news

FSP Dagger 600W SFX PSU Review ------------------------------------------------------------ http://mailchi.mp/kitguru/fsp-dagger-600w-sfx-psu-review?e=872093acb5 http://www.kitguru.net FSP Dagger 600W SFX PSU Review FSP have recently released two power supplies in the ‘Dagger’ family – a 500W and 600W unit. They sent us the higher capacity 600 watt unit which is 80 Plus Gold certified, equipped with Japanese capacitors and is fully modular. Read the review here: http://www.kitguru.net/components/power-supplies/zardon/fsp-dagger-600w-sfx-psu-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend2.com/forward?u=bfb2b902b5fb045ad6f841f98&id=8c163fe681&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : radicale Version : 0.7-1.1+deb7u2 CVE ID : CVE-2017-8342 Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. For Debian 7 "Wheezy", these problems have been fixed in version 0.7-1.1+deb7u2. We recommend that you upgrade your radicale packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQJ8BAEBCgBmBQJZEh+WXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH+zgQAJ+Btp3/G7usReDEOvOaLS5T pfuOFNENHN84H8XEMnVNUB5n9dWK8T89w4Gze4OPO9uCjaIyJzc4eloZkgYXK8iC cnMenfauymzIEmmzFoTemBAZNhJJYaU3j7hFFlyeShrwrwBAlDAlMlEYufw5w72b k0jLiwRkQmh4HhHYuccJ4Kk3cAr1Gcb+RSHl1OGLwkNWSgz8Drpb1wW94FcJUMhE YrpqhO7M/MK3H0r44N3YHiVt/2e1OJX1ygDnlkcorbu5gdlSc3sgjnaQ2zr5JuZR us5xVuuk6CN5Xg3vp0rIKV/Htt79mB2W2Pu9i+qL8z3QhxrdDznlkX5hUObXgEKQ /a/7QEH9eCdpIky7OLlyPt9j/G3PHDw5J3wT40KRjtUezyaPBd0w6qbLFbbVq/B5 WybDu+9s7UWx9KlpeH+1lhE6G3Bkn4gXZ/6aeK72jlqwifI61Kyzn7iMLICKCmqR n7wisxhff/MTCklKWeeyisYruM/6mIX3yjhKWamb5h/TrhRdZDrn+axgyvecJaft nqzPTn6SjwxUKDvJb5vRAB87S6KVwS9DqcGN03zbAg3CtcaLG2cG0OiNnNhRUJSp VmFaQo3g94pCXKkz30by6c5kz/lfrgJLCwqiJS7w14lNIpeueycCinflMb34gRMA CtDp6sdza3teCtbaViNZ =uB37 -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : radicale Version : 0.7-1.1+deb7u2 CVE ID : CVE-2017-8342 Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. For Debian 7 "Wheezy", these problems have been fixed in version 0.7-1.1+deb7u2. We recommend that you upgrade your radicale packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQJ8BAEBCgBmBQJZEh+WXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH+zgQAJ+Btp3/G7usReDEOvOaLS5T pfuOFNENHN84H8XEMnVNUB5n9dWK8T89w4Gze4OPO9uCjaIyJzc4eloZkgYXK8iC cnMenfauymzIEmmzFoTemBAZNhJJYaU3j7hFFlyeShrwrwBAlDAlMlEYufw5w72b k0jLiwRkQmh4HhHYuccJ4Kk3cAr1Gcb+RSHl1OGLwkNWSgz8Drpb1wW94FcJUMhE YrpqhO7M/MK3H0r44N3YHiVt/2e1OJX1ygDnlkcorbu5gdlSc3sgjnaQ2zr5JuZR us5xVuuk6CN5Xg3vp0rIKV/Htt79mB2W2Pu9i+qL8z3QhxrdDznlkX5hUObXgEKQ /a/7QEH9eCdpIky7OLlyPt9j/G3PHDw5J3wT40KRjtUezyaPBd0w6qbLFbbVq/B5 WybDu+9s7UWx9KlpeH+1lhE6G3Bkn4gXZ/6aeK72jlqwifI61Kyzn7iMLICKCmqR n7wisxhff/MTCklKWeeyisYruM/6mIX3yjhKWamb5h/TrhRdZDrn+axgyvecJaft nqzPTn6SjwxUKDvJb5vRAB87S6KVwS9DqcGN03zbAg3CtcaLG2cG0OiNnNhRUJSp VmFaQo3g94pCXKkz30by6c5kz/lfrgJLCwqiJS7w14lNIpeueycCinflMb34gRMA CtDp6sdza3teCtbaViNZ =uB37 -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : radicale Version : 0.7-1.1+deb7u2 CVE ID : CVE-2017-8342 Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. For Debian 7 "Wheezy", these problems have been fixed in version 0.7-1.1+deb7u2. We recommend that you upgrade your radicale packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQJ8BAEBCgBmBQJZEh+WXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH+zgQAJ+Btp3/G7usReDEOvOaLS5T pfuOFNENHN84H8XEMnVNUB5n9dWK8T89w4Gze4OPO9uCjaIyJzc4eloZkgYXK8iC cnMenfauymzIEmmzFoTemBAZNhJJYaU3j7hFFlyeShrwrwBAlDAlMlEYufw5w72b k0jLiwRkQmh4HhHYuccJ4Kk3cAr1Gcb+RSHl1OGLwkNWSgz8Drpb1wW94FcJUMhE YrpqhO7M/MK3H0r44N3YHiVt/2e1OJX1ygDnlkcorbu5gdlSc3sgjnaQ2zr5JuZR us5xVuuk6CN5Xg3vp0rIKV/Htt79mB2W2Pu9i+qL8z3QhxrdDznlkX5hUObXgEKQ /a/7QEH9eCdpIky7OLlyPt9j/G3PHDw5J3wT40KRjtUezyaPBd0w6qbLFbbVq/B5 WybDu+9s7UWx9KlpeH+1lhE6G3Bkn4gXZ/6aeK72jlqwifI61Kyzn7iMLICKCmqR n7wisxhff/MTCklKWeeyisYruM/6mIX3yjhKWamb5h/TrhRdZDrn+axgyvecJaft nqzPTn6SjwxUKDvJb5vRAB87S6KVwS9DqcGN03zbAg3CtcaLG2cG0OiNnNhRUJSp VmFaQo3g94pCXKkz30by6c5kz/lfrgJLCwqiJS7w14lNIpeueycCinflMb34gRMA CtDp6sdza3teCtbaViNZ =uB37 -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : radicale Version : 0.7-1.1+deb7u2 CVE ID : CVE-2017-8342 Radicale before 1.1.2 and 2.x before 2.0.0rc2 is prone to timing oracles and simple brute-force attacks when using the htpasswd authentication method. For Debian 7 "Wheezy", these problems have been fixed in version 0.7-1.1+deb7u2. We recommend that you upgrade your radicale packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQJ8BAEBCgBmBQJZEh+WXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH+zgQAJ+Btp3/G7usReDEOvOaLS5T pfuOFNENHN84H8XEMnVNUB5n9dWK8T89w4Gze4OPO9uCjaIyJzc4eloZkgYXK8iC cnMenfauymzIEmmzFoTemBAZNhJJYaU3j7hFFlyeShrwrwBAlDAlMlEYufw5w72b k0jLiwRkQmh4HhHYuccJ4Kk3cAr1Gcb+RSHl1OGLwkNWSgz8Drpb1wW94FcJUMhE YrpqhO7M/MK3H0r44N3YHiVt/2e1OJX1ygDnlkcorbu5gdlSc3sgjnaQ2zr5JuZR us5xVuuk6CN5Xg3vp0rIKV/Htt79mB2W2Pu9i+qL8z3QhxrdDznlkX5hUObXgEKQ /a/7QEH9eCdpIky7OLlyPt9j/G3PHDw5J3wT40KRjtUezyaPBd0w6qbLFbbVq/B5 WybDu+9s7UWx9KlpeH+1lhE6G3Bkn4gXZ/6aeK72jlqwifI61Kyzn7iMLICKCmqR n7wisxhff/MTCklKWeeyisYruM/6mIX3yjhKWamb5h/TrhRdZDrn+axgyvecJaft nqzPTn6SjwxUKDvJb5vRAB87S6KVwS9DqcGN03zbAg3CtcaLG2cG0OiNnNhRUJSp VmFaQo3g94pCXKkz30by6c5kz/lfrgJLCwqiJS7w14lNIpeueycCinflMb34gRMA CtDp6sdza3teCtbaViNZ =uB37 -----END PGP SIGNATURE-----

