V.T. Eric Layton Posted January 16, 2018 Share Posted January 16, 2018 [slackware-security] kernel (SSA:2018-016-01) New kernel packages are available for Slackware 14.0 and 14.2 to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/linux-4.4.111/*: Upgraded. This kernel includes mitigations for the Spectre (variant 2) and Meltdown speculative side channel attacks. Be sure to upgrade your initrd after upgrading the kernel packages. If you use lilo to boot your machine, be sure lilo.conf points to the correct kernel and initrd and run lilo as root to update the bootloader. If you use elilo to boot your machine, you should run eliloconfig to copy the kernel and initrd to the EFI System Partition. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754 (* Security fix *) +--------------------------+ Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted January 25, 2018 Share Posted January 25, 2018 [slackware-security] curl (SSA:2018-024-01) New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/curl-7.58.0-i586-1_slack14.2.txz: Upgraded. This update fixes security issues: HTTP authentication leak in redirects HTTP/2 trailer out-of-bounds read For more information, see: https://curl.haxx.se/docs/adv_2018-b3bf.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007 https://curl.haxx.se/docs/adv_2018-824a.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005 (* Security fix *) +--------------------------+ Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted January 26, 2018 Share Posted January 26, 2018 [slackware-security] mozilla-thunderbird (SSA:2018-025-01) New mozilla-thunderbird packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/mozilla-thunderbird-52.6.0-i586-1_slack14.2.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.mozilla.org/en-US/thunderbird/52.6.0/releasenotes/ (* Security fix *) +--------------------------+ Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted February 16, 2018 Share Posted February 16, 2018 [slackware-security] irssi (SSA:2018-046-01) New irssi packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/irssi-1.0.7-i586-1_slack14.2.txz: Upgraded. This update fixes bugs and security issues. For more information, see: https://irssi.org/security/html/irssi_sa_2018_02 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7054 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7053 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7050 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7052 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7051 (* Security fix *) +--------------------------+ +++ ATTENTION +++ Slackware updates postings are now suspended. Why? Well, because no one reads them and I'm lazy and don't feel like posting them anymore. We now return you to your regularly scheduled programming already in progress... Link to comment Share on other sites More sharing options...
Recommended Posts