Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    Title: VicoVation Vico-MF3 Extreme Car Camcorder Review ( -at -) NikKTech Description: With a maximum recording resolution of 2560x1440p ( -at -) 30fps with HDR and an aluminum enclosure designed after the Leica M8 compact camera the brand new Vico-MF3 Extreme Car Recorder has virtually nothing to fear from the competition. Article Link: http://www.nikktech.com/main/articles/gadgets/car-electronics/dash-cams/7137 -vicovation-vico-mf3-extreme-car-camcorder-review Image Link: http://www.nikktech.com/main/images/pics/reviews/vicovation/vico_mf3/vicovat ion_mf3a.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas
  2. news
    20 of the Worst PC Setups - October 2016 ( -at -) ThinkComputers.org Article Link: http://www.thinkcomputers.org/20-of-the-worst-pc-setups-october-2016/ Image URL: http://www.thinkcomputers.org/articles/worstpc-oct16-email.jpg Alt Image URL: http://www.thinkcomputers.org/articles/worstpc-oct16-small.jpg Quote: "I’m sure at some point you’ve had a bad PC setup. Maybe moving into a new place, waiting for a new desk to arrive or you just ran out of room. I can remember my horrible PC setups from when I was living at the dorms in college. If you have ever ventured over to the Shitty Battlestations sub-reddit you will find a lot of horrible PC setups. We will are going to pick 20 each month and feature them as 20 of the Worst PC setups for that month. Here are some of the bad ones from Octboer!"
  3. news
    Hi News Poster HardwareOverclock.com has just posted another review. Last week we have tested the Alphacool Eispumpe VPP-755. This pump, technologically a completely new development, throws out all the old problems with the well-known D5 pumps and retains only the compatibility to all current D5 tops and brackets. The VPP755 Eispump dispenses with the spherical bearing and opts instead for a ceramic shaft that makes for quieter operation. Title: Alphacool Eispumpe VPP-755 ( -at -) HardwareOverclock.com Link: http://hardwareoverclock.com/Alphacool-Eispumpe-VPP-755-Single-Edition.htm Image: http://hardwareoverclock.com/Wasserkuehlung/Eispumpe-VP755-03.jpg Thanks for posting our news. Pls feel free and send us your News too. Rene Ruf Chefredakteur HardwareOverclock.com <mailto:admin ( -at -) hardwareoverclock.com> mailto:admin ( -at -) hardwareoverclock.com hardwareoverclock.com
  4. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-ibm security update Advisory ID: RHSA-2016:2659-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2659.html Issue date: 2016-11-07 CVE Names: CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5573 CVE-2016-5597 ===================================================================== 1. Summary: An update for java-1.6.0-ibm is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, ppc, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP35. Security Fix(es): * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-5542, CVE-2016-5554, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of IBM Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1385544 - CVE-2016-5573 OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519) 1385714 - CVE-2016-5554 OpenJDK: insufficient classloader consistency checks in ClassLoaderWithRepository (JMX, 8157739) 1385723 - CVE-2016-5542 OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973) 1386103 - CVE-2016-5597 OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838) 1386408 - CVE-2016-5556 Oracle JDK: unspecified vulnerability fixed in 6u131, 7u121, and 8u111 (2D) 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.i386.rpm ppc: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.ppc.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.s390.rpm java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.s390.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.s390.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.s390.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.s390.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.i386.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el5_11.x86_64.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.i686.rpm ppc64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.s390x.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.s390x.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.s390x.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.i686.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.35-1jpp.1.el6_8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-5542 https://access.redhat.com/security/cve/CVE-2016-5554 https://access.redhat.com/security/cve/CVE-2016-5556 https://access.redhat.com/security/cve/CVE-2016-5573 https://access.redhat.com/security/cve/CVE-2016-5597 https://access.redhat.com/security/updates/classification/#critical https://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYIIQvXlSAg2UNWIIRAuZaAKCDcNdjkrcQkSoUT9mSEiDSDWh5OQCgxBfm Jp7CboJWXxTP2eivUnijo4c= =ULLW -----END PGP SIGNATURE----- --
  5. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.7.0-openjdk security update Advisory ID: RHSA-2016:2658-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2658.html Issue date: 2016-11-07 CVE Names: CVE-2016-5542 CVE-2016-5554 CVE-2016-5573 CVE-2016-5582 CVE-2016-5597 ===================================================================== 1. Summary: An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 5, Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es): * It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. An untrusted Java application or applet could use this flaw to corrupt virtual machine's memory and completely bypass Java sandbox restrictions. (CVE-2016-5582) * It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP requests to the JDWP port of the debugged application. (CVE-2016-5573) * It was discovered that the Libraries component of OpenJDK did not restrict the set of algorithms used for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2016-5542) Note: After this update, MD2 hash algorithm and RSA keys with less than 1024 bits are no longer allowed to be used for Jar integrity verification by default. MD5 hash algorithm is expected to be disabled by default in the future updates. A newly introduced security property jdk.jar.disabledAlgorithms can be used to control the set of disabled algorithms. * A flaw was found in the way the JMX component of OpenJDK handled classloaders. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. (CVE-2016-5554) * A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could possibly expose HTTPS server authentication credentials via a plain text network connection to an HTTP proxy if proxy asked for authentication. (CVE-2016-5597) Note: After this update, Basic HTTP proxy authentication can no longer be used when tunneling HTTPS connection through an HTTP proxy. Newly introduced system properties jdk.http.auth.proxying.disabledSchemes and jdk.http.auth.tunneling.disabledSchemes can be used to control which authentication schemes can be requested by an HTTP proxy when proxying HTTP and HTTPS connections respectively. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1385402 - CVE-2016-5582 OpenJDK: incomplete type checks of System.arraycopy arguments (Hotspot, 8160591) 1385544 - CVE-2016-5573 OpenJDK: insufficient checks of JDWP packets (Hotspot, 8159519) 1385714 - CVE-2016-5554 OpenJDK: insufficient classloader consistency checks in ClassLoaderWithRepository (JMX, 8157739) 1385723 - CVE-2016-5542 OpenJDK: missing algorithm restrictions for jar verification (Libraries, 8155973) 1386103 - CVE-2016-5597 OpenJDK: exposure of server authentication credentials to proxy (Networking, 8160838) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.src.rpm i386: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el5_11.i386.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el5_11.i386.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el5_11.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el5_11.i386.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el5_11.i386.rpm x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.src.rpm i386: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.i386.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el5_11.i386.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el5_11.i386.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el5_11.i386.rpm java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el5_11.i386.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el5_11.i386.rpm x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el5_11.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.src.rpm i386: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): noarch: java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.src.rpm i386: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.src.rpm i386: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.i686.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.1.el6_8.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.1.el6_8.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.src.rpm aarch64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.aarch64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.aarch64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.aarch64.rpm java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.aarch64.rpm ppc64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm ppc64le: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm s390x: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.s390x.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.s390x.rpm java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.s390x.rpm x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.aarch64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.aarch64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.aarch64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.aarch64.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm ppc64: java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.ppc64.rpm ppc64le: java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.ppc64le.rpm s390x: java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.s390x.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.s390x.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.s390x.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.121-2.6.8.0.el7_3.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.121-2.6.8.0.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-5542 https://access.redhat.com/security/cve/CVE-2016-5554 https://access.redhat.com/security/cve/CVE-2016-5573 https://access.redhat.com/security/cve/CVE-2016-5582 https://access.redhat.com/security/cve/CVE-2016-5597 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFYIIPwXlSAg2UNWIIRAqyUAJoDM5k7uKybTJPFbPMA8fU/oBtsBgCfXbRr 9WRhWWHkd+c+XyX9rMaB7Fs= =j7ff -----END PGP SIGNATURE----- --
  6. news
    <http://www.eteknix.com> Aerocool DS230 Mid-Tower Chassis Review One of the most successful product ranges from Aerocool is without a doubt their Dead Silence series. The DS Cube chassis <http://www.eteknix.com/aerocool-ds-dead-silence-cube-chassis-review/> , the DS200 mid-tower chassis <http://www.eteknix.com/aerocool-dead-silence-ds200-mid-tower-chassis-review/> , and the DS fans <http://www.eteknix.com/aerocool-ds-dead-silence-120mm-140mm-fan-review/> , have all won awards from many sites around the world, including from myself here at eTeknix over the last few years. They delivered silent performance and stunning aesthetics, and that's something Aerocool are keen to continue with the release of the Aerocool DS230 Mid-Tower Chassis. URL - http://www.eteknix.com/aerocool-ds230-mid-tower-chassis-review/ --
  7. news
    TITLE: GIGABYTE XM300 Review ( -at -) Vortez CONTENT: It would appear that GIGABYTE are redoubling their efforts regarding gaming equipment and peripherals lately, but which branding they finally solidify behind could be anyone's guess (Aorus or Xtreme Gaming). Here we get a look at the GIGABYTE branded XM300, which is an high speed ergonomic mouse that is specifically designed to provide comfort for all grip types. At 130mm long, and weighs just 100g, the XM300 fills the role of a fast, mid-sized mouse that will cater for most play styles, a category filled with some very popular mice including the Razer DeathAdder Chroma. LINK: http://www.vortez.net/review.php?id=1225 ---------------------------------------------------------------------------- -------------------- Please post this news item in your news section. Thank you.
