Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    ========================================================================== Kernel Live Patch Security Notice LSN-0025-1 July 06, 2017 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu: | Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency | Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: Andrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2017-6074) It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364) Qian Zhang discovered a heap-based buffer overflow in the tipc_msg_build() function in the Linux kernel. A local attacker could use to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-8632) It was discovered that the keyring implementation in the Linux kernel in some situations did not prevent special internal keyrings from being joined by userspace keyrings. A privileged local attacker could use this to bypass module verification. (CVE-2016-9604) Dmitry Vyukov discovered that the KVM implementation in the Linux kernel improperly emulated certain instructions. A local attacker could use this to obtain sensitive information (kernel memory). (CVE-2017-2584) Li Qiang discovered that the DRM driver for VMware Virtual GPUs in the Linux kernel did not properly validate some ioctl arguments. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-7346) Eric Biggers discovered a memory leak in the keyring implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory consumption). (CVE-2017-7472) It was discovered that a double-free vulnerability existed in the IPv4 stack of the Linux kernel. An attacker could use this to cause a denial of service (system crash). (CVE-2017-8890) Andrey Konovalov discovered an IPv6 out-of-bounds read error in the Linux kernel's IPv6 stack. A local attacker could cause a denial of service or potentially other unspecified problems. (CVE-2017-9074) Andrey Konovalov discovered a flaw in the handling of inheritance in the Linux kernel's IPv6 stack. A local user could exploit this issue to cause a denial of service or possibly other unspecified problems. (CVE-2017-9075) It was discovered that the IPv6 stack in the Linux kernel was performing its over write consistency check after the data was actually overwritten. A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2017-9242) Update instructions: The problem can be corrected by up[censored] your livepatches to the following versions: | Kernel | Version | flavors | |-----------------+----------+--------------------------| | 4.4.0-21.37 | 25.1 | generic, lowlatency | | 4.4.0-22.39 | 25.1 | generic, lowlatency | | 4.4.0-22.40 | 25.1 | generic, lowlatency | | 4.4.0-24.43 | 25.1 | generic, lowlatency | | 4.4.0-28.47 | 25.1 | generic, lowlatency | | 4.4.0-31.50 | 25.1 | generic, lowlatency | | 4.4.0-34.53 | 25.1 | generic, lowlatency | | 4.4.0-36.55 | 25.1 | generic, lowlatency | | 4.4.0-38.57 | 25.1 | generic, lowlatency | | 4.4.0-42.62 | 25.1 | generic, lowlatency | | 4.4.0-43.63 | 25.1 | generic, lowlatency | | 4.4.0-45.66 | 25.1 | generic, lowlatency | | 4.4.0-47.68 | 25.1 | generic, lowlatency | | 4.4.0-51.72 | 25.1 | generic, lowlatency | | 4.4.0-53.74 | 25.1 | generic, lowlatency | | 4.4.0-57.78 | 25.1 | generic, lowlatency | | 4.4.0-59.80 | 25.1 | generic, lowlatency | | 4.4.0-62.83 | 25.1 | generic, lowlatency | | 4.4.0-63.84 | 25.1 | generic, lowlatency | | 4.4.0-64.85 | 25.1 | generic, lowlatency | | 4.4.0-66.87 | 25.1 | generic, lowlatency | | 4.4.0-67.88 | 25.1 | generic, lowlatency | | 4.4.0-70.91 | 25.1 | generic, lowlatency | | 4.4.0-71.92 | 25.1 | generic, lowlatency | | 4.4.0-72.93 | 25.1 | generic, lowlatency | | 4.4.0-75.96 | 25.1 | generic, lowlatency | | 4.4.0-77.98 | 25.1 | generic, lowlatency | | 4.4.0-78.99 | 25.1 | generic, lowlatency | | 4.4.0-79.100 | 25.1 | generic, lowlatency | | 4.4.0-81.104 | 25.1 | generic, lowlatency | | 4.4.0-83.106 | 25.1 | generic, lowlatency | | lts-4.4.0-21.37_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-22.39_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-22.40_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-24.43_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-28.47_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-31.50_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-34.53_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-36.55_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-38.57_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-42.62_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-45.66_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-47.68_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-51.72_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-53.74_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-57.78_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-59.80_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-62.83_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-63.84_14.04.2-lts-xenial | 14.04.2 | generic, lowlatency | | lts-4.4.0-64.85_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-66.87_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-70.91_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-71.92_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-72.93_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-75.96_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-78.99_14.04.2-lts-xenial | 14.04.2 | generic, lowlatency | | lts-4.4.0-79.100_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | | lts-4.4.0-81.104_14.04.1-lts-xenial | 14.04.1 | generic, lowlatency | Additionally, you should install an updated kernel with these fixes and reboot at your convienience. References: CVE-2016-8632, CVE-2016-9604, CVE-2017-1000364, CVE-2017-2584, CVE-2017-6074, CVE-2017-7346, CVE-2017-7472, CVE-2017-8890, CVE-2017-9074, CVE-2017-9075, CVE-2017-9242 --
  2. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: SteelSeries Arctis 7 Link: https://www.techpowerup.com/reviews/SteelSeries/Arctis_7 Brief: The SteelSeries Arctis 7 is a phenomenal-looking, customizable wireless headset equipped with high-quality 40-millimeter audio drivers capable of delivering stereo and DTS Headphone:X 7.1 Surround Sound. It also offers mind-boggling wireless range and battery life as well as a couple extremely useful features you won't find elsewhere.