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: qemu-kvm security update Advisory ID: RHSA-2017:1206-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1206 Issue date: 2017-05-09 CVE Names: CVE-2016-9603 CVE-2017-2633 CVE-2017-7718 CVE-2017-7980 ===================================================================== 1. Summary: An update for qemu-kvm is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix(es): * A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. (CVE-2016-9603) * An out-of-bounds r/w access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data via various bitblt functions. A privileged user inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. (CVE-2017-7980) * An out-of-bounds memory access issue was found in QEMU's VNC display driver support. The vulnerability could occur while refreshing the VNC display surface area in the 'vnc_refresh_server_surface'. A user/process inside a guest could use this flaw to crash the QEMU process, resulting in a denial of service. (CVE-2017-2633) * An out-of-bounds access issue was found in QEMU's Cirrus CLGD 54xx VGA Emulator support. The vulnerability could occur while copying VGA data using bitblt functions (for example, cirrus_bitblt_rop_fwd_transp_). A privileged user inside a guest could use this flaw to crash the QEMU process, resulting in denial of service. (CVE-2017-7718) Red Hat would like to thank Jiangxin (PSIRT Huawei Inc.) and Li Qiang (Qihoo 360 Gear Team) for reporting CVE-2017-7980 and Jiangxin (PSIRT Huawei Inc.) for reporting CVE-2017-7718. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, shut down all running virtual machines. Once all virtual machines have shut down, start them again for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1400438 - CVE-2017-2633 qemu-kvm coredump in vnc_refresh_server_surface [rhel-6.9.z] 1425939 - CVE-2017-2633 Qemu: VNC: memory corruption due to unchecked resolution limit 1430056 - CVE-2016-9603 Qemu: cirrus: heap buffer overflow via vnc connection 1437060 - Fails to build in brew 1443441 - CVE-2017-7718 Qemu: display: cirrus: OOB read access issue 1444371 - CVE-2017-7980 Qemu: display: cirrus: OOB r/w access issues in bitblt routines 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: qemu-kvm-0.12.1.2-2.503.el6_9.3.src.rpm i386: qemu-guest-agent-0.12.1.2-2.503.el6_9.3.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.3.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-img-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.503.el6_9.3.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: qemu-kvm-0.12.1.2-2.503.el6_9.3.src.rpm x86_64: qemu-guest-agent-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-img-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.503.el6_9.3.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: qemu-kvm-0.12.1.2-2.503.el6_9.3.src.rpm i386: qemu-guest-agent-0.12.1.2-2.503.el6_9.3.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.3.i686.rpm ppc64: qemu-guest-agent-0.12.1.2-2.503.el6_9.3.ppc64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.3.ppc64.rpm x86_64: qemu-guest-agent-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-img-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.503.el6_9.3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: qemu-kvm-0.12.1.2-2.503.el6_9.3.src.rpm i386: qemu-guest-agent-0.12.1.2-2.503.el6_9.3.i686.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.3.i686.rpm x86_64: qemu-guest-agent-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-img-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-debuginfo-0.12.1.2-2.503.el6_9.3.x86_64.rpm qemu-kvm-tools-0.12.1.2-2.503.el6_9.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-9603 https://access.redhat.com/security/cve/CVE-2017-2633 https://access.redhat.com/security/cve/CVE-2017-7718 https://access.redhat.com/security/cve/CVE-2017-7980 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZEgYwXlSAg2UNWIIRAgfuAKCWBJsunnm64dyq46QyyPNBe2gUlQCgksb1 KjPkg9YSh/Fjd9OnmeyXJXA= =Xius -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: jasper security update Advisory ID: RHSA-2017:1208-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1208 Issue date: 2017-05-09 CVE Names: CVE-2015-5203 CVE-2015-5221 CVE-2016-10248 CVE-2016-10249 CVE-2016-10251 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693 CVE-2016-8883 CVE-2016-8884 CVE-2016-8885 CVE-2016-9262 CVE-2016-9387 CVE-2016-9388 CVE-2016-9389 CVE-2016-9390 CVE-2016-9391 CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 CVE-2016-9560 CVE-2016-9583 CVE-2016-9591 CVE-2016-9600 ===================================================================== 1. Summary: An update for jasper is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix(es): Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591) Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. (CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251) Red Hat would like to thank Liu Bingchang (IIE) for reporting CVE-2016-8654, CVE-2016-9583, CVE-2016-9591, and CVE-2016-9600; Gustavo Grieco for reporting CVE-2015-5203; and Josselin Feist for reporting CVE-2015-5221. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1254242 - CVE-2015-5203 jasper: integer overflow in jas_image_cmpt_create() 1255710 - CVE-2015-5221 jasper: use-after-free and double-free flaws in mif_process_cmpt() 1298135 - CVE-2016-1867 jasper: out-of-bounds read in jpc_pi_nextcprl() 1302636 - CVE-2016-2089 jasper: matrix rows_ NULL pointer dereference in jas_matrix_clip() 1314466 - CVE-2016-1577 jasper: double free issue in jas_iccattrval_destroy() 1314472 - CVE-2016-2116 jasper: memory leak in jas_iccprof_createfrombuf() 1385499 - CVE-2016-8690 CVE-2016-8884 CVE-2016-8885 jasper: missing jas_matrix_create() parameter checks 1385502 - CVE-2016-8691 CVE-2016-8692 jasper: missing SIZ marker segment XRsiz and YRsiz fields range check 1385507 - CVE-2016-8693 jasper: incorrect handling of bufsize 0 in mem_resize() 1388840 - CVE-2016-10249 jasper: integer overflow in jas_matrix_create() 1388870 - CVE-2016-8883 jasper: reachable asserts in jpc_dec_tiledecode() 1393882 - CVE-2016-9262 jasper: integer truncation in jas_image_cmpt_create() 1396959 - CVE-2016-9387 jasper: integer overflow in jpc_dec_process_siz() 1396962 - CVE-2016-9388 jasper: reachable assertions in RAS encoder/decoder 1396963 - CVE-2016-9389 jasper: reachable assertions caused by insufficient component domains checks in ICT/RCT in JPC codec 1396965 - CVE-2016-9390 jasper: insufficient SIZ marker tilexoff and tileyoff checks 1396967 - CVE-2016-9391 jasper: reachable assertions in the JPC bitstream code 1396971 - CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 jasper: insufficient SIZ marker segment data sanity checks 1398256 - CVE-2016-9560 jasper: stack-based buffer overflow in jpc_dec_tileinit() 1399167 - CVE-2016-8654 jasper: heap-based buffer overflow in QMFB code in JPC codec 1405148 - CVE-2016-9583 jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder 1406405 - CVE-2016-9591 jasper: use-after-free / double-free in JPC encoder 1410026 - CVE-2016-9600 jasper: JP2 encoder NULL pointer dereference due to uninitialized cmprof_ 1434447 - CVE-2016-10248 jasper: NULL pointer dereference in jpc_tsfb_synthesize() 1434461 - CVE-2016-10251 jasper: integer overflow in jpc_pi_nextcprl(), leading to out-of-bounds read 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: jasper-1.900.1-21.el6_9.src.rpm i386: jasper-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-libs-1.900.1-21.el6_9.i686.rpm x86_64: jasper-1.900.1-21.el6_9.x86_64.rpm jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.x86_64.rpm jasper-libs-1.900.1-21.el6_9.i686.rpm jasper-libs-1.900.1-21.el6_9.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-devel-1.900.1-21.el6_9.i686.rpm jasper-utils-1.900.1-21.el6_9.i686.rpm x86_64: jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.x86_64.rpm jasper-devel-1.900.1-21.el6_9.i686.rpm jasper-devel-1.900.1-21.el6_9.x86_64.rpm jasper-utils-1.900.1-21.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: jasper-1.900.1-21.el6_9.src.rpm x86_64: jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.x86_64.rpm jasper-libs-1.900.1-21.el6_9.i686.rpm jasper-libs-1.900.1-21.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: jasper-1.900.1-21.el6_9.x86_64.rpm jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.x86_64.rpm jasper-devel-1.900.1-21.el6_9.i686.rpm jasper-devel-1.900.1-21.el6_9.x86_64.rpm jasper-utils-1.900.1-21.el6_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: jasper-1.900.1-21.el6_9.src.rpm i386: jasper-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-libs-1.900.1-21.el6_9.i686.rpm ppc64: jasper-1.900.1-21.el6_9.ppc64.rpm jasper-debuginfo-1.900.1-21.el6_9.ppc.rpm jasper-debuginfo-1.900.1-21.el6_9.ppc64.rpm jasper-libs-1.900.1-21.el6_9.ppc.rpm jasper-libs-1.900.1-21.el6_9.ppc64.rpm s390x: jasper-1.900.1-21.el6_9.s390x.rpm jasper-debuginfo-1.900.1-21.el6_9.s390.rpm jasper-debuginfo-1.900.1-21.el6_9.s390x.rpm jasper-libs-1.900.1-21.el6_9.s390.rpm jasper-libs-1.900.1-21.el6_9.s390x.rpm x86_64: jasper-1.900.1-21.el6_9.x86_64.rpm jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.x86_64.rpm jasper-libs-1.900.1-21.el6_9.i686.rpm jasper-libs-1.900.1-21.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-devel-1.900.1-21.el6_9.i686.rpm jasper-utils-1.900.1-21.el6_9.i686.rpm ppc64: jasper-debuginfo-1.900.1-21.el6_9.ppc.rpm jasper-debuginfo-1.900.1-21.el6_9.ppc64.rpm jasper-devel-1.900.1-21.el6_9.ppc.rpm jasper-devel-1.900.1-21.el6_9.ppc64.rpm jasper-utils-1.900.1-21.el6_9.ppc64.rpm s390x: jasper-debuginfo-1.900.1-21.el6_9.s390.rpm jasper-debuginfo-1.900.1-21.el6_9.s390x.rpm jasper-devel-1.900.1-21.el6_9.s390.rpm jasper-devel-1.900.1-21.el6_9.s390x.rpm jasper-utils-1.900.1-21.el6_9.s390x.rpm x86_64: jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.x86_64.rpm jasper-devel-1.900.1-21.el6_9.i686.rpm jasper-devel-1.900.1-21.el6_9.x86_64.rpm jasper-utils-1.900.1-21.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: jasper-1.900.1-21.el6_9.src.rpm i386: jasper-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-libs-1.900.1-21.el6_9.i686.rpm x86_64: jasper-1.900.1-21.el6_9.x86_64.rpm jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.x86_64.rpm jasper-libs-1.900.1-21.el6_9.i686.rpm jasper-libs-1.900.1-21.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-devel-1.900.1-21.el6_9.i686.rpm jasper-utils-1.900.1-21.el6_9.i686.rpm x86_64: jasper-debuginfo-1.900.1-21.el6_9.i686.rpm jasper-debuginfo-1.900.1-21.el6_9.x86_64.rpm jasper-devel-1.900.1-21.el6_9.i686.rpm jasper-devel-1.900.1-21.el6_9.x86_64.rpm jasper-utils-1.900.1-21.el6_9.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: jasper-1.900.1-30.el7_3.src.rpm x86_64: jasper-debuginfo-1.900.1-30.el7_3.i686.rpm jasper-debuginfo-1.900.1-30.el7_3.x86_64.rpm jasper-libs-1.900.1-30.el7_3.i686.rpm jasper-libs-1.900.1-30.el7_3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: jasper-1.900.1-30.el7_3.x86_64.rpm jasper-debuginfo-1.900.1-30.el7_3.i686.rpm jasper-debuginfo-1.900.1-30.el7_3.x86_64.rpm jasper-devel-1.900.1-30.el7_3.i686.rpm jasper-devel-1.900.1-30.el7_3.x86_64.rpm jasper-utils-1.900.1-30.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: jasper-1.900.1-30.el7_3.src.rpm x86_64: jasper-debuginfo-1.900.1-30.el7_3.i686.rpm jasper-debuginfo-1.900.1-30.el7_3.x86_64.rpm jasper-libs-1.900.1-30.el7_3.i686.rpm jasper-libs-1.900.1-30.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: jasper-1.900.1-30.el7_3.x86_64.rpm jasper-debuginfo-1.900.1-30.el7_3.i686.rpm jasper-debuginfo-1.900.1-30.el7_3.x86_64.rpm jasper-devel-1.900.1-30.el7_3.i686.rpm jasper-devel-1.900.1-30.el7_3.x86_64.rpm jasper-utils-1.900.1-30.el7_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: jasper-1.900.1-30.el7_3.src.rpm aarch64: jasper-debuginfo-1.900.1-30.el7_3.aarch64.rpm jasper-libs-1.900.1-30.el7_3.aarch64.rpm ppc64: jasper-debuginfo-1.900.1-30.el7_3.ppc.rpm jasper-debuginfo-1.900.1-30.el7_3.ppc64.rpm jasper-libs-1.900.1-30.el7_3.ppc.rpm jasper-libs-1.900.1-30.el7_3.ppc64.rpm ppc64le: jasper-debuginfo-1.900.1-30.el7_3.ppc64le.rpm jasper-libs-1.900.1-30.el7_3.ppc64le.rpm s390x: jasper-debuginfo-1.900.1-30.el7_3.s390.rpm jasper-debuginfo-1.900.1-30.el7_3.s390x.rpm jasper-libs-1.900.1-30.el7_3.s390.rpm jasper-libs-1.900.1-30.el7_3.s390x.rpm x86_64: jasper-debuginfo-1.900.1-30.el7_3.i686.rpm jasper-debuginfo-1.900.1-30.el7_3.x86_64.rpm jasper-libs-1.900.1-30.el7_3.i686.rpm jasper-libs-1.900.1-30.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: jasper-1.900.1-30.el7_3.aarch64.rpm jasper-debuginfo-1.900.1-30.el7_3.aarch64.rpm jasper-devel-1.900.1-30.el7_3.aarch64.rpm jasper-utils-1.900.1-30.el7_3.aarch64.rpm ppc64: jasper-1.900.1-30.el7_3.ppc64.rpm jasper-debuginfo-1.900.1-30.el7_3.ppc.rpm jasper-debuginfo-1.900.1-30.el7_3.ppc64.rpm jasper-devel-1.900.1-30.el7_3.ppc.rpm jasper-devel-1.900.1-30.el7_3.ppc64.rpm jasper-utils-1.900.1-30.el7_3.ppc64.rpm ppc64le: jasper-1.900.1-30.el7_3.ppc64le.rpm jasper-debuginfo-1.900.1-30.el7_3.ppc64le.rpm jasper-devel-1.900.1-30.el7_3.ppc64le.rpm jasper-utils-1.900.1-30.el7_3.ppc64le.rpm s390x: jasper-1.900.1-30.el7_3.s390x.rpm jasper-debuginfo-1.900.1-30.el7_3.s390.rpm jasper-debuginfo-1.900.1-30.el7_3.s390x.rpm jasper-devel-1.900.1-30.el7_3.s390.rpm jasper-devel-1.900.1-30.el7_3.s390x.rpm jasper-utils-1.900.1-30.el7_3.s390x.rpm x86_64: jasper-1.900.1-30.el7_3.x86_64.rpm jasper-debuginfo-1.900.1-30.el7_3.i686.rpm jasper-debuginfo-1.900.1-30.el7_3.x86_64.rpm jasper-devel-1.900.1-30.el7_3.i686.rpm jasper-devel-1.900.1-30.el7_3.x86_64.rpm jasper-utils-1.900.1-30.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: jasper-1.900.1-30.el7_3.src.rpm x86_64: jasper-debuginfo-1.900.1-30.el7_3.i686.rpm jasper-debuginfo-1.900.1-30.el7_3.x86_64.rpm jasper-libs-1.900.1-30.el7_3.i686.rpm jasper-libs-1.900.1-30.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: jasper-1.900.1-30.el7_3.x86_64.rpm jasper-debuginfo-1.900.1-30.el7_3.i686.rpm jasper-debuginfo-1.900.1-30.el7_3.x86_64.rpm jasper-devel-1.900.1-30.el7_3.i686.rpm jasper-devel-1.900.1-30.el7_3.x86_64.rpm jasper-utils-1.900.1-30.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-5203 https://access.redhat.com/security/cve/CVE-2015-5221 https://access.redhat.com/security/cve/CVE-2016-10248 https://access.redhat.com/security/cve/CVE-2016-10249 https://access.redhat.com/security/cve/CVE-2016-10251 https://access.redhat.com/security/cve/CVE-2016-1577 https://access.redhat.com/security/cve/CVE-2016-1867 https://access.redhat.com/security/cve/CVE-2016-2089 https://access.redhat.com/security/cve/CVE-2016-2116 https://access.redhat.com/security/cve/CVE-2016-8654 https://access.redhat.com/security/cve/CVE-2016-8690 https://access.redhat.com/security/cve/CVE-2016-8691 https://access.redhat.com/security/cve/CVE-2016-8692 https://access.redhat.com/security/cve/CVE-2016-8693 https://access.redhat.com/security/cve/CVE-2016-8883 https://access.redhat.com/security/cve/CVE-2016-8884 https://access.redhat.com/security/cve/CVE-2016-8885 https://access.redhat.com/security/cve/CVE-2016-9262 https://access.redhat.com/security/cve/CVE-2016-9387 https://access.redhat.com/security/cve/CVE-2016-9388 https://access.redhat.com/security/cve/CVE-2016-9389 https://access.redhat.com/security/cve/CVE-2016-9390 https://access.redhat.com/security/cve/CVE-2016-9391 https://access.redhat.com/security/cve/CVE-2016-9392 https://access.redhat.com/security/cve/CVE-2016-9393 https://access.redhat.com/security/cve/CVE-2016-9394 https://access.redhat.com/security/cve/CVE-2016-9560 https://access.redhat.com/security/cve/CVE-2016-9583 https://access.redhat.com/security/cve/CVE-2016-9591 https://access.redhat.com/security/cve/CVE-2016-9600 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZEg4lXlSAg2UNWIIRAuyVAJ9P9L4mLFrCZVWixRk6fXMAasAhMQCgxG8K H3IC3a7qUw4PxFoXoRVkR5U= =YNRv -----END PGP SIGNATURE----- --

