Official patches for Slackware64-14.2

Se avete problemi con l'installazione e la configurazione di Slackware64 postate qui. Non usate questo forum per argomenti che trattano la Slackware32 o generali... per quelli usate rispettivamente il forum Slackware e Gnu/Linux in genere.

Moderatore: Staff

Regole del forum
1) Citare sempre la versione di Slackware64 usata, la versione del Kernel e magari anche la versione della libreria coinvolta. Questi dati aiutano le persone che possono rispondere.
2) Per evitare confusione prego inserire in questo forum solo topic che riguardano appunto Slackware64, se l'argomento è Slackware32 o generale usate rispettivamente il forum Slackware o Gnu/Linux in genere.
3) Leggere attentamente le risposte ricevute
4) Scrivere i messaggi con il colore di default, evitare altri colori.
5) Scrivere in Italiano o in Inglese, se possibile grammaticalmente corretto, evitate stili di scrittura poco chiari, quindi nessuna abbreviazione tipo telegramma o scrittura stile SMS o CHAT.
6) Appena registrati è consigliato presentarsi nel forum dedicato.

La non osservanza delle regole porta a provvedimenti di vari tipo da parte dello staff, in particolare la non osservanza della regola 5 porta alla cancellazione del post e alla segnalazione dell'utente. In caso di recidività l'utente rischia il ban temporaneo.
Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Thu, 09 Jul 2015 20:29:2

Messaggioda Slacky BOT Packager » ven lug 10, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Jul  9 18:29:23 UTC 2015
patches/packages/openssl-1.0.1p-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes the following security issue:
  Alternative chains certificate forgery (CVE-2015-1793).
  During certificate verification, OpenSSL (starting from version 1.0.1n and
  1.0.2b) will attempt to find an alternative certificate chain if the first
  attempt to build such a chain fails.  An error in the implementation of this
  logic can mean that an attacker could cause certain checks on untrusted
  certificates to be bypassed, such as the CA flag, enabling them to use a
  valid leaf certificate to act as a CA and "issue" an invalid certificate.
  This issue will impact any application that verifies certificates including
  SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.
  This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o.
  This issue was reported to OpenSSL on 24th June 2015 by Adam Langley/David
  Benjamin (Google/BoringSSL).  The fix was developed by the BoringSSL project.
  For more information, see:
    https://openssl.org/news/secadv_20150709.txt
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1793
  (* Security fix *)
patches/packages/openssl-solibs-1.0.1p-x86_64-1_slack14.1.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Sun, 12 Jul 2015 06:28:1

Messaggioda Slacky BOT Packager » lun lug 13, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Sun Jul 12 04:28:10 UTC 2015
patches/packages/mozilla-thunderbird-38.1.0-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Fri, 17 Jul 2015 21:38:5

Messaggioda Slacky BOT Packager » sab lug 18, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Jul 17 19:38:52 UTC 2015
patches/packages/httpd-2.4.16-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes the following security issues:
  * CVE-2015-0253:  Fix a crash with ErrorDocument 400 pointing to a local
    URL-path with the INCLUDES filter active, introduced in 2.4.11.
  * CVE-2015-0228: mod_lua: A maliciously crafted websockets PING after a
    script calls r:wsupgrade() can cause a child process crash.
  * CVE-2015-3183: core: Fix chunk header parsing defect.  Remove
    apr_brigade_flatten(), buffering and duplicated code from the HTTP_IN
    filter, parse chunks in a single pass with zero copy.  Limit accepted
    chunk-size to 2^63-1 and be strict about chunk-ext authorized characters.
  * CVE-2015-3185: Replacement of ap_some_auth_required (unusable in Apache
    httpd 2.4) with new ap_some_authn_required and ap_force_authn hook.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0228
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0253
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3185
  (* Security fix *)
patches/packages/php-5.4.43-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes some bugs and security issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2325
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2326
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3152
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3414
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3415
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3416
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4642
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4643
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4644
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Tue, 28 Jul 2015 21:36:3

Messaggioda Slacky BOT Packager » mer lug 29, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Tue Jul 28 19:36:39 UTC 2015
patches/packages/bind-9.9.7_P2-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes a security issue where an error in the handling of TKEY
  queries can be exploited by an attacker for use as a denial-of-service
  vector, as a constructed packet can use the defect to trigger a REQUIRE
  assertion failure, causing BIND to exit.
  Impact:
  Both recursive and authoritative servers are vulnerable to this defect.
  Additionally, exposure is not prevented by either ACLs or configuration
  options limiting or denying service because the exploitable code occurs
  early in the packet handling, before checks enforcing those boundaries.
  Operators should take steps to upgrade to a patched version as soon as
  possible.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5477
    https://kb.isc.org/article/AA-01272
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Sat, 08 Aug 2015 00:55:4

