Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    CentOS Errata and Enhancement Advisory 2017:0188 Upstream details at : https://rhn.redhat.com/errata/RHEA-2017-0188.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: c2b35efce655a383ad0e9f18128bcb85fe3660b0ec6134ff4d09a57bf9e12170 kmod-rtsx_pci-642-1.el6_8.i686.rpm x86_64: 15aed624799009c5ce5de9989b6d34b0f6b3b4ae64b42b459fecf83d82be524d kmod-rtsx_pci-642-1.el6_8.x86_64.rpm Source: 49aeb3e303a4b561acdc901382022f3eb9d8e9c13c552148b2ef7f45583f5778 rtsx_pci-642-1.el6_8.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  2. news
    CentOS Errata and Security Advisory 2017:0183 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0183.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: ca6821bc977e58ddefd9bccf91dc98ee75d90aaf433f6a462d18786a23481d24 squid34-3.4.14-9.el6_8.4.i686.rpm x86_64: 05af47a8209fb31705b6e7916ff30c0ce1b89005f24fc427e88ba257348c2857 squid34-3.4.14-9.el6_8.4.x86_64.rpm Source: 59a82b8676b28b88dfdab8fc952dd5423414306e48cbdecc593b6760bd1a5add squid34-3.4.14-9.el6_8.4.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  3. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: puppet-swift security update Advisory ID: RHSA-2017:0200-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0200.html Issue date: 2017-01-26 CVE Names: CVE-2016-9590 ===================================================================== 1. Summary: An update for puppet-swift is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 10.0 - noarch 3. Description: puppet-swift is the Puppet module used by Red Hat OpenStack Platform director to install OpenStack Object Storage (swift). Security Fix(es): * An information-disclosure flaw was discovered in Red Hat OpenStack Platform director's installation of Object Storage (swift). During installation, the Puppet script responsible for deploying the service incorrectly removes and recreates the proxy-server.conf file with world-readable permissions. (CVE-2016-9590) Red Hat would like to thank Hans Feldt (Ericsson) for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1410293 - CVE-2016-9590 puppet-swift: installs config file with world readable permissions 6. Package List: Red Hat OpenStack Platform 10.0: Source: puppet-swift-9.4.3-3.el7ost.src.rpm noarch: puppet-swift-9.4.3-3.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9590 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYinB2XlSAg2UNWIIRAuAhAKDCSmxOLZ2DlXQ2S4mNR3vxC489lgCeO2aE 4FTAiWgbe5CyPXziNeWsLVM= =/Gof -----END PGP SIGNATURE----- --
  4. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: chromium-browser security update Advisory ID: RHSA-2017:0206-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0206.html Issue date: 2017-01-26 CVE Names: CVE-2017-5006 CVE-2017-5007 CVE-2017-5008 CVE-2017-5009 CVE-2017-5010 CVE-2017-5011 CVE-2017-5012 CVE-2017-5013 CVE-2017-5014 CVE-2017-5015 CVE-2017-5016 CVE-2017-5017 CVE-2017-5018 CVE-2017-5019 CVE-2017-5020 CVE-2017-5021 CVE-2017-5022 CVE-2017-5023 CVE-2017-5024 CVE-2017-5025 CVE-2017-5026 ===================================================================== 1. Summary: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Chromium is an open-source web browser, powered by WebKit (Blink). This update upgrades Chromium to version 56.0.2924.76. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2017-5006, CVE-2017-5007, CVE-2017-5008, CVE-2017-5009, CVE-2017-5010, CVE-2017-5011, CVE-2017-5012, CVE-2017-5013, CVE-2017-5014, CVE-2017-5015, CVE-2017-5016, CVE-2017-5017, CVE-2017-5018, CVE-2017-5019, CVE-2017-5020, CVE-2017-5021, CVE-2017-5022, CVE-2017-5023, CVE-2017-5024, CVE-2017-5025, CVE-2017-5026) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Chromium must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1416657 - CVE-2017-5007 chromium-browser: universal xss in blink 1416658 - CVE-2017-5006 chromium-browser: universal xss in blink 1416659 - CVE-2017-5008 chromium-browser: universal xss in blink 1416660 - CVE-2017-5010 chromium-browser: universal xss in blink 1416661 - CVE-2017-5011 chromium-browser: unauthorised file access in devtools 1416662 - CVE-2017-5009 chromium-browser: out of bounds memory access in webrtc 1416663 - CVE-2017-5012 chromium-browser: heap overflow in v8 1416664 - CVE-2017-5013 chromium-browser: address spoofing in omnibox 1416665 - CVE-2017-5014 chromium-browser: heap overflow in skia 1416666 - CVE-2017-5015 chromium-browser: address spoofing in omnibox 1416667 - CVE-2017-5019 chromium-browser: use after free in renderer 1416668 - CVE-2017-5016 chromium-browser: ui spoofing in blink 1416669 - CVE-2017-5017 chromium-browser: uninitialised memory access in webm video 1416670 - CVE-2017-5018 chromium-browser: universal xss in chrome://apps 1416671 - CVE-2017-5020 chromium-browser: universal xss in chrome://downloads 1416672 - CVE-2017-5021 chromium-browser: use after free in extensions 1416673 - CVE-2017-5022 chromium-browser: bypass of content security policy in blink 1416674 - CVE-2017-5023 chromium-browser: type confusion in metrics 1416675 - CVE-2017-5024 chromium-browser: heap overflow in ffmpeg 1416676 - CVE-2017-5025 chromium-browser: heap overflow in ffmpeg 1416677 - CVE-2017-5026 chromium-browser: ui spoofing 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: chromium-browser-56.0.2924.76-1.el6.i686.rpm chromium-browser-debuginfo-56.0.2924.76-1.el6.i686.rpm x86_64: chromium-browser-56.0.2924.76-1.el6.x86_64.rpm chromium-browser-debuginfo-56.0.2924.76-1.el6.