Novosti u vezi Slackware Linuxa
Moderator: Urednik
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 14 Jan 2018, 11:13
19.12.2017.
Sveži ruby paket za Slackware 14.2 i -current:
Code: Select all
patches/packages/ruby-2.2.9-i586-1_slack14.2.txz: Upgraded.
This update fixes a security issue:
Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile
use Kernel#open to open a local file. If the localfile argument starts with
the pipe character "|", the command following the pipe character is executed.
The default value of localfile is File.basename(remotefile), so malicious FTP
servers could cause arbitrary command execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 14 Jan 2018, 11:13
22.12.2017.
Sveži mozilla-thunderbird paket za Slackware 14.2 i -current:
Code: Select all
patches/packages/mozilla-thunderbird-52.5.2-i586-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/52.5.2/releasenotes/
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 14 Jan 2018, 11:14
08.01.2018.
Sveži irssi paketi za Slackware 14.0, 14.1, 14.2 i -current:
Code: Select all
patches/packages/irssi-1.0.6-i586-1_slack14.2.txz: Upgraded.
This update fixes multiple security vulnerabilities.
For more information, see:
https://irssi.org/security/irssi_sa_2018_01.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5205
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5206
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5207
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5208
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 18 Jan 2018, 19:16
15.01.2018.
Sveži kernel paketi za Slackware 14.0 i 14.2:
Code: Select all
patches/packages/linux-4.4.111/*: Upgraded.
This kernel includes mitigations for the Spectre (variant 2) and Meltdown
speculative side channel attacks.
Be sure to upgrade your initrd after upgrading the kernel packages.
If you use lilo to boot your machine, be sure lilo.conf points to the correct
kernel and initrd and run lilo as root to update the bootloader.
If you use elilo to boot your machine, you should run eliloconfig to copy the
kernel and initrd to the EFI System Partition.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 18 Jan 2018, 19:17
17.01.2018.
Sveži bind paketi za Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2 i -current:
Code: Select all
patches/packages/bind-9.10.6_P1-i586-1_slack14.2.txz: Upgraded.
This update fixes a high severity security issue:
Improper sequencing during cleanup can lead to a use-after-free error,
triggering an assertion failure and crash in named.
For more information, see:
https://kb.isc.org/article/AA-01542
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3145
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 28 Jan 2018, 22:45
20.01.2018.
Sveži mozilla-firefox paketi za Slackware 14.2 i -current:
Code: Select all
patches/packages/mozilla-firefox-52.6.0esr-i586-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
Specifically, this update contains performance.now() mitigations for Spectre.
For more information, see:
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 28 Jan 2018, 22:46
24.01.2018.
Sveži curl paketi za Slackware 14.0, 14.1, 14.2 i -current:
Code: Select all
patches/packages/curl-7.58.0-i586-1_slack14.2.txz: Upgraded.
This update fixes security issues:
HTTP authentication leak in redirects
HTTP/2 trailer out-of-bounds read
For more information, see:
https://curl.haxx.se/docs/adv_2018-b3bf.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000007
https://curl.haxx.se/docs/adv_2018-824a.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000005
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 28 Jan 2018, 22:47
25.01.2018.
Sveži mozilla-thunderbird paketi za Slackware 14.2 i -current:
Code: Select all
patches/packages/mozilla-thunderbird-52.6.0-i586-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/52.6.0/releasenotes/
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 04 Feb 2018, 13:01
01.02.2018.
Sveži rsync paketi za Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2 i -current:
Code: Select all
patches/packages/rsync-3.1.3-i586-1_slack14.2.txz: Upgraded.
This update fixes two security issues:
Fixed a buffer overrun in the protocol's handling of xattr names and
ensure that the received name is null terminated.
Fix an issue with --protect-args where the user could specify the arg in
the protected-arg list and short-circuit some of the arg-sanitizing code.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16548
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5764
(* Security fix *)
Sveži mariadb paketi za Slackware 14.1, 14.2 i -current:
Code: Select all
patches/packages/mariadb-10.0.34-i586-1_slack14.2.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2622
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2640
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2665
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2668
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2612
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
-
- Posts: 3468
- Joined: 01 Apr 2012, 13:50
- Location: Mlečni put
Post
Napisano: 04 Feb 2018, 13:02
03.02.2018.
Sveži php paketi za Slackware 14.0, 14.1, 14.2 i -current:
Code: Select all
patches/packages/php-5.6.33-i586-1_slack14.2.txz: Upgraded.
This update fixes bugs and security issues, including:
Potential infinite loop in gdImageCreateFromGifCtx.
Reflected XSS in .phar 404 page.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712
(* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”
Who is online
Users browsing this forum: No registered users and 39 guests