news

** TECHSPOT ------------------------------------------------------------ ** The Ideal Smartphone for 2017 ------------------------------------------------------------ ** http://www.techspot.com/article/1307-ideal-smartphone/ ------------------------------------------------------------ My quest for the perfect handset continues. Some phones came close - I loved the Google Pixel XL and the Galaxy S7 was pretty good - but nothing was without fault. In this article, I'll be exploring the perfect smartphone; the flagship phone I want to see in 2017. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

** TECHSPOT ------------------------------------------------------------ ** The Ideal Smartphone for 2017 ------------------------------------------------------------ ** http://www.techspot.com/article/1307-ideal-smartphone/ ------------------------------------------------------------ My quest for the perfect handset continues. Some phones came close - I loved the Google Pixel XL and the Galaxy S7 was pretty good - but nothing was without fault. In this article, I'll be exploring the perfect smartphone; the flagship phone I want to see in 2017. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

** TECHSPOT ------------------------------------------------------------ ** The Ideal Smartphone for 2017 ------------------------------------------------------------ ** http://www.techspot.com/article/1307-ideal-smartphone/ ------------------------------------------------------------ My quest for the perfect handset continues. Some phones came close - I loved the Google Pixel XL and the Galaxy S7 was pretty good - but nothing was without fault. In this article, I'll be exploring the perfect smartphone; the flagship phone I want to see in 2017. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

