Slackware Security Advisories (sigurnosne nadogradnje)

Novosti u vezi Slackware Linuxa

Moderator: Urednik

Locked

Administrator
Administrator
offline
User avatar

Posts: 2931
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 08 Aug 2020, 19:21


03.06.2020.

Sveži gnutls paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/gnutls-3.6.14-i586-1_slack14.2.txz:  Upgraded.
  Fixed insecure session ticket key construction, since 3.6.4. The TLS server
  would not bind the session ticket encryption key with a value supplied by
  the application until the initial key rotation, allowing attacker to bypass
  authentication in TLS 1.3 and recover previous conversations in TLS 1.2.
  [GNUTLS-SA-2020-06-03, CVSS: high]
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2931
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 08 Aug 2020, 19:22


04.06.2020.

Sveži mozilla-thunderbird paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-thunderbird-68.9.0-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/68.9.0/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2020-22/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12399
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12405
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12406
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12410
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12398
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2931
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 08 Aug 2020, 19:23


11.06.2020.

Sveži kernel stigao za Slackware 14.2:

Code: Select all

patches/packages/linux-4.4.227/*:  Upgraded.
  These updates fix various bugs and security issues, including a mitigation
  for SRBDS (Special Register Buffer Data Sampling). SRBDS is an MDS-like
  speculative side channel that can leak bits from the random number generator
  (RNG) across cores and threads.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    Fixed in 4.4.218:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11668
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11608
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11609
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10942
    Fixed in 4.4.219:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11494
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11565
    Fixed in 4.4.220:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12826
    Fixed in 4.4.221:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19319
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12464
    Fixed in 4.4.222:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10751
    Fixed in 4.4.224:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10711
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1749
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12769
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10690
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13143
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19768
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12770
    Fixed in 4.4.225:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9517
    Fixed in 4.4.226:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10732
    Fixed in 4.4.227:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0543
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2931
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 08 Aug 2020, 19:24


18.06.2020.

Sveži bind paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/bind-9.11.20-i586-1_slack14.2.txz:  Upgraded.
  This update fixes a security issue:
  It was possible to trigger an INSIST in lib/dns/rbtdb.c:new_reference() with
  a particular zone content and query patterns.
  For more information, see:
    https://kb.isc.org/docs/cve-2020-8619
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8619
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2931
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 08 Aug 2020, 19:26


23.06.2020.

Sveži ntp paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/ntp-4.2.8p15-i586-1_slack14.2.txz:  Upgraded.
  This release fixes one vulnerability: Associations that use CMAC
  authentication between ntpd from versions 4.2.8p11/4.3.97 and
  4.2.8p14/4.3.100 will leak a small amount of memory for each packet.
  Eventually, ntpd will run out of memory and abort.
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2931
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 08 Aug 2020, 19:32


24.06.2020.

Sveži curl paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/curl-7.71.0-i586-1_slack14.2.txz:  Upgraded.
  This update fixes security issues:
  curl overwrite local file with -J [111]
  Partial password leak over DNS on HTTP redirect [48]
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8177
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8169
  (* Security fix *)
Sveži libjpeg-turbo paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/libjpeg-turbo-2.0.5-i586-1_slack14.2.txz:  Upgraded.
  This update fixes bugs and a security issue:
  Fixed an issue in the PPM reader that caused a buffer overrun in cjpeg,
  TJBench, or the `tjLoadImage()` function if one of the values in a binary
  PPM/PGM input file exceeded the maximum value defined in the file's header
  and that maximum value was less than 255.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2931
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 08 Aug 2020, 19:33


29.06.2020.

Sveži mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-68.10.0esr-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/68.10.0/releasenotes/
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2931
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 08 Aug 2020, 19:56


04.07.2020.

Sveži libvorbis paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/libvorbis-1.3.7-i586-1_slack14.2.txz:  Upgraded.
  Fix out-of-bounds read encoding very low sample rates.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10393
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14160
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2931
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 08 Aug 2020, 19:57


07.07.2020.

Sveži seamonkey paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/seamonkey-2.53.3-i686-1_slack14.2.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    https://www.seamonkey-project.org/releases/seamonkey2.53.3
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2931
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 08 Aug 2020, 19:58


27.07.2020.

Sveži mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-68.11.0esr-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/68.11.0/releasenotes/
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”


Locked

Who is online

Users browsing this forum: No registered users and 4 guests