1873 matches found
[slackware-security] gnutls
New gnutls packages are available for Slackware 14.0, 14.1, and -current to fix security issues. IMPORTANT: On Slackware 14.0, install the new updated nettle package first. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/gnutls-3.3.17.1-i486-1slack14.1.txz: Upgraded. This...
[slackware-security] samba
New samba packages are available for Slackware 14.1 and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/samba-4.1.11-i486-1slack14.1.txz: Upgraded. This update fixes a remote code execution attack on unauthenticated nmbd NetBIOS name...
[slackware-security] glibc
New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/glibc-2.15-i486-8slack14.0.txz: Rebuilt. Patched to fix integer overflows in pvalloc, valloc, and...
[slackware-security] xrdb
New xrdb packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/xrdb-1.0.9-i486-1slack13.1.txz: Upgraded. This fixes a security issue where improperly sanitized input could...
[slackware-security] bzip2
New bzip2 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/bzip2-1.0.6-i486-1slack13.1.txz: Upgraded. This update fixes an intege...
samba
New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2009-1888...
xdg-utils
New xdg-utils packages are available for Slackware 12.2 and -current to fix security issues. Applications that use /etc/mailcap could be tricked into running an arbitrary script through xdg-open, and a separate flaw in xdg-open could allow the execution of arbitrary commands embedded in untrusted...
[slackware-security] fetchmail
New fetchmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-2711 Here are the detail...
[slackware-security] qt
New qt packages are available for Slackware 10.2, 11.0, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-0242 Here are the details from the Slackware 11.0 ChangeLog:...
[slackware-security] php
New php packages are available for Slackware 10.2 and 11.0 to improve the stability and security of PHP. Quite a few bugs were fixed -- please see http://www.php.net for a detailed list. All sites that use PHP are encouraged to upgrade. Please note that we haven't tested all PHP applications for...
[slackware-security] gaim
New gaim packages are available for Slackware 9.0, 9.1, 10.0 and -current to fix a buffer overflow in the MSN protocol. Sites that use GAIM should upgrade to the new version. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database:...
[slackware-security] CUPS DoS
New CUPS packages are available for Slackware 9.1, 10.0, and -current to fix a denial of service issue where a malformed packet can crash the CUPS server. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database:...
libpng
New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix security issues. These issues could cause program crashes, or possibly allow arbitrary code embedded in a malicious PNG image to execute. The PNG library is widely used within the system, so all sites should...
Sendmail buffer overflow fixed (NEW)
The sendmail packages in Slackware 8.0, 8.1, and 9.0 have been patched to fix a security problem. Note that this vulnerablity is NOT the same one that was announced on March 3rd and requires a new fix. All sites running sendmail should upgrade. More information on the problem can be found here:...
[slackware-security] libxml2
New libxml2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libxml2-2.11.8-i586-1slack15.0.txz: Upgraded. Fix buffer overread with "xmllint --htmlout". xmllint: Fix --pedantic option. save:...
[slackware-security] nghttp2
New nghttp2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/nghttp2-1.61.0-i586-1slack15.0.txz: Upgraded. This update fixes security issues: nghttp2 library keeps reading the unbounded number ...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.9.1esr-i686-1slack15.0.txz: Upgraded. This update fixes a critical security issue: An attacker was able ...
[slackware-security] expat
New expat packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/expat-2.6.2-i586-1slack15.0.txz: Upgraded. Prevent billion laughs attacks with isolated use of external parsers. For more information,...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.8.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.8.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...
[slackware-security] xorg-server
New xorg-server packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xorg-server-1.20.14-i586-11slack15.0.txz: Rebuilt. This update fixes security issues: Heap buffer overflow in DeviceFocusEvent an...
[slackware-security] libwebp
New libwebp packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libwebp-1.3.2-i586-1slack15.0.txz: Upgraded. Security fix for lossless decoder chromium: 1479274, CVE-2023-4863. For more informatio...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.13.1-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For...
