Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    ** TECHSPOT ------------------------------------------------------------ ** Asrock Z270 Extreme4 & Fatal1ty Z270 Gaming K6 Review ------------------------------------------------------------ ** http://www.techspot.com/review/1316-asrock-z270-motherboards/ ------------------------------------------------------------ Kick starting 2017, Intel's Kaby Lake processors made some minor performance improvements to Skylake through what might as well be described as factory overclocking. Making the release more exciting, board partners including Asrock launched alongside some drool-inducing Z270 motherboards. Two of which we are reviewing today. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA
  2. news
    ** TECHSPOT ------------------------------------------------------------ ** Asrock Z270 Extreme4 & Fatal1ty Z270 Gaming K6 Review ------------------------------------------------------------ ** http://www.techspot.com/review/1316-asrock-z270-motherboards/ ------------------------------------------------------------ Kick starting 2017, Intel's Kaby Lake processors made some minor performance improvements to Skylake through what might as well be described as factory overclocking. Making the release more exciting, board partners including Asrock launched alongside some drool-inducing Z270 motherboards. Two of which we are reviewing today. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA
  3. news
    View this email in your browser (http://us3.campaign-archive1.com/?u=efc4c507c2cf964fc2462caca&id=dce775fa1f&e=0c004f9c13) In this latest episode of HotHardware’s Two And A Half Geeks, we chat about Intel Kaby Lake Overclocking and the Core i3-7350K, low power Kaby Lake-Y performance on Dell's XPS 13 2-in-1, the Google Pixel XL versus the Samsung Galaxy S7 Edge, DIY Game Consoles goodness with the Raspberry Pi and RetroPie, NVIDIA's SHIELD TV Android Nougat Update, and hints of our next giveaway... Two And A Half Geeks: Kaby Lake Overclocking, Google Pixel XL vs GS7 Edge, DIY RetroPi, XPS 13 2-In-1 And More (http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=b424853bd5&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=415b4355e2&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=720ab0f827&e=0c004f9c13) http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=be0f0335f8&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=3782cb4ff8&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=3027b9bd87&e=0c004f9c13 ============================================================
  4. news
    SUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0346-1 Rating: important References: #1020905 #1022053 Cross-References: CVE-2016-2183 CVE-2016-5546 CVE-2016-5547 CVE-2016-5548 CVE-2016-5549 CVE-2016-5552 CVE-2017-3231 CVE-2017-3241 CVE-2017-3252 CVE-2017-3253 CVE-2017-3260 CVE-2017-3261 CVE-2017-3272 CVE-2017-3289 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 14 vulnerabilities is now available. Description: This update for java-1_8_0-openjdk fixes the following issues: Oracle Critical Patch Update of January 2017 (bsc#1020905) Upgrade to version jdk8u121 (icedtea 3.3.0): - S8138725: Add options for Javadoc generation - S8140353: Improve signature checking - S8151934, CVE-2017-3231: Resolve class resolution - S8156804, CVE-2017-3241: Better constraint checking - S8158406: Limited Parameter Processing - S8158997: JNDI Protocols Switch - S8159507: RuntimeVisibleAnnotation validation - S8161218: Better bytecode loading - S8161743, CVE-2017-3252: Provide proper login context - S8162577: Standardize logging levels - S8162973: Better component components - S8164143, CVE-2017-3260: Improve components for menu items - S8164147, CVE-2017-3261: Improve streaming socket output - S8165071, CVE-2016-2183: Expand TLS support - S8165344, CVE-2017-3272: Update concurrency support - S8166988, CVE-2017-3253: Improve image processing performance - S8167104, CVE-2017-3289: Additional class construction refinements - S8167223, CVE-2016-5552: URL handling improvements - S8168705, CVE-2016-5547: Better ObjectIdentifier validation - S8168714, CVE-2016-5546: Tighten ECDSA validation - S8168728, CVE-2016-5548: DSA signing improvements - S8168724, CVE-2016-5549: ECDSA signing improvements Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-176=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-176=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-176=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-176=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-176=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): java-1_8_0-openjdk-1.8.0.121-20.1 java-1_8_0-openjdk-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-debugsource-1.8.0.121-20.1 java-1_8_0-openjdk-demo-1.8.0.121-20.1 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-devel-1.8.0.121-20.1 java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-headless-1.8.0.121-20.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-20.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): java-1_8_0-openjdk-1.8.0.121-20.1 java-1_8_0-openjdk-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-debugsource-1.8.0.121-20.1 java-1_8_0-openjdk-demo-1.8.0.121-20.1 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-devel-1.8.0.121-20.1 java-1_8_0-openjdk-devel-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-headless-1.8.0.121-20.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-20.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_8_0-openjdk-1.8.0.121-20.1 java-1_8_0-openjdk-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-debugsource-1.8.0.121-20.1 java-1_8_0-openjdk-demo-1.8.0.121-20.1 java-1_8_0-openjdk-demo-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-devel-1.8.0.121-20.1 java-1_8_0-openjdk-headless-1.8.0.121-20.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-20.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): java-1_8_0-openjdk-1.8.0.121-20.1 java-1_8_0-openjdk-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-debugsource-1.8.0.121-20.1 java-1_8_0-openjdk-headless-1.8.0.121-20.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-20.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): java-1_8_0-openjdk-1.8.0.121-20.1 java-1_8_0-openjdk-debuginfo-1.8.0.121-20.1 java-1_8_0-openjdk-debugsource-1.8.0.121-20.1 java-1_8_0-openjdk-headless-1.8.0.121-20.1 java-1_8_0-openjdk-headless-debuginfo-1.8.0.121-20.1 References: https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-5546.html https://www.suse.com/security/cve/CVE-2016-5547.html https://www.suse.com/security/cve/CVE-2016-5548.html https://www.suse.com/security/cve/CVE-2016-5549.html https://www.suse.com/security/cve/CVE-2016-5552.html https://www.suse.com/security/cve/CVE-2017-3231.html https://www.suse.com/security/cve/CVE-2017-3241.html https://www.suse.com/security/cve/CVE-2017-3252.html https://www.suse.com/security/cve/CVE-2017-3253.html https://www.suse.com/security/cve/CVE-2017-3260.html https://www.suse.com/security/cve/CVE-2017-3261.html https://www.suse.com/security/cve/CVE-2017-3272.html https://www.suse.com/security/cve/CVE-2017-3289.html https://bugzilla.suse.com/1020905 https://bugzilla.suse.com/1022053 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  5. news
    Hello, I have just released Shotwell 0.24.5 and 0.25.4 which turn on HTTPS encyption all over the publishing plugins. Users using Tumblr and Yandex.Fotki publishing are strongly advised to change their passwords and reauthenticate Shotwell to those services after upgrade. Users of Picasa and Youtube publishing are strongly advised to reauthenticate (Log out and back in) Shotwell to those services after upgrade. Sorry for the inconvenience, a DWE/CVE for this has been requested. Kind Regards Jens Georg _______________________________________________
  6. news
    TITLE: MSI GE62VR 7RE Apache Pro Review ( -at -) Vortez CONTENT: MSI's laptop division are known for seizing the opportunity and 'striking while the iron is hot' and today's product review in question epitomises just that. Within the MSI GE62 7RE resides the new Intel 7th Generation Core i7-7700HQ processor and the newly unveiled GTX 1050 Ti. By offering 8GB DDR4 and a SATA-based M.2 SSD this new laptop is likely to be regarded as an entry-level performer, but which is bolstered by the new Kaby Lake quad-core unit. LINK: http://www.vortez.net/review.php?id=1261 ---------------------------------------------------------------------------- -------------------- Please post this news item in your news section. Thank you.
  7. news
    At Phoronix we have posted a new article. A link to this from your site's news section would be greatly appreciated. Title: Intel Pentium G4600: A Surprising 3.6GHz Kabylake CPU For $90 ( -at -) Phoronix Direct Link: http://www.phoronix.com/vr.php?view=24101 Summary: "If you are looking to upgrade to a Kabylake processor but the Core i7 7700K at $350 and other higher-end models are too expensive, the Pentium G4600 is available at under $90 USD for a dual-core processor with Hyper Threading and clocks up to 3.6GHz." Please feel free to contact us with any questions or comments you may
  8. news
    ROCCAT Renga Gaming Headset Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/roccat-renga-gaming-headset-review/ Image URL: http://www.thinkcomputers.org/reviews/roccat_renga/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/roccat_renga/small.jpg Quote: "Gaming headsets have changed considerably over the past few years.  Gaming headsets tended to be bulky, had every option you wanted, and even ones you didn't.  Since competitive gaming is really pushing the industry gamers needs have definitely changed and now we are seeing lighter and less feature-rich gaming headsets which are designed for the competitive scene.  These headsets also tend to be at a lower price-point, but that does not mean they are cheap by any means.  Today we are taking a look at the Renga gaming headset from ROCCAT.  This stereo headset features a lightweight design, 50 mm drivers, and ventilated earcups.  Let's take a look at see what they are all about!"
