news

openSUSE Security Update: Security update for rubygem-puppet ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1948-1 Rating: important References: #1040151 Cross-References: CVE-2017-2295 Affected Products: openSUSE Leap 42.3 openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for rubygem-puppet fixes the following issues: - CVE-2017-2295: A remote attacker could have forced unsafe YAML deserialization which could have led to code execution (bsc#1040151) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2017-835=1 - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-835=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.3 (i586 x86_64): ruby2.1-rubygem-puppet-3.8.7-20.1 ruby2.1-rubygem-puppet-doc-3.8.7-20.1 ruby2.1-rubygem-puppet-testsuite-3.8.7-20.1 ruby2.2-rubygem-puppet-3.8.7-20.1 ruby2.2-rubygem-puppet-doc-3.8.7-20.1 ruby2.2-rubygem-puppet-testsuite-3.8.7-20.1 ruby2.3-rubygem-puppet-3.8.7-20.1 ruby2.3-rubygem-puppet-doc-3.8.7-20.1 ruby2.3-rubygem-puppet-testsuite-3.8.7-20.1 ruby2.4-rubygem-puppet-3.8.7-20.1 ruby2.4-rubygem-puppet-doc-3.8.7-20.1 ruby2.4-rubygem-puppet-testsuite-3.8.7-20.1 rubygem-puppet-3.8.7-20.1 rubygem-puppet-master-3.8.7-20.1 - openSUSE Leap 42.3 (noarch): rubygem-puppet-emacs-3.8.7-20.1 rubygem-puppet-master-unicorn-3.8.7-20.1 rubygem-puppet-vim-3.8.7-20.1 - openSUSE Leap 42.2 (i586 x86_64): ruby2.1-rubygem-puppet-3.8.7-17.3.1 ruby2.1-rubygem-puppet-doc-3.8.7-17.3.1 ruby2.1-rubygem-puppet-testsuite-3.8.7-17.3.1 rubygem-puppet-3.8.7-17.3.1 rubygem-puppet-master-3.8.7-17.3.1 - openSUSE Leap 42.2 (noarch): rubygem-puppet-emacs-3.8.7-17.3.1 rubygem-puppet-master-unicorn-3.8.7-17.3.1 rubygem-puppet-vim-3.8.7-17.3.1 References: https://www.suse.com/security/cve/CVE-2017-2295.html https://bugzilla.suse.com/1040151 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

========================================================================== Kernel Live Patch Security Notice LSN-0026-1 July 24, 2017 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu: | Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency | Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-7374) Jann Horn discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel could overflow reference counters on systems with more than 32GB of physical ram and with RLIMIT_MEMLOCK set to infinite. A local unprivileged attacker could use to create a use-after- free situation, causing a denial of service (system crash) or possibly gain administrative privileges. (CVE-2016-4558) It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. (CVE-2017-1000365) 石磊 discovered that the RxRPC Kerberos 5 ticket handling code in the Linux kernel did not properly verify metadata. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7482) Jann Horn discovered that bpf in Linux kernel does not restrict the output of the print_bpf_insn function. A local attacker could use this to obtain sensitive address information. (CVE-2017-9150) Update instructions: The problem can be corrected by up[censored] your livepatches to the following versions: | Kernel | Version | flavors | |-----------------+----------+--------------------------| | 4.4.0-21.37 | 26.1 | generic, lowlatency | | 4.4.0-22.39 | 26.1 | generic, lowlatency | | 4.4.0-22.40 | 26.1 | generic, lowlatency | | 4.4.0-24.43 | 26.1 | generic, lowlatency | | 4.4.0-28.47 | 26.1 | generic, lowlatency | | 4.4.0-31.50 | 26.1 | generic, lowlatency | | 4.4.0-34.53 | 26.1 | generic, lowlatency | | 4.4.0-36.55 | 26.1 | generic, lowlatency | | 4.4.0-38.57 | 26.1 | generic, lowlatency | | 4.4.0-42.62 | 26.1 | generic, lowlatency | | 4.4.0-43.63 | 26.1 | generic, lowlatency | | 4.4.0-45.66 | 26.1 | generic, lowlatency | | 4.4.0-47.68 | 26.1 | generic, lowlatency | | 4.4.0-51.72 | 26.1 | generic, lowlatency | | 4.4.0-53.74 | 26.1 | generic, lowlatency | | 4.4.0-57.78 | 26.1 | generic, lowlatency | | 4.4.0-59.80 | 26.1 | generic, lowlatency | | 4.4.0-62.83 | 26.1 | generic, lowlatency | | 4.4.0-63.84 | 26.1 | generic, lowlatency | | 4.4.0-64.85 | 26.1 | generic, lowlatency | | 4.4.0-66.87 | 26.1 | generic, lowlatency | | 4.4.0-67.88 | 26.1 | generic, lowlatency | | 4.4.0-70.91 | 26.1 | generic, lowlatency | | 4.4.0-71.92 | 26.1 | generic, lowlatency | | 4.4.0-72.93 | 26.1 | generic, lowlatency | | 4.4.0-75.96 | 26.1 | generic, lowlatency | | 4.4.0-77.98 | 26.1 | generic, lowlatency | | 4.4.0-78.99 | 26.1 | generic, lowlatency | | 4.4.0-79.100 | 26.1 | generic, lowlatency | | 4.4.0-81.104 | 26.1 | generic, lowlatency | | 4.4.0-83.106 | 26.1 | generic, lowlatency | | lts-4.4.0-21.37_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-22.39_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-22.40_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-24.43_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-28.47_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-31.50_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-34.53_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-36.55_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-38.57_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-42.62_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-45.66_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-47.68_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-51.72_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-53.74_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-57.78_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-59.80_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-62.83_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-64.85_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-66.87_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-70.91_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-71.92_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-72.93_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-75.96_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-79.100_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-81.104_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | Additionally, you should install an updated kernel with these fixes and reboot at your convienience. References: CVE-2016-4558, CVE-2017-1000365, CVE-2017-7374, CVE-2017-7482, CVE-2017-9150 --

