Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mcabber (SSA:2016-347-02) New mcabber packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/loudmouth-1.5.3-i586-1_slack14.2.txz: Upgraded. This update is needed for the mcabber security update. patches/packages/mcabber-1.0.4-i586-1_slack14.2.txz: Upgraded. This update fixes a security issue which can lead to a malicious actor MITMing a conversation, or adding themselves as an entity on a third parties roster (thereby granting themselves the associated priviledges such as observing when the user is online). For more information, see: https://gultsch.de/gajim_roster_push_and_message_interception.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9928 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/mcabber-1.0.4-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/mcabber-1.0.4-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mcabber-1.0.4-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mcabber-1.0.4-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/mcabber-1.0.4-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/mcabber-1.0.4-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/mcabber-1.0.4-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/mcabber-1.0.4-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 package: fd38253e79e4b766ad194d4fceaa5d8d mcabber-1.0.4-i486-1_slack14.0.txz Slackware x86_64 14.0 package: c859617864745e03fd527fca1030d518 mcabber-1.0.4-x86_64-1_slack14.0.txz Slackware 14.1 package: d5adbde2cba42fcfa915c07814fb33b5 mcabber-1.0.4-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 2af12adcb6691b94edd3f668eb424805 mcabber-1.0.4-x86_64-1_slack14.1.txz Slackware 14.2 package: d2a06d1fd910aecaaa384f115bb58bc3 mcabber-1.0.4-i586-1_slack14.2.txz Slackware x86_64 14.2 package: cda2b990fe27fb3a33039ffd53aad42e mcabber-1.0.4-x86_64-1_slack14.2.txz Slackware -current package: a2b3fc780a5013e96aee9924bac333c9 n/mcabber-1.0.4-i586-1.txz Slackware x86_64 -current package: e212a2abac6dd59728869361651ecdc7 n/mcabber-1.0.4-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mcabber-1.0.4-i586-1_slack14.2.txz A new loudmouth package is also provided. Be sure to update this as well. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+
  2. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] php (SSA:2016-347-03) New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/php-5.6.29-i586-1_slack14.2.txz: Upgraded. This release fixes bugs and security issues. For more information, see: https://php.net/ChangeLog-5.php#5.6.29 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9935 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.6.29-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.6.29-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.6.29-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.6.29-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/php-5.6.29-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/php-5.6.29-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.29-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.29-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 package: 3b1bcd9a49f51a1c53b6d78fac417e4c php-5.6.29-i486-1_slack14.0.txz Slackware x86_64 14.0 package: f8cf25305c8da567de0d27ba50dc70eb php-5.6.29-x86_64-1_slack14.0.txz Slackware 14.1 package: b2d17fad7d12e9164f647fad58a9e6d8 php-5.6.29-i486-1_slack14.1.txz Slackware x86_64 14.1 package: d8af82b42e32c6cdaf2796b99bb1dcdb php-5.6.29-x86_64-1_slack14.1.txz Slackware 14.2 package: 7e58a0bd4fb49042c070bf93bd86e7fa php-5.6.29-i586-1_slack14.2.txz Slackware x86_64 14.2 package: d1c5f9f1fb9fa184797d7764a57190e8 php-5.6.29-x86_64-1_slack14.2.txz Slackware -current package: 3d5500cbe78434ba2689c9299a93dc59 n/php-5.6.29-i586-1.txz Slackware x86_64 -current package: 669059915290232877a19f43a76ee6c6 n/php-5.6.29-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg php-5.6.29-i586-1_slack14.2.txz Then, restart Apache httpd: # /etc/rc.d/rc.httpd stop # /etc/rc.d/rc.httpd start +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+
  3. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] kernel (SSA:2016-347-01) New kernel packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.38/*: Upgraded. This kernel fixes a security issue with a race condition in net/packet/af_packet.c that can be exploited to gain kernel code execution from unprivileged processes. Thanks to Philip Pettersson for discovering the bug and providing a patch. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=84ac7260236a49c79eede91617700174c2c19b0c https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8655 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.38/kernel-firmware-20161211git-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.38/kernel-generic-4.4.38-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.38/kernel-generic-smp-4.4.38_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.38/kernel-headers-4.4.38_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.38/kernel-huge-4.4.38-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.38/kernel-huge-smp-4.4.38_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.38/kernel-modules-4.4.38-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.38/kernel-modules-smp-4.4.38_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.38/kernel-source-4.4.38_smp-noarch-1.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.38/kernel-firmware-20161211git-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.38/kernel-generic-4.4.38-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.38/kernel-headers-4.4.38-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.38/kernel-huge-4.4.38-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.38/kernel-modules-4.4.38-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.38/kernel-source-4.4.38-noarch-1.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-firmware-20161211git-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-4.4.38-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-smp-4.4.38_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-4.4.38-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-smp-4.4.38_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-4.4.38-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-smp-4.4.38_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-4.4.38_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-4.4.38_smp-noarch-1.