Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news

    VIVO CASE-V07 Review @ OCC

    news posted a topic in Upcoming News

    A news post would be great. OCC has published a review on the VIVO CASE-V07 Case Here is a quote from the review: Quote: â€ÂI wasn't sure what to expect at first, since VIVO is known more for monitor mounts, TV mounts, and other non-computer case-related hardware. However, I am not disappointed. The CASE-V07 hits the sweet spot between afforability and features. Not long ago, case designers had to squeeze out as much space as possible for 3.5" hard drives. Now that solid state and M.2 drives have become mainstream, space has opened up for case designers. Plus, as optical drives are slowly being phased out and liquid cooling support gains popularity, case layouts have evolved to use this freed up space. The V07 seems to be sort of in that transitional phase. It still has a spot for an optical drive and a couple of the old 3.5" drives, but isn't full of the associated hard drive cages and support structures that really get in the way and take up valuable space.†Title: VIVO CASE-V07 Review Link: http://www.overclockersclub.com/reviews/vivo_case_v07/ Img: http://www.overclockersclub.com/siteimages/articles/vivo_case_v07/case-v07_01_thumb.jpg
  2. news
    SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1238-1 Rating: important References: #1038281 Cross-References: CVE-2017-3068 CVE-2017-3069 CVE-2017-3070 CVE-2017-3071 CVE-2017-3072 CVE-2017-3073 CVE-2017-3074 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: This update for flash-player fixes the following issues: - Security update to 25.0.0.171 (bsc#1038281), fixing the following vulnerabilities advised under APSB17-15: * Use-after-free vulnerability that could lead to code execution (CVE-2017-3071). * Memory corruption vulnerabilities that could lead to code execution (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074). * Details: https://helpx.adobe.com/security/products/flash-player/apsb17-15.html Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-738=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-738=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): flash-player-25.0.0.171-168.1 flash-player-gnome-25.0.0.171-168.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): flash-player-25.0.0.171-168.1 flash-player-gnome-25.0.0.171-168.1 References: https://www.suse.com/security/cve/CVE-2017-3068.html https://www.suse.com/security/cve/CVE-2017-3069.html https://www.suse.com/security/cve/CVE-2017-3070.html https://www.suse.com/security/cve/CVE-2017-3071.html https://www.suse.com/security/cve/CVE-2017-3072.html https://www.suse.com/security/cve/CVE-2017-3073.html https://www.suse.com/security/cve/CVE-2017-3074.html https://bugzilla.suse.com/1038281 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  3. news
    View this email in your browser (http://mailchi.mp/hothardware/intel-optane-memory-with-3d-xpoint-review-easy-robust-pc-acceleration-1082758?e=0c004f9c13) If you want an early look at what to expect with NVIDIA’s next generation of high performance GeForce graphics processors, code-named Volta, today at GTC 2017 the company's CEO Jen-Hsun Huang just offered the first public unveiling of a product based on the next generation GPU architecture. NVIDIA just announced its new Tesla V100 accelerator that's designed for accelerating AI and machine learning applications. It's powered by Volta and it's looking like a mighty beast. NVIDIA Unveils Beastly Tesla V100 Powered By Volta GPU With 5120 CUDA Cores And HBM2 (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=05a128c722&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=56c91c693d&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=459387b977&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=1b5052b637&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=91c0e9fd0c&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=9376e36ded&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=db82db17bd&e=0c004f9c13 ============================================================
  4. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: HyperX Alloy FPS Mechanical Keyboard Link: https://www.techpowerup.com/reviews/HyperX/Alloy_FPS Brief: The Alloy FPS is the first keyboard to come out of Kingston's gaming brand, HyperX. It has a minimalist bezel design, features a thick steel frame for rigidity, floating keycaps, backlighting, and the use of Cherry MX switches in various layouts for customers around the world. To help sweeten the deal, HyperX includes a travel sleeve, a USB pass-through, and replacement keycaps as well.