SUSE Security Update: Security update for Linux Kernel Live Patch 12 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1937-1 Rating: important References: #1025013 #1025254 #1030575 #1031481 #1031660 #1039496 Cross-References: CVE-2017-1000364 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP1-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has 5 fixes is now available. Description: This update for the Linux Kernel 3.12.69-60_64_29 fixes several issues. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed) (bsc#1039496). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1207=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1207=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): kgraft-patch-3_12_69-60_64_29-default-5-3.1 kgraft-patch-3_12_69-60_64_29-xen-5-3.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): kgraft-patch-3_12_69-60_64_29-default-5-3.1 kgraft-patch-3_12_69-60_64_29-xen-5-3.1 References: https://www.suse.com/security/cve/CVE-2017-1000364.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 https://bugzilla.suse.com/1039496 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 21 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1939-1 Rating: important References: #1039496 Cross-References: CVE-2017-1000364 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.61-52_72 fixes one issue. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed) (bsc#1039496). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-1206=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-1206=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_61-52_72-default-2-3.1 kgraft-patch-3_12_61-52_72-xen-2-3.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_61-52_72-default-2-3.1 kgraft-patch-3_12_61-52_72-xen-2-3.1 References: https://www.suse.com/security/cve/CVE-2017-1000364.html https://bugzilla.suse.com/1039496 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 13 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1941-1 Rating: important References: #1030575 #1031481 #1031660 #1039496 Cross-References: CVE-2017-1000364 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP1-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update for the Linux Kernel 3.12.69-60_64_32 fixes several issues. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed) (bsc#1039496). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1208=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1208=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): kgraft-patch-3_12_69-60_64_32-default-4-3.1 kgraft-patch-3_12_69-60_64_32-xen-4-3.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): kgraft-patch-3_12_69-60_64_32-default-4-3.1 kgraft-patch-3_12_69-60_64_32-xen-4-3.1 References: https://www.suse.com/security/cve/CVE-2017-1000364.html https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 https://bugzilla.suse.com/1039496 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 15 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1943-1 Rating: important References: #1039496 Cross-References: CVE-2017-1000364 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP1-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for the Linux Kernel 3.12.74-60_64_40 fixes one issue. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed) (bsc#1039496). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1209=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1209=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): kgraft-patch-3_12_74-60_64_40-default-2-3.1 kgraft-patch-3_12_74-60_64_40-xen-2-3.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): kgraft-patch-3_12_74-60_64_40-default-2-3.1 kgraft-patch-3_12_74-60_64_40-xen-2-3.1 References: https://www.suse.com/security/cve/CVE-2017-1000364.html https://bugzilla.suse.com/1039496 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 14 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1944-1 Rating: important References: #1031481 #1031660 #1039496 Cross-References: CVE-2017-1000364 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP1-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for the Linux Kernel 3.12.69-60_64_35 fixes several issues. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed) (bsc#1039496). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1210=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1210=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): kgraft-patch-3_12_69-60_64_35-default-3-3.1 kgraft-patch-3_12_69-60_64_35-xen-3-3.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): kgraft-patch-3_12_69-60_64_35-default-3-3.1 kgraft-patch-3_12_69-60_64_35-xen-3-3.1 References: https://www.suse.com/security/cve/CVE-2017-1000364.html https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 https://bugzilla.suse.com/1039496 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for Linux Kernel Live Patch 20 for SLE 12 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1945-1 Rating: important References: #1025013 #1031660 #1039496 Cross-References: CVE-2017-1000364 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for the Linux Kernel 3.12.61-52_69 fixes several issues. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed) (bsc#1039496). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-1205=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-1205=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (x86_64): kgraft-patch-3_12_61-52_69-default-3-3.1 kgraft-patch-3_12_61-52_69-xen-3-3.1 - SUSE Linux Enterprise Server 12-LTSS (x86_64): kgraft-patch-3_12_61-52_69-default-3-3.1 kgraft-patch-3_12_61-52_69-xen-3-3.1 References: https://www.suse.com/security/cve/CVE-2017-1000364.html https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1031660 https://bugzilla.suse.com/1039496 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* Logitech BRIO ( -at -) LanOC Reviews <https://lanoc.org/review/photography/7586-logitech-brio> *DESCRIPTION:* For almost forever now the webcam market has been extremely stagnant. That’s not to say that there haven’t been great options out there. Last December I took a look at the Logitech C922 Pro Streaming Webcam and loved it <https://lanoc.org/review/photography/7381-logitech-c922-pro-stream-webcam>. The problem is the C922 is really just the C920 that has been on the market for 5 years and it is very similar to the C910 that it replaced. So in my C922 review <https://lanoc.org/review/photography/7381-logitech-c922-pro-stream-webcam>, I mentioned how badly I wanted to see 4k webcams and to finally see webcams take advantage of the bandwidth that USB 3.0 gives us. Well not long after that Logitech introduced the BRIO a 4k USB 3.0 webcam with a whole list of improvements. I’m not going to take all of the credit, only most of it, clearly the short paragraph last year was the motivation they needed. Anyhow, I begged and they promised to send one over and they did just that. So today we are going to check out the BRIO and see if it is all that I had hoped! *ARTICLE URL:* https://lanoc.org/review/photography/7586-logitech-brio *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/logitech_brio/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/logitech_brio/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>

SUSE Security Update: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1946-1 Rating: important References: #1013543 #1014271 #1021417 #1025013 #1025254 #1030575 #1031481 #1031660 #1039496 Cross-References: CVE-2017-1000364 Affected Products: SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server 12-SP1-LTSS ______________________________________________________________________________ An update that solves one vulnerability and has 8 fixes is now available. Description: This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed) (bsc#1039496). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1212=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1212=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64): kgraft-patch-3_12_67-60_64_21-default-7-3.1 kgraft-patch-3_12_67-60_64_21-xen-7-3.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64): kgraft-patch-3_12_67-60_64_21-default-7-3.1 kgraft-patch-3_12_67-60_64_21-xen-7-3.1 References: https://www.suse.com/security/cve/CVE-2017-1000364.html https://bugzilla.suse.com/1013543 https://bugzilla.suse.com/1014271 https://bugzilla.suse.com/1021417 https://bugzilla.suse.com/1025013 https://bugzilla.suse.com/1025254 https://bugzilla.suse.com/1030575 https://bugzilla.suse.com/1031481 https://bugzilla.suse.com/1031660 https://bugzilla.suse.com/1039496 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Gigabyte AORUS RX 580 GTR 8 GB Link: https://www.techpowerup.com/reviews/Gigabyte/AORUS_RX_580_XTR Brief: The AORUS RX 580 XTR is Gigabyte's highest clockest Radeon RX 580 variant. The large overclock out of the box ensures that the card can beat GTX 1060 6 GB. Also included is the crucial idle-fan-off feature and adjustable RGB lighting.

-------- TESORO A3 TUNED IN-EAR PRO EARPHONES REVIEW ( -at -) APH NETWORKS ---------- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: Tesoro A3 Tuned In-Ear Pro Earphones Review ( -at -) APH Networks * Description: The Tesoro A3 Tuned In-Ear Pro are budget earphones with great build quality. * Link: http://aphnetworks.com/reviews/tesoro-a3-tuned-in-ear-pro * Image: http://aphnetworks.com/review/tesoro-tuned-inear-pro/007.jpg Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5

Some people drive a modest vehicle because it’s no more than a tool to reliably get them from point A to B. Having a modest price tag doesn’t hurt and surely part of the purchasing decision. Other people want to reliably get from point A to point B as well, but they want to do it with a little more comfort and style and will shell out some extra cash to do so. And then there are those that want that same reliable trip but want comfort, style and performance – price be damned. The latter individuals are the ones that are going to want to pay attention here. No, we aren’t going to talk about cars but rather a gaming mouse, at least in intent but can be so much more. It’s the Logitech G900 Chaos Spectrum wireless gaming mouse to be exact. It lures you in with its fancy looks and impressive specs then gut punches you with its price tag. At $150 MSRP, it’s one of the most expensive mice on the market though with its successor just announced (yeah, we’re a little late to the party), you can now find it online for a Benjamin – but is it worth it? That’s what you’re about to find out. Article Title: Logitech G900 Chaos Spectrum Wireless Gaming Mouse Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/logitech-g900-chaos-spectrum-wireless-gaming-mouse-review_196258 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =

openSUSE Security Update: Security update for evince ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1933-1 Rating: important References: #1046856 Cross-References: CVE-2017-1000083 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for evince fixes the following issues: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code. (bsc#1046856, bgo#784630) This update was imported from the SUSE:SLE-12-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-834=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (x86_64): evince-3.20.1-2.3.1 evince-browser-plugin-3.20.1-2.3.1 evince-browser-plugin-debuginfo-3.20.1-2.3.1 evince-debuginfo-3.20.1-2.3.1 evince-debugsource-3.20.1-2.3.1 evince-devel-3.20.1-2.3.1 evince-plugin-comicsdocument-3.20.1-2.3.1 evince-plugin-comicsdocument-debuginfo-3.20.1-2.3.1 evince-plugin-djvudocument-3.20.1-2.3.1 evince-plugin-djvudocument-debuginfo-3.20.1-2.3.1 evince-plugin-dvidocument-3.20.1-2.3.1 evince-plugin-dvidocument-debuginfo-3.20.1-2.3.1 evince-plugin-pdfdocument-3.20.1-2.3.1 evince-plugin-pdfdocument-debuginfo-3.20.1-2.3.1 evince-plugin-psdocument-3.20.1-2.3.1 evince-plugin-psdocument-debuginfo-3.20.1-2.3.1 evince-plugin-tiffdocument-3.20.1-2.3.1 evince-plugin-tiffdocument-debuginfo-3.20.1-2.3.1 evince-plugin-xpsdocument-3.20.1-2.3.1 evince-plugin-xpsdocument-debuginfo-3.20.1-2.3.1 libevdocument3-4-3.20.1-2.3.1 libevdocument3-4-debuginfo-3.20.1-2.3.1 libevview3-3-3.20.1-2.3.1 libevview3-3-debuginfo-3.20.1-2.3.1 nautilus-evince-3.20.1-2.3.1 nautilus-evince-debuginfo-3.20.1-2.3.1 typelib-1_0-EvinceDocument-3_0-3.20.1-2.3.1 typelib-1_0-EvinceView-3_0-3.20.1-2.3.1 - openSUSE Leap 42.2 (noarch): evince-lang-3.20.1-2.3.1 References: https://www.suse.com/security/cve/CVE-2017-1000083.html https://bugzilla.suse.com/1046856 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Bigbruin.com has published new content which might be of interest to your readers. A post on your site regarding this announcement would be greatly appreciated. *Title: * Aeotec DSA03202-V1 Z-Wave Minimote *Link:* https://bigbruin.com/content/aeotec-minimote_1 *Image (250x250):* https://bigbruin.com/images/articles/953/promo_1.jpg *Quote: * The Aeotec DSA03202-V1 Z-Wave Minimote is definitely a budget friendly choice in the Z-Wave remote controller market, but it is still quite a capable little device. While I am now using each of my two in vehicles to control lighting and garage doors as I approach the house, Inside the house, maybe have one in your bedroom, living room, kitchen, etcetera to provide you with convenient, low cost access to a number of your smart home's features. Best regards, Jason www.bigbruin.com --

