Se avete problemi con l'installazione e la configurazione di Slackware postate qui. Non usate questo forum per argomenti generali... per quelli usate Gnu/Linux in genere.
Regole del forum
1) Citare sempre la versione di Slackware usata, la versione del Kernel e magari anche la versione della libreria coinvolta. Questi dati aiutano le persone che possono rispondere.
2) Per evitare confusione prego inserire in questo forum solo topic che riguardano appunto Slackware, se l'argomento è generale usate il forum Gnu/Linux in genere.
3) Leggere attentamente le risposte ricevute.
4) Scrivere i messaggi con il colore di default, evitare altri colori.
5) Scrivere in Italiano o in Inglese, se possibile grammaticalmente corretto, evitate stili di scrittura poco chiari, quindi nessuna abbreviazione tipo telegramma o scrittura stile SMS o CHAT.
6) Appena registrati è consigliato presentarsi nel forum dedicato.
La non osservanza delle regole porta a provvedimenti di vari tipo da parte dello staff, in particolare la non osservanza della regola 5 porta alla cancellazione del post e alla segnalazione dell'utente. In caso di recidività l'utente rischia il ban temporaneo.
Wed Jul 18 05:35:26 UTC 2012
patches/packages/libexif-0.6.21-i486-1_slack13.37.txz: Upgraded.
This update fixes a number of remotely exploitable issues in libexif
with effects ranging from information leakage to potential remote
code execution.
For more information, see:
http://sourceforge.net/mailarchive/message.php?messaggio_id=29534027
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2840
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2845
(* Security fix *)
patches/packages/mozilla-firefox-14.0.1-i486-1_slack13.37.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
patches/packages/mozilla-thunderbird-14.0-i486-1_slack13.37.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
patches/packages/seamonkey-2.11-i486-1_slack13.37.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
patches/packages/seamonkey-solibs-2.11-i486-1_slack13.37.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
+--------------------------+
Sun Jul 22 19:45:25 UTC 2012
patches/packages/php-5.3.15-i486-1_slack13.37.txz: Upgraded.
Fixed potential overflow in _php_stream_scandir (CVE-2012-2688).
(Thanks to Jason Powell, Stas)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2688
(* Security fix *)
+--------------------------+
Wed Jul 25 02:02:40 UTC 2012
patches/packages/libpng-1.4.12-i486-1_slack13.37.txz: Upgraded.
Fixed incorrect type (int copy should be png_size_t copy) in png_inflate()
(fixes CVE-2011-3045).
Revised png_set_text_2() to avoid potential memory corruption (fixes
CVE-2011-3048).
Changed "a+w" to "u+w" in Makefile.in to fix CVE-2012-3386.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3386
(* Security fix *)
+--------------------------+
Fri Jul 27 17:15:24 UTC 2012
patches/packages/bind-9.7.6_P2-i486-1_slack13.37.txz: Upgraded.
Prevents a named assert (crash) when validating caused by using
"Bad cache" data before it has been initialized. [RT #30025]
ISC_QUEUE handling for recursive clients was updated to address a
race condition that could cause a memory leak. This rarely occurred
with UDP clients, but could be a significant problem for a server
handling a steady rate of TCP queries. [RT #29539 & #30233]
Under heavy incoming TCP query loads named could experience a
memory leak which could lead to significant reductions in query
response or cause the server to be terminated on systems with
"out of memory" killers. [RT #29539]
A condition has been corrected where improper handling of zero-length
RDATA could cause undesirable behavior, including termination of
the named process. [RT #29644]
(* Security fix *)
+--------------------------+
Thu Aug 16 04:01:31 UTC 2012
patches/packages/emacs-23.3-i486-2_slack13.37.txz: Rebuilt.
Patched to fix a security flaw in the file-local variables code.
When the Emacs user option `enable-local-variables' is set to `:safe'
(the default value is t), Emacs should automatically refuse to evaluate
`eval' forms in file-local variable sections. Due to the bug, Emacs
instead automatically evaluates such `eval' forms. Thus, if the user
changes the value of `enable-local-variables' to `:safe', visiting a
malicious file can cause automatic execution of arbitrary Emacs Lisp
code with the permissions of the user. Bug discovered by Paul Ling.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3479
(* Security fix *)
patches/packages/t1lib-5.1.2-i486-3_slack13.37.txz: Rebuilt.
Patched various overflows, crashes, and pointer bugs.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554
(* Security fix *)
+--------------------------+
Fri Aug 24 20:08:37 UTC 2012
patches/packages/php-5.3.16-i486-1_slack13.37.txz: Upgraded.
This is a bugfix release.
patches/packages/dhcp-4.2.4_P1-i486-1_slack13.37.txz: Upgraded.
This fixes memory leaks, denial of service vulnerabilities, and
disallows packets with zero length client ids (not valid according to
RFC 2132 section 9.14).
