Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python security update Advisory ID: RHSA-2016:1626-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1626.html Issue date: 2016-08-18 CVE Names: CVE-2016-0772 CVE-2016-1000110 CVE-2016-5699 ===================================================================== 1. Summary: An update for python is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-1000110) * It was found that Python's smtplib library did not return an exception when StartTLS failed to be established in the SMTP.starttls() function. A man in the middle attacker could strip out the STARTTLS command without generating an exception on the Python SMTP client application, preventing the establishment of the TLS layer. (CVE-2016-0772) * It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. (CVE-2016-5699) Red Hat would like to thank Scott Geary (VendHQ) for reporting CVE-2016-1000110. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1303647 - CVE-2016-0772 python: smtplib StartTLS stripping attack 1303699 - CVE-2016-5699 python: http protocol steam injection attack 1351584 - Python brew builds fail for RHEL 7.2 1357334 - CVE-2016-1000110 Python CGIHandler: sets environmental variable based on user supplied Proxy request header 1365200 - Upstream tests cause building python package on brew stall and leave orphan processes that need manually kill 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: python-2.6.6-66.el6_8.src.rpm i386: python-2.6.6-66.el6_8.i686.rpm python-debuginfo-2.6.6-66.el6_8.i686.rpm python-libs-2.6.6-66.el6_8.i686.rpm tkinter-2.6.6-66.el6_8.i686.rpm x86_64: python-2.6.6-66.el6_8.x86_64.rpm python-debuginfo-2.6.6-66.el6_8.i686.rpm python-debuginfo-2.6.6-66.el6_8.x86_64.rpm python-libs-2.6.6-66.el6_8.i686.rpm python-libs-2.6.6-66.el6_8.x86_64.rpm tkinter-2.6.6-66.el6_8.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: python-debuginfo-2.6.6-66.el6_8.i686.rpm python-devel-2.6.6-66.el6_8.i686.rpm python-test-2.6.6-66.el6_8.i686.rpm python-tools-2.6.6-66.el6_8.i686.rpm x86_64: python-debuginfo-2.6.6-66.el6_8.i686.rpm python-debuginfo-2.6.6-66.el6_8.x86_64.rpm python-devel-2.6.6-66.el6_8.i686.rpm python-devel-2.6.6-66.el6_8.x86_64.rpm python-test-2.6.6-66.el6_8.x86_64.rpm python-tools-2.6.6-66.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: python-2.6.6-66.el6_8.src.rpm x86_64: python-2.6.6-66.el6_8.x86_64.rpm python-debuginfo-2.6.6-66.el6_8.i686.rpm python-debuginfo-2.6.6-66.el6_8.x86_64.rpm python-devel-2.6.6-66.el6_8.i686.rpm python-devel-2.6.6-66.el6_8.x86_64.rpm python-libs-2.6.6-66.el6_8.i686.rpm python-libs-2.6.6-66.el6_8.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: python-debuginfo-2.6.6-66.el6_8.x86_64.rpm python-test-2.6.6-66.el6_8.x86_64.rpm python-tools-2.6.6-66.el6_8.x86_64.rpm tkinter-2.6.6-66.el6_8.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: python-2.6.6-66.el6_8.src.rpm i386: python-2.6.6-66.el6_8.i686.rpm python-debuginfo-2.6.6-66.el6_8.i686.rpm python-devel-2.6.6-66.el6_8.i686.rpm python-libs-2.6.6-66.el6_8.i686.rpm tkinter-2.6.6-66.el6_8.i686.rpm ppc64: python-2.6.6-66.el6_8.ppc64.rpm python-debuginfo-2.6.6-66.el6_8.ppc.rpm python-debuginfo-2.6.6-66.el6_8.ppc64.rpm python-devel-2.6.6-66.el6_8.ppc.rpm python-devel-2.6.6-66.el6_8.ppc64.rpm python-libs-2.6.6-66.el6_8.ppc.rpm python-libs-2.6.6-66.el6_8.ppc64.rpm tkinter-2.6.6-66.el6_8.ppc64.rpm s390x: python-2.6.6-66.el6_8.s390x.rpm python-debuginfo-2.6.6-66.el6_8.s390.rpm python-debuginfo-2.6.6-66.el6_8.s390x.rpm python-devel-2.6.6-66.el6_8.s390.rpm python-devel-2.6.6-66.el6_8.s390x.rpm python-libs-2.6.6-66.el6_8.s390.rpm python-libs-2.6.6-66.el6_8.s390x.rpm x86_64: python-2.6.6-66.el6_8.x86_64.rpm python-debuginfo-2.6.6-66.el6_8.i686.rpm python-debuginfo-2.6.6-66.el6_8.x86_64.rpm python-devel-2.6.6-66.el6_8.i686.rpm python-devel-2.6.6-66.el6_8.x86_64.rpm python-libs-2.6.6-66.el6_8.i686.rpm python-libs-2.6.6-66.el6_8.x86_64.rpm tkinter-2.6.6-66.el6_8.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: python-debuginfo-2.6.6-66.el6_8.i686.rpm python-test-2.6.6-66.el6_8.i686.rpm python-tools-2.6.6-66.el6_8.i686.rpm ppc64: python-debuginfo-2.6.6-66.el6_8.ppc64.rpm python-test-2.6.6-66.el6_8.ppc64.rpm python-tools-2.6.6-66.el6_8.ppc64.rpm s390x: python-debuginfo-2.6.6-66.el6_8.s390x.rpm python-test-2.6.6-66.el6_8.s390x.rpm python-tools-2.6.6-66.el6_8.s390x.rpm tkinter-2.6.6-66.el6_8.s390x.rpm x86_64: python-debuginfo-2.6.6-66.el6_8.x86_64.rpm python-test-2.6.6-66.el6_8.x86_64.rpm python-tools-2.6.6-66.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: python-2.6.6-66.el6_8.src.rpm i386: python-2.6.6-66.el6_8.i686.rpm python-debuginfo-2.6.6-66.el6_8.i686.rpm python-devel-2.6.6-66.el6_8.i686.rpm python-libs-2.6.6-66.el6_8.i686.rpm tkinter-2.6.6-66.el6_8.i686.rpm x86_64: python-2.6.6-66.el6_8.x86_64.rpm python-debuginfo-2.6.6-66.el6_8.i686.rpm python-debuginfo-2.6.6-66.el6_8.x86_64.rpm python-devel-2.6.6-66.el6_8.i686.rpm python-devel-2.6.6-66.el6_8.x86_64.rpm python-libs-2.6.6-66.el6_8.i686.rpm python-libs-2.6.6-66.el6_8.x86_64.rpm tkinter-2.6.6-66.el6_8.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: python-debuginfo-2.6.6-66.el6_8.i686.rpm python-test-2.6.6-66.el6_8.i686.rpm python-tools-2.6.6-66.el6_8.i686.rpm x86_64: python-debuginfo-2.6.6-66.el6_8.x86_64.rpm python-test-2.6.6-66.el6_8.x86_64.rpm python-tools-2.6.6-66.el6_8.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: python-2.7.5-38.el7_2.src.rpm x86_64: python-2.7.5-38.el7_2.x86_64.rpm python-debuginfo-2.7.5-38.el7_2.i686.rpm python-debuginfo-2.7.5-38.el7_2.x86_64.rpm python-libs-2.7.5-38.el7_2.i686.rpm python-libs-2.7.5-38.el7_2.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: python-debug-2.7.5-38.el7_2.x86_64.rpm python-debuginfo-2.7.5-38.el7_2.x86_64.rpm python-devel-2.7.5-38.el7_2.x86_64.rpm python-test-2.7.5-38.el7_2.x86_64.rpm python-tools-2.7.5-38.el7_2.x86_64.rpm tkinter-2.7.5-38.el7_2.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: python-2.7.5-38.el7_2.src.rpm x86_64: python-2.7.5-38.el7_2.x86_64.rpm python-debuginfo-2.7.5-38.el7_2.i686.rpm python-debuginfo-2.7.5-38.el7_2.x86_64.rpm python-devel-2.7.5-38.el7_2.x86_64.rpm python-libs-2.7.5-38.el7_2.i686.rpm python-libs-2.7.5-38.el7_2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: python-debug-2.7.5-38.el7_2.x86_64.rpm python-debuginfo-2.7.5-38.el7_2.x86_64.rpm python-test-2.7.5-38.el7_2.x86_64.rpm python-tools-2.7.5-38.el7_2.x86_64.rpm tkinter-2.7.5-38.el7_2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: python-2.7.5-38.el7_2.src.rpm ppc64: python-2.7.5-38.el7_2.ppc64.rpm python-debuginfo-2.7.5-38.el7_2.ppc.rpm python-debuginfo-2.7.5-38.el7_2.ppc64.rpm python-devel-2.7.5-38.el7_2.ppc64.rpm python-libs-2.7.5-38.el7_2.ppc.rpm python-libs-2.7.5-38.el7_2.ppc64.rpm ppc64le: python-2.7.5-38.el7_2.ppc64le.rpm python-debuginfo-2.7.5-38.el7_2.ppc64le.rpm python-devel-2.7.5-38.el7_2.ppc64le.rpm python-libs-2.7.5-38.el7_2.ppc64le.rpm s390x: python-2.7.5-38.el7_2.s390x.rpm python-debuginfo-2.7.5-38.el7_2.s390.rpm python-debuginfo-2.7.5-38.el7_2.s390x.rpm python-devel-2.7.5-38.el7_2.s390x.rpm python-libs-2.7.5-38.el7_2.s390.rpm python-libs-2.7.5-38.el7_2.s390x.rpm x86_64: python-2.7.5-38.el7_2.x86_64.rpm python-debuginfo-2.7.5-38.el7_2.i686.rpm python-debuginfo-2.7.5-38.el7_2.x86_64.rpm python-devel-2.7.5-38.el7_2.x86_64.rpm python-libs-2.7.5-38.el7_2.i686.rpm python-libs-2.7.5-38.el7_2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: python-debug-2.7.5-38.el7_2.ppc64.rpm python-debuginfo-2.7.5-38.el7_2.ppc64.rpm python-test-2.7.5-38.el7_2.ppc64.rpm python-tools-2.7.5-38.el7_2.ppc64.rpm tkinter-2.7.5-38.el7_2.ppc64.rpm ppc64le: python-debug-2.7.5-38.el7_2.ppc64le.rpm python-debuginfo-2.7.5-38.el7_2.ppc64le.rpm python-test-2.7.5-38.el7_2.ppc64le.rpm python-tools-2.7.5-38.el7_2.ppc64le.rpm tkinter-2.7.5-38.el7_2.ppc64le.rpm s390x: python-debug-2.7.5-38.el7_2.s390x.rpm python-debuginfo-2.7.5-38.el7_2.s390x.rpm python-test-2.7.5-38.el7_2.s390x.rpm python-tools-2.7.5-38.el7_2.s390x.rpm tkinter-2.7.5-38.el7_2.s390x.rpm x86_64: python-debug-2.7.5-38.el7_2.x86_64.rpm python-debuginfo-2.7.5-38.el7_2.x86_64.rpm python-test-2.7.5-38.el7_2.x86_64.rpm python-tools-2.7.5-38.el7_2.x86_64.rpm tkinter-2.7.5-38.el7_2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: python-2.7.5-38.el7_2.src.rpm x86_64: python-2.7.5-38.el7_2.x86_64.rpm python-debuginfo-2.7.5-38.el7_2.i686.rpm python-debuginfo-2.7.5-38.el7_2.x86_64.rpm python-devel-2.7.5-38.el7_2.x86_64.rpm python-libs-2.7.5-38.el7_2.i686.rpm python-libs-2.7.5-38.el7_2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: python-debug-2.7.5-38.el7_2.x86_64.rpm python-debuginfo-2.7.5-38.el7_2.x86_64.rpm python-test-2.7.5-38.el7_2.x86_64.rpm python-tools-2.7.5-38.el7_2.x86_64.rpm tkinter-2.7.5-38.el7_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0772 https://access.redhat.com/security/cve/CVE-2016-1000110 https://access.redhat.com/security/cve/CVE-2016-5699 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXtgEqXlSAg2UNWIIRArU1AKCh7ybQCEoHxoRaWChguxAl8evppwCgg9IU 1ROFTH2riR+KFs3/1QIelf8= =nOP1 -----END PGP SIGNATURE----- --
