news

CentOS Errata and Security Advisory 2016:1277 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1277.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 866c10ef9772a04713b8dfc099f5b665fd2d37a8d98c1cc01dfc465f7c270350 kernel-3.10.0-327.22.2.el7.x86_64.rpm 3609729488f8df078b93ffd9c0e99190e105318c615b42373b01e66ccc3fd66b kernel-abi-whitelists-3.10.0-327.22.2.el7.noarch.rpm 97284388776c98bc4d1f08b0ca6f366479b7574e08e2f67503311f15dbe58f78 kernel-debug-3.10.0-327.22.2.el7.x86_64.rpm 5886a326d9c1c9dd8ab4a264042ebffed9f9ad4c3cfdbc844e5be1118e076662 kernel-debug-devel-3.10.0-327.22.2.el7.x86_64.rpm f0052d5981696cd9ce3c1af38d8380a9fa22f97bd0f99e41c8024a7d7f66ba0a kernel-devel-3.10.0-327.22.2.el7.x86_64.rpm 3607e5c78d375a39aa92fe9adb4ad827da3ed7b22076f045cf729bffa0729681 kernel-doc-3.10.0-327.22.2.el7.noarch.rpm 985df87909a5b35fb2455c7faf01b641aced54ef8aa64e1875b392710f422fb2 kernel-headers-3.10.0-327.22.2.el7.x86_64.rpm b98b7703ade7d413675cdfee9033c972a4fcb91993b2303ef8465af9ae3265a6 kernel-tools-3.10.0-327.22.2.el7.x86_64.rpm bf2f27fd9490d409f51ce23c590e69e0c7b691ded2e9646bf7a61b3cb7bf04eb kernel-tools-libs-3.10.0-327.22.2.el7.x86_64.rpm aec34d9f6bd724cc902890724c24ca2386b78f427385641611c3a907430905fc kernel-tools-libs-devel-3.10.0-327.22.2.el7.x86_64.rpm 752fbd6d40ace3148862c2e5e44714e23c1fc4e44e65f3f2e8d26e8d8640ca73 perf-3.10.0-327.22.2.el7.x86_64.rpm 7d26ef4211af28bc09653c3ca4d951f6ba4a73ac8484ffada2166669635c6fd6 python-perf-3.10.0-327.22.2.el7.x86_64.rpm Source: 2c45727c78601268bfa63d633d53b1cc37e3530ba756c45f9d048339a69ccbce kernel-3.10.0-327.22.2.el7.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Bugfix Advisory 2016:1290 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-1290.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: cb25243971e6c537308c72b4fadfc8983ab17c49f52ca918f9115e4bfa000a26 libvirt-1.2.17-13.el7_2.5.x86_64.rpm 02acca9353cc4ddc6aac73fe8a60a50d40c5bf2fe4a5cf1150ef54f1044f708a libvirt-client-1.2.17-13.el7_2.5.i686.rpm c8e633635ca65bf73cb152c71bfd31b90d769cfec526fa5b828026ca4646b800 libvirt-client-1.2.17-13.el7_2.5.x86_64.rpm c636318ea54515ccfa0c08fd33d777ff8e0e5053878569d641290cbe8f8a5c52 libvirt-daemon-1.2.17-13.el7_2.5.x86_64.rpm 6c7324c9956180e6702edcabab493048d786f991c011507abd022f3ec36bbc17 libvirt-daemon-config-network-1.2.17-13.el7_2.5.x86_64.rpm cfe82fef9d18bcf6c4a85a3637c54cbc70e15dc9ce340b44c748f23a34b84c74 libvirt-daemon-config-nwfilter-1.2.17-13.el7_2.5.x86_64.rpm 67a182927bc99814b2e69d923647e815f31952bd9090d12775d3c0832a040517 libvirt-daemon-driver-interface-1.2.17-13.el7_2.5.x86_64.rpm 6a02a5b9456baa62bbc999846412be5a04459c5f178383c888a70d6f057a49f0 libvirt-daemon-driver-lxc-1.2.17-13.el7_2.5.x86_64.rpm 7d19351dfec22409e64e340fbddf223843443bc8d5f5c88f1fbfc80ff4a4c97b libvirt-daemon-driver-network-1.2.17-13.el7_2.5.x86_64.rpm b1bb6aff04567add818ac2eafe4ca0146033482f122318134037398dd3202818 libvirt-daemon-driver-nodedev-1.2.17-13.el7_2.5.x86_64.rpm 4ebd50b02dfa3747445cb1ef92cf15884a29bc336ae447de0932b8fb83da46c8 libvirt-daemon-driver-nwfilter-1.2.17-13.el7_2.5.x86_64.rpm ae8e8abfff88ec540698791be06fbfe6b1d7502575fa6812b2bbacef59d079fb libvirt-daemon-driver-qemu-1.2.17-13.el7_2.5.x86_64.rpm 1b86ae49040a6c400c25c56b4e35775bef72be883e96f345e71702748283a661 libvirt-daemon-driver-secret-1.2.17-13.el7_2.5.x86_64.rpm e07035342ea97e617e107574e96f404644307d51537c5dc4d05e9ccd0d7ebc8b libvirt-daemon-driver-storage-1.2.17-13.el7_2.5.x86_64.rpm cf547b5eab90f8ffb46dae3f499e7e3e18c084feac9e19691d1dfae10fc7a2f6 libvirt-daemon-kvm-1.2.17-13.el7_2.5.x86_64.rpm 884a714d6d7ae3c982b8475866a4f7e67f08556df1e3f5833a33b528e0024ea2 libvirt-daemon-lxc-1.2.17-13.el7_2.5.x86_64.rpm 417b67c9316c2044fba2716222978e1db57b97ff995dab86953040acc20e8aae libvirt-devel-1.2.17-13.el7_2.5.i686.rpm b225a2b8a9dc7e42950018c36db74071e5d3d417df12b3b686166e1f85f1e26d libvirt-devel-1.2.17-13.el7_2.5.x86_64.rpm 4f08c661963ba0c0848613824a12075b2f6b46af358ee2aa23710379d2e04656 libvirt-docs-1.2.17-13.el7_2.5.x86_64.rpm bf9abc767c63ba291ac43ae4c802d4334d60d34ab87132203d860434239a3f77 libvirt-lock-sanlock-1.2.17-13.el7_2.5.x86_64.rpm a5de6c647b4feb2a77e8c65ea7b7afbea0d5d4d8ce2a06f2925d4e09be99e7c1 libvirt-login-shell-1.2.17-13.el7_2.5.x86_64.rpm Source: 49267c944574cdd540c1cae1762edd312ebf4ce5f14674f79aa78d2fbbb28b9b libvirt-1.2.17-13.el7_2.5.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Security Advisory 2016:1292 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1292.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 1ac92fe486fd71d4cc09beff30d5fb2170bedf62601379478ec445ac860bc632 libxml2-2.9.1-6.el7_2.3.i686.rpm acece4f83c12cdc48b42063fee9bca8519dc312ec2f25d105de82005caeed6e5 libxml2-2.9.1-6.el7_2.3.x86_64.rpm bf3769969f879b821b01a2ee2072d719f7a35c39ec8627796488b0cd48273b34 libxml2-devel-2.9.1-6.el7_2.3.i686.rpm 4a37ec5e4a3cf89655265388aae7165283edfa55a76863738e472fe49be1554c libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm 5b5de3c0619d4b589756bdff4763376009f04142c3083224ac56af3b2d97f593 libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm 8c7d901df8aa3170eeffc2b0360684ee3bcd0a15c8af6db394814208b73a85e3 libxml2-static-2.9.1-6.el7_2.3.i686.rpm 6619350076bd4b8f6a2d90881ad4f41793c1baf793cb7b9f9df5bdbdc6f8effa libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Source: 61fec50176f7992461600e8a0275e495acb53377b83acb0fe15d5d7b1beb6201 libxml2-2.9.1-6.el7_2.3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Bugfix Advisory 2016:1285 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-1285.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 78d42b9fb3f95d76cf1453c7e03d97c173e497c758f1716adbc4be0cda835328 NetworkManager-1.0.6-30.el7_2.x86_64.rpm 419bda9781b871e52aef0b55c33b042932c0d3205aa0e1206528bbdcac9f3231 NetworkManager-adsl-1.0.6-30.el7_2.x86_64.rpm 5832789646d870c1a9cb6f86b743d8644e417c3cfb9e2cda04f3b09a63c127f4 NetworkManager-bluetooth-1.0.6-30.el7_2.x86_64.rpm 27a564653bab130af2addaf8db81fc182a17b1daf510ceed898d942d4459436d NetworkManager-config-routing-rules-1.0.6-30.el7_2.x86_64.rpm 470712959af9633529f2dbc55bd481fc5ac88d0579eb931df52ab1f58685600b NetworkManager-config-server-1.0.6-30.el7_2.x86_64.rpm 6b0d06839c8006978801f61cfc6d63c9c0f95f5cdf95e49eb6b087da7f62daab NetworkManager-devel-1.0.6-30.el7_2.i686.rpm 2f12ccee87895742f37f71058602d9e5e277094a1b73d0452fd4e392661cbebf NetworkManager-devel-1.0.6-30.el7_2.x86_64.rpm 6518dcb2cf4f0b647aa0265281a2d0d1fd91064a68bc81cc4ba4fd3cd71d84be NetworkManager-glib-1.0.6-30.el7_2.i686.rpm 7453a98381d326c7eea4de3a37050da7b56ef1da7fbfbd11fb693d30b7fd408e NetworkManager-glib-1.0.6-30.el7_2.x86_64.rpm a6f27c5516f912be19fa919580d9badc65a6d45f27bb10a61d61a1a5637bb15c NetworkManager-glib-devel-1.0.6-30.el7_2.i686.rpm 32ffd6a420391ebd716bd70082305fafe9244f95123bc280923ec35fc0ca1ed3 NetworkManager-glib-devel-1.0.6-30.el7_2.x86_64.rpm 02178765c5abf0702633cdc50a6049109a5d20eb0ef522de64fd81ebc6b5f858 NetworkManager-libnm-1.0.6-30.el7_2.i686.rpm e3bf8d72c6fae491ed19106f14f8171f815137f35044810593d16be65e79db0d NetworkManager-libnm-1.0.6-30.el7_2.x86_64.rpm 8297f8531970c86abf1beabade278f0e76156ae1902973ebde1fc84987053331 NetworkManager-libnm-devel-1.0.6-30.el7_2.i686.rpm bca183c98bf3c1f9622f3ade251d530eedb58832691e8f809ec022a352ac0bb2 NetworkManager-libnm-devel-1.0.6-30.el7_2.x86_64.rpm 3bb2ce286c6acc1f5ae371cc85fd29cb7624298b6e83254c03f32142897a4949 NetworkManager-team-1.0.6-30.el7_2.x86_64.rpm 08c7b42b09aea8283c7a86db58e4601c15e16a5dab1cb26f95718ecdd3813cf8 NetworkManager-tui-1.0.6-30.el7_2.x86_64.rpm 92483a4e02ae3d7359f3d0d9fcb3478382d2e62105f53835a874da293a96ca41 NetworkManager-wifi-1.0.6-30.el7_2.x86_64.rpm d80ca4c4e60fcde926c799ba2afda49d64c5fddf42d5baf78b680b83dc5d5c27 NetworkManager-wwan-1.0.6-30.el7_2.x86_64.rpm Source: fd462a1d0956da362652ba7c44da5126ba8e322fd4e4aeba78bcfa29380c9fa7 NetworkManager-1.0.6-30.el7_2.