news

View this email in your browser (http://us3.campaign-archive1.com/?u=efc4c507c2cf964fc2462caca&id=236cd77a3b&e=0c004f9c13) As much as we like piecing together formidable desktop systems crammed full of high end hardware, the future of PC gaming for many mainstream users may lie in more compact setups. Certainly there's been a push to get PC players out of a dank basement and into the living room with Steam Machines and similar console-sized PCs. However, Dell's Alienware division is hoping to take things to the next level with its pint sized Alpha R2 system, an ultra small form factor (SFF) gaming desktop. Alienware Alpha R2 Review: Big Screen Gaming In A Little Package (http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=06b30bb415&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=2950ad462e&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=0fb217a4b1&e=0c004f9c13 Best Regards, HotHardware.com http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=9959d98478&e=0c004f9c13 http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=c112752a13&e=0c004f9c13 http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=656a474044&e=0c004f9c13 ============================================================

SUSE Security Update: Security update for Linux Kernel Live Patch 1 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1994-1 Rating: important References: #971793 #973570 #979064 #979074 #979078 #980856 #980883 #983144 #984764 Cross-References: CVE-2013-7446 CVE-2015-8019 CVE-2015-8816 CVE-2016-0758 CVE-2016-1583 CVE-2016-2053 CVE-2016-3134 CVE-2016-4470 CVE-2016-4565 Affected Products: SUSE Linux Enterprise Live Patching 12 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: This update for the Linux Kernel 3.12.51-60_20 fixes the several issues. These security issues were fixed: - CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764). - CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144). - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883). - CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856). - CVE-2015-8019: The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel did not accept a length argument, which allowed local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call (bsc#979078). - CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074). - CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064). - CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793). This non-security issue was fixed: - bsc#973570: The fix for CVE-2013-7446 introduced a bug that could have possibly lead to a softlockup. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Live Patching 12: zypper in -t patch SUSE-SLE-Live-Patching-12-2016-1183=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Live Patching 12 (x86_64): kgraft-patch-3_12_51-60_20-default-5-2.1 kgraft-patch-3_12_51-60_20-xen-5-2.1 References: https://www.suse.com/security/cve/CVE-2013-7446.html https://www.suse.com/security/cve/CVE-2015-8019.html https://www.suse.com/security/cve/CVE-2015-8816.html https://www.suse.com/security/cve/CVE-2016-0758.html https://www.suse.com/security/cve/CVE-2016-1583.html https://www.suse.com/security/cve/CVE-2016-2053.html https://www.suse.com/security/cve/CVE-2016-3134.html https://www.suse.com/security/cve/CVE-2016-4470.html https://www.suse.com/security/cve/CVE-2016-4565.html https://bugzilla.suse.com/971793 https://bugzilla.suse.com/973570 https://bugzilla.suse.com/979064 https://bugzilla.suse.com/979074 https://bugzilla.suse.com/979078 https://bugzilla.suse.com/980856 https://bugzilla.suse.com/980883 https://bugzilla.suse.com/983144 https://bugzilla.suse.com/984764 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Toshiba OCZ RD400 PCIe NVMe Solid State Drive Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/toshiba-ocz-rd400-pcie-nvme-solid-state-drive-review/ Image URL: http://www.thinkcomputers.org/reviews/ocz_rd400/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/ocz_rd400/small.jpg Quote: "While the speeds of graphics cards, memory, and CPUs continue to increase it seems solid state drive speeds have been bottlenecked for a while now.  With that we have seen storage start to move over to the PCI-Express bus as it is closer to the CPU and that brought with it the NVMe (Non-Volatile Memory Express) protocol.  NVMe drives are currently some of the fastest storage options out there for consumers and we took a look at our first NVMe product, the Intel 750, not that long ago.  Well now it is Toshiba's turn with their OCZ RD400.  Toshiba has turned OCZ into their "enthusiast brand" so new products will still hold the OCZ name, but they are indeed Toshiba products.  The OCZ RD400 has sequential read and write speeds up to 2600 MB/s and 1600 MB/s respectively.  Let's see what it is all about!"

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : libreoffice Version : 3.5.4+dfsg2-0+deb7u8 CVE ID : CVE-2016-1513 An OpenDocument Presentation .ODP or Presentation Template .OTP file can contain invalid presentation elements that lead to memory corruption when the document is loaded in LibreOffice Impress. The defect may cause the document to appear as corrupted and LibreOffice may crash in a recovery-stuck mode requiring manual intervention. A crafted exploitation of the defect can allow an attacker to cause denial of service (memory corruption and application crash) and possible execution of arbitrary code. For Debian 7 "Wheezy", this problem have been fixed in version 3.5.4+dfsg2-0+deb7u8. We recommend that you upgrade your libreoffice packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJXqbyXAAoJEPZk0la0aRp9UWcP/Al22F5NbfIONEjvWxGl1LgG zRhIGsINBTrl/1PVyZ87L/KMPbUxev4KNazLoiKjYoqlxlb8GOUCf6n+azpMH+bl IrLenoUrUncaf/dQyg/ftGbsgofPbAgmRP0Fw4GNcMR6PTzuaCZ12OVoDbGTO/Jo YwHOERGS/p1s0oqPzFsag5WQx+/41eFgj44kQCQGPhCpbTwDDoO7aeOp6wlV7y4S Dr3ObfCaHREtEBUJWBmgUqpggoYlKjfSmh3Lp+QCD1OLiP+kjAmrUyilhtWnp32E q8Pg20wNFH5t9SFQI4E4LOnIvnyVZglH/FjpDjpSs5ljuqKw798MAEmKAa/btbbG YjDS3vKSTARpza072uYmfK7UNVQctKzB29e69DRTlVQLZLv6/Ada1/u/E1qDez/p 6/5uu0t/FX0ewXrksCPgVLNUq1HzNyobXbs+dMFFcYKMeONfLpbK8OC2k4IcRexK /ZNjx6Z0SNwq9Q/1iiAljvgORx/PLPjTBfx/zAQelSC0kIFSxdEw2rQVvH6QnGU7 RSCMsc6/ewWVweRHckEf3YB12agxvECmDof3XMkq1rhsYlffim+yZjkmm4FjfIWF kM5WCZVDUHYTpxY2rQfvFmijnEvckwTNvgaClio98imOD1B4hy1TUxhwv5Ti2kJb dec6ZMtwjvS7nlJA/8ZC =qvnG -----END PGP SIGNATURE-----

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Dream Machines DM1 Pro Mouse Link: http://www.techpowerup.com/reviews/Dream_Machines/DM1_Pro Brief: You probably haven't heard of Dream Machines, a new company planning on taking the peripheral market by storm. One of their first mice, the DM1 Pro, is here, and it looks as though it will be going head to head with products from such brands as Zowie and SteelSeries.