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-firmware-20161211git-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-generic-4.4.38-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-huge-4.4.38-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-modules-4.4.38-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/kernel-headers-4.4.38-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/k/kernel-source-4.4.38-noarch-1.txz MD5 signatures: +-------------+ Slackware 14.2 packages: 6546123d58d7747700d53b50254cd9ee kernel-firmware-20161211git-noarch-1.txz 6d4ac49bddfe538504d34714e0bc1848 kernel-generic-4.4.38-i586-1.txz ce4aa55e8c940c300df1ca47215a5df9 kernel-generic-smp-4.4.38_smp-i686-1.txz fdc3b1093f566c12733cf0fbdf50e897 kernel-headers-4.4.38_smp-x86-1.txz 9f6f48199f75edd4d2bcfcbb734cc85f kernel-huge-4.4.38-i586-1.txz 5ee68030a4e931150311d5a655d76597 kernel-huge-smp-4.4.38_smp-i686-1.txz 0c21ed8ae016e9b35324269527ce65e3 kernel-modules-4.4.38-i586-1.txz e0317d4704c6f3739e255779aca0d71d kernel-modules-smp-4.4.38_smp-i686-1.txz 3b819ecc1fbaeea79d91dab22d7cde30 kernel-source-4.4.38_smp-noarch-1.txz Slackware x86_64 14.2 packages: 6546123d58d7747700d53b50254cd9ee kernel-firmware-20161211git-noarch-1.txz 9e1f355c9f65488a44becf21f1b931c4 kernel-generic-4.4.38-x86_64-1.txz 519a1736b1801a1436aacb60dc708e5e kernel-headers-4.4.38-x86-1.txz 7a4652cae6fc2e705d023185b4a45b9e kernel-huge-4.4.38-x86_64-1.txz 0b70933f764e704a431da0b19d6f37e8 kernel-modules-4.4.38-x86_64-1.txz dc5807d1a834de180c8b2348b9152b7f kernel-source-4.4.38-noarch-1.txz Slackware -current packages: 6546123d58d7747700d53b50254cd9ee a/kernel-firmware-20161211git-noarch-1.txz bae8845ea023f5c1e851c1f503d59fa6 a/kernel-generic-4.4.38-i586-1.txz 89d57e431a53d1f64a3dca8bb394411d a/kernel-generic-smp-4.4.38_smp-i686-1.txz 157fe721649169ee32a845c57f09b243 a/kernel-huge-4.4.38-i586-1.txz a5865a56c564375a53fa1a67b0d18655 a/kernel-huge-smp-4.4.38_smp-i686-1.txz 78985fd9803ad187e3313a77a5d5f2ca a/kernel-modules-4.4.38-i586-1.txz 7f684811388dfd1fc0f07437ad0136b7 a/kernel-modules-smp-4.4.38_smp-i686-1.txz f927f4c156198939f4157b03a2c646eb d/kernel-headers-4.4.38_smp-x86-1.txz 1722ca0eb556fe87fad6ea020df8b32c k/kernel-source-4.4.38_smp-noarch-1.txz Slackware x86_64 -current packages: 6546123d58d7747700d53b50254cd9ee a/kernel-firmware-20161211git-noarch-1.txz 544940654f066dc357f3461cd01c3e50 a/kernel-generic-4.4.38-x86_64-1.txz 7a5e5636fa10d12757c965a45df62f48 a/kernel-huge-4.4.38-x86_64-1.txz b17dcbbd71e810883a51017102be2bbe a/kernel-modules-4.4.38-x86_64-1.txz 6a99f704b0a41ad060d84d94bc45d6b1 d/kernel-headers-4.4.38-x86-1.txz 6143c34a575b42851eeae8f889a98a06 k/kernel-source-4.4.38-noarch-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.38-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.38 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.38-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.38 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+
  4. news
    Our initial test of Radeon Chill, AMD's new dynamic frame-rate control feature in its Radeon Software Crimson ReLive Edition drivers, didn't quite work as expected. Once we got our hands on the release version of that software, however, the Radeons in our test rigs definitely felt the Chill. We retested the software using the popular Counter-Strike: Global Offensive to see what Chill can do for responsiveness, power usage, and noise levels. Read the update here: http://techreport.com/review/31077/radeon-software-crimson-relive-edition-an-overview/3 --- The Tech Report - PC Hardware Explored http://techreport.com -- To unsubscribe from: TR-News, just follow this link: http://node1.techreport.com/cgi-bin/dada/mail.cgi/u/trnews/reviewnews// Click this link, or copy and paste the address into your browser.
  5. news

    Shotwell 0.25.2

    news posted a topic in Upcoming News

    A new unstable release! Shotwell is available for download at https://download.gnome.org/sources/shotwell/0.25/ Or for Ubuntu 16.x at the UNSTABLE PPA: https://launchpad.net/~yg-jensge/+archive/ubuntu/shotwell-unstable Shotwell 0.25.2 - 12 Dec 2016  * Fix missing About action  * Fix setting of initial action state  * Fix missing initialzation of several states  * Fix sort order not working  * Fix a critical on startup  * Fix initial sort order  * Fix hiding of search toolbar  * Fix rating filter menu initially being disabled  * Use Gtk.Revealer for bottom toolbar  * Fix a copy and paste error in the publishing result  * Use Application menu  * Do not make errors in git version check cause false identifiaction of git     versions  * Fix debian scripts  * Fix filter actions not being active  * Fix initial search bar state not being persisted  * Remove deprecated Gtk.IconFactory  * Add missing keyboard shortcut for setting the background  * Move some dialogs to GtkTemplate, preparing for issues with valac master  * Fix context-sensitive label of background menu  * Fix context-sensitive label of Undo and Redo menu  * Fix context menu on import page Bugs fixed in this release:  - https://bugzilla.gnome.org/show_bug.cgi?id=719279  - https://bugzilla.gnome.org/show_bug.cgi?id=774901 All contributors to this release:  - Jens Georg  - Marina Prado  - Piotr Drąg  - Marek Cernocky  - Mario Blättermann  - gogo  - Gábor Kelemen  - Alan Mortensen Added/updated translations  - cs, courtesy of Marek Černocký  - da, courtesy of Alan Mortensen  - de, courtesy of Mario Blättermann  - es, courtesy of Daniel Mustieles  - hr, courtesy of gogo  - hu, courtesy of Gabor Kelemen  - pl, courtesy of Piotr Drąg _______________________________________________
  6. news
    SUSE Security Update: Security update for Linux Kernel Live Patch 3 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3098-1 Rating: important References: #1003253 #1012183 #1012759 Cross-References: CVE-2016-7117 CVE-2016-8655 CVE-2016-9555 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.53-60_30 fixes several issues. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1800=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_53-60_30-default-6-2.1 kgraft-patch-3_12_53-60_30-xen-6-2.1 References: https://www.suse.com/security/cve/CVE-2016-7117.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9555.html https://bugzilla.suse.com/1003253 https://bugzilla.suse.com/1012183 https://bugzilla.suse.com/1012759 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  7. news
    SUSE Security Update: Security update for Linux Kernel Live Patch 1 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3100-1 Rating: important References: #1003253 #1012183 #1012759 Cross-References: CVE-2016-7117 CVE-2016-8655 CVE-2016-9555 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.51-60_20 fixes several issues. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1798=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-60_20-default-8-2.1 kgraft-patch-3_12_51-60_20-xen-8-2.1 References: https://www.suse.com/security/cve/CVE-2016-7117.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9555.html https://bugzilla.suse.com/1003253 https://bugzilla.suse.com/1012183 https://bugzilla.suse.com/1012759 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  8. news
    openSUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3103-1 Rating: important References: #1000345 #1001151 #1002116 #1002550 #1002557 #1003878 #1003893 #1003894 #1004702 #1004707 #1006536 #1006538 #1007391 #1007450 #1007454 #1007493 #1007494 #1007495 #996524 #998516 #999661 Cross-References: CVE-2016-7161 CVE-2016-7170 CVE-2016-7421 CVE-2016-7466 CVE-2016-7908 CVE-2016-7909 CVE-2016-8576 CVE-2016-8577 CVE-2016-8578 CVE-2016-8667 CVE-2016-8669 CVE-2016-8909 CVE-2016-8910 CVE-2016-9101 CVE-2016-9102 CVE-2016-9103 CVE-2016-9104 CVE-2016-9105 CVE-2016-9106 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that solves 19 vulnerabilities and has two fixes is now available. Description: This update for qemu fixes the following issues: - Patch queue updated from https://gitlab.suse.de/virtualization/qemu.git SLE12-SP1 - Change package post script udevadm trigger calls to be device specific (bsc#1002116) - Address various security/stability issues * Fix OOB access in xlnx.xpx-ethernetlite emulation (CVE-2016-7161 bsc#1001151) * Fix OOB access in VMware SVGA emulation (CVE-2016-7170 bsc#998516) * Fix DOS in USB xHCI emulation (CVE-2016-7466 bsc#1000345) * Fix DOS in Vmware pv scsi interface (CVE-2016-7421 bsc#999661) * Fix DOS in ColdFire Fast Ethernet Controller emulation (CVE-2016-7908 bsc#1002550) * Fix DOS in USB xHCI emulation (CVE-2016-8576 bsc#1003878) * Fix DOS in virtio-9pfs (CVE-2016-8578 bsc#1003894) * Fix DOS in virtio-9pfs (CVE-2016-9105 bsc#1007494) * Fix DOS in virtio-9pfs (CVE-2016-8577 bsc#1003893) * Plug data leak in virtio-9pfs interface (CVE-2016-9103 bsc#1007454) * Fix DOS in virtio-9pfs interface (CVE-2016-9102 bsc#1007450) * Fix DOS in virtio-9pfs (CVE-2016-9106 bsc#1007495) * Fix DOS in 16550A UART emulation (CVE-2016-8669 bsc#1004707) * Fix DOS in PC-Net II emulation (CVE-2016-7909 bsc#1002557) * Fix DOS in PRO100 emulation (CVE-2016-9101 bsc#1007391) * Fix DOS in RTL8139 emulation (CVE-2016-8910 bsc#1006538) * Fix DOS in Intel HDA controller emulation (CVE-2016-8909 bsc#1006536) * Fix DOS in virtio-9pfs (CVE-2016-9104 bsc#1007493) * Fix DOS in JAZZ RC4030 emulation (CVE-2016-8667 bsc#1004702) - Fix case of disk corruption with migration due to improper internal state tracking (bsc#996524) This update was imported from the SUSE:SLE-12-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-1451=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i586 x86_64): qemu-2.3.1-22.1 qemu-arm-2.3.1-22.1 qemu-arm-debuginfo-2.3.1-22.1 qemu-block-curl-2.3.1-22.1 qemu-block-curl-debuginfo-2.3.1-22.1 qemu-debugsource-2.3.1-22.1 qemu-extra-2.3.1-22.1 qemu-extra-debuginfo-2.3.1-22.1 qemu-guest-agent-2.3.1-22.1 qemu-guest-agent-debuginfo-2.3.1-22.1 qemu-kvm-2.3.1-22.1 qemu-lang-2.3.1-22.1 qemu-linux-user-2.3.1-22.1 qemu-linux-user-debuginfo-2.3.1-22.1 qemu-linux-user-debugsource-2.3.1-22.1 qemu-ppc-2.3.1-22.1 qemu-ppc-debuginfo-2.3.1-22.1 qemu-s390-2.3.1-22.1 qemu-s390-debuginfo-2.3.1-22.1 qemu-tools-2.3.1-22.1 qemu-tools-debuginfo-2.3.1-22.1 qemu-x86-2.3.1-22.1 qemu-x86-debuginfo-2.3.1-22.1 - openSUSE Leap 42.1 (x86_64): qemu-block-rbd-2.3.1-22.1 qemu-block-rbd-debuginfo-2.3.1-22.1 qemu-testsuite-2.3.1-22.2 - openSUSE Leap 42.1 (noarch): qemu-ipxe-1.0.0-22.1 qemu-seabios-1.8.1-22.1 qemu-sgabios-8-22.1 qemu-vgabios-1.8.1-22.1 References: https://www.suse.com/security/cve/CVE-2016-7161.html https://www.suse.com/security/cve/CVE-2016-7170.html https://www.suse.com/security/cve/CVE-2016-7421.html https://www.suse.com/security/cve/CVE-2016-7466.html https://www.suse.com/security/cve/CVE-2016-7908.html https://www.suse.com/security/cve/CVE-2016-7909.html https://www.suse.com/security/cve/CVE-2016-8576.html https://www.suse.com/security/cve/CVE-2016-8577.html https://www.suse.com/security/cve/CVE-2016-8578.html https://www.suse.com/security/cve/CVE-2016-8667.html https://www.suse.com/security/cve/CVE-2016-8669.html https://www.suse.com/security/cve/CVE-2016-8909.html https://www.suse.com/security/cve/CVE-2016-8910.html https://www.suse.com/security/cve/CVE-2016-9101.html https://www.suse.com/security/cve/CVE-2016-9102.html https://www.suse.com/security/cve/CVE-2016-9103.html https://www.suse.com/security/cve/CVE-2016-9104.html https://www.suse.com/security/cve/CVE-2016-9105.html https://www.suse.com/security/cve/CVE-2016-9106.html https://bugzilla.suse.com/1000345 https://bugzilla.suse.com/1001151 https://bugzilla.suse.com/1002116 https://bugzilla.suse.com/1002550 https://bugzilla.suse.com/1002557 https://bugzilla.suse.com/1003878 https://bugzilla.suse.com/1003893 https://bugzilla.suse.com/1003894 https://bugzilla.suse.com/1004702 https://bugzilla.suse.com/1004707 https://bugzilla.suse.com/1006536 https://bugzilla.suse.com/1006538 https://bugzilla.suse.com/1007391 https://bugzilla.suse.com/1007450 https://bugzilla.suse.com/1007454 https://bugzilla.suse.com/1007493 https://bugzilla.suse.com/1007494 https://bugzilla.suse.com/1007495 https://bugzilla.suse.com/996524 https://bugzilla.suse.com/998516 https://bugzilla.suse.com/999661 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  9. news
    SUSE Security Update: Security update for Linux Kernel Live Patch 4 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3104-1 Rating: important References: #1003253 #1012183 #1012759 Cross-References: CVE-2016-7117 CVE-2016-8655 CVE-2016-9555 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.57-60_35 fixes several issues. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1801=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_57-60_35-default-5-2.1 kgraft-patch-3_12_57-60_35-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2016-7117.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9555.html https://bugzilla.suse.com/1003253 https://bugzilla.suse.com/1012183 https://bugzilla.suse.com/1012759 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  10. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: NVIDIA GeForce GTX 1080 PCI-Express Scaling Link: http://www.techpowerup.com/reviews/NVIDIA/GeForce_GTX_1080_PCI_Express_Scaling Brief: In this article, we investigate how performance of NVIDIA's GeForce GTX 1080 is affected when running on constrained PCI-Express bus widths such as x8 or x4. We also test all PCIe speed settings, 1.1, 2.0, and 3.0. One additional test checks how much performance is lost when using the chipset's PCIe x4 slot.
