pidgin (SSA:2011-178-01)

June 28, 2011 Slackware Security Team
Descargar artículo en formato PDF

[slackware-security] pidgin (SSA:2011-178-01)

New pidgin packages are available for Slackware 12.2, 13.0, 13.1, 13.37,
and -current to fix a security issue.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/pidgin-2.9.0-i486-1_slack13.37.txz: Upgraded.
Fixed a remote denial of service. A remote attacker could set a specially
crafted GIF file as their buddy icon causing vulerable versions of pidgin
to crash due to excessive memory use.
For more information, see:
http://pidgin.im/news/security/?id=52
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2485
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/pidgin-2.9.0-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/pidgin-2.9.0-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/pidgin-2.9.0-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/pidgin-2.9.0-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/pidgin-2.9.0-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/pidgin-2.9.0-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/pidgin-2.9.0-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/pidgin-2.9.0-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/pidgin-2.9.0-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 12.2 package:
fc1a92d8fcce2b11d3eea747255aadd5 pidgin-2.9.0-i486-1_slack12.2.tgz

Slackware 13.0 package:
4523a538f5c1f6dbc267a05c3f0c3d39 pidgin-2.9.0-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
b10d74b33d814f41bb3e7e3a65013d83 pidgin-2.9.0-x86_64-1_slack13.0.txz

Slackware 13.1 package:
815fe39274fea0b7618dee8465be5b09 pidgin-2.9.0-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
e7d6da493c76f3898c25590d4ec09490 pidgin-2.9.0-x86_64-1_slack13.1.txz

Slackware 13.37 package:
276ab5a94fad246d9120c33a396fb484 pidgin-2.9.0-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
6625960c550a8ee6373abb5338c25818 pidgin-2.9.0-x86_64-1_slack13.37.txz

Slackware -current package:
517f9f04054fd5ce1df1e63b5b12811f xap/pidgin-2.9.0-i486-1.txz

Slackware x86_64 -current package:
98d49d72f76fae74eee558a8173ef98a xap/pidgin-2.9.0-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg pidgin-2.9.0-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+————————————————————————+
| To leave the slackware-security mailing list: |
+————————————————————————+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+————————————————————————+
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk4JVWkACgkQakRjwEAQIjPfXQCfdMnHVK3m9IKIR7vcN+9/Qlb3
0NkAnilbAF+m2ov1UJ3WmTL1UoJ284+C
=odOQ
—–END PGP SIGNATURE—–

Slackware-Security , , , , , , , Leave a comment

mozilla-firefox (SSA:2011-174-01)

June 24, 2011 Slackware Security Team
Descargar artículo en formato PDF

[slackware-security] mozilla-firefox (SSA:2011-174-01)

New mozilla-firefox packages are available for Slackware 13.0, 13.1,
13.37, and -current to fix security issues.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/mozilla-firefox-5.0-i486-1_slack13.37.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/firefox.html
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/mozilla-firefox-3.6.18-i686-1.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/mozilla-firefox-3.6.18-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/mozilla-firefox-3.6.18-i686-1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/mozilla-firefox-3.6.18-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/mozilla-firefox-5.0-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/mozilla-firefox-5.0-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-firefox-5.0-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-firefox-5.0-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 13.0 package:
6bae11a48ff0dbd131535523da47dfa3 mozilla-firefox-3.6.18-i686-1.txz

Slackware x86_64 13.0 package:
9c6b5b65cb74692f8e51e92a9af1b174 mozilla-firefox-3.6.18-x86_64-1_slack13.0.txz

Slackware 13.1 package:
5de7a771024cf248144cc84bf22e6c0b mozilla-firefox-3.6.18-i686-1.txz

Slackware x86_64 13.1 package:
9868ece365ad9c8fb88492e98124e989 mozilla-firefox-3.6.18-x86_64-1_slack13.1.txz

Slackware 13.37 package:
0f44d12d4cab622f99c20025090cc344 mozilla-firefox-5.0-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
cd7eb8f9e363e10026b1ecfa88a927b1 mozilla-firefox-5.0-x86_64-1_slack13.37.txz

Slackware -current package:
082655c72f19e52b4d6b97881d3b4388 xap/mozilla-firefox-5.0-i486-1.txz

Slackware x86_64 -current package:
a9dd701bf34e6141b386530ad38d4292 xap/mozilla-firefox-5.0-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg mozilla-firefox-5.0-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+————————————————————————+
| To leave the slackware-security mailing list: |
+————————————————————————+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+————————————————————————+
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk4EBSMACgkQakRjwEAQIjMwHwCfSJ6RGhyqjlfcuGfui6zU9luK
+nQAniMYu/CkNbxvCIyKZExZGJhBAa0z
=HW74
—–END PGP SIGNATURE—–