  3. news
    SUSE Security Update: Security update for evince ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1893-1 Rating: important References: #1046856 Cross-References: CVE-2017-1000083 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for evince fixes the following issues: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code. (bsc#1046856, bgo#784630) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP2: zypper in -t patch SUSE-SLE-WE-12-SP2-2017-1171=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1171=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1171=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1171=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1171=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP2 (x86_64): evince-debuginfo-3.20.1-6.14.1 evince-debugsource-3.20.1-6.14.1 typelib-1_0-EvinceDocument-3_0-3.20.1-6.14.1 typelib-1_0-EvinceView-3_0-3.20.1-6.14.1 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): evince-debuginfo-3.20.1-6.14.1 evince-debugsource-3.20.1-6.14.1 evince-devel-3.20.1-6.14.1 typelib-1_0-EvinceDocument-3_0-3.20.1-6.14.1 typelib-1_0-EvinceView-3_0-3.20.1-6.14.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): evince-3.20.1-6.14.1 evince-browser-plugin-3.20.1-6.14.1 evince-browser-plugin-debuginfo-3.20.1-6.14.1 evince-debuginfo-3.20.1-6.14.1 evince-debugsource-3.20.1-6.14.1 evince-plugin-djvudocument-3.20.1-6.14.1 evince-plugin-djvudocument-debuginfo-3.20.1-6.14.1 evince-plugin-dvidocument-3.20.1-6.14.1 evince-plugin-dvidocument-debuginfo-3.20.1-6.14.1 evince-plugin-pdfdocument-3.20.1-6.14.1 evince-plugin-pdfdocument-debuginfo-3.20.1-6.14.1 evince-plugin-psdocument-3.20.1-6.14.1 evince-plugin-psdocument-debuginfo-3.20.1-6.14.1 evince-plugin-tiffdocument-3.20.1-6.14.1 evince-plugin-tiffdocument-debuginfo-3.20.1-6.14.1 evince-plugin-xpsdocument-3.20.1-6.14.1 evince-plugin-xpsdocument-debuginfo-3.20.1-6.14.1 libevdocument3-4-3.20.1-6.14.1 libevdocument3-4-debuginfo-3.20.1-6.14.1 libevview3-3-3.20.1-6.14.1 libevview3-3-debuginfo-3.20.1-6.14.1 nautilus-evince-3.20.1-6.14.1 nautilus-evince-debuginfo-3.20.1-6.14.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): evince-lang-3.20.1-6.14.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le): evince-3.20.1-6.14.1 evince-browser-plugin-3.20.1-6.14.1 evince-browser-plugin-debuginfo-3.20.1-6.14.1 evince-debuginfo-3.20.1-6.14.1 evince-debugsource-3.20.1-6.14.1 evince-plugin-djvudocument-3.20.1-6.14.1 evince-plugin-djvudocument-debuginfo-3.20.1-6.14.1 evince-plugin-dvidocument-3.20.1-6.14.1 evince-plugin-dvidocument-debuginfo-3.20.1-6.14.1 evince-plugin-pdfdocument-3.20.1-6.14.1 evince-plugin-pdfdocument-debuginfo-3.20.1-6.14.1 evince-plugin-psdocument-3.20.1-6.14.1 evince-plugin-psdocument-debuginfo-3.20.1-6.14.1 evince-plugin-tiffdocument-3.20.1-6.14.1 evince-plugin-tiffdocument-debuginfo-3.20.1-6.14.1 evince-plugin-xpsdocument-3.20.1-6.14.1 evince-plugin-xpsdocument-debuginfo-3.20.1-6.14.1 libevdocument3-4-3.20.1-6.14.1 libevdocument3-4-debuginfo-3.20.1-6.14.1 libevview3-3-3.20.1-6.14.1 libevview3-3-debuginfo-3.20.1-6.14.1 nautilus-evince-3.20.1-6.14.1 nautilus-evince-debuginfo-3.20.1-6.14.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): evince-lang-3.20.1-6.14.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): evince-3.20.1-6.14.1 evince-browser-plugin-3.20.1-6.14.1 evince-browser-plugin-debuginfo-3.20.1-6.14.1 evince-debuginfo-3.20.1-6.14.1 evince-debugsource-3.20.1-6.14.1 evince-plugin-djvudocument-3.20.1-6.14.1 evince-plugin-djvudocument-debuginfo-3.20.1-6.14.1 evince-plugin-dvidocument-3.20.1-6.14.1 evince-plugin-dvidocument-debuginfo-3.20.1-6.14.1 evince-plugin-pdfdocument-3.20.1-6.14.1 evince-plugin-pdfdocument-debuginfo-3.20.1-6.14.1 evince-plugin-psdocument-3.20.1-6.14.1 evince-plugin-psdocument-debuginfo-3.20.1-6.14.1 evince-plugin-tiffdocument-3.20.1-6.14.1 evince-plugin-tiffdocument-debuginfo-3.20.1-6.14.1 evince-plugin-xpsdocument-3.20.1-6.14.1 evince-plugin-xpsdocument-debuginfo-3.20.1-6.14.1 libevdocument3-4-3.20.1-6.14.1 libevdocument3-4-debuginfo-3.20.1-6.14.1 libevview3-3-3.20.1-6.14.1 libevview3-3-debuginfo-3.20.1-6.14.1 nautilus-evince-3.20.1-6.14.1 nautilus-evince-debuginfo-3.20.1-6.14.1 typelib-1_0-EvinceDocument-3_0-3.20.1-6.14.1 typelib-1_0-EvinceView-3_0-3.20.1-6.14.1 - SUSE Linux Enterprise Desktop 12-SP2 (noarch): evince-lang-3.20.1-6.14.1 References: https://www.suse.com/security/cve/CVE-2017-1000083.html https://bugzilla.suse.com/1046856 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  4. news
    SUSE Security Update: Security update for evince ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1894-1 Rating: important References: #1046856 Cross-References: CVE-2017-1000083 Affected Products: SUSE OpenStack Cloud 6 SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for evince fixes the following issues: - CVE-2017-1000083: Remote attackers could have used the comicbook mode of evince to inject shell code. (bsc#1046856, bgo#784630) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1170=1 - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1170=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-1170=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1170=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-1170=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (x86_64): evince-3.10.3-2.3.1 evince-debuginfo-3.10.3-2.3.1 evince-debugsource-3.10.3-2.3.1 libevdocument3-4-3.10.3-2.3.1 libevdocument3-4-debuginfo-3.10.3-2.3.1 libevview3-3-3.10.3-2.3.1 libevview3-3-debuginfo-3.10.3-2.3.1 - SUSE OpenStack Cloud 6 (noarch): evince-lang-3.10.3-2.3.