[slackware-security] vim
New vim packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-9.0.1418-i586-1slack15.0.txz: Upgraded. Fixed security issues: NULL pointer dereference issue in utfcptr2len. Incorrect Calculation o...
[slackware-security] xorg-server
New xorg-server packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xorg-server-1.20.14-i586-5slack15.0.txz: Rebuilt. This release fixes 6 recently reported security vulnerabilities in various...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-102.4.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.3.1-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...
[slackware-security] vim
New vim packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/vim-9.0.0270-i586-1slack15.0.txz: Upgraded. We're just going to move to vim-9 instead of continuing to backport patches to the vim-8...
[slackware-security] wavpack
New wavpack packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/wavpack-5.2.0-i586-1slack14.2.txz: Upgraded. Fixed denial-of-service and other potential security issues. For more...
[slackware-security] sudo
New sudo packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/sudo-1.8.28-i586-1slack14.2.txz: Upgraded. Fixed a bug where an sudo user may be able to run a command as root when the...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-68.1.1-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...
[slackware-security] seamonkey
New seamonkey packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/seamonkey-2.49.5-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more information, see:...
[slackware-security] bind
New bind packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.11.6P1-i586-1slack14.2.txz: Upgraded. This update fixes a security issue: The TCP client quota set using the...
Slackware 14.2 mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-60.0-i686-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more information,...
[slackware-security] bind
New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.10.4P8-i586-1slack14.2.txz: Upgraded. Fixed denial of service security issues. For more...
[slackware-security] gimp
New gimp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/gimp-2.8.18-i586-1slack14.2.txz: Upgraded. This release fixes a security issue: Use-after-free vulnerability in the...
[slackware-security] samba
New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/samba-4.4.5-i586-1slack14.2.txz: Upgraded. This release fixes a security issue: Client side SMB2/3 required signing can be...
[slackware-security] libarchive
New libarchive packages are available for Slackware 14.1 and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/libarchive-3.1.2-i486-2slack14.1.txz: Rebuilt. Patched an issue with Zip archive handling that could allow an attacker to overwri...
[slackware-security] patch
New patch packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/patch-2.7.4-i486-1slack14.1.txz: Upgraded. Patch no longer follows symbolic links to input and output files...
[slackware-security] wget
New wget packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/wget-1.14-i486-3slack14.1.txz: Rebuilt. This update fixes a symlink vulnerability that could allow an attacke...
[slackware-security] libyaml
New libyaml packages are available for Slackware 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/libyaml-0.1.6-i486-1slack14.1.txz: Upgraded. This update fixes a heap overflow in URI escape parsing of YAML in...
libXfont
New libXfont packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/libXfont-1.4.7-i486-1slack14.1.txz: Upgraded. This update fixes a stack overflow when reading a BDF font...
[slackware-security] slocate
New slocate packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue. Here are the details from the Slackware 13.37 ChangeLog: Patched to use lstat64 and -DLARGEFILE64SOURCE. Thanks to Mancha+. Patched to fix information leak of filenames in protect...
[slackware-security] libtiff
New libtiff packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/libtiff-3.9.6-i486-1slack13.37.txz: Upgraded. Patched overflows th...
[slackware-security] bind
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/bind-9.7.4-i486-1slack13.37.txz: Upgraded. This BIND update...
glib2
New glib2 packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix overflows that may be security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-4316 Here are the details from the...
ntp
New ntp packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to a fix security issue. More details about this issue may be found here: https://lists.ntp.org/pipermail/announce/2009-January/000055.html...
[slackware-security] libxslt
New libxslt packages are available for Slackware 12.0, 12.1, and -current to fix a security issue. More details about the issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-1767 Here are the details from the Slackware 12.1 ChangeLog:...
SSA-2006-0628032502
New kdebase packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security issue with KDM the KDE login manager which could be exploited by a local attacker to read any file on the system. The official KDE security advisory may be found here:...
tcpdump DoS
New tcpdump packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A specially crafted BGP packet can cause tcpdump to go into an infinite loop, creating a denial of service where network monitoring is disabled. More details about this issue may be...