Slackware-Security , , , , , , , Leave a comment

fetchmail (SSA:2011-171-01)

June 20, 2011 Slackware Security Team
Descargar artículo en formato PDF

[slackware-security] fetchmail (SSA:2011-171-01)

New fetchmail packages are available for Slackware 8.1, 9.0, 9.1, 10.0,
10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current
to fix a security issue.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/fetchmail-6.3.20-i486-1_slack13.37.txz: Upgraded.
This release fixes a denial of service in STARTTLS protocol phases.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1947
http://www.fetchmail.info/fetchmail-SA-2011-01.txt
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/fetchmail-6.3.20-i386-1_slack8.1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/fetchmail-6.3.20-i386-1_slack9.0.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/fetchmail-6.3.20-i486-1_slack9.1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/fetchmail-6.3.20-i486-1_slack10.0.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/fetchmail-6.3.20-i486-1_slack10.1.tgz

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/fetchmail-6.3.20-i486-1_slack10.2.tgz

Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/fetchmail-6.3.20-i486-1_slack11.0.tgz

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/fetchmail-6.3.20-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/fetchmail-6.3.20-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/fetchmail-6.3.20-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/fetchmail-6.3.20-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/fetchmail-6.3.20-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/fetchmail-6.3.20-i486-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/fetchmail-6.3.20-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/fetchmail-6.3.20-x86_64-1_slack13.1.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/fetchmail-6.3.20-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/fetchmail-6.3.20-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/fetchmail-6.3.20-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 8.1 package:
ed020b7bf1a553e92092664a495adf17 fetchmail-6.3.20-i386-1_slack8.1.tgz

Slackware 9.0 package:
2aba52a35229d979a472d121bb7c2339 fetchmail-6.3.20-i386-1_slack9.0.tgz

Slackware 9.1 package:
d58750a18677fa0fa63efc47dd8cd4e5 fetchmail-6.3.20-i486-1_slack9.1.tgz

Slackware 10.0 package:
d9944ebd68c0300b494cd0b278b1eaec fetchmail-6.3.20-i486-1_slack10.0.tgz

Slackware 10.1 package:
5fddac4a8afdcbeba13703f94f98003f fetchmail-6.3.20-i486-1_slack10.1.tgz

Slackware 10.2 package:
8abf48200bedc5897bde83c3e9bd58a6 fetchmail-6.3.20-i486-1_slack10.2.tgz

Slackware 11.0 package:
cea9c8de9094ac4a899a6d2ba53ffcbb fetchmail-6.3.20-i486-1_slack11.0.tgz

Slackware 12.0 package:
b0558f407456fbadf58f6b3f18f87ce9 fetchmail-6.3.20-i486-1_slack12.0.tgz

Slackware 12.1 package:
e0bc2ae10534550cd862a1ff7e95b784 fetchmail-6.3.20-i486-1_slack12.1.tgz

Slackware 12.2 package:
39e2505382098cccae8ca52a835f8e36 fetchmail-6.3.20-i486-1_slack12.2.tgz

Slackware 13.0 package:
569fb0ca5a8d849eb3ca2af344737a6a fetchmail-6.3.20-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
5f913ce96a9bf2d8ac819a11f028fafe fetchmail-6.3.20-x86_64-1_slack13.0.txz

Slackware 13.1 package:
6b5e9308b587e49af7b300c99d5d6289 fetchmail-6.3.20-i486-1_slack13.1.txz

Slackware 13.37 package:
bf124b737550c50bba8cdb3312c994b3 fetchmail-6.3.20-i486-1_slack13.37.txz

Slackware x86_64 13.1 package:
ae05ca4a125ce8e69c0852bfc32ba5a0 fetchmail-6.3.20-x86_64-1_slack13.1.txz

Slackware x86_64 13.37 package:
8d85bad773a70e37933abc99156eecc8 fetchmail-6.3.20-x86_64-1_slack13.37.txz

Slackware -current package:
39b55e908cf0424d2dc36107873d46d8 n/fetchmail-6.3.20-i486-1.txz

Slackware x86_64 -current package:
45f75a0df71ec1a20eae45e955bc1068 n/fetchmail-6.3.20-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg fetchmail-6.3.20-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+————————————————————————+
| To leave the slackware-security mailing list: |
+————————————————————————+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+————————————————————————+
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk3/dc8ACgkQakRjwEAQIjMl4QCePcA9lcwoVQ10Fk40WdUDCFki
KcAAn03ptahx0E/cO4Y30tGaZOK7Cc7t
=nYGz
—–END PGP SIGNATURE—–

Slackware-Security , , , , , , , Leave a comment

bind (SSA:2011-147-01)

May 27, 2011 Slackware Security Team
Descargar artículo en formato PDF

[slackware-security] bind (SSA:2011-147-01)