  9. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2017:0217-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0217.html Issue date: 2017-01-31 CVE Names: CVE-2016-2847 CVE-2016-7117 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode EUS (v. 7.2) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2) - x86_64 Red Hat Enterprise Linux Server EUS (v. 7.2) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 7.2) - ppc64, ppc64le, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) * It is possible for a single process to cause an OOM condition by filling large pipes with data that are never read. A typical process filling 4096 pipes with 1 MB of data will use 4 GB of memory and there can be multiple such processes, up to a per-user-limit. (CVE-2016-2847, Moderate) Red Hat would like to thank Tetsuo Handa for reporting CVE-2016-2847. Bug Fix(es): * Previously, an XFS corruption in some cases occurred on Seagate 8TB drive based volumes after a planned system shutdown or reboot, when a disk write back cache was used. With this update, the megaraid_sas driver has been fixed and the XFS corruption no longer occurs in the described scenario. (BZ#1398178) * This update applies a set of patches for the resizable hash table (rhashtable). This set contains backported bug fixes and enhancements from upstream. (BZ#1382630) * Previously, a kernel panic in some cases occurred during the boot with the Nonvolatile Memory Express (NVMe) kernel module, because the NVMe driver did not receive legacy PCI interrupts. This update fixes the NVMe driver to always use the Message Signaled Interrupts (MSI/MSI-X) interrupts. As a result, the operating system now boots without panic under the described circumstances. (BZ#1396558) * Previously, the Advanced Error Reporting (AER) correct error in some cases caused a kernel panic. This update fixes the _scsih_pci_mmio_enabled() function in the mpt3sas driver to not incorrectly return PCI_ERS_RESULT_NEED_RESET return value in the situation when PCI_ERS_RESULT_RECOVERED return value is expected. As a result, the kernel no longer panics due to _scsih_pci_mmio_enabled(). (BZ#1395220) * When resizing the Transmit (TX) and Receive (RX) rings in the sfc driver with the "ethtool -G" command, a kernel protection fault in the napi_hash_add() function occurred on systems with a large number of queues. With this update, the efx_copy_channel()function in the sfc driver has been fixed to correctly clear the napi_hash state. As a result, the sfc kernel module now unloads successfully without the mentioned kernel protection fault. (BZ#1401460) * When a virtual machine (VM) with 2 PCI-Passthrough Ethernet interfaces attached was created, deleted and recreated, the operating system terminated unexpectedly and rebooted during the recreation. This update fixes the race condition between the eventfd and virqfd signaling mechanisms in the vfio driver. As a result, the operating system now boots without crashing in the described situation. (BZ#1391610) * Previously, when two NFS shares with different security settings were mounted, the I/O operations to the kerberos-authenticated mount caused the RPC_CRED_KEY_EXPIRE_SOON parameter to be set, but the parameter was not unset when performing the I/O operations on the sec=sys mount. Consequently, writes to both NFS shares had the same parameters, regardless of their security settings. This update fixes this problem by moving the NO_CRKEY_TIMEOUT parameter to the auth->au_flags field. As a result, NFS shares with different security settings are now handled as expected. (BZ#1388603) * Previously, memory corruption by copying data into the wrong memory locations sometimes occurred, because the __copy_tofrom_user() function was returning incorrect values. This update fixes the __copy_tofrom_user() function so that it no longer returns larger values than the number of bytes it was asked to copy. As a result, memory corruption no longer occurs in he described scenario. (BZ#1398588) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1313428 - CVE-2016-2847 kernel: pipe: limit the per-user amount of pages allocated in pipes 1382268 - CVE-2016-7117 kernel: Use-after-free in the recvmmsg exit path 6. Package List: Red Hat Enterprise Linux ComputeNode EUS (v. 7.2): Source: kernel-3.10.0-327.46.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.46.1.el7.noarch.rpm kernel-doc-3.10.0-327.46.1.el7.noarch.rpm x86_64: kernel-3.10.0-327.46.1.el7.x86_64.rpm kernel-debug-3.10.0-327.46.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.46.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.46.1.el7.x86_64.rpm kernel-devel-3.10.0-327.46.1.el7.x86_64.rpm kernel-headers-3.10.0-327.46.1.el7.x86_64.rpm kernel-tools-3.10.0-327.46.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.46.1.el7.x86_64.rpm perf-3.10.0-327.46.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm python-perf-3.10.0-327.46.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2): x86_64: kernel-debug-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.46.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.46.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.2): Source: kernel-3.10.0-327.46.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.46.1.el7.noarch.rpm kernel-doc-3.10.0-327.46.1.el7.noarch.rpm ppc64: kernel-3.10.0-327.46.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-327.46.1.el7.ppc64.rpm kernel-debug-3.10.0-327.46.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-327.46.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-327.46.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-327.46.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-327.46.1.el7.ppc64.rpm kernel-devel-3.10.0-327.46.1.el7.ppc64.rpm kernel-headers-3.10.0-327.46.1.el7.ppc64.rpm kernel-tools-3.10.0-327.46.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-327.46.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-327.46.1.el7.ppc64.rpm perf-3.10.0-327.46.1.el7.ppc64.rpm perf-debuginfo-3.10.0-327.46.1.el7.ppc64.rpm python-perf-3.10.0-327.46.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-327.46.1.el7.ppc64.rpm ppc64le: kernel-3.10.0-327.46.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-327.46.1.el7.ppc64le.rpm kernel-debug-3.10.0-327.46.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-327.46.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-327.46.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-327.46.1.el7.ppc64le.rpm kernel-devel-3.10.0-327.46.1.el7.ppc64le.rpm kernel-headers-3.10.0-327.46.1.el7.ppc64le.rpm kernel-tools-3.10.0-327.46.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-327.46.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-327.46.1.el7.ppc64le.rpm perf-3.10.0-327.46.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-327.46.1.el7.ppc64le.rpm python-perf-3.10.0-327.46.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-327.46.1.el7.ppc64le.rpm s390x: kernel-3.10.0-327.46.1.el7.s390x.rpm kernel-debug-3.10.0-327.46.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-327.46.1.el7.s390x.rpm kernel-debug-devel-3.10.0-327.46.1.el7.s390x.rpm kernel-debuginfo-3.10.0-327.46.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-327.46.1.el7.s390x.rpm kernel-devel-3.10.0-327.46.1.el7.s390x.rpm kernel-headers-3.10.0-327.46.1.el7.s390x.rpm kernel-kdump-3.10.0-327.46.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-327.46.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-327.46.1.el7.s390x.rpm perf-3.10.0-327.46.1.el7.s390x.rpm perf-debuginfo-3.10.0-327.46.1.el7.s390x.rpm python-perf-3.10.0-327.46.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-327.46.1.el7.s390x.rpm x86_64: kernel-3.10.0-327.46.1.el7.x86_64.rpm kernel-debug-3.10.0-327.46.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.46.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.46.1.el7.x86_64.rpm kernel-devel-3.10.0-327.46.1.el7.x86_64.rpm kernel-headers-3.10.0-327.46.1.el7.x86_64.rpm kernel-tools-3.10.0-327.46.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.46.1.el7.x86_64.rpm perf-3.10.0-327.46.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm python-perf-3.10.0-327.46.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional EUS (v. 7.2): ppc64: kernel-debug-debuginfo-3.10.0-327.46.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-327.46.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-327.46.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-327.46.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-327.46.1.el7.ppc64.rpm perf-debuginfo-3.10.0-327.46.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-327.46.1.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-327.46.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-327.46.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-327.46.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-327.46.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-327.46.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-327.46.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-327.46.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-327.46.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.46.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.46.1.el7.x86_64.rpm perf-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.46.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-2847 https://access.redhat.com/security/cve/CVE-2016-7117 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/2706661 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYkKGhXlSAg2UNWIIRAmpBAJ9njgRBW7LLL98EXo3LDPqiWoDNfgCgj/+z v2CJkXxZSp6FQoFUqH5lUG0= =9zob -----END PGP SIGNATURE----- --
  10. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2017:0216-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0216.html Issue date: 2017-01-31 CVE Names: CVE-2016-7117 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.6) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server Optional TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1382268 - CVE-2016-7117 kernel: Use-after-free in the recvmmsg exit path 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.6): Source: kernel-2.6.32-504.56.1.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-504.56.1.el6.noarch.rpm kernel-doc-2.6.32-504.56.1.el6.noarch.rpm kernel-firmware-2.6.32-504.56.1.el6.noarch.rpm x86_64: kernel-2.6.32-504.56.1.el6.x86_64.rpm kernel-debug-2.6.32-504.56.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.56.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.56.1.el6.x86_64.rpm kernel-devel-2.6.32-504.56.1.el6.x86_64.rpm kernel-headers-2.6.32-504.56.1.el6.x86_64.rpm perf-2.6.32-504.56.1.el6.x86_64.rpm perf-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.6): Source: kernel-2.6.32-504.56.1.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-504.56.1.el6.noarch.rpm kernel-doc-2.6.32-504.56.1.el6.noarch.rpm kernel-firmware-2.6.32-504.56.1.el6.noarch.rpm x86_64: kernel-2.6.32-504.56.1.el6.x86_64.rpm kernel-debug-2.6.32-504.56.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-504.56.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.56.1.el6.x86_64.rpm kernel-devel-2.6.32-504.56.1.el6.x86_64.rpm kernel-headers-2.6.32-504.56.1.el6.x86_64.rpm perf-2.6.32-504.56.1.el6.x86_64.rpm perf-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.6): x86_64: kernel-debug-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.56.1.el6.x86_64.rpm perf-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm python-perf-2.6.32-504.56.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional TUS (v. 6.6): x86_64: kernel-debug-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-504.56.1.el6.x86_64.rpm perf-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm python-perf-2.6.32-504.56.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-504.56.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-7117 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/2706661 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYkKHXXlSAg2UNWIIRAvT9AKCzH9ImHUnfps9QFSGIIp3eNeuq4ACgiYpu 1mxamaUgiJOlaR8RZEmyy4M= =agy+ -----END PGP SIGNATURE----- --
  11. news
    Last year, Corsair continued to expand it’s product lines from it’s background in memory and storage devices by introducing to the Bulldog, a VR-ready gaming PC designed to be used in the living room. The Bulldog is available as either a barebones system priced at $399, or a full ready to use system which will vary in price depending on the components. For those that aren’t aware, a barebones system included the basic components to as a base to build a full PC. Within the Bulldog, is a mini-ITX motherboard, power supply, and a CPU liquid cooler. In order to complete the system, you have to select your CPU, Memory, storage drives, and an optional graphics card. The Bulldog 2.0 is a refresh of the original Bulldog, system designed to Article Title: Corsair Bulldog 2.0 Barebones 4K & VR Living Room Gaming PC Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/corsair-bulldog-2-0-barebones-4k-vr-living-room-gaming-pc-review_190663 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =
  12. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2017:0215-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0215.html Issue date: 2017-01-31 CVE Names: CVE-2016-7117 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.2) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.2) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1382268 - CVE-2016-7117 kernel: Use-after-free in the recvmmsg exit path 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.2): Source: kernel-2.6.32-220.69.1.el6.src.rpm noarch: kernel-doc-2.6.32-220.69.1.el6.noarch.rpm kernel-firmware-2.6.32-220.69.1.el6.noarch.rpm x86_64: kernel-2.6.32-220.69.1.el6.x86_64.rpm kernel-debug-2.6.32-220.69.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-220.69.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-220.69.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.69.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.69.1.el6.x86_64.rpm kernel-devel-2.6.32-220.69.1.el6.x86_64.rpm kernel-headers-2.6.32-220.69.1.el6.x86_64.rpm perf-2.6.32-220.69.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.69.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.69.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.2): Source: kernel-2.6.32-220.69.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-220.69.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-220.69.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-220.69.1.el6.x86_64.rpm perf-debuginfo-2.6.32-220.69.1.el6.x86_64.rpm python-perf-2.6.32-220.69.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-220.69.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-7117 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYkKH7XlSAg2UNWIIRAijsAJ4/0hchD7SAn/O2zufiDxOb5v9MWwCdGPRA ycSfReD+SMiFJYzhfPaEeUo= =p4tQ -----END PGP SIGNATURE----- --
  13. news
    ------------------------------------------------------------ http://us7.campaign-archive2.com/?u=406e963590798a4aa1eab5f99&id=11aef64da0&e=168437af67 Dear News Affiliates, Custom PC Review recently published article(s) your readers may enjoy. We’d appreciate it if you could share it with them. Title: Review: Razer BlackWidow Chroma V2 Mechanical Gaming Keyboard (http://custompcreview.us7.list-manage.com/track/click?u=406e963590798a4aa1eab5f99&id=3adfcd0e2c&e=168437af67) Excerpt: "Back in 2014, Razer launched their BlackWidow Ultimate Chroma mechanical keyboard which was an instant hit at the time as little competition in the space along with the fact that the BlackWidow Chroma was actually a great mechanical keyboard helped propel it to being one of the most popular gaming keyboards in Razer’s lineup. Since then..." Thank you for your support, -- Sam Chen -- Editor-in-Chief -- Custom PC Review -- http://custompcreview.us7.list-manage.com/track/click?u=406e963590798a4aa1eab5f99&id=88346b1458&e=168437af67 (http://custompcreview.us7.list-manage.com/track/click?u=406e963590798a4aa1eab5f99&id=af0679350c&e=168437af67)
  14. news
    *BitFenix Shogun chassis review* We review one of the better looking chassis I have seen in a while, the new BitFenix Shogun, a product series that is designed for the enthusiast crowd, loaded with features and really nice looks. Yes, with nice aesthetics and yes, it has been fitted with tempered glass. And that does make this chassis look very special. Wanna have a peek? Read the full * review here <http://www.guru3d.com/articles-pages/bitfenix-shogun-chassis-review,1.html>'>http://www.guru3d.com/articles-pages/bitfenix-shogun-chassis-review,1.html> *. URL: http://www.guru3d.com/articles-pages/bitfenix-shogun-chassis-review,1.html <http://www.guru3d.com/articles-pages/bitfenix-shogun-chassis-review,1.html> --
  15. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: MSI Trident 3 Gaming Desktop (Kaby Lake) Link: http://www.techpowerup.com/reviews/MSI/Trident_3 Brief: MSI's Trident 3 is a compact SFF system that can provide a console-like gaming experience. Equipped with an Intel Core i7-7700, a custom mITX MSI GeForce GTX 1060 6 GB GAMING, 16 GB of RAM, an M.2 SSD and a mechanical HDD for storage duties, it is small yet extremely capable.
