Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    View this email in your browser (http://us3.campaign-archive1.com/?u=efc4c507c2cf964fc2462caca&id=217d754a6c&e=0c004f9c13) Take a look at your printer. Give it a good stare. Do you trust it? Probably not, considering it jammed the last time you had to print an important paper right up against a deadline. However, what if we told you that your printer just has to sit there on your network to be a very serious security problem? Security Hazards Of The IoT: Your Printer Is A Vulnerability Minefield (http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=43f5ac7b90&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=620df49c9a&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=26280e041a&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=45c9bc83ce&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=4c2c666622&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=7f0a6e71da&e=0c004f9c13 http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=98c952ebb9&e=0c004f9c13 ============================================================
  2. news
    Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* Arozzi Mezzo ( -at -) LanOC Reviews <https://lanoc.org/review/other/7436-arozzi-mezzo> *DESCRIPTION:* So when it comes to office chairs, just a few years ago most of your options were going to be just what you might find in an office supply store, electronics store, or a department store. None of them were built for the extended use that you might put an office chair when gaming or even just working at your PC day to day. Today though there are more options than you could possibly consider, all in the gaming chair market. I’ve had the chance to check out a few different options over the years. Recently I took a look at Arozzi’s new Arena desk and when they sent that they also sent one of their chairs, the Mezzo. So now that we have been using the chair off and on over the past month or so I can finally “sit down†and talk a little more about it and see how it fits into the market. *ARTICLE URL:* https://lanoc.org/review/other/7436-arozzi-mezzo *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/arozzi_mezzo/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/arozzi_mezzo/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>
  3. news
    Case Mod Friday: Project ASUS ROG 10th Anniversary ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/case-mod-friday-project-asus-rog-10th-anniversary/ Image URL: http://www.thinkcomputers.org/articles/casemodfriday/asus10th-email.jpg Alt Image URL: http://www.thinkcomputers.org/articles/casemodfriday/asus10th-small.jpg Quote: "This week we have a pretty sleek build that was done as a part of ASUS's BOOST MY PC contest.  This build celebrates ASUS's 10th anniversary of their Republic of Gamers brand.  It is a build done in a completely custom-built case and is definitely made to show off the hardware inside.  Be sure to check out this sleek build and let us know what you think!"
  4. news
    ------------------------------------------------------------ http://us7.campaign-archive2.com/?u=406e963590798a4aa1eab5f99&id=c4a158ee20&e=2c7a1c459a Dear News Affiliates, Custom PC Review recently published article(s) your readers may enjoy. We’d appreciate it if you could share it with them. Title: Review: Ubiquiti Amplifi HD Mesh Wi-Fi Router System (http://custompcreview.us7.list-manage.com/track/click?u=406e963590798a4aa1eab5f99&id=6f99dcb0b7&e=2c7a1c459a) Excerpt: "In the past year, Mesh Wi-Fi has become the new buzzword in the world of home networking as a possible solution to the all to well known Wi-Fi deadspots issue many homeowners face. Among the sea of new products from companies such as Google, Netgear, Linksys and eero, one of the most promising..." Thank you for your support, -- Sam Chen -- Editor-in-Chief -- Custom PC Review -- http://custompcreview.us7.list-manage1.com/track/click?u=406e963590798a4aa1eab5f99&id=7725f04430&e=2c7a1c459a (http://custompcreview.us7.list-manage.com/track/click?u=406e963590798a4aa1eab5f99&id=dfa79a0e83&e=2c7a1c459a)
  5. news
    openSUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0374-1 Rating: important References: #1020905 #1022053 Cross-References: CVE-2016-2183 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes 14 vulnerabilities is now available. Description: This update for java-1_8_0-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 (bsc#1020905) Upgrade to version jdk8u121 (icedtea 3.3.0): - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution - S8156804, CVE-2017-3241: Better constraint checking - S8158406: Limited Parameter Processing - S8158997: JNDI Protocols Switch - S8159507: RuntimeVisibleAnnotation validation - S8161218: Better bytecode loading - S8161743, CVE-2017-3252: Provide proper login context - S8162577: Standardize logging levels - S8162973: Better component components - S8164143, CVE-2017-3260: Improve components for menu items - S8164147, CVE-2017-3261: Improve streaming socket output - S8165071, CVE-2016-2183: Expand TLS support - S8165344, CVE-2017-3272: Update concurrency support - S8166988, CVE-2017-3253: Improve image processing performance - S8167104, CVE-2017-3289: Additional class construction refinements - S8167223, CVE-2016-5552: URL handling improvements - S8168705, CVE-2016-5547: Better ObjectIdentifier validation - S8168714, CVE-2016-5546: Tighten ECDSA validation - S8168728, CVE-2016-5548: DSA signing improvements - S8168724, CVE-2016-5549: ECDSA signing improvements This update was imported from the SUSE:SLE-12-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-201=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-201=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): java-1_8_0-openjdk-1.8.0.121-6.4 java-1_8_0-openjdk-accessibility-1.8.0.121-6.4 java-1_8_0-openjdk-debuginfo-1.8.0.121-6.4 