1893 matches found
[fixed URLs] firefox/thunderbird/seamonkey
The original advisory for this issue contained incorrect URLs for the Slackware 11.0 patches. Sorry about that! The URLs for the 10.2 packages were correct and the Firefox/Thunderbird links given for 11.0 would have been just fine anyway since 10.2 and 11.0 are using the same packages for those...
[slackware-security] bind
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues. The minimum OpenSSL version was raised to OpenSSL 0.9.7l and OpenSSL 0.9.8d to avoid exposure to known security flaws in older versions these patches were already issued for Slackware. ...
[slackware-security] screen
New screen packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-4573 Here are the details from the Slackware 11....
[slackware-security] php
New php packages are available for Slackware 10.2 and 11.0 to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-5465 Here are the details from the Slackware 11.0 ChangeLog:...
[slackware-security] qt
New qt packages are available for Slackware 10.0, 10.1, 10.2, and 11.0 to fix a possible security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-4811 Trolltech has put out a press release which may be...
[slackware-security] openssh
New openssh packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues. More details about these issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-4924 https://vulners.com/cve/CVE-2006-5051...
[slackware-security] openssl
New openssl packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues. More details about these issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-2937 https://vulners.com/cve/CVE-2006-3738...
[slackware-security] gzip
New gzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix possible security issues. More details about the issues fixed may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2005-0758...
[slackware-security] x11
New x11 X.Org packages are available for Slackware 10.2, and -current to fix security issues due to overflows in font parsing. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-3739...
[slackware-security] firefox/thunderbird/seamonkey
New Firefox and Thunderbird packages are available for Slackware 10.2 and -current to fix security issues. In addition, a new Seamonkey package is available for Slackware -current to fix similar issues. More details about the issues may be found here:...
[slackware-security] openssl
New openssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a signature forgery security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-433...
[slackware-security] bind DoS
New bind packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a Denial of Service issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-4095 https://vulners.com/cve/CVE-2006-4096...
[slackware-security] php
New php packages are available for Slackware 10.2 and -current to fix security and other issues. More details about these issues may be found on the PHP website: http://www.php.net Here are the details from the Slackware 10.2 ChangeLog: patches/packages/php-4.4.4-i486-1slack10.2.tgz: Upgraded to...
[slackware-security] libtiff
New libtiff packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues. These issues could be used to crash programs linked to libtiff or possibly to execute code as the program's user. Thanks to Tavis Ormandy and the Google Security Team. More details...
[slackware-security] php
New php packages are available for Slackware 10.2 and -current to fix security and other issues. More details about these issues may be found on the PHP website: http://www.php.net Here are the details from the Slackware 10.2 ChangeLog: patches/packages/php-4.4.3-i486-1slack10.2.tgz: Upgraded to...
[slackware-security] gnupg
New GnuPG packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues which could allow an attacker to crash gnupg and possibly overwrite memory which could lead to an integer overflow. Here are the details from the Slackware 10.2 ChangeLog:...
[slackware-security] mysql
New mysql packages are available for Slackware 10.2 to fix security issues and other bugs. For complete details about the many fixes addressed by this release, you can find MySQL's news article about the MySQL 4.1.21 Community Edition release here:...
[slackware-security] Apache httpd
New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue with modrewrite. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-3747 In addition, new modssl...
[slackware-security] firefox/thunderbird/seamonkey
New Firefox and Thunderbird packages are available for Slackware 10.2 and -current to fix security issues. In addition, a new Seamonkey package is available for Slackware -current to fix similar issues. More details about the issues may be found here:...
[slackware-security] xine-lib
New xine-lib packages are available for Slackware 10.2 and -current to fix security issues. More details about these issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2005-4048 https://vulners.com/cve/CVE-2006-2802 Evidently there is also an...
[slackware-security] gimp
New gimp packages are available for Slackware 10.2 and -current to fix a possible security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-3404 Here are the details from the Slackware 10.2 ChangeLog:...
[slackware-security] x11
New x11 packages are available for Slackware 10.2 and -current to fix security issues. In addition, fontconfig and freetype have been split out from the x11 packages in -current, so if you run -current you'll also need to install those new packages. More details about the issues may be found here...
[slackware-security] mutt
New mutt packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a possible security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-3242 Here are the details from the...
[slackware-security] Samba 2.0.23 repackaged
New Samba packages are available for Slackware 10.0, 10.1, 10.2, and -current. In Slackware 10.0, 10.1, and 10.2, Samba was evidently picking up the libdm.so.0 library causing a Samba package issued primarily as a security patch to suddenly require a library that would only be present on the...
[slackware-security] Samba DoS
New Samba packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security related but in my own and also the Samba's team member who made their WHATSNEW.txt entry, "minor" denial of service issue. More details about this issue may be found in the Common Vulnerabilities and...
[slackware-security] arts
New aRts packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a possible security issue with artswrapper. The artswrapper program and the artsd daemon can be used to gain root privileges if artswrapper is setuid root and the system is running a 2.6.x kernel. Note that...
[slackware-security] gnupg DoS
New GnuPG packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues which could allow an attacker to crash gnupg and possibly overwrite memory which could lead to an integer overflow. More details about this issue may be found in the Common Vulnerabiliti...
