[slackware-security] expat

New expat packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/expat-2.6.0-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Fix quadratic runtime issues with big tokens that can cau...

Slackware Linux 15.0 / current expat Multiple Vulnerabilities (SSA:2024-038-01)

The version of expat installed on the remote host is prior to 2.6.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-038-01 advisory. - libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case...

Slackware: Security Advisory (SSA:2024-035-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] libxml2

New libxml2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxml2-2.11.7-i586-1slack15.0.txz: Upgraded. Fix the following security issue: xmlreader: Don't expand XIncludes when backtracking...

Slackware Linux 15.0 / current libxml2 Vulnerability (SSA:2024-035-01)

The version of libxml2 installed on the remote host is prior to 2.11.7 / 2.12.5. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-035-01 advisory. - An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD...

Slackware: Security Advisory (SSA:2024-026-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2024-031-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] sendmail

New sendmail packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: extra/sendmail/sendmail-8.18.1-i586-1slack15.0.txz: Upgraded. sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote...

Slackware Linux 15.0 / current pam Vulnerability (SSA:2024-026-01)

The version of pam installed on the remote host is prior to 1.6.0. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-026-01 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEV...

Slackware Linux 15.0 / current sendmail Vulnerability (SSA:2024-031-01)

The version of sendmail installed on the remote host is prior to 8.18.1. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-031-01 advisory. - sendmail through 8.17.2 allows SMTP smuggling in certain configurations. Remote attackers can use a published exploitation...

[slackware-security] pam

New pam packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/pam-1.6.0-i586-1slack15.0.txz: Upgraded. pamnamespace.so: fixed a possible local denial-of-service vulnerability. For more information,...

Slackware: Security Advisory (SSA:2024-023-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.7.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...

Slackware: Security Advisory (SSA:2024-023-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.7.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

Slackware: Security Advisory (SSA:2024-022-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2024-023-01)

The version of mozilla-firefox installed on the remote host is prior to 115.7.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-023-01 advisory. - An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially...

[slackware-security] postfix

New postfix packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/postfix-3.6.14-i586-1slack15.0.txz: Upgraded. Security inbound SMTP smuggling: with "smtpdforbidbarenewline = normalize" default "no...

Slackware: Security Advisory (SSA:2024-021-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware Linux 15.0 / current postfix Vulnerability (SSA:2024-022-01)

The version of postfix installed on the remote host is prior to 3.6.14 / 3.8.5. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-022-01 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...