java-1_8_0-openjdk-debugsource-1.8.0.121-6.4 java-1_8_0-openjdk-demo-1.8.0.121-6.4 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-6.4 java-1_8_0-openjdk-devel-1.8.0.121-6.4 java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-6.4 java-1_8_0-openjdk-headless-1.8.0.121-6.4 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-6.4 java-1_8_0-openjdk-src-1.8.0.121-6.4 - openSUSE Leap 42.2 (noarch): java-1_8_0-openjdk-javadoc-1.8.0.121-6.4 - openSUSE Leap 42.1 (i586 x86_64): java-1_8_0-openjdk-1.8.0.121-21.4 java-1_8_0-openjdk-accessibility-1.8.0.121-21.4 java-1_8_0-openjdk-debuginfo-1.8.0.121-21.4 java-1_8_0-openjdk-debugsource-1.8.0.121-21.4 java-1_8_0-openjdk-demo-1.8.0.121-21.4 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-21.4 java-1_8_0-openjdk-devel-1.8.0.121-21.4 java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-21.4 java-1_8_0-openjdk-headless-1.8.0.121-21.4 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-21.4 java-1_8_0-openjdk-src-1.8.0.121-21.4 - openSUSE Leap 42.1 (noarch): java-1_8_0-openjdk-javadoc-1.8.0.121-21.4 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-5546.html https://www.suse.com/security/cve/CVE-2016-5547.html https://www.suse.com/security/cve/CVE-2016-5548.html https://www.suse.com/security/cve/CVE-2016-5549.html https://www.suse.com/security/cve/CVE-2016-5552.html https://www.suse.com/security/cve/CVE-2017-3231.html https://www.suse.com/security/cve/CVE-2017-3241.html https://www.suse.com/security/cve/CVE-2017-3252.html https://www.suse.com/security/cve/CVE-2017-3253.html https://www.suse.com/security/cve/CVE-2017-3260.html https://www.suse.com/security/cve/CVE-2017-3261.html https://www.suse.com/security/cve/CVE-2017-3272.html https://www.suse.com/security/cve/CVE-2017-3289.html https://bugzilla.suse.com/1020905 https://bugzilla.suse.com/1022053 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  6. news
    <http://www.eteknix.com> Kolink Continuum 1200W Platinum Power Supply Review You've set aside your budget to build a new high-end gaming rig, you've got your new GPUs, and splashed a small fortunate on a high-end CPU, but you've done the worst thing a system builder could do, you've not left much money over for the power supply! High-end power supplies don't come cheap, especially when you're shopping for something 1000W+ and with high-end efficiency, your wallet is going to hurt. This is where Kolink come in, they promise this PSU will deliver a whopping 1200W of power with 80 Plus Platinum efficiency, and you'll get change from £200 <https://www.overclockers.co.uk/kolink-continuum-1200w-80-plus-platinum-modular-power-supply-ca-02a-kk.html> ! URL - http://www.eteknix.com/kolink-continuum-1200w-platinum-power-supply-review/ --
  7. news
    CentOS Errata and Security Advisory 2017:0238 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0238.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 90f269847c3699fd7398c3a86f6288870ab445ab298037966798bae235741903 thunderbird-45.7.0-1.el6.centos.i686.rpm x86_64: 4efb5d100af2b433cd4510c00decc6e1f6318769fcdd5c02f561a4c9103b66bc thunderbird-45.7.0-1.el6.centos.x86_64.rpm Source: 855e8913a6cf2149e2c031deecd4c7e7789beda8376ff74c985b50f157d63d85 thunderbird-45.7.0-1.el6.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  8. news
    CentOS Errata and Security Advisory 2017:0238 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0238.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: e1b6ac1d30a0a889c718bf74a47d3522d0f86771ab3452e5028ae0fa8833b2c1 thunderbird-45.7.0-1.el5.centos.i386.rpm x86_64: e2834be9a4504a127b900526aa4850f1d494e6422576d657f8c752f404cae5f1 thunderbird-45.7.0-1.el5.centos.x86_64.rpm Source: 4a2466886146a766afc55b658cc559e00cfdc2074802ae8f8fc54148f93021b8 thunderbird-45.7.0-1.el5.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: JohnnyCentOS _______________________________________________
  9. news
    CentOS Errata and Security Advisory 2017:0238 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0238.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 5a5de6ff5c320c4b58b896932d9d94ba4251b7ea113306188f30c4a7a79913f6 thunderbird-45.7.0-1.el7.centos.x86_64.rpm Source: 4aa52cb2455594e1c303159eb7e2cd77b351b137917d62281847d03e528874ea thunderbird-45.7.0-1.el7.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  10. news
    At Phoronix we have posted a new article. A link to this from your site's news section would be greatly appreciated. Title: Intel Celeron G3930 On Linux: A Dual-Core Kabylake CPU For $40 ( -at -) Phoronix Direct Link: http://www.phoronix.com/vr.php?view=24111 Summary: "Earlier this week we posted Linux benchmarks of the Intel Pentium G4600 as a 3.6GHz processor for around $90 USD. It was an interesting processor for the value, but if your wallet is tighter, the Celeron G3930 is selling for about $40 as a dual-core sub-3GHz Kabylake processor. Here are those test results." Please feel free to contact us with any questions or comments you may
  11. news
    Corsair Scimitar PRO RGB Gaming Mouse Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/corsair-scimitar-pro-rgb-gaming-mouse-review/ Image URL: http://www.thinkcomputers.org/reviews/corsair_scimitar_pro/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/corsair_scimitar_pro/small.jpg Quote: "If you are a serious MMO or MOBA gamer then you know how important having macro’s and other actions available at your fingertips. Today we have a mouse from Corsair that was specifically made to suit the needs of MMO and MOBA gamers out there. It is the Scimitar PRO RGB and it has a total of 17 programmable buttons, 3 profiles that can be saved directly to the mouse, a Pixart 16000 DPI optical sensor, RGB lighting, and it is all backed up by Corsair’s CUE software. Will this mouse take your MMO and MOBA skills to the next level? Read on as we find out!"
