news

View this email in your browser (http://us3.campaign-archive1.com/?u=efc4c507c2cf964fc2462caca&id=a7cdc28f36&e=0c004f9c13) Overclockers and frequent PC builders alike can appreciate the advantages of having an open air case for testing. These make component swapping a breeze for comparisons and provide a flexible platform for checking a build before installing it inside a tight case. Streacom BC1’s primary goal is portability. Every piece of it connects and stows away securely inside the frame - screws, legs, risers, everything. And, as its name implies, the BC1’s design is actually open-source which affords several key advantages... Streacom BC1 Open Benchtable Review: Open-Source Open-Air PC Building Done Right (http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=64da68a488&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=7bd5c0d551&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=a27b17b473&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=6348669244&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=39266e7df2&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=ddfac0a20e&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=50c04b2c8a&e=0c004f9c13 ============================================================

View this email in your browser (http://us3.campaign-archive1.com/?u=efc4c507c2cf964fc2462caca&id=a7cdc28f36&e=0c004f9c13) Overclockers and frequent PC builders alike can appreciate the advantages of having an open air case for testing. These make component swapping a breeze for comparisons and provide a flexible platform for checking a build before installing it inside a tight case. Streacom BC1’s primary goal is portability. Every piece of it connects and stows away securely inside the frame - screws, legs, risers, everything. And, as its name implies, the BC1’s design is actually open-source which affords several key advantages... Streacom BC1 Open Benchtable Review: Open-Source Open-Air PC Building Done Right (http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=64da68a488&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=7bd5c0d551&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=a27b17b473&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=6348669244&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=39266e7df2&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=ddfac0a20e&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=50c04b2c8a&e=0c004f9c13 ============================================================

