news

We have posted a new solid state report!! ------------------------------------------------------------ http://us7.campaign-archive2.com/?u=3d9b6193ffd32dd60e84fc74b&id=5025401f1a&e=312ec141fb http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=1fd26a6925&e=312ec141fb TITLE: WD Blue SSD Review (1TB) - WD Steps Into The Ring LINK: http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=3698b8d8e2&e=312ec141fb PHOTO: http://thessdreview.us7.list-manage2.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=1e52b9e0c1&e=312ec141fb INFO: Many of us know Western Digital as one of the largest HDD manufacturers in the market and that they have, for the most part, solely relied on HDD storage sales to become the giant they are today. In recent times they've adopted flash into their products. This resulted in the current WD Blue SSHD and back in 2014 the WD Black2 drive, which we saw was basically an SSD and HDD slapped together in our review (http://thessdreview.us7.list-manage2.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=0fc36fb7b5&e=312ec141fb) . These, however, are not and were not stand alone SSD products. They still have mechanical parts that are prone to failure and just cannot match the capabilities of a true SSD. Because SSDs are taking ground in storage sales and, inversely, HDD sales falling quarter after quarter in recent years, WD had to do something more than just infuse NAND with their HDD components to maintain their competitiveness. In late 2015 we learned that their decision on the matter was to simply acquired an SSD company and their target of choice was none other than SanDisk. After months of back and forth discussion and agreements WD finally purchased SanDisk for roughly $16-$19 billion in May. This purchase has allowed them to easily gain precious SSD IP and other related assets, most importantly, access to a NAND supply. Since the acquisition, WD has stayed quiet on the SSD front...until now. Today marks the release of their first full-fledged SSD, the WD Blue SSD. _________________________________________________________________________________________

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2016:2057-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2057.html Issue date: 2016-10-12 CVE Names: CVE-2016-4273 CVE-2016-4286 CVE-2016-6981 CVE-2016-6982 CVE-2016-6983 CVE-2016-6984 CVE-2016-6985 CVE-2016-6986 CVE-2016-6987 CVE-2016-6989 CVE-2016-6990 CVE-2016-6992 ===================================================================== 1. Summary: An update for flash-plugin is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.637. Security Fix(es): * This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2016-4273, CVE-2016-4286, CVE-2016-6981, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6987, CVE-2016-6989, CVE-2016-6990, CVE-2016-6992) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1383931 - CVE-2016-4273 CVE-2016-4286 CVE-2016-6981 CVE-2016-6982 CVE-2016-6983 CVE-2016-6984 CVE-2016-6985 CVE-2016-6986 CVE-2016-6987 CVE-2016-6989 CVE-2016-6990 CVE-2016-6992 flash-plugin: multiple code execution issues fixed in APSB16-32 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 5): i386: flash-plugin-11.2.202.637-1.el5_11.i386.rpm x86_64: flash-plugin-11.2.202.637-1.el5_11.i386.rpm Red Hat Enterprise Linux Server Supplementary (v. 5): i386: flash-plugin-11.2.202.637-1.el5_11.i386.rpm x86_64: flash-plugin-11.2.202.637-1.el5_11.i386.rpm Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-11.2.202.637-1.el6_8.i686.rpm x86_64: flash-plugin-11.2.202.637-1.el6_8.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-11.2.202.637-1.el6_8.i686.rpm x86_64: flash-plugin-11.2.202.637-1.el6_8.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-11.2.202.637-1.el6_8.i686.rpm x86_64: flash-plugin-11.2.202.637-1.el6_8.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-4273 https://access.redhat.com/security/cve/CVE-2016-4286 https://access.redhat.com/security/cve/CVE-2016-6981 https://access.redhat.com/security/cve/CVE-2016-6982 https://access.redhat.com/security/cve/CVE-2016-6983 https://access.redhat.com/security/cve/CVE-2016-6984 https://access.redhat.com/security/cve/CVE-2016-6985 https://access.redhat.com/security/cve/CVE-2016-6986 https://access.redhat.com/security/cve/CVE-2016-6987 https://access.redhat.com/security/cve/CVE-2016-6989 https://access.redhat.com/security/cve/CVE-2016-6990 https://access.redhat.com/security/cve/CVE-2016-6992 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb16-32.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFX/n7xXlSAg2UNWIIRAsVXAJwL/4ZCoClD7cAvqvPN13L7ccpYNQCgogk5 6UAFhMbkHmPLVjTeEA1eCe8= =qe9H -----END PGP SIGNATURE----- --

TITLE: Fierce PC Dragon Shield Review ( -at -) Vortez CONTENT: In the spotlight today is the Dragon Shield from Fierce PC. This computer system is a high-end offering which is laden with features. This rig takes advantage of Intel's Z170 chipset and therefore makes use of the Intel Core i7-6700K. Accompanying this CPU there is 16GB DDR4, GTX 1070 and a trio of storage drives including M.2 NVMe technology. Not only has Fierce PC overclocked the CPU and GPU but they've also installed a custom water cooling configuration in order to achieve extremely low-temperatures. LINK: http://www.vortez.net/review.php?id=1215 ---------------------------------------------------------------------------- -------------------- Please post this news item in your news section. Thank you.

Hi, here're the Redaktion ocinside.de News from Wednesday, 12 October 2016: The well-known manufacturer Aerocool released a real beast with their new Xpredator II case. With this case they are going big, not only in terms of size. With its agressive design and the window it addresses mainly gamer and modder who want to show which hardware they have inside. Its predecessor has been available in many different color designs while the Xpredator II is only available in the classic colors white with blue fans and black with red fans as of now. Title: Aerocool XPredator II Review Link: http://www.ocinside.de/review/aerocool_xpredator_ii/ Small news picture: http://www.ocinside.de/media/uploads/aerocool_xpredator_ii-150x72.jpg Thanks for posting and Best Regards, Jens Pressel Redaktion ocinside.de http://www.ocinside.de

SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:2513-1 Rating: important References: #999701 Cross-References: CVE-2016-5250 CVE-2016-5257 CVE-2016-5261 CVE-2016-5270 CVE-2016-5272 CVE-2016-5274 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-5280 CVE-2016-5281 CVE-2016-5284 Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes 12 vulnerabilities is now available. Description: MozillaFirefox was updated to 45.4.0 ESR to fix the following issues (bsc#999701): The following security issue were fixed: * MFSA 2016-86/CVE-2016-5270: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString * MFSA 2016-86/CVE-2016-5272: Bad cast in nsImageGeometryMixin * MFSA 2016-86/CVE-2016-5276: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList * MFSA 2016-86/CVE-2016-5274: use-after-free in nsFrameManager::CaptureFrameState * MFSA 2016-86/CVE-2016-5277: Heap-use-after-free in nsRefreshDriver::Tick * MFSA 2016-86/CVE-2016-5278: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame * MFSA 2016-86/CVE-2016-5280: Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap * MFSA 2016-86/CVE-2016-5281: use-after-free in DOMSVGLength * MFSA 2016-86/CVE-2016-5284: Add-on update site certificate pin expiration * MFSA 2016-86/CVE-2016-5250: Resource Timing API is storing resources sent by the previous page * MFSA 2016-86/CVE-2016-5261: Integer overflow and memory corruption in WebSocketChannel * MFSA 2016-86/CVE-2016-5257: Various memory safety bugs fixed in Firefox 49 and Firefox ESR 45.4 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-MozillaFirefox-12784=1 - SUSE Manager Proxy 2.1: zypper in -t patch slemap21-MozillaFirefox-12784=1 - SUSE Manager 2.1: zypper in -t patch sleman21-MozillaFirefox-12784=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-MozillaFirefox-12784=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-MozillaFirefox-12784=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-MozillaFirefox-12784=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-MozillaFirefox-12784=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-MozillaFirefox-12784=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-MozillaFirefox-12784=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): MozillaFirefox-45.4.0esr-53.1 MozillaFirefox-translations-45.4.0esr-53.1 - SUSE Manager Proxy 2.1 (x86_64): MozillaFirefox-45.4.0esr-53.1 MozillaFirefox-translations-45.4.0esr-53.1 - SUSE Manager 2.1 (s390x x86_64): MozillaFirefox-45.4.0esr-53.1 MozillaFirefox-translations-45.4.0esr-53.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-devel-45.4.0esr-53.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-45.4.0esr-53.1 MozillaFirefox-translations-45.4.0esr-53.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): MozillaFirefox-45.4.0esr-53.1 MozillaFirefox-translations-45.4.0esr-53.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): MozillaFirefox-45.4.0esr-53.1 MozillaFirefox-translations-45.4.0esr-53.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): MozillaFirefox-debuginfo-45.4.0esr-53.1 MozillaFirefox-debugsource-45.4.0esr-53.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): MozillaFirefox-debuginfo-45.4.0esr-53.1 MozillaFirefox-debugsource-45.4.0esr-53.1 References: https://www.suse.com/security/cve/CVE-2016-5250.html https://www.suse.com/security/cve/CVE-2016-5257.html https://www.suse.com/security/cve/CVE-2016-5261.html https://www.suse.com/security/cve/CVE-2016-5270.html https://www.suse.com/security/cve/CVE-2016-5272.html https://www.suse.com/security/cve/CVE-2016-5274.html https://www.suse.com/security/cve/CVE-2016-5276.html https://www.suse.com/security/cve/CVE-2016-5277.html https://www.suse.com/security/cve/CVE-2016-5278.html https://www.suse.com/security/cve/CVE-2016-5280.html https://www.suse.com/security/cve/CVE-2016-5281.html https://www.suse.com/security/cve/CVE-2016-5284.html https://bugzilla.suse.com/999701 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