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Bugfix Advisory 2016:1258 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-1258.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 0fddd84a0ecb4d433f2803fc6c0623922ef54e33e5f6b803f82cb53bacf4ddee nfs-utils-1.3.0-0.21.el7_2.1.x86_64.rpm Source: cc95f73edf7cc837370a221719f31c05333c90a5bbe457c2d497b22cdbeb2b76 nfs-utils-1.3.0-0.21.el7_2.1.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Security Advisory 2016:1296 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1296.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: c724d1f9400e9084509754ddffd8e83160c967dde8fbc724347fd543deb7eb9d ocaml-4.01.0-22.7.el7_2.x86_64.rpm 9d29fc119ddfb8217cb6aac73e052fd2e74bb5ff08118703ad778eec42bf1db9 ocaml-camlp4-4.01.0-22.7.el7_2.x86_64.rpm 13346e41b3cf70699a66998b2520eb37c407462460dda45cfd77c378b796f895 ocaml-camlp4-devel-4.01.0-22.7.el7_2.x86_64.rpm e02421a3cc009a6d677ac97db952c83b84762fc71506f0a0311ce6796a02d336 ocaml-compiler-libs-4.01.0-22.7.el7_2.x86_64.rpm aaf17136a962111dff4e55f26f09c10de891bdcf65fdb41c7506cdb17fbe347c ocaml-docs-4.01.0-22.7.el7_2.x86_64.rpm aa7e612b5a0f075df43bdf2060eaf0c8faa9b2903b56d7848154d21a8878253c ocaml-emacs-4.01.0-22.7.el7_2.x86_64.rpm ef34cc7a377142edd09c5a59b4b2b8bf0d3693554328317d4053c36f05ed5394 ocaml-labltk-4.01.0-22.7.el7_2.x86_64.rpm e0df101ffe66b76b9586ef56d58981dc0b525bce877ce5f5515127f9aa9a695f ocaml-labltk-devel-4.01.0-22.7.el7_2.x86_64.rpm d136015ca3b4f6be68e73b100b212490eb51ba7a8fb52bffb1d78499711508a3 ocaml-ocamldoc-4.01.0-22.7.el7_2.x86_64.rpm 843308e693ff2c206771bc0e278f98510caa0e5b20a84c29ce423e1ce837259f ocaml-runtime-4.01.0-22.7.el7_2.x86_64.rpm 04ad60c08d71af8d89828dce85b61d6d7fdca5435532270b1c8327af37fc4333 ocaml-source-4.01.0-22.7.el7_2.x86_64.rpm e4b334cc2103025f528082b9cc248c21672c58be2981f8cd32bdb44796a0fe3c ocaml-x11-4.01.0-22.7.el7_2.x86_64.rpm Source: 1eaf7dc1420596dc6692914e21556660826c0643231df29b843f4195dbea6d6e ocaml-4.01.0-22.7.el7_2.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Bugfix Advisory 2016:1291 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-1291.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 73f7aa5fe34b8168a43c3d02763ec9b570fbadac1fb7d7402af4f121b85db160 corosync-2.3.4-7.el7_2.3.x86_64.rpm d986b93b86c4b08699295b5c2b11a8e5e959df60f2ff1a03c487c92a535ecdd7 corosynclib-2.3.4-7.el7_2.3.i686.rpm ae8ec839f296c9512129278828b1f97fe98ced7a35966249d89d26bfe1736729 corosynclib-2.3.4-7.el7_2.3.x86_64.rpm b5fa9e0b75b38e152707fc836753482407f06817ffbe304f3cfd32f565530161 corosynclib-devel-2.3.4-7.el7_2.3.i686.rpm 010c2f80ecbda46edf29e513fa00bf9bb036a460275a2c9ffe761c05b8e9d3ee corosynclib-devel-2.3.4-7.el7_2.3.x86_64.rpm Source: 5b3c940f1bca18e8731b7a145526fa7981c777b149c953dbbac338a07bd462fd corosync-2.3.4-7.el7_2.3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Bugfix Advisory 2016:1298 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-1298.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 759caa1a899288e88532704058a084795e56ee95bd7dcc685b5aadc0f48142c3 389-ds-base-1.3.4.0-32.el7_2.x86_64.rpm 89c8b9a14727ad2cda5e14d7969c9ca5ac2fdb003932a0272c84a21ea4e096a6 389-ds-base-devel-1.3.4.0-32.el7_2.x86_64.rpm 24afe0b680ae7693730852b4c0bebd2fb004475e66b56ab73fe141ae9e26d0d2 389-ds-base-libs-1.3.4.0-32.el7_2.x86_64.rpm Source: db455dcb3fa5703f8b2c6a4409ab0c5c4580269c8bbf3e94ba19bbb2a05f5262 389-ds-base-1.3.4.0-32.el7_2.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Bugfix Advisory 2016:1253 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-1253.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: fa6d41a52022baf94e642821595f027aee6db0ae0c9de03d9a0357f689bc9465 device-mapper-multipath-0.4.9-85.el7_2.5.x86_64.rpm f61b5a91b22635b9b5be45cafde12dd1bc49b6fb60db669c7c6e6a520e286e41 device-mapper-multipath-libs-0.4.9-85.el7_2.5.i686.rpm a793da204c71b5764eb3b3907ab3e5ef682eb06274316d1efe6261d598f51e50 device-mapper-multipath-libs-0.4.9-85.el7_2.5.x86_64.rpm 371cb1b6ccdf73c97c95d5e9856332c9563a5ce6a88761d34891f270e9d1c24f device-mapper-multipath-sysvinit-0.4.9-85.el7_2.5.x86_64.rpm 0b4720cbebfea3d86ae4512d87bb29ab78d54291f2b87710774fafe7b4149980 kpartx-0.4.9-85.el7_2.5.x86_64.rpm Source: a7dfe2f09839cb0374dc5bac129748c0ccef7ea6ba9d489e1a84cf347a3bc5ea device-mapper-multipath-0.4.9-85.el7_2.5.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2016:1277-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1277 Issue date: 2016-06-23 CVE Names: CVE-2015-8767 CVE-2016-4565 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/articles/2361921. Security Fixes: * A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system. (CVE-2016-4565, Important) * A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service. (CVE-2015-8767, Moderate) Red Hat would like to thank Jann Horn for reporting CVE-2016-4565. Bug Fixes: * When Small Computer System Interface (SCSI) devices were removed or deleted, a system crash could occur due to a race condition between listing all SCSI devices and SCSI device removal. The provided patch ensures that the starting node for the klist_iter_init_node() function is actually a member of the list before using it. As a result, a system crash no longer occurs in the described scenario. (BZ#1333403) * This update offers a reworked series of patches for the resizable hash table (rhashtable) including a number of backported bug fixes and enhancements from upstream. (BZ#1328801) * Previously, the same value of the mperf Model-Specific Register (MSR) read twice in a row could lead to a kernel panic due to the divide-by-zero error. The provided patch fixes this bug, and the kernel now handles two identical values of mperf gracefully. (BZ#1334438) * When a transparent proxy application was running and the number of established connections on the computer exceeded one million, unrelated processes, such as curl or ssh, were unable to bind to a local IP on the box to initiate a connection. The provided patch fixes the cooperation of the REUSEADDR/NOREUSEADDR socket option, and thus prevents the local port from being exhausted. As a result, the aforementioned bug no longer occurs in the described scenario. (BZ#1323960) * Previously, the kernel support for non-local bind for the IPv6 protocol was incomplete. As a consequence, an attempt to bind a socket to an IPv6 address that is not assigned to the host could fail. The provided patch includes changes in the ip_nonlocal_bind variable, which is now set to allow binding to an IPv6 address that is not assigned to the host. As a result, Linux servers are now able to bind to non-local IPv6 addresses as expected. (BZ#1324502) * On some servers with a faster CPU, USB initialization could previously lead to a kernel hang during boot. If this inconvenience occurred when booting the second kernel during the kdump operation, the kdump service failed and the vmcore was lost. The provided upstream patch fixes this bug, and the kernel no longer hangs after USB initialization. (BZ#1327581) * Previously, when running iperf servers using the mlx4_en module, a kernel panic occurred. The underlying source code has been fixed, and the kernel panic no longer occurs in the described scenario. (BZ#1327583) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1297389 - CVE-2015-8767 kernel: SCTP denial of service during timeout 1310570 - CVE-2016-4565 kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-327.22.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.22.2.el7.noarch.rpm kernel-doc-3.10.0-327.22.2.el7.noarch.rpm x86_64: kernel-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.22.2.el7.x86_64.rpm kernel-devel-3.10.0-327.22.2.el7.x86_64.rpm kernel-headers-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.22.2.el7.x86_64.rpm perf-3.10.0-327.22.2.el7.x86_64.rpm perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm python-perf-3.10.0-327.22.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.22.2.el7.x86_64.rpm perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-327.22.