Jump to content
Compatible Support Forums

news

Members
 View Profile  See their activity

  • Content count

    80899

  • Joined

  • Last visited

    Never

  • Days Won

    18

Everything posted by news

  1. news
    <http://www.eteknix.com> MSI GT73VR Titan GTX 1070 SLI Gaming Laptop Review Getting massive amounts of performance from a desktop system is easy, you just buy the big graphics cards, the big power supply, big coolers, and plug it all in. Trying to get massive amounts of power in a laptop form factor, however, is not so easy. The latest system from MSI is designed for those who need something that's just as powerful as an enthusiast grade desktop system but has just enough portability to be mobile. While at its heart this is setup in a way to be a powerful gaming system, it's configuration means it'll power through workstation tasks, rendering, even scientific applications if you really need to. Of course, all this performance doesn't come cheap, and you won't be getting much change from £3000, but do you get good value for money? Let's take a look! URL - http://www.eteknix.com/msi-gt73vr-titan-gtx-1070-sli-gaming-laptop-review/ --
  2. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-firefox (SSA:2017-112-01) New mozilla-firefox packages are available for Slackware 14.1 to fix security and stability issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/mozilla-firefox-45.9.0esr-i486-1_slack14.1.txz: Upgraded. This release contains security fixes and improvements. Also, switching back to the 45.x ESR branch due to instabilty of the 52.x ESR branch on Slackware 14.1. For more information, see: https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/mozilla-firefox-45.9.0esr-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/mozilla-firefox-45.9.0esr-x86_64-1_slack14.1.txz MD5 signatures: +-------------+ Slackware 14.1 package: bb6fa12ed1db62a4f955bbdd9379d75b mozilla-firefox-45.9.0esr-i486-1_slack14.1.txz Slackware x86_64 14.1 package: f143db31cf3401d7642da613ae2969bf mozilla-firefox-45.9.0esr-x86_64-1_slack14.1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mozilla-firefox-45.9.0esr-i486-1_slack14.1.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+
  3. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ntp (SSA:2017-112-02) New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8p10-i586-1_slack14.2.txz: Upgraded. In addition to bug fixes and enhancements, this release fixes security issues of medium and low severity: Denial of Service via Malformed Config (Medium) Authenticated DoS via Malicious Config Option (Medium) Potential Overflows in ctl_put() functions (Medium) Buffer Overflow in ntpq when fetching reslist from a malicious ntpd (Medium) 0rigin DoS (Medium) Buffer Overflow in DPTS Clock (Low) Improper use of snprintf() in mx4200_send() (Low) The following issues do not apply to Linux systems: Privileged execution of User Library code (WINDOWS PPSAPI ONLY) (Low) Stack Buffer Overflow from Command Line (WINDOWS installer ONLY) (Low) Data Structure terminated insufficiently (WINDOWS installer ONLY) (Low) For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6464 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6463 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6460 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9042 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6462 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6451 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6455 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6452 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6459 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p10-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p10-x86_64-1_slack13.0.txz Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p10-i486-1_slack13.1.txz Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p10-x86_64-1_slack13.1.txz Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p10-i486-1_slack13.37.txz Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p10-x86_64-1_slack13.37.txz Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p10-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p10-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p10-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p10-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/ntp-4.2.8p10-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/ntp-4.2.8p10-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p10-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p10-x86_64-1.txz MD5 signatures: +-------------+ Slackware 13.0 package: e3e18355dbb881f31030c325d396691f ntp-4.2.8p10-i486-1_slack13.0.txz Slackware x86_64 13.0 package: 7ca81f398c6f3fc306cf5e0ce4821ff7 ntp-4.2.8p10-x86_64-1_slack13.0.txz Slackware 13.1 package: bb14e63e0ea28856fb14816848fad378 ntp-4.2.8p10-i486-1_slack13.1.txz Slackware x86_64 13.1 package: 77bee4e0b7d7bae54c431210ba7b20f8 ntp-4.2.8p10-x86_64-1_slack13.1.txz Slackware 13.37 package: 4424d362ec1dcb75d35560cc25f291b8 ntp-4.2.8p10-i486-1_slack13.37.txz Slackware x86_64 13.37 package: 94bea621e2bad59b80553a9516c4ddb6 ntp-4.2.8p10-x86_64-1_slack13.37.txz Slackware 14.0 package: b9edb40c9e94a8248b57f96a0f7d0f49 ntp-4.2.8p10-i486-1_slack14.0.txz Slackware x86_64 14.0 package: d8a52549c46ca33833f68d7b063ab1f2 ntp-4.2.8p10-x86_64-1_slack14.0.txz Slackware 14.1 package: b36dd3b339aff2718dbd541a9f44b0a4 ntp-4.2.8p10-i486-1_slack14.1.txz Slackware x86_64 14.1 package: b55bc11c2aa8d0378005af5dbb105119 ntp-4.2.8p10-x86_64-1_slack14.1.txz Slackware 14.2 package: 1e625a8f4732aa776992210eaac05f04 ntp-4.2.8p10-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 22f25f35765d0cb3ece21e5db79091cd ntp-4.2.8p10-x86_64-1_slack14.2.txz Slackware -current package: 78de6454532d6c7d52242eadab528d64 n/ntp-4.2.8p10-i586-1.txz Slackware x86_64 -current package: 0522a4270909826999d07567e9a9de56 n/ntp-4.2.8p10-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg ntp-4.2.8p10-i586-1_slack14.2.txz Then, restart the NTP daemon: # sh /etc/rc.d/rc.ntpd restart NOTE: On Slackware -current, first install the new etc package, and then be sure to move the .new config files and rc.ntpd script into place before restarting! +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+
  4. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] proftpd (SSA:2017-112-03) New proftpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/proftpd-1.3.5e-i586-1_slack14.2.txz: Upgraded. This release fixes a security issue: AllowChrootSymlinks off does not check entire DefaultRoot path for symlinks. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7418 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/proftpd-1.3.5e-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/proftpd-1.3.5e-x86_64-1_slack13.0.txz Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/proftpd-1.3.5e-i486-1_slack13.1.txz Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/proftpd-1.3.5e-x86_64-1_slack13.1.txz Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/proftpd-1.3.5e-i486-1_slack13.37.txz Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/proftpd-1.3.5e-x86_64-1_slack13.37.txz Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/proftpd-1.3.5e-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/proftpd-1.3.5e-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/proftpd-1.3.5e-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/proftpd-1.3.5e-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/proftpd-1.3.5e-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/proftpd-1.3.5e-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/proftpd-1.3.6-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/proftpd-1.3.6-x86_64-1.txz MD5 signatures: +-------------+ Slackware 13.0 package: 29fac5225474d7067f752356e3da5a19 proftpd-1.3.5e-i486-1_slack13.0.txz Slackware x86_64 13.0 package: 2b2c93e021670a9d03344ddfa28c8f72 proftpd-1.3.5e-x86_64-1_slack13.0.txz Slackware 13.1 package: ad63b548c174417ff0783c1206557049 proftpd-1.3.5e-i486-1_slack13.1.txz Slackware x86_64 13.1 package: 8e96161f5a60b7f4b12a4d05fc66b108 proftpd-1.3.5e-x86_64-1_slack13.1.txz Slackware 13.37 package: ee0a7aee737cd3b348c75c3a4be4480f proftpd-1.3.5e-i486-1_slack13.37.txz Slackware x86_64 13.37 package: b02e14a5d3f0fd2ecbac46926b7b7af2 proftpd-1.3.5e-x86_64-1_slack13.37.txz Slackware 14.0 package: 3f7c345f620b44324dc587357403c062 proftpd-1.3.5e-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 7631ac1d122b0f0cb2e7fad424851e19 proftpd-1.3.5e-x86_64-1_slack14.0.txz Slackware 14.1 package: 7608c56fe55109efbea7e99f8dcbef52 proftpd-1.3.5e-i486-1_slack14.1.txz Slackware x86_64 14.1 package: ce1c02de624381d2b9811d78cb54edf8 proftpd-1.3.5e-x86_64-1_slack14.1.txz Slackware 14.2 package: 457000b30dd692332ec9ab122743f769 proftpd-1.3.5e-i586-1_slack14.2.txz Slackware x86_64 14.2 package: bbd36fe6b194c63e1d9e6a8393704586 proftpd-1.3.5e-x86_64-1_slack14.2.txz Slackware -current package: 0399494a18f2ecfbfe81a0e301ed4064 n/proftpd-1.3.6-i586-1.txz Slackware x86_64 -current package: bbfafeb1b6ed34f1c610715405923e5f n/proftpd-1.3.6-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg proftpd-1.3.5e-i586-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security ( -at -) slackware.com +------------------------------------------------------------------------+
  5. news
    Dear Editors, we just posted a new article which might be interesting to your readers. A post in your news section would be appreciated. Title: MSI GTX 1080 Gaming X Plus 11 Gbps 8 GB Link: https://www.techpowerup.com/reviews/MSI/GTX_1080_Gaming_X_Plus_11_Gbps Brief: The MSI GTX 1080 Gaming X Plus is built around the updated GTX 1080 that NVIDIA announced recently. It comes with faster 11 Gbps memory chips and a decent GPU overclock, which results in a significant performance improvement. The cooler is also extremely quiet and runs very cool.
  6. news
    -------- SEASONIC PRIME TITANIUM 850W POWER SUPPLY REVIEW ( -at -) APH NETWORKS ----- Hello everyone! APH Networks has published a new review that your readers might enjoy. A post in your site's news section would be greatly appreciated! Don't forget to send your site news to us. As we promise to post your news articles on APH Networks periodically, we would certainly appreciate it if you do the same as well. Thank you for your support in advance! * Title: Seasonic PRIME Titanium 850W Power Supply Review ( -at -) APH Networks * Description: The Seasonic PRIME Titanium 850W is the company's flagship PSU -- and rightly so. * Link: http://aphnetworks.com/reports/seasonic-prime-titanium-850w * Image: http://aphnetworks.com/report/seasonic-prime-titanium-850w/004.JPG Best Regards, Jonathan Kwan Editor-in-Chief APH Networks Inc. http://aphnetworks.com -- Unsubscribe from this newsletter: http://aphnetworks.com/newsletter/confirm/remove/c77c84bd425t5
  7. news
    ** TECHSPOT ------------------------------------------------------------ ** 5 Days of Awesome Wallpapers: Tech Brands and Fanboyism ------------------------------------------------------------ ** http://www.techspot.com/article/1372-tech-brands-wallpapers/ ------------------------------------------------------------ A great background can start your day off on a good mood. Whether you are into beautiful landscapes, minimalism, abstract illustrations, or eye-catching designs and patterns, with the kind of hours we spend looking at our computer and smartphone screens, why not make them a little prettier? Thank you. Julio Franco Executive Editor | TECHSPOT (http://www.techspot.com) ( -at -) juliofranco ----------------------------------- ============================================================ Our mailing address is: TechSpot 8237 NW 68 St Miami, FL 33166 USA
  8. news
    <http://www.eteknix.com> PNY GTX 1070 XLR8 OC Gaming 8GB Graphics Card Review Not all graphics cards are created equally, such as this GeForce GTX 1070 from PNY. It takes the stock card and makes it even faster than before. PNY is well-known for their premium quality aftermarket graphics cards, and the XLR8 OC Gaming delivers faster clock speeds, a powerful cooling solution, a slick design, and hopefully fantastic performance too. URL - http://www.eteknix.com/pny-gtx-1070-xlr8-oc-gaming-8gb-graphics-card-review/ --
  9. news
    A news post would be great. OCC has published a review on the XFX RX 460 4GB Slim Single Here is a quote from the review: Quote: â€ÂThe XFX RX 460 4GB Slim Single is a purpose built video card to fill a very specific market. One that needs a slim single slot cooler equipped video card. That being said, it also fits the bill when you just need a fully capable discrete GPU and don't want to spend an arm and a leg to get top tier performance. As a single slot solution, the cooling performance of this card's cooler is effective enough that the temperature never peaks over 70 °C. The cooler is efficient enough that even bumping the clock speeds and fan speed up when overclocked keeps the silicon under 70 °C. A pretty impressive feat for such a small, single slot cooling solution. Some of that speaks to the efficiency of the design of the card. To put that in perspective, XFX makes a version of the RX 460 that is passively cooled. Again, pretty solid for the third tier in the RX series.†Title: XFX RX 460 4GB Slim Single Review Link: http://www.overclockersclub.com/reviews/xfx_rx_460_4gb_slim_single/ Img: http://www.overclockersclub.com/siteimages/articles/xfx_rx_460_4gb_slim_single/7_thumb.jpg