  16. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: nagios security update Advisory ID: RHSA-2017:0212-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0212.html Issue date: 2017-01-31 CVE Names: CVE-2008-7313 CVE-2014-5008 CVE-2014-5009 CVE-2016-9565 CVE-2016-9566 ===================================================================== 1. Summary: An update for nagios is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6 - x86_64 3. Description: Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux (and some other *NIX variants) as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package. Security Fix(es): * Various command-execution flaws were found in the Snoopy library included with Nagios. These flaws allowed remote attackers to execute arbitrary commands by manipulating Nagios HTTP headers. (CVE-2008-7313, CVE-2014-5008, CVE-2014-5009) * It was found that an attacker who could control the content of an RSS feed could execute code remotely using the Nagios web interface. This flaw could be used to gain access to the remote system and in some scenarios control over the system. (CVE-2016-9565) * A privileges flaw was found in Nagios where log files were unsafely handled. An attacker who could control Nagios logging configuration ('nagios' user/group) could exploit the flaw to elevate their access to that of a privileged user. (CVE-2016-9566) Red Hat would like to thank Dawid Golunski for reporting CVE-2016-9565 and CVE-2016-9566. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1121497 - CVE-2008-7313 CVE-2014-5008 CVE-2014-5009 snoopy: incomplete fixes for command execution flaws 1402869 - CVE-2016-9566 nagios: Privilege escalation issue 1405363 - CVE-2016-9565 nagios: Command injection via curl in MagpieRSS 6. Package List: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6: Source: nagios-3.5.1-9.el6.src.rpm x86_64: nagios-3.5.1-9.el6.x86_64.rpm nagios-common-3.5.1-9.el6.x86_64.rpm nagios-debuginfo-3.5.1-9.el6.x86_64.rpm nagios-devel-3.5.1-9.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2008-7313 https://access.redhat.com/security/cve/CVE-2014-5008 https://access.redhat.com/security/cve/CVE-2014-5009 https://access.redhat.com/security/cve/CVE-2016-9565 https://access.redhat.com/security/cve/CVE-2016-9566 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYkCbVXlSAg2UNWIIRAvmeAJ0cjYwu/HcKCJWPmwUBfGVwmlwRxACfRfWl hmhCD7/BA9t7GDktBaiuyAY= =7Yqb -----END PGP SIGNATURE----- --
  17. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: nagios security update Advisory ID: RHSA-2017:0214-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0214.html Issue date: 2017-01-31 CVE Names: CVE-2008-7313 CVE-2014-5008 CVE-2014-5009 CVE-2016-9565 CVE-2016-9566 ===================================================================== 1. Summary: An update for nagios is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 - x86_64 3. Description: Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux (and some other *NIX variants) as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package. Security Fix(es): * Various command-execution flaws were found in the Snoopy library included with Nagios. These flaws allowed remote attackers to execute arbitrary commands by manipulating Nagios HTTP headers. (CVE-2008-7313, CVE-2014-5008, CVE-2014-5009) * It was found that an attacker who could control the content of an RSS feed could execute code remotely using the Nagios web interface. This flaw could be used to gain access to the remote system and in some scenarios control over the system. (CVE-2016-9565) * A privileges flaw was found in Nagios where log files were unsafely handled. An attacker who could control Nagios logging configuration ('nagios' user/group) could exploit the flaw to elevate their access to that of a privileged user. (CVE-2016-9566) Red Hat would like to thank Dawid Golunski for reporting CVE-2016-9565 and CVE-2016-9566. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1121497 - CVE-2008-7313 CVE-2014-5008 CVE-2014-5009 snoopy: incomplete fixes for command execution flaws 1402869 - CVE-2016-9566 nagios: Privilege escalation issue 1405363 - CVE-2016-9565 nagios: Command injection via curl in MagpieRSS 6. Package List: Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7: Source: nagios-3.5.1-9.el7.src.rpm x86_64: nagios-3.5.1-9.el7.x86_64.rpm nagios-common-3.5.1-9.el7.x86_64.rpm nagios-debuginfo-3.5.1-9.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2008-7313 https://access.redhat.com/security/cve/CVE-2014-5008 https://access.redhat.com/security/cve/CVE-2014-5009 https://access.redhat.com/security/cve/CVE-2016-9565 https://access.redhat.com/security/cve/CVE-2016-9566 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYkCcHXlSAg2UNWIIRAhALAKDFGGNrM9NNDt+0HUqCQtwD7ljW5gCfQ/2o 4LClj1xUG6AGmaG/Av9q+iQ= =XRC8 -----END PGP SIGNATURE----- --
  18. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: nagios security update Advisory ID: RHSA-2017:0211-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0211.html Issue date: 2017-01-31 CVE Names: CVE-2008-7313 CVE-2014-5008 CVE-2014-5009 CVE-2016-9565 CVE-2016-9566 ===================================================================== 1. Summary: An update for nagios is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7 - x86_64 3. Description: Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux (and some other *NIX variants) as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package. Security Fix(es): * Various command-execution flaws were found in the Snoopy library included with Nagios. These flaws allowed remote attackers to execute arbitrary commands by manipulating Nagios HTTP headers. (CVE-2008-7313, CVE-2014-5008, CVE-2014-5009) * It was found that an attacker who could control the content of an RSS feed could execute code remotely using the Nagios web interface. This flaw could be used to gain access to the remote system and in some scenarios control over the system. (CVE-2016-9565) * A privileges flaw was found in Nagios where log files were unsafely handled. An attacker who could control Nagios logging configuration ('nagios' user/group) could exploit the flaw to elevate their access to that of a privileged user. (CVE-2016-9566) Red Hat would like to thank Dawid Golunski for reporting CVE-2016-9565 and CVE-2016-9566. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1121497 - CVE-2008-7313 CVE-2014-5008 CVE-2014-5009 snoopy: incomplete fixes for command execution flaws 1402869 - CVE-2016-9566 nagios: Privilege escalation issue 1405363 - CVE-2016-9565 nagios: Command injection via curl in MagpieRSS 6. Package List: Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7: Source: nagios-3.5.1-9.el7.src.rpm x86_64: nagios-3.5.1-9.el7.x86_64.rpm nagios-common-3.5.1-9.el7.x86_64.rpm nagios-debuginfo-3.5.1-9.el7.x86_64.rpm nagios-devel-3.5.1-9.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2008-7313 https://access.redhat.com/security/cve/CVE-2014-5008 https://access.redhat.com/security/cve/CVE-2014-5009 https://access.redhat.com/security/cve/CVE-2016-9565 https://access.redhat.com/security/cve/CVE-2016-9566 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYkCaoXlSAg2UNWIIRAq8KAJsHrOnn4/glzj1nYvnqIA3HTAz5QwCfSOVl geIsP+dy9flRZ4Wj2t9856I= =Ym4o -----END PGP SIGNATURE----- --
  19. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: nagios security update Advisory ID: RHSA-2017:0213-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0213.html Issue date: 2017-01-31 CVE Names: CVE-2008-7313 CVE-2014-5008 CVE-2014-5009 CVE-2016-9565 CVE-2016-9566 ===================================================================== 1. Summary: An update for nagios is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 - x86_64 3. Description: Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux (and some other *NIX variants) as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package. Security Fix(es): * Various command-execution flaws were found in the Snoopy library included with Nagios. These flaws allowed remote attackers to execute arbitrary commands by manipulating Nagios HTTP headers. (CVE-2008-7313, CVE-2014-5008, CVE-2014-5009) * It was found that an attacker who could control the content of an RSS feed could execute code remotely using the Nagios web interface. This flaw could be used to gain access to the remote system and in some scenarios control over the system. (CVE-2016-9565) * A privileges flaw was found in Nagios where log files were unsafely handled. An attacker who could control Nagios logging configuration ('nagios' user/group) could exploit the flaw to elevate their access to that of a privileged user. (CVE-2016-9566) Red Hat would like to thank Dawid Golunski for reporting CVE-2016-9565 and CVE-2016-9566. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1121497 - CVE-2008-7313 CVE-2014-5008 CVE-2014-5009 snoopy: incomplete fixes for command execution flaws 1402869 - CVE-2016-9566 nagios: Privilege escalation issue 1405363 - CVE-2016-9565 nagios: Command injection via curl in MagpieRSS 6. Package List: Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7: Source: nagios-3.5.1-9.el7.src.rpm x86_64: nagios-3.5.1-9.el7.x86_64.rpm nagios-common-3.5.1-9.el7.x86_64.rpm nagios-debuginfo-3.5.1-9.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2008-7313 https://access.redhat.com/security/cve/CVE-2014-5008 https://access.redhat.com/security/cve/CVE-2014-5009 https://access.redhat.com/security/cve/CVE-2016-9565 https://access.redhat.com/security/cve/CVE-2016-9566 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYkCboXlSAg2UNWIIRAsmUAJ4tJSZySTUHya4D1w27YCjsm+FAuQCdFWk3 0H0wbFF90Xpv7BMPSYQMwjU= =LJos -----END PGP SIGNATURE----- --
  20. news