MSI RX 470 Gaming X 8G Review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=09b6919c13&e=872093acb5 http://www.kitguru.net MSI RX 470 Gaming X 8G Review Today we take a look at the third RX 470 card to hit our labs – the MSI RX 470 Gaming X 8G. This card ships with a dual fan custom cooler, as well as enhanced out of the box clock speeds. The talking point? This is the first RX 470 we have looked at which ships with 8GB of GDDR5 memory. Read the review here: http://www.kitguru.net/components/graphic-cards/zardon/msi-rx-470-gaming-x-8g-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=09b6919c13&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: rh-nodejs4-nodejs-minimatch security update Advisory ID: RHSA-2016:1583-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1583.html Issue date: 2016-08-09 CVE Names: CVE-2016-1000023 ===================================================================== 1. Summary: An update for rh-nodejs4-nodejs-minimatch is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. Security Fix(es): * A regular expression denial of service flaw was found in Minimatch. An attacker able to make an application using Minimatch to perform matching using a specially crafted glob pattern could cause the application to consume an excessive amount of CPU. (CVE-2016-1000023) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1348509 - CVE-2016-1000023 nodejs-minimatch: Regular expression denial-of-service 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: rh-nodejs4-nodejs-minimatch-3.0.2-1.el6.src.rpm noarch: rh-nodejs4-nodejs-minimatch-3.0.2-1.el6.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: rh-nodejs4-nodejs-minimatch-3.0.2-1.el6.src.rpm noarch: rh-nodejs4-nodejs-minimatch-3.0.2-1.el6.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: rh-nodejs4-nodejs-minimatch-3.0.2-1.el6.src.rpm noarch: rh-nodejs4-nodejs-minimatch-3.0.2-1.el6.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: rh-nodejs4-nodejs-minimatch-3.0.2-1.el6.src.rpm noarch: rh-nodejs4-nodejs-minimatch-3.0.2-1.el6.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: rh-nodejs4-nodejs-minimatch-3.0.2-1.el7.src.rpm noarch: rh-nodejs4-nodejs-minimatch-3.0.2-1.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1): Source: rh-nodejs4-nodejs-minimatch-3.0.2-1.el7.src.rpm noarch: rh-nodejs4-nodejs-minimatch-3.0.2-1.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2): Source: rh-nodejs4-nodejs-minimatch-3.0.2-1.el7.src.rpm noarch: rh-nodejs4-nodejs-minimatch-3.0.2-1.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: rh-nodejs4-nodejs-minimatch-3.0.2-1.el7.src.rpm noarch: rh-nodejs4-nodejs-minimatch-3.0.2-1.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1000023 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXqawYXlSAg2UNWIIRAtdmAJ9lGkj95j/T7JXR91BochGvRa5YRwCdGd3+ 9yWZvLJXl5zpPR2DcwNATns= =bVWG -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: nodejs010-nodejs-minimatch security update Advisory ID: RHSA-2016:1582-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1582.html Issue date: 2016-08-09 CVE Names: CVE-2016-1000023 ===================================================================== 1. Summary: An update for nodejs010-nodejs-minimatch is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch 3. Description: Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. Security Fix(es): * A regular expression denial of service flaw was found in Minimatch. An attacker able to make an application using Minimatch to perform matching using a specially crafted glob pattern could cause the application to consume an excessive amount of CPU. (CVE-2016-1000023) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1348509 - CVE-2016-1000023 nodejs-minimatch: Regular expression denial-of-service 6. Package List: Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6): Source: nodejs010-nodejs-minimatch-3.0.2-1.el6.src.rpm noarch: nodejs010-nodejs-minimatch-3.0.2-1.el6.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.6): Source: nodejs010-nodejs-minimatch-3.0.2-1.el6.src.rpm noarch: nodejs010-nodejs-minimatch-3.0.2-1.el6.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7): Source: nodejs010-nodejs-minimatch-3.0.2-1.el6.src.rpm noarch: nodejs010-nodejs-minimatch-3.0.2-1.el6.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6): Source: nodejs010-nodejs-minimatch-3.0.2-1.el6.src.rpm noarch: nodejs010-nodejs-minimatch-3.0.2-1.el6.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7): Source: nodejs010-nodejs-minimatch-3.0.2-1.el7.src.rpm noarch: nodejs010-nodejs-minimatch-3.0.2-1.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.1): Source: nodejs010-nodejs-minimatch-3.0.2-1.el7.src.rpm noarch: nodejs010-nodejs-minimatch-3.0.2-1.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2): Source: nodejs010-nodejs-minimatch-3.0.2-1.el7.src.rpm noarch: nodejs010-nodejs-minimatch-3.0.2-1.el7.noarch.rpm Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7): Source: nodejs010-nodejs-minimatch-3.0.2-1.el7.src.rpm noarch: nodejs010-nodejs-minimatch-3.0.2-1.el7.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1000023 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXqavZXlSAg2UNWIIRAovuAJwNxbXMGtGBE2WMuuPTYjd4arkZKQCfU/8z yMCdvyYfbEY3KXJUYgIYKac= =CiXe -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2016:1581-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1581.html Issue date: 2016-08-09 CVE Names: CVE-2016-4565 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 6.4) - noarch, x86_64 Red Hat Enterprise Linux Server Optional AUS (v. 6.4) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system. (CVE-2016-4565) Red Hat would like to thank Jann Horn for reporting this issue. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1310570 - CVE-2016-4565 kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko 6. Package List: Red Hat Enterprise Linux Server AUS (v. 6.4): Source: kernel-2.6.32-358.72.1.el6.src.rpm noarch: kernel-doc-2.6.32-358.72.1.el6.noarch.rpm kernel-firmware-2.6.32-358.72.1.el6.noarch.rpm x86_64: kernel-2.6.32-358.72.1.el6.x86_64.rpm kernel-debug-2.6.32-358.72.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-358.72.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.72.1.el6.x86_64.rpm kernel-devel-2.6.32-358.72.1.el6.x86_64.rpm kernel-headers-2.6.32-358.72.1.el6.x86_64.rpm perf-2.6.32-358.72.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional AUS (v. 6.4): Source: kernel-2.6.32-358.72.1.el6.src.rpm x86_64: kernel-debug-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-358.72.1.el6.x86_64.rpm perf-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm python-perf-2.6.32-358.72.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-358.72.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-4565 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXqaDrXlSAg2UNWIIRAk34AJ48VALb9w2qYvViUlbhrw5Tb6wPGQCgvqjD tUkCzuoS/VF/cUiryTLDzoc= =l5Px -----END PGP SIGNATURE----- --

*Nvidia Titan X (Pascal) Extended Overclock Guide* In this article slash guide dedicated on overclocking the Nvidia Titan X (Pascal) we will pass 2000 MHz with the 12 Billion transistors based GP102. Yes we can, relatively easily even as we even breach 2100 MHz. Armed with a new trick or two overclocking will never be the same though. But if you want another 10% extra performance out of an already seriously fast Nvidia GTX Titan, we'll gladly show you how to do it. Read the full article here <http://www.guru3d.com/articles-pages/nvidia-titan-x-(pascal'>http://www.guru3d.com/articles-pages/nvidia-titan-x-(pascal)-overclock-guide,1.html> . URL: http://www.guru3d.com/articles-pages/nvidia-titan-x-(pascal)-overclock-guide,1.html <http://www.guru3d.com/articles-pages/nvidia-titan-x-(pascal)-overclock-guide,1.html> --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: chromium-browser security update Advisory ID: RHSA-2016:1580-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1580.html Issue date: 2016-08-09 CVE Names: CVE-2016-5139 CVE-2016-5140 CVE-2016-5141 CVE-2016-5142 CVE-2016-5143 CVE-2016-5144 CVE-2016-5145 CVE-2016-5146 ===================================================================== 1. Summary: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Chromium is an open-source web browser, powered by WebKit (Blink). This update upgrades Chromium to version 52.0.2743.116. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5146, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Chromium must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1363980 - CVE-2016-5141 chromium-browser: Address bar spoofing 1363981 - CVE-2016-5142 chromium-browser: Use-after-free in Blink 1363982 - CVE-2016-5139 chromium-browser: Heap overflow in pdfium 1363983 - CVE-2016-5140 chromium-browser: Heap overflow in pdfium 1363984 - CVE-2016-5145 chromium-browser: Same origin bypass for images in Blink 1363985 - CVE-2016-5143 chromium-browser: Parameter sanitization failure in DevTools 1363986 - CVE-2016-5144 chromium-browser: Parameter sanitization failure in DevTools 1363987 - CVE-2016-5146 chromium-browser: various fixes from internal audits 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: chromium-browser-52.0.2743.116-1.el6.i686.rpm chromium-browser-debuginfo-52.0.2743.116-1.el6.i686.rpm x86_64: chromium-browser-52.0.2743.116-1.el6.x86_64.rpm chromium-browser-debuginfo-52.0.2743.116-1.el6.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: chromium-browser-52.0.2743.116-1.el6.i686.rpm chromium-browser-debuginfo-52.0.2743.116-1.el6.i686.rpm x86_64: chromium-browser-52.0.2743.116-1.el6.x86_64.rpm chromium-browser-debuginfo-52.0.2743.116-1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: chromium-browser-52.0.2743.116-1.el6.i686.rpm chromium-browser-debuginfo-52.0.2743.116-1.el6.i686.rpm x86_64: chromium-browser-52.0.2743.116-1.el6.x86_64.rpm chromium-browser-debuginfo-52.0.2743.116-1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-5139 https://access.redhat.com/security/cve/CVE-2016-5140 https://access.redhat.com/security/cve/CVE-2016-5141 https://access.redhat.com/security/cve/CVE-2016-5142 https://access.redhat.com/security/cve/CVE-2016-5143 https://access.redhat.com/security/cve/CVE-2016-5144 https://access.redhat.com/security/cve/CVE-2016-5145 https://access.redhat.com/security/cve/CVE-2016-5146 https://access.redhat.com/security/updates/classification/#important https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXqWXsXlSAg2UNWIIRAvxtAKC9WHkgGOlm9kfKDWayi6g9mdaOQgCgoHFZ AXlf/M24clfAonb2RKn02Kk= =S9Ne -----END PGP SIGNATURE----- --