  5. news
    Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* A look at Mionix’s new Castor options ( -at -) LanOC Reviews <https://lanoc.org/review/input-devices/7524-a-look-at-mionix-s-new-castor-options> *DESCRIPTION:* All the way back in 2015 I had the chance to take a look at the Castor mouse from Mionix and I loved it. It had a great shape, used a quality sensor and switches and was a big step forward in the market. Over the last few years the Castor has continued to be a great mouse for Mionix and recently they announced a few new variations on the Castor that keep the same features I loved with the original. The new models are just recolors but in the world of matching everything to fit your personality or style, it is cool to see a company not just using RGB for colors. I reached out to Mionix and today I’m going to take a quick look at the new color options, especially the “Castor Frosting†model that they sent over to check out. *ARTICLE URL:* https://lanoc.org/review/input-devices/7524-a-look-at-mionix-s-new-castor-options *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/mionix_castor_colors/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/mionix_castor_colors/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>
  6. news
    SUSE Security Update: Security update for tomcat ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1229-1 Rating: important References: #1015119 #1033447 #1033448 Cross-References: CVE-2016-8745 CVE-2017-5647 CVE-2017-5648 Affected Products: SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 SUSE Linux Enterprise Server 12-SP2 ______________________________________________________________________________ An update that fixes three vulnerabilities is now available. Description: This update for tomcat fixes the following issues: - CVE-2017-5647 Pipelined requests could lead to information disclosure (bsc#1033448) - CVE-2017-5648 Untrusted application could retain listener leading to information disclosure (bsc#1033447) - CVE-2016-8745 shared Processor on Connector code could lead to information disclosure (bsc#1015119) Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2: zypper in -t patch SUSE-SLE-RPI-12-SP2-2017-733=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-733=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (noarch): tomcat-8.0.43-23.1 tomcat-admin-webapps-8.0.43-23.1 tomcat-docs-webapp-8.0.43-23.1 tomcat-el-3_0-api-8.0.43-23.1 tomcat-javadoc-8.0.43-23.1 tomcat-jsp-2_3-api-8.0.43-23.1 tomcat-lib-8.0.43-23.1 tomcat-servlet-3_1-api-8.0.43-23.1 tomcat-webapps-8.0.43-23.1 - SUSE Linux Enterprise Server 12-SP2 (noarch): tomcat-8.0.43-23.1 tomcat-admin-webapps-8.0.43-23.1 tomcat-docs-webapp-8.0.43-23.1 tomcat-el-3_0-api-8.0.43-23.1 tomcat-javadoc-8.0.43-23.1 tomcat-jsp-2_3-api-8.0.43-23.1 tomcat-lib-8.0.43-23.1 tomcat-servlet-3_1-api-8.0.43-23.1 tomcat-webapps-8.0.43-23.1 References: https://www.suse.com/security/cve/CVE-2016-8745.html https://www.suse.com/security/cve/CVE-2017-5647.html https://www.suse.com/security/cve/CVE-2017-5648.html https://bugzilla.suse.com/1015119 https://bugzilla.suse.com/1033447 https://bugzilla.suse.com/1033448 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  7. news
    Fractal Design Celsius S24 Liquid CPU Cooler Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/fractal-design-celsius-s24-liquid-cpu-cooler-review/ Image URL: http://www.thinkcomputers.org/reviews/fractal_celsius_s24/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/fractal_celsius_s24/small.jpg Quote: "When you hear the name Fractal Design you instantly think PC Case, which you should.  Fractal Design came on the scene with their PC cases, many of which we've reviewed over the years.  Back in 2014 Fractal Design entered the all-in-one liquid cooling market with their Kelvin line of coolers.  Well it is 2017 and Fractal Design is releasing a new line of all-in-one liquid CPU coolers.  The Celsius series builds upon proven technology with cutting edge advancements and premium sound dampening materials to deliver extreme cooling performance with minimum noise output.  Fractal Design in launching the Celsius Series with the S24 (240 mm) and S36 (360 mm).  These coolers have some features that you just won't find on other AiO's out there.  We are taking a look at the S24 today, let's jump in!"
  8. news
    Fractal Design Celsius S24 (240mm liquid cooler, alum. radiator) ------------------------------------------------------------ http://mailchi.mp/kitguru/fractal-design-celsius-s24-240mm-liquid-cooler-alum-radiator?e=872093acb5 http://www.kitguru.net Fractal Design Celsius S24 (240mm liquid cooler, alum. radiator) Fractal Design is changing direction with its new duo of Celsius liquid coolers that consists of the 240mm Celsius S24 and 360mm Celsius S36. We have previously reviewed Fractal Design Kelvin which is based on a copper radiator and technology from Alphacool and now it’s the turn for Celsius which uses an aluminium radiator and is made by Asetek. This liquid cooler uses the latest 5th Generation Asetek technology which is used by other companies such as NZXT and EVGA however Celsius S24 is unlike any other liquid cooler we have seen before. Read the review here: http://www.kitguru.net/components/leo-waldock/fractal-design-celsius-s24-240mm-liquid-cooler-aluminium-radiator/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=1962273520&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.