NEWERTECH HOLIDAY GIFT GUIDE/STOCKING STUFFER GADGET IDEAS 2016 ========== http://sable.madmimi.com/c/71191?id=549734.3248.1.89dcead8e762fbc938e469ed22c32a4a ( http://sable.madmimi.com/c/71191?id=549734.3285.1.f05e438463e1a69cd7a6e320268d46f4 ) ========== **NEWERTECH: Mac/Smartphone/Tablet Accessories** http://sable.madmimi.com/c/71191?id=549734.3249.1.1b3ee9660f4f1778a388b04d158c0103 ( http://sable.madmimi.com/c/71191?id=549734.3286.1.5b6429c5837c6ae897a4328e7f350b50 ): **NewerTech NuGuard KXs Case for iPhone 7, 6 & 6s, Screen Protector for iPhone/iPad: ** **NuGuard KX case for iPhone 7 and 7 Plus:** the KX case uses **state­-of-­the-­art military-grade X­Orbing Gel Technology** to absorb and evenly distribute kinetic energy. This revolutionary technology is engineered into a **one-piece design that features a hard outer shell integrated with a soft interior core,** providing protection and style at a **price you’d pay for a regular case.** Incredibly thin at ½â€Â, it protects your iPhone 7, iPhone 7 Plus, and other iPhones against accidental drops, impacts, and scratches, while still easily fitting in your pocket. **Price:** **iPhone 7 $49.99 ($29.99 at most outlets). ** **iPhone 7 Plus $59.99 ($34.99 at most outlets).** **Release:** http://sable.madmimi.com/c/71191?id=549734.3251.1.1e5527131928479e66b5ed3a51891d22 ( http://sable.madmimi.com/c/71191?id=549734.3287.1.e479806a4699164d385019c3673785a6 ) **Photo:** http://sable.madmimi.com/c/71191?id=549734.3250.1.06f567dc413f035a896c1cd62ecdeba4 ( http://sable.madmimi.com/c/71191?id=549734.3252.1.0a4c58d29203542efb00c7923568e040 ) **Buy at:** http://sable.madmimi.com/c/71191?id=549734.3253.1.4343c8dac7e13ff9943e103faa149020 ( http://sable.madmimi.com/c/71191?id=549734.3288.1.4c36232da3dc188028efedf7e50a5384 ) **NuGuard Screen Armor:** provides incredible scratch, shatter, and impact protection for iPhones and iPads with great functionality that doesn’t impede the display, at a price you’d pay for just a basic screen cover -- for iPhone 7, 4, 5, 6, 6 Plus, SE, iPads and Galaxy S4. **Price: $1.99 - $33.99** **Info:** http://sable.madmimi.com/c/71191?id=549734.3254.1.bc1ffc2b5905e2c3fe16004374c17c83 ( http://sable.madmimi.com/c/71191?id=549734.3289.1.1ec42b87e851440d0e7b4d14d8db29a8 ) **Photo:** http://sable.madmimi.com/c/71191?id=549734.3255.1.b7f30694092ba9d5777c30cf3242885c ( http://sable.madmimi.com/c/71191?id=549734.3290.1.ec45e97e16be57076da1607ebeeca969 ) **Buy at:** http://sable.madmimi.com/c/71191?id=549734.3256.1.3b12434dda1b6292ff09d6faf3c031d5 ( http://sable.madmimi.com/c/71191?id=549734.3291.1.eeeec5d5b0c97d3c4d33da0e8ea56242 ) **NewerTech NuGuard Snap-On Laptop Covers:** protect your MacBook in style. The custom fit, two-piece hard shell covers with soft-touch exterior and vivid finish protects your laptop from damage, is easy to install and remove, and features rubberized feet to keep it stable and vent slots to help prevent overheating. The NuGuard Snap-On Laptop Covers are available in **11 vibrant colors and designs**, including blue, purple, pink, black, white, mint green, light blue, yellow, orange, American flag design and more. **Price:** **$11.74 - $16.99** **Info:** http://sable.madmimi.com/c/71191?id=549734.3258.1.1c978fa6347f5009e6e5a06de599b481 ( http://sable.madmimi.com/c/71191?id=549734.3292.1.78abd02f989ffb10a561b68028507b6f ) **Photo:** http://sable.madmimi.com/c/71191?id=549734.3257.1.f76487212d013675e9cf6d5629feee43 ( http://sable.madmimi.com/c/71191?id=549734.3259.1.d391a17d314ce8d7d3574cee788e8b66 ) **Buy at:** http://sable.madmimi.com/c/71191?id=549734.3260.1.bda11692d34a7f0da400ff5c178fdc5c ( http://sable.madmimi.com/c/71191?id=549734.3293.1.37d22db504cfab543957a8f1f13c33ee ) **NewerTech NuGuard Keyboard Cover:** provides protection and style to your laptop without compromising functionality. The NuGuard Keyboard Cover has a smooth surface feel for easy typing while **protecting your laptop’s delicate keyboard from wear and tear, food, and dust.** The keyboard cover is super easy to install, with the option to change out the color as you’d like. Easy to clean by quickly rinsing with water and drying, the NuGuard Keyboard Cover is available in 12 colors for all MacBook Air and MacBook Pro Retina laptops from 2011 to current. **Price: from $9.49** **Info:** http://sable.madmimi.com/c/71191?id=549734.3262.1.74f41cf77c25747a76de949dd5fd1432 ( http://sable.madmimi.com/c/71191?id=549734.3294.1.2f90168c9b389dc09e4aef3ae3bd04d0 ) **Photo:** http://sable.madmimi.com/c/71191?id=549734.3261.1.ede5352fc69b85b39315cf1b57017de1 ( http://sable.madmimi.com/c/71191?id=549734.3263.1.23be4535d22bbadc5b4698ed3b2f9d1e ) **Buy at:** http://sable.madmimi.com/c/71191?id=549734.3264.1.7a202085d1e8b5177e2957ec9abfbc5f ( http://sable.madmimi.com/c/71191?id=549734.3295.1.aa5200d715248462f444ae91b76c0d2f ) **The NewerTech NuPower Battery:** engineered to perfectly complement the fit and finish of the MacBook Air, the 55 watt-hour NuPower Battery for 13†MacBook Air laptops meets all Apple standards, allowing users to replace their Apple battery when its performance declines. NewerTech also offers similar batteries for all unibody and non-unibody standard MacBook Pro (non-retina) as well as most MacBook Air laptops. **Price:** **$79 and up** **Info:** http://sable.madmimi.com/c/71191?id=549734.3266.1.354decbb6390c77c0ed5d6bb57e91ff2 ( http://sable.madmimi.com/c/71191?id=549734.3296.1.7199665f8b65a1c41a3ad98251bee7e4 ) **Photo:** http://sable.madmimi.com/c/71191?id=549734.3265.1.00d85583ccc2ceefcf475bd0407c6b37 ( http://sable.madmimi.com/c/71191?id=549734.3267.1.dece539bf858545bdda25825fea627c3 ) **Buy at:** http://sable.madmimi.com/c/71191?id=549734.3268.1.71d2d65782f41b706ea218582ce5fde6 ( http://sable.madmimi.com/c/71191?id=549734.3297.1.3091288fb19b7a4f7fdb30444f7f2c43 ) **NewerTech Next Generation Power2U AC/USB in-wall charger:** the patented AC/USB dual-socket in-wall charging solution eliminates clutter to **charge up to 4 devices at once** with 2 integrated USB ports and 2 additional AC plugs for simultaneous powering. **Price: $15.99-$29.95** **Release:** http://sable.madmimi.com/c/71191?id=549734.3270.1.33623fcb045f6f10fb5af674b7ba670a ( http://sable.madmimi.com/c/71191?id=549734.3298.1.af4e8a4695fd516144ec0aa5c00d3c0a ) **Photo:** http://sable.madmimi.com/c/71191?id=549734.3269.1.f6f0b74381e51300be5f16933f3196af ( http://sable.madmimi.com/c/71191?id=549734.3271.1.10deba81801b9cb1c2cc61f1ac509644 ) **Buy at:** http://sable.madmimi.com/c/71191?id=549734.3272.1.88889d88046d9262b47ef1b6ce9e14ea ( http://sable.madmimi.com/c/71191?id=549734.3299.1.2f404bd4e53e8bf01188838f1b808475 ) **NewerTech Wireless Aluminum Keypad: designed to complement the look and feel of Apple keyboards**, the Wireless Keypad features precision machined aluminum housing, **white keys, and a bracket that attaches to the Apple keyboard – no tools needed.** The NewerTech Keypad is built to rigorous standards with input from accountants for maximum number crunching workflow. **Price: $54.95 ($39.99 at most outlets)** **Release:** http://sable.madmimi.com/c/71191?id=549734.3274.1.c3b9c4f4e9d41112edec45875ec8ad34 ( http://sable.madmimi.com/c/71191?id=549734.3300.1.7ef1a02dfa7ffb8144d9326be7c15f9c ) **Photo:** http://sable.madmimi.com/c/71191?id=549734.3273.1.a846e800334e34b026064a1ebd8f6b93 ( http://sable.madmimi.com/c/71191?id=549734.3275.1.0813f534a6969ad8b069a9f55bd43f6d ) **Buy at:** http://sable.madmimi.com/c/71191?id=549734.3276.1.3233746a733939d389686a90db293538 ( http://sable.madmimi.com/c/71191?id=549734.3301.1.9800906d6202c1eadad59fb0e9282d37 ) **FOR REVIEW COPIES OR MORE INFORMATION, CONTACT:** Karen Thomas/Eva Yutani Thomas PR kthomas ( -at -) thomaspr.com ( mailto:kthomas ( -at -) thomaspr.com ) / eyutani ( -at -) thomaspr.com ( mailto:eyutani ( -at -) thomaspr.com ) http://sable.madmimi.com/c/71191?id=549734.3277.1.621a0910d52fd75367f9b14e19c3eb24 ( http://sable.madmimi.com/c/71191?id=549734.3279.1.dca70d3e0beb1d27de309a52041c0f48 ) http://sable.madmimi.com/c/71191?id=549734.3278.1.c922c95d4cf44003daa4d6862475a586 ( http://sable.madmimi.com/c/71191?id=549734.3302.1.43fa6f97a8646dae274ce147b5253280 ) (631) 549-7575 Web Version http://sable.madmimi.com/c/71191?id=549734.3303.1.b7aa92de215b5aa1d8958641e1bd9798&p=eyIlN0IlN0JtaW1pLXNpZ25hdHVyZSU3RCU3RCI6IjEzNDg1NzIxMi05MjUzNTk4NTg1LTlmYjkyNTgyNDRmYWY1OWNlMzQ0NGQ4MmE4ZDNhYzZjMTlkZWY0ZTYiLCIlN0IlN0JlbWFpbElkJTdEJTdEIjoiNTQ5NzM0In0= Unsubscribe https://go.madmimi.com/opt_out?fe=1&pact=549734-134857212-9253598585-9fb9258244faf59ce3444d82a8d3ac6c19def4e6&amx=9253598585 Karen Thomas, Thomas PR | Thomas PR, 734 Walt Whitman Rd #403, Melville, NY 11747

View this email in your browser (http://us3.campaign-archive1.com/?u=efc4c507c2cf964fc2462caca&id=d91ac07105&e=0c004f9c13) Yesterday, Gear of War 4 landed with boots on the ground for Microsoft Windows and the Xbox One console. This fifth entry in the series marks the first time a Gears title has launched simultaneously on both the PC and Xbox. It's also breaking new ground with cross-play functionality between the two platforms and is part of the Microsoft Xbox Play Anywhere program. Also, Gears of War 4 is a great looking game that makes impressive use of Epic Games' Unreal Engine 4 and the rich visual effects and rendering the powerful game engine offers. Gloriously, those playing on the PC have over 30 graphics settings (#PCMasterRace)... Is Gears 4 the blockbuster we'd hope for? How does it perform on modern PC setups? That's what we'll aim to lay down for you on the pages ahead... Gears of War 4 Review And Benchmark Performance Quick Take (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=9f6a30c023&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=77b630ba9e&e=0c004f9c13 http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=54fac40114&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=753393b046&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=ce6ddeb884&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=e1133b3d24&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=215e97617e&e=0c004f9c13 ============================================================

SUSE Security Update: Security update for flash-playerqemu ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:2512-1 Rating: important References: #1003993 #1004019 Cross-References: CVE-2016-4273 CVE-2016-4286 CVE-2016-6981 CVE-2016-6982 CVE-2016-6983 CVE-2016-6984 CVE-2016-6985 CVE-2016-6986 CVE-2016-6987 CVE-2016-6989 CVE-2016-6990 CVE-2016-6992 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 12 vulnerabilities is now available. Description: flash-player was updated to version 11.2.202.637 to fix the following issues (bsc#1004019): CVE-2016-6992: A type confusion vulnerability that could lead to code execution. CVE-2016-6981, CVE-2016-6987: use-after-free vulnerabilities that could lead to code execution CVE-2016-4286: Security bypass vulnerability CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, CVE-2016-6990: Memory corruption vulnerabilities that could lead to code execution Also the EULA was updated to version 23.0 (bsc#1003993). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-1468=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1468=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): flash-player-11.2.202.637-143.1 flash-player-gnome-11.2.202.637-143.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): flash-player-11.2.202.637-143.1 flash-player-gnome-11.2.202.637-143.1 References: https://www.suse.com/security/cve/CVE-2016-4273.html https://www.suse.com/security/cve/CVE-2016-4286.html https://www.suse.com/security/cve/CVE-2016-6981.html https://www.suse.com/security/cve/CVE-2016-6982.html https://www.suse.com/security/cve/CVE-2016-6983.html https://www.suse.com/security/cve/CVE-2016-6984.html https://www.suse.com/security/cve/CVE-2016-6985.html https://www.suse.com/security/cve/CVE-2016-6986.html https://www.suse.com/security/cve/CVE-2016-6987.html https://www.suse.com/security/cve/CVE-2016-6989.html https://www.suse.com/security/cve/CVE-2016-6990.html https://www.suse.com/security/cve/CVE-2016-6992.html https://bugzilla.suse.com/1003993 https://bugzilla.suse.com/1004019 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:2507-1 Rating: important References: #966467 #970135 #971949 #988675 #990970 #991934 #992224 #993507 #994136 #994421 #994625 #994761 #994772 #994775 #995785 #995789 #995792 #997731 Cross-References: CVE-2016-6258 CVE-2016-6833 CVE-2016-6834 CVE-2016-6835 CVE-2016-6836 CVE-2016-6888 CVE-2016-7092 CVE-2016-7093 CVE-2016-7094 CVE-2016-7154 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 10 vulnerabilities and has 8 fixes is now available. Description: This update for xen fixes several issues. These security issues were fixed: - CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785) - CVE-2016-7093: Xen allowed local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation (bsc#995789) - CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792) - CVE-2016-7154: Use-after-free vulnerability in the FIFO event channel code in Xen allowed local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number (bsc#997731) - CVE-2016-6836: VMWARE VMXNET3 NIC device allowed privileged user inside the guest to leak information. It occured while processing transmit(tx) queue, when it reaches the end of packet (bsc#994761) - CVE-2016-6888: A integer overflow int the VMWARE VMXNET3 NIC device support, during the initialisation of new packets in the device, could have allowed a privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#994772) - CVE-2016-6833: A use-after-free issue in the VMWARE VMXNET3 NIC device support allowed privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#994775) - CVE-2016-6835: Buffer overflow in the VMWARE VMXNET3 NIC device support, causing an OOB read access (bsc#994625) - CVE-2016-6834: A infinite loop during packet fragmentation in the VMWARE VMXNET3 NIC device support allowed privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#994421) - CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for up[censored] pagetable entries (bsc#988675) These non-security issues were fixed: - bsc#993507: virsh detach-disk failing to detach disk - bsc#991934: Xen hypervisor crash in csched_acct - bsc#992224: During boot of Xen Hypervisor, Failed to get contiguous memory for DMA - bsc#970135: New virtualization project clock test randomly fails on Xen - bsc#994136: Unplug also SCSI disks in qemu-xen-traditional for upstream unplug protocol - bsc#994136: xen_platform: unplug also SCSI disks in qemu-xen - bsc#971949: xl: Support (by ignoring) xl migrate --live. xl migrations are always live - bsc#990970: Add PMU support for Intel E7-8867 v4 (fam=6, model=79) - bsc#966467: Live Migration SLES 11 SP3 to SP4 on AMD Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-xen-12782=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xen-12782=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xen-12782=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): xen-devel-4.4.4_08-40.2 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): xen-kmp-default-4.4.4_08_3.0.101_80-40.2 xen-libs-4.4.4_08-40.2 xen-tools-domU-4.4.4_08-40.2 - SUSE Linux Enterprise Server 11-SP4 (x86_64): xen-4.4.4_08-40.2 xen-doc-html-4.4.4_08-40.2 xen-libs-32bit-4.4.4_08-40.2 xen-tools-4.4.4_08-40.2 - SUSE Linux Enterprise Server 11-SP4 (i586): xen-kmp-pae-4.4.4_08_3.0.101_80-40.2 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): xen-debuginfo-4.4.4_08-40.2 xen-debugsource-4.4.4_08-40.2 References: https://www.suse.com/security/cve/CVE-2016-6258.html https://www.suse.com/security/cve/CVE-2016-6833.html https://www.suse.com/security/cve/CVE-2016-6834.html https://www.suse.com/security/cve/CVE-2016-6835.html https://www.suse.com/security/cve/CVE-2016-6836.html https://www.suse.com/security/cve/CVE-2016-6888.html https://www.suse.com/security/cve/CVE-2016-7092.html https://www.suse.com/security/cve/CVE-2016-7093.html https://www.suse.com/security/cve/CVE-2016-7094.html https://www.suse.com/security/cve/CVE-2016-7154.html https://bugzilla.suse.com/966467 https://bugzilla.suse.com/970135 https://bugzilla.suse.com/971949 https://bugzilla.suse.com/988675 https://bugzilla.suse.com/990970 https://bugzilla.suse.com/991934 https://bugzilla.suse.com/992224 https://bugzilla.suse.com/993507 https://bugzilla.suse.com/994136 https://bugzilla.suse.com/994421 https://bugzilla.suse.com/994625 https://bugzilla.suse.com/994761 https://bugzilla.suse.com/994772 https://bugzilla.suse.com/994775 https://bugzilla.suse.com/995785 https://bugzilla.suse.com/995789 https://bugzilla.suse.com/995792 https://bugzilla.suse.com/997731 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Bigbruin.com is running a contest that may be of interest to your readers. A post on your site would be greatly appreciated. Title: Win Tesoro Excalibur V2 Mechanical Gaming Keyboard at Bigbruin.com Link: http://bigbruin.com/item_37905 Quote: Are you ready for some football? Up for grabs in week six of Bigbruin.com's Pro Football Pick 'Em is a Tesoro Excalibur V2 mechanical gaming keyboard! Thank you. Best regards, Jason www.bigbruin.com --

