Jump to content


Slackware Updates and Other News

slackware updates bruno v.t. eric layton

  • Please log in to reply
188 replies to this topic

#1 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 18 September 2009 - 12:45 PM

Updates Slackware 13.0Package seamonkey-1.1.17-i486-1 upgraded with new package seamonkey-1.1.18-i486-1.txz.Package seamonkey-solibs-1.1.17-i486-1 upgraded with new package seamonkey-solibs-1.1.18-i486-2.txz.Package mozilla-firefox-3.5.2-i686-1 upgraded with new package mozilla-firefox-3.5.3-i686-1.txz.Total 21051 kBB) BrunoNote: Swaret stopped working, so changed package-manager to: slackpkgCommand used: "# slackpkg update && slackpkg upgrade-all"

#2 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 20 September 2009 - 01:07 PM

Updates Slackware 13.0Upgrading mesa-7.5-i486-1 package using mesa-7.5-i486-2.txzTotal: 3657 kBB) Bruno

#3 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 05 October 2009 - 12:59 PM

Updates Slackware 13.0Upgrading php-5.2.10-i486-2 package using php-5.2.11-i486-1_slack13.0.txzUpgrading samba-3.2.13-i486-1 package using samba-3.2.15-i486-1_slack13.0.txzTotal: 19816 kB  B) Bruno

#4 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 20 October 2009 - 01:19 PM

Updates Slackware 13.0Upgrading gnutls-2.6.6-i486-1 package using ./gnutls-2.8.4-i486-1_slack13.0.txz    Upgrading pidgin-2.5.9-i486-1 package using ./pidgin-2.6.3-i486-1_slack13.0.txzTotal: 7878 kB  B) Bruno

#5 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 29 October 2009 - 01:57 PM

Updates Slackware 13.0Upgrading poppler-0.10.7-i486-1 package using poppler-0.10.7-i486-2_slack13.0.txzUpgrading xpdf-3.02pl3-i486-1 package using xpdf-3.02pl4-i486-1_slack13.0.txzTotal: 2311 kB  :thumbsup: Bruno

#6 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 03 November 2009 - 05:52 PM

Updates Slackware 13.0Upgrading mozilla-firefox-3.5.3-i686-1 package using mozilla-firefox-3.5.4-i686-1.txzTotal:  7881 kB  ;) Bruno

#7 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 09 November 2009 - 01:48 PM

Updates Slackware 13.0Upgrading mozilla-firefox-3.5.4-i686-1 package using mozilla-firefox-3.5.5-i686-1.txzUpgrading seamonkey-1.1.18-i486-1 package using seamonkey-2.0-i486-1_slack13.0.txzUpgrading seamonkey-solibs-1.1.18-i486-2 package using seamonkey-solibs-2.0-i486-1_slack13.0.txzTotal: 20297 kB  :) Bruno

#8 OFFLINE   Bruno

Bruno

    Le Professeur Pingouin

  • Admin Emeritus
  • 37,904 posts

Posted 17 November 2009 - 02:14 PM

Updates Slackware 13.0Upgrading openssl-0.9.8k-i486-2 package using openssl-0.9.8k-i486-3_slack13.0.txzUpgrading openssl-solibs-0.9.8k-i486-2 package using openssl-solibs-0.9.8k-i486-3_slack13.0.txzUpgrading seamonkey-2.0-i486-1_slack13.0 package using seamonkey-2.0-i486-3_slack13.0.txzUpgrading seamonkey-solibs-2.0-i486-1_slack13.0 package using seamonkey-solibs-2.0-i486-3_slack13.0.txzTotal: 16274 kB  B) Bruno

#9 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 02 December 2009 - 11:14 PM

Updates Slackware 13.0Wed Dec  2 20:51:55 UTC 2009patches/packages/bind-9.4.3_P4-i486-1_slack13.0.txz:  Upgraded.BIND 9.4.3-P4 is a SECURITY PATCH for BIND 9.4.3-P3.  It addresses apotential cache poisoning vulnerability, in which data in the additionalsection of a response could be cached without proper DNSSEC validation.For more information, see:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022http://www.kb.cert.org/vuls/id/418861(* Security fix *)~Eric

#10 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 08 December 2009 - 08:47 PM

