Se avete problemi con l'installazione e la configurazione di Slackware postate qui. Non usate questo forum per argomenti generali... per quelli usate Gnu/Linux in genere.
Moderatore: Staff
Regole del forum
1) Citare sempre la versione di Slackware usata, la versione del Kernel e magari anche la versione della libreria coinvolta. Questi dati aiutano le persone che possono rispondere.
2) Per evitare confusione prego inserire in questo forum solo topic che riguardano appunto Slackware, se l'argomento è generale usate il forum Gnu/Linux in genere.
3) Leggere attentamente le risposte ricevute.
4) Scrivere i messaggi con il colore di default, evitare altri colori.
5) Scrivere in Italiano o in Inglese, se possibile grammaticalmente corretto, evitate stili di scrittura poco chiari, quindi nessuna abbreviazione tipo telegramma o scrittura stile SMS o CHAT.
6) Appena registrati è consigliato presentarsi nel forum dedicato.
La non osservanza delle regole porta a provvedimenti di vari tipo da parte dello staff, in particolare la non osservanza della regola 5 porta alla cancellazione del post e alla segnalazione dell'utente. In caso di recidività l'utente rischia il ban temporaneo.
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » dom mar 16, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Sun Mar 16 02:52:28 UTC 2014
patches/packages/php-5.4.26-i486-1_slack14.1.txz: Upgraded.
This update fixes a flaw where a specially crafted data file may cause a
segfault or 100% CPU consumption when a web page uses fileinfo() on it.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943
(* Security fix *)
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » sab mar 29, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Fri Mar 28 03:43:11 UTC 2014
patches/packages/curl-7.36.0-i486-1_slack14.1.txz: Upgraded.
This update fixes four security issues.
For more information, see:
http://curl.haxx.se/docs/adv_20140326A.html
http://curl.haxx.se/docs/adv_20140326B.html
http://curl.haxx.se/docs/adv_20140326C.html
http://curl.haxx.se/docs/adv_20140326D.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2522
(* Security fix *)
patches/packages/httpd-2.4.9-i486-1_slack14.1.txz: Upgraded.
This update addresses two security issues.
Segfaults with truncated cookie logging. mod_log_config: Prevent segfaults
when logging truncated cookies. Clean up the cookie logging parser to
recognize only the cookie=value pairs, not valueless cookies.
mod_dav: Keep track of length of cdata properly when removing leading
spaces. Eliminates a potential denial of service from specifically crafted
DAV WRITE requests.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6438
(* Security fix *)
patches/packages/mozilla-firefox-24.4.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
patches/packages/mozilla-nss-3.16-i486-1_slack14.1.txz: Upgraded.
This update fixes a security issue:
The cert_TestHostName function in lib/certdb/certdb.c in the
certificate-checking implementation in Mozilla Network Security Services
(NSS) before 3.16 accepts a wildcard character that is embedded in an
internationalized domain name's U-label, which might allow man-in-the-middle
attackers to spoof SSL servers via a crafted certificate.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1492
(* Security fix *)
patches/packages/mozilla-thunderbird-24.4.0-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
patches/packages/openssh-6.6p1-i486-1_slack14.1.txz: Upgraded.
This update fixes a security issue when using environment passing with
a sshd_config(5) AcceptEnv pattern with a wildcard. OpenSSH could be
tricked into accepting any environment variable that contains the
characters before the wildcard character.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532
(* Security fix *)
patches/packages/seamonkey-2.25-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
patches/packages/seamonkey-solibs-2.25-i486-1_slack14.1.txz: Upgraded.
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » mar apr 01, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Mon Mar 31 20:30:28 UTC 2014
patches/packages/apr-1.5.0-i486-1_slack14.1.txz: Upgraded.
patches/packages/apr-util-1.5.3-i486-1_slack14.1.txz: Upgraded.
patches/packages/httpd-2.4.9-i486-2_slack14.1.txz: Rebuilt.
Recompiled against new apr/apr-util to restore missing mod_mpm_event.so.
patches/packages/openssh-6.6p1-i486-2_slack14.1.txz: Rebuilt.
Fixed the rc.sshd script to create an ed25519 host key if it doesn't
already exist.
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » mer apr 09, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Tue Apr 8 14:19:51 UTC 2014
patches/packages/openssl-1.0.1g-i486-1_slack14.1.txz: Upgraded.
This update fixes two security issues:
A missing bounds check in the handling of the TLS heartbeat extension
can be used to reveal up to 64k of memory to a connected client or server.
Thanks for Neel Mehta of Google Security for discovering this bug and to
Adam Langley <agl@chromium.org> and Bodo Moeller <bmoeller@acm.org> for
preparing the fix.
Fix for the attack described in the paper "Recovering OpenSSL
ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack"
by Yuval Yarom and Naomi Benger. Details can be obtained from:
http://eprint.iacr.org/2014/140
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
(* Security fix *)
patches/packages/openssl-solibs-1.0.1g-i486-1_slack14.1.txz: Upgraded.
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » mar apr 22, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Mon Apr 21 20:09:48 UTC 2014
patches/packages/libyaml-0.1.6-i486-1_slack14.1.txz: Upgraded.
This update fixes a heap overflow in URI escape parsing of YAML in Ruby,
where a specially crafted string could cause a heap overflow leading to
arbitrary code execution.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2525
https://www.ruby-lang.org/en/news/2014/03/29/heap-overflow-in-yaml-uri-escape-parsing-cve-2014-2525/
(* Security fix *)
patches/packages/php-5.4.27-i486-1_slack14.1.txz: Upgraded.
This update fixes a security issue in the in the awk script detector
which allows context-dependent attackers to cause a denial of service
(CPU consumption) via a crafted ASCII file that triggers a large amount
of backtracking.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345
(* Security fix *)
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » mer apr 23, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Tue Apr 22 17:31:48 UTC 2014
patches/packages/openssh-6.6p1-i486-3_slack14.1.txz: Rebuilt.