New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2,
11.0, 12.0, 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix security issues.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/bind-9.7.3_P1-i486-1_slack13.37.txz: Upgraded.
This release fixes security issues:
* A large RRSET from a remote authoritative server that results in
the recursive resolver trying to negatively cache the response can
hit an off by one code error in named, resulting in named crashing.
[RT #24650] [CVE-2011-1910]
* Zones that have a DS record in the parent zone but are also listed
in a DLV and won’t validate without DLV could fail to validate. [RT
#24631]
For more information, see:
http://www.isc.org/software/bind/advisories/cve-2011-1910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1910
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/bind-9.4_ESV_R4_P1-i386-1_slack8.1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/bind-9.4_ESV_R4_P1-i386-1_slack9.0.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack9.1.tgz

Updated package for Slackware 10.0:
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack10.0.tgz

Updated package for Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack10.1.tgz

Updated package for Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack10.2.tgz

Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack11.0.tgz

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.4_ESV_R4_P1-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.4_ESV_R4_P1-i486-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.7.3_P1-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.4_ESV_R4_P1-x86_64-1_slack13.1.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.7.3_P1-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.7.3_P1-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.7.3_P1-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 8.1 package:
8aa76355e5ce1432688a18f2fe354533 bind-9.4_ESV_R4_P1-i386-1_slack8.1.tgz

Slackware 9.0 package:
8ef7d9bd5dab0da250a505c4e5836095 bind-9.4_ESV_R4_P1-i386-1_slack9.0.tgz

Slackware 9.1 package:
a85a3d84d502a4523259783636bd95d1 bind-9.4_ESV_R4_P1-i486-1_slack9.1.tgz

Slackware 10.0 package:
52ebf11a85312213a8aac6a7d47e7366 bind-9.4_ESV_R4_P1-i486-1_slack10.0.tgz

Slackware 10.1 package:
53f8132077bd77fb818b402030d10ff8 bind-9.4_ESV_R4_P1-i486-1_slack10.1.tgz

Slackware 10.2 package:
75f1f4be1eb53356bf0375d06cb94e8e bind-9.4_ESV_R4_P1-i486-1_slack10.2.tgz

Slackware 11.0 package:
0064358785c0d118600d75a58005a944 bind-9.4_ESV_R4_P1-i486-1_slack11.0.tgz

Slackware 12.0 package:
152ca0eb0b0e1e16a3d4fc6de1b4fa11 bind-9.4_ESV_R4_P1-i486-1_slack12.0.tgz

Slackware 12.1 package:
6162c65c46f3e52de36c19d1ebe880d1 bind-9.4_ESV_R4_P1-i486-1_slack12.1.tgz

Slackware 12.2 package:
82441358f2653c2b6c8feebe4274c8de bind-9.4_ESV_R4_P1-i486-1_slack12.2.tgz

Slackware 13.0 package:
697e60fcdf95e468a9c51beefc444992 bind-9.4_ESV_R4_P1-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
322abb43ddd20aabccaa2bfa2433aa9c bind-9.4_ESV_R4_P1-x86_64-1_slack13.0.txz

Slackware 13.1 package:
d7d4386738483088b4ef6d6f72f18478 bind-9.4_ESV_R4_P1-i486-1_slack13.1.txz

Slackware 13.37 package:
98dccb44c9193d8e8392e28db9cdca5d bind-9.7.3_P1-i486-1_slack13.37.txz

Slackware x86_64 13.1 package:
a7faea792671b6a60c7a386907b8e143 bind-9.4_ESV_R4_P1-x86_64-1_slack13.1.txz

Slackware x86_64 13.37 package:
58c7dd0fc47d0e0eeeb2e6a3663a8507 bind-9.7.3_P1-x86_64-1_slack13.37.txz

Slackware -current package:
b720d39eee93e2681532a6db509c3fd8 n/bind-9.7.3_P1-i486-1.txz

Slackware x86_64 -current package:
9ffcbc127fb1bfa67b75b77ceba123a9 n/bind-9.7.3_P1-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg bind-9.7.3_P1-i486-1_slack13.37.txz

Then, restart the name server:

# /etc/rc.d/rc.bind restart

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+————————————————————————+
| To leave the slackware-security mailing list: |
+————————————————————————+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+————————————————————————+
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk3gNwgACgkQakRjwEAQIjPMpwCfUuXaixmpqxnLM6y5YdzG3Vm8
fJMAnjcBWGgw6REGS3lrLTUDZMWQXs85
=Zmm3
—–END PGP SIGNATURE—–

Slackware-Security , , , , , , , 1 Comment

httpd (SSA:2011-145-02)

May 25, 2011 Slackware Security Team
Descargar artículo en formato PDF

[slackware-security] httpd (SSA:2011-145-02)