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Brainwavz B200 In-ears Link: https://www.techpowerup.com/reviews/Brainwavz/B200 Brief: Brainwavz is known for their high quality mid-end in-ears and headphones. Today, we take a look at their most ambitious in-ear to date called the B200. The B200 is a dual balanced armature design that sells for $199 online.

When we covered the Intel Optane Memory Series launch last month the focus was entirely on the drive from a caching perspective as that is the point of the product. We ended up with some angry e-mails and comments on social media about why we didn't test the raw performance of the drive and even test it as a boot drive. We don't see too many people buying the 32GB model as a boot drives due to the $76 price point, but we were curious how an Intel Optane Memory module would perform as a primary boot drive, a secondary drive and then as a RAID 0 array with two of them. We managed to get our hands on a second Intel Optane Memory Module 32GB, so we fired up our storage test platform and gave it a quick look. Article Title: Intel Optane Memory Tested As Boot Drive, Secondary and RAID 0 ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/intel-optane-memory-tested-boot-drive-secondary-raid-0_194237 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/reviewnews// =

Tesoro Zone Balance Gaming Chair Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/tesoro-zone-balance-gaming-chair-review/ Image URL: http://www.thinkcomputers.org/reviews/tesoro_zone_balance/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/tesoro_zone_balance/small.jpg Quote: "Ah the gaming chair.  To be honest when I first saw these coming out I thought they were a gimmick.  I mean why do you need a racing style gaming chair to be comfortable sitting at your PC?  There are many companies that have been in business for quite a while making office chairs so why all of a sudden do we have all of these new companies springing up making gaming chairs?  Is it just a fad? Are they looking to cash in on the popularity of the gaming industry? Or do these gaming chairs offer something different than the normal office chairs we've been using for 10-15 years.  Well today we are taking a look at our first ever gaming chair, the Tesoro Zone Balance, which is also Tesoro's firs gaming chair.  We mainly know Tesoro for their keyboards and mice so it will be interesting to see their take on a gaming chair.  Let's jump in and see what it is all about!"

openSUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1221-1 Rating: important References: #1022703 #1028655 #1029827 #1030144 #1034843 #1034844 #1034994 #1036146 Cross-References: CVE-2016-9603 CVE-2017-7718 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves two vulnerabilities and has 6 fixes is now available. Description: This update for xen fixes several issues. These security issues were fixed: - A malicious 64-bit PV guest may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks by placing a IRET hypercall in the middle of a multicall batch (XSA-213, bsc#1034843) - A malicious pair of guests may be able to access all of system memory, allowing for all of privilege escalation, host crashes, and information leaks because of a missing check when transfering pages via GNTTABOP_transfer (XSA-214, bsc#1034844). - CVE-2017-7718: hw/display/cirrus_vga_rop.h allowed local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vectors related to copying VGA data via the cirrus_bitblt_rop_fwd_transp_ and cirrus_bitblt_rop_fwd_ functions (bsc#1034994). - CVE-2016-9603: A privileged user within the guest VM could have caused a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655) These non-security issues were fixed: - bsc#1029827: Additional xenstore patch - bsc#1036146: Xen VM dumped core to wrong path - bsc#1022703: Prevent Xen HVM guest with OVMF to hang with unattached CDRom This update was imported from the SUSE:SLE-12-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-563=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): xen-debugsource-4.7.2_04-11.6.1 xen-devel-4.7.2_04-11.6.1 xen-libs-4.7.2_04-11.6.1 xen-libs-debuginfo-4.7.2_04-11.6.1 xen-tools-domU-4.7.2_04-11.6.1 xen-tools-domU-debuginfo-4.7.2_04-11.6.1 - openSUSE Leap 42.2 (x86_64): xen-4.7.2_04-11.6.1 xen-doc-html-4.7.2_04-11.6.1 xen-libs-32bit-4.7.2_04-11.6.1 xen-libs-debuginfo-32bit-4.7.2_04-11.6.1 xen-tools-4.7.2_04-11.6.1 xen-tools-debuginfo-4.7.2_04-11.6.1 References: https://www.suse.com/security/cve/CVE-2016-9603.html https://www.suse.com/security/cve/CVE-2017-7718.html https://bugzilla.suse.com/1022703 https://bugzilla.suse.com/1028655 https://bugzilla.suse.com/1029827 https://bugzilla.suse.com/1030144 https://bugzilla.suse.com/1034843 https://bugzilla.suse.com/1034844 https://bugzilla.suse.com/1034994 https://bugzilla.suse.com/1036146 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Bigbruin.com has published new content which might be of interest to your readers. A post on your site regarding this announcement would be greatly appreciated. *Title:* leakSMART Complete Home Water Protection Shut-off System *Link: *https://bigbruin.com/content/leakSMART_1*_ _* ** *Image (250x250):*https://bigbruin.com/images/articles/947/promo_3.jpg* * ** *Quote:* * * The main leakSMART system components are the shut-off valve, remote sensors, and hub. They all use the ZigBee protocol, which uses a mesh network for communication, but does require a hub for control. This review will be handled a little different than our typical reviews. First we will go over the components of the leakSMART system, and then we will go over system performance with their proprietary hub, Iris by Lowes hub, the Wink hub, and then the SmartThings hub. Best regards, Jason www.bigbruin.com <http://www.bigbruin.com/> --