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.22.2.el7.noarch.rpm kernel-doc-3.10.0-327.22.2.el7.noarch.rpm x86_64: kernel-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.22.2.el7.x86_64.rpm kernel-devel-3.10.0-327.22.2.el7.x86_64.rpm kernel-headers-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.22.2.el7.x86_64.rpm perf-3.10.0-327.22.2.el7.x86_64.rpm perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm python-perf-3.10.0-327.22.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.22.2.el7.x86_64.rpm perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-327.22.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.22.2.el7.noarch.rpm kernel-doc-3.10.0-327.22.2.el7.noarch.rpm ppc64: kernel-3.10.0-327.22.2.el7.ppc64.rpm kernel-bootwrapper-3.10.0-327.22.2.el7.ppc64.rpm kernel-debug-3.10.0-327.22.2.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-327.22.2.el7.ppc64.rpm kernel-debug-devel-3.10.0-327.22.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-327.22.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-327.22.2.el7.ppc64.rpm kernel-devel-3.10.0-327.22.2.el7.ppc64.rpm kernel-headers-3.10.0-327.22.2.el7.ppc64.rpm kernel-tools-3.10.0-327.22.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.ppc64.rpm kernel-tools-libs-3.10.0-327.22.2.el7.ppc64.rpm perf-3.10.0-327.22.2.el7.ppc64.rpm perf-debuginfo-3.10.0-327.22.2.el7.ppc64.rpm python-perf-3.10.0-327.22.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.ppc64.rpm ppc64le: kernel-3.10.0-327.22.2.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-327.22.2.el7.ppc64le.rpm kernel-debug-3.10.0-327.22.2.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-327.22.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-327.22.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-327.22.2.el7.ppc64le.rpm kernel-devel-3.10.0-327.22.2.el7.ppc64le.rpm kernel-headers-3.10.0-327.22.2.el7.ppc64le.rpm kernel-tools-3.10.0-327.22.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.ppc64le.rpm kernel-tools-libs-3.10.0-327.22.2.el7.ppc64le.rpm perf-3.10.0-327.22.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-327.22.2.el7.ppc64le.rpm python-perf-3.10.0-327.22.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.ppc64le.rpm s390x: kernel-3.10.0-327.22.2.el7.s390x.rpm kernel-debug-3.10.0-327.22.2.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-327.22.2.el7.s390x.rpm kernel-debug-devel-3.10.0-327.22.2.el7.s390x.rpm kernel-debuginfo-3.10.0-327.22.2.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-327.22.2.el7.s390x.rpm kernel-devel-3.10.0-327.22.2.el7.s390x.rpm kernel-headers-3.10.0-327.22.2.el7.s390x.rpm kernel-kdump-3.10.0-327.22.2.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-327.22.2.el7.s390x.rpm kernel-kdump-devel-3.10.0-327.22.2.el7.s390x.rpm perf-3.10.0-327.22.2.el7.s390x.rpm perf-debuginfo-3.10.0-327.22.2.el7.s390x.rpm python-perf-3.10.0-327.22.2.el7.s390x.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.s390x.rpm x86_64: kernel-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.22.2.el7.x86_64.rpm kernel-devel-3.10.0-327.22.2.el7.x86_64.rpm kernel-headers-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.22.2.el7.x86_64.rpm perf-3.10.0-327.22.2.el7.x86_64.rpm perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm python-perf-3.10.0-327.22.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: kernel-debug-debuginfo-3.10.0-327.22.2.el7.ppc64.rpm kernel-debuginfo-3.10.0-327.22.2.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-327.22.2.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-327.22.2.el7.ppc64.rpm perf-debuginfo-3.10.0-327.22.2.el7.ppc64.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-327.22.2.el7.ppc64le.rpm kernel-debug-devel-3.10.0-327.22.2.el7.ppc64le.rpm kernel-debuginfo-3.10.0-327.22.2.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-327.22.2.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-327.22.2.el7.ppc64le.rpm perf-debuginfo-3.10.0-327.22.2.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.22.2.el7.x86_64.rpm perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-327.22.2.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-327.22.2.el7.noarch.rpm kernel-doc-3.10.0-327.22.2.el7.noarch.rpm x86_64: kernel-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.22.2.el7.x86_64.rpm kernel-devel-3.10.0-327.22.2.el7.x86_64.rpm kernel-headers-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-327.22.2.el7.x86_64.rpm perf-3.10.0-327.22.2.el7.x86_64.rpm perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm python-perf-3.10.0-327.22.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-327.22.2.el7.x86_64.rpm perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-327.22.2.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-8767 https://access.redhat.com/security/cve/CVE-2016-4565 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/2361921 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXbEDgXlSAg2UNWIIRAvBWAJ9pXeUWeiCDIPPUMQjRdcCK6fxe+QCdHftv gttsq2vUbiFmuHlv1uqB4+k= =DZc1 -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security, bug fix, and enhancement update Advisory ID: RHSA-2016:1301-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1301 Issue date: 2016-06-23 CVE Names: CVE-2015-8767 CVE-2016-3707 CVE-2016-4565 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64 Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64 3. Description: The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a newer upstream version: kernel-rt (3.10.0-327.22.1). This version provides a number of bug fixes and enhancements, including: * [netdrv] ixgbevf: fix spoofed packets with random MAC and use ether_addr_copy instead of memcpy * [mm] mmu_notifier: fix memory corruption * [mm] hugetlbfs: optimize when NUMA=n * [mm] optimize put_mems_allowed() usage * [x86] mm: suitable memory should go to ZONE_MOVABLE * [fs] xfs: fix splice/direct-IO deadlock * [acpi] tables: Add acpi_subtable_proc to ACPI table parsers * [acpi] table: Add new function to get table entries * [net] ipv6: Nonlocal bind * [net] ipv4: bind ip_nonlocal_bind to current netns (BZ#1335747) Security Fix(es): * A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system. (CVE-2016-4565, Important) * A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service. (CVE-2015-8767, Moderate) * A flaw was found in the way the realtime kernel processed specially crafted ICMP echo requests. A remote attacker could use this flaw to trigger a sysrql function based on values in the ICMP packet, allowing them to remotely restart the system. Note that this feature is not enabled by default and requires elevated privileges to be configured. (CVE-2016-3707, Moderate) Red Hat would like to thank Jann Horn for reporting CVE-2016-4565. Bug Fix(es): * Previously, configuration changes to the Hewlett Packard Smart Array (HPSA) driver during I/O operations could set the phys_disk pointer to NULL. Consequently, kernel oops could occur while the HPSA driver was submitting ioaccel2 commands. An upstream patch has been provided to fix this bug, and the oops in the hpsa_scsi_ioaccel_raid_map() function no longer occurs. (BZ#1335411) * In a previous code update one extra spin_lock operation was left untouched. Consequently, a deadlock could occur when looping through cache pages. With this update, the extra lock operation has been removed from the source code and the deadlock no longer occurs in the described situation. (BZ#1327073) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1297389 - CVE-2015-8767 kernel: SCTP denial of service during timeout 1310570 - CVE-2016-4565 kernel: infiniband: Unprivileged process can overwrite kernel memory using rdma_ucm.ko 1327073 - deadlock in fscache code (merge error) 1327484 - CVE-2016-3707 kernel-rt: Sending SysRq command