Messaggioda Slacky BOT Packager » sab ago 08, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Aug  7 22:55:40 UTC 2015
patches/packages/ca-certificates-20150426-noarch-1_slack14.1.txz:  Upgraded.
  This package updates to the latest CA certificates.
patches/packages/mozilla-firefox-38.1.1esr-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
patches/packages/mozilla-nss-3.19.2-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/nss.html
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Fri, 14 Aug 2015 21:31:4

Messaggioda Slacky BOT Packager » sab ago 15, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Aug 14 19:31:42 UTC 2015
patches/packages/mozilla-firefox-38.2.0esr-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
patches/packages/mozilla-thunderbird-38.2.0-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Fri, 21 Aug 2015 23:17:4

Messaggioda Slacky BOT Packager » sab ago 22, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Aug 21 21:17:48 UTC 2015
patches/packages/gnutls-3.3.17.1-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes some bugs and security issues.
  For more information, see:
    http://www.gnutls.org/security.html#GNUTLS-SA-2015-2
    http://www.gnutls.org/security.html#GNUTLS-SA-2015-3
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6251
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Sat, 29 Aug 2015 07:27:3

Messaggioda Slacky BOT Packager » dom ago 30, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Sat Aug 29 05:27:29 UTC 2015
patches/packages/mozilla-firefox-38.2.1esr-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Wed, 02 Sep 2015 01:29:2

Messaggioda Slacky BOT Packager » mer set 02, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Tue Sep  1 23:29:22 UTC 2015
patches/packages/gdk-pixbuf2-2.28.2-x86_64-2_slack14.1.txz:  Rebuilt.
  Gustavo Grieco discovered a heap overflow in the processing of BMP images
  which may result in the execution of arbitrary code if a malformed image
  is opened.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Wed, 02 Sep 2015 21:36:3

Messaggioda Slacky BOT Packager » gio set 03, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Sep  2 19:36:31 UTC 2015
patches/packages/bind-9.9.7_P3-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes two denial-of-service vulnerabilities:
  + CVE-2015-5722 is a denial-of-service vector which can be
  exploited remotely against a BIND server that is performing
  validation on DNSSEC-signed records.  Validating recursive
  resolvers are at the greatest risk from this defect, but it has not
  been ruled out that it could be exploited against an
  authoritative-only nameserver under limited conditions.  Servers
  that are not performing validation are not vulnerable.  However,
  ISC does not recommend disabling validation as a workaround to
  this issue as it exposes the server to other types of attacks.
  Upgrading to the patched versions is the recommended solution.
  All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722.
  + CVE-2015-5986 is a denial-of-service vector which can be used
  against a BIND server that is performing recursion.  Validation
  is not required.  Recursive resolvers are at the greatest risk
  from this defect, but it has not been ruled out that it could
  be exploited against an authoritative-only nameserver under
  limited conditions.
  Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to
  CVE-2015-5986.
  For more information, see:
    https://kb.isc.org/article/AA-01287/0
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722
    https://kb.isc.org/article/AA-01291/0
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Fri, 04 Sep 2015 00:02:4

Messaggioda Slacky BOT Packager » ven set 04, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Sep  3 22:02:39 UTC 2015
patches/packages/seamonkey-2.35-x86_64-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.35-x86_64-1_slack14.1.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Wed, 16 Sep 2015 00:36:1

Messaggioda Slacky BOT Packager » mer set 16, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Tue Sep 15 22:36:17 UTC 2015
patches/packages/ca-certificates-20150426-noarch-2_slack14.1.txz:  Rebuilt.
  Patched update-ca-certificates to remove incompatible command operators
  used to call 'run-parts'.  Thanks to Stuart Winter.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Wed, 23 Sep 2015 03:10:3

Messaggioda Slacky BOT Packager » mer set 23, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Sep 23 01:10:36 UTC 2015
patches/packages/mozilla-firefox-38.3.0esr-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Thu, 01 Oct 2015 23:21:3

Messaggioda Slacky BOT Packager » ven ott 02, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Oct  1 21:21:36 UTC 2015
patches/packages/mozilla-thunderbird-38.3.0-x86_64-1_slack14.1.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
patches/packages/php-5.4.45-x86_64-1_slack14.1.txz:  Upgraded.
  This update fixes some bugs and security issues.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6834
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6835
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6836
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838
  (* Security fix *)
patches/packages/seamonkey-2.38-x86_64-1_slack14.1.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.38-x86_64-1_slack14.1.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

Slacky BOT Packager
Linux 3.x
Linux 3.x
Messaggi: 812
Iscritto il: mar giu 19, 2012 11:18

New patches for slackware64-14.1 on Mon, 05 Oct 2015 19:24:3

Messaggioda Slacky BOT Packager » mar ott 06, 2015 6:01

Hey guys,
new patches have been released for slackware64-14.1. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Mon Oct  5 17:24:30 UTC 2015
patches/packages/glibc-zoneinfo-2015g-noarch-1_slack14.1.txz:  Upgraded.
  This package provides the latest timezone updates.
+--------------------------+

Have fun,
Slacky BOT Packager