Official patches for Slackware-14.2

Se avete problemi con l'installazione e la configurazione di Slackware postate qui. Non usate questo forum per argomenti generali... per quelli usate Gnu/Linux in genere.

Moderatore: Staff

Regole del forum
1) Citare sempre la versione di Slackware usata, la versione del Kernel e magari anche la versione della libreria coinvolta. Questi dati aiutano le persone che possono rispondere.
2) Per evitare confusione prego inserire in questo forum solo topic che riguardano appunto Slackware, se l'argomento è generale usate il forum Gnu/Linux in genere.
3) Leggere attentamente le risposte ricevute.
4) Scrivere i messaggi con il colore di default, evitare altri colori.
5) Scrivere in Italiano o in Inglese, se possibile grammaticalmente corretto, evitate stili di scrittura poco chiari, quindi nessuna abbreviazione tipo telegramma o scrittura stile SMS o CHAT.
6) Appena registrati è consigliato presentarsi nel forum dedicato.

La non osservanza delle regole porta a provvedimenti di vari tipo da parte dello staff, in particolare la non osservanza della regola 5 porta alla cancellazione del post e alla segnalazione dell'utente. In caso di recidività l'utente rischia il ban temporaneo.
Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Wed, 18 Jul 2012 07:35:27

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Jul 18 05:35:26 UTC 2012
patches/packages/libexif-0.6.21-i486-1_slack13.37.txz:  Upgraded.
  This update fixes a number of remotely exploitable issues in libexif
   with effects ranging from information leakage to potential remote
   code execution.
  For more information, see:
    http://sourceforge.net/mailarchive/message.php?messaggio_id=29534027
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2813
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2840
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2845
  (* Security fix *)
patches/packages/mozilla-firefox-14.0.1-i486-1_slack13.37.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
patches/packages/mozilla-thunderbird-14.0-i486-1_slack13.37.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
patches/packages/seamonkey-2.11-i486-1_slack13.37.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.11-i486-1_slack13.37.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Sun, 22 Jul 2012 21:45:25

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Sun Jul 22 19:45:25 UTC 2012
patches/packages/php-5.3.15-i486-1_slack13.37.txz:  Upgraded.
  Fixed potential overflow in _php_stream_scandir (CVE-2012-2688).
  (Thanks to Jason Powell, Stas)
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2688
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Wed, 25 Jul 2012 04:02:40

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Jul 25 02:02:40 UTC 2012
patches/packages/libpng-1.4.12-i486-1_slack13.37.txz:  Upgraded.
  Fixed incorrect type (int copy should be png_size_t copy) in png_inflate()
  (fixes CVE-2011-3045).
  Revised png_set_text_2() to avoid potential memory corruption (fixes
    CVE-2011-3048).
  Changed "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3045
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3386
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Fri, 27 Jul 2012 19:15:25

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Jul 27 17:15:24 UTC 2012
patches/packages/bind-9.7.6_P2-i486-1_slack13.37.txz:  Upgraded.
  Prevents a named assert (crash) when validating caused by using
  "Bad cache" data before it has been initialized.  [RT #30025]
  ISC_QUEUE handling for recursive clients was updated to address a
  race condition that could cause a memory leak.  This rarely occurred
  with UDP clients, but could be a significant problem for a server
  handling a steady rate of TCP queries.  [RT #29539 & #30233]
  Under heavy incoming TCP query loads named could experience a
  memory leak which could lead to significant reductions in query
  response or cause the server to be terminated on systems with
  "out of memory" killers. [RT #29539]
  A condition has been corrected where improper handling of zero-length
  RDATA could cause undesirable behavior, including termination of
  the named process.  [RT #29644]
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Thu, 16 Aug 2012 06:01:32

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Aug 16 04:01:31 UTC 2012
patches/packages/emacs-23.3-i486-2_slack13.37.txz:  Rebuilt.
  Patched to fix a security flaw in the file-local variables code.
  When the Emacs user option `enable-local-variables' is set to `:safe'
  (the default value is t), Emacs should automatically refuse to evaluate
  `eval' forms in file-local variable sections.  Due to the bug, Emacs
  instead automatically evaluates such `eval' forms.  Thus, if the user
  changes the value of `enable-local-variables' to `:safe', visiting a
  malicious file can cause automatic execution of arbitrary Emacs Lisp
  code with the permissions of the user.  Bug discovered by Paul Ling.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479
  (* Security fix *)
patches/packages/t1lib-5.1.2-i486-3_slack13.37.txz:  Rebuilt.
  Patched various overflows, crashes, and pointer bugs.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Fri, 24 Aug 2012 22:08:37

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Aug 24 20:08:37 UTC 2012
patches/packages/php-5.3.16-i486-1_slack13.37.txz:  Upgraded.
  This is a bugfix release.
patches/packages/dhcp-4.2.4_P1-i486-1_slack13.37.txz:  Upgraded.
  This fixes memory leaks, denial of service vulnerabilities, and
  disallows packets with zero length client ids (not valid according to
  RFC 2132 section 9.14).
  For more information, see:
    https://kb.isc.org/article/AA-00736
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4539
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4868
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Fri, 31 Aug 2012 03:34:43

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Aug 30 23:35:53 UTC 2012
patches/packages/glibc-2.13-i486-6_slack13.37.txz:  Rebuilt.
  Patched multiple integer overflows in the strtod, strtof, strtold, and
  strtod_l functions in stdlib in the GNU C Library allow local users to
  cause a denial of service (application crash) and possibly execute
  arbitrary code via a long string, which triggers a stack-based buffer
  overflow.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3480
  (* Security fix *)
patches/packages/glibc-i18n-2.13-i486-6_slack13.37.txz:  Rebuilt.
patches/packages/glibc-profile-2.13-i486-6_slack13.37.txz:  Rebuilt.
patches/packages/glibc-solibs-2.13-i486-6_slack13.37.txz:  Rebuilt.
patches/packages/glibc-zoneinfo-2.13-noarch-6_slack13.37.txz:  Rebuilt.
patches/packages/mozilla-firefox-15.0-i486-1_slack13.37.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
patches/packages/mozilla-thunderbird-15.0-i486-1_slack13.37.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
patches/packages/seamonkey-2.12-i486-1_slack13.37.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.12-i486-1_slack13.37.txz:  Upgraded.
patches/packages/slocate-3.1-i486-4_slack13.37.txz:  Rebuilt.
  Patched to use lstat64 and -D_LARGEFILE64_SOURCE.  Thanks to Mancha+.
  Patched to fix information leak of filenames in protected directories.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0227
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Fri, 07 Sep 2012 22:27:46

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Sep  7 20:27:46 UTC 2012
patches/packages/mozilla-firefox-15.0.1-i486-1_slack13.37.txz:  Upgraded.
  This is a bugfix release.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Mon, 10 Sep 2012 22:26:45

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Mon Sep 10 20:26:44 UTC 2012
patches/packages/seamonkey-2.12.1-i486-1_slack13.37.txz:  Upgraded.
  This is a bugfix release.
patches/packages/seamonkey-solibs-2.12.1-i486-1_slack13.37.txz:  Upgraded.
  This is a bugfix release.
+--------------------------+
Sun Sep  9 19:11:35 UTC 2012
patches/packages/mozilla-thunderbird-15.0.1-i486-1_slack13.37.txz:  Upgraded.
  This is a bugfix release.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Fri, 14 Sep 2012 04:16:53

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Sep 14 02:16:53 UTC 2012
patches/packages/bind-9.7.6_P3-i486-1_slack13.37.txz:  Upgraded.
  This update fixes a security issue where named could crash on a specially
  crafted record.  [RT #30416]
  (* Security fix *)
patches/packages/patch-2.7-i486-1_slack13.37.txz:  Upgraded.
  This version of patch ignores destination filenames that are absolute or
  that contain a component of "..", unless such a filename is provided as
  an argument.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4651
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Fri, 14 Sep 2012 22:29:41

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Sep 14 20:29:40 UTC 2012
patches/packages/dhcp-4.2.4_P2-i486-1_slack13.37.txz:  Upgraded.
  An issue with the use of lease times was found and fixed.  Making certain
  changes to the end time of an IPv6 lease could cause the server to abort.
  Thanks to Glen Eustace of Massey University, New Zealand for finding this
  issue.  [ISC-Bugs #30281]
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955
  (* Security fix *)
patches/packages/php-5.3.17-i486-1_slack13.37.txz:  Upgraded.
  This is a bugfix release.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-13.37 on Thu, 20 Sep 2012 01:52:16

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-13.37. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Sep 19 23:52:16 UTC 2012
patches/packages/patch-2.7-i486-2_slack13.37.txz:  Upgraded.
  Applied two upstream git commits to fix bugs which could cause target
  files to be removed or truncated.  Thanks to Qun-Ying.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-14.0 on Wed, 10 Oct 2012 05:06:03

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Oct 10 03:06:03 UTC 2012
patches/packages/mozilla-firefox-16.0-i486-1_slack14.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-14.0 on Thu, 11 Oct 2012 03:14:57

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Oct 11 01:14:57 UTC 2012
patches/packages/bind-9.9.1_P4-i486-1_slack14.0.txz:  Upgraded.
  This update fixes a security issue where a certain combination of records
  in the RBT could cause named to hang while populating the additional
  section of a response. [RT #31090]
  (* Security fix *)
patches/packages/iptables-1.4.14-i486-2_slack14.0.txz:  Rebuilt.
  Patched to fix a compiler related bug in iptables-restore.
  Thanks to linuxxer for the report and David Somero for a link to the patch.
+--------------------------+
Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar 19 giu 2012, 11:18

New patches for slackware-14.0 on Thu, 11 Oct 2012 23:25:21

Messaggio da Slacky BOT Packager »

Hey guys,
new patches have been released for slackware-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Oct 11 21:25:20 UTC 2012
patches/packages/mozilla-firefox-16.0.1-i486-1_slack14.0.txz:  Upgraded.
  This update fixes a security vulnerability that could allow a malicious
  site to potentially determine which websites users have visited and have
  access to the URL or URL parameters.
  (* Security fix *)
patches/packages/mozilla-thunderbird-16.0.1-i486-1_slack14.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
+--------------------------+
Have fun,
Slacky BOT Packager

Rispondi