New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1,
13.37, and -current to fix accidental ABI breakage caused by httpd-2.2.18.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/httpd-2.2.19-i486-1_slack13.37.txz: Upgraded.
Revert ABI breakage in 2.2.18 caused by the function signature change
of ap_unescape_url_keep2f(). This release restores the signature from
2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
Apache httpd-2.2.18 is considered abandoned. All users must upgrade.
+————————–+

Where to find the new packages:
+—————————–+

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/httpd-2.2.19-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/httpd-2.2.19-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/httpd-2.2.19-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/httpd-2.2.19-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/httpd-2.2.19-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/httpd-2.2.19-i486-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/httpd-2.2.19-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/httpd-2.2.19-x86_64-1_slack13.1.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/httpd-2.2.19-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.2.19-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/httpd-2.2.19-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 12.0 package:
390545a63786ce48dabac271307d8e91 httpd-2.2.19-i486-1_slack12.0.tgz

Slackware 12.1 package:
9a033f2c378816cec179947b26a43b3b httpd-2.2.19-i486-1_slack12.1.tgz

Slackware 12.2 package:
dc503a2e86da7e2ebe88620f49318d07 httpd-2.2.19-i486-1_slack12.2.tgz

Slackware 13.0 package:
0605d648aedc564607cbfa619a4d5648 httpd-2.2.19-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
24badd3802df48e4f153f52be1b9f4d4 httpd-2.2.19-x86_64-1_slack13.0.txz

Slackware 13.1 package:
1a5c7e9a1c4de170d0876f0517d7eff0 httpd-2.2.19-i486-1_slack13.1.txz

Slackware 13.37 package:
11e0bf5494eb823aebe589a2de854efa httpd-2.2.19-i486-1_slack13.37.txz

Slackware x86_64 13.1 package:
84ccfe6186280cb11e2e0e0cfb170d57 httpd-2.2.19-x86_64-1_slack13.1.txz

Slackware x86_64 13.37 package:
48f826cc13c187a08ddb3491706b671d httpd-2.2.19-x86_64-1_slack13.37.txz

Slackware -current package:
ab8137394f625633ba756b4d43a2d7b1 n/httpd-2.2.19-i486-1.txz

Slackware x86_64 -current package:
ade8d482a468d3d58e41fd98b093f7b2 n/httpd-2.2.19-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg httpd-2.2.19-i486-1_slack13.37.txz

Then, restart Apache httpd:

# /etc/rc.d/rc.httpd stop
# /etc/rc.d/rc.httpd start

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+————————————————————————+
| To leave the slackware-security mailing list: |
+————————————————————————+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+————————————————————————+
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk3ddE4ACgkQakRjwEAQIjMuGgCfb4f1Hdv6VcTQNt0kuE3X/nbX
PcYAnjAf4G50EihW9FMB7Rh9IHH2aIwL
=MeMr
—–END PGP SIGNATURE—–

Slackware-Security , , , , , , , Leave a comment

apr/apr-util (SSA:2011-145-01)

May 25, 2011 Slackware Security Team
Descargar artículo en formato PDF

[slackware-security] apr/apr-util (SSA:2011-145-01)

New apr and apr-util packages are available for Slackware 11.0, 12.0, 12.1,
12.2, 13.0, 13.1, 13.37, and -current to fix a security issue in apr and
a crash bug in apr-util.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/apr-1.4.5-i486-1_slack13.37.txz: Upgraded.
This fixes a possible denial of service due to a problem with a loop in
the new apr_fnmatch() implementation consuming CPU.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1928
(* Security fix *)
patches/packages/apr-util-1.3.12-i486-1_slack13.37.txz: Upgraded.
Fix crash because of NULL cleanup registered by apr_ldap_rebind_init().
+————————–+

Where to find the new packages:
+—————————–+

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apr-1.4.5-i486-1_slack11.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apr-util-1.3.12-i486-1_slack11.0.tgz

Updated packages for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/apr-1.4.5-i486-1_slack12.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/apr-util-1.3.12-i486-1_slack12.0.tgz

Updated packages for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/apr-1.4.5-i486-1_slack12.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/apr-util-1.3.12-i486-1_slack12.1.tgz

Updated packages for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/apr-1.4.5-i486-1_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/apr-util-1.3.12-i486-1_slack12.2.tgz

Updated packages for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/apr-1.4.5-i486-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/apr-util-1.3.12-i486-1_slack13.0.txz

Updated packages for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/apr-1.4.5-x86_64-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/apr-util-1.3.12-x86_64-1_slack13.0.txz

Updated packages for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/apr-1.4.5-i486-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/apr-util-1.3.12-i486-1_slack13.1.txz

