SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
2 updates (x86_64). Including a (* Security fix *)! : 2 Upgraded
Code:
Tue Feb 13 19:19:24 UTC 2024
patches/packages/bind-9.16.48-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Specific DNS answers could cause a denial-of-service condition due to DNS
validation taking a long time.
Query patterns that continuously triggered cache database maintenance could
exhaust all available memory on the host running named.
Restore DNS64 state when handling a serve-stale timeout.
Specific queries could trigger an assertion check with nxdomain-redirect
enabled.
Speed up parsing of DNS messages with many different names.
For more information, see:
https://kb.isc.org/docs/cve-2023-50387
https://www.cve.org/CVERecord?id=CVE-2023-50387
https://kb.isc.org/docs/cve-2023-6516
https://www.cve.org/CVERecord?id=CVE-2023-6516
https://kb.isc.org/docs/cve-2023-5679
https://www.cve.org/CVERecord?id=CVE-2023-5679
https://kb.isc.org/docs/cve-2023-5517
https://www.cve.org/CVERecord?id=CVE-2023-5517
https://kb.isc.org/docs/cve-2023-4408
https://www.cve.org/CVERecord?id=CVE-2023-4408
(* Security fix *)
testing/packages/bind-9.18.24-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and security issues:
Specific DNS answers could cause a denial-of-service condition due to DNS
validation taking a long time.
Restore DNS64 state when handling a serve-stale timeout.
Specific queries could trigger an assertion check with nxdomain-redirect
enabled.
Speed up parsing of DNS messages with many different names.
For more information, see:
https://kb.isc.org/docs/cve-2023-50387
https://www.cve.org/CVERecord?id=CVE-2023-50387
https://kb.isc.org/docs/cve-2023-5679
https://www.cve.org/CVERecord?id=CVE-2023-5679
https://kb.isc.org/docs/cve-2023-5517
https://www.cve.org/CVERecord?id=CVE-2023-5517
https://kb.isc.org/docs/cve-2023-4408
https://www.cve.org/CVERecord?id=CVE-2023-4408
(* Security fix *)
I was going to say the Nginx is listening on port 443 also and returning a "Forbidden" page for all requests, causing the client that tries https first to think it's gotten the page, and stop there. But you've apparently reached that conclusion before me, and turned off your 443 listener, so thank you some more!
1 updates (x86_64). Including a (* Security fix *)! : 1 Upgraded
Code:
Wed Feb 14 04:18:12 UTC 2024
patches/packages/dnsmasq-2.90-x86_64-1_slack15.0.txz: Upgraded.
Add limits on the resources used to do DNSSEC validation.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-50387
https://www.cve.org/CVERecord?id=CVE-2023-50868
(* Security fix *)
Fri Feb 16 20:18:59 UTC 2024
patches/packages/ca-certificates-20240216-noarch-1_slack15.0.txz: Upgraded.
This update provides the latest CA certificates to check for the
authenticity of SSL connections.
Sun Feb 18 21:03:57 UTC 2024
extra/llvm-17.0.6-x86_64-1_slack15.0.txz: Added.
In case anyone needs a newer compiler.
extra/llvm13-compat-13.0.0-x86_64-1_slack15.0.txz: Added.
In case anyone needs to run binaries linked to the old compiler.
1 updates (x86_64). Including a (* Security fix *)! : 1 Upgraded
Code:
Tue Feb 20 21:08:27 UTC 2024
patches/packages/libuv-1.48.0-x86_64-1_slack15.0.txz: Upgraded.
This update fixes a server-side request forgery (SSRF) flaw.
Thanks to alex2grad for the heads-up.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-24806
(* Security fix *)
2 updates (x86_64). Including a (* Security fix *)! : 1 Upgraded, 1 Rebuilt
Code:
Wed Feb 21 20:00:08 UTC 2024
patches/packages/dcron-4.5-x86_64-12_slack15.0.txz: Rebuilt.
This is a bugfix release.
run-parts: skip *.orig files. Thanks to metaed.
patches/packages/mozilla-thunderbird-115.8.0-x86_64-1_slack15.0.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/thunderbird/115.8.0/releasenotes/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-07/
https://www.cve.org/CVERecord?id=CVE-2024-1546
https://www.cve.org/CVERecord?id=CVE-2024-1547
https://www.cve.org/CVERecord?id=CVE-2024-1548
https://www.cve.org/CVERecord?id=CVE-2024-1549
https://www.cve.org/CVERecord?id=CVE-2024-1550
https://www.cve.org/CVERecord?id=CVE-2024-1551
https://www.cve.org/CVERecord?id=CVE-2024-1552
https://www.cve.org/CVERecord?id=CVE-2024-1553
(* Security fix *)
Fri Feb 23 20:37:29 UTC 2024
patches/packages/dcron-4.5-x86_64-13_slack15.0.txz: Rebuilt.
This is a bugfix release.
run-parts.8: document skiping *.orig files. Thanks to metaed.
Sun Feb 25 19:16:52 UTC 2024
patches/packages/whois-5.5.21-x86_64-1_slack15.0.txz: Upgraded.
Updated the .cv and .sd TLD servers.
Removed 4 new gTLDs which are no longer active.
1 updates (x86_64). Including a (* Security fix *)! : 1 Upgraded
Code:
Mon Feb 26 20:09:43 UTC 2024
patches/packages/openjpeg-2.5.1-x86_64-1_slack15.0.txz: Upgraded.
Fixed a heap-based buffer overflow in openjpeg in color.c:379:42 in
sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use
this to execute arbitrary code with the permissions of the application
compiled against openjpeg.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2021-3575
(* Security fix *)
1 updates (x86_64). Including a (* Security fix *)! : 1 Rebuilt
Code:
Wed Feb 28 18:36:48 UTC 2024
patches/packages/wpa_supplicant-2.10-x86_64-2_slack15.0.txz: Rebuilt.
Patched the implementation of PEAP in wpa_supplicant to prevent an
authentication bypass. For a successful attack, wpa_supplicant must be
configured to not verify the network's TLS certificate during Phase 1
authentication, and an eap_peap_decrypt vulnerability can then be abused
to skip Phase 2 authentication. The attack vector is sending an EAP-TLV
Success packet instead of starting Phase 2. This allows an adversary to
impersonate Enterprise Wi-Fi networks.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2023-52160
(* Security fix *)
Thu Feb 29 19:11:19 UTC 2024
patches/packages/openjpeg-2.5.2-x86_64-1_slack15.0.txz: Upgraded.
Fixed a regression in openjpeg-2.5.1:
API breakage / openjpeg version no longer detected (openjpeg.h no longer
includes opj_config.h).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