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: chromium-browser-56.0.2924.76-1.el6.i686.rpm chromium-browser-debuginfo-56.0.2924.76-1.el6.i686.rpm x86_64: chromium-browser-56.0.2924.76-1.el6.x86_64.rpm chromium-browser-debuginfo-56.0.2924.76-1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: chromium-browser-56.0.2924.76-1.el6.i686.rpm chromium-browser-debuginfo-56.0.2924.76-1.el6.i686.rpm x86_64: chromium-browser-56.0.2924.76-1.el6.x86_64.rpm chromium-browser-debuginfo-56.0.2924.76-1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5006 https://access.redhat.com/security/cve/CVE-2017-5007 https://access.redhat.com/security/cve/CVE-2017-5008 https://access.redhat.com/security/cve/CVE-2017-5009 https://access.redhat.com/security/cve/CVE-2017-5010 https://access.redhat.com/security/cve/CVE-2017-5011 https://access.redhat.com/security/cve/CVE-2017-5012 https://access.redhat.com/security/cve/CVE-2017-5013 https://access.redhat.com/security/cve/CVE-2017-5014 https://access.redhat.com/security/cve/CVE-2017-5015 https://access.redhat.com/security/cve/CVE-2017-5016 https://access.redhat.com/security/cve/CVE-2017-5017 https://access.redhat.com/security/cve/CVE-2017-5018 https://access.redhat.com/security/cve/CVE-2017-5019 https://access.redhat.com/security/cve/CVE-2017-5020 https://access.redhat.com/security/cve/CVE-2017-5021 https://access.redhat.com/security/cve/CVE-2017-5022 https://access.redhat.com/security/cve/CVE-2017-5023 https://access.redhat.com/security/cve/CVE-2017-5024 https://access.redhat.com/security/cve/CVE-2017-5025 https://access.redhat.com/security/cve/CVE-2017-5026 https://access.redhat.com/security/updates/classification/#important https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-desktop.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYinKOXlSAg2UNWIIRAnFVAJ9oP4Zb30KCP1XARUBiQU4CezOGbQCfaW6u 86uCGRaOeIAWJQ96hjxuWlo= =zTq3 -----END PGP SIGNATURE----- --
  5. news
    CentOS Errata and Security Advisory 2017:0190 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0190.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: d029cd11706e8ccf1a68d2dbafaeb483d74db49c698dd7061bd9e2e51d576657 firefox-45.7.0-1.el6.centos.i686.rpm x86_64: d029cd11706e8ccf1a68d2dbafaeb483d74db49c698dd7061bd9e2e51d576657 firefox-45.7.0-1.el6.centos.i686.rpm 652667b06a4596e42b0ad12a5f88e49ad9ee68276e2c2002cadf19f597e58386 firefox-45.7.0-1.el6.centos.x86_64.rpm Source: 8e61cfbbfbd1dfc9daa8ba468c350ec9cd694aaffb3a98e42a42f790fc816f39 firefox-45.7.0-1.el6.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  6. news
    CentOS Errata and Security Advisory 2017:0190 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0190.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: bb7c734cceac8492f93bc3623d8b95a3c1f5b765af9286c1ed7c4b8528535ebd firefox-45.7.0-1.el5.centos.i386.rpm x86_64: bb7c734cceac8492f93bc3623d8b95a3c1f5b765af9286c1ed7c4b8528535ebd firefox-45.7.0-1.el5.centos.i386.rpm 202bb19502b662d84846286383e106f4018e3699db8c0588e3eeffead8cac8a8 firefox-45.7.0-1.el5.centos.x86_64.rpm Source: dcfedc05611839011adf391231df0213575d9be03345ca660f7b45223c75b5d2 firefox-45.7.0-1.el5.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: JohnnyCentOS _______________________________________________
  7. news
    CentOS Errata and Security Advisory 2017:0182 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0182.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 275a75c85ff8c059d37c719dc5095b13f475d3713a3b464e4e45f4138ff78ddb squid-3.5.20-2.el7_3.2.x86_64.rpm d92cb53e1cd1ca105c79f40e434a04fd67635671255e5ca5f8655ffe877ca124 squid-migration-script-3.5.20-2.el7_3.2.x86_64.rpm 5e1c34b8905de8a5f82c9f35543671aa80facc44e21341e284042f0e2f5e7d1f squid-sysvinit-3.5.20-2.el7_3.2.x86_64.rpm Source: 8c17b5ff7d793529ed91f0ec5b772104019357863706e9636a2246c67d522bad squid-3.5.20-2.el7_3.2.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  8. news
    CentOS Errata and Security Advisory 2017:0190 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0190.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 34c0472b0952187186f440bfc92ba8623f074def7f9d3167adc812197c615428 firefox-45.7.0-1.el7.centos.i686.rpm bebce01ac11511a2e55ef51c4f63671ed5bbb1016d159ccbcfd8f21b0ad84fce firefox-45.7.0-1.el7.centos.x86_64.rpm Source: 92ff3bdf3c2f19b580e13dbe68b9b21d479351e5c4f0c0695d1cfc01c9ccc42f firefox-45.7.0-1.el7.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  9. news
    Hi News Poster HardwareOverclock.com has just posted another review. Last week we have tested the Enermax Revolution DUO 600W psu. Title: Enermax Revolution DUO 600W psu ( -at -) HardwareOverclock.com Link: http://hardwareoverclock.com/Enermax-Revolution-DUO-Netzteil-mit-600-Watt.ht m Image: http://hardwareoverclock.com/netzteil/Enermax-Revolution-DUO-05.jpg Thanks for posting our news. Pls feel free and send us your News too. Rene Ruf Chefredakteur HardwareOverclock.com <mailto:admin ( -at -) hardwareoverclock.com> mailto:admin ( -at -) hardwareoverclock.com hardwareoverclock.com
  10. news
    Welcome to the Ubuntu Weekly Newsletter, Issue 495 for the weeks January 9 - 22, 2017. == Links to UWN == * Wiki page: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Issue495 == In This Issue == * Ubuntu Stats * UbuCon Summit at SCALE 15x Call for Papers * LoCo Events * Kubuntu General News: Plasma 5.8.4 and KDE Frameworks 4.8.0 now available in Backports for Kubuntu 16.04 and 16.10 * Jorge Castro: Fresh Kubernetes documentation available now * Stephane Graber: Running Kubernetes inside LXD * Ted Gould: The Case for Ubuntu Phone * Ted Gould: Presentations Updates * Simos Xenitellis: How to completely remove a third-party repository from Ubuntu * Announcing 17.04 wallpaper contest * tutorials.ubuntu.com goes live! * Ubuntu Weekly Newsletter Approaching Issue 500 * Canonical News * In The Press * In The Blogosphere * Full Circle Weekly News #50 * Weekly Ubuntu Development Team Meetings * Upcoming Meetings and Events * Updates and Security for 12.04, 14.04, 16.04 and 16.10 * And much more! == Ubuntu Stats == === Bug Stats === * Open (128322) +274 over the last two weeks * Critical (416) +3 over the last two weeks * Unconfirmed (63746) +149 over the last two weeks As always, the Bug Squad needs more help. If you want to get started, please see https://wiki.ubuntu.com/BugSquad === Ask Ubuntu Top 5 Questions this week === ==== Most Active Questions ==== * How to set a variable to a random value with bash http://askubuntu.com/questions/873719/how-to-set-a-variable-to-a-random-value-with-bash * Where does the `rename` command come from? http://askubuntu.com/questions/873800/where-does-the-rename-command-come-from * How can I view and edit PowerPoint presentations that don't render correctly? http://askubuntu.com/questions/874088/how-can-i-view-and-edit-powerpoint-presentations-that-dont-render-correctly * Ubuntu for bank dev employees [closed] http://askubuntu.com/questions/872453/ubuntu-for-bank-dev-employees * For loop with Alphabet http://askubuntu.com/questions/873314/for-loop-with-alphabet ==== Top Voted New Questions ==== * Where does the `rename` command come from? http://askubuntu.com/questions/873800/ * Ubuntu for bank dev employees http://askubuntu.com/questions/872453/ * How to set a variable to a random value with bash http://askubuntu.com/questions/873719/ * For loop with Alphabet http://askubuntu.com/questions/873314/ * Rename files with one line command http://askubuntu.com/questions/873661/ Ask (and answer!) questions at http://askubuntu.com == LoCo News == === UbuCon Summit at SCALE 15x Call for Papers === Nathan Haines announces the upcoming UbuCon Summit at the Southern California Linux Expo 15x (SCALE 15x) in Pasadena, California from March 2nd through the 3rd. He writes: "We are putting together the conference schedule and are announcing a call for papers. While we have some amazing speakers and an always-vibrant unconference schedule planned, it is the community, as always, who make UbuCon what it is--just as the community sets Ubuntu apart." http://nhaines.livejournal.com/71143.html == LoCo Events == The following LoCo team events are currently scheduled in the next two weeks: * Sierra Vista Ubuntu Hour, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3475-sierra-vista-ubuntu-hour/ * Tempe Ubuntu Hour, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3476-tempe-ubuntu-hour/ * AZLOCO/CLUG Install-fest/Linux Workshop, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3477-azloco/clug-install-fest/linux-workshop/ * Tempe Ubuntu Hour, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3485-tempe-ubuntu-hour/ * AZLOCO Install-fest/Linux Workshop, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3486-azloco-install-fest/linux-workshop/ Looking beyond the next two weeks? Visit the LoCo Team Portal to browse upcoming events around the world: http://loco.ubuntu.com/events/ == The Planet == === Kubuntu General News: Plasma 5.8.4 and KDE Frameworks 4.8.0 now available in Backports for Kubuntu 16.04 and 16.10 === The Kubuntu Team announces the availability of Plasma 5.8.4 and KDE Frameworks 5.8.0 for Kubuntu 16.04 and 16.10 through the Kubuntu backports PPA. Commands needed to add the PPA are given along with the commands needed to re move the backports-landing PPA if it was previously added for testing. http://www.kubuntu.org/news/plasma-5-8-4-and-kde-frameworks-5-8-0-now-available-in-backports-for-kubuntu-16-04-and-16-10/ === Jorge Castro: Fresh Kubernetes documentation available now === Jorge Castro tells us that his team have been working hard on getting upstreams k8s (kubernetes) fully operational and that one set of operational code allows the same deployment on GCE, AWS, Azure, Joyent, OpenStack and Bare Metal. He says like most young distributed systems Kubernetes wasn't known for ease-of-use, but progress has been made especially with regards to documentation. Jorge includes a link to the Official Ubuntu Guides in his post. http://castrojo.github.io/2017/01/10/fresh-kubernetes-documentation-available-now/ === Stephane Graber: Running Kubernetes inside LXD === Stephane Graber starts by giving a definition of Kubernetes highlighting 'applications' and how they are achieved in LXD. He shows us the commands necessary to set up a number of LXD containers, plus the Docker container used by Kubernetes as an example. Stephane shares some screen shots in his post and also includes minimal specs and assumptions, along with several links where further relevant information can be found. https://www.stgraber.org/2017/01/13/kubernetes-inside-lxd/ === Ted Gould: The Case for Ubuntu Phone === Ted Gould looks at some of the advantages and disadvantages of the Ubuntu Phone, including locked in services found in Apple or Android devices. He uses this to highlight why these make good selling points to telecommunication carriers for the Ubuntu Phone. Ted touches briefly on why Google purchased Android, what they chose to do with it, and the problems for Android in China. http://gould.cx/ted/blog/2017/01/14/The-Case-for-Ubuntu-Phone/ === Ted Gould: Presentations Updates === Ted Gould provides what he describes as a "mea culpa" for all the people who wanted a blog post about his Ubuntu-heavy presentations, and not just Twitter posts. He includes a link to his new presentations page which is now a reference for his work and the slides used in his presentations. http://gould.cx/ted/blog/2017/01/16/Presentations-Updated/ === Simos Xenitellis: How to completely remove a third-party repository from Ubuntu === Simos Xenitellis shows us how to remove third-party (PPA) repositories of .deb packages in an Ubuntu system. He includes the required commands and several examples featuring the ppa-purge tool. https://simos.info/blog/how-to-completely-remove-a-third-party-repository-from-ubuntu/ == Other Community News == === Announcing 17.04 wallpaper contest === Ubuntu Budgie announces their 17.04 wallpaper contest which will run for approximately three weeks from 12th January 2017. For those interested they detail the requirements for entry and the rewards available should a submitted photo be chosen. https://budgie-remix.org/2017/01/12/announcing-17-04-wallpaper-contest/ === tutorials.ubuntu.com goes live! === Didier Roche writing for Ubuntu Insights, announces that Tutorials Ubuntu is now live. He describes what tutorials can be found on the site and says that each tutorial includes a clear and detailed summary, difficulty level, estimated completion time, and finally a suggestion for where to go next. Didier includes a couple of example screen shots, and for those who want to work offline, the 'snap install' command needed. Didier also shares some links should any of his readers wish to help contributing and creating their own tutorials. http://insights.ubuntu.com/2017/01/20/tutorials-ubuntu-com-goes-live/ === Ubuntu Weekly Newsletter Approaching Issue 500 === The Ubuntu Weekly Newsletter is approaching issue 500 in just a few weeks time! Do you value the work our volunteer-run team does to keep the newsletter going? If so, do you have some words to share about the value of the newsletter in keeping up with the latest Ubuntu news? Send a quote to consider for inclusion in the 500th issue to