CentOS Errata and Security Advisory 2017:0180 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0180.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: e04f0af0db6bf5966115be1c780071d3c25c5bbb91b2293d561a6fa15d1631aa java-1.8.0-openjdk-1.8.0.121-0.b13.el6_8.i686.rpm 864d94e6e625bc5a1c1917d7daadb5cb18d23edbd83a959e81f3e933a96127cc java-1.8.0-openjdk-debug-1.8.0.121-0.b13.el6_8.i686.rpm 14a0f1360afffd36590ddafbc3c85c2070ab29441431a35f424d533d4689e42f java-1.8.0-openjdk-demo-1.8.0.121-0.b13.el6_8.i686.rpm 0b27c5e7c38290daf4b10a3afd8088c2b98d32018dafdbe11fb85cb401ac99a1 java-1.8.0-openjdk-demo-debug-1.8.0.121-0.b13.el6_8.i686.rpm d7ec3be372b0b762035137aa79932ff4adba3113d15ddfc1728469c362d7bea6 java-1.8.0-openjdk-devel-1.8.0.121-0.b13.el6_8.i686.rpm e93b86d265215f0f7eed95889f479881b26436934ea1dcf7bfbb896c37e1579c java-1.8.0-openjdk-devel-debug-1.8.0.121-0.b13.el6_8.i686.rpm e7ec1b932abf317c54744e4053209ab525d129db5c4a55cf5aef2afaf894da3e java-1.8.0-openjdk-headless-1.8.0.121-0.b13.el6_8.i686.rpm ac9e8aeec13ad539b2ce43dda728936102a6dcf3337ec002d5fec1b22cba32b8 java-1.8.0-openjdk-headless-debug-1.8.0.121-0.b13.el6_8.i686.rpm ea03e4503f1d19fc9e07e4cf72abfe77cdca5a9fbf480f7361dbb474f750b724 java-1.8.0-openjdk-javadoc-1.8.0.121-0.b13.el6_8.noarch.rpm d27d67a2828310000afcda45aece8be486a4d07a24917618e2bbb1fd383b31c2 java-1.8.0-openjdk-javadoc-debug-1.8.0.121-0.b13.el6_8.noarch.rpm 156ed32eaf641980040ea33925b5325d89c9eea3d67bfb27835d66aaae5d1c8a java-1.8.0-openjdk-src-1.8.0.121-0.b13.el6_8.i686.rpm 72056b3acfc35e1512d431d170bf0bfb3ec41e014d63a37d44a947a3dd566e63 java-1.8.0-openjdk-src-debug-1.8.0.121-0.b13.el6_8.i686.rpm x86_64: 882720170cdd2b723de69104217ba3bfb6f9a88c1f42b4ab1f71d540974d7aca java-1.8.0-openjdk-1.8.0.121-0.b13.el6_8.x86_64.rpm 226b4196d0aeb6e69c68b79a25c761ff6a68002b8461d67eda8396c945fe7380 java-1.8.0-openjdk-debug-1.8.0.121-0.b13.el6_8.x86_64.rpm 25de4d1e1d3154aa6c96d23d2fe3e8c6b422ebd45e1d8d83f150f63b2b82bb2d java-1.8.0-openjdk-demo-1.8.0.121-0.b13.el6_8.x86_64.rpm 46839bfcaadc731258cf7f0434f0f9f4e3bc3ac869a60196b78f36dbfdd12602 java-1.8.0-openjdk-demo-debug-1.8.0.121-0.b13.el6_8.x86_64.rpm d99419b905892f7a4682cb6727a41b9c4c4a033efa9e78216f6c134b6633ee3b java-1.8.0-openjdk-devel-1.8.0.121-0.b13.el6_8.x86_64.rpm 02f44a59db465a34b851188016ed34f4e7086b5626728e7b3937cb0ad802ba4f java-1.8.0-openjdk-devel-debug-1.8.0.121-0.b13.el6_8.x86_64.rpm db7da24a1dd722fdcb576491fae25fe01c4ac85e19ffb039b0cd7aade82897de java-1.8.0-openjdk-headless-1.8.0.121-0.b13.el6_8.x86_64.rpm 4efccbc0830a05709ffa58a8d7124a52ef58e5c6ed57747fe5c63a0088ffdc4c java-1.8.0-openjdk-headless-debug-1.8.0.121-0.b13.el6_8.x86_64.rpm ea03e4503f1d19fc9e07e4cf72abfe77cdca5a9fbf480f7361dbb474f750b724 java-1.8.0-openjdk-javadoc-1.8.0.121-0.b13.el6_8.noarch.rpm d27d67a2828310000afcda45aece8be486a4d07a24917618e2bbb1fd383b31c2 java-1.8.0-openjdk-javadoc-debug-1.8.0.121-0.b13.el6_8.noarch.rpm 50f40ffa84e6f61c9e8de385618530246b14db4080b20efb43ae38aa3e52ac39 java-1.8.0-openjdk-src-1.8.0.121-0.b13.el6_8.x86_64.rpm b20148d489829fd3236174b32d6057a1d6b3a77cfaccd261825c68ca1952e73e java-1.8.0-openjdk-src-debug-1.8.0.121-0.b13.el6_8.x86_64.rpm Source: 893dd0e503edfbf2bbf0018a0c019bf55d9259a8aef8f3a768832870f7678673 java-1.8.0-openjdk-1.8.0.121-0.b13.el6_8.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Security Advisory 2017:0180 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0180.