news

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python-defusedxml and python-pysaml2 security update Advisory ID: RHSA-2017:0937-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0937 Issue date: 2017-04-12 CVE Names: CVE-2016-10149 ===================================================================== 1. Summary: An update for python-defusedxml and python-pysaml2 is now available for Red Hat OpenStack Platform 9.0 (Mitaka). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 9.0 - noarch 3. Description: The defusedxml package contains several Python-only updates for security vulnerabilities in Python's XML libraries. Defusedxml functions and classes can be used instead of the originals to protect against entity-expansion and DTD-retrieval issues. PySAML2 is the python implementation of SAML Version 2, containing all the functionality for building a SAML2 service provider or an identity provider, to be used in a WSGI environment. Security Fix(es): * An XML entity expansion vulnerability was found in python-pysaml2. A remote attacker could send a crafted request which would cause denial of service through resource exhaustion. (CVE-2016-10149) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1415710 - CVE-2016-10149 python-pysaml2: Entity expansion issue 6. Package List: Red Hat OpenStack Platform 9.0: Source: python-defusedxml-0.5.0-1.el7ost.src.rpm python-pysaml2-3.0.2-3.el7ost.src.rpm noarch: python-defusedxml-0.5.0-1.el7ost.noarch.rpm python-pysaml2-3.0.2-3.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-10149 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7oCVXlSAg2UNWIIRAkLTAKCwzQ48FTqPDe2g00sLHCcxsclUmgCdHoZC qDl2Qwq7jl6hvKWi99Ep8ds= =6YE9 -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd security and bug fix update Advisory ID: RHSA-2017:0906-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0906 Issue date: 2017-04-12 CVE Names: CVE-2016-0736 CVE-2016-2161 CVE-2016-8743 ===================================================================== 1. Summary: An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack. (CVE-2016-0736) * It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication. (CVE-2016-2161) * It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743) Note: The fix for the CVE-2016-8743 issue causes httpd to return "400 Bad Request" error to HTTP clients which do not strictly follow HTTP protocol specification. A newly introduced configuration directive "HttpProtocolOptions Unsafe" can be used to re-enable the old less strict parsing. However, such setting also re-introduces the CVE-2016-8743 issue. Bug Fix(es): * When waking up child processes during a graceful restart, the httpd parent process could attempt to open more connections than necessary if a large number of child processes had been active prior to the restart. Consequently, a graceful restart could take a long time to complete. With this update, httpd has been fixed to limit the number of connections opened during a graceful restart to the number of active children, and the described problem no longer occurs. (BZ#1420002) * Previously, httpd running in a container returned the 500 HTTP status code (Internal Server Error) when a connection to a WebSocket server was closed. As a consequence, the httpd server failed to deliver the correct HTTP status and data to a client. With this update, httpd correctly handles all proxied requests to the WebSocket server, and the described problem no longer occurs. (BZ#1429947) * In a configuration using LDAP authentication with the mod_authnz_ldap module, the name set using the AuthLDAPBindDN directive was not correctly used to bind to the LDAP server for all queries. Consequently, authorization attempts failed. The LDAP modules have been fixed to ensure the configured name is correctly bound for LDAP queries, and authorization using LDAP no longer fails. (BZ#1420047) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1406744 - CVE-2016-0736 httpd: Padding Oracle in Apache mod_session_crypto 1406753 - CVE-2016-2161 httpd: DoS vulnerability in mod_auth_digest 1406822 - CVE-2016-8743 httpd: Apache HTTP Request Parsing Whitespace Defects 1420002 - Backport fix for issue with graceful restart taking very long time sometimes 1420047 - AuthLDAPBindDN might not be used for some LDAP searches causing LDAP authz failures 1429947 - Backport: mod_proxy_wstunnel - AH02447: err/hup on backconn 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: httpd-2.4.6-45.el7_3.4.src.rpm noarch: httpd-manual-2.4.6-45.el7_3.4.noarch.rpm x86_64: httpd-2.4.6-45.el7_3.4.x86_64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm httpd-devel-2.4.6-45.el7_3.4.x86_64.rpm httpd-tools-2.4.6-45.el7_3.4.x86_64.rpm mod_ldap-2.4.6-45.el7_3.4.x86_64.rpm mod_proxy_html-2.4.6-45.el7_3.4.x86_64.rpm mod_session-2.4.6-45.el7_3.4.x86_64.rpm mod_ssl-2.4.6-45.el7_3.4.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: httpd-2.4.6-45.el7_3.4.src.rpm noarch: httpd-manual-2.4.6-45.el7_3.4.noarch.rpm x86_64: httpd-2.4.6-45.el7_3.4.x86_64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm httpd-devel-2.4.6-45.el7_3.4.x86_64.rpm httpd-tools-2.4.6-45.el7_3.4.x86_64.rpm mod_ldap-2.4.6-45.el7_3.4.x86_64.rpm mod_proxy_html-2.4.6-45.el7_3.4.x86_64.rpm mod_session-2.4.6-45.el7_3.4.x86_64.rpm mod_ssl-2.4.6-45.el7_3.4.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: httpd-2.4.6-45.el7_3.4.src.rpm aarch64: httpd-2.4.6-45.el7_3.4.aarch64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.aarch64.rpm httpd-devel-2.4.6-45.el7_3.4.aarch64.rpm httpd-tools-2.4.6-45.el7_3.4.aarch64.rpm mod_ssl-2.4.6-45.el7_3.4.aarch64.rpm noarch: httpd-manual-2.4.6-45.el7_3.4.noarch.rpm ppc64: httpd-2.4.6-45.el7_3.4.ppc64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.ppc64.rpm httpd-devel-2.4.6-45.el7_3.4.ppc64.rpm httpd-tools-2.4.6-45.el7_3.4.ppc64.rpm mod_ssl-2.4.6-45.el7_3.4.ppc64.rpm ppc64le: httpd-2.4.6-45.el7_3.4.ppc64le.rpm httpd-debuginfo-2.4.6-45.el7_3.4.ppc64le.rpm httpd-devel-2.4.6-45.el7_3.4.ppc64le.rpm httpd-tools-2.4.6-45.el7_3.4.ppc64le.rpm mod_ssl-2.4.6-45.el7_3.4.ppc64le.rpm s390x: httpd-2.4.6-45.el7_3.4.s390x.rpm httpd-debuginfo-2.4.6-45.el7_3.4.s390x.rpm httpd-devel-2.4.6-45.el7_3.4.s390x.rpm httpd-tools-2.4.6-45.el7_3.4.s390x.rpm mod_ssl-2.4.6-45.el7_3.4.s390x.rpm x86_64: httpd-2.4.6-45.el7_3.4.x86_64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm httpd-devel-2.4.6-45.el7_3.4.x86_64.rpm httpd-tools-2.4.6-45.el7_3.4.x86_64.rpm mod_ssl-2.4.6-45.el7_3.4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: httpd-debuginfo-2.4.6-45.el7_3.4.aarch64.rpm mod_ldap-2.4.6-45.el7_3.4.aarch64.rpm mod_proxy_html-2.4.6-45.el7_3.4.aarch64.rpm mod_session-2.4.6-45.el7_3.4.aarch64.rpm ppc64: httpd-debuginfo-2.4.6-45.el7_3.4.ppc64.rpm mod_ldap-2.4.6-45.el7_3.4.ppc64.rpm mod_proxy_html-2.4.6-45.el7_3.4.ppc64.rpm mod_session-2.4.6-45.el7_3.4.ppc64.rpm ppc64le: httpd-debuginfo-2.4.6-45.el7_3.4.ppc64le.rpm mod_ldap-2.4.6-45.el7_3.4.ppc64le.rpm mod_proxy_html-2.4.6-45.el7_3.4.ppc64le.rpm mod_session-2.4.6-45.el7_3.4.ppc64le.rpm s390x: httpd-debuginfo-2.4.6-45.el7_3.4.s390x.rpm mod_ldap-2.4.6-45.el7_3.4.s390x.rpm mod_proxy_html-2.4.6-45.el7_3.4.s390x.rpm mod_session-2.4.6-45.el7_3.4.s390x.rpm x86_64: httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm mod_ldap-2.4.6-45.el7_3.4.x86_64.rpm mod_proxy_html-2.4.6-45.el7_3.4.x86_64.rpm mod_session-2.4.6-45.el7_3.4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: httpd-2.4.6-45.el7_3.4.src.rpm noarch: httpd-manual-2.4.6-45.el7_3.4.noarch.rpm x86_64: httpd-2.4.6-45.el7_3.4.x86_64.rpm httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm httpd-devel-2.4.6-45.el7_3.4.x86_64.rpm httpd-tools-2.4.6-45.el7_3.4.x86_64.rpm mod_ssl-2.4.6-45.el7_3.4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: httpd-debuginfo-2.4.6-45.el7_3.4.x86_64.rpm mod_ldap-2.4.6-45.el7_3.4.x86_64.rpm mod_proxy_html-2.4.6-45.el7_3.4.x86_64.rpm mod_session-2.4.6-45.el7_3.