Slackware Security Advisories (sigurnosne nadogradnje)

Novosti u vezi Slackware Linuxa

Moderator: Urednik

Locked

Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 07 Apr 2022, 16:12


25.03.2022.

Sveži seamonkey paketi za Slackware 15 i -current:

Code: Select all

patches/packages/seamonkey-2.53.11.1-i686-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.11.1
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 07 Apr 2022, 16:13


28.03.2022.

Sveži zlib paketi za Slackware 14.0, 14.1, 14.2, 15.0 i -current:

Code: Select all

patches/packages/zlib-1.2.12-i586-1_slack15.0.txz:  Upgraded.
  This update fixes memory corruption when deflating (i.e., when compressing)
  if the input has many distant matches. Thanks to marav.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 07 Apr 2022, 16:15


30.03.2022.

Sveži vim paketi za Slackware 15 i -current:

Code: Select all

patches/packages/vim-8.2.4649-i586-1_slack15.0.txz:  Upgraded.
  Fixes a use-after-free in utf_ptr2char in vim/vim prior to 8.2.4646.
  This vulnerability is capable of crashing software, bypassing protection
  mechanisms, modifying memory, and possibly execution of arbitrary code.
  Thanks to marav for the heads-up.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1154
    https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425
    https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5
  (* Security fix *)
patches/packages/vim-gvim-8.2.4649-i586-1_slack15.0.txz:  Upgraded.
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 07 Apr 2022, 16:16


05.04.2022.

Sveži mozilla-firefox paketi za Slackware 15 i -current:

Code: Select all

patches/packages/mozilla-firefox-91.8.0esr-i686-1_slack15.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/91.8.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-14/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 07 Apr 2022, 16:17


06.04.2022.

Sveži mozilla-thunderbird paketi za Slackware 15 i -current:

Code: Select all

patches/packages/mozilla-thunderbird-91.8.0-i686-1_slack15.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/91.8.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2022-15/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1097
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28281
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1197
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1196
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28282
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28285
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28286
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24713
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28289
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Apr 2022, 22:09


08.04.2022.

Sveži libarchive paketi za Slackware 14.1, 14.2, 15.0 i -current:

Code: Select all

patches/packages/libarchive-3.6.1-i586-1_slack15.0.txz:  Upgraded.
  This is a bugfix and security release.
  Security fixes:
    7zip reader: fix PPMD read beyond boundary.
    ZIP reader: fix possible out of bounds read.
    ISO reader: fix possible heap buffer overflow in read_children().
    RARv4 redaer: fix multiple issues in RARv4 filter code (introduced in
    libarchive 3.6.0).
    Fix heap use after free in archive_read_format_rar_read_data().
    Fix null dereference in read_data_compressed().
    Fix heap user after free in run_filters().
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 15 Apr 2022, 21:01


13.04.2022.

Sveži ruby paketi za Slackware 15.0 i -current:

Code: Select all

patches/packages/ruby-3.0.4-i586-1_slack15.0.txz:  Upgraded.
  This update fixes bugs and security issues:
  Double free in Regexp compilation.
  Buffer overrun in String-to-Float conversion.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28738
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28739
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 15 Apr 2022, 21:07


14.04.2022.

Sveži git, gzip i xz paketi za Slackware 14.0, 14.1, 14.2, 15.0 i -current:

Code: Select all

patches/packages/git-2.35.3-i586-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue where a Git worktree created by another
  user might be able to execute arbitrary code.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
  (* Security fix *)

Code: Select all

patches/packages/gzip-1.12-i586-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  zgrep applied to a crafted file name with two or more newlines can no
  longer overwrite an arbitrary, attacker-selected file.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
  (* Security fix *)

Code: Select all

patches/packages/xz-5.2.5-i586-4_slack15.0.txz:  Rebuilt.
  This update fixes a security issue:
  xzgrep applied to a crafted file name with two or more newlines can no
  longer overwrite an arbitrary, attacker-selected file.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1271
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 26 Apr 2022, 09:15


25.04.2022.

Sveži freerdp paketi za Slackware 15 i -current:

Code: Select all

patches/packages/freerdp-2.7.0-i586-1_slack15.0.txz:  Upgraded.
  This update is a security and maintenance release.
  For more information, see:
    https://github.com/FreeRDP/FreeRDP/blob/2.7.0/ChangeLog
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 30 Apr 2022, 15:01


27.04.2022.

Sveži curl paketi za Slackware 14.0, 14.1, 14.2, 15.0 i -current:

Code: Select all

patches/packages/curl-7.83.0-i586-1_slack15.0.txz:  Upgraded.
  This update fixes security issues:
  OAUTH2 bearer bypass in connection re-use.
  Credential leak on redirect.
  Bad local IPv6 connection reuse.
  Auth/cookie leak on redirect.
  For more information, see:
    https://curl.se/docs/CVE-2022-22576.html
    https://curl.se/docs/CVE-2022-27774.html
    https://curl.se/docs/CVE-2022-27775.html
    https://curl.se/docs/CVE-2022-27776.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22576
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27774
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27775
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27776
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”


Locked

Who is online

Users browsing this forum: No registered users and 37 guests