Updated packages for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/apr-1.4.5-i486-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/apr-util-1.3.12-i486-1_slack13.37.txz

Updated packages for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/apr-1.4.5-x86_64-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/apr-util-1.3.12-x86_64-1_slack13.1.txz

Updated packages for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/apr-1.4.5-x86_64-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/apr-util-1.3.12-x86_64-1_slack13.37.txz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-1.4.5-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-util-1.3.12-i486-1.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-1.4.5-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-util-1.3.12-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 11.0 package:
9a057c739c57c2cf6b28137ec184c1d7 apr-1.4.5-i486-1_slack11.0.tgz
28e6fc4ad6154d5b36fef9bcf2ae3b0d apr-util-1.3.12-i486-1_slack11.0.tgz

Slackware 12.0 package:
ea91c341418d0b6053b72c71ce93467b apr-1.4.5-i486-1_slack12.0.tgz
7ec023aacd371fd64e54756907122cbe apr-util-1.3.12-i486-1_slack12.0.tgz

Slackware 12.1 package:
49be6cd89d47c84379ea30e6249e9d49 apr-1.4.5-i486-1_slack12.1.tgz
10f67a95896a8c84a167302fad5fcdfa apr-util-1.3.12-i486-1_slack12.1.tgz

Slackware 12.2 package:
187f96a16be96fa071657a3c94a1407c apr-1.4.5-i486-1_slack12.2.tgz
77a035ee720d915755ba309b1afcc75d apr-util-1.3.12-i486-1_slack12.2.tgz

Slackware 13.0 package:
48c4b2d5cd4304beaffb0b906267fb3e apr-1.4.5-i486-1_slack13.0.txz
37d6ee4d6d754daf5ef4b4aeea7a8de1 apr-util-1.3.12-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
24fd22fe3bf0470b5e0e6ad6d0de6821 apr-1.4.5-x86_64-1_slack13.0.txz
1b5ef4984af5c1c521a9bbf7f20fd3c7 apr-util-1.3.12-x86_64-1_slack13.0.txz

Slackware 13.1 package:
f19ef60074da3f0ab6bcd322b2bbaf73 apr-1.4.5-i486-1_slack13.1.txz
133980a1c64e0df52281c787cdd6ede0 apr-util-1.3.12-i486-1_slack13.1.txz

Slackware 13.37 package:
cc7dcb9cc1134038b419159424b37439 apr-1.4.5-i486-1_slack13.37.txz
573192de48352460635ee2c450548519 apr-util-1.3.12-i486-1_slack13.37.txz

Slackware x86_64 13.1 package:
e70b9855fad1766253e4450f6116c016 apr-1.4.5-x86_64-1_slack13.1.txz
56181dc8e34bfe60eafde44a0110e577 apr-util-1.3.12-x86_64-1_slack13.1.txz

Slackware x86_64 13.37 package:
a7f1de61bfe9b3cc20e6450cb502cbf5 apr-1.4.5-x86_64-1_slack13.37.txz
3bb4543e87ed8b7be0d52f67343f061a apr-util-1.3.12-x86_64-1_slack13.37.txz

Slackware -current package:
fbf028ab5a37872fb97bde61516082df apr-1.4.5-i486-1.txz
56d207c602e63937544d0cf9ce767826 apr-util-1.3.12-i486-1.txz

Slackware x86_64 -current package:
d5e5b70a662a4f8da87bd6bdefd655c4 apr-1.4.5-x86_64-1.txz
eba8994761fb58e291b0a9d813c078e3 apr-util-1.3.12-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the packages as root:
# upgradepkg apr-1.4.5-i486-1_slack13.37.txz apr-util-1.3.12-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+————————————————————————+
| To leave the slackware-security mailing list: |
+————————————————————————+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+————————————————————————+
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk3ddEwACgkQakRjwEAQIjMAvwCghIamJV2Woq12EftKSe+XmBaC
+64AniYiOhA3iaZwPa1On0QaaKLbEzy4
=Phe+
—–END PGP SIGNATURE—–

Slackware-Security , , , , , , , Leave a comment

httpd (SSA:2011-133-02)

May 14, 2011 Slackware Security Team
Descargar artículo en formato PDF

[slackware-security] httpd (SSA:2011-133-02)

New httpd packages are available for Slackware 12.0, 12.1, 12.2, 13.0, 13.1,
13.37, and -current. These have been compiled against the new versions of
apr and apr-util, which were upgraded to fix a security issue that affects
Apache httpd. It is recommended that all three updates be applied.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/httpd-2.2.18-i486-1_slack13.37.txz: Upgraded.
This is a bug fix release, but since the upgrades to apr/apr-util require at
least an httpd recompile we opted to upgrade to the newest httpd.
+————————–+