Updates Slackware 13.0Tue Dec  8 20:44:44 UTC 2009patches/packages/linux-2.6.29.6-3/:  Added new kernels and kernel packages with a patch for CVE-2009-1298,a kernel bug where oversized IP packets cause a NULL pointer dereferenceand immediate hang.For more information, see:    http://cve.mitre.org...e=CVE-2009-1298    http://lkml.org/lkml/2009/11/25/104  Be sure to reinstall LILO after upgrading the kernel packages.  (* Security fix *)~Eric

#11 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 10 December 2009 - 07:12 PM

Updates Slackware 13.0New ntp packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue.  If aspoofed mode 7 packet is sent to a vulnerable NTP daemon it may cause CPUand/or disk space exhaustion, resulting in a denial of service.patches/packages/ntp-4.2.4p8-i486-1_slack13.0.txz:  Upgraded. Prevent a denial-of-service attack involving spoofed mode 7 packets.  For more information, see:http://cve.mitre.org...e=CVE-2009-3563  (* Security fix *)~Eric

#12 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 12 December 2009 - 06:39 PM

Updates Slackware 13.0[slackware-security]  gimp (SSA:2009-345-01)New gimp packages are available for Slackware 12.1, 12.2, 13.0, and -current tofix security issues.More details about these issues may be found in the CommonVulnerabilities and Exposures (CVE) database:  http://cve.mitre.org...e=CVE-2009-1570  http://cve.mitre.org...e=CVE-2009-3909Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/gimp-2.6.8-i486-1_slack13.0.txz:  Upgraded.  This fixes integer overflows in the image handling plugins that could  lead to the execution of arbitrary code or an application crash if a  malicious image is loaded.  For more information, see:    http://cve.mitre.org...e=CVE-2009-1570    http://cve.mitre.org...e=CVE-2009-3909  (* Security fix *)+--------------------------+~Eric

#13 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 19 December 2009 - 12:59 AM

Updates Slackware 13.0[slackware-security] seamonkey (SSA:2009-352-01)New seamonkey packages are available for Slackware 12.2, 13.0, and -current tofix security issues.More details about the issues may be found on the Mozilla web site:  http://www.mozilla.o...eamonkey20.htmlHere are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/seamonkey-2.0.1-i486-1_slack13.0.txz:  Upgraded.  Upgraded to seamonkey-2.0.1 shared libraries.patches/packages/seamonkey-solibs-2.0.1-i486-1_slack13.0.txz:  Upgraded.  Upgraded to seamonkey-2.0.1.  This release fixes some more security vulnerabilities.  For more information, see:    http://www.mozilla.o...eamonkey20.html  (* Security fix *)+--------------------------+~Eric

#14 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 05 January 2010 - 08:33 PM

Updates Slackware 13.0[slackware-security]  mozilla-firefox (SSA:2009-351-01)New mozilla-firefox packages are available for Slackware 12.2, 13.0,and -current to fix security issues.The Firefox 3.0.16 package may also be used with Slackware 11.0 or newer.More details about the issues may be found on the Mozilla website:  http://www.mozilla.o.../firefox30.html  http://www.mozilla.o.../firefox35.htmlHere are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/mozilla-firefox-3.5.6-i686-1.txz:  Upgraded.  Upgraded to firefox-3.5.6.  This fixes some security issues.  For more information, see:    http://www.mozilla.o.../firefox35.html  (* Security fix *)+--------------------------+~Eric

#15 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 25 January 2010 - 04:03 PM

