Linux Compatible - Slackware (Page 13)

samba (SSA:2008-149-01)

Slackware 1215 Published 2008-05-29 10:31 by Philipp Esselbach 0

New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, and -current to fix a security issue:

"Specifically crafted SMB responses can result in a heap overflow in the Samba client code. Because the server process, smbd, can itself act as a client during operations such as printer notification and domain authentication, this issue affects both Samba client and server installations."

This flaw affects Samba versions from 3.0.0 through 3.0.29.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105

libpng (SSA:2008-119-01)

Slackware 1215 Published 2008-04-29 11:58 by Philipp Esselbach 0

New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix a security issue.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382

Additional information can be found in the libpng source, or in this file on the libpng FTP site:

ftp://ftp.simplesystems.org/pub/libpng/png/src/libpng-1.2.27-README.txt

xine-lib (SSA:2008-111-01)

Slackware 1215 Published 2008-04-22 11:25 by Philipp Esselbach 0

New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues.

An overflow was found in the Speex decoder that could lead to a crash or
possible execution of arbitrary code. Xine-lib <= 1.1.12 was also found to be vulnerable to a stack-based buffer overflow in the NES demuxer (thanks to milw0rm.com).

More details about the first issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686

mozilla-firefox (SSA:2008-108-01)

Slackware 1215 Published 2008-04-18 09:54 by Philipp Esselbach 0

New mozilla-firefox packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix a possible security bug.

More details about this issue may be found here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1380
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox
https://bugzilla.mozilla.org/show_bug.cgi?id=425576

m4 (SSA:2008-098-01)

Slackware 1215 Published 2008-04-07 23:05 by Philipp Esselbach 0

New m4 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues.

More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688

bzip2 (SSA:2008-098-02)

Slackware 1215 Published 2008-04-07 23:04 by Philipp Esselbach 0

New bzip2 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix a DoS issue.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372

openssh (SSA:2008-095-01)

Slackware 1215 Published 2008-04-05 10:56 by Philipp Esselbach 0

New openssh packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix a security issue.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483

Slackware Linux 12.1 RC1

Slackware 1215 Published 2008-04-03 15:23 by Philipp Esselbach 0

Slackware Linux 12.1 RC1 has been released

cups (SSA:2008-094-01)

Slackware 1215 Published 2008-04-03 14:23 by Philipp Esselbach 0

New cups packages are available for Slackware 12.0, and -current to fix security issues. The change from CUPS 1.2.x to CUPS 1.3.x was tested here, but if you're on a completely secured internal network these issues may be less of a risk than upgrading. If your IPP port is open to the internet, you'd be advised to upgrade as soon as possible (or firewall the port at the gateway if you're not in need of printer jobs coming in from the internet).

More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373

xine-lib (SSA:2008-092-01)

Slackware 1215 Published 2008-04-01 14:19 by Philipp Esselbach 0

New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482

seamonkey (SSA:2008-089-02)

Slackware 1215 Published 2008-03-30 13:00 by Philipp Esselbach 0

New seamonkey packages are available for Slackware 11.0, 12.0, and -current to fix security issues.

For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#seamonkey

mozilla-firefox (SSA:2008-089-01)

Slackware 1215 Published 2008-03-30 12:59 by Philipp Esselbach 0

New mozilla-firefox packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues.

For more information, see:
http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox

xine-lib (SSA:2008-089-03)

Slackware 1215 Published 2008-03-30 12:55 by Philipp Esselbach 0

New xine-lib packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix security issues.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073

mozilla-thunderbird (SSA:2008-061-01)

Slackware 1215 Published 2008-03-02 10:40 by Philipp Esselbach 0

New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues.

httpd (SSA:2008-045-01)

Slackware 1215 Published 2008-02-15 10:20 by Philipp Esselbach 0

New httpd packages are available for Slackware 12.0, and -current to fix security issues.

More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005

php (SSA:2008-045-03)

Slackware 1215 Published 2008-02-15 10:19 by Philipp Esselbach 0

New php-4.4.8 packages are available for Slackware 10.2 and 11.0 to fix security issues.

More details about the issues may be found here:
http://bugs.php.net/43010

apache (SSA:2008-045-02)

Slackware 1215 Published 2008-02-15 10:18 by Philipp Esselbach 0

New apache 1.3.41 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security issues.

A new matching mod_ssl package is also provided.

More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847

firefox, seamonkey (SSA:2008-043-01)

Slackware 1215 Published 2008-02-13 10:52 by Philipp Esselbach 0

New mozilla-firefox packages are available for Slackware 10.2, 11.0, 12.0, and -current to fix security issues. New seamonkey updates are available for Slackware 11.0, 12.0, and -current to address similar issues.

GNOME SlackBuild RC1: GNOME 2.20.3 Desktop for Slackware 12

Slackware 1215 Published 2008-01-17 08:15 by Philipp Esselbach 0

GNOME SlackBuild RC1, a GNOME 2.20.3 Desktop for Slackware 12, has been released

samba (SSA:2007-344-01)

Slackware 1215 Published 2007-12-11 08:57 by Philipp Esselbach 0

New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix a security issue. A boundary failure in GETDC mailslot processing can result in a buffer overrun leading to possible code execution.

More details about the issue will become available in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6015