    Welcome to the Ubuntu Weekly Newsletter, Issue 496 for the week January 23 - 29, 2017. == Links to UWN == * Wiki page: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Issue496 == In This Issue == * Zesty Zapus Alpha 2 Released * We're looking for Ubuntu 17.04 wallpapers right now! * Ubuntu Stats * Ubuntu Global Jam Pack [at the Roanoke Linux Users Group] * LoCo Events * Jorge Castro: Canonical Distribution of Kubernetes - Release 1.5.2 * Xubuntu: Winners of the #lovexubuntu Competition * Timo Aaltonen: Mesa 12.0.6 in 16.04 & 16.10 * Harald Sitter: KDE Slimbook * Kubuntu General News: Plasma 5.8.4 and KDE Frameworks 5.2.8 now available in Backports for Kubuntu 16.04 and 16.10 * Canonical News * In The Blogosphere * Full Circle Magazine #117 * Full Circle Weekly News #51 * Weekly Ubuntu Development Team Meetings * Upcoming Meetings and Events * Updates and Security for 12.04, 14.04, 16.04 and 16.10 * And much more! == General Community News == === Zesty Zapus Alpha 2 Released === Simon Quigley, on behalf of the Ubuntu Release Team, announces the release of Ubuntu 17.04 Zesty Zapus Alpha 2. He informs us of the flavors which have participated in the release: Lubuntu, Kubuntu, Ubuntu MATE, Ubuntu Kylin, Ubuntu GNOME and Ubuntu Budgie, and goes on to link to where the images can be downloaded from. Simon concludes his announcement by writing; "A big thank you to the developers and testers for their efforts to pull together this Alpha release, and welcome Ubuntu Budgie!" https://lists.ubuntu.com/archives/ubuntu-release/2017-January/004016.html The following selection of articles are some of those published about this alpha release: * Ubuntu 17.04 Opt-In Flavors Finally Get Their Alpha Release, Here's What's New - http://news.softpedia.com/news/ubuntu-17-04-opt-in-flavors-finally-get-their-alpha-release-here-s-what-s-new-512322.shtml * Ubuntu 17.04 Alpha 2 Released, Available to Download Now - http://www.omgubuntu.co.uk/2017/01/ubuntu-17-04-alpha-2-released-available-download-now * Ubuntu 17.04 Spins Do Their Lone Alpha Release - http://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-17.04-Alpha === We're looking for Ubuntu 17.04 wallpapers right now! === Nathan Haines informs us that the Free Culture Showcase for Ubuntu 17.04 is underway and that desktop wallpaper images are now being sought. He shares links to where the images will be collected on Flickr and to where further information about the Free Culture Showcase can be found. Nathan says that he is looking forward to the successful submissions that will ship with Ubuntu 17.04, to be released on April 13th. http://nhaines.livejournal.com/71262.html == Ubuntu Stats == === Bug Stats === * Open (128501) +179 over last week * Critical (422) +6 over last week * Unconfirmed (63846) +100 over last week As always, the Bug Squad needs more help. If you want to get started, please see https://wiki.ubuntu.com/BugSquad === Ask Ubuntu Top 5 Questions this week === ==== Most Active Questions ==== * Why is ls -R called "recursive" listing? http://askubuntu.com/questions/875370/why-is-ls-r-called-recursive-listing * Python program starts running again after pc wakes up? http://askubuntu.com/questions/876822/python-program-starts-running-again-after-pc-wakes-up * Does Ubuntu carry over Windows filenames (png, exe, ect.) or does it have its own? [closed] http://askubuntu.com/questions/875474/does-ubuntu-carry-over-windows-filenames-png-exe-ect-or-does-it-have-its-ow * search a file and create a new file only if a condition is met http://askubuntu.com/questions/876101/search-a-file-and-create-a-new-file-only-if-a-condition-is-met * Echoing a number? http://askubuntu.com/questions/875672/echoing-a-number ==== Top Voted New Questions ==== * Why is ls -R called "recursive" listing? http://askubuntu.com/questions/875370/ * Python program starts running again after pc wakes up? http://askubuntu.com/questions/876822/ * Does Ubuntu carry over Windows filenames (png, exe, ect.) or does it have its own? http://askubuntu.com/questions/875474/ * search a file and create a new file only if a condition is met http://askubuntu.com/questions/876101/ * How can I see which encoding is used in a file http://askubuntu.com/questions/876605/ Ask (and answer!) questions at http://askubuntu.com == LoCo News == === Ubuntu Global Jam Pack [at the Roanoke Linux Users Group] === Darrell Little of the Roanoke Linux Users Group (ROALUG) reaches out to the community to report on the success of their participation in the W4CA Amateur Radio Hamfest in August 2016 and the Barnes & Noble Mini-Maker Faire in November 2016. He expresses thanks for the donation of the Global Jam Pack and shares a link to the Ubuntu Global Jam event ROALUG held in November. https://lists.ubuntu.com/archives/ubuntu-community-team/2017-January/001456.html == LoCo Events == The following LoCo team events are currently scheduled in the next two weeks: * Tempe Ubuntu Hour, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3485-tempe-ubuntu-hour/ * AZLOCO Install-fest/Linux Workshop, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3486-azloco-install-fest/linux-workshop Looking beyond the next two weeks? Visit the LoCo Team Portal to browse upcoming events around the world: http://loco.ubuntu.com/events/ == The Planet == === Jorge Castro: Canonical Distribution of Kubernetes - Release 1.5.2 === Jorge Castro writes that the Canonical Distribution of Kubernetes 1.5.2 has been released and is supported. He says that it is a pure upstream release designed to be easily deployable to public clouds, private servers and laptops. He shows us the commands to install and run Kubernetes on 16.04 systems, or upgrade from the prior 1.5.x series. Jorge also lists the general bug fixes and additional features. http://castrojo.github.io/2017/01/23/canonical-distribution-of-kubernetes-release-1-5-2/ === Xubuntu: Winners of the #lovexubuntu Competition === The Xubuntu team announces the winners of the #lovexubuntu competition, quoting stories and tweets from the winners and finalists, one of whom designed a plastic 3D-printed Xubuntu cookie cutter. They thank all those that submitted entries, and for those that would like their own Xubuntu cookie cutter, they share a photo and a link to the design on Thingiverse. http://xubuntu.org/news/winners-lovexubuntu-competition/ === Timo Aaltonen: Mesa 12.0.6 in 16.04 & 16.10 === Timo Aaltonen reminds us that prior LTS versions of Ubuntu came with a renamed Mesa backported from the latest release which created issues for some users. He says that from 16.04.2 onwards, Mesa will be backported un-renamed, and that version 12.0.6 is now in xenial-proposed and yakkety-proposed. https://tjaalton.wordpress.com/2017/01/26/mesa-12-0-6-in-16-04-16-10/ === Harald Sitter: KDE Slimbook === Harald Sitter tells us that some KDE contributors have been working awhile on a secret project which has now been revealed: the KDE Slimbook. The Spanish laptop retailer Slimbook, has helped create "the first KDE laptop" shipping with KDE neon. Harald lists some of the work done, shares some links to KDE and the slimbook, and shows us the KDE logo found on the laptop. https://apachelog.wordpress.com/2017/01/26/kde-slimbook/ === Kubuntu General News: Plasma 5.8.4 and KDE Frameworks 5.2.8 now available in Backports for Kubuntu 16.04 and 16.10 === "The Kubuntu Team announces the availability of Plasma 5.8.4 and KDE Frameworks 5.2.8 on Kubuntu 16.04 (Xenial) and 16.10 (Yakkety) though our Backports PPA." The article also includes instructions for how to get the update. http://www.kubuntu.org/news/plasma-5-8-4-and-kde-frameworks-5-8-0-now-available-in-backports-for-kubuntu-16-04-and-16-10/ == Canonical News == * Canonical Distribution of Kubernetes - Release 1.5.2 - http://insights.ubuntu.com/2017/01/24/canonical-distribution-of-kubernetes-release-1-5-2/ * Using the ubuntu-app-platform content interface in app snaps - http://insights.ubuntu.com/2017/01/26/using-the-ubuntu-app-platform-content-interface-in-app-snaps-2/ * ROS on arm64 with Ubuntu Core - http://insights.ubuntu.com/2017/01/27/ros-on-arm64-with-ubuntu-core/ * Award-winning drone technology with Ubuntu - http://insights.ubuntu.com/2017/01/27/award-winning-drone-technology-with-ubuntu/ == In The Blogosphere == === UbuCon Summit at SCALE 15x to Take Place March 2-3 in Pasadena, California === Marius Nestor of Softpedia advises that Nathan Haines has announced the dates of the next UbuCon Summit as being March 2 and March 3 and that it will take place in Pasadena, California during the SCALE 15x event. Marius shares some links to where further information about the conference can be found and quotes Nathan as saying: "UbuCon Summit at SCALE 15x is the next in the impressive series of conferences." http://linux.softpedia.com/blog/ubucon-summit-at-scale-15x-to-take-place-march-2-3-in-pasadena-california-512080.shtml === Ubuntu OTA-15 Will Let Ubuntu Touch Users Access HTTPS Sites Again === Joey Sneddon writing for OMG! Ubuntu! informs us that OTA-15 won't contain any new features but a very limited number of critical fixes pertaining to the Ubuntu browser. He says Ubuntu Touch users are reporting that they are unable to load HTTPS websites and quotes Canonical's Chris Coulson who explains the reasons for this issue. Joey advises that at present there is no firm date for the release for OTA-15. http://www.omgubuntu.co.uk/2017/01/ubuntu-ota-15-will-let-ubuntu-phone-owners-browse-amazon === Need a Linux-tuned laptop? New KDE Slimbook aims to make it simpler to drop Windows === Liam Tung of ZDNet reports on the Slimbook laptop which runs the Ubuntu-based KDE neon operating system and has been developed in conjunction with KDE community developers to ensure the hardware runs smoothly out of the box. He gives us a brief specification of the laptop, indicates that pricing starts at EUR729 ($779) and says that the RAM is upgradeable to 16GB. http://www.zdnet.com/article/need-a-linux-tuned-laptop-new-kde-slimbook-aims-to-make-it-simpler-to-drop-windows/ === The Ubuntu Web Browser App Is Getting a New Icon === Joey Sneddon of OMG! Ubuntu! reminds us that the default icon for the Ubuntu web-browser app was considered by some to be too similar to the Apple Safari icon. He tells us that Canonical have listed to the criticism, have developed a new icon based on the Suru design language, and shows us the new icon. Joey predicts that the new icon may included in the upcoming OTA-15. http://www.omgubuntu.co.uk/2017/01/ubuntu-web-browser-app-icon === Ubuntu 17.04 Continues Prepping For Linux 4.10 === Michael Larabel of Phoronix writes that according the the Ubuntu kernel team's newsletter, Linux 4.10 is still planned to ship with Ubuntu 17.04 when it is released in April. Michael shares a link to an overview of the features of Linux 4.10, and says that Linux 4.11 will probably not be available until after the release of Ubuntu 17.04. http://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-17.04-Linux-4.10-rc5 == In Other News == === Full Circle Magazine #117 === Full Circle - the independent magazine for the Ubuntu Linux community are proud to announce the release of issue one hundred and seventeen. This month: * Command & Conquer * How-To : Python (Arduino), Snappy on an EEE PC, and Program With FreePascal * Graphics : Inkscape * [NEW!] Kdenlive * ChromeCult: Dropbox Paper * Linux Labs: Dictating a Novel * KODI Room * Book Review: Invent Your Own Computer Games With Python * Ubuntu Games: Life Is Strange plus: News, Q&A, and soooo much more. Get it while it's hot! http://fullcirclemagazine.org/issue-117/ == Featured Audio and