  12. news
    <http://www.eteknix.com> be quiet! Pure Power 10 600W Power Supply Review be quiet! is one of the biggest names in the business when it comes to making high-performance PC hardware, with their PSUs often ranking as some of the best around. Of course, their high-end products often come with a premium price tag to match, but today we see the release of their new Pure Power 10 PSU, which promises to be exceptionally quiet, reliable and offer great value for money. URL - http://www.eteknix.com/be-quiet-pure-power-10-600w-power-supply-review/ --
  13. news
    <http://www.eteknix.com> Drobo 5c 5-Bay USB Type-C Self-Managing DAS Review Today it is time to take a look at another Direct Attached Storage unit, and it is Drobo's latest DAS unit <http://www.drobo.com/storage-products/5c/>  that's under the microscope today. The DAS is called the Drobo 5c, and the name simply originates from the five bay design and the USB Type-C connector. The Drobo 5c is built for easiest method of usage, and it is the world's first self-managing USB-C storage solution. URL - http://www.eteknix.com/drobo-5c-5-bay-usb-type-c-self-managing-das-review/ --
  14. news
    Transcend ESD400 256GB External SSD Review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=d656efa5d4&e=872093acb5 http://www.kitguru.net Transcend ESD400 256GB External SSD Review Transcend produce two portable pocket-sized SSD drive ranges, the TLC NAND equipped ESD220C and the MLC powered ESD400 that we are analysing today. The ESD400 is available in four capacities; 128GB, 256GB, 512GB and the flagship 1TB drive and uses a USB3.0 interface which supports UASP technology to get the most out of the interface. Transcend quote performance figures for the drive of up to 410MB/s for reads and up to 380MB/s for writes. Read the review here: http://www.kitguru.net/components/ssd-drives/simon-crisp/transcend-esd400-256gb-external-ssd-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=d656efa5d4&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  15. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: thunderbird security update Advisory ID: RHSA-2017:0238-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0238.html Issue date: 2017-02-02 CVE Names: CVE-2017-5373 CVE-2017-5375 CVE-2017-5376 CVE-2017-5378 CVE-2017-5380 CVE-2017-5383 CVE-2017-5390 CVE-2017-5396 ===================================================================== 1. Summary: An update for thunderbird is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.7.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2017-5373, CVE-2017-5375, CVE-2017-5376, CVE-2017-5378, CVE-2017-5380, CVE-2017-5383, CVE-2017-5390, CVE-2017-5396) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Jann Horn, Filipe Gomes, Nils, Armin Razmjou, Christian Holler, Gary Kwong, Andre Bargull, Jan de Mooij, Tom Schuster, Oriol, Rh0, Nicolas Gregoire, and Jerri Rice as the original reporters. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of Thunderbird must be restarted for the update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1415924 - CVE-2017-5373 Mozilla: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (MFSA 2017-01) 1416271 - CVE-2017-5375 Mozilla: Excessive JIT code allocation allows bypass of ASLR and DEP (MFSA 2017-02) 1416272 - CVE-2017-5376 Mozilla: Use-after-free in XSL (MFSA 2017-02) 1416273 - CVE-2017-5378 Mozilla: Pointer and frame data leakage of Javascript objects (MFSA 2017-02) 1416274 - CVE-2017-5380 Mozilla: Potential use-after-free during DOM manipulations (MFSA 2017-02) 1416279 - CVE-2017-5390 Mozilla: Insecure communication methods in Developer Tools JSON viewer (MFSA 2017-02) 1416280 - CVE-2017-5396 Mozilla: Use-after-free with Media Decoder (MFSA 2017-02) 1416281 - CVE-2017-5383 Mozilla: Location bar spoofing with unicode characters (MFSA 2017-02) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: thunderbird-45.7.0-1.el5_11.src.rpm i386: thunderbird-45.7.0-1.el5_11.i386.rpm thunderbird-debuginfo-45.7.0-1.el5_11.i386.rpm x86_64: thunderbird-45.7.0-1.el5_11.x86_64.rpm thunderbird-debuginfo-45.7.0-1.el5_11.x86_64.rpm Red Hat Enterprise Linux Optional Productivity Applications (v. 5 server): Source: thunderbird-45.7.0-1.el5_11.src.rpm i386: thunderbird-45.7.0-1.el5_11.i386.rpm thunderbird-debuginfo-45.7.0-1.el5_11.i386.rpm x86_64: thunderbird-45.7.0-1.el5_11.x86_64.rpm thunderbird-debuginfo-45.7.0-1.el5_11.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: thunderbird-45.7.0-1.el6_8.src.rpm i386: thunderbird-45.7.0-1.el6_8.i686.rpm thunderbird-debuginfo-45.7.0-1.el6_8.i686.rpm x86_64: thunderbird-45.7.0-1.el6_8.x86_64.rpm thunderbird-debuginfo-45.7.0-1.el6_8.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: thunderbird-45.7.0-1.el6_8.src.rpm i386: thunderbird-45.7.0-1.el6_8.i686.rpm thunderbird-debuginfo-45.7.0-1.el6_8.i686.rpm ppc64: thunderbird-45.7.0-1.el6_8.ppc64.rpm thunderbird-debuginfo-45.7.0-1.el6_8.ppc64.rpm s390x: thunderbird-45.7.0-1.el6_8.s390x.rpm thunderbird-debuginfo-45.7.0-1.el6_8.s390x.rpm x86_64: thunderbird-45.7.0-1.el6_8.x86_64.rpm thunderbird-debuginfo-45.7.0-1.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: thunderbird-45.7.0-1.el6_8.src.rpm i386: thunderbird-45.7.0-1.el6_8.i686.rpm thunderbird-debuginfo-45.7.0-1.el6_8.i686.rpm x86_64: thunderbird-45.7.0-1.el6_8.x86_64.rpm thunderbird-debuginfo-45.7.0-1.el6_8.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: thunderbird-45.7.0-1.el7_3.src.rpm x86_64: thunderbird-45.7.0-1.el7_3.x86_64.rpm thunderbird-debuginfo-45.7.0-1.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: thunderbird-45.7.0-1.el7_3.src.rpm aarch64: thunderbird-45.7.0-1.el7_3.aarch64.rpm thunderbird-debuginfo-45.7.0-1.el7_3.aarch64.rpm ppc64le: thunderbird-45.7.0-1.el7_3.ppc64le.rpm thunderbird-debuginfo-45.7.0-1.el7_3.ppc64le.rpm x86_64: thunderbird-45.7.0-1.el7_3.x86_64.rpm thunderbird-debuginfo-45.7.0-1.