Linux Compatible - Slackware (Page 11)

thunderbird (SSA:2007-205-01)

Slackware 1215 Published 2007-07-25 10:33 by Philipp Esselbach 0

New Thunderbird packages are available for Slackware 11.0 and 12.0 to fix two possible security issues. This package may also be used on many older versions of Slackware (though we're not certain how far back...)

More details about the issues may be found here:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird

Slackware Linux 12.0

Slackware 1215 Published 2007-07-03 10:47 by Philipp Esselbach 0

Slackware 12.0 has been released:

Well folks, it's that time to announce a new stable Slackware release again. So, without further ado, announcing Slackware version 12.0! Since we've moved to supporting the 2.6 kernel series exclusively (and fine-tuned the system to get the most out of it), we feel that Slackware 12.0 has many improvements over our last release (Slackware 11.0) and is a must-have upgrade for any Slackware user.

This first Slackware edition of the year combines Slackware's legendary simplicity (and close tracking of original sources), stability, and security with some of the latest advances in Linux technology. Expect no less than the best Slackware yet.

gd (SSA:2007-178-01)

Slackware 1215 Published 2007-06-27 17:15 by Philipp Esselbach 0

GD is an open source code library for the dynamic creation of images.

New gd packages are available for Slackware 11.0, and -current to fix possible security issues.

Please see: http://www.libgd.org/ReleaseNote020035
for complete release notes. "Upgrading is strongly recommended."

thunderbird (SSA:2007-165-01)

Slackware 1215 Published 2007-06-15 10:03 by Philipp Esselbach 0

A new thunderbird package is available for Slackware -current to fix two possible security issues. This package may also be used on many older versions of Slackware (though we're not certain how far back...)

More details about the issues may be found here:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird

libexif (SSA:2007-164-01)

Slackware 1215 Published 2007-06-14 10:15 by Philipp Esselbach 0

New libexif packages are available for Slackware 10.2, 11.0, and -current to fix a crash and potential security issue.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4168

php5 (SSA:2007-152-01)

Slackware 1215 Published 2007-06-02 10:54 by Philipp Esselbach 0

New php5 packages are available for Slackware 10.2, 11.0, and -current to fix security issues. PHP5 was considered a test package in Slackware 10.2, and an "extra" package in Slackware 11.0. If you are currently running PHP4 you may wish to stick with that, as upgrading to PHP5 will probably require changes to your system's configuration and/or web code.

More details about the issues affecting Slackware's PHP5 may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1900
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872

One CVE-issued vulnerability (CVE-2007-1887) does not affect Slackware as
we do not ship an unbundled sqlite2 library.

VectorLinux SOHO: A better Slackware than Slackware

Slackware 1215 Published 2007-05-21 21:48 by Philipp Esselbach 0

Linux.com published a review on VectorLinux SOHO

libpng (SSA:2007-136-01)

Slackware 1215 Published 2007-05-17 11:12 by Philipp Esselbach 0

New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and -current to fix a security issue.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445

samba (SSA:2007-134-01)

Slackware 1215 Published 2007-05-15 10:38 by Philipp Esselbach 0

New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, and -current to fix security issues.

More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2444
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447

Slackware 11.0 x11-6.9.0 patch fix (SSA:2007-110-01)

Slackware 1215 Published 2007-04-21 06:08 by Philipp Esselbach 0

A new x11-6.9.0-i486-14_slack11.0.tgz patch is available for Slackware 11.0 to fix the inadvertent inclusion of two old fontconfig binaries. Installing the original fontconfig patch followed by the original x11 patch would cause fc-cache and fc-list to be overwritten by old versions, breaking fontconfig.

