Slackware Security Advisories (sigurnosne nadogradnje)

Novosti u vezi Slackware Linuxa

Moderator: Urednik

Locked

Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 01 Apr 2018, 08:49


23.03.2018.

Sveži mozilla-thunderbird paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-thunderbird-52.7.0-i586-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/52.7.0/releasenotes/
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 01 Apr 2018, 08:51


26.03.2018.

Sveži mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-52.7.3esr-i586-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/security/advisories/mfsa2018-10/
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 01 Apr 2018, 08:52


28.03.2018.

Sveži openssl paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/openssl-1.0.2o-i586-1_slack14.2.txz:  Upgraded.
  This update fixes a security issue:
  Constructed ASN.1 types with a recursive definition could exceed the stack.
  For more information, see:
    https://www.openssl.org/news/secadv/20180327.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739
  (* Security fix *)
patches/packages/openssl-solibs-1.0.2o-i586-1_slack14.2.txz:  Upgraded.
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 01 Apr 2018, 08:53


29.03.2018.

Sveži ruby paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/ruby-2.2.10-i586-1_slack14.2.txz:  Upgraded.
  This release includes some bug fixes and some security fixes:
  HTTP response splitting in WEBrick.
  Unintentional file and directory creation with directory traversal in
  tempfile and tmpdir.
  DoS by large request in WEBrick.
  Buffer under-read in String#unpack.
  Unintentional socket creation by poisoned NUL byte in UNIXServer
  and UNIXSocket.
  Unintentional directory traversal by poisoned NUL byte in Dir.
  Multiple vulnerabilities in RubyGems.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 01 Apr 2018, 08:54


31.03.2018.

Sveži php paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/php-5.6.35-i586-1_slack14.2.txz:  Upgraded.
  This update fixes a security issue where sensitive data belonging to other
  accounts might be accessed by a local user.
  For more information, see:
    http://bugs.php.net/75605
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 21 Apr 2018, 15:04


01.04.2018.

Sveži paketi za libidn za Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2 i -current:

Code: Select all

This update fixes security issues:
  Fix integer overflow in combine_hangul()
  Fix integer overflow in punycode decoder
  Fix NULL pointer dereference in g_utf8_normalize()
  Fix NULL pointer dereference in stringprep_ucs4_nfkc_normalize()
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 21 Apr 2018, 15:06


06.04.2018.

Sveži paketi za patch za Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/php-5.6.35-i586-1_slack14.2.txz:  Upgraded.
  This update fixes a security issue where sensitive data belonging to other
  accounts might be accessed by a local user.
  For more information, see:
    http://bugs.php.net/75605
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 21 Apr 2018, 15:07


18.04.2018.

Sveži gd paketi za Slackware 14.2 i -current:

Code: Select all

 This update fixes two security issues:
  Double-free in gdImagePngPtr() (denial of service).
  Buffer over-read into uninitialized memory (information leak).
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7890
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 11 May 2018, 21:57


26.04.2018.

Sveži openvpn paketi za Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/openvpn-2.4.6-i586-1_slack14.2.txz:  Upgraded.
  This is a security update fixing a potential double-free() in Interactive
  Service. This usually only leads to a process crash (DoS by an unprivileged
  local account) but since it could possibly lead to memory corruption if
  happening while multiple other threads are active at the same time,
  CVE-2018-9336 has been assigned to acknowledge this risk.
  For more information, see:
    https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9336
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 11 May 2018, 22:08


30.04.2018.

Sveži libwmf paketi za Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/libwmf-0.2.8.4-i586-7_slack14.1.txz:  Rebuilt.
  Patched denial of service and possible execution of arbitrary code
  security issues.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0941
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3472
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3473
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3477
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0848
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4588
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4695
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4696
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9011
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362
  (* Security fix *)
Sveži mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-52.7.4esr-i586-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”


Locked

Who is online

Users browsing this forum: No registered users and 1 guest