[slackware-security] mailx

New mailx packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mailx-12.5-i486-2slack14.1.txz: Rebuilt. Drop SSLv2 support no longer supported by OpenSSL, and fix security...

[slackware-security] bind

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/bind-9.9.7P1-i486-1slack14.1.txz: Upgraded. This update fixes a security issue where an attacker who can caus...

[slackware-security] hplip

New hplip packages are available for Slackware 14.0 to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/hplip-3.12.9-i486-4slack14.0.txz: Rebuilt. This update disables the automatic upgrade feature which can be easily fooled into downloading an...

[slackware-security] php

New php packages are available for Slackware 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/php-5.4.19-i486-1slack14.0.txz: Upgraded. Fixed handling null bytes in subjectAltName CVE-2013-4248. For more information, see:...

[slackware-security] bind

New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/bind-9.9.3P2-i486-1slack14.0.txz: Upgraded. This update fixes a security issue where a specially crafte...

[slackware-security] gnupg / libgcrypt

New gnupg and libgcrypt packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. New libgpg-error packages are also available for Slackware 13.1 and older as the supplied version wasn't new enough to compile the fixed version of libgcrypt. He...

ruby

New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current to fix a security issue. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/ruby-1.9.3p429-i486-1slack14.0.txz: Upgraded. This update fixes a security issue in DL and Fiddle included in Ruby where...

[slackware-security] libtiff

New libtiff packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/libtiff-3.9.4-i486-2slack13.1.txz: Rebuilt. Patched overflows that could...

[slackware-security] kdegraphics

New kdegraphics packages are available for Slackware 13.1 to fix a security issue in the okular document viewer. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/kdegraphics-4.4.3-i486-3slack13.1.txz: Rebuilt. Patched "Okular PDB Processing Memory Corruption Vulnerability"...

[slackware-security] httpd

New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-3094 https://vulners.com/cve/CVE-2009-3095 Here are the...

curl

New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. For more information, see: http://curl.haxx.se/docs/security.html https://vulners.com/cve/CVE-2009-2417 Here are the details from the Slackware 12.2 ChangeLog:...

subversion

New subversion packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-2411 Here are the details from the Slackware 12.2...

git

New git packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-3546 There are other security issues related to gitweb, which...

[slackware-security] samba

New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, and -current to fix a possible security vulnerability involving the reading of uninitialized memory. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database:...

[slackware-security] apache

New apache 1.3.41 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. A new matching modssl package is also provided. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database:...

[slackware-security] cairo

New cairo packages are available for Slackware 11.0, 12.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-5503 Here are the details from the Slackware 12.0 ChangeLog:...

[slackware-security] freetype

New x11 and/or freetype and fontconfig packages are available for Slackware 10.1, 10.2, 11.0, and -current to fix security issues in freetype. Freetype was packaged with X11 prior to Slackware version 11.0. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE...

[slackware-security] file [and bin package]

New file packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and -current to fix a security issue. NOTE: In Slackware 11.0 and earlier, the file utility was part of the required "bin" package, so this patch is needed even if your machine does not have a "file" package...

[slackware-security] php

New php packages are available for Slackware 10.2 and 11.0 to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-5465 Here are the details from the Slackware 11.0 ChangeLog:...

[slackware-security] x11

New x11 X.Org packages are available for Slackware 10.2, and -current to fix security issues due to overflows in font parsing. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-3739...

[slackware-security] mutt

New mutt packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a possible security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-3242 Here are the details from the...

[slackware-security] Samba DoS

New Samba packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security related but in my own and also the Samba's team member who made their WHATSNEW.txt entry, "minor" denial of service issue. More details about this issue may be found in the Common Vulnerabilities and...

[slackware-security] tetex PDF security

New tetex packages are available for Slackware 10.2 and -current to fix a possible security issue. teTeX-3.0 incorporates some code from the xpdf program which has been shown to have various overflows that could result in program crashes or possibly the execution of arbitrary code as the teTeX...

lynx

New Lynx packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. An overflow could result in the execution of arbitrary code when using Lynx to connect to a malicious NNTP server. More details about this issue may be found in the Common...

gaim

New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix some security issues. including: AIM/ICQ away message buffer overflow AIM/ICQ non-UTF-8 filename crash Gadu-Gadu memory alignment bug Sites that use GAIM should upgrade to the new version. More details about...

