[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-45.4.0esr-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For mo...

mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-45.1.0-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] mozilla-nss

New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-nss-3.23-i486-1slack14.1.txz: Upgraded. Upgraded to nss-3.23 and nspr-4.12. This release contains security fixes a...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-firefox-38.6.1esr-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/seamonkey-2.38-i486-1slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information, se...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-firefox-38.3.0esr-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-38.2.0-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-31.7.0-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/seamonkey-2.32.1-i486-1slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information,...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/seamonkey-2.32-i486-1slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information, se...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-31.4.0-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] mozilla-nss

New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-nss-3.16.5-i486-1slack14.1.txz: Upgraded. Fixed an RSA Signature Forgery vulnerability. For more information, see...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-24.6.0-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.1 to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-firefox-24.6.0esr-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more information, see:...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-firefox-24.4.0esr-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-firefox-24.2.0esr-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/seamonkey-2.22.1-i486-1slack14.1.txz: Upgraded. This update contains security fixes and improvements. For more information,...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/mozilla-thunderbird-17.0.7-i486-1slack14.0.txz: Upgraded. This release contains security fixes and improvements...

mozilla-firefox

New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/mozilla-firefox-19.0-i486-1slack14.0.txz: Upgraded. This release contains security fixes and improvements. For more...

mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/mozilla-thunderbird-17.0.2-i486-1slack14.0.txz: Upgraded. This release contains security fixes and improvements...

[slackware-security] httpd

New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix accidental ABI breakage caused by httpd-2.2.18. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/httpd-2.2.19-i486-1slack13.37.txz: Upgraded. Revert ABI breakage in...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 12.2, 13.0, and 13.1 to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/seamonkey-2.0.11-i486-1slack13.1.txz: Upgraded. This release fixes some more security vulnerabilities. For more information, see...

[slackware-security] sudo redo

New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a directory permissions issue. These replacement packages restore the correct permissions to /var. Here are the details from the Slackware 13.1 ChangeLog:...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 13.1, and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/mozilla-thunderbird-3.0.7-i686-1.txz: Upgraded. This upgrade fixes some more security bugs. For more information, see:...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 11.0, 12.0, and 12.1 to fix security issues. For more information, see: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html Here are the details from the Slackware 12.1 ChangeLog:...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix security issues. More details about the issues may be found on the Mozilla website: http://www.mozilla.org/security/known-vulnerabilities/firefox20.html...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues. More details may be found on the Mozilla web site: http://www.mozilla.org/security/known-vulnerabilities/seamonkey11.html Here are the details from the Slackware 12.1 ChangeLog:...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 11.0, 12.0, and -current to fix security issues. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.htmlseamonkey Here are the details from the Slackware 12.0 ChangeLog:...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 11.0, 12.0, and -current to fix security issues. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.htmlseamonkey Here are the details from the Slackware 12.0 ChangeLog:...

[slackware-security] seamonkey

New seamonkey packages are available for Slackware 11.0 and 12.0 to fix various security issues. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.htmlseamonkey Here are the details from the Slackware 12.0 ChangeLog:...

[slackware-security] thunderbird

New Thunderbird packages are available for Slackware 11.0 and 12.0 to fix two possible security issues. This package may also be used on many older versions of Slackware though we're not certain how far back... More details about the issues may be found here:...

[slackware-security] gd

GD is an open source code library for the dynamic creation of images. New gd packages are available for Slackware 11.0, and -current to fix possible security issues. Please see: http://www.libgd.org/ReleaseNote020035 for complete release notes. "Upgrading is strongly recommended." Here are the...

[slackware-security] firefox/thunderbird/seamonkey

New Firefox and Thunderbird packages are available for Slackware 10.2 and -current to fix security issues. In addition, a new Seamonkey package is available for Slackware -current to fix similar issues. More details about the issues may be found here:...