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: thunderbird-45.7.0-1.el7_3.src.rpm x86_64: thunderbird-45.7.0-1.el7_3.x86_64.rpm thunderbird-debuginfo-45.7.0-1.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5373 https://access.redhat.com/security/cve/CVE-2017-5375 https://access.redhat.com/security/cve/CVE-2017-5376 https://access.redhat.com/security/cve/CVE-2017-5378 https://access.redhat.com/security/cve/CVE-2017-5380 https://access.redhat.com/security/cve/CVE-2017-5383 https://access.redhat.com/security/cve/CVE-2017-5390 https://access.redhat.com/security/cve/CVE-2017-5396 https://access.redhat.com/security/updates/classification/#important https://www.mozilla.org/en-US/security/advisories/mfsa2017-03/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYksbBXlSAg2UNWIIRAmE/AJ9v2GkhbI7z8KNm4DsEjP8Qhjn8/wCfQrsj udSzVHVv4uPEHHnQzABhJOE= =E0xe -----END PGP SIGNATURE----- --
  16. news
    Hardware Canucks is pleased to present our review of the new MSI Z270 Gaming Pro Carbon motherboard. *Article URL:* http://www.hardwarecanucks.com/forum/hardware-canucks-reviews/74557-msi-z270-gaming-pro-carbon-motherboard-review.html *Quote:* *MSI's Z270 Gaming Pro Carbon is loaded with features and comes in at a fair price....but there's a lot of competition at this end of the market.* We would appreciate it if you would post this in your News section. Regards, -- Hardware Canucks News Team
  17. news
    openSUSE Security Update: Security update for seamonkey ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0356-1 Rating: important References: #1017174 #1021636 #984637 #990856 Cross-References: CVE-2016-6354 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update for Seamonkey to version 2.46 fixes security issues and bugs. The following vulnerabilities were fixed: - Fix all Gecko related security issues between 43.0.1 and 49.0.2 - CVE-2016-6354: buffer overrun in flex (boo#990856) The following non-security changes are included: - improve recognition of LANGUAGE env variable (boo#1017174) - improve TLS compatibility with certain websites (boo#1021636) - Seamonkey now requires NSPR 4.12 and NSS 3.25 - based on Gecko 49.0.2 - Chatzilla and DOM Inspector were disabled Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-189=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-189=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): seamonkey-2.46-9.2 seamonkey-debuginfo-2.46-9.2 seamonkey-debugsource-2.46-9.2 seamonkey-translations-common-2.46-9.2 seamonkey-translations-other-2.46-9.2 - openSUSE Leap 42.1 (i586 x86_64): seamonkey-2.46-9.2 seamonkey-debuginfo-2.46-9.2 seamonkey-debugsource-2.46-9.2 seamonkey-translations-common-2.46-9.2 seamonkey-translations-other-2.46-9.2 References: https://www.suse.com/security/cve/CVE-2016-6354.html https://bugzilla.suse.com/1017174 https://bugzilla.suse.com/1021636 https://bugzilla.suse.com/984637 https://bugzilla.suse.com/990856 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  18. news
    openSUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0358-1 Rating: important References: #1017174 #1021814 #1021817 #1021818 #1021819 #1021820 #1021821 #1021822 #1021823 #1021824 #1021826 #1021827 #1021828 #1021830 #1021831 #1021832 #1021833 #1021835 #1021837 #1021839 #1021840 #1021841 Cross-References: CVE-2017-5373 CVE-2017-5374 CVE-2017-5375 CVE-2017-5376 CVE-2017-5377 CVE-2017-5378 CVE-2017-5379 CVE-2017-5380 CVE-2017-5381 CVE-2017-5382 CVE-2017-5383 CVE-2017-5384 CVE-2017-5385 CVE-2017-5386 CVE-2017-5387 CVE-2017-5388 CVE-2017-5389 CVE-2017-5390 CVE-2017-5391 CVE-2017-5392 CVE-2017-5393 CVE-2017-5394 CVE-2017-5395 CVE-2017-5396 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes 24 vulnerabilities is now available. Description: This update for MozillaFirefox to version 51.0.1 fixes security issues and bugs. These security issues were fixed: * CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP (bmo#1325200, boo#1021814) * CVE-2017-5376: Use-after-free in XSL (bmo#1311687, boo#1021817) CVE-2017-5377: Memory corruption with transforms to create gradients in Skia (bmo#1306883, boo#1021826) * CVE-2017-5378: Pointer and frame data leakage of Javascript objects (bmo#1312001, bmo#1330769, boo#1021818) * CVE-2017-5379: Use-after-free in Web Animations (bmo#1309198,boo#1021827) * CVE-2017-5380: Potential use-after-free during DOM manipulations (bmo#1322107, boo#1021819) * CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer (bmo#1297361, boo#1021820) * CVE-2017-5389: WebExtensions can install additional add-ons via modified host requests (bmo#1308688, boo#1021828) * CVE-2017-5396: Use-after-free with Media Decoder (bmo#1329403, boo#1021821) * CVE-2017-5381: Certificate Viewer exporting can be used to navigate and save to arbitrary filesystem locations (bmo#1017616, boo#1021830) * CVE-2017-5382: Feed preview can expose privileged content errors and exceptions (bmo#1295322, boo#1021831) * CVE-2017-5383: Location bar spoofing with unicode characters (bmo#1323338, bmo#1324716, boo#1021822) * CVE-2017-5384: Information disclosure via Proxy Auto-Config (PAC) (bmo#1255474, boo#1021832) * CVE-2017-5385: Data sent in multipart channels ignores referrer-policy response headers (bmo#1295945, boo#1021833) * CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions (bmo#1319070, boo#1021823) * CVE-2017-5391: Content about: pages can load privileged about: pages (bmo#1309310, boo#1021835) * CVE-2017-5393: Remove addons.mozilla.org CDN from whitelist for mozAddonManager (bmo#1309282, boo#1021837) * CVE-2017-5387: Disclosure of local file existence through TRACK tag error messages (bmo#1295023, boo#1021839) * CVE-2017-5388: WebRTC can be used to generate a large amount of UDP traffic for DDOS attacks (bmo#1281482, boo#1021840) * CVE-2017-5374: Memory safety bugs (boo#1021841) * CVE-2017-5373: Memory safety bugs (boo#1021824) These non-security issues in MozillaFirefox were fixed: * Added support for FLAC (Free Lossless Audio Codec) playback * Added support for WebGL 2 * Added Georgian (ka) and Kabyle (kab) locales * Support saving passwords for forms without 'submit' events * Improved video performance for users without GPU acceleration * Zoom indicator is shown in the URL bar if the zoom level is not at default level * View passwords from the prompt before saving them * Remove Belarusian (be) locale * Use Skia for content rendering (Linux) * Improve recognition of LANGUAGE env variable (boo#1017174) * Multiprocess incompatibility did not correctly register with some add-ons (bmo#1333423) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-187=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-187=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): MozillaFirefox-51.0.1-50.2 MozillaFirefox-branding-upstream-51.0.1-50.2 MozillaFirefox-buildsymbols-51.0.1-50.2 MozillaFirefox-debuginfo-51.0.1-50.2 MozillaFirefox-debugsource-51.0.1-50.2 MozillaFirefox-devel-51.0.1-50.2 MozillaFirefox-translations-common-51.0.1-50.2 MozillaFirefox-translations-other-51.0.1-50.2 - openSUSE Leap 42.1 (x86_64): MozillaFirefox-51.0.1-50.2 MozillaFirefox-branding-upstream-51.0.1-50.2 MozillaFirefox-buildsymbols-51.0.1-50.2 MozillaFirefox-debuginfo-51.0.1-50.2 MozillaFirefox-debugsource-51.0.1-50.2 MozillaFirefox-devel-51.0.1-50.2 MozillaFirefox-translations-common-51.0.1-50.2 MozillaFirefox-translations-other-51.0.1-50.2 References: https://www.suse.com/security/cve/CVE-2017-5373.html https://www.suse.com/security/cve/CVE-2017-5374.html https://www.suse.com/security/cve/CVE-2017-5375.html https://www.suse.com/security/cve/CVE-2017-5376.html https://www.suse.com/security/cve/CVE-2017-5377.html https://www.suse.com/security/cve/CVE-2017-5378.html https://www.suse.com/security/cve/CVE-2017-5379.html https://www.suse.com/security/cve/CVE-2017-5380.html https://www.suse.com/security/cve/CVE-2017-5381.html https://www.suse.com/security/cve/CVE-2017-5382.html https://www.suse.com/security/cve/CVE-2017-5383.html https://www.suse.com/security/cve/CVE-2017-5384.html https://www.suse.com/security/cve/CVE-2017-5385.html https://www.suse.com/security/cve/CVE-2017-5386.html https://www.suse.com/security/cve/CVE-2017-5387.html https://www.suse.com/security/cve/CVE-2017-5388.html https://www.suse.com/security/cve/CVE-2017-5389.html https://www.suse.com/security/cve/CVE-2017-5390.html https://www.suse.com/security/cve/CVE-2017-5391.html https://www.suse.com/security/cve/CVE-2017-5392.html https://www.suse.com/security/cve/CVE-2017-5393.html https://www.suse.com/security/cve/CVE-2017-5394.html https://www.suse.com/security/cve/CVE-2017-5395.html https://www.suse.com/security/cve/CVE-2017-5396.html https://bugzilla.suse.com/1017174 https://bugzilla.suse.com/1021814 https://bugzilla.suse.com/1021817 https://bugzilla.suse.com/1021818 https://bugzilla.suse.com/1021819 https://bugzilla.suse.com/1021820 https://bugzilla.suse.com/1021821 https://bugzilla.suse.com/1021822 https://bugzilla.suse.com/1021823 https://bugzilla.suse.com/1021824 https://bugzilla.suse.com/1021826 https://bugzilla.suse.com/1021827 https://bugzilla.suse.com/1021828 https://bugzilla.suse.com/1021830 https://bugzilla.suse.com/1021831 https://bugzilla.suse.com/1021832 https://bugzilla.suse.com/1021833 https://bugzilla.suse.com/1021835 https://bugzilla.suse.com/1021837 https://bugzilla.suse.com/1021839 https://bugzilla.suse.com/1021840 https://bugzilla.suse.com/1021841 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  19. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: rabbitmq-server security update Advisory ID: RHSA-2017:0226-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0226.html Issue date: 2017-02-01 CVE Names: CVE-2015-8786 ===================================================================== 1. Summary: An update for rabbitmq-server is now available for Red Hat OpenStack Platform 8.0 (Liberty). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 8.0 (Liberty) - noarch 3. Description: RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable implementation of an AMQP broker. Security Fix(es): * A resource-consumption flaw was found in RabbitMQ Server, where the lengths_age or lengths_incr parameters were not validated in the management plugin. Remote, authenticated users with certain privileges could exploit this flaw to cause a denial of service by passing values which were too large. (CVE-2015-8786) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1404150 - CVE-2015-8786 rabbitmq-server: DoS via lengths_age or lengths_incr parameter in the management plugin 6. Package List: Red Hat OpenStack Platform 8.0 (Liberty): Source: rabbitmq-server-3.3.5-30.el7ost.src.rpm noarch: rabbitmq-server-3.3.5-30.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-8786 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYkl5iXlSAg2UNWIIRAtWSAKC6Ioz+cDjzJrGKltMwfV7QCVi4hwCbBCyh oh01pugmNmXoTau2zLb3hAk= =L/k5 -----END PGP SIGNATURE----- --
  20. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Mechanical Keyboards MK Fission Link: http://www.techpowerup.com/reviews/MechanicalKeyboards/MK_Fission Brief: MechanicalKeyboards.com is a prominent retailer of mechanical keyboards, as the name would suggest, based in the USA. Today we get to take a look at their new MK Fission full size keyboard that comes in 18 possible options to choose from, Yes, there is RGB included but perhaps not the way you think.