NETGEAR Nighthawk X10 R9000 AD7200 802.11ad Wireless Router ------------------------------------------------------------ http://mailchi.mp/kitguru/netgear-nighthawk-x10-r9000-ad7200-80211ad-wireless-router?e=872093acb5 http://www.kitguru.net NETGEAR Nighthawk X10 R9000 AD7200 802.11ad Wireless Router You can never have a fast enough network, especially where WiFi is concerned. NETGEAR’s Nighthawk range already has a reputation for performance. With the X10 R9000 AD7200 Wireless Router, though, NETGEAR takes WiFi to the next level with our first look at 802.11ad. Read the review here: http://www.kitguru.net/peripherals/james-morris/netgear-nighthawk-x10-r9000-ad7200-802-11ad-wireless-router-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend2.com/forward?u=bfb2b902b5fb045ad6f841f98&id=b3bf35ee32&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: java-1.7.0-openjdk security update Advisory ID: RHSA-2017:1204-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1204 Issue date: 2017-05-09 CVE Names: CVE-2017-3509 CVE-2017-3511 CVE-2017-3526 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 ===================================================================== 1. Summary: An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 3. Description: The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix(es): * An untrusted library search path flaw was found in the JCE component of OpenJDK. A local attacker could possibly use this flaw to cause a Java application using JCE to load an attacker-controlled library and hence escalate their privileges. (CVE-2017-3511) * It was found that the JAXP component of OpenJDK failed to correctly enforce parse tree size limits when parsing XML document. An attacker able to make a Java application parse a specially crafted XML document could use this flaw to make it consume an excessive amount of CPU and memory. (CVE-2017-3526) * It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could possibly use this flaw to make a Java application perform HTTP requests authenticated with credentials of a different user. (CVE-2017-3509) Note: This update adds support for the "jdk.ntlm.cache" system property which, when set to false, prevents caching of NTLM connections and authentications and hence prevents this issue. However, caching remains enabled by default. * It was discovered that the Security component of OpenJDK did not allow users to restrict the set of algorithms allowed for Jar integrity verification. This flaw could allow an attacker to modify content of the Jar file that used weak signing key or hash algorithm. (CVE-2017-3539) Note: This updates extends the fix for CVE-2016-5542 released as part of the RHSA-2016:2658 erratum to no longer allow the MD5 hash algorithm during the Jar integrity verification by adding it to the jdk.jar.disabledAlgorithms security property. * Newline injection flaws were discovered in FTP and SMTP client implementations in the Networking component in OpenJDK. A remote attacker could possibly use these flaws to manipulate FTP or SMTP connections established by a Java application. (CVE-2017-3533, CVE-2017-3544) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 All running instances of OpenJDK Java must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443007 - CVE-2017-3511 OpenJDK: untrusted extension directories search path in Launcher (JCE, 8163528) 1443052 - CVE-2017-3509 OpenJDK: improper re-use of NTLM authenticated connections (Networking, 8163520) 1443068 - CVE-2017-3544 OpenJDK: newline injection in the SMTP client (Networking, 8171533) 1443083 - CVE-2017-3533 OpenJDK: newline injection in the FTP client (Networking, 8170222) 1443097 - CVE-2017-3539 OpenJDK: MD5 allowed for jar verification (Security, 8171121) 1443252 - CVE-2017-3526 OpenJDK: incomplete XML parse tree size enforcement (JAXP, 8169011) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.src.rpm i386: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el6_9.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el6_9.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el6_9.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): noarch: java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el6_9.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.src.rpm i386: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el6_9.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el6_9.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el6_9.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.src.rpm i386: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el6_9.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el6_9.i686.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el6_9.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el6_9.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el6_9.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el7_3.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el7_3.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.src.rpm aarch64: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.aarch64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.aarch64.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el7_3.aarch64.rpm java-1.7.0-openjdk-headless-1.7.0.141-2.6.10.1.el7_3.aarch64.rpm ppc64: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.ppc64.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el7_3.ppc64.rpm java-1.7.0-openjdk-headless-1.7.0.141-2.6.10.1.el7_3.ppc64.rpm ppc64le: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.ppc64le.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.ppc64le.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el7_3.ppc64le.rpm java-1.7.0-openjdk-headless-1.7.0.141-2.6.10.1.el7_3.ppc64le.rpm s390x: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.s390x.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el7_3.s390x.rpm java-1.7.0-openjdk-headless-1.7.0.141-2.6.10.1.el7_3.s390x.rpm x86_64: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: java-1.7.0-openjdk-accessibility-1.7.0.141-2.6.10.1.el7_3.aarch64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.aarch64.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el7_3.aarch64.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el7_3.aarch64.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el7_3.noarch.rpm ppc64: java-1.7.0-openjdk-accessibility-1.7.0.141-2.6.10.1.el7_3.ppc64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.ppc64.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el7_3.ppc64.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el7_3.ppc64.rpm ppc64le: java-1.7.0-openjdk-accessibility-1.7.0.141-2.6.10.1.el7_3.ppc64le.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.ppc64le.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el7_3.ppc64le.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el7_3.ppc64le.rpm s390x: java-1.7.0-openjdk-accessibility-1.7.0.141-2.6.10.1.el7_3.s390x.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.s390x.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el7_3.s390x.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el7_3.s390x.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-headless-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): noarch: java-1.7.0-openjdk-javadoc-1.7.0.141-2.6.10.1.el7_3.noarch.rpm x86_64: java-1.7.0-openjdk-accessibility-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.141-2.6.10.1.el7_3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-3509 https://access.redhat.com/security/cve/CVE-2017-3511 https://access.redhat.com/security/cve/CVE-2017-3526 https://access.redhat.com/security/cve/CVE-2017-3533 https://access.redhat.com/security/cve/CVE-2017-3539 https://access.redhat.com/security/cve/CVE-2017-3544 https://access.redhat.com/security/updates/classification/#moderate https://rhn.redhat.com/errata/RHSA-2016-2658.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFZEanFXlSAg2UNWIIRAoJMAJ9bLsFQsGYfHkarqPVONMshpxIQdACgkp6d mIVvAu3duL2/YPLCrRxF5gQ= =NkUp -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3846-1 security ( -at -) debian.org https://www.debian.org/security/ Sebastien Delafond May 09, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : libytnef CVE ID : CVE-2017-6298 CVE-2017-6299 CVE-2017-6300 CVE-2017-6301 CVE-2017-6302 CVE-2017-6303 CVE-2017-6304 CVE-2017-6305 CVE-2017-6306 CVE-2017-6800 CVE-2017-6801 CVE-2017-6802 Debian Bug : Several issues were discovered in libytnef, a library used to decode application/ms-tnef e-mail attachments. Multiple heap overflows, out-of-bound writes and reads, NULL pointer dereferences and infinite loops could be exploited by tricking a user into opening a maliciously crafted winmail.dat file. For the stable distribution (jessie), these problems have been fixed in version 1.5-6+deb8u1. For the upcoming stable (stretch) and unstable (sid) distributions, these problems have been fixed in version 1.9.2-1. We recommend that you upgrade your libytnef packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

MSI GeForce GTX 1060 GAMING X PLUS Review at Modders-Inc Display problems? View this newsletter in your browser. ( http://www.modders-inc.com/?email_id=336&user_id=837&urlpassed=W3ZpZXdfaW5fYnJvd3Nlcl9saW5rXQ%3D%3D&controller=stats&action=analyse&wysija-page=1&wysijap=subscriptions ) Modders-Inc.com We have a new review online and a post in your news would be greatly appreciated. MSI GeForce GTX 1060 GAMING X PLUS Review ( http://www.modders-inc.com/?email_id=336&user_id=837&urlpassed=aHR0cDovL3d3dy5tb2RkZXJzLWluYy5jb20vbXNpLWdlZm9yY2UtZ3R4LTEwNjAtZ2FtaW5nLXgtcGx1cy1yZXZpZXcv&controller=stats&action=analyse&wysija-page=1&wysijap=subscriptions ) In the GPU market the players are always moving, up[censored], and changing their products. This is a must in order to entice buyers to go out and purchase their products. Some of the updates are met with great success while others, not so much. Recently, Nvidia and it's partners released their updated versions of the GeForce GTX 1080 and GeForce … Read more. ( http://www.modders-inc.com/?email_id=336&user_id=837&urlpassed=aHR0cDovL3d3dy5tb2RkZXJzLWluYy5jb20vbXNpLWdlZm9yY2UtZ3R4LTEwNjAtZ2FtaW5nLXgtcGx1cy1yZXZpZXcv&controller=stats&action=analyse&wysija-page=1&wysijap=subscriptions )

** TECHSPOT ------------------------------------------------------------ ** Radeon RX 550 + Pentium G4560: The Ultimate eSports Combo? ------------------------------------------------------------ ** http://www.techspot.com/article/1394-affordable-esports-pc/ ------------------------------------------------------------ Currently at $80 the RX 550 is not the best value, but given the competitive landscape it's our hope that it'll soon be selling for as little as $60, a price at which it starts making sense, especially when you consider the potential in a $120 combo with the G4560 for an uber-affordable eSports build. That's precisely what we're doing here today. Thank you. Julio Franco Executive Editor | TECHSPOT (http://www.techspot.com) ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA

View this email in your browser (http://mailchi.mp/5f415c1374d2/bloody-m660p-gaming-headset-review?e=8138df6da5) ** Benchmark Reviews Presents: ------------------------------------------------------------ Bloody-M660P-Headset-Angled-With-Logo TITLE: Bloody M660P Gaming Headset Review (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=3ef9000f51&e=8138df6da5) QUOTE: Bloody gaming has released a new addition to their M660 series headsets, the M660P. The M660P has the same 40mm drivers and the same MO-CI (Mycelium of Carbon IT) dual diaphragm as it’s older brother, the M660 Chronometer. What the M660P brings to the table is an in-line microphone instead of a boom mic. Is this a good thing or a bad thing? That’s one of the things we’ll be testing in this article for Benchmark Reviews. LINK: http://benchmarkreviews.us10.list-manage1.com/track/click?u=9a2f239b17114c9008e3dfda9&id=7044e68554&e=8138df6da5 IMAGE: http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=ee69a1d61f&e=8138df6da5 ============================================================ ** (http://benchmarkreviews.us10.list-manage1.com/track/click?u=9a2f239b17114c9008e3dfda9&id=100e6427b8&e=8138df6da5) ** (http://benchmarkreviews.us10.list-manage1.com/track/click?u=9a2f239b17114c9008e3dfda9&id=705af9740b&e=8138df6da5) ** (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=92234c2456&e=8138df6da5)

AT-SPI 2.24.1 is now available for download at: http://download.gnome.org/sources/at-spi2-core/2.24/ http://download.gnome.org/sources/at-spi2-atk/2.24/ What is AT-SPI2 =============== AT-SPI2 is a D-Bus based accessibility framework. It defines a D-Bus protocol for providing and accessing application accessibility information. The project includes a library for bridging the D-Bus protocol to the ATK API, allowing Gtk based applications to be made accessible. It also contains a client (AT) side library in C and a wrapper for Python. What's changed in AT-SPI 2.24.1 =============== * [core/atk] fixes for atspi_table_cell_get_position. * [atk] fixed memory use after free when removing from the list of events that are being listened to (bgo#781658). * [atk] Fix use after free when an application returns an accessible with only one ref, such as in evolution (bgo#781716). Where can I get more information about AT-SPI2 ============================================== The project wiki is available at: http://www.a11y.org/d-bus How can I contribute to AT-SPI2? ================================ We need help testing with Gnome accessibility technologies, improving performance, and generally tying up loose ends. The above-referenced page contains a list of known issues that should be fixed. IRC : #a11y on Gimpnet E-Mail: accessibility-atspi ( -at -) lists.linux-foundation.org Development repositories can be found at: git://git.gnome.org/pyatspi2 git://git.gnome.org/at-spi2-core git://git.gnome.org/at-spi2-atk _______________________________________________

Hello LanOC Affiliates and newsletter subscribers, here is our newest posting. We would appreciate you spreading the word! LanOC Reviews has released a new article which you and your readers might enjoy. We would be grateful if you would please share it with them. *TITLE:* EVGA CLC 280 Water Cooling ( -at -) LanOC Reviews <https://lanoc.org/review/cooling/7523-evga-clc-280-water-cooling> *DESCRIPTION:* When it comes to water cooling EVGA isn’t exactly new to the scene. While they haven’t been making CPU AIO’s they have been using them with their Hybrid coolers for GPUs and their Hydro water cooled GPUs as well. They have also had heatsinks in the past as well. So it wasn’t a big stretch when they introduced their CLC line of coolers at CES this year. They showed off a big variety of coolers but at launch, they only had a 120mm design and a 280mm design and today I have the CLC 280 with a 280mm radiator in to check out. I’ve been testing it out on our video card testbench and today I’m going to talk a little about the cooler as well as how it performed so check it out. *ARTICLE URL:* https://lanoc.org/review/cooling/7523-evga-clc-280-water-cooling *LARGE IMAGE URL:* https://lanoc.org/images/reviews/2017/evga_clc_280/title.jpg *SMALL IMAGE URL:* https://lanoc.org/images/reviews/2017/evga_clc_280/email.jpg Thank you for your help Our content is syndicated by *RSS* 2.0 at: http://lanoc.org/review?fo rmat=feed&type=atom Check out our *YouTube* Channel: http://www.youtube.com/user/LanocReviews Follow us on *Twitter*: http://www.twitter.com/LanOC_Reviews Join our group on *Facebook*: http://www.facebook.com/LanOCReviews Join our *Steam* Group: http://steamcommunity.com/groups/lanoc *If this message has been sent to an incorrect address, or you no longer wish to receive our news, please email us back and let us know at reviews ( -at -) lanoc.org* ---------------------------------------- Wes Compton Editor-in-Chief LanOC Reviews http://lanoc.org ( -at -) LanOC_Reviews <http://twitter.com/#!/LanOC_Reviews> Google Plus <https://plus.google.com/u/1/b/111054267662763089650/> Our Facebook Page <http://www.facebook.com/LanOCReviews>