  9. news
    CFast 2.0 memory cards were specifically developed for next-generation professional video applications as 2K video was common and full-frame 4K video was gaining traction among high-end production companies and individual enthusiasts. Today, SanDisk has launched their latest CFast 2.0 card, the SanDisk Extreme PRO to give professional videographers and photographers the ability to squeeze out the best performance from their camera equipment. The SanDisk Extreme PRO is designed to have write speeds up to 450 MB/s and read speeds up to 525 MB/s. Article Title: SanDisk Extreme Pro 64GB CFast 2.0 Memory Card Review ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/sandisk-extreme-pro-64gb-cfast-2-0-memory-card-review_194299 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =
  10. news
    Visit Hardware Asylum - http://www.hardwareasylum.com body { margin: 0px; padding: 10px; text-align: left; background-color: #FFF; } #header { vertical-align: top; height: 80px; } #footer { font-family: arial, Helvetica, sans-serif; font-size: 10px; color: #000; margin-top: 5px; padding: 3px; } .titletext { font-family: Arial, Helvetica, sans-serif; font-size: 18px; font-weight: bold; color: #852222; } .subtitletext { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; color: #9E9E9E; } .bodytext { font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #000000; } .smalltext { font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #9E9E9E; } b { font-weight: bold; } i { font-style: italic; } a { color: #C00; } Hello Everyone,Sometimes consumers are cheap, like really cheap, and cannot afford "the good stuff" but still want something. Err something like that, bottom line Cooler Master has a Mastercase on the cheap and it isn't all bad.Subject: Cooler Master MasterBox Lite 5 Case Review ( -at -) Hardware AsylumURL: http://www.hardwareasylum.com/reviews/cases/cm_masterbox-lite-5Quote: The new MasterBox Lite 5 is a stylish entry level chassis that builds on the modular concept and is yet targeted at mainstream builders looking for no-nonsense case.A news posting would be appreciated.ThanksDennis Garciahttp://www.hardwareasylum.com To no longer receive these types of emails please send a copy of this message to us at support ( -at -) hardwareasylum.com and we'll remove you from the list. Copyright © Hardware Asylum 1999-2013 All rights reserved
  11. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.8.0-ibm security update Advisory ID: RHSA-2017:1220-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2017:1220 Issue date: 2017-05-10 CVE Names: CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 ===================================================================== 1. Summary: An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Supplementary (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Supplementary (v. 7) - x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 7) - x86_64 3. Description: IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR4-FP5. Security Fix(es): * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page, listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-1289, CVE-2017-3509, CVE-2017-3511, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of IBM Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1402345 - CVE-2016-9840 zlib: Out-of-bounds pointer arithmetic in inftrees.c 1402346 - CVE-2016-9841 zlib: Out-of-bounds pointer arithmetic in inffast.c 1402348 - CVE-2016-9842 zlib: Undefined left shift of negative number 1402351 - CVE-2016-9843 zlib: Big-endian out-of-bounds pointer 1443007 - CVE-2017-3511 OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528) 1443052 - CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520) 1443068 - CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533) 1443083 - CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222) 1443097 - CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121) 1449603 - CVE-2017-1289 IBM JDK: XML External Entity Injection (XXE) error when processing XML data 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-plugin-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el6_9.i686.rpm x86_64: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-plugin-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-plugin-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el6_9.i686.rpm ppc64: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el6_9.ppc64.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el6_9.ppc64.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el6_9.ppc64.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el6_9.ppc64.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el6_9.ppc64.rpm s390x: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el6_9.s390x.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el6_9.s390x.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el6_9.s390x.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el6_9.s390x.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el6_9.s390x.rpm x86_64: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-plugin-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-plugin-1.8.0.4.5-1jpp.1.el6_9.i686.