Where to find the new packages:
+—————————–+

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/httpd-2.2.18-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/httpd-2.2.18-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/httpd-2.2.18-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/httpd-2.2.18-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/httpd-2.2.18-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/httpd-2.2.18-i486-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/httpd-2.2.18-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/httpd-2.2.18-x86_64-1_slack13.1.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/httpd-2.2.18-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/httpd-2.2.18-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/httpd-2.2.18-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 12.0 package:
b2f41b334ef0afc5967afa2efee634ac httpd-2.2.18-i486-1_slack12.0.tgz

Slackware 12.1 package:
ba2256fa457ade91ecda5f532c497509 httpd-2.2.18-i486-1_slack12.1.tgz

Slackware 12.2 package:
a3a0d6bceba76ff20007b43ac8c57897 httpd-2.2.18-i486-1_slack12.2.tgz

Slackware 13.0 package:
a6b6e23bc14b67e8523d23fec6ae9542 httpd-2.2.18-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
934b891d8400533d7edc0ca0c8f2b3f2 httpd-2.2.18-x86_64-1_slack13.0.txz

Slackware 13.1 package:
9bf416981a53169f037d614840d4b39f httpd-2.2.18-i486-1_slack13.1.txz

Slackware 13.37 package:
52912c8d8efb5ca5088a734af5f376cf httpd-2.2.18-i486-1_slack13.37.txz

Slackware x86_64 13.1 package:
21e916abbd0b0ffefb44a7729387498e httpd-2.2.18-x86_64-1_slack13.1.txz

Slackware x86_64 13.37 package:
aa205d1843be551eb8cd4a7c685142b5 httpd-2.2.18-x86_64-1_slack13.37.txz

Slackware -current package:
f1c1f32019e386afb471823fa93bc78b httpd-2.2.18-i486-1.txz

Slackware x86_64 -current package:
74e28506dd8b21ba4ccbff04920a32a8 httpd-2.2.18-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg httpd-2.2.18-i486-1_slack13.37.txz

Then, restart Apache httpd:

# /etc/rc.d/rc.httpd stop
# /etc/rc.d/rc.httpd start

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+————————————————————————+
| To leave the slackware-security mailing list: |
+————————————————————————+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+————————————————————————+
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk3NltkACgkQakRjwEAQIjNw1wCfeRYY1EBjoIRjTClth0OqoDyc
7FMAn1v+eI4RbwCegYDahpBhJh/w9usa
=8NGu
—–END PGP SIGNATURE—–

Slackware-Security , , , , , , , 1 Comment

apr/apr-util (SSA:2011-133-01)

May 14, 2011 Slackware Security Team
Descargar artículo en formato PDF

[slackware-security] apr/apr-util (SSA:2011-133-01)

New apr and apr-util packages are available for Slackware 11.0, 12.0, 12.1,
12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/apr-1.4.4-i486-1_slack13.37.txz: Upgraded.
This fixes a possible denial of service due to an unconstrained, recursive
invocation of apr_fnmatch(). This function has been reimplemented using a
non-recursive algorithm. Thanks to William Rowe.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0419
(* Security fix *)
patches/packages/apr-util-1.3.11-i486-1_slack13.37.txz: Upgraded.
+————————–+

Where to find the new packages:
+—————————–+

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apr-1.4.4-i486-1_slack11.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/apr-util-1.3.11-i486-1_slack11.0.tgz

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/apr-1.4.4-i486-1_slack12.0.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/apr-util-1.3.11-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/apr-1.4.4-i486-1_slack12.1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/apr-util-1.3.11-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/apr-1.4.4-i486-1_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/apr-util-1.3.11-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/apr-1.4.4-i486-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/apr-util-1.3.11-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/apr-1.4.4-x86_64-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/apr-util-1.3.11-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/apr-1.4.4-i486-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/apr-util-1.3.11-i486-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/apr-1.4.4-i486-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/apr-util-1.3.11-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/apr-1.4.4-x86_64-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/apr-util-1.3.11-x86_64-1_slack13.1.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/apr-1.4.4-x86_64-1_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/apr-util-1.3.11-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-1.4.4-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-util-1.3.11-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-1.4.4-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-util-1.3.11-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 11.0 package:
0b18b21f2709e592f2d829323c8db2bd apr-1.4.4-i486-1_slack11.0.tgz
6313ea5ec365a07c86eaaba2ae5a7696 apr-util-1.3.11-i486-1_slack11.0.tgz

Slackware 12.0 package:
b9b2c76b963a9dcba68c54172dbfd2e8 apr-1.4.4-i486-1_slack12.0.tgz
015ad6f362a378efd18f12cb9ecc7c9d apr-util-1.3.11-i486-1_slack12.0.tgz