  2. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python33-python security update Advisory ID: RHSA-2016:1629-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1629.html Issue date: 2016-08-18 CVE Names: CVE-2016-0772 CVE-2016-1000110 CVE-2016-5699 ===================================================================== 1. Summary: An update for python33-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-1000110) * It was found that Python's smtplib library did not return an exception when StartTLS failed to be established in the SMTP.starttls() function. A man in the middle attacker could strip out the STARTTLS command without generating an exception on the Python SMTP client application, preventing the establishment of the TLS layer. (CVE-2016-0772) * It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. (CVE-2016-5699) Red Hat would like to thank Scott Geary (VendHQ) for reporting CVE-2016-1000110. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1303647 - CVE-2016-0772 python: smtplib StartTLS stripping attack 1303699 - CVE-2016-5699 python: http protocol steam injection attack 1357334 - CVE-2016-1000110 Python CGIHandler: sets environmental variable based on user supplied Proxy request header 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: python33-python-3.3.2-18.el6.src.rpm x86_64: python33-python-3.3.2-18.el6.x86_64.rpm python33-python-debug-3.3.2-18.el6.x86_64.rpm python33-python-debuginfo-3.3.2-18.el6.x86_64.rpm python33-python-devel-3.3.2-18.el6.x86_64.rpm python33-python-libs-3.3.2-18.el6.x86_64.rpm python33-python-test-3.3.2-18.el6.x86_64.rpm python33-python-tkinter-3.3.2-18.el6.x86_64.rpm python33-python-tools-3.3.2-18.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: python33-python-3.3.2-18.el6.src.rpm x86_64: python33-python-3.3.2-18.el6.x86_64.rpm python33-python-debug-3.3.2-18.el6.x86_64.rpm python33-python-debuginfo-3.3.2-18.el6.x86_64.rpm python33-python-devel-3.3.2-18.el6.x86_64.rpm python33-python-libs-3.3.2-18.el6.x86_64.rpm python33-python-test-3.3.2-18.el6.x86_64.rpm python33-python-tkinter-3.3.2-18.el6.x86_64.rpm python33-python-tools-3.3.2-18.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: python33-python-3.3.2-18.el6.src.rpm x86_64: python33-python-3.3.2-18.el6.x86_64.rpm python33-python-debug-3.3.2-18.el6.x86_64.rpm python33-python-debuginfo-3.3.2-18.el6.x86_64.rpm python33-python-devel-3.3.2-18.el6.x86_64.rpm python33-python-libs-3.3.2-18.el6.x86_64.rpm python33-python-test-3.3.2-18.el6.x86_64.rpm python33-python-tkinter-3.3.2-18.el6.x86_64.rpm python33-python-tools-3.3.2-18.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: python33-python-3.3.2-18.el6.src.rpm x86_64: python33-python-3.3.2-18.el6.x86_64.rpm python33-python-debug-3.3.2-18.el6.x86_64.rpm python33-python-debuginfo-3.3.2-18.el6.x86_64.rpm python33-python-devel-3.3.2-18.el6.x86_64.rpm python33-python-libs-3.3.2-18.el6.x86_64.rpm python33-python-test-3.3.2-18.el6.x86_64.rpm python33-python-tkinter-3.3.2-18.el6.x86_64.rpm python33-python-tools-3.3.2-18.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: python33-python-3.3.2-16.el7.src.rpm x86_64: python33-python-3.3.2-16.el7.x86_64.rpm python33-python-debug-3.3.2-16.el7.x86_64.rpm python33-python-debuginfo-3.3.2-16.el7.x86_64.rpm python33-python-devel-3.3.2-16.el7.x86_64.rpm python33-python-libs-3.3.2-16.el7.x86_64.rpm python33-python-test-3.3.2-16.el7.x86_64.rpm python33-python-tkinter-3.3.2-16.el7.x86_64.rpm python33-python-tools-3.3.2-16.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1): Source: python33-python-3.3.2-16.el7.src.rpm x86_64: python33-python-3.3.2-16.el7.x86_64.rpm python33-python-debug-3.3.2-16.el7.x86_64.rpm python33-python-debuginfo-3.3.2-16.el7.x86_64.rpm python33-python-devel-3.3.2-16.el7.x86_64.rpm python33-python-libs-3.3.2-16.el7.x86_64.rpm python33-python-test-3.3.2-16.el7.x86_64.rpm python33-python-tkinter-3.3.2-16.el7.x86_64.rpm python33-python-tools-3.3.2-16.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2): Source: python33-python-3.3.2-16.el7.src.rpm x86_64: python33-python-3.3.2-16.el7.x86_64.rpm python33-python-debug-3.3.2-16.el7.x86_64.rpm python33-python-debuginfo-3.3.2-16.el7.x86_64.rpm python33-python-devel-3.3.2-16.el7.x86_64.rpm python33-python-libs-3.3.2-16.el7.x86_64.rpm python33-python-test-3.3.2-16.el7.x86_64.rpm python33-python-tkinter-3.3.2-16.el7.x86_64.rpm python33-python-tools-3.3.2-16.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: python33-python-3.3.2-16.el7.src.rpm x86_64: python33-python-3.3.2-16.el7.x86_64.rpm python33-python-debug-3.3.2-16.el7.x86_64.rpm python33-python-debuginfo-3.3.2-16.el7.x86_64.rpm python33-python-devel-3.3.2-16.el7.x86_64.rpm python33-python-libs-3.3.2-16.el7.x86_64.rpm python33-python-test-3.3.2-16.el7.x86_64.rpm python33-python-tkinter-3.3.2-16.el7.x86_64.rpm python33-python-tools-3.3.2-16.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0772 https://access.redhat.com/security/cve/CVE-2016-1000110 https://access.redhat.com/security/cve/CVE-2016-5699 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXthouXlSAg2UNWIIRAp4VAJ0fnTyJAk5GHNkSvh3QcK+rPT1wFQCgot9s PahfAo3KwyJSgkaDETQb0yI= =kdrb -----END PGP SIGNATURE----- --
  3. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-python35-python security update Advisory ID: RHSA-2016:1627-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1627.html Issue date: 2016-08-18 CVE Names: CVE-2016-0772 CVE-2016-1000110 CVE-2016-5699 ===================================================================== 1. Summary: An update for rh-python35-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-1000110) * It was found that Python's smtplib library did not return an exception when StartTLS failed to be established in the SMTP.starttls() function. A man in the middle attacker could strip out the STARTTLS command without generating an exception on the Python SMTP client application, preventing the establishment of the TLS layer. (CVE-2016-0772) * It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. (CVE-2016-5699) Red Hat would like to thank Scott Geary (VendHQ) for reporting CVE-2016-1000110. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1303647 - CVE-2016-0772 python: smtplib StartTLS stripping attack 1303699 - CVE-2016-5699 python: http protocol steam injection attack 1357334 - CVE-2016-1000110 Python CGIHandler: sets environmental variable based on user supplied Proxy request header 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-python35-python-3.5.1-9.el7.src.rpm x86_64: rh-python35-python-3.5.1-9.el7.x86_64.rpm rh-python35-python-debug-3.5.1-9.el7.x86_64.rpm rh-python35-python-debuginfo-3.5.1-9.el7.x86_64.rpm rh-python35-python-devel-3.5.1-9.el7.x86_64.rpm rh-python35-python-libs-3.5.1-9.el7.x86_64.rpm rh-python35-python-test-3.5.1-9.el7.x86_64.rpm rh-python35-python-tkinter-3.5.1-9.el7.x86_64.rpm rh-python35-python-tools-3.5.1-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1): Source: rh-python35-python-3.5.1-9.el7.src.rpm x86_64: rh-python35-python-3.5.1-9.el7.x86_64.rpm rh-python35-python-debug-3.5.1-9.el7.x86_64.rpm rh-python35-python-debuginfo-3.5.1-9.el7.x86_64.rpm rh-python35-python-devel-3.5.1-9.el7.x86_64.rpm rh-python35-python-libs-3.5.1-9.el7.x86_64.rpm rh-python35-python-test-3.5.1-9.el7.x86_64.rpm rh-python35-python-tkinter-3.5.1-9.el7.x86_64.rpm rh-python35-python-tools-3.5.1-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2): Source: rh-python35-python-3.5.1-9.el7.src.rpm x86_64: rh-python35-python-3.5.1-9.el7.x86_64.rpm rh-python35-python-debug-3.5.1-9.el7.x86_64.rpm rh-python35-python-debuginfo-3.5.1-9.el7.x86_64.rpm rh-python35-python-devel-3.5.1-9.el7.x86_64.rpm rh-python35-python-libs-3.5.1-9.el7.x86_64.rpm rh-python35-python-test-3.5.1-9.el7.x86_64.rpm rh-python35-python-tkinter-3.5.1-9.el7.x86_64.rpm rh-python35-python-tools-3.5.1-9.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-python35-python-3.5.1-9.el7.src.rpm x86_64: rh-python35-python-3.5.1-9.el7.x86_64.rpm rh-python35-python-debug-3.5.1-9.el7.x86_64.rpm rh-python35-python-debuginfo-3.5.1-9.el7.x86_64.rpm rh-python35-python-devel-3.5.1-9.el7.x86_64.rpm rh-python35-python-libs-3.5.1-9.el7.x86_64.rpm rh-python35-python-test-3.5.1-9.el7.x86_64.rpm rh-python35-python-tkinter-3.5.1-9.el7.x86_64.rpm rh-python35-python-tools-3.5.1-9.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0772 https://access.redhat.com/security/cve/CVE-2016-1000110 https://access.redhat.com/security/cve/CVE-2016-5699 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXthoPXlSAg2UNWIIRApj8AJ9EaiQ4xn1xTITe7/fLuwWsfPZ6KACggpf6 DOvki4JJ8hQ9BPIOa9NCpNM= =DVSf -----END PGP SIGNATURE----- --