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64): evince-3.10.3-2.3.1 evince-debuginfo-3.10.3-2.3.1 evince-debugsource-3.10.3-2.3.1 libevdocument3-4-3.10.3-2.3.1 libevdocument3-4-debuginfo-3.10.3-2.3.1 libevview3-3-3.10.3-2.3.1 libevview3-3-debuginfo-3.10.3-2.3.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (noarch): evince-lang-3.10.3-2.3.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): evince-3.10.3-2.3.1 evince-debuginfo-3.10.3-2.3.1 evince-debugsource-3.10.3-2.3.1 libevdocument3-4-3.10.3-2.3.1 libevdocument3-4-debuginfo-3.10.3-2.3.1 libevview3-3-3.10.3-2.3.1 libevview3-3-debuginfo-3.10.3-2.3.1 - SUSE Linux Enterprise Server for SAP 12 (noarch): evince-lang-3.10.3-2.3.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): evince-3.10.3-2.3.1 evince-debuginfo-3.10.3-2.3.1 evince-debugsource-3.10.3-2.3.1 libevdocument3-4-3.10.3-2.3.1 libevdocument3-4-debuginfo-3.10.3-2.3.1 libevview3-3-3.10.3-2.3.1 libevview3-3-debuginfo-3.10.3-2.3.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (noarch): evince-lang-3.10.3-2.3.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): evince-3.10.3-2.3.1 evince-debuginfo-3.10.3-2.3.1 evince-debugsource-3.10.3-2.3.1 libevdocument3-4-3.10.3-2.3.1 libevdocument3-4-debuginfo-3.10.3-2.3.1 libevview3-3-3.10.3-2.3.1 libevview3-3-debuginfo-3.10.3-2.3.1 - SUSE Linux Enterprise Server 12-LTSS (noarch): evince-lang-3.10.3-2.3.1 References: https://www.suse.com/security/cve/CVE-2017-1000083.html https://bugzilla.suse.com/1046856 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  5. news
    View this email in your browser (http://mailchi.mp/hothardware/intel-optane-memory-with-3d-xpoint-review-easy-robust-pc-acceleration-1082873?e=0c004f9c13) There was a time when laptop options were basically a choice between desktop-like performance in a heavy and bulky form-factor, an ultralight with integrated graphics, or something in the middle, at around 5-lbs with a low-end GPU. NVIDIA sought to solve this choice compromise with its Max-Q Design initiative that was announced at Computex last month. Max-Q Design is a holistic approach to notebook graphics design that ensures a svelte exterior, light weight, quiet cooling, and optimal performance. ASUS and NVIDIA joined forces to produce the 15.6-inch Republic of Gamers (ROG) Zephyrus GX501, the first complete Max-Q Design gaming notebook to hit the market... ASUS ROG Zephyrus GX501 Review: A Thin, Powerful Max-Q Gaming Laptop (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=7d8aee447f&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=9d275a43be&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=ef7c4fd5e3&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=5807721987&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=742a308f8f&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=ce9555fa11&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=593a9ce411&e=0c004f9c13 ============================================================
  6. news
    Visit Hardware Asylum - http://www.hardwareasylum.com body { margin: 0px; padding: 10px; text-align: left; background-color: #FFF; } #header { vertical-align: top; height: 80px; } #footer { font-family: arial, Helvetica, sans-serif; font-size: 10px; color: #000; margin-top: 5px; padding: 3px; } .titletext { font-family: Arial, Helvetica, sans-serif; font-size: 18px; font-weight: bold; color: #852222; } .subtitletext { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; color: #9E9E9E; } .bodytext { font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #000000; } .smalltext { font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #9E9E9E; } b { font-weight: bold; } i { font-style: italic; } a { color: #C00; } Hello Everyone,The title may be long but 4133Mhz memory on the Z270 is no laughing matter, and now you can show off your extreme speed with some sweet RGB LEDs.Subject: GSKill Trident Z 4133Mhz RGB CL19 DDR4 Dual Channel Memory Review ( -at -) Hardware AsylumURL: http://www.hardwareasylum.com/reviews/memory/tridentz_rgb-4133c19Quote: The GSKill Trident Z 4133Mhz memory kit is a little unique in that the module speed is well beyond the norm but, still efficient enough to run the RGB LEDs using the same voltage set aside to power the RAM module.A news posting would be smashing.ThanksDennis Garciahttp://www.hardwareasylum.com To no longer receive these types of emails please send a copy of this message to us at support ( -at -) hardwareasylum.com and we'll remove you from the list. Copyright © Hardware Asylum 1999-2013 All rights reserved
  7. news
    ADATA XPG SX950 240GB Solid State Drive Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/adata-xpg-sx950-240gb-solid-state-drive-review/ Image URL: http://www.thinkcomputers.org/reviews/adata_sx950/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/adata_sx950/small.jpg Quote: "When it comes to ADATA’s solid state drives the XPG (Xtreme Performance Gear) series are the high performance drives gamers and enthusiasts are looking for. Today we have one of ADATA’s latest 2.5-inch solid state drives which is specially targeted towards gamers, it is the XPG SX950. The drive is based off the Silicon Motion SM2258 controller and matched with 3D MLC NAND. The drive boasts intelligent SLC caching, enhanced endurance ratings, and a very impressive 6-year warranty. ADATA is offering this drive in 240GB, 480GB, and 960GB capacities. We have the 240GB version on the test block today, it has advertised read and write speeds of 560 MB/s and 520 MB/s respectively. Is this the drive you should get for your next build? Read on as we find out!"
