Slackware Security Advisories (sigurnosne nadogradnje)

Novosti u vezi Slackware Linuxa

Moderator: Urednik

Locked

Administrator
Administrator
offline
User avatar

Posts: 2834
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 29 Oct 2019, 00:11


14.10.2019.

Sveži sudo paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/sudo-1.8.28-i586-1_slack14.2.txz:  Upgraded.
  Fixed a bug where an sudo user may be able to run a command as root when
  the Runas specification explicitly disallows root access as long as the
  ALL keyword is listed first.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14287
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2834
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 29 Oct 2019, 00:17


20.10.2019.

Sveži python paketi za Slackware 14.0, 14.1, 14.2 i -current:

Code: Select all

patches/packages/python-2.7.17-i586-1_slack14.2.txz:  Upgraded.
  This update fixes bugs and security issues:
  Update vendorized expat library version to 2.2.8.
  Disallow URL paths with embedded whitespace or control characters into the
  underlying http client request. Such potentially malicious header injection
  URLs now cause an httplib.InvalidURL exception to be raised.
  Avoid file reading by disallowing ``local-file://`` and ``local_file://``
  URL schemes in :func:`urllib.urlopen`, :meth:`urllib.URLopener.open` and
  :meth:`urllib.URLopener.retrieve`.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”



Administrator
Administrator
offline
User avatar

Posts: 2834
Joined: 01 Apr 2012, 13:50
Location: Mlečni put

Post Napisano: 29 Oct 2019, 00:18


22.10.2019.

Sveži mozilla-firefox paketi za Slackware 14.2 i -current:

Code: Select all

patches/packages/mozilla-firefox-68.2.0esr-i686-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    https://www.mozilla.org/en-US/firefox/68.2.0/releasenotes/
    https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11757
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11758
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11759
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11760
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11761
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11762
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11763
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11764
  (* Security fix *)
Use the source, Luke
SSZ irc kanal
Spread the Word, “CHOOSE SLACK! and Don’t look back.”


Locked

Who is online

Users browsing this forum: No registered users and 13 guests