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3061-1 Rating: important References: #1001486 #1004517 #1007615 #1008833 #1010040 #1010150 #1010467 #1010475 #1010478 #1010501 #1010502 #1010711 #1010716 #1011685 #1012754 #934067 #990384 #993739 #999577 #999907 Cross-References: CVE-2015-8962 CVE-2015-8963 CVE-2016-7042 CVE-2016-7910 CVE-2016-7911 CVE-2016-7913 CVE-2016-7914 CVE-2016-7916 CVE-2016-8633 CVE-2016-8646 CVE-2016-8655 CVE-2016-9555 Affected Products: openSUSE 13.2 ______________________________________________________________________________ An update that solves 12 vulnerabilities and has 8 fixes is now available. Description: The openSUSE 13.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501). - CVE-2015-8963: Race condition in kernel/events/core.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation (bnc#1010502). - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517). - CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716). - CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711). - CVE-2016-7913: The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure (bnc#1010478). - CVE-2016-7914: The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel did not check whether a slot is a leaf, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite (bnc#1010475). - CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete (bnc#1010467). - CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833). - CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150). - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012754). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). The following non-security bugs were fixed: - bna: Add synchronization for tx ring (bsc#993739). - bonding: set carrier off for devices created through netlink (bsc#999577). - btrfs: fix extent tree corruption due to relocation (bsc#990384). - introduce NETIF_F_GSO_ENCAP_ALL helper mask (bsc#1001486). - ipv6: send NEWLINK on RA managed/otherconf changes (bsc#934067). - ipv6: send only one NEWLINK when RA causes changes (bsc#934067). - tunnels: Remove encapsulation offloads on decap (bsc#1001486). - usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615). - vmxnet3: Wake queue from reset work (bsc#999907). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2016-1431=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i686 x86_64): kernel-debug-3.16.7-53.1 kernel-debug-base-3.16.7-53.1 kernel-debug-base-debuginfo-3.16.7-53.1 kernel-debug-debuginfo-3.16.7-53.1 kernel-debug-debugsource-3.16.7-53.1 kernel-debug-devel-3.16.7-53.1 kernel-debug-devel-debuginfo-3.16.7-53.1 kernel-desktop-3.16.7-53.1 kernel-desktop-base-3.16.7-53.1 kernel-desktop-base-debuginfo-3.16.7-53.1 kernel-desktop-debuginfo-3.16.7-53.1 kernel-desktop-debugsource-3.16.7-53.1 kernel-desktop-devel-3.16.7-53.1 kernel-ec2-base-debuginfo-3.16.7-53.1 kernel-ec2-debuginfo-3.16.7-53.1 kernel-ec2-debugsource-3.16.7-53.1 kernel-vanilla-3.16.7-53.1 kernel-vanilla-debuginfo-3.16.7-53.1 kernel-vanilla-debugsource-3.16.7-53.1 kernel-vanilla-devel-3.16.7-53.1 kernel-xen-3.16.7-53.1 kernel-xen-base-3.16.7-53.1 kernel-xen-base-debuginfo-3.16.7-53.1 kernel-xen-debuginfo-3.16.7-53.1 kernel-xen-debugsource-3.16.7-53.1 kernel-xen-devel-3.16.7-53.1 - openSUSE 13.2 (i586 x86_64): bbswitch-0.8-3.26.1 bbswitch-debugsource-0.8-3.26.1 bbswitch-kmp-default-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-default-debuginfo-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-desktop-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-xen-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_53-3.26.1 cloop-2.639-14.26.1 cloop-debuginfo-2.639-14.26.1 cloop-debugsource-2.639-14.26.1 cloop-kmp-default-2.639_k3.16.7_53-14.26.1 cloop-kmp-default-debuginfo-2.639_k3.16.7_53-14.26.1 cloop-kmp-desktop-2.639_k3.16.7_53-14.26.1 cloop-kmp-desktop-debuginfo-2.639_k3.16.7_53-14.26.1 cloop-kmp-xen-2.639_k3.16.7_53-14.26.1 cloop-kmp-xen-debuginfo-2.639_k3.16.7_53-14.26.1 crash-7.0.8-26.1 crash-debuginfo-7.0.8-26.1 crash-debugsource-7.0.8-26.1 crash-devel-7.0.8-26.1 crash-doc-7.0.8-26.1 crash-eppic-7.0.8-26.1 crash-eppic-debuginfo-7.0.8-26.1 crash-gcore-7.0.8-26.1 crash-gcore-debuginfo-7.0.8-26.1 crash-kmp-default-7.0.8_k3.16.7_53-26.1 crash-kmp-default-debuginfo-7.0.8_k3.16.7_53-26.1 crash-kmp-desktop-7.0.8_k3.16.7_53-26.1 crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_53-26.1 crash-kmp-xen-7.0.8_k3.16.7_53-26.1 crash-kmp-xen-debuginfo-7.0.8_k3.16.7_53-26.1 hdjmod-debugsource-1.28-18.27.1 hdjmod-kmp-default-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-default-debuginfo-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-desktop-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-xen-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_53-18.27.1 ipset-6.23-26.1 ipset-debuginfo-6.23-26.1 ipset-debugsource-6.23-26.1 ipset-devel-6.23-26.1 ipset-kmp-default-6.23_k3.16.7_53-26.1 ipset-kmp-default-debuginfo-6.23_k3.16.7_53-26.1 ipset-kmp-desktop-6.23_k3.16.7_53-26.1 ipset-kmp-desktop-debuginfo-6.23_k3.16.7_53-26.1 ipset-kmp-xen-6.23_k3.16.7_53-26.1 ipset-kmp-xen-debuginfo-6.23_k3.16.7_53-26.1 kernel-default-3.16.7-53.1 kernel-default-base-3.16.7-53.1 kernel-default-base-debuginfo-3.16.7-53.1 kernel-default-debuginfo-3.16.7-53.1 kernel-default-debugsource-3.16.7-53.1 kernel-default-devel-3.16.7-53.1 kernel-ec2-3.16.7-53.1 kernel-ec2-base-3.16.7-53.1 kernel-ec2-devel-3.16.7-53.1 kernel-obs-build-3.16.7-53.2 kernel-obs-build-debugsource-3.16.7-53.2 kernel-obs-qa-3.16.7-53.1 kernel-syms-3.16.7-53.1 libipset3-6.23-26.1 libipset3-debuginfo-6.23-26.1 pcfclock-0.44-260.26.1 pcfclock-debuginfo-0.44-260.26.1 pcfclock-debugsource-0.44-260.26.1 pcfclock-kmp-default-0.44_k3.16.7_53-260.26.1 pcfclock-kmp-default-debuginfo-0.44_k3.16.7_53-260.26.1 pcfclock-kmp-desktop-0.44_k3.16.7_53-260.26.1 pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_53-260.26.1 python-virtualbox-5.0.30-62.1 python-virtualbox-debuginfo-5.0.30-62.1 vhba-kmp-debugsource-20140629-2.26.1 vhba-kmp-default-20140629_k3.16.7_53-2.26.1 vhba-kmp-default-debuginfo-20140629_k3.16.7_53-2.26.1 vhba-kmp-desktop-20140629_k3.16.7_53-2.26.1 vhba-kmp-desktop-debuginfo-20140629_k3.16.7_53-2.26.1 vhba-kmp-xen-20140629_k3.16.7_53-2.26.1 vhba-kmp-xen-debuginfo-20140629_k3.16.7_53-2.26.1 virtualbox-5.0.30-62.1 virtualbox-debuginfo-5.0.30-62.1 virtualbox-debugsource-5.0.30-62.1 virtualbox-devel-5.0.30-62.1 virtualbox-guest-kmp-default-5.0.30_k3.16.7_53-62.1 virtualbox-guest-kmp-default-debuginfo-5.0.30_k3.16.7_53-62.1 virtualbox-guest-kmp-desktop-5.0.30_k3.16.7_53-62.1 virtualbox-guest-kmp-desktop-debuginfo-5.0.30_k3.16.7_53-62.1 virtualbox-guest-tools-5.0.30-62.1 virtualbox-guest-tools-debuginfo-5.0.30-62.1 virtualbox-guest-x11-5.0.30-62.1 virtualbox-guest-x11-debuginfo-5.0.30-62.1 virtualbox-host-kmp-default-5.0.30_k3.16.7_53-62.1 virtualbox-host-kmp-default-debuginfo-5.0.30_k3.16.7_53-62.1 virtualbox-host-kmp-desktop-5.0.30_k3.16.7_53-62.1 virtualbox-host-kmp-desktop-debuginfo-5.0.30_k3.16.7_53-62.1 virtualbox-qt-5.0.30-62.1 virtualbox-qt-debuginfo-5.0.30-62.1 virtualbox-websrv-5.0.30-62.1 virtualbox-websrv-debuginfo-5.0.30-62.1 xen-debugsource-4.4.4_05-55.1 xen-devel-4.4.4_05-55.1 xen-libs-4.4.4_05-55.1 xen-libs-debuginfo-4.4.4_05-55.1 xen-tools-domU-4.4.4_05-55.1 xen-tools-domU-debuginfo-4.4.4_05-55.1 xtables-addons-2.6-28.1 xtables-addons-debuginfo-2.6-28.1 xtables-addons-debugsource-2.6-28.1 xtables-addons-kmp-default-2.6_k3.16.7_53-28.1 xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_53-28.1 xtables-addons-kmp-desktop-2.6_k3.16.7_53-28.1 xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_53-28.1 xtables-addons-kmp-xen-2.6_k3.16.7_53-28.1 xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_53-28.1 - openSUSE 13.2 (x86_64): xen-4.4.4_05-55.1 xen-doc-html-4.4.4_05-55.1 xen-kmp-default-4.4.4_05_k3.16.7_53-55.1 xen-kmp-default-debuginfo-4.4.4_05_k3.16.7_53-55.1 xen-kmp-desktop-4.4.4_05_k3.16.7_53-55.1 xen-kmp-desktop-debuginfo-4.4.4_05_k3.16.7_53-55.1 xen-libs-32bit-4.4.4_05-55.1 xen-libs-debuginfo-32bit-4.4.4_05-55.1 xen-tools-4.4.4_05-55.1 xen-tools-debuginfo-4.4.4_05-55.1 - openSUSE 13.2 (noarch): kernel-devel-3.16.7-53.1 kernel-docs-3.16.7-53.2 kernel-macros-3.16.7-53.1 kernel-source-3.16.7-53.1 kernel-source-vanilla-3.16.7-53.1 virtualbox-guest-desktop-icons-5.0.30-62.1 virtualbox-host-source-5.0.30-62.1 - openSUSE 13.2 (i586): bbswitch-kmp-pae-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-pae-debuginfo-0.8_k3.16.7_53-3.26.1 cloop-kmp-pae-2.639_k3.16.7_53-14.26.1 cloop-kmp-pae-debuginfo-2.639_k3.16.7_53-14.26.1 crash-kmp-pae-7.0.8_k3.16.7_53-26.1 crash-kmp-pae-debuginfo-7.0.8_k3.16.7_53-26.1 hdjmod-kmp-pae-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-pae-debuginfo-1.28_k3.16.7_53-18.27.1 ipset-kmp-pae-6.23_k3.16.7_53-26.1 ipset-kmp-pae-debuginfo-6.23_k3.16.7_53-26.1 pcfclock-kmp-pae-0.44_k3.16.7_53-260.26.1 pcfclock-kmp-pae-debuginfo-0.44_k3.16.7_53-260.26.1 vhba-kmp-pae-20140629_k3.16.7_53-2.26.1 vhba-kmp-pae-debuginfo-20140629_k3.16.7_53-2.26.1 virtualbox-guest-kmp-pae-5.0.30_k3.16.7_53-62.1 virtualbox-guest-kmp-pae-debuginfo-5.0.30_k3.16.7_53-62.1 virtualbox-host-kmp-pae-5.0.30_k3.16.7_53-62.1 virtualbox-host-kmp-pae-debuginfo-5.0.30_k3.16.7_53-62.1 xtables-addons-kmp-pae-2.6_k3.16.7_53-28.1 xtables-addons-kmp-pae-debuginfo-2.6_k3.16.7_53-28.1 - openSUSE 13.2 (i686): kernel-pae-3.16.7-53.1 kernel-pae-base-3.16.7-53.1 kernel-pae-base-debuginfo-3.16.7-53.1 kernel-pae-debuginfo-3.16.7-53.1 kernel-pae-debugsource-3.16.7-53.1 kernel-pae-devel-3.16.7-53.1 References: https://www.suse.com/security/cve/CVE-2015-8962.html https://www.suse.com/security/cve/CVE-2015-8963.html https://www.suse.com/security/cve/CVE-2016-7042.html https://www.suse.com/security/cve/CVE-2016-7910.html https://www.suse.com/security/cve/CVE-2016-7911.html https://www.suse.com/security/cve/CVE-2016-7913.html https://www.suse.com/security/cve/CVE-2016-7914.html https://www.suse.com/security/cve/CVE-2016-7916.html https://www.suse.com/security/cve/CVE-2016-8633.html https://www.suse.com/security/cve/CVE-2016-8646.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9555.html https://bugzilla.suse.com/1001486 https://bugzilla.suse.com/1004517 https://bugzilla.suse.com/1007615 https://bugzilla.suse.com/1008833 https://bugzilla.suse.com/1010040 https://bugzilla.suse.com/1010150 https://bugzilla.suse.com/1010467 https://bugzilla.suse.com/1010475 https://bugzilla.suse.com/1010478 https://bugzilla.suse.com/1010501 https://bugzilla.suse.com/1010502 https://bugzilla.suse.com/1010711 https://bugzilla.suse.com/1010716 https://bugzilla.suse.com/1011685 https://bugzilla.suse.com/1012754 https://bugzilla.suse.com/934067 https://bugzilla.suse.com/990384 https://bugzilla.suse.com/993739 https://bugzilla.suse.com/999577 https://bugzilla.suse.com/999907 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: rh-mariadb101-mariadb security update Advisory ID: RHSA-2016:2928-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2928.html Issue date: 2016-12-08 CVE Names: CVE-2016-3492 CVE-2016-5616 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6662 CVE-2016-6663 CVE-2016-8283 ===================================================================== 1. Summary: An update for rh-mariadb101-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: rh-mariadb101-mariadb (10.1.19). Security Fix(es): * It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) * A race condition was found in the way MariaDB performed InnoDB engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user. (CVE-2016-6663, CVE-2016-5616) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2016-3492, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-8283) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1375198 - CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation (CPU Oct 2016) 1378936 - CVE-2016-6663 CVE-2016-5616 mysql: race condition while setting stats during InnoDB table repair (CPU Oct 2016) 1386554 - CVE-2016-3492 mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU October 2016) 1386566 - CVE-2016-5624 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU October 2016) 1386568 - CVE-2016-5626 mysql: unspecified vulnerability in subcomponent: Server: GIS (CPU October 2016) 1386572 - CVE-2016-5629 mysql: unspecified vulnerability in subcomponent: Server: Federated (CPU October 2016) 1386585 - CVE-2016-8283 mysql: unspecified vulnerability in subcomponent: Server: Types (CPU October 2016) 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-mariadb101-mariadb-10.1.19-6.el6.src.rpm x86_64: rh-mariadb101-mariadb-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-common-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-config-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-server-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-test-10.1.19-6.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: rh-mariadb101-mariadb-10.1.19-6.el6.src.rpm x86_64: rh-mariadb101-mariadb-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-common-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-config-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-server-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-test-10.1.19-6.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-mariadb101-mariadb-10.1.19-6.el6.src.rpm x86_64: rh-mariadb101-mariadb-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-common-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-config-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-server-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.19-6.el6.x86_64.rpm rh-mariadb101-mariadb-test-10.1.19-6.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-mariadb101-mariadb-10.1.19-6.el7.src.rpm x86_64: rh-mariadb101-mariadb-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-common-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-config-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-server-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-test-10.1.19-6.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2): Source: rh-mariadb101-mariadb-10.1.19-6.el7.src.rpm x86_64: rh-mariadb101-mariadb-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-common-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-config-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-server-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-test-10.1.19-6.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3): Source: rh-mariadb101-mariadb-10.1.19-6.el7.src.rpm x86_64: rh-mariadb101-mariadb-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-common-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-config-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-server-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-test-10.1.19-6.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-mariadb101-mariadb-10.1.19-6.el7.src.rpm x86_64: rh-mariadb101-mariadb-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-common-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-config-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-server-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.19-6.el7.x86_64.rpm rh-mariadb101-mariadb-test-10.1.19-6.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-3492 https://access.redhat.com/security/cve/CVE-2016-5616 https://access.redhat.com/security/cve/CVE-2016-5624 https://access.redhat.com/security/cve/CVE-2016-5626 https://access.redhat.com/security/cve/CVE-2016-5629 https://access.redhat.com/security/cve/CVE-2016-6662 https://access.redhat.com/security/cve/CVE-2016-6663 https://access.redhat.com/security/cve/CVE-2016-8283 https://access.redhat.com/security/updates/classification/#important http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL https://mariadb.com/kb/en/mariadb/mariadb-10117-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10119-release-notes/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYSYoaXlSAg2UNWIIRAox0AJwMlvYFOi5GldeTBA0ssjAs47G0jQCeL39c zlXS4W/FbsAzCpFc+jTBND4= =sHVD -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: rh-mariadb100-mariadb security update Advisory ID: RHSA-2016:2927-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2927.html Issue date: 2016-12-08 CVE Names: CVE-2016-3492 CVE-2016-5612 CVE-2016-5616 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-5630 CVE-2016-6662 CVE-2016-6663 CVE-2016-8283 ===================================================================== 1. Summary: An update for rh-mariadb100-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: rh-mariadb100-mariadb (10.0.28). Security Fix(es): * It was discovered that the MariaDB logging functionality allowed writing to MariaDB configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server. (CVE-2016-6662) * A race condition was found in the way MariaDB performed InnoDB engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user. (CVE-2016-6663, CVE-2016-5616) * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2016-3492, CVE-2016-5612, CVE-2016-5624, CVE-2016-5626, CVE-2016-5629, CVE-2016-5630, CVE-2016-8283) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1375198 - CVE-2016-6662 mysql: general_log can write to configuration files, leading to privilege escalation (CPU Oct 2016) 1378936 - CVE-2016-6663 CVE-2016-5616 mysql: race condition while setting stats during InnoDB table repair (CPU Oct 2016) 1386554 - CVE-2016-3492 mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU October 2016) 1386561 - CVE-2016-5612 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU October 2016) 1386566 - CVE-2016-5624 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU October 2016) 1386568 - CVE-2016-5626 mysql: unspecified vulnerability in subcomponent: Server: GIS (CPU October 2016) 1386572 - CVE-2016-5629 mysql: unspecified vulnerability in subcomponent: Server: Federated (CPU October 2016) 1386573 - CVE-2016-5630 mysql: unspecified vulnerability in subcomponent: Server: InnoDB (CPU October 2016) 1386585 - CVE-2016-8283 mysql: unspecified vulnerability in subcomponent: Server: Types (CPU October 2016) 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-mariadb100-mariadb-10.0.28-5.el6.src.rpm x86_64: rh-mariadb100-mariadb-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-bench-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-common-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-config-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-debuginfo-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-devel-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-errmsg-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-oqgraph-engine-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-server-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-test-10.0.28-5.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: rh-mariadb100-mariadb-10.0.28-5.el6.src.rpm x86_64: rh-mariadb100-mariadb-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-bench-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-common-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-config-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-debuginfo-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-devel-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-errmsg-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-oqgraph-engine-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-server-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-test-10.0.28-5.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-mariadb100-mariadb-10.0.28-5.el6.src.rpm x86_64: rh-mariadb100-mariadb-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-bench-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-common-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-config-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-debuginfo-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-devel-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-errmsg-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-oqgraph-engine-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-server-10.0.28-5.el6.x86_64.rpm rh-mariadb100-mariadb-test-10.0.28-5.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-mariadb100-mariadb-10.0.28-5.el7.src.rpm x86_64: rh-mariadb100-mariadb-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-bench-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-common-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-config-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-debuginfo-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-devel-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-errmsg-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-oqgraph-engine-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-server-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-test-10.0.28-5.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2): Source: rh-mariadb100-mariadb-10.0.28-5.el7.src.rpm x86_64: rh-mariadb100-mariadb-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-bench-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-common-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-config-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-debuginfo-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-devel-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-errmsg-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-oqgraph-engine-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-server-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-test-10.0.28-5.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3): Source: rh-mariadb100-mariadb-10.0.28-5.el7.src.rpm x86_64: rh-mariadb100-mariadb-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-bench-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-common-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-config-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-debuginfo-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-devel-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-errmsg-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-oqgraph-engine-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-server-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-test-10.0.28-5.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-mariadb100-mariadb-10.0.28-5.el7.src.rpm x86_64: rh-mariadb100-mariadb-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-bench-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-common-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-config-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-debuginfo-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-devel-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-errmsg-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-oqgraph-engine-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-server-10.0.28-5.el7.x86_64.rpm rh-mariadb100-mariadb-test-10.0.28-5.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-3492 https://access.redhat.com/security/cve/CVE-2016-5612 https://access.redhat.com/security/cve/CVE-2016-5616 https://access.redhat.com/security/cve/CVE-2016-5624 https://access.redhat.com/security/cve/CVE-2016-5626 https://access.redhat.com/security/cve/CVE-2016-5629 https://access.redhat.com/security/cve/CVE-2016-5630 https://access.redhat.com/security/cve/CVE-2016-6662 https://access.redhat.com/security/cve/CVE-2016-6663 https://access.redhat.com/security/cve/CVE-2016-8283 https://access.redhat.com/security/updates/classification/#important http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL https://mariadb.com/kb/en/mariadb/mariadb-10027-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYSYn4XlSAg2UNWIIRAk2rAJ4w53lWhfYR0entIb/FVhfeAYTywACfSo0f eWEyfSgCqEAJM3lMI3vwQSw= =Tch2 -----END PGP SIGNATURE----- --

