news

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] kernel (SSA:2017-177-01) New kernel packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.74/*: Upgraded. This kernel fixes two "Stack Clash" vulnerabilities reported by Qualys. The first issue may allow attackers to execute arbitrary code with elevated privileges. Failed attack attempts will likely result in denial-of-service conditions. The second issue can be exploited to bypass certain security restrictions and perform unauthorized actions. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000364 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000365 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.74/kernel-firmware-20170626git-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.74/kernel-generic-4.4.74-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.74/kernel-generic-smp-4.4.74_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.74/kernel-headers-4.4.74_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.74/kernel-huge-4.4.74-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.74/kernel-huge-smp-4.4.74_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.74/kernel-modules-4.4.74-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.74/kernel-modules-smp-4.4.74_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/linux-4.4.74/kernel-source-4.4.74_smp-noarch-1.txz Updated packages for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.74/kernel-firmware-20170626git-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.74/kernel-generic-4.4.74-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.74/kernel-headers-4.4.74-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.74/kernel-huge-4.4.74-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.74/kernel-modules-4.4.74-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/linux-4.4.74/kernel-source-4.4.74-noarch-1.txz Updated packages for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-firmware-20170626git-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-4.9.34-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-generic-smp-4.9.34_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-4.9.34-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-huge-smp-4.9.34_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-4.9.34-i586-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/kernel-modules-smp-4.9.34_smp-i686-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/kernel-headers-4.9.34_smp-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/k/kernel-source-4.9.34_smp-noarch-1.txz Updated packages for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-firmware-20170626git-noarch-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-generic-4.9.34-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-huge-4.9.34-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-modules-4.9.34-x86_64-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/kernel-headers-4.9.34-x86-1.txz ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/k/kernel-source-4.9.34-noarch-1.txz MD5 signatures: +-------------+ Slackware 14.2 packages: d8c692b02c3e71ff94c25bcd47e531e0 kernel-firmware-20170626git-noarch-1.txz 07e5b4513d2d6261f8c48cae627e72d0 kernel-generic-4.4.74-i586-1.txz a2f379a40d09cc1d9a59e65d735b3788 kernel-generic-smp-4.4.74_smp-i686-1.txz 462b4f89ba17f8fc0d22f501e2dc523e kernel-headers-4.4.74_smp-x86-1.txz af10af163c0791125b108fe4349c4d81 kernel-huge-4.4.74-i586-1.txz f321fdf041f45766300fa1e51ab85721 kernel-huge-smp-4.4.74_smp-i686-1.txz 1057b100c9f6684bb2af2d807cf34a49 kernel-modules-4.4.74-i586-1.txz c7d9395cf6434587a10d2a9f48ffbef6 kernel-modules-smp-4.4.74_smp-i686-1.txz e342f243d7d104e639c95c2692dc4792 kernel-source-4.4.74_smp-noarch-1.txz Slackware x86_64 14.2 packages: d8c692b02c3e71ff94c25bcd47e531e0 kernel-firmware-20170626git-noarch-1.txz 663595c609eb96f11fa818fdea974ad2 kernel-generic-4.4.74-x86_64-1.txz e8bafafbe0333080b8c8651ffe7d2e7f kernel-headers-4.4.74-x86-1.txz e13dbde8cc63fef485236083aa559425 kernel-huge-4.4.74-x86_64-1.txz fa577784c9d80823c2f864ee177b2afd kernel-modules-4.4.74-x86_64-1.txz 66f7b482297cc1420e5fac514a0758a3 kernel-source-4.4.74-noarch-1.txz Slackware -current packages: d8c692b02c3e71ff94c25bcd47e531e0 a/kernel-firmware-20170626git-noarch-1.txz a4dce01a3aafdf65da99a64f691f11fa a/kernel-generic-4.9.34-i586-1.txz 54a502fa2ac8296759cb3c2358570de3 a/kernel-generic-smp-4.9.34_smp-i686-1.txz 7c3d47a1654aab1034066a4ed8915fb2 a/kernel-huge-4.9.34-i586-1.txz 427118c68be8ccb94b355108bd385b90 a/kernel-huge-smp-4.9.34_smp-i686-1.txz 830a9be326e38082449e561b7f2ba81c a/kernel-modules-4.9.34-i586-1.txz 45ba18347d5c9ff514e3974e29c38ec0 a/kernel-modules-smp-4.9.34_smp-i686-1.txz 705263ceb8c89d67fb361a70a5eecff0 d/kernel-headers-4.9.34_smp-x86-1.txz 22d833540eb3382fd0c091466e167fd3 k/kernel-source-4.9.34_smp-noarch-1.txz Slackware x86_64 -current packages: d8c692b02c3e71ff94c25bcd47e531e0 a/kernel-firmware-20170626git-noarch-1.txz 1750de3dc69e932ea268bd161a3bb41e a/kernel-generic-4.9.34-x86_64-1.txz 458c605be41c9e995928db09f578653b a/kernel-huge-4.9.34-x86_64-1.txz bd2855c8f73f20482f32309092865794 a/kernel-modules-4.9.34-x86_64-1.txz 6109b636a259e0a6aa9dc3115f594ceb d/kernel-headers-4.9.34-x86-1.txz 2e748040c330798278f723b0c8072adc k/kernel-source-4.9.34-noarch-1.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg kernel-*.txz If you are using an initrd, you'll need to rebuild it. For a 32-bit SMP machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.74-smp | bash For a 64-bit machine, or a 32-bit uniprocessor machine, use this command (substitute the appropriate kernel version if you are not running Slackware 14.2): # /usr/share/mkinitrd/mkinitrd_command_generator.sh -k 4.4.74 | bash Please note that "uniprocessor" has to do with the kernel you are running, not with the CPU. Most systems should run the SMP kernel (if they can) regardless of the number of cores the CPU has. If you aren't sure which kernel you are running, run "uname -a". If you see SMP there, you are running the SMP kernel and should use the 4.4.74-smp version when running mkinitrd_command_generator. Note that this is only for 32-bit -- 64-bit systems should always use 4.4.74 as the version. If you are using lilo or elilo to boot the machine, you'll need to ensure that the machine is properly prepared before rebooting. If using LILO: By default, lilo.conf contains an image= line that references a symlink that always points to the correct kernel. No editing should be required unless your machine uses a custom lilo.conf. If that is the case, be sure that the image= line references the correct kernel file. Either way, you'll need to run "lilo" as root to reinstall the boot loader. If using elilo: Ensure that the /boot/vmlinuz symlink is pointing to the kernel you wish to use, and then run eliloconfig to update the EFI System Partition. +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+

openSUSE Security Update: Security update for sudo ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1697-1 Rating: important References: #1034560 #1042146 Cross-References: CVE-2017-1000368 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for sudo fixes the following security issue: - CVE-2017-1000368: A follow-up fix to CVE-2017-1000367, the Linux process name could also contain a newline, which could be used to trick sudo to read/write to an arbitrary open terminal. (bsc#1042146) Also the following non security bug was fixed: - Link the "system_group" plugin with sudo_util library to resolve the missing sudo_dso_findsym symbol (bsc#1034560) This update was imported from the SUSE:SLE-12-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-744=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): sudo-1.8.10p3-9.6.1 sudo-debuginfo-1.8.10p3-9.6.1 sudo-debugsource-1.8.10p3-9.6.1 sudo-devel-1.8.10p3-9.6.1 sudo-test-1.8.10p3-9.6.1 References: https://www.suse.com/security/cve/CVE-2017-1000368.html https://bugzilla.suse.com/1034560 https://bugzilla.suse.com/1042146 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for jakarta-taglibs-standard ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1701-1 Rating: important References: #920813 Cross-References: CVE-2015-0254 Affected Products: SUSE Linux Enterprise Server 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for jakarta-taglibs-standard fixes the following issues: - CVE-2015-0254: Apache Standard Taglibs allowed remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) x:parse or (2) x:transform JSTL XML tag. (bsc#920813) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-jakarta-taglibs-standard-13173=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (noarch): jakarta-taglibs-standard-1.1.1-234.31.1 jakarta-taglibs-standard-javadoc-1.1.1-234.31.1 References: https://www.suse.com/security/cve/CVE-2015-0254.html https://bugzilla.suse.com/920813 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* Gigabyte AB350N Gaming WiFi ( -at -) LanOC Reviews <https://lanoc.org/review/motherboards/7570-gigabyte-ab350n-gaming-wifi> *DESCRIPTION:* It’s hard to believe that the Ryzen 7 launch was three months ago but with the Ryzen 5 launch and the recently Intel launch, things have just been crazy. During that time though I have been constantly on the lookout for ITX boards. AMD spoke about their X300 and A300 chipsets at the Ryzen 7 launch but things have been suspiciously quiet about them for the last few months but a few motherboard manufacturers have been working on their own ITX AM4 boards using the X370 or B350 chipsets. Gigabyte has finished up their variation and it came in late last week. I immediately started in on testing to see just how feasible Ryzen is in ITX. So let's take a closer look at the Gigabyte AB350N Gaming WiFi and then see how it performs! *ARTICLE URL:* https://lanoc.org/review/motherboards/7570-gigabyte-ab350n-gaming-wifi *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/gigabyte_ab350n_gaming_wifi/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/gigabyte_ab350n_gaming_wifi/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>

