Slackware Security Advisories (sigurnosne nadogradnje)

Novosti u vezi Slackware Linuxa

Moderator: Urednik

Locked

Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 23 Jun 2018, 07:48


19.06.2018.

Sveži gnupg paketi za Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/gnupg-1.4.23-i586-1_slack14.2.txz:  Upgraded.
  Sanitize the diagnostic output of the original file name in verbose mode.
  By using a made up file name in the message it was possible to fake status
  messages. Using this technique it was for example possible to fake the
  verification status of a signed mail.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 01 Jul 2018, 15:28


25.06.2018.

Sveži mozilla-firefox (ESR) paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-52.9.0esr-i586-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 14 Aug 2018, 17:24


05.07.2018.

Sveži mozilla-thunderbird paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-thunderbird-52.9.0-i586-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/52.9.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2018-18/
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 14 Aug 2018, 17:25


10.07.2018.

Sveži mozilla-thunderbird paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-thunderbird-52.9.1-i586-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/52.9.1/releasenotes/
    https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 14 Aug 2018, 17:28


12.07.2018.

Sveži bind i curl paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/bind-9.10.8-i586-1_slack14.2.txz:  Upgraded.
  This update fixes security issues:
  Fixed a bug where extraordinarily large zone transfers caused several
  problems, with possible outcomes including corrupted journal files or
  server exit due to assertion failure.
  Don't permit recursive query service to unauthorized clients.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5738
  (* Security fix *)

Code: Select all

patches/packages/curl-7.61.0-i586-1_slack14.2.txz:  Upgraded.
  This update fixes a buffer overflow in SMTP send.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0500
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 14 Aug 2018, 17:29


17.07.2018.

Sveži mutt paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/mutt-1.10.1-i586-1_slack14.2.txz:  Upgraded.
  This update fixes bugs and security issues. Upstream strongly recommends
  that all IMAP and POP users upgrade as soon as possible.
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 14 Aug 2018, 17:30


18.07.2018.

Sveži httpd paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/httpd-2.4.34-i586-1_slack14.2.txz:  Upgraded.
  This update fixes two denial of service issues:
  mod_md: DoS via Coredumps on specially crafted requests
  mod_http2: DoS for HTTP/2 connections by specially crafted requests
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8011
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1333
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 14 Aug 2018, 17:31


20.07.2018.

Sveži php paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/php-5.6.37-i586-1_slack14.2.txz:  Upgraded.
  Several security bugs have been fixed in this release, including:
  Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c
  heap-buffer-overflow (READ of size 48) while reading exif data
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 14 Aug 2018, 17:41


27.07.2018.

Sveži kernel paketi za Slackware 14.2:

Code: Select all

patches/packages/linux-4.4.144/*:  Upgraded.
  This kernel update enables additional mitigations for spectre_v2 (IBPB and
  IBRS_FW). It also enables reporting on the Speculative Store Bypass
  vulnerability (aka GPZ Variant 4) which affects Intel processors and must
  be patched with a microcode update.
  To see the status of CPU vulnerability mitigations on your system, look at
  the files in: /sys/devices/system/cpu/vulnerabilities
  In addition, these kernels enable SMB2. Here's the complete list of kernel
  config changes from the previous 4.4.132:
    -X86_DEBUG_STATIC_CPU_HAS n
     CIFS_SMB2 n -> y
    +CC_OPTIMIZE_FOR_PERFORMANCE y
    +CIFS_SMB311 n
    +X86_FAST_FEATURE_TESTS y
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 14 Aug 2018, 17:43


31.07.2018.


Sveži file paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/file-5.34-i586-1_slack14.2.txz:  Upgraded.
  Fixed a denial of service crash when processing a crafted ELF file.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10360
  (* Security fix *
Sveži seamonkey paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/seamonkey-2.49.4-i586-1_slack14.2.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.seamonkey-project.org/releases/seamonkey2.49.4
  (* Security fix *)
patches/packages/seamonkey-solibs-2.49.4-i586-1_slack14.2.txz:  Upgraded.
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”


Locked

Who is online

Users browsing this forum: No registered users and 1 guest