  4. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python27-python security update Advisory ID: RHSA-2016:1628-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1628.html Issue date: 2016-08-18 CVE Names: CVE-2016-0772 CVE-2016-1000110 CVE-2016-5699 ===================================================================== 1. Summary: An update for python27-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-1000110) * It was found that Python's smtplib library did not return an exception when StartTLS failed to be established in the SMTP.starttls() function. A man in the middle attacker could strip out the STARTTLS command without generating an exception on the Python SMTP client application, preventing the establishment of the TLS layer. (CVE-2016-0772) * It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. (CVE-2016-5699) Red Hat would like to thank Scott Geary (VendHQ) for reporting CVE-2016-1000110. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1303647 - CVE-2016-0772 python: smtplib StartTLS stripping attack 1303699 - CVE-2016-5699 python: http protocol steam injection attack 1357334 - CVE-2016-1000110 Python CGIHandler: sets environmental variable based on user supplied Proxy request header 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: python27-python-2.7.8-18.el6.src.rpm x86_64: python27-python-2.7.8-18.el6.x86_64.rpm python27-python-debug-2.7.8-18.el6.x86_64.rpm python27-python-debuginfo-2.7.8-18.el6.x86_64.rpm python27-python-devel-2.7.8-18.el6.x86_64.rpm python27-python-libs-2.7.8-18.el6.x86_64.rpm python27-python-test-2.7.8-18.el6.x86_64.rpm python27-python-tools-2.7.8-18.el6.x86_64.rpm python27-tkinter-2.7.8-18.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: python27-python-2.7.8-18.el6.src.rpm x86_64: python27-python-2.7.8-18.el6.x86_64.rpm python27-python-debug-2.7.8-18.el6.x86_64.rpm python27-python-debuginfo-2.7.8-18.el6.x86_64.rpm python27-python-devel-2.7.8-18.el6.x86_64.rpm python27-python-libs-2.7.8-18.el6.x86_64.rpm python27-python-test-2.7.8-18.el6.x86_64.rpm python27-python-tools-2.7.8-18.el6.x86_64.rpm python27-tkinter-2.7.8-18.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: python27-python-2.7.8-18.el6.src.rpm x86_64: python27-python-2.7.8-18.el6.x86_64.rpm python27-python-debug-2.7.8-18.el6.x86_64.rpm python27-python-debuginfo-2.7.8-18.el6.x86_64.rpm python27-python-devel-2.7.8-18.el6.x86_64.rpm python27-python-libs-2.7.8-18.el6.x86_64.rpm python27-python-test-2.7.8-18.el6.x86_64.rpm python27-python-tools-2.7.8-18.el6.x86_64.rpm python27-tkinter-2.7.8-18.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: python27-python-2.7.8-18.el6.src.rpm x86_64: python27-python-2.7.8-18.el6.x86_64.rpm python27-python-debug-2.7.8-18.el6.x86_64.rpm python27-python-debuginfo-2.7.8-18.el6.x86_64.rpm python27-python-devel-2.7.8-18.el6.x86_64.rpm python27-python-libs-2.7.8-18.el6.x86_64.rpm python27-python-test-2.7.8-18.el6.x86_64.rpm python27-python-tools-2.7.8-18.el6.x86_64.rpm python27-tkinter-2.7.8-18.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: python27-python-2.7.8-16.el7.src.rpm x86_64: python27-python-2.7.8-16.el7.x86_64.rpm python27-python-debug-2.7.8-16.el7.x86_64.rpm python27-python-debuginfo-2.7.8-16.el7.x86_64.rpm python27-python-devel-2.7.8-16.el7.x86_64.rpm python27-python-libs-2.7.8-16.el7.x86_64.rpm python27-python-test-2.7.8-16.el7.x86_64.rpm python27-python-tools-2.7.8-16.el7.x86_64.rpm python27-tkinter-2.7.8-16.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1): Source: python27-python-2.7.8-16.el7.src.rpm x86_64: python27-python-2.7.8-16.el7.x86_64.rpm python27-python-debug-2.7.8-16.el7.x86_64.rpm python27-python-debuginfo-2.7.8-16.el7.x86_64.rpm python27-python-devel-2.7.8-16.el7.x86_64.rpm python27-python-libs-2.7.8-16.el7.x86_64.rpm python27-python-test-2.7.8-16.el7.x86_64.rpm python27-python-tools-2.7.8-16.el7.x86_64.rpm python27-tkinter-2.7.8-16.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2): Source: python27-python-2.7.8-16.el7.src.rpm x86_64: python27-python-2.7.8-16.el7.x86_64.rpm python27-python-debug-2.7.8-16.el7.x86_64.rpm python27-python-debuginfo-2.7.8-16.el7.x86_64.rpm python27-python-devel-2.7.8-16.el7.x86_64.rpm python27-python-libs-2.7.8-16.el7.x86_64.rpm python27-python-test-2.7.8-16.el7.x86_64.rpm python27-python-tools-2.7.8-16.el7.x86_64.rpm python27-tkinter-2.7.8-16.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: python27-python-2.7.8-16.el7.src.rpm x86_64: python27-python-2.7.8-16.el7.x86_64.rpm python27-python-debug-2.7.8-16.el7.x86_64.rpm python27-python-debuginfo-2.7.8-16.el7.x86_64.rpm python27-python-devel-2.7.8-16.el7.x86_64.rpm python27-python-libs-2.7.8-16.el7.x86_64.rpm python27-python-test-2.7.8-16.el7.x86_64.rpm python27-python-tools-2.7.8-16.el7.x86_64.rpm python27-tkinter-2.7.8-16.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0772 https://access.redhat.com/security/cve/CVE-2016-1000110 https://access.redhat.com/security/cve/CVE-2016-5699 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXthogXlSAg2UNWIIRAuS5AJ9C1RxHJbMBNSj/RRGL5umiFbK2MQCfXR2F ol+blRkWPW1zgApPht4wMqM= =q31u -----END PGP SIGNATURE----- --
  5. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-python34-python security update Advisory ID: RHSA-2016:1630-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1630.html Issue date: 2016-08-18 CVE Names: CVE-2016-0772 CVE-2016-1000110 CVE-2016-5699 ===================================================================== 1. Summary: An update for rh-python34-python is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-1000110) * It was found that Python's smtplib library did not return an exception when StartTLS failed to be established in the SMTP.starttls() function. A man in the middle attacker could strip out the STARTTLS command without generating an exception on the Python SMTP client application, preventing the establishment of the TLS layer. (CVE-2016-0772) * It was found that the Python's httplib library (used by urllib, urllib2 and others) did not properly check HTTPConnection.putheader() function arguments. An attacker could use this flaw to inject additional headers in a Python application that allowed user provided header names or values. (CVE-2016-5699) Red Hat would like to thank Scott Geary (VendHQ) for reporting CVE-2016-1000110. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1303647 - CVE-2016-0772 python: smtplib StartTLS stripping attack 1303699 - CVE-2016-5699 python: http protocol steam injection attack 1357334 - CVE-2016-1000110 Python CGIHandler: sets environmental variable based on user supplied Proxy request header 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-python34-python-3.4.2-14.el6.src.rpm x86_64: rh-python34-python-3.4.2-14.el6.x86_64.rpm rh-python34-python-debug-3.4.2-14.el6.x86_64.rpm rh-python34-python-debuginfo-3.4.2-14.el6.x86_64.rpm rh-python34-python-devel-3.4.2-14.el6.x86_64.rpm rh-python34-python-libs-3.4.2-14.el6.x86_64.rpm rh-python34-python-test-3.4.2-14.el6.x86_64.rpm rh-python34-python-tkinter-3.4.2-14.el6.x86_64.rpm rh-python34-python-tools-3.4.2-14.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: rh-python34-python-3.4.2-14.el6.src.rpm x86_64: rh-python34-python-3.4.2-14.el6.x86_64.rpm rh-python34-python-debug-3.4.2-14.el6.x86_64.rpm rh-python34-python-debuginfo-3.4.2-14.el6.x86_64.rpm rh-python34-python-devel-3.4.2-14.el6.x86_64.rpm rh-python34-python-libs-3.4.2-14.el6.x86_64.rpm rh-python34-python-test-3.4.2-14.el6.x86_64.rpm rh-python34-python-tkinter-3.4.2-14.el6.x86_64.rpm rh-python34-python-tools-3.4.2-14.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: rh-python34-python-3.4.2-14.el6.src.rpm x86_64: rh-python34-python-3.4.2-14.el6.x86_64.rpm rh-python34-python-debug-3.4.2-14.el6.x86_64.rpm rh-python34-python-debuginfo-3.4.2-14.el6.x86_64.rpm rh-python34-python-devel-3.4.2-14.el6.x86_64.rpm rh-python34-python-libs-3.4.2-14.el6.x86_64.rpm rh-python34-python-test-3.4.2-14.el6.x86_64.rpm rh-python34-python-tkinter-3.4.2-14.el6.x86_64.rpm rh-python34-python-tools-3.4.2-14.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-python34-python-3.4.2-14.el6.src.rpm x86_64: rh-python34-python-3.4.2-14.el6.x86_64.rpm rh-python34-python-debug-3.4.2-14.el6.x86_64.rpm rh-python34-python-debuginfo-3.4.2-14.el6.x86_64.rpm rh-python34-python-devel-3.4.2-14.el6.x86_64.rpm rh-python34-python-libs-3.4.2-14.el6.x86_64.rpm rh-python34-python-test-3.4.2-14.el6.x86_64.rpm rh-python34-python-tkinter-3.4.2-14.el6.x86_64.rpm rh-python34-python-tools-3.4.2-14.