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: b002bc39803820082dabc431b991958f9397bc317248e981f77530cf8428c717 java-1.8.0-openjdk-1.8.0.121-0.b13.el7_3.i686.rpm 460180c36d7248c993ed1c7efd333fe7c9819dc9be1b12208ddd3071c140a55a java-1.8.0-openjdk-1.8.0.121-0.b13.el7_3.x86_64.rpm e248153a1904ea792d4815c47960c5a73e59abc1c4cf5cec464bd453bc7762e6 java-1.8.0-openjdk-accessibility-1.8.0.121-0.b13.el7_3.x86_64.rpm 5d2c4f7cb529dcd1763a9ae648d447edbc5f07a01c54423a69cb0d140de0c6a6 java-1.8.0-openjdk-accessibility-debug-1.8.0.121-0.b13.el7_3.x86_64.rpm ecba68f71f2cbcb197c41220b648694e847a0437d2b24499a65107dadcdb3510 java-1.8.0-openjdk-debug-1.8.0.121-0.b13.el7_3.i686.rpm a87f43a746f505fc2827afa5ace424006850d07dc2647b79b534281898a5718f java-1.8.0-openjdk-debug-1.8.0.121-0.b13.el7_3.x86_64.rpm 39833c95afbc018e7a91c9a2476cb5055ca32fc2fcc6b60d79408e34b81f8ca1 java-1.8.0-openjdk-demo-1.8.0.121-0.b13.el7_3.x86_64.rpm ca5a4add5dbd60bac513d89e7e915660d31d1b8c4ce7f273990a1f45f387a931 java-1.8.0-openjdk-demo-debug-1.8.0.121-0.b13.el7_3.x86_64.rpm a0c638d96cbbcb3acea1b71f51adc571ff6a09c7c0c8d9cb519e654fce15cd07 java-1.8.0-openjdk-devel-1.8.0.121-0.b13.el7_3.i686.rpm 9e1bb8b701666ff38b321f8b7a152df363bf4f6ea0276f98bd540d151a901278 java-1.8.0-openjdk-devel-1.8.0.121-0.b13.el7_3.x86_64.rpm b9122db5db773a07675bfd042aff7b248ec7f4cdc905b78ce43b2d8fde466b31 java-1.8.0-openjdk-devel-debug-1.8.0.121-0.b13.el7_3.i686.rpm 4acc1c716632d0dc135a0ca0ed2d8de29e5813d62c9ef579bd2783191f254850 java-1.8.0-openjdk-devel-debug-1.8.0.121-0.b13.el7_3.x86_64.rpm 8f92a775f9a1056256baf5b132cbf4a61d12e3db79ae4b33dd7c6da80cd0e82f java-1.8.0-openjdk-headless-1.8.0.121-0.b13.el7_3.i686.rpm 820b3b25e699f6dc0768fee7f8362ea5bf3770046dfdbdfc2d1e7bd6d56946f8 java-1.8.0-openjdk-headless-1.8.0.121-0.b13.el7_3.x86_64.rpm e2e99c6977af60e940b6b6e74a35d744742a2a85cf9a2779c5f141375be2393d java-1.8.0-openjdk-headless-debug-1.8.0.121-0.b13.el7_3.i686.rpm e47d2e31358e70ebc3b83f8f32b986df3c293b465ba46da4c91f05a7c1c8e8cf java-1.8.0-openjdk-headless-debug-1.8.0.121-0.b13.el7_3.x86_64.rpm 77c3b0a2194e7239009c8f68f136e7eeeb2ce4ed287a6d9c52ff01dfc3655718 java-1.8.0-openjdk-javadoc-1.8.0.121-0.b13.el7_3.noarch.rpm f0b418e75b930fb391bbb05021d638e1569d83b85603c49267708adcef8777ed java-1.8.0-openjdk-javadoc-debug-1.8.0.121-0.b13.el7_3.noarch.rpm d06e1bfe81fd73e1c143a5bc22d5ad881794acc186408ba142fefdc3128a151d java-1.8.0-openjdk-javadoc-zip-1.8.0.121-0.b13.el7_3.noarch.rpm c68200d318c1b4c803e2b4822ba74963d955c737397e259f2c32c87127048b45 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.121-0.b13.el7_3.noarch.rpm 2d57cd90202ef0aa603585c9f5e2e9cba72e1c07aa324de697cc307dd4f17121 java-1.8.0-openjdk-src-1.8.0.121-0.b13.el7_3.x86_64.rpm e99b31852e84ff9e81784d68a53204b4f6168f0fde26f209c0eb56c41755e6ae java-1.8.0-openjdk-src-debug-1.8.0.121-0.b13.el7_3.x86_64.rpm Source: 6df0ee7bf1488263efafcc84765297e4b970ad8f1ca5291ae90f2d43536ec7f3 java-1.8.0-openjdk-1.8.0.121-0.b13.el7_3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Roccat Kone EMP Gaming Mouse Link: http://www.techpowerup.com/reviews/ROCCAT/Kone_EMP Brief: The Roccat Kone EMP is the successor to the Kone XTD, Roccat's ergo mouse for people who palm grip or have large hands. It's a high quality product with stunning performance, best-in-class sensor and well-rounded software for a reasonable price of $70.

