[slackware-security] samba (SSA:2022-208-01)
New samba packages are available for Slackware 15.0 and -current to
fix security issues.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/samba-4.15.9-i586-1_slack15.0.txz: Upgraded.
This update fixes the following security issues:
Samba AD users can bypass certain restrictions associated with changing
passwords.
Samba AD users can forge password change requests for any user.
Samba AD users can crash the server process with an LDAP add or modify
request.
Samba AD users can induce a use-after-free in the server process with an
LDAP add or modify request.
Server memory information leak via SMB1.
For more information, see:
https://www.samba.org/samba/security/CVE-2022-2031.html
https://www.samba.org/samba/security/CVE-2022-32744.html
https://www.samba.org/samba/security/CVE-2022-32745.html
https://www.samba.org/samba/security/CVE-2022-32746.html
https://www.samba.org/samba/security/CVE-2022-32742.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2031
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32744
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32745
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32746
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32742
(* Security fix *)
+--------------------------+
Div. buggfixar
och uppdaterat libfilezilla till 0.38.1 som släpptes 20/7-22
[slackware-security] net-snmp (SSA:2022-202-01)
New net-snmp packages are available for Slackware 15.0 and -current to
fix security issues.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/net-snmp-5.9.3-i586-1_slack15.0.txz: Upgraded.
This update fixes security issues:
A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause
an out-of-bounds memory access.
A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL
pointer dereference.
Improper Input Validation when SETing malformed OIDs in master agent and
subagent simultaneously.
A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable
can cause an out-of-bounds memory access.
A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a
NULL pointer dereference.
A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer
dereference.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810
(* Security fix *)
+--------------------------+
Kärnor och åter kärnor...
5.18.14 RC1 med 70 uppdateringar/ändringar sedan 5.18.13
5.15.57 RC1 med 89 uppdateringar/ändringar sedan 5.15.56
Båda dessa kärnor släpptes igår, ChangeLog finner du till höger på sidan...
RSS resultat...
Till minne av Håkan Nilsson
Mitt Slackware
Appendix Programhantering