Slackware 12.1 package:
9e80da5d7f8f823a2ed9936b3cd0269b apr-1.4.4-i486-1_slack12.1.tgz
00ab57f63b1c30c7cf6cfcea365badb1 apr-util-1.3.11-i486-1_slack12.1.tgz

Slackware 12.2 package:
aee097dbd39db150302d02f86d92609e apr-1.4.4-i486-1_slack12.2.tgz
e61f61b8723bd06da8275e015ea03eac apr-util-1.3.11-i486-1_slack12.2.tgz

Slackware 13.0 package:
023e7e77f01816d92a707546d570ec79 apr-1.4.4-i486-1_slack13.0.txz
e168ac8e42e201c7af87c3fd231ec95f apr-util-1.3.11-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
7343a01be2f8a38118c75aa5133a7958 apr-1.4.4-x86_64-1_slack13.0.txz
458a11c15ed52db5b510c7d1aea065d5 apr-util-1.3.11-x86_64-1_slack13.0.txz

Slackware 13.1 package:
39a284a31204f0572d9e732df2e51c92 apr-1.4.4-i486-1_slack13.1.txz
fd264ef731d61afa627489dec1ed6d37 apr-util-1.3.11-i486-1_slack13.1.txz

Slackware 13.37 package:
2afbb475a8a0e4b5f48d42d2ba49a668 apr-1.4.4-i486-1_slack13.37.txz
a0e0f77943e718f26c448f7da7590406 apr-util-1.3.11-i486-1_slack13.37.txz

Slackware x86_64 13.1 package:
232289470e6486f08f7b9ee3755c055e apr-1.4.4-x86_64-1_slack13.1.txz
777badbae85f141b55b370337967c55c apr-util-1.3.11-x86_64-1_slack13.1.txz

Slackware x86_64 13.37 package:
9a2d329a4cdabb9369e9ed7e78cdffcf apr-1.4.4-x86_64-1_slack13.37.txz
6ba07cc7e5cab3ac648d0012783fe455 apr-util-1.3.11-x86_64-1_slack13.37.txz

Slackware -current package:
4e010ab165a7504563f316db5b0e34ac apr-1.4.4-i486-1.txz
7c4c1d8febf9e51a95b627e6631ea2b2 apr-util-1.3.11-i486-1.txz

Slackware x86_64 -current package:
5707d225f07da633c67773f6cc6d3fd6 apr-1.4.4-x86_64-1.txz
31d3ce32a2e964ab3128804077cdccd0 apr-util-1.3.11-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the packages as root:
# upgradepkg apr-1.4.4-i486-1_slack13.37.txz apr-util-1.3.11-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+————————————————————————+
| To leave the slackware-security mailing list: |
+————————————————————————+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+————————————————————————+
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk3NltYACgkQakRjwEAQIjOUnACbB9llwKkkSgxxbyjtWFOTMFJQ
QgcAnjSSItf5HV5AKy5Aw5n2gWI2cb6u
=+kY4
—–END PGP SIGNATURE—–

Slackware-Security , , , , , , , Leave a comment

seamonkey (SSA:2011-122-03)

May 3, 2011 Slackware Security Team
Descargar artículo en formato PDF

[slackware-security] seamonkey (SSA:2011-122-03)

New seamonkey packages are available for Slackware 12.2, 13.0, and 13.1 to
fix security issues.

Here are the details from the Slackware 13.1 ChangeLog:
+————————–+
patches/packages/seamonkey-2.0.14-i486-1_slack13.1.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/seamonkey20.html
(* Security fix *)
patches/packages/seamonkey-solibs-2.0.14-i486-1_slack13.1.txz: Upgraded.
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/seamonkey-2.0.14-i486-1_slack12.2.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/seamonkey-solibs-2.0.14-i486-1_slack12.2.tgz

Updated packages for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/seamonkey-2.0.14-i486-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/seamonkey-solibs-2.0.14-i486-1_slack13.0.txz

Updated packages for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/seamonkey-2.0.14-x86_64-1_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/seamonkey-solibs-2.0.14-x86_64-1_slack13.0.txz

Updated packages for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/seamonkey-2.0.14-i486-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/seamonkey-solibs-2.0.14-i486-1_slack13.1.txz

Updated packages for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/seamonkey-2.0.14-x86_64-1_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/seamonkey-solibs-2.0.14-x86_64-1_slack13.1.txz

MD5 signatures:
+————-+

Slackware 12.2 packages:
e0c4f43d57b64d614af3bf0e105dc65a seamonkey-2.0.14-i486-1_slack12.2.tgz
3ba1b517181e99556bfba5a1fae2126c seamonkey-solibs-2.0.14-i486-1_slack12.2.tgz

Slackware 13.0 packages:
748ef9f0a30773bd7f317112fc42497e seamonkey-2.0.14-i486-1_slack13.0.txz
e5eb60583356e6d565920e8052b9e037 seamonkey-solibs-2.0.14-i486-1_slack13.0.txz