  8. news
  9. news
    ** TECHSPOT ------------------------------------------------------------ ** The $40 Mechanical Keyboard: Is It Any Good? ------------------------------------------------------------ ** http://www.techspot.com/review/1253-the-40-dollar-mechanical-keyboard/ ------------------------------------------------------------ What if you want a mechanical keyboard but only have $40 to spend? With the market now flooded with loads of Cherry MX knock-off switches, this has enabled companies to develop very affordable mechanical keyboards. One such case is the GranVela MechanicalEagle Z-77, available on Amazon for as little as $35. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA
  10. news
    Get that presentation proposal ready: The deadline for the Call for Papers for SCALE 15X – the 15th Annual Southern California Linux Expo – is coming up fast. You have until midnight Pacific Standard Time on Nov. 15th to get your proposal in for your talk to be considered for the largest volunteer-run Linux/FOSS expo in North America. Among the specialized tracks for SCALE 15X are the following: -- Open Source in Enterprises -- Container and Virtualization -- Open Data -- Open Source Storage -- Security -- Developer -- Cloud -- Next Generation (open to potential speakers age 18 years and under) -- Legal and Licensing -- Mentoring -- Embedded A complete list of tracks and topics, along with instructions on how to submit a proposal, can be found on the SCALE 15X CFP page here: http://www.socallinuxexpo.org/scale/15x/cfp SCALE 15X will be held from March 2-5, 2017, at the Pasadena Convention Center in Pasadena, California. For more information, visit http://www.socallinuxexpo.org --
  11. news
    We have posted a new solid state report!! ------------------------------------------------------------ http://us7.campaign-archive1.com/?u=3d9b6193ffd32dd60e84fc74b&id=c4210358c3&e=312ec141fb http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=4ce17457f8&e=312ec141fb TITLE: ADATA SE730 External SSD Review (250GB) – USB Type-C LINK: http://thessdreview.us7.list-manage1.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=7fa7420e46&e=312ec141fb PHOTO: http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=6349f49eee&e=312ec141fb INFO: he ADATA SE730 differs from many other SSDs, however, as it contains the characteristics of being waterproof, dustproof and shockproof, in addition to its small size. If you want storage that will overcome the elements, the SE730 just might be what you're looking for. In addition, this external SSD has a great price and can be found at Amazon for $120. All in all, the ADATA SE730 is a solid external SSD that is as attractive as it is value driven, has decent performance, and can be relied upon for storage of data up to 250GB. Great drive but, come on ADATA, let's see some higher capacities. Recommended. _________________________________________________________________________________________
  12. news
    We have posted a new solid state report!! ------------------------------------------------------------ http://us7.campaign-archive1.com/?u=3d9b6193ffd32dd60e84fc74b&id=331f09f5db&e=1230c2ab07 http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=63a420dee9&e=1230c2ab07 TITLE: Lexar 128GB Professional 1066x CompactFlash Card Review LINK: http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=15d76f3ea4&e=1230c2ab07 PHOTO: http:/thessdreview.com/wp-content/uploads/2016/11/121A5221.jpg INFO: Perhaps the single thing that really disturbs me is the fact that cameras have not kept up with the advances of storage performance. Where capabilities exist to very easily incorporate hardware into a DSLR that enables the movement of data at speed of over 500MB/s, we are still left with data transfer rates that hamper continuous shooting scenarios significantly. Ok so... that's my gripe and it is well placed considering I have a brand new Canon 5D EOS Mark IV in my hands that I am absolutely in love with, but for that shortfall that could easily be overcome by manufacturers. My quest now is to find the best equipment possible for what is perhaps the best DSLR in the world right now; enter the Lexar 128GB Professional 1066x CompactFlash Card . _________________________________________________________________________________________
  13. news
