com/999646 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  22. news
    openSUSE Security Update: Security update for virtualbox ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0382-1 Rating: important References: #1020856 Cross-References: CVE-2016-5545 CVE-2017-3290 CVE-2017-3316 CVE-2017-3332 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for virtualbox to version 5.1.14 fixes the following issues: These security issues were fixed: - CVE-2016-5545: Vulnerability in the GUI subcomponent of virtualbox allows unauthenticated attacker unauthorized update, insert or delete access to some data as well as unauthorized read access to a subset of VirtualBox accessible data and unauthorized ability to cause a partial denial of service (bsc#1020856). - CVE-2017-3290: Vulnerability in the Shared Folder subcomponent of virtualbox allows high privileged attacker unauthorized creation, deletion or modification access to critical data and unauthorized ability to cause a hang or frequently repeatable crash (bsc#1020856). - CVE-2017-3316: Vulnerability in the GUI subcomponent of virtualbox allows high privileged attacker with network access via multiple protocols to compromise Oracle VM VirtualBox (bsc#1020856). - CVE-2017-3332: Vulnerability in the SVGA Emulation subcomponent of virtualbox allows low privileged attacker unauthorized creation, deletion or modification access to critical data and unauthorized ability to cause a hang or frequently repeatable crash (bsc#1020856). For other changes please read the changelog. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-203=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (noarch): virtualbox-guest-desktop-icons-5.1.14-9.2 virtualbox-host-source-5.1.14-9.2 - openSUSE Leap 42.2 (x86_64): python-virtualbox-5.1.14-9.2 python-virtualbox-debuginfo-5.1.14-9.2 virtualbox-5.1.14-9.2 virtualbox-debuginfo-5.1.14-9.2 virtualbox-debugsource-5.1.14-9.2 virtualbox-devel-5.1.14-9.2 virtualbox-guest-kmp-default-5.1.14_k4.4.36_8-9.2 virtualbox-guest-kmp-default-debuginfo-5.1.14_k4.4.36_8-9.2 virtualbox-guest-tools-5.1.14-9.2 virtualbox-guest-tools-debuginfo-5.1.14-9.2 virtualbox-guest-x11-5.1.14-9.2 virtualbox-guest-x11-debuginfo-5.1.14-9.2 virtualbox-host-kmp-default-5.1.14_k4.4.36_8-9.2 virtualbox-host-kmp-default-debuginfo-5.1.14_k4.4.36_8-9.2 virtualbox-qt-5.1.14-9.2 virtualbox-qt-debuginfo-5.1.14-9.2 virtualbox-websrv-5.1.14-9.2 virtualbox-websrv-debuginfo-5.1.14-9.2 References: https://www.suse.com/security/cve/CVE-2016-5545.html https://www.suse.com/security/cve/CVE-2017-3290.html https://www.suse.com/security/cve/CVE-2017-3316.html https://www.suse.com/security/cve/CVE-2017-3332.html https://bugzilla.suse.com/1020856 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  23. news
    -------- PATRIOT HELLFIRE M.2 240GB SOLID STATE DRIVE REVIEW ( -at -) APH NETWORKS -- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: Patriot Hellfire M.2 240GB Solid State Drive Review ( -at -) APH Networks * Description: The Patriot Hellfire M.2 240GB delivers sizzling performance with a tempting price tag. * Link: http://aphnetworks.com/reviews/patriot-hellfire-m-2-240gb * Image: http://aphnetworks.com/review/patriot-hellfire-m-2-240gb/003.JPG Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5
  24. news
    Visit Hardware Asylum - http://www.hardwareasylum.com body { margin: 0px; padding: 10px; text-align: left; background-color: #FFF; } #header { vertical-align: top; height: 80px; } #footer { font-family: arial, Helvetica, sans-serif; font-size: 10px; color: #000; margin-top: 5px; padding: 3px; } .titletext { font-family: Arial, Helvetica, sans-serif; font-size: 18px; font-weight: bold; color: #852222; } .subtitletext { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; color: #9E9E9E; } .bodytext { font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #000000; } .smalltext { font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #9E9E9E; } b { font-weight: bold; } i { font-style: italic; } a { color: #C00; } Hello Everyone,It may not have a PLX chip or RGB LEDs but it loves to overclock. 5.6Ghz on phase, going for 6+ very soon. Subject: EVGA Z270 Classified K Motherboard Review ( -at -) Hardware AsylumURL: http://www.hardwareasylum.com/reviews/motherboards/evga_z270_classified-kQuote: In this review we’ll be looking at the EVGA Z270 Classified K. This motherboard was announced during CES during the Intel Kaby Lake launch and appears to be a different kind of Classified.A news posting would be appreciated.ThanksDennis Garciahttp://www.hardwareasylum.com To no longer receive these types of emails please send a copy of this message to us at support ( -at -) hardwareasylum.com and we'll remove you from the list. Copyright © Hardware Asylum 1999-2013 All rights reserved