  8. news
    Hello, You have received a newsletter from TechSpot. However, your email software can't display HTML emails. You can view the newsletter by clicking here: http://track.mlsend.com/link/c/YT02NzM2NTY0OTEwNTU1MTg5NjcmYz1lMXMxJmU9NjEyNTk5OCZiPTExMjk1MTQ3OSZkPWo0dThpNnQ=.-2L8QbLZ3k-CFEl2LX_pq6cXVhHEEoLnz4sClnJGxzE You're receiving this newsletter because you have shown interest in TechSpot. Not interested anymore? Click here to unsubscribe: http://track.mlsend.com/link/c/YT02NzM2NTY0OTEwNTU1MTg5NjcmYz1lMXMxJmU9NjEyNTk5OCZiPTExMjk1MTQ4NSZkPW42cjdhMmo=.pVIXRnBP_9LdNG-RISUnwXj3ZRHfer6ZuVwRujwqI0w
  9. news
    CentOS Errata and Bugfix Advisory 2017:1752 Upstream details at : https://access.redhat.com/errata/RHBA-2017:1752 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: c5844c9059b2dba0540f6e25b445e63836fbbc740546c917bd7b1cb07a04aec9 glibc-2.17-157.el7_3.5.i686.rpm c7f0561f6f22e630c827f9fac64317b9a224956aac9704fadb9f7849324d5a4f glibc-2.17-157.el7_3.5.x86_64.rpm 49168130271deebf3e005d1f233c75f284da9b4ed515004be8aae1b434876778 glibc-common-2.17-157.el7_3.5.x86_64.rpm 67e91ef3f2055a0e57f4b209c13a74ae4851b677f79316e11f81f8c7ad9bc34c glibc-devel-2.17-157.el7_3.5.i686.rpm 0bdfbd8ae4d31dcc39cc5216cc698161eede49aba5cb4362d0775584250a055b glibc-devel-2.17-157.el7_3.5.x86_64.rpm d0cb26c56aea3359e167dce5859bab1d0a142a924deee42297d32fa2cedf9447 glibc-headers-2.17-157.el7_3.5.x86_64.rpm 9d072bc2c453d5aacf3132124205f9f6f82301dac428360b9be19d0cf3eb962b glibc-static-2.17-157.el7_3.5.i686.rpm 213ec63606fe365167217813e190c2ca3bf2685acb2c86eca58ba05ea3ebf06e glibc-static-2.17-157.el7_3.5.x86_64.rpm 439753886955f87f664150d1653e33411e2523007a2ec23c67fff4fc58d576c4 glibc-utils-2.17-157.el7_3.5.x86_64.rpm b61e27a7bb96ce09966e045693df4876b5fd772d7ec9ffc1108c158db53214af nscd-2.17-157.el7_3.5.x86_64.rpm Source: 7af6a6a1bf163a1ad14f10b0a09f8c28dfa537984baa262c8c9c8d98bb8494ed glibc-2.17-157.el7_3.5.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  10. news
    Title: Apacer Z280 M.2 PCIe 240GB SSD Review ( -at -) NikKTech Description: Very fast, feature-rich and surprisingly affordable the latest Z280 M.2 NVMe 240GB model by Apacer has everything casual users and gamers could ever want from a solid state drive. Article Link: https://www.nikktech.com/main/articles/pc-hardware/storage/solid-state-drive s/8007-apacer-z280-m-2-pcie-240gb-ssd-review Image Link: http://www.nikktech.com/main/images/pics/reviews/apacer/z280_240gb/apacer_z2 80_240gba.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas
  11. news
    HyperX has made a name for itself with gaming gear that forgoes frills in favor of function. Its Alloy Elite mechanical gaming keyboard takes a different tack by adding flourishes and dedicated controls to the formula. We got the Alloy Elite under our fingers to see whether HyperX struck the right balance. Read more: http://techreport.com/review/32236/hyperx-alloy-elite-mechanical-gaming-keyboard-reviewed --- The Tech Report - PC Hardware Explored http://techreport.com -- To unsubscribe from: TR-News, just follow this link: http://node1.techreport.com/cgi-bin/dada/mail.cgi/u/trnews/reviewnews// Click this link, or copy and paste the address into your browser.