  11. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am pleased to announce the general availability of CentOS Linux 7 (1611) for 64 bit x86 compatible machines. Effectively immediately, this is the current release for CentOS Linux 7 and is tagged as 1611, derived from Red Hat Enterprise Linux 7.3 As always, read through the Release Notes at : http://wiki.centos.org/Manuals/ReleaseNotes/CentOS7 - these notes contain important information about the release and details about some of the content inside the release from the CentOS QA team. These notes are updated constantly to include issues and incorporate feedback from the users. - ---------- Updates, Sources, and DebugInfos Updates released since we froze the iso and install media content are posted in the updates repo along with the release. This will include content from late November 2016 and December 2016, therefore anyone running a new install is highly encouraged to run a 'yum update' operation immediate on install completion. You can apply all updates, including the content released today, on your existing CentOS Linux 7/x86_64 machine by just running 'yum update'. As with all CentOS Linux 7 components, this release was built from sources hosted at git.centos.org. In addition, SRPMs that are a byproduct of the build (and also considered critical in the code and buildsys process) are being published to match every binary RPM we release. Sources will be available from vault.centos.org in their own dedicated directories to match the corresponding binary RPMs. Since there is far less traffic to the CentOS source RPMs compared with the binary RPMs, we are not putting this content on the main mirror network. If users wish to mirror this content they can do so using the reposync command available in the yum-utils package. All CentOS source RPMs are signed with the same key used to sign their binary counterparts. Developers and end users looking at inspecting and contributing patches to the CentOS Linux distro will find the code hosted at git.centos.org far simpler to work against. Details on how to best consume those are documented along with a quick start at : http://wiki.centos.org/Sources Debuginfo packages are also being signed and pushed. Yum configs shipped in the new release file will have all the context required for debuginfo to be available on every CentOS Linux install. This release supersedes all previously released content for CentOS Linux 7, and therefore we highly encourage all users to upgrade their machines. Information on different upgrade strategies and how to handle stale content is included in the Release Notes. - ---------- Download In order to conserve donor bandwidth, and to make it possible to get the mirror content sync'd out as soon as possible, we recommend using torrents to get your initial installer images: Details on the images are available on the mirrors at http://mirror.centos.org/centos/7/isos/x86_64/0_README.txt - that file clearly highlights the difference in the images, and when one might be more suitable than the others. The sizes, sha256 sums and torrents for the ISO files: ========================================== * CentOS-7-x86_64-Minimal-1611.iso Size: 713031680 Torrent: http://mirror.centos.org/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-16 11.torrent Sha256Sum: 27bd866242ee058b7a5754e83d8ee8403e216b93d130d800852a96f41c34d86a * CentOS-7-x86_64-NetInstall-1611.iso Size: 395313152 Torrent: http://mirror.centos.org/centos/7/isos/x86_64/CentOS-7-x86_64-NetInstall - -1611.iso.torrent Sha256Sum: f2f7367deb90a25822947660c71638333ca0eceeabecc2d631be6cd508c24494 * CentOS-7-x86_64-DVD-1611.iso Size: 4379901952 Torrent: http://mirror.centos.org/centos/7/isos/x86_64/CentOS-7-x86_64-DVD-1611.i so.torrent Sha256Sum: c455ee948e872ad2194bdddd39045b83634e8613249182b88f549bb2319d97eb * CentOS-7-x86_64-Everything-1611.iso Size: 8280604672 Torrent: http://mirror.centos.org/centos/7/isos/x86_64/CentOS-7-x86_64-Everything - -1611.iso.torrent Sha256Sum: af4969ebbdc479d330de97c5bfbb37eedc64c369f009cb15a97f9553ba441c88 * CentOS-7-x86_64-LiveGNOME-1611.iso Size: 1245708288 Torrent: http://mirror.centos.org/centos/7/isos/x86_64/CentOS-7-x86_64-LiveGNOME- 1611.iso.torrent Sha256Sum: 8af6ad70c35c9b65e7ca88b38d18bed14598eb122169c1a22fc3f5b1c2de7d87 * CentOS-7-x86_64-LiveKDE-1611.iso Size: 1774190592 Torrent: http://mirror.centos.org/centos/7/isos/x86_64/CentOS-7-x86_64-LiveGNOME- 1611.iso.torrent Sha256Sum: b584dd3cf2e287756aa6f6ec0f287500470b7e588b605211981b3b9ad09abac9 The iso files are also available for direct download from http://mirror.centos.org/centos/7/isos/x86_64 - -------- Additional Images The Docker container, Vagrant images, Cloud images and Atomic Host images are being prepared and will be released in the next few days. Look for an announcement posted to the centos-announce list for more information on availability for these in the coming days. - ---------- Dojo We try and organise Dojos in various parts of the world as a one day event, to bring together people who use CentOS and others who are keen to learn about CentOS. The day's focus is on sharing technical knowledge and success stories. It's also a great place to meet and talk about upcoming technologies and learn how others are using them on CentOS Linux. Our next Dojo coming up is in Brussels, on the 3rd Feb 2017. Details are being posted at https://wiki.centos.org/Events/Dojo/Brussels2017 If you would like to help organise a Dojo in your area, do drop by the centos-promo list at http://lists.centos.org/mailman/listinfo/centos-pro mo - ---------- Getting Help The CentOS ecosystem is sustained by community driven help and guidance. The best place to start for