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Roccat Kone EMP Gaming Mouse Link: http://www.techpowerup.com/reviews/ROCCAT/Kone_EMP Brief: The Roccat Kone EMP is the successor to the Kone XTD, Roccat's ergo mouse for people who palm grip or have large hands. It's a high quality product with stunning performance, best-in-class sensor and well-rounded software for a reasonable price of $70.

SUSE Security Update: Security update for Linux Kernel Live Patch 15 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0246-1 Rating: important References: #1012852 #1013543 #1013604 #1014271 #1017589 Cross-References: CVE-2016-8632 CVE-2016-9576 CVE-2016-9794 CVE-2016-9806 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 3.12.60-52_54 fixes several issues. The following security bugs were fixed: - CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bsc#1017589). - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bsc#1012852). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-127=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-127=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_54-default-5-2.1 kgraft-patch-3_12_60-52_54-xen-5-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_54-default-5-2.1 kgraft-patch-3_12_60-52_54-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://www.suse.com/security/cve/CVE-2016-9806.html https://bugzilla.suse.com/1012852 https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014271 https://bugzilla.suse.com/1017589 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 10 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0247-1 Rating: important References: #1012852 #1013543 #1013604 #1014271 #1017589 Cross-References: CVE-2016-8632 CVE-2016-9576 CVE-2016-9794 CVE-2016-9806 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 3.12.51-52_34 fixes several issues. The following security bugs were fixed: - CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bsc#1017589). - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bsc#1012852). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-131=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-131=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_51-52_34-default-8-2.1 kgraft-patch-3_12_51-52_34-xen-8-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_51-52_34-default-8-2.1 kgraft-patch-3_12_51-52_34-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://www.suse.com/security/cve/CVE-2016-9806.html https://bugzilla.suse.com/1012852 https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014271 https://bugzilla.suse.com/1017589 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 14 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0248-1 Rating: important References: #1012852 #1013543 #1013604 #1014271 #1017589 Cross-References: CVE-2016-8632 CVE-2016-9576 CVE-2016-9794 CVE-2016-9806 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 3.12.60-52_49 fixes several issues. The following security bugs were fixed: - CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bsc#1017589). - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bsc#1012852). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-128=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-128=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_49-default-5-2.1 kgraft-patch-3_12_60-52_49-xen-5-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_49-default-5-2.1 kgraft-patch-3_12_60-52_49-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://www.suse.com/security/cve/CVE-2016-9806.html https://bugzilla.suse.com/1012852 https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014271 https://bugzilla.suse.com/1017589 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 13 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0249-1 Rating: important References: #1012852 #1013543 #1013604 #1014271 #1017589 Cross-References: CVE-2016-8632 CVE-2016-9576 CVE-2016-9794 CVE-2016-9806 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 3.12.55-52_45 fixes several issues. The following security bugs were fixed: - CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bsc#1017589). - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bsc#1012852). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-129=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-129=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_55-52_45-default-5-2.1 kgraft-patch-3_12_55-52_45-xen-5-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_55-52_45-default-5-2.1 kgraft-patch-3_12_55-52_45-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://www.suse.com/security/cve/CVE-2016-9806.html https://bugzilla.suse.com/1012852 https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014271 https://bugzilla.suse.com/1017589 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 12 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0244-1 Rating: important References: #1012852 #1013543 #1013604 #1014271 #1017589 Cross-References: CVE-2016-8632 CVE-2016-9576 CVE-2016-9794 CVE-2016-9806 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 3.12.55-52_42 fixes several issues. The following security bugs were fixed: - CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bsc#1017589). - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bsc#1012852). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-130=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-130=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_55-52_42-default-5-2.1 kgraft-patch-3_12_55-52_42-xen-5-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_55-52_42-default-5-2.1 kgraft-patch-3_12_55-52_42-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://www.suse.com/security/cve/CVE-2016-9806.html https://bugzilla.suse.com/1012852 https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014271 https://bugzilla.suse.com/1017589 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 16 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0245-1 Rating: important References: #1012852 #1013543 #1013604 #1014271 #1017589 Cross-References: CVE-2016-8632 CVE-2016-9576 CVE-2016-9794 CVE-2016-9806 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 3.12.60-52_57 fixes several issues. The following security bugs were fixed: - CVE-2016-9806: Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel allowed local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that made sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated (bsc#1017589). - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bsc#1012852). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-126=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-126=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_60-52_57-default-3-2.1 kgraft-patch-3_12_60-52_57-xen-3-2.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_60-52_57-default-3-2.1 kgraft-patch-3_12_60-52_57-xen-3-2.1 References: https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://www.suse.com/security/cve/CVE-2016-9806.html https://bugzilla.suse.com/1012852 https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014271 https://bugzilla.suse.com/1017589 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

At Phoronix we have posted a new article. A link to this from your site's news section would be greatly appreciated. Title: Intel Kabylake: Windows 10 vs. Linux OpenGL Performance ( -at -) Phoronix Direct Link: http://www.phoronix.com/vr.php?view=24045 Summary: "For those curious about the current Kabylake graphics performance between Windows 10 and Linux, here are some OpenGL benchmark results under each operating system. Windows 10 Pro x64 was tested and the Linux distributions for comparison were Ubuntu 16.10, Clear Linux, Antergos, Fedora 25 Xfce, and openSUSE Tumbleweed." Please feel free to contact us with any questions or comments you may