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el6_9.i686.rpm x86_64: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-plugin-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Client Supplementary (v. 7): x86_64: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.i686.rpm java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.i686.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-plugin-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Supplementary (v. 7): x86_64: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.i686.rpm java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.i686.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 7): ppc64: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.ppc.rpm java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.ppc64.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el7_3.ppc64.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.ppc.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.ppc64.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el7_3.ppc64.rpm java-1.8.0-ibm-plugin-1.8.0.4.5-1jpp.1.el7_3.ppc64.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el7_3.ppc64.rpm ppc64le: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.ppc64le.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el7_3.ppc64le.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.ppc64le.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el7_3.ppc64le.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el7_3.ppc64le.rpm s390x: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.s390.rpm java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.s390x.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el7_3.s390x.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.s390.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.s390x.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el7_3.s390x.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el7_3.s390x.rpm x86_64: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.i686.rpm java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.i686.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-plugin-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 7): x86_64: java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.i686.rpm java-1.8.0-ibm-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-demo-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.i686.rpm java-1.8.0-ibm-devel-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-jdbc-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-plugin-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm java-1.8.0-ibm-src-1.8.0.4.5-1jpp.1.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9840 https://access.redhat.com/security/cve/CVE-2016-9841 https://access.redhat.com/security/cve/CVE-2016-9842 https://access.redhat.com/security/cve/CVE-2016-9843 https://access.redhat.com/security/cve/CVE-2017-1289 https://access.redhat.com/security/cve/CVE-2017-3509 https://access.redhat.com/security/cve/CVE-2017-3511 https://access.redhat.com/security/cve/CVE-2017-3533 https://access.redhat.com/security/cve/CVE-2017-3539 https://access.redhat.com/security/cve/CVE-2017-3544 https://access.redhat.com/security/updates/classification/#moderate https://developer.ibm.com/javasdk/support/security-vulnerabilities/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZExGGXlSAg2UNWIIRAs8MAJsFEQFUYclvB6VisGhQIgJXtCal3gCgwxzD czTnU1Fy416wYqQqvch4d1A= =gwgM -----END PGP SIGNATURE----- --
  12. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.7.1-ibm security update Advisory ID: RHSA-2017:1221-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2017:1221 Issue date: 2017-05-10 CVE Names: CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-3509 CVE-2017-3511 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 ===================================================================== 1. Summary: An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Supplementary (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Supplementary (v. 7) - x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 7) - x86_64 3. Description: IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP5. Security Fix(es): * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page, listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-1289, CVE-2017-3509, CVE-2017-3511, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of IBM Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1402345 - CVE-2016-9840 zlib: Out-of-bounds pointer arithmetic in inftrees.c 1402346 - CVE-2016-9841 zlib: Out-of-bounds pointer arithmetic in inffast.c 1402348 - CVE-2016-9842 zlib: Undefined left shift of negative number 1402351 - CVE-2016-9843 zlib: Big-endian out-of-bounds pointer 1443007 - CVE-2017-3511 OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528) 1443052 - CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520) 1443068 - CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533) 1443083 - CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222) 1443097 - CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121) 1449603 - CVE-2017-1289 IBM JDK: XML External Entity Injection (XXE) error when processing XML data 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.7.1-ibm-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-plugin-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.2.el6_9.i686.rpm x86_64: java-1.7.1-ibm-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.7.1-ibm-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.7.1-ibm-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-plugin-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.2.el6_9.i686.rpm ppc64: java-1.7.1-ibm-1.7.1.4.5-1jpp.2.el6_9.ppc64.