  10. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2017:1106-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1106 Issue date: 2017-04-20 CVE Names: CVE-2017-5429 CVE-2017-5430 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5449 CVE-2017-5451 CVE-2017-5454 CVE-2017-5455 CVE-2017-5456 CVE-2017-5459 CVE-2017-5460 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466 CVE-2017-5467 CVE-2017-5469 ===================================================================== 1. Summary: An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.1.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-5429, CVE-2017-5430, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5449, CVE-2017-5451, CVE-2017-5454, CVE-2017-5455, CVE-2017-5456, CVE-2017-5459, CVE-2017-5460, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467, CVE-2017-5469) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Mozilla developers and community, Nils, Holger Fuhrmannek, Atte Kettunen, Takeshi Terada, Huzaifa Sidhpurwala, Nicolas Grégoire, Chamal De Silva, Chun Han Hsiao, Ivan Fratric of Google Project Zero, Anonymous working with Trend Micro's Zero Day Initiative, Haik Aftandilian, Paul Theriault, Julian Hector, Petr Cerny, Jordi Chancel, and Heather Miller of Google Skia team as the original reporters. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Firefox must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443297 - CVE-2017-5456 Mozilla: Sandbox escape allowing local file system read access (MFSA 2017-12) 1443298 - CVE-2017-5442 Mozilla: Use-after-free during style changes (MFSA 2017-11, MFSA 2017-12) 1443299 - CVE-2017-5443 Mozilla: Out-of-bounds write during BinHex decoding (MFSA 2017-11, MFSA 2017-12) 1443301 - CVE-2017-5429 Mozilla: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 (MFSA 2017-11, MFSA 2017-12) 1443303 - CVE-2017-5464 Mozilla: Memory corruption with accessibility and DOM manipulation (MFSA 2017-11, MFSA 2017-12) 1443304 - CVE-2017-5465 Mozilla: Out-of-bounds read in ConvolvePixel (MFSA 2017-11, MFSA 2017-12) 1443305 - CVE-2017-5466 Mozilla: Origin confusion when reloading isolated data:text/html URL (MFSA 2017-12) 1443307 - CVE-2017-5467 Mozilla: Memory corruption when drawing Skia content (MFSA 2017-12) 1443308 - CVE-2017-5460 Mozilla: Use-after-free in frame selection (MFSA 2017-11, MFSA 2017-12) 1443310 - CVE-2017-5448 Mozilla: Out-of-bounds write in ClearKeyDecryptor (MFSA 2017-11, MFSA 2017-12) 1443311 - CVE-2017-5449 Mozilla: Crash during bidirectional unicode manipulation with animation (MFSA 2017-11, MFSA 2017-12) 1443312 - CVE-2017-5446 Mozilla: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data (MFSA 2017-11, MFSA 2017-12) 1443313 - CVE-2017-5447 Mozilla: Out-of-bounds read during glyph processing (MFSA 2017-11, MFSA 2017-12) 1443314 - CVE-2017-5444 Mozilla: Buffer overflow while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12) 1443315 - CVE-2017-5445 Mozilla: Uninitialized values used while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12) 1443317 - CVE-2017-5469 Mozilla: Potential Buffer overflow in flex-generated code (MFSA 2017-11, MFSA 2017-12) 1443322 - CVE-2017-5440 Mozilla: Use-after-free in txExecutionState destructor during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443323 - CVE-2017-5441 Mozilla: Use-after-free with selection during scroll events (MFSA 2017-11, MFSA 2017-12) 1443324 - CVE-2017-5439 Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443325 - CVE-2017-5438 Mozilla: Use-after-free in nsAutoPtr during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443326 - CVE-2017-5437 Mozilla: Vulnerabilities in libevent library (MFSA 2017-11, MFSA 2017-12) 1443327 - CVE-2017-5436 Mozilla: Out-of-bounds write with malicious font in Graphite 2 (MFSA 2017-11, MFSA 2017-12) 1443328 - CVE-2017-5435 Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12) 1443329 - CVE-2017-5434 Mozilla: Use-after-free during focus handling (MFSA 2017-11, MFSA 2017-12) 1443330 - CVE-2017-5433 Mozilla: Use-after-free in SMIL animation functions (MFSA 2017-11, MFSA 2017-12) 1443331 - CVE-2017-5430 Mozilla: Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1 (MFSA 2017-12) 1443332 - CVE-2017-5432 Mozilla: Use-after-free in text input selection (MFSA 2017-11, MFSA 2017-12) 1443333 - CVE-2017-5459 Mozilla: Buffer overflow in WebGL (MFSA 2017-11, MFSA 2017-12) 1443334 - CVE-2017-5455 Mozilla: Sandbox escape through internal feed reader APIs (MFSA 2017-12) 1443338 - CVE-2017-5454 Mozilla: Sandbox escape allowing file system read access through file picker (MFSA 2017-12) 1443340 - CVE-2017-5451 Mozilla: Addressbar spoofing with onblur event (MFSA 2017-12) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: firefox-52.1.0-2.el7_3.src.rpm x86_64: firefox-52.1.0-2.el7_3.x86_64.rpm firefox-debuginfo-52.1.0-2.el7_3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: firefox-52.1.0-2.el7_3.i686.rpm firefox-debuginfo-52.1.0-2.el7_3.i686.rpm Red Hat Enterprise Linux Server (v. 7): Source: firefox-52.1.0-2.el7_3.src.rpm aarch64: firefox-52.1.0-2.el7_3.aarch64.rpm firefox-debuginfo-52.1.0-2.el7_3.aarch64.rpm ppc64: firefox-52.1.0-2.el7_3.ppc64.rpm firefox-debuginfo-52.1.0-2.el7_3.ppc64.rpm ppc64le: firefox-52.1.0-2.el7_3.ppc64le.rpm firefox-debuginfo-52.1.0-2.el7_3.ppc64le.rpm s390x: firefox-52.1.0-2.el7_3.s390x.rpm firefox-debuginfo-52.1.0-2.el7_3.s390x.rpm x86_64: firefox-52.1.0-2.el7_3.x86_64.rpm firefox-debuginfo-52.1.0-2.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: firefox-52.1.0-2.el7_3.ppc.rpm firefox-debuginfo-52.1.0-2.el7_3.ppc.rpm s390x: firefox-52.1.0-2.el7_3.s390.rpm firefox-debuginfo-52.1.0-2.el7_3.s390.rpm x86_64: firefox-52.1.0-2.el7_3.i686.rpm firefox-debuginfo-52.1.0-2.el7_3.i686.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: firefox-52.1.0-2.el7_3.src.rpm x86_64: firefox-52.1.0-2.el7_3.x86_64.rpm firefox-debuginfo-52.1.0-2.