via ICMP echo request 1334459 - rt: Use IPI to trigger RT task push migration instead of pulling 1335747 - kernel-rt: update to the RHEL7.2.z batch#5 source tree 6. Package List: Red Hat Enterprise Linux for Real Time for NFV (v. 7): Source: kernel-rt-3.10.0-327.22.2.rt56.230.el7_2.src.rpm noarch: kernel-rt-doc-3.10.0-327.22.2.rt56.230.el7_2.noarch.rpm x86_64: kernel-rt-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debug-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debug-devel-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debug-kvm-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debug-kvm-debuginfo-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debuginfo-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-devel-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-kvm-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-kvm-debuginfo-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-trace-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-trace-devel-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-trace-kvm-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-trace-kvm-debuginfo-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm Red Hat Enterprise Linux Realtime (v. 7): Source: kernel-rt-3.10.0-327.22.2.rt56.230.el7_2.src.rpm noarch: kernel-rt-doc-3.10.0-327.22.2.rt56.230.el7_2.noarch.rpm x86_64: kernel-rt-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debug-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debug-devel-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debuginfo-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-devel-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-trace-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm kernel-rt-trace-devel-3.10.0-327.22.2.rt56.230.el7_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-8767 https://access.redhat.com/security/cve/CVE-2016-3707 https://access.redhat.com/security/cve/CVE-2016-4565 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXbEGKXlSAg2UNWIIRApryAJ9yae6BE4tOcsTMSQ6a98gExb1cCgCcD17S OsYAqueNRn2U5OyUTWkaruY= =5bru -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: ocaml security update Advisory ID: RHSA-2016:1296-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1296 Issue date: 2016-06-23 CVE Names: CVE-2015-8869 ===================================================================== 1. Summary: An update for ocaml is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive top level system, parsing tools (Lex, Yacc, Camlp4), a replay debugger, a documentation generator, and a comprehensive library. Security Fix(es): * OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be sign-extended from 32- to 64-bits before being passed to the memmove function. This leads to arguments between 2GiB and 4GiB being interpreted as larger than they are (specifically, a bit below 2^64), causing a buffer overflow. Further, arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be, causing a possible information leak. (CVE-2015-8869) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1332090 - CVE-2015-8869 ocaml: sizes arguments are sign-extended from 32 to 64 bits 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: ocaml-4.01.0-22.7.el7_2.src.rpm x86_64: ocaml-4.01.0-22.7.el7_2.x86_64.rpm ocaml-camlp4-4.01.0-22.7.el7_2.x86_64.rpm ocaml-camlp4-devel-4.01.0-22.7.el7_2.x86_64.rpm ocaml-compiler-libs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-debuginfo-4.01.0-22.7.el7_2.x86_64.rpm ocaml-docs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-emacs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-labltk-4.01.0-22.7.el7_2.x86_64.rpm ocaml-labltk-devel-4.01.0-22.7.el7_2.x86_64.rpm ocaml-ocamldoc-4.01.0-22.7.el7_2.x86_64.rpm ocaml-runtime-4.01.0-22.7.el7_2.x86_64.rpm ocaml-source-4.01.0-22.7.el7_2.x86_64.rpm ocaml-x11-4.01.0-22.7.el7_2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: ocaml-4.01.0-22.7.el7_2.src.rpm x86_64: ocaml-4.01.0-22.7.el7_2.x86_64.rpm ocaml-camlp4-4.01.0-22.7.el7_2.x86_64.rpm ocaml-camlp4-devel-4.01.0-22.7.el7_2.x86_64.rpm ocaml-compiler-libs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-debuginfo-4.01.0-22.7.el7_2.x86_64.rpm ocaml-docs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-emacs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-labltk-4.01.0-22.7.el7_2.x86_64.rpm ocaml-labltk-devel-4.01.0-22.7.el7_2.x86_64.rpm ocaml-ocamldoc-4.01.0-22.7.el7_2.x86_64.rpm ocaml-runtime-4.01.0-22.7.el7_2.x86_64.rpm ocaml-source-4.01.0-22.7.el7_2.x86_64.rpm ocaml-x11-4.01.0-22.7.el7_2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): Source: ocaml-4.01.0-22.7.el7_2.src.rpm ppc64: ocaml-4.01.0-22.7.el7_2.ppc64.rpm ocaml-camlp4-4.01.0-22.7.el7_2.ppc64.rpm ocaml-camlp4-devel-4.01.0-22.7.el7_2.ppc64.rpm ocaml-compiler-libs-4.01.0-22.7.el7_2.ppc64.rpm ocaml-debuginfo-4.01.0-22.7.el7_2.ppc64.rpm ocaml-docs-4.01.0-22.7.el7_2.ppc64.rpm ocaml-emacs-4.01.0-22.7.el7_2.ppc64.rpm ocaml-labltk-4.01.0-22.7.el7_2.ppc64.rpm ocaml-labltk-devel-4.01.0-22.7.el7_2.ppc64.rpm ocaml-ocamldoc-4.01.0-22.7.el7_2.ppc64.rpm ocaml-runtime-4.01.0-22.7.el7_2.ppc64.rpm ocaml-source-4.01.0-22.7.el7_2.ppc64.rpm ocaml-x11-4.01.0-22.7.el7_2.ppc64.rpm ppc64le: ocaml-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-camlp4-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-camlp4-devel-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-compiler-libs-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-debuginfo-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-docs-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-emacs-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-labltk-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-labltk-devel-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-ocamldoc-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-runtime-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-source-4.01.0-22.7.el7_2.ppc64le.rpm ocaml-x11-4.01.0-22.7.el7_2.ppc64le.rpm s390x: ocaml-4.01.0-22.7.el7_2.s390x.rpm ocaml-camlp4-4.01.0-22.7.el7_2.s390x.rpm ocaml-camlp4-devel-4.01.0-22.7.el7_2.s390x.rpm ocaml-compiler-libs-4.01.0-22.7.el7_2.s390x.rpm ocaml-debuginfo-4.01.0-22.7.el7_2.s390x.rpm ocaml-docs-4.01.0-22.7.el7_2.s390x.rpm ocaml-emacs-4.01.0-22.7.el7_2.s390x.rpm ocaml-labltk-4.01.0-22.7.el7_2.s390x.rpm ocaml-labltk-devel-4.01.0-22.7.el7_2.s390x.rpm ocaml-ocamldoc-4.01.0-22.7.el7_2.s390x.rpm ocaml-runtime-4.01.0-22.7.el7_2.s390x.rpm ocaml-source-4.01.0-22.7.el7_2.s390x.rpm ocaml-x11-4.01.0-22.7.el7_2.s390x.rpm x86_64: ocaml-4.01.0-22.7.el7_2.x86_64.rpm ocaml-camlp4-4.01.0-22.7.el7_2.x86_64.rpm ocaml-camlp4-devel-4.01.0-22.7.el7_2.x86_64.rpm ocaml-compiler-libs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-debuginfo-4.01.0-22.7.el7_2.x86_64.rpm ocaml-docs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-emacs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-labltk-4.01.0-22.7.el7_2.x86_64.rpm ocaml-labltk-devel-4.01.0-22.7.el7_2.x86_64.rpm ocaml-ocamldoc-4.01.0-22.7.el7_2.x86_64.rpm ocaml-runtime-4.01.0-22.7.el7_2.x86_64.rpm ocaml-source-4.01.0-22.7.el7_2.x86_64.rpm ocaml-x11-4.01.0-22.7.el7_2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): Source: ocaml-4.01.0-22.7.el7_2.src.rpm x86_64: ocaml-4.01.0-22.7.el7_2.x86_64.rpm ocaml-camlp4-4.01.0-22.7.el7_2.x86_64.rpm ocaml-camlp4-devel-4.01.0-22.7.el7_2.x86_64.rpm ocaml-compiler-libs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-debuginfo-4.01.0-22.7.el7_2.x86_64.rpm ocaml-docs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-emacs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-labltk-4.01.0-22.7.el7_2.x86_64.rpm ocaml-labltk-devel-4.01.0-22.7.el7_2.x86_64.rpm ocaml-ocamldoc-4.01.0-22.7.el7_2.x86_64.rpm ocaml-runtime-4.01.0-22.7.el7_2.x86_64.rpm ocaml-source-4.01.0-22.7.el7_2.x86_64.rpm ocaml-x11-4.01.0-22.7.el7_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-8869 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXbEFFXlSAg2UNWIIRAs92AKChir6K9yzmb4pqiONlCyjpFTvqcACePv55 MenhYSW4Y0bnpnjmo3U5Xws= =/nKN -----END PGP SIGNATURE----- --

CentOS Errata and Bugfix Advisory 2016:1294 Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-1294.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: db6280bd49fab1aebe5c0a18e0ed4409527190ceaeec55375be1b9b93cf40925 samba3x-3.6.23-13.el5_11.i386.rpm 45c0418361b6e045092d147d3a08c9b888aeb34461a6a0fab4e97d5d0468555d samba3x-client-3.6.23-13.el5_11.i386.rpm 9d1814bc47224b329cd5a50fab7795bcbda2d44cc3ed290b4ab68ab9b53080ad samba3x-common-3.6.23-13.el5_11.i386.rpm 70e8438e2ddf05340a20fffd433f70255e2d24b8d1e83e97315ff02b986559b1 samba3x-doc-3.6.23-13.el5_11.i386.rpm 5e1581a715059ee47c2042b3a25eb5982e8fc6b86840ba8463708906d5205a98 samba3x-domainjoin-gui-3.6.23-13.el5_11.i386.rpm c9f6c982c828dfa891b03ee6db544690d96a48382ac041ca0fd39a24945802be samba3x-swat-3.6.23-13.el5_11.i386.rpm e12ddea00b03ab987c0d11d2fe9913557bd070d67eb88c9ff842b92f7357a05c samba3x-winbind-3.6.23-13.el5_11.i386.rpm 8c3704d427f274a05987dbf745012e4a074ed4e474d7fdce90f3224c4f80e8cb samba3x-winbind-devel-3.6.23-13.el5_11.i386.rpm x86_64: d8826ebf84a77cbe932494ba30967aadf791f818e052f2bf72b65df7a5db0d08 samba3x-3.6.23-13.el5_11.x86_64.rpm b75926a3cc8e4cb82ed3bbefc721aaed27528efbd6ca252fe09031cf6b56eced samba3x-client-3.6.23-13.el5_11.x86_64.rpm 3a8d45ba23377e1c635af8300b44e59b7f20634de8453d3062caf1b8ed768877 samba3x-common-3.6.23-13.el5_11.x86_64.rpm f91cf8bb3582e4fc983520e6bde2bd62f4ccfbf67055f1e71f7a68f42c5c4010 samba3x-doc-3.6.23-13.el5_11.x86_64.rpm 2a880dfc6ed9ab2ed03e35d367239b52e489c56d8da220590418ce4bd933b14e samba3x-domainjoin-gui-3.6.23-13.el5_11.x86_64.rpm a59d3903e869630377722de0bb8c12e3b1f68617a2d0aa2ab086fb976f26a0fb samba3x-swat-3.6.23-13.el5_11.x86_64.rpm e12ddea00b03ab987c0d11d2fe9913557bd070d67eb88c9ff842b92f7357a05c samba3x-winbind-3.6.23-13.el5_11.i386.rpm 23fb640a2930cb0028fa77a3d02570f42675ccda744b58074485d8069a0a374a samba3x-winbind-3.6.23-13.el5_11.x86_64.rpm 8c3704d427f274a05987dbf745012e4a074ed4e474d7fdce90f3224c4f80e8cb samba3x-winbind-devel-3.6.23-13.el5_11.i386.rpm ec54d44a7cef392c89a66458bda0d6697f94d98fc1831ae05cee086067b010cb samba3x-winbind-devel-3.6.23-13.el5_11.x86_64.rpm Source: e7cb91db83aabe0f04aee2572914de3d54bcbf454c6db688e2e7ef33f7b5fa01 samba3x-3.6.23-13.el5_11.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: JohnnyCentOS _______________________________________________

CentOS Errata and Security Advisory 2016:1292 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-1292.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 56558f0128bbf150cf6d7a1c1ef3ce09564150a1e7cbc9680e4d6e3684b5888d libxml2-2.7.6-21.el6_8.1.i686.rpm 096308ecb4919094c34267f12dd5b06755194255b80132227c21aa44dbfac09d libxml2-devel-2.7.6-21.el6_8.1.i686.rpm 9b9b3a20a41027220df6ea0925efa4f1d1077ef0b8e54c5f0e8145db95efecab libxml2-python-2.7.6-21.el6_8.1.i686.rpm c14ca5848215a0d9b76fb971eda5219cf01f7eb3423cb96989eea10e2d0613a6 libxml2-static-2.7.6-21.el6_8.1.i686.rpm x86_64: 56558f0128bbf150cf6d7a1c1ef3ce09564150a1e7cbc9680e4d6e3684b5888d libxml2-2.7.6-21.el6_8.1.i686.rpm ff0ee13d07fcec255c1787a03ba982346e7e79dd03112649707eba3154858e14 libxml2-2.7.6-21.el6_8.1.x86_64.rpm 096308ecb4919094c34267f12dd5b06755194255b80132227c21aa44dbfac09d libxml2-devel-2.7.6-21.el6_8.1.i686.rpm 0eaf1b49a15187f19b9ecf1d54877f00f72b25b73c76154225e4029f4136e64c libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm 50ab8df191f01436e9bd1e77049311cb8ca1b95ef9d55bcd7aca4bf327fecbb1 libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm 5feb6b4d5b79e797f9f09d00aeac6287914f397b89e70a7029b131836454c9d3 libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Source: 224a4e6bfaa4eb5c88f476ebf836cafe674241c1d19ee9af835385cd82c5d89f libxml2-2.7.6-21.el6_8.1.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

View this email in your browser (http://us3.campaign-archive2.com/?u=efc4c507c2cf964fc2462caca&id=9db48125c6&e=0c004f9c13) For many users, one monitor just isn’t enough. Sometimes, two displays won’t cut it either. If your latest project has you searching for multiple, high-end monitors, you’re likely going to be looking at professional workhorses like NEC’s MultiSync EA305WMi. The venerable display maker designed this 30-inch monitor specifically for multi-monitor configurations and added something it calls ControlSync technology, so you can manage multiple displays from a single interface. The MultiSync EA305WMi is a 30-inch (29.8-inch viewable area) monitor with a 2560x1600 resolution in a 16:10 aspect ratio. Although displays with 3840x2160 UHD resolution have been hogging the spotlight recently, 2560x1600 still makes for incredibly detailed images, and you won't have to deal with the scaling issues associated with HiDPI displays and legacy applications in Windows... NEC MultiSync EA305WMi Professional Monitor With ControlSync Review (http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=103f992a16&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=eaf612e609&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=9940afebec&e=0c004f9c13 Best Regards, HotHardware.com http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=585a0a7766&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=dc94717577&e=0c004f9c13 http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=11c614c52a&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=a00305c036&e=0c004f9c13 ============================================================

Dell Latitude 13 7370 Ultrabook Review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=3a2cdc4b06&e=872093acb5 http://www.kitguru.net Dell Latitude 13 7370 Ultrabook Review Traditionally, Ultrabooks command a high premium. After all, you are getting a high-performance laptop, crammed with the latest features, with typically slim and lightweight bodies. Let’s not forget, too, that Intel has to certify a laptop as an Ultrabook before it can be sold using the Ultrabook name – so you are paying for bragging rights, too. As such, it cannot be much of a surprise that pricing for the Dell Latitude 13 7370 starts at £1179. Read the review here: http://www.kitguru.net/laptops/dominic-moass/dell-latitude-13-7370-ultrabook-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=3a2cdc4b06&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

As E3 2016 comes to a close, it's that time again for our annual E3 Cosplay/Booth Babe/Booth Dude! This year's edition had all sorts of cute, cool, and [censored]y things signifying a shift away from just [censored]y people. We definitely took pictures of booth babes, models, cosplayers, fast cars, modded computers, and Naughty America's VR adult entertainment booth, but we also saw and heard some live music performances and found a good number of set pieces for photo opportunities. The ubiquity of selfies and social media has driven this shift towards inclusiveness, where E3 attendees have more ways of expressing their own flavor... Article Title: Cosplay, Booth Babe and Booth Dude Photos From E3 2016 ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/cosplay-booth-babe-booth-dude-photos-e3-2016_182653 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/news// =

17" laptops have long been maligned for their bulk, but the onward march of technology means one can now get a big machine like Gigabyte's P57W that's slim and trim. We put this large laptop to the test to see whether gamers on the go should go big. Read more: http://techreport.com/review/30219/gigabyte-p57w-gaming-laptop-reviewed --- The Tech Report - PC Hardware Explored http://techreport.com -- To unsubscribe from: TR-News, just follow this link: http://node1.techreport.com/cgi-bin/dada/mail.cgi/u/trnews/reviewnews// Click this link, or copy and paste the address into your browser.

Crucial MX300 750GB Solid State Drive Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/crucial-mx300-750gb-solid-state-drive-review/ Image URL: http://www.thinkcomputers.org/reviews/crucial_mx300/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/crucial_mx300/small.jpg Quote: "3D NAND is something we started talking about two years ago when Samsung released their 850 Pro solid state drive which was the first consumer solid state drive to feature 3D NAND.  With the launch of the MX300 Series Crucial becomes the second company to use 3D NAND in a consumer solid state drive.  The drive is engineered with Micron 3D NAND technology, resulting in an endurance rating of up to 220TB total bytes written by leveraging larger NAND cells to deliver top-notch performance and prolong endurance. Furthermore, Dynamic Write Acceleration, a technology that uses an adaptable pool of high-speed and single-level cell flash memory,  enables faster saves and file transfers.  Compared to 16nm planar NAND, Micron’s 3D TLC NAND triples that density.  This not only will help lower solid state drive pricing, but also enable higher capacity drives.  Currently the MX300 is only available in a 750GB capacity, which has a price of only $199.99."

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: libxml2 security update Advisory ID: RHSA-2016:1292-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1292 Issue date: 2016-06-23 CVE Names: CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-3627 CVE-2016-3705 CVE-2016-4447 CVE-2016-4448 CVE-2016-4449 ===================================================================== 1. Summary: An update for libxml2 is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fix(es): A heap-based buffer overflow flaw was found in the way libxml2 parsed certain crafted XML input. A remote attacker could provide a specially crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or execute arbitrary code with the permissions of the user running the application. (CVE-2016-1834, CVE-2016-1840) Multiple denial of service flaws were found in libxml2. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, could cause that application to crash. (CVE-2016-1762, CVE-2016-1833, CVE-2016-1835, CVE-2016-1836, CVE-2016-1837, CVE-2016-1838, CVE-2016-1839, CVE-2016-3627, CVE-2016-3705, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 For the update to take effect, all applications linked to the libxml2 library must be restarted, or the system rebooted. 5. Bugs fixed (https://bugzilla.redhat.com/): 1319829 - CVE-2016-3627 libxml2: stack exhaustion while parsing xml files in recovery mode 1332443 - CVE-2016-3705 libxml2: stack overflow before detecting invalid XML file 1338682 - CVE-2016-1833 libxml2: Heap-based buffer overread in htmlCurrentChar 1338686 - CVE-2016-4447 libxml2: Heap-based buffer underreads due to xmlParseName 1338691 - CVE-2016-1835 libxml2: Heap use-after-free in xmlSAX2AttributeNs 1338696 - CVE-2016-1837 libxml2: Heap use-after-free in htmlPArsePubidLiteral and htmlParseSystemiteral 1338700 - CVE-2016-4448 libxml2: Format string vulnerability 1338701 - CVE-2016-4449 libxml2: Inappropriate fetch of entities content 1338702 - CVE-2016-1836 libxml2: Heap use-after-free in xmlDictComputeFastKey 1338703 - CVE-2016-1839 libxml2: Heap-based buffer overread in xmlDictAddString 1338705 - CVE-2016-1838 libxml2: Heap-based buffer overread in xmlPArserPrintFileContextInternal 1338706 - CVE-2016-1840 libxml2: Heap-buffer-overflow in xmlFAParserPosCharGroup 1338708 - CVE-2016-1834 libxml2: Heap-buffer-overflow in xmlStrncat 1338711 - CVE-2016-1762 libxml2: Heap-based buffer-overread in xmlNextChar 6. Package List: Red Hat Enterprise Linux HPC Node (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm i386: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-python-2.7.6-21.el6_8.1.i686.rpm ppc64: libxml2-2.7.6-21.el6_8.1.ppc.rpm libxml2-2.7.6-21.el6_8.1.ppc64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.ppc.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm libxml2-devel-2.7.6-21.el6_8.1.ppc.rpm libxml2-devel-2.7.6-21.el6_8.1.ppc64.rpm libxml2-python-2.7.6-21.el6_8.1.ppc64.rpm s390x: libxml2-2.7.6-21.el6_8.1.s390.rpm libxml2-2.7.6-21.el6_8.1.s390x.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.s390.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm libxml2-devel-2.7.6-21.el6_8.1.s390.rpm libxml2-devel-2.7.6-21.el6_8.1.s390x.rpm libxml2-python-2.7.6-21.el6_8.1.s390x.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-static-2.7.6-21.el6_8.1.i686.rpm ppc64: libxml2-debuginfo-2.7.6-21.el6_8.1.ppc64.rpm libxml2-static-2.7.6-21.el6_8.1.ppc64.rpm s390x: libxml2-debuginfo-2.7.6-21.el6_8.1.s390x.rpm libxml2-static-2.7.6-21.el6_8.1.s390x.rpm x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: libxml2-2.7.6-21.el6_8.1.src.rpm i386: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-python-2.7.6-21.el6_8.1.i686.rpm x86_64: libxml2-2.7.6-21.el6_8.1.i686.rpm libxml2-2.7.6-21.el6_8.1.x86_64.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-devel-2.7.6-21.el6_8.1.i686.rpm libxml2-devel-2.7.6-21.el6_8.1.x86_64.rpm libxml2-python-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: libxml2-debuginfo-2.7.6-21.el6_8.1.i686.rpm libxml2-static-2.7.6-21.el6_8.1.i686.rpm x86_64: libxml2-debuginfo-2.7.6-21.el6_8.1.x86_64.rpm libxml2-static-2.7.6-21.el6_8.1.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm ppc64: libxml2-2.9.1-6.el7_2.3.ppc.rpm libxml2-2.9.1-6.el7_2.3.ppc64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc64.rpm libxml2-python-2.9.1-6.el7_2.3.ppc64.rpm ppc64le: libxml2-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-devel-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-python-2.9.1-6.el7_2.3.ppc64le.rpm s390x: libxml2-2.9.1-6.el7_2.3.s390.rpm libxml2-2.9.1-6.el7_2.3.s390x.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm libxml2-devel-2.9.1-6.el7_2.3.s390.rpm libxml2-devel-2.9.1-6.el7_2.3.s390x.rpm libxml2-python-2.9.1-6.el7_2.3.s390x.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: libxml2-debuginfo-2.9.1-6.el7_2.3.ppc.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64.rpm libxml2-static-2.9.1-6.el7_2.3.ppc.rpm libxml2-static-2.9.1-6.el7_2.3.ppc64.rpm ppc64le: libxml2-debuginfo-2.9.1-6.el7_2.3.ppc64le.rpm libxml2-static-2.9.1-6.el7_2.3.ppc64le.rpm s390x: libxml2-debuginfo-2.9.1-6.el7_2.3.s390.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.s390x.rpm libxml2-static-2.9.1-6.el7_2.3.s390.rpm libxml2-static-2.9.1-6.el7_2.3.s390x.rpm x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: libxml2-2.9.1-6.el7_2.3.src.rpm x86_64: libxml2-2.9.1-6.el7_2.3.i686.rpm libxml2-2.9.1-6.el7_2.3.x86_64.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-devel-2.9.1-6.el7_2.3.i686.rpm libxml2-devel-2.9.1-6.el7_2.3.x86_64.rpm libxml2-python-2.9.1-6.el7_2.3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libxml2-debuginfo-2.9.1-6.el7_2.3.i686.rpm libxml2-debuginfo-2.9.1-6.el7_2.3.x86_64.rpm libxml2-static-2.9.1-6.el7_2.3.i686.rpm libxml2-static-2.9.1-6.el7_2.