Fixed a bug with curve25519-sha256 that caused a key exchange failure in
about 1 in 512 connection attempts.
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » gio mag 01, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Tue Apr 29 23:35:59 UTC 2014
patches/packages/mozilla-firefox-24.5.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
patches/packages/mozilla-thunderbird-24.5.0-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » lun mag 12, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Mon May 12 02:24:36 UTC 2014
patches/packages/seamonkey-2.26-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
patches/packages/seamonkey-solibs-2.26-i486-1_slack14.1.txz: Upgraded.
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » lun giu 02, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Sun Jun 1 19:48:54 UTC 2014
patches/packages/mariadb-5.5.37-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0384
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2419
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2430
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2431
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2440
(* Security fix *)
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » sab giu 07, 2014 6:01
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Sat Jun 7 02:47:42 UTC 2014
patches/packages/mozilla-firefox-24.6.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
+--------------------------+
Fri Jun 6 04:27:01 UTC 2014
patches/packages/gnutls-3.1.25-i486-1_slack14.1.txz: Upgraded.
A security issue has been corrected in gnutls. This vulnerability
affects the client side of the gnutls library. A server that sends
a specially crafted ServerHello could corrupt the memory of a requesting
client. This may allow a remote attacker to execute arbitrary code.
Additional vulnerabilities in the embedded libtasn1 library have also
been patched.
Thanks to mancha for the backported patches.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3465
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3466
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
(* Security fix *)
patches/packages/libtasn1-3.6-i486-1_slack14.1.txz: Upgraded.
Multiple security issues have been corrected in the libtasn1 library.
These errors allow a remote attacker to cause a denial of service, or
possibly to execute arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3468
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3469
(* Security fix *)
patches/packages/openssl-1.0.1h-i486-1_slack14.1.txz: Upgraded.
Multiple security issues have been corrected, including a possible
man-in-the-middle attack where weak keying material is forced, denial
of service, and the execution of arbitrary code.
For more information, see:
http://www.openssl.org/news/secadv_20140605.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3470
(* Security fix *)
patches/packages/openssl-solibs-1.0.1h-i486-1_slack14.1.txz: Upgraded.
patches/packages/sendmail-8.14.9-i486-1_slack14.1.txz: Upgraded.
This release fixes one security related bug by properly closing file
descriptors (except stdin, stdout, and stderr) before executing programs.
This bug could enable local users to interfere with an open SMTP
connection if they can execute their own program for mail delivery
(e.g., via procmail or the prog mailer).
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3956
(* Security fix *)
patches/packages/sendmail-cf-8.14.9-noarch-1_slack14.1.txz: Upgraded.
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » mar giu 10, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Mon Jun 9 20:16:02 UTC 2014
patches/packages/php-5.4.29-i486-1_slack14.1.txz: Upgraded.
This update fixes bugs and security issues, including a possible denial
of service, and an issue where insecure default permissions on the FPM
socket may allow local users to run arbitrary code as the apache user.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238
(* Security fix *)
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » ven giu 13, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Thu Jun 12 05:11:52 UTC 2014
patches/packages/mozilla-thunderbird-24.6.0-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » mer giu 18, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Tue Jun 17 22:19:30 UTC 2014
patches/packages/yptools-2.14-i486-3_slack14.1.txz: Rebuilt.
Corrected yppasswd patch that was causing password changes to fail.
Thanks to Henrik Carlqvist.
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » mer giu 25, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Tue Jun 24 22:35:07 UTC 2014
patches/packages/bind-9.9.5_P1-i486-1_slack14.1.txz: Upgraded.
This fixes security issues and other bugs. Please note that the first
CVE only affects Windows, and the second one was claimed to be fixed by
an earlier version of BIND. But we'll update anyway just in case. :-)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6230
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591
(* Security fix *)
patches/packages/gnupg-1.4.17-i486-1_slack14.1.txz: Upgraded.
This release includes a security fix to stop a denial of service using
garbled compressed data packets which can be used to put gpg into an
infinite loop.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
(* Security fix *)
patches/packages/gnupg2-2.0.24-i486-1_slack14.1.txz: Upgraded.
This release includes a security fix to stop a denial of service using
garbled compressed data packets which can be used to put gpg into an
infinite loop.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617
(* Security fix *)
patches/packages/samba-4.1.9-i486-1_slack14.1.txz: Upgraded.
This update fixes bugs and security issues, including a flaw in Samba's
internal DNS server which can be exploited to cause a denial of service,
a flaw in SRV_SNAPSHOT_ARRAY that permits attackers to leverage
configurations that use shadow_copy* for vfs objects to reveal potentially
private server information, a denial of service on the nmbd NetBIOS name
services daemon, and a denial of service crash involving overwriting
memory on an authenticated connection to the smbd file server.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0239
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3493
(* Security fix *)
patches/packages/seamonkey-2.26.1-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
patches/packages/seamonkey-solibs-2.26.1-i486-1_slack14.1.txz: Upgraded.
+--------------------------+Have fun,
Slacky BOT Packager
-
Slacky BOT Packager
- Linux 3.x
- Messaggi: 810
- Iscritto il: mar giu 19, 2012 11:18
Messaggioda Slacky BOT Packager » sab lug 12, 2014 6:00
Hey guys,
new patches have been released for slackware-14.1. Follows the relevant part of
ChangeLog.txt:
Codice: Seleziona tutto
Sat Jul 12 02:24:10 UTC 2014
patches/packages/php-5.4.30-i486-1_slack14.1.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049
(* Security fix *)
+--------------------------+Have fun,
Slacky BOT Packager