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-python34-python-3.4.2-13.el7.src.rpm x86_64: rh-python34-python-3.4.2-13.el7.x86_64.rpm rh-python34-python-debug-3.4.2-13.el7.x86_64.rpm rh-python34-python-debuginfo-3.4.2-13.el7.x86_64.rpm rh-python34-python-devel-3.4.2-13.el7.x86_64.rpm rh-python34-python-libs-3.4.2-13.el7.x86_64.rpm rh-python34-python-test-3.4.2-13.el7.x86_64.rpm rh-python34-python-tkinter-3.4.2-13.el7.x86_64.rpm rh-python34-python-tools-3.4.2-13.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1): Source: rh-python34-python-3.4.2-13.el7.src.rpm x86_64: rh-python34-python-3.4.2-13.el7.x86_64.rpm rh-python34-python-debug-3.4.2-13.el7.x86_64.rpm rh-python34-python-debuginfo-3.4.2-13.el7.x86_64.rpm rh-python34-python-devel-3.4.2-13.el7.x86_64.rpm rh-python34-python-libs-3.4.2-13.el7.x86_64.rpm rh-python34-python-test-3.4.2-13.el7.x86_64.rpm rh-python34-python-tkinter-3.4.2-13.el7.x86_64.rpm rh-python34-python-tools-3.4.2-13.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2): Source: rh-python34-python-3.4.2-13.el7.src.rpm x86_64: rh-python34-python-3.4.2-13.el7.x86_64.rpm rh-python34-python-debug-3.4.2-13.el7.x86_64.rpm rh-python34-python-debuginfo-3.4.2-13.el7.x86_64.rpm rh-python34-python-devel-3.4.2-13.el7.x86_64.rpm rh-python34-python-libs-3.4.2-13.el7.x86_64.rpm rh-python34-python-test-3.4.2-13.el7.x86_64.rpm rh-python34-python-tkinter-3.4.2-13.el7.x86_64.rpm rh-python34-python-tools-3.4.2-13.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-python34-python-3.4.2-13.el7.src.rpm x86_64: rh-python34-python-3.4.2-13.el7.x86_64.rpm rh-python34-python-debug-3.4.2-13.el7.x86_64.rpm rh-python34-python-debuginfo-3.4.2-13.el7.x86_64.rpm rh-python34-python-devel-3.4.2-13.el7.x86_64.rpm rh-python34-python-libs-3.4.2-13.el7.x86_64.rpm rh-python34-python-test-3.4.2-13.el7.x86_64.rpm rh-python34-python-tkinter-3.4.2-13.el7.x86_64.rpm rh-python34-python-tools-3.4.2-13.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0772 https://access.redhat.com/security/cve/CVE-2016-1000110 https://access.redhat.com/security/cve/CVE-2016-5699 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXthqeXlSAg2UNWIIRAhb7AJ4gvzcaD2gEtNrihN/76uRNcyxx3wCgnJOd BBlG/xStvAR4OD6dXOJ4XCc= =YZy2 -----END PGP SIGNATURE----- --
  6. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: rh-mariadb101-mariadb security update Advisory ID: RHSA-2016:1637-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1637.html Issue date: 2016-08-18 CVE Names: CVE-2016-3477 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440 ===================================================================== 1. Summary: An update for rh-mariadb101-mariadb is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - x86_64 3. Description: MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a newer upstream version: rh-mariadb101-mariadb (10.1.16). Security Fix(es): * This update fixes several vulnerabilities in the MariaDB database server. Information about these flaws can be found on the Oracle Critical Patch Update Advisory page, listed in the References section. (CVE-2016-3477, CVE-2016-3521, CVE-2016-3615, CVE-2016-5440) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MariaDB server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1358205 - CVE-2016-3477 mysql: unspecified vulnerability in subcomponent: Server: Parser (CPU July 2016) 1358209 - CVE-2016-3521 mysql: unspecified vulnerability in subcomponent: Server: Types (CPU July 2016) 1358212 - CVE-2016-3615 mysql: unspecified vulnerability in subcomponent: Server: DML (CPU July 2016) 1358218 - CVE-2016-5440 mysql: unspecified vulnerability in subcomponent: Server: RBR (CPU July 2016) 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-mariadb101-mariadb-10.1.16-1.el6.src.rpm x86_64: rh-mariadb101-mariadb-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-common-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-config-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-server-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-test-10.1.16-1.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: rh-mariadb101-mariadb-10.1.16-1.el6.src.rpm x86_64: rh-mariadb101-mariadb-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-common-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-config-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-server-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-test-10.1.16-1.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: rh-mariadb101-mariadb-10.1.16-1.el6.src.rpm x86_64: rh-mariadb101-mariadb-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-common-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-config-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-server-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-test-10.1.16-1.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-mariadb101-mariadb-10.1.16-1.el6.src.rpm x86_64: rh-mariadb101-mariadb-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-common-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-config-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-server-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.16-1.el6.x86_64.rpm rh-mariadb101-mariadb-test-10.1.16-1.el6.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-mariadb101-mariadb-10.1.16-1.el7.src.rpm x86_64: rh-mariadb101-mariadb-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-common-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-config-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-server-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-test-10.1.16-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1): Source: rh-mariadb101-mariadb-10.1.16-1.el7.src.rpm x86_64: rh-mariadb101-mariadb-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-common-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-config-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-server-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-test-10.1.16-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2): Source: rh-mariadb101-mariadb-10.1.16-1.el7.src.rpm x86_64: rh-mariadb101-mariadb-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-common-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-config-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-server-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-test-10.1.16-1.el7.x86_64.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-mariadb101-mariadb-10.1.16-1.el7.src.rpm x86_64: rh-mariadb101-mariadb-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-bench-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-common-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-config-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-debuginfo-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-devel-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-errmsg-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-oqgraph-engine-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-server-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-server-galera-10.1.16-1.el7.x86_64.rpm rh-mariadb101-mariadb-test-10.1.16-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-3477 https://access.redhat.com/security/cve/CVE-2016-3521 https://access.redhat.com/security/cve/CVE-2016-3615 https://access.redhat.com/security/cve/CVE-2016-5440 https://access.redhat.com/security/updates/classification/#important http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixMSQL https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10116-release-notes/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXtiCHXlSAg2UNWIIRAiHaAJ4gRdiwxJ56CHXVIk9nx1jl+xMXXgCgnKc1 FhMD4gzP7+8bFa9/yD4Qd3s= =KNOM -----END PGP SIGNATURE----- --
  7. news
    Hello editors, Today we revisit AMD's A10-7870K APU, which earlier this year was repackaged with a new "near-silent" 125W thermal solution which is essentially the same as the Wraith cooler but without the LED-backlit fan shroud. We've tested the new thermal solution to see what cooling improvements it has to offer for the A10-7870K when compared to the original stock cooler. https://www.neoseeker.com/Articles/Hardware/Reviews/amd-a10-7870k-apu/ "In order to find out just how much better the 125W thermal solution will > perform, I am going to test the A10-7870K APU mounted on a Gigabyte > F2A88X-UP4 motherboard provided by AMD with a set of 16 GB (2 x 8) DDR3 RAM > modules set at 2133 MHz speed. I will then run thermal and fan speed tests > so a comparison of the results will provide a meaningful data set to > compare the near-silent 125W cooler to an older model AMD cooling solution." > Thanks as always for any linkage! Neoseeker Hardware https://www.neoseeker.com/ hardware ( -at -) neoseeker.com