  25. news

    Wine release 2.1

    news posted a topic in Upcoming News

    The Wine development release 2.1 is now available. What's new in this release (see below for details): - Many fixes that were deferred during code freeze. - More Shader Model 5 instructions. - A number of improvements to MIME message handling. - Line breaking improvements in DirectWrite. - HID bus service now running by default. - Direct2D rendering improvements. - Various bug fixes. - Source release tarballs now use xz compression. The source is available from the following locations: http://dl.winehq.org/wine/source/2.x/wine-2.1.tar.xz http://mirrors.ibiblio.org/wine/source/2.x/wine-2.1.tar.xz Binary packages for various distributions will be available from: http://www.winehq.org/download You will find documentation on http://www.winehq.org/documentation You can also get the current source directly from the git repository. Check http://www.winehq.org/git for details. Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list. ---------------------------------------------------------------- Bugs fixed in 2.1 (total 62): 12714 SimCity 2000: crashes when saving or opening a file. 14897 DirectDraw games (Jojo's Fashion Show 2: Las Cruces demo, The Chosen: Well of Souls) try to lock surface with invalid dwSize 17923 No music in X-COM: UFO Defense 18631 regedit gives wrong error when renaming keys 20026 Metal Fatigue crashes on file enumeration (Game saves, skirmish maps) 23547 Railroad Tycoon 2: Platinum (Steam) crashes when setting resolution to 800x600 24112 Xara Designer Pro 6 demo crashes when you select 'continue trial' 25516 Sims 3 flickering white textures 26264 Tanktics won't start 26531 Frogger crashes upon exiting game 27580 Wine Notepad command line parser eats the first 2 letters when the path starts with / (it should only do this for valid command line options) 28982 Application Zero no Kiseki crashes when it tries to play 44100Hz Stereo WAVE music 30308 Property sheet fails to display Page Title 31113 Civilization V crashes after specific amount of game turns 32627 MiroVideoConverter setup gives error "Internal error occurred" 34171 Actua Soccer 2 API error when loading game from menu 34960 Civilization V crashes when loading game 35155 PDF-Xchange Viewer chrashes when a lot of documents opened 35993 Graphical Glitches in Agarest Generations of War 36501 Dyn Updater v4.1.10 'DynUpConfig' tool crashes on startup ('Win32_NetworkAdapterConfiguration' WMI class 'Description' property missing) 37034 Stars!: Crashes on startup 38192 Harry Potter 7 Part 2 crash at begins 38773 msvcr100/110/120 is missing reader_writer_lock (required for MSVC 2013) 39180 Witcher 3 Wild hunt Wine 1.7.50 not working 39920 Nanocad 5.: file open/import dialog does not open 40133 No Limits 2 help system needs GetOverhangMetrics() 40392 ComicRack 0.9.x (.NET 4.5 app) hangs/crashes on startup when executing WMI query 40592 wininet:http test regression 40629 Noto Nastaliq Urdu font crashes notepad during shaping 40938 UE4 games (Ether One Redux, Into the Stars) crash while loading with "BackBuffer->GetResource() has 3 refs, expected 1" error 41052 Failure to create D3D9 device on i915 41175 Firefox tooltips are partly black 41324 Everspace (UE4) requires bfi opcode 41579 Rush for Berlin Gold crashes after the intro videos 41623 Odallus The Dark Call crashes while starting if a force feedback enabled controller is plugged in 41706 Adam Standalone demo: Backend can't handle opcode ubfe 41747 HYPACK 2016 crashes trying to set "AllowXsltScript" and "AllowDocumentFunction" properties 41905 The Solus Project: Backend can't handle opcode bfrev 42022 The Magic School Bus Explores The Solar System needs msvideo.dll16.DRAWDIBPROFILEDISPLAY 42023 The Magic School Bus Explores The Solar System crashes on launch; appears to be missing some files 42078 Dungeons & Dragons: Chronicles of Mystara needs d3dx11_43.dll.D3DX11CreateShaderResourceViewFromMemory 42093 Git for Windows 2.7.0 needs unimplemented function rstrtmgr.dll.RmShutdown 42096 Steam -> RPGMaker 2003 needs unimplemented function KERNEL32.dll.BaseFlushAppcompatCache 42141 Star Ruler 2 black screen on macOS and FreeBSD 42159 Sega Bug crashes immediately 42163 Sid Meier's Railroads! crash loading multiplayer lobby 42166 Custom application needs mf3216.dll (32-bit to 16-bit metafile converter) 42187 Radeon R9 285 GPU incorrectly recognized 42206 Gauntlet character screen background is corrupted. 