A news post would be great. OCC has published a review on the Gigabyte X99-Designare-EX Here is a quote from the review: Quote: â€ÂMy Core i7 6950X is a 4.3GHz chip day in and day out. The X99 Designare-EX was able to deliver that clock speed from the start. I was hoping that the board would give me just a little bit more, but playing the OC game with a 10 core chip creates a ton of heat to deal with. That being said, I was able to tune the core voltage a bit lower than I had to use with the X99 Sabertooth reducing the heat load. Not to the point that an AIO can cope with the load, but enough to keep the chip from throttling in prime95. In that respect, I have no issues with the board and it gets high marks.†Title: Gigabyte X99-Designare-EX Review Link: http://www.overclockersclub.com/reviews/gigabyte_designare_ex/ Img: http://www.overclockersclub.com/siteimages/articles/gigabyte_designare_ex/9_thumb.jpg

Welcome to the Ubuntu Weekly Newsletter, Issue 477 for the week August 1 - 7, 2016. == Links to UWN == * Wiki page: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Issue477 == In This Issue == * Ubuntu 14.04.5 LTS released * Ubuntu Stats * Ubuntu 16.04 Release Party San Francisco Concluded! * LoCo Events * Luke Faraone: Snappy Sprint Heidelberg * Laura Czajkowski: NoSQL Podcast: Service deployments with JuJu Charms * Aaron Honeycutt: Working with github * Ubuntu App Developer Blog: Snapd 2.11/Snapcraft 2.13: downgrade installed snaps, release to users from the command line * Ubuntu GNOME: The Ubuntu GNOME 16.10 Wallpaper contest has started, guys! * Justin McPherson: Introducing React Native Ubuntu * Ubuntu Phone News * Canonical News * In The Press * In The Blogosphere * Featured Audio and Video * Weekly Ubuntu Development Team Meetings * Upcoming Meetings and Events * Updates and Security for 12.04, 14.04 and 16.04 * And much more! == General Community News == === Ubuntu 14.04.5 LTS released === Adam Conrad, on behalf of the Ubuntu Release Team, announces the release of Ubuntu 14.04.5 LTS. He shares that key features of this point release include an updated kernel, stability improvements, and increased hardware support across all architectures. He goes on to provide links for downloading this release as well as flavor variants of the release. https://lists.ubuntu.com/archives/ubuntu-announce/2016-August/000211.html == Ubuntu Stats == === Bug Stats === * Open (124721) +262 over last week * Critical (359) +3 over last week * Unconfirmed (61461) +157 over last week As always, the Bug Squad needs more help. If you want to get started, please see https://wiki.ubuntu.com/BugSquad === Ask Ubuntu Top 5 Questions this week === ==== Most Active Questions ==== * How to correctly pronounce Xenial Xerus? http://askubuntu.com/questions/807952/how-to-correctly-pronounce-xenial-xerus * "cp: failed to access 'user ( -at -) remote/home/file': Not a directory" when copying a file over ssh, using cp file user ( -at -) remove syntax http://askubuntu.com/questions/808507/cp-failed-to-access-userremote-home-file-not-a-directory-when-copying-a-f * CPU number of cores seems not correct http://askubuntu.com/questions/806520/cpu-number-of-cores-seems-not-correct * How to 'rm' or 'mv' a range of files such as file01.txt, file02.txt...file85.txt http://askubuntu.com/questions/809146/how-to-rm-or-mv-a-range-of-files-such-as-file01-txt-file02-txt-file85-txt * How do I find a time stamp on a file and then echo it into the contents of the file as the first line? http://askubuntu.com/questions/806640/how-do-i-find-a-time-stamp-on-a-file-and-then-echo-it-into-the-contents-of-the-f ==== Top Voted New Questions ==== * How to correctly pronounce Xenial Xerus? http://askubuntu.com/questions/807952/ * How to 'rm' or 'mv' a range of files such as file01.txt, file02.txt...file85.txt http://askubuntu.com/questions/809146/ * CPU number of cores seems not correct http://askubuntu.com/questions/806520/ * How can I group windows to be raised as one? http://askubuntu.com/questions/805515/ * How to change mouse wheel scroll speed per application http://askubuntu.com/questions/806212/ People Contributing the best questions and answers this week: heemayl (http://askubuntu.com/users/216503/heemayl), andrew.46 (http://askubuntu.com/users/57576/andrew-46), Zanna (http://askubuntu.com/users/527764/zanna), Serg (http://askubuntu.com/users/295286/serg) and luchonacho (http://askubuntu.com/users/308164/luchonacho) Ask (and answer!) questions at http://askubuntu.com == LoCo News == === Ubuntu 16.04 Release Party San Francisco Concluded! === Elizabeth K. Joseph writes about the Ubuntu 16.04 Release Party in San Francisco and shares her experience hosting the event. She writes, "The space was excellent, having power strips set up at a pair of tables near the entrance, a whole area of seating for the presentation and an open floor plan that lent itself to casual chats as well as pulling out laptops to swap tips with each other." She shares other details and her slide notes from the presentation she gave. http://princessleia.com/journal/2016/08/ubuntu-16-04-release-party-san-francisco-concluded/ == LoCo Events == The following LoCo team events are currently scheduled in the next two weeks: * Ubuntu Global Jam - Roanoke Linux Users Group, Ubuntu Virginia LoCo Team: http://loco.ubuntu.com/events/virginiateam/3249-ubuntu-global-jam---roanoke-linux-users-group/ * AZLOCO Install-fest/Linux Workshop, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3407-azloco-install-fest/linux-workshop/ Looking beyond the next two weeks? Visit the LoCo Team Portal to browse upcoming events around the world: http://loco.ubuntu.com/events/ == The Planet == === Luke Faraone: Snappy Sprint Heidelberg === Luke Faraone blogs about Snappy after attending a recent Snappy sprint focused on upstream and cross-distribution collaboration. Luke tells us of advances in confinement with non-Ubuntu distros and other topics discussed at the sprint. He also mentions that he has agreed to co-maintain snapd in Debian. http://blog.luke.wf/2016/07/snappy-sprint-heidelberg.html === Laura Czajkowski: NoSQL Podcast: Service deployments with JuJu Charms === Laura Czajkowski writes about a recent episode of the NoSQL podcast where she is joined by Michael Hall of Canonical and Juju contributor Jose Antonio Rey. Together, they review the process for creating Juju charms and the advantages to using them. http://www.lczajkowski.com/2016/08/02/nosql-podcast-service-deployments-with-juju-charms/ === Aaron Honeycutt: Working with github === Aaron Honeycutt tells us about his GitHub usage has been since late July contributing to projects such as UBports, Magic Device Tool, and the Kubuntu Manual. Aaron also writes about his work on the Kubuntu Podcast. http://usefoss.com/index.php/2016/08/04/working-with-github/ === Ubuntu App Developer Blog: Snapd 2.11/Snapcraft 2.13: downgrade installed snaps, release to users from the command line === The new version of Snapd is out and comes with many new commands and features. David Calle writes about the new features and commands that are included such as buy, find private, and many more. He also talks about the improvements to the Java Plugins and some useful interface changes. http://developer.ubuntu.com/en/blog/2016/08/04/snapd-211-snapcraft213/ === Ubuntu GNOME: The Ubuntu GNOME 16.10 Wallpaper contest has started, guys! === Alfredo Hernandez informs us that the Ubuntu GNOME 16.10 wallpaper contest has started. Ten wallpapers will be selected for the 16.10 release from entries, and rules for entry in the contest are provided. http://ubuntugnome.org/the-ubuntu-gnome-16-10-wallpaper-contest-has-started-guys/ === Justin McPherson: Introducing React Native Ubuntu === Justin McPherson of the Webapps team at Canonical tells us about React.js; a UI framework. Along with HTML5 application support, React Native applications will now run on the Ubuntu platform. A link to instructions is provided. https://developer.ubuntu.com/en/blog/2016/08/05/introducing-react-native-ubuntu/ == Ubuntu Phone News == === App Design Guides phase 2 release: Patterns === Steph Welson from the Canonical Design Team talks about the release of the second phase of the app design guides containing various features like navigation and layouts. These are the sequels to the phase one release which included the get started and the building blocks. http://design.canonical.com/2016/08/app-design-guides-phase-2-release-patterns/ In a post by Steph on Ubuntu Insights, the phases of the App Design Guidelines are outlined: http://insights.ubuntu.com/2016/08/02/the-app-design-guides-go-live-bit-by-bit-2/ === Best Converged Apps! === Amrisha Prashar writes about the results of the recent competition to see which apps converged the best on all Ubuntu devices. She lists the five winners and some brief reasons why they were chosen. http://insights.ubuntu.com/2016/08/02/best-converged-apps/ === Use any app from your Ubuntu Phone or Desktop! === Amrisha Prashar writes about the new feature in Ubuntu phones and tablets to run traditional Ubuntu deb packages on Unity 8 with a mouse and keyboard. She links to a technical guide by Kyle Nitzsche on how this is done. http://insights.ubuntu.com/2016/08/04/use-any-app-from-your-ubuntu-phone-or-desktop/ === How the M10 tablet can save you luggage space! === Amrisha Prashar writes about the luggage space savings that could be taken advantage of when using the BQ M10 Tablet. She states, "We've calculated that the M10 vs the average laptop and it's accessories saves you approximately 1.5kg! Imagine all the extra items you could take with you in your suitcase with that much of a saving!" http://insights.ubuntu.com/2016/08/04/how-the-m10-tablet-can-save-you-luggage-space/ == Canonical News == * 10 Desktop Snaps written in July - http://insights.ubuntu.com/2016/08/04/10-desktop-snaps-written-in-july/ * Layer Docker Deep Dive - http://insights.ubuntu.com/2016/08/05/layer-docker-deep-dive/ * IBM & Canonical: This Is Just The Beginning - http://insights.ubuntu.com/2016/08/05/ibm-canonical-this-is-just-the-beginning/ == In The Press == === You Can Finally Buy These Old-School Disney Games on GOG === Ubuntu 14.04 and 16.04 are included in the list of supported operating systems in this article by Matt Peckham for Time Magazine, writing, "16-bit video game platforming classics The Lion King, Aladdin and The Jungle Book are now available DRM-free for $9.99 a piece." http://time.com/4439894/disney-games-gog/ == In The Blogosphere == === Ubuntu 16.10 To Ship with Nautilus 3.20 === Joey-Elijah Sneddon from OMG! Ubuntu! writes about the Nautilus update that will land in Ubuntu 16.10 and talks about it's new and improved features. He writes, "The latest stable version of the file manager is currently pending in the yakkety-proposed updates, along with some other GNOME 3.20 apps and a bump to GTK 3.20." http://www.omgubuntu.co.uk/2016/08/nautilus-3-20-ubuntu-16-10 === Well That Only Took Forever: Ubuntu Phone To Finally Add iCal, CalDav Support === Joey-Elijah Sneddon from OMG! Ubuntu! informs users of Ubuntu Phone that iCal/CalDav support might be coming in as soon at OTA-13. He writes that for a while it has been possible with a few workarounds in the command line but not very user friendly. He also reports that support for OwnCloud's Multi-calendar sync will be possible too. http://www.omgubuntu.co.uk/2016/08/ubuntu-phone-calendar-sync-ical-caldav === Bored? Check Out These New Ubuntu Phone Videos === Joey-Elijah Sneddon from OMG! Ubuntu! links to some videos about the Ubuntu Phone. He writes, "Whether you're stuck on the commute home, or just bored and curious, here are three short (and not so short) videos from the past week or so that you wouldn't be a fool for checking out." http://www.omgubuntu.co.uk/2016/08/recent-ubuntu-phone-videos-worth-checking-out === Canonical Plans to Unify and Clean Up Networking Configuration in Ubuntu Linux === Marius Nestor of Softpedia writes that Canonical's Martin Pitt, maintainer of systemd for Ubuntu, reports that there are plans to clean up network configuring with netplan. He writes that the new "nplan" package has already landed in Ubuntu 16.10 also known as Yakkety Yak and though not set as default yet, brave testers and early adopters can install the nplan package and report issues to the Ubuntu