Säkerhetsuppdatering 17/9 -21
Skriven Av: mdkdio Den: 2021-09-17 19:54:43   

[slackware-security]  httpd (SSA:2021-259-01)

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/httpd-2.4.49-i586-1_slack14.2.txz:  Upgraded.
  This release contains security fixes and improvements.
  mod_proxy: Server Side Request Forgery (SSRF) vulnerabilty [Yann Ylavic]
  core: ap_escape_quotes buffer overflow
  mod_proxy_uwsgi: Out of bound read vulnerability [Yann Ylavic]
  core: null pointer dereference on malformed request
  mod_http2: Request splitting vulnerability with mod_proxy [Stefan Eissing]
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40438
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39275
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36160
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34798
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33193
  (* Security fix *)
+--------------------------+

Kärnor: 5.14.6 RC1 / 5.13.19 RC1 / 5.10.67 RC1
Skriven Av: mdkdio Den: 2021-09-17 08:44:05   

Dags igen...

5.14.6 RC1 med 432 uppdateringar/ändringar sedan 5.14.5

5.13.19 RC1 med 380 uppdateringar/ändringar sedan 5.13.18

5.10.67 RC1 med 306 uppdateringar/ändringar sedan 5.10.66

Kernel 5.14.5 / 5.13.18 / 5.10.66 / 5.4.147
Skriven Av: mdkdio Den: 2021-09-16 18:07:10  
Redigerad: 2021-09-16 18:08:15 av: mdkdio 

Senaste....

5.14.5 ChangeLog
5.13.18 ChangeLog
5.10.66 ChangeLog
5.4.147 ChangeLog

From: Greg Kroah-Hartman
Date: Thu Sep 16 2021 - 07:42:59 EST
............
This, and the other stable kernels released today, consist of only some
reverts to solve some reported problems with the last round of stable
releases. Upgrading is not required, but highly recommended.......

Säkerhetsuppdateringar
Skriven Av: mdkdio Den: 2021-09-16 09:06:00  
Redigerad: 2021-09-17 19:56:12 av: mdkdio 

Säkerhetsuppdateringar:

[slackware-security]  curl (SSA:2021-258-01)

New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/curl-7.79.0-i586-1_slack14.2.txz:  Upgraded.
  This update fixes security issues:
  clear the leftovers pointer when sending succeeds.
  do not ignore --ssl-reqd.
  reject STARTTLS server response pipelining.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22945
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22946
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22947
  (* Security fix *)
+--------------------------+

Kärnor: 5.14.4 / 5.13.17 / 5.10.65 / 5.4.146
Skriven Av: mdkdio Den: 2021-09-13 17:25:19  
Redigerad: 2021-09-16 09:13:26 av: mdkdio 

Och så var det Måndag...

5.14.4 RC1 med 334 uppdateringar/ändringar sedan 5.14.3
5.13.17 RC1 med 300 uppdateringar/ändringar sedan 5.13.16
5.10.65 RC1 med 236 uppdateringar/ändringar sedan 5.10.64
5.4.146 RC1 med 144 uppdateringar/ändringar sedan 5.4.145

Redigerat:

Ovan listade kärnor är nu släppta. Respektive changelog finner du till höger på sidan.

Senaste artikeln är:
Monitorera system-processer och dess resursanvändningar

Info om cookies:
Cookies


RSS resultat...
Håkans Slackware

Till minne av Håkan Nilsson
Mitt Slackware
Appendix Programhantering

Senaste Kernel Versioner
Mainline
5.15-rc1 2021-09-13
Stable
5.14.5 2021-09-16
5.13.18 2021-09-16
Longterm
5.10.66 2021-09-16
5.4.147 2021-09-16
4.19.206 2021-09-03
4.14.246 2021-09-03
4.9.282 2021-09-03
4.4.283 2021-09-03