Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: atomic-openshift security and bug fix update Advisory ID: RHSA-2016:2915-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2016:2915 Issue date: 2016-12-07 CVE Names: CVE-2016-8651 ===================================================================== 1. Summary: An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.1, 3.2, and 3.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenShift Container Platform 3.3 - noarch, x86_64 Red Hat OpenShift Enterprise 3.1 - noarch, x86_64 Red Hat OpenShift Enterprise 3.2 - noarch, x86_64 3. Description: Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform releases 3.3.1.7, 3.2.1.21, and 3.1.1.10. See the following advisory for the container images for these releases: https://access.redhat.com/errata/RHBA-2016:2916 Security Fix(es): * An input validation flaw was found in the way OpenShift handles requests for images. A user, with a copy of the manifest associated with an image, can pull an image even if they do not have access to the image normally, resulting in the disclosure of any information contained within the image. (CVE-2016-8651) Bug Fix(es) for OpenShift Container Platform 3.3: * Previously when rapidly up[censored] multiple namespaces controlled by a single ClusterResourceQuota, the status.total.used can get out of sync with the sum of the status.namespaces[*].used. This bug fix ensures the ClusterResourceQuota objects are properly updated. (BZ#1400200) * When using the `oc new-app --search` command in an environment where OpenShift Container Platform (OCP) could not reach Docker Hub, the command failed for any query. OCP now prints a warning and continues with what was found in other sources. (BZ#1388524) * The OpenShift Container Platform node daemon did not recover properly from restarts, and it lost information about attached and mounted volumes. In rare cases, the daemon deleted all data on a mounted volume, thinking that it has been already unmounted while it was only missing its node's cache. This bug fix ensures node caches are recovered after restarts, and as a result no data loss occurs on the mounted volumes. (BZ#1398417) * Previously, ScheduledJobs were not cleaned up on project deletion. If a new project was created with the same project name, the previously-defined ScheduledJobs would re-appear. This bug fix ensures ScheduledJobs are removed when a project is removed. (BZ#1399700) Bug Fix(es) for OpenShift Container Platform 3.2: * When using the `oc new-app --search` command in an environment where OpenShift Container Platform (OCP) could not reach Docker Hub, the command failed for any query. OCP now prints a warning and continues with what was found in other sources. (BZ#1388522) All OpenShift Container Platform users are advised to upgrade to these updated packages and images. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To apply this update, see the following cluster upgrade documentation that relates to your installed version of OpenShift Container Platform. For OpenShift Container Platform 3.3: https://docs.openshift.com/container-platform/3.3/install_config/upgrading/ automated_upgrades.html#upgrading-to-ocp-3-3-asynchronous-releases For OpenShift Container Platform 3.2: https://docs.openshift.com/enterprise/3.2/install_config/upgrading/automate d_upgrades.html#upgrading-to-openshift-enterprise-3-2-asynchronous-releases For OpenShift Container Platform 3.1: https://docs.openshift.com/enterprise/3.1/install_config/upgrading/automate d_upgrades.html#upgrading-to-openshift-enterprise-3-1-asynchronous-releases 5. Bugs fixed (https://bugzilla.redhat.com/): 1388522 - [backport] (3.2) Failed to "oc new-app --search" at the offline environment disconnected to the Internet 1388524 - [backport] (3.3) Failed to "oc new-app --search" at the offline environment disconnected to the Internet 1397987 - CVE-2016-8651 OpenShift Enterprise 3: Pulling of any image is possible with it manifest 1398417 - Data from persistent volumes is wiped after a node service restart 1399700 - Scheduledjob not deleted when project has been deleted 1400200 - ClusterResourceQuota status total doesn't match sum of namespaces 6. Package List: Red Hat OpenShift Enterprise 3.1: Source: atomic-openshift-3.1.1.10-1.git.0.efeef8d.el7aos.src.rpm noarch: atomic-openshift-docker-excluder-3.1.1.10-1.git.0.efeef8d.el7aos.noarch.rpm atomic-openshift-excluder-3.1.1.10-1.git.0.efeef8d.el7aos.noarch.rpm x86_64: atomic-openshift-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm atomic-openshift-clients-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm atomic-openshift-clients-redistributable-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm atomic-openshift-dockerregistry-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm atomic-openshift-master-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm atomic-openshift-node-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm atomic-openshift-pod-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm atomic-openshift-recycle-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm atomic-openshift-sdn-ovs-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm tuned-profiles-atomic-openshift-node-3.1.1.10-1.git.0.efeef8d.el7aos.x86_64.rpm Red Hat OpenShift Enterprise 3.2: Source: atomic-openshift-3.2.1.21-1.git.0.4250771.el7.src.rpm noarch: atomic-openshift-docker-excluder-3.2.1.21-1.git.0.4250771.el7.noarch.rpm atomic-openshift-excluder-3.2.1.21-1.git.0.4250771.el7.noarch.rpm x86_64: atomic-openshift-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm atomic-openshift-clients-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm atomic-openshift-clients-redistributable-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm atomic-openshift-dockerregistry-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm atomic-openshift-master-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm atomic-openshift-node-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm atomic-openshift-pod-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm atomic-openshift-recycle-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm atomic-openshift-sdn-ovs-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm atomic-openshift-tests-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm tuned-profiles-atomic-openshift-node-3.2.1.21-1.git.0.4250771.el7.x86_64.rpm Red Hat OpenShift Container Platform 3.3: Source: atomic-openshift-3.3.1.7-1.git.0.0988966.el7.src.rpm noarch: atomic-openshift-docker-excluder-3.3.1.7-1.git.0.0988966.el7.noarch.rpm atomic-openshift-excluder-3.3.1.7-1.git.0.0988966.el7.noarch.rpm x86_64: atomic-openshift-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm atomic-openshift-clients-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm atomic-openshift-clients-redistributable-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm atomic-openshift-dockerregistry-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm atomic-openshift-master-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm atomic-openshift-node-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm atomic-openshift-pod-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm atomic-openshift-sdn-ovs-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm atomic-openshift-tests-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm tuned-profiles-atomic-openshift-node-3.3.1.7-1.git.0.0988966.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8651 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYSHjTXlSAg2UNWIIRAjf3AKCBVHwXqFQ1tRc9E1dxLeWvNn4TRQCfdZVu Jp/Zdi85OIL+aWxTUBx3Fwc= =RShg -----END PGP SIGNATURE----- --
  2. news
    SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3049-1 Rating: important References: #1008831 #1011685 #1012754 Cross-References: CVE-2016-8632 CVE-2016-8655 CVE-2016-9555 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise High Availability 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: The SUSE Linux Enterprise 12 SP2 kernel was updated to receive critical security fixes. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012754). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2016-1772=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2016-1772=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1772=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1772=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1772=1 - SUSE Linux Enterprise High Availability 12-SP2: zypper in -t patch SUSE-SLE-HA-12-SP2-2016-1772=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1772=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): kernel-default-debuginfo-4.4.21-84.1 kernel-default-debugsource-4.4.21-84.1 kernel-default-extra-4.4.21-84.1 kernel-default-extra-debuginfo-4.4.21-84.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): kernel-obs-build-4.4.21-84.1 kernel-obs-build-debugsource-4.4.21-84.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (noarch): kernel-docs-4.4.21-84.3 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): kernel-default-4.4.21-84.1 kernel-default-base-4.4.21-84.1 kernel-default-base-debuginfo-4.4.21-84.1 kernel-default-debuginfo-4.4.21-84.1 kernel-default-debugsource-4.4.21-84.1 kernel-default-devel-4.4.21-84.1 kernel-syms-4.4.21-84.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): kernel-devel-4.4.21-84.1 kernel-macros-4.4.21-84.1 kernel-source-4.4.21-84.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): kernel-default-4.4.21-84.1 kernel-default-base-4.4.21-84.1 kernel-default-base-debuginfo-4.4.21-84.1 kernel-default-debuginfo-4.4.21-84.1 kernel-default-debugsource-4.4.21-84.1 kernel-default-devel-4.4.21-84.1 kernel-syms-4.4.21-84.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): kernel-devel-4.4.21-84.1 kernel-macros-4.4.21-84.1 kernel-source-4.4.21-84.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-4_4_21-84-default-1-2.1 - SUSE Linux Enterprise High Availability 12-SP2 (ppc64le s390x x86_64): cluster-md-kmp-default-4.4.21-84.1 cluster-md-kmp-default-debuginfo-4.4.21-84.1 cluster-network-kmp-default-4.4.21-84.1 cluster-network-kmp-default-debuginfo-4.4.21-84.1 dlm-kmp-default-4.4.21-84.1 dlm-kmp-default-debuginfo-4.4.21-84.1 gfs2-kmp-default-4.4.21-84.1 gfs2-kmp-default-debuginfo-4.4.21-84.1 kernel-default-debuginfo-4.4.21-84.1 kernel-default-debugsource-4.4.21-84.1 ocfs2-kmp-default-4.4.21-84.1 ocfs2-kmp-default-debuginfo-4.4.21-84.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): kernel-default-4.4.21-84.1 kernel-default-debuginfo-4.4.21-84.1 kernel-default-debugsource-4.4.21-84.1 kernel-default-devel-4.4.21-84.1 kernel-default-extra-4.4.21-84.1 kernel-default-extra-debuginfo-4.4.21-84.1 kernel-syms-4.4.21-84.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): kernel-devel-4.4.21-84.1 kernel-macros-4.4.21-84.1 kernel-source-4.4.21-84.1 References: https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9555.html https://bugzilla.suse.com/1008831 https://bugzilla.suse.com/1011685 https://bugzilla.suse.com/1012754 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  3. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: chromium-browser security update Advisory ID: RHSA-2016:2919-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2919.html Issue date: 2016-12-07 CVE Names: CVE-2016-5203 CVE-2016-5204 CVE-2016-5205 CVE-2016-5206 CVE-2016-5207 CVE-2016-5208 CVE-2016-5209 CVE-2016-5210 CVE-2016-5211 CVE-2016-5212 CVE-2016-5213 CVE-2016-5214 CVE-2016-5215 CVE-2016-5216 CVE-2016-5217 CVE-2016-5218 CVE-2016-5219 CVE-2016-5220 CVE-2016-5221 CVE-2016-5222 CVE-2016-5223 CVE-2016-5224 CVE-2016-5225 CVE-2016-5226 CVE-2016-9650 CVE-2016-9651 CVE-2016-9652 ===================================================================== 1. Summary: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Chromium is an open-source web browser, powered by WebKit (Blink). This update upgrades Chromium to version 55.0.2883.75. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5203, CVE-2016-5204, CVE-2016-5205, CVE-2016-5206, CVE-2016-5207, CVE-2016-5208, CVE-2016-5209, CVE-2016-5210, CVE-2016-5211, CVE-2016-5212, CVE-2016-5213, CVE-2016-9651, CVE-2016-9652, CVE-2016-5214, CVE-2016-5215, CVE-2016-5216, CVE-2016-5217, CVE-2016-5218, CVE-2016-5219, CVE-2016-5220, CVE-2016-5221, CVE-2016-5222, CVE-2016-5223, CVE-2016-5224, CVE-2016-5225, CVE-2016-5226, CVE-2016-9650) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Chromium must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1400850 - CVE-2016-9651 chromium-browser: private property access in v8 1400851 - CVE-2016-5208 chromium-browser: universal xss in blink 1400852 - CVE-2016-5207 chromium-browser: universal xss in blink 1400853 - CVE-2016-5206 chromium-browser: same-origin bypass in pdfium 1400854 - CVE-2016-5205 chromium-browser: universal xss in blink 1400855 - CVE-2016-5204 chromium-browser: universal xss in blink 1400856 - CVE-2016-5209 chromium-browser: out of bounds write in blink 1400857 - CVE-2016-5203 chromium-browser: use after free in pdfium 1400859 - CVE-2016-5210 chromium-browser: out of bounds write in pdfium 1400861 - CVE-2016-5212 chromium-browser: local file disclosure in devtools 1400862 - CVE-2016-5211 chromium-browser: use after free in pdfium 1400863 - CVE-2016-5213 chromium-browser: use after free in v8 1400864 - CVE-2016-5214 chromium-browser: file download protection bypass 1400865 - CVE-2016-5216 chromium-browser: use after free in pdfium 1400866 - CVE-2016-5215 chromium-browser: use after free in webaudio 1400867 - CVE-2016-5217 chromium-browser: use of unvalidated data in pdfium 1400868 - CVE-2016-5218 chromium-browser: address spoofing in omnibox 1400869 - CVE-2016-5219 chromium-browser: use after free in v8 1400870 - CVE-2016-5221 chromium-browser: integer overflow in angle 1400871 - CVE-2016-5220 chromium-browser: local file access in pdfium 1400872 - CVE-2016-5222 chromium-browser: address spoofing in omnibox 1400873 - CVE-2016-9650 chromium-browser: csp referrer disclosure 1400875 - CVE-2016-5223 chromium-browser: integer overflow in pdfium 1400876 - CVE-2016-5226 chromium-browser: limited xss in blink 1400877 - CVE-2016-5225 chromium-browser: csp bypass in blink 1400878 - CVE-2016-5224 chromium-browser: same-origin bypass in svg 1400879 - CVE-2016-9652 chromium-browser: various fixes from internal audits 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: chromium-browser-55.0.2883.75-1.el6.i686.rpm chromium-browser-debuginfo-55.0.2883.75-1.el6.i686.rpm x86_64: chromium-browser-55.0.2883.75-1.el6.x86_64.rpm chromium-browser-debuginfo-55.0.2883.75-1.el6.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: chromium-browser-55.0.2883.75-1.el6.i686.rpm chromium-browser-debuginfo-55.0.2883.75-1.el6.i686.rpm x86_64: chromium-browser-55.0.2883.75-1.el6.x86_64.rpm chromium-browser-debuginfo-55.0.2883.75-1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: chromium-browser-55.0.2883.75-1.el6.i686.rpm chromium-browser-debuginfo-55.0.2883.75-1.el6.i686.rpm x86_64: chromium-browser-55.0.2883.75-1.el6.x86_64.rpm chromium-browser-debuginfo-55.0.2883.75-1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-5203 https://access.redhat.com/security/cve/CVE-2016-5204 https://access.redhat.com/security/cve/CVE-2016-5205 https://access.redhat.com/security/cve/CVE-2016-5206 https://access.redhat.com/security/cve/CVE-2016-5207 https://access.redhat.com/security/cve/CVE-2016-5208 https://access.redhat.com/security/cve/CVE-2016-5209 https://access.redhat.com/security/cve/CVE-2016-5210 https://access.redhat.com/security/cve/CVE-2016-5211 https://access.redhat.com/security/cve/CVE-2016-5212 https://access.redhat.com/security/cve/CVE-2016-5213 https://access.redhat.com/security/cve/CVE-2016-5214 https://access.redhat.com/security/cve/CVE-2016-5215 https://access.redhat.com/security/cve/CVE-2016-5216 https://access.redhat.com/security/cve/CVE-2016-5217 https://access.redhat.com/security/cve/CVE-2016-5218 https://access.redhat.com/security/cve/CVE-2016-5219 https://access.redhat.com/security/cve/CVE-2016-5220 https://access.redhat.com/security/cve/CVE-2016-5221 https://access.redhat.com/security/cve/CVE-2016-5222 https://access.redhat.com/security/cve/CVE-2016-5223 https://access.redhat.com/security/cve/CVE-2016-5224 https://access.redhat.com/security/cve/CVE-2016-5225 https://access.redhat.com/security/cve/CVE-2016-5226 https://access.redhat.com/security/cve/CVE-2016-9650 https://access.redhat.com/security/cve/CVE-2016-9651 https://access.redhat.com/security/cve/CVE-2016-9652 https://access.redhat.com/security/updates/classification/#important https://googlechromereleases.blogspot.com/2016/12/stable-channel-update-for-desktop.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYSGRcXlSAg2UNWIIRAiHmAJ9Nl7uHXgQUjZU81KybHyCCHmCi8QCgr8fs CEnkb1YITLftO/cJ3o/KLWA= =cu2B -----END PGP SIGNATURE----- --
