Pagina 5 di 14

New patches for slackware64-14.0 on Thu, 14 Mar 2013 04:55:3

Inviato: ven mar 15, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu Mar 14 03:55:33 UTC 2013
patches/packages/perl-5.16.3-x86_64-1_slack14.0.txz:  Upgraded.
  This update fixes a flaw in the rehashing code that can be exploited
  to carry out a denial of service attack against code that uses arbitrary
  user input as hash keys.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1667
  (* Security fix *)
patches/packages/seamonkey-2.16.1-x86_64-1_slack14.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.16.1-x86_64-1_slack14.0.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Sat, 16 Mar 2013 20:35:4

Inviato: dom mar 17, 2013 6:01
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Sat Mar 16 19:35:45 UTC 2013
patches/packages/seamonkey-2.16.2-x86_64-1_slack14.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/seamonkey-solibs-2.16.2-x86_64-1_slack14.0.txz:  Upgraded.
+--------------------------+
Sat Mar 16 07:10:09 UTC 2013
patches/packages/ruby-1.9.3_p392-x86_64-1_slack14.0.txz:  Upgraded.
  This release includes security fixes about bundled JSON and REXML.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1821
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Sat, 23 Mar 2013 21:22:1

Inviato: dom mar 24, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Sat Mar 23 20:22:12 UTC 2013
patches/packages/php-5.4.13-x86_64-1_slack14.0.txz:  Upgraded.
  This release fixes two security issues in SOAP:
  Added check that soap.wsdl_cache_dir conforms to open_basedir.
  Disabled external entities loading.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1635
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1643
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Wed, 27 Mar 2013 07:09:3

Inviato: gio mar 28, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Mar 27 06:09:29 UTC 2013
patches/packages/bind-9.9.2_P2-x86_64-1_slack14.0.txz:  Upgraded.
  This update fixes a critical defect in BIND 9 that allows an attacker
  to cause excessive memory consumption in named or other programs linked
  to libdns.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266
    https://kb.isc.org/article/AA-00871
  (* Security fix *)
patches/packages/dhcp-4.2.5_P1-x86_64-1_slack14.0.txz:  Upgraded.
  This update replaces the included BIND 9 code that the DHCP programs
  link against.  Those contained a defect that could possibly lead to
  excessive memory consumption and a denial of service.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2266
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Fri, 29 Mar 2013 01:27:3

Inviato: ven mar 29, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Mar 29 00:27:36 UTC 2013
patches/packages/libssh-0.5.4-x86_64-1_slack14.0.txz:  Upgraded.
  This update fixes a possible denial of service issue.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0176
  (* Security fix *)
+--------------------------+
Thu Mar 28 06:59:52 UTC 2013
patches/packages/tumbler-0.1.25-x86_64-3_slack14.0.txz:  Rebuilt.
  Patched a bug that caused tumbler to hold files open preventing volumes from
  being ejected.
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Wed, 03 Apr 2013 08:59:0

Inviato: gio apr 04, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Apr  3 06:58:59 UTC 2013
patches/packages/mozilla-firefox-20.0-x86_64-1_slack14.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
patches/packages/mozilla-thunderbird-17.0.5-x86_64-1_slack14.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Fri, 05 Apr 2013 07:21:4

Inviato: sab apr 06, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Apr  5 05:21:45 UTC 2013
patches/packages/subversion-1.7.9-x86_64-1_slack14.0.txz:  Upgraded.
  This update fixes some denial of service bugs:
    mod_dav_svn excessive memory usage from property changes
    mod_dav_svn crashes on LOCK requests against activity URLs
    mod_dav_svn crashes on LOCK requests against non-existant URLs
    mod_dav_svn crashes on PROPFIND requests against activity URLs
    mod_dav_svn crashes on out of range limit in log REPORT request
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1845
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1846
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1847
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1849
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1884
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Mon, 08 Apr 2013 01:23:3

Inviato: lun apr 08, 2013 6:01
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Sun Apr  7 23:23:38 UTC 2013
patches/packages/seamonkey-2.17-x86_64-1_slack14.0.txz:  Upgraded.
  This update contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/seamonkey.html
  (* Security fix *)
patches/packages/seamonkey-solibs-2.17-x86_64-1_slack14.0.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Wed, 17 Apr 2013 04:09:4