  11. news
    SUSE Security Update: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0293-1 Rating: important References: #1013543 #1014271 #1019079 Cross-References: CVE-2016-10088 CVE-2016-9576 CVE-2016-9794 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for the Linux Kernel 4.4.21-84 fixes several issues. The following security bugs were fixed: - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bsc#1019079). - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). before 4.8.14 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-154=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-84-default-2-2.1 References: https://www.suse.com/security/cve/CVE-2016-10088.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1014271 https://bugzilla.suse.com/1019079 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  12. news
    SUSE Security Update: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0294-1 Rating: important References: #1013543 #1013604 #1014271 Cross-References: CVE-2016-9576 CVE-2016-9794 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues. The following security bugs were fixed: - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-155=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_21-default-2-2.1 kgraft-patch-3_12_67-60_64_21-xen-2-2.1 References: https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014271 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  13. news
    View this email in your browser (http://us3.campaign-archive1.com/?u=efc4c507c2cf964fc2462caca&id=c83212e09a&e=0c004f9c13) Something obvious to anyone that’s done any shopping for graphics cards recently is that NVIDIA’s add-in board partners have gone all-in on Pascal. Virtually all of NVIDIA’s tier 1 partners have dozens of Pascal-based products in their line-up, from ultra-powerful, triple-slot, overclocked GeForce GTX 1080s to half-height, low-power GTX 1050s. Tucked away neatly in the middle, however, is a graphics card with enough muscle to power a mainstream gaming system, but with a form factor that’s small and power-friendly enough for a compact mini-ITX build – the EVGA GeForce GTX 1060 Gaming... EVGA GeForce GTX 1060 Gaming Review: Mini But Mighty Pascal (http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=affdf69007&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=83cdee15a4&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=8aa9896ea1&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=b99374bb5a&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=eadb38ec50&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=c75ee8db94&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=e2a0d52b6e&e=0c004f9c13 ============================================================
  14. news
    MSI X99A Tomahawk Motherboard Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/msi-x99a-tomahawk-motherboard-review/ Image URL: http://www.thinkcomputers.org/reviews/msi_x99a_tomahawk/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/msi_x99a_tomahawk/small.jpg Quote: "MSI introduced their Arsenal Gaming line not to long ago. The way it sits in their product stack is that you have Enthusiast Gaming, Performance Gaming, Arsenal Gaming, and then their Pro Series. Arsenal Gaming is positioned to give users many great gaming features, but at a good price as well. Today we are checking out the X99A Tomahawk, which offers a nice matte black PCB with black and grey accents. The board has three PCI-Express 3.0 x4 slots, an M.2 32 GB/s slot, a U.2 32 GB/s port, dual Intel LAN ports, USB 3.2 gen 2, and MSI’s Audio Boost 3. Does the X99A Tomahawk have what it takes to make it into your X99 build? Read on as we take a look…"
  15. news
    Thermal paste head-to-head - does it matter which brand you use? ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=a72b39b393&e=872093acb5 http://www.kitguru.net Thermal paste head-to-head - does it matter which brand you use? Following on from our previous articles about fan configuration and static pressure vs airflow fans, today we are looking at thermal paste. Specifically, we are hoping to find out whether or not choosing different types of thermal paste actually makes any difference. To do this, we test 7 products from 6 companies to see how much difference thermal paste really makes. Read the review here: http://www.kitguru.net/components/cooling/dominic-moass/thermal-paste-head-to-head-does-it-matter-which-brand-you-use/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=a72b39b393&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  16. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : ming Version : 1:0.4.4-1.1+deb7u1 CVE ID : CVE-2016-9264 CVE-2016-9265 CVE-2016-9266 CVE-2016-9827 CVE-2016-9828 CVE-2016-9829 CVE-2016-9831 Debian Bug : 843928 Multiple security issues have been found in Ming. They may lead to the execution of arbitrary code or causing application crash. CVE-2016-9264 global-buffer-overflow in printMP3Headers CVE-2016-9265 divide-by-zero in printMP3Headers CVE-2016-9266 left shift in listmp3.c CVE-2016-9827 listswf: heap-based buffer overflow in _iprintf CVE-2016-9828 listswf: heap-based buffer overflow in _iprintf CVE-2016-9829 listswf: NULL pointer dereference in dumpBuffer CVE-2016-9831 listswf: heap-based buffer overflow in parseSWF_RGBA For Debian 7 "Wheezy", these problems have been fixed in version 0.4.4-1.1+deb7u1. We recommend that you upgrade your ming packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJYifYlAAoJEPZk0la0aRp9fxoQAKTkzD2VzHuErMFjuATxej1X j1cUCpPQTJ0aDNb4Ip3dFLHCGv4KGDUCrvapSJD5ssMGF5XqFLL9yzJze0SP0KPi QYgp4arp7NymP1SzqmJu3CXyuVIiysKv1mbjbGCxtRN9bI7zdRHZLNZFejAoe3qD VU/9INSER6s2TRLy+bOPBiMM9E4cRTiCiXflF+UmpMoPT4OCd9rvqOG/pBwYhoRn 6BFFkmmeqGmLF7i7U0hYgU1OhnyjhZfnBSrOMuEEYt2ilhq2fdQqj+uEfwnXXNuB QjT9hKStfC/F9K+1QQqWwP5HwzE+QMw2HxHAAmrh35mWD3k8cmoPMZo9AtCUExoW uza6e/8ZdtD/kM1zY01UcYXmcLbIS39ZA5FIXaIvo4gcaYV4V+7G4vusRUeiE1Lk 83fHvCFhOeZbbrJpHBkN1KYlbbi6UZasFXGFSpXkfAjYp6u9wAZEhWaM45ixYvA2 vjkmLP5vpkbcFzxA+56k62+mhL+5ZCUJ3Q6bWYDJa6e0ytiH5A8q8wnS0HFfowS/ x+oLaCvfjBBe3KvvRblp4UHbsVziPFdwvdl/HNli5UKfEQrGswDGbhWX+eU8exqJ r+iiuOnpRhopuFW95bPOzQJDrhel6ekL7h+DT7sFvM0cOpkv/cR8HTfeVmA5vQCH 8WmbTBSkpn7Jop2yo1Vx =Clp+ -----END PGP SIGNATURE-----