Video == === Full Circle Weekly News #51 === Just a quick message to let you know that Full Circle Weekly News #51 is out: http://fullcirclemagazine.org/podcast/full-circle-weekly-news-51/ and, Full Circle Magazine #117 came out a couple of days ago: http://fullcirclemagazine.org/issue-117/ The show is also available via: RSS: http://fullcirclemagazine.org/feed/podcast Stitcher Radio: http://www.stitcher.com/s?fid=85347&refid=stpr TuneIn Radio: http://tunein.com/radio/Full-Circle-Weekly-News-p855064/ and PlayerFM: https://player.fm/series/the-full-circle-weekly-news == Weekly Ubuntu Development Team Meetings == * Kernel Team - January 24, 2017 - https://wiki.ubuntu.com/KernelTeam/Newsletter/2017-01-24 * Security Team - January 23, 2017 - https://wiki.ubuntu.com/MeetingLogs/Security/20170123 == Upcoming Meetings and Events == For upcoming meetings and events please visit the calendars at fridge.ubuntu.com: http://fridge.ubuntu.com/calendars/ == Updates and Security for 12.04, 14.04, 16.04 and 16.10 == === Security Updates === * [uSN-3176-1] PCSC-Lite vulnerability - https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-January/003701.html * [uSN-3177-1] Tomcat vulnerabilities - https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-January/003702.html * [uSN-3178-1] icoutils vulnerabilities - https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-January/003703.html * [uSN-3179-1] OpenJDK 8 vulnerabilities - https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-January/003704.html * [uSN-3175-1] Firefox vulnerabilities - https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-January/003705.html * [uSN-3165-1] Thunderbird vulnerabilities - https://lists.ubuntu.com/archives/ubuntu-security-announce/2017-January/003706.html === Ubuntu 12.04 Updates === * pcsc-lite 1.7.4-2ubuntu2.1 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026072.html * tomcat6 6.0.35-1ubuntu3.9 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026073.html * pcsc-lite 1.7.4-2ubuntu2.1 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026074.html * tomcat6 6.0.35-1ubuntu3.9 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026075.html * mapserver 6.0.1-2ubuntu1.2 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026076.html * mapserver 6.0.1-2ubuntu1.2 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026077.html * icoutils 0.29.1-2ubuntu0.1 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026078.html * icoutils 0.29.1-2ubuntu0.1 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026079.html * firefox 51.0.1+build2-0ubuntu0.12.04.1 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026080.html * thunderbird 1:45.7.0+build1-0ubuntu0.12.04.1 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026081.html * firefox 51.0.1+build2-0ubuntu0.12.04.1 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026082.html * thunderbird 1:45.7.0+build1-0ubuntu0.12.04.1 - https://lists.ubuntu.com/archives/precise-changes/2017-January/026083.html End of Life - April 2017 === Ubuntu 14.04 Updates === * krb5 1.12+dfsg-2ubuntu5.3 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023533.html * pcsc-lite 1.8.10-1ubuntu1.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023534.html * tomcat7 7.0.52-1ubuntu0.8 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023535.html * pcsc-lite 1.8.10-1ubuntu1.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023536.html * tomcat7 7.0.52-1ubuntu0.8 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023537.html * mapserver 6.4.1-2ubuntu0.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023538.html * mapserver 6.4.1-2ubuntu0.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023539.html * neutron 1:2014.1.5-0ubuntu8 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023540.html * mariadb-5.5 5.5.54-1ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023541.html * pyqt5 5.2.1+dfsg-1ubuntu2 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023542.html * mariadb-5.5 5.5.54-1ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023543.html * systemd 204-5ubuntu20.21 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023544.html * systemd 204-5ubuntu20.22 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023545.html * walinuxagent 2.2.2-0ubuntu0~14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023546.html * kombu 3.0.7-1ubuntu1.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023547.html * python-glanceclient 1:0.12.0-0ubuntu1.2 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023548.html * nova 1:2014.1.5-0ubuntu1.6 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023549.html * firefox 51.0.1+build2-0ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023550.html * thunderbird 1:45.7.0+build1-0ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023551.html * firefox 51.0.1+build2-0ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023552.html * thunderbird 1:45.7.0+build1-0ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2017-January/023553.html End of Life - April 2019 === Ubuntu 16.04 Updates === * krb5 1.13.2+dfsg-5ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015648.html * ceph 10.2.5-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015649.html * krb5 1.13.2+dfsg-5ubuntu2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015650.html * pcsc-lite 1.8.14-1ubuntu1.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015651.html * tomcat8 8.0.32-1ubuntu1.3 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015652.html * pcsc-lite 1.8.14-1ubuntu1.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015653.html * tomcat8 8.0.32-1ubuntu1.3 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015654.html * curtin 0.1.0~bzr437-0ubuntu1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015655.html * flash-kernel 3.0~rc.4ubuntu62.1.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015656.html * linux-firmware-raspi2 1.20161020-0ubuntu1~0.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015657.html * u-boot 2016.01+dfsg1-2ubuntu3 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015658.html * u-boot 2016.01+dfsg1-2ubuntu3 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015659.html * xdelta3 3.0.8-dfsg-1ubuntu2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015660.html * pysha3 1.0.0-0ubuntu1~ubuntu16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015661.html * firejail 0.9.38-1ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015662.html * firejail 0.9.38-1ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015663.html * mapserver 7.0.0-9ubuntu3.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015664.html * mapserver 7.0.0-9ubuntu3.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015665.html * libdrm 2.4.70-1~ubuntu16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015666.html * juju-core 2.0.2-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015667.html * webbrowser-app 0.23+16.04.20161028-0ubuntu2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015668.html * nano 2.5.3-2ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015669.html * ido 13.10.0+16.04.20161028-0ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015670.html * grub-installer 1.128ubuntu5.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015671.html * qemu 1:2.5+dfsg-5ubuntu10.7 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015672.html * appstream 0.9.4-1ubuntu2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015673.html * fcitx 1:4.2.9.1-1ubuntu1.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015674.html * ppc64-diag 2.7.0-0ubuntu4 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015675.html * libica 2.6.1-1ubuntu2.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015676.html * glib2.0 2.48.2-0ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015677.html * partman-partitioning 110ubuntu4.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015678.html * grub2-signed 1.66.7 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015679.html * grub2 2.02~beta2-36ubuntu3.7 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015680.html * humanity-icon-theme 0.6.10.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015681.html * qemu 1:2.5+dfsg-5ubuntu10.8 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015682.html * mariadb-10.0 10.0.29-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015683.html * icingaweb2 2.1.0-1ubuntu1.2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015684.html * pdns-recursor 4.0.0~alpha2-2ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015685.html * wxwidgets3.0 3.0.2+dfsg-1.3ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015686.html * mariadb-10.0 10.0.29-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015687.html * gss-ntlmssp 0.7.0-3~ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015688.html * openjdk-8 8u121-b13-0ubuntu1.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015689.html * openjdk-8 8u121-b13-0ubuntu1.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015690.html * xserver-xorg-input-libinput 0.18.0-1ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015691.html * mesa 12.0.6-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015692.html * vulkan 1.0.21.0+dfsg1-1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015693.html * xorg-server-hwe-16.04 2:1.18.4-1ubuntu6.1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015694.html * python-rfc3986 0.2.2-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015695.html * python-rfc3986 0.2.2-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015696.html * snapd 2.21 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015697.html * walinuxagent 2.2.2-0ubuntu0~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015698.html * ubuntu-release-upgrader 1:16.04.21 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015699.html * virtualbox 5.0.32-dfsg-0ubuntu1.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015700.html * virtualbox-guest-additions-iso 5.0.32-0ubuntu1.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015701.html * virtualbox-ext-pack 5.0.32-0ubuntu1.