[slackware-security] samba DoS

New samba packages are available for Slackware 10.0 and -current. These fix two denial of service vulnerabilities reported by iDEFENSE. Slackware -current has been upgraded to samba-3.0.7, while the samba-3.0.5 included with Slackware 10.0 has been patched to fix these issues. Sites running Samba...

new samba packages

New samba packages are available for Slackware 8.1, 9.0, 9.1, 10.0 and -current to fix security issues. More details about these issues may be found in the Common Vulnerabilities and Exposures CVE database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0600...

cvs security update

CVS is a client/server version control system. As a server, it is used to host source code repositories. As a client, it is used to access such repositories. This advisory affects both uses of CVS. A security problem which could allow a server to create arbitrary files on a client machine, and...

apache security update

Apache httpd is a hypertext transfer protocol server, and is used by over two thirds of the Internet's web sites. Upgraded Apache packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix local vulnerabilities that could allow users who can create or edit Apache config files to...

[slackware-security] php

New php packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.32-i586-1slack15.0.txz: Upgraded. This update fixes security issues: LibXML: libxml streams use wrong content-type header when...

[slackware-security] cups

New cups packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-2.4.9-i586-1slack15.0.txz: Upgraded. This update fixes bugs and a security issue: When starting the cupsd server with a Listen...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.2.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-102.13.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

[slackware-security] c-ares

New c-ares packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/c-ares-1.19.1-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues: 0-byte UDP payload causes Denial of Service...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.6.1-i686-1slack15.0.txz: Upgraded. This release contains a security fix and improvements. For mo...

[slackware-security] mozilla-nss

New mozilla-nss packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-nss-3.84-i586-1slack15.0.txz: Upgraded. Fixed a segmentation fault when the server requests a client auth cert but the...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-68.12.0-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For mor...

[slackware-security] bind

New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.11.13-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: Set a limit on the number of concurrently...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix bugs and security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-52.9.1-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements...

[slackware-security] mcabber

New mcabber packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mcabber-1.0.5-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: An incorrect implementation of XEP-028...

[slackware-security] bind

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.10.4P6-i586-1slack14.2.txz: Upgraded. This update fixes a denial-of-service vulnerability. Under...

[slackware-security] bind

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.10.4P5-i586-1slack14.2.txz: Upgraded. This update fixes a denial-of-service vulnerability. An...

[slackware-security] libpng

New libpng packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libpng-1.6.27-i586-1slack14.2.txz: Upgraded. This release fixes an old NULL pointer dereference bug i...

[slackware-security] bind

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.10.4P3-i586-1slack14.2.txz: Upgraded. This update fixes a denial-of-service vulnerability. Testi...

[slackware-security] gtk+2

New gtk+2 packages are available for Slackware 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/gtk+2-2.24.31-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: Integer overflow in the gdkcairosetsourcepixbu...

[slackware-security] subversion

New subversion packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/subversion-1.7.22-i486-2slack14.1.txz: Rebuilt. This update patches two security issues: CVE-2016-2167: svnserve/sasl may...

[slackware-security] mercurial

New mercurial packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mercurial-3.7.3-i486-1slack14.1.txz: Upgraded. This update fixes security issues and bugs, including remo...

[slackware-security] git

New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/git-2.7.4-i486-1slack14.1.txz: Upgraded. NOTE: Issuing this patch again since the bug reporter listed the wrong...

[slackware-security] git

New git packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/git-2.7.3-i486-1slack14.1.txz: Upgraded. Fixed buffer overflows allowing server and client side remote code...

[slackware-security] curl

New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/curl-7.47.1-i486-1slack14.1.txz: Upgraded. This update fixes a security issue where NTLM credentials are not...