  4. news
    SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3048-1 Rating: important References: #1012964 Cross-References: CVE-2016-9079 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for MozillaFirefox fixes security issues. The following vulnerabilities were fixed in Firefox ESR 45.5.1 (bbsc#1012964): - CVE-2016-9079: Use-after-free in SVG Animation could be used for code execution (MFSA 2016-92 bsc#1012964) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2016-1771=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1771=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2016-1771=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2016-1771=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1771=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1771=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2016-1771=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2016-1771=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1771=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): MozillaFirefox-debuginfo-45.5.1esr-93.1 MozillaFirefox-debugsource-45.5.1esr-93.1 MozillaFirefox-devel-45.5.1esr-93.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): MozillaFirefox-debuginfo-45.5.1esr-93.1 MozillaFirefox-debugsource-45.5.1esr-93.1 MozillaFirefox-devel-45.5.1esr-93.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): MozillaFirefox-45.5.1esr-93.1 MozillaFirefox-debuginfo-45.5.1esr-93.1 MozillaFirefox-debugsource-45.5.1esr-93.1 MozillaFirefox-translations-45.5.1esr-93.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): MozillaFirefox-45.5.1esr-93.1 MozillaFirefox-debuginfo-45.5.1esr-93.1 MozillaFirefox-debugsource-45.5.1esr-93.1 MozillaFirefox-translations-45.5.1esr-93.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): MozillaFirefox-45.5.1esr-93.1 MozillaFirefox-debuginfo-45.5.1esr-93.1 MozillaFirefox-debugsource-45.5.1esr-93.1 MozillaFirefox-translations-45.5.1esr-93.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): MozillaFirefox-45.5.1esr-93.1 MozillaFirefox-debuginfo-45.5.1esr-93.1 MozillaFirefox-debugsource-45.5.1esr-93.1 MozillaFirefox-translations-45.5.1esr-93.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): MozillaFirefox-45.5.1esr-93.1 MozillaFirefox-debuginfo-45.5.1esr-93.1 MozillaFirefox-debugsource-45.5.1esr-93.1 MozillaFirefox-translations-45.5.1esr-93.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): MozillaFirefox-45.5.1esr-93.1 MozillaFirefox-debuginfo-45.5.1esr-93.1 MozillaFirefox-debugsource-45.5.1esr-93.1 MozillaFirefox-translations-45.5.1esr-93.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): MozillaFirefox-45.5.1esr-93.1 MozillaFirefox-debuginfo-45.5.1esr-93.1 MozillaFirefox-debugsource-45.5.1esr-93.1 MozillaFirefox-translations-45.5.1esr-93.1 References: https://www.suse.com/security/cve/CVE-2016-9079.html https://bugzilla.suse.com/1012964 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  5. news
    SUSE Security Update: Security update for java-1_7_1-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3043-1 Rating: important References: #1009280 Cross-References: CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5597 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: This update for java-1_7_1-ibm fixes the following issues: - Version update to 7.1-3.60 (bsc#1009280) Fixing the following CVE's: CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, CVE-2016-5542 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2016-1770=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1770=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2016-1770=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2016-1770=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1770=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2016-1770=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (ppc64le s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr3.60-31.2 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr3.60-31.2 - SUSE Linux Enterprise Server for SAP 12 (x86_64): java-1_7_1-ibm-1.7.1_sr3.60-31.2 java-1_7_1-ibm-alsa-1.7.1_sr3.60-31.2 java-1_7_1-ibm-devel-1.7.1_sr3.60-31.2 java-1_7_1-ibm-jdbc-1.7.1_sr3.60-31.2 java-1_7_1-ibm-plugin-1.7.1_sr3.60-31.2 - SUSE Linux Enterprise Server 12-SP2 (ppc64le x86_64): java-1_7_1-ibm-1.7.1_sr3.60-31.2 java-1_7_1-ibm-jdbc-1.7.1_sr3.60-31.2 - SUSE Linux Enterprise Server 12-SP2 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr3.60-31.2 java-1_7_1-ibm-plugin-1.7.1_sr3.60-31.2 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr3.60-31.2 java-1_7_1-ibm-jdbc-1.7.1_sr3.60-31.2 - SUSE Linux Enterprise Server 12-SP1 (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr3.60-31.2 java-1_7_1-ibm-plugin-1.7.1_sr3.60-31.2 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): java-1_7_1-ibm-1.7.1_sr3.60-31.2 java-1_7_1-ibm-devel-1.7.1_sr3.60-31.2 java-1_7_1-ibm-jdbc-1.7.1_sr3.60-31.2 - SUSE Linux Enterprise Server 12-LTSS (x86_64): java-1_7_1-ibm-alsa-1.7.1_sr3.60-31.2 java-1_7_1-ibm-plugin-1.7.1_sr3.60-31.2 References: https://www.suse.com/security/cve/CVE-2016-5542.html https://www.suse.com/security/cve/CVE-2016-5554.html https://www.suse.com/security/cve/CVE-2016-5556.html https://www.suse.com/security/cve/CVE-2016-5568.html https://www.suse.com/security/cve/CVE-2016-5573.html https://www.suse.com/security/cve/CVE-2016-5597.html https://bugzilla.suse.com/1009280 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  6. news
    SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3044-1 Rating: important References: #1000106 #1000893 #1003030 #1003032 #1005004 #1005005 #1007157 #1009100 #1009103 #1009107 #1009109 #1009111 #1011652 #990843 Cross-References: CVE-2016-6351 CVE-2016-7777 CVE-2016-7908 CVE-2016-7909 CVE-2016-8667 CVE-2016-8669 CVE-2016-8910 CVE-2016-9379 CVE-2016-9380 CVE-2016-9381 CVE-2016-9382 CVE-2016-9383 CVE-2016-9386 CVE-2016-9637 Affected Products: SUSE Linux Enterprise Server 11-SP2-LTSS SUSE Linux Enterprise Debuginfo 11-SP2 ______________________________________________________________________________ An update that fixes 14 vulnerabilities is now available. Description: xen was updated to fix several security issues. These security issues were fixed: - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host (bsc#1011652). - CVE-2016-9386: x86 null segments were not always treated as unusable allowing an unprivileged guest user program to elevate its privilege to that of the guest operating system. Exploit of this vulnerability is easy on Intel and more complicated on AMD (bsc#1009100) - CVE-2016-9382: x86 task switch to VM86 mode was mis-handled, allowing a unprivileged guest process to escalate its privilege to that of the guest operating system on AMD hardware. On Intel hardware a malicious unprivileged guest process can crash the guest (bsc#1009103) - CVE-2016-9383: The x86 64-bit bit test instruction emulation was broken, allowing a guest to modify arbitrary memory leading to arbitray code execution (bsc#1009107) - CVE-2016-9381: Improper processing of shared rings allowing guest administrators take over the qemu process, elevating their privilege to that of the qemu process (bsc#1009109) - CVE-2016-9380: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111) - CVE-2016-9379: Delimiter injection vulnerabilities in pygrub allowed guest administrators to obtain the contents of sensitive host files or delete the files (bsc#1009111) - CVE-2016-7777: Xen did not properly honor CR0.TS and CR0.EM, which allowed local x86 HVM guest OS users to read or modify FPU, MMX, or XMM register state information belonging to arbitrary tasks on the guest by modifying an instruction while the hypervisor is preparing to emulate it (bsc#1000106) - CVE-2016-8910: The rtl8139_cplus_transmit function in hw/net/rtl8139.