SUSE Security Update: Security update for samba ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1216-1 Rating: important References: #1027147 #1036283 Cross-References: CVE-2017-2619 Affected Products: SUSE OpenStack Cloud 5 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SP3-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for samba fixes the following issues: Security issue fixed: - CVE-2017-2619: symlink race permits opening files outside share directory (bsc#1027147). For SUSE Linux Enterprise 11 SP4 this is a re-issue of the update, a regression in the fix has been addressed (bsc#1036283, bso#12721). Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 5: zypper in -t patch sleclo50sp3-samba-13096=1 - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-samba-13096=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-samba-13096=1 - SUSE Linux Enterprise Server 11-SP3-LTSS: zypper in -t patch slessp3-samba-13096=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-samba-13096=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-samba-13096=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-samba-13096=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE OpenStack Cloud 5 (x86_64): ldapsmb-1.34b-90.1 libldb1-3.6.3-90.1 libsmbclient0-3.6.3-90.1 libsmbclient0-32bit-3.6.3-90.1 libtalloc2-3.6.3-90.1 libtalloc2-32bit-3.6.3-90.1 libtdb1-3.6.3-90.1 libtdb1-32bit-3.6.3-90.1 libtevent0-3.6.3-90.1 libtevent0-32bit-3.6.3-90.1 libwbclient0-3.6.3-90.1 libwbclient0-32bit-3.6.3-90.1 samba-3.6.3-90.1 samba-32bit-3.6.3-90.1 samba-client-3.6.3-90.1 samba-client-32bit-3.6.3-90.1 samba-krb-printing-3.6.3-90.1 samba-winbind-3.6.3-90.1 samba-winbind-32bit-3.6.3-90.1 - SUSE OpenStack Cloud 5 (noarch): samba-doc-3.6.3-90.1 - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): libldb-devel-3.6.3-90.1 libnetapi-devel-3.6.3-90.1 libnetapi0-3.6.3-90.1 libsmbclient-devel-3.6.3-90.1 libsmbsharemodes-devel-3.6.3-90.1 libsmbsharemodes0-3.6.3-90.1 libtalloc-devel-3.6.3-90.1 libtdb-devel-3.6.3-90.1 libtevent-devel-3.6.3-90.1 libwbclient-devel-3.6.3-90.1 samba-devel-3.6.3-90.1 samba-test-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64): ldapsmb-1.34b-90.1 libldb1-3.6.3-90.1 libsmbclient0-3.6.3-90.1 libtalloc2-3.6.3-90.1 libtdb1-3.6.3-90.1 libtevent0-3.6.3-90.1 libwbclient0-3.6.3-90.1 samba-3.6.3-90.1 samba-client-3.6.3-90.1 samba-krb-printing-3.6.3-90.1 samba-winbind-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP4 (ppc64 s390x x86_64): libsmbclient0-32bit-3.6.3-90.1 libtalloc2-32bit-3.6.3-90.1 libtdb1-32bit-3.6.3-90.1 libtevent0-32bit-3.6.3-90.1 libwbclient0-32bit-3.6.3-90.1 samba-32bit-3.6.3-90.1 samba-client-32bit-3.6.3-90.1 samba-winbind-32bit-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP4 (noarch): samba-doc-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP4 (ia64): libsmbclient0-x86-3.6.3-90.1 libtalloc2-x86-3.6.3-90.1 libtdb1-x86-3.6.3-90.1 libtevent0-x86-3.6.3-90.1 libwbclient0-x86-3.6.3-90.1 samba-client-x86-3.6.3-90.1 samba-winbind-x86-3.6.3-90.1 samba-x86-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (i586 s390x x86_64): ldapsmb-1.34b-90.1 libldb1-3.6.3-90.1 libsmbclient0-3.6.3-90.1 libtalloc2-3.6.3-90.1 libtdb1-3.6.3-90.1 libtevent0-3.6.3-90.1 libwbclient0-3.6.3-90.1 samba-3.6.3-90.1 samba-client-3.6.3-90.1 samba-krb-printing-3.6.3-90.1 samba-winbind-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (s390x x86_64): libsmbclient0-32bit-3.6.3-90.1 libtalloc2-32bit-3.6.3-90.1 libtdb1-32bit-3.6.3-90.1 libtevent0-32bit-3.6.3-90.1 libwbclient0-32bit-3.6.3-90.1 samba-32bit-3.6.3-90.1 samba-client-32bit-3.6.3-90.1 samba-winbind-32bit-3.6.3-90.1 - SUSE Linux Enterprise Server 11-SP3-LTSS (noarch): samba-doc-3.6.3-90.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (noarch): samba-doc-3.6.3-90.1 - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): ldapsmb-1.34b-90.1 libldb1-3.6.3-90.1 libsmbclient0-3.6.3-90.1 libtalloc2-3.6.3-90.1 libtdb1-3.6.3-90.1 libtevent0-3.6.3-90.1 libwbclient0-3.6.3-90.1 samba-3.6.3-90.1 samba-client-3.6.3-90.1 samba-krb-printing-3.6.3-90.1 samba-winbind-3.6.3-90.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): samba-debuginfo-3.6.3-90.1 samba-debugsource-3.6.3-90.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64 s390x x86_64): samba-debuginfo-32bit-3.6.3-90.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (ia64): samba-debuginfo-x86-3.6.3-90.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): samba-debuginfo-3.6.3-90.1 samba-debugsource-3.6.3-90.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (s390x): samba-debuginfo-32bit-3.6.3-90.1 References: https://www.suse.com/security/cve/CVE-2017-2619.html https://bugzilla.suse.com/1027147 https://bugzilla.suse.com/1036283 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1215-1 Rating: important References: #1012829 #1012876 #1028415 #1030213 #1031003 #1031052 #1031440 #1031579 #1032435 #1033336 #1033340 #1033518 #1034670 #930399 #970083 Cross-References: CVE-2016-10318 CVE-2017-2671 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7616 CVE-2017-7618 Affected Products: openSUSE Leap 42.1 ______________________________________________________________________________ An update that solves 8 vulnerabilities and has 7 fixes is now available. Description: The openSUSE Leap 42.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-7618: crypto/ahash.c in the Linux kernel allowed attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue (bnc#1033340). - CVE-2016-10318: A missing authorization check in the fscrypt_process_policy function in fs/crypto/policy.c in the ext4 and f2fs filesystem encryption support in the Linux kernel allowed a user to assign an encryption policy to a directory owned by a different user, potentially creating a denial of service (bnc#1032435). - CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336). - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579). - CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440). - CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052). - CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213). The following non-security bugs were fixed: - ata: ahci_xgene: free structure returned by acpi_get_object_info() (bsc#1033518). - doc/README.SUSE: update links to KMP manual - ext4: do not perform data journaling when data is encrypted (bsc#1012876). - ext4: fix use-after-iput when fscrypt contexts are inconsistent (bsc#1012829). - ext4: mark inode dirty after converting inline directory (bsc#1012876). - ext4: reject inodes with negative size (bsc#1012876). - fs, seqfile: always allow oom killer (bsc#1012876). - ipv6: make ECMP route replacement less greedy (bsc#930399). - l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6 (bsc#1028415). - mm: filemap: do not plant shadow entries without radix tree node (bsc#1012876). - netfilter: allow logging from non-init namespaces (bsc#970083). - nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670 CVE#2017-7645). - nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670 CVE#2017-7645). - nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670 CVE#2017-7645). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-562=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.1 (i686 x86_64): kernel-debug-4.1.39-56.1 kernel-debug-base-4.1.39-56.1 kernel-debug-base-debuginfo-4.1.39-56.1 kernel-debug-debuginfo-4.1.39-56.1 kernel-debug-debugsource-4.1.39-56.1 kernel-debug-devel-4.1.39-56.1 kernel-debug-devel-debuginfo-4.1.39-56.1 kernel-ec2-4.1.39-56.1 kernel-ec2-base-4.1.39-56.1 kernel-ec2-base-debuginfo-4.1.39-56.1 kernel-ec2-debuginfo-4.1.39-56.1 kernel-ec2-debugsource-4.1.39-56.1 kernel-ec2-devel-4.1.39-56.1 kernel-pv-4.1.39-56.1 kernel-pv-base-4.1.39-56.1 kernel-pv-base-debuginfo-4.1.39-56.1 kernel-pv-debuginfo-4.1.39-56.1 kernel-pv-debugsource-4.1.39-56.1 kernel-pv-devel-4.1.39-56.1 kernel-vanilla-4.1.39-56.1 kernel-vanilla-debuginfo-4.1.39-56.1 kernel-vanilla-debugsource-4.1.39-56.1 kernel-vanilla-devel-4.1.39-56.1 kernel-xen-4.1.39-56.1 kernel-xen-base-4.1.39-56.1 kernel-xen-base-debuginfo-4.1.39-56.1 kernel-xen-debuginfo-4.1.39-56.1 kernel-xen-debugsource-4.1.39-56.1 kernel-xen-devel-4.1.39-56.1 - openSUSE Leap 42.1 (i586 x86_64): kernel-default-4.1.39-56.1 kernel-default-base-4.1.39-56.1 kernel-default-base-debuginfo-4.1.39-56.1 kernel-default-debuginfo-4.1.39-56.1 kernel-default-debugsource-4.1.39-56.1 kernel-default-devel-4.1.39-56.1 kernel-obs-build-4.1.39-56.3 kernel-obs-build-debugsource-4.1.39-56.3 kernel-obs-qa-4.1.39-56.1 kernel-syms-4.1.39-56.1 - openSUSE Leap 42.1 (noarch): kernel-devel-4.1.39-56.1 kernel-docs-4.1.39-56.2 kernel-docs-html-4.1.39-56.2 kernel-docs-pdf-4.1.39-56.2 kernel-macros-4.1.39-56.1 kernel-source-4.1.39-56.1 kernel-source-vanilla-4.1.39-56.1 - openSUSE Leap 42.1 (i686): kernel-pae-4.1.39-56.1 kernel-pae-base-4.1.39-56.1 kernel-pae-base-debuginfo-4.1.39-56.1 kernel-pae-debuginfo-4.1.39-56.1 kernel-pae-debugsource-4.1.39-56.1 kernel-pae-devel-4.1.39-56.1 References: https://www.suse.com/security/cve/CVE-2016-10318.html https://www.suse.com/security/cve/CVE-2017-2671.html https://www.suse.com/security/cve/CVE-2017-7187.html https://www.suse.com/security/cve/CVE-2017-7261.html https://www.suse.com/security/cve/CVE-2017-7294.html https://www.suse.com/security/cve/CVE-2017-7308.html https://www.suse.com/security/cve/CVE-2017-7616.html https://www.suse.com/security/cve/CVE-2017-7618.html https://bugzilla.suse.com/1012829 https://bugzilla.suse.com/1012876 https://bugzilla.suse.com/1028415 https://bugzilla.suse.com/1030213 https://bugzilla.suse.com/1031003 https://bugzilla.suse.com/1031052 https://bugzilla.suse.com/1031440 https://bugzilla.suse.com/1031579 https://bugzilla.suse.com/1032435 https://bugzilla.suse.com/1033336 https://bugzilla.suse.com/1033340 https://bugzilla.suse.com/1033518 https://bugzilla.suse.com/1034670 https://bugzilla.suse.com/930399 https://bugzilla.suse.com/970083 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: Zotac GeForce GTX 1080 Ti AMP! Extreme 11 GB Link: https://www.techpowerup.com/reviews/Zotac/GeForce_GTX_1080_Ti_Amp_Extreme Brief: The AMP! Extreme is ZOTAC's flagship GTX 1080 Ti. It comes with a large GPU overclock out of the box; the GDDR5X memory is overclocked, too. Thanks to its large triple-slot, triple-fan thermal solution, temperatures are excellent and the 16-phase VRM is impressive as well.