  17. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2017:0196-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0196.html Issue date: 2017-01-26 CVE Names: CVE-2016-7117 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.4) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1382268 - CVE-2016-7117 kernel: Use-after-free in the recvmmsg exit path 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.4): Source: kernel-2.6.32-358.76.1.el6.src.rpm noarch: kernel-doc-2.6.32-358.76.1.el6.noarch.rpm kernel-firmware-2.6.32-358.76.1.el6.noarch.rpm x86_64: kernel-2.6.32-358.76.1.el6.x86_64.rpm kernel-debug-2.6.32-358.76.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.76.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.76.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.76.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.76.1.el6.x86_64.rpm kernel-devel-2.6.32-358.76.1.el6.x86_64.rpm kernel-headers-2.6.32-358.76.1.el6.x86_64.rpm perf-2.6.32-358.76.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.76.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.76.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.4): Source: kernel-2.6.32-358.76.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.76.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.76.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.76.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.76.1.el6.x86_64.rpm python-perf-2.6.32-358.76.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.76.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-7117 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYidD3XlSAg2UNWIIRAuCUAKCtX5BCxnI45mp3WewFkXgkNFjTKwCgkG8z +R4jILmDFNsPExi15/qvMyY= =rlSe -----END PGP SIGNATURE----- --
  18. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: ansible security update Advisory ID: RHSA-2017:0195-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2017-0195.html Issue date: 2017-01-25 CVE Names: CVE-2016-9587 ===================================================================== 1. Summary: An update for ansible is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 10.0 - noarch 3. Description: Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. The following packages have been upgraded to a newer upstream version: ansible (2.2.1.0). (BZ#1412370) Security Fix(es): * An input validation vulnerability was found in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible-server privileges. (CVE-2016-9587) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1404378 - CVE-2016-9587 Ansible: Compromised remote hosts can lead to running commands on the Ansible controller 6. Package List: Red Hat OpenStack Platform 10.0: Source: ansible-2.2.1.0-1.el7.src.rpm noarch: ansible-2.2.1.0-1.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9587 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYiSXOXlSAg2UNWIIRAomCAJ0bXrV5SWuMuCV1azYs9+oYv7PL7QCdEgLy qUxzD0QCO6TP449uVqd7dJw= =SCLH -----END PGP SIGNATURE----- --
  19. news
    Title: Alphacool Eisbaer 360 Liquid CPU Cooling System Review ( -at -) NikKTech Description: With a triple 120mm radiator, quick-lock mechanism, three "silent" 120mm fans and a high-performance ceramic pump the new Eisbaer 360 AIO Liquid CPU Cooling System by Alphacool should have no problem covering the needs of even the most demanding consumers. Article Link: http://www.nikktech.com/main/articles/pc-hardware/cpu-cooling/liquid-cpu-coo lers/7402-alphacool-eisbaer-360-liquid-cpu-cooling-system-review Image Link: http://www.nikktech.com/main/images/pics/reviews/alphacool/eisbaer_360/alpha cool_eisbaer_360a.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas
  20. news
    openSUSE Security Update: Security update for systemd ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0287-1 Rating: important References: #1012266 #1014560 #1014566 #1020601 #997682 Cross-References: CVE-2016-10156 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: This update for systemd fixes the following issues: This security issue was fixed: - CVE-2016-10156: Fix permissions set on permanent timer timestamp files, preventing local unprivileged users from escalating privileges (bsc#1020601). These non-security issues were fixed: - Fix permission set on /var/lib/systemd/linger/* - install: follow config_path symlink (#3362) - install: fix disable when /etc/systemd/system is a symlink (bsc#1014560) - run: make --slice= work in conjunction with --scope (bsc#1014566) - core: don't dispatch load queue when setting Slice= for transient units - systemctl: remove duplicate entries showed by list-dependencies (#5049) (bsc#1012266) - rule: don't automatically online standby memory on s390x (bsc#997682) This update was imported from the SUSE:SLE-12-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-150=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): libsystemd0-228-22.1 libsystemd0-debuginfo-228-22.1 libsystemd0-mini-228-22.1 libsystemd0-mini-debuginfo-228-22.1 libudev-devel-228-22.1 libudev-mini-devel-228-22.1 libudev-mini1-228-22.1 libudev-mini1-debuginfo-228-22.1 libudev1-228-22.1 libudev1-debuginfo-228-22.1 nss-myhostname-228-22.1 nss-myhostname-debuginfo-228-22.1 nss-mymachines-228-22.1 nss-mymachines-debuginfo-228-22.1 systemd-228-22.1 systemd-debuginfo-228-22.1 systemd-debugsource-228-22.1 systemd-devel-228-22.1 systemd-logger-228-22.1 systemd-mini-228-22.1 systemd-mini-debuginfo-228-22.1 systemd-mini-debugsource-228-22.1 systemd-mini-devel-228-22.1 systemd-mini-sysvinit-228-22.1 systemd-sysvinit-228-22.1 udev-228-22.1 udev-debuginfo-228-22.1 udev-mini-228-22.1 udev-mini-debuginfo-228-22.1 - openSUSE Leap 42.2 (x86_64): libsystemd0-32bit-228-22.1 libsystemd0-debuginfo-32bit-228-22.1 libudev1-32bit-228-22.1 libudev1-debuginfo-32bit-228-22.1 nss-myhostname-32bit-228-22.1 nss-myhostname-debuginfo-32bit-228-22.1 systemd-32bit-228-22.1 systemd-debuginfo-32bit-228-22.1 - openSUSE Leap 42.2 (noarch): systemd-bash-completion-228-22.1 systemd-mini-bash-completion-228-22.1 References: https://www.suse.com/security/cve/CVE-2016-10156.html https://bugzilla.suse.com/1012266 https://bugzilla.suse.com/1014560 https://bugzilla.suse.com/1014566 https://bugzilla.suse.com/1020601 https://bugzilla.suse.com/997682 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  21. news
