Official patches for Slackware-14.2

Se avete problemi con l'installazione e la configurazione di Slackware postate qui. Non usate questo forum per argomenti generali... per quelli usate Gnu/Linux in genere.

Moderatore: Staff

Regole del forum
1) Citare sempre la versione di Slackware usata, la versione del Kernel e magari anche la versione della libreria coinvolta. Questi dati aiutano le persone che possono rispondere.
2) Per evitare confusione prego inserire in questo forum solo topic che riguardano appunto Slackware, se l'argomento è generale usate il forum Gnu/Linux in genere.
3) Leggere attentamente le risposte ricevute.
4) Scrivere i messaggi con il colore di default, evitare altri colori.
5) Scrivere in Italiano o in Inglese, se possibile grammaticalmente corretto, evitate stili di scrittura poco chiari, quindi nessuna abbreviazione tipo telegramma o scrittura stile SMS o CHAT.
6) Appena registrati è consigliato presentarsi nel forum dedicato.

La non osservanza delle regole porta a provvedimenti di vari tipo da parte dello staff, in particolare la non osservanza della regola 5 porta alla cancellazione del post e alla segnalazione dell'utente. In caso di recidività l'utente rischia il ban temporaneo.
Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Wed, 02 Sep 2015 01:29:22

Messaggioda Slacky BOT Packager » mer set 02, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Tue Sep  1 23:29:22 UTC 2015
patches/packages/gdk-pixbuf2-2.28.2-i486-2_slack14.1.txz:  Rebuilt.
  Gustavo Grieco discovered a heap overflow in the processing of BMP images
  which may result in the execution of arbitrary code if a malformed image
  is opened.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Wed, 02 Sep 2015 21:36:32

Messaggioda Slacky BOT Packager » gio set 03, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Sep  2 19:36:31 UTC 2015
patches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz:  Upgraded.
  This update fixes two denial-of-service vulnerabilities:
  + CVE-2015-5722 is a denial-of-service vector which can be
  exploited remotely against a BIND server that is performing
  validation on DNSSEC-signed records.  Validating recursive
  resolvers are at the greatest risk from this defect, but it has not
  been ruled out that it could be exploited against an
  authoritative-only nameserver under limited conditions.  Servers
  that are not performing validation are not vulnerable.  However,
  ISC does not recommend disabling validation as a workaround to
  this issue as it exposes the server to other types of attacks.
  Upgrading to the patched versions is the recommended solution.
  All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722.
  + CVE-2015-5986 is a denial-of-service vector which can be used
  against a BIND server that is performing recursion.  Validation
  is not required.  Recursive resolvers are at the greatest risk
  from this defect, but it has not been ruled out that it could
  be exploited against an authoritative-only nameserver under
  limited conditions.
  Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to
  CVE-2015-5986.
  For more information, see:
    https://kb.isc.org/article/AA-01287/0
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722
    https://kb.isc.org/article/AA-01291/0
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Fri, 04 Sep 2015 00:02:39

Messaggioda Slacky BOT Packager » ven set 04, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Sep  3 22:02:39 UTC 2015
patches/packages/seamonkey-2.35-i486-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.35-i486-1_slack14.1.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Wed, 16 Sep 2015 00:36:17

Messaggioda Slacky BOT Packager » mer set 16, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Tue Sep 15 22:36:17 UTC 2015
patches/packages/ca-certificates-20150426-noarch-2_slack14.1.txz:  Rebuilt.
  Patched update-ca-certificates to remove incompatible command operators
  used to call 'run-parts'.  Thanks to Stuart Winter.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Wed, 23 Sep 2015 03:10:36

Messaggioda Slacky BOT Packager » mer set 23, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Sep 23 01:10:36 UTC 2015
patches/packages/mozilla-firefox-38.3.0esr-i486-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Thu, 01 Oct 2015 23:21:37

Messaggioda Slacky BOT Packager » ven ott 02, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Oct  1 21:21:36 UTC 2015
patches/packages/mozilla-thunderbird-38.3.0-i486-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
patches/packages/php-5.4.45-i486-1_slack14.1.txz:  Upgraded.
  This update fixes some bugs and security issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6834
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6835
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6836
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838
  (* Security fix *)
patches/packages/seamonkey-2.38-i486-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.38-i486-1_slack14.1.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Mon, 05 Oct 2015 19:24:31

Messaggioda Slacky BOT Packager » mar ott 06, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Mon Oct  5 17:24:30 UTC 2015
patches/packages/glibc-zoneinfo-2015g-noarch-1_slack14.1.txz:  Upgraded.
  This package provides the latest timezone updates.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Fri, 09 Oct 2015 01:09:33

Messaggioda Slacky BOT Packager » ven ott 09, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Oct  8 23:09:33 UTC 2015
patches/packages/mozilla-thunderbird-38.3.0-i486-2_slack14.1.txz:  Rebuilt.
  Recompiled with --enable-calendar.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Thu, 29 Oct 2015 21:12:14