openSUSE Security Update: Security update for ghostscript ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1203-1 Rating: important References: #1018128 #1030263 #1032114 #1032120 #1036453 Cross-References: CVE-2016-10220 CVE-2016-9601 CVE-2017-5951 CVE-2017-7207 CVE-2017-8291 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes 5 vulnerabilities is now available. Description: This update for ghostscript fixes the following security vulnerabilities: CVE-2017-8291: A remote command execution and a -dSAFER bypass via a crafted .eps document were exploited in the wild. (bsc#1036453) CVE-2016-9601: An integer overflow in the bundled jbig2dec library could have been misused to cause a Denial-of-Service. (bsc#1018128) CVE-2016-10220: A NULL pointer dereference in the PDF Transparency module allowed remote attackers to cause a Denial-of-Service. (bsc#1032120) CVE-2017-5951: A NULL pointer dereference allowed remote attackers to cause a denial of service via a crafted PostScript document. (bsc#1032114) CVE-2017-7207: A NULL pointer dereference allowed remote attackers to cause a denial of service via a crafted PostScript document. (bsc#1030263) This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-558=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-558=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): ghostscript-9.15-11.3.1 ghostscript-debuginfo-9.15-11.3.1 ghostscript-debugsource-9.15-11.3.1 ghostscript-devel-9.15-11.3.1 ghostscript-mini-9.15-11.3.1 ghostscript-mini-debuginfo-9.15-11.3.1 ghostscript-mini-debugsource-9.15-11.3.1 ghostscript-mini-devel-9.15-11.3.1 ghostscript-x11-9.15-11.3.1 ghostscript-x11-debuginfo-9.15-11.3.1 - openSUSE Leap 42.1 (i586 x86_64): ghostscript-9.15-17.1 ghostscript-debuginfo-9.15-17.1 ghostscript-debugsource-9.15-17.1 ghostscript-devel-9.15-17.1 ghostscript-mini-9.15-17.1 ghostscript-mini-debuginfo-9.15-17.1 ghostscript-mini-debugsource-9.15-17.1 ghostscript-mini-devel-9.15-17.1 ghostscript-x11-9.15-17.1 ghostscript-x11-debuginfo-9.15-17.1 References: https://www.suse.com/security/cve/CVE-2016-10220.html https://www.suse.com/security/cve/CVE-2016-9601.html https://www.suse.com/security/cve/CVE-2017-5951.html https://www.suse.com/security/cve/CVE-2017-7207.html https://www.suse.com/security/cve/CVE-2017-8291.html https://bugzilla.suse.com/1018128 https://bugzilla.suse.com/1030263 https://bugzilla.suse.com/1032114 https://bugzilla.suse.com/1032120 https://bugzilla.suse.com/1036453 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

openSUSE Security Update: Security update for mysql-community-server ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:1209-1 Rating: important References: #1020976 #1022428 #1029014 #1029396 #1034850 #889126 Cross-References: CVE-2016-5483 CVE-2017-3302 CVE-2017-3305 CVE-2017-3308 CVE-2017-3309 CVE-2017-3329 CVE-2017-3450 CVE-2017-3452 CVE-2017-3453 CVE-2017-3456 CVE-2017-3461 CVE-2017-3462 CVE-2017-3463 CVE-2017-3464 CVE-2017-3599 CVE-2017-3600 Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 ______________________________________________________________________________ An update that fixes 16 vulnerabilities is now available. Description: This update for mysql-community-server to version 5.6.36 fixes the following issues: These security issues were fixed: - CVE-2016-5483: Mysqldump failed to properly quote certain identifiers in SQL statements written to the dump output, allowing for execution of arbitrary commands (bsc#1029014) - CVE-2017-3305: MySQL client sent authentication request unencrypted even if SSL was required (aka Ridddle) (bsc#1029396). - CVE-2017-3308: Unspecified vulnerability in Server: DML (boo#1034850) - CVE-2017-3309: Unspecified vulnerability in Server: Optimizer (boo#1034850) - CVE-2017-3329: Unspecified vulnerability in Server: Thread (boo#1034850) - CVE-2017-3453: Unspecified vulnerability in Server: Optimizer (boo#1034850) - CVE-2017-3456: Unspecified vulnerability in Server: DML (boo#1034850) - CVE-2017-3461: Unspecified vulnerability in Server: Security (boo#1034850) - CVE-2017-3462: Unspecified vulnerability in Server: Security (boo#1034850) - CVE-2017-3463: Unspecified vulnerability in Server: Security (boo#1034850) - CVE-2017-3464: Unspecified vulnerability in Server: DDL (boo#1034850) - CVE-2017-3302: Crash in libmysqlclient.so (bsc#1022428). - CVE-2017-3450: Unspecified vulnerability Server: Memcached - CVE-2017-3452: Unspecified vulnerability Server: Optimizer - CVE-2017-3599: Unspecified vulnerability Server: Pluggable Auth - CVE-2017-3600: Unspecified vulnerability in Client: mysqldump (boo#1034850) - '--ssl-mode=REQUIRED' can be specified to require a secure connection (it fails if a secure connection cannot be obtained) These non-security issues were fixed: - Set the default umask to 077 in mysql-systemd-helper (boo#1020976) - Change permissions of the configuration dir/files to 755/644. Please note that storing the password in the /etc/my.cnf file is not safe. Use for example an option file that is accessible only by yourself (boo#889126) For more information please see http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-36.html Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-555=1 - openSUSE Leap 42.1: zypper in -t patch openSUSE-2017-555=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (i586 x86_64): libmysql56client18-5.6.36-24.3.3 libmysql56client18-debuginfo-5.6.36-24.3.3 libmysql56client_r18-5.6.36-24.3.3 mysql-community-server-5.6.36-24.3.3 mysql-community-server-bench-5.6.36-24.3.3 mysql-community-server-bench-debuginfo-5.6.36-24.3.3 mysql-community-server-client-5.6.36-24.3.3 mysql-community-server-client-debuginfo-5.6.36-24.3.3 mysql-community-server-debuginfo-5.6.36-24.3.3 mysql-community-server-debugsource-5.6.36-24.3.3 mysql-community-server-errormessages-5.6.36-24.3.3 mysql-community-server-test-5.6.36-24.3.3 mysql-community-server-test-debuginfo-5.6.36-24.3.3 mysql-community-server-tools-5.6.36-24.3.3 mysql-community-server-tools-debuginfo-5.6.36-24.3.3 - openSUSE Leap 42.2 (x86_64): libmysql56client18-32bit-5.6.36-24.3.3 libmysql56client18-debuginfo-32bit-5.6.36-24.3.3 libmysql56client_r18-32bit-5.6.36-24.3.3 - openSUSE Leap 42.1 (i586 x86_64): libmysql56client18-5.6.36-25.3 libmysql56client18-debuginfo-5.6.36-25.3 libmysql56client_r18-5.6.36-25.3 mysql-community-server-5.6.36-25.3 mysql-community-server-bench-5.6.36-25.3 mysql-community-server-bench-debuginfo-5.6.36-25.3 mysql-community-server-client-5.6.36-25.3 mysql-community-server-client-debuginfo-5.6.36-25.3 mysql-community-server-debuginfo-5.6.36-25.3 mysql-community-server-debugsource-5.6.36-25.3 mysql-community-server-errormessages-5.6.36-25.3 mysql-community-server-test-5.6.36-25.3 mysql-community-server-test-debuginfo-5.6.36-25.3 mysql-community-server-tools-5.6.36-25.3 mysql-community-server-tools-debuginfo-5.6.36-25.3 - openSUSE Leap 42.1 (x86_64): libmysql56client18-32bit-5.6.36-25.3 libmysql56client18-debuginfo-32bit-5.6.36-25.3 libmysql56client_r18-32bit-5.6.36-25.3 References: https://www.suse.com/security/cve/CVE-2016-5483.html https://www.suse.com/security/cve/CVE-2017-3302.html https://www.suse.com/security/cve/CVE-2017-3305.html https://www.suse.com/security/cve/CVE-2017-3308.html https://www.suse.com/security/cve/CVE-2017-3309.html https://www.suse.com/security/cve/CVE-2017-3329.html https://www.suse.com/security/cve/CVE-2017-3450.html https://www.suse.com/security/cve/CVE-2017-3452.html https://www.suse.com/security/cve/CVE-2017-3453.html https://www.suse.com/security/cve/CVE-2017-3456.html https://www.suse.com/security/cve/CVE-2017-3461.html https://www.suse.com/security/cve/CVE-2017-3462.html https://www.suse.com/security/cve/CVE-2017-3463.html https://www.suse.com/security/cve/CVE-2017-3464.html https://www.suse.com/security/cve/CVE-2017-3599.html https://www.suse.com/security/cve/CVE-2017-3600.html https://bugzilla.suse.com/1020976 https://bugzilla.suse.com/1022428 https://bugzilla.suse.com/1029014 https://bugzilla.suse.com/1029396 https://bugzilla.suse.com/1034850 https://bugzilla.suse.com/889126 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org