    At CES 2017, MSI introduced their latest motherboards designed to support the Intel Kaby Lake processors with the Intel Z270 chipset. Their motherboard line-up covers all users with 14 different models across three segments of motherboards. The highest end of these segments is the Enthusiast Gaming class. This segment includes four models, which focus's on high performance, overclockability, VR and the latest technology. Of these four models, the Z270 XPower Gaming Titanium, is their flagship motherboard which aims to be the best motherboard you can buy. Read on to see how it performs! Article Title: MSI Z270 XPower Gaming Titanium Motherboard Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/msi-z270-xpower-gaming-titanium-motherboard-review_190395 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =
  22. news
    SUSE Security Update: Security update for systemd ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0279-1 Rating: important References: #1012266 #1014560 #1014566 #1020601 #997682 Cross-References: CVE-2016-10156 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that solves one vulnerability and has four fixes is now available. Description: This update for systemd fixes the following issues: This security issue was fixed: - CVE-2016-10156: Fix permissions set on permanent timer timestamp files, preventing local unprivileged users from escalating privileges (bsc#1020601). These non-security issues were fixed: - Fix permission set on /var/lib/systemd/linger/* - install: follow config_path symlink (#3362) - install: fix disable when /etc/systemd/system is a symlink (bsc#1014560) - run: make --slice= work in conjunction with --scope (bsc#1014566) - core: don't dispatch load queue when setting Slice= for transient units - systemctl: remove duplicate entries showed by list-dependencies (#5049) (bsc#1012266) - rule: don't automatically online standby memory on s390x (bsc#997682) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-149=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-149=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-149=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-149=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): libudev-devel-228-132.1 systemd-debuginfo-228-132.1 systemd-debugsource-228-132.1 systemd-devel-228-132.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): libsystemd0-228-132.1 libsystemd0-debuginfo-228-132.1 libudev1-228-132.1 libudev1-debuginfo-228-132.1 systemd-228-132.1 systemd-debuginfo-228-132.1 systemd-debugsource-228-132.1 systemd-sysvinit-228-132.1 udev-228-132.1 udev-debuginfo-228-132.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): systemd-bash-completion-228-132.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): libsystemd0-228-132.1 libsystemd0-debuginfo-228-132.1 libudev1-228-132.1 libudev1-debuginfo-228-132.1 systemd-228-132.1 systemd-debuginfo-228-132.1 systemd-debugsource-228-132.1 systemd-sysvinit-228-132.1 udev-228-132.1 udev-debuginfo-228-132.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): libsystemd0-32bit-228-132.1 libsystemd0-debuginfo-32bit-228-132.1 libudev1-32bit-228-132.1 libudev1-debuginfo-32bit-228-132.1 systemd-32bit-228-132.1 systemd-debuginfo-32bit-228-132.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): systemd-bash-completion-228-132.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): libsystemd0-228-132.1 libsystemd0-32bit-228-132.1 libsystemd0-debuginfo-228-132.1 libsystemd0-debuginfo-32bit-228-132.1 libudev1-228-132.1 libudev1-32bit-228-132.1 libudev1-debuginfo-228-132.1 libudev1-debuginfo-32bit-228-132.1 systemd-228-132.1 systemd-32bit-228-132.1 systemd-debuginfo-228-132.1 systemd-debuginfo-32bit-228-132.1 systemd-debugsource-228-132.1 systemd-sysvinit-228-132.1 udev-228-132.1 udev-debuginfo-228-132.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): systemd-bash-completion-228-132.1 References: https://www.suse.com/security/cve/CVE-2016-10156.html https://bugzilla.suse.com/1012266 https://bugzilla.suse.com/1014560 https://bugzilla.suse.com/1014566 https://bugzilla.suse.com/1020601 https://bugzilla.suse.com/997682 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  23. news
    SUSE Security Update: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0278-1 Rating: important References: #1012852 #1013543 #1013604 #1014271 Cross-References: CVE-2016-8632 CVE-2016-9576 CVE-2016-9794 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 3.12.62-60_64_8 fixes several issues. The following security bugs were fixed: - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bsc#1012852). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-148=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_62-60_64_8-default-4-2.1 kgraft-patch-3_12_62-60_64_8-xen-4-2.1 References: https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://bugzilla.suse.com/1012852 https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014271 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  24. news