Messaggioda Slacky BOT Packager » ven ott 30, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Oct 29 20:12:14 UTC 2015
patches/packages/curl-7.45.0-i486-1_slack14.1.txz:  Upgraded.
  Fixes some security issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3236
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3237
  (* Security fix *)
patches/packages/jasper-1.900.1-i486-4_slack14.1.txz:  Rebuilt.
  Applied many security and bug fixes.
  Thanks to Heinz Wiesinger.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8137
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8138
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8157
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8158
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9029
  (* Security fix *)
patches/packages/ntp-4.2.8p4-i486-1_slack14.1.txz:  Upgraded.
  In addition to bug fixes and enhancements, this release fixes
  several low and medium severity vulnerabilities.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9750
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5196
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Fri, 06 Nov 2015 02:15:44

Messaggioda Slacky BOT Packager » sab nov 07, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Nov  6 01:15:43 UTC 2015
patches/packages/mozilla-firefox-38.4.0esr-i486-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
patches/packages/mozilla-nss-3.20.1-i486-1_slack14.1.txz:  Upgraded.
  Upgraded to nss-3.20.1 and nspr-4.10.10.
  This release contains security fixes and improvements.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Sat, 14 Nov 2015 22:35:57

Messaggioda Slacky BOT Packager » dom nov 15, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Sat Nov 14 21:35:57 UTC 2015
patches/packages/seamonkey-2.39-i486-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.39-i486-1_slack14.1.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Wed, 25 Nov 2015 07:36:06

Messaggioda Slacky BOT Packager » gio nov 26, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Nov 25 06:36:06 UTC 2015
patches/packages/pcre-8.38-i486-1_slack14.1.txz:  Upgraded.
  Fixed overflows that could lead to a denial of service or the execution
  of arbitrary code.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3210
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Thu, 03 Dec 2015 08:28:31

Messaggioda Slacky BOT Packager » ven dic 04, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Dec  3 07:28:30 UTC 2015
patches/packages/libpng-1.4.17-i486-1_slack14.1.txz:  Upgraded.
  Fixed buffer overflows in the png_set_PLTE(), png_get_PLTE(),
  png_set_tIME(), and png_convert_to_rfc1123() functions that allow
  attackers to cause a denial of service (application crash) or
  possibly have unspecified other impact via a small bit-depth value
  in an IHDR (aka image header) chunk in a PNG image.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126.
  (* Security fix *)
patches/packages/mozilla-thunderbird-38.4.0-i486-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Wed, 16 Dec 2015 05:21:07

Messaggioda Slacky BOT Packager » gio dic 17, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Dec 16 04:21:07 UTC 2015
patches/packages/bind-9.9.8_P2-i486-1_slack14.1.txz:  Upgraded.
  This update fixes three security issues:
  Update allowed OpenSSL versions as named is potentially vulnerable
  to CVE-2015-3193.
  Insufficient testing when parsing a message allowed records with an
  incorrect class to be be accepted, triggering a REQUIRE failure when
  those records were subsequently cached. (CVE-2015-8000)
  Address fetch context reference count handling error on socket error.
  (CVE-2015-8461)
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461
  (* Security fix *)
patches/packages/libpng-1.4.18-i486-1_slack14.1.txz:  Upgraded.
  Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
  not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
  vulnerability.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472
  (* Security fix *)
patches/packages/mozilla-firefox-38.5.0esr-i486-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
patches/packages/openssl-1.0.1q-i486-1_slack14.1.txz:  Upgraded.
  This update fixes the following security issues:
  BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193).
  Certificate verify crash with missing PSS parameter (CVE-2015-3194).
  X509_ATTRIBUTE memory leak (CVE-2015-3195).
  Race condition handling PSK identify hint (CVE-2015-3196).
  Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794).
  For more information, see:
    https://openssl.org/news/secadv_20151203.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196
  (* Security fix *)
patches/packages/openssl-solibs-1.0.1q-i486-1_slack14.1.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 2.6
Linux 2.6
Messaggi: 810
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware-14.1 on Fri, 18 Dec 2015 06:28:25

Messaggioda Slacky BOT Packager » sab dic 19, 2015 6:00

Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Dec 18 05:28:25 UTC 2015
patches/packages/grub-2.00-i486-3_slack14.1.txz:  Rebuilt.
  Patched bug where password protection during system startup may be
  bypassed by hitting the backspace key 28 times giving a rescue shell.
  Thanks to Hector Marco and Ismael Ripoll.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8370
  (* Security fix *)
patches/packages/libpng-1.4.19-i486-1_slack14.1.txz:  Upgraded.
  Fixed an out-of-range read in png_check_keyword().  Thanks to Qixue Xiao.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8540
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager