news

We have posted a new evolving technology report!! ------------------------------------------------------------ http://us7.campaign-archive2.com/?u=3d9b6193ffd32dd60e84fc74b&id=d3b8187b3f&e=312ec141fb http://technologyx.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=38134ad397&e=312ec141fb TITLE: Cooler Master MasterBox 5 - Canada Model - Review LINK: http://technologyx.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=6701002bf9&e=312ec141fb (http://technologyx.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=f0306ce86a&e=312ec141fb) PHOTO: INFO: The story of Cooler Master is an easy one; they want to be the company that meets your needs. Regardless if you are a casual user, hobbyist, gamer or filmmaker they want to seem like the perfect fit for you. As you may have seen in the past with our review of the MasterCase 5 (http://technologyx.us7.list-manage1.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=d218f18c8a&e=312ec141fb) from December of last year, they are all about becoming modular. This is great as everyone has their own style and when you're building your computer you should always have a bit of your personality put into it. _________________________________________________________________________________________

Today the Fedora Project is pleased to announce the general release of Fedora 24. Download it now from our Get Fedora site: Workstation: https://getfedora.org/workstation/ Server: https://getfedora.org/server/ Cloud: https://getfedora.org/cloud/ Spins: https://spins.fedoraproject.org/ Labs: https://labs.fedoraproject.org/ ARM: https://arm.fedoraproject.org/ Another Step in the Fedora Journey ---------------------------------- The Fedora Project has embarked on a great journey... redefining what an operating system should be for users and developers. Such innovation does not come overnight, and Fedora 24 is one big step on the road to the next generation of Linux distributions. But that does not mean that Fedora 24 is some "interim" release; there are great new features for Fedora users to deploy in their production environments right now! Workstation ----------- The Fedora 24 Workstation release features GNOME 3.20, with many usability improvements such as easier input device and printer settings, a better search interface, shortcut windows for keyboard commands, and more convenient music controls. Flatpak (formerly xdg-app) is another building-block feature, with Software able to track installed Flatpaks and adding more features in the future as the technology develops. The Software app has also grown features to provide a full system upgrade directly from the desktop from one Fedora release to the next, and the ability to provide labeling as well as reviews of available software. Fedora 24 continues our work on the X replacement, Wayland, a next-generation graphics stack. Although this release will not default to Wayland, it includes many improvements and is available as an option for users to try out, and potentially will be the default stack in Fedora 25. Server ------ Fedora 24 Server edition is more streamlined and introduces more modularity, which will become a major factor in future Fedora releases, even as unnecessary packages were removed and the installer has a smaller footprint. FreeIPA 4.3 is a major feature for Fedora 24 Server. FreeIPA is an integrated security information management solution. This new version of FreeIPA features simplified replica installation and improved replication technology management. Cloud ----- Fedora is on its way to being the best platform for containerized applications, from base Fedora container images to a full-featured platform as a service to run and manage them. As we continue on this part of the journey, we are packaging OpenShift Origin so it is easy to deploy. OpenShift Origin is a Platform as a Service system based around Kubernetes, a production-grade container orchestration project. OpenShift Origin is optimized for application development and deployment. Origin makes it easy for developers to get started building applications in containers and for operators to manage them. While not shipped in Fedora 24, per se, we have new infrastructure for developing container images with applications layered on top of the base Fedora Docker image. Fedora Developers will also see a layered image build service, which provides tools for Fedora contributors to start creating and shipping layered container images in Fedora 25 and beyond. Spins and Labs -------------- Fedora Spins and Labs are alternative Fedora versions that offer additional desktop environments, or other custom collections of software, alongside the three editions that are the primary focus for the project. Our Spins make it easy for people to use other desktop environments. Everyone has different needs and Spins are a great way for us to meet them. The Fedora 24 spins release showcases KDE Plasma, Xfce, LXDE, Mate-Compiz, and Cinnamon, all on the same Fedora base. Fedora Labs offer collections of software for specific purposes: Games, Robotics, and so on. They are pre-selected sets of software ideal for events or audiences with specialized interests that need corresponding software. Fedora 24 comes with a new lab focused on Astronomy, which contains a set of tools for astronomers and astrophysicists. ARM --- ARM images are available, as usual, for several use cases. Fedora 24 ships desktop images, such as Spins and Workstation, but also provides a Server image. A minimal Fedora image completes the wide set of install options for your ARM board. Alternate Fedora Architectures ------------------------------ For the first time, all of our secondary architectures, AArch64, Power64 (ppc64, ppc64le) and s390x, are released simultaneously, rather than trailing a little behind. This includes the Server edition for all architectures and the Cloud and Docker base images for AArch64 and Power64. Along with all the same enhancements as in the primary architectures in Fedora 24, AArch64 and Power64 now have support for golang, nodejs, mongodb; along with numerous other architecture-specific enhancements. The architecture release notes pages on the wiki have more specifics for each. Download these from: https://dl.fedoraproject.org/pub/fedora-secondary/releases/24/ Atomic Host ----------- Fedora Atomic Host releases on a two-week schedule, and each release is built on the latest released Fedora version. This schedule means the Atomic Host will now be currently built on Fedora 24. You can try one of the newer features with recent Fedora Atomic Host builds today. Since Fedora 23 was released, Atomic Host has added a developer mode that gives a better developer experience overall. When running in developer mode, the host will download and start Cockpit and a tmux session to make it easier to work at the console and obtain necessary information such as the root password or IP address. Make Fedora Even Better ----------------------- If you want to take an active hand in making Fedora even better, there are many ways you can contribute. There are many roles that you can participate. Visit http://whatcanidoforfedora.org/ for more information! While this is a general release, there is always a chance you may encounter bugs or missing features. To report issues encountered during testing, contact the Fedora QA team via the mailing list or in #fedora-qa on Freenode IRC. As testing progresses, common issues are tracked on the Common F24 Bugs page: https://fedoraproject.org/wiki/Common_F24_bugs For tips on reporting a bug effectively, read "how to file a bug report at https://fedoraproject.org/wiki/How_to_file_a_bug_report. Flock 2016: Krakow, Poland -------------------------- If you want to be a part of the journey that Fedora is taking, either as a current or interested Fedora contributor, one way to engage with our community is through Fedora premier events. The annual North American/European conference for Fedora contributors is Flock, which takes place August 2-5, 2016 in Krakow, Poland. Registration is now open at https://register.flocktofedora.org. For more information about our Latin American and Asia-Pacific Conferences, stay tuned for announcements on the Fedora Community Blog: https://communityblog.fedoraproject.org. -- Matthew Miller Fedora Project Leader --

Cooler Master Devastator II Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/cooler-master-devastator-ii-review/ Image URL: http://www.thinkcomputers.org/reviews/cm_devastator_2/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/cm_devastator_2/small.jpg Quote: "As gaming and e-sports have gotten more popular over the past few years gaming products have really improved.  We see mice and keyboards made for specific types of games, extremely high-end products, and products that will definitely give you that competitive edge in games.  For someone who is on a budget picking up a budget keyboard and mouse is not the easiest thing to do.  We’ve really only seen one other budget keyboard and mouse combo out there.  Well Cooler Master wants to help out the budget crowd with their Devastator II keyboard and mouse combo.  This gives you a gaming-class keyboard and mouse for only $29.99.  Let’s take a look and see what the Devastator II is all about."

SUSE Security Update: Security update for ctdb ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1640-1 Rating: important References: #969522 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise High Availability Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: ctdb was updated to fix one security issue. This security issue was fixed: - bsc#969522: ctdb opening sockets with htons(IPPROTO_RAW) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-ctdb-12622=1 - SUSE Linux Enterprise High Availability Extension 11-SP4: zypper in -t patch slehasp4-ctdb-12622=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ctdb-12622=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): ctdb-devel-1.0.114.6-0.14.1 - SUSE Linux Enterprise High Availability Extension 11-SP4 (i586 ia64 ppc64 s390x x86_64): ctdb-1.0.114.6-0.14.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ctdb-debuginfo-1.0.114.6-0.14.1 ctdb-debugsource-1.0.114.6-0.14.1 References: https://bugzilla.suse.com/969522 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for libimobiledevice, usbmuxd ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1639-1 Rating: important References: #982014 Cross-References: CVE-2016-5104 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12-SP1 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: libimobiledevice, usbmuxd were updated to fix one security issue. This security issue was fixed: - CVE-2016-5104: Sockets listening on INADDR_ANY instead of only locally (982014). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2016-973=1 - SUSE Linux Enterprise Workstation Extension 12: zypper in -t patch SUSE-SLE-WE-12-2016-973=1 - SUSE Linux Enterprise Software Development Kit 12-SP1: zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-973=1 - SUSE Linux Enterprise Software Development Kit 12: zypper in -t patch SUSE-SLE-SDK-12-2016-973=1 - SUSE Linux Enterprise Server 12-SP1: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-973=1 - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2016-973=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-973=1 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2016-973=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-tools-1.1.5-6.1 libimobiledevice-tools-debuginfo-1.1.5-6.1 - SUSE Linux Enterprise Workstation Extension 12 (x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-tools-1.1.5-6.1 libimobiledevice-tools-debuginfo-1.1.5-6.1 - SUSE Linux Enterprise Software Development Kit 12-SP1 (ppc64le s390x x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-devel-1.1.5-6.1 libusbmuxd-devel-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-devel-1.1.5-6.1 libusbmuxd-devel-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 - SUSE Linux Enterprise Server 12-SP1 (ppc64le s390x x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice4-1.1.5-6.1 libimobiledevice4-debuginfo-1.1.5-6.1 libusbmuxd2-1.0.8-12.1 libusbmuxd2-debuginfo-1.0.8-12.1 usbmuxd-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice4-1.1.5-6.1 libimobiledevice4-debuginfo-1.1.5-6.1 libusbmuxd2-1.0.8-12.1 libusbmuxd2-debuginfo-1.0.8-12.1 usbmuxd-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-tools-1.1.5-6.1 libimobiledevice-tools-debuginfo-1.1.5-6.1 libimobiledevice4-1.1.5-6.1 libimobiledevice4-debuginfo-1.1.5-6.1 libusbmuxd2-1.0.8-12.1 libusbmuxd2-debuginfo-1.0.8-12.1 usbmuxd-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 - SUSE Linux Enterprise Desktop 12 (x86_64): libimobiledevice-debugsource-1.1.5-6.1 libimobiledevice-tools-1.1.5-6.1 libimobiledevice-tools-debuginfo-1.1.5-6.1 libimobiledevice4-1.1.5-6.1 libimobiledevice4-debuginfo-1.1.5-6.1 libusbmuxd2-1.0.8-12.1 libusbmuxd2-debuginfo-1.0.8-12.1 usbmuxd-1.0.8-12.1 usbmuxd-debuginfo-1.0.8-12.1 usbmuxd-debugsource-1.0.8-12.1 References: https://www.suse.com/security/cve/CVE-2016-5104.html https://bugzilla.suse.com/982014 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:1641-1 Rating: important References: #945345 #955654 #963762 #966245 #966849 #970506 #971126 #971799 #973570 #974308 #975945 #977198 #978073 #978401 #978821 #978822 #979018 #979213 #979278 #979548 #979728 #979867 #979879 #979913 #980348 #980371 #980657 #981058 #981267 #981344 #982238 #982239 #982712 #983143 #983213 #984460 Cross-References: CVE-2013-7446 CVE-2016-0758 CVE-2016-1583 CVE-2016-2053 CVE-2016-3134 CVE-2016-3672 CVE-2016-3955 CVE-2016-4482 CVE-2016-4485 CVE-2016-4486 CVE-2016-4557 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4580 CVE-2016-4581 CVE-2016-4805 CVE-2016-4951 CVE-2016-5244 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that solves 19 vulnerabilities and has 17 fixes is now available. Description: The openSUSE Leap 42.1 kernel was updated to 4.1.26 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2016-1583: Prevent the usage of mmap when the lower file system does not allow it. This could have lead to local privilege escalation when ecryptfs-utils was installed and /sbin/mount.ecryptfs_private was setuid (bsc#983143). - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface. (bsc#979548) - CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions. (bsc#980371). - CVE-2016-4951: The tipc_nl_publ_dump function in net/tipc/socket.c in the Linux kernel did not verify socket existence, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a dumpit operation. (bsc#981058). - CVE-2016-5244: An information leak vulnerability in function rds_inc_info_copy of file net/rds/recv.c was fixed that might have leaked kernel stack data. (bsc#983213). - CVE-2016-4580: The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel did not properly initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request. (bsc#981267). - CVE-2016-0758: Tags with indefinite length could have corrupted pointers in asn1_find_indefinite_length (bsc#979867). - CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bnc#963762). - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bnc#955654). - CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bnc#971126). - CVE-2016-3672: The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel did not properly randomize the legacy base address, which made it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits (bnc#974308). - CVE-2016-4482: A kernel information leak in the usbfs devio connectinfo was fixed, which could expose kernel stack memory to userspace. (bnc#978401). - CVE-2016-4485: A kernel information leak in llc was fixed (bsc#978821). - CVE-2016-4486: A kernel information leak in rtnetlink was fixed, where 4 uninitialized bytes could leak to userspace (bsc#978822). - CVE-2016-4557: A use-after-free via double-fdput in replace_map_fd_with_map_ptr() was fixed, which could allow privilege escalation (bsc#979018). - CVE-2016-4565: When the "rdma_ucm" infiniband module is loaded, local attackers could escalate their privileges (bsc#979548). - CVE-2016-4569: A kernel information leak in the ALSA timer via events via snd_timer_user_tinterrupt that could leak information to userspace was fixed (bsc#979213). - CVE-2016-4578: A kernel information leak in the ALSA timer via events that could leak information to userspace was fixed (bsc#979879). - CVE-2016-4581: If the first propogated mount copy was being a slave it could oops the kernel (bsc#979913) The following non-security bugs were fixed: - ALSA: hda - Add dock support for ThinkPad X260 (boo#979278). - ALSA: hda - Apply fix for white noise on Asus N550JV, too (boo#979278). - ALSA: hda - Asus N750JV external subwoofer fixup (boo#979278). - ALSA: hda - Fix broken reconfig (boo#979278). - ALSA: hda - Fix headphone mic input on a few Dell ALC293 machines (boo#979278). - ALSA: hda - Fix subwoofer pin on ASUS N751 and N551 (boo#979278). - ALSA: hda - Fix white noise on Asus N750JV headphone (boo#979278). - ALSA: hda - Fix white noise on Asus UX501VW headset (boo#979278). - ALSA: hda/realtek - Add ALC3234 headset mode for Optiplex 9020m (boo#979278). - ALSA: hda/realtek - New codecs support for ALC234/ALC274/ALC294 (boo#979278). - ALSA: hda/realtek - New codec support of ALC225 (boo#979278). - ALSA: hda/realtek - Support headset mode for ALC225 (boo#979278). - ALSA: pcxhr: Fix missing mutex unlock (boo#979278). - ALSA: usb-audio: Quirk for yet another Phoenix Audio devices (v2) (boo#979278). - bluetooth: fix power_on vs close race (bsc#966849). - bluetooth: vhci: fix open_timeout vs. hdev race (bsc#971799,bsc#966849). - bluetooth: vhci: Fix race at creating hci device (bsc#971799,bsc#966849). - bluetooth: vhci: purge unhandled skbs (bsc#971799,bsc#966849). - btrfs: do not use src fd for printk (bsc#980348). - btrfs: fix crash/invalid memory access on fsync when using overlayfs (bsc#977198) - drm: qxl: Workaround for buggy user-space (bsc#981344). - enic: set netdev->vlan_features (bsc#966245). - fs: add file_dentry() (bsc#977198). - IB/IPoIB: Do not set skb truesize since using one linearskb (bsc#980657). - input: i8042 - lower log level for "no controller" message (bsc#945345). - kabi: Add kabi/severities entries to ignore sound/hda/*, x509_*, efivar_validate, file_open_root and dax_fault - kabi: Add some fixups (module, pci_dev, drm, fuse and thermal) - kabi: file_dentry changes (bsc#977198). - kABI fixes for 4.1.22 - mm/page_alloc.c: calculate 'available' memory in a separate function (bsc#982239). - net: disable fragment reassembly if high_thresh is zero (bsc#970506). - of: iommu: Silence misleading warning. - pstore_register() error handling was wrong -- it tried to release lock before it's acquired, causing spinlock / preemption imbalance. - usb: quirk to stop runtime PM for Intel 7260 (bnc#984460). - Revert "usb: hub: do not clear BOS field during reset device" (boo#979728). - usb: core: hub: hub_port_init lock controller instead of bus (bnc#978073). - usb: preserve kABI in address0 locking (bnc#978073). - usb: usbip: fix potential out-of-bounds write (bnc#975945). - USB: xhci: Add broken streams quirk for Frescologic device id 1009 (bnc#982712). - virtio_balloon: do not change memory amount visible via /proc/meminfo (bsc#982238). - virtio_balloon: export 'available' memory to balloon statistics (bsc#982239). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-753=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i686 x86_64): kernel-debug-4.1.26-21.1 kernel-debug-base-4.1.26-21.1 kernel-debug-base-debuginfo-4.1.26-21.1 kernel-debug-debuginfo-4.1.26-21.1 kernel-debug-debugsource-4.1.26-21.1 kernel-debug-devel-4.1.26-21.1 kernel-debug-devel-debuginfo-4.1.26-21.1 kernel-ec2-4.1.26-21.1 kernel-ec2-base-4.1.26-21.1 kernel-ec2-base-debuginfo-4.1.26-21.1 kernel-ec2-debuginfo-4.1.26-21.1 kernel-ec2-debugsource-4.1.26-21.1 kernel-ec2-devel-4.1.26-21.1 kernel-pv-4.1.26-21.1 kernel-pv-base-4.1.26-21.1 kernel-pv-base-debuginfo-4.1.26-21.1 kernel-pv-debuginfo-4.1.26-21.1 kernel-pv-debugsource-4.1.26-21.1 kernel-pv-devel-4.1.26-21.1 kernel-vanilla-4.1.26-21.1 kernel-vanilla-debuginfo-4.1.26-21.1 kernel-vanilla-debugsource-4.1.26-21.1 kernel-vanilla-devel-4.1.26-21.1 kernel-xen-4.1.26-21.1 kernel-xen-base-4.1.26-21.1 kernel-xen-base-debuginfo-4.1.26-21.1 kernel-xen-debuginfo-4.1.26-21.1 kernel-xen-debugsource-4.1.26-21.1 kernel-xen-devel-4.1.26-21.1 - openSUSE Leap 42.1 (i586 x86_64): kernel-default-4.1.26-21.1 kernel-default-base-4.1.26-21.1 kernel-default-base-debuginfo-4.1.26-21.1 kernel-default-debuginfo-4.1.26-21.1 kernel-default-debugsource-4.1.26-21.1 kernel-default-devel-4.1.26-21.1 kernel-obs-build-4.1.26-21.1 kernel-obs-build-debugsource-4.1.26-21.1 kernel-obs-qa-4.1.26-21.1 kernel-obs-qa-xen-4.1.26-21.1 kernel-syms-4.1.26-21.1 - openSUSE Leap 42.1 (noarch): kernel-devel-4.1.26-21.1 kernel-docs-4.1.26-21.2 kernel-docs-html-4.1.26-21.2 kernel-docs-pdf-4.1.26-21.2 kernel-macros-4.1.26-21.1 kernel-source-4.1.26-21.1 kernel-source-vanilla-4.1.26-21.1 - openSUSE Leap 42.1 (i686): kernel-pae-4.1.26-21.1 kernel-pae-base-4.1.26-21.1 kernel-pae-base-debuginfo-4.1.26-21.1 kernel-pae-debuginfo-4.1.26-21.1 kernel-pae-debugsource-4.1.26-21.1 kernel-pae-devel-4.1.26-21.1 References: https://www.suse.com/security/cve/CVE-2013-7446.html https://www.suse.com/security/cve/CVE-2016-0758.html https://www.suse.com/security/cve/CVE-2016-1583.html https://www.suse.com/security/cve/CVE-2016-2053.html https://www.suse.com/security/cve/CVE-2016-3134.html https://www.suse.com/security/cve/CVE-2016-3672.html https://www.suse.com/security/cve/CVE-2016-3955.html https://www.suse.com/security/cve/CVE-2016-4482.html https://www.suse.com/security/cve/CVE-2016-4485.html https://www.suse.com/security/cve/CVE-2016-4486.html https://www.suse.com/security/cve/CVE-2016-4557.html https://www.suse.com/security/cve/CVE-2016-4565.html https://www.suse.com/security/cve/CVE-2016-4569.html https://www.suse.com/security/cve/CVE-2016-4578.html https://www.suse.com/security/cve/CVE-2016-4580.html https://www.suse.com/security/cve/CVE-2016-4581.html https://www.suse.com/security/cve/CVE-2016-4805.html https://www.suse.com/security/cve/CVE-2016-4951.html https://www.suse.com/security/cve/CVE-2016-5244.html https://bugzilla.suse.com/945345 https://bugzilla.suse.com/955654 https://bugzilla.suse.com/963762 https://bugzilla.suse.com/966245 https://bugzilla.suse.com/966849 https://bugzilla.suse.com/970506 https://bugzilla.suse.com/971126 https://bugzilla.suse.com/971799 https://bugzilla.suse.com/973570 https://bugzilla.suse.com/974308 https://bugzilla.suse.com/975945 https://bugzilla.suse.com/977198 https://bugzilla.suse.com/978073 https://bugzilla.suse.com/978401 https://bugzilla.suse.com/978821 https://bugzilla.suse.com/978822 https://bugzilla.suse.com/979018 https://bugzilla.suse.com/979213 https://bugzilla.suse.com/979278 https://bugzilla.suse.com/979548 https://bugzilla.suse.com/979728 https://bugzilla.suse.com/979867 https://bugzilla.suse.com/979879 https://bugzilla.suse.com/979913 https://bugzilla.suse.com/980348 https://bugzilla.suse.com/980371 https://bugzilla.suse.com/980657 https://bugzilla.suse.com/981058 https://bugzilla.suse.com/981267 https://bugzilla.suse.com/981344 https://bugzilla.suse.com/982238 https://bugzilla.suse.com/982239 https://bugzilla.suse.com/982712 https://bugzilla.suse.com/983143 https://bugzilla.suse.com/983213 https://bugzilla.suse.com/984460 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for php53 ______________________________________________________________________________ Announcement ID: SUSE-SU-2016:1638-1 Rating: important References: #884986 #884987 #884989 #884990 #884991 #884992 #885961 #886059 #886060 #893849 #893853 #902357 #902360 #902368 #910659 #914690 #917150 #918768 #919080 #921950 #922451 #922452 #923945 #924972 #925109 #928506 #928511 #931421 #931769 #931772 #931776 #933227 #935074 #935224 #935226 #935227 #935229 #935232 #935234 #935274 #935275 #938719 #938721 #942291 #942296 #945412 #945428 #949961 #968284 #969821 #971611 #971612 #971912 #973351 #973792 #976996 #976997 #977003 #977005 #977991 #977994 #978827 #978828 #978829 #978830 #980366 #980373 #980375 #981050 #982010 #982011 #982012 #982013 #982162 Cross-References: CVE-2004-1019 CVE-2006-7243 CVE-2014-0207 CVE-2014-3478 CVE-2014-3479 CVE-2014-3480 CVE-2014-3487 CVE-2014-3515 CVE-2014-3597 CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 CVE-2014-4049 CVE-2014-4670 CVE-2014-4698 CVE-2014-4721 CVE-2014-5459 CVE-2014-8142 CVE-2014-9652 CVE-2014-9705 CVE-2014-9709 CVE-2014-9767 CVE-2015-0231 CVE-2015-0232 CVE-2015-0273 CVE-2015-1352 CVE-2015-2301 CVE-2015-2305 CVE-2015-2783 CVE-2015-2787 CVE-2015-3152 CVE-2015-3329 CVE-2015-3411 CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4026 CVE-2015-4116 CVE-2015-4148 CVE-2015-4598 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4643 CVE-2015-4644 CVE-2015-5161 CVE-2015-5589 CVE-2015-5590 CVE-2015-6831 CVE-2015-6833 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838 CVE-2015-7803 CVE-2015-8835 CVE-2015-8838 CVE-2015-8866 CVE-2015-8867 CVE-2015-8873 CVE-2015-8874 CVE-2015-8879 CVE-2016-2554 CVE-2016-3141 CVE-2016-3142 CVE-2016-3185 CVE-2016-4070 CVE-2016-4073 CVE-2016-4342 CVE-2016-4346 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 CVE-2016-5093 CVE-2016-5094 CVE-2016-5095 CVE-2016-5096 CVE-2016-5114 Affected Products: SUSE Linux Enterprise Server 11-SP2-LTSS ______________________________________________________________________________ An update that fixes 85 vulnerabilities is now available. Description: This update for php53 to version 5.3.17 fixes the following issues: These security issues were fixed: - CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010). - CVE-2016-5094: Don't create strings with lengths outside int range (bnc#982011). - CVE-2016-5095: Don't create strings with lengths outside int range (bnc#982012). - CVE-2016-5096: int/size_t confusion in fread (bsc#982013). - CVE-2016-5114: fpm_log.c memory leak and buffer overflow (bnc#982162). - CVE-2015-8879: The odbc_bindcols function in ext/odbc/php_odbc.c in PHP mishandles driver behavior for SQL_WVARCHAR columns, which allowed remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table (bsc#981050). - CVE-2015-4116: Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP allowed remote attackers to execute arbitrary code by triggering a failed SplMinHeap::compare operation (bsc#980366). - CVE-2015-8874: Stack consumption vulnerability in GD in PHP allowed remote attackers to cause a denial of service via a crafted imagefilltoborder call (bsc#980375). - CVE-2015-8873: Stack consumption vulnerability in Zend/zend_exceptions.c in PHP allowed remote attackers to cause a denial of service (segmentation fault) via recursive method calls (bsc#980373). - CVE-2016-4540: The grapheme_stripos function in ext/intl/grapheme/grapheme_string.c in PHP allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset (bsc#978829). - CVE-2016-4541: The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c in PHP allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a negative offset (bsc#978829. - CVE-2016-4542: The exif_process_IFD_TAG function in ext/exif/exif.c in PHP did not properly construct spprintf arguments, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830). - CVE-2016-4543: The exif_process_IFD_in_JPEG function in ext/exif/exif.c in PHP did not validate IFD sizes, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830. - CVE-2016-4544: The exif_process_TIFF_in_JPEG function in ext/exif/exif.c in PHP did not validate TIFF start data, which allowed remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted header data (bsc#978830. - CVE-2016-4537: The bcpowmod function in ext/bcmath/bcmath.c in PHP accepted a negative integer for the scale argument, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call (bsc#978827). - CVE-2016-4538: The bcpowmod function in ext/bcmath/bcmath.c in PHP modified certain data structures without considering whether they are copies of the _zero_, _one_, or _two_ global variable, which allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted call (bsc#978827). - CVE-2016-4539: The xml_parse_into_struct function in ext/xml/xml.c in PHP allowed remote attackers to cause a denial of service (buffer under-read and segmentation fault) or possibly have unspecified other impact via crafted XML data in the second argument, leading to a parser level of zero (bsc#978828). - CVE-2016-4342: ext/phar/phar_object.c in PHP mishandles zero-length uncompressed data, which allowed remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via a crafted (1) TAR, (2) ZIP, or (3) PHAR archive (bsc#977991). - CVE-2016-4346: Integer overflow in the str_pad function in ext/standard/string.c in PHP allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a long string, leading to a heap-based buffer overflow (bsc#977994). - CVE-2016-4073: Multiple integer overflows in the mbfl_strcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted mb_strcut call (bsc#977003). - CVE-2015-8867: The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP incorrectly relied on the deprecated RAND_pseudo_bytes function, which made it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors (bsc#977005). - CVE-2016-4070: Integer overflow in the php_raw_url_encode function in ext/standard/url.c in PHP allowed remote attackers to cause a denial of service (application crash) via a long string to the rawurlencode function (bsc#976997). - CVE-2015-8866: ext/libxml/libxml.c in PHP when PHP-FPM is used, did not isolate each thread from libxml_disable_entity_loader changes in other threads, which allowed remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5161 (bsc#976996). - CVE-2015-8838: ext/mysqlnd/mysqlnd.c in PHP used a client SSL option to mean that SSL is optional, which allowed man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, a related issue to CVE-2015-3152 (bsc#973792). - CVE-2015-8835: The make_http_soap_request function in ext/soap/php_http.c in PHP did not properly retrieve keys, which allowed remote attackers to cause a denial of service (NULL pointer dereference, type confusion, and application crash) or possibly execute arbitrary code via crafted serialized data representing a numerically indexed _cookies array, related to the SoapClient::__call method in ext/soap/soap.c (bsc#973351). - CVE-2016-3141: Use-after-free vulnerability in wddx.c in the WDDX extension in PHP allowed remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact by triggering a wddx_deserialize call on XML data containing a crafted var element (bsc#969821). - CVE-2016-3142: The phar_parse_zipfile function in zip.c in the PHAR extension in PHP allowed remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read and application crash) by placing a PK\x05\x06 signature at an invalid location (bsc#971912). - CVE-2014-9767: Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP ext/zip/ext_zip.cpp in HHVM allowed remote attackers to create arbitrary empty directories via a crafted ZIP archive (bsc#971612). - CVE-2016-3185: The make_http_soap_request function in ext/soap/php_http.c in PHP allowed remote attackers to obtain sensitive information from process memory or cause a denial of service (type confusion and application crash) via crafted serialized _cookies data, related to the SoapClient::__call method in ext/soap/soap.c (bsc#971611). - CVE-2016-2554: Stack-based buffer overflow in ext/phar/tar.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TAR archive (bsc#968284). - CVE-2015-7803: The phar_get_entry_data function in ext/phar/util.c in PHP allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a .phar file with a crafted TAR archive entry in which the Link indicator references a file that did not exist (bsc#949961). - CVE-2015-6831: Multiple use-after-free vulnerabilities in SPL in PHP allowed remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization (bsc#942291). - CVE-2015-6833: Directory traversal vulnerability in the PharData class in PHP allowed remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call (bsc#942296. - CVE-2015-6836: The SoapClient __call method in ext/soap/soap.c in PHP did not properly manage headers, which allowed remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serialize_function_call function (bsc#945428). - CVE-2015-6837: The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did not consider the possibility of a NULL valuePop return value proceeding with a free operation during initial error checking, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838 (bsc#945412). - CVE-2015-6838: The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP when libxml2 is used, did not consider the possibility of a NULL valuePop return value proceeding with a free operation after the principal argument loop, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837 (bsc#945412). - CVE-2015-5590: Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP allowed remote attackers to cause a denial of service or possibly have unspecified other impact via a large length value, as demonstrated by mishandling of an e-mail attachment by the imap PHP extension (bsc#938719). - CVE-2015-5589: The phar_convert_to_other function in ext/phar/phar_object.c in PHP did not validate a file pointer a close operation, which allowed remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via a crafted TAR archive that is mishandled in a Phar::convertToData call (bsc#938721). - CVE-2015-4602: The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue (bsc#935224). - CVE-2015-4599: The SoapFault::__toString method in ext/soap/soap.c in PHP allowed remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue (bsc#935226). - CVE-2015-4600: The SoapClient implementation in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in the (1) SoapClient::__getLastRequest, (2) SoapClient::__getLastResponse, (3) SoapClient::__getLastRequestHeaders, (4) SoapClient::__getLastResponseHeaders, (5) SoapClient::__getCookies, and (6) SoapClient::__setCookie methods (bsc#935226). - CVE-2015-4601: PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to "type confusion" issues in (1) ext/soap/php_encoding.c, (2) ext/soap/php_http.c, and (3) ext/soap/soap.c, a different issue than CVE-2015-4600 (bsc#935226. - CVE-2015-4603: The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP allowed remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue (bsc#935234). - CVE-2015-4644: The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP did not validate token extraction for table names, which might allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352 (bsc#935274). - CVE-2015-4643: Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP allowed remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022 (bsc#935275). - CVE-2015-3411: PHP did not ensure that pathnames lack %00 sequences, which might have allowed remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files (bsc#935227). - CVE-2015-3412: PHP did not ensure that pathnames lack %00 sequences, which might have allowed remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension (bsc#935229). - CVE-2015-4598: PHP did not ensure that pathnames lack %00 sequences, which might have allowed remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files (bsc#935232). - CVE-2015-4148: The do_soap_call function in ext/soap/soap.c in PHP did not verify that the uri property is a string, which allowed remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue (bsc#933227). - CVE-2015-4024: Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP allowed remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome (bsc#931421). - CVE-2015-4026: The pcntl_exec implementation in PHP truncates a pathname upon encountering a \x00 character, which might allowed remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243 (bsc#931776). - CVE-2015-4022: Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP allowed remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow (bsc#931772). - CVE-2015-4021: The phar_parse_tarfile function in ext/phar/tar.c in PHP did not verify that the first character of a filename is different from the \0 character, which allowed remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive (bsc#931769). - CVE-2015-3329: Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP allowed remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive (bsc#928506). - CVE-2015-2783: ext/phar/phar.c in PHP allowed remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions (bsc#928511). - CVE-2015-2787: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages use of the unset function within an __wakeup function, a related issue to CVE-2015-0231 (bsc#924972). - CVE-2014-9709: The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP allowed remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperly handled by the gdImageCreateFromGif function (bsc#923945). - CVE-2015-2301: Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP allowed remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an attempted renaming of a Phar archive to the name of an existing file (bsc#922452). - CVE-2015-2305: Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) 32-bit platforms might have allowed context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow (bsc#921950). - CVE-2014-9705: Heap-based buffer overflow in the enchant_broker_request_dict function in ext/enchant/enchant.c in PHP allowed remote attackers to execute arbitrary code via vectors that trigger creation of multiple dictionaries (bsc#922451). - CVE-2015-0273: Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP allowed remote attackers to execute arbitrary code via crafted serialized input containing a (1) R or (2) r type specifier in (a) DateTimeZone data handled by the php_date_timezone_initialize_from_hash function or ( DateTime data handled by the php_date_initialize_from_hash function (bsc#918768). - CVE-2014-9652: The mconvert function in softmagic.c in file as used in the Fileinfo component in PHP did not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allowed remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file (bsc#917150). - CVE-2014-8142: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019 (bsc#910659). - CVE-2015-0231: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate numerical keys within the serialized properties of an object. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-8142 (bsc#910659). - CVE-2014-8142: Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re in PHP allowed remote attackers to execute arbitrary code via a crafted unserialize call that leverages improper handling of duplicate keys within the serialized properties of an object, a different vulnerability than CVE-2004-1019 (bsc#910659). - CVE-2015-0232: The exif_process_unicode function in ext/exif/exif.c in PHP allowed remote attackers to execute arbitrary code or cause a denial of service (uninitialized pointer free and application crash) via crafted EXIF data in a JPEG image (bsc#914690). - CVE-2014-3670: The exif_ifd_make_value function in exif.c in the EXIF extension in PHP operates on floating-point arrays incorrectly, which allowed remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted JPEG image with TIFF thumbnail data that is improperly handled by the exif_thumbnail function (bsc#902357). - CVE-2014-3669: Integer overflow in the object_custom function in ext/standard/var_unserializer.c in PHP allowed remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an argument to the unserialize function that triggers calculation of a large length value (bsc#902360). - CVE-2014-3668: Buffer overflow in the date_from_ISO8601 function in the mkgmtime implementation in libxmlrpc/xmlrpc.c in the XMLRPC extension in PHP allowed remote attackers to cause a denial of service (application crash) via (1) a crafted first argument to the xmlrpc_set_type function or (2) a crafted argument to the xmlrpc_decode function, related to an out-of-bounds read operation (bsc#902368). - CVE-2014-5459: The PEAR_REST class in REST.php in PEAR in PHP allowed local users to write to arbitrary files via a symlink attack on a (1) rest.cachefile or (2) rest.cacheid file in /tmp/pear/cache/, related to the retrieveCacheFirst and useLocalCache functions (bsc#893849). - CVE-2014-3597: Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP allowed remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049 (bsc#893853). - CVE-2014-4670: Use-after-free vulnerability in ext/spl/spl_dllist.c in the SPL component in PHP allowed context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted iterator usage within applications in certain web-hosting environments (bsc#886059). - CVE-2014-4698: Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP allowed context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments (bsc#886060). - CVE-2014-4721: The phpinfo implementation in ext/standard/info.c in PHP did not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allowed context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a "type confusion" vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php (bsc#885961). - CVE-2014-0207: The cdf_read_short_sector function in cdf.c in file as used in the Fileinfo component in PHP allowed remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file (bsc#884986). - CVE-2014-3478: Buffer overflow in the mconvert function in softmagic.c in file as used in the Fileinfo component in PHP allowed remote attackers to cause a denial of service (application crash) via a crafted Pascal string in a FILE_PSTRING conversion (bsc#884987). - CVE-2014-3479: The cdf_check_stream_offset function in cdf.c in file as used in the Fileinfo component in PHP relies on incorrect sector-size data, which allowed remote attackers to cause a denial of service (application crash) via a crafted stream offset in a CDF file (bsc#884989). - CVE-2014-3480: The cdf_count_chain function in cdf.c in file as used in the Fileinfo component in PHP did not properly validate sector-count data, which allowed remote attackers to cause a denial of service (application crash) via a crafted CDF file (bsc#884990). - CVE-2014-3487: The cdf_read_property_info function in file as used in the Fileinfo component in PHP did not properly validate a stream offset, which allowed remote attackers to cause a denial of service (application crash) via a crafted CDF file (bsc#884991). - CVE-2014-3515: The SPL component in PHP incorrectly anticipates that certain data structures will have the array data type after unserialization, which allowed remote attackers to execute arbitrary code via a crafted string that triggers use of a Hashtable destructor, related to "type confusion" issues in (1) ArrayObject and (2) SPLObjectStorage (bsc#884992). These non-security issues were fixed: - bnc#935074: compare with SQL_NULL_DATA correctly - bnc#935074: fix segfault in odbc_fetch_array - bnc#919080: fix timezone map - bnc#925109: unserialize SoapClient type confusion Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP2-LTSS: zypper in -t patch slessp2-php53-12621=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64): apache2-mod_php53-5.3.17-47.1 php53-5.3.17-47.1 php53-bcmath-5.3.17-47.1 php53-bz2-5.3.17-47.1 php53-calendar-5.3.17-47.1 php53-ctype-5.3.17-47.1 php53-curl-5.3.17-47.1 php53-dba-5.3.17-47.1 php53-dom-5.3.17-47.1 php53-exif-5.3.17-47.1 php53-fastcgi-5.3.17-47.1 php53-fileinfo-5.3.17-47.1 php53-ftp-5.3.17-47.1 php53-gd-5.3.17-47.1 php53-gettext-5.3.17-47.1 php53-gmp-5.3.17-47.1 php53-iconv-5.3.17-47.1 php53-intl-5.3.17-47.1 php53-json-5.3.17-47.1 php53-ldap-5.3.17-47.1 php53-mbstring-5.3.17-47.1 php53-mcrypt-5.3.17-47.1 php53-mysql-5.3.17-47.1 php53-odbc-5.3.17-47.1 php53-openssl-5.3.17-47.1 php53-pcntl-5.3.17-47.1 php53-pdo-5.3.17-47.1 php53-pear-5.3.17-47.1 php53-pgsql-5.3.17-47.1 php53-pspell-5.3.17-47.1 php53-shmop-5.3.17-47.1 php53-snmp-5.3.17-47.1 php53-soap-5.3.17-47.1 php53-suhosin-5.3.17-47.1 php53-sysvmsg-5.3.17-47.1 php53-sysvsem-5.3.17-47.1 php53-sysvshm-5.3.17-47.1 php53-tokenizer-5.3.17-47.1 php53-wddx-5.3.17-47.1 php53-xmlreader-5.3.17-47.1 php53-xmlrpc-5.3.17-47.1 php53-xmlwriter-5.3.17-47.1 php53-xsl-5.3.17-47.1 php53-zip-5.3.17-47.1 php53-zlib-5.3.17-47.1 References: https://www.suse.com/security/cve/CVE-2004-1019.html https://www.suse.com/security/cve/CVE-2006-7243.html https://www.suse.com/security/cve/CVE-2014-0207.html https://www.suse.com/security/cve/CVE-2014-3478.html https://www.suse.com/security/cve/CVE-2014-3479.html https://www.suse.com/security/cve/CVE-2014-3480.html https://www.suse.com/security/cve/CVE-2014-3487.html https://www.suse.com/security/cve/CVE-2014-3515.html https://www.suse.com/security/cve/CVE-2014-3597.html https://www.suse.com/security/cve/CVE-2014-3668.html https://www.suse.com/security/cve/CVE-2014-3669.html https://www.suse.com/security/cve/CVE-2014-3670.html https://www.suse.com/security/cve/CVE-2014-4049.html https://www.suse.com/security/cve/CVE-2014-4670.html https://www.suse.com/security/cve/CVE-2014-4698.html https://www.suse.com/security/cve/CVE-2014-4721.html https://www.suse.com/security/cve/CVE-2014-5459.html https://www.suse.com/security/cve/CVE-2014-8142.html https://www.suse.com/security/cve/CVE-2014-9652.html https://www.suse.com/security/cve/CVE-2014-9705.html https://www.suse.com/security/cve/CVE-2014-9709.html https://www.suse.com/security/cve/CVE-2014-9767.html https://www.suse.com/security/cve/CVE-2015-0231.html https://www.suse.com/security/cve/CVE-2015-0232.html https://www.suse.com/security/cve/CVE-2015-0273.html https://www.suse.com/security/cve/CVE-2015-1352.html https://www.suse.com/security/cve/CVE-2015-2301.html https://www.suse.com/security/cve/CVE-2015-2305.html https://www.suse.com/security/cve/CVE-2015-2783.html https://www.suse.com/security/cve/CVE-2015-2787.html https://www.suse.com/security/cve/CVE-2015-3152.html https://www.suse.com/security/cve/CVE-2015-3329.html https://www.suse.com/security/cve/CVE-2015-3411.html https://www.suse.com/security/cve/CVE-2015-3412.html https://www.suse.com/security/cve/CVE-2015-4021.html https://www.suse.com/security/cve/CVE-2015-4022.html https://www.suse.com/security/cve/CVE-2015-4024.html https://www.suse.com/security/cve/CVE-2015-4026.html https://www.suse.com/security/cve/CVE-2015-4116.html https://www.suse.com/security/cve/CVE-2015-4148.html https://www.suse.com/security/cve/CVE-2015-4598.html https://www.suse.com/security/cve/CVE-2015-4599.html https://www.suse.com/security/cve/CVE-2015-4600.html https://www.suse.com/security/cve/CVE-2015-4601.html https://www.suse.com/security/cve/CVE-2015-4602.html https://www.suse.com/security/cve/CVE-2015-4603.html https://www.suse.com/security/cve/CVE-2015-4643.html https://www.suse.com/security/cve/CVE-2015-4644.html https://www.suse.com/security/cve/CVE-2015-5161.html https://www.suse.com/security/cve/CVE-2015-5589.html https://www.suse.com/security/cve/CVE-2015-5590.html https://www.suse.com/security/cve/CVE-2015-6831.html https://www.suse.com/security/cve/CVE-2015-6833.html https://www.suse.com/security/cve/CVE-2015-6836.html https://www.suse.com/security/cve/CVE-2015-6837.html https://www.suse.com/security/cve/CVE-2015-6838.html https://www.suse.com/security/cve/CVE-2015-7803.html https://www.suse.com/security/cve/CVE-2015-8835.html https://www.suse.com/security/cve/CVE-2015-8838.html https://www.suse.com/security/cve/CVE-2015-8866.html https://www.suse.com/security/cve/CVE-2015-8867.html https://www.suse.com/security/cve/CVE-2015-8873.html https://www.suse.com/security/cve/CVE-2015-8874.html https://www.suse.com/security/cve/CVE-2015-8879.html https://www.suse.com/security/cve/CVE-2016-2554.html https://www.suse.com/security/cve/CVE-2016-3141.html https://www.suse.com/security/cve/CVE-2016-3142.html https://www.suse.com/security/cve/CVE-2016-3185.html https://www.suse.com/security/cve/CVE-2016-4070.html https://www.suse.com/security/cve/CVE-2016-4073.html https://www.suse.com/security/cve/CVE-2016-4342.html https://www.suse.com/security/cve/CVE-2016-4346.html https://www.suse.com/security/cve/CVE-2016-4537.html https://www.suse.com/security/cve/CVE-2016-4538.html https://www.suse.com/security/cve/CVE-2016-4539.html https://www.suse.com/security/cve/CVE-2016-4540.html https://www.suse.com/security/cve/CVE-2016-4541.html https://www.suse.com/security/cve/CVE-2016-4542.html https://www.suse.com/security/cve/CVE-2016-4543.html https://www.suse.com/security/cve/CVE-2016-4544.html https://www.suse.com/security/cve/CVE-2016-5093.html https://www.suse.com/security/cve/CVE-2016-5094.html https://www.suse.com/security/cve/CVE-2016-5095.html https://www.suse.com/security/cve/CVE-2016-5096.html https://www.suse.com/security/cve/CVE-2016-5114.html https://bugzilla.suse.com/884986 https://bugzilla.suse.com/884987 https://bugzilla.suse.com/884989 https://bugzilla.suse.com/884990 https://bugzilla.suse.com/884991 https://bugzilla.suse.com/884992 https://bugzilla.suse.com/885961 https://bugzilla.suse.com/886059 https://bugzilla.suse.com/886060 https://bugzilla.suse.com/893849 https://bugzilla.suse.com/893853 https://bugzilla.suse.com/902357 https://bugzilla.suse.com/902360 https://bugzilla.suse.com/902368 https://bugzilla.suse.com/910659 https://bugzilla.suse.com/914690 https://bugzilla.suse.com/917150 https://bugzilla.suse.com/918768 https://bugzilla.suse.com/919080 https://bugzilla.suse.com/921950 https://bugzilla.suse.com/922451 https://bugzilla.suse.com/922452 https://bugzilla.suse.com/923945 https://bugzilla.suse.com/924972 https://bugzilla.suse.com/925109 https://bugzilla.suse.com/928506 https://bugzilla.suse.com/928511 https://bugzilla.suse.com/931421 https://bugzilla.suse.com/931769 https://bugzilla.suse.com/931772 https://bugzilla.suse.com/931776 https://bugzilla.suse.com/933227 https://bugzilla.suse.com/935074 https://bugzilla.suse.com/935224 https://bugzilla.suse.com/935226 https://bugzilla.suse.com/935227 https://bugzilla.suse.com/935229 https://bugzilla.suse.com/935232 https://bugzilla.suse.com/935234 https://bugzilla.suse.com/935274 https://bugzilla.suse.com/935275 https://bugzilla.suse.com/938719 https://bugzilla.suse.com/938721 https://bugzilla.suse.com/942291 https://bugzilla.suse.com/942296 https://bugzilla.suse.com/945412 https://bugzilla.suse.com/945428 https://bugzilla.suse.com/949961 https://bugzilla.suse.com/968284 https://bugzilla.suse.com/969821 https://bugzilla.suse.com/971611 https://bugzilla.suse.com/971612 https://bugzilla.suse.com/971912 https://bugzilla.suse.com/973351 https://bugzilla.suse.com/973792 https://bugzilla.suse.com/976996 https://bugzilla.suse.com/976997 https://bugzilla.suse.com/977003 https://bugzilla.suse.com/977005 https://bugzilla.suse.com/977991 https://bugzilla.suse.com/977994 https://bugzilla.suse.com/978827 https://bugzilla.suse.com/978828 https://bugzilla.suse.com/978829 https://bugzilla.suse.com/978830 https://bugzilla.suse.com/980366 https://bugzilla.suse.com/980373 https://bugzilla.suse.com/980375 https://bugzilla.suse.com/981050 https://bugzilla.suse.com/982010 https://bugzilla.suse.com/982011 https://bugzilla.suse.com/982012 https://bugzilla.suse.com/982013 https://bugzilla.suse.com/982162 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: NVIDIA GeForce GTX 1080 SLI Link: http://www.techpowerup.com/reviews/NVIDIA/GeForce_GTX_1080_SLI Brief: Crysis 4K at more than 60 FPS! We take a close look at multi-GPU SLI with two GeForce GTX 1080 cards in 16 games and 4 resolutions. We used an SLI HB bridge for all testing, but also have numbers with the old bridge to find out whether a high-bandwidth bridge is absolutely necessary for SLI on Pascal.

-------- COOLER MASTER MASTERBOX 5 FIRST LOOK ( -at -) APH NETWORKS ----------------- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: Cooler Master MasterBox 5 First Look ( -at -) APH Networks * Description: We've already gotten a first look at the Cooler Master MasterBox 5 at CES earlier this year. Now that we got one in our hands, let us examine it in more detail. * Link: http://aphnetworks.com/reports/cooler-master-masterbox-5-first-look * Image: http://aphnetworks.com/review/cooler-master-masterbox-5/001.jpg Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5

A news post would be great. OCC has published a review on the MSI Gaming 3 and 4-way SLI Bridge Connector Here is a quote from the review: Quote: â€ÂThe add-on fan is a great idea that takes the often used trick of mounting a fan over your card(s) to cool multiple GPUs and makes it a part that is incorporated seamlessly into the package. I found that at stock speeds the benefit of this fan was less than the advertised 10% improvement. However, there is a benefit in every scenario I tested bar one. The target audience for these SLI bridges are the high-end gaming crowd who want to get that last FPS or visual quality setting just because... well they can. If you have the means to populate all of the slots on your high-end gaming rig, the additional coin for an SLI bridge kit such as the MSI Gaming SLI Bridge kit, then the added cost won't be an issue for you. Pricing currently sits in the $50-$53 range for each one of these kits, with the 4-Way kit at $53 and the 3-Way kit coming in at $49.99. Meant for use with MSI Gaming GTX 9xxx cards, I found it the 3-Way bridge worked well with my reference 7 series hardware without any issues setting up the configuration. After going through my testing, this kit does a great job building performance through the addition of multiple cards and cooling the cards once in place. If a 3-Way or 4-Way graphics solution is beyond your reach, MSI does offer its Gaming SLI bridge connections for a 2-Way setup. Go get you some!†Title: MSI Gaming 3 and 4-way SLI Bridge Connector Review Link: http://www.overclockersclub.com/reviews/msi_gaming_3way__4way_sli_bridge_connection/ Img: http://www.overclockersclub.com/siteimages/articles/msi_gaming_3way__4way_sli_bridge_connection/6_thumb.jpg

A news post would be great. OCC has published a review on the MSI Gaming 3 and 4-way SLI Bridge Connector Here is a quote from the review: Quote: â€ÂThe add-on fan is a great idea that takes the often used trick of mounting a fan over your card(s) to cool multiple GPUs and makes it a part that is incorporated seamlessly into the package. I found that at stock speeds the benefit of this fan was less than the advertised 10% improvement. However, there is a benefit in every scenario I tested bar one. The target audience for these SLI bridges are the high-end gaming crowd who want to get that last FPS or visual quality setting just because... well they can. If you have the means to populate all of the slots on your high-end gaming rig, the additional coin for an SLI bridge kit such as the MSI Gaming SLI Bridge kit, then the added cost won't be an issue for you. Pricing currently sits in the $50-$53 range for each one of these kits, with the 4-Way kit at $53 and the 3-Way kit coming in at $49.99. Meant for use with MSI Gaming GTX 9xxx cards, I found it the 3-Way bridge worked well with my reference 7 series hardware without any issues setting up the configuration. After going through my testing, this kit does a great job building performance through the addition of multiple cards and cooling the cards once in place. If a 3-Way or 4-Way graphics solution is beyond your reach, MSI does offer its Gaming SLI bridge connections for a 2-Way setup. Go get you some!†Title: MSI Gaming 3 and 4-way SLI Bridge Connector Review Link: http://www.overclockersclub.com/reviews/msi_gaming_3way__4way_sli_bridge_connection/ Img: http://www.overclockersclub.com/siteimages/articles/msi_gaming_3way__4way_sli_bridge_connection/6_thumb.jpg

Welcome to the Ubuntu Weekly Newsletter, Issue 470 for the week June 13 - 19, 2016. == Links to UWN == * Wiki page: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Issue470 == In This Issue == * Universal "snap" packages launch on multiple Linux distros * Welcome New Members and Developers * Ubuntu Stats * And we're back with UbuCon Latin America 2016! * LoCo Events * Ubuntu App Developer Blog: Calling for testers of the new Ubuntu SDK IDE * Svetlana Belkin: Seeking: Ubuntu Membership Workshop Outline Review * Ubuntu App Developer Blog: Snapd 2.0.8: universal snaps and desktop interfaces * Dustin Kirkland: sudo purge-old-kernels: Recover some disk space! * Daniel Holbach: Second week of Snappy Playpen * Canonical Design Team: QtDay 2016: Developing Ubuntu convergent apps with Qt * Ubuntu App Developer Blog: Week 3 of the Snappy Playpen * ubuntu-docs branch ready for yakkety * Canonical News * The XPS 13 DE: Dell continues to build a reliable Linux lineage * 5 Reasons to Install Linux on Your Laptop * In The Blogosphere * Featured Audio and Video * Upcoming Meetings and Events * Updates and Security for 12.04, 14.04, 15.10 and 16.04 * And much more! == General Community News == === Universal "snap" packages launch on multiple Linux distros === Canonical announces the availability of snaps on other platforms, writing "Snaps now work natively on Arch, Debian, Fedora, Kubuntu, Lubuntu, Ubuntu GNOME, Ubuntu Kylin, Ubuntu MATE, Ubuntu Unity, and Xubuntu. They are currently being validated on CentOS, Elementary, Gentoo, Mint, OpenSUSE, OpenWrt and RHEL, and are easy to enable on other Linux distributions." The announcement goes on to explain the benefits of this new format and links to the source and details available at http://snapcraft.io/. http://insights.ubuntu.com/2016/06/14/universal-snap-packages-launch-on-multiple-linux-distros/ This news has been widely covered, the following is a selection of articles from our editors: * Adios apt and yum? Ubuntu's snap apps are coming to distros everywhere - http://arstechnica.com/information-technology/2016/06/goodbye-apt-and-yum-ubuntus-snap-apps-are-coming-to-distros-everywhere/ * Ubuntu's SNAPS now available to other Linux Distros - http://www.techworm.net/2016/06/ubuntus-snaps-now-available-linux-distros.html * Ubuntu Snap Apps Can Run On (Pretty Much) ANY Linux Distro - http://www.omgubuntu.co.uk/2016/06/snap-to-be-universal-linux-package-format * Linux users are one step closer to universal app marketplace - http://www.techradar.com/news/software/operating-systems/linux-users-are-one-step-closer-to-universal-app-marketplace-1323424 * Snappy Moves to New Platforms - http://www.linuxjournal.com/content/snappy-moves-new-platforms * Ubuntu's snaps come to other Linux distros - http://www.neowin.net/news/ubuntus-snaps-come-to-other-linux-distros * Playing Around With Ubuntu's Snaps, On Fedora - https://www.phoronix.com/scan.php?page=article&item=ubuntu-snaps-fedora&num=1 * Goodbye rpm and deb. Hello Snaps! - http://www.cio.com/article/3085079/linux/goodbye-rpm-and-deb-hello-snaps.html === Welcome New Members and Developers === The Ubuntu Council is happy to announce their newest Ubuntu Member via forums contributions: * Rex Bouwense, LP: https://launchpad.net/~rexbouwense | Wiki: https://wiki.ubuntu.com/rexbouwense | profile: http://ubuntuorg/member.php?u=767164 Rex has been a long time contributor to the https://lists.ubuntu.com/archives/ubuntu-news-team/2016-June/002496.html == Ubuntu Stats == === Bug Stats === * Open (123399) +160 over last week * Critical (363) -14 over last week * Unconfirmed (60804) +136 over last week As always, the Bug Squad needs more help. If you want to get started, please see https://wiki.ubuntu.com/BugSquad === Ask Ubuntu Top 5 Questions this week === ==== Most Active Questions ==== * How do I retrieve only the needed line from terminal output? http://askubuntu.com/questions/786883/how-do-i-retrieve-only-the-needed-line-from-terminal-output * Command to display an arbitrary message if a particular file exists http://askubuntu.com/questions/786978/command-to-display-an-arbitrary-message-if-a-particular-file-exists * How to paste commands into a TTY? http://askubuntu.com/questions/788932/how-to-paste-commands-into-a-tty * Should I report an old bug that is still present? http://askubuntu.com/questions/787585/should-i-report-an-old-bug-that-is-still-present * What does end-to-end disk error mean? http://askubuntu.com/questions/789051/what-does-end-to-end-disk-error-mean ==== Top Voted New Questions ==== * Should I report an old bug that is still present? http://askubuntu.com/questions/787585/ * How to paste commands into a TTY? http://askubuntu.com/questions/788932/ * How do I retrieve only the needed line from terminal output? http://askubuntu.com/questions/786883/ * What is the Ubuntu accessibility for blind people? http://askubuntu.com/questions/787469/ * bash -c "v=value; echo $v" displays nothing http://askubuntu.com/questions/786816/ People Contributing the best questions and answers this week: Byte Commander (http://askubuntu.com/users/367990/byte-commander), Rinzwind (http://askubuntu.com/users/15811/rinzwind), terdon (http://askubuntu.com/users/85695/terdon), andrew.46 (http://askubuntu.com/users/57576/andrew-46) and oblivian (http://askubuntu.com/users/88922/oblivian) Ask (and answer!) questions at http://askubuntu.com == LoCo News == === And we're back with UbuCon Latin America 2016! === Jose Antonio Rey announces the next UbuCon Latin America, coming up in August 2016, and the opening of the Call for Papers and request for sponsors. https://joseeantonior.wordpress.com/2016/06/17/and-were-back-with-ubucon-latin-america-2016/ == LoCo Events == The following LoCo team events are currently scheduled in the next two weeks: * Sierra Vista Ubuntu Hour, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3382-sierra-vista-ubuntu-hour/ * Ubuntu Hour Tempe Az, Arizona LoCo Team: http://loco.ubuntu.com/events/ubuntu-arizona/3383-ubuntu-hour-tempe-az/ * Taller Interpretacion de Imagenes Satelitales con QGis, Ubuntu Venezuela Team: http://loco.ubuntu.com/events/ubuntu-ve/3390-taller-interpretacion-de-imagenes-satelitales-con-qgis/ * Ubuntu 16.04 LTS Release Party and Offline Meeting in Japan, Ubuntu Japanese Team: http://loco.ubuntu.com/events/japaneseteam/3387-ubuntu-1604-lts-release-party-and-offline-meeting-in-japan/ Looking beyond the next two weeks? Visit the LoCo Team Portal to browse upcoming events around the world: http://loco.ubuntu.com/events/ == The Planet == === Ubuntu App Developer Blog: Calling for testers of the new Ubuntu SDK IDE === Benjamin Zeller and Zoltan Balogh announce the availability of and put out a call for testers for the new version of the Ubuntu Software Development Kit (SDK) Integrated Development Environment (IDE). The post gives step by step instructions for use, known issues and solutions, and some troubleshooting tips. http://developer.ubuntu.com/en/blog/2016/06/14/calling-testers-new-ubuntu-sdk-ide-post/ === Svetlana Belkin: Seeking: Ubuntu Membership Workshop Outline Review === Svetlana Belkin shares her current outline for an Ubuntu Membership workshop that she'll be running on Ubuntu On Air and asks for feedback from the community. http://senseopenness.com/seeking-ubuntu-membership-workshop-outline-review/ === Ubuntu App Developer Blog: Snapd 2.0.8: universal snaps and desktop interfaces === David Calle announces the availability of Snapd 2.0.8, featuring the new "snap try" and switch from lsb-release to os-release to support cross-distro support. He covers some of the new interfaces, command line changes, and links to the full changelog of changes. He concludes by offering some of the highlights to expect in future releases. https://developer.ubuntu.com/en/blog/2016/06/15/snapd-208-universal-snaps-and-desktop-interfaces/ === Dustin Kirkland: sudo purge-old-kernels: Recover some disk space! === Dustin Kirkland writes about the purge-old-kernels utility that he wrote to clear out older kernels from your Ubuntu system and gives a quick tour of how to use it. http://blog.dustinkirkland.com/2016/06/purge-old-kernels.html === Daniel Holbach: Second week of Snappy Playpen === Daniel Holbach provides a summary of the work completed in the second week of Snappy Playpen, including the new snaps: Tyrant Unleashed Optimizer, mpv git build, imagemagick6-stable, keepassx, consul, dcos-cli and deis workflow. He also covers the work-in-progress snaps, updated snaps and some general updates, concluding with information about how to get involved. https://daniel.holba.ch/blog/2016/06/second-week-of-snappy-playpen/ === Canonical Design Team: QtDay 2016: Developing Ubuntu convergent apps with Qt === Andrea Bernabei, UX Engineer at Canonical, writes about his talk and Ubuntu's involvement in the recent QtDay 2016 in Florence, Italy. http://design.canonical.com/2016/06/qtday-2016-developing-ubuntu-convergent-apps-with-qt/ === Ubuntu App Developer Blog: Week 3 of the Snappy Playpen === Daniel Holbach announces the Snappy playpen sprint in #snappy on Tuesday, 21st June 2016. The focus of this sprint is to "get all experts in one room and together we will make a push to get both Electron based apps and server apps snapped." http://developer.ubuntu.com/en/blog/2016/06/17/week-3-snappy-playpen/ == Other Community News == === ubuntu-docs branch ready for yakkety === Gunnar Hjalmarsson announces the availability of the ubuntu-docs branch for Yakkety, allowing community members to begin contributing to official documentation for the next release. https://lists.ubuntu.com/archives/ubuntu-doc/2016-June/020033.html In follow up posts, community members also share a link to the contributing documentation at https://wiki.ubuntu.com/DocumentationTeam/SystemDocumentation/UbuntuDesktopGuide and that the documentation team is "happy to give beginners a helping hand. Just post your questions to this list." == Canonical News == * Leveling up snapd integration tests - http://insights.ubuntu.com/2016/06/16/leveling-up-snapd-integration-tests/ == In The Press == === The XPS 13 DE: Dell continues to build a reliable Linux lineage === Scott Gilbertson for Ars Technica reviews the Dell XPS 13 Developer Edition (DE). He covers some of the struggles Linux users have with other laptops, the specifications of the DE edition and real-world performance. He concludes "The XPS is a lightweight, well-specced, Linux-supporting laptop" and provides a list of pros and cons. http://arstechnica.com/gadgets/2016/06/the-xps-13-de-dell-continues-to-build-a-reliable-linux-lineage/ === 5 Reasons to Install Linux on Your Laptop === Using Ubuntu as an example, David Nield of Gizmodo walks the reader through five reasons to install Linux on your laptop. His reasons include the ease of setting up and that it comes with "everything you need" such as an office suite, email and security programs. http://fieldguide.gizmodo.com/5-reasons-to-install-linux-on-your-laptop-1781833159 == In The Blogosphere == * Ubuntu Touch OTA-11 brings about serious improvement to the platform - http://www.techrepublic.com/article/ubuntu-touch-ota-11-brings-about-serious-improvement-to-the-platform/ * Ubuntu Phone Band-aids Are Bitesize Bugs That YOU Can Help Fix - http://www.omgubuntu.co.uk/2016/06/ubuntu-phone-band-aids-bug-fixes * Logic Supply Launches CL100 Ultra-Compact Mini-PC Powered by Ubuntu or Windows - http://news.softpedia.com/news/logic-supply-launches-cl100-ultra-compact-mini-pc-powered-by-ubuntu-or-windows-505250.shtml * Entroware Releases Powerful Linux Gaming Laptop with Ubuntu or Ubuntu MATE 16.04 - http://news.softpedia.com/news/entroware-releases-powerful-linux-gaming-laptop-with-ubuntu-or-ubuntu-mate-16-04-505339.shtml == Featured Audio and Video == === Ubuntu Podcast from the UK LoCo: S09E16 - Reluctant Dragon - Ubuntu Podcast === "It's Episode Sixteen of Season Nine of the Ubuntu Podcast! Alan Pope, Mark Johnson, Laura Cowen and Martin Wimpress are connected and speaking to your brain." This episode includes: * Motivation to adopt Ubuntu Devices whole-heartedly. * Going on holiday, the on-going saga of fixing Mark's laptop, and naming the new Entroware laptop. * We share a Command Line Lurve - pv * And more! http://ubuntupodcast.org/2016/06/16/s09e16-reluctant-dragon/ === Ubuntu Community Team Q&A - 14th June 2016 === "Daniel Holbach and Michael Hall [come] to you live on the air to give you updates on Ubuntu activity and answer your questions." === Ubuntu App Design Clinic === "We['re] on camera talking to Dan Wood regarding his work on the OwnCloud App." === The Changelog Podcast #207: Ubuntu Everywhere with Dustin Kirkland === "This week we talked with Dustin Kirkland about Ubuntu, the most widely used flavor of Linux. We talked about the rise of Ubuntu, Ubuntu being everywhere, their collaboration with Microsoft to bring Bash to Windows, and what we can expect from the future of this Linux distro." https://changelog.com/207/ == Upcoming Meetings and Events == For upcoming meetings and events please visit the calendars at fridge.ubuntu.com: http://fridge.ubuntu.com/calendars/ == Updates and Security for 12.04, 14.04, 15.10 and 16.04 == === Security Updates === None. === Ubuntu 12.04 Updates === * linux-backports-modules-3.2.0 3.2.0-105.97 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025323.html * linux-meta 3.2.0.105.121 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025324.html * linux-signed-lts-trusty 3.13.0-89.136~precise1 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025325.html * linux-meta-lts-trusty 3.13.0.89.81 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025326.html * linux-lts-trusty 3.13.0-89.136~precise1 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025327.html * linux 3.2.0-105.146 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025328.html * linux-ti-omap4 3.2.0-1483.110 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025329.html * linux-meta-ti-omap4 3.2.0.1483.78 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025330.html * linux-lts-trusty_3.13.0-89.136~precise1_amd64.tar.gz - - https://lists.ubuntu.com/archives/precise-changes/2016-June/025331.html * xen 4.1.6.1-0ubuntu0.12.04.11 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025332.html * xen 4.1.6.1-0ubuntu0.12.04.11 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025333.html * linux-meta-armadaxp 3.2.0.1668.84 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025334.html * linux-armadaxp 3.2.0-1668.93 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025335.html * dpkg 1.16.1.2ubuntu7.8 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025336.html * adobe-flashplugin 1:20160616.1-0ubuntu0.12.04.1 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025337.html * adobe-flashplugin 1:20160616.1-0ubuntu0.12.04.1 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025338.html * flashplugin-nonfree 11.2.202.626ubuntu0.12.04.1 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025339.html * flashplugin-nonfree 11.2.202.626ubuntu0.12.04.1 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025340.html * expat 2.0.1-7.2ubuntu1.4 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025341.html * wget 1.13.4-2ubuntu1.4 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025342.html * xmlrpc-c 1.16.33-3.1ubuntu5.2 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025343.html * expat 2.0.1-7.2ubuntu1.4 - https://lists.ubuntu.com/archives/precise-changes/2016-June/025344.html End of Life - April 2017 === Ubuntu 14.04 Updates === * linux-lts-xenial 4.4.0-25.44~14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022196.html * linux-signed-lts-xenial 4.4.0-25.44~14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022197.html * linux-meta-lts-xenial 4.4.0.25.15 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022198.html * linux-lts-xenial_4.4.0-25.44~14.04.1_amd64.tar.gz - - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022199.html * linux-signed 3.13.0-89.136 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022200.html * linux-meta 3.13.0.89.95 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022204.html * linux 3.13.0-89.136 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022201.html * linux-signed-lts-utopic 3.16.0-74.96~14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022202.html * linux-meta-lts-utopic 3.16.0.74.65 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022203.html * linux-lts-utopic 3.16.0-74.96~14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022205.html * linux-meta-lts-vivid 3.19.0.62.45 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022206.html * linux-signed-lts-vivid 3.19.0-62.70~14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022207.html * linux-lts-vivid 3.19.0-62.70~14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022208.html * linux-meta-lts-wily 4.2.0.39.32 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022209.html * linux-signed-lts-wily 4.2.0-39.46~14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022210.html * linux-lts-wily 4.2.0-39.46~14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022211.html * linux_3.13.0-89.136_amd64.tar.gz - - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022212.html * linux-lts-utopic_3.16.0-74.96~14.04.1_amd64.tar.gz - - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022213.html * linux-lts-vivid_3.19.0-62.70~14.04.1_amd64.tar.gz - - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022214.html * linux-lts-wily_4.2.0-39.46~14.04.1_amd64.tar.gz - - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022215.html * xen 4.4.2-0ubuntu0.14.04.6 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022216.html * xen 4.4.2-0ubuntu0.14.04.6 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022217.html * dpkg 1.17.5ubuntu5.7 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022218.html * augeas 1.2.0-0ubuntu1.2 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022219.html * multipath-tools 0.4.9-3ubuntu7.13 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022220.html * swauth 1.0.4-0ubuntu1.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022221.html * adobe-flashplugin 1:20160616.1-0ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022222.html * adobe-flashplugin 1:20160616.1-0ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022223.html * flashplugin-nonfree 11.2.202.626ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022224.html * trousers 0.3.11.2-1ubuntu1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022225.html * flashplugin-nonfree 11.2.202.626ubuntu0.14.04.1 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022226.html * expat 2.1.0-4ubuntu1.3 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022227.html * wget 1.15-1ubuntu1.14.04.2 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022228.html * expat 2.1.0-4ubuntu1.3 - https://lists.ubuntu.com/archives/trusty-changes/2016-June/022229.html End of Life - April 2019 === Ubuntu 15.10 Updates === * python-os-brick 0.5.0-0ubuntu4 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013345.html * linux-signed 4.2.0-39.46 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013346.html * linux-meta 4.2.0.39.42 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013347.html * linux 4.2.0-39.46 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013348.html * linux-meta-raspi2 4.2.0.1032.35 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013349.html * linux-raspi2 4.2.0-1032.42 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013350.html * linux_4.2.0-39.46_amd64.tar.gz - - https://lists.ubuntu.com/archives/wily-changes/2016-June/013351.html * ceph 0.94.7-0ubuntu0.15.10.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013352.html * python-os-brick 0.5.0-0ubuntu4 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013353.html * swauth 1.0.4-0ubuntu1.15.10.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013354.html * abiword 3.0.1-4ubuntu0.15.10.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013355.html * adobe-flashplugin 1:20160616.1-0ubuntu0.15.10.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013356.html * adobe-flashplugin 1:20160616.1-0ubuntu0.15.10.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013357.html * flashplugin-nonfree 11.2.202.626ubuntu0.15.10.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013358.html * flashplugin-nonfree 11.2.202.626ubuntu0.15.10.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013359.html * openvswitch 2.4.1-0ubuntu0.15.10.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013360.html * dnsmasq 2.75-1ubuntu0.15.10.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013361.html * expat 2.1.0-7ubuntu0.15.10.2 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013362.html * wget 1.16.1-1ubuntu1.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013363.html * expat 2.1.0-7ubuntu0.15.10.2 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013364.html * dnsmasq 2.75-1ubuntu0.15.10.1 - https://lists.ubuntu.com/archives/wily-changes/2016-June/013365.html End of Life - July 2016 === Ubuntu 16.04 Updates === * network-manager-applet 1.2.0-0ubuntu0.16.04.3 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013532.html * snapd 2.0.8 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013533.html * snapcraft 2.11 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013534.html * linux 4.4.0-25.44 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013535.html * linux-signed 4.4.0-25.44 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013536.html * linux-meta 4.4.0.25.26 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013537.html * linux_4.4.0-25.44_amd64.tar.gz - - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013538.html * spl-linux 0.6.5.6-0ubuntu3 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013539.html * boost1.58 1.58.0+dfsg-5ubuntu3.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013540.html * software-properties 0.96.20.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013541.html * golang-1.6 1.6.2-0ubuntu5~16.04 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013542.html * xen 4.6.0-1ubuntu4.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013543.html * xen 4.6.0-1ubuntu4.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013544.html * neutron 2:8.1.2-0ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013545.html * aodh 2.0.1-0ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013546.html * neutron-vpnaas 2:8.1.2-0ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013547.html * linux-raspi2 4.4.0-1013.17 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013548.html * linux-meta-raspi2 4.4.0.1013.13 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013549.html * linux-snapdragon 4.4.0-1016.19 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013550.html * linux-meta-snapdragon 4.4.0.1016.8 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013551.html * gnome-shell 3.18.5-0ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013554.html * simplestreams 0.1.0~bzr426-0ubuntu1.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013552.html * netcfg 1.135ubuntu4.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013553.html * gui-ufw 16.04.1-0ubuntu1.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013555.html * debian-installer 20101020ubuntu451.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013556.html * pkgsel 0.43ubuntu1.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013557.html * lshw 02.17-1.1ubuntu3.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013558.html * python-glanceclient 1:2.0.0-2ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013559.html * horizon 2:9.0.1-0ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013560.html * python-oslo.concurrency 3.7.1-0ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013561.html * upower 0.99.4-2ubuntu0.3 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013562.html * base-files 9.4ubuntu4.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013563.html * linux-firmware 1.157.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013564.html * network-manager-applet 1.2.0-0ubuntu0.16.04.3 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013565.html * debian-installer 20101020ubuntu451.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013566.html * snapd 2.0.9 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013567.html * swauth 1.0.4-0ubuntu1.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013568.html * oce 0.17.1-1ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013569.html * abiword 3.0.1-6ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013570.html * biber 2.4-1ubuntu1.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013571.html * pypy 5.1.2+dfsg-1~16.04 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013572.html * brlaser 3-5~ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013573.html * gnutls28 3.4.10-4ubuntu1.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013574.html * bzr 2.7.0-2ubuntu2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013575.html * ecj 3.10.1-2ubuntu1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013576.html * adobe-flashplugin 1:20160616.1-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013577.html * ruby2.3 2.3.1-2~16.04 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013578.html * adobe-flashplugin 1:20160616.1-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013579.html * flashplugin-nonfree 11.2.202.626ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013580.html * whoopsie 0.2.52.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013581.html * clamav 0.99+dfsg-1ubuntu1.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013582.html * yelp-tools 3.18.0-1ubuntu0.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013583.html * gnome-documents 3.18.3-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013584.html * flashplugin-nonfree 11.2.202.626ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013585.html * vim 2:7.4.1689-3ubuntu1.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013586.html * network-manager-openconnect 1.2.0-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013587.html * network-manager-ssh 1.2.0-0ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013588.html * phpmyadmin 4:4.5.4.1-2ubuntu2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013589.html * grub2 2.02~beta2-36ubuntu3.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013590.html * grub2-signed 1.66.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013591.html * dkms 2.2.0.3-2ubuntu11.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013592.html * giflib 5.1.4-0.3~16.04 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013593.html * nova 2:13.0.0-0ubuntu5 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013594.html * console-setup 1.108ubuntu15.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013595.html * apt-setup 1:0.104ubuntu4.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013596.html * shared-mime-info 1.5-2ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013597.html * file-roller 3.16.5-0ubuntu1.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013598.html * libvirt 1.3.1-1ubuntu10.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013599.html * fwupd 0.7.0-0ubuntu4.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013600.html * installation-guide 20160121ubuntu2.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013601.html * cacti 0.8.8f+ds1-4ubuntu4.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013602.html * qemu 1:2.5+dfsg-5ubuntu10.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013603.html * initramfs-tools 0.122ubuntu8.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013604.html * dnsmasq 2.75-1ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013605.html * expat 2.1.0-7ubuntu0.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013606.html * haproxy 1.6.3-1ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013607.html * wget 1.17.1-1ubuntu1.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013608.html * command-not-found 0.3ubuntu16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013609.html * dnsmasq 2.75-1ubuntu0.16.04.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013610.html * haproxy 1.6.3-1ubuntu0.1 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013611.html * expat 2.1.0-7ubuntu0.16.04.2 - https://lists.ubuntu.com/archives/xenial-changes/2016-June/013612.html End of Life - April 2021 == Subscribe == Get your copy of the Ubuntu Weekly Newsletter delivered each week to you via email at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-news == Archives == You can always find older Ubuntu Weekly Newsletter issues at: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter == Additional Ubuntu News == As always you can find more news and announcements at: http://insights.ubuntu.com/ and http://fridge.ubuntu.com/ == Conclusion == Thank you for reading the Ubuntu Weekly Newsletter. See you next week! == Credits == The Ubuntu Weekly Newsletter is brought to you by: * Elizabeth K. Joseph * Paul White * Simon Quigley * And many others == Glossary of Terms == Other acronyms can be found at https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/glossary == Ubuntu - Get Involved == The Ubuntu community consists of individuals and teams, working on different aspects of the distribution, giving advice and technical support, and helping to promote Ubuntu to a wider audience. No contribution is too small, and anyone can help. It's your chance to get in on all the community fun associated with developing and promoting Ubuntu. http://community.ubuntu.com/contribute/ Or get involved with the Ubuntu Weekly Newsletter team! We always need summary writers and editors, if you're interested, learn more at: https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Join == Feedback == This document is maintained by the Ubuntu Weekly News Team. If you have a story idea or suggestions for the Weekly Newsletter, join the