SSA-2006-0628032502
New kdebase packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security issue with KDM the KDE login manager which could be exploited by a local attacker to read any file on the system. The official KDE security advisory may be found here:...
kdebase kdm local file reading vulnerability
New kdebase packages are available for Slackware 10.0, 10.1, 10.2, and -current to fix a security issue with KDM the KDE login manager which could be exploited by a local attacker to read any file on the system. The official KDE security advisory may be found here:...
[slackware-security] sendmail
New sendmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a possible denial-of-service issue. Sendmail's complete advisory may be found here: http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc Sendmail has also provided an FAQ about this...
[slackware-security] firefox/thunderbird/seamonkey
New Firefox and Thunderbird packages are available for Slackware 10.2 and -current to fix security issues. In addition, a new Seamonkey package is available for Slackware -current to fix similar issues. More details about the issues may be found here:...
[slackware-security] mysql
New mysql packages are available for Slackware 9.1, 10.0, 10.1, 10.2 and -current to fix security issues. The MySQL packages shipped with Slackware 9.1, 10.0, and 10.1 may possibly leak sensitive information found in uninitialized memory to authenticated users. This is fixed in the new packages,...
[slackware-security] zoo archiver overflow
New bin packages are available for Slackware 10.2 and -current to fix a security issue with the zoo archive program. A non-security- related upgrade to the newest version of "eject" was also done. Here are the details from the Slackware 10.2 ChangeLog: patches/packages/bin-10.2-i486-210.2.tgz:...
[slackware-security] tetex PDF security
New tetex packages are available for Slackware 10.2 and -current to fix a possible security issue. teTeX-3.0 incorporates some code from the xpdf program which has been shown to have various overflows that could result in program crashes or possibly the execution of arbitrary code as the teTeX...
[slackware-security] Apache httpd redux
New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a bug with Apache 1.3.35 and glibc that breaks wildcards in Include directives. It may not occur with all versions of glibc, but it has been verified on -current using an Include within a file...
[slackware-security] mysql
New mysql packages are available for Slackware 10.2 and -current to fix security issues. The MySQL package shipped with Slackware 10.2 may possibly leak sensitive information found in uninitialized memory to authenticated users. The MySQL package previously in Slackware -current also suffered fro...
[slackware-security] Apache httpd
New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2005-3352 In addition, new modssl packages for...
[slackware-security] firefox
New Firefox packages are available for Slackware 10.2 and -current to fix a security issue. More details about the issues may be found here: http://www.mozilla.org/projects/security/known-vulnerabilities.htmlfirefox1.5.0.3 Here are the details from the Slackware 10.2 ChangeLog:...
[slackware-security] xorg server overflow
New xorg and xorg-devel packages are available for Slackware 10.1, 10.2, and -current to fix a security issue. A typo in the X render extension in X.Org 6.8.0 or later allows an X client to crash the server and possibly to execute arbitrary code as the X server user typically this is "root". More...
[slackware-security] thunderbird
New Thunderbird packages are available for Slackware 10.2 and -current to fix security issues. More details about the issues may be found here: http://www.mozilla.org/projects/security/known-vulnerabilities.htmlthunderbird Here are the details from the Slackware 10.2 ChangeLog:...
[slackware-security] mozilla security/EOL
New Mozilla packages are available for Slackware 10.0, 10.1, 10.2 and -current to fix multiple security issues. More details about the issues may be found here: http://www.mozilla.org/projects/security/known-vulnerabilities.htmlmozilla Also note that this release marks the EOL End Of Life for the...
[slackware-security] firefox
New Firefox packages are available for Slackware 10.2 and -current to fix security issues. More details about the issues may be found here: http://www.mozilla.org/projects/security/known-vulnerabilities.htmlfirefox1.5.0.2 Here are the details from the Slackware 10.2 ChangeLog:...
[slackware-security] sendmail
New sendmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. Sendmail's advisory concerning this issue may be found here: http://www.sendmail.com/company/advisory/index.shtml This issue will appear in the Common Vulnerabilities and...
[slackware-security] gnupg
New GnuPG packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-0455 https://vulners.com/cve/CVE-2006-0049 Here are...
[slackware-security] Slackware 10.1 kdegraphics
A new kdegraphics package is available for Slackware 10.1 to fix a security issue. A portion of the recent security patch was missing in the version that was applied to kdegraphics-3.3.2 in Slackware 10.1. Other versions of Slackware are not affected by this specific missing patch issue. More...
[slackware-security] kdelibs
New kdelibs packages are available for Slackware 10.0, 10.1, and 10.2 to fix a security issue with kjs. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-0019 Additional information may be found on the KDE website...
[slackware-security] xpdf
New xpdf packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2005-3191 https://vulners.com/cve/CVE-2005-3192...
[slackware-security] sudo
New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-0151 Here are the details from the Slackware...
[slackware-security] php
New php packages are available for Slackware 10.2 and -current to fix minor security issues. More details about these issues may be found on the PHP website: http://www.php.net/release442.php Here are the details from the Slackware 10.2 ChangeLog: patches/packages/php-4.4.2-i486-1.tgz: Upgraded t...
[slackware-security] openssh
New openssh packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2006-0225 Here are the details from the Slackwar...