Novosti u vezi Slackware Linuxa
Moderator: Urednik
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 21 May 2013, 06:12
20.05.2013.
Kernel update za Slackware 13.37 i 14.0
Code: Select all
patches/packages/linux-3.2.45/*: Upgraded.
Upgraded to new kernels that fix CVE-2013-2094, a bug that can allow local
users to gain a root shell. Be sure to upgrade your initrd and reinstall
LILO after upgrading the kernel packages.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2094
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 1053
- Joined: 18 Feb 2012, 15:14
- Location: Despotovac
-
Contact:
Post
Napisano: 04 Jun 2013, 13:35
Стигло је ново обновљено издање кернела 3.2.45. Побољшања се првенствено односе на Интелове графичке карте.
Code: Select all
patches/packages/linux-3.2.45/*: Rebuilt.
One more reverted commit. This one was leading to hangs on systems with
Intel graphics. The previous revert was also reverted in 3.2.46, but it
seems safer to just get this one manually than to take the newer kernel and
still have to do another patch to it anyway. Hopefully the third time is
the charm. :)
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 11 Jun 2013, 13:52
10.06.2013.
Nadogradnja php paketa, verzija 5.4.16
Code: Select all
patches/packages/php-5.4.16-i486-1_slack14.0.txz: Upgraded.
This is a bugfix release. It also fixes a security issue -- a heap-based
overflow in the quoted_printable_encode() function, which could be used by
a remote attacker to crash PHP or execute code as the 'apache' user.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2110
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 24 Jun 2013, 18:32
23.06.2013.
Nadogradnja za
curl
Code: Select all
patches/packages/curl-7.29.0-i486-3_slack14.0.txz: Rebuilt.
This fixes a minor security issue where a decode buffer boundary flaw in
libcurl could lead to heap corruption.
For more information, see:
http://curl.haxx.se/docs/adv_20130622.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2174
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 28 Jun 2013, 22:34
27.06.2013.
Novi
ruby paketi su dostupni za Slackware 13.1, 13.37, 14.0 i
-current:
Code: Select all
patches/packages/ruby-1.9.3_p448-i486-1_slack14.0.txz: Upgraded.
This update patches a vulnerability in Ruby's SSL client that could allow
man-in-the-middle attackers to spoof SSL servers via a valid certificate
issued by a trusted certification authority.
For more information, see:
http://www.ruby-lang.org/en/news/2013/06/27/hostname-check-bypassing-vulnerability-in-openssl-client-cve-2013-4073/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4073
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 30 Jun 2013, 10:01
29.06.2013.
Mozilla Firefox i Thunderbird nadogradnje za Slackware 13.37, 14.0 i
-current:
Code: Select all
patches/packages/mozilla-firefox-17.0.7esr-i486-1_slack14.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
We had to switch to ESR here as well, as there's a problem running Firefox
22.0 on Slackware 14.0 under KDE (crash when oxygen-gtk2 is installed).
Forcing people to uninstall oxygen-gtk2 isn't really an option for a
security fix, and upgrading to the latest oxygen-gtk2 did not help.
It's possible that future Firefox/Thunderbird security updates will always
come from the ESR branch.
Code: Select all
patches/packages/mozilla-thunderbird-17.0.7-i486-1_slack14.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 2168
- Joined: 08 Jun 2010, 13:28
- Location: Centralna Srbija Kraljevo
-
Contact:
Post
Napisano: 30 Jun 2013, 15:02
Meni ovaj pač instalirao Firefox ESR 17.0.7 umesto 22.0.
-
- Posts: 1053
- Joined: 18 Feb 2012, 15:14
- Location: Despotovac
-
Contact:
Post
Napisano: 03 Jul 2013, 18:27
Брок, кажу да су морали се пребаце на ESR грану јер је настајао проблем код покретања Фајерфокса 22 под КДЕ-ом, а узрок је био претходно инсталиран oxygen-gtk2. Како не би било лепо терати кориснике да уклањају поменути пакет, а надоградња на најсвежији oxyen-gtk2 није помогла, решили су да се пребаце на ESR грану.
Такође, кажу да је могуће да ће све будуће сигурносне надоградње за Фајерфокс / Тандербирд долазити из ESR гране.
We had to switch to ESR here as well, as there's a problem running Firefox
22.0 on Slackware 14.0 under KDE (crash when oxygen-gtk2 is installed).
Forcing people to uninstall oxygen-gtk2 isn't really an option for a
security fix, and upgrading to the latest oxygen-gtk2 did not help.
It's possible that future Firefox/Thunderbird security updates will always
come from the ESR branch.
ИЗВОР:
http://www.slackware.com/changelog/stab ... cpu=x86_64
-
- Posts: 2168
- Joined: 08 Jun 2010, 13:28
- Location: Centralna Srbija Kraljevo
-
Contact:
Post
Napisano: 03 Jul 2013, 19:58
Hvala za info Slackmuz.
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 10 Jul 2013, 10:24
10.07.2013.
Dbus, bezbednosna nadogradnja za Slackware 14 i -current:
Code: Select all
patches/packages/dbus-1.4.20-i486-4_slack14.0.txz: Rebuilt.
This update fixes a security issue where misuse of va_list could be used to
cause a denial of service for system services.
Vulnerability reported by Alexandru Cornea.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2168
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
Who is online
Users browsing this forum: No registered users and 73 guests