To fix the issue, reinstall the fontconfig patch. The x11 package has been updated so that installation will not be order-specific for anyone fetching the patches now.

xine-lib (SSA:2007-109-02)

Slackware 1215 Published 2007-04-20 10:26 by Philipp Esselbach 0

New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, and -current to fix security issues.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1246

freetype (SSA:2007-109-01)

Slackware 1215 Published 2007-04-20 10:25 by Philipp Esselbach 0

New x11 and/or freetype and fontconfig packages are available for Slackware 10.1, 10.2, 11.0, and -current to fix security issues in freetype. Freetype was packaged with X11 prior to Slackware version 11.0.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351

Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
patches/packages/freetype-2.3.4-i486-1_slack11.0.tgz:
Fixed an overflow parsing BDF fonts.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1351
(* Security fix *)
+--------------------------+

x11 (SSA:2007-066-02)

Slackware 1215 Published 2007-03-08 09:13 by Philipp Esselbach 0

New x11 packages are available for Slackware 10.2 and 11.0.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103

Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
x/x11-6.9.0-i486-12_slack11.0.tgz: Patched.
This update fixes overflows in the dbe and render extensions. This could
possibly be exploited to overwrite parts of memory, possibly allowing
malicious code to execute, or (more likely) causing X to crash.
For information about some of the security fixes, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6101
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6102
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6103
+--------------------------+

gnupg (SSA:2007-066-01)

Slackware 1215 Published 2007-03-08 09:12 by Philipp Esselbach 0

New gnupg packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security ramifications of incorrect gpg usage.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1263

Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
n/gnupg-1.4.7-i486-1_slack11.0.tgz: Upgraded to gnupg-1.4.7.
This fixes a security problem that can occur when GnuPG is used incorrectly.
Newer versions attempt to prevent such misuse.
For more information, see:
http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html
(* Security fix *)
+--------------------------+

imagemagick (SSA:2007-066-06)

Slackware 1215 Published 2007-03-08 09:11 by Philipp Esselbach 0

A new imagemagick package is available for Slackware 11.0 to fix security issues.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456

Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
xap/imagemagick-6.3.3_0-i486-1_slack11.0.tgz:
Upgraded to imagemagick-6.3.3-0.
The original fix for PALM image handling has been corrected.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456
(* Security fix *)
+--------------------------+

mozilla-firefox (SSA:2007-066-03)

Slackware 1215 Published 2007-03-08 09:10 by Philipp Esselbach 0

New mozilla-firefox packages are available for Slackware 10.2, and 11.0 to fix security issues.

Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
xap/mozilla-firefox-1.5.0.10-i686-1.tgz:
Upgraded to firefox-1.5.0.10.
This upgrade fixes several possible security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
(* Security fix *)
+--------------------------+

mozilla-thunderbird (SSA:2007-066-04)

Slackware 1215 Published 2007-03-08 09:09 by Philipp Esselbach 0

New mozilla-thunderbird packages are available for Slackware 10.2, and 11.0 to fix security issues.

Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
xap/mozilla-thunderbird-1.5.0.10-i686-1.tgz:
Upgraded to thunderbird-1.5.0.10.
This upgrade fixes several possible security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird
(* Security fix *)
+--------------------------+

seamonkey (SSA:2007-066-05)

Slackware 1215 Published 2007-03-08 09:07 by Philipp Esselbach 0

A new seamonkey package is available for Slackware 11.0 to fix security issues.

Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
xap/seamonkey-1.0.8-i486-1_slack11.0.tgz:
Upgraded to seamonkey-1.0.8.
This upgrade fixes several possible security bugs.
For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey
(* Security fix *)
+--------------------------+

samba (SSA:2007-038-01)

Slackware 1215 Published 2007-02-08 10:01 by Philipp Esselbach 0

New samba packages are available for Slackware 10.0, 10.1, 10.2, and 11.0 to fix a denial-of-service security issue.

More details about the issues fixed in Samba 3.0.24 may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0453
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0454

bind (SSA:2007-026-01)

Slackware 1215 Published 2007-01-28 12:00 by Philipp Esselbach 0

New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix denial of service security issues.

Versions of bind-9.2.x older than bind-9.2.8, and versions of bind-9.3.x older than 9.3.4 can be made to crash with malformed local or remote data.

More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494