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015702.html * apt 1.2.19 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015703.html * klibc 2.0.4-8ubuntu1.16.04.3 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015704.html * xserver-xorg-video-trident-hwe-16.04 1:1.3.7-1build2~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015705.html * xserver-xorg-video-tdfx-hwe-16.04 1:1.4.6-1build2~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015706.html * xserver-xorg-video-sisusb-hwe-16.04 1:0.9.6-2build5~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015707.html * xserver-xorg-video-siliconmotion-hwe-16.04 1:1.7.8-1ubuntu6~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015708.html * xserver-xorg-video-vmware-hwe-16.04 1:13.1.0-2ubuntu3~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015709.html * xserver-xorg-video-vesa-hwe-16.04 1:2.3.4-1build2~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015710.html * xserver-xorg-video-savage-hwe-16.04 1:2.3.8-1ubuntu3~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015711.html * xserver-xorg-video-r128-hwe-16.04 6.10.1-1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015712.html * xserver-xorg-video-qxl-hwe-16.04 0.1.4-3ubuntu3~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015713.html * xserver-xorg-video-openchrome-hwe-16.04 1:0.3.3+git20160310-1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015714.html * xserver-xorg-video-nouveau-hwe-16.04 1:1.0.12-2~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015715.html * xserver-xorg-video-neomagic-hwe-16.04 1:1.2.9-1build2~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015716.html * xserver-xorg-video-mga-hwe-16.04 1:1.6.4-1build2~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015717.html * xserver-xorg-video-mach64-hwe-16.04 6.9.5-1build2~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015718.html * xserver-xorg-video-intel-hwe-16.04 2:2.99.917+git20160706-1ubuntu1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015719.html * xserver-xorg-video-geode-hwe-16.04 2.11.18-2~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015720.html * xserver-xorg-video-freedreno-hwe-16.04 1.4.0-1build1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015721.html * xserver-xorg-video-fbdev-hwe-16.04 1:0.4.4-1build5~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015722.html * xserver-xorg-video-dummy-hwe-16.04 1:0.3.7-1build5~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015723.html * xserver-xorg-video-cirrus-hwe-16.04 1:1.5.3-1ubuntu3~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015724.html * xserver-xorg-video-ati-hwe-16.04 1:7.7.1-1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015725.html * xserver-xorg-video-amdgpu-hwe-16.04 1.1.2-1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015726.html * xf86-input-wacom-hwe-16.04 1:0.33.0-0ubuntu1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015728.html * xf86-input-mtrack-hwe-16.04 0.3.1-1build1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015727.html * xserver-xorg-input-synaptics-hwe-16.04 1.8.3-1ubuntu1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015729.html * xserver-xorg-input-joystick-hwe-16.04 1:1.6.2-1build4~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015730.html * xserver-xorg-input-evdev-hwe-16.04 1:2.10.2-1ubuntu1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015731.html * xserver-xorg-input-void-hwe-16.04 1:1.4.1-1build2~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015732.html * xserver-xorg-input-vmmouse-hwe-16.04 1:13.1.0-1ubuntu2~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015733.html * xserver-xorg-input-libinput-hwe-16.04 0.19.0-1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015734.html * appmenu-qt5 0.3.0+16.04.20151130-0ubuntu2 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015735.html * xserver-xorg-input-libinput-hwe-16.04 0.19.0-1ubuntu0.1~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015736.html * etcd 2.2.5+dfsg-1ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015737.html * firejail 0.9.38.10-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015738.html * firefox 51.0.1+build2-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015739.html * thunderbird 1:45.7.0+build1-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015740.html * firefox 51.0.1+build2-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015741.html * pysha3 1.0.0-0ubuntu1~ubuntu16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015742.html * thunderbird 1:45.7.0+build1-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015743.html * xorg-hwe-16.04 1:7.7+13ubuntu4~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015744.html * snapd 2.22 - https://lists.ubuntu.com/archives/xenial-changes/2017-January/015745.html End of Life - April 2021 === Ubuntu 16.10 Updates === * krb5 1.14.3+dfsg-2ubuntu1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011879.html * pcsc-lite 1.8.14-1ubuntu1.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011880.html * tomcat8 8.0.37-1ubuntu0.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011881.html * tomcat8 8.0.37-1ubuntu0.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011882.html * pcsc-lite 1.8.14-1ubuntu1.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011883.html * linux-firmware-raspi2 1.20161020-0ubuntu1~1.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011884.html * flash-kernel 3.0~rc.4ubuntu64.1.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011885.html * u-boot 2016.03+dfsg1-6ubuntu2~1.2 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011886.html * u-boot 2016.03+dfsg1-6ubuntu2~1.2 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011887.html * xdelta3 3.0.11-dfsg-1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011888.html * pysha3 1.0.0-0ubuntu1~ubuntu16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011889.html * curtin 0.1.0~bzr437-0ubuntu1~16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011890.html * mapserver 7.0.1-3ubuntu0.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011891.html * mapserver 7.0.1-3ubuntu0.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011892.html * juju-core 2.0.2-0ubuntu0.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011893.html * partman-partitioning 112ubuntu1.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011894.html * libica 2.6.1-3ubuntu0.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011895.html * util-linux 2.28.2-1ubuntu1.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011896.html * inkscape 0.91-11ubuntu16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011897.html * libicns 0.8.1-3ubuntu0.16.10.0 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011898.html * humanity-icon-theme 0.6.11.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011899.html * mariadb-10.0 10.0.29-0ubuntu0.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011900.html * mariadb-10.0 10.0.29-0ubuntu0.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011901.html * gss-ntlmssp 0.7.0-3~ubuntu0.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011902.html * galileo 0.5.0-1ubuntu1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011903.html * openjdk-8 8u121-b13-0ubuntu1.16.10.2 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011904.html * openjdk-8 8u121-b13-0ubuntu1.16.10.2 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011905.html * xserver-xorg-input-libinput 0.19.0-1ubuntu0.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011906.html * mesa 12.0.6-0ubuntu0.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011907.html * python-rfc3986 0.2.2-0ubuntu0.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011908.html * snapd 2.21+16.10 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011909.html * walinuxagent 2.2.2-0ubuntu0~16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011910.html * apt 1.3.4 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011911.html * ubuntu-release-upgrader 1:16.10.10 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011912.html * klibc 2.0.4-8ubuntu3.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011913.html * etcd 2.2.5+dfsg-1ubuntu1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011914.html * firefox 51.0.1+build2-0ubuntu0.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011915.html * thunderbird 1:45.7.0+build1-0ubuntu0.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011916.html * firefox 51.0.1+build2-0ubuntu0.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011917.html * pysha3 1.0.0-0ubuntu1~ubuntu16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011918.html * thunderbird 1:45.7.0+build1-0ubuntu0.16.10.1 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011919.html * linux 4.8.0-37.39 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011920.html * linux-meta 4.8.0.37.46 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011921.html * linux-signed 4.8.0-37.39 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011922.html * linux_4.8.0-37.39_amd64.tar.gz - - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011923.html * linux-raspi2 4.8.0-1024.27 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011924.html * linux-meta-raspi2 4.8.0.1024.27 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011925.html * snapd 2.22+16.10 - https://lists.ubuntu.com/archives/yakkety-changes/2017-January/011926.html End of Life - July 2017 == Subscribe == Get your copy of the Ubuntu Weekly Newsletter delivered each week to you via email at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-news == Archives == You can always find older Ubuntu Weekly Newsletter issues at: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter == Additional Ubuntu News == As always you can find more news and announcements at: http://insights.ubuntu.com/ and http://fridge.ubuntu.com/ == Conclusion == Thank you for reading the Ubuntu Weekly Newsletter. See you next week! == Credits == The Ubuntu Weekly Newsletter is brought to you by: * Elizabeth K. Joseph * Paul White * Chris Guiver * And many others == Glossary of Terms == ## Common acronyms Other acronyms can be found at https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/glossary == Ubuntu - Get Involved == The Ubuntu community consists of individuals and teams, working on different aspects of the distribution, giving advice and technical support, and helping to promote Ubuntu to a wider audience. No contribution is too small, and anyone can help. It's your chance to get in on all the community fun associated with developing and promoting Ubuntu. http://community.ubuntu.com/contribute/ Or get involved with the Ubuntu Weekly Newsletter team! We always need summary writers and editors, if you're interested, learn more at: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Join == Feedback == This document is maintained by the Ubuntu Weekly News Team. If you have a story idea or suggestions for the Weekly Newsletter, join the