openSUSE Security Update: Security update for GraphicsMagick ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3060-1 Rating: important References: #1000399 #1000434 #1000689 #1000698 #1000704 #1000707 #1000711 #1001066 #1001221 #1002206 #1002209 #1002422 #1003629 #1005123 #1005125 #1005127 #1007245 #1011130 #982178 #983521 #983752 #983794 #983799 #984145 #984150 #984166 #984372 #984375 #984394 #984400 #984436 Cross-References: CVE-2014-9805 CVE-2014-9807 CVE-2014-9809 CVE-2014-9815 CVE-2014-9817 CVE-2014-9820 CVE-2014-9831 CVE-2014-9834 CVE-2014-9835 CVE-2014-9837 CVE-2014-9845 CVE-2014-9846 CVE-2014-9853 CVE-2016-5118 CVE-2016-6823 CVE-2016-7101 CVE-2016-7515 CVE-2016-7522 CVE-2016-7528 CVE-2016-7529 CVE-2016-7531 CVE-2016-7533 CVE-2016-7537 CVE-2016-7800 CVE-2016-7996 CVE-2016-7997 CVE-2016-8682 CVE-2016-8683 CVE-2016-8684 CVE-2016-8862 CVE-2016-9556 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes 31 vulnerabilities is now available. Description: This update for GraphicsMagick fixes the following issues: - a possible shell execution attack was fixed. if the first character of an input filename for 'convert' was a '|' then the remainder of the filename was passed to the shell (CVE-2016-5118, boo#982178) - Maliciously crafted pnm files could crash GraphicsMagick (CVE-2014-9805, [boo#983752]) - Prevent overflow in rle files (CVE-2014-9846, boo#983521) - Fix a double free in pdb coder (CVE-2014-9807, boo#983794) - Fix a possible crash due to corrupted xwd images (CVE-2014-9809, boo#983799) - Fix a possible crash due to corrupted wpg images (CVE-2014-9815, boo#984372) - Fix a heap buffer overflow in pdb file handling (CVE-2014-9817, boo#984400) - Fix a heap overflow in xpm files (CVE-2014-9820, boo#984150) - Fix a heap overflow in pict files (CVE-2014-9834, boo#984436) - Fix a heap overflow in wpf files (CVE-2014-9835, CVE-2014-9831, boo#984145, boo#984375) - Additional PNM sanity checks (CVE-2014-9837, boo#984166) - Fix a possible crash due to corrupted dib file (CVE-2014-9845, boo#984394) - Fix out of bound in quantum handling (CVE-2016-7529, boo#1000399) - Fix out of bound access in xcf file coder (CVE-2016-7528, boo#1000434) - Fix handling of corrupted lle files (CVE-2016-7515, boo#1000689) - Fix out of bound access for malformed psd file (CVE-2016-7522, boo#1000698) - Fix out of bound access for pbd files (CVE-2016-7531, boo#1000704) - Fix out of bound access in corrupted wpg files (CVE-2016-7533, boo#1000707) - Fix out of bound access in corrupted pdb files (CVE-2016-7537, boo#1000711) - BMP Coder Out-Of-Bounds Write Vulnerability (CVE-2016-6823, boo#1001066) - SGI Coder Out-Of-Bounds Read Vulnerability (CVE-2016-7101, boo#1001221) - Divide by zero in WriteTIFFImage (do not divide by zero in WriteTIFFImage, boo#1002206) - Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (fix buffer overflow, boo#1002209) - 8BIM/8BIMW unsigned underflow leads to heap overflow (CVE-2016-7800, boo#1002422) - wpg reader issues (CVE-2016-7996, CVE-2016-7997, boo#1003629) - Mismatch between real filesize and header values (CVE-2016-8684, boo#1005123) - Stack-buffer read overflow while reading SCT header (CVE-2016-8682, boo#1005125) - Check that filesize is reasonable compared to the header value (CVE-2016-8683, boo#1005127) - Memory allocation failure in AcquireMagickMemory (CVE-2016-8862, boo#1007245) - heap-based buffer overflow in IsPixelGray (CVE-2016-9556, boo#1011130) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2016-1430=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): GraphicsMagick-1.3.25-3.1 GraphicsMagick-debuginfo-1.3.25-3.1 GraphicsMagick-debugsource-1.3.25-3.1 GraphicsMagick-devel-1.3.25-3.1 libGraphicsMagick++-Q16-12-1.3.25-3.1 libGraphicsMagick++-Q16-12-debuginfo-1.3.25-3.1 libGraphicsMagick++-devel-1.3.25-3.1 libGraphicsMagick-Q16-3-1.3.25-3.1 libGraphicsMagick-Q16-3-debuginfo-1.3.25-3.1 libGraphicsMagick3-config-1.3.25-3.1 libGraphicsMagickWand-Q16-2-1.3.25-3.1 libGraphicsMagickWand-Q16-2-debuginfo-1.3.25-3.1 perl-GraphicsMagick-1.3.25-3.1 perl-GraphicsMagick-debuginfo-1.3.25-3.1 References: https://www.suse.com/security/cve/CVE-2014-9805.html https://www.suse.com/security/cve/CVE-2014-9807.html https://www.suse.com/security/cve/CVE-2014-9809.html https://www.suse.com/security/cve/CVE-2014-9815.html https://www.suse.com/security/cve/CVE-2014-9817.html https://www.suse.com/security/cve/CVE-2014-9820.html https://www.suse.com/security/cve/CVE-2014-9831.html https://www.suse.com/security/cve/CVE-2014-9834.html https://www.suse.com/security/cve/CVE-2014-9835.html https://www.suse.com/security/cve/CVE-2014-9837.html https://www.suse.com/security/cve/CVE-2014-9845.html https://www.suse.com/security/cve/CVE-2014-9846.html https://www.suse.com/security/cve/CVE-2014-9853.html https://www.suse.com/security/cve/CVE-2016-5118.html https://www.suse.com/security/cve/CVE-2016-6823.html https://www.suse.com/security/cve/CVE-2016-7101.html https://www.suse.com/security/cve/CVE-2016-7515.html https://www.suse.com/security/cve/CVE-2016-7522.html https://www.suse.com/security/cve/CVE-2016-7528.html https://www.suse.com/security/cve/CVE-2016-7529.html https://www.suse.com/security/cve/CVE-2016-7531.html https://www.suse.com/security/cve/CVE-2016-7533.html https://www.suse.com/security/cve/CVE-2016-7537.html https://www.suse.com/security/cve/CVE-2016-7800.html https://www.suse.com/security/cve/CVE-2016-7996.html https://www.suse.com/security/cve/CVE-2016-7997.html https://www.suse.com/security/cve/CVE-2016-8682.html https://www.suse.com/security/cve/CVE-2016-8683.html https://www.suse.com/security/cve/CVE-2016-8684.html https://www.suse.com/security/cve/CVE-2016-8862.html https://www.suse.com/security/cve/CVE-2016-9556.html https://bugzilla.suse.com/1000399 https://bugzilla.suse.com/1000434 https://bugzilla.suse.com/1000689 https://bugzilla.suse.com/1000698 https://bugzilla.suse.com/1000704 https://bugzilla.suse.com/1000707 https://bugzilla.suse.com/1000711 https://bugzilla.suse.com/1001066 https://bugzilla.suse.com/1001221 https://bugzilla.suse.com/1002206 https://bugzilla.suse.com/1002209 https://bugzilla.suse.com/1002422 https://bugzilla.suse.com/1003629 https://bugzilla.suse.com/1005123 https://bugzilla.suse.com/1005125 https://bugzilla.suse.com/1005127 https://bugzilla.suse.com/1007245 https://bugzilla.suse.com/1011130 https://bugzilla.suse.com/982178 https://bugzilla.suse.com/983521 https://bugzilla.suse.com/983752 https://bugzilla.suse.com/983794 https://bugzilla.suse.com/983799 https://bugzilla.suse.com/984145 https://bugzilla.suse.com/984150 https://bugzilla.suse.com/984166 https://bugzilla.suse.com/984372 https://bugzilla.suse.com/984375 https://bugzilla.suse.com/984394 https://bugzilla.suse.com/984400 https://bugzilla.suse.com/984436 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Radeon Software Crimson ReLive Edition is AMD's latest major annual driver release. Though its headline feature, ReLive, promises to be a boon for Radeon owners who capture and stream gameplay, that's just one of its many features. We dug in to see everything this update has to offer. Read more: http://techreport.com/review/31077/radeon-software-crimson-relive-edition-an-overview --- The Tech Report - PC Hardware Explored http://techreport.com -- To unsubscribe from: TR-News, just follow this link: http://node1.techreport.com/cgi-bin/dada/mail.cgi/u/trnews/reviewnews// Click this link, or copy and paste the address into your browser.

