1873 matches found
[slackware-security] kde
New kdelibs and kdebase packages are available for Slackware 9.1, 10.0, and -current to fix security issues. More details about this issues may be found in the Common Vulnerabilities and Exposures CVE database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689...
lha update in bin package
New bin- packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix buffer overflows and directory traversal vulnerabilities in the 'lha' archive utility. Sites using 'lha' should upgrade to the new bin package right away. More details about these issues may be found in the Common...
minor advisory typo
The recently issued kernel advisory SSA:2003-336-01 reads: "More details about the Apache issue may be found in the Common Vulnerabilities and Exposures CVE database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0961" This should say "kernel", not "Apache". Sorry for any confusion. The...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.10.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...
[slackware-security] coreutils
New coreutils packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/coreutils-9.5-i586-1slack15.0.txz: Upgraded. chmod -R now avoids a race where an attacker may replace a traversed file with a...
[slackware-security] vim
New vim packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-9.0.2127-i586-1slack15.0.txz: Upgraded. Fixed security issues. Thanks to marav for the heads-up. For more information, see:...
[slackware-security] libcue
New libcue packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libcue-2.2.1-i586-4slack15.0.txz: Rebuilt. Fixed a bug which could allow memory corruption resulting in arbitrary code execution. For...
[slackware-security] apr-util
New apr-util packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/apr-util-1.6.3-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Integer Overflow or Wraparound vulnerability in...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-91.13.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...
[slackware-security] pidgin
New pidgin packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/pidgin-2.14.9-i586-1slack15.0.txz: Upgraded. Mitigate the potential for a man in the middle attack via DNS spoofin...
[slackware-security] dhcp
New dhcp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/dhcp-4.4.1-i586-1slack14.2.txz: Upgraded. This update fixes two security issues: Corrected an issue wher...
[slackware-security] libzip
New libzip packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libzip-1.0.1-i586-3slack14.2.txz: Rebuilt. Fix a denial of service security issue. For more information, see:...
[slackware-security] libsoup
New libsoup packages are available for Slackware 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libsoup-2.52.2-i586-3slack14.2.txz: Rebuilt. Fixed a chunked decoding buffer overrun that could be exploited against either...
[slackware-security] squashfs-tools
New squashfs-tools packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/squashfs-tools-4.3-i586-2slack14.2.txz: Rebuilt. Patched a couple of denial of service issues and other bugs. For more...
[slackware-security] tcpdump
New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/tcpdump-4.9.1-i586-1slack14.2.txz: Upgraded. This update fixes an issue where tcpdump 4.9.0 allows remote...
[slackware-security] glibc
New glibc packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/glibc-2.23-i586-2slack14.2.txz: Rebuilt. Applied upstream security hardening patches from git. For more information, see:...
[slackware-security] gnutls
New gnutls packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/gnutls-3.5.8-i586-1slack14.2.txz: Upgraded. This update fixes some bugs and security issues. For more information, see:...
[slackware-security] bind
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/bind-9.9.8P4-i486-1slack14.1.txz: Upgraded. Fixed security issues: Fix resolver assertion failure due to...
[slackware-security] MPlayer
New MPlayer packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/MPlayer-1.220160125-i486-1slack14.1.txz: Upgraded. This is the latest MPlayer-1.2 branch, identical to the...
[slackware-security] libpng
New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/libpng-1.4.17-i486-1slack14.1.txz: Upgraded. Fixed buffer overflows in the pngsetPLTE, pnggetPLTE, pngsettIM...
[slackware-security] bind
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/bind-9.9.7P3-i486-1slack14.1.txz: Upgraded. This update fixes two denial-of-service vulnerabilities: +...
[slackware-security] subversion
New subversion packages are available for Slackware 14.0, 14.1, and -current to fix denial-of-service issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/subversion-1.7.16-i486-1slack14.1.txz: Upgraded. Fix denial of service bugs. For more information, see:...
gnutls
New gnutls packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/gnutls-3.1.21-i486-1slack14.1.txz: Upgraded. This update fixes a flaw where a version 1 intermediate certificate would be...
openssl
New openssl packages are available for Slackware 14.0, and -current to fix a bug in openssl-1.0.1d. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/openssl-1.0.1e-i486-1slack14.0.txz: Upgraded. This release fixes a regression in openssl-1.0.1d, where the fix for...