SUSE Security Update: Security update for kernel-source ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1696-1 Rating: important References: #1045340 #1045406 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This Linux kernel update for SUSE Linux Enterprise 11 SP4 fixes the following issues: - A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most notably Java. These issues have been remedied. [bsc#1045340, bsc#1045406] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-kernel-source-13172=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kernel-source-13172=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patch slexsp3-kernel-source-13172=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-source-13172=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): kernel-docs-3.0.101-107.3 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-107.1 kernel-default-base-3.0.101-107.1 kernel-default-devel-3.0.101-107.1 kernel-source-3.0.101-107.1 kernel-syms-3.0.101-107.1 kernel-trace-3.0.101-107.1 kernel-trace-base-3.0.101-107.1 kernel-trace-devel-3.0.101-107.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): kernel-ec2-3.0.101-107.1 kernel-ec2-base-3.0.101-107.1 kernel-ec2-devel-3.0.101-107.1 kernel-xen-3.0.101-107.1 kernel-xen-base-3.0.101-107.1 kernel-xen-devel-3.0.101-107.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64): kernel-bigmem-3.0.101-107.1 kernel-bigmem-base-3.0.101-107.1 kernel-bigmem-devel-3.0.101-107.1 kernel-ppc64-3.0.101-107.1 kernel-ppc64-base-3.0.101-107.1 kernel-ppc64-devel-3.0.101-107.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): kernel-default-man-3.0.101-107.1 - SUSE Linux Enterprise Server 11-SP4 (i586): kernel-pae-3.0.101-107.1 kernel-pae-base-3.0.101-107.1 kernel-pae-devel-3.0.101-107.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-107.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64): kernel-xen-extra-3.0.101-107.1 - SUSE Linux Enterprise Server 11-EXTRA (x86_64): kernel-trace-extra-3.0.101-107.1 - SUSE Linux Enterprise Server 11-EXTRA (ppc64): kernel-ppc64-extra-3.0.101-107.1 - SUSE Linux Enterprise Server 11-EXTRA (i586): kernel-pae-extra-3.0.101-107.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-debuginfo-3.0.101-107.1 kernel-default-debugsource-3.0.101-107.1 kernel-trace-debuginfo-3.0.101-107.1 kernel-trace-debugsource-3.0.101-107.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64): kernel-default-devel-debuginfo-3.0.101-107.1 kernel-trace-devel-debuginfo-3.0.101-107.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-107.1 kernel-ec2-debugsource-3.0.101-107.1 kernel-xen-debuginfo-3.0.101-107.1 kernel-xen-debugsource-3.0.101-107.1 kernel-xen-devel-debuginfo-3.0.101-107.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): kernel-bigmem-debuginfo-3.0.101-107.1 kernel-bigmem-debugsource-3.0.101-107.1 kernel-ppc64-debuginfo-3.0.101-107.1 kernel-ppc64-debugsource-3.0.101-107.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586): kernel-pae-debuginfo-3.0.101-107.1 kernel-pae-debugsource-3.0.101-107.1 kernel-pae-devel-debuginfo-3.0.101-107.1 References: https://bugzilla.suse.com/1045340 https://bugzilla.suse.com/1045406 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for kernel-source ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1696-1 Rating: important References: #1045340 #1045406 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This Linux kernel update for SUSE Linux Enterprise 11 SP4 fixes the following issues: - A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most notably Java. These issues have been remedied. [bsc#1045340, bsc#1045406] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-kernel-source-13172=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-kernel-source-13172=1 - SUSE Linux Enterprise Server 11-EXTRA: zypper in -t patch slexsp3-kernel-source-13172=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-kernel-source-13172=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch): kernel-docs-3.0.101-107.3 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-3.0.101-107.1 kernel-default-base-3.0.101-107.1 kernel-default-devel-3.0.101-107.1 kernel-source-3.0.101-107.1 kernel-syms-3.0.101-107.1 kernel-trace-3.0.101-107.1 kernel-trace-base-3.0.101-107.1 kernel-trace-devel-3.0.101-107.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): kernel-ec2-3.0.101-107.1 kernel-ec2-base-3.0.101-107.1 kernel-ec2-devel-3.0.101-107.1 kernel-xen-3.0.101-107.1 kernel-xen-base-3.0.101-107.1 kernel-xen-devel-3.0.101-107.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64): kernel-bigmem-3.0.101-107.1 kernel-bigmem-base-3.0.101-107.1 kernel-bigmem-devel-3.0.101-107.1 kernel-ppc64-3.0.101-107.1 kernel-ppc64-base-3.0.101-107.1 kernel-ppc64-devel-3.0.101-107.1 - SUSE Linux Enterprise Server 11-SP4 (s390x): kernel-default-man-3.0.101-107.1 - SUSE Linux Enterprise Server 11-SP4 (i586): kernel-pae-3.0.101-107.1 kernel-pae-base-3.0.101-107.1 kernel-pae-devel-3.0.101-107.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64): kernel-default-extra-3.0.101-107.1 - SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64): kernel-xen-extra-3.0.101-107.1 - SUSE Linux Enterprise Server 11-EXTRA (x86_64): kernel-trace-extra-3.0.101-107.1 - SUSE Linux Enterprise Server 11-EXTRA (ppc64): kernel-ppc64-extra-3.0.101-107.1 - SUSE Linux Enterprise Server 11-EXTRA (i586): kernel-pae-extra-3.0.101-107.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): kernel-default-debuginfo-3.0.101-107.1 kernel-default-debugsource-3.0.101-107.1 kernel-trace-debuginfo-3.0.101-107.1 kernel-trace-debugsource-3.0.101-107.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64): kernel-default-devel-debuginfo-3.0.101-107.1 kernel-trace-devel-debuginfo-3.0.101-107.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): kernel-ec2-debuginfo-3.0.101-107.1 kernel-ec2-debugsource-3.0.101-107.1 kernel-xen-debuginfo-3.0.101-107.1 kernel-xen-debugsource-3.0.101-107.1 kernel-xen-devel-debuginfo-3.0.101-107.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64): kernel-bigmem-debuginfo-3.0.101-107.1 kernel-bigmem-debugsource-3.0.101-107.1 kernel-ppc64-debuginfo-3.0.101-107.1 kernel-ppc64-debugsource-3.0.101-107.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586): kernel-pae-debuginfo-3.0.101-107.1 kernel-pae-debugsource-3.0.101-107.1 kernel-pae-devel-debuginfo-3.0.101-107.1 References: https://bugzilla.suse.com/1045340 https://bugzilla.suse.com/1045406 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1685-1 Rating: important References: #1015342 #1022595 #1027101 #1037669 #1039214 #1039348 #1040351 #1040364 #1040567 #1040609 #1042286 #1042863 #1043990 #1044082 #1044120 #1044767 #1044772 #1044880 #1045154 #1045235 #1045286 #1045307 #1045467 #1045568 #966170 #966172 #966191 #990682 Cross-References: CVE-2017-1000364 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves one vulnerability and has 27 fixes is now available. Description: The openSUSE Leap 42.2 kernel was updated to 4.4.73 to receive security and bugfixes. The following security bugs were fixed: - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010) (bnc#1039348). The previous fix caused some Java applications to crash and has been replaced by the upstream fix. The following non-security bugs were fixed: - md: fix a null dereference (bsc#1040351). - net/mlx5e: Fix timestamping capabilities reporting (bsc#966170, bsc#1015342) - reiserfs: don't preallocate blocks for extended attributes (bsc#990682) - ibmvnic: Fix error handling when registering long-term-mapped buffers (bsc#1045568). - Fix kabi after adding new field to struct mddev (bsc#1040351). - Fix soft lockup in svc_rdma_send (bsc#729329). - IB/addr: Fix setting source address in addr6_resolve() (bsc#1044082). - IB/ipoib: Fix memory leak in create child syscall (bsc#1022595 FATE#322350). - IB/mlx5: Assign DSCP for R-RoCE QPs Address Path (bsc#966170 bsc#966172 bsc#966191). - IB/mlx5: Check supported flow table size (bsc#966170 bsc#966172 bsc#966191). - IB/mlx5: Enlarge autogroup flow table (bsc#966170 bsc#966172 bsc#966191). - IB/mlx5: Fix kernel to user leak prevention logic (bsc#966170 bsc#966172 bsc#966191). - NFSv4: do not let hanging mounts block other mounts (bsc#1040364). - [v2, 2/3] powerpc/fadump: avoid holes in boot memory area when fadump is registered (bsc#1037669). - [v2,1/3] powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669). - [v2,3/3] powerpc/fadump: provide a helpful error message (bsc#1037669). - dm: remove dummy dm_table definition (bsc#1045307) - ibmvnic: Activate disabled RX buffer pools on reset (bsc#1044767). - ibmvnic: Client-initiated failover (bsc#1043990). - ibmvnic: Correct return code checking for ibmvnic_init during probe (bsc#1045286). - ibmvnic: Ensure that TX queues are disabled in __ibmvnic_close (bsc#1044767). - ibmvnic: Exit polling routine correctly during adapter reset (bsc#1044767). - ibmvnic: Fix incorrectly defined ibmvnic_request_map_rsp structure (bsc#1045568). - ibmvnic: Remove VNIC_CLOSING check from pending_scrq (bsc#1044767). - ibmvnic: Remove module author mailing address (bsc#1045467). - ibmvnic: Remove netdev notify for failover resets (bsc#1044120). - ibmvnic: Return from ibmvnic_resume if not in VNIC_OPEN state (bsc#1045235). - ibmvnic: Sanitize entire SCRQ buffer on reset (bsc#1044767). - ibmvnic: driver initialization for kdump/kexec (bsc#1044772). - ipv6: release dst on error in ip6_dst_lookup_tail (git-fixes). - jump label: fix passing kbuild_cflags when checking for asm goto support (git-fixes). - kabi workaround for net: ipv6: Fix processing of RAs in presence of VRF (bsc#1042286). - lan78xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154). - loop: Add PF_LESS_THROTTLE to block/loop device thread (bsc#1027101). - md: use a separate bio_set for synchronous IO (bsc#1040351). - mlx4: Fix memory leak after mlx4_en_update_priv() (bsc#966170 bsc#966172 bsc#966191). - mm: fix new crash in unmapped_area_topdown() (bnc#1039348). - net/mlx5: Do not unlock fte while still using it (bsc#966170 bsc#966172 bsc#966191). - net/mlx5: Fix create autogroup prev initializer (bsc#966170 bsc#966172 bsc#966191). - net/mlx5: Prevent setting multicast macs for VFs (bsc#966170 bsc#966172 bsc#966191). - net/mlx5: Release FTE lock in error flow (bsc#966170 bsc#966172 bsc#966191). - net/mlx5e: Modify TIRs hash only when it's needed (bsc#966170 bsc#966172 bsc#966191). - net: icmp_route_lookup should use rt dev to determine L3 domain (bsc#1042286). - net: ipv6: Fix processing of RAs in presence of VRF (bsc#1042286). - net: l3mdev: Add master device lookup by index (bsc#1042286). - net: make netdev_for_each_lower_dev safe for device removal (bsc#1042286). - net: vrf: Create FIB tables on link create (bsc#1042286). - net: vrf: Fix crash when IPv6 is disabled at boot time (bsc#1042286). - net: vrf: Fix dev refcnt leak due to IPv6 prefix route (bsc#1042286). - net: vrf: Fix dst reference counting (bsc#1042286). - net: vrf: Switch dst dev to loopback on device delete (bsc#1042286). - net: vrf: protect changes to private data with rcu (bsc#1042286). - powerpc/fadump: add reschedule point while releasing memory (bsc#1040609). - powerpc/fadump: return error when fadump registration fails (bsc#1040567). - ravb: Fix use-after-free on `ifconfig eth0 down` (git-fixes). - sctp: check af before verify address in sctp_addr_id2transport (git-fixes). - vrf: remove slave queue and private slave struct (bsc#1042286). - xen-blkback: do not leak stack data via response ring (bsc#1042863 XSA-216). - xfrm: Only add l3mdev oif to dst lookups (bsc#1042286). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-734=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (x86_64): kernel-debug-4.4.73-18.17.1 kernel-debug-base-4.4.73-18.17.1 kernel-debug-base-debuginfo-4.4.73-18.17.1 kernel-debug-debuginfo-4.4.73-18.17.1 kernel-debug-debugsource-4.4.73-18.17.1 kernel-debug-devel-4.4.73-18.17.1 kernel-debug-devel-debuginfo-4.4.73-18.17.1 kernel-default-4.4.73-18.17.1 kernel-default-base-4.4.73-18.17.1 kernel-default-base-debuginfo-4.4.73-18.17.1 kernel-default-debuginfo-4.4.73-18.17.1 kernel-default-debugsource-4.4.73-18.17.1 kernel-default-devel-4.4.73-18.17.1 kernel-obs-build-4.4.73-18.17.1 kernel-obs-build-debugsource-4.4.73-18.17.1 kernel-obs-qa-4.4.73-18.17.1 kernel-syms-4.4.73-18.17.1 kernel-vanilla-4.4.73-18.17.1 kernel-vanilla-base-4.4.73-18.17.1 kernel-vanilla-base-debuginfo-4.4.73-18.17.1 kernel-vanilla-debuginfo-4.4.73-18.17.1 kernel-vanilla-debugsource-4.4.73-18.17.1 kernel-vanilla-devel-4.4.73-18.17.1 - openSUSE Leap 42.2 (noarch): kernel-devel-4.4.73-18.17.1 kernel-docs-4.4.73-18.17.2 kernel-docs-html-4.4.73-18.17.2 kernel-docs-pdf-4.4.73-18.17.2 kernel-macros-4.4.73-18.17.1 kernel-source-4.4.73-18.17.1 kernel-source-vanilla-4.4.73-18.17.1 References: https://www.suse.com/security/cve/CVE-2017-1000364.html https://bugzilla.suse.com/1015342 https://bugzilla.suse.com/1022595 https://bugzilla.suse.com/1027101 https://bugzilla.suse.com/1037669 https://bugzilla.suse.com/1039214 https://bugzilla.suse.com/1039348 https://bugzilla.suse.com/1040351 https://bugzilla.suse.com/1040364 https://bugzilla.suse.com/1040567 https://bugzilla.suse.com/1040609 https://bugzilla.suse.com/1042286 https://bugzilla.suse.com/1042863 https://bugzilla.suse.com/1043990 https://bugzilla.suse.com/1044082 https://bugzilla.suse.com/1044120 https://bugzilla.suse.com/1044767 https://bugzilla.suse.com/1044772 https://bugzilla.suse.com/1044880 https://bugzilla.suse.com/1045154 https://bugzilla.suse.com/1045235 https://bugzilla.suse.com/1045286 https://bugzilla.suse.com/1045307 https://bugzilla.suse.com/1045467 https://bugzilla.suse.com/1045568 https://bugzilla.suse.com/966170 https://bugzilla.suse.com/966172 https://bugzilla.suse.com/966191 https://bugzilla.suse.com/990682 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for MozillaFirefox, MozillaFirefox-branding-SLE ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1669-1 Rating: important References: #1035082 #1043960 Cross-References: CVE-2016-10196 CVE-2017-5429 CVE-2017-5430 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5449 CVE-2017-5451 CVE-2017-5454 CVE-2017-5455 CVE-2017-5456 CVE-2017-5459 CVE-2017-5460 CVE-2017-5461 CVE-2017-5462 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466 CVE-2017-5467 CVE-2017-5469 CVE-2017-5470 CVE-2017-5472 CVE-2017-7749 CVE-2017-7750 CVE-2017-7751 CVE-2017-7752 CVE-2017-7754 CVE-2017-7755 CVE-2017-7756 CVE-2017-7757 CVE-2017-7758 CVE-2017-7761 CVE-2017-7763 CVE-2017-7764 CVE-2017-7765 CVE-2017-7768 CVE-2017-7778 Affected Products: SUSE OpenStack Cloud 6 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes 50 vulnerabilities is now available. Description: The MozillaFirefox was updated to the new ESR 52.2 release, which fixes the following issues (bsc#1043960): * MFSA 2017-16/CVE-2017-7758 Out-of-bounds read in Opus encoder * MFSA 2017-16/CVE-2017-7749 Use-after-free during docshell reloading * MFSA 2017-16/CVE-2017-7751 Use-after-free with content viewer listeners * MFSA 2017-16/CVE-2017-5472 Use-after-free using destroyed node when regenerating trees * MFSA 2017-16/CVE-2017-5470 Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2 * MFSA 2017-16/CVE-2017-7752 Use-after-free with IME input * MFSA 2017-16/CVE-2017-7750 Use-after-free with track elements * MFSA 2017-16/CVE-2017-7768 32 byte arbitrary file read through Mozilla Maintenance Service * MFSA 2017-16/CVE-2017-7778 Vulnerabilities in the Graphite 2 library * MFSA 2017-16/CVE-2017-7754 Out-of-bounds read in WebGL with ImageInfo object * MFSA 2017-16/CVE-2017-7755 Privilege escalation through Firefox Installer with same directory DLL files * MFSA 2017-16/CVE-2017-7756 Use-after-free and use-after-scope logging XHR header errors * MFSA 2017-16/CVE-2017-7757 Use-after-free in IndexedDB * MFSA 2017-16/CVE-2017-7761 File deletion and privilege escalation through Mozilla Maintenance Service helper.exe application * MFSA 2017-16/CVE-2017-7763 Mac fonts render some unicode characters as spaces * MFSA 2017-16/CVE-2017-7765 Mark of the Web bypass when saving executable files * MFSA 2017-16/CVE-2017-7764 (bmo#1364283, bmo#http://www.unicode.org/reports/tr31/tr31-26 .html#Aspirational_Use_Scripts) Domain spoofing with combination of Canadian Syllabics and other unicode blocks - update to Firefox ESR 52.1 (bsc#1035082) * MFSA 2017-12/CVE-2016-10196 Vulnerabilities in Libevent library * MFSA 2017-12/CVE-2017-5443 Out-of-bounds write during BinHex decoding * MFSA 2017-12/CVE-2017-5429 Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 * MFSA 2017-12/CVE-2017-5464 Memory corruption with accessibility and DOM manipulation * MFSA 2017-12/CVE-2017-5465 Out-of-bounds read in ConvolvePixel * MFSA 2017-12/CVE-2017-5466 Origin confusion when reloading isolated data:text/html URL * MFSA 2017-12/CVE-2017-5467 Memory corruption when drawing Skia content * MFSA 2017-12/CVE-2017-5460 Use-after-free in frame selection * MFSA 2017-12/CVE-2017-5461 Out-of-bounds write in Base64 encoding in NSS * MFSA 2017-12/CVE-2017-5448 Out-of-bounds write in ClearKeyDecryptor * MFSA 2017-12/CVE-2017-5449 Crash during bidirectional unicode manipulation with animation * MFSA 2017-12/CVE-2017-5446 Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data * MFSA 2017-12/CVE-2017-5447 Out-of-bounds read during glyph processing * MFSA 2017-12/CVE-2017-5444 Buffer overflow while parsing application/http-index-format content * MFSA 2017-12/CVE-2017-5445 Uninitialized values used while parsing application/http- index-format content * MFSA 2017-12/CVE-2017-5442 Use-after-free during style changes * MFSA 2017-12/CVE-2017-5469 Potential Buffer overflow in flex-generated code * MFSA 2017-12/CVE-2017-5440 Use-after-free in txExecutionState destructor during XSLT processing * MFSA 2017-12/CVE-2017-5441 Use-after-free with selection during scroll events * MFSA 2017-12/CVE-2017-5439 Use-after-free in nsTArray Length() during XSLT processing * MFSA 2017-12/CVE-2017-5438 Use-after-free in nsAutoPtr during XSLT processing * MFSA 2017-12/CVE-2017-5436 Out-of-bounds write with malicious font in Graphite 2 * MFSA 2017-12/CVE-2017-5435 Use-after-free during transaction processing in the editor * MFSA 2017-12/CVE-2017-5434 Use-after-free during focus handling * MFSA 2017-12/CVE-2017-5433 Use-after-free in SMIL animation functions * MFSA 2017-12/CVE-2017-5432 Use-after-free in text input selection * MFSA 2017-12/CVE-2017-5430 Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1 * MFSA 2017-12/CVE-2017-5459 Buffer overflow in WebGL * MFSA 2017-12/CVE-2017-5462 DRBG flaw in NSS * MFSA 2017-12/CVE-2017-5455 Sandbox escape through internal feed reader APIs * MFSA 2017-12/CVE-2017-5454 Sandbox escape allowing file system read access through file picker * MFSA 2017-12/CVE-2017-5456 Sandbox escape allowing local file system access * MFSA 2017-12/CVE-2017-5451 Addressbar spoofing with onblur event Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1035=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1035=1 - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1035=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-1035=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1035=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1035=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1035=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-1035=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1035=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (x86_64): MozillaFirefox-52.2.0esr-108.3 MozillaFirefox-branding-SLE-52-31.1 MozillaFirefox-debuginfo-52.2.0esr-108.3 MozillaFirefox-debugsource-52.2.0esr-108.3 MozillaFirefox-devel-52.2.0esr-108.3 MozillaFirefox-translations-52.2.0esr-108.3 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): MozillaFirefox-debuginfo-52.2.0esr-108.3 MozillaFirefox-debugsource-52.2.0esr-108.3 MozillaFirefox-devel-52.2.0esr-108.3 - SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64): MozillaFirefox-52.2.0esr-108.3 MozillaFirefox-branding-SLE-52-31.1 MozillaFirefox-debuginfo-52.2.0esr-108.3 MozillaFirefox-debugsource-52.2.0esr-108.3 MozillaFirefox-devel-52.2.0esr-108.3 MozillaFirefox-translations-52.2.0esr-108.3 - SUSE Linux Enterprise Server for SAP 12 (x86_64): MozillaFirefox-52.2.0esr-108.3 MozillaFirefox-branding-SLE-52-31.1 MozillaFirefox-debuginfo-52.2.0esr-108.3 MozillaFirefox-debugsource-52.2.0esr-108.3 MozillaFirefox-devel-52.2.0esr-108.3 MozillaFirefox-translations-52.2.0esr-108.3 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): MozillaFirefox-52.2.0esr-108.3 MozillaFirefox-branding-SLE-52-31.1 MozillaFirefox-debuginfo-52.2.0esr-108.3 MozillaFirefox-debugsource-52.2.0esr-108.3 MozillaFirefox-translations-52.2.0esr-108.3 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): MozillaFirefox-52.2.0esr-108.3 MozillaFirefox-branding-SLE-52-31.1 MozillaFirefox-debuginfo-52.2.0esr-108.3 MozillaFirefox-debugsource-52.2.0esr-108.3 MozillaFirefox-translations-52.2.0esr-108.3 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): MozillaFirefox-52.2.0esr-108.3 MozillaFirefox-branding-SLE-52-31.1 MozillaFirefox-debuginfo-52.2.0esr-108.3 MozillaFirefox-debugsource-52.2.0esr-108.3 MozillaFirefox-devel-52.2.0esr-108.3 MozillaFirefox-translations-52.2.0esr-108.3 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): MozillaFirefox-52.2.0esr-108.3 MozillaFirefox-branding-SLE-52-31.1 MozillaFirefox-debuginfo-52.2.0esr-108.3 MozillaFirefox-debugsource-52.2.0esr-108.3 MozillaFirefox-devel-52.2.0esr-108.3 MozillaFirefox-translations-52.2.0esr-108.3 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): MozillaFirefox-52.2.0esr-108.3 MozillaFirefox-branding-SLE-52-31.1 MozillaFirefox-debuginfo-52.2.0esr-108.3 MozillaFirefox-debugsource-52.2.0esr-108.3 MozillaFirefox-translations-52.2.0esr-108.3 References: https://www.suse.com/security/cve/CVE-2016-10196.html https://www.suse.com/security/cve/CVE-2017-5429.html https://www.suse.com/security/cve/CVE-2017-5430.html https://www.suse.com/security/cve/CVE-2017-5432.html https://www.suse.com/security/cve/CVE-2017-5433.html https://www.suse.com/security/cve/CVE-2017-5434.html https://www.suse.com/security/cve/CVE-2017-5435.html https://www.suse.com/security/cve/CVE-2017-5436.html https://www.suse.com/security/cve/CVE-2017-5438.html https://www.suse.com/security/cve/CVE-2017-5439.html https://www.suse.com/security/cve/CVE-2017-5440.html https://www.suse.com/security/cve/CVE-2017-5441.html https://www.suse.com/security/cve/CVE-2017-5442.html https://www.suse.com/security/cve/CVE-2017-5443.html https://www.suse.com/security/cve/CVE-2017-5444.html https://www.suse.com/security/cve/CVE-2017-5445.html https://www.suse.com/security/cve/CVE-2017-5446.html https://www.suse.com/security/cve/CVE-2017-5447.html https://www.suse.com/security/cve/CVE-2017-5448.html https://www.suse.com/security/cve/CVE-2017-5449.html https://www.suse.com/security/cve/CVE-2017-5451.html https://www.suse.com/security/cve/CVE-2017-5454.html https://www.suse.com/security/cve/CVE-2017-5455.html https://www.suse.com/security/cve/CVE-2017-5456.html https://www.suse.com/security/cve/CVE-2017-5459.html https://www.suse.com/security/cve/CVE-2017-5460.html https://www.suse.com/security/cve/CVE-2017-5461.html https://www.suse.com/security/cve/CVE-2017-5462.html https://www.suse.com/security/cve/CVE-2017-5464.html https://www.suse.com/security/cve/CVE-2017-5465.html https://www.suse.com/security/cve/CVE-2017-5466.html https://www.suse.com/security/cve/CVE-2017-5467.html https://www.suse.com/security/cve/CVE-2017-5469.html https://www.suse.com/security/cve/CVE-2017-5470.html https://www.suse.com/security/cve/CVE-2017-5472.html https://www.suse.com/security/cve/CVE-2017-7749.html https://www.suse.com/security/cve/CVE-2017-7750.html https://www.suse.com/security/cve/CVE-2017-7751.html https://www.suse.com/security/cve/CVE-2017-7752.html https://www.suse.com/security/cve/CVE-2017-7754.html https://www.suse.com/security/cve/CVE-2017-7755.html https://www.suse.com/security/cve/CVE-2017-7756.html https://www.suse.com/security/cve/CVE-2017-7757.html https://www.suse.com/security/cve/CVE-2017-7758.html https://www.suse.com/security/cve/CVE-2017-7761.html https://www.suse.com/security/cve/CVE-2017-7763.html https://www.suse.com/security/cve/CVE-2017-7764.html https://www.suse.com/security/cve/CVE-2017-7765.html https://www.suse.com/security/cve/CVE-2017-7768.html https://www.suse.com/security/cve/CVE-2017-7778.html https://bugzilla.suse.com/1035082 https://bugzilla.suse.com/1043960 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Visit Hardware Asylum - http://www.hardwareasylum.com body { margin: 0px; padding: 10px; text-align: left; background-color: #FFF; } #header { vertical-align: top; height: 80px; } #footer { font-family: arial, Helvetica, sans-serif; font-size: 10px; color: #000; margin-top: 5px; padding: 3px; } .titletext { font-family: Arial, Helvetica, sans-serif; font-size: 18px; font-weight: bold; color: #852222; } .subtitletext { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; color: #9E9E9E; } .bodytext { font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #000000; } .smalltext { font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #9E9E9E; } b { font-weight: bold; } i { font-style: italic; } a { color: #C00; } Hello Everyone,When is an AIO not an AIO? prolly when the parts used are from a DIY.Subject: Alphacool Eisbaer 120 CPU AIO Water Cooler Review ( -at -) Hardware AsylumURL: http://www.hardwareasylum.com/reviews/cooling/alphacool_eisbaer-120Quote: With the Alphacool Eisbaer you now have an option to build a user friendly cooling system that can grow with your build instead of locking you into it.A news posting would be appreciated. ThanksDennis Garciahttp://www.hardwareasylum.com To no longer receive these types of emails please send a copy of this message to us at support ( -at -) hardwareasylum.com and we'll remove you from the list. Copyright © Hardware Asylum 1999-2013 All rights reserved