    We have posted a new solid state report!! ------------------------------------------------------------ http://us7.campaign-archive1.com/?u=3d9b6193ffd32dd60e84fc74b&id=331f09f5db&e=312ec141fb http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=63a420dee9&e=312ec141fb TITLE: Lexar 128GB Professional 1066x CompactFlash Card Review LINK: http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=15d76f3ea4&e=312ec141fb PHOTO: http:/thessdreview.com/wp-content/uploads/2016/11/121A5221.jpg INFO: Perhaps the single thing that really disturbs me is the fact that cameras have not kept up with the advances of storage performance. Where capabilities exist to very easily incorporate hardware into a DSLR that enables the movement of data at speed of over 500MB/s, we are still left with data transfer rates that hamper continuous shooting scenarios significantly. Ok so... that's my gripe and it is well placed considering I have a brand new Canon 5D EOS Mark IV in my hands that I am absolutely in love with, but for that shortfall that could easily be overcome by manufacturers. My quest now is to find the best equipment possible for what is perhaps the best DSLR in the world right now; enter the Lexar 128GB Professional 1066x CompactFlash Card . _________________________________________________________________________________________
  14. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, Today is the transition freeze, as we announced in [1]. That means no new library transitions or package transitions that involve a large number of packages. Please note that some transitions are ongoing or about to start in the next couple of days. We will work hard to make those as smooth as possible, so please bear with us while things finally settle. Future milestone dates in the stretch freeze ============================================ This is the first of four milestones for the stretch freeze[2]. The Release Team maintains a calendar of these at [3] along with other important dates. The next milestones are (in order): Dec 5: Forced 10-day migration delay - ------------------------------------ All package migrations will have a mandatory 10-day migration delay by default (i.e. Britney will ignore urgencies from the changelog). * Very urgent updates (security updates) can have their delay lowered. * Please file an unblock request where needed. (reportbug release.debian.org) Jan 5: soft freeze - ------------------ Deadline for: * New (source) packages in stretch * Letting packages re-enter stretch (if they have been removed) Updates to existing packages in stretch will continue as normal. Remember: * New packages must be in testing before January 5th. * With the mandatory 10-day delay, the latest day for the upload is /at least/ 10 days earlier. * Delays caused by RC bugs (even in other packages), lazy FTP-masters or a long NEW queue (etc.) are *not* an excuse to be late. Feb 5: Full freeze - ------------------ Freeze for stretch: * All changes to stretch will require approval. * Use "reportbug release.debian.org" for requesting unblocks. Remember: * Uploaded changes must be in testing before February 5th * With the mandatory 10-day delay, the latest day for the upload is /at least/ 10 days earlier. * Delays caused by RC bugs other packages, slow buildds, "C-x M-c M-butterfly" (etc.) are *not* an excuse to be late. You can also find the dates and their descriptions in our calendar[3]. We will keep you updated as the freeze progresses. For the Release Team, Emilio and Niels [1] https://lists.debian.org/debian-devel-announce/2016/07/msg00002.html [2] https://release.debian.org/#release-dates [3] https://release.debian.org/release-calendar.ics -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYHj6xAAoJEAVLu599gGRCWPsP/1MVYVbCImvLx+tAbdJsIMpA jqKu3vuiCABj5aIqioA3OjeuFedGYVekDGYaqQZApxiTtQLg5fKXmT04NUYBku65 V1xax4fnLO3zxK/BQJIC1wVmfUQLjjw/LOLQMAUYOT0+w2WEhjsdb2XUqBv9Y0pj aX2MGKx802ozn2Om3whS3YOySj8/w8AncN52GHaKJgF1D+kd7Yp+59zHaXJaqg1I 2Z7XegxZ3kE3XwrrXBjTrRCDlKUA//ALWE+EoACJdpxCmc4eEAHqz1497W/8kZxo FXHqb7in/UDLp+a2Oqj2lnhXLGJ2mUpk/DtJx9hGMTCd4WcYk22RSLn6rorze1vs 9K5golm48MESmkvvDJvHpW7ASGAUMwj+WZ/BCAx/YC1sPaCAISpsaz9Dnfg0swzP Priagzcau5bjcU8+jJU3yWPJXiU0Ah8rkPulYiAfvSvV6mWukyIfK33ek42V7lrK 8iIZrkyq+iyc77i+MAXYpJ6Y1Nm0lEwexgS6+849qabJ0Qn4svpwQtZQsF9MDdR9 +2zQcgRW1SKBsSww6zmPppgAkUc6GSm6c7tsIm4upga93+fCb6a9qDkMpxY1lTHP jK2hgs7tKYNVMxCtQHkYGnJULy0L4COyhz2CmUHGWCk4U782dPT1jzJgIa72M3YW gK9Bjb++/9778EA4VvZA =ehk+ -----END PGP SIGNATURE-----