  8. news
    CentOS Errata and Security Advisory 2016:1626 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1626.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 4580fa3bd63f62fcb02e491b1ab0952f5c11d56dac42295d3f7917818790c28d python-2.7.5-38.el7_2.x86_64.rpm d65cd5414f4167267a8305c43b9828a19d6c0f02c4b9b046bcbc4ebfb9d898b9 python-debug-2.7.5-38.el7_2.x86_64.rpm 1d846ef07419a41e66c2423f07063dfc498f595bc8077bac36af8d3204a3e3fa python-devel-2.7.5-38.el7_2.x86_64.rpm 4225681bbc8bdc0a24dba05f6edd0b7536448a7d062a9ef0f921501c8bf3757e python-libs-2.7.5-38.el7_2.i686.rpm de6d8600d0d9a36c1cb22b6968224612ad7a06354d9cbd33da4bec17554837fe python-libs-2.7.5-38.el7_2.x86_64.rpm 01c3fecdcab99e8f853adcde3fb2080468c2eff91c5e29906a143541d494f4df python-test-2.7.5-38.el7_2.x86_64.rpm ca3d26aa3f2a10f399ab2f26577054fc0c443b099e2bbfba1b6d4785a4fce3f9 python-tools-2.7.5-38.el7_2.x86_64.rpm 95c26c4e3a57926bc59e80e8f2707011c5000a6a0d47875e823a4126cf15ea6b tkinter-2.7.5-38.el7_2.x86_64.rpm Source: 4470b36c08ba660c4317b4211b6aa2207288d4a9f438a998b92be3d62a958def python-2.7.5-38.el7_2.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  9. news
    CentOS Errata and Security Advisory 2016:1626 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1626.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: d434ddba7ca4db22fb0a430f43961ecda1394f8e0c0c799855acf448a056b2f4 python-2.6.6-66.el6_8.i686.rpm 73a0c8b071682ee7cf2f44d1779ffc3302ad639fffe6ef3e528c887af609058b python-devel-2.6.6-66.el6_8.i686.rpm 48e1c9e73faeeed24011487a75915cdd67cdbdd0fb3aadfa6ea2a690220e6e0f python-libs-2.6.6-66.el6_8.i686.rpm fdfc3b56a5caa9bcf8b58737caa7337daf49532fca8a1e62e7c5f1edfcab0c91 python-test-2.6.6-66.el6_8.i686.rpm 069495e99bfd46b657c8622274cb0aca1921b374df5e43ec8ef7f88052b504c0 python-tools-2.6.6-66.el6_8.i686.rpm 6d267b6e09719e7cd17e7b05e736a4272f14d62dc3162616c65840a80bd90847 tkinter-2.6.6-66.el6_8.i686.rpm x86_64: 53c75a1756e5b4f6564c5229a37948c9b4561e0bf58076bd7dab7aff85a417f2 python-2.6.6-66.el6_8.x86_64.rpm 73a0c8b071682ee7cf2f44d1779ffc3302ad639fffe6ef3e528c887af609058b python-devel-2.6.6-66.el6_8.i686.rpm 5c9d6761d8d896b93ed92caa1ec61045aa1847c32d6cf860c2b4959b49d9de80 python-devel-2.6.6-66.el6_8.x86_64.rpm 48e1c9e73faeeed24011487a75915cdd67cdbdd0fb3aadfa6ea2a690220e6e0f python-libs-2.6.6-66.el6_8.i686.rpm ae6a523f79928c4fdb8c7d62f07279883b20b8b89d8703cb91030201c54e25e9 python-libs-2.6.6-66.el6_8.x86_64.rpm 61116f6ad9f288b23d0fd63fa2252ffd2fdc53e978a358aebda1654453145d4c python-test-2.6.6-66.el6_8.x86_64.rpm a88d7d03b236ac4938be140c230d2d8d645a82a39bcf647c7d5d55bc27106192 python-tools-2.6.6-66.el6_8.x86_64.rpm 7eb7c048610b47fd5c7918e5f12038c3869fe90f4a24d604fbc70a6220d460c2 tkinter-2.6.6-66.el6_8.x86_64.rpm Source: b56fb033143cf700283ef68914a9cec31a1f8a045e6849c3c1afd2e08d7a2b56 python-2.6.6-66.el6_8.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  10. news
    SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:2100-1 Rating: important References: #954872 #955399 #957986 #958848 #961600 #963161 #964427 #967630 #973188 #974038 #974912 #975130 #975138 #975907 #976058 #976111 #978164 #978295 #978413 #979035 #979620 #979670 #980716 #980724 #981264 #981276 #982024 #982025 #982026 #982224 #982225 #982286 #982695 #982960 #983973 #983984 #985503 #986586 #988675 #989235 #990843 #990923 Cross-References: CVE-2014-3672 CVE-2016-3158 CVE-2016-3159 CVE-2016-3710 CVE-2016-3960 CVE-2016-4001 CVE-2016-4002 CVE-2016-4020 CVE-2016-4037 CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4952 CVE-2016-4962 CVE-2016-4963 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-6258 CVE-2016-6351 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 26 vulnerabilities and has 16 fixes is now available. Description: This update for xen fixes the several issues. These security issues were fixed: - CVE-2014-3672: The qemu implementation in libvirt Xen allowed local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr (bsc#981264). - CVE-2016-3158: The xrstor function did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188). - CVE-2016-3159: The fpu_fxrstor function in arch/x86/i387.c did not properly handle writes to the hardware FSW.ES bit when running on AMD64 processors, which allowed local guest OS users to obtain sensitive register content information from another guest by leveraging pending exception and mask bits (bsc#973188). - CVE-2016-3710: The VGA module improperly performed bounds checking on banked access to video memory, which allowed local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue (bsc#978164). - CVE-2016-3960: Integer overflow in the x86 shadow pagetable code allowed local guest OS users to cause a denial of service (host crash) or possibly gain privileges by shadowing a superpage mapping (bsc#974038). - CVE-2016-4001: Buffer overflow in the stellaris_enet_receive function, when the Stellaris ethernet controller is configured to accept large packets, allowed remote attackers to cause a denial of service (QEMU crash) via a large packet (bsc#975130). - CVE-2016-4002: Buffer overflow in the mipsnet_receive function, when the guest NIC is configured to accept large packets, allowed remote attackers to cause a denial of service (memory corruption and QEMU crash) or possibly execute arbitrary code via a packet larger than 1514 bytes (bsc#975138). - CVE-2016-4020: The patch_instruction function did not initialize the imm32 variable, which allowed local guest OS administrators to obtain sensitive information from host stack memory by accessing the Task Priority Register (TPR) (bsc#975907). - CVE-2016-4037: The ehci_advance_state function in hw/usb/hcd-ehci.c allowed local guest OS administrators to cause a denial of service (infinite loop and CPU consumption) via a circular split isochronous transfer descriptor (siTD) list (bsc#976111). - CVE-2016-4439: The esp_reg_write function in the 53C9X Fast SCSI Controller (FSC) support did not properly check command buffer length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the host via unspecified vectors (bsc#980716). - CVE-2016-4441: The get_cmd function in the 53C9X Fast SCSI Controller (FSC) support did not properly check DMA length, which allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command (bsc#980724). - CVE-2016-4453: The vmsvga_fifo_run function allowed local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command (bsc#982225). - CVE-2016-4454: The vmsvga_fifo_read_raw function allowed local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggered an out-of-bounds read (bsc#982224). - CVE-2016-4952: Out-of-bounds access issue in pvsci_ring_init_msg/data routines (bsc#981276). - CVE-2016-4962: The libxl device-handling allowed local OS guest administrators to cause a denial of service (resource consumption or management facility confusion) or gain host OS privileges by manipulating information in guest controlled areas of xenstore (bsc#979620). - CVE-2016-4963: The libxl device-handling allowed local guest OS users with access to the driver domain to cause a denial of service (management tool confusion) by manipulating information in the backend directories in xenstore (bsc#979670). - CVE-2016-5105: Stack information leakage while reading configuration (bsc#982024). - CVE-2016-5106: Out-of-bounds write while setting controller properties (bsc#982025). - CVE-2016-5107: Out-of-bounds read in megasas_lookup_frame() function (bsc#982026). - CVE-2016-5126: Heap-based buffer overflow in the iscsi_aio_ioctl function allowed local guest OS users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code via a crafted iSCSI asynchronous I/O ioctl call (bsc#982286). - CVE-2016-5238: The get_cmd function in hw/scsi/esp.c might have allowed local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via vectors related to reading from the information transfer buffer in non-DMA mode (bsc#982960). - CVE-2016-5337: The megasas_ctrl_get_info function allowed local guest OS administrators to obtain sensitive host memory information via vectors related to reading device control information (bsc#983973). - CVE-2016-5338: The (1) esp_reg_read and (2) esp_reg_write functions allowed local guest OS administrators to cause a denial of service (QEMU process crash) or execute arbitrary code on the host via vectors related to the information transfer buffer (bsc#983984). - CVE-2016-6258: Potential privilege