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.2.el6_9.ppc64.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.2.el6_9.ppc64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.2.el6_9.ppc64.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.2.el6_9.ppc64.rpm s390x: java-1.7.1-ibm-1.7.1.4.5-1jpp.2.el6_9.s390x.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.2.el6_9.s390x.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.2.el6_9.s390x.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.2.el6_9.s390x.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.2.el6_9.s390x.rpm x86_64: java-1.7.1-ibm-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.7.1-ibm-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-plugin-1.7.1.4.5-1jpp.2.el6_9.i686.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.2.el6_9.i686.rpm x86_64: java-1.7.1-ibm-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.2.el6_9.x86_64.rpm Red Hat Enterprise Linux Client Supplementary (v. 7): x86_64: java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.i686.rpm java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Supplementary (v. 7): x86_64: java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.i686.rpm java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 7): ppc64: java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.ppc.rpm java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.ppc64.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.1.el7_3.ppc64.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.ppc.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.ppc64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.1.el7_3.ppc64.rpm java-1.7.1-ibm-plugin-1.7.1.4.5-1jpp.1.el7_3.ppc.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.1.el7_3.ppc64.rpm ppc64le: java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.ppc64le.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.1.el7_3.ppc64le.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.ppc64le.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.1.el7_3.ppc64le.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.1.el7_3.ppc64le.rpm s390x: java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.s390.rpm java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.s390x.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.1.el7_3.s390x.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.s390.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.s390x.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.1.el7_3.s390x.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.1.el7_3.s390x.rpm x86_64: java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.i686.rpm java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 7): x86_64: java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.i686.rpm java-1.7.1-ibm-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-demo-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.i686.rpm java-1.7.1-ibm-devel-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-jdbc-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-plugin-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm java-1.7.1-ibm-src-1.7.1.4.5-1jpp.1.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9840 https://access.redhat.com/security/cve/CVE-2016-9841 https://access.redhat.com/security/cve/CVE-2016-9842 https://access.redhat.com/security/cve/CVE-2016-9843 https://access.redhat.com/security/cve/CVE-2017-1289 https://access.redhat.com/security/cve/CVE-2017-3509 https://access.redhat.com/security/cve/CVE-2017-3511 https://access.redhat.com/security/cve/CVE-2017-3533 https://access.redhat.com/security/cve/CVE-2017-3539 https://access.redhat.com/security/cve/CVE-2017-3544 https://access.redhat.com/security/updates/classification/#moderate https://developer.ibm.com/javasdk/support/security-vulnerabilities/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZExMmXlSAg2UNWIIRAsSaAJ9BSHpn/c8kQOf7q3XZPP/oVIm5EgCgocMr XdQD+0ZfMYHkp0Tux+KrLuY= =uGgE -----END PGP SIGNATURE----- --