<http://www.eteknix.com> Razer Kraken Pro V2 eSports Gaming Headset Review Razer is one of the leading brands when it comes to PC peripherals, with a following so large and often so loyal some even joke that they're a cult. This is no bad thing for Razer, and with a huge collection of award-winning products to their name, it's easy to see how they've grown so much over the years. One of the key components in this growth was their popular Kraken headset, and now Razer is back with a new and improved model, the Kraken Pro V2! URL - http://www.eteknix.com/razer-kraken-pro-v2-esports-gaming-headset-review/ --

<http://www.eteknix.com> Thecus N4810 4-Bay SMB and Enthusiast NAS Review In today's review, I'm taking a closer look at a NAS that we've already featured in an earlier article, the Thecus N4810 which I used for our recently published Use your NAS as a Home Theater System feature. URL - http://www.eteknix.com/thecus-n4810-4-bay-smb-enthusiast-nas-review/ --

** TECHSPOT ------------------------------------------------------------ ** Meizu Pro 6 Plus Review ------------------------------------------------------------ ** http://www.techspot.com/review/1311-meizu-pro-6-plus/ ------------------------------------------------------------ The Pro 6 Plus is the highest-end smartphone currently sold by Meizu. It’s a true flagship, featuring the same Exynos SoC as seen in the Samsung Galaxy S7, a large 5.7-inch 1440p AMOLED display, a beautiful aluminium unibody chassis, and a 12-megapixel camera with OIS and laser autofocus. Despite packing top-end specifications it is priced to undercut most of its competition. Thank you. Julio Franco Executive Editor | TECHSPOT (http://www.techspot.com) ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

** TECHSPOT ------------------------------------------------------------ ** Meizu Pro 6 Plus Review ------------------------------------------------------------ ** http://www.techspot.com/review/1311-meizu-pro-6-plus/ ------------------------------------------------------------ The Pro 6 Plus is the highest-end smartphone currently sold by Meizu. It’s a true flagship, featuring the same Exynos SoC as seen in the Samsung Galaxy S7, a large 5.7-inch 1440p AMOLED display, a beautiful aluminium unibody chassis, and a 12-megapixel camera with OIS and laser autofocus. Despite packing top-end specifications it is priced to undercut most of its competition. Thank you. Julio Franco Executive Editor | TECHSPOT (http://www.techspot.com) ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