escalation in PV guests (XSA-182) (bsc#988675). - bsc#978295: x86 software guest page walk PS bit handling flaw (XSA-176) - CVE-2016-5403: virtio: unbounded memory allocation on host via guest leading to DoS (XSA-184) (bsc#990923) - CVE-2016-6351: scsi: esp: OOB write access in esp_do_dma (bsc#990843) These non-security issues were fixed: - bsc#954872: Script block-dmmd not working as expected - libxl: error: libxl_dm.c - bsc#957986: Indirect descriptors are not compatible with Amazon block backend - bsc#958848: HVM guest crash at /usr/src/packages/BUILD/xen-4.4.2-testing/obj/default/balloon/balloon.c:407 - bsc#961600: Poor performance when Xen HVM domU configured with max memory greater than current memory - bsc#963161: Windows VM getting stuck during load while a VF is assigned to it after upgrading to latest maintenance updates - bsc#964427: Discarding device blocks: failed - Input/output error - bsc#976058: Xen error running simple HVM guest (Post Alpha 2 xen+qemu) - bsc#982695: qemu fails to boot HVM guest from xvda - bsc#986586: Out of memory (oom) during boot on "modprobe xenblk" (non xen kernel) - bsc#967630: Discrepancy in reported memory size with correction XSA-153 for xend. Additional memory adjustment made. - bsc#974912: Persistent performance drop after live-migration using xend tool stack - bsc#979035: Restore xm migrate fixes for bsc#955399/ bsc#955399 - bsc#989235: xen dom0 xm create command only searched /etc/xen instead of /etc/xen/vm - Live Migration SLES 11 SP3 to SP4 on AMD: "xc: error: Couldn't set extended vcpu0 info" - bsc#985503: Fixed vif-route - bsc#978413: PV guest upgrade from SLES11 SP4 to SLES 12 SP2 alpha3 failed Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-xen-12702=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xen-12702=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xen-12702=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): xen-devel-4.4.4_07-37.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): xen-kmp-default-4.4.4_07_3.0.101_77-37.1 xen-libs-4.4.4_07-37.1 xen-tools-domU-4.4.4_07-37.1 - SUSE Linux Enterprise Server 11-SP4 (x86_64): xen-4.4.4_07-37.1 xen-doc-html-4.4.4_07-37.1 xen-libs-32bit-4.4.4_07-37.1 xen-tools-4.4.4_07-37.1 - SUSE Linux Enterprise Server 11-SP4 (i586): xen-kmp-pae-4.4.4_07_3.0.101_77-37.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): xen-debuginfo-4.4.4_07-37.1 xen-debugsource-4.4.4_07-37.1 References: https://www.suse.com/security/cve/CVE-2014-3672.html https://www.suse.com/security/cve/CVE-2016-3158.html https://www.suse.com/security/cve/CVE-2016-3159.html https://www.suse.com/security/cve/CVE-2016-3710.html https://www.suse.com/security/cve/CVE-2016-3960.html https://www.suse.com/security/cve/CVE-2016-4001.html https://www.suse.com/security/cve/CVE-2016-4002.html https://www.suse.com/security/cve/CVE-2016-4020.html https://www.suse.com/security/cve/CVE-2016-4037.html https://www.suse.com/security/cve/CVE-2016-4439.html https://www.suse.com/security/cve/CVE-2016-4441.html https://www.suse.com/security/cve/CVE-2016-4453.html https://www.suse.com/security/cve/CVE-2016-4454.html https://www.suse.com/security/cve/CVE-2016-4952.html https://www.suse.com/security/cve/CVE-2016-4962.html https://www.suse.com/security/cve/CVE-2016-4963.html https://www.suse.com/security/cve/CVE-2016-5105.html https://www.suse.com/security/cve/CVE-2016-5106.html https://www.suse.com/security/cve/CVE-2016-5107.html https://www.suse.com/security/cve/CVE-2016-5126.html https://www.suse.com/security/cve/CVE-2016-5238.html https://www.suse.com/security/cve/CVE-2016-5337.html https://www.suse.com/security/cve/CVE-2016-5338.html https://www.suse.com/security/cve/CVE-2016-5403.html https://www.suse.com/security/cve/CVE-2016-6258.html https://www.suse.com/security/cve/CVE-2016-6351.html https://bugzilla.suse.com/954872 https://bugzilla.suse.com/955399 https://bugzilla.suse.com/957986 https://bugzilla.suse.com/958848 https://bugzilla.suse.com/961600 https://bugzilla.suse.com/963161 https://bugzilla.suse.com/964427 https://bugzilla.suse.com/967630 https://bugzilla.suse.com/973188 https://bugzilla.suse.com/974038 https://bugzilla.suse.com/974912 https://bugzilla.suse.com/975130 https://bugzilla.suse.com/975138 https://bugzilla.suse.com/975907 https://bugzilla.suse.com/976058 https://bugzilla.suse.com/976111 https://bugzilla.suse.com/978164 https://bugzilla.suse.com/978295 https://bugzilla.suse.com/978413 https://bugzilla.suse.com/979035 https://bugzilla.suse.com/979620 https://bugzilla.suse.com/979670 https://bugzilla.suse.com/980716 https://bugzilla.suse.com/980724 https://bugzilla.suse.com/981264 https://bugzilla.suse.com/981276 https://bugzilla.suse.com/982024 https://bugzilla.suse.com/982025 https://bugzilla.suse.com/982026 https://bugzilla.suse.com/982224 https://bugzilla.suse.com/982225 https://bugzilla.suse.com/982286 https://bugzilla.suse.com/982695 https://bugzilla.suse.com/982960 https://bugzilla.suse.com/983973 https://bugzilla.suse.com/983984 https://bugzilla.suse.com/985503 https://bugzilla.suse.com/986586 https://bugzilla.suse.com/988675 https://bugzilla.suse.com/989235 https://bugzilla.suse.com/990843 https://bugzilla.suse.com/990923 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  11. news
    Hi News Poster HardwareOverclock.com has just posted another review. Last week we have taken a look at the Enermax ETS-T50 AXE CPU cooler. The new cooler from Enermax is a high-performance CPU cooler that, thanks to several innovative technologies, grants a cooling capacity up to 250W TDP. Title: Enermax ETS-T50 AXE CPU cooler ( -at -) HardwareOverclock.com Link: http://hardwareoverclock.com/Enermax-ETS-T50-AXE-CPU-Kuehler.htm Image: http://hardwareoverclock.com/kuehler/Enermax-ETS-T50-AXE-046.jpg Thanks for posting Rene Ruf Chefredakteur HardwareOverclock.com <http://www.hardwareoverclock.com/> http://www.hardwareoverclock.com <mailto:admin ( -at -) hardwareoverclock.com> mailto:admin ( -at -) hardwareoverclock.com
  12. news
    View this email in your browser (http://us3.campaign-archive2.com/?u=efc4c507c2cf964fc2462caca&id=98c62d4112&e=0c004f9c13) We’ve been talking about the claimed 40% IPC (Instructions Per Clock) improvement of AMD's forthcoming Zen processor, versus the company's existing Excavator core, for ages it seems. We also know Zen's initial availability is slated for later this year, with a lager-scale roll-out planned for early 2017. Finally, AMD has also made it known previously that it will be standardizing on the new socket AM4 platform, which has support for DDR4 memory, PCIe Gen 3, USB 3.1 Gen2 10Gbps, NVMe, and SATA Express. There is already a lot of Zen-related information out there if you know where to look – like right here at HH, of course – but we’ve got much more meat on Zen to share with you today. AMD Further Unveils Zen Processor Details And An Impressive Benchmark Showdown Versus Intel Broadwell-E (http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=99169233ea&e=0c004f9c13) http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=02501572ad&e=0c004f9c13 Best Regards, HotHardware.com http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=0d5917f6ee&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=59f64d44ed&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=698e4360df&e=0c004f9c13 ============================================================
  13. news
    Amped Wireless REC22P Plug-In AC1200 WiFi Range Extender Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/amped-wireless-rec22p-plug-in-ac1200-wifi-range-extender-review/ Image URL: http://www.thinkcomputers.org/reviews/amped_rec22p/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/amped_rec22p/small.jpg Quote: "The speeds of our wireless devices keep on getting faster and faster. Sadly, the distance our routers can cover is limited, especially if you have a large home or detached garage and you want to still access the internet. For these such cases we have WiFi range extenders. These allows you to easily extend the range of your WiFi network with little hassle. Today we will be taking a look at Amped Wireless’ latest WiFi range extenders the REC22P. This range extender is an AC1200 device so you have 300Mbps on 2.4GHz and 867Mbps on 5GHz for super fast transfer speeds. To help cover the 11,000 sq ft Amped Wireless says the REC22P covers you have 8 high power amplifiers and 2 high gain antennas. This range extender also has a pass-thru outlet so you don’t lose an outlet when you install it, a rapid USB charging port for your USB devices, and a Gigabit network bridge to connect 1 additional wired device. It seems the REC22P has it all, let’s check it out!"