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: firefox-52.1.0-2.el7_3.i686.rpm firefox-debuginfo-52.1.0-2.el7_3.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5429 https://access.redhat.com/security/cve/CVE-2017-5430 https://access.redhat.com/security/cve/CVE-2017-5432 https://access.redhat.com/security/cve/CVE-2017-5433 https://access.redhat.com/security/cve/CVE-2017-5434 https://access.redhat.com/security/cve/CVE-2017-5435 https://access.redhat.com/security/cve/CVE-2017-5436 https://access.redhat.com/security/cve/CVE-2017-5437 https://access.redhat.com/security/cve/CVE-2017-5438 https://access.redhat.com/security/cve/CVE-2017-5439 https://access.redhat.com/security/cve/CVE-2017-5440 https://access.redhat.com/security/cve/CVE-2017-5441 https://access.redhat.com/security/cve/CVE-2017-5442 https://access.redhat.com/security/cve/CVE-2017-5443 https://access.redhat.com/security/cve/CVE-2017-5444 https://access.redhat.com/security/cve/CVE-2017-5445 https://access.redhat.com/security/cve/CVE-2017-5446 https://access.redhat.com/security/cve/CVE-2017-5447 https://access.redhat.com/security/cve/CVE-2017-5448 https://access.redhat.com/security/cve/CVE-2017-5449 https://access.redhat.com/security/cve/CVE-2017-5451 https://access.redhat.com/security/cve/CVE-2017-5454 https://access.redhat.com/security/cve/CVE-2017-5455 https://access.redhat.com/security/cve/CVE-2017-5456 https://access.redhat.com/security/cve/CVE-2017-5459 https://access.redhat.com/security/cve/CVE-2017-5460 https://access.redhat.com/security/cve/CVE-2017-5464 https://access.redhat.com/security/cve/CVE-2017-5465 https://access.redhat.com/security/cve/CVE-2017-5466 https://access.redhat.com/security/cve/CVE-2017-5467 https://access.redhat.com/security/cve/CVE-2017-5469 https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/en-US/security/advisories/mfsa2017-12 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+WcbXlSAg2UNWIIRAthYAKDBrBSwj53qYji+d/+f2k2WwO393wCgt/9B VVVuCEuJrVflHvdZuRMCSfc= =dJ7A -----END PGP SIGNATURE----- --
  11. news
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2017:1106-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:1106 Issue date: 2017-04-20 CVE Names: CVE-2017-5429 CVE-2017-5430 CVE-2017-5432 CVE-2017-5433 CVE-2017-5434 CVE-2017-5435 CVE-2017-5436 CVE-2017-5437 CVE-2017-5438 CVE-2017-5439 CVE-2017-5440 CVE-2017-5441 CVE-2017-5442 CVE-2017-5443 CVE-2017-5444 CVE-2017-5445 CVE-2017-5446 CVE-2017-5447 CVE-2017-5448 CVE-2017-5449 CVE-2017-5451 CVE-2017-5454 CVE-2017-5455 CVE-2017-5456 CVE-2017-5459 CVE-2017-5460 CVE-2017-5464 CVE-2017-5465 CVE-2017-5466 CVE-2017-5467 CVE-2017-5469 ===================================================================== 1. Summary: An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.1.0 ESR. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2017-5429, CVE-2017-5430, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5449, CVE-2017-5451, CVE-2017-5454, CVE-2017-5455, CVE-2017-5456, CVE-2017-5459, CVE-2017-5460, CVE-2017-5464, CVE-2017-5465, CVE-2017-5466, CVE-2017-5467, CVE-2017-5469) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Mozilla developers and community, Nils, Holger Fuhrmannek, Atte Kettunen, Takeshi Terada, Huzaifa Sidhpurwala, Nicolas Grégoire, Chamal De Silva, Chun Han Hsiao, Ivan Fratric of Google Project Zero, Anonymous working with Trend Micro's Zero Day Initiative, Haik Aftandilian, Paul Theriault, Julian Hector, Petr Cerny, Jordi Chancel, and Heather Miller of Google Skia team as the original reporters. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the update, Firefox must be restarted for the changes to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1443297 - CVE-2017-5456 Mozilla: Sandbox escape allowing local file system read access (MFSA 2017-12) 1443298 - CVE-2017-5442 Mozilla: Use-after-free during style changes (MFSA 2017-11, MFSA 2017-12) 1443299 - CVE-2017-5443 Mozilla: Out-of-bounds write during BinHex decoding (MFSA 2017-11, MFSA 2017-12) 1443301 - CVE-2017-5429 Mozilla: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 (MFSA 2017-11, MFSA 2017-12) 1443303 - CVE-2017-5464 Mozilla: Memory corruption with accessibility and DOM manipulation (MFSA 2017-11, MFSA 2017-12) 1443304 - CVE-2017-5465 Mozilla: Out-of-bounds read in ConvolvePixel (MFSA 2017-11, MFSA 2017-12) 1443305 - CVE-2017-5466 Mozilla: Origin confusion when reloading isolated data:text/html URL (MFSA 2017-12) 1443307 - CVE-2017-5467 Mozilla: Memory corruption when drawing Skia content (MFSA 2017-12) 1443308 - CVE-2017-5460 Mozilla: Use-after-free in frame selection (MFSA 2017-11, MFSA 2017-12) 1443310 - CVE-2017-5448 Mozilla: Out-of-bounds write in ClearKeyDecryptor (MFSA 2017-11, MFSA 2017-12) 1443311 - CVE-2017-5449 Mozilla: Crash during bidirectional unicode manipulation with animation (MFSA 2017-11, MFSA 2017-12) 1443312 - CVE-2017-5446 Mozilla: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data (MFSA 2017-11, MFSA 2017-12) 1443313 - CVE-2017-5447 Mozilla: Out-of-bounds read during glyph processing (MFSA 2017-11, MFSA 2017-12) 1443314 - CVE-2017-5444 Mozilla: Buffer overflow while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12) 1443315 - CVE-2017-5445 Mozilla: Uninitialized values used while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12) 1443317 - CVE-2017-5469 Mozilla: Potential Buffer overflow in flex-generated code (MFSA 2017-11, MFSA 2017-12) 1443322 - CVE-2017-5440 Mozilla: Use-after-free in txExecutionState destructor during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443323 - CVE-2017-5441 Mozilla: Use-after-free with selection during scroll events (MFSA 2017-11, MFSA 2017-12) 1443324 - CVE-2017-5439 Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443325 - CVE-2017-5438 Mozilla: Use-after-free in nsAutoPtr during XSLT processing (MFSA 2017-11, MFSA 2017-12) 1443326 - CVE-2017-5437 Mozilla: Vulnerabilities in libevent library (MFSA 2017-11, MFSA 2017-12) 1443327 - CVE-2017-5436 Mozilla: Out-of-bounds write with malicious font in Graphite 2 (MFSA 2017-11, MFSA 2017-12) 1443328 - CVE-2017-5435 Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12) 1443329 - CVE-2017-5434 Mozilla: Use-after-free during focus handling (MFSA 2017-11, MFSA 2017-12) 1443330 - CVE-2017-5433 Mozilla: Use-after-free in SMIL animation functions (MFSA 2017-11, MFSA 2017-12) 1443331 - CVE-2017-5430 Mozilla: Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1 (MFSA 2017-12) 1443332 - CVE-2017-5432 Mozilla: Use-after-free in text input selection (MFSA 2017-11, MFSA 2017-12) 1443333 - CVE-2017-5459 Mozilla: Buffer overflow in WebGL (MFSA 2017-11, MFSA 2017-12) 1443334 - CVE-2017-5455 Mozilla: Sandbox escape through internal feed reader APIs (MFSA 2017-12) 1443338 - CVE-2017-5454 Mozilla: Sandbox escape allowing file system read access through file picker (MFSA 2017-12) 1443340 - CVE-2017-5451 Mozilla: Addressbar spoofing with onblur event (MFSA 2017-12) 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: firefox-52.1.0-2.el7_3.src.rpm x86_64: firefox-52.1.0-2.el7_3.x86_64.rpm firefox-debuginfo-52.1.0-2.el7_3.