** TECHSPOT ------------------------------------------------------------ ** Top 10 Best MMOs ------------------------------------------------------------ ** https://www.techspot.com/article/1434-the-best-mmos/ ------------------------------------------------------------ It's no secret that MMORPGs are some of the most popular PC games on the planet. Since the early days of Ultima Online all the way to more recent offerings like Black Desert Online, MMOs have filled a gap in many gamers' lives that other genres - no matter how good they might be - just haven't yet. Here are what I believe are the 10 best MMOs out there right now. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : smb4k Version : 1.2.1-2~deb7u1 CVE ID : CVE-2017-8849 Debian Bug : 862505 Sebastian Krahmer from SUSE discovered that smb4k, a Samba (SMB) share advanced browser, contains a logic flaw in which the mount helper binary does not properly verify the mount command it is being asked to run. This allows local users to call any other binary as root. The issue is resolved by backporting version 1.2.1-2 from Debian 9 "Stretch". For Debian 7 "Wheezy", these problems have been fixed in version 1.2.1-2~deb7u1. We recommend that you upgrade your smb4k packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAllQPCJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeRwsQ//YmV77gSg9NO6MQRECacl05schHdCuRC8Zy8dRl66sWUSNzfzt9ag3AyQ 4HDxPwHwxtrpllqCxmMq6gAT5rbYbdtnc5rmrFpWyboSeiQ0/tZDz9xeV+q3WNhJ ntpm/edNF7nt90q5yYKSirhy2AhCd2BJjHeOnLFS7uusTYHLKxodpJqa2wPRfXSq I5hQyATplwzYlnp8Fm3pMoUBSNWnJ/zUl0MZxMi1rTcqdQSnAssXNu+NOsisYA0z hxaZWewAW0lOQuKclE322eAUynuGBQ+XqaTbR5z4mFPYu1NZjtsEOPZj+QI1+ehZ pSZoYLAdP7bu/a/aK7z57Sw3GmAYSKMyre02syUv2T3kY3KfDOudoWtoZBEydnER zjDK/3MPK6drxUMUqY0XFwtKkbYVmAXk8sZrILqDfkHE+gXFiQzqbpoR3WBtMPZF Xrh8uJ+ZF5ZP5YNY7d3LwGOjMFYQLyuJIvd/3mARpEPmPUR2WKFJ62CVhScj5Hac cruGEv+hF70kw0ugSQYU90RaxoKTE6tEyJI0BE3OQXI9BqyEgHRgYozJW8nO31+i brskUdmD26H7s7J1lAqdU3eefkbzYf683vJwR/g/4OpBaq5GNJwSPyR9eJx3oOp3 p3MZ7obNxzimz+hvc7j7uixUPtFmNBbLxG9dkBgTP8JzKu2r3pQ= =Ed75 -----END PGP SIGNATURE-----