42212 WOLF RPG Editor: Division by zero when winegstreamer is enabled 42218 mshtml/tests/dom crashes in xul while running test_doc_elem 42220 secur32/tests/ntlm crashes in ntlm_EncryptMessage due to null pointer 42221 ws2_32/tests/sock fails with "TransmitFile header buffer did not match!" 42225 MSRX v2015a (magnetic stripe reader app) crashed on plugplay:hidraw_set_feature_report Output feature buffer too small 42244 QQ 2013 needs ntoskrnl.exe.IoCreateFile 42245 QQ 2013 needs ntoskrnl.exe.KeClearEvent 42257 Warpath 21st Century does not have sound 42299 Ecue Lighting Suite installer fails to start, needs ntdll.NtLoadKey2 42303 Magic: The Gathering Online 4.0 crashes when entering the battle 42306 One Note Free Retail installer crashes in xmllite 42312 ShellView does not display items attributes 42315 Piriform Speccy 1.3 needs setupapi.dll.CM_Get_Child_Ex ---------------------------------------------------------------- Changes since 2.0: Adam Bolte (1): wined3d: Add GPU information for AMD FIJI. Alasdair Sinclair (1): configure: Fix make install for mf3216.dll. Alex Henrie (6): shell32: Correct dialog title in error message from "Run File" to "Run". ddraw: Don't crash if writing out a new ddraw1 surface segfaults. ddraw: Don't crash if writing out a new ddraw2 surface segfaults. ddraw: Don't crash if writing out a new ddraw4 surface segfaults. ddraw: Don't crash if writing out a new ddraw7 surface segfaults. include: Add constants for CryptProtectMemory/CryptUnprotectMemory. Alexandre Julliard (4): make_announce: Update version number parsing for the new versioning scheme. ole32: Don't set zero-size clipboard data, this no longer works. ole32: Only trace a clipboard format name if it has one. ole32: Use a HWND_MESSAGE window for the clipboard. Alistair Leslie-Hughes (3): include: Add UnlockResource prototype. maintainers: Add DirectPlay section. include: Add dhcpcsdk.h. Andrew Eikum (5): kernel32: Use different default sublangs for Spanish and Chinese. kernel32/tests: Test result from LCIDToLocaleName. kernel32: Don't care about case when finding matching locale. quartz: Clean up another trace for consistency. quartz: Downgrade FIXME->WARN. Andrew Wesie (1): ntdll: Prevent NULL dereference in NtSuspendThread. Andrey Gusev (6): ntdll: Move UnregisterTraceGuids from advapi32 to ntdll. setupapi: Add CM_Get_Child_Ex stub. setupapi: Add CM_Get_Sibling_Ex stub. d3dx11: Add D3DX11CreateShaderResourceViewFromMemory stub. shlwapi: Avoid 'else if' for IStream_fnQueryInterface. po: Update Ukrainian translation. André Hentschel (51): winmm: Fix midiOutSetVolume spec file entry. ntdll: Fix some more spec file entries. krnl386.exe16: Fix some spec file entries. comctl32: Fix some spec file entries. odbc32: Fix some spec file entries. advapi32: Fix some spec file entries. atl: Fix AtlModuleInit spec file entry. compstui: Fix SetCPSUIUserData spec file entry. iphlpapi: Fix GetBestRoute spec file entry. hidclass.sys: Fix compilation on systems that don't support nameless structs. winebus.sys: Fix compilation on systems that don't support nameless structs. msi: Fix some spec file entries. mscms: Fix some spec file entries. shell32: Fix some spec file entries. user32: Fix DrawMenuBarTemp spec file entry. ntdll: Fix even more spec file entries. rpcrt4: Fix some spec file entries. wow32: Fix some spec file entries. mpr: Fix some spec file entries. urlmon: Fix FindMimeFromData spec file entry. setupapi: Fix some spec file entries. winspool.drv: Fix some spec file entries. oleaut32: Fix OleTranslateColor spec file entry. usp10: Fix ScriptRecordDigitSubstitution spec file entry. advapi32: Fix some more spec file entries. kernel32: Fix some spec file entries. winemapi: Fix some spec file entries. winscard: Fix some spec file