  13. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.6.0-ibm security update Advisory ID: RHSA-2017:1222-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2017:1222 Issue date: 2017-05-10 CVE Names: CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1289 CVE-2017-3509 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 ===================================================================== 1. Summary: An update for java-1.6.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP45. Security Fix(es): * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security Vulnerabilities page, listed in the References section. (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-1289, CVE-2017-3509, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of IBM Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1402345 - CVE-2016-9840 zlib: Out-of-bounds pointer arithmetic in inftrees.c 1402346 - CVE-2016-9841 zlib: Out-of-bounds pointer arithmetic in inffast.c 1402348 - CVE-2016-9842 zlib: Undefined left shift of negative number 1402351 - CVE-2016-9843 zlib: Big-endian out-of-bounds pointer 1443052 - CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520) 1443068 - CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533) 1443083 - CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222) 1443097 - CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121) 1449603 - CVE-2017-1289 IBM JDK: XML External Entity Injection (XXE) error when processing XML data 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-demo-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-devel-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-plugin-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-src-1.6.0.16.45-1jpp.1.el6_9.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node Supplementary (v. 6): x86_64: java-1.6.0-ibm-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-demo-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-devel-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-plugin-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-src-1.6.0.16.45-1jpp.1.el6_9.i686.rpm ppc64: java-1.6.0-ibm-1.6.0.16.45-1jpp.1.el6_9.ppc64.rpm java-1.6.0-ibm-demo-1.6.0.16.45-1jpp.1.el6_9.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.16.45-1jpp.1.el6_9.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.45-1jpp.1.el6_9.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.45-1jpp.1.el6_9.ppc64.rpm java-1.6.0-ibm-src-1.6.0.16.45-1jpp.1.el6_9.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.16.45-1jpp.1.el6_9.s390x.rpm java-1.6.0-ibm-demo-1.6.0.16.45-1jpp.1.el6_9.s390x.rpm java-1.6.0-ibm-devel-1.6.0.16.45-1jpp.1.el6_9.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.16.45-1jpp.1.el6_9.s390x.rpm java-1.6.0-ibm-src-1.6.0.16.45-1jpp.1.el6_9.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: java-1.6.0-ibm-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-demo-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-devel-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-javacomm-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-jdbc-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-plugin-1.6.0.16.45-1jpp.1.el6_9.i686.rpm java-1.6.0-ibm-src-1.6.0.16.45-1jpp.1.el6_9.i686.rpm x86_64: java-1.6.0-ibm-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm java-1.6.0-ibm-src-1.6.0.16.45-1jpp.1.el6_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9840 https://access.redhat.com/security/cve/CVE-2016-9841 https://access.redhat.com/security/cve/CVE-2016-9842 https://access.redhat.com/security/cve/CVE-2016-9843 https://access.redhat.com/security/cve/CVE-2017-1289 https://access.redhat.com/security/cve/CVE-2017-3509 https://access.redhat.com/security/cve/CVE-2017-3533 https://access.redhat.com/security/cve/CVE-2017-3539 https://access.redhat.com/security/cve/CVE-2017-3544 https://access.redhat.com/security/updates/classification/#moderate https://developer.ibm.com/javasdk/support/security-vulnerabilities/ 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZExNdXlSAg2UNWIIRAkMaAKCg0d0cYrmQd4Qrx0ywKxPbV71x9wCeIoNq cuW3HDm2eBB0IjxK/Or+xF8= =zKQZ -----END PGP SIGNATURE----- --
  14. news
    A simple application to access, organize and share your photos on GNOME. It is meant to be a simple and elegant replacement for using a file manager to deal with photos. Seamless cloud integration is offered through GNOME Online Accounts. Overview of changes in 3.22.6 ============================= * Bugs fixed: 765136 Changing the aspect ratio of the crop can make the selection larger than the image 778354 photos:insta-curve should support buffers with alpha channel Bugs: https://bugzilla.gnome.org/enter_bug.cgi?product=gnome-photos Design: https://wiki.gnome.org/Design/Apps/Photos Download: http://download.gnome.org/sources/gnome-photos/3.22/ Git: http://git.gnome.org/browse/gnome-photos Website: https://wiki.gnome.org/Apps/Photos Happy hacking, Debarshi _______________________________________________
  15. news
    *Fractal Design Celsius S36 review* Fractal Design today launched their Celsius series liquid cooling (AIC). We review their new 360mm radiator based model. These liquid cooling kits are pre-fitted with a single loop and ready to install straight out of the box. Armed with pretty nice looks, sleeved tubing and an attractive price, FD offers a competitive model in the massive LCS kit arena. Read the full review here <http://www.guru3d.com/articles-pages/fractal-design-celsius-s36-review,1.html>'>http://www.guru3d.com/articles-pages/fractal-design-celsius-s36-review,1.html> . URL: http://www.guru3d.com/articles-pages/fractal-design-celsius-s36-review,1.html <http://www.guru3d.com/articles-pages/fractal-design-celsius-s36-review,1.html> --
  16. news