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) by leveraging failure to limit the ring descriptor count (bsc#1007157) - CVE-2016-8667: The rc4030_write function in hw/dma/rc4030.c in allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via a large interval timer reload value (bsc#1005004) - CVE-2016-8669: The serial_update_parameters function in hw/char/serial.c allowed local guest OS administrators to cause a denial of service (divide-by-zero error and QEMU process crash) via vectors involving a value of divider greater than baud base (bsc#1005005) - CVE-2016-7908: The mcf_fec_do_tx function in hw/net/mcf_fec.c did not properly limit the buffer descriptor count when transmitting packets, which allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via vectors involving a buffer descriptor with a length of 0 and crafted values in bd.flags (bsc#1003030) - CVE-2016-7909: The pcnet_rdra_addr function in hw/net/pcnet.c allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) by setting the (1) receive or (2) transmit descriptor ring length to 0 (bsc#1003032) - CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c, when built with ESP/NCR53C9x controller emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the host via vectors involving DMA read into ESP command buffer (bsc#990843) This non-security issue was fixed: - bsc#1000893: virsh setmem didn't allow to set current guest memory to max limit Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-xen-12874=1 - SUSE Linux Enterprise Debuginfo 11-SP2: zypper in -t patch dbgsp2-xen-12874=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 x86_64): xen-devel-4.1.6_08-32.1 xen-kmp-default-4.1.6_08_3.0.101_0.7.44-32.1 xen-kmp-trace-4.1.6_08_3.0.101_0.7.44-32.1 xen-libs-4.1.6_08-32.1 xen-tools-domU-4.1.6_08-32.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (x86_64): xen-4.1.6_08-32.1 xen-doc-html-4.1.6_08-32.1 xen-doc-pdf-4.1.6_08-32.1 xen-libs-32bit-4.1.6_08-32.1 xen-tools-4.1.6_08-32.1 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586): xen-kmp-pae-4.1.6_08_3.0.101_0.7.44-32.1 - SUSE Linux Enterprise Debuginfo 11-SP2 (i586 x86_64): xen-debuginfo-4.1.6_08-32.1 xen-debugsource-4.1.6_08-32.1 References: https://www.suse.com/security/cve/CVE-2016-6351.html https://www.suse.com/security/cve/CVE-2016-7777.html https://www.suse.com/security/cve/CVE-2016-7908.html https://www.suse.com/security/cve/CVE-2016-7909.html https://www.suse.com/security/cve/CVE-2016-8667.html https://www.suse.com/security/cve/CVE-2016-8669.html https://www.suse.com/security/cve/CVE-2016-8910.html https://www.suse.com/security/cve/CVE-2016-9379.html https://www.suse.com/security/cve/CVE-2016-9380.html https://www.suse.com/security/cve/CVE-2016-9381.html https://www.suse.com/security/cve/CVE-2016-9382.html https://www.suse.com/security/cve/CVE-2016-9383.html https://www.suse.com/security/cve/CVE-2016-9386.html https://www.suse.com/security/cve/CVE-2016-9637.html https://bugzilla.suse.com/1000106 https://bugzilla.suse.com/1000893 https://bugzilla.suse.com/1003030 https://bugzilla.suse.com/1003032 https://bugzilla.suse.com/1005004 https://bugzilla.suse.com/1005005 https://bugzilla.suse.com/1007157 https://bugzilla.suse.com/1009100 https://bugzilla.suse.com/1009103 https://bugzilla.suse.com/1009107 https://bugzilla.suse.com/1009109 https://bugzilla.suse.com/1009111 https://bugzilla.suse.com/1011652 https://bugzilla.suse.com/990843 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  7. news
    SUSE Security Update: Security update for java-1_6_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3040-1 Rating: important References: #1009280 Cross-References: CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5597 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Server 11-SP2-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: This update for java-1_6_0-ibm fixes the following issues: - Version update to 6.0-16.35 (bsc#1009280) fixing the following CVE's: CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, CVE-2016-5542 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-java-1_6_0-ibm-12872=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-java-1_6_0-ibm-12872=1 - SUSE Manager 2.1: zypper in -t patch sleman21-java-1_6_0-ibm-12872=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-java-1_6_0-ibm-12872=1 - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-java-1_6_0-ibm-12872=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-java-1_6_0-ibm-12872=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): java-1_6_0-ibm-1.6.0_sr16.35-78.2 java-1_6_0-ibm-devel-1.6.0_sr16.35-78.2 java-1_6_0-ibm-fonts-1.6.0_sr16.35-78.2 java-1_6_0-ibm-jdbc-1.6.0_sr16.35-78.2 java-1_6_0-ibm-plugin-1.6.0_sr16.35-78.2 - SUSE Manager Proxy 2.1 (x86_64): java-1_6_0-ibm-1.6.0_sr16.35-78.2 java-1_6_0-ibm-devel-1.6.0_sr16.35-78.2 java-1_6_0-ibm-fonts-1.6.0_sr16.35-78.2 java-1_6_0-ibm-jdbc-1.6.0_sr16.35-78.2 java-1_6_0-ibm-plugin-1.6.0_sr16.35-78.2 - SUSE Manager 2.1 (s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.35-78.2 java-1_6_0-ibm-devel-1.6.0_sr16.35-78.2 java-1_6_0-ibm-fonts-1.6.0_sr16.35-78.2 java-1_6_0-ibm-jdbc-1.6.0_sr16.35-78.2 - SUSE Manager 2.1 (x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.35-78.2 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.35-78.2 java-1_6_0-ibm-devel-1.6.0_sr16.35-78.2 java-1_6_0-ibm-fonts-1.6.0_sr16.35-78.2 java-1_6_0-ibm-jdbc-1.6.0_sr16.35-78.2 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.35-78.2 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.35-78.2 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64): java-1_6_0-ibm-1.6.0_sr16.35-78.2 java-1_6_0-ibm-devel-1.6.0_sr16.35-78.2 java-1_6_0-ibm-fonts-1.6.0_sr16.35-78.2 java-1_6_0-ibm-jdbc-1.6.0_sr16.35-78.2 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 x86_64): java-1_6_0-ibm-plugin-1.6.0_sr16.35-78.2 - SUSE Linux Enterprise Server 11-SP2-LTSS (i586): java-1_6_0-ibm-alsa-1.6.0_sr16.35-78.2 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): java-1_6_0-ibm-1.6.0_sr16.35-78.2 java-1_6_0-ibm-alsa-1.6.0_sr16.35-78.2 java-1_6_0-ibm-devel-1.6.0_sr16.35-78.2 java-1_6_0-ibm-fonts-1.6.0_sr16.35-78.2 java-1_6_0-ibm-jdbc-1.6.0_sr16.35-78.2 java-1_6_0-ibm-plugin-1.6.0_sr16.35-78.2 References: https://www.suse.com/security/cve/CVE-2016-5542.html https://www.suse.com/security/cve/CVE-2016-5554.html https://www.suse.com/security/cve/CVE-2016-5556.html https://www.suse.com/security/cve/CVE-2016-5568.html https://www.suse.com/security/cve/CVE-2016-5573.html https://www.suse.com/security/cve/CVE-2016-5597.html https://bugzilla.suse.com/1009280 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  8. news
    SUSE Security Update: Security update for java-1_7_1-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3041-1 Rating: important References: #1009280 Cross-References: CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5597 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that fixes 6 vulnerabilities is now available. Description: This update for java-1_7_1-ibm fixes the following issues: - Version update to 7.1-3.60 (bsc#1009280) fixing the following CVE's: CVE-2016-5568, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2016-5554, CVE-2016-5542 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-java-1_7_1-ibm-12873=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-java-1_7_1-ibm-12873=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ppc64 s390x x86_64): java-1_7_1-ibm-devel-1.7.1_sr3.60-19.2 - SUSE Linux Enterprise Server 11-SP4 (i586 ppc64 s390x x86_64): java-1_7_1-ibm-1.7.1_sr3.60-19.2 java-1_7_1-ibm-jdbc-1.7.1_sr3.60-19.2 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): java-1_7_1-ibm-alsa-1.7.1_sr3.60-19.2 java-1_7_1-ibm-plugin-1.7.1_sr3.60-19.2 References: https://www.suse.com/security/cve/CVE-2016-5542.html https://www.suse.com/security/cve/CVE-2016-5554.html https://www.suse.com/security/cve/CVE-2016-5556.html https://www.suse.com/security/cve/CVE-2016-5568.html https://www.suse.com/security/cve/CVE-2016-5573.html https://www.suse.com/security/cve/CVE-2016-5597.html https://bugzilla.suse.com/1009280 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  9. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Synology DS416j Surveillance Bundle Link: http://www.techpowerup.com/reviews/Synology/DS416j Brief: The combination of an affordable NAS like the Synology DS416j, along with a couple of good IP cameras and a pair of reliable HDDs can offer enhanced surveillance capabilities. Synology's Surveillance Station software plays a key role in this, since it is one of the most advanced surveillance apps.
