news

A news post would be great. OCC has published a article on if Memory Speed Affects Gaming Performance; An Intel Question Here is a quote from the review: Quote: â€ÂAfter running through all of the tests, it appears that what I previously thought was an easy and clear answer is in fact more complicated. With the evidence provided I can safely say that memory can play a large role in some games over all frame rates. However, other factors like the processor, type of video card, and resolution will usually provide bigger impact in the final frame rates. Strictly speaking of game performances, the fastest memory tested does yield better results. Some games average FPS was within a 3% margin of error and others were wildly different. I think what any reader should take away from this article is that they need to factor in the rest of the system and make a sensible decision based on their setup. If you have money to burn or like to go full throttle, then you are probably already planning an SLI or Crossfire setup. At that point you might as well spend that little bit of extra memory to receive a faster set of memory. However, sometimes the jump in prices from one set to another can be drastic and that money could be better spent across the system as a whole. Title: Does Memory Speed Affect Gaming Performance; An Intel Question Link: http://www.overclockersclub.com/guides/memory_speed_vs_performance_intel/ Img: http://www.overclockersclub.com/siteimages/articles/memory_speed_vs_performance_intel/1_thumb.jpg

CentOS Errata and Security Advisory 2017:1574 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1574.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: bef41cd132eb097411d071a615fec35f29d770bd4a241430f6d8d0bf3b0e4ad6 sudo-1.8.6p7-23.el7_3.x86_64.rpm 7f04203ae14b3f5c9fbc931b27c9ffbe168bc02f9692c020652fdaf653d08aea sudo-devel-1.8.6p7-23.el7_3.i686.rpm bf367838cb1b972e3eafcb8b65132b6d5580d2a551682aad26df5320571c23da sudo-devel-1.8.6p7-23.el7_3.x86_64.rpm Source: cd3e0346fa75a7d5083d0697ad3e332fd65dbde36378ee807ec06f3af207c2fd sudo-1.8.6p7-23.el7_3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Security Advisory 2016:2872 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-2872.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: a316fb39df3db41c50efe2defa304a41b57a5722e62b228df2d3286117db0625 sudo-1.8.6p7-21.el7_3.x86_64.rpm 35abde8a4501831218be499c6947a644854fa16e46f2a025c7b18db45578f831 sudo-devel-1.8.6p7-21.el7_3.i686.rpm 3ae0075b668b95c723a0f1182e4f1df305dcfb15c0b0ee9d9f674ada8e7a3e98 sudo-devel-1.8.6p7-21.el7_3.x86_64.rpm Source: 446258d56b12c2241ae80ffb4c0948d405b2064112d72263f707690438b20c40 sudo-1.8.6p7-21.el7_3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Security Advisory 2017:1574 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1574.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: d4582256e5f725240955991ce407b68379735965ed32349e905386e2bd5d643a sudo-1.8.6p3-29.el6_9.i686.rpm a41bc51c412e9416e9c14945dbabcbbb59868ca77b601d9c98df2f53515bbf52 sudo-devel-1.8.6p3-29.el6_9.i686.rpm x86_64: ecbde1c16e513f01cb75b8308f6b15edc1ebda985a9a337149a896ad3fd9dc30 sudo-1.8.6p3-29.el6_9.x86_64.rpm a41bc51c412e9416e9c14945dbabcbbb59868ca77b601d9c98df2f53515bbf52 sudo-devel-1.8.6p3-29.el6_9.i686.rpm c00e9b8c8034c007b022032eca50568a0bfd6243e018086c7758c4aa1f1c1679 sudo-devel-1.8.6p3-29.el6_9.x86_64.rpm Source: c0e5cd05d3c17e29ff9c249681be1167e892fa6a96d4118d3a7fa812d565018a sudo-1.8.6p3-29.el6_9.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Dobot Magician Robotic Arm Link: https://www.techpowerup.com/reviews/Dobot/Magician Brief: The Dobot Magician is an all-in-one smart robotic arm offering multiple features including drawing, 3D printing, laser engraving, and production line integration all with the help of a unified driver program. It has an excellent 0.2 mm precision range of motion, and even comes with a smartphone app for further control.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3896-1 security ( -at -) debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 22, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apache2 CVE ID : CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2017-3167 Emmanuel Dreyfus reported that the use of ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. CVE-2017-3169 Vasileios Panopoulos of AdNovum Informatik AG discovered that mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port leading to a denial of service. CVE-2017-7659 Robert Swiecki reported that a specially crafted HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process. CVE-2017-7668 Javier Jimenez reported that the HTTP strict parsing contains a flaw leading to a buffer overread in ap_find_token(). A remote attacker can take advantage of this flaw by carefully crafting a sequence of request headers to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. CVE-2017-7679 ChenQin and Hanno Boeck reported that mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. For the oldstable distribution (jessie), these problems have been fixed in version 2.4.10-10+deb8u9. The oldstable distribution (jessie) is not affected by CVE-2017-7659. For the stable distribution (stretch), these problems have been fixed in version 2.4.25-3+deb9u1. For the unstable distribution (sid), these problems have been fixed in version 2.4.25-4. We recommend that you upgrade your apache2 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3896-1 security ( -at -) debian.org https://www.debian.org/security/ Salvatore Bonaccorso June 22, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apache2 CVE ID : CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 Several vulnerabilities have been found in the Apache HTTPD server. CVE-2017-3167 Emmanuel Dreyfus reported that the use of ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. CVE-2017-3169 Vasileios Panopoulos of AdNovum Informatik AG discovered that mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port leading to a denial of service. CVE-2017-7659 Robert Swiecki reported that a specially crafted HTTP/2 request could cause mod_http2 to dereference a NULL pointer and crash the server process. CVE-2017-7668 Javier Jimenez reported that the HTTP strict parsing contains a flaw leading to a buffer overread in ap_find_token(). A remote attacker can take advantage of this flaw by carefully crafting a sequence of request headers to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. CVE-2017-7679 ChenQin and Hanno Boeck reported that mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. For the oldstable distribution (jessie), these problems have been fixed in version 2.4.10-10+deb8u9. The oldstable distribution (jessie) is not affected by CVE-2017-7659. For the stable distribution (stretch), these problems have been fixed in version 2.4.25-3+deb9u1. For the unstable distribution (sid), these problems have been fixed in version 2.4.25-4. We recommend that you upgrade your apache2 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3894-1 security ( -at -) debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 22, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : graphite2 CVE ID : CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777 CVE-2017-7778 Multiple vulnerabilities have been found in the Graphite font rendering engine which might result in denial of service or the execution of arbitrary code if a malformed font file is processed. For the oldstable distribution (jessie), these problems have been fixed in version 1.3.10-1~deb8u1. For the stable distribution (stretch), these problems have been fixed prior to the initial release. We recommend that you upgrade your graphite2 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3895-1 security ( -at -) debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 22, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : flatpak CVE ID : CVE-2017-9780 It was discovered that Flatpak, an application deployment framework for desktop apps insufficiently restricted file permissinons in third-party repositories, which could result in privilege escalation. For the stable distribution (stretch), this problem has been fixed in version 0.8.5-2+deb9u1. For the unstable distribution (sid), this problem has been fixed in version 0.8.7-1. We recommend that you upgrade your flatpak packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

