Linux Compatible - Slackware (Page 12)

cups (SSA:2007-305-01)

Slackware 1231 Published 2007-11-02 09:53 by Philipp Esselbach 0

CUPS was found to contain errors in ipp.c which could allow a re
mote attacker to crash CUPS, resulting in a denial of service. If you use CUPS, it is recommended to update to the latest package for your version of Slackware.

The latest cups package is available for Slackware -current, and patched packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 that fix the problems.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351

The Perfect Desktop - Slackware 12

Slackware 1231 Published 2007-10-12 11:53 by Philipp Esselbach 0

Howtoforge posted a tutorial about setting up Slackware 12 as Linux desktop

glibc-zoneinfo (SSA:2007-283-01)

Slackware 1231 Published 2007-10-11 10:42 by Philipp Esselbach 0

New glibc-zoneinfo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to update the timezone tables to the latest versions. If you've noticed your clock has wandered off, these packages should fix the problem.

This isn't really a "security issue" (or is a minor one), but it's an important fix nevertheless.

pidgin (SSA:2007-275-01)

Slackware 1231 Published 2007-10-03 10:30 by Philipp Esselbach 0

A new pidgin package is available for Slackware 12.0 to fix a minor fix security issue.

More details about this issue may be found here:

http://www.pidgin.im/news/security/?id=23

Here are the details from the Slackware 12.0 ChangeLog:

samba (SSA:2007-255-02)

Slackware 1231 Published 2007-09-13 10:06 by Philipp Esselbach 0

New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, and 12.0 to fix a security issue and various other bugs.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4138

php (SSA:2007-255-03)

Slackware 1231 Published 2007-09-13 10:05 by Philipp Esselbach 0

New PHP5 packages are available for Slackware 10.1, 10.2, 11.0, and 12.0 to fix "several low priority security bugs."

Note that PHP5 was not officially supported in Slackware 10.1 or 10.2 (being in the /testing directory), and was not the default version of PHP for Slackware 11.0 (being in the /extra directory), but updates are being provided anyway.

openssh (SSA:2007-255-01)

Slackware 1231 Published 2007-09-13 10:05 by Philipp Esselbach 0

New openssh packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix a possible security issue. This version should also provide increased performance with certain ciphers.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752

tcpdump (SSA:2007-230-01)

Slackware 1231 Published 2007-08-19 10:44 by Philipp Esselbach 0

New tcpdump packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix a security issue.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798

gimp (SSA:2007-222-01)

Slackware 1231 Published 2007-08-11 09:28 by Philipp Esselbach 0

New gimp packages are available for Slackware 10.2, 11.0, and 12.0 to fix security issues.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2949

poppler (SSA:2007-222-02)

Slackware 1231 Published 2007-08-11 09:28 by Philipp Esselbach 0

A new poppler package is available for Slackware 12.0 to fix an integer overflow.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387

seamonkey (SSA:2007-222-04)

Slackware 1231 Published 2007-08-11 09:27 by Philipp Esselbach 0

New seamonkey packages are available for Slackware 11.0 and 12.0 to fix various security issues.

For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey

xpdf (SSA:2007-222-05)

Slackware 1231 Published 2007-08-11 09:26 by Philipp Esselbach 0

New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix an integer overflow.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387

qt (SSA:2007-222-03)

Slackware 1231 Published 2007-08-11 09:25 by Philipp Esselbach 0

New qt packages are available for Slackware 10.2, 11.0, and 12.0 to fix format string errors.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3388

firefox (SSA:2007-213-01)

Slackware 1231 Published 2007-08-02 12:47 by Philipp Esselbach 0

New mozilla-firefox packages are available for Slackware 11.0 and 12.0 to fix security issues.

Note that Firefox 1.5.x has reached its EOL (end of life) and is no longer being updated by mozilla.com. Users of Firefox 1.5.x are encouraged to upgrade to Firefox 2.x. Since we use the official Firefox binaries, these packages should work equally well on earlier Slackware systems.

More details about the security issues may be found at this link:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox

bind (SSA:2007-207-01)

Slackware 1231 Published 2007-07-27 09:16 by Philipp Esselbach 0

New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, and 12.0 to fix security issues.

The first issue which allows remote attackers to make recursive queries only affects Slackware 12.0. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925

The second issue is the discovery that BIND9's query IDs are cryptographically weak. This issue affects the versions of BIND9 in all supported Slackware versions. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926

seamonkey (SSA:2007-205-02)

Slackware 1231 Published 2007-07-25 10:34 by Philipp Esselbach 0

New SeaMonkey packages are available for Slackware 11.0 and 12.0 to fix possible security issues. While this update has been reported to MozillaZine to "fix several security issues", details are not yet available. Presumably the issues are similar to the ones that were recently addressed in Firefox and Thunderbird.

More details about the issues may (eventually) be found here:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey

thunderbird (SSA:2007-205-01)

Slackware 1231 Published 2007-07-25 10:33 by Philipp Esselbach 0

New Thunderbird packages are available for Slackware 11.0 and 12.0 to fix two possible security issues. This package may also be used on many older versions of Slackware (though we're not certain how far back...)

More details about the issues may be found here:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird

Slackware Linux 12.0

Slackware 1231 Published 2007-07-03 10:47 by Philipp Esselbach 0

Slackware 12.0 has been released:

Well folks, it's that time to announce a new stable Slackware release again. So, without further ado, announcing Slackware version 12.0! Since we've moved to supporting the 2.6 kernel series exclusively (and fine-tuned the system to get the most out of it), we feel that Slackware 12.0 has many improvements over our last release (Slackware 11.0) and is a must-have upgrade for any Slackware user.

This first Slackware edition of the year combines Slackware's legendary simplicity (and close tracking of original sources), stability, and security with some of the latest advances in Linux technology. Expect no less than the best Slackware yet.

gd (SSA:2007-178-01)

Slackware 1231 Published 2007-06-27 17:15 by Philipp Esselbach 0

GD is an open source code library for the dynamic creation of images.

New gd packages are available for Slackware 11.0, and -current to fix possible security issues.

Please see: http://www.libgd.org/ReleaseNote020035
for complete release notes. "Upgrading is strongly recommended."

thunderbird (SSA:2007-165-01)

Slackware 1231 Published 2007-06-15 10:03 by Philipp Esselbach 0

A new thunderbird package is available for Slackware -current to fix two possible security issues. This package may also be used on many older versions of Slackware (though we're not certain how far back...)

More details about the issues may be found here:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#thunderbird