developers. http://news.softpedia.com/news/canonical-plans-to-unify-and-clean-up-networking-configuration-in-ubuntu-linux-506957.shtml === Ubuntu 14.04.5 LTS Is the Last in the Series, Brings Xenial Xerus' Linux Kernel === Marius Nestor of Softpedia writes about the official release and availability of ISO images for Ubuntu 14.04.5. He shares that this will mostly be the last maintenance update for the 14.04 version, which borrows the Linux kernel setup of the 16.04 LTS with added upgrades. Marius Nestor from softpedia.com elaborates in the article below. http://news.softpedia.com/news/ubuntu-14-04-5-lts-is-the-last-in-the-series-brings-xenial-xerus-linux-kernel-507019.shtml == Featured Audio and Video == === Ubuntu Community Team Q&A - 2nd August 2016 === "It's time for another live Q&A session with the Ubuntu Community Team! This week Michael Hall will be joined by Didier Roche who will be talking about snaps and answering questions about how to build and run them." === Ubuntu Podcast from the UK LoCo: S09E23 - German Sparkle Party - Ubuntu Podcast === It's Episode Twenty-three of Season Nine of the Ubuntu Podcast! Alan Pope, Mark Johnson, Laura Cowen and Martin Wimpress are connected and speaking to your brain. This week the podcast includes news, community news, upcoming events, and "working to the sound of a dehumidifier." http://ubuntupodcast.org/2016/08/04/s09e23-german-sparkle-party/ === Full Circle Weekly News #29 === Just a quick message to let you know that Full Circle Weekly News #29 is out: http://fullcirclemagazine.org/podcast/full-circle-weekly-news-29/ and, Full Circle Magazine #111 came out last week: http://fullcirclemagazine.org/issue-111/ The show is also available via: RSS: http://fullcirclemagazine.org/feed/podcast Stitcher Radio: http://www.stitcher.com/s?fid=85347&refid=stpr TuneIn Radio: http://tunein.com/radio/Full-Circle-Weekly-News-p855064/ and PlayerFM: https://player.fm/series/the-full-circle-weekly-news == Weekly Ubuntu Development Team Meetings == * Kernel Team - August 2, 2016 - https://wiki.ubuntu.com/KernelTeam/Newsletter/2016-08-02 * Security Team - August 1, 2016 - https://wiki.ubuntu.com/MeetingLogs/Security/20160801 == Upcoming Meetings and Events == For upcoming meetings and events please visit the calendars at fridge.ubuntu.com: http://fridge.ubuntu.com/calendars/ == Updates and Security for 12.04, 14.04 and 16.04 == === Security Updates === * [uSN-3045-1] PHP vulnerabilities - https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-August/003514.html * [uSN-3046-1] LibreOffice vulnerability - https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-August/003515.html * [uSN-3047-1] QEMU vulnerabilities - https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-August/003516.html * [uSN-3044-1] Firefox vulnerabilities - https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-August/003517.html * [uSN-3041-1] Oxide vulnerabilities - https://lists.ubuntu.com/archives/ubuntu-security-announce/2016-August/003518.html === Ubuntu 12.04 Updates === * php5 5.3.10-1ubuntu3.24 - https://lists.ubuntu.com/archives/precise-changes/2016-August/025471.html * php5 5.3.10-1ubuntu3.24 - https://lists.ubuntu.com/archives/precise-changes/2016-August/025472.html * libreoffice 1:3.5.7-0ubuntu12 - https://lists.ubuntu.com/archives/precise-changes/2016-August/025473.html * libreoffice 1:3.5.7-0ubuntu12 - https://lists.ubuntu.com/archives/precise-changes/2016-August/025474.html * qemu-kvm 1.0+noroms-0ubuntu14.29 - https://lists.ubuntu.com/archives/precise-changes/2016-August/025475.html * qemu-kvm 1.0+noroms-0ubuntu14.29 - https://lists.ubuntu.com/archives/precise-changes/2016-August/025476.html * firefox 48.0+build2-0ubuntu0.12.04.1 - https://lists.ubuntu.com/archives/precise-changes/2016-August/025477.html * firefox 48.0+build2-0ubuntu0.12.04.1 - https://lists.ubuntu.com/archives/precise-changes/2016-August/025478.html === Ubuntu 14.04 Updates === * virtualbox-lts-xenial 4.3.36-dfsg-1+deb8u1ubuntu1.14.04.1~14.04.4 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022599.html * base-files 7.2ubuntu5.5 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022600.html * base-files 7.2ubuntu5.5 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022601.html * initramfs-tools 0.103ubuntu4.4 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022602.html * ubiquity 2.18.8.13 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022603.html * initramfs-tools 0.103ubuntu4.4 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022604.html * ubiquity 2.18.8.13 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022605.html * grub2 2.02~beta2-9ubuntu1.12 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022606.html * grub2-signed 1.34.14 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022607.html * update-manager 1:0.196.15 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022608.html * virtualbox-lts-xenial 4.3.36-dfsg-1+deb8u1ubuntu1.14.04.1~14.04.4 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022609.html * virtualbox-lts-vivid 4.3.36-dfsg-1+deb8u1ubuntu1.14.04.1~14.04.4 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022610.html * virtualbox-lts-wily 4.3.36-dfsg-1+deb8u1ubuntu1.14.04.1~14.04.4 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022611.html * php5 5.5.9+dfsg-1ubuntu4.19 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022612.html * php5 5.5.9+dfsg-1ubuntu4.19 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022613.html * xorg-server-lts-xenial 2:1.18.3-1ubuntu2.2~trusty2 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022614.html * grub2 2.02~beta2-9ubuntu1.12 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022615.html * grub2-signed 1.34.14 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022616.html * xorg-server-lts-xenial 2:1.18.3-1ubuntu2.2~trusty2 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022617.html * nvidia-graphics-drivers-304 304.131-0ubuntu0.14.04.2 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022618.html * nvidia-graphics-drivers-304-updates 304.131-0ubuntu0.14.04.2 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022619.html * nvidia-graphics-drivers-304 304.131-0ubuntu0.14.04.2 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022620.html * nvidia-graphics-drivers-304-updates 304.131-0ubuntu0.14.04.2 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022621.html * nvidia-graphics-drivers-304-updates 304.131-0ubuntu0.14.04.2 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022622.html * nvidia-graphics-drivers-304 304.131-0ubuntu0.14.04.2 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022623.html * avahi 0.6.31-4ubuntu1.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022624.html * qemu 2.0.0+dfsg-2ubuntu1.26 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022625.html * qemu 2.0.0+dfsg-2ubuntu1.26 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022626.html * shim-signed 1.19~14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022627.html * firefox 48.0+build2-0ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022628.html * oxide-qt 1.16.5-0ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022629.html * oxide-qt 1.16.5-0ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022630.html * firefox 48.0+build2-0ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022631.html * update-manager 1:0.196.16 - https://lists.ubuntu.com/archives/trusty-changes/2016-August/022632.html === Ubuntu 16.04 Updates === * snapd 2.11+0.16.04 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014186.html * juju-mongodb3.2 3.2.4-0ubuntu1.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014187.html * snap-confine 1.0.38-0ubuntu0.16.04.4 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014188.html * gnome-maps 3.18.3-0ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014189.html * apt-btrfs-snapshot 3.5.1~ubuntu0.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014190.html * ceph 10.2.2-0ubuntu0.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014191.html * ntp 1:4.2.8p4+dfsg-3ubuntu5.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014192.html * debian-installer 20101020ubuntu451.5 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014193.html * apparmor 2.10.95-0ubuntu2.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014194.html * php7.0 7.0.8-0ubuntu0.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014195.html * php7.0 7.0.8-0ubuntu0.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014196.html * xorg-lts-transitional 3:11 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014197.html * xorg-lts-transitional 3:12 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014198.html * xorg-lts-transitional 3:13 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014199.html * mesa 11.2.0-1ubuntu2.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014200.html * xorg-server 2:1.18.3-1ubuntu2.3 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014201.html * xorg-lts-transitional 3:13 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014202.html * snapd 2.11+0.16.04 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014203.html * virt-manager 1:1.3.2-3ubuntu1.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014204.html * less 481-2.1ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014205.html * sysstat 11.2.0-1ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014206.html * pptpd 1.4.0-7ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014207.html * makedumpfile 1:1.5.9-5ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014208.html * openssh 1:7.2p2-4ubuntu2 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014209.html * horizon 2:9.1.0-0ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014210.html * nautilus 1:3.18.4.is.3.14.3-0ubuntu5 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014211.html * qemu 1:2.5+dfsg-5ubuntu10.3 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014212.html * grub2 2.02~beta2-36ubuntu3.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014213.html * grub2-signed 1.66.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014214.html * qemu 1:2.5+dfsg-5ubuntu10.3 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014215.html * htop 2.0.1-1ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014216.html * shim-signed 1.19~16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014217.html * pacemaker 1.1.14-2ubuntu1.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014218.html * firefox 48.0+build2-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014219.html * oxide-qt 1.16.5-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014220.html * oxide-qt 1.16.5-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014221.html * firefox 48.0+build2-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-August/014222.html == Subscribe == Get your copy of the Ubuntu Weekly Newsletter delivered each week to you via email at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-news == Archives == You can always find older Ubuntu Weekly Newsletter issues at: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter == Additional Ubuntu News == As always you can find more news and announcements at: http://insights.ubuntu.com/ and http://fridge.ubuntu.com/ == Conclusion == Thank you for reading the Ubuntu Weekly Newsletter. See you next week! == Credits == The Ubuntu Weekly Newsletter is brought to you by: * Elizabeth K. Joseph * Simon Quigley * Chris Guiver * Athul Muralidhar * Chris Sirrs * Aaron Honeycutt * And many others == Glossary of Terms == Other acronyms can be found at https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/glossary == Ubuntu - Get Involved == The Ubuntu community consists of individuals and teams, working on different aspects of the distribution, giving advice and technical support, and helping to promote Ubuntu to a wider audience. No contribution is too small, and anyone can help. It's your chance to get in on all the community fun associated with developing and promoting Ubuntu. http://community.ubuntu.com/contribute/ Or get involved with the Ubuntu Weekly Newsletter team! We always need summary writers and editors, if you're interested, learn more at: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Join == Feedback == This document is maintained by the Ubuntu Weekly News Team. If you have a story idea or suggestions for the Weekly Newsletter, join the