  15. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hi, Today is the transition freeze, as we announced in [1]. That means no new library transitions or package transitions that involve a large number of packages. Please note that some transitions are ongoing or about to start in the next couple of days. We will work hard to make those as smooth as possible, so please bear with us while things finally settle. Future milestone dates in the stretch freeze ============================================ This is the first of four milestones for the stretch freeze[2]. The Release Team maintains a calendar of these at [3] along with other important dates. The next milestones are (in order): Dec 5: Forced 10-day migration delay - ------------------------------------ All package migrations will have a mandatory 10-day migration delay by default (i.e. Britney will ignore urgencies from the changelog). * Very urgent updates (security updates) can have their delay lowered. * Please file an unblock request where needed. (reportbug release.debian.org) Jan 5: soft freeze - ------------------ Deadline for: * New (source) packages in stretch * Letting packages re-enter stretch (if they have been removed) Updates to existing packages in stretch will continue as normal. Remember: * New packages must be in testing before January 5th. * With the mandatory 10-day delay, the latest day for the upload is /at least/ 10 days earlier. * Delays caused by RC bugs (even in other packages), lazy FTP-masters or a long NEW queue (etc.) are *not* an excuse to be late. Feb 5: Full freeze - ------------------ Freeze for stretch: * All changes to stretch will require approval. * Use "reportbug release.debian.org" for requesting unblocks. Remember: * Uploaded changes must be in testing before February 5th * With the mandatory 10-day delay, the latest day for the upload is /at least/ 10 days earlier. * Delays caused by RC bugs other packages, slow buildds, "C-x M-c M-butterfly" (etc.) are *not* an excuse to be late. You can also find the dates and their descriptions in our calendar[3]. We will keep you updated as the freeze progresses. For the Release Team, Emilio and Niels [1] https://lists.debian.org/debian-devel-announce/2016/07/msg00002.html [2] https://release.debian.org/#release-dates [3] https://release.debian.org/release-calendar.ics -----BEGIN PGP SIGNATURE----- iQIcBAEBCAAGBQJYHj6xAAoJEAVLu599gGRCWPsP/1MVYVbCImvLx+tAbdJsIMpA jqKu3vuiCABj5aIqioA3OjeuFedGYVekDGYaqQZApxiTtQLg5fKXmT04NUYBku65 V1xax4fnLO3zxK/BQJIC1wVmfUQLjjw/LOLQMAUYOT0+w2WEhjsdb2XUqBv9Y0pj aX2MGKx802ozn2Om3whS3YOySj8/w8AncN52GHaKJgF1D+kd7Yp+59zHaXJaqg1I 2Z7XegxZ3kE3XwrrXBjTrRCDlKUA//ALWE+EoACJdpxCmc4eEAHqz1497W/8kZxo FXHqb7in/UDLp+a2Oqj2lnhXLGJ2mUpk/DtJx9hGMTCd4WcYk22RSLn6rorze1vs 9K5golm48MESmkvvDJvHpW7ASGAUMwj+WZ/BCAx/YC1sPaCAISpsaz9Dnfg0swzP Priagzcau5bjcU8+jJU3yWPJXiU0Ah8rkPulYiAfvSvV6mWukyIfK33ek42V7lrK 8iIZrkyq+iyc77i+MAXYpJ6Y1Nm0lEwexgS6+849qabJ0Qn4svpwQtZQsF9MDdR9 +2zQcgRW1SKBsSww6zmPppgAkUc6GSm6c7tsIm4upga93+fCb6a9qDkMpxY1lTHP jK2hgs7tKYNVMxCtQHkYGnJULy0L4COyhz2CmUHGWCk4U782dPT1jzJgIa72M3YW gK9Bjb++/9778EA4VvZA =ehk+ -----END PGP SIGNATURE-----
  16. news
    ** TECHSPOT ------------------------------------------------------------ ** Motorola Moto G4 Play Review ------------------------------------------------------------ ** http://www.techspot.com/review/1259-motorola-moto-g4-play/ ------------------------------------------------------------ For budget smartphone buyers, the phone series I continually recommend is the Motorola Moto G. Now in its fourth iteration, the Moto G has delivered excellent entry-level value since its inception, despite increasingly stronger competition from Chinese vendors. The recently-released Moto G4 Play is no exception. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA
  17. news
    Title: NikKTech & AeroCool / Thunder X3 Be Very Cool WorldWide Giveaway ( -at -) NikKTech Description: You asked and we did our best to deliver so for today's giveaway we have two P7-C1 Tempered Glass Towers up for grabs along with one TK50 Mechanical Gaming Keyboard and one TM30 Gaming Mouse all courtesy of our good friends over at AeroCool and their new Thunder X3 gaming gear brand. Article Link: http://www.nikktech.com/main/contests/7136-66-nikktech-aerocool-thunder-x3-b e-very-cool-worldwide-giveaway Image Link: http://www.nikktech.com/main/images/pics/contests/05112016/041116.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas
  18. news
    openSUSE Security Update: Security update for Mozilla Firefox ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:2735-1 Rating: important References: #1006475 #1006476 Cross-References: CVE-2016-5287 CVE-2016-5288 Affected Products: openSUSE 13.1 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: Mozilla Firefox was updated to 49.0.2 to fix two security issues and some bugs. The following vulnerabilities were fixed: * CVE-2016-5287: Crash in nsTArray_base (bsc#1006475) * CVE-2016-5288: Web content can read cache entries (bsc#1006476) The following changes and fixes are included: * Asynchronous rendering of the Flash plugins is now enabled by default * Change D3D9 default fallback preference to prevent graphical artifacts * Network issue prevents some users from seeing the Firefox UI on startup * Web compatibility issue with file uploads * Web compatibility issue with Array.prototype.values * Diagnostic information on timing for tab switching * Fix