Inviato: gio apr 18, 2013 6:01
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed Apr 17 02:09:43 UTC 2013
patches/packages/seamonkey-2.17.1-x86_64-1_slack14.0.txz:  Upgraded.
  This is a bugfix release.
patches/packages/seamonkey-solibs-2.17.1-x86_64-1_slack14.0.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Fri, 19 Apr 2013 23:24:4

Inviato: sab apr 20, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Fri Apr 19 21:24:48 UTC 2013
patches/packages/xorg-server-1.12.4-x86_64-1_slack14.0.txz:  Upgraded.
  This update fixes an input flush bug with evdev.  Under exceptional
  conditions (keyboard input during device hotplugging), this could leak
  a small amount of information intended for the X server.
  This issue was evaluated to be of low impact.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1940
    http://lists.x.org/archives/xorg-devel/2013-April/036014.html
  (* Security fix *)
patches/packages/xorg-server-xephyr-1.12.4-x86_64-1_slack14.0.txz:  Upgraded.
patches/packages/xorg-server-xnest-1.12.4-x86_64-1_slack14.0.txz:  Upgraded.
patches/packages/xorg-server-xvfb-1.12.4-x86_64-1_slack14.0.txz:  Upgraded.
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Thu, 16 May 2013 01:38:5

Inviato: gio mag 16, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed May 15 23:38:49 UTC 2013
patches/packages/mozilla-firefox-21.0-x86_64-1_slack14.0.txz:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/firefox.html
  (* Security fix *)
patches/packages/*t?z:  Upgraded.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Thu, 16 May 2013 23:42:0

Inviato: ven mag 17, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Thu May 16 21:42:08 UTC 2013
patches/packages/ruby-1.9.3_p429-x86_64-1_slack14.0.txz:  Upgraded.
  This update fixes a security issue in DL and Fiddle included in Ruby where
  tainted strings can be used by system calls regardless of the $SAFE level
  setting.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2065
    http://www.ruby-lang.org/en/news/2013/05/14/taint-bypass-dl-fiddle-cve-2013-2065/
  (* Security fix *)
+--------------------------+
Thu May 16 18:28:01 UTC 2013
patches/packages/mozilla-thunderbird-17.0.6-x86_64-1_slack14.0.txz:  Upgraded.
  Here's the package that was missing from the last batch.  The wrong entry in
  the ChangeLog was removed to prevent slackpkg from having trouble with it.
  This release contains security fixes and improvements.
  For more information, see:
    http://www.mozilla.org/security/known-vulnerabilities/thunderbird.html
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Mon, 20 May 2013 23:01:3

Inviato: mar mag 21, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Mon May 20 21:01:33 UTC 2013
patches/packages/linux-3.2.45/*:  Upgraded.
  Upgraded to new kernels that fix CVE-2013-2094, a bug that can allow local
  users to gain a root shell.  Be sure to upgrade your initrd and reinstall
  LILO after upgrading the kernel packages.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2094
  (* Security fix *)
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Wed, 22 May 2013 16:11:1

Inviato: gio mag 23, 2013 6:02
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Wed May 22 14:11:13 UTC 2013
patches/packages/linux-3.2.45/*:  Rebuilt.
  It appears a bad commit slipped into 3.2.45 and it's causing problems on
  systems that use Intel graphics.  The commit has been reverted in the kernel
  source packages and the kernels and modules have been rebuilt.  If you ran
  into the black screen problem before, this should fix it up.
+--------------------------+

Have fun,
Slacky BOT Packager

New patches for slackware64-14.0 on Tue, 04 Jun 2013 00:10:1

Inviato: mar giu 04, 2013 6:01
da Slacky BOT Packager
Hey guys,
new patches have been released for slackware64-14.0. Follows the relevant part of ChangeLog.txt:

Codice: Seleziona tutto

Mon Jun  3 22:10:16 UTC 2013
patches/packages/linux-3.2.45/*:  Rebuilt.
  One more reverted commit.  This one was leading to hangs on systems with
  Intel graphics.  The previous revert was also reverted in 3.2.46, but it
  seems safer to just get this one manually than to take the newer kernel and
  still have to do another patch to it anyway.  Hopefully the third time is
  the charm.  :)
+--------------------------+

Have fun,
Slacky BOT Packager