Title: ARCTIC P533 Military Stereo Headset Review ( -at -) NikKTech Description: It may not be the best attack helicopter headset clone in the market today but the P533 Military Stereo Headset by ARCTIC might just be the most affordable one. Article Link: http://www.nikktech.com/main/articles/peripherals/headsets/6801-arctic-p533- military-stereo-headset-review Image Link: http://www.nikktech.com/main/images/pics/reviews/arctic/p533_military/arctic _p533a.JPG A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUMMARY: Vulnerability identified and fixed in FAS. No effect on package content, the Fedora OS, or general users. The Fedora Infrastructure team identified a serious vulnerability in the Fedora Account System (FAS) web application. This flaw would allow a specifically formatted HTTP request to be authenticated as any requested user. The flaw was caused by a logic problem wherein the FAS web application would accept client certificates that were not intended to be supported. If the authenticated user had appropriate privileges, the attacker would then be able to add, edit, or remove user or group information. The flaw has been patched and verified fixed in the production FAS. Other users of FAS have been notified. The Infrastructure team is still investigating FAS logs for user and group changes, and other historical records that would be affected by exploiting this issue. However, at the time of this writing, the team has no reason to believe the flaw has been exploited. Specifically, the team is confident package content in the Fedora product is not affected by this flaw. For example, activities related to package content in dist-git generate notices to maintainers, and the discovered flaw would not allow an attacker to circumvent these or other safeguards. Also, this flaw is irrelevant to users of the Fedora operating system who do not use FAS. At this time, we are not requiring any remedial action from FAS account holders. If our investigation reveals any additional relevant information, we’ll provide an update to the community. This issue has been assigned as CVE-2016-1000038. - -- Paul W. Frields Fedora Engineering Manager -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXqNwirNvJN70RNxcRAhfeAKDQlEPs25Dn+9gbd1lb8cLjs/yY5wCgmEVU 6039NSNcEkaFgJz4DG2Cy18= =fEZK -----END PGP SIGNATURE----- --

