New Mozilla packages are available for Slackware 9.1, 10.0, 10.1, and -current to fix various security issues and bugs.
OSNews has posted a review on Slackware Linux 10.1
Slackware 10.1 has been released
Saw over at OSNews that Slackware 10.1-Beta1 has been released
OSNews reports that Patrick Volkerding is back in good health
Patrick Volkerding has posted an update. Thanks Mark.
From Slashdot.org:
New apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix a security issue. Apache has been upgraded to version 1.3.33 which fixes a buffer overflow which may allow local users to execute arbitrary code as the apache user.
The mod_ssl package has also been upgraded to version 2.8.22_1.3.33.
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940
The mod_ssl package has also been upgraded to version 2.8.22_1.3.33.
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0940
New libtiff packages are available for Slackware 8.1, 9.0, 9.1, 10.1, and -current to fix security issues that could lead to application crashes, or possibly execution of arbitrary code.
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0886
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0886
New apache and mod_ssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix security issues. Apache has been upgraded to version 1.3.32 which fixes a heap-based buffer overflow in mod_proxy. mod_ssl was upgraded from version mod_ssl-2.8.19-1.3.31 to version 2.8.21-1.3.32 which corrects a flaw allowing a client to use a cipher which the server does not consider secure enough.
A new PHP package (php-4.3.9) is also available for all of these platforms.
More details about these issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
A new PHP package (php-4.3.9) is also available for all of these platforms.
More details about these issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885
New gaim packages are available for Slackware 9.0, 9.1, 10.0 and -current to fix a buffer overflow in the MSN protocol. Sites that use GAIM should upgrade to the new version.
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891
New rsync 2.6.3 packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to a fix security issue when rsync is run as a non-chrooted server.
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-792
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-792
OSNews reports that Gnome may be dropped by Slackware
Dropline GNOME 2.8.0 for Slackware Linux is available
New getmail packages are available for Slackware 9.1, 10.0 and -current to fix a security issue. If getmail is used as root to deliver to user owned files or directories, it can be made to overwrite system files.
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-881
More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-880
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-881
New zlib packages are available for Slackware 10.0 and -current to fix a possible denial of service security issue.
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-797
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-797
New xine-lib packages are available for Slackware 10.0 and -current to fix security issues.
New Mozilla 1.7.3 packages are available for Slackware 10.0 and -current to fix security issues.
New GTK+ (version 2) packages are available for Slackware 10.0 and -current to fix issues in the image loader routines that can crash applications.
New CUPS packages are available for Slackware 9.1, 10.0, and -current to fix a denial of service issue where a malformed packet can crash the CUPS server.
