1893 matches found
[slackware-security] vim
New vim packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-9.0.1897-i586-1slack15.0.txz: Upgraded. Fixed three use-after-free security issues. Thanks to marav for the heads-up. For more...
[slackware-security] openssl
New openssl packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openssl-1.1.1u-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Possible DoS translating ASN.1 object identifiers...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.11.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mo...
[slackware-security] libXpm
New libXpm packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libXpm-3.5.15-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Infinite loop on unclosed comments...
[slackware-security] netatalk
New netatalk packages are available for Slackware 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/netatalk-3.1.14-i586-1slack15.0.txz: Upgraded. Netatalk through 3.1.13 has an afpgetappl heap-based buffer overflow...
[slackware-security] ruby
New ruby packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/ruby-3.0.5-i586-1slack15.0.txz: Upgraded. This release includes a security fix: HTTP response splitting in CGI. For more information,...
[slackware-security] seamonkey
New seamonkey packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/seamonkey-2.53.5.1-i686-1slack14.2.txz: Upgraded. This update contains security fixes and improvements. For more information, see:...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-68.12.0-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For mor...
[slackware-security] sane
New sane packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/sane-1.0.30-i586-1slack14.2.txz: Upgraded. This update fixes several security issues. For more information, see:...
[slackware-security] irssi
New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/irssi-1.1.3-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: Use after free when sending SASL login to...
[slackware-security] ghostscript
New ghostscript packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/ghostscript-9.26-i586-1slack14.2.txz: Upgraded. Fixes security issues: A specially crafted PostScript file could have access to t...
[slackware-security] mozilla-nss
New mozilla-nss packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-nss-3.40.1-i586-1slack14.2.txz: Upgraded. Upgraded to nss-3.40.1 and nspr-4.20. Mitigate cache side-channel...
[slackware-security] lftp
New lftp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/lftp-4.8.4-i586-1slack14.2.txz: Upgraded. It has been discovered that lftp up to and including version 4.8.3 does not...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-52.7.3esr-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...
[slackware-security] irssi
New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/irssi-1.0.6-i586-1slack14.2.txz: Upgraded. This update fixes multiple security vulnerabilities. For more information, see:...
[slackware-security] curl
New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/curl-7.56.0-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: libcurl may read outside of a heap allocate...
[slackware-security] libgcrypt
New libgcrypt packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libgcrypt-1.7.9-i586-1slack14.2.txz: Upgraded. Mitigate a local side-channel attack on Curve25519 dubbed "May the Fourth be With...
[slackware-security] subversion
New subversion packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/subversion-1.9.7-i586-1slack14.2.txz: Upgraded. Fixed client side arbitrary code execution vulnerability. For more...
[slackware-security] bind
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.10.5P2-i586-1slack14.2.txz: Upgraded. This update fixes a high severity security issue: An error ...
[slackware-security] freetype
New freetype packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/freetype-2.6.3-i586-2slack14.2.txz: Rebuilt. This update fixes an out-of-bounds write caused by a...
[slackware-security] imagemagick
New imagemagick packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/imagemagick-6.8.610-i486-3slack14.1.txz: Rebuilt. Removed popen support to prevent another shell vulnerability. This issu...
[slackware-security] subversion
New subversion packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/subversion-1.7.22-i486-1slack14.1.txz: Upgraded. Subversion servers and clients are vulnerable to a remotely triggerable...
[slackware-security] libpng
New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/libpng-1.4.19-i486-1slack14.1.txz: Upgraded. Fixed an out-of-range read in pngcheckkeyword. Thanks to Qixue...
[slackware-security] grub
New grub packages are available for Slackware 14.1 and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/grub-2.00-i486-3slack14.1.txz: Rebuilt. Patched bug where password protection during system startup may be bypassed by hitting the...
[slackware-security] openvpn
New openvpn packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/openvpn-2.3.6-i486-1slack14.1.txz: Upgraded. This update fixes a security issue that allows remote...
[slackware-security] bind
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/bind-9.9.5P1-i486-1slack14.1.txz: Upgraded. This fixes security issues and other bugs. Please note that the...