    A simple application to access, organize and share your photos on GNOME. It is meant to be a simple and elegant replacement for using a file manager to deal with photos. Seamless cloud integration is offered through GNOME Online Accounts. Overview of changes in 3.24.2 ============================= * Bugs fixed: 778354 photos:insta-curve should support buffers with alpha channel * Updated translations: Gujarati Bugs: https://bugzilla.gnome.org/enter_bug.cgi?product=gnome-photos Design: https://wiki.gnome.org/Design/Apps/Photos Download: http://download.gnome.org/sources/gnome-photos/3.24/ Git: http://git.gnome.org/browse/gnome-photos Website: https://wiki.gnome.org/Apps/Photos Happy hacking, Debarshi _______________________________________________
  17. news
    Hardware Canucks is pleased to present our review of the new ASUS ROG STRIX Z270I GAMING ITX motherboard. *Article URL:* http://www.hardwarecanucks.com/forum/hardware-canucks-reviews/75255-asus-rog-strix-z270i-gaming-motherboard-review.html *Quote:* *They say good things come in small packages and ASUS' new ROG STRIX Z270I GAMING proves that. This tiny ITX motherboard packs all the performance and overclocking chops of boards twice its size. * We would appreciate it if you would post this in your News section. Regards, -- Hardware Canucks News Team
  18. news
    CentOS Errata and Security Advisory 2017:1202 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1202.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: c1b56581baba94701da450a96e6ab96f6ac4f083e5f421c3ebe7124aa3411179 bind-9.8.2-0.62.rc1.el6_9.2.i686.rpm e033ff2999ee5094166f858629831f12caf926c10f2156d1bf92dd5fbc6c3a7b bind-chroot-9.8.2-0.62.rc1.el6_9.2.i686.rpm f3bd19a5c47a27ae24967a06b7bf37b09b27631556cd1873ac6b8b9f55b41b78 bind-devel-9.8.2-0.62.rc1.el6_9.2.i686.rpm ec7c8ae880e8366214991ca56d02bed6043665ae34657aac5814c781e2e2b5af bind-libs-9.8.2-0.62.rc1.el6_9.2.i686.rpm 2cecf3d6f6631711bc00d8c65a89c69f35caec84fd6a32aede440c6a3f7e0163 bind-sdb-9.8.2-0.62.rc1.el6_9.2.i686.rpm 37d38b81206240ff8562534ca327ac7fdbd4592ebcee0caaa637eccd3df8a8e9 bind-utils-9.8.2-0.62.rc1.el6_9.2.i686.rpm x86_64: 7320440995c79fe2648545554f8fa76bd1467f8873df842002783d7e8c3d7e38 bind-9.8.2-0.62.rc1.el6_9.2.x86_64.rpm 9f589d84f1278d8c2c8595e2967fdee489478359a369f11a9f4c9a26f49fbccc bind-chroot-9.8.2-0.62.rc1.el6_9.2.x86_64.rpm f3bd19a5c47a27ae24967a06b7bf37b09b27631556cd1873ac6b8b9f55b41b78 bind-devel-9.8.2-0.62.rc1.el6_9.2.i686.rpm 0bc38d410990965648547b2fa605fcb177512b1488b192d6dbb060cfa018ee89 bind-devel-9.8.2-0.62.rc1.el6_9.2.x86_64.rpm ec7c8ae880e8366214991ca56d02bed6043665ae34657aac5814c781e2e2b5af bind-libs-9.8.2-0.62.rc1.el6_9.2.i686.rpm 949b45a95464c27e4093db800058df377fb9c5f7cf866655c3952c5f7c9c262d bind-libs-9.8.2-0.62.rc1.el6_9.2.x86_64.rpm 5cbf42814270ca79b07de4864a56eb33dbc5c8e55cccdabbec816c8abcbd4655 bind-sdb-9.8.2-0.62.rc1.el6_9.2.x86_64.rpm 97e32251f12374180ecd20ac5bce16b7c904367f9a308b9b890c46f0da452f6c bind-utils-9.8.2-0.62.rc1.el6_9.2.x86_64.rpm Source: 6fd6c22a5158c38ff37918a7488a7ee579918c961464891d6f06b396c39df64f bind-9.8.2-0.62.rc1.el6_9.2.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  19. news
    CentOS Errata and Security Advisory 2017:1206 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1206.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 1127cd30a8d85a38840172fb9dba9bf17948011904c3f7d815d9faa7682e1808 qemu-guest-agent-0.12.1.2-2.503.el6_9.3.i686.rpm x86_64: 5f5ac3bcae2e27129b79f0d61344dbe4a536969210980986dd30e4bd1d6014cc qemu-guest-agent-0.12.1.2-2.503.el6_9.3.x86_64.rpm 9893748998130ab9303f158dd41673c37285dd913b5f25772ba5c7000bc5d7d8 qemu-img-0.12.1.2-2.503.el6_9.3.x86_64.rpm b4e189c5665d88b29f1f926ae6eb155138caf570efaea9a62fc352dbb14e1e0a qemu-kvm-0.12.1.2-2.503.el6_9.3.x86_64.rpm c205e403f4783d35ae6f2f71800f0da072eecd9186e540c621975e341a37e04c qemu-kvm-tools-0.12.1.2-2.503.el6_9.3.x86_64.rpm Source: 3f668573bbb95a3a79e82cc2d57fbb8213dedcff0c99b861754fc05fdbdfb513 qemu-kvm-0.12.1.2-2.503.el6_9.3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  20. news
    CentOS Errata and Security Advisory 2017:1204 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1204.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: ebfdee6821a0a033abc9f5063bd2e52ce7919986a5c1739fa84ffc7b1eb9a53c java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.i686.rpm e9307aee536ac1be8137878a836e9037076fe72d6f66d7ef730b8d0cbe0246e7 java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el6_9.i686.rpm 1c49b6e45452fad29dd317f5a2a30fd20dc61c1da05d7814924fb17f258db28f java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el6_9.i686.rpm eb9d7593936c5c57390f1eae69cb6df41ebd3e0611fc6529ef71c47692826c78 java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el6_9.noarch.rpm 3eb6210ea2441df5ab1e72a1cd0d99b7483efd02b21d899df0b23cd5b80820d9 java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el6_9.i686.rpm x86_64: ab2a99f59f85ba47eeb0a12c88c5c55f46c32c2d960a8d23a09b8f3c85718a1b java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm c804ca8ea2a4436a90ee87a8e752cf87d2edadda1fefdefd92929729131d25ae java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm b3ecfc32de925d197ad4bae86c425bd431771363121654e6a166f3ad34e362c7 java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm eb9d7593936c5c57390f1eae69cb6df41ebd3e0611fc6529ef71c47692826c78 java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el6_9.noarch.rpm 9bda631ed3d3083eebe2ae9d975d22a206f7371586a04fd9754904b2f89cbb17 java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm Source: d50910897cdd02147db5e3f880a10a64142e50c86bdc0ac28c752a0e5735c758 java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  21. news