The Wine development release 2.0-rc6 is now available. Barring last minute regressions, this is expected to be the last release candidate for 2.0. What's new in this release (see below for details): - Bug fixes only, we are in code freeze. The source is available from the following locations: http://dl.winehq.org/wine/source/2.0/wine-2.0-rc6.tar.bz2 http://mirrors.ibiblio.org/wine/source/2.0/wine-2.0-rc6.tar.bz2 Binary packages for various distributions will be available from: http://www.winehq.org/download You will find documentation on http://www.winehq.org/documentation You can also get the current source directly from the git repository. Check http://www.winehq.org/git for details. Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list. ---------------------------------------------------------------- Bugs fixed in 2.0-rc6 (total 21): 11179 NO$GBA 2.6a debugger GUI buttons are not stacked 19862 CodeCreatures crashes. 28672 VirtualDub: crash when using directx for display panes 33859 Visual Web Developer Express 2008 crashes when clicking "Browse" (bug in PropertySheet common control) 34127 FIFA 2000 demo crashes after 'Press Any Key' 35669 Space Giraffe: text between levels (and on level selection screen) is corrupted / unreadable 36525 Ctrl+C does not copy in the Battle.net chat scrollback 38305 SMARegisTry Backup installer: corrupted window title 38845 Battle.net launcher shows white screen with WINEPREFIX Windows version > 'Windows XP' (builtin 'd3dcompiler_46.dll' is not mature enough) 38850 crypt32/tests: chain test fails on Debian Jessie 39642 Battle.net crashes when you try to resize the window when "allow the window manager to decorate the windows" is unchecked. 40096 Pendulumania: Black screen 40781 KSP Trajectory Optimization Tool (using MATLAB Runtime (MCR)) "Could not successfully parse URI string" 41001 64-bit Core Temp 1.x kernel driver 'ALSysIO.sys' crashes on unimplemented function ntoskrnl.exe.RtlUnwindEx 41218 curl 7.50: HTTPS fails with InitializeSecurityContext failed: SEC_E_INVALID_TOKEN 41290 DirectShow applications: MP3 playback is broken if winegstreamer is disabled 42020 Tompi Jones fails creating user profile 42211 redefinition of typedef 'REFERENCE_TIME' 42228 bcrypt:bcrypt test regression (test_aes) 42229 advapi32:eventlog test regression (privilege issue in test_start_trace) 42243 3DMark11 installer crashes with access violation in Freetype because font data is released too early ---------------------------------------------------------------- Changes since 2.0-rc5: André Hentschel (6): oleview: Remove dead assignments (clang). winebrowser: Fix allocation count (Coverity). regedit: Remove dead assignment (clang). iphlpapi/tests: Add test for AllocateAndGetTcpExTableFromStack. iphlpapi/tests: Fix usage of broken(). ntdll: Fix some spec file entries. Austin English (1): ntoskrnl.exe: Forward RtlUnwindEx to ntdll. Bruno Jesus (1): msacm32: Reduce block align condition scope to test covered drivers. Hans Leidekker (3): advapi32/tests: Skip StartTrace tests if the user doesn't have admin rights. bcrypt/tests: Relax the AES object length test. msvcp120/tests: Fix test failures on Windows XP. Henri Verbeet (1): wined3d: Add GPU information for AMD TONGA. Huw D. M. Davies (10): secur32/tests: Fix test failures on Windows 10. kernel32/tests: Windows 10 accepts locale names like "zz-ZZ" and "foo". kernel32/tests: Fix the invariant locale's country abbreviation on Windows 10. kernel32/tests: Skip testing the translated invariant names on non US-English locales. msctf/tests: Fix usage of test_ShouldDeactivate which is a BOOL. msctf/tests: Fix tests on Windows 8 and 10. msctf/tests: Return if the constructor fails. This avoids several clang warnings. user32/tests: Windows 10 no longer supports setting bpp to zero. msxml3/tests: Windows 10 no longer supports variants by reference, so pass it directly. wintrust/tests: Zero-init error array to prevent failures on 64-bit. Jacek Caban (2): urlmon: Correctly handle INTERNET_STATUS_REQUEST_COMPLETE notification with no data available. kernel32/tests: Improved pipe CloseHandle tests. Jarkko Korpi (1): winex11.drv: Add 640x400 mode to virtual desktop. Józef Kucia (2): ddraw/tests: Rewrite StructSizeTest(). d3d9/tests: Remove redundant state setting calls. Marcus Meissner (1): shell32/tests: Fixed CharLowerBuffA size. Michael Müller (2): dsound: Respect return value of callback in DirectSoundEnumerateA/W. wined3d: Do not set DDCAPS_ALIGNBOUNDARYSRC caps for ddraw. Michael Stefaniuc (3): wrc: Remove a wrong comment. po: Fixes and more updates for the Romanian translation. ddraw/tests: Remove some no longer needed broken(TRUE). Nikolay Sivov (2): dwrite: Let freetype face cache manage lifetime of requested file fragments. uxtheme/tests: Some tests for buffered painting API. Samuele Guerrini (1): winebus.sys: Buffer length check fix. Sebastian Lackner (2): include: Avoid duplicate definition of REFERENCE_TIME. comctl32/tests: Add tests for PROPSHEET_InsertPage. -- Alexandre Julliard julliard ( -at -) winehq.org

-------- COOLER MASTER MASTERKEYS PRO L MECHANICAL KEYBOARD REVIEW ( -at -) APH NETWORKS ------------------------------------------------------------ Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: Cooler Master MasterKeys Pro L Mechanical Keyboard Review ( -at -) APH Networks * Description: The Cooler Master MasterKeys Pro L is a no frills, full sized, full backlit mechanical keyboard with real Cherry MX switches at a great price. * Link: http://aphnetworks.com/reviews/cooler-master-masterkeys-pro-l * Image: http://aphnetworks.com/review/cooler-master-masterkeys-pro-l/004.JPG Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5

<http://www.eteknix.com> Turtle Beach Multi-Format Stream Mic Review While many of us only need a standard headset with a simple boom mic, there's a growing demand for higher quality microphones for both gamers and streamers, on Twitch, YouTube Live and much more. Turtle Beach are not the first to make a dedicated streaming microphone, but they are one of the more affordable options too, and their new Stream Mic comes with support for Xbox One, PlayStation 4 and PC, making it a tempting solution for the multi-format gamer and streamer. URL - http://www.eteknix.com/turtle-beach-multi-format-stream-mic-review/ --