entries. avifil32: Fix AVIStreamReadFormat spec file entry. secur32: Fix LsaConnectUntrusted spec file entry. mapi32: Fix some spec file entries. wininet: Fix some spec file entries. d3d8: Fix ValidatePixelShader spec file entry. ntdll: Remove dead initializations (clang). dwrite: Remove dead initialization (clang). msxml3: Remove dead initialization (clang). server: Remove dead assignment (clang). cmd: Remove dead assignments (clang). shell32: Remove dead assignments (clang). loadperf: Fix some spec file entries. winhttp: Fix some spec file entries. serialui: Fix EnumPropPages spec file entry. comctl32: Fix some more spec file entries. msvfw32: Fix some spec file entries. oleview: Fix bytecount for memmoves (Coverity). windowscodecs: Remove dead assignment (clang). windowscodecs: Fix IWICImagingFactory_CreateDecoderFromFileHandle_Proxy spec file entry. gdiplus: Fix some spec file entries. include: Add the new version of the IP_ADAPTER_UNICAST_ADDRESS structure. iphlpapi: Use the new version of the IP_ADAPTER_UNICAST_ADDRESS structure. winex11: Remove dead code (clang). Anton Romanov (1): user32: Add OCR_RDR* cursors. Aric Stewart (18): usp10: Implement GSUB Context Substitution types 1 and 2. usp10: Implement Contextual Positioning Subtable: Format 2. usp10: Implement Chaining Context Substitution Format 2: Class-based Chaining Context Glyph Substitution. hid: Implement HidD_GetNumInputBuffers. hid: Implement HidP_GetUsage[censored]. hid/tests: Add HID device enumeration test. hidclass.sys: When processing reads fill all the buffers. hid: Implement HidP_MaxDataListLength. hid: Implement HidP_GetData. usp10: Fix Contextual Shaping for Languages with RTL write order. usp10: Change GSUB_E_NOGLYPH value. usp10: Fix next index for RTL MultipleSubst. usp10: Apply 'ccmp' before Arabic contextual shaping. hidclass.sys: BSize will never be negative. hid/tests: Test device reads. hid/tests: Test HidD_GetInputReport. hidclass.sys: IOCTL_HID_GET_INPUT_REPORT has report ID as first byte. loader: Start winebus service by default. Aurimas Fišeras (2): po: Update Lithuanian translation. po: Update Lithuanian translation. Austin English (8): kernel32: Add BaseFlushAppcompatCache stub. mf3216: Add stub dll. rstrtmgr: Add RmShutdown stub. ntoskrnl.exe: Add IoCreateFile stub. ntoskrnl.exe: Add stub KeClearEvent. ntdll: Add a stub for NtLoadKey2. winusb: Add stub dll. dhcpsvc: Add DhcpRequestParams stub. Bruno Jesus (22): ntdll: Fake success if changing system date is a no-op. maintainers: Add network section. iphlpapi/tests: Avoid ntoa() twice in function call as it returns same pointer. dinput: Skip events that are not useful currently. odbc32: Improve some tracing. d3d8/tests: Fix copy&paste issue in compare_mode (cppcheck). dinput: Fix GetEffectStatus for Linux when effect was not downloaded. dinput: Downgrade a FIXME to WARN in JoystickWImpl_SendForceFeedbackCommand. dinput: DISFFC_RESET will not release the effects. dinput: Simplify JoystickWImpl_Unacquire for Linux. dinput/tests: Add tests for DISFFC_STOPALL, DISFFC_RESET and GetEffectStatus. winmm: Fix the ordinal number for function PlaySound. shlwapi/tests: Test NULL handle duplication in SHMapHandle(). notepad: Only skip valid command options. wlanapi: Normalize input and trace parameters. wlanapi/tests: Add test structure. wlanapi/tests: Add tests for WlanOpenHandle. wlanapi: Implement WlanAllocateMemory/WlanFreeMemory with tests. wlanapi/tests: Add tests for WlanEnumInterfaces. wlanapi: Implement WlanOpenHandle. wlanapi: Implement WlanCloseHandle. mciqtz32: Implement MCI_DGV_PLAY_REPEAT. Christoph Brill (1): setupapi: Stub CM_Open_DevNode_Key and CM_Get_Child. Daniel Lehman (1): msvcrt: Implement nan. Detlef Riekenberg (1): maintainers: Add myself for printing. Dmitry Timoshkov (2): windowscodecs: Implement IWICBitmapFrameEncode::SetPalette in PNG encoder. avifil32: AVIFileGetStream should set stream to NULL in case of an error. Erich Hoover (1): maintainers: Volunteer for auto-assigned patch review. Fabian Maurer (2): gdi32: Add traces for painting functions. user32: Don't send WM_CHAR when a menu gets VK_ESCAPE and add tests. François Gouget (4): iphlpapi/tests: Remove an unnecessary NULL cast. include: Add a couple more UI language APIs. wlanapi: Add a trailing '\n' to a TRACE() message. hid/tests: Remove a space before a '\n'. Gerald Pfeifer (3): rpcrt4: Avoid potential overflow in rpcrt4_protseq_ncacn_np_open_endpoint. server: Remove dead check in is_cpu_supported(). winedump: Increase buffer size and potential string length inoutput_spec_symbol. Guillaume Charifi (2): wined3d: Recognize SM5 dcl_resource_raw instruction. wined3d: Add support for BC5_SNORM format. Hans Leidekker (11): include: Add some missing MAPI defines. include: Update SIID_MAX_ICONS. mapi32: Add a stub implementation of HrDispatchNotifications. secur32: Implement SspiPrepareForCredWrite. webservices: Set and restore the full floating point control word. wbemprox: Only include matching rows in the table row count. winhttp: Accept NULL buffer for size queries in WinHttpCreateUrl. wintrust/tests: Disable a test that crashes on 64-bit Windows 10. credui: Split domain from username in SspiPromptForCredentialsW. wbemprox: Don't define USE_WS_PREFIX on MinGW. wbemprox: Add a partial implementation of Win32_IP4RouteTable. Henri Verbeet (35): wined3d: Get rid of a superfluous floatBitsToUint() in shader_glsl_texkill(). wined3d: Use the depth/stencil view to acquire a context for depth-only draws. wined3d: Get rid of the "AlwaysOffscreen" setting. wined3d: Get rid of surface_load_ds_location(). ddraw: Kill stray tabs. wined3d: Simplify shader_glsl_load_np2fixup_constants(). wined3d: Get rid of the "ds_current_size" field from struct wined3d_surface. wined3d: Get rid of surface_modify_ds_location(). wined3d: Get rid of the "onscreen_depth_stencil" field from struct wined3d_device. wined3d: Only store light type counts in struct wined3d_ffp_vs_settings. wined3d: Just use glBufferSubData() in buffer_direct_upload(). wined3d: Introduce wined3d_buffer_upload_ranges(). wined3d: Rename WINED3D_BUFFER_DOUBLEBUFFER to WINED3D_BUFFER_PIN_SYSMEM. wined3d: Introduce wined3d_buffer_evict_sysmem(). wined3d: Check buffer->map_ptr to determine if the buffer object is mapped. wined3d: Do not evict the system memory copy in buffer_create_buffer_object(). wined3d: Do not upload data in buffer_create_buffer_object(). wined3d: Evict system memory for dynamic buffers on the first WINED3D_MAP_DISCARD map. wined3d: Try to avoid stalling on dynamic buffer maps. wined3d: Return success in wined3d_buffer_load_location() when the location is already current. wined3d: Do not pin system memory in wined3d_buffer_load_location(). wined3d: Support WINED3D_LOCATION_BUFFER in wined3d_buffer_load_location(). wined3d: Implement wined3d_buffer_upload_data() on top of wined3d_buffer_upload_ranges(). wined3d: Load WINED3D_LOCATION_BUFFER if needed in wined3d_buffer_map(). wined3d: Do not preload the buffer in wined3d_buffer_unmap(). wined3d: Avoid '\n' in the middle of a TRACE in wined3d_check_device_format(). ddraw: Mark surfaces as lost when changing the display mode. ddraw: Validate the primary surface dimensions in ddraw_surface7_Restore(). ddraw: Validate the primary surface format in ddraw_surface7_Restore(). ddraw: Update the primary surface format when changing the display mode. d2d1: Avoid degenerate line segments. d2d1: Add an initial d2d_d3d_render_target_DrawGeometry() implementation. d2d1: Implement initial support for line joins. d2d1: Implement rectangle geometry outlines. d2d1: Take the source transformation into account when creating a transformed geometry. Hugh McMaster (7): regedit: Remove unnecessary error handling from message box functions in edit.c. regedit: Use FormatMessage() for optimal memory usage. regedit: Display custom error messages instead of strings from the system table. regedit: Combine error() and error_code_messagebox(). regedit: Update search completion message handling. regedit: Update dialog messages related to key and value renaming. regedit: Update some comments in edit.c. Huw D. M. Davies (14): schedsvc/tests: Early versions of Windows 10 return S_OK whether or not the element exists. urlmon/tests: Windows 10 has changed the behaviour of domain detection. usp10/tests: Add a second set of glyph props that have changed in Windows 10. gdi32: Add the ability to disable a DC. user32: Disable cached DCs once they are released. usp10/tests: Reorder the todo and broken arrays to match the order of the expected values. urlmon/tests: Allow QueryInterface to accept IUnknown and IInternetProtocolSink. ntprint: PSetupCreateMonitorInfo() takes