  14. news
  15. news
    <http://www.eteknix.com> Cooler Master MasterPulse Over-Ear With Bass FX Review Today is a great day in the eTeknix office, as the latest Cooler Master headset is here at last! The new MasterPulse takes what we know and love about the MasterPulse in-ear headphones, and makes everything bigger, rocking an over-ear design that promises premium quality and affordable prices for mobile and desktop audio. URL - http://www.eteknix.com/cooler-master-masterpulse-over-ear-with-bass-fx-review/ --
  16. news

    rhythmbox 3.4 released

    news posted a topic in Upcoming News

    Overview of changes in Rhythmbox 3.4 ==================================== * New web remote control plugin * Grilo plugin now uses Grilo 0.3 * Soundcloud plugin fetches more search results and allows pausing * No longer uses webkit (partly due to OpenBSD W^X enforcement) * Slightly better handling of keyboard shortcuts for playback * Core and some plugin data files compiled into binaries using GResources Bugs fixed: 703910 Entering then leaving Party Mode breaks the app menu; Party Mode status incorrectly reported 721926 TerraParser (lyric's plugin) is not fetching lyrics correctly 759589 grilo: Port to 0.3.0 765833 [regression] Cover art shown superposed over the song titles and artist names when cover art is disabled 766584 Referenced website replaygain.org is not about ReplayGain 767318 Use correct pkg-config binary 767466 daap: Fix warnings when configuring music sharing 767524 "To translators: the context is" doesn't continue the sentence 768545 Cannot change MP4 encoder settings 769404 Memory leak Translation updates: - ca, courtesy of Jordi Mas - cs, courtesy of Marek Černocký - da, courtesy of Ask Hjorth Larsen - de, courtesy of Mario Blättermann - es, courtesy of Daniel Mustieles - fi, courtesy of Jiri Grönroos - fr, courtesy of Claude Paroz - ga, courtesy of Seán de Búrca - gd, courtesy of GunChleoc - hr, courtesy of gogo - hu, courtesy of Meskó Balázs - pl, courtesy of Piotr Drąg - pt_BR, courtesy of Enrico Nicoletto - pt, courtesy of Tiago Santos - ro, courtesy of Daniel Șerbănescu - sk, courtesy of DuÅ¡an Kazik - sv, courtesy of Anders Jonsson - vi, courtesy of Trần Ngá»Âc Quân - zh_CN, courtesy of shijing Download from https://download.gnome.org/sources/rhythmbox/3.4/ _______________________________________________
  17. news
    <http://www.eteknix.com> Seagate SkyHawk 10TB NVR and DVR HDD Review I've recently had a look at the 10TB IronWolf NAS HDD from Seagate and today it is time to take a closer look at its brother, the brand new SkyHawk DVR and NVR <http://www.seagate.com/gb/en/internal-hard-drives/skyhawk/>  hard disk drive with a massive 10TB capacity. Sure, you could use NAS optimized drives for simple video setups, but having a video and camera optimized surveillance disk does bring advantages. Especially when your recorded video is critical. URL - http://www.eteknix.com/seagate-skyhawk-10tb-nvr-dvr-hdd-review/ --
  18. news
    View this email in your browser (http://us3.campaign-archive2.com/?u=efc4c507c2cf964fc2462caca&id=5c70015f15&e=0c004f9c13) Today’s opening keynote at the Intel Developers Forum focused on a number of forward-looking AI, deep learning, connectivity and networking technologies, like 5G and Silicon Photonics. But late in the address, Intel’s Vice President and General Manager of its Data Center Group (DCG), Diane Bryant, quickly dropped a few details regarding the company’s next-generation Xeon Phi processor, codenamed Knights Mill. And details of a deal between ARM and Intel for next-gen 10nm SoC production emerged... Intel Silicon Photonics 100Gbps Network Modules Now Shipping For Next Gen Datacenters (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=73e80c0bf0&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=55a2a2a80b&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=0455e2cb96&e=0c004f9c13 Intel Teases Next-Gen Knights Mill Xeon Phi Processor Optimized For Deep Learning (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=50e8eaab89&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=57109acca3&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=301db0e8fb&e=0c004f9c13 Intel To Manufacture ARM-Based Smartphone Chips In Bid To Overthrow TSMC, Samsung (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=39975e41c4&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=ee0dbb763d&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=f93f8a4a43&e=0c004f9c13 Best Regards, HotHardware.com http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=c05b0c3761&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=0c4d9b5a8a&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=164c259fc7&e=0c004f9c13 ============================================================
  19. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libupnp Version : 1.6.17-1.2+deb7u1 CVE ID : CVE-2016-6255 Debian Bug : 831857 It has been discovered that libupnp's default behaviour allows anyone to write to the filesystem of the system running a libupnp-based server application. For Debian 7 "Wheezy", these problems have been fixed in version 1.6.17-1.2+deb7u1. We recommend that you upgrade your libupnp packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXtP2DAAoJEPZk0la0aRp9+4EQAM4Cox1XbQscYXPlrdzFwjAy aqPy3k47I7nZ6f2oVfJXDFqwUqEu+eVPT1U/4OTtY+lc9HUYgKCBSRhouQkax507 n47UdoFF/Esk8kNv79QnlGOH6twC4E2FmcVd4V9eE02N3eiungk+VzHk8uCs+Zt3 g2l+2MY0QO2suzqQR7dBA2rlss3YYk3SpJLWq5jPj/mz11MFe/RqVf31H6lqXNYS Z9fpraYtDtmdFmzqRcYeO75cKpdP/LnbtaW5ABKrnkn5xeHTD2bzbUnTG0oQdhrc ZeslEVwmQwmQVTNHnsNfHjiGz4MTexkQ/3OcjifEa3ytIhA+SRdCgt4/VvTusNlX oUuVRsNk1GGsZELD05rhOwzKRsMiIiMnEHzlfSP5I4h61yCSSc217SmkjE7qtaYX mRxVF5ByiMraOPs/nyb5+iJfHJ1exJ/l6oPY64Bi+GLz7GqYoEtkbRhfYptqlrCp JZcxrrA/8Pxy/tPPHzSBbrmCk1hMRO4iaRAprU/OGHk+GRXXC/8LWpNa34DHp7IT Cmj6PSFE5OXlEtdtXgyjNzq9EpH3l3cJBkIT/Gd5QsuslxqGfKWCNCbPem9cUfe+ T0VQuJkmk9Ss0YGX0gpANKSj1VA2cBP0V9+91lUyC2XOpGwSRsveA7e6x8JIGmsd FLWevSae8KnR79lS6h/2 =TTE0 -----END PGP SIGNATURE-----
  20. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: MSI X99A GAMING PRO CARBON (with Broadwell-E) Link: http://www.techpowerup.com/reviews/MSI/X99A_GAMING_PRO_CARBON Brief: MSI delivered us a new X99 motherboard, the X99A-GAMING PRO CARBON, a stealthy all-black motherboard with some RGB Mystic Light goodness. Designed for those new multiple GPUs you just bought, the MSI X99A GAMING PRO CARBON is ready to take your VGAs, your memory and your new Broadwell-E CPU to the limits to then stay there!