Bigbruin.com has published new content which might be of interest to your readers. A post on your site regarding this announcement would be greatly appreciated. *Title: * Aeotec DSA03202-V1 Z-Wave Minimote *Link:* https://bigbruin.com/content/aeotec-minimote_1 *Image (250x250):* https://bigbruin.com/images/articles/953/promo_1.jpg *Quote: * The Aeotec DSA03202-V1 Z-Wave Minimote is definitely a budget friendly choice in the Z-Wave remote controller market, but it is still quite a capable little device. While I am now using each of my two in vehicles to control lighting and garage doors as I approach the house, Inside the house, maybe have one in your bedroom, living room, kitchen, etcetera to provide you with convenient, low cost access to a number of your smart home's features. Best regards, Jason www.bigbruin.com --

** Cougar Conquer Aluminium/Glass Case Review (The $300 case) ------------------------------------------------------------ ------------------------------------------------------------ http://mailchi.mp/kitguru/cougar-conquer-aluminiumglass-case-review-the-300-case?e=872093acb5 http://www.kitguru.net ** Cougar Conquer Aluminium/Glass Case Review (The $300 case) ------------------------------------------------------------ When Cougar offered us their brand-new Conquer case to review, my first thought was ‘what on earth is that?!’ Upon further inspection, I discovered the Conquer is in fact a computer chassis, made almost entirely from glass and aluminium, that looks as if it has just landed from outer space. Its emphasis on premium materials, as well as its unique appearance, mean it doesn’t come cheap, though, as this puppy will set you back $299.99. Read the review here: https://www.kitguru.net/components/cases/dominic-moass/cougar-conquer-aluminiumglass-case-review-the-300-case/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=0751f0c241&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

*NZXT Kraken X42 Review* We review the NZXT Kraken X42 Series Liquid cooler, the little brethren of that X62 we reviewed. The smaller model is nearly as good as its big brother though. This revision CPU cooler is compatible with CAM software. This allows you to program, customize and monitor this all-in-one liquid cooling solution for your processor. Armed with two PWM fans and a nice 280 mm radiator the performance should be really good, and with the CAM software you can monitor temperatures, adjust cooling performance and customize LED lighting directly from your desktop. Read the * review here <http://www.guru3d.com/articles-pages/nzxt-kraken-x42-review,1.html>'>http://www.guru3d.com/articles-pages/nzxt-kraken-x42-review,1.html> *. URL: http://www.guru3d.com/articles-pages/nzxt-kraken-x42-review,1.html <http://www.guru3d.com/articles-pages/nzxt-kraken-x42-review,1.html> --

** Alienware 13 R3 (Amazing OLED screen with QHD resolution) ------------------------------------------------------------ ------------------------------------------------------------ http://mailchi.mp/kitguru/alienware-13-r3-amazing-oled-screen-with-qhd-resolution?e=872093acb5 http://www.kitguru.net ** Alienware 13 R3 (Amazing OLED screen with QHD resolution) ------------------------------------------------------------ Thankfully the review sample we were sent by Alienware is the Big Kahuna with the OLED screen and a mighty QHD resolution of 2,560×1,440 which is a heck of a lot of pixels packed into a 13.3-inch screen. The screen brightness is 400 nits and it has touch control. Rounding up the specification we have GTX 1060 graphics and an increase to 16GB RAM so it is fair to say the appeal of this particular Alienware 13 R3 stands or falls on the OLED screen (Spoiler alert – it looks amazing). Read and watch the review here: https://www.kitguru.net/lifestyle/mobile/laptops/leo-waldock/alienware-13-r3-amazing-oled-screen-with-qhd-resolution/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=3705d2bb16&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

-------- LG X POWER 2 SMARTPHONE REVIEW ( -at -) APH NETWORKS ----------------------- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: LG X power 2 Smartphone Review ( -at -) APH Networks * Description: If battery life is your main concern in a smartphone, then the LG X power 2 should be considered. * Link: http://aphnetworks.com/reports/lg-x-power-2 * Image: http://aphnetworks.com/report/lg-x-power-2/004.jpg Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5

Title: Antec Cube Designed By Razer Mini-ITX Case Review ( -at -) NikKTech Description: If you happen to be a serious Razer fan or if you just like black and green as a color combination then the Cube Designed By Razer mini-ITX case is right up your alley. Article Link: https://www.nikktech.com/main/articles/pc-hardware/pc-cases/8034-antec-cube- designed-by-razer-mini-itx-case-review Image Link: http://www.nikktech.com/main/images/pics/reviews/antec/cube_special_edition/ antec_cube_razera.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas

------------------------------------------------------------ http://mailchi.mp/b71a2bd3bf2a/review-hyperx-alloy-elite-mechanical-gaming-keyboard-cpcr?e=168437af67 Dear News Affiliates, Custom PC Review recently published article(s) your readers may enjoy. We’d appreciate it if you could share it with them. Title: Review: HyperX Alloy Elite Mechanical Gaming Keyboard Link: http://custompcreview.us7.list-manage2.com/track/click?u=406e963590798a4aa1eab5f99&id=4b89a82c84&e=168437af67 Excerpt: "Now back for round two is the HyperX Alloy FPS’s bigger, badder cousin, the HyperX Alloy Elite Mechanical Gaming Keyboard which we have for review today. While the HyperX Alloy FPS catered towards the mainstream gaming crowd, the HyperX Alloy Elite has a more robust set of features than its sibling targeted towards gamers who want..." Thank you for your support, -- Sam Chen -- Editor-in-Chief -- Custom PC Review -- http://custompcreview.us7.list-manage.com/track/click?u=406e963590798a4aa1eab5f99&id=3d803beb1b&e=168437af67 (http://custompcreview.us7.list-manage.com/track/click?u=406e963590798a4aa1eab5f99&id=0e7b879bbb&e=168437af67) ============================================================ ** follow on Twitter (Twitter Account not yet Authorized) | ** friend on Facebook (#) | ** forward to a friend (http://us7.forward-to-friend.com/forward?u=406e963590798a4aa1eab5f99&id=b16ada0752&e=168437af67) Copyright © 2017 Custom PC Review, All rights reserved.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] seamonkey (SSA:2017-202-01) New seamonkey packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/seamonkey-2.48-i586-1_slack14.2.txz: Upgraded. This update contains security fixes and improvements. For more information, see: http://www.seamonkey-project.org/releases/seamonkey2.48 (* Security fix *) patches/packages/seamonkey-solibs-2.48-i586-1_slack14.2.txz: Upgraded. +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/seamonkey-2.48-i586-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/seamonkey-solibs-2.48-i586-1_slack14.2.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/seamonkey-2.48-x86_64-1_slack14.2.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/seamonkey-solibs-2.48-x86_64-1_slack14.2.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/seamonkey-solibs-2.48-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/seamonkey-2.48-i586-1.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/seamonkey-solibs-2.48-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/seamonkey-2.48-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.2 packages: c9dd64c844533e67601e0da8873aa484 seamonkey-2.48-i586-1_slack14.2.txz 347d5d6f5dd1dcfec9adc8d63424c20f seamonkey-solibs-2.48-i586-1_slack14.2.txz Slackware x86_64 14.2 packages: 791011ec05e35d6204243203dcbeefbc seamonkey-2.48-x86_64-1_slack14.2.txz 40d47645a1c990f83d227ab2c3445501 seamonkey-solibs-2.48-x86_64-1_slack14.2.txz Slackware -current packages: e9bc2cffe13c240af3e7dfb463b972f4 l/seamonkey-solibs-2.48-i586-1.txz 58e7f9716d92d700400f87faddbd7635 xap/seamonkey-2.48-i586-1.txz Slackware x86_64 -current packages: 0b673105f48fe108d0c5ce1e6c7d5fd0 l/seamonkey-solibs-2.48-x86_64-1.txz 190a4a9bf2c3fae01971a85306fff628 xap/seamonkey-2.48-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg seamonkey-2.48-i586-1_slack14.2.txz seamonkey-solibs-2.48-i586-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+