-------- SILVERSTONE PRIMERA PM01-RGB COMPUTER CASE REVIEW ( -at -) APH NETWORKS ---- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: SilverStone Primera PM01-RGB Computer Case Review ( -at -) APH Networks * Description: SilverStone adds RGB goodness and tempered glass to an already favorable design, resulting in the Primera PM01-RGB. * Link: http://aphnetworks.com/reviews/silverstone-primera-pm01-rgb * Image: http://aphnetworks.com/review/silverstone-primera-pm01-rgb/016.jpg Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5

** TECHSPOT ------------------------------------------------------------ ** Transfer Steam Games to an SSD without Redownloading ------------------------------------------------------------ ** http://www.techspot.com/article/1429-move-steam-game-library/ ------------------------------------------------------------ Although solid state drives have steadily increased in capacity, so too have the size of game installs. Today's triple-A titles commonly occupy upwards of 20GB with many approaching or exceeding 60GB, especially after accounting for downloadable content. Ironically, it's often these large releases that benefit the most from the improved load times. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

Title: LaCie 2TB Rugged Thunderbolt USB-C Professional All-Terrain Mobile Storage Review ( -at -) NikKTech Description: Thanks to its IP 54 certified rugged enclosure designed by Neil Poulton and its compatibility with both MAC and Windows systems via Thunderbolt and USB 3.1 connectivity the latest 2TB Rugged Thunderbolt USB-C Professional All-Terrain Mobile Storage by LaCie could be exactly what you've been looking for. Article Link: https://www.nikktech.com/main/articles/peripherals/external-storage/portable -hard-drives/7940-lacie-2tb-rugged-thunderbolt-usb-c-professional-all-terrai n-mobile-storage-review Image Link: http://www.nikktech.com/main/images/pics/reviews/lacie/rugged_2tb_thunderbol t_usb_c/lacie_rugged_2tb_thunderbolt_usb_ca.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas

TITLE Logitech G413 Review ( -at -) Vortez CONTENT: The Logitech G413 also features a brushed, aircraft grade aluminium-magnesium backplate, for strength and lightness; along with a USB2.0 pass-through paired with cable routeing under the keyboard, single colour backlit keys, multi-function F keys, 26-key rollover and many other features. LINK: https://www.vortez.net/review.php?id=1312 ---------------------------------------------------------------------------- -------------------- Please post this news item in your news section. Thank you.