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-0736 https://access.redhat.com/security/cve/CVE-2016-2161 https://access.redhat.com/security/cve/CVE-2016-8743 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7n2lXlSAg2UNWIIRAn0EAJ95hoSJjNM/kZUXd8Ae6G5J3pXXHACfTIfP pb07muMthgb6w7tJ0kAuc4o= =gSHO -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: util-linux security and bug fix update Advisory ID: RHSA-2017:0907-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0907 Issue date: 2017-04-12 CVE Names: CVE-2017-2616 ===================================================================== 1. Summary: An update for util-linux is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - aarch64, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, these include the fdisk configuration tool and the login program. Security Fix(es): * A race condition was found in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. (CVE-2017-2616) Red Hat would like to thank Tobias Stöckmann for reporting this issue. Bug Fix(es): * The "findmnt --target " command prints all file systems where the mount point directory is . Previously, when used in the chroot environment, "findmnt --target " incorrectly displayed all mount points. The command has been fixed so that it now checks the mount point path and returns information only for the relevant mount point. (BZ#1414481) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1414481 - findmnt --target behaviour changed in 7.3, shows all mount-points in chroot 1418710 - CVE-2017-2616 util-linux: Sending SIGKILL to other processes with root privileges via su 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: util-linux-2.23.2-33.el7_3.2.src.rpm x86_64: libblkid-2.23.2-33.el7_3.2.i686.rpm libblkid-2.23.2-33.el7_3.2.x86_64.rpm libmount-2.23.2-33.el7_3.2.i686.rpm libmount-2.23.2-33.el7_3.2.x86_64.rpm libuuid-2.23.2-33.el7_3.2.i686.rpm libuuid-2.23.2-33.el7_3.2.x86_64.rpm util-linux-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm uuidd-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: libblkid-devel-2.23.2-33.el7_3.2.i686.rpm libblkid-devel-2.23.2-33.el7_3.2.x86_64.rpm libmount-devel-2.23.2-33.el7_3.2.i686.rpm libmount-devel-2.23.2-33.el7_3.2.x86_64.rpm libuuid-devel-2.23.2-33.el7_3.2.i686.rpm libuuid-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: util-linux-2.23.2-33.el7_3.2.src.rpm x86_64: libblkid-2.23.2-33.el7_3.2.i686.rpm libblkid-2.23.2-33.el7_3.2.x86_64.rpm libmount-2.23.2-33.el7_3.2.i686.rpm libmount-2.23.2-33.el7_3.2.x86_64.rpm libuuid-2.23.2-33.el7_3.2.i686.rpm libuuid-2.23.2-33.el7_3.2.x86_64.rpm util-linux-2.23.2-33.el7_3.2.i686.rpm util-linux-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm uuidd-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: libblkid-devel-2.23.2-33.el7_3.2.i686.rpm libblkid-devel-2.23.2-33.el7_3.2.x86_64.rpm libmount-devel-2.23.2-33.el7_3.2.i686.rpm libmount-devel-2.23.2-33.el7_3.2.x86_64.rpm libuuid-devel-2.23.2-33.el7_3.2.i686.rpm libuuid-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: util-linux-2.23.2-33.el7_3.2.src.rpm aarch64: libblkid-2.23.2-33.el7_3.2.aarch64.rpm libblkid-devel-2.23.2-33.el7_3.2.aarch64.rpm libmount-2.23.2-33.el7_3.2.aarch64.rpm libuuid-2.23.2-33.el7_3.2.aarch64.rpm libuuid-devel-2.23.2-33.el7_3.2.aarch64.rpm util-linux-2.23.2-33.el7_3.2.aarch64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.aarch64.rpm uuidd-2.23.2-33.el7_3.2.aarch64.rpm ppc64: libblkid-2.23.2-33.el7_3.2.ppc.rpm libblkid-2.23.2-33.el7_3.2.ppc64.rpm libblkid-devel-2.23.2-33.el7_3.2.ppc.rpm libblkid-devel-2.23.2-33.el7_3.2.ppc64.rpm libmount-2.23.2-33.el7_3.2.ppc.rpm libmount-2.23.2-33.el7_3.2.ppc64.rpm libuuid-2.23.2-33.el7_3.2.ppc.rpm libuuid-2.23.2-33.el7_3.2.ppc64.rpm libuuid-devel-2.23.2-33.el7_3.2.ppc.rpm libuuid-devel-2.23.2-33.el7_3.2.ppc64.rpm util-linux-2.23.2-33.el7_3.2.ppc.rpm util-linux-2.23.2-33.el7_3.2.ppc64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc64.rpm uuidd-2.23.2-33.el7_3.2.ppc64.rpm ppc64le: libblkid-2.23.2-33.el7_3.2.ppc64le.rpm libblkid-devel-2.23.2-33.el7_3.2.ppc64le.rpm libmount-2.23.2-33.el7_3.2.ppc64le.rpm libuuid-2.23.2-33.el7_3.2.ppc64le.rpm libuuid-devel-2.23.2-33.el7_3.2.ppc64le.rpm util-linux-2.23.2-33.el7_3.2.ppc64le.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc64le.rpm uuidd-2.23.2-33.el7_3.2.ppc64le.rpm s390x: libblkid-2.23.2-33.el7_3.2.s390.rpm libblkid-2.23.2-33.el7_3.2.s390x.rpm libblkid-devel-2.23.2-33.el7_3.2.s390.rpm libblkid-devel-2.23.2-33.el7_3.2.s390x.rpm libmount-2.23.2-33.el7_3.2.s390.rpm libmount-2.23.2-33.el7_3.2.s390x.rpm libuuid-2.23.2-33.el7_3.2.s390.rpm libuuid-2.23.2-33.el7_3.2.s390x.rpm libuuid-devel-2.23.2-33.el7_3.2.s390.rpm libuuid-devel-2.23.2-33.el7_3.2.s390x.rpm util-linux-2.23.2-33.el7_3.2.s390.rpm util-linux-2.23.2-33.el7_3.2.s390x.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.s390.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.s390x.rpm uuidd-2.23.2-33.el7_3.2.s390x.rpm x86_64: libblkid-2.23.2-33.el7_3.2.i686.rpm libblkid-2.23.2-33.el7_3.2.x86_64.rpm libblkid-devel-2.23.2-33.el7_3.2.i686.rpm libblkid-devel-2.23.2-33.el7_3.2.x86_64.rpm libmount-2.23.2-33.el7_3.2.i686.rpm libmount-2.23.2-33.el7_3.2.x86_64.rpm libuuid-2.23.2-33.el7_3.2.i686.rpm libuuid-2.23.2-33.el7_3.2.x86_64.rpm libuuid-devel-2.23.2-33.el7_3.2.i686.rpm libuuid-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-2.23.2-33.el7_3.2.i686.rpm util-linux-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm uuidd-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): aarch64: libmount-devel-2.23.2-33.el7_3.2.aarch64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.aarch64.rpm ppc64: libmount-devel-2.23.2-33.el7_3.2.ppc.rpm libmount-devel-2.23.2-33.el7_3.2.ppc64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc64.rpm ppc64le: libmount-devel-2.23.2-33.el7_3.2.ppc64le.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.ppc64le.rpm s390x: libmount-devel-2.23.2-33.el7_3.2.s390.rpm libmount-devel-2.23.2-33.el7_3.2.s390x.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.s390.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.s390x.rpm x86_64: libmount-devel-2.23.2-33.el7_3.2.i686.rpm libmount-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: util-linux-2.23.2-33.el7_3.2.src.rpm x86_64: libblkid-2.23.2-33.el7_3.2.i686.rpm libblkid-2.23.2-33.el7_3.2.x86_64.rpm libblkid-devel-2.23.2-33.el7_3.2.i686.rpm libblkid-devel-2.23.2-33.el7_3.2.x86_64.rpm libmount-2.23.2-33.el7_3.2.i686.rpm libmount-2.23.2-33.el7_3.2.x86_64.rpm libuuid-2.23.2-33.el7_3.2.i686.rpm libuuid-2.23.2-33.el7_3.2.x86_64.rpm libuuid-devel-2.23.2-33.el7_3.2.i686.rpm libuuid-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-2.23.2-33.el7_3.2.i686.rpm util-linux-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm uuidd-2.23.2-33.el7_3.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: libmount-devel-2.23.2-33.el7_3.2.i686.rpm libmount-devel-2.23.2-33.el7_3.2.x86_64.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.i686.rpm util-linux-debuginfo-2.23.2-33.el7_3.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-2616 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7n4pXlSAg2UNWIIRAsCVAJ4w9jGUsneMY7bMOAuWfu0S+q7rigCfdF5W 7Zi3qRLisbrmC19vAqk7I3s= =LlRf -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: python-defusedxml and python-pysaml2 security update Advisory ID: RHSA-2017:0938-01 Product: Red Hat Enterprise Linux OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2017:0938 Issue date: 2017-04-12 CVE Names: CVE-2016-10149 ===================================================================== 1. Summary: An update for python-defusedxml and python-pysaml2 is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 10.0 - noarch 3. Description: The defusedxml package contains several Python-only updates for security vulnerabilities in Python's XML libraries. Defusedxml functions and classes can be used instead of the originals to protect against entity-expansion and DTD-retrieval issues. PySAML2 is the python implementation of SAML Version 2, containing all the functionality for building a SAML2 service provider or an identity provider, to be used in a WSGI environment. Security Fix(es): * An XML entity expansion vulnerability was found in python-pysaml2. A remote attacker could send a crafted request which would cause denial of service through resource exhaustion. (CVE-2016-10149) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1415710 - CVE-2016-10149 python-pysaml2: Entity expansion issue 6. Package List: Red Hat OpenStack Platform 10.0: Source: python-defusedxml-0.5.0-1.el7ost.src.rpm python-pysaml2-3.0.2-3.el7ost.src.rpm noarch: python-defusedxml-0.5.0-1.el7ost.noarch.rpm python-pysaml2-3.0.2-3.el7ost.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-10149 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7oDeXlSAg2UNWIIRApCHAJ9MZG0PZNFCfjFt4RqDl6vRAHNcMQCdGHwN c2oeDCfuB21ENY8aKL92Tec= =Z6cP -----END PGP SIGNATURE----- --