MSI X99A Tomahawk Motherboard Review ------------------------------------------------------------ http://us2.campaign-archive1.com/?u=bfb2b902b5fb045ad6f841f98&id=42a920f4f2&e=872093acb5 http://www.kitguru.net =MSI X99A TOMAHAWK MOTHERBOARD REVIEW= MSI has been keenly expanding its range of X99 motherboards, particularly gaming-oriented varieties, in reaction to Intel’s Broadwell-E CPUs for LGA 2011-3. Prospective X99 buyers now have a formidable number of options to choose from in the wider X99 marketplace, as well as from within MSI’s own range. Read the review here: http://www.kitguru.net/components/cases/henry-butt/aerocool-strike-x-air-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=42a920f4f2&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

<http://www.eteknix.com> Crucial MX300 M.2 525GB SSD Review By now I've got to know the Crucial MX300 series pretty well. I initially reviewed the limited edition 750GB model upon release and recently we had a look at the largest model which comes with 2TB capacity. Today it is time to check out the physically smaller and compact M.2 2280 format and I got the Crucial MX300 M.2 SSD with 525GB capacity in for the testing. URL - http://www.eteknix.com/crucial-mx300-m-2-525gb-ssd-review/ --

Title: AK Racing Premium V2 Gaming Chair Review ( -at -) NikKTech Description: Thanks to the elegant looks, very good body support and excellent build quality of the Premium V2 line AK Racing has proven that gaming chairs are not just for gamers. Article Link: http://www.nikktech.com/main/articles/peripherals/gaming-chairs/7045-ak-raci ng-premium-v2-gaming-chair-review Image Link: http://www.nikktech.com/main/images/pics/reviews/akracing/premium_v2/akracin g_premium_v2b.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas

** TECHSPOT ------------------------------------------------------------ ** Apple iPhone 7 Plus Review ------------------------------------------------------------ ** http://www.techspot.com/review/1258-apple-phone-7-plus/ ------------------------------------------------------------ Apple has been following a “tick-tock†cadence of releasing a newly designed iPhone and following it up a year later with an optimized “s†variant. This year, however, Apple broke precedent by launching a third model on the same design. Yes, the iPhone 7 Plus looks a lot like the two iPhones before it. However, upon closer inspection, there are some unmistakable differences. Thank you. Julio Franco Executive Editor | TECHSPOT (http://www.techspot.com) ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

CentOS Errata and Security Advisory 2016:2047 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-2047.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: ebe4618129ac1dfc2c10cf5eaf8382a21bb887665f334a48c21c986f0e1b18ec kernel-3.10.0-327.36.2.el7.x86_64.rpm 847b2e08b15e95ac648c58fbe155003bcbb06d533bf9b9c9657c67f679c3abe1 kernel-abi-whitelists-3.10.0-327.36.2.el7.noarch.rpm cb6d2280867101ed451551fb6fb9a7882b17f1374b17c67a751fd4fad558ddcb kernel-debug-3.10.0-327.36.2.el7.x86_64.rpm 44a614b76188f6aedfdcc0318530e781563d8224a9d91f925a2938e28cda3442 kernel-debug-devel-3.10.0-327.36.2.el7.x86_64.rpm b3d22808b0f9ed988a9491f0334c51eb4fe298f5aa057ee7d1bcdb4cb45602cf kernel-devel-3.10.0-327.36.2.el7.x86_64.rpm b39f1780d7fd84cfb26ada300491447dcc159aa9c1ee31e9004ac5d6dfcd06dc kernel-doc-3.10.0-327.36.2.el7.noarch.rpm 3b94997297e7a2c2870fa4c49d87a8cdd6dd454894cb7151d43684245f8e39bc kernel-headers-3.10.0-327.36.2.el7.x86_64.rpm 7afafc06a4e7e2f27e19479bda900b96eb605c62b41d440b518d36ea69a30d59 kernel-tools-3.10.0-327.36.2.el7.x86_64.rpm fd03eca27b0eb2f6b86c688c1d0740aaabe0004b0c6e9018c6f607dd25b20d98 kernel-tools-libs-3.10.0-327.36.2.el7.x86_64.rpm 6b4221c60ef0a3f3da8fb31da03f7088606f661f236d8e5577c87c7570ec7a6e kernel-tools-libs-devel-3.10.0-327.36.2.el7.x86_64.rpm 25d823ad940eb3d120feabc3ed6796de8f7257272851154bb01ffb9d1ccac0bd perf-3.10.0-327.36.2.el7.x86_64.rpm 6283a448db29cfe72ac6b25a1054d56d0c7ea0da84940b74c037331dda9425e1 python-perf-3.10.0-327.36.2.el7.x86_64.rpm Source: a4fd031322c48e0d7466268c0a699320ec516615586d08b616d0dd4bcdd05a6f kernel-3.10.0-327.36.2.el7.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Security Advisory 2016:2045 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-2045.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: babc3fcb381b2c8d30dbbd2d272c5b7fa7dcdb570eb0144056d11ab451a586fe tomcat6-6.0.24-98.el6_8.noarch.rpm 455da241543545f395e7e85c06a2249f83e521522b474f5c5222de84503889c2 tomcat6-admin-webapps-6.0.24-98.el6_8.noarch.rpm 5b8a16864184e4155c660d85f8b6f9ec3cd1d40f4056f88d36233a051168ec2f tomcat6-docs-webapp-6.0.24-98.el6_8.noarch.rpm 9b8196109a7292418c55e94700c2f198dd4712883c82e60d61702e13c2b11bd3 tomcat6-el-2.1-api-6.0.24-98.el6_8.noarch.rpm 4409dfecb3c0b531458dd2f86dc43c965d083f436d45d9b848d9a0d7226c20f9 tomcat6-javadoc-6.0.24-98.el6_8.noarch.rpm 4dccee678ed84584f126220a53ae28f4b182d3d64dc7dec1c177434099ff6a7b tomcat6-jsp-2.1-api-6.0.24-98.el6_8.noarch.rpm 731391be52bd1066857f0bee453696a9e959bb1d96f5dffde6d49d573d3bbee5 tomcat6-lib-6.0.24-98.el6_8.noarch.rpm 6c8e62432a06f732d72cca4eac58d2f307af3999a194dbc7a6ea81fcc0b14443 tomcat6-servlet-2.5-api-6.0.24-98.el6_8.noarch.rpm 60fbf08353015b0172bd2eb9019693699b392509ddd391e24b11f729e095d51b tomcat6-webapps-6.0.24-98.el6_8.noarch.rpm x86_64: babc3fcb381b2c8d30dbbd2d272c5b7fa7dcdb570eb0144056d11ab451a586fe tomcat6-6.0.24-98.el6_8.noarch.rpm 455da241543545f395e7e85c06a2249f83e521522b474f5c5222de84503889c2 tomcat6-admin-webapps-6.0.24-98.el6_8.noarch.rpm 5b8a16864184e4155c660d85f8b6f9ec3cd1d40f4056f88d36233a051168ec2f tomcat6-docs-webapp-6.0.24-98.el6_8.noarch.rpm 9b8196109a7292418c55e94700c2f198dd4712883c82e60d61702e13c2b11bd3 tomcat6-el-2.1-api-6.0.24-98.el6_8.noarch.rpm 4409dfecb3c0b531458dd2f86dc43c965d083f436d45d9b848d9a0d7226c20f9 tomcat6-javadoc-6.0.24-98.el6_8.noarch.rpm 4dccee678ed84584f126220a53ae28f4b182d3d64dc7dec1c177434099ff6a7b tomcat6-jsp-2.1-api-6.0.24-98.el6_8.noarch.rpm 731391be52bd1066857f0bee453696a9e959bb1d96f5dffde6d49d573d3bbee5 tomcat6-lib-6.0.24-98.el6_8.noarch.rpm 6c8e62432a06f732d72cca4eac58d2f307af3999a194dbc7a6ea81fcc0b14443 tomcat6-servlet-2.5-api-6.0.24-98.el6_8.noarch.rpm 60fbf08353015b0172bd2eb9019693699b392509ddd391e24b11f729e095d51b tomcat6-webapps-6.0.24-98.el6_8.noarch.rpm Source: 8cc419390cbabc3dfb9e795201c6f6e239f14a261040617a6a912b4a45c5efed tomcat6-6.0.24-98.el6_8.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Security Advisory 2016:2046 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-2046.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 990b46136d7ab37e16fdab314e3a7fc4a9e95901d98953492a4dc7bf98b0dec5 tomcat-7.0.54-8.el7_2.noarch.rpm 2b0c2940d3523cd8170558b1897fd93fbe6a5e7894d4a0a5ae47b1ad1ecabb4b tomcat-admin-webapps-7.0.54-8.el7_2.noarch.rpm c1f18a6f43d1cf29b0888d4dab35d882b46d9bd7156810f0bc6c9b945b45eeb0 tomcat-docs-webapp-7.0.54-8.el7_2.noarch.rpm 3ed5a6d37d1ec192b61b9f863631e3e76500ab25fc50aedbf5aa21152eedd88e tomcat-el-2.2-api-7.0.54-8.el7_2.noarch.rpm 4aa21b8b8042fe7cc2b599c104c5f4a89b02df885f6748f317982864c3f5d450 tomcat-javadoc-7.0.54-8.el7_2.noarch.rpm 2c3fd0e09736dc0408b05ad357a231a6550ad47f62ff251c340e902fa02e2537 tomcat-jsp-2.2-api-7.0.54-8.el7_2.noarch.rpm 51bc5c893efb34dfc35fed0db6b1e8d4a527ee0f49d252f48ee443a5c75e3594 tomcat-jsvc-7.0.54-8.el7_2.noarch.rpm e5cce66ab49deaa2da78f6b442e995f80c8c0ab4fcf60a79cbdeceda15584eea tomcat-lib-7.0.54-8.el7_2.noarch.rpm 84d7acb6b5e1a7ab32db77a05e82975e771e744131a69ebae403db04047885e2 tomcat-servlet-3.0-api-7.0.54-8.el7_2.noarch.rpm cfc59e3f3f4cb38eaac619747c41fd120eede51549968a351b0628d2d3507df0 tomcat-webapps-7.0.54-8.el7_2.noarch.rpm Source: f07116727e04e380d023855560f28ec3e5d104fb8f13c9cb59ffe1901f864068 tomcat-7.0.54-8.el7_2.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