The Wine development release 2.11 is now available. What's new in this release (see below for details): - OpenGL support in the Android driver. - Support for security labels. - Relay debugging on ARM64. - More dictionary support in WebServices. - New registry file parser in RegEdit. - Various bug fixes. The source is available from the following locations: http://dl.winehq.org/wine/source/2.x/wine-2.11.tar.xz http://mirrors.ibiblio.org/wine/source/2.x/wine-2.11.tar.xz Binary packages for various distributions will be available from: http://www.winehq.org/download You will find documentation on http://www.winehq.org/documentation You can also get the current source directly from the git repository. Check http://www.winehq.org/git for details. Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list. ---------------------------------------------------------------- Bugs fixed in 2.11 (total 16): 11433 unimplemented function ole32.dll.OleGetIconOfFile 22776 Call of Duty: Modern Warfare 2 flickery textures in midrange background 27106 IMSSA EuroDEEM (VB6 app) fails on startup, reporting "Type MisMatch" error (VARIANT_Coerce: treat VT_NULL like VT_EMPTY when converting to VT_BSTR) 32233 Battlefield Bad Company 2 weapons/items hold by player distorted/invisible 33740 Sound Recorder displays error when seeking MP3 stream to the end 39909 4K display bug (3840x2160) 42140 "Unrecognized stencil op 0" messages flooding system log in Söldner Secret Wars 42910 Scrabble (Infogrames) multiplayer requires IDirectPlay4::EnumConnections 43084 PresentMon requires tdh.dll 43098 WarBR: game (WarS v5.5 p4) crashes on unimplemented function wmvcore.dll.WMCheckURLScheme when using native wmp.dll (WMP9) 43122 Retro Achievements Snes9x emulator crashes on start 43152 VistA GuiMail won't start, needs adsldpc.dll 43157 Adobe Premiere needs ntoskrnl.exe.KeAcquireSpinLockRaiseToDpc 43175 redefinition of typedef ‘ID2D1Image’ (gcc-4.2) 43216 winhttp fails to redirect from http to https on 301 error. 43220 Adobe Premiere needs ntoskrnl.exe.KeReleaseSpinLock ---------------------------------------------------------------- Changes since 2.10: Alexandre Julliard (17): wineandroid: Start in landscape mode and don't restart on config changes. wineandroid: Store the actual screen DPI on startup. include: Make socklen_t a define to avoid conflicting typedefs. ws2_32: Use socklen_t where appropriate. iphlpapi: Check if getifaddrs really exists. wineandroid: Add a stub implementation of ChangeDisplaySetting[censored]. wineandroid: Add a stub implementation of EnumDisplaySetting[censored]. wineandroid: Support creating a separate native window for OpenGL rendering in the client area. wineandroid: Add infrastructure to support a separate TextureView for the window client area. wineandroid: Create window groups inside every window to support a client area. wineandroid: Also create HWND_MESSAGE windows on the Java side. configure: Add check for OpenGL ES libraries. wineandroid: Initial version of the OpenGL driver. wineandroid: Create a proper EGL window surface once we receive a surface from Java. wineandroid: Implement wglCreateContextAttribsARB. wineandroid: Implement wglMakeContextCurrentARB. wineandroid: Implement wglSwapIntervalEXT. Alistair Leslie-Hughes (9): include/windocdec.idl: Add interface IWICImagingFactory2. windowscodecs: Register WICImagingFactory2 interface. oleaut32: Improve support for IDispatch in VarCat. include/wmsdkidl.idl: Add IWMLanguageList, IWMReaderPlaylistBurn interfaces. oledb32/tests: Add to DBTYPE_WSTR tests for GetConversionSize. oledb32: Supply a default dst len in GetConversionSize. oledb32: Add support for converting to W/STR types in GetConversionSize. oledb32: Add FIXME for DBTYPE_NUMERIC type. wmvcore: Support IWMReaderAccelerator in IWMReader. Andrey Gusev (4): d3d11/tests: Fix a typo in ok() message. api-ms-win-security-credentials-l1-1-0: Add dll. api-ms-win-core-crt-l1-1-0: Add dll. api-ms-win-core-crt-l2-1-0: Add dll. André Hentschel (4): winebuild: Emit relay debugging thunks for ARM64. ntdll: Add support for relay debugging on ARM64. include: Remove duplicate declaration of PFXVerifyPassword. kernel32: Fix EscapeCommFunction prototype. Aurimas Fišeras (2): po: Update Lithuanian translation. po: Update Lithuanian translation. Austin English (4): ntoskrnl: Add KeAcquireSpinLockRaiseToDpc stub. wmvcore: Add WMCheckURLScheme stub. dbgeng: Sync to windows 10. ntoskrnl.exe: Add KeReleaseSpinLock stub. Bruno Jesus (1): dinput: Limit axes while remaping broken devices. Clemens Tamme (1): gdiplus: Implement triangular line caps in widened paths. Daniel Lehman (8): msvcrt: Move exception rethrow handling to call_catch_block. msvcrt: Clean up registered C++ objects in handler. msvcrt: Only unwind current catch block when handling nested exception. msvcrt: Support rethrowing SEH exceptions. winedbg: Display movaps in disassembly. winedbg: Display movups in disassembly. opengl32/tests: Add tests for ChoosePixelFormat. opengl32: Don't fail with both PFD_DOUBLEBUFFER_DONTCARE and PFD_STEREO_DONTCARE. Dmitry Timoshkov (16): propsys: Add support for VT_I1 and VT_UI1 to PropVariantChangeType. propsys: Add support for VT_LPWSTR and VT_BSTR to PropVariantToStringAlloc. propsys: Add support for VT_BSTR to PropVariantChangeType. propsys: Make VT_FILETIME handling by PropVariantChangeType more implicit. propsys: Add support for VT_LPSTR to PropVariantChangeType. include: Print contents of VT_LPSTR and VT_LPWSTR variants in wine_dbgstr_variant. cmd: '$E' in the prompt should be interpreted as an escape code (0x1b). windowscodecs: Implement WICMapGuidToShortName. windowscodecs: Implement WICMapShortNameToGuid. windowscodecs: Implement WICMapSchemaToName. windowscodecs: Implement IWICMetadataQueryReader::GetContainerFormat. propsys: Add support for VT_LPSTR and VT_LPWSTR to PropVariantCompareEx. rsaenh: Avoid double 'va_end(args)' in case of a premature loop termination. user.exe16: Fix memory leak in case when HeapReAlloc fails. user.exe16: Remove redundant HeapReAlloc. dsound: Fix a memory leak. Fabian Maurer (1): comctl32/taskdialog: Added support for custom buttons. Hans Leidekker (16): webservices: Add a static builtin dictionary. webservices: Support more text record types in the reader. webservices/tests: Add a test for WsCopyNode. webservices: Restore the current pointer after reading ahead in read_move_to. webservices: Implement WsReadXmlBuffer. webservices: Store buffer encoding and character set. webservices: Add support for writing WS_UNIQUE_ID values. webservices: Add support for writing WS_XML_QNAME values. webservices: Add support for reading WS_STRING values. webservices: Add support for reading WS_UNIQUE_ID values. webservices: Add support for reading WS_XML_STRING values. webservices: Add support for reading WS_XML_QNAME values. winhttp: Only read as much data as advertized when draining content. webservices: Allow the dictionary functions to be used with any dictionary. webservices: Add support for dynamic string callbacks. winhttp: Reset content length when a redirect creates a new connection. Henri Verbeet (2): wined3d: Also check for "Mesa" in GL_VERSION in wined3d_guess_gl_vendor(). include: Simply forward declare the required D2D interfaces in wincodec.idl. Hermès Bélusca-Maïto (1): advapi32/tests: Fix build with MSVC. Hugh McMaster (30): reg/tests: Test case sensitivity when creating and deleting registry keys. reg/tests: Test the accepted range of the hex-based data types. regedit/tests: Test case sensitivity when creating and deleting registry keys. regedit/tests: Test the accepted range of the hex-based data types. regedit: Add status bar text for the 'Expand'/'Collapse' menu item. reg/tests: Output "(Default)" when referring to the default registry value. reg/tests: Test whether "" is interpreted as the default registry value. regedit/tests: Output "(Default)" when referring to the default registry value. regedit/tests: Test whether "" is interpreted as the default registry value. regedit: Free the stringValueData buffer before using it again (Coverity). regedit: Introduce a partial state machine for importing registry data. regedit: Perform key operations in the state machine. regedit: Perform value name operations in the state machine. regedit: Add data parsing operations to the state machine. regedit: Remove an unused #define. regedit: Export hex data types without warning about unsupported data types. regedit: Free the memory used by the REG_DWORD and hex data types after saving the registry value. regedit: Use a case insensitive comparison when parsing registry classes from registry file versions 4 and 5. regedit: Allow the deletion of registry keys beginning with a lowercase 'H'. regedit: Use the correct mask flags with LVM_GETNEXTITEM. regedit: Re-insert the default value item after deleting its data. regedit: Use a generic data type to correctly process all data types. regedit: Fail when parsing any hex data type that is greater than ULONG_MAX on Windows. regedit: Display all registry data types in the GUI. regedit: Display data for all values in the GUI. regedit/tests: Add tests for parsing hex data. reg/tests: Add tests for parsing hex data. reg/tests: Add the final comma to the comma-placement test. reg/tests: Add tests to determine the effects of backslashes in hex data. regedit/tests: Add tests to determine the effects of backslashes in hex data. Jacek Caban (13): wininet/tests: Silence noisy traces. wininet/tests: Fixed potential buffer overflow (coverity). oleaut32: Simplify VarCat implementation. mshtml.idl: Added IHTMLInputTextElement2 declaration. mshtml: Added IHTMLInputTextElement2 stub implementation. mshtml: Added IHTMLInputTextElement2::selectionStart property implementation. mshtml: Added IHTMLInputTextElement2::selectionEnd property implementation. mshtml: Added IHTMLInputTextElement2::setSelectionRange implementation. mshtml: Expose IHTMLInputTextElement2 to scripts. mshtml/tests: Added IHTMLInputTextElement2 tests. widl: Try to find imported typelib using .tlb extension if it wasn't specified. server: Introduce create_server_async and use it in read request handler. mshtml: Moved EvaluateNewWindow call to navigate_new_window. Julian Rüger (1): po: Update German translation. Józef Kucia (1): wined3d: Do not declare pixel shader inputs when they are not used. Ken Thomases (1): winemac: Break out of the window-dragging message loop if the window is hidden or destroyed. Marcin Mikołajczak (1): po: Updated Polish translation. Marcus Meissner (4): webservices: Free header on error exit (Coverity). webservices: Fixed memory leak in build_custom_header (Coverity). msvcrt: Free the temporary filename (Coverity). wsdapi: Fixed memory leak in error path (Coverity). Matteo Bruni (7): d3dx9: Move set_number() into d3dx9_private.h. d3dx9/tests: Fix compilation when the NAN macro is not available. d3dx9/tests: Add a comment about the negation in boolean constant checks. d3dx9/tests: Avoid SIZE_T in traces. advapi32/tests: Allow an additional result on newer Win10. advapi32/tests: Add a token mandatory label test. d3dx9: Make the assert() in regstore_set_values() a bit more strict. Michael Müller (9): server: Implement querying the security label of a security descriptor. server: Implement changing the label of a security descriptor. server: Do not set SE_{D, S}ACL_PRESENT if no {D, S}ACL was set. server: Implement setting a security descriptor when duplicating tokens. advapi32/tests: Add basic tests for token security descriptors. advapi32/tests: Show that tokens do not inherit security descriptors during duplication. advapi32/tests: Show that tokens do not inherit the DACL while creating child processes. advapi32/tests: Show that child processes do not inherit mandatory labels. server: Assign a default label to all tokens. Miklós Máté (1): quartz: Small readability fix. Nikolay Sivov (10): d3drm/tests: Add helpers to test vectors. include: Fix IDirect3DRMFace*::GetColor() macros. d3drm: Make it possible to create frames with CreateObject(). d3drm: Make it possible to create light objects using CreateObject(). po: Update Russian translation. d3drm: Make it possible to create material objects with CreateObject(). d3drm: Implement object name property. d3drm: Implement appdata property for the rest of objects. d3drm: Make it possible to create meshes with CreateObject(). d3drm: Added IDirect3DRMAnimation stub. Nils Kuhnhenn (1): oleaut32: Use variable with the correct type in LIST_FOR_EACH_ENTRY_SAFE macro. Owen Rudge (2): ws2_32: Extract IPv6 address from brackets in getaddrinfo. ws2_32/tests: Test IP address conversion in getaddrinfo. Paul Gofman (5): d3dx9: Introduce get_reg_components() helper function and use it instead of get_offset_reg() when appropriate. d3dx9: Add const qualifier to regstore_set_values() input data. d3dx9: Avoid casting each value separately in set_constants(). d3dx9: Add scalar and vector setting path to set_constants(). d3dx9/tests: Modify transpose boolean matrix test to reproduce the case of incomplete last row. Pierre Schweitzer (2): mpr: Properly handle the count set to -1 when enumerating connections. mpr: Don't stop enumeration on the first failing network provider. Piotr Caban (1): gdi32: Don't write EMR_EXTSELECTCLIPRGN to emf file on SelectClipPath call. Sebastian Lackner (6): gdiplus: Initialize containers list in GdipCloneImage. server: Do not shutdown server in persistent mode when creation of first process fails. wined3d: Avoid NULL pointer dereference when using GDI renderer. wined3d: Create CPU blitter also for GDI render. wined3d: Fix memory leaks in blitter_destroy callbacks. wined3d: Trigger frontbuffer update in surface_cpu_blt. Thomas Faber (2): devenum/tests: Fix return value check for IEnumMoniker_Next. advapi32/tests: Properly restore privileges in test_AdjustTokenPrivileges. Zebediah Figura (14): include: Pack WAVEFORMAT structs. winemp3.acm: Fix error in acmStreamSize(). include: Add missing MSI message values. msi: Use an external UI record handler before a string handler. msi: Store string and record callback data separately. msi: Pass the given record to the callback. msacm32: Rewrite PCM conversion functions. msi: Don't reimplement record formatting. quartz: Restore a comment explaining mediatime. quartz: Use nAvgBytesPerSec to calculate length. winemp3.acm: Disallow operations encoding to MPEG. msacm32: Don't add a format entry if it is decode-only. msacm32: Add invalid parameter checks for acmFormatChoose(). msacm32: Implement ACMFORMATCHOOSE_STYLEF_INITTOWFXSTRUCT. Zhenbo Li (1): ole32: Add stub for OleGetIconOfFile. -- Alexandre Julliard julliard ( -at -) winehq.org

