ProFTPD Security Advisory

Upgraded ProFTPD packages are available for Slackware 8.1, 9.0 and - -current. These fix a security issue where an attacker could gain a root shell by downloading a specially crafted file. Here are the details from the Slackware 9.0 ChangeLog: Tue Sep 23 14:43:10 PDT 2003...

[slackware-security] python3

New python3 packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/python3-3.9.20-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Bundled libexpat was updated to 2.6.3. Fix quadratic...

[slackware-security] netatalk

New netatalk packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/netatalk-3.1.18-i586-1slack15.0.txz: Upgraded. This update fixes bugs and a security issue: Harden createappledesktopfolder. For mo...

[slackware-security] mozilla-nss

New mozilla-nss packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-nss-3.87-i586-1slack15.0.txz: Upgraded. Fixed memory corruption in NSS via DER-encoded DSA and RSA-PSS signatures. For...

[slackware-security] dhcp

New dhcp packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/dhcp-4.4.3P1-i586-1slack15.0.txz: Upgraded. This update fixes two security issues: Corrected a reference count leak...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-91.6.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: Several security bugs have been fixed in this release: Segfault when using convert.quoted-printable-encode filter. Null pointer dereference i...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/seamonkey-2.49.4-i586-1slack14.2.txz: Upgraded. This update contains security fixes and improvements. For more information, see:...

[slackware-security] wget

New wget packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/wget-1.19.2-i586-1slack14.2.txz: Upgraded. This update fixes stack and heap overflows in in HTTP protoco...

[slackware-security] libtirpc

New libtirpc packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/libtirpc-1.0.1-i586-3slack14.2.txz: Rebuilt. Patched a bug which can cause a denial of service through memory exhaustion. Thanks to...

[slackware-security] irssi

New irssi packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/irssi-0.8.21-i586-1slack14.2.txz: Upgraded. Fixed security issues that may result in a denial of servic...

[slackware-security] curl

New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/curl-7.49.0-i486-1slack14.1.txz: Upgraded. Fixed a TLS certificate check bypass with mbedTLS/PolarSSL. For mo...

[slackware-security] mutt

New mutt packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mutt-1.5.23-i486-2slack14.1.txz: Rebuilt. Patched a vulnerability where malformed headers can cause mutt to crash. For mo...

[slackware-security] fetchmail

New fetchmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/fetchmail-6.3.20-i486-1slack13.37.txz: Upgraded. This...

[slackware-security] kdelibs

New kdelibs packages are available for Slackware 12.0 and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2008-1671 As well as from the KDE web site:...

[slackware-security] xine-lib

New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-1246 Here are the details from the Slackware 11.0...

[slackware-security] fetchmail

New fetchmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-5974 https://vulners.com/cve/CVE-2006-5867 He...

[slackware-security] koffice

A new koffice package is available for Slackware 10.2 to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-6120 Here are the details from the Slackware 10.2 ChangeLog:...

SSA-2006-0628032502

New kdebase packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security issue with KDM the KDE login manager which could be exploited by a local attacker to read any file on the system. The official KDE security advisory may be found here:...

[slackware-security] sendmail

New sendmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a possible denial-of-service issue. Sendmail's complete advisory may be found here: http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc Sendmail has also provided an FAQ about this...

[slackware-security] xorg server overflow

New xorg and xorg-devel packages are available for Slackware 10.1, 10.2, and -current to fix a security issue. A typo in the X render extension in X.Org 6.8.0 or later allows an X client to crash the server and possibly to execute arbitrary code as the X server user typically this is "root". More...

gaim

New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix several security issues. Sites that use GAIM should upgrade to the new version. Here are the details from the Slackware 10.1 ChangeLog: patches/packages/gaim-1.3.0-i486-1.tgz: Upgraded to gaim-1.3.0. This fixe...

utempter security update

New utempter packages are available for Slackware 9.1 and -current to fix a security issue. Slackware 9.1 was the first version of Slackware to use the libutempter library, and earlier versions of Slackware are not affected by this issue The utempter package provides a utility and shared library...

mutt security update

Mutt is a text-based program for reading electronic mail. New mutt packages are available for Slackware 8.1, 9.0, 9.1, and -current. These have been upgraded to version 1.4.2i to fix a buffer overflow that could lead to a machine compromise. All sites using mutt should upgrade to the new mutt...

gdm security update

GDM is the GNOME Display Manager, and is commonly used to provide a graphical login for local users. Upgraded gdm packages are available for Slackware 9.0, 9.1, and -current. These fix two vulnerabilities which could allow a local user to crash or freeze gdm, preventing access to the machine unti...

[slackware-security] emacs

New emacs packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/emacs-29.3-i586-1slack15.0.txz: Upgraded. GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.8.1-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mo...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-115.7.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.5.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. Thanks to...

[slackware-security] gimp

New gimp packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/gimp-2.10.36-i586-1slack15.0.txz: Upgraded. This release fixes security issues: If a user loads a malicious DDS, PSD, or PSP file, this...

[slackware-security] cups

New cups packages are available for Slackware 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-2.4.3-i586-1slack15.0.txz: Upgraded. Fixed a heap buffer overflow in cupsstrlcpy, when the configuration file cupsd.conf se...

[slackware-security] cups-filters

New cups-filters packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/cups-filters-1.28.17-i586-1slack15.0.txz: Upgraded. PATCH Merge pull request from GHSA-gpxc-v2m8-fr3x. With execv command line...

[slackware-security] sdl

New sdl packages are available for Slackware 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/sdl-1.2.15-i586-13slack15.0.txz: Rebuilt. This update fixes a heap overflow problem in video/SDLpixels.c in SDL. By crafting a...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.5.1-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mo...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-91.12.0esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-52.8.1esr-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.2 and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-52.7.2esr-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] bind

New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/bind-9.10.6P1-i586-1slack14.2.txz: Upgraded. This update fixes a high severity security issue: Improper...

[slackware-security] gegl

New gegl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/gegl-0.2.0-i586-4slack14.2.txz: Rebuilt. Patched integer overflows in operations/external/ppm-load.c that could allow a...

[slackware-security] minicom

New minicom packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/minicom-2.7.1-i586-1slack14.2.txz: Upgraded. Fix an out of bounds data access that can lead to remot...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-45.7.0-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. F...

[slackware-security] libgcrypt

New libgcrypt packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/libgcrypt-1.5.5-i486-1slack14.1.txz: Upgraded. Mitigate chosen cipher text attacks on ECDH with Weierstra...

[slackware-security] blueman

New blueman packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/blueman-r708-i486-4slack14.1.txz: Rebuilt. This update fixes a local privilege escalation vulnerability. For more...

[slackware-security] ppp

New ppp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/ppp-2.4.5-i486-3slack14.1.txz: Rebuilt. Fixed a potential security issue in parsing option files. Fixed remotel...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-24.8.1-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] sendmail

New sendmail packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/sendmail-8.14.9-i486-1slack14.1.txz: Upgraded. This release fixes one security related bug by properly...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.4.26-i486-1slack14.1.txz: Upgraded. This update fixes a flaw where a specially crafted data file may cause a segfault or 10...

pidgin

New pidgin packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/pidgin-2.10.9-i486-1slack14.1.txz: Upgraded. This update fixes various security issues and other bugs. For...

[slackware-security] acl

New acl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/acl-2.2.50-i486-1slack13.1.txz: Upgraded. Fix the --physical option in setfacl and getfacl to prevent...

[slackware-security] samba

New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a denial of service security issue. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/samba-3.5.7-i486-1slack13.1.txz: Upgraded. Fix memory corruption...