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: firefox-52.1.0-2.el7_3.i686.rpm firefox-debuginfo-52.1.0-2.el7_3.i686.rpm Red Hat Enterprise Linux Server (v. 7): Source: firefox-52.1.0-2.el7_3.src.rpm aarch64: firefox-52.1.0-2.el7_3.aarch64.rpm firefox-debuginfo-52.1.0-2.el7_3.aarch64.rpm ppc64: firefox-52.1.0-2.el7_3.ppc64.rpm firefox-debuginfo-52.1.0-2.el7_3.ppc64.rpm ppc64le: firefox-52.1.0-2.el7_3.ppc64le.rpm firefox-debuginfo-52.1.0-2.el7_3.ppc64le.rpm s390x: firefox-52.1.0-2.el7_3.s390x.rpm firefox-debuginfo-52.1.0-2.el7_3.s390x.rpm x86_64: firefox-52.1.0-2.el7_3.x86_64.rpm firefox-debuginfo-52.1.0-2.el7_3.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: firefox-52.1.0-2.el7_3.ppc.rpm firefox-debuginfo-52.1.0-2.el7_3.ppc.rpm s390x: firefox-52.1.0-2.el7_3.s390.rpm firefox-debuginfo-52.1.0-2.el7_3.s390.rpm x86_64: firefox-52.1.0-2.el7_3.i686.rpm firefox-debuginfo-52.1.0-2.el7_3.i686.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: firefox-52.1.0-2.el7_3.src.rpm x86_64: firefox-52.1.0-2.el7_3.x86_64.rpm firefox-debuginfo-52.1.0-2.el7_3.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: firefox-52.1.0-2.el7_3.i686.rpm firefox-debuginfo-52.1.0-2.el7_3.i686.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-5429 https://access.redhat.com/security/cve/CVE-2017-5430 https://access.redhat.com/security/cve/CVE-2017-5432 https://access.redhat.com/security/cve/CVE-2017-5433 https://access.redhat.com/security/cve/CVE-2017-5434 https://access.redhat.com/security/cve/CVE-2017-5435 https://access.redhat.com/security/cve/CVE-2017-5436 https://access.redhat.com/security/cve/CVE-2017-5437 https://access.redhat.com/security/cve/CVE-2017-5438 https://access.redhat.com/security/cve/CVE-2017-5439 https://access.redhat.com/security/cve/CVE-2017-5440 https://access.redhat.com/security/cve/CVE-2017-5441 https://access.redhat.com/security/cve/CVE-2017-5442 https://access.redhat.com/security/cve/CVE-2017-5443 https://access.redhat.com/security/cve/CVE-2017-5444 https://access.redhat.com/security/cve/CVE-2017-5445 https://access.redhat.com/security/cve/CVE-2017-5446 https://access.redhat.com/security/cve/CVE-2017-5447 https://access.redhat.com/security/cve/CVE-2017-5448 https://access.redhat.com/security/cve/CVE-2017-5449 https://access.redhat.com/security/cve/CVE-2017-5451 https://access.redhat.com/security/cve/CVE-2017-5454 https://access.redhat.com/security/cve/CVE-2017-5455 https://access.redhat.com/security/cve/CVE-2017-5456 https://access.redhat.com/security/cve/CVE-2017-5459 https://access.redhat.com/security/cve/CVE-2017-5460 https://access.redhat.com/security/cve/CVE-2017-5464 https://access.redhat.com/security/cve/CVE-2017-5465 https://access.redhat.com/security/cve/CVE-2017-5466 https://access.redhat.com/security/cve/CVE-2017-5467 https://access.redhat.com/security/cve/CVE-2017-5469 https://access.redhat.com/security/updates/classification/#critical https://www.mozilla.org/en-US/security/advisories/mfsa2017-12 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY+WcbXlSAg2UNWIIRAthYAKDBrBSwj53qYji+d/+f2k2WwO393wCgt/9B VVVuCEuJrVflHvdZuRMCSfc= =dJ7A -----END PGP SIGNATURE----- --
  12. news
    CentOS Errata and Security Advisory 2017:1106 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1106.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: db9f358d231c95b7443d58e8a92b90d5bf9f24cd5f2641c3262271cb13aa4ecb firefox-52.1.0-2.el7.centos.i686.rpm 6f191762164e4cf5b54b7a0b4026d78c69e0073abf331840572accd09341a78c firefox-52.1.0-2.el7.centos.x86_64.rpm Source: 90270668303aceb8ffec03143491fee0c4e5fb5245655a37f11188560878b434 firefox-52.1.0-2.el7.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  13. news
    CentOS Errata and Security Advisory 2017:1108 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1108.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 80f97a5168f5932d27c58307e818fff0d988324cc1ec96256023901efc29e57c java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.i686.rpm 7da72b8c1e26b0ce5d6e1005f1548f0edb8fa8d8c7b1f3c14e4aef6666b37085 java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.x86_64.rpm ce71df28e9ddc9e2ef20d3b650a6fcb5f7fd85f78b6f1dbd165b124b53a47468 java-1.8.0-openjdk-accessibility-1.8.0.131-2.b11.el7_3.x86_64.rpm 4d0182588cf632344b640212c7d6af7cd6eec7e9054e4abe29413985319077c8 java-1.8.0-openjdk-accessibility-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm 468258b25230325f4fefc65cf2cc0ce9981afdc0813353f4ac708fb3a0f6f993 java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.i686.rpm 100f04812cfacc3074751a4abe5e3fb7116447c00ed5ac627b274fc07dc22862 java-1.8.0-openjdk-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm b15f42135eea22c01a5108a51651785db9c2a6027e15b30df7336ce8195ae52d java-1.8.0-openjdk-demo-1.8.0.131-2.b11.el7_3.x86_64.rpm 730b3081be2ab04afd4ffffd749b201ca99baa77f41c06c09afbeb23351bb4d6 java-1.8.0-openjdk-demo-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm cc8d180344fa874cbea51e5cd79d80220c5b9ba2a34ebc5807000298e18ecbd3 java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.i686.rpm b7ae364e5b7634782da6695433ff505b9d8c7fcbfa971591d3bbaca464ff39a9 java-1.8.0-openjdk-devel-1.8.0.131-2.b11.el7_3.x86_64.rpm 63f3e239c453cf668521dacbc94bbc67001b10864c57a0bd83305630299dd3c5 java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.i686.rpm b4a5f6a1c91c695beecc2096e8c212a5e5fb8ed2698b64eae5ec7793525c1f0c java-1.8.0-openjdk-devel-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm 1dfb5b727a67525c934304ebbee7a08745693734d523f8d71e95b3d99c2a748d java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.i686.rpm a7e0b5f42dc24e0e240a543c692b9a402cd3e187c246371435f5e67ea58fe5ae java-1.8.0-openjdk-headless-1.8.0.131-2.b11.el7_3.x86_64.rpm e7b5333038c1c9c0fe6d095f7b90f53f45960b73717eb083043962e5bf7a306a java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.i686.rpm 723f5060b6d63f64ebd1b0161dae4b1cd834ae7b7b4c4837b9565e3753ca189f