View this email in your browser (http://mailchi.mp/hothardware/intel-optane-memory-with-3d-xpoint-review-easy-robust-pc-acceleration-1082825?e=0c004f9c13) The slim, sleek Razer Blade gaming laptop we'll be looking at here is an interesting beast that does its best to perform a balancing act of sorts. The gaming laptop arena is a landscape full of compromises. Gamers generally crave the most powerful technologies on the market, but until we can cram 8K displays into a fanless 13-inch form factor with dual Titan X GPUs and physics-defying thermal headroom, sacrifices obviously must be made. Now, there are a plethora of gaming notebooks to rival even the best desktops, though many of these are not easy to tote around and battery life is a distant afterthought. However, if you can temper your performance expectations just a touch - say to a more mainstream 1080p display resolution - a rising class of ultraportable gaming laptops is arriving to market and that's exactly the segment the newly refreshed 2017 Razer Blade is attacking. Razer Blade 2017 Review: Solid Gaming Performance In An Ultrabook Form Factor (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=17d1593581&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=2e6eec7efd&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=2a7d83973e&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=ba8bb2c219&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=e9a9a37a4c&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=ab4c9cd3e0&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=94667663a5&e=0c004f9c13 ============================================================

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Das Keyboard Prime 13 Link: https://www.techpowerup.com/reviews/Das_Keyboard/Das_Keyboard_Prime_13 Brief: The Das Keyboard Prime 13 is Das Keyboard acknowledging that some people want the excellent build quality of their flagship products at a lower price point. Add on back-lighting, a USB pass-through instead of a hub, retain the Cherry MX switches and the Prime 13 offers an option worth looking into.