  21. news
    Hello editors, Today we take a look at the MSI Z270 XPower Titanium, a high end enthusiast motherboard for extreme gaming and overclocking that is designed for use with Intel's 6th and 7th generation processors. https://www.neoseeker.com/Articles/Hardware/Reviews/msi-z270-xpower-titanium/ "The MSI Z270 XPower Titanium performed flawlessly throughout testing! It > ran perfectly stable without hiccups of any kind. The onboard components > all ran at cool temperatures, and the only hindrance to overclocking was > the CPU and heat sink – the motherboard itself had plenty of head room even > over 5 GHz." Thank as always for any linkage, we appreciate your support! Neoseeker Hardware https://www.neoseeker.com/ hardware ( -at -) neoseeker.com
  22. news
    Title: TRENDnet TV-IP314PI Indoor/Outdoor 4MP PoE Day/Night Network Camera Review ( -at -) NikKTech Description: If you're looking to safeguard your property with a new IP camera and your budget is limited then the TRENDnet TV-IP314PI Indoor/Outdoor 4MP PoE Day/Night Network Camera should be at the top of your to buy list. Article Link: http://www.nikktech.com/main/articles/security/surveillance-cameras/7405-tre ndnet-tv-ip314pi-indoor-outdoor-4mp-poe-day-night-network-camera-review Image Link: http://www.nikktech.com/main/images/pics/reviews/trendnet/tv_ip314ip/trendne t_tv_ip314pib.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas
  23. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3780-1 security ( -at -) debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 01, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : ntfs-3g CVE ID : CVE-2017-0358 Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege escalation. For the stable distribution (jessie), this problem has been fixed in version 1:2014.2.15AR.2-1+deb8u3. For the unstable distribution (sid), this problem has been fixed in version 1:2016.2.22AR.1-4. We recommend that you upgrade your ntfs-3g packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
  24. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: libtiff security update Advisory ID: RHSA-2017:0225-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0225.html Issue date: 2017-02-01 CVE Names: CVE-2015-8870 CVE-2016-5652 CVE-2016-9533 CVE-2016-9534 CVE-2016-9535 CVE-2016-9536 CVE-2016-9537 CVE-2016-9540 ===================================================================== 1. Summary: An update for libtiff is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libtiff packages contain a library of functions for manipulating Tagged Image File Format (TIFF) files. Security Fix(es): * Multiple flaws have been discovered in libtiff. A remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code by tricking an application linked against libtiff into processing specially crafted files. (CVE-2016-9533, CVE-2016-9534, CVE-2016-9535) * Multiple flaws have been discovered in various libtiff tools (tiff2pdf, tiffcrop, tiffcp, bmp2tiff). By tricking a user into processing a specially crafted file, a remote attacker could exploit these flaws to cause a crash or memory corruption and, possibly, execute arbitrary code with the privileges of the user running the libtiff tool. (CVE-2015-8870, CVE-2016-5652, CVE-2016-9540, CVE-2016-9537, CVE-2016-9536) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running applications linked against libtiff must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1389222 - CVE-2016-5652 libtiff: tiff2pdf JPEG Compression Tables Heap Buffer Overflow 1397751 - CVE-2016-9534 libtiff: TIFFFlushData1 heap-buffer-overflow 1397755 - CVE-2016-9535 libtiff: Predictor heap-buffer-overflow 1397758 - CVE-2016-9536 libtiff: t2p_process_jpeg_strip heap-buffer-overflow 1397760 - CVE-2016-9537 libtiff: Out-of-bounds write vulnerabilities in tools/tiffcrop.c 1397768 - CVE-2016-9540 libtiff: cpStripToTile heap-buffer-overflow 1397769 - CVE-2016-9533 libtiff: PixarLog horizontalDifference heap-buffer-overflow 1402778 - CVE-2015-8870 libtiff: Integer overflow in tools/bmp2tiff.c 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: libtiff-3.9.4-21.el6_8.src.rpm i386: libtiff-3.9.4-21.el6_8.i686.rpm libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm x86_64: libtiff-3.9.4-21.el6_8.i686.rpm libtiff-3.9.4-21.el6_8.x86_64.rpm libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-debuginfo-3.9.4-21.el6_8.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-devel-3.9.4-21.el6_8.i686.rpm libtiff-static-3.9.4-21.el6_8.i686.rpm x86_64: libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-debuginfo-3.9.4-21.el6_8.x86_64.rpm libtiff-devel-3.9.4-21.el6_8.i686.rpm libtiff-devel-3.9.4-21.el6_8.x86_64.rpm libtiff-static-3.9.4-21.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: libtiff-3.9.4-21.el6_8.src.rpm x86_64: libtiff-3.9.4-21.el6_8.i686.rpm libtiff-3.9.4-21.el6_8.x86_64.rpm libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-debuginfo-3.9.4-21.