SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905,
allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile
libtiff from sources, the fix is available with commit 48d6ece8.
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed
a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and
prints it to the target log file, potentially revealing a portion of the contents of the heap.
Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity.
Security releases for 3.9.14, 3.8.14, and 3.7.14 are made available simultaneously to address this issue, along with some less urgent security content.
Upgrading your installations is highly recommended.
it appears that Plasma 5.25.5 has introduced a regression:
https://bugs.kde.org/show_bug.cgi?id=458829
A fix for it has been in master for a while, but was never put in stable
because it appeared to not affect stable.
Since there are no scheduled bugfixes releases for Plasma 5.25 anymore
(and the discussion about unscheduled ones is still ongoing) please
apply
For more details, check QTBUG-95817. But to summarize it in a couple of
words: a window will stop pushing buffers when it's resized and using
threaded render loop.
otherwise we can dbus invoke with the wrong environment. specifically
this happens with the latest qtbase changes that introduced color
picking support on wayland. when we start a qguiapplication with
incomplete environment that dbus invokes the xdg-portal system and that
in turn has an incomplete environment resulting in theming and the likes
not properly applying because the portal doesn't know that it runs
inside a plasma session.
qt/qt/qtbase@2dc083df
BUG: 458865
otherwise we can dbus invoke with the wrong environment. specifically
this happens with the latest qtbase changes that introduced color
picking support on wayland. when we start a qguiapplication with
incomplete environment that dbus invokes the xdg-portal system and that
in turn has an incomplete environment resulting in theming and the likes
not properly applying because the portal doesn't know that it runs
inside a plasma session.
qt/qt/qtbase@2dc083df
BUG: 458865
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