[slackware-security] mariadb
New mariadb packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mariadb-5.5.37-i486-1slack14.1.txz: Upgraded. This update contains security fixes and improvements...
[slackware-security] openssh
New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/openssh-6.6p1-i486-1slack14.1.txz: Upgraded. This update fixes a security issue when using environment...
[slackware-security] php
New php packages are available for Slackware 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/php-5.4.19-i486-1slack14.0.txz: Upgraded. Fixed handling null bytes in subjectAltName CVE-2013-4248. For more information, see:...
[slackware-security] gnupg / libgcrypt
New gnupg and libgcrypt packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. New libgpg-error packages are also available for Slackware 13.1 and older as the supplied version wasn't new enough to compile the fixed version of libgcrypt. He...
[slackware-security] ruby
New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/ruby-1.9.3p448-i486-1slack14.0.txz: Upgraded. This update patches a vulnerability in Ruby's SSL client that could allow...
ruby
New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/ruby-1.9.3p429-i486-1slack14.0.txz: Upgraded. This update fixes a security issue in DL and Fiddle included in Ruby where...
[slackware-security] libxml2
New libxml2 packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/libxml2-2.8.0-i486-2slack14.0.txz: Rebuilt. Patched a heap-based buffer underflow in the...
[slackware-security] apr/apr-util
New apr and apr-util packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/apr-1.4.4-i486-1slack13.37.txz: Upgraded. This fixes a possible denial of service du...
[slackware-security] libtiff
New libtiff packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/libtiff-3.9.4-i486-2slack13.1.txz: Rebuilt. Patched overflows that could...
[slackware-security] fetchmail
New fetchmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue. Here are the details from the Slackware 13.0 ChangeLog: patches/packages/fetchmail-6.3.17-i486-1slack13.0.txz: Upgraded. A crafted header or POP3...
[slackware-security] php
New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-3557 https://vulners.com/cve/CVE-2009-3558...
apr
New apr packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-2412 Here are the details from the Slackware 12.2...
ntp
New ntp packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-0159...
cyrus-sasl
New cyrus-sasl packages are available for Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. A buffer overflow in the saslencode64 function could lead to a denial of service or possible execution of arbitrary code. More details about this issue may be found in the Commo...
[slackware-security] samba
New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, and -current to fix a possible security vulnerability involving the reading of uninitialized memory. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database:...
[slackware-security] xine-lib
New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues. An overflow was found in the Speex decoder that could lead to a crash or possible execution of arbitrary code. Xine-lib = 1.1.12 was also found to be vulnerable to a stack-based...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues. Slackware is not vulnerable to either of these in its default configuration, but watch out if you've enabled JavaScript. More information about the security issues may be found here...
[slackware-security] qt
New qt packages are available for Slackware 10.2, 11.0, and 12.0 to fix format string errors. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-3388 Here are the details from the Slackware 12.0 ChangeLog:...
[slackware-security] file [and bin package]
New file packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and -current to fix a security issue. NOTE: In Slackware 11.0 and earlier, the file utility was part of the required "bin" package, so this patch is needed even if your machine does not have a "file" package...
[slackware-security] x11
New x11 X.Org packages are available for Slackware 10.2, and -current to fix security issues due to overflows in font parsing. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-3739...
[slackware-security] CUPS DoS
New CUPS packages are available for Slackware 9.1, 10.0, and -current to fix a denial of service issue where a malformed packet can crash the CUPS server. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database:...
libpng update
New libpng packages are available for Slackware 9.0, 9.1, and -current to fix an issue where libpng could be caused to crash, perhaps creating a denial of service issue if network services are linked with it. More details about this issue may be found in the Common Vulnerabilities and Exposures C...
2.4.21 kernels available
Precompiled Linux 2.4.21 kernels and source packages are now available for Slackware 9.0 and -current. These provide an improved version of the ptrace fix that had been applied to 2.4.20 in Slackware 9.0 for example, command line options now appear correctly when root does 'ps ax', and fix a...
SSA-2002-0626204548
The Slackware Linux Project: Slackware Security Advisories Slackware Security Advisories News Security Advisories /...