Slackware Linux Distribution - Page 73
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
An upgraded sysvinit package is available which fixes a problem with the use of quotacheck in /etc/rc.d/rc.M.
This version provides RSA blinding by default which prevents an extended timing analysis from revealing details of the secret key to an attacker.
A key validation bug which results in all user IDs on a given key being treated with the validity of the most-valid user ID on that key has been fixed with the release of GnuPG 1.2.2.
An integer overflow in the xdrmem_getbytes() function found in the glibc library has been fixed.
New EPIC4 packages are available to fix security problems found by Timo Sirainen.
Timo Sirainen discovered several overflow problems in BitchX.
New KDE 3.1.1a packages are available for Slackware 9.0 which fix a security problem with the handling of PS and PDF documents.
This issue may allow a remoteattacker controlling a malicious IMAP server to execute code onyour machine as the user running mutt if you connect to the IMAPserver using mutt.
The sendmail packages in Slackware 8.0, 8.1, and 9.0 have been patchedto fix a security problem. Note that this vulnerablity is NOT the sameone that was announced on March 3rd and requires a new fix.
The samba packages in Slackware 8.1 and -current have been patched to fixa security problem. All sites running samba should upgrade.
A remote vulnerability exists that can result in commands can be executed with administrative privileges.
On servers which are configured to allow anonymous read-only access, this bug could be used by anonymous users to gain write privileges.
Upgraded to dhcp-3.0pl2, which fixes several buffer overflow vulnerabilities, including some which may allow remote attackers to execute arbitrary code on affected systems, though no exploits are known yet.
New Samba packages are available for Slackware 8.1 and -current to fix a security problem and provide other bugfixes and improvements.
Slackware has noted that they've fixed the recent mm, glibc, openssl, php, and openssh vulnerabilities recently discovered.
Slackware has updated apache to fix the recent chunked encoding vulnerability.
autilus was patched and recompiled to fix a problem which would allow a malicious user to mount a symlink attack to overwrite another user's files.
New sudo packages are available to fix a security problem which may allow users to become root, or to execute arbitrary code as root.
Patched to link to the shared zlib on the system instead of statically linking to the included zlib source. Also, use mktemp to create files in /tmp files more safely.
Fixes the zlib vulnerability and supplementary groups are removed from a server process after changing uid and gid.