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3058-1 Rating: important References: #1001171 #1001486 #1003925 #1004517 #1006580 #1007197 #1007615 #1007653 #1008650 #1008833 #1009222 #1010040 #1010150 #1010478 #1010501 #1010502 #1010507 #1010909 #1011685 #1012754 #1012876 #1013533 #934067 #990384 #993739 #995968 #999577 #999907 Cross-References: CVE-2015-8956 CVE-2015-8962 CVE-2015-8963 CVE-2015-8964 CVE-2016-7042 CVE-2016-7097 CVE-2016-7913 CVE-2016-8630 CVE-2016-8633 CVE-2016-8646 CVE-2016-8655 CVE-2016-9083 CVE-2016-9084 CVE-2016-9178 CVE-2016-9555 CVE-2016-9794 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that solves 16 vulnerabilities and has 12 fixes is now available. Description: The openSUSE Leap 42.1 kernel was updated to 4.1.36 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012754). - CVE-2016-9794: A use-after-free in ALSA pcm could lead to crashes or allowed local users to potentially gain privileges (bsc#1013533). - CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501). - CVE-2016-9178: The __get_user_asm_ex macro in arch/x86/include/asm/uaccess.h in the Linux kernel did not initialize a certain integer variable, which allowed local users to obtain sensitive information from kernel stack memory by triggering failure of a get_user_ex call (bnc#1008650). - CVE-2016-7913: The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure (bnc#1010478). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). - CVE-2015-8963: Race condition in kernel/events/core.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation (bnc#1010502). - CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507). - CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150). - CVE-2016-8633: drivers/firewire/net.c in the Linux kernel in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833). - CVE-2016-8630: The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel, when KVM is enabled, allowed local users to cause a denial of service (host OS crash) via a certain use of a ModR/M byte in an undefined instruction (bnc#1009222). - CVE-2016-9083: drivers/vfio/pci/vfio_pci.c in the Linux kernel allowed local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug (bnc#1007197). - CVE-2016-9084: drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel misuses the kzalloc function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file (bnc#1007197). - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517). - CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968). - CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925). The following non-security bugs were fixed: - ata: ahci_xgene: dereferencing uninitialized pointer in probe (bsc#1006580). - blacklist.conf: add some commits (bsc#1006580) - bna: Add synchronization for tx ring (bsc#993739). - bonding: set carrier off for devices created through netlink (bsc#999577). - btrfs: deal with duplicates during extent_map insertion in btrfs_get_extent (bsc#1001171). - btrfs: deal with existing encompassing extent map in btrfs_get_extent() (bsc#1001171). - btrfs: fix extent tree corruption due to relocation (bsc#990384). - btrfs: fix races on root_log_ctx lists (bsc#1007653). - ext4: fix data exposure after a crash (bsc#1012876). - ext4: fix reference counting bug on block allocation error (bsc#1012876). - gre: Disable segmentation offloads w/ CSUM and we are encapsulated via FOU (bsc#1001486). - gro: Allow tunnel stacking in the case of FOU/GUE (bsc#1001486). - ipv6: send NEWLINK on RA managed/otherconf changes (bsc#934067). - ipv6: send only one NEWLINK when RA causes changes (bsc#934067). - isofs: Do not return EACCES for unknown filesystems (bsc#1012876). - jbd2: fix checkpoint list cleanup (bsc#1012876). - jbd2: Fix unreclaimed pages after truncate in data=journal mode (bsc#1010909). - locking/static_key: Fix concurrent static_key_slow_inc() (bsc#1006580). - mmc: Fix kabi breakage of mmc-block in 4.1.36 (stable-4.1.36). - posix_acl: Added fix for f2fs. - Revert "kbuild: add -fno-PIE" (stable-4.1.36). - Revert "x86/mm: Expand the exception table logic to allow new handling options" (stable-4.1.36). - tunnels: Remove encapsulation offloads on decap (bsc#1001486). - usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615). - vmxnet3: Wake queue from reset work (bsc#999907). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-1428=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i686 x86_64): kernel-debug-4.1.36-38.1 kernel-debug-base-4.1.36-38.1 kernel-debug-base-debuginfo-4.1.36-38.1 kernel-debug-debuginfo-4.1.36-38.1 kernel-debug-debugsource-4.1.36-38.1 kernel-debug-devel-4.1.36-38.1 kernel-debug-devel-debuginfo-4.1.36-38.1 kernel-ec2-4.1.36-38.1 kernel-ec2-base-4.1.36-38.1 kernel-ec2-base-debuginfo-4.1.36-38.1 kernel-ec2-debuginfo-4.1.36-38.1 kernel-ec2-debugsource-4.1.36-38.1 kernel-ec2-devel-4.1.36-38.1 kernel-pv-4.1.36-38.1 kernel-pv-base-4.1.36-38.1 kernel-pv-base-debuginfo-4.1.36-38.1 kernel-pv-debuginfo-4.1.36-38.1 kernel-pv-debugsource-4.1.36-38.1 kernel-pv-devel-4.1.36-38.1 kernel-vanilla-4.1.36-38.1 kernel-vanilla-debuginfo-4.1.36-38.1 kernel-vanilla-debugsource-4.1.36-38.1 kernel-vanilla-devel-4.1.36-38.1 kernel-xen-4.1.36-38.1 kernel-xen-base-4.1.36-38.1 kernel-xen-base-debuginfo-4.1.36-38.1 kernel-xen-debuginfo-4.1.36-38.1 kernel-xen-debugsource-4.1.36-38.1 kernel-xen-devel-4.1.36-38.1 - openSUSE Leap 42.1 (i586 x86_64): hdjmod-debugsource-1.28-28.2 hdjmod-kmp-default-1.28_k4.1.36_38-28.2 hdjmod-kmp-default-debuginfo-1.28_k4.1.36_38-28.2 hdjmod-kmp-pv-1.28_k4.1.36_38-28.2 hdjmod-kmp-pv-debuginfo-1.28_k4.1.36_38-28.2 hdjmod-kmp-xen-1.28_k4.1.36_38-28.2 hdjmod-kmp-xen-debuginfo-1.28_k4.1.36_38-28.2 ipset-6.25.1-9.2 ipset-debuginfo-6.25.1-9.2 ipset-debugsource-6.25.1-9.2 ipset-devel-6.25.1-9.2 ipset-kmp-default-6.25.1_k4.1.36_38-9.2 ipset-kmp-default-debuginfo-6.25.1_k4.1.36_38-9.2 ipset-kmp-pv-6.25.1_k4.1.36_38-9.2 ipset-kmp-pv-debuginfo-6.25.1_k4.1.36_38-9.2 ipset-kmp-xen-6.25.1_k4.1.36_38-9.2 ipset-kmp-xen-debuginfo-6.25.1_k4.1.36_38-9.2 kernel-default-4.1.36-38.1 kernel-default-base-4.1.36-38.1 kernel-default-base-debuginfo-4.1.36-38.1 kernel-default-debuginfo-4.1.36-38.1 kernel-default-debugsource-4.1.36-38.1 kernel-default-devel-4.1.36-38.1 kernel-obs-build-4.1.36-38.2 kernel-obs-build-debugsource-4.1.36-38.2 kernel-obs-qa-4.1.36-38.1 kernel-syms-4.1.36-38.1 libipset3-6.25.1-9.2 libipset3-debuginfo-6.25.1-9.2 pcfclock-0.44-270.2 pcfclock-debuginfo-0.44-270.2 pcfclock-debugsource-0.44-270.2 pcfclock-kmp-default-0.44_k4.1.36_38-270.2 pcfclock-kmp-default-debuginfo-0.44_k4.1.36_38-270.2 pcfclock-kmp-pv-0.44_k4.1.36_38-270.2 pcfclock-kmp-pv-debuginfo-0.44_k4.1.36_38-270.2 vhba-kmp-debugsource-20140928-9.2 vhba-kmp-default-20140928_k4.1.36_38-9.2 vhba-kmp-default-debuginfo-20140928_k4.1.36_38-9.2 vhba-kmp-pv-20140928_k4.1.36_38-9.2 vhba-kmp-pv-debuginfo-20140928_k4.1.36_38-9.2 vhba-kmp-xen-20140928_k4.1.36_38-9.2 vhba-kmp-xen-debuginfo-20140928_k4.1.36_38-9.2 - openSUSE Leap 42.1 (noarch): kernel-devel-4.1.36-38.1 kernel-docs-4.1.36-38.2 kernel-docs-html-4.1.36-38.2 kernel-docs-pdf-4.1.36-38.2 kernel-macros-4.1.36-38.1 kernel-source-4.1.36-38.1 kernel-source-vanilla-4.1.36-38.1 - openSUSE Leap 42.1 (x86_64): drbd-8.4.6-12.2 drbd-debugsource-8.4.6-12.2 drbd-kmp-default-8.4.6_k4.1.36_38-12.2 drbd-kmp-default-debuginfo-8.4.6_k4.1.36_38-12.2 drbd-kmp-pv-8.4.6_k4.1.36_38-12.2 drbd-kmp-pv-debuginfo-8.4.6_k4.1.36_38-12.2 drbd-kmp-xen-8.4.6_k4.1.36_38-12.2 drbd-kmp-xen-debuginfo-8.4.6_k4.1.36_38-12.2 lttng-modules-2.7.0-6.2 lttng-modules-debugsource-2.7.0-6.2 lttng-modules-kmp-default-2.7.0_k4.1.36_38-6.2 lttng-modules-kmp-default-debuginfo-2.7.0_k4.1.36_38-6.2 lttng-modules-kmp-pv-2.7.0_k4.1.36_38-6.2 lttng-modules-kmp-pv-debuginfo-2.7.0_k4.1.36_38-6.2 - openSUSE Leap 42.1 (i686): kernel-pae-4.1.36-38.1 kernel-pae-base-4.1.36-38.1 kernel-pae-base-debuginfo-4.1.36-38.1 kernel-pae-debuginfo-4.1.36-38.1 kernel-pae-debugsource-4.1.36-38.1 kernel-pae-devel-4.1.36-38.1 - openSUSE Leap 42.1 (i586): hdjmod-kmp-pae-1.28_k4.1.36_38-28.2 hdjmod-kmp-pae-debuginfo-1.28_k4.1.36_38-28.2 ipset-kmp-pae-6.25.1_k4.1.36_38-9.2 ipset-kmp-pae-debuginfo-6.25.1_k4.1.36_38-9.2 pcfclock-kmp-pae-0.44_k4.1.36_38-270.2 pcfclock-kmp-pae-debuginfo-0.44_k4.1.36_38-270.2 vhba-kmp-pae-20140928_k4.1.36_38-9.2 vhba-kmp-pae-debuginfo-20140928_k4.1.36_38-9.2 References: https://www.suse.com/security/cve/CVE-2015-8956.html https://www.suse.com/security/cve/CVE-2015-8962.html https://www.suse.com/security/cve/CVE-2015-8963.html https://www.suse.com/security/cve/CVE-2015-8964.html https://www.suse.com/security/cve/CVE-2016-7042.html https://www.suse.com/security/cve/CVE-2016-7097.html https://www.suse.com/security/cve/CVE-2016-7913.html https://www.suse.com/security/cve/CVE-2016-8630.html https://www.suse.com/security/cve/CVE-2016-8633.html https://www.suse.com/security/cve/CVE-2016-8646.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9083.html https://www.suse.com/security/cve/CVE-2016-9084.html https://www.suse.com/security/cve/CVE-2016-9178.html https://www.suse.com/security/cve/CVE-2016-9555.html https://www.suse.com/security/cve/CVE-2016-9794.html https://bugzilla.suse.com/1001171 https://bugzilla.suse.com/1001486 https://bugzilla.suse.com/1003925 https://bugzilla.suse.com/1004517 https://bugzilla.suse.com/1006580 https://bugzilla.suse.com/1007197 https://bugzilla.suse.com/1007615 https://bugzilla.suse.com/1007653 https://bugzilla.suse.com/1008650 https://bugzilla.suse.com/1008833 https://bugzilla.suse.com/1009222 https://bugzilla.suse.com/1010040 https://bugzilla.suse.com/1010150 https://bugzilla.suse.com/1010478 https://bugzilla.suse.com/1010501 https://bugzilla.suse.com/1010502 https://bugzilla.suse.com/1010507 https://bugzilla.suse.com/1010909 https://bugzilla.suse.com/1011685 https://bugzilla.suse.com/1012754 https://bugzilla.suse.com/1012876 https://bugzilla.suse.com/1013533 https://bugzilla.suse.com/934067 https://bugzilla.suse.com/990384 https://bugzilla.suse.com/993739 https://bugzilla.suse.com/995968 https://bugzilla.suse.com/999577 https://bugzilla.suse.com/999907 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

<http://www.eteknix.com> Cooler Master Masterbox 5t Chassis Review Cooler Master has been on a winning streak with their chassis' for quite some time now. Since they relaunched their brand with the “Make it Yours†motto, we've seen award-winning products hit the market one after the other. Now they're back again with something a little more budget focused, targeted at the PC gaming market who want to build a high-end system, but also have something that's a little more unique and aggressive compared to their Master Case series. URL - http://www.eteknix.com/cooler-master-masterbox-5t-chassis-review/ --

<http://www.eteknix.com> Cooler Master Masterbox 5t Chassis Review Cooler Master has been on a winning streak with their chassis' for quite some time now. Since they relaunched their brand with the “Make it Yours†motto, we've seen award-winning products hit the market one after the other. Now they're back again with something a little more budget focused, targeted at the PC gaming market who want to build a high-end system, but also have something that's a little more unique and aggressive compared to their Master Case series. URL - http://www.eteknix.com/cooler-master-masterbox-5t-chassis-review/ --

