Slackware Security Advisories (sigurnosne nadogradnje)

Novosti u vezi Slackware Linuxa

Moderator: Urednik

Locked

Administrator
Administrator
offline
User avatar

Posts: 2792
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 31 Jan 2019, 21:18


30.01.2019.

Sveži kernel paketi za Slackware 14.2:

Code: Select all

patches/packages/linux-4.4.172/*:  Upgraded.
  These updates fix various bugs and many (mostly minor) security issues.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    Fixed in 4.4.159:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20511
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14633
    Fixed in 4.4.160:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7755
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18021
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10880
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13053
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17972
    Fixed in 4.4.163:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18281
    Fixed in 4.4.164:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18710
    Fixed in 4.4.167:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19824
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16862
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20169
    Fixed in 4.4.168:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1120
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5848
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12896
    Fixed in 4.4.169:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18241
    Fixed in 4.4.170:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19985
    Fixed in 4.4.171:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16884
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14611
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14610
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14613
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14612
    Fixed in 4.4.172:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14616
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13096
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13097
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14614
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13099
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13100
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3701
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18690
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18249
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2792
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 04 Feb 2019, 20:31


01.02.2019.

Sveži mariadb paketi za Slackware 14.1 i 14.2:

Code: Select all

patches/packages/mariadb-10.0.38-i586-1_slack14.2.txz:  Upgraded.
  This update fixes bugs and security issues.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2537
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2529
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2792
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 10 Feb 2019, 17:12


06.02.2019.

Sveži curl paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/curl-7.64.0-i586-1_slack14.2.txz:  Upgraded.
  This release fixes the following security issues:
  NTLM type-2 out-of-bounds buffer read.
  NTLMv2 type-3 header stack buffer overflow.
  SMTP end-of-response out-of-bounds read.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16890
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3822
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3823
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2792
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 10 Feb 2019, 17:13


07.02.2019.

Sveži php paketi za Slackware 14.0, 14.1 i 14.2:

Code: Select all

patches/packages/php-5.6.40-i586-1_slack14.2.txz:  Upgraded.
  Several security bugs have been fixed in this release:
  GD:
  Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads
  to use-after-free).
  Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap).
  Mbstring:
  Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token).
  Fixed bug #77371 (heap buffer overflow in mb regex functions -
  compile_string_node).
  Fixed bug #77381 (heap buffer overflow in multibyte match_at).
  Fixed bug #77382 (heap buffer overflow due to incorrect length in
  expand_case_fold_string).
  Fixed bug #77385 (buffer overflow in fetch_token).
  Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode).
  Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code).
  Phar:
  Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext).
  Xmlrpc:
  Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()).
  Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code).
  For more information, see:
    https://php.net/ChangeLog-5.php#5.6.40
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2792
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 16 Mar 2019, 00:10


13.02.2019.

Sveži mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-60.5.1esr-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18356
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2019-5785
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2018-18335
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2792
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 16 Mar 2019, 00:12


14.02.2019.

Sveži mozilla-thunderbird paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-thunderbird-60.5.1-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/60.5.1/releasenotes/
    https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18356
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2019-5785
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18335
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2018-18509
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2792
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 16 Mar 2019, 00:14


23.02.2019.

Sveži file paketi za Slackware 14.0, 14.1, 14.2. -current:

Code: Select all

patches/packages/file-5.36-i586-1_slack14.2.txz:  Upgraded.
  Fix out-of-bounds read and denial-of-service security issues:
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8907
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2792
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 16 Mar 2019, 00:15


26.02.2019.

Sveži openssl paketi za Slackware 14.2:

Code: Select all

patches/packages/openssl-1.0.2r-i586-1_slack14.2.txz:  Upgraded.
  Go into the error state if a fatal alert is sent or received. If an
  application calls SSL_shutdown after a fatal alert has occured and
  then behaves different based on error codes from that function then
  the application may be vulnerable to a padding oracle.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1559
  (* Security fix *)
patches/packages/openssl-solibs-1.0.2r-i586-1_slack14.2.txz:  Upgraded.
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2792
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 16 Mar 2019, 00:16


01.03.2019.

Sveži infozip paketi za Slackware 14.0, 14.1, 14.2. i -current:

Code: Select all

patches/packages/infozip-6.0-i586-4_slack14.2.txz:  Rebuilt.
  Added some patches that should fix extracting archives with non-latin
  characters in the filenames. Thanks to saahriktu.
  This update also fixes various security issues in zip and unzip.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9844
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18384
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2792
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 16 Mar 2019, 00:17


03.03.2019.

Sveži python paketi za Slackware 14.0, 14.1, 14.2. i -current:

Code: Select all

patches/packages/python-2.7.16-i586-1_slack14.2.txz:  Upgraded.
  Updated to the latest 2.7.x release, which fixes a few security issues.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1752
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”


Locked

Who is online

Users browsing this forum: No registered users and 5 guests