Hello editors, Today we review the Attack X3 RGB keyboard from Cougar featuring Cherry MX RGB mechanical switches, a brushed aluminum face-plate, and RGB LED lighting. It supports user customizable system macros, and offers Full N-key rollover in USB mode. http://www.neoseeker.com/Articles/Hardware/Reviews/cougar-attack-x3-rgb/ "This brushed aluminum keyboard utilizes Cherry MX RGB key switches that > provide RGB backlighting. Users can adjust lighting colors and effects, as > well as key macros and bindings with the Cougar UIX System software. The > keyboard works out of the box without needing to install anything manually, > the included software simply gives users more control over the device. > Users can choose between 6-Key and N-Key Rollover modes, with 6-Key set by > default. Polling rate is up to 1000Hz." Thanks as always for any linkage! Neoseeker Hardwrae http://www.neoseeker.com/ hardware ( -at -) neoseeker.com

SUSE Security Update: Security update for flash-player ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0990-1 Rating: important References: #1033619 Cross-References: CVE-2017-3058 CVE-2017-3059 CVE-2017-3060 CVE-2017-3061 CVE-2017-3062 CVE-2017-3063 CVE-2017-3064 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 ______________________________________________________________________________ An update that fixes 7 vulnerabilities is now available. Description: Adobe flash-player was updated to 25.0.0.148 to fix the following issues: - Vulnerabilities fixed as advised under APSB17-10: * Use-after-free vulnerabilities that could lead to code execution (CVE-2017-3058, CVE-2017-3059, CVE-2017-3062, CVE-2017-3063). * Resolve memory corruption vulnerabilities that could lead to code execution (CVE-2017-3060, CVE-2017-3061, CVE-2017-3064). - Details: https://helpx.adobe.com/security/products/flash-player/apsb17-10.html Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP1: zypper in -t patch SUSE-SLE-WE-12-SP1-2017-576=1 - SUSE Linux Enterprise Desktop 12-SP1: zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2017-576=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Workstation Extension 12-SP1 (x86_64): flash-player-25.0.0.148-165.1 flash-player-gnome-25.0.0.148-165.1 - SUSE Linux Enterprise Desktop 12-SP1 (x86_64): flash-player-25.0.0.148-165.1 flash-player-gnome-25.0.0.148-165.1 References: https://www.suse.com/security/cve/CVE-2017-3058.html https://www.suse.com/security/cve/CVE-2017-3059.html https://www.suse.com/security/cve/CVE-2017-3060.html https://www.suse.com/security/cve/CVE-2017-3061.html https://www.suse.com/security/cve/CVE-2017-3062.html https://www.suse.com/security/cve/CVE-2017-3063.html https://www.suse.com/security/cve/CVE-2017-3064.html https://bugzilla.suse.com/1033619 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2017:0931-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0931 Issue date: 2017-04-12 CVE Names: CVE-2016-8650 CVE-2016-9793 CVE-2017-2618 CVE-2017-2636 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Realtime (v. 7) - noarch, x86_64 Red Hat Enterprise Linux for Real Time for NFV (v. 7) - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650, Moderate) * A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793, Moderate) * A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618, Moderate) Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636 and Ralf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was discovered by Paul Moore (Red Hat Engineering). Bug Fix(es): * Previously, a cgroups data structure was sometimes corrupted due to a race condition in the kernel-rt cgroups code. Consequently, several system tasks were blocked, and the operating system became unresponsive. This update adds a lock that prevents the race condition. As a result, the cgroups data structure no longer gets corrupted and the operating system no longer hangs under the described circumstances. (BZ#1420784) * The kernel-rt packages have been upgraded to the 3.10.0-514.16.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1430749) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1395187 - CVE-2016-8650 kernel: Null pointer dereference via keyctl 1402013 - CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE 1419916 - CVE-2017-2618 kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate) 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 1430749 - kernel-rt: update to the RHEL7.3.z batch#4 source tree [RT-7.3.z] 6. Package List: Red Hat Enterprise Linux for Real Time for NFV (v. 7): Source: kernel-rt-3.10.0-514.16.1.rt56.437.el7.src.rpm noarch: kernel-rt-doc-3.10.0-514.16.1.rt56.437.el7.noarch.rpm x86_64: kernel-rt-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-kvm-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-kvm-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-kvm-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-kvm-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-kvm-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-kvm-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm Red Hat Enterprise Linux Realtime (v. 7): Source: kernel-rt-3.10.0-514.16.1.rt56.437.el7.src.rpm noarch: kernel-rt-doc-3.10.0-514.16.1.rt56.437.el7.noarch.rpm x86_64: kernel-rt-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debug-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm kernel-rt-trace-devel-3.10.0-514.16.1.rt56.437.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8650 https://access.redhat.com/security/cve/CVE-2016-9793 https://access.redhat.com/security/cve/CVE-2017-2618 https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7jjUXlSAg2UNWIIRAvx4AJ0UGk1zTaNQOjqhPxzDBAnSVe0UWACfeNls kwrQgjLNJxXW/CVLujHvI7M= =zagv -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security and bug fix update Advisory ID: RHSA-2017:0932-01 Product: Red Hat Enterprise MRG for RHEL-6 Advisory URL: https://access.redhat.com/errata/RHSA-2017:0932 Issue date: 2017-04-12 CVE Names: CVE-2016-8650 CVE-2016-9793 CVE-2017-2618 CVE-2017-2636 CVE-2017-6074 ===================================================================== 1. Summary: An update for kernel-rt is now available for Red Hat Enterprise MRG 2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: MRG Realtime for RHEL 6 Server v.2 - noarch, x86_64 3. Description: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A use-after-free flaw was found in the way the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation freed SKB (socket buffer) resources for a DCCP_PKT_REQUEST packet when the IPV6_RECVPKTINFO option is set on the socket. A local, unprivileged user could use this flaw to alter the kernel memory, allowing them to escalate their privileges on the system. (CVE-2017-6074, Important) * A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650, Moderate) * A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793, Moderate) * A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618, Moderate) Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636; Andrey Konovalov (Google) for reporting CVE-2017-6074; and Ralf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was discovered by Paul Moore (Red Hat Engineering). Bug Fix(es): * The kernel-rt packages have been upgraded to version 3.10.0-514.rt56.219, which provides a number of bug fix updates over the previous version. (BZ#1429613) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1395187 - CVE-2016-8650 kernel: Null pointer dereference via keyctl 1402013 - CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE 1419916 - CVE-2017-2618 kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate) 1423071 - CVE-2017-6074 kernel: use after free in dccp protocol 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 1429613 - update the MRG 2.5.z 3.10 kernel-rt sources 6. Package List: MRG Realtime for RHEL 6 Server v.2: Source: kernel-rt-3.10.0-514.rt56.219.el6rt.src.rpm noarch: kernel-rt-doc-3.10.0-514.rt56.219.el6rt.noarch.rpm kernel-rt-firmware-3.10.0-514.rt56.219.el6rt.noarch.rpm x86_64: kernel-rt-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-debug-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-debug-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-debug-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-debuginfo-common-x86_64-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-trace-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-trace-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-trace-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-vanilla-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-vanilla-debuginfo-3.10.0-514.rt56.219.el6rt.x86_64.rpm kernel-rt-vanilla-devel-3.10.0-514.rt56.219.el6rt.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8650 https://access.redhat.com/security/cve/CVE-2016-9793 https://access.redhat.com/security/cve/CVE-2017-2618 https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/cve/CVE-2017-6074 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7jhEXlSAg2UNWIIRAnj9AJ9Cc3tBqUeEtUD4NNjZPWRRMQrUbACePqcM HMWFKmmrPR5wDrIGCofQ9rs= =9p44 -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: RHSA-2017:0933-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0933 Issue date: 2017-04-12 CVE Names: CVE-2016-8650 CVE-2016-9793 CVE-2017-2618 CVE-2017-2636 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages include several security issues and numerous bug fixes. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/articles/2986951. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw panics the machine during the verification of the RSA key. (CVE-2016-8650, Moderate) * A flaw was found in the Linux kernel's implementation of setsockopt for the SO_{SND|RCV}BUFFORCE setsockopt() system call. Users with non-namespace CAP_NET_ADMIN are able to trigger this call and create a situation in which the sockets sendbuff data size could be negative. This could adversely affect memory allocations and create situations where the system could crash or cause memory corruption. (CVE-2016-9793, Moderate) * A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. (CVE-2017-2618, Moderate) Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636 and Ralf Spenneberg for reporting CVE-2016-8650. The CVE-2017-2618 issue was discovered by Paul Moore (Red Hat Engineering). 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1395187 - CVE-2016-8650 kernel: Null pointer dereference via keyctl 1402013 - CVE-2016-9793 kernel: Signed overflow for SO_{SND|RCV}BUFFORCE 1419916 - CVE-2017-2618 kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate) 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-514.16.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.16.1.el7.noarch.rpm kernel-doc-3.10.0-514.16.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-headers-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.16.1.el7.x86_64.rpm perf-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-514.16.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.16.1.el7.noarch.rpm kernel-doc-3.10.0-514.16.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-headers-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.16.1.el7.x86_64.rpm perf-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-514.16.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.16.1.el7.noarch.rpm kernel-doc-3.10.0-514.16.1.el7.noarch.rpm ppc64: kernel-3.10.0-514.16.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-514.16.1.el7.ppc64.rpm kernel-debug-3.10.0-514.16.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-514.16.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-514.16.1.el7.ppc64.rpm kernel-devel-3.10.0-514.16.1.el7.ppc64.rpm kernel-headers-3.10.0-514.16.1.el7.ppc64.rpm kernel-tools-3.10.0-514.16.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-514.16.1.el7.ppc64.rpm perf-3.10.0-514.16.1.el7.ppc64.rpm perf-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm python-perf-3.10.0-514.16.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm ppc64le: kernel-3.10.0-514.16.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debug-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.16.1.el7.ppc64le.rpm kernel-devel-3.10.0-514.16.1.el7.ppc64le.rpm kernel-headers-3.10.0-514.16.1.el7.ppc64le.rpm kernel-tools-3.10.0-514.16.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-514.16.1.el7.ppc64le.rpm perf-3.10.0-514.16.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm python-perf-3.10.0-514.16.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm s390x: kernel-3.10.0-514.16.1.el7.s390x.rpm kernel-debug-3.10.0-514.16.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.s390x.rpm kernel-debug-devel-3.10.0-514.16.1.el7.s390x.rpm kernel-debuginfo-3.10.0-514.16.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-514.16.1.el7.s390x.rpm kernel-devel-3.10.0-514.16.1.el7.s390x.rpm kernel-headers-3.10.0-514.16.1.el7.s390x.rpm kernel-kdump-3.10.0-514.16.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-514.16.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-514.16.1.el7.s390x.rpm perf-3.10.0-514.16.1.el7.s390x.rpm perf-debuginfo-3.10.0-514.16.1.el7.s390x.rpm python-perf-3.10.0-514.16.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.s390x.rpm x86_64: kernel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-headers-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.16.1.el7.x86_64.rpm perf-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: kernel-debug-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-514.16.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.ppc64.rpm perf-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.ppc64.rpm ppc64le: kernel-debug-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-514.16.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.ppc64le.rpm x86_64: kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-514.16.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-514.16.1.el7.noarch.rpm kernel-doc-3.10.0-514.16.1.el7.noarch.rpm x86_64: kernel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-devel-3.10.0-514.16.1.el7.x86_64.rpm kernel-headers-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-514.16.1.el7.x86_64.rpm perf-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: kernel-debug-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-514.16.1.el7.x86_64.rpm perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-514.16.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-8650 https://access.redhat.com/security/cve/CVE-2016-9793 https://access.redhat.com/security/cve/CVE-2017-2618 https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/articles/2986951 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7jlPXlSAg2UNWIIRAlYuAJwJ8oJj2PedLkgheQy18YcryP60vgCghCYK LVXVCGRpoKyriEC/9Mocik8= =74Wz -----END PGP SIGNATURE----- --