The Wine development release 2.13 is now available. What's new in this release (see below for details): - Unicode data updated to Unicode 10.0.0. - Nicer looking default mouse cursors. - Persistent connections support in WinHTTP. - Message Framing protocol support in WebServices. - Improved metafile support in GdiPlus. - Debug registers support in x86-64 exception handling. - Anti-aliasing improvements in DirectWrite. - Various bug fixes. The source is available from the following locations: http://dl.winehq.org/wine/source/2.x/wine-2.13.tar.xz http://mirrors.ibiblio.org/wine/source/2.x/wine-2.13.tar.xz Binary packages for various distributions will be available from: http://www.winehq.org/download You will find documentation on http://www.winehq.org/documentation You can also get the current source directly from the git repository. Check http://www.winehq.org/git for details. Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list. ---------------------------------------------------------------- Bugs fixed in 2.13 (total 33): 32418 Skylanders Spyro's Adventure can't find USB RFID reader, needs hid.dll.HidD_SetOutputReport implementation 36612 valgrind shows a definite leak in winhttp/tests/notification.c 36613 valgrind shows an unintialized write in winhttp/tests/notification.c 38296 Ion Assault (Steam) crashes before the main menu (IWMReader::QueryInterface doesn't support IWMReaderAdvanced2, 'ae14a945-b90c-4d0d-9127-80d665f7d73e') 39833 File not found error when loading fmod audio in Dungeon of the Endless 42275 Biet-O-Matic chm help without directory entry 42528 Grand Theft Auto 5 crashes while loading 42537 Tomb Raider 2013 has medium graphic glitches 42653 Wine x64 does not set debug registers in exception record 42918 Command and Conquer Red Alert 3: should display at least silhouette (pSkipConstants parameter for D3DXCreateEffectEx is ignored) 43099 The Technomancer requires MFCreateSourceReaderFromByteStream implementation 43112 Guitar Pro 7 needs msvcp140.dll._Stat 43160 The Witcher 3: puppeteer lines appearing on character 43194 Uprising/Uprising 2: 3D world not displayed (solid grey/black screen) 43196 Eve Online Crash on macos wined3d-csmt.dll.so buffer_destroy_buffer_object() 43231 Dai-Senryaku Perfect 3.0:Not draw background with GDI. 43265 Regression makes Steam game Rabi-Ribi run too fast 43268 Wargaming.net Game Center needs msvcp140.dll._To_byte 43275 Sacred Gold v2.28 (GOG.com): invisible characters 43283 Crazyracing KartRider: Crashes on startup on unimplemented function ntoskrnl.exe.IoCreateNotificationEvent 43295 BitLord crashes on unimplemented function IPHLPAPI.DLL.if_nametoindex 43302 widl incorrectly generates _Proxy functions in header 43303 PHP crashes on unimplemented function api-ms-win-crt-math-l1-1-0.dll.acosh 43304 PHP crashes on unimplemented function api-ms-win-crt-math-l1-1-0.dll.atanh 43305 numpy crashes on unimplemented function api-ms-win-crt-math-l1-1-0.dll.log1p 43307 Wargaming Game Center periodically crashes with msvcp140.dll._Current_get 43312 valgrind shows a definite leak in dlls/d2d1/tests/d2d1.c 43315 Steam fails to start [After update Thu, 06 Jul 2017] 43317 Icons has a pink color background 43334 winealsa.drv: Warning while building (GCC 7.1.1) 43341 valgrind shows some definite leaks in dlls/gdiplus/tests/graphicspath.c 43348 valgrind shows some definite leaks in dlls/msacm32/tests/msacm.c 43373 valgrind shows an invalid free in dlls/dwrite/tests/font.c ---------------------------------------------------------------- Changes since 2.12: Akihiro Sagawa (3): po: Update Japanese translation. ntdll: Allow map_view() to allocate fixed memory between reserved area and non-reserved area. gdi32: Return non-zero VREFRESH value for display devices. Alex Henrie (10): msvcr120: Correct asinh specfile definitions. msvcr120: Correct erff specfile definition. msvcr120: If erff is not available, fall back to erf. msvcr120: Add acosh. msvcr120: Add atanh. msvcr120: Add erfc. msvcr120: Add expm1. msvcr120: Add log1p. msvcr120: Set errno in log2. msvcrt: Don't set errno in log functions if x is positive infinity. Alexandre Julliard (37): configure: Allow specifying different CFLAGS for the cross compiler. kernel32/tests: Wait for threads to terminate. user32: Implement LR_MONOCHROME for loading cursors. winex11: Load a monochrome cursor instead of converting a color one when possible. user32: Match cursor size in priority over color depth. gdi32: Avoid having the source alpha channel interfere with color comparisons in GdiTransparentBlt. server: Return the top surface window even when not using OpenGL. user32: Add a helper function for copying bits from a window surface. user32: Copy the bits of child windows when the parent has a surface. wineandroid: Add a generation number to the native window to catch when old buffers are queued. wineandroid: Hold on to the native window until we get a new one. tools: Add support for generating cursor files from SVG. user32: New high resolution cursors generated from SVG. comctl32: New high resolution cursors generated from SVG. ole32: New high resolution cursors generated from SVG. riched20: New high resolution cursor generated from SVG. wordpad: New high resolution cursor generated from SVG. user32/tests: Add some tests for WindowFromDC and destroyed windows. winex11: Store the process name at startup to avoid grabbing the loader lock again. opengl32: Add some tests for last error with an invalid DC. user32: Also disable the DC if the window is destroyed without a ReleaseDC. ntdll: Remove unnecessary helper to set debug registers. ntdll: Add helper functions for getting and setting thread context through the server. ntdll: Move NtSetContextThread implementation to the platform-specific files. ntdll: Move NtGetContextThread implementation to the platform-specific files. ntdll: Don't copy cached debug registers from the parent thread. wined3d: Make sure we are still using the correct window before setting pixel format. ntdll: Add platform-specific versions of the thread data structure. ntdll: Move the plaform-independent thread data to the GdiTebBatch TEB field. ntdll: Move the plaform-specific thread data to the SystemReserved2 TEB field. ntdll: Add support for debug registers in exceptions on x86-64. user32: Don't exclude clipped children from the copied window bits since they may be up to date. ntdll: Call NtRaiseException directly from RtlRaiseException on x86-64. ntdll: Remove the raise_exception helper function on x86-64. ntdll: Call NtRaiseException directly from RtlRaiseException on i386. ntdll: Add small assembly wrappers for snooping instead of saving/restoring the entire context. include: Undefine PARITY_NONE to avoid warnings. Alistair Leslie-Hughes (8): widl: Only generate Proxy Stubs when functions have the call_as attribute. mfreadwrite.idl: Add enum MF_SOURCE_READER_FLAG and EXTERN_GUID defines. wmvcore: Support IWMReaderStreamClock interface in IWMReader. wmvcore: Support IWMReaderTypeNegotiation interface in IWMReader. mfplat/tests: Add MFCreateAttributes tests. wmvcore: Support