[slackware-security] bind (SSA:2022-264-01)
New bind packages are available for Slackware 15.0 and -current to
fix security issues.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/bind-9.16.33-i586-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
Fix memory leak in EdDSA verify processing.
Fix memory leak in ECDSA verify processing.
Fix serve-stale crash that could happen when stale-answer-client-timeout
was set to 0 and there was a stale CNAME in the cache for an incoming query.
Prevent excessive resource use while processing large delegations.
For more information, see:
https://kb.isc.org/docs/cve-2022-38178
https://kb.isc.org/docs/cve-2022-38177
https://kb.isc.org/docs/cve-2022-3080
https://kb.isc.org/docs/cve-2022-2795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795
(* Security fix *)
+--------------------------+
[slackware-security] expat (SSA:2022-263-01)
New expat packages are available for Slackware 14.0, 14.1, 14.2, 15.0,
and -current to fix a security issue.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/expat-2.4.9-i586-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Heap use-after-free vulnerability in function doContent. Expected impact is
denial of service or potentially arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
(* Security fix *)
+--------------------------+
[slackware-security] mozilla-firefox (SSA:2022-263-02)
New mozilla-firefox packages are available for Slackware 15.0 and -current to
fix security issues.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-102.3.0esr-i686-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/102.3.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2022-41/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
(* Security fix *)
+--------------------------+
Och libfilezilla 0.39.1 släpptes några dagar tidigare (13/9-22).
För mer information, klicka på länken ovan...
Ännu en batch Kärnor... ;-)
Beräknas släppas under söndagen den 18:e September.
5.19.10 rc1 med 38 uppdateringar/ändringar sedan 5.19.9
5.15.69 rc1 med 35 uppdateringar/ändringar sedan 5.15.68
5.10.144 rc1 med 24 uppdateringar/ändringar sedan 5.10.143
5.4.214 rc1 med 14 uppdateringar/ändringar sedan 5.4.213
4.19.259 rc1 med 11 uppdateringar/ändringar sedan 4.19.258
4.14.294 rc1 med 7 uppdateringar/ändringar sedan 4.14.293
4.9.329 rc1 med 7 uppdateringar/ändringar sedan 4.9.328
Ovan listade kärnor släpptes tidigare idag...
ChangeLog och länk för nedladdning finner du ute till höger som vanligt.
RSS resultat...
Till minne av Håkan Nilsson
Mitt Slackware
Appendix Programhantering