  12. news
    Logitech’s professional gamer oriented products appropriately carry the ‘Pro’ moniker and today we’re going to look at a pair of devices from that lineup. Logitech sent us over both the G Pro Gaming Mouse and the G Pro Mechanical Gaming Keyboard to bang away on and we thought it would make sense to cover them both at the same time... Article Title: Logitech G Pro Gaming Mouse and Keyboard Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/logitech-g-pro-gaming-mouse-keyboard-review_196014 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =
  13. news
    Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* HyperX Alloy Elite Mechanical Keyboard ( -at -) LanOC Reviews <https://lanoc.org/review/input-devices/7583-hyperx-alloy-elite-mechanical-keyboard> *DESCRIPTION:* Like Corsair and a lot of other SSD and Memory brands, HyperX in the last few years especially have jumped in completely into the peripheral market. It makes sense, SSDs and Memory are commodities so the margins are small and they are able to expand their gaming brands to an area where people can get their eyes and hands directly on your products. HyperX with their Cloud headsets has really done well and recently they even got into the mechanical keyboard market. I hadn’t had the chance to check what they had going on out yet though so when I heard they were introducing a new keyboard I was all in. So today I’m going to check out the HyperX Alloy Elite, their top of the line mechanical keyboard, and see if HyperX is doing as well here as they have been with their headsets. *ARTICLE URL:* https://lanoc.org/review/input-devices/7583-hyperx-alloy-elite-mechanical-keyboard *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/hyperx_alloy_elite/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/hyperx_alloy_elite/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>
  14. news
    Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* HyperX Alloy Elite Mechanical Keyboard ( -at -) LanOC Reviews <https://lanoc.org/review/input-devices/7583-hyperx-alloy-elite-mechanical-keyboard> *DESCRIPTION:* Like Corsair and a lot of other SSD and Memory brands, HyperX in the last few years especially have jumped in completely into the peripheral market. It makes sense, SSDs and Memory are commodities so the margins are small and they are able to expand their gaming brands to an area where people can get their eyes and hands directly on your products. HyperX with their Cloud headsets has really done well and recently they even got into the mechanical keyboard market. I hadn’t had the chance to check what they had going on out yet though so when I heard they were introducing a new keyboard I was all in. So today I’m going to check out the HyperX Alloy Elite, their top of the line mechanical keyboard, and see if HyperX is doing as well here as they have been with their headsets. *ARTICLE URL:* https://lanoc.org/review/input-devices/7583-hyperx-alloy-elite-mechanical-keyboard *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/hyperx_alloy_elite/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/hyperx_alloy_elite/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>
  15. news
    Gigabyte Aero 15W-CF2 (15.6-inch laptop with a tiny screen bezel) ------------------------------------------------------------ http://mailchi.mp/kitguru/gigabyte-aero-15w-cf2-156-inch-laptop-with-a-tiny-screen-bezel?e=872093acb5 http://www.kitguru.net Gigabyte Aero 15W-CF2 (15.6-inch laptop with a tiny screen bezel) The Gigabyte Aero 15 is an intriguing laptop for two main reasons. The first is the way it packs a mid-sized 15.6-inch screen into a laptop that appears to have a 14-inch chassis – that 5mm bezel on the sides and top edge is remarkably slender. The second point is that we rather expected this sleek, light and stylish laptop would be branded as an ‘Aorus’, rather than a ‘Gigabyte’. The explanation we were given is that the Aero 15 runs Windows 10 Professional which means it is intended for business users. We aren’t so sure a business user will want a laptop with GTX 1060 graphics and a keyboard with RGB illumination. It sounds like a gaming laptop to us, no matter what Gigabyte has to say on the subject. Read the review here: https://www.kitguru.net/lifestyle/mobile/laptops/leo-waldock/gigabyte-aero-15w-cf2-15-6-inch-laptop-with-a-tiny-screen-bezel/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=d71e6b35d0&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  16. news
    <http://www.eteknix.com> Cooler Master MasterFan Pro RGB Fans and Controller Review **Cooler Master MasterFan Pro RGB** Are you ready to take your systems lighting customisation to the next level? I know I am! While there's a lot of RGB <https://www.eteknix.com/category/rgb/>  hardware on the market right now, innovations are seemingly few and far between. Of course, the latest fans from Cooler Master <https://www.eteknix.com/category/cooler-master>  certainly add a few new features to the mix, and custom lighting lovers are sure to be excited here. URL - https://www.eteknix.com/cooler-master-masterfan-pro-rgb-fans-and-controller-review/ --
  17. news
    -------- ROCCAT ISKU+ FORCE FX KEYBOARD REVIEW ( -at -) APH NETWORKS ---------------- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: ROCCAT Isku+ Force FX Keyboard Review ( -at -) APH Networks * Description: The ROCCAT Isku+ Force FX is a good keyboard, but it is difficult to justify the tradeoff of having a pressure sensitive zone instead of mechanical keyswitches. * Link: http://aphnetworks.com/reviews/roccat-isku-force-fx * Image: http://aphnetworks.com/review/roccat-isku-force-fx/003.jpg Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5
  18. news
    -------- ROCCAT ISKU+ FORCE FX KEYBOARD REVIEW ( -at -) APH NETWORKS ---------------- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: ROCCAT Isku+ Force FX Keyboard Review ( -at -) APH Networks * Description: The ROCCAT Isku+ Force FX is a good keyboard, but it is difficult to justify the tradeoff of having a pressure sensitive zone instead of mechanical keyswitches. * Link: http://aphnetworks.com/reviews/roccat-isku-force-fx * Image: http://aphnetworks.com/review/roccat-isku-force-fx/003.jpg Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5