AMD talk to KitGuru about Crimson ReLive ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5 http://www.kitguru.net AMD talk to KitGuru about Crimson ReLive KitGuru despatched Leo Waldock for an exclusive interview with Andrej Zdravkovic, Corporate Vice President or Software and Platform Engineering at AMD and Terry Makedon, Director – Product Management at AMD about the latest release of their latest graphics software. Read the review here: http://www.kitguru.net/components/graphic-cards/zardon/amd-talk-to-kitguru-about-crimson-relive/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

AMD talk to KitGuru about Crimson ReLive ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5 http://www.kitguru.net AMD talk to KitGuru about Crimson ReLive KitGuru despatched Leo Waldock for an exclusive interview with Andrej Zdravkovic, Corporate Vice President or Software and Platform Engineering at AMD and Terry Makedon, Director – Product Management at AMD about the latest release of their latest graphics software. Read the review here: http://www.kitguru.net/components/graphic-cards/zardon/amd-talk-to-kitguru-about-crimson-relive/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

AMD talk to KitGuru about Crimson ReLive ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5 http://www.kitguru.net AMD talk to KitGuru about Crimson ReLive KitGuru despatched Leo Waldock for an exclusive interview with Andrej Zdravkovic, Corporate Vice President or Software and Platform Engineering at AMD and Terry Makedon, Director – Product Management at AMD about the latest release of their latest graphics software. Read the review here: http://www.kitguru.net/components/graphic-cards/zardon/amd-talk-to-kitguru-about-crimson-relive/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

AMD talk to KitGuru about Crimson ReLive ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5 http://www.kitguru.net AMD talk to KitGuru about Crimson ReLive KitGuru despatched Leo Waldock for an exclusive interview with Andrej Zdravkovic, Corporate Vice President or Software and Platform Engineering at AMD and Terry Makedon, Director – Product Management at AMD about the latest release of their latest graphics software. Read the review here: http://www.kitguru.net/components/graphic-cards/zardon/amd-talk-to-kitguru-about-crimson-relive/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

AMD talk to KitGuru about Crimson ReLive ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5 http://www.kitguru.net AMD talk to KitGuru about Crimson ReLive KitGuru despatched Leo Waldock for an exclusive interview with Andrej Zdravkovic, Corporate Vice President or Software and Platform Engineering at AMD and Terry Makedon, Director – Product Management at AMD about the latest release of their latest graphics software. Read the review here: http://www.kitguru.net/components/graphic-cards/zardon/amd-talk-to-kitguru-about-crimson-relive/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

AMD talk to KitGuru about Crimson ReLive ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5 http://www.kitguru.net AMD talk to KitGuru about Crimson ReLive KitGuru despatched Leo Waldock for an exclusive interview with Andrej Zdravkovic, Corporate Vice President or Software and Platform Engineering at AMD and Terry Makedon, Director – Product Management at AMD about the latest release of their latest graphics software. Read the review here: http://www.kitguru.net/components/graphic-cards/zardon/amd-talk-to-kitguru-about-crimson-relive/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

AMD talk to KitGuru about Crimson ReLive ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5 http://www.kitguru.net AMD talk to KitGuru about Crimson ReLive KitGuru despatched Leo Waldock for an exclusive interview with Andrej Zdravkovic, Corporate Vice President or Software and Platform Engineering at AMD and Terry Makedon, Director – Product Management at AMD about the latest release of their latest graphics software. Read the review here: http://www.kitguru.net/components/graphic-cards/zardon/amd-talk-to-kitguru-about-crimson-relive/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=9414b74a30&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: AMD Radeon Crimson ReLive Drivers Link: http://www.techpowerup.com/reviews/AMD/Radeon_Crimson_ReLive_Drivers Brief: Today AMD released their big annual driver update called Radeon Crimson ReLive Edition. The highlights of the new driver are game recording, an improved installer with clean install and Radeon Chill, which promises to reduce power consumption and heat output during gaming.