** TECHSPOT ------------------------------------------------------------ ** AMD Radeon RX 460 Review ------------------------------------------------------------ ** http://www.techspot.com/review/1221-amd-radeon-rx-460/ ------------------------------------------------------------ The new Radeon RX 460 is a Polaris 11 part that starts at only $109. Products based on Polaris 11 will also be turning up in ultra-portable devices as the power draw is expected to be very low. On the desktop, AMD hopes to capture the entry level eSports market by providing acceptable 1080p performance in titles such as CS:GO, Dota 2, League of Legends, Overwatch and Rocket League. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1985-1 Rating: important References: #676471 #866130 #909589 #936530 #944309 #950998 #953369 #954847 #956491 #957986 #960857 #961518 #963762 #966245 #967914 #968500 #969149 #969391 #970114 #971030 #971126 #971360 #971446 #971944 #971947 #971989 #973378 #974620 #974646 #974787 #975358 #976739 #976868 #978401 #978821 #978822 #979213 #979274 #979347 #979419 #979548 #979595 #979867 #979879 #979915 #980246 #980371 #980725 #980788 #980931 #981231 #981267 #982532 #982544 #982691 #983143 #983213 #983721 #984107 #984755 #986362 #986572 #988498 Cross-References: CVE-2015-7833 CVE-2016-0758 CVE-2016-1583 CVE-2016-2053 CVE-2016-2187 CVE-2016-3134 CVE-2016-3707 CVE-2016-4470 CVE-2016-4482 CVE-2016-4485 CVE-2016-4486 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4805 CVE-2016-4913 CVE-2016-4997 CVE-2016-5244 CVE-2016-5829 Affected Products: SUSE Linux Enterprise Real Time Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 20 vulnerabilities and has 43 fixes is now available. Description: The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572). - CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362). - CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755). - CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel did not initialize a certain structure member, which allowed remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (bnc#983213). - CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bnc#983143). - CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel mishandled NM (aka alternate name) entries containing \0 characters, which allowed local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem (bnc#980725). - CVE-2016-4580: The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel did not properly initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request (bnc#981267). - CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371). - CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bnc#979867). - CVE-2015-7833: The usbvision driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998). - CVE-2016-3707: The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, allowed remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file (bnc#980246). - CVE-2016-2187: The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971944). - CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401). - CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bnc#963762). - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548). - CVE-2016-4485: The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel did not initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory by reading a message (bnc#978821). - CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879). - CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface (bnc#979213). - CVE-2016-4486: The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#978822). - CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bnc#971126). The following non-security bugs were fixed: - ALSA: hrtimer: Handle start/stop more properly (bsc#973378). - ALSA: oxygen: add Xonar DGX support (bsc#982691). - Assign correct ->can_queue value in hv_storvsc (bnc#969391) - Delete patches.drivers/nvme-0165-Split-header-file-into-user-visible-and-kernel-.p atch. SLE11-SP4 does not have uapi headers so move everything back to the original header (bnc#981231) - Driver: Vmxnet3: set CHECKSUM_UNNECESSARY for IPv6 packets (bsc#976739). - Fix cifs_uniqueid_to_ino_t() function for s390x (bsc#944309) - KVM: x86: fix maintenance of guest/host xcr0 state (bsc#961518). - MM: increase safety margin provided by PF_LESS_THROTTLE (bsc#956491). - NFS: Do not attempt to decode missing directory entries (bsc#980931). - NFS: avoid deadlocks with loop-back mounted NFS filesystems (bsc#956491). - NFS: avoid waiting at all in nfs_release_page when congested (bsc#956491). - NFS: fix memory corruption rooted in get_ih_name pointer math (bsc#984107). - NFS: reduce access cache shrinker locking (bnc#866130). - NFSv4: Ensure that we do not drop a state owner more than once (bsc#979595). - NFSv4: OPEN must handle the NFS4ERR_IO return code correctly (bsc#979595). - NVMe: Unify controller probe and resume (bsc#979347). - RDMA/cxgb4: Configure 0B MRs to match HW implementation (bsc#909589). - RDMA/cxgb4: Do not hang threads forever waiting on WR replies (bsc#909589). - RDMA/cxgb4: Fix locking issue in process_mpa_request (bsc#909589). - RDMA/cxgb4: Handle NET_XMIT return codes (bsc#909589). - RDMA/cxgb4: Increase epd buff size for debug interface (bsc#909589). - RDMA/cxgb4: Limit MRs to less than 8GB for T4/T5 devices (bsc#909589). - RDMA/cxgb4: Serialize CQ event upcalls with CQ destruction (bsc#909589). - RDMA/cxgb4: Wake up waiters after flushing the qp (bsc#909589). - SCSI: Increase REPORT_LUNS timeout (bsc#971989). - Update patches.drivers/nvme-0265-fix-max_segments-integer-truncation.patch (bsc#979419). Fix reference. - Update patches.fixes/bnx2x-Alloc-4k-fragment-for-each-rx-ring-buffer-elem.patch (bsc#953369 bsc#975358). - bridge: superfluous skb->nfct check in br_nf_dev_queue_xmit (bsc#982544). - cgroups: do not attach task to subsystem if migration failed (bnc#979274). - cgroups: more safe tasklist locking in cgroup_attach_proc (bnc#979274). - cpuset: Fix potential deadlock w/ set_mems_allowed (bsc#960857, bsc#974646). - dasd: fix hanging system after LCU changes (bnc#968500, LTC#136671). - enic: set netdev->vlan_features (bsc#966245). - fcoe: fix reset of fip selection time (bsc#974787). - hid-elo: kill not flush the work (bnc#982532). - ipc,sem: fix use after free on IPC_RMID after a task using same semaphore set exits (bsc#967914). - ipv4/fib: do not warn when primary address is missing if in_dev is dead (bsc#971360). - ipv4: fix ineffective source address selection (bsc#980788). - ipvs: count pre-established TCP states as active (bsc#970114). - iucv: call skb_linearize() when needed (bnc#979915, LTC#141240). - kabi: prevent spurious modversion changes after bsc#982544 fix (bsc#982544). - mm/hugetlb.c: correct missing private flag clearing (VM Functionality, bnc#971446). - mm/hugetlb: fix backport of upstream commit 07443a85ad (VM Functionality, bnc#971446). - mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721). - mm/vmscan.c: avoid throttling reclaim for loop-back nfsd threads (bsc#956491). - mm: Fix DIF failures on ext3 filesystems (bsc#971030). - net/qlge: Avoids recursive EEH error (bsc#954847). - netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in br_validate_ipv6 (bsc#982544). - netfilter: bridge: do not leak skb in error paths (bsc#982544). - netfilter: bridge: forward IPv6 fragmented packets (bsc#982544). - nvme: fix max_segments integer truncation (bsc#676471). - ocfs2: do not set fs read-only if rec[0] is empty while committing truncate (bnc#971947). - ocfs2: extend enough credits for freeing one truncate record while replaying truncate records (bnc#971947). - ocfs2: extend transaction for ocfs2_remove_rightmost_path() and ocfs2_update_edge_lengths() before to avoid inconsistency between inode and et (bnc#971947). - qeth: delete napi struct when removing a qeth device (bnc#979915, LTC#143590). - rpm/modprobe-xen.conf: Revert comment change to allow parallel install (bsc#957986). This reverts commit 855c7ce885fd412ce2a25ccc12a46e565c83f235. - s390/dasd: prevent incorrect length error under z/VM after PAV changes (bnc#968500, LTC#136670). - s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979915, LTC#141456). - s390/pci: add extra padding to function measurement block (bnc#968500, LTC#139445). - s390/pci: enforce fmb page boundary rule (bnc#968500, LTC#139445). - s390/pci: extract software counters from fmb (bnc#968500, LTC#139445). - s390/pci: fix use after free in dma_init (bnc#979915, LTC#141626). - s390/pci: remove pdev pointer from arch data (bnc#968500, LTC#139444). - s390/pci_dma: fix DMA table corruption with > 4 TB main memory (bnc#968500, LTC#139401). - s390/pci_dma: handle dma table failures (bnc#968500, LTC#139442). - s390/pci_dma: improve debugging of errors during dma map (bnc#968500, LTC#139442). - s390/pci_dma: unify label of invalid translation table entries (bnc#968500, LTC#139442). - s390/spinlock: avoid yield to non existent cpu (bnc#968500, LTC#141106). - s390: fix test_fp_ctl inline assembly contraints (bnc#979915, LTC#143138). - sched/cputime: Fix clock_nanosleep()/clock_gettime() inconsistency (bnc#988498). - sched/cputime: Fix cpu_timer_sample_group() double accounting (bnc#988498). - sched: Provide update_curr callbacks for stop/idle scheduling classes (bnc#988498). - veth: do not modify ip_summed (bsc#969149). - vgaarb: Add more context to error messages (bsc#976868). - virtio_scsi: Implement eh_timed_out callback (bsc#936530). - x86, kvm: fix kvm's usage of kernel_fpu_begin/end() (bsc#961518). - x86, kvm: use kernel_fpu_begin/end() in kvm_load/put_guest_fpu() (bsc#961518). - x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Real Time Extension 11-SP4: zypper in -t patch slertesp4-linux-kernel-12681=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-linux-kernel-12681=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Real Time Extension 11-SP4 (x86_64): kernel-rt-3.0.101.rt130-57.1 kernel-rt-base-3.0.101.rt130-57.1 kernel-rt-devel-3.0.101.rt130-57.1 kernel-rt_trace-3.0.101.rt130-57.1 kernel-rt_trace-base-3.0.101.rt130-57.1 kernel-rt_trace-devel-3.0.101.rt130-57.1 kernel-source-rt-3.0.101.rt130-57.1 kernel-syms-rt-3.0.101.rt130-57.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (x86_64): kernel-rt-debuginfo-3.0.101.rt130-57.1 kernel-rt-debugsource-3.0.101.rt130-57.1 kernel-rt_debug-debuginfo-3.0.101.rt130-57.1 kernel-rt_debug-debugsource-3.0.101.rt130-57.1 kernel-rt_trace-debuginfo-3.0.101.rt130-57.1 kernel-rt_trace-debugsource-3.0.101.rt130-57.1 References: https://www.suse.com/security/cve/CVE-2015-7833.html https://www.suse.com/security/cve/CVE-2016-0758.html https://www.suse.com/security/cve/CVE-2016-1583.html https://www.suse.com/security/cve/CVE-2016-2053.html https://www.suse.com/security/cve/CVE-2016-2187.html https://www.suse.com/security/cve/CVE-2016-3134.html https://www.suse.com/security/cve/CVE-2016-3707.html https://www.suse.com/security/cve/CVE-2016-4470.html https://www.suse.com/security/cve/CVE-2016-4482.html https://www.suse.com/security/cve/CVE-2016-4485.html https://www.suse.com/security/cve/CVE-2016-4486.html https://www.suse.com/security/cve/CVE-2016-4565.html https://www.suse.com/security/cve/CVE-2016-4569.html https://www.suse.com/security/cve/CVE-2016-4578.html https://www.suse.com/security/cve/CVE-2016-4580.html https://www.suse.com/security/cve/CVE-2016-4805.html https://www.suse.com/security/cve/CVE-2016-4913.html https://www.suse.com/security/cve/CVE-2016-4997.html https://www.suse.com/security/cve/CVE-2016-5244.html https://www.suse.com/security/cve/CVE-2016-5829.html https://bugzilla.suse.com/676471 https://bugzilla.suse.com/866130 https://bugzilla.suse.com/909589 https://bugzilla.suse.com/936530 https://bugzilla.suse.com/944309 https://bugzilla.suse.com/950998 https://bugzilla.suse.com/953369 https://bugzilla.suse.com/954847 https://bugzilla.suse.com/956491 https://bugzilla.suse.com/957986 https://bugzilla.suse.com/960857 https://bugzilla.suse.com/961518 https://bugzilla.suse.com/963762 https://bugzilla.suse.com/966245 https://bugzilla.suse.com/967914 https://bugzilla.suse.com/968500 https://bugzilla.suse.com/969149 https://bugzilla.suse.com/969391 https://bugzilla.suse.com/970114 https://bugzilla.suse.com/971030 https://bugzilla.suse.com/971126 https://bugzilla.suse.com/971360 https://bugzilla.suse.com/971446 https://bugzilla.suse.com/971944 https://bugzilla.suse.com/971947 https://bugzilla.suse.com/971989 https://bugzilla.suse.com/973378 https://bugzilla.suse.com/974620 https://bugzilla.suse.com/974646 https://bugzilla.suse.com/974787 https://bugzilla.suse.com/975358 https://bugzilla.suse.com/976739 https://bugzilla.suse.com/976868 https://bugzilla.suse.com/978401 https://bugzilla.suse.com/978821 https://bugzilla.suse.com/978822 https://bugzilla.suse.com/979213 https://bugzilla.suse.com/979274 https://bugzilla.suse.com/979347 https://bugzilla.suse.com/979419 https://bugzilla.suse.com/979548 https://bugzilla.suse.com/979595 https://bugzilla.suse.com/979867 https://bugzilla.suse.com/979879 https://bugzilla.suse.com/979915 https://bugzilla.suse.com/980246 https://bugzilla.suse.com/980371 https://bugzilla.suse.com/980725 https://bugzilla.suse.com/980788 https://bugzilla.suse.com/980931 https://bugzilla.suse.com/981231 https://bugzilla.suse.com/981267 https://bugzilla.suse.com/982532 https://bugzilla.suse.com/982544 https://bugzilla.suse.com/982691 https://bugzilla.suse.com/983143 https://bugzilla.suse.com/983213 https://bugzilla.suse.com/983721 https://bugzilla.suse.com/984107 https://bugzilla.suse.com/984755 https://bugzilla.suse.com/986362 https://bugzilla.suse.com/986572 https://bugzilla.suse.com/988498 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Last week the AMD Radeon RX 470 4GB graphics card debuted at $179 to help bring AMD’s new Polaris GPU technology down to lower price points. The AMD Radeon RX 480 video card runs $199 for the 4GB model and $249 for the 8GB model, so it was good to see what AMD had to offer mainstream gamers. If $179 is still too much to justify spending on a graphics card for your system we have great news for you. AMD is releasing the Radeon RX 460 today and pricing starts at just $109 for 2GB models. Read on to see how the XFX Radeon RX 460 4GB Double Dissipation Graphics Card performs! Article Title: AMD Radeon RX 460 4GB Graphics Card Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/amd-radeon-rx-460-4gb-graphics-card-review_185034 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =

Sapphire Nitro+ RX 470 OC Graphics Card Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/sapphire-nitro-rx-470-oc-graphics-card-review/ Image URL: http://www.thinkcomputers.org/reviews/sapphire_nitro_rx470/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/sapphire_nitro_rx470/small.jpg Quote: "Sapphire's Nitro series has been around for a while and with the introduction of AMD's RX Series we now have the Nitro+ series.  The Nitro+ series made its debut with RX 480 and now we have the RX 470 model.  The RX 470 is of course a step down from AMD's current flagship RX 480 graphics card, but is based on the same Polaris 10 silicon.  It features 2048 stream processors across 32 compute units, 128 TMUs, and 32 ROPs.  Now the Nitro+ RX 470 OC Graphics Card is no reference card, it features a factory overclock of 1260 MHz boost, has Sapphire's custom DUAL-X cooling solution, black diamond chokes, RGB lighting and more.  Let's throw this card on our test bench and see what it can do!"

View this email in your browser (http://us3.campaign-archive1.com/?u=efc4c507c2cf964fc2462caca&id=700557755c&e=0c004f9c13) AMD and NVIDIA have been launching graphics cards at a rapid clip this summer. In the last three months or so, about ten new desktop GPUs have been launched or announced, targeting virtually all market segments. Thanks to new architectures and more advanced manufacturing processes, this latest generation of GPUs offer far better performance and efficiency than the previous-gen, with much smaller die sizes too. So it makes sense that the big two discrete GPU makers wanted their latest wares on store shelves ASAP. Today, AMD is ready with an entry-level graphics card featuring its Polaris architecture, the Radeon RX 460. Unlike the Radeon RX 480 and RX 470 that launched before it, the RX 460 is built around a new piece of silicon, the Polaris 11 GPU. The RX 480 and RX 470 feature the larger, more powerful Polaris 10... AMD Radeon RX 460 Review: Polaris On A Budget (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=015761c376&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=48f1d32c6f&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=31ffea72f5&e=0c004f9c13 Best Regards, HotHardware.com http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=fe23abb8e5&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=2b96b04292&e=0c004f9c13 http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=72493f68d0&e=0c004f9c13 ============================================================

<http://www.eteknix.com> Sapphire Nitro RX 460 OC Graphics Card Review Only a few days after the RX 470 <http://www.eteknix.com/sapphire-nitro-rx-470-oc-graphics-card-review/> ‘s launch, AMD has unleashed a brand new graphics solution designed for low-cost eSports gaming. During the past few years, the competitive scene in the RTS and MOBA genres have flourished and now attract a huge following. As a result, popular titles such as League of Legends have a huge prize pool and create a frenzied response from dedicated fans attending a major event. Of course, many users aim to replicate the stardom of their idols and become a professional player. This challenging endeavour requires dedication and very few people are skilled enough to be considered by established teams. Thankfully, eSports isn't just about the few who inspire younger players, it's an inclusive gaming experience which can be incredibly rewarding. AMD is hoping that the RX 460 can fill a void in the market and provide eSports aficionados with an appropriate amount of graphics horsepower. URL - http://www.eteknix.com/sapphire-nitro-rx-460-oc-graphics-card-review/ --

*ASUS Radeon RX 460 STRIX Gaming 4 GB review* AMD officially released the Radeon RX 460 moments ago. We figured it'd be a good tike to test the ASUS Radeon RX 460 STRIX Gaming 4 GB. The graphics card is positioned in the budget range and will perform at entry level gaming wise. You can read the full * article right here <http://www.guru3d.com/articles-pages/asus-radeon-rx-460-strix-gaming-4gb-review,1.html>'>http://www.guru3d.com/articles-pages/asus-radeon-rx-460-strix-gaming-4gb-review,1.html> *. URL: http://www.guru3d.com/articles-pages/asus-radeon-rx-460-strix-gaming-4gb-review,1.html <http://www.guru3d.com/articles-pages/asus-radeon-rx-460-strix-gaming-4gb-review,1.html> --

** TECHSPOT ------------------------------------------------------------ ** Building a 40-Thread Xeon Monster PC for Less Than the Price of a Broadwell-E ------------------------------------------------------------ ** http://www.techspot.com/review/1218-affordable-40-thread-xeon-monster-pc/ ------------------------------------------------------------ Following up to our popular 32-thread Xeon PC feature, we've been in the hunt for affordable Xeon processors based on more modern architectures. Our search put us on the trail of Intel's Xeon E5 2630 v4, a 10-core Broadwell-EP part (40 threads for 2 CPUs) that can be found for less - with a catch - so we put together a system to show off what's on offer here. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

openSUSE Security Update: Security update for Chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:1983-1 Rating: important References: #992305 #992309 #992310 #992311 #992313 #992314 #992315 #992319 #992320 Cross-References: CVE-2016-5139 CVE-2016-5140 CVE-2016-5141 CVE-2016-5142 CVE-2016-5143 CVE-2016-5144 CVE-2016-5145 CVE-2016-5146 Affected Products: SUSE Package Hub for SUSE Linux Enterprise 12 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has one errata is now available. Description: Chromium was updated to 52.0.2743.116 to fix the following security issues: (boo#992305) - CVE-2016-5141: Address bar spoofing (boo#992314) - CVE-2016-5142: Use-after-free in Blink (boo#992313) - CVE-2016-5139: Heap overflow in pdfium (boo#992311) - CVE-2016-5140: Heap overflow in pdfium (boo#992310) - CVE-2016-5145: Same origin bypass for images in Blink (boo#992320) - CVE-2016-5143: Parameter sanitization failure in DevTools (boo#992319) - CVE-2016-5144: Parameter sanitization failure in DevTools (boo#992315) - CVE-2016-5146: Various fixes from internal audits, fuzzing and other initiatives (boo#992309) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Package Hub for SUSE Linux Enterprise 12: zypper in -t patch openSUSE-2016-950=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Package Hub for SUSE Linux Enterprise 12 (x86_64): chromedriver-52.0.2743.116-92.1 chromium-52.0.2743.116-92.1 chromium-desktop-gnome-52.0.2743.116-92.1 chromium-desktop-kde-52.0.2743.116-92.1 chromium-ffmpegsumo-52.0.2743.116-92.1 References: https://www.suse.com/security/cve/CVE-2016-5139.html https://www.suse.com/security/cve/CVE-2016-5140.html https://www.suse.com/security/cve/CVE-2016-5141.html https://www.suse.com/security/cve/CVE-2016-5142.html https://www.suse.com/security/cve/CVE-2016-5143.html https://www.suse.com/security/cve/CVE-2016-5144.html https://www.suse.com/security/cve/CVE-2016-5145.html https://www.suse.com/security/cve/CVE-2016-5146.html https://bugzilla.suse.com/992305 https://bugzilla.suse.com/992309 https://bugzilla.suse.com/992310 https://bugzilla.suse.com/992311 https://bugzilla.suse.com/992313 https://bugzilla.suse.com/992314 https://bugzilla.suse.com/992315 https://bugzilla.suse.com/992319 https://bugzilla.suse.com/992320 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

openSUSE Security Update: Security update for Chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:1982-1 Rating: important References: #992305 #992309 #992310 #992311 #992313 #992314 #992315 #992319 #992320 Cross-References: CVE-2016-5139 CVE-2016-5140 CVE-2016-5141 CVE-2016-5142 CVE-2016-5143 CVE-2016-5144 CVE-2016-5145 CVE-2016-5146 Affected Products: openSUSE Leap 42.1 openSUSE 13.2 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has one errata is now available. Description: Chromium was updated to 52.0.2743.116 to fix the following security issues: (boo#992305) - CVE-2016-5141: Address bar spoofing (boo#992314) - CVE-2016-5142: Use-after-free in Blink (boo#992313) - CVE-2016-5139: Heap overflow in pdfium (boo#992311) - CVE-2016-5140: Heap overflow in pdfium (boo#992310) - CVE-2016-5145: Same origin bypass for images in Blink (boo#992320) - CVE-2016-5143: Parameter sanitization failure in DevTools (boo#992319) - CVE-2016-5144: Parameter sanitization failure in DevTools (boo#992315) - CVE-2016-5146: Various fixes from internal audits, fuzzing and other initiatives (boo#992309) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-950=1 - openSUSE 13.2: zypper in -t patch openSUSE-2016-950=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (x86_64): chromedriver-52.0.2743.116-64.1 chromium-52.0.2743.116-64.1 chromium-desktop-gnome-52.0.2743.116-64.1 chromium-desktop-kde-52.0.2743.116-64.1 chromium-ffmpegsumo-52.0.2743.116-64.1 - openSUSE 13.2 (i586 x86_64): chromedriver-52.0.2743.116-114.1 chromium-52.0.2743.116-114.1 chromium-desktop-gnome-52.0.2743.116-114.1 chromium-desktop-kde-52.0.2743.116-114.1 chromium-ffmpegsumo-52.0.2743.116-114.1 References: https://www.suse.com/security/cve/CVE-2016-5139.html https://www.suse.com/security/cve/CVE-2016-5140.html https://www.suse.com/security/cve/CVE-2016-5141.html https://www.suse.com/security/cve/CVE-2016-5142.html https://www.suse.com/security/cve/CVE-2016-5143.html https://www.suse.com/security/cve/CVE-2016-5144.html https://www.suse.com/security/cve/CVE-2016-5145.html https://www.suse.com/security/cve/CVE-2016-5146.html https://bugzilla.suse.com/992305 https://bugzilla.suse.com/992309 https://bugzilla.suse.com/992310 https://bugzilla.suse.com/992311 https://bugzilla.suse.com/992313 https://bugzilla.suse.com/992314 https://bugzilla.suse.com/992315 https://bugzilla.suse.com/992319 https://bugzilla.suse.com/992320 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org