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Das Keyboard Prime 13 Link: https://www.techpowerup.com/reviews/Das_Keyboard/Das_Keyboard_Prime_13 Brief: The Das Keyboard Prime 13 is Das Keyboard acknowledging that some people want the excellent build quality of their flagship products at a lower price point. Add on back-lighting, a USB pass-through instead of a hub, retain the Cherry MX switches and the Prime 13 offers an option worth looking into.

If you are mining Ethereum you might have noticed that your hashrate recently dropped if you are using AMD Radeon RX 400/500 series cards. Seeing your mining hashrate drop is nothing new for Ether miners and it is usually due to the growing DAG file size. When the move to DAG epoch #130 happened it seems that the AMD Radeon 400/500 series cards took a performance hit while the NVIDIA GeForce GTX 1000 series cards and older AMD Radeon 200/300 series cards did not. Let's take a look at some NVIDIA and AMD video cards and see what will happen months down the road at future DAG sizes. Article Title: Ethereum Hashrate Performance Drop Might Be Coming – AMD and NVIDIA GPUs Tested ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/ethereum-hashrate-performance-drop-might-coming-amd-nvidia-gpus-tested_195702 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =

========================================================================== Kernel Live Patch Security Notice LSN-0024-1 June 21, 2017 linux vulnerability ========================================================================== A security issue affects these releases of Ubuntu: | Series | Base kernel | Arch | flavors | |------------------+--------------+----------+------------------| | Ubuntu 16.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 16.04 LTS | 4.4.0 | amd64 | lowlatency | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | generic | | Ubuntu 14.04 LTS | 4.4.0 | amd64 | lowlatency | Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364) Update instructions: The problem can be corrected by up[censored] your livepatches to the following versions: | Kernel | Version | flavors | |-----------------+----------+--------------------------| | 4.4.0-21.37 | 24.2 | generic, lowlatency | | 4.4.0-22.39 | 24.2 | generic, lowlatency | | 4.4.0-22.40 | 24.2 | generic, lowlatency | | 4.4.0-24.43 | 24.2 | generic, lowlatency | | 4.4.0-28.47 | 24.2 | generic, lowlatency | | 4.4.0-31.50 | 24.2 | generic, lowlatency | | 4.4.0-34.53 | 24.2 | generic, lowlatency | | 4.4.0-36.55 | 24.2 | generic, lowlatency | | 4.4.0-38.57 | 24.2 | generic, lowlatency | | 4.4.0-42.62 | 24.2 | generic, lowlatency | | 4.4.0-43.63 | 24.2 | generic, lowlatency | | 4.4.0-45.66 | 24.2 | generic, lowlatency | | 4.4.0-47.68 | 24.2 | generic, lowlatency | | 4.4.0-51.72 | 24.2 | generic, lowlatency | | 4.4.0-53.74 | 24.2 | generic, lowlatency | | 4.4.0-57.78 | 24.2 | generic, lowlatency | | 4.4.0-59.80 | 24.2 | generic, lowlatency | | 4.4.0-62.83 | 24.2 | generic, lowlatency | | 4.4.0-63.84 | 24.2 | generic, lowlatency | | 4.4.0-64.85 | 24.2 | generic, lowlatency | | 4.4.0-66.87 | 24.2 | generic, lowlatency | | 4.4.0-67.88 | 24.2 | generic, lowlatency | | 4.4.0-70.91 | 24.2 | generic, lowlatency | | 4.4.0-71.92 | 24.2 | generic, lowlatency | | 4.4.0-72.93 | 24.2 | generic, lowlatency | | 4.4.0-75.96 | 24.2 | generic, lowlatency | | 4.4.0-77.98 | 24.2 | generic, lowlatency | | 4.4.0-78.99 | 24.2 | generic, lowlatency | | 4.4.0-79.100 | 24.2 | generic, lowlatency | | lts-4.4.0-21.37_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-22.39_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-22.40_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-24.43_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-28.47_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-31.50_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-34.53_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-36.55_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-38.57_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-42.62_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-45.66_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-47.68_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-51.72_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-53.74_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-57.78_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-59.80_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-62.83_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-63.84_14.04.2-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-64.85_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-66.87_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-70.91_14.04.1-lts-xenial | 24.2 | generic, lowlatency | | lts-4.4.0-71.92_14.04.1-lts-xenial | 24.2 | generic, lowlatency | Additionally, you should install an updated kernel with these fixes and reboot at your convienience. References: CVE-2017-1000364 --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openvpn (SSA:2017-172-01) New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/openvpn-2.3.17-i586-1_slack14.2.txz: Upgraded. This update fixes several denial of service issues discovered by Guido Vranken. For more information, see: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7508 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7520 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7521 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7512 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7522 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/openvpn-2.3.17-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/openvpn-2.3.17-x86_64-1_slack13.0.txz Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/openvpn-2.3.17-i486-1_slack13.1.txz Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/openvpn-2.3.17-x86_64-1_slack13.1.txz Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/openvpn-2.3.17-i486-1_slack13.37.txz Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/openvpn-2.3.17-x86_64-1_slack13.37.txz Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/openvpn-2.3.17-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/openvpn-2.3.17-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/openvpn-2.3.17-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/openvpn-2.3.17-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/openvpn-2.3.17-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/openvpn-2.3.17-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/openvpn-2.4.3-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/openvpn-2.4.3-x86_64-1.txz MD5 signatures: +-------------+ Slackware 13.0 package: 326003ba4359c994d9d9451d8c811a7c openvpn-2.3.17-i486-1_slack13.0.txz Slackware x86_64 13.0 package: 38d3e975bd173066d417c00817b1926f openvpn-2.3.17-x86_64-1_slack13.0.txz Slackware 13.1 package: 9d90bff4b3934035000e0a637dcd5870 openvpn-2.3.17-i486-1_slack13.1.txz Slackware x86_64 13.1 package: bf3e8104d8f53c2a5cabbde3cd1175f3 openvpn-2.3.17-x86_64-1_slack13.1.txz Slackware 13.37 package: 4394a24fc1745b619a6d640da18a17df openvpn-2.3.17-i486-1_slack13.37.txz Slackware x86_64 13.37 package: 7231d5dc636ccf47fca8fb60d92c6e9c openvpn-2.3.17-x86_64-1_slack13.37.txz Slackware 14.0 package: 37a195492c74384fa7a95f9b8c5d528d openvpn-2.3.17-i486-1_slack14.0.txz Slackware x86_64 14.0 package: dc3a2cdf61c2b1d796ed0663f9deeb77 openvpn-2.3.17-x86_64-1_slack14.0.txz Slackware 14.1 package: 601bfdb72e6fef2a0d8108ea33f5cf5d openvpn-2.3.17-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 6329704b8a952f3de8b64fe3b294d5ab openvpn-2.3.17-x86_64-1_slack14.1.txz Slackware 14.2 package: 0d4cb74aab8225c1967f37c9e1bff8f4 openvpn-2.3.17-i586-1_slack14.2.txz Slackware x86_64 14.2 package: f70fdb325b03da7b18bcfadda367e7b9 openvpn-2.3.17-x86_64-1_slack14.2.txz Slackware -current package: e8aec8c39f95837fd4632167e7844a65 n/openvpn-2.4.3-i586-1.txz Slackware x86_64 -current package: b580604ff3b78acd74805c41d4c2bcc8 n/openvpn-2.4.3-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg openvpn-2.3.17-i586-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+

Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* Asus Prime X299 Deluxe ( -at -) LanOC Reviews <https://lanoc.org/review/motherboards/7567-asus-prime-x299-deluxe> *DESCRIPTION:* So yesterday I took a look at the controversial Core-X CPUs from Intel. One of the best parts about a new enthusiast chipset and CPUs though are all the amazing motherboards that come along with them. During Computex, all of the boards were shown off but availability right before the launch was tight so the only board to come in time was the Asus Prime X299 Deluxe. Being a Prime board it isn’t super flashy but Asus didn’t skimp on the features at all. On top of being packed full of anything you can ask for the board even has unexpected features like a Wireless AD adapter in addition to the standard a/b/g/n/ac adapter and it even has a what they call LiveDash, a small display that is customizable and goes well beyond the standard LED post indicator. So today I’m going to try to get through all of the features of the Prime X299 Deluxe and see what else Asus is hiding. *ARTICLE URL:* https://lanoc.org/review/motherboards/7567-asus-prime-x299-deluxe *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/asus_prime_x299_deluxe/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/asus_prime_x299_deluxe/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>