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-debuginfo-3.9.4-21.el6_8.x86_64.rpm libtiff-devel-3.9.4-21.el6_8.i686.rpm libtiff-devel-3.9.4-21.el6_8.x86_64.rpm libtiff-static-3.9.4-21.el6_8.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: libtiff-3.9.4-21.el6_8.src.rpm i386: libtiff-3.9.4-21.el6_8.i686.rpm libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-devel-3.9.4-21.el6_8.i686.rpm ppc64: libtiff-3.9.4-21.el6_8.ppc.rpm libtiff-3.9.4-21.el6_8.ppc64.rpm libtiff-debuginfo-3.9.4-21.el6_8.ppc.rpm libtiff-debuginfo-3.9.4-21.el6_8.ppc64.rpm libtiff-devel-3.9.4-21.el6_8.ppc.rpm libtiff-devel-3.9.4-21.el6_8.ppc64.rpm s390x: libtiff-3.9.4-21.el6_8.s390.rpm libtiff-3.9.4-21.el6_8.s390x.rpm libtiff-debuginfo-3.9.4-21.el6_8.s390.rpm libtiff-debuginfo-3.9.4-21.el6_8.s390x.rpm libtiff-devel-3.9.4-21.el6_8.s390.rpm libtiff-devel-3.9.4-21.el6_8.s390x.rpm x86_64: libtiff-3.9.4-21.el6_8.i686.rpm libtiff-3.9.4-21.el6_8.x86_64.rpm libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-debuginfo-3.9.4-21.el6_8.x86_64.rpm libtiff-devel-3.9.4-21.el6_8.i686.rpm libtiff-devel-3.9.4-21.el6_8.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-static-3.9.4-21.el6_8.i686.rpm ppc64: libtiff-debuginfo-3.9.4-21.el6_8.ppc64.rpm libtiff-static-3.9.4-21.el6_8.ppc64.rpm s390x: libtiff-debuginfo-3.9.4-21.el6_8.s390x.rpm libtiff-static-3.9.4-21.el6_8.s390x.rpm x86_64: libtiff-debuginfo-3.9.4-21.el6_8.x86_64.rpm libtiff-static-3.9.4-21.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: libtiff-3.9.4-21.el6_8.src.rpm i386: libtiff-3.9.4-21.el6_8.i686.rpm libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-devel-3.9.4-21.el6_8.i686.rpm x86_64: libtiff-3.9.4-21.el6_8.i686.rpm libtiff-3.9.4-21.el6_8.x86_64.rpm libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-debuginfo-3.9.4-21.el6_8.x86_64.rpm libtiff-devel-3.9.4-21.el6_8.i686.rpm libtiff-devel-3.9.4-21.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: libtiff-debuginfo-3.9.4-21.el6_8.i686.rpm libtiff-static-3.9.4-21.el6_8.i686.rpm x86_64: libtiff-debuginfo-3.9.4-21.el6_8.x86_64.rpm libtiff-static-3.9.4-21.el6_8.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: libtiff-4.0.3-27.el7_3.src.rpm x86_64: libtiff-4.0.3-27.el7_3.i686.rpm libtiff-4.0.3-27.el7_3.x86_64.rpm libtiff-debuginfo-4.0.3-27.el7_3.i686.rpm libtiff-debuginfo-4.0.3-27.el7_3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libtiff-debuginfo-4.0.3-27.el7_3.i686.rpm libtiff-debuginfo-4.0.3-27.el7_3.x86_64.rpm libtiff-devel-4.0.3-27.el7_3.i686.rpm libtiff-devel-4.0.3-27.el7_3.x86_64.rpm libtiff-static-4.0.3-27.el7_3.i686.rpm libtiff-static-4.0.3-27.el7_3.x86_64.rpm libtiff-tools-4.0.3-27.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libtiff-4.0.3-27.el7_3.src.rpm x86_64: libtiff-4.0.3-27.el7_3.i686.rpm libtiff-4.0.3-27.el7_3.x86_64.rpm libtiff-debuginfo-4.0.3-27.el7_3.i686.rpm libtiff-debuginfo-4.0.3-27.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libtiff-debuginfo-4.0.3-27.el7_3.i686.rpm libtiff-debuginfo-4.0.3-27.el7_3.x86_64.rpm libtiff-devel-4.0.3-27.el7_3.i686.rpm libtiff-devel-4.0.3-27.el7_3.x86_64.rpm libtiff-static-4.0.3-27.el7_3.i686.rpm libtiff-static-4.0.3-27.el7_3.x86_64.rpm libtiff-tools-4.0.3-27.el7_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libtiff-4.0.3-27.el7_3.src.rpm aarch64: libtiff-4.0.3-27.el7_3.aarch64.rpm libtiff-debuginfo-4.0.3-27.el7_3.aarch64.rpm libtiff-devel-4.0.3-27.el7_3.aarch64.rpm ppc64: libtiff-4.0.3-27.el7_3.ppc.rpm libtiff-4.0.3-27.el7_3.ppc64.rpm libtiff-debuginfo-4.0.3-27.el7_3.ppc.rpm libtiff-debuginfo-4.0.3-27.el7_3.ppc64.rpm libtiff-devel-4.0.3-27.el7_3.ppc.rpm libtiff-devel-4.0.3-27.el7_3.ppc64.rpm ppc64le: libtiff-4.0.3-27.el7_3.ppc64le.rpm libtiff-debuginfo-4.0.3-27.el7_3.ppc64le.rpm libtiff-devel-4.0.3-27.el7_3.ppc64le.rpm s390x: libtiff-4.0.3-27.el7_3.s390.rpm libtiff-4.0.3-27.el7_3.s390x.rpm libtiff-debuginfo-4.0.3-27.el7_3.s390.rpm libtiff-debuginfo-4.0.3-27.el7_3.s390x.rpm libtiff-devel-4.0.3-27.el7_3.s390.rpm libtiff-devel-4.0.3-27.el7_3.s390x.rpm x86_64: libtiff-4.0.3-27.el7_3.i686.rpm libtiff-4.0.3-27.el7_3.x86_64.rpm libtiff-debuginfo-4.0.3-27.el7_3.i686.rpm libtiff-debuginfo-4.0.3-27.el7_3.x86_64.rpm libtiff-devel-4.0.3-27.el7_3.i686.rpm libtiff-devel-4.0.3-27.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: libtiff-debuginfo-4.0.3-27.el7_3.aarch64.rpm libtiff-static-4.0.3-27.el7_3.aarch64.rpm libtiff-tools-4.0.3-27.el7_3.aarch64.rpm ppc64: libtiff-debuginfo-4.0.3-27.el7_3.ppc.rpm libtiff-debuginfo-4.0.3-27.el7_3.ppc64.rpm libtiff-static-4.0.3-27.el7_3.ppc.rpm libtiff-static-4.0.3-27.el7_3.ppc64.rpm libtiff-tools-4.0.3-27.el7_3.ppc64.rpm ppc64le: libtiff-debuginfo-4.0.3-27.el7_3.ppc64le.rpm libtiff-static-4.0.3-27.el7_3.ppc64le.rpm libtiff-tools-4.0.3-27.el7_3.ppc64le.rpm s390x: libtiff-debuginfo-4.0.3-27.el7_3.s390.rpm libtiff-debuginfo-4.0.3-27.el7_3.s390x.rpm libtiff-static-4.0.3-27.el7_3.s390.rpm libtiff-static-4.0.3-27.el7_3.s390x.rpm libtiff-tools-4.0.3-27.el7_3.s390x.rpm x86_64: libtiff-debuginfo-4.0.3-27.el7_3.i686.rpm libtiff-debuginfo-4.0.3-27.el7_3.x86_64.rpm libtiff-static-4.0.3-27.el7_3.i686.rpm libtiff-static-4.0.3-27.el7_3.x86_64.rpm libtiff-tools-4.0.3-27.