Se avete problemi con l'installazione e la configurazione di Slackware postate qui. Non usate questo forum per argomenti generali... per quelli usate Gnu/Linux in genere.
Regole del forum
1) Citare sempre la versione di Slackware usata, la versione del Kernel e magari anche la versione della libreria coinvolta. Questi dati aiutano le persone che possono rispondere.
2) Per evitare confusione prego inserire in questo forum solo topic che riguardano appunto Slackware, se l'argomento è generale usate il forum Gnu/Linux in genere.
3) Leggere attentamente le risposte ricevute.
4) Scrivere i messaggi con il colore di default, evitare altri colori.
5) Scrivere in Italiano o in Inglese, se possibile grammaticalmente corretto, evitate stili di scrittura poco chiari, quindi nessuna abbreviazione tipo telegramma o scrittura stile SMS o CHAT.
6) Appena registrati è consigliato presentarsi nel forum dedicato.
La non osservanza delle regole porta a provvedimenti di vari tipo da parte dello staff, in particolare la non osservanza della regola 5 porta alla cancellazione del post e alla segnalazione dell'utente. In caso di recidività l'utente rischia il ban temporaneo.
Tue Sep 1 23:29:22 UTC 2015
patches/packages/gdk-pixbuf2-2.28.2-i486-2_slack14.1.txz: Rebuilt.
Gustavo Grieco discovered a heap overflow in the processing of BMP images
which may result in the execution of arbitrary code if a malformed image
is opened.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491
(* Security fix *)
+--------------------------+
Wed Sep 2 19:36:31 UTC 2015
patches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz: Upgraded.
This update fixes two denial-of-service vulnerabilities:
+ CVE-2015-5722 is a denial-of-service vector which can be
exploited remotely against a BIND server that is performing
validation on DNSSEC-signed records. Validating recursive
resolvers are at the greatest risk from this defect, but it has not
been ruled out that it could be exploited against an
authoritative-only nameserver under limited conditions. Servers
that are not performing validation are not vulnerable. However,
ISC does not recommend disabling validation as a workaround to
this issue as it exposes the server to other types of attacks.
Upgrading to the patched versions is the recommended solution.
All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722.
+ CVE-2015-5986 is a denial-of-service vector which can be used
against a BIND server that is performing recursion. Validation
is not required. Recursive resolvers are at the greatest risk
from this defect, but it has not been ruled out that it could
be exploited against an authoritative-only nameserver under
limited conditions.
Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to
CVE-2015-5986.
For more information, see:
https://kb.isc.org/article/AA-01287/0
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722
https://kb.isc.org/article/AA-01291/0
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986
(* Security fix *)
+--------------------------+
Tue Sep 15 22:36:17 UTC 2015
patches/packages/ca-certificates-20150426-noarch-2_slack14.1.txz: Rebuilt.
Patched update-ca-certificates to remove incompatible command operators
used to call 'run-parts'. Thanks to Stuart Winter.
+--------------------------+
Wed Sep 23 01:10:36 UTC 2015
patches/packages/mozilla-firefox-38.3.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
+--------------------------+
Thu Oct 1 21:21:36 UTC 2015
patches/packages/mozilla-thunderbird-38.3.0-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
patches/packages/php-5.4.45-i486-1_slack14.1.txz: Upgraded.
This update fixes some bugs and security issues.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6834
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6837
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6838
(* Security fix *)
patches/packages/seamonkey-2.38-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
patches/packages/seamonkey-solibs-2.38-i486-1_slack14.1.txz: Upgraded.
+--------------------------+
Mon Oct 5 17:24:30 UTC 2015
patches/packages/glibc-zoneinfo-2015g-noarch-1_slack14.1.txz: Upgraded.
This package provides the latest timezone updates.
+--------------------------+
Thu Oct 8 23:09:33 UTC 2015
patches/packages/mozilla-thunderbird-38.3.0-i486-2_slack14.1.txz: Rebuilt.
Recompiled with --enable-calendar.
+--------------------------+
Fri Nov 6 01:15:43 UTC 2015
patches/packages/mozilla-firefox-38.4.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
patches/packages/mozilla-nss-3.20.1-i486-1_slack14.1.txz: Upgraded.
Upgraded to nss-3.20.1 and nspr-4.10.10.
This release contains security fixes and improvements.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7183
(* Security fix *)
+--------------------------+
Sat Nov 14 21:35:57 UTC 2015
patches/packages/seamonkey-2.39-i486-1_slack14.1.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
(* Security fix *)
patches/packages/seamonkey-solibs-2.39-i486-1_slack14.1.txz: Upgraded.
+--------------------------+
Wed Nov 25 06:36:06 UTC 2015
patches/packages/pcre-8.38-i486-1_slack14.1.txz: Upgraded.
Fixed overflows that could lead to a denial of service or the execution
of arbitrary code.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3210
(* Security fix *)
+--------------------------+
Thu Dec 3 07:28:30 UTC 2015
patches/packages/libpng-1.4.17-i486-1_slack14.1.txz: Upgraded.
Fixed buffer overflows in the png_set_PLTE(), png_get_PLTE(),
png_set_tIME(), and png_convert_to_rfc1123() functions that allow
attackers to cause a denial of service (application crash) or
possibly have unspecified other impact via a small bit-depth value
in an IHDR (aka image header) chunk in a PNG image.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7981
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8126.
(* Security fix *)
patches/packages/mozilla-thunderbird-38.4.0-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
(* Security fix *)
+--------------------------+
Wed Dec 16 04:21:07 UTC 2015
patches/packages/bind-9.9.8_P2-i486-1_slack14.1.txz: Upgraded.
This update fixes three security issues:
Update allowed OpenSSL versions as named is potentially vulnerable
to CVE-2015-3193.
Insufficient testing when parsing a message allowed records with an
incorrect class to be be accepted, triggering a REQUIRE failure when
those records were subsequently cached. (CVE-2015-8000)
Address fetch context reference count handling error on socket error.
(CVE-2015-8461)
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8461
(* Security fix *)
patches/packages/libpng-1.4.18-i486-1_slack14.1.txz: Upgraded.
Fixed incorrect implementation of png_set_PLTE() that uses png_ptr
not info_ptr, that left png_set_PLTE() open to the CVE-2015-8126
vulnerability.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8472
(* Security fix *)
patches/packages/mozilla-firefox-38.5.0esr-i486-1_slack14.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html
(* Security fix *)
patches/packages/openssl-1.0.1q-i486-1_slack14.1.txz: Upgraded.
This update fixes the following security issues:
BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193).
Certificate verify crash with missing PSS parameter (CVE-2015-3194).
X509_ATTRIBUTE memory leak (CVE-2015-3195).
Race condition handling PSK identify hint (CVE-2015-3196).
Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794).
For more information, see:
https://openssl.org/news/secadv_20151203.txt
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3195
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3196
(* Security fix *)
patches/packages/openssl-solibs-1.0.1q-i486-1_slack14.1.txz: Upgraded.
+--------------------------+
Fri Dec 18 05:28:25 UTC 2015
patches/packages/grub-2.00-i486-3_slack14.1.txz: Rebuilt.
Patched bug where password protection during system startup may be
bypassed by hitting the backspace key 28 times giving a rescue shell.
Thanks to Hector Marco and Ismael Ripoll.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8370
(* Security fix *)
patches/packages/libpng-1.4.19-i486-1_slack14.1.txz: Upgraded.
Fixed an out-of-range read in png_check_keyword(). Thanks to Qixue Xiao.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8540
(* Security fix *)
+--------------------------+