1893 matches found
[slackware-security] libgpg-error
New libgpg-error packages are available for Slackware 13.37 and 14.0. These are needed for the updated gnupg2 package. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/libgpg-error-1.11-i486-1slack14.0.txz: Upgraded. This package upgrade was needed by the new version of...
seamonkey
New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/seamonkey-2.17-i486-1slack14.0.txz: Upgraded. This update contains security fixes and improvements. For more information,...
[slackware-security] seamonkey
New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/seamonkey-solibs-2.13.2-i486-1slack14.0.txz: Upgraded. patches/packages/seamonkey-2.13.2-i486-1slack14.0.txz: Upgraded. Thi...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 13.37 and -current to fix security issues. Here are the details from the Slackware 13.37 ChangeLog: patches/packages/mozilla-firefox-14.0.1-i486-1slack13.37.txz: Upgraded. This release contains security fixes and improvements. For more...
[slackware-security] sudo redo
New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix a directory permissions issue. These replacement packages restore the correct permissions to /var. Here are the details from the Slackware 13.1 ChangeLog:...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 13.1 and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/mozilla-thunderbird-3.0.6-i686-1.txz: Upgraded. This upgrade fixes some more security bugs. For more information, see:...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 13.1 and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/mozilla-thunderbird-3.0.5-i686-1.txz: Upgraded. This upgrade fixes some more security bugs. For more information, see:...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 12.2, 13.0, and -current to fix security issues. Here are the details from the Slackware 13.0 ChangeLog: patches/packages/mozilla-firefox-3.6.3-i686-1.txz: Upgraded. This fixes some security issues. For more information, see:...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. Here are the details from the Slackware 13.0 ChangeLog: patches/packages/mozilla-thunderbird-2.0.0.24-i686-1.txz: Upgraded. This upgrade fixes some more security...
mozilla-firefox (Slackware 12.2)
A new mozilla-firefox package is available for Slackware 12.2 to fix security issues. The package may also be used with Slackware 11.0 or newer. More details about the issues may be found on the Mozilla website: http://www.mozilla.org/security/known-vulnerabilities/firefox30.html Here are the...
ruby
New ruby packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix a problem with REXML and other security issues. For details about the REXML issue, see: http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/ A full list may be found in the ChangeLog file...
mozilla-firefox
New mozilla-firefox packages are available for Slackware 12.2 and -current to fix security issues. The updated packages may also be used with Slackware 11.0 or newer. More details about the issues may be found on the Mozilla website:...
[slackware-security] php
New php packages are available for Slackware 10.2 and 11.0 to fix security issues. These releases are the last to contain PHP 4.4.x, which was upgraded to version 4.4.9 to fix PCRE issues and other bugs. Please note that this is the FINAL release of PHP4, and it has already passed the announced...
[slackware-security] seamonkey
New seamonkey packages are available for Slackware 11.0, 12.0, and -current to fix security issues. For more information, see: http://www.mozilla.org/projects/security/known-vulnerabilities.htmlseamonkey Here are the details from the Slackware 12.0 ChangeLog:...
[slackware-security] seamonkey
New SeaMonkey packages are available for Slackware 11.0 and 12.0 to fix possible security issues. While this update has been reported to MozillaZine to "fix several security issues", details are not yet available. Presumably the issues are similar to the ones that were recently addressed in Firef...
[slackware-security] gd
GD is an open source code library for the dynamic creation of images. New gd packages are available for Slackware 11.0, and -current to fix possible security issues. Please see: http://www.libgd.org/ReleaseNote020035 for complete release notes. "Upgrading is strongly recommended." Here are the...
SSA-2006-1110030528
The original advisory for this issue contained incorrect URLs for the Slackware 11.0 patches. Sorry about that! The URLs for the 10.2 packages were correct and the Firefox/Thunderbird links given for 11.0 would have been just fine anyway since 10.2 and 11.0 are using the same packages for those...
[fixed URLs] firefox/thunderbird/seamonkey
The original advisory for this issue contained incorrect URLs for the Slackware 11.0 patches. Sorry about that! The URLs for the 10.2 packages were correct and the Firefox/Thunderbird links given for 11.0 would have been just fine anyway since 10.2 and 11.0 are using the same packages for those...
[slackware-security] firefox/thunderbird/seamonkey
New Firefox and Thunderbird packages are available for Slackware 10.2 and -current to fix security issues. In addition, a new Seamonkey package is available for Slackware -current to fix similar issues. More details about the issues may be found here:...
[slackware-security] elm mailer
New Elm packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. A buffer overflow in the parsing of the Expires header could allow arbitrary code to be executed as the user running Elm. Here are the details from the Slackware 10.2 ChangeLog:...
apache
New apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix potential security issues: If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks. Added...
infozip
New infozip zip/unzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. - From the www.info-zip.org site: Zip 2.3 and presumably all previous versions have a buffer- overrun vulnerability relating to deep directory paths that could potentially le...
gaim
New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix several security issues. Sites that use GAIM should upgrade to the new version. Here are the details from the Slackware 10.1 ChangeLog: patches/packages/gaim-1.2.1-i486-1.tgz: Upgraded to gaim-1.2.1. According...
[slackware-security] Mozilla
New Mozilla 1.7.3 packages are available for Slackware 10.0 and -current to fix security issues. Here are the details from the Slackware 10.0 ChangeLog: patches/packages/mozilla-1.7.3-i486-1.tgz: Upgraded to mozilla-1.7.3. The Mozilla page says this fixes some "minor security holes". It also brea...