[slackware-security] glibc
New glibc packages are available for Slackware 13.1, 13.37, and -current to fix a security issue. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/glibc-2.13-i486-5slack13.37.txz: Rebuilt. Patched an overflow in tzfile. This was evidently first reported in 2009, but is on...
[slackware-security] bind
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues that could allow attackers to successfully query private DNS records, or cause a denial of service. Here are the details from the Slackware 13.1...
bind
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. More details about this issue may be found here: https://www.isc.org/node/373 http://www.ocert.org/advisories/ocert-2008-016.html...
[slackware-security] cups
New cups packages are available for Slackware 12.0, and -current to fix security issues. The change from CUPS 1.2.x to CUPS 1.3.x was tested here, but if you're on a completely secured internal network these issues may be less of a risk than upgrading. If your IPP port is open to the internet,...
[slackware-security] xine-lib
New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-0073 Here are the details from the Slackware...
[slackware-security] openssh
New openssh packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-0225 Here are the details from the Slackwar...
[slackware-security] imagemagick
New imagemagick packages are available for Slackware 10.2 and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2005-4601 https://vulners.com/cve/CVE-2006-0082 Here are the details from...
PCRE library
New PCRE packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A buffer overflow could be triggered by a specially crafted regular expression. Any applications that use PCRE to process untrusted regular expressions may be exploited to run arbitrary...
dnsmasq
New dnsmasq packages are available for Slackware 10.0, 10.1, and -current to fix security issues. An off-by-one overflow vulnerability may allow a DHCP client to create a denial of service condition. Additional code was also added to detect and defeat attempts to poison the DNS cache. More detail...
[slackware-security] php
New php packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.28-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Command injection via array-ish $command parameter of procopen...
[slackware-security] tigervnc
New tigervnc packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/tigervnc/tigervnc-1.12.0-i586-5slack15.0.txz: Rebuilt. Recompiled against xorg-server-1.20.14, including the latest patches for several securit...
[slackware-security] xorg-server
New xorg-server packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xorg-server-1.20.14-i586-9slack15.0.txz: Rebuilt. This update fixes security issues: OOB write in...
[slackware-security] netatalk
New netatalk packages are available for Slackware 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/netatalk-3.1.16-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues. Shared library .so-version...
[slackware-security] bind
New bind packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.16.42-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Exceeding the recursive-clients quota may cause named t...
[slackware-security] python3
New python3 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/python3-3.9.17-i586-1slack15.0.txz: Upgraded. This update fixes bugs and a security issue: urllib.parse.urlsplit now strips leading ...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-102.11.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...
[slackware-security] git
New git packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/git-2.35.7-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Using a specially-crafted repository, Git...
[slackware-security] apr
New apr packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/apr-1.7.2-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Integer Overflow or Wraparound vulnerability in aprencode...
[slackware-security] krb5
New krb5 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/krb5-1.19.2-i586-3slack15.0.txz: Rebuilt. Fixed integer overflows in PAC parsing. Fixed memory leak in OTP kdcpreauth module. Fixed...
[slackware-security] rsync
New rsync packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/rsync-3.2.5-i586-1slack15.0.txz: Upgraded. Added some file-list safety checking that helps to ensure that a rogue...
[slackware-security] gnupg2
New gnupg2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/gnupg2-2.2.36-i586-1slack15.0.txz: Upgraded. g10: Fix possibly garbled status messages in NOTATIONDATA. This bug could trick GPGME an...
[slackware-security] vim
New vim packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-8.2.4649-i586-1slack15.0.txz: Upgraded. Fixes a use-after-free in utfptr2char in vim/vim prior to 8.2.4646. This vulnerability is...
[slackware-security] xorg-server
New xorg-server packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Note that in slackware-current there are 4 issues fixed CVE-2021-4008, CVE-2021-4009, CVE-2021-4010, and CVE-2021-4011. In Slackware 14.0, 14.1, and 14.2 the earlier versions of xorg-server...
[slackware-security] wget
New wget packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/wget-1.20.3-i586-1slack14.2.txz: Upgraded. Fixed a buffer overflow vulnerability: src/iri.cdoconversion: Reallocate the output buffer t...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-60.3.0esr-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...
[slackware-security] mariadb
New mariadb packages are available for Slackware 14.1 and 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mariadb-10.0.34-i586-1slack14.2.txz: Upgraded. This update fixes bugs and security issues. For more information, see:...