[slackware-security] vim (SSA:2022-266-01)
New vim packages are available for Slackware 15.0 and -current to fix a security issue.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/vim-9.0.0558-i586-1_slack15.0.txz: Upgraded.
Fixed use after free.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3256
(* Security fix *)
patches/packages/vim-gvim-9.0.0558-i586-1_slack15.0.txz: Upgraded.
+--------------------------+
[slackware-security] bind (SSA:2022-264-01)
New bind packages are available for Slackware 15.0 and -current to
fix security issues.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/bind-9.16.33-i586-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
Fix memory leak in EdDSA verify processing.
Fix memory leak in ECDSA verify processing.
Fix serve-stale crash that could happen when stale-answer-client-timeout
was set to 0 and there was a stale CNAME in the cache for an incoming query.
Prevent excessive resource use while processing large delegations.
For more information, see:
https://kb.isc.org/docs/cve-2022-38178
https://kb.isc.org/docs/cve-2022-38177
https://kb.isc.org/docs/cve-2022-3080
https://kb.isc.org/docs/cve-2022-2795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795
(* Security fix *)
+--------------------------+
[slackware-security] expat (SSA:2022-263-01)
New expat packages are available for Slackware 14.0, 14.1, 14.2, 15.0,
and -current to fix a security issue.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/expat-2.4.9-i586-1_slack15.0.txz: Upgraded.
This update fixes a security issue:
Heap use-after-free vulnerability in function doContent. Expected impact is
denial of service or potentially arbitrary code execution.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40674
(* Security fix *)
+--------------------------+
[slackware-security] mozilla-firefox (SSA:2022-263-02)
New mozilla-firefox packages are available for Slackware 15.0 and -current to
fix security issues.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/mozilla-firefox-102.3.0esr-i686-1_slack15.0.txz: Upgraded.
This update contains security fixes and improvements.
For more information, see:
https://www.mozilla.org/en-US/firefox/102.3.0/releasenotes/
https://www.mozilla.org/security/advisories/mfsa2022-41/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40959
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40956
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40962
(* Security fix *)
+--------------------------+
Och libfilezilla 0.39.1 släpptes några dagar tidigare (13/9-22).
För mer information, klicka på länken ovan...
RSS resultat...
Till minne av Håkan Nilsson
Mitt Slackware
Appendix Programhantering