[slackware-security] gaim updated again
A couple of bugs were found in the gaim 0.82 release, and gaim-0.82.1 was released to fix them. In addition, gaim-encryption-2.29 did not work with gaim-0.82 due to changes in the header files, so the gaim-encryption plugin has also been updated to gaim-encryption-2.30. Here are the details from...
INN security update
INN InterNetNews is used to run a news NNTP server. New INN packages are available for Slackware 9.0, 9.1, and -current. These have been upgraded to inn-2.4.1 to fix a potentially exploitable buffer overflow. All sites running INN should upgrade. Here are the details from the Slackware 9.1...
OpenSSL security update
Upgraded OpenSSL packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix problems with ASN.1 parsing which could lead to a denial of service. It is not known whether the problems could lead to the running of malicious code on the server, but it has not been ruled out. We...
KDE packages updated
New KDE packages are available for Slackware 9.0. These address a security issue where Konqueror may leak authentication credentials. Here are the details from the Slackware 9.0 ChangeLog: Fri Aug 1 15:15:51 PDT 2003 patches/packages/kde/: Upgraded to KDE 3.1.3. Note that this update addresses a...
CUPS DoS vulnerability fixed
Upgraded CUPS packages are available for Slackware 8.1, 9.0, and -current to fix a denial of service attack vulnerability. Here are the details from the Slackware 9.0 ChangeLog: Thu May 29 00:52:54 PDT 2003 patches/packages/cups-1.1.19-i386-1.tgz: Upgraded to cups-1.1.19. A denial of service...
BitchX security fixes
New BitchX packages are available to fix security problems found by Timo Sirainen. BitchX is an IRC Internet Relay Chat client. Under certain circumstances, a malicious IRC server could cause BitchX to crash, or possibly to run arbitrary code as the user running BitchX. All sites running BitchX a...
Mutt buffer overflow in IMAP support
The mutt mail client packages in Slackware 8.1 and 9.0 have been upgraded to mutt-1.4.1i to fix a security problem discovered by Core Security Technologies. This issue may allow a remote attacker controlling a malicious IMAP server to execute code on your machine as the user running mutt if you...
OpenSSH security problem fixed
New openssh packages are available to fix security problems. Here's the information from the Slackware 8.0 ChangeLog: ---------------------------- Thu Mar 7 12:00:18 PST 2002 patches/packages/openssh.tgz: Upgraded to openssh-3.1p1. This fixes a security problem in the openssh package. All sites...
rsync update fixes security problems
New rsync packages are available to fix a security problem. Here's the information from the Slackware 8.0 ChangeLog: Fri Jan 25 14:25:51 PST 2002 patches/packages/rsync.tgz: Fixed a security hole by upgrading to rsync-2.4.8pre1. This is the relevant information from the rsync NEWS file: SECURITY...
multiple vulnerabilities in bind 8.x
Multiple vulnerabilities exist in the versions of BIND found in Slackware 7.1 and -current. Users of BIND 8.x are urged to upgrade to 8.2.3 to fix these problems. More information can be found on the BIND website: http://www.isc.org/products/BIND/ ... and in the CERT Advisory CA-2001-02 - Multipl...
glibc 2.2 local vulnerability on setuid binaries
glibc-2.2 contains a local vulnerability that affects all setuid root binaries. Any user on affected systems will be able to read any file on the system through a simple process: The user sets the RESOLVHOSTCONF environment variable to the name of the file that they wish to read, then runs any...
INN buffer overflow
...
[slackware-security] bind
New bind packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/bind-9.18.50-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Fix DNS64 owner case after DNAME restart. When BIND 9 i...
[slackware-security] rsync
New rsync packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/rsync-3.4.3-i586-1slack15.0.txz: Upgraded. This update fixes security issues: TOCTOU symlink race condition allowing local privilege...
[slackware-security] seamonkey
New seamonkey packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/seamonkey-2.53.23-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see:...
[slackware-security] libvpx
New libvpx packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libvpx-1.12.0-i586-2slack15.0.txz: Rebuilt. This update fixes a security issue: Use after free in libvpx allows an attacker to...
[slackware-security] python3
New python3 packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/python3-3.9.23-i586-1slack15.0.txz: Upgraded. This update fixes security issues: gh-135034: CVE-2024-12718 CVE-2025-4138 CVE-2025-433...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-firefox-115.2.1esr-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more...
[slackware-security] seamonkey
New seamonkey packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/seamonkey-2.53.16-i686-1slack15.0.txz: Upgraded. This update contains security fixes and improvements. For more information, see:...
[slackware-security] aaa_base
New aaabase packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/aaabase-15.0-i586-4slack15.0.txz: Rebuilt. If root's mailbox did not already exist, it would be created with insecure permissions...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 14.2 to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-52.6.0esr-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. Specifically, this update...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-firefox-45.5.0esr-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. For mo...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/mozilla-thunderbird-45.3.0-i586-1slack14.2.txz: Upgraded. This release contains security fixes and improvements. F...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-firefox-38.6.1esr-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...
[slackware-security] mozilla-thunderbird
New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-thunderbird-38.2.0-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...
[slackware-security] mozilla-firefox
New mozilla-firefox packages are available for Slackware 14.1 to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-firefox-38.2.0esr-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more information, see:...