Corsair Dominator Platinum DDR4-3200 16GB Memory Kit Review ( -at -) ThinkComputers.org Review Link: http://www.thinkcomputers.org/corsair-dominator-platinum-ddr4-3200-16gb-memory-kit-review/ Image URL: http://www.thinkcomputers.org/reviews/corsair_dominator_ddr4/email.jpg Alt Image URL: http://www.thinkcomputers.org/reviews/corsair_dominator_ddr4/small.jpg Quote: "When it comes to memory Corsair is always at the top of the list for most people, especially their Dominator Platinum Series. This series is widely regarded as the best high-performance memory out there. The reason for that is because for the Dominator Series Corsair hand-picks the ICs used for the best performance and overclockability. Dominator memory also features Corsair’s Patented DHX cooling technology. Today we are taking a look at the CMD16GX4M2B3200C16 kit which is a 16 GB (2x 8GB) kit that runs at 3200 MHz with timings of 16-18-18-36 at 1.35V. Lets get this kit in our test system and see if it lives up to the hype!"

A simple application to access, organize and share your photos on GNOME. It is meant to be a simple and elegant replacement for using a file manager to deal with photos. Seamless cloud integration is offered through GNOME Online Accounts. Overview of changes in 3.24.1 ============================= * Bugs fixed: 765136 Changing the aspect ratio of the crop can make the selection larger than the image * Updated translations: Croatian Greek Polish Bugs: https://bugzilla.gnome.org/enter_bug.cgi?product=gnome-photos Design: https://wiki.gnome.org/Design/Apps/Photos Download: http://download.gnome.org/sources/gnome-photos/3.24/ Git: http://git.gnome.org/browse/gnome-photos Website: https://wiki.gnome.org/Apps/Photos Happy hacking, Debarshi _______________________________________________

=AEROCOOL STRIKE-X AIR REVIEW= ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=46c4b6a220&e=872093acb5 http://www.kitguru.net ASUS ROG Gladius II Mouse Review The ASUS ROG Gladius II is the long-awaited successor to the original Gladius mouse which we reviewed in 2014. Back with a vengeance, the Gladius II sports a new sensor, support for ASUS’ Aura lighting technology, and hot-swappable Omron switches. Priced at £79.99, is this the new go-to gaming mouse? Read the review here: http://www.kitguru.net/peripherals/mouse/dominic-moass/asus-rog-gladius-ii-mouse-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend1.com/forward?u=bfb2b902b5fb045ad6f841f98&id=46c4b6a220&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

A new stable release of Shotwell is available. Shotwell is available for download at https://download.gnome.org/sources/shotwell/0.26/shotwell-0.26.1.tar.xz Or for Ubuntu >= 16.04 at the stable PPA: https://launchpad.net/~yg-jensge/+archive/ubuntu/shotwell (soon) Changes in this version: Shotwell 0.26.1 - 11 Apr 2017 * Fix "About" wording * Fix missing Keyboard shortcuts * Viewer: Fix context menu Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=780415 - https://bugzilla.gnome.org/show_bug.cgi?id=780811 All contributors to this release: - Piotr Drąg - Jens Georg - Rafael Fontenelle - Mario Blättermann - Anders Jonsson Added/updated translations - de, courtesy of Mario Blättermann - pl, courtesy of Piotr Drąg - pt_BR, courtesy of Rafael Fontenelle - sv, courtesy of Anders Jonsson _______________________________________________

An oldstable maintenance release of Shotwell is available. This is most likely the last release of the 0.24 series Shotwell is available for download at https://download.gnome.org/sources/shotwell/0.24/shotwell-0.24.6.tar.xz Shotwell 0.24.6 - 11 Apr 2017 * Fix gamma and chromatic aberrations when developing with libraw * Picasa: Remove possibility to create new albums * Fix import of files with ".ogg" extension * Fix crash on wayland when dragging tool boxes * Fix toolbox not visible in Cinnamon * Fix manpage * Viewer: Fix navigation after saving a photo * Do not load files into memory when importing * Translation updates Bugs fixed in this release: - https://bugzilla.gnome.org/show_bug.cgi?id=717305 - https://bugzilla.gnome.org/show_bug.cgi?id=732663 - https://bugzilla.gnome.org/show_bug.cgi?id=734816 - https://bugzilla.gnome.org/show_bug.cgi?id=778174 - https://bugzilla.gnome.org/show_bug.cgi?id=779558 All contributors to this release: - Jens Georg - Rafael Fontenelle - Debarshi Ray - ÃœøрþÑÂûðò ÃÂøúþûøћ - Piotr Drąg - Mario Blättermann - Marek Černocký - Jörg Frings-Fürst - Inaki Larranaga Murgoitio - GNOME Translation Robot - Christian Kirbach - Baurzhan Muftakhidinov - Balázs Meskó - Anders Jonsson _______________________________________________

