Slackware Security Advisories (sigurnosne nadogradnje)

Novosti u vezi Slackware Linuxa

Moderator: Urednik

Locked

Administrator
Administrator
offline
User avatar

Posts: 2669
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 02 Oct 2018, 17:28


21.09.2018.

Sveži kernel paketi za Slackware 14.2:

Code: Select all

patches/packages/linux-4.4.157/*:  Upgraded.
  This kernel removes the unnecessary vmacache_flush_all code which could have
  led to a use-after-free situation and potentially local privilege escalation.
  In addition, it fixes some regressions which may have led to diminished X
  performance.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17182
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2669
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 02 Oct 2018, 17:29


22.09.2018.

Sveži mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-60.2.1esr-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
   A potentially exploitable crash in TransportSecurityInfo used for SSL
   can be triggered by data stored in the local cache in the user profile
   directory. This issue is only exploitable in combination with another
   vulnerability allowing an attacker to write data into the local cache
   or from locally installed malware. This issue also triggers a
   non-exploitable startup crash for users switching between the Nightly
   and Release versions of Firefox if the same profile is used.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2018-23/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12383
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2669
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Oct 2018, 19:12


02.10.2018.

Novi mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-60.2.2esr-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2018-24/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12387
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2669
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Oct 2018, 19:14


10.10.2018.

Novi git paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/git-2.14.5-i586-1_slack14.2.txz:  Upgraded.
  This update fixes a security issue:
  Submodules' "URL"s come from the untrusted .gitmodules file, but we
  blindly gave it to "git clone" to clone submodules when "git clone
  --recurse-submodules" was used to clone a project that has such a
  submodule. The code has been hardened to reject such malformed URLs
  (e.g. one that begins with a dash). Credit for finding and fixing this
  vulnerability goes to joernchen and Jeff King, respectively.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”


Locked

Who is online

Users browsing this forum: No registered users and 1 guest