IWMReaderTimecode interface in IWMReader. wmvcore: Support IWMReaderPlaylistBurn interface in IWMReader. include: Support all version of BackgroundCopyManager from bits.h. Andrey Gusev (4): api-ms-win-core-psapi-ansi-l1-1-0: Add dll. api-ms-win-mm-time-l1-1-0: Add dll. api-ms-win-security-provider-l1-1-0: Add dll. winealsa.drv: Fix uninitialized variable warning. André Hentschel (3): vcomp: Add ARM64 support. winemaker: Remove trailing semicolon from PreprocessorDefinitions. wpcap: Fix build with newer pcap versions. Aurimas Fišeras (3): po: Update Lithuanian translation. po: Update Lithuanian translation. po: Update Lithuanian translation. Austin English (1): ntoskrnl.exe: Add IoCreateNotificationEvent stub. Can Taşan (1): po: Update Turkish translation. Daniel Lehman (1): kernel32/tests: Increase timeout for loader test. François Gouget (2): gdiplus: Remove a duplicate word in a comment. windowscodecs/tests: A spelling fix in an ok() message. Gerald Pfeifer (1): user.exe16: Fix ADD_TO_T macro. Hans Leidekker (21): webservices: Store byte records as WS_XML_BASE64_TEXT. webservices: Add support for union types in the writer. webservices: Add support for union types in the reader. webservices: Add support for appending byte records in the reader. webservices: Add support for setting the channel encoding. webservices: Store all text in native format in binary mode. webservices/tests: Add tests. webservices: Handle all supported native text types in the reader type conversion. webservices: Add support for 16-bit length text records in the writer. webservices: Add support for byte records in the writer. webservices: Add support for BOOL records in the writer. webservices: Add support for integer records in the writer. webservices: Add support for double records in the writer. webservices: Add support for GUID records in the writer. webservices: Add support for UNIQUE_ID records in the writer. webservices: Add support for DATETIME records in the writer. webservices/tests: Add tests. webservices: Add support for reading float values. webservices: Set default channel envelope and addressing versions. webservices: Write Action and To headers unless the addressing version is WS_ADDRESSING_VERSION_TRANSPORT. webservices: Implement the Message Framing Protocol. Henri Verbeet (10): d3drm/tests: Simplify a conditional expression. winex11: Only use glXSwapBuffersMscOML() for child windows. wined3d: Fix the WINED3DFMT_D24_UNORM_S8_UINT entry in wined3d_format_convert_from_float(). wined3d: Make a FIXME in cpu_blitter_clear() slightly more accurate. wined3d: Handle WINED3D_POOL_SYSTEM_MEM resources in ffp_blitter_use_cpu_clear(). wined3d: Simplify the render target check in ffp_blitter_clear(). wined3d: Split combined render target and depth/stencil clears if needed in ffp_blitter_clear(). wined3d: Avoid using the CPU blitter for clearing either depth or stencil on combined formats. wined3d: Avoid using the CPU blitter for clearing converted surfaces that aren't current on the CPU. wined3d: Drop the special case for "converted" surfaces in wined3d_surface_blt(). Hugh McMaster (23): regedit: Null-terminate REG_EXPAND_SZ and REG_MULTI_SZ hex data during concatenation if we reach EOF. regedit: Update the status bar text when a treeview node is renamed. regedit: Update the listview path when renaming a treeview node. regedit: Output an error message and exit with error code zero instead of calling exit(1). regedit: Update some resource strings associated with key parsing. regedit: Update string resources associated with key deletion. regedit: Remove the unused _CmdWndProc callback function from listview.c. regedit: Move treeview notify messages to a separate function. regedit: Remove the listview's sub-class and move its messages to childwnd.c. regedit: Use UpdateStatusBar() instead of up[censored] the text manually. regedit: Re-implement some parts of the export operation. regedit: Read registry value information before exporting. regedit: Export value names from a separate function. regedit: Export REG_DWORD data from a separate function. regedit: Use a helper function to export hex data and REG_DWORD data. regedit: Export REG_SZ data via the export_data() function. regedit: Append a newline to the end of the export file. regedit: Export value names from the export_data() function. regedit: Remove an unused #define. regedit: Remove unused header includes from regproc.c. regedit: Re-size the data export buffer using the required size instead of doubling it. reg: Avoid using RegQueryInfoKey() to enumerate subkeys and values in the query operation. reg: Account for sizeof(WCHAR) when resizing the value name buffer during the query operation. Jacek Caban (22): server: Don't allow APCs on objects associated with completion port. winhttp/tests: Make notification tests more strict. winhttp: Store security_flags in request_t instead of netconn_t. winhttp: Allocate netconn_t separately from request_t. winhttp: Use notification flags to explicitly mark notifications that should signal an event. winhttp/tests: Make sure that all notifications were called before the end of a test. winhttp: Get rid of no longer needed netconn_init. winhttp: Pass socket address as sockaddr_storage to netconn_connect. winhttp: Store socked address in netconn_t. winhttp: Merge netconn_create and netconn_connect implementations. winhttp: Introduce global connected hosts store and keep reference to host in netconn_t. winhttp: Cache and reuse persistent HTTP connections. winhttp: Periodically free outdated connections. winhttp/tests: Added persistent connection tests. mshtml: Added IHTMLDOMNode3 stub implementation. mshtml: Forward duplicated IHTMLDOMNode3 functions to IHTMLDOMNode implementation. mshtml: Expose IHTMLDOMNode3 interface to scripts. mshtml: Support returning VT_NULL from return_nsstr_variant. mshtml: Added IHTMLDOMNode3::get_textContent implementation. mshtml: Added IHTMLDOMNode3::put_textContent implementation. server: Remove no loner needed fd NULL check (Coverity). rsaenh: Do not use stack variables out of frame (Coverity). Jactry Zeng (2): powershell: Add a stub program. kernel32: Add stub for ResolveLocaleName. Jens Reyer (2): make_unicode: Update data tables to Unicode 10.0.0. make_unicode: Use VerticalOrientation.txt from UCD. Józef Kucia (19): wined3d: Avoid creating event queries manually. wined3d: Clean up buffer_sync_apple(). wined3d: Introduce wined3d fence objects. d3d10core/tests: Prefer draw_color_quad() to custom pixel shader. d3d11/tests: Prefer draw_color_quad() to custom pixel shader. wined3d: Implement SM5 swapc instruction. d3d11/tests: Add test for swapc instruction. wined3d: Translate bfi, ubfe, ibfe instructions more carefully. wined3d: Translate ld_{raw, structured} instructions more carefully. d3d11/tests: Add additional tests for SM5 bit instructions. d3d11: Handle D3D11_MAP_WRITE map type. d3d11: Introduce d3d_blend_state_create() helper function. d3d11: Fix race condition in d3d_blend_state_create(). d3d11: Introduce d3d_depthstencil_state_create() helper function. d3d11: Fix race condition