1878 matches found
[slackware-security] cups
CUPS was found to contain errors in ipp.c which could allow a remote attacker to crash CUPS, resulting in a denial of service. If you use CUPS, it is recommended to update to the latest package for your version of Slackware. The latest cups package is available for Slackware -current, and patched...
[slackware-security] gnupg
New gnupg packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. More details about the issues may be found here: http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html https://vulners.com/cve/CVE-2006-6235 https://vulners.com/cve/CVE-2006-61...
[slackware-security] mysql
New mysql packages are available for Slackware 9.1, 10.0, 10.1, 10.2 and -current to fix security issues. The MySQL packages shipped with Slackware 9.1, 10.0, and 10.1 may possibly leak sensitive information found in uninitialized memory to authenticated users. This is fixed in the new packages,...
[slackware-security] Slackware 10.1 kdegraphics
A new kdegraphics package is available for Slackware 10.1 to fix a security issue. A portion of the recent security patch was missing in the version that was applied to kdegraphics-3.3.2 in Slackware 10.1. Other versions of Slackware are not affected by this specific missing patch issue. More...
X.Org pixmap overflow
New X.Org server packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security issue. An integer overflow in the pixmap handling code may allow the execution of arbitrary code through a specially crafted pixmap. Slackware 10.2 was patched against this vulnerability before...
[slackware-security] gaim
New gaim packages are available for Slackware 9.1, 10.0 and -current to fix several security issues. Sites that use GAIM should upgrade to the new version. Here are the details from the Slackware 10.0 ChangeLog: Thu Aug 26 17:14:09 PDT 2004 patches/packages/gaim-0.82-i486-1.tgz: Upgraded to...
metamail security update
Metamail is a set of utilities for processing MIME mail. New metamail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two format string bugs and two buffer overflows which could lead to unauthorized code execution. Thanks to Ulf Hrnhammar for discovering these problems...
Kernel security update
New kernels are available for Slackware 9.1 and -current. These have been upgraded to Linux kernel version 2.4.23, which fixes a bug in the kernel's dobrk function that could be exploited to gain root privileges. These updated kernels and modules should be installed by any sites running a 2.4...
[slackware-security] freetype
New freetype packages are available for Slackware 15.0 to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/freetype-2.13.3-i586-1slack15.0.txz: Upgraded. This update fixes bugs and a security issue: An out of bounds write exists in FreeType versions...
[slackware-security] httpd
New httpd packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/httpd-2.4.62-i586-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. The first CVE is for Windows, but th...
[slackware-security] vim
New vim packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-9.0.2063-i586-1slack15.0.txz: Upgraded. Fixed use-after-free security issue. Thanks to marav for the heads-up. For more information,...
[slackware-security] libX11
New libX11 packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libX11-1.8.7-i586-1slack15.0.txz: Upgraded. This update fixes security issues: libX11: out-of-bounds memory access ...
[slackware-security] curl
New curl packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/curl-8.2.0-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: fopen race condition. For more...
[slackware-security] tar
New tar packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/tar-1.34-i586-2slack15.0.txz: Rebuilt. GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.6.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...
[slackware-security] emacs
New emacs packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/emacs-27.2-i586-2slack15.0.txz: Rebuilt. GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the...
[slackware-security] vim
New vim and vim-gvim packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-8.2.4649-i586-2slack15.0.txz: Rebuilt. Fix use after free, out-of-bounds read, and heap based buffer overflow. Thanks to...
[slackware-security] mozilla-nss
New mozilla-nss packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-nss-3.40.1-i586-2slack14.2.txz: Rebuilt. This update fixes a critical security issue: NSS Network Security...
[slackware-security] curl
New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/curl-7.72.0-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: libcurl: wrong connect-only connection 98 F...
[slackware-security] libexif
New libexif packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libexif-0.6.22-i486-1slack14.2.txz: Upgraded. This update fixes bugs and security issues: CVE-2018-20030: Fix for...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-68.4.2-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...
[slackware-security] openvpn
New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openvpn-2.4.6-i586-1slack14.2.txz: Upgraded. This is a security update fixing a potential double-fre...
[slackware-security] samba
New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/samba-4.4.16-i586-1slack14.2.txz: Upgraded. This is a security release in order to address the following defects: SMB1/2/3...