  10. news
    Greetings, FESCo and Council elections are now open and we're looking for new candidates: https://fedoraproject.org/wiki/Elections For FESCo we have opened five seats: https://fedoraproject.org/wiki/Development/SteeringCommittee/Nominations For Council we have opened one seat: https://fedoraproject.org/wiki/Council/Nominations The Elections schedule is as follows: * December 06 - December 12: Nomination period open (closes promptly at 23:59 UTC on December 12th) * December 13 - January 09: Campaign period. Individual blog posts, etc. encouraged. We will also have an interview with answers published on the Fedora Community Blog. * January 10 - January 16: Voting open (closes promptly at 23:59 UTC on January 16th) * January 17: Results announcement The Campaign period has been prolonged, in these Elections, as it is expected to have people in many countries away from keyboards during the Christmas period. Elections Questionnaire needs more questions for email/Community blog interviews! If you have anything you would like to ask candidates to FESCo or to Council, please add it to the wiki. http://fedoraproject.org/wiki/Elections/Questionnaire Read more about the FESCo at: http://fedoraproject.org/wiki/Development/SteeringCommittee and about the Council at: http://fedoraproject.org/wiki/Council Thanks for your support, Jan -- Jan Kuřík Platform & Fedora Program Manager Red Hat Czech s.r.o., Purkynova 99/71, 612 45 Brno, Czech Republic _______________________________________________
  11. news
    SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:3039-1 Rating: important References: #1008831 #1011685 #1012754 Cross-References: CVE-2016-8632 CVE-2016-8655 CVE-2016-9555 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various critical security fixes. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012754). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-1762=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1762=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1762=1 - SUSE Linux Enterprise Module for Public Cloud 12: zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-1762=1 - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1762=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1762=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): kernel-default-debuginfo-3.12.67-60.64.21.1 kernel-default-debugsource-3.12.67-60.64.21.1 kernel-default-extra-3.12.67-60.64.21.1 kernel-default-extra-debuginfo-3.12.67-60.64.21.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): kernel-obs-build-3.12.67-60.64.21.1 kernel-obs-build-debugsource-3.12.67-60.64.21.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (noarch): kernel-docs-3.12.67-60.64.21.3 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): kernel-default-3.12.67-60.64.21.1 kernel-default-base-3.12.67-60.64.21.1 kernel-default-base-debuginfo-3.12.67-60.64.21.1 kernel-default-debuginfo-3.12.67-60.64.21.1 kernel-default-debugsource-3.12.67-60.64.21.1 kernel-default-devel-3.12.67-60.64.21.1 kernel-syms-3.12.67-60.64.21.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): kernel-xen-3.12.67-60.64.21.1 kernel-xen-base-3.12.67-60.64.21.1 kernel-xen-base-debuginfo-3.12.67-60.64.21.1 kernel-xen-debuginfo-3.12.67-60.64.21.1 kernel-xen-debugsource-3.12.67-60.64.21.1 kernel-xen-devel-3.12.67-60.64.21.1 - SUSE Linux Enterprise Server 12-SP1 (noarch): kernel-devel-3.12.67-60.64.21.1 kernel-macros-3.12.67-60.64.21.1 kernel-source-3.12.67-60.64.21.1 - SUSE Linux Enterprise Server 12-SP1 (s390x): kernel-default-man-3.12.67-60.64.21.1 - SUSE Linux Enterprise Module for Public Cloud 12 (x86_64): kernel-ec2-3.12.67-60.64.21.1 kernel-ec2-debuginfo-3.12.67-60.64.21.1 kernel-ec2-debugsource-3.12.67-60.64.21.1 kernel-ec2-devel-3.12.67-60.64.21.1 kernel-ec2-extra-3.12.67-60.64.21.1 kernel-ec2-extra-debuginfo-3.12.67-60.64.21.1 - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_67-60_64_21-default-1-2.1 kgraft-patch-3_12_67-60_64_21-xen-1-2.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): kernel-default-3.12.67-60.64.21.1 kernel-default-debuginfo-3.12.67-60.64.21.1 kernel-default-debugsource-3.12.67-60.64.21.1 kernel-default-devel-3.12.67-60.64.21.1 kernel-default-extra-3.12.67-60.64.21.1 kernel-default-extra-debuginfo-3.12.67-60.64.21.1 kernel-syms-3.12.67-60.64.21.1 kernel-xen-3.12.67-60.64.21.1 kernel-xen-debuginfo-3.12.67-60.64.21.1 kernel-xen-debugsource-3.12.67-60.64.21.1 kernel-xen-devel-3.12.67-60.64.21.1 - SUSE Linux Enterprise Desktop 12-SP1 (noarch): kernel-devel-3.12.67-60.64.21.1 kernel-macros-3.12.67-60.64.21.1 kernel-source-3.12.67-60.64.21.1 References: https://www.suse.com/security/cve/CVE-2016-8632.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9555.html https://bugzilla.suse.com/1008831 https://bugzilla.suse.com/1011685 https://bugzilla.suse.com/1012754 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  12. news
    openSUSE Security Update: Security update for roundcubemail ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3038-1 Rating: important References: #1001856 #1012493 #976988 #982003 Cross-References: CVE-2015-2181 CVE-2016-5103 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that solves two vulnerabilities and has two fixes is now available. Description: roundcubemail was updated to version 1.1.7 and fixes the following issues: - Update to 1.1.7 * A maliciously crafted FROM value could cause extra parameters to be passed to the sendmail command (boo#1012493) * A maliciously crafted email could cause untrusted code to be executed (cross site scripting using $lt;area href=javascript:...>) (boo#982003, CVE-2016-5103) * Avoid HTML styles that could cause potential click jacking (boo#1001856) - Update to 1.1.5 * Fixed security issue in DBMail driver of password plugin (CVE-2015-2181, boo#976988) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2016-1419=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-1419=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (noarch): roundcubemail-1.1.7-15.1 - openSUSE Leap 42.1 (noarch): roundcubemail-1.1.7-15.1 References: https://www.suse.com/security/cve/CVE-2015-2181.html https://www.suse.com/security/cve/CVE-2016-5103.html https://bugzilla.suse.com/1001856 https://bugzilla.suse.com/1012493 https://bugzilla.suse.com/976988 https://bugzilla.suse.com/982003 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  13. news
    20 of the Worst PC Setups – November 2016 ( -at -) ThinkComputers.org Feature Link: http://www.thinkcomputers.org/20-of-the-worst-pc-setups-november-2016/ Image URL: http://www.thinkcomputers.org/articles/worstpc-nov16-email.jpg Alt Image URL: http://www.thinkcomputers.org/articles/worstpc-nov16-small.jpg Quote: "I’m sure at some point you’ve had a bad PC setup. Maybe moving into a new place, waiting for a new desk to arrive or you just ran out of room. I can remember my horrible PC setups from when I was living at the dorms in college. If you have ever ventured over to the Shitty Battlestations sub-reddit you will find a lot of horrible PC setups. We will are going to pick 20 each month and feature them as 20 of the Worst PC setups for that month. Here are some of the bad ones from November!"