two arguments, the second is a server name. comctl32: Correctly set the colour table for ILC_COLOR4 and ILC_COLOR8 imagelists. gameux/tests: Run the MTA tests before the STA tests to avoid a crash on Windows 10. user32: Hardcode the GetWindowLong values for the desktop window to avoid a server round-trip. user32/tests: Restore the mouse cursor to its original position. dssenh/tests: Fix a failing test on Windows 7. dmcompos/tests: Fix a failing test on Windows 8. Jacek Caban (38): mshtml: Initialize nsAString in IHTMLDocument3::get_dir. urlmon: Added Seek implementations for streams using cache file. mshtml: Added MHTMLDocument object class factory stub implementation. inetcomm: Register mhtml protocol handler. inetcomm: Added MimeHtmlProtocol stub implementation. mshtml/tests: Added text selection type tests. mshtml: Added IHTMLSelectionObject2::get_typeDetail semi-stub implementation. inetcomm: Added IInternetProtocolInfo stub implementation. inetcomm: Added COM aggregation support to MimeHtmlProtocol object. inetcomm: Moved sub_stream_t implementation before MimeBody implementation. inetcomm: Don't restore base stream position in sub stream Read. inetcomm: Return a new instance of stream in IMimeBody::GetData. inetcomm/tests: Added a helper for creating stream from string. inetcomm/tests: Added more IMimeBody::SetData and GetData tests. inetcomm: Test current encoding in test_SetData. inetcomm: Added support for decoding base64 in IMimeBody::GetData. widl: Accept known type as library name. kernel32/tests: Don't mark win8+ result as broken. ntdll: Check input buffer before server_read_file call and don't touch event on error. ntdll: Check output buffer before server_write_file call. inetcomm: Use relative seek in copy_headers_to_buf. inetcomm: Properly handle boundary in the beginning of body stream in create_body_offset_list. inetcomm: Don't include headers in data stream in create_sub_body. inetcomm: Read content encoding from MIME header. inetcomm: Removed unneeded type check in init_content_type. inetcomm: Added tests reading MHTML page as MIME message. msctf: Use correct sink for ITfThreadFocusSink. inetcomm: Added MimeOleObjectFromMoniker semi-stub implementation. inetcomm: Added IInternetProtocolInfo::CombineUrl implementation. inetcomm: Added support for binding mhtml protocol handler. inetcomm: Added mhtml binding tests. inetcomm: Added support for decoding quoted-printable data. server: Create iosb objects inside read/write request handlers. ntdll: Always set iosb->Information in irp_completion. msctf: Allow unadvising ITfThreadFocusSink. mshtml: Renamed unk_imp to outer_unk. mshtml: Added support for COM aggregation in HTMLDocument object. mshtml/tests: Added COM aggregation tests. Jactry Zeng (2): qcap: Release IBaseFilter. kernel32/tests: Add Chinese special tests for LocaleNameToLCID(). Jarkko Korpi (1): wined3d: Add Rx 460 binary driver. Jefferson Carpenter (1): wmvcore: Implement WMCreateReaderPriv. Józef Kucia (56): ddraw: Cleanup ddraw7_GetAvailableVidMem(). ddraw: Relax "dwSize" validation in ddraw_surface*_Lock(). d3d11/tests: Add test for writing to UAVs. d3d11/tests: Add optional "rect" parameter to check_texture_sub_resource_* functions. wined3d: Introduce wined3d_device_set_compute_shader(). d3d11: Implement d3d11_immediate_context_CSSetShader(). wined3d: Remove inaccurate comments. include/d3d11: Add D3D11_BUFFEREX_SRV_FLAG_RAW. d3d11/tests: Use correct raw buffer flag for SRVs. wined3d: Add ARB_texture_buffer_object extension. wined3d: Create dummy buffer textures. wined3d: Add initial support for shader buffer views. wined3d: Do not pass LOD to texelFetch() for buffer resources. wined3d: Implement buffer samplers. d3d10core/tests: Add test for shader buffer views. d3d11/tests: Add test for shader buffer views. d3d10core/tests: Skip stencil SRV test when SRV creation fails. d3d11/tests: Skip stencil SRV test when SRV creation fails. wined3d: Add ARB_shading_language_packing extension. wined3d: Implement SM5 f16tof32 instruction. wined3d: Implement SM5 f32tof16 instruction. d3d11/tests: Add basic test for SM5 f16tof32 and f32tof16 instructions. wined3d: Add ARB_gpu_shader5 extension. wined3d: Implement SM5 bfrev instruction. d3d11/tests: Improve test for SM5 bfi instruction. wined3d: Implement SM5 bfi instruction. wined3d: Implement SM5 