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3050-1 Rating: important References: #1000118 #1000433 #1001171 #1001310 #1001486 #1001888 #1003813 #1004052 #1004365 #1004517 #1005169 #1005666 #1005745 #1005917 #1005921 #1005925 #1005929 #1006175 #1006576 #1006809 #1006827 #1006915 #1006918 #1007197 #1007615 #1007653 #1007955 #1008831 #1008979 #1009062 #1009454 #1010040 #1010158 #1010444 #1010478 #1010507 #1010665 #1010690 #1010970 #1011176 #1011685 #1011913 #1012060 #1012094 #1012452 #1012477 #1012754 #1012767 #1012829 #1012992 #1013479 #1013533 #1013700 #799133 #843661 #914939 #954986 #963609 #963655 #963904 #964462 #966186 #966191 #966316 #966318 #966325 #969476 #969477 #971975 #972993 #974313 #978907 #979681 #983087 #983318 #985850 #986255 #987805 #990384 #991414 #992555 #993739 #994881 #995278 #997059 #997807 #998054 Cross-References: CVE-2015-1350 CVE-2015-8964 CVE-2016-7042 CVE-2016-7913 CVE-2016-7917 CVE-2016-8632 CVE-2016-8655 CVE-2016-8666 CVE-2016-9083 CVE-2016-9084 CVE-2016-9555 CVE-2016-9794 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves 12 vulnerabilities and has 75 fixes is now available. Description: The openSUSE Leap 42.2 kernel was updated to 4.4.36 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939). - CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507). - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517). - CVE-2016-7913: The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure (bnc#1010478). - CVE-2016-7917: The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel did not check whether a batch message's length field is large enough, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability (bnc#1010444). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831). - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012754). - CVE-2016-8666: The IP stack in the Linux kernel allowed remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stacking, as demonstrated by interleaved IPv4 headers and GRE headers, a related issue to CVE-2016-7039 (bnc#1001486). - CVE-2016-9083: drivers/vfio/pci/vfio_pci.c in the Linux kernel allowed local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a "state machine confusion bug (bnc#1007197). - CVE-2016-9084: drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel misuses the kzalloc function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file (bnc#1007197). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). - CVE-2016-9794: A use-after-free in alsa pcm could lead to crashes or allowed local users to potentially gain privileges (bsc#1013533). The following non-security bugs were fixed: - acpi / pad: do not register acpi_pad driver if running as Xen dom0 (bnc#995278). - Add power key support for PMIcs which are already included in the configs (boo#1012477). Arm64 already has these so no need to patch it. - alsa: hda - Bind with i915 only when Intel graphics is present (bsc#1012767). - alsa: hda - Clear the leftover component assignment at snd_hdac_i915_exit() (bsc#1012767). - alsa: hda - Degrade i915 binding failure message (bsc#1012767). - alsa: hda - Fix yet another i915 pointer leftover in error path (bsc#1012767). - alsa: hda - Gate the mic jack on HP Z1 Gen3 AiO (bsc#1004365). - arm64/efi: Enable runtime call flag checking (bsc#1005745). - arm64/efi: Move to generic {__,}efi_call_virt() (bsc#1005745). - arm64: Refuse to install 4k kernel on 64k system - arm64: Update config files. Disable CONFIG_IPMI_SI_PROBE_DEFAULTS (bsc#1006576) - arm: bcm2835: add CPU node for ARM core (boo#1012094). - arm: bcm2835: Split the DT for peripherals from the DT for the CPU (boo#1012094). - asoc: cht_bsw_rt5645: Enable jack detection (bsc#1010690). - asoc: cht_bsw_rt5645: Fix writing to string literal (bsc#1010690). - asoc: cht_bsw_rt5672: Use HID translation unit (bsc#1010690). - asoc: intel: add function stub when ACPI is not enabled (bsc#1010690). - asoc: Intel: add fw name to common dsp context (bsc#1010690). - asoc: Intel: Add missing 10EC5672 ACPI ID matching for Cherry Trail (bsc#1010690). - asoc: Intel: Add module tags for common match module (bsc#1010690). - asoc: Intel: add NULL test (bsc#1010690). - asoc: Intel: Add quirks for MinnowBoard MAX (bsc#1010690). - asoc: Intel: Add surface3 entry in CHT-RT5645 machine (bsc#1010690). - asoc: Intel: Atom: add 24-bit support for media playback and capture (bsc#1010690). - asoc: Intel: Atom: add deep buffer definitions for atom platforms (bsc#1010690). - asoc: Intel: Atom: add definitions for modem/SSP0 interface (bsc#1010690). - asoc: Intel: Atom: Add quirk for Surface 3 (bsc#1010690). - asoc: Intel: Atom: add support for CHT w/ RT5640 (bsc#1010690). - asoc: Intel: Atom: Add support for HP ElitePad 1000 G2 (bsc#1010690). - asoc: Intel: Atom: add support for RT5642 (bsc#1010690). - asoc: Intel: Atom: add terminate entry for dmi_system_id tables (bsc#1010690). - asoc: Intel: Atom: auto-detection of Baytrail-CR (bsc#1010690). - asoc: Intel: Atom: clean-up compressed DAI definition (bsc#1010690). - asoc: Intel: atom: enable configuration of SSP0 (bsc#1010690). - asoc: Intel: atom: fix 0-day warnings (bsc#1010690). - asoc: Intel: Atom: fix boot warning (bsc#1010690). - asoc: Intel: Atom: Fix message handling during drop stream (bsc#1010690). - asoc: Intel: atom: fix missing breaks that would cause the wrong operation to execute (bsc#1010690). - asoc: Intel: Atom: fix regression on compress DAI (bsc#1010690). - asoc: Intel: Atom: flip logic for gain Switch (bsc#1010690). - asoc: Intel: atom: Make some messages to debug level (bsc#1010690). - asoc: Intel: Atom: move atom driver to common acpi match (bsc#1010690). - asoc: Intel: atom: statify cht_quirk (bsc#1010690). - asoc: Intel: boards: add DEEP_BUFFER support for BYT/CHT/BSW (bsc#1010690). - asoc: Intel: boards: align pin names between byt-rt5640 drivers (bsc#1010690). - asoc: Intel: boards: merge DMI-based quirks in bytcr-rt5640 driver (bsc#1010690). - asoc: Intel: boards: start merging byt-rt5640 drivers (bsc#1010690). - asoc: Intel: bytcr_rt56040: additional routing quirks (bsc#1010690). - asoc: Intel: bytcr-rt5640: add Asus T100TAF quirks (bsc#1010690). - asoc: Intel: bytcr_rt5640: add IN3 map (bsc#1010690). - asoc: Intel: bytcr_rt5640: add MCLK support (bsc#1010690). - asoc: Intel: bytcr_rt5640: Add quirk for Teclast X98 Air 3G tablet (bsc#1010690). - asoc: Intel: bytcr_rt5640: add SSP2_AIF2 routing (bsc#1010690). - asoc: Intel: bytcr_rt5640: change quirk position (bsc#1010690). - asoc: Intel: bytcr_rt5640: default routing and quirks on Baytrail-CR (bsc#1010690). - asoc: Intel: bytcr-rt5640: enable ASRC (bsc#1010690). - asoc: Intel: bytcr_rt5640: enable differential mic quirk (bsc#1010690). - asoc: Intel: bytcr_rt5640: fix dai/clock setup for SSP0 routing (bsc#1010690). - asoc: Intel: bytcr_rt5640: fixup DAI codec_name with HID (bsc#1010690). - asoc: Intel: bytcr_rt5640: log quirks (bsc#1010690). - asoc: Intel: bytcr_rt5640: quirk for Acer Aspire SWS-012 (bsc#1010690). - asoc: Intel: bytcr_rt5640: quirk for mono speaker (bsc#1010690). - asoc: Intel: bytcr_rt5640: set SSP to I2S mode 2ch (bsc#1010690). - asoc: Intel: bytcr_rt5640: use HID translation util (bsc#1010690). - asoc: Intel: cht: fix uninit variable warning (bsc#1010690). - asoc: Intel: common: add translation from HID to codec-name (bsc#1010690). - asoc: Intel: common: filter ACPI devices with _STA return value (bsc#1010690). - asoc: Intel: common: increase the loglevel of "FW Poll Status" (bsc#1010690). - asoc: Intel: Create independent acpi match module (bsc#1010690). - asoc: intel: Fix sst-dsp dependency on dw stuff (bsc#1010690). - asoc: Intel: Keep building old baytrail machine drivers (bsc#1010690). - asoc: Intel: Load the atom DPCM driver only (bsc#1010690). - asoc: intel: make function stub static (bsc#1010690). - asoc: Intel: Move apci find machine routines (bsc#1010690). - asoc: intel: Replace kthread with work (bsc#1010690). - asoc: Intel: Skylake: Always acquire runtime pm ref on unload (bsc#1005917). - asoc: Intel: sst: fix sst_memcpy32 wrong with non-4x bytes issue (bsc#1010690). - asoc: rt5640: add ASRC support (bsc#1010690). - asoc: rt5640: add internal clock source support (bsc#1010690). - asoc: rt5640: add master clock handling for rt5640 (bsc#1010690). - asoc: rt5640: add supplys for dac power (bsc#1010690). - asoc: rt5640: remove unused variable (bsc#1010690). - asoc: rt5640: Set PLL src according to source (bsc#1010690). - asoc: rt5645: add DAC1 soft volume func control (bsc#1010690). - asoc: rt5645: Add dmi_system_id "Google Setzer" (bsc#1010690). - asoc: rt5645: extend delay time for headphone pop noise (bsc#1010690). - asoc: rt5645: fix reg-2f default value (bsc#1010690). - asoc: rt5645: improve headphone pop when system resumes from S3 (bsc#1010690). - asoc: rt5645: improve IRQ reaction time for HS button (bsc#1010690). - asoc: rt5645: merge DMI tables of google projects (bsc#1010690). - asoc: rt5645: patch reg-0x8a (bsc#1010690). - asoc: rt5645: polling jd status in all conditions (bsc#1010690). - asoc: rt5645: Separate regmap for rt5645 and rt5650 (bsc#1010690). - asoc: rt5645: set RT5645_PRIV_INDEX as volatile (bsc#1010690). - asoc: rt5645: use polling to support HS button (bsc#1010690). - asoc: rt5645: Use the mod_delayed_work instead of the queue_delayed_work and cancel_delayed_work_sync (bsc#1010690). - asoc: rt5670: Add missing 10EC5072 ACPI ID (bsc#1010690). - asoc: rt5670: Enable Braswell platform workaround for Dell Wyse 3040 (bsc#1010690). - asoc: rt5670: fix HP Playback Volume control (bsc#1010690). - asoc: rt5670: patch reg-0x8a (bsc#1010690). - blacklist.conf: Remove intel_pstate potential patch that SLE 12 SP2 The code layout upstream that motivated this patch is completely different to what is in SLE 12 SP2 as schedutil was not backported. - bna: Add synchronization for tx ring (bsc#993739). - btrfs: allocate root item at snapshot ioctl time (bsc#1012452). - btrfs: better packing of btrfs_delayed_extent_op (bsc#1012452). - btrfs: Check metadata redundancy on balance (bsc#1012452). - btrfs: clean up an error code in btrfs_init_space_info() (bsc#1012452). - btrfs: cleanup, stop casting for extent_map->lookup everywhere (bsc#1012452). - btrfs: cleanup, use enum values for btrfs_path reada (bsc#1012452). - btrfs: deal with duplicates during extent_map insertion in btrfs_get_extent (bsc#1001171). - btrfs: deal with existing encompassing extent map in btrfs_get_extent() (bsc#1001171). - btrfs: do an allocation earlier during snapshot creation (bsc#1012452). - btrfs: do not create or leak aliased root while cleaning up orphans (bsc#994881). - btrfs: do not leave dangling dentry if symlink creation failed (bsc#1012452). - btrfs: do not use slab cache for struct btrfs_delalloc_work (bsc#1012452). - btrfs: drop duplicate prefix from scrub workqueues (bsc#1012452). - btrfs: drop unused parameter from lock_extent_bits (bsc#1012452). - btrfs: Enhance chunk validation check (bsc#1012452). - btrfs: Enhance super validation check (bsc#1012452). - btrfs: Ensure proper sector alignment for btrfs_free_reserved_data_space (bsc#1005666). - btrfs: Expoert and move leaf/subtree qgroup helpers to qgroup.c (bsc983087, bsc986255). - btrfs: fix incremental send failure caused by balance (bsc#985850). - btrfs: fix locking bugs when defragging leaves (bsc#1012452). - btrfs: fix memory leaks after transaction is aborted (bsc#1012452). - btrfs: fix output of compression message in btrfs_parse_options() (bsc#1012452). - btrfs: fix race between free space endio workers and space cache writeout (bsc#1012452). - btrfs: fix races on root_log_ctx lists (bsc#1007653). - btrfs: fix race when finishing dev replace leading to transaction abort (bsc#1012452). - btrfs: fix relocation incorrectly dropping data references (bsc#990384). - btrfs: fix typo in log message when starting a balance (bsc#1012452). - btrfs: fix unprotected list operations at btrfs_write_dirty_block_groups (bsc#1012452). - btrfs: handle quota reserve failure properly (bsc#1005666). - btrfs: make btrfs_close_one_device static (bsc#1012452). - btrfs: make clear_extent_bit helpers static inline (bsc#1012452). - btrfs: make clear_extent_buffer_uptodate return void (bsc#1012452). - btrfs: make end_extent_writepage return void (bsc#1012452). - btrfs: make extent_clear_unlock_delalloc return void (bsc#1012452). - btrfs: make extent_range_clear_dirty_for_io return void (bsc#1012452). - btrfs: make extent_range_redirty_for_io return void (bsc#1012452). - btrfs: make lock_extent static inline (bsc#1012452). - btrfs: make set_extent_bit helpers static inline (bsc#1012452). - btrfs: make set_extent_buffer_uptodate return void (bsc#1012452). - btrfs: make set_range_writeback return void (bsc#1012452). - btrfs: preallocate path for snapshot creation at ioctl time (bsc#1012452). - btrfs: put delayed item hook into inode (bsc#1012452). - btrfs: qgroup: Add comments explaining how btrfs qgroup works (bsc983087, bsc986255). - btrfs: qgroup: Fix qgroup data leaking by using subtree tracing (bsc983087, bsc986255). - btrfs: qgroup: Rename functions to make it follow reserve, trace, account steps (bsc983087, bsc986255). - btrfs: remove a trivial helper btrfs_set_buffer_uptodate (bsc#1012452). - btrfs: remove root_log_ctx from ctx list before btrfs_sync_log returns (bsc#1007653). - btrfs: remove unused inode argument from uncompress_inline() (bsc#1012452). - btrfs: remove wait from struct btrfs_delalloc_work (bsc#1012452). - btrfs: send, do not bug on inconsistent snapshots (bsc#985850). - btrfs: sink parameter wait to btrfs_alloc_delalloc_work (bsc#1012452). - btrfs: Support convert to -d dup for btrfs-convert (bsc#1012452). - btrfs: Update patches.suse/btrfs-8401-fix-qgroup-accounting-when-creating-snap.patch (bsc#972993). - btrfs: use GFP_KERNEL for allocations in ioctl handlers (bsc#1012452). - btrfs: use GFP_KERNEL for allocations of workqueues (bsc#1012452). - btrfs: use GFP_KERNEL for xattr and acl allocations (bsc#1012452). - btrfs: use smaller type for btrfs_path locks (bsc#1012452). - btrfs: use smaller type for btrfs_path lowest_level (bsc#1012452). - btrfs: use smaller type for btrfs_path reada (bsc#1012452). - btrfs: verbose error when we find an unexpected item in sys_array (bsc#1012452). - config: i2c: Enable CONFIG_I2C_DESIGNWARE_PLATFORM and *_BAYTRAIL (bsc#1010690) Realtek codecs on CHT platform require this i2c bus driver. - config: select new CONFIG_SND_SOC_INTEL_SST_* helpers - config: Update config files. (boo#1012094) - config: Update config files (bsc#1009454) Do not set CONFIG_EFI_SECURE_BOOT_SECURELEVEL in x86_64/default and x86_64/debug. We do not need to set CONFIG_EFI_SECURE_BOOT_SECURELEVEL in openSUSE kernel because openSUSE does not enable kernel module signature check (bsc#843661). Without kernel module signature check, the root account is allowed to load arbitrary kernel module to kernel space. Then lock functions by securelevel is pointless. - cxgbi: fix uninitialized flowi6 (bsc#963904 FATE#320115). - Delete patches.fixes/Add-a-missed-complete-in-iscsit_close_connection.patch. remove patch Add-a-missed-complete-in-iscsit_close_connection.patch add bsc#997807 bsc#992555 in patch-4.4.27-28 references - dell-laptop: Fixate rfkill work on CPU#0 (bsc#1004052). - dell-wmi: Check if Dell WMI descriptor structure is valid (bsc#1004052). - dell-wmi: Clean up hotkey table size check (bsc#1004052). - dell-wmi: Ignore WMI event code 0xe045 (bsc#1004052). - dell-wmi: Improve unknown hotkey handling (bsc#1004052). - dell-wmi: Process only one event on devices with interface version 0 (bsc#1004052). - dell-wmi: Stop storing pointers to DMI tables (bsc#1004052). - dell-wmi: Support new hotkeys on the XPS 13 9350 (Skylake) (bsc#1004052). - dell_wmi: Use a C99-style array for bios_to_linux_keycode (bsc#1004052). - drm/i915: Add missing ring_mask to Pineview (bsc#1005917). - drm/i915: Calculate watermark related members in the crtc_state, v4 (bsc#1011176). - drm/i915/ivb: Move WaCxSRDisabledForSpriteScaling w/a to atomic check (bsc#1011176). - drm/i915: Move disable_cxsr to the crtc_state (bsc#1011176). - drm/mgag200: fix error return code in mgag200fb_create() (bsc#1005917). - drm/radeon: Also call cursor_move_locked when the cursor size changes (bsc#1000433). - drm/radeon: Always store CRTC relative radeon_crtc->cursor_x/y values (bsc#1000433). - drm/radeon: Ensure vblank interrupt is enabled on DPMS transition to on (bsc#998054) - drm/radeon: Hide the HW cursor while it's out of bounds (bsc#1000433). - drm/radeon: Switch to drm_vblank_on/off (bsc#998054). - Drop kernel-obs-qa-xen unconditionally (bsc#1010040) The IBS cannot build it, even if there is a xen-capable kernel-obs-build. - edac/mce_amd: Add missing SMCA error descriptions (fate#320474, bsc#1013700). - edac/mce_amd: Use SMCA prefix for error descriptions arrays (fate#320474, bsc#1013700). - efi/runtime-wrappers: Add {__,}efi_call_virt() templates (bsc#1005745). - efi/runtime-wrappers: Detect firmware IRQ flag corruption (bsc#1005745). - efi/runtime-wrappers: Remove redundant #ifdefs (bsc#1005745). - ext4: fix data exposure after a crash (bsc#1012829). - fs, block: force direct-I/O for dax-enabled block devices (bsc#1012992). - fs/cifs: cifs_get_root shouldn't use path with tree name (bsc#963655, bsc#979681). - fs/cifs: Compare prepaths when comparing superblocks (bsc#799133). - fs/cifs: Fix memory leaks in cifs_do_mount() (bsc#799133). - fs/cifs: Move check for prefix path to within cifs_get_root() (bsc#799133). - fuse: Fixup buggy conflict resolution in patches.fixes/fuse-Propagate-dentry-down-to-inode_change_ok.patch. - genirq: Add untracked irq handler (bsc#1006827). - genirq: Use a common macro to go through the actions list (bsc#1006827). - gre: Disable segmentation offloads w/ CSUM and we are encapsulated via FOU (bsc#1001486). - gro: Allow tunnel stacking in the case of FOU/GUE (bsc#1001486). - hpsa: fallback to use legacy REPORT PHYS command (bsc#1006175). - hpsa: use bus '3' for legacy HBA devices (bsc#1010665). - hpsa: use correct DID_NO_CONNECT hostbyte (bsc#1010665). - hv: do not lose pending heartbeat vmbus packets (bnc#1006918). - i2c: designware-baytrail: Work around Cherry Trail semaphore errors (bsc#1011913). - i2c: xgene: Avoid dma_buffer overrun (bsc#1006576). - i40e: fix an uninitialized variable bug (bsc#969476 FATE#319648). - i40e: fix broken i40e_config_rss_aq function (bsc#969476 FATE#319648 bsc#969477 FATE#319816). - i40e: Remove redundant memset (bsc#969476 FATE#319648 bsc#969477 FATE#319816). - i810: Enable Intel i810 audio driver used in OpenQA VMs. - Import kabi files for x86_64/default from 4.4.27-2.1 - iommu/arm-smmu: Add support for 16 bit VMID (fate#319978). - iommu/arm-smmu: Workaround for ThunderX erratum #27704 (fate#319978). - ipmi_si: create hardware-independent softdep for ipmi_devintf (bsc#1009062). - kABI: protect struct mmc_packed (kabi). - kABI: protect struct mmc_packed (kabi). - kABI: reintroduce sk_filter (kabi). - kABI: reintroduce strtobool (kabi). - kABI: reintroduce strtobool (kabi). - kABI: restore ip_cmsg_recv_offset parameters (kabi). - kabi/severities: Ignore kABI for asoc Intel SST drivers (bsc#1010690) These drivers are self-contained, not for 3rd party drivers. - kernel-module-subpackage: Properly quote flavor in expressions That fixes a parse error if the flavor starts with a digit or contains other non-alphabetic characters. - kgr: ignore zombie tasks during the patching (bnc#1008979). - md/raid1: fix: IO can block resync indefinitely (bsc#1001310). - mm: do not use radix tree writeback tags for pages in swap cache (bnc#971975 VM performance -- swap). - mm/filemap: generic_file_read_iter(): check for zero reads unconditionally (bnc#1007955). - mm/mprotect.c: do not touch single threaded PTEs which are on the right node (bnc#971975 VM performance -- numa balancing). - net/mlx5: Add ConnectX-5 PCIe 4.0 to list of supported devices (bsc#1006809). - net: sctp, forbid negative length (bnc#1005921). - netvsc: fix incorrect receive checksum offloading (bnc#1006915). - overlayfs: allow writing on read-only btrfs subvolumes (bsc#1010158) - pci/ACPI: Allow all PCIe services on non-ACPI host bridges (bsc#1006827). - pci: Allow additional bus numbers for hotplug bridges (bsc#1006827). - pci: correctly cast mem_base in pci_read_bridge_mmio_pref() (bsc#1001888). - pci: pciehp: Allow exclusive userspace control of indicators (bsc#1006827). - pci: Remove return values from pcie_port_platform_notify() and relatives (bsc#1006827). - perf/x86: Add perf support for AMD family-17h processors (fate#320473). - powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813). - proc: much faster /proc/vmstat (bnc#971975 VM performance -- vmstat). - qede: Correctly map aggregation replacement pages (bsc#966318 FATE#320158 bsc#966316 FATE#320159). - qed: FLR of active VFs might lead to FW assert (bsc#966318 FATE#320158 bsc#966316 FATE#320159). - Reformat spec files according to the format_spec_file osc helper - Replace patches.kabi/kabi-hide-new-member-recursion_counter-in-struct-sk_.patch by patches.kabi/kabi-hide-bsc-1001486-changes-in-struct-napi_gro_cb.patch - Revert "ACPI / LPSS: allow to use specific PM domain during ->probe()" (bsc#1005917). - Revert "fix minor infoleak in get_user_ex()" (p.k.o). - REVERT fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681) - Revert "x86/mm: Expand the exception table logic to allow new handling options" (p.k.o). - rpm/config.sh: Build against SP2 in the OBS as well - rpm/constraints.in: increase disk for kernel-syzkaller The kernel-syzkaller build now consumes around 30G. This causes headache in factory where the package rebuilds over and over. Require 35G disk size to successfully build the flavor. - rpm/kernel-binary.spec.in: Build the -base package unconditionally (bsc#1000118) - rpm/kernel-binary.spec.in: Do not create KMPs with CONFIG_MODULES=n - rpm/kernel-binary.spec.in: Only build -base and -extra with CONFIG_MODULES (bsc#1000118) - rpm/kernel-binary.spec.in: Simplify debug info switch Any CONFIG_DEBUG_INFO sub-options are answered in the configs nowadays. - rpm/kernel-spec-macros: Ignore too high rebuild counter (bsc#1012060) - rpm/mkspec: Read a default release string from rpm/config.sh (bsc997059) - rpm/package-descriptions: Add 64kb kernel flavor description - rpm/package-descriptions: add kernel-syzkaller - rpm/package-descriptions: pv has been merged into -default (fate#315712) - rpm/package-descriptions: the flavor is 64kb, not 64k - sched/core: Optimize __schedule() (bnc#978907 Scheduler performance -- context switch). - sched/fair: Optimize find_idlest_cpu() when there is no choice (bnc#978907 Scheduler performance -- idle search). - supported.conf: Add overlay.ko to -base (fate#321903) Also, delete the stale entry for the old overlayfs. - supported.conf: Mark vmx-crypto as supported (fate#319564) - tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#963609 FATE#320143). - usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615). - Whitelist KVM KABI changes resulting from adding a hcall. caused by 5246adec59458b5d325b8e1462ea9ef3ead7f6ae powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec No problem is expected as result of changing KVM KABI so whitelisting for now. If we get some additional input from IBM we can back out the patch. - writeback: initialize inode members that track writeback history (bsc#1012829). - x86/apic: Order irq_enter/exit() calls correctly vs. ack_APIC_irq() (bsc#1013479). - x86/efi: Enable runtime call flag checking (bsc#1005745). - x86/efi: Move to generic {__,}efi_call_virt() (bsc#1005745). - x86/mce/AMD, EDAC/mce_amd: Define and use tables for known SMCA IP types (fate#320474, bsc#1013700). Exclude removed symbols from kABI check. They're AMD Zen relevant only and completely useless to other modules - only edac_mce_amd.ko. - x86/mce/AMD: Increase size of the bank_map type (fate#320474, bsc#1013700). - x86/mce/AMD: Read MSRs on the CPU allocating the threshold blocks (fate#320474, bsc#1013700). - x86/mce/AMD: Update sysfs bank names for SMCA systems (fate#320474, bsc#1013700). - x86/mce/AMD: Use msr_ops.misc() in allocate_threshold_blocks() (fate#320474, bsc#1013700). - x86/PCI: VMD: Attach VMD resources to parent domain's resource tree (bsc#1006827). - x86/PCI: VMD: Document code for maintainability (bsc#1006827). - x86/PCI: VMD: Fix infinite loop executing irq's (bsc#1006827). - x86/PCI: VMD: Initialize list item in IRQ disable (bsc#1006827). - x86/PCI: VMD: Request userspace control of PCIe hotplug indicators (bsc#1006827). - x86/PCI: VMD: Select device dma ops to override (bsc#1006827). - x86/PCI: VMD: Separate MSI and MSI-X vector sharing (bsc#1006827). - x86/PCI: VMD: Set bus resource start to 0 (bsc#1006827). - x86/PCI: VMD: Use lock save/restore in interrupt enable path (bsc#1006827). - x86/PCI/VMD: Use untracked irq handler (bsc#1006827). - x86/PCI: VMD: Use x86_vector_domain as parent domain (bsc#1006827). - xen/gntdev: Use VM_MIXEDMAP instead of VM_IO to avoid NUMA balancing (bnc#1005169). - zram: Fix unbalanced idr management at hot removal (bsc#1010970). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2016-1426=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (noarch): kernel-devel-4.4.36-5.1 kernel-docs-4.4.36-5.3 kernel-docs-html-4.4.36-5.3 kernel-docs-pdf-4.4.36-5.3 kernel-macros-4.4.36-5.1 kernel-source-4.4.36-5.1 kernel-source-vanilla-4.4.36-5.1 - openSUSE Leap 42.2 (x86_64): kernel-debug-4.4.36-5.1 kernel-debug-base-4.4.36-5.1 kernel-debug-base-debuginfo-4.4.36-5.1 kernel-debug-debuginfo-4.4.36-5.1 kernel-debug-debugsource-4.4.36-5.1 kernel-debug-devel-4.4.36-5.1 kernel-debug-devel-debuginfo-4.4.36-5.1 kernel-default-4.4.36-5.1 kernel-default-base-4.4.36-5.1 kernel-default-base-debuginfo-4.4.36-5.1 kernel-default-debuginfo-4.4.36-5.1 kernel-default-debugsource-4.4.36-5.1 kernel-default-devel-4.4.36-5.1 kernel-obs-build-4.4.36-5.1 kernel-obs-build-debugsource-4.4.36-5.1 kernel-obs-qa-4.4.36-5.1 kernel-syms-4.4.36-5.1 kernel-vanilla-4.4.36-5.1 kernel-vanilla-base-4.4.36-5.1 kernel-vanilla-base-debuginfo-4.4.36-5.1 kernel-vanilla-debuginfo-4.4.36-5.1 kernel-vanilla-debugsource-4.4.36-5.1 kernel-vanilla-devel-4.4.36-5.1 References: https://www.suse.com/security/cve/CVE-2015-1350.html https://www.suse.com/security/cve/CVE-2015-8964.html https://www.suse.com/security/cve/CVE-2016-7042.html https://www.suse.com/security/cve/CVE-2016-7913.html https://www.suse.com/security/cve/CVE-2016-7917.html https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-8666.html https://www.suse.com/security/cve/CVE-2016-9083.html https://www.suse.com/security/cve/CVE-2016-9084.html https://www.suse.com/security/cve/CVE-2016-9555.html https://www.suse.com/security/cve/CVE-2016-9794.html https://bugzilla.suse.com/1000118 https://bugzilla.suse.com/1000433 https://bugzilla.suse.com/1001171 https://bugzilla.suse.com/1001310 https://bugzilla.suse.com/1001486 https://bugzilla.suse.com/1001888 https://bugzilla.suse.com/1003813 https://bugzilla.suse.com/1004052 https://bugzilla.suse.com/1004365 https://bugzilla.suse.com/1004517 https://bugzilla.suse.com/1005169 https://bugzilla.suse.com/1005666 https://bugzilla.suse.com/1005745 https://bugzilla.suse.com/1005917 https://bugzilla.suse.com/1005921 https://bugzilla.suse.com/1005925 https://bugzilla.suse.com/1005929 https://bugzilla.suse.com/1006175 https://bugzilla.suse.com/1006576 https://bugzilla.suse.com/1006809 https://bugzilla.suse.com/1006827 https://bugzilla.suse.com/1006915 https://bugzilla.suse.com/1006918 https://bugzilla.suse.com/1007197 https://bugzilla.suse.com/1007615 https://bugzilla.suse.com/1007653 https://bugzilla.suse.com/1007955 https://bugzilla.suse.com/1008831 https://bugzilla.suse.com/1008979 https://bugzilla.suse.com/1009062 https://bugzilla.suse.com/1009454 https://bugzilla.suse.com/1010040 https://bugzilla.suse.com/1010158 https://bugzilla.suse.com/1010444 https://bugzilla.suse.com/1010478 https://bugzilla.suse.com/1010507 https://bugzilla.suse.com/1010665 https://bugzilla.suse.com/1010690 https://bugzilla.suse.com/1010970 https://bugzilla.suse.com/1011176 https://bugzilla.suse.com/1011685 https://bugzilla.suse.com/1011913 https://bugzilla.suse.com/1012060 https://bugzilla.suse.com/1012094 https://bugzilla.suse.com/1012452 https://bugzilla.suse.com/1012477 https://bugzilla.suse.com/1012754 https://bugzilla.suse.com/1012767 https://bugzilla.suse.com/1012829 https://bugzilla.suse.com/1012992 https://bugzilla.suse.com/1013479 https://bugzilla.suse.com/1013533 https://bugzilla.suse.com/1013700 https://bugzilla.suse.com/799133 https://bugzilla.suse.com/843661 https://bugzilla.suse.com/914939 https://bugzilla.suse.com/954986 https://bugzilla.suse.com/963609 https://bugzilla.suse.com/963655 https://bugzilla.suse.com/963904 https://bugzilla.suse.com/964462 https://bugzilla.suse.com/966186 https://bugzilla.suse.com/966191 https://bugzilla.suse.com/966316 https://bugzilla.suse.com/966318 https://bugzilla.suse.com/966325 https://bugzilla.suse.com/969476 https://bugzilla.suse.com/969477 https://bugzilla.suse.com/971975 https://bugzilla.suse.com/972993 https://bugzilla.suse.com/974313 https://bugzilla.suse.com/978907 https://bugzilla.suse.com/979681 https://bugzilla.suse.com/983087 https://bugzilla.suse.com/983318 https://bugzilla.suse.com/985850 https://bugzilla.suse.com/986255 https://bugzilla.suse.com/987805 https://bugzilla.suse.com/990384 https://bugzilla.suse.com/991414 https://bugzilla.suse.com/992555 https://bugzilla.suse.com/993739 https://bugzilla.suse.com/994881 https://bugzilla.suse.com/995278 https://bugzilla.suse.com/997059 https://bugzilla.suse.com/997807 https://bugzilla.suse.com/998054 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Samsung SSD750 EVO 500GB Review ------------------------------------------------------------ http://us2.campaign-archive1.com/?u=bfb2b902b5fb045ad6f841f98&id=c6315f2241&e=872093acb5 http://www.kitguru.net Samsung SSD750 EVO 500GB Review The one thing that was missing from Samsung’s range of SSD’s was a low price value oriented drive. This has been rectified by the arrival of the SSD750 EVO product line. To keep production costs and therefore the cost of the drive down, Samsung has forsaken the 3D V-NAND of the last few drive ranges and gone back to 2D Planer NAND. Read the review here: http://www.kitguru.net/components/ssd-drives/simon-crisp/samsung-ssd750-evo-500gb-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=c6315f2241&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

