Sat Jun 27 16:59:29 EDT 2009 patches/packages/libpng-1.2.37-s390-1_slack9.1.tgz: Upgraded. This update fixes a possible security issue. Jeff Phillips discovered an uninitialized-memory-read bug affecting interlaced images that may have security implications. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2042 (* Security fix *) +--------------------------+ Mon Jun 15 19:06:59 EDT 2009 patches/packages/ntp-4.2.2p3-s390-1_slack9.1.tgz: Patched a stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows arbitrary code execution by a malicious remote NTP server. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 (* Security fix *) patches/packages/qt-3.2.1-s390-3.tgz: Reconstructed due to qt-3.2.1-s390-2.tgz somehow having been corrupted. patches/packages/xpdf-3.02pl3-s390-1_slack9.1.tgz: Upgraded to xpdf-3.02pl3. This update fixes several overflows that may result in crashes or the execution of arbitrary code as the xpdf user. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183 (* Security fix *) +--------------------------+ Mon Mar 23 18:49:45 EDT 2009 patches/packages/apache-1.3.41-s390-1_slack9.1.tgz: Upgraded to apache-1.3.41, the last regular release of the Apache 1.3.x series, and a security bugfix-only release. For more information about the security issues fixed, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 (* Security fix *) patches/packages/bind-9.3.6_P1-s390-1_slack9.1.tgz: Upgraded to bind-9.3.6-P1. Fixed checking on return values from OpenSSL's EVP_VerifyFinal and DSA_do_verify functions to prevent spoofing answers returned from zones using the DNSKEY algorithms DSA and NSEC3DSA. For more information, see: https://www.isc.org/node/373 http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0025 (* Security fix *) patches/packages/bzip2-1.0.5-s390-1_slack9.1.tgz: Upgraded to bzip2-1.0.5. Previous versions of bzip2 contained a buffer overread error that could cause applications linked to libbz2 to crash, resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372 (* Security fix *) patches/packages/cups-1.1.21-s390-2_slack9.1.tgz: Patched cups-1.1.21. Errors in ipp.c may allow a remote attacker to crash CUPS resulting in a denial of service. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4351 (* Security fix *) patches/packages/curl-7.10.7-s390-3_slack9.1.tgz: Patched curl-7.10.7. This fixes a security issue where automatic redirection could be made to follow file:// URLs, reading or writing a local instead of remote file. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037 (* Security fix *) patches/packages/fetchmail-6.3.8-s390-1_slack9.1.tgz: Patched to fix a possible denial of service when "-v -v" options are used. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2711 (* Security fix *) patches/packages/glibc-zoneinfo-2.3.2-noarch-6_slack9.1.tgz: Upgraded to tzdata2008h for the latest world timezone changes. patches/packages/libpng-1.2.35-s390-1_slack9.1.tgz: Upgraded to libpng-1.2.35. This fixes multiple memory-corruption vulnerabilities due to a failure to properly initialize data structures. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0040 ftp://ftp.simplesystems.org/pub/png/src/libpng-1.2.34-ADVISORY.txt (* Security fix *) patches/packages/m4-1.4.11-s390-1_slack9.1.tgz: Upgraded to m4-1.4.11. In addition to bugfixes and enhancements, this version of m4 also fixes two issues with possible security implications. A minor security fix with the use of "maketemp" and "mkstemp" -- these are now quoted to prevent the (rather unlikely) possibility that an unquoted string could match an existing macro causing operations to be done on the wrong file. Also, a problem with the '-F' option (introduced with version 1.4) could cause a core dump or possibly (with certain file names) the execution of arbitrary code. For more information on these issues, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688 (* Security fix *) patches/packages/mod_ssl-2.8.31_1.3.41-s390-1_slack9.1.tgz: Upgraded to mod_ssl-2.8.31-1.3.41 to work with apache_1.3.41. patches/packages/ntp-4.2.4p6-s390-1_slack9.1.tgz: [Sec 1111] Fix incorrect check of EVP_VerifyFinal()'s return value. For more information, see: https://lists.ntp.org/pipermail/announce/2009-January/000055.html http://www.ocert.org/advisories/ocert-2008-016.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5077 (* Security fix *) patches/packages/openssh-5.0p1-s390-1_slack9.1.tgz: Upgraded to openssh-5.0p1. This version fixes a security issue where local users could hijack forwarded X connections. Upgrading to the new package is highly recommended. For more information on this security issue, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483 (* Security fix *) patches/packages/rsync-2.6.9-s390-1_slack9.1.tgz: Patched some security bugs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4091 http://lists.samba.org/archive/rsync-announce/2007/000050.html (* Security fix *) patches/packages/tcpdump-3.9.7-s390-1_slack9.1.tgz: Upgraded to libpcap-0.9.7, tcpdump-3.9.7. This new version fixes an integer overflow in the BGP dissector which could possibly allow remote attackers to crash tcpdump or to execute arbitrary code. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3798 (* Security fix *) patches/packages/xpdf-3.02pl2-s390-1_slack9.1.tgz: Upgraded to xpdf-3.02pl2. The pl2 patch fixes a crash in xpdf. Some theorize that this could be used to execute arbitrary code if an untrusted PDF file is opened, but no real-world examples are known (yet). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393 (* Security fix *) +--------------------------+ Mon May 28 03:40:47 EDT 2007 patches/packages/libpng-1.2.18-s390-1_slack9.1.tgz: Upgraded to libpng-1.2.18. A grayscale PNG image with a malformed (bad CRC) tRNS chunk will crash some libpng applications. This vulnerability has been assigned the identifiers CVE-2007-2445 and CERT VU#684664. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445 (* Security fix *) +--------------------------+ Wed Apr 4 13:35:23 EDT 2007 patches/packages/file-4.20-s390-1_slack9.1.tgz: Upgraded to file-4.20. This fixes a heap overflow that could allow code to be executed as the user running file (note that there are many scenarios where file might be used automatically, such as in virus scanners or spam filters). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536 (* Security fix *) +--------------------------+ Fri Mar 16 21:34:29 EDT 2007 patches/packages/bind-9.2.8-s390-1_slack9.1.tgz: Upgraded to bind-9.2.8. This update fixes two denial of service vulnerabilities where an attacker could crash the name server with specially crafted malformed data. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0493 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494 (* Security fix *) patches/packages/fetchmail-6.3.6-s390-1_slack9.1.tgz: Upgraded to fetchmail-6.3.6. This fixes two security issues. First, a bug introduced in fetchmail-6.3.5 could cause fetchmail to crash. However, no stable version of Slackware ever shipped fetchmail-6.3.5. Second, a long standing bug (reported by Isaac Wilcox) could cause fetchmail to send a password in clear text or omit using TLS even when configured otherwise. All fetchmail users are encouraged to consider using getmail, or to upgrade to the new fetchmail packages. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5974 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5867 (* Security fix *) patches/packages/glibc-zoneinfo-2.3.2-noarch-2_slack9.1.tgz: Updated with tzdata2007b for impending Daylight Savings Time changes in the US. patches/packages/gnupg-1.4.7-s390-1_slack9.1.tgz: Upgraded to gnupg-1.4.7. This fixes a security problem that can occur when GnuPG is used incorrectly. Newer versions attempt to prevent such misuse. For more information, see: http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html (* Security fix *) +--------------------------+ Mon Jan 15 13:41:03 EST 2007 patches/packages/gnupg-1.4.6-s390-1_slack9.1.tgz: Upgraded to gnupg-1.4.6. This release fixes a severe and exploitable bug in earlier versions of gnupg. All gnupg users should update to the new packages as soon as possible. For details, see the information concerning CVE-2006-6235 posted on lists.gnupg.org: http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html The CVE entry for this issue may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235 This update also addresses a more minor security issue possibly exploitable when GnuPG is used in interactive mode. For more information about that issue, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6169 (* Security fix *) patches/packages/libpng-1.2.14-s390-1_slack9.1.tgz: Upgraded to libpng-1.2.14. This fixes a bug where a specially crafted PNG file could crash applications that use libpng. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 (* Security fix *) patches/packages/proftpd-1.3.0a-s390-1_slack9.1.tgz: Upgraded to proftpd-1.3.0a plus an additional security patch. Several security issues were found in proftpd that could lead to the execution of arbitrary code by a remote attacker, including one in mod_tls that does not require the attacker to be authenticated first. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5815 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6171 (* Security fix *) patches/packages/tar-1.16-s390-1_slack9.1.tgz: Upgraded to tar-1.16. This fixes an issue where files may be extracted outside of the current directory, possibly allowing a malicious tar archive, when extracted, to overwrite any of the user's files (in the case of root, any file on the system). For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6097 (* Security fix *) patches/packages/xine-lib-1.1.3-s390-1_slack9.1.tgz: Upgraded to xine-lib-1.1.3 which fixes possible security problems such as a heap overflow in libmms and a buffer overflow in the Real Media input plugin. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200 (* Security fix *) +--------------------------+ Tue Nov 14 23:24:42 EST 2006 patches/packages/bind-9.2.6_P2-s390-1_slack9.1.tgz: Upgraded to bind-9.2.6-P2. This fixes some security issues related to previous fixes in OpenSSL. The minimum OpenSSL version was raised to OpenSSL 0.9.7l and OpenSSL 0.9.8d to avoid exposure to known security flaws in older versions (these patches were already issued for Slackware). If you have not upgraded yet, get those as well to prevent a potentially exploitable security problem in named. In addition, the default RSA exponent was changed from 3 to 65537. RSA keys using exponent 3 (which was previously BIND's default) will need to be regenerated to protect against the forging of RRSIGs. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 (* Security fix *) +--------------------------+ Sat Nov 4 19:13:31 EST 2006 patches/packages/screen-4.0.3-s390-1_slack9.1.tgz: Upgraded to screen-4.0.3. This addresses an issue with the way screen handles UTF-8 character encoding that could allow screen to be crashed (or possibly code to be executed in the context of the screen user) if a specially crafted sequence of pseudo-UTF-8 characters are displayed withing a screen session. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4573 (* Security fix *) +--------------------------+ Sun Oct 15 21:23:02 EDT 2006 patches/packages/openssl-solibs-0.9.7l-s390-1_slack9.1.tgz: Upgraded to shared libraries from openssl-0.9.7l. See openssl package update below. (* Security fix *) patches/packages/openssh-4.4p1-s390-1_slack9.1.tgz: Upgraded to openssh-4.4p1. This fixes a few security related issues. From the release notes found at http://www.openssh.com/txt/release-4.4: * Fix a pre-authentication denial of service found by Tavis Ormandy, that would cause sshd(8) to spin until the login grace time expired. * Fix an unsafe signal hander reported by Mark Dowd. The signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication denial of service. On portable OpenSSH, this vulnerability could theoretically lead to pre-authentication remote code execution if GSSAPI authentication is enabled, but the likelihood of successful exploitation appears remote. * On portable OpenSSH, fix a GSSAPI authentication abort that could be used to determine the validity of usernames on some platforms. Links to the CVE entries will be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052 After this upgrade, make sure the permissions on /etc/rc.d/rc.sshd are set the way you want them. Future upgrades will respect the existing permissions settings. Thanks to Manuel Reimer for pointing out that upgrading openssh would enable a previously disabled sshd daemon. Do better checking of passwd, shadow, and group to avoid adding redundant entries to these files. Thanks to Menno Duursma. (* Security fix *) patches/packages/openssl-0.9.7l-s390-1_slack9.1.tgz: Upgraded to openssl-0.9.7l. This fixes a few security related issues: During the parsing of certain invalid ASN.1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory (CVE-2006-2937). (This issue did not affect OpenSSL versions prior to 0.9.7) Thanks to Dr S. N. Henson of Open Network Security and NISCC. Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack (CVE-2006-2940). Thanks to Dr S. N. Henson of Open Network Security and NISCC. A buffer overflow was discovered in the SSL_get_shared_ciphers() utility function. An attacker could send a list of ciphers to an application that uses this function and overrun a buffer. (CVE-2006-3738) Thanks to Tavis Ormandy and Will Drewry of the Google Security Team. A flaw in the SSLv2 client code was discovered. When a client application used OpenSSL to create an SSLv2 connection to a malicious server, that server could cause the client to crash (CVE-2006-4343). Thanks to Tavis Ormandy and Will Drewry of the Google Security Team. Links to the CVE entries will be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2940 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4343 (* Security fix *) +--------------------------+ Sat Sep 23 21:13:52 EDT 2006 patches/packages/gzip-1.3.5-s390-1_slack9.1.tgz: Upgraded to gzip-1.3.5, and fixed a variety of bugs. Some of the bugs have possible security implications if gzip or its tools are fed a carefully constructed malicious archive. Most of these issues were recently discovered by Tavis Ormandy and the Google Security Team. Thanks to them, and also to the ALT and Owl developers for cleaning up the patch. For further details about the issues fixed, please see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0758 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0988 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4334 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4335 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4336 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4338 (* Security fix *) patches/packages/openssl-0.9.7d-s390-3_slack9.1.tgz: Patched an issue where it is possible to forge certain kinds of RSA signatures. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 patches/packages/openssl-solibs-0.9.7d-s390-3_slack9.1.tgz: Patched an issue where it is possible to forge certain kinds of RSA signatures. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 (* Security fix *) +--------------------------+ Sat Sep 9 22:03:44 EDT 2006 patches/packages/bind-9.2.6_P1-s390-1_slack9.1.tgz Upgraded to bind-9.2.6-P1 This update addresses a denial of service vulnerability. BIND's CHANGES file says this: 2066. [security] Handle SIG queries gracefully. [RT #16300] The best discussion I've found is in FreeBSD's advisory, so here's a link: http://security.FreeBSD.org/advisories/FreeBSD-SA-06:20.bind.asc Also, fixed some missing man pages. (noticed by Xavier Thomassin -- thanks) (* Security fix *) patches/packages/bootshell-1.3-s390-2.tgz: Rebuilt bootshell as static, not dynamic. If your /usr file system isn't available, you still want to be able to log in to your system so you can fix it. ;) +--------------------------+ Sun Aug 27 14:22:38 EDT 2006 patches/packages/gnupg-1.4.5-s390-1_slack9.1.tgz: Upgraded to gnupg-1.4.5. From the gnupg-1.4.5 NEWS file: * Fixed 2 more possible memory allocation attacks. They are similar to the problem we fixed with 1.4.4. This bug can easily be be exploited for a DoS; remote code execution is not entirely impossible. (* Security fix *) patches/packages/libtiff-3.8.2-s390-1_slack9.1.tgz: Patched vulnerabilities in libtiff which were found by Tavis Ormandy of the Google Security Team. These issues could be used to crash programs linked to libtiff or possibly to execute code as the program's user. A low risk command-line overflow in tiffsplit was also patched. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465 (* Security fix *) +--------------------------+ Sat Jul 29 13:49:39 EDT 2006 patches/packages/apache-1.3.37-s390-1_slack9.1.tgz: Upgraded to apache-1.3.37. From the announcement on httpd.apache.org: This version of Apache is security fix release only. An off-by-one flaw exists in the Rewrite module, mod_rewrite, as shipped with Apache 1.3 since 1.3.28, 2.0 since 2.0.46, and 2.2 since 2.2.0. The Slackware Security Team feels that the vast majority of installations will not be configured in a vulnerable way but still suggests upgrading to the new apache and mod_ssl packages for maximum security. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3747 And see Apache's announcement here: http://www.apache.org/dist/httpd/Announcement1.3.html (* Security fix *) patches/packages/mod_ssl-2.8.28_1.3.37-s390-1_slack9.1.tgz: Upgraded to mod_ssl-2.8.28-1.3.37. patches/packages/mutt-1.4.2.2i-s390-1_slack9.1.tgz: Upgraded to mutt-1.4.2.2i. This release fixes CVE-2006-3242, a buffer overflow that could be triggered by a malicious IMAP server. [Connecting to malicious IMAP servers must be common, right? -- Ed.] For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 (* Security fix *) +--------------------------+ Sun Jul 2 15:09:59 EDT 2006 patches/packages/gnupg-1.4.4-s390-1_slack9.1.tgz: This version fixes a memory allocation issue that could allow an attacker to crash GnuPG creating a denial-of-service. The CVE entry for this issue may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 +--------------------------+ Thu Jun 15 13:21:48 EDT 2006 patches/packages/sendmail-8.13.7-s390-1_slack9.1.tgz: Upgraded to sendmail-8.13.7. Fixes a potential denial of service problem caused by excessive recursion leading to stack exhaustion when attempting delivery of a malformed MIME message. This crashes sendmail's queue processing daemon, which in turn can lead to two problems: depending on the settings, these crashed processes may create coredumps which could fill a drive partition; and such a malformed message in the queue will cause queue processing to cease when the message is reached, causing messages that are later in the queue to not be processed. Sendmail's complete advisory may be found here: http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc Sendmail has also provided an FAQ about this issue: http://www.sendmail.com/security/advisories/SA-200605-01/faq.shtml The CVE entry for this issue may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173 (* Security fix *) patches/packages/sendmail-cf-8.13.7-s390-1_slack9.1.tgz: Upgraded to sendmail-8.13.7 configs. +--------------------------+ Fri Jun 9 18:52:15 EDT 2006 patches/packages/apache-1.3.35-s390-2_slack9.1.tgz: Upgraded to apache-1.3.35. From the official announcement: Of particular note is that 1.3.35 addresses and fixes 1 potential security issue: CVE-2005-3352 (cve.mitre.org) mod_imap: Escape untrusted referer header before outputting in HTML to avoid potential cross-site scripting. Change also made to ap_escape_html so we escape quotes. Reported by JPCERT For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 (* Security fix *) patches/packages/mod_ssl-2.8.26_1.3.35-s390-1_slack9.1.tgz: Upgraded to mod_ssl-2.8.26-1.3.35. This is an updated version designed for Apache 1.3.35. patches/packages/mysql-4.0.27-s390-1_slack9.1.tgz: Upgraded to mysql-4.0.27. This fixes some minor security issues with possible information leakage. Note that the information leakage bugs require that the attacker have access to an account on the database. Also note that by default, Slackware's rc.mysqld script does *not* allow access to the database through the outside network (it uses the --skip-networking option). If you've enabled network access to MySQL, it is a good idea to filter the port (3306) to prevent access from unauthorized machines. For more details, see the MySQL 4.0.27 release announcement here: http://lists.mysql.com/announce/359 For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517 (* Security fix *) +--------------------------+ Sun Apr 2 11:57:00 EDT 2006 patches/packages/fetchmail-6.3.2-s390-1.tgz: Upgraded to fetchmail-6.3.2. Presumably this replaces all the known security problems with a batch of new unknown ones. (fetchmail is improving, really ;-) For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4348 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0321 (* Security fix *) patches/packages/gnupg-1.4.2.2-s390-1.tgz: Upgraded to gnupg-1.4.2.2. There have been two security related issues reported recently with GnuPG. From the GnuPG 1.4.2.1 and 1.4.2.2 NEWS files: Noteworthy changes in version 1.4.2.2 (2006-03-08) * Files containing several signed messages are not allowed any longer as there is no clean way to report the status of such files back to the caller. To partly revert to the old behaviour the new option --allow-multisig-verification may be used. Noteworthy changes in version 1.4.2.1 (2006-02-14) * Security fix for a verification weakness in gpgv. Some input could lead to gpgv exiting with 0 even if the detached signature file did not carry any signature. This is not as fatal as it might seem because the suggestion as always been not to rely on th exit code but to parse the --status-fd messages. However it is likely that gpgv is used in that simplified way and thus we do this release. Same problem with "gpg --verify" but nobody should have used this for signature verification without checking the status codes anyway. Thanks to the taviso from Gentoo for reporting this problem. (* Security fix *) patches/packages/openssh-4.3p1-s390-1.tgz: Upgraded to openssh-4.3p1. This fixes a security issue when using scp to copy files that could cause commands embedded in filenames to be executed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225 (* Security fix *) patches/packages/sendmail-8.13.6-s390-1.tgz: Upgraded to sendmail-8.13.6. This new version of sendmail contains a fix for a security problem discovered by Mark Dowd of ISS X-Force. From sendmail's advisory: Sendmail was notified by security researchers at ISS that, under some specific timing conditions, this vulnerability may permit a specifically crafted attack to take over the sendmail MTA process, allowing remote attackers to execute commands and run arbitrary programs on the system running the MTA, affecting email delivery, or tampering with other programs and data on this system. Sendmail is not aware of any public exploit code for this vulnerability. This connection-oriented vulnerability does not occur in the normal course of sending and receiving email. It is only triggered when specific conditions are created through SMTP connection layer commands. Sendmail's complete advisory may be found here: http://www.sendmail.com/company/advisory/index.shtml The CVE entry for this issue may be found here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058 (* Security fix *) patches/packages/sendmail-cf-8.13.6-s390-1.tgz: Upgraded to sendmail-8.13.6 configuration files. patches/packages/sudo-1.6.8p12-s390-1.tgz: Upgraded to sudo-1.6.8p12. This fixes an issue where a user able to run a Python script through sudo may be able to gain root access. IMHO, running any kind of scripting language from sudo is still not safe... For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0151 (* Security fix *) patches/packages/xpdf-3.01-s390-3.tgz: Recompiled with xpdf-3.01pl2.patch to fix integer and heap overflows in xpdf triggered by malformed PDF files. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301 (* Security fix *) +--------------------------+ Mon Dec 19 13:56:00 EST 2005 patches/packages/apache-1.3.34-s390-1.tgz: Upgraded to apache-1.3.34. Fixes this minor security bug: "If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks." (* Security fix *) patches/packages/curl-7.10.7-s390-2.tgz: Patched. This addresses a buffer overflow in libcurl's NTLM function that could have possible security implications. For more details, see: http://curl.haxx.se/docs/security.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185 (* Security fix *) patches/packages/elm-2.5.8-s390-1.tgz: Upgraded to elm2.5.8. This fixes a buffer overflow in the parsing of the Expires header that could be used to execute arbitrary code as the user running Elm. Thanks to Ulf Harnhammar for finding the bug and reminding me to get out updated packages to address the issue. A reference to the original advisory: http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0688.html patches/packages/imapd-4.64-s390-1.tgz: Upgraded to imapd-4.64. A buffer overflow was reported in the mail_valid_net_parse_work function. However, this function in the c-client library does not appear to be called from anywhere in imapd. iDefense states that the issue is of LOW risk to sites that allow users shell access, and LOW-MODERATE risk to other servers. I believe it's possible that it is of NIL risk if the function is indeed dead code to imapd, but draw your own conclusions... (* Security fix *) patches/packages/koffice-1.2.1-s390-2.tgz: Patched. Fixes a buffer overflow in KWord's RTF import discovered by Chris Evans. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2971 (* Security fix *) patches/packages/lynx-2.8.5rel.5-s390-1.tgz: Upgraded to lynx-2.8.5rel.5. Fixes an issue where the handling of Asian characters when using lynx to connect to an NNTP server (is this a common use?) could result in a buffer overflow causing the execution of arbitrary code. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3120 (* Security fix *) patches/packages/mod_ssl-2.8.25_1.3.34-s390-1.tgz: Upgraded to mod_ssl-2.8.25-1.3.34. patches/packages/pine-4.64-s390-1.tgz: Upgraded to pine-4.64. patches/packages/wget-1.10.2-s390-1.tgz: Upgraded to wget-1.10.2. This addresses a buffer overflow in wget's NTLM handling function that could have possible security implications. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185 (* Security fix *) +--------------------------+ Mon Dec 19 03:20:00 EST 2005 patches/packages/dhcpcd-1.3.22pl4-s390-2.tgz: Patched an issue where a remote attacker can cause dhcpcd to crash. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1848 (* Security fix *) patches/packages/gaim-1.5.0-s390-1.tgz: Upgraded to gaim-1.5.0. This fixes some more security issues. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2103 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2102 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2370 (* Security fix *) patches/packages/openssl-0.9.7d-s390-2.tgz: Patched. Fixed a vulnerability that could, in rare circumstances, allow an attacker acting as a "man in the middle" to force a client and a server to negotiate the SSL 2.0 protocol (which is known to be weak) even if these parties both support SSL 3.0 or TLS 1.0. For more details, see: http://www.openssl.org/news/secadv_20051011.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2969 (* Security fix *) patches/packages/openssl-solibs-0.9.7d-s390-2.tgz: Patched. (* Security fix *) patches/packages/pcre-6.3-s390-1.tgz: Upgraded to pcre-6.3. This fixes a buffer overflow that could be triggered by the processing of a specially crafted regular expression. Theoretically this could be a security issue if regular expressions are accepted from untrusted users to be processed by a user with greater privileges, but this doesn't seem like a common scenario (or, for that matter, a good idea). However, if you are using an application that links to the shared PCRE library and accepts outside input in such a manner, you will want to update to this new package. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 (* Security fix *) patches/packages/ Relinked with the system PCRE library, as the builtin library has a buffer overflow that could be triggered by the processing of a specially crafted regular expression. Note that this change requires the pcre package to be installed. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 (* Security fix *) Upgraded PEAR::XMLRPC to version 1.4.0, which eliminates the use of the insecure eval() function. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498 (* Security fix *) patches/packages/tcpip-0.17-s390-2.tgz: Changed to a cleaner telnet patch borrowed from OpenBSD. Two people, both using Slackware 9.1, informed me that the previous patch for telnet was causing a segfault when used with short hostnames from /etc/hosts (such as localhost). If anyone is having a similar problem with other versions of Slackware, let me know. Thanks to Dragan Simic for telling me about the improved patch. patches/packages/util-linux-2.12-s390-2.tgz: Patched an issue with umount where if the umount failed when the '-r' option was used, the filesystem would be remounted read-only but without any extra flags specified in /etc/fstab. This could allow an ordinary user able to mount a floppy or CD (but with nosuid, noexec, nodev, etc in /etc/fstab) to run a setuid binary from removable media and gain root privileges. Reported to BugTraq by David Watson: http://www.securityfocus.com/archive/1/410333 (* Security fix *) patches/packages/xine-lib-1rc4-s390-2.tgz: Patched xine-lib-1-rc4. This fixes a format string bug where an attacker, if able to upload malicious information to a CDDB server and then get a local user to play a certain audio CD, may be able to run arbitrary code on the machine as the user running the xine-lib linked application. For more information, see: http://xinehq.de/index.php/security/XSA-2005-1 (* Security fix *) +--------------------------+ Tue Aug 9 00:30:00 EDT 2005 patches/packages/gaim-1.3.1-s390-1.tgz: Upgraded to gaim-1.3.1 and gaim-encryption-2.38. This fixes a couple of remote crash bugs, so users of the MSN and Yahoo! chat protocols should upgrade to gaim-1.3.1. (* Security fix *) +--------------------------+ Sat Aug 6 19:30:00 EDT 2005 patches/packages/fetchmail-6.2.5.2-s390-1.tgz: Upgraded to fetchmail-6.2.5.2. This fixes an overflow by which malicious or compromised POP3 servers may overflow fetchmail's stack. For more information, see: http://fetchmail.berlios.de/fetchmail-SA-2005-01.txt (* Security fix *) patches/packages/php-4.3.11-s390-2.tgz: Upgraded PEAR XML_RPC class. This new PHP package fixes a PEAR XML_RPC vulnerability. Sites that use this PEAR class should upgrade to the new PHP package, or as a minimal fix may instead upgrade the XML_RPC PEAR class with the following command: pear upgrade XML_RPC (* Security fix *) patches/packages/sudo-1.6.8p9-s390-1.tgz: Upgraded to sudo-1.6.8p9. This new version of Sudo fixes a race condition in command pathname handling that could allow a user with Sudo privileges to run arbitrary commands. For full details, see the Sudo site: http://www.courtesan.com/sudo/alerts/path_race.html (* Security fix *) patches/packages/tcpdump-3.9.3-s390-1.tgz: Upgraded to libpcap-0.9.3 and tcpdump-3.9.3. This fixes an issue where an invalid BGP packet can cause tcpdump to go into an infinate loop, effectively disabling network monitoring. (* Security fix *) patches/packages/xv-3.10a-s390-2.tgz: Upgraded to the latest XV jumbo patches, xv-3.10a-jumbo-fix-patch-20050410 and xv-3.10a-jumbo-enh-patch-20050501. These fix a number of format string and other possible security issues in addition to providing many other bugfixes and enhancements. (Thanks to Greg Roelofs) (* Security fix *) +--------------------------+ Wed Aug 3 20:41:00 EDT 2005 patches/packages/infozip-5.52-s390-1.tgz: Upgraded to unzip552.tar.gz and zip231.tar.gz. These fix some buffer overruns if deep directory paths are packed into a Zip archive which could be a security vulnerability (for example, in a case of automated archiving or backups that use Zip). However, it also appears that these now use certain assembly instructions that might not be available on older CPUs, so if you have an older machine you may wish to take this into account before deciding whether you should upgrade. (* Security fix *) +--------------------------+ Tue Aug 2 00:20:00 EDT 2005 patches/packages/cvs-1.11.20-s390-1.tgz: Upgraded to cvs-1.11.20. From cvshome.org: "This version fixes many minor security issues in the CVS server executable including a potentially serious buffer overflow vulnerability with no known exploit. We recommend this upgrade for all CVS servers!" For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0753 (* Security fix *) patches/packages/python-2.3.5-s390-1.tgz: Upgraded to python-2.3.5. From the python.org site: "The Python development team has discovered a flaw in the SimpleXMLRPCServer library module which can give remote attackers access to internals of the registered object or its module or possibly other modules. The flaw only affects Python XML-RPC servers that use the register_instance() method to register an object without a _dispatch() method. Servers using only register_function() are not affected." For more details, see: http://python.org/security/PSF-2005-001/ (* Security fix *) patches/packages/python-demo-2.3.5-noarch-1.tgz: Upgraded to python-2.3.5 demos. patches/packages/python-tools-2.3.5-noarch-1.tgz: Upgraded to python-2.3.5 tools. +--------------------------+ Sun Apr 10 18:30:37 EDT 2005 patches/packages/php-4.3.11-s390-1.tgz: Upgraded to php-4.3.11. "This is a maintenance release that in addition to over 70 non-critical bug fixes addresses several security issues inside the exif and fbsql extensions as well as the unserialize(), swf_definepoly() and getimagesize() functions." (* Security fix *) +--------------------------+ Thu Mar 31 22:47:47 EST 2005 patches/packages/gaim-1.2.0-s390-1.tgz: Upgraded to gaim-1.2.0 and gaim-encryption-2.36 (compiled against mozilla-1.4.4). patches/packages/mozilla-1.4.4-s390-1.tgz: Upgraded to mozilla-1.4.4. Fixes some security issues. Please see mozilla.org for a complete list. (* Security fix *) patches/packages/mozilla-plugins-1.4.4-noarch-1.tgz: Adjusted plugin symlinks for Mozilla 1.4.4. +--------------------------+ Tue Nov 9 21:59:16 EST 2004 patches/packages/apache-1.3.33-s390-1.tgz: Upgraded to apache-1.3.33. This fixes one new security issue (the first issue, CAN-2004-0492, was fixed in apache-1.3.32). The second bug fixed in 1.3.3 (CAN-2004-0940) allows a local user who can create SSI documents to become "nobody". The amount of mischief they could cause as nobody seems low at first glance, but it might allow them to use kill or killall as nobody to try to create a DoS. (* Security fix *) patches/packages/libtiff-3.5.7-s390-2.tgz: Patched several bugs that could lead to crashes, or could possibly allow arbitrary code to be executed. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0804 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0886 (* Security fix *) patches/packages/mod_ssl-2.8.22_1.3.33-s390-1.tgz: Upgraded to mod_ssl-2.8.22_1.3.33. +--------------------------+ Thu Oct 28 23:52:27 EDT 2004 patches/packages/apache-1.3.32-s390-1.tgz: Upgraded to apache-1.3.32. This addresses a heap-based buffer overflow in mod_proxy by rejecting responses from a remote server with a negative Content-Length. The flaw could crash the Apache child process, or possibly allow code to be executed as the Apache user (but only if mod_proxy is actually in use on the server). For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0492 (* Security fix *) patches/packages/mod_ssl-2.8.21_1.3.32-s390-1.tgz: Upgraded to mod_ssl-2.8.21-1.3.32. Don't allow clients to bypass cipher requirements, possibly negotiating a connection that the server does not consider secure enough. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0885 (* Security fix *) patches/packages/php-4.3.9-s390-1.tgz: Upgraded to php-4.3.9. +--------------------------+ Sun Oct 24 01:29:46 EDT 2004 patches/packages/gaim-1.0.2-s390-1.tgz: Upgraded to gaim-1.0.2 and gaim-encryption-2.32. A buffer overflow in the MSN protocol handler for GAIM 0.79 to 1.0.1 allows remote attackers to cause a denial of service (application crash) and may allow the execution of arbitrary code. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0891 (* Security fix *) +--------------------------+ Wed Oct 13 14:56:33 EDT 2004 patches/packages/rsync-2.6.3-s390-1.tgz: Upgraded to rsync-2.6.3. From the rsync NEWS file: A bug in the sanitize_path routine (which affects a non-chrooted rsync daemon) could allow a user to craft a pathname that would get transformed into an absolute path for certain options (but not for file-transfer names). If you're running an rsync daemon with chroot disabled, *please upgrade*, ESPECIALLY if the user privs you run rsync under is anything above "nobody". Note that rsync, in daemon mode, sets the "use chroot" to true by default, and (in this default mode) is not vulnerable to this issue. I would strongly recommend against setting "use chroot" to false even if you've upgraded to this new package. (* Security fix *) +--------------------------+ Mon Oct 4 17:01:13 EDT 2004 patches/packages/getmail-3.2.5-s390-1.tgz: Upgraded to getmail-3.2.5. Earlier versions contained a local security flaw when used in an insecure fashion (surprise, running something as root that writes to user-controlled files or directories could allow the old symlink attack to clobber system files! :-) From the getmail CHANGELOG: This vulnerability is not exploitable if the administrator does not deliver mail to the maildirs/mbox files of untrusted local users, or if getmail is configured to use an external unprivileged MDA. This vulnerability is not remotely exploitable. Most users would not use getmail in such as way as to be vulnerable to this flaw, but if your site does this package closes the hole. Note that getmail-3.2.5 refuses to deliver mail as root, so using getmail in this way will not be possible. Either run it as the user that owns the target mailbox, or (in the case of root) deliver through an external MDA. Getmail-4 does not have this restriction, but it requires a newer version of python... (* Security fix *) +--------------------------+ Mon Sep 20 18:53:18 EDT 2004 patches/packages/cups-1.1.21-s390-1.tgz: Upgraded to cups-1.1.21. This fixes a flaw where a remote attacker can crash the CUPS server causing a denial of service. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0558 (* Security fix *) +--------------------------+ Wed Sep 8 00:37:56 EDT 2004 patches/packages/packages/kdebase-3.1.4-s390-2.tgz: Patched frame injection vulnerability in Konqueror. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 (* Security fix *) patches/packages/packages/kdelibs-3.1.4-s390-2.tgz: Patched unsafe temporary directory usage, cross-domain cookie injection vulnerability for certain country specific domains, and frame injection vulnerability in Konqueror. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746 (* Security fix *) +--------------------------+ Fri Aug 27 16:49:33 EDT 2004 patches/packages/gaim-0.82.1-s390-1.tgz: Upgraded to gaim-0.82.1 and gaim-encryption-2.30. Fixes several security issues: Content-length DOS (malloc error) (no CAN ID on this one) MSN strncpy buffer overflow (CAN-2004-0500) Groupware message receive integer overflow (CAN-2004-0754) Smiley theme installation lack of escaping (CAN-2004-0784) RTF message buffer overflow, Local hostname resolution buffer overflow, URL decode buffer overflow (these 3 are CAN-2004-0785) For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0754 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0785 (* Security fix *) +--------------------------+ Wed Aug 25 15:47:06 EDT 2004 patches/packages/qt-3.2.1-s390-2.tgz: Patched bugs in the image loading routines which could be used by an attacker to run unauthorized code or create a denial-of-service. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0692 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0693 (* Security fix *) +--------------------------+ Wed Aug 11 20:43:19 EDT 2004 patches/packages/mozilla-1.4.3-s390-1.tgz: Upgraded to Mozilla 1.4.3. Unfortunately, this breaks both Galeon and Epiphany and there are no new versions that will work with this Mozilla along with the Slackware 9.1 version of GNOME. Sorry about that. This fixes a ton of security issues. If you want to find out about all of them, here are the URLs find out more: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0718 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0722 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0757 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0758 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0759 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0760 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0761 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0762 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0763 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0764 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0765 (* Security fix *) patches/packages/mozilla-plugins-1.4.3-noarch-1.tgz: Updated symlinks to use /usr/lib/mozilla-1.4.3/. +--------------------------+ Sun Aug 8 23:13:45 EDT 2004 patches/packages/imagemagick-5.5.7_25-s390-1.tgz: Upgraded to ImageMagick-5.5.7_25. Fixes PNG security issues. (* Security fix *) patches/packages/libpng-1.2.5-s390-2.tgz: Patched possible security issues including buffer and integer overflows and null pointer references. These issues could cause program crashes, or possibly allow arbitrary code embedded in a malicious PNG image to execute. The PNG library is widely used within the system, so all sites should upgrade to the new libpng package. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0597 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0598 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0599 (* Security fix *) patches/packages/sox-12.17.4-s390-2.tgz: Patched buffer overflows that could allow a malicious WAV file to execute arbitrary code. (* Security fix *) +--------------------------+ Mon Jul 26 12:59:03 EDT 2004 patches/packages/mod_ssl-2.8.19_1.3.31-s390-1.tgz: Upgraded to mod_ssl-2.8.19-1.3.31. This fixes a security hole (ssl_log() related format string vulnerability in mod_proxy hook functions), so sites using mod_ssl should upgrade to the new version. Be sure to back up your existing key files first. (* Security fix *) patches/packages/samba-2.2.10-s390-1.tgz: Upgraded to samba-2.2.10. A buffer overrun has been located in the code used to support the 'mangling method = hash' smb.conf option. Affected Samba 2.2 installations can avoid this possible security bug by using the hash2 mangling method. Server installations requiring the hash mangling method are encouraged to upgrade to Samba v2.2.10 or v3.0.5. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0686 (* Security fix *) +--------------------------+ Wed Jul 21 14:42:45 EDT 2004 patches/packages/php-4.3.8-s390-1.tgz: Upgraded to php-4.3.8. This release fixes two security problems in PHP (memory_limit handling and a problem in the strip_tags function). Sites using PHP should upgrade. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595 (* Security fix *) +--------------------------+ Tue Jun 15 02:11:41 PDT 2004 patches/packages/kernel-ide-2.4.26-i486-3.tgz: Patched local DoS (CAN-2004-0554). Without this patch to asm-i386/i387.h a local user can crash the kernel. (* Security fix *) patches/packages/kernel-source-2.4.26-noarch-2.tgz: Patched local DoS (CAN-2004-0554). The new patch can be found here, too: patches/source/kernel-source/CAN-2004-0554.i387.fnclex.diff.gz (* Security fix *) patches/kernels/*: Patched local DoS (CAN-2004-0554). (* Security fix *) +--------------------------+ Wed Jun 9 11:35:15 PDT 2004 patches/packages/cvs-1.11.17-i486-1.tgz: Upgraded to cvs-1.11.17. From the cvs NEWS file: * Thanks to Stefan Esser & Sebastian Krahmer, several potential security problems have been fixed. The ones which were considered dangerous enough to catalogue were assigned issue numbers CAN-2004-0416, CAN-2004-0417, & CAN-2004-0418 by the Common Vulnerabilities and Exposures Project. Please see for more information. * A potential buffer overflow vulnerability in the server has been fixed. This addresses the Common Vulnerabilities and Exposures Project's issue CAN-2004-0414. Please see for more information. (* Security fix *) +--------------------------+ Wed Jun 2 11:28:17 PDT 2004 patches/packages/apache-1.3.31-i486-1.tgz: Upgraded to apache-1.3.31, needed to use the new mod_ssl. If /usr/sbin/apachectl is a link to mod_ssl's apachectl, do not replace it. patches/packages/mod_ssl-2.8.18_1.3.31-i486-1.tgz: Upgraded to mod_ssl-2.8.18-1.3.31. This fixes a buffer overflow that may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN, if mod_ssl is configured to trust the issuing CA: *) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation if the Subject-DN in the client certificate exceeds 6KB in length. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0488 (* Security fix *) Other changes: Make the sample keys .new so as not to overwrite existing server keys. However, any existing mod_ssl package will have these listed as non-config files, and will still remove and replace these upon upgrade. You'll have to save your config files one more time... sorry). patches/packages/php-4.3.6-i486-1.tgz: Upgraded to php-4.3.6. This is compiled with c-client.a in /usr/local/lib/c-client/ to fix a problem in previous php packages where linking against the library in a path under /tmp caused an ELF rpath to this location to be built into the PHP binaries. A local attacker could (by placing shared libraries in this location) either crash PHP or cause arbitrary code to be executed as the PHP user (typically "nobody"). Thanks to Bryce Nichols for discovering this issue and bringing it to my attention. (* Security fix *) +--------------------------+ Mon May 31 16:42:50 PDT 2004 patches/packages/mc-4.6.0-i486-4.tgz: Patched to fix some problems with hotkeys and php syntax parsing that were caused by the recent changes. +--------------------------+ Wed May 19 14:16:32 PDT 2004 patches/packages/cvs-1.11.16-i486-1.tgz: Upgraded to cvs-1.11.16. From the NEWS file: A potential buffer overflow vulnerability in the server has been fixed. Prior to this patch, a malicious client could potentially use carefully crafted server requests to run arbitrary programs on the CVS server machine. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0396 (* Security fix *) +--------------------------+ Mon May 17 19:31:12 PDT 2004 patches/packages/kdelibs-3.1.4-i486-2.tgz: Patched URI security issues. According to www.kde.org: The telnet, rlogin, ssh and mailto URI handlers in KDE do not check for '-' at the beginning of the hostname passed, which makes it possible to pass an option to the programs started by the handlers. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0411 (* Security fix *) +--------------------------+ Fri May 14 15:11:37 PDT 2004 patches/packages/mc-4.6.0-i486-2.tgz: Patched to fix buffer overflow, format string, and temporary file creation vulnerabilities found by Andrew V. Samoilov and Pavel Roskin. These could lead to a denial of service or the execution of arbitrary code as the user running mc. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0231 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0232 (* Security fix *) +--------------------------+ Wed May 12 13:06:39 PDT 2004 patches/packages/apache-1.3.29-i486-2.tgz: Patched four security issues in the Apache web server as noted on http://httpd.apache.org. These security fixes were backported from Apache 1.3.31: In mod_digest, verify whether the nonce returned in the client response is one we issued ourselves. This problem does not affect mod_auth_digest. (CAN-2003-0987) Escape arbitrary data before writing into the errorlog. (CAN-2003-0020) Fix starvation issue on listening sockets where a short-lived connection on a rarely-accessed listening socket will cause a child to hold the accept mutex and block out new connections until another connection arrives on that rarely-accessed listening socket. (CAN-2004-0174) Fix parsing of Allow/Deny rules using IP addresses without a netmask; issue is only known to affect big-endian 64-bit platforms (CAN-2003-0993) For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0987 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0020 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0174 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0993 (* Security fix *) +--------------------------+ Tue May 4 13:11:26 PDT 2004 patches/packages/bin-8.5.0-i486-2.tgz: Fixed buffer overflows and directory traversal vulnerabilities in the 'lha' archive utility. Sites using 'lha' should upgrade to the new bin package right away. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0234 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0235 (* Security fix *) Upgraded to dosfstools-2.10. +--------------------------+ Sun May 2 17:16:41 PDT 2004 patches/packages/libpng-1.2.5-i486-2.tgz: Patched a problem where libpng may access memory that is out of bounds when creating an error message, possibly crashing libpng and creating a denial of service. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0421 (* Security fix *) patches/packages/rsync-2.6.2-i486-1.tgz: Upgraded to rsync-2.6.2. Rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, allowing remote attackers to write files outside of the module's path. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0426 (* Security fix *) patches/packages/sysklogd-1.4.1-i486-9.tgz: Patched a bug which could allow a user to cause syslogd to write to unallocated memory and crash. Thanks to Steve Grubb for finding the bug, and Solar Designer for refining the patch. (* Security fix *) patches/packages/xine-lib-1rc4-i686-1.tgz: Upgraded to xine-lib-1-rc4. This fixes an exploit possible when playing Real RTSP streams. For more details, see: http://www.xinehq.de/index.php/security/XSA-2004-3 (* Security fix *) +--------------------------+ Wed Apr 28 10:19:51 PDT 2004 patches/packages/kernel-ide-2.4.26-i486-2.tgz: The first version of this package included one of the old 2.4.22 kernels by mistake. Thanks to the many people who pointed out this error. Sorry! (* Security fix *) +--------------------------+ Tue Apr 27 15:25:29 PDT 2004 patches/packages/alsa-driver-0.9.8-i486-3.tgz: Recompiled for Linux 2.4.26. patches/packages/hotplug-2004_01_05-noarch-1.tgz: This adds bugfixes for using a 2.6.x kernel, and adds the broken via-ircc module to the hotplug blacklist. Note that upgrading the package will not replace an existing blacklist, but as far as I can tell there are no ill effects from trying to load via-ircc other than the ugly mess on the screen at boot time. patches/packages/kernel-ide-2.4.26-i486-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernel-headers-2.4.26-i386-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernel-modules-2.4.26-i486-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernel-source-2.4.26-noarch-1.tgz: Upgraded to Linux 2.4.26. patches/packages/kernels/*: Upgraded to Linux 2.4.26. These 2.4.26 kernel upgrades fix: an overflow in ip_setsockopt() [CAN-2004-0424] a flaw in do_fork() that could lead to a DoS an (unexploitable) overflow in panic() [CAN-2004-0394] For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0394 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0424 (* Security fix *) +--------------------------+ Tue Apr 20 19:01:58 PDT 2004 patches/packages/xine-lib-1rc3c-i686-1.tgz: Upgraded to xine-lib-1-rc3c. This release fixes a security problem where opening a malicious MRL could write to system (or other) files. For detailed information, see: http://www.xinehq.de/index.php/security/XSA-2004-1 Thanks to Dario Nicodemi for the heads-up on this advisory. (* Security fix *) patches/packages/xine-ui-0.99.1-i686-1.tgz: Upgraded to xine-ui-0.99.1, which fixes a similar MRL security issue. For details, see: http://www.xinehq.de/index.php/security/XSA-2004-2 Thanks again to Dario Nicodemi. (* Security fix *) +--------------------------+ Mon Apr 19 13:51:01 PDT 2004 patches/packages/utempter-1.1.1-i486-1.tgz: Upgraded to libutempter-1.1.1 (this is a new version written by Dmitry V. Levin of ALT Linux). This upgrade fixes a low-level security issue in utempter-0.5.2 where utempter could possibly be tricked into writing through a symlink, and is a cleaner implementation all-around. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0233 (* Security fix *) +--------------------------+ Sat Apr 17 14:09:23 PDT 2004 patches/packages/cvs-1.11.15-i486-1.tgz: Upgraded to cvs-1.11.15. Fixes two security problems (server creating arbitrary files on a client machine, and client viewing files outside of the CVS repository). For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0180 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0405 (* Security fix *) +--------------------------+ Sat Apr 17 11:03:35 PDT 2004 patches/packages/tcpdump-3.8.3-i486-1.tgz: Upgraded to tcpdump-3.8.3 and libpcap-0.8.3. This fixes a couple minor bugs that shouldn't affect 32-bit ix86 Slackware, but we might as well have the latest. According to www.tcpdump.org: TCPDUMP version 3.8.3 has been released as of March 30, 2004. 3.8.3 is identical to 3.8.2, but the version number has been incremented to match libpcap. LIBPCAP version 0.8.3 has been released as of March 30, 2004. 0.8.3 fixes a minor problem with gencode.c on 64-bit architectures. It also carries the correct version numbers. +--------------------------+ Tue Mar 30 22:16:38 PST 2004 patches/packages/tcpdump-3.8.2-i486-1.tgz: Upgraded to tcpdump-3.8.2 and libpcap-0.8.2. Fixes denial-of-service security issues. For more details, see: http://www.rapid7.com/advisories/R7-0017.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0183 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0184 (* Security fix *) patches/packages/kernel-headers-2.4.24-i386-1.tgz: Added. +--------------------------+ Wed Mar 17 14:41:42 PST 2004 patches/packages/openssl-0.9.7d-i486-1.tgz: Upgraded to openssl-0.9.7d. patches/packages/openssl-solibs-0.9.7d-i486-1.tgz: Upgraded to openssl-0.9.7d. This fixes two potential denial-of-service issues in earlier versions of OpenSSL. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0079 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0112 (* Security fix *) +--------------------------+ Wed Feb 18 03:44:42 PST 2004 patches/kernels/: Recompiled to fix another bounds-checking error in the kernel mremap() code. (this is not the same issue that was fixed on Jan 6) This bug could be used by a local attacker to gain root privileges. Sites should upgrade to a new kernel. After installing the new kernel, be sure to run 'lilo'. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0077 Thanks to Paul Starzetz for finding and researching this issue. (* Security fix *) patches/packages/kernel-ide-2.4.24-i486-2.tgz: Patched, recompiled. (* Security fix *) patches/packages/kernel-source-2.4.24-noarch-2.tgz: Patched the kernel source with a fix for the mremap() problem from Solar Designer, and updated the Speakup driver (not pre-applied). (* Security fix *) patches/packages/metamail-2.7-i486-2.tgz: Patched two format string bugs and two buffer overflows in metamail which could lead to unauthorized code execution. Thanks to Ulf Härnhammar for discovering these problems and providing a patch. (* Security fix *) +--------------------------+ Thu Feb 12 10:00:37 PST 2004 patches/packages/mutt-1.4.2i-i486-1.tgz: Upgraded to mutt-1.4.2i. This fixes an overflow that is a potential security hole. Here's the information from www.mutt.org: "Mutt 1.4.2 was released on February 11, 2004. This version fixes a buffer overflow that can be triggered by incoming messages. There are reports about spam that has actually triggered this problem and crashed mutt. It is recommended that users of mutt versions prior to 1.4.2 upgrade to this version, or apply the patch included below." (* Security fix *) patches/packages/xfree86-4.3.0-i486-6.tgz: Patched to fix buffer overflow problems with the parsing of 'font.alias' files that could allow unauthorized code execution. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0083 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0106 (* Security fix *) +--------------------------+ Mon Jan 26 15:27:17 PST 2004 patches/packages/gaim-0.75-i486-1.tgz: Upgraded to gaim-0.75 and patched 12 overflows that can allow remote compromise. All GAIM users should upgrade. (* Security fix *) +--------------------------+ Wed Jan 14 11:58:58 PST 2004 patches/packages/inn-2.4.1-i486-1.tgz: Upgraded to inn-2.4.1. From the inn-2.4.1 NEWS file: * SECURITY: Handle the special filing of control messages into per-type newsgroups more robust. This closes a potentially exploitable buffer overflow. Thanks to Dan Riley for his excellent bug report. (* Security fix *) patches/packages/kdepim-3.1.4-i486-2.tgz: Recompiled with security patch post-3.1.4-kdepim-kfile-plugins.diff. From the KDE advisory: The KDE team has found a buffer overflow in the file information reader of VCF files. A carefully crafted .VCF file potentially enables local attackers to compromise the privacy of a victim's data or execute arbitrary commands with the victim's privileges. By default, file information reading is disabled for remote files. However, if previews are enabled for remote files, remote attackers may be able to compromise the victim's account. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0988 (* Security fix *) +--------------------------+ Thu Jan 8 13:31:49 PST 2004 patches/packages/j2sdk-1_4_2_03-i586-1.tgz: Upgraded to Java(TM) 2 Software Development Kit Standard Edition, Version 1.4.2_03. Among other fixes, this updates the Verisign root certificates which expired yesterday in the version of Java shipped in Slackware 9.1. Thanks to Dominik L. Borkowski for the heads-up. :-) +--------------------------+ Tue Jan 6 15:01:54 PST 2004 patches/kernels/: Upgraded to Linux 2.4.24. This fixes a bounds-checking problem in the kernel's mremap() call which could be used by a local attacker to gain root privileges. Sites should upgrade to the 2.4.24 kernel and kernel modules. After installing the new kernel, be sure to run 'lilo'. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0985 Thanks to Paul Starzetz for finding and researching this issue. (* Security fix *) patches/packages/alsa-driver-0.9.8-i486-2.tgz: Recompiled against linux-2.4.24. patches/packages/cvs-1.11.11-i486-1.tgz: Upgraded to cvs-1.11.11. This version enforces greater security. Changes include pserver refusing to run as root, and logging attempts to exploit the security hole fixed in 1.11.10 in the syslog. patches/packages/kernel-ide-2.4.24-i486-1.tgz: Upgraded bare.i kernel package to Linux 2.4.24. patches/packages/kernel-modules-2.4.24-i486-1.tgz: Upgraded to Linux 2.4.24 kernel modules. patches/packages/kernel-source-2.4.24-noarch-1.tgz: Upgraded to Linux 2.4.24 kernel source, with XFS and Speakup patches included (but not pre-applied). This uses the XFS and Speakup patches for 2.4.23, which should be fine since 2.4.24 didn't change much code. Proper XFS patches for 2.4.24 will probably be out soon to fix the one Makefile rejection for EXTRAVERSION = -xfs, but likely little else will be different since XFS development has already gone ahead to what is now the 2.4.25-pre kernel series. patches/packages/kernel-modules-xfs/alsa-driver-xfs-0.9.8-i486-2.tgz: Recompiled against linux-2.4.24-xfs. patches/packages/kernel-modules-xfs/kernel-modules-xfs-2.4.24-i486-1.tgz: Upgraded to Linux 2.4.24 kernel modules for the xfs.s (XFS patched) kernel. +--------------------------+ Fri Dec 12 11:12:05 PST 2003 patches/packages/lftp-2.6.10-i486-1.tgz: Upgraded to lftp-2.6.10. According to the NEWS file, this includes "security fixes in html parsing code" which could cause a compromise when using lftp to access an untrusted site. (* Security fix *) +--------------------------+ Thu Dec 11 12:29:30 PST 2003 patches/packages/cvs-1.11.10-i486-1.tgz: Upgraded to cvs-1.11.10. From the NEWS file: SERVER SECURITY ISSUES * Malformed module requests could cause the CVS server to attempt to create directories and possibly files at the root of the filesystem holding the CVS repository. Filesystem permissions usually prevent the creation of these misplaced directories, but nevertheless, the CVS server now rejects the malformed requests. (* Security fix *) +--------------------------+ Sat Dec 6 15:39:32 PST 2003 patches/packages/lesstif-0.93.94-i486-1.tgz: Upgraded to lesstif-0.93.94. This should be a more stable version (thanks to Andrea Comerlati, who reported a crash with xmgrace compiled against lesstif-0.93.91). +--------------------------+ Wed Dec 3 22:18:35 PST 2003 patches/packages/rsync-2.5.7-i486-1.tgz: Upgraded to rsync-2.5.7. From the rsync-2.5.7-NEWS file: SECURITY: * Fix buffer handling bugs. (Andrew Tridgell, Martin Pool, Paul Russell, Andrea Barisani) The vulnerability affects sites running rsync in daemon mode (rsync servers). These sites should be upgraded immediately. (* Security fix *) +--------------------------+ Tue Dec 2 12:40:30 PST 2003 patches/packages/gnupg-1.2.3-i486-2.tgz: Removed support for ElGamal keys, since an implementation error has caused many of these to be easily compromised. Any existing sign+encrypt ElGamal keys should be revoked (and you'll need to use your existing gpg to do that). Fortunately, ElGamal is not used by default in GnuPG, is not widely used, and was never a popular choice because it produced larger signatures and was more costly to encrypt/decrypt than other choices. If you've been using ElGamal, you will need to select a new key cipher type for your replacement key (my suggestion would be to go with the GnuPG default). (* Security fix *) +--------------------------+ Mon Dec 1 21:36:30 PST 2003 patches/kernels/: Upgraded to Linux 2.4.23. This fixes a bug in the kernel's do_brk() function which a local user could exploit to gain root privileges. For more details, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0961 Sites should upgrade to the 2.4.23 kernel and kernel modules. After installing the new kernel, be sure to run 'lilo'. (* Security fix *) patches/packages/alsa-driver-0.9.8-i486-1.tgz: Upgraded to alsa-driver-0.9.8, compiled against linux-2.4.23. patches/packages/alsa-lib-0.9.8-i486-1.tgz: Upgraded to alsa-lib-0.9.8. patches/packages/alsa-oss-0.9.8-i486-1.tgz: Upgraded to alsa-oss-0.9.8. patches/packages/alsa-utils-0.9.8-i486-1.tgz: Upgraded to alsa-utils-0.9.8. patches/packages/kernel-ide-2.4.23-i486-1.tgz: Upgraded bare.i kernel package to Linux 2.4.23. patches/packages/kernel-modules-2.4.23-i486-1.tgz: Upgraded to Linux 2.4.23 kernel modules. patches/packages/kernel-source-2.4.23-noarch-2.tgz: Upgraded to Linux 2.4.23 kernel source, with XFS and Speakup patches included (but not pre-applied). patches/packages/kernel-modules-xfs/alsa-driver-xfs-0.9.8-i486-1.tgz: Upgraded to alsa-driver-0.9.8, compiled against linux-2.4.23-xfs. patches/packages/kernel-modules-xfs/kernel-modules-xfs-2.4.23-i486-1.tgz: Upgraded to Linux 2.4.23 kernel modules for the xfs.s (XFS patched) kernel. +--------------------------+ Mon Nov 3 20:06:29 PST 2003 patches/packages/apache-1.3.29-i486-1.tgz: Upgraded to apache-1.3.29. This fixes the following local security issue: o CAN-2003-0542 (cve.mitre.org) Fix buffer overflows in mod_alias and mod_rewrite which occurred if one configured a regular expression with more than 9 captures. This vulnerability requires the attacker to create or modify certain Apache configuration files, and is not a remote hole. However, it could possibly be used to gain additional privileges if access to the Apache administrator account can be gained through some other means. All sites running Apache should upgrade. (* Security fix *) patches/packages/mod_ssl-2.8.16_1.3.29-i486-1.tgz: Upgraded to mod_ssl-2.8.16_1.3.29. +--------------------------+ Wed Oct 22 12:10:11 PDT 2003 patches/packages/fetchmail-6.2.5-i486-1.tgz: Upgraded to fetchmail-6.2.5. This fixes a security issue where a specially crafted message could cause fetchmail to crash, preventing the user from retrieving email. (* Security fix *) patches/packages/gdm-2.4.4.5-i486-1.tgz: Upgraded to gdm-2.4.4.5. This fixes a bug which can allow a local user to crash gdm, preventing access until the machine is rebooted. (* Security fix *) +--------------------------+ Sun Oct 12 13:01:53 PDT 2003 patches/packages/rpm-4.2.1-i486-2.tgz: Fixed /var/tmp with wrong (only writable by root) permissions. RPM really shouldn't have installed its own /var/tmp anyway, but now it needs to be corrected before it can be removed. Thanks to Denis A. Kaledin for reporting this permissions bug. +--------------------------+ Wed Oct 8 13:17:01 PDT 2003 patches/packages/gstreamer-0.6.3-i486-3.tgz: This adds appropriate installation scripts to make sure that gst-register is run. This builds the /var/lib/cache/gstreamer-0.6/registry.xml database which is needed for applications using the gstreamer framework to function correctly. Installing this updated package will run gst-register for you (or you can simply run it yourself as root). Thanks to Eugenia Loli-Queru for the bug report. patches/packages/rpm-4.2.1-i486-1.tgz: Upgraded to rpm-4.2.1. This fixes problems with the version of RPM shipped with Slackware 9.1. After the release, it was discovered that attempting to install packages with RPM would cause it to segfault, and that recompiling that version of RPM produced a broken binary unable to build SRPMs (this had been discovered previously, and was the reason RPM had been compiled statically; unfortunately the static binary quit working for unknown reasons). The 4.1.x series seems to have the same problems with SRPM building not working (an incompatibility with glibc-2.3.2, perhaps?), but the 4.2.1 version has been tested and found to work. +--------------------------+ Wed Oct 1 16:57:53 PDT 2003 patches/packages/openssl-solibs-0.9.7c-i486-2.tgz: Rebuilt. patches/packages/openssl-0.9.7c-i486-2.tgz: Some minor bugs in the 0.9.7c release caused a few manpages to be incorrectly installed, as well as /usr/lib/pkgconfig to be chmoded 644 (which will lead to problems compiling things). These problems are fixed in our -2 build. Thanks to Frédéric L. W. Meunier and Mark Post for the bug reports. +--------------------------+ Tue Sep 30 16:16:35 PDT 2003 patches/packages/openssl-0.9.7c-i486-1.tgz: Upgraded to OpenSSL 0.9.7c. patches/packages/openssl-solibs-0.9.7c-i486-1.tgz: Upgraded to OpenSSL 0.9.7c. This update fixes problems with OpenSSL's ASN.1 parsing which could lead to a denial of service. It is not known whether the problems could lead to the running of malicious code on the server, but it has not been ruled out. For detailed information, see OpenSSL's security advisory: http://www.openssl.org/news/secadv_20030930.txt We recommend sites that use OpenSSL upgrade to the fixed packages right away. (* Security fix *) +--------------------------+