new users is at http://wiki.centos.org/GettingHelp - ---------- Contributors This release was made possible due to the hard work of many people, foremost on that list are the Red Hat Engineers for producing a great distribution and the CentOS QA team, without them CentOS Linux would look very different. We are also looking for people to get involved with the QA process in CentOS, if you would like to join this please introduce yourself on the centos-devel list (http://lists.centos.org/mailman/listinfo/centos-devel ). - ---------- Thanks I would also like to thank our donors and sponsors for their continued support for the project. And to everyone who contributed with ideas, code, test feedback, and promoting CentOS Linux into the ecosystem. Enjoy! - -- Karanbir Singh, Project Lead, The CentOS Project +44-207-0999389 | http://www.centos.org/ | twitter.com/CentOS GnuPG Key : http://www.karan.org/publickey.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJYTuGdAAoJEI3Oi2Mx7xbtduAIAMnwYbHwCn9eF4Ia6zMqyJYq 9qXzGtu0hriv7JG+Y4QcKDedUuaFd0cSnhSW6yqK0W7y96YaGhVfGFQ6OCCb+0YI kXMOo1GcajJaMfNZ+y4Gi4hHa7vVn33xgMYA3mTHZdY/ynJzkfzNc6lJI5yVko1m ya5ASKIUYdfR92xqNq6QYz5H06e5nS4zDnfN9rASRQn5R3BxXfn/4/sR9I0woLpU KluNnQ7N7swZXscH+/g5IKOfORhUBVHx1Mcp9+QDC+OR2eMVfJ+WHJ8v7PHywRxI GBLnWchQhnCF8AB0UbwSYARr3DrFag7SaPH7k+/78vErNOS+E3etHL96LRr0gWo= =NZVk -----END PGP SIGNATURE----- _______________________________________________
  12. news
    SUSE Security Update: Security update for Linux Kernel Live Patch 2 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3093-1 Rating: important References: #1003253 #1012183 #1012759 Cross-References: CVE-2016-7117 CVE-2016-8655 CVE-2016-9555 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.51-60_25 fixes several issues. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1799=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-60_25-default-7-2.1 kgraft-patch-3_12_51-60_25-xen-7-2.1 References: https://www.suse.com/security/cve/CVE-2016-7117.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9555.html https://bugzilla.suse.com/1003253 https://bugzilla.suse.com/1012183 https://bugzilla.suse.com/1012759 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  13. news
    SUSE Security Update: Security update for Linux Kernel Live Patch 0 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3094-1 Rating: important References: #1003253 #1012183 #1012759 Cross-References: CVE-2016-7117 CVE-2016-8655 CVE-2016-9555 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.49-11 fixes several issues. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003253). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1797=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_49-11-default-8-23.2 kgraft-patch-3_12_49-11-xen-8-23.2 References: https://www.suse.com/security/cve/CVE-2016-7117.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9555.html https://bugzilla.suse.com/1003253 https://bugzilla.suse.com/1012183 https://bugzilla.suse.com/1012759 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  14. news
    SUSE Security Update: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3096-1 Rating: important References: #1012183 #1012759 Cross-References: CVE-2016-8655 CVE-2016-9555 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.59-60_45 fixes several issues. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012759). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bsc#1012183). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1802=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_59-60_45-default-5-2.1 kgraft-patch-3_12_59-60_45-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9555.html https://bugzilla.suse.com/1012183 https://bugzilla.suse.com/1012759 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  15. news
    View this email in your browser (http://us3.campaign-archive2.com/?u=efc4c507c2cf964fc2462caca&id=2cbe13539c&e=0c004f9c13) AMD is announcing a new series of Radeon-branded products today, targeted at machine intelligence and deep learning enterprise applications, called Radeon Instinct. As its name suggests, the new Radeon Instinct line of products are comprised of GPU-based solutions for deep learning, inference, and training. The new GPUs are also complemented by a free, open-source library and framework for GPU accelerators, dubbed MIOpen. MIOpen is architected for high-performance machine intelligence applications, and is optimized for the deep learning frameworks in AMD’s ROCm software suite... AMD Introduces Radeon Instinct Machine Intelligence And Deep Learning Accelerators (http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=18edf2cb38&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=43df28ebce&e=0c004f9c13 http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=89b523eb08&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=d1d1ca3c30&e=0c004f9c13) http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=2dae5476dd&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=2f3b8a4ce1&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=dda08d99c0&e=0c004f9c13 ============================================================
  16. news
    You only have two weeks to get all your holiday shopping done if you have a Christmas deadline. At this point in the holiday shopping season your bank account might be getting low, so we came up with ten gift ideas aimed at PC gamers that cost under $25! Hopefully our list of worthy and affordable buys will help you find the perfect gift for friends, family and co-workers.... Article Title: Under $25 Holiday Gift Guide For PC Gamers ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/under-25-holiday-gift-guide-for-pc-gamers_188868 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =
  17. news
    openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3085-1 Rating: important References: #1003606 #1006827 #1008557 #1011913 #1013001 #1013604 #1014120 #981825 Cross-References: CVE-2016-9576 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves one vulnerability and has 7 fixes is now available. Description: The openSUSE 14.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604). The following non-security bugs were fixed: - 8250_pci: Fix potential use-after-free in error path (bsc#1013001). - block_dev: do not test bdev->bd_contains when it is not stable (bsc#1008557). - drm/i915/vlv: Disable HPD in valleyview_crt_detect_hotplug() (bsc#1014120). - drm/i915/vlv: Make intel_crt_reset() per-encoder (bsc#1014120). - drm/i915/vlv: Reset the ADPA in vlv_display_power_well_init() (bsc#1014120). - drm/i915: Enable polling when we do not have hpd (bsc#1014120). - i2c: designware-baytrail: Add support for cherrytrail (bsc#1011913). - i2c: designware-baytrail: Pass dw_i2c_dev into helper functions (bsc#1011913). - i2c: designware: Prevent runtime suspend during adapter registration (bsc#1011913). - i2c: designware: Use transfer timeout from ioctl I2C_TIMEOUT (bsc#1011913). - i2c: designware: retry transfer on transient failure (bsc#1011913). - powerpc/xmon: Add xmon command to dump process/task similar to ps(1) (fate#322020). - sched/fair: Fix incorrect task group ->load_avg (bsc#981825). - serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013001). - target: fix tcm_rbd_gen_it_nexus for emulated XCOPY state (bsc#1003606). - x86/PCI: VMD: Synchronize with RCU freeing MSI IRQ descs (bsc#1006827). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2016-1438=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (x86_64): kernel-debug-4.4.36-8.1 kernel-debug-base-4.4.36-8.1 kernel-debug-base-debuginfo-4.4.36-8.1 kernel-debug-debuginfo-4.4.36-8.1 kernel-debug-debugsource-4.4.36-8.1 kernel-debug-devel-4.4.36-8.1 kernel-debug-devel-debuginfo-4.4.36-8.1 kernel-default-4.4.36-8.1 kernel-default-base-4.4.36-8.1 kernel-default-base-debuginfo-4.4.36-8.1 kernel-default-debuginfo-4.4.36-8.1 kernel-default-debugsource-4.4.36-8.1 kernel-default-devel-4.4.36-8.1 kernel-obs-build-4.4.36-8.1 kernel-obs-build-debugsource-4.4.36-8.1 kernel-obs-qa-4.4.36-8.1 kernel-syms-4.4.36-8.1 kernel-vanilla-4.4.36-8.1 kernel-vanilla-base-4.4.36-8.1 kernel-vanilla-base-debuginfo-4.4.36-8.1 kernel-vanilla-debuginfo-4.4.36-8.1 kernel-vanilla-debugsource-4.4.36-8.1 kernel-vanilla-devel-4.4.36-8.1 - openSUSE Leap 42.2 (noarch): kernel-devel-4.4.36-8.1 kernel-docs-4.4.36-8.2 kernel-docs-html-4.4.36-8.2 kernel-docs-pdf-4.4.36-8.2 kernel-macros-4.4.36-8.1 kernel-source-4.4.36-8.1 kernel-source-vanilla-4.4.36-8.1 References: https://www.suse.com/security/cve/CVE-2016-9576.html https://bugzilla.suse.com/1003606 https://bugzilla.suse.com/1006827 https://bugzilla.suse.com/1008557 https://bugzilla.suse.com/1011913 https://bugzilla.suse.com/1013001 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014120 https://bugzilla.suse.com/981825 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  18. news
    openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3085-1 Rating: important References: #1003606 #1006827 #1008557 #1011913 #1013001 #1013604 #1014120 #981825 Cross-References: CVE-2016-9576 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves one vulnerability and has 7 fixes is now available. Description: The openSUSE 14.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604). The following non-security bugs were fixed: - 8250_pci: Fix potential use-after-free in error path (bsc#1013001). - block_dev: do not test bdev->bd_contains when it is not stable (bsc#1008557). - drm/i915/vlv: Disable HPD in valleyview_crt_detect_hotplug() (bsc#1014120). - drm/i915/vlv: Make intel_crt_reset() per-encoder (bsc#1014120). - drm/i915/vlv: Reset the ADPA in vlv_display_power_well_init() (bsc#1014120). - drm/i915: Enable polling when we do not have hpd (bsc#1014120). - i2c: designware-baytrail: Add support for cherrytrail (bsc#1011913). - i2c: designware-baytrail: Pass dw_i2c_dev into helper functions (bsc#1011913). - i2c: designware: Prevent runtime suspend during adapter registration (bsc#1011913). - i2c: designware: Use transfer timeout from ioctl I2C_TIMEOUT (bsc#1011913). - i2c: designware: retry transfer on transient failure (bsc#1011913). - powerpc/xmon: Add xmon command to dump process/task similar to ps(1) (fate#322020). - sched/fair: Fix incorrect task group ->load_avg (bsc#981825). - serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013001). - target: fix tcm_rbd_gen_it_nexus for emulated XCOPY state (bsc#1003606). - x86/PCI: VMD: Synchronize with RCU freeing MSI IRQ descs (bsc#1006827). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2016-1438=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (x86_64): kernel-debug-4.4.36-8.1 kernel-debug-base-4.4.36-8.1 kernel-debug-base-debuginfo-4.4.36-8.1 kernel-debug-debuginfo-4.4.36-8.1 kernel-debug-debugsource-4.4.36-8.1 kernel-debug-devel-4.4.36-8.1 kernel-debug-devel-debuginfo-4.4.36-8.1 kernel-default-4.4.36-8.1 kernel-default-base-4.4.36-8.1 kernel-default-base-debuginfo-4.4.36-8.1 kernel-default-debuginfo-4.4.36-8.1 kernel-default-debugsource-4.4.36-8.1 kernel-default-devel-4.4.36-8.1 kernel-obs-build-4.4.36-8.1 kernel-obs-build-debugsource-4.4.36-8.1 kernel-obs-qa-4.4.36-8.1 kernel-syms-4.4.36-8.1 kernel-vanilla-4.4.36-8.1 kernel-vanilla-base-4.4.36-8.1 kernel-vanilla-base-debuginfo-4.4.36-8.1 kernel-vanilla-debuginfo-4.4.36-8.1 kernel-vanilla-debugsource-4.4.36-8.1 kernel-vanilla-devel-4.4.36-8.1 - openSUSE Leap 42.2 (noarch): kernel-devel-4.4.36-8.1 kernel-docs-4.4.36-8.2 kernel-docs-html-4.4.36-8.2 kernel-docs-pdf-4.4.36-8.2 kernel-macros-4.4.36-8.1 kernel-source-4.4.36-8.1 kernel-source-vanilla-4.4.36-8.1 References: https://www.suse.com/security/cve/CVE-2016-9576.html https://bugzilla.suse.com/1003606 https://bugzilla.suse.com/1006827 https://bugzilla.suse.com/1008557 https://bugzilla.suse.com/1011913 https://bugzilla.suse.com/1013001 https://bugzilla.suse.com/1013604 https://bugzilla.suse.com/1014120 https://bugzilla.suse.com/981825 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  19. news