TITLE: Cooler Master MasterBox 5T Review ( -at -) Vortez CONTENT: The MasterBox 5T is a mid-tower chassis which delivers a two-tone design with support for the latest PC components. Inside, there is a spacious layout which lends itself to being able to host flagship air CPU coolers and high-performance graphics cards. Cooler Master also include two 120mm fans which utilise a two-speed fan controller. LINK: http://www.vortez.net/review.php?id=1243 ---------------------------------------------------------------------------- -------------------- Please post this news item in your news section. Thank you.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, We have past the 5th of December and all migrations delays are now 10 days by default as announced in [1]. Should your upload to unstable include security fixes or fixes for severe bugs, we file an unblock bug asking for us to lower the required age. Future milestone dates in the stretch freeze ============================================ This is the second of four milestones for the stretch freeze[2]. The Release Team maintains a calendar of these at [3] along with other important dates. The next milestones are (in order): Jan 5: soft freeze - ------------------ Deadline for: * New (source) packages in stretch * Letting packages re-enter stretch (if they have been removed) Updates to existing packages in stretch will continue as normal. Remember: * New packages must be in testing before January 5th. * With the mandatory 10-day delay, the latest day for the upload is /at least/ 10 days earlier. * Delays caused by RC bugs (even in other packages), lazy FTP-masters or a long NEW queue (etc.) are *not* an excuse to be late. Feb 5: Full freeze - ------------------ Freeze for stretch: * All changes to stretch will require approval. * Use "reportbug release.debian.org" for requesting unblocks. Remember: * Uploaded changes must be in testing before February 5th * With the mandatory 10-day delay, the latest day for the upload is /at least/ 10 days earlier. * Delays caused by RC bugs other packages, slow buildds, "C-x M-c M-butterfly" (etc.) are *not* an excuse to be late. You can also find the dates and their descriptions in our calendar[3]. We will keep you updated as the freeze progresses. For the Release Team, Emilio and Niels [1] https://lists.debian.org/debian-devel-announce/2016/07/msg00002.html [2] https://release.debian.org/#release-dates [3] https://release.debian.org/release-calendar.ics -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsxMaRR2/33ygW0GXBUu7n32AZEIFAlhJCNUACgkQBUu7n32A ZEI6iA/+Jt4DJBpoDbCQzSpq/RAheG3jvkozOabYlpg/h6EesPFZJsVa6Vxa5qRZ Cqbip5VnDhSbhBCpFQ+kLLL9zUS2sx0RxPju1IDlm4KEb3P8RgPfPTR6S2ztjTw6 8zOcfBKKOMHvenvetw5chLIMdcaCxBF6giI+X7PmNI9OfnC4TC+OU24bcWUMTEYI JVMq0FC/IyuQTc9cWMnKMbQlzpbHWMlem4I7Fb7IxmaI3E4PDRsA4gH39jjwk/L3 PHYSuhmXJlAoIDumD/PPR3sKWkVti70NEphjjxQS8l9k8MRp4eWm7dea7jyjH2PR wgeibH7Nd1BHF2g52GT5hlPXkh24+hNFA77bxKaw90e9Uh7niDaZjfz2CpGuDgsb HAzY/R+jXMALYVk0G6PkCqRWotgeHM9u53Y8KCajBsZJnkQdmcI9lUebbDfoQqij s1kCsVzfd0DuQuY+gtt0g18RI+KFSy8aK72QOs2Sfwfbo0ZC5qioLm2XA6GjHNjq L7/Li5AitXbc1gpdc772u6KydKg4Myp2RvdzAW5Ch00XV+8yGJqW8qdblUMZZgQB NltDlA33P/zvZbLm0EfoqDpG/85xPitIfT8/3YPTBUkA3twu0Ydg+TJ55E5wzk6R LsZxR32soCITeXkuSeek1E1nnnV54MpNwF8VdaEaIAKJ1bX6fx8= =0UzJ -----END PGP SIGNATURE-----