Chillblast Fusion Hex (Ryzen R5 1600) System Review ------------------------------------------------------------ http://us2.campaign-archive2.com/?u=bfb2b902b5fb045ad6f841f98&id=30f4fb7d6b&e=872093acb5 http://www.kitguru.net Chillblast Fusion Hex (Ryzen R5 1600) System Review Today marks the launch of the new Ryzen 5 line of processors from AMD. If you’ve been living under a rock for the past month, these are the cheaper hex-core and quad-core chips that slot in under Ryzen 7 in the family hierarchy. Chillblast were very quick to send us a system based on the Ryzen 5 1600, and when coupled with a GTX 1070, could this be a real winner? Read the review here: http://www.kitguru.net/desktop-pc/gaming-rig/dominic-moass/chillblast-fusion-hex-ryzen-r5-1600-system-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=30f4fb7d6b&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

SUSE Security Update: Security update for xen ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:0983-1 Rating: important References: #1014136 #1015348 #1022555 #1026236 #1027519 #1028235 #1029128 #1029827 #1030144 #1030442 Cross-References: CVE-2017-6505 CVE-2017-7228 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 ______________________________________________________________________________ An update that solves two vulnerabilities and has 8 fixes is now available. Description: This update for xen to version 4.7.2 fixes the following issues: These security issues were fixed: - CVE-2017-7228: Broken check in memory_exchange() permited PV guest breakout (bsc#1030442). - XSA-206: Unprivileged guests issuing writes to xenstore were able to stall progress of the control domain or driver domain, possibly leading to a Denial of Service (DoS) of the entire host (bsc#1030144). - CVE-2017-6505: The ohci_service_ed_list function in hw/usb/hcd-ohci.c allowed local guest OS users to cause a denial of service (infinite loop) via vectors involving the number of link endpoint list descriptors (bsc#1028235). These non-security issues were fixed: - bsc#1015348: libvirtd didn't not start during boot - bsc#1014136: kdump couldn't dump a kernel on SLES12-SP2 with Xen hypervisor. - bsc#1026236: Fixed paravirtualized performance - bsc#1022555: Timeout in "execution of /etc/xen/scripts/block add" - bsc#1029827: Forward port xenstored - bsc#1029128: Make xen to really produce xen.efi with gcc48 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-572=1 - SUSE Linux Enterprise Server 12-SP2: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2017-572=1 - SUSE Linux Enterprise Desktop 12-SP2: zypper in -t patch SUSE-SLE-DESKTOP-12-SP2-2017-572=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 x86_64): xen-debugsource-4.7.2_02-36.1 xen-devel-4.7.2_02-36.1 - SUSE Linux Enterprise Server 12-SP2 (x86_64): xen-4.7.2_02-36.1 xen-debugsource-4.7.2_02-36.1 xen-doc-html-4.7.2_02-36.1 xen-libs-32bit-4.7.2_02-36.1 xen-libs-4.7.2_02-36.1 xen-libs-debuginfo-32bit-4.7.2_02-36.1 xen-libs-debuginfo-4.7.2_02-36.1 xen-tools-4.7.2_02-36.1 xen-tools-debuginfo-4.7.2_02-36.1 xen-tools-domU-4.7.2_02-36.1 xen-tools-domU-debuginfo-4.7.2_02-36.1 - SUSE Linux Enterprise Desktop 12-SP2 (x86_64): xen-4.7.2_02-36.1 xen-debugsource-4.7.2_02-36.1 xen-libs-32bit-4.7.2_02-36.1 xen-libs-4.7.2_02-36.1 xen-libs-debuginfo-32bit-4.7.2_02-36.1 xen-libs-debuginfo-4.7.2_02-36.1 References: https://www.suse.com/security/cve/CVE-2017-6505.html https://www.suse.com/security/cve/CVE-2017-7228.html https://bugzilla.suse.com/1014136 https://bugzilla.suse.com/1015348 https://bugzilla.suse.com/1022555 https://bugzilla.suse.com/1026236 https://bugzilla.suse.com/1027519 https://bugzilla.suse.com/1028235 https://bugzilla.suse.com/1029128 https://bugzilla.suse.com/1029827 https://bugzilla.suse.com/1030144 https://bugzilla.suse.com/1030442 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

At Phoronix we have posted a new article. A link to this from your site's news section would be greatly appreciated. Title: Unigine Superposition Is A Beautiful Way To Stress Your GPU In 2017, 17-Way Graphics Card Comparison ( -at -) Phoronix Direct Link: http://www.phoronix.com/vr.php?view=24481 Summary: "It's already been seven years since Unigine Corp rolled out the Unigine Heaven tech demo and four years since Unigine Valley while in that time while we have seen thousands of Linux game ports emerge, but few can match the visual intensity of these tech demos. In looking to set a new standard for jaw-dropping graphics and preparing to torture current Pascal and Polaris graphics cards as well as future Volta and Vega hardware, Unigine Corp today is releasing Unigine Superposition 1.0. Unigine Superposition is one godly GPU benchmark and is a beauty to watch." Please feel free to contact us with any questions or comments you may

After weeks of leaks the AMD Ryzen 5 series of processors has finally been launched! With the launch of the AMD Ryzen 5 processors, AMD is attacking the mainstream market at the $169 to $249 price points where most gamers buy processors... Article Title: AMD Ryzen 5 1600X and 1500X Processor Reviews ( -at -) Legit Reviews Article URL: http://www.legitreviews.com/amd-ryzen-5-1600x-1500x-processor-reviews_193479 Unsubscribe: http://adserv.legitreviews.com/cgi-bin/dada/mail.cgi/u/legitpr/news// =

AMD Ryzen 5 Reviews (1500X and 1600X) ------------------------------------------------------------ http://us2.campaign-archive1.com/?u=bfb2b902b5fb045ad6f841f98&id=77e43f6130&e=872093acb5 http://www.kitguru.net AMD Ryzen 5 Reviews (1500X and 1600X) Today we preset our indepth analysis of both Ryzen 5 1500X and 1600X processors. AMD Ryzen 5 1600X Review: http://www.kitguru.net/components/cpu/luke-hill/amd-ryzen-5-1600x-6c12t-cpu-review/ AMD Ryzen 5 1500X Review: http://www.kitguru.net/components/cpu/luke-hill/amd-ryzen-5-1500x-4c8t-cpu-review/ ============================================================ ** follow on Twitter (http://twitter.com/#!/kitgurupress) | ** friend on Facebook (http://www.facebook.com/pages/KitGuru/162236020510911) | ** forward to a friend (http://us2.forward-to-friend.com/forward?u=bfb2b902b5fb045ad6f841f98&id=77e43f6130&e=872093acb5) Copyright © 2017 KitGuru, All rights reserved. You are receiving this because you are a news partner or have signed up to receive our news.