java-1.8.0-openjdk-headless-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm 0804c823721fedc0b9852b6d9603ae233d3a678174a4d897a490b7a2e2ceaf83 java-1.8.0-openjdk-javadoc-1.8.0.131-2.b11.el7_3.noarch.rpm 4b6d9e2df4cd9bfc39d2d0fd27bf7ed722c111e9d031c0f29ab8019fd7610ccc java-1.8.0-openjdk-javadoc-debug-1.8.0.131-2.b11.el7_3.noarch.rpm 65fbfe6c7733aeec5c5b8edce9121f081a14a33ac65af9660e5ce9cfe49be84d java-1.8.0-openjdk-javadoc-zip-1.8.0.131-2.b11.el7_3.noarch.rpm 3bf4903901e52a6303dc72e1bcfc8e33b50c8a1c66ac2769228aec0784132388 java-1.8.0-openjdk-javadoc-zip-debug-1.8.0.131-2.b11.el7_3.noarch.rpm 5d1f88e3b95d9f4a2403f9544045baf92cff53e2123e0d92bf4dd2141e157537 java-1.8.0-openjdk-src-1.8.0.131-2.b11.el7_3.x86_64.rpm 141f62c2952d839b2b0e24f7789c73d4bdfa7b9bbd23634d9054baf1e8c10fbb java-1.8.0-openjdk-src-debug-1.8.0.131-2.b11.el7_3.x86_64.rpm Source: eaac4898178a36c4003be40b7c98c38a7572baa31b52aab5f5e90845202039b4 java-1.8.0-openjdk-1.8.0.131-2.b11.el7_3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  14. news
    CentOS Errata and Security Advisory 2017:1100 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1100.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 09d5ded637588ded6406eafe69a19b13d981a8bf945ada12894da1a0d21d376f nss-util-3.28.4-1.el6_9.i686.rpm fcc501f2c221dab92c66ba05ee5ad80ad5894984a5423d7db58020165cc0b45b nss-util-devel-3.28.4-1.el6_9.i686.rpm x86_64: 09d5ded637588ded6406eafe69a19b13d981a8bf945ada12894da1a0d21d376f nss-util-3.28.4-1.el6_9.i686.rpm 62d946e014cfbfb7cc657a58295a8f27b11043f2136edf91126b3ff467400c85 nss-util-3.28.4-1.el6_9.x86_64.rpm fcc501f2c221dab92c66ba05ee5ad80ad5894984a5423d7db58020165cc0b45b nss-util-devel-3.28.4-1.el6_9.i686.rpm 515fd89043687a0cf6f40271d36ebfb34d27bd8304d8027e70b168d110fb81d5 nss-util-devel-3.28.4-1.el6_9.x86_64.rpm Source: 0667ca1376b6eca9ae5b4b0c5745d5ae9801227458afe5c43fab9422908f8763 nss-util-3.28.4-1.el6_9.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  15. news
    CentOS Errata and Security Advisory 2017:1100 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1100.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 5821f235b991ffcd273006c24ca9d3e1daf4b6e3228ce7dcb97c24de5b21de41 nss-3.28.4-1.el6_9.i686.rpm 9688f7b58816ab0192210a2ef4c138139083abcdb842ee4f5f8e89847649d610 nss-devel-3.28.4-1.el6_9.i686.rpm 67bbf48d70115e4596bba46853e35e41510e04f76916e676821e953f4abe41b3 nss-pkcs11-devel-3.28.4-1.el6_9.i686.rpm c6e3ea1c22bfc39fd3d8872bf890acfd444b8e27342243c9310477a39e5a1b6b nss-sysinit-3.28.4-1.el6_9.i686.rpm 8e9dc735e1af62d3e6dac0c5997735e19c2e864d78d4a0050d55cf263edfe928 nss-tools-3.28.4-1.el6_9.i686.rpm x86_64: 5821f235b991ffcd273006c24ca9d3e1daf4b6e3228ce7dcb97c24de5b21de41 nss-3.28.4-1.el6_9.i686.rpm a82f4e54a89d9b8923fe457130bf4e7aefc0b9d506716eb1ead0db9fa2b8714a nss-3.28.4-1.el6_9.x86_64.rpm 9688f7b58816ab0192210a2ef4c138139083abcdb842ee4f5f8e89847649d610 nss-devel-3.28.4-1.el6_9.i686.rpm 9d9721cdbb202bd30503872b8a2e80f94cd63a38aba666449fe27dda4cc616dd nss-devel-3.28.4-1.el6_9.x86_64.rpm 67bbf48d70115e4596bba46853e35e41510e04f76916e676821e953f4abe41b3 nss-pkcs11-devel-3.28.4-1.el6_9.i686.rpm f8a915c0d9066123ac1371f559dee7acd48f506ff69e976af11952b623b35201 nss-pkcs11-devel-3.28.4-1.el6_9.x86_64.rpm d3d0d749646b8a0d1a198ac9dc15cfe39b0c9103055fe2d10f5db4971a6bb866 nss-sysinit-3.28.4-1.el6_9.x86_64.rpm 6e7a942c903ded2beadf2744a0f6ddacfd1b92e482396209358b2c4b2d691af9 nss-tools-3.28.4-1.el6_9.x86_64.rpm Source: f3d57fbec19b0a79e88bedf659868d173f34a651a42313ddc600b0ce420aef47 nss-3.28.4-1.el6_9.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  16. news
    CentOS Errata and Security Advisory 2017:1105 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1105.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 266ff64660c075b7bfb17bbf4d4c356ff3ccdd119f35a129ae133cc44a69ea6c bind-9.8.2-0.62.rc1.el6_9.1.i686.rpm 888eb9b8a3cb22ebc9b0a3f4b6506921b87ee43a15e6fda781341330151dc3cb bind-chroot-9.8.2-0.62.rc1.el6_9.1.i686.rpm d8858c4a806579f9054d7a037fb073089f67e4785878fc56970ce7380e9bb898 bind-devel-9.8.2-0.62.rc1.el6_9.1.i686.rpm b38c21b53129c69466455a59c955ffafcf8bbae05ffb32b96f9a7ff0e11ff666 bind-libs-9.8.2-0.62.rc1.el6_9.1.i686.rpm 14fef0f86fa4b1dc16744c455212f0898ce499469ff78ad3be09fed7d83e6b9b bind-sdb-9.8.2-0.62.rc1.el6_9.1.i686.rpm fc6060564bf23ed602d04029964e92e6c9eaec7bdfc3699fb8fb70f83e3301bf bind-utils-9.8.2-0.62.rc1.el6_9.1.i686.rpm x86_64: 71e75001dd78f3d3289a8fa1dee4b0732b91367f016ff7a4ed18d7ffe57d76ee bind-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm 4e91a4f03ed4e735bac48da9baddc23b1d02c4c090cf450f7eb4a6f807d38d13 bind-chroot-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm d8858c4a806579f9054d7a037fb073089f67e4785878fc56970ce7380e9bb898 bind-devel-9.8.2-0.62.rc1.el6_9.1.i686.rpm bb151b30485f3ada32fce9f174aa9062109ad18e548f8c3d2dc56ae3cc87183c bind-devel-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm b38c21b53129c69466455a59c955ffafcf8bbae05ffb32b96f9a7ff0e11ff666 bind-libs-9.8.2-0.62.rc1.el6_9.1.i686.rpm d83ffedf34e95f4cf8b5bf1c663e1a5b558f0216ac72f961caaf68464eacd66b bind-libs-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm 9427eeecce239e8fa449d6a10a1859e53d283c9322751db9aa63aad04578f234 bind-sdb-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm 72d554da0c64568336b159232f3e408a45716c32aa41c4c7c8b4fed0a26fe40e bind-utils-9.8.2-0.62.rc1.el6_9.1.x86_64.rpm Source: 111d7cd4e4965321ccee94526fe79629709da816ca6ee47832c44807320883b9 bind-9.8.2-0.62.rc1.el6_9.1.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  17. news
    CentOS Errata and Security Advisory 2017:1104 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1104.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: da7e0a3b2f6cc4703c95b34c6cc75b2815e4ae5035bef6ef56d052c625cc3eaa firefox-52.1.0-2.el6.centos.i686.rpm x86_64: da7e0a3b2f6cc4703c95b34c6cc75b2815e4ae5035bef6ef56d052c625cc3eaa firefox-52.1.0-2.el6.centos.i686.rpm c5d308fb577cb57882c9478a0b7d1c85bbd63ca411399ee4cb3d8bc0af960973 firefox-52.1.0-2.el6.centos.x86_64.rpm Source: 583ca21ee5e6610c077d0671fba0bd4bb0f1117e1115faf4468b8fb44c7f5049 firefox-52.1.0-2.el6.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  18. news