    A news post would be great. OCC has published a new article on OCC's Top 3 Video Cards of 2016 Here is a quote from the review: Quote: â€ÂDon't let the naming convention fool you, as MSI's X designation lets you know it is the factory overclocked model that receives a backplate and RGB lighting for the card. The X model signals a significant boost to the core clock speeds and memory speeds over the Founders Edition. MSI has equipped this model with a 1847MHz Core (Boost) and 8GB of GDDR5X memory running at 10108MHz. With the added features like running a silent, gaming, and OC mode, MSI can easily achieve this using Twin Frozr VI cooling with Zero Frozr technology. The fans stop spinning for idle, multimedia, light gaming, and anything below 60 °C. MSI also adsd in double ball bearings to give the TORX 2.0 fans a long life. This GTX 1080 model comes as a full custom PCB with 10-phase power circuit for the maximum power stability. Considering this card is on par with last year's GTX 980 running in SLI, there is no reason not to buy this card if 4K gaming is in your near future.†Title: OCC's Top 3 Video Cards of 2016 Link: http://www.overclockersclub.com/reviews/top_3_video_cards_2016/ Img: http://www.overclockersclub.com/siteimages/articles/top_3_video_cards_2016/msigtxgp104_thumb.jpg
  25. news

    Wine release 2.0

    news posted a topic in Upcoming News

    The Wine team is proud to announce that the stable release Wine 2.0 is now available. This release represents over a year of development effort and around 6,600 individual changes. The main highlights are the support for Microsoft Office 2013, and the 64-bit support on macOS. It also contains a lot of improvements across the board, as well as support for many new applications and games. See the release notes below for a summary of the major changes. This is the first release made on the new time-based, annual release schedule. This implies that some features that are being worked on but couldn't be finished in time have been deferred to the next development cycle. This includes in particular the Direct3D command stream, the full HID support, the Android graphics driver, and message-mode pipes. The source is available from the following locations: http://dl.winehq.org/wine/source/2.0/wine-2.0.tar.bz2 http://mirrors.ibiblio.org/wine/source/2.0/wine-2.0.tar.bz2 Binary packages for various distributions will be available from: http://www.winehq.org/download You will find documentation on http://www.winehq.org/documentation You can also get the current source directly from the git repository. Check http://www.winehq.org/git for details. Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list. ---------------------------------------------------------------- What's new in Wine 2.0 ====================== *** Text and fonts - More DirectWrite features are implemented, including: - Drawing of underlines. - Renderer sees drawing effect associated with text segment. - Support for color fonts in COLR/CPAL format. - Initial font fallback support, builtin data for some of CJK ranges. - Support for Wine-specific font replacement registry settings. - Improved font metrics resolution in case of incomplete or ambiguous font data. - Support for EUDC font collection based on current registry settings. - Font embedding in PDF files is supported. - The RichEdit control supports bulleted and numbered lists. - Bold glyphs can be synthesized also for bitmap fonts. - Character tables are based on version 9.0.0 of the Unicode Standard. *** Graphics - Window, bitmap and GDI DC render targets are implemented in Direct2D. - A wide range of optimizations make the DIB engine noticeably faster. - GDI graphic paths are reimplemented for better compatibility; they are also supported with enhanced metafiles. - Gradients are supported in GDI enhanced metafiles. - Metafiles are better supported in GdiPlus. - The macOS graphics driver supports a high-resolution ("Retina") rendering mode. It can be enabled by setting "RetinaMode" to "Y" under HKCU\Software\Wine\Mac Driver. *** User interface - The clipboard support is reimplemented for better compatibility; copy & paste of HTML text is also improved. Drag & drop works more smoothly. - In desktop mode, the taskbar displays running applications and allows switching between them. - Version 4 of the system tray notification protocol is implemented. - In desktop mode, some less common display resolutions like 640x400 and 1280x960 are supported. - More user interface elements scale correctly with high-DPI screens. *** Direct3D - More Direct3D 10 and 11 features are implemented, including: - Several more shader model 4 and 5 shader instructions. - Several more resource formats. - Integer vertex shader inputs. - Typeless resources. - sRGB read/write support. - Depth and stencil clears. - Depth-only draws. - Array textures. - Index buffer offsets. - Unordered access views. - Primitive restart. - The WineD3D graphics card database recognizes more graphics cards. When available, the GLX_MESA_query_renderer GLX extension is used to provide more accurate information about the graphics card. - The (system) memory layout of texture resources more closely matches Windows. This affects applications that write beyond the bounds of a MIP-level, like for example League of Legends. - The implementation of non-maskable multisample anti-aliasing is more correct. In particular, when the ARB_internalformat_query extension is available, only quality levels corresponding to specific sample counts supported by the OpenGL implementation are reported to the application. Previously, reporting a large number of non-maskable multisample anti-aliasing quality levels would break some applications. - Direct3D 11 feature levels are supported. - Retrieving a GDI device context from DXGI surfaces is implemented. This is used for rendering to DXGI surfaces using GDI. - More DXGI swapchain methods are implemented, particularly those relating to switching display modes and switching to and from fullscreen. - When ARB_clip_control and ARB_viewport_array are both supported, position fixups are slightly more efficient. - The APPLE_client_storage extension is no longer used. It caused more problems than it solved. - New