a Canvas filters graphics issue affecting HTML5 apps Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.1: zypper in -t patch 2016-1271=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.1 (i586 x86_64): MozillaFirefox-49.0.2-128.1 MozillaFirefox-branding-upstream-49.0.2-128.1 MozillaFirefox-buildsymbols-49.0.2-128.1 MozillaFirefox-debuginfo-49.0.2-128.1 MozillaFirefox-debugsource-49.0.2-128.1 MozillaFirefox-devel-49.0.2-128.1 MozillaFirefox-translations-common-49.0.2-128.1 MozillaFirefox-translations-other-49.0.2-128.1 References: https://www.suse.com/security/cve/CVE-2016-5287.html https://www.suse.com/security/cve/CVE-2016-5288.html https://bugzilla.suse.com/1006475 https://bugzilla.suse.com/1006476 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  19. news
    -------- KINGSTON HYPERX CLOUD STINGER GAMING HEADSET REVIEW ( -at -) APH NETWORKS -- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: Kingston HyperX Cloud Stinger Gaming Headset Review ( -at -) APH Networks * Description: The Stinger fits the Kingston HyperX Cloud mold, with a comfortable headset and a great overall value. * Link: http://aphnetworks.com/reviews/kingston-hyperx-cloud-stinger * Image: http://aphnetworks.com/review/kingston-hyperx-cloud-stinger/008.jpg Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5
  20. news
    openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:2732-1 Rating: important References: #1008274 Cross-References: CVE-2016-5198 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update to Chromium 54.0.2840.90: fixes the following security issues: - CVE-2016-5198: out of bounds memory access in v8 (boo#1008274) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2016-1266=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64): chromedriver-54.0.2840.90-112.1 chromedriver-debuginfo-54.0.2840.90-112.1 chromium-54.0.2840.90-112.1 chromium-debuginfo-54.0.2840.90-112.1 chromium-debugsource-54.0.2840.90-112.1 chromium-ffmpegsumo-54.0.2840.90-112.1 chromium-ffmpegsumo-debuginfo-54.0.2840.90-112.1 References: https://www.suse.com/security/cve/CVE-2016-5198.html https://bugzilla.suse.com/1008274 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  21. news
    openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:2733-1 Rating: important References: #1008274 Cross-References: CVE-2016-5198 Affected Products: openSUSE Leap 42.1 openSUSE 13.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update to Chromium 54.0.2840.90: fixes the following security issues: - CVE-2016-5198: out of bounds memory access in v8 (boo#1008274) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-1266=1 - openSUSE 13.2: zypper in -t patch openSUSE-2016-1266=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (x86_64): chromedriver-54.0.2840.90-85.1 chromedriver-debuginfo-54.0.2840.90-85.1 chromium-54.0.2840.90-85.1 chromium-debuginfo-54.0.2840.90-85.1 chromium-debugsource-54.0.2840.90-85.1 chromium-ffmpegsumo-54.0.2840.90-85.1 chromium-ffmpegsumo-debuginfo-54.0.2840.90-85.1 - openSUSE 13.2 (i586 x86_64): chromedriver-54.0.2840.90-134.1 chromedriver-debuginfo-54.0.2840.90-134.1 chromium-54.0.2840.90-134.1 chromium-debuginfo-54.0.2840.90-134.1 chromium-debugsource-54.0.2840.90-134.1 chromium-ffmpegsumo-54.0.2840.90-134.1 chromium-ffmpegsumo-debuginfo-54.0.2840.90-134.1 References: https://www.suse.com/security/cve/CVE-2016-5198.html https://bugzilla.suse.com/1008274 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  22. news
    Crucial MX300 2TB SSD Review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=db1b9e1e0b&e=872093acb5 http://www.kitguru.net =CRUCIAL MX300 2TB SSD REVIEW= When we first looked at Crucial’s MX300 drive it was only available as a limited edition 750GB model. Since then, the production of the 3D TLC NAND that the MX300 uses has reached a level to enable a fully-fledged product line up with 275GB, 525GB, 1TB and the flagship 2TB models. Along with the new additional capacities in the standard 2.5in format comes a range of MX300 M.2 SATA interfaced models available in 275GB, 525GB and 1TB variants. Read the review here: http://www.kitguru.net/components/ssd-drives/simon-crisp/crucial-mx300-2tb-ssd-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=db1b9e1e0b&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  23. news
    Title: Netgear Nighthawk X4S D7800 AC2600 WiFi VDSL/ADSL Modem Router Review ( -at -) NikKTech Description: ADSL/VDSL modem/routers are usually less powerful than their router cousins but lucky for all of us the Nighthawk X4S D7800 by Netgear is a bright exception to that rule. Article Link: http://www.nikktech.com/main/articles/peripherals/network/modem-routers/7135 -netgear-nighthawk-x4s-d7800-ac2600-wifi-vdsl-adsl-modem-router-review Image Link: http://www.nikktech.com/main/images/pics/reviews/netgear/nighthawk_x4s_d7800 /nighthawk_x4s_d7800a.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas
  24. news
    SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:2725-1 Rating: important References: #954872 #961600 #963161 #973188 #973631 #974038 #975130 #975138 #976470 #978164 #978295 #978413 #980716 #980724 #981264 #982224 #982225 #982960 #983984 #985503 #988675 #990843 #990923 #995785 #995792 Cross-References: CVE-2014-3615 CVE-2014-3672 CVE-2016-3158 CVE-2016-3159 CVE-2016-3710 CVE-2016-3712 CVE-2016-3960 CVE-2016-4001 CVE-2016-4002 CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4480 CVE-2016-5238 CVE-2016-5338 CVE-2016-5403 CVE-2016-6258 CVE-2016-6351 CVE-2016-7092 CVE-2016-7094 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 ______________________________________________________________________________ An update that solves 21 vulnerabilities and has four fixes is now available. Description: This update for xen fixes several issues. These security issues were fixed: - CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792) - CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785) - CVE-2016-5403: Unbounded memory allocation allowed a guest administrator to cause a denial of service of the host (bsc#990923) - CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c, when built with ESP/NCR53C9x controller emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the host via vectors involving DMA read into ESP command buffer (bsc#990843) - CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for up[censored] pagetable entries (bsc#988675) - CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the host via vectors related to the information transfer buffer (bsc#983984) - CVE-2016-5238: The get_cmd function in hw/scsi/esp.c might have allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982960) - CVE-2016-4453: The vmsvga_fifo_run function allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command (bsc#982225) - CVE-2016-4454: The vmsvga_fifo_read_raw function allowed local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggered an out-of-bounds read (bsc#982224) - CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264) - CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller (FSC) support did not properly check DMA length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command (bsc#980724) - CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI Controller (FSC) support did not properly check command buffer length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the host via unspecified vectors (bsc#980716) - CVE-2016-3710: The VGA module improperly performed bounds checking on banked access to video memory, which allowed local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue (bsc#978164) - CVE-2016-4480: The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen did not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might have allowed local guest OS users to gain privileges via a crafted mapping of memory (bsc#978295) - CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping (bsc#974038) - CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188) - CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function, when the Stellaris ethernet controller is configured to accept large packets, allowed remote attackers to cause a denial of service (QEMU crash) via a large packet (bsc#975130) - CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the guest NIC is configured to accept large packets, allowed remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes (bsc#975138) These non-security issues were fixed: - bsc#985503: vif-route broken - bsc#978413: PV guest upgrade from sles11sp4 to sles12sp2 alpha3 failed on sles11sp4 xen host. - bsc#954872: Script block-dmmd not working as expected - libxl: error: libxl_dm.c (another modification) - bsc#961600: Poor performance when Xen HVM domU configured with max memory > current memory - bsc#963161: Windows VM getting stuck during load while a VF is assigned to it after upgrading to latest maintenance updates - bsc#976470: Xend fails to start - bsc#973631: AWS EC2 kdump issue Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-xen-12836=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-xen-12836=1 - SUSE Manager 2.1: zypper in -t patch sleman21-xen-12836=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-xen-12836=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-xen-12836=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): xen-4.2.5_21-27.1 xen-doc-html-4.2.5_21-27.1 xen-doc-pdf-4.2.5_21-27.