    CentOS Errata and Security Advisory 2017:1109 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1109.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 9224c888761f388ca9a3664dc0b1fb0dcc3904e7462fba3a482d1ecc6ee77285 java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.i686.rpm 5d0ca0b600d8fe739ac51de1f09882abbc66493cf8e3aff50f0fc8e6717efd78 java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.i686.rpm e2fe48b3835fb57826354c3266a3ab70236edbbb9b352e0abed5bc4732414f32 java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.i686.rpm 26f7cb4cd650f0caae18cfcf6945d1aa8fc3bbb35031158f6b0e69d4b233db50 java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.i686.rpm a21257bb46833259d5368a8824d052732889359195a298cebd46302991e8f5b9 java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.i686.rpm 548d135b874f032c96707ee87c9625f572c88768f8c76b4f7eb09830da802cb2 java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.i686.rpm fd096a0b691c2a5404eb1cffd7948d9a67c4eb22d5cf5524bc74ecc35251f63b java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.i686.rpm 4a75f1a3ce60d1a5a8005e89718dbdf77237bcea549bea9c54c0b72b8ed9ef61 java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.i686.rpm 4cd56647098db901ef2159069b5aabb8abc78e03e76ade03d2aaaf8f1b3026ae java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm e27d648018256c24242169e0daf40570c51f2ff159d459e9b5faebfd4f31067f java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm eb4c6af473dc4144f158ca93b573581922dbdc78f11d5fb7ad91d13bb332653a java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.i686.rpm e31cf76f7bb1463ff56dc41b50da9d8507269c060241b267a4b72a30dd0f1b28 java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.i686.rpm x86_64: 60467c3d0eb329d8015666908ff1f69bb3fe4cf7b366ffd05fd746cadb91d95d java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.x86_64.rpm 407ad1c6c24fe83a6cf64b9db8913c75aaf4d09ca22c9c24e328a941f085b883 java-1.8.0-openjdk-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm 8369296dfd96ce334763ba5c8ffd509e7643f5d2605b769ff36f09a5a21ab1a0 java-1.8.0-openjdk-demo-1.8.0.131-0.b11.el6_9.x86_64.rpm 610ad62174d70e2eb79b7b70696ea4f53c093215769c78999dbccb15f774b6db java-1.8.0-openjdk-demo-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm 7f296719610ee8b1abd3fcc7dc9f5f62420a2ed721c816ce853322670ba37bde java-1.8.0-openjdk-devel-1.8.0.131-0.b11.el6_9.x86_64.rpm 1b213bfaee59e5313dbbd12045eb6a06c4ea7bc2ec85080c67964635e8f59b83 java-1.8.0-openjdk-devel-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm 4ce2d2b8112ed815ecbfd996c3bf50feb811f1d7ce0ff7037f64755fd6d3ff31 java-1.8.0-openjdk-headless-1.8.0.131-0.b11.el6_9.x86_64.rpm 71e150cb4271c56d20bbed3f889dca93e47352a5d7c9ce88188ea1b45ba93daf java-1.8.0-openjdk-headless-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm 4cd56647098db901ef2159069b5aabb8abc78e03e76ade03d2aaaf8f1b3026ae java-1.8.0-openjdk-javadoc-1.8.0.131-0.b11.el6_9.noarch.rpm e27d648018256c24242169e0daf40570c51f2ff159d459e9b5faebfd4f31067f java-1.8.0-openjdk-javadoc-debug-1.8.0.131-0.b11.el6_9.noarch.rpm 738543c7d856135299d617c17085a8c53a31302ed6e49ca788549fd2aeb15c18 java-1.8.0-openjdk-src-1.8.0.131-0.b11.el6_9.x86_64.rpm 2285a49c613009229265ee4e566a23fb6426c21b17390baa5a30adcf15e2068e java-1.8.0-openjdk-src-debug-1.8.0.131-0.b11.el6_9.x86_64.rpm Source: 6c902637907443fe1ac219a230978d42296894dafa8b4fd8cc3b5df6324e00bd java-1.8.0-openjdk-1.8.0.131-0.b11.el6_9.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  19. news
    CentOS Errata and Security Advisory 2017:1100 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1100.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 847b8da43f05a5f24b81b01efbc991e70c5d2c9c659f6bd9feb420bbfe59ba5e nss-util-3.28.4-1.0.el7_3.i686.rpm f23201ad7af7e0d5105bbde62ea32c2a10b62cfd1cdce92fe904306bdfb4ae43 nss-util-3.28.4-1.0.el7_3.x86_64.rpm 78199e2871b2b385458ff852b1609f7c46f71a2a7133ee885f153a3ffc5fc715 nss-util-devel-3.28.4-1.0.el7_3.i686.rpm c26d927e1604c5fc1ab7b5499e96e83d356eee25e3d560e96d60c612891bffa1 nss-util-devel-3.28.4-1.0.el7_3.x86_64.rpm Source: df5fc54dc4fa11167312e53541dc2334c45398132b61f879f1dc2a27cd55f436 nss-util-3.28.4-1.0.el7_3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  20. news
    CentOS Errata and Security Advisory 2017:1100 Critical Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-1100.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 7c0e9cbeacb07e7d2868f2f364527ff71816cdfef0dc18474e05db16e57e25e7 nss-3.28.4-1.0.el7_3.i686.rpm 86968563fe276b36b88f07fa11f06c3366a9a96b20c4b2691338748f649f3d4d nss-3.28.4-1.0.el7_3.x86_64.rpm f065aa53f66548495a2130e280fc14dc8b8f8a076bd7bade3425adac88f77d36 nss-devel-3.28.4-1.0.el7_3.i686.rpm caea2c9dc2ca247bb9042124d7d6a60ce4f02d71af28a5e069d60525f80b6740 nss-devel-3.28.4-1.0.el7_3.x86_64.rpm 385f200523e2720d9f250fd3149a471f1f02f5cc55dfae5ac50090a89eab499b nss-pkcs11-devel-3.28.4-1.0.el7_3.i686.rpm ed301c352dabeb127f12decacc3d6639372357dc7673de463ea590773bae3ff6 nss-pkcs11-devel-3.28.4-1.0.el7_3.x86_64.rpm 7c82dbe83f51d6505d368d68535fd34da2da0efc52c3115612011ef791c5bbc6 nss-sysinit-3.28.4-1.0.el7_3.x86_64.rpm fe1d1425aaebb108851540d27337613f169db30ddbdccb336b79d4dc0197eea0 nss-tools-3.28.4-1.0.el7_3.x86_64.rpm Source: 8031fd77de059ce3786fb98712737a9e9e83a8e4e29e8071050ce90ae4a1cb53 nss-3.28.4-1.0.el7_3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos ( -at -) irc.freenode.net Twitter: ( -at -) JohnnyCentOS _______________________________________________
  21. news
    At Phoronix we have posted a new article. A link to this from your site's news section would be greatly appreciated. Title: Overclocking The Radeon RX 580 Under Linux ( -at -) Phoronix Direct Link: http://www.phoronix.com/vr.php?view=24525 Summary: "Yesterday I posted the initial Radeon RX 580 Linux benchmarks while now with having more time with this "Polaris Evolved" card I've been able to try out a bit more, like the AMDGPU Linux overclocking support. Here are the ups and downs of overclocking the Radeon graphics card under Linux." Please feel free to contact us with any questions or comments you may
  22. news
    Some gaming keyboards offer customizable backlighting and key caps to change up the feel of the keys underneath one's fingers. EpicGear's Defiant keyboard goes one better and lets gamers change out its key switches themselves for a different tactile experience. We switched around the Defiant's clickers to see if the feature upped our game. Read more: http://techreport.com/review/31751/epicgear-defiant-modular-gaming-keyboard-reviewed --- The Tech Report - PC Hardware Explored http://techreport.com -- To unsubscribe from: TR-News, just follow this link: http://node1.techreport.com/cgi-bin/dada/mail.cgi/u/trnews/reviewnews// Click this link, or copy and paste the address into your browser.