ubfe instruction. d3d11/tests: Add test for SM5 ubfe instruction. wined3d: Implement SM5 countbits instruction. wined3d: Implement SM5 firstbit_* instructions. d3d11/tests: Add test for SM5 firstbit_* instructions. wined3d: Store uniform blocks limits as array. wined3d: Introduce wined3d_device_set_cs_cb(). d3d11: Implement d3d11_immediate_context_CSSetConstantBuffers(). wined3d: Factor out acquire_shader_resources() function. wined3d: Factor out release_shader_resources() function. wined3d: Do not acquire compute pipeline resources for draws. wined3d: Acquire graphics pipeline UAV resources for draws. d3d11/tests: Add tests showing that views do not keep resource reference. d3d11: Do not keep reference to resources. d3d10core/tests: Add tests showing that views do not keep resource reference. wined3d: Add ARB_compute_shader extension. wined3d: Handle compute shader registers in GLSL backend. wined3d: Introduce wined3d_device_dispatch_compute(). wined3d: Introduce shader_select_compute() in shader_backend_ops. comdlg32/tests: Add test for OLE initialization in file dialogs. comdlg32: Delay OleInitialize() until after file dialog window is created. d3d11: Fix TRACE message in d3d_query_create(). d3d9/tests: Extend queries tests. d3d11/tests: Extend queries tests. d3d10core/tests: Extend queries tests. wined3d: Return WINED3DERR_INVALIDCALL for not started queries. d3d9: Fix query result data for not started queries. d3d9: Store query data size in "d3d9_query". wined3d: Set "last_was_blit" unconditionally in context_apply_clear_state(). d3d11: Use WINED3D_POOL_MANAGED for staging 3D textures. Ken Thomases (5): winemac: Make some operations on Cocoa views asynchronous. winemac: Don't attempt to set surface for child windows in macdrv_WindowPosChanged(). winemac: Don't set a view's frame if the backend's value hasn't changed. winemac: Ignore clipboard updates provoked by our own call to GetClipboardData(). winemac: Reattach OpenGL contexts to a view after it has been hidden and unhidden. Kim Malmo (1): po: Update Norwegian translation. Lauri Kenttä (6): msvcrt/tests: Test wcstoi64 with various Unicode digits. msvcrt: Move WCHAR-to-int conversion to a function. msvcrt: Make wcstoi64 support various Unicode digits. msvcrt: Fix space-only inputs in wcstoi64. kernel32: LZOpenFile should preserve cBytes on failure. po: Update Finnish translation. Louis Lenders (3): oledb32: Add version resource. xmllite/reader: Handle NULL node type argument in Read(). kernel32: Silence a noisy fixme. Marcus Meissner (1): maintainers: Add myself for gphoto2.ds. Masanori Kakura (1): winegstreamer: Avoid zero division in amt_from_gst_caps_video(). Matteo Bruni (12): d3d9: Fix DrawIndexedPrimitiveUP with non-zero min_vertex_idx. d3d8: Fix DrawIndexedPrimitiveUP with non-zero min_vertex_idx. d3d9/tests: Add a test for DrawIndexedPrimitiveUP(). d3d8/tests: Add a test for DrawIndexedPrimitiveUP(). d3d9/tests: Add a trace to clear_test() to show whether sRGB writes are supported. wined3d: Correctly handle GL implementations not supporting sRGB FBO attachments. wined3d: If the format is not FBO attachable disable sRGB writes only. d3dx9: Don't forbid supported format conversions. wined3d: Don't query FFP lights count on core profile. wined3d: Use the correct GLenum for point size limit on core profile. wined3d: Trace maximum vertex attributes count. wined3d: Query supported geometry shader uniform buffers count on core profile. Michael Müller (2): msvideo.dll16: Implement DrawDibProfileDisplay. msvideo: Check if any 16 bit thunks have been allocated before accessing pointer. Michael Stefaniuc (2): wordpad: Avoid a TRUE : FALSE conditional expression. msvcrt/tests: Use NULL instead of casting 0. Mike Swanson (1): loader/wine.man.in: Document the WINEPATH environment variable. Nikolay Sivov (57): wshom: Added IProvideClassInfo support for implemented interfaces. dwrite: Use OpenType 1.8 'head' table structure. dwrite: Use OpenType 1.8 'hhea' table structure. comctl32/tests: Use win_skip() for tests that should not be skipped on Wine. d2d1: Fix ID2D1HwndRenderTarget::Resize() prototype. d2d1: Check for NULL pointer when releasing previous render target view. comctl32/toolbar: Fix TB_SETDRAWTEXTFLAGS handler. shell32/shellview: Get rid of intermediate pointer array when filling ListView. shell32/shellview: Set