New ntp packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue. If a spoofed mode 7 packet is sent to a vulnerable NTP daemon it may cause CPU and/or disk space exhaustion, resulting in a denial of service.
New Linux kernel packages are available for Slackware 13.0 and -current to address a security issue. A kernel bug discovered by David Ford may allow remote attackers to crash the kernel by sending an oversized IP packet. While the impact on ordinary servers is still unclear (the
New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue. More details about this issue may be found here:
New openssl packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
New mozilla-firefox packages are available for Slackware 12.2, 13.0, and -current to fix security issues. The Firefox 3.0.15 package may also be used with Slackware 11.0 or newer. More details about the issues may be found on the Mozilla website:
New xpdf packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database:
New poppler packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
New gnutls packages are available for Slackware 12.1, 12.2, 13.0, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
New pidgin packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
New samba packages are available for Slackware 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about the issues may be found in the Common Vulnerabilities and Exposures (CVE) database:
New php packages are available for Slackware 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
New mozilla-firefox packages are available for Slackware 12.2, 13.0, and -current to fix security issues. The Firefox 3.0.14 package may also be used with Slackware 11.0 or newer. More details about the issues may be found on the Mozilla website:
New seamonkey packages are available for Slackware 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix security issues. More details about the issues may be found on the Mozilla web site:
New mozilla-thunderbird packages are available for Slackware 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue: "MFSA 2009-42 Compromise of SSL-protected communication" More details about the issue may be found here:
New pidgin packages are available for Slackware 12.0, 12.1, 12.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
This is a followup to the SSA:2009-230-01 advisory noting some errata. The generic SMP kernel update for Slackware 12.2 was built using the .config for a huge kernel, not a generic one. The kernel previously published as kernel-generic-smp and in the gemsmp.s directory works
New Linux kernel packages are available for Slackware 12.2 and -current to address a security issue. A kernel bug discovered by Tavis Ormandy and Julien Tinnes of the Google Security Team could allow a local user to fill memory page zero with arbitrary code and then use the kernel
New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. For more information, see:
New apr-util packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
New apr packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