    CentOS Errata and Security Advisory 2017:1201 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1201.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: f2ec0d231aa5e854886bb0184715eeac1131a027e8707cbe9918a650f0631476 thunderbird-52.1.0-1.el7.centos.x86_64.rpm Source: f4c72f9e6a3c34b11c1e09ad6ccab0652af776db61caa0888680ad2cc41d503f thunderbird-52.1.0-1.el7.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  22. news
    CentOS Errata and Security Advisory 2017:1201 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1201.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 7591a0fa7d14c55bd4ebf4ce7079f86d2941f78933b4c329c23d4f30f880244b thunderbird-52.1.0-1.el6.centos.i686.rpm x86_64: 8b938732635979eafa3e2cd0ede2dcf7a4cabfb419998a1848622c69a9cc01b5 thunderbird-52.1.0-1.el6.centos.x86_64.rpm Source: 21fc84a445440a16fc4c778c47450ae94e2493efc36ed1812524d1f4fc2e9a84 thunderbird-52.1.0-1.el6.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  23. news
    CentOS Errata and Security Advisory 2017:1204 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1204.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 4df61fba30e01dbc6d6f06ab469740e33095f989f821bd9733a42950e3f94061 java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm 97828abefb8a0350bc6b32f4329bdfe30c45f32c8179c8d86f636ba8663be71c java-1.7.0-openjdk-accessibility-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm d2bdbbfe1665ce36281f70cd6dd9bf93e61d0026e740cc732575719310412455 java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm c343e8baed8419d59f502f69148bd52fbdc98e06268a4e9c6562c262c20bc23f java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm 90e4a58dc9fd24e3a742f6842c0546947c2c2a0be54a8207b49d150ad568c46f java-1.7.0-openjdk-headless-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm c8ef0aa0f15da23929068abf3470308518257adbc50011d5f4592614df4601c1 java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el7_3.noarch.rpm f708168ce664ec29c4d9f49020a8ffe707a05bbe10fa35db8347065a4a2d1ea1 java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm Source: 08655b931427182c9701d70f6424f738edf593acafdd70fb6e8a085a7669759b java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  24. news
    AMD's Ryzen 5 CPUs are shaking up the midrange CPU market, and we're here to help builders navigate this unfamiliar terrain with the latest edition of our System Guide. We also account for the introduction of AMD's Radeon RX 500-series graphics cards. Read more: http://techreport.com/review/31846/the-tech-report-system-guide-may-2017-edition --- The Tech Report - PC Hardware Explored http://techreport.com -- To unsubscribe from: TR-News, just follow this link: http://node1.techreport.com/cgi-bin/dada/mail.cgi/u/trnews/reviewnews// Click this link, or copy and paste the address into your browser.
  25. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: flash-plugin security update Advisory ID: RHSA-2017:1219-01 Product: Red Hat Enterprise Linux Supplementary Advisory URL: https://access.redhat.com/errata/RHSA-2017:1219 Issue date: 2017-05-09 CVE Names: CVE-2017-3068 CVE-2017-3069 CVE-2017-3070 CVE-2017-3071 CVE-2017-3072 CVE-2017-3073 CVE-2017-3074 ===================================================================== 1. Summary: An update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64 3. Description: The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 25.0.0.171. Security Fix(es): * This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content. (CVE-2017-3068, CVE-2017-3069, CVE-2017-3070, CVE-2017-3071, CVE-2017-3072, CVE-2017-3073, CVE-2017-3074) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1449340 - CVE-2017-3068 CVE-2017-3069 CVE-2017-3070 CVE-2017-3071 CVE-2017-3072 CVE-2017-3073 CVE-2017-3074 flash-plugin: multiple code execution issues fixed in APSB17-15 6. Package List: Red Hat Enterprise Linux Desktop Supplementary (v. 6): i386: flash-plugin-25.0.0.171-1.el6_9.i686.rpm x86_64: flash-plugin-25.0.0.171-1.el6_9.i686.rpm Red Hat Enterprise Linux Server Supplementary (v. 6): i386: flash-plugin-25.0.0.171-1.el6_9.i686.rpm x86_64: flash-plugin-25.0.0.171-1.el6_9.i686.rpm Red Hat Enterprise Linux Workstation Supplementary (v. 6): i386: flash-plugin-25.0.0.171-1.el6_9.i686.rpm x86_64: flash-plugin-25.0.0.171-1.el6_9.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3068 https://access.redhat.com/security/cve/CVE-2017-3069 https://access.redhat.com/security/cve/CVE-2017-3070 https://access.redhat.com/security/cve/CVE-2017-3071 https://access.redhat.com/security/cve/CVE-2017-3072 https://access.redhat.com/security/cve/CVE-2017-3073 https://access.redhat.com/security/cve/CVE-2017-3074 https://access.redhat.com/security/updates/classification/#critical https://helpx.adobe.com/security/products/flash-player/apsb17-15.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZEiw3XlSAg2UNWIIRAhaeAJ4mcuUFYqalURuxtRIkDAj18bhKngCdEmXc RbVXnEIBVk91J3+sVOK5H5c= =PsAM -----END PGP SIGNATURE----- --
×