View this email in your browser (http://us3.campaign-archive1.com/?u=efc4c507c2cf964fc2462caca&id=28f504061b&e=0c004f9c13) In our Ryzen 7 coverage, we were able to disclose a few details regarding the more mainstream targeted Ryzen 5 series of processors, but save for a few AMD provided data points, performance wasn’t one of them. Until today, that is. AMD’s Ryzen 5 series of processors should be available soon after you read this, and we’ve got the company’s top 6 and 4-core versions on the test bench, the Ryzen 5 1600X and Ryzen 5 1500X... AMD Ryzen 5 1600X And 1500X Processor Review: Affordable Zen Takes On Core i5 (http://hothardware.us3.list-manage2.com/track/click?u=efc4c507c2cf964fc2462caca&id=3bfce09061&e=0c004f9c13) http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=5897fbc7f1&e=0c004f9c13 http://hothardware.us3.list-manage1.com/track/click?u=efc4c507c2cf964fc2462caca&id=e66d0af9a3&e=0c004f9c13 Best Regards, HotHardware.com (http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=b84b5ed642&e=0c004f9c13) http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=30e139cfd5&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=275bb8f35f&e=0c004f9c13 http://hothardware.us3.list-manage.com/track/click?u=efc4c507c2cf964fc2462caca&id=7a0a673e51&e=0c004f9c13 ============================================================

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2017:0892-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0892 Issue date: 2017-04-11 CVE Names: CVE-2016-7910 CVE-2017-2636 ===================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - noarch, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important) * A flaw was found in the Linux kernel's implementation of seq_file where a local attacker could manipulate memory in the put() function pointer. This could lead to memory corruption and possible privileged escalation. (CVE-2016-7910, Moderate) Red Hat would like to thank Alexander Popov for reporting CVE-2017-2636. Bug Fix(es): * Previously, Chelsio firmware included an incorrectly-formatted firmware bin file. As a consequence, the firmware could not be flashed. This update provides a firmware bin file that is formatted correctly. As a result, Chelsio firmware can now be flashed successfully. (BZ#1433865) * When multiple simultaneous processes attempted to read from the /proc/stat file, spinlock overhead was generated on Non-Uniform Memory Access (NUMA) systems. Consequently, a large amount of CPU was consumed. With this update, the underlying source code has been fixed to avoid taking spinlock when the interrupt line does not exist. As a result, the spinlock overhead is now generated less often, and multiple simultaneous processes can now read /proc/stat without consuming a large amount of CPU. (BZ#1428106) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1399727 - CVE-2016-7910 kernel: Use after free in seq file 1428319 - CVE-2017-2636 kernel: Race condition access to n_hdlc.tbuf causes double free in n_hdlc_release() 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: kernel-2.6.32-696.1.1.el6.src.rpm i386: kernel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-devel-2.6.32-696.1.1.el6.i686.rpm kernel-headers-2.6.32-696.1.1.el6.i686.rpm perf-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-696.1.1.el6.noarch.rpm kernel-doc-2.6.32-696.1.1.el6.noarch.rpm kernel-firmware-2.6.32-696.1.1.el6.noarch.rpm x86_64: kernel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm kernel-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-headers-2.6.32-696.1.1.el6.x86_64.rpm perf-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: kernel-2.6.32-696.1.1.el6.src.rpm noarch: kernel-abi-whitelists-2.6.32-696.1.1.el6.noarch.rpm kernel-doc-2.6.32-696.1.1.el6.noarch.rpm kernel-firmware-2.6.32-696.1.1.el6.noarch.rpm x86_64: kernel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm kernel-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-headers-2.6.32-696.1.1.el6.x86_64.rpm perf-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: kernel-2.6.32-696.1.1.el6.src.rpm i386: kernel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-devel-2.6.32-696.1.1.el6.i686.rpm kernel-headers-2.6.32-696.1.1.el6.i686.rpm perf-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-696.1.1.el6.noarch.rpm kernel-doc-2.6.32-696.1.1.el6.noarch.rpm kernel-firmware-2.6.32-696.1.1.el6.noarch.rpm ppc64: kernel-2.6.32-696.1.1.el6.ppc64.rpm kernel-bootwrapper-2.6.32-696.1.1.el6.ppc64.rpm kernel-debug-2.6.32-696.1.1.el6.ppc64.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm kernel-debug-devel-2.6.32-696.1.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-696.1.1.el6.ppc64.rpm kernel-devel-2.6.32-696.1.1.el6.ppc64.rpm kernel-headers-2.6.32-696.1.1.el6.ppc64.rpm perf-2.6.32-696.1.1.el6.ppc64.rpm perf-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm s390x: kernel-2.6.32-696.1.1.el6.s390x.rpm kernel-debug-2.6.32-696.1.1.el6.s390x.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.s390x.rpm kernel-debug-devel-2.6.32-696.1.1.el6.s390x.rpm kernel-debuginfo-2.6.32-696.1.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-696.1.1.el6.s390x.rpm kernel-devel-2.6.32-696.1.1.el6.s390x.rpm kernel-headers-2.6.32-696.1.1.el6.s390x.rpm kernel-kdump-2.6.32-696.1.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-696.1.1.el6.s390x.rpm kernel-kdump-devel-2.6.32-696.1.1.el6.s390x.rpm perf-2.6.32-696.1.1.el6.s390x.rpm perf-debuginfo-2.6.32-696.1.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.s390x.rpm x86_64: kernel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm kernel-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-headers-2.6.32-696.1.1.el6.x86_64.rpm perf-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm ppc64: kernel-debug-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm kernel-debuginfo-common-ppc64-2.6.32-696.1.1.el6.ppc64.rpm perf-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm python-perf-2.6.32-696.1.1.el6.ppc64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.ppc64.rpm s390x: kernel-debug-debuginfo-2.6.32-696.1.1.el6.s390x.rpm kernel-debuginfo-2.6.32-696.1.1.el6.s390x.rpm kernel-debuginfo-common-s390x-2.6.32-696.1.1.el6.s390x.rpm kernel-kdump-debuginfo-2.6.32-696.1.1.el6.s390x.rpm perf-debuginfo-2.6.32-696.1.1.el6.s390x.rpm python-perf-2.6.32-696.1.1.el6.s390x.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.s390x.rpm x86_64: kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: kernel-2.6.32-696.1.1.el6.src.rpm i386: kernel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-devel-2.6.32-696.1.1.el6.i686.rpm kernel-headers-2.6.32-696.1.1.el6.i686.rpm perf-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm noarch: kernel-abi-whitelists-2.6.32-696.1.1.el6.noarch.rpm kernel-doc-2.6.32-696.1.1.el6.noarch.rpm kernel-firmware-2.6.32-696.1.1.el6.noarch.rpm x86_64: kernel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debug-devel-2.6.32-696.1.1.el6.i686.rpm kernel-debug-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm kernel-devel-2.6.32-696.1.1.el6.x86_64.rpm kernel-headers-2.6.32-696.1.1.el6.x86_64.rpm perf-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: kernel-debug-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-2.6.32-696.1.1.el6.i686.rpm kernel-debuginfo-common-i686-2.6.32-696.1.1.el6.i686.rpm perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm python-perf-2.6.32-696.1.1.el6.i686.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.i686.rpm x86_64: kernel-debug-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm kernel-debuginfo-common-x86_64-2.6.32-696.1.1.el6.x86_64.rpm perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm python-perf-2.6.32-696.1.1.el6.x86_64.rpm python-perf-debuginfo-2.6.32-696.1.1.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2016-7910 https://access.redhat.com/security/cve/CVE-2017-2636 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7Nt6XlSAg2UNWIIRApweAKC7o76Fb9zsyuEJe2frk0y8PexXQACgg17Q ZikmOEYFPivutQinlRQx8IQ= =0Scs -----END PGP SIGNATURE----- --