  14. news
    Today we are going to take a look at the Cooler Master MasterCase Maker 5t. This is a case that incorporates style, modular design, as well as ease of use. Once the Cooler Master MasterCase Maker 5t is available for retail purchase around December 22nd it will carry an MSRP of $249.99 as well as a 2 year limited warranty. Read on to see what makes this case special! Article Title: Cooler Master MasterCase Maker 5t Case Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/cooler-master-mastercase-maker-5t-case-review_188579 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =
  15. news
    openSUSE Security Update: Security update for roundcubemail ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3032-1 Rating: important References: #1001856 #1012493 #982003 Cross-References: CVE-2016-5103 Affected Products: openSUSE 13.2 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for roundcubemail fixes the following issues: - A maliciously crafted email could cause untrusted code to be executed (cross site scripting using $lt;area href=javascript:...>) (boo#982003, CVE-2016-5103) - Avoid HTML styles that could cause potential click jacking (boo#1001856) - A maliciously crafted FROM value could cause extra parameters to be passed to the sendmail command (boo#1012493) - Avoid sending completely empty text parts for multipart/alternative messages - Don't create multipart/alternative messages with empty text/plain part - Improved validation of FROM argument when sending mails Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2016-1418=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (noarch): roundcubemail-1.0.9-23.1 References: https://www.suse.com/security/cve/CVE-2016-5103.html https://bugzilla.suse.com/1001856 https://bugzilla.suse.com/1012493 https://bugzilla.suse.com/982003 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  16. news
    openSUSE Security Update: Security update for tiff ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3035-1 Rating: important References: #1007280 #1010161 #1010163 #1011103 #1011107 #914890 #974449 #974840 #984813 #984815 #987351 Cross-References: CVE-2014-8127 CVE-2015-7554 CVE-2015-8665 CVE-2015-8683 CVE-2016-3622 CVE-2016-3658 CVE-2016-5321 CVE-2016-5323 CVE-2016-5652 CVE-2016-5875 CVE-2016-9273 CVE-2016-9297 CVE-2016-9448 CVE-2016-9453 Affected Products: openSUSE 13.2 ______________________________________________________________________________ An update that fixes 14 vulnerabilities is now available. Description: Tiff was updated to version 4.0.7. This update fixes the following issues: * libtiff/tif_aux.c + Fix crash in TIFFVGetFieldDefaulted() when requesting Predictor tag and that the zip/lzw codec is not configured. (http://bugzilla.maptools.org/show_bug.cgi?id=2591) * libtiff/tif_compress.c + Make TIFFNoDecode() return 0 to indicate an error and make upper level read routines treat it accordingly. (http://bugzilla.maptools.org/show_bug.cgi?id=2517'>http://bugzilla.maptools.org/show_bug.cgi?id=2517) * libtiff/tif_dir.c + Discard values of SMinSampleValue and SMaxSampleValue when they have been read and the value of SamplesPerPixel is changed afterwards (like when reading a OJPEG compressed image with a missing SamplesPerPixel tag, and whose photometric is RGB or YCbCr, forcing SamplesPerPixel being 3). Otherwise when rewriting the directory (for example with tiffset, we will expect 3 values whereas the array had been allocated with just one), thus causing a out of bound read access. (CVE-2014-8127, boo#914890, duplicate: CVE-2016-3658, boo#974840) * libtiff/tif_dirread.c + In TIFFFetchNormalTag(), do not dereference NULL pointer when values of tags with TIFF_SETGET_C16_ASCII/TIFF_SETGET_C32_ASCII access are 0-byte arrays. (CVE-2016-9448, boo#1011103) + In TIFFFetchNormalTag(), make sure that values of tags with TIFF_SETGET_C16_ASCII/TIFF_SETGET_C32_ASCII access are null terminated, to avoid potential read outside buffer in _TIFFPrintField(). (CVE-2016-9297, boo#1010161) + Prevent reading ColorMap or TransferFunction if BitsPerPixel > 24, so as to avoid huge memory allocation and file read attempts + Reject images with OJPEG compression that have no TileOffsets/StripOffsets tag, when OJPEG compression is disabled. Prevent null pointer dereference in TIFFReadRawStrip1() and other functions that expect td_stripbytecount to be non NULL. (http://bugzilla.maptools.org/show_bug.cgi?id=2585) + When compiled with DEFER_STRILE_LOAD, fix regression, when reading a one-strip file without a StripByteCounts tag. + Workaround false positive warning of Clang Static Analyzer about null pointer dereference in TIFFCheckDirOffset(). * libtiff/tif_dirwrite.c + Avoid null pointer dereference on td_stripoffset when writing directory, if FIELD_STRIPOFFSETS was artificially set for a hack case in OJPEG case. Fixes (CVE-2014-8127, boo#914890, duplicate: CVE-2016-3658, boo#974840) + Fix truncation to 32 bit of file offsets in TIFFLinkDirectory() and TIFFWriteDirectorySec() when aligning directory offsets on an even offset (affects BigTIFF). * libtiff/tif_dumpmode.c + DumpModeEncode() should return 0 in case of failure so that the above mentionned functions detect the error. * libtiff/tif_fax3.c + remove dead assignment in Fax3PutEOLgdal(). * libtiff/tif_fax3.h + make Param member of TIFFFaxTabEnt structure a uint16 to reduce size of the binary. * libtiff/tif_getimage.c + Fix out-of-bound reads in TIFFRGBAImage interface in case of unsupported values of SamplesPerPixel/ExtraSamples for LogLUV/CIELab. Add explicit call to TIFFRGBAImageOK() in TIFFRGBAImageBegin(). Fix CVE-2015-8665 and CVE-2015-8683. + TIFFRGBAImageOK: Reject attempts to read floating point images. * libtiff/tif_luv.c + Fix potential out-of-bound writes in decode functions in non debug builds by replacing assert()s by regular if checks (http://bugzilla.maptools.org/show_bug.cgi?id=2522). Fix potential out-of-bound reads in case of short input data. + Validate that for COMPRESSION_SGILOG and PHOTOMETRIC_LOGL, there is only one sample per pixel. Avoid potential invalid memory write on corrupted/unexpected images when using the TIFFRGBAImageBegin() interface * libtiff/tif_next.c + Fix potential out-of-bound write in NeXTDecode() (http://bugzilla.maptools.org/show_bug.cgi?id=2508) * libtiff/tif_pixarlog.c + Avoid zlib error messages to pass a NULL string to %s formatter, which is undefined behaviour in sprintf(). + Fix out-of-bounds write vulnerabilities in heap allocated buffers. Reported as MSVR 35094. + Fix potential buffer write overrun in PixarLogDecode() on corrupted/unexpected images (CVE-2016-5875, boo#987351) * libtiff/tif_predict.c + PredictorSetup: Enforce bits-per-sample requirements of floating point predictor (3). (CVE-2016-3622, boo#974449) * libtiff/tif_predict.h, libtiff/tif_predict.c + Replace assertions by runtime checks to avoid assertions in debug mode, or buffer overflows in