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.86-27.1 xen-libs-32bit-4.2.5_21-27.1 xen-libs-4.2.5_21-27.1 xen-tools-4.2.5_21-27.1 xen-tools-domU-4.2.5_21-27.1 - SUSE Manager Proxy 2.1 (x86_64): xen-4.2.5_21-27.1 xen-doc-html-4.2.5_21-27.1 xen-doc-pdf-4.2.5_21-27.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.86-27.1 xen-libs-32bit-4.2.5_21-27.1 xen-libs-4.2.5_21-27.1 xen-tools-4.2.5_21-27.1 xen-tools-domU-4.2.5_21-27.1 - SUSE Manager 2.1 (x86_64): xen-4.2.5_21-27.1 xen-doc-html-4.2.5_21-27.1 xen-doc-pdf-4.2.5_21-27.1 xen-kmp-default-4.2.5_21_3.0.101_0.47.86-27.1 xen-libs-32bit-4.2.5_21-27.1 xen-libs-4.2.5_21-27.1 xen-tools-4.2.5_21-27.1 xen-tools-domU-4.2.5_21-27.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 x86_64): xen-kmp-default-4.2.5_21_3.0.101_0.47.86-27.1 xen-libs-4.2.5_21-27.1 xen-tools-domU-4.2.5_21-27.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (x86_64): xen-4.2.5_21-27.1 xen-doc-html-4.2.5_21-27.1 xen-doc-pdf-4.2.5_21-27.1 xen-libs-32bit-4.2.5_21-27.1 xen-tools-4.2.5_21-27.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586): xen-kmp-pae-4.2.5_21_3.0.101_0.47.86-27.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): xen-kmp-default-4.2.5_21_3.0.101_0.47.86-27.1 xen-kmp-pae-4.2.5_21_3.0.101_0.47.86-27.1 xen-libs-4.2.5_21-27.1 xen-tools-domU-4.2.5_21-27.1 References: https://www.suse.com/security/cve/CVE-2014-3615.html https://www.suse.com/security/cve/CVE-2014-3672.html https://www.suse.com/security/cve/CVE-2016-3158.html https://www.suse.com/security/cve/CVE-2016-3159.html https://www.suse.com/security/cve/CVE-2016-3710.html https://www.suse.com/security/cve/CVE-2016-3712.html https://www.suse.com/security/cve/CVE-2016-3960.html https://www.suse.com/security/cve/CVE-2016-4001.html https://www.suse.com/security/cve/CVE-2016-4002.html https://www.suse.com/security/cve/CVE-2016-4439.html https://www.suse.com/security/cve/CVE-2016-4441.html https://www.suse.com/security/cve/CVE-2016-4453.html https://www.suse.com/security/cve/CVE-2016-4454.html https://www.suse.com/security/cve/CVE-2016-4480.html https://www.suse.com/security/cve/CVE-2016-5238.html https://www.suse.com/security/cve/CVE-2016-5338.html https://www.suse.com/security/cve/CVE-2016-5403.html https://www.suse.com/security/cve/CVE-2016-6258.html https://www.suse.com/security/cve/CVE-2016-6351.html https://www.suse.com/security/cve/CVE-2016-7092.html https://www.suse.com/security/cve/CVE-2016-7094.html https://bugzilla.suse.com/954872 https://bugzilla.suse.com/961600 https://bugzilla.suse.com/963161 https://bugzilla.suse.com/973188 https://bugzilla.suse.com/973631 https://bugzilla.suse.com/974038 https://bugzilla.suse.com/975130 https://bugzilla.suse.com/975138 https://bugzilla.suse.com/976470 https://bugzilla.suse.com/978164 https://bugzilla.suse.com/978295 https://bugzilla.suse.com/978413 https://bugzilla.suse.com/980716 https://bugzilla.suse.com/980724 https://bugzilla.suse.com/981264 https://bugzilla.suse.com/982224 https://bugzilla.suse.com/982225 https://bugzilla.suse.com/982960 https://bugzilla.suse.com/983984 https://bugzilla.suse.com/985503 https://bugzilla.suse.com/988675 https://bugzilla.suse.com/990843 https://bugzilla.suse.com/990923 https://bugzilla.suse.com/995785 https://bugzilla.suse.com/995792 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  25. news
    SUSE Security Update: Security update for java-1_8_0-ibm ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:2726-1 Rating: important References: #992537 Cross-References: CVE-2016-3485 CVE-2016-3511 CVE-2016-3598 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: IBM Java 8 was updated to version 8.0-3.10 to fix the following security issues: - CVE-2016-3485: Unspecified vulnerability allowed local users to affect integrity via vectors related to Networking - CVE-2016-3511: Unspecified vulnerability allowed local users to affect confidentiality, integrity, and availability via vectors related to Deployment - CVE-2016-3598: Unspecified vulnerability allowed remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries Please see https://www.ibm.com/developerworks/java/jdk/alerts/ for more information. - Add hwkeytool binary for zSeries. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1606=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1606=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): java-1_8_0-ibm-devel-1.8.0_sr3.10-15.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): java-1_8_0-ibm-1.8.0_sr3.10-15.1 - SUSE Linux Enterprise Server 12-SP1 (x86_64): java-1_8_0-ibm-alsa-1.8.0_sr3.10-15.1 java-1_8_0-ibm-plugin-1.8.0_sr3.10-15.1 References: https://www.suse.com/security/cve/CVE-2016-3485.html https://www.suse.com/security/cve/CVE-2016-3511.html https://www.suse.com/security/cve/CVE-2016-3598.html https://bugzilla.suse.com/992537 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
×