For more information, see:
https://kb.isc.org/article/AA-00736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4539
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4868
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3954
(* Security fix *)
+--------------------------+
Thu Aug 30 23:35:53 UTC 2012
patches/packages/glibc-2.13-i486-6_slack13.37.txz: Rebuilt.
Patched multiple integer overflows in the strtod, strtof, strtold, and
strtod_l functions in stdlib in the GNU C Library allow local users to
cause a denial of service (application crash) and possibly execute
arbitrary code via a long string, which triggers a stack-based buffer
overflow.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3480
(* Security fix *)
patches/packages/glibc-i18n-2.13-i486-6_slack13.37.txz: Rebuilt.
patches/packages/glibc-profile-2.13-i486-6_slack13.37.txz: Rebuilt.
patches/packages/glibc-solibs-2.13-i486-6_slack13.37.txz: Rebuilt.
patches/packages/glibc-zoneinfo-2.13-noarch-6_slack13.37.txz: Rebuilt.
patches/packages/mozilla-firefox-15.0-i486-1_slack13.37.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
patches/packages/mozilla-thunderbird-15.0-i486-1_slack13.37.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
patches/packages/seamonkey-2.12-i486-1_slack13.37.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
patches/packages/seamonkey-solibs-2.12-i486-1_slack13.37.txz: Upgraded.
patches/packages/slocate-3.1-i486-4_slack13.37.txz: Rebuilt.
Patched to use lstat64 and -D_LARGEFILE64_SOURCE. Thanks to Mancha+.
Patched to fix information leak of filenames in protected directories.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0227
(* Security fix *)
+--------------------------+
Fri Sep 7 20:27:46 UTC 2012
patches/packages/mozilla-firefox-15.0.1-i486-1_slack13.37.txz: Upgraded.
This is a bugfix release.
+--------------------------+
Mon Sep 10 20:26:44 UTC 2012
patches/packages/seamonkey-2.12.1-i486-1_slack13.37.txz: Upgraded.
This is a bugfix release.
patches/packages/seamonkey-solibs-2.12.1-i486-1_slack13.37.txz: Upgraded.
This is a bugfix release.
+--------------------------+
Sun Sep 9 19:11:35 UTC 2012
patches/packages/mozilla-thunderbird-15.0.1-i486-1_slack13.37.txz: Upgraded.
This is a bugfix release.
+--------------------------+
Fri Sep 14 02:16:53 UTC 2012
patches/packages/bind-9.7.6_P3-i486-1_slack13.37.txz: Upgraded.
This update fixes a security issue where named could crash on a specially
crafted record. [RT #30416]
(* Security fix *)
patches/packages/patch-2.7-i486-1_slack13.37.txz: Upgraded.
This version of patch ignores destination filenames that are absolute or
that contain a component of "..", unless such a filename is provided as
an argument.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4651
(* Security fix *)
+--------------------------+
Fri Sep 14 20:29:40 UTC 2012
patches/packages/dhcp-4.2.4_P2-i486-1_slack13.37.txz: Upgraded.
An issue with the use of lease times was found and fixed. Making certain
changes to the end time of an IPv6 lease could cause the server to abort.
Thanks to Glen Eustace of Massey University, New Zealand for finding this
issue. [ISC-Bugs #30281]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955
(* Security fix *)
patches/packages/php-5.3.17-i486-1_slack13.37.txz: Upgraded.
This is a bugfix release.
+--------------------------+
Wed Sep 19 23:52:16 UTC 2012
patches/packages/patch-2.7-i486-2_slack13.37.txz: Upgraded.
Applied two upstream git commits to fix bugs which could cause target
files to be removed or truncated. Thanks to Qun-Ying.
+--------------------------+
Wed Oct 10 03:06:03 UTC 2012
patches/packages/mozilla-firefox-16.0-i486-1_slack14.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+--------------------------+
Thu Oct 11 01:14:57 UTC 2012
patches/packages/bind-9.9.1_P4-i486-1_slack14.0.txz: Upgraded.
This update fixes a security issue where a certain combination of records
in the RBT could cause named to hang while populating the additional
section of a response. [RT #31090]
(* Security fix *)
patches/packages/iptables-1.4.14-i486-2_slack14.0.txz: Rebuilt.
Patched to fix a compiler related bug in iptables-restore.
Thanks to linuxxer for the report and David Somero for a link to the patch.
+--------------------------+
Thu Oct 11 21:25:20 UTC 2012
patches/packages/mozilla-firefox-16.0.1-i486-1_slack14.0.txz: Upgraded.
This update fixes a security vulnerability that could allow a malicious
site to potentially determine which websites users have visited and have
access to the URL or URL parameters.
(* Security fix *)
patches/packages/mozilla-thunderbird-16.0.1-i486-1_slack14.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
+--------------------------+