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: 389-ds-base security and bug fix update Advisory ID: RHSA-2017:0893-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0893 Issue date: 2017-04-11 CVE Names: CVE-2017-2668 ===================================================================== 1. Summary: An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. Security Fix(es): * An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. (CVE-2017-2668) Red Hat would like to thank Joachim Jabs (F24) for reporting this issue. Bug Fix(es): * Previously, the "deref" plug-in failed to dereference attributes that use distinguished name (DN) syntax, such as "uniqueMember". With this patch, the "deref" plug-in can dereference such attributes and additionally "Name and Optional UID" syntax. As a result, the "deref" plug-in now supports any syntax. (BZ#1435365) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the 389 server service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1435365 - Unable to dereference unqiemember attribute because it is dn [#UID] not dn syntax 1436575 - CVE-2017-2668 389-ds-base: Remote crash via crafted LDAP messages 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: 389-ds-base-1.2.11.15-91.el6_9.src.rpm i386: 389-ds-base-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm x86_64: 389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: 389-ds-base-1.2.11.15-91.el6_9.src.rpm x86_64: 389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: 389-ds-base-1.2.11.15-91.el6_9.src.rpm i386: 389-ds-base-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm x86_64: 389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): i386: 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm x86_64: 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: 389-ds-base-1.2.11.15-91.el6_9.src.rpm i386: 389-ds-base-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm x86_64: 389-ds-base-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-libs-1.2.11.15-91.el6_9.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): i386: 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm x86_64: 389-ds-base-debuginfo-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-debuginfo-1.2.11.15-91.el6_9.x86_64.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.i686.rpm 389-ds-base-devel-1.2.11.15-91.el6_9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-2668 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY7N/IXlSAg2UNWIIRAiBUAJ4ykhZNcxlF3y9gfQHLbGueh+Na3gCgm/Ne c1D+MYouJwC/61SbXzibCM4= =MEfN -----END PGP SIGNATURE----- --

openSUSE Security Update: Security update for pidgin ______________________________________________________________________________ Announcement ID: openSUSE-SU-2017:0973-1 Rating: important References: #1009974 #1028835 Cross-References: CVE-2017-2640 Affected Products: openSUSE Leap 42.2 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for pidgin to version 2.12.0 fixes the following issues: This security issue was fixed: - CVE-2017-2640: Out of bounds memory read in purple_markup_unescape_entity (boo#1028835). These non-security issues were fixed: + libpurple: - Fix the use of uninitialised memory if running non-debug-enabled versions of glib. - Update AIM dev and dist ID's to new ones that were assigned by AOL. - TLS certificate verification now uses SHA-256 checksums. - Fix the SASL external auth for Freenode (boo#1009974). - Remove the MSN protocol plugin. It has been unusable and dormant for some time. - Remove the Mxit protocol plugin. The service was closed at the end ofSeptember 2016. - Remove the MySpaceIM protocol plugin. The service has been defunct for a long time (pidgin.im#15356). - Remove the Yahoo! protocol plugin. Yahoo has completely reimplemented their protocol, so this version is no longer operable as of August 5th, 2016. - Remove the Facebook (XMPP) account option. According to https://developers.facebook.com/docs/chat the XMPP Chat API service ended April 30th, 2015. - Fix gnutls certificate validation errors that mainly affected Google. + General: - Replace instances of d.pidgin.im with developer.pidgin.im and update the urls to use https (pidgin.im#17036). + IRC: - Fix an issue of messages being silently cut off at 500 characters. Large messages are now split into parts and sent one by one (pidgin.im#4753). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE Leap 42.2: zypper in -t patch openSUSE-2017-457=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE Leap 42.2 (noarch): libpurple-branding-openSUSE-42.2-3.3.2 libpurple-branding-upstream-2.12.0-8.6.1 libpurple-lang-2.12.0-8.6.1 - openSUSE Leap 42.2 (x86_64): finch-2.12.0-8.6.1 finch-debuginfo-2.12.0-8.6.1 finch-devel-2.12.0-8.6.1 libpurple-2.12.0-8.6.1 libpurple-debuginfo-2.12.0-8.6.1 libpurple-devel-2.12.0-8.6.1 libpurple-plugin-sametime-2.12.0-8.6.1 libpurple-plugin-sametime-debuginfo-2.12.0-8.6.1 libpurple-tcl-2.12.0-8.6.1 libpurple-tcl-debuginfo-2.12.0-8.6.1 pidgin-2.12.0-8.6.1 pidgin-debuginfo-2.12.0-8.6.1 pidgin-debugsource-2.12.0-8.6.1 pidgin-devel-2.12.0-8.6.1 References: https://www.suse.com/security/cve/CVE-2017-2640.html https://bugzilla.suse.com/1009974 https://bugzilla.suse.com/1028835 -- To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

Visit Hardware Asylum - http://www.hardwareasylum.com body { margin: 0px; padding: 10px; text-align: left; background-color: #FFF; } #header { vertical-align: top; height: 80px; } #footer { font-family: arial, Helvetica, sans-serif; font-size: 10px; color: #000; margin-top: 5px; padding: 3px; } .titletext { font-family: Arial, Helvetica, sans-serif; font-size: 18px; font-weight: bold; color: #852222; } .subtitletext { font-family: Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; color: #9E9E9E; } .bodytext { font-family: Arial, Helvetica, sans-serif; font-size: 14px; color: #000000; } .smalltext { font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #9E9E9E; } b { font-weight: bold; } i { font-style: italic; } a { color: #C00; } Hello Everyone,During CES Creative announced two new gaming peripherals and in an attempt to launch then in style they offered an exclusive bundle called the Weapons Crate complete with hard shell plastic case.Subject: Sound BlasterX Weapons Crate Review ( -at -) Hardware AsylumURL: http://www.hardwareasylum.com/reviews/input_device/creative_weapon_crateQuote: There’s just something about a limited edition bundle that always peaks my interest and Creative Labs has created an awesome bundle to celebrate the release of hot new Sound BlasterX Siege M04 RGB gaming mouse and Vanguard K08 RGB mechanical gaming keyboard.A news posting would be appreciated.ThanksDennis Garciahttp://www.hardwareasylum.com To no longer receive these types of emails please send a copy of this message to us at support ( -at -) hardwareasylum.com and we'll remove you from the list. Copyright © Hardware Asylum 1999-2013 All rights reserved

View this email in your browser (http://mailchi.mp/1b2448f962ef/corsair-sabre-rgb-gaming-mouse-review?e=8138df6da5) ** Benchmark Reviews Presents: ------------------------------------------------------------ TITLE: Corsair Sabre RGB Gaming Mouse Review (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=57436ef55c&e=8138df6da5) QUOTE: Any serious gamer needs a serious gaming mouse, and there are certainly a lot of them on the market to choose from. Premium vendor Corsair offers no fewer than five such mice, ranging from entry-level (for Corsair) items to multi-button mice for MOBA gaming. Today Benchmark Reviews has in hand one of what Corsair refers to as part of their “lightweight gaming mice†lineup, the Corsair Sabre RGB wired USB gaming mouse, equipped with a 10,000dpi optical sensor and multi-zone RGB lighting. LINK: http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=2e306cc4a3&e=8138df6da5 IMAGE: http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=6d7e5f4d67&e=8138df6da5 ============================================================ ** (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=ab11b3040a&e=8138df6da5) ** (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=86b65c878e&e=8138df6da5) ** (http://benchmarkreviews.us10.list-manage.com/track/click?u=9a2f239b17114c9008e3dfda9&id=47776dab67&e=8138df6da5)