A news post would be great. OCC has published a review on the MSI RX 480 Gaming X 8G Here is a quote from the review: Quote: â€ÂWhen you look at the work MSI has done over the past several years to put the MSI Gaming brand out into the market, it is interesting to see that work bare fruit. Looking at the performance curve of the RX 480 Gaming X 8G, I found that the card does what is expected of it and more. A custom PCB using an all-digital VRM built around MSI's Military Class IV companents allow the card to run more efficiently while delivering a high level of performance for the installed hardware. The RX 480 Gaming X 8G is a factory overclocked video card. No surprises there! As a factory overclocked card, it is equipped with a boosted clock speed that is not the highest available on the market. That being said, it also retains that clock speed under load without throttling due to a thermal or current induced spike. This was a problem I saw while working with the Red Devil RX 480 that I have not seen on either of the MSI RX series cards I have tested.†Title: MSI RX 480 Gaming X 8G Review Link: http://www.overclockersclub.com/reviews/msi_rx_480_gaming_x_8g/ Img: http://www.overclockersclub.com/siteimages/articles/msi_rx_480_gaming_x_8g/5_thumb.jpg

Title: Christmas 2016 Mega Worldwide Giveaway ( -at -) NikKTech Description: It may has taken longer than usual (6 days to be exact) but our annual Christmas Worldwide Giveaway is now live with a grand total of 64 prizes by 25 sponsors worth well over 6000Eur. Merry Christmas Everyone ! Article Link: http://www.nikktech.com/main/contests/7230-67-christmas-2016-mega-worldwide- giveaway Image Link: http://www.nikktech.com/main/images/pics/contests/christmas_2016/christmas_2 017a.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: openstack-cinder and openstack-glance security update Advisory ID: RHSA-2016:2923-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2923.html Issue date: 2016-12-07 CVE Names: CVE-2015-5162 ===================================================================== 1. Summary: Updated openstack-cinder and openstack-glance packages that fix one security issue are now available for Red Hat OpenStack Platform 9.0 (Mitaka). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 9.0 - noarch 3. Description: OpenStack Block Storage (cinder) manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes. In addition, Block Storage supports volume backups, and snapshots for temporary save and restore operations. Programatic management is available via Block Storage's API. OpenStack Image service (glance) provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. Security Fix(es): * A resource vulnerability in the Block Storage (cinder) and Image (glance) services was found in their use of qemu-img. An unprivileged user could consume as much as 4 GB of RAM on the compute host by uploading a malicious image. This flaw could lead possibly to host out-of-memory errors and negatively affect other running tenant instances. (CVE-2015-5162) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1268303 - CVE-2015-5162 openstack-nova/glance/cinder: Malicious image may exhaust resources 1380842 - Creating Encrypted Volumes with Cinder(Ceph backend) gives false positive 1381283 - cinder-api lost SSL in oslo.service wsgi move for Mitaka 1381350 - qemu-img calls need to be restricted by ulimit 1386253 - NetApp Cinder driver: cloning operations are unsuccessful 6. Package List: Red Hat OpenStack Platform 9.0: Source: openstack-cinder-8.1.1-4.el7ost.src.rpm openstack-glance-12.0.0-2.el7ost.src.rpm noarch: openstack-cinder-8.1.1-4.el7ost.noarch.rpm openstack-glance-12.0.0-2.el7ost.noarch.rpm python-cinder-8.1.1-4.el7ost.noarch.rpm python-cinder-tests-8.1.1-4.el7ost.noarch.rpm python-glance-12.0.0-2.el7ost.noarch.rpm python-glance-tests-12.0.0-2.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-5162 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYSJNBXlSAg2UNWIIRAqseAJ9mS4L+3LpgAhLLJ+F3q3o671xO3ACfVwIo b923YWt9AfVmMqyeioV/WMM= =Sj+Y -----END PGP SIGNATURE----- --