CentOS Errata and Security Advisory 2017:1561 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1561.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 9e268e52bbc826c0e2ad4ee804b95db2b3c874a4f96658c15fda3b79d84bda3c thunderbird-52.2.0-1.el7.centos.x86_64.rpm Source: 802b57f128068ba42e4a6fa556756730a292ead0e63abaa7f8912af50d0f5171 thunderbird-52.2.0-1.el7.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

CentOS Errata and Security Advisory 2017:1561 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1561.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 70a45d6a3b92b5c9970257d149ca4fa4428d62c75e245299563d61a10aec037e thunderbird-52.2.0-1.el6.centos.i686.rpm x86_64: 7b777b66db9c43a40e63cfd7e61bb8c73cc0aa39c039e9498723e4f6c805f651 thunderbird-52.2.0-1.el6.centos.x86_64.rpm Source: 72733c2edb7195559579b6aa2340c22b2dedbb66f4c6f1f92882a29afed40969 thunderbird-52.2.0-1.el6.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

We've upgraded the ostree repo for CentOS Atomic Host (v7.1705.1) to include the packages affected by this advisory. You can upgrade your CentOS Atomic Host to this version with the command: atomic host upgrade --reboot Upgraded: ca-certificates 2017.2.11-70.1.el7_3 -> 2017.2.14-70.1.el7_3 glibc 2.17-157.el7_3.2 -> 2.17-157.el7_3.4 glibc-common 2.17-157.el7_3.2 -> 2.17-157.el7_3.4 kernel 3.10.0-514.21.1.el7 -> 3.10.0-514.21.2.el7 python-perf 3.10.0-514.21.1.el7 -> 3.10.0-514.21.2.el7 rpcbind 0.2.0-38.el7_3 -> 0.2.0-38.el7_3.1 ---------- Forwarded message ---------- From: Johnny Hughes Date: Tue, Jun 20, 2017 at 8:31 AM Subject: [CentOS-announce] CESA-2017:1484 Important CentOS 7 kernel Security Update To: centos-announce ( -at -) centos.org CentOS Errata and Security Advisory 2017:1484 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1484.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 5bf01ddf86b01221e0958422ec627961d035551e0474ac10245dc4958800705f kernel-3.10.0-514.21.2.el7.x86_64.rpm 232a0f622143e55d9011f3808471aad219396cccd156f24687b156b6d432a608 kernel-abi-whitelists-3.10.0-514.21.2.el7.noarch.rpm 967dc375e96b08d16737aad6d9630e6b47903dd02ce6d7a916c741eee78afc51 kernel-debug-3.10.0-514.21.2.el7.x86_64.rpm e68aa2a3377cdf058843658dbf4447d0091538891b0fa1bcd79c1a0dd2c9ce34 kernel-debug-devel-3.10.0-514.21.2.el7.x86_64.rpm 5000ca51295103b942c4941a5d2e53a6a78aadc08708d32c2ace22c227a58c4d kernel-devel-3.10.0-514.21.2.el7.x86_64.rpm ad28e256a053af55c9167e6d4ef737bf334b128df16cddc023e845c9f6a94480 kernel-doc-3.10.0-514.21.2.el7.noarch.rpm 62b49e8818f09e2833753e8bd1d861aa36a05b1f8982adcb80bf7f5cc9c8af24 kernel-headers-3.10.0-514.21.2.el7.x86_64.rpm 4a5b113ba6761d64045250d364470007c8961d8f374d4321bd3db24c629c4a9b kernel-tools-3.10.0-514.21.2.el7.x86_64.rpm 2c4d3a43385253a681618b4d0135753d893bd312fb82f19eb4d958c713d28bb9 kernel-tools-libs-3.10.0-514.21.2.el7.x86_64.rpm 7bc126ec06ffde55cf2217eb43cc44fdf96628131a5806f6303faad8e6b63252 kernel-tools-libs-devel-3.10.0-514.21.2.el7.x86_64.rpm 9d55662dadce103200676da60fce559da8d9bacea7fc38930e461c2a52665a7b perf-3.10.0-514.21.2.el7.x86_64.rpm d9ef263dba6b41ad7d4e1282a63ae04a1614788a1988485455448c0cf0034eb8 python-perf-3.10.0-514.21.2.el7.x86_64.rpm Source: 3235af92f1e1681e86df0c33bf822a56c7f9f54bdb88746dffb8764cf8bc7db5 kernel-3.10.0-514.21.2.el7.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________