  21. news
    Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* Cooler Master MasterLiquid Pro 240 ( -at -) LanOC Reviews <http://lanoc.org/review/cooling/7317-cooler-master-masterliquid-pro-240> *DESCRIPTION:* Everyone and their mom has at least one all in one water cooling kit in their product lineup these days. But Cooler Master was in it long before that. They have been selling AIO kits from nearly the beginning and while everyone basically repackages the same kits, Cooler Master has sold a wide variety of kits. This also ended up having the somewhat famously battling in court with one of the AIO OEMs due to a few patients. Well, that hasn’t stopped them at all. So recently they sent the MasterLiquid 240 over for me to check out. On top of being yet another product in their lineup with the Master branding, the AIO kit looks to be a little unique from everything else on the market, so today I’m going to check it out and find out how well it performs while we are at it. Enjoy. *ARTICLE URL:* http://lanoc.org/review/cooling/7317-cooler-master-masterliquid-pro-240 *LARGE IMAGE URL:* http://lanoc.org/images/reviews/2016/cooler_master_masterliquid_pro_240/title.jpg *SMALL IMAGE URL:* http://lanoc.org/images/reviews/2016/cooler_master_masterliquid_pro_240/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review? format=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org <reviews ( -at -) lanoc.org>* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>
  22. news
    <div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_extra"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr">Bigbruin.com has published new content which might be of interest to your readers. A post on your site regarding this announcement would be greatly appreciated.</div><div dir="ltr"><br><b>Title:</b> Kingston HyperX Savage 960GB SATA III SSD</div><div dir="ltr"><br><strong>Link:  </strong><font color="#1155cc"><u><a href="http://bigbruin.com/content/hyperx-savage_1" target="_blank" data-saferedirecturl="https://www.google.com/url?hl=en&q=http://bigbruin.com/content/hyperx-savage_1&source=gmail&ust=1471548455573000&usg=AFQjCNEpoe7Fga2NDpErKT70ED_L-vGItw">http://bigbruin.com/content/<wbr>hyperx-savage_1</a></u></font></div><div dir="ltr"><strong></strong><br><strong>Image (250x250):  </strong><font color="#1155cc"><u><a href="http://bigbruin.com/images/articles/911/promo_1.jpg" target="_blank" data-saferedirecturl="https://www.google.com/url?hl=en&q=http://bigbruin.com/images/articles/911/promo_1.jpg&source=gmail&ust=1471548455573000&usg=AFQjCNE8TuiCLxl__tV-ahE9GjsLHNSJ3A">http://bigbruin.com/images/<wbr>articles/911/promo_1.jpg</a></u></font></div><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><b> </b><div><strong>Quote:</strong></div><div><strong><br></strong></div><div>Kingston is the world's largest independent manufacturer of memory products, which includes solid state drives. They have SSDs with features and capacities for just about any application, but for those looking for the ultimate in performance, they have their HyperX series. In this review, we will be checking out the 960GB HyperX Savage SSD, which is powered by a quad-core, 8-channel Phison S10 controller that gives it read speeds of up to 560MB/s and write speeds up to 530MB/s.<br></div><div><br></div><div>Best regards,<br><br>Jason<br><a href="http://www.bigbruin.com/" target="_blank" data-saferedirecturl="https://www.google.com/url?hl=en&q=http://www.bigbruin.com/&source=gmail&ust=1471548455573000&usg=AFQjCNEHod12yG3Rk5O9dDs4tuOBkH-kiA"><font color="#0066cc">www.bigbruin.com</font></a><br><br><span style="color:rgb(102,102,102)">---</span><br style="color:rgb(102,102,102)"><br style="color:rgb(102,102,102)"><span style="color:rgb(102,102,102)">If you have tech news of your own, please
  23. news
    <div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_extra"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr">Bigbruin.com has published new content which might be of interest to your readers. A post on your site regarding this announcement would be greatly appreciated.</div><div dir="ltr"><br><b>Title:</b> Kingston HyperX Savage 960GB SATA III SSD</div><div dir="ltr"><br><strong>Link:  </strong><font color="#1155cc"><u><a href="http://bigbruin.com/content/hyperx-savage_1" target="_blank" data-saferedirecturl="https://www.google.com/url?hl=en&q=http://bigbruin.com/content/hyperx-savage_1&source=gmail&ust=1471548455573000&usg=AFQjCNEpoe7Fga2NDpErKT70ED_L-vGItw">http://bigbruin.com/content/<wbr>hyperx-savage_1</a></u></font></div><div dir="ltr"><strong></strong><br><strong>Image (250x250):  </strong><font color="#1155cc"><u><a href="http://bigbruin.com/images/articles/911/promo_1.jpg" target="_blank" data-saferedirecturl="https://www.google.com/url?hl=en&q=http://bigbruin.com/images/articles/911/promo_1.jpg&source=gmail&ust=1471548455573000&usg=AFQjCNE8TuiCLxl__tV-ahE9GjsLHNSJ3A">http://bigbruin.com/images/<wbr>articles/911/promo_1.jpg</a></u></font></div><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div dir="ltr"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><div class="gmail_quote"><b> </b><div><strong>Quote:</strong></div><div><strong><br></strong></div><div>Kingston is the world's largest independent manufacturer of memory products, which includes solid state drives. They have SSDs with features and capacities for just about any application, but for those looking for the ultimate in performance, they have their HyperX series. In this review, we will be checking out the 960GB HyperX Savage SSD, which is powered by a quad-core, 8-channel Phison S10 controller that gives it read speeds of up to 560MB/s and write speeds up to 530MB/s.<br></div><div><br></div><div>Best regards,<br><br>Jason<br><a href="http://www.bigbruin.com/" target="_blank" data-saferedirecturl="https://www.google.com/url?hl=en&q=http://www.bigbruin.com/&source=gmail&ust=1471548455573000&usg=AFQjCNEHod12yG3Rk5O9dDs4tuOBkH-kiA"><font color="#0066cc">www.bigbruin.com</font></a><br><br><span style="color:rgb(102,102,102)">---</span><br style="color:rgb(102,102,102)"><br style="color:rgb(102,102,102)"><span style="color:rgb(102,102,102)">If you have tech news of your own, please
  24. news
    SUSE Security Update: Security update for yast2-ntp-client ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:2094-1 Rating: important References: #985065 Cross-References: CVE-2015-1798 CVE-2015-1799 CVE-2015-5194 CVE-2015-5300 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7705 CVE-2015-7848 CVE-2015-7849 CVE-2015-7850 CVE-2015-7851 CVE-2015-7852 CVE-2015-7853 CVE-2015-7854 CVE-2015-7855 CVE-2015-7871 CVE-2015-7973 CVE-2015-7974 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8158 CVE-2016-1547 CVE-2016-1548 CVE-2016-1549 CVE-2016-1550 CVE-2016-1551 CVE-2016-2516 CVE-2016-2517 CVE-2016-2518 CVE-2016-2519 CVE-2016-4953 CVE-2016-4954 CVE-2016-4955 CVE-2016-4956 CVE-2016-4957 Affected Products: SUSE Linux Enterprise Server 10 SP4 LTSS ______________________________________________________________________________ An update that fixes 43 vulnerabilities is now available. It includes one version update. Description: The YaST2 NTP Client was updated to handle the presence of both xntp and ntp packages. If none are installed, "ntp" will be installed. Security Issues: * CVE-2016-4953 * CVE-2016-4954 * CVE-2016-4955 * CVE-2016-4956 * CVE-2016-4957 * CVE-2016-1547 * CVE-2016-1548 * CVE-2016-1549 * CVE-2016-1550 * CVE-2016-1551 * CVE-2016-2516 * CVE-2016-2517 * CVE-2016-2518 * CVE-2016-2519 * CVE-2015-8158 * CVE-2015-8138 * CVE-2015-7979 * CVE-2015-7978 * CVE-2015-7977 * CVE-2015-7976 * CVE-2015-7975 * CVE-2015-7974 * CVE-2015-7973 * CVE-2015-5300 * CVE-2015-5194 * CVE-2015-7871 * CVE-2015-7855 * CVE-2015-7854 * CVE-2015-7853 * CVE-2015-7852 * CVE-2015-7851 * CVE-2015-7850 * CVE-2015-7849 * CVE-2015-7848 * CVE-2015-7701 * CVE-2015-7703 * CVE-2015-7704 * CVE-2015-7705 * CVE-2015-7691 * CVE-2015-7692 * CVE-2015-7702 * CVE-2015-1798 * CVE-2015-1799 Package List: - SUSE Linux Enterprise Server 10 SP4 LTSS (noarch) [New Version: 2.13.18]: yast2-ntp-client-2.13.18-0.20.1 References: https://www.suse.com/security/cve/CVE-2015-1798.html https://www.suse.com/security/cve/CVE-2015-1799.html https://www.suse.com/security/cve/CVE-2015-5194.html https://www.suse.com/security/cve/CVE-2015-5300.html https://www.suse.com/security/cve/CVE-2015-7691.html https://www.suse.com/security/cve/CVE-2015-7692.html https://www.suse.com/security/cve/CVE-2015-7701.html https://www.suse.com/security/cve/CVE-2015-7702.html https://www.suse.com/security/cve/CVE-2015-7703.html https://www.suse.com/security/cve/CVE-2015-7704.html https://www.suse.com/security/cve/CVE-2015-7705.html https://www.suse.com/security/cve/CVE-2015-7848.html https://www.suse.com/security/cve/CVE-2015-7849.html https://www.suse.com/security/cve/CVE-2015-7850.html https://www.suse.com/security/cve/CVE-2015-7851.html https://www.suse.com/security/cve/CVE-2015-7852.html https://www.suse.com/security/cve/CVE-2015-7853.html https://www.suse.com/security/cve/CVE-2015-7854.html https://www.suse.com/security/cve/CVE-2015-7855.html https://www.suse.com/security/cve/CVE-2015-7871.html https://www.suse.com/security/cve/CVE-2015-7973.html https://www.suse.com/security/cve/CVE-2015-7974.html https://www.suse.com/security/cve/CVE-2015-7975.html https://www.suse.com/security/cve/CVE-2015-7976.html https://www.suse.com/security/cve/CVE-2015-7977.html https://www.suse.com/security/cve/CVE-2015-7978.html https://www.suse.com/security/cve/CVE-2015-7979.html https://www.suse.com/security/cve/CVE-2015-8138.html https://www.suse.com/security/cve/CVE-2015-8158.html https://www.suse.com/security/cve/CVE-2016-1547.html https://www.suse.com/security/cve/CVE-2016-1548.html https://www.suse.com/security/cve/CVE-2016-1549.html https://www.suse.com/security/cve/CVE-2016-1550.html https://www.suse.com/security/cve/CVE-2016-1551.html https://www.suse.com/security/cve/CVE-2016-2516.html https://www.suse.com/security/cve/CVE-2016-2517.html https://www.suse.com/security/cve/CVE-2016-2518.html https://www.suse.com/security/cve/CVE-2016-2519.html https://www.suse.com/security/cve/CVE-2016-4953.html https://www.suse.com/security/cve/CVE-2016-4954.html https://www.suse.com/security/cve/CVE-2016-4955.html https://www.suse.com/security/cve/CVE-2016-4956.html https://www.suse.com/security/cve/CVE-2016-4957.html https://bugzilla.suse.com/985065 https://download.suse.com/patch/finder/?keywords=005fabcea379ebb53725d3077bfa4ba8 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  25. news
    -------- AZIO MGK L80 (KAILH BLUE) MECHANICAL KEYBOARD REVIEW ( -at -) APH NETWORKS - Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: AZIO MGK L80 (Kailh Blue) Mechanical Keyboard Review ( -at -) APH Networks * Description: The AZIO MGK L80 (Kailh Blue) is a well-balanced mechanical keyboard with great features and attractive looks. * Link: http://aphnetworks.com/reviews/azio-mgk-l80-kailh-blue * Image: http://aphnetworks.com/review/azio-mgk-l80-kailh-blue/004.JPG Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5
×