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libarchive (SSA:2016-172-01) New libarchive packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/libarchive-3.2.1-i486-1_slack14.1.txz: Upgraded. This release fixes several critical bugs, including some with security implications. (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libarchive-3.2.1-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libarchive-3.1.2-x86_64-2_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libarchive-3.2.1-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libarchive-3.2.1-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.1 package: 1850b5d6432529f6be2cab1742c26593 libarchive-3.2.1-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 23098669ee8382889d926ef24ec00d91 libarchive-3.1.2-x86_64-2_slack14.1.txz Slackware -current package: c63dd1f11bf407b15210023c8eb8e5f6 l/libarchive-3.2.1-i586-1.txz Slackware x86_64 -current package: b31802aa3e1fee839a08de25f97917c0 l/libarchive-3.2.1-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg libarchive-3.2.1-i486-1_slack14.1.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] pcre (SSA:2016-172-02) New pcre packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/pcre-8.39-i486-1_slack14.1.txz: Upgraded. This release fixes bugs (including a couple of DoS security issues), and retrofits to PCRE1 some appropriate JIT improvements from PCRE2. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1283 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/pcre-8.39-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/pcre-8.39-x86_64-1_slack14.1.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/pcre-8.39-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/pcre-8.39-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.1 package: a13ec0d807ffc229b95e9e64ef92f2a1 pcre-8.39-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 4ad28496e439dc78d1885a80244e651e pcre-8.39-x86_64-1_slack14.1.txz Slackware -current package: 272aa6c70bafd4c0f583117144df13b6 l/pcre-8.39-i586-1.txz Slackware x86_64 -current package: e7bb79adac6e62ab2637e4cbde684a8f l/pcre-8.39-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg pcre-8.39-i486-1_slack14.1.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+

http://benchmarkreviews.us10.list-manage2.com/track/click?u=9a2f239b17114c9008e3dfda9&id=8ea7ee6209&e=8138df6da5 ** Benchmark Reviews Presents: ------------------------------------------------------------ datatraveler3000vault_01 TITLE: DataTraveler Vault Privacy 3.0 Review (http://benchmarkreviews.us10.list-manage1.com/track/click?u=9a2f239b17114c9008e3dfda9&id=0a65527f2c&e=8138df6da5) QUOTE: Nowadays it seems personal data is constantly targeted for unauthorized access; whether remotely or by physically means. AES encryption has been stellar in its ability secure data, especially in its 256 bit implementation whose encryption takes an exponentially long time to brute-force hack, even on today’s fastest machines. The DataTraveler Vault Privacy 3.0 Flash Drive, which uses a more secure XTS-AES encryption and is FIPS-197 certified, is aimed towards business users who deal with sensitive data. Benchmark Reviews evaluates this digital storage device to see how well it performs in securing a users precious files. LINK: http://benchmarkreviews.us10.list-manage1.com/track/click?u=9a2f239b17114c9008e3dfda9&id=fcd7b5c29a&e=8138df6da5 IMAGE: http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=c12f82895c&e=8138df6da5 ============================================================

We have posted a new solid state report!! ------------------------------------------------------------ http://us7.campaign-archive2.com/?u=3d9b6193ffd32dd60e84fc74b&id=905f639d99&e=312ec141fb http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=e666bf6246&e=312ec141fb TITLE: Dell XPS 13 Gold Edition Review – Worlds Best Ultra Puts MBA In Its Place LINK: http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=789b9044ec&e=312ec141fb PHOTO: http://thessdreview.us7.list-manage.com/track/click?u=3d9b6193ffd32dd60e84fc74b&id=2202b20e3b&e=312ec141fb INFO: The Dell XPS displays the world’s top performance when examining SSD read and write transfered speeds, although optimized, but that isn’t close to telling the whole story. Dell tied this performance in with Intel’s 6th generation i7-6550U CPU, 8 or 16GB of 1866Mhz RAM, Intel Iris 540 HD Graphics, along with Dell’s 13.3″ QHD+ (3200×1800) Infinity Edge Touch Display. The Dell XPS 13 isn’t just the best ultrabook available today, it’s the best of everything. It truly is and it is great to be back Dell! _________________________________________________________________________________________