in d3d_depthstencil_state_create(). d3d11: Introduce d3d_rasterizer_state_create() helper function. d3d11: Fix race condition in d3d_rasterizer_state_create(). d3d11: Introduce d3d_sampler_state_create() helper function. d3d11: Fix race condition in d3d_sampler_state_create(). Kim Malmo (2): po: Update Norwegian translation. po: Update Norwegian translation. Kimmo Myllyvirta (1): ws2_32: Set return size when calling WSAIoctl with WS_SIO_GET_EXTENSION_FUNCTION_POINTER. Lauri Kenttä (1): po: Update Finnish translation. Marcus Meissner (1): gameux: Avoid freeing uninitialized interfaces (Coverity). Mark Jansen (1): shell32: Prevent a possible null pointer dereference in SHGetFileInfoW. Matteo Bruni (1): d3dx9: Get rid of a forward declaration. Michael Stefaniuc (5): d2d1: Make use of the available ARRAY_SIZE macro. d3dx9/tests: Use string concatenation for a multiline string. include: Fix the name of a method of IDirectMusicLoader. dmloader: Initialize a stack variable to avoid erratic test behavior. dmloader/tests: NUL terminate a wide string. Mikhail Paulyshka (1): msvcp140: Implement _To_byte. Nikolay Sivov (29): d3drm: Use existing helper to manage child frames array. d3drm: Use existing helper to manage lights array. d3drm: Use existing helper to manage visuals array. d3drm: Use existing helper to manage mesh groups. wininet: Fix potential use-after-free (Coverity). po: Update Russian translation. d2d1: Added a helper to trace D2D1_RECT_F arguments. d2d1/tests: Fix stroke style object leak (Valgrind). dwrite: Avoid repeated method calls during run rendering. advapi32/tests: Statically link to ConvertSidToStringSidA(). advapi32/tests: Fix a sid string leak (Valgrind). po: Update Russian translation. regedit: Simplify double-click listview handler. msacm32/tests: Fix a memory leak in tests (Valgrind). dwrite: Improve rendering parameters validation. dwrite: Use antialias mode set for bitmap render target. dwrite: Explicitly check rendering parameters pointer passed to DrawGlyphRun(). dwrite: Trace user-provided OpenType feature set. d2d1: Pass current text antialias mode down to IDWriteGlyphRunAnalysis. d2d1: Enforce text antialias mode vs text rendering mode consistency. d2d1: Force appropriate antialiasing mode when drawing text elements using 2D primitives. dwrite: Added ability to specify multiple families per fallback range. dwrite/tests: Use empty text in line metrics test. d3drm/tests: Fix a leak in tests (Valgrind). xmllite/tests: Use input stream helper in more tests. dwrite: Print missing table message as a trace. dwrite: Fix cache entry use-after-free (Valgrind). xmllite/reader: Implement MoveToAttributeByName(). xmllite/reader: Added a helper for setting current attribute cursor. Paul Gofman (9): d3dx9/tests: Add test for skip_constants effect parameter. d3dx9: Factor out is_parameter_used() function. d3dx9: Simplify init and cleanup in get_constants_desc(). d3dx9: Get rid of init_set_constants() function. d3dx9: Fail effect creation when parameter evaluator creation fails. d3dx9: Introduce d3dx_shader_get_ctab_constant() function and use it instead of ID3DXConstantTableImpl_GetConstantDesc(). d3dx9: Support skip_constants parameter for effect. d3dx9/tests: Add more tests for skip_constants effect parameter. d3dx9: Fix potential memory leak on HeapReAlloc() failure in get_constants_desc(). Piotr Caban (27): gdiplus: Remove unused clsid parameter from encode_image_func helpers. gdiplus: Add partial support for GdipDrawImagePointsRect on metafile. gdiplus: Add function for managing metafile objects id. gdiplus: Add support for ImageAttributes when drawing image to metafile. gdiplus: Support GdipSetTextRenderingHint in metafiles. gdiplus: Support GdipSetPixelOffsetMode in metafiles. msvcp90: Remove special handling of directories in tr2::sys::_File_size. gdiplus: Support GdipSetSmoothingMode in metafiles. gdiplus: Support GdipSetCompositingMode in metafiles. gdiplus: Support GdipSetCompositingQuality in metafiles. gdiplus: Support GdipSetInterpolationMode in metafiles. gdiplus: Add EMF+ properties records tests. msvcr120: Add fallback implementation of erf function. msvcr120: Add fallback implementation of asinh. gdiplus: Add DrawPath stub for metafiles. gdiplus: Add helper for saving path objects in metafile. gdiplus: Add helper for saving pens to metafile. gdiplus: Add partial support for GdipDrawPath on metafiles. gdiplus: Add partial support for GdipFillPath on metafiles. gdiplus: Fix GdipGetVisibleClipBounds behavior on metafiles. msvcr120: Fix exception object refcounting in __ExceptionPtrAssign. gdiplus: Add support for creating image object containing metafile. gdiplus/tests: Test drawing metafile image to emf+ file. gdiplus: Use VERSION_MAGIC2 constant in metafiles functions. gdiplus: Store newer gdi+ version in created GdipRegions. gdiplus: Add write_path_data helper to create EMF+ path object. gdiplus: Use write_path_data helper in GdipGetRegionData. Sebastian Lackner (5): webservices: Remove dead code in read_attribute_value_bin. reg/tests: Don't call RegCloseKey on uninitialized memory. wined3d: Return hr result in wined3d_event_query_create. configure: Improve check for if_nameindex. winhttp: Rename host_t to hostdata_t. Stefan Dösinger (6): msvcp140: Remove a redundant check. msvcp140: Implement _File_size. msvcp140: Implement _Current_get. msvcp140: Export _Current_set. msvcp140: Implement _Stat and _Lstat. msvcp140/tests: Port test_dir_operation to msvcp140. Vincent Povirk (2): gdiplus: Fix leak in widen_dashed_figure. gdiplus: Don't require specific gdi+ versions in metafile structures. Zebediah Figura (17): msi: Correctly format the template field for MsiProcessMessage(). msi: Allow setting NULL in MsiSetInteger(). msi: Provide the result of the last action. msi: Use the given record for INSTALLMESSAGE_ACTIONDATA. msi: Rewrite dump_record(). msi: Return the correct values from custom actions. msi: Properly parse empty format strings. user32: Calculate a window's minimized size even if it's already minimized. user32: Allow activating the desktop window. msi/tests: Use static linking for a couple functions. msi: Avoid a null pointer dereference. msi: Don't set _BrowseProperty. msi: Process ShowDialog/EndDialog after all other control events. msi: Don't queue a parent dialog to be shown in EndDialog. msi: Send the dialog created message in dialog_create(). krnl386.exe16: Fail int 21, 4e if the volume label is an empty string. dbghelp: Silence a noisy FIXME. -- Alexandre Julliard julliard ( -at -) winehq.org

-------- FOCAL SPARK EARPHONES REVIEW ( -at -) APH NETWORKS ------------------------- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: Focal Spark Earphones Review ( -at -) APH Networks * Description: The Focal Spark is a pair of earphones that punches above its weight class from a premium manufacturer without the premium price. * Link: http://aphnetworks.com/reviews/focal-spark * Image: http://aphnetworks.com/review/focal-spark/006.JPG Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://linkinbox.com/newsletter/confirm/remove/c77c84bd425t5