Updates Slackware 13.0[slackware-security]  httpd (SSA:2010-024-01)New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0,and -current to fix security issues.More details about the issues may be found in the CommonVulnerabilities and Exposures (CVE) database:    http://cve.mitre.org...e=CVE-2009-3094    http://cve.mitre.org...e=CVE-2009-3095Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/httpd-2.2.14-i486-1_slack13.0.txz:  Upgraded.  This fixes a couple of security bugs when using mod_proxy_ftp.  For more information, see:    http://cve.mitre.org...e=CVE-2009-3094    http://cve.mitre.org...e=CVE-2009-3095  (* Security fix *)+--------------------------+[slackware-security]  php (SSA:2010-024-02)New php packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,and -current to fix security issues.More details about this issue may be found in the CommonVulnerabilities and Exposures (CVE) database:  http://cve.mitre.org...e=CVE-2009-3557  http://cve.mitre.org...e=CVE-2009-3558  http://cve.mitre.org...e=CVE-2009-4017  http://cve.mitre.org...e=CVE-2009-4142  http://cve.mitre.org...e=CVE-2009-4143Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/php-5.2.12-i486-1_slack13.0.txz:  Upgraded.  This fixes many bugs, including a few security issues.  For more information, see:    http://cve.mitre.org...e=CVE-2009-3557    http://cve.mitre.org...e=CVE-2009-3558    http://cve.mitre.org...e=CVE-2009-4017    http://cve.mitre.org...e=CVE-2009-4142    http://cve.mitre.org...e=CVE-2009-4143  (* Security fix *)+--------------------------+[slackware-security] pidgin (SSA:2010-024-03)New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0,and -current to fix a security issue.More details about this issue may be found in the CommonVulnerabilities and Exposures (CVE) database:  http://cve.mitre.org...e=CVE-2010-0013Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/pidgin-2.6.5-i486-1_slack13.0.txz :  Upgraded.  This fixes a directory traversal vulnerability in Pidgin's MSN protocol  handling that may allow attackers to download arbitrary files.  For more information, see:    http://cve.mitre.org...e=CVE-2010-0013  (* Security fix *)+--------------------------+~Eric

#16 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 02 March 2010 - 03:48 AM

Updates Slackware 13.0[slackware-security]  seamonkey (SSA:2010-060-01)New seamonkey packages are available for Slackware 12.2, 13.0, and -current tofix security issues.For more information, see:  http://www.mozilla.o...eamonkey20.htmlHere are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/seamonkey-2.0.3-i486-1_slack13.0.txz:  Upgraded.  This release fixes some more security vulnerabilities.  For more information, see:    http://www.mozilla.o...eamonkey20.html  (* Security fix *)patches/packages/seamonkey-solibs-2.0.3-i486-1_slack13.0.txz:  Upgraded.+--------------------------+[slackware-security]  openssl (SSA:2010-060-02)New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,and -current to fix security issues.More details about this issue may be found in the CommonVulnerabilities and Exposures (CVE) database:  http://cve.mitre.org...e=CVE-2008-1678  http://cve.mitre.org...e=CVE-2009-1378  http://cve.mitre.org...e=CVE-2009-1377  http://cve.mitre.org...e=CVE-2009-1379  http://cve.mitre.org...e=CVE-2009-3245  http://cve.mitre.org...e=CVE-2009-4355Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/openssl-0.9.8m-i486-1_slack13.0.txz:  Upgraded.  This OpenSSL update contains some security related bugfixes.  For more information, see the included CHANGES and NEWS files, and:    http://cve.mitre.org...e=CVE-2008-1678    http://cve.mitre.org...e=CVE-2009-1378    http://cve.mitre.org...e=CVE-2009-1377    http://cve.mitre.org...e=CVE-2009-1379    http://cve.mitre.org...e=CVE-2009-3245    http://cve.mitre.org...e=CVE-2009-4355 (* Security fix *)patches/packages/openssl-solibs-0.9.8m-i486-1_slack13.0.txz:  Upgraded.+--------------------------+[slackware-security]  gzip (SSA:2010-060-03)New gzip packages are available for Slackware 13.0 (64-bit) and -current tofix a security issue.More details about this issue may be found in the CommonVulnerabilities and Exposures (CVE) database:  http://cve.mitre.org...e=CVE-2010-0001Here are the details from the Slackware64 13.0 ChangeLog:+--------------------------+patches/packages/gzip-1.4-x86_64-1_slack13.0.tgz:  Upgraded.  gzip -d could segfault and/or clobber the stack, possibly leading to  arbitrary code execution.  This affects x86_64 but not 32-bit systems.  For more information, see:    http://cve.mitre.org...e=CVE-2010-0001  (* Security fix *)+--------------------------+~Eric

#17 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 09 March 2010 - 12:22 AM