release mode. Can happen when dealing with unusual tile size like YCbCr with subsampling. Reported as MSVR 35105. * libtiff/tif_read.c + Fix out-of-bounds read on memory-mapped files in TIFFReadRawStrip1() and TIFFReadRawTile1() when stripoffset is beyond tmsize_t max value + Make TIFFReadEncodedStrip() and TIFFReadEncodedTile() directly use user provided buffer when no compression (and other conditions) to save a memcpy(). * libtiff/tif_strip.c + Make TIFFNumberOfStrips() return the td->td_nstrips value when it is non-zero, instead of recomputing it. This is needed in TIFF_STRIPCHOP mode where td_nstrips is modified. Fixes a read outsize of array in tiffsplit (or other utilities using TIFFNumberOfStrips()). (CVE-2016-9273, boo#1010163) * libtiff/tif_write.c + Fix issue in error code path of TIFFFlushData1() that didn't reset the tif_rawcc and tif_rawcp members. I'm not completely sure if that could happen in practice outside of the odd behaviour of t2p_seekproc() of tiff2pdf). The report points that a better fix could be to check the return value of TIFFFlushData1() in places where it isn't done currently, but it seems this patch is enough. Reported as MSVR 35095. + Make TIFFWriteEncodedStrip() and TIFFWriteEncodedTile() directly use user provided buffer when no compression to save a memcpy(). + TIFFWriteEncodedStrip() and TIFFWriteEncodedTile() should return -1 in case of failure of tif_encodestrip() as documented * tools/fax2tiff.c + Fix segfault when specifying -r without argument. (http://bugzilla.maptools.org/show_bug.cgi?id=2572) * tools/Makefile.am + The libtiff tools bmp2tiff, gif2tiff, ras2tiff, sgi2tiff, sgisv, and ycbcr are completely removed from the distribution. The libtiff tools rgb2ycbcr and thumbnail are only built in the build tree for testing. Old files are put in new 'archive' subdirectory of the source repository, but not in distribution archives. These changes are made in order to lessen the maintenance burden. * tools/tiff2bw.c + Fix weight computation that could result of color value overflow (no security implication). Fix http://bugzilla.maptools.org/show_bug.cgi?id=2550. * tools/tiff2pdf.c + Avoid undefined behaviour related to overlapping of source and destination buffer in memcpy() call in t2p_sample_rgbaa_to_rgb() (http://bugzilla.maptools.org/show_bug.cgi?id=2577) + Fix out-of-bounds write vulnerabilities in heap allocate buffer in t2p_process_jpeg_strip(). Reported as MSVR 35098. + Fix potential integer overflows on 32 bit builds in t2p_read_tiff_size() (http://bugzilla.maptools.org/show_bug.cgi?id=2576) + Fix read -largely- outsize of buffer in t2p_readwrite_pdf_image_tile(), causing crash, when reading a JPEG compressed image with TIFFTAG_JPEGTABLES length being one. (CVE-2016-9453, boo#1011107) + Fix write buffer overflow of 2 bytes on JPEG compressed images. Also prevents writing 2 extra uninitialized bytes to the file stream. (TALOS-CAN-0187, CVE-2016-5652, boo#1007280) * tools/tiffcp.c + Fix out-of-bounds write on tiled images with odd tile width vs image width. Reported as MSVR 35103. + Fix read of undefined variable in case of missing required tags. Found on test case of MSVR 35100. * tools/tiffcrop.c + Avoid access outside of stack allocated array on a tiled separate TIFF with more than 8 samples per pixel. (CVE-2016-5321, CVE-2016-5323, boo#984813, boo#984815) + Fix memory leak in (recent) error code path. + Fix multiple uint32 overflows in writeBufferToSeparateStrips(), writeBufferToContigTiles() and writeBufferToSeparateTiles() that could cause heap buffer overflows. (http://bugzilla.maptools.org/show_bug.cgi?id=2592) + Fix out-of-bound read of up to 3 bytes in readContigTilesIntoBuffer(). Reported as MSVR 35092. + Fix read of undefined buffer in readContigStripsIntoBuffer() due to uint16 overflow. Reported as MSVR 35100. + Fix various out-of-bounds write vulnerabilities in heap or stack allocated buffers. Reported as MSVR 35093, MSVR 35096 and MSVR 35097. + readContigTilesIntoBuffer: Fix signed/unsigned comparison warning. * tools/tiffdump.c + Fix a few misaligned 64-bit reads warned by -fsanitize + ReadDirectory: Remove uint32 cast to_TIFFmalloc() argument which resulted in Coverity report. Added more mutiplication overflow checks * tools/tiffinfo.c + Fix out-of-bound read on some tiled images. (http://bugzilla.maptools.org/show_bug.cgi?id=2517) + TIFFReadContigTileData: Fix signed/unsigned comparison warning. + TIFFReadSeparateTileData: Fix signed/unsigned comparison warning. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2016-1425=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i586 x86_64): libtiff-devel-4.0.7-10.35.1 libtiff5-4.0.7-10.35.1 libtiff5-debuginfo-4.0.7-10.35.1 tiff-4.0.7-10.35.1 tiff-debuginfo-4.0.7-10.35.1 tiff-debugsource-4.0.7-10.35.1 - openSUSE 13.2 (x86_64): libtiff-devel-32bit-4.0.7-10.35.1 libtiff5-32bit-4.0.7-10.35.1 libtiff5-debuginfo-32bit-4.0.7-10.35.1 References: https://www.suse.com/security/cve/CVE-2014-8127.html https://www.suse.com/security/cve/CVE-2015-7554.html https://www.suse.com/security/cve/CVE-2015-8665.html https://www.suse.com/security/cve/CVE-2015-8683.html https://www.suse.com/security/cve/CVE-2016-3622.html https://www.suse.com/security/cve/CVE-2016-3658.html https://www.suse.com/security/cve/CVE-2016-5321.html https://www.suse.com/security/cve/CVE-2016-5323.html https://www.suse.com/security/cve/CVE-2016-5652.html https://www.suse.com/security/cve/CVE-2016-5875.html https://www.suse.com/security/cve/CVE-2016-9273.html https://www.suse.com/security/cve/CVE-2016-9297.html https://www.suse.com/security/cve/CVE-2016-9448.html https://www.suse.com/security/cve/CVE-2016-9453.html https://bugzilla.suse.com/1007280 https://bugzilla.suse.com/1010161 https://bugzilla.suse.com/1010163 https://bugzilla.suse.com/1011103 https://bugzilla.suse.com/1011107 https://bugzilla.suse.com/914890 https://bugzilla.suse.com/974449 https://bugzilla.suse.com/974840 https://bugzilla.suse.com/984813 https://bugzilla.suse.com/984815 https://bugzilla.suse.com/987351 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  17. news
    Tobii Tech 4C eye tracker for gaming review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=5984f92add&e=872093acb5 http://www.kitguru.net Tobii Tech 4C eye tracker for gaming review Eye tracking technology has been around for a long time in research and accessibility spaces, but has often been far too expensive for average consumers to consider. Now though things are very different, which is why Tobii Tech has launched its new, gaming focused eye tracker, called the 4C. It lets you track targets, pan your view in first person experiences and make various other inputs – all using the power of your eyes. The 4C is designed to work with laptops and desktop PCs, at various distances and is supported by an ever growing number of games, which we will be using to put it through its paces. Read the review here: http://www.kitguru.net/peripherals/jon-martindale/tobii-tech-4c-eye-tracker-for-gaming-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=5984f92add&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  18. news
