[slackware-security] vim (SSA:2022-269-02)
New vim packages are available for Slackware 15.0 and -current to fix a security issue.
Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/vim-9.0.0594-i586-1_slack15.0.txz: Upgraded. Fixed stack-based buffer overflow. Thanks to marav for the heads-up. In addition, Mig21 pointed out an issue where the defaults.vim file might need to be edited for some purposes as its contents will override the settings in the system-wide vimrc. Usually this file is replaced whenever vim is upgraded, which in those situations would be inconvenient for the admin. So, I've added support for a file named defaults.vim.custom which (if it exists) will be used instead of the defaults.vim file shipped in the packages and will persist through upgrades.
For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3296
(* Security fix *)
patches/packages/vim-gvim-9.0.0594-i586-1_slack15.0.txz: Upgraded.
+--------------------------+
New dnsmasq packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/dnsmasq-2.87-i586-1_slack15.0.txz: Upgraded.
Fix write-after-free error in DHCPv6 server code.
For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0934
(* Security fix *)
+--------------------------+
What's new in this release:
- Character tables updated to Unicode 15.0.0.
- Wow64 support in the macOS driver.
- Async reader fixes in GStreamer support.
- Various bug fixes (20).
[slackware-security] vim (SSA:2022-266-01)
New vim packages are available for Slackware 15.0 and -current to fix a security issue.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/vim-9.0.0558-i586-1_slack15.0.txz: Upgraded.
Fixed use after free.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3256
(* Security fix *)
patches/packages/vim-gvim-9.0.0558-i586-1_slack15.0.txz: Upgraded.
+--------------------------+
[slackware-security] bind (SSA:2022-264-01)
New bind packages are available for Slackware 15.0 and -current to
fix security issues.
Läs mer...Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/bind-9.16.33-i586-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
Fix memory leak in EdDSA verify processing.
Fix memory leak in ECDSA verify processing.
Fix serve-stale crash that could happen when stale-answer-client-timeout
was set to 0 and there was a stale CNAME in the cache for an incoming query.
Prevent excessive resource use while processing large delegations.
For more information, see:
https://kb.isc.org/docs/cve-2022-38178
https://kb.isc.org/docs/cve-2022-38177
https://kb.isc.org/docs/cve-2022-3080
https://kb.isc.org/docs/cve-2022-2795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795
(* Security fix *)
+--------------------------+
RSS resultat...
Till minne av Håkan Nilsson
Mitt Slackware
Appendix Programhantering