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1762 https://access.redhat.com/security/cve/CVE-2016-1833 https://access.redhat.com/security/cve/CVE-2016-1834 https://access.redhat.com/security/cve/CVE-2016-1835 https://access.redhat.com/security/cve/CVE-2016-1836 https://access.redhat.com/security/cve/CVE-2016-1837 https://access.redhat.com/security/cve/CVE-2016-1838 https://access.redhat.com/security/cve/CVE-2016-1839 https://access.redhat.com/security/cve/CVE-2016-1840 https://access.redhat.com/security/cve/CVE-2016-3627 https://access.redhat.com/security/cve/CVE-2016-3705 https://access.redhat.com/security/cve/CVE-2016-4447 https://access.redhat.com/security/cve/CVE-2016-4448 https://access.redhat.com/security/cve/CVE-2016-4449 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXa8B8XlSAg2UNWIIRAh9ZAJ99xgPhOaIopIxmynm+vlDcmw4jFACeLvTm ZsVLEgJAF0Zt6xZVzqvVW7U= =fREV -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: setroubleshoot and setroubleshoot-plugins security update Advisory ID: RHSA-2016:1293-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2016:1293 Issue date: 2016-06-23 CVE Names: CVE-2016-4444 CVE-2016-4446 CVE-2016-4989 ===================================================================== 1. Summary: An update for setroubleshoot and setroubleshoot-plugins is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 3. Description: The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache (AVC) messages are returned, an alert can be generated that provides information about the problem and helps to track its resolution. The setroubleshoot-plugins package provides a set of analysis plugins for use with setroubleshoot. Each plugin has the capacity to analyze SELinux AVC data and system data to provide user friendly reports describing how to interpret SELinux AVC denials. Security Fix(es): * Shell command injection flaws were found in the way the setroubleshoot executed external commands. A local attacker able to trigger certain SELinux denials could use these flaws to execute arbitrary code with privileges of the setroubleshoot user. (CVE-2016-4989) * Shell command injection flaws were found in the way the setroubleshoot allow_execmod and allow_execstack plugins executed external commands. A local attacker able to trigger an execmod or execstack SELinux denial could use these flaws to execute arbitrary code with privileges of the setroubleshoot user. (CVE-2016-4444, CVE-2016-4446) The CVE-2016-4444 and CVE-2016-4446 issues were discovered by Milos Malik (Red Hat) and the CVE-2016-4989 issue was discovered by Red Hat Product Security. Note: On Red Hat Enterprise Linux 7.0 and 7.1, the setroubleshoot is run with root privileges. Therefore, these issues could allow an attacker to execute arbitrary code with root privileges. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1332644 - CVE-2016-4444 setroubleshoot-plugins: insecure commands.getstatusoutput use in the allow_execmod plugin 1339250 - CVE-2016-4446 setroubleshoot-plugins: insecure commands.getoutput use in the allow_execstack plugin 1346461 - CVE-2016-4989 setroubleshoot: command injection issues 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: setroubleshoot-3.2.24-4.el7_2.src.rpm setroubleshoot-plugins-3.0.59-2.el7_2.src.rpm noarch: setroubleshoot-plugins-3.0.59-2.el7_2.noarch.rpm x86_64: setroubleshoot-3.2.24-4.el7_2.x86_64.rpm setroubleshoot-debuginfo-3.2.24-4.el7_2.x86_64.rpm setroubleshoot-server-3.2.24-4.el7_2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: setroubleshoot-3.2.24-4.el7_2.src.rpm setroubleshoot-plugins-3.0.59-2.el7_2.src.rpm noarch: setroubleshoot-plugins-3.0.59-2.el7_2.noarch.rpm ppc64: setroubleshoot-3.2.24-4.el7_2.ppc64.rpm setroubleshoot-debuginfo-3.2.24-4.el7_2.ppc64.rpm setroubleshoot-server-3.2.24-4.el7_2.ppc64.rpm ppc64le: setroubleshoot-3.2.24-4.el7_2.ppc64le.rpm setroubleshoot-debuginfo-3.2.24-4.el7_2.ppc64le.rpm setroubleshoot-server-3.2.24-4.el7_2.ppc64le.rpm s390x: setroubleshoot-3.2.24-4.el7_2.s390x.rpm setroubleshoot-debuginfo-3.2.24-4.el7_2.s390x.rpm setroubleshoot-server-3.2.24-4.el7_2.s390x.rpm x86_64: setroubleshoot-3.2.24-4.el7_2.x86_64.rpm setroubleshoot-debuginfo-3.2.24-4.el7_2.x86_64.rpm setroubleshoot-server-3.2.24-4.el7_2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: setroubleshoot-3.2.24-4.el7_2.src.rpm setroubleshoot-plugins-3.0.59-2.el7_2.src.rpm noarch: setroubleshoot-plugins-3.0.59-2.el7_2.noarch.rpm x86_64: setroubleshoot-3.2.24-4.el7_2.x86_64.rpm setroubleshoot-debuginfo-3.2.24-4.el7_2.x86_64.rpm setroubleshoot-server-3.2.24-4.el7_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-4444 https://access.redhat.com/security/cve/CVE-2016-4446 https://access.redhat.com/security/cve/CVE-2016-4989 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXa8EmXlSAg2UNWIIRApvkAKCI9L96Fz2h4VJdeJ8+wIlCeitfowCgk/uX 0WSuYqvfNoXDXQNq5OqvlFk= =Fhre -----END PGP SIGNATURE----- --

openSUSE Security Update: Security update for mariadb ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:1664-1 Rating: important References: #963806 #963810 #970287 #970295 #979524 #980904 Cross-References: CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597 CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609 CVE-2016-0616 CVE-2016-0640 CVE-2016-0641 CVE-2016-0642 CVE-2016-0643 CVE-2016-0644 CVE-2016-0646 CVE-2016-0647 CVE-2016-0648 CVE-2016-0649 CVE-2016-0650 CVE-2016-0651 CVE-2016-0655 CVE-2016-0666 CVE-2016-0668 CVE-2016-2047 Affected Products: openSUSE 13.2 ______________________________________________________________________________ An update that fixes 25 vulnerabilities is now available. Description: mariadb was updated to version 10.0.25 to fix 25 security issues. These security issues were fixed: - CVE-2016-0505: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Options (bsc#980904). - CVE-2016-0546: Unspecified vulnerability allowed local users to affect confidentiality, integrity, and availability via unknown vectors related to Client (bsc#980904). - CVE-2016-0596: Unspecified vulnerability allowed remote authenticated users to affect availability via vectors related to DML (bsc#980904). - CVE-2016-0597: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Optimizer (bsc#980904). - CVE-2016-0598: Unspecified vulnerability allowed remote authenticated users to affect availability via vectors related to DML (bsc#980904). - CVE-2016-0600: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to InnoDB (bsc#980904). - CVE-2016-0606: Unspecified vulnerability allowed remote authenticated users to affect integrity via unknown vectors related to encryption (bsc#980904). - CVE-2016-0608: Unspecified vulnerability allowed remote authenticated users to affect availability via vectors related to UDF (bsc#980904). - CVE-2016-0609: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to privileges (bsc#980904). - CVE-2016-0616: Unspecified vulnerability allowed remote authenticated users to affect availability via unknown vectors related to Optimizer (bsc#980904). - CVE-2016-0640: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to DML (bsc#980904). - CVE-2016-0641: Unspecified vulnerability allowed local users to affect confidentiality and availability via vectors related to InnoDB (bsc#980904). - CVE-2016-0642: Unspecified vulnerability allowed local users to affect integrity and availability via vectors related to Federated (bsc#980904). - CVE-2016-0643: Unspecified vulnerability allowed local users to