    openSUSE Security Update: Security update for the openSUSE Leap 42.1 kernel. ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3086-1 Rating: important References: #1013604 Cross-References: CVE-2016-9576 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: The openSUSE Leap 42.1 kernel has been updated to fix a security issue: - CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-1439=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i686 x86_64): kernel-debug-4.1.36-41.1 kernel-debug-base-4.1.36-41.1 kernel-debug-base-debuginfo-4.1.36-41.1 kernel-debug-debuginfo-4.1.36-41.1 kernel-debug-debugsource-4.1.36-41.1 kernel-debug-devel-4.1.36-41.1 kernel-debug-devel-debuginfo-4.1.36-41.1 kernel-ec2-4.1.36-41.1 kernel-ec2-base-4.1.36-41.1 kernel-ec2-base-debuginfo-4.1.36-41.1 kernel-ec2-debuginfo-4.1.36-41.1 kernel-ec2-debugsource-4.1.36-41.1 kernel-ec2-devel-4.1.36-41.1 kernel-pv-4.1.36-41.1 kernel-pv-base-4.1.36-41.1 kernel-pv-base-debuginfo-4.1.36-41.1 kernel-pv-debuginfo-4.1.36-41.1 kernel-pv-debugsource-4.1.36-41.1 kernel-pv-devel-4.1.36-41.1 kernel-vanilla-4.1.36-41.1 kernel-vanilla-debuginfo-4.1.36-41.1 kernel-vanilla-debugsource-4.1.36-41.1 kernel-vanilla-devel-4.1.36-41.1 kernel-xen-4.1.36-41.1 kernel-xen-base-4.1.36-41.1 kernel-xen-base-debuginfo-4.1.36-41.1 kernel-xen-debuginfo-4.1.36-41.1 kernel-xen-debugsource-4.1.36-41.1 kernel-xen-devel-4.1.36-41.1 - openSUSE Leap 42.1 (i586 x86_64): kernel-default-4.1.36-41.1 kernel-default-base-4.1.36-41.1 kernel-default-base-debuginfo-4.1.36-41.1 kernel-default-debuginfo-4.1.36-41.1 kernel-default-debugsource-4.1.36-41.1 kernel-default-devel-4.1.36-41.1 kernel-obs-build-4.1.36-41.1 kernel-obs-build-debugsource-4.1.36-41.1 kernel-obs-qa-4.1.36-41.1 kernel-syms-4.1.36-41.1 - openSUSE Leap 42.1 (noarch): kernel-devel-4.1.36-41.1 kernel-docs-4.1.36-41.2 kernel-docs-html-4.1.36-41.2 kernel-docs-pdf-4.1.36-41.2 kernel-macros-4.1.36-41.1 kernel-source-4.1.36-41.1 kernel-source-vanilla-4.1.36-41.1 - openSUSE Leap 42.1 (i686): kernel-pae-4.1.36-41.1 kernel-pae-base-4.1.36-41.1 kernel-pae-base-debuginfo-4.1.36-41.1 kernel-pae-debuginfo-4.1.36-41.1 kernel-pae-debugsource-4.1.36-41.1 kernel-pae-devel-4.1.36-41.1 References: https://www.suse.com/security/cve/CVE-2016-9576.html https://bugzilla.suse.com/1013604 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  20. news
    Bigbruin.com has published new content which might be of interest to your readers. A post on your site regarding this announcement would be greatly appreciated. *Title: *NuBryte Touchpoint Smart Home Solution *Link: *http://bigbruin.com/content/nubryte_1 *Image (250x250): *http://bigbruin.com/images/articles/934/promo_3.jpg *Quote:* NuBryte may not be a household name to many, but they are one of the many players in the home automation market that would love to see their product end up in your household. The NuBryte Touchpoint is a wall mounted touchscreen device that installs in place of a typical one or two gang light switch. Once installed, it will provide lighting control, basic home security, and house management features at your finger tips in the convenient location of your choosing. Best regards, Jason www.bigbruin.com -- If you have tech news of your own, please send it to:
  21. news
    NZXT S340 Elite Case Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/nzxt-s340-elite-case-review/ Image URL: http://www.thinkcomputers.org/reviews/nzxt_s340_elite/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/nzxt_s340_elite/small.jpg Quote: "One of the best parts of PC building is the seemingly limitless number of choices available when it comes to hardware.  But sometimes this can be a bad thing and you are simply overwhelmed with options and choosing what part is best for you can be tough.  Take cases for instance, there is literally a sea of computer chassis’ on the market and picking which one suits your needs and desires can be a daunting task.  Luckily we here at ThinkComputers have your back and today we are taking a look at NZXT’s latest mid tower chassis, the S340 Elite.  This mid tower comes equipped with a full Tempered Glass side panel and several features that should make it very friendly to VR.  Follow along as we find out if the S340 Elite stands out of the crowd or if it should be thrown back with the other fish."
  22. news
    Thus far, Nvidia has enjoyed a dominant position in the burgeoning world of machine learning with its Tesla accelerators and CUDA-powered software platforms. AMD thinks it can fight back with its open-source ROCm HPC platform, the MIOpen software libraries, and Radeon Instinct accelerators. We examine how these new pieces of AMD's machine-learning puzzle fit together. Read more: http://techreport.com/review/31093/amd-opens-up-machine-learning-with-radeon-instinct --- The Tech Report - PC Hardware Explored http://techreport.com -- To unsubscribe from: TR-News, just follow this link: http://node1.techreport.com/cgi-bin/dada/mail.cgi/u/trnews/reviewnews// Click this link, or copy and paste the address into your browser.
