[slackware-security] openjpeg

New openjpeg packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openjpeg-2.5.1-i586-1slack15.0.txz: Upgraded. Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in sycc420torgb when...

Slackware Linux 15.0 / current openjpeg Vulnerability (SSA:2024-057-01)

The version of openjpeg installed on the remote host is prior to 2.5.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-057-01 advisory. - A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420torgb when decompressing a crafted .j2k file. An...

Slackware: Security Advisory (SSA:2024-052-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.8.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2024-052-01)

The version of mozilla-thunderbird installed on the remote host is prior to 115.8.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-052-01 advisory. - When storing and re-accessing data on a networking channel, the length of buffers may have been confused,...

Slackware: Security Advisory (SSA:2024-051-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2024-051-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] libuv

New libuv packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libuv-1.48.0-i586-1slack15.0.txz: Upgraded. This update fixes a server-side request forgery SSRF flaw. Thanks to alex2grad for the...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.8.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

Slackware Linux 15.0 / current libuv Vulnerability (SSA:2024-051-02)

The version of libuv installed on the remote host is prior to 1.48.0. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-051-02 advisory. - libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and...

Slackware: Security Advisory (SSA:2024-044-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] dnsmasq

New dnsmasq packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/dnsmasq-2.90-i586-1slack15.0.txz: Upgraded. Add limits on the resources used to do DNSSEC validation. For more information, see:...

Slackware Linux 15.0 / current dnsmasq Multiple Vulnerabilities (SSA:2024-044-02)

The version of dnsmasq installed on the remote host is prior to 2.90. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-044-02 advisory. - MITRE: CVE-2023-50387 DNSSEC verification complexity can be exploited to exhaust CPU resources and stall DNS resolvers...

Slackware: Security Advisory (SSA:2024-044-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] bind

New bind packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.16.48-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues: Specific DNS answers could cause a...

Slackware Linux 15.0 / current bind Multiple Vulnerabilities (SSA:2024-044-01)

The version of bind installed on the remote host is prior to 9.16.48 / 9.18.24. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-044-01 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported...

Slackware: Security Advisory (SSA:2024-040-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] xpdf

New xpdf packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xpdf-4.05-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Fixed a bug in the ICCBased color space parser that was...

Slackware Linux 15.0 / current xpdf Multiple Vulnerabilities (SSA:2024-040-01)

The version of xpdf installed on the remote host is prior to 4.05. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-040-01 advisory. - XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf...

Slackware: Security Advisory (SSA:2024-038-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...