  23. news
    View this email in your browser (http://mailchi.mp/b32a991df26e/roccat-kone-emp-gaming-mouse-review?e=8138df6da5) ** Benchmark Reviews Presents: ------------------------------------------------------------ TITLE: Roccat Kone EMP Gaming Mouse Review (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=e45d5f3a12&e=8138df6da5) QUOTE: Being the successor to the Kone XTD, the Kone EMP (Empowered) brings a few new things to the table. The Kone EMP weights less than its predecessor and maintains the same body shape as before. It also includes the new Owl-Eye 12000 DPI optical sensor, known as the PixArt 3361 optical sensor. This is a modified version of the PixArt 3360 with improved responsiveness and manual surface calibration. The Kone EMP now features RGB lighting along with customizable profiles via the Swarm software. Benchmark Reviews will be taking a look at the Roccat Kone EMP with its new Owl-Eye optical sensor, so let’s jump in to a quick overview of this mouse. LINK: http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=f4ccc37b52&e=8138df6da5 IMAGE: http://benchmarkreviews.us10.list-manage2.com/track/click?u=9a2f239b17114c9008e3dfda9&id=26481634c0&e=8138df6da5 ============================================================ ** (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=af2997a912&e=8138df6da5) ** (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=2cb38805eb&e=8138df6da5) ** (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=4f269a807d&e=8138df6da5)
  24. news
    SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:1081-1 Rating: important References: #1022555 #1026636 #1027519 #1027570 #1028235 #1028655 #1029827 #1030144 #1030442 Cross-References: CVE-2016-9603 CVE-2017-2633 CVE-2017-6414 CVE-2017-6505 CVE-2017-7228 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has four fixes is now available. Description: This update for xen fixes the following issues: These security issues were fixed: - CVE-2017-7228: Broken check in memory_exchange() permited PV guest breakout (bsc#1030442). - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or driver domain, possibly leading to a Denial of Service (DoS) of the entire host (bsc#1030144). - CVE-2016-9603: A privileged user within the guest VM can cause a heap overflow in the device model process, potentially escalating their privileges to that of the device model process (bsc#1028655). - CVE-2017-6414: Memory leak in the vcard_apdu_new function in card_7816.c in libcacard allowed local guest OS users to cause a denial of service (host memory consumption) via vectors related to allocating a new APDU object (bsc#1027570). - CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028235). - CVE-2017-2633: The VNC display driver support was vulnerable to an out-of-bounds memory access issue. A user/process inside guest could use this flaw to cause DoS (bsc#1026636). These non-security issues were fixed: - bsc#1022555: Timeout in "execution of /etc/xen/scripts/block add" - bsc#1029827: Forward port xenstored Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-xen-13069=1 - SUSE Linux Enterprise Server 11-SP4: zypper in -t patch slessp4-xen-13069=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-xen-13069=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 x86_64): xen-devel-4.4.4_16-54.1 - SUSE Linux Enterprise Server 11-SP4 (i586 x86_64): xen-kmp-default-4.4.4_16_3.0.101_97-54.1 xen-libs-4.4.4_16-54.1 xen-tools-domU-4.4.4_16-54.1 - SUSE Linux Enterprise Server 11-SP4 (x86_64): xen-4.4.4_16-54.1 xen-doc-html-4.4.4_16-54.1 xen-libs-32bit-4.4.4_16-54.1 xen-tools-4.4.4_16-54.1 - SUSE Linux Enterprise Server 11-SP4 (i586): xen-kmp-pae-4.4.4_16_3.0.101_97-54.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64): xen-debuginfo-4.4.4_16-54.1 xen-debugsource-4.4.4_16-54.1 References: https://www.suse.com/security/cve/CVE-2016-9603.html https://www.suse.com/security/cve/CVE-2017-2633.html https://www.suse.com/security/cve/CVE-2017-6414.html https://www.suse.com/security/cve/CVE-2017-6505.html https://www.suse.com/security/cve/CVE-2017-7228.html https://bugzilla.suse.com/1022555 https://bugzilla.suse.com/1026636 https://bugzilla.suse.com/1027519 https://bugzilla.suse.com/1027570 https://bugzilla.suse.com/1028235 https://bugzilla.suse.com/1028655 https://bugzilla.suse.com/1029827 https://bugzilla.suse.com/1030144 https://bugzilla.suse.com/1030442 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org
  25. news
    <http://www.eteknix.com> ASUS RoG Crosshair VI Hero X370 Motherboard Review Ryzen is here at last, and with that comes dozens of motherboards from the many AMD partners. Today, we'll be taking a look at the new ASUS RoG Crosshair VI Hero, an X370 chipset board for the latest Ryzen AM4 socket chips from AMD. The new board brings all the high-end thrills you would expect, promising plenty of overclocking features, SLI/Crossfire support, M.2 storage, RGB lighting and much more! It's primed to appeal to enthusiast system builders, overclockers and gamers alike, so let's take a closer look at what it has to offer! URL - http://www.eteknix.com/asus-rog-crosshair-vi-hero-x370-motherboard-review/ --
×