  19. news
    Title: Thermalright TRUE Spirit 140 Direct CPU Cooler Review ( -at -) NikKTech Description: Reduced in size compared to its predecessor the TRUE Spirit 140 BW Rev.A and equipped with an H.D.T (Heatpipe Direct Touch) base the brand new TRUE Spirit 140 Direct is a solid choice for people looking to get a high-performance, almost inaudible and at the same time affordable CPU Cooler. Article Link: https://www.nikktech.com/main/articles/pc-hardware/cpu-cooling/cpu-air-coole rs/8006-thermalright-true-spirit-140-direct-cpu-cooler-review Image Link: http://www.nikktech.com/main/images/pics/reviews/thermalright/true_spirit_14 0_direct/true_spirit_140_directa.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas
  20. news
    openSUSE Security Update: Security update for xorg-x11-server ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1885-1 Rating: important References: #1025084 #1035283 Cross-References: CVE-2017-10971 CVE-2017-10972 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for xorg-x11-server fixes the following issues: - CVE-2017-10971: Fix endianess handling of GenericEvent to prevent a stack overflow by clients. (bnc#1035283) - Make sure the type of all events to be sent by ProcXSendExtensionEvent are in the allowed range. - CVE-2017-10972: Initialize the xEvent eventT with zeros to avoid information leakage. - Improve retrieval of entropy for generating random authentication cookies (boo#1025084) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-825=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): xorg-x11-server-7.6_1.18.3-12.20.1 xorg-x11-server-debuginfo-7.6_1.18.3-12.20.1 xorg-x11-server-debugsource-7.6_1.18.3-12.20.1 xorg-x11-server-extra-7.6_1.18.3-12.20.1 xorg-x11-server-extra-debuginfo-7.6_1.18.3-12.20.1 xorg-x11-server-sdk-7.6_1.18.3-12.20.1 xorg-x11-server-source-7.6_1.18.3-12.20.1 References: https://www.suse.com/security/cve/CVE-2017-10971.html https://www.suse.com/security/cve/CVE-2017-10972.html https://bugzilla.suse.com/1025084 https://bugzilla.suse.com/1035283 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  21. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] samba (SSA:2017-195-02) New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/samba-4.4.15-i586-1_slack14.2.txz: Upgraded. This update fixes an authentication validation bypass security issue: "Orpheus' Lyre mutual authentication validation bypass" All versions of Samba from 4.0.0 onwards using embedded Heimdal Kerberos are vulnerable to a man-in-the-middle attack impersonating a trusted server, who may gain elevated access to the domain by returning malicious replication or authorization data. Samba binaries built against MIT Kerberos are not vulnerable. For more information, see: https://www.samba.org/samba/security/CVE-2017-11103.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11103 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/samba-4.4.15-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/samba-4.4.15-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/samba-4.4.15-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/samba-4.4.15-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/samba-4.4.15-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/samba-4.4.15-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/samba-4.6.6-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/samba-4.6.6-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 package: 630068826ccb4143f05b0f69a930ae26 samba-4.4.15-i486-1_slack14.0.txz Slackware x86_64 14.0 package: cec3dbc80c5b98514fe00a49af2b14a4 samba-4.4.15-x86_64-1_slack14.0.txz Slackware 14.1 package: 39dd6d41675f108f3ffd29220b49ffea samba-4.4.15-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 98c679570096bd9af311b10e381ed144 samba-4.4.15-x86_64-1_slack14.1.txz Slackware 14.2 package: 66b42142d08232dcd9f6a6cd3ca55d0b samba-4.4.15-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 57e1fb274d74cf8df9ecb0e706681be2 samba-4.4.15-x86_64-1_slack14.2.txz Slackware -current package: 029388cff26f56eb9e64cf8fa87a262b n/samba-4.6.6-i586-1.txz Slackware x86_64 -current package: 3d99d640868c25c3ebfdbbd85777e34e n/samba-4.6.6-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg samba-4.4.15-i586-1_slack14.2.txz Then, if Samba is running restart it: # /etc/rc.d/rc.samba restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+
  22. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mariadb (SSA:2017-195-01) New mariadb packages are available for Slackware 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/mariadb-10.0.31-i586-1_slack14.2.txz: Upgraded. This update fixes bugs and security issues. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3308 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3309 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3453 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3456 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3464 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mariadb-5.5.56-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mariadb-5.5.56-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/mariadb-10.0.31-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/mariadb-10.0.31-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/mariadb-10.0.31-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/mariadb-10.0.31-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.1 package: 0485ea8dfa06c29f8730b5453a0efa61 mariadb-5.5.56-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 373b0d3f4f3da3b6be07f0536b3da962 mariadb-5.5.56-x86_64-1_slack14.1.txz Slackware 14.2 package: 402af045f9573749e52b5673cbd7ecde mariadb-10.0.31-i586-1_slack14.2.txz Slackware x86_64 14.2 package: dffd36f43484d4fd40e5fd1ba894c5ad mariadb-10.0.31-x86_64-1_slack14.2.txz Slackware -current package: 9c61433cd7e719e7cbabe4eb8c669dc8 ap/mariadb-10.0.31-i586-1.txz Slackware x86_64 -current package: 90c80c549970f2f04588b2713384b509 ap/mariadb-10.0.31-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mariadb-10.0.31-i586-1_slack14.2.txz Then, restart the database server: # sh /etc/rc.d/rc.mysqld restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+
