Novosti u vezi Slackware Linuxa
Moderator: Urednik
-
- Posts: 3507
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 04 May 2024, 09:02
19. IV 2024.
Sveži freerdp paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/freerdp-2.11.6-i586-1_slack15.0.txz: Upgraded.
This release is a security release and addresses multiple issues:
[Low] OutOfBound Read in zgfx_decompress_segment.
[Moderate] Integer overflow & OutOfBound Write in
clear_decompress_residual_data.
[Low] integer underflow in nsc_rle_decode.
[Low] OutOfBound Read in planar_skip_plane_rle.
[Low] OutOfBound Read in ncrush_decompress.
[Low] OutOfBound Read in interleaved_decompress.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32041
https://www.cve.org/CVERecord?id=CVE-2024-32039
https://www.cve.org/CVERecord?id=CVE-2024-32040
https://www.cve.org/CVERecord?id=CVE-2024-32458
https://www.cve.org/CVERecord?id=CVE-2024-32459
https://www.cve.org/CVERecord?id=CVE-2024-32460
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3507
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 04 May 2024, 09:02
22. IV 2024.
Sveži freerdp paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/freerdp-2.11.7-i586-1_slack15.0.txz: Upgraded.
This release eliminates a bunch of issues detected during oss-fuzz runs.
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3507
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 04 May 2024, 09:03
23. IV 2024.
Sveži ruby paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/ruby-3.0.7-i586-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Arbitrary memory address read vulnerability with Regex search.
RCE vulnerability with .rdoc_options in RDoc.
Buffer overread vulnerability in StringIO.
For more information, see:
https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/
https://www.ruby-lang.org/en/news/2024/03/21/buffer-overread-cve-2024-27280/
https://www.cve.org/CVERecord?id=CVE-2024-27282
https://www.cve.org/CVERecord?id=CVE-2024-27281
https://www.cve.org/CVERecord?id=CVE-2024-27280
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3507
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 04 May 2024, 09:03
25. IV 2024.
Sveži libarchive paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/libarchive-3.7.3-i586-2_slack15.0.txz: Rebuilt.
Patched an out-of-bound error in the rar e8 filter that could allow for
the execution of arbitrary code.
Thanks to gmgf for the heads-up.
For more information, see:
https://github.com/advisories/GHSA-2jc9-36w4-pmqw
https://www.cve.org/CVERecord?id=CVE-2024-26256
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3507
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 20 May 2024, 18:44
13. V 2024.
Sveži libxml2 paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/libxml2-2.11.8-i586-1_slack15.0.txz: Upgraded.
Fix buffer overread with "xmllint --htmlout".
xmllint: Fix --pedantic option.
save: Handle invalid parent pointers in xhtmlNodeDumpOutput.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-34459
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3507
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 20 May 2024, 18:45
14. V 2024.
Sveži mozilla-firefox paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/mozilla-firefox-115.11.0esr-i686-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/115.11.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2024-22/
https://www.cve.org/CVERecord?id=CVE-2024-4367
https://www.cve.org/CVERecord?id=CVE-2024-4767
https://www.cve.org/CVERecord?id=CVE-2024-4768
https://www.cve.org/CVERecord?id=CVE-2024-4769
https://www.cve.org/CVERecord?id=CVE-2024-4770
https://www.cve.org/CVERecord?id=CVE-2024-4777
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3507
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 20 May 2024, 18:46
15. V 2024.
Sveži gdk-pixbuf2 i git paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/gdk-pixbuf2-2.42.12-i586-1_slack15.0.txz: Upgraded.
ani: Reject files with multiple INA or IART chunks.
ani: Reject files with multiple anih chunks.
ani: validate chunk size.
Thanks to 0xvhp, pedrib, and Benjamin Gilbert.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-48622
(* Security fix *)
Code: Select all
patches/packages/git-2.39.4-i586-1_slack15.0.txz: Upgraded.
This update fixes security issues:
Recursive clones on case-insensitive filesystems that support symbolic
links are susceptible to case confusion that can be exploited to
execute just-cloned code during the clone operation.
Repositories can be configured to execute arbitrary code during local
clones. To address this, the ownership checks introduced in v2.30.3
are now extended to cover cloning local repositories.
Local clones may end up hardlinking files into the target repository's
object database when source and target repository reside on the same
disk. If the source repository is owned by a different user, then
those hardlinked files may be rewritten at any point in time by the
untrusted user.
When cloning a local source repository that contains symlinks via the
filesystem, Git may create hardlinks to arbitrary user-readable files
on the same filesystem as the target repository in the objects/
directory.
It is supposed to be safe to clone untrusted repositories, even those
unpacked from zip archives or tarballs originating from untrusted
sources, but Git can be tricked to run arbitrary code as part of the
clone.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-32002
https://www.cve.org/CVERecord?id=CVE-2024-32004
https://www.cve.org/CVERecord?id=CVE-2024-32020
https://www.cve.org/CVERecord?id=CVE-2024-32021
https://www.cve.org/CVERecord?id=CVE-2024-32465
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3507
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 17 Jul 2024, 19:13
20. V 2024.
Sveži mariadb paketi za Slackware 15.0 i -current:
Code: Select all
This update fixes bugs and a security issue:
Difficult to exploit vulnerability allows unauthenticated attacker with
logon to the infrastructure where MariaDB Server executes to compromise the
server. This could result in unauthorized update, insert or delete access
to some of the data as well as unauthorized read access to a subset of the
data and unauthorized ability to cause a partial denial of service.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-21096
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3507
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 17 Jul 2024, 19:14
05. VI 2024.
Sveži kernel paketi za Slackware 15.0:
Code: Select all
patches/packages/linux-5.15.160/*: Upgraded.
These updates fix various bugs and security issues.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
Fixed in 5.15.147:
https://www.cve.org/CVERecord?id=CVE-2023-52340
https://www.cve.org/CVERecord?id=CVE-2023-6040
https://www.cve.org/CVERecord?id=CVE-2024-0646
Fixed in 5.15.148:
https://www.cve.org/CVERecord?id=CVE-2023-46838
https://www.cve.org/CVERecord?id=CVE-2023-52436
https://www.cve.org/CVERecord?id=CVE-2023-52438
https://www.cve.org/CVERecord?id=CVE-2023-52439
https://www.cve.org/CVERecord?id=CVE-2023-52443
https://www.cve.org/CVERecord?id=CVE-2023-52444
https://www.cve.org/CVERecord?id=CVE-2023-52445
https://www.cve.org/CVERecord?id=CVE-2023-52448
https://www.cve.org/CVERecord?id=CVE-2023-52449
https://www.cve.org/CVERecord?id=CVE-2023-52451
https://www.cve.org/CVERecord?id=CVE-2023-52454
https://www.cve.org/CVERecord?id=CVE-2023-52456
https://www.cve.org/CVERecord?id=CVE-2023-52458
https://www.cve.org/CVERecord?id=CVE-2023-52463
https://www.cve.org/CVERecord?id=CVE-2023-52464
https://www.cve.org/CVERecord?id=CVE-2023-52467
https://www.cve.org/CVERecord?id=CVE-2023-52469
https://www.cve.org/CVERecord?id=CVE-2023-52470
https://www.cve.org/CVERecord?id=CVE-2023-52609
https://www.cve.org/CVERecord?id=CVE-2023-52610
https://www.cve.org/CVERecord?id=CVE-2023-52612
https://www.cve.org/CVERecord?id=CVE-2023-6356
https://www.cve.org/CVERecord?id=CVE-2023-6536
https://www.cve.org/CVERecord?id=CVE-2023-6915
https://www.cve.org/CVERecord?id=CVE-2024-1085
https://www.cve.org/CVERecord?id=CVE-2024-24860
https://www.cve.org/CVERecord?id=CVE-2024-26586
https://www.cve.org/CVERecord?id=CVE-2024-26589
https://www.cve.org/CVERecord?id=CVE-2024-26591
https://www.cve.org/CVERecord?id=CVE-2024-26597
https://www.cve.org/CVERecord?id=CVE-2024-26598
https://www.cve.org/CVERecord?id=CVE-2024-26631
https://www.cve.org/CVERecord?id=CVE-2024-26633
Fixed in 5.15.149:
https://www.cve.org/CVERecord?id=CVE-2023-52429
https://www.cve.org/CVERecord?id=CVE-2023-52435
https://www.cve.org/CVERecord?id=CVE-2023-52486
https://www.cve.org/CVERecord?id=CVE-2023-52489
https://www.cve.org/CVERecord?id=CVE-2023-52491
https://www.cve.org/CVERecord?id=CVE-2023-52492
https://www.cve.org/CVERecord?id=CVE-2023-52493
https://www.cve.org/CVERecord?id=CVE-2023-52494
https://www.cve.org/CVERecord?id=CVE-2023-52498
https://www.cve.org/CVERecord?id=CVE-2023-52583
https://www.cve.org/CVERecord?id=CVE-2023-52587
https://www.cve.org/CVERecord?id=CVE-2023-52588
https://www.cve.org/CVERecord?id=CVE-2023-52594
https://www.cve.org/CVERecord?id=CVE-2023-52595
https://www.cve.org/CVERecord?id=CVE-2023-52597
https://www.cve.org/CVERecord?id=CVE-2023-52598
https://www.cve.org/CVERecord?id=CVE-2023-52599
https://www.cve.org/CVERecord?id=CVE-2023-52600
https://www.cve.org/CVERecord?id=CVE-2023-52601
https://www.cve.org/CVERecord?id=CVE-2023-52602
https://www.cve.org/CVERecord?id=CVE-2023-52603
https://www.cve.org/CVERecord?id=CVE-2023-52604
https://www.cve.org/CVERecord?id=CVE-2023-52606
https://www.cve.org/CVERecord?id=CVE-2023-52607
https://www.cve.org/CVERecord?id=CVE-2023-52608
https://www.cve.org/CVERecord?id=CVE-2023-52614
https://www.cve.org/CVERecord?id=CVE-2023-52615
https://www.cve.org/CVERecord?id=CVE-2023-52616
https://www.cve.org/CVERecord?id=CVE-2023-52617
https://www.cve.org/CVERecord?id=CVE-2023-52618
https://www.cve.org/CVERecord?id=CVE-2023-52619
https://www.cve.org/CVERecord?id=CVE-2023-52622
https://www.cve.org/CVERecord?id=CVE-2023-52623
https://www.cve.org/CVERecord?id=CVE-2023-52627
https://www.cve.org/CVERecord?id=CVE-2023-52630
https://www.cve.org/CVERecord?id=CVE-2023-52631
https://www.cve.org/CVERecord?id=CVE-2023-52633
https://www.cve.org/CVERecord?id=CVE-2023-52635
https://www.cve.org/CVERecord?id=CVE-2023-52637
https://www.cve.org/CVERecord?id=CVE-2023-52638
https://www.cve.org/CVERecord?id=CVE-2024-0340
https://www.cve.org/CVERecord?id=CVE-2024-1086
https://www.cve.org/CVERecord?id=CVE-2024-1151
https://www.cve.org/CVERecord?id=CVE-2024-23849
https://www.cve.org/CVERecord?id=CVE-2024-23850
https://www.cve.org/CVERecord?id=CVE-2024-23851
https://www.cve.org/CVERecord?id=CVE-2024-26592
https://www.cve.org/CVERecord?id=CVE-2024-26593
https://www.cve.org/CVERecord?id=CVE-2024-26594
https://www.cve.org/CVERecord?id=CVE-2024-26600
https://www.cve.org/CVERecord?id=CVE-2024-26602
https://www.cve.org/CVERecord?id=CVE-2024-26606
https://www.cve.org/CVERecord?id=CVE-2024-26608
https://www.cve.org/CVERecord?id=CVE-2024-26610
https://www.cve.org/CVERecord?id=CVE-2024-26614
https://www.cve.org/CVERecord?id=CVE-2024-26615
https://www.cve.org/CVERecord?id=CVE-2024-26625
https://www.cve.org/CVERecord?id=CVE-2024-26627
https://www.cve.org/CVERecord?id=CVE-2024-26635
https://www.cve.org/CVERecord?id=CVE-2024-26636
https://www.cve.org/CVERecord?id=CVE-2024-26640
https://www.cve.org/CVERecord?id=CVE-2024-26641
https://www.cve.org/CVERecord?id=CVE-2024-26644
https://www.cve.org/CVERecord?id=CVE-2024-26645
https://www.cve.org/CVERecord?id=CVE-2024-26660
https://www.cve.org/CVERecord?id=CVE-2024-26663
https://www.cve.org/CVERecord?id=CVE-2024-26664
https://www.cve.org/CVERecord?id=CVE-2024-26665
https://www.cve.org/CVERecord?id=CVE-2024-26668
https://www.cve.org/CVERecord?id=CVE-2024-26671
https://www.cve.org/CVERecord?id=CVE-2024-26673
https://www.cve.org/CVERecord?id=CVE-2024-26675
https://www.cve.org/CVERecord?id=CVE-2024-26676
https://www.cve.org/CVERecord?id=CVE-2024-26679
https://www.cve.org/CVERecord?id=CVE-2024-26684
https://www.cve.org/CVERecord?id=CVE-2024-26685
https://www.cve.org/CVERecord?id=CVE-2024-26689
https://www.cve.org/CVERecord?id=CVE-2024-26696
https://www.cve.org/CVERecord?id=CVE-2024-26697
https://www.cve.org/CVERecord?id=CVE-2024-26698
https://www.cve.org/CVERecord?id=CVE-2024-26702
https://www.cve.org/CVERecord?id=CVE-2024-26704
https://www.cve.org/CVERecord?id=CVE-2024-26707
https://www.cve.org/CVERecord?id=CVE-2024-26712
https://www.cve.org/CVERecord?id=CVE-2024-26715
