Slackware Security Advisories (sigurnosne nadogradnje)

Novosti u vezi Slackware Linuxa

Moderator: Urednik

Locked

Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 06 Sep 2015, 11:57


03.09.2015.

Sveži Seamonkey paketi za Slackware 14.0, 14.1 i -current:

Code: Select all

patches/packages/seamonkey-2.35-i486-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.35-i486-1_slack14.1.txz:  Upgraded.
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 24 Oct 2015, 14:12


22.09.2015.

Mozilla Firefox za Slackware 14.1 i -current:

Code: Select all

patches/packages/mozilla-firefox-38.3.0esr-i486-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 24 Oct 2015, 14:14


01.10.2015.

Mozilla Thunderbird za Slackware 14.1 i -current:

Code: Select all

patches/packages/mozilla-thunderbird-38.3.0-i486-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
Php i Seamonkey za Slackware 14.0, 14.1 i -current:

Code: Select all

patches/packages/php-5.4.45-i486-1_slack14.1.txz:  Upgraded.
  This update fixes some bugs and security issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6834
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6835
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6836
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838
  (* Security fix *)

patches/packages/seamonkey-2.38-i486-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.38-i486-1_slack14.1.txz:  Upgraded.
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 30 Oct 2015, 13:20


29.10.2015.

Ntp, jasper i curl nadogradnje za Slackware 13.0, 13.1, 13.37, 14.0, 14.1 i -current

Code: Select all

patches/packages/ntp-4.2.8p4-i486-1_slack14.1.txz:  Upgraded.
  In addition to bug fixes and enhancements, this release fixes
  several low and medium severity vulnerabilities.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9750
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5196
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871
  (* Security fix *)

Code: Select all

patches/packages/jasper-1.900.1-i486-4_slack14.1.txz:  Rebuilt.
  Applied many security and bug fixes.
  Thanks to Heinz Wiesinger.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029
  (* Security fix *)

Code: Select all

patches/packages/curl-7.45.0-i486-1_slack14.1.txz:  Upgraded.
  Fixes some security issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 07 Nov 2015, 08:00


06.11.2015.

Mozilla-nss update za Slackware 14.0, 14.1 i -current:

Code: Select all

patches/packages/mozilla-nss-3.20.1-i486-1_slack14.1.txz:  Upgraded.
  Upgraded to nss-3.20.1 and nspr-4.10.10.
  This release contains security fixes and improvements.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183
  (* Security fix *)
Firerox-esr update za Slackware 14.1 i -current:

Code: Select all

patches/packages/mozilla-firefox-38.4.0esr-i486-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 15 Nov 2015, 05:51


14.11.2015.

Seamonkey update za Slackware 14.1 i current:

Code: Select all

patches/packages/seamonkey-2.39-i486-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.39-i486-1_slack14.1.txz:  Upgraded.
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 25 Nov 2015, 21:27


24.11.2015.

Pcre sveži paketi za Slackware 14.1 i -current:

Code: Select all

patches/packages/pcre-8.38-i486-1_slack14.1.txz:  Upgraded.
  Fixed overflows that could lead to a denial of service or the execution
  of arbitrary code.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3210
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 03 Dec 2015, 19:50


03.12.2015.

Novi mozilla-thunderbird paketi za Slackware 14.1 i -current:

Code: Select all

patches/packages/mozilla-thunderbird-38.4.0-i486-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
Novi libpng paketi za Slackware 13.0, 13.1, 13.37, 14.0, 14.1i -current:

Code: Select all

patches/packages/libpng-1.4.17-i486-1_slack14.1.txz:  Upgraded.
  Fixed buffer overflows in the png_set_PLTE(), png_get_PLTE(),
  png_set_tIME(), and png_convert_to_rfc1123() functions that allow
  attackers to cause a denial of service (application crash) or
  possibly have unspecified other impact via a small bit-depth value
  in an IHDR (aka image header) chunk in a PNG image.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126.
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 04 Feb 2016, 07:39


03.02.2016.

Novi Mplayer paketi su dostupni za Slackware 13.0, 13.1, 13.37, 14.0, 14.1 i -current:

Code: Select all

patches/packages/MPlayer-1.2_20160125-i486-1_slack14.1.txz:  Upgraded.
  This is the latest MPlayer-1.2 branch, identical to the 1.2.1 stable release.
  The bundled ffmpeg has been upgraded to 2.8.5, which fixes two security
  issues by which a remote attacker may conduct a cross-origin attack and read
  arbitrary files on the system.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1897
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1898
  (* Security fix *)
Novi openssl i php paketi dostupni za Slackware 14.0, 14.1 i -current:

Code: Select all

patches/packages/openssl-1.0.1r-i486-1_slack14.1.txz:  Upgraded.
  This update fixes the following security issue:
  SSLv2 doesn't block disabled ciphers (CVE-2015-3197).
  For more information, see:
    https://openssl.org/news/secadv/20160128.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3197
  (* Security fix *)
patches/packages/openssl-solibs-1.0.1r-i486-1_slack14.1.txz:  Upgraded.

Code: Select all

patches/packages/php-5.6.17-i486-1_slack14.1.txz:  Upgraded.
  This release fixes bugs and security issues.
  *****************************************************************
  * IMPORTANT:  READ BELOW ABOUT POTENTIALLY INCOMPATIBLE CHANGES *
  *****************************************************************
  PHP 5.4.x has been declared EOL (end of life) and is no longer receiving
  upstream support.  PHP 5.5.x is also no longer on active support status and
  security fixes will continue only until 5 months from now.  For this reason
  we have provided PHP 5.6 packages as security updates.  Be aware that PHP
  5.6 is not 100% compatible with PHP 5.4, and some changes may be required
  to existing web pages written for PHP 5.4.
  For information on how to migrate from PHP 5.4, please see:
    http://php.net/manual/en/migration55.php
    http://php.net/manual/en/migration56.php
  The final PHP 5.4 packages may be found in /pasture in case there is a need
  to revert this update.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7803
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7804
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1903
  (* Security fix *)
Sveži paketi Mozilla Firefox dostupni za Slackware 14.1 i -current:

Code: Select all

patches/packages/mozilla-firefox-38.6.0esr-i486-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 3451
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 09 Feb 2016, 19:39


08.02.2016.

Osveženi Curl paketi za Slackware 13.0, 13.1, 13.37, 14.0, 14.1 i -current:

Code: Select all

patches/packages/curl-7.47.1-i486-1_slack14.1.txz:  Upgraded.
  This update fixes a security issue where NTLM credentials are not checked
  for proxy connection reuse.  The effects of this flaw is that the application
  could be reusing a proxy connection using the previously used credentials
  and thus it could be given to or prevented access from resources that it
  wasn't intended to.  Thanks to Isaac Boukris.
  For more information, see:
    https://curl.haxx.se/docs/adv_20160127A.html
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0755
  (* Security fix *)
I osveženi libsndfile paketi za Slackware 13.37, 14.0, 14.1 i -current:

Code: Select all

patches/packages/flac-1.3.1-i486-1_slack14.1.txz:  Upgraded.
  This update is needed by the latest version of libsndfile.
patches/packages/libsndfile-1.0.26-i486-1_slack14.1.txz:  Upgraded.
  This release fixes security issues which may allow attackers to cause
  a denial of service, or possibly execute arbitrary code.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9496
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9756
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7805
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”


Locked

Who is online

Users browsing this forum: No registered users and 48 guests