    Tobii Tech 4C eye tracker for gaming review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=5984f92add&e=872093acb5 http://www.kitguru.net Tobii Tech 4C eye tracker for gaming review Eye tracking technology has been around for a long time in research and accessibility spaces, but has often been far too expensive for average consumers to consider. Now though things are very different, which is why Tobii Tech has launched its new, gaming focused eye tracker, called the 4C. It lets you track targets, pan your view in first person experiences and make various other inputs – all using the power of your eyes. The 4C is designed to work with laptops and desktop PCs, at various distances and is supported by an ever growing number of games, which we will be using to put it through its paces. Read the review here: http://www.kitguru.net/peripherals/jon-martindale/tobii-tech-4c-eye-tracker-for-gaming-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=5984f92add&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  19. news
    Tobii Tech 4C eye tracker for gaming review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=5984f92add&e=872093acb5 http://www.kitguru.net Tobii Tech 4C eye tracker for gaming review Eye tracking technology has been around for a long time in research and accessibility spaces, but has often been far too expensive for average consumers to consider. Now though things are very different, which is why Tobii Tech has launched its new, gaming focused eye tracker, called the 4C. It lets you track targets, pan your view in first person experiences and make various other inputs – all using the power of your eyes. The 4C is designed to work with laptops and desktop PCs, at various distances and is supported by an ever growing number of games, which we will be using to put it through its paces. Read the review here: http://www.kitguru.net/peripherals/jon-martindale/tobii-tech-4c-eye-tracker-for-gaming-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=5984f92add&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  20. news
    Tobii Tech 4C eye tracker for gaming review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=5984f92add&e=872093acb5 http://www.kitguru.net Tobii Tech 4C eye tracker for gaming review Eye tracking technology has been around for a long time in research and accessibility spaces, but has often been far too expensive for average consumers to consider. Now though things are very different, which is why Tobii Tech has launched its new, gaming focused eye tracker, called the 4C. It lets you track targets, pan your view in first person experiences and make various other inputs – all using the power of your eyes. The 4C is designed to work with laptops and desktop PCs, at various distances and is supported by an ever growing number of games, which we will be using to put it through its paces. Read the review here: http://www.kitguru.net/peripherals/jon-martindale/tobii-tech-4c-eye-tracker-for-gaming-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=5984f92add&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  21. news
    Tobii Tech 4C eye tracker for gaming review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=5984f92add&e=872093acb5 http://www.kitguru.net Tobii Tech 4C eye tracker for gaming review Eye tracking technology has been around for a long time in research and accessibility spaces, but has often been far too expensive for average consumers to consider. Now though things are very different, which is why Tobii Tech has launched its new, gaming focused eye tracker, called the 4C. It lets you track targets, pan your view in first person experiences and make various other inputs – all using the power of your eyes. The 4C is designed to work with laptops and desktop PCs, at various distances and is supported by an ever growing number of games, which we will be using to put it through its paces. Read the review here: http://www.kitguru.net/peripherals/jon-martindale/tobii-tech-4c-eye-tracker-for-gaming-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=5984f92add&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  22. news
    ** TECHSPOT ------------------------------------------------------------ ** Razer DeathAdder Elite Review ------------------------------------------------------------ ** http://www.techspot.com/review/1290-razer-deathadder-elite/ ------------------------------------------------------------ The Razer DeathAdder Elite preserves the same comfortable and ergonomic design that we know and love, with a few improvements inside and out, most importantly endurance. While it's billed as a gaming mouse, its simple, effective design makes it suitable for any type of user. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA
  23. news
    CentOS Errata and Security Advisory 2016:2850 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-2850.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 37159bf7a1c76a81bc07cadec1539bdb583e1a88c6c986045a3e03004da2171e thunderbird-45.5.1-1.el6.centos.i686.rpm x86_64: f8bf63fcd830956dda9c173b6d1a7c75a236ef62260c526c8011077e8ebc3860 thunderbird-45.5.1-1.el6.centos.x86_64.rpm Source: 003db7819ee770c3a01940de0e0656a23fb0d2d992266ad1d9cb66bcadcbbb8c thunderbird-45.5.1-1.el6.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  24. news
    CentOS Errata and Security Advisory 2016:2850 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-2850.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 37159bf7a1c76a81bc07cadec1539bdb583e1a88c6c986045a3e03004da2171e thunderbird-45.5.1-1.el6.centos.i686.rpm x86_64: f8bf63fcd830956dda9c173b6d1a7c75a236ef62260c526c8011077e8ebc3860 thunderbird-45.5.1-1.el6.centos.x86_64.rpm Source: 003db7819ee770c3a01940de0e0656a23fb0d2d992266ad1d9cb66bcadcbbb8c thunderbird-45.5.1-1.el6.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  25. news
    CentOS Errata and Security Advisory 2016:2872 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-2872.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: f2508e248146b5636959f838ece913d47c6fda102a3bcfc8fee0fda0f023f9c4 sudo-1.8.6p3-25.el6_8.i686.rpm 77251c20200c09360d84a0dfb896cd6ed7dbadb3145f4b55f3ad3d654affa852 sudo-devel-1.8.6p3-25.el6_8.i686.rpm x86_64: 4685543cf04bdd940e99b497e857c9d5f83b05ee8f48a3dc390a4e6501ec69c4 sudo-1.8.6p3-25.el6_8.x86_64.rpm 77251c20200c09360d84a0dfb896cd6ed7dbadb3145f4b55f3ad3d654affa852 sudo-devel-1.8.6p3-25.el6_8.i686.rpm ad5c08ce5caca91957edf192e14dc8596c8328e64161cef8453bc3359c5df90c sudo-devel-1.8.6p3-25.el6_8.x86_64.rpm Source: 87812a80c64fc266b0ca7b2808a59890ed7850aef96c759497d646268584856f sudo-1.8.6p3-25.el6_8.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
×