affect confidentiality via vectors related to DML (bsc#980904). - CVE-2016-0644: Unspecified vulnerability allowed local users to affect availability via vectors related to DDL (bsc#980904). - CVE-2016-0646: Unspecified vulnerability allowed local users to affect availability via vectors related to DML (bsc#980904). - CVE-2016-0647: Unspecified vulnerability allowed local users to affect availability via vectors related to FTS (bsc#980904). - CVE-2016-0648: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#980904). - CVE-2016-0649: Unspecified vulnerability allowed local users to affect availability via vectors related to PS (bsc#980904). - CVE-2016-0650: Unspecified vulnerability allowed local users to affect availability via vectors related to Replication (bsc#980904). - CVE-2016-0651: Unspecified vulnerability allowed local users to affect availability via vectors related to Optimizer (bsc#980904). - CVE-2016-0655: Unspecified vulnerability allowed local users to affect availability via vectors related to InnoDB (bsc#980904). - CVE-2016-0666: Unspecified vulnerability allowed local users to affect availability via vectors related to Security: Privileges (bsc#980904). - CVE-2016-0668: Unspecified vulnerability allowed local users to affect availability via vectors related to InnoDB (bsc#980904). - CVE-2016-2047: The ssl_verify_server_cert function in sql-common/client.c did not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allowed man-in-the-middle attackers to spoof SSL servers via a "/CN=" string in a field in a certificate, as demonstrated by "/OU=/CN=bar.com/CN=foo.com (bsc#963806). These non-security issues were fixed: - bsc#970295: Fix the leftovers of "logrotate.d/mysql" string in the logrotate error message. Occurrences of this string were changed to "logrotate.d/mariadb" - bsc#963810: Add 'log-error' and 'secure-file-priv' configuration options * add '/etc/my.cnf.d/error_log.conf' that specifies 'log-error = /var/log/mysql/mysqld.log'. If no path is set, the error log is written to '/var/lib/mysql/$HOSTNAME.err', which is not picked up by logrotate. * add '/etc/my.cnf.d/secure_file_priv.conf' which specifies that 'LOAD DATA', 'SELECT ... INTO' and 'LOAD FILE()' will only work with files in the directory specified by 'secure-file-priv' option (='/var/lib/mysql-files'). - Temporarily disable OQGraph. It seems to need the boost library with the version not earlier than 1.40 and not later than 1.55 (MDEV-9479) - boo#979524: Don't remove HandlerSocket plugin - boo#970287: Add "BuildRequires: jemalloc-devel" in order to allow enabling of the TokuDB plugin - run 'usermod -g mysql mysql' only if mysql user is not in mysql group. Run 'usermod -s /bin/false/ mysql' only if mysql user doesn't have '/bin/false' shell set. - Re-enable profiling support Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2016-761=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i586 x86_64): libmysqlclient-devel-10.0.25-2.24.1 libmysqlclient18-10.0.25-2.24.1 libmysqlclient18-debuginfo-10.0.25-2.24.1 libmysqlclient_r18-10.0.25-2.24.1 libmysqld-devel-10.0.25-2.24.1 libmysqld18-10.0.25-2.24.1 libmysqld18-debuginfo-10.0.25-2.24.1 mariadb-10.0.25-2.24.1 mariadb-bench-10.0.25-2.24.1 mariadb-bench-debuginfo-10.0.25-2.24.1 mariadb-client-10.0.25-2.24.1 mariadb-client-debuginfo-10.0.25-2.24.1 mariadb-debuginfo-10.0.25-2.24.1 mariadb-debugsource-10.0.25-2.24.1 mariadb-errormessages-10.0.25-2.24.1 mariadb-test-10.0.25-2.24.1 mariadb-test-debuginfo-10.0.25-2.24.1 mariadb-tools-10.0.25-2.24.1 mariadb-tools-debuginfo-10.0.25-2.24.1 - openSUSE 13.2 (x86_64): libmysqlclient18-32bit-10.0.25-2.24.1 libmysqlclient18-debuginfo-32bit-10.0.25-2.24.1 libmysqlclient_r18-32bit-10.0.25-2.24.1 References: https://www.suse.com/security/cve/CVE-2016-0505.html https://www.suse.com/security/cve/CVE-2016-0546.html https://www.suse.com/security/cve/CVE-2016-0596.html https://www.suse.com/security/cve/CVE-2016-0597.html https://www.suse.com/security/cve/CVE-2016-0598.html https://www.suse.com/security/cve/CVE-2016-0600.html https://www.suse.com/security/cve/CVE-2016-0606.html https://www.suse.com/security/cve/CVE-2016-0608.html https://www.suse.com/security/cve/CVE-2016-0609.html https://www.suse.com/security/cve/CVE-2016-0616.html https://www.suse.com/security/cve/CVE-2016-0640.html https://www.suse.com/security/cve/CVE-2016-0641.html https://www.suse.com/security/cve/CVE-2016-0642.html https://www.suse.com/security/cve/CVE-2016-0643.html https://www.suse.com/security/cve/CVE-2016-0644.html https://www.suse.com/security/cve/CVE-2016-0646.html https://www.suse.com/security/cve/CVE-2016-0647.html https://www.suse.com/security/cve/CVE-2016-0648.html https://www.suse.com/security/cve/CVE-2016-0649.html https://www.suse.com/security/cve/CVE-2016-0650.html https://www.suse.com/security/cve/CVE-2016-0651.html https://www.suse.com/security/cve/CVE-2016-0655.html https://www.suse.com/security/cve/CVE-2016-0666.html https://www.suse.com/security/cve/CVE-2016-0668.html https://www.suse.com/security/cve/CVE-2016-2047.html https://bugzilla.suse.com/963806 https://bugzilla.suse.com/963810 https://bugzilla.suse.com/970287 https://bugzilla.suse.com/970295 https://bugzilla.suse.com/979524 https://bugzilla.suse.com/980904 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

*GeForce GTX 1070 2-way SLI review* We grab two MSI GeForce GTX 1070 Gaming X editions graphics cards and set them up in 2-way multi-GPU SLI. We'll obviously focus at Ultra HD performance as well as a micro stuttering analysis with the help of FCAT. Join us in this review where we'll once again look at everything. Read the full article right here <http://www.guru3d.com/articles-pages/geforce-gtx-1070-2-way-sli-review,1.html>'>http://www.guru3d.com/articles-pages/geforce-gtx-1070-2-way-sli-review,1.html> . URL: http://www.guru3d.com/articles-pages/geforce-gtx-1070-2-way-sli-review,1.html <http://www.guru3d.com/articles-pages/geforce-gtx-1070-2-way-sli-review,1.html> --

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: COUGAR ATTACK X3 Link: http://www.techpowerup.com/reviews/Cougar/Attack_X3 Brief: The COUGAR ATTACK X3 is here for gamers who want a keyboard that is feature rich, but priced low. Fully configurable key functions, macro support, and Cherry MX switches all enable COUGAR to compete in a very lucrative market.

http://benchmarkreviews.us10.list-manage2.com/track/click?u=9a2f239b17114c9008e3dfda9&id=8be320b3ab&e=8138df6da5 ** Benchmark Reviews Presents: ------------------------------------------------------------ toshiba_rd400_box TITLE: OCZ RD400 PCIe NVMe SSD Review (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=433b36be82&e=8138df6da5) QUOTE: These days, better performance can be achieved with a PCIEx4 SSD in the m.2 form factor, mounted on a simple PCIe adapter card (that you don’t have to use if your motherboard has an m.2 slot). Today Benchmark Reviews checks out this modern iteration of a PCIe SSD in the 512GB Toshiba RD400. LINK: http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=1f0cc65080&e=8138df6da5 IMAGE: http://benchmarkreviews.us10.list-manage2.com/track/click?u=9a2f239b17114c9008e3dfda9&id=bf0b160146&e=8138df6da5 ============================================================