SUSE Security Update: Security update for openvpn ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1635-1 Rating: important References: #1044947 Cross-References: CVE-2017-7508 CVE-2017-7520 CVE-2017-7521 Affected Products: SUSE OpenStack Cloud 6 SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for openvpn fixes the following issues: - Some parts of the certificate-parsing code did not always clear all allocated memory. This would have allowed clients to leak a few bytes of memory for each connection attempt, thereby facilitating a (quite inefficient) DoS attack on the server. [bsc#1044947, CVE-2017-7521] - The ASN1 parsing code contained a bug that could have resulted in some buffers being free()d twice, and this issue could have potentially been triggered remotely by a VPN peer. [bsc#1044947, CVE-2017-7521] - If clients used a HTTP proxy with NTLM authentication, a man-in-the-middle attacker between client and proxy could cause the client to crash or disclose at most 96 bytes of stack memory. The disclosed stack memory was likely to contain the proxy password. If the proxy password had not been reused, this was unlikely to compromise the security of the OpenVPN tunnel itself. Clients who did not use the --http-proxy option with ntlm2 authentication were not affected. [bsc#1044947, CVE-2017-7520] - It was possible to trigger an assertion by sending a malformed IPv6 packet. That issue could have been abused to remotely shutdown an openvpn server or client, if IPv6 and --mssfix were enabled and if the IPv6 networks used inside the VPN were known. [bsc#1044947, CVE-2017-7508] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 6: zypper in -t patch SUSE-OpenStack-Cloud-6-2017-1011=1 - SUSE Linux Enterprise Server for SAP 12-SP1: zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-1011=1 - SUSE Linux Enterprise Server for SAP 12: zypper in -t patch SUSE-SLE-SAP-12-2017-1011=1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-1011=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-1011=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-1011=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2017-1011=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-1011=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 6 (x86_64): openvpn-2.3.8-16.17.1 openvpn-auth-pam-plugin-2.3.8-16.17.1 openvpn-auth-pam-plugin-debuginfo-2.3.8-16.17.1 openvpn-debuginfo-2.3.8-16.17.1 openvpn-debugsource-2.3.8-16.17.1 - SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64): openvpn-2.3.8-16.17.1 openvpn-auth-pam-plugin-2.3.8-16.17.1 openvpn-auth-pam-plugin-debuginfo-2.3.8-16.17.1 openvpn-debuginfo-2.3.8-16.17.1 openvpn-debugsource-2.3.8-16.17.1 - SUSE Linux Enterprise Server for SAP 12 (x86_64): openvpn-2.3.8-16.17.1 openvpn-auth-pam-plugin-2.3.8-16.17.1 openvpn-auth-pam-plugin-debuginfo-2.3.8-16.17.1 openvpn-debuginfo-2.3.8-16.17.1 openvpn-debugsource-2.3.8-16.17.1 - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (aarch64): openvpn-2.3.8-16.17.1 openvpn-auth-pam-plugin-2.3.8-16.17.1 openvpn-auth-pam-plugin-debuginfo-2.3.8-16.17.1 openvpn-debuginfo-2.3.8-16.17.1 openvpn-debugsource-2.3.8-16.17.1 - SUSE Linux Enterprise Server 12-SP2 (aarch64 ppc64le x86_64): openvpn-2.3.8-16.17.1 openvpn-auth-pam-plugin-2.3.8-16.17.1 openvpn-auth-pam-plugin-debuginfo-2.3.8-16.17.1 openvpn-debuginfo-2.3.8-16.17.1 openvpn-debugsource-2.3.8-16.17.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64): openvpn-2.3.8-16.17.1 openvpn-auth-pam-plugin-2.3.8-16.17.1 openvpn-auth-pam-plugin-debuginfo-2.3.8-16.17.1 openvpn-debuginfo-2.3.8-16.17.1 openvpn-debugsource-2.3.8-16.17.1 - SUSE Linux Enterprise Server 12-LTSS (ppc64le s390x x86_64): openvpn-2.3.8-16.17.1 openvpn-auth-pam-plugin-2.3.8-16.17.1 openvpn-auth-pam-plugin-debuginfo-2.3.8-16.17.1 openvpn-debuginfo-2.3.8-16.17.1 openvpn-debugsource-2.3.8-16.17.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): openvpn-2.3.8-16.17.1 openvpn-debuginfo-2.3.8-16.17.1 openvpn-debugsource-2.3.8-16.17.1 References: https://www.suse.com/security/cve/CVE-2017-7508.html https://www.suse.com/security/cve/CVE-2017-7520.html https://www.suse.com/security/cve/CVE-2017-7521.html https://bugzilla.suse.com/1044947 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