Hello editors, Today we're taking a look at the Vernazza gaming chair from Swedish company Arozzi. This brand aims to provide premium solutions oriented for enthusiasts and gamers, and the Vernazza certainly looks and feels the part. It's also priced accordingly as well, going for $399 USD straight from the manufacturer. Join as we take a look at what exactly that sort of money gets you in a gaming chair! http://www.neoseeker.com/Articles/Hardware/Reviews/arozzi-vernazza/ "The resulting product is a very [censored]y looking gaming chair that lives up to > its name inspiration. Vernazza, located in northwestern Italy, is one of > the most stunning cliff towns in the world. Now I'm pretty sure one would > still look a bit silly lounging by the poolside on such a gaming chair, but > at least it can be done since the Vernazza can go almost flat while still > properly maintaining its balance." Thanks as always for any linkage, we appreciate your support! Neoseeker Hardware http://www.neoseeker.com/ hardware ( -at -) neoseeker.com

Hello editors, Today we're taking a look at the Vernazza gaming chair from Swedish company Arozzi. This brand aims to provide premium solutions oriented for enthusiasts and gamers, and the Vernazza certainly looks and feels the part. It's also priced accordingly as well, going for $399 USD straight from the manufacturer. Join as we take a look at what exactly that sort of money gets you in a gaming chair! http://www.neoseeker.com/Articles/Hardware/Reviews/arozzi-vernazza/ "The resulting product is a very [censored]y looking gaming chair that lives up to > its name inspiration. Vernazza, located in northwestern Italy, is one of > the most stunning cliff towns in the world. Now I'm pretty sure one would > still look a bit silly lounging by the poolside on such a gaming chair, but > at least it can be done since the Vernazza can go almost flat while still > properly maintaining its balance." Thanks as always for any linkage, we appreciate your support! Neoseeker Hardware http://www.neoseeker.com/ hardware ( -at -) neoseeker.com

View this email in your browser (http://us3.campaign-archive2.com/?u=efc4c507c2cf964fc2462caca&id=29a3e829d4&e=0c004f9c13) Although they were initially announced all the way back at Computex, ASUS held a casual event in NYC this past Wednesday (Oct. 5) to officially launch an array of new products, including the ZenBook 3, ZenWatch 3, ZenPhone 3, and Transformer Pro 3 and Mini. We’ve got some initial coverage of all of those products here at HotHardware if you’d like some additional background on the full line-up, including hands-on video of the latest ZenBook and smartwatch. However, we couldn’t wait to dive in a little deeper with the ZenBook 3 for a couple of reasons. First off, the ZenBook 3 is the first Ultrabook to hit the lab built around Intel’s brand-new Kaby Lake-based 7th Generation Core series processors. If you’re unfamiliar with Kaby Lake, it is the follow-up product to last year’s Skylake, and features improved responsiveness, a beefed up multimedia engine, and it's built with a refined 14nm process that improves clocks and overall power efficiency. The ASUS ZenBook 3 also happens to be one of the thinnest and lightest Ultrabooks to hit the market, but despite its diminutive form factor, it is packing some sought after amenities like a NVMe PCIe SSD, 802.11ac 2x2 MIMO Wi-Fi, a backlit keyboard, and Windows Hello-compatible fingerprint reader -- at least on the Core i7-based model... Asus ZenBook 3 Review: An Intel Kaby Lake-Powered Ultrabook (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=b257436a9f&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=904c5f17c5&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=8712769f30&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=48a3bd0b68&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=8873dac9ef&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=7c6963a7df&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=a76695aede&e=0c004f9c13 ============================================================

openSUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:2497-1 Rating: important References: #953339 #953362 #953518 #954872 #955399 #958848 #961100 #961600 #963161 #964427 #970135 #971949 #973188 #973631 #974038 #975130 #975138 #975907 #976058 #976111 #978164 #978295 #978413 #979035 #979620 #979670 #980716 #980724 #981264 #981276 #982024 #982025 #982026 #982224 #982225 #982286 #982695 #982960 #983973 #983984 #984981 #985503 #986586 #988675 #990843 #990923 #990970 #991934 #992224 #994421 #994625 #994761 #994772 #994775 #995785 #995789 #995792 #997731 Cross-References: CVE-2014-3615 CVE-2014-3672 CVE-2016-3158 CVE-2016-3159 CVE-2016-3710 CVE-2016-3712 CVE-2016-3960 CVE-2016-4001 CVE-2016-4002 CVE-2016-4020 CVE-2016-4037 CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4480 CVE-2016-4952 CVE-2016-4962 CVE-2016-4963 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-6258 CVE-2016-6351 CVE-2016-6833 CVE-2016-6834 CVE-2016-6835 CVE-2016-6836 CVE-2016-6888 CVE-2016-7092 CVE-2016-7093 CVE-2016-7094 CVE-2016-7154 Affected Products: openSUSE 13.2 ______________________________________________________________________________ An update that solves 38 vulnerabilities and has 20 fixes is now available. Description: This update for xen fixes the following issues: These security issues were fixed: - CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785) - CVE-2016-7093: Xen allowed local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation (bsc#995789) - CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792) - CVE-2016-7154: Use-after-free vulnerability in the FIFO event channel code in Xen allowed local guest OS administrators to cause a denial of service (host crash) and possibly execute arbitrary code or obtain sensitive information via an invalid guest frame number (bsc#997731) - CVE-2016-6836: VMWARE VMXNET3 NIC device support was leaging information leakage. A privileged user inside guest could have used this to leak host memory bytes to a guest (boo#994761) - CVE-2016-6888: Integer overflow in packet initialisation in VMXNET3 device driver. A privileged user inside guest could have used this flaw to crash the Qemu instance resulting in DoS (bsc#994772) - CVE-2016-6833: Use-after-free issue in the VMWARE VMXNET3 NIC device support. A privileged user inside guest could have used this issue to crash the Qemu instance resulting in DoS (boo#994775) - CVE-2016-6835: Buffer overflow in the VMWARE VMXNET3 NIC device support, causing an OOB read access (bsc#994625) - CVE-2016-6834: A infinite loop during packet fragmentation in the VMWARE VMXNET3 NIC device support allowed privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#994421) - CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for up[censored] pagetable entries (bsc#988675) - CVE-2016-5403: The virtqueue_pop function in hw/virtio/virtio.c in QEMU allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion (boo#990923) - CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c, when built with ESP/NCR53C9x controller emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the host via vectors involving DMA read into ESP command buffer (bsc#990843) - CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for up[censored] pagetable entries (bsc#988675) - CVE-2016-5337: The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information (bsc#983973) - CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer (bsc#983984) - CVE-2016-5238: The get_cmd function in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982960) - CVE-2016-4453: The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command (bsc#982225) - CVE-2016-4454: The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read (bsc#982224) - CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allowed local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call (bsc#982286) - CVE-2016-5105: The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, used an uninitialized variable, which allowed local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command (bsc#982024) - CVE-2016-5106: The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allowed local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command (bsc#982025) - CVE-2016-5107: The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors (bsc#982026) - CVE-2016-4963: The libxl device-handling allowed local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore (bsc#979670) - CVE-2016-4962: The libxl device-handling allowed local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore (bsc#979620) - CVE-2016-4952: Out-of-bounds access issue in pvsci_ring_init_msg/data routines (bsc#981276) - CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264) - CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller (FSC) support did not properly check DMA length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command (bsc#980724) - CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI Controller (FSC) support did not properly check command buffer length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the host via unspecified vectors (bsc#980716) - CVE-2016-3710: The VGA module improperly performed bounds checking on banked access to video memory, which allowed local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue (bsc#978164) - CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping (bsc#974038) - CVE-2016-4037: The ehci_advance_state function in hw/usb/hcd-ehci.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list (bsc#976111) - CVE-2016-4020: The patch_instruction function did not initialize the imm32 variable, which allowed local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR) (bsc#975907) - CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function, when the Stellaris ethernet controller is configured to accept large packets, allowed remote attackers to cause a denial of service (QEMU crash) via a large packet (bsc#975130) - CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the guest NIC is configured to accept large packets, allowed remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes (bsc#975138) - CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188) - CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387.c did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188) - CVE-2016-4480: The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen did not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might have allowed local guest OS users to gain privileges via a crafted mapping of memory (bsc#978295) These non-security issues were fixed: - boo#991934: xen hypervisor crash in csched_acct - boo#992224: [HPS Bug] During boot of Xen Hypervisor, Failed to get contiguous memory for DMA from Xen - boo#970135: new virtualization project clock test randomly fails on Xen - boo#971949 xl: Support (by ignoring) xl migrate --live. xl migrations are always live - boo#990970: Add PMU support for Intel E7-8867 v4 (fam=6, model=79) - boo#985503: vif-route broken - boo#978413: PV guest upgrade from sles11sp4 to sles12sp2 alpha3 failed on sles11sp4 xen host - boo#986586: out of memory (oom) during boot on "modprobe xenblk" (non xen kernel) - boo#953339, boo#953362, boo#953518, boo#984981) boo#953339, boo#953362, boo#953518, boo#984981: Implement SUSE specific unplug protocol for emulated PCI devices in PVonHVM guests to qemu-xen-upstream - boo#958848: HVM guest crash at /usr/src/packages/BUILD/ xen-4.4.2-testing/obj/default/balloon/balloon.c:407 - boo#982695: xen-4.5.2 qemu fails to boot HVM guest from xvda - boo#954872: script block-dmmd not working as expected - boo#961600: L3: poor performance when Xen HVM domU configured with max memory greater than current memory - boo#979035: restore xm migrate fixes for boo#955399/ boo#955399 - boo#963161: Windows VM getting stuck during load while a VF is assigned to it after upgrading to latest maintenance updates boo#963161 - boo#976058: Xen error running simple HVM guest (Post Alpha 2 xen+qemu) - boo#973631: AWS EC2 kdump issue - boo#961100: Migrate a fv guest from sles12 to sles12sp1 on xen fails for "Domain is not running on destination host". - boo#964427: Discarding device blocks: failed - Input/output error Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2016-1169=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i586 x86_64): xen-debugsource-4.4.4_05-49.1 xen-devel-4.4.4_05-49.1 xen-libs-4.4.4_05-49.1 xen-libs-debuginfo-4.4.4_05-49.1 xen-tools-domU-4.4.4_05-49.1 xen-tools-domU-debuginfo-4.4.4_05-49.1 - openSUSE 13.2 (x86_64): xen-4.4.4_05-49.1 xen-doc-html-4.4.4_05-49.1 xen-kmp-default-4.4.4_05_k3.16.7_42-49.1 xen-kmp-default-debuginfo-4.4.4_05_k3.16.7_42-49.1 xen-kmp-desktop-4.4.4_05_k3.16.7_42-49.1 xen-kmp-desktop-debuginfo-4.4.4_05_k3.16.7_42-49.1 xen-libs-32bit-4.4.4_05-49.1 xen-libs-debuginfo-32bit-4.4.4_05-49.1 xen-tools-4.4.4_05-49.1 xen-tools-debuginfo-4.4.4_05-49.1 References: https://www.suse.com/security/cve/CVE-2014-3615.html https://www.suse.com/security/cve/CVE-2014-3672.html https://www.suse.com/security/cve/CVE-2016-3158.html https://www.suse.com/security/cve/CVE-2016-3159.html https://www.suse.com/security/cve/CVE-2016-3710.html https://www.suse.com/security/cve/CVE-2016-3712.html https://www.suse.com/security/cve/CVE-2016-3960.html https://www.suse.com/security/cve/CVE-2016-4001.html https://www.suse.com/security/cve/CVE-2016-4002.html https://www.suse.com/security/cve/CVE-2016-4020.html https://www.suse.com/security/cve/CVE-2016-4037.html https://www.suse.com/security/cve/CVE-2016-4439.html https://www.suse.com/security/cve/CVE-2016-4441.html https://www.suse.com/security/cve/CVE-2016-4453.html https://www.suse.com/security/cve/CVE-2016-4454.html https://www.suse.com/security/cve/CVE-2016-4480.html https://www.suse.com/security/cve/CVE-2016-4952.html https://www.suse.com/security/cve/CVE-2016-4962.html https://www.suse.com/security/cve/CVE-2016-4963.html https://www.suse.com/security/cve/CVE-2016-5105.html https://www.suse.com/security/cve/CVE-2016-5106.html https://www.suse.com/security/cve/CVE-2016-5107.html https://www.suse.com/security/cve/CVE-2016-5126.html https://www.suse.com/security/cve/CVE-2016-5238.html https://www.suse.com/security/cve/CVE-2016-5337.html https://www.suse.com/security/cve/CVE-2016-5338.html https://www.suse.com/security/cve/CVE-2016-5403.html https://www.suse.com/security/cve/CVE-2016-6258.html https://www.suse.com/security/cve/CVE-2016-6351.html https://www.suse.com/security/cve/CVE-2016-6833.html https://www.suse.com/security/cve/CVE-2016-6834.html https://www.suse.com/security/cve/CVE-2016-6835.html https://www.suse.com/security/cve/CVE-2016-6836.html https://www.suse.com/security/cve/CVE-2016-6888.html https://www.suse.com/security/cve/CVE-2016-7092.html https://www.suse.com/security/cve/CVE-2016-7093.html https://www.suse.com/security/cve/CVE-2016-7094.html https://www.suse.com/security/cve/CVE-2016-7154.html https://bugzilla.suse.com/953339 https://bugzilla.suse.com/953362 https://bugzilla.suse.com/953518 https://bugzilla.suse.com/954872 https://bugzilla.suse.com/955399 https://bugzilla.suse.com/958848 https://bugzilla.suse.com/961100 https://bugzilla.suse.com/961600 https://bugzilla.suse.com/963161 https://bugzilla.suse.com/964427 https://bugzilla.suse.com/970135 https://bugzilla.suse.com/971949 https://bugzilla.suse.com/973188 https://bugzilla.suse.com/973631 https://bugzilla.suse.com/974038 https://bugzilla.suse.com/975130 https://bugzilla.suse.com/975138 https://bugzilla.suse.com/975907 https://bugzilla.suse.com/976058 https://bugzilla.suse.com/976111 https://bugzilla.suse.com/978164 https://bugzilla.suse.com/978295 https://bugzilla.suse.com/978413 https://bugzilla.suse.com/979035 https://bugzilla.suse.com/979620 https://bugzilla.suse.com/979670 https://bugzilla.suse.com/980716 https://bugzilla.suse.com/980724 https://bugzilla.suse.com/981264 https://bugzilla.suse.com/981276 https://bugzilla.suse.com/982024 https://bugzilla.suse.com/982025 https://bugzilla.suse.com/982026 https://bugzilla.suse.com/982224 https://bugzilla.suse.com/982225 https://bugzilla.suse.com/982286 https://bugzilla.suse.com/982695 https://bugzilla.suse.com/982960 https://bugzilla.suse.com/983973 https://bugzilla.suse.com/983984 https://bugzilla.suse.com/984981 https://bugzilla.suse.com/985503 https://bugzilla.suse.com/986586 https://bugzilla.suse.com/988675 https://bugzilla.suse.com/990843 https://bugzilla.suse.com/990923 https://bugzilla.suse.com/990970 https://bugzilla.suse.com/991934 https://bugzilla.suse.com/992224 https://bugzilla.suse.com/994421 https://bugzilla.suse.com/994625 https://bugzilla.suse.com/994761 https://bugzilla.suse.com/994772 https://bugzilla.suse.com/994775 https://bugzilla.suse.com/995785 https://bugzilla.suse.com/995789 https://bugzilla.suse.com/995792 https://bugzilla.suse.com/997731 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