  21. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : ruby-archive-tar-minitar Version : 0.5.2-2+deb7u1 CVE ID : CVE-2016-10173 Debian Bug : 853249 It has been found that rubygem archive-tar-minitar allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename. For Debian 7 "Wheezy", these problems have been fixed in version 0.5.2-2+deb7u1. We recommend that you upgrade your ruby-archive-tar-minitar packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJYj6vSAAoJEPZk0la0aRp9LD4P/RuMAdqzKs5xNNCa97WR56bZ RpjoBTaxZdAjtIvCMXcd2/fz26gSSpsGbYDX+ABDdrSsYwAM2MBRBnmqn4+e4iuv mq+txjghyWtmZnV9pGBIy8SSW6Rl894fCW5N9/pW4PyXGw5OYJCXLqg73q+r5Za4 YneEXXZ4arS6eY+/nJGN/2+KDNSoHeDjYTS84ZbgTSrtYKNmIlNTqfbDAginREmb lYESsaVJ8zCBiCnC1I2nxe2B1Z13RUTjZAOnpQBSkMl7XNYqX4548XS+pKvj2LwK SY+d/jDcf7o6XUs754LPeXbFuiYc1NR/XgfHoIIwpbP28TVPf3zkJfLmE/fmXSua ofX4duDxqeyZsh3jAZhaI8SyDYah9kxD7YQ2YuarcrOFI/jhlWuCKlAe46ZpWwyl tSaOUzSf+M+vzWCUGYb6cMjmkrOU7Z1QNwdYG55lcdAlX4Tq78DEdDlhnaerOcF7 +k7gv37q/WbMnadFJ6h1OzvENEzn/UXSp/x/Tyy0YL8j47AjjM8Sd42dITOogujG xGtjdtxxbMBhs4zHxsTD+CeTgcEyv7M84EsWXE/B1G//+n74kI5Vr0AzgEhr9tvU rDQmGJvZnPmMbJnH+udg33z93ZA0lCrSLCcQ98YBFzIAimi2b5mvLGky18rqRLHs 5hq0XUc04UjlKDO7JRd7 =2DGC -----END PGP SIGNATURE-----
  22. news
    SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0333-1 Rating: important References: #1003077 #1003925 #1004517 #1007944 #1008645 #1008831 #1008833 #1009443 #1010150 #1010467 #1010501 #1010507 #1010711 #1010716 #1011482 #1011685 #1012422 #1012832 #1013038 #1013531 #1013542 #1014746 #1017710 #1021258 #835175 #839104 #863873 #874145 #896484 #908069 #914939 #922947 #927287 #940966 #950998 #954984 #956514 #958000 #960689 #963053 #967716 #968500 #969340 #971360 #971944 #978401 #978821 #979213 #979274 #979548 #979595 #979879 #979915 #980363 #980371 #980725 #981267 #983143 #983213 #984755 #986362 #986365 #986445 #986572 #989261 #991608 #991665 #992566 #993890 #993891 #994296 #994436 #994618 #994759 #995968 #997059 #999932 Cross-References: CVE-2004-0230 CVE-2012-6704 CVE-2013-4312 CVE-2015-1350 CVE-2015-7513 CVE-2015-7833 CVE-2015-8956 CVE-2015-8962 CVE-2015-8964 CVE-2016-0823 CVE-2016-10088 CVE-2016-1583 CVE-2016-2187 CVE-2016-2189 CVE-2016-3841 CVE-2016-4470 CVE-2016-4482 CVE-2016-4485 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4805 CVE-2016-4913 CVE-2016-4997 CVE-2016-4998 CVE-2016-5244 CVE-2016-5829 CVE-2016-6480 CVE-2016-6828 CVE-2016-7042 CVE-2016-7097 CVE-2016-7117 CVE-2016-7425 CVE-2016-7910 CVE-2016-7911 CVE-2016-7916 CVE-2016-8399 CVE-2016-8632 CVE-2016-8633 CVE-2016-8646 CVE-2016-9555 CVE-2016-9685 CVE-2016-9756 CVE-2016-9793 CVE-2017-5551 Affected Products: SUSE Linux Enterprise Server 11-SP2-LTSS SUSE Linux Enterprise Debuginfo 11-SP2 ______________________________________________________________________________ An update that solves 46 vulnerabilities and has 31 fixes is now available. Description: The SUSE Linux Enterprise 11 SP2 LTSS kernel was updated to receive various security and bugfixes. This is the last planned LTSS kernel update for the SUSE Linux Enterprise Server 11 SP2 LTSS. The following security bugs were fixed: - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710). - CVE-2004-0230: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bnc#969340). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831). - CVE-2016-8399: An out of bounds read in the ping protocol handler could have lead to information disclosure (bsc#1014746). - CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531). - CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option (bnc#1013542). - CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038). - CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566). - CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations (bnc#1012832). - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecified removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939). - CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacked chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). - CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716). - CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711). - CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507). - CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete (bnc#1010467). - CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150). - CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833). - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517). - CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968). - CVE-2017-5551: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. This CVE tracks the fix for the tmpfs filesystem. (bsc#1021258). - CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759). - CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932). - CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296). - CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability (bnc#991608). - CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bsc#986365). - CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689). - CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104). - CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362). - CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572). - CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755). - CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel did not initialize a certain structure member, which allowed remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (bnc#983213). - CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bnc#983143). - CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel mishandled NM (aka alternate name) entries containing \0 characters, which allowed local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem (bnc#980725). - CVE-2016-4580: The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel did not properly initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request (bnc#981267). - CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371). - CVE-2015-7833: The usbvision driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998). - CVE-2016-2187: The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971944). - CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401). - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548). - CVE-2016-4485: The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel did not initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory by reading a message (bnc#978821). - CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879). - CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface (bnc#979213). The following non-security bugs were fixed: - arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716). - cdc-acm: added sanity checking for probe() (bsc#993891). - cgroups: do not attach task to subsystem if migration failed (bnc#979274). - cgroups: more safe tasklist locking in cgroup_attach_proc (bnc#979274). - dasd: fix hanging system after LCU changes (bnc#968500, LTC#136671). - dasd: Fix unresumed device after suspend/resume (bnc#927287, LTC#123892). - ipv4/fib: do not warn when primary address is missing if in_dev is dead (bsc#971360). - kabi, unix: properly account for FDs passed over unix sockets (bnc#839104). - kaweth: fix firmware download (bsc#993890). - kaweth: fix oops upon failed memory allocation (bsc#993890). - kvm: x86: SYSENTER emulation is broken (bsc#994618). - mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445). - mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (VM Functionality, bsc#1008645). - nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944). - nfs: Do not disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261, bsc#1011482). - nfs: do not do blind d_drop() in nfs_prime_dcache() (bnc#908069 bnc#896484 bsc#963053). - nfs_prime_dcache needs fh to be set (bnc#908069 bnc#896484 bsc#963053). - nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261). - nfsv4: Ensure that we do not drop a state owner more than once (bsc#979595). - nfsv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595, bsc#1011482). - nfsv4: nfs4_proc_renew should be declared static (bnc#863873). - nfsv4: OPEN must handle the NFS4ERR_IO return code correctly (bsc#979595). - nfsv4: Recovery of recalled read delegations is broken (bsc#956514 bsc#1011482). - nfsv4: The NFSv4.0 client must send RENEW calls if it holds a delegation (bnc#863873). - powerpc: Add ability to build little endian kernels (bsc#967716). - powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716). - powerpc: Do not build assembly files with ABIv2 (bsc#967716). - powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716). - powerpc: dtc is required to build dtb files (bsc#967716). - powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716). - powerpc: Fix error when cross building TAGS & cscope (bsc#967716). - powerpc: Make the vdso32 also build big-endian (bsc#967716). - powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716). - powerpc: Remove buggy 9-year-old test for binutils < 2.12.1 (bsc#967716). - powerpc: Require gcc 4.0 on 64-bit (bsc#967716). - ppp: defer netns reference release for ppp channel (bsc#980371). - qeth: delete napi struct when removing a qeth device (bnc#979915, LTC#143590). - qeth: Fix crash on initial MTU size change (bnc#835175, LTC#96809). - qeth: postpone freeing of qdio memory (bnc#874145, LTC#107873). - rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422) - Revert "s390/mm: fix asce_bits handling with dynamic pagetable levels" This reverts commit 6e00b1d803fa2ab4b130e04b7fbcc99f0b5ecba8. - rpm/config.sh: Set the release string to 0.7. (bsc#997059) - rpm/mkspec: Read a default release string from rpm/config.sh (bsc997059) - s390/dasd: fix failfast for disconnected devices (bnc#958000, LTC#135138). - s390/dasd: fix hanging device after clear subchannel (bnc#994436, LTC#144640). - s390/dasd: fix kernel panic when alias is set offline (bnc#940966, LTC#128595). - s390/dasd: fix list_del corruption after lcu changes (bnc#954984, LTC#133077). - s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979915, LTC#141456). Conflicts: series.conf - s390/pageattr: do a single TLB flush for change_page_attr (bsc#1009443,LTC#148182). - Set CONFIG_DEBUG_INFO=y and CONFIG_DEBUG_INFO_REDUCED=n on all platforms The specfile adjusts the config if necessary, but a new version of run_oldconfig.sh requires the settings to be present in the repository. - usb: fix typo in wMaxPacketSize validation (bsc#991665). - usb: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-kernel-12961=1 - SUSE Linux Enterprise Debuginfo 11-SP2: zypper in -t patch dbgsp2-kernel-12961=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64): kernel-default-3.0.101-0.7.53.1 kernel-default-base-3.0.101-0.7.53.1 kernel-default-devel-3.0.101-0.7.53.1 kernel-source-3.0.101-0.7.53.1 kernel-syms-3.0.101-0.7.53.1 kernel-trace-3.0.101-0.7.53.1 kernel-trace-base-3.0.101-0.7.53.1 kernel-trace-devel-3.0.101-0.7.53.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 x86_64): kernel-ec2-3.0.101-0.7.53.1 kernel-ec2-base-3.0.101-0.7.53.1 kernel-ec2-devel-3.0.101-0.7.53.1 kernel-xen-3.0.101-0.7.53.1 kernel-xen-base-3.0.101-0.7.53.1 kernel-xen-devel-3.0.101-0.7.53.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (s390x): kernel-default-man-3.0.101-0.7.53.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586): kernel-pae-3.0.101-0.7.53.1 kernel-pae-base-3.0.101-0.7.53.1 kernel-pae-devel-3.0.101-0.7.53.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 s390x x86_64): kernel-default-debuginfo-3.0.101-0.7.53.1 kernel-default-debugsource-3.0.101-0.7.53.1 kernel-default-devel-debuginfo-3.0.101-0.7.53.1 kernel-trace-debuginfo-3.0.101-0.7.53.1 kernel-trace-debugsource-3.0.101-0.7.53.1 kernel-trace-devel-debuginfo-3.0.101-0.7.53.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-0.7.53.1 kernel-ec2-debugsource-3.0.101-0.7.53.1 kernel-xen-debuginfo-3.0.101-0.7.53.1 kernel-xen-debugsource-3.0.101-0.7.53.1 kernel-xen-devel-debuginfo-3.0.101-0.7.53.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586): kernel-pae-debuginfo-3.0.101-0.7.53.1 kernel-pae-debugsource-3.0.101-0.7.53.1 kernel-pae-devel-debuginfo-3.0.101-0.7.53.1 References: https://www.suse.com/security/cve/CVE-2004-0230.html https://www.suse.com/security/cve/CVE-2012-6704.html https://www.suse.com/security/cve/CVE-2013-4312.html https://www.suse.com/security/cve/CVE-2015-1350.html https://www.suse.com/security/cve/CVE-2015-7513.html https://www.suse.com/security/cve/CVE-2015-7833.html https://www.suse.com/security/cve/CVE-2015-8956.html https://www.suse.com/security/cve/CVE-2015-8962.html https://www.suse.com/security/cve/CVE-2015-8964.html https://www.suse.com/security/cve/CVE-2016-0823.html https://www.suse.com/security/cve/CVE-2016-10088.html https://www.suse.com/security/cve/CVE-2016-1583.html https://www.suse.com/security/cve/CVE-2016-2187.html https://www.suse.com/security/cve/CVE-2016-2189.html https://www.suse.com/security/cve/CVE-2016-3841.html https://www.suse.com/security/cve/CVE-2016-4470.html https://www.suse.com/security/cve/CVE-2016-4482.html https://www.suse.com/security/cve/CVE-2016-4485.html https://www.suse.com/security/cve/CVE-2016-4565.html https://www.suse.com/security/cve/CVE-2016-4569.html https://www.suse.com/security/cve/CVE-2016-4578.html https://www.suse.com/security/cve/CVE-2016-4580.html https://www.suse.com/security/cve/CVE-2016-4805.html https://www.suse.com/security/cve/CVE-2016-4913.html https://www.suse.com/security/cve/CVE-2016-4997.html https://www.suse.com/security/cve/CVE-2016-4998.html https://www.suse.com/security/cve/CVE-2016-5244.html https://www.suse.com/security/cve/CVE-2016-5829.html https://www.suse.com/security/cve/CVE-2016-6480.html https://www.suse.com/security/cve/CVE-2016-6828.html https://www.suse.com/security/cve/CVE-2016-7042.html https://www.suse.com/security/cve/CVE-2016-7097.html https://www.suse.com/security/cve/CVE-2016-7117.html https://www.suse.com/security/cve/CVE-2016-7425.html https://www.suse.com/security/cve/CVE-2016-7910.html https://www.suse.com/security/cve/CVE-2016-7911.html https://www.suse.com/security/cve/CVE-2016-7916.html https://www.suse.com/security/cve/CVE-2016-8399.html https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-8633.html https://www.suse.com/security/cve/CVE-2016-8646.html https://www.suse.com/security/cve/CVE-2016-9555.html https://www.suse.com/security/cve/CVE-2016-9685.html https://www.suse.com/security/cve/CVE-2016-9756.html https://www.suse.com/security/cve/CVE-2016-9793.html https://www.suse.com/security/cve/CVE-2017-5551.html https://bugzilla.suse.com/1003077 https://bugzilla.suse.com/1003925 https://bugzilla.suse.com/1004517 https://bugzilla.suse.com/1007944 https://bugzilla.suse.com/1008645 https://bugzilla.suse.com/1008831 https://bugzilla.suse.com/1008833 https://bugzilla.suse.com/1009443 https://bugzilla.suse.com/1010150 https://bugzilla.suse.com/1010467 https://bugzilla.suse.com/1010501 https://bugzilla.suse.com/1010507 https://bugzilla.suse.com/1010711 https://bugzilla.suse.com/1010716 https://bugzilla.suse.com/1011482 https://bugzilla.suse.com/1011685 https://bugzilla.suse.com/1012422 https://bugzilla.suse.com/1012832 https://bugzilla.suse.com/1013038 https://bugzilla.suse.com/1013531 https://bugzilla.suse.com/1013542 https://bugzilla.suse.com/1014746 https://bugzilla.suse.com/1017710 https://bugzilla.suse.com/1021258 https://bugzilla.suse.com/835175 https://bugzilla.suse.com/839104 https://bugzilla.suse.com/863873 https://bugzilla.suse.com/874145 https://bugzilla.suse.com/896484 https://bugzilla.suse.com/908069 https://bugzilla.suse.com/914939 https://bugzilla.suse.com/922947 https://bugzilla.suse.com/927287 https://bugzilla.suse.com/940966 https://bugzilla.suse.com/950998 https://bugzilla.suse.com/954984 https://bugzilla.suse.com/956514 https://bugzilla.suse.com/958000 https://bugzilla.suse.com/960689 https://bugzilla.suse.com/963053 https://bugzilla.suse.com/967716 https://bugzilla.suse.com/968500 https://bugzilla.suse.com/969340 https://bugzilla.suse.com/971360 https://bugzilla.suse.com/971944 https://bugzilla.suse.com/978401 https://bugzilla.suse.com/978821 https://bugzilla.suse.com/979213 https://bugzilla.suse.com/979274 https://bugzilla.suse.com/979548 https://bugzilla.suse.com/979595 https://bugzilla.suse.com/979879 https://bugzilla.suse.com/979915 https://bugzilla.suse.com/980363 https://bugzilla.suse.com/980371 https://bugzilla.suse.com/980725 https://bugzilla.suse.com/981267 https://bugzilla.suse.com/983143 https://bugzilla.suse.com/983213 https://bugzilla.suse.com/984755 https://bugzilla.suse.com/986362 https://bugzilla.suse.com/986365 https://bugzilla.suse.com/986445 https://bugzilla.suse.com/986572 https://bugzilla.suse.com/989261 https://bugzilla.suse.com/991608 https://bugzilla.suse.com/991665 https://bugzilla.suse.com/992566 https://bugzilla.suse.com/993890 https://bugzilla.suse.com/993891 https://bugzilla.suse.com/994296 https://bugzilla.suse.com/994436 https://bugzilla.suse.com/994618 https://bugzilla.suse.com/994759 https://bugzilla.suse.com/995968 https://bugzilla.suse.com/997059 https://bugzilla.suse.com/999932 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  23. news
    openSUSE Security Update: Security update for virtualbox ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0332-1 Rating: important References: #1020856 Cross-References: CVE-2016-5545 CVE-2017-3290 CVE-2017-3316 CVE-2017-3332 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for virtualbox to version 5.0.32 fixes the following issues: These security issues were fixed: - CVE-2016-5545: Vulnerability in the GUI subcomponent of virtualbox allows unauthenticated attacker unauthorized update, insert or delete access to some data as well as unauthorized read access to a subset of VirtualBox accessible data and unauthorized ability to cause a partial denial of service (bsc#1020856). - CVE-2017-3290: Vulnerability in the Shared Folder subcomponent of virtualbox allows high privileged attacker unauthorized creation, deletion or modification access to critical data and unauthorized ability to cause a hang or frequently repeatable crash (bsc#1020856). - CVE-2017-3316: Vulnerability in the GUI subcomponent of virtualbox allows high privileged attacker with network access via multiple protocols to compromise Oracle VM VirtualBox (bsc#1020856). - CVE-2017-3332: Vulnerability in the SVGA Emulation subcomponent of virtualbox allows low privileged attacker unauthorized creation, deletion or modification access to critical data and unauthorized ability to cause a hang or frequently repeatable crash (bsc#1020856). For other changes please read the changelog. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-178=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (x86_64): python-virtualbox-5.0.32-34.1 python-virtualbox-debuginfo-5.0.32-34.1 virtualbox-5.0.32-34.1 virtualbox-debuginfo-5.0.32-34.1 virtualbox-debugsource-5.0.32-34.1 virtualbox-devel-5.0.32-34.1 virtualbox-guest-kmp-default-5.0.32_k4.1.36_44-34.1 virtualbox-guest-kmp-default-debuginfo-5.0.32_k4.1.36_44-34.1 virtualbox-guest-tools-5.0.32-34.1 virtualbox-guest-tools-debuginfo-5.0.32-34.1 virtualbox-guest-x11-5.0.32-34.1 virtualbox-guest-x11-debuginfo-5.0.32-34.1 virtualbox-host-kmp-default-5.0.32_k4.1.36_44-34.1 virtualbox-host-kmp-default-debuginfo-5.0.32_k4.1.36_44-34.1 virtualbox-qt-5.0.32-34.1 virtualbox-qt-debuginfo-5.0.32-34.1 virtualbox-websrv-5.0.32-34.1 virtualbox-websrv-debuginfo-5.0.32-34.1 - openSUSE Leap 42.1 (noarch): virtualbox-guest-desktop-icons-5.0.32-34.1 virtualbox-host-source-5.0.32-34.1 References: https://www.suse.com/security/cve/CVE-2016-5545.html https://www.suse.com/security/cve/CVE-2017-3290.html https://www.suse.com/security/cve/CVE-2017-3316.html https://www.suse.com/security/cve/CVE-2017-3332.html https://bugzilla.suse.com/1020856 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  24. news
    At Phoronix we have posted a new article. A link to this from your site's news section would be greatly appreciated. Title: Intel Core i7 7700K Linux Benchmarks ( -at -) Phoronix Direct Link: http://www.phoronix.com/vr.php?view=24091 Summary: "If you have been curious how well Intel's new Core i7 7700K "Kabylake" processor performs under Linux, I received this CPU a few days ago and have begun putting it through its paces. Here are my initial i7-7700K Linux benchmarks compared to various other Intel CPUs running Clear Linux." Please feel free to contact us with any questions or comments you may
  25. news
    ADATA SD700 Portable Solid State Drive Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/adata-sd700-portable-solid-state-drive-review/ Image URL: http://www.thinkcomputers.org/reviews/adata_sd700/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/adata_sd700/small.jpg Quote: "When you are traveling or on the go protecting your data is very important. When I travel I always have my camera with me, but sadly SD cards are not that durable. After a day of shooting I always take the photos off the SD card and back them up on a portable hard drive. ADATA recently announced their new SD700 portable solid state drive. This drive is made to survive the most extreme conditions with EC IP68 specifications with complete dust-tight protection and survivability in up to 1.5m of water for 60 minutes. On top of that it meets military-grade MIL-STD-810G516.6 shockproof protection. So your data is definitely safe! This drive is also fast offering speeds of up to 440 MB/s. Let’s give this drive a spin and see what it can do!"
×