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: chromium-browser security update Advisory ID: RHSA-2016:1262-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2016:1262 Issue date: 2016-06-20 CVE Names: CVE-2016-1704 ===================================================================== 1. Summary: An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: Chromium is an open-source web browser, powered by WebKit (Blink). This update upgrades Chromium to version 51.0.2704.103. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-1704) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Chromium must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1347675 - CVE-2016-1704 chromium-browser: various fixes from internal audits 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: chromium-browser-51.0.2704.103-1.el6.i686.rpm chromium-browser-debuginfo-51.0.2704.103-1.el6.i686.rpm x86_64: chromium-browser-51.0.2704.103-1.el6.x86_64.rpm chromium-browser-debuginfo-51.0.2704.103-1.el6.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: chromium-browser-51.0.2704.103-1.el6.i686.rpm chromium-browser-debuginfo-51.0.2704.103-1.el6.i686.rpm x86_64: chromium-browser-51.0.2704.103-1.el6.x86_64.rpm chromium-browser-debuginfo-51.0.2704.103-1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: chromium-browser-51.0.2704.103-1.el6.i686.rpm chromium-browser-debuginfo-51.0.2704.103-1.el6.i686.rpm x86_64: chromium-browser-51.0.2704.103-1.el6.x86_64.rpm chromium-browser-debuginfo-51.0.2704.103-1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-1704 https://access.redhat.com/security/updates/classification/#important https://googlechromereleases.blogspot.com/2016/06/stable-channel-update_16.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFXaEWbXlSAg2UNWIIRAsVGAKCZ+vTN9bV9Kd1y0w0DTgUAm+xi4wCggzru BOnVL6Xgm9A/cD5Q0azvXdc= =hPaR -----END PGP SIGNATURE----- --

We are pleased to announce version 0.32.1 of Vala, a compiler for the GObject type system. Vala 0.32.1 is now available for download at:    http://download.gnome.org/sources/vala/0.32/ Changes since 0.32.0  * Bug fixes and binding updates. Vala is a programming language that aims to bring modern programming language features to GNOME developers without imposing any additional runtime requirements and without using a different ABI compared to applications and libraries written in C. valac, the Vala compiler, is a self-hosting compiler that translates Vala source code into C source and header files. It uses the GObject type system to create classes and interfaces declared in the Vala source code. More information about Vala is available at         http://www.vala-project.org/ The Vala Team --- Rico Tzschichholz (8):       vapi: Update GIR-based bindings       gtk+-3.0: Mark arguments as 'out' for Entry.get_frame_size()       gtk+-2.0: Mark arguments as 'out' for Entry.get_text_area_size()       atk: Update from gir       gstreamer: Update to 1.8.1       gio-unix-2.0: Fix DesktopAppInfo.get_keywords()       gstreamer: Skip private padding fields       gtk+3.0: Fix Gtk.Range.get_range_border() Aurélien Zanelli (1):       gstreamer-controller-1.0: Rename DirectControlBinding.new_absolue to 'with_absolute' Jürg Billeter (1):       Release 0.32.1 Luca Bruno (1):       gtk+-2.0, gtk+-3.0: Make CellEditable.start_editing event parameter nullable Maciej Borzecki (1):       libnl-3.0.vapi: extend VAPI Steven Oliver (1):       glib-2.0: Add abs() to float and double _______________________________________________

Shotwell 0.23.2 - 20 Jun 2016  * Use yelp-build to generate HTML docs  * Remove gphoto-2.4 support  * Fix background color drawing (#766864)  * Port GtkNotebook to GtkStack (#744289)  * Fix missing scroll bars in events (#766864)  * Fix URLs in manpage  * Clean up external functions  * Port librest's internal hmac_sha1 implementation to Vala  * Fix multiplication of symbols in plugins  * Request "popup" login in Facebook  * Update help regarding publishing permissions in Facebook (#766919)  * Add source SVG for new app icons  * Update logo for help  * Remove executable flag on images  * Piwigo: Let libsoup parse the cookie  * Remove string utility functions in publishing plugins  * Remove a libgee work-around, bump to 0.10 minimum version  * Make filter toolbar buttons contain text and image  * Move commonly used functions into shared library to prevent multiple     definition of symbols Bugs fixed in this release:  - https://bugzilla.gnome.org/show_bug.cgi?id=744289  - https://bugzilla.gnome.org/show_bug.cgi?id=766864  - https://bugzilla.gnome.org/show_bug.cgi?id=766919  - https://bugzilla.gnome.org/show_bug.cgi?id=767042 All contributors to this release:  - Jens Georg  - Wolfgang Steitz  - Piotr Drąg  - Mario Blättermann  - Marek Černocký  - Enrico Nicoletto  - Dušan Kazik  - Daniel Mustieles  - Christian Kirbach  - Andika Triwidada  - Anders Jonsson  - Abel 'Akronix' Serrano Juste The tarball is available for download at https://download.gnome.org/sources/shotwell/0.23/ _______________________________________________

A new unstable release of Rygel! 0.31.2 ====== - Check whether xsltproc is able to build the manpages - Don't try to build manpages when xsltproc isn't available - Check for libmediaart VAPI file Rygel:  - Fix critical when running without D-Bus  - When we ignore a context, disable it Examples:  - Fix resource generation Bugs fixed in this release:  - https://bugzilla.gnome.org/show_bug.cgi?id=767448  - https://bugzilla.gnome.org/show_bug.cgi?id=767458  - https://bugzilla.gnome.org/show_bug.cgi?id=767459 All contributors to this release:  - Jens Georg  - Trần Ngá»Âc Quân  - Piotr Drąg  - Mario Blättermann  - Daniel Mustieles  - Cédric Valmary Added/updated translations  - de, courtesy of Mario Blättermann  - es, courtesy of Daniel Mustieles  - oc, courtesy of Cédric Valmary (totenoc.eu)  - vi, courtesy of Trần Ngá»Âc Quân Download source tarball here: http://download.gnome.org/sources/rygel/0.31/ -------- What is Rygel? Rygel is a home media solution that allows you to easily share audio, video and pictures, and control of media player on your home network. In technical terms it is both a UPnP AV MediaServer and MediaRenderer implemented through a  plug-in mechanism. Interoperability with other devices in the market is achieved  by conformance to very strict requirements of DLNA and on the fly  conversion of media to formats that client devices are capable of handling. More information at our project home page: http://www.rygel-project.org _______________________________________________

openSUSE Security Update: Security update for ntp ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:1636-1 Rating: important References: #979302 #979981 #981422 #982056 #982064 #982065 #982066 #982067 #982068 Cross-References: CVE-2016-4953 CVE-2016-4954 CVE-2016-4955 CVE-2016-4956 CVE-2016-4957 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has four fixes is now available. Description: ntp was updated to version 4.2.8p8 to fix five security issues. These security issues were fixed: - CVE-2016-4953: Bad authentication demobilizes ephemeral associations (bsc#982065). - CVE-2016-4954: Processing spoofed server packets (bsc#982066). - CVE-2016-4955: Autokey association reset (bsc#982067). - CVE-2016-4956: Broadcast interleave (bsc#982068). - CVE-2016-4957: CRYPTO_NAK crash (bsc#982064). These non-security issues were fixed: - Keep the parent process alive until the daemon has finished initialisation, to make sure that the PID file exists when the parent returns. - bsc#979302: Change the process name of the forking DNS worker process to avoid the impression that ntpd is started twice. - bsc#981422: Don't ignore SIGCHILD because it breaks wait(). - bsc#979981: ntp-wait does not accept fractional seconds, so use 1 instead of 0.2 in ntp-wait.service. - Separate the creation of ntp.keys and key #1 in it to avoid problems when upgrading installations that have the file, but no key #1, which is needed e.g. by "rcntp addserver". This update was imported from the SUSE:SLE-12-SP1:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2016-750=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i586 x86_64): ntp-4.2.8p8-24.1 ntp-debuginfo-4.2.8p8-24.1 ntp-debugsource-4.2.8p8-24.1 ntp-doc-4.2.8p8-24.1 References: https://www.suse.com/security/cve/CVE-2016-4953.html https://www.suse.com/security/cve/CVE-2016-4954.html https://www.suse.com/security/cve/CVE-2016-4955.html https://www.suse.com/security/cve/CVE-2016-4956.html https://www.suse.com/security/cve/CVE-2016-4957.html https://bugzilla.suse.com/979302 https://bugzilla.suse.com/979981 https://bugzilla.suse.com/981422 https://bugzilla.suse.com/982056 https://bugzilla.suse.com/982064 https://bugzilla.suse.com/982065 https://bugzilla.suse.com/982066 https://bugzilla.suse.com/982067 https://bugzilla.suse.com/982068 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

We are pleased to announce version 0.30.2 of Vala, a compiler for the GObject type system. Vala 0.30.2 is now available for download at:    http://download.gnome.org/sources/vala/0.30/ Changes since 0.30.1  * Bug fixes and binding updates. Vala is a programming language that aims to bring modern programming language features to GNOME developers without imposing any additional runtime requirements and without using a different ABI compared to applications and libraries written in C. valac, the Vala compiler, is a self-hosting compiler that translates Vala source code into C source and header files. It uses the GObject type system to create classes and interfaces declared in the Vala source code. More information about Vala is available at         http://www.vala-project.org/ The Vala Team --- Rico Tzschichholz (3):       girparser: Do not unconditionally make a delegate owned       vapi: Update GIR-based bindings       gio-unix-2.0: Fix DesktopAppInfo.get_keywords() Jürg Billeter (2):       vala: Fix critical warning with dynamic properties       Release 0.30.2 _______________________________________________

GSSDP 0.14.16 ============= - Fill the interface index for bionic. - Remove unused include. - Fix interface lookup on Win32 Bugs fixed in this release:  - https://bugzilla.gnome.org/show_bug.cgi?id=762455  - https://bugzilla.gnome.org/show_bug.cgi?id=765688  - https://bugzilla.gnome.org/show_bug.cgi?id=765709 All contributors to this release:  - Aurélien Chabot  - Jens Georg  - Florian Zwoch GUPnP 0.20.18 ============= - Retry description URL on failure. Bugs fixed in this release:  - https://bugzilla.gnome.org/show_bug.cgi?id=694450 All contributors to this release:  - Jens Georg  - Jozef Šiška GUPnP-DLNA 0.10.5 ================== 0.10.5 ====== - Fix AAC ISO formats with recent GStreamer All contributors to this release:  - Jens Georg 0.10.4 ====== - Call setlocale in commandline tools. - Include VAPI in tarball. Bugs fixed in this release:  - https://bugzilla.gnome.org/show_bug.cgi?id=760431 All contributors to this release:  - Jens Georg  - Ting-Wei Lan _______________________________________________

Cooler Master MasterCase Maker 5 Review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=b1c7bed0b6&e=872093acb5 http://www.kitguru.net Cooler Master MasterCase Maker 5 Review Cooler Master has been teasing us with the MasterCase Maker 5 for quite some time and finally the wait is over. We have previously seen the MasterCase 5 and Pro 5 (and rather liked the Pro) but what we really wanted was the Maker 5. Read the review here: http://www.kitguru.net/components/cases/zardon/cooler-master-mastercase-maker-5-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=b1c7bed0b6&e=872093acb5) Copyright © 2016 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.