openSUSE Security Update: Security update for nodejs ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:2496-1 Rating: important References: #1001652 #985201 Cross-References: CVE-2016-1669 CVE-2016-2178 CVE-2016-2183 CVE-2016-5325 CVE-2016-6304 CVE-2016-6306 CVE-2016-7052 CVE-2016-7099 Affected Products: openSUSE Leap 42.1 openSUSE 13.2 ______________________________________________________________________________ An update that fixes 8 vulnerabilities is now available. Description: This update brings the new upstream nodejs LTS version 4.6.0, fixing bugs and security issues: * Nodejs embedded openssl version update + upgrade to 1.0.2j (CVE-2016-6304, CVE-2016-2183, CVE-2016-2178, CVE-2016-6306, CVE-2016-7052) + remove support for dynamic 3rd party engine modules * http: Properly validate for allowable characters in input user data. This introduces a new case where throw may occur when configuring HTTP responses, users should already be adopting try/catch here. (CVE-2016-5325, bsc#985201) * tls: properly validate wildcard certificates (CVE-2016-7099, bsc#1001652) * buffer: Zero-fill excess bytes in new Buffer objects created with Buffer.concat() Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-1172=1 - openSUSE 13.2: zypper in -t patch openSUSE-2016-1172=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i586 x86_64): nodejs-4.6.0-33.1 nodejs-debuginfo-4.6.0-33.1 nodejs-debugsource-4.6.0-33.1 nodejs-devel-4.6.0-33.1 npm-4.6.0-33.1 - openSUSE Leap 42.1 (noarch): nodejs-docs-4.6.0-33.1 - openSUSE 13.2 (i586 x86_64): nodejs-4.6.0-24.2 nodejs-debuginfo-4.6.0-24.2 nodejs-debugsource-4.6.0-24.2 nodejs-devel-4.6.0-24.2 - openSUSE 13.2 (noarch): nodejs-doc-4.6.0-24.2 References: https://www.suse.com/security/cve/CVE-2016-1669.html https://www.suse.com/security/cve/CVE-2016-2178.html https://www.suse.com/security/cve/CVE-2016-2183.html https://www.suse.com/security/cve/CVE-2016-5325.html https://www.suse.com/security/cve/CVE-2016-6304.html https://www.suse.com/security/cve/CVE-2016-6306.html https://www.suse.com/security/cve/CVE-2016-7052.html https://www.suse.com/security/cve/CVE-2016-7099.html https://bugzilla.suse.com/1001652 https://bugzilla.suse.com/985201 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Hi News Poster HardwareOverclock.com has just posted another review. Last week we have tested the SilverStone Strider Platinum Series 850 Watt. This PSU was created to be the smallest fully modular ATX power supplies with 80 PLUS Platinum efficiency, they are also incredibly quiet with the ability to run in fanless mode. Title: SilverStone Strider Platinum Series 850W ( -at -) HardwareOverclock.com Link: http://hardwareoverclock.com/SilverStone-Strider-Platinum-Series-850W.htm Image: http://hardwareoverclock.com/netzteil/SilverStone-Strider-Platinum-12.jpg Thanks for posting kr Rene Ruf Chefredakteur HardwareOverclock.com <mailto:admin ( -at -) hardwareoverclock.com> mailto:admin ( -at -) hardwareoverclock.com hardwareoverclock.com

openSUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:2494-1 Rating: important References: #900418 #949889 #953339 #953362 #953518 #954872 #955104 #958848 #959330 #959552 #961100 #961600 #963161 #964427 #970135 #971949 #973188 #973631 #974038 #975130 #975138 #975907 #976058 #976111 #978164 #978295 #978413 #979620 #979670 #980716 #980724 #981264 #981276 #982024 #982025 #982026 #982224 #982225 #982286 #982695 #982960 #983973 #983984 #984981 #985503 #986586 #988675 #988676 #990500 #990843 #990923 #990970 #991934 #992224 #993665 #994421 #994625 #994761 #994772 #994775 #995785 #995789 #995792 Cross-References: CVE-2014-3615 CVE-2014-3672 CVE-2015-7512 CVE-2015-8504 CVE-2015-8558 CVE-2015-8568 CVE-2015-8613 CVE-2015-8743 CVE-2016-1714 CVE-2016-1981 CVE-2016-3158 CVE-2016-3159 CVE-2016-3710 CVE-2016-3712 CVE-2016-3960 CVE-2016-4001 CVE-2016-4002 CVE-2016-4020 CVE-2016-4037 CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4480 CVE-2016-4952 CVE-2016-4962 CVE-2016-4963 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-6258 CVE-2016-6259 CVE-2016-6351 CVE-2016-6833 CVE-2016-6834 CVE-2016-6835 CVE-2016-6836 CVE-2016-6888 CVE-2016-7092 CVE-2016-7093 CVE-2016-7094 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that solves 46 vulnerabilities and has 17 fixes is now available. Description: This update for xen fixes the following issues: These security issues were fixed: - CVE-2016-7092: The get_page_from_l3e function in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges via vectors related to L3 recursive pagetables (bsc#995785) - CVE-2016-7093: Xen allowed local HVM guest OS administrators to overwrite hypervisor memory and consequently gain host OS privileges by leveraging mishandling of instruction pointer truncation during emulation (bsc#995789) - CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update (bsc#995792) - CVE-2016-6836: VMWARE VMXNET3 NIC device support was leaging information leakage. A privileged user inside guest could have used this to leak host memory bytes to a guest (boo#994761) - CVE-2016-6888: Integer overflow in packet initialisation in VMXNET3 device driver. A privileged user inside guest could have used this flaw to crash the Qemu instance resulting in DoS (bsc#994772) - CVE-2016-6833: Use-after-free issue in the VMWARE VMXNET3 NIC device support. A privileged user inside guest could have used this issue to crash the Qemu instance resulting in DoS (boo#994775) - CVE-2016-6835: Buffer overflow in the VMWARE VMXNET3 NIC device support, causing an OOB read access (bsc#994625) - CVE-2016-6834: A infinite loop during packet fragmentation in the VMWARE VMXNET3 NIC device support allowed privileged user inside guest to crash the Qemu instance resulting in DoS (bsc#994421) - CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for up[censored] pagetable entries (bsc#988675) - CVE-2016-6259: Xen did not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allowed local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check (bsc#988676) - CVE-2016-5403: The virtqueue_pop function in hw/virtio/virtio.c in QEMU allowed local guest OS administrators to cause a denial of service (memory consumption and QEMU process crash) by submitting requests without waiting for completion (boo#990923) - CVE-2016-6351: The esp_do_dma function in hw/scsi/esp.c, when built with ESP/NCR53C9x controller emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or execute arbitrary code on the host via vectors involving DMA read into ESP command buffer (bsc#990843) - CVE-2016-6258: The PV pagetable code in arch/x86/mm.c in Xen allowed local 32-bit PV guest OS administrators to gain host OS privileges by leveraging fast-paths for up[censored] pagetable entries (bsc#988675) - CVE-2016-6259: Xen did not implement Supervisor Mode Access Prevention (SMAP) whitelisting in 32-bit exception and event delivery, which allowed local 32-bit PV guest OS kernels to cause a denial of service (hypervisor and VM crash) by triggering a safety check (bsc#988676) - CVE-2016-5337: The megasas_ctrl_get_info function in hw/scsi/megasas.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information (bsc#983973) - CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the QEMU host via vectors related to the information transfer buffer (bsc#983984) - CVE-2016-5238: The get_cmd function in hw/scsi/esp.c in QEMU allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982960) - CVE-2016-4453: The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command (bsc#982225) - CVE-2016-4454: The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allowed local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read (bsc#982224) - CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl function in block/iscsi.c in QEMU allowed local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call (bsc#982286) - CVE-2016-5105: The megasas_dcmd_cfg_read function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, used an uninitialized variable, which allowed local guest administrators to read host memory via vectors involving a MegaRAID Firmware Interface (MFI) command (bsc#982024) - CVE-2016-5106: The megasas_dcmd_set_properties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allowed local guest administrators to cause a denial of service (out-of-bounds write access) via vectors involving a MegaRAID Firmware Interface (MFI) command (bsc#982025) - CVE-2016-5107: The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allowed local guest OS administrators to cause a denial of service (out-of-bounds read and crash) via unspecified vectors (bsc#982026) - CVE-2016-4963: The libxl device-handling allowed local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore (bsc#979670) - CVE-2016-4962: The libxl device-handling allowed local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore (bsc#979620) - CVE-2016-4952: Out-of-bounds access issue in pvsci_ring_init_msg/data routines (bsc#981276) - CVE-2016-3710: The VGA module improperly performed bounds checking on banked access to video memory, which allowed local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue (bsc#978164) - CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264) - CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller (FSC) support did not properly check DMA length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command (bsc#980724) - CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI Controller (FSC) support did not properly check command buffer length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the host via unspecified vectors (bsc#980716) - CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping (bsc#974038) - CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188) - CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387.c did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188) - CVE-2016-4037: The ehci_advance_state function in hw/usb/hcd-ehci.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list (bsc#976111) - CVE-2016-4020: The patch_instruction function did not initialize the imm32 variable, which allowed local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR) (bsc#975907) - CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function, when the Stellaris ethernet controller is configured to accept large packets, allowed remote attackers to cause a denial of service (QEMU crash) via a large packet (bsc#975130) - CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the guest NIC is configured to accept large packets, allowed remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes (bsc#975138) - CVE-2016-4480: The guest_walk_tables function in arch/x86/mm/guest_walk.c in Xen did not properly handle the Page Size (PS) page table entry bit at the L4 and L3 page table levels, which might have allowed local guest OS users to gain privileges via a crafted mapping of memory (bsc#978295) These non-security issues were fixed: - boo#991934: xen hypervisor crash in csched_acct - boo#992224: During boot of Xen Hypervisor, Failed to get contiguous memory for DMA from Xen - boo#955104: Virsh reports error "one or more references were leaked after disconnect from hypervisor" when "virsh save" failed due to "no response from client after 6 keepalive messages" - boo#959552: Migration of HVM guest leads into libvirt segmentation fault - boo#993665: Migration of xen guests finishes in: One or more references were leaked after disconnect from the hypervisor - boo#959330: Guest migrations using virsh results in error "Internal error: received hangup / error event on socket" - boo#990500: VM virsh migration fails with keepalive error: ":virKeepAliveTimerInternal:143 : No response from client" - boo#953518: Unplug also SCSI disks in qemu-xen-traditional for upstream unplug protocol - boo#953518: xen_platform: unplug also SCSI disks in qemu-xen - boo#971949: Support (by ignoring) xl migrate --live. xl migrations are always live - boo#970135: New virtualization project clock test randomly fails on Xen - boo#990970: Add PMU support for Intel E7-8867 v4 (fam=6, model=79) - boo#985503: vif-route broken - boo#961100: Migrate a fv guest from sles12 to sles12sp1 fails remove patch because it can not fix the bug - boo#978413: PV guest upgrade from sles11sp4 to sles12sp2 alpha3 failed on sles11sp4 xen host. - boo#986586: Out of memory (oom) during boot on "modprobe xenblk" (non xen kernel) init.50-hvm-xen_conf - boo#900418: Dump cannot be performed on SLES12 XEN - boo#953339, boo#953362, boo#953518, boo#984981: Implement SUSE specific unplug protocol for emulated PCI devices in PVonHVM guests to qemu-xen-upstream - boo#954872: script block-dmmd not working as expected - libxl: error: libxl_dm.c (Additional fixes) block-dmmd - boo#982695: xen-4.5.2 qemu fails to boot HVM guest from xvda - boo#958848: HVM guest crash at /usr/src/packages/BUILD/ xen-4.4.2-testing/obj/default/balloon/balloon.c:407 - boo#949889: Fail to install 32-bit paravirt VM under SLES12SP1Beta3 XEN - boo#954872: script block-dmmd not working as expected - libxl: error: libxl_dm.c (another modification) block-dmmd - boo#961600: Poor performance when Xen HVM domU configured with max memory greater than current memory - boo#963161: Windows VM getting stuck during load while a VF is assigned to it after upgrading to latest maintenance updates - boo#976058: Xen error running simple HVM guest (Post Alpha 2 xen+qemu) - boo#961100: Migrate a fv guest from sles12 to sles12sp1 on xen fails for "Domain is not running on destination host". qemu-ignore-kvm-tpr-opt-on-migration.patch - boo#973631: AWS EC2 kdump issue - boo#964427: Discarding device blocks: failed - Input/output error Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-1170=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i586 x86_64): xen-debugsource-4.5.3_10-15.2 xen-devel-4.5.3_10-15.2 xen-libs-4.5.3_10-15.2 xen-libs-debuginfo-4.5.3_10-15.2 xen-tools-domU-4.5.3_10-15.2 xen-tools-domU-debuginfo-4.5.3_10-15.2 - openSUSE Leap 42.1 (x86_64): xen-4.5.3_10-15.2 xen-doc-html-4.5.3_10-15.2 xen-kmp-default-4.5.3_10_k4.1.31_30-15.2 xen-kmp-default-debuginfo-4.5.3_10_k4.1.31_30-15.2 xen-libs-32bit-4.5.3_10-15.2 xen-libs-debuginfo-32bit-4.5.3_10-15.2 xen-tools-4.5.3_10-15.2 xen-tools-debuginfo-4.5.3_10-15.2 References: https://www.suse.com/security/cve/CVE-2014-3615.html https://www.suse.com/security/cve/CVE-2014-3672.html https://www.suse.com/security/cve/CVE-2015-7512.html https://www.suse.com/security/cve/CVE-2015-8504.html https://www.suse.com/security/cve/CVE-2015-8558.html https://www.suse.com/security/cve/CVE-2015-8568.html https://www.suse.com/security/cve/CVE-2015-8613.html https://www.suse.com/security/cve/CVE-2015-8743.html https://www.suse.com/security/cve/CVE-2016-1714.html https://www.suse.com/security/cve/CVE-2016-1981.html https://www.suse.com/security/cve/CVE-2016-3158.html https://www.suse.com/security/cve/CVE-2016-3159.html https://www.suse.com/security/cve/CVE-2016-3710.html https://www.suse.com/security/cve/CVE-2016-3712.html https://www.suse.com/security/cve/CVE-2016-3960.html https://www.suse.com/security/cve/CVE-2016-4001.html https://www.suse.com/security/cve/CVE-2016-4002.html https://www.suse.com/security/cve/CVE-2016-4020.html https://www.suse.com/security/cve/CVE-2016-4037.html https://www.suse.com/security/cve/CVE-2016-4439.html https://www.suse.com/security/cve/CVE-2016-4441.html https://www.suse.com/security/cve/CVE-2016-4453.html https://www.suse.com/security/cve/CVE-2016-4454.html https://www.suse.com/security/cve/CVE-2016-4480.html https://www.suse.com/security/cve/CVE-2016-4952.html https://www.suse.com/security/cve/CVE-2016-4962.html https://www.suse.com/security/cve/CVE-2016-4963.html https://www.suse.com/security/cve/CVE-2016-5105.html https://www.suse.com/security/cve/CVE-2016-5106.html https://www.suse.com/security/cve/CVE-2016-5107.html https://www.suse.com/security/cve/CVE-2016-5126.html https://www.suse.com/security/cve/CVE-2016-5238.html https://www.suse.com/security/cve/CVE-2016-5337.html https://www.suse.com/security/cve/CVE-2016-5338.html https://www.suse.com/security/cve/CVE-2016-5403.html https://www.suse.com/security/cve/CVE-2016-6258.html https://www.suse.com/security/cve/CVE-2016-6259.html https://www.suse.com/security/cve/CVE-2016-6351.html https://www.suse.com/security/cve/CVE-2016-6833.html https://www.suse.com/security/cve/CVE-2016-6834.html https://www.suse.com/security/cve/CVE-2016-6835.html https://www.suse.com/security/cve/CVE-2016-6836.html https://www.suse.com/security/cve/CVE-2016-6888.html https://www.suse.com/security/cve/CVE-2016-7092.html https://www.suse.com/security/cve/CVE-2016-7093.html https://www.suse.com/security/cve/CVE-2016-7094.html https://bugzilla.suse.com/900418 https://bugzilla.suse.com/949889 https://bugzilla.suse.com/953339 https://bugzilla.suse.com/953362 https://bugzilla.suse.com/953518 https://bugzilla.suse.com/954872 https://bugzilla.suse.com/955104 https://bugzilla.suse.com/958848 https://bugzilla.suse.com/959330 https://bugzilla.suse.com/959552 https://bugzilla.suse.com/961100 https://bugzilla.suse.com/961600 https://bugzilla.suse.com/963161 https://bugzilla.suse.com/964427 https://bugzilla.suse.com/970135 https://bugzilla.suse.com/971949 https://bugzilla.suse.com/973188 https://bugzilla.suse.com/973631 https://bugzilla.suse.com/974038 https://bugzilla.suse.com/975130 https://bugzilla.suse.com/975138 https://bugzilla.suse.com/975907 https://bugzilla.suse.com/976058 https://bugzilla.suse.com/976111 https://bugzilla.suse.com/978164 https://bugzilla.suse.com/978295 https://bugzilla.suse.com/978413 https://bugzilla.suse.com/979620 https://bugzilla.suse.com/979670 https://bugzilla.suse.com/980716 https://bugzilla.suse.com/980724 https://bugzilla.suse.com/981264 https://bugzilla.suse.com/981276 https://bugzilla.suse.com/982024 https://bugzilla.suse.com/982025 https://bugzilla.suse.com/982026 https://bugzilla.suse.com/982224 https://bugzilla.suse.com/982225 https://bugzilla.suse.com/982286 https://bugzilla.suse.com/982695 https://bugzilla.suse.com/982960 https://bugzilla.suse.com/983973 https://bugzilla.suse.com/983984 https://bugzilla.suse.com/984981 https://bugzilla.suse.com/985503 https://bugzilla.suse.com/986586 https://bugzilla.suse.com/988675 https://bugzilla.suse.com/988676 https://bugzilla.suse.com/990500 https://bugzilla.suse.com/990843 https://bugzilla.suse.com/990923 https://bugzilla.suse.com/990970 https://bugzilla.suse.com/991934 https://bugzilla.suse.com/992224 https://bugzilla.suse.com/993665 https://bugzilla.suse.com/994421 https://bugzilla.suse.com/994625 https://bugzilla.suse.com/994761 https://bugzilla.suse.com/994772 https://bugzilla.suse.com/994775 https://bugzilla.suse.com/995785 https://bugzilla.suse.com/995789 https://bugzilla.suse.com/995792 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

WD is taking another stab at the Solid-State Drive market after purchasing SanDisk earlier this year by releasing the WD Green and WD Blue SSD series. The WD Green SATA consumer SSD is aimed at the entry-level market whereas the the WD Blue SATA Consumer SSD is aimed at mainstream consumers. Both series are available in both 2.5″ and M.2 form factors, so they will fit in a wide range of desktop and mobile systems. The performance on the WD Blue SSD series varies between capacities, but the sequential read peaks at 545 MB/s and the Sequential write tops out at 525 MB/s. The 4K Random performance reaches up to 100,000 IPS read and 80,000 IOPS write, which is pretty solid for the mainstream market. WD went with a Marvell 88SS1074 4-channel controller and SanDisk 15nm 3-bit per cell (TLC) NAND Flash for this series. Article Title: WD Blue 1TB SSD Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/wd-blue-1tb-ssd-review_186633[/size] Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =