Novosti u vezi Slackware Linuxa
Moderator: Urednik
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 17 Jul 2022, 13:34
13.07.2022.
Sveži xorg-server za Slackware 15.0 i -current:
Code: Select all
patches/packages/xorg-server-1.20.14-i586-3_slack15.0.txz: Rebuilt.
xkb: switch to array index loops to moving pointers.
xkb: add request length validation for XkbSetGeometry.
xkb: swap XkbSetDeviceInfo and XkbSetDeviceInfoCheck.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320
(* Security fix *)
patches/packages/xorg-server-xephyr-1.20.14-i586-3_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xnest-1.20.14-i586-3_slack15.0.txz: Rebuilt.
patches/packages/xorg-server-xvfb-1.20.14-i586-3_slack15.0.txz: Rebuilt.
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 23 Jul 2022, 14:44
21.07.2022.
Sveži net-snmp paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/net-snmp-5.9.3-i586-1_slack15.0.txz: Upgraded.
This update fixes security issues:
A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause
an out-of-bounds memory access.
A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL
pointer dereference.
Improper Input Validation when SETing malformed OIDs in master agent and
subagent simultaneously.
A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable
can cause an out-of-bounds memory access.
A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a
NULL pointer dereference.
A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer
dereference.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 31 Jul 2022, 21:16
25.07.2022.
Sveži mozilla-firefox paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/mozilla-firefox-91.12.0esr-i686-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/91.12.0/releasenotes/
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 31 Jul 2022, 21:17
27.07.2022.
Sveži samba paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/samba-4.15.9-i586-1_slack15.0.txz: Upgraded.
This update fixes the following security issues:
Samba AD users can bypass certain restrictions associated with changing
passwords.
Samba AD users can forge password change requests for any user.
Samba AD users can crash the server process with an LDAP add or modify
request.
Samba AD users can induce a use-after-free in the server process with an
LDAP add or modify request.
Server memory information leak via SMB1.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-2031.html
https://www.samba.org/samba/security/CVE-2022-32744.html
https://www.samba.org/samba/security/CVE-2022-32745.html
https://www.samba.org/samba/security/CVE-2022-32746.html
https://www.samba.org/samba/security/CVE-2022-32742.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 31 Jul 2022, 21:18
28.07.2022.
Sveži mozilla-thunderbird paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/mozilla-thunderbird-91.12.0-i686-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/91.12.0/releasenotes/
https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird91.12
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 31 Jul 2022, 21:20
29.07.2022.
Sveži gnutls paketi za Slackware 15.0 i -current:
Code: Select all
patches/packages/gnutls-3.7.7-i586-1_slack15.0.txz: Upgraded.
libgnutls: Fixed double free during verification of pkcs7 signatures.
Reported by Jaak Ristioja.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2509
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 19 Aug 2022, 21:59
15.08.2022.
Sveži rsync paketi za Slackware 14.0, 14.1, 14.2, 15.0 i -current:
Code: Select all
patches/packages/rsync-3.2.5-i586-1_slack15.0.txz: Upgraded.
Added some file-list safety checking that helps to ensure that a rogue
sending rsync can't add unrequested top-level names and/or include recursive
names that should have been excluded by the sender. These extra safety
checks only require the receiver rsync to be updated. When dealing with an
untrusted sending host, it is safest to copy into a dedicated destination
directory for the remote content (i.e. don't copy into a destination
directory that contains files that aren't from the remote host unless you
trust the remote host).
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29154
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 19 Aug 2022, 22:00
16.08.2022.
Sveži mariadb paketi za Slackware 15 i -current:
Code: Select all
patches/packages/mariadb-10.5.17-i586-1_slack15.0.txz: Upgraded.
This update fixes bugs and several security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32082
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32089
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32081
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25032
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32091
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32084
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 19 Aug 2022, 22:01
17.08.2022.
Sveži vim i vim-gvim paketi za Slackware 15 i -current:
Code: Select all
patches/packages/vim-8.2.4649-i586-2_slack15.0.txz: Rebuilt.
Fix use after free, out-of-bounds read, and heap based buffer overflow.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2816
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2817
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2819
(* Security fix *)
patches/packages/vim-gvim-8.2.4649-i586-2_slack15.0.txz: Rebuilt.
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 21 Aug 2022, 00:20
20.08.2022.
Sveži vim i vim-gvim paketi za Slackware 15 i -current:
Code: Select all
patches/packages/vim-8.2.4649-i586-3_slack15.0.txz: Rebuilt.
Fix use after free.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2889
(* Security fix *)
patches/packages/vim-gvim-8.2.4649-i586-3_slack15.0.txz: Rebuilt.
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
Who is online
Users browsing this forum: No registered users and 46 guests