  23. news
    openSUSE Security Update: Recommended update for ncurses ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1882-1 Rating: important References: #1000662 #1046853 #1046858 Cross-References: CVE-2017-10684 CVE-2017-10685 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves two vulnerabilities and has one errata is now available. Description: This update for ncurses fixes the following issues: Security issues fixed: - CVE-2017-10684: Possible RCE via stack-based buffer overflow in the fmt_entry function. (bsc#1046858) - CVE-2017-10685: Possible RCE with format string vulnerability in the fmt_entry function. (bsc#1046853) Bugfixes: - Drop patch ncurses-5.9-environment.dif as YaST2 ncurses GUI does not need it anymore and as well as it causes bug bsc#1000662 This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-823=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): libncurses5-5.9-55.3.1 libncurses5-debuginfo-5.9-55.3.1 libncurses6-5.9-55.3.1 libncurses6-debuginfo-5.9-55.3.1 ncurses-debugsource-5.9-55.3.1 ncurses-devel-5.9-55.3.1 ncurses-devel-debuginfo-5.9-55.3.1 ncurses-utils-5.9-55.3.1 ncurses-utils-debuginfo-5.9-55.3.1 tack-5.9-55.3.1 tack-debuginfo-5.9-55.3.1 terminfo-5.9-55.3.1 terminfo-base-5.9-55.3.1 - openSUSE Leap 42.2 (x86_64): libncurses5-32bit-5.9-55.3.1 libncurses5-debuginfo-32bit-5.9-55.3.1 libncurses6-32bit-5.9-55.3.1 libncurses6-debuginfo-32bit-5.9-55.3.1 ncurses-devel-32bit-5.9-55.3.1 ncurses-devel-debuginfo-32bit-5.9-55.3.1 References: https://www.suse.com/security/cve/CVE-2017-10684.html https://www.suse.com/security/cve/CVE-2017-10685.html https://bugzilla.suse.com/1000662 https://bugzilla.suse.com/1046853 https://bugzilla.suse.com/1046858 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  24. news
    openSUSE Security Update: Security update for qemu ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1872-1 Rating: important References: #1016503 #1016504 #1017081 #1017084 #1020427 #1021741 #1025109 #1025311 #1028184 #1028656 #1030624 #1031142 #1032075 #1034866 #1034908 #1035406 #1035950 #1036211 #1037242 #1037334 #1037336 #1039495 #1042159 #1042800 #1042801 #1043073 #1043296 Cross-References: CVE-2016-10028 CVE-2016-10029 CVE-2016-9602 CVE-2016-9603 CVE-2017-5579 CVE-2017-5973 CVE-2017-5987 CVE-2017-6505 CVE-2017-7377 CVE-2017-7471 CVE-2017-7493 CVE-2017-7718 CVE-2017-7980 CVE-2017-8086 CVE-2017-8112 CVE-2017-8309 CVE-2017-8379 CVE-2017-8380 CVE-2017-9330 CVE-2017-9373 CVE-2017-9374 CVE-2017-9375 CVE-2017-9503 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves 23 vulnerabilities and has four fixes is now available. Description: This update for qemu fixes several issues. These security issues were fixed: - CVE-2017-9330: USB OHCI Emulation in qemu allowed local guest OS users to cause a denial of service (infinite loop) by leveraging an incorrect return value (bsc#1042159). - CVE-2017-8379: Memory leak in the keyboard input event handlers support allowed local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generating large keyboard events (bsc#1037334). - CVE-2017-8309: Memory leak in the audio/audio.c allowed remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture (bsc#1037242). - CVE-2017-7493: The VirtFS, host directory sharing via Plan 9 File System(9pfs) support, was vulnerable to an improper access control issue. It could occur while accessing virtfs metadata files in mapped-file security mode. A guest user could have used this flaw to escalate their privileges inside guest (bsc#1039495). - CVE-2017-7377: The v9fs_create and v9fs_lcreate functions in hw/9pfs/9p.c allowed local guest OS privileged users to cause a denial of service (file descriptor or memory consumption) via vectors related to an already in-use fid (bsc#1032075). - CVE-2017-8086: A memory leak in the v9fs_list_xattr function in hw/9pfs/9p-xattr.c allowed local guest OS privileged users to cause a denial of service (memory consumption) via vectors involving the orig_value variable (bsc#1035950). - CVE-2017-5973: A infinite loop while doing control transfer in xhci_kick_epctx allowed privileged user inside the guest to crash the host process resulting in DoS (bsc#1025109) - CVE-2017-5987: The sdhci_sdma_transfer_multi_blocks function in hw/sd/sdhci.c allowed local OS guest privileged users to cause a denial of service (infinite loop and QEMU process crash) via vectors involving the transfer mode register during multi block transfer (bsc#1025311). - CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028184) - CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028656) - CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034908) - CVE-2017-7980: An out-of-bounds r/w access issues in the Cirrus CLGD 54xx VGA Emulator support allowed privileged user inside guest to use this flaw to crash the Qemu process resulting in DoS or potentially execute arbitrary code on a host with privileges of Qemu process on the host (bsc#1035406) - CVE-2017-8112: hw/scsi/vmw_pvscsi.c allowed local guest OS privileged users to cause a denial of service (infinite loop and CPU consumption) via the message ring page count (bsc#1036211). - CVE-2017-9375: The USB xHCI controller emulator support was vulnerable to an infinite recursive call loop issue, which allowed a privileged user inside guest to crash the Qemu process resulting in DoS (bsc#1042800). - CVE-2017-9374: Missing free of 's->ipacket', causes a host memory leak, allowing for DoS (bsc#1043073). - CVE-2017-9373: The IDE AHCI Emulation support was vulnerable to a host memory leakage issue, which allowed a privileged user inside guest to leak host memory resulting in DoS (bsc#1042801). - CVE-2017-8380: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to an out-of-bounds read access issue which allowed a privileged user inside guest to read host memory resulting in DoS (bsc#1037336). - CVE-2016-9602: The VirtFS host directory sharing via Plan 9 File System(9pfs) support was vulnerable to an improper link following issue which allowed a privileged user inside guest to access host file system beyond the shared folder and potentially escalating their privileges on a host (bsc#1020427). - CVE-2017-7471: The VirtFS host directory sharing via Plan 9 File System(9pfs) support was vulnerable to an improper access control issue which allowed a privileged user inside guest to access host file system beyond the shared folder and potentially escalating their privileges on a host (bsc#1034866). - Fix privilege escalation in TCG mode of QEMU. This is not considered a security issue by the upstream project, but is included as additional hardening (bsc#1030624) - Fix potential DoS in virtfs - CVE-2016-10028: The Virtio GPU Device emulator support was vulnerable to an out of bounds memory access issue allowing a guest user to crash the Qemu process instance on a host, resulting in DoS (bsc#1017084, bsc#1016503) - CVE-2016-10029: The Virtio GPU Device emulator support was vulnerable to an OOB read issue allowing a guest user to crash the Qemu process instance resulting in Dos (bsc#1017081, bsc#1016504) - CVE-2017-5579: The 16550A UART serial device emulation support was vulnerable to a memory leakage issue allowing a privileged user to cause a DoS and/or potentially crash the Qemu process on the host (bsc#1021741) - CVE-2017-9503: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a null pointer dereference issue which allowed a privileged user inside guest to crash the Qemu process on the host resulting in DoS (bsc#1043296). This non-security issue was fixed: - Enable MONITOR/MWAIT support for guests (bsc#1031142) This update was imported from the SUSE:SLE-12-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-822=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): qemu-2.6.2-31.3.3 qemu-arm-2.6.2-31.3.3 qemu-arm-debuginfo-2.6.2-31.3.3 qemu-block-curl-2.6.2-31.3.3 qemu-block-curl-debuginfo-2.6.2-31.3.3 qemu-block-dmg-2.6.2-31.3.3 qemu-block-dmg-debuginfo-2.6.2-31.3.3 qemu-block-iscsi-2.6.2-31.3.3 qemu-block-iscsi-debuginfo-2.6.2-31.3.3 qemu-block-ssh-2.6.2-31.3.3 qemu-block-ssh-debuginfo-2.6.2-31.3.3 qemu-debugsource-2.6.2-31.3.3 qemu-extra-2.6.2-31.3.3 qemu-extra-debuginfo-2.6.2-31.3.3 qemu-guest-agent-2.6.2-31.3.3 qemu-guest-agent-debuginfo-2.6.2-31.3.3 qemu-kvm-2.6.2-31.3.3 qemu-lang-2.6.2-31.3.3 qemu-linux-user-2.6.2-31.3.1 qemu-linux-user-debuginfo-2.6.2-31.3.1 qemu-linux-user-debugsource-2.6.2-31.3.1 qemu-ppc-2.6.2-31.3.3 qemu-ppc-debuginfo-2.6.2-31.3.3 qemu-s390-2.6.2-31.3.3 qemu-s390-debuginfo-2.6.2-31.3.3 qemu-testsuite-2.6.2-31.3.6 qemu-tools-2.6.2-31.3.3 qemu-tools-debuginfo-2.6.2-31.3.3 qemu-x86-2.6.2-31.3.3 qemu-x86-debuginfo-2.6.2-31.3.3 - openSUSE Leap 42.2 (x86_64): qemu-block-rbd-2.6.2-31.3.3 qemu-block-rbd-debuginfo-2.6.2-31.3.3 - openSUSE Leap 42.2 (noarch): qemu-ipxe-1.0.0-31.3.3 qemu-seabios-1.9.1-31.3.3 qemu-sgabios-8-31.3.3 qemu-vgabios-1.9.1-31.3.3 References: https://www.suse.com/security/cve/CVE-2016-10028.html https://www.suse.com/security/cve/CVE-2016-10029.html https://www.suse.com/security/cve/CVE-2016-9602.html https://www.suse.com/security/cve/CVE-2016-9603.html https://www.suse.com/security/cve/CVE-2017-5579.html https://www.suse.com/security/cve/CVE-2017-5973.html https://www.suse.com/security/cve/CVE-2017-5987.html https://www.suse.com/security/cve/CVE-2017-6505.html https://www.suse.com/security/cve/CVE-2017-7377.html https://www.suse.com/security/cve/CVE-2017-7471.html https://www.suse.com/security/cve/CVE-2017-7493.html https://www.suse.com/security/cve/CVE-2017-7718.html https://www.suse.com/security/cve/CVE-2017-7980.html https://www.suse.com/security/cve/CVE-2017-8086.html https://www.suse.com/security/cve/CVE-2017-8112.html https://www.suse.com/security/cve/CVE-2017-8309.html https://www.suse.com/security/cve/CVE-2017-8379.html https://www.suse.com/security/cve/CVE-2017-8380.html https://www.suse.com/security/cve/CVE-2017-9330.html https://www.suse.com/security/cve/CVE-2017-9373.html https://www.suse.com/security/cve/CVE-2017-9374.html https://www.suse.com/security/cve/CVE-2017-9375.html https://www.suse.com/security/cve/CVE-2017-9503.html https://bugzilla.suse.com/1016503 https://bugzilla.suse.com/1016504 https://bugzilla.suse.com/1017081 https://bugzilla.suse.com/1017084 https://bugzilla.suse.com/1020427 https://bugzilla.suse.com/1021741 https://bugzilla.suse.com/1025109 https://bugzilla.suse.com/1025311 https://bugzilla.suse.com/1028184 https://bugzilla.suse.com/1028656 https://bugzilla.suse.com/1030624 https://bugzilla.suse.com/1031142 https://bugzilla.suse.com/1032075 https://bugzilla.suse.com/1034866 https://bugzilla.suse.com/1034908 https://bugzilla.suse.com/1035406 https://bugzilla.suse.com/1035950 https://bugzilla.suse.com/1036211 https://bugzilla.suse.com/1037242 https://bugzilla.suse.com/1037334 https://bugzilla.suse.com/1037336 https://bugzilla.suse.com/1039495 https://bugzilla.suse.com/1042159 https://bugzilla.suse.com/1042800 https://bugzilla.suse.com/1042801 https://bugzilla.suse.com/1043073 https://bugzilla.suse.com/1043296 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  25. news
    Are you looking for a portable SSD that can utilize the USB 3.1 Gen 2 ports on your system and increase your productivity with insane performance? Look no further than the SanDisk Extreme 900 Portable SSD series that is available in capacities of up to 2TB with advertised sequential speeds reaching 850 MB/s. If those stats got your heart racing... Article Title: SanDisk Extreme 900 960GB Portable SSD Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/sandisk-extreme-900-960gb-portable-ssd-review_195986 Happy Friday! Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =
×