Slackware x86_64 13.0 packages:
d2c4bb7f5cb6b3fbc48e2f3ce467c0a0 seamonkey-2.0.14-x86_64-1_slack13.0.txz
63e662b75b88ca0bdca9a1f477b566cb seamonkey-solibs-2.0.14-x86_64-1_slack13.0.txz

Slackware 13.1 packages:
9c68ad9015ff2273e55361c82cbbf440 seamonkey-2.0.14-i486-1_slack13.1.txz
09e0d2576c76ecfce829db66d3bf0633 seamonkey-solibs-2.0.14-i486-1_slack13.1.txz

Slackware x86_64 13.1 packages:
307962f494395af71f3a6c7d054f9cc8 seamonkey-2.0.14-x86_64-1_slack13.1.txz
593b116cfebed153f463d5ea5efc926c seamonkey-solibs-2.0.14-x86_64-1_slack13.1.txz

Installation instructions:
+————————+

Upgrade the packages as root:
# upgradepkg seamonkey-2.0.14-i486-1_slack13.1.txz seamonkey-solibs-2.0.14-i486-1_slack13.1.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+————————————————————————+
| To leave the slackware-security mailing list: |
+————————————————————————+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+————————————————————————+
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk2/eNMACgkQakRjwEAQIjOY9QCffG9YhRfUUHCpRN2THxyA39q3
Cn4AnRMrB8u0elcMscA1XfX44ZHZUTov
=wz1k
—–END PGP SIGNATURE—–

Slackware-Security , , , , , , , Leave a comment

mozilla-thunderbird (SSA:2011-122-02)

May 3, 2011 Slackware Security Team
Descargar artículo en formato PDF

[slackware-security] mozilla-thunderbird (SSA:2011-122-02)

New mozilla-thunderbird packages are available for Slackware 13.0, 13.1, 13.37,
and -current to fix security issues.

Here are the details from the Slackware 13.37 ChangeLog:
+————————–+
patches/packages/mozilla-thunderbird-3.1.10-i486-1_slack13.37.txz: Upgraded.
This release contains security fixes and improvements.
For more information, see:
http://www.mozilla.org/security/known-vulnerabilities/thunderbird30.html
(* Security fix *)
+————————–+

Where to find the new packages:
+—————————–+

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/mozilla-thunderbird-3.1.10-i686-1.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/mozilla-thunderbird-3.1.10-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/mozilla-thunderbird-3.1.10-i686-1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/mozilla-thunderbird-3.1.10-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/mozilla-thunderbird-3.1.10-x86_64-1_slack13.1.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/mozilla-thunderbird-3.1.10-x86_64-1_slack13.37.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-3.1.10-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-3.1.10-x86_64-1.txz

MD5 signatures:
+————-+

Slackware 13.0 package:
8f57a64fcd2e12529436039527fc2279 mozilla-thunderbird-3.1.10-i686-1.txz

Slackware x86_64 13.0 package:
881d38737afca2b8e6b45264c1821ad3 mozilla-thunderbird-3.1.10-x86_64-1_slack13.0.txz

Slackware 13.1 package:
77b40c72eddd319d6745fcbdd91aa3f4 mozilla-thunderbird-3.1.10-i686-1.txz

Slackware 13.37 package:
9a9639e06a84bce7b3dbc1a5ecd6efb1 mozilla-thunderbird-3.1.10-i486-1_slack13.37.txz

Slackware x86_64 13.1 package:
a7c7958109306aa39d8c5444cd737619 mozilla-thunderbird-3.1.10-x86_64-1_slack13.1.txz

Slackware x86_64 13.37 package:
34afb21e2a6ae52b259c4bed593934c9 mozilla-thunderbird-3.1.10-x86_64-1_slack13.37.txz

Slackware -current package:
e81afa0618085d087a5e5de3a58166e0 xap/mozilla-thunderbird-3.1.10-i486-1.txz

Slackware x86_64 -current package:
9efaaacd355b87dd93e8b2a65eb7185a xap/mozilla-thunderbird-3.1.10-x86_64-1.txz

Installation instructions:
+————————+

Upgrade the package as root:
# upgradepkg mozilla-thunderbird-3.1.10-i486-1_slack13.37.txz

+—–+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+————————————————————————+
| To leave the slackware-security mailing list: |
+————————————————————————+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+————————————————————————+
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk2/eNAACgkQakRjwEAQIjM03ACeKOqYlnXGw4tnsvn0ftm9XPza
IA8An1g+Lk7zubXaahvqnCd9+CTaKf0C
=KZci
—–END PGP SIGNATURE—–

Slackware-Security , , , , , , , Leave a comment