-------- EDIFIER S1000DB DESKTOP COMPUTER SPEAKERS REVIEW ( -at -) APH NETWORKS ----- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: Edifier S1000DB Desktop Computer Speakers Review ( -at -) APH Networks * Description: The Edifier S1000DB are large desktop speakers that is big on performance and small in price. * Link: http://aphnetworks.com/reviews/edifier-s1000db * Image: http://aphnetworks.com/review/edifier-s1000db/004.JPG Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5

Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* SteelSeries Arctis 7 ( -at -) LanOC Reviews <https://lanoc.org/review/audio/7569-steelseries-arctis-7> *DESCRIPTION:* Late last year I took a look at the Arctis 5 from SteelSeries and I was extremely impressed with their new audio series. It won our Top Honors Award and the Editors Choice and I liked them so much that my wife has been using them for the past 6 months. The only reason I didn’t snatch them up myself was that I wanted something wireless so I kept bugging SteelSeries and when some of the Arctis 7’s came in I couldn’t wait to get my hands on them. With a similar design, I have high hopes for their audio performance and I’m really hoping this is going to be the wireless headset that I finally stick with. SO today let’s check them out and see how they perform. *ARTICLE URL:* https://lanoc.org/review/audio/7569-steelseries-arctis-7 *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/steelseries_arctis_7/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/steelseries_arctis_7/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>

Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* SteelSeries Arctis 7 ( -at -) LanOC Reviews <https://lanoc.org/review/audio/7569-steelseries-arctis-7> *DESCRIPTION:* Late last year I took a look at the Arctis 5 from SteelSeries and I was extremely impressed with their new audio series. It won our Top Honors Award and the Editors Choice and I liked them so much that my wife has been using them for the past 6 months. The only reason I didn’t snatch them up myself was that I wanted something wireless so I kept bugging SteelSeries and when some of the Arctis 7’s came in I couldn’t wait to get my hands on them. With a similar design, I have high hopes for their audio performance and I’m really hoping this is going to be the wireless headset that I finally stick with. SO today let’s check them out and see how they perform. *ARTICLE URL:* https://lanoc.org/review/audio/7569-steelseries-arctis-7 *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/steelseries_arctis_7/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/steelseries_arctis_7/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>

Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* SteelSeries Arctis 7 ( -at -) LanOC Reviews <https://lanoc.org/review/audio/7569-steelseries-arctis-7> *DESCRIPTION:* Late last year I took a look at the Arctis 5 from SteelSeries and I was extremely impressed with their new audio series. It won our Top Honors Award and the Editors Choice and I liked them so much that my wife has been using them for the past 6 months. The only reason I didn’t snatch them up myself was that I wanted something wireless so I kept bugging SteelSeries and when some of the Arctis 7’s came in I couldn’t wait to get my hands on them. With a similar design, I have high hopes for their audio performance and I’m really hoping this is going to be the wireless headset that I finally stick with. SO today let’s check them out and see how they perform. *ARTICLE URL:* https://lanoc.org/review/audio/7569-steelseries-arctis-7 *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/steelseries_arctis_7/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/steelseries_arctis_7/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>

SUSE Security Update: Security update for tomcat ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1660-1 Rating: important References: #1007853 #1007854 #1007855 #1007857 #1007858 #1011805 #1011812 #1015119 #1033447 #1033448 #986359 #988489 Cross-References: CVE-2016-0762 CVE-2016-3092 CVE-2016-5018 CVE-2016-5388 CVE-2016-6794 CVE-2016-6796 CVE-2016-6797 CVE-2016-6816 CVE-2016-8735 CVE-2016-8745 CVE-2017-5647 CVE-2017-5648 Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS ______________________________________________________________________________ An update that fixes 12 vulnerabilities is now available. Description: Tomcat was updated to version 7.0.78, fixing various bugs and security issues. For full details see https://tomcat.apache.org/tomcat-7.0-doc/changelog.html Security issues fixed: - CVE-2016-0762: A realm timing attack in tomcat was fixed which could disclose existence of users (bsc#1007854) - CVE-2016-3092: Usage of vulnerable FileUpload package could have resulted in denial of service (bsc#986359) - CVE-2016-5018: A security manager bypass via a Tomcat utility method that was accessible to web applications was fixed. (bsc#1007855) - CVE-2016-5388: Setting HTTP_PROXY environment variable via Proxy header (bsc#988489) - CVE-2016-6794: A tomcat system property disclosure was fixed. (bsc#1007857) - CVE-2016-6796: A tomcat security manager bypass via manipulation of the configuration parameters for the JSP Servlet. (bsc#1007858) - CVE-2016-6797: A tomcat unrestricted access to global resources via ResourceLinkFactory was fixed. (bsc#1007853) - CVE-2016-6816: A HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests was fixed. (bsc#1011812) - CVE-2016-8735: A Remote code execution vulnerability in JmxRemoteLifecycleListener was fixed (bsc#1011805) - CVE-2016-8745: A Tomcat Information Disclosure in the error handling of send file code for the NIO HTTP connector was fixed. (bsc#1015119) - CVE-2017-5647: A tomcat information disclosure in pipelined request processing was fixed. (bsc#1033448) - CVE-2017-5648: A tomcat information disclosure due to using incorrect facade objects was fixed (bsc#1033447) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-1027=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-1027=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for SAP 12 (noarch): tomcat-7.0.78-7.13.4 tomcat-admin-webapps-7.0.78-7.13.4 tomcat-docs-webapp-7.0.78-7.13.4 tomcat-el-2_2-api-7.0.78-7.13.4 tomcat-javadoc-7.0.78-7.13.4 tomcat-jsp-2_2-api-7.0.78-7.13.4 tomcat-lib-7.0.78-7.13.4 tomcat-servlet-3_0-api-7.0.78-7.13.4 tomcat-webapps-7.0.78-7.13.4 - SUSE Linux Enterprise Server 12-LTSS (noarch): tomcat-7.0.78-7.13.4 tomcat-admin-webapps-7.0.78-7.13.4 tomcat-docs-webapp-7.0.78-7.13.4 tomcat-el-2_2-api-7.0.78-7.13.4 tomcat-javadoc-7.0.78-7.13.4 tomcat-jsp-2_2-api-7.0.78-7.13.4 tomcat-lib-7.0.78-7.13.4 tomcat-servlet-3_0-api-7.0.78-7.13.4 tomcat-webapps-7.0.78-7.13.4 References: https://www.suse.com/security/cve/CVE-2016-0762.html https://www.suse.com/security/cve/CVE-2016-3092.html https://www.suse.com/security/cve/CVE-2016-5018.html https://www.suse.com/security/cve/CVE-2016-5388.html https://www.suse.com/security/cve/CVE-2016-6794.html https://www.suse.com/security/cve/CVE-2016-6796.html https://www.suse.com/security/cve/CVE-2016-6797.html https://www.suse.com/security/cve/CVE-2016-6816.html https://www.suse.com/security/cve/CVE-2016-8735.html https://www.suse.com/security/cve/CVE-2016-8745.html https://www.suse.com/security/cve/CVE-2017-5647.html https://www.suse.com/security/cve/CVE-2017-5648.html https://bugzilla.suse.com/1007853 https://bugzilla.suse.com/1007854 https://bugzilla.suse.com/1007855 https://bugzilla.suse.com/1007857 https://bugzilla.suse.com/1007858 https://bugzilla.suse.com/1011805 https://bugzilla.suse.com/1011812 https://bugzilla.suse.com/1015119 https://bugzilla.suse.com/1033447 https://bugzilla.suse.com/1033448 https://bugzilla.suse.com/986359 https://bugzilla.suse.com/988489 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Which Power Supply do you need? – Seasonic showcase 2017 ------------------------------------------------------------ http://mailchi.mp/kitguru/which-power-supply-do-you-need-seasonic-showcase-2017?e=872093acb5 http://www.kitguru.net Which Power Supply do you need? – Seasonic showcase 2017 One of the biggest mistakes that a relatively inexperienced system builder will make is to place all the component focus on the most powerful processor, motherboard and graphics card while trying to save money on the power supply – often ending up with a no name brand from China. When I am building a new rig I generally work out the power I will need first then buy the best supply I can afford while leaving enough headroom for a possible upgrade. Seasonic are without question one of the finest enthusiast power supply brands in the world and over the years I have entrusted their products to power many of my own systems, both at home and work. I would go as far to say that they have proven the most reliable brand of power supplies I have tested in the last seven years on KitGuru. Read the article here: https://www.kitguru.net/components/power-supplies/zardon/which-power-supply-do-you-need-seasonic-showcase-2017/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=4841839fe6&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Rosewill RGH-3300 Pro Gaming Headset Link: https://www.techpowerup.com/reviews/Rosewill/RGH-3300_Pro_Gaming_Headset Brief: The second-cheapest gaming headset Rosewill has to offer - the $35 RGH-3300 - isn't the prettiest to look at, but acoustically, it’s surprisingly well balanced and capable of delivering good performance in both games and music. Contrary to what the song says, it's not all about the bass!

** TECHSPOT ------------------------------------------------------------ ** Intel Core i9-7900X, i7-7820X and i7-7800X Review ------------------------------------------------------------ ** http://www.techspot.com/review/1433-intel-core-i9-core-i7-skylake-x/ ------------------------------------------------------------ Intel recently announced their new Core X CPU series, comprising of not just three or four processors, but nine of them, making it the biggest range of high-end desktop CPUs Intel has ever announced. Today we'll finally be checking some of them out. Thank you. Julio Franco Executive Editor | TECHSPOT ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

A news post would be great. OCC has published a article on if Memory Speed Affects Gaming Performance; An Intel Question Here is a quote from the review: Quote: â€ÂAfter running through all of the tests, it appears that what I previously thought was an easy and clear answer is in fact more complicated. With the evidence provided I can safely say that memory can play a large role in some games over all frame rates. However, other factors like the processor, type of video card, and resolution will usually provide bigger impact in the final frame rates. Strictly speaking of game performances, the fastest memory tested does yield better results. Some games average FPS was within a 3% margin of error and others were wildly different. I think what any reader should take away from this article is that they need to factor in the rest of the system and make a sensible decision based on their setup. If you have money to burn or like to go full throttle, then you are probably already planning an SLI or Crossfire setup. At that point you might as well spend that little bit of extra memory to receive a faster set of memory. However, sometimes the jump in prices from one set to another can be drastic and that money could be better spent across the system as a whole. Title: Does Memory Speed Affect Gaming Performance; An Intel Question Link: http://www.overclockersclub.com/guides/memory_speed_vs_performance_intel/ Img: http://www.overclockersclub.com/siteimages/articles/memory_speed_vs_performance_intel/1_thumb.jpg