Slackware Security Advisories (sigurnosne nadogradnje)

Novosti u vezi Slackware Linuxa

Moderator: Urednik

Locked

Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Jul 2019, 14:35


15.05.2019.

Sveži rdesktop paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/rdesktop-1.8.5-i586-1_slack14.2.txz:  Upgraded.
  This update fixes security issues:
  Add bounds checking to protocol handling in order to fix many
  security problems when communicating with a malicious server.
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Jul 2019, 14:37


21.05.2019.

Sveži mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-60.7.0esr-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements. Some of the patched
  flaws are considered critical, and could be used to run attacker code and
  install software, requiring no user interaction beyond normal browsing.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9815
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9816
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9817
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9818
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9819
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9820
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11691
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11692
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11693
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-7317
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9797
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2018-18511
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11694
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11698
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-5798
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9800
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Jul 2019, 14:38


22.05.2019.

Sveži curl paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/curl-7.65.0-i586-1_slack14.2.txz:  Upgraded.
  This release fixes the following security issues:
  Integer overflows in curl_url_set
  tftp: use the current blksize for recvfrom()
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5435
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5436
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Jul 2019, 14:39


13.06.2019.

Sveži mozilla-thunderbird paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-thunderbird-60.7.1-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/60.7.1/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11703
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11704
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11705
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11706
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Jul 2019, 14:39


18.06.2019.

Sveži kernel i mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/linux-4.4.182/*:  Upgraded.
  These updates fix various bugs and many security issues, including the
  "SACK Panic" remote denial-of-service issue.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    Fixed in 4.4.174:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5391
    Fixed in 4.4.175:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7222
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7221
    Fixed in 4.4.176:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6974
    Fixed in 4.4.177:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9213
    Fixed in 4.4.178:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3459
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3460
    Fixed in 4.4.179:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11486
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11810
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11815
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11190
    Fixed in 4.4.180:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20836
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3882
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11884
    Fixed in 4.4.181:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11833
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20510
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000026
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9503
    Fixed in 4.4.182:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11477
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11478
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11479
  (* Security fix *)

Code: Select all

patches/packages/mozilla-firefox-60.7.1esr-i686-1_slack14.2.txz:  Upgraded.
  This release contains a security fix and improvements. The patched flaw is
  considered critical, and could be used to run attacker code and install
  software, requiring no user interaction beyond normal browsing.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11707
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Jul 2019, 14:43


20.06.2019.

Sveži bind paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/bind-9.11.8-i586-1_slack14.2.txz:  Upgraded.
  Fixed a race condition in dns_dispatch_getnext() that could cause an
  assertion failure if a significant number of incoming packets were rejected.
  For more information, see:
    https://kb.isc.org/docs/cve-2019-6471
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6471
  (* Security fix *)
Sveži mozilla-firefox i mozilla-thunderbird paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-60.7.2esr-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11708
  (* Security fix *)

Code: Select all

patches/packages/mozilla-thunderbird-60.7.2-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/thunderbird/60.7.2/releasenotes/
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-20/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11707
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Jul 2019, 14:44


29.06.2019.

Sveži irssi paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/irssi-1.1.3-i586-1_slack14.2.txz:  Upgraded.
  This update fixes a security issue: Use after free when sending SASL login
  to the server found by ilbelkyr. May affect the stability of Irssi. SASL
  logins may fail, especially during (manual and automated) reconnect.
  For more information, see:
    https://irssi.org/2019/06/29/irssi-1.2.1-1.1.3-1.0.8-released/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13045
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 13 Jul 2019, 14:45


10.07.2019.

Sveži mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-68.0esr-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements. Some of the patched
  flaws are considered critical, and could be used to run attacker code and
  install software, requiring no user interaction beyond normal browsing.
  For more information, see:
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9811
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11711
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11712
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11713
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11729
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11715
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11717
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11719
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11730
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11709
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 16 Jul 2019, 22:10


14.07.2019.

Sveži bzip2 paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/bzip2-1.0.8-i586-1_slack14.2.txz:  Upgraded.
  Fixes security issues:
  bzip2recover: Fix use after free issue with outFile.
  Make sure nSelectors is not out of range.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3189
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 28 Jul 2019, 15:13


21.07.2019.

Sveži kernel paketi za Slackware 14.2:

Code: Select all

patches/packages/linux-4.4.182/*:  Upgraded.
  These updates fix various bugs and many minor security issues.
  Be sure to upgrade your initrd after upgrading the kernel packages.
  If you use lilo to boot your machine, be sure lilo.conf points to the correct
  kernel and initrd and run lilo as root to update the bootloader.
  If you use elilo to boot your machine, you should run eliloconfig to copy the
  kernel and initrd to the EFI System Partition.
  For more information, see:
    Fixed in 4.4.183:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11599
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3892
    Fixed in 4.4.185:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13272
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16597
    Fixed in 4.4.186:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10126
    https://cve.mitre.or
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”


Locked

Who is online

Users browsing this forum: No registered users and 44 guests