<http://www.eteknix.com> Noontec TerraMaster D4-310 4-Bay USB Type-C DAS Review I have had a close look at a lot of storage devices of various types here at eTeknix, but there have been few DAS units between them. Today I'm taking the Noontec TerraMaster D4-310 4-bay Direct Attached Storage <http://terra-master.com/html/en/article_read_1402.html>  unit for a spin in the testing area and a closer look at the details. URL - http://www.eteknix.com/noontec-terramaster-d4-310-4-bay-usb-type-c-das-review/ --

SUSE Security Update: Security update for gstreamer-0_10-plugins-good ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0237-1 Rating: important References: #1012102 #1012103 #1012104 #1013653 #1013655 #1013663 Cross-References: CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9807 CVE-2016-9808 CVE-2016-9810 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: gstreamer-0_10-plugins-good was updated to fix five security issues. These security issues were fixed: - CVE-2016-9635: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012103). - CVE-2016-9634: Invalid FLIC files could have caused and an out-of-bounds write (bsc#1012102). - CVE-2016-9810: Invalid files can be used to extraneous unreferences, leading to invalid memory access and DoS (bsc#1013663). - CVE-2016-9807: Prevent the reading of invalid memory in flx_decode_chunks, leading to DoS (bsc#1013655). - CVE-2016-9808: Prevent maliciously crafted flic files from causing invalid memory accesses (bsc#1013653). To install this update libbz2-1 needs to be installed if it isn't already present on the system. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-118=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-118=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): gstreamer-0_10-plugins-good-0.10.31-13.3.3 gstreamer-0_10-plugins-good-debuginfo-0.10.31-13.3.3 gstreamer-0_10-plugins-good-debugsource-0.10.31-13.3.3 - SUSE Linux Enterprise Workstation Extension 12-SP1 (noarch): gstreamer-0_10-plugins-good-lang-0.10.31-13.3.3 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): gstreamer-0_10-plugins-good-0.10.31-13.3.3 gstreamer-0_10-plugins-good-debuginfo-0.10.31-13.3.3 gstreamer-0_10-plugins-good-debugsource-0.10.31-13.3.3 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): gstreamer-0_10-plugins-good-lang-0.10.31-13.3.3 References: https://www.suse.com/security/cve/CVE-2016-9634.html https://www.suse.com/security/cve/CVE-2016-9635.html https://www.suse.com/security/cve/CVE-2016-9636.html https://www.suse.com/security/cve/CVE-2016-9807.html https://www.suse.com/security/cve/CVE-2016-9808.html https://www.suse.com/security/cve/CVE-2016-9810.html https://bugzilla.suse.com/1012102 https://bugzilla.suse.com/1012103 https://bugzilla.suse.com/1012104 https://bugzilla.suse.com/1013653 https://bugzilla.suse.com/1013655 https://bugzilla.suse.com/1013663 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

View this email in your browser (http://us3.campaign-archive2.com/?u=efc4c507c2cf964fc2462caca&id=4bab6253d0&e=0c004f9c13) As a perennial Samsung Galaxy S series user, I decided it was high time, beyond just the sterile confines of a product review, to live with Google’s latest Android purist device for an extended period of time. I’ve spent quality time with Nexus devices in the past, but the Google Pixel XL, with its 5.5-inch AMOLED display, felt like a possible successor as a daily driver for me. So, here are my high level take-aways of a Galaxy S7 Edge to Pixel XL migration, from hardware to software, and creature comforts. Google Pixel XL Vs. Samsung Galaxy S7 Edge: 6 Weeks With Android Nougat Purity (http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=e701015914&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=f65ea48700&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=7ce6011177&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=2d220e2692&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=63c8fafd78&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=53ec01421d&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=15c5103d2b&e=0c004f9c13 ============================================================

SUSE Security Update: Security update for Linux Kernel Live Patch 7 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0226-1 Rating: important References: #1012852 #1013543 #1013604 #1014271 Cross-References: CVE-2016-8632 CVE-2016-9576 CVE-2016-9794 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that solves three vulnerabilities and has one errata is now available. Description: This update for the Linux Kernel 3.12.62-60_62 fixes several issues. The following security bugs were fixed: - CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bsc#1012852). - CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2017-112=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_62-60_62-default-5-2.1 kgraft-patch-3_12_62-60_62-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-9576.html https://www.suse.com/security/cve/CVE-2016-9794.html https://bugzilla.suse.com/1012852 https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014271 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org