HKCU\Software\Wine\Direct3D registry keys: - "CheckFloatConstants" (REG_SZ). Setting this to "enabled" enables additional run-time bounds checking on relatively addressed shader constant access. This helps some (broken) applications, but comes at a performance cost. - "MaxShaderModelHS", "MaxShaderModelDS" and "MaxShaderModelCS" (REG_DWORD). These limit the maximum supported shader model for hull, domain, and compute shaders respectively, analogous to the existing "MaxShaderModelVS", "MaxShaderModelGS", "MaxShaderModelPS" keys. Note that these shader types are new in shader model 5, so setting this to anything lower than 5 will effectively disable them. - "SampleCount" (REG_DWORD). Setting this registry key will force the multisample anti-aliasing sample count to the specified value for swapchain render targets. This allows anti-aliasing to be forced on applications that do not otherwise support anti-aliasing themselves, but may have no effect or break the application depending on the specific application. *** DirectDraw - Retrieving a GDI device context from a DirectDraw surface is implemented in a more accurate way. In particular, retrieving a GDI device context for a "client memory" surface will retrieve a GDI device context that's backed by that same client memory. - A number of fixes related to vertex transformation in early DirectDraw versions have been made. *** D3DX - The support for the D3DX 9 effect framework is more complete, in particular: - There is initial support for preshaders. - Many more effect states are correctly applied. - D3DX 10 and 11 asynchronous data loaders are implemented. - The d3dx9 DLLs no longer forward to d3dx9_36, but are built from the same source instead. - The d3dcompiler DLLs no longer forward to d3dcompiler_43, but are built from the same source instead. *** Sound and video - GStreamer version 1.0 is supported for audio and video streams. - DirectSound supports downmixing from 5.1 and 4.0 formats to stereo. *** Internet and networking - The Web Services API is supported. The XML reader and writer are implemented, along with support for serializing many common data types. Basic support for making SOAP calls is also included. This enables Microsoft Office 2013 online activation. - The Gecko engine is updated to the version from Firefox 47. - IDN name resolution is supported. - Various SHA hashes are supported using GnuTLS. - Looking up the host address prioritizes non-loopback interfaces, which fixes a number of networked games. - XML writing is faster for large files. - Winsock supports the IP_DONTFRAGMENT socket option. - Long URLs are handled correctly. - JavaScript performance is improved. JSON is also supported. *** Internationalization - There is proper support for the Persian locale. - Uniscribe better supports right-to-left languages. - Japanese Hiragana, Katakana and full-width/half-width character mapping is implemented. *** 64-bit support - 64-bit applications are supported on macOS. - The Mono engine has 64-bit support. - C++ exceptions are handled correctly on x86-64, including nested exceptions and collided unwinds. - The debug registers are supported on x86-64. *** Built-in applications - The 'winebrowser' helper application supports multiple arguments to invoke the host browser or mailer. - The 'reg' command-line registry utility supports the 'query' command, all registry data types, and has more robust command line handling. - The 'winhlp32' help viewer properly displays tables and images. - The 'wineconsole' tool better supports East-Asian fonts. Color handling is also improved. *** Build environment - Import libraries can optionally be built as static libraries similarly to Windows, instead of .def files. This avoids the need for a separate .def.a library file. - The IDL compiler supports "midl_pragma warning" directives. - Cross-compilation with the Mingw-w64 Clang and ARM toolchains is supported. *** Kernel - A new driver architecture is in place for supporting HID devices. This follows the Windows model, with platform-specific bus drivers and HID minidrivers. It will be used in future releases to unify support for HID devices, and potentially also for USB device support. - Loading multiple kernel drivers inside the same user-mode process is supported. This is used for HID drivers. - A directory cache is implemented, to allow returning files in the expected order and avoid relying on platform-specific system calls. - Many more API Set libraries (the oddly-named api-ms-win-* dlls) are implemented. - Interrupt 0x2d (used for debugger checks) is emulated. *** Miscellaneous - Read interval timeouts are supported for serial ports. - Variables starting with 'QT_' are filtered from the Unix environment since they may have unwanted effects on Qt-based Windows applications. - Support for joystick button mapping and force feedback effects is improved. - Many stream classes are implemented in MSVCIRT, the old I/O stream C++ runtime. - Windows Management Instrumentation (WMI) implements some more WBEM classes. - Most remaining OpenMP functions are implemented. - Uninstallation support in MSI is improved. *** New external dependencies - libudev is used for HID device support. - GStreamer version 1.0 is used instead of version 0.10. - GnuTLS version 2.10 or higher is required for the SHA hashing functions to be supported. *** Configuration changes - A number of DLLs are now built separately from a common source, instead of forwarding to a master DLL. This means that native DLL overrides need to be set on the specific version of the DLL being loaded, instead of the master one. This applies to the d3dx9_*, d3dcompiler_*, xaudio2_*, xapofx1_* and x3daudio1_* DLLs. *** Release numbering - Starting with 2.0, version numbering will change: stable release updates will follow the existing scheme: 2.0.1, 2.0.2, 2.0.3, etc. but the developemnt branch will drop the intermediate number: the releases will be numbered 2.1, 2.2, 2.3, etc. leading to the next stable release, which will be called 3.0. -- Alexandre Julliard julliard ( -at -) winehq.org
×