New PHP packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue with the PEAR XML_RPC class that allows a remote attacker to run arbitrary PHP code. Sites that make use of this PHP library should upgrade to the new PHP package right
New zlib packages are available for Slackware 10.0, 10.1, and -current to fix a denial of service security issue. zlib 1.1.x is not affected. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
New Sudo packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue. A race condition could allow a user with Sudo privileges to run arbitrary commands. For more details, see:
Sun has released a couple of security advisories pertaining to both the Java Runtime Environment and the Standard Edition Development Kit. These could allow applets to read or write to local files. For more details, Sun's advisories may be found here:
New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix some minor security issues. Sites that use GAIM should upgrade to the new version.
Hey folks, An advisory recently went out on NcFTP, but it appears that the issue in question was fixed long ago in version 3.1.5, released on 2002-10-13. I received an email at This email address is being protected from spambots. You need JavaScript enabled to view it. from a well-meaning user
New Mozilla packages are available for Slackware 10.0, 10.1, and -current to fix various security issues and bugs. See the Mozilla site for a complete list of the issues patched: Also updated is Firefox in Slackware -current.
New ncftp packages are available for Slackware 10.0, 10.1, and -current to fix security issues. More details about this issue may be found on the NcFTP site:
New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix several security issues. Sites that use GAIM should upgrade to the new version.
New xine-lib packages are available for Slackware 10.0, 10.1, and -current to fix security issues. The xine frontends have also been upgraded. For more details on the xine-lib security issues, see:
New infozip (zip/unzip) packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. - From the www.info-zip.org site: Zip 2.3 and (presumably) all previous versions have a buffer-
New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix several security issues. Sites that use GAIM should upgrade to the new version.
New Mozilla packages are available for Slackware 10.0, 10.1, and -current to fix various security issues and bugs. See the Mozilla site for a complete list of the issues patched: Also updated is Firefox in Slackware -current.
New CVS packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
New Python packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix a security issue in the SimpleXMLRPCServer library module.
New PHP packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. More details about the issues may be found in the PHP ChangeLogs on
New Mozilla packages are available for Slackware 9.1, 10.0, 10.1, and -current to fix various security issues and bugs. See the Mozilla site for a complete list of the issues patched: Also updated are Firefox and Thunderbird in Slackware -current, and GAIM in
New libtiff packages are available for Slackware 8.1, 9.0, 9.1, 10.1, and -current to fix security issues that could lead to application crashes, or possibly execution of arbitrary code. More details about this issue may be found in the Common
New apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix a security issue. Apache has been upgraded to version 1.3.33 which fixes a buffer overflow which may allow local users to execute arbitrary code as the apache user.
New apache and mod_ssl packages are available for Slackware 8.1, 9.0, 9.1, 10.0, and -current to fix security issues. Apache has been upgraded to version 1.3.32 which fixes a heap-based buffer overflow in mod_proxy. mod_ssl was upgraded from version mod_ssl-2.8.19-1.3.31 to version