Updates Slackware 13.0[slackware-security] httpd (SSA:2010-067-01)New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0,and -current to fix security issues.mod_ssl: A partial fix for the TLS renegotiation prefix injection attack  by rejecting any client-initiated renegotiations.mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent  when request headers indicate a request body is incoming; not a case of  HTTP_INTERNAL_SERVER_ERROR.mod_isapi: Do not unload an isapi .dll module until the request processing  is completed, avoiding orphaned callback pointers.  [This is the most serious flaw, but does not affect Linux systems]More details about these issues may be found in the CommonVulnerabilities and Exposures (CVE) database:    [url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555"]http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555[/url]    [url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408"]http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408[/url]    [url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425"]http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425[/url]Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/httpd-2.2.15-i486-1_slack13.0.txz:  Upgraded.  This update addresses a few security issues.  mod_ssl: A partial fix for the TLS renegotiation prefix injection attack    by rejecting any client-initiated renegotiations.  mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent    when request headers indicate a request body is incoming; not a case of    HTTP_INTERNAL_SERVER_ERROR.  mod_isapi: Do not unload an isapi .dll module until the request processing    is completed, avoiding orphaned callback pointers.    [This is the most serious flaw, but does not affect Linux systems]  For more information, see:    [url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555"]http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555[/url]    [url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408"]http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0408[/url]    [url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425"]http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0425[/url]  (* Security fix *)+--------------------------+~Eric[/quote]

#18 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 11 March 2010 - 01:45 AM

Updates Slackware 13.0[slackware-security]  pidgin (SSA:2010-069-01)New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0,and -current to fix denial of service issues.More details about the issues may be found in the CommonVulnerabilities and Exposures (CVE) database:  http://cve.mitre.org...e=CVE-2010-0277  http://cve.mitre.org...e=CVE-2010-0420  http://cve.mitre.org...e=CVE-2010-0423Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/pidgin-2.6.6-i486-1_slack13.0.txz:  Upgraded.  This fixes a few denial-of-service flaws as well as other bugs.  For more information, see:    http://cve.mitre.org...e=CVE-2010-0277    http://cve.mitre.org...e=CVE-2010-0420    http://cve.mitre.org...e=CVE-2010-0423  (* Security fix *)+--------------------------+~Eric

#19 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 31 March 2010 - 08:50 PM

Updates Slackware 13.0[slackware-security]  openssl (SSA:2010-090-01)New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0,and -current to fix security issues.More details about the issues may be found in the CommonVulnerabilities and Exposures (CVE) database:  http://cve.mitre.org...e=CVE-2010-0433  http://cve.mitre.org...e=CVE-2010-0740A recompiled proftpd package is required if you run ProFTPD.Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/openssl-0.9.8n-i486-1_slack13.0.txz:  Upgraded.  This OpenSSL update contains some security related bugfixes.  For more information, see the included CHANGES and NEWS files, and:    http://cve.mitre.org...e=CVE-2010-0433    http://cve.mitre.org...e=CVE-2010-0740 (* Security fix *)patches/packages/openssl-solibs-0.9.8n-i486-1_slack13.0.txz:  Upgraded.+--------------------------+=====[slackware-security]  mozilla-firefox (SSA:2010-090-02)New mozilla-firefox packages are available for Slackware 13.0 and -current tofix security issues.More details about the issues may be found on the Mozilla website:  http://www.mozilla.o.../firefox36.htmlHere are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/mozilla-firefox-3.6.2-i686-1.txz:  Upgraded.  Upgraded to firefox-3.6.2.  This fixes some security issues.  For more information, see:    http://www.mozilla.o.../firefox36.html  (* Security fix *)+--------------------------+=====[slackware-security]  seamonkey (SSA:2010-090-03)New seamonkey packages are available for Slackware 11.0, 12.0, and 12.1 tofix security issues.For more information, see:  http://www.mozilla.o...eamonkey11.htmlHere are the details from the Slackware 12.1 ChangeLog:+--------------------------+patches/packages/seamonkey-1.1.19-i486-1_slack12.1.tgz:  Upgraded.  Upgraded to seamonkey-1.1.19.  This release fixes some more security vulnerabilities.  For more information, see:    http://www.mozilla.o...eamonkey11.html  (* Security fix *)+--------------------------+~Eric

#20 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 05 April 2010 - 02:58 PM