subitem callbacks for every column. shell32: Fix return value of GetDetailsOf() for unixfs folder. comdlg32: Always use original Open File dialog template. dwrite: Implement another variant of CreateGlyphRunAnalysis(). dwrite: Remove existing effective runs before evaluating them again. dwrite: Invalidate layout on box changes. dwrite: Restructure line wrapping logic, fix the way breaking position is selected. dwrite: Initial support for line trimming signs. Added scrobj.dll stub. scrobj: Register Scriptlet.TypeLib. scrobj: Added IGenScriptletTLib stub. scrobj: Added IDispatch support for Scriptlet.TypeLib object. scrobj: Implement get_GUID(). dwrite: Implement GetOverhangMetrics(). comctl32/syslink: Don't use exported StrCmpNIW(). windowscodecs/tests: Test to show that SetPalette() does not keep IWICPalette reference, for PNG encoder. xmllite/reader: Handle NULL argument in GetNodeType(). xmllite/tests: Test Read() with NULL type argument. oledb32: Fixed IDataInitialize definition. kernel32/nls: Added genitive month names for Polish. kernel32/nls: Added genitive month names for Belarusian. kernel32/nls: Added genitive month names for Armenian. kernel32/nls: Added genitive month names for Croatian. kernel32/nls: Added genitive month names for Czech. regedit: Always show treeview selection. regedit: Clear value list when tree root is selected. dwrite: Added support for DWRITE_WORD_WRAPPING_CHARACTER mode. dwrite: Improve line breaking logic. msxml3: Duplicate stylesheet document before passing it to libxslt. msxml3: Accept AllowXsltScript and AllowDocumentFunction properties. usp10: Fixed LB30 condition, breaking after CP class. usp10: Fix LB27 rule that should check for prefix, not suffix. include: Added GetThreadUILanguage() prototype. dwrite/tests: Use shaping properties structure in tests data. dwrite/tests: More spacing tests with isDiacritic. dwrite/tests: Line metrics tests with uniform spacing. kernel32/nls: Added Nepali locale data. comctl32/propsheet: Force wizard header if any of pages has title/subtitle. comctl32/propsheet: Only use header bitmap when asked for it. comctl32/tests: Use HGLOBAL stream to Read/Write tests on imagelists. po: Update Russian translation. oledb32: Added a stub IDataInitialize for DataLinks object. oledb32: Added GetDataSource() for DataLinks object. oledb32: Allow single quotation marks around property values. dwrite: Keep content based line height and baseline separately. dwrite: Added support for uniform and proportional spacing methods. dwrite: Get rid of assignment to self. dwrite: Fix rendering mode enum conversion warnings. gdiplus: Added GdipGetCustomLineCapType(). Owen Rudge (2): advapi32: Return null-terminated buffer instead of null pointer for LsaLookupSids domains. advapi32/tests: Add test of LsaLookupSids buffer behaviour. Piotr Caban (3): msvcr100: Add reader_writer_lock class stub. msvcr100: Add reader_writer_lock implementation. msvcr100: Add reader_writer_lock tests. Sebastian Lackner (5): rstrtmgr: Use correct type for status parameter in RmRestart. ntdll: Catch page faults in NtQueryPerformanceCounter. ntdll: Mark ZwLoadKey2 export as private. ole32: Call GetClipboardFormatName with the correct parameters. server: Fix handling of MAXIMUM_ALLOWED in token_access_check. Vincent Povirk (4): hhctrl.ocx: Also take basename of folders when searching. hhctrl.ocx: Don't skip a tag in next_node. kernel32: DETACHED_PROCESS prevents automatic std handle inheritance. kernel32: DETACHED_PROCESS doesn't affect STARTUPINFO console handles. Young Chung (1): ucrtbase: Add __conio_common_vcprintf()/_vcwprintf(). Zebediah Figura (12): ws2_32/tests: Fix memcmp size in test_TransmitFile(). regedit: Add support for importing Win 3.1 registry files. regedit/tests: Add tests for importing Win 3.1 registry files. storage.dll16: Fix bad type in IStorage16_fnOpenStorage. regedit: When processing 3.1 ignore any lines that don't begin with HKCR. secur32/tests: Skip sign/seal tests if authentication fails. winebuild: Use unsigned int in spec file variable parameters. compobj: Implement several IIDs. ole2: Implement several IIDs. avifile: Implement several IIDs. ole2disp: Implement several IIDs. typelib: Implement several IIDs. İsmail Dönmez (1): d3d11.idl: Added missing D3D11_CS_* constants. -- Alexandre Julliard julliard ( -at -) winehq.org
×