https://www.cve.org/CVERecord?id=CVE-2024-26717
https://www.cve.org/CVERecord?id=CVE-2024-26720
https://www.cve.org/CVERecord?id=CVE-2024-26727
https://www.cve.org/CVERecord?id=CVE-2024-26808
Fixed in 5.15.150:
https://www.cve.org/CVERecord?id=CVE-2023-52434
https://www.cve.org/CVERecord?id=CVE-2023-52497
https://www.cve.org/CVERecord?id=CVE-2023-52640
https://www.cve.org/CVERecord?id=CVE-2023-52641
https://www.cve.org/CVERecord?id=CVE-2024-0565
https://www.cve.org/CVERecord?id=CVE-2024-26601
https://www.cve.org/CVERecord?id=CVE-2024-26603
https://www.cve.org/CVERecord?id=CVE-2024-26733
https://www.cve.org/CVERecord?id=CVE-2024-26735
https://www.cve.org/CVERecord?id=CVE-2024-26736
https://www.cve.org/CVERecord?id=CVE-2024-26737
https://www.cve.org/CVERecord?id=CVE-2024-26743
https://www.cve.org/CVERecord?id=CVE-2024-26744
https://www.cve.org/CVERecord?id=CVE-2024-26747
https://www.cve.org/CVERecord?id=CVE-2024-26748
https://www.cve.org/CVERecord?id=CVE-2024-26749
https://www.cve.org/CVERecord?id=CVE-2024-26751
https://www.cve.org/CVERecord?id=CVE-2024-26752
https://www.cve.org/CVERecord?id=CVE-2024-26754
https://www.cve.org/CVERecord?id=CVE-2024-26763
https://www.cve.org/CVERecord?id=CVE-2024-26764
https://www.cve.org/CVERecord?id=CVE-2024-26766
https://www.cve.org/CVERecord?id=CVE-2024-26769
https://www.cve.org/CVERecord?id=CVE-2024-26771
https://www.cve.org/CVERecord?id=CVE-2024-26772
https://www.cve.org/CVERecord?id=CVE-2024-26773
https://www.cve.org/CVERecord?id=CVE-2024-26774
https://www.cve.org/CVERecord?id=CVE-2024-26776
https://www.cve.org/CVERecord?id=CVE-2024-26777
https://www.cve.org/CVERecord?id=CVE-2024-26778
https://www.cve.org/CVERecord?id=CVE-2024-26779
Fixed in 5.15.151:
https://www.cve.org/CVERecord?id=CVE-2023-52620
https://www.cve.org/CVERecord?id=CVE-2024-0841
https://www.cve.org/CVERecord?id=CVE-2024-26622
https://www.cve.org/CVERecord?id=CVE-2024-26688
https://www.cve.org/CVERecord?id=CVE-2024-26782
https://www.cve.org/CVERecord?id=CVE-2024-26788
https://www.cve.org/CVERecord?id=CVE-2024-26790
https://www.cve.org/CVERecord?id=CVE-2024-26791
https://www.cve.org/CVERecord?id=CVE-2024-26793
https://www.cve.org/CVERecord?id=CVE-2024-26795
https://www.cve.org/CVERecord?id=CVE-2024-26798
https://www.cve.org/CVERecord?id=CVE-2024-26801
https://www.cve.org/CVERecord?id=CVE-2024-26802
https://www.cve.org/CVERecord?id=CVE-2024-26803
https://www.cve.org/CVERecord?id=CVE-2024-26804
https://www.cve.org/CVERecord?id=CVE-2024-26805
Fixed in 5.15.152:
https://www.cve.org/CVERecord?id=CVE-2024-26659
https://www.cve.org/CVERecord?id=CVE-2024-26787
Fixed in 5.15.153:
https://www.cve.org/CVERecord?id=CVE-2023-52447
https://www.cve.org/CVERecord?id=CVE-2023-6270
https://www.cve.org/CVERecord?id=CVE-2023-7042
https://www.cve.org/CVERecord?id=CVE-2024-22099
https://www.cve.org/CVERecord?id=CVE-2024-26651
https://www.cve.org/CVERecord?id=CVE-2024-26809
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3507
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 17 Jul 2024, 19:14
06. VI 2024.
Sveži php paketi za Slackware 15.0 i -current:
Code: Select all
extra/php81/php81-8.1.29-i586-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Bypass of CVE-2012-1823, Argument Injection in PHP-CGI.
Filter bypass in filter_var FILTER_VALIDATE_URL.
Bypass of CVE-2024-1874.
For more information, see:
https://www.php.net/ChangeLog-8.php#8.1.29
https://www.cve.org/CVERecord?id=CVE-2024-4577
https://www.cve.org/CVERecord?id=CVE-2024-5458
https://www.cve.org/CVERecord?id=CVE-2024-5585
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
Who is online
Users browsing this forum: No registered users and 1 guest