[slackware-security] git
New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/git-2.14.1-i586-1slack14.2.txz: Upgraded. Fixes security issues: A "ssh://..." URL can result in a "ssh"...
[slackware-security] openvpn
New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openvpn-2.3.17-i586-1slack14.2.txz: Upgraded. This update fixes several denial of service issues...
[slackware-security] proftpd
New proftpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/proftpd-1.3.5e-i586-1slack14.2.txz: Upgraded. This release fixes a security issue: AllowChrootSymlink...
[slackware-security] samba
New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a regression with the previous security patch. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/samba-4.4.13-i586-1slack14.2.txz: Upgraded. This is a bug fix release to address a regressio...
[slackware-security] gnutls
New gnutls packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/gnutls-3.5.8-i586-1slack14.2.txz: Upgraded. This update fixes some bugs and security issues. For more information, see:...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-45.5.1esr-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For mo...
[slackware-security] kernel
New kernel packages are available for Slackware 14.1 to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/linux-3.10.103/: Upgraded. A flaw was found in the implementation of the Linux kernels handling of networking challenge ack where an attacker is...
[slackware-security] openssl
New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/openssl-1.0.1q-x8664-1slack14.1.txz: Upgraded. This update fixes the following security issues: BNmodexp ma...
[slackware-security] bind
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/bind-9.9.7P2-i486-1slack14.1.txz: Upgraded. This update fixes a security issue where an error in the handling...
[slackware-security] freetype
New freetype packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/freetype-2.5.5-i486-1slack14.1.txz: Upgraded. This release fixes a security bug that could cause freetype...
[slackware-security] libtiff
New libtiff packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/libtiff-3.9.7-i486-1slack14.0.txz: Upgraded. Patched overflows, crashes, and out of bounds writes...
[slackware-security] gnutls
New gnutls packages are available for Slackware 14.0 and -current to fix a security issue. Sorry about having to reissue this one -- I pulled it from ftp.gnu.org not realizing that the latest version there was actually months out of date. Here are the details from the Slackware 14.0 ChangeLog:...
[slackware-security] gnutls
New gnutls packages are available for Slackware 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/gnutls-3.0.26-i486-1slack14.0.txz: Upgraded. This update prevents a side-channel attack which may allow remote attackers to conduct...
[slackware-security] bind
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/bind-9.7.3P1-i486-1slack13.37.txz: Upgraded. This release fixes...
[slackware-security] pidgin
New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/pidgin-2.7.11-i486-1slack13.1.txz: Upgraded. Fixed denials of service caused by NULL pointer dereferences due...
[slackware-security] samba
New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/samba-3.5.5-i486-1slack13.1.txz: Upgraded. This upgrade fixes a buffer overflow in th...
[slackware-security] cups
New cups packages are available for Slackware 13.1 and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/cups-1.4.4-i486-1slack13.1.txz: Upgraded. Fixed a memory allocation error in texttops. Fixed a Cross-Site Request Forgery CSRF that coul...
pidgin
New pidgin packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-2694 Here are the details from the Slackware 12.2 ChangeLog...
xine-lib
New xine-lib packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-0385 Here are the details from the Slackware 12.2 ChangeLo...
[slackware-security] libpng
New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-1382 Additional information can ...
[slackware-security] openssh
New openssh packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-1483 Here are the details from...
[slackware-security] samba
New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues. More details about these issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-4572 https://vulners.com/cve/CVE-2007-5398 Here...
[slackware-security] bind
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix security issues. The first issue which allows remote attackers to make recursive queries only affects Slackware 12.0. More details about this issue may be found in the Common Vulnerabilities and...
[slackware-security] php
New php packages are available for Slackware 10.2, 11.0, and -current to improve the stability and security of PHP. Quite a few bugs were fixed -- please see http://www.php.net for a detailed list. All sites that use PHP are encouraged to upgrade. Please note that we haven't tested all PHP...
[slackware-security] gnupg
New gnupg packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security ramifications of incorrect gpg usage. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-1263 Here are the details...
[slackware-security] x11
New x11 packages are available for Slackware 10.2 and -current to fix security issues. In addition, fontconfig and freetype have been split out from the x11 packages in -current, so if you run -current you'll also need to install those new packages. More details about the issues may be found here...
curl/wget
New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2, and -current, and new wget packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current. These address a buffer overflow in NTLM handling which may present a security problem, though no public exploits are...