SUSE Security Update: Security update for openvpn ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1642-1 Rating: important References: #1044947 Cross-References: CVE-2017-7508 Affected Products: SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for openvpn fixes the following issues: - It was possible to trigger an assertion by sending a malformed IPv6 packet. That issue could have been abused to remotely shutdown an openvpn server or client, if IPv6 and --mssfix were enabled and if the IPv6 networks used inside the VPN were known. [bsc#1044947, CVE-2017-7508] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-openvpn-13166=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-openvpn-13166=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-openvpn-13166=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-openvpn-13166=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-openvpn-13166=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): openvpn-2.0.9-143.46.1 openvpn-auth-pam-plugin-2.0.9-143.46.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): openvpn-2.0.9-143.46.1 openvpn-auth-pam-plugin-2.0.9-143.46.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): openvpn-2.0.9-143.46.1 openvpn-auth-pam-plugin-2.0.9-143.46.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): openvpn-debuginfo-2.0.9-143.46.1 openvpn-debugsource-2.0.9-143.46.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): openvpn-debuginfo-2.0.9-143.46.1 openvpn-debugsource-2.0.9-143.46.1 References: https://www.suse.com/security/cve/CVE-2017-7508.html https://bugzilla.suse.com/1044947 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Noontec's Zoro II wireless headphones embrace the headphone-jack-free future with a Bluetooth connection and a long-lasting internal battery. We jammed out with the Zoro II to see whether it's time to cut the cord. Read more: http://techreport.com/review/32028/noontec-zoro-ii-wireless-limited-edition-headphones-reviewed -- To unsubscribe from: TR-News, just follow this link: http://node1.techreport.com/cgi-bin/dada/mail.cgi/u/trnews/reviewnews// Click this link, or copy and paste the address into your browser.

Noontec's Zoro II wireless headphones embrace the headphone-jack-free future with a Bluetooth connection and a long-lasting internal battery. We jammed out with the Zoro II to see whether it's time to cut the cord. Read more: http://techreport.com/review/32028/noontec-zoro-ii-wireless-limited-edition-headphones-reviewed -- To unsubscribe from: TR-News, just follow this link: http://node1.techreport.com/cgi-bin/dada/mail.cgi/u/trnews/reviewnews// Click this link, or copy and paste the address into your browser.

The Gigabyte Aorus AX370-Gaming 5 motherboard includes all the features you demand on a modern motherboard. If storage options are your main focus, the AX370-Gaming 5 includes support for up to six SATA 6GB/s drives (which includes dual SATA Express ports), a single M.2 or U.2 slots, USB 3.1 Gen 1 and USB 3.1 Gen 2. Networking they have you covered as well, by implementing an Intel GbE NIC and a Killer E2500 GbE NIC. Read on to see if this motherboard could be the one you use to build your next PC! Article Title: Gigabyte Aorus AX370-Gaming 5 Motherboard Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/gigabyte-aorus-ax370-gaming-5-motherboard-review_192022 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =

Title: Arozzi Verona Pro V2 Gaming Chair Review ( -at -) NikKTech Description: After taking into account customer feedback Arozzi revamped their quite successful Verona Pro Gaming Chair to make it the ideal choice for larger people. The Verona Pro V2 model was the result and it has been here with us for almost 2 weeks. Article Link: https://www.nikktech.com/main/articles/peripherals/gaming-chairs/7939-arozzi -verona-pro-v2-gaming-chair-review Image Link: http://www.nikktech.com/main/images/pics/reviews/arozzi/verona_pro_v2/arozzi _verona_v2_proa.jpg A News Post Would Be Appreciated. Thanks In Advance. Sincerely Nik Kastrantas