  23. news
    SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3083-1 Rating: important References: #1000106 #1003030 #1003032 #1003870 #1004016 #1005004 #1005005 #1007157 #1007160 #1009100 #1009103 #1009104 #1009107 #1009108 #1009109 #1009111 #1011652 Cross-References: CVE-2016-7777 CVE-2016-7908 CVE-2016-7909 CVE-2016-7995 CVE-2016-8576 CVE-2016-8667 CVE-2016-8669 CVE-2016-8909 CVE-2016-8910 CVE-2016-9377 CVE-2016-9378 CVE-2016-9379 CVE-2016-9380 CVE-2016-9381 CVE-2016-9382 CVE-2016-9383 CVE-2016-9385 CVE-2016-9386 CVE-2016-9637 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 19 vulnerabilities is now available. Description: This update for xen to version 4.5.5 fixes several issues. These security issues were fixed: - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host (bsc#1011652) - CVE-2016-9386: x86 null segments were not always treated as unusable allowing an unprivileged guest user program to elevate its privilege to that of the guest operating system. Exploit of this vulnerability is easy on Intel and more complicated on AMD (bsc#1009100) - CVE-2016-9382: x86 task switch to VM86 mode was mis-handled, allowing a unprivileged guest process to escalate its privilege to that of the guest operating system on AMD hardware. On Intel hardware a malicious unprivileged guest process can crash the guest (bsc#1009103) - CVE-2016-9385: x86 segment base write emulation lacked canonical address checks, allowing a malicious guest administrator to crash the host (bsc#1009104) - CVE-2016-9383: The x86 64-bit bit test instruction emulation was broken, allowing a guest to modify arbitrary memory leading to arbitray code execution (bsc#1009107) - CVE-2016-9378: x86 software interrupt injection was mis-handled, allowing an unprivileged guest user to crash the guest (bsc#1009108) - CVE-2016-9377: x86 software interrupt injection was mis-handled, allowing an unprivileged guest user to crash the guest (bsc#1009108) - CVE-2016-9381: Improper processing of shared rings allowing guest administrators take over the qemu process, elevating their privilege to that of the qemu process (bsc#1009109) - CVE-2016-9380: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111) - CVE-2016-9379: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111) - CVE-2016-7777: Xen did not properly honor CR0.TS and CR0.EM, which allowed local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it (bsc#1000106) - CVE-2016-8910: The rtl8139_cplus_transmit function in hw/net/rtl8139.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count (bsc#1007157) - CVE-2016-8909: The intel_hda_xfer function in hw/audio/intel-hda.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via an entry with the same value for buffer length and pointer position (bsc#1007160). - CVE-2016-8667: The rc4030_write function in hw/dma/rc4030.c in allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value (bsc#1005004) - CVE-2016-8669: The serial_update_parameters function in hw/char/serial.c allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base (bsc#1005005) - CVE-2016-7995: A memory leak in ehci_process_itd allowed a privileged user inside guest to DoS the host (bsc#1003870). - CVE-2016-8576: The xhci_ring_fetch function in hw/usb/hcd-xhci.c allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by leveraging failure to limit the number of link Transfer Request Blocks (TRB) to process (bsc#1004016). - CVE-2016-7908: The mcf_fec_do_tx function in hw/net/mcf_fec.c did not properly limit the buffer descriptor count when transmitting packets, which allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags (bsc#1003030) - CVE-2016-7909: The pcnet_rdra_addr function in hw/net/pcnet.c allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0 (bsc#1003032) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1795=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1795=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1795=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (x86_64): xen-debugsource-4.5.5_02-22.3.1 xen-devel-4.5.5_02-22.3.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): xen-4.5.5_02-22.3.1 xen-debugsource-4.5.5_02-22.3.1 xen-doc-html-4.5.5_02-22.3.1 xen-kmp-default-4.5.5_02_k3.12.67_60.64.18-22.3.1 xen-kmp-default-debuginfo-4.5.5_02_k3.12.67_60.64.18-22.3.1 xen-libs-32bit-4.5.5_02-22.3.1 xen-libs-4.5.5_02-22.3.1 xen-libs-debuginfo-32bit-4.5.5_02-22.3.1 xen-libs-debuginfo-4.5.5_02-22.3.1 xen-tools-4.5.5_02-22.3.1 xen-tools-debuginfo-4.5.5_02-22.3.1 xen-tools-domU-4.5.5_02-22.3.1 xen-tools-domU-debuginfo-4.5.5_02-22.3.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): xen-4.5.5_02-22.3.1 xen-debugsource-4.5.5_02-22.3.1 xen-kmp-default-4.5.5_02_k3.12.67_60.64.18-22.3.1 xen-kmp-default-debuginfo-4.5.5_02_k3.12.67_60.64.18-22.3.1 xen-libs-32bit-4.5.5_02-22.3.1 xen-libs-4.5.5_02-22.3.1 xen-libs-debuginfo-32bit-4.5.5_02-22.3.1 xen-libs-debuginfo-4.5.5_02-22.3.1 References: https://www.suse.com/security/cve/CVE-2016-7777.html https://www.suse.com/security/cve/CVE-2016-7908.html https://www.suse.com/security/cve/CVE-2016-7909.html https://www.suse.com/security/cve/CVE-2016-7995.html https://www.suse.com/security/cve/CVE-2016-8576.html https://www.suse.com/security/cve/CVE-2016-8667.html https://www.suse.com/security/cve/CVE-2016-8669.html https://www.suse.com/security/cve/CVE-2016-8909.html https://www.suse.com/security/cve/CVE-2016-8910.html https://www.suse.com/security/cve/CVE-2016-9377.html https://www.suse.com/security/cve/CVE-2016-9378.html https://www.suse.com/security/cve/CVE-2016-9379.html https://www.suse.com/security/cve/CVE-2016-9380.html https://www.suse.com/security/cve/CVE-2016-9381.html https://www.suse.com/security/cve/CVE-2016-9382.html https://www.suse.com/security/cve/CVE-2016-9383.html https://www.suse.com/security/cve/CVE-2016-9385.html https://www.suse.com/security/cve/CVE-2016-9386.html https://www.suse.com/security/cve/CVE-2016-9637.html https://bugzilla.suse.com/1000106 https://bugzilla.suse.com/1003030 https://bugzilla.suse.com/1003032 https://bugzilla.suse.com/1003870 https://bugzilla.suse.com/1004016 https://bugzilla.suse.com/1005004 https://bugzilla.suse.com/1005005 https://bugzilla.suse.com/1007157 https://bugzilla.suse.com/1007160 https://bugzilla.suse.com/1009100 https://bugzilla.suse.com/1009103 https://bugzilla.suse.com/1009104 https://bugzilla.suse.com/1009107 https://bugzilla.suse.com/1009108 https://bugzilla.suse.com/1009109 https://bugzilla.suse.com/1009111 https://bugzilla.suse.com/1011652 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  24. news
    Aerocool Project 7 C1 Case Review ------------------------------------------------------------ http://us2.campaign-archive1.com/?u=bfb2b902b5fb045ad6f841f98&id=c0d9840cfc&e=872093acb5 http://www.kitguru.net Aerocool Project 7 C1 Case Review Aerocool Project 7 C1 is a mid-tower case with a windowed side panel, integrated lighting in the front panel and a PWM hub behind the motherboard tray. These are all useful features however none of them is unique so the simple fact is that Aerocool faces a stiff battle in this review as it is pitching itself against a bunch of other case manufacturers such as BitFenix and Phanteks. Read and watch the review here: http://www.kitguru.net/components/cases/leo-waldock/aerocool-project-7-c1-case-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=c0d9840cfc&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  25. news
    ** TECHSPOT ------------------------------------------------------------ ** A Primer on Staying Secure and Anonymous on the Dark Web ------------------------------------------------------------ ** http://www.techspot.com/guides/1292-web-security-anonymizer-primer/ ------------------------------------------------------------ Privacy advocates who plan to continue using encryption and anonymization software ought to double-down on their security. Here's a brief overview of tips and services for keeping yourself safe while surfing the web. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA
×