[slackware-security] elm mailer

New Elm packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. A buffer overflow in the parsing of the Expires header could allow arbitrary code to be executed as the user running Elm. Here are the details from the Slackware 10.2 ChangeLog:...

kdenetwork

New kdenetwork packages are available for Slackware 10.0, 10.1, and -current to fix security issues. Overflows in libgadu used by kopete that can cause a denial of service or arbitrary code execution. More details about this vulnerability may be found here:...

sudo

New Sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A race condition could allow a user with Sudo privileges to run arbitrary commands. For more details, see: http://www.courtesan.com/sudo/alerts/pathrace.html Here are the details from th...

infozip

New infozip zip/unzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. - From the www.info-zip.org site: Zip 2.3 and presumably all previous versions have a buffer- overrun vulnerability relating to deep directory paths that could potentially le...

PHP

New PHP packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. More details about the issues may be found in the PHP ChangeLogs on the PHP web site: http://php.net Here are the details from the Slackware 10.1 ChangeLog:...

[slackware-security] GTK+ image loading flaws

New GTK+ version 2 packages are available for Slackware 10.0 and -current to fix issues in the image loader routines that can crash applications. Here are the details from the Slackware 10.0 ChangeLog: l/gtk+2-2.4.10-i486-1.tgz: Upgraded to gtk+-2.4.10. This fixes security issues in the image...

INN security update

INN InterNetNews is used to run a news NNTP server. New INN packages are available for Slackware 9.0, 9.1, and -current. These have been upgraded to inn-2.4.1 to fix a potentially exploitable buffer overflow. All sites running INN should upgrade. Here are the details from the Slackware 9.1...

mod_ssl RSA blinding fixes

An upgrade for modssl to version 2.8.141.3.27 is now available. This version provides RSA blinding by default which prevents an extended timing analysis from revealing details of the secret key to an attacker. Note that this problem was already fixed within OpenSSL, so this is a "double fix". Wit...

Mutt buffer overflow in IMAP support

The mutt mail client packages in Slackware 8.1 and 9.0 have been upgraded to mutt-1.4.1i to fix a security problem discovered by Core Security Technologies. This issue may allow a remote attacker controlling a malicious IMAP server to execute code on your machine as the user running mutt if you...

multiple vulnerabilities in bind 8.x

Multiple vulnerabilities exist in the versions of BIND found in Slackware 7.1 and -current. Users of BIND 8.x are urged to upgrade to 8.2.3 to fix these problems. More information can be found on the BIND website: http://www.isc.org/products/BIND/ ... and in the CERT Advisory CA-2001-02 - Multipl...

glibc 2.2 local vulnerability on setuid binaries

glibc-2.2 contains a local vulnerability that affects all setuid root binaries. Any user on affected systems will be able to read any file on the system through a simple process: The user sets the RESOLVHOSTCONF environment variable to the name of the file that they wish to read, then runs any...

root exploit with xlockmore fixed

A root exploit has been found in xlockmore packaged with Slackware. By providing a carefully crafted display variable to xlock, it is possible for a local attacker to gain root access. Anyone running xlock on a public machine should upgrade to this version of xlock or disable xlock altogether...

Apache 1.3.14 available

Several security problems have been found in the Apache web server software. It is recommended that all users of Apache upgrade to the latest stable release to fix these problems. Apache is included in our N software series in the apache.tgz package. A new apache.tgz package including Apache 1.3....

wu-ftpd advisory update

UPDATE: This announcement was first mailed out on 28-Sep-2000. It was later determined that incorrect 16-bit sums and 128-bit MD5 message digests were included in the announcement. The announcement below is identical to the one from yesterday, but it includes the correct verification data. We...

: xchat input validation bug fixed

An input validation bug was found to affect Slackware Linux 7.0, 7.1, and -current. The problem is described in detail at this site: http://www.securityfocus.com/bid/1601 Users of Slackware 7.0, 7.1, and -current are urged to upgraded to the xchat.tgz package available in the Slackware -current...

Perl root exploit in Slackware 7.1 & -current

A root exploit was found in the /usr/bin/suidperl5.6.0 program that shipped with the Slackware 7.1 perl.tgz package. It is recommended that all users of Slackware 7.1 and -current upgrade to the perl.tgz package available in the Slackware -current branch. ==================================== perl...

aaa_base not vulnerable

...