Updates Slackware 13.0[slackware-security]  mozilla-thunderbird (SSA:2010-095-01)New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0,12.1, 12.2, 13.0, and -current to fix security issues.Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/mozilla-thunderbird-2.0.0.24-i686-1.txz:  Upgraded.  This upgrade fixes some more security bugs.  For more information, see:    http://www.mozilla.o...nderbird20.html  (* Security fix *)+--------------------------+~EricUpdates Slackware 13.0[slackware-security]  mozilla-firefox (SSA:2010-095-02)New mozilla-firefox packages are available for Slackware 12.2, 13.0,and -current to fix security issues.Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/mozilla-firefox-3.6.3-i686-1.txz:  Upgraded.  This fixes some security issues.  For more information, see:    http://www.mozilla.o.../firefox36.html  (* Security fix *)+--------------------------+~EricUpdates Slackware 13.0[slackware-security]  seamonkey (SSA:2010-095-03)New seamonkey packages are available for Slackware 12.2, 13.0, and -current tofix security issues.Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/seamonkey-2.0.4-i486-1_slack13.0.txz:  Upgraded.  This release fixes some more security vulnerabilities.  For more information, see:    http://www.mozilla.o...eamonkey20.html  (* Security fix *)patches/packages/seamonkey-solibs-2.0.4-i486-1_slack13.0.txz:  Upgraded.+--------------------------+~Eric

#21 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 20 April 2010 - 10:37 PM

Updates Slackware 13.0[slackware-security]  sudo (SSA:2010-110-01)New sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues.Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/sudo-1.7.2p6-i486-1_slack13.0.txz:  Upgraded.  This update fixes security issues that may give a user with permission  to run sudoedit the ability to run arbitrary commands.  For more information, see:    http://cve.mitre.org...e=CVE-2010-0426    http://cve.mitre.org...e=CVE-2010-1163    http://www.gratisoft...t_escalate.html    http://www.gratisoft..._escalate2.html  (* Security fix *)+--------------------------+=====[slackware-security]  kdebase-workspace (SSA:2010-110-02)New kdebase-workspace packages are available for Slackware 13.0 and -current tofix a security issue with KDM.Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/kdebase-workspace-4.2.4-i486-2_slack13.0.txz:  Rebuilt.  Patched a security issue with KDM.  For more information, see:    http://cve.mitre.org...e=CVE-2010-0436  (* Security fix *)+--------------------------+~Eric

#22 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 26 April 2010 - 07:33 PM

Updates Slackware 13.0[slackware-security]  irssi (SSA:2010-116-01)New irssi packages are available for Slackware 10.1, 10.2, 11.0, 12.0, 12.1,12.2, 13.0, and -current to fix security issues.Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/irssi-0.8.15-i486-1_slack13.0.txz:  Upgraded.  From the NEWS file:    - Check if an SSL certificate matches the hostname of the server we are      connecting to.    - Fix crash when checking for fuzzy nick match when not on the channel.      Reported by Aurelien Delaitre (SATE 2009).  For more information, see:    http://cve.mitre.org...e=CVE-2010-1155    http://cve.mitre.org...e=CVE-2010-1156  (* Security fix *)+--------------------------+~Eric

#23 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 18 May 2010 - 12:20 AM

Updates Slackware 13.0[slackware-security] fetchmail (SSA:2010-136-01)New fetchmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1,10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue.Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/fetchmail-6.3.17-i486-1_slack13.0.txz:  Upgraded.  A crafted header or POP3 UIDL list could cause a memory leak and crash  leading to a denial of service.  For more information, see:    http://cve.mitre.org...e=CVE-2010-1167  (* Security fix *)+--------------------------+~Eric

#24 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 19 May 2010 - 12:24 AM

Updates Slackware 13.0[slackware-security]  pidgin (SSA:2010-138-01)New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0,and -current to fix a security issue.Here are the details from the Slackware 13.0 ChangeLog:+--------------------------+patches/packages/pidgin-2.7.0-i486-1_slack13.0.txz:  Upgraded.  Upgraded to pidgin-2.7.0 and pidgin-encryption-3.1.  The msn_emoticon_msg function in slp.c in the MSN protocol plugin in  libpurple in Pidgin before 2.7.0 allows remote attackers to cause  a denial of service (application crash) via a custom emoticon in a  malformed SLP message.  For more information, see:    http://cve.mitre.org...e=CVE-2010-1624  (* Security fix *)+--------------------------+~Eric

#25 OFFLINE   V.T. Eric Layton

V.T. Eric Layton

    Nocturnal Slacker

  • Forum Admins
  • 21,007 posts

Posted 10 October 2010 - 10:42 AM

NOTICE

I'm would like to apologize for the lack of update posting in this area over the past few months. I will attempt to start posting the updates again soon. In the meantime, you can click HERE for all of the 2010 Slackware security updates.Thank you for your patience and understanding.~Eric





Also tagged with one or more of these keywords: slackware, updates, bruno, v.t. eric layton

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users