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libtiff-4.0.3-27.el7_3.src.rpm x86_64: libtiff-4.0.3-27.el7_3.i686.rpm libtiff-4.0.3-27.el7_3.x86_64.rpm libtiff-debuginfo-4.0.3-27.el7_3.i686.rpm libtiff-debuginfo-4.0.3-27.el7_3.x86_64.rpm libtiff-devel-4.0.3-27.el7_3.i686.rpm libtiff-devel-4.0.3-27.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libtiff-debuginfo-4.0.3-27.el7_3.i686.rpm libtiff-debuginfo-4.0.3-27.el7_3.x86_64.rpm libtiff-static-4.0.3-27.el7_3.i686.rpm libtiff-static-4.0.3-27.el7_3.x86_64.rpm libtiff-tools-4.0.3-27.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-8870 https://access.redhat.com/security/cve/CVE-2016-5652 https://access.redhat.com/security/cve/CVE-2016-9533 https://access.redhat.com/security/cve/CVE-2016-9534 https://access.redhat.com/security/cve/CVE-2016-9535 https://access.redhat.com/security/cve/CVE-2016-9536 https://access.redhat.com/security/cve/CVE-2016-9537 https://access.redhat.com/security/cve/CVE-2016-9540 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYkbOXXlSAg2UNWIIRAnjDAJ4gVk3+VywCcLC3N1RKzul687ZW8QCfTzJt wgGwbbLO6IYrzVJoFb/jZ6U= =hp6s -----END PGP SIGNATURE----- --
  25. news
    SUSE Security Update: Security update for gnutls ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0348-1 Rating: important References: #1005879 #1018832 #999646 Cross-References: CVE-2016-7444 CVE-2016-8610 CVE-2017-5335 CVE-2017-5336 CVE-2017-5337 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for gnutls fixes the following security issues: - GnuTLS could have crashed when processing maliciously crafted OpenPGP certificates (GNUTLS-SA-2017-2, bsc#1018832, CVE-2017-5335, CVE-2017-5337, CVE-2017-5336) - GnuTLS could have falsely accepted certificates when using OCSP (GNUTLS-SA-2016-3, bsc#999646, CVE-2016-7444) - GnuTLS could have suffered from 100% CPU load DoS attacks by using SSL alert packets during the handshake (bsc#1005879, CVE-2016-8610) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-177=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2017-177=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-177=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-177=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-177=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-177=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-177=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): gnutls-debuginfo-3.2.15-16.1 gnutls-debugsource-3.2.15-16.1 libgnutls-devel-3.2.15-16.1 libgnutls-openssl-devel-3.2.15-16.1 libgnutlsxx-devel-3.2.15-16.1 libgnutlsxx28-3.2.15-16.1 libgnutlsxx28-debuginfo-3.2.15-16.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): gnutls-debuginfo-3.2.15-16.1 gnutls-debugsource-3.2.15-16.1 libgnutls-devel-3.2.15-16.1 libgnutls-openssl-devel-3.2.15-16.1 libgnutlsxx-devel-3.2.15-16.1 libgnutlsxx28-3.2.15-16.1 libgnutlsxx28-debuginfo-3.2.15-16.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): gnutls-3.2.15-16.1 gnutls-debuginfo-3.2.15-16.1 gnutls-debugsource-3.2.15-16.1 libgnutls-openssl27-3.2.15-16.1 libgnutls-openssl27-debuginfo-3.2.15-16.1 libgnutls28-3.2.15-16.1 libgnutls28-debuginfo-3.2.15-16.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): gnutls-3.2.15-16.1 gnutls-debuginfo-3.2.15-16.1 gnutls-debugsource-3.2.15-16.1 libgnutls-openssl27-3.2.15-16.1 libgnutls-openssl27-debuginfo-3.2.15-16.1 libgnutls28-3.2.15-16.1 libgnutls28-debuginfo-3.2.15-16.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libgnutls28-32bit-3.2.15-16.1 libgnutls28-debuginfo-32bit-3.2.15-16.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): gnutls-3.2.15-16.1 gnutls-debuginfo-3.2.15-16.1 gnutls-debugsource-3.2.15-16.1 libgnutls-openssl27-3.2.15-16.1 libgnutls-openssl27-debuginfo-3.2.15-16.1 libgnutls28-3.2.15-16.1 libgnutls28-debuginfo-3.2.15-16.1 - SUSE Linux Enterprise Server 12-SP1 (s390x x86_64): libgnutls28-32bit-3.2.15-16.1 libgnutls28-debuginfo-32bit-3.2.15-16.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): gnutls-3.2.15-16.1 gnutls-debuginfo-3.2.15-16.1 gnutls-debugsource-3.2.15-16.1 libgnutls28-3.2.15-16.1 libgnutls28-32bit-3.2.15-16.1 libgnutls28-debuginfo-3.2.15-16.1 libgnutls28-debuginfo-32bit-3.2.15-16.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): gnutls-3.2.15-16.1 gnutls-debuginfo-3.2.15-16.1 gnutls-debugsource-3.2.15-16.1 libgnutls28-3.2.15-16.1 libgnutls28-32bit-3.2.15-16.1 libgnutls28-debuginfo-3.2.15-16.1 libgnutls28-debuginfo-32bit-3.2.15-16.1 References: https://www.suse.com/security/cve/CVE-2016-7444.html https://www.suse.com/security/cve/CVE-2016-8610.html https://www.suse.com/security/cve/CVE-2017-5335.html https://www.suse.com/security/cve/CVE-2017-5336.html https://www.suse.com/security/cve/CVE-2017-5337.html https://bugzilla.suse.com/1005879 https://bugzilla.suse.com/1018832 https://bugzilla.suse.com/999646 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
×