New kdenetwork packages are available for Slackware 10.0, 10.1, and -current to fix security issues. Overflows in libgadu (used by kopete) that can cause a denial of service or arbitrary code execution. More details about this vulnerability may be found here:
New emacs packages are available for Slackware 10.1 and -current to a security issue with the movemail utility for retrieving mail from a POP mail server. If used to connect to a malicious POP server, it is possible for the server to cause the execution of arbitrary code as
New dnsmasq packages are available for Slackware 10.0, 10.1, and -current to fix security issues. An off-by-one overflow vulnerability may allow a DHCP client to create a denial of service condition. Additional code was also added to detect and defeat attempts to poison the DNS cache.
New XV image viewer packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. Format string and other issues could cause a crash or execution of arbitrary code if a specially crafted image is loaded with XV.
New tcpdump packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A specially crafted BGP packet can cause tcpdump to go into an infinite loop, creating a denial of service where network monitoring is disabled.
Sorry folks, I mistakenly used a build template that was too new to build the first round of PHP packages for Slackware 8.1, 9.0, and 9.1, which tried to place the module in /usr/libexec/apache (older versions of Slackware use /usr/libexec instead), and tried to link to incorrect
New PHP packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue with the PEAR XML_RPC class that allows a remote attacker to run arbitrary PHP code. Sites that make use of this PHP library should upgrade to the new PHP package right
New zlib packages are available for Slackware 10.0, 10.1, and -current to fix a denial of service security issue. zlib 1.1.x is not affected. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
New Sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A race condition could allow a user with Sudo privileges to run arbitrary commands. For more details, see:
Sun has released a couple of security advisories pertaining to both the Java Runtime Environment and the Standard Edition Development Kit. These could allow applets to read or write to local files. For more details, Sun's advisories may be found here:
New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix some minor security issues. Sites that use GAIM should upgrade to the new version.
Hey folks, An advisory recently went out on NcFTP, but it appears that the issue in question was fixed long ago in version 3.1.5, released on 2002-10-13. I received an email at This email address is being protected from spambots. You need JavaScript enabled to view it. from a well-meaning user
New Mozilla packages are available for Slackware 10.0, 10.1, and -current to fix various security issues and bugs. See the Mozilla site for a complete list of the issues patched: Also updated is Firefox in Slackware -current.
New ncftp packages are available for Slackware 10.0, 10.1, and -current to fix security issues. More details about this issue may be found on the NcFTP site:
New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix several security issues. Sites that use GAIM should upgrade to the new version.
New xine-lib packages are available for Slackware 10.0, 10.1, and -current to fix security issues. The xine frontends have also been upgraded. For more details on the xine-lib security issues, see:
New infozip (zip/unzip) packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. - From the www.info-zip.org site: Zip 2.3 and (presumably) all previous versions have a buffer-
New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix several security issues. Sites that use GAIM should upgrade to the new version.
New Mozilla packages are available for